From a06d95c4c20722e4a1c51da9943c52bac2154b41 Mon Sep 17 00:00:00 2001 From: gruebel Date: Mon, 28 Aug 2023 22:47:16 +0200 Subject: [PATCH] extend IAM datastore with lower case values for faster access --- policy_sentry/analysis/expand.py | 19 +- policy_sentry/querying/actions.py | 534 +- policy_sentry/querying/actions_v1.py | 240 + policy_sentry/querying/all.py | 74 +- policy_sentry/querying/all_v1.py | 34 + policy_sentry/querying/arns.py | 92 +- policy_sentry/querying/arns_v1.py | 33 + policy_sentry/querying/conditions.py | 38 +- policy_sentry/shared/awsdocs.py | 15 +- policy_sentry/shared/constants.py | 12 +- policy_sentry/shared/data/iam-definition.json | 653134 ++++++++------- policy_sentry/shared/iam_data.py | 20 +- policy_sentry/writing/sid_group.py | 1 + test/querying/test_query_actions.py | 12 +- 14 files changed, 363294 insertions(+), 290964 deletions(-) create mode 100644 policy_sentry/querying/actions_v1.py create mode 100644 policy_sentry/querying/all_v1.py create mode 100644 policy_sentry/querying/arns_v1.py diff --git a/policy_sentry/analysis/expand.py b/policy_sentry/analysis/expand.py index 55e7a2ed8..0e54c20d1 100644 --- a/policy_sentry/analysis/expand.py +++ b/policy_sentry/analysis/expand.py @@ -1,4 +1,6 @@ """Functions to expand wilcard actions into a full list of actions.""" +from __future__ import annotations + import logging import copy import fnmatch @@ -8,7 +10,7 @@ logger = logging.getLogger(__name__) -def expand(action): +def expand(action: str | list[str]) -> list[str]: """ expand the action wildcards into a full action @@ -26,10 +28,11 @@ def expand(action): expanded_actions.extend(expand(item)) return expanded_actions - if "*" in action: + if action == "*": + return all_actions.copy() + elif "*" in action: expanded = [ expanded_action - # for expanded_action in all_permissions for expanded_action in all_actions if fnmatch.fnmatchcase(expanded_action.lower(), action.lower()) ] @@ -47,7 +50,7 @@ def expand(action): return [action] -def determine_actions_to_expand(action_list): +def determine_actions_to_expand(action_list: list[str]) -> list[str]: """ Determine if an action needs to get expanded from its wildcard @@ -57,13 +60,13 @@ def determine_actions_to_expand(action_list): List: A list of actions """ new_action_list = [] - for action in range(len(action_list)): - if "*" in action_list[action]: - expanded_action = expand(action_list[action]) + for action in action_list: + if "*" in action: + expanded_action = expand(action) new_action_list.extend(expanded_action) else: # If there is no wildcard, copy that action name over to the new_action_list - new_action_list.append(action_list[action]) + new_action_list.append(action) new_action_list.sort() return new_action_list diff --git a/policy_sentry/querying/actions.py b/policy_sentry/querying/actions.py index 3c1227d1c..6ebde7f27 100644 --- a/policy_sentry/querying/actions.py +++ b/policy_sentry/querying/actions.py @@ -2,11 +2,30 @@ Methods that execute specific queries against the database for the ACTIONS table. This supports the Policy Sentry query functionality """ +from __future__ import annotations + import logging import functools -from policy_sentry.shared.iam_data import iam_definition, get_service_prefix_data +from typing import Any + +from policy_sentry.querying.actions_v1 import ( + get_action_data_v1, + get_action_matching_access_level_v1, + get_actions_with_arn_type_and_access_level_v1, + get_actions_matching_arn_type_v1, + get_actions_matching_arn_v1, +) +from policy_sentry.shared.constants import POLICY_SENTRY_SCHEMA_VERSION_V2 +from policy_sentry.shared.iam_data import ( + iam_definition, + get_service_prefix_data, + get_iam_definition_schema_version, +) from policy_sentry.querying.all import get_all_service_prefixes, get_all_actions -from policy_sentry.querying.arns import get_matching_raw_arns, get_resource_type_name_with_raw_arn +from policy_sentry.querying.arns import ( + get_matching_raw_arns, + get_resource_type_name_with_raw_arn, +) from policy_sentry.util.arns import get_service_from_arn all_service_prefixes = get_all_service_prefixes() @@ -14,7 +33,7 @@ @functools.lru_cache(maxsize=1024) -def get_actions_for_service(service_prefix): +def get_actions_for_service(service_prefix: str) -> list[str]: """ Get a list of available actions per AWS service @@ -26,13 +45,14 @@ def get_actions_for_service(service_prefix): service_prefix_data = get_service_prefix_data(service_prefix) results = [] if isinstance(service_prefix_data, dict): - for item in service_prefix_data["privileges"]: - results.append(f"{service_prefix}:{item}") + results = [ + f"{service_prefix}:{item}" for item in service_prefix_data["privileges"] + ] return results @functools.lru_cache(maxsize=1024) -def get_action_data(service, action_name): +def get_action_data(service: str, action_name: str) -> dict[str, list[dict[str, Any]]]: """ Get details about an IAM Action in JSON format. @@ -43,60 +63,107 @@ def get_action_data(service, action_name): Returns: List: A dictionary containing metadata about an IAM Action. """ - results = [] + try: + schema_version = get_iam_definition_schema_version() + if schema_version == POLICY_SENTRY_SCHEMA_VERSION_V2: + return get_action_data_v2(service=service, action_name=action_name) + else: + return get_action_data_v1(service=service, action_name=action_name) + except TypeError as t_e: + logger.debug(t_e) + + return {} + + +def get_action_data_v2(service: str, action_name: str) -> dict[str, list[dict[str, Any]]]: + """ + Get details about an IAM Action in JSON format (v2). + + Arguments: + service: An AWS service prefix, like `s3` or `kms`. Case insensitive. + action_name: The name of an AWS IAM action, like `GetObject`. To get data about all actions in a service, specify "*". Case insensitive. + + Returns: + List: A dictionary containing metadata about an IAM Action. + """ action_data_results = {} try: service_prefix_data = get_service_prefix_data(service) - for this_action_name, this_action_data in service_prefix_data["privileges"].items(): - # Get the baseline conditions and dependent actions - condition_keys = [] - dependent_actions = [] - rows = [] - rows.clear() - if action_name == "*": - # rows = this_action_data["resource_types"] - for resource_type_entry in this_action_data["resource_types"]: - rows.append(this_action_data["resource_types"][resource_type_entry]) - else: - for resource_type_entry in this_action_data["resource_types"]: - if this_action_name.lower() == action_name.lower(): - rows.append(this_action_data["resource_types"][resource_type_entry]) - for row in rows: - # Set default value for if no other matches are found - resource_arn_format = "*" - # Get the dependent actions - if row["dependent_actions"]: - dependent_actions.extend(row["dependent_actions"]) - # Get the condition keys - for service_resource_name, service_resource_data in service_prefix_data["resources"].items(): - if row["resource_type"] == "": - continue - if row["resource_type"].strip("*") == service_resource_data["resource"]: - resource_arn_format = service_resource_data.get("arn", "*") - condition_keys = service_resource_data.get("condition_keys") - break - temp_dict = { - "action": f"{service_prefix_data['prefix']}:{this_action_name}", - "description": this_action_data["description"], - "access_level": this_action_data["access_level"], - "api_documentation_link": this_action_data.get("api_documentation_link"), - "resource_arn_format": resource_arn_format, - "condition_keys": condition_keys, - "dependent_actions": dependent_actions, - } - results.append(temp_dict) - action_data_results[service] = results + if action_name == "*": + results = [] + for this_action_name, this_action_data in service_prefix_data["privileges"].items(): + if this_action_data: + entries = create_action_data_entries( + service_prefix_data=service_prefix_data, + action_name=this_action_name, + action_data=this_action_data, + ) + results.extend(entries) + action_data_results[service] = results + return action_data_results + else: + this_action_name = service_prefix_data["privileges_lower_name"].get(action_name.lower()) + if this_action_name: + this_action_data = service_prefix_data["privileges"][this_action_name] + entries = create_action_data_entries( + service_prefix_data=service_prefix_data, + action_name=this_action_name, + action_data=this_action_data, + ) + action_data_results[service] = entries + return action_data_results except TypeError as t_e: logger.debug(t_e) - if results: - return action_data_results - else: - return False - # raise Exception("Unknown action {}:{}".format(service, action_name)) + return action_data_results + + +def create_action_data_entries( + service_prefix_data: dict[str, Any], action_name: str, action_data: dict[str, Any] +) -> list[dict[str, Any]]: + """ + Creates entries of IAM Action data. + + Arguments: + service_prefix_data: IAM Action metadata of an AWS service + action_name: The name of an AWS IAM action, like `GetObject`. To get data about all actions in a service, specify "*". Case insensitive. + action_data: Metadata of the given IAM Action + Returns: + List: A list of dictionaries containing metadata about an IAM Action. + """ + + results = [] + condition_keys = [] + dependent_actions = [] + for resource_type, resource_type_entry in action_data["resource_types"].items(): + # Set default value for if no other matches are found + resource_arn_format = "*" + # Get the dependent actions + resource_dependent_actions = resource_type_entry["dependent_actions"] + if resource_dependent_actions: + dependent_actions.extend(resource_dependent_actions) + # Get the condition keys + if resource_type: + service_resource_data = service_prefix_data["resources"].get(resource_type) + if service_resource_data: + resource_arn_format = service_resource_data.get("arn", "*") + condition_keys = service_resource_data.get("condition_keys") + + temp_dict = { + "action": f"{service_prefix_data['prefix']}:{action_name}", + "description": action_data["description"], + "access_level": action_data["access_level"], + "api_documentation_link": action_data.get("api_documentation_link"), + "resource_arn_format": resource_arn_format, + "condition_keys": condition_keys, + "dependent_actions": dependent_actions, + } + results.append(temp_dict) + + return results -def get_actions_with_access_level(service_prefix, access_level): +def get_actions_with_access_level(service_prefix: str, access_level: str) -> list[str]: """ Get a list of actions in a service under different access levels. @@ -110,21 +177,25 @@ def get_actions_with_access_level(service_prefix, access_level): results = [] if service_prefix == "all": for some_prefix in all_service_prefixes: - service_prefix_data = get_service_prefix_data(some_prefix) - for action_name, action_data in service_prefix_data["privileges"].items(): - if action_data["access_level"] == access_level: - results.append(f"{some_prefix}:{action_data['privilege']}") + actions = get_actions_with_access_level( + service_prefix=some_prefix, + access_level=access_level, + ) + if actions: + results.extend(actions) else: service_prefix_data = get_service_prefix_data(service_prefix) - for action_name, action_data in service_prefix_data["privileges"].items(): - if action_data["access_level"] == access_level: - results.append(f"{service_prefix}:{action_data['privilege']}") + results = [ + f"{service_prefix}:{action_name}" + for action_name, action_data in service_prefix_data["privileges"].items() + if action_data["access_level"] == access_level + ] return results def get_actions_at_access_level_that_support_wildcard_arns_only( - service_prefix, access_level -): + service_prefix: str, access_level: str +) -> list[str]: """ Get a list of actions at an access level that do not support restricting the action to resource ARNs. Set service to "all" to get a list of actions across all services. @@ -138,29 +209,25 @@ def get_actions_at_access_level_that_support_wildcard_arns_only( results = [] if service_prefix == "all": for some_prefix in all_service_prefixes: - service_prefix_data = get_service_prefix_data(some_prefix) - for action_name, action_data in service_prefix_data["privileges"].items(): - if len(action_data["resource_types"]) == 1: - if ( - action_data["access_level"] == access_level - and action_data["resource_types"].get("") - ): - results.append(f"{some_prefix}:{action_data['privilege']}") + actions = get_actions_at_access_level_that_support_wildcard_arns_only( + service_prefix=some_prefix, + access_level=access_level, + ) + if actions: + results.extend(actions) else: service_prefix_data = get_service_prefix_data(service_prefix) for action_name, action_data in service_prefix_data["privileges"].items(): - if len(action_data["resource_types"]) == 1: - if ( - action_data["access_level"] == access_level - and action_data["resource_types"].get("") - ): - results.append(f"{service_prefix}:{action_data['privilege']}") + if action_data["access_level"] == access_level: + resource_types = action_data["resource_types"] + if len(resource_types) == 1 and "" in resource_types: + results.append(f"{service_prefix}:{action_name}") return results def get_actions_with_arn_type_and_access_level( - service_prefix, resource_type_name, access_level -): + service_prefix: str, resource_type_name: str, access_level: str +) -> list[str]: """ Get a list of actions in a service under different access levels, specific to an ARN format. @@ -171,34 +238,60 @@ def get_actions_with_arn_type_and_access_level( Return: List: A list of actions that have that ARN type and Access level """ - service_prefix_data = get_service_prefix_data(service_prefix) - results = [] - - if resource_type_name == '*': - return get_actions_at_access_level_that_support_wildcard_arns_only(service_prefix, access_level) + if resource_type_name == "*": + return get_actions_at_access_level_that_support_wildcard_arns_only( + service_prefix=service_prefix, access_level=access_level + ) + + schema_version = get_iam_definition_schema_version() + if schema_version == POLICY_SENTRY_SCHEMA_VERSION_V2: + return get_actions_with_arn_type_and_access_level_v2( + service_prefix=service_prefix, + resource_type_name=resource_type_name, + access_level=access_level, + ) + + return get_actions_with_arn_type_and_access_level_v1( + service_prefix=service_prefix, + resource_type_name=resource_type_name, + access_level=access_level, + ) + + +def get_actions_with_arn_type_and_access_level_v2( + service_prefix: str, resource_type_name: str, access_level: str +) -> list[str]: + """ + Get a list of actions in a service under different access levels, specific to an ARN format (v2). + Arguments: + service_prefix: A single AWS service prefix, like `s3` or `kms` + resource_type_name: The ARN type name, like `bucket` or `key` + access_level: Access level like "Read" or "List" or "Permissions management" + Return: + List: A list of actions that have that ARN type and Access level + """ + results = [] if service_prefix == "all": for some_prefix in all_service_prefixes: - service_prefix_data = get_service_prefix_data(some_prefix) - for action_name, action_data in service_prefix_data["privileges"].items(): - if action_data["access_level"] == access_level: - for resource_name, resource_data in action_data["resource_types"].items(): - this_resource_type = resource_data["resource_type"].strip("*") - if this_resource_type.lower() == resource_type_name.lower(): - results.append(f"{service_prefix}:{action_data['privilege']}") - break + actions = get_actions_with_arn_type_and_access_level( + service_prefix=some_prefix, + resource_type_name=resource_type_name, + access_level=access_level, + ) + if actions: + results.extend(actions) else: + service_prefix_data = get_service_prefix_data(service_prefix) for action_name, action_data in service_prefix_data["privileges"].items(): if action_data["access_level"] == access_level: - for resource_name, resource_data in action_data["resource_types"].items(): - this_resource_type = resource_data["resource_type"].strip("*") - if this_resource_type.lower() == resource_type_name.lower(): - results.append(f"{service_prefix}:{action_data['privilege']}") - break + if resource_type_name.lower() in action_data["resource_types_lower_name"]: + results.append(f"{service_prefix}:{action_name}") + return results -def get_actions_that_support_wildcard_arns_only(service_prefix): +def get_actions_that_support_wildcard_arns_only(service_prefix: str) -> list[str]: """ Get a list of actions that do not support restricting the action to resource ARNs. Set service to "all" to get a list of actions across all services. @@ -212,23 +305,23 @@ def get_actions_that_support_wildcard_arns_only(service_prefix): results = [] if service_prefix == "all": for some_prefix in all_service_prefixes: - service_prefix_data = get_service_prefix_data(some_prefix) - for action_name, action_data in service_prefix_data["privileges"].items(): - if len(action_data["resource_types"].keys()) == 1: - for resource_type in action_data["resource_types"]: - if resource_type == '': - results.append(f"{some_prefix}:{action_name}") + actions = get_actions_that_support_wildcard_arns_only( + service_prefix=some_prefix, + ) + if actions: + results.extend(actions) else: service_prefix_data = get_service_prefix_data(service_prefix) for action_name, action_data in service_prefix_data["privileges"].items(): - if len(action_data["resource_types"].keys()) == 1: - for resource_type in action_data["resource_types"]: - if resource_type == '': - results.append(f"{service_prefix}:{action_name}") + if len(action_data["resource_types"]) == 1: + if action_data["resource_types"].get(""): + results.append(f"{service_prefix}:{action_name}") return results -def get_actions_matching_arn_type(service_prefix, resource_type_name): +def get_actions_matching_arn_type( + service_prefix: str, resource_type_name: str +) -> list[str]: """ Get a list of actions in a service specific to ARN type. @@ -238,58 +331,91 @@ def get_actions_matching_arn_type(service_prefix, resource_type_name): Return: List: A list of actions that have that ARN type """ - if resource_type_name == '*': + if resource_type_name == "*": return get_actions_that_support_wildcard_arns_only(service_prefix) - service_prefix_data = get_service_prefix_data(service_prefix) + schema_version = get_iam_definition_schema_version() + if schema_version == POLICY_SENTRY_SCHEMA_VERSION_V2: + return get_actions_matching_arn_type_v2( + service_prefix=service_prefix, + resource_type_name=resource_type_name, + ) + + return get_actions_matching_arn_type_v1( + service_prefix=service_prefix, + resource_type_name=resource_type_name, + ) + + +def get_actions_matching_arn_type_v2( + service_prefix: str, resource_type_name: str +) -> list[str]: + """ + Get a list of actions in a service specific to ARN type. + + Arguments: + service_prefix: A single AWS service prefix, like `s3` or `kms` + resource_type_name: The ARN type name, like `bucket` or `key` + Return: + List: A list of actions that have that ARN type + """ results = [] if service_prefix == "all": for some_prefix in all_service_prefixes: - service_prefix_data = get_service_prefix_data(some_prefix) - for action_name, action_data in service_prefix_data["privileges"].items(): - for resource_name, resource_data in action_data["resource_types"].items(): - this_resource_type = resource_data["resource_type"].strip("*") - if this_resource_type.lower() == resource_type_name.lower(): - results.append(f"{service_prefix}:{action_data['privilege']}") - break + actions = get_actions_matching_arn_type( + service_prefix=some_prefix, + resource_type_name=resource_type_name, + ) + if actions: + results.extend(actions) else: + service_prefix_data = get_service_prefix_data(service_prefix) for action_name, action_data in service_prefix_data["privileges"].items(): - for resource_name, resource_data in action_data["resource_types"].items(): - this_resource_type = resource_data["resource_type"].strip("*") - if this_resource_type.lower() == resource_type_name.lower(): - results.append(f"{service_prefix}:{action_data['privilege']}") - break + if resource_type_name.lower() in action_data["resource_types_lower_name"]: + results.append(f"{service_prefix}:{action_name}") return results -def get_actions_matching_arn(arn): +def get_actions_matching_arn(arn: str) -> list[str]: """ Given a user-supplied ARN, get a list of all actions that correspond to that ARN. + Arguments: + arn: A user-supplied arn + Returns: + List: A list of all actions that can match it. + """ + schema_version = get_iam_definition_schema_version() + if schema_version == POLICY_SENTRY_SCHEMA_VERSION_V2: + return get_actions_matching_arn_v2(arn=arn) + + return get_actions_matching_arn_v1(arn=arn) + + +def get_actions_matching_arn_v2(arn: str) -> list[str]: + """ + Given a user-supplied ARN, get a list of all actions that correspond to that ARN (v2). + Arguments: arn: A user-supplied arn Returns: List: A list of all actions that can match it. """ raw_arns = get_matching_raw_arns(arn) - results = [] + results = set() for raw_arn in raw_arns: resource_type_name = get_resource_type_name_with_raw_arn(raw_arn) service_prefix = get_service_from_arn(raw_arn) service_prefix_data = get_service_prefix_data(service_prefix) for action_name, action_data in service_prefix_data["privileges"].items(): - # for some_action in service_prefix_data["privileges"]: - for resource_name, resource_data in action_data["resource_types"].items(): - this_resource_type = resource_data["resource_type"].strip("*") - if this_resource_type.lower() == resource_type_name.lower(): - results.append(f"{service_prefix}:{action_data['privilege']}") - results = list(dict.fromkeys(results)) - results.sort() - return results + if resource_type_name.lower() in action_data["resource_types_lower_name"]: + results.add(f"{service_prefix}:{action_name}") + + return list(results) -def get_actions_matching_condition_key(service_prefix, condition_key): +def get_actions_matching_condition_key(service_prefix: str, condition_key: str): """ Get a list of actions under a service that allow the use of a specified condition key @@ -302,17 +428,18 @@ def get_actions_matching_condition_key(service_prefix, condition_key): results = [] if service_prefix == "all": for some_prefix in all_service_prefixes: - service_prefix_data = get_service_prefix_data(some_prefix) - for action_name, action_data in service_prefix_data["privileges"].items(): - for resource_name, resource_data in action_data["resource_types"].items(): - if condition_key in resource_data["condition_keys"]: - results.append(f"{service_prefix}:{action_data['privilege']}") + actions = get_actions_matching_condition_key( + service_prefix=some_prefix, + condition_key=condition_key, + ) + if actions: + results.extend(actions) else: service_prefix_data = get_service_prefix_data(service_prefix) for action_name, action_data in service_prefix_data["privileges"].items(): - for resource_name, resource_data in action_data["resource_types"].items(): + for resource_data in action_data["resource_types"].values(): if condition_key in resource_data["condition_keys"]: - results.append(f"{service_prefix}:{action_data['privilege']}") + results.append(f"{service_prefix}:{action_name}") return results @@ -332,7 +459,9 @@ def get_actions_matching_condition_key(service_prefix, condition_key): # -def remove_actions_not_matching_access_level(actions_list, access_level): +def remove_actions_not_matching_access_level( + actions_list: list[str], access_level: str +) -> list[str]: """ Given a list of actions, return a list of actions that match an access level @@ -344,41 +473,82 @@ def remove_actions_not_matching_access_level(actions_list, access_level): """ new_actions_list = [] - def is_access_level(some_service_prefix, some_action): - service_prefix_data = get_service_prefix_data(some_service_prefix.lower()) - this_result = None - if service_prefix_data: - if service_prefix_data.get("privileges"): - for action_name, action_data in service_prefix_data["privileges"].items(): - if action_data.get("access_level") == access_level: - if action_data.get("privilege").lower() == some_action.lower(): - this_result = f"{some_service_prefix}:{action_data.get('privilege')}" - break - if not this_result: - return False - else: - return this_result if actions_list == ["*"]: - actions_list.clear() + actions_list = [] for some_prefix in all_service_prefixes: service_prefix_data = get_service_prefix_data(some_prefix) for action_name, action_data in service_prefix_data["privileges"].items(): if action_data["access_level"] == access_level: - actions_list.append(f"{some_prefix}:{action_data['privilege']}") + actions_list.append(f"{some_prefix}:{action_name}") for action in actions_list: try: service_prefix, action_name = action.split(":") except ValueError as v_e: logger.debug(f"{v_e} - for action {action}") continue - result = is_access_level(service_prefix, action_name) + result = get_action_matching_access_level( + service_prefix=service_prefix, + action_name=action_name, + access_level=access_level, + ) if result: new_actions_list.append(result) - # new_actions_list.append(f"{service_prefix}:{action_name['privilege']}") return new_actions_list -def get_dependent_actions(actions_list): +def get_action_matching_access_level( + service_prefix: str, action_name: str, access_level: str +) -> str | None: + """ + Get the action under a service that match the given access level + + Arguments: + service_prefix: A single AWS service prefix + action_name: Name of the action + access_level: Access level like "Read" or "List" or "Permissions management" + Returns: + List: action or None + """ + schema_version = get_iam_definition_schema_version() + if schema_version == POLICY_SENTRY_SCHEMA_VERSION_V2: + return get_action_matching_access_level_v2( + service_prefix=service_prefix, + action_name=action_name, + access_level=access_level, + ) + + return get_action_matching_access_level_v1( + service_prefix=service_prefix, + action_name=action_name, + access_level=access_level, + ) + + +def get_action_matching_access_level_v2( + service_prefix: str, action_name: str, access_level: str +) -> str | None: + """ + Get the action under a service that match the given access level (v2) + + Arguments: + service_prefix: A single AWS service prefix + action_name: Name of the action + access_level: Access level like "Read" or "List" or "Permissions management" + Returns: + List: action or None + """ + service_prefix_data = get_service_prefix_data(service_prefix.lower()) + if service_prefix_data: + this_action_name = service_prefix_data["privileges_lower_name"].get(action_name.lower()) + if this_action_name: + action_data = service_prefix_data["privileges"][this_action_name] + if action_data["access_level"] == access_level: + return f"{service_prefix}:{this_action_name}" + + return None + + +def get_dependent_actions(actions_list: list[str]) -> list[str]: """ Given a list of IAM Actions, query the database to determine if the action has dependent actions in the fifth column of the Resources, Actions, and Condition keys tables. If it does, add the dependent actions @@ -394,22 +564,19 @@ def get_dependent_actions(actions_list): Returns: List: Updated list of actions, including dependent actions if applicable. """ - new_actions_list = [] + new_actions = set() for action in actions_list: service, action_name = action.split(":") rows = get_action_data(service, action_name) for row in rows[service]: - if row["dependent_actions"] is not None: - # new_actions_list.append(action) - # dependent_actions = [x.lower() for x in row["dependent_actions"]] - # dependent_actions = [x.lower() for x in row["dependent_actions"]] - new_actions_list.extend(row["dependent_actions"]) + dependent_actions = row["dependent_actions"] + if dependent_actions: + new_actions.update(dependent_actions) - new_actions_list = list(dict.fromkeys(new_actions_list)) - return new_actions_list + return list(new_actions) -def remove_actions_that_are_not_wildcard_arn_only(actions_list): +def remove_actions_that_are_not_wildcard_arn_only(actions_list: list[str]) -> list[str]: """ Given a list of actions, remove the ones that CAN be restricted to ARNs, leaving only the ones that cannot. @@ -419,7 +586,7 @@ def remove_actions_that_are_not_wildcard_arn_only(actions_list): List: An updated list of actions """ # remove duplicates, if there are any - actions_list_unique = list(dict.fromkeys(actions_list)) + actions_list_unique = set(actions_list) results = [] for action in actions_list_unique: service_prefix, action_name = action.split(":") @@ -431,7 +598,7 @@ def remove_actions_that_are_not_wildcard_arn_only(actions_list): return results -def get_privilege_info(service_prefix, action): +def get_privilege_info(service_prefix: str, action: str) -> dict[str, Any]: """ Given a service, like `s3` and an action name, like `ListBucket`, return info about that action. @@ -444,14 +611,20 @@ def get_privilege_info(service_prefix, action): """ try: privilege_info = iam_definition[service_prefix]["privileges"][action] - privilege_info["service_resources"] = iam_definition[service_prefix]["resources"] - privilege_info["service_conditions"] = iam_definition[service_prefix]["conditions"] + privilege_info["service_resources"] = iam_definition[service_prefix][ + "resources" + ] + privilege_info["service_conditions"] = iam_definition[service_prefix][ + "conditions" + ] except KeyError as k_e: raise Exception(f"Unknown action {service_prefix}:{action}") from k_e return privilege_info -def get_api_documentation_link_for_action(service_prefix, action_name): +def get_api_documentation_link_for_action( + service_prefix: str, action_name: str +) -> str | None: """ Given a service, like `s3` and an action name, like `ListBucket`, return the documentation link about that specific API call. @@ -464,15 +637,15 @@ def get_api_documentation_link_for_action(service_prefix, action_name): List: Link to the documentation about that API call """ rows = get_action_data(service_prefix, action_name) - result = None for row in rows.get(service_prefix): - if row.get("api_documentation_link"): - result = row.get("api_documentation_link") - return result + doc_link = row.get("api_documentation_link") + if doc_link: + return doc_link + return None @functools.lru_cache(maxsize=1024) -def get_all_action_links(): +def get_all_action_links() -> dict[str, str]: """ Gets a huge list of the links to all AWS IAM actions. This is meant for use by Cloudsplaining. @@ -487,8 +660,5 @@ def get_all_action_links(): logger.debug(f"{v_e} - for action {action}") continue link = get_api_documentation_link_for_action(service_prefix, action_name) - result = { - action: link - } - results.update(result) + results[action] = link return results diff --git a/policy_sentry/querying/actions_v1.py b/policy_sentry/querying/actions_v1.py new file mode 100644 index 000000000..9dcaa66be --- /dev/null +++ b/policy_sentry/querying/actions_v1.py @@ -0,0 +1,240 @@ +from __future__ import annotations + +import logging +import warnings +from typing import Any + +from policy_sentry.querying.all import get_all_service_prefixes +from policy_sentry.querying.arns import ( + get_matching_raw_arns, + get_resource_type_name_with_raw_arn, +) +from policy_sentry.shared.iam_data import get_service_prefix_data +from policy_sentry.util.arns import get_service_from_arn + +all_service_prefixes = get_all_service_prefixes() +logger = logging.getLogger(__name__) + + +def get_action_data_v1( + service: str, action_name: str +) -> dict[str, list[dict[str, Any]]]: + """ + DEPRECATED: Please recreate the IAM datastore file! + + Get details about an IAM Action in JSON format (v1). + + Arguments: + service: An AWS service prefix, like `s3` or `kms`. Case insensitive. + action_name: The name of an AWS IAM action, like `GetObject`. To get data about all actions in a service, specify "*". Case insensitive. + + Returns: + List: A dictionary containing metadata about an IAM Action. + """ + warnings.warn("Please recreate the IAM datastore file!", DeprecationWarning) + + results = [] + action_data_results = {} + try: + service_prefix_data = get_service_prefix_data(service) + for this_action_name, this_action_data in service_prefix_data[ + "privileges" + ].items(): + # Get the baseline conditions and dependent actions + condition_keys = [] + dependent_actions = [] + rows = [] + if action_name == "*": + # rows = this_action_data["resource_types"] + for resource_type_entry in this_action_data["resource_types"]: + rows.append(this_action_data["resource_types"][resource_type_entry]) + else: + for resource_type_entry in this_action_data["resource_types"]: + if this_action_name.lower() == action_name.lower(): + rows.append( + this_action_data["resource_types"][resource_type_entry] + ) + for row in rows: + # Set default value for if no other matches are found + resource_arn_format = "*" + # Get the dependent actions + if row["dependent_actions"]: + dependent_actions.extend(row["dependent_actions"]) + # Get the condition keys + for service_resource_name, service_resource_data in service_prefix_data[ + "resources" + ].items(): + if row["resource_type"] == "": + continue + if ( + row["resource_type"].strip("*") + == service_resource_data["resource"] + ): + resource_arn_format = service_resource_data.get("arn", "*") + condition_keys = service_resource_data.get("condition_keys") + break + temp_dict = { + "action": f"{service_prefix_data['prefix']}:{this_action_name}", + "description": this_action_data["description"], + "access_level": this_action_data["access_level"], + "api_documentation_link": this_action_data.get( + "api_documentation_link" + ), + "resource_arn_format": resource_arn_format, + "condition_keys": condition_keys, + "dependent_actions": dependent_actions, + } + results.append(temp_dict) + action_data_results[service] = results + except TypeError as t_e: + logger.debug(t_e) + + return action_data_results + + +def get_action_matching_access_level_v1( + service_prefix: str, action_name: str, access_level: str +) -> str | None: + """ + DEPRECATED: Please recreate the IAM datastore file! + + Get the action under a service that match the given access level (v1) + + Arguments: + service_prefix: A single AWS service prefix + action_name: Name of the action + access_level: Access level like "Read" or "List" or "Permissions management" + Returns: + List: action or None + """ + warnings.warn("Please recreate the IAM datastore file!", DeprecationWarning) + + result = None + service_prefix_data = get_service_prefix_data(service_prefix.lower()) + if service_prefix_data: + privileges = service_prefix_data.get("privileges") + if privileges: + for this_action_name, action_data in privileges.items(): + if action_data["access_level"] == access_level: + if this_action_name.lower() == action_name.lower(): + result = f"{service_prefix}:{this_action_name}" + break + + return result + + +def get_actions_with_arn_type_and_access_level_v1( + service_prefix: str, resource_type_name: str, access_level: str +) -> list[str]: + """ + DEPRECATED: Please recreate the IAM datastore file! + + Get a list of actions in a service under different access levels, specific to an ARN format (v1). + + Arguments: + service_prefix: A single AWS service prefix, like `s3` or `kms` + resource_type_name: The ARN type name, like `bucket` or `key` + access_level: Access level like "Read" or "List" or "Permissions management" + Return: + List: A list of actions that have that ARN type and Access level + """ + warnings.warn("Please recreate the IAM datastore file!", DeprecationWarning) + + service_prefix_data = get_service_prefix_data(service_prefix) + results = [] + + if service_prefix == "all": + for some_prefix in all_service_prefixes: + service_prefix_data = get_service_prefix_data(some_prefix) + for action_name, action_data in service_prefix_data["privileges"].items(): + if action_data["access_level"] == access_level: + for resource_name, resource_data in action_data[ + "resource_types" + ].items(): + this_resource_type = resource_data["resource_type"].strip("*") + if this_resource_type.lower() == resource_type_name.lower(): + results.append( + f"{service_prefix}:{action_data['privilege']}" + ) + break + else: + for action_name, action_data in service_prefix_data["privileges"].items(): + if action_data["access_level"] == access_level: + for resource_name, resource_data in action_data[ + "resource_types" + ].items(): + this_resource_type = resource_data["resource_type"].strip("*") + if this_resource_type.lower() == resource_type_name.lower(): + results.append(f"{service_prefix}:{action_data['privilege']}") + break + return results + + +def get_actions_matching_arn_type_v1( + service_prefix: str, resource_type_name: str +) -> list[str]: + """ + DEPRECATED: Please recreate the IAM datastore file! + + Get a list of actions in a service specific to ARN type (v1). + + Arguments: + service_prefix: A single AWS service prefix, like `s3` or `kms` + resource_type_name: The ARN type name, like `bucket` or `key` + Return: + List: A list of actions that have that ARN type + """ + warnings.warn("Please recreate the IAM datastore file!", DeprecationWarning) + + service_prefix_data = get_service_prefix_data(service_prefix) + results = [] + + if service_prefix == "all": + for some_prefix in all_service_prefixes: + service_prefix_data = get_service_prefix_data(some_prefix) + for action_name, action_data in service_prefix_data["privileges"].items(): + for resource_name, resource_data in action_data[ + "resource_types" + ].items(): + this_resource_type = resource_data["resource_type"].strip("*") + if this_resource_type.lower() == resource_type_name.lower(): + results.append(f"{service_prefix}:{action_data['privilege']}") + break + else: + for action_name, action_data in service_prefix_data["privileges"].items(): + for resource_name, resource_data in action_data["resource_types"].items(): + this_resource_type = resource_data["resource_type"].strip("*") + if this_resource_type.lower() == resource_type_name.lower(): + results.append(f"{service_prefix}:{action_data['privilege']}") + break + return results + + +def get_actions_matching_arn_v1(arn: str) -> list[str]: + """ + DEPRECATED: Please recreate the IAM datastore file! + + Given a user-supplied ARN, get a list of all actions that correspond to that ARN. + + Arguments: + arn: A user-supplied arn + Returns: + List: A list of all actions that can match it. + """ + warnings.warn("Please recreate the IAM datastore file!", DeprecationWarning) + + raw_arns = get_matching_raw_arns(arn) + results = [] + for raw_arn in raw_arns: + resource_type_name = get_resource_type_name_with_raw_arn(raw_arn) + service_prefix = get_service_from_arn(raw_arn) + service_prefix_data = get_service_prefix_data(service_prefix) + for action_name, action_data in service_prefix_data["privileges"].items(): + # for some_action in service_prefix_data["privileges"]: + for resource_name, resource_data in action_data["resource_types"].items(): + this_resource_type = resource_data["resource_type"].strip("*") + if this_resource_type.lower() == resource_type_name.lower(): + results.append(f"{service_prefix}:{action_data['privilege']}") + results = list(dict.fromkeys(results)) + + return results diff --git a/policy_sentry/querying/all.py b/policy_sentry/querying/all.py index 69ebf1572..6f6dbb82b 100644 --- a/policy_sentry/querying/all.py +++ b/policy_sentry/querying/all.py @@ -1,13 +1,25 @@ """IAM Database queries that are not specific to either the Actions, ARNs, or Condition Keys tables.""" +from __future__ import annotations + import logging import functools -from policy_sentry.shared.iam_data import iam_definition, get_service_prefix_data + +from policy_sentry.querying.all_v1 import get_all_actions_v1 +from policy_sentry.shared.constants import ( + POLICY_SENTRY_SCHEMA_VERSION_NAME, + POLICY_SENTRY_SCHEMA_VERSION_V2, +) +from policy_sentry.shared.iam_data import ( + iam_definition, + get_service_prefix_data, + get_iam_definition_schema_version, +) logger = logging.getLogger(__name__) @functools.lru_cache(maxsize=1024) -def get_all_service_prefixes(): +def get_all_service_prefixes() -> set[str]: """ Gets all the AWS service prefixes from the actions table. @@ -17,44 +29,64 @@ def get_all_service_prefixes(): Returns: List: A list of all AWS service prefixes present in the table. """ - # results = [d["prefix"] for d in iam_definition] - results = list(set(iam_definition.keys())) - results.sort() + results = set(iam_definition.keys()) + if POLICY_SENTRY_SCHEMA_VERSION_NAME in results: + results.remove(POLICY_SENTRY_SCHEMA_VERSION_NAME) + return results @functools.lru_cache(maxsize=1024) -def get_all_actions(lowercase=False): +def get_all_actions(lowercase: bool = False) -> set[str]: """ Gets a huge list of all IAM actions. This is used as part of the policyuniverse approach to minimizing IAM Policies to meet AWS-mandated character limits on policies. + :param lowercase: Set to true to have the list of actions be in all lowercase strings. + :return: A list of all actions present in the database. + """ + all_service_prefixes = get_all_service_prefixes() + + schema_version = get_iam_definition_schema_version() + if schema_version == POLICY_SENTRY_SCHEMA_VERSION_V2: + return get_all_actions_v2( + all_service_prefixes=all_service_prefixes, lowercase=lowercase + ) + + return get_all_actions_v1( + all_service_prefixes=all_service_prefixes, lowercase=lowercase + ) + + +def get_all_actions_v2( + all_service_prefixes: set[str], lowercase: bool = False +) -> set[str]: + """ + Gets a huge list of all IAM actions. This is used as part of the policyuniverse approach to minimizing + IAM Policies to meet AWS-mandated character limits on policies (v2). + :param lowercase: Set to true to have the list of actions be in all lowercase strings. :return: A list of all actions present in the database. """ all_actions = set() - all_service_prefixes = get_all_service_prefixes() for service_prefix in all_service_prefixes: service_prefix_data = get_service_prefix_data(service_prefix) - for action_name in service_prefix_data["privileges"]: - if lowercase: - all_actions.add( - f"{service_prefix}:{action_name.lower()}" - ) - else: - all_actions.add( - f"{service_prefix}:{action_name}" - ) - - # results = list(set(results)) - # results.sort() + if lowercase: + action_names = service_prefix_data["privileges_lower_name"].keys() + else: + action_names = service_prefix_data["privileges_lower_name"].values() + + all_actions.update( + f"{service_prefix}:{action_name}" for action_name in action_names + ) + return all_actions -def get_service_authorization_url(service_prefix: str) -> str: +def get_service_authorization_url(service_prefix: str) -> str | None: """ Gets the URL to the Actions, Resources, and Condition Keys page for a particular service. """ - result = iam_definition.get(service_prefix).get("service_authorization_url") + result = iam_definition.get(service_prefix, {}).get("service_authorization_url") return result diff --git a/policy_sentry/querying/all_v1.py b/policy_sentry/querying/all_v1.py new file mode 100644 index 000000000..7da02fd24 --- /dev/null +++ b/policy_sentry/querying/all_v1.py @@ -0,0 +1,34 @@ +from __future__ import annotations + +import warnings + +from policy_sentry.shared.iam_data import get_service_prefix_data + + +def get_all_actions_v1(all_service_prefixes: set[str] ,lowercase: bool = False) -> set[str]: + """ + DEPRECATED: Please recreate the IAM datastore file! + + Gets a huge list of all IAM actions. This is used as part of the policyuniverse approach to minimizing + IAM Policies to meet AWS-mandated character limits on policies (v1). + + :param lowercase: Set to true to have the list of actions be in all lowercase strings. + :return: A list of all actions present in the database. + """ + warnings.warn("Please recreate the IAM datastore file!", DeprecationWarning) + + all_actions = set() + + for service_prefix in all_service_prefixes: + service_prefix_data = get_service_prefix_data(service_prefix) + for action_name in service_prefix_data["privileges"]: + if lowercase: + all_actions.add( + f"{service_prefix}:{action_name.lower()}" + ) + else: + all_actions.add( + f"{service_prefix}:{action_name}" + ) + + return all_actions diff --git a/policy_sentry/querying/arns.py b/policy_sentry/querying/arns.py index 01567b70b..43078c17b 100644 --- a/policy_sentry/querying/arns.py +++ b/policy_sentry/querying/arns.py @@ -2,16 +2,28 @@ Methods that execute specific queries against the SQLite database for the ARN table. This supports the policy_sentry query functionality """ +from __future__ import annotations + import logging import functools -from policy_sentry.shared.iam_data import get_service_prefix_data +import warnings +from typing import Any + +from policy_sentry.querying.arns_v1 import get_arn_type_details_v1 +from policy_sentry.shared.constants import POLICY_SENTRY_SCHEMA_VERSION_V2 +from policy_sentry.shared.iam_data import ( + get_service_prefix_data, + get_iam_definition_schema_version, +) from policy_sentry.util.arns import does_arn_match, get_service_from_arn logger = logging.getLogger(__name__) -def get_arn_data(service_prefix, resource_type_name): +def get_arn_data(service_prefix: str, resource_type_name: str) -> list[dict[str, Any]]: """ + DEPRECATED: Please use get_arn_type_details() instead! + Get details about ARNs in JSON format. Arguments: @@ -20,6 +32,8 @@ def get_arn_data(service_prefix, resource_type_name): Returns: Dictionary: Metadata about an ARN type """ + warnings.warn("Please use get_arn_type_details() instead", DeprecationWarning) + results = [] service_prefix_data = get_service_prefix_data(service_prefix) for resource_name, resource_data in service_prefix_data["resources"].items(): @@ -34,7 +48,7 @@ def get_arn_data(service_prefix, resource_type_name): @functools.lru_cache(maxsize=1024) -def get_raw_arns_for_service(service_prefix): +def get_raw_arns_for_service(service_prefix: str) -> list[str]: """ Get a list of available raw ARNs per AWS service @@ -43,15 +57,15 @@ def get_raw_arns_for_service(service_prefix): Returns: List: A list of raw ARNs """ - results = [] service_prefix_data = get_service_prefix_data(service_prefix) - for resource_name, resource_data in service_prefix_data["resources"].items(): - results.append(resource_data["arn"]) - return results + return [ + resource_data["arn"] + for resource_data in service_prefix_data["resources"].values() + ] @functools.lru_cache(maxsize=1024) -def get_arn_types_for_service(service_prefix): +def get_arn_types_for_service(service_prefix: str) -> dict[str, str]: """ Get a list of available ARN short names per AWS service. @@ -60,14 +74,16 @@ def get_arn_types_for_service(service_prefix): Returns: List: A list of ARN types, like `bucket` or `object` """ - results = {} service_prefix_data = get_service_prefix_data(service_prefix) - for resource_name, resource_data in service_prefix_data["resources"].items(): - results[resource_data["resource"]] = resource_data["arn"] - return results + return { + resource_name: resource_data["arn"] + for resource_name, resource_data in service_prefix_data["resources"].items() + } -def get_arn_type_details(service_prefix, resource_type_name): +def get_arn_type_details( + service_prefix: str, resource_type_name: str +) -> dict[str, Any]: """ Get details about ARNs in JSON format. @@ -77,21 +93,45 @@ def get_arn_type_details(service_prefix, resource_type_name): Returns: Dictionary: Metadata about an ARN type """ - service_prefix_data = get_service_prefix_data(service_prefix) + schema_version = get_iam_definition_schema_version() + if schema_version == POLICY_SENTRY_SCHEMA_VERSION_V2: + return get_arn_type_details_v2( + service_prefix=service_prefix, resource_type_name=resource_type_name + ) + + return get_arn_type_details_v1( + service_prefix=service_prefix, resource_type_name=resource_type_name + ) + + +def get_arn_type_details_v2( + service_prefix: str, resource_type_name: str +) -> dict[str, Any]: + """ + Get details about ARNs in JSON format (v2). + + Arguments: + service_prefix: An AWS service prefix, like `s3` or `kms` + resource_type_name: The name of a resource type, like `bucket` or `object`. To get details on ALL arns in a service, specify "*" here. + Returns: + Dictionary: Metadata about an ARN type + """ output = {} - for resource_name, resource_data in service_prefix_data["resources"].items(): - if resource_data["resource"].lower() == resource_type_name.lower(): - output = { - "resource_type_name": resource_data["resource"], - "raw_arn": resource_data["arn"], - "condition_keys": resource_data["condition_keys"], - } - break + service_prefix_data = get_service_prefix_data(service_prefix) + this_resource_type_name = service_prefix_data["resources_lower_name"].get(resource_type_name.lower()) + if this_resource_type_name: + resource_data = service_prefix_data["resources"][this_resource_type_name] + output = { + "resource_type_name": this_resource_type_name, + "raw_arn": resource_data["arn"], + "condition_keys": resource_data["condition_keys"], + } + return output # pylint: disable=inconsistent-return-statements -def get_resource_type_name_with_raw_arn(raw_arn): +def get_resource_type_name_with_raw_arn(raw_arn: str) -> str | None: """ Given a raw ARN, return the resource type name as shown in the database. @@ -106,10 +146,12 @@ def get_resource_type_name_with_raw_arn(raw_arn): for resource_name, resource_data in service_data["resources"].items(): if resource_data["arn"].lower() == raw_arn.lower(): - return resource_data["resource"] + return resource_name + + return None -def get_matching_raw_arns(arn): +def get_matching_raw_arns(arn: str) -> list[str]: """ Given a user-supplied ARN, return the list of raw_arns since that is used as a unique identifier throughout this library diff --git a/policy_sentry/querying/arns_v1.py b/policy_sentry/querying/arns_v1.py new file mode 100644 index 000000000..094994944 --- /dev/null +++ b/policy_sentry/querying/arns_v1.py @@ -0,0 +1,33 @@ +from __future__ import annotations + +import warnings +from typing import Any + +from policy_sentry.shared.iam_data import get_service_prefix_data + + +def get_arn_type_details_v1(service_prefix: str, resource_type_name: str) -> dict[str, Any]: + """ + DEPRECATED: Please recreate the IAM datastore file! + + Get details about ARNs in JSON format (v1). + + Arguments: + service_prefix: An AWS service prefix, like `s3` or `kms` + resource_type_name: The name of a resource type, like `bucket` or `object`. To get details on ALL arns in a service, specify "*" here. + Returns: + Dictionary: Metadata about an ARN type + """ + warnings.warn("Please recreate the IAM datastore file!", DeprecationWarning) + + service_prefix_data = get_service_prefix_data(service_prefix) + output = {} + for resource_name, resource_data in service_prefix_data["resources"].items(): + if resource_data["resource"].lower() == resource_type_name.lower(): + output = { + "resource_type_name": resource_data["resource"], + "raw_arn": resource_data["arn"], + "condition_keys": resource_data["condition_keys"], + } + break + return output diff --git a/policy_sentry/querying/conditions.py b/policy_sentry/querying/conditions.py index 75a8f980d..75aa1afed 100644 --- a/policy_sentry/querying/conditions.py +++ b/policy_sentry/querying/conditions.py @@ -2,6 +2,8 @@ Methods that execute specific queries against the SQLite database for the CONDITIONS table. This supports the policy_sentry query functionality """ +from __future__ import annotations + import logging import functools from policy_sentry.shared.iam_data import get_service_prefix_data @@ -12,7 +14,7 @@ @functools.lru_cache(maxsize=1024) -def get_condition_keys_for_service(service_prefix): +def get_condition_keys_for_service(service_prefix: str) -> list[str]: """ Get a list of available conditions per AWS service @@ -22,13 +24,15 @@ def get_condition_keys_for_service(service_prefix): List: A list of condition keys """ service_prefix_data = get_service_prefix_data(service_prefix) - results = list(dict.fromkeys(service_prefix_data["conditions"].keys())) + results = [condition for condition in service_prefix_data["conditions"]] return results # Per condition key name # pylint: disable=inconsistent-return-statements -def get_condition_key_details(service_prefix, condition_key_name): +def get_condition_key_details( + service_prefix: str, condition_key_name: str +) -> dict[str, str]: """ Get details about a specific condition key in JSON format @@ -40,16 +44,16 @@ def get_condition_key_details(service_prefix, condition_key_name): """ service_prefix_data = get_service_prefix_data(service_prefix) for condition_name, condition_data in service_prefix_data["conditions"].items(): - if is_condition_key_match(condition_data["condition"], condition_key_name): + if is_condition_key_match(condition_name, condition_key_name): output = { - "name": condition_data["condition"], + "name": condition_name, "description": condition_data["description"], "condition_value_type": condition_data["type"].lower(), } return output -def get_conditions_for_action_and_raw_arn(action, raw_arn): +def get_conditions_for_action_and_raw_arn(action: str, raw_arn: str) -> list[str]: """ Get a list of conditions available to an action. @@ -68,7 +72,7 @@ def get_conditions_for_action_and_raw_arn(action, raw_arn): return conditions -def get_condition_keys_available_to_raw_arn(raw_arn): +def get_condition_keys_available_to_raw_arn(raw_arn: str) -> list[str]: """ Get a list of condition keys available to a RAW ARN @@ -77,19 +81,19 @@ def get_condition_keys_available_to_raw_arn(raw_arn): Returns: List: A list of condition keys """ - results = [] + results = set() elements = raw_arn.split(":", 5) service_prefix = elements[2] service_prefix_data = get_service_prefix_data(service_prefix) - for resource_name, resource_data in service_prefix_data["resources"].items(): + for resource_data in service_prefix_data["resources"].values(): if resource_data["arn"] == raw_arn: - results.extend(resource_data["condition_keys"]) - results = list(dict.fromkeys(results)) - return results + results.update(resource_data["condition_keys"]) + + return list(results) # pylint: disable=inconsistent-return-statements -def get_condition_value_type(condition_key): +def get_condition_value_type(condition_key: str) -> str | None: """ Get the data type of the condition key - like Date, String, etc. @@ -101,6 +105,10 @@ def get_condition_value_type(condition_key): service_prefix, condition_name = condition_key.split(":") service_prefix_data = get_service_prefix_data(service_prefix) - for condition_key_entry, condition_key_data in service_prefix_data["conditions"].items(): - if is_condition_key_match(condition_key_data["condition"], condition_key): + for condition_key_entry, condition_key_data in service_prefix_data[ + "conditions" + ].items(): + if is_condition_key_match(condition_key_entry, condition_key): return condition_key_data["type"].lower() + + return None diff --git a/policy_sentry/shared/awsdocs.py b/policy_sentry/shared/awsdocs.py index 9e9ec5e11..1ac4739eb 100644 --- a/policy_sentry/shared/awsdocs.py +++ b/policy_sentry/shared/awsdocs.py @@ -20,6 +20,8 @@ BASE_DOCUMENTATION_URL, BUNDLED_HTML_DIRECTORY_PATH, BUNDLED_ACCESS_OVERRIDES_FILE, + POLICY_SENTRY_SCHEMA_VERSION_NAME, + POLICY_SENTRY_SCHEMA_VERSION_LATEST, ) from policy_sentry.util.access_levels import determine_access_level_override from policy_sentry.util.file import read_yaml_file @@ -162,7 +164,9 @@ def create_database(destination_directory, access_level_overrides_file): ) # This holds the entire IAM definition - schema = {} + schema = { + POLICY_SENTRY_SCHEMA_VERSION_NAME: POLICY_SENTRY_SCHEMA_VERSION_LATEST + } # for filename in ['list_amazonathena.partial.html']: file_list = [] @@ -209,7 +213,9 @@ def create_database(destination_directory, access_level_overrides_file): "prefix": service_prefix, "service_authorization_url": service_authorization_url, "privileges": {}, + "privileges_lower_name": {}, # used for faster lookups "resources": {}, + "resources_lower_name": {}, # used for faster lookups "conditions": {}, } @@ -285,6 +291,7 @@ def create_database(destination_directory, access_level_overrides_file): # else: # access_level = access_level resource_types = {} + resource_types_lower_name = {} resource_cell = 3 while rowspan > 0: @@ -322,6 +329,7 @@ def create_database(destination_directory, access_level_overrides_file): "condition_keys": condition_keys, "dependent_actions": dependent_actions, } + resource_types_lower_name[resource_type.lower()] = resource_type rowspan -= 1 if rowspan > 0: row_number += 1 @@ -337,10 +345,12 @@ def create_database(destination_directory, access_level_overrides_file): "description": description, "access_level": access_level, "resource_types": resource_types, + "resource_types_lower_name": resource_types_lower_name, "api_documentation_link": api_documentation_link } schema[service_prefix]["privileges"][priv] = privilege_schema + schema[service_prefix]["privileges_lower_name"][priv.lower()] = priv row_number += 1 # Get resource table @@ -373,6 +383,7 @@ def create_database(destination_directory, access_level_overrides_file): "arn": arn, "condition_keys": conditions } + schema[service_prefix]["resources_lower_name"][resource.lower()] = resource # Get condition keys table for table in tables: @@ -408,5 +419,5 @@ def create_database(destination_directory, access_level_overrides_file): iam_definition_file = os.path.join(destination_directory, "iam-definition.json") with open(iam_definition_file, "w") as file: - json.dump(schema, file, indent=4) + json.dump(schema, file, indent=2) logger.info("Wrote IAM definition file to path: ", iam_definition_file) diff --git a/policy_sentry/shared/constants.py b/policy_sentry/shared/constants.py index 9d9bce5f6..b126a92ab 100644 --- a/policy_sentry/shared/constants.py +++ b/policy_sentry/shared/constants.py @@ -24,10 +24,8 @@ # Data json file # On initialization, load the IAM data -BUNDLED_DATASTORE_FILE_PATH = os.path.join( - str(Path(os.path.dirname(__file__))), "data", "iam-definition.json" -) -LOCAL_DATASTORE_FILE_PATH = os.path.join(CONFIG_DIRECTORY, "iam-definition.json") +BUNDLED_DATASTORE_FILE_PATH = str(Path(__file__).parent / "data/iam-definition.json") +LOCAL_DATASTORE_FILE_PATH = str(Path(CONFIG_DIRECTORY) / "iam-definition.json") # Check for the existence of the local datastore first. if os.path.exists(LOCAL_DATASTORE_FILE_PATH): # If it exists, leverage that datastore instead of the one bundled with the python package @@ -58,3 +56,9 @@ # Policy constants # https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html POLICY_LANGUAGE_VERSION = "2012-10-17" + +# IAM datastore schema versions +POLICY_SENTRY_SCHEMA_VERSION_NAME = "policy_sentry_schema_version" +POLICY_SENTRY_SCHEMA_VERSION_V1 = "v1" +POLICY_SENTRY_SCHEMA_VERSION_V2 = "v2" +POLICY_SENTRY_SCHEMA_VERSION_LATEST = POLICY_SENTRY_SCHEMA_VERSION_V2 diff --git a/policy_sentry/shared/data/iam-definition.json b/policy_sentry/shared/data/iam-definition.json index bc80d81af..e6a336222 100644 --- a/policy_sentry/shared/data/iam-definition.json +++ b/policy_sentry/shared/data/iam-definition.json @@ -1,290702 +1,362438 @@ { - "a4b": { - "service_name": "Alexa for Business", - "prefix": "a4b", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_alexaforbusiness.html", - "privileges": { - "ApproveSkill": { - "privilege": "ApproveSkill", - "description": "Grants permission to associate a skill with the organization under the customer's AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ApproveSkill.html" - }, - "AssociateContactWithAddressBook": { - "privilege": "AssociateContactWithAddressBook", - "description": "Grants permission to associate a contact with a given address book", - "access_level": "Write", - "resource_types": { - "addressbook": { - "resource_type": "addressbook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateContactWithAddressBook.html" - }, - "AssociateDeviceWithNetworkProfile": { - "privilege": "AssociateDeviceWithNetworkProfile", - "description": "Grants permission to associate a device with the specified network profile", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "networkprofile": { - "resource_type": "networkprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateDeviceWithNetworkProfile.html" - }, - "AssociateDeviceWithRoom": { - "privilege": "AssociateDeviceWithRoom", - "description": "Grants permission to associate device with given room", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateDeviceWithRoom.html" - }, - "AssociateSkillGroupWithRoom": { - "privilege": "AssociateSkillGroupWithRoom", - "description": "Grants permission to associate the skill group with given room", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "skillgroup": { - "resource_type": "skillgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateSkillGroupWithRoom.html" - }, - "AssociateSkillWithSkillGroup": { - "privilege": "AssociateSkillWithSkillGroup", - "description": "Grants permission to associate a skill with a skill group", - "access_level": "Write", - "resource_types": { - "skillgroup": { - "resource_type": "skillgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateSkillWithSkillGroup.html" - }, - "AssociateSkillWithUsers": { - "privilege": "AssociateSkillWithUsers", - "description": "Grants permission to make a private skill available for enrolled users to enable on their devices", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateSkillWithUsers.html" - }, - "CompleteRegistration": { - "privilege": "CompleteRegistration", - "description": "Grants permission to complete the operation of registering an Alexa device", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/ag/manage-devices.html" - }, - "CreateAddressBook": { - "privilege": "CreateAddressBook", - "description": "Grants permission to create an address book with the specified details", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateAddressBook.html" - }, - "CreateBusinessReportSchedule": { - "privilege": "CreateBusinessReportSchedule", - "description": "Grants permission to create a recurring schedule for usage reports to deliver to the specified S3 location with a specified daily or weekly interval", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateBusinessReportSchedule.html" - }, - "CreateConferenceProvider": { - "privilege": "CreateConferenceProvider", - "description": "Grants permission to add a new conference provider under the user's AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateConferenceProvider.html" - }, - "CreateContact": { - "privilege": "CreateContact", - "description": "Grants permission to create a contact with the specified details", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateContact.html" - }, - "CreateGatewayGroup": { - "privilege": "CreateGatewayGroup", - "description": "Grants permission to create a gateway group with the specified details", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateGatewayGroup.html" - }, - "CreateNetworkProfile": { - "privilege": "CreateNetworkProfile", - "description": "Grants permission to create a network profile with the specified details", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateNetworkProfile.html" - }, - "CreateProfile": { - "privilege": "CreateProfile", - "description": "Grants permission to create a new profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateProfile.html" - }, - "CreateRoom": { - "privilege": "CreateRoom", - "description": "Grants permission to create room with the specified details", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateRoom.html" - }, - "CreateSkillGroup": { - "privilege": "CreateSkillGroup", - "description": "Grants permission to create a skill group with given name and description", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateSkillGroup.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateUser.html" - }, - "DeleteAddressBook": { - "privilege": "DeleteAddressBook", - "description": "Grants permission to delete an address book by the address book ARN", - "access_level": "Write", - "resource_types": { - "addressbook": { - "resource_type": "addressbook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteAddressBook.html" - }, - "DeleteBusinessReportSchedule": { - "privilege": "DeleteBusinessReportSchedule", - "description": "Grants permission to delete the recurring report delivery schedule with the specified schedule ARN", - "access_level": "Write", - "resource_types": { - "schedule": { - "resource_type": "schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteBusinessReportSchedule.html" - }, - "DeleteConferenceProvider": { - "privilege": "DeleteConferenceProvider", - "description": "Grants permission to delete a conference provider", - "access_level": "Write", - "resource_types": { - "conferenceprovider": { - "resource_type": "conferenceprovider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteConferenceProvider.html" - }, - "DeleteContact": { - "privilege": "DeleteContact", - "description": "Grants permission to delete a contact by the contact ARN", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteContact.html" - }, - "DeleteDevice": { - "privilege": "DeleteDevice", - "description": "Grants permission to remove a device from Alexa For Business", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteDevice.html" - }, - "DeleteDeviceUsageData": { - "privilege": "DeleteDeviceUsageData", - "description": "Grants permission to delete the device's entire previous history of voice input data and associated response data", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteDeviceUsageData.html" - }, - "DeleteGatewayGroup": { - "privilege": "DeleteGatewayGroup", - "description": "Grants permission to delete a gateway group", - "access_level": "Write", - "resource_types": { - "gatewaygroup": { - "resource_type": "gatewaygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteGatewayGroup.html" - }, - "DeleteNetworkProfile": { - "privilege": "DeleteNetworkProfile", - "description": "Grants permission to delete a network profile by the network profile ARN", - "access_level": "Write", - "resource_types": { - "networkprofile": { - "resource_type": "networkprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteNetworkProfile.html" - }, - "DeleteProfile": { - "privilege": "DeleteProfile", - "description": "Grants permission to delete profile by profile ARN", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteProfile.html" - }, - "DeleteRoom": { - "privilege": "DeleteRoom", - "description": "Grants permission to delete room", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteRoom.html" - }, - "DeleteRoomSkillParameter": { - "privilege": "DeleteRoomSkillParameter", - "description": "Grants permission to delete a parameter from a skill and room", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteRoomSkillParameter.html" - }, - "DeleteSkillAuthorization": { - "privilege": "DeleteSkillAuthorization", - "description": "Grants permission to unlink a third-party account from a skill", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteSkillAuthorization.html" - }, - "DeleteSkillGroup": { - "privilege": "DeleteSkillGroup", - "description": "Grants permission to delete skill group with skill group ARN", - "access_level": "Write", - "resource_types": { - "skillgroup": { - "resource_type": "skillgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteSkillGroup.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteUser.html" - }, - "DisassociateContactFromAddressBook": { - "privilege": "DisassociateContactFromAddressBook", - "description": "Grants permission to disassociate a contact from a given address book", - "access_level": "Write", - "resource_types": { - "addressbook": { - "resource_type": "addressbook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateContactFromAddressBook.html" - }, - "DisassociateDeviceFromRoom": { - "privilege": "DisassociateDeviceFromRoom", - "description": "Grants permission to disassociate device from its current room", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateDeviceFromRoom.html" - }, - "DisassociateSkillFromSkillGroup": { - "privilege": "DisassociateSkillFromSkillGroup", - "description": "Grants permission to disassociate a skill from a skill group", - "access_level": "Write", - "resource_types": { - "skillgroup": { - "resource_type": "skillgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateSkillFromSkillGroup.html" - }, - "DisassociateSkillFromUsers": { - "privilege": "DisassociateSkillFromUsers", - "description": "Grants permission to make a private skill unavailable for enrolled users and prevent them from enabling it on their devices", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateSkillFromUsers.html" - }, - "DisassociateSkillGroupFromRoom": { - "privilege": "DisassociateSkillGroupFromRoom", - "description": "Grants permission to disassociate the skill group from given room", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "skillgroup": { - "resource_type": "skillgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateSkillGroupFromRoom.html" - }, - "ForgetSmartHomeAppliances": { - "privilege": "ForgetSmartHomeAppliances", - "description": "Grants permission to forget smart home appliances associated to a room", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ForgetSmartHomeAppliances.html" - }, - "GetAddressBook": { - "privilege": "GetAddressBook", - "description": "Grants permission to get the address book details by the address book ARN", - "access_level": "Read", - "resource_types": { - "addressbook": { - "resource_type": "addressbook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetAddressBook.html" - }, - "GetConferencePreference": { - "privilege": "GetConferencePreference", - "description": "Grants permission to retrieve the existing conference preferences", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetConferencePreference.html" - }, - "GetConferenceProvider": { - "privilege": "GetConferenceProvider", - "description": "Grants permission to get details about a specific conference provider", - "access_level": "Read", - "resource_types": { - "conferenceprovider": { - "resource_type": "conferenceprovider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetConferenceProvider.html" - }, - "GetContact": { - "privilege": "GetContact", - "description": "Grants permission to get the contact details by the contact ARN", - "access_level": "Read", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetContact.html" - }, - "GetDevice": { - "privilege": "GetDevice", - "description": "Grants permission to get device details", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetDevice.html" - }, - "GetGateway": { - "privilege": "GetGateway", - "description": "Grants permission to retrieve the details of a gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetGateway.html" - }, - "GetGatewayGroup": { - "privilege": "GetGatewayGroup", - "description": "Grants permission to retrieve the details of a gateway group", - "access_level": "Read", - "resource_types": { - "gatewaygroup": { - "resource_type": "gatewaygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetGatewayGroup.html" - }, - "GetInvitationConfiguration": { - "privilege": "GetInvitationConfiguration", - "description": "Grants permission to retrieve the configured values for the user enrollment invitation email template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetInvitationConfiguration.html" - }, - "GetNetworkProfile": { - "privilege": "GetNetworkProfile", - "description": "Grants permission to get the network profile details by the network profile ARN", - "access_level": "Read", - "resource_types": { - "networkprofile": { - "resource_type": "networkprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetNetworkProfile.html" - }, - "GetProfile": { - "privilege": "GetProfile", - "description": "Grants permission to get profile when provided with Profile ARN", - "access_level": "Read", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetProfile.html" - }, - "GetRoom": { - "privilege": "GetRoom", - "description": "Grants permission to get room details", - "access_level": "Read", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetRoom.html" - }, - "GetRoomSkillParameter": { - "privilege": "GetRoomSkillParameter", - "description": "Grants permission to get an existing parameter that has been set for a skill and room", - "access_level": "Read", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetRoomSkillParameter.html" - }, - "GetSkillGroup": { - "privilege": "GetSkillGroup", - "description": "Grants permission to get skill group details with skill group ARN", - "access_level": "Read", - "resource_types": { - "skillgroup": { - "resource_type": "skillgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetSkillGroup.html" - }, - "ListBusinessReportSchedules": { - "privilege": "ListBusinessReportSchedules", - "description": "Grants permission to list the details of the schedules that a user configured", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListBusinessReportSchedules.html" - }, - "ListConferenceProviders": { - "privilege": "ListConferenceProviders", - "description": "Grants permission to list conference providers under a specific AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListConferenceProviders.html" - }, - "ListDeviceEvents": { - "privilege": "ListDeviceEvents", - "description": "Grants permission to list the device event history, including device connection status, for up to 30 days", - "access_level": "List", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListDeviceEvents.html" - }, - "ListGatewayGroups": { - "privilege": "ListGatewayGroups", - "description": "Grants permission to list gateway group summaries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListGatewayGroups.html" - }, - "ListGateways": { - "privilege": "ListGateways", - "description": "Grants permission to list gateway summaries", - "access_level": "List", - "resource_types": { - "gatewaygroup": { - "resource_type": "gatewaygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListGateways.html" - }, - "ListSkills": { - "privilege": "ListSkills", - "description": "Grants permission to list skills", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSkills.html" - }, - "ListSkillsStoreCategories": { - "privilege": "ListSkillsStoreCategories", - "description": "Grants permission to list all categories in the Alexa skill store", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSkillsStoreCategories.html" - }, - "ListSkillsStoreSkillsByCategory": { - "privilege": "ListSkillsStoreSkillsByCategory", - "description": "Grants permission to list all skills in the Alexa skill store by category", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSkillsStoreSkillsByCategory.html" - }, - "ListSmartHomeAppliances": { - "privilege": "ListSmartHomeAppliances", - "description": "Grants permission to list all of the smart home appliances associated with a room", - "access_level": "List", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSmartHomeAppliances.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to list all tags on a resource", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "room": { - "resource_type": "room", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListTags.html" - }, - "PutConferencePreference": { - "privilege": "PutConferencePreference", - "description": "Grants permission to set the conference preferences on a specific conference provider at the account level", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutConferencePreference.html" - }, - "PutDeviceSetupEvents": { - "privilege": "PutDeviceSetupEvents", - "description": "Grants permission to publish Alexa device setup events", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/ag/manage-devices.html" - }, - "PutInvitationConfiguration": { - "privilege": "PutInvitationConfiguration", - "description": "Grants permission to configure the email template for the user enrollment invitation with the specified attributes", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutInvitationConfiguration.html" - }, - "PutRoomSkillParameter": { - "privilege": "PutRoomSkillParameter", - "description": "Grants permission to put a room specific parameter for a skill", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutRoomSkillParameter.html" - }, - "PutSkillAuthorization": { - "privilege": "PutSkillAuthorization", - "description": "Grants permission to link a user's account to a third-party skill provider", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutSkillAuthorization.html" - }, - "RegisterAVSDevice": { - "privilege": "RegisterAVSDevice", - "description": "Grants permission to register an Alexa-enabled device built by an Original Equipment Manufacturer (OEM) using Alexa Voice Service (AVS)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_RegisterAVSDevice.html" - }, - "RegisterDevice": { - "privilege": "RegisterDevice", - "description": "Grants permission to register an Alexa device", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/ag/manage-devices.html" - }, - "RejectSkill": { - "privilege": "RejectSkill", - "description": "Grants permission to disassociate a skill from the organization under a user's AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_RejectSkill.html" - }, - "ResolveRoom": { - "privilege": "ResolveRoom", - "description": "Grants permission to resolve room information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ResolveRoom.html" - }, - "RevokeInvitation": { - "privilege": "RevokeInvitation", - "description": "Grants permission to revoke an invitation", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_RevokeInvitation.html" - }, - "SearchAddressBooks": { - "privilege": "SearchAddressBooks", - "description": "Grants permission to search address books and list the ones that meet a set of filter and sort criteria", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchAddressBooks.html" - }, - "SearchContacts": { - "privilege": "SearchContacts", - "description": "Grants permission to search contacts and list the ones that meet a set of filter and sort criteria", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchContacts.html" - }, - "SearchDevices": { - "privilege": "SearchDevices", - "description": "Grants permission to search for devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchDevices.html" - }, - "SearchNetworkProfiles": { - "privilege": "SearchNetworkProfiles", - "description": "Grants permission to search network profiles and list the ones that meet a set of filter and sort criteria", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchNetworkProfiles.html" - }, - "SearchProfiles": { - "privilege": "SearchProfiles", - "description": "Grants permission to search for profiles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchProfiles.html" - }, - "SearchRooms": { - "privilege": "SearchRooms", - "description": "Grants permission to search for rooms", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchRooms.html" - }, - "SearchSkillGroups": { - "privilege": "SearchSkillGroups", - "description": "Grants permission to search for skill groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchSkillGroups.html" - }, - "SearchUsers": { - "privilege": "SearchUsers", - "description": "Grants permission to search for users", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchUsers.html" - }, - "SendAnnouncement": { - "privilege": "SendAnnouncement", - "description": "Grants permission to trigger an asynchronous flow to send text, SSML, or audio announcements to rooms that are identified by a search or filter", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SendAnnouncement.html" - }, - "SendInvitation": { - "privilege": "SendInvitation", - "description": "Grants permission to send an invitation to a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SendInvitation.html" - }, - "StartDeviceSync": { - "privilege": "StartDeviceSync", - "description": "Grants permission to restore the device and its account to its known, default settings by clearing all information and settings set by its previous users", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_StartDeviceSync.html" - }, - "StartSmartHomeApplianceDiscovery": { - "privilege": "StartSmartHomeApplianceDiscovery", - "description": "Grants permission to initiate the discovery of any smart home appliances associated with the room", - "access_level": "Read", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_StartSmartHomeApplianceDiscovery.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add metadata tags to a resource", - "access_level": "Tagging", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "room": { - "resource_type": "room", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove metadata tags from a resource", - "access_level": "Tagging", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "room": { - "resource_type": "room", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UntagResource.html" - }, - "UpdateAddressBook": { - "privilege": "UpdateAddressBook", - "description": "Grants permission to update address book details by the address book ARN", - "access_level": "Write", - "resource_types": { - "addressbook": { - "resource_type": "addressbook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateAddressBook.html" - }, - "UpdateBusinessReportSchedule": { - "privilege": "UpdateBusinessReportSchedule", - "description": "Grants permission to update the configuration of the report delivery schedule with the specified schedule ARN", - "access_level": "Write", - "resource_types": { - "schedule": { - "resource_type": "schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateBusinessReportSchedule.html" - }, - "UpdateConferenceProvider": { - "privilege": "UpdateConferenceProvider", - "description": "Grants permission to update an existing conference provider's settings", - "access_level": "Write", - "resource_types": { - "conferenceprovider": { - "resource_type": "conferenceprovider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateConferenceProvider.html" - }, - "UpdateContact": { - "privilege": "UpdateContact", - "description": "Grants permission to update the contact details by the contact ARN", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateContact.html" - }, - "UpdateDevice": { - "privilege": "UpdateDevice", - "description": "Grants permission to update device name", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateDevice.html" - }, - "UpdateGateway": { - "privilege": "UpdateGateway", - "description": "Grants permission to update the details of a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateGateway.html" - }, - "UpdateGatewayGroup": { - "privilege": "UpdateGatewayGroup", - "description": "Grants permission to update the details of a gateway group", - "access_level": "Write", - "resource_types": { - "gatewaygroup": { - "resource_type": "gatewaygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateGatewayGroup.html" - }, - "UpdateNetworkProfile": { - "privilege": "UpdateNetworkProfile", - "description": "Grants permission to update a network profile by the network profile ARN", - "access_level": "Write", - "resource_types": { - "networkprofile": { - "resource_type": "networkprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateNetworkProfile.html" - }, - "UpdateProfile": { - "privilege": "UpdateProfile", - "description": "Grants permission to update an existing profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateProfile.html" - }, - "UpdateRoom": { - "privilege": "UpdateRoom", - "description": "Grants permission to update room details", - "access_level": "Write", - "resource_types": { - "room": { - "resource_type": "room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateRoom.html" - }, - "UpdateSkillGroup": { - "privilege": "UpdateSkillGroup", - "description": "Grants permission to update skill group details with skill group ARN", - "access_level": "Write", - "resource_types": { - "skillgroup": { - "resource_type": "skillgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateSkillGroup.html" - } - }, - "resources": { - "profile": { - "resource": "profile", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:profile/${ResourceId}", - "condition_keys": [] - }, - "room": { - "resource": "room", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:room/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "device": { - "resource": "device", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:device/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "skillgroup": { - "resource": "skillgroup", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:skill-group/${ResourceId}", - "condition_keys": [] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:user/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "addressbook": { - "resource": "addressbook", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:address-book/${ResourceId}", - "condition_keys": [] - }, - "conferenceprovider": { - "resource": "conferenceprovider", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:conference-provider/${ResourceId}", - "condition_keys": [] - }, - "contact": { - "resource": "contact", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:contact/${ResourceId}", - "condition_keys": [] - }, - "schedule": { - "resource": "schedule", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:schedule/${ResourceId}", - "condition_keys": [] - }, - "networkprofile": { - "resource": "networkprofile", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:network-profile/${ResourceId}", - "condition_keys": [] - }, - "gateway": { - "resource": "gateway", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:gateway/${ResourceId}", - "condition_keys": [] - }, - "gatewaygroup": { - "resource": "gatewaygroup", - "arn": "arn:${Partition}:a4b:${Region}:${Account}:gateway-group/${ResourceId}", - "condition_keys": [] - } - }, - "conditions": { - "a4b:amazonId": { - "condition": "a4b:amazonId", - "description": "Filters actions based on the Amazon Id in the request", - "type": "String" - }, - "a4b:filters_deviceType": { - "condition": "a4b:filters_deviceType", - "description": "Filters actions based on the device type in the request", - "type": "ArrayOfString" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value assoicated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "execute-api": { - "service_name": "Amazon API Gateway", - "prefix": "execute-api", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonapigateway.html", - "privileges": { - "InvalidateCache": { - "privilege": "InvalidateCache", - "description": "Used to invalidate API cache upon a client request", - "access_level": "Write", - "resource_types": { - "execute-api-general": { - "resource_type": "execute-api-general", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigateway/api-reference/api-gateway-caching.html" - }, - "Invoke": { - "privilege": "Invoke", - "description": "Used to invoke an API upon a client request", - "access_level": "Write", - "resource_types": { - "execute-api-general": { - "resource_type": "execute-api-general", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigateway/api-reference/how-to-call-api.html" - }, - "ManageConnections": { - "privilege": "ManageConnections", - "description": "ManageConnections controls access to the @connections API", - "access_level": "Write", - "resource_types": { - "execute-api-general": { - "resource_type": "execute-api-general", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigateway/api-reference/apigateway-websocket-control-access-iam.html" - } - }, - "resources": { - "execute-api-general": { - "resource": "execute-api-general", - "arn": "arn:${Partition}:execute-api:${Region}:${Account}:${ApiId}/${Stage}/${Method}/${ApiSpecificResourcePath}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "apigateway": { - "service_name": "Amazon API Gateway Management", - "prefix": "apigateway", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonapigatewaymanagement.html", - "privileges": { - "AddCertificateToDomain": { - "privilege": "AddCertificateToDomain", - "description": "Grants permission to add certificates for mutual TLS authentication to a domain name. This is an additional authorization control for managing the DomainName resource due to the sensitive nature of mTLS", - "access_level": "Permissions management", - "resource_types": { - "DomainName": { - "resource_type": "DomainName", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DomainNames": { - "resource_type": "DomainNames", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" - }, - "DELETE": { - "privilege": "DELETE", - "description": "Grants permission to delete a particular resource", - "access_level": "Write", - "resource_types": { - "AccessLogSettings": { - "resource_type": "AccessLogSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Api": { - "resource_type": "Api", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ApiMapping": { - "resource_type": "ApiMapping", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Authorizer": { - "resource_type": "Authorizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AuthorizersCache": { - "resource_type": "AuthorizersCache", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Cors": { - "resource_type": "Cors", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Deployment": { - "resource_type": "Deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Integration": { - "resource_type": "Integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "IntegrationResponse": { - "resource_type": "IntegrationResponse", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Model": { - "resource_type": "Model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Route": { - "resource_type": "Route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteRequestParameter": { - "resource_type": "RouteRequestParameter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteResponse": { - "resource_type": "RouteResponse", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteSettings": { - "resource_type": "RouteSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stage": { - "resource_type": "Stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_DELETE.html" - }, - "GET": { - "privilege": "GET", - "description": "Grants permission to read a particular resource", - "access_level": "Read", - "resource_types": { - "AccessLogSettings": { - "resource_type": "AccessLogSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Api": { - "resource_type": "Api", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ApiMapping": { - "resource_type": "ApiMapping", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ApiMappings": { - "resource_type": "ApiMappings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Apis": { - "resource_type": "Apis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Authorizer": { - "resource_type": "Authorizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Authorizers": { - "resource_type": "Authorizers", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AuthorizersCache": { - "resource_type": "AuthorizersCache", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Cors": { - "resource_type": "Cors", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Deployment": { - "resource_type": "Deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Deployments": { - "resource_type": "Deployments", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ExportedAPI": { - "resource_type": "ExportedAPI", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Integration": { - "resource_type": "Integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "IntegrationResponse": { - "resource_type": "IntegrationResponse", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "IntegrationResponses": { - "resource_type": "IntegrationResponses", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Integrations": { - "resource_type": "Integrations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Model": { - "resource_type": "Model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ModelTemplate": { - "resource_type": "ModelTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Models": { - "resource_type": "Models", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Route": { - "resource_type": "Route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteRequestParameter": { - "resource_type": "RouteRequestParameter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteResponse": { - "resource_type": "RouteResponse", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteResponses": { - "resource_type": "RouteResponses", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteSettings": { - "resource_type": "RouteSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Routes": { - "resource_type": "Routes", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stage": { - "resource_type": "Stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stages": { - "resource_type": "Stages", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_GET.html" - }, - "PATCH": { - "privilege": "PATCH", - "description": "Grants permission to update a particular resource", - "access_level": "Write", - "resource_types": { - "Api": { - "resource_type": "Api", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ApiMapping": { - "resource_type": "ApiMapping", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Authorizer": { - "resource_type": "Authorizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Deployment": { - "resource_type": "Deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Integration": { - "resource_type": "Integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "IntegrationResponse": { - "resource_type": "IntegrationResponse", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Model": { - "resource_type": "Model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Route": { - "resource_type": "Route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteRequestParameter": { - "resource_type": "RouteRequestParameter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteResponse": { - "resource_type": "RouteResponse", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stage": { - "resource_type": "Stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_PATCH.html" - }, - "POST": { - "privilege": "POST", - "description": "Grants permission to create a particular resource", - "access_level": "Write", - "resource_types": { - "ApiMappings": { - "resource_type": "ApiMappings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Apis": { - "resource_type": "Apis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Authorizers": { - "resource_type": "Authorizers", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Deployments": { - "resource_type": "Deployments", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "IntegrationResponses": { - "resource_type": "IntegrationResponses", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Integrations": { - "resource_type": "Integrations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Models": { - "resource_type": "Models", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RouteResponses": { - "resource_type": "RouteResponses", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Routes": { - "resource_type": "Routes", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stages": { - "resource_type": "Stages", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_POST.html" - }, - "PUT": { - "privilege": "PUT", - "description": "Grants permission to update a particular resource", - "access_level": "Write", - "resource_types": { - "Api": { - "resource_type": "Api", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Apis": { - "resource_type": "Apis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_PUT.html" - }, - "RemoveCertificateFromDomain": { - "privilege": "RemoveCertificateFromDomain", - "description": "Grants permission to remove certificates for mutual TLS authentication from a domain name. This is an additional authorization control for managing the DomainName resource due to the sensitive nature of mTLS", - "access_level": "Permissions management", - "resource_types": { - "DomainName": { - "resource_type": "DomainName", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DomainNames": { - "resource_type": "DomainNames", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" - }, - "SetWebACL": { - "privilege": "SetWebACL", - "description": "Grants permission to set a WAF access control list (ACL). This is an additional authorization control for managing the Stage resource due to the sensitive nature of WebAcl's", - "access_level": "Permissions management", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stages": { - "resource_type": "Stages", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" - }, - "UpdateRestApiPolicy": { - "privilege": "UpdateRestApiPolicy", - "description": "Grants permission to manage the IAM resource policy for an API. This is an additional authorization control for managing an API due to the sensitive nature of the resource policy", - "access_level": "Permissions management", - "resource_types": { - "RestApi": { - "resource_type": "RestApi", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RestApis": { - "resource_type": "RestApis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" - } - }, - "resources": { - "Account": { - "resource": "Account", - "arn": "arn:${Partition}:apigateway:${Region}::/account", - "condition_keys": [] - }, - "ApiKey": { - "resource": "ApiKey", - "arn": "arn:${Partition}:apigateway:${Region}::/apikeys/${ApiKeyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ApiKeys": { - "resource": "ApiKeys", - "arn": "arn:${Partition}:apigateway:${Region}::/apikeys", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Authorizer": { - "resource": "Authorizer", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/authorizers/${AuthorizerId}", - "condition_keys": [ - "apigateway:Request/AuthorizerType", - "apigateway:Request/AuthorizerUri", - "apigateway:Resource/AuthorizerType", - "apigateway:Resource/AuthorizerUri", - "aws:ResourceTag/${TagKey}" - ] - }, - "Authorizers": { - "resource": "Authorizers", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/authorizers", - "condition_keys": [ - "apigateway:Request/AuthorizerType", - "apigateway:Request/AuthorizerUri", - "aws:ResourceTag/${TagKey}" - ] - }, - "BasePathMapping": { - "resource": "BasePathMapping", - "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/basepathmappings/${BasePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "BasePathMappings": { - "resource": "BasePathMappings", - "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/basepathmappings", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ClientCertificate": { - "resource": "ClientCertificate", - "arn": "arn:${Partition}:apigateway:${Region}::/clientcertificates/${ClientCertificateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ClientCertificates": { - "resource": "ClientCertificates", - "arn": "arn:${Partition}:apigateway:${Region}::/clientcertificates", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Deployment": { - "resource": "Deployment", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/deployments/${DeploymentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Deployments": { - "resource": "Deployments", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/deployments", - "condition_keys": [ - "apigateway:Request/StageName", - "aws:ResourceTag/${TagKey}" - ] - }, - "DocumentationPart": { - "resource": "DocumentationPart", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/parts/${DocumentationPartId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "DocumentationParts": { - "resource": "DocumentationParts", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/parts", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "DocumentationVersion": { - "resource": "DocumentationVersion", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/versions/${DocumentationVersionId}", - "condition_keys": [] - }, - "DocumentationVersions": { - "resource": "DocumentationVersions", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/versions", - "condition_keys": [] - }, - "DomainName": { - "resource": "DomainName", - "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}", - "condition_keys": [ - "apigateway:Request/EndpointType", - "apigateway:Request/MtlsTrustStoreUri", - "apigateway:Request/MtlsTrustStoreVersion", - "apigateway:Request/SecurityPolicy", - "apigateway:Resource/EndpointType", - "apigateway:Resource/MtlsTrustStoreUri", - "apigateway:Resource/MtlsTrustStoreVersion", - "apigateway:Resource/SecurityPolicy", - "aws:ResourceTag/${TagKey}" - ] - }, - "DomainNames": { - "resource": "DomainNames", - "arn": "arn:${Partition}:apigateway:${Region}::/domainnames", - "condition_keys": [ - "apigateway:Request/EndpointType", - "apigateway:Request/MtlsTrustStoreUri", - "apigateway:Request/MtlsTrustStoreVersion", - "apigateway:Request/SecurityPolicy", - "aws:ResourceTag/${TagKey}" - ] - }, - "GatewayResponse": { - "resource": "GatewayResponse", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/gatewayresponses/${ResponseType}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "GatewayResponses": { - "resource": "GatewayResponses", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/gatewayresponses", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Integration": { - "resource": "Integration", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations/${IntegrationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "IntegrationResponse": { - "resource": "IntegrationResponse", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations/${IntegrationId}/integrationresponses/${IntegrationResponseId}", - "condition_keys": [] - }, - "Method": { - "resource": "Method", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources/${ResourceId}/methods/${HttpMethodType}", - "condition_keys": [ - "apigateway:Request/ApiKeyRequired", - "apigateway:Request/RouteAuthorizationType", - "apigateway:Resource/ApiKeyRequired", - "apigateway:Resource/RouteAuthorizationType", - "aws:ResourceTag/${TagKey}" - ] - }, - "MethodResponse": { - "resource": "MethodResponse", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources/${ResourceId}/methods/${HttpMethodType}/responses/${StatusCode}", - "condition_keys": [] - }, - "Model": { - "resource": "Model", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/models/${ModelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Models": { - "resource": "Models", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/models", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "RequestValidator": { - "resource": "RequestValidator", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/requestvalidators/${RequestValidatorId}", - "condition_keys": [] - }, - "RequestValidators": { - "resource": "RequestValidators", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/requestvalidators", - "condition_keys": [] - }, - "Resource": { - "resource": "Resource", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Resources": { - "resource": "Resources", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "RestApi": { - "resource": "RestApi", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}", - "condition_keys": [ - "apigateway:Request/ApiKeyRequired", - "apigateway:Request/ApiName", - "apigateway:Request/AuthorizerType", - "apigateway:Request/AuthorizerUri", - "apigateway:Request/DisableExecuteApiEndpoint", - "apigateway:Request/EndpointType", - "apigateway:Request/RouteAuthorizationType", - "apigateway:Resource/ApiKeyRequired", - "apigateway:Resource/ApiName", - "apigateway:Resource/AuthorizerType", - "apigateway:Resource/AuthorizerUri", - "apigateway:Resource/DisableExecuteApiEndpoint", - "apigateway:Resource/EndpointType", - "apigateway:Resource/RouteAuthorizationType", - "aws:ResourceTag/${TagKey}" - ] - }, - "RestApis": { - "resource": "RestApis", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis", - "condition_keys": [ - "apigateway:Request/ApiKeyRequired", - "apigateway:Request/ApiName", - "apigateway:Request/AuthorizerType", - "apigateway:Request/AuthorizerUri", - "apigateway:Request/DisableExecuteApiEndpoint", - "apigateway:Request/EndpointType", - "apigateway:Request/RouteAuthorizationType", - "aws:ResourceTag/${TagKey}" - ] - }, - "Sdk": { - "resource": "Sdk", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/stages/${StageName}/sdks/${SdkType}", - "condition_keys": [] - }, - "Stage": { - "resource": "Stage", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}", - "condition_keys": [ - "apigateway:Request/AccessLoggingDestination", - "apigateway:Request/AccessLoggingFormat", - "apigateway:Resource/AccessLoggingDestination", - "apigateway:Resource/AccessLoggingFormat", - "aws:ResourceTag/${TagKey}" - ] - }, - "Stages": { - "resource": "Stages", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages", - "condition_keys": [ - "apigateway:Request/AccessLoggingDestination", - "apigateway:Request/AccessLoggingFormat", - "aws:ResourceTag/${TagKey}" - ] - }, - "Template": { - "resource": "Template", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/models/${ModelName}/template", - "condition_keys": [] - }, - "UsagePlan": { - "resource": "UsagePlan", - "arn": "arn:${Partition}:apigateway:${Region}::/usageplans/${UsagePlanId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "UsagePlans": { - "resource": "UsagePlans", - "arn": "arn:${Partition}:apigateway:${Region}::/usageplans", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "UsagePlanKey": { - "resource": "UsagePlanKey", - "arn": "arn:${Partition}:apigateway:${Region}::/usageplans/${UsagePlanId}/keys/${Id}", - "condition_keys": [] - }, - "UsagePlanKeys": { - "resource": "UsagePlanKeys", - "arn": "arn:${Partition}:apigateway:${Region}::/usageplans/${UsagePlanId}/keys", - "condition_keys": [] - }, - "VpcLink": { - "resource": "VpcLink", - "arn": "arn:${Partition}:apigateway:${Region}::/vpclinks/${VpcLinkId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "VpcLinks": { - "resource": "VpcLinks", - "arn": "arn:${Partition}:apigateway:${Region}::/vpclinks", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Tags": { - "resource": "Tags", - "arn": "arn:${Partition}:apigateway:${Region}::/tags/${UrlEncodedResourceARN}", - "condition_keys": [] - }, - "AccessLogSettings": { - "resource": "AccessLogSettings", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}/accesslogsettings", - "condition_keys": [] - }, - "Api": { - "resource": "Api", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}", - "condition_keys": [ - "apigateway:Request/ApiKeyRequired", - "apigateway:Request/ApiName", - "apigateway:Request/AuthorizerType", - "apigateway:Request/AuthorizerUri", - "apigateway:Request/DisableExecuteApiEndpoint", - "apigateway:Request/EndpointType", - "apigateway:Request/RouteAuthorizationType", - "apigateway:Resource/ApiKeyRequired", - "apigateway:Resource/ApiName", - "apigateway:Resource/AuthorizerType", - "apigateway:Resource/AuthorizerUri", - "apigateway:Resource/DisableExecuteApiEndpoint", - "apigateway:Resource/EndpointType", - "apigateway:Resource/RouteAuthorizationType", - "aws:ResourceTag/${TagKey}" - ] - }, - "Apis": { - "resource": "Apis", - "arn": "arn:${Partition}:apigateway:${Region}::/apis", - "condition_keys": [ - "apigateway:Request/ApiKeyRequired", - "apigateway:Request/ApiName", - "apigateway:Request/AuthorizerType", - "apigateway:Request/AuthorizerUri", - "apigateway:Request/DisableExecuteApiEndpoint", - "apigateway:Request/EndpointType", - "apigateway:Request/RouteAuthorizationType", - "aws:ResourceTag/${TagKey}" - ] - }, - "ApiMapping": { - "resource": "ApiMapping", - "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/apimappings/${ApiMappingId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ApiMappings": { - "resource": "ApiMappings", - "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/apimappings", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "AuthorizersCache": { - "resource": "AuthorizersCache", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}/cache/authorizers", - "condition_keys": [] - }, - "Cors": { - "resource": "Cors", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/cors", - "condition_keys": [] - }, - "ExportedAPI": { - "resource": "ExportedAPI", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/exports/${Specification}", - "condition_keys": [] - }, - "Integrations": { - "resource": "Integrations", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "IntegrationResponses": { - "resource": "IntegrationResponses", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations/${IntegrationId}/integrationresponses", - "condition_keys": [] - }, - "ModelTemplate": { - "resource": "ModelTemplate", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/models/${ModelId}/template", - "condition_keys": [] - }, - "Route": { - "resource": "Route", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}", - "condition_keys": [ - "apigateway:Request/ApiKeyRequired", - "apigateway:Request/RouteAuthorizationType", - "apigateway:Resource/ApiKeyRequired", - "apigateway:Resource/RouteAuthorizationType", - "aws:ResourceTag/${TagKey}" - ] - }, - "Routes": { - "resource": "Routes", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes", - "condition_keys": [ - "apigateway:Request/ApiKeyRequired", - "apigateway:Request/RouteAuthorizationType", - "aws:ResourceTag/${TagKey}" - ] - }, - "RouteResponse": { - "resource": "RouteResponse", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}/routeresponses/${RouteResponseId}", - "condition_keys": [] - }, - "RouteResponses": { - "resource": "RouteResponses", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}/routeresponses", - "condition_keys": [] - }, - "RouteRequestParameter": { - "resource": "RouteRequestParameter", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}/requestparameters/${RequestParameterKey}", - "condition_keys": [] - }, - "RouteSettings": { - "resource": "RouteSettings", - "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}/routesettings/${RouteKey}", - "condition_keys": [] - } - }, - "conditions": { - "apigateway:Request/AccessLoggingDestination": { - "condition": "apigateway:Request/AccessLoggingDestination", - "description": "Filters access by access log destination. Available during the CreateStage and UpdateStage operations", - "type": "String" - }, - "apigateway:Request/AccessLoggingFormat": { - "condition": "apigateway:Request/AccessLoggingFormat", - "description": "Filters access by access log format. Available during the CreateStage and UpdateStage operations", - "type": "String" - }, - "apigateway:Request/ApiKeyRequired": { - "condition": "apigateway:Request/ApiKeyRequired", - "description": "Filters access by the requirement of API. Available during the CreateRoute and UpdateRoute operations. Also available as a collection during import and reimport", - "type": "ArrayOfBool" - }, - "apigateway:Request/ApiName": { - "condition": "apigateway:Request/ApiName", - "description": "Filters access by API name. Available during the CreateApi and UpdateApi operations", - "type": "String" - }, - "apigateway:Request/AuthorizerType": { - "condition": "apigateway:Request/AuthorizerType", - "description": "Filters access by type of authorizer in the request, for example REQUEST or JWT. Available during CreateAuthorizer and UpdateAuthorizer. Also available during import and reimport as an ArrayOfString", - "type": "ArrayOfString" - }, - "apigateway:Request/AuthorizerUri": { - "condition": "apigateway:Request/AuthorizerUri", - "description": "Filters access by URI of a Lambda authorizer function. Available during CreateAuthorizer and UpdateAuthorizer. Also available during import and reimport as an ArrayOfString", - "type": "ArrayOfString" - }, - "apigateway:Request/DisableExecuteApiEndpoint": { - "condition": "apigateway:Request/DisableExecuteApiEndpoint", - "description": "Filters access by status of the default execute-api endpoint. Available during the CreateApi and UpdateApi operations", - "type": "Bool" - }, - "apigateway:Request/EndpointType": { - "condition": "apigateway:Request/EndpointType", - "description": "Filters access by endpoint type. Available during the CreateDomainName, UpdateDomainName, CreateApi, and UpdateApi operations", - "type": "ArrayOfString" - }, - "apigateway:Request/MtlsTrustStoreUri": { - "condition": "apigateway:Request/MtlsTrustStoreUri", - "description": "Filters access by URI of the truststore used for mutual TLS authentication. Available during the CreateDomainName and UpdateDomainName operations", - "type": "String" - }, - "apigateway:Request/MtlsTrustStoreVersion": { - "condition": "apigateway:Request/MtlsTrustStoreVersion", - "description": "Filters access by version of the truststore used for mutual TLS authentication. Available during the CreateDomainName and UpdateDomainName operations", - "type": "String" - }, - "apigateway:Request/RouteAuthorizationType": { - "condition": "apigateway:Request/RouteAuthorizationType", - "description": "Filters access by authorization type, for example NONE, AWS_IAM, CUSTOM, JWT. Available during the CreateRoute and UpdateRoute operations. Also available as a collection during import", - "type": "ArrayOfString" - }, - "apigateway:Request/SecurityPolicy": { - "condition": "apigateway:Request/SecurityPolicy", - "description": "Filters access by TLS version. Available during the CreateDomain and UpdateDomain operations", - "type": "ArrayOfString" - }, - "apigateway:Request/StageName": { - "condition": "apigateway:Request/StageName", - "description": "Filters access by stage name of the deployment that you attempt to create. Available during the CreateDeployment operation", - "type": "String" - }, - "apigateway:Resource/AccessLoggingDestination": { - "condition": "apigateway:Resource/AccessLoggingDestination", - "description": "Filters access by access log destination of the current Stage resource. Available during the UpdateStage and DeleteStage operations", - "type": "String" - }, - "apigateway:Resource/AccessLoggingFormat": { - "condition": "apigateway:Resource/AccessLoggingFormat", - "description": "Filters access by access log format of the current Stage resource. Available during the UpdateStage and DeleteStage operations", - "type": "String" - }, - "apigateway:Resource/ApiKeyRequired": { - "condition": "apigateway:Resource/ApiKeyRequired", - "description": "Filters access by the requirement of API key for the existing Route resource. Available during the UpdateRoute and DeleteRoute operations. Also available as a collection during reimport", - "type": "ArrayOfBool" - }, - "apigateway:Resource/ApiName": { - "condition": "apigateway:Resource/ApiName", - "description": "Filters access by API name. Available during the UpdateApi and DeleteApi operations", - "type": "String" - }, - "apigateway:Resource/AuthorizerType": { - "condition": "apigateway:Resource/AuthorizerType", - "description": "Filters access by the current type of authorizer, for example REQUEST or JWT. Available during UpdateAuthorizer and DeleteAuthorizer operations. Also available during import and reimport as an ArrayOfString", - "type": "ArrayOfString" - }, - "apigateway:Resource/AuthorizerUri": { - "condition": "apigateway:Resource/AuthorizerUri", - "description": "Filters access by the URI of the current Lambda authorizer associated with the current API. Available during UpdateAuthorizer and DeleteAuthorizer. Also available as a collection during reimport", - "type": "ArrayOfString" - }, - "apigateway:Resource/DisableExecuteApiEndpoint": { - "condition": "apigateway:Resource/DisableExecuteApiEndpoint", - "description": "Filters access by status of the default execute-api endpoint. Available during the UpdateApi and DeleteApi operations", - "type": "Bool" - }, - "apigateway:Resource/EndpointType": { - "condition": "apigateway:Resource/EndpointType", - "description": "Filters access by endpoint type. Available during the UpdateDomainName, DeleteDomainName, UpdateApi, and DeleteApi operations", - "type": "ArrayOfString" - }, - "apigateway:Resource/MtlsTrustStoreUri": { - "condition": "apigateway:Resource/MtlsTrustStoreUri", - "description": "Filters access by URI of the truststore used for mutual TLS authentication. Available during the UpdateDomainName and DeleteDomainName operations", - "type": "String" - }, - "apigateway:Resource/MtlsTrustStoreVersion": { - "condition": "apigateway:Resource/MtlsTrustStoreVersion", - "description": "Filters access by version of the truststore used for mutual TLS authentication. Available during the UpdateDomainName and DeleteDomainName operations", - "type": "String" - }, - "apigateway:Resource/RouteAuthorizationType": { - "condition": "apigateway:Resource/RouteAuthorizationType", - "description": "Filters access by authorization type of the existing Route resource, for example NONE, AWS_IAM, CUSTOM. Available during the UpdateRoute and DeleteRoute operations. Also available as a collection during reimport", - "type": "ArrayOfString" - }, - "apigateway:Resource/SecurityPolicy": { - "condition": "apigateway:Resource/SecurityPolicy", - "description": "Filters access by TLS version. Available during the UpdateDomainName and DeleteDomainName operations", - "type": "ArrayOfString" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "appflow": { - "service_name": "Amazon AppFlow", - "prefix": "appflow", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonappflow.html", - "privileges": { - "CancelFlowExecutions": { - "privilege": "CancelFlowExecutions", - "description": "Grants permission to cancel in-progress executions of an Amazon AppFlow flow", - "access_level": "Write", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CancelFlowExecutions.html" - }, - "CreateConnectorProfile": { - "privilege": "CreateConnectorProfile", - "description": "Grants permission to create a login profile to be used with Amazon AppFlow flows", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateConnectorProfile.html" - }, - "CreateFlow": { - "privilege": "CreateFlow", - "description": "Grants permission to create an Amazon AppFlow flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateFlow.html" - }, - "DeleteConnectorProfile": { - "privilege": "DeleteConnectorProfile", - "description": "Grants permission to delete a login profile configured in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectorProfiles.html" - }, - "DeleteFlow": { - "privilege": "DeleteFlow", - "description": "Grants permission to delete an Amazon AppFlow flow", - "access_level": "Write", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DeleteFlow.html" - }, - "DescribeConnector": { - "privilege": "DescribeConnector", - "description": "Grants permission to describe a connector registered in Amazon AppFlow", - "access_level": "Read", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnector.html" - }, - "DescribeConnectorEntity": { - "privilege": "DescribeConnectorEntity", - "description": "Grants permission to describe all fields for an object in a login profile configured in Amazon AppFlow", - "access_level": "Read", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectorEntity.html" - }, - "DescribeConnectorFields": { - "privilege": "DescribeConnectorFields", - "description": "Grants permission to describe all fields for an object in a login profile configured in Amazon AppFlow (Console Only)", - "access_level": "Read", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" - }, - "DescribeConnectorProfiles": { - "privilege": "DescribeConnectorProfiles", - "description": "Grants permission to describe all login profiles configured in Amazon AppFlow", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectorProfiles.html" - }, - "DescribeConnectors": { - "privilege": "DescribeConnectors", - "description": "Grants permission to describe all connectors supported by Amazon AppFlow", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectors.html " - }, - "DescribeFlow": { - "privilege": "DescribeFlow", - "description": "Grants permission to describe a specific flow configured in Amazon AppFlow", - "access_level": "Read", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeFlow.html" - }, - "DescribeFlowExecution": { - "privilege": "DescribeFlowExecution", - "description": "Grants permission to describe all flow executions for a flow configured in Amazon AppFlow (Console Only)", - "access_level": "Read", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" - }, - "DescribeFlowExecutionRecords": { - "privilege": "DescribeFlowExecutionRecords", - "description": "Grants permission to describe all flow executions for a flow configured in Amazon AppFlow", - "access_level": "Read", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeFlowExecutionRecords.html" - }, - "DescribeFlows": { - "privilege": "DescribeFlows", - "description": "Grants permission to describe all flows configured in Amazon AppFlow (Console Only)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" - }, - "ListConnectorEntities": { - "privilege": "ListConnectorEntities", - "description": "Grants permission to list all objects for a login profile configured in Amazon AppFlow", - "access_level": "List", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListConnectorEntities.html" - }, - "ListConnectorFields": { - "privilege": "ListConnectorFields", - "description": "Grants permission to list all objects for a login profile configured in Amazon AppFlow (Console Only)", - "access_level": "Read", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" - }, - "ListConnectors": { - "privilege": "ListConnectors", - "description": "Grants permission to list all connectors supported in Amazon AppFlow", - "access_level": "List", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListConnectors.html" - }, - "ListFlows": { - "privilege": "ListFlows", - "description": "Grants permission to list all flows configured in Amazon AppFlow", - "access_level": "List", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListFlows.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a flow", - "access_level": "Read", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListTagsForResource.html" - }, - "RegisterConnector": { - "privilege": "RegisterConnector", - "description": "Grants permission to register an Amazon AppFlow connector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_RegisterConnector.html" - }, - "ResetConnectorMetadataCache": { - "privilege": "ResetConnectorMetadataCache", - "description": "Grants permission to resets metadata of connector entities that Amazon AppFlow stored in its cache", - "access_level": "Write", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ResetConnectorMetadataCache.html" - }, - "RunFlow": { - "privilege": "RunFlow", - "description": "Grants permission to run a flow configured in Amazon AppFlow (Console Only)", - "access_level": "Write", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" - }, - "StartFlow": { - "privilege": "StartFlow", - "description": "Grants permission to activate (for scheduled and event-triggered flows) or run (for on-demand flows) a flow configured in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_StartFlow.html" - }, - "StopFlow": { - "privilege": "StopFlow", - "description": "Grants permission to deactivate a scheduled or event-triggered flow configured in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_StopFlow.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a flow or a connector", - "access_level": "Tagging", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flow": { - "resource_type": "flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_TagResource.html" - }, - "UnRegisterConnector": { - "privilege": "UnRegisterConnector", - "description": "Grants permission to un-register a connector in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UnregisterConnector.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a flow or a connector", - "access_level": "Tagging", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flow": { - "resource_type": "flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UntagResource.html" - }, - "UpdateConnectorProfile": { - "privilege": "UpdateConnectorProfile", - "description": "Grants permission to update a login profile configured in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UpdateConnectorProfile.html" - }, - "UpdateConnectorRegistration": { - "privilege": "UpdateConnectorRegistration", - "description": "Grants permission to update a registered connector configured in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UpdateConnectorRegistration.html" - }, - "UpdateFlow": { - "privilege": "UpdateFlow", - "description": "Grants permission to update a flow configured in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "flow": { - "resource_type": "flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UpdateFlow.html" - }, - "UseConnectorProfile": { - "privilege": "UseConnectorProfile", - "description": "Grants permission to use a connector profile while creating a flow in Amazon AppFlow", - "access_level": "Write", - "resource_types": { - "connectorprofile": { - "resource_type": "connectorprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_CreateFlow.html" - } - }, - "resources": { - "connectorprofile": { - "resource": "connectorprofile", - "arn": "arn:${Partition}:appflow:${Region}:${Account}:connectorprofile/${ProfileName}", - "condition_keys": [] - }, - "flow": { - "resource": "flow", - "arn": "arn:${Partition}:appflow:${Region}:${Account}:flow/${FlowName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "connector": { - "resource": "connector", - "arn": "arn:${Partition}:appflow:${Region}:${Account}:connector/${ConnectorLabel}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "app-integrations": { - "service_name": "Amazon AppIntegrations", - "prefix": "app-integrations", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonappintegrations.html", - "privileges": { - "CreateDataIntegration": { - "privilege": "CreateDataIntegration", - "description": "Grants permission to create a new DataIntegration", - "access_level": "Write", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "appflow:DeleteFlow", - "appflow:DescribeConnectorProfiles", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "kms:CreateGrant" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateDataIntegration.html" - }, - "CreateDataIntegrationAssociation": { - "privilege": "CreateDataIntegrationAssociation", - "description": "Grants permission to create a DataIntegrationAssociation", - "access_level": "Write", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "appflow:CreateFlow", - "appflow:DeleteFlow", - "appflow:DescribeConnectorEntity", - "appflow:DescribeConnectorProfiles", - "appflow:TagResource", - "appflow:UseConnectorProfile" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateDataIntegrationAssociation.html" - }, - "CreateEventIntegration": { - "privilege": "CreateEventIntegration", - "description": "Grants permission to create a new EventIntegration", - "access_level": "Write", - "resource_types": { - "event-integration": { - "resource_type": "event-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateEventIntegration.html" - }, - "CreateEventIntegrationAssociation": { - "privilege": "CreateEventIntegrationAssociation", - "description": "Grants permission to create an EventIntegrationAssociation", - "access_level": "Write", - "resource_types": { - "event-integration": { - "resource_type": "event-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:PutRule", - "events:PutTargets" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateEventIntegrationAssociation.html" - }, - "DeleteDataIntegration": { - "privilege": "DeleteDataIntegration", - "description": "Grants permission to delete a DataIntegration", - "access_level": "Write", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteDataIntegration.html" - }, - "DeleteDataIntegrationAssociation": { - "privilege": "DeleteDataIntegrationAssociation", - "description": "Grants permission to delete a DataIntegrationAssociation", - "access_level": "Write", - "resource_types": { - "data-integration-association": { - "resource_type": "data-integration-association", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "appflow:CreateFlow", - "appflow:DeleteFlow", - "appflow:DescribeConnectorEntity", - "appflow:DescribeConnectorProfiles", - "appflow:StopFlow", - "appflow:TagResource", - "appflow:UseConnectorProfile" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteDataIntegrationAssociation.html" - }, - "DeleteEventIntegration": { - "privilege": "DeleteEventIntegration", - "description": "Grants permission to delete an EventIntegration", - "access_level": "Write", - "resource_types": { - "event-integration": { - "resource_type": "event-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteEventIntegration.html" - }, - "DeleteEventIntegrationAssociation": { - "privilege": "DeleteEventIntegrationAssociation", - "description": "Grants permission to delete an EventIntegrationAssociation", - "access_level": "Write", - "resource_types": { - "event-integration-association": { - "resource_type": "event-integration-association", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:DeleteRule", - "events:ListTargetsByRule", - "events:RemoveTargets" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteEventIntegrationAssociation.html" - }, - "GetDataIntegration": { - "privilege": "GetDataIntegration", - "description": "Grants permission to view details about DataIntegrations", - "access_level": "Read", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_GetDataIntegration.html" - }, - "GetEventIntegration": { - "privilege": "GetEventIntegration", - "description": "Grants permission to view details about EventIntegrations", - "access_level": "Read", - "resource_types": { - "event-integration": { - "resource_type": "event-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_GetEventIntegration.html" - }, - "ListDataIntegrationAssociations": { - "privilege": "ListDataIntegrationAssociations", - "description": "Grants permission to list DataIntegrationAssociations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListDataIntegrationAssociations.html" - }, - "ListDataIntegrations": { - "privilege": "ListDataIntegrations", - "description": "Grants permission to list DataIntegrations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListDataIntegrations.html" - }, - "ListEventIntegrationAssociations": { - "privilege": "ListEventIntegrationAssociations", - "description": "Grants permission to list EventIntegrationAssociations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListEventIntegrationAssociations" - }, - "ListEventIntegrations": { - "privilege": "ListEventIntegrations", - "description": "Grants permission to list EventIntegrations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListEventIntegrations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tag for an Amazon AppIntegration resource", - "access_level": "Read", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "data-integration-association": { - "resource_type": "data-integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-integration": { - "resource_type": "event-integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-integration-association": { - "resource_type": "event-integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon AppIntegration resource", - "access_level": "Tagging", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "data-integration-association": { - "resource_type": "data-integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-integration": { - "resource_type": "event-integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-integration-association": { - "resource_type": "event-integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Amazon AppIntegration resource", - "access_level": "Tagging", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "data-integration-association": { - "resource_type": "data-integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-integration": { - "resource_type": "event-integration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-integration-association": { - "resource_type": "event-integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_UntagResource.html" - }, - "UpdateDataIntegration": { - "privilege": "UpdateDataIntegration", - "description": "Grants permission to modify a DataIntegration", - "access_level": "Write", - "resource_types": { - "data-integration": { - "resource_type": "data-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_UpdateDataIntegration.html" - }, - "UpdateEventIntegration": { - "privilege": "UpdateEventIntegration", - "description": "Grants permission to modify an EventIntegration", - "access_level": "Write", - "resource_types": { - "event-integration": { - "resource_type": "event-integration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_UpdateEventIntegration.html" - } - }, - "resources": { - "event-integration": { - "resource": "event-integration", - "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:event-integration/${EventIntegrationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "event-integration-association": { - "resource": "event-integration-association", - "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:event-integration-association/${EventIntegrationName}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "data-integration": { - "resource": "data-integration", - "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:data-integration/${DataIntegrationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "data-integration-association": { - "resource": "data-integration-association", - "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:data-integration-association/${DataIntegrationId}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "appstream": { - "service_name": "Amazon AppStream 2.0", - "prefix": "appstream", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonappstream2.0.html", - "privileges": { - "AssociateAppBlockBuilderAppBlock": { - "privilege": "AssociateAppBlockBuilderAppBlock", - "description": "Grants permission to associate the specified app block builder with the app block", - "access_level": "Write", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateAppBlockBuilderAppBlock.html" - }, - "AssociateApplicationFleet": { - "privilege": "AssociateApplicationFleet", - "description": "Grants permission to associate the specified application with the fleet", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateApplicationFleet.html" - }, - "AssociateApplicationToEntitlement": { - "privilege": "AssociateApplicationToEntitlement", - "description": "Grants permission to associate the specified application to the specified entitlement", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateApplicationToEntitlement.html" - }, - "AssociateFleet": { - "privilege": "AssociateFleet", - "description": "Grants permission to associate the specified fleet with the specified stack", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateFleet.html" - }, - "BatchAssociateUserStack": { - "privilege": "BatchAssociateUserStack", - "description": "Grants permission to associate the specified users with the specified stacks. Users in a user pool cannot be assigned to stacks with fleets that are joined to an Active Directory domain", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_BatchAssociateUserStack.html" - }, - "BatchDisassociateUserStack": { - "privilege": "BatchDisassociateUserStack", - "description": "Grants permission to disassociate the specified users from the specified stacks", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_BatchDisassociateUserStack.html" - }, - "CopyImage": { - "privilege": "CopyImage", - "description": "Grants permission to copy the specified image within the same Region or to a new Region within the same AWS account", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CopyImage.html" - }, - "CreateAppBlock": { - "privilege": "CreateAppBlock", - "description": "Grants permission to create an app block. App blocks store details about the virtual hard disk that contains the files for the application in an S3 bucket. It also stores the setup script with details about how to mount the virtual hard disk. App blocks are only supported for Elastic fleets", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateAppBlock.html" - }, - "CreateAppBlockBuilder": { - "privilege": "CreateAppBlockBuilder", - "description": "Grants permission to create an app block builder. An app block builder is a virtual machine that is used to create an app block", - "access_level": "Write", - "resource_types": { - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateAppBlockBuilder.html" - }, - "CreateAppBlockBuilderStreamingURL": { - "privilege": "CreateAppBlockBuilderStreamingURL", - "description": "Grants permission to create a URL to start an app block builder streaming session", - "access_level": "Write", - "resource_types": { - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateAppBlockBuilderStreamingURL.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application within customer account. Applications store the details about how to launch applications on streaming instances. This is only supported for Elastic fleets", - "access_level": "Write", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateApplication.html" - }, - "CreateDirectoryConfig": { - "privilege": "CreateDirectoryConfig", - "description": "Grants permission to create a Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateDirectoryConfig.html" - }, - "CreateEntitlement": { - "privilege": "CreateEntitlement", - "description": "Grants permission to create an entitlement to control access to applications based on user attributes", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateEntitlement.html" - }, - "CreateFleet": { - "privilege": "CreateFleet", - "description": "Grants permission to create a fleet. A fleet is a group of streaming instances from which applications are launched and streamed to users", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateFleet.html" - }, - "CreateImageBuilder": { - "privilege": "CreateImageBuilder", - "description": "Grants permission to create an image builder. An image builder is a virtual machine that is used to create an image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "image-builder": { - "resource_type": "image-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateImageBuilder.html" - }, - "CreateImageBuilderStreamingURL": { - "privilege": "CreateImageBuilderStreamingURL", - "description": "Grants permission to create a URL to start an image builder streaming session", - "access_level": "Write", - "resource_types": { - "image-builder": { - "resource_type": "image-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateImageBuilderStreamingURL.html" - }, - "CreateStack": { - "privilege": "CreateStack", - "description": "Grants permission to create a stack to start streaming applications to users. A stack consists of an associated fleet, user access policies, and storage configurations", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateStack.html" - }, - "CreateStreamingURL": { - "privilege": "CreateStreamingURL", - "description": "Grants permission to create a temporary URL to start an AppStream 2.0 streaming session for the specified user. A streaming URL enables application streaming to be tested without user setup", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateStreamingURL.html" - }, - "CreateUpdatedImage": { - "privilege": "CreateUpdatedImage", - "description": "Grants permission to update an existing image within customer account", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateUpdatedImage.html" - }, - "CreateUsageReportSubscription": { - "privilege": "CreateUsageReportSubscription", - "description": "Grants permission to create a usage report subscription. Usage reports are generated daily", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateUsageReportSubscription.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a new user in the user pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateUser.html" - }, - "DeleteAppBlock": { - "privilege": "DeleteAppBlock", - "description": "Grants permission to delete the specified app block", - "access_level": "Write", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteAppBlock.html" - }, - "DeleteAppBlockBuilder": { - "privilege": "DeleteAppBlockBuilder", - "description": "Grants permission to delete the specified app block builder and release capacity", - "access_level": "Write", - "resource_types": { - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteAppBlockBuilder.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete the specified application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteApplication.html" - }, - "DeleteDirectoryConfig": { - "privilege": "DeleteDirectoryConfig", - "description": "Grants permission to delete the specified Directory Config object from AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteDirectoryConfig.html" - }, - "DeleteEntitlement": { - "privilege": "DeleteEntitlement", - "description": "Grants permission to delete the specified entitlement", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteEntitlement.html" - }, - "DeleteFleet": { - "privilege": "DeleteFleet", - "description": "Grants permission to delete the specified fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteFleet.html" - }, - "DeleteImage": { - "privilege": "DeleteImage", - "description": "Grants permission to delete the specified image. An image cannot be deleted when it is in use", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteImage.html" - }, - "DeleteImageBuilder": { - "privilege": "DeleteImageBuilder", - "description": "Grants permission to delete the specified image builder and release capacity", - "access_level": "Write", - "resource_types": { - "image-builder": { - "resource_type": "image-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteImageBuilder.html" - }, - "DeleteImagePermissions": { - "privilege": "DeleteImagePermissions", - "description": "Grants permission to delete permissions for the specified private image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteImagePermissions.html" - }, - "DeleteStack": { - "privilege": "DeleteStack", - "description": "Grants permission to delete the specified stack. After the stack is deleted, the application streaming environment provided by the stack is no longer available to users. Also, any reservations made for application streaming sessions for the stack are released", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteStack.html" - }, - "DeleteUsageReportSubscription": { - "privilege": "DeleteUsageReportSubscription", - "description": "Grants permission to disable usage report generation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteUsageReportSubscription.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user from the user pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteUser.html" - }, - "DescribeAppBlockBuilderAppBlockAssociations": { - "privilege": "DescribeAppBlockBuilderAppBlockAssociations", - "description": "Grants permission to retrieve the associations that are associated with the specified app block builder or app block", - "access_level": "Read", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-block-builder": { - "resource_type": "app-block-builder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeAppBlockBuilderAppBlockAssociations.html" - }, - "DescribeAppBlockBuilders": { - "privilege": "DescribeAppBlockBuilders", - "description": "Grants permission to retrieve a list that describes one or more specified app block builders, if the app block builder names are provided. Otherwise, all app block builders in the account are described", - "access_level": "Read", - "resource_types": { - "app-block-builder": { - "resource_type": "app-block-builder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeAppBlockBuilders.html" - }, - "DescribeAppBlocks": { - "privilege": "DescribeAppBlocks", - "description": "Grants permission to retrieve a list that describes one or more specified app blocks, if the app block arns are provided. Otherwise, all app blocks in the account are described", - "access_level": "Read", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeAppBlocks.html" - }, - "DescribeApplicationFleetAssociations": { - "privilege": "DescribeApplicationFleetAssociations", - "description": "Grants permission to retrieve the associations that are associated with the specified application or fleet", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeApplicationFleetAssociations.html" - }, - "DescribeApplications": { - "privilege": "DescribeApplications", - "description": "Grants permission to retrieve a list that describes one or more specified applications, if the application arns are provided. Otherwise, all applications in the account are described", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeApplications.html" - }, - "DescribeDirectoryConfigs": { - "privilege": "DescribeDirectoryConfigs", - "description": "Grants permission to retrieve a list that describes one or more specified Directory Config objects for AppStream 2.0, if the names for these objects are provided. Otherwise, all Directory Config objects in the account are described. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeDirectoryConfigs.html" - }, - "DescribeEntitlements": { - "privilege": "DescribeEntitlements", - "description": "Grants permission to retrieve one or all entitlements for the specified stack", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeEntitlements.html" - }, - "DescribeFleets": { - "privilege": "DescribeFleets", - "description": "Grants permission to retrieve a list that describes one or more specified fleets, if the fleet names are provided. Otherwise, all fleets in the account are described", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeFleets.html" - }, - "DescribeImageBuilders": { - "privilege": "DescribeImageBuilders", - "description": "Grants permission to retrieve a list that describes one or more specified image builders, if the image builder names are provided. Otherwise, all image builders in the account are described", - "access_level": "Read", - "resource_types": { - "image-builder": { - "resource_type": "image-builder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeImageBuilders.html" - }, - "DescribeImagePermissions": { - "privilege": "DescribeImagePermissions", - "description": "Grants permission to retrieve a list that describes the permissions for shared AWS account IDs on a private image that you own", - "access_level": "Read", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeImagePermissions.html" - }, - "DescribeImages": { - "privilege": "DescribeImages", - "description": "Grants permission to retrieve a list that describes one or more specified images, if the image names or image ARNs are provided. Otherwise, all images in the account are described", - "access_level": "Read", - "resource_types": { - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeImages.html" - }, - "DescribeSessions": { - "privilege": "DescribeSessions", - "description": "Grants permission to retrieve a list that describes the streaming sessions for the specified stack and fleet. If a user ID is provided for the stack and fleet, only the streaming sessions for that user are described", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeSessions.html" - }, - "DescribeStacks": { - "privilege": "DescribeStacks", - "description": "Grants permission to retrieve a list that describes one or more specified stacks, if the stack names are provided. Otherwise, all stacks in the account are described", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeStacks.html" - }, - "DescribeUsageReportSubscriptions": { - "privilege": "DescribeUsageReportSubscriptions", - "description": "Grants permission to retrieve a list that describes one or more usage report subscriptions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeUsageReportSubscriptions.html" - }, - "DescribeUserStackAssociations": { - "privilege": "DescribeUserStackAssociations", - "description": "Grants permission to retrieve a list that describes the UserStackAssociation objects", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeUserStackAssociations.html" - }, - "DescribeUsers": { - "privilege": "DescribeUsers", - "description": "Grants permission to retrieve a list that describes users in the user pool", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeUsers.html" - }, - "DisableUser": { - "privilege": "DisableUser", - "description": "Grants permission to disable the specified user in the user pool. This action does not delete the user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisableUser.html" - }, - "DisassociateAppBlockBuilderAppBlock": { - "privilege": "DisassociateAppBlockBuilderAppBlock", - "description": "Grants permission to disassociate the specified app block builder with the app block", - "access_level": "Write", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateAppBlockBuilderAppBlock.html" - }, - "DisassociateApplicationFleet": { - "privilege": "DisassociateApplicationFleet", - "description": "Grants permission to disassociate the specified application from the specified fleet", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateApplicationFleet.html" - }, - "DisassociateApplicationFromEntitlement": { - "privilege": "DisassociateApplicationFromEntitlement", - "description": "Grants permission to disassociate the specified application from the specified entitlement", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateApplicationFromEntitlement.html" - }, - "DisassociateFleet": { - "privilege": "DisassociateFleet", - "description": "Grants permission to disassociate the specified fleet from the specified stack", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateFleet.html" - }, - "EnableUser": { - "privilege": "EnableUser", - "description": "Grants permission to enable a user in the user pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_EnableUser.html" - }, - "ExpireSession": { - "privilege": "ExpireSession", - "description": "Grants permission to immediately stop the specified streaming session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ExpireSession.html" - }, - "ListAssociatedFleets": { - "privilege": "ListAssociatedFleets", - "description": "Grants permission to retrieve the name of the fleet that is associated with the specified stack", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListAssociatedFleets.html" - }, - "ListAssociatedStacks": { - "privilege": "ListAssociatedStacks", - "description": "Grants permission to retrieve the name of the stack with which the specified fleet is associated", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListAssociatedStacks.html" - }, - "ListEntitledApplications": { - "privilege": "ListEntitledApplications", - "description": "Grants permission to retrieve the applications that are associated with the specified entitlement", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListEntitledApplications.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of all tags for the specified AppStream 2.0 resource. The following resources can be tagged: Image builders, images, fleets, and stacks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListTagsForResource.html" - }, - "StartAppBlockBuilder": { - "privilege": "StartAppBlockBuilder", - "description": "Grants permission to start the specified app block builder", - "access_level": "Write", - "resource_types": { - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StartAppBlockBuilder.html" - }, - "StartFleet": { - "privilege": "StartFleet", - "description": "Grants permission to start the specified fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StartFleet.html" - }, - "StartImageBuilder": { - "privilege": "StartImageBuilder", - "description": "Grants permission to start the specified image builder", - "access_level": "Write", - "resource_types": { - "image-builder": { - "resource_type": "image-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StartImageBuilder.html" - }, - "StopAppBlockBuilder": { - "privilege": "StopAppBlockBuilder", - "description": "Grants permission to stop the specified app block builder", - "access_level": "Write", - "resource_types": { - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StopAppBlockBuilder.html" - }, - "StopFleet": { - "privilege": "StopFleet", - "description": "Grants permission to stop the specified fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StopFleet.html" - }, - "StopImageBuilder": { - "privilege": "StopImageBuilder", - "description": "Grants permission to stop the specified image builder", - "access_level": "Write", - "resource_types": { - "image-builder": { - "resource_type": "image-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StopImageBuilder.html" - }, - "Stream": { - "privilege": "Stream", - "description": "Grants permission to federated users to sign in by using their existing credentials and stream applications from the specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "appstream:userId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/developerguide/external-identity-providers-setting-up-saml.html#external-identity-providers-embed-inline-policy-for-IAM-role" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or overwrite one or more tags for the specified AppStream 2.0 resource. The following resources can be tagged: Image builders, images, fleets, stacks, app blocks and applications", - "access_level": "Tagging", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-block-builder": { - "resource_type": "app-block-builder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "image-builder": { - "resource_type": "image-builder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to disassociate one or more tags from the specified AppStream 2.0 resource", - "access_level": "Tagging", - "resource_types": { - "app-block": { - "resource_type": "app-block", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-block-builder": { - "resource_type": "app-block-builder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "image-builder": { - "resource_type": "image-builder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UntagResource.html" - }, - "UpdateAppBlockBuilder": { - "privilege": "UpdateAppBlockBuilder", - "description": "Grants permission to update a specific app block builder. An app block builder is a virtual machine that is used to create an app block", - "access_level": "Write", - "resource_types": { - "app-block-builder": { - "resource_type": "app-block-builder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateAppBlockBuilder.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update the specified fields for the specified application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-block": { - "resource_type": "app-block", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateApplication.html" - }, - "UpdateDirectoryConfig": { - "privilege": "UpdateDirectoryConfig", - "description": "Grants permission to update the specified Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateDirectoryConfig.html" - }, - "UpdateEntitlement": { - "privilege": "UpdateEntitlement", - "description": "Grants permission to update the specified fields for the specified entitlement", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateEntitlement.html" - }, - "UpdateFleet": { - "privilege": "UpdateFleet", - "description": "Grants permission to update the specified fleet. All attributes except the fleet name can be updated when the fleet is in the STOPPED state", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateFleet.html" - }, - "UpdateImagePermissions": { - "privilege": "UpdateImagePermissions", - "description": "Grants permission to add or update permissions for the specified private image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateImagePermissions.html" - }, - "UpdateStack": { - "privilege": "UpdateStack", - "description": "Grants permission to update the specified fields for the specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateStack.html" - } - }, - "resources": { - "fleet": { - "resource": "fleet", - "arn": "arn:${Partition}:appstream:${Region}:${Account}:fleet/${FleetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "image": { - "resource": "image", - "arn": "arn:${Partition}:appstream:${Region}:${Account}:image/${ImageName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "image-builder": { - "resource": "image-builder", - "arn": "arn:${Partition}:appstream:${Region}:${Account}:image-builder/${ImageBuilderName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stack": { - "resource": "stack", - "arn": "arn:${Partition}:appstream:${Region}:${Account}:stack/${StackName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "app-block": { - "resource": "app-block", - "arn": "arn:${Partition}:appstream:${Region}:${Account}:app-block/${AppBlockName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "application": { - "resource": "application", - "arn": "arn:${Partition}:appstream:${Region}:${Account}:application/${ApplicationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "app-block-builder": { - "resource": "app-block-builder", - "arn": "arn:${Partition}:appstream:${Region}:${Account}:app-block-builder/${AppBlockBuilderName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "appstream:userId": { - "condition": "appstream:userId", - "description": "Filters access by the ID of the AppStream 2.0 user", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "athena": { - "service_name": "Amazon Athena", - "prefix": "athena", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonathena.html", - "privileges": { - "BatchGetNamedQuery": { - "privilege": "BatchGetNamedQuery", - "description": "Grants permission to get information about one or more named queries", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_BatchGetNamedQuery.html" - }, - "BatchGetPreparedStatement": { - "privilege": "BatchGetPreparedStatement", - "description": "Grants permission to get information about one or more prepared statements", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_BatchGetPreparedStatement.html" - }, - "BatchGetQueryExecution": { - "privilege": "BatchGetQueryExecution", - "description": "Grants permission to get information about one or more query executions", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_BatchGetQueryExecution.html" - }, - "CancelCapacityReservation": { - "privilege": "CancelCapacityReservation", - "description": "Grants permission to cancel a capacity reservation", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CancelCapacityReservation.html" - }, - "CreateCapacityReservation": { - "privilege": "CreateCapacityReservation", - "description": "Grants permission to create a capacity reservation", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateCapacityReservation.html" - }, - "CreateDataCatalog": { - "privilege": "CreateDataCatalog", - "description": "Grants permission to create a datacatalog", - "access_level": "Write", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateDataCatalog.html" - }, - "CreateNamedQuery": { - "privilege": "CreateNamedQuery", - "description": "Grants permission to create a named query", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateNamedQuery.html" - }, - "CreateNotebook": { - "privilege": "CreateNotebook", - "description": "Grants permission to create a notebook", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateNotebook.html" - }, - "CreatePreparedStatement": { - "privilege": "CreatePreparedStatement", - "description": "Grants permission to create a prepared statement", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreatePreparedStatement.html" - }, - "CreatePresignedNotebookUrl": { - "privilege": "CreatePresignedNotebookUrl", - "description": "Grants permission to create a presigned notebook url", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreatePresignedNotebookUrl.html" - }, - "CreateWorkGroup": { - "privilege": "CreateWorkGroup", - "description": "Grants permission to create a workgroup", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateWorkGroup.html" - }, - "DeleteCapacityReservation": { - "privilege": "DeleteCapacityReservation", - "description": "Grants permission to delete a capacity reservation", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteCapacityReservation.html" - }, - "DeleteDataCatalog": { - "privilege": "DeleteDataCatalog", - "description": "Grants permission to delete a datacatalog", - "access_level": "Write", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteDataCatalog.html" - }, - "DeleteNamedQuery": { - "privilege": "DeleteNamedQuery", - "description": "Grants permission to delete a named query specified", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteNamedQuery.html" - }, - "DeleteNotebook": { - "privilege": "DeleteNotebook", - "description": "Grants permission to delete a notebook", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteNotebook.html" - }, - "DeletePreparedStatement": { - "privilege": "DeletePreparedStatement", - "description": "Grants permission to delete a prepared statement specified", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeletePreparedStatement.html" - }, - "DeleteWorkGroup": { - "privilege": "DeleteWorkGroup", - "description": "Grants permission to delete a workgroup", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteWorkGroup.html" - }, - "ExportNotebook": { - "privilege": "ExportNotebook", - "description": "Grants permission to export a notebook", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ExportNotebook.html" - }, - "GetCalculationExecution": { - "privilege": "GetCalculationExecution", - "description": "Grants permission to get a calculation execution", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCalculationExecution.html" - }, - "GetCalculationExecutionCode": { - "privilege": "GetCalculationExecutionCode", - "description": "Grants permission to get a calculation execution code", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCalculationExecutionCode.html" - }, - "GetCalculationExecutionStatus": { - "privilege": "GetCalculationExecutionStatus", - "description": "Grants permission to get a calculation execution status", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCalculationExecutionStatus.html" - }, - "GetCapacityAssignmentConfiguration": { - "privilege": "GetCapacityAssignmentConfiguration", - "description": "Grants permission to get capacity assignment information for a capacity reservation", - "access_level": "Read", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCapacityAssignmentConfiguration.html" - }, - "GetCapacityReservation": { - "privilege": "GetCapacityReservation", - "description": "Grants permission to get a capacity reservation", - "access_level": "Read", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCapacityReservation.html" - }, - "GetDataCatalog": { - "privilege": "GetDataCatalog", - "description": "Grants permission to get a datacatalog", - "access_level": "Read", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetDataCatalog.html" - }, - "GetDatabase": { - "privilege": "GetDatabase", - "description": "Grants permission to get a database for a given datacatalog", - "access_level": "Read", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetDatabase.html" - }, - "GetNamedQuery": { - "privilege": "GetNamedQuery", - "description": "Grants permission to get information about the specified named query", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetNamedQuery.html" - }, - "GetNotebookMetadata": { - "privilege": "GetNotebookMetadata", - "description": "Grants permission to get notebook metadata", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetNotebookMetadata.html" - }, - "GetPreparedStatement": { - "privilege": "GetPreparedStatement", - "description": "Grants permission to get information about the specified prepared statement", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetPreparedStatement.html" - }, - "GetQueryExecution": { - "privilege": "GetQueryExecution", - "description": "Grants permission to get information about the specified query execution", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetQueryExecution.html" - }, - "GetQueryResults": { - "privilege": "GetQueryResults", - "description": "Grants permission to get the query results", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetQueryResults.html" - }, - "GetQueryResultsStream": { - "privilege": "GetQueryResultsStream", - "description": "Grants permission to get the query results stream", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/ug/connect-with-previous-jdbc.html#jdbc-prev-version-policies" - }, - "GetQueryRuntimeStatistics": { - "privilege": "GetQueryRuntimeStatistics", - "description": "Grants permission to get runtime statistics for the specified query execution", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetQueryRuntimeStatistics.html" - }, - "GetSession": { - "privilege": "GetSession", - "description": "Grants permission to get a session", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetSession.html" - }, - "GetSessionStatus": { - "privilege": "GetSessionStatus", - "description": "Grants permission to get a session status", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetSessionStatus.html" - }, - "GetTableMetadata": { - "privilege": "GetTableMetadata", - "description": "Grants permission to get a metadata about a table for a given datacatalog", - "access_level": "Read", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetTableMetadata.html" - }, - "GetWorkGroup": { - "privilege": "GetWorkGroup", - "description": "Grants permission to get a workgroup", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetWorkGroup.html" - }, - "ImportNotebook": { - "privilege": "ImportNotebook", - "description": "Grants permission to import a notebook", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ImportNotebook.html" - }, - "ListApplicationDPUSizes": { - "privilege": "ListApplicationDPUSizes", - "description": "Grants permission to return a list of ApplicationRuntimeIds", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListApplicationDPUSizes.html" - }, - "ListCalculationExecutions": { - "privilege": "ListCalculationExecutions", - "description": "Grants permission to return a list of calculation executions", - "access_level": "List", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListCalculationExecutions.html" - }, - "ListCapacityReservations": { - "privilege": "ListCapacityReservations", - "description": "Grants permission to return a list of capacity reservations for the specified AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListCapacityReservations.html" - }, - "ListDataCatalogs": { - "privilege": "ListDataCatalogs", - "description": "Grants permission to return a list of datacatalogs for the specified AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListDataCatalogs.html" - }, - "ListDatabases": { - "privilege": "ListDatabases", - "description": "Grants permission to return a list of databases for a given datacatalog", - "access_level": "List", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListDatabases.html" - }, - "ListEngineVersions": { - "privilege": "ListEngineVersions", - "description": "Grants permission to return a list of athena engine versions for the specified AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListEngineVersions.html" - }, - "ListExecutors": { - "privilege": "ListExecutors", - "description": "Grants permission to return a list of executors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListExecutors.html" - }, - "ListNamedQueries": { - "privilege": "ListNamedQueries", - "description": "Grants permission to return a list of named queries in Amazon Athena for the specified AWS account", - "access_level": "List", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListNamedQueries.html" - }, - "ListNotebookMetadata": { - "privilege": "ListNotebookMetadata", - "description": "Grants permission to return a list of notebooks for a given workgroup", - "access_level": "List", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListNotebookMetadata.html" - }, - "ListNotebookSessions": { - "privilege": "ListNotebookSessions", - "description": "Grants permission to return a list of sessions for a given notebook", - "access_level": "List", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListNotebookSessions.html" - }, - "ListPreparedStatements": { - "privilege": "ListPreparedStatements", - "description": "Grants permission to return a list of prepared statements for the specified workgroup", - "access_level": "List", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListPreparedStatements.html" - }, - "ListQueryExecutions": { - "privilege": "ListQueryExecutions", - "description": "Grants permission to return a list of query executions for the specified AWS account", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListQueryExecutions.html" - }, - "ListSessions": { - "privilege": "ListSessions", - "description": "Grants permission to return a list of sessions for a given workgroup", - "access_level": "List", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListSessions.html" - }, - "ListTableMetadata": { - "privilege": "ListTableMetadata", - "description": "Grants permission to return a list of table metadata in a database for a given datacatalog", - "access_level": "Read", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListTableMetadata.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return a list of tags for a resource", - "access_level": "Read", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWorkGroups": { - "privilege": "ListWorkGroups", - "description": "Grants permission to return a list of workgroups for the specified AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListWorkGroups.html" - }, - "PutCapacityAssignmentConfiguration": { - "privilege": "PutCapacityAssignmentConfiguration", - "description": "Grants permission to assign capacity from a capacity reservation to queries", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_PutCapacityAssignmentConfiguration.html" - }, - "StartCalculationExecution": { - "privilege": "StartCalculationExecution", - "description": "Grants permission to start a calculation execution", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StartCalculationExecution.html" - }, - "StartQueryExecution": { - "privilege": "StartQueryExecution", - "description": "Grants permission to start a query execution using an SQL query provided as a string", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StartQueryExecution.html" - }, - "StartSession": { - "privilege": "StartSession", - "description": "Grants permission to start a session", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StartSession.html" - }, - "StopCalculationExecution": { - "privilege": "StopCalculationExecution", - "description": "Grants permission to stop a calculation execution", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StopCalculationExecution.html" - }, - "StopQueryExecution": { - "privilege": "StopQueryExecution", - "description": "Grants permission to stop the specified query execution", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StopQueryExecution.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a tag to a resource", - "access_level": "Tagging", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_TagResource.html" - }, - "TerminateSession": { - "privilege": "TerminateSession", - "description": "Grants permission to terminate a session", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_TerminateSession.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a resource", - "access_level": "Tagging", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UntagResource.html" - }, - "UpdateCapacityReservation": { - "privilege": "UpdateCapacityReservation", - "description": "Grants permission to update a capacity reservation", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateCapacityReservation.html" - }, - "UpdateDataCatalog": { - "privilege": "UpdateDataCatalog", - "description": "Grants permission to update a datacatalog", - "access_level": "Write", - "resource_types": { - "datacatalog": { - "resource_type": "datacatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateDataCatalog.html" - }, - "UpdateNamedQuery": { - "privilege": "UpdateNamedQuery", - "description": "Grants permission to update a named query specified", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateNamedQuery.html" - }, - "UpdateNotebook": { - "privilege": "UpdateNotebook", - "description": "Grants permission to update a notebook", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateNotebook.html" - }, - "UpdateNotebookMetadata": { - "privilege": "UpdateNotebookMetadata", - "description": "Grants permission to update notebook metadata", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateNotebookMetadata.html" - }, - "UpdatePreparedStatement": { - "privilege": "UpdatePreparedStatement", - "description": "Grants permission to update a prepared statement", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdatePreparedStatement.html" - }, - "UpdateWorkGroup": { - "privilege": "UpdateWorkGroup", - "description": "Grants permission to update a workgroup", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateWorkGroup.html" - } - }, - "resources": { - "datacatalog": { - "resource": "datacatalog", - "arn": "arn:${Partition}:athena:${Region}:${Account}:datacatalog/${DataCatalogName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workgroup": { - "resource": "workgroup", - "arn": "arn:${Partition}:athena:${Region}:${Account}:workgroup/${WorkGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "capacity-reservation": { - "resource": "capacity-reservation", - "arn": "arn:${Partition}:athena:${Region}:${Account}:capacity-reservation/${CapacityReservationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "braket": { - "service_name": "Amazon Braket", - "prefix": "braket", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonbraket.html", - "privileges": { - "CancelJob": { - "privilege": "CancelJob", - "description": "Grants permission to cancel a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CancelJob.html" - }, - "CancelQuantumTask": { - "privilege": "CancelQuantumTask", - "description": "Grants permission to cancel a quantum task", - "access_level": "Write", - "resource_types": { - "quantum-task": { - "resource_type": "quantum-task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CancelQuantumTask.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Grants permission to create a job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CreateJob.html" - }, - "CreateQuantumTask": { - "privilege": "CreateQuantumTask", - "description": "Grants permission to create a quantum task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CreateQuantumTask.html" - }, - "GetDevice": { - "privilege": "GetDevice", - "description": "Grants permission to retrieve information about the devices available in Amazon Braket", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_GetDevice.html" - }, - "GetJob": { - "privilege": "GetJob", - "description": "Grants permission to retrieve jobs", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_Job.html" - }, - "GetQuantumTask": { - "privilege": "GetQuantumTask", - "description": "Grants permission to retrieve quantum tasks", - "access_level": "Read", - "resource_types": { - "quantum-task": { - "resource_type": "quantum-task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_GetQuantumTask.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to listing the tags that have been applied to the quantum task resource or the job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "quantum-task": { - "resource_type": "quantum-task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_ListTagsForResource.html" - }, - "SearchDevices": { - "privilege": "SearchDevices", - "description": "Grants permission to search for devices available in Amazon Braket", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_SearchDevices.html" - }, - "SearchJobs": { - "privilege": "SearchJobs", - "description": "Grants permission to search for jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_SearchJob.html" - }, - "SearchQuantumTasks": { - "privilege": "SearchQuantumTasks", - "description": "Grants permission to search for quantum tasks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_SearchQuantumTasks.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a quantum task", - "access_level": "Tagging", - "resource_types": { - "quantum-task": { - "resource_type": "quantum-task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a quantum task resource or a job. A tag consists of a key-value pair", - "access_level": "Tagging", - "resource_types": { - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "quantum-task": { - "resource_type": "quantum-task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_UntagResource.html" - } - }, - "resources": { - "quantum-task": { - "resource": "quantum-task", - "arn": "arn:${Partition}:braket:${Region}:${Account}:quantum-task/${RandomId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "job": { - "resource": "job", - "arn": "arn:${Partition}:braket:${Region}:${Account}:job/${JobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "chime": { - "service_name": "Amazon Chime", - "prefix": "chime", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonchime.html", - "privileges": { - "AcceptDelegate": { - "privilege": "AcceptDelegate", - "description": "Grants permission to accept the delegate invitation to share management of an Amazon Chime account with another AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ActivateUsers": { - "privilege": "ActivateUsers", - "description": "Grants permission to activate users in an Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" - }, - "AddDomain": { - "privilege": "AddDomain", - "description": "Grants permission to add a domain to your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" - }, - "AddOrUpdateGroups": { - "privilege": "AddOrUpdateGroups", - "description": "Grants permission to add new or update existing Active Directory or Okta user groups associated with your Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-chime-account.html" - }, - "AssociateChannelFlow": { - "privilege": "AssociateChannelFlow", - "description": "Grants permission to associate a flow with a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel-flow": { - "resource_type": "channel-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_AssociateChannelFlow.html" - }, - "AssociatePhoneNumberWithUser": { - "privilege": "AssociatePhoneNumberWithUser", - "description": "Grants permission to associate a phone number with an Amazon Chime user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociatePhoneNumberWithUser.html" - }, - "AssociatePhoneNumbersWithVoiceConnector": { - "privilege": "AssociatePhoneNumbersWithVoiceConnector", - "description": "Grants permission to associate multiple phone numbers with an Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociatePhoneNumbersWithVoiceConnector.html" - }, - "AssociatePhoneNumbersWithVoiceConnectorGroup": { - "privilege": "AssociatePhoneNumbersWithVoiceConnectorGroup", - "description": "Grants permission to associate multiple phone numbers with an Amazon Chime Voice Connector Group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociatePhoneNumbersWithVoiceConnectorGroup.html" - }, - "AssociateSigninDelegateGroupsWithAccount": { - "privilege": "AssociateSigninDelegateGroupsWithAccount", - "description": "Grants permission to associate the specified sign-in delegate groups with the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociateSigninDelegateGroupsWithAccount.html" - }, - "AuthorizeDirectory": { - "privilege": "AuthorizeDirectory", - "description": "Grants permission to authorize an Active Directory for your Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "BatchCreateAttendee": { - "privilege": "BatchCreateAttendee", - "description": "Grants permission to create new attendees for an active Amazon Chime SDK meeting", - "access_level": "Write", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchCreateAttendee.html" - }, - "BatchCreateChannelMembership": { - "privilege": "BatchCreateChannelMembership", - "description": "Grants permission to add multiple users and bots to a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_BatchCreateChannelMembership.html" - }, - "BatchCreateRoomMembership": { - "privilege": "BatchCreateRoomMembership", - "description": "Grants permission to batch add room members", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchCreateRoomMembership.html" - }, - "BatchDeletePhoneNumber": { - "privilege": "BatchDeletePhoneNumber", - "description": "Grants permission to move up to 50 phone numbers to the deletion queue", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchDeletePhoneNumber.html" - }, - "BatchSuspendUser": { - "privilege": "BatchSuspendUser", - "description": "Grants permission to suspend up to 50 users from a Team or EnterpriseLWA Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchSuspendUser.html" - }, - "BatchUnsuspendUser": { - "privilege": "BatchUnsuspendUser", - "description": "Grants permission to remove the suspension from up to 50 previously suspended users for the specified Amazon Chime EnterpriseLWA account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchUnsuspendUser.html" - }, - "BatchUpdateAttendeeCapabilitiesExcept": { - "privilege": "BatchUpdateAttendeeCapabilitiesExcept", - "description": "Grants permission to update AttendeeCapabilities except the capabilities listed in an ExcludedAttendeeIds table", - "access_level": "Write", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_meeting-chime_BatchUpdateAttendeeCapabilitiesExcept.html" - }, - "BatchUpdatePhoneNumber": { - "privilege": "BatchUpdatePhoneNumber", - "description": "Grants permission to update phone number details within the UpdatePhoneNumberRequestItem object for up to 50 phone numbers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchUpdatePhoneNumber.html" - }, - "BatchUpdateUser": { - "privilege": "BatchUpdateUser", - "description": "Grants permission to update user details within the UpdateUserRequestItem object for up to 20 users for the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchUpdateUser.html" - }, - "ChannelFlowCallback": { - "privilege": "ChannelFlowCallback", - "description": "Grants permission to callback for a message on a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ChannelFlowCallback.html" - }, - "Connect": { - "privilege": "Connect", - "description": "Grants permission to establish a web socket connection for app instance user to the messaging session endpoint", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_Connect.html" - }, - "ConnectDirectory": { - "privilege": "ConnectDirectory", - "description": "Grants permission to connect an Active Directory to your Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ds:ConnectDirectory" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/active_directory.html" - }, - "CreateAccount": { - "privilege": "CreateAccount", - "description": "Grants permission to create an Amazon Chime account under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateAccount.html" - }, - "CreateApiKey": { - "privilege": "CreateApiKey", - "description": "Grants permission to create a new SCIM access key for your Amazon Chime account and Okta configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" - }, - "CreateAppInstance": { - "privilege": "CreateAppInstance", - "description": "Grants permission to create an app instance under the AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstance.html" - }, - "CreateAppInstanceAdmin": { - "privilege": "CreateAppInstanceAdmin", - "description": "Grants permission to promote a user or bot to an AppInstanceAdmin", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstanceAdmin.html" - }, - "CreateAppInstanceBot": { - "privilege": "CreateAppInstanceBot", - "description": "Grants permission to create a bot under an Amazon Chime AppInstance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstanceBot.html" - }, - "CreateAppInstanceUser": { - "privilege": "CreateAppInstanceUser", - "description": "Grants permission to create a user under an Amazon Chime AppInstance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstanceUser.html" - }, - "CreateAttendee": { - "privilege": "CreateAttendee", - "description": "Grants permission to create a new attendee for an active Amazon Chime SDK meeting", - "access_level": "Write", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateAttendee.html" - }, - "CreateBot": { - "privilege": "CreateBot", - "description": "Grants permission to create a bot for an Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateBot.html" - }, - "CreateCDRBucket": { - "privilege": "CreateCDRBucket", - "description": "Grants permission to create a new Call Detail Record S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:CreateBucket", - "s3:ListAllMyBuckets" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" - }, - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Grants permission to create a channel for an app instance under the AWS account", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannel.html" - }, - "CreateChannelBan": { - "privilege": "CreateChannelBan", - "description": "Grants permission to ban a user or bot from a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelBan.html" - }, - "CreateChannelFlow": { - "privilege": "CreateChannelFlow", - "description": "Grants permission to create a channel flow for an app instance under the AWS account", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelFlow.html" - }, - "CreateChannelMembership": { - "privilege": "CreateChannelMembership", - "description": "Grants permission to add a user or bot to a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelMembership.html" - }, - "CreateChannelModerator": { - "privilege": "CreateChannelModerator", - "description": "Grants permission to create a channel moderator", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelModerator.html" - }, - "CreateMediaCapturePipeline": { - "privilege": "CreateMediaCapturePipeline", - "description": "Grants permission to create a media capture pipeline", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "s3:GetBucketPolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaCapturePipeline.html" - }, - "CreateMediaConcatenationPipeline": { - "privilege": "CreateMediaConcatenationPipeline", - "description": "Grants permission to create a media concatenation pipeline", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "s3:GetBucketPolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaConcatenationPipeline.html" - }, - "CreateMediaInsightsPipeline": { - "privilege": "CreateMediaInsightsPipeline", - "description": "Grants permission to create a media insights pipeline", - "access_level": "Write", - "resource_types": { - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "chime:TagResource", - "kinesisvideo:DescribeStream" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaInsightsPipeline.html" - }, - "CreateMediaInsightsPipelineConfiguration": { - "privilege": "CreateMediaInsightsPipelineConfiguration", - "description": "Grants permission to create a media insights pipeline configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "chime:TagResource", - "iam:PassRole", - "kinesis:DescribeStream", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaInsightsPipelineConfiguration.html" - }, - "CreateMediaLiveConnectorPipeline": { - "privilege": "CreateMediaLiveConnectorPipeline", - "description": "Grants permission to create a media live connector pipeline", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaLiveConnectorPipeline.html" - }, - "CreateMeeting": { - "privilege": "CreateMeeting", - "description": "Grants permission to create a new Amazon Chime SDK meeting in the specified media Region, with no initial attendees", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateMeeting.html" - }, - "CreateMeetingDialOut": { - "privilege": "CreateMeetingDialOut", - "description": "Grants permission to call a phone number to join the specified Amazon Chime SDK meeting", - "access_level": "Write", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateMeetingDialOut.html" - }, - "CreateMeetingWithAttendees": { - "privilege": "CreateMeetingWithAttendees", - "description": "Grants permission to create a new Amazon Chime SDK meeting in the specified media Region, with a set of attendees", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateMeetingWithAttendees.html" - }, - "CreatePhoneNumberOrder": { - "privilege": "CreatePhoneNumberOrder", - "description": "Grants permission to create a phone number order with the Carriers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreatePhoneNumberOrder.html" - }, - "CreateProxySession": { - "privilege": "CreateProxySession", - "description": "Grants permission to create a proxy session for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateProxySession.html" - }, - "CreateRoom": { - "privilege": "CreateRoom", - "description": "Grants permission to create a room", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateRoom.html" - }, - "CreateRoomMembership": { - "privilege": "CreateRoomMembership", - "description": "Grants permission to add a room member", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateRoomMembership.html" - }, - "CreateSipMediaApplication": { - "privilege": "CreateSipMediaApplication", - "description": "Grants permission to create an Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateSipMediaApplication.html" - }, - "CreateSipMediaApplicationCall": { - "privilege": "CreateSipMediaApplicationCall", - "description": "Grants permission to create outbound call for Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateSipMediaApplicationCall.html" - }, - "CreateSipRule": { - "privilege": "CreateSipRule", - "description": "Grants permission to create an Amazon Chime SIP rule under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateSipRule.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user under the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateUser.html" - }, - "CreateVoiceConnector": { - "privilege": "CreateVoiceConnector", - "description": "Grants permission to create a Amazon Chime Voice Connector under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateVoiceConnector.html" - }, - "CreateVoiceConnectorGroup": { - "privilege": "CreateVoiceConnectorGroup", - "description": "Grants permission to create a Amazon Chime Voice Connector Group under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateVoiceConnectorGroup.html" - }, - "CreateVoiceProfile": { - "privilege": "CreateVoiceProfile", - "description": "Grants permission to create a voice profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_CreateVoiceProfile.html" - }, - "CreateVoiceProfileDomain": { - "privilege": "CreateVoiceProfileDomain", - "description": "Grants permission to create a voice profile domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "chime:TagResource", - "kms:CreateGrant", - "kms:DescribeKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_CreateVoiceProfileDomain.html" - }, - "DeleteAccount": { - "privilege": "DeleteAccount", - "description": "Grants permission to delete the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteAccount.html" - }, - "DeleteAccountOpenIdConfig": { - "privilege": "DeleteAccountOpenIdConfig", - "description": "Grants permission to delete the OpenIdConfig attributes from your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" - }, - "DeleteApiKey": { - "privilege": "DeleteApiKey", - "description": "Grants permission to delete the specified SCIM access key associated with your Amazon Chime account and Okta configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" - }, - "DeleteAppInstance": { - "privilege": "DeleteAppInstance", - "description": "Grants permission to delete an AppInstance", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstance.html" - }, - "DeleteAppInstanceAdmin": { - "privilege": "DeleteAppInstanceAdmin", - "description": "Grants permission to demote an AppInstanceAdmin to a user or bot", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstanceAdmin.html" - }, - "DeleteAppInstanceBot": { - "privilege": "DeleteAppInstanceBot", - "description": "Grants permission to delete an AppInstanceBot", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstanceBot.html" - }, - "DeleteAppInstanceStreamingConfigurations": { - "privilege": "DeleteAppInstanceStreamingConfigurations", - "description": "Grants permission to disable data streaming for the app instance", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_DeleteAppInstanceStreamingConfigurations.html" - }, - "DeleteAppInstanceUser": { - "privilege": "DeleteAppInstanceUser", - "description": "Grants permission to delete an AppInstanceUser", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstanceUser.html" - }, - "DeleteAttendee": { - "privilege": "DeleteAttendee", - "description": "Grants permission to delete the specified attendee from an Amazon Chime SDK meeting", - "access_level": "Write", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteAttendee.html" - }, - "DeleteCDRBucket": { - "privilege": "DeleteCDRBucket", - "description": "Grants permission to delete a Call Detail Record S3 bucket from your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:DeleteBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Grants permission to delete a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannel.html" - }, - "DeleteChannelBan": { - "privilege": "DeleteChannelBan", - "description": "Grants permission to remove a user or bot from a channel's ban list", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelBan.html" - }, - "DeleteChannelFlow": { - "privilege": "DeleteChannelFlow", - "description": "Grants permission to delete a channel flow", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelFlow.html" - }, - "DeleteChannelMembership": { - "privilege": "DeleteChannelMembership", - "description": "Grants permission to remove a member from a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelMembership.html" - }, - "DeleteChannelMessage": { - "privilege": "DeleteChannelMessage", - "description": "Grants permission to delete a channel message", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelMessage.html" - }, - "DeleteChannelModerator": { - "privilege": "DeleteChannelModerator", - "description": "Grants permission to delete a channel moderator", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelModerator.html" - }, - "DeleteDelegate": { - "privilege": "DeleteDelegate", - "description": "Grants permission to delete delegated AWS account management from your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete a domain from your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" - }, - "DeleteEventsConfiguration": { - "privilege": "DeleteEventsConfiguration", - "description": "Grants permission to delete an events configuration for a bot to receive outgoing events", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteEventsConfiguration.html" - }, - "DeleteGroups": { - "privilege": "DeleteGroups", - "description": "Grants permission to delete Active Directory or Okta user groups from your Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "DeleteMediaCapturePipeline": { - "privilege": "DeleteMediaCapturePipeline", - "description": "Grants permission to delete a media capture pipeline", - "access_level": "Write", - "resource_types": { - "media-pipeline": { - "resource_type": "media-pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_DeleteMediaCapturePipeline.html" - }, - "DeleteMediaInsightsPipelineConfiguration": { - "privilege": "DeleteMediaInsightsPipelineConfiguration", - "description": "Grants permission to delete a media insights pipeline configuration", - "access_level": "Write", - "resource_types": { - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "chime:ListVoiceConnectors" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_DeleteMediaInsightsPipelineConfiguration.html" - }, - "DeleteMediaPipeline": { - "privilege": "DeleteMediaPipeline", - "description": "Grants permission to delete a media pipeline", - "access_level": "Write", - "resource_types": { - "media-pipeline": { - "resource_type": "media-pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_DeleteMediaPipeline.html" - }, - "DeleteMeeting": { - "privilege": "DeleteMeeting", - "description": "Grants permission to delete the specified Amazon Chime SDK meeting", - "access_level": "Write", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteMeeting.html" - }, - "DeleteMessagingStreamingConfigurations": { - "privilege": "DeleteMessagingStreamingConfigurations", - "description": "Grants permission to delete the data streaming configurations of an AppInstance", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteMessagingStreamingConfigurations.html" - }, - "DeletePhoneNumber": { - "privilege": "DeletePhoneNumber", - "description": "Grants permission to move a phone number to the deletion queue", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeletePhoneNumber.html" - }, - "DeleteProxySession": { - "privilege": "DeleteProxySession", - "description": "Grants permission to delete a proxy session for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteProxySession.html" - }, - "DeleteRoom": { - "privilege": "DeleteRoom", - "description": "Grants permission to delete a room", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteRoom.html" - }, - "DeleteRoomMembership": { - "privilege": "DeleteRoomMembership", - "description": "Grants permission to remove a room member", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteRoomMembership.html" - }, - "DeleteSipMediaApplication": { - "privilege": "DeleteSipMediaApplication", - "description": "Grants permission to delete Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteSipMediaApplication.html" - }, - "DeleteSipRule": { - "privilege": "DeleteSipRule", - "description": "Grants permission to delete Amazon Chime SIP rule under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteSipRule.html" - }, - "DeleteVoiceConnector": { - "privilege": "DeleteVoiceConnector", - "description": "Grants permission to delete the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:CreateLogDelivery", - "logs:DeleteLogDelivery", - "logs:GetLogDelivery", - "logs:ListLogDeliveries" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnector.html" - }, - "DeleteVoiceConnectorEmergencyCallingConfiguration": { - "privilege": "DeleteVoiceConnectorEmergencyCallingConfiguration", - "description": "Grants permission to delete emergency calling configuration for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorEmergencyCallingConfiguration.html" - }, - "DeleteVoiceConnectorGroup": { - "privilege": "DeleteVoiceConnectorGroup", - "description": "Grants permission to delete the specified Amazon Chime Voice Connector Group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorGroup.html" - }, - "DeleteVoiceConnectorOrigination": { - "privilege": "DeleteVoiceConnectorOrigination", - "description": "Grants permission to delete the origination settings for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorOrigination.html" - }, - "DeleteVoiceConnectorProxy": { - "privilege": "DeleteVoiceConnectorProxy", - "description": "Grants permission to delete proxy configuration for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorProxy.html" - }, - "DeleteVoiceConnectorStreamingConfiguration": { - "privilege": "DeleteVoiceConnectorStreamingConfiguration", - "description": "Grants permission to delete streaming configuration for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorStreamingConfiguration.html" - }, - "DeleteVoiceConnectorTermination": { - "privilege": "DeleteVoiceConnectorTermination", - "description": "Grants permission to delete the termination settings for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorTermination.html" - }, - "DeleteVoiceConnectorTerminationCredentials": { - "privilege": "DeleteVoiceConnectorTerminationCredentials", - "description": "Grants permission to delete SIP termination credentials for the specified Amazon Chime Voice Connector", - "access_level": "Permissions management", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorTerminationCredentials.html" - }, - "DeleteVoiceProfile": { - "privilege": "DeleteVoiceProfile", - "description": "Grants permission to delete a voice profile", - "access_level": "Write", - "resource_types": { - "voice-profile": { - "resource_type": "voice-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_DeleteVoiceProfile.html" - }, - "DeleteVoiceProfileDomain": { - "privilege": "DeleteVoiceProfileDomain", - "description": "Grants permission to delete a voice profile domain", - "access_level": "Write", - "resource_types": { - "voice-profile-domain": { - "resource_type": "voice-profile-domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_DeleteVoiceProfileDomain.html" - }, - "DeregisterAppInstanceUserEndpoint": { - "privilege": "DeregisterAppInstanceUserEndpoint", - "description": "Grants permission to deregister an endpoint for an app instance user", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeregisterAppInstanceUserEndpoint.html" - }, - "DescribeAppInstance": { - "privilege": "DescribeAppInstance", - "description": "Grants permission to get the full details of an AppInstance", - "access_level": "Read", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstance.html" - }, - "DescribeAppInstanceAdmin": { - "privilege": "DescribeAppInstanceAdmin", - "description": "Grants permission to get the full details of an AppInstanceAdmin", - "access_level": "Read", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceAdmin.html" - }, - "DescribeAppInstanceBot": { - "privilege": "DescribeAppInstanceBot", - "description": "Grants permission to get the full details of an AppInstanceBot", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceBot.html" - }, - "DescribeAppInstanceUser": { - "privilege": "DescribeAppInstanceUser", - "description": "Grants permission to get the full details of an AppInstanceUser", - "access_level": "Read", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceUser.html" - }, - "DescribeAppInstanceUserEndpoint": { - "privilege": "DescribeAppInstanceUserEndpoint", - "description": "Grants permission to describe an endpoint registered for an app instance user", - "access_level": "Read", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceUserEndpoint.html" - }, - "DescribeChannel": { - "privilege": "DescribeChannel", - "description": "Grants permission to get the full details of a channel", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannel.html" - }, - "DescribeChannelBan": { - "privilege": "DescribeChannelBan", - "description": "Grants permission to get the full details of a channel ban", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelBan.html" - }, - "DescribeChannelFlow": { - "privilege": "DescribeChannelFlow", - "description": "Grants permission to get the full details of a channel flow", - "access_level": "Read", - "resource_types": { - "channel-flow": { - "resource_type": "channel-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelFlow.html" - }, - "DescribeChannelMembership": { - "privilege": "DescribeChannelMembership", - "description": "Grants permission to get the full details of a channel membership", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelMembership.html" - }, - "DescribeChannelMembershipForAppInstanceUser": { - "privilege": "DescribeChannelMembershipForAppInstanceUser", - "description": "Grants permission to get the details of a channel based on the membership of the specified user or bot", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelMembershipForAppInstanceUser.html" - }, - "DescribeChannelModeratedByAppInstanceUser": { - "privilege": "DescribeChannelModeratedByAppInstanceUser", - "description": "Grants permission to get the full details of a channel moderated by the specified user or bot", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelModeratedByAppInstanceUser.html" - }, - "DescribeChannelModerator": { - "privilege": "DescribeChannelModerator", - "description": "Grants permission to get the full details of a single ChannelModerator", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelModerator.html" - }, - "DisassociateChannelFlow": { - "privilege": "DisassociateChannelFlow", - "description": "Grants permission to disassociate a flow from a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel-flow": { - "resource_type": "channel-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DisassociateChannelFlow.html" - }, - "DisassociatePhoneNumberFromUser": { - "privilege": "DisassociatePhoneNumberFromUser", - "description": "Grants permission to disassociate the primary provisioned number from the specified Amazon Chime user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociatePhoneNumberFromUser.html" - }, - "DisassociatePhoneNumbersFromVoiceConnector": { - "privilege": "DisassociatePhoneNumbersFromVoiceConnector", - "description": "Grants permission to disassociate multiple phone numbers from the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociatePhoneNumbersFromVoiceConnector.html" - }, - "DisassociatePhoneNumbersFromVoiceConnectorGroup": { - "privilege": "DisassociatePhoneNumbersFromVoiceConnectorGroup", - "description": "Grants permission to disassociate multiple phone numbers from the specified Amazon Chime Voice Connector Group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociatePhoneNumbersFromVoiceConnectorGroup.html" - }, - "DisassociateSigninDelegateGroupsFromAccount": { - "privilege": "DisassociateSigninDelegateGroupsFromAccount", - "description": "Grants permission to disassociate the specified sign-in delegate groups from the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociateSigninDelegateGroupsFromAccount.html" - }, - "DisconnectDirectory": { - "privilege": "DisconnectDirectory", - "description": "Grants permission to disconnect the Active Directory from your Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "GetAccount": { - "privilege": "GetAccount", - "description": "Grants permission to get details for the specified Amazon Chime account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetAccount.html" - }, - "GetAccountResource": { - "privilege": "GetAccountResource", - "description": "Grants permission to get details for the account resource associated with your Amazon Chime account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "GetAccountSettings": { - "privilege": "GetAccountSettings", - "description": "Grants permission to get account settings for the specified Amazon Chime account ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetAccountSettings.html" - }, - "GetAccountWithOpenIdConfig": { - "privilege": "GetAccountWithOpenIdConfig", - "description": "Grants permission to get the account details and OpenIdConfig attributes for your Amazon Chime account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" - }, - "GetAppInstanceRetentionSettings": { - "privilege": "GetAppInstanceRetentionSettings", - "description": "Grants permission to get retention settings for an app instance", - "access_level": "Read", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_GetAppInstanceRetentionSettings.html" - }, - "GetAppInstanceStreamingConfigurations": { - "privilege": "GetAppInstanceStreamingConfigurations", - "description": "Grants permission to get the streaming configurations for an app instance", - "access_level": "Read", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_GetAppInstanceStreamingConfigurations.html" - }, - "GetAttendee": { - "privilege": "GetAttendee", - "description": "Grants permission to get attendee details for a specified meeting ID and attendee ID", - "access_level": "Read", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetAttendee.html" - }, - "GetBot": { - "privilege": "GetBot", - "description": "Grants permission to retrieve details for the specified bot", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetBot.html" - }, - "GetCDRBucket": { - "privilege": "GetCDRBucket", - "description": "Grants permission to get details of a Call Detail Record S3 bucket associated with your Amazon Chime account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetBucketAcl", - "s3:GetBucketLocation", - "s3:GetBucketLogging", - "s3:GetBucketVersioning", - "s3:GetBucketWebsite" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "GetChannelMembershipPreferences": { - "privilege": "GetChannelMembershipPreferences", - "description": "Grants permission to get the preferences for a channel membership", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetChannelMembershipPreferences.html" - }, - "GetChannelMessage": { - "privilege": "GetChannelMessage", - "description": "Grants permission to get the full details of a channel message", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetChannelMessage.html" - }, - "GetChannelMessageStatus": { - "privilege": "GetChannelMessageStatus", - "description": "Grants permission to get the status of a channel message", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetChannelMessageStatus.html" - }, - "GetDomain": { - "privilege": "GetDomain", - "description": "Grants permission to get domain details for a domain associated with your Amazon Chime account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" - }, - "GetEventsConfiguration": { - "privilege": "GetEventsConfiguration", - "description": "Grants permission to retrieve details for an events configuration for a bot to receive outgoing events", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetEventsConfiguration.html" - }, - "GetGlobalSettings": { - "privilege": "GetGlobalSettings", - "description": "Grants permission to get global settings related to Amazon Chime for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetGlobalSettings.html" - }, - "GetMediaCapturePipeline": { - "privilege": "GetMediaCapturePipeline", - "description": "Grants permission to get an existing media capture pipeline", - "access_level": "Read", - "resource_types": { - "media-pipeline": { - "resource_type": "media-pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_GetMediaCapturePipeline.html" - }, - "GetMediaInsightsPipelineConfiguration": { - "privilege": "GetMediaInsightsPipelineConfiguration", - "description": "Grants permission to get a media insights pipeline configuration", - "access_level": "Read", - "resource_types": { - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_GetMediaInsightsPipelineConfiguration.html" - }, - "GetMediaPipeline": { - "privilege": "GetMediaPipeline", - "description": "Grants permission to get an existing media pipeline", - "access_level": "Read", - "resource_types": { - "media-pipeline": { - "resource_type": "media-pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_GetMediaPipeline.html" - }, - "GetMeeting": { - "privilege": "GetMeeting", - "description": "Grants permission to get the meeting record for a specified meeting ID", - "access_level": "Read", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetMeeting.html" - }, - "GetMeetingDetail": { - "privilege": "GetMeetingDetail", - "description": "Grants permission to get attendee, connection, and other details for a meeting", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "GetMessagingSessionEndpoint": { - "privilege": "GetMessagingSessionEndpoint", - "description": "Grants permission to get the endpoint for the messaging session", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetMessagingSessionEndpoint.html" - }, - "GetMessagingStreamingConfigurations": { - "privilege": "GetMessagingStreamingConfigurations", - "description": "Grants permission to get the data streaming configurations of an AppInstance", - "access_level": "Read", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetMessagingStreamingConfigurations.html" - }, - "GetPhoneNumber": { - "privilege": "GetPhoneNumber", - "description": "Grants permission to get details for the specified phone number", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetPhoneNumber.html" - }, - "GetPhoneNumberOrder": { - "privilege": "GetPhoneNumberOrder", - "description": "Grants permission to get details for the specified phone number order", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetPhoneNumberOrder.html" - }, - "GetPhoneNumberSettings": { - "privilege": "GetPhoneNumberSettings", - "description": "Grants permission to get phone number settings related to Amazon Chime for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetPhoneNumberSettings.html" - }, - "GetProxySession": { - "privilege": "GetProxySession", - "description": "Grants permission to get details of the specified proxy session for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetProxySession.html" - }, - "GetRetentionSettings": { - "privilege": "GetRetentionSettings", - "description": "Grants permission to retrieve the retention settings for the specified Amazon Chime account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetRetentionSettings.html" - }, - "GetRoom": { - "privilege": "GetRoom", - "description": "Grants permission to retrieve a room", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetRoom.html" - }, - "GetSipMediaApplication": { - "privilege": "GetSipMediaApplication", - "description": "Grants permission to get details of Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Read", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetSipMediaApplication.html" - }, - "GetSipMediaApplicationAlexaSkillConfiguration": { - "privilege": "GetSipMediaApplicationAlexaSkillConfiguration", - "description": "Grants permission to get Alexa Skill configuration settings for Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Read", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetSipMediaApplicationAlexaSkillConfiguration.html" - }, - "GetSipMediaApplicationLoggingConfiguration": { - "privilege": "GetSipMediaApplicationLoggingConfiguration", - "description": "Grants permission to get logging configuration settings for Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Read", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetSipMediaApplicationLoggingConfiguration.html" - }, - "GetSipRule": { - "privilege": "GetSipRule", - "description": "Grants permission to get details of Amazon Chime SIP rule under the administrator's AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetSipRule.html" - }, - "GetSpeakerSearchTask": { - "privilege": "GetSpeakerSearchTask", - "description": "Grants permission to get a speaker search task", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetSpeakerSearchTask.html" - }, - "GetTelephonyLimits": { - "privilege": "GetTelephonyLimits", - "description": "Grants permission to get telephony limits for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/phone-numbers.html" - }, - "GetUser": { - "privilege": "GetUser", - "description": "Grants permission to get details for the specified user ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetUser.html" - }, - "GetUserActivityReportData": { - "privilege": "GetUserActivityReportData", - "description": "Grants permission to get a summary of user activity on the user details page", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/user-details.html" - }, - "GetUserByEmail": { - "privilege": "GetUserByEmail", - "description": "Grants permission to get user details for an Amazon Chime user based on the email address in an Amazon Chime Enterprise or Team account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/user-details.html" - }, - "GetUserSettings": { - "privilege": "GetUserSettings", - "description": "Grants permission to get user settings related to the specified Amazon Chime user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetUserSettings.html" - }, - "GetVoiceConnector": { - "privilege": "GetVoiceConnector", - "description": "Grants permission to get details for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnector.html" - }, - "GetVoiceConnectorEmergencyCallingConfiguration": { - "privilege": "GetVoiceConnectorEmergencyCallingConfiguration", - "description": "Grants permission to get details of the emergency calling configuration for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorEmergencyCallingConfiguration.html" - }, - "GetVoiceConnectorGroup": { - "privilege": "GetVoiceConnectorGroup", - "description": "Grants permission to get details for the specified Amazon Chime Voice Connector Group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorGroup.html" - }, - "GetVoiceConnectorLoggingConfiguration": { - "privilege": "GetVoiceConnectorLoggingConfiguration", - "description": "Grants permission to get details of the logging configuration for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorLoggingConfiguration.html" - }, - "GetVoiceConnectorOrigination": { - "privilege": "GetVoiceConnectorOrigination", - "description": "Grants permission to get details of the origination settings for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorOrigination.html" - }, - "GetVoiceConnectorProxy": { - "privilege": "GetVoiceConnectorProxy", - "description": "Grants permission to get details of the proxy configuration for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorProxy.html" - }, - "GetVoiceConnectorStreamingConfiguration": { - "privilege": "GetVoiceConnectorStreamingConfiguration", - "description": "Grants permission to get details of the streaming configuration for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorStreamingConfiguration.html" - }, - "GetVoiceConnectorTermination": { - "privilege": "GetVoiceConnectorTermination", - "description": "Grants permission to get details of the termination settings for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorTermination.html" - }, - "GetVoiceConnectorTerminationHealth": { - "privilege": "GetVoiceConnectorTerminationHealth", - "description": "Grants permission to get details of the termination health for the specified Amazon Chime Voice Connector", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorTerminationHealth.html" - }, - "GetVoiceProfile": { - "privilege": "GetVoiceProfile", - "description": "Grants permission to get a voice profile", - "access_level": "Read", - "resource_types": { - "voice-profile": { - "resource_type": "voice-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetVoiceProfile.html" - }, - "GetVoiceProfileDomain": { - "privilege": "GetVoiceProfileDomain", - "description": "Grants permission to get a voice profile domain", - "access_level": "Read", - "resource_types": { - "voice-profile-domain": { - "resource_type": "voice-profile-domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetVoiceProfileDomain.html" - }, - "GetVoiceToneAnalysisTask": { - "privilege": "GetVoiceToneAnalysisTask", - "description": "Grants permission to get a voice tone analysis task", - "access_level": "Read", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetVoiceToneAnalysisTask.html" - }, - "InviteDelegate": { - "privilege": "InviteDelegate", - "description": "Grants permission to send an invitation to accept a request for AWS account delegation for an Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "InviteUsers": { - "privilege": "InviteUsers", - "description": "Grants permission to invite as many as 50 users to the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_InviteUsers.html" - }, - "InviteUsersFromProvider": { - "privilege": "InviteUsersFromProvider", - "description": "Grants permission to invite users from a third party provider to your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ListAccountUsageReportData": { - "privilege": "ListAccountUsageReportData", - "description": "Grants permission to list Amazon Chime account usage reporting data", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/view-reports.html" - }, - "ListAccounts": { - "privilege": "ListAccounts", - "description": "Grants permission to list the Amazon Chime accounts under the administrator's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListAccounts.html" - }, - "ListApiKeys": { - "privilege": "ListApiKeys", - "description": "Grants permission to list the SCIM access keys defined for your Amazon Chime account and Okta configuration", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" - }, - "ListAppInstanceAdmins": { - "privilege": "ListAppInstanceAdmins", - "description": "Grants permission to list administrators in the app instance", - "access_level": "List", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceAdmins.html" - }, - "ListAppInstanceBots": { - "privilege": "ListAppInstanceBots", - "description": "Grants permission to list all AppInstanceBots created under a single app instance", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceBots.html" - }, - "ListAppInstanceUserEndpoints": { - "privilege": "ListAppInstanceUserEndpoints", - "description": "Grants permission to list the endpoints registered for an app instance user", - "access_level": "List", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceUserEndpoints.html" - }, - "ListAppInstanceUsers": { - "privilege": "ListAppInstanceUsers", - "description": "Grants permission to list all AppInstanceUsers created under a single app instance", - "access_level": "List", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceUsers.html" - }, - "ListAppInstances": { - "privilege": "ListAppInstances", - "description": "Grants permission to list all Amazon Chime app instances created under a single AWS account", - "access_level": "List", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstances.html" - }, - "ListAttendeeTags": { - "privilege": "ListAttendeeTags", - "description": "Grants permission to list the tags applied to an Amazon Chime SDK attendee resource", - "access_level": "List", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListAttendeeTags.html" - }, - "ListAttendees": { - "privilege": "ListAttendees", - "description": "Grants permission to list up to 100 attendees for a specified Amazon Chime SDK meeting", - "access_level": "List", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListAttendees.html" - }, - "ListAvailableVoiceConnectorRegions": { - "privilege": "ListAvailableVoiceConnectorRegions", - "description": "Grants permission to list the available AWS Regions in which you can create an Amazon Chime SDK Voice Connector", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_ListAvailableVoiceConnectorRegions.html" - }, - "ListBots": { - "privilege": "ListBots", - "description": "Grants permission to list the bots associated with the administrator's Amazon Chime Enterprise account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListBots.html" - }, - "ListCDRBucket": { - "privilege": "ListCDRBucket", - "description": "Grants permission to list Call Detail Record S3 buckets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:ListAllMyBuckets", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ListCallingRegions": { - "privilege": "ListCallingRegions", - "description": "Grants permission to list the calling regions available for the administrator's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/phone-numbers.html" - }, - "ListChannelBans": { - "privilege": "ListChannelBans", - "description": "Grants permission to list all the users and bots banned from a particular channel", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelBans.html" - }, - "ListChannelFlows": { - "privilege": "ListChannelFlows", - "description": "Grants permission to list all the Channel Flows created under a single Chime AppInstance", - "access_level": "List", - "resource_types": { - "channel-flow": { - "resource_type": "channel-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelFlows.html" - }, - "ListChannelMemberships": { - "privilege": "ListChannelMemberships", - "description": "Grants permission to list all channel memberships in a channel", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelMemberships.html" - }, - "ListChannelMembershipsForAppInstanceUser": { - "privilege": "ListChannelMembershipsForAppInstanceUser", - "description": "Grants permission to list all channels that a particular user or bot is a part of", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelMembershipsForAppInstanceUser.html" - }, - "ListChannelMessages": { - "privilege": "ListChannelMessages", - "description": "Grants permission to list all the messages in a channel", - "access_level": "Read", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelMessages.html" - }, - "ListChannelModerators": { - "privilege": "ListChannelModerators", - "description": "Grants permission to list all the moderators for a channel", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelModerators.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to list all the Channels created under a single Chime AppInstance", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannels.html" - }, - "ListChannelsAssociatedWithChannelFlow": { - "privilege": "ListChannelsAssociatedWithChannelFlow", - "description": "Grants permission to list all the Channels associated with a single Chime Channel Flow", - "access_level": "List", - "resource_types": { - "channel-flow": { - "resource_type": "channel-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelsAssociatedWithChannelFlow.html" - }, - "ListChannelsModeratedByAppInstanceUser": { - "privilege": "ListChannelsModeratedByAppInstanceUser", - "description": "Grants permission to list all channels moderated by a user or bot", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelsModeratedByAppInstanceUser.html" - }, - "ListDelegates": { - "privilege": "ListDelegates", - "description": "Grants permission to list account delegate information associated with your Amazon Chime account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ListDirectories": { - "privilege": "ListDirectories", - "description": "Grants permission to list active Active Directories hosted in the Directory Service of your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list domains associated with your Amazon Chime account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list Active Directory or Okta user groups associated with your Amazon Chime Enterprise account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ListMediaCapturePipelines": { - "privilege": "ListMediaCapturePipelines", - "description": "Grants permission to list media capture pipelines", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_ListMediaCapturePipelines.html" - }, - "ListMediaInsightsPipelineConfigurations": { - "privilege": "ListMediaInsightsPipelineConfigurations", - "description": "Grants permission to list all media insights pipeline configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_ListMediaInsightsPipelineConfigurations.html" - }, - "ListMediaPipelines": { - "privilege": "ListMediaPipelines", - "description": "Grants permission to list media pipelines", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_ListMediaPipelines.html" - }, - "ListMeetingEvents": { - "privilege": "ListMeetingEvents", - "description": "Grants permission to list all events that occurred for a specified meeting", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/view-reports.html" - }, - "ListMeetingTags": { - "privilege": "ListMeetingTags", - "description": "Grants permission to list the tags applied to an Amazon Chime SDK meeting resource", - "access_level": "List", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListMeetingTags.html" - }, - "ListMeetings": { - "privilege": "ListMeetings", - "description": "Grants permission to list up to 100 active Amazon Chime SDK meetings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListMeetings.html" - }, - "ListMeetingsReportData": { - "privilege": "ListMeetingsReportData", - "description": "Grants permission to list meetings ended during the specified date range", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/view-reports.html" - }, - "ListPhoneNumberOrders": { - "privilege": "ListPhoneNumberOrders", - "description": "Grants permission to list the phone number orders under the administrator's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListPhoneNumberOrders.html" - }, - "ListPhoneNumbers": { - "privilege": "ListPhoneNumbers", - "description": "Grants permission to list the phone numbers under the administrator's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListPhoneNumbers.html" - }, - "ListProxySessions": { - "privilege": "ListProxySessions", - "description": "Grants permission to list proxy sessions for the specified Amazon Chime Voice Connector", - "access_level": "List", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListProxySessions.html" - }, - "ListRoomMemberships": { - "privilege": "ListRoomMemberships", - "description": "Grants permission to list all room members", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListRoomMemberships.html" - }, - "ListRooms": { - "privilege": "ListRooms", - "description": "Grants permission to list rooms", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListRooms.html" - }, - "ListSipMediaApplications": { - "privilege": "ListSipMediaApplications", - "description": "Grants permission to list all Amazon Chime SIP media applications under the administrator's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListSipMediaApplications.html" - }, - "ListSipRules": { - "privilege": "ListSipRules", - "description": "Grants permission to list all Amazon Chime SIP rules under the administrator's AWS account", - "access_level": "List", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListSipRules.html" - }, - "ListSubChannels": { - "privilege": "ListSubChannels", - "description": "Grants permission to list all the SubChannels under a single Channel", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListSubChannels.html" - }, - "ListSupportedPhoneNumberCountries": { - "privilege": "ListSupportedPhoneNumberCountries", - "description": "Grants permission to list the phone number countries supported by the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_ListSupportedPhoneNumberCountries.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags applied to an Amazon Chime resource", - "access_level": "Read", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "channel-flow": { - "resource_type": "channel-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "media-pipeline": { - "resource_type": "media-pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "meeting": { - "resource_type": "meeting", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sip-media-application": { - "resource_type": "sip-media-application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "voice-connector": { - "resource_type": "voice-connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "voice-profile-domain": { - "resource_type": "voice-profile-domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListTagsForResource.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list the users that belong to the specified Amazon Chime account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListUsers.html" - }, - "ListVoiceConnectorGroups": { - "privilege": "ListVoiceConnectorGroups", - "description": "Grants permission to list the Amazon Chime Voice Connector Groups under the administrator's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListVoiceConnectorGroups.html" - }, - "ListVoiceConnectorTerminationCredentials": { - "privilege": "ListVoiceConnectorTerminationCredentials", - "description": "Grants permission to list the SIP termination credentials for the specified Amazon Chime Voice Connector", - "access_level": "List", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListVoiceConnectorTerminationCredentials.html" - }, - "ListVoiceConnectors": { - "privilege": "ListVoiceConnectors", - "description": "Grants permission to list the Amazon Chime Voice Connectors under the administrator's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListVoiceConnectors.html" - }, - "ListVoiceProfileDomains": { - "privilege": "ListVoiceProfileDomains", - "description": "Grants permission to list voice profile domains", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_ListVoiceProfileDomains.html" - }, - "ListVoiceProfiles": { - "privilege": "ListVoiceProfiles", - "description": "Grants permission to list voice profiles", - "access_level": "List", - "resource_types": { - "voice-profile-domain": { - "resource_type": "voice-profile-domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_ListVoiceProfiles.html" - }, - "LogoutUser": { - "privilege": "LogoutUser", - "description": "Grants permission to log out the specified user from all of the devices they are currently logged into", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_LogoutUser.html" - }, - "PutAppInstanceRetentionSettings": { - "privilege": "PutAppInstanceRetentionSettings", - "description": "Grants permission to enable data retention for the app instance", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_PutAppInstanceRetentionSettings.html" - }, - "PutAppInstanceStreamingConfigurations": { - "privilege": "PutAppInstanceStreamingConfigurations", - "description": "Grants permission to configure data streaming for the app instance", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_PutAppInstanceStreamingConfigurations.html" - }, - "PutAppInstanceUserExpirationSettings": { - "privilege": "PutAppInstanceUserExpirationSettings", - "description": "Grants permission to put expiration settings for an AppInstanceUser", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_PutAppInstanceUserExpirationSettings.html" - }, - "PutChannelExpirationSettings": { - "privilege": "PutChannelExpirationSettings", - "description": "Grants permission to put expiration settings for a channel", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_PutChannelExpirationSettings.html" - }, - "PutChannelMembershipPreferences": { - "privilege": "PutChannelMembershipPreferences", - "description": "Grants permission to put the preferences for a channel membership", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_PutChannelMembershipPreferences.html" - }, - "PutEventsConfiguration": { - "privilege": "PutEventsConfiguration", - "description": "Grants permission to update details for an events configuration for a bot to receive outgoing events", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutEventsConfiguration.html" - }, - "PutMessagingStreamingConfigurations": { - "privilege": "PutMessagingStreamingConfigurations", - "description": "Grants permission to put the data streaming configurations of an AppInstance", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_PutMessagingStreamingConfigurations.html" - }, - "PutRetentionSettings": { - "privilege": "PutRetentionSettings", - "description": "Grants permission to create or update retention settings for the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutRetentionSettings.html" - }, - "PutSipMediaApplicationAlexaSkillConfiguration": { - "privilege": "PutSipMediaApplicationAlexaSkillConfiguration", - "description": "Grants permission to update Alexa Skill configuration settings for Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_PutSipMediaApplicationAlexaSkillConfiguration.html" - }, - "PutSipMediaApplicationLoggingConfiguration": { - "privilege": "PutSipMediaApplicationLoggingConfiguration", - "description": "Grants permission to update logging configuration settings for Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutSipMediaApplicationLoggingConfiguration.html" - }, - "PutVoiceConnectorEmergencyCallingConfiguration": { - "privilege": "PutVoiceConnectorEmergencyCallingConfiguration", - "description": "Grants permission to add emergency calling configuration for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorEmergencyCallingConfiguration.html" - }, - "PutVoiceConnectorLoggingConfiguration": { - "privilege": "PutVoiceConnectorLoggingConfiguration", - "description": "Grants permission to add logging configuration for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:CreateLogDelivery", - "logs:CreateLogGroup", - "logs:DeleteLogDelivery", - "logs:DescribeLogGroups", - "logs:GetLogDelivery", - "logs:ListLogDeliveries" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorLoggingConfiguration.html" - }, - "PutVoiceConnectorOrigination": { - "privilege": "PutVoiceConnectorOrigination", - "description": "Grants permission to update the origination settings for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorOrigination.html" - }, - "PutVoiceConnectorProxy": { - "privilege": "PutVoiceConnectorProxy", - "description": "Grants permission to add proxy configuration for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorProxy.html" - }, - "PutVoiceConnectorStreamingConfiguration": { - "privilege": "PutVoiceConnectorStreamingConfiguration", - "description": "Grants permission to add streaming configuration for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "chime:GetMediaInsightsPipelineConfiguration" - ] - }, - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorStreamingConfiguration.html" - }, - "PutVoiceConnectorTermination": { - "privilege": "PutVoiceConnectorTermination", - "description": "Grants permission to update the termination settings for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorTermination.html" - }, - "PutVoiceConnectorTerminationCredentials": { - "privilege": "PutVoiceConnectorTerminationCredentials", - "description": "Grants permission to add SIP termination credentials for the specified Amazon Chime Voice Connector", - "access_level": "Permissions management", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorTerminationCredentials.html" - }, - "RedactChannelMessage": { - "privilege": "RedactChannelMessage", - "description": "Grants permission to redact message content", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_RedactChannelMessage.html" - }, - "RedactConversationMessage": { - "privilege": "RedactConversationMessage", - "description": "Grants permission to redact the specified Chime conversation Message", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RedactConversationMessage.html" - }, - "RedactRoomMessage": { - "privilege": "RedactRoomMessage", - "description": "Grants permission to redacts the specified Chime room Message", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RedactRoomMessage.html" - }, - "RegenerateSecurityToken": { - "privilege": "RegenerateSecurityToken", - "description": "Grants permission to regenerate the security token for the specified bot", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RegenerateSecurityToken.html" - }, - "RegisterAppInstanceUserEndpoint": { - "privilege": "RegisterAppInstanceUserEndpoint", - "description": "Grants permission to register an endpoint for an app instance user", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "mobiletargeting:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_RegisterAppInstanceUserEndpoint.html" - }, - "RenameAccount": { - "privilege": "RenameAccount", - "description": "Grants permission to modify the account name for your Amazon Chime Enterprise or Team account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/rename-account.html" - }, - "RenewDelegate": { - "privilege": "RenewDelegate", - "description": "Grants permission to renew the delegation request associated with an Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ResetAccountResource": { - "privilege": "ResetAccountResource", - "description": "Grants permission to reset the account resource in your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ResetPersonalPIN": { - "privilege": "ResetPersonalPIN", - "description": "Grants permission to reset the personal meeting PIN for the specified user on an Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ResetPersonalPIN.html" - }, - "RestorePhoneNumber": { - "privilege": "RestorePhoneNumber", - "description": "Grants permission to restore the specified phone number from the deltion queue back to the phone number inventory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RestorePhoneNumber.html" - }, - "RetrieveDataExports": { - "privilege": "RetrieveDataExports", - "description": "Grants permission to download the file containing links to all user attachments returned as part of the \"Request attachments\" action", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/request-attachments.html" - }, - "SearchAvailablePhoneNumbers": { - "privilege": "SearchAvailablePhoneNumbers", - "description": "Grants permission to search phone numbers that can be ordered from the carrier", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_SearchAvailablePhoneNumbers.html" - }, - "SearchChannels": { - "privilege": "SearchChannels", - "description": "Grants permission to search channels that an AppInstanceUser belongs to, or search channels across the AppInstance for an AppInstaceAdmin", - "access_level": "List", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_SearchChannels.html" - }, - "SendChannelMessage": { - "privilege": "SendChannelMessage", - "description": "Grants permission to send a message to a particular channel that the member is a part of", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_SendChannelMessage.html" - }, - "StartDataExport": { - "privilege": "StartDataExport", - "description": "Grants permission to submit the \"Request attachments\" request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/request-attachments.html" - }, - "StartMeetingTranscription": { - "privilege": "StartMeetingTranscription", - "description": "Grants permission to start transcription for a meeting", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_StartMeetingTranscription.html" - }, - "StartSpeakerSearchTask": { - "privilege": "StartSpeakerSearchTask", - "description": "Grants permission to start a speaker search task", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StartSpeakerSearchTask.html" - }, - "StartVoiceToneAnalysisTask": { - "privilege": "StartVoiceToneAnalysisTask", - "description": "Grants permission to start a voice tone analysis task", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StartVoiceToneAnalysisTask.html" - }, - "StopMeetingTranscription": { - "privilege": "StopMeetingTranscription", - "description": "Grants permission to stop transcription for a meeting", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_StopMeetingTranscription.html" - }, - "StopSpeakerSearchTask": { - "privilege": "StopSpeakerSearchTask", - "description": "Grants permission to stop a speaker search task", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StopSpeakerSearchTask.html" - }, - "StopVoiceToneAnalysisTask": { - "privilege": "StopVoiceToneAnalysisTask", - "description": "Grants permission to stop a voice tone analysis task", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StopVoiceToneAnalysisTask.html" - }, - "SubmitSupportRequest": { - "privilege": "SubmitSupportRequest", - "description": "Grants permission to submit a customer service support request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/chime-getting-admin-support.html" - }, - "SuspendUsers": { - "privilege": "SuspendUsers", - "description": "Grants permission to suspend users from an Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" - }, - "TagAttendee": { - "privilege": "TagAttendee", - "description": "Grants permission to apply the specified tags to the specified Amazon Chime SDK attendee", - "access_level": "Tagging", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_TagAttendee.html" - }, - "TagMeeting": { - "privilege": "TagMeeting", - "description": "Grants permission to apply the specified tags to the specified Amazon Chime SDK meeting", - "access_level": "Tagging", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_TagMeeting.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to apply the specified tags to the specified Amazon Chime resource", - "access_level": "Tagging", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "channel-flow": { - "resource_type": "channel-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "media-pipeline": { - "resource_type": "media-pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "meeting": { - "resource_type": "meeting", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sip-media-application": { - "resource_type": "sip-media-application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "voice-connector": { - "resource_type": "voice-connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "voice-profile-domain": { - "resource_type": "voice-profile-domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_TagResource.html" - }, - "UnauthorizeDirectory": { - "privilege": "UnauthorizeDirectory", - "description": "Grants permission to unauthorize an Active Directory from your Amazon Chime Enterprise account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "UntagAttendee": { - "privilege": "UntagAttendee", - "description": "Grants permission to untag the specified tags from the specified Amazon Chime SDK attendee", - "access_level": "Tagging", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UntagAttendee.html" - }, - "UntagMeeting": { - "privilege": "UntagMeeting", - "description": "Grants permission to untag the specified tags from the specified Amazon Chime SDK meeting", - "access_level": "Tagging", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UntagMeeting.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified tags from the specified Amazon Chime resource", - "access_level": "Tagging", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "channel-flow": { - "resource_type": "channel-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "media-pipeline": { - "resource_type": "media-pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "meeting": { - "resource_type": "meeting", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sip-media-application": { - "resource_type": "sip-media-application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "voice-connector": { - "resource_type": "voice-connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "voice-profile-domain": { - "resource_type": "voice-profile-domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UntagResource.html" - }, - "UpdateAccount": { - "privilege": "UpdateAccount", - "description": "Grants permission to update account details for the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateAccount.html" - }, - "UpdateAccountOpenIdConfig": { - "privilege": "UpdateAccountOpenIdConfig", - "description": "Grants permission to update the OpenIdConfig attributes for your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" - }, - "UpdateAccountResource": { - "privilege": "UpdateAccountResource", - "description": "Grants permission to update the account resource in your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "UpdateAccountSettings": { - "privilege": "UpdateAccountSettings", - "description": "Grants permission to update the settings for the specified Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateAccountSettings.html" - }, - "UpdateAppInstance": { - "privilege": "UpdateAppInstance", - "description": "Grants permission to update AppInstance metadata", - "access_level": "Write", - "resource_types": { - "app-instance": { - "resource_type": "app-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstance.html" - }, - "UpdateAppInstanceBot": { - "privilege": "UpdateAppInstanceBot", - "description": "Grants permission to update the details for an AppInstanceBot", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstanceBot.html" - }, - "UpdateAppInstanceUser": { - "privilege": "UpdateAppInstanceUser", - "description": "Grants permission to update the details for an AppInstanceUser", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstanceUser.html" - }, - "UpdateAppInstanceUserEndpoint": { - "privilege": "UpdateAppInstanceUserEndpoint", - "description": "Grants permission to update an endpoint registered for an app instance user", - "access_level": "Write", - "resource_types": { - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstanceUserEndpoint.html" - }, - "UpdateAttendeeCapabilities": { - "privilege": "UpdateAttendeeCapabilities", - "description": "Grants permission to the capabilties that you want to update", - "access_level": "Write", - "resource_types": { - "meeting": { - "resource_type": "meeting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_meeting-chime_UpdateAttendeeCapabilities.html" - }, - "UpdateBot": { - "privilege": "UpdateBot", - "description": "Grants permission to update the status of the specified bot", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateBot.html" - }, - "UpdateCDRSettings": { - "privilege": "UpdateCDRSettings", - "description": "Grants permission to update your Call Detail Record S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:CreateBucket", - "s3:DeleteBucket", - "s3:ListAllMyBuckets" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Grants permission to update a channel's attributes", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannel.html" - }, - "UpdateChannelFlow": { - "privilege": "UpdateChannelFlow", - "description": "Grants permission to update a channel flow", - "access_level": "Write", - "resource_types": { - "channel-flow": { - "resource_type": "channel-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannelFlow.html" - }, - "UpdateChannelMessage": { - "privilege": "UpdateChannelMessage", - "description": "Grants permission to update the content of a message", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannelMessage.html" - }, - "UpdateChannelReadMarker": { - "privilege": "UpdateChannelReadMarker", - "description": "Grants permission to set the timestamp to the point when a user last read messages in a channel", - "access_level": "Write", - "resource_types": { - "app-instance-bot": { - "resource_type": "app-instance-bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "app-instance-user": { - "resource_type": "app-instance-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannelReadMarker.html" - }, - "UpdateGlobalSettings": { - "privilege": "UpdateGlobalSettings", - "description": "Grants permission to update the global settings related to Amazon Chime for the AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateGlobalSettings.html" - }, - "UpdateMediaInsightsPipelineConfiguration": { - "privilege": "UpdateMediaInsightsPipelineConfiguration", - "description": "Grants permission to update the status of a media insights pipeline configuration", - "access_level": "Write", - "resource_types": { - "media-insights-pipeline-configuration": { - "resource_type": "media-insights-pipeline-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "chime:ListVoiceConnectors", - "iam:PassRole", - "kinesis:DescribeStream", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_UpdateMediaInsightsPipelineConfiguration.html" - }, - "UpdateMediaInsightsPipelineStatus": { - "privilege": "UpdateMediaInsightsPipelineStatus", - "description": "Grants permission to update the status of a media insights pipeline", - "access_level": "Write", - "resource_types": { - "media-pipeline": { - "resource_type": "media-pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_UpdateMediaInsightsPipelineStatus.html" - }, - "UpdatePhoneNumber": { - "privilege": "UpdatePhoneNumber", - "description": "Grants permission to update phone number details for the specified phone number", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdatePhoneNumber.html" - }, - "UpdatePhoneNumberSettings": { - "privilege": "UpdatePhoneNumberSettings", - "description": "Grants permission to update phone number settings related to Amazon Chime for the AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdatePhoneNumberSettings.html" - }, - "UpdateProxySession": { - "privilege": "UpdateProxySession", - "description": "Grants permission to update a proxy session for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateProxySession.html" - }, - "UpdateRoom": { - "privilege": "UpdateRoom", - "description": "Grants permission to update a room", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateRoom.html" - }, - "UpdateRoomMembership": { - "privilege": "UpdateRoomMembership", - "description": "Grants permission to update room membership role", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateRoomMembership.html" - }, - "UpdateSipMediaApplication": { - "privilege": "UpdateSipMediaApplication", - "description": "Grants permission to update properties of Amazon Chime SIP media application under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateSipMediaApplication.html" - }, - "UpdateSipMediaApplicationCall": { - "privilege": "UpdateSipMediaApplicationCall", - "description": "Grants permission to update an Amazon Chime SIP media application call under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateSipMediaApplicationCall.html" - }, - "UpdateSipRule": { - "privilege": "UpdateSipRule", - "description": "Grants permission to update properties of Amazon Chime SIP rule under the administrator's AWS account", - "access_level": "Write", - "resource_types": { - "sip-media-application": { - "resource_type": "sip-media-application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateSipRule.html" - }, - "UpdateSupportedLicenses": { - "privilege": "UpdateSupportedLicenses", - "description": "Grants permission to update the supported license tiers available for users in your Amazon Chime account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update user details for a specified user ID", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateUser.html" - }, - "UpdateUserLicenses": { - "privilege": "UpdateUserLicenses", - "description": "Grants permission to update the licenses for your Amazon Chime users", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" - }, - "UpdateUserSettings": { - "privilege": "UpdateUserSettings", - "description": "Grants permission to update user settings related to the specified Amazon Chime user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateUserSettings.html" - }, - "UpdateVoiceConnector": { - "privilege": "UpdateVoiceConnector", - "description": "Grants permission to update Amazon Chime Voice Connector details for the specified Amazon Chime Voice Connector", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateVoiceConnector.html" - }, - "UpdateVoiceConnectorGroup": { - "privilege": "UpdateVoiceConnectorGroup", - "description": "Grants permission to update Amazon Chime Voice Connector Group details for the specified Amazon Chime Voice Connector Group", - "access_level": "Write", - "resource_types": { - "voice-connector": { - "resource_type": "voice-connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateVoiceConnectorGroup.html" - }, - "UpdateVoiceProfile": { - "privilege": "UpdateVoiceProfile", - "description": "Grants permission to update a voice profile", - "access_level": "Write", - "resource_types": { - "voice-profile": { - "resource_type": "voice-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_UpdateVoiceProfile.html" - }, - "UpdateVoiceProfileDomain": { - "privilege": "UpdateVoiceProfileDomain", - "description": "Grants permission to update a voice profile domain", - "access_level": "Write", - "resource_types": { - "voice-profile-domain": { - "resource_type": "voice-profile-domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_UpdateVoiceProfileDomain.html" - }, - "ValidateAccountResource": { - "privilege": "ValidateAccountResource", - "description": "Grants permission to validate the account resource in your Amazon Chime account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" - }, - "ValidateE911Address": { - "privilege": "ValidateE911Address", - "description": "Grants permission to validate an address to be used for 911 calls made with Amazon Chime Voice Connectors", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ValidateE911Address.html" - } - }, - "resources": { - "meeting": { - "resource": "meeting", - "arn": "arn:${Partition}:chime::${AccountId}:meeting/${MeetingId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "app-instance": { - "resource": "app-instance", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "app-instance-user": { - "resource": "app-instance-user", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/user/${AppInstanceUserId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "app-instance-bot": { - "resource": "app-instance-bot", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/bot/${AppInstanceBotId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/channel/${ChannelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "channel-flow": { - "resource": "channel-flow", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/channel-flow/${ChannelFlowId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "media-pipeline": { - "resource": "media-pipeline", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:media-pipeline/${MediaPipelineId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "media-insights-pipeline-configuration": { - "resource": "media-insights-pipeline-configuration", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:media-insights-pipeline-configuration/${ConfigurationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "voice-profile-domain": { - "resource": "voice-profile-domain", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:voice-profile-domain/${VoiceProfileDomainId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "voice-profile": { - "resource": "voice-profile", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:voice-profile/${VoiceProfileId}", - "condition_keys": [] - }, - "voice-connector": { - "resource": "voice-connector", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:vc/${VoiceConnectorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "sip-media-application": { - "resource": "sip-media-application", - "arn": "arn:${Partition}:chime:${Region}:${AccountId}:sma/${SipMediaApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - } - } - }, - "clouddirectory": { - "service_name": "Amazon Cloud Directory", - "prefix": "clouddirectory", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonclouddirectory.html", - "privileges": { - "AddFacetToObject": { - "privilege": "AddFacetToObject", - "description": "Grants permission to add a new Facet to an object", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AddFacetToObject.html" - }, - "ApplySchema": { - "privilege": "ApplySchema", - "description": "Grants permission to copy input published schema into Directory with same name and version as that of published schema", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ApplySchema.html" - }, - "AttachObject": { - "privilege": "AttachObject", - "description": "Grants permission to attach an existing object to another existing object", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachObject.html" - }, - "AttachPolicy": { - "privilege": "AttachPolicy", - "description": "Grants permission to attach a policy object to any other object", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachPolicy.html" - }, - "AttachToIndex": { - "privilege": "AttachToIndex", - "description": "Grants permission to attach the specified object to the specified index", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachToIndex.html" - }, - "AttachTypedLink": { - "privilege": "AttachTypedLink", - "description": "Grants permission to attach a typed link b/w a source & target object reference", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachTypedLink.html" - }, - "BatchRead": { - "privilege": "BatchRead", - "description": "Grants permission to perform all the read operations in a batch. Each individual operation inside BatchRead needs to be granted permissions explicitly", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_BatchRead.html" - }, - "BatchWrite": { - "privilege": "BatchWrite", - "description": "Grants permission to perform all the write operations in a batch. Each individual operation inside BatchWrite needs to be granted permissions explicitly", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_BatchWrite.html" - }, - "CreateDirectory": { - "privilege": "CreateDirectory", - "description": "Grants permission to create a Directory by copying the published schema into the directory", - "access_level": "Write", - "resource_types": { - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateDirectory.html" - }, - "CreateFacet": { - "privilege": "CreateFacet", - "description": "Grants permission to create a new Facet in a schema", - "access_level": "Write", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateFacet.html" - }, - "CreateIndex": { - "privilege": "CreateIndex", - "description": "Grants permission to create an index object", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateIndex.html" - }, - "CreateObject": { - "privilege": "CreateObject", - "description": "Grants permission to create an object in a Directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateObject.html" - }, - "CreateSchema": { - "privilege": "CreateSchema", - "description": "Grants permission to create a new schema in a development state", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateSchema.html" - }, - "CreateTypedLinkFacet": { - "privilege": "CreateTypedLinkFacet", - "description": "Grants permission to create a new Typed Link facet in a schema", - "access_level": "Write", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateTypedLinkFacet.html" - }, - "DeleteDirectory": { - "privilege": "DeleteDirectory", - "description": "Grants permission to delete a directory. Only disabled directories can be deleted", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteDirectory.html" - }, - "DeleteFacet": { - "privilege": "DeleteFacet", - "description": "Grants permission to delete a given Facet. All attributes and Rules associated with the facet will be deleted", - "access_level": "Write", - "resource_types": { - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteFacet.html" - }, - "DeleteObject": { - "privilege": "DeleteObject", - "description": "Grants permission to delete an object and its associated attributes", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteObject.html" - }, - "DeleteSchema": { - "privilege": "DeleteSchema", - "description": "Grants permission to delete a given schema", - "access_level": "Write", - "resource_types": { - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteSchema.html" - }, - "DeleteTypedLinkFacet": { - "privilege": "DeleteTypedLinkFacet", - "description": "Grants permission to delete a given TypedLink Facet. All attributes and Rules associated with the facet will be deleted", - "access_level": "Write", - "resource_types": { - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteTypedLinkFacet.html" - }, - "DetachFromIndex": { - "privilege": "DetachFromIndex", - "description": "Grants permission to detach the specified object from the specified index", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachFromIndex.html" - }, - "DetachObject": { - "privilege": "DetachObject", - "description": "Grants permission to detach a given object from the parent object", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachObject.html" - }, - "DetachPolicy": { - "privilege": "DetachPolicy", - "description": "Grants permission to detach a policy from an object", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachPolicy.html" - }, - "DetachTypedLink": { - "privilege": "DetachTypedLink", - "description": "Grants permission to detach a given typed link b/w given source and target object reference", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachTypedLink.html" - }, - "DisableDirectory": { - "privilege": "DisableDirectory", - "description": "Grants permission to disable the specified directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DisableDirectory.html" - }, - "EnableDirectory": { - "privilege": "EnableDirectory", - "description": "Grants permission to enable the specified directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_EnableDirectory.html" - }, - "GetAppliedSchemaVersion": { - "privilege": "GetAppliedSchemaVersion", - "description": "Grants permission to return current applied schema version ARN, including the minor version in use", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetAppliedSchemaVersion.html" - }, - "GetDirectory": { - "privilege": "GetDirectory", - "description": "Grants permission to retrieve metadata about a directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetDirectory.html" - }, - "GetFacet": { - "privilege": "GetFacet", - "description": "Grants permission to get details of the Facet, such as Facet Name, Attributes, Rules, or ObjectType", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetFacet.html" - }, - "GetLinkAttributes": { - "privilege": "GetLinkAttributes", - "description": "Grants permission to retrieve attributes that are associated with a typed link", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetLinkAttributes.html" - }, - "GetObjectAttributes": { - "privilege": "GetObjectAttributes", - "description": "Grants permission to retrieve attributes within a facet that are associated with an object", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetObjectAttributes.html" - }, - "GetObjectInformation": { - "privilege": "GetObjectInformation", - "description": "Grants permission to retrieve metadata about an object", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetObjectInformation.html" - }, - "GetSchemaAsJson": { - "privilege": "GetSchemaAsJson", - "description": "Grants permission to retrieve a JSON representation of the schema", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetSchemaAsJson.html" - }, - "GetTypedLinkFacetInformation": { - "privilege": "GetTypedLinkFacetInformation", - "description": "Grants permission to return identity attributes order information associated with a given typed link facet", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetTypedLinkFacetInformation.html" - }, - "ListAppliedSchemaArns": { - "privilege": "ListAppliedSchemaArns", - "description": "Grants permission to list schemas applied to a directory", - "access_level": "List", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListAppliedSchemaArns.html" - }, - "ListAttachedIndices": { - "privilege": "ListAttachedIndices", - "description": "Grants permission to list indices attached to an object", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListAttachedIndices.html" - }, - "ListDevelopmentSchemaArns": { - "privilege": "ListDevelopmentSchemaArns", - "description": "Grants permission to retrieve the ARNs of schemas in the development state", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListDevelopmentSchemaArns.html" - }, - "ListDirectories": { - "privilege": "ListDirectories", - "description": "Grants permission to list directories created within an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListDirectories.html" - }, - "ListFacetAttributes": { - "privilege": "ListFacetAttributes", - "description": "Grants permission to retrieve attributes attached to the facet", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListFacetAttributes.html" - }, - "ListFacetNames": { - "privilege": "ListFacetNames", - "description": "Grants permission to retrieve the names of facets that exist in a schema", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListFacetNames.html" - }, - "ListIncomingTypedLinks": { - "privilege": "ListIncomingTypedLinks", - "description": "Grants permission to return a paginated list of all incoming TypedLinks for a given object", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListIncomingTypedLinks.html" - }, - "ListIndex": { - "privilege": "ListIndex", - "description": "Grants permission to list objects attached to the specified index", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListIndex.html" - }, - "ListManagedSchemaArns": { - "privilege": "ListManagedSchemaArns", - "description": "Grants permission to list the major version families of each managed schema. If a major version ARN is provided as SchemaArn, the minor version revisions in that family are listed instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListManagedSchemaArns.html" - }, - "ListObjectAttributes": { - "privilege": "ListObjectAttributes", - "description": "Grants permission to list all attributes associated with an object", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectAttributes.html" - }, - "ListObjectChildren": { - "privilege": "ListObjectChildren", - "description": "Grants permission to return a paginated list of child objects associated with a given object", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectChildren.html" - }, - "ListObjectParentPaths": { - "privilege": "ListObjectParentPaths", - "description": "Grants permission to retrieve all available parent paths for any object type such as node, leaf node, policy node, and index node objects", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectParentPaths.html" - }, - "ListObjectParents": { - "privilege": "ListObjectParents", - "description": "Grants permission to list parent objects associated with a given object in pagination fashion", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectParents.html" - }, - "ListObjectPolicies": { - "privilege": "ListObjectPolicies", - "description": "Grants permission to return policies attached to an object in pagination fashion", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectPolicies.html" - }, - "ListOutgoingTypedLinks": { - "privilege": "ListOutgoingTypedLinks", - "description": "Grants permission to return a paginated list of all outgoing TypedLinks for a given object", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListOutgoingTypedLinks.html" - }, - "ListPolicyAttachments": { - "privilege": "ListPolicyAttachments", - "description": "Grants permission to return all of the ObjectIdentifiers to which a given policy is attached", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListPolicyAttachments.html" - }, - "ListPublishedSchemaArns": { - "privilege": "ListPublishedSchemaArns", - "description": "Grants permission to retrieve published schema ARNs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListPublishedSchemaArns.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return tags for a resource", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTypedLinkFacetAttributes": { - "privilege": "ListTypedLinkFacetAttributes", - "description": "Grants permission to return a paginated list of attributes associated with typed link facet", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListTypedLinkFacetAttributes.html" - }, - "ListTypedLinkFacetNames": { - "privilege": "ListTypedLinkFacetNames", - "description": "Grants permission to return a paginated list of typed link facet names that exist in a schema", - "access_level": "Read", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListTypedLinkFacetNames.html" - }, - "LookupPolicy": { - "privilege": "LookupPolicy", - "description": "Grants permission to list all policies from the root of the Directory to the object specified", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_LookupPolicy.html" - }, - "PublishSchema": { - "privilege": "PublishSchema", - "description": "Grants permission to publish a development schema with a version", - "access_level": "Write", - "resource_types": { - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_PublishSchema.html" - }, - "PutSchemaFromJson": { - "privilege": "PutSchemaFromJson", - "description": "Grants permission to update a schema using JSON upload. Only available for development schemas", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_PutSchemaFromJson.html" - }, - "RemoveFacetFromObject": { - "privilege": "RemoveFacetFromObject", - "description": "Grants permission to remove the specified facet from the specified object", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_RemoveFacetFromObject.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UntagResource.html" - }, - "UpdateFacet": { - "privilege": "UpdateFacet", - "description": "Grants permission to add/update/delete existing Attributes, Rules, or ObjectType of a Facet", - "access_level": "Write", - "resource_types": { - "appliedSchema": { - "resource_type": "appliedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateFacet.html" - }, - "UpdateLinkAttributes": { - "privilege": "UpdateLinkAttributes", - "description": "Grants permission to update a given typed link\u2019s attributes. Attributes to be updated must not contribute to the typed link\u2019s identity, as defined by its IdentityAttributeOrder", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateLinkAttributes.html" - }, - "UpdateObjectAttributes": { - "privilege": "UpdateObjectAttributes", - "description": "Grants permission to update a given object's attributes", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateObjectAttributes.html" - }, - "UpdateSchema": { - "privilege": "UpdateSchema", - "description": "Grants permission to update the schema name with a new name", - "access_level": "Write", - "resource_types": { - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateSchema.html" - }, - "UpdateTypedLinkFacet": { - "privilege": "UpdateTypedLinkFacet", - "description": "Grants permission to add/update/delete existing Attributes, Rules, identity attribute order of a TypedLink Facet", - "access_level": "Write", - "resource_types": { - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateTypedLinkFacet.html" - }, - "UpgradeAppliedSchema": { - "privilege": "UpgradeAppliedSchema", - "description": "Grants permission to upgrade a single directory in-place using the PublishedSchemaArn with schema updates found in MinorVersion. Backwards-compatible minor version upgrades are instantaneously available for readers on all objects in the directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpgradeAppliedSchema.html" - }, - "UpgradePublishedSchema": { - "privilege": "UpgradePublishedSchema", - "description": "Grants permission to upgrade a published schema under a new minor version revision using the current contents of DevelopmentSchemaArn", - "access_level": "Write", - "resource_types": { - "developmentSchema": { - "resource_type": "developmentSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "publishedSchema": { - "resource_type": "publishedSchema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpgradePublishedSchema.html" - } - }, - "resources": { - "appliedSchema": { - "resource": "appliedSchema", - "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:directory/${DirectoryId}/schema/${SchemaName}/${Version}", - "condition_keys": [] - }, - "developmentSchema": { - "resource": "developmentSchema", - "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:schema/development/${SchemaName}", - "condition_keys": [] - }, - "directory": { - "resource": "directory", - "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:directory/${DirectoryId}", - "condition_keys": [] - }, - "publishedSchema": { - "resource": "publishedSchema", - "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:schema/published/${SchemaName}/${Version}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "cloudfront": { - "service_name": "Amazon CloudFront", - "prefix": "cloudfront", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudfront.html", - "privileges": { - "AssociateAlias": { - "privilege": "AssociateAlias", - "description": "Grants permission to associate an alias to a CloudFront distribution", - "access_level": "Write", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_AssociateAlias.html" - }, - "CopyDistribution": { - "privilege": "CopyDistribution", - "description": "Grants permission to copy an existing distribution and create a new web distribution", - "access_level": "Write", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudfront:CopyDistribution", - "cloudfront:CreateDistribution", - "cloudfront:GetDistribution" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CopyDistribution.html" - }, - "CreateCachePolicy": { - "privilege": "CreateCachePolicy", - "description": "Grants permission to add a new cache policy to CloudFront", - "access_level": "Write", - "resource_types": { - "cache-policy": { - "resource_type": "cache-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateCachePolicy.html" - }, - "CreateCloudFrontOriginAccessIdentity": { - "privilege": "CreateCloudFrontOriginAccessIdentity", - "description": "Grants permission to create a new CloudFront origin access identity", - "access_level": "Write", - "resource_types": { - "origin-access-identity": { - "resource_type": "origin-access-identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateCloudFrontOriginAccessIdentity.html" - }, - "CreateContinuousDeploymentPolicy": { - "privilege": "CreateContinuousDeploymentPolicy", - "description": "Grants permission to add a new continuous-deployment policy to CloudFront", - "access_level": "Write", - "resource_types": { - "continuous-deployment-policy": { - "resource_type": "continuous-deployment-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateContinuousDeploymentPolicy.html" - }, - "CreateDistribution": { - "privilege": "CreateDistribution", - "description": "Grants permission to create a new web distribution", - "access_level": "Write", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html" - }, - "CreateFieldLevelEncryptionConfig": { - "privilege": "CreateFieldLevelEncryptionConfig", - "description": "Grants permission to create a new field-level encryption configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateFieldLevelEncryptionConfig.html" - }, - "CreateFieldLevelEncryptionProfile": { - "privilege": "CreateFieldLevelEncryptionProfile", - "description": "Grants permission to create a field-level encryption profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateFieldLevelEncryptionProfile.html" - }, - "CreateFunction": { - "privilege": "CreateFunction", - "description": "Grants permission to create a CloudFront function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateFunction.html" - }, - "CreateInvalidation": { - "privilege": "CreateInvalidation", - "description": "Grants permission to create a new invalidation batch request", - "access_level": "Write", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateInvalidation.html" - }, - "CreateKeyGroup": { - "privilege": "CreateKeyGroup", - "description": "Grants permission to add a new key group to CloudFront", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateKeyGroup.html" - }, - "CreateMonitoringSubscription": { - "privilege": "CreateMonitoringSubscription", - "description": "Grants permission to enable additional CloudWatch metrics for the specified CloudFront distribution. The additional metrics incur an additional cost", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateMonitoringSubscription.html" - }, - "CreateOriginAccessControl": { - "privilege": "CreateOriginAccessControl", - "description": "Grants permission to create a new origin access control", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateOriginAccessControl.html" - }, - "CreateOriginRequestPolicy": { - "privilege": "CreateOriginRequestPolicy", - "description": "Grants permission to add a new origin request policy to CloudFront", - "access_level": "Write", - "resource_types": { - "origin-request-policy": { - "resource_type": "origin-request-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateOriginRequestPolicy.html" - }, - "CreatePublicKey": { - "privilege": "CreatePublicKey", - "description": "Grants permission to add a new public key to CloudFront", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreatePublicKey.html" - }, - "CreateRealtimeLogConfig": { - "privilege": "CreateRealtimeLogConfig", - "description": "Grants permission to create a real-time log configuration", - "access_level": "Write", - "resource_types": { - "realtime-log-config": { - "resource_type": "realtime-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateRealtimeLogConfig.html" - }, - "CreateResponseHeadersPolicy": { - "privilege": "CreateResponseHeadersPolicy", - "description": "Grants permission to add a new response headers policy to CloudFront", - "access_level": "Write", - "resource_types": { - "response-headers-policy": { - "resource_type": "response-headers-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateResponseHeadersPolicy.html" - }, - "CreateSavingsPlan": { - "privilege": "CreateSavingsPlan", - "description": "Grants permission to create a new savings plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" - }, - "CreateStreamingDistribution": { - "privilege": "CreateStreamingDistribution", - "description": "Grants permission to create a new RTMP distribution", - "access_level": "Write", - "resource_types": { - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateStreamingDistribution.html" - }, - "CreateStreamingDistributionWithTags": { - "privilege": "CreateStreamingDistributionWithTags", - "description": "Grants permission to create a new RTMP distribution with tags", - "access_level": "Write", - "resource_types": { - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateStreamingDistributionWithTags.html" - }, - "DeleteCachePolicy": { - "privilege": "DeleteCachePolicy", - "description": "Grants permission to delete a cache policy", - "access_level": "Write", - "resource_types": { - "cache-policy": { - "resource_type": "cache-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteCachePolicy.html" - }, - "DeleteCloudFrontOriginAccessIdentity": { - "privilege": "DeleteCloudFrontOriginAccessIdentity", - "description": "Grants permission to delete a CloudFront origin access identity", - "access_level": "Write", - "resource_types": { - "origin-access-identity": { - "resource_type": "origin-access-identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteCloudFrontOriginAccessIdentity.html" - }, - "DeleteContinuousDeploymentPolicy": { - "privilege": "DeleteContinuousDeploymentPolicy", - "description": "Grants permission to delete a continuous-deployment policy", - "access_level": "Write", - "resource_types": { - "continuous-deployment-policy": { - "resource_type": "continuous-deployment-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteContinuousDeploymentPolicy.html" - }, - "DeleteDistribution": { - "privilege": "DeleteDistribution", - "description": "Grants permission to delete a web distribution", - "access_level": "Write", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteDistribution.html" - }, - "DeleteFieldLevelEncryptionConfig": { - "privilege": "DeleteFieldLevelEncryptionConfig", - "description": "Grants permission to delete a field-level encryption configuration", - "access_level": "Write", - "resource_types": { - "field-level-encryption-config": { - "resource_type": "field-level-encryption-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteFieldLevelEncryptionConfig.html" - }, - "DeleteFieldLevelEncryptionProfile": { - "privilege": "DeleteFieldLevelEncryptionProfile", - "description": "Grants permission to delete a field-level encryption profile", - "access_level": "Write", - "resource_types": { - "field-level-encryption-profile": { - "resource_type": "field-level-encryption-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteFieldLevelEncryptionProfile.html" - }, - "DeleteFunction": { - "privilege": "DeleteFunction", - "description": "Grants permission to delete a CloudFront function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteFunction.html" - }, - "DeleteKeyGroup": { - "privilege": "DeleteKeyGroup", - "description": "Grants permission to delete a key group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteKeyGroup.html" - }, - "DeleteMonitoringSubscription": { - "privilege": "DeleteMonitoringSubscription", - "description": "Grants permission to disable additional CloudWatch metrics for the specified CloudFront distribution", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteMonitoringSubscription.html" - }, - "DeleteOriginAccessControl": { - "privilege": "DeleteOriginAccessControl", - "description": "Grants permission to delete an origin access control", - "access_level": "Write", - "resource_types": { - "origin-access-control": { - "resource_type": "origin-access-control", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteOriginAccessControl.html" - }, - "DeleteOriginRequestPolicy": { - "privilege": "DeleteOriginRequestPolicy", - "description": "Grants permission to delete an origin request policy", - "access_level": "Write", - "resource_types": { - "origin-request-policy": { - "resource_type": "origin-request-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteOriginRequestPolicy.html" - }, - "DeletePublicKey": { - "privilege": "DeletePublicKey", - "description": "Grants permission to delete a public key from CloudFront", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeletePublicKey.html" - }, - "DeleteRealtimeLogConfig": { - "privilege": "DeleteRealtimeLogConfig", - "description": "Grants permission to delete a real-time log configuration", - "access_level": "Write", - "resource_types": { - "realtime-log-config": { - "resource_type": "realtime-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteRealtimeLogConfig.html" - }, - "DeleteResponseHeadersPolicy": { - "privilege": "DeleteResponseHeadersPolicy", - "description": "Grants permission to delete a response headers policy", - "access_level": "Write", - "resource_types": { - "response-headers-policy": { - "resource_type": "response-headers-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteResponseHeadersPolicy.html" - }, - "DeleteStreamingDistribution": { - "privilege": "DeleteStreamingDistribution", - "description": "Grants permission to delete an RTMP distribution", - "access_level": "Write", - "resource_types": { - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteStreamingDistribution.html" - }, - "DescribeFunction": { - "privilege": "DescribeFunction", - "description": "Grants permission to get a CloudFront function summary", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DescribeFunction.html" - }, - "GetCachePolicy": { - "privilege": "GetCachePolicy", - "description": "Grants permission to get the cache policy", - "access_level": "Read", - "resource_types": { - "cache-policy": { - "resource_type": "cache-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCachePolicy.html" - }, - "GetCachePolicyConfig": { - "privilege": "GetCachePolicyConfig", - "description": "Grants permission to get the cache policy configuration", - "access_level": "Read", - "resource_types": { - "cache-policy": { - "resource_type": "cache-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCachePolicyConfig.html" - }, - "GetCloudFrontOriginAccessIdentity": { - "privilege": "GetCloudFrontOriginAccessIdentity", - "description": "Grants permission to get the information about a CloudFront origin access identity", - "access_level": "Read", - "resource_types": { - "origin-access-identity": { - "resource_type": "origin-access-identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCloudFrontOriginAccessIdentity.html" - }, - "GetCloudFrontOriginAccessIdentityConfig": { - "privilege": "GetCloudFrontOriginAccessIdentityConfig", - "description": "Grants permission to get the configuration information about a Cloudfront origin access identity", - "access_level": "Read", - "resource_types": { - "origin-access-identity": { - "resource_type": "origin-access-identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCloudFrontOriginAccessIdentityConfig.html" - }, - "GetContinuousDeploymentPolicy": { - "privilege": "GetContinuousDeploymentPolicy", - "description": "Grants permission to get the continuous-deployment policy", - "access_level": "Read", - "resource_types": { - "continuous-deployment-policy": { - "resource_type": "continuous-deployment-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetContinuousDeploymentPolicy.html" - }, - "GetContinuousDeploymentPolicyConfig": { - "privilege": "GetContinuousDeploymentPolicyConfig", - "description": "Grants permission to get the continuous-deployment policy configuration", - "access_level": "Read", - "resource_types": { - "continuous-deployment-policy": { - "resource_type": "continuous-deployment-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetContinuousDeploymentPolicyConfig.html" - }, - "GetDistribution": { - "privilege": "GetDistribution", - "description": "Grants permission to get the information about a web distribution", - "access_level": "Read", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistribution.html" - }, - "GetDistributionConfig": { - "privilege": "GetDistributionConfig", - "description": "Grants permission to get the configuration information about a distribution", - "access_level": "Read", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistributionConfig.html" - }, - "GetFieldLevelEncryption": { - "privilege": "GetFieldLevelEncryption", - "description": "Grants permission to get the field-level encryption configuration information", - "access_level": "Read", - "resource_types": { - "field-level-encryption-config": { - "resource_type": "field-level-encryption-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryption.html" - }, - "GetFieldLevelEncryptionConfig": { - "privilege": "GetFieldLevelEncryptionConfig", - "description": "Grants permission to get the field-level encryption configuration information", - "access_level": "Read", - "resource_types": { - "field-level-encryption-config": { - "resource_type": "field-level-encryption-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryptionConfig.html" - }, - "GetFieldLevelEncryptionProfile": { - "privilege": "GetFieldLevelEncryptionProfile", - "description": "Grants permission to get the field-level encryption configuration information", - "access_level": "Read", - "resource_types": { - "field-level-encryption-profile": { - "resource_type": "field-level-encryption-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryptionProfile.html" - }, - "GetFieldLevelEncryptionProfileConfig": { - "privilege": "GetFieldLevelEncryptionProfileConfig", - "description": "Grants permission to get the field-level encryption profile configuration information", - "access_level": "Read", - "resource_types": { - "field-level-encryption-profile": { - "resource_type": "field-level-encryption-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryptionProfileConfig.html" - }, - "GetFunction": { - "privilege": "GetFunction", - "description": "Grants permission to get a CloudFront function's code", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFunction.html" - }, - "GetInvalidation": { - "privilege": "GetInvalidation", - "description": "Grants permission to get the information about an invalidation", - "access_level": "Read", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetInvalidation.html" - }, - "GetKeyGroup": { - "privilege": "GetKeyGroup", - "description": "Grants permission to get a key group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetKeyGroup.html" - }, - "GetKeyGroupConfig": { - "privilege": "GetKeyGroupConfig", - "description": "Grants permission to get a key group configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetKeyGroupConfig.html" - }, - "GetMonitoringSubscription": { - "privilege": "GetMonitoringSubscription", - "description": "Grants permission to get information about whether additional CloudWatch metrics are enabled for the specified CloudFront distribution", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetMonitoringSubscription.html" - }, - "GetOriginAccessControl": { - "privilege": "GetOriginAccessControl", - "description": "Grants permission to get the origin access control", - "access_level": "Read", - "resource_types": { - "origin-access-control": { - "resource_type": "origin-access-control", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginAccessControl.html" - }, - "GetOriginAccessControlConfig": { - "privilege": "GetOriginAccessControlConfig", - "description": "Grants permission to get the origin access control configuration", - "access_level": "Read", - "resource_types": { - "origin-access-control": { - "resource_type": "origin-access-control", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginAccessControlConfig.html" - }, - "GetOriginRequestPolicy": { - "privilege": "GetOriginRequestPolicy", - "description": "Grants permission to get the origin request policy", - "access_level": "Read", - "resource_types": { - "origin-request-policy": { - "resource_type": "origin-request-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginRequestPolicy.html" - }, - "GetOriginRequestPolicyConfig": { - "privilege": "GetOriginRequestPolicyConfig", - "description": "Grants permission to get the origin request policy configuration", - "access_level": "Read", - "resource_types": { - "origin-request-policy": { - "resource_type": "origin-request-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginRequestPolicyConfig.html" - }, - "GetPublicKey": { - "privilege": "GetPublicKey", - "description": "Grants permission to get the public key information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetPublicKey.html" - }, - "GetPublicKeyConfig": { - "privilege": "GetPublicKeyConfig", - "description": "Grants permission to get the public key configuration information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetPublicKeyConfig.html" - }, - "GetRealtimeLogConfig": { - "privilege": "GetRealtimeLogConfig", - "description": "Grants permission to get a real-time log configuration", - "access_level": "Read", - "resource_types": { - "realtime-log-config": { - "resource_type": "realtime-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetRealtimeLogConfig.html" - }, - "GetResponseHeadersPolicy": { - "privilege": "GetResponseHeadersPolicy", - "description": "Grants permission to get the response headers policy", - "access_level": "Read", - "resource_types": { - "response-headers-policy": { - "resource_type": "response-headers-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetResponseHeadersPolicy.html" - }, - "GetResponseHeadersPolicyConfig": { - "privilege": "GetResponseHeadersPolicyConfig", - "description": "Grants permission to get the response headers policy configuration", - "access_level": "Read", - "resource_types": { - "response-headers-policy": { - "resource_type": "response-headers-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetResponseHeadersPolicyConfig.html" - }, - "GetSavingsPlan": { - "privilege": "GetSavingsPlan", - "description": "Grants permission to get a savings plan", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" - }, - "GetStreamingDistribution": { - "privilege": "GetStreamingDistribution", - "description": "Grants permission to get the information about an RTMP distribution", - "access_level": "Read", - "resource_types": { - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetStreamingDistribution.html" - }, - "GetStreamingDistributionConfig": { - "privilege": "GetStreamingDistributionConfig", - "description": "Grants permission to get the configuration information about a streaming distribution", - "access_level": "Read", - "resource_types": { - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetStreamingDistributionConfig.html" - }, - "ListCachePolicies": { - "privilege": "ListCachePolicies", - "description": "Grants permission to list all cache policies that have been created in CloudFront for this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListCachePolicies.html" - }, - "ListCloudFrontOriginAccessIdentities": { - "privilege": "ListCloudFrontOriginAccessIdentities", - "description": "Grants permission to list your CloudFront origin access identities", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListCloudFrontOriginAccessIdentities.html" - }, - "ListConflictingAliases": { - "privilege": "ListConflictingAliases", - "description": "Grants permission to list all aliases that conflict with the given alias in CloudFront", - "access_level": "List", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListConflictingAliases.html" - }, - "ListContinuousDeploymentPolicies": { - "privilege": "ListContinuousDeploymentPolicies", - "description": "Grants permission to list all continuous-deployment policies in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListContinuousDeploymentPolicies.html" - }, - "ListDistributions": { - "privilege": "ListDistributions", - "description": "Grants permission to list the distributions associated with your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributions.html" - }, - "ListDistributionsByCachePolicyId": { - "privilege": "ListDistributionsByCachePolicyId", - "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified cache policy", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByCachePolicyId.html" - }, - "ListDistributionsByKeyGroup": { - "privilege": "ListDistributionsByKeyGroup", - "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified key group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByKeyGroup.html" - }, - "ListDistributionsByLambdaFunction": { - "privilege": "ListDistributionsByLambdaFunction", - "description": "Grants permission to list the distributions associated a Lambda function", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" - }, - "ListDistributionsByOriginRequestPolicyId": { - "privilege": "ListDistributionsByOriginRequestPolicyId", - "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified origin request policy", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByOriginRequestPolicyId.html" - }, - "ListDistributionsByRealtimeLogConfig": { - "privilege": "ListDistributionsByRealtimeLogConfig", - "description": "Grants permission to get a list of distributions that have a cache behavior that\u2019s associated with the specified real-time log configuration", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByRealtimeLogConfig.html" - }, - "ListDistributionsByResponseHeadersPolicyId": { - "privilege": "ListDistributionsByResponseHeadersPolicyId", - "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified response headers policy", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByResponseHeadersPolicyId.html" - }, - "ListDistributionsByWebACLId": { - "privilege": "ListDistributionsByWebACLId", - "description": "Grants permission to list the distributions associated with your AWS account with given AWS WAF web ACL", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByWebACLId.html" - }, - "ListFieldLevelEncryptionConfigs": { - "privilege": "ListFieldLevelEncryptionConfigs", - "description": "Grants permission to list all field-level encryption configurations that have been created in CloudFront for this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListFieldLevelEncryptionConfigs.html" - }, - "ListFieldLevelEncryptionProfiles": { - "privilege": "ListFieldLevelEncryptionProfiles", - "description": "Grants permission to list all field-level encryption profiles that have been created in CloudFront for this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListFieldLevelEncryptionProfiles.html" - }, - "ListFunctions": { - "privilege": "ListFunctions", - "description": "Grants permission to get a list of CloudFront functions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListFunctions.html" - }, - "ListInvalidations": { - "privilege": "ListInvalidations", - "description": "Grants permission to list your invalidation batches", - "access_level": "List", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListInvalidations.html" - }, - "ListKeyGroups": { - "privilege": "ListKeyGroups", - "description": "Grants permission to list all key groups that have been created in CloudFront for this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListKeyGroups.html" - }, - "ListOriginAccessControls": { - "privilege": "ListOriginAccessControls", - "description": "Grants permission to list all origin access controls in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListOriginAccessControls.html" - }, - "ListOriginRequestPolicies": { - "privilege": "ListOriginRequestPolicies", - "description": "Grants permission to list all origin request policies that have been created in CloudFront for this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListOriginRequestPolicies.html" - }, - "ListPublicKeys": { - "privilege": "ListPublicKeys", - "description": "Grants permission to list all public keys that have been added to CloudFront for this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListPublicKeys.html" - }, - "ListRateCards": { - "privilege": "ListRateCards", - "description": "Grants permission to list CloudFront rate cards for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" - }, - "ListRealtimeLogConfigs": { - "privilege": "ListRealtimeLogConfigs", - "description": "Grants permission to get a list of real-time log configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListRealtimeLogConfigs.html" - }, - "ListResponseHeadersPolicies": { - "privilege": "ListResponseHeadersPolicies", - "description": "Grants permission to list all response headers policies that have been created in CloudFront for this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListResponseHeadersPolicies.html" - }, - "ListSavingsPlans": { - "privilege": "ListSavingsPlans", - "description": "Grants permission to list savings plans in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" - }, - "ListStreamingDistributions": { - "privilege": "ListStreamingDistributions", - "description": "Grants permission to list your RTMP distributions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListStreamingDistributions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a CloudFront resource", - "access_level": "Read", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListTagsForResource.html" - }, - "ListUsages": { - "privilege": "ListUsages", - "description": "Grants permission to list CloudFront usage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" - }, - "PublishFunction": { - "privilege": "PublishFunction", - "description": "Grants permission to publish a CloudFront function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_PublishFunction.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a CloudFront resource", - "access_level": "Tagging", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_TagResource.html" - }, - "TestFunction": { - "privilege": "TestFunction", - "description": "Grants permission to test a CloudFront function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_TestFunction.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a CloudFront resource", - "access_level": "Tagging", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UntagResource.html" - }, - "UpdateCachePolicy": { - "privilege": "UpdateCachePolicy", - "description": "Grants permission to update a cache policy", - "access_level": "Write", - "resource_types": { - "cache-policy": { - "resource_type": "cache-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateCachePolicy.html" - }, - "UpdateCloudFrontOriginAccessIdentity": { - "privilege": "UpdateCloudFrontOriginAccessIdentity", - "description": "Grants permission to set the configuration for a CloudFront origin access identity", - "access_level": "Write", - "resource_types": { - "origin-access-identity": { - "resource_type": "origin-access-identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateCloudFrontOriginAccessIdentity.html" - }, - "UpdateContinuousDeploymentPolicy": { - "privilege": "UpdateContinuousDeploymentPolicy", - "description": "Grants permission to update a continuous-deployment policy", - "access_level": "Write", - "resource_types": { - "continuous-deployment-policy": { - "resource_type": "continuous-deployment-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateContinuousDeploymentPolicy.html" - }, - "UpdateDistribution": { - "privilege": "UpdateDistribution", - "description": "Grants permission to update the configuration for a web distribution", - "access_level": "Write", - "resource_types": { - "distribution": { - "resource_type": "distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html" - }, - "UpdateFieldLevelEncryptionConfig": { - "privilege": "UpdateFieldLevelEncryptionConfig", - "description": "Grants permission to update a field-level encryption configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateFieldLevelEncryptionConfig.html" - }, - "UpdateFieldLevelEncryptionProfile": { - "privilege": "UpdateFieldLevelEncryptionProfile", - "description": "Grants permission to update a field-level encryption profile", - "access_level": "Write", - "resource_types": { - "field-level-encryption-profile": { - "resource_type": "field-level-encryption-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateFieldLevelEncryptionProfile.html" - }, - "UpdateFunction": { - "privilege": "UpdateFunction", - "description": "Grants permission to update a CloudFront function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateFunction.html" - }, - "UpdateKeyGroup": { - "privilege": "UpdateKeyGroup", - "description": "Grants permission to update a key group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateKeyGroup.html" - }, - "UpdateOriginAccessControl": { - "privilege": "UpdateOriginAccessControl", - "description": "Grants permission to update an origin access control", - "access_level": "Write", - "resource_types": { - "origin-access-control": { - "resource_type": "origin-access-control", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateOriginAccessControl.html" - }, - "UpdateOriginRequestPolicy": { - "privilege": "UpdateOriginRequestPolicy", - "description": "Grants permission to update an origin request policy", - "access_level": "Write", - "resource_types": { - "origin-request-policy": { - "resource_type": "origin-request-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateOriginRequestPolicy.html" - }, - "UpdatePublicKey": { - "privilege": "UpdatePublicKey", - "description": "Grants permission to update public key information", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdatePublicKey.html" - }, - "UpdateRealtimeLogConfig": { - "privilege": "UpdateRealtimeLogConfig", - "description": "Grants permission to update a real-time log configuration", - "access_level": "Write", - "resource_types": { - "realtime-log-config": { - "resource_type": "realtime-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateRealtimeLogConfig.html" - }, - "UpdateResponseHeadersPolicy": { - "privilege": "UpdateResponseHeadersPolicy", - "description": "Grants permission to update a response headers policy", - "access_level": "Write", - "resource_types": { - "response-headers-policy": { - "resource_type": "response-headers-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateResponseHeadersPolicy.html" - }, - "UpdateSavingsPlan": { - "privilege": "UpdateSavingsPlan", - "description": "Grants permission to update a savings plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" - }, - "UpdateStreamingDistribution": { - "privilege": "UpdateStreamingDistribution", - "description": "Grants permission to update the configuration for an RTMP distribution", - "access_level": "Write", - "resource_types": { - "streaming-distribution": { - "resource_type": "streaming-distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateStreamingDistribution.html" - } - }, - "resources": { - "distribution": { - "resource": "distribution", - "arn": "arn:${Partition}:cloudfront::${Account}:distribution/${DistributionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "streaming-distribution": { - "resource": "streaming-distribution", - "arn": "arn:${Partition}:cloudfront::${Account}:streaming-distribution/${DistributionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "origin-access-identity": { - "resource": "origin-access-identity", - "arn": "arn:${Partition}:cloudfront::${Account}:origin-access-identity/${Id}", - "condition_keys": [] - }, - "field-level-encryption-config": { - "resource": "field-level-encryption-config", - "arn": "arn:${Partition}:cloudfront::${Account}:field-level-encryption-config/${Id}", - "condition_keys": [] - }, - "field-level-encryption-profile": { - "resource": "field-level-encryption-profile", - "arn": "arn:${Partition}:cloudfront::${Account}:field-level-encryption-profile/${Id}", - "condition_keys": [] - }, - "cache-policy": { - "resource": "cache-policy", - "arn": "arn:${Partition}:cloudfront::${Account}:cache-policy/${Id}", - "condition_keys": [] - }, - "origin-request-policy": { - "resource": "origin-request-policy", - "arn": "arn:${Partition}:cloudfront::${Account}:origin-request-policy/${Id}", - "condition_keys": [] - }, - "realtime-log-config": { - "resource": "realtime-log-config", - "arn": "arn:${Partition}:cloudfront::${Account}:realtime-log-config/${Name}", - "condition_keys": [] - }, - "function": { - "resource": "function", - "arn": "arn:${Partition}:cloudfront::${Account}:function/${Name}", - "condition_keys": [] - }, - "response-headers-policy": { - "resource": "response-headers-policy", - "arn": "arn:${Partition}:cloudfront::${Account}:response-headers-policy/${Id}", - "condition_keys": [] - }, - "origin-access-control": { - "resource": "origin-access-control", - "arn": "arn:${Partition}:cloudfront::${Account}:origin-access-control/${Id}", - "condition_keys": [] - }, - "continuous-deployment-policy": { - "resource": "continuous-deployment-policy", - "arn": "arn:${Partition}:cloudfront::${Account}:continuous-deployment-policy/${Id}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "cloudsearch": { - "service_name": "Amazon CloudSearch", - "prefix": "cloudsearch", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudsearch.html", - "privileges": { - "AddTags": { - "privilege": "AddTags", - "description": "Attaches resource tags to an Amazon CloudSearch domain", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_AddTags.html" - }, - "BuildSuggesters": { - "privilege": "BuildSuggesters", - "description": "Indexes the search suggestions", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_BuildSuggesters.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Creates a new search domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_CreateDomain.html" - }, - "DefineAnalysisScheme": { - "privilege": "DefineAnalysisScheme", - "description": "Configures an analysis scheme that can be applied to a text or text-array field to define language-specific text processing options", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineAnalysisScheme.html" - }, - "DefineExpression": { - "privilege": "DefineExpression", - "description": "Configures an Expression for the search domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineExpression.html" - }, - "DefineIndexField": { - "privilege": "DefineIndexField", - "description": "Configures an IndexField for the search domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineIndexField.html" - }, - "DefineSuggester": { - "privilege": "DefineSuggester", - "description": "Configures a suggester for a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineSuggester.html" - }, - "DeleteAnalysisScheme": { - "privilege": "DeleteAnalysisScheme", - "description": "Deletes an analysis scheme", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteAnalysisScheme.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Permanently deletes a search domain and all of its data", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteDomain.html" - }, - "DeleteExpression": { - "privilege": "DeleteExpression", - "description": "Removes an Expression from the search domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteExpression.html" - }, - "DeleteIndexField": { - "privilege": "DeleteIndexField", - "description": "Removes an IndexField from the search domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteIndexField.html" - }, - "DeleteSuggester": { - "privilege": "DeleteSuggester", - "description": "Deletes a suggester", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteSuggester.html" - }, - "DescribeAnalysisSchemes": { - "privilege": "DescribeAnalysisSchemes", - "description": "Gets the analysis schemes configured for a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeAnalysisSchemes.html" - }, - "DescribeAvailabilityOptions": { - "privilege": "DescribeAvailabilityOptions", - "description": "Gets the availability options configured for a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeAvailabilityOptions.html" - }, - "DescribeDomainEndpointOptions": { - "privilege": "DescribeDomainEndpointOptions", - "description": "Gets the domain endpoint options configured for a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeDomainEndpointOptions.html" - }, - "DescribeDomains": { - "privilege": "DescribeDomains", - "description": "Gets information about the search domains owned by this account", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeDomains.html" - }, - "DescribeExpressions": { - "privilege": "DescribeExpressions", - "description": "Gets the expressions configured for the search domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeExpressions.html" - }, - "DescribeIndexFields": { - "privilege": "DescribeIndexFields", - "description": "Gets information about the index fields configured for the search domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeIndexFields.html" - }, - "DescribeScalingParameters": { - "privilege": "DescribeScalingParameters", - "description": "Gets the scaling parameters configured for a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeScalingParameters.html" - }, - "DescribeServiceAccessPolicies": { - "privilege": "DescribeServiceAccessPolicies", - "description": "Gets information about the access policies that control access to the domain's document and search endpoints", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeServiceAccessPolicies.html" - }, - "DescribeSuggesters": { - "privilege": "DescribeSuggesters", - "description": "Gets the suggesters configured for a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeSuggesters.html" - }, - "IndexDocuments": { - "privilege": "IndexDocuments", - "description": "Tells the search domain to start indexing its documents using the latest indexing options", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_IndexDocuments.html" - }, - "ListDomainNames": { - "privilege": "ListDomainNames", - "description": "Lists all search domains owned by an account", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_ListDomainNames.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Displays all of the resource tags for an Amazon CloudSearch domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_ListTags.html" - }, - "RemoveTags": { - "privilege": "RemoveTags", - "description": "Removes the specified resource tags from an Amazon ES domain", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_RemoveTags.html" - }, - "UpdateAvailabilityOptions": { - "privilege": "UpdateAvailabilityOptions", - "description": "Configures the availability options for a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateAvailabilityOptions.html" - }, - "UpdateDomainEndpointOptions": { - "privilege": "UpdateDomainEndpointOptions", - "description": "Configures the domain endpoint options for a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateDomainEndpointOptions.html" - }, - "UpdateScalingParameters": { - "privilege": "UpdateScalingParameters", - "description": "Configures scaling parameters for a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateScalingParameters.html" - }, - "UpdateServiceAccessPolicies": { - "privilege": "UpdateServiceAccessPolicies", - "description": "Configures the access rules that control access to the domain's document and search endpoints", - "access_level": "Permissions management", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateServiceAccessPolicies.html" - }, - "document": { - "privilege": "document", - "description": "Allows access to the document service operations", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html#cloudsearch-actions" - }, - "search": { - "privilege": "search", - "description": "Allows access to the search operations", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html#cloudsearch-actions" - }, - "suggest": { - "privilege": "suggest", - "description": "Allows access to the suggest operations", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html#cloudsearch-actions" - } - }, - "resources": { - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:cloudsearch:${Region}:${Account}:domain/${DomainName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "cloudwatch": { - "service_name": "Amazon CloudWatch", - "prefix": "cloudwatch", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatch.html", - "privileges": { - "DeleteAlarms": { - "privilege": "DeleteAlarms", - "description": "Grants permission to delete a collection of alarms", - "access_level": "Write", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteAlarms.html" - }, - "DeleteAnomalyDetector": { - "privilege": "DeleteAnomalyDetector", - "description": "Grants permission to delete the specified anomaly detection model from your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteAnomalyDetector.html" - }, - "DeleteDashboards": { - "privilege": "DeleteDashboards", - "description": "Grants permission to delete all CloudWatch dashboards that you specify", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteDashboards.html" - }, - "DeleteInsightRules": { - "privilege": "DeleteInsightRules", - "description": "Grants permission to delete a collection of insight rules", - "access_level": "Write", - "resource_types": { - "insight-rule": { - "resource_type": "insight-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteInsightRules.html" - }, - "DeleteMetricStream": { - "privilege": "DeleteMetricStream", - "description": "Grants permission to delete the CloudWatch metric stream that you specify", - "access_level": "Write", - "resource_types": { - "metric-stream": { - "resource_type": "metric-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteMetricStream.html" - }, - "DescribeAlarmHistory": { - "privilege": "DescribeAlarmHistory", - "description": "Grants permission to retrieve the history for the specified alarm", - "access_level": "Read", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAlarmHistory.html" - }, - "DescribeAlarms": { - "privilege": "DescribeAlarms", - "description": "Grants permission to describe all alarms, currently owned by the user's account", - "access_level": "Read", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAlarms.html" - }, - "DescribeAlarmsForMetric": { - "privilege": "DescribeAlarmsForMetric", - "description": "Grants permission to describe all alarms configured on the specified metric, currently owned by the user's account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAlarmsForMetric.html" - }, - "DescribeAnomalyDetectors": { - "privilege": "DescribeAnomalyDetectors", - "description": "Grants permission to list the anomaly detection models that you have created in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAnomalyDetectors.html" - }, - "DescribeInsightRules": { - "privilege": "DescribeInsightRules", - "description": "Grants permission to describe all insight rules, currently owned by the user's account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeInsightRules.html" - }, - "DisableAlarmActions": { - "privilege": "DisableAlarmActions", - "description": "Grants permission to disable actions for a collection of alarms", - "access_level": "Write", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DisableAlarmActions.html" - }, - "DisableInsightRules": { - "privilege": "DisableInsightRules", - "description": "Grants permission to disable a collection of insight rules", - "access_level": "Write", - "resource_types": { - "insight-rule": { - "resource_type": "insight-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DisableInsightRules.html" - }, - "EnableAlarmActions": { - "privilege": "EnableAlarmActions", - "description": "Grants permission to enable actions for a collection of alarms", - "access_level": "Write", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_EnableAlarmActions.html" - }, - "EnableInsightRules": { - "privilege": "EnableInsightRules", - "description": "Grants permission to enable a collection of insight rules", - "access_level": "Write", - "resource_types": { - "insight-rule": { - "resource_type": "insight-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_EnableInsightRules.html" - }, - "GetDashboard": { - "privilege": "GetDashboard", - "description": "Grants permission to display the details of the CloudWatch dashboard you specify", - "access_level": "Read", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetDashboard.html" - }, - "GetInsightRuleReport": { - "privilege": "GetInsightRuleReport", - "description": "Grants permission to return the top-N report of unique contributors over a time range for a given insight rule", - "access_level": "Read", - "resource_types": { - "insight-rule": { - "resource_type": "insight-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetInsightRuleReport.html" - }, - "GetMetricData": { - "privilege": "GetMetricData", - "description": "Grants permission to retrieve batch amounts of CloudWatch metric data and perform metric math on retrieved data", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricData.html" - }, - "GetMetricStatistics": { - "privilege": "GetMetricStatistics", - "description": "Grants permission to retrieve statistics for the specified metric", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStatistics.html" - }, - "GetMetricStream": { - "privilege": "GetMetricStream", - "description": "Grants permission to return the details of a CloudWatch metric stream", - "access_level": "Read", - "resource_types": { - "metric-stream": { - "resource_type": "metric-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStream.html" - }, - "GetMetricWidgetImage": { - "privilege": "GetMetricWidgetImage", - "description": "Grants permission to retrieve snapshots of metric widgets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricWidgetImage.html" - }, - "Link": { - "privilege": "Link", - "description": "Grants permission to share CloudWatch resources with a monitoring account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" - }, - "ListDashboards": { - "privilege": "ListDashboards", - "description": "Grants permission to return a list of all CloudWatch dashboards in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListDashboards.html" - }, - "ListManagedInsightRules": { - "privilege": "ListManagedInsightRules", - "description": "Grants permission to list available managed Insight Rules for a given Resource ARN", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "cloudwatch:requestManagedResourceARNs" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListManagedInsightRules.html" - }, - "ListMetricStreams": { - "privilege": "ListMetricStreams", - "description": "Grants permission to return a list of all CloudWatch metric streams in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetricStreams.html" - }, - "ListMetrics": { - "privilege": "ListMetrics", - "description": "Grants permission to retrieve a list of valid metrics stored for the AWS account owner", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an Amazon CloudWatch resource", - "access_level": "List", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "insight-rule": { - "resource_type": "insight-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListTagsForResource.html" - }, - "PutAnomalyDetector": { - "privilege": "PutAnomalyDetector", - "description": "Grants permission to create or update an anomaly detection model for a CloudWatch metric", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutAnomalyDetector.html" - }, - "PutCompositeAlarm": { - "privilege": "PutCompositeAlarm", - "description": "Grants permission to create or update a composite alarm", - "access_level": "Write", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "cloudwatch:AlarmActions" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html" - }, - "PutDashboard": { - "privilege": "PutDashboard", - "description": "Grants permission to create a CloudWatch dashboard, or update an existing dashboard if it already exists", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutDashboard.html" - }, - "PutInsightRule": { - "privilege": "PutInsightRule", - "description": "Grants permission to create a new insight rule or replace an existing insight rule", - "access_level": "Write", - "resource_types": { - "insight-rule": { - "resource_type": "insight-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "cloudwatch:requestInsightRuleLogGroups" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutInsightRule.html" - }, - "PutManagedInsightRules": { - "privilege": "PutManagedInsightRules", - "description": "Grants permission to create managed Insight Rules", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "cloudwatch:requestManagedResourceARNs" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutManagedInsightRules.html" - }, - "PutMetricAlarm": { - "privilege": "PutMetricAlarm", - "description": "Grants permission to create or update an alarm and associates it with the specified Amazon CloudWatch metric", - "access_level": "Write", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "cloudwatch:AlarmActions" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html" - }, - "PutMetricData": { - "privilege": "PutMetricData", - "description": "Grants permission to publish metric data points to Amazon CloudWatch", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudwatch:namespace" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricData.html" - }, - "PutMetricStream": { - "privilege": "PutMetricStream", - "description": "Grants permission to create a CloudWatch metric stream, or update an existing metric stream if it already exists", - "access_level": "Write", - "resource_types": { - "metric-stream": { - "resource_type": "metric-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricStream.html" - }, - "SetAlarmState": { - "privilege": "SetAlarmState", - "description": "Grants permission to temporarily set the state of an alarm for testing purposes", - "access_level": "Write", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_SetAlarmState.html" - }, - "StartMetricStreams": { - "privilege": "StartMetricStreams", - "description": "Grants permission to start all CloudWatch metric streams that you specify", - "access_level": "Write", - "resource_types": { - "metric-stream": { - "resource_type": "metric-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_StartMetricStreams.html" - }, - "StopMetricStreams": { - "privilege": "StopMetricStreams", - "description": "Grants permission to stop all CloudWatch metric streams that you specify", - "access_level": "Write", - "resource_types": { - "metric-stream": { - "resource_type": "metric-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_StopMetricStreams.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to an Amazon CloudWatch resource", - "access_level": "Tagging", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "insight-rule": { - "resource_type": "insight-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an Amazon CloudWatch resource", - "access_level": "Tagging", - "resource_types": { - "alarm": { - "resource_type": "alarm", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "insight-rule": { - "resource_type": "insight-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_UntagResource.html" - } - }, - "resources": { - "alarm": { - "resource": "alarm", - "arn": "arn:${Partition}:cloudwatch:${Region}:${Account}:alarm:${AlarmName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dashboard": { - "resource": "dashboard", - "arn": "arn:${Partition}:cloudwatch::${Account}:dashboard/${DashboardName}", - "condition_keys": [] - }, - "insight-rule": { - "resource": "insight-rule", - "arn": "arn:${Partition}:cloudwatch:${Region}:${Account}:insight-rule/${InsightRuleName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "metric-stream": { - "resource": "metric-stream", - "arn": "arn:${Partition}:cloudwatch:${Region}:${Account}:metric-stream/${MetricStreamName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "cloudwatch:AlarmActions": { - "condition": "cloudwatch:AlarmActions", - "description": "Filters actions based on defined alarm actions", - "type": "ArrayOfString" - }, - "cloudwatch:namespace": { - "condition": "cloudwatch:namespace", - "description": "Filters actions based on the presence of optional namespace values", - "type": "String" - }, - "cloudwatch:requestInsightRuleLogGroups": { - "condition": "cloudwatch:requestInsightRuleLogGroups", - "description": "Filters actions based on the Log Groups specified in an Insight Rule", - "type": "ArrayOfString" - }, - "cloudwatch:requestManagedResourceARNs": { - "condition": "cloudwatch:requestManagedResourceARNs", - "description": "Filters access by the Resource ARNs specified in a managed Insight Rule", - "type": "ArrayOfString" - } - } - }, - "applicationinsights": { - "service_name": "Amazon CloudWatch Application Insights", - "prefix": "applicationinsights", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchapplicationinsights.html", - "privileges": { - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application from a resource group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_CreateApplication.html" - }, - "CreateComponent": { - "privilege": "CreateComponent", - "description": "Grants permission to create a component from a group of resources", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_CreateComponent.html" - }, - "CreateLogPattern": { - "privilege": "CreateLogPattern", - "description": "Grants permission to create log a pattern", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_CreateLogPattern.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DeleteApplication.html" - }, - "DeleteComponent": { - "privilege": "DeleteComponent", - "description": "Grants permission to delete a component", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DeleteComponent.html" - }, - "DeleteLogPattern": { - "privilege": "DeleteLogPattern", - "description": "Grants permission to delete a log pattern", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DeleteLogPattern.html" - }, - "DescribeApplication": { - "privilege": "DescribeApplication", - "description": "Grants permission to describe an application", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeApplication.html" - }, - "DescribeComponent": { - "privilege": "DescribeComponent", - "description": "Grants permission to describe a component", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeComponent.html" - }, - "DescribeComponentConfiguration": { - "privilege": "DescribeComponentConfiguration", - "description": "Grants permission to describe a component's configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeComponentConfiguration.html" - }, - "DescribeComponentConfigurationRecommendation": { - "privilege": "DescribeComponentConfigurationRecommendation", - "description": "Grants permission to describe the recommended application component configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeComponentConfigurationRecommendation.html" - }, - "DescribeLogPattern": { - "privilege": "DescribeLogPattern", - "description": "Grants permission to describe a log pattern", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeLogPattern.html" - }, - "DescribeObservation": { - "privilege": "DescribeObservation", - "description": "Grants permission to describe an observation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeObservation.html" - }, - "DescribeProblem": { - "privilege": "DescribeProblem", - "description": "Grants permission to describe a problem", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeProblem.html" - }, - "DescribeProblemObservations": { - "privilege": "DescribeProblemObservations", - "description": "Grants permission to describe the observation in a problem", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeProblemObservations.html" - }, - "Link": { - "privilege": "Link", - "description": "Grants permission to share Application Insights resources with a monitoring account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list all applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListApplications.html" - }, - "ListComponents": { - "privilege": "ListComponents", - "description": "Grants permission to list an application's components", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListComponents.html" - }, - "ListConfigurationHistory": { - "privilege": "ListConfigurationHistory", - "description": "Grants permission to list configuration history", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListConfigurationHistory.html" - }, - "ListLogPatternSets": { - "privilege": "ListLogPatternSets", - "description": "Grants permission to list log pattern sets for an application", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListLogPatternSets.html" - }, - "ListLogPatterns": { - "privilege": "ListLogPatterns", - "description": "Grants permission to list log patterns", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListLogPatterns.html" - }, - "ListProblems": { - "privilege": "ListProblems", - "description": "Grants permission to list the problems in an application", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListProblems.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for the resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateApplication.html" - }, - "UpdateComponent": { - "privilege": "UpdateComponent", - "description": "Grants permission to update a component", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateComponent.html" - }, - "UpdateComponentConfiguration": { - "privilege": "UpdateComponentConfiguration", - "description": "Grants permission to update a component's configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateComponentConfiguration.html" - }, - "UpdateLogPattern": { - "privilege": "UpdateLogPattern", - "description": "Grants permission to update a log pattern", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateLogPattern.html" - } - }, - "resources": {}, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - } - } - }, - "evidently": { - "service_name": "Amazon CloudWatch Evidently", - "prefix": "evidently", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchevidently.html", - "privileges": { - "BatchEvaluateFeature": { - "privilege": "BatchEvaluateFeature", - "description": "Grants permission to send a batched evaluate feature request", - "access_level": "Write", - "resource_types": { - "Feature": { - "resource_type": "Feature", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_BatchEvaluateFeature.html" - }, - "CreateExperiment": { - "privilege": "CreateExperiment", - "description": "Grants permission to create an experiment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateExperiment.html" - }, - "CreateFeature": { - "privilege": "CreateFeature", - "description": "Grants permission to create a feature", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateFeature.html" - }, - "CreateLaunch": { - "privilege": "CreateLaunch", - "description": "Grants permission to create a launch", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateLaunch.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a project", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:GetRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateProject.html" - }, - "CreateSegment": { - "privilege": "CreateSegment", - "description": "Grants permission to create a segment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateSegment.html" - }, - "DeleteExperiment": { - "privilege": "DeleteExperiment", - "description": "Grants permission to delete an experiment", - "access_level": "Write", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteExperiment.html" - }, - "DeleteFeature": { - "privilege": "DeleteFeature", - "description": "Grants permission to delete a feature", - "access_level": "Write", - "resource_types": { - "Feature": { - "resource_type": "Feature", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteFeature.html" - }, - "DeleteLaunch": { - "privilege": "DeleteLaunch", - "description": "Grants permission to delete a launch", - "access_level": "Write", - "resource_types": { - "Launch": { - "resource_type": "Launch", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteLaunch.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteProject.html" - }, - "DeleteSegment": { - "privilege": "DeleteSegment", - "description": "Grants permission to delete a segment", - "access_level": "Write", - "resource_types": { - "Segment": { - "resource_type": "Segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteSegment.html" - }, - "EvaluateFeature": { - "privilege": "EvaluateFeature", - "description": "Grants permission to send an evaluate feature request", - "access_level": "Write", - "resource_types": { - "Feature": { - "resource_type": "Feature", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html" - }, - "GetExperiment": { - "privilege": "GetExperiment", - "description": "Grants permission to get experiment details", - "access_level": "Read", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetExperiment.html" - }, - "GetExperimentResults": { - "privilege": "GetExperimentResults", - "description": "Grants permission to get experiment result", - "access_level": "Read", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetExperimentResults.html" - }, - "GetFeature": { - "privilege": "GetFeature", - "description": "Grants permission to get feature details", - "access_level": "Read", - "resource_types": { - "Feature": { - "resource_type": "Feature", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetFeature.html" - }, - "GetLaunch": { - "privilege": "GetLaunch", - "description": "Grants permission to get launch details", - "access_level": "Read", - "resource_types": { - "Launch": { - "resource_type": "Launch", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetLaunch.html" - }, - "GetProject": { - "privilege": "GetProject", - "description": "Grants permission to get project details", - "access_level": "Read", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetProject.html" - }, - "GetSegment": { - "privilege": "GetSegment", - "description": "Grants permission to get segment details", - "access_level": "Read", - "resource_types": { - "Segment": { - "resource_type": "Segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetSegment.html" - }, - "ListExperiments": { - "privilege": "ListExperiments", - "description": "Grants permission to list experiments", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListExperiments.html" - }, - "ListFeatures": { - "privilege": "ListFeatures", - "description": "Grants permission to list features", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListFeatures.html" - }, - "ListLaunches": { - "privilege": "ListLaunches", - "description": "Grants permission to list launches", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListLaunches.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list projects", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListProjects.html" - }, - "ListSegmentReferences": { - "privilege": "ListSegmentReferences", - "description": "Grants permission to list resources referencing a segment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListSegmentReferences.html" - }, - "ListSegments": { - "privilege": "ListSegments", - "description": "Grants permission to list segments", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListSegments.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListTagsForResource.html" - }, - "PutProjectEvents": { - "privilege": "PutProjectEvents", - "description": "Grants permission to send performance events", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_PutProjectEvents.html" - }, - "StartExperiment": { - "privilege": "StartExperiment", - "description": "Grants permission to start an experiment", - "access_level": "Write", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StartExperiment.html" - }, - "StartLaunch": { - "privilege": "StartLaunch", - "description": "Grants permission to start a launch", - "access_level": "Write", - "resource_types": { - "Launch": { - "resource_type": "Launch", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StartLaunch.html" - }, - "StopExperiment": { - "privilege": "StopExperiment", - "description": "Grants permission to stop an experiment", - "access_level": "Write", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StopExperiment.html" - }, - "StopLaunch": { - "privilege": "StopLaunch", - "description": "Grants permission to stop a launch", - "access_level": "Write", - "resource_types": { - "Launch": { - "resource_type": "Launch", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StopLaunch.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag resources", - "access_level": "Tagging", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Feature": { - "resource_type": "Feature", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Launch": { - "resource_type": "Launch", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Project": { - "resource_type": "Project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Segment": { - "resource_type": "Segment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_TagResource.html" - }, - "TestSegmentPattern": { - "privilege": "TestSegmentPattern", - "description": "Grants permission to test a segment pattern", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_TestSegmentPattern.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag resources", - "access_level": "Tagging", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Feature": { - "resource_type": "Feature", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Launch": { - "resource_type": "Launch", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Project": { - "resource_type": "Project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Segment": { - "resource_type": "Segment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UntagResource.html" - }, - "UpdateExperiment": { - "privilege": "UpdateExperiment", - "description": "Grants permission to update experiment", - "access_level": "Write", - "resource_types": { - "Experiment": { - "resource_type": "Experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateExperiment.html" - }, - "UpdateFeature": { - "privilege": "UpdateFeature", - "description": "Grants permission to update feature", - "access_level": "Write", - "resource_types": { - "Feature": { - "resource_type": "Feature", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateFeature.html" - }, - "UpdateLaunch": { - "privilege": "UpdateLaunch", - "description": "Grants permission to update a launch", - "access_level": "Write", - "resource_types": { - "Launch": { - "resource_type": "Launch", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateLaunch.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to update project", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:GetRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateProject.html" - }, - "UpdateProjectDataDelivery": { - "privilege": "UpdateProjectDataDelivery", - "description": "Grants permission to update project data delivery", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateProjectDataDelivery.html" - } - }, - "resources": { - "Project": { - "resource": "Project", - "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Feature": { - "resource": "Feature", - "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}/feature/${FeatureName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Experiment": { - "resource": "Experiment", - "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}/experiment/${ExperimentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Launch": { - "resource": "Launch", - "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}/launch/${LaunchName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Segment": { - "resource": "Segment", - "arn": "arn:${Partition}:evidently:${Region}:${Account}:segment/${SegmentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed the request on behalf of the IAM principal", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource that make the request on behalf of the IAM principal", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request on behalf of the IAM principal", - "type": "ArrayOfString" - } - } - }, - "internetmonitor": { - "service_name": "Amazon CloudWatch Internet Monitor", - "prefix": "internetmonitor", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchinternetmonitor.html", - "privileges": { - "CreateMonitor": { - "privilege": "CreateMonitor", - "description": "Grants permission to create a monitor", - "access_level": "Write", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_CreateMonitor.html" - }, - "DeleteMonitor": { - "privilege": "DeleteMonitor", - "description": "Grants permission to delete a monitor", - "access_level": "Write", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_DeleteMonitor.html" - }, - "GetHealthEvent": { - "privilege": "GetHealthEvent", - "description": "Grants permission to get information about a health event for a specified monitor", - "access_level": "Read", - "resource_types": { - "HealthEvent": { - "resource_type": "HealthEvent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_GetHealthEvent.html" - }, - "GetMonitor": { - "privilege": "GetMonitor", - "description": "Grants permission to get information about a monitor", - "access_level": "Read", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_GetMonitor.html" - }, - "ListHealthEvents": { - "privilege": "ListHealthEvents", - "description": "Grants permission to list all health events for a monitor", - "access_level": "List", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_ListHealthEvents.html" - }, - "ListMonitors": { - "privilege": "ListMonitors", - "description": "Grants permission to list all monitors in an account and their statuses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_ListMonitors.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_UntagResource.html" - }, - "UpdateMonitor": { - "privilege": "UpdateMonitor", - "description": "Grants permission to update a monitor", - "access_level": "Write", - "resource_types": { - "Monitor": { - "resource_type": "Monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_UpdateMonitor.html" - } - }, - "resources": { - "HealthEvent": { - "resource": "HealthEvent", - "arn": "arn:${Partition}:internetmonitor:${Region}:${Account}:monitor/${MonitorName}/health-event/${EventId}", - "condition_keys": [] - }, - "Monitor": { - "resource": "Monitor", - "arn": "arn:${Partition}:internetmonitor:${Region}:${Account}:monitor/${MonitorName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "logs": { - "service_name": "Amazon CloudWatch Logs", - "prefix": "logs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchlogs.html", - "privileges": { - "AssociateKmsKey": { - "privilege": "AssociateKmsKey", - "description": "Grants permission to associate the specified AWS Key Management Service (AWS KMS) customer master key (CMK) with the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_AssociateKmsKey.html" - }, - "CancelExportTask": { - "privilege": "CancelExportTask", - "description": "Grants permission to cancel an export task if it is in PENDING or RUNNING state", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CancelExportTask.html" - }, - "CreateExportTask": { - "privilege": "CreateExportTask", - "description": "Grants permission to create an ExportTask which allows you to efficiently export data from a Log Group to your Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateExportTask.html" - }, - "CreateLogDelivery": { - "privilege": "CreateLogDelivery", - "description": "Grants permission to create the log delivery", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" - }, - "CreateLogGroup": { - "privilege": "CreateLogGroup", - "description": "Grants permission to create a new log group with the specified name", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogGroup.html" - }, - "CreateLogStream": { - "privilege": "CreateLogStream", - "description": "Grants permission to create a new log stream with the specified name", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogStream.html" - }, - "DeleteAccountPolicy": { - "privilege": "DeleteAccountPolicy", - "description": "Grants permission to delete a data protection policy attached to an account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDataProtectionPolicy.html" - }, - "DeleteDataProtectionPolicy": { - "privilege": "DeleteDataProtectionPolicy", - "description": "Grants permission to delete a data protection policy attached to a log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDataProtectionPolicy.html" - }, - "DeleteDestination": { - "privilege": "DeleteDestination", - "description": "Grants permission to delete the destination with the specified name", - "access_level": "Write", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDestination.html" - }, - "DeleteLogDelivery": { - "privilege": "DeleteLogDelivery", - "description": "Grants permission to delete the log delivery information for specified log delivery", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" - }, - "DeleteLogGroup": { - "privilege": "DeleteLogGroup", - "description": "Grants permission to delete the log group with the specified name", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteLogGroup.html" - }, - "DeleteLogStream": { - "privilege": "DeleteLogStream", - "description": "Grants permission to delete a log stream", - "access_level": "Write", - "resource_types": { - "log-stream": { - "resource_type": "log-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteLogStream.html" - }, - "DeleteMetricFilter": { - "privilege": "DeleteMetricFilter", - "description": "Grants permission to delete a metric filter associated with the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteMetricFilter.html" - }, - "DeleteQueryDefinition": { - "privilege": "DeleteQueryDefinition", - "description": "Grants permission to delete a saved CloudWatch Logs Insights query definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteQueryDefinition.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy from this account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteRetentionPolicy": { - "privilege": "DeleteRetentionPolicy", - "description": "Grants permission to delete the retention policy of the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html" - }, - "DeleteSubscriptionFilter": { - "privilege": "DeleteSubscriptionFilter", - "description": "Grants permission to delete a subscription filter associated with the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteSubscriptionFilter.html" - }, - "DescribeAccountPolicies": { - "privilege": "DescribeAccountPolicies", - "description": "Grants permission to retrieve a data protection policy attached to an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeAccountPolicies.html" - }, - "DescribeDestinations": { - "privilege": "DescribeDestinations", - "description": "Grants permission to return all the destinations that are associated with the AWS account making the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDestinations.html" - }, - "DescribeExportTasks": { - "privilege": "DescribeExportTasks", - "description": "Grants permission to return all the export tasks that are associated with the AWS account making the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeExportTasks.html" - }, - "DescribeLogGroups": { - "privilege": "DescribeLogGroups", - "description": "Grants permission to return all the log groups that are associated with the AWS account making the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogGroups.html" - }, - "DescribeLogStreams": { - "privilege": "DescribeLogStreams", - "description": "Grants permission to return all the log streams that are associated with the specified log group", - "access_level": "List", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogStreams.html" - }, - "DescribeMetricFilters": { - "privilege": "DescribeMetricFilters", - "description": "Grants permission to return all the metrics filters associated with the specified log group", - "access_level": "List", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeMetricFilters.html" - }, - "DescribeQueries": { - "privilege": "DescribeQueries", - "description": "Grants permission to return a list of CloudWatch Logs Insights queries that are scheduled, executing, or have been executed recently in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueries.html" - }, - "DescribeQueryDefinitions": { - "privilege": "DescribeQueryDefinitions", - "description": "Grants permission to return a paginated list of your saved CloudWatch Logs Insights query definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html" - }, - "DescribeResourcePolicies": { - "privilege": "DescribeResourcePolicies", - "description": "Grants permission to return all the resource policies in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeResourcePolicies.html" - }, - "DescribeSubscriptionFilters": { - "privilege": "DescribeSubscriptionFilters", - "description": "Grants permission to return all the subscription filters associated with the specified log group", - "access_level": "List", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeSubscriptionFilters.html" - }, - "DisassociateKmsKey": { - "privilege": "DisassociateKmsKey", - "description": "Grants permission to disassociate the associated AWS Key Management Service (AWS KMS) customer master key (CMK) from the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DisassociateKmsKey.html" - }, - "FilterLogEvents": { - "privilege": "FilterLogEvents", - "description": "Grants permission to retrieve log events, optionally filtered by a filter pattern from the specified log group", - "access_level": "Read", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html" - }, - "GetDataProtectionPolicy": { - "privilege": "GetDataProtectionPolicy", - "description": "Grants permission to retrieve a data protection policy attached to a log group", - "access_level": "Read", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetDataProtectionPolicy.html" - }, - "GetLogDelivery": { - "privilege": "GetLogDelivery", - "description": "Grants permission to get the log delivery information for specified log delivery", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" - }, - "GetLogEvents": { - "privilege": "GetLogEvents", - "description": "Grants permission to retrieve log events from the specified log stream", - "access_level": "Read", - "resource_types": { - "log-stream": { - "resource_type": "log-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html" - }, - "GetLogGroupFields": { - "privilege": "GetLogGroupFields", - "description": "Grants permission to return a list of the fields that are included in log events in the specified log group, along with the percentage of log events that contain each field", - "access_level": "Read", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogGroupFields.html" - }, - "GetLogRecord": { - "privilege": "GetLogRecord", - "description": "Grants permission to retrieve all the fields and values of a single log event", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogRecord.html" - }, - "GetQueryResults": { - "privilege": "GetQueryResults", - "description": "Grants permission to return the results from the specified query", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetQueryResults.html" - }, - "Link": { - "privilege": "Link", - "description": "Grants permission to share CloudWatch resources with a monitoring account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" - }, - "ListLogDeliveries": { - "privilege": "ListLogDeliveries", - "description": "Grants permission to list all the log deliveries for specified account and/or log source", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for the specified resource", - "access_level": "List", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "log-group": { - "resource_type": "log-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTagsLogGroup": { - "privilege": "ListTagsLogGroup", - "description": "Grants permission to list the tags for the specified log group", - "access_level": "List", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html" - }, - "PutAccountPolicy": { - "privilege": "PutAccountPolicy", - "description": "Grants permission to attach a data protection policy at account level to detect and redact sensitive information from log events", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html" - }, - "PutDataProtectionPolicy": { - "privilege": "PutDataProtectionPolicy", - "description": "Grants permission to attach a data protection policy to detect and redact sensitive information from log events", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html" - }, - "PutDestination": { - "privilege": "PutDestination", - "description": "Grants permission to create or update a Destination", - "access_level": "Write", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html" - }, - "PutDestinationPolicy": { - "privilege": "PutDestinationPolicy", - "description": "Grants permission to create or update an access policy associated with an existing Destination", - "access_level": "Write", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html" - }, - "PutLogEvents": { - "privilege": "PutLogEvents", - "description": "Grants permission to upload a batch of log events to the specified log stream", - "access_level": "Write", - "resource_types": { - "log-stream": { - "resource_type": "log-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html" - }, - "PutMetricFilter": { - "privilege": "PutMetricFilter", - "description": "Grants permission to create or update a metric filter and associates it with the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutMetricFilter.html" - }, - "PutQueryDefinition": { - "privilege": "PutQueryDefinition", - "description": "Grants permission to create or update a query definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutQueryDefinition.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create or update a resource policy allowing other AWS services to put log events to this account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutResourcePolicy.html" - }, - "PutRetentionPolicy": { - "privilege": "PutRetentionPolicy", - "description": "Grants permission to set the retention of the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutRetentionPolicy.html" - }, - "PutSubscriptionFilter": { - "privilege": "PutSubscriptionFilter", - "description": "Grants permission to create or update a subscription filter and associates it with the specified log group", - "access_level": "Write", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "destination": { - "resource_type": "destination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutSubscriptionFilter.html" - }, - "StartLiveTail": { - "privilege": "StartLiveTail", - "description": "Grants permission to start a livetail session in CloudWatch Logs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs_LiveTail.html" - }, - "StartQuery": { - "privilege": "StartQuery", - "description": "Grants permission to schedule a query of a log group using CloudWatch Logs Insights", - "access_level": "Read", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html" - }, - "StopLiveTail": { - "privilege": "StopLiveTail", - "description": "Grants permission to stop a CloudWatch Logs livetail session that is in progress", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs_LiveTail.html" - }, - "StopQuery": { - "privilege": "StopQuery", - "description": "Grants permission to stop a CloudWatch Logs Insights query that is in progress", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StopQuery.html" - }, - "TagLogGroup": { - "privilege": "TagLogGroup", - "description": "Grants permission to add or update the specified tags for the specified log group", - "access_level": "Tagging", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagLogGroup.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update the specified tags for the specified resource", - "access_level": "Tagging", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "log-group": { - "resource_type": "log-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html" - }, - "TestMetricFilter": { - "privilege": "TestMetricFilter", - "description": "Grants permission to test the filter pattern of a metric filter against a sample of log event messages", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TestMetricFilter.html" - }, - "Unmask": { - "privilege": "Unmask", - "description": "Grants permission to fetch unmasked log events that have been redacted with a data protection policy", - "access_level": "Read", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html" - }, - "UntagLogGroup": { - "privilege": "UntagLogGroup", - "description": "Grants permission to remove the specified tags from the specified log group", - "access_level": "Tagging", - "resource_types": { - "log-group": { - "resource_type": "log-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagLogGroup.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the specified tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "log-group": { - "resource_type": "log-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html" - }, - "UpdateLogDelivery": { - "privilege": "UpdateLogDelivery", - "description": "Grants permission to update the log delivery information for specified log delivery", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" - } - }, - "resources": { - "log-group": { - "resource": "log-group", - "arn": "arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "log-stream": { - "resource": "log-stream", - "arn": "arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "destination": { - "resource": "destination", - "arn": "arn:${Partition}:logs:${Region}:${Account}:destination:${DestinationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "oam": { - "service_name": "Amazon CloudWatch Observability Access Manager", - "prefix": "oam", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchobservabilityaccessmanager.html", - "privileges": { - "CreateLink": { - "privilege": "CreateLink", - "description": "Grants permission to create a link between a monitoring account and a source account for cross-account monitoring", - "access_level": "Write", - "resource_types": { - "Sink": { - "resource_type": "Sink", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "oam:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "oam:ResourceTypes" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_CreateLink.html" - }, - "CreateSink": { - "privilege": "CreateSink", - "description": "Grants permission to create a sink in an account so that it can be used as a monitoring account for cross-account monitoring", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "oam:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_CreateSink.html" - }, - "DeleteLink": { - "privilege": "DeleteLink", - "description": "Grants permission to delete a link between a monitoring account and a source account for cross-account monitoring", - "access_level": "Write", - "resource_types": { - "Link": { - "resource_type": "Link", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_DeleteLink.html" - }, - "DeleteSink": { - "privilege": "DeleteSink", - "description": "Grants permission to delete a cross-account monitoring sink in a monitoring account", - "access_level": "Write", - "resource_types": { - "Sink": { - "resource_type": "Sink", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_DeleteSink.html" - }, - "GetLink": { - "privilege": "GetLink", - "description": "Grants permission to retrieve complete information about one cross-account monitoring link", - "access_level": "Read", - "resource_types": { - "Link": { - "resource_type": "Link", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_GetLink.html" - }, - "GetSink": { - "privilege": "GetSink", - "description": "Grants permission to retrieve complete information about one cross-account monitoring sink", - "access_level": "Read", - "resource_types": { - "Sink": { - "resource_type": "Sink", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_GetSink.html" - }, - "GetSinkPolicy": { - "privilege": "GetSinkPolicy", - "description": "Grants permission to retrieve information for the IAM policy for a cross-account monitoring sink", - "access_level": "Read", - "resource_types": { - "Sink": { - "resource_type": "Sink", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_GetSinkPolicy.html" - }, - "ListAttachedLinks": { - "privilege": "ListAttachedLinks", - "description": "Grants permission to retrieve a list of links that are linked for a cross-account monitoring sink", - "access_level": "Read", - "resource_types": { - "Sink": { - "resource_type": "Sink", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListAttachedLinks.html" - }, - "ListLinks": { - "privilege": "ListLinks", - "description": "Grants permission to retrieve the ARNs of cross-account monitoring links in this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListLinks.html" - }, - "ListSinks": { - "privilege": "ListSinks", - "description": "Grants permission to retrieve the ARNs of cross-account monitoring sinks in this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "Link": { - "resource_type": "Link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Sink": { - "resource_type": "Sink", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListTagsForResource.html" - }, - "PutSinkPolicy": { - "privilege": "PutSinkPolicy", - "description": "Grants permission to create or update the IAM policy for a cross-account monitoring sink", - "access_level": "Write", - "resource_types": { - "Sink": { - "resource_type": "Sink", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_PutSinkPolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "Link": { - "resource_type": "Link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Sink": { - "resource_type": "Sink", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "Link": { - "resource_type": "Link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Sink": { - "resource_type": "Sink", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_UntagResource.html" - }, - "UpdateLink": { - "privilege": "UpdateLink", - "description": "Grants permission to update an existing link between a monitoring account and a source account", - "access_level": "Write", - "resource_types": { - "Link": { - "resource_type": "Link", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "oam:ResourceTypes" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_UpdateLink.html" - } - }, - "resources": { - "Link": { - "resource": "Link", - "arn": "arn:${Partition}:oam:${Region}:${Account}:link/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Sink": { - "resource": "Sink", - "arn": "arn:${Partition}:oam:${Region}:${Account}:sink/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "oam:ResourceTypes": { - "condition": "oam:ResourceTypes", - "description": "Filters access by the presence of resource types in the request", - "type": "ArrayOfString" - } - } - }, - "synthetics": { - "service_name": "Amazon CloudWatch Synthetics", - "prefix": "synthetics", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchsynthetics.html", - "privileges": { - "AssociateResource": { - "privilege": "AssociateResource", - "description": "Grants permission to associate a resource with a group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_AssociateResource.html" - }, - "CreateCanary": { - "privilege": "CreateCanary", - "description": "Grants permission to create a canary", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CreateCanary.html" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CreateGroup.html" - }, - "DeleteCanary": { - "privilege": "DeleteCanary", - "description": "Grants permission to delete a canary. Amazon Synthetics deletes all the resources except for the Lambda function and the CloudWatch Alarms if you created one", - "access_level": "Write", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteCanary.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete a group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteGroup.html" - }, - "DescribeCanaries": { - "privilege": "DescribeCanaries", - "description": "Grants permission to list information of all canaries", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "synthetics:Names" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DescribeCanaries.html" - }, - "DescribeCanariesLastRun": { - "privilege": "DescribeCanariesLastRun", - "description": "Grants permission to list information about the last test run associated with all canaries", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "synthetics:Names" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DescribeCanariesLastRun.html" - }, - "DescribeRuntimeVersions": { - "privilege": "DescribeRuntimeVersions", - "description": "Grants permission to list information about Synthetics canary runtime versions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DescribeRuntimeVersions.html" - }, - "DisassociateResource": { - "privilege": "DisassociateResource", - "description": "Grants permission to disassociate a resource from a group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DisassociateResource.html" - }, - "GetCanary": { - "privilege": "GetCanary", - "description": "Grants permission to view the details of a canary", - "access_level": "Read", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanary.html" - }, - "GetCanaryRuns": { - "privilege": "GetCanaryRuns", - "description": "Grants permission to list information about all the test runs associated with a canary", - "access_level": "Read", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html" - }, - "GetGroup": { - "privilege": "GetGroup", - "description": "Grants permission to view the details of a group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetGroup.html" - }, - "ListAssociatedGroups": { - "privilege": "ListAssociatedGroups", - "description": "Grants permission to list information about the associated groups of a canary", - "access_level": "List", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListAssociatedGroups.html" - }, - "ListGroupResources": { - "privilege": "ListGroupResources", - "description": "Grants permission to list information about canaries in a group", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListGroupResources.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list information of all groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListGroups.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags and values associated with a resource", - "access_level": "Read", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListTagsForResource.html" - }, - "StartCanary": { - "privilege": "StartCanary", - "description": "Grants permission to start a canary, so that Amazon CloudWatch Synthetics starts monitoring a website", - "access_level": "Write", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_StartCanary.html" - }, - "StopCanary": { - "privilege": "StopCanary", - "description": "Grants permission to stop a canary", - "access_level": "Write", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_StopCanary.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a resource", - "access_level": "Tagging", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a resource", - "access_level": "Tagging", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_UntagResource.html" - }, - "UpdateCanary": { - "privilege": "UpdateCanary", - "description": "Grants permission to update a canary", - "access_level": "Write", - "resource_types": { - "canary": { - "resource_type": "canary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_UpdateCanary.html" - } - }, - "resources": { - "canary": { - "resource": "canary", - "arn": "arn:${Partition}:synthetics:${Region}:${Account}:canary:${CanaryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "group": { - "resource": "group", - "arn": "arn:${Partition}:synthetics:${Region}:${Account}:group:${GroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "synthetics:Names": { - "condition": "synthetics:Names", - "description": "Filters access based on the name of the canary", - "type": "ArrayOfString" - } - } - }, - "codecatalyst": { - "service_name": "Amazon CodeCatalyst", - "prefix": "codecatalyst", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodecatalyst.html", - "privileges": { - "AcceptConnection": { - "privilege": "AcceptConnection", - "description": "Grants permission to accept a request to connect this account to an Amazon CodeCatalyst space", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "AssociateIamRoleToConnection": { - "privilege": "AssociateIamRoleToConnection", - "description": "Grants permission to associate an IAM role to a connection", - "access_level": "Write", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete a connection", - "access_level": "Write", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "DisassociateIamRoleFromConnection": { - "privilege": "DisassociateIamRoleFromConnection", - "description": "Grants permission to disassociate an IAM role from a connection", - "access_level": "Write", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "GetBillingAuthorization": { - "privilege": "GetBillingAuthorization", - "description": "Grants permission to describe the billing authorization for a connection", - "access_level": "Read", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "GetConnection": { - "privilege": "GetConnection", - "description": "Grants permission to get a connection", - "access_level": "Read", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "GetPendingConnection": { - "privilege": "GetPendingConnection", - "description": "Grants permission to get a pending request to connect this account to an Amazon CodeCatalyst space", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "ListConnections": { - "privilege": "ListConnections", - "description": "Grants permission to list connections that are not pending", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "ListIamRolesForConnection": { - "privilege": "ListIamRolesForConnection", - "description": "Grants permission to list IAM roles associated with a connection", - "access_level": "List", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an Amazon CodeCatalyst resource", - "access_level": "Read", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "PutBillingAuthorization": { - "privilege": "PutBillingAuthorization", - "description": "Grants permission to create or update the billing authorization for a connection", - "access_level": "Write", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "RejectConnection": { - "privilege": "RejectConnection", - "description": "Grants permission to reject a request to connect this account to an Amazon CodeCatalyst space", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon CodeCatalyst resource", - "access_level": "Tagging", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Amazon CodeCatalyst resource", - "access_level": "Tagging", - "resource_types": { - "connections": { - "resource_type": "connections", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" - } - }, - "resources": { - "connections": { - "resource": "connections", - "arn": "arn:${Partition}:codecatalyst:${Region}:${Account}:/connections/${ConnectionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - } - } - }, - "codeguru": { - "service_name": "Amazon CodeGuru", - "prefix": "codeguru", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodeguru.html", - "privileges": { - "GetCodeGuruFreeTrialSummary": { - "privilege": "GetCodeGuruFreeTrialSummary", - "description": "Grants permission to get free trial summary for the CodeGuru service which includes expiration date", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetCodeGuruFreeTrialSummary.html" - } - }, - "resources": {}, - "conditions": {} - }, - "codeguru-profiler": { - "service_name": "Amazon CodeGuru Profiler", - "prefix": "codeguru-profiler", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodeguruprofiler.html", - "privileges": { - "AddNotificationChannels": { - "privilege": "AddNotificationChannels", - "description": "Grants permission to add up to 2 topic ARNs of existing AWS SNS topics to publish notifications", - "access_level": "Write", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_AddNotificationChannels.html" - }, - "BatchGetFrameMetricData": { - "privilege": "BatchGetFrameMetricData", - "description": "Grants permission to get the frame metric data for a Profiling Group", - "access_level": "List", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_BatchGetFrameMetricData.html" - }, - "ConfigureAgent": { - "privilege": "ConfigureAgent", - "description": "Grants permission to register with the orchestration service and retrieve profiling configuration information, used by agents", - "access_level": "Write", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html" - }, - "CreateProfilingGroup": { - "privilege": "CreateProfilingGroup", - "description": "Grants permission to create a profiling group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_CreateProfilingGroup.html" - }, - "DeleteProfilingGroup": { - "privilege": "DeleteProfilingGroup", - "description": "Grants permission to delete a profiling group", - "access_level": "Write", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_DeleteProfilingGroup.html" - }, - "DescribeProfilingGroup": { - "privilege": "DescribeProfilingGroup", - "description": "Grants permission to describe a profiling group", - "access_level": "Read", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_DescribeProfilingGroup.html" - }, - "GetFindingsReportAccountSummary": { - "privilege": "GetFindingsReportAccountSummary", - "description": "Grants permission to get a summary of recent recommendations for each profiling group in the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetFindingsReportAccountSummary.html" - }, - "GetNotificationConfiguration": { - "privilege": "GetNotificationConfiguration", - "description": "Grants permission to get the notification configuration", - "access_level": "Read", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetNotificationConfiguration.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to get the resource policy associated with the specified Profiling Group", - "access_level": "Read", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetPolicy.html" - }, - "GetProfile": { - "privilege": "GetProfile", - "description": "Grants permission to get aggregated profiles for a specific profiling group", - "access_level": "Read", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetProfile.html" - }, - "GetRecommendations": { - "privilege": "GetRecommendations", - "description": "Grants permission to get recommendations", - "access_level": "Read", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetRecommendations.html" - }, - "ListFindingsReports": { - "privilege": "ListFindingsReports", - "description": "Grants permission to list the available recommendations reports for a specific profiling group", - "access_level": "List", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListFindingsReports.html" - }, - "ListProfileTimes": { - "privilege": "ListProfileTimes", - "description": "Grants permission to list the start times of the available aggregated profiles for a specific profiling group", - "access_level": "List", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListProfileTimes.html" - }, - "ListProfilingGroups": { - "privilege": "ListProfilingGroups", - "description": "Grants permission to list profiling groups in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListProfilingGroups.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a Profiling Group", - "access_level": "List", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListTagsForResource.html" - }, - "PostAgentProfile": { - "privilege": "PostAgentProfile", - "description": "Grants permission to submit a profile collected by an agent belonging to a specific profiling group for aggregation", - "access_level": "Write", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html" - }, - "PutPermission": { - "privilege": "PutPermission", - "description": "Grants permission to update the list of principals allowed for an action group in the resource policy associated with the specified Profiling Group", - "access_level": "Permissions management", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PutPermission.html" - }, - "RemoveNotificationChannel": { - "privilege": "RemoveNotificationChannel", - "description": "Grants permission to delete an already configured SNStopic arn from the notification configuration", - "access_level": "Write", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_RemoveNotificationChannel.html" - }, - "RemovePermission": { - "privilege": "RemovePermission", - "description": "Grants permission to remove the permission of specified Action Group from the resource policy associated with the specified Profiling Group", - "access_level": "Permissions management", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_RemovePermission.html" - }, - "SubmitFeedback": { - "privilege": "SubmitFeedback", - "description": "Grants permission to submit user feedback for useful or non useful anomaly", - "access_level": "Write", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_SubmitFeedback.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or overwrite tags to a Profiling Group", - "access_level": "Tagging", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a Profiling Group", - "access_level": "Tagging", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_UntagResource.html" - }, - "UpdateProfilingGroup": { - "privilege": "UpdateProfilingGroup", - "description": "Grants permission to update a specific profiling group", - "access_level": "Write", - "resource_types": { - "ProfilingGroup": { - "resource_type": "ProfilingGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_UpdateProfilingGroup.html" - } - }, - "resources": { - "ProfilingGroup": { - "resource": "ProfilingGroup", - "arn": "arn:${Partition}:codeguru-profiler:${Region}:${Account}:profilingGroup/${ProfilingGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "codeguru-reviewer": { - "service_name": "Amazon CodeGuru Reviewer", - "prefix": "codeguru-reviewer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodegurureviewer.html", - "privileges": { - "AssociateRepository": { - "privilege": "AssociateRepository", - "description": "Grants permission to associates a repository with Amazon CodeGuru Reviewer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "codecommit:GetRepository", - "codecommit:ListRepositories", - "codecommit:TagResource", - "codestar-connections:PassConnection", - "events:PutRule", - "events:PutTargets", - "iam:CreateServiceLinkedRole", - "s3:CreateBucket", - "s3:ListBucket", - "s3:PutBucketPolicy", - "s3:PutLifecycleConfiguration" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_AssociateRepository.html" - }, - "CreateCodeReview": { - "privilege": "CreateCodeReview", - "description": "Grants permission to create a code review", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_CreateCodeReview.html" - }, - "CreateConnectionToken": { - "privilege": "CreateConnectionToken", - "description": "Grants permission to perform webbased oauth handshake for 3rd party providers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/Welcome.html" - }, - "DescribeCodeReview": { - "privilege": "DescribeCodeReview", - "description": "Grants permission to describe a code review", - "access_level": "Read", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DescribeCodeReview.html" - }, - "DescribeRecommendationFeedback": { - "privilege": "DescribeRecommendationFeedback", - "description": "Grants permission to describe a recommendation feedback on a code review", - "access_level": "Read", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DescribeRecommendationFeedback.html" - }, - "DescribeRepositoryAssociation": { - "privilege": "DescribeRepositoryAssociation", - "description": "Grants permission to describe a repository association", - "access_level": "Read", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DescribeRepositoryAssociation.html" - }, - "DisassociateRepository": { - "privilege": "DisassociateRepository", - "description": "Grants permission to disassociate a repository with Amazon CodeGuru Reviewer", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "codecommit:UntagResource", - "events:DeleteRule", - "events:RemoveTargets" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DisassociateRepository.html" - }, - "GetMetricsData": { - "privilege": "GetMetricsData", - "description": "Grants permission to view pull request metrics in console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/Welcome.html" - }, - "ListCodeReviews": { - "privilege": "ListCodeReviews", - "description": "Grants permission to list summary of code reviews", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListCodeReviews.html" - }, - "ListRecommendationFeedback": { - "privilege": "ListRecommendationFeedback", - "description": "Grants permission to list summary of recommendation feedback on a code review", - "access_level": "List", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListRecommendationFeedback.html" - }, - "ListRecommendations": { - "privilege": "ListRecommendations", - "description": "Grants permission to list summary of recommendations on a code review", - "access_level": "List", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListRecommendations.html" - }, - "ListRepositoryAssociations": { - "privilege": "ListRepositoryAssociations", - "description": "Grants permission to list summary of repository associations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListRepositoryAssociations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the resource attached to a associated repository ARN", - "access_level": "List", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListTagsForResource.html" - }, - "ListThirdPartyRepositories": { - "privilege": "ListThirdPartyRepositories", - "description": "Grants permission to list 3rd party providers repositories in console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/Welcome.html" - }, - "PutRecommendationFeedback": { - "privilege": "PutRecommendationFeedback", - "description": "Grants permission to put feedback for a recommendation on a code review", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_PutRecommendationFeedback.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to attach resource tags to an associated repository ARN", - "access_level": "Tagging", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_TagResource.html" - }, - "UnTagResource": { - "privilege": "UnTagResource", - "description": "Grants permission to disassociate resource tags from an associated repository ARN", - "access_level": "Tagging", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_UntagResource.html" - } - }, - "resources": { - "association": { - "resource": "association", - "arn": "arn:${Partition}:codeguru-reviewer:${Region}:${Account}:association:${ResourceId}", - "condition_keys": [] - }, - "codereview": { - "resource": "codereview", - "arn": "arn:${Partition}:codeguru-reviewer:${Region}:${Account}:association:${ResourceId}:codereview:${CodeReviewId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "codeguru-security": { - "service_name": "Amazon CodeGuru Security", - "prefix": "codeguru-security", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodegurusecurity.html", - "privileges": { - "BatchGetFindings": { - "privilege": "BatchGetFindings", - "description": "Grants permission to batch retrieve specific findings generated by CodeGuru Security", - "access_level": "Read", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "CreateScan": { - "privilege": "CreateScan", - "description": "Grants permission to create a CodeGuru Security scan", - "access_level": "Write", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "CreateUploadUrl": { - "privilege": "CreateUploadUrl", - "description": "Grants permission to generate a presigned url for uploading code archives", - "access_level": "Write", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "DeleteScansByCategory": { - "privilege": "DeleteScansByCategory", - "description": "Grants permission to delete all the scans and related findings from CodeGuru Security by given category", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "GetAccountConfiguration": { - "privilege": "GetAccountConfiguration", - "description": "Grants permission to retrieve the account level configurations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "GetFindings": { - "privilege": "GetFindings", - "description": "Grants permission to retrieve findings for a scan generated by CodeGuru Security", - "access_level": "List", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "GetMetricsSummary": { - "privilege": "GetMetricsSummary", - "description": "Grants permission to retrieve AWS accout level metrics summary generated by CodeGuru Security", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "GetScan": { - "privilege": "GetScan", - "description": "Grants permission to retrieve CodeGuru Security scan metadata", - "access_level": "Read", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListFindings": { - "privilege": "ListFindings", - "description": "Grants permission to retrieve findings generated by CodeGuru Security", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListFindingsMetrics": { - "privilege": "ListFindingsMetrics", - "description": "Grants permission to retrieve a list of account level findings metrics within a date range", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListScans": { - "privilege": "ListScans", - "description": "Grants permission to retrieve list of CodeGuru Security scan metadata", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of tags for a scan name ARN", - "access_level": "Read", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a scan name ARN", - "access_level": "Tagging", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a scan name ARN", - "access_level": "Tagging", - "resource_types": { - "ScanName": { - "resource_type": "ScanName", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "UpdateAccountConfiguration": { - "privilege": "UpdateAccountConfiguration", - "description": "Grants permission to update the account level configurations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - } - }, - "resources": { - "ScanName": { - "resource": "ScanName", - "arn": "arn:${Partition}:codeguru-security:${Region}:${Account}:scans/${ScanName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "codewhisperer": { - "service_name": "Amazon CodeWhisperer", - "prefix": "codewhisperer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodewhisperer.html", - "privileges": { - "CreateProfile": { - "privilege": "CreateProfile", - "description": "Grants permission to invoke CreateProfile on CodeWhisperer", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - }, - "DeleteProfile": { - "privilege": "DeleteProfile", - "description": "Grants permission to invoke DeleteProfile on CodeWhisperer", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - }, - "GenerateRecommendations": { - "privilege": "GenerateRecommendations", - "description": "Grants permission to invoke GenerateRecommendations on CodeWhisperer", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - }, - "ListProfiles": { - "privilege": "ListProfiles", - "description": "Grants permission to invoke ListProfiles on CodeWhisperer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to invoke ListTagsForResource on CodeWhisperer", - "access_level": "List", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to invoke TagResource on CodeWhisperer", - "access_level": "Tagging", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to invoke UntagResource on CodeWhisperer", - "access_level": "Tagging", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - }, - "UpdateProfile": { - "privilege": "UpdateProfile", - "description": "Grants permission to invoke UpdateProfile on CodeWhisperer", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" - } - }, - "resources": { - "profile": { - "resource": "profile", - "arn": "arn:${Partition}:codewhisperer::${Account}:profile/${Identifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with CodeWhisperer resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "cognito-identity": { - "service_name": "Amazon Cognito Identity", - "prefix": "cognito-identity", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncognitoidentity.html", - "privileges": { - "CreateIdentityPool": { - "privilege": "CreateIdentityPool", - "description": "Grants permission to create a new identity pool", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CreateIdentityPool.html" - }, - "DeleteIdentities": { - "privilege": "DeleteIdentities", - "description": "Grants permission to delete identities from an identity pool. You can specify a list of 1-60 identities that you want to delete", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DeleteIdentities.html" - }, - "DeleteIdentityPool": { - "privilege": "DeleteIdentityPool", - "description": "Grants permission to delete a user pool. Once a pool is deleted, users will not be able to authenticate with the pool", - "access_level": "Permissions management", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DeleteIdentityPool.html" - }, - "DescribeIdentity": { - "privilege": "DescribeIdentity", - "description": "Grants permission to return metadata related to the given identity, including when the identity was created and any associated linked logins", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DescribeIdentity.html" - }, - "DescribeIdentityPool": { - "privilege": "DescribeIdentityPool", - "description": "Grants permission to get details about a particular identity pool, including the pool name, ID description, creation date, and current number of users", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DescribeIdentityPool.html" - }, - "GetCredentialsForIdentity": { - "privilege": "GetCredentialsForIdentity", - "description": "Grants permission to return credentials for the provided identity ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetCredentialsForIdentity.html" - }, - "GetId": { - "privilege": "GetId", - "description": "Grants permission to generate (or retrieve) a Cognito ID. Supplying multiple logins will create an implicit linked account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html" - }, - "GetIdentityPoolRoles": { - "privilege": "GetIdentityPoolRoles", - "description": "Grants permission to get the roles for an identity pool", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetIdentityPoolRoles.html" - }, - "GetOpenIdToken": { - "privilege": "GetOpenIdToken", - "description": "Grants permission to get an OpenID token, using a known Cognito ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdToken.html" - }, - "GetOpenIdTokenForDeveloperIdentity": { - "privilege": "GetOpenIdTokenForDeveloperIdentity", - "description": "Grants permission to register (or retrieve) a Cognito IdentityId and an OpenID Connect token for a user authenticated by your backend authentication process", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdTokenForDeveloperIdentity.html" - }, - "GetPrincipalTagAttributeMap": { - "privilege": "GetPrincipalTagAttributeMap", - "description": "Grants permission to get the principal tags for an identity pool and provider", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetPrincipalTagAttributeMap.html" - }, - "ListIdentities": { - "privilege": "ListIdentities", - "description": "Grants permission to list the identities in an identity pool", - "access_level": "List", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_ListIdentities.html" - }, - "ListIdentityPools": { - "privilege": "ListIdentityPools", - "description": "Grants permission to list all of the Cognito identity pools registered for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_ListIdentityPools.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags that are assigned to an Amazon Cognito identity pool", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_ListTagsForResource.html" - }, - "LookupDeveloperIdentity": { - "privilege": "LookupDeveloperIdentity", - "description": "Grants permission to retrieve the IdentityId associated with a DeveloperUserIdentifier or the list of DeveloperUserIdentifiers associated with an IdentityId for an existing identity", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_LookupDeveloperIdentity.html" - }, - "MergeDeveloperIdentities": { - "privilege": "MergeDeveloperIdentities", - "description": "Grants permission to merge two users having different IdentityIds, existing in the same identity pool, and identified by the same developer provider", - "access_level": "Permissions management", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_MergeDeveloperIdentities.html" - }, - "SetIdentityPoolRoles": { - "privilege": "SetIdentityPoolRoles", - "description": "Grants permission to set the roles for an identity pool. These roles are used when making calls to GetCredentialsForIdentity action", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_SetIdentityPoolRoles.html" - }, - "SetPrincipalTagAttributeMap": { - "privilege": "SetPrincipalTagAttributeMap", - "description": "Grants permission to set the principal tags for an identity pool and provider. These tags are used when making calls to GetOpenIdToken action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_SetPrincipalTagAttributeMap.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign a set of tags to an Amazon Cognito identity pool", - "access_level": "Tagging", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_TagResource.html" - }, - "UnlinkDeveloperIdentity": { - "privilege": "UnlinkDeveloperIdentity", - "description": "Grants permission to unlink a DeveloperUserIdentifier from an existing identity", - "access_level": "Permissions management", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UnlinkDeveloperIdentity.html" - }, - "UnlinkIdentity": { - "privilege": "UnlinkIdentity", - "description": "Grants permission to unlink a federated identity from an existing account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UnlinkIdentity.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the specified tags from an Amazon Cognito identity pool", - "access_level": "Tagging", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UntagResource.html" - }, - "UpdateIdentityPool": { - "privilege": "UpdateIdentityPool", - "description": "Grants permission to update an identity pool", - "access_level": "Permissions management", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UpdateIdentityPool.html" - } - }, - "resources": { - "identitypool": { - "resource": "identitypool", - "arn": "arn:${Partition}:cognito-identity:${Region}:${Account}:identitypool/${IdentityPoolId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a key that is present in the request", - "type": "ArrayOfString" - } - } - }, - "cognito-sync": { - "service_name": "Amazon Cognito Sync", - "prefix": "cognito-sync", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncognitosync.html", - "privileges": { - "BulkPublish": { - "privilege": "BulkPublish", - "description": "Grants permission to initiate a bulk publish of all existing datasets for an Identity Pool to the configured stream", - "access_level": "Write", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_BulkPublish.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Grants permission to delete a specific dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DeleteDataset.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to get metadata about a dataset by identity and dataset name", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DescribeDataset.html" - }, - "DescribeIdentityPoolUsage": { - "privilege": "DescribeIdentityPoolUsage", - "description": "Grants permission to get usage details (for example, data storage) about a particular identity pool", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DescribeIdentityPoolUsage.html" - }, - "DescribeIdentityUsage": { - "privilege": "DescribeIdentityUsage", - "description": "Grants permission to get usage information for an identity, including number of datasets and data usage", - "access_level": "Read", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DescribeIdentityUsage.html" - }, - "GetBulkPublishDetails": { - "privilege": "GetBulkPublishDetails", - "description": "Grants permission to get the status of the last BulkPublish operation for an identity pool", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_GetBulkPublishDetails.html" - }, - "GetCognitoEvents": { - "privilege": "GetCognitoEvents", - "description": "Grants permission to get the events and the corresponding Lambda functions associated with an identity pool", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_GetCognitoEvents.html" - }, - "GetIdentityPoolConfiguration": { - "privilege": "GetIdentityPoolConfiguration", - "description": "Grants permission to get the configuration settings of an identity pool", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_GetIdentityPoolConfiguration.html" - }, - "ListDatasets": { - "privilege": "ListDatasets", - "description": "Grants permission to list datasets for an identity", - "access_level": "List", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_ListDatasets.html" - }, - "ListIdentityPoolUsage": { - "privilege": "ListIdentityPoolUsage", - "description": "Grants permission to get a list of identity pools registered with Cognito", - "access_level": "Read", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_ListIdentityPoolUsage.html" - }, - "ListRecords": { - "privilege": "ListRecords", - "description": "Grants permission to get paginated records, optionally changed after a particular sync count for a dataset and identity", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_ListRecords.html" - }, - "QueryRecords": { - "privilege": "QueryRecords", - "description": "Grants permission to query records", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "RegisterDevice": { - "privilege": "RegisterDevice", - "description": "Grants permission to register a device to receive push sync notifications", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_RegisterDevice.html" - }, - "SetCognitoEvents": { - "privilege": "SetCognitoEvents", - "description": "Grants permission to set the AWS Lambda function for a given event type for an identity pool", - "access_level": "Write", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_SetCognitoEvents.html" - }, - "SetDatasetConfiguration": { - "privilege": "SetDatasetConfiguration", - "description": "Grants permission to configure datasets", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "SetIdentityPoolConfiguration": { - "privilege": "SetIdentityPoolConfiguration", - "description": "Grants permission to set the necessary configuration for push sync", - "access_level": "Write", - "resource_types": { - "identitypool": { - "resource_type": "identitypool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_SetIdentityPoolConfiguration.html" - }, - "SubscribeToDataset": { - "privilege": "SubscribeToDataset", - "description": "Grants permission to subscribe to receive notifications when a dataset is modified by another device", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_SubscribeToDataset.html" - }, - "UnsubscribeFromDataset": { - "privilege": "UnsubscribeFromDataset", - "description": "Grants permission to unsubscribe from receiving notifications when a dataset is modified by another device", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_UnsubscribeFromDataset.html" - }, - "UpdateRecords": { - "privilege": "UpdateRecords", - "description": "Grants permission to post updates to records and add and delete records for a dataset and user", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_UpdateRecords.html" - } - }, - "resources": { - "dataset": { - "resource": "dataset", - "arn": "arn:${Partition}:cognito-sync:${Region}:${Account}:identitypool/${IdentityPoolId}/identity/${IdentityId}/dataset/${DatasetName}", - "condition_keys": [] - }, - "identity": { - "resource": "identity", - "arn": "arn:${Partition}:cognito-sync:${Region}:${Account}:identitypool/${IdentityPoolId}/identity/${IdentityId}", - "condition_keys": [] - }, - "identitypool": { - "resource": "identitypool", - "arn": "arn:${Partition}:cognito-sync:${Region}:${Account}:identitypool/${IdentityPoolId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "cognito-idp": { - "service_name": "Amazon Cognito User Pools", - "prefix": "cognito-idp", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncognitouserpools.html", - "privileges": { - "AddCustomAttributes": { - "privilege": "AddCustomAttributes", - "description": "Grants permission to add user attributes to the user pool schema", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AddCustomAttributes.html" - }, - "AdminAddUserToGroup": { - "privilege": "AdminAddUserToGroup", - "description": "Grants permission to add any user to any group", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminAddUserToGroup.html" - }, - "AdminConfirmSignUp": { - "privilege": "AdminConfirmSignUp", - "description": "Grants permission to confirm any user's registration without a confirmation code", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminConfirmSignUp.html" - }, - "AdminCreateUser": { - "privilege": "AdminCreateUser", - "description": "Grants permission to create new users and send welcome messages via email or SMS", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html" - }, - "AdminDeleteUser": { - "privilege": "AdminDeleteUser", - "description": "Grants permission to delete any user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDeleteUser.html" - }, - "AdminDeleteUserAttributes": { - "privilege": "AdminDeleteUserAttributes", - "description": "Grants permission to delete attributes from any user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDeleteUserAttributes.html" - }, - "AdminDisableProviderForUser": { - "privilege": "AdminDisableProviderForUser", - "description": "Grants permission to unlink any user pool user from a third-party identity provider (IdP) user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDisableProviderForUser.html" - }, - "AdminDisableUser": { - "privilege": "AdminDisableUser", - "description": "Grants permission to deactivate any user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDisableUser.html" - }, - "AdminEnableUser": { - "privilege": "AdminEnableUser", - "description": "Grants permission to activate any user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminEnableUser.html" - }, - "AdminForgetDevice": { - "privilege": "AdminForgetDevice", - "description": "Grants permission to deregister any user's devices", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminForgetDevice.html" - }, - "AdminGetDevice": { - "privilege": "AdminGetDevice", - "description": "Grants permission to get information about any user's devices", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetDevice.html" - }, - "AdminGetUser": { - "privilege": "AdminGetUser", - "description": "Grants permission to look up any user by user name", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetUser.html" - }, - "AdminInitiateAuth": { - "privilege": "AdminInitiateAuth", - "description": "Grants permission to authenticate any user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html" - }, - "AdminLinkProviderForUser": { - "privilege": "AdminLinkProviderForUser", - "description": "Grants permission to link any user pool user to a third-party IdP user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html" - }, - "AdminListDevices": { - "privilege": "AdminListDevices", - "description": "Grants permission to list any user's remembered devices", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminListDevices.html" - }, - "AdminListGroupsForUser": { - "privilege": "AdminListGroupsForUser", - "description": "Grants permission to list the groups that any user belongs to", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminListGroupsForUser.html" - }, - "AdminListUserAuthEvents": { - "privilege": "AdminListUserAuthEvents", - "description": "Grants permission to lists sign-in events for any user", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminListUserAuthEvents.html" - }, - "AdminRemoveUserFromGroup": { - "privilege": "AdminRemoveUserFromGroup", - "description": "Grants permission to remove any user from any group", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminRemoveUserFromGroup.html" - }, - "AdminResetUserPassword": { - "privilege": "AdminResetUserPassword", - "description": "Grants permission to reset any user's password", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminResetUserPassword.html" - }, - "AdminRespondToAuthChallenge": { - "privilege": "AdminRespondToAuthChallenge", - "description": "Grants permission to respond to an authentication challenge during the authentication of any user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminRespondToAuthChallenge.html" - }, - "AdminSetUserMFAPreference": { - "privilege": "AdminSetUserMFAPreference", - "description": "Grants permission to set any user's preferred MFA method", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html" - }, - "AdminSetUserPassword": { - "privilege": "AdminSetUserPassword", - "description": "Grants permission to set any user's password", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html" - }, - "AdminSetUserSettings": { - "privilege": "AdminSetUserSettings", - "description": "Grants permission to set user settings for any user", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserSettings.html" - }, - "AdminUpdateAuthEventFeedback": { - "privilege": "AdminUpdateAuthEventFeedback", - "description": "Grants permission to update advanced security feedback for any user's authentication event", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateAuthEventFeedback.html" - }, - "AdminUpdateDeviceStatus": { - "privilege": "AdminUpdateDeviceStatus", - "description": "Grants permission to update the status of any user's remembered devices", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateDeviceStatus.html" - }, - "AdminUpdateUserAttributes": { - "privilege": "AdminUpdateUserAttributes", - "description": "Grants permission to updates any user's standard or custom attributes", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html" - }, - "AdminUserGlobalSignOut": { - "privilege": "AdminUserGlobalSignOut", - "description": "Grants permission to sign out any user from all sessions", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUserGlobalSignOut.html" - }, - "AssociateSoftwareToken": { - "privilege": "AssociateSoftwareToken", - "description": "Returns a unique generated shared secret key code for the user account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html" - }, - "AssociateWebACL": { - "privilege": "AssociateWebACL", - "description": "Grants permission to associate the user pool with an AWS WAF web ACL", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" - }, - "ChangePassword": { - "privilege": "ChangePassword", - "description": "Changes the password for a specified user in a user pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ChangePassword.html" - }, - "ConfirmDevice": { - "privilege": "ConfirmDevice", - "description": "Confirms tracking of the device. This API call is the call that begins device tracking", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html" - }, - "ConfirmForgotPassword": { - "privilege": "ConfirmForgotPassword", - "description": "Allows a user to enter a confirmation code to reset a forgotten password", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html" - }, - "ConfirmSignUp": { - "privilege": "ConfirmSignUp", - "description": "Confirms registration of a user and handles the existing alias from a previous user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmSignUp.html" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create new user pool groups", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateGroup.html" - }, - "CreateIdentityProvider": { - "privilege": "CreateIdentityProvider", - "description": "Grants permission to add identity providers to user pools", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html" - }, - "CreateResourceServer": { - "privilege": "CreateResourceServer", - "description": "Grants permission to create and configure scopes for OAuth 2.0 resource servers", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateResourceServer.html" - }, - "CreateUserImportJob": { - "privilege": "CreateUserImportJob", - "description": "Grants permission to create user CSV import jobs", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserImportJob.html" - }, - "CreateUserPool": { - "privilege": "CreateUserPool", - "description": "Grants permission to create and set password policy for user pools", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html" - }, - "CreateUserPoolClient": { - "privilege": "CreateUserPoolClient", - "description": "Grants permission to create user pool app clients", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolClient.html" - }, - "CreateUserPoolDomain": { - "privilege": "CreateUserPoolDomain", - "description": "Grants permission to add user pool domains", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolDomain.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete any empty user pool group", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteGroup.html" - }, - "DeleteIdentityProvider": { - "privilege": "DeleteIdentityProvider", - "description": "Grants permission to delete any identity provider from user pools", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteIdentityProvider.html" - }, - "DeleteResourceServer": { - "privilege": "DeleteResourceServer", - "description": "Grants permission to delete any OAuth 2.0 resource server from user pools", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteResourceServer.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Allows a user to delete one's self", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUser.html" - }, - "DeleteUserAttributes": { - "privilege": "DeleteUserAttributes", - "description": "Deletes the attributes for a user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserAttributes.html" - }, - "DeleteUserPool": { - "privilege": "DeleteUserPool", - "description": "Grants permission to delete user pools", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserPool.html" - }, - "DeleteUserPoolClient": { - "privilege": "DeleteUserPoolClient", - "description": "Grants permission to delete any user pool app client", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserPoolClient.html" - }, - "DeleteUserPoolDomain": { - "privilege": "DeleteUserPoolDomain", - "description": "Grants permission to delete any user pool domain", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserPoolDomain.html" - }, - "DescribeIdentityProvider": { - "privilege": "DescribeIdentityProvider", - "description": "Grants permission to describe any user pool identity provider", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeIdentityProvider.html" - }, - "DescribeResourceServer": { - "privilege": "DescribeResourceServer", - "description": "Grants permission to describe any OAuth 2.0 resource server", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeResourceServer.html" - }, - "DescribeRiskConfiguration": { - "privilege": "DescribeRiskConfiguration", - "description": "Grants permission to describe the risk configuration settings of user pools and app clients", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html" - }, - "DescribeUserImportJob": { - "privilege": "DescribeUserImportJob", - "description": "Grants permission to describe any user import job", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserImportJob.html" - }, - "DescribeUserPool": { - "privilege": "DescribeUserPool", - "description": "Grants permission to describe user pools", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html" - }, - "DescribeUserPoolClient": { - "privilege": "DescribeUserPoolClient", - "description": "Grants permission to describe any user pool app client", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html" - }, - "DescribeUserPoolDomain": { - "privilege": "DescribeUserPoolDomain", - "description": "Grants permission to describe any user pool domain", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolDomain.html" - }, - "DisassociateWebACL": { - "privilege": "DisassociateWebACL", - "description": "Grants permission to disassociate the user pool with an AWS WAF web ACL", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" - }, - "ForgetDevice": { - "privilege": "ForgetDevice", - "description": "Forgets the specified device", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgetDevice.html" - }, - "ForgotPassword": { - "privilege": "ForgotPassword", - "description": "Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html" - }, - "GetCSVHeader": { - "privilege": "GetCSVHeader", - "description": "Grants permission to generate headers for a user import .csv file", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetCSVHeader.html" - }, - "GetDevice": { - "privilege": "GetDevice", - "description": "Gets the device", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetDevice.html" - }, - "GetGroup": { - "privilege": "GetGroup", - "description": "Grants permission to describe a user pool group", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetGroup.html" - }, - "GetIdentityProviderByIdentifier": { - "privilege": "GetIdentityProviderByIdentifier", - "description": "Grants permission to correlate a user pool IdP identifier to the IdP Name", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetIdentityProviderByIdentifier.html" - }, - "GetSigningCertificate": { - "privilege": "GetSigningCertificate", - "description": "Grants permission to look up signing certificates for user pools", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetSigningCertificate.html" - }, - "GetUICustomization": { - "privilege": "GetUICustomization", - "description": "Grants permission to get UI customization information for the hosted UI of any app client", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUICustomization.html" - }, - "GetUser": { - "privilege": "GetUser", - "description": "Gets the user attributes and metadata for a user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html" - }, - "GetUserAttributeVerificationCode": { - "privilege": "GetUserAttributeVerificationCode", - "description": "Gets the user attribute verification code for the specified attribute name", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserAttributeVerificationCode.html" - }, - "GetUserPoolMfaConfig": { - "privilege": "GetUserPoolMfaConfig", - "description": "Grants permission to look up the MFA configuration of user pools", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html" - }, - "GetWebACLForResource": { - "privilege": "GetWebACLForResource", - "description": "Grants permission to get the AWS WAF web ACL that is associated with an Amazon Cognito user pool", - "access_level": "Read", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" - }, - "GlobalSignOut": { - "privilege": "GlobalSignOut", - "description": "Signs out users from all devices", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GlobalSignOut.html" - }, - "InitiateAuth": { - "privilege": "InitiateAuth", - "description": "Initiates the authentication flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html" - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Lists the devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListDevices.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list all groups in user pools", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListGroups.html" - }, - "ListIdentityProviders": { - "privilege": "ListIdentityProviders", - "description": "Grants permission to list all identity providers in user pools", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListIdentityProviders.html" - }, - "ListResourceServers": { - "privilege": "ListResourceServers", - "description": "Grants permission to list all resource servers in user pools", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListResourceServers.html" - }, - "ListResourcesForWebACL": { - "privilege": "ListResourcesForWebACL", - "description": "Grants permission to list the user pools that are associated with an AWS WAF web ACL", - "access_level": "List", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags that are assigned to an Amazon Cognito user pool", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListTagsForResource.html" - }, - "ListUserImportJobs": { - "privilege": "ListUserImportJobs", - "description": "Grants permission to list all user import jobs", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUserImportJobs.html" - }, - "ListUserPoolClients": { - "privilege": "ListUserPoolClients", - "description": "Grants permission to list all app clients in user pools", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUserPoolClients.html" - }, - "ListUserPools": { - "privilege": "ListUserPools", - "description": "Grants permission to list all user pools", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUserPools.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list all user pool users", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsers.html" - }, - "ListUsersInGroup": { - "privilege": "ListUsersInGroup", - "description": "Grants permission to list the users in any group", - "access_level": "List", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsersInGroup.html" - }, - "ResendConfirmationCode": { - "privilege": "ResendConfirmationCode", - "description": "Resends the confirmation (for confirmation of registration) to a specific user in the user pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ResendConfirmationCode.html" - }, - "RespondToAuthChallenge": { - "privilege": "RespondToAuthChallenge", - "description": "Responds to the authentication challenge", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RespondToAuthChallenge.html" - }, - "RevokeToken": { - "privilege": "RevokeToken", - "description": "Revokes all of the access tokens generated by the specified refresh token", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html" - }, - "SetRiskConfiguration": { - "privilege": "SetRiskConfiguration", - "description": "Grants permission to set risk configuration for user pools and app clients", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html" - }, - "SetUICustomization": { - "privilege": "SetUICustomization", - "description": "Grants permission to customize the hosted UI for any app client", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUICustomization.html" - }, - "SetUserMFAPreference": { - "privilege": "SetUserMFAPreference", - "description": "Sets MFA preference for the user in the userpool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html" - }, - "SetUserPoolMfaConfig": { - "privilege": "SetUserPoolMfaConfig", - "description": "Grants permission to set user pool MFA configuration", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html" - }, - "SetUserSettings": { - "privilege": "SetUserSettings", - "description": "Sets the user settings like multi-factor authentication (MFA)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserSettings.html" - }, - "SignUp": { - "privilege": "SignUp", - "description": "Registers the user in the specified user pool and creates a user name, password, and user attributes", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html" - }, - "StartUserImportJob": { - "privilege": "StartUserImportJob", - "description": "Grants permission to start any user import job", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_StartUserImportJob.html" - }, - "StopUserImportJob": { - "privilege": "StopUserImportJob", - "description": "Grants permission to stop any user import job", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_StopUserImportJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a user pool", - "access_level": "Tagging", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a user pool", - "access_level": "Tagging", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UntagResource.html" - }, - "UpdateAuthEventFeedback": { - "privilege": "UpdateAuthEventFeedback", - "description": "Updates the feedback for the user authentication event", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateAuthEventFeedback.html" - }, - "UpdateDeviceStatus": { - "privilege": "UpdateDeviceStatus", - "description": "Updates the device status", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to update the configuration of any group", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateGroup.html" - }, - "UpdateIdentityProvider": { - "privilege": "UpdateIdentityProvider", - "description": "Grants permission to update the configuration of any user pool IdP", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateIdentityProvider.html" - }, - "UpdateResourceServer": { - "privilege": "UpdateResourceServer", - "description": "Grants permission to update the configuration of any OAuth 2.0 resource server", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateResourceServer.html" - }, - "UpdateUserAttributes": { - "privilege": "UpdateUserAttributes", - "description": "Allows a user to update a specific attribute (one at a time)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html" - }, - "UpdateUserPool": { - "privilege": "UpdateUserPool", - "description": "Grants permission to updates the configuration of user pools", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html" - }, - "UpdateUserPoolClient": { - "privilege": "UpdateUserPoolClient", - "description": "Grants permission to update any user pool client", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPoolClient.html" - }, - "UpdateUserPoolDomain": { - "privilege": "UpdateUserPoolDomain", - "description": "Grants permission to replace the certificate for any custom domain", - "access_level": "Write", - "resource_types": { - "userpool": { - "resource_type": "userpool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPoolDomain.html" - }, - "VerifySoftwareToken": { - "privilege": "VerifySoftwareToken", - "description": "Registers a user's entered TOTP code and mark the user's software token MFA status as verified if successful", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html" - }, - "VerifyUserAttribute": { - "privilege": "VerifyUserAttribute", - "description": "Verifies a user attribute using a one time verification code", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifyUserAttribute.html" - } - }, - "resources": { - "userpool": { - "resource": "userpool", - "arn": "arn:${Partition}:cognito-idp:${Region}:${Account}:userpool/${UserPoolId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "webacl": { - "resource": "webacl", - "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/webacl/${Name}/${Id}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a key that is present in the request", - "type": "ArrayOfString" - } - } - }, - "comprehend": { - "service_name": "Amazon Comprehend", - "prefix": "comprehend", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncomprehend.html", - "privileges": { - "BatchDetectDominantLanguage": { - "privilege": "BatchDetectDominantLanguage", - "description": "Grants permission to detect the language or languages present in the list of text documents", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectDominantLanguage.html" - }, - "BatchDetectEntities": { - "privilege": "BatchDetectEntities", - "description": "Grants permission to detect the named entities (\"People\", \"Places\", \"Locations\", etc) within the given list of text documents", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectEntities.html" - }, - "BatchDetectKeyPhrases": { - "privilege": "BatchDetectKeyPhrases", - "description": "Grants permission to detect the phrases in the list of text documents that are most indicative of the content", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectKeyPhrases.html" - }, - "BatchDetectSentiment": { - "privilege": "BatchDetectSentiment", - "description": "Grants permission to detect the sentiment of a text in the list of documents (Positive, Negative, Neutral, or Mixed)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectSentiment.html" - }, - "BatchDetectSyntax": { - "privilege": "BatchDetectSyntax", - "description": "Grants permission to detect syntactic information (like Part of Speech, Tokens) in a list of text documents", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectSyntax.html" - }, - "BatchDetectTargetedSentiment": { - "privilege": "BatchDetectTargetedSentiment", - "description": "Grants permission to detect the sentiments associated with specific entities (such as brands or products) within the given list of text documents", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectTargetedSentiment.html" - }, - "ClassifyDocument": { - "privilege": "ClassifyDocument", - "description": "Grants permission to create a new document classification request to analyze a single document in real-time, using a previously created and trained custom model and an endpoint", - "access_level": "Read", - "resource_types": { - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ClassifyDocument.html" - }, - "ContainsPiiEntities": { - "privilege": "ContainsPiiEntities", - "description": "Grants permission to classify the personally identifiable information within given documents in real-time", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ContainsPiiEntities.html" - }, - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Grants permission to create a new dataset within a flywheel", - "access_level": "Write", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateDataset.html" - }, - "CreateDocumentClassifier": { - "privilege": "CreateDocumentClassifier", - "description": "Grants permission to create a new document classifier that you can use to categorize documents", - "access_level": "Write", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:ModelKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateDocumentClassifier.html" - }, - "CreateEndpoint": { - "privilege": "CreateEndpoint", - "description": "Grants permission to create a model-specific endpoint for synchronous inference for a previously trained custom model", - "access_level": "Write", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel": { - "resource_type": "flywheel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateEndpoint.html" - }, - "CreateEntityRecognizer": { - "privilege": "CreateEntityRecognizer", - "description": "Grants permission to create an entity recognizer using submitted files", - "access_level": "Write", - "resource_types": { - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:ModelKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateEntityRecognizer.html" - }, - "CreateFlywheel": { - "privilege": "CreateFlywheel", - "description": "Grants permission to create a new flywheel that you can use to train model versions", - "access_level": "Write", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier": { - "resource_type": "document-classifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:ModelKmsKey", - "comprehend:DataLakeKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateFlywheel.html" - }, - "DeleteDocumentClassifier": { - "privilege": "DeleteDocumentClassifier", - "description": "Grants permission to delete a previously created document classifier", - "access_level": "Write", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteDocumentClassifier.html" - }, - "DeleteEndpoint": { - "privilege": "DeleteEndpoint", - "description": "Grants permission to delete a model-specific endpoint for a previously-trained custom model. All endpoints must be deleted in order for the model to be deleted", - "access_level": "Write", - "resource_types": { - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteEndpoint.html" - }, - "DeleteEntityRecognizer": { - "privilege": "DeleteEntityRecognizer", - "description": "Grants permission to delete a submitted entity recognizer", - "access_level": "Write", - "resource_types": { - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteEntityRecognizer.html" - }, - "DeleteFlywheel": { - "privilege": "DeleteFlywheel", - "description": "Grants permission to Delete a flywheel", - "access_level": "Write", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteFlywheel.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to remove policy on resource", - "access_level": "Write", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to get the properties associated with a dataset", - "access_level": "Read", - "resource_types": { - "flywheel-dataset": { - "resource_type": "flywheel-dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDataset.html" - }, - "DescribeDocumentClassificationJob": { - "privilege": "DescribeDocumentClassificationJob", - "description": "Grants permission to get the properties associated with a document classification job", - "access_level": "Read", - "resource_types": { - "document-classification-job": { - "resource_type": "document-classification-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDocumentClassificationJob.html" - }, - "DescribeDocumentClassifier": { - "privilege": "DescribeDocumentClassifier", - "description": "Grants permission to get the properties associated with a document classifier", - "access_level": "Read", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDocumentClassifier.html" - }, - "DescribeDominantLanguageDetectionJob": { - "privilege": "DescribeDominantLanguageDetectionJob", - "description": "Grants permission to get the properties associated with a dominant language detection job", - "access_level": "Read", - "resource_types": { - "dominant-language-detection-job": { - "resource_type": "dominant-language-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDominantLanguageDetectionJob.html" - }, - "DescribeEndpoint": { - "privilege": "DescribeEndpoint", - "description": "Grants permission to get the properties associated with a specific endpoint. Use this operation to get the status of an endpoint", - "access_level": "Read", - "resource_types": { - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEndpoint.html" - }, - "DescribeEntitiesDetectionJob": { - "privilege": "DescribeEntitiesDetectionJob", - "description": "Grants permission to get the properties associated with an entities detection job", - "access_level": "Read", - "resource_types": { - "entities-detection-job": { - "resource_type": "entities-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEntitiesDetectionJob.html" - }, - "DescribeEntityRecognizer": { - "privilege": "DescribeEntityRecognizer", - "description": "Grants permission to provide details about an entity recognizer including status, S3 buckets containing training data, recognizer metadata, metrics, and so on", - "access_level": "Read", - "resource_types": { - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEntityRecognizer.html" - }, - "DescribeEventsDetectionJob": { - "privilege": "DescribeEventsDetectionJob", - "description": "Grants permission to get the properties associated with an Events detection job", - "access_level": "Read", - "resource_types": { - "events-detection-job": { - "resource_type": "events-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEventsDetectionJob.html" - }, - "DescribeFlywheel": { - "privilege": "DescribeFlywheel", - "description": "Grants permission to get the properties associated with a flywheel", - "access_level": "Read", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeFlywheel.html" - }, - "DescribeFlywheelIteration": { - "privilege": "DescribeFlywheelIteration", - "description": "Grants permission to get the properties associated with a flywheel iteration for a flywheel", - "access_level": "Read", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "comprehend:FlywheelIterationId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeFlywheelIteration.html" - }, - "DescribeKeyPhrasesDetectionJob": { - "privilege": "DescribeKeyPhrasesDetectionJob", - "description": "Grants permission to get the properties associated with a key phrases detection job", - "access_level": "Read", - "resource_types": { - "key-phrases-detection-job": { - "resource_type": "key-phrases-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeKeyPhrasesDetectionJob.html" - }, - "DescribePiiEntitiesDetectionJob": { - "privilege": "DescribePiiEntitiesDetectionJob", - "description": "Grants permission to get the properties associated with a PII entities detection job", - "access_level": "Read", - "resource_types": { - "pii-entities-detection-job": { - "resource_type": "pii-entities-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribePiiEntitiesDetectionJob.html" - }, - "DescribeResourcePolicy": { - "privilege": "DescribeResourcePolicy", - "description": "Grants permission to read attached policy on resource", - "access_level": "Read", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeResourcePolicy.html" - }, - "DescribeSentimentDetectionJob": { - "privilege": "DescribeSentimentDetectionJob", - "description": "Grants permission to get the properties associated with a sentiment detection job", - "access_level": "Read", - "resource_types": { - "sentiment-detection-job": { - "resource_type": "sentiment-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeSentimentDetectionJob.html" - }, - "DescribeTargetedSentimentDetectionJob": { - "privilege": "DescribeTargetedSentimentDetectionJob", - "description": "Grants permission to get the properties associated with a targeted sentiment detection job", - "access_level": "Read", - "resource_types": { - "targeted-sentiment-detection-job": { - "resource_type": "targeted-sentiment-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeTargetedSentimentDetectionJob.html" - }, - "DescribeTopicsDetectionJob": { - "privilege": "DescribeTopicsDetectionJob", - "description": "Grants permission to get the properties associated with a topic detection job", - "access_level": "Read", - "resource_types": { - "topics-detection-job": { - "resource_type": "topics-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeTopicsDetectionJob.html" - }, - "DetectDominantLanguage": { - "privilege": "DetectDominantLanguage", - "description": "Grants permission to detect the language or languages present in the text", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectDominantLanguage.html" - }, - "DetectEntities": { - "privilege": "DetectEntities", - "description": "Grants permission to detect the named entities (\"People\", \"Places\", \"Locations\", etc) within the given text document", - "access_level": "Read", - "resource_types": { - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectEntities.html" - }, - "DetectKeyPhrases": { - "privilege": "DetectKeyPhrases", - "description": "Grants permission to detect the phrases in the text that are most indicative of the content", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectKeyPhrases.html" - }, - "DetectPiiEntities": { - "privilege": "DetectPiiEntities", - "description": "Grants permission to detect the personally identifiable information entities (\"Name\", \"SSN\", \"PIN\", etc) within the given text document", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectPiiEntities.html" - }, - "DetectSentiment": { - "privilege": "DetectSentiment", - "description": "Grants permission to detect the sentiment of a text in a document (Positive, Negative, Neutral, or Mixed)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectSentiment.html" - }, - "DetectSyntax": { - "privilege": "DetectSyntax", - "description": "Grants permission to detect syntactic information (like Part of Speech, Tokens) in a text document", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectSyntax.html" - }, - "DetectTargetedSentiment": { - "privilege": "DetectTargetedSentiment", - "description": "Grants permission to detect the sentiments associated with specific entities (such as brands or products) in a document", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectTargetedSentiment.html" - }, - "ImportModel": { - "privilege": "ImportModel", - "description": "Grants permission to import a trained Comprehend model", - "access_level": "Write", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:ModelKmsKey" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ImportModel.html" - }, - "ListDatasets": { - "privilege": "ListDatasets", - "description": "Grants permission to get a list of the Datasets associated with a flywheel", - "access_level": "Read", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDatasets.html" - }, - "ListDocumentClassificationJobs": { - "privilege": "ListDocumentClassificationJobs", - "description": "Grants permission to get a list of the document classification jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDocumentClassificationJobs.html" - }, - "ListDocumentClassifierSummaries": { - "privilege": "ListDocumentClassifierSummaries", - "description": "Grants permission to get a list of summaries of the document classifiers that you have created", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDocumentClassifierSummaries.html" - }, - "ListDocumentClassifiers": { - "privilege": "ListDocumentClassifiers", - "description": "Grants permission to get a list of the document classifiers that you have created", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDocumentClassifiers.html" - }, - "ListDominantLanguageDetectionJobs": { - "privilege": "ListDominantLanguageDetectionJobs", - "description": "Grants permission to get a list of the dominant language detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDominantLanguageDetectionJobs.html" - }, - "ListEndpoints": { - "privilege": "ListEndpoints", - "description": "Grants permission to get a list of all existing endpoints that you've created", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEndpoints.html" - }, - "ListEntitiesDetectionJobs": { - "privilege": "ListEntitiesDetectionJobs", - "description": "Grants permission to get a list of the entity detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEntitiesDetectionJobs.html" - }, - "ListEntityRecognizerSummaries": { - "privilege": "ListEntityRecognizerSummaries", - "description": "Grants permission to get a list of summaries for the entity recognizers that you have created", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEntityRecognizerSummaries.html" - }, - "ListEntityRecognizers": { - "privilege": "ListEntityRecognizers", - "description": "Grants permission to get a list of the properties of all entity recognizers that you created, including recognizers currently in training", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEntityRecognizers.html" - }, - "ListEventsDetectionJobs": { - "privilege": "ListEventsDetectionJobs", - "description": "Grants permission to get a list of Events detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEventsDetectionJobs.html" - }, - "ListFlywheelIterationHistory": { - "privilege": "ListFlywheelIterationHistory", - "description": "Grants permission to get a list of iterations associated for a flywheel", - "access_level": "Read", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListFlywheelIterationHistory.html" - }, - "ListFlywheels": { - "privilege": "ListFlywheels", - "description": "Grants permission to get a list of the flywheels that you have created", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListFlywheels.html" - }, - "ListKeyPhrasesDetectionJobs": { - "privilege": "ListKeyPhrasesDetectionJobs", - "description": "Grants permission to get a list of key phrase detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListKeyPhrasesDetectionJobs.html" - }, - "ListPiiEntitiesDetectionJobs": { - "privilege": "ListPiiEntitiesDetectionJobs", - "description": "Grants permission to get a list of PII entities detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListPiiEntitiesDetectionJobs.html" - }, - "ListSentimentDetectionJobs": { - "privilege": "ListSentimentDetectionJobs", - "description": "Grants permission to get a list of sentiment detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListSentimentDetectionJobs.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "document-classification-job": { - "resource_type": "document-classification-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier": { - "resource_type": "document-classifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dominant-language-detection-job": { - "resource_type": "dominant-language-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entities-detection-job": { - "resource_type": "entities-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "events-detection-job": { - "resource_type": "events-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel": { - "resource_type": "flywheel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel-dataset": { - "resource_type": "flywheel-dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "key-phrases-detection-job": { - "resource_type": "key-phrases-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pii-entities-detection-job": { - "resource_type": "pii-entities-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sentiment-detection-job": { - "resource_type": "sentiment-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "targeted-sentiment-detection-job": { - "resource_type": "targeted-sentiment-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "topics-detection-job": { - "resource_type": "topics-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTargetedSentimentDetectionJobs": { - "privilege": "ListTargetedSentimentDetectionJobs", - "description": "Grants permission to get a list of targeted sentiment detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListTargetedSentimentDetectionJobs.html" - }, - "ListTopicsDetectionJobs": { - "privilege": "ListTopicsDetectionJobs", - "description": "Grants permission to get a list of the topic detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListTopicsDetectionJobs.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to attach policy to resource", - "access_level": "Write", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_PutResourcePolicy.html" - }, - "StartDocumentClassificationJob": { - "privilege": "StartDocumentClassificationJob", - "description": "Grants permission to start an asynchronous document classification job", - "access_level": "Write", - "resource_types": { - "document-classification-job": { - "resource_type": "document-classification-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier": { - "resource_type": "document-classifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel": { - "resource_type": "flywheel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartDocumentClassificationJob.html" - }, - "StartDominantLanguageDetectionJob": { - "privilege": "StartDominantLanguageDetectionJob", - "description": "Grants permission to start an asynchronous dominant language detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "dominant-language-detection-job": { - "resource_type": "dominant-language-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartDominantLanguageDetectionJob.html" - }, - "StartEntitiesDetectionJob": { - "privilege": "StartEntitiesDetectionJob", - "description": "Grants permission to start an asynchronous entity detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "entities-detection-job": { - "resource_type": "entities-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel": { - "resource_type": "flywheel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartEntitiesDetectionJob.html" - }, - "StartEventsDetectionJob": { - "privilege": "StartEventsDetectionJob", - "description": "Grants permission to start an asynchronous Events detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "events-detection-job": { - "resource_type": "events-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:OutputKmsKey" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartEventsDetectionJob.html" - }, - "StartFlywheelIteration": { - "privilege": "StartFlywheelIteration", - "description": "Grants permission to start a flywheel iteration for a flywheel", - "access_level": "Write", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartFlywheelIteration.html" - }, - "StartKeyPhrasesDetectionJob": { - "privilege": "StartKeyPhrasesDetectionJob", - "description": "Grants permission to start an asynchronous key phrase detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "key-phrases-detection-job": { - "resource_type": "key-phrases-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartKeyPhrasesDetectionJob.html" - }, - "StartPiiEntitiesDetectionJob": { - "privilege": "StartPiiEntitiesDetectionJob", - "description": "Grants permission to start an asynchronous PII entities detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "pii-entities-detection-job": { - "resource_type": "pii-entities-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:OutputKmsKey" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartPiiEntitiesDetectionJob.html" - }, - "StartSentimentDetectionJob": { - "privilege": "StartSentimentDetectionJob", - "description": "Grants permission to start an asynchronous sentiment detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "sentiment-detection-job": { - "resource_type": "sentiment-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartSentimentDetectionJob.html" - }, - "StartTargetedSentimentDetectionJob": { - "privilege": "StartTargetedSentimentDetectionJob", - "description": "Grants permission to start an asynchronous targeted sentiment detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "targeted-sentiment-detection-job": { - "resource_type": "targeted-sentiment-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartTargetedSentimentDetectionJob.html" - }, - "StartTopicsDetectionJob": { - "privilege": "StartTopicsDetectionJob", - "description": "Grants permission to start an asynchronous job to detect the most common topics in the collection of documents and the phrases associated with each topic", - "access_level": "Write", - "resource_types": { - "topics-detection-job": { - "resource_type": "topics-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "comprehend:VolumeKmsKey", - "comprehend:OutputKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartTopicsDetectionJob.html" - }, - "StopDominantLanguageDetectionJob": { - "privilege": "StopDominantLanguageDetectionJob", - "description": "Grants permission to stop a dominant language detection job", - "access_level": "Write", - "resource_types": { - "dominant-language-detection-job": { - "resource_type": "dominant-language-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopDominantLanguageDetectionJob.html" - }, - "StopEntitiesDetectionJob": { - "privilege": "StopEntitiesDetectionJob", - "description": "Grants permission to stop an entity detection job", - "access_level": "Write", - "resource_types": { - "entities-detection-job": { - "resource_type": "entities-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopEntitiesDetectionJob.html" - }, - "StopEventsDetectionJob": { - "privilege": "StopEventsDetectionJob", - "description": "Grants permission to stop an Events detection job", - "access_level": "Write", - "resource_types": { - "events-detection-job": { - "resource_type": "events-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopEventsDetectionJob.html" - }, - "StopKeyPhrasesDetectionJob": { - "privilege": "StopKeyPhrasesDetectionJob", - "description": "Grants permission to stop a key phrase detection job", - "access_level": "Write", - "resource_types": { - "key-phrases-detection-job": { - "resource_type": "key-phrases-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopKeyPhrasesDetectionJob.html" - }, - "StopPiiEntitiesDetectionJob": { - "privilege": "StopPiiEntitiesDetectionJob", - "description": "Grants permission to stop a PII entities detection job", - "access_level": "Write", - "resource_types": { - "pii-entities-detection-job": { - "resource_type": "pii-entities-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopPiiEntitiesDetectionJob.html" - }, - "StopSentimentDetectionJob": { - "privilege": "StopSentimentDetectionJob", - "description": "Grants permission to stop a sentiment detection job", - "access_level": "Write", - "resource_types": { - "sentiment-detection-job": { - "resource_type": "sentiment-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopSentimentDetectionJob.html" - }, - "StopTargetedSentimentDetectionJob": { - "privilege": "StopTargetedSentimentDetectionJob", - "description": "Grants permission to stop a targeted sentiment detection job", - "access_level": "Write", - "resource_types": { - "targeted-sentiment-detection-job": { - "resource_type": "targeted-sentiment-detection-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopTargetedSentimentDetectionJob.html" - }, - "StopTrainingDocumentClassifier": { - "privilege": "StopTrainingDocumentClassifier", - "description": "Grants permission to stop a previously created document classifier training job", - "access_level": "Write", - "resource_types": { - "document-classifier": { - "resource_type": "document-classifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopTrainingDocumentClassifier.html" - }, - "StopTrainingEntityRecognizer": { - "privilege": "StopTrainingEntityRecognizer", - "description": "Grants permission to stop a previously created entity recognizer training job", - "access_level": "Write", - "resource_types": { - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopTrainingEntityRecognizer.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource with given key value pairs", - "access_level": "Tagging", - "resource_types": { - "document-classification-job": { - "resource_type": "document-classification-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier": { - "resource_type": "document-classifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dominant-language-detection-job": { - "resource_type": "dominant-language-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entities-detection-job": { - "resource_type": "entities-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "events-detection-job": { - "resource_type": "events-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel": { - "resource_type": "flywheel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel-dataset": { - "resource_type": "flywheel-dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "key-phrases-detection-job": { - "resource_type": "key-phrases-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pii-entities-detection-job": { - "resource_type": "pii-entities-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sentiment-detection-job": { - "resource_type": "sentiment-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "targeted-sentiment-detection-job": { - "resource_type": "targeted-sentiment-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "topics-detection-job": { - "resource_type": "topics-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource with given key", - "access_level": "Tagging", - "resource_types": { - "document-classification-job": { - "resource_type": "document-classification-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier": { - "resource_type": "document-classifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dominant-language-detection-job": { - "resource_type": "dominant-language-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entities-detection-job": { - "resource_type": "entities-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "events-detection-job": { - "resource_type": "events-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel": { - "resource_type": "flywheel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel-dataset": { - "resource_type": "flywheel-dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "key-phrases-detection-job": { - "resource_type": "key-phrases-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pii-entities-detection-job": { - "resource_type": "pii-entities-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sentiment-detection-job": { - "resource_type": "sentiment-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "targeted-sentiment-detection-job": { - "resource_type": "targeted-sentiment-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "topics-detection-job": { - "resource_type": "topics-detection-job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_UntagResource.html" - }, - "UpdateEndpoint": { - "privilege": "UpdateEndpoint", - "description": "Grants permission to update information about the specified endpoint", - "access_level": "Write", - "resource_types": { - "document-classifier-endpoint": { - "resource_type": "document-classifier-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer-endpoint": { - "resource_type": "entity-recognizer-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "flywheel": { - "resource_type": "flywheel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_UpdateEndpoint.html" - }, - "UpdateFlywheel": { - "privilege": "UpdateFlywheel", - "description": "Grants permission to Update a flywheel's configuration", - "access_level": "Write", - "resource_types": { - "flywheel": { - "resource_type": "flywheel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "document-classifier": { - "resource_type": "document-classifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-recognizer": { - "resource_type": "entity-recognizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "comprehend:VolumeKmsKey", - "comprehend:ModelKmsKey", - "comprehend:VpcSecurityGroupIds", - "comprehend:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_UpdateFlywheel.html" - } - }, - "resources": { - "targeted-sentiment-detection-job": { - "resource": "targeted-sentiment-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:targeted-sentiment-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "document-classifier": { - "resource": "document-classifier", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:document-classifier/${DocumentClassifierName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "document-classifier-endpoint": { - "resource": "document-classifier-endpoint", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:document-classifier-endpoint/${DocumentClassifierEndpointName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "entity-recognizer": { - "resource": "entity-recognizer", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:entity-recognizer/${EntityRecognizerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "entity-recognizer-endpoint": { - "resource": "entity-recognizer-endpoint", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:entity-recognizer-endpoint/${EntityRecognizerEndpointName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dominant-language-detection-job": { - "resource": "dominant-language-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:dominant-language-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "entities-detection-job": { - "resource": "entities-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:entities-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "pii-entities-detection-job": { - "resource": "pii-entities-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:pii-entities-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "events-detection-job": { - "resource": "events-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:events-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "key-phrases-detection-job": { - "resource": "key-phrases-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:key-phrases-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "sentiment-detection-job": { - "resource": "sentiment-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:sentiment-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "topics-detection-job": { - "resource": "topics-detection-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:topics-detection-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "document-classification-job": { - "resource": "document-classification-job", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:document-classification-job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "flywheel": { - "resource": "flywheel", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:flywheel/${FlywheelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "flywheel-dataset": { - "resource": "flywheel-dataset", - "arn": "arn:${Partition}:comprehend:${Region}:${Account}:flywheel/${FlywheelName}/dataset/${DatasetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by requiring tag values present in a resource creation request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by requiring tag value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by requiring the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "comprehend:DataLakeKmsKey": { - "condition": "comprehend:DataLakeKmsKey", - "description": "Filters access by the DataLake Kms Key associated with the flywheel resource in the request", - "type": "ARN" - }, - "comprehend:FlywheelIterationId": { - "condition": "comprehend:FlywheelIterationId", - "description": "Filters access by particular Iteration Id for a flywheel", - "type": "String" - }, - "comprehend:ModelKmsKey": { - "condition": "comprehend:ModelKmsKey", - "description": "Filters access by the model KMS key associated with the resource in the request", - "type": "ARN" - }, - "comprehend:OutputKmsKey": { - "condition": "comprehend:OutputKmsKey", - "description": "Filters access by the output KMS key associated with the resource in the request", - "type": "ARN" - }, - "comprehend:VolumeKmsKey": { - "condition": "comprehend:VolumeKmsKey", - "description": "Filters access by the volume KMS key associated with the resource in the request", - "type": "ARN" - }, - "comprehend:VpcSecurityGroupIds": { - "condition": "comprehend:VpcSecurityGroupIds", - "description": "Filters access by the list of all VPC security group ids associated with the resource in the request", - "type": "ArrayOfString" - }, - "comprehend:VpcSubnets": { - "condition": "comprehend:VpcSubnets", - "description": "Filters access by the list of all VPC subnets associated with the resource in the request", - "type": "ArrayOfString" - } - } - }, - "comprehendmedical": { - "service_name": "Amazon Comprehend Medical", - "prefix": "comprehendmedical", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncomprehendmedical.html", - "privileges": { - "DescribeEntitiesDetectionV2Job": { - "privilege": "DescribeEntitiesDetectionV2Job", - "description": "Grants permission to describe the properties of a medical entity detection job that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeEntitiesDetectionV2Job.html" - }, - "DescribeICD10CMInferenceJob": { - "privilege": "DescribeICD10CMInferenceJob", - "description": "Grants permission to describe the properties of an ICD-10-CM linking job that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeICD10CMInferenceJob.html" - }, - "DescribePHIDetectionJob": { - "privilege": "DescribePHIDetectionJob", - "description": "Grants permission to describe the properties of a PHI entity detection job that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribePHIDetectionJob.html" - }, - "DescribeRxNormInferenceJob": { - "privilege": "DescribeRxNormInferenceJob", - "description": "Grants permission to describe the properties of an RxNorm linking job that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeRxNormInferenceJob.html" - }, - "DescribeSNOMEDCTInferenceJob": { - "privilege": "DescribeSNOMEDCTInferenceJob", - "description": "Grants permission to describe the properties of a SNOMED-CT linking job that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeSNOMEDCTInferenceJob.html" - }, - "DetectEntitiesV2": { - "privilege": "DetectEntitiesV2", - "description": "Grants permission to detect the named medical entities, and their relationships and traits within the given text document", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DetectEntitiesV2.html" - }, - "DetectPHI": { - "privilege": "DetectPHI", - "description": "Grants permission to detect the protected health information (PHI) entities within the given text document", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DetectPHI.html" - }, - "InferICD10CM": { - "privilege": "InferICD10CM", - "description": "Grants permission to detect the medical condition entities within the given text document and link them to ICD-10-CM codes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_InferICD10CM.html" - }, - "InferRxNorm": { - "privilege": "InferRxNorm", - "description": "Grants permission to detect the medication entities within the given text document and link them to RxCUI concept identifiers from the National Library of Medicine RxNorm database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_InferRxNorm.html" - }, - "InferSNOMEDCT": { - "privilege": "InferSNOMEDCT", - "description": "Grants permission to detect the medical condition, anatomy, and test, treatment, and procedure entities within the given text document and link them to SNOMED-CT codes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_InferSNOMEDCT.html" - }, - "ListEntitiesDetectionV2Jobs": { - "privilege": "ListEntitiesDetectionV2Jobs", - "description": "Grants permission to list the medical entity detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListEntitiesDetectionV2Jobs.html" - }, - "ListICD10CMInferenceJobs": { - "privilege": "ListICD10CMInferenceJobs", - "description": "Grants permission to list the ICD-10-CM linking jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListICD10CMInferenceJobs.html" - }, - "ListPHIDetectionJobs": { - "privilege": "ListPHIDetectionJobs", - "description": "Grants permission to list the PHI entity detection jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListPHIDetectionJobs.html" - }, - "ListRxNormInferenceJobs": { - "privilege": "ListRxNormInferenceJobs", - "description": "Grants permission to list the RxNorm linking jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListRxNormInferenceJobs.html" - }, - "ListSNOMEDCTInferenceJobs": { - "privilege": "ListSNOMEDCTInferenceJobs", - "description": "Grants permission to list the SNOMED-CT linking jobs that you have submitted", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListSNOMEDCTInferenceJobs.html" - }, - "StartEntitiesDetectionV2Job": { - "privilege": "StartEntitiesDetectionV2Job", - "description": "Grants permission to start an asynchronous medical entity detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartEntitiesDetectionV2Job.html" - }, - "StartICD10CMInferenceJob": { - "privilege": "StartICD10CMInferenceJob", - "description": "Grants permission to start an asynchronous ICD-10-CM linking job for a collection of documents", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartICD10CMInferenceJob.html" - }, - "StartPHIDetectionJob": { - "privilege": "StartPHIDetectionJob", - "description": "Grants permission to start an asynchronous PHI entity detection job for a collection of documents", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartPHIDetectionJob.html" - }, - "StartRxNormInferenceJob": { - "privilege": "StartRxNormInferenceJob", - "description": "Grants permission to start an asynchronous RxNorm linking job for a collection of documents", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartRxNormInferenceJob.html" - }, - "StartSNOMEDCTInferenceJob": { - "privilege": "StartSNOMEDCTInferenceJob", - "description": "Grants permission to start an asynchronous SNOMED-CT linking job for a collection of documents", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartSNOMEDCTInferenceJob.html" - }, - "StopEntitiesDetectionV2Job": { - "privilege": "StopEntitiesDetectionV2Job", - "description": "Grants permission to stop a medical entity detection job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopEntitiesDetectionV2Job.html" - }, - "StopICD10CMInferenceJob": { - "privilege": "StopICD10CMInferenceJob", - "description": "Grants permission to stop an ICD-10-CM linking job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopICD10CMInferenceJob.html" - }, - "StopPHIDetectionJob": { - "privilege": "StopPHIDetectionJob", - "description": "Grants permission to stop a PHI entity detection job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopPHIDetectionJob.html" - }, - "StopRxNormInferenceJob": { - "privilege": "StopRxNormInferenceJob", - "description": "Grants permission to stop an RxNorm linking job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopRxNormInferenceJob.html" - }, - "StopSNOMEDCTInferenceJob": { - "privilege": "StopSNOMEDCTInferenceJob", - "description": "Grants permission to stop a SNOMED-CT linking job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopSNOMEDCTInferenceJob.html" - } - }, - "resources": {}, - "conditions": { - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "connect": { - "service_name": "Amazon Connect", - "prefix": "connect", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnect.html", - "privileges": { - "ActivateEvaluationForm": { - "privilege": "ActivateEvaluationForm", - "description": "Grants permission to activate an evaluation form in the specified Amazon Connect instance. After the evaluation form is activated, it is available to start new evaluations based on the form", - "access_level": "Write", - "resource_types": { - "evaluation-form": { - "resource_type": "evaluation-form", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ActivateEvaluationForm.html" - }, - "AssociateApprovedOrigin": { - "privilege": "AssociateApprovedOrigin", - "description": "Grants permission to associate approved origin for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "AssociateBot": { - "privilege": "AssociateBot", - "description": "Grants permission to associate a Lex bot for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "lex:CreateResourcePolicy", - "lex:DescribeBotAlias", - "lex:GetBot", - "lex:UpdateResourcePolicy" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "AssociateCustomerProfilesDomain": { - "privilege": "AssociateCustomerProfilesDomain", - "description": "Grants permission to associate a Customer Profiles domain for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "profile:GetDomain" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "AssociateDefaultVocabulary": { - "privilege": "AssociateDefaultVocabulary", - "description": "Grants permission to default vocabulary for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_AssociateDefaultVocabulary.html" - }, - "AssociateInstanceStorageConfig": { - "privilege": "AssociateInstanceStorageConfig", - "description": "Grants permission to associate instance storage for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories", - "firehose:DescribeDeliveryStream", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "kinesis:DescribeStream", - "kms:CreateGrant", - "kms:DescribeKey", - "s3:GetBucketAcl", - "s3:GetBucketLocation" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:StorageResourceType", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "AssociateLambdaFunction": { - "privilege": "AssociateLambdaFunction", - "description": "Grants permission to associate a Lambda function for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "lambda:AddPermission" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "AssociateLexBot": { - "privilege": "AssociateLexBot", - "description": "Grants permission to associate a Lex bot for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "lex:GetBot" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "AssociatePhoneNumberContactFlow": { - "privilege": "AssociatePhoneNumberContactFlow", - "description": "Grants permission to associate contact flow resources to phone number resources in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "phone-number": { - "resource_type": "phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_AssociatePhoneNumberContactFlow.html" - }, - "AssociateQueueQuickConnects": { - "privilege": "AssociateQueueQuickConnects", - "description": "Grants permission to associate quick connects with a queue in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "quick-connect": { - "resource_type": "quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_AssociateQueueQuickConnects.html" - }, - "AssociateRoutingProfileQueues": { - "privilege": "AssociateRoutingProfileQueues", - "description": "Grants permission to associate queues with a routing profile in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_AssociateRoutingProfileQueues.html" - }, - "AssociateSecurityKey": { - "privilege": "AssociateSecurityKey", - "description": "Grants permission to associate a security key for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "BatchAssociateAnalyticsDataSet": { - "privilege": "BatchAssociateAnalyticsDataSet", - "description": "Grants permission to grant access and to associate the datasets with the specified AWS account", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" - }, - "BatchDisassociateAnalyticsDataSet": { - "privilege": "BatchDisassociateAnalyticsDataSet", - "description": "Grants permission to revoke access and to disassociate the datasets with the specified AWS account", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" - }, - "ClaimPhoneNumber": { - "privilege": "ClaimPhoneNumber", - "description": "Grants permission to claim phone number resources in an Amazon Connect instance or traffic distribution group", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "wildcard-phone-number": { - "resource_type": "wildcard-phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ClaimPhoneNumber.html" - }, - "CreateAgentStatus": { - "privilege": "CreateAgentStatus", - "description": "Grants permission to create agent status in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "agent-status": { - "resource_type": "agent-status", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateAgentStatus.html" - }, - "CreateContactFlow": { - "privilege": "CreateContactFlow", - "description": "Grants permission to create a contact flow in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateContactFlow.html" - }, - "CreateContactFlowModule": { - "privilege": "CreateContactFlowModule", - "description": "Grants permission to create a contact flow module in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateContactFlowModule.html" - }, - "CreateEvaluationForm": { - "privilege": "CreateEvaluationForm", - "description": "Grants permission to create an evaluation form in the specified Amazon Connect instance. The form can be used to define questions related to agent performance, and create sections to organize such questions. Question and section identifiers cannot be duplicated within the same evaluation form", - "access_level": "Write", - "resource_types": { - "evaluation-form": { - "resource_type": "evaluation-form", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateEvaluationForm.html" - }, - "CreateHoursOfOperation": { - "privilege": "CreateHoursOfOperation", - "description": "Grants permission to create hours of operation in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateHoursOfOperation.html" - }, - "CreateInstance": { - "privilege": "CreateInstance", - "description": "Grants permission to create a new Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ds:AuthorizeApplication", - "ds:CheckAlias", - "ds:CreateAlias", - "ds:CreateDirectory", - "ds:CreateIdentityPoolDirectory", - "ds:DeleteDirectory", - "ds:DescribeDirectories", - "ds:UnauthorizeApplication", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "CreateIntegrationAssociation": { - "privilege": "CreateIntegrationAssociation", - "description": "Grants permission to create an integration association with an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "app-integrations:CreateEventIntegrationAssociation", - "cases:GetDomain", - "connect:DescribeInstance", - "ds:DescribeDirectories", - "events:PutRule", - "events:PutTargets", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "mobiletargeting:GetApp", - "voiceid:DescribeDomain", - "wisdom:GetAssistant", - "wisdom:GetKnowledgeBase" - ] - }, - "integration-association": { - "resource_type": "integration-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateIntegrationAssociation.html" - }, - "CreateParticipant": { - "privilege": "CreateParticipant", - "description": "Grants permission to add a participant to an ongoing contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateParticipant.html" - }, - "CreatePrompt": { - "privilege": "CreatePrompt", - "description": "Grants permission to create a prompt in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "prompt": { - "resource_type": "prompt", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kms:Decrypt", - "s3:GetObject", - "s3:GetObjectAcl" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreatePrompt.html" - }, - "CreateQueue": { - "privilege": "CreateQueue", - "description": "Grants permission to create a queue in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "phone-number": { - "resource_type": "phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "quick-connect": { - "resource_type": "quick-connect", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateQueue.html" - }, - "CreateQuickConnect": { - "privilege": "CreateQuickConnect", - "description": "Grants permission to create a quick connect in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "quick-connect": { - "resource_type": "quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateQuickConnect.html" - }, - "CreateRoutingProfile": { - "privilege": "CreateRoutingProfile", - "description": "Grants permission to create a routing profile in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateRoutingProfile.html" - }, - "CreateRule": { - "privilege": "CreateRule", - "description": "Grants permission to create a rule in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateRule.html" - }, - "CreateSecurityProfile": { - "privilege": "CreateSecurityProfile", - "description": "Grants permission to create a security profile for the specified Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "security-profile": { - "resource_type": "security-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateSecurityProfile.html" - }, - "CreateTaskTemplate": { - "privilege": "CreateTaskTemplate", - "description": "Grants permission to create a task template in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "task-template": { - "resource_type": "task-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateTaskTemplate.html" - }, - "CreateTrafficDistributionGroup": { - "privilege": "CreateTrafficDistributionGroup", - "description": "Grants permission to create a traffic distribution group", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateTrafficDistributionGroup.html" - }, - "CreateUseCase": { - "privilege": "CreateUseCase", - "description": "Grants permission to create a use case for an integration association", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeInstance", - "ds:DescribeDirectories" - ] - }, - "integration-association": { - "resource_type": "integration-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "use-case": { - "resource_type": "use-case", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateUseCase.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user for the specified Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "security-profile": { - "resource_type": "security-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateUser.html" - }, - "CreateUserHierarchyGroup": { - "privilege": "CreateUserHierarchyGroup", - "description": "Grants permission to create a user hierarchy group in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateUserHierarchyGroup.html" - }, - "CreateVocabulary": { - "privilege": "CreateVocabulary", - "description": "Grants permission to create a vocabulary in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "vocabulary": { - "resource_type": "vocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateVocabulary.html" - }, - "DeactivateEvaluationForm": { - "privilege": "DeactivateEvaluationForm", - "description": "Grants permission to deactivate an evaluation form in the specified Amazon Connect instance. After a form is deactivated, it is no longer available for users to start new evaluations based on the form", - "access_level": "Write", - "resource_types": { - "evaluation-form": { - "resource_type": "evaluation-form", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeactivateEvaluationForm.html" - }, - "DeleteContactEvaluation": { - "privilege": "DeleteContactEvaluation", - "description": "Grants permission to delete a contact evaluation in the specified Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteContactEvaluation.html" - }, - "DeleteContactFlow": { - "privilege": "DeleteContactFlow", - "description": "Grants permission to delete a contact flow in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteContactFlow.html" - }, - "DeleteContactFlowModule": { - "privilege": "DeleteContactFlowModule", - "description": "Grants permission to delete a contact flow module in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteContactFlowModule.html" - }, - "DeleteEvaluationForm": { - "privilege": "DeleteEvaluationForm", - "description": "Grants permission to delete an evaluation form in the specified Amazon Connect instance. If the version property is provided, only the specified version of the evaluation form is deleted", - "access_level": "Write", - "resource_types": { - "evaluation-form": { - "resource_type": "evaluation-form", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteEvaluationForm.html" - }, - "DeleteHoursOfOperation": { - "privilege": "DeleteHoursOfOperation", - "description": "Grants permission to delete hours of operation in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteHoursOfOperation.html" - }, - "DeleteInstance": { - "privilege": "DeleteInstance", - "description": "Grants permission to delete an Amazon Connect instance. When you remove an instance, the link to an existing AWS directory is also removed", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DeleteDirectory", - "ds:DescribeDirectories", - "ds:UnauthorizeApplication" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DeleteIntegrationAssociation": { - "privilege": "DeleteIntegrationAssociation", - "description": "Grants permission to delete an integration association from an Amazon Connect instance. The association must not have any use cases associated with it", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "app-integrations:DeleteEventIntegrationAssociation", - "connect:DescribeInstance", - "ds:DescribeDirectories", - "events:DeleteRule", - "events:ListTargetsByRule", - "events:RemoveTargets" - ] - }, - "integration-association": { - "resource_type": "integration-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteIntegrationAssociation.html" - }, - "DeletePrompt": { - "privilege": "DeletePrompt", - "description": "Grants permission to delete a prompt in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "prompt": { - "resource_type": "prompt", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeletePrompt.html" - }, - "DeleteQuickConnect": { - "privilege": "DeleteQuickConnect", - "description": "Grants permission to delete a quick connect in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "quick-connect": { - "resource_type": "quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteQuickConnect.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete a rule in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteRule.html" - }, - "DeleteSecurityProfile": { - "privilege": "DeleteSecurityProfile", - "description": "Grants permission to delete a security profile in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "security-profile": { - "resource_type": "security-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteSecurityProfile.html" - }, - "DeleteTaskTemplate": { - "privilege": "DeleteTaskTemplate", - "description": "Grants permission to delete a task template in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "task-template": { - "resource_type": "task-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteTaskTemplate.html" - }, - "DeleteTrafficDistributionGroup": { - "privilege": "DeleteTrafficDistributionGroup", - "description": "Grants permission to delete a traffic distribution group", - "access_level": "Write", - "resource_types": { - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteTrafficDistributionGroup.html" - }, - "DeleteUseCase": { - "privilege": "DeleteUseCase", - "description": "Grants permission to delete a use case from an integration association", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeInstance", - "ds:DescribeDirectories" - ] - }, - "use-case": { - "resource_type": "use-case", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteUseCase.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteUser.html" - }, - "DeleteUserHierarchyGroup": { - "privilege": "DeleteUserHierarchyGroup", - "description": "Grants permission to delete a user hierarchy group in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteUserHierarchyGroup.html" - }, - "DeleteVocabulary": { - "privilege": "DeleteVocabulary", - "description": "Grants permission to delete a vocabulary in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "vocabulary": { - "resource_type": "vocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteVocabulary.html" - }, - "DescribeAgentStatus": { - "privilege": "DescribeAgentStatus", - "description": "Grants permission to describe agent status in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "agent-status": { - "resource_type": "agent-status", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeAgentStatus.html" - }, - "DescribeContact": { - "privilege": "DescribeContact", - "description": "Grants permission to describe a contact in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContact.html" - }, - "DescribeContactEvaluation": { - "privilege": "DescribeContactEvaluation", - "description": "Grants permission to describe a contact evaluation in the specified Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContactEvaluation.html" - }, - "DescribeContactFlow": { - "privilege": "DescribeContactFlow", - "description": "Grants permission to describe a contact flow in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContactFlow.html" - }, - "DescribeContactFlowModule": { - "privilege": "DescribeContactFlowModule", - "description": "Grants permission to describe a contact flow module in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContactFlowModule.html" - }, - "DescribeEvaluationForm": { - "privilege": "DescribeEvaluationForm", - "description": "Grants permission to describe an evaluation form in the specified Amazon Connect instance. If the version property is not provided, the latest version of the evaluation form is described", - "access_level": "Read", - "resource_types": { - "evaluation-form": { - "resource_type": "evaluation-form", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeEvaluationForm.html" - }, - "DescribeForecastingPlanningSchedulingIntegration": { - "privilege": "DescribeForecastingPlanningSchedulingIntegration", - "description": "Grants permission to describe the status of forecasting, planning, and scheduling integration on an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" - }, - "DescribeHoursOfOperation": { - "privilege": "DescribeHoursOfOperation", - "description": "Grants permission to describe hours of operation in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeHoursOfOperation.html" - }, - "DescribeInstance": { - "privilege": "DescribeInstance", - "description": "Grants permission to view details of an Amazon Connect instance and is also required to create an instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DescribeInstanceAttribute": { - "privilege": "DescribeInstanceAttribute", - "description": "Grants permission to view the attribute details of an existing Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:AttributeType", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DescribeInstanceStorageConfig": { - "privilege": "DescribeInstanceStorageConfig", - "description": "Grants permission to view the instance storage configuration for an existing Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:StorageResourceType", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DescribePhoneNumber": { - "privilege": "DescribePhoneNumber", - "description": "Grants permission to describe phone number resources in an Amazon Connect instance or traffic distribution group", - "access_level": "Read", - "resource_types": { - "phone-number": { - "resource_type": "phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribePhoneNumber.html" - }, - "DescribePrompt": { - "privilege": "DescribePrompt", - "description": "Grants permission to describe a prompt in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "prompt": { - "resource_type": "prompt", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribePrompt.html" - }, - "DescribeQueue": { - "privilege": "DescribeQueue", - "description": "Grants permission to describe a queue in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeQueue.html" - }, - "DescribeQuickConnect": { - "privilege": "DescribeQuickConnect", - "description": "Grants permission to describe a quick connect in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "quick-connect": { - "resource_type": "quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeQuickConnect.html" - }, - "DescribeRoutingProfile": { - "privilege": "DescribeRoutingProfile", - "description": "Grants permission to describe a routing profile in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html" - }, - "DescribeRule": { - "privilege": "DescribeRule", - "description": "Grants permission to describe a rule in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRule.html" - }, - "DescribeSecurityProfile": { - "privilege": "DescribeSecurityProfile", - "description": "Grants permission to describe a security profile in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "security-profile": { - "resource_type": "security-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeSecurityProfile.html" - }, - "DescribeTrafficDistributionGroup": { - "privilege": "DescribeTrafficDistributionGroup", - "description": "Grants permission to describe a traffic distribution group", - "access_level": "Read", - "resource_types": { - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeTrafficDistributionGroup.html" - }, - "DescribeUser": { - "privilege": "DescribeUser", - "description": "Grants permission to describe a user in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeUser.html" - }, - "DescribeUserHierarchyGroup": { - "privilege": "DescribeUserHierarchyGroup", - "description": "Grants permission to describe a hierarchy group for an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeUserHierarchyGroup.html" - }, - "DescribeUserHierarchyStructure": { - "privilege": "DescribeUserHierarchyStructure", - "description": "Grants permission to describe the hierarchy structure for an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeUserHierarchyStructure.html" - }, - "DescribeVocabulary": { - "privilege": "DescribeVocabulary", - "description": "Grants permission to describe a vocabulary in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "vocabulary": { - "resource_type": "vocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeVocabulary.html" - }, - "DisassociateApprovedOrigin": { - "privilege": "DisassociateApprovedOrigin", - "description": "Grants permission to disassociate approved origin for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DisassociateBot": { - "privilege": "DisassociateBot", - "description": "Grants permission to disassociate a Lex bot for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "lex:DeleteResourcePolicy", - "lex:UpdateResourcePolicy" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DisassociateCustomerProfilesDomain": { - "privilege": "DisassociateCustomerProfilesDomain", - "description": "Grants permission to disassociate a Customer Profiles domain for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:DeleteRolePolicy", - "iam:DetachRolePolicy", - "iam:GetPolicy", - "iam:GetPolicyVersion", - "iam:GetRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DisassociateInstanceStorageConfig": { - "privilege": "DisassociateInstanceStorageConfig", - "description": "Grants permission to disassociate instance storage for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:StorageResourceType", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DisassociateLambdaFunction": { - "privilege": "DisassociateLambdaFunction", - "description": "Grants permission to disassociate a Lambda function for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "lambda:RemovePermission" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DisassociateLexBot": { - "privilege": "DisassociateLexBot", - "description": "Grants permission to disassociate a Lex bot for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DisassociatePhoneNumberContactFlow": { - "privilege": "DisassociatePhoneNumberContactFlow", - "description": "Grants permission to disassociate contact flow resources from phone number resources in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "phone-number": { - "resource_type": "phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DisassociatePhoneNumberContactFlow.html" - }, - "DisassociateQueueQuickConnects": { - "privilege": "DisassociateQueueQuickConnects", - "description": "Grants permission to disassociate quick connects from a queue in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "quick-connect": { - "resource_type": "quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DisassociateQueueQuickConnects.html" - }, - "DisassociateRoutingProfileQueues": { - "privilege": "DisassociateRoutingProfileQueues", - "description": "Grants permission to disassociate queues from a routing profile in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DisassociateRoutingProfileQueues.html" - }, - "DisassociateSecurityKey": { - "privilege": "DisassociateSecurityKey", - "description": "Grants permission to disassociate the security key for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "DismissUserContact": { - "privilege": "DismissUserContact", - "description": "Grants permission to dismiss terminated Contact from Agent CCP", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DismissUserContact.html" - }, - "GetContactAttributes": { - "privilege": "GetContactAttributes", - "description": "Grants permission to retrieve the contact attributes for the specified contact", - "access_level": "Read", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetContactAttributes.html" - }, - "GetCurrentMetricData": { - "privilege": "GetCurrentMetricData", - "description": "Grants permission to retrieve current metric data for queues and routing profiles in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetCurrentMetricData.html" - }, - "GetCurrentUserData": { - "privilege": "GetCurrentUserData", - "description": "Grants permission to retrieve current user data in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetCurrentUserData.html" - }, - "GetFederationToken": { - "privilege": "GetFederationToken", - "description": "Grants permission to federate into an Amazon Connect instance when using SAML-based authentication for identity management", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetFederationToken.html" - }, - "GetFederationTokens": { - "privilege": "GetFederationTokens", - "description": "Grants permission to federate into an Amazon Connect instance (Log in for emergency access functionality in the Amazon Connect console)", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeInstance", - "connect:ListInstances", - "ds:DescribeDirectories" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/emergency-admin-login.html" - }, - "GetMetricData": { - "privilege": "GetMetricData", - "description": "Grants permission to retrieve historical metric data for queues in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetMetricData.html" - }, - "GetMetricDataV2": { - "privilege": "GetMetricDataV2", - "description": "Grants permission to retrieve metric data in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetMetricDataV2.html" - }, - "GetPromptFile": { - "privilege": "GetPromptFile", - "description": "Grants permission to get details about a prompt's presigned Amazon S3 URL in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "prompt": { - "resource_type": "prompt", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetPromptFile.html" - }, - "GetTaskTemplate": { - "privilege": "GetTaskTemplate", - "description": "Grants permission to get details about specified task template in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "task-template": { - "resource_type": "task-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetTaskTemplate.html" - }, - "GetTrafficDistribution": { - "privilege": "GetTrafficDistribution", - "description": "Grants permission to read traffic distribution for a traffic distribution group", - "access_level": "List", - "resource_types": { - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetTrafficDistribution.html" - }, - "ListAgentStatuses": { - "privilege": "ListAgentStatuses", - "description": "Grants permission to list agent statuses in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "wildcard-agent-status": { - "resource_type": "wildcard-agent-status", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListAgentStatuses.html" - }, - "ListApprovedOrigins": { - "privilege": "ListApprovedOrigins", - "description": "Grants permission to view approved origins of an existing Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListBots": { - "privilege": "ListBots", - "description": "Grants permission to view the Lex bots of an existing Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListContactEvaluations": { - "privilege": "ListContactEvaluations", - "description": "Grants permission to list contact evaluations in the specified Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactEvaluations.html" - }, - "ListContactFlowModules": { - "privilege": "ListContactFlowModules", - "description": "Grants permission to list contact flow module resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactFlowModules.html" - }, - "ListContactFlows": { - "privilege": "ListContactFlows", - "description": "Grants permission to list contact flow resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "wildcard-contact-flow": { - "resource_type": "wildcard-contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactFlows.html" - }, - "ListContactReferences": { - "privilege": "ListContactReferences", - "description": "Grants permission to list references associated with a contact in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactReferences.html" - }, - "ListDefaultVocabularies": { - "privilege": "ListDefaultVocabularies", - "description": "Grants permission to list default vocabularies associated with a Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListDefaultVocabularies.html" - }, - "ListEvaluationFormVersions": { - "privilege": "ListEvaluationFormVersions", - "description": "Grants permission to list versions of an evaluation form in the specified Amazon Connect instance", - "access_level": "List", - "resource_types": { - "evaluation-form": { - "resource_type": "evaluation-form", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListEvaluationFormVersions.html" - }, - "ListEvaluationForms": { - "privilege": "ListEvaluationForms", - "description": "Grants permission to list evaluation forms in the specified Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListEvaluationForms.html" - }, - "ListHoursOfOperations": { - "privilege": "ListHoursOfOperations", - "description": "Grants permission to list hours of operation resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListHoursOfOperations.html" - }, - "ListInstanceAttributes": { - "privilege": "ListInstanceAttributes", - "description": "Grants permission to view the attributes of an existing Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListInstanceStorageConfigs": { - "privilege": "ListInstanceStorageConfigs", - "description": "Grants permission to view storage configurations of an existing Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListInstances": { - "privilege": "ListInstances", - "description": "Grants permission to view the Amazon Connect instances associated with an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListIntegrationAssociations": { - "privilege": "ListIntegrationAssociations", - "description": "Grants permission to list summary information about the integration associations for the specified Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeInstance", - "ds:DescribeDirectories" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListIntegrationAssociations.html" - }, - "ListLambdaFunctions": { - "privilege": "ListLambdaFunctions", - "description": "Grants permission to view the Lambda functions of an existing Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListLexBots": { - "privilege": "ListLexBots", - "description": "Grants permission to view the Lex bots of an existing Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListPhoneNumbers": { - "privilege": "ListPhoneNumbers", - "description": "Grants permission to list phone number resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "wildcard-legacy-phone-number": { - "resource_type": "wildcard-legacy-phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbers.html" - }, - "ListPhoneNumbersV2": { - "privilege": "ListPhoneNumbersV2", - "description": "Grants permission to list phone number resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "wildcard-phone-number": { - "resource_type": "wildcard-phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html" - }, - "ListPrompts": { - "privilege": "ListPrompts", - "description": "Grants permission to list prompt resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPrompts.html" - }, - "ListQueueQuickConnects": { - "privilege": "ListQueueQuickConnects", - "description": "Grants permission to list quick connect resources in a queue in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListQueueQuickConnects.html" - }, - "ListQueues": { - "privilege": "ListQueues", - "description": "Grants permission to list queue resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "wildcard-queue": { - "resource_type": "wildcard-queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListQueues.html" - }, - "ListQuickConnects": { - "privilege": "ListQuickConnects", - "description": "Grants permission to list quick connect resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "wildcard-quick-connect": { - "resource_type": "wildcard-quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListQuickConnects.html" - }, - "ListRealtimeContactAnalysisSegments": { - "privilege": "ListRealtimeContactAnalysisSegments", - "description": "Grants permission to list the analysis segments for a real-time analysis session", - "access_level": "Read", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/contact-lens/latest/APIReference/API_ListRealtimeContactAnalysisSegments.html" - }, - "ListRoutingProfileQueues": { - "privilege": "ListRoutingProfileQueues", - "description": "Grants permission to list queue resources in a routing profile in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListRoutingProfileQueues.html" - }, - "ListRoutingProfiles": { - "privilege": "ListRoutingProfiles", - "description": "Grants permission to list routing profile resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListRoutingProfiles.html" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to list rules associated with a Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListRules.html" - }, - "ListSecurityKeys": { - "privilege": "ListSecurityKeys", - "description": "Grants permission to view the security keys of an existing Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ListSecurityProfilePermissions": { - "privilege": "ListSecurityProfilePermissions", - "description": "Grants permission to list permissions associated with security profile in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "security-profile": { - "resource_type": "security-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListSecurityProfilePermissions.html" - }, - "ListSecurityProfiles": { - "privilege": "ListSecurityProfiles", - "description": "Grants permission to list security profile resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListSecurityProfiles.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an Amazon Connect resource", - "access_level": "Read", - "resource_types": { - "agent-status": { - "resource_type": "agent-status", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation-form": { - "resource_type": "evaluation-form", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "integration-association": { - "resource_type": "integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "phone-number": { - "resource_type": "phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "prompt": { - "resource_type": "prompt", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "quick-connect": { - "resource_type": "quick-connect", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "security-profile": { - "resource_type": "security-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "use-case": { - "resource_type": "use-case", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "wildcard-phone-number": { - "resource_type": "wildcard-phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTaskTemplates": { - "privilege": "ListTaskTemplates", - "description": "Grants permission to list task template resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListTaskTemplates.html" - }, - "ListTrafficDistributionGroups": { - "privilege": "ListTrafficDistributionGroups", - "description": "Grants permission to list traffic distribution groups", - "access_level": "List", - "resource_types": { - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListTrafficDistributionGroups.html" - }, - "ListUseCases": { - "privilege": "ListUseCases", - "description": "Grants permission to list the use cases of an integration association", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeInstance", - "ds:DescribeDirectories" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListUseCases.html" - }, - "ListUserHierarchyGroups": { - "privilege": "ListUserHierarchyGroups", - "description": "Grants permission to list the hierarchy group resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListUserHierarchyGroups.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list user resources in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListUsers.html" - }, - "MonitorContact": { - "privilege": "MonitorContact", - "description": "Grants permission to monitor an ongoing contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:MonitorCapabilities", - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_MonitorContact.html" - }, - "PutUserStatus": { - "privilege": "PutUserStatus", - "description": "Grants permission to switch User Status in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "agent-status": { - "resource_type": "agent-status", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_PutUserStatus.html" - }, - "ReleasePhoneNumber": { - "privilege": "ReleasePhoneNumber", - "description": "Grants permission to release phone number resources in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "phone-number": { - "resource_type": "phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ReleasePhoneNumber.html" - }, - "ReplicateInstance": { - "privilege": "ReplicateInstance", - "description": "Grants permission to create a replica of an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ds:AuthorizeApplication", - "ds:CheckAlias", - "ds:CreateAlias", - "ds:CreateDirectory", - "ds:CreateIdentityPoolDirectory", - "ds:DeleteDirectory", - "ds:DescribeDirectories", - "ds:UnauthorizeApplication", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "ResumeContactRecording": { - "privilege": "ResumeContactRecording", - "description": "Grants permission to resume recording for the specified contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ResumeContactRecording.html" - }, - "SearchAvailablePhoneNumbers": { - "privilege": "SearchAvailablePhoneNumbers", - "description": "Grants permission to search phone number resources in an Amazon Connect instance or traffic distribution group", - "access_level": "List", - "resource_types": { - "wildcard-phone-number": { - "resource_type": "wildcard-phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchAvailablePhoneNumbers.html" - }, - "SearchHoursOfOperations": { - "privilege": "SearchHoursOfOperations", - "description": "Grants permission to search hours of operation resources in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeHoursOfOperation" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "connect:SearchTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchHoursOfOperations.html" - }, - "SearchPrompts": { - "privilege": "SearchPrompts", - "description": "Grants permission to search prompt resources in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribePrompt" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "connect:SearchTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchPrompts.html" - }, - "SearchQueues": { - "privilege": "SearchQueues", - "description": "Grants permission to search queue resources in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeQueue" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "connect:SearchTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchQueues.html" - }, - "SearchQuickConnects": { - "privilege": "SearchQuickConnects", - "description": "Grants permission to search quick connect resources in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeQuickConnect" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "connect:SearchTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchQuickConnects.html" - }, - "SearchResourceTags": { - "privilege": "SearchResourceTags", - "description": "Grants permission to search tags used in an Amazon Connect instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchResourceTags.html" - }, - "SearchRoutingProfiles": { - "privilege": "SearchRoutingProfiles", - "description": "Grants permission to search routing profile resources in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeRoutingProfile" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "connect:SearchTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html" - }, - "SearchSecurityProfiles": { - "privilege": "SearchSecurityProfiles", - "description": "Grants permission to search security profile resources in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeSecurityProfile" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "connect:SearchTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchSecurityProfiles.html" - }, - "SearchUsers": { - "privilege": "SearchUsers", - "description": "Grants permission to search user resources in an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "connect:DescribeUser" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId", - "connect:SearchTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchUsers.html" - }, - "SearchVocabularies": { - "privilege": "SearchVocabularies", - "description": "Grants permission to search vocabularies in a Amazon Connect instance", - "access_level": "List", - "resource_types": { - "vocabulary": { - "resource_type": "vocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchVocabularies.html" - }, - "StartChatContact": { - "privilege": "StartChatContact", - "description": "Grants permission to initiate a chat using the Amazon Connect API", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact": { - "resource_type": "contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartChatContact.html" - }, - "StartContactEvaluation": { - "privilege": "StartContactEvaluation", - "description": "Grants permission to start an empty evaluation in the specified Amazon Connect instance, using the given evaluation form for the particular contact. The evaluation form version used for the contact evaluation corresponds to the currently activated version. If no version is activated for the evaluation form, the contact evaluation cannot be started", - "access_level": "Write", - "resource_types": { - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartContactEvaluation.html" - }, - "StartContactRecording": { - "privilege": "StartContactRecording", - "description": "Grants permission to start recording for the specified contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartContactRecording.html" - }, - "StartContactStreaming": { - "privilege": "StartContactStreaming", - "description": "Grants permission to start chat streaming using the Amazon Connect API", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartContactStreaming.html" - }, - "StartForecastingPlanningSchedulingIntegration": { - "privilege": "StartForecastingPlanningSchedulingIntegration", - "description": "Grants permission to enable forecasting, planning, and scheduling integration on an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" - }, - "StartOutboundVoiceContact": { - "privilege": "StartOutboundVoiceContact", - "description": "Grants permission to initiate outbound calls using the Amazon Connect API", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartOutboundVoiceContact.html" - }, - "StartTaskContact": { - "privilege": "StartTaskContact", - "description": "Grants permission to initiate a task using the Amazon Connect API", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact": { - "resource_type": "contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "quick-connect": { - "resource_type": "quick-connect", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-template": { - "resource_type": "task-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartTaskContact.html" - }, - "StopContact": { - "privilege": "StopContact", - "description": "Grants permission to stop contacts that were initiated using the Amazon Connect API. If you use this operation on an active contact the contact ends, even if the agent is active on a call with a customer", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StopContact.html" - }, - "StopContactRecording": { - "privilege": "StopContactRecording", - "description": "Grants permission to stop recording for the specified contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StopContactRecording.html" - }, - "StopContactStreaming": { - "privilege": "StopContactStreaming", - "description": "Grants permission to stop chat streaming using the Amazon Connect API", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StopContactStreaming.html" - }, - "StopForecastingPlanningSchedulingIntegration": { - "privilege": "StopForecastingPlanningSchedulingIntegration", - "description": "Grants permission to disable forecasting, planning, and scheduling integration on an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" - }, - "SubmitContactEvaluation": { - "privilege": "SubmitContactEvaluation", - "description": "Grants permission to submit a contact evaluation in the specified Amazon Connect instance. Answers included in the request are merged with existing answers for the given evaluation. If no answers or notes are passed, the evaluation is submitted with the existing answers and notes. You can delete an answer or note by passing an empty object ( { }) to the question identifier", - "access_level": "Write", - "resource_types": { - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SubmitContactEvaluation.html" - }, - "SuspendContactRecording": { - "privilege": "SuspendContactRecording", - "description": "Grants permission to suspend recording for the specified contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SuspendContactRecording.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon Connect resource", - "access_level": "Tagging", - "resource_types": { - "agent-status": { - "resource_type": "agent-status", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation-form": { - "resource_type": "evaluation-form", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "integration-association": { - "resource_type": "integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "phone-number": { - "resource_type": "phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "prompt": { - "resource_type": "prompt", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "quick-connect": { - "resource_type": "quick-connect", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "security-profile": { - "resource_type": "security-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-template": { - "resource_type": "task-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "use-case": { - "resource_type": "use-case", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vocabulary": { - "resource_type": "vocabulary", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "wildcard-phone-number": { - "resource_type": "wildcard-phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_TagResource.html" - }, - "TransferContact": { - "privilege": "TransferContact", - "description": "Grants permission to transfer the contact to another queue or agent", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_TransferContact.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Amazon Connect resource", - "access_level": "Tagging", - "resource_types": { - "agent-status": { - "resource_type": "agent-status", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation-form": { - "resource_type": "evaluation-form", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "integration-association": { - "resource_type": "integration-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "phone-number": { - "resource_type": "phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "prompt": { - "resource_type": "prompt", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "quick-connect": { - "resource_type": "quick-connect", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "security-profile": { - "resource_type": "security-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-template": { - "resource_type": "task-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "use-case": { - "resource_type": "use-case", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vocabulary": { - "resource_type": "vocabulary", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "wildcard-phone-number": { - "resource_type": "wildcard-phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UntagResource.html" - }, - "UpdateAgentStatus": { - "privilege": "UpdateAgentStatus", - "description": "Grants permission to update agent status in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "agent-status": { - "resource_type": "agent-status", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateAgentStatus.html" - }, - "UpdateContact": { - "privilege": "UpdateContact", - "description": "Grants permission to update a contact in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContact.html" - }, - "UpdateContactAttributes": { - "privilege": "UpdateContactAttributes", - "description": "Grants permission to create or update the contact attributes associated with the specified contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactAttributes.html" - }, - "UpdateContactEvaluation": { - "privilege": "UpdateContactEvaluation", - "description": "Grants permission to update details about a contact evaluation in the specified Amazon Connect instance. A contact evaluation must be in the draft state. Answers included in the request are merged with existing answers for the given evaluation. An answer or note can be deleted by passing an empty object ( { }) to the question identifier", - "access_level": "Write", - "resource_types": { - "contact-evaluation": { - "resource_type": "contact-evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactEvaluation.html" - }, - "UpdateContactFlowContent": { - "privilege": "UpdateContactFlowContent", - "description": "Grants permission to update contact flow content in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowContent.html" - }, - "UpdateContactFlowMetadata": { - "privilege": "UpdateContactFlowMetadata", - "description": "Grants permission to update the metadata of a contact flow in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowMetadata.html" - }, - "UpdateContactFlowModuleContent": { - "privilege": "UpdateContactFlowModuleContent", - "description": "Grants permission to update contact flow module content in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowModuleContent.html" - }, - "UpdateContactFlowModuleMetadata": { - "privilege": "UpdateContactFlowModuleMetadata", - "description": "Grants permission to update the metadata of a contact flow module in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow-module": { - "resource_type": "contact-flow-module", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowModuleMetadata.html" - }, - "UpdateContactFlowName": { - "privilege": "UpdateContactFlowName", - "description": "Grants permission to update the name and description of a contact flow in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact-flow": { - "resource_type": "contact-flow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowName.html" - }, - "UpdateContactSchedule": { - "privilege": "UpdateContactSchedule", - "description": "Grants permission to update the schedule of a contact that is already scheduled in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactSchedule.html" - }, - "UpdateEvaluationForm": { - "privilege": "UpdateEvaluationForm", - "description": "Grants permission to update details about a specific evaluation form version in the specified Amazon Connect instance. Question and section identifiers cannot be duplicated within the same evaluation form", - "access_level": "Write", - "resource_types": { - "evaluation-form": { - "resource_type": "evaluation-form", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateEvaluationForm.html" - }, - "UpdateHoursOfOperation": { - "privilege": "UpdateHoursOfOperation", - "description": "Grants permission to update hours of operation in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateHoursOfOperation.html" - }, - "UpdateInstanceAttribute": { - "privilege": "UpdateInstanceAttribute", - "description": "Grants permission to update the attribute for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "logs:CreateLogGroup" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:AttributeType", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "UpdateInstanceStorageConfig": { - "privilege": "UpdateInstanceStorageConfig", - "description": "Grants permission to update the storage configuration for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories", - "firehose:DescribeDeliveryStream", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "kinesis:DescribeStream", - "kms:CreateGrant", - "kms:DescribeKey", - "s3:GetBucketAcl", - "s3:GetBucketLocation" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:StorageResourceType", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" - }, - "UpdateParticipantRoleConfig": { - "privilege": "UpdateParticipantRoleConfig", - "description": "Grants permission to update participant role configurations associated with a contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateParticipantRoleConfig.html" - }, - "UpdatePhoneNumber": { - "privilege": "UpdatePhoneNumber", - "description": "Grants permission to update phone number resources in an Amazon Connect instance or traffic distribution group", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "phone-number": { - "resource_type": "phone-number", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdatePhoneNumber.html" - }, - "UpdatePrompt": { - "privilege": "UpdatePrompt", - "description": "Grants permission to update a prompt's name, description, and Amazon S3 URI in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "prompt": { - "resource_type": "prompt", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kms:Decrypt", - "s3:GetObject", - "s3:GetObjectAcl" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdatePrompt.html" - }, - "UpdateQueueHoursOfOperation": { - "privilege": "UpdateQueueHoursOfOperation", - "description": "Grants permission to update queue hours of operation in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hours-of-operation": { - "resource_type": "hours-of-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueHoursOfOperation.html" - }, - "UpdateQueueMaxContacts": { - "privilege": "UpdateQueueMaxContacts", - "description": "Grants permission to update queue capacity in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueMaxContacts.html" - }, - "UpdateQueueName": { - "privilege": "UpdateQueueName", - "description": "Grants permission to update a queue name and description in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueName.html" - }, - "UpdateQueueOutboundCallerConfig": { - "privilege": "UpdateQueueOutboundCallerConfig", - "description": "Grants permission to update queue outbound caller config in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "phone-number": { - "resource_type": "phone-number", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueOutboundCallerConfig.html" - }, - "UpdateQueueStatus": { - "privilege": "UpdateQueueStatus", - "description": "Grants permission to update queue status in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueStatus.html" - }, - "UpdateQuickConnectConfig": { - "privilege": "UpdateQuickConnectConfig", - "description": "Grants permission to update the configuration of a quick connect in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "quick-connect": { - "resource_type": "quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-flow": { - "resource_type": "contact-flow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "queue": { - "resource_type": "queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQuickConnectConfig.html" - }, - "UpdateQuickConnectName": { - "privilege": "UpdateQuickConnectName", - "description": "Grants permission to update a quick connect name and description in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "quick-connect": { - "resource_type": "quick-connect", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQuickConnectName.html" - }, - "UpdateRoutingProfileConcurrency": { - "privilege": "UpdateRoutingProfileConcurrency", - "description": "Grants permission to update the concurrency in a routing profile in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileConcurrency.html" - }, - "UpdateRoutingProfileDefaultOutboundQueue": { - "privilege": "UpdateRoutingProfileDefaultOutboundQueue", - "description": "Grants permission to update the outbound queue in a routing profile in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileDefaultOutboundQueue.html" - }, - "UpdateRoutingProfileName": { - "privilege": "UpdateRoutingProfileName", - "description": "Grants permission to update a routing profile name and description in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileName.html" - }, - "UpdateRoutingProfileQueues": { - "privilege": "UpdateRoutingProfileQueues", - "description": "Grants permission to update the queues in routing profile in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileQueues.html" - }, - "UpdateRule": { - "privilege": "UpdateRule", - "description": "Grants permission to update a rule for an existing Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRule.html" - }, - "UpdateSecurityProfile": { - "privilege": "UpdateSecurityProfile", - "description": "Grants permission to update a security profile group for a user in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "security-profile": { - "resource_type": "security-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateSecurityProfile.html" - }, - "UpdateTaskTemplate": { - "privilege": "UpdateTaskTemplate", - "description": "Grants permission to update task template belonging to a Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "task-template": { - "resource_type": "task-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateTaskTemplate.html" - }, - "UpdateTrafficDistribution": { - "privilege": "UpdateTrafficDistribution", - "description": "Grants permission to update traffic distribution for a traffic distribution group", - "access_level": "Write", - "resource_types": { - "traffic-distribution-group": { - "resource_type": "traffic-distribution-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateTrafficDistribution.html" - }, - "UpdateUserHierarchy": { - "privilege": "UpdateUserHierarchy", - "description": "Grants permission to update a hierarchy group for a user in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserHierarchy.html" - }, - "UpdateUserHierarchyGroupName": { - "privilege": "UpdateUserHierarchyGroupName", - "description": "Grants permission to update a user hierarchy group name in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "hierarchy-group": { - "resource_type": "hierarchy-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserHierarchyGroupName.html" - }, - "UpdateUserHierarchyStructure": { - "privilege": "UpdateUserHierarchyStructure", - "description": "Grants permission to update user hierarchy structure in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserHierarchyStructure.html" - }, - "UpdateUserIdentityInfo": { - "privilege": "UpdateUserIdentityInfo", - "description": "Grants permission to update identity information for a user in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserIdentityInfo.html" - }, - "UpdateUserPhoneConfig": { - "privilege": "UpdateUserPhoneConfig", - "description": "Grants permission to update phone configuration settings for a user in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserPhoneConfig.html" - }, - "UpdateUserRoutingProfile": { - "privilege": "UpdateUserRoutingProfile", - "description": "Grants permission to update a routing profile for a user in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "routing-profile": { - "resource_type": "routing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserRoutingProfile.html" - }, - "UpdateUserSecurityProfiles": { - "privilege": "UpdateUserSecurityProfiles", - "description": "Grants permission to update security profiles for a user in an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "security-profile": { - "resource_type": "security-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "connect:InstanceId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserSecurityProfiles.html" - } - }, - "resources": { - "instance": { - "resource": "instance", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "contact": { - "resource": "contact", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact/${ContactId}", - "condition_keys": [] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent/${UserId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "routing-profile": { - "resource": "routing-profile", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/routing-profile/${RoutingProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "security-profile": { - "resource": "security-profile", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/security-profile/${SecurityProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "hierarchy-group": { - "resource": "hierarchy-group", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent-group/${HierarchyGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "queue": { - "resource": "queue", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/queue/${QueueId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "wildcard-queue": { - "resource": "wildcard-queue", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/queue/*", - "condition_keys": [] - }, - "quick-connect": { - "resource": "quick-connect", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/transfer-destination/${QuickConnectId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "wildcard-quick-connect": { - "resource": "wildcard-quick-connect", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/transfer-destination/*", - "condition_keys": [] - }, - "contact-flow": { - "resource": "contact-flow", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact-flow/${ContactFlowId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "task-template": { - "resource": "task-template", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/task-template/${TaskTemplateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "contact-flow-module": { - "resource": "contact-flow-module", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/flow-module/${ContactFlowModuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "wildcard-contact-flow": { - "resource": "wildcard-contact-flow", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact-flow/*", - "condition_keys": [] - }, - "hours-of-operation": { - "resource": "hours-of-operation", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/operating-hours/${HoursOfOperationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "agent-status": { - "resource": "agent-status", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent-state/${AgentStatusId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "wildcard-agent-status": { - "resource": "wildcard-agent-status", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent-state/*", - "condition_keys": [] - }, - "legacy-phone-number": { - "resource": "legacy-phone-number", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/phone-number/${PhoneNumberId}", - "condition_keys": [] - }, - "wildcard-legacy-phone-number": { - "resource": "wildcard-legacy-phone-number", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/phone-number/*", - "condition_keys": [] - }, - "phone-number": { - "resource": "phone-number", - "arn": "arn:${Partition}:connect:${Region}:${Account}:phone-number/${PhoneNumberId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "wildcard-phone-number": { - "resource": "wildcard-phone-number", - "arn": "arn:${Partition}:connect:${Region}:${Account}:phone-number/*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "integration-association": { - "resource": "integration-association", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/integration-association/${IntegrationAssociationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "use-case": { - "resource": "use-case", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/use-case/${UseCaseId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vocabulary": { - "resource": "vocabulary", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/vocabulary/${VocabularyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "traffic-distribution-group": { - "resource": "traffic-distribution-group", - "arn": "arn:${Partition}:connect:${Region}:${Account}:traffic-distribution-group/${TrafficDistributionGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "rule": { - "resource": "rule", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/rule/${RuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "evaluation-form": { - "resource": "evaluation-form", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/evaluation-form/${FormId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "contact-evaluation": { - "resource": "contact-evaluation", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact-evaluation/${EvaluationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "prompt": { - "resource": "prompt", - "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/prompt/${PromptId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by using tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by using tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by using tag keys in the request", - "type": "ArrayOfString" - }, - "connect:AttributeType": { - "condition": "connect:AttributeType", - "description": "Filters access by the attribute type of the Amazon Connect instance", - "type": "String" - }, - "connect:InstanceId": { - "condition": "connect:InstanceId", - "description": "Filters access by restricting federation into specified Amazon Connect instances", - "type": "String" - }, - "connect:MonitorCapabilities": { - "condition": "connect:MonitorCapabilities", - "description": "Filters access by restricting the monitor capabilities of the user in the request", - "type": "ArrayOfString" - }, - "connect:SearchTag/${TagKey}": { - "condition": "connect:SearchTag/${TagKey}", - "description": "Filters access by TagFilter condition passed in the search request", - "type": "String" - }, - "connect:StorageResourceType": { - "condition": "connect:StorageResourceType", - "description": "Filters access by restricting the storage resource type of the Amazon Connect instance storage configuration", - "type": "String" - } - } - }, - "cases": { - "service_name": "Amazon Connect Cases", - "prefix": "cases", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectcases.html", - "privileges": { - "BatchGetField": { - "privilege": "BatchGetField", - "description": "Grants permission to retrieve information about the fields in the case domain", - "access_level": "Read", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_BatchGetField.html" - }, - "BatchPutFieldOptions": { - "privilege": "BatchPutFieldOptions", - "description": "Grants permission to update the field options in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_BatchPutFieldOptions.html" - }, - "CreateCase": { - "privilege": "CreateCase", - "description": "Grants permission to create a case in the case domain", - "access_level": "Write", - "resource_types": { - "Case": { - "resource_type": "Case", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Template": { - "resource_type": "Template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateCase.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Grants permission to create a new case domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateDomain.html" - }, - "CreateField": { - "privilege": "CreateField", - "description": "Grants permission to create a field in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateField.html" - }, - "CreateLayout": { - "privilege": "CreateLayout", - "description": "Grants permission to create a layout in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Layout": { - "resource_type": "Layout", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateLayout.html" - }, - "CreateRelatedItem": { - "privilege": "CreateRelatedItem", - "description": "Grants permission to create a related item associated to a case in the case domain", - "access_level": "Write", - "resource_types": { - "Case": { - "resource_type": "Case", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "RelatedItem": { - "resource_type": "RelatedItem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateRelatedItem.html" - }, - "CreateTemplate": { - "privilege": "CreateTemplate", - "description": "Grants permission to create a template in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Layout": { - "resource_type": "Layout", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Template": { - "resource_type": "Template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateTemplate.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete the domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_DeleteDomain.html" - }, - "GetCase": { - "privilege": "GetCase", - "description": "Grants permission to retrieve information about a case in the case domain", - "access_level": "Read", - "resource_types": { - "Case": { - "resource_type": "Case", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetCase.html" - }, - "GetCaseEventConfiguration": { - "privilege": "GetCaseEventConfiguration", - "description": "Grants permission to retrieve information about the case event configuraton in the case domain", - "access_level": "Read", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetCaseEventConfiguration.html" - }, - "GetDomain": { - "privilege": "GetDomain", - "description": "Grants permission to retrieve information about the case domain", - "access_level": "Read", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetDomain.html" - }, - "GetLayout": { - "privilege": "GetLayout", - "description": "Grants permission to retrieve information about the layout in the case domain", - "access_level": "Read", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Layout": { - "resource_type": "Layout", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetLayout.html" - }, - "GetTemplate": { - "privilege": "GetTemplate", - "description": "Grants permission to retrieve information about the template in the case domain", - "access_level": "Read", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Template": { - "resource_type": "Template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetTemplate.html" - }, - "ListCasesForContact": { - "privilege": "ListCasesForContact", - "description": "Grants permission to list cases for a specific contact in the case domain", - "access_level": "List", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListCasesForContact.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list all domains in the aws account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListDomains.html" - }, - "ListFieldOptions": { - "privilege": "ListFieldOptions", - "description": "Grants permission to list field options for a single select field in the case domain", - "access_level": "List", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListFieldOptions.html" - }, - "ListFields": { - "privilege": "ListFields", - "description": "Grants permission to list fields in the case domain", - "access_level": "List", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListFields.html" - }, - "ListLayouts": { - "privilege": "ListLayouts", - "description": "Grants permission to list layouts in the case domain", - "access_level": "List", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListLayouts.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for the specified resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTemplates": { - "privilege": "ListTemplates", - "description": "Grants permission to list templates in the case domain", - "access_level": "List", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListTemplates.html" - }, - "PutCaseEventConfiguration": { - "privilege": "PutCaseEventConfiguration", - "description": "Grants permission to insert or update the case event configuration in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_PutCaseEventConfiguration.html" - }, - "SearchCases": { - "privilege": "SearchCases", - "description": "Grants permission to search for cases in the case domain", - "access_level": "Read", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_SearchCases.html" - }, - "SearchRelatedItems": { - "privilege": "SearchRelatedItems", - "description": "Grants permission to search for related items associated to the case in the case domain", - "access_level": "Read", - "resource_types": { - "Case": { - "resource_type": "Case", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_SearchRelatedItems.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add the specified tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "Case": { - "resource_type": "Case", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Layout": { - "resource_type": "Layout", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RelatedItem": { - "resource_type": "RelatedItem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Template": { - "resource_type": "Template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the specified tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "Case": { - "resource_type": "Case", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Layout": { - "resource_type": "Layout", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RelatedItem": { - "resource_type": "RelatedItem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Template": { - "resource_type": "Template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UntagResource.html" - }, - "UpdateCase": { - "privilege": "UpdateCase", - "description": "Grants permission to update the field values on the case in the case domain", - "access_level": "Write", - "resource_types": { - "Case": { - "resource_type": "Case", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateCase.html" - }, - "UpdateField": { - "privilege": "UpdateField", - "description": "Grants permission to update the field in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Field": { - "resource_type": "Field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateField.html" - }, - "UpdateLayout": { - "privilege": "UpdateLayout", - "description": "Grants permission to update the layout in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Layout": { - "resource_type": "Layout", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateLayout.html" - }, - "UpdateTemplate": { - "privilege": "UpdateTemplate", - "description": "Grants permission to update the template in the case domain", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Template": { - "resource_type": "Template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateTemplate.html" - } - }, - "resources": { - "Case": { - "resource": "Case", - "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/case/${CaseId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Domain": { - "resource": "Domain", - "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Field": { - "resource": "Field", - "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/field/${FieldId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Layout": { - "resource": "Layout", - "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/layout/${LayoutId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "RelatedItem": { - "resource": "RelatedItem", - "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/case/${CaseId}/related-item/${RelatedItemId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Template": { - "resource": "Template", - "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/template/${TemplateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "profile": { - "service_name": "Amazon Connect Customer Profiles", - "prefix": "profile", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectcustomerprofiles.html", - "privileges": { - "AddProfileKey": { - "privilege": "AddProfileKey", - "description": "Grants permission to add a profile key", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_AddProfileKey.html" - }, - "CreateCalculatedAttributeDefinition": { - "privilege": "CreateCalculatedAttributeDefinition", - "description": "Grants permission to create a calculated attribute definition in the domain", - "access_level": "Write", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateCalculatedAttributeDefinition.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Grants permission to create a Domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateDomain.html" - }, - "CreateEventStream": { - "privilege": "CreateEventStream", - "description": "Grants permission to put an event stream in a domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PutRolePolicy", - "kinesis:DescribeStreamSummary" - ] - }, - "event-streams": { - "resource_type": "event-streams", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateEventStream.html" - }, - "CreateIntegrationWorkflow": { - "privilege": "CreateIntegrationWorkflow", - "description": "Grants permission to create an integration workflow in a domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateIntegrationWorkflow.html" - }, - "CreateProfile": { - "privilege": "CreateProfile", - "description": "Grants permission to create a profile in the domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateProfile.html" - }, - "DeleteCalculatedAttributeDefinition": { - "privilege": "DeleteCalculatedAttributeDefinition", - "description": "Grants permission to delete a calculated attribute definition in the domain", - "access_level": "Write", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteCalculatedAttributeDefinition.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete a Domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteDomain.html" - }, - "DeleteEventStream": { - "privilege": "DeleteEventStream", - "description": "Grants permission to delete an event stream in a domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:DeleteRolePolicy" - ] - }, - "event-streams": { - "resource_type": "event-streams", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteEventStream.html" - }, - "DeleteIntegration": { - "privilege": "DeleteIntegration", - "description": "Grants permission to delete a integration in a domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "integrations": { - "resource_type": "integrations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteIntegration.html" - }, - "DeleteProfile": { - "privilege": "DeleteProfile", - "description": "Grants permission to delete a profile", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfile.html" - }, - "DeleteProfileKey": { - "privilege": "DeleteProfileKey", - "description": "Grants permission to delete a profile key", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfileKey.html" - }, - "DeleteProfileObject": { - "privilege": "DeleteProfileObject", - "description": "Grants permission to delete a profile object", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfileObject.html" - }, - "DeleteProfileObjectType": { - "privilege": "DeleteProfileObjectType", - "description": "Grants permission to delete a specific profile object type in the domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfileObjectType.html" - }, - "DeleteWorkflow": { - "privilege": "DeleteWorkflow", - "description": "Grants permission to delete a workflow in a domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteWorkflow.html" - }, - "GetAutoMergingPreview": { - "privilege": "GetAutoMergingPreview", - "description": "Grants permission to get a preview of auto merging in a domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetAutoMergingPreview.html" - }, - "GetCalculatedAttributeDefinition": { - "privilege": "GetCalculatedAttributeDefinition", - "description": "Grants permission to get a calculated attribute definition in the domain", - "access_level": "Read", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetCalculatedAttributeDefinition.html" - }, - "GetCalculatedAttributeForProfile": { - "privilege": "GetCalculatedAttributeForProfile", - "description": "Grants permission to retrieve a calculated attribute for a specific profile in the domain", - "access_level": "Read", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetCalculatedAttributeForProfile.html" - }, - "GetDomain": { - "privilege": "GetDomain", - "description": "Grants permission to get a specific domain in an account", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetDomain.html" - }, - "GetEventStream": { - "privilege": "GetEventStream", - "description": "Grants permission to get a specific event stream in a domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kinesis:DescribeStreamSummary" - ] - }, - "event-streams": { - "resource_type": "event-streams", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetEventStream.html" - }, - "GetIdentityResolutionJob": { - "privilege": "GetIdentityResolutionJob", - "description": "Grants permission to get an identity resolution job in a domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetIdentityResolutionJob.html" - }, - "GetIntegration": { - "privilege": "GetIntegration", - "description": "Grants permission to get a specific integrations in a domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "integrations": { - "resource_type": "integrations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetIntegration.html" - }, - "GetMatches": { - "privilege": "GetMatches", - "description": "Grants permission to get profile matches in a domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetMatches.html" - }, - "GetProfileObjectType": { - "privilege": "GetProfileObjectType", - "description": "Grants permission to get a specific profile object type in the domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetProfileObjectType.html" - }, - "GetProfileObjectTypeTemplate": { - "privilege": "GetProfileObjectTypeTemplate", - "description": "Grants permission to get a specific object type template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetProfileObjectTypeTemplate.html" - }, - "GetWorkflow": { - "privilege": "GetWorkflow", - "description": "Grants permission to get workflow details in a domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetWorkflow.html" - }, - "GetWorkflowSteps": { - "privilege": "GetWorkflowSteps", - "description": "Grants permission to get workflow step details in a domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetWorkflowSteps.html" - }, - "ListAccountIntegrations": { - "privilege": "ListAccountIntegrations", - "description": "Grants permission to list all the integrations in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListAccountIntegrations.html" - }, - "ListCalculatedAttributeDefinitions": { - "privilege": "ListCalculatedAttributeDefinitions", - "description": "Grants permission to list all the calculated attribute definitions in the domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListCalculatedAttributeDefinitions.html" - }, - "ListCalculatedAttributesForProfile": { - "privilege": "ListCalculatedAttributesForProfile", - "description": "Grants permission to list all calculated attributes for a specific profile in the domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListCalculatedAttributesForProfile.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list all the domains in an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListDomains.html" - }, - "ListEventStreams": { - "privilege": "ListEventStreams", - "description": "Grants permission to list all the event streams in a specific domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListEventStreams.html" - }, - "ListIdentityResolutionJobs": { - "privilege": "ListIdentityResolutionJobs", - "description": "Grants permission to list identity resolution jobs in a domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListIdentityResolutionJobs.html" - }, - "ListIntegrations": { - "privilege": "ListIntegrations", - "description": "Grants permission to list all the integrations in a specific domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListIntegrations.html" - }, - "ListProfileObjectTypeTemplates": { - "privilege": "ListProfileObjectTypeTemplates", - "description": "Grants permission to list all the profile object type templates in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListProfileObjectTypeTemplates.html" - }, - "ListProfileObjectTypes": { - "privilege": "ListProfileObjectTypes", - "description": "Grants permission to list all the profile object types in the domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListProfileObjectTypes.html" - }, - "ListProfileObjects": { - "privilege": "ListProfileObjects", - "description": "Grants permission to list all the profile objects for a profile", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListProfileObjects.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-streams": { - "resource_type": "event-streams", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "integrations": { - "resource_type": "integrations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWorkflows": { - "privilege": "ListWorkflows", - "description": "Grants permission to list all the workflows in a specific domain", - "access_level": "List", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListWorkflows.html" - }, - "MergeProfiles": { - "privilege": "MergeProfiles", - "description": "Grants permission to merge profiles in a domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_MergeProfiles.html" - }, - "PutIntegration": { - "privilege": "PutIntegration", - "description": "Grants permission to put a integration in a domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "integrations": { - "resource_type": "integrations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_PutIntegration.html" - }, - "PutProfileObject": { - "privilege": "PutProfileObject", - "description": "Grants permission to put an object for a profile", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_PutProfileObject.html" - }, - "PutProfileObjectType": { - "privilege": "PutProfileObjectType", - "description": "Grants permission to put a specific profile object type in the domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_PutProfileObjectType.html" - }, - "SearchProfiles": { - "privilege": "SearchProfiles", - "description": "Grants permission to search for profiles in a domain", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_SearchProfiles.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to adds tags to a resource", - "access_level": "Tagging", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-streams": { - "resource_type": "event-streams", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "integrations": { - "resource_type": "integrations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-streams": { - "resource_type": "event-streams", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "integrations": { - "resource_type": "integrations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "object-types": { - "resource_type": "object-types", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UntagResource.html" - }, - "UpdateCalculatedAttributeDefinition": { - "privilege": "UpdateCalculatedAttributeDefinition", - "description": "Grants permission to update a calculated attribute definition in the domain", - "access_level": "Write", - "resource_types": { - "calculated-attributes": { - "resource_type": "calculated-attributes", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UpdateCalculatedAttributeDefinition.html" - }, - "UpdateDomain": { - "privilege": "UpdateDomain", - "description": "Grants permission to update a Domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UpdateDomain.html" - }, - "UpdateProfile": { - "privilege": "UpdateProfile", - "description": "Grants permission to update a profile in the domain", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UpdateProfile.html" - } - }, - "resources": { - "domains": { - "resource": "domains", - "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "object-types": { - "resource": "object-types", - "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/object-types/${ObjectTypeName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "integrations": { - "resource": "integrations", - "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/integrations/${Uri}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "event-streams": { - "resource": "event-streams", - "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/event-streams/${EventStreamName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "calculated-attributes": { - "resource": "calculated-attributes", - "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/calculated-attributes/${CalculatedAttributeName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a key that is present in the request the user makes to the customer profile service", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the list of all the tag key names present in the request the user makes to the customer profile service", - "type": "ArrayOfString" - } - } - }, - "voiceid": { - "service_name": "Amazon Connect Voice ID", - "prefix": "voiceid", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectvoiceid.html", - "privileges": { - "AssociateFraudster": { - "privilege": "AssociateFraudster", - "description": "Grants permission to associate a fraudster with a watchlist", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_AssociateFraudster.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Grants permission to create a domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_CreateDomain.html" - }, - "CreateWatchlist": { - "privilege": "CreateWatchlist", - "description": "Grants permission to create a watchlist", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_CreateWatchlist.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteDomain.html" - }, - "DeleteFraudster": { - "privilege": "DeleteFraudster", - "description": "Grants permission to delete a fraudster", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteFraudster.html" - }, - "DeleteSpeaker": { - "privilege": "DeleteSpeaker", - "description": "Grants permission to delete a speaker", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteSpeaker.html" - }, - "DeleteWatchlist": { - "privilege": "DeleteWatchlist", - "description": "Grants permission to delete a watchlist", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteWatchlist.html" - }, - "DescribeComplianceConsent": { - "privilege": "DescribeComplianceConsent", - "description": "Grants permission to describe compliance consent", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-voiceid.html#enable-voiceid-step1" - }, - "DescribeDomain": { - "privilege": "DescribeDomain", - "description": "Grants permission to describe a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeDomain.html" - }, - "DescribeFraudster": { - "privilege": "DescribeFraudster", - "description": "Grants permission to describe a fraudster", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeFraudster.html" - }, - "DescribeFraudsterRegistrationJob": { - "privilege": "DescribeFraudsterRegistrationJob", - "description": "Grants permission to describe a fraudster registration job", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeFraudsterRegistrationJob.html" - }, - "DescribeSpeaker": { - "privilege": "DescribeSpeaker", - "description": "Grants permission to describe a speaker", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeSpeaker.html" - }, - "DescribeSpeakerEnrollmentJob": { - "privilege": "DescribeSpeakerEnrollmentJob", - "description": "Grants permission to describe a speaker enrollment job", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeSpeakerEnrollmentJob.html" - }, - "DescribeWatchlist": { - "privilege": "DescribeWatchlist", - "description": "Grants permission to describe a watchlist", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeWatchlist.html" - }, - "DisassociateFraudster": { - "privilege": "DisassociateFraudster", - "description": "Grants permission to disassociate a fraudster from a watchlist", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DisassociateFraudster.html" - }, - "EvaluateSession": { - "privilege": "EvaluateSession", - "description": "Grants permission to evaluate a session", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_EvaluateSession.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list domains for an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListDomains.html" - }, - "ListFraudsterRegistrationJobs": { - "privilege": "ListFraudsterRegistrationJobs", - "description": "Grants permission to list fraudster registration jobs for a domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListFraudsterRegistrationJobs.html" - }, - "ListFraudsters": { - "privilege": "ListFraudsters", - "description": "Grants permission to list fraudsters for a domain or watchlist", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListFraudsters.html" - }, - "ListSpeakerEnrollmentJobs": { - "privilege": "ListSpeakerEnrollmentJobs", - "description": "Grants permission to list speaker enrollment jobs for a domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListSpeakerEnrollmentJobs.html" - }, - "ListSpeakers": { - "privilege": "ListSpeakers", - "description": "Grants permission to list speakers for a domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListSpeakers.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a Voice ID resource", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWatchlists": { - "privilege": "ListWatchlists", - "description": "Grants permission to list watchlists for a domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListWatchlists.html" - }, - "OptOutSpeaker": { - "privilege": "OptOutSpeaker", - "description": "Grants permission to opt out a speaker", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_OptOutSpeaker.html" - }, - "RegisterComplianceConsent": { - "privilege": "RegisterComplianceConsent", - "description": "Grants permission to register compliance consent", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-voiceid.html#enable-voiceid-step1" - }, - "StartFraudsterRegistrationJob": { - "privilege": "StartFraudsterRegistrationJob", - "description": "Grants permission to start a fraudster registration job", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_StartFraudsterRegistrationJob.html" - }, - "StartSpeakerEnrollmentJob": { - "privilege": "StartSpeakerEnrollmentJob", - "description": "Grants permission to start a speaker enrollment job", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_StartSpeakerEnrollmentJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a Voice ID resource", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a Voice ID resource", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_UntagResource.html" - }, - "UpdateDomain": { - "privilege": "UpdateDomain", - "description": "Grants permission to update a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_UpdateDomain.html" - }, - "UpdateWatchlist": { - "privilege": "UpdateWatchlist", - "description": "Grants permission to update a watchlist", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_UpdateWatchlist.html" - } - }, - "resources": { - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:voiceid:${Region}:${Account}:domain/${DomainId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "wisdom": { - "service_name": "Amazon Connect Wisdom", - "prefix": "wisdom", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectwisdom.html", - "privileges": { - "CreateAssistant": { - "privilege": "CreateAssistant", - "description": "Grants permission to create an assistant", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateAssistant.html" - }, - "CreateAssistantAssociation": { - "privilege": "CreateAssistantAssociation", - "description": "Grants permission to create an association between an assistant and another resource", - "access_level": "Write", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateAssistantAssociation.html" - }, - "CreateContent": { - "privilege": "CreateContent", - "description": "Grants permission to create content", - "access_level": "Write", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateContent.html" - }, - "CreateKnowledgeBase": { - "privilege": "CreateKnowledgeBase", - "description": "Grants permission to create a knowledge base", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateKnowledgeBase.html" - }, - "CreateSession": { - "privilege": "CreateSession", - "description": "Grants permission to create a session", - "access_level": "Write", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateSession.html" - }, - "DeleteAssistant": { - "privilege": "DeleteAssistant", - "description": "Grants permission to delete an assistant", - "access_level": "Write", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteAssistant.html" - }, - "DeleteAssistantAssociation": { - "privilege": "DeleteAssistantAssociation", - "description": "Grants permission to delete an assistant association", - "access_level": "Write", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "AssistantAssociation": { - "resource_type": "AssistantAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteAssistantAssociation.html" - }, - "DeleteContent": { - "privilege": "DeleteContent", - "description": "Grants permission to delete content", - "access_level": "Write", - "resource_types": { - "Content": { - "resource_type": "Content", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteContent.html" - }, - "DeleteKnowledgeBase": { - "privilege": "DeleteKnowledgeBase", - "description": "Grants permission to delete a knowledge base", - "access_level": "Write", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteKnowledgeBase.html" - }, - "GetAssistant": { - "privilege": "GetAssistant", - "description": "Grants permission to retrieve information about an assistant", - "access_level": "Read", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetAssistant.html" - }, - "GetAssistantAssociation": { - "privilege": "GetAssistantAssociation", - "description": "Grants permission to retrieve information about an assistant association", - "access_level": "Read", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "AssistantAssociation": { - "resource_type": "AssistantAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetAssistantAssociation.html" - }, - "GetContent": { - "privilege": "GetContent", - "description": "Grants permission to retrieve content, including a pre-signed URL to download the content", - "access_level": "Read", - "resource_types": { - "Content": { - "resource_type": "Content", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetContent.html" - }, - "GetContentSummary": { - "privilege": "GetContentSummary", - "description": "Grants permission to retrieve summary information about the content", - "access_level": "Read", - "resource_types": { - "Content": { - "resource_type": "Content", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetContentSummary.html" - }, - "GetKnowledgeBase": { - "privilege": "GetKnowledgeBase", - "description": "Grants permission to retrieve information about the knowledge base", - "access_level": "Read", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetKnowledgeBase.html" - }, - "GetRecommendations": { - "privilege": "GetRecommendations", - "description": "Grants permission to retrieve recommendations for the specified session", - "access_level": "Read", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetRecommendations.html" - }, - "GetSession": { - "privilege": "GetSession", - "description": "Grants permission to retrieve information for a specified session", - "access_level": "Read", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Session": { - "resource_type": "Session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetSession.html" - }, - "ListAssistantAssociations": { - "privilege": "ListAssistantAssociations", - "description": "Grants permission to list information about assistant associations", - "access_level": "List", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListAssistantAssociations.html" - }, - "ListAssistants": { - "privilege": "ListAssistants", - "description": "Grants permission to list information about assistants", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListAssistants.html" - }, - "ListContents": { - "privilege": "ListContents", - "description": "Grants permission to list the content with a knowledge base", - "access_level": "List", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListContents.html" - }, - "ListKnowledgeBases": { - "privilege": "ListKnowledgeBases", - "description": "Grants permission to list information about knowledge bases", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListKnowledgeBases.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for the specified resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListTagsForResource.html" - }, - "NotifyRecommendationsReceived": { - "privilege": "NotifyRecommendationsReceived", - "description": "Grants permission to remove the specified recommendations from the specified assistant's queue of newly available recommendations", - "access_level": "Write", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_NotifyRecommendationsReceived.html" - }, - "QueryAssistant": { - "privilege": "QueryAssistant", - "description": "Grants permission to perform a manual search against the specified assistant", - "access_level": "Read", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_QueryAssistant.html" - }, - "RemoveKnowledgeBaseTemplateUri": { - "privilege": "RemoveKnowledgeBaseTemplateUri", - "description": "Grants permission to remove a URI template from a knowledge base", - "access_level": "Write", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_RemoveKnowledgeBaseTemplateUri.html" - }, - "SearchContent": { - "privilege": "SearchContent", - "description": "Grants permission to search for content referencing a specified knowledge base. Can be used to get a specific content resource by its name", - "access_level": "Read", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_SearchContent.html" - }, - "SearchSessions": { - "privilege": "SearchSessions", - "description": "Grants permission to search for sessions referencing a specified assistant. Can be used to et a specific session resource by its name", - "access_level": "Read", - "resource_types": { - "Assistant": { - "resource_type": "Assistant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_SearchSessions.html" - }, - "StartContentUpload": { - "privilege": "StartContentUpload", - "description": "Grants permission to get a URL to upload content to a knowledge base", - "access_level": "Write", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_StartContentUpload.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add the specified tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the specified tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_UntagResource.html" - }, - "UpdateContent": { - "privilege": "UpdateContent", - "description": "Grants permission to update information about the content", - "access_level": "Write", - "resource_types": { - "Content": { - "resource_type": "Content", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_UpdateContent.html" - }, - "UpdateKnowledgeBaseTemplateUri": { - "privilege": "UpdateKnowledgeBaseTemplateUri", - "description": "Grants permission to update the template URI of a knowledge base", - "access_level": "Write", - "resource_types": { - "KnowledgeBase": { - "resource_type": "KnowledgeBase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_UpdateKnowledgeBaseTemplateUri.html" - } - }, - "resources": { - "Assistant": { - "resource": "Assistant", - "arn": "arn:${Partition}:wisdom:${Region}:${Account}:assistant/${AssistantId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "AssistantAssociation": { - "resource": "AssistantAssociation", - "arn": "arn:${Partition}:wisdom:${Region}:${Account}:association/${AssistantId}/${AssistantAssociationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Content": { - "resource": "Content", - "arn": "arn:${Partition}:wisdom:${Region}:${Account}:content/${KnowledgeBaseId}/${ContentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "KnowledgeBase": { - "resource": "KnowledgeBase", - "arn": "arn:${Partition}:wisdom:${Region}:${Account}:knowledge-base/${KnowledgeBaseId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Session": { - "resource": "Session", - "arn": "arn:${Partition}:wisdom:${Region}:${Account}:session/${AssistantId}/${SessionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "String" - } - } - }, - "dlm": { - "service_name": "Amazon Data Lifecycle Manager", - "prefix": "dlm", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondatalifecyclemanager.html", - "privileges": { - "CreateLifecyclePolicy": { - "privilege": "CreateLifecyclePolicy", - "description": "Grants permission to create a data lifecycle policy to manage the scheduled creation and retention of Amazon EBS snapshots. You may have up to 100 policies", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_CreateLifecyclePolicy.html" - }, - "DeleteLifecyclePolicy": { - "privilege": "DeleteLifecyclePolicy", - "description": "Grants permission to delete an existing data lifecycle policy. In addition, this action halts the creation and deletion of snapshots that the policy specified. Existing snapshots are not affected", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_DeleteLifecyclePolicy.html" - }, - "GetLifecyclePolicies": { - "privilege": "GetLifecyclePolicies", - "description": "Grants permission to returns a list of summary descriptions of data lifecycle policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_GetLifecyclePolicies.html" - }, - "GetLifecyclePolicy": { - "privilege": "GetLifecyclePolicy", - "description": "Grants permission to return a complete description of a single data lifecycle policy", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_GetLifecyclePolicy.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags associated with a resource", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update tags of a resource", - "access_level": "Tagging", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags associated with a resource", - "access_level": "Tagging", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_UntagResource.html" - }, - "UpdateLifecyclePolicy": { - "privilege": "UpdateLifecyclePolicy", - "description": "Grants permission to update an existing data lifecycle policy", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_UpdateLifecyclePolicy.html" - } - }, - "resources": { - "policy": { - "resource": "policy", - "arn": "arn:${Partition}:dlm:${Region}:${Account}:policy/${ResourceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "datazone": { - "service_name": "Amazon DataZone", - "prefix": "datazone", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondatazone.html", - "privileges": { - "GetProject": { - "privilege": "GetProject", - "description": "Grants permission to retrieve information about an Amazon DataZone project", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetProjectConfiguration": { - "privilege": "GetProjectConfiguration", - "description": "Grants permission to retrieve configuration information for an Amazon DataZone project", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetProjectCredentials": { - "privilege": "GetProjectCredentials", - "description": "Grants permission to retrieve credentials for an Amazon DataZone project", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to retrieve all Amazon DataZone projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListUserProjects": { - "privilege": "ListUserProjects", - "description": "Grants permission to retrieve all Amazon DataZone projects for a user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - } - }, - "resources": {}, - "conditions": {} - }, - "datazonecontrol": { - "service_name": "Amazon DataZone Control", - "prefix": "datazonecontrol", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondatazonecontrol.html", - "privileges": { - "CreateAccountAssociationInvitation": { - "privilege": "CreateAccountAssociationInvitation", - "description": "Grants permission to request association of an account with a given domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "CreateDataSource": { - "privilege": "CreateDataSource", - "description": "Grants permission to create Amazon DataZone data sources used for publishing and subscribing to data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to provision a root-domain which is a top level entity that contains other Amazon DataZone resources", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "DeleteDataSource": { - "privilege": "DeleteDataSource", - "description": "Grants permission to delete a data source", - "access_level": "Write", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete a provisioned root-domain", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "DissociateAccount": { - "privilege": "DissociateAccount", - "description": "Grants permission to disassociate an account with a given domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetAssociatedDomain": { - "privilege": "GetAssociatedDomain", - "description": "Grants permission to retrieve information about any associated domain in the associated account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetDataSourceByEnvironment": { - "privilege": "GetDataSourceByEnvironment", - "description": "Grants permission to retrieve any data source under any domain for a given root-domain", - "access_level": "Read", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetDomain": { - "privilege": "GetDomain", - "description": "Grants permission to retrieve information about any domain in the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetEnvironment": { - "privilege": "GetEnvironment", - "description": "Grants permission to retrieve information about a root-domain", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetMetadataCollector": { - "privilege": "GetMetadataCollector", - "description": "Grants permission to retrieve a publishing job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "GetUserPortalLoginAuthCode": { - "privilege": "GetUserPortalLoginAuthCode", - "description": "Grants permission to retrieve credentials to log into Amazon DataZone data portal from AWS management console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListAccountAssociationInvitations": { - "privilege": "ListAccountAssociationInvitations", - "description": "Grants permission to retrieve all account-association invitations for a given associated account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListAllAssociatedAccountsForEnvironment": { - "privilege": "ListAllAssociatedAccountsForEnvironment", - "description": "Grants permission to list all associated accounts under the given root-domain, including accounts associated to its sub-domains", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListAssociatedEnvironments": { - "privilege": "ListAssociatedEnvironments", - "description": "Grants permission to lists all the associated domains for a given associated account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListDataSources": { - "privilege": "ListDataSources", - "description": "Grants permission to retrieve all data sources under any domain in the associated account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListDataSourcesByEnvironment": { - "privilege": "ListDataSourcesByEnvironment", - "description": "Grants permission to retrieve all data sources under any domain for a given root-domain", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list all the sub-domains for a given domain or a root-domain", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListEnvironment": { - "privilege": "ListEnvironment", - "description": "Grants permission to retrieve all root-domains", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListMetadataCollectorRuns": { - "privilege": "ListMetadataCollectorRuns", - "description": "Grants permission to list all runs for a given publishing job through Amazon DataZone console for a data source", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListMetadataCollectors": { - "privilege": "ListMetadataCollectors", - "description": "Grants permission to retrieve all publishing jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to retrieve all Amazon DataZone projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve all tags associated with a resource", - "access_level": "Read", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "ReviewAccountAssociationInvitation": { - "privilege": "ReviewAccountAssociationInvitation", - "description": "Grants permission to accept or reject the pending association requests for the given account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update tags to a resource", - "access_level": "Tagging", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags associated with a resource", - "access_level": "Tagging", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "UpdateAccountAssociationDescription": { - "privilege": "UpdateAccountAssociationDescription", - "description": "Grants permission to update the description of the account association of the given associated account and given domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "UpdateDataSource": { - "privilege": "UpdateDataSource", - "description": "Grants permission to update a data source", - "access_level": "Write", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to update information for a root-domain", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" - } - }, - "resources": { - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:datazonecontrol:${Region}:${Account}:domain/${DomainId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "data-source": { - "resource": "data-source", - "arn": "arn:${Partition}:datazonecontrol:${Region}:${Account}:data-source/${DomainId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "detective": { - "service_name": "Amazon Detective", - "prefix": "detective", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondetective.html", - "privileges": { - "AcceptInvitation": { - "privilege": "AcceptInvitation", - "description": "Grants permission to accept an invitation to become a member of a behavior graph", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_AcceptInvitation.html" - }, - "BatchGetGraphMemberDatasources": { - "privilege": "BatchGetGraphMemberDatasources", - "description": "Grants permission to retrieve the datasource package history for the specified member accounts in a behavior graph managed by this account", - "access_level": "Read", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_BatchGetGraphMemberDatasources.html" - }, - "BatchGetMembershipDatasources": { - "privilege": "BatchGetMembershipDatasources", - "description": "Grants permission to retrieve the datasource package history of the caller account for the specified graphs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_BatchGetMembershipDatasources.html" - }, - "CreateGraph": { - "privilege": "CreateGraph", - "description": "Grants permission to create a behavior graph and begin to aggregate security information", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_CreateGraph.html" - }, - "CreateMembers": { - "privilege": "CreateMembers", - "description": "Grants permission to request the membership of one or more accounts in a behavior graph managed by this account", - "access_level": "Write", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_CreateMembers.html" - }, - "DeleteGraph": { - "privilege": "DeleteGraph", - "description": "Grants permission to delete a behavior graph and stop aggregating security information", - "access_level": "Write", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DeleteGraph.html" - }, - "DeleteMembers": { - "privilege": "DeleteMembers", - "description": "Grants permission to remove member accounts from a behavior graph managed by this account", - "access_level": "Write", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DeleteMembers.html" - }, - "DescribeOrganizationConfiguration": { - "privilege": "DescribeOrganizationConfiguration", - "description": "Grants permission to view the current configuration related to the Amazon Detective integration with AWS Organizations", - "access_level": "Read", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DescribeOrganizationConfiguration.html" - }, - "DisableOrganizationAdminAccount": { - "privilege": "DisableOrganizationAdminAccount", - "description": "Grants permission to remove the Amazon Detective delegated administrator account for an organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DisableOrganizationAdminAccount.html" - }, - "DisassociateMembership": { - "privilege": "DisassociateMembership", - "description": "Grants permission to remove the association of this account with a behavior graph", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DisassociateMembership.html" - }, - "EnableOrganizationAdminAccount": { - "privilege": "EnableOrganizationAdminAccount", - "description": "Grants permission to designate the Amazon Detective delegated administrator account for an organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "organizations:DescribeOrganization", - "organizations:EnableAWSServiceAccess", - "organizations:RegisterDelegatedAdministrator" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_EnableOrganizationAdminAccount.html" - }, - "GetFreeTrialEligibility": { - "privilege": "GetFreeTrialEligibility", - "description": "Grants permission to retrieve a behavior graph's eligibility for a free trial period", - "access_level": "Read", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/free-trial-overview.html" - }, - "GetGraphIngestState": { - "privilege": "GetGraphIngestState", - "description": "Grants permission to retrieve the data ingestion state of a behavior graph", - "access_level": "Read", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/detective-source-data-about.html" - }, - "GetMembers": { - "privilege": "GetMembers", - "description": "Grants permission to retrieve details on specified members of a behavior graph", - "access_level": "Read", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_GetMembers.html" - }, - "GetPricingInformation": { - "privilege": "GetPricingInformation", - "description": "Grants permission to retrieve information about Amazon Detective's pricing", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/usage-projected-cost-calculation.html" - }, - "GetUsageInformation": { - "privilege": "GetUsageInformation", - "description": "Grants permission to list usage information of a behavior graph", - "access_level": "Read", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/tracking-usage-logging.html" - }, - "ListDatasourcePackages": { - "privilege": "ListDatasourcePackages", - "description": "Grants permission to list a graph's datasource package ingest states and timestamps for the most recent state changes in a behavior graph managed by this account", - "access_level": "List", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListDatasourcePackages.html" - }, - "ListGraphs": { - "privilege": "ListGraphs", - "description": "Grants permission to list behavior graphs managed by this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListGraphs.html" - }, - "ListHighDegreeEntities": { - "privilege": "ListHighDegreeEntities", - "description": "Grants permission to retrieve high volume entities whose relationships cannot be stored by Detective", - "access_level": "List", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/userguide/high-volume-entities.html" - }, - "ListInvitations": { - "privilege": "ListInvitations", - "description": "Grants permission to retrieve details on the behavior graphs to which this account has been invited to join", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListInvitations.html" - }, - "ListMembers": { - "privilege": "ListMembers", - "description": "Grants permission to retrieve details on all members of a behavior graph", - "access_level": "List", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListMembers.html" - }, - "ListOrganizationAdminAccount": { - "privilege": "ListOrganizationAdminAccount", - "description": "Grants permission to view the current Amazon Detective delegated administrator account for an organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListOrganizationAdminAccounts.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tag values that are assigned to a behavior graph", - "access_level": "List", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListTagsForResource.html" - }, - "RejectInvitation": { - "privilege": "RejectInvitation", - "description": "Grants permission to reject an invitation to become a member of a behavior graph", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_RejectInvitation.html" - }, - "SearchGraph": { - "privilege": "SearchGraph", - "description": "Grants permission to search the data stored in a behavior graph", - "access_level": "Read", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/userguide/detective-search.html" - }, - "StartMonitoringMember": { - "privilege": "StartMonitoringMember", - "description": "Grants permission to start data ingest for a member account that has a status of ACCEPTED_BUT_DISABLED", - "access_level": "Write", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_StartMonitoringMember.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign tag values to a behavior graph", - "access_level": "Tagging", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tag values from a behavior graph", - "access_level": "Tagging", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_UntagResource.html" - }, - "UpdateDatasourcePackages": { - "privilege": "UpdateDatasourcePackages", - "description": "Grants permission to enable or disable datasource package(s) in a behavior graph managed by this account", - "access_level": "Write", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_UpdateDatasourcePackages.html" - }, - "UpdateOrganizationConfiguration": { - "privilege": "UpdateOrganizationConfiguration", - "description": "Grants permission to update the current configuration related to the Amazon Detective integration with AWS Organizations", - "access_level": "Write", - "resource_types": { - "Graph": { - "resource_type": "Graph", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_UpdateOrganizationConfiguration.html" - } - }, - "resources": { - "Graph": { - "resource": "Graph", - "arn": "arn:${Partition}:detective:${Region}:${Account}:graph:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by specifying the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by specifying the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by specifying the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "devops-guru": { - "service_name": "Amazon DevOps Guru", - "prefix": "devops-guru", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondevopsguru.html", - "privileges": { - "AddNotificationChannel": { - "privilege": "AddNotificationChannel", - "description": "Grants permission to add a notification channel to DevOps Guru", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sns:GetTopicAttributes", - "sns:SetTopicAttributes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_AddNotificationChannel.html" - }, - "DeleteInsight": { - "privilege": "DeleteInsight", - "description": "Grants permission to delete specified insight in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DeleteInsight.html" - }, - "DescribeAccountHealth": { - "privilege": "DescribeAccountHealth", - "description": "Grants permission to view the health of operations in your AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeAccountHealth.html" - }, - "DescribeAccountOverview": { - "privilege": "DescribeAccountOverview", - "description": "Grants permission to view the health of operations within a time range in your AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeAccountOverview.html" - }, - "DescribeAnomaly": { - "privilege": "DescribeAnomaly", - "description": "Grants permission to list the details of a specified anomaly", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeAnomaly.html" - }, - "DescribeEventSourcesConfig": { - "privilege": "DescribeEventSourcesConfig", - "description": "Grants permission to retrieve details about event sources for DevOps Guru", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeEventSourcesConfig.html" - }, - "DescribeFeedback": { - "privilege": "DescribeFeedback", - "description": "Grants permission to view the feedback details of a specified insight", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeFeedback.html" - }, - "DescribeInsight": { - "privilege": "DescribeInsight", - "description": "Grants permission to list the details of a specified insight", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeInsight.html" - }, - "DescribeOrganizationHealth": { - "privilege": "DescribeOrganizationHealth", - "description": "Grants permission to view the health of operations in your organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeOrganizationHealth.html" - }, - "DescribeOrganizationOverview": { - "privilege": "DescribeOrganizationOverview", - "description": "Grants permission to view the health of operations within a time range in your organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeOrganizationOverview.html" - }, - "DescribeOrganizationResourceCollectionHealth": { - "privilege": "DescribeOrganizationResourceCollectionHealth", - "description": "Grants permission to view the health of operations for each AWS CloudFormation stack or AWS Services or accounts specified in DevOps Guru in your organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeOrganizationResourceCollectionHealth.html" - }, - "DescribeResourceCollectionHealth": { - "privilege": "DescribeResourceCollectionHealth", - "description": "Grants permission to view the health of operations for each AWS CloudFormation stack specified in DevOps Guru", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeResourceCollectionHealth.html" - }, - "DescribeServiceIntegration": { - "privilege": "DescribeServiceIntegration", - "description": "Grants permission to view the integration status of services that can be integrated with DevOps Guru", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeServiceIntegration.html" - }, - "GetCostEstimation": { - "privilege": "GetCostEstimation", - "description": "Grants permission to list service resource cost estimates", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_GetCostEstimation.html" - }, - "GetResourceCollection": { - "privilege": "GetResourceCollection", - "description": "Grants permission to list AWS CloudFormation stacks that DevOps Guru is configured to use", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_GetResourceCollection.html" - }, - "ListAnomaliesForInsight": { - "privilege": "ListAnomaliesForInsight", - "description": "Grants permission to list anomalies of a given insight in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "devops-guru:ServiceNames" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListAnomaliesForInsight.html" - }, - "ListAnomalousLogGroups": { - "privilege": "ListAnomalousLogGroups", - "description": "Grants permission to list log anomalies of a given insight in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListAnomalousLogGroups.html" - }, - "ListEvents": { - "privilege": "ListEvents", - "description": "Grants permission to list resource events that are evaluated by DevOps Guru", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListEvents.html" - }, - "ListInsights": { - "privilege": "ListInsights", - "description": "Grants permission to list insights in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListInsights.html" - }, - "ListMonitoredResources": { - "privilege": "ListMonitoredResources", - "description": "Grants permission to list resource monitored by DevOps Guru in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListMonitoredResources.html" - }, - "ListNotificationChannels": { - "privilege": "ListNotificationChannels", - "description": "Grants permission to list notification channels configured for DevOps Guru in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListNotificationChannels.html" - }, - "ListOrganizationInsights": { - "privilege": "ListOrganizationInsights", - "description": "Grants permission to list insights in your organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListOrganizationInsights.html" - }, - "ListRecommendations": { - "privilege": "ListRecommendations", - "description": "Grants permission to list a specified insight's recommendations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListRecommendations.html" - }, - "PutFeedback": { - "privilege": "PutFeedback", - "description": "Grants permission to submit a feedback to DevOps Guru", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_PutFeedback.html" - }, - "RemoveNotificationChannel": { - "privilege": "RemoveNotificationChannel", - "description": "Grants permission to remove a notification channel from DevOps Guru", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sns:GetTopicAttributes", - "sns:SetTopicAttributes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_RemoveNotificationChannel.html" - }, - "SearchInsights": { - "privilege": "SearchInsights", - "description": "Grants permission to search insights in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "devops-guru:ServiceNames" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_SearchInsights.html" - }, - "SearchOrganizationInsights": { - "privilege": "SearchOrganizationInsights", - "description": "Grants permission to search insights in your organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_SearchOrganizationInsights.html" - }, - "StartCostEstimation": { - "privilege": "StartCostEstimation", - "description": "Grants permission to start the creation of an estimate of the monthly cost", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_StartCostEstimation.html" - }, - "UpdateEventSourcesConfig": { - "privilege": "UpdateEventSourcesConfig", - "description": "Grants permission to update an event source for DevOps Guru", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_UpdateEventSourcesConfig.html" - }, - "UpdateResourceCollection": { - "privilege": "UpdateResourceCollection", - "description": "Grants permission to update the list of AWS CloudFormation stacks that are used to specify which AWS resources in your account are analyzed by DevOps Guru", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_UpdateResourceCollection.html" - }, - "UpdateServiceIntegration": { - "privilege": "UpdateServiceIntegration", - "description": "Grants permission to enable or disable a service that integrates with DevOps Guru", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_UpdateServiceIntegration.html" - } - }, - "resources": { - "topic": { - "resource": "topic", - "arn": "arn:${Partition}:sns:${Region}:${Account}:${TopicName}", - "condition_keys": [] - } - }, - "conditions": { - "devops-guru:ServiceNames": { - "condition": "devops-guru:ServiceNames", - "description": "Filters access by API to restrict access to given AWS service names", - "type": "ArrayOfString" - } - } - }, - "docdb-elastic": { - "service_name": "Amazon DocumentDB Elastic Clusters", - "prefix": "docdb-elastic", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondocumentdbelasticclusters.html", - "privileges": { - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create a new Amazon DocDB-Elastic cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:CreateVpcEndpoint", - "ec2:DeleteVpcEndpoints", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "ec2:ModifyVpcEndpoint", - "iam:CreateServiceLinkedRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "secretsmanager:DescribeSecret", - "secretsmanager:GetResourcePolicy", - "secretsmanager:GetSecretValue", - "secretsmanager:ListSecretVersionIds", - "secretsmanager:ListSecrets" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_CreateCluster.html" - }, - "CreateClusterSnapshot": { - "privilege": "CreateClusterSnapshot", - "description": "Grants permission to create a new Amazon DocDB-Elastic cluster snapshot", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateVpcEndpoint", - "ec2:DeleteVpcEndpoints", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "ec2:ModifyVpcEndpoint", - "iam:CreateServiceLinkedRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "secretsmanager:DescribeSecret", - "secretsmanager:GetResourcePolicy", - "secretsmanager:GetSecretValue", - "secretsmanager:ListSecretVersionIds", - "secretsmanager:ListSecrets" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_CreateClusterSnapshot.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permission to delete a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteVpcEndpoints", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "ec2:ModifyVpcEndpoint" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_DeleteCluster.html" - }, - "DeleteClusterSnapshot": { - "privilege": "DeleteClusterSnapshot", - "description": "Grants permission to delete a cluster snapshot", - "access_level": "Write", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteVpcEndpoints", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "ec2:ModifyVpcEndpoint" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_DeleteClusterSnapshot.html" - }, - "GetCluster": { - "privilege": "GetCluster", - "description": "Grants permission to view details about a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_GetCluster.html" - }, - "GetClusterSnapshot": { - "privilege": "GetClusterSnapshot", - "description": "Grants permission to view details about a cluster snapshot", - "access_level": "Read", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_GetClusterSnapshot.html" - }, - "ListClusterSnapshots": { - "privilege": "ListClusterSnapshots", - "description": "Grants permission to list the cluster snapshots in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_ListClusterSnapshots.html" - }, - "ListClusters": { - "privilege": "ListClusters", - "description": "Grants permission to list the clusters in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_ListClusters.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tag for an DocumentDB Elastic resource", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_ListTagsForResource.html" - }, - "RestoreClusterFromSnapshot": { - "privilege": "RestoreClusterFromSnapshot", - "description": "Grants permission to restore cluster from a Amazon DocDB-Elastic cluster snapshot", - "access_level": "Write", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateVpcEndpoint", - "ec2:DeleteVpcEndpoints", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "ec2:ModifyVpcEndpoint", - "iam:CreateServiceLinkedRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "secretsmanager:DescribeSecret", - "secretsmanager:GetResourcePolicy", - "secretsmanager:GetSecretValue", - "secretsmanager:ListSecretVersionIds", - "secretsmanager:ListSecrets" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_RestoreClusterFromSnapshot.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an DocumentDB Elastic resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a DocumentDB Elastic resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_UntagResource.html" - }, - "UpdateCluster": { - "privilege": "UpdateCluster", - "description": "Grants permission to modify a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateVpcEndpoint", - "ec2:DeleteVpcEndpoints", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "ec2:ModifyVpcEndpoint", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "secretsmanager:DescribeSecret", - "secretsmanager:GetResourcePolicy", - "secretsmanager:GetSecretValue", - "secretsmanager:ListSecretVersionIds", - "secretsmanager:ListSecrets" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_UpdateCluster.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:docdb-elastic:${Region}:${Account}:cluster/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "cluster-snapshot": { - "resource": "cluster-snapshot", - "arn": "arn:${Partition}:docdb-elastic:${Region}:${Account}:cluster-snapshot/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the set of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the set of tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the set of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "dynamodb": { - "service_name": "Amazon DynamoDB", - "prefix": "dynamodb", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondynamodb.html", - "privileges": { - "BatchGetItem": { - "privilege": "BatchGetItem", - "description": "Grants permission to return the attributes of one or more items from one or more tables", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:Select" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchGetItem.html" - }, - "BatchWriteItem": { - "privilege": "BatchWriteItem", - "description": "Grants permission to put or delete multiple items in one or more tables", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchWriteItem.html" - }, - "ConditionCheckItem": { - "privilege": "ConditionCheckItem", - "description": "Grants permission to the ConditionCheckItem operation checks the existence of a set of attributes for the item with the given primary key", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:ReturnValues" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ConditionCheck.html" - }, - "CreateBackup": { - "privilege": "CreateBackup", - "description": "Grants permission to create a backup for an existing table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateBackup.html" - }, - "CreateGlobalTable": { - "privilege": "CreateGlobalTable", - "description": "Grants permission to create a global table from an existing table", - "access_level": "Write", - "resource_types": { - "global-table": { - "resource_type": "global-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateGlobalTable.html" - }, - "CreateTable": { - "privilege": "CreateTable", - "description": "Grants permission to the CreateTable operation adds a new table to your account", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html" - }, - "CreateTableReplica": { - "privilege": "CreateTableReplica", - "description": "Grants permission to add a new replica table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/V2gt_IAM.html" - }, - "DeleteBackup": { - "privilege": "DeleteBackup", - "description": "Grants permission to delete an existing backup of a table", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteBackup.html" - }, - "DeleteItem": { - "privilege": "DeleteItem", - "description": "Grants permission to deletes a single item in a table by primary key", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:ReturnValues" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteItem.html" - }, - "DeleteTable": { - "privilege": "DeleteTable", - "description": "Grants permission to the DeleteTable operation which deletes a table and all of its items", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteTable.html" - }, - "DeleteTableReplica": { - "privilege": "DeleteTableReplica", - "description": "Grants permission to delete a replica table and all of its items", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/V2gt_IAM.html" - }, - "DescribeBackup": { - "privilege": "DescribeBackup", - "description": "Grants permission to describe an existing backup of a table", - "access_level": "Read", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeBackup.html" - }, - "DescribeContinuousBackups": { - "privilege": "DescribeContinuousBackups", - "description": "Grants permission to check the status of the backup restore settings on the specified table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeContinuousBackups.html" - }, - "DescribeContributorInsights": { - "privilege": "DescribeContributorInsights", - "description": "Grants permission to describe the contributor insights status and related details for a given table or global secondary index", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeContributorInsights.html" - }, - "DescribeEndpoints": { - "privilege": "DescribeEndpoints", - "description": "Grants permission to return the regional endpoint information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeEndpoints.html" - }, - "DescribeExport": { - "privilege": "DescribeExport", - "description": "Grants permission to describe an existing Export of a table", - "access_level": "Read", - "resource_types": { - "export": { - "resource_type": "export", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeExport.html" - }, - "DescribeGlobalTable": { - "privilege": "DescribeGlobalTable", - "description": "Grants permission to return information about the specified global table", - "access_level": "Read", - "resource_types": { - "global-table": { - "resource_type": "global-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeGlobalTable.html" - }, - "DescribeGlobalTableSettings": { - "privilege": "DescribeGlobalTableSettings", - "description": "Grants permission to return settings information about the specified global table", - "access_level": "Read", - "resource_types": { - "global-table": { - "resource_type": "global-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeGlobalTableSettings.html" - }, - "DescribeImport": { - "privilege": "DescribeImport", - "description": "Grants permission to describe an existing import", - "access_level": "Read", - "resource_types": { - "import": { - "resource_type": "import", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeImport.html" - }, - "DescribeKinesisStreamingDestination": { - "privilege": "DescribeKinesisStreamingDestination", - "description": "Grants permission to grant permission to describe the status of Kinesis streaming and related details for a given table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeKinesisStreamingDestination.html" - }, - "DescribeLimits": { - "privilege": "DescribeLimits", - "description": "Grants permission to return the current provisioned-capacity limits for your AWS account in a region, both for the region as a whole and for any one DynamoDB table that you create there", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeLimits.html" - }, - "DescribeReservedCapacity": { - "privilege": "DescribeReservedCapacity", - "description": "Grants permission to describe one or more of the Reserved Capacity purchased", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/iam-policy-prevent-purchase-reserved-capacity.html" - }, - "DescribeReservedCapacityOfferings": { - "privilege": "DescribeReservedCapacityOfferings", - "description": "Grants permission to describe Reserved Capacity offerings that are available for purchase", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/iam-policy-prevent-purchase-reserved-capacity.html" - }, - "DescribeStream": { - "privilege": "DescribeStream", - "description": "Grants permission to return information about a stream, including the current status of the stream, its Amazon Resource Name (ARN), the composition of its shards, and its corresponding DynamoDB table", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_DescribeStream.html" - }, - "DescribeTable": { - "privilege": "DescribeTable", - "description": "Grants permission to return information about the table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTable.html" - }, - "DescribeTableReplicaAutoScaling": { - "privilege": "DescribeTableReplicaAutoScaling", - "description": "Grants permission to describe the auto scaling settings across all replicas of the global table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTableReplicaAutoScaling.html" - }, - "DescribeTimeToLive": { - "privilege": "DescribeTimeToLive", - "description": "Grants permission to give a description of the Time to Live (TTL) status on the specified table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTimeToLive.html" - }, - "DisableKinesisStreamingDestination": { - "privilege": "DisableKinesisStreamingDestination", - "description": "Grants permission to grant permission to stop replication from the DynamoDB table to the Kinesis data stream", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DisableKinesisStreamingDestination.html" - }, - "EnableKinesisStreamingDestination": { - "privilege": "EnableKinesisStreamingDestination", - "description": "Grants permission to grant permission to start table data replication to the specified Kinesis data stream at a timestamp chosen during the enable workflow", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_EnableKinesisStreamingDestination.html" - }, - "ExportTableToPointInTime": { - "privilege": "ExportTableToPointInTime", - "description": "Grants permission to initiate an Export of a DynamoDB table to S3", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExportTableToPointInTime.html" - }, - "GetItem": { - "privilege": "GetItem", - "description": "Grants permission to the GetItem operation that returns a set of attributes for the item with the given primary key", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:Select" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_GetItem.html" - }, - "GetRecords": { - "privilege": "GetRecords", - "description": "Grants permission to retrieve the stream records from a given shard", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetRecords.html" - }, - "GetShardIterator": { - "privilege": "GetShardIterator", - "description": "Grants permission to return a shard iterator", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html" - }, - "ImportTable": { - "privilege": "ImportTable", - "description": "Grants permission to initiate an import from S3 to a DynamoDB table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ImportTable.html" - }, - "ListBackups": { - "privilege": "ListBackups", - "description": "Grants permission to list backups associated with the account and endpoint", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListBackups.html" - }, - "ListContributorInsights": { - "privilege": "ListContributorInsights", - "description": "Grants permission to list the ContributorInsightsSummary for all tables and global secondary indexes associated with the current account and endpoint", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListContributorInsights.html" - }, - "ListExports": { - "privilege": "ListExports", - "description": "Grants permission to list exports associated with the account and endpoint", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListExports.html" - }, - "ListGlobalTables": { - "privilege": "ListGlobalTables", - "description": "Grants permission to list all global tables that have a replica in the specified region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListGlobalTables.html" - }, - "ListImports": { - "privilege": "ListImports", - "description": "Grants permission to list imports associated with the account and endpoint", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListImports.html" - }, - "ListStreams": { - "privilege": "ListStreams", - "description": "Grants permission to return an array of stream ARNs associated with the current account and endpoint", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_ListStreams.html" - }, - "ListTables": { - "privilege": "ListTables", - "description": "Grants permission to return an array of table names associated with the current account and endpoint", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListTables.html" - }, - "ListTagsOfResource": { - "privilege": "ListTagsOfResource", - "description": "Grants permission to list all tags on an Amazon DynamoDB resource", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListTagsOfResource.html" - }, - "PartiQLDelete": { - "privilege": "PartiQLDelete", - "description": "Grants permission to delete a single item in a table by primary key", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:LeadingKeys", - "dynamodb:ReturnValues" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" - }, - "PartiQLInsert": { - "privilege": "PartiQLInsert", - "description": "Grants permission to create a new item, if an item with same primary key does not exist in the table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:LeadingKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" - }, - "PartiQLSelect": { - "privilege": "PartiQLSelect", - "description": "Grants permission to read a set of attributes for items from a table or index", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:FullTableScan", - "dynamodb:LeadingKeys", - "dynamodb:Select" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" - }, - "PartiQLUpdate": { - "privilege": "PartiQLUpdate", - "description": "Grants permission to edit an existing item's attributes", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:LeadingKeys", - "dynamodb:ReturnValues" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" - }, - "PurchaseReservedCapacityOfferings": { - "privilege": "PurchaseReservedCapacityOfferings", - "description": "Grants permission to purchases reserved capacity for use with your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/iam-policy-prevent-purchase-reserved-capacity.html" - }, - "PutItem": { - "privilege": "PutItem", - "description": "Grants permission to create a new item, or replace an old item with a new item", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:ReturnValues" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutItem.html" - }, - "Query": { - "privilege": "Query", - "description": "Grants permission to use the primary key of a table or a secondary index to directly access items from that table or index", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:ReturnValues", - "dynamodb:Select" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Query.html" - }, - "RestoreTableFromAwsBackup": { - "privilege": "RestoreTableFromAwsBackup", - "description": "Grants permission to create a new table from recovery point on AWS Backup", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/UsageNotesAWS.html" - }, - "RestoreTableFromBackup": { - "privilege": "RestoreTableFromBackup", - "description": "Grants permission to create a new table from an existing backup", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dynamodb:BatchWriteItem", - "dynamodb:DeleteItem", - "dynamodb:GetItem", - "dynamodb:PutItem", - "dynamodb:Query", - "dynamodb:Scan", - "dynamodb:UpdateItem" - ] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_RestoreTableFromBackup.html" - }, - "RestoreTableToPointInTime": { - "privilege": "RestoreTableToPointInTime", - "description": "Grants permission to restore a table to a point in time", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dynamodb:BatchWriteItem", - "dynamodb:DeleteItem", - "dynamodb:GetItem", - "dynamodb:PutItem", - "dynamodb:Query", - "dynamodb:Scan", - "dynamodb:UpdateItem" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_RestoreTableToPointInTime.html" - }, - "Scan": { - "privilege": "Scan", - "description": "Grants permission to return one or more items and item attributes by accessing every item in a table or a secondary index", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:ReturnValues", - "dynamodb:Select" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Scan.html" - }, - "StartAwsBackupJob": { - "privilege": "StartAwsBackupJob", - "description": "Grants permission to create a backup on AWS Backup with advanced features enabled", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/UsageNotesAWS.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate a set of tags with an Amazon DynamoDB resource", - "access_level": "Tagging", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the association of tags from an Amazon DynamoDB resource", - "access_level": "Tagging", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UntagResource.html" - }, - "UpdateContinuousBackups": { - "privilege": "UpdateContinuousBackups", - "description": "Grants permission to enable or disable continuous backups", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateContinuousBackups.html" - }, - "UpdateContributorInsights": { - "privilege": "UpdateContributorInsights", - "description": "Grants permission to update the status for contributor insights for a specific table or global secondary index", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateContributorInsights.html" - }, - "UpdateGlobalTable": { - "privilege": "UpdateGlobalTable", - "description": "Grants permission to add or remove replicas in the specified global table", - "access_level": "Write", - "resource_types": { - "global-table": { - "resource_type": "global-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateGlobalTable.html" - }, - "UpdateGlobalTableSettings": { - "privilege": "UpdateGlobalTableSettings", - "description": "Grants permission to update settings of the specified global table", - "access_level": "Write", - "resource_types": { - "global-table": { - "resource_type": "global-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateGlobalTableSettings.html" - }, - "UpdateGlobalTableVersion": { - "privilege": "UpdateGlobalTableVersion", - "description": "Grants permission to update version of the specified global table", - "access_level": "Write", - "resource_types": { - "global-table": { - "resource_type": "global-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/V2globaltables_upgrade.html" - }, - "UpdateItem": { - "privilege": "UpdateItem", - "description": "Grants permission to edit an existing item's attributes, or adds a new item to the table if it does not already exist", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dynamodb:Attributes", - "dynamodb:EnclosingOperation", - "dynamodb:LeadingKeys", - "dynamodb:ReturnConsumedCapacity", - "dynamodb:ReturnValues" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateItem.html" - }, - "UpdateTable": { - "privilege": "UpdateTable", - "description": "Grants permission to modify the provisioned throughput settings, global secondary indexes, or DynamoDB Streams settings for a given table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateTable.html" - }, - "UpdateTableReplicaAutoScaling": { - "privilege": "UpdateTableReplicaAutoScaling", - "description": "Grants permission to update auto scaling settings on your replica table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateTableReplicaAutoScaling.html" - }, - "UpdateTimeToLive": { - "privilege": "UpdateTimeToLive", - "description": "Grants permission to enable or disable TTL for the specified table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateTimeToLive.html" - } - }, - "resources": { - "index": { - "resource": "index", - "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/index/${IndexName}", - "condition_keys": [] - }, - "stream": { - "resource": "stream", - "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/stream/${StreamLabel}", - "condition_keys": [] - }, - "table": { - "resource": "table", - "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}", - "condition_keys": [] - }, - "backup": { - "resource": "backup", - "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/backup/${BackupName}", - "condition_keys": [] - }, - "export": { - "resource": "export", - "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/export/${ExportName}", - "condition_keys": [] - }, - "global-table": { - "resource": "global-table", - "arn": "arn:${Partition}:dynamodb::${Account}:global-table/${GlobalTableName}", - "condition_keys": [] - }, - "import": { - "resource": "import", - "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/import/${ImportName}", - "condition_keys": [] - } - }, - "conditions": { - "dynamodb:Attributes": { - "condition": "dynamodb:Attributes", - "description": "Filters access by attribute (field or column) names of the table", - "type": "ArrayOfString" - }, - "dynamodb:EnclosingOperation": { - "condition": "dynamodb:EnclosingOperation", - "description": "Filters access by blocking Transactions APIs calls and allow the non-Transaction APIs calls and vice-versa", - "type": "String" - }, - "dynamodb:FullTableScan": { - "condition": "dynamodb:FullTableScan", - "description": "Filters access by blocking full table scan", - "type": "Bool" - }, - "dynamodb:LeadingKeys": { - "condition": "dynamodb:LeadingKeys", - "description": "Filters access by the partition key of the table", - "type": "ArrayOfString" - }, - "dynamodb:ReturnConsumedCapacity": { - "condition": "dynamodb:ReturnConsumedCapacity", - "description": "Filters access by the ReturnConsumedCapacity parameter of a request. Contains either \"TOTAL\" or \"NONE\"", - "type": "String" - }, - "dynamodb:ReturnValues": { - "condition": "dynamodb:ReturnValues", - "description": "Filters access by the ReturnValues parameter of request. Contains one of the following: \"ALL_OLD\", \"UPDATED_OLD\",\"ALL_NEW\",\"UPDATED_NEW\", or \"NONE\"", - "type": "String" - }, - "dynamodb:Select": { - "condition": "dynamodb:Select", - "description": "Filters access by the Select parameter of a Query or Scan request", - "type": "String" - } - } - }, - "dax": { - "service_name": "Amazon DynamoDB Accelerator (DAX)", - "prefix": "dax", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondynamodbacceleratordax.html", - "privileges": { - "BatchGetItem": { - "privilege": "BatchGetItem", - "description": "Grants permission to return the attributes of one or more items from one or more tables", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchGetItem.html" - }, - "BatchWriteItem": { - "privilege": "BatchWriteItem", - "description": "Grants permission to put or delete multiple items in one or more tables", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchWriteItem.html" - }, - "ConditionCheckItem": { - "privilege": "ConditionCheckItem", - "description": "Grants permission to the ConditionCheckItem operation that checks the existence of a set of attributes for the item with the given primary key", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ConditionCheckItem.html" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create a DAX cluster", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dax:CreateParameterGroup", - "dax:CreateSubnetGroup", - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "iam:GetRole", - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateCluster.html" - }, - "CreateParameterGroup": { - "privilege": "CreateParameterGroup", - "description": "Grants permission to create a parameter group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateParameterGroup.html" - }, - "CreateSubnetGroup": { - "privilege": "CreateSubnetGroup", - "description": "Grants permission to create a subnet group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateSubnetGroup.html" - }, - "DecreaseReplicationFactor": { - "privilege": "DecreaseReplicationFactor", - "description": "Grants permission to remove one or more nodes from a DAX cluster", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DecreaseReplicationFactor.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permission to delete a previously provisioned DAX cluster", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteCluster.html" - }, - "DeleteItem": { - "privilege": "DeleteItem", - "description": "Grants permission to delete a single item in a table by primary key", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dax:EnclosingOperation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteItem.html" - }, - "DeleteParameterGroup": { - "privilege": "DeleteParameterGroup", - "description": "Grants permission to delete the specified parameter group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteParameterGroup.html" - }, - "DeleteSubnetGroup": { - "privilege": "DeleteSubnetGroup", - "description": "Grants permission to delete a subnet group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteSubnetGroup.html" - }, - "DescribeClusters": { - "privilege": "DescribeClusters", - "description": "Grants permission to return information about all provisioned DAX clusters", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeClusters.html" - }, - "DescribeDefaultParameters": { - "privilege": "DescribeDefaultParameters", - "description": "Grants permission to return the default system parameter information for DAX", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeDefaultParameters.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to return events related to DAX clusters and parameter groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeEvents.html" - }, - "DescribeParameterGroups": { - "privilege": "DescribeParameterGroups", - "description": "Grants permission to return a list of parameter group descriptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeParameterGroups.html" - }, - "DescribeParameters": { - "privilege": "DescribeParameters", - "description": "Grants permission to return the detailed parameter list for a particular parameter group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeParameters.html" - }, - "DescribeSubnetGroups": { - "privilege": "DescribeSubnetGroups", - "description": "Grants permission to return a list of subnet group descriptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeSubnetGroups.html" - }, - "GetItem": { - "privilege": "GetItem", - "description": "Grants permission to the GetItem operation that returns a set of attributes for the item with the given primary key", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dax:EnclosingOperation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_GetItem.html" - }, - "IncreaseReplicationFactor": { - "privilege": "IncreaseReplicationFactor", - "description": "Grants permission to add one or more nodes to a DAX cluster", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_IncreaseReplicationFactor.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to return a list all of the tags for a DAX cluster", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_ListTags.html" - }, - "PutItem": { - "privilege": "PutItem", - "description": "Grants permission to create a new item, or replace an old item with a new item", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dax:EnclosingOperation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutItem.html" - }, - "Query": { - "privilege": "Query", - "description": "Grants permission to use the primary key of a table or a secondary index to directly access items from that table or index", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Query.html" - }, - "RebootNode": { - "privilege": "RebootNode", - "description": "Grants permission to reboot a single node of a DAX cluster", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_RebootNode.html" - }, - "Scan": { - "privilege": "Scan", - "description": "Grants permission to return one or more items and item attributes by accessing every item in a table or a secondary index", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Scan.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate a set of tags with a DAX resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the association of tags from a DAX resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UntagResource.html" - }, - "UpdateCluster": { - "privilege": "UpdateCluster", - "description": "Grants permission to modify the settings for a DAX cluster", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateCluster.html" - }, - "UpdateItem": { - "privilege": "UpdateItem", - "description": "Grants permission to edit an existing item's attributes, or adds a new item to the table if it does not already exist", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "dax:EnclosingOperation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateItem.html" - }, - "UpdateParameterGroup": { - "privilege": "UpdateParameterGroup", - "description": "Grants permission to modify the parameters of a parameter group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateParameterGroup.html" - }, - "UpdateSubnetGroup": { - "privilege": "UpdateSubnetGroup", - "description": "Grants permission to modify an existing subnet group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateSubnetGroup.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:dax:${Region}:${Account}:cache/${ClusterName}", - "condition_keys": [] - } - }, - "conditions": { - "dax:EnclosingOperation": { - "condition": "dax:EnclosingOperation", - "description": "Used to block Transactions APIs calls and allow the non-Transaction APIs calls and vice-versa", - "type": "String" - } - } - }, - "ec2": { - "service_name": "Amazon EC2", - "prefix": "ec2", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html", - "privileges": { - "AcceptAddressTransfer": { - "privilege": "AcceptAddressTransfer", - "description": "Grants permission to accept an Elastic IP address transfer", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [ - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptAddressTransfer.html" - }, - "AcceptReservedInstancesExchangeQuote": { - "privilege": "AcceptReservedInstancesExchangeQuote", - "description": "Grants permission to accept a Convertible Reserved Instance exchange quote", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptReservedInstancesExchangeQuote.html" - }, - "AcceptTransitGatewayMulticastDomainAssociations": { - "privilege": "AcceptTransitGatewayMulticastDomainAssociations", - "description": "Grants permission to accept a request to associate subnets with a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayMulticastDomainAssociations.html" - }, - "AcceptTransitGatewayPeeringAttachment": { - "privilege": "AcceptTransitGatewayPeeringAttachment", - "description": "Grants permission to accept a transit gateway peering attachment request", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayPeeringAttachment.html" - }, - "AcceptTransitGatewayVpcAttachment": { - "privilege": "AcceptTransitGatewayVpcAttachment", - "description": "Grants permission to accept a request to attach a VPC to a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayVpcAttachment.html" - }, - "AcceptVpcEndpointConnections": { - "privilege": "AcceptVpcEndpointConnections", - "description": "Grants permission to accept one or more interface VPC endpoint connections to your VPC endpoint service", - "access_level": "Write", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptVpcEndpointConnections.html" - }, - "AcceptVpcPeeringConnection": { - "privilege": "AcceptVpcPeeringConnection", - "description": "Grants permission to accept a VPC peering connection request", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AccepterVpc", - "ec2:RequesterVpc", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcPeeringConnectionID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptVpcPeeringConnection.html" - }, - "AdvertiseByoipCidr": { - "privilege": "AdvertiseByoipCidr", - "description": "Grants permission to advertise an IP address range that is provisioned for use in AWS through bring your own IP addresses (BYOIP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AdvertiseByoipCidr.html" - }, - "AllocateAddress": { - "privilege": "AllocateAddress", - "description": "Grants permission to allocate an Elastic IP address (EIP) to your account", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateAddress.html" - }, - "AllocateHosts": { - "privilege": "AllocateHosts", - "description": "Grants permission to allocate a Dedicated Host to your account", - "access_level": "Write", - "resource_types": { - "dedicated-host": { - "resource_type": "dedicated-host", - "required": true, - "condition_keys": [ - "ec2:AutoPlacement", - "ec2:AvailabilityZone", - "ec2:HostRecovery", - "ec2:InstanceType", - "ec2:Quantity" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateHosts.html" - }, - "AllocateIpamPoolCidr": { - "privilege": "AllocateIpamPoolCidr", - "description": "Grants permission to allocate a CIDR from an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateIpamPoolCidr.html" - }, - "ApplySecurityGroupsToClientVpnTargetNetwork": { - "privilege": "ApplySecurityGroupsToClientVpnTargetNetwork", - "description": "Grants permission to apply a security group to the association between a Client VPN endpoint and a target network", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ApplySecurityGroupsToClientVpnTargetNetwork.html" - }, - "AssignIpv6Addresses": { - "privilege": "AssignIpv6Addresses", - "description": "Grants permission to assign one or more IPv6 addresses to a network interface", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignIpv6Addresses.html" - }, - "AssignPrivateIpAddresses": { - "privilege": "AssignPrivateIpAddresses", - "description": "Grants permission to assign one or more secondary private IP addresses to a network interface", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignPrivateIpAddresses.html" - }, - "AssignPrivateNatGatewayAddress": { - "privilege": "AssignPrivateNatGatewayAddress", - "description": "Grants permission to assign one or more secondary private IP addresses to a private NAT gateway", - "access_level": "Write", - "resource_types": { - "natgateway": { - "resource_type": "natgateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignPrivateNatGatewayAddress.html" - }, - "AssociateAddress": { - "privilege": "AssociateAddress", - "description": "Grants permission to associate an Elastic IP address (EIP) with an instance or a network interface", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateAddress.html" - }, - "AssociateClientVpnTargetNetwork": { - "privilege": "AssociateClientVpnTargetNetwork", - "description": "Grants permission to associate a target network with a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateClientVpnTargetNetwork.html" - }, - "AssociateDhcpOptions": { - "privilege": "AssociateDhcpOptions", - "description": "Grants permission to associate or disassociate a set of DHCP options with a VPC", - "access_level": "Write", - "resource_types": { - "dhcp-options": { - "resource_type": "dhcp-options", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:DhcpOptionsID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateDhcpOptions.html" - }, - "AssociateEnclaveCertificateIamRole": { - "privilege": "AssociateEnclaveCertificateIamRole", - "description": "Grants permission to associate an ACM certificate with an IAM role to be used in an EC2 Enclave", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateEnclaveCertificateIamRole.html" - }, - "AssociateIamInstanceProfile": { - "privilege": "AssociateIamInstanceProfile", - "description": "Grants permission to associate an IAM instance profile with a running or stopped instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:NewInstanceProfile", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html" - }, - "AssociateInstanceEventWindow": { - "privilege": "AssociateInstanceEventWindow", - "description": "Grants permission to associate one or more targets with an event window", - "access_level": "Write", - "resource_types": { - "instance-event-window": { - "resource_type": "instance-event-window", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateInstanceEventWindow.html" - }, - "AssociateIpamResourceDiscovery": { - "privilege": "AssociateIpamResourceDiscovery", - "description": "Grants permission to associate an IPAM resource discovery with an Amazon VPC IPAM", - "access_level": "Write", - "resource_types": { - "ipam": { - "resource_type": "ipam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-resource-discovery-association": { - "resource_type": "ipam-resource-discovery-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIpamResourceDiscovery.html" - }, - "AssociateNatGatewayAddress": { - "privilege": "AssociateNatGatewayAddress", - "description": "Grants permission to associate an Elastic IP address and private IP address with a public Nat gateway", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "natgateway": { - "resource_type": "natgateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateNatGatewayAddress.html" - }, - "AssociateRouteTable": { - "privilege": "AssociateRouteTable", - "description": "Grants permission to associate a subnet or gateway with a route table", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "internet-gateway": { - "resource_type": "internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateRouteTable.html" - }, - "AssociateSubnetCidrBlock": { - "privilege": "AssociateSubnetCidrBlock", - "description": "Grants permission to associate a CIDR block with a subnet", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateSubnetCidrBlock.html" - }, - "AssociateTransitGatewayMulticastDomain": { - "privilege": "AssociateTransitGatewayMulticastDomain", - "description": "Grants permission to associate an attachment and list of subnets with a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayMulticastDomain.html" - }, - "AssociateTransitGatewayPolicyTable": { - "privilege": "AssociateTransitGatewayPolicyTable", - "description": "Grants permission to associate a policy table with a transit gateway attachment", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayPolicyTable.html" - }, - "AssociateTransitGatewayRouteTable": { - "privilege": "AssociateTransitGatewayRouteTable", - "description": "Grants permission to associate an attachment with a transit gateway route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayRouteTable.html" - }, - "AssociateTrunkInterface": { - "privilege": "AssociateTrunkInterface", - "description": "Grants permission to associate a branch network interface with a trunk network interface", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTrunkInterface.html" - }, - "AssociateVerifiedAccessInstanceWebAcl": { - "privilege": "AssociateVerifiedAccessInstanceWebAcl", - "description": "Grants permission to associate an AWS Web Application Firewall (WAF) web access control list (ACL) with a Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" - }, - "AssociateVpcCidrBlock": { - "privilege": "AssociateVpcCidrBlock", - "description": "Grants permission to associate a CIDR block with a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Ipv4IpamPoolId", - "ec2:Ipv6IpamPoolId", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv6pool-ec2": { - "resource_type": "ipv6pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateVpcCidrBlock.html" - }, - "AttachClassicLinkVpc": { - "privilege": "AttachClassicLinkVpc", - "description": "Grants permission to link an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's security groups", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachClassicLinkVpc.html" - }, - "AttachInternetGateway": { - "privilege": "AttachInternetGateway", - "description": "Grants permission to attach an internet gateway to a VPC", - "access_level": "Write", - "resource_types": { - "internet-gateway": { - "resource_type": "internet-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachInternetGateway.html" - }, - "AttachNetworkInterface": { - "privilege": "AttachNetworkInterface", - "description": "Grants permission to attach a network interface to an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachNetworkInterface.html" - }, - "AttachVerifiedAccessTrustProvider": { - "privilege": "AttachVerifiedAccessTrustProvider", - "description": "Grants permission to attach a trust provider to a Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-trust-provider": { - "resource_type": "verified-access-trust-provider", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVerifiedAccessTrustProvider.html" - }, - "AttachVolume": { - "privilege": "AttachVolume", - "description": "Grants permission to attach an EBS volume to a running or stopped instance and expose it to the instance with the specified device name", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVolume.html" - }, - "AttachVpnGateway": { - "privilege": "AttachVpnGateway", - "description": "Grants permission to attach a virtual private gateway to a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVpnGateway.html" - }, - "AuthorizeClientVpnIngress": { - "privilege": "AuthorizeClientVpnIngress", - "description": "Grants permission to add an inbound authorization rule to a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeClientVpnIngress.html" - }, - "AuthorizeSecurityGroupEgress": { - "privilege": "AuthorizeSecurityGroupEgress", - "description": "Grants permission to add one or more outbound rules to a VPC security group. Policies using the security-group-rule resource-level permission are only enforced when the API request includes TagSpecifications", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "security-group-rule": { - "resource_type": "security-group-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeSecurityGroupEgress.html" - }, - "AuthorizeSecurityGroupIngress": { - "privilege": "AuthorizeSecurityGroupIngress", - "description": "Grants permission to add one or more inbound rules to a VPC security group. Policies using the security-group-rule resource-level permission are only enforced when the API request includes TagSpecifications", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "security-group-rule": { - "resource_type": "security-group-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeSecurityGroupIngress.html" - }, - "BundleInstance": { - "privilege": "BundleInstance", - "description": "Grants permission to bundle an instance store-backed Windows instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BundleInstance.html" - }, - "CancelBundleTask": { - "privilege": "CancelBundleTask", - "description": "Grants permission to cancel a bundling operation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelBundleTask.html" - }, - "CancelCapacityReservation": { - "privilege": "CancelCapacityReservation", - "description": "Grants permission to cancel a Capacity Reservation and release the reserved capacity", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:CapacityReservationFleet", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelCapacityReservation.html" - }, - "CancelCapacityReservationFleets": { - "privilege": "CancelCapacityReservationFleets", - "description": "Grants permission to cancel one or more Capacity Reservation Fleets", - "access_level": "Write", - "resource_types": { - "capacity-reservation-fleet": { - "resource_type": "capacity-reservation-fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelCapacityReservationFleets.html" - }, - "CancelConversionTask": { - "privilege": "CancelConversionTask", - "description": "Grants permission to cancel an active conversion task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelConversionTask.html" - }, - "CancelExportTask": { - "privilege": "CancelExportTask", - "description": "Grants permission to cancel an active export task", - "access_level": "Write", - "resource_types": { - "export-image-task": { - "resource_type": "export-image-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "export-instance-task": { - "resource_type": "export-instance-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelExportTask.html" - }, - "CancelImageLaunchPermission": { - "privilege": "CancelImageLaunchPermission", - "description": "Grants permission to remove your AWS account from the launch permissions for the specified AMI", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelImageLaunchPermission.html" - }, - "CancelImportTask": { - "privilege": "CancelImportTask", - "description": "Grants permission to cancel an in-process import virtual machine or import snapshot task", - "access_level": "Write", - "resource_types": { - "import-image-task": { - "resource_type": "import-image-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "import-snapshot-task": { - "resource_type": "import-snapshot-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelImportTask.html" - }, - "CancelReservedInstancesListing": { - "privilege": "CancelReservedInstancesListing", - "description": "Grants permission to cancel a Reserved Instance listing on the Reserved Instance Marketplace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelReservedInstancesListing.html" - }, - "CancelSpotFleetRequests": { - "privilege": "CancelSpotFleetRequests", - "description": "Grants permission to cancel one or more Spot Fleet requests", - "access_level": "Write", - "resource_types": { - "spot-fleet-request": { - "resource_type": "spot-fleet-request", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotFleetRequests.html" - }, - "CancelSpotInstanceRequests": { - "privilege": "CancelSpotInstanceRequests", - "description": "Grants permission to cancel one or more Spot Instance requests", - "access_level": "Write", - "resource_types": { - "spot-instances-request": { - "resource_type": "spot-instances-request", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotInstanceRequests.html" - }, - "ConfirmProductInstance": { - "privilege": "ConfirmProductInstance", - "description": "Grants permission to determine whether an owned product code is associated with an instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ConfirmProductInstance.html" - }, - "CopyFpgaImage": { - "privilege": "CopyFpgaImage", - "description": "Grants permission to copy a source Amazon FPGA image (AFI) to the current Region. Resource-level permissions specified for this action apply to the new AFI only. They do not apply to the source AFI", - "access_level": "Write", - "resource_types": { - "fpga-image": { - "resource_type": "fpga-image", - "required": true, - "condition_keys": [ - "ec2:Owner" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopyFpgaImage.html" - }, - "CopyImage": { - "privilege": "CopyImage", - "description": "Grants permission to copy an Amazon Machine Image (AMI) from a source Region to the current Region. Resource-level permissions specified for this action apply to the new AMI only. They do not apply to the source AMI", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "ec2:ImageID", - "ec2:Owner" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopyImage.html" - }, - "CopySnapshot": { - "privilege": "CopySnapshot", - "description": "Grants permission to copy a point-in-time snapshot of an EBS volume and store it in Amazon S3. Resource-level permissions specified for this action apply to the new snapshot only. They do not apply to the source snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "ec2:OutpostArn", - "ec2:SnapshotID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopySnapshot.html" - }, - "CreateCapacityReservation": { - "privilege": "CreateCapacityReservation", - "description": "Grants permission to create a Capacity Reservation", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [ - "ec2:CapacityReservationFleet" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCapacityReservation.html" - }, - "CreateCapacityReservationFleet": { - "privilege": "CreateCapacityReservationFleet", - "description": "Grants permission to create a Capacity Reservation Fleet", - "access_level": "Write", - "resource_types": { - "capacity-reservation-fleet": { - "resource_type": "capacity-reservation-fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCapacityReservationFleet.html" - }, - "CreateCarrierGateway": { - "privilege": "CreateCarrierGateway", - "description": "Grants permission to create a carrier gateway and provides CSP connectivity to VPC customers", - "access_level": "Write", - "resource_types": { - "carrier-gateway": { - "resource_type": "carrier-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCarrierGateway.html" - }, - "CreateClientVpnEndpoint": { - "privilege": "CreateClientVpnEndpoint", - "description": "Grants permission to create a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateClientVpnEndpoint.html" - }, - "CreateClientVpnRoute": { - "privilege": "CreateClientVpnRoute", - "description": "Grants permission to add a network route to a Client VPN endpoint's route table", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateClientVpnRoute.html" - }, - "CreateCoipCidr": { - "privilege": "CreateCoipCidr", - "description": "Grants permission to create a range of customer-owned IP (CoIP) addresses", - "access_level": "Write", - "resource_types": { - "coip-pool": { - "resource_type": "coip-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCoipCidr.html" - }, - "CreateCoipPool": { - "privilege": "CreateCoipPool", - "description": "Grants permission to create a pool of customer-owned IP (CoIP) addresses", - "access_level": "Write", - "resource_types": { - "coip-pool": { - "resource_type": "coip-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCoipPool.html" - }, - "CreateCoipPoolPermission": { - "privilege": "CreateCoipPoolPermission", - "description": "Grants permission to allow a service to access a customer-owned IP (CoIP) pool", - "access_level": "Write", - "resource_types": { - "coip-pool": { - "resource_type": "coip-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" - }, - "CreateCustomerGateway": { - "privilege": "CreateCustomerGateway", - "description": "Grants permission to create a customer gateway, which provides information to AWS about your customer gateway device", - "access_level": "Write", - "resource_types": { - "customer-gateway": { - "resource_type": "customer-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCustomerGateway.html" - }, - "CreateDefaultSubnet": { - "privilege": "CreateDefaultSubnet", - "description": "Grants permission to create a default subnet in a specified Availability Zone in a default VPC", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateDefaultSubnet.html" - }, - "CreateDefaultVpc": { - "privilege": "CreateDefaultVpc", - "description": "Grants permission to create a default VPC with a default subnet in each Availability Zone", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateDefaultVpc.html" - }, - "CreateDhcpOptions": { - "privilege": "CreateDhcpOptions", - "description": "Grants permission to create a set of DHCP options for a VPC", - "access_level": "Write", - "resource_types": { - "dhcp-options": { - "resource_type": "dhcp-options", - "required": true, - "condition_keys": [ - "ec2:DhcpOptionsID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateDhcpOptions.html" - }, - "CreateEgressOnlyInternetGateway": { - "privilege": "CreateEgressOnlyInternetGateway", - "description": "Grants permission to create an egress-only internet gateway for a VPC", - "access_level": "Write", - "resource_types": { - "egress-only-internet-gateway": { - "resource_type": "egress-only-internet-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateEgressOnlyInternetGateway.html" - }, - "CreateFleet": { - "privilege": "CreateFleet", - "description": "Grants permission to launch an EC2 Fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:PlacementGroup", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:KeyPairName", - "ec2:KeyPairType", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [ - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:KmsKeyId", - "ec2:ParentSnapshot", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html" - }, - "CreateFlowLogs": { - "privilege": "CreateFlowLogs", - "description": "Grants permission to create one or more flow logs to capture IP traffic for a network interface", - "access_level": "Write", - "resource_types": { - "vpc-flow-log": { - "resource_type": "vpc-flow-log", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags", - "iam:PassRole" - ] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFlowLogs.html" - }, - "CreateFpgaImage": { - "privilege": "CreateFpgaImage", - "description": "Grants permission to create an Amazon FPGA Image (AFI) from a design checkpoint (DCP)", - "access_level": "Write", - "resource_types": { - "fpga-image": { - "resource_type": "fpga-image", - "required": true, - "condition_keys": [ - "ec2:Owner", - "ec2:Public" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFpgaImage.html" - }, - "CreateImage": { - "privilege": "CreateImage", - "description": "Grants permission to create an Amazon EBS-backed AMI from a stopped or running Amazon EBS-backed instance", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "ec2:ImageID", - "ec2:Owner" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "ec2:OutpostArn", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html" - }, - "CreateInstanceConnectEndpoint": { - "privilege": "CreateInstanceConnectEndpoint", - "description": "Grants permission to create an EC2 Instance Connect Endpoint that allows you to connect to an instance without a public IPv4 address", - "access_level": "Write", - "resource_types": { - "instance-connect-endpoint": { - "resource_type": "instance-connect-endpoint", - "required": true, - "condition_keys": [ - "ec2:SubnetID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInstanceConnectEndpoint.html" - }, - "CreateInstanceEventWindow": { - "privilege": "CreateInstanceEventWindow", - "description": "Grants permission to create an event window in which scheduled events for the associated Amazon EC2 instances can run", - "access_level": "Write", - "resource_types": { - "instance-event-window": { - "resource_type": "instance-event-window", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInstanceEventWindow.html" - }, - "CreateInstanceExportTask": { - "privilege": "CreateInstanceExportTask", - "description": "Grants permission to export a running or stopped instance to an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "export-instance-task": { - "resource_type": "export-instance-task", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInstanceExportTask.html" - }, - "CreateInternetGateway": { - "privilege": "CreateInternetGateway", - "description": "Grants permission to create an internet gateway for a VPC", - "access_level": "Write", - "resource_types": { - "internet-gateway": { - "resource_type": "internet-gateway", - "required": true, - "condition_keys": [ - "ec2:InternetGatewayID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInternetGateway.html" - }, - "CreateIpam": { - "privilege": "CreateIpam", - "description": "Grants permission to create an Amazon VPC IP Address Manager (IPAM)", - "access_level": "Write", - "resource_types": { - "ipam": { - "resource_type": "ipam", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags", - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpam.html" - }, - "CreateIpamPool": { - "privilege": "CreateIpamPool", - "description": "Grants permission to create an IP address pool for Amazon VPC IP Address Manager (IPAM), which is a collection of contiguous IP address CIDRs", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "ipam-scope": { - "resource_type": "ipam-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpamPool.html" - }, - "CreateIpamResourceDiscovery": { - "privilege": "CreateIpamResourceDiscovery", - "description": "Grants permission to create an IPAM resource discovery", - "access_level": "Write", - "resource_types": { - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags", - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpamResourceDiscovery.html" - }, - "CreateIpamScope": { - "privilege": "CreateIpamScope", - "description": "Grants permission to create an Amazon VPC IP Address Manager (IPAM) scope, which is the highest-level container within IPAM", - "access_level": "Write", - "resource_types": { - "ipam": { - "resource_type": "ipam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "ipam-scope": { - "resource_type": "ipam-scope", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpamScope.html" - }, - "CreateKeyPair": { - "privilege": "CreateKeyPair", - "description": "Grants permission to create a 2048-bit RSA key pair", - "access_level": "Write", - "resource_types": { - "key-pair": { - "resource_type": "key-pair", - "required": true, - "condition_keys": [ - "ec2:KeyPairType" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html" - }, - "CreateLaunchTemplate": { - "privilege": "CreateLaunchTemplate", - "description": "Grants permission to create a launch template", - "access_level": "Write", - "resource_types": { - "launch-template": { - "resource_type": "launch-template", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplate.html" - }, - "CreateLaunchTemplateVersion": { - "privilege": "CreateLaunchTemplateVersion", - "description": "Grants permission to create a new version of a launch template", - "access_level": "Write", - "resource_types": { - "launch-template": { - "resource_type": "launch-template", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplateVersion.html" - }, - "CreateLocalGatewayRoute": { - "privilege": "CreateLocalGatewayRoute", - "description": "Grants permission to create a static route for a local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-virtual-interface-group": { - "resource_type": "local-gateway-virtual-interface-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "prefix-list": { - "resource_type": "prefix-list", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRoute.html" - }, - "CreateLocalGatewayRouteTable": { - "privilege": "CreateLocalGatewayRouteTable", - "description": "Grants permission to create a local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway": { - "resource_type": "local-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRouteTable.html" - }, - "CreateLocalGatewayRouteTablePermission": { - "privilege": "CreateLocalGatewayRouteTablePermission", - "description": "Grants permission to allow a service to access a local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" - }, - "CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation": { - "privilege": "CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", - "description": "Grants permission to create a local gateway route table virtual interface group association", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "local-gateway-route-table-virtual-interface-group-association": { - "resource_type": "local-gateway-route-table-virtual-interface-group-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "local-gateway-virtual-interface-group": { - "resource_type": "local-gateway-virtual-interface-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation.html" - }, - "CreateLocalGatewayRouteTableVpcAssociation": { - "privilege": "CreateLocalGatewayRouteTableVpcAssociation", - "description": "Grants permission to associate a VPC with a local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "local-gateway-route-table-vpc-association": { - "resource_type": "local-gateway-route-table-vpc-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRouteTableVpcAssociation.html" - }, - "CreateManagedPrefixList": { - "privilege": "CreateManagedPrefixList", - "description": "Grants permission to create a managed prefix list", - "access_level": "Write", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateManagedPrefixList.html" - }, - "CreateNatGateway": { - "privilege": "CreateNatGateway", - "description": "Grants permission to create a NAT gateway in a subnet", - "access_level": "Write", - "resource_types": { - "natgateway": { - "resource_type": "natgateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "elastic-ip": { - "resource_type": "elastic-ip", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNatGateway.html" - }, - "CreateNetworkAcl": { - "privilege": "CreateNetworkAcl", - "description": "Grants permission to create a network ACL in a VPC", - "access_level": "Write", - "resource_types": { - "network-acl": { - "resource_type": "network-acl", - "required": true, - "condition_keys": [ - "ec2:NetworkAclID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkAcl.html" - }, - "CreateNetworkAclEntry": { - "privilege": "CreateNetworkAclEntry", - "description": "Grants permission to create a numbered entry (a rule) in a network ACL", - "access_level": "Write", - "resource_types": { - "network-acl": { - "resource_type": "network-acl", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkAclID", - "ec2:ResourceTag/${TagKey}", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkAclEntry.html" - }, - "CreateNetworkInsightsAccessScope": { - "privilege": "CreateNetworkInsightsAccessScope", - "description": "Grants permission to create a Network Access Scope", - "access_level": "Write", - "resource_types": { - "network-insights-access-scope": { - "resource_type": "network-insights-access-scope", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInsightsAccessScope.html" - }, - "CreateNetworkInsightsPath": { - "privilege": "CreateNetworkInsightsPath", - "description": "Grants permission to create a path to analyze for reachability", - "access_level": "Write", - "resource_types": { - "network-insights-path": { - "resource_type": "network-insights-path", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:PlacementGroup", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "internet-gateway": { - "resource_type": "internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "transit-gateway": { - "resource_type": "transit-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AccepterVpc", - "ec2:RequesterVpc", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcPeeringConnectionID" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInsightsPath.html" - }, - "CreateNetworkInterface": { - "privilege": "CreateNetworkInterface", - "description": "Grants permission to create a network interface in a subnet", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "ec2:NetworkInterfaceID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html" - }, - "CreateNetworkInterfacePermission": { - "privilege": "CreateNetworkInterfacePermission", - "description": "Grants permission to create a permission for an AWS-authorized user to perform certain operations on a network interface", - "access_level": "Permissions management", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AuthorizedService", - "ec2:AuthorizedUser", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:Permission", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterfacePermission.html" - }, - "CreatePlacementGroup": { - "privilege": "CreatePlacementGroup", - "description": "Grants permission to create a placement group", - "access_level": "Write", - "resource_types": { - "placement-group": { - "resource_type": "placement-group", - "required": true, - "condition_keys": [ - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreatePlacementGroup.html" - }, - "CreatePublicIpv4Pool": { - "privilege": "CreatePublicIpv4Pool", - "description": "Grants permission to create a public IPv4 address pool for public IPv4 CIDRs that you own and bring to Amazon to manage with Amazon VPC IP Address Manager (IPAM)", - "access_level": "Write", - "resource_types": { - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreatePublicIpv4Pool.html" - }, - "CreateReplaceRootVolumeTask": { - "privilege": "CreateReplaceRootVolumeTask", - "description": "Grants permission to create a root volume replacement task", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "replace-root-volume-task": { - "resource_type": "replace-root-volume-task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "ec2:VolumeID" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateReplaceRootVolumeTask.html" - }, - "CreateReservedInstancesListing": { - "privilege": "CreateReservedInstancesListing", - "description": "Grants permission to create a listing for Standard Reserved Instances to be sold in the Reserved Instance Marketplace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateReservedInstancesListing.html" - }, - "CreateRestoreImageTask": { - "privilege": "CreateRestoreImageTask", - "description": "Grants permission to start a task that restores an AMI from an S3 object previously created by using CreateStoreImageTask", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "ec2:ImageID", - "ec2:Owner" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateRestoreImageTask.html" - }, - "CreateRoute": { - "privilege": "CreateRoute", - "description": "Grants permission to create a route in a VPC route table", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateRoute.html" - }, - "CreateRouteTable": { - "privilege": "CreateRouteTable", - "description": "Grants permission to create a route table for a VPC", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "ec2:RouteTableID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateRouteTable.html" - }, - "CreateSecurityGroup": { - "privilege": "CreateSecurityGroup", - "description": "Grants permission to create a security group", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "ec2:SecurityGroupID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to create a snapshot of an EBS volume and store it in Amazon S3", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "ec2:OutpostArn", - "ec2:ParentVolume", - "ec2:SnapshotID", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Encrypted", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSnapshot.html" - }, - "CreateSnapshots": { - "privilege": "CreateSnapshots", - "description": "Grants permission to create crash-consistent snapshots of multiple EBS volumes and store them in Amazon S3", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:PlacementGroup", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "ec2:OutpostArn", - "ec2:ParentVolume", - "ec2:SnapshotID", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Encrypted", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSnapshots.html" - }, - "CreateSpotDatafeedSubscription": { - "privilege": "CreateSpotDatafeedSubscription", - "description": "Grants permission to create a data feed for Spot Instances to view Spot Instance usage logs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSpotDatafeedSubscription.html" - }, - "CreateStoreImageTask": { - "privilege": "CreateStoreImageTask", - "description": "Grants permission to store an AMI as a single object in an S3 bucket", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html" - }, - "CreateSubnet": { - "privilege": "CreateSubnet", - "description": "Grants permission to create a subnet in a VPC", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "ec2:SubnetID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSubnet.html" - }, - "CreateSubnetCidrReservation": { - "privilege": "CreateSubnetCidrReservation", - "description": "Grants permission to create a subnet CIDR reservation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSubnetCidrReservation.html" - }, - "CreateTags": { - "privilege": "CreateTags", - "description": "Grants permission to add or overwrite one or more tags for Amazon EC2 resources", - "access_level": "Tagging", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "capacity-reservation-fleet": { - "resource_type": "capacity-reservation-fleet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "carrier-gateway": { - "resource_type": "carrier-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "coip-pool": { - "resource_type": "coip-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "customer-gateway": { - "resource_type": "customer-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "dedicated-host": { - "resource_type": "dedicated-host", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AutoPlacement", - "ec2:AvailabilityZone", - "ec2:HostRecovery", - "ec2:InstanceType", - "ec2:Quantity", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "dhcp-options": { - "resource_type": "dhcp-options", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:DhcpOptionsID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "egress-only-internet-gateway": { - "resource_type": "egress-only-internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "elastic-gpu": { - "resource_type": "elastic-gpu", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ElasticGpuType", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "elastic-ip": { - "resource_type": "elastic-ip", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "export-image-task": { - "resource_type": "export-image-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "export-instance-task": { - "resource_type": "export-instance-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "fpga-image": { - "resource_type": "fpga-image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "host-reservation": { - "resource_type": "host-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "import-image-task": { - "resource_type": "import-image-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "import-snapshot-task": { - "resource_type": "import-snapshot-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "instance-connect-endpoint": { - "resource_type": "instance-connect-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ], - "dependent_actions": [] - }, - "instance-event-window": { - "resource_type": "instance-event-window", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "internet-gateway": { - "resource_type": "internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam": { - "resource_type": "ipam", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-resource-discovery-association": { - "resource_type": "ipam-resource-discovery-association", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-scope": { - "resource_type": "ipam-scope", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv6pool-ec2": { - "resource_type": "ipv6pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:KeyPairName", - "ec2:KeyPairType", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway": { - "resource_type": "local-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-route-table-virtual-interface-group-association": { - "resource_type": "local-gateway-route-table-virtual-interface-group-association", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-route-table-vpc-association": { - "resource_type": "local-gateway-route-table-vpc-association", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-virtual-interface": { - "resource_type": "local-gateway-virtual-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-virtual-interface-group": { - "resource_type": "local-gateway-virtual-interface-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "natgateway": { - "resource_type": "natgateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-acl": { - "resource_type": "network-acl", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkAclID", - "ec2:ResourceTag/${TagKey}", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "network-insights-access-scope": { - "resource_type": "network-insights-access-scope", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-insights-access-scope-analysis": { - "resource_type": "network-insights-access-scope-analysis", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-insights-analysis": { - "resource_type": "network-insights-analysis", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-insights-path": { - "resource_type": "network-insights-path", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AuthorizedUser", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:Permission", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "prefix-list": { - "resource_type": "prefix-list", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "replace-root-volume-task": { - "resource_type": "replace-root-volume-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "reserved-instances": { - "resource_type": "reserved-instances", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:InstanceType", - "ec2:ReservedInstancesOfferingType", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "route-table": { - "resource_type": "route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group-rule": { - "resource_type": "security-group-rule", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Encrypted", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "spot-fleet-request": { - "resource_type": "spot-fleet-request", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "spot-instances-request": { - "resource_type": "spot-instances-request", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "subnet-cidr-reservation": { - "resource_type": "subnet-cidr-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-session": { - "resource_type": "traffic-mirror-session", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-target": { - "resource_type": "traffic-mirror-target", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway": { - "resource_type": "transit-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-connect-peer": { - "resource_type": "transit-gateway-connect-peer", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table-announcement": { - "resource_type": "transit-gateway-route-table-announcement", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-endpoint": { - "resource_type": "verified-access-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-group": { - "resource_type": "verified-access-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-policy": { - "resource_type": "verified-access-policy", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-trust-provider": { - "resource_type": "verified-access-trust-provider", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-connection": { - "resource_type": "vpc-endpoint-connection", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service-permission": { - "resource_type": "vpc-endpoint-service-permission", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-flow-log": { - "resource_type": "vpc-flow-log", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AccepterVpc", - "ec2:RequesterVpc", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcPeeringConnectionID" - ], - "dependent_actions": [] - }, - "vpn-connection": { - "resource_type": "vpn-connection", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AuthenticationType", - "ec2:DPDTimeoutSeconds", - "ec2:GatewayType", - "ec2:IKEVersions", - "ec2:InsideTunnelCidr", - "ec2:InsideTunnelIpv6Cidr", - "ec2:Phase1DHGroup", - "ec2:Phase1EncryptionAlgorithms", - "ec2:Phase1IntegrityAlgorithms", - "ec2:Phase1LifetimeSeconds", - "ec2:Phase2DHGroup", - "ec2:Phase2EncryptionAlgorithms", - "ec2:Phase2IntegrityAlgorithms", - "ec2:Phase2LifetimeSeconds", - "ec2:PreSharedKeys", - "ec2:RekeyFuzzPercentage", - "ec2:RekeyMarginTimeSeconds", - "ec2:ReplayWindowSizePackets", - "ec2:ResourceTag/${TagKey}", - "ec2:RoutingType" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:CreateAction", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html" - }, - "CreateTrafficMirrorFilter": { - "privilege": "CreateTrafficMirrorFilter", - "description": "Grants permission to create a traffic mirror filter", - "access_level": "Write", - "resource_types": { - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilter.html" - }, - "CreateTrafficMirrorFilterRule": { - "privilege": "CreateTrafficMirrorFilterRule", - "description": "Grants permission to create a traffic mirror filter rule", - "access_level": "Write", - "resource_types": { - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilterRule.html" - }, - "CreateTrafficMirrorSession": { - "privilege": "CreateTrafficMirrorSession", - "description": "Grants permission to create a traffic mirror session", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-session": { - "resource_type": "traffic-mirror-session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "traffic-mirror-target": { - "resource_type": "traffic-mirror-target", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorSession.html" - }, - "CreateTrafficMirrorTarget": { - "privilege": "CreateTrafficMirrorTarget", - "description": "Grants permission to create a traffic mirror target", - "access_level": "Write", - "resource_types": { - "traffic-mirror-target": { - "resource_type": "traffic-mirror-target", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:VpceServiceName", - "ec2:VpceServiceOwner" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorTarget.html" - }, - "CreateTransitGateway": { - "privilege": "CreateTransitGateway", - "description": "Grants permission to create a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGateway.html" - }, - "CreateTransitGatewayConnect": { - "privilege": "CreateTransitGatewayConnect", - "description": "Grants permission to create a Connect attachment from a specified transit gateway attachment", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayConnect.html" - }, - "CreateTransitGatewayConnectPeer": { - "privilege": "CreateTransitGatewayConnectPeer", - "description": "Grants permission to create a Connect peer between a transit gateway and an appliance", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "transit-gateway-connect-peer": { - "resource_type": "transit-gateway-connect-peer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayConnectPeer.html" - }, - "CreateTransitGatewayMulticastDomain": { - "privilege": "CreateTransitGatewayMulticastDomain", - "description": "Grants permission to create a multicast domain for a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayMulticastDomain.html" - }, - "CreateTransitGatewayPeeringAttachment": { - "privilege": "CreateTransitGatewayPeeringAttachment", - "description": "Grants permission to request a transit gateway peering attachment between a requester and accepter transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayPeeringAttachment.html" - }, - "CreateTransitGatewayPolicyTable": { - "privilege": "CreateTransitGatewayPolicyTable", - "description": "Grants permission to create a transit gateway policy table", - "access_level": "Write", - "resource_types": { - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayPolicyTable.html" - }, - "CreateTransitGatewayPrefixListReference": { - "privilege": "CreateTransitGatewayPrefixListReference", - "description": "Grants permission to create a transit gateway prefix list reference", - "access_level": "Write", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayPrefixListReference.html" - }, - "CreateTransitGatewayRoute": { - "privilege": "CreateTransitGatewayRoute", - "description": "Grants permission to create a static route for a transit gateway route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayRoute.html" - }, - "CreateTransitGatewayRouteTable": { - "privilege": "CreateTransitGatewayRouteTable", - "description": "Grants permission to create a route table for a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayRouteTable.html" - }, - "CreateTransitGatewayRouteTableAnnouncement": { - "privilege": "CreateTransitGatewayRouteTableAnnouncement", - "description": "Grants permission to create an announcement for a transit gateway route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table-announcement": { - "resource_type": "transit-gateway-route-table-announcement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayRouteTableAnnouncement.html" - }, - "CreateTransitGatewayVpcAttachment": { - "privilege": "CreateTransitGatewayVpcAttachment", - "description": "Grants permission to attach a VPC to a transit gateway", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayVpcAttachment.html" - }, - "CreateVerifiedAccessEndpoint": { - "privilege": "CreateVerifiedAccessEndpoint", - "description": "Grants permission to create a Verified Access endpoint", - "access_level": "Write", - "resource_types": { - "verified-access-endpoint": { - "resource_type": "verified-access-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "verified-access-group": { - "resource_type": "verified-access-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AuthorizedUser", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:Permission", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessEndpoint.html" - }, - "CreateVerifiedAccessGroup": { - "privilege": "CreateVerifiedAccessGroup", - "description": "Grants permission to create a Verified Access group", - "access_level": "Write", - "resource_types": { - "verified-access-group": { - "resource_type": "verified-access-group", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessGroup.html" - }, - "CreateVerifiedAccessInstance": { - "privilege": "CreateVerifiedAccessInstance", - "description": "Grants permission to create a Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessInstance.html" - }, - "CreateVerifiedAccessTrustProvider": { - "privilege": "CreateVerifiedAccessTrustProvider", - "description": "Grants permission to create a verified trust provider", - "access_level": "Write", - "resource_types": { - "verified-access-trust-provider": { - "resource_type": "verified-access-trust-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessTrustProvider.html" - }, - "CreateVolume": { - "privilege": "CreateVolume", - "description": "Grants permission to create an EBS volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:KmsKeyId", - "ec2:ParentSnapshot", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html" - }, - "CreateVpc": { - "privilege": "CreateVpc", - "description": "Grants permission to create a VPC with a specified CIDR block", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "ec2:Ipv4IpamPoolId", - "ec2:Ipv6IpamPoolId", - "ec2:VpcID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv6pool-ec2": { - "resource_type": "ipv6pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpc.html" - }, - "CreateVpcEndpoint": { - "privilege": "CreateVpcEndpoint", - "description": "Grants permission to create a VPC endpoint for an AWS service", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcID" - ], - "dependent_actions": [ - "ec2:CreateTags", - "route53:AssociateVPCWithHostedZone" - ] - }, - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": true, - "condition_keys": [ - "ec2:VpceServiceName", - "ec2:VpceServiceOwner" - ], - "dependent_actions": [] - }, - "route-table": { - "resource_type": "route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpoint.html" - }, - "CreateVpcEndpointConnectionNotification": { - "privilege": "CreateVpcEndpointConnectionNotification", - "description": "Grants permission to create a connection notification for a VPC endpoint or VPC endpoint service", - "access_level": "Write", - "resource_types": { - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html" - }, - "CreateVpcEndpointServiceConfiguration": { - "privilege": "CreateVpcEndpointServiceConfiguration", - "description": "Grants permission to create a VPC endpoint service configuration to which service consumers (AWS accounts, IAM users, and IAM roles) can connect", - "access_level": "Write", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "ec2:VpceServicePrivateDnsName" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointServiceConfiguration.html" - }, - "CreateVpcPeeringConnection": { - "privilege": "CreateVpcPeeringConnection", - "description": "Grants permission to request a VPC peering connection between two VPCs", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": true, - "condition_keys": [ - "ec2:AccepterVpc", - "ec2:RequesterVpc", - "ec2:VpcPeeringConnectionID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcPeeringConnection.html" - }, - "CreateVpnConnection": { - "privilege": "CreateVpnConnection", - "description": "Grants permission to create a VPN connection between a virtual private gateway or transit gateway and a customer gateway", - "access_level": "Write", - "resource_types": { - "customer-gateway": { - "resource_type": "customer-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "ec2:AuthenticationType", - "ec2:DPDTimeoutSeconds", - "ec2:GatewayType", - "ec2:IKEVersions", - "ec2:InsideTunnelCidr", - "ec2:InsideTunnelIpv6Cidr", - "ec2:Phase1DHGroup", - "ec2:Phase1EncryptionAlgorithms", - "ec2:Phase1IntegrityAlgorithms", - "ec2:Phase1LifetimeSeconds", - "ec2:Phase2DHGroup", - "ec2:Phase2EncryptionAlgorithms", - "ec2:Phase2IntegrityAlgorithms", - "ec2:Phase2LifetimeSeconds", - "ec2:PreSharedKeys", - "ec2:RekeyFuzzPercentage", - "ec2:RekeyMarginTimeSeconds", - "ec2:ReplayWindowSizePackets", - "ec2:RoutingType" - ], - "dependent_actions": [] - }, - "transit-gateway": { - "resource_type": "transit-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpnConnection.html" - }, - "CreateVpnConnectionRoute": { - "privilege": "CreateVpnConnectionRoute", - "description": "Grants permission to create a static route for a VPN connection between a virtual private gateway and a customer gateway", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpnConnectionRoute.html" - }, - "CreateVpnGateway": { - "privilege": "CreateVpnGateway", - "description": "Grants permission to create a virtual private gateway", - "access_level": "Write", - "resource_types": { - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpnGateway.html" - }, - "DeleteCarrierGateway": { - "privilege": "DeleteCarrierGateway", - "description": "Grants permission to delete a carrier gateway", - "access_level": "Write", - "resource_types": { - "carrier-gateway": { - "resource_type": "carrier-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCarrierGateway.html" - }, - "DeleteClientVpnEndpoint": { - "privilege": "DeleteClientVpnEndpoint", - "description": "Grants permission to delete a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteClientVpnEndpoint.html" - }, - "DeleteClientVpnRoute": { - "privilege": "DeleteClientVpnRoute", - "description": "Grants permission to delete a route from a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteClientVpnRoute.html" - }, - "DeleteCoipCidr": { - "privilege": "DeleteCoipCidr", - "description": "Grants permission to delete a range of customer-owned IP (CoIP) addresses", - "access_level": "Write", - "resource_types": { - "coip-pool": { - "resource_type": "coip-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCoipCidr.html" - }, - "DeleteCoipPool": { - "privilege": "DeleteCoipPool", - "description": "Grants permission to delete a pool of customer-owned IP (CoIP) addresses", - "access_level": "Write", - "resource_types": { - "coip-pool": { - "resource_type": "coip-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCoipPool.html" - }, - "DeleteCoipPoolPermission": { - "privilege": "DeleteCoipPoolPermission", - "description": "Grants permission to deny a service from accessing a customer-owned IP (CoIP) pool", - "access_level": "Write", - "resource_types": { - "coip-pool": { - "resource_type": "coip-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" - }, - "DeleteCustomerGateway": { - "privilege": "DeleteCustomerGateway", - "description": "Grants permission to delete a customer gateway", - "access_level": "Write", - "resource_types": { - "customer-gateway": { - "resource_type": "customer-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCustomerGateway.html" - }, - "DeleteDhcpOptions": { - "privilege": "DeleteDhcpOptions", - "description": "Grants permission to delete a set of DHCP options", - "access_level": "Write", - "resource_types": { - "dhcp-options": { - "resource_type": "dhcp-options", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:DhcpOptionsID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteDhcpOptions.html" - }, - "DeleteEgressOnlyInternetGateway": { - "privilege": "DeleteEgressOnlyInternetGateway", - "description": "Grants permission to delete an egress-only internet gateway", - "access_level": "Write", - "resource_types": { - "egress-only-internet-gateway": { - "resource_type": "egress-only-internet-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteEgressOnlyInternetGateway.html" - }, - "DeleteFleets": { - "privilege": "DeleteFleets", - "description": "Grants permission to delete one or more EC2 Fleets", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteFleets.html" - }, - "DeleteFlowLogs": { - "privilege": "DeleteFlowLogs", - "description": "Grants permission to delete one or more flow logs", - "access_level": "Write", - "resource_types": { - "vpc-flow-log": { - "resource_type": "vpc-flow-log", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteFlowLogs.html" - }, - "DeleteFpgaImage": { - "privilege": "DeleteFpgaImage", - "description": "Grants permission to delete an Amazon FPGA Image (AFI)", - "access_level": "Write", - "resource_types": { - "fpga-image": { - "resource_type": "fpga-image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteFpgaImage.html" - }, - "DeleteInstanceConnectEndpoint": { - "privilege": "DeleteInstanceConnectEndpoint", - "description": "Grants permission to delete an EC2 Instance Connect Endpoint", - "access_level": "Write", - "resource_types": { - "instance-connect-endpoint": { - "resource_type": "instance-connect-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteInstanceConnectEndpoint.html" - }, - "DeleteInstanceEventWindow": { - "privilege": "DeleteInstanceEventWindow", - "description": "Grants permission to delete the specified event window", - "access_level": "Write", - "resource_types": { - "instance-event-window": { - "resource_type": "instance-event-window", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteInstanceEventWindow.html" - }, - "DeleteInternetGateway": { - "privilege": "DeleteInternetGateway", - "description": "Grants permission to delete an internet gateway", - "access_level": "Write", - "resource_types": { - "internet-gateway": { - "resource_type": "internet-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteInternetGateway.html" - }, - "DeleteIpam": { - "privilege": "DeleteIpam", - "description": "Grants permission to delete an Amazon VPC IP Address Manager (IPAM) and remove all monitored data associated with the IPAM including the historical data for CIDRs", - "access_level": "Write", - "resource_types": { - "ipam": { - "resource_type": "ipam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpam.html" - }, - "DeleteIpamPool": { - "privilege": "DeleteIpamPool", - "description": "Grants permission to delete an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpamPool.html" - }, - "DeleteIpamResourceDiscovery": { - "privilege": "DeleteIpamResourceDiscovery", - "description": "Grants permission to delete an IPAM resource discovery", - "access_level": "Write", - "resource_types": { - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpamResourceDiscovery.html" - }, - "DeleteIpamScope": { - "privilege": "DeleteIpamScope", - "description": "Grants permission to delete the scope for an Amazon VPC IP Address Manager (IPAM)", - "access_level": "Write", - "resource_types": { - "ipam-scope": { - "resource_type": "ipam-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpamScope.html" - }, - "DeleteKeyPair": { - "privilege": "DeleteKeyPair", - "description": "Grants permission to delete a key pair by removing the public key from Amazon EC2", - "access_level": "Write", - "resource_types": { - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:KeyPairName", - "ec2:KeyPairType", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteKeyPair.html" - }, - "DeleteLaunchTemplate": { - "privilege": "DeleteLaunchTemplate", - "description": "Grants permission to delete a launch template and its associated versions", - "access_level": "Write", - "resource_types": { - "launch-template": { - "resource_type": "launch-template", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLaunchTemplate.html" - }, - "DeleteLaunchTemplateVersions": { - "privilege": "DeleteLaunchTemplateVersions", - "description": "Grants permission to delete one or more versions of a launch template", - "access_level": "Write", - "resource_types": { - "launch-template": { - "resource_type": "launch-template", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLaunchTemplateVersions.html" - }, - "DeleteLocalGatewayRoute": { - "privilege": "DeleteLocalGatewayRoute", - "description": "Grants permission to delete a route from a local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "prefix-list": { - "resource_type": "prefix-list", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRoute.html" - }, - "DeleteLocalGatewayRouteTable": { - "privilege": "DeleteLocalGatewayRouteTable", - "description": "Grants permission to delete a local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRouteTable.html" - }, - "DeleteLocalGatewayRouteTablePermission": { - "privilege": "DeleteLocalGatewayRouteTablePermission", - "description": "Grants permission to deny a service from accessing a local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" - }, - "DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation": { - "privilege": "DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", - "description": "Grants permission to delete a local gateway route table virtual interface group association", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table-virtual-interface-group-association": { - "resource_type": "local-gateway-route-table-virtual-interface-group-association", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation.html" - }, - "DeleteLocalGatewayRouteTableVpcAssociation": { - "privilege": "DeleteLocalGatewayRouteTableVpcAssociation", - "description": "Grants permission to delete an association between a VPC and local gateway route table", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table-vpc-association": { - "resource_type": "local-gateway-route-table-vpc-association", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRouteTableVpcAssociation.html" - }, - "DeleteManagedPrefixList": { - "privilege": "DeleteManagedPrefixList", - "description": "Grants permission to delete a managed prefix list", - "access_level": "Write", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteManagedPrefixList.html" - }, - "DeleteNatGateway": { - "privilege": "DeleteNatGateway", - "description": "Grants permission to delete a NAT gateway", - "access_level": "Write", - "resource_types": { - "natgateway": { - "resource_type": "natgateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNatGateway.html" - }, - "DeleteNetworkAcl": { - "privilege": "DeleteNetworkAcl", - "description": "Grants permission to delete a network ACL", - "access_level": "Write", - "resource_types": { - "network-acl": { - "resource_type": "network-acl", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkAclID", - "ec2:ResourceTag/${TagKey}", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkAcl.html" - }, - "DeleteNetworkAclEntry": { - "privilege": "DeleteNetworkAclEntry", - "description": "Grants permission to delete an inbound or outbound entry (rule) from a network ACL", - "access_level": "Write", - "resource_types": { - "network-acl": { - "resource_type": "network-acl", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkAclID", - "ec2:ResourceTag/${TagKey}", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkAclEntry.html" - }, - "DeleteNetworkInsightsAccessScope": { - "privilege": "DeleteNetworkInsightsAccessScope", - "description": "Grants permission to delete a Network Access Scope", - "access_level": "Write", - "resource_types": { - "network-insights-access-scope": { - "resource_type": "network-insights-access-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsAccessScope.html" - }, - "DeleteNetworkInsightsAccessScopeAnalysis": { - "privilege": "DeleteNetworkInsightsAccessScopeAnalysis", - "description": "Grants permission to delete a Network Access Scope analysis", - "access_level": "Write", - "resource_types": { - "network-insights-access-scope-analysis": { - "resource_type": "network-insights-access-scope-analysis", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsAccessScopeAnalysis.html" - }, - "DeleteNetworkInsightsAnalysis": { - "privilege": "DeleteNetworkInsightsAnalysis", - "description": "Grants permission to delete a network insights analysis", - "access_level": "Write", - "resource_types": { - "network-insights-analysis": { - "resource_type": "network-insights-analysis", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsAnalysis.html" - }, - "DeleteNetworkInsightsPath": { - "privilege": "DeleteNetworkInsightsPath", - "description": "Grants permission to delete a network insights path", - "access_level": "Write", - "resource_types": { - "network-insights-path": { - "resource_type": "network-insights-path", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsPath.html" - }, - "DeleteNetworkInterface": { - "privilege": "DeleteNetworkInterface", - "description": "Grants permission to delete a detached network interface", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInterface.html" - }, - "DeleteNetworkInterfacePermission": { - "privilege": "DeleteNetworkInterfacePermission", - "description": "Grants permission to delete a permission that is associated with a network interface", - "access_level": "Permissions management", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInterfacePermission.html" - }, - "DeletePlacementGroup": { - "privilege": "DeletePlacementGroup", - "description": "Grants permission to delete a placement group", - "access_level": "Write", - "resource_types": { - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeletePlacementGroup.html" - }, - "DeletePublicIpv4Pool": { - "privilege": "DeletePublicIpv4Pool", - "description": "Grants permission to delete a public IPv4 address pool for public IPv4 CIDRs that you own and brought to Amazon to manage with Amazon VPC IP Address Manager (IPAM)", - "access_level": "Write", - "resource_types": { - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeletePublicIpv4Pool.html" - }, - "DeleteQueuedReservedInstances": { - "privilege": "DeleteQueuedReservedInstances", - "description": "Grants permission to delete the queued purchases for the specified Reserved Instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteQueuedReservedInstances.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to remove an IAM policy that enables cross-account sharing from a resource", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-group": { - "resource_type": "verified-access-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/share-pool-ipam.html" - }, - "DeleteRoute": { - "privilege": "DeleteRoute", - "description": "Grants permission to delete a route from a route table", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteRoute.html" - }, - "DeleteRouteTable": { - "privilege": "DeleteRouteTable", - "description": "Grants permission to delete a route table", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteRouteTable.html" - }, - "DeleteSecurityGroup": { - "privilege": "DeleteSecurityGroup", - "description": "Grants permission to delete a security group", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSecurityGroup.html" - }, - "DeleteSnapshot": { - "privilege": "DeleteSnapshot", - "description": "Grants permission to delete a snapshot of an EBS volume", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:OutpostArn", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSnapshot.html" - }, - "DeleteSpotDatafeedSubscription": { - "privilege": "DeleteSpotDatafeedSubscription", - "description": "Grants permission to delete a data feed for Spot Instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSpotDatafeedSubscription.html" - }, - "DeleteSubnet": { - "privilege": "DeleteSubnet", - "description": "Grants permission to delete a subnet", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSubnet.html" - }, - "DeleteSubnetCidrReservation": { - "privilege": "DeleteSubnetCidrReservation", - "description": "Grants permission to delete a subnet CIDR reservation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSubnetCidrReservation.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete one or more tags from Amazon EC2 resources", - "access_level": "Tagging", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "capacity-reservation-fleet": { - "resource_type": "capacity-reservation-fleet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "carrier-gateway": { - "resource_type": "carrier-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "coip-pool": { - "resource_type": "coip-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "customer-gateway": { - "resource_type": "customer-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "dedicated-host": { - "resource_type": "dedicated-host", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "dhcp-options": { - "resource_type": "dhcp-options", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "egress-only-internet-gateway": { - "resource_type": "egress-only-internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "elastic-gpu": { - "resource_type": "elastic-gpu", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "elastic-ip": { - "resource_type": "elastic-ip", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "export-image-task": { - "resource_type": "export-image-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "export-instance-task": { - "resource_type": "export-instance-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "fpga-image": { - "resource_type": "fpga-image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "host-reservation": { - "resource_type": "host-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "import-image-task": { - "resource_type": "import-image-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "import-snapshot-task": { - "resource_type": "import-snapshot-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "instance-connect-endpoint": { - "resource_type": "instance-connect-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "instance-event-window": { - "resource_type": "instance-event-window", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "internet-gateway": { - "resource_type": "internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam": { - "resource_type": "ipam", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-resource-discovery-association": { - "resource_type": "ipam-resource-discovery-association", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-scope": { - "resource_type": "ipam-scope", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv6pool-ec2": { - "resource_type": "ipv6pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway": { - "resource_type": "local-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-route-table-virtual-interface-group-association": { - "resource_type": "local-gateway-route-table-virtual-interface-group-association", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-route-table-vpc-association": { - "resource_type": "local-gateway-route-table-vpc-association", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-virtual-interface": { - "resource_type": "local-gateway-virtual-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-virtual-interface-group": { - "resource_type": "local-gateway-virtual-interface-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "natgateway": { - "resource_type": "natgateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-acl": { - "resource_type": "network-acl", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-insights-access-scope": { - "resource_type": "network-insights-access-scope", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-insights-access-scope-analysis": { - "resource_type": "network-insights-access-scope-analysis", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-insights-analysis": { - "resource_type": "network-insights-analysis", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-insights-path": { - "resource_type": "network-insights-path", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "prefix-list": { - "resource_type": "prefix-list", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "replace-root-volume-task": { - "resource_type": "replace-root-volume-task", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "reserved-instances": { - "resource_type": "reserved-instances", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "route-table": { - "resource_type": "route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "security-group-rule": { - "resource_type": "security-group-rule", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "spot-fleet-request": { - "resource_type": "spot-fleet-request", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "spot-instances-request": { - "resource_type": "spot-instances-request", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet-cidr-reservation": { - "resource_type": "subnet-cidr-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-session": { - "resource_type": "traffic-mirror-session", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-target": { - "resource_type": "traffic-mirror-target", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway": { - "resource_type": "transit-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-connect-peer": { - "resource_type": "transit-gateway-connect-peer", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table-announcement": { - "resource_type": "transit-gateway-route-table-announcement", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-endpoint": { - "resource_type": "verified-access-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-group": { - "resource_type": "verified-access-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-policy": { - "resource_type": "verified-access-policy", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-trust-provider": { - "resource_type": "verified-access-trust-provider", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-connection": { - "resource_type": "vpc-endpoint-connection", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service-permission": { - "resource_type": "vpc-endpoint-service-permission", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-flow-log": { - "resource_type": "vpc-flow-log", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpn-connection": { - "resource_type": "vpn-connection", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTags.html" - }, - "DeleteTrafficMirrorFilter": { - "privilege": "DeleteTrafficMirrorFilter", - "description": "Grants permission to delete a traffic mirror filter", - "access_level": "Write", - "resource_types": { - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorFilter.html" - }, - "DeleteTrafficMirrorFilterRule": { - "privilege": "DeleteTrafficMirrorFilterRule", - "description": "Grants permission to delete a traffic mirror filter rule", - "access_level": "Write", - "resource_types": { - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-filter-rule": { - "resource_type": "traffic-mirror-filter-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorFilterRule.html" - }, - "DeleteTrafficMirrorSession": { - "privilege": "DeleteTrafficMirrorSession", - "description": "Grants permission to delete a traffic mirror session", - "access_level": "Write", - "resource_types": { - "traffic-mirror-session": { - "resource_type": "traffic-mirror-session", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorSession.html" - }, - "DeleteTrafficMirrorTarget": { - "privilege": "DeleteTrafficMirrorTarget", - "description": "Grants permission to delete a traffic mirror target", - "access_level": "Write", - "resource_types": { - "traffic-mirror-target": { - "resource_type": "traffic-mirror-target", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorTarget.html" - }, - "DeleteTransitGateway": { - "privilege": "DeleteTransitGateway", - "description": "Grants permission to delete a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGateway.html" - }, - "DeleteTransitGatewayConnect": { - "privilege": "DeleteTransitGatewayConnect", - "description": "Grants permission to delete a transit gateway connect attachment", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayConnect.html" - }, - "DeleteTransitGatewayConnectPeer": { - "privilege": "DeleteTransitGatewayConnectPeer", - "description": "Grants permission to delete a transit gateway connect peer", - "access_level": "Write", - "resource_types": { - "transit-gateway-connect-peer": { - "resource_type": "transit-gateway-connect-peer", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayConnectPeer.html" - }, - "DeleteTransitGatewayMulticastDomain": { - "privilege": "DeleteTransitGatewayMulticastDomain", - "description": "Grants permission to delete a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayMulticastDomain.html" - }, - "DeleteTransitGatewayPeeringAttachment": { - "privilege": "DeleteTransitGatewayPeeringAttachment", - "description": "Grants permission to delete a peering attachment from a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayPeeringAttachment.html" - }, - "DeleteTransitGatewayPolicyTable": { - "privilege": "DeleteTransitGatewayPolicyTable", - "description": "Grants permission to delete a transit gateway policy table", - "access_level": "Write", - "resource_types": { - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayPolicyTable.html" - }, - "DeleteTransitGatewayPrefixListReference": { - "privilege": "DeleteTransitGatewayPrefixListReference", - "description": "Grants permission to delete a transit gateway prefix list reference", - "access_level": "Write", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayPrefixListReference.html" - }, - "DeleteTransitGatewayRoute": { - "privilege": "DeleteTransitGatewayRoute", - "description": "Grants permission to delete a route from a transit gateway route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayRoute.html" - }, - "DeleteTransitGatewayRouteTable": { - "privilege": "DeleteTransitGatewayRouteTable", - "description": "Grants permission to delete a transit gateway route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayRouteTable.html" - }, - "DeleteTransitGatewayRouteTableAnnouncement": { - "privilege": "DeleteTransitGatewayRouteTableAnnouncement", - "description": "Grants permission to delete a transit gateway route table announcement", - "access_level": "Write", - "resource_types": { - "transit-gateway-route-table-announcement": { - "resource_type": "transit-gateway-route-table-announcement", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayRouteTableAnnouncement.html" - }, - "DeleteTransitGatewayVpcAttachment": { - "privilege": "DeleteTransitGatewayVpcAttachment", - "description": "Grants permission to delete a VPC attachment from a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayVpcAttachment.html" - }, - "DeleteVerifiedAccessEndpoint": { - "privilege": "DeleteVerifiedAccessEndpoint", - "description": "Grants permission to delete a Verified Access endpoint", - "access_level": "Write", - "resource_types": { - "verified-access-endpoint": { - "resource_type": "verified-access-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessEndpoint.html" - }, - "DeleteVerifiedAccessGroup": { - "privilege": "DeleteVerifiedAccessGroup", - "description": "Grants permission to delete a Verified Access group", - "access_level": "Write", - "resource_types": { - "verified-access-group": { - "resource_type": "verified-access-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessGroup.html" - }, - "DeleteVerifiedAccessInstance": { - "privilege": "DeleteVerifiedAccessInstance", - "description": "Grants permission to delete a Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessInstance.html" - }, - "DeleteVerifiedAccessTrustProvider": { - "privilege": "DeleteVerifiedAccessTrustProvider", - "description": "Grants permission to delete a verified trust provider", - "access_level": "Write", - "resource_types": { - "verified-access-trust-provider": { - "resource_type": "verified-access-trust-provider", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessTrustProvider.html" - }, - "DeleteVolume": { - "privilege": "DeleteVolume", - "description": "Grants permission to delete an EBS volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVolume.html" - }, - "DeleteVpc": { - "privilege": "DeleteVpc", - "description": "Grants permission to delete a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpc.html" - }, - "DeleteVpcEndpointConnectionNotifications": { - "privilege": "DeleteVpcEndpointConnectionNotifications", - "description": "Grants permission to delete one or more VPC endpoint connection notifications", - "access_level": "Write", - "resource_types": { - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcEndpointConnectionNotifications.html" - }, - "DeleteVpcEndpointServiceConfigurations": { - "privilege": "DeleteVpcEndpointServiceConfigurations", - "description": "Grants permission to delete one or more VPC endpoint service configurations", - "access_level": "Write", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcEndpointServiceConfigurations.html" - }, - "DeleteVpcEndpoints": { - "privilege": "DeleteVpcEndpoints", - "description": "Grants permission to delete one or more VPC endpoints", - "access_level": "Write", - "resource_types": { - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:VpceServiceName" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcEndpoints.html" - }, - "DeleteVpcPeeringConnection": { - "privilege": "DeleteVpcPeeringConnection", - "description": "Grants permission to delete a VPC peering connection", - "access_level": "Write", - "resource_types": { - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AccepterVpc", - "ec2:RequesterVpc", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcPeeringConnectionID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcPeeringConnection.html" - }, - "DeleteVpnConnection": { - "privilege": "DeleteVpnConnection", - "description": "Grants permission to delete a VPN connection", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpnConnection.html" - }, - "DeleteVpnConnectionRoute": { - "privilege": "DeleteVpnConnectionRoute", - "description": "Grants permission to delete a static route for a VPN connection between a virtual private gateway and a customer gateway", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpnConnectionRoute.html" - }, - "DeleteVpnGateway": { - "privilege": "DeleteVpnGateway", - "description": "Grants permission to delete a virtual private gateway", - "access_level": "Write", - "resource_types": { - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpnGateway.html" - }, - "DeprovisionByoipCidr": { - "privilege": "DeprovisionByoipCidr", - "description": "Grants permission to release an IP address range that was provisioned through bring your own IP addresses (BYOIP), and to delete the corresponding address pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeprovisionByoipCidr.html" - }, - "DeprovisionIpamPoolCidr": { - "privilege": "DeprovisionIpamPoolCidr", - "description": "Grants permission to deprovision a CIDR provisioned from an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeprovisionIpamPoolCidr.html" - }, - "DeprovisionPublicIpv4PoolCidr": { - "privilege": "DeprovisionPublicIpv4PoolCidr", - "description": "Grants permission to deprovision a CIDR from a public IPv4 pool", - "access_level": "Write", - "resource_types": { - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeprovisionPublicIpv4PoolCidr.html" - }, - "DeregisterImage": { - "privilege": "DeregisterImage", - "description": "Grants permission to deregister an Amazon Machine Image (AMI)", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterImage.html" - }, - "DeregisterInstanceEventNotificationAttributes": { - "privilege": "DeregisterInstanceEventNotificationAttributes", - "description": "Grants permission to remove tags from the set of tags to include in notifications about scheduled events for your instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterInstanceEventNotificationAttributes.html" - }, - "DeregisterTransitGatewayMulticastGroupMembers": { - "privilege": "DeregisterTransitGatewayMulticastGroupMembers", - "description": "Grants permission to deregister one or more network interface members from a group IP address in a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterTransitGatewayMulticastGroupMembers.html" - }, - "DeregisterTransitGatewayMulticastGroupSources": { - "privilege": "DeregisterTransitGatewayMulticastGroupSources", - "description": "Grants permission to deregister one or more network interface sources from a group IP address in a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterTransitGatewayMulticastGroupSources.html" - }, - "DescribeAccountAttributes": { - "privilege": "DescribeAccountAttributes", - "description": "Grants permission to describe the attributes of the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAccountAttributes.html" - }, - "DescribeAddressTransfers": { - "privilege": "DescribeAddressTransfers", - "description": "Grants permission to describe an Elastic IP address transfer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddressTransfers.html" - }, - "DescribeAddresses": { - "privilege": "DescribeAddresses", - "description": "Grants permission to describe one or more Elastic IP addresses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html" - }, - "DescribeAddressesAttribute": { - "privilege": "DescribeAddressesAttribute", - "description": "Grants permission to describe the attributes of the specified Elastic IP addresses", - "access_level": "List", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddressesAttribute.html" - }, - "DescribeAggregateIdFormat": { - "privilege": "DescribeAggregateIdFormat", - "description": "Grants permission to describe the longer ID format settings for all resource types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAggregateIdFormat.html" - }, - "DescribeAvailabilityZones": { - "privilege": "DescribeAvailabilityZones", - "description": "Grants permission to describe one or more of the Availability Zones that are available to you", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html" - }, - "DescribeAwsNetworkPerformanceMetricSubscriptions": { - "privilege": "DescribeAwsNetworkPerformanceMetricSubscriptions", - "description": "Grants permission to describe the current infrastructure performance metric subscriptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAwsNetworkPerformanceMetricSubscriptions.html" - }, - "DescribeBundleTasks": { - "privilege": "DescribeBundleTasks", - "description": "Grants permission to describe one or more bundling tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeBundleTasks.html" - }, - "DescribeByoipCidrs": { - "privilege": "DescribeByoipCidrs", - "description": "Grants permission to describe the IP address ranges that were provisioned through bring your own IP addresses (BYOIP)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeByoipCidrs.html" - }, - "DescribeCapacityReservationFleets": { - "privilege": "DescribeCapacityReservationFleets", - "description": "Grants permission to describe one or more Capacity Reservation Fleets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCapacityReservationFleets.html" - }, - "DescribeCapacityReservations": { - "privilege": "DescribeCapacityReservations", - "description": "Grants permission to describe one or more Capacity Reservations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCapacityReservations.html" - }, - "DescribeCarrierGateways": { - "privilege": "DescribeCarrierGateways", - "description": "Grants permission to describe one or more Carrier Gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCarrierGateways.html" - }, - "DescribeClassicLinkInstances": { - "privilege": "DescribeClassicLinkInstances", - "description": "Grants permission to describe one or more linked EC2-Classic instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClassicLinkInstances.html" - }, - "DescribeClientVpnAuthorizationRules": { - "privilege": "DescribeClientVpnAuthorizationRules", - "description": "Grants permission to describe the authorization rules for a Client VPN endpoint", - "access_level": "List", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnAuthorizationRules.html" - }, - "DescribeClientVpnConnections": { - "privilege": "DescribeClientVpnConnections", - "description": "Grants permission to describe active client connections and connections that have been terminated within the last 60 minutes for a Client VPN endpoint", - "access_level": "List", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnConnections.html" - }, - "DescribeClientVpnEndpoints": { - "privilege": "DescribeClientVpnEndpoints", - "description": "Grants permission to describe one or more Client VPN endpoints", - "access_level": "List", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnEndpoints.html" - }, - "DescribeClientVpnRoutes": { - "privilege": "DescribeClientVpnRoutes", - "description": "Grants permission to describe the routes for a Client VPN endpoint", - "access_level": "List", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnRoutes.html" - }, - "DescribeClientVpnTargetNetworks": { - "privilege": "DescribeClientVpnTargetNetworks", - "description": "Grants permission to describe the target networks that are associated with a Client VPN endpoint", - "access_level": "List", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnTargetNetworks.html" - }, - "DescribeCoipPools": { - "privilege": "DescribeCoipPools", - "description": "Grants permission to describe the specified customer-owned address pools or all of your customer-owned address pools", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html" - }, - "DescribeConversionTasks": { - "privilege": "DescribeConversionTasks", - "description": "Grants permission to describe one or more conversion tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeConversionTasks.html" - }, - "DescribeCustomerGateways": { - "privilege": "DescribeCustomerGateways", - "description": "Grants permission to describe one or more customer gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html" - }, - "DescribeDhcpOptions": { - "privilege": "DescribeDhcpOptions", - "description": "Grants permission to describe one or more DHCP options sets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeDhcpOptions.html" - }, - "DescribeEgressOnlyInternetGateways": { - "privilege": "DescribeEgressOnlyInternetGateways", - "description": "Grants permission to describe one or more egress-only internet gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeEgressOnlyInternetGateways.html" - }, - "DescribeElasticGpus": { - "privilege": "DescribeElasticGpus", - "description": "Grants permission to describe an Elastic Graphics accelerator that is associated with an instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeElasticGpus.html" - }, - "DescribeExportImageTasks": { - "privilege": "DescribeExportImageTasks", - "description": "Grants permission to describe one or more export image tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeExportImageTasks.html" - }, - "DescribeExportTasks": { - "privilege": "DescribeExportTasks", - "description": "Grants permission to describe one or more export instance tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeExportTasks.html" - }, - "DescribeFastLaunchImages": { - "privilege": "DescribeFastLaunchImages", - "description": "Grants permission to describe fast-launch enabled Windows AMIs", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFastLaunchImages.html" - }, - "DescribeFastSnapshotRestores": { - "privilege": "DescribeFastSnapshotRestores", - "description": "Grants permission to describe the state of fast snapshot restores for snapshots", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFastSnapshotRestores.html" - }, - "DescribeFleetHistory": { - "privilege": "DescribeFleetHistory", - "description": "Grants permission to describe the events for an EC2 Fleet during a specified time", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFleetHistory.html" - }, - "DescribeFleetInstances": { - "privilege": "DescribeFleetInstances", - "description": "Grants permission to describe the running instances for an EC2 Fleet", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFleetInstances.html" - }, - "DescribeFleets": { - "privilege": "DescribeFleets", - "description": "Grants permission to describe one or more EC2 Fleets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFleets.html" - }, - "DescribeFlowLogs": { - "privilege": "DescribeFlowLogs", - "description": "Grants permission to describe one or more flow logs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFlowLogs.html" - }, - "DescribeFpgaImageAttribute": { - "privilege": "DescribeFpgaImageAttribute", - "description": "Grants permission to describe the attributes of an Amazon FPGA Image (AFI)", - "access_level": "List", - "resource_types": { - "fpga-image": { - "resource_type": "fpga-image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Owner", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFpgaImageAttribute.html" - }, - "DescribeFpgaImages": { - "privilege": "DescribeFpgaImages", - "description": "Grants permission to describe one or more Amazon FPGA Images (AFIs)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFpgaImages.html" - }, - "DescribeHostReservationOfferings": { - "privilege": "DescribeHostReservationOfferings", - "description": "Grants permission to describe the Dedicated Host Reservations that are available to purchase", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHostReservationOfferings.html" - }, - "DescribeHostReservations": { - "privilege": "DescribeHostReservations", - "description": "Grants permission to describe the Dedicated Host Reservations that are associated with Dedicated Hosts in the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHostReservations.html" - }, - "DescribeHosts": { - "privilege": "DescribeHosts", - "description": "Grants permission to describe one or more Dedicated Hosts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHosts.html" - }, - "DescribeIamInstanceProfileAssociations": { - "privilege": "DescribeIamInstanceProfileAssociations", - "description": "Grants permission to describe the IAM instance profile associations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIamInstanceProfileAssociations.html" - }, - "DescribeIdFormat": { - "privilege": "DescribeIdFormat", - "description": "Grants permission to describe the ID format settings for resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIdFormat.html" - }, - "DescribeIdentityIdFormat": { - "privilege": "DescribeIdentityIdFormat", - "description": "Grants permission to describe the ID format settings for resources for an IAM user, IAM role, or root user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIdentityIdFormat.html" - }, - "DescribeImageAttribute": { - "privilege": "DescribeImageAttribute", - "description": "Grants permission to describe an attribute of an Amazon Machine Image (AMI)", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html" - }, - "DescribeImages": { - "privilege": "DescribeImages", - "description": "Grants permission to describe one or more images (AMIs, AKIs, and ARIs)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html" - }, - "DescribeImportImageTasks": { - "privilege": "DescribeImportImageTasks", - "description": "Grants permission to describe import virtual machine or import snapshot tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImportImageTasks.html" - }, - "DescribeImportSnapshotTasks": { - "privilege": "DescribeImportSnapshotTasks", - "description": "Grants permission to describe import snapshot tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImportSnapshotTasks.html" - }, - "DescribeInstanceAttribute": { - "privilege": "DescribeInstanceAttribute", - "description": "Grants permission to describe the attributes of an instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceAttribute.html" - }, - "DescribeInstanceConnectEndpoints": { - "privilege": "DescribeInstanceConnectEndpoints", - "description": "Grants permission to describe EC2 Instance Connect Endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceConnectEndpoints.html" - }, - "DescribeInstanceCreditSpecifications": { - "privilege": "DescribeInstanceCreditSpecifications", - "description": "Grants permission to describe the credit option for CPU usage of one or more burstable performance instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceCreditSpecifications.html" - }, - "DescribeInstanceEventNotificationAttributes": { - "privilege": "DescribeInstanceEventNotificationAttributes", - "description": "Grants permission to describe the set of tags to include in notifications about scheduled events for your instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceEventNotificationAttributes.html" - }, - "DescribeInstanceEventWindows": { - "privilege": "DescribeInstanceEventWindows", - "description": "Grants permission to describe the specified event windows or all event windows", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceEventWindows.html" - }, - "DescribeInstanceStatus": { - "privilege": "DescribeInstanceStatus", - "description": "Grants permission to describe the status of one or more instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceStatus.html" - }, - "DescribeInstanceTypeOfferings": { - "privilege": "DescribeInstanceTypeOfferings", - "description": "Grants permission to describe the set of instance types that are offered in a location", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypeOfferings.html" - }, - "DescribeInstanceTypes": { - "privilege": "DescribeInstanceTypes", - "description": "Grants permission to describe the details of instance types that are offered in a location", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html" - }, - "DescribeInstances": { - "privilege": "DescribeInstances", - "description": "Grants permission to describe one or more instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html" - }, - "DescribeInternetGateways": { - "privilege": "DescribeInternetGateways", - "description": "Grants permission to describe one or more internet gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html" - }, - "DescribeIpamPools": { - "privilege": "DescribeIpamPools", - "description": "Grants permission to describe Amazon VPC IP Address Manager (IPAM) pools", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamPools.html" - }, - "DescribeIpamResourceDiscoveries": { - "privilege": "DescribeIpamResourceDiscoveries", - "description": "Grants permission to describe IPAM resource discoveries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamResourceDiscoveries.html" - }, - "DescribeIpamResourceDiscoveryAssociations": { - "privilege": "DescribeIpamResourceDiscoveryAssociations", - "description": "Grants permission to describe resource discovery associations with an Amazon VPC IPAM", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamResourceDiscoveryAssociations.html" - }, - "DescribeIpamScopes": { - "privilege": "DescribeIpamScopes", - "description": "Grants permission to describe Amazon VPC IP Address Manager (IPAM) scopes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamScopes.html" - }, - "DescribeIpams": { - "privilege": "DescribeIpams", - "description": "Grants permission to describe an Amazon VPC IP Address Manager (IPAM)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpams.html" - }, - "DescribeIpv6Pools": { - "privilege": "DescribeIpv6Pools", - "description": "Grants permission to describe one or more IPv6 address pools", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpv6Pools.html" - }, - "DescribeKeyPairs": { - "privilege": "DescribeKeyPairs", - "description": "Grants permission to describe one or more key pairs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeKeyPairs.html" - }, - "DescribeLaunchTemplateVersions": { - "privilege": "DescribeLaunchTemplateVersions", - "description": "Grants permission to describe one or more launch template versions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplateVersions.html" - }, - "DescribeLaunchTemplates": { - "privilege": "DescribeLaunchTemplates", - "description": "Grants permission to describe one or more launch templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html" - }, - "DescribeLocalGatewayRouteTablePermissions": { - "privilege": "DescribeLocalGatewayRouteTablePermissions", - "description": "Grants permission to allow a service to describe local gateway route table permissions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" - }, - "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations": { - "privilege": "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", - "description": "Grants permission to describe the associations between virtual interface groups and local gateway route tables", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations.html" - }, - "DescribeLocalGatewayRouteTableVpcAssociations": { - "privilege": "DescribeLocalGatewayRouteTableVpcAssociations", - "description": "Grants permission to describe an association between VPCs and local gateway route tables", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTableVpcAssociations.html" - }, - "DescribeLocalGatewayRouteTables": { - "privilege": "DescribeLocalGatewayRouteTables", - "description": "Grants permission to describe one or more local gateway route tables", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html" - }, - "DescribeLocalGatewayVirtualInterfaceGroups": { - "privilege": "DescribeLocalGatewayVirtualInterfaceGroups", - "description": "Grants permission to describe local gateway virtual interface groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaceGroups.html" - }, - "DescribeLocalGatewayVirtualInterfaces": { - "privilege": "DescribeLocalGatewayVirtualInterfaces", - "description": "Grants permission to describe local gateway virtual interfaces", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaces.html" - }, - "DescribeLocalGateways": { - "privilege": "DescribeLocalGateways", - "description": "Grants permission to describe one or more local gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html" - }, - "DescribeManagedPrefixLists": { - "privilege": "DescribeManagedPrefixLists", - "description": "Grants permission to describe your managed prefix lists and any AWS-managed prefix lists", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html" - }, - "DescribeMovingAddresses": { - "privilege": "DescribeMovingAddresses", - "description": "Grants permission to describe Elastic IP addresses that are being moved to the EC2-VPC platform", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeMovingAddresses.html" - }, - "DescribeNatGateways": { - "privilege": "DescribeNatGateways", - "description": "Grants permission to describe one or more NAT gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html" - }, - "DescribeNetworkAcls": { - "privilege": "DescribeNetworkAcls", - "description": "Grants permission to describe one or more network ACLs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html" - }, - "DescribeNetworkInsightsAccessScopeAnalyses": { - "privilege": "DescribeNetworkInsightsAccessScopeAnalyses", - "description": "Grants permission to describe one or more Network Access Scope analyses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAccessScopeAnalyses.html" - }, - "DescribeNetworkInsightsAccessScopes": { - "privilege": "DescribeNetworkInsightsAccessScopes", - "description": "Grants permission to describe the Network Access Scopes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAccessScopes.html" - }, - "DescribeNetworkInsightsAnalyses": { - "privilege": "DescribeNetworkInsightsAnalyses", - "description": "Grants permission to describe one or more network insights analyses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html" - }, - "DescribeNetworkInsightsPaths": { - "privilege": "DescribeNetworkInsightsPaths", - "description": "Grants permission to describe one or more network insights paths", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsPaths.html" - }, - "DescribeNetworkInterfaceAttribute": { - "privilege": "DescribeNetworkInterfaceAttribute", - "description": "Grants permission to describe a network interface attribute", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaceAttribute.html" - }, - "DescribeNetworkInterfacePermissions": { - "privilege": "DescribeNetworkInterfacePermissions", - "description": "Grants permission to describe the permissions that are associated with a network interface", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfacePermissions.html" - }, - "DescribeNetworkInterfaces": { - "privilege": "DescribeNetworkInterfaces", - "description": "Grants permission to describe one or more network interfaces", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html" - }, - "DescribePlacementGroups": { - "privilege": "DescribePlacementGroups", - "description": "Grants permission to describe one or more placement groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePlacementGroups.html" - }, - "DescribePrefixLists": { - "privilege": "DescribePrefixLists", - "description": "Grants permission to describe available AWS services in a prefix list format", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html" - }, - "DescribePrincipalIdFormat": { - "privilege": "DescribePrincipalIdFormat", - "description": "Grants permission to describe the ID format settings for the root user and all IAM roles and IAM users that have explicitly specified a longer ID (17-character ID) preference", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrincipalIdFormat.html" - }, - "DescribePublicIpv4Pools": { - "privilege": "DescribePublicIpv4Pools", - "description": "Grants permission to describe one or more IPv4 address pools", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePublicIpv4Pools.html" - }, - "DescribeRegions": { - "privilege": "DescribeRegions", - "description": "Grants permission to describe one or more AWS Regions that are currently available in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html" - }, - "DescribeReplaceRootVolumeTasks": { - "privilege": "DescribeReplaceRootVolumeTasks", - "description": "Grants permission to describe a root volume replacement task", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReplaceRootVolumeTasks.html" - }, - "DescribeReservedInstances": { - "privilege": "DescribeReservedInstances", - "description": "Grants permission to describe one or more purchased Reserved Instances in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstances.html" - }, - "DescribeReservedInstancesListings": { - "privilege": "DescribeReservedInstancesListings", - "description": "Grants permission to describe your account's Reserved Instance listings in the Reserved Instance Marketplace", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstancesListings.html" - }, - "DescribeReservedInstancesModifications": { - "privilege": "DescribeReservedInstancesModifications", - "description": "Grants permission to describe the modifications made to one or more Reserved Instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstancesModifications.html" - }, - "DescribeReservedInstancesOfferings": { - "privilege": "DescribeReservedInstancesOfferings", - "description": "Grants permission to describe the Reserved Instance offerings that are available for purchase", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstancesOfferings.html" - }, - "DescribeRouteTables": { - "privilege": "DescribeRouteTables", - "description": "Grants permission to describe one or more route tables", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html" - }, - "DescribeScheduledInstanceAvailability": { - "privilege": "DescribeScheduledInstanceAvailability", - "description": "Grants permission to find available schedules for Scheduled Instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeScheduledInstanceAvailability.html" - }, - "DescribeScheduledInstances": { - "privilege": "DescribeScheduledInstances", - "description": "Grants permission to describe one or more Scheduled Instances in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeScheduledInstances.html" - }, - "DescribeSecurityGroupReferences": { - "privilege": "DescribeSecurityGroupReferences", - "description": "Grants permission to describe the VPCs on the other side of a VPC peering connection that are referencing specified VPC security groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroupReferences.html" - }, - "DescribeSecurityGroupRules": { - "privilege": "DescribeSecurityGroupRules", - "description": "Grants permission to describe one or more of your security group rules", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroupRules.html" - }, - "DescribeSecurityGroups": { - "privilege": "DescribeSecurityGroups", - "description": "Grants permission to describe one or more security groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html" - }, - "DescribeSnapshotAttribute": { - "privilege": "DescribeSnapshotAttribute", - "description": "Grants permission to describe an attribute of a snapshot", - "access_level": "List", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Encrypted", - "ec2:OutpostArn", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSnapshotAttribute.html" - }, - "DescribeSnapshotTierStatus": { - "privilege": "DescribeSnapshotTierStatus", - "description": "Grants permission to describe the storage tier status for Amazon EBS snapshots", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSnapshotTierStatus.html" - }, - "DescribeSnapshots": { - "privilege": "DescribeSnapshots", - "description": "Grants permission to describe one or more EBS snapshots", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSnapshots.html" - }, - "DescribeSpotDatafeedSubscription": { - "privilege": "DescribeSpotDatafeedSubscription", - "description": "Grants permission to describe the data feed for Spot Instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotDatafeedSubscription.html" - }, - "DescribeSpotFleetInstances": { - "privilege": "DescribeSpotFleetInstances", - "description": "Grants permission to describe the running instances for a Spot Fleet", - "access_level": "List", - "resource_types": { - "spot-fleet-request": { - "resource_type": "spot-fleet-request", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotFleetInstances.html" - }, - "DescribeSpotFleetRequestHistory": { - "privilege": "DescribeSpotFleetRequestHistory", - "description": "Grants permission to describe the events for a Spot Fleet request during a specified time", - "access_level": "List", - "resource_types": { - "spot-fleet-request": { - "resource_type": "spot-fleet-request", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotFleetRequestHistory.html" - }, - "DescribeSpotFleetRequests": { - "privilege": "DescribeSpotFleetRequests", - "description": "Grants permission to describe one or more Spot Fleet requests", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotFleetRequests.html" - }, - "DescribeSpotInstanceRequests": { - "privilege": "DescribeSpotInstanceRequests", - "description": "Grants permission to describe one or more Spot Instance requests", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotInstanceRequests.html" - }, - "DescribeSpotPriceHistory": { - "privilege": "DescribeSpotPriceHistory", - "description": "Grants permission to describe the Spot Instance price history", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotPriceHistory.html" - }, - "DescribeStaleSecurityGroups": { - "privilege": "DescribeStaleSecurityGroups", - "description": "Grants permission to describe the stale security group rules for security groups in a specified VPC", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeStaleSecurityGroups.html" - }, - "DescribeStoreImageTasks": { - "privilege": "DescribeStoreImageTasks", - "description": "Grants permission to describe the progress of the AMI store tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeStoreImageTasks.html" - }, - "DescribeSubnets": { - "privilege": "DescribeSubnets", - "description": "Grants permission to describe one or more subnets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to describe one or more tags for an Amazon EC2 resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTags.html" - }, - "DescribeTrafficMirrorFilters": { - "privilege": "DescribeTrafficMirrorFilters", - "description": "Grants permission to describe one or more traffic mirror filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrafficMirrorFilters.html" - }, - "DescribeTrafficMirrorSessions": { - "privilege": "DescribeTrafficMirrorSessions", - "description": "Grants permission to describe one or more traffic mirror sessions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrafficMirrorSessions.html" - }, - "DescribeTrafficMirrorTargets": { - "privilege": "DescribeTrafficMirrorTargets", - "description": "Grants permission to describe one or more traffic mirror targets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrafficMirrorTargets.html" - }, - "DescribeTransitGatewayAttachments": { - "privilege": "DescribeTransitGatewayAttachments", - "description": "Grants permission to describe one or more attachments between resources and transit gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html" - }, - "DescribeTransitGatewayConnectPeers": { - "privilege": "DescribeTransitGatewayConnectPeers", - "description": "Grants permission to describe one or more transit gateway connect peers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayConnectPeers.html" - }, - "DescribeTransitGatewayConnects": { - "privilege": "DescribeTransitGatewayConnects", - "description": "Grants permission to describe one or more transit gateway connect attachments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayConnects.html" - }, - "DescribeTransitGatewayMulticastDomains": { - "privilege": "DescribeTransitGatewayMulticastDomains", - "description": "Grants permission to describe one or more transit gateway multicast domains", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayMulticastDomains.html" - }, - "DescribeTransitGatewayPeeringAttachments": { - "privilege": "DescribeTransitGatewayPeeringAttachments", - "description": "Grants permission to describe one or more transit gateway peering attachments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPeeringAttachments.html" - }, - "DescribeTransitGatewayPolicyTables": { - "privilege": "DescribeTransitGatewayPolicyTables", - "description": "Grants permission to describe a transit gateway policy table", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPolicyTables.html" - }, - "DescribeTransitGatewayRouteTableAnnouncements": { - "privilege": "DescribeTransitGatewayRouteTableAnnouncements", - "description": "Grants permission to describe a transit gateway route table announcement", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTableAnnouncements.html" - }, - "DescribeTransitGatewayRouteTables": { - "privilege": "DescribeTransitGatewayRouteTables", - "description": "Grants permission to describe one or more transit gateway route tables", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTables.html" - }, - "DescribeTransitGatewayVpcAttachments": { - "privilege": "DescribeTransitGatewayVpcAttachments", - "description": "Grants permission to describe one or more VPC attachments on a transit gateway", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayVpcAttachments.html" - }, - "DescribeTransitGateways": { - "privilege": "DescribeTransitGateways", - "description": "Grants permission to describe one or more transit gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html" - }, - "DescribeTrunkInterfaceAssociations": { - "privilege": "DescribeTrunkInterfaceAssociations", - "description": "Grants permission to describe one or more network interface trunk associations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrunkInterfaceAssociations.html" - }, - "DescribeVerifiedAccessEndpoints": { - "privilege": "DescribeVerifiedAccessEndpoints", - "description": "Grants permission to describe the specified Verified Access endpoints or all Verified Access endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessEndpoints.html" - }, - "DescribeVerifiedAccessGroups": { - "privilege": "DescribeVerifiedAccessGroups", - "description": "Grants permission to describe the specified Verified Access groups or all Verified Access groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessGroups.html" - }, - "DescribeVerifiedAccessInstanceLoggingConfigurations": { - "privilege": "DescribeVerifiedAccessInstanceLoggingConfigurations", - "description": "Grants permission to describe the current logging configuration for the Verified Access instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessInstanceLoggingConfigurations.html" - }, - "DescribeVerifiedAccessInstanceWebAclAssociations": { - "privilege": "DescribeVerifiedAccessInstanceWebAclAssociations", - "description": "Grants permission to describe the AWS Web Application Firewall (WAF) web access control list (ACL) associations for a Verified Access instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" - }, - "DescribeVerifiedAccessInstances": { - "privilege": "DescribeVerifiedAccessInstances", - "description": "Grants permission to describe the specified Verified Access instances or all Verified Access instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessInstances.html" - }, - "DescribeVerifiedAccessTrustProviders": { - "privilege": "DescribeVerifiedAccessTrustProviders", - "description": "Grants permission to describe details of existing Verified Access trust providers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessTrustProviders.html" - }, - "DescribeVolumeAttribute": { - "privilege": "DescribeVolumeAttribute", - "description": "Grants permission to describe an attribute of an EBS volume", - "access_level": "List", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumeAttribute.html" - }, - "DescribeVolumeStatus": { - "privilege": "DescribeVolumeStatus", - "description": "Grants permission to describe the status of one or more EBS volumes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumeStatus.html" - }, - "DescribeVolumes": { - "privilege": "DescribeVolumes", - "description": "Grants permission to describe one or more EBS volumes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html" - }, - "DescribeVolumesModifications": { - "privilege": "DescribeVolumesModifications", - "description": "Grants permission to describe the current modification status of one or more EBS volumes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumesModifications.html" - }, - "DescribeVpcAttribute": { - "privilege": "DescribeVpcAttribute", - "description": "Grants permission to describe an attribute of a VPC", - "access_level": "List", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcAttribute.html" - }, - "DescribeVpcClassicLink": { - "privilege": "DescribeVpcClassicLink", - "description": "Grants permission to describe the ClassicLink status of one or more VPCs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcClassicLink.html" - }, - "DescribeVpcClassicLinkDnsSupport": { - "privilege": "DescribeVpcClassicLinkDnsSupport", - "description": "Grants permission to describe the ClassicLink DNS support status of one or more VPCs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcClassicLinkDnsSupport.html" - }, - "DescribeVpcEndpointConnectionNotifications": { - "privilege": "DescribeVpcEndpointConnectionNotifications", - "description": "Grants permission to describe the connection notifications for VPC endpoints and VPC endpoint services", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointConnectionNotifications.html" - }, - "DescribeVpcEndpointConnections": { - "privilege": "DescribeVpcEndpointConnections", - "description": "Grants permission to describe the VPC endpoint connections to your VPC endpoint services", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointConnections.html" - }, - "DescribeVpcEndpointServiceConfigurations": { - "privilege": "DescribeVpcEndpointServiceConfigurations", - "description": "Grants permission to describe VPC endpoint service configurations (your services)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServiceConfigurations.html" - }, - "DescribeVpcEndpointServicePermissions": { - "privilege": "DescribeVpcEndpointServicePermissions", - "description": "Grants permission to describe the principals (service consumers) that are permitted to discover your VPC endpoint service", - "access_level": "List", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServicePermissions.html" - }, - "DescribeVpcEndpointServices": { - "privilege": "DescribeVpcEndpointServices", - "description": "Grants permission to describe all supported AWS services that can be specified when creating a VPC endpoint", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html" - }, - "DescribeVpcEndpoints": { - "privilege": "DescribeVpcEndpoints", - "description": "Grants permission to describe one or more VPC endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html" - }, - "DescribeVpcPeeringConnections": { - "privilege": "DescribeVpcPeeringConnections", - "description": "Grants permission to describe one or more VPC peering connections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html" - }, - "DescribeVpcs": { - "privilege": "DescribeVpcs", - "description": "Grants permission to describe one or more VPCs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html" - }, - "DescribeVpnConnections": { - "privilege": "DescribeVpnConnections", - "description": "Grants permission to describe one or more VPN connections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html" - }, - "DescribeVpnGateways": { - "privilege": "DescribeVpnGateways", - "description": "Grants permission to describe one or more virtual private gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html" - }, - "DetachClassicLinkVpc": { - "privilege": "DetachClassicLinkVpc", - "description": "Grants permission to unlink (detach) a linked EC2-Classic instance from a VPC", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachClassicLinkVpc.html" - }, - "DetachInternetGateway": { - "privilege": "DetachInternetGateway", - "description": "Grants permission to detach an internet gateway from a VPC", - "access_level": "Write", - "resource_types": { - "internet-gateway": { - "resource_type": "internet-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachInternetGateway.html" - }, - "DetachNetworkInterface": { - "privilege": "DetachNetworkInterface", - "description": "Grants permission to detach a network interface from an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachNetworkInterface.html" - }, - "DetachVerifiedAccessTrustProvider": { - "privilege": "DetachVerifiedAccessTrustProvider", - "description": "Grants permission to detach a trust provider from a Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-trust-provider": { - "resource_type": "verified-access-trust-provider", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVerifiedAccessTrustProvider.html" - }, - "DetachVolume": { - "privilege": "DetachVolume", - "description": "Grants permission to detach an EBS volume from an instance", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVolume.html" - }, - "DetachVpnGateway": { - "privilege": "DetachVpnGateway", - "description": "Grants permission to detach a virtual private gateway from a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVpnGateway.html" - }, - "DisableAddressTransfer": { - "privilege": "DisableAddressTransfer", - "description": "Grants permission to disable Elastic IP address transfer", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableAddressTransfer.html" - }, - "DisableAwsNetworkPerformanceMetricSubscription": { - "privilege": "DisableAwsNetworkPerformanceMetricSubscription", - "description": "Grants permission to disable infrastructure performance metric subscriptions", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableAwsNetworkPerformanceMetricSubscription.html" - }, - "DisableEbsEncryptionByDefault": { - "privilege": "DisableEbsEncryptionByDefault", - "description": "Grants permission to disable EBS encryption by default for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableEbsEncryptionByDefault.html" - }, - "DisableFastLaunch": { - "privilege": "DisableFastLaunch", - "description": "Grants permission to disable faster launching for Windows AMIs", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableFastLaunch.html" - }, - "DisableFastSnapshotRestores": { - "privilege": "DisableFastSnapshotRestores", - "description": "Grants permission to disable fast snapshot restores for one or more snapshots in specified Availability Zones", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableFastSnapshotRestores.html" - }, - "DisableImageDeprecation": { - "privilege": "DisableImageDeprecation", - "description": "Grants permission to cancel the deprecation of the specified AMI", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableImageDeprecation.html" - }, - "DisableIpamOrganizationAdminAccount": { - "privilege": "DisableIpamOrganizationAdminAccount", - "description": "Grants permission to disable an AWS Organizations member account as an Amazon VPC IP Address Manager (IPAM) admin account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [ - "organizations:DeregisterDelegatedAdministrator" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableIpamOrganizationAdminAccount.html" - }, - "DisableSerialConsoleAccess": { - "privilege": "DisableSerialConsoleAccess", - "description": "Grants permission to disable access to the EC2 serial console of all instances for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableSerialConsoleAccess.html" - }, - "DisableTransitGatewayRouteTablePropagation": { - "privilege": "DisableTransitGatewayRouteTablePropagation", - "description": "Grants permission to disable a resource attachment from propagating routes to the specified propagation route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table-announcement": { - "resource_type": "transit-gateway-route-table-announcement", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableTransitGatewayRouteTablePropagation.html" - }, - "DisableVgwRoutePropagation": { - "privilege": "DisableVgwRoutePropagation", - "description": "Grants permission to disable a virtual private gateway from propagating routes to a specified route table of a VPC", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableVgwRoutePropagation.html" - }, - "DisableVpcClassicLink": { - "privilege": "DisableVpcClassicLink", - "description": "Grants permission to disable ClassicLink for a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableVpcClassicLink.html" - }, - "DisableVpcClassicLinkDnsSupport": { - "privilege": "DisableVpcClassicLinkDnsSupport", - "description": "Grants permission to disable ClassicLink DNS support for a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableVpcClassicLinkDnsSupport.html" - }, - "DisassociateAddress": { - "privilege": "DisassociateAddress", - "description": "Grants permission to disassociate an Elastic IP address from an instance or network interface", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateAddress.html" - }, - "DisassociateClientVpnTargetNetwork": { - "privilege": "DisassociateClientVpnTargetNetwork", - "description": "Grants permission to disassociate a target network from a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateClientVpnTargetNetwork.html" - }, - "DisassociateEnclaveCertificateIamRole": { - "privilege": "DisassociateEnclaveCertificateIamRole", - "description": "Grants permission to disassociate an ACM certificate from a IAM role", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateEnclaveCertificateIamRole.html" - }, - "DisassociateIamInstanceProfile": { - "privilege": "DisassociateIamInstanceProfile", - "description": "Grants permission to disassociate an IAM instance profile from a running or stopped instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html" - }, - "DisassociateInstanceEventWindow": { - "privilege": "DisassociateInstanceEventWindow", - "description": "Grants permission to disassociate one or more targets from an event window", - "access_level": "Write", - "resource_types": { - "instance-event-window": { - "resource_type": "instance-event-window", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateInstanceEventWindow.html" - }, - "DisassociateIpamResourceDiscovery": { - "privilege": "DisassociateIpamResourceDiscovery", - "description": "Grants permission to disassociate a resource discovery from an Amazon VPC IPAM", - "access_level": "Write", - "resource_types": { - "ipam-resource-discovery-association": { - "resource_type": "ipam-resource-discovery-association", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIpamResourceDiscovery.html" - }, - "DisassociateNatGatewayAddress": { - "privilege": "DisassociateNatGatewayAddress", - "description": "Grants permission to disassociate a secondary Elastic IP address from a public NAT gateway", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "natgateway": { - "resource_type": "natgateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AuthorizedUser", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:Permission", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateNatGatewayAddress.html" - }, - "DisassociateRouteTable": { - "privilege": "DisassociateRouteTable", - "description": "Grants permission to disassociate a subnet from a route table", - "access_level": "Write", - "resource_types": { - "internet-gateway": { - "resource_type": "internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv6pool-ec2": { - "resource_type": "ipv6pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "route-table": { - "resource_type": "route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateRouteTable.html" - }, - "DisassociateSubnetCidrBlock": { - "privilege": "DisassociateSubnetCidrBlock", - "description": "Grants permission to disassociate a CIDR block from a subnet", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateSubnetCidrBlock.html" - }, - "DisassociateTransitGatewayMulticastDomain": { - "privilege": "DisassociateTransitGatewayMulticastDomain", - "description": "Grants permission to disassociate one or more subnets from a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTransitGatewayMulticastDomain.html" - }, - "DisassociateTransitGatewayPolicyTable": { - "privilege": "DisassociateTransitGatewayPolicyTable", - "description": "Grants permission to disassociate a policy table from a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTransitGatewayPolicyTable.html" - }, - "DisassociateTransitGatewayRouteTable": { - "privilege": "DisassociateTransitGatewayRouteTable", - "description": "Grants permission to disassociate a resource attachment from a transit gateway route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTransitGatewayRouteTable.html" - }, - "DisassociateTrunkInterface": { - "privilege": "DisassociateTrunkInterface", - "description": "Grants permission to disassociate a branch network interface to a trunk network interface", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTrunkInterface.html" - }, - "DisassociateVerifiedAccessInstanceWebAcl": { - "privilege": "DisassociateVerifiedAccessInstanceWebAcl", - "description": "Grants permission to disassociate an AWS Web Application Firewall (WAF) web access control list (ACL) from a Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" - }, - "DisassociateVpcCidrBlock": { - "privilege": "DisassociateVpcCidrBlock", - "description": "Grants permission to disassociate a CIDR block from a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateVpcCidrBlock.html" - }, - "EnableAddressTransfer": { - "privilege": "EnableAddressTransfer", - "description": "Grants permission to enable Elastic IP address transfer", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableAddressTransfer.html" - }, - "EnableAwsNetworkPerformanceMetricSubscription": { - "privilege": "EnableAwsNetworkPerformanceMetricSubscription", - "description": "Grants permission to enable infrastructure performance subscriptions", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableAwsNetworkPerformanceMetricSubscription.html" - }, - "EnableEbsEncryptionByDefault": { - "privilege": "EnableEbsEncryptionByDefault", - "description": "Grants permission to enable EBS encryption by default for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableEbsEncryptionByDefault.html" - }, - "EnableFastLaunch": { - "privilege": "EnableFastLaunch", - "description": "Grants permission to enable faster launching for Windows AMIs", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableFastLaunch.html" - }, - "EnableFastSnapshotRestores": { - "privilege": "EnableFastSnapshotRestores", - "description": "Grants permission to enable fast snapshot restores for one or more snapshots in specified Availability Zones", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableFastSnapshotRestores.html" - }, - "EnableImageDeprecation": { - "privilege": "EnableImageDeprecation", - "description": "Grants permission to enable deprecation of the specified AMI at the specified date and time", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableImageDeprecation.html" - }, - "EnableIpamOrganizationAdminAccount": { - "privilege": "EnableIpamOrganizationAdminAccount", - "description": "Grants permission to enable an AWS Organizations member account as an Amazon VPC IP Address Manager (IPAM) admin account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "organizations:EnableAWSServiceAccess", - "organizations:RegisterDelegatedAdministrator" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableIpamOrganizationAdminAccount.html" - }, - "EnableReachabilityAnalyzerOrganizationSharing": { - "privilege": "EnableReachabilityAnalyzerOrganizationSharing", - "description": "Grants permission to enable organization sharing of reachability analyzer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "organizations:EnableAWSServiceAccess" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableReachabilityAnalyzerOrganizationSharing.html" - }, - "EnableSerialConsoleAccess": { - "privilege": "EnableSerialConsoleAccess", - "description": "Grants permission to enable access to the EC2 serial console of all instances for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableSerialConsoleAccess.html" - }, - "EnableTransitGatewayRouteTablePropagation": { - "privilege": "EnableTransitGatewayRouteTablePropagation", - "description": "Grants permission to enable an attachment to propagate routes to a propagation route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table-announcement": { - "resource_type": "transit-gateway-route-table-announcement", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableTransitGatewayRouteTablePropagation.html" - }, - "EnableVgwRoutePropagation": { - "privilege": "EnableVgwRoutePropagation", - "description": "Grants permission to enable a virtual private gateway to propagate routes to a VPC route table", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "vpn-gateway": { - "resource_type": "vpn-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVgwRoutePropagation.html" - }, - "EnableVolumeIO": { - "privilege": "EnableVolumeIO", - "description": "Grants permission to enable I/O operations for a volume that had I/O operations disabled", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVolumeIO.html" - }, - "EnableVpcClassicLink": { - "privilege": "EnableVpcClassicLink", - "description": "Grants permission to enable a VPC for ClassicLink", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVpcClassicLink.html" - }, - "EnableVpcClassicLinkDnsSupport": { - "privilege": "EnableVpcClassicLinkDnsSupport", - "description": "Grants permission to enable a VPC to support DNS hostname resolution for ClassicLink", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVpcClassicLinkDnsSupport.html" - }, - "ExportClientVpnClientCertificateRevocationList": { - "privilege": "ExportClientVpnClientCertificateRevocationList", - "description": "Grants permission to download the client certificate revocation list for a Client VPN endpoint", - "access_level": "Read", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportClientVpnClientCertificateRevocationList.html" - }, - "ExportClientVpnClientConfiguration": { - "privilege": "ExportClientVpnClientConfiguration", - "description": "Grants permission to download the contents of the Client VPN endpoint configuration file for a Client VPN endpoint", - "access_level": "Read", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportClientVpnClientConfiguration.html" - }, - "ExportImage": { - "privilege": "ExportImage", - "description": "Grants permission to export an Amazon Machine Image (AMI) to a VM file", - "access_level": "Write", - "resource_types": { - "export-image-task": { - "resource_type": "export-image-task", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportImage.html" - }, - "ExportTransitGatewayRoutes": { - "privilege": "ExportTransitGatewayRoutes", - "description": "Grants permission to export routes from a transit gateway route table to an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportTransitGatewayRoutes.html" - }, - "GetAssociatedEnclaveCertificateIamRoles": { - "privilege": "GetAssociatedEnclaveCertificateIamRoles", - "description": "Grants permission to get the list of roles associated with an ACM certificate", - "access_level": "Read", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetAssociatedEnclaveCertificateIamRoles.html" - }, - "GetAssociatedIpv6PoolCidrs": { - "privilege": "GetAssociatedIpv6PoolCidrs", - "description": "Grants permission to get information about the IPv6 CIDR block associations for a specified IPv6 address pool", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetAssociatedIpv6PoolCidrs.html" - }, - "GetAwsNetworkPerformanceData": { - "privilege": "GetAwsNetworkPerformanceData", - "description": "Grants permission to get network performance data", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetAwsNetworkPerformanceData.html" - }, - "GetCapacityReservationUsage": { - "privilege": "GetCapacityReservationUsage", - "description": "Grants permission to get usage information about a Capacity Reservation", - "access_level": "Read", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:CapacityReservationFleet", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetCapacityReservationUsage.html" - }, - "GetCoipPoolUsage": { - "privilege": "GetCoipPoolUsage", - "description": "Grants permission to describe the allocations from the specified customer-owned address pool", - "access_level": "Read", - "resource_types": { - "coip-pool": { - "resource_type": "coip-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetCoipPoolUsage.html" - }, - "GetConsoleOutput": { - "privilege": "GetConsoleOutput", - "description": "Grants permission to get the console output for an instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetConsoleOutput.html" - }, - "GetConsoleScreenshot": { - "privilege": "GetConsoleScreenshot", - "description": "Grants permission to retrieve a JPG-format screenshot of a running instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:NewInstanceProfile", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetConsoleScreenshot.html" - }, - "GetDefaultCreditSpecification": { - "privilege": "GetDefaultCreditSpecification", - "description": "Grants permission to get the default credit option for CPU usage of a burstable performance instance family", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetDefaultCreditSpecification.html" - }, - "GetEbsDefaultKmsKeyId": { - "privilege": "GetEbsDefaultKmsKeyId", - "description": "Grants permission to get the ID of the default customer master key (CMK) for EBS encryption by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html" - }, - "GetEbsEncryptionByDefault": { - "privilege": "GetEbsEncryptionByDefault", - "description": "Grants permission to describe whether EBS encryption by default is enabled for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsEncryptionByDefault.html" - }, - "GetFlowLogsIntegrationTemplate": { - "privilege": "GetFlowLogsIntegrationTemplate", - "description": "Grants permission to generate a CloudFormation template to streamline the integration of VPC flow logs with Amazon Athena", - "access_level": "Read", - "resource_types": { - "vpc-flow-log": { - "resource_type": "vpc-flow-log", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetFlowLogsIntegrationTemplate.html" - }, - "GetGroupsForCapacityReservation": { - "privilege": "GetGroupsForCapacityReservation", - "description": "Grants permission to list the resource groups to which a Capacity Reservation has been added", - "access_level": "List", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:CapacityReservationFleet", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetGroupsForCapacityReservation.html" - }, - "GetHostReservationPurchasePreview": { - "privilege": "GetHostReservationPurchasePreview", - "description": "Grants permission to preview a reservation purchase with configurations that match those of a Dedicated Host", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetHostReservationPurchasePreview.html" - }, - "GetInstanceTypesFromInstanceRequirements": { - "privilege": "GetInstanceTypesFromInstanceRequirements", - "description": "Grants permission to view a list of instance types with specified instance attributes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html" - }, - "GetInstanceUefiData": { - "privilege": "GetInstanceUefiData", - "description": "Grants permission to retrieve the binary representation of the UEFI variable store", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:NewInstanceProfile", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceUefiData.html" - }, - "GetIpamAddressHistory": { - "privilege": "GetIpamAddressHistory", - "description": "Grants permission to retrieve historical information about a CIDR within an Amazon VPC IP Address Manager (IPAM) scope", - "access_level": "Read", - "resource_types": { - "ipam-scope": { - "resource_type": "ipam-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamAddressHistory.html" - }, - "GetIpamDiscoveredAccounts": { - "privilege": "GetIpamDiscoveredAccounts", - "description": "Grants permission to retrieve IPAM discovered accounts", - "access_level": "Read", - "resource_types": { - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamDiscoveredAccounts.html" - }, - "GetIpamDiscoveredResourceCidrs": { - "privilege": "GetIpamDiscoveredResourceCidrs", - "description": "Grants permission to retrieve the resource CIDRs that are monitored as part of a resource discovery", - "access_level": "Read", - "resource_types": { - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamDiscoveredResourceCidrs.html" - }, - "GetIpamPoolAllocations": { - "privilege": "GetIpamPoolAllocations", - "description": "Grants permission to get a list of all the CIDR allocations in an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "List", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamPoolAllocations.html" - }, - "GetIpamPoolCidrs": { - "privilege": "GetIpamPoolCidrs", - "description": "Grants permission to get the CIDRs provisioned to an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "Read", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamPoolCidrs.html" - }, - "GetIpamResourceCidrs": { - "privilege": "GetIpamResourceCidrs", - "description": "Grants permission to get information about the resources in an Amazon VPC IP Address Manager (IPAM) scope", - "access_level": "Read", - "resource_types": { - "ipam-scope": { - "resource_type": "ipam-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamResourceCidrs.html" - }, - "GetLaunchTemplateData": { - "privilege": "GetLaunchTemplateData", - "description": "Grants permission to get the configuration data of the specified instance for use with a new launch template or launch template version", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetLaunchTemplateData.html" - }, - "GetManagedPrefixListAssociations": { - "privilege": "GetManagedPrefixListAssociations", - "description": "Grants permission to get information about the resources that are associated with the specified managed prefix list", - "access_level": "Read", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetManagedPrefixListAssociations.html" - }, - "GetManagedPrefixListEntries": { - "privilege": "GetManagedPrefixListEntries", - "description": "Grants permission to get information about the entries for a specified managed prefix list", - "access_level": "Read", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetManagedPrefixListEntries.html" - }, - "GetNetworkInsightsAccessScopeAnalysisFindings": { - "privilege": "GetNetworkInsightsAccessScopeAnalysisFindings", - "description": "Grants permission to get the findings for one or more Network Access Scope analyses", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetNetworkInsightsAccessScopeAnalysisFindings.html" - }, - "GetNetworkInsightsAccessScopeContent": { - "privilege": "GetNetworkInsightsAccessScopeContent", - "description": "Grants permission to get the content for a specified Network Access Scope", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetNetworkInsightsAccessScopeContent.html" - }, - "GetPasswordData": { - "privilege": "GetPasswordData", - "description": "Grants permission to retrieve the encrypted administrator password for a running Windows instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html" - }, - "GetReservedInstancesExchangeQuote": { - "privilege": "GetReservedInstancesExchangeQuote", - "description": "Grants permission to return a quote and exchange information for exchanging one or more Convertible Reserved Instances for a new Convertible Reserved Instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetReservedInstancesExchangeQuote.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to describe an IAM policy that enables cross-account sharing", - "access_level": "Read", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-group": { - "resource_type": "verified-access-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/share-pool-ipam.html" - }, - "GetSerialConsoleAccessStatus": { - "privilege": "GetSerialConsoleAccessStatus", - "description": "Grants permission to retrieve the access status of your account to the EC2 serial console of all instances", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSerialConsoleAccessStatus.html" - }, - "GetSpotPlacementScores": { - "privilege": "GetSpotPlacementScores", - "description": "Grants permission to calculate the Spot placement score for a Region or Availability Zone based on the specified target capacity and compute requirements", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html" - }, - "GetSubnetCidrReservations": { - "privilege": "GetSubnetCidrReservations", - "description": "Grants permission to retrieve information about the subnet CIDR reservations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSubnetCidrReservations.html" - }, - "GetTransitGatewayAttachmentPropagations": { - "privilege": "GetTransitGatewayAttachmentPropagations", - "description": "Grants permission to list the route tables to which a resource attachment propagates routes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayAttachmentPropagations.html" - }, - "GetTransitGatewayMulticastDomainAssociations": { - "privilege": "GetTransitGatewayMulticastDomainAssociations", - "description": "Grants permission to get information about the associations for a transit gateway multicast domain", - "access_level": "List", - "resource_types": { - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayMulticastDomainAssociations.html" - }, - "GetTransitGatewayPolicyTableAssociations": { - "privilege": "GetTransitGatewayPolicyTableAssociations", - "description": "Grants permission to get information about associations for a transit gateway policy table", - "access_level": "List", - "resource_types": { - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayPolicyTableAssociations.html" - }, - "GetTransitGatewayPolicyTableEntries": { - "privilege": "GetTransitGatewayPolicyTableEntries", - "description": "Grants permission to get information about associations for a transit gateway policy table entry", - "access_level": "List", - "resource_types": { - "transit-gateway-policy-table": { - "resource_type": "transit-gateway-policy-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayPolicyTableEntries.html" - }, - "GetTransitGatewayPrefixListReferences": { - "privilege": "GetTransitGatewayPrefixListReferences", - "description": "Grants permission to get information about prefix list references for a transit gateway route table", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayPrefixListReferences.html" - }, - "GetTransitGatewayRouteTableAssociations": { - "privilege": "GetTransitGatewayRouteTableAssociations", - "description": "Grants permission to get information about associations for a transit gateway route table", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTableAssociations.html" - }, - "GetTransitGatewayRouteTablePropagations": { - "privilege": "GetTransitGatewayRouteTablePropagations", - "description": "Grants permission to get information about the route table propagations for a transit gateway route table", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTablePropagations.html" - }, - "GetVerifiedAccessEndpointPolicy": { - "privilege": "GetVerifiedAccessEndpointPolicy", - "description": "Grants permission to show the Verified Access policy associated with the endpoint", - "access_level": "List", - "resource_types": { - "verified-access-endpoint": { - "resource_type": "verified-access-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVerifiedAccessEndpointPolicy.html" - }, - "GetVerifiedAccessGroupPolicy": { - "privilege": "GetVerifiedAccessGroupPolicy", - "description": "Grants permission to show the contents of the Verified Access policy associated with the group", - "access_level": "List", - "resource_types": { - "verified-access-group": { - "resource_type": "verified-access-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVerifiedAccessGroupPolicy.html" - }, - "GetVerifiedAccessInstanceWebAcl": { - "privilege": "GetVerifiedAccessInstanceWebAcl", - "description": "Grants permission to show the AWS Web Application Firewall (WAF) web access control list (ACL) for a Verified Access instance", - "access_level": "List", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" - }, - "GetVpnConnectionDeviceSampleConfiguration": { - "privilege": "GetVpnConnectionDeviceSampleConfiguration", - "description": "Grants permission to download an AWS-provided sample configuration file to be used with the customer gateway device", - "access_level": "List", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpn-connection-device-type": { - "resource_type": "vpn-connection-device-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVpnConnectionDeviceSampleConfiguration.html" - }, - "GetVpnConnectionDeviceTypes": { - "privilege": "GetVpnConnectionDeviceTypes", - "description": "Grants permission to obtain a list of customer gateway devices for which sample configuration files can be provided", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVpnConnectionDeviceTypes.html" - }, - "GetVpnTunnelReplacementStatus": { - "privilege": "GetVpnTunnelReplacementStatus", - "description": "Grants permission to view available tunnel endpoint maintenance events", - "access_level": "List", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVpnTunnelReplacementStatus.html" - }, - "ImportByoipCidrToIpam": { - "privilege": "ImportByoipCidrToIpam", - "description": "Grants permission to transfer existing BYOIP IPv4 CIDRs to IPAM", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoip-ipam-transfer-ipv4.html" - }, - "ImportClientVpnClientCertificateRevocationList": { - "privilege": "ImportClientVpnClientCertificateRevocationList", - "description": "Grants permission to upload a client certificate revocation list to a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportClientVpnClientCertificateRevocationList.html" - }, - "ImportImage": { - "privilege": "ImportImage", - "description": "Grants permission to import single or multi-volume disk images or EBS snapshots into an Amazon Machine Image (AMI)", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:RootDeviceType" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "import-image-task": { - "resource_type": "import-image-task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportImage.html" - }, - "ImportInstance": { - "privilege": "ImportInstance", - "description": "Grants permission to create an import instance task using metadata from a disk image", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:InstanceID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html" - }, - "ImportKeyPair": { - "privilege": "ImportKeyPair", - "description": "Grants permission to import a public key from an RSA key pair that was created with a third-party tool", - "access_level": "Write", - "resource_types": { - "key-pair": { - "resource_type": "key-pair", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html" - }, - "ImportSnapshot": { - "privilege": "ImportSnapshot", - "description": "Grants permission to import a disk into an EBS snapshot", - "access_level": "Write", - "resource_types": { - "import-snapshot-task": { - "resource_type": "import-snapshot-task", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "ec2:Owner", - "ec2:ParentVolume", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportSnapshot.html" - }, - "ImportVolume": { - "privilege": "ImportVolume", - "description": "Grants permission to create an import volume task using metadata from a disk image", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportVolume.html" - }, - "ListImagesInRecycleBin": { - "privilege": "ListImagesInRecycleBin", - "description": "Grants permission to list Amazon Machine Images (AMIs) that are currently in the Recycle Bin", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ListImagesInRecycleBin.html" - }, - "ListSnapshotsInRecycleBin": { - "privilege": "ListSnapshotsInRecycleBin", - "description": "Grants permission to list the Amazon EBS snapshots that are currently in the Recycle Bin", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ListSnapshotsInRecycleBin.html" - }, - "ModifyAddressAttribute": { - "privilege": "ModifyAddressAttribute", - "description": "Grants permission to modify an attribute of the specified Elastic IP address", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyAddressAttribute.html" - }, - "ModifyAvailabilityZoneGroup": { - "privilege": "ModifyAvailabilityZoneGroup", - "description": "Grants permission to modify the opt-in status of the Local Zone and Wavelength Zone group for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyAvailabilityZoneGroup.html" - }, - "ModifyCapacityReservation": { - "privilege": "ModifyCapacityReservation", - "description": "Grants permission to modify a Capacity Reservation's capacity and the conditions under which it is to be released", - "access_level": "Write", - "resource_types": { - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:CapacityReservationFleet", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyCapacityReservation.html" - }, - "ModifyCapacityReservationFleet": { - "privilege": "ModifyCapacityReservationFleet", - "description": "Grants permission to modify a Capacity Reservation Fleet", - "access_level": "Write", - "resource_types": { - "capacity-reservation-fleet": { - "resource_type": "capacity-reservation-fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyCapacityReservationFleet.html" - }, - "ModifyClientVpnEndpoint": { - "privilege": "ModifyClientVpnEndpoint", - "description": "Grants permission to modify a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID" - ], - "dependent_actions": [] - }, - "vpc": { - "resource_type": "vpc", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyClientVpnEndpoint.html" - }, - "ModifyDefaultCreditSpecification": { - "privilege": "ModifyDefaultCreditSpecification", - "description": "Grants permission to change the account level default credit option for CPU usage of burstable performance instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyDefaultCreditSpecification.html" - }, - "ModifyEbsDefaultKmsKeyId": { - "privilege": "ModifyEbsDefaultKmsKeyId", - "description": "Grants permission to change the default customer master key (CMK) for EBS encryption by default for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyEbsDefaultKmsKeyId.html" - }, - "ModifyFleet": { - "privilege": "ModifyFleet", - "description": "Grants permission to modify an EC2 Fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:KeyPairName", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html" - }, - "ModifyFpgaImageAttribute": { - "privilege": "ModifyFpgaImageAttribute", - "description": "Grants permission to modify an attribute of an Amazon FPGA Image (AFI)", - "access_level": "Write", - "resource_types": { - "fpga-image": { - "resource_type": "fpga-image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFpgaImageAttribute.html" - }, - "ModifyHosts": { - "privilege": "ModifyHosts", - "description": "Grants permission to modify a Dedicated Host", - "access_level": "Write", - "resource_types": { - "dedicated-host": { - "resource_type": "dedicated-host", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyHosts.html" - }, - "ModifyIdFormat": { - "privilege": "ModifyIdFormat", - "description": "Grants permission to modify the ID format for a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIdFormat.html" - }, - "ModifyIdentityIdFormat": { - "privilege": "ModifyIdentityIdFormat", - "description": "Grants permission to modify the ID format of a resource for a specific principal in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIdentityIdFormat.html" - }, - "ModifyImageAttribute": { - "privilege": "ModifyImageAttribute", - "description": "Grants permission to modify an attribute of an Amazon Machine Image (AMI)", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyImageAttribute.html" - }, - "ModifyInstanceAttribute": { - "privilege": "ModifyInstanceAttribute", - "description": "Grants permission to modify an attribute of an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html" - }, - "ModifyInstanceCapacityReservationAttributes": { - "privilege": "ModifyInstanceCapacityReservationAttributes", - "description": "Grants permission to modify the Capacity Reservation settings for a stopped instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCapacityReservationAttributes.html" - }, - "ModifyInstanceCreditSpecification": { - "privilege": "ModifyInstanceCreditSpecification", - "description": "Grants permission to modify the credit option for CPU usage on an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html" - }, - "ModifyInstanceEventStartTime": { - "privilege": "ModifyInstanceEventStartTime", - "description": "Grants permission to modify the start time for a scheduled EC2 instance event", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute/${AttributeName}", - "ec2:InstanceID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceEventStartTime.html" - }, - "ModifyInstanceEventWindow": { - "privilege": "ModifyInstanceEventWindow", - "description": "Grants permission to modify the specified event window", - "access_level": "Write", - "resource_types": { - "instance-event-window": { - "resource_type": "instance-event-window", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceEventWindow.html" - }, - "ModifyInstanceMaintenanceOptions": { - "privilege": "ModifyInstanceMaintenanceOptions", - "description": "Grants permission to modify the recovery behaviour for an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceMaintenanceOptions.html" - }, - "ModifyInstanceMetadataOptions": { - "privilege": "ModifyInstanceMetadataOptions", - "description": "Grants permission to modify the metadata options for an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceMetadataOptions.html" - }, - "ModifyInstancePlacement": { - "privilege": "ModifyInstancePlacement", - "description": "Grants permission to modify the placement attributes for an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "dedicated-host": { - "resource_type": "dedicated-host", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstancePlacement.html" - }, - "ModifyIpam": { - "privilege": "ModifyIpam", - "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM)", - "access_level": "Write", - "resource_types": { - "ipam": { - "resource_type": "ipam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpam.html" - }, - "ModifyIpamPool": { - "privilege": "ModifyIpamPool", - "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamPool.html" - }, - "ModifyIpamResourceCidr": { - "privilege": "ModifyIpamResourceCidr", - "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM) resource CIDR", - "access_level": "Write", - "resource_types": { - "ipam-scope": { - "resource_type": "ipam-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamResourceCidr.html" - }, - "ModifyIpamResourceDiscovery": { - "privilege": "ModifyIpamResourceDiscovery", - "description": "Grants permission to modify a resource discovery", - "access_level": "Write", - "resource_types": { - "ipam-resource-discovery": { - "resource_type": "ipam-resource-discovery", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamResourceDiscovery.html" - }, - "ModifyIpamScope": { - "privilege": "ModifyIpamScope", - "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM) scope", - "access_level": "Write", - "resource_types": { - "ipam-scope": { - "resource_type": "ipam-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamScope.html" - }, - "ModifyLaunchTemplate": { - "privilege": "ModifyLaunchTemplate", - "description": "Grants permission to modify a launch template", - "access_level": "Write", - "resource_types": { - "launch-template": { - "resource_type": "launch-template", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyLaunchTemplate.html" - }, - "ModifyLocalGatewayRoute": { - "privilege": "ModifyLocalGatewayRoute", - "description": "Grants permission to modify a local gateway route", - "access_level": "Write", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "local-gateway-virtual-interface-group": { - "resource_type": "local-gateway-virtual-interface-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AuthorizedUser", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:Permission", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "prefix-list": { - "resource_type": "prefix-list", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyLocalGatewayRoute.html" - }, - "ModifyManagedPrefixList": { - "privilege": "ModifyManagedPrefixList", - "description": "Grants permission to modify a managed prefix list", - "access_level": "Write", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyManagedPrefixList.html" - }, - "ModifyNetworkInterfaceAttribute": { - "privilege": "ModifyNetworkInterfaceAttribute", - "description": "Grants permission to modify an attribute of a network interface", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyNetworkInterfaceAttribute.html" - }, - "ModifyPrivateDnsNameOptions": { - "privilege": "ModifyPrivateDnsNameOptions", - "description": "Grants permission to modify the options for instance hostnames for the specified instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:NewInstanceProfile", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyPrivateDnsNameOptions.html" - }, - "ModifyReservedInstances": { - "privilege": "ModifyReservedInstances", - "description": "Grants permission to modify attributes of one or more Reserved Instances", - "access_level": "Write", - "resource_types": { - "reserved-instances": { - "resource_type": "reserved-instances", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:InstanceType", - "ec2:ReservedInstancesOfferingType", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyReservedInstances.html" - }, - "ModifySecurityGroupRules": { - "privilege": "ModifySecurityGroupRules", - "description": "Grants permission to modify the rules of a security group", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group-rule": { - "resource_type": "security-group-rule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "prefix-list": { - "resource_type": "prefix-list", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySecurityGroupRules.html" - }, - "ModifySnapshotAttribute": { - "privilege": "ModifySnapshotAttribute", - "description": "Grants permission to add or remove permission settings for a snapshot", - "access_level": "Permissions management", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Add/group", - "ec2:Add/userId", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:Remove/group", - "ec2:Remove/userId", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html" - }, - "ModifySnapshotTier": { - "privilege": "ModifySnapshotTier", - "description": "Grants permission to archive Amazon EBS snapshots", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Encrypted", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotTier.html" - }, - "ModifySpotFleetRequest": { - "privilege": "ModifySpotFleetRequest", - "description": "Grants permission to modify a Spot Fleet request", - "access_level": "Write", - "resource_types": { - "spot-fleet-request": { - "resource_type": "spot-fleet-request", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html" - }, - "ModifySubnetAttribute": { - "privilege": "ModifySubnetAttribute", - "description": "Grants permission to modify an attribute of a subnet", - "access_level": "Write", - "resource_types": { - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySubnetAttribute.html" - }, - "ModifyTrafficMirrorFilterNetworkServices": { - "privilege": "ModifyTrafficMirrorFilterNetworkServices", - "description": "Grants permission to allow or restrict mirroring network services", - "access_level": "Write", - "resource_types": { - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorFilterNetworkServices.html" - }, - "ModifyTrafficMirrorFilterRule": { - "privilege": "ModifyTrafficMirrorFilterRule", - "description": "Grants permission to modify a traffic mirror rule", - "access_level": "Write", - "resource_types": { - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-filter-rule": { - "resource_type": "traffic-mirror-filter-rule", - "required": true, - "condition_keys": [ - "ec2:Attribute", - "ec2:Attribute/${AttributeName}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorFilterRule.html" - }, - "ModifyTrafficMirrorSession": { - "privilege": "ModifyTrafficMirrorSession", - "description": "Grants permission to modify a traffic mirror session", - "access_level": "Write", - "resource_types": { - "traffic-mirror-session": { - "resource_type": "traffic-mirror-session", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-filter": { - "resource_type": "traffic-mirror-filter", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "traffic-mirror-target": { - "resource_type": "traffic-mirror-target", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorSession.html" - }, - "ModifyTransitGateway": { - "privilege": "ModifyTransitGateway", - "description": "Grants permission to modify a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway": { - "resource_type": "transit-gateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGateway.html" - }, - "ModifyTransitGatewayPrefixListReference": { - "privilege": "ModifyTransitGatewayPrefixListReference", - "description": "Grants permission to modify a transit gateway prefix list reference", - "access_level": "Write", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGatewayPrefixListReference.html" - }, - "ModifyTransitGatewayVpcAttachment": { - "privilege": "ModifyTransitGatewayVpcAttachment", - "description": "Grants permission to modify a VPC attachment on a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGatewayVpcAttachment.html" - }, - "ModifyVerifiedAccessEndpoint": { - "privilege": "ModifyVerifiedAccessEndpoint", - "description": "Grants permission to modify the configuration of a Verified Access endpoint", - "access_level": "Write", - "resource_types": { - "verified-access-endpoint": { - "resource_type": "verified-access-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "verified-access-group": { - "resource_type": "verified-access-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessEndpoint.html" - }, - "ModifyVerifiedAccessEndpointPolicy": { - "privilege": "ModifyVerifiedAccessEndpointPolicy", - "description": "Grants permission to modify the specified Verified Access endpoint policy", - "access_level": "Write", - "resource_types": { - "verified-access-endpoint": { - "resource_type": "verified-access-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessEndpointPolicy.html" - }, - "ModifyVerifiedAccessGroup": { - "privilege": "ModifyVerifiedAccessGroup", - "description": "Grants permission to modify the specified Verified Access Group configuration", - "access_level": "Write", - "resource_types": { - "verified-access-group": { - "resource_type": "verified-access-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessGroup.html" - }, - "ModifyVerifiedAccessGroupPolicy": { - "privilege": "ModifyVerifiedAccessGroupPolicy", - "description": "Grants permission to modify the specified Verified Access group policy", - "access_level": "Write", - "resource_types": { - "verified-access-group": { - "resource_type": "verified-access-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessGroupPolicy.html" - }, - "ModifyVerifiedAccessInstance": { - "privilege": "ModifyVerifiedAccessInstance", - "description": "Grants permission to modify the configuration of the specified Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessInstance.html" - }, - "ModifyVerifiedAccessInstanceLoggingConfiguration": { - "privilege": "ModifyVerifiedAccessInstanceLoggingConfiguration", - "description": "Grants permission to modify the logging configuration for the specified Verified Access instance", - "access_level": "Write", - "resource_types": { - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessInstanceLoggingConfiguration.html" - }, - "ModifyVerifiedAccessTrustProvider": { - "privilege": "ModifyVerifiedAccessTrustProvider", - "description": "Grants permission to modify the configuration of the specified Verified Access trust provider", - "access_level": "Write", - "resource_types": { - "verified-access-trust-provider": { - "resource_type": "verified-access-trust-provider", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessTrustProvider.html" - }, - "ModifyVolume": { - "privilege": "ModifyVolume", - "description": "Grants permission to modify the parameters of an EBS volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVolume.html" - }, - "ModifyVolumeAttribute": { - "privilege": "ModifyVolumeAttribute", - "description": "Grants permission to modify an attribute of a volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVolumeAttribute.html" - }, - "ModifyVpcAttribute": { - "privilege": "ModifyVpcAttribute", - "description": "Grants permission to modify an attribute of a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcAttribute.html" - }, - "ModifyVpcEndpoint": { - "privilege": "ModifyVpcEndpoint", - "description": "Grants permission to modify an attribute of a VPC endpoint", - "access_level": "Write", - "resource_types": { - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "route-table": { - "resource_type": "route-table", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html" - }, - "ModifyVpcEndpointConnectionNotification": { - "privilege": "ModifyVpcEndpointConnectionNotification", - "description": "Grants permission to modify a connection notification for a VPC endpoint or VPC endpoint service", - "access_level": "Write", - "resource_types": { - "vpc-endpoint": { - "resource_type": "vpc-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointConnectionNotification.html" - }, - "ModifyVpcEndpointServiceConfiguration": { - "privilege": "ModifyVpcEndpointServiceConfiguration", - "description": "Grants permission to modify the attributes of a VPC endpoint service configuration", - "access_level": "Write", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}", - "ec2:VpceServicePrivateDnsName" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointServiceConfiguration.html" - }, - "ModifyVpcEndpointServicePayerResponsibility": { - "privilege": "ModifyVpcEndpointServicePayerResponsibility", - "description": "Grants permission to modify the payer responsibility for a VPC endpoint service", - "access_level": "Write", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointServicePayerResponsibility.html" - }, - "ModifyVpcEndpointServicePermissions": { - "privilege": "ModifyVpcEndpointServicePermissions", - "description": "Grants permission to modify the permissions for a VPC endpoint service", - "access_level": "Permissions management", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointServicePermissions.html" - }, - "ModifyVpcPeeringConnectionOptions": { - "privilege": "ModifyVpcPeeringConnectionOptions", - "description": "Grants permission to modify the VPC peering connection options on one side of a VPC peering connection", - "access_level": "Write", - "resource_types": { - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AccepterVpc", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:RequesterVpc", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcPeeringConnectionID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcPeeringConnectionOptions.html" - }, - "ModifyVpcTenancy": { - "privilege": "ModifyVpcTenancy", - "description": "Grants permission to modify the instance tenancy attribute of a VPC", - "access_level": "Write", - "resource_types": { - "vpc": { - "resource_type": "vpc", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcTenancy.html" - }, - "ModifyVpnConnection": { - "privilege": "ModifyVpnConnection", - "description": "Grants permission to modify the target gateway of a Site-to-Site VPN connection", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AuthenticationType", - "ec2:DPDTimeoutSeconds", - "ec2:GatewayType", - "ec2:IKEVersions", - "ec2:InsideTunnelCidr", - "ec2:InsideTunnelIpv6Cidr", - "ec2:Phase1DHGroup", - "ec2:Phase1EncryptionAlgorithms", - "ec2:Phase1IntegrityAlgorithms", - "ec2:Phase1LifetimeSeconds", - "ec2:Phase2DHGroup", - "ec2:Phase2EncryptionAlgorithms", - "ec2:Phase2IntegrityAlgorithms", - "ec2:Phase2LifetimeSeconds", - "ec2:PreSharedKeys", - "ec2:RekeyFuzzPercentage", - "ec2:RekeyMarginTimeSeconds", - "ec2:ReplayWindowSizePackets", - "ec2:ResourceTag/${TagKey}", - "ec2:RoutingType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnConnection.html" - }, - "ModifyVpnConnectionOptions": { - "privilege": "ModifyVpnConnectionOptions", - "description": "Grants permission to modify the connection options for your Site-to-Site VPN connection", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnConnectionOptions.html" - }, - "ModifyVpnTunnelCertificate": { - "privilege": "ModifyVpnTunnelCertificate", - "description": "Grants permission to modify the certificate for a Site-to-Site VPN connection", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnTunnelCertificate.html" - }, - "ModifyVpnTunnelOptions": { - "privilege": "ModifyVpnTunnelOptions", - "description": "Grants permission to modify the options for a Site-to-Site VPN connection", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AuthenticationType", - "ec2:DPDTimeoutSeconds", - "ec2:GatewayType", - "ec2:IKEVersions", - "ec2:InsideTunnelCidr", - "ec2:InsideTunnelIpv6Cidr", - "ec2:Phase1DHGroup", - "ec2:Phase1EncryptionAlgorithms", - "ec2:Phase1IntegrityAlgorithms", - "ec2:Phase1LifetimeSeconds", - "ec2:Phase2DHGroup", - "ec2:Phase2EncryptionAlgorithms", - "ec2:Phase2IntegrityAlgorithms", - "ec2:Phase2LifetimeSeconds", - "ec2:PreSharedKeys", - "ec2:RekeyFuzzPercentage", - "ec2:RekeyMarginTimeSeconds", - "ec2:ReplayWindowSizePackets", - "ec2:ResourceTag/${TagKey}", - "ec2:RoutingType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnTunnelOptions.html" - }, - "MonitorInstances": { - "privilege": "MonitorInstances", - "description": "Grants permission to enable detailed monitoring for a running instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_MonitorInstances.html" - }, - "MoveAddressToVpc": { - "privilege": "MoveAddressToVpc", - "description": "Grants permission to move an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_MoveAddressToVpc.html" - }, - "MoveByoipCidrToIpam": { - "privilege": "MoveByoipCidrToIpam", - "description": "Grants permission to move a BYOIP IPv4 CIDR to Amazon VPC IP Address Manager (IPAM) from a public IPv4 pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_MoveByoipCidrToIpam.html" - }, - "PauseVolumeIO": { - "privilege": "PauseVolumeIO", - "description": "Grants permission to temporarily pause I/O operations for a target Amazon EBS volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:ParentSnapshot", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#ebs-actions-reference" - }, - "ProvisionByoipCidr": { - "privilege": "ProvisionByoipCidr", - "description": "Grants permission to provision an address range for use in AWS through bring your own IP addresses (BYOIP), and to create a corresponding address pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ProvisionByoipCidr.html" - }, - "ProvisionIpamPoolCidr": { - "privilege": "ProvisionIpamPoolCidr", - "description": "Grants permission to provision a CIDR to an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ProvisionIpamPoolCidr.html" - }, - "ProvisionPublicIpv4PoolCidr": { - "privilege": "ProvisionPublicIpv4PoolCidr", - "description": "Grants permission to provision a CIDR to a public IPv4 pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ProvisionPublicIpv4PoolCidr.html" - }, - "PurchaseHostReservation": { - "privilege": "PurchaseHostReservation", - "description": "Grants permission to purchase a reservation with configurations that match those of a Dedicated Host", - "access_level": "Write", - "resource_types": { - "dedicated-host": { - "resource_type": "dedicated-host", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PurchaseHostReservation.html" - }, - "PurchaseReservedInstancesOffering": { - "privilege": "PurchaseReservedInstancesOffering", - "description": "Grants permission to purchase a Reserved Instance offering", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PurchaseReservedInstancesOffering.html" - }, - "PurchaseScheduledInstances": { - "privilege": "PurchaseScheduledInstances", - "description": "Grants permission to purchase one or more Scheduled Instances with a specified schedule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PurchaseScheduledInstances.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to attach an IAM policy that enables cross-account sharing to a resource", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "verified-access-group": { - "resource_type": "verified-access-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/share-pool-ipam.html" - }, - "RebootInstances": { - "privilege": "RebootInstances", - "description": "Grants permission to request a reboot of one or more instances", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RebootInstances.html" - }, - "RegisterImage": { - "privilege": "RegisterImage", - "description": "Grants permission to register an Amazon Machine Image (AMI)", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:Owner", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:OutpostArn", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterImage.html" - }, - "RegisterInstanceEventNotificationAttributes": { - "privilege": "RegisterInstanceEventNotificationAttributes", - "description": "Grants permission to add tags to the set of tags to include in notifications about scheduled events for your instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterInstanceEventNotificationAttributes.html" - }, - "RegisterTransitGatewayMulticastGroupMembers": { - "privilege": "RegisterTransitGatewayMulticastGroupMembers", - "description": "Grants permission to register one or more network interfaces as a member of a group IP address in a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterTransitGatewayMulticastGroupMembers.html" - }, - "RegisterTransitGatewayMulticastGroupSources": { - "privilege": "RegisterTransitGatewayMulticastGroupSources", - "description": "Grants permission to register one or more network interfaces as a source of a group IP address in a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterTransitGatewayMulticastGroupSources.html" - }, - "RejectTransitGatewayMulticastDomainAssociations": { - "privilege": "RejectTransitGatewayMulticastDomainAssociations", - "description": "Grants permission to reject requests to associate cross-account subnets with a transit gateway multicast domain", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectTransitGatewayMulticastDomainAssociations.html" - }, - "RejectTransitGatewayPeeringAttachment": { - "privilege": "RejectTransitGatewayPeeringAttachment", - "description": "Grants permission to reject a transit gateway peering attachment request", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectTransitGatewayPeeringAttachment.html" - }, - "RejectTransitGatewayVpcAttachment": { - "privilege": "RejectTransitGatewayVpcAttachment", - "description": "Grants permission to reject a request to attach a VPC to a transit gateway", - "access_level": "Write", - "resource_types": { - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectTransitGatewayVpcAttachment.html" - }, - "RejectVpcEndpointConnections": { - "privilege": "RejectVpcEndpointConnections", - "description": "Grants permission to reject one or more VPC endpoint connection requests to a VPC endpoint service", - "access_level": "Write", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectVpcEndpointConnections.html" - }, - "RejectVpcPeeringConnection": { - "privilege": "RejectVpcPeeringConnection", - "description": "Grants permission to reject a VPC peering connection request", - "access_level": "Write", - "resource_types": { - "vpc-peering-connection": { - "resource_type": "vpc-peering-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AccepterVpc", - "ec2:RequesterVpc", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcPeeringConnectionID" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectVpcPeeringConnection.html" - }, - "ReleaseAddress": { - "privilege": "ReleaseAddress", - "description": "Grants permission to release an Elastic IP address", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseAddress.html" - }, - "ReleaseHosts": { - "privilege": "ReleaseHosts", - "description": "Grants permission to release one or more On-Demand Dedicated Hosts", - "access_level": "Write", - "resource_types": { - "dedicated-host": { - "resource_type": "dedicated-host", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseHosts.html" - }, - "ReleaseIpamPoolAllocation": { - "privilege": "ReleaseIpamPoolAllocation", - "description": "Grants permission to release an allocation within an Amazon VPC IP Address Manager (IPAM) pool", - "access_level": "Write", - "resource_types": { - "ipam-pool": { - "resource_type": "ipam-pool", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseIpamPoolAllocation.html" - }, - "ReplaceIamInstanceProfileAssociation": { - "privilege": "ReplaceIamInstanceProfileAssociation", - "description": "Grants permission to replace an IAM instance profile for an instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:NewInstanceProfile", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceIamInstanceProfileAssociation.html" - }, - "ReplaceNetworkAclAssociation": { - "privilege": "ReplaceNetworkAclAssociation", - "description": "Grants permission to change which network ACL a subnet is associated with", - "access_level": "Write", - "resource_types": { - "network-acl": { - "resource_type": "network-acl", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkAclID", - "ec2:ResourceTag/${TagKey}", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceNetworkAclAssociation.html" - }, - "ReplaceNetworkAclEntry": { - "privilege": "ReplaceNetworkAclEntry", - "description": "Grants permission to replace an entry (rule) in a network ACL", - "access_level": "Write", - "resource_types": { - "network-acl": { - "resource_type": "network-acl", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:NetworkAclID", - "ec2:ResourceTag/${TagKey}", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceNetworkAclEntry.html" - }, - "ReplaceRoute": { - "privilege": "ReplaceRoute", - "description": "Grants permission to replace a route within a route table in a VPC", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceRoute.html" - }, - "ReplaceRouteTableAssociation": { - "privilege": "ReplaceRouteTableAssociation", - "description": "Grants permission to change the route table that is associated with a subnet", - "access_level": "Write", - "resource_types": { - "route-table": { - "resource_type": "route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "internet-gateway": { - "resource_type": "internet-gateway", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:InternetGatewayID", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv4pool-ec2": { - "resource_type": "ipv4pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "ipv6pool-ec2": { - "resource_type": "ipv6pool-ec2", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceRouteTableAssociation.html" - }, - "ReplaceTransitGatewayRoute": { - "privilege": "ReplaceTransitGatewayRoute", - "description": "Grants permission to replace a route in a transit gateway route table", - "access_level": "Write", - "resource_types": { - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transit-gateway-attachment": { - "resource_type": "transit-gateway-attachment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceTransitGatewayRoute.html" - }, - "ReplaceVpnTunnel": { - "privilege": "ReplaceVpnTunnel", - "description": "Grants permission to replace a VPN tunnel", - "access_level": "Write", - "resource_types": { - "vpn-connection": { - "resource_type": "vpn-connection", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceVpnTunnel.html" - }, - "ReportInstanceStatus": { - "privilege": "ReportInstanceStatus", - "description": "Grants permission to submit feedback about the status of an instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReportInstanceStatus.html" - }, - "RequestSpotFleet": { - "privilege": "RequestSpotFleet", - "description": "Grants permission to create a Spot Fleet request", - "access_level": "Write", - "resource_types": { - "spot-fleet-request": { - "resource_type": "spot-fleet-request", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:KeyPairName", - "ec2:KeyPairType", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:OutpostArn", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html" - }, - "RequestSpotInstances": { - "privilege": "RequestSpotInstances", - "description": "Grants permission to create a Spot Instance request", - "access_level": "Write", - "resource_types": { - "spot-instances-request": { - "resource_type": "spot-instances-request", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:KeyPairName", - "ec2:KeyPairType", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AuthorizedUser", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:Permission", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:OutpostArn", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html" - }, - "ResetAddressAttribute": { - "privilege": "ResetAddressAttribute", - "description": "Grants permission to reset the attribute of the specified IP address", - "access_level": "Write", - "resource_types": { - "elastic-ip": { - "resource_type": "elastic-ip", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AllocationId", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetAddressAttribute.html" - }, - "ResetEbsDefaultKmsKeyId": { - "privilege": "ResetEbsDefaultKmsKeyId", - "description": "Grants permission to reset the default customer master key (CMK) for EBS encryption for your account to use the AWS-managed CMK for EBS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetEbsDefaultKmsKeyId.html" - }, - "ResetFpgaImageAttribute": { - "privilege": "ResetFpgaImageAttribute", - "description": "Grants permission to reset an attribute of an Amazon FPGA Image (AFI) to its default value", - "access_level": "Write", - "resource_types": { - "fpga-image": { - "resource_type": "fpga-image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetFpgaImageAttribute.html" - }, - "ResetImageAttribute": { - "privilege": "ResetImageAttribute", - "description": "Grants permission to reset an attribute of an Amazon Machine Image (AMI) to its default value", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetImageAttribute.html" - }, - "ResetInstanceAttribute": { - "privilege": "ResetInstanceAttribute", - "description": "Grants permission to reset an attribute of an instance to its default value", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetInstanceAttribute.html" - }, - "ResetNetworkInterfaceAttribute": { - "privilege": "ResetNetworkInterfaceAttribute", - "description": "Grants permission to reset an attribute of a network interface", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetNetworkInterfaceAttribute.html" - }, - "ResetSnapshotAttribute": { - "privilege": "ResetSnapshotAttribute", - "description": "Grants permission to reset permission settings for a snapshot", - "access_level": "Permissions management", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetSnapshotAttribute.html" - }, - "RestoreAddressToClassic": { - "privilege": "RestoreAddressToClassic", - "description": "Grants permission to restore an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreAddressToClassic.html" - }, - "RestoreImageFromRecycleBin": { - "privilege": "RestoreImageFromRecycleBin", - "description": "Grants permission to restore an Amazon Machine Image (AMI) from the Recycle Bin", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreImageFromRecycleBin.html" - }, - "RestoreManagedPrefixListVersion": { - "privilege": "RestoreManagedPrefixListVersion", - "description": "Grants permission to restore the entries from a previous version of a managed prefix list to a new version of the prefix list", - "access_level": "Write", - "resource_types": { - "prefix-list": { - "resource_type": "prefix-list", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreManagedPrefixListVersion.html" - }, - "RestoreSnapshotFromRecycleBin": { - "privilege": "RestoreSnapshotFromRecycleBin", - "description": "Grants permission to restore an Amazon EBS snapshot from the Recycle Bin", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Encrypted", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreSnapshotFromRecycleBin.html" - }, - "RestoreSnapshotTier": { - "privilege": "RestoreSnapshotTier", - "description": "Grants permission to restore an archived Amazon EBS snapshot for use temporarily or permanently, or modify the restore period or restore type for a snapshot that was previously temporarily restored", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:Encrypted", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreSnapshotTier.html" - }, - "RevokeClientVpnIngress": { - "privilege": "RevokeClientVpnIngress", - "description": "Grants permission to remove an inbound authorization rule from a Client VPN endpoint", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RevokeClientVpnIngress.html" - }, - "RevokeSecurityGroupEgress": { - "privilege": "RevokeSecurityGroupEgress", - "description": "Grants permission to remove one or more outbound rules from a VPC security group", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RevokeSecurityGroupEgress.html" - }, - "RevokeSecurityGroupIngress": { - "privilege": "RevokeSecurityGroupIngress", - "description": "Grants permission to remove one or more inbound rules from a security group", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RevokeSecurityGroupIngress.html" - }, - "RunInstances": { - "privilege": "RunInstances", - "description": "Grants permission to launch one or more instances", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Owner", - "ec2:Public", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "ec2:AssociatePublicIpAddress", - "ec2:AuthorizedService", - "ec2:AvailabilityZone", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:NetworkInterfaceID", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "subnet": { - "resource_type": "subnet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [ - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:ParentSnapshot", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ], - "dependent_actions": [] - }, - "capacity-reservation": { - "resource_type": "capacity-reservation", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "elastic-gpu": { - "resource_type": "elastic-gpu", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ElasticGpuType", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "elastic-inference": { - "resource_type": "elastic-inference", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "key-pair": { - "resource_type": "key-pair", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:IsLaunchTemplateResource", - "ec2:KeyPairName", - "ec2:KeyPairType", - "ec2:LaunchTemplate", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "launch-template": { - "resource_type": "launch-template", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "license-configuration": { - "resource_type": "license-configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "placement-group": { - "resource_type": "placement-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:VolumeSize" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html" - }, - "RunScheduledInstances": { - "privilege": "RunScheduledInstances", - "description": "Grants permission to launch one or more Scheduled Instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunScheduledInstances.html" - }, - "SearchLocalGatewayRoutes": { - "privilege": "SearchLocalGatewayRoutes", - "description": "Grants permission to search for routes in a local gateway route table", - "access_level": "List", - "resource_types": { - "local-gateway-route-table": { - "resource_type": "local-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchLocalGatewayRoutes.html" - }, - "SearchTransitGatewayMulticastGroups": { - "privilege": "SearchTransitGatewayMulticastGroups", - "description": "Grants permission to search for groups, sources, and members in a transit gateway multicast domain", - "access_level": "List", - "resource_types": { - "transit-gateway-multicast-domain": { - "resource_type": "transit-gateway-multicast-domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayMulticastGroups.html" - }, - "SearchTransitGatewayRoutes": { - "privilege": "SearchTransitGatewayRoutes", - "description": "Grants permission to search for routes in a transit gateway route table", - "access_level": "List", - "resource_types": { - "transit-gateway-route-table": { - "resource_type": "transit-gateway-route-table", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayRoutes.html" - }, - "SendDiagnosticInterrupt": { - "privilege": "SendDiagnosticInterrupt", - "description": "Grants permission to send a diagnostic interrupt to an Amazon EC2 instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SendDiagnosticInterrupt.html" - }, - "SendSpotInstanceInterruptions": { - "privilege": "SendSpotInstanceInterruptions", - "description": "Grants permission to interrupt a Spot Instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#send-spot-instance-interruptions" - }, - "StartInstances": { - "privilege": "StartInstances", - "description": "Grants permission to start a stopped instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:PlacementGroup", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "license-configuration": { - "resource_type": "license-configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartInstances.html" - }, - "StartNetworkInsightsAccessScopeAnalysis": { - "privilege": "StartNetworkInsightsAccessScopeAnalysis", - "description": "Grants permission to start a Network Access Scope analysis", - "access_level": "Write", - "resource_types": { - "network-insights-access-scope": { - "resource_type": "network-insights-access-scope", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "network-insights-access-scope-analysis": { - "resource_type": "network-insights-access-scope-analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartNetworkInsightsAccessScopeAnalysis.html" - }, - "StartNetworkInsightsAnalysis": { - "privilege": "StartNetworkInsightsAnalysis", - "description": "Grants permission to start analyzing a specified path", - "access_level": "Write", - "resource_types": { - "network-insights-analysis": { - "resource_type": "network-insights-analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "network-insights-path": { - "resource_type": "network-insights-path", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartNetworkInsightsAnalysis.html" - }, - "StartVpcEndpointServicePrivateDnsVerification": { - "privilege": "StartVpcEndpointServicePrivateDnsVerification", - "description": "Grants permission to start the private DNS verification process for a VPC endpoint service", - "access_level": "Write", - "resource_types": { - "vpc-endpoint-service": { - "resource_type": "vpc-endpoint-service", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartVpcEndpointServicePrivateDnsVerification.html" - }, - "StopInstances": { - "privilege": "StopInstances", - "description": "Grants permission to stop an Amazon EBS-backed instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:PlacementGroup", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StopInstances.html" - }, - "TerminateClientVpnConnections": { - "privilege": "TerminateClientVpnConnections", - "description": "Grants permission to terminate active Client VPN endpoint connections", - "access_level": "Write", - "resource_types": { - "client-vpn-endpoint": { - "resource_type": "client-vpn-endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TerminateClientVpnConnections.html" - }, - "TerminateInstances": { - "privilege": "TerminateInstances", - "description": "Grants permission to shut down one or more instances", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TerminateInstances.html" - }, - "UnassignIpv6Addresses": { - "privilege": "UnassignIpv6Addresses", - "description": "Grants permission to unassign one or more IPv6 addresses from a network interface", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnassignIpv6Addresses.html" - }, - "UnassignPrivateIpAddresses": { - "privilege": "UnassignPrivateIpAddresses", - "description": "Grants permission to unassign one or more secondary private IP addresses from a network interface", - "access_level": "Write", - "resource_types": { - "network-interface": { - "resource_type": "network-interface", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:NetworkInterfaceID", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnassignPrivateIpAddresses.html" - }, - "UnassignPrivateNatGatewayAddress": { - "privilege": "UnassignPrivateNatGatewayAddress", - "description": "Grants permission to unassign secondary private IPv4 addresses from a private NAT gateway", - "access_level": "Write", - "resource_types": { - "natgateway": { - "resource_type": "natgateway", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnassignPrivateNatGatewayAddress.html" - }, - "UnmonitorInstances": { - "privilege": "UnmonitorInstances", - "description": "Grants permission to disable detailed monitoring for a running instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnmonitorInstances.html" - }, - "UpdateSecurityGroupRuleDescriptionsEgress": { - "privilege": "UpdateSecurityGroupRuleDescriptionsEgress", - "description": "Grants permission to update descriptions for one or more outbound rules in a VPC security group", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UpdateSecurityGroupRuleDescriptionsEgress.html" - }, - "UpdateSecurityGroupRuleDescriptionsIngress": { - "privilege": "UpdateSecurityGroupRuleDescriptionsIngress", - "description": "Grants permission to update descriptions for one or more inbound rules in a security group", - "access_level": "Write", - "resource_types": { - "security-group": { - "resource_type": "security-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UpdateSecurityGroupRuleDescriptionsIngress.html" - }, - "WithdrawByoipCidr": { - "privilege": "WithdrawByoipCidr", - "description": "Grants permission to stop advertising an address range that was provisioned for use in AWS through bring your own IP addresses (BYOIP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:Region" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_WithdrawByoipCidr.html" - } - }, - "resources": { - "elastic-ip": { - "resource": "elastic-ip", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:elastic-ip/${AllocationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:AllocationId", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Domain", - "ec2:PublicIpAddress", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "capacity-reservation-fleet": { - "resource": "capacity-reservation-fleet", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:capacity-reservation-fleet/${CapacityReservationFleetId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "capacity-reservation": { - "resource": "capacity-reservation", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:capacity-reservation/${CapacityReservationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:CapacityReservationFleet", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "carrier-gateway": { - "resource": "carrier-gateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:carrier-gateway/${CarrierGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:Vpc" - ] - }, - "certificate": { - "resource": "certificate", - "arn": "arn:${Partition}:acm:${Region}:${Account}:certificate/${CertificateId}", - "condition_keys": [] - }, - "client-vpn-endpoint": { - "resource": "client-vpn-endpoint", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:client-vpn-endpoint/${ClientVpnEndpointId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ClientRootCertificateChainArn", - "ec2:CloudwatchLogGroupArn", - "ec2:CloudwatchLogStreamArn", - "ec2:DirectoryArn", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:SamlProviderArn", - "ec2:ServerCertificateArn" - ] - }, - "customer-gateway": { - "resource": "customer-gateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:customer-gateway/${CustomerGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "dedicated-host": { - "resource": "dedicated-host", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:dedicated-host/${DedicatedHostId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AutoPlacement", - "ec2:AvailabilityZone", - "ec2:HostRecovery", - "ec2:InstanceType", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Quantity", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "dhcp-options": { - "resource": "dhcp-options", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:dhcp-options/${DhcpOptionsId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:DhcpOptionsID", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "egress-only-internet-gateway": { - "resource": "egress-only-internet-gateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:egress-only-internet-gateway/${EgressOnlyInternetGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "elastic-gpu": { - "resource": "elastic-gpu", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:elastic-gpu/${ElasticGpuId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:ElasticGpuType", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "elastic-inference": { - "resource": "elastic-inference", - "arn": "arn:${Partition}:elastic-inference:${Region}:${Account}:elastic-inference-accelerator/${AcceleratorId}", - "condition_keys": [] - }, - "export-image-task": { - "resource": "export-image-task", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:export-image-task/${ExportImageTaskId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "export-instance-task": { - "resource": "export-instance-task", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:export-instance-task/${ExportTaskId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "fleet": { - "resource": "fleet", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:fleet/${FleetId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "fpga-image": { - "resource": "fpga-image", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:fpga-image/${FpgaImageId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Owner", - "ec2:Public", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "host-reservation": { - "resource": "host-reservation", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:host-reservation/${HostReservationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "image": { - "resource": "image", - "arn": "arn:${Partition}:ec2:${Region}::image/${ImageId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:ImageID", - "ec2:ImageType", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Owner", - "ec2:Public", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType" - ] - }, - "import-image-task": { - "resource": "import-image-task", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:import-image-task/${ImportImageTaskId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "import-snapshot-task": { - "resource": "import-snapshot-task", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:import-snapshot-task/${ImportSnapshotTaskId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "instance-connect-endpoint": { - "resource": "instance-connect-endpoint", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance-connect-endpoint/${InstanceConnectEndpointId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID" - ] - }, - "instance-event-window": { - "resource": "instance-event-window", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance-event-window/${InstanceEventWindowId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "instance": { - "resource": "instance", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance/${InstanceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:EbsOptimized", - "ec2:InstanceAutoRecovery", - "ec2:InstanceID", - "ec2:InstanceMarketType", - "ec2:InstanceMetadataTags", - "ec2:InstanceProfile", - "ec2:InstanceType", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:MetadataHttpEndpoint", - "ec2:MetadataHttpPutResponseHopLimit", - "ec2:MetadataHttpTokens", - "ec2:NewInstanceProfile", - "ec2:PlacementGroup", - "ec2:ProductCode", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:RootDeviceType", - "ec2:Tenancy" - ] - }, - "internet-gateway": { - "resource": "internet-gateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:internet-gateway/${InternetGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:InternetGatewayID", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "ipam": { - "resource": "ipam", - "arn": "arn:${Partition}:ec2::${Account}:ipam/${IpamId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "ipam-pool": { - "resource": "ipam-pool", - "arn": "arn:${Partition}:ec2::${Account}:ipam-pool/${IpamPoolId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "ipam-resource-discovery-association": { - "resource": "ipam-resource-discovery-association", - "arn": "arn:${Partition}:ec2::${Account}:ipam-resource-discovery-association/${IpamResourceDiscoveryAssociationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "ipam-resource-discovery": { - "resource": "ipam-resource-discovery", - "arn": "arn:${Partition}:ec2::${Account}:ipam-resource-discovery/${IpamResourceDiscoveryId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "ipam-scope": { - "resource": "ipam-scope", - "arn": "arn:${Partition}:ec2::${Account}:ipam-scope/${IpamScopeId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "coip-pool": { - "resource": "coip-pool", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:coip-pool/${Ipv4PoolCoipId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "ipv4pool-ec2": { - "resource": "ipv4pool-ec2", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:ipv4pool-ec2/${Ipv4PoolEc2Id}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "ipv6pool-ec2": { - "resource": "ipv6pool-ec2", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:ipv6pool-ec2/${Ipv6PoolEc2Id}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "key-pair": { - "resource": "key-pair", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:key-pair/${KeyPairName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:IsLaunchTemplateResource", - "ec2:KeyPairName", - "ec2:KeyPairType", - "ec2:LaunchTemplate", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "launch-template": { - "resource": "launch-template", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:launch-template/${LaunchTemplateId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "license-configuration": { - "resource": "license-configuration", - "arn": "arn:${Partition}:license-manager:${Region}:${Account}:license-configuration:${LicenseConfigurationId}", - "condition_keys": [] - }, - "local-gateway": { - "resource": "local-gateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway/${LocalGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "local-gateway-route-table-virtual-interface-group-association": { - "resource": "local-gateway-route-table-virtual-interface-group-association", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-route-table-virtual-interface-group-association/${LocalGatewayRouteTableVirtualInterfaceGroupAssociationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "local-gateway-route-table-vpc-association": { - "resource": "local-gateway-route-table-vpc-association", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-route-table-vpc-association/${LocalGatewayRouteTableVpcAssociationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "local-gateway-route-table": { - "resource": "local-gateway-route-table", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-route-table/${LocalGatewayRoutetableId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "local-gateway-virtual-interface-group": { - "resource": "local-gateway-virtual-interface-group", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-virtual-interface-group/${LocalGatewayVirtualInterfaceGroupId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "local-gateway-virtual-interface": { - "resource": "local-gateway-virtual-interface", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-virtual-interface/${LocalGatewayVirtualInterfaceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "natgateway": { - "resource": "natgateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:natgateway/${NatGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "network-acl": { - "resource": "network-acl", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-acl/${NaclId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:NetworkAclID", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:Vpc" - ] - }, - "network-insights-access-scope-analysis": { - "resource": "network-insights-access-scope-analysis", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-access-scope-analysis/${NetworkInsightsAccessScopeAnalysisId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "network-insights-access-scope": { - "resource": "network-insights-access-scope", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-access-scope/${NetworkInsightsAccessScopeId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "network-insights-analysis": { - "resource": "network-insights-analysis", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-analysis/${NetworkInsightsAnalysisId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "network-insights-path": { - "resource": "network-insights-path", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-path/${NetworkInsightsPathId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "network-interface": { - "resource": "network-interface", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-interface/${NetworkInterfaceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:AssociatePublicIpAddress", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AuthorizedService", - "ec2:AuthorizedUser", - "ec2:AvailabilityZone", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:NetworkInterfaceID", - "ec2:Permission", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:Subnet", - "ec2:Vpc" - ] - }, - "placement-group": { - "resource": "placement-group", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:placement-group/${PlacementGroupName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:PlacementGroupName", - "ec2:PlacementGroupStrategy", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "prefix-list": { - "resource": "prefix-list", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:prefix-list/${PrefixListId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "replace-root-volume-task": { - "resource": "replace-root-volume-task", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:replace-root-volume-task/${ReplaceRootVolumeTaskId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "reserved-instances": { - "resource": "reserved-instances", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:reserved-instances/${ReservationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:InstanceType", - "ec2:Region", - "ec2:ReservedInstancesOfferingType", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy" - ] - }, - "group": { - "resource": "group", - "arn": "arn:${Partition}:resource-groups:${Region}:${Account}:group/${GroupName}", - "condition_keys": [] - }, - "role": { - "resource": "role", - "arn": "arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}", - "condition_keys": [] - }, - "route-table": { - "resource": "route-table", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:route-table/${RouteTableId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:RouteTableID", - "ec2:Vpc" - ] - }, - "security-group": { - "resource": "security-group", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:security-group/${SecurityGroupId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:SecurityGroupID", - "ec2:Vpc" - ] - }, - "security-group-rule": { - "resource": "security-group-rule", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:security-group-rule/${SecurityGroupRuleId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:ec2:${Region}::snapshot/${SnapshotId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Add/group", - "ec2:Add/userId", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:OutpostArn", - "ec2:Owner", - "ec2:ParentVolume", - "ec2:Region", - "ec2:Remove/group", - "ec2:Remove/userId", - "ec2:ResourceTag/${TagKey}", - "ec2:SnapshotID", - "ec2:SnapshotTime", - "ec2:SourceOutpostArn", - "ec2:VolumeSize" - ] - }, - "spot-fleet-request": { - "resource": "spot-fleet-request", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:spot-fleet-request/${SpotFleetRequestId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "spot-instances-request": { - "resource": "spot-instances-request", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:spot-instances-request/${SpotInstanceRequestId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "subnet-cidr-reservation": { - "resource": "subnet-cidr-reservation", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:subnet-cidr-reservation/${SubnetCidrReservationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "subnet": { - "resource": "subnet", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:subnet/${SubnetId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:IsLaunchTemplateResource", - "ec2:LaunchTemplate", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:SubnetID", - "ec2:Vpc" - ] - }, - "traffic-mirror-filter": { - "resource": "traffic-mirror-filter", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-filter/${TrafficMirrorFilterId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "traffic-mirror-filter-rule": { - "resource": "traffic-mirror-filter-rule", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-filter-rule/${TrafficMirrorFilterRuleId}", - "condition_keys": [ - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region" - ] - }, - "traffic-mirror-session": { - "resource": "traffic-mirror-session", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-session/${TrafficMirrorSessionId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "traffic-mirror-target": { - "resource": "traffic-mirror-target", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-target/${TrafficMirrorTargetId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "transit-gateway-attachment": { - "resource": "transit-gateway-attachment", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-attachment/${TransitGatewayAttachmentId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "transit-gateway-connect-peer": { - "resource": "transit-gateway-connect-peer", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-connect-peer/${TransitGatewayConnectPeerId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "transit-gateway": { - "resource": "transit-gateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway/${TransitGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "transit-gateway-multicast-domain": { - "resource": "transit-gateway-multicast-domain", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-multicast-domain/${TransitGatewayMulticastDomainId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "transit-gateway-policy-table": { - "resource": "transit-gateway-policy-table", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-policy-table/${TransitGatewayPolicyTableId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "transit-gateway-route-table-announcement": { - "resource": "transit-gateway-route-table-announcement", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-route-table-announcement/${TransitGatewayRouteTableAnnouncementId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "transit-gateway-route-table": { - "resource": "transit-gateway-route-table", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-route-table/${TransitGatewayRouteTableId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "verified-access-endpoint": { - "resource": "verified-access-endpoint", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-endpoint/${VerifiedAccessEndpointId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "verified-access-group": { - "resource": "verified-access-group", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-group/${VerifiedAccessGroupId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "verified-access-instance": { - "resource": "verified-access-instance", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-instance/${VerifiedAccessInstanceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "verified-access-policy": { - "resource": "verified-access-policy", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-policy/${VerifiedAccessPolicyId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "verified-access-trust-provider": { - "resource": "verified-access-trust-provider", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-trust-provider/${VerifiedAccessTrustProviderId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "volume": { - "resource": "volume", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:volume/${VolumeId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AvailabilityZone", - "ec2:Encrypted", - "ec2:IsLaunchTemplateResource", - "ec2:KmsKeyId", - "ec2:LaunchTemplate", - "ec2:ParentSnapshot", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:VolumeID", - "ec2:VolumeIops", - "ec2:VolumeSize", - "ec2:VolumeThroughput", - "ec2:VolumeType" - ] - }, - "vpc-endpoint-connection": { - "resource": "vpc-endpoint-connection", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-connection/${VpcEndpointConnectionId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "vpc-endpoint": { - "resource": "vpc-endpoint", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint/${VpcEndpointId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:VpceServiceName", - "ec2:VpceServiceOwner" - ] - }, - "vpc-endpoint-service": { - "resource": "vpc-endpoint-service", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-service/${VpcEndpointServiceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:VpceServicePrivateDnsName" - ] - }, - "vpc-endpoint-service-permission": { - "resource": "vpc-endpoint-service-permission", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-service-permission/${VpcEndpointServicePermissionId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "vpc-flow-log": { - "resource": "vpc-flow-log", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-flow-log/${VpcFlowLogId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - }, - "vpc": { - "resource": "vpc", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc/${VpcId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Ipv4IpamPoolId", - "ec2:Ipv6IpamPoolId", - "ec2:Region", - "ec2:ResourceTag/${TagKey}", - "ec2:Tenancy", - "ec2:VpcID" - ] - }, - "vpc-peering-connection": { - "resource": "vpc-peering-connection", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-peering-connection/${VpcPeeringConnectionId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:AccepterVpc", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:Region", - "ec2:RequesterVpc", - "ec2:ResourceTag/${TagKey}", - "ec2:VpcPeeringConnectionID" - ] - }, - "vpn-connection-device-type": { - "resource": "vpn-connection-device-type", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpn-connection-device-type/${VpnConnectionDeviceTypeId}", - "condition_keys": [ - "ec2:Region" - ] - }, - "vpn-connection": { - "resource": "vpn-connection", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpn-connection/${VpnConnectionId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Attribute", - "ec2:Attribute/${AttributeName}", - "ec2:AuthenticationType", - "ec2:DPDTimeoutSeconds", - "ec2:GatewayType", - "ec2:IKEVersions", - "ec2:InsideTunnelCidr", - "ec2:InsideTunnelIpv6Cidr", - "ec2:Phase1DHGroup", - "ec2:Phase1EncryptionAlgorithms", - "ec2:Phase1IntegrityAlgorithms", - "ec2:Phase1LifetimeSeconds", - "ec2:Phase2DHGroup", - "ec2:Phase2EncryptionAlgorithms", - "ec2:Phase2IntegrityAlgorithms", - "ec2:Phase2LifetimeSeconds", - "ec2:PreSharedKeys", - "ec2:Region", - "ec2:RekeyFuzzPercentage", - "ec2:RekeyMarginTimeSeconds", - "ec2:ReplayWindowSizePackets", - "ec2:ResourceTag/${TagKey}", - "ec2:RoutingType" - ] - }, - "vpn-gateway": { - "resource": "vpn-gateway", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpn-gateway/${VpnGatewayId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ec2:Region", - "ec2:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - }, - "ec2:AccepterVpc": { - "condition": "ec2:AccepterVpc", - "description": "Filters access by the ARN of an accepter VPC in a VPC peering connection", - "type": "ARN" - }, - "ec2:Add/group": { - "condition": "ec2:Add/group", - "description": "Filters access by the group being added to a snapshot", - "type": "String" - }, - "ec2:Add/userId": { - "condition": "ec2:Add/userId", - "description": "Filters access by the account id being added to a snapshot", - "type": "String" - }, - "ec2:AllocationId": { - "condition": "ec2:AllocationId", - "description": "Filters access by the allocation ID of the Elastic IP address", - "type": "String" - }, - "ec2:AssociatePublicIpAddress": { - "condition": "ec2:AssociatePublicIpAddress", - "description": "Filters access by whether the user wants to associate a public IP address with the instance", - "type": "Bool" - }, - "ec2:Attribute": { - "condition": "ec2:Attribute", - "description": "Filters access by an attribute of a resource", - "type": "String" - }, - "ec2:Attribute/${AttributeName}": { - "condition": "ec2:Attribute/${AttributeName}", - "description": "Filters access by an attribute being set on a resource", - "type": "String" - }, - "ec2:AuthenticationType": { - "condition": "ec2:AuthenticationType", - "description": "Filters access by the authentication type for the VPN tunnel endpoints", - "type": "String" - }, - "ec2:AuthorizedService": { - "condition": "ec2:AuthorizedService", - "description": "Filters access by the AWS service that has permission to use a resource", - "type": "String" - }, - "ec2:AuthorizedUser": { - "condition": "ec2:AuthorizedUser", - "description": "Filters access by an IAM principal that has permission to use a resource", - "type": "String" - }, - "ec2:AutoPlacement": { - "condition": "ec2:AutoPlacement", - "description": "Filters access by the Auto Placement properties of a Dedicated Host", - "type": "String" - }, - "ec2:AvailabilityZone": { - "condition": "ec2:AvailabilityZone", - "description": "Filters access by the name of an Availability Zone in an AWS Region", - "type": "String" - }, - "ec2:CapacityReservationFleet": { - "condition": "ec2:CapacityReservationFleet", - "description": "Filters access by the ARN of the Capacity Reservation Fleet", - "type": "ARN" - }, - "ec2:ClientRootCertificateChainArn": { - "condition": "ec2:ClientRootCertificateChainArn", - "description": "Filters access by the ARN of the client root certificate chain", - "type": "ARN" - }, - "ec2:CloudwatchLogGroupArn": { - "condition": "ec2:CloudwatchLogGroupArn", - "description": "Filters access by the ARN of the CloudWatch Logs log group", - "type": "ARN" - }, - "ec2:CloudwatchLogStreamArn": { - "condition": "ec2:CloudwatchLogStreamArn", - "description": "Filters access by the ARN of the CloudWatch Logs log stream", - "type": "ARN" - }, - "ec2:CreateAction": { - "condition": "ec2:CreateAction", - "description": "Filters access by the name of a resource-creating API action", - "type": "String" - }, - "ec2:DPDTimeoutSeconds": { - "condition": "ec2:DPDTimeoutSeconds", - "description": "Filters access by the duration after which DPD timeout occurs on a VPN tunnel", - "type": "Numeric" - }, - "ec2:DhcpOptionsID": { - "condition": "ec2:DhcpOptionsID", - "description": "Filters access by the ID of a dynamic host configuration protocol (DHCP) options set", - "type": "String" - }, - "ec2:DirectoryArn": { - "condition": "ec2:DirectoryArn", - "description": "Filters access by the ARN of the directory", - "type": "ARN" - }, - "ec2:Domain": { - "condition": "ec2:Domain", - "description": "Filters access by the domain of the Elastic IP address", - "type": "String" - }, - "ec2:EbsOptimized": { - "condition": "ec2:EbsOptimized", - "description": "Filters access by whether the instance is enabled for EBS optimization", - "type": "Bool" - }, - "ec2:ElasticGpuType": { - "condition": "ec2:ElasticGpuType", - "description": "Filters access by the type of Elastic Graphics accelerator", - "type": "String" - }, - "ec2:Encrypted": { - "condition": "ec2:Encrypted", - "description": "Filters access by whether the EBS volume is encrypted", - "type": "Bool" - }, - "ec2:GatewayType": { - "condition": "ec2:GatewayType", - "description": "Filters access by the gateway type for a VPN endpoint on the AWS side of a VPN connection", - "type": "String" - }, - "ec2:HostRecovery": { - "condition": "ec2:HostRecovery", - "description": "Filters access by whether host recovery is enabled for a Dedicated Host", - "type": "String" - }, - "ec2:IKEVersions": { - "condition": "ec2:IKEVersions", - "description": "Filters access by the internet key exchange (IKE) versions that are permitted for a VPN tunnel", - "type": "ArrayOfString" - }, - "ec2:ImageID": { - "condition": "ec2:ImageID", - "description": "Filters access by the ID of an image", - "type": "String" - }, - "ec2:ImageType": { - "condition": "ec2:ImageType", - "description": "Filters access by the type of image (machine, aki, or ari)", - "type": "String" - }, - "ec2:InsideTunnelCidr": { - "condition": "ec2:InsideTunnelCidr", - "description": "Filters access by the range of inside IP addresses for a VPN tunnel", - "type": "String" - }, - "ec2:InsideTunnelIpv6Cidr": { - "condition": "ec2:InsideTunnelIpv6Cidr", - "description": "Filters access by a range of inside IPv6 addresses for a VPN tunnel", - "type": "String" - }, - "ec2:InstanceAutoRecovery": { - "condition": "ec2:InstanceAutoRecovery", - "description": "Filters access by whether the instance type supports auto recovery", - "type": "String" - }, - "ec2:InstanceID": { - "condition": "ec2:InstanceID", - "description": "Filters access by the ID of an instance", - "type": "String" - }, - "ec2:InstanceMarketType": { - "condition": "ec2:InstanceMarketType", - "description": "Filters access by the market or purchasing option of an instance (on-demand or spot)", - "type": "String" - }, - "ec2:InstanceMetadataTags": { - "condition": "ec2:InstanceMetadataTags", - "description": "Filters access by whether the instance allows access to instance tags from the instance metadata", - "type": "String" - }, - "ec2:InstanceProfile": { - "condition": "ec2:InstanceProfile", - "description": "Filters access by the ARN of an instance profile", - "type": "ARN" - }, - "ec2:InstanceType": { - "condition": "ec2:InstanceType", - "description": "Filters access by the type of instance", - "type": "String" - }, - "ec2:InternetGatewayID": { - "condition": "ec2:InternetGatewayID", - "description": "Filters access by the ID of an internet gateway", - "type": "String" - }, - "ec2:Ipv4IpamPoolId": { - "condition": "ec2:Ipv4IpamPoolId", - "description": "Filters access by the ID of an IPAM pool provided for IPv4 CIDR block allocation", - "type": "String" - }, - "ec2:Ipv6IpamPoolId": { - "condition": "ec2:Ipv6IpamPoolId", - "description": "Filters access by the ID of an IPAM pool provided for IPv6 CIDR block allocation", - "type": "String" - }, - "ec2:IsLaunchTemplateResource": { - "condition": "ec2:IsLaunchTemplateResource", - "description": "Filters access by whether users are able to override resources that are specified in the launch template", - "type": "Bool" - }, - "ec2:KeyPairName": { - "condition": "ec2:KeyPairName", - "description": "Filters access by the name of a key pair", - "type": "String" - }, - "ec2:KeyPairType": { - "condition": "ec2:KeyPairType", - "description": "Filters access by the type of a key pair", - "type": "String" - }, - "ec2:KmsKeyId": { - "condition": "ec2:KmsKeyId", - "description": "Filters access by the ID of an AWS KMS key", - "type": "String" - }, - "ec2:LaunchTemplate": { - "condition": "ec2:LaunchTemplate", - "description": "Filters access by the ARN of a launch template", - "type": "ARN" - }, - "ec2:MetadataHttpEndpoint": { - "condition": "ec2:MetadataHttpEndpoint", - "description": "Filters access by whether the HTTP endpoint is enabled for the instance metadata service", - "type": "String" - }, - "ec2:MetadataHttpPutResponseHopLimit": { - "condition": "ec2:MetadataHttpPutResponseHopLimit", - "description": "Filters access by the allowed number of hops when calling the instance metadata service", - "type": "Numeric" - }, - "ec2:MetadataHttpTokens": { - "condition": "ec2:MetadataHttpTokens", - "description": "Filters access by whether tokens are required when calling the instance metadata service (optional or required)", - "type": "String" - }, - "ec2:NetworkAclID": { - "condition": "ec2:NetworkAclID", - "description": "Filters access by the ID of a network access control list (ACL)", - "type": "String" - }, - "ec2:NetworkInterfaceID": { - "condition": "ec2:NetworkInterfaceID", - "description": "Filters access by the ID of an elastic network interface", - "type": "String" - }, - "ec2:NewInstanceProfile": { - "condition": "ec2:NewInstanceProfile", - "description": "Filters access by the ARN of the instance profile being attached", - "type": "ARN" - }, - "ec2:OutpostArn": { - "condition": "ec2:OutpostArn", - "description": "Filters access by the ARN of the Outpost", - "type": "ARN" - }, - "ec2:Owner": { - "condition": "ec2:Owner", - "description": "Filters access by the owner of the resource (amazon, aws-marketplace, or an AWS account ID)", - "type": "String" - }, - "ec2:ParentSnapshot": { - "condition": "ec2:ParentSnapshot", - "description": "Filters access by the ARN of the parent snapshot", - "type": "ARN" - }, - "ec2:ParentVolume": { - "condition": "ec2:ParentVolume", - "description": "Filters access by the ARN of the parent volume from which the snapshot was created", - "type": "ARN" - }, - "ec2:Permission": { - "condition": "ec2:Permission", - "description": "Filters access by the type of permission for a resource (INSTANCE-ATTACH or EIP-ASSOCIATE)", - "type": "String" - }, - "ec2:Phase1DHGroup": { - "condition": "ec2:Phase1DHGroup", - "description": "Filters access by the Diffie-Hellman group numbers that are permitted for a VPN tunnel for the phase 1 IKE negotiations", - "type": "ArrayOfString" - }, - "ec2:Phase1EncryptionAlgorithms": { - "condition": "ec2:Phase1EncryptionAlgorithms", - "description": "Filters access by the encryption algorithms that are permitted for a VPN tunnel for the phase 1 IKE negotiations", - "type": "ArrayOfString" - }, - "ec2:Phase1IntegrityAlgorithms": { - "condition": "ec2:Phase1IntegrityAlgorithms", - "description": "Filters access by the integrity algorithms that are permitted for a VPN tunnel for the phase 1 IKE negotiations", - "type": "ArrayOfString" - }, - "ec2:Phase1LifetimeSeconds": { - "condition": "ec2:Phase1LifetimeSeconds", - "description": "Filters access by the lifetime in seconds for phase 1 of the IKE negotiations for a VPN tunnel", - "type": "Numeric" - }, - "ec2:Phase2DHGroup": { - "condition": "ec2:Phase2DHGroup", - "description": "Filters access by the Diffie-Hellman group numbers that are permitted for a VPN tunnel for the phase 2 IKE negotiations", - "type": "ArrayOfString" - }, - "ec2:Phase2EncryptionAlgorithms": { - "condition": "ec2:Phase2EncryptionAlgorithms", - "description": "Filters access by the encryption algorithms that are permitted for a VPN tunnel for the phase 2 IKE negotiations", - "type": "ArrayOfString" - }, - "ec2:Phase2IntegrityAlgorithms": { - "condition": "ec2:Phase2IntegrityAlgorithms", - "description": "Filters access by the integrity algorithms that are permitted for a VPN tunnel for the phase 2 IKE negotiations", - "type": "ArrayOfString" - }, - "ec2:Phase2LifetimeSeconds": { - "condition": "ec2:Phase2LifetimeSeconds", - "description": "Filters access by the lifetime in seconds for phase 2 of the IKE negotiations for a VPN tunnel", - "type": "Numeric" - }, - "ec2:PlacementGroup": { - "condition": "ec2:PlacementGroup", - "description": "Filters access by the ARN of the placement group", - "type": "ARN" - }, - "ec2:PlacementGroupName": { - "condition": "ec2:PlacementGroupName", - "description": "Filters access by the name of a placement group", - "type": "String" - }, - "ec2:PlacementGroupStrategy": { - "condition": "ec2:PlacementGroupStrategy", - "description": "Filters access by the instance placement strategy used by the placement group (cluster, spread, or partition)", - "type": "String" - }, - "ec2:PreSharedKeys": { - "condition": "ec2:PreSharedKeys", - "description": "Filters access by the pre-shared key (PSK) used to establish the initial IKE security association between a virtual private gateway and a customer gateway", - "type": "String" - }, - "ec2:ProductCode": { - "condition": "ec2:ProductCode", - "description": "Filters access by the product code that is associated with the AMI", - "type": "String" - }, - "ec2:Public": { - "condition": "ec2:Public", - "description": "Filters access by whether the image has public launch permissions", - "type": "Bool" - }, - "ec2:PublicIpAddress": { - "condition": "ec2:PublicIpAddress", - "description": "Filters access by a public IP address", - "type": "String" - }, - "ec2:Quantity": { - "condition": "ec2:Quantity", - "description": "Filters access by the number of Dedicated Hosts in a request", - "type": "Numeric" - }, - "ec2:Region": { - "condition": "ec2:Region", - "description": "Filters access by the name of the AWS Region", - "type": "String" - }, - "ec2:RekeyFuzzPercentage": { - "condition": "ec2:RekeyFuzzPercentage", - "description": "Filters access by the percentage of increase of the rekey window (determined by the rekey margin time) within which the rekey time is randomly selected for a VPN tunnel", - "type": "Numeric" - }, - "ec2:RekeyMarginTimeSeconds": { - "condition": "ec2:RekeyMarginTimeSeconds", - "description": "Filters access by the margin time before the phase 2 lifetime expires for a VPN tunnel", - "type": "Numeric" - }, - "ec2:Remove/group": { - "condition": "ec2:Remove/group", - "description": "Filters access by the group being removed from a snapshot", - "type": "String" - }, - "ec2:Remove/userId": { - "condition": "ec2:Remove/userId", - "description": "Filters access by the account id being removed from a snapshot", - "type": "String" - }, - "ec2:ReplayWindowSizePackets": { - "condition": "ec2:ReplayWindowSizePackets", - "description": "Filters access by the number of packets in an IKE replay window", - "type": "String" - }, - "ec2:RequesterVpc": { - "condition": "ec2:RequesterVpc", - "description": "Filters access by the ARN of a requester VPC in a VPC peering connection", - "type": "ARN" - }, - "ec2:ReservedInstancesOfferingType": { - "condition": "ec2:ReservedInstancesOfferingType", - "description": "Filters access by the payment option of the Reserved Instance offering (No Upfront, Partial Upfront, or All Upfront)", - "type": "String" - }, - "ec2:ResourceTag/${TagKey}": { - "condition": "ec2:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "ec2:RoleDelivery": { - "condition": "ec2:RoleDelivery", - "description": "Filters access by the version of the instance metadata service for retrieving IAM role credentials for EC2", - "type": "Numeric" - }, - "ec2:RootDeviceType": { - "condition": "ec2:RootDeviceType", - "description": "Filters access by the root device type of the instance (ebs or instance-store)", - "type": "String" - }, - "ec2:RouteTableID": { - "condition": "ec2:RouteTableID", - "description": "Filters access by the ID of a route table", - "type": "String" - }, - "ec2:RoutingType": { - "condition": "ec2:RoutingType", - "description": "Filters access by the routing type for the VPN connection", - "type": "String" - }, - "ec2:SamlProviderArn": { - "condition": "ec2:SamlProviderArn", - "description": "Filters access by the ARN of the IAM SAML identity provider", - "type": "ARN" - }, - "ec2:SecurityGroupID": { - "condition": "ec2:SecurityGroupID", - "description": "Filters access by the ID of a security group", - "type": "String" - }, - "ec2:ServerCertificateArn": { - "condition": "ec2:ServerCertificateArn", - "description": "Filters access by the ARN of the server certificate", - "type": "ARN" - }, - "ec2:SnapshotID": { - "condition": "ec2:SnapshotID", - "description": "Filters access by the ID of a snapshot", - "type": "String" - }, - "ec2:SnapshotTime": { - "condition": "ec2:SnapshotTime", - "description": "Filters access by the initiation time of a snapshot", - "type": "String" - }, - "ec2:SourceInstanceARN": { - "condition": "ec2:SourceInstanceARN", - "description": "Filters access by the ARN of the instance from which the request originated", - "type": "ARN" - }, - "ec2:SourceOutpostArn": { - "condition": "ec2:SourceOutpostArn", - "description": "Filters access by the ARN of the Outpost from which the request originated", - "type": "ARN" - }, - "ec2:Subnet": { - "condition": "ec2:Subnet", - "description": "Filters access by the ARN of the subnet", - "type": "ARN" - }, - "ec2:SubnetID": { - "condition": "ec2:SubnetID", - "description": "Filters access by the ID of a subnet", - "type": "String" - }, - "ec2:Tenancy": { - "condition": "ec2:Tenancy", - "description": "Filters access by the tenancy of the VPC or instance (default, dedicated, or host)", - "type": "String" - }, - "ec2:VolumeID": { - "condition": "ec2:VolumeID", - "description": "Filters access by the ID of a volume", - "type": "String" - }, - "ec2:VolumeIops": { - "condition": "ec2:VolumeIops", - "description": "Filters access by the the number of input/output operations per second (IOPS) provisioned for the volume", - "type": "Numeric" - }, - "ec2:VolumeSize": { - "condition": "ec2:VolumeSize", - "description": "Filters access by the size of the volume, in GiB", - "type": "Numeric" - }, - "ec2:VolumeThroughput": { - "condition": "ec2:VolumeThroughput", - "description": "Filters access by the throughput of the volume, in MiBps", - "type": "Numeric" - }, - "ec2:VolumeType": { - "condition": "ec2:VolumeType", - "description": "Filters access by the type of volume (gp2, gp3, io1, io2, st1, sc1, or standard)", - "type": "String" - }, - "ec2:Vpc": { - "condition": "ec2:Vpc", - "description": "Filters access by the ARN of the VPC", - "type": "ARN" - }, - "ec2:VpcID": { - "condition": "ec2:VpcID", - "description": "Filters access by the ID of a virtual private cloud (VPC)", - "type": "String" - }, - "ec2:VpcPeeringConnectionID": { - "condition": "ec2:VpcPeeringConnectionID", - "description": "Filters access by the ID of a VPC peering connection", - "type": "String" - }, - "ec2:VpceServiceName": { - "condition": "ec2:VpceServiceName", - "description": "Filters access by the name of the VPC endpoint service", - "type": "String" - }, - "ec2:VpceServiceOwner": { - "condition": "ec2:VpceServiceOwner", - "description": "Filters access by the service owner of the VPC endpoint service (amazon, aws-marketplace, or an AWS account ID)", - "type": "String" - }, - "ec2:VpceServicePrivateDnsName": { - "condition": "ec2:VpceServicePrivateDnsName", - "description": "Filters access by the private DNS name of the VPC endpoint service", - "type": "String" - } - } - }, - "autoscaling": { - "service_name": "Amazon EC2 Auto Scaling", - "prefix": "autoscaling", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2autoscaling.html", - "privileges": { - "AttachInstances": { - "privilege": "AttachInstances", - "description": "Grants permission to attach one or more EC2 instances to the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachInstances.html" - }, - "AttachLoadBalancerTargetGroups": { - "privilege": "AttachLoadBalancerTargetGroups", - "description": "Grants permission to attach one or more target groups to the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:TargetGroupARNs" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachLoadBalancerTargetGroups.html" - }, - "AttachLoadBalancers": { - "privilege": "AttachLoadBalancers", - "description": "Grants permission to attach one or more load balancers to the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:LoadBalancerNames" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachLoadBalancers.html" - }, - "AttachTrafficSources": { - "privilege": "AttachTrafficSources", - "description": "Grants permission to attach one or more traffic sources to an Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:TrafficSourceIdentifiers" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachTrafficSources.html" - }, - "BatchDeleteScheduledAction": { - "privilege": "BatchDeleteScheduledAction", - "description": "Grants permission to delete the specified scheduled actions", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_BatchDeleteScheduledAction.html" - }, - "BatchPutScheduledUpdateGroupAction": { - "privilege": "BatchPutScheduledUpdateGroupAction", - "description": "Grants permission to create or update multiple scheduled scaling actions for an Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_BatchPutScheduledUpdateGroupAction.html" - }, - "CancelInstanceRefresh": { - "privilege": "CancelInstanceRefresh", - "description": "Grants permission to cancel an instance refresh operation in progress", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CancelInstanceRefresh.html" - }, - "CompleteLifecycleAction": { - "privilege": "CompleteLifecycleAction", - "description": "Grants permission to complete the lifecycle action for the specified token or instance with the specified result", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CompleteLifecycleAction.html" - }, - "CreateAutoScalingGroup": { - "privilege": "CreateAutoScalingGroup", - "description": "Grants permission to create an Auto Scaling group with the specified name and attributes", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:InstanceTypes", - "autoscaling:LaunchConfigurationName", - "autoscaling:LaunchTemplateVersionSpecified", - "autoscaling:LoadBalancerNames", - "autoscaling:MaxSize", - "autoscaling:MinSize", - "autoscaling:TargetGroupARNs", - "autoscaling:TrafficSourceIdentifiers", - "autoscaling:VPCZoneIdentifiers", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateAutoScalingGroup.html" - }, - "CreateLaunchConfiguration": { - "privilege": "CreateLaunchConfiguration", - "description": "Grants permission to create a launch configuration", - "access_level": "Write", - "resource_types": { - "launchConfiguration": { - "resource_type": "launchConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:ImageId", - "autoscaling:InstanceType", - "autoscaling:SpotPrice", - "autoscaling:MetadataHttpTokens", - "autoscaling:MetadataHttpPutResponseHopLimit", - "autoscaling:MetadataHttpEndpoint" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html" - }, - "CreateOrUpdateTags": { - "privilege": "CreateOrUpdateTags", - "description": "Grants permission to create or update tags for the specified Auto Scaling group", - "access_level": "Tagging", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateOrUpdateTags.html" - }, - "DeleteAutoScalingGroup": { - "privilege": "DeleteAutoScalingGroup", - "description": "Grants permission to delete the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteAutoScalingGroup.html" - }, - "DeleteLaunchConfiguration": { - "privilege": "DeleteLaunchConfiguration", - "description": "Grants permission to delete the specified launch configuration", - "access_level": "Write", - "resource_types": { - "launchConfiguration": { - "resource_type": "launchConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteLaunchConfiguration.html" - }, - "DeleteLifecycleHook": { - "privilege": "DeleteLifecycleHook", - "description": "Grants permission to deletes the specified lifecycle hook", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteLifecycleHook.html" - }, - "DeleteNotificationConfiguration": { - "privilege": "DeleteNotificationConfiguration", - "description": "Grants permission to delete the specified notification", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteNotificationConfiguration.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to delete the specified Auto Scaling policy", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeletePolicy.html" - }, - "DeleteScheduledAction": { - "privilege": "DeleteScheduledAction", - "description": "Grants permission to delete the specified scheduled action", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteScheduledAction.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete the specified tags", - "access_level": "Tagging", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteTags.html" - }, - "DeleteWarmPool": { - "privilege": "DeleteWarmPool", - "description": "Grants permission to delete the warm pool associated with the Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteWarmPool.html" - }, - "DescribeAccountLimits": { - "privilege": "DescribeAccountLimits", - "description": "Grants permission to describe the current Auto Scaling resource limits for your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAccountLimits.html" - }, - "DescribeAdjustmentTypes": { - "privilege": "DescribeAdjustmentTypes", - "description": "Grants permission to describe the policy adjustment types for use with PutScalingPolicy", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAdjustmentTypes.html" - }, - "DescribeAutoScalingGroups": { - "privilege": "DescribeAutoScalingGroups", - "description": "Grants permission to describe one or more Auto Scaling groups. If a list of names is not provided, the call describes all Auto Scaling groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAutoScalingGroups.html" - }, - "DescribeAutoScalingInstances": { - "privilege": "DescribeAutoScalingInstances", - "description": "Grants permission to describe one or more Auto Scaling instances. If a list is not provided, the call describes all instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAutoScalingInstances.html" - }, - "DescribeAutoScalingNotificationTypes": { - "privilege": "DescribeAutoScalingNotificationTypes", - "description": "Grants permission to describe the notification types that are supported by Auto Scaling", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAutoScalingNotificationTypes.html" - }, - "DescribeInstanceRefreshes": { - "privilege": "DescribeInstanceRefreshes", - "description": "Grants permission to describe one or more instance refreshes for an Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeInstanceRefreshes.html" - }, - "DescribeLaunchConfigurations": { - "privilege": "DescribeLaunchConfigurations", - "description": "Grants permission to describe one or more launch configurations. If you omit the list of names, then the call describes all launch configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLaunchConfigurations.html" - }, - "DescribeLifecycleHookTypes": { - "privilege": "DescribeLifecycleHookTypes", - "description": "Grants permission to describe the available types of lifecycle hooks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLifecycleHookTypes.html" - }, - "DescribeLifecycleHooks": { - "privilege": "DescribeLifecycleHooks", - "description": "Grants permission to describe the lifecycle hooks for the specified Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLifecycleHooks.html" - }, - "DescribeLoadBalancerTargetGroups": { - "privilege": "DescribeLoadBalancerTargetGroups", - "description": "Grants permission to describe the target groups for the specified Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLoadBalancerTargetGroups.html" - }, - "DescribeLoadBalancers": { - "privilege": "DescribeLoadBalancers", - "description": "Grants permission to describe the load balancers for the specified Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLoadBalancers.html" - }, - "DescribeMetricCollectionTypes": { - "privilege": "DescribeMetricCollectionTypes", - "description": "Grants permission to describe the available CloudWatch metrics for Auto Scaling", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeMetricCollectionTypes.html" - }, - "DescribeNotificationConfigurations": { - "privilege": "DescribeNotificationConfigurations", - "description": "Grants permission to describe the notification actions associated with the specified Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeNotificationConfigurations.html" - }, - "DescribePolicies": { - "privilege": "DescribePolicies", - "description": "Grants permission to describe the policies for the specified Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribePolicies.html" - }, - "DescribeScalingActivities": { - "privilege": "DescribeScalingActivities", - "description": "Grants permission to describe one or more scaling activities for the specified Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeScalingActivities.html" - }, - "DescribeScalingProcessTypes": { - "privilege": "DescribeScalingProcessTypes", - "description": "Grants permission to describe the scaling process types for use with ResumeProcesses and SuspendProcesses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeScalingProcessTypes.html" - }, - "DescribeScheduledActions": { - "privilege": "DescribeScheduledActions", - "description": "Grants permission to describe the actions scheduled for your Auto Scaling group that haven't run", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeScheduledActions.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to describe the specified tags", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeTags.html" - }, - "DescribeTerminationPolicyTypes": { - "privilege": "DescribeTerminationPolicyTypes", - "description": "Grants permission to describe the termination policies supported by Auto Scaling", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeTerminationPolicyTypes.html" - }, - "DescribeTrafficSources": { - "privilege": "DescribeTrafficSources", - "description": "Grants permission to describe the target groups for the specified Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeTrafficSources.html" - }, - "DescribeWarmPool": { - "privilege": "DescribeWarmPool", - "description": "Grants permission to describe the warm pool associated with the Auto Scaling group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeWarmPool.html" - }, - "DetachInstances": { - "privilege": "DetachInstances", - "description": "Grants permission to remove one or more instances from the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachInstances.html" - }, - "DetachLoadBalancerTargetGroups": { - "privilege": "DetachLoadBalancerTargetGroups", - "description": "Grants permission to detach one or more target groups from the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:TargetGroupARNs" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachLoadBalancerTargetGroups.html" - }, - "DetachLoadBalancers": { - "privilege": "DetachLoadBalancers", - "description": "Grants permission to remove one or more load balancers from the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:LoadBalancerNames" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachLoadBalancers.html" - }, - "DetachTrafficSources": { - "privilege": "DetachTrafficSources", - "description": "Grants permission to detach one or more traffic sources from an Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:TrafficSourceIdentifiers" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachTrafficSources.html" - }, - "DisableMetricsCollection": { - "privilege": "DisableMetricsCollection", - "description": "Grants permission to disable monitoring of the specified metrics for the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DisableMetricsCollection.html" - }, - "EnableMetricsCollection": { - "privilege": "EnableMetricsCollection", - "description": "Grants permission to enable monitoring of the specified metrics for the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_EnableMetricsCollection.html" - }, - "EnterStandby": { - "privilege": "EnterStandby", - "description": "Grants permission to move the specified instances into Standby mode", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_EnterStandby.html" - }, - "ExecutePolicy": { - "privilege": "ExecutePolicy", - "description": "Grants permission to execute the specified policy", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_ExecutePolicy.html" - }, - "ExitStandby": { - "privilege": "ExitStandby", - "description": "Grants permission to move the specified instances out of Standby mode", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_ExitStandby.html" - }, - "GetPredictiveScalingForecast": { - "privilege": "GetPredictiveScalingForecast", - "description": "Grants permission to retrieve the forecast data for a predictive scaling policy", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_GetPredictiveScalingForecast.html" - }, - "PutLifecycleHook": { - "privilege": "PutLifecycleHook", - "description": "Grants permission to create or update a lifecycle hook for the specified Auto Scaling Group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutLifecycleHook.html" - }, - "PutNotificationConfiguration": { - "privilege": "PutNotificationConfiguration", - "description": "Grants permission to configure an Auto Scaling group to send notifications when specified events take place", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutNotificationConfiguration.html" - }, - "PutScalingPolicy": { - "privilege": "PutScalingPolicy", - "description": "Grants permission to create or update a policy for an Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutScalingPolicy.html" - }, - "PutScheduledUpdateGroupAction": { - "privilege": "PutScheduledUpdateGroupAction", - "description": "Grants permission to create or update a scheduled scaling action for an Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:MaxSize", - "autoscaling:MinSize" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutScheduledUpdateGroupAction.html" - }, - "PutWarmPool": { - "privilege": "PutWarmPool", - "description": "Grants permission to create or update the warm pool associated with the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutWarmPool.html" - }, - "RecordLifecycleActionHeartbeat": { - "privilege": "RecordLifecycleActionHeartbeat", - "description": "Grants permission to record a heartbeat for the lifecycle action associated with the specified token or instance", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_RecordLifecycleActionHeartbeat.html" - }, - "ResumeProcesses": { - "privilege": "ResumeProcesses", - "description": "Grants permission to resume the specified suspended Auto Scaling processes, or all suspended process, for the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_ResumeProcesses.html" - }, - "RollbackInstanceRefresh": { - "privilege": "RollbackInstanceRefresh", - "description": "Grants permission to rollback an instance refresh operation in progress", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_RollbackInstanceRefresh.html" - }, - "SetDesiredCapacity": { - "privilege": "SetDesiredCapacity", - "description": "Grants permission to set the size of the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SetDesiredCapacity.html" - }, - "SetInstanceHealth": { - "privilege": "SetInstanceHealth", - "description": "Grants permission to set the health status of the specified instance", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SetInstanceHealth.html" - }, - "SetInstanceProtection": { - "privilege": "SetInstanceProtection", - "description": "Grants permission to update the instance protection settings of the specified instances", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SetInstanceProtection.html" - }, - "StartInstanceRefresh": { - "privilege": "StartInstanceRefresh", - "description": "Grants permission to start a new instance refresh operation", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_StartInstanceRefresh.html" - }, - "SuspendProcesses": { - "privilege": "SuspendProcesses", - "description": "Grants permission to suspend the specified Auto Scaling processes, or all processes, for the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SuspendProcesses.html" - }, - "TerminateInstanceInAutoScalingGroup": { - "privilege": "TerminateInstanceInAutoScalingGroup", - "description": "Grants permission to terminate the specified instance and optionally adjust the desired group size", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_TerminateInstanceInAutoScalingGroup.html" - }, - "UpdateAutoScalingGroup": { - "privilege": "UpdateAutoScalingGroup", - "description": "Grants permission to update the configuration for the specified Auto Scaling group", - "access_level": "Write", - "resource_types": { - "autoScalingGroup": { - "resource_type": "autoScalingGroup", - "required": true, - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "autoscaling:InstanceTypes", - "autoscaling:LaunchConfigurationName", - "autoscaling:LaunchTemplateVersionSpecified", - "autoscaling:MaxSize", - "autoscaling:MinSize", - "autoscaling:VPCZoneIdentifiers" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_UpdateAutoScalingGroup.html" - } - }, - "resources": { - "autoScalingGroup": { - "resource": "autoScalingGroup", - "arn": "arn:${Partition}:autoscaling:${Region}:${Account}:autoScalingGroup:${GroupId}:autoScalingGroupName/${GroupFriendlyName}", - "condition_keys": [ - "autoscaling:ResourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ] - }, - "launchConfiguration": { - "resource": "launchConfiguration", - "arn": "arn:${Partition}:autoscaling:${Region}:${Account}:launchConfiguration:${Id}:launchConfigurationName/${LaunchConfigurationName}", - "condition_keys": [] - } - }, - "conditions": { - "autoscaling:ImageId": { - "condition": "autoscaling:ImageId", - "description": "Filters access based on the AMI ID for the launch configuration", - "type": "String" - }, - "autoscaling:InstanceType": { - "condition": "autoscaling:InstanceType", - "description": "Filters access based on the instance type for the launch configuration", - "type": "String" - }, - "autoscaling:InstanceTypes": { - "condition": "autoscaling:InstanceTypes", - "description": "Filters access based on the instance types present as overrides to a launch template for a mixed instances policy. Use it to qualify which instance types can be explicitly defined in the policy", - "type": "String" - }, - "autoscaling:LaunchConfigurationName": { - "condition": "autoscaling:LaunchConfigurationName", - "description": "Filters access based on the name of a launch configuration", - "type": "String" - }, - "autoscaling:LaunchTemplateVersionSpecified": { - "condition": "autoscaling:LaunchTemplateVersionSpecified", - "description": "Filters access based on whether users can specify any version of a launch template or only the Latest or Default version", - "type": "Bool" - }, - "autoscaling:LoadBalancerNames": { - "condition": "autoscaling:LoadBalancerNames", - "description": "Filters access based on the name of the load balancer", - "type": "ArrayOfString" - }, - "autoscaling:MaxSize": { - "condition": "autoscaling:MaxSize", - "description": "Filters access based on the maximum scaling size in the request", - "type": "Numeric" - }, - "autoscaling:MetadataHttpEndpoint": { - "condition": "autoscaling:MetadataHttpEndpoint", - "description": "Filters access based on whether the HTTP endpoint is enabled for the instance metadata service", - "type": "String" - }, - "autoscaling:MetadataHttpPutResponseHopLimit": { - "condition": "autoscaling:MetadataHttpPutResponseHopLimit", - "description": "Filters access based on the allowed number of hops when calling the instance metadata service", - "type": "Numeric" - }, - "autoscaling:MetadataHttpTokens": { - "condition": "autoscaling:MetadataHttpTokens", - "description": "Filters access based on whether tokens are required when calling the instance metadata service (optional or required)", - "type": "String" - }, - "autoscaling:MinSize": { - "condition": "autoscaling:MinSize", - "description": "Filters access based on the minimum scaling size in the request", - "type": "Numeric" - }, - "autoscaling:ResourceTag/${TagKey}": { - "condition": "autoscaling:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "autoscaling:SpotPrice": { - "condition": "autoscaling:SpotPrice", - "description": "Filters access based on the price for Spot Instances for the launch configuration", - "type": "Numeric" - }, - "autoscaling:TargetGroupARNs": { - "condition": "autoscaling:TargetGroupARNs", - "description": "Filters access based on the ARN of a target group", - "type": "ArrayOfARN" - }, - "autoscaling:TrafficSourceIdentifiers": { - "condition": "autoscaling:TrafficSourceIdentifiers", - "description": "Filters access based on the identifiers of the traffic sources", - "type": "ArrayOfString" - }, - "autoscaling:VPCZoneIdentifiers": { - "condition": "autoscaling:VPCZoneIdentifiers", - "description": "Filters access based on the identifier of a VPC zone", - "type": "ArrayOfString" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "imagebuilder": { - "service_name": "Amazon EC2 Image Builder", - "prefix": "imagebuilder", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2imagebuilder.html", - "privileges": { - "CancelImageCreation": { - "privilege": "CancelImageCreation", - "description": "Grants permission to cancel an image creation", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CancelImageCreation.html" - }, - "CreateComponent": { - "privilege": "CreateComponent", - "description": "Grants permission to create a new component", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "imagebuilder:TagResource", - "kms:Encrypt", - "kms:GenerateDataKey", - "kms:GenerateDataKeyWithoutPlaintext" - ] - }, - "kmsKey": { - "resource_type": "kmsKey", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html" - }, - "CreateContainerRecipe": { - "privilege": "CreateContainerRecipe", - "description": "Grants permission to create a new Container Recipe", - "access_level": "Write", - "resource_types": { - "containerRecipe": { - "resource_type": "containerRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ecr:DescribeImages", - "ecr:DescribeRepositories", - "iam:CreateServiceLinkedRole", - "imagebuilder:GetComponent", - "imagebuilder:GetImage", - "imagebuilder:TagResource", - "kms:Encrypt", - "kms:GenerateDataKey", - "kms:GenerateDataKeyWithoutPlaintext" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateContainerRecipe.html" - }, - "CreateDistributionConfiguration": { - "privilege": "CreateDistributionConfiguration", - "description": "Grants permission to create a new distribution configuration", - "access_level": "Write", - "resource_types": { - "distributionConfiguration": { - "resource_type": "distributionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "imagebuilder:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateDistributionConfiguration.html" - }, - "CreateImage": { - "privilege": "CreateImage", - "description": "Grants permission to create a new image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "imagebuilder:GetContainerRecipe", - "imagebuilder:GetDistributionConfiguration", - "imagebuilder:GetImageRecipe", - "imagebuilder:GetInfrastructureConfiguration", - "imagebuilder:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImage.html" - }, - "CreateImagePipeline": { - "privilege": "CreateImagePipeline", - "description": "Grants permission to create a new image pipeline", - "access_level": "Write", - "resource_types": { - "imagePipeline": { - "resource_type": "imagePipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "imagebuilder:GetContainerRecipe", - "imagebuilder:GetImageRecipe", - "imagebuilder:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImagePipeline.html" - }, - "CreateImageRecipe": { - "privilege": "CreateImageRecipe", - "description": "Grants permission to create a new Image Recipe", - "access_level": "Write", - "resource_types": { - "imageRecipe": { - "resource_type": "imageRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeImages", - "iam:CreateServiceLinkedRole", - "imagebuilder:GetComponent", - "imagebuilder:GetImage", - "imagebuilder:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImageRecipe.html" - }, - "CreateInfrastructureConfiguration": { - "privilege": "CreateInfrastructureConfiguration", - "description": "Grants permission to create a new infrastructure configuration", - "access_level": "Write", - "resource_types": { - "infrastructureConfiguration": { - "resource_type": "infrastructureConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "imagebuilder:TagResource", - "sns:Publish" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "imagebuilder:CreatedResourceTagKeys", - "imagebuilder:CreatedResourceTag/", - "imagebuilder:Ec2MetadataHttpTokens", - "imagebuilder:StatusTopicArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateInfrastructureConfiguration.html" - }, - "DeleteComponent": { - "privilege": "DeleteComponent", - "description": "Grants permission to delete a component", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteComponent.html" - }, - "DeleteContainerRecipe": { - "privilege": "DeleteContainerRecipe", - "description": "Grants permission to delete a container recipe", - "access_level": "Write", - "resource_types": { - "containerRecipe": { - "resource_type": "containerRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteContainerRecipe.html" - }, - "DeleteDistributionConfiguration": { - "privilege": "DeleteDistributionConfiguration", - "description": "Grants permission to delete a distribution configuration", - "access_level": "Write", - "resource_types": { - "distributionConfiguration": { - "resource_type": "distributionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteDistributionConfiguration.html" - }, - "DeleteImage": { - "privilege": "DeleteImage", - "description": "Grants permission to delete an image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImage.html" - }, - "DeleteImagePipeline": { - "privilege": "DeleteImagePipeline", - "description": "Grants permission to delete an image pipeline", - "access_level": "Write", - "resource_types": { - "imagePipeline": { - "resource_type": "imagePipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImagePipeline.html" - }, - "DeleteImageRecipe": { - "privilege": "DeleteImageRecipe", - "description": "Grants permission to delete an image recipe", - "access_level": "Write", - "resource_types": { - "imageRecipe": { - "resource_type": "imageRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImageRecipe.html" - }, - "DeleteInfrastructureConfiguration": { - "privilege": "DeleteInfrastructureConfiguration", - "description": "Grants permission to delete an infrastructure configuration", - "access_level": "Write", - "resource_types": { - "infrastructureConfiguration": { - "resource_type": "infrastructureConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteInfrastructureConfiguration.html" - }, - "GetComponent": { - "privilege": "GetComponent", - "description": "Grants permission to view details about a component", - "access_level": "Read", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kms:Decrypt" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetComponent.html" - }, - "GetComponentPolicy": { - "privilege": "GetComponentPolicy", - "description": "Grants permission to view the resource policy associated with a component", - "access_level": "Read", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetComponentPolicy.html" - }, - "GetContainerRecipe": { - "privilege": "GetContainerRecipe", - "description": "Grants permission to view details about a container recipe", - "access_level": "Read", - "resource_types": { - "containerRecipe": { - "resource_type": "containerRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetContainerRecipe.html" - }, - "GetContainerRecipePolicy": { - "privilege": "GetContainerRecipePolicy", - "description": "Grants permission to view the resource policy associated with a container recipe", - "access_level": "Read", - "resource_types": { - "containerRecipe": { - "resource_type": "containerRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetContainerRecipePolicy.html" - }, - "GetDistributionConfiguration": { - "privilege": "GetDistributionConfiguration", - "description": "Grants permission to view details about a distribution configuration", - "access_level": "Read", - "resource_types": { - "distributionConfiguration": { - "resource_type": "distributionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetDistributionConfiguration.html" - }, - "GetImage": { - "privilege": "GetImage", - "description": "Grants permission to view details about an image", - "access_level": "Read", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImage.html" - }, - "GetImagePipeline": { - "privilege": "GetImagePipeline", - "description": "Grants permission to view details about an image pipeline", - "access_level": "Read", - "resource_types": { - "imagePipeline": { - "resource_type": "imagePipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImagePipeline.html" - }, - "GetImagePolicy": { - "privilege": "GetImagePolicy", - "description": "Grants permission to view the resource policy associated with an image", - "access_level": "Read", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImagePolicy.html" - }, - "GetImageRecipe": { - "privilege": "GetImageRecipe", - "description": "Grants permission to view details about an image recipe", - "access_level": "Read", - "resource_types": { - "imageRecipe": { - "resource_type": "imageRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImageRecipe.html" - }, - "GetImageRecipePolicy": { - "privilege": "GetImageRecipePolicy", - "description": "Grants permission to view the resource policy associated with an image recipe", - "access_level": "Read", - "resource_types": { - "imageRecipe": { - "resource_type": "imageRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImageRecipePolicy.html" - }, - "GetInfrastructureConfiguration": { - "privilege": "GetInfrastructureConfiguration", - "description": "Grants permission to view details about an infrastructure configuration", - "access_level": "Read", - "resource_types": { - "infrastructureConfiguration": { - "resource_type": "infrastructureConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetInfrastructureConfiguration.html" - }, - "GetWorkflowExecution": { - "privilege": "GetWorkflowExecution", - "description": "Grants permission to view details about a workflow execution", - "access_level": "Read", - "resource_types": { - "workflowExecution": { - "resource_type": "workflowExecution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetWorkflowExecution.html" - }, - "GetWorkflowStepExecution": { - "privilege": "GetWorkflowStepExecution", - "description": "Grants permission to view details about a workflow step execution", - "access_level": "Read", - "resource_types": { - "workflowStepExecution": { - "resource_type": "workflowStepExecution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetWorkflowStepExecution.html" - }, - "ImportComponent": { - "privilege": "ImportComponent", - "description": "Grants permission to import a new component", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "imagebuilder:TagResource", - "kms:Encrypt", - "kms:GenerateDataKey", - "kms:GenerateDataKeyWithoutPlaintext" - ] - }, - "kmsKey": { - "resource_type": "kmsKey", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImportComponent.html" - }, - "ImportVmImage": { - "privilege": "ImportVmImage", - "description": "Grants permission to import an image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeImportImageTasks", - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImportVmImage.html" - }, - "ListComponentBuildVersions": { - "privilege": "ListComponentBuildVersions", - "description": "Grants permission to list the component build versions in your account", - "access_level": "List", - "resource_types": { - "componentVersion": { - "resource_type": "componentVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListComponentBuildVersions.html" - }, - "ListComponents": { - "privilege": "ListComponents", - "description": "Grants permission to list the component versions owned by or shared with your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListComponents.html" - }, - "ListContainerRecipes": { - "privilege": "ListContainerRecipes", - "description": "Grants permission to list the container recipes owned by or shared with your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListContainerRecipes.html" - }, - "ListDistributionConfigurations": { - "privilege": "ListDistributionConfigurations", - "description": "Grants permission to list the distribution configurations in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListDistributionConfigurations.html" - }, - "ListImageBuildVersions": { - "privilege": "ListImageBuildVersions", - "description": "Grants permission to list the image build versions in your account", - "access_level": "List", - "resource_types": { - "imageVersion": { - "resource_type": "imageVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageBuildVersions.html" - }, - "ListImagePackages": { - "privilege": "ListImagePackages", - "description": "Grants permission to return a list of packages installed on the specified image", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePackages.html" - }, - "ListImagePipelineImages": { - "privilege": "ListImagePipelineImages", - "description": "Grants permission to return a list of images created by the specified pipeline", - "access_level": "List", - "resource_types": { - "imagePipeline": { - "resource_type": "imagePipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelineImages.html" - }, - "ListImagePipelines": { - "privilege": "ListImagePipelines", - "description": "Grants permission to list the image pipelines in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelines.html" - }, - "ListImageRecipes": { - "privilege": "ListImageRecipes", - "description": "Grants permission to list the image recipes owned by or shared with your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageRecipes.html" - }, - "ListImageScanFindingAggregations": { - "privilege": "ListImageScanFindingAggregations", - "description": "Grants permission to list aggregations on the image scan findings in your account", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "imagePipeline": { - "resource_type": "imagePipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageScanFindingAggregations.html" - }, - "ListImageScanFindings": { - "privilege": "ListImageScanFindings", - "description": "Grants permission to list the image scan findings for the images in your account", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "inspector2:ListFindings" - ] - }, - "imagePipeline": { - "resource_type": "imagePipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageScanFindings.html" - }, - "ListImages": { - "privilege": "ListImages", - "description": "Grants permission to list the image versions owned by or shared with your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImages.html" - }, - "ListInfrastructureConfigurations": { - "privilege": "ListInfrastructureConfigurations", - "description": "Grants permission to list the infrastructure configurations in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListInfrastructureConfigurations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an Image Builder resource", - "access_level": "Read", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "containerRecipe": { - "resource_type": "containerRecipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "distributionConfiguration": { - "resource_type": "distributionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "imagePipeline": { - "resource_type": "imagePipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "imageRecipe": { - "resource_type": "imageRecipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "infrastructureConfiguration": { - "resource_type": "infrastructureConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWorkflowExecutions": { - "privilege": "ListWorkflowExecutions", - "description": "Grants permission to list workflow executions for the specified image", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflowExecutions.html" - }, - "ListWorkflowStepExecutions": { - "privilege": "ListWorkflowStepExecutions", - "description": "Grants permission to list workflow step executions for the specified workflow", - "access_level": "List", - "resource_types": { - "workflowExecution": { - "resource_type": "workflowExecution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflowStepExecutions.html" - }, - "PutComponentPolicy": { - "privilege": "PutComponentPolicy", - "description": "Grants permission to set the resource policy associated with a component", - "access_level": "Permissions management", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutComponentPolicy.html" - }, - "PutContainerRecipePolicy": { - "privilege": "PutContainerRecipePolicy", - "description": "Grants permission to set the resource policy associated with a container recipe", - "access_level": "Permissions management", - "resource_types": { - "containerRecipe": { - "resource_type": "containerRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutContainerRecipePolicy.html" - }, - "PutImagePolicy": { - "privilege": "PutImagePolicy", - "description": "Grants permission to set the resource policy associated with an image", - "access_level": "Permissions management", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutImagePolicy.html" - }, - "PutImageRecipePolicy": { - "privilege": "PutImageRecipePolicy", - "description": "Grants permission to set the resource policy associated with an image recipe", - "access_level": "Permissions management", - "resource_types": { - "imageRecipe": { - "resource_type": "imageRecipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutImageRecipePolicy.html" - }, - "StartImagePipelineExecution": { - "privilege": "StartImagePipelineExecution", - "description": "Grants permission to create a new image from a pipeline", - "access_level": "Write", - "resource_types": { - "imagePipeline": { - "resource_type": "imagePipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "imagebuilder:GetImagePipeline" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_StartImagePipelineExecution.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Image Builder resource", - "access_level": "Tagging", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "containerRecipe": { - "resource_type": "containerRecipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "distributionConfiguration": { - "resource_type": "distributionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "imagePipeline": { - "resource_type": "imagePipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "imageRecipe": { - "resource_type": "imageRecipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "infrastructureConfiguration": { - "resource_type": "infrastructureConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Image Builder resource", - "access_level": "Tagging", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "containerRecipe": { - "resource_type": "containerRecipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "distributionConfiguration": { - "resource_type": "distributionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "imagePipeline": { - "resource_type": "imagePipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "imageRecipe": { - "resource_type": "imageRecipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "infrastructureConfiguration": { - "resource_type": "infrastructureConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UntagResource.html" - }, - "UpdateDistributionConfiguration": { - "privilege": "UpdateDistributionConfiguration", - "description": "Grants permission to update an existing distribution configuration", - "access_level": "Write", - "resource_types": { - "distributionConfiguration": { - "resource_type": "distributionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateDistributionConfiguration.html" - }, - "UpdateImagePipeline": { - "privilege": "UpdateImagePipeline", - "description": "Grants permission to update an existing image pipeline", - "access_level": "Write", - "resource_types": { - "imagePipeline": { - "resource_type": "imagePipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateImagePipeline.html" - }, - "UpdateInfrastructureConfiguration": { - "privilege": "UpdateInfrastructureConfiguration", - "description": "Grants permission to update an existing infrastructure configuration", - "access_level": "Write", - "resource_types": { - "infrastructureConfiguration": { - "resource_type": "infrastructureConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "sns:Publish" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "imagebuilder:CreatedResourceTagKeys", - "imagebuilder:CreatedResourceTag/", - "imagebuilder:Ec2MetadataHttpTokens", - "imagebuilder:StatusTopicArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateInfrastructureConfiguration.html" - } - }, - "resources": { - "component": { - "resource": "component", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:component/${ComponentName}/${ComponentVersion}/${ComponentBuildVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "componentVersion": { - "resource": "componentVersion", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:component/${ComponentName}/${ComponentVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "distributionConfiguration": { - "resource": "distributionConfiguration", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:distribution-configuration/${DistributionConfigurationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "image": { - "resource": "image", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image/${ImageName}/${ImageVersion}/${ImageBuildVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "imageVersion": { - "resource": "imageVersion", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image/${ImageName}/${ImageVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "imageRecipe": { - "resource": "imageRecipe", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image-recipe/${ImageRecipeName}/${ImageRecipeVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "containerRecipe": { - "resource": "containerRecipe", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:container-recipe/${ContainerRecipeName}/${ContainerRecipeVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "imagePipeline": { - "resource": "imagePipeline", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image-pipeline/${ImagePipelineName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "infrastructureConfiguration": { - "resource": "infrastructureConfiguration", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:infrastructure-configuration/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "kmsKey": { - "resource": "kmsKey", - "arn": "arn:${Partition}:kms:${Region}:${Account}:key/${KeyId}", - "condition_keys": [] - }, - "workflowExecution": { - "resource": "workflowExecution", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:workflow-execution/${WorkflowExecutionId}", - "condition_keys": [] - }, - "workflowStepExecution": { - "resource": "workflowStepExecution", - "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:workflow-step-execution/${WorkflowStepExecutionId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "imagebuilder:CreatedResourceTag/": { - "condition": "imagebuilder:CreatedResourceTag/", - "description": "Filters access by the tag key-value pairs attached to the resource created by Image Builder", - "type": "String" - }, - "imagebuilder:CreatedResourceTagKeys": { - "condition": "imagebuilder:CreatedResourceTagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "imagebuilder:Ec2MetadataHttpTokens": { - "condition": "imagebuilder:Ec2MetadataHttpTokens", - "description": "Filters access by the EC2 Instance Metadata HTTP Token Requirement specified in the request", - "type": "String" - }, - "imagebuilder:StatusTopicArn": { - "condition": "imagebuilder:StatusTopicArn", - "description": "Filters access by the SNS Topic Arn in the request to which terminal state notifications will be published", - "type": "String" - } - } - }, - "ec2-instance-connect": { - "service_name": "Amazon EC2 Instance Connect", - "prefix": "ec2-instance-connect", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2instanceconnect.html", - "privileges": { - "OpenTunnel": { - "privilege": "OpenTunnel", - "description": "Grants permission to establish SSH connection to an EC2 instance using EC2 Instance Connect Endpoint", - "access_level": "Write", - "resource_types": { - "instance-connect-endpoint": { - "resource_type": "instance-connect-endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}", - "ec2-instance-connect:remotePort", - "ec2-instance-connect:privateIpAddress", - "ec2-instance-connect:MaxTunnelDuration" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_OpenTunnel.html" - }, - "SendSSHPublicKey": { - "privilege": "SendSSHPublicKey", - "description": "Grants permission to push an SSH public key to the specified EC2 instance to be used for standard SSH", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ec2:osuser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_SendSSHPublicKey.html" - }, - "SendSerialConsoleSSHPublicKey": { - "privilege": "SendSerialConsoleSSHPublicKey", - "description": "Grants permission to push an SSH public key to the specified EC2 instance to be used for serial console SSH", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_SendSerialConsoleSSHPublicKey.html" - } - }, - "resources": { - "instance": { - "resource": "instance", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance/${InstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ] - }, - "instance-connect-endpoint": { - "resource": "instance-connect-endpoint", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance-connect-endpoint/${InstanceConnectEndpointId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ec2:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "ec2-instance-connect:maxTunnelDuration": { - "condition": "ec2-instance-connect:maxTunnelDuration", - "description": "Filters access by maximum session duration associated with the instance", - "type": "Numeric" - }, - "ec2-instance-connect:privateIpAddress": { - "condition": "ec2-instance-connect:privateIpAddress", - "description": "Filters access by private IP Address associated with the instance", - "type": "IPAddress" - }, - "ec2-instance-connect:remotePort": { - "condition": "ec2-instance-connect:remotePort", - "description": "Filters access by port number associated with the instance", - "type": "Numeric" - }, - "ec2:ResourceTag/${TagKey}": { - "condition": "ec2:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "ec2:osuser": { - "condition": "ec2:osuser", - "description": "Filters access by specifying the default user name for the AMI that you used to launch your instance", - "type": "String" - } - } - }, - "elasticache": { - "service_name": "Amazon ElastiCache", - "prefix": "elasticache", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticache.html", - "privileges": { - "AddTagsToResource": { - "privilege": "AddTagsToResource", - "description": "Grants permission to add tags to an ElastiCache resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reserved-instance": { - "resource_type": "reserved-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usergroup": { - "resource_type": "usergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_AddTagsToResource.html" - }, - "AuthorizeCacheSecurityGroupIngress": { - "privilege": "AuthorizeCacheSecurityGroupIngress", - "description": "Grants permission to authorize an EC2 security group on a ElastiCache security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:AuthorizeSecurityGroupIngress" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_AuthorizeCacheSecurityGroupIngress.html" - }, - "BatchApplyUpdateAction": { - "privilege": "BatchApplyUpdateAction", - "description": "Grants permission to apply ElastiCache service updates to sets of clusters and replication groups", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "s3:GetObject" - ] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_BatchApplyUpdateAction.html" - }, - "BatchStopUpdateAction": { - "privilege": "BatchStopUpdateAction", - "description": "Grants permission to stop ElastiCache service updates from being executed on a set of clusters", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_BatchStopUpdateAction.html" - }, - "CompleteMigration": { - "privilege": "CompleteMigration", - "description": "Grants permission to complete an online migration of data from hosted Redis on Amazon EC2 to ElastiCache", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CompleteMigration.html" - }, - "Connect": { - "privilege": "Connect", - "description": "Allows an IAM user or role to connect as a specified ElastiCache user to a node in a replication group", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth-iam.html" - }, - "CopySnapshot": { - "privilege": "CopySnapshot", - "description": "Grants permission to make a copy of an existing snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticache:AddTagsToResource", - "s3:DeleteObject", - "s3:GetBucketAcl", - "s3:PutObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticache:KmsKeyId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CopySnapshot.html" - }, - "CreateCacheCluster": { - "privilege": "CreateCacheCluster", - "description": "Grants permission to create a cache cluster", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "elasticache:AddTagsToResource", - "s3:GetObject" - ] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticache:CacheNodeType", - "elasticache:EngineVersion", - "elasticache:EngineType", - "elasticache:MultiAZEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:SnapshotRetentionLimit", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [ - "elasticache:CacheNodeType", - "elasticache:EngineVersion", - "elasticache:EngineType", - "elasticache:MultiAZEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:SnapshotRetentionLimit", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheCluster.html" - }, - "CreateCacheParameterGroup": { - "privilege": "CreateCacheParameterGroup", - "description": "Grants permission to create a parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticache:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheParameterGroup.html" - }, - "CreateCacheSecurityGroup": { - "privilege": "CreateCacheSecurityGroup", - "description": "Grants permission to create a cache security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticache:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheSecurityGroup.html" - }, - "CreateCacheSubnetGroup": { - "privilege": "CreateCacheSubnetGroup", - "description": "Grants permission to create a cache subnet group", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticache:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheSubnetGroup.html" - }, - "CreateGlobalReplicationGroup": { - "privilege": "CreateGlobalReplicationGroup", - "description": "Grants permission to create a global replication group", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateGlobalReplicationGroup.html" - }, - "CreateReplicationGroup": { - "privilege": "CreateReplicationGroup", - "description": "Grants permission to create a replication group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "elasticache:AddTagsToResource", - "s3:GetObject" - ] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": false, - "condition_keys": [ - "elasticache:NumNodeGroups", - "elasticache:CacheNodeType", - "elasticache:ReplicasPerNodeGroup", - "elasticache:EngineVersion", - "elasticache:EngineType", - "elasticache:AtRestEncryptionEnabled", - "elasticache:TransitEncryptionEnabled", - "elasticache:AutomaticFailoverEnabled", - "elasticache:MultiAZEnabled", - "elasticache:ClusterModeEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:SnapshotRetentionLimit", - "elasticache:KmsKeyId", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticache:NumNodeGroups", - "elasticache:CacheNodeType", - "elasticache:ReplicasPerNodeGroup", - "elasticache:EngineVersion", - "elasticache:EngineType", - "elasticache:AtRestEncryptionEnabled", - "elasticache:TransitEncryptionEnabled", - "elasticache:AutomaticFailoverEnabled", - "elasticache:MultiAZEnabled", - "elasticache:ClusterModeEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:SnapshotRetentionLimit", - "elasticache:KmsKeyId", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usergroup": { - "resource_type": "usergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to create a copy of an entire Redis cluster at a specific moment in time", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticache:KmsKeyId" - ], - "dependent_actions": [ - "elasticache:AddTagsToResource", - "s3:DeleteObject", - "s3:GetBucketAcl", - "s3:PutObject" - ] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateSnapshot.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user for Redis. Users are supported from Redis 6.0 onwards", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticache:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticache:UserAuthenticationMode" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateUser.html" - }, - "CreateUserGroup": { - "privilege": "CreateUserGroup", - "description": "Grants permission to create a user group for Redis. Groups are supported from Redis 6.0 onwards", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticache:AddTagsToResource" - ] - }, - "usergroup": { - "resource_type": "usergroup", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateUserGroup.html" - }, - "DecreaseNodeGroupsInGlobalReplicationGroup": { - "privilege": "DecreaseNodeGroupsInGlobalReplicationGroup", - "description": "Grants permission to decrease the number of node groups in global replication groups", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticache:NumNodeGroups" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DecreaseNodeGroupsInGlobalReplicationGroup.html" - }, - "DecreaseReplicaCount": { - "privilege": "DecreaseReplicaCount", - "description": "Grants permission to decrease the number of replicas in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticache:ReplicasPerNodeGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DecreaseReplicaCount.html" - }, - "DeleteCacheCluster": { - "privilege": "DeleteCacheCluster", - "description": "Grants permission to delete a previously provisioned cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheCluster.html" - }, - "DeleteCacheParameterGroup": { - "privilege": "DeleteCacheParameterGroup", - "description": "Grants permission to delete the specified cache parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheParameterGroup.html" - }, - "DeleteCacheSecurityGroup": { - "privilege": "DeleteCacheSecurityGroup", - "description": "Grants permission to delete a cache security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheSecurityGroup.html" - }, - "DeleteCacheSubnetGroup": { - "privilege": "DeleteCacheSubnetGroup", - "description": "Grants permission to delete a cache subnet group", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheSubnetGroup.html" - }, - "DeleteGlobalReplicationGroup": { - "privilege": "DeleteGlobalReplicationGroup", - "description": "Grants permission to delete an existing global replication group", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteGlobalReplicationGroup.html" - }, - "DeleteReplicationGroup": { - "privilege": "DeleteReplicationGroup", - "description": "Grants permission to delete an existing replication group", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteReplicationGroup.html" - }, - "DeleteSnapshot": { - "privilege": "DeleteSnapshot", - "description": "Grants permission to delete an existing snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteSnapshot.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete an existing user and thus remove it from all user groups and replication groups where it was assigned", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteUser.html" - }, - "DeleteUserGroup": { - "privilege": "DeleteUserGroup", - "description": "Grants permission to delete an existing user group", - "access_level": "Write", - "resource_types": { - "usergroup": { - "resource_type": "usergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteUserGroup.html" - }, - "DescribeCacheClusters": { - "privilege": "DescribeCacheClusters", - "description": "Grants permission to list information about provisioned cache clusters", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheClusters.html" - }, - "DescribeCacheEngineVersions": { - "privilege": "DescribeCacheEngineVersions", - "description": "Grants permission to list available cache engines and their versions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheEngineVersions.html" - }, - "DescribeCacheParameterGroups": { - "privilege": "DescribeCacheParameterGroups", - "description": "Grants permission to list cache parameter group descriptions", - "access_level": "List", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheParameterGroups.html" - }, - "DescribeCacheParameters": { - "privilege": "DescribeCacheParameters", - "description": "Grants permission to retrieve the detailed parameter list for a particular cache parameter group", - "access_level": "List", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheParameters.html" - }, - "DescribeCacheSecurityGroups": { - "privilege": "DescribeCacheSecurityGroups", - "description": "Grants permission to list cache security group descriptions", - "access_level": "List", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheSecurityGroups.html" - }, - "DescribeCacheSubnetGroups": { - "privilege": "DescribeCacheSubnetGroups", - "description": "Grants permission to list cache subnet group descriptions", - "access_level": "List", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheSubnetGroups.html" - }, - "DescribeEngineDefaultParameters": { - "privilege": "DescribeEngineDefaultParameters", - "description": "Grants permission to retrieve the default engine and system parameter information for the specified cache engine", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeEngineDefaultParameters.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to list events related to clusters, cache security groups, and cache parameter groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeEvents.html" - }, - "DescribeGlobalReplicationGroups": { - "privilege": "DescribeGlobalReplicationGroups", - "description": "Grants permission to list information about global replication groups", - "access_level": "List", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeGlobalReplicationGroups.html" - }, - "DescribeReplicationGroups": { - "privilege": "DescribeReplicationGroups", - "description": "Grants permission to list information about provisioned replication groups", - "access_level": "List", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReplicationGroups.html" - }, - "DescribeReservedCacheNodes": { - "privilege": "DescribeReservedCacheNodes", - "description": "Grants permission to list information about purchased reserved cache nodes", - "access_level": "List", - "resource_types": { - "reserved-instance": { - "resource_type": "reserved-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReservedCacheNodes.html" - }, - "DescribeReservedCacheNodesOfferings": { - "privilege": "DescribeReservedCacheNodesOfferings", - "description": "Grants permission to list available reserved cache node offerings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReservedCacheNodesOfferings.html" - }, - "DescribeServiceUpdates": { - "privilege": "DescribeServiceUpdates", - "description": "Grants permission to list details of the service updates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeServiceUpdates.html" - }, - "DescribeSnapshots": { - "privilege": "DescribeSnapshots", - "description": "Grants permission to list information about cluster or replication group snapshots", - "access_level": "List", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeSnapshots.html" - }, - "DescribeUpdateActions": { - "privilege": "DescribeUpdateActions", - "description": "Grants permission to list details of the update actions for a set of clusters or replication groups", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUpdateActions.html" - }, - "DescribeUserGroups": { - "privilege": "DescribeUserGroups", - "description": "Grants permission to list information about Redis user groups", - "access_level": "List", - "resource_types": { - "usergroup": { - "resource_type": "usergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUserGroups.html" - }, - "DescribeUsers": { - "privilege": "DescribeUsers", - "description": "Grants permission to list information about Redis users", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUsers.html" - }, - "DisassociateGlobalReplicationGroup": { - "privilege": "DisassociateGlobalReplicationGroup", - "description": "Grants permission to remove a secondary replication group from the global replication group", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DisassociateGlobalReplicationGroup.html" - }, - "FailoverGlobalReplicationGroup": { - "privilege": "FailoverGlobalReplicationGroup", - "description": "Grants permission to failover the primary region to a selected secondary region of a global replication group", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_FailoverGlobalReplicationGroup.html" - }, - "IncreaseNodeGroupsInGlobalReplicationGroup": { - "privilege": "IncreaseNodeGroupsInGlobalReplicationGroup", - "description": "Grants permission to increase the number of node groups in a global replication group", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticache:NumNodeGroups" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_IncreaseNodeGroupsInGlobalReplicationGroup.html" - }, - "IncreaseReplicaCount": { - "privilege": "IncreaseReplicaCount", - "description": "Grants permission to increase the number of replicas in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticache:ReplicasPerNodeGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_IncreaseReplicaCount.html" - }, - "ListAllowedNodeTypeModifications": { - "privilege": "ListAllowedNodeTypeModifications", - "description": "Grants permission to list available node type that can be used to scale a particular Redis cluster or replication group", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ListAllowedNodeTypeModifications.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an ElastiCache resource", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reserved-instance": { - "resource_type": "reserved-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usergroup": { - "resource_type": "usergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ListTagsForResource.html" - }, - "ModifyCacheCluster": { - "privilege": "ModifyCacheCluster", - "description": "Grants permission to modify settings for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [ - "elasticache:CacheNodeType", - "elasticache:EngineVersion", - "elasticache:MultiAZEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:SnapshotRetentionLimit", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html" - }, - "ModifyCacheParameterGroup": { - "privilege": "ModifyCacheParameterGroup", - "description": "Grants permission to modify parameters of a cache parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheParameterGroup.html" - }, - "ModifyCacheSubnetGroup": { - "privilege": "ModifyCacheSubnetGroup", - "description": "Grants permission to modify an existing cache subnet group", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheSubnetGroup.html" - }, - "ModifyGlobalReplicationGroup": { - "privilege": "ModifyGlobalReplicationGroup", - "description": "Grants permission to modify settings for a global replication group", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticache:CacheNodeType", - "elasticache:EngineVersion", - "elasticache:AutomaticFailoverEnabled" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyGlobalReplicationGroup.html" - }, - "ModifyReplicationGroup": { - "privilege": "ModifyReplicationGroup", - "description": "Grants permission to modify the settings for a replication group", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [ - "elasticache:CacheNodeType", - "elasticache:EngineVersion", - "elasticache:AutomaticFailoverEnabled", - "elasticache:MultiAZEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:SnapshotRetentionLimit", - "elasticache:CacheParameterGroupName", - "elasticache:TransitEncryptionEnabled", - "elasticache:ClusterModeEnabled" - ], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usergroup": { - "resource_type": "usergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyReplicationGroup.html" - }, - "ModifyReplicationGroupShardConfiguration": { - "privilege": "ModifyReplicationGroupShardConfiguration", - "description": "Grants permission to add shards, remove shards, or rebalance the keyspaces among existing shards of a replication group", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticache:NumNodeGroups" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyReplicationGroupShardConfiguration.html" - }, - "ModifyUser": { - "privilege": "ModifyUser", - "description": "Grants permission to change Redis user password(s) and/or access string", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticache:UserAuthenticationMode" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyUser.html" - }, - "ModifyUserGroup": { - "privilege": "ModifyUserGroup", - "description": "Grants permission to change list of users that belong to the user group", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "usergroup": { - "resource_type": "usergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyUserGroup.html" - }, - "PurchaseReservedCacheNodesOffering": { - "privilege": "PurchaseReservedCacheNodesOffering", - "description": "Grants permission to purchase a reserved cache node offering", - "access_level": "Write", - "resource_types": { - "reserved-instance": { - "resource_type": "reserved-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticache:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_PurchaseReservedCacheNodesOffering.html" - }, - "RebalanceSlotsInGlobalReplicationGroup": { - "privilege": "RebalanceSlotsInGlobalReplicationGroup", - "description": "Grants permission to perform a key space rebalance operation to redistribute slots and ensure uniform key distribution across existing shards in a global replication group", - "access_level": "Write", - "resource_types": { - "globalreplicationgroup": { - "resource_type": "globalreplicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RebalanceSlotsInGlobalReplicationGroup.html" - }, - "RebootCacheCluster": { - "privilege": "RebootCacheCluster", - "description": "Grants permission to reboot some, or all, of the cache nodes within a provisioned cache cluster or replication group (cluster mode disabled)", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RebootCacheCluster.html" - }, - "RemoveTagsFromResource": { - "privilege": "RemoveTagsFromResource", - "description": "Grants permission to remove tags from a ElastiCache resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replicationgroup": { - "resource_type": "replicationgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reserved-instance": { - "resource_type": "reserved-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usergroup": { - "resource_type": "usergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RemoveTagsFromResource.html" - }, - "ResetCacheParameterGroup": { - "privilege": "ResetCacheParameterGroup", - "description": "Grants permission to modify parameters of a cache parameter group back to their default values", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticache:CacheParameterGroupName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ResetCacheParameterGroup.html" - }, - "RevokeCacheSecurityGroupIngress": { - "privilege": "RevokeCacheSecurityGroupIngress", - "description": "Grants permission to remove an EC2 security group ingress from a ElastiCache security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RevokeCacheSecurityGroupIngress.html" - }, - "StartMigration": { - "privilege": "StartMigration", - "description": "Grants permission to start a migration of data from hosted Redis on Amazon EC2 to ElastiCache for Redis", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_StartMigration.html" - }, - "TestFailover": { - "privilege": "TestFailover", - "description": "Grants permission to test automatic failover on a specified node group in a replication group", - "access_level": "Write", - "resource_types": { - "replicationgroup": { - "resource_type": "replicationgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_TestFailover.html" - } - }, - "resources": { - "parametergroup": { - "resource": "parametergroup", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:parametergroup:${CacheParameterGroupName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "elasticache:CacheParameterGroupName" - ] - }, - "securitygroup": { - "resource": "securitygroup", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:securitygroup:${CacheSecurityGroupName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - }, - "subnetgroup": { - "resource": "subnetgroup", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:subnetgroup:${CacheSubnetGroupName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - }, - "replicationgroup": { - "resource": "replicationgroup", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:replicationgroup:${ReplicationGroupId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "elasticache:AtRestEncryptionEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:AutomaticFailoverEnabled", - "elasticache:CacheNodeType", - "elasticache:CacheParameterGroupName", - "elasticache:ClusterModeEnabled", - "elasticache:EngineType", - "elasticache:EngineVersion", - "elasticache:KmsKeyId", - "elasticache:MultiAZEnabled", - "elasticache:NumNodeGroups", - "elasticache:ReplicasPerNodeGroup", - "elasticache:SnapshotRetentionLimit", - "elasticache:TransitEncryptionEnabled" - ] - }, - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:cluster:${CacheClusterId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "elasticache:AuthTokenEnabled", - "elasticache:CacheNodeType", - "elasticache:CacheParameterGroupName", - "elasticache:EngineType", - "elasticache:EngineVersion", - "elasticache:MultiAZEnabled", - "elasticache:SnapshotRetentionLimit" - ] - }, - "reserved-instance": { - "resource": "reserved-instance", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:reserved-instance:${ReservedCacheNodeId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - }, - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:snapshot:${SnapshotName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "elasticache:KmsKeyId" - ] - }, - "globalreplicationgroup": { - "resource": "globalreplicationgroup", - "arn": "arn:${Partition}:elasticache::${Account}:globalreplicationgroup:${GlobalReplicationGroupId}", - "condition_keys": [ - "elasticache:AtRestEncryptionEnabled", - "elasticache:AuthTokenEnabled", - "elasticache:AutomaticFailoverEnabled", - "elasticache:CacheNodeType", - "elasticache:CacheParameterGroupName", - "elasticache:ClusterModeEnabled", - "elasticache:EngineType", - "elasticache:EngineVersion", - "elasticache:KmsKeyId", - "elasticache:MultiAZEnabled", - "elasticache:NumNodeGroups", - "elasticache:ReplicasPerNodeGroup", - "elasticache:SnapshotRetentionLimit", - "elasticache:TransitEncryptionEnabled" - ] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:user:${UserId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "elasticache:UserAuthenticationMode" - ] - }, - "usergroup": { - "resource": "usergroup", - "arn": "arn:${Partition}:elasticache:${Region}:${Account}:usergroup:${UserGroupId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "elasticache:AtRestEncryptionEnabled": { - "condition": "elasticache:AtRestEncryptionEnabled", - "description": "Filters access by the AtRestEncryptionEnabled parameter present in the request or default false value if parameter is not present", - "type": "Bool" - }, - "elasticache:AuthTokenEnabled": { - "condition": "elasticache:AuthTokenEnabled", - "description": "Filters access by the presence of non empty AuthToken parameter in the request", - "type": "Bool" - }, - "elasticache:AutomaticFailoverEnabled": { - "condition": "elasticache:AutomaticFailoverEnabled", - "description": "Filters access by the AutomaticFailoverEnabled parameter in the request", - "type": "Bool" - }, - "elasticache:CacheNodeType": { - "condition": "elasticache:CacheNodeType", - "description": "Filters access by the cacheNodeType parameter present in the request. This key can be used to restrict which cache node types can be used on cluster creation or scaling operations", - "type": "String" - }, - "elasticache:CacheParameterGroupName": { - "condition": "elasticache:CacheParameterGroupName", - "description": "Filters access by the CacheParameterGroupName parameter in the request", - "type": "String" - }, - "elasticache:ClusterModeEnabled": { - "condition": "elasticache:ClusterModeEnabled", - "description": "Filters access by the cluster mode parameter present in the request. Default value for single node group (shard) creations is false", - "type": "Bool" - }, - "elasticache:EngineType": { - "condition": "elasticache:EngineType", - "description": "Filters access by the engine type present in creation requests. For replication group creations, default engine 'redis' is used as key if parameter is not present", - "type": "String" - }, - "elasticache:EngineVersion": { - "condition": "elasticache:EngineVersion", - "description": "Filters access by the engineVersion parameter present in creation or cluster modification requests", - "type": "String" - }, - "elasticache:KmsKeyId": { - "condition": "elasticache:KmsKeyId", - "description": "Filters access by the KmsKeyId parameter in the request", - "type": "String" - }, - "elasticache:MultiAZEnabled": { - "condition": "elasticache:MultiAZEnabled", - "description": "Filters access by the AZMode parameter, MultiAZEnabled parameter or the number of availability zones that the cluster or replication group can be placed in", - "type": "Bool" - }, - "elasticache:NumNodeGroups": { - "condition": "elasticache:NumNodeGroups", - "description": "Filters access by the NumNodeGroups or NodeGroupCount parameter specified in the request. This key can be used to restrict the number of node groups (shards) clusters can have after creation or scaling operations", - "type": "Numeric" - }, - "elasticache:ReplicasPerNodeGroup": { - "condition": "elasticache:ReplicasPerNodeGroup", - "description": "Filters access by the number of replicas per node group (shards) specified in creations or scaling requests", - "type": "Numeric" - }, - "elasticache:SnapshotRetentionLimit": { - "condition": "elasticache:SnapshotRetentionLimit", - "description": "Filters access by the SnapshotRetentionLimit parameter in the request", - "type": "Numeric" - }, - "elasticache:TransitEncryptionEnabled": { - "condition": "elasticache:TransitEncryptionEnabled", - "description": "Filters access by the TransitEncryptionEnabled parameter present in the request. For replication group creations, default value 'false' is used as key if parameter is not present", - "type": "Bool" - }, - "elasticache:UserAuthenticationMode": { - "condition": "elasticache:UserAuthenticationMode", - "description": "Filters access by the UserAuthenticationMode parameter in the request", - "type": "String" - } - } - }, - "ebs": { - "service_name": "Amazon Elastic Block Store", - "prefix": "ebs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticblockstore.html", - "privileges": { - "CompleteSnapshot": { - "privilege": "CompleteSnapshot", - "description": "Grants permission to seal and complete the snapshot after all of the required blocks of data have been written to it", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_CompleteSnapshot.html" - }, - "GetSnapshotBlock": { - "privilege": "GetSnapshotBlock", - "description": "Grants permission to return the data of a block in an Amazon Elastic Block Store (EBS) snapshot", - "access_level": "Read", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_GetSnapshotBlock.html" - }, - "ListChangedBlocks": { - "privilege": "ListChangedBlocks", - "description": "Grants permission to list the blocks that are different between two Amazon Elastic Block Store (EBS) snapshots of the same volume/snapshot lineage", - "access_level": "Read", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_ListChangedBlocks.html" - }, - "ListSnapshotBlocks": { - "privilege": "ListSnapshotBlocks", - "description": "Grants permission to list the blocks in an Amazon Elastic Block Store (EBS) snapshot", - "access_level": "Read", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_ListSnapshotBlocks.html" - }, - "PutSnapshotBlock": { - "privilege": "PutSnapshotBlock", - "description": "Grants permission to write a block of data to a snapshot created by the StartSnapshot operation", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_PutSnapshotBlock.html" - }, - "StartSnapshot": { - "privilege": "StartSnapshot", - "description": "Grants permission to create a new EBS snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ebs:Description", - "ebs:ParentSnapshot", - "ebs:VolumeSize" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_StartSnapshot.html" - } - }, - "resources": { - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:ec2:${Region}::snapshot/${SnapshotId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "ebs:Description", - "ebs:ParentSnapshot", - "ebs:VolumeSize" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - }, - "ebs:Description": { - "condition": "ebs:Description", - "description": "Filters access by the description of the snapshot being created", - "type": "String" - }, - "ebs:ParentSnapshot": { - "condition": "ebs:ParentSnapshot", - "description": "Filters access by the ID of the parent snapshot", - "type": "String" - }, - "ebs:VolumeSize": { - "condition": "ebs:VolumeSize", - "description": "Filters access by the size of the volume for the snapshot being created, in GiB", - "type": "Numeric" - } - } - }, - "ecr": { - "service_name": "Amazon Elastic Container Registry", - "prefix": "ecr", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerregistry.html", - "privileges": { - "BatchCheckLayerAvailability": { - "privilege": "BatchCheckLayerAvailability", - "description": "Grants permission to check the availability of multiple image layers in a specified registry and repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchCheckLayerAvailability.html" - }, - "BatchDeleteImage": { - "privilege": "BatchDeleteImage", - "description": "Grants permission to delete a list of specified images within a specified repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchDeleteImage.html" - }, - "BatchGetImage": { - "privilege": "BatchGetImage", - "description": "Grants permission to get detailed information for specified images within a specified repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchGetImage.html" - }, - "BatchGetRepositoryScanningConfiguration": { - "privilege": "BatchGetRepositoryScanningConfiguration", - "description": "Grants permission to retrieve repository scanning configuration for a list of repositories", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchGetRepositoryScanningConfiguration.html" - }, - "BatchImportUpstreamImage": { - "privilege": "BatchImportUpstreamImage", - "description": "Grants permission to retrieve the image from the upstream registry and import it to your private registry", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchImportUpstreamImage.html" - }, - "CompleteLayerUpload": { - "privilege": "CompleteLayerUpload", - "description": "Grants permission to inform Amazon ECR that the image layer upload for a specified registry, repository name, and upload ID, has completed", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CompleteLayerUpload.html" - }, - "CreatePullThroughCacheRule": { - "privilege": "CreatePullThroughCacheRule", - "description": "Grants permission to create new pull-through cache rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CreatePullThroughCacheRule.html" - }, - "CreateRepository": { - "privilege": "CreateRepository", - "description": "Grants permission to create an image repository", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ecr:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CreateRepository.html" - }, - "DeleteLifecyclePolicy": { - "privilege": "DeleteLifecyclePolicy", - "description": "Grants permission to delete the specified lifecycle policy", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteLifecyclePolicy.html" - }, - "DeletePullThroughCacheRule": { - "privilege": "DeletePullThroughCacheRule", - "description": "Grants permission to delete the pull-through cache rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeletePullThroughCacheRule.html" - }, - "DeleteRegistryPolicy": { - "privilege": "DeleteRegistryPolicy", - "description": "Grants permission to delete the registry policy", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteRegistryPolicy.html" - }, - "DeleteRepository": { - "privilege": "DeleteRepository", - "description": "Grants permission to delete an existing image repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteRepository.html" - }, - "DeleteRepositoryPolicy": { - "privilege": "DeleteRepositoryPolicy", - "description": "Grants permission to delete the repository policy from a specified repository", - "access_level": "Permissions management", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteRepositoryPolicy.html" - }, - "DescribeImageReplicationStatus": { - "privilege": "DescribeImageReplicationStatus", - "description": "Grants permission to retrieve replication status about an image in a registry, including failure reason if replication fails", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeImageReplicationStatus.html" - }, - "DescribeImageScanFindings": { - "privilege": "DescribeImageScanFindings", - "description": "Grants permission to describe the image scan findings for the specified image", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeImageScanFindings.html" - }, - "DescribeImages": { - "privilege": "DescribeImages", - "description": "Grants permission to get metadata about the images in a repository, including image size, image tags, and creation date", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeImages.html" - }, - "DescribePullThroughCacheRules": { - "privilege": "DescribePullThroughCacheRules", - "description": "Grants permission to describe the pull-through cache rules", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribePullThroughCacheRules.html" - }, - "DescribeRegistry": { - "privilege": "DescribeRegistry", - "description": "Grants permission to describe the registry settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeRegistry.html" - }, - "DescribeRepositories": { - "privilege": "DescribeRepositories", - "description": "Grants permission to describe image repositories in a registry", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeRepositories.html" - }, - "GetAuthorizationToken": { - "privilege": "GetAuthorizationToken", - "description": "Grants permission to retrieve a token that is valid for a specified registry for 12 hours", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetAuthorizationToken.html" - }, - "GetDownloadUrlForLayer": { - "privilege": "GetDownloadUrlForLayer", - "description": "Grants permission to retrieve the download URL corresponding to an image layer", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetDownloadUrlForLayer.html" - }, - "GetLifecyclePolicy": { - "privilege": "GetLifecyclePolicy", - "description": "Grants permission to retrieve the specified lifecycle policy", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetLifecyclePolicy.html" - }, - "GetLifecyclePolicyPreview": { - "privilege": "GetLifecyclePolicyPreview", - "description": "Grants permission to retrieve the results of the specified lifecycle policy preview request", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetLifecyclePolicyPreview.html" - }, - "GetRegistryPolicy": { - "privilege": "GetRegistryPolicy", - "description": "Grants permission to retrieve the registry policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetRegistryPolicy.html" - }, - "GetRegistryScanningConfiguration": { - "privilege": "GetRegistryScanningConfiguration", - "description": "Grants permission to retrieve registry scanning configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetRegistryScanningConfiguration.html" - }, - "GetRepositoryPolicy": { - "privilege": "GetRepositoryPolicy", - "description": "Grants permission to retrieve the repository policy for a specified repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetRepositoryPolicy.html" - }, - "InitiateLayerUpload": { - "privilege": "InitiateLayerUpload", - "description": "Grants permission to notify Amazon ECR that you intend to upload an image layer", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_InitiateLayerUpload.html" - }, - "ListImages": { - "privilege": "ListImages", - "description": "Grants permission to list all the image IDs for a given repository", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_ListImages.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for an Amazon ECR resource", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_ListTagsForResource.html" - }, - "PutImage": { - "privilege": "PutImage", - "description": "Grants permission to create or update the image manifest associated with an image", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutImage.html" - }, - "PutImageScanningConfiguration": { - "privilege": "PutImageScanningConfiguration", - "description": "Grants permission to update the image scanning configuration for a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutImageScanningConfiguration.html" - }, - "PutImageTagMutability": { - "privilege": "PutImageTagMutability", - "description": "Grants permission to update the image tag mutability settings for a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutImageTagMutability.html" - }, - "PutLifecyclePolicy": { - "privilege": "PutLifecyclePolicy", - "description": "Grants permission to create or update a lifecycle policy", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutLifecyclePolicy.html" - }, - "PutRegistryPolicy": { - "privilege": "PutRegistryPolicy", - "description": "Grants permission to update the registry policy", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutRegistryPolicy.html" - }, - "PutRegistryScanningConfiguration": { - "privilege": "PutRegistryScanningConfiguration", - "description": "Grants permission to update registry scanning configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutRegistryScanningConfiguration.html" - }, - "PutReplicationConfiguration": { - "privilege": "PutReplicationConfiguration", - "description": "Grants permission to update the replication configuration for the registry", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutReplicationConfiguration.html" - }, - "ReplicateImage": { - "privilege": "ReplicateImage", - "description": "Grants permission to replicate images to the destination registry", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html" - }, - "SetRepositoryPolicy": { - "privilege": "SetRepositoryPolicy", - "description": "Grants permission to apply a repository policy on a specified repository to control access permissions", - "access_level": "Permissions management", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_SetRepositoryPolicy.html" - }, - "StartImageScan": { - "privilege": "StartImageScan", - "description": "Grants permission to start an image scan", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_StartImageScan.html" - }, - "StartLifecyclePolicyPreview": { - "privilege": "StartLifecyclePolicyPreview", - "description": "Grants permission to start a preview of the specified lifecycle policy", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_StartLifecyclePolicyPreview.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon ECR resource", - "access_level": "Tagging", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Amazon ECR resource", - "access_level": "Tagging", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_UntagResource.html" - }, - "UploadLayerPart": { - "privilege": "UploadLayerPart", - "description": "Grants permission to upload an image layer part to Amazon ECR", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_UploadLayerPart.html" - } - }, - "resources": { - "repository": { - "resource": "repository", - "arn": "arn:${Partition}:ecr:${Region}:${Account}:repository/${RepositoryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecr:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "ecr:ResourceTag/${TagKey}": { - "condition": "ecr:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - } - } - }, - "ecr-public": { - "service_name": "Amazon Elastic Container Registry Public", - "prefix": "ecr-public", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerregistrypublic.html", - "privileges": { - "BatchCheckLayerAvailability": { - "privilege": "BatchCheckLayerAvailability", - "description": "Grants permission to check the availability of multiple image layers in a specified registry and repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_BatchCheckLayerAvailability.html" - }, - "BatchDeleteImage": { - "privilege": "BatchDeleteImage", - "description": "Grants permission to delete a list of specified images within a specified repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_BatchDeleteImage.html" - }, - "CompleteLayerUpload": { - "privilege": "CompleteLayerUpload", - "description": "Grants permission to inform Amazon ECR that the image layer upload for a specified registry, repository name, and upload ID, has completed", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_CompleteLayerUpload.html" - }, - "CreateRepository": { - "privilege": "CreateRepository", - "description": "Grants permission to create an image repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_CreateRepository.html" - }, - "DeleteRepository": { - "privilege": "DeleteRepository", - "description": "Grants permission to delete an existing image repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DeleteRepository.html" - }, - "DeleteRepositoryPolicy": { - "privilege": "DeleteRepositoryPolicy", - "description": "Grants permission to delete the repository policy from a specified repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DeleteRepositoryPolicy.html" - }, - "DescribeImageTags": { - "privilege": "DescribeImageTags", - "description": "Grants permission to describe all the image tags for a given repository", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeImageTags.html" - }, - "DescribeImages": { - "privilege": "DescribeImages", - "description": "Grants permission to get metadata about the images in a repository, including image size, image tags, and creation date", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeImages.html" - }, - "DescribeRegistries": { - "privilege": "DescribeRegistries", - "description": "Grants permission to retrieve the catalog data associated with a registry", - "access_level": "List", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeRegistries.html" - }, - "DescribeRepositories": { - "privilege": "DescribeRepositories", - "description": "Grants permission to describe image repositories in a registry", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeRepositories.html" - }, - "GetAuthorizationToken": { - "privilege": "GetAuthorizationToken", - "description": "Grants permission to retrieve a token that is valid for a specified registry for 12 hours", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetAuthorizationToken.html" - }, - "GetRegistryCatalogData": { - "privilege": "GetRegistryCatalogData", - "description": "Grants permission to retrieve the catalog data associated with a registry", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetRegistryCatalogData.html" - }, - "GetRepositoryCatalogData": { - "privilege": "GetRepositoryCatalogData", - "description": "Grants permission to retrieve the catalog data associated with a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetRepositoryCatalogData.html" - }, - "GetRepositoryPolicy": { - "privilege": "GetRepositoryPolicy", - "description": "Grants permission to retrieve the repository policy for a specified repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetRepositoryPolicy.html" - }, - "InitiateLayerUpload": { - "privilege": "InitiateLayerUpload", - "description": "Grants permission to notify Amazon ECR that you intend to upload an image layer", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_InitiateLayerUpload.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for an Amazon ECR resource", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_ListTagsForResource.html" - }, - "PutImage": { - "privilege": "PutImage", - "description": "Grants permission to create or update the image manifest associated with an image", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_PutImage.html" - }, - "PutRegistryCatalogData": { - "privilege": "PutRegistryCatalogData", - "description": "Grants permission to create and update the catalog data associated with a registry", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_PutRegistryCatalogData.html" - }, - "PutRepositoryCatalogData": { - "privilege": "PutRepositoryCatalogData", - "description": "Grants permission to update the catalog data associated with a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_PutRepositoryCatalogData.html" - }, - "SetRepositoryPolicy": { - "privilege": "SetRepositoryPolicy", - "description": "Grants permission to apply a repository policy on a specified repository to control access permissions", - "access_level": "Permissions management", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_SetRepositoryPolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon ECR resource", - "access_level": "Tagging", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Amazon ECR resource", - "access_level": "Tagging", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_UntagResource.html" - }, - "UploadLayerPart": { - "privilege": "UploadLayerPart", - "description": "Grants permission to upload an image layer part to Amazon ECR Public", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_UploadLayerPart.html" - } - }, - "resources": { - "repository": { - "resource": "repository", - "arn": "arn:${Partition}:ecr-public::${Account}:repository/${RepositoryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecr-public:ResourceTag/${TagKey}" - ] - }, - "registry": { - "resource": "registry", - "arn": "arn:${Partition}:ecr-public::${Account}:registry/${RegistryId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters create requests based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters create requests based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "ecr-public:ResourceTag/${TagKey}": { - "condition": "ecr-public:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value associated with the resource", - "type": "String" - } - } - }, - "ecs": { - "service_name": "Amazon Elastic Container Service", - "prefix": "ecs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerservice.html", - "privileges": { - "CreateCapacityProvider": { - "privilege": "CreateCapacityProvider", - "description": "Grants permission to create a new capacity provider. Capacity providers are associated with an Amazon ECS cluster and are used in capacity provider strategies to facilitate cluster auto scaling", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create a new Amazon ECS cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:capacity-provider", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCluster.html" - }, - "CreateService": { - "privilege": "CreateService", - "description": "Grants permission to run and maintain a desired number of tasks from a specified task definition via service creation", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:capacity-provider", - "ecs:task-definition", - "ecs:enable-execute-command", - "ecs:enable-service-connect", - "ecs:namespace", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html" - }, - "CreateTaskSet": { - "privilege": "CreateTaskSet", - "description": "Grants permission to create a new Amazon ECS task set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:capacity-provider", - "ecs:service", - "ecs:task-definition", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateTaskSet.html" - }, - "DeleteAccountSetting": { - "privilege": "DeleteAccountSetting", - "description": "Grants permission to modify the ARN and resource ID format of a resource for a specified IAM user, IAM role, or the root user for an account. You can specify whether the new ARN and resource ID format are disabled for new resources that are created", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteAccountSetting.html" - }, - "DeleteAttributes": { - "privilege": "DeleteAttributes", - "description": "Grants permission to delete one or more custom attributes from an Amazon ECS resource", - "access_level": "Write", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteAttributes.html" - }, - "DeleteCapacityProvider": { - "privilege": "DeleteCapacityProvider", - "description": "Grants permission to delete the specified capacity provider", - "access_level": "Write", - "resource_types": { - "capacity-provider": { - "resource_type": "capacity-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteCapacityProvider.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permission to delete the specified cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteCluster.html" - }, - "DeleteService": { - "privilege": "DeleteService", - "description": "Grants permission to delete a specified service within a cluster", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteService.html" - }, - "DeleteTaskDefinitions": { - "privilege": "DeleteTaskDefinitions", - "description": "Grants permission to delete the specified task definitions by family and revision", - "access_level": "Write", - "resource_types": { - "task-definition": { - "resource_type": "task-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskDefinitions.html" - }, - "DeleteTaskSet": { - "privilege": "DeleteTaskSet", - "description": "Grants permission to delete the specified task set", - "access_level": "Write", - "resource_types": { - "task-set": { - "resource_type": "task-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:service" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html" - }, - "DeregisterContainerInstance": { - "privilege": "DeregisterContainerInstance", - "description": "Grants permission to deregister an Amazon ECS container instance from the specified cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeregisterContainerInstance.html" - }, - "DeregisterTaskDefinition": { - "privilege": "DeregisterTaskDefinition", - "description": "Grants permission to deregister the specified task definition by family and revision", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeregisterTaskDefinition.html" - }, - "DescribeCapacityProviders": { - "privilege": "DescribeCapacityProviders", - "description": "Grants permission to describe one or more Amazon ECS capacity providers", - "access_level": "Read", - "resource_types": { - "capacity-provider": { - "resource_type": "capacity-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeCapacityProviders.html" - }, - "DescribeClusters": { - "privilege": "DescribeClusters", - "description": "Grants permission to describes one or more of your clusters", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeClusters.html" - }, - "DescribeContainerInstances": { - "privilege": "DescribeContainerInstances", - "description": "Grants permission to describes Amazon ECS container instances", - "access_level": "Read", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html" - }, - "DescribeServices": { - "privilege": "DescribeServices", - "description": "Grants permission to describe the specified services running in your cluster", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeServices.html" - }, - "DescribeTaskDefinition": { - "privilege": "DescribeTaskDefinition", - "description": "Grants permission to describe a task definition. You can specify a family and revision to find information about a specific task definition, or you can simply specify the family to find the latest ACTIVE revision in that family", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTaskDefinition.html" - }, - "DescribeTaskSets": { - "privilege": "DescribeTaskSets", - "description": "Grants permission to describe Amazon ECS task sets", - "access_level": "Read", - "resource_types": { - "task-set": { - "resource_type": "task-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:service" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTaskSets.html" - }, - "DescribeTasks": { - "privilege": "DescribeTasks", - "description": "Grants permission to describe a specified task or tasks", - "access_level": "Read", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html" - }, - "DiscoverPollEndpoint": { - "privilege": "DiscoverPollEndpoint", - "description": "Grants permission to get an endpoint for the Amazon ECS agent to poll for updates", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DiscoverPollEndpoint.html" - }, - "ExecuteCommand": { - "privilege": "ExecuteCommand", - "description": "Grants permission to run a command remotely on an Amazon ECS container", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:container-name", - "ecs:task" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ExecuteCommand.html" - }, - "GetTaskProtection": { - "privilege": "GetTaskProtection", - "description": "Grants permission to retrieve the protection status of tasks in an Amazon ECS service", - "access_level": "Read", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_GetTaskProtection.html" - }, - "ListAccountSettings": { - "privilege": "ListAccountSettings", - "description": "Grants permission to list the account settings for an Amazon ECS resource for a specified principal", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListAccountSettings.html" - }, - "ListAttributes": { - "privilege": "ListAttributes", - "description": "Grants permission to lists the attributes for Amazon ECS resources within a specified target type and cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListAttributes.html" - }, - "ListClusters": { - "privilege": "ListClusters", - "description": "Grants permission to get a list of existing clusters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListClusters.html" - }, - "ListContainerInstances": { - "privilege": "ListContainerInstances", - "description": "Grants permission to get a list of container instances in a specified cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListContainerInstances.html" - }, - "ListServices": { - "privilege": "ListServices", - "description": "Grants permission to get a list of services that are running in a specified cluster", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListServices.html" - }, - "ListServicesByNamespace": { - "privilege": "ListServicesByNamespace", - "description": "Grants permission to get a list of services that are running in a specified AWS Cloud Map Namespace", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:namespace" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListServicesByNamespace.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get a list of tags for the specified resource", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "container-instance": { - "resource_type": "container-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-definition": { - "resource_type": "task-definition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTaskDefinitionFamilies": { - "privilege": "ListTaskDefinitionFamilies", - "description": "Grants permission to get a list of task definition families that are registered to your account (which may include task definition families that no longer have any ACTIVE task definitions)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListServices.html" - }, - "ListTaskDefinitions": { - "privilege": "ListTaskDefinitions", - "description": "Grants permission to get a list of task definitions that are registered to your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListTaskDefinitions.html" - }, - "ListTasks": { - "privilege": "ListTasks", - "description": "Grants permission to get a list of tasks for a specified cluster", - "access_level": "List", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListTasks.html" - }, - "Poll": { - "privilege": "Poll", - "description": "Grants permission to an agent to connect with the Amazon ECS service to report status and get commands", - "access_level": "Write", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html" - }, - "PutAccountSetting": { - "privilege": "PutAccountSetting", - "description": "Grants permission to modify the ARN and resource ID format of a resource for a specified IAM user, IAM role, or the root user for an account. You can specify whether the new ARN and resource ID format are enabled for new resources that are created. Enabling this setting is required to use new Amazon ECS features such as resource tagging", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html" - }, - "PutAccountSettingDefault": { - "privilege": "PutAccountSettingDefault", - "description": "Grants permission to modify the ARN and resource ID format of a resource type for all IAM users on an account for which no individual account setting has been set. Enabling this setting is required to use new Amazon ECS features such as resource tagging", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html" - }, - "PutAttributes": { - "privilege": "PutAttributes", - "description": "Grants permission to create or update an attribute on an Amazon ECS resource", - "access_level": "Write", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAttributes.html" - }, - "PutClusterCapacityProviders": { - "privilege": "PutClusterCapacityProviders", - "description": "Grants permission to modify the available capacity providers and the default capacity provider strategy for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:capacity-provider" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutClusterCapacityProviders.html" - }, - "RegisterContainerInstance": { - "privilege": "RegisterContainerInstance", - "description": "Grants permission to register an EC2 instance into the specified cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RegisterContainerInstance.html" - }, - "RegisterTaskDefinition": { - "privilege": "RegisterTaskDefinition", - "description": "Grants permission to register a new task definition from the supplied family and containerDefinitions", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RegisterTaskDefinition.html" - }, - "RunTask": { - "privilege": "RunTask", - "description": "Grants permission to start a task using random placement and the default Amazon ECS scheduler", - "access_level": "Write", - "resource_types": { - "task-definition": { - "resource_type": "task-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:capacity-provider", - "ecs:enable-execute-command", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html" - }, - "StartTask": { - "privilege": "StartTask", - "description": "Grants permission to start a new task from the specified task definition on the specified container instance or instances", - "access_level": "Write", - "resource_types": { - "task-definition": { - "resource_type": "task-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:container-instances", - "ecs:enable-execute-command", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_StartTask.html" - }, - "StartTelemetrySession": { - "privilege": "StartTelemetrySession", - "description": "Grants permission to start a telemetry session", - "access_level": "Write", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-metrics.html#enable_cloudwatch" - }, - "StopTask": { - "privilege": "StopTask", - "description": "Grants permission to stop a running task", - "access_level": "Write", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_StopTask.html" - }, - "SubmitAttachmentStateChanges": { - "privilege": "SubmitAttachmentStateChanges", - "description": "Grants permission to send an acknowledgement that attachments changed states", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_SubmitAttachmentStateChanges.html" - }, - "SubmitContainerStateChange": { - "privilege": "SubmitContainerStateChange", - "description": "Grants permission to send an acknowledgement that a container changed states", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_SubmitContainerStateChange.html" - }, - "SubmitTaskStateChange": { - "privilege": "SubmitTaskStateChange", - "description": "Grants permission to send an acknowledgement that a task changed states", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_SubmitTaskStateChange.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag the specified resource", - "access_level": "Tagging", - "resource_types": { - "capacity-provider": { - "resource_type": "capacity-provider", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "container-instance": { - "resource_type": "container-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-definition": { - "resource_type": "task-definition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-set": { - "resource_type": "task-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "ecs:CreateAction" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified resource", - "access_level": "Tagging", - "resource_types": { - "capacity-provider": { - "resource_type": "capacity-provider", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "container-instance": { - "resource_type": "container-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-definition": { - "resource_type": "task-definition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task-set": { - "resource_type": "task-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UntagResource.html" - }, - "UpdateCapacityProvider": { - "privilege": "UpdateCapacityProvider", - "description": "Grants permission to update the specified capacity provider", - "access_level": "Write", - "resource_types": { - "capacity-provider": { - "resource_type": "capacity-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateCapacityProvider.html" - }, - "UpdateCluster": { - "privilege": "UpdateCluster", - "description": "Grants permission to modify the configuration or settings to use for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateCluster.html" - }, - "UpdateClusterSettings": { - "privilege": "UpdateClusterSettings", - "description": "Grants permission to modify the settings to use for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateClusterSettings.html" - }, - "UpdateContainerAgent": { - "privilege": "UpdateContainerAgent", - "description": "Grants permission to update the Amazon ECS container agent on a specified container instance", - "access_level": "Write", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateContainerAgent.html" - }, - "UpdateContainerInstancesState": { - "privilege": "UpdateContainerInstancesState", - "description": "Grants permission to the user to modify the status of an Amazon ECS container instance", - "access_level": "Write", - "resource_types": { - "container-instance": { - "resource_type": "container-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateContainerInstancesState.html" - }, - "UpdateService": { - "privilege": "UpdateService", - "description": "Grants permission to modify the parameters of a service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:capacity-provider", - "ecs:enable-execute-command", - "ecs:enable-service-connect", - "ecs:namespace", - "ecs:task-definition" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateService.html" - }, - "UpdateServicePrimaryTaskSet": { - "privilege": "UpdateServicePrimaryTaskSet", - "description": "Grants permission to modify the primary task set used in a service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateServicePrimaryTaskSet.html" - }, - "UpdateTaskProtection": { - "privilege": "UpdateTaskProtection", - "description": "Grants permission to modify the protection status of a task", - "access_level": "Write", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateTaskProtection.html" - }, - "UpdateTaskSet": { - "privilege": "UpdateTaskSet", - "description": "Grants permission to update the specified task set", - "access_level": "Write", - "resource_types": { - "task-set": { - "resource_type": "task-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ecs:cluster", - "ecs:service" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateTaskSet.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:cluster/${ClusterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecs:ResourceTag/${TagKey}" - ] - }, - "container-instance": { - "resource": "container-instance", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:container-instance/${ClusterName}/${ContainerInstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecs:ResourceTag/${TagKey}" - ] - }, - "service": { - "resource": "service", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:service/${ClusterName}/${ServiceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecs:ResourceTag/${TagKey}" - ] - }, - "task": { - "resource": "task", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:task/${ClusterName}/${TaskId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecs:ResourceTag/${TagKey}" - ] - }, - "task-definition": { - "resource": "task-definition", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:task-definition/${TaskDefinitionFamilyName}:${TaskDefinitionRevisionNumber}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecs:ResourceTag/${TagKey}" - ] - }, - "capacity-provider": { - "resource": "capacity-provider", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:capacity-provider/${CapacityProviderName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecs:ResourceTag/${TagKey}" - ] - }, - "task-set": { - "resource": "task-set", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:task-set/${ClusterName}/${ServiceName}/${TaskSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ecs:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "ecs:ResourceTag/${TagKey}": { - "condition": "ecs:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "ecs:capacity-provider": { - "condition": "ecs:capacity-provider", - "description": "Filters access by the ARN of an Amazon ECS capacity provider", - "type": "ARN" - }, - "ecs:cluster": { - "condition": "ecs:cluster", - "description": "Filters access by the ARN of an Amazon ECS cluster", - "type": "ARN" - }, - "ecs:container-instances": { - "condition": "ecs:container-instances", - "description": "Filters access by the ARN of an Amazon ECS container instance", - "type": "ARN" - }, - "ecs:container-name": { - "condition": "ecs:container-name", - "description": "Filters access by the name of an Amazon ECS container which is defined in the ECS task definition", - "type": "String" - }, - "ecs:enable-execute-command": { - "condition": "ecs:enable-execute-command", - "description": "Filters access by the execute-command capability of your Amazon ECS task or Amazon ECS service", - "type": "String" - }, - "ecs:enable-service-connect": { - "condition": "ecs:enable-service-connect", - "description": "Filters access by the enable field value in the Service Connect configuration", - "type": "String" - }, - "ecs:namespace": { - "condition": "ecs:namespace", - "description": "Filters access by the ARN of AWS Cloud Map namespace which is defined in the Service Connect Configuration", - "type": "ARN" - }, - "ecs:service": { - "condition": "ecs:service", - "description": "Filters access by the ARN of an Amazon ECS service", - "type": "ARN" - }, - "ecs:task": { - "condition": "ecs:task", - "description": "Filters access by the ARN of an Amazon ECS task", - "type": "ARN" - }, - "ecs:task-definition": { - "condition": "ecs:task-definition", - "description": "Filters access by the ARN of an Amazon ECS task definition", - "type": "ARN" - } - } - }, - "elasticfilesystem": { - "service_name": "Amazon Elastic File System", - "prefix": "elasticfilesystem", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticfilesystem.html", - "privileges": { - "Backup": { - "privilege": "Backup", - "description": "Grants permission to start a backup job for an existing file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-backup-solutions.html" - }, - "ClientMount": { - "privilege": "ClientMount", - "description": "Grants permission to allow an NFS client read-access to a file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticfilesystem:AccessPointArn", - "elasticfilesystem:AccessedViaMountTarget" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-client-authorization.html" - }, - "ClientRootAccess": { - "privilege": "ClientRootAccess", - "description": "Grants permission to allow an NFS client root-access to a file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticfilesystem:AccessPointArn", - "elasticfilesystem:AccessedViaMountTarget" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-client-authorization.html" - }, - "ClientWrite": { - "privilege": "ClientWrite", - "description": "Grants permission to allow an NFS client write-access to a file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticfilesystem:AccessPointArn", - "elasticfilesystem:AccessedViaMountTarget" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-client-authorization.html" - }, - "CreateAccessPoint": { - "privilege": "CreateAccessPoint", - "description": "Grants permission to create an access point for the specified file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateAccessPoint.html" - }, - "CreateFileSystem": { - "privilege": "CreateFileSystem", - "description": "Grants permission to create a new, empty file system", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticfilesystem:Encrypted" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateFileSystem.html" - }, - "CreateMountTarget": { - "privilege": "CreateMountTarget", - "description": "Grants permission to create a mount target for a file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateMountTarget.html" - }, - "CreateReplicationConfiguration": { - "privilege": "CreateReplicationConfiguration", - "description": "Grants permission to create a new replication configuration", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateReplicationConfiguration.html" - }, - "CreateTags": { - "privilege": "CreateTags", - "description": "Grants permission to create or overwrite tags associated with a file system; deprecated, see TagResource", - "access_level": "Tagging", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateTags.html" - }, - "DeleteAccessPoint": { - "privilege": "DeleteAccessPoint", - "description": "Grants permission to delete the specified access point", - "access_level": "Write", - "resource_types": { - "access-point": { - "resource_type": "access-point", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteAccessPoint.html" - }, - "DeleteFileSystem": { - "privilege": "DeleteFileSystem", - "description": "Grants permission to delete a file system, permanently severing access to its contents", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteFileSystem.html" - }, - "DeleteFileSystemPolicy": { - "privilege": "DeleteFileSystemPolicy", - "description": "Grants permission to delete the resource-level policy for a file system", - "access_level": "Permissions management", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteFileSystemPolicy.html" - }, - "DeleteMountTarget": { - "privilege": "DeleteMountTarget", - "description": "Grants permission to delete the specified mount target", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteMountTarget.html" - }, - "DeleteReplicationConfiguration": { - "privilege": "DeleteReplicationConfiguration", - "description": "Grants permission to delete a replication configuration", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteReplicationConfiguration.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete the specified tags from a file system; deprecated, see UntagResource", - "access_level": "Tagging", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteTags.html" - }, - "DescribeAccessPoints": { - "privilege": "DescribeAccessPoints", - "description": "Grants permission to view the descriptions of Amazon EFS access points", - "access_level": "List", - "resource_types": { - "access-point": { - "resource_type": "access-point", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeAccessPoints.html" - }, - "DescribeAccountPreferences": { - "privilege": "DescribeAccountPreferences", - "description": "Grants permission to view the account preferences in effect for an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeAccountPreferences.html" - }, - "DescribeBackupPolicy": { - "privilege": "DescribeBackupPolicy", - "description": "Grants permission to view the BackupPolicy object for an Amazon EFS file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeBackupPolicy.html" - }, - "DescribeFileSystemPolicy": { - "privilege": "DescribeFileSystemPolicy", - "description": "Grants permission to view the resource-level policy for an Amazon EFS file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeFileSystemPolicy.html" - }, - "DescribeFileSystems": { - "privilege": "DescribeFileSystems", - "description": "Grants permission to view the description of an Amazon EFS file system specified by file system CreationToken or FileSystemId; or to view the description of all file systems owned by the caller's AWS account in the AWS region of the endpoint that is being called", - "access_level": "List", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeFileSystems.html" - }, - "DescribeLifecycleConfiguration": { - "privilege": "DescribeLifecycleConfiguration", - "description": "Grants permission to view the LifecycleConfiguration object for an Amazon EFS file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeLifecycleConfiguration.html" - }, - "DescribeMountTargetSecurityGroups": { - "privilege": "DescribeMountTargetSecurityGroups", - "description": "Grants permission to view the security groups in effect for a mount target", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeMountTargetSecurityGroups.html" - }, - "DescribeMountTargets": { - "privilege": "DescribeMountTargets", - "description": "Grants permission to view the descriptions of all mount targets, or a specific mount target, for a file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "access-point": { - "resource_type": "access-point", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeMountTargets.html" - }, - "DescribeReplicationConfigurations": { - "privilege": "DescribeReplicationConfigurations", - "description": "Grants permission to view the description of an Amazon EFS replication configuration specified by FileSystemId; or to view the description of all replication configurations owned by the caller's AWS account in the AWS region of the endpoint that is being called", - "access_level": "List", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeReplicationConfigurations.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to view the tags associated with a file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeTags.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to view the tags associated with the specified Amazon EFS resource", - "access_level": "Read", - "resource_types": { - "access-point": { - "resource_type": "access-point", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_ListTagsForResource.html" - }, - "ModifyMountTargetSecurityGroups": { - "privilege": "ModifyMountTargetSecurityGroups", - "description": "Grants permission to modify the set of security groups in effect for a mount target", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_ModifyMountTargetSecurityGroups.html" - }, - "PutAccountPreferences": { - "privilege": "PutAccountPreferences", - "description": "Grants permission to set the account preferences of an account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutAccountPreferences.html" - }, - "PutBackupPolicy": { - "privilege": "PutBackupPolicy", - "description": "Grants permission to enable or disable automatic backups with AWS Backup by creating a new BackupPolicy object", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutBackupPolicy.html" - }, - "PutFileSystemPolicy": { - "privilege": "PutFileSystemPolicy", - "description": "Grants permission to apply a resource-level policy that defines the actions allowed or denied from given actors for the specified file system", - "access_level": "Permissions management", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutFileSystemPolicy.html" - }, - "PutLifecycleConfiguration": { - "privilege": "PutLifecycleConfiguration", - "description": "Grants permission to enable lifecycle management by creating a new LifecycleConfiguration object", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutLifecycleConfiguration.html" - }, - "Restore": { - "privilege": "Restore", - "description": "Grants permission to start a restore job for a backup of a file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-backup-solutions.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to create or overwrite tags associated with the specified Amazon EFS resource", - "access_level": "Tagging", - "resource_types": { - "access-point": { - "resource_type": "access-point", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticfilesystem:CreateAction" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to delete the specified tags from an Amazon EFS resource", - "access_level": "Tagging", - "resource_types": { - "access-point": { - "resource_type": "access-point", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_UntagResource.html" - }, - "UpdateFileSystem": { - "privilege": "UpdateFileSystem", - "description": "Grants permission to update the throughput mode or the amount of provisioned throughput of an existing file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_UpdateFileSystem.html" - } - }, - "resources": { - "file-system": { - "resource": "file-system", - "arn": "arn:${Partition}:elasticfilesystem:${Region}:${Account}:file-system/${FileSystemId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "access-point": { - "resource": "access-point", - "arn": "arn:${Partition}:elasticfilesystem:${Region}:${Account}:access-point/${AccessPointId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - }, - "elasticfilesystem:AccessPointArn": { - "condition": "elasticfilesystem:AccessPointArn", - "description": "Filters access by the ARN of the access point used to mount the file system", - "type": "String" - }, - "elasticfilesystem:AccessedViaMountTarget": { - "condition": "elasticfilesystem:AccessedViaMountTarget", - "description": "Filters access by whether the file system is accessed via mount targets", - "type": "Bool" - }, - "elasticfilesystem:CreateAction": { - "condition": "elasticfilesystem:CreateAction", - "description": "Filters access by the name of a resource-creating API action", - "type": "String" - }, - "elasticfilesystem:Encrypted": { - "condition": "elasticfilesystem:Encrypted", - "description": "Filters access by whether users can create only encrypted or unencrypted file systems", - "type": "Bool" - } - } - }, - "elastic-inference": { - "service_name": "Amazon Elastic Inference", - "prefix": "elastic-inference", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticinference.html", - "privileges": { - "Connect": { - "privilege": "Connect", - "description": "Grants permission to customer for connecting to Elastic Inference accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DescribeAcceleratorOfferings": { - "privilege": "DescribeAcceleratorOfferings", - "description": "Grants permission to describe the locations in which a given accelerator type or set of types is present in a given region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DescribeAcceleratorTypes": { - "privilege": "DescribeAcceleratorTypes", - "description": "Grants permission to describe the accelerator types available in a given region, as well as their characteristics, such as memory and throughput", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DescribeAccelerators": { - "privilege": "DescribeAccelerators", - "description": "Grants permission to describe information over a provided set of accelerators belonging to an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags on an Amazon RDS resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign one or more tags (key-value pairs) to the specified QuickSight resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag or tags from a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - } - }, - "resources": { - "accelerator": { - "resource": "accelerator", - "arn": "arn:${Partition}:elastic-inference:${Region}:${Account}:elastic-inference-accelerator/${AcceleratorId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "eks": { - "service_name": "Amazon Elastic Kubernetes Service", - "prefix": "eks", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelastickubernetesservice.html", - "privileges": { - "AccessKubernetesApi": { - "privilege": "AccessKubernetesApi", - "description": "Grants permission to view Kubernetes objects via AWS EKS console", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/userguide/view-workloads.html" - }, - "AssociateEncryptionConfig": { - "privilege": "AssociateEncryptionConfig", - "description": "Grants permission to associate encryption configuration to a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_AssociateEncryptionConfig.html" - }, - "AssociateIdentityProviderConfig": { - "privilege": "AssociateIdentityProviderConfig", - "description": "Grants permission to associate an identity provider configuration to a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "eks:clientId", - "eks:issuerUrl" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_AssociateIdentityProviderConfig.html" - }, - "CreateAddon": { - "privilege": "CreateAddon", - "description": "Grants permission to create an Amazon EKS add-on", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateAddon.html" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create an Amazon EKS cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateCluster.html" - }, - "CreateFargateProfile": { - "privilege": "CreateFargateProfile", - "description": "Grants permission to create an AWS Fargate profile", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateFargateProfile.html" - }, - "CreateNodegroup": { - "privilege": "CreateNodegroup", - "description": "Grants permission to create an Amazon EKS Nodegroup", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateNodegroup.html" - }, - "DeleteAddon": { - "privilege": "DeleteAddon", - "description": "Grants permission to delete an Amazon EKS add-on", - "access_level": "Write", - "resource_types": { - "addon": { - "resource_type": "addon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteAddon.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permission to delete an Amazon EKS cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteCluster.html" - }, - "DeleteFargateProfile": { - "privilege": "DeleteFargateProfile", - "description": "Grants permission to delete an AWS Fargate profile", - "access_level": "Write", - "resource_types": { - "fargateprofile": { - "resource_type": "fargateprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteFargateProfile.html" - }, - "DeleteNodegroup": { - "privilege": "DeleteNodegroup", - "description": "Grants permission to delete an Amazon EKS Nodegroup", - "access_level": "Write", - "resource_types": { - "nodegroup": { - "resource_type": "nodegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteNodegroup.html" - }, - "DeregisterCluster": { - "privilege": "DeregisterCluster", - "description": "Grants permission to deregister an External cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeregisterCluster.html" - }, - "DescribeAddon": { - "privilege": "DescribeAddon", - "description": "Grants permission to retrieve descriptive information about an Amazon EKS add-on", - "access_level": "Read", - "resource_types": { - "addon": { - "resource_type": "addon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddon.html" - }, - "DescribeAddonConfiguration": { - "privilege": "DescribeAddonConfiguration", - "description": "Grants permission to list configuration options about an Amazon EKS add-on", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonConfiguration.html" - }, - "DescribeAddonVersions": { - "privilege": "DescribeAddonVersions", - "description": "Grants permission to retrieve descriptive version information about the add-ons that Amazon EKS Add-ons supports", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html" - }, - "DescribeCluster": { - "privilege": "DescribeCluster", - "description": "Grants permission to retrieve descriptive information about an Amazon EKS cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeCluster.html" - }, - "DescribeFargateProfile": { - "privilege": "DescribeFargateProfile", - "description": "Grants permission to retrieve descriptive information about an AWS Fargate profile associated with a cluster", - "access_level": "Read", - "resource_types": { - "fargateprofile": { - "resource_type": "fargateprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeFargateProfile.html" - }, - "DescribeIdentityProviderConfig": { - "privilege": "DescribeIdentityProviderConfig", - "description": "Grants permission to retrieve descriptive information about an Idp config associated with a cluster", - "access_level": "Read", - "resource_types": { - "identityproviderconfig": { - "resource_type": "identityproviderconfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeIdentityProviderConfig.html" - }, - "DescribeNodegroup": { - "privilege": "DescribeNodegroup", - "description": "Grants permission to retrieve descriptive information about an Amazon EKS nodegroup", - "access_level": "Read", - "resource_types": { - "nodegroup": { - "resource_type": "nodegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeNodegroup.html" - }, - "DescribeUpdate": { - "privilege": "DescribeUpdate", - "description": "Grants permission to retrieve a given update for a given Amazon EKS cluster/nodegroup/add-on (in the specified or default region)", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "addon": { - "resource_type": "addon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "nodegroup": { - "resource_type": "nodegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeUpdate.html" - }, - "DisassociateIdentityProviderConfig": { - "privilege": "DisassociateIdentityProviderConfig", - "description": "Grants permission to delete an asssociated Idp config", - "access_level": "Write", - "resource_types": { - "identityproviderconfig": { - "resource_type": "identityproviderconfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DisassociateIdentityProviderConfig.html" - }, - "ListAddons": { - "privilege": "ListAddons", - "description": "Grants permission to list the Amazon EKS add-ons in your AWS account (in the specified or default region) for a given cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html" - }, - "ListClusters": { - "privilege": "ListClusters", - "description": "Grants permission to list the Amazon EKS clusters in your AWS account (in the specified or default region)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListClusters.html" - }, - "ListFargateProfiles": { - "privilege": "ListFargateProfiles", - "description": "Grants permission to list the AWS Fargate profiles in your AWS account (in the specified or default region) associated with a given cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListFargateProfiles.html" - }, - "ListIdentityProviderConfigs": { - "privilege": "ListIdentityProviderConfigs", - "description": "Grants permission to list the Idp configs in your AWS account (in the specified or default region) associated with a given cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListIdentityProviderConfigs.html" - }, - "ListNodegroups": { - "privilege": "ListNodegroups", - "description": "Grants permission to list the Amazon EKS nodegroups in your AWS account (in the specified or default region) attached to given cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListNodegroups.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for the specified resource", - "access_level": "Read", - "resource_types": { - "addon": { - "resource_type": "addon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fargateprofile": { - "resource_type": "fargateprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "identityproviderconfig": { - "resource_type": "identityproviderconfig", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "nodegroup": { - "resource_type": "nodegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListTagsForResource.html" - }, - "ListUpdates": { - "privilege": "ListUpdates", - "description": "Grants permission to list the updates for a given Amazon EKS cluster/nodegroup/add-on (in the specified or default region)", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "addon": { - "resource_type": "addon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "nodegroup": { - "resource_type": "nodegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListUpdates.html" - }, - "RegisterCluster": { - "privilege": "RegisterCluster", - "description": "Grants permission to register an External cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_RegisterCluster.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag the specified resource", - "access_level": "Tagging", - "resource_types": { - "addon": { - "resource_type": "addon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fargateprofile": { - "resource_type": "fargateprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "identityproviderconfig": { - "resource_type": "identityproviderconfig", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "nodegroup": { - "resource_type": "nodegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified resource", - "access_level": "Tagging", - "resource_types": { - "addon": { - "resource_type": "addon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fargateprofile": { - "resource_type": "fargateprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "identityproviderconfig": { - "resource_type": "identityproviderconfig", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "nodegroup": { - "resource_type": "nodegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UntagResource.html" - }, - "UpdateAddon": { - "privilege": "UpdateAddon", - "description": "Grants permission to update Amazon EKS add-on configurations, such as the VPC-CNI version", - "access_level": "Write", - "resource_types": { - "addon": { - "resource_type": "addon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html" - }, - "UpdateClusterConfig": { - "privilege": "UpdateClusterConfig", - "description": "Grants permission to update Amazon EKS cluster configurations (eg: API server endpoint access)", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateClusterConfig.html" - }, - "UpdateClusterVersion": { - "privilege": "UpdateClusterVersion", - "description": "Grants permission to update the Kubernetes version of an Amazon EKS cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateClusterVersion.html" - }, - "UpdateNodegroupConfig": { - "privilege": "UpdateNodegroupConfig", - "description": "Grants permission to update Amazon EKS nodegroup configurations (eg: min/max/desired capacity or labels)", - "access_level": "Write", - "resource_types": { - "nodegroup": { - "resource_type": "nodegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupConfig.html" - }, - "UpdateNodegroupVersion": { - "privilege": "UpdateNodegroupVersion", - "description": "Grants permission to update the Kubernetes version of an Amazon EKS nodegroup", - "access_level": "Write", - "resource_types": { - "nodegroup": { - "resource_type": "nodegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupVersion.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:eks:${Region}:${Account}:cluster/${ClusterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "nodegroup": { - "resource": "nodegroup", - "arn": "arn:${Partition}:eks:${Region}:${Account}:nodegroup/${ClusterName}/${NodegroupName}/${UUID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "addon": { - "resource": "addon", - "arn": "arn:${Partition}:eks:${Region}:${Account}:addon/${ClusterName}/${AddonName}/${UUID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "fargateprofile": { - "resource": "fargateprofile", - "arn": "arn:${Partition}:eks:${Region}:${Account}:fargateprofile/${ClusterName}/${FargateProfileName}/${UUID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "identityproviderconfig": { - "resource": "identityproviderconfig", - "arn": "arn:${Partition}:eks:${Region}:${Account}:identityproviderconfig/${ClusterName}/${IdentityProviderType}/${IdentityProviderConfigName}/${UUID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a key that is present in the request the user makes to the EKS service", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the list of all the tag key names present in the request the user makes to the EKS service", - "type": "ArrayOfString" - }, - "eks:clientId": { - "condition": "eks:clientId", - "description": "Filters access by the clientId present in the associateIdentityProviderConfig request the user makes to the EKS service", - "type": "String" - }, - "eks:issuerUrl": { - "condition": "eks:issuerUrl", - "description": "Filters access by the issuerUrl present in the associateIdentityProviderConfig request the user makes to the EKS service", - "type": "String" - } - } - }, - "elasticmapreduce": { - "service_name": "Amazon Elastic MapReduce", - "prefix": "elasticmapreduce", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticmapreduce.html", - "privileges": { - "AddInstanceFleet": { - "privilege": "AddInstanceFleet", - "description": "Grants permission to add an instance fleet to a running cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddInstanceFleet.html" - }, - "AddInstanceGroups": { - "privilege": "AddInstanceGroups", - "description": "Grants permission to add instance groups to a running cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddInstanceGroups.html" - }, - "AddJobFlowSteps": { - "privilege": "AddJobFlowSteps", - "description": "Grants permission to add new steps to a running cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticmapreduce:ExecutionRoleArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddJobFlowSteps.html" - }, - "AddTags": { - "privilege": "AddTags", - "description": "Grants permission to add tags to an Amazon EMR resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "editor": { - "resource_type": "editor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "notebook-execution": { - "resource_type": "notebook-execution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio": { - "resource_type": "studio", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticmapreduce:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddTags.html" - }, - "AttachEditor": { - "privilege": "AttachEditor", - "description": "Grants permission to attach an EMR notebook to a compute engine", - "access_level": "Write", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "CancelSteps": { - "privilege": "CancelSteps", - "description": "Grants permission to cancel a pending step or steps in a running cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_CancelSteps.html" - }, - "CreateEditor": { - "privilege": "CreateEditor", - "description": "Grants permission to create an EMR notebook", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticmapreduce:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-create.html" - }, - "CreatePersistentAppUI": { - "privilege": "CreatePersistentAppUI", - "description": "Grants permission to create a persistent application history server", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" - }, - "CreateRepository": { - "privilege": "CreateRepository", - "description": "Grants permission to create an EMR notebook repository", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "CreateSecurityConfiguration": { - "privilege": "CreateSecurityConfiguration", - "description": "Grants permission to create a security configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_CreateSecurityConfiguration.html" - }, - "CreateStudio": { - "privilege": "CreateStudio", - "description": "Grants permission to create an EMR Studio", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticmapreduce:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "CreateStudioPresignedUrl": { - "privilege": "CreateStudioPresignedUrl", - "description": "Grants permission to launch an EMR Studio using IAM authentication mode", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "CreateStudioSessionMapping": { - "privilege": "CreateStudioSessionMapping", - "description": "Grants permission to create an EMR Studio session mapping", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "DeleteEditor": { - "privilege": "DeleteEditor", - "description": "Grants permission to delete an EMR notebook", - "access_level": "Write", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-deleting" - }, - "DeleteRepository": { - "privilege": "DeleteRepository", - "description": "Grants permission to delete an EMR notebook repository", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "DeleteSecurityConfiguration": { - "privilege": "DeleteSecurityConfiguration", - "description": "Grants permission to delete a security configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DeleteSecurityConfiguration.html" - }, - "DeleteStudio": { - "privilege": "DeleteStudio", - "description": "Grants permission to delete an EMR Studio", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "DeleteStudioSessionMapping": { - "privilege": "DeleteStudioSessionMapping", - "description": "Grants permission to delete an EMR Studio session mapping", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "DeleteWorkspaceAccess": { - "privilege": "DeleteWorkspaceAccess", - "description": "Grants permission to block an identity from opening a collaborative workspace", - "access_level": "Permissions management", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "DescribeCluster": { - "privilege": "DescribeCluster", - "description": "Grants permission to get details about a cluster, including status, hardware and software configuration, VPC settings, and so on", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeCluster.html" - }, - "DescribeEditor": { - "privilege": "DescribeEditor", - "description": "Grants permission to view information about a notebook, including status, user, role, tags, location, and more", - "access_level": "Read", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "DescribeJobFlows": { - "privilege": "DescribeJobFlows", - "description": "Grants permission to describe details of clusters (job flows). This API is deprecated and will eventually be removed. We recommend you use ListClusters, DescribeCluster, ListSteps, ListInstanceGroups and ListBootstrapActions instead", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeJobFlows.html" - }, - "DescribeNotebookExecution": { - "privilege": "DescribeNotebookExecution", - "description": "Grants permission to view information about a notebook execution", - "access_level": "Read", - "resource_types": { - "notebook-execution": { - "resource_type": "notebook-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" - }, - "DescribePersistentAppUI": { - "privilege": "DescribePersistentAppUI", - "description": "Grants permission to describe a persistent application history server", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" - }, - "DescribeReleaseLabel": { - "privilege": "DescribeReleaseLabel", - "description": "Grants permission to view information about an EMR release, such as which applications are supported", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeReleaseLabel.html" - }, - "DescribeRepository": { - "privilege": "DescribeRepository", - "description": "Grants permission to describe an EMR notebook repository", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "DescribeSecurityConfiguration": { - "privilege": "DescribeSecurityConfiguration", - "description": "Grants permission to get details of a security configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeSecurityConfiguration.html" - }, - "DescribeStep": { - "privilege": "DescribeStep", - "description": "Grants permission to get details about a cluster step", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeStep.html" - }, - "DescribeStudio": { - "privilege": "DescribeStudio", - "description": "Grants permission to view information about an EMR Studio", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "DetachEditor": { - "privilege": "DetachEditor", - "description": "Grants permission to detach an EMR notebook from a compute engine", - "access_level": "Write", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "GetAutoTerminationPolicy": { - "privilege": "GetAutoTerminationPolicy", - "description": "Grants permission to retrieve the auto-termination policy associated with a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_GetAutoTerminationPolicy.html" - }, - "GetBlockPublicAccessConfiguration": { - "privilege": "GetBlockPublicAccessConfiguration", - "description": "Grants permission to retrieve the EMR block public access configuration for the AWS account in the Region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_GetBlockPublicAccessConfiguration.html" - }, - "GetClusterSessionCredentials": { - "privilege": "GetClusterSessionCredentials", - "description": "Grants permission to retrieve HTTP basic credentials associated with a given execution IAM Role for a fine-grained access control enabled EMR Cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticmapreduce:ExecutionRoleArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-steps-runtime-roles.html" - }, - "GetManagedScalingPolicy": { - "privilege": "GetManagedScalingPolicy", - "description": "Grants permission to retrieve the managed scaling policy associated with a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_GetManagedScalingPolicy.html" - }, - "GetOnClusterAppUIPresignedURL": { - "privilege": "GetOnClusterAppUIPresignedURL", - "description": "Grants permission to get a presigned URL for an application history server running on the cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" - }, - "GetPersistentAppUIPresignedURL": { - "privilege": "GetPersistentAppUIPresignedURL", - "description": "Grants permission to get a presigned URL for a persistent application history server", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" - }, - "GetStudioSessionMapping": { - "privilege": "GetStudioSessionMapping", - "description": "Grants permission to view information about an EMR Studio session mapping", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "LinkRepository": { - "privilege": "LinkRepository", - "description": "Grants permission to link an EMR notebook repository to EMR notebooks", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "ListBootstrapActions": { - "privilege": "ListBootstrapActions", - "description": "Grants permission to get details about the bootstrap actions associated with a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListBootstrapActions.html" - }, - "ListClusters": { - "privilege": "ListClusters", - "description": "Grants permission to get the status of accessible clusters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListClusters.html" - }, - "ListEditors": { - "privilege": "ListEditors", - "description": "Grants permission to list summary information for accessible EMR notebooks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "ListInstanceFleets": { - "privilege": "ListInstanceFleets", - "description": "Grants permission to get details of instance fleets in a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListInstanceFleets.html" - }, - "ListInstanceGroups": { - "privilege": "ListInstanceGroups", - "description": "Grants permission to get details of instance groups in a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListInstanceGroups.html" - }, - "ListInstances": { - "privilege": "ListInstances", - "description": "Grants permission to get details about the Amazon EC2 instances in a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListInstances.html" - }, - "ListNotebookExecutions": { - "privilege": "ListNotebookExecutions", - "description": "Grants permission to list summary information for notebook executions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" - }, - "ListReleaseLabels": { - "privilege": "ListReleaseLabels", - "description": "Grants permission to list and filter the available EMR releases in the current region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListReleaseLabels.html" - }, - "ListRepositories": { - "privilege": "ListRepositories", - "description": "Grants permission to list existing EMR notebook repositories", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "ListSecurityConfigurations": { - "privilege": "ListSecurityConfigurations", - "description": "Grants permission to list available security configurations in this account by name, along with creation dates and times", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListSecurityConfigurations.html" - }, - "ListSteps": { - "privilege": "ListSteps", - "description": "Grants permission to list steps associated with a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListSteps.html" - }, - "ListStudioSessionMappings": { - "privilege": "ListStudioSessionMappings", - "description": "Grants permission to list summary information about EMR Studio session mappings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "ListStudios": { - "privilege": "ListStudios", - "description": "Grants permission to list summary information about EMR Studios", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "ListSupportedInstanceTypes": { - "privilege": "ListSupportedInstanceTypes", - "description": "Grants permission to list the Amazon EC2 instance types that an Amazon EMR release supports", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListSupportedInstanceTypes.html" - }, - "ListWorkspaceAccessIdentities": { - "privilege": "ListWorkspaceAccessIdentities", - "description": "Grants permission to list identities that are granted access to a workspace", - "access_level": "List", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "ModifyCluster": { - "privilege": "ModifyCluster", - "description": "Grants permission to change cluster settings such as number of steps that can be executed concurrently for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ModifyCluster.html" - }, - "ModifyInstanceFleet": { - "privilege": "ModifyInstanceFleet", - "description": "Grants permission to change the target On-Demand and target Spot capacities for a instance fleet", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ModifyInstanceFleet.html" - }, - "ModifyInstanceGroups": { - "privilege": "ModifyInstanceGroups", - "description": "Grants permission to change the number and configuration of EC2 instances for an instance group", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ModifyInstanceGroups.html" - }, - "OpenEditorInConsole": { - "privilege": "OpenEditorInConsole", - "description": "Grants permission to launch the Jupyter notebook editor for an EMR notebook from within the console", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "PutAutoScalingPolicy": { - "privilege": "PutAutoScalingPolicy", - "description": "Grants permission to create or update an automatic scaling policy for a core instance group or task instance group", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutAutoScalingPolicy.html" - }, - "PutAutoTerminationPolicy": { - "privilege": "PutAutoTerminationPolicy", - "description": "Grants permission to create or update the auto-termination policy associated with a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutAutoTerminationPolicy.html" - }, - "PutBlockPublicAccessConfiguration": { - "privilege": "PutBlockPublicAccessConfiguration", - "description": "Grants permission to create or update the EMR block public access configuration for the AWS account in the Region", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutBlockPublicAccessConfiguration.html" - }, - "PutManagedScalingPolicy": { - "privilege": "PutManagedScalingPolicy", - "description": "Grants permission to create or update the managed scaling policy associated with a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutManagedScalingPolicy.html" - }, - "PutWorkspaceAccess": { - "privilege": "PutWorkspaceAccess", - "description": "Grants permission to allow an identity to open a collaborative workspace", - "access_level": "Permissions management", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "RemoveAutoScalingPolicy": { - "privilege": "RemoveAutoScalingPolicy", - "description": "Grants permission to remove an automatic scaling policy from an instance group", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveAutoScalingPolicy.html" - }, - "RemoveAutoTerminationPolicy": { - "privilege": "RemoveAutoTerminationPolicy", - "description": "Grants permission to remove the auto-termination policy associated with a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveAutoTerminationPolicy.html" - }, - "RemoveManagedScalingPolicy": { - "privilege": "RemoveManagedScalingPolicy", - "description": "Grants permission to remove the managed scaling policy associated with a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveManagedScalingPolicy.html" - }, - "RemoveTags": { - "privilege": "RemoveTags", - "description": "Grants permission to remove tags from an Amazon EMR resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "editor": { - "resource_type": "editor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "notebook-execution": { - "resource_type": "notebook-execution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio": { - "resource_type": "studio", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveTags.html" - }, - "RunJobFlow": { - "privilege": "RunJobFlow", - "description": "Grants permission to create and launch a cluster (job flow)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticmapreduce:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RunJobFlow.html" - }, - "SetTerminationProtection": { - "privilege": "SetTerminationProtection", - "description": "Grants permission to add and remove termination protection for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_SetTerminationProtection.html" - }, - "SetVisibleToAllUsers": { - "privilege": "SetVisibleToAllUsers", - "description": "Grants permission to set whether all AWS Identity and Access Management (IAM) users in the AWS account can view a cluster. This API is deprecated and your cluster may be visible to all users in your account. To restrict cluster access using an IAM policy, see AWS Identity and Access Management for Amazon EMR (https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-access-iam.html)", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_SetVisibleToAllUsers.html" - }, - "StartEditor": { - "privilege": "StartEditor", - "description": "Grants permission to start an EMR notebook", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "StartNotebookExecution": { - "privilege": "StartNotebookExecution", - "description": "Grants permission to start an EMR notebook execution", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "elasticmapreduce:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" - }, - "StopEditor": { - "privilege": "StopEditor", - "description": "Grants permission to shut down an EMR notebook", - "access_level": "Write", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html" - }, - "StopNotebookExecution": { - "privilege": "StopNotebookExecution", - "description": "Grants permission to stop notebook execution", - "access_level": "Write", - "resource_types": { - "notebook-execution": { - "resource_type": "notebook-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" - }, - "TerminateJobFlows": { - "privilege": "TerminateJobFlows", - "description": "Grants permission to terminate a cluster (job flow)", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_TerminateJobFlows.html" - }, - "UnlinkRepository": { - "privilege": "UnlinkRepository", - "description": "Grants permission to unlink an EMR notebook repository from EMR notebooks", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "UpdateEditor": { - "privilege": "UpdateEditor", - "description": "Grants permission to update an EMR notebook", - "access_level": "Write", - "resource_types": { - "editor": { - "resource_type": "editor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" - }, - "UpdateRepository": { - "privilege": "UpdateRepository", - "description": "Grants permission to update an EMR notebook repository", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" - }, - "UpdateStudio": { - "privilege": "UpdateStudio", - "description": "Grants permission to update information about an EMR Studio", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "UpdateStudioSessionMapping": { - "privilege": "UpdateStudioSessionMapping", - "description": "Grants permission to update an EMR Studio session mapping", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" - }, - "ViewEventsFromAllClustersInConsole": { - "privilege": "ViewEventsFromAllClustersInConsole", - "description": "Grants permission to use the EMR console to view events from all clusters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticmapreduce.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:cluster/${ClusterId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticmapreduce:ResourceTag/${TagKey}" - ] - }, - "editor": { - "resource": "editor", - "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:editor/${EditorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticmapreduce:ResourceTag/${TagKey}" - ] - }, - "notebook-execution": { - "resource": "notebook-execution", - "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:notebook-execution/${NotebookExecutionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticmapreduce:ResourceTag/${TagKey}" - ] - }, - "studio": { - "resource": "studio", - "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:studio/${StudioId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticmapreduce:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by whether the tag and value pair is provided with the action", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag and value pair associated with an Amazon EMR resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by whether the tag keys are provided with the action regardless of tag value", - "type": "ArrayOfString" - }, - "elasticmapreduce:ExecutionRoleArn": { - "condition": "elasticmapreduce:ExecutionRoleArn", - "description": "Filters access by whether the execution role ARN is provided with the action", - "type": "String" - }, - "elasticmapreduce:RequestTag/${TagKey}": { - "condition": "elasticmapreduce:RequestTag/${TagKey}", - "description": "Filters access by whether the tag and value pair is provided with the action", - "type": "String" - }, - "elasticmapreduce:ResourceTag/${TagKey}": { - "condition": "elasticmapreduce:ResourceTag/${TagKey}", - "description": "Filters access by the tag and value pair associated with an Amazon EMR resource", - "type": "String" - } - } - }, - "elastictranscoder": { - "service_name": "Amazon Elastic Transcoder", - "prefix": "elastictranscoder", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelastictranscoder.html", - "privileges": { - "CancelJob": { - "privilege": "CancelJob", - "description": "Cancel a job that Elastic Transcoder has not begun to process", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/cancel-job.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Create a job", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "preset": { - "resource_type": "preset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/create-job.html" - }, - "CreatePipeline": { - "privilege": "CreatePipeline", - "description": "Create a pipeline", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/create-pipeline.html" - }, - "CreatePreset": { - "privilege": "CreatePreset", - "description": "Create a preset", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/create-preset.html" - }, - "DeletePipeline": { - "privilege": "DeletePipeline", - "description": "Delete a pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/delete-pipeline.html" - }, - "DeletePreset": { - "privilege": "DeletePreset", - "description": "Delete a preset", - "access_level": "Write", - "resource_types": { - "preset": { - "resource_type": "preset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/delete-preset.html" - }, - "ListJobsByPipeline": { - "privilege": "ListJobsByPipeline", - "description": "Get a list of the jobs that you assigned to a pipeline", - "access_level": "List", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-jobs-by-pipeline.html" - }, - "ListJobsByStatus": { - "privilege": "ListJobsByStatus", - "description": "Get information about all of the jobs associated with the current AWS account that have a specified status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-jobs-by-status.html" - }, - "ListPipelines": { - "privilege": "ListPipelines", - "description": "Get a list of the pipelines associated with the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-pipelines.html" - }, - "ListPresets": { - "privilege": "ListPresets", - "description": "Get a list of all presets associated with the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-presets.html" - }, - "ReadJob": { - "privilege": "ReadJob", - "description": "Get detailed information about a job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/get-job.html" - }, - "ReadPipeline": { - "privilege": "ReadPipeline", - "description": "Get detailed information about a pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/get-pipeline.html" - }, - "ReadPreset": { - "privilege": "ReadPreset", - "description": "Get detailed information about a preset", - "access_level": "Read", - "resource_types": { - "preset": { - "resource_type": "preset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/get-preset.html" - }, - "TestRole": { - "privilege": "TestRole", - "description": "Test the settings for a pipeline to ensure that Elastic Transcoder can create and process jobs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/test-pipeline-role.html" - }, - "UpdatePipeline": { - "privilege": "UpdatePipeline", - "description": "Update settings for a pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/update-pipeline.html" - }, - "UpdatePipelineNotifications": { - "privilege": "UpdatePipelineNotifications", - "description": "Update only Amazon Simple Notification Service (Amazon SNS) notifications for a pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/update-pipeline-notifications.html" - }, - "UpdatePipelineStatus": { - "privilege": "UpdatePipelineStatus", - "description": "Pause or reactivate a pipeline, so the pipeline stops or restarts processing jobs, update the status for the pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/update-pipeline-status.html" - } - }, - "resources": { - "job": { - "resource": "job", - "arn": "arn:${Partition}:elastictranscoder:${Region}:${Account}:job/${JobId}", - "condition_keys": [] - }, - "pipeline": { - "resource": "pipeline", - "arn": "arn:${Partition}:elastictranscoder:${Region}:${Account}:pipeline/${PipelineId}", - "condition_keys": [] - }, - "preset": { - "resource": "preset", - "arn": "arn:${Partition}:elastictranscoder:${Region}:${Account}:preset/${PresetId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "emr-containers": { - "service_name": "Amazon EMR on EKS (EMR Containers)", - "prefix": "emr-containers", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemroneksemrcontainers.html", - "privileges": { - "CancelJobRun": { - "privilege": "CancelJobRun", - "description": "Grants permission to cancel a job run", - "access_level": "Write", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CancelJobRun.html" - }, - "CreateJobTemplate": { - "privilege": "CreateJobTemplate", - "description": "Grants permission to create a job template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CreateJobTemplate.html" - }, - "CreateManagedEndpoint": { - "privilege": "CreateManagedEndpoint", - "description": "Grants permission to create a managed endpoint", - "access_level": "Write", - "resource_types": { - "virtualCluster": { - "resource_type": "virtualCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "emr-containers:ExecutionRoleArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CreateManagedEndpoint.html" - }, - "CreateVirtualCluster": { - "privilege": "CreateVirtualCluster", - "description": "Grants permission to create a virtual cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CreateVirtualCluster.html" - }, - "DeleteJobTemplate": { - "privilege": "DeleteJobTemplate", - "description": "Grants permission to delete a job template", - "access_level": "Write", - "resource_types": { - "jobTemplate": { - "resource_type": "jobTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DeleteJobTemplate.html" - }, - "DeleteManagedEndpoint": { - "privilege": "DeleteManagedEndpoint", - "description": "Grants permission to delete a managed endpoint", - "access_level": "Write", - "resource_types": { - "managedEndpoint": { - "resource_type": "managedEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DeleteManagedEndpoint.html" - }, - "DeleteVirtualCluster": { - "privilege": "DeleteVirtualCluster", - "description": "Grants permission to delete a virtual cluster", - "access_level": "Write", - "resource_types": { - "virtualCluster": { - "resource_type": "virtualCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DeleteVirtualCluster.html" - }, - "DescribeJobRun": { - "privilege": "DescribeJobRun", - "description": "Grants permission to describe a job run", - "access_level": "Read", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeJobRun.html" - }, - "DescribeJobTemplate": { - "privilege": "DescribeJobTemplate", - "description": "Grants permission to describe a job template", - "access_level": "Read", - "resource_types": { - "jobTemplate": { - "resource_type": "jobTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeJobTemplate.html" - }, - "DescribeManagedEndpoint": { - "privilege": "DescribeManagedEndpoint", - "description": "Grants permission to describe a managed endpoint", - "access_level": "Read", - "resource_types": { - "managedEndpoint": { - "resource_type": "managedEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeManagedEndpoint.html" - }, - "DescribeVirtualCluster": { - "privilege": "DescribeVirtualCluster", - "description": "Grants permission to describe a virtual cluster", - "access_level": "Read", - "resource_types": { - "virtualCluster": { - "resource_type": "virtualCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeVirtualCluster.html" - }, - "GetManagedEndpointSessionCredentials": { - "privilege": "GetManagedEndpointSessionCredentials", - "description": "Grants permission to generate a session token used to connect to a managed endpoint", - "access_level": "Write", - "resource_types": { - "managedEndpoint": { - "resource_type": "managedEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_GetManagedEndpointSessionCredentials.html" - }, - "ListJobRuns": { - "privilege": "ListJobRuns", - "description": "Grants permission to list job runs associated with a virtual cluster", - "access_level": "List", - "resource_types": { - "virtualCluster": { - "resource_type": "virtualCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListJobRuns.html" - }, - "ListJobTemplates": { - "privilege": "ListJobTemplates", - "description": "Grants permission to list job templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListJobTemplates.html" - }, - "ListManagedEndpoints": { - "privilege": "ListManagedEndpoints", - "description": "Grants permission to list managed endpoints associated with a virtual cluster", - "access_level": "List", - "resource_types": { - "virtualCluster": { - "resource_type": "virtualCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListManagedEndpoints.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for the specified resource", - "access_level": "List", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobTemplate": { - "resource_type": "jobTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managedEndpoint": { - "resource_type": "managedEndpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualCluster": { - "resource_type": "virtualCluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListTagsForResource.html" - }, - "ListVirtualClusters": { - "privilege": "ListVirtualClusters", - "description": "Grants permission to list virtual clusters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListVirtualClusters.html" - }, - "StartJobRun": { - "privilege": "StartJobRun", - "description": "Grants permission to start a job run", - "access_level": "Write", - "resource_types": { - "virtualCluster": { - "resource_type": "virtualCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "emr-containers:ExecutionRoleArn", - "emr-containers:JobTemplateArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_StartJobRun.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag the specified resource", - "access_level": "Tagging", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobTemplate": { - "resource_type": "jobTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managedEndpoint": { - "resource_type": "managedEndpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualCluster": { - "resource_type": "virtualCluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified resource", - "access_level": "Tagging", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobTemplate": { - "resource_type": "jobTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managedEndpoint": { - "resource_type": "managedEndpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualCluster": { - "resource_type": "virtualCluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_UntagResource.html" - } - }, - "resources": { - "virtualCluster": { - "resource": "virtualCluster", - "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/virtualclusters/${VirtualClusterId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "jobRun": { - "resource": "jobRun", - "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/virtualclusters/${VirtualClusterId}/jobruns/${JobRunId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "jobTemplate": { - "resource": "jobTemplate", - "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/jobtemplates/${JobTemplateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "managedEndpoint": { - "resource": "managedEndpoint", - "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/virtualclusters/${VirtualClusterId}/endpoints/${EndpointId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs present in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys present in the request", - "type": "ArrayOfString" - }, - "emr-containers:ExecutionRoleArn": { - "condition": "emr-containers:ExecutionRoleArn", - "description": "Filters access by the execution role arn present in the request", - "type": "String" - }, - "emr-containers:JobTemplateArn": { - "condition": "emr-containers:JobTemplateArn", - "description": "Filters access by the job template arn present in the request", - "type": "String" - } - } - }, - "emr-serverless": { - "service_name": "Amazon EMR Serverless", - "prefix": "emr-serverless", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html", - "privileges": { - "CancelJobRun": { - "privilege": "CancelJobRun", - "description": "Grants permission to cancel a job run", - "access_level": "Write", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_CancelJobRun.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an Application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_CreateApplication.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_DeleteApplication.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to get application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html" - }, - "GetDashboardForJobRun": { - "privilege": "GetDashboardForJobRun", - "description": "Grants permission to get job run dashboard", - "access_level": "Read", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetDashboardForJobRun.html" - }, - "GetJobRun": { - "privilege": "GetJobRun", - "description": "Grants permission to get a job run", - "access_level": "Read", - "resource_types": { - "jobRun": { - "resource_type": "jobRun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetJobRun.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_ListApplications.html" - }, - "ListJobRuns": { - "privilege": "ListJobRuns", - "description": "Grants permission to list job runs associated with an application", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_ListJobRuns.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for the specified resource", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobRun": { - "resource_type": "jobRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_ListTagsForResource.html" - }, - "StartApplication": { - "privilege": "StartApplication", - "description": "Grants permission to Start an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_StartApplication.html" - }, - "StartJobRun": { - "privilege": "StartJobRun", - "description": "Grants permission to start a job run", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_StartJobRun.html" - }, - "StopApplication": { - "privilege": "StopApplication", - "description": "Grants permission to Stop an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_StopApplication.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag the specified resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobRun": { - "resource_type": "jobRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobRun": { - "resource_type": "jobRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to Update an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_UpdateApplication.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:emr-serverless:${Region}:${Account}:/applications/${ApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "jobRun": { - "resource": "jobRun", - "arn": "arn:${Partition}:emr-serverless:${Region}:${Account}:/applications/${ApplicationId}/jobruns/${JobRunId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "events": { - "service_name": "Amazon EventBridge", - "prefix": "events", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridge.html", - "privileges": { - "ActivateEventSource": { - "privilege": "ActivateEventSource", - "description": "Grants permission to activate partner event sources", - "access_level": "Write", - "resource_types": { - "event-source": { - "resource_type": "event-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ActivateEventSource.html" - }, - "CancelReplay": { - "privilege": "CancelReplay", - "description": "Grants permission to cancel a replay", - "access_level": "Write", - "resource_types": { - "replay": { - "resource_type": "replay", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CancelReplay.html" - }, - "CreateApiDestination": { - "privilege": "CreateApiDestination", - "description": "Grants permission to create a new api destination", - "access_level": "Write", - "resource_types": { - "api-destination": { - "resource_type": "api-destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateApiDestination.html" - }, - "CreateArchive": { - "privilege": "CreateArchive", - "description": "Grants permission to create a new archive", - "access_level": "Write", - "resource_types": { - "archive": { - "resource_type": "archive", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "event-bus": { - "resource_type": "event-bus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html" - }, - "CreateConnection": { - "privilege": "CreateConnection", - "description": "Grants permission to create a new connection", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateConnection.html" - }, - "CreateEndpoint": { - "privilege": "CreateEndpoint", - "description": "Grants permission to create an endpoint", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:EventBusArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEndpoint.html" - }, - "CreateEventBus": { - "privilege": "CreateEventBus", - "description": "Grants permission to create event buses", - "access_level": "Write", - "resource_types": { - "event-bus": { - "resource_type": "event-bus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEventBus.html" - }, - "CreatePartnerEventSource": { - "privilege": "CreatePartnerEventSource", - "description": "Grants permission to create partner event sources", - "access_level": "Write", - "resource_types": { - "event-source": { - "resource_type": "event-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreatePartnerEventSource.html" - }, - "DeactivateEventSource": { - "privilege": "DeactivateEventSource", - "description": "Grants permission to deactivate event sources", - "access_level": "Write", - "resource_types": { - "event-source": { - "resource_type": "event-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeactivateEventSource.html" - }, - "DeauthorizeConnection": { - "privilege": "DeauthorizeConnection", - "description": "Grants permission to deauthorize a connection, deleting its stored authorization secrets", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeauthorizeConnection.html" - }, - "DeleteApiDestination": { - "privilege": "DeleteApiDestination", - "description": "Grants permission to delete an api destination", - "access_level": "Write", - "resource_types": { - "api-destination": { - "resource_type": "api-destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteApiDestination.html" - }, - "DeleteArchive": { - "privilege": "DeleteArchive", - "description": "Grants permission to delete an archive", - "access_level": "Write", - "resource_types": { - "archive": { - "resource_type": "archive", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteArchive.html" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete a connection", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteConnection.html" - }, - "DeleteEndpoint": { - "privilege": "DeleteEndpoint", - "description": "Grants permission to delete an endpoint", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteEndpoint.html" - }, - "DeleteEventBus": { - "privilege": "DeleteEventBus", - "description": "Grants permission to delete event buses", - "access_level": "Write", - "resource_types": { - "event-bus": { - "resource_type": "event-bus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeletePartnerEventSource.html" - }, - "DeletePartnerEventSource": { - "privilege": "DeletePartnerEventSource", - "description": "Grants permission to delete partner event sources", - "access_level": "Write", - "resource_types": { - "event-source": { - "resource_type": "event-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeletePartnerEventSource.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete rules", - "access_level": "Write", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:creatorAccount", - "events:ManagedBy" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteRule.html" - }, - "DescribeApiDestination": { - "privilege": "DescribeApiDestination", - "description": "Grants permission to retrieve details about an api destination", - "access_level": "Read", - "resource_types": { - "api-destination": { - "resource_type": "api-destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeApiDestination.html" - }, - "DescribeArchive": { - "privilege": "DescribeArchive", - "description": "Grants permission to retrieve details about an archive", - "access_level": "Read", - "resource_types": { - "archive": { - "resource_type": "archive", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeArchive.html" - }, - "DescribeConnection": { - "privilege": "DescribeConnection", - "description": "Grants permission to retrieve details about a conection", - "access_level": "Read", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeConnection.html" - }, - "DescribeEndpoint": { - "privilege": "DescribeEndpoint", - "description": "Grants permission to retrieve details about an endpoint", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEndpoint.html" - }, - "DescribeEventBus": { - "privilege": "DescribeEventBus", - "description": "Grants permission to retrieve details about event buses", - "access_level": "Read", - "resource_types": { - "event-bus": { - "resource_type": "event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEventBus.html" - }, - "DescribeEventSource": { - "privilege": "DescribeEventSource", - "description": "Grants permission to retrieve details about event sources", - "access_level": "Read", - "resource_types": { - "event-source": { - "resource_type": "event-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEventSource.html" - }, - "DescribePartnerEventSource": { - "privilege": "DescribePartnerEventSource", - "description": "Grants permission to retrieve details about partner event sources", - "access_level": "Read", - "resource_types": { - "event-source": { - "resource_type": "event-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribePartnerEventSource.html" - }, - "DescribeReplay": { - "privilege": "DescribeReplay", - "description": "Grants permission to retrieve the details of a replay", - "access_level": "Read", - "resource_types": { - "replay": { - "resource_type": "replay", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeReplay.html" - }, - "DescribeRule": { - "privilege": "DescribeRule", - "description": "Grants permission to retrieve details about rules", - "access_level": "Read", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:creatorAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeRule.html" - }, - "DisableRule": { - "privilege": "DisableRule", - "description": "Grants permission to disable rules", - "access_level": "Write", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:creatorAccount", - "events:ManagedBy" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DisableRule.html" - }, - "EnableRule": { - "privilege": "EnableRule", - "description": "Grants permission to enable rules", - "access_level": "Write", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:creatorAccount", - "events:ManagedBy" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_EnableRule.html" - }, - "InvokeApiDestination": { - "privilege": "InvokeApiDestination", - "description": "Grants permission to invoke an api destination", - "access_level": "Write", - "resource_types": { - "api-destination": { - "resource_type": "api-destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/userguide/iam-identity-based-access-control-eventbridge.html" - }, - "ListApiDestinations": { - "privilege": "ListApiDestinations", - "description": "Grants permission to retrieve a list of api destinations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListApiDestinations.html" - }, - "ListArchives": { - "privilege": "ListArchives", - "description": "Grants permission to retrieve a list of archives", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListArchives.html" - }, - "ListConnections": { - "privilege": "ListConnections", - "description": "Grants permission to retrieve a list of connections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListConnections.html" - }, - "ListEndpoints": { - "privilege": "ListEndpoints", - "description": "Grants permission to retrieve a list of endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEndpoints.html" - }, - "ListEventBuses": { - "privilege": "ListEventBuses", - "description": "Grants permission to retrieve a list of the event buses in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEventBuses.html" - }, - "ListEventSources": { - "privilege": "ListEventSources", - "description": "Grants permission to to retrieve a list of event sources shared with this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEventSources.html" - }, - "ListPartnerEventSourceAccounts": { - "privilege": "ListPartnerEventSourceAccounts", - "description": "Grants permission to retrieve a list of AWS account IDs associated with an event source", - "access_level": "List", - "resource_types": { - "event-source": { - "resource_type": "event-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListPartnerEventSourceAccounts.html" - }, - "ListPartnerEventSources": { - "privilege": "ListPartnerEventSources", - "description": "Grants permission to retrieve a list partner event sources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListPartnerEventSources.html" - }, - "ListReplays": { - "privilege": "ListReplays", - "description": "Grants permission to retrieve a list of replays", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListReplays.html" - }, - "ListRuleNamesByTarget": { - "privilege": "ListRuleNamesByTarget", - "description": "Grants permission to retrieve a list of the names of the rules associated with a target", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListRuleNamesByTarget.html" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to retrieve a list of the Amazon EventBridge rules in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListRules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of tags associated with an Amazon EventBridge resource", - "access_level": "List", - "resource_types": { - "event-bus": { - "resource_type": "event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:creatorAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTargetsByRule": { - "privilege": "ListTargetsByRule", - "description": "Grants permission to retrieve a list of targets defined for a rule", - "access_level": "List", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:creatorAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListTargetsByRule.html" - }, - "PutEvents": { - "privilege": "PutEvents", - "description": "Grants permission to send custom events to Amazon EventBridge", - "access_level": "Write", - "resource_types": { - "event-bus": { - "resource_type": "event-bus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:detail-type", - "events:source", - "events:eventBusInvocation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html" - }, - "PutPartnerEvents": { - "privilege": "PutPartnerEvents", - "description": "Grants permission to sends custom events to Amazon EventBridge", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPartnerEvents.html" - }, - "PutPermission": { - "privilege": "PutPermission", - "description": "Grants permission to use the PutPermission action to grants permission to another AWS account to put events to your default event bus", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html" - }, - "PutRule": { - "privilege": "PutRule", - "description": "Grants permission to create or updates rules", - "access_level": "Write", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:detail.userIdentity.principalId", - "events:detail-type", - "events:source", - "events:detail.service", - "events:detail.eventTypeCode", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "events:creatorAccount", - "events:ManagedBy" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutRule.html" - }, - "PutTargets": { - "privilege": "PutTargets", - "description": "Grants permission to add targets to a rule", - "access_level": "Write", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:TargetArn", - "events:creatorAccount", - "events:ManagedBy" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutTargets.html" - }, - "RemovePermission": { - "privilege": "RemovePermission", - "description": "Grants permission to revoke the permission of another AWS account to put events to your default event bus", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html" - }, - "RemoveTargets": { - "privilege": "RemoveTargets", - "description": "Grants permission to removes targets from a rule", - "access_level": "Write", - "resource_types": { - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:creatorAccount", - "events:ManagedBy" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemoveTargets.html" - }, - "StartReplay": { - "privilege": "StartReplay", - "description": "Grants permission to start a replay of an archive", - "access_level": "Write", - "resource_types": { - "archive": { - "resource_type": "archive", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "event-bus": { - "resource_type": "event-bus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "replay": { - "resource_type": "replay", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_StartReplay.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a tag to an Amazon EventBridge resource", - "access_level": "Tagging", - "resource_types": { - "event-bus": { - "resource_type": "event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "events:creatorAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_TagResource.html" - }, - "TestEventPattern": { - "privilege": "TestEventPattern", - "description": "Grants permission to test whether an event pattern matches the provided event", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_TestEventPattern.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an Amazon EventBridge resource", - "access_level": "Tagging", - "resource_types": { - "event-bus": { - "resource_type": "event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-custom-event-bus": { - "resource_type": "rule-on-custom-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule-on-default-event-bus": { - "resource_type": "rule-on-default-event-bus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "events:creatorAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UntagResource.html" - }, - "UpdateApiDestination": { - "privilege": "UpdateApiDestination", - "description": "Grants permission to update an api destination", - "access_level": "Write", - "resource_types": { - "api-destination": { - "resource_type": "api-destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateApiDestination.html" - }, - "UpdateArchive": { - "privilege": "UpdateArchive", - "description": "Grants permission to update an archive", - "access_level": "Write", - "resource_types": { - "archive": { - "resource_type": "archive", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateArchive.html" - }, - "UpdateConnection": { - "privilege": "UpdateConnection", - "description": "Grants permission to update a connection", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateConnection.html" - }, - "UpdateEndpoint": { - "privilege": "UpdateEndpoint", - "description": "Grants permission to update an endpoint", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "events:EventBusArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateEndpoint.html" - } - }, - "resources": { - "event-source": { - "resource": "event-source", - "arn": "arn:${Partition}:events:${Region}::event-source/${EventSourceName}", - "condition_keys": [] - }, - "event-bus": { - "resource": "event-bus", - "arn": "arn:${Partition}:events:${Region}:${Account}:event-bus/${EventBusName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "rule-on-default-event-bus": { - "resource": "rule-on-default-event-bus", - "arn": "arn:${Partition}:events:${Region}:${Account}:rule/${RuleName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "rule-on-custom-event-bus": { - "resource": "rule-on-custom-event-bus", - "arn": "arn:${Partition}:events:${Region}:${Account}:rule/${EventBusName}/${RuleName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "archive": { - "resource": "archive", - "arn": "arn:${Partition}:events:${Region}:${Account}:archive/${ArchiveName}", - "condition_keys": [] - }, - "replay": { - "resource": "replay", - "arn": "arn:${Partition}:events:${Region}:${Account}:replay/${ReplayName}", - "condition_keys": [] - }, - "connection": { - "resource": "connection", - "arn": "arn:${Partition}:events:${Region}:${Account}:connection/${ConnectionName}", - "condition_keys": [] - }, - "api-destination": { - "resource": "api-destination", - "arn": "arn:${Partition}:events:${Region}:${Account}:api-destination/${ApiDestinationName}", - "condition_keys": [] - }, - "endpoint": { - "resource": "endpoint", - "arn": "arn:${Partition}:events:${Region}:${Account}:endpoint/${EndpointName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the tags to event bus and rule actions", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource to event bus and rule actions", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tags in the request to event bus and rule actions", - "type": "ArrayOfString" - }, - "events:EventBusArn": { - "condition": "events:EventBusArn", - "description": "Filters access by the ARN of the event buses that can be associated with an endpoint to CreateEndpoint and UpdateEndpoint actions", - "type": "ArrayOfARN" - }, - "events:ManagedBy": { - "condition": "events:ManagedBy", - "description": "Filters access by AWS services. If a rule is created by an AWS service on your behalf, the value is the principal name of the service that created the rule", - "type": "String" - }, - "events:TargetArn": { - "condition": "events:TargetArn", - "description": "Filters access by the ARN of a target that can be put to a rule to PutTargets actions", - "type": "ArrayOfARN" - }, - "events:creatorAccount": { - "condition": "events:creatorAccount", - "description": "Filters access by the account the rule was created in to rule actions", - "type": "String" - }, - "events:detail-type": { - "condition": "events:detail-type", - "description": "Filters access by the literal string of the detail-type of the event to PutEvents and PutRule actions", - "type": "String" - }, - "events:detail.eventTypeCode": { - "condition": "events:detail.eventTypeCode", - "description": "Filters access by the literal string for the detail.eventTypeCode field of the event to PutRule actions", - "type": "String" - }, - "events:detail.service": { - "condition": "events:detail.service", - "description": "Filters access by the literal string for the detail.service field of the event to PutRule actions", - "type": "String" - }, - "events:detail.userIdentity.principalId": { - "condition": "events:detail.userIdentity.principalId", - "description": "Filters access by the literal string for the detail.useridentity.principalid field of the event to PutRule actions", - "type": "String" - }, - "events:eventBusInvocation": { - "condition": "events:eventBusInvocation", - "description": "Filters access by whether the event was generated via API or cross-account bus invocation to PutEvents actions", - "type": "String" - }, - "events:source": { - "condition": "events:source", - "description": "Filters access by the AWS service or AWS partner event source that generated the event to PutEvents and PutRule actions. Matches the literal string of the source field of the event", - "type": "ArrayOfString" - } - } - }, - "pipes": { - "service_name": "Amazon EventBridge Pipes", - "prefix": "pipes", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridgepipes.html", - "privileges": { - "CreatePipe": { - "privilege": "CreatePipe", - "description": "Grants permission to create a pipe", - "access_level": "Write", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_CreatePipe.html" - }, - "DeletePipe": { - "privilege": "DeletePipe", - "description": "Grants permission to delete a pipe", - "access_level": "Write", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_DeletePipe.html" - }, - "DescribePipe": { - "privilege": "DescribePipe", - "description": "Grants permission to describe a pipe", - "access_level": "Read", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_DescribePipe.html" - }, - "ListPipes": { - "privilege": "ListPipes", - "description": "Grants permission to list all pipes in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_ListPipes.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_ListTagsForResource.html" - }, - "StartPipe": { - "privilege": "StartPipe", - "description": "Grants permission to start a pipe", - "access_level": "Write", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_StartPipe.html" - }, - "StopPipe": { - "privilege": "StopPipe", - "description": "Grants permission to stop a pipe", - "access_level": "Write", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_StopPipe.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_UntagResource.html" - }, - "UpdatePipe": { - "privilege": "UpdatePipe", - "description": "Grants permission to update a pipe", - "access_level": "Write", - "resource_types": { - "pipe": { - "resource_type": "pipe", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_UpdatePipe.html" - } - }, - "resources": { - "pipe": { - "resource": "pipe", - "arn": "arn:${Partition}:pipes:${Region}:${Account}:pipe/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "scheduler": { - "service_name": "Amazon EventBridge Scheduler", - "prefix": "scheduler", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridgescheduler.html", - "privileges": { - "CreateSchedule": { - "privilege": "CreateSchedule", - "description": "Grants permission to create an Amazon EventBridge Scheduler schedule", - "access_level": "Write", - "resource_types": { - "schedule": { - "resource_type": "schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_CreateSchedule.html" - }, - "CreateScheduleGroup": { - "privilege": "CreateScheduleGroup", - "description": "Grants permission to create an Amazon EventBridge Scheduler schedule group", - "access_level": "Write", - "resource_types": { - "schedule-group": { - "resource_type": "schedule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_CreateScheduleGroup.html" - }, - "DeleteSchedule": { - "privilege": "DeleteSchedule", - "description": "Grants permission to delete an Amazon EventBridge Scheduler schedule", - "access_level": "Write", - "resource_types": { - "schedule": { - "resource_type": "schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_DeleteSchedule.html" - }, - "DeleteScheduleGroup": { - "privilege": "DeleteScheduleGroup", - "description": "Grants permission to delete an Amazon EventBridge Scheduler schedule group", - "access_level": "Write", - "resource_types": { - "schedule-group": { - "resource_type": "schedule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_DeleteScheduleGroup.html" - }, - "GetSchedule": { - "privilege": "GetSchedule", - "description": "Grants permission to view details about an Amazon EventBridge Scheduler schedule", - "access_level": "Read", - "resource_types": { - "schedule": { - "resource_type": "schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_GetSchedule.html" - }, - "GetScheduleGroup": { - "privilege": "GetScheduleGroup", - "description": "Grants permission to view details about an Amazon EventBridge Scheduler schedule group", - "access_level": "Read", - "resource_types": { - "schedule-group": { - "resource_type": "schedule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_GetScheduleGroup.html" - }, - "ListScheduleGroups": { - "privilege": "ListScheduleGroups", - "description": "Grants permission to list the Amazon EventBridge Scheduler schedule groups in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_ListScheduleGroups.html" - }, - "ListSchedules": { - "privilege": "ListSchedules", - "description": "Grants permission to list the Amazon EventBridge Scheduler schedules in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_ListSchedules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tag for an Amazon EventBridge Scheduler resource", - "access_level": "Read", - "resource_types": { - "schedule-group": { - "resource_type": "schedule-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon EventBridge Scheduler resource", - "access_level": "Tagging", - "resource_types": { - "schedule-group": { - "resource_type": "schedule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Amazon EventBridge Scheduler resource", - "access_level": "Tagging", - "resource_types": { - "schedule-group": { - "resource_type": "schedule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_UntagResource.html" - }, - "UpdateSchedule": { - "privilege": "UpdateSchedule", - "description": "Grants permission to modify an Amazon EventBridge Scheduler schedule", - "access_level": "Write", - "resource_types": { - "schedule": { - "resource_type": "schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_UpdateSchedule.html" - } - }, - "resources": { - "schedule-group": { - "resource": "schedule-group", - "arn": "arn:${Partition}:scheduler:${Region}:${Account}:schedule-group/${GroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "schedule": { - "resource": "schedule", - "arn": "arn:${Partition}:scheduler:${Region}:${Account}:schedule/${GroupName}/${ScheduleName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "schemas": { - "service_name": "Amazon EventBridge Schemas", - "prefix": "schemas", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridgeschemas.html", - "privileges": { - "CreateDiscoverer": { - "privilege": "CreateDiscoverer", - "description": "Grants permission to create an event schema discoverer. Once created, your events will be automatically map into corresponding schema documents", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#CreateDiscoverer" - }, - "CreateRegistry": { - "privilege": "CreateRegistry", - "description": "Grants permission to create a new schema registry in your account", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#CreateRegistry" - }, - "CreateSchema": { - "privilege": "CreateSchema", - "description": "Grants permission to create a new schema in your account", - "access_level": "Write", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#CreateSchema" - }, - "DeleteDiscoverer": { - "privilege": "DeleteDiscoverer", - "description": "Grants permission to delete discoverer in your account", - "access_level": "Write", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#DeleteDiscoverer" - }, - "DeleteRegistry": { - "privilege": "DeleteRegistry", - "description": "Grants permission to delete an existing registry in your account", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#DeleteRegistry" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete the resource-based policy attached to a given registry", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#DeleteResourcePolicy" - }, - "DeleteSchema": { - "privilege": "DeleteSchema", - "description": "Grants permission to delete an existing schema in your account", - "access_level": "Write", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DeleteSchema" - }, - "DeleteSchemaVersion": { - "privilege": "DeleteSchemaVersion", - "description": "Grants permission to delete a specific version of schema in your account", - "access_level": "Write", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-version-schemaversion.html#DeleteSchemaVersion" - }, - "DescribeCodeBinding": { - "privilege": "DescribeCodeBinding", - "description": "Grants permission to retrieve metadata for generated code for specific schema in your account", - "access_level": "Read", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-language-language.html#DescribeCodeBinding" - }, - "DescribeDiscoverer": { - "privilege": "DescribeDiscoverer", - "description": "Grants permission to retrieve discoverer metadata in your account", - "access_level": "Read", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#DescribeDiscoverer" - }, - "DescribeRegistry": { - "privilege": "DescribeRegistry", - "description": "Grants permission to describe an existing registry metadata in your account", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#DescribeRegistry" - }, - "DescribeSchema": { - "privilege": "DescribeSchema", - "description": "Grants permission to retrieve an existing schema in your account", - "access_level": "Read", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DescribeSchema" - }, - "ExportSchema": { - "privilege": "ExportSchema", - "description": "Grants permission to export the AWS registry or discovered schemas in OpenAPI 3 format to JSONSchema format", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#ExportSchema" - }, - "GetCodeBindingSource": { - "privilege": "GetCodeBindingSource", - "description": "Grants permission to retrieve metadata for generated code for specific schema in your account", - "access_level": "Read", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-language-language-source.html#GetCodeBindingSource" - }, - "GetDiscoveredSchema": { - "privilege": "GetDiscoveredSchema", - "description": "Grants permission to retrieve a schema for the provided list of sample events", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discover.html#GetDiscoveredSchema" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to retrieve the resource-based policy attached to a given registry", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#GetResourcePolicy" - }, - "ListDiscoverers": { - "privilege": "ListDiscoverers", - "description": "Grants permission to list all discoverers in your account", - "access_level": "List", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#ListDiscoverers" - }, - "ListRegistries": { - "privilege": "ListRegistries", - "description": "Grants permission to list all registries in your account", - "access_level": "List", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries.html#ListRegistries" - }, - "ListSchemaVersions": { - "privilege": "ListSchemaVersions", - "description": "Grants permission to list all versions of a schema", - "access_level": "List", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-versions.html#ListSchemaVersions" - }, - "ListSchemas": { - "privilege": "ListSchemas", - "description": "Grants permission to list all schemas", - "access_level": "List", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas.html#ListSchemas" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tags for a resource", - "access_level": "Read", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/tags-resource-arn.html#ListTagsForResource" - }, - "PutCodeBinding": { - "privilege": "PutCodeBinding", - "description": "Grants permission to generate code for specific schema in your account", - "access_level": "Write", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-language-language.html#PutCodeBinding" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to attach a resource-based policy to a given registry", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#PutResourcePolicy" - }, - "SearchSchemas": { - "privilege": "SearchSchemas", - "description": "Grants permission to search schemas based on specified keywords in your account", - "access_level": "List", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-search.html#SearchSchemas" - }, - "StartDiscoverer": { - "privilege": "StartDiscoverer", - "description": "Grants permission to start the specified discoverer. Once started the discoverer will automatically register schemas for published events to configured source in your account", - "access_level": "Write", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#StartDiscoverer" - }, - "StopDiscoverer": { - "privilege": "StopDiscoverer", - "description": "Grants permission to stop the specified discoverer. Once stopped the discoverer will no longer register schemas for published events to configured source in your account", - "access_level": "Write", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#StopDiscoverer" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/tags-resource-arn.html#TagResource" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a resource", - "access_level": "Tagging", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/tags-resource-arn.html#UntagResource" - }, - "UpdateDiscoverer": { - "privilege": "UpdateDiscoverer", - "description": "Grants permission to update an existing discoverer in your account", - "access_level": "Write", - "resource_types": { - "discoverer": { - "resource_type": "discoverer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#UpdateDiscoverer" - }, - "UpdateRegistry": { - "privilege": "UpdateRegistry", - "description": "Grants permission to update an existing registry metadata in your account", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#UpdateRegistry" - }, - "UpdateSchema": { - "privilege": "UpdateSchema", - "description": "Grants permission to update an existing schema in your account", - "access_level": "Write", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#UpdateSchema" - } - }, - "resources": { - "discoverer": { - "resource": "discoverer", - "arn": "arn:${Partition}:schemas:${Region}:${Account}:discoverer/${DiscovererId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "registry": { - "resource": "registry", - "arn": "arn:${Partition}:schemas:${Region}:${Account}:registry/${RegistryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "schema": { - "resource": "schema", - "arn": "arn:${Partition}:schemas:${Region}:${Account}:schema/${RegistryName}/${SchemaName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "finspace": { - "service_name": "Amazon FinSpace", - "prefix": "finspace", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfinspace.html", - "privileges": { - "ConnectKxCluster": { - "privilege": "ConnectKxCluster", - "description": "Grants permission to connect to a kdb cluster", - "access_level": "Write", - "resource_types": { - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/interacting-with-kdb-clusters.html" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to create a FinSpace environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateEnvironment.html" - }, - "CreateKxChangeset": { - "privilege": "CreateKxChangeset", - "description": "Grants permission to create a changeset for a kdb database", - "access_level": "Write", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxChangeset.html" - }, - "CreateKxCluster": { - "privilege": "CreateKxCluster", - "description": "Grants permission to create a cluster in a managed kdb environment", - "access_level": "Write", - "resource_types": { - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeSubnets", - "finspace:MountKxDatabase" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxCluster.html" - }, - "CreateKxDatabase": { - "privilege": "CreateKxDatabase", - "description": "Grants permission to create a kdb database in a managed kdb environment", - "access_level": "Write", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxDatabase.html" - }, - "CreateKxEnvironment": { - "privilege": "CreateKxEnvironment", - "description": "Grants permission to create a managed kdb environment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxEnvironment.html" - }, - "CreateKxUser": { - "privilege": "CreateKxUser", - "description": "Grants permission to create a user in a managed kdb environment", - "access_level": "Write", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxUser.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a FinSpace user", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete a FinSpace environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteEnvironment.html" - }, - "DeleteKxCluster": { - "privilege": "DeleteKxCluster", - "description": "Grants permission to delete a kdb cluster", - "access_level": "Write", - "resource_types": { - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxCluster.html" - }, - "DeleteKxDatabase": { - "privilege": "DeleteKxDatabase", - "description": "Grants permission to delete a kdb database", - "access_level": "Write", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxDatabase.html" - }, - "DeleteKxEnvironment": { - "privilege": "DeleteKxEnvironment", - "description": "Grants permission to delete a managed kdb environment", - "access_level": "Write", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxEnvironment.html" - }, - "DeleteKxUser": { - "privilege": "DeleteKxUser", - "description": "Grants permission to delete a kdb user", - "access_level": "Write", - "resource_types": { - "kxUser": { - "resource_type": "kxUser", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxUser.html" - }, - "GetEnvironment": { - "privilege": "GetEnvironment", - "description": "Grants permission to describe a FinSpace environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetEnvironment.html" - }, - "GetKxChangeset": { - "privilege": "GetKxChangeset", - "description": "Grants permission to describe a changeset for a kdb database", - "access_level": "Read", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxChangeset.html" - }, - "GetKxCluster": { - "privilege": "GetKxCluster", - "description": "Grants permission to describe a cluster in a managed kdb environment", - "access_level": "Read", - "resource_types": { - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxCluster.html" - }, - "GetKxConnectionString": { - "privilege": "GetKxConnectionString", - "description": "Grants permission to retrieve a connection string for kdb clusters", - "access_level": "Read", - "resource_types": { - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "finspace:ConnectKxCluster" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxConnectionString.html" - }, - "GetKxDatabase": { - "privilege": "GetKxDatabase", - "description": "Grants permission to describe a kdb database", - "access_level": "Read", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxDatabase.html" - }, - "GetKxEnvironment": { - "privilege": "GetKxEnvironment", - "description": "Grants permission to describe a managed kdb environment", - "access_level": "Read", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxEnvironment.html" - }, - "GetKxUser": { - "privilege": "GetKxUser", - "description": "Grants permission to describe a kdb user", - "access_level": "Read", - "resource_types": { - "kxUser": { - "resource_type": "kxUser", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxUser.html" - }, - "GetLoadSampleDataSetGroupIntoEnvironmentStatus": { - "privilege": "GetLoadSampleDataSetGroupIntoEnvironmentStatus", - "description": "Grants permission to request status of the loading of sample data bundle", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" - }, - "GetUser": { - "privilege": "GetUser", - "description": "Grants permission to describe a FinSpace user", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" - }, - "ListEnvironments": { - "privilege": "ListEnvironments", - "description": "Grants permission to list FinSpace environments in the AWS account", - "access_level": "List", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListEnvironments.html" - }, - "ListKxChangesets": { - "privilege": "ListKxChangesets", - "description": "Grants permission to list changesets for a kdb database", - "access_level": "List", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxChangesets.html" - }, - "ListKxClusterNodes": { - "privilege": "ListKxClusterNodes", - "description": "Grants permission to list cluster nodes in a managed kdb environment", - "access_level": "List", - "resource_types": { - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxClusterNodes.html" - }, - "ListKxClusters": { - "privilege": "ListKxClusters", - "description": "Grants permission to list clusters in a managed kdb environment", - "access_level": "List", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxClusters.html" - }, - "ListKxDatabases": { - "privilege": "ListKxDatabases", - "description": "Grants permission to list kdb databases in a managed kdb environment", - "access_level": "List", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxDatabases.html" - }, - "ListKxEnvironments": { - "privilege": "ListKxEnvironments", - "description": "Grants permission to list managed kdb environments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxEnvironments.html" - }, - "ListKxUsers": { - "privilege": "ListKxUsers", - "description": "Grants permission to list users in a managed kdb environment", - "access_level": "List", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxUsers.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return a list of tags for a resource", - "access_level": "List", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "kxUser": { - "resource_type": "kxUser", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListTagsForResource.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list FinSpace users in an environment", - "access_level": "List", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" - }, - "LoadSampleDataSetGroupIntoEnvironment": { - "privilege": "LoadSampleDataSetGroupIntoEnvironment", - "description": "Grants permission to load sample data bundle into your FinSpace environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" - }, - "MountKxDatabase": { - "privilege": "MountKxDatabase", - "description": "Grants permission to mount a database to a kdb cluster", - "access_level": "Write", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-managed-kdb-db.html" - }, - "ResetUserPassword": { - "privilege": "ResetUserPassword", - "description": "Grants permission to reset the password for a FinSpace user", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxCluster": { - "resource_type": "kxCluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxDatabase": { - "resource_type": "kxDatabase", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxUser": { - "resource_type": "kxUser", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxCluster": { - "resource_type": "kxCluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxDatabase": { - "resource_type": "kxDatabase", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "kxUser": { - "resource_type": "kxUser", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UntagResource.html" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to update a FinSpace environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateEnvironment.html" - }, - "UpdateKxClusterDatabases": { - "privilege": "UpdateKxClusterDatabases", - "description": "Grants permission to update databases for a cluster in a managed kdb environment", - "access_level": "Write", - "resource_types": { - "kxCluster": { - "resource_type": "kxCluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxClusterDatabases.html" - }, - "UpdateKxDatabase": { - "privilege": "UpdateKxDatabase", - "description": "Grants permission to update a kdb database", - "access_level": "Write", - "resource_types": { - "kxDatabase": { - "resource_type": "kxDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxDatabase.html" - }, - "UpdateKxEnvironment": { - "privilege": "UpdateKxEnvironment", - "description": "Grants permission to update a managed kdb environment", - "access_level": "Write", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxEnvironment.html" - }, - "UpdateKxEnvironmentNetwork": { - "privilege": "UpdateKxEnvironmentNetwork", - "description": "Grants permission to update the network for a managed kdb environment", - "access_level": "Write", - "resource_types": { - "kxEnvironment": { - "resource_type": "kxEnvironment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxEnvironmentNetwork.html" - }, - "UpdateKxUser": { - "privilege": "UpdateKxUser", - "description": "Grants permission to update a kdb user", - "access_level": "Write", - "resource_types": { - "kxUser": { - "resource_type": "kxUser", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxUser.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update a FinSpace user", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" - } - }, - "resources": { - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:finspace:${Region}:${Account}:environment/${EnvironmentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:finspace:${Region}:${Account}:user/${UserId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "kxEnvironment": { - "resource": "kxEnvironment", - "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "kxUser": { - "resource": "kxUser", - "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}/kxUser/${UserName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "kxCluster": { - "resource": "kxCluster", - "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}/kxCluster/${KxCluster}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "kxDatabase": { - "resource": "kxDatabase", - "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}/kxDatabase/${KxDatabase}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "finspace-api": { - "service_name": "Amazon FinSpace API", - "prefix": "finspace-api", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfinspaceapi.html", - "privileges": { - "GetProgrammaticAccessCredentials": { - "privilege": "GetProgrammaticAccessCredentials", - "description": "Grants permission to retrieve FinSpace programmatic access credentials", - "access_level": "Read", - "resource_types": { - "credential": { - "resource_type": "credential", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/data-api/API_GetProgrammaticAccessCredentials.html" - } - }, - "resources": { - "credential": { - "resource": "credential", - "arn": "arn:${Partition}:finspace-api:${Region}:${Account}:/credentials/programmatic", - "condition_keys": [] - } - }, - "conditions": {} - }, - "forecast": { - "service_name": "Amazon Forecast", - "prefix": "forecast", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonforecast.html", - "privileges": { - "CreateAutoPredictor": { - "privilege": "CreateAutoPredictor", - "description": "Grants permission to create an auto predictor", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateAutoPredictor.html" - }, - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Grants permission to create a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html" - }, - "CreateDatasetGroup": { - "privilege": "CreateDatasetGroup", - "description": "Grants permission to create a dataset group", - "access_level": "Write", - "resource_types": { - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDatasetGroup.html" - }, - "CreateDatasetImportJob": { - "privilege": "CreateDatasetImportJob", - "description": "Grants permission to create a dataset import job", - "access_level": "Write", - "resource_types": { - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDatasetImportJob.html" - }, - "CreateExplainability": { - "privilege": "CreateExplainability", - "description": "Grants permission to create an explainability", - "access_level": "Write", - "resource_types": { - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateExplainability.html" - }, - "CreateExplainabilityExport": { - "privilege": "CreateExplainabilityExport", - "description": "Grants permission to create an explainability export using an explainability resource", - "access_level": "Write", - "resource_types": { - "explainability": { - "resource_type": "explainability", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateExplainabilityExport.html" - }, - "CreateForecast": { - "privilege": "CreateForecast", - "description": "Grants permission to create a forecast", - "access_level": "Write", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateForecast.html" - }, - "CreateForecastEndpoint": { - "privilege": "CreateForecastEndpoint", - "description": "Grants permission to create an endpoint using a Predictor resource", - "access_level": "Write", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" - }, - "CreateForecastExportJob": { - "privilege": "CreateForecastExportJob", - "description": "Grants permission to create a forecast export job using a forecast resource", - "access_level": "Write", - "resource_types": { - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateForecastExportJob.html" - }, - "CreateMonitor": { - "privilege": "CreateMonitor", - "description": "Grants permission to create an monitor using a Predictor resource", - "access_level": "Write", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateMonitor.html" - }, - "CreatePredictor": { - "privilege": "CreatePredictor", - "description": "Grants permission to create a predictor", - "access_level": "Write", - "resource_types": { - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreatePredictor.html" - }, - "CreatePredictorBacktestExportJob": { - "privilege": "CreatePredictorBacktestExportJob", - "description": "Grants permission to create a predictor backtest export job using a predictor", - "access_level": "Write", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreatePredictorBacktestExportJob.html" - }, - "CreateWhatIfAnalysis": { - "privilege": "CreateWhatIfAnalysis", - "description": "Grants permission to create a what-if analysis", - "access_level": "Write", - "resource_types": { - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateWhatIfAnalysis.html" - }, - "CreateWhatIfForecast": { - "privilege": "CreateWhatIfForecast", - "description": "Grants permission to create a what-if forecast", - "access_level": "Write", - "resource_types": { - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateWhatIfForecast.html" - }, - "CreateWhatIfForecastExport": { - "privilege": "CreateWhatIfForecastExport", - "description": "Grants permission to create a what-if forecast export using what-if forecast resources", - "access_level": "Write", - "resource_types": { - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateWhatIfForecastExport.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Grants permission to delete a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteDataset.html" - }, - "DeleteDatasetGroup": { - "privilege": "DeleteDatasetGroup", - "description": "Grants permission to delete a dataset group", - "access_level": "Write", - "resource_types": { - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteDatasetGroup.html" - }, - "DeleteDatasetImportJob": { - "privilege": "DeleteDatasetImportJob", - "description": "Grants permission to delete a dataset import job", - "access_level": "Write", - "resource_types": { - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteDatasetImportJob.html" - }, - "DeleteExplainability": { - "privilege": "DeleteExplainability", - "description": "Grants permission to delete an explainability", - "access_level": "Write", - "resource_types": { - "explainability": { - "resource_type": "explainability", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteExplainability.html" - }, - "DeleteExplainabilityExport": { - "privilege": "DeleteExplainabilityExport", - "description": "Grants permission to delete an explainability export", - "access_level": "Write", - "resource_types": { - "explainabilityExport": { - "resource_type": "explainabilityExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteExplainabilityExport.html" - }, - "DeleteForecast": { - "privilege": "DeleteForecast", - "description": "Grants permission to delete a forecast", - "access_level": "Write", - "resource_types": { - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteForecast.html" - }, - "DeleteForecastEndpoint": { - "privilege": "DeleteForecastEndpoint", - "description": "Grants permission to delete an endpoint resource", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" - }, - "DeleteForecastExportJob": { - "privilege": "DeleteForecastExportJob", - "description": "Grants permission to delete a forecast export job", - "access_level": "Write", - "resource_types": { - "forecastExport": { - "resource_type": "forecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteForecastExportJob.html" - }, - "DeleteMonitor": { - "privilege": "DeleteMonitor", - "description": "Grants permission to delete a monitor resource", - "access_level": "Write", - "resource_types": { - "monitor": { - "resource_type": "monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteMonitor.html" - }, - "DeletePredictor": { - "privilege": "DeletePredictor", - "description": "Grants permission to delete a predictor", - "access_level": "Write", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeletePredictor.html" - }, - "DeletePredictorBacktestExportJob": { - "privilege": "DeletePredictorBacktestExportJob", - "description": "Grants permission to delete a predictor backtest export job", - "access_level": "Write", - "resource_types": { - "predictorBacktestExportJob": { - "resource_type": "predictorBacktestExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeletePredictorBacktestExportJob.html" - }, - "DeleteResourceTree": { - "privilege": "DeleteResourceTree", - "description": "Grants permission to delete a resource and its child resources", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "explainability": { - "resource_type": "explainability", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "explainabilityExport": { - "resource_type": "explainabilityExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "forecastExport": { - "resource_type": "forecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "monitor": { - "resource_type": "monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "predictorBacktestExportJob": { - "resource_type": "predictorBacktestExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecastExport": { - "resource_type": "whatIfForecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteResourceTree.html" - }, - "DeleteWhatIfAnalysis": { - "privilege": "DeleteWhatIfAnalysis", - "description": "Grants permission to delete a what-if analysis", - "access_level": "Write", - "resource_types": { - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteWhatIfAnalysis.html" - }, - "DeleteWhatIfForecast": { - "privilege": "DeleteWhatIfForecast", - "description": "Grants permission to delete a what-if forecast", - "access_level": "Write", - "resource_types": { - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteWhatIfForecast.html" - }, - "DeleteWhatIfForecastExport": { - "privilege": "DeleteWhatIfForecastExport", - "description": "Grants permission to delete a what-if forecast export", - "access_level": "Write", - "resource_types": { - "whatIfForecastExport": { - "resource_type": "whatIfForecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteWhatIfForecastExport.html" - }, - "DescribeAutoPredictor": { - "privilege": "DescribeAutoPredictor", - "description": "Grants permission to describe an auto predictor", - "access_level": "Read", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeAutoPredictor.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to describe a dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeDataset.html" - }, - "DescribeDatasetGroup": { - "privilege": "DescribeDatasetGroup", - "description": "Grants permission to describe a dataset group", - "access_level": "Read", - "resource_types": { - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeDatasetGroup.html" - }, - "DescribeDatasetImportJob": { - "privilege": "DescribeDatasetImportJob", - "description": "Grants permission to describe a dataset import job", - "access_level": "Read", - "resource_types": { - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeDatasetImportJob.html" - }, - "DescribeExplainability": { - "privilege": "DescribeExplainability", - "description": "Grants permission to describe an explainability", - "access_level": "Read", - "resource_types": { - "explainability": { - "resource_type": "explainability", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeExplainability.html" - }, - "DescribeExplainabilityExport": { - "privilege": "DescribeExplainabilityExport", - "description": "Grants permission to describe an explainability export", - "access_level": "Read", - "resource_types": { - "explainabilityExport": { - "resource_type": "explainabilityExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeExplainabilityExport.html" - }, - "DescribeForecast": { - "privilege": "DescribeForecast", - "description": "Grants permission to describe a forecast", - "access_level": "Read", - "resource_types": { - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeForecast.html" - }, - "DescribeForecastEndpoint": { - "privilege": "DescribeForecastEndpoint", - "description": "Grants permission to describe an endpoint resource", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" - }, - "DescribeForecastExportJob": { - "privilege": "DescribeForecastExportJob", - "description": "Grants permission to describe a forecast export job", - "access_level": "Read", - "resource_types": { - "forecastExport": { - "resource_type": "forecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeForecastExportJob.html" - }, - "DescribeMonitor": { - "privilege": "DescribeMonitor", - "description": "Grants permission to describe an monitor resource", - "access_level": "Read", - "resource_types": { - "monitor": { - "resource_type": "monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeMonitor.html" - }, - "DescribePredictor": { - "privilege": "DescribePredictor", - "description": "Grants permission to describe a predictor", - "access_level": "Read", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribePredictor.html" - }, - "DescribePredictorBacktestExportJob": { - "privilege": "DescribePredictorBacktestExportJob", - "description": "Grants permission to describe a predictor backtest export job", - "access_level": "Read", - "resource_types": { - "predictorBacktestExportJob": { - "resource_type": "predictorBacktestExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribePredictorBacktestExportJob.html" - }, - "DescribeWhatIfAnalysis": { - "privilege": "DescribeWhatIfAnalysis", - "description": "Grants permission to describe a what-if analysis", - "access_level": "Read", - "resource_types": { - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeWhatIfAnalysis.html" - }, - "DescribeWhatIfForecast": { - "privilege": "DescribeWhatIfForecast", - "description": "Grants permission to describe a what-if forecast", - "access_level": "Read", - "resource_types": { - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeWhatIfForecast.html" - }, - "DescribeWhatIfForecastExport": { - "privilege": "DescribeWhatIfForecastExport", - "description": "Grants permission to describe a what-if forecast export", - "access_level": "Read", - "resource_types": { - "whatIfForecastExport": { - "resource_type": "whatIfForecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeWhatIfForecastExport.html" - }, - "GetAccuracyMetrics": { - "privilege": "GetAccuracyMetrics", - "description": "Grants permission to get the Accuracy Metrics for a predictor", - "access_level": "Read", - "resource_types": { - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_GetAccuracyMetrics.html" - }, - "GetRecentForecastContext": { - "privilege": "GetRecentForecastContext", - "description": "Grants permission to get the forecast context of a timeseries for an endpoint", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" - }, - "InvokeForecastEndpoint": { - "privilege": "InvokeForecastEndpoint", - "description": "Grants permission to invoke the endpoint to get forecast for a timeseries", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" - }, - "ListDatasetGroups": { - "privilege": "ListDatasetGroups", - "description": "Grants permission to list all the dataset groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListDatasetGroups.html" - }, - "ListDatasetImportJobs": { - "privilege": "ListDatasetImportJobs", - "description": "Grants permission to list all the dataset import jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListDatasetImportJobs.html" - }, - "ListDatasets": { - "privilege": "ListDatasets", - "description": "Grants permission to list all the datasets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListDatasets.html" - }, - "ListExplainabilities": { - "privilege": "ListExplainabilities", - "description": "Grants permission to list all the explainabilities", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListExplainabilities.html" - }, - "ListExplainabilityExports": { - "privilege": "ListExplainabilityExports", - "description": "Grants permission to list all the explainability exports", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListExplainabilityExports.html" - }, - "ListForecastExportJobs": { - "privilege": "ListForecastExportJobs", - "description": "Grants permission to list all the forecast export jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListForecastExportJobs.html" - }, - "ListForecasts": { - "privilege": "ListForecasts", - "description": "Grants permission to list all the forecasts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListForecasts.html" - }, - "ListMonitorEvaluations": { - "privilege": "ListMonitorEvaluations", - "description": "Grants permission to list all the monitor evaluation result for a monitor", - "access_level": "Read", - "resource_types": { - "monitor": { - "resource_type": "monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListMonitorEvaluations.html" - }, - "ListMonitors": { - "privilege": "ListMonitors", - "description": "Grants permission to list all the monitor resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListMonitors.html" - }, - "ListPredictorBacktestExportJobs": { - "privilege": "ListPredictorBacktestExportJobs", - "description": "Grants permission to list all the predictor backtest export jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListPredictorBacktestExportJobs.html" - }, - "ListPredictors": { - "privilege": "ListPredictors", - "description": "Grants permission to list all the predictors", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListPredictors.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for an Amazon Forecast resource", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetGroup": { - "resource_type": "datasetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "explainability": { - "resource_type": "explainability", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "explainabilityExport": { - "resource_type": "explainabilityExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "forecast": { - "resource_type": "forecast", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "forecastExport": { - "resource_type": "forecastExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "monitor": { - "resource_type": "monitor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "predictor": { - "resource_type": "predictor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "predictorBacktestExportJob": { - "resource_type": "predictorBacktestExportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecastExport": { - "resource_type": "whatIfForecastExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListTagsForResource.html" - }, - "ListWhatIfAnalyses": { - "privilege": "ListWhatIfAnalyses", - "description": "Grants permission to list all the what-if analyses", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListWhatIfAnalyses.html" - }, - "ListWhatIfForecastExports": { - "privilege": "ListWhatIfForecastExports", - "description": "Grants permission to list all the what-if forecast exports", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListWhatIfForecastExports.html" - }, - "ListWhatIfForecasts": { - "privilege": "ListWhatIfForecasts", - "description": "Grants permission to list all the what-if forecasts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListWhatIfForecasts.html" - }, - "QueryForecast": { - "privilege": "QueryForecast", - "description": "Grants permission to retrieve a forecast for a single item", - "access_level": "Read", - "resource_types": { - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_forecastquery_QueryForecast.html" - }, - "QueryWhatIfForecast": { - "privilege": "QueryWhatIfForecast", - "description": "Grants permission to retrieve a what-if forecast for a single item", - "access_level": "Read", - "resource_types": { - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_forecastquery_QueryWhatIfForecast.html" - }, - "ResumeResource": { - "privilege": "ResumeResource", - "description": "Grants permission to resume Amazon Forecast resource jobs", - "access_level": "Write", - "resource_types": { - "monitor": { - "resource_type": "monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ResumeResource.html" - }, - "StopResource": { - "privilege": "StopResource", - "description": "Grants permission to stop Amazon Forecast resource jobs", - "access_level": "Write", - "resource_types": { - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "explainability": { - "resource_type": "explainability", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "explainabilityExport": { - "resource_type": "explainabilityExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "forecast": { - "resource_type": "forecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "forecastExport": { - "resource_type": "forecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "monitor": { - "resource_type": "monitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "predictor": { - "resource_type": "predictor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "predictorBacktestExportJob": { - "resource_type": "predictorBacktestExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecastExport": { - "resource_type": "whatIfForecastExport", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_StopResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate the specified tags to a resource", - "access_level": "Tagging", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetGroup": { - "resource_type": "datasetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "explainability": { - "resource_type": "explainability", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "explainabilityExport": { - "resource_type": "explainabilityExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "forecast": { - "resource_type": "forecast", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "forecastExport": { - "resource_type": "forecastExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "monitor": { - "resource_type": "monitor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "predictor": { - "resource_type": "predictor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "predictorBacktestExportJob": { - "resource_type": "predictorBacktestExportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecastExport": { - "resource_type": "whatIfForecastExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to delete the specified tags for a resource", - "access_level": "Tagging", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetGroup": { - "resource_type": "datasetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "explainability": { - "resource_type": "explainability", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "explainabilityExport": { - "resource_type": "explainabilityExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "forecast": { - "resource_type": "forecast", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "forecastExport": { - "resource_type": "forecastExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "monitor": { - "resource_type": "monitor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "predictor": { - "resource_type": "predictor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "predictorBacktestExportJob": { - "resource_type": "predictorBacktestExportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfAnalysis": { - "resource_type": "whatIfAnalysis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecast": { - "resource_type": "whatIfForecast", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "whatIfForecastExport": { - "resource_type": "whatIfForecastExport", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_UntagResource.html" - }, - "UpdateDatasetGroup": { - "privilege": "UpdateDatasetGroup", - "description": "Grants permission to update a dataset group", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_UpdateDatasetGroup.html" - } - }, - "resources": { - "dataset": { - "resource": "dataset", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:dataset/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "datasetGroup": { - "resource": "datasetGroup", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:dataset-group/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "datasetImportJob": { - "resource": "datasetImportJob", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:dataset-import-job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "algorithm": { - "resource": "algorithm", - "arn": "arn:${Partition}:forecast:::algorithm/${ResourceId}", - "condition_keys": [] - }, - "predictor": { - "resource": "predictor", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:predictor/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "predictorBacktestExportJob": { - "resource": "predictorBacktestExportJob", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:predictor-backtest-export-job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "forecast": { - "resource": "forecast", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:forecast/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "forecastExport": { - "resource": "forecastExport", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:forecast-export-job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "explainability": { - "resource": "explainability", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:explainability/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "explainabilityExport": { - "resource": "explainabilityExport", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:explainability-export/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "monitor": { - "resource": "monitor", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:monitor/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "whatIfAnalysis": { - "resource": "whatIfAnalysis", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:what-if-analysis/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "whatIfForecast": { - "resource": "whatIfForecast", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:what-if-forecast/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "whatIfForecastExport": { - "resource": "whatIfForecastExport", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:what-if-forecast-export/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "endpoint": { - "resource": "endpoint", - "arn": "arn:${Partition}:forecast:${Region}:${Account}:forecast-endpoint/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "frauddetector": { - "service_name": "Amazon Fraud Detector", - "prefix": "frauddetector", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfrauddetector.html", - "privileges": { - "BatchCreateVariable": { - "privilege": "BatchCreateVariable", - "description": "Grants permission to create a batch of variables", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_BatchCreateVariable.html" - }, - "BatchGetVariable": { - "privilege": "BatchGetVariable", - "description": "Grants permission to get a batch of variables", - "access_level": "List", - "resource_types": { - "variable": { - "resource_type": "variable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_BatchGetVariable.html" - }, - "CancelBatchImportJob": { - "privilege": "CancelBatchImportJob", - "description": "Grants permission to cancel the specified batch import job", - "access_level": "Write", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CancelBatchImportJob.html" - }, - "CancelBatchPredictionJob": { - "privilege": "CancelBatchPredictionJob", - "description": "Grants permission to cancel the specified batch prediction job", - "access_level": "Write", - "resource_types": { - "batch-prediction": { - "resource_type": "batch-prediction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CancelBatchPredictionJob.html" - }, - "CreateBatchImportJob": { - "privilege": "CreateBatchImportJob", - "description": "Grants permission to create a batch import job", - "access_level": "Write", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateBatchImportJob.html" - }, - "CreateBatchPredictionJob": { - "privilege": "CreateBatchPredictionJob", - "description": "Grants permission to create a batch prediction job", - "access_level": "Write", - "resource_types": { - "batch-prediction": { - "resource_type": "batch-prediction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "detector-version": { - "resource_type": "detector-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateBatchPredictionJob.html" - }, - "CreateDetectorVersion": { - "privilege": "CreateDetectorVersion", - "description": "Grants permission to create a detector version. The detector version starts in a DRAFT status", - "access_level": "Write", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "external-model": { - "resource_type": "external-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model-version": { - "resource_type": "model-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateDetectorVersion.html" - }, - "CreateList": { - "privilege": "CreateList", - "description": "Grants permission to create a list", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateList.html" - }, - "CreateModel": { - "privilege": "CreateModel", - "description": "Grants permission to create a model using the specified model type", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateModel.html" - }, - "CreateModelVersion": { - "privilege": "CreateModelVersion", - "description": "Grants permission to create a version of the model using the specified model type and model id", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateModelVersion.html" - }, - "CreateRule": { - "privilege": "CreateRule", - "description": "Grants permission to create a rule for use with the specified detector", - "access_level": "Write", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateRule.html" - }, - "CreateVariable": { - "privilege": "CreateVariable", - "description": "Grants permission to create a variable", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateVariable.html" - }, - "DeleteBatchImportJob": { - "privilege": "DeleteBatchImportJob", - "description": "Grants permission to delete a batch import job", - "access_level": "Write", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteBatchImportJob.html" - }, - "DeleteBatchPredictionJob": { - "privilege": "DeleteBatchPredictionJob", - "description": "Grants permission to delete a batch prediction job", - "access_level": "Write", - "resource_types": { - "batch-prediction": { - "resource_type": "batch-prediction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteBatchPredictionJob.html" - }, - "DeleteDetector": { - "privilege": "DeleteDetector", - "description": "Grants permission to delete the detector. Before deleting a detector, you must first delete all detector versions and rule versions associated with the detector", - "access_level": "Write", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteDetector.html" - }, - "DeleteDetectorVersion": { - "privilege": "DeleteDetectorVersion", - "description": "Grants permission to delete the detector version. You cannot delete detector versions that are in ACTIVE status", - "access_level": "Write", - "resource_types": { - "detector-version": { - "resource_type": "detector-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteDetectorVersion.html" - }, - "DeleteEntityType": { - "privilege": "DeleteEntityType", - "description": "Grants permission to delete an entity type. You cannot delete an entity type that is included in an event type", - "access_level": "Write", - "resource_types": { - "entity-type": { - "resource_type": "entity-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEntityType.html" - }, - "DeleteEvent": { - "privilege": "DeleteEvent", - "description": "Grants permission to deletes the specified event", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEvent.html" - }, - "DeleteEventType": { - "privilege": "DeleteEventType", - "description": "Grants permission to delete an event type. You cannot delete an event type that is used in a detector or a model", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEventType.html" - }, - "DeleteEventsByEventType": { - "privilege": "DeleteEventsByEventType", - "description": "Grants permission to delete events for the specified event type", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEventsByEventType.html" - }, - "DeleteExternalModel": { - "privilege": "DeleteExternalModel", - "description": "Grants permission to remove a SageMaker model from Amazon Fraud Detector. You can remove an Amazon SageMaker model if it is not associated with a detector version", - "access_level": "Write", - "resource_types": { - "external-model": { - "resource_type": "external-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteExternalModel.html" - }, - "DeleteLabel": { - "privilege": "DeleteLabel", - "description": "Grants permission to delete a label. You cannot delete labels that are included in an event type in Amazon Fraud Detector. You cannot delete a label assigned to an event ID. You must first delete the relevant event ID", - "access_level": "Write", - "resource_types": { - "label": { - "resource_type": "label", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteLabel.html" - }, - "DeleteList": { - "privilege": "DeleteList", - "description": "Grants permission to delete a list", - "access_level": "Write", - "resource_types": { - "list": { - "resource_type": "list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteList.html" - }, - "DeleteModel": { - "privilege": "DeleteModel", - "description": "Grants permission to delete a model. You can delete models and model versions in Amazon Fraud Detector, provided that they are not associated with a detector version", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteModel.html" - }, - "DeleteModelVersion": { - "privilege": "DeleteModelVersion", - "description": "Grants permission to delete a model version. You can delete models and model versions in Amazon Fraud Detector, provided that they are not associated with a detector version", - "access_level": "Write", - "resource_types": { - "model-version": { - "resource_type": "model-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteModelVersion.html" - }, - "DeleteOutcome": { - "privilege": "DeleteOutcome", - "description": "Grants permission to delete an outcome. You cannot delete an outcome that is used in a rule version", - "access_level": "Write", - "resource_types": { - "outcome": { - "resource_type": "outcome", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteOutcome.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete the rule. You cannot delete a rule if it is used by an ACTIVE or INACTIVE detector version", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteRule.html" - }, - "DeleteVariable": { - "privilege": "DeleteVariable", - "description": "Grants permission to delete a variable. You cannot delete variables that are included in an event type in Amazon Fraud Detector", - "access_level": "Write", - "resource_types": { - "variable": { - "resource_type": "variable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteVariable.html" - }, - "DescribeDetector": { - "privilege": "DescribeDetector", - "description": "Grants permission to get all versions for a specified detector", - "access_level": "Read", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DescribeDetector.html" - }, - "DescribeModelVersions": { - "privilege": "DescribeModelVersions", - "description": "Grants permission to get all of the model versions for the specified model type or for the specified model type and model ID. You can also get details for a single, specified model version", - "access_level": "Read", - "resource_types": { - "model-version": { - "resource_type": "model-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DescribeModelVersions.html" - }, - "GetBatchImportJobValidationReport": { - "privilege": "GetBatchImportJobValidationReport", - "description": "Grants permission to get the data validation report of a specific batch import job", - "access_level": "Read", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/ug/prepare-storage-event-data.html#smart-data-validation" - }, - "GetBatchImportJobs": { - "privilege": "GetBatchImportJobs", - "description": "Grants permission to get all batch import jobs or a specific job if you specify a job ID", - "access_level": "List", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetBatchImportJobs.html" - }, - "GetBatchPredictionJobs": { - "privilege": "GetBatchPredictionJobs", - "description": "Grants permission to get all batch prediction jobs or a specific job if you specify a job ID. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 50 records per page. If you provide a maxResults, the value must be between 1 and 50. To get the next page results, provide the pagination token from the GetBatchPredictionJobsResponse as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "batch-prediction": { - "resource_type": "batch-prediction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetBatchPredictionJobs.html" - }, - "GetDeleteEventsByEventTypeStatus": { - "privilege": "GetDeleteEventsByEventTypeStatus", - "description": "Grants permission to get a specific event type DeleteEventsByEventType API execution status", - "access_level": "Read", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetDeleteEventsByEventTypeStatus.html" - }, - "GetDetectorVersion": { - "privilege": "GetDetectorVersion", - "description": "Grants permission to get a particular detector version", - "access_level": "Read", - "resource_types": { - "detector-version": { - "resource_type": "detector-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetDetectorVersion.html" - }, - "GetDetectors": { - "privilege": "GetDetectors", - "description": "Grants permission to get all detectors or a single detector if a detectorId is specified. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetDetectorsResponse as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetDetectors.html" - }, - "GetEntityTypes": { - "privilege": "GetEntityTypes", - "description": "Grants permission to get all entity types or a specific entity type if a name is specified. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetEntityTypesResponse as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "entity-type": { - "resource_type": "entity-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEntityTypes.html" - }, - "GetEvent": { - "privilege": "GetEvent", - "description": "Grants permission to get the details of the specified event", - "access_level": "Read", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEvent.html" - }, - "GetEventPrediction": { - "privilege": "GetEventPrediction", - "description": "Grants permission to evaluate an event against a detector version. If a version ID is not provided, the detector\u2019s (ACTIVE) version is used", - "access_level": "Read", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "detector-version": { - "resource_type": "detector-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEventPrediction.html" - }, - "GetEventPredictionMetadata": { - "privilege": "GetEventPredictionMetadata", - "description": "Grants permission to get more details of a particular prediction", - "access_level": "Read", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "detector-version": { - "resource_type": "detector-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEventPredictionMetadata.html" - }, - "GetEventTypes": { - "privilege": "GetEventTypes", - "description": "Grants permission to get all event types or a specific event type if name is provided. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetEventTypesResponse as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEventTypes.html" - }, - "GetExternalModels": { - "privilege": "GetExternalModels", - "description": "Grants permission to get the details for one or more Amazon SageMaker models that have been imported into the service. This is a paginated API. If you provide a null maxResults, this actions retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetExternalModelsResult as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "external-model": { - "resource_type": "external-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetExternalModels.html" - }, - "GetKMSEncryptionKey": { - "privilege": "GetKMSEncryptionKey", - "description": "Grants permission to get the encryption key if a Key Management Service (KMS) customer master key (CMK) has been specified to be used to encrypt content in Amazon Fraud Detector", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetKMSEncryptionKey.html" - }, - "GetLabels": { - "privilege": "GetLabels", - "description": "Grants permission to get all labels or a specific label if name is provided. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 50 records per page. If you provide a maxResults, the value must be between 10 and 50. To get the next page results, provide the pagination token from the GetGetLabelsResponse as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "label": { - "resource_type": "label", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetLabels.html" - }, - "GetListElements": { - "privilege": "GetListElements", - "description": "Grants permission to get elements of a list", - "access_level": "Read", - "resource_types": { - "list": { - "resource_type": "list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetListElements.html" - }, - "GetListsMetadata": { - "privilege": "GetListsMetadata", - "description": "Grants permission to get metadata about lists", - "access_level": "List", - "resource_types": { - "list": { - "resource_type": "list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetListsMetadata.html" - }, - "GetModelVersion": { - "privilege": "GetModelVersion", - "description": "Grants permission to get the details of the specified model version", - "access_level": "Read", - "resource_types": { - "model-version": { - "resource_type": "model-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetModelVersion.html" - }, - "GetModels": { - "privilege": "GetModels", - "description": "Grants permission to get one or more models. Gets all models for the AWS account if no model type and no model id provided. Gets all models for the AWS account and model type, if the model type is specified but model id is not provided. Gets a specific model if (model type, model id) tuple is specified", - "access_level": "List", - "resource_types": { - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetModels.html" - }, - "GetOutcomes": { - "privilege": "GetOutcomes", - "description": "Grants permission to get one or more outcomes. This is a paginated API. If you provide a null maxResults, this actions retrieves a maximum of 100 records per page. If you provide a maxResults, the value must be between 50 and 100. To get the next page results, provide the pagination token from the GetOutcomesResult as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "outcome": { - "resource_type": "outcome", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetOutcomes.html" - }, - "GetRules": { - "privilege": "GetRules", - "description": "Grants permission to get all rules for a detector (paginated) if ruleId and ruleVersion are not specified. Gets all rules for the detector and the ruleId if present (paginated). Gets a specific rule if both the ruleId and the ruleVersion are specified", - "access_level": "List", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetRules.html" - }, - "GetVariables": { - "privilege": "GetVariables", - "description": "Grants permission to get all of the variables or the specific variable. This is a paginated API. Providing null maxSizePerPage results in retrieving maximum of 100 records per page. If you provide maxSizePerPage the value must be between 50 and 100. To get the next page result, a provide a pagination token from GetVariablesResult as part of your request. Null pagination token fetches the records from the beginning", - "access_level": "List", - "resource_types": { - "variable": { - "resource_type": "variable", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetVariables.html" - }, - "ListEventPredictions": { - "privilege": "ListEventPredictions", - "description": "Grants permission to get a list of past predictions", - "access_level": "List", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detector-version": { - "resource_type": "detector-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_ListEventPredictions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags associated with the resource. This is a paginated API. To get the next page results, provide the pagination token from the response as part of your request. A null pagination token fetches the records from the beginning", - "access_level": "Read", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "batch-prediction": { - "resource_type": "batch-prediction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detector-version": { - "resource_type": "detector-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-type": { - "resource_type": "entity-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "external-model": { - "resource_type": "external-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "label": { - "resource_type": "label", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "list": { - "resource_type": "list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model-version": { - "resource_type": "model-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "outcome": { - "resource_type": "outcome", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "variable": { - "resource_type": "variable", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_ListTagsForResource.html" - }, - "PutDetector": { - "privilege": "PutDetector", - "description": "Grants permission to create or update a detector", - "access_level": "Write", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutDetector.html" - }, - "PutEntityType": { - "privilege": "PutEntityType", - "description": "Grants permission to create or update an entity type. An entity represents who is performing the event. As part of a fraud prediction, you pass the entity ID to indicate the specific entity who performed the event. An entity type classifies the entity. Example classifications include customer, merchant, or account", - "access_level": "Write", - "resource_types": { - "entity-type": { - "resource_type": "entity-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutEntityType.html" - }, - "PutEventType": { - "privilege": "PutEventType", - "description": "Grants permission to create or update an event type. An event is a business activity that is evaluated for fraud risk. With Amazon Fraud Detector, you generate fraud predictions for events. An event type defines the structure for an event sent to Amazon Fraud Detector. This includes the variables sent as part of the event, the entity performing the event (such as a customer), and the labels that classify the event. Example event types include online payment transactions, account registrations, and authentications", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutEventType.html" - }, - "PutExternalModel": { - "privilege": "PutExternalModel", - "description": "Grants permission to create or update an Amazon SageMaker model endpoint. You can also use this action to update the configuration of the model endpoint, including the IAM role and/or the mapped variables", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "external-model": { - "resource_type": "external-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutExternalModel.html" - }, - "PutKMSEncryptionKey": { - "privilege": "PutKMSEncryptionKey", - "description": "Grants permission to specify the Key Management Service (KMS) customer master key (CMK) to be used to encrypt content in Amazon Fraud Detector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutKMSEncryptionKey.html" - }, - "PutLabel": { - "privilege": "PutLabel", - "description": "Grants permission to create or update label. A label classifies an event as fraudulent or legitimate. Labels are associated with event types and used to train supervised machine learning models in Amazon Fraud Detector", - "access_level": "Write", - "resource_types": { - "label": { - "resource_type": "label", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutLabel.html" - }, - "PutOutcome": { - "privilege": "PutOutcome", - "description": "Grants permission to create or update an outcome", - "access_level": "Write", - "resource_types": { - "outcome": { - "resource_type": "outcome", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutOutcome.html" - }, - "SendEvent": { - "privilege": "SendEvent", - "description": "Grants permission to send event", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_SendEvent.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign tags to a resource", - "access_level": "Tagging", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "batch-prediction": { - "resource_type": "batch-prediction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detector-version": { - "resource_type": "detector-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-type": { - "resource_type": "entity-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "external-model": { - "resource_type": "external-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "label": { - "resource_type": "label", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "list": { - "resource_type": "list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model-version": { - "resource_type": "model-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "outcome": { - "resource_type": "outcome", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "variable": { - "resource_type": "variable", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "batch-import": { - "resource_type": "batch-import", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "batch-prediction": { - "resource_type": "batch-prediction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detector-version": { - "resource_type": "detector-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity-type": { - "resource_type": "entity-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "event-type": { - "resource_type": "event-type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "external-model": { - "resource_type": "external-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "label": { - "resource_type": "label", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "list": { - "resource_type": "list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model-version": { - "resource_type": "model-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "outcome": { - "resource_type": "outcome", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "variable": { - "resource_type": "variable", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UntagResource.html" - }, - "UpdateDetectorVersion": { - "privilege": "UpdateDetectorVersion", - "description": "Grants permission to update a detector version. The detector version attributes that you can update include models, external model endpoints, rules, rule execution mode, and description. You can only update a DRAFT detector version", - "access_level": "Write", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "external-model": { - "resource_type": "external-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model-version": { - "resource_type": "model-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateDetectorVersion.html" - }, - "UpdateDetectorVersionMetadata": { - "privilege": "UpdateDetectorVersionMetadata", - "description": "Grants permission to update the detector version's description. You can update the metadata for any detector version (DRAFT, ACTIVE, or INACTIVE)", - "access_level": "Write", - "resource_types": { - "detector-version": { - "resource_type": "detector-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateDetectorVersionMetadata.html" - }, - "UpdateDetectorVersionStatus": { - "privilege": "UpdateDetectorVersionStatus", - "description": "Grants permission to update the detector version\u2019s status. You can perform the following promotions or demotions using UpdateDetectorVersionStatus: DRAFT to ACTIVE, ACTIVE to INACTIVE, and INACTIVE to ACTIVE", - "access_level": "Write", - "resource_types": { - "detector-version": { - "resource_type": "detector-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateDetectorVersionStatus.html" - }, - "UpdateEventLabel": { - "privilege": "UpdateEventLabel", - "description": "Grants permission to update an existing event record's label value", - "access_level": "Write", - "resource_types": { - "event-type": { - "resource_type": "event-type", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateEventLabel.html" - }, - "UpdateList": { - "privilege": "UpdateList", - "description": "Grants permission to update a list", - "access_level": "Write", - "resource_types": { - "list": { - "resource_type": "list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateList.html" - }, - "UpdateModel": { - "privilege": "UpdateModel", - "description": "Grants permission to update a model. You can update the description attribute using this action", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateModel.html" - }, - "UpdateModelVersion": { - "privilege": "UpdateModelVersion", - "description": "Grants permission to update a model version. Updating a model version retrains an existing model version using updated training data and produces a new minor version of the model. You can update the training data set location and data access role attributes using this action. This action creates and trains a new minor version of the model, for example version 1.01, 1.02, 1.03", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateModelVersion.html" - }, - "UpdateModelVersionStatus": { - "privilege": "UpdateModelVersionStatus", - "description": "Grants permission to update the status of a model version", - "access_level": "Write", - "resource_types": { - "model-version": { - "resource_type": "model-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateModelVersionStatus.html" - }, - "UpdateRuleMetadata": { - "privilege": "UpdateRuleMetadata", - "description": "Grants permission to update a rule's metadata. The description attribute can be updated", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateRuleMetadata.html" - }, - "UpdateRuleVersion": { - "privilege": "UpdateRuleVersion", - "description": "Grants permission to update a rule version resulting in a new rule version. Updates a rule version resulting in a new rule version (version 1, 2, 3 ...)", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateRuleVersion.html" - }, - "UpdateVariable": { - "privilege": "UpdateVariable", - "description": "Grants permission to update a variable", - "access_level": "Write", - "resource_types": { - "variable": { - "resource_type": "variable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateVariable.html" - } - }, - "resources": { - "batch-prediction": { - "resource": "batch-prediction", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:batch-prediction/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "detector": { - "resource": "detector", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:detector/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "detector-version": { - "resource": "detector-version", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:detector-version/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "entity-type": { - "resource": "entity-type", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:entity-type/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "external-model": { - "resource": "external-model", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:external-model/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "event-type": { - "resource": "event-type", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:event-type/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "label": { - "resource": "label", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:label/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "model": { - "resource": "model", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:model/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "model-version": { - "resource": "model-version", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:model-version/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "outcome": { - "resource": "outcome", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:outcome/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "rule": { - "resource": "rule", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:rule/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "variable": { - "resource": "variable", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:variable/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "batch-import": { - "resource": "batch-import", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:batch-import/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "list": { - "resource": "list", - "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:list/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "freertos": { - "service_name": "Amazon FreeRTOS", - "prefix": "freertos", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfreertos.html", - "privileges": { - "CreateSoftwareConfiguration": { - "privilege": "CreateSoftwareConfiguration", - "description": "Grants permission to create a software configuration", - "access_level": "Write", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "CreateSubscription": { - "privilege": "CreateSubscription", - "description": "Grants permission to create a subscription for FreeRTOS extended maintenance plan (EMP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "DeleteSoftwareConfiguration": { - "privilege": "DeleteSoftwareConfiguration", - "description": "Grants permission to delete the software configuration", - "access_level": "Write", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "DescribeHardwarePlatform": { - "privilege": "DescribeHardwarePlatform", - "description": "Grants permission to describe the hardware platform", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "DescribeSoftwareConfiguration": { - "privilege": "DescribeSoftwareConfiguration", - "description": "Grants permission to describe the software configuration", - "access_level": "Read", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "DescribeSubscription": { - "privilege": "DescribeSubscription", - "description": "Grants permission to describes the subscription for FreeRTOS extended maintenance plan (EMP)", - "access_level": "Read", - "resource_types": { - "subscription": { - "resource_type": "subscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "GetEmpPatchUrl": { - "privilege": "GetEmpPatchUrl", - "description": "Grants permission to get URL for sotware patch-release, patch-diff and release notes under FreeRTOS extended maintenance plan (EMP)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "GetSoftwareURL": { - "privilege": "GetSoftwareURL", - "description": "Grants permission to get the URL for Amazon FreeRTOS software download", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "GetSoftwareURLForConfiguration": { - "privilege": "GetSoftwareURLForConfiguration", - "description": "Grants permission to get the URL for Amazon FreeRTOS software download based on the configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "GetSubscriptionBillingAmount": { - "privilege": "GetSubscriptionBillingAmount", - "description": "Grants permission to fetch the subscription billing amount for FreeRTOS extended maintenance plan (EMP)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "ListFreeRTOSVersions": { - "privilege": "ListFreeRTOSVersions", - "description": "Grants permission to lists versions of AmazonFreeRTOS", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "ListHardwarePlatforms": { - "privilege": "ListHardwarePlatforms", - "description": "Grants permission to list the hardware platforms", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "ListHardwareVendors": { - "privilege": "ListHardwareVendors", - "description": "Grants permission to list the hardware vendors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "ListSoftwareConfigurations": { - "privilege": "ListSoftwareConfigurations", - "description": "Grants permission to lists the software configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "ListSoftwarePatches": { - "privilege": "ListSoftwarePatches", - "description": "Grants permission to list software patches of subscription for FreeRTOS extended maintenance plan (EMP)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "ListSubscriptionEmails": { - "privilege": "ListSubscriptionEmails", - "description": "Grants permission to list the subscription emails for FreeRTOS extended maintenance plan (EMP)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "ListSubscriptions": { - "privilege": "ListSubscriptions", - "description": "Grants permission to list the subscriptions for FreeRTOS extended maintenance plan (EMP)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "UpdateEmailRecipients": { - "privilege": "UpdateEmailRecipients", - "description": "Grants permission to update list of subscription email address for FreeRTOS extended maintenance plan (EMP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - }, - "UpdateSoftwareConfiguration": { - "privilege": "UpdateSoftwareConfiguration", - "description": "Grants permission to update the software configuration", - "access_level": "Write", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" - }, - "VerifyEmail": { - "privilege": "VerifyEmail", - "description": "Grants permission to verify the email for FreeRTOS extended maintenance plan (EMP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" - } - }, - "resources": { - "configuration": { - "resource": "configuration", - "arn": "arn:${Partition}:freertos:${Region}:${Account}:configuration/${ConfigurationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "subscription": { - "resource": "subscription", - "arn": "arn:${Partition}:freertos:${Region}:${Account}:subscription/${SubscriptionID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "A tag key that is present in the request that the user makes to Amazon FreeRTOS", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "The tag key component of a tag attached to an Amazon FreeRTOS resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "The list of all the tag key names associated with the resource in the request", - "type": "ArrayOfString" - } - } - }, - "fsx": { - "service_name": "Amazon FSx", - "prefix": "fsx", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfsx.html", - "privileges": { - "AssociateFileGateway": { - "privilege": "AssociateFileGateway", - "description": "Grants permission to associate a File Gateway instance with an Amazon FSx for Windows File Server file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/filegateway/latest/filefsxw/what-is-file-fsxw.html" - }, - "AssociateFileSystemAliases": { - "privilege": "AssociateFileSystemAliases", - "description": "Grants permission to associate DNS aliases with an Amazon FSx for Windows File Server file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_AssociateFileSystemAliases.html" - }, - "CancelDataRepositoryTask": { - "privilege": "CancelDataRepositoryTask", - "description": "Grants permission to cancel a data repository task", - "access_level": "Write", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CancelDataRepositoryTask.html" - }, - "CopyBackup": { - "privilege": "CopyBackup", - "description": "Grants permission to copy a backup", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopyBackup.html" - }, - "CreateBackup": { - "privilege": "CreateBackup", - "description": "Grants permission to create a new backup of an Amazon FSx file system or an Amazon FSx volume", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateBackup.html" - }, - "CreateDataRepositoryAssociation": { - "privilege": "CreateDataRepositoryAssociation", - "description": "Grants permission to create a new data respository association for an Amazon FSx for Lustre file system", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateDataRepositoryAssociation.html" - }, - "CreateDataRepositoryTask": { - "privilege": "CreateDataRepositoryTask", - "description": "Grants permission to create a new data respository task for an Amazon FSx for Lustre file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateDataRepositoryTask.html" - }, - "CreateFileCache": { - "privilege": "CreateFileCache", - "description": "Grants permission to create a new, empty, Amazon file cache", - "access_level": "Write", - "resource_types": { - "file-cache": { - "resource_type": "file-cache", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "fsx:CreateDataRepositoryAssociation", - "fsx:TagResource", - "logs:CreateLogGroup", - "logs:CreateLogStream", - "logs:PutLogEvents", - "s3:ListBucket" - ] - }, - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [ - "fsx:NfsDataRepositoryEncryptionInTransitEnabled", - "fsx:NfsDataRepositoryAuthenticationEnabled" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileCache.html" - }, - "CreateFileSystem": { - "privilege": "CreateFileSystem", - "description": "Grants permission to create a new, empty, Amazon FSx file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html" - }, - "CreateFileSystemFromBackup": { - "privilege": "CreateFileSystemFromBackup", - "description": "Grants permission to create a new Amazon FSx file system from an existing backup", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to create a new snapshot on a volume", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateSnapshot.html" - }, - "CreateStorageVirtualMachine": { - "privilege": "CreateStorageVirtualMachine", - "description": "Grants permission to create a new storage virtual machine in an Amazon FSx for Ontap file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "storage-virtual-machine": { - "resource_type": "storage-virtual-machine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateStorageVirtualMachine.html" - }, - "CreateVolume": { - "privilege": "CreateVolume", - "description": "Grants permission to create a new volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "fsx:StorageVirtualMachineId", - "fsx:ParentVolumeId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateVolume.html" - }, - "CreateVolumeFromBackup": { - "privilege": "CreateVolumeFromBackup", - "description": "Grants permission to create a new volume from backup", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "storage-virtual-machine": { - "resource_type": "storage-virtual-machine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "fsx:StorageVirtualMachineId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateVolumeFromBackup.html" - }, - "DeleteBackup": { - "privilege": "DeleteBackup", - "description": "Grants permission to delete a backup, deleting its contents. After deletion, the backup no longer exists, and its data is no longer available", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteBackup.html" - }, - "DeleteDataRepositoryAssociation": { - "privilege": "DeleteDataRepositoryAssociation", - "description": "Grants permission to delete a data repository association", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteDataRepositoryAssociation.html" - }, - "DeleteFileCache": { - "privilege": "DeleteFileCache", - "description": "Grants permission to delete a file cache, deleting its contents", - "access_level": "Write", - "resource_types": { - "file-cache": { - "resource_type": "file-cache", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:DeleteDataRepositoryAssociation" - ] - }, - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteFileCache.html" - }, - "DeleteFileSystem": { - "privilege": "DeleteFileSystem", - "description": "Grants permission to delete a file system, deleting its contents and any existing automatic backups of the file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:CreateBackup", - "fsx:TagResource" - ] - }, - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteFileSystem.html" - }, - "DeleteSnapshot": { - "privilege": "DeleteSnapshot", - "description": "Grants permission to delete a snapshot on a volume", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteSnapshot.html" - }, - "DeleteStorageVirtualMachine": { - "privilege": "DeleteStorageVirtualMachine", - "description": "Grants permission to delete a storage virtual machine, deleting its contents", - "access_level": "Write", - "resource_types": { - "storage-virtual-machine": { - "resource_type": "storage-virtual-machine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteStorageVirtualMachine.html" - }, - "DeleteVolume": { - "privilege": "DeleteVolume", - "description": "Grants permission to delete a volume, deleting its contents and any existing automatic backups of the volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "fsx:TagResource" - ] - }, - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "fsx:StorageVirtualMachineId", - "fsx:ParentVolumeId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteVolume.html" - }, - "DescribeAssociatedFileGateways": { - "privilege": "DescribeAssociatedFileGateways", - "description": "Grants permission to describe the File Gateway instances associated with an Amazon FSx for Windows File Server file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/filegateway/latest/filefsxw/what-is-file-fsxw.html" - }, - "DescribeBackups": { - "privilege": "DescribeBackups", - "description": "Grants permission to return the descriptions of all backups owned by your AWS account in the AWS Region of the endpoint that you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeBackups.html" - }, - "DescribeDataRepositoryAssociations": { - "privilege": "DescribeDataRepositoryAssociations", - "description": "Grants permission to return the descriptions of all data repository associations owned by your AWS account in the AWS Region of the endpoint that you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeDataRepositoryAssociations.html" - }, - "DescribeDataRepositoryTasks": { - "privilege": "DescribeDataRepositoryTasks", - "description": "Grants permission to return the descriptions of all data repository tasks owned by your AWS account in the AWS Region of the endpoint that you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeDataRepositoryTasks.html" - }, - "DescribeFileCaches": { - "privilege": "DescribeFileCaches", - "description": "Grants permission to return the descriptions of all file caches owned by your AWS account in the AWS Region of the endpoint that you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileCaches.html" - }, - "DescribeFileSystemAliases": { - "privilege": "DescribeFileSystemAliases", - "description": "Grants permission to return the description of all DNS aliases owned by your Amazon FSx for Windows File Server file system", - "access_level": "Read", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileSystemAliases.html" - }, - "DescribeFileSystems": { - "privilege": "DescribeFileSystems", - "description": "Grants permission to return the descriptions of all file systems owned by your AWS account in the AWS Region of the endpoint that you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileSystems.html" - }, - "DescribeSnapshots": { - "privilege": "DescribeSnapshots", - "description": "Grants permission to return the descriptions of all snapshots owned by your AWS account in the AWS Region of the endpoint you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeSnapshots.html" - }, - "DescribeStorageVirtualMachines": { - "privilege": "DescribeStorageVirtualMachines", - "description": "Grants permission to return the descriptions of all storage virtual machines owned by your AWS account in the AWS Region of the endpoint that you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeStorageVirtualMachines.html" - }, - "DescribeVolumes": { - "privilege": "DescribeVolumes", - "description": "Grants permission to return the descriptions of all volumes owned by your AWS account in the AWS Region of the endpoint that you're calling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeVolumes.html" - }, - "DisassociateFileGateway": { - "privilege": "DisassociateFileGateway", - "description": "Grants permission to disassociate a File Gateway instance from an Amazon FSx for Windows File Server file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/filegateway/latest/filefsxw/what-is-file-fsxw.html" - }, - "DisassociateFileSystemAliases": { - "privilege": "DisassociateFileSystemAliases", - "description": "Grants permission to disassociate file system aliases with an Amazon FSx for Windows File Server file system", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DisassociateFileSystemAliases.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an Amazon FSx resource", - "access_level": "Read", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-cache": { - "resource_type": "file-cache", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "storage-virtual-machine": { - "resource_type": "storage-virtual-machine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_ListTagsForResource.html" - }, - "ManageBackupPrincipalAssociations": { - "privilege": "ManageBackupPrincipalAssociations", - "description": "Grants permission to manage backup principal associations through AWS Backup", - "access_level": "Permissions management", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopyBackup.html" - }, - "ReleaseFileSystemNfsV3Locks": { - "privilege": "ReleaseFileSystemNfsV3Locks", - "description": "Grants permission to release file system NFS V3 locks", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_ReleaseFileSystemNfsV3Locks.html" - }, - "RestoreVolumeFromSnapshot": { - "privilege": "RestoreVolumeFromSnapshot", - "description": "Grants permission to restore volume state from a snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_RestoreVolumeFromSnapshot.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon FSx resource", - "access_level": "Tagging", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-cache": { - "resource_type": "file-cache", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "storage-virtual-machine": { - "resource_type": "storage-virtual-machine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an Amazon FSx resource", - "access_level": "Tagging", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-cache": { - "resource_type": "file-cache", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "file-system": { - "resource_type": "file-system", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "storage-virtual-machine": { - "resource_type": "storage-virtual-machine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UntagResource.html" - }, - "UpdateDataRepositoryAssociation": { - "privilege": "UpdateDataRepositoryAssociation", - "description": "Grants permission to update data repository association configuration", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateDataRepositoryAssociation.html" - }, - "UpdateFileCache": { - "privilege": "UpdateFileCache", - "description": "Grants permission to update file cache configuration", - "access_level": "Write", - "resource_types": { - "file-cache": { - "resource_type": "file-cache", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileCache.html" - }, - "UpdateFileSystem": { - "privilege": "UpdateFileSystem", - "description": "Grants permission to update file system configuration", - "access_level": "Write", - "resource_types": { - "file-system": { - "resource_type": "file-system", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html" - }, - "UpdateSnapshot": { - "privilege": "UpdateSnapshot", - "description": "Grants permission to update snapshot configuration", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateSnapshot.html" - }, - "UpdateStorageVirtualMachine": { - "privilege": "UpdateStorageVirtualMachine", - "description": "Grants permission to update storage virtual machine configuration", - "access_level": "Write", - "resource_types": { - "storage-virtual-machine": { - "resource_type": "storage-virtual-machine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateStorageVirtualMachine.html" - }, - "UpdateVolume": { - "privilege": "UpdateVolume", - "description": "Grants permission to update volume configuration", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "fsx:StorageVirtualMachineId", - "fsx:ParentVolumeId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateVolume.html" - } - }, - "resources": { - "file-system": { - "resource": "file-system", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:file-system/${FileSystemId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "file-cache": { - "resource": "file-cache", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:file-cache/${FileCacheId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "backup": { - "resource": "backup", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:backup/${BackupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "storage-virtual-machine": { - "resource": "storage-virtual-machine", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:storage-virtual-machine/${FileSystemId}/${StorageVirtualMachineId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "task": { - "resource": "task", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:task/${TaskId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "association": { - "resource": "association", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:association/${FileSystemIdOrFileCacheId}/${DataRepositoryAssociationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "volume": { - "resource": "volume", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:volume/${FileSystemId}/${VolumeId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:fsx:${Region}:${Account}:snapshot/${VolumeId}/${SnapshotId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "fsx:IsBackupCopyDestination": { - "condition": "fsx:IsBackupCopyDestination", - "description": "Filters access by whether the backup is a destination backup for a CopyBackup operation", - "type": "Bool" - }, - "fsx:IsBackupCopySource": { - "condition": "fsx:IsBackupCopySource", - "description": "Filters access by whether the backup is a source backup for a CopyBackup operation", - "type": "Bool" - }, - "fsx:NfsDataRepositoryAuthenticationEnabled": { - "condition": "fsx:NfsDataRepositoryAuthenticationEnabled", - "description": "Filters access by NFS data repositories which support authentication", - "type": "Bool" - }, - "fsx:NfsDataRepositoryEncryptionInTransitEnabled": { - "condition": "fsx:NfsDataRepositoryEncryptionInTransitEnabled", - "description": "Filters access by NFS data repositories which support encryption-in-transit", - "type": "Bool" - }, - "fsx:ParentVolumeId": { - "condition": "fsx:ParentVolumeId", - "description": "Filters access by the containing parent volume for mutating volume operations", - "type": "String" - }, - "fsx:StorageVirtualMachineId": { - "condition": "fsx:StorageVirtualMachineId", - "description": "Filters access by the containing storage virtual machine for a volume for mutating volume operations", - "type": "String" - } - } - }, - "gamelift": { - "service_name": "Amazon GameLift", - "prefix": "gamelift", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazongamelift.html", - "privileges": { - "AcceptMatch": { - "privilege": "AcceptMatch", - "description": "Grants permission to register player acceptance or rejection of a proposed FlexMatch match", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_AcceptMatch.html" - }, - "ClaimGameServer": { - "privilege": "ClaimGameServer", - "description": "Grants permission to locate and reserve a game server to host a new game session", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ClaimGameServer.html" - }, - "CreateAlias": { - "privilege": "CreateAlias", - "description": "Grants permission to define a new alias for a fleet", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateAlias.html" - }, - "CreateBuild": { - "privilege": "CreateBuild", - "description": "Grants permission to create a new game build using files stored in an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateBuild.html" - }, - "CreateFleet": { - "privilege": "CreateFleet", - "description": "Grants permission to create a new fleet of computing resources to run your game servers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateFleet.html" - }, - "CreateFleetLocations": { - "privilege": "CreateFleetLocations", - "description": "Grants permission to specify additional locations for a fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateFleetLocations.html" - }, - "CreateGameServerGroup": { - "privilege": "CreateGameServerGroup", - "description": "Grants permission to create a new game server group, set up a corresponding Auto Scaling group, and launche instances to host game servers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateGameServerGroup.html" - }, - "CreateGameSession": { - "privilege": "CreateGameSession", - "description": "Grants permission to start a new game session on a specified fleet", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateGameSession.html" - }, - "CreateGameSessionQueue": { - "privilege": "CreateGameSessionQueue", - "description": "Grants permission to set up a new queue for processing game session placement requests", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateGameSessionQueue.html" - }, - "CreateLocation": { - "privilege": "CreateLocation", - "description": "Grants permission to define a new location for a fleet", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateLocation.html" - }, - "CreateMatchmakingConfiguration": { - "privilege": "CreateMatchmakingConfiguration", - "description": "Grants permission to create a new FlexMatch matchmaker", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateMatchmakingConfiguration.html" - }, - "CreateMatchmakingRuleSet": { - "privilege": "CreateMatchmakingRuleSet", - "description": "Grants permission to create a new matchmaking rule set for FlexMatch", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateMatchmakingRuleSet.html" - }, - "CreatePlayerSession": { - "privilege": "CreatePlayerSession", - "description": "Grants permission to reserve an available game session slot for a player", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreatePlayerSession.html" - }, - "CreatePlayerSessions": { - "privilege": "CreatePlayerSessions", - "description": "Grants permission to reserve available game session slots for multiple players", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreatePlayerSessions.html" - }, - "CreateScript": { - "privilege": "CreateScript", - "description": "Grants permission to create a new Realtime Servers script", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateScript.html" - }, - "CreateVpcPeeringAuthorization": { - "privilege": "CreateVpcPeeringAuthorization", - "description": "Grants permission to allow GameLift to create or delete a peering connection between a GameLift fleet VPC and a VPC on another AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateVpcPeeringAuthorization.html" - }, - "CreateVpcPeeringConnection": { - "privilege": "CreateVpcPeeringConnection", - "description": "Grants permission to establish a peering connection between your GameLift fleet VPC and a VPC on another account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateVpcPeeringConnection.html" - }, - "DeleteAlias": { - "privilege": "DeleteAlias", - "description": "Grants permission to delete an alias", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteAlias.html" - }, - "DeleteBuild": { - "privilege": "DeleteBuild", - "description": "Grants permission to delete a game build", - "access_level": "Write", - "resource_types": { - "build": { - "resource_type": "build", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteBuild.html" - }, - "DeleteFleet": { - "privilege": "DeleteFleet", - "description": "Grants permission to delete an empty fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteFleet.html" - }, - "DeleteFleetLocations": { - "privilege": "DeleteFleetLocations", - "description": "Grants permission to delete locations for a fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteFleetLocations.html" - }, - "DeleteGameServerGroup": { - "privilege": "DeleteGameServerGroup", - "description": "Grants permission to permanently delete a game server group and terminate FleetIQ activity for the corresponding Auto Scaling group", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteGameServerGroup.html" - }, - "DeleteGameSessionQueue": { - "privilege": "DeleteGameSessionQueue", - "description": "Grants permission to delete an existing game session queue", - "access_level": "Write", - "resource_types": { - "gameSessionQueue": { - "resource_type": "gameSessionQueue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteGameSessionQueue.html" - }, - "DeleteLocation": { - "privilege": "DeleteLocation", - "description": "Grants permission to delete a location", - "access_level": "Write", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteLocation.html" - }, - "DeleteMatchmakingConfiguration": { - "privilege": "DeleteMatchmakingConfiguration", - "description": "Grants permission to delete an existing FlexMatch matchmaker", - "access_level": "Write", - "resource_types": { - "matchmakingConfiguration": { - "resource_type": "matchmakingConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteMatchmakingConfiguration.html" - }, - "DeleteMatchmakingRuleSet": { - "privilege": "DeleteMatchmakingRuleSet", - "description": "Grants permission to delete an existing FlexMatch matchmaking rule set", - "access_level": "Write", - "resource_types": { - "matchmakingRuleSet": { - "resource_type": "matchmakingRuleSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteMatchmakingRuleSet.html" - }, - "DeleteScalingPolicy": { - "privilege": "DeleteScalingPolicy", - "description": "Grants permission to delete a set of auto-scaling rules", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteScalingPolicy.html" - }, - "DeleteScript": { - "privilege": "DeleteScript", - "description": "Grants permission to delete a Realtime Servers script", - "access_level": "Write", - "resource_types": { - "script": { - "resource_type": "script", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteScript.html" - }, - "DeleteVpcPeeringAuthorization": { - "privilege": "DeleteVpcPeeringAuthorization", - "description": "Grants permission to cancel a VPC peering authorization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteVpcPeeringAuthorization.html" - }, - "DeleteVpcPeeringConnection": { - "privilege": "DeleteVpcPeeringConnection", - "description": "Grants permission to remove a peering connection between VPCs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteVpcPeeringConnection.html" - }, - "DeregisterCompute": { - "privilege": "DeregisterCompute", - "description": "Grants permission to deregister a compute against a fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeregisterCompute.html" - }, - "DeregisterGameServer": { - "privilege": "DeregisterGameServer", - "description": "Grants permission to remove a game server from a game server group", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeregisterGameServer.html" - }, - "DescribeAlias": { - "privilege": "DescribeAlias", - "description": "Grants permission to retrieve properties for an alias", - "access_level": "Read", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeAlias.html" - }, - "DescribeBuild": { - "privilege": "DescribeBuild", - "description": "Grants permission to retrieve properties for a game build", - "access_level": "Read", - "resource_types": { - "build": { - "resource_type": "build", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeBuild.html" - }, - "DescribeCompute": { - "privilege": "DescribeCompute", - "description": "Grants permission to retrieve general properties of the compute such as ARN, fleet details, SDK endpoints, and location", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeCompute.html" - }, - "DescribeEC2InstanceLimits": { - "privilege": "DescribeEC2InstanceLimits", - "description": "Grants permission to retrieve the maximum allowed and current usage for EC2 instance types", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeEC2InstanceLimits.html" - }, - "DescribeFleetAttributes": { - "privilege": "DescribeFleetAttributes", - "description": "Grants permission to retrieve general properties, including status, for fleets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetAttributes.html" - }, - "DescribeFleetCapacity": { - "privilege": "DescribeFleetCapacity", - "description": "Grants permission to retrieve the current capacity setting for fleets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html" - }, - "DescribeFleetEvents": { - "privilege": "DescribeFleetEvents", - "description": "Grants permission to retrieve entries from a fleet's event log", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetEvents.html" - }, - "DescribeFleetLocationAttributes": { - "privilege": "DescribeFleetLocationAttributes", - "description": "Grants permission to retrieve general properties, including statuses, for a fleet's locations", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationAttributes.html" - }, - "DescribeFleetLocationCapacity": { - "privilege": "DescribeFleetLocationCapacity", - "description": "Grants permission to retrieve the current capacity setting for a fleet's location", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html" - }, - "DescribeFleetLocationUtilization": { - "privilege": "DescribeFleetLocationUtilization", - "description": "Grants permission to retrieve utilization statistics for fleet's location", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationUtilization.html" - }, - "DescribeFleetPortSettings": { - "privilege": "DescribeFleetPortSettings", - "description": "Grants permission to retrieve the inbound connection permissions for a fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetPortSettings.html" - }, - "DescribeFleetUtilization": { - "privilege": "DescribeFleetUtilization", - "description": "Grants permission to retrieve utilization statistics for fleets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetUtilization.html" - }, - "DescribeGameServer": { - "privilege": "DescribeGameServer", - "description": "Grants permission to retrieve properties for a game server", - "access_level": "Read", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameServer.html" - }, - "DescribeGameServerGroup": { - "privilege": "DescribeGameServerGroup", - "description": "Grants permission to retrieve properties for a game server group", - "access_level": "Read", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameServerGroup.html" - }, - "DescribeGameServerInstances": { - "privilege": "DescribeGameServerInstances", - "description": "Grants permission to retrieve the status of EC2 instances in a game server group", - "access_level": "Read", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameServerInstances.html" - }, - "DescribeGameSessionDetails": { - "privilege": "DescribeGameSessionDetails", - "description": "Grants permission to retrieve properties for game sessions in a fleet, including the protection policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessionDetails.html" - }, - "DescribeGameSessionPlacement": { - "privilege": "DescribeGameSessionPlacement", - "description": "Grants permission to retrieve details of a game session placement request", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessionPlacement.html" - }, - "DescribeGameSessionQueues": { - "privilege": "DescribeGameSessionQueues", - "description": "Grants permission to retrieve properties for game session queues", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessionQueues.html" - }, - "DescribeGameSessions": { - "privilege": "DescribeGameSessions", - "description": "Grants permission to retrieve properties for game sessions in a fleet", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessions.html" - }, - "DescribeInstances": { - "privilege": "DescribeInstances", - "description": "Grants permission to retrieve information about instances in a fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeInstances.html" - }, - "DescribeMatchmaking": { - "privilege": "DescribeMatchmaking", - "description": "Grants permission to retrieve details of matchmaking tickets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeMatchmaking.html" - }, - "DescribeMatchmakingConfigurations": { - "privilege": "DescribeMatchmakingConfigurations", - "description": "Grants permission to retrieve properties for FlexMatch matchmakers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeMatchmakingConfigurations.html" - }, - "DescribeMatchmakingRuleSets": { - "privilege": "DescribeMatchmakingRuleSets", - "description": "Grants permission to retrieve properties for FlexMatch matchmaking rule sets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeMatchmakingRuleSets.html" - }, - "DescribePlayerSessions": { - "privilege": "DescribePlayerSessions", - "description": "Grants permission to retrieve properties for player sessions in a game session", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribePlayerSessions.html" - }, - "DescribeRuntimeConfiguration": { - "privilege": "DescribeRuntimeConfiguration", - "description": "Grants permission to retrieve the current runtime configuration for a fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeRuntimeConfiguration.html" - }, - "DescribeScalingPolicies": { - "privilege": "DescribeScalingPolicies", - "description": "Grants permission to retrieve all scaling policies that are applied to a fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeScalingPolicies.html" - }, - "DescribeScript": { - "privilege": "DescribeScript", - "description": "Grants permission to retrieve properties for a Realtime Servers script", - "access_level": "Read", - "resource_types": { - "script": { - "resource_type": "script", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeScript.html" - }, - "DescribeVpcPeeringAuthorizations": { - "privilege": "DescribeVpcPeeringAuthorizations", - "description": "Grants permission to retrieve valid VPC peering authorizations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeVpcPeeringAuthorizations.html" - }, - "DescribeVpcPeeringConnections": { - "privilege": "DescribeVpcPeeringConnections", - "description": "Grants permission to retrieve details on active or pending VPC peering connections", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeVpcPeeringConnections.html" - }, - "GetComputeAccess": { - "privilege": "GetComputeAccess", - "description": "Grants permission to retrieve access credentials of the compute", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetComputeAccess.html" - }, - "GetComputeAuthToken": { - "privilege": "GetComputeAuthToken", - "description": "Grants permission to retrieve an authorization token for a compute and fleet to use in game server processes", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetComputeAuthToken.html" - }, - "GetGameSessionLogUrl": { - "privilege": "GetGameSessionLogUrl", - "description": "Grants permission to retrieve the location of stored logs for a game session", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetGameSessionLogUrl.html" - }, - "GetInstanceAccess": { - "privilege": "GetInstanceAccess", - "description": "Grants permission to request remote access to a specified fleet instance", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetInstanceAccess.html" - }, - "ListAliases": { - "privilege": "ListAliases", - "description": "Grants permission to retrieve all aliases that are defined in the current Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListAliases.html" - }, - "ListBuilds": { - "privilege": "ListBuilds", - "description": "Grants permission to retrieve all game build in the current Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListBuilds.html" - }, - "ListCompute": { - "privilege": "ListCompute", - "description": "Grants permission to retrieve all compute resources in the current Region", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListCompute.html" - }, - "ListFleets": { - "privilege": "ListFleets", - "description": "Grants permission to retrieve a list of fleet IDs for all fleets in the current Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListFleets.html" - }, - "ListGameServerGroups": { - "privilege": "ListGameServerGroups", - "description": "Grants permission to retrieve all game server groups that are defined in the current Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListGameServerGroups.html" - }, - "ListGameServers": { - "privilege": "ListGameServers", - "description": "Grants permission to retrieve all game servers that are currently running in a game server group", - "access_level": "List", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListGameServers.html" - }, - "ListLocations": { - "privilege": "ListLocations", - "description": "Grants permission to retrieve all locations in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListLocations.html" - }, - "ListScripts": { - "privilege": "ListScripts", - "description": "Grants permission to retrieve properties for all Realtime Servers scripts in the current region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListScripts.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve tags for GameLift resources", - "access_level": "Read", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "build": { - "resource_type": "build", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gameSessionQueue": { - "resource_type": "gameSessionQueue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "location": { - "resource_type": "location", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "matchmakingConfiguration": { - "resource_type": "matchmakingConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "matchmakingRuleSet": { - "resource_type": "matchmakingRuleSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "script": { - "resource_type": "script", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListTagsForResource.html" - }, - "PutScalingPolicy": { - "privilege": "PutScalingPolicy", - "description": "Grants permission to create or update a fleet auto-scaling policy", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_PutScalingPolicy.html" - }, - "RegisterCompute": { - "privilege": "RegisterCompute", - "description": "Grants permission to register a compute against a fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_RegisterCompute.html" - }, - "RegisterGameServer": { - "privilege": "RegisterGameServer", - "description": "Grants permission to notify GameLift FleetIQ when a new game server is ready to host gameplay", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_RegisterGameServer.html" - }, - "RequestUploadCredentials": { - "privilege": "RequestUploadCredentials", - "description": "Grants permission to retrieve fresh upload credentials to use when uploading a new game build", - "access_level": "Read", - "resource_types": { - "build": { - "resource_type": "build", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_RequestUploadCredentials.html" - }, - "ResolveAlias": { - "privilege": "ResolveAlias", - "description": "Grants permission to retrieve the fleet ID associated with an alias", - "access_level": "Read", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ResolveAlias.html" - }, - "ResumeGameServerGroup": { - "privilege": "ResumeGameServerGroup", - "description": "Grants permission to reinstate suspended FleetIQ activity for a game server group", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ResumeGameServerGroup.html" - }, - "SearchGameSessions": { - "privilege": "SearchGameSessions", - "description": "Grants permission to retrieve game sessions that match a set of search criteria", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_SearchGameSessions.html" - }, - "StartFleetActions": { - "privilege": "StartFleetActions", - "description": "Grants permission to resume auto-scaling activity on a fleet after it was suspended with StopFleetActions()", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartFleetActions.html" - }, - "StartGameSessionPlacement": { - "privilege": "StartGameSessionPlacement", - "description": "Grants permission to send a game session placement request to a game session queue", - "access_level": "Write", - "resource_types": { - "gameSessionQueue": { - "resource_type": "gameSessionQueue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartGameSessionPlacement.html" - }, - "StartMatchBackfill": { - "privilege": "StartMatchBackfill", - "description": "Grants permission to request FlexMatch matchmaking to fill available player slots in an existing game session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartMatchBackfill.html" - }, - "StartMatchmaking": { - "privilege": "StartMatchmaking", - "description": "Grants permission to request FlexMatch matchmaking for one or a group of players and initiate game session placement", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartMatchmaking.html" - }, - "StopFleetActions": { - "privilege": "StopFleetActions", - "description": "Grants permission to suspend auto-scaling activity on a fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StopFleetActions.html" - }, - "StopGameSessionPlacement": { - "privilege": "StopGameSessionPlacement", - "description": "Grants permission to cancel a game session placement request that is in progress", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StopGameSessionPlacement.html" - }, - "StopMatchmaking": { - "privilege": "StopMatchmaking", - "description": "Grants permission to cancel a matchmaking or match backfill request that is in progress", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StopMatchmaking.html" - }, - "SuspendGameServerGroup": { - "privilege": "SuspendGameServerGroup", - "description": "Grants permission to temporarily stop FleetIQ activity for a game server group", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_SuspendGameServerGroup.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag GameLift resources", - "access_level": "Tagging", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "build": { - "resource_type": "build", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gameSessionQueue": { - "resource_type": "gameSessionQueue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "location": { - "resource_type": "location", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "matchmakingConfiguration": { - "resource_type": "matchmakingConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "matchmakingRuleSet": { - "resource_type": "matchmakingRuleSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "script": { - "resource_type": "script", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag GameLift resources", - "access_level": "Tagging", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "build": { - "resource_type": "build", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gameSessionQueue": { - "resource_type": "gameSessionQueue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "location": { - "resource_type": "location", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "matchmakingConfiguration": { - "resource_type": "matchmakingConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "matchmakingRuleSet": { - "resource_type": "matchmakingRuleSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "script": { - "resource_type": "script", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UntagResource.html" - }, - "UpdateAlias": { - "privilege": "UpdateAlias", - "description": "Grants permission to update the properties of an existing alias", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateAlias.html" - }, - "UpdateBuild": { - "privilege": "UpdateBuild", - "description": "Grants permission to update an existing build's metadata", - "access_level": "Write", - "resource_types": { - "build": { - "resource_type": "build", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateBuild.html" - }, - "UpdateFleetAttributes": { - "privilege": "UpdateFleetAttributes", - "description": "Grants permission to update the general properties of an existing fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetAttributes.html" - }, - "UpdateFleetCapacity": { - "privilege": "UpdateFleetCapacity", - "description": "Grants permission to adjust a fleet's capacity settings", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html" - }, - "UpdateFleetPortSettings": { - "privilege": "UpdateFleetPortSettings", - "description": "Grants permission to adjust a fleet's port settings", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings.html" - }, - "UpdateGameServer": { - "privilege": "UpdateGameServer", - "description": "Grants permission to change game server properties, health status, or utilization status", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameServer.html" - }, - "UpdateGameServerGroup": { - "privilege": "UpdateGameServerGroup", - "description": "Grants permission to update properties for game server group, including allowed instance types", - "access_level": "Write", - "resource_types": { - "gameServerGroup": { - "resource_type": "gameServerGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameServerGroup.html" - }, - "UpdateGameSession": { - "privilege": "UpdateGameSession", - "description": "Grants permission to update the properties of an existing game session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSession.html" - }, - "UpdateGameSessionQueue": { - "privilege": "UpdateGameSessionQueue", - "description": "Grants permission to update properties of an existing game session queue", - "access_level": "Write", - "resource_types": { - "gameSessionQueue": { - "resource_type": "gameSessionQueue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSessionQueue.html" - }, - "UpdateMatchmakingConfiguration": { - "privilege": "UpdateMatchmakingConfiguration", - "description": "Grants permission to update properties of an existing FlexMatch matchmaking configuration", - "access_level": "Write", - "resource_types": { - "matchmakingConfiguration": { - "resource_type": "matchmakingConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateMatchmakingConfiguration.html" - }, - "UpdateRuntimeConfiguration": { - "privilege": "UpdateRuntimeConfiguration", - "description": "Grants permission to update how server processes are configured on instances in an existing fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateRuntimeConfiguration.html" - }, - "UpdateScript": { - "privilege": "UpdateScript", - "description": "Grants permission to update the metadata and content of an existing Realtime Servers script", - "access_level": "Write", - "resource_types": { - "script": { - "resource_type": "script", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateScript.html" - }, - "ValidateMatchmakingRuleSet": { - "privilege": "ValidateMatchmakingRuleSet", - "description": "Grants permission to validate the syntax of a FlexMatch matchmaking rule set", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ValidateMatchmakingRuleSet.html" - } - }, - "resources": { - "alias": { - "resource": "alias", - "arn": "arn:${Partition}:gamelift:${Region}::alias/${AliasId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "build": { - "resource": "build", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:build/${BuildId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "fleet": { - "resource": "fleet", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:fleet/${FleetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "gameServerGroup": { - "resource": "gameServerGroup", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:gameservergroup/${GameServerGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "gameSessionQueue": { - "resource": "gameSessionQueue", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:gamesessionqueue/${GameSessionQueueName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "location": { - "resource": "location", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:location/${LocationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "matchmakingConfiguration": { - "resource": "matchmakingConfiguration", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:matchmakingconfiguration/${MatchmakingConfigurationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "matchmakingRuleSet": { - "resource": "matchmakingRuleSet", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:matchmakingruleset/${MatchmakingRuleSetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "script": { - "resource": "script", - "arn": "arn:${Partition}:gamelift:${Region}:${Account}:script/${ScriptId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "gamesparks": { - "service_name": "Amazon GameSparks", - "prefix": "gamesparks", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazongamesparks.html", - "privileges": { - "CreateGame": { - "privilege": "CreateGame", - "description": "Grants permission to create a game", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_CreateGame.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to create a snapshot of a game", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_CreateSnapshot.html" - }, - "CreateStage": { - "privilege": "CreateStage", - "description": "Grants permission to create a stage in a game", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_CreateStage.html" - }, - "DeleteGame": { - "privilege": "DeleteGame", - "description": "Grants permission to delete a game", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_DeleteGame.html" - }, - "DeleteStage": { - "privilege": "DeleteStage", - "description": "Grants permission to delete a stage from a game", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_DeleteStage.html" - }, - "DisconnectPlayer": { - "privilege": "DisconnectPlayer", - "description": "Grants permission to disconnect a player from the game runtime", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_DisconnectPlayer.html" - }, - "ExportSnapshot": { - "privilege": "ExportSnapshot", - "description": "Grants permission to export a snapshot of the game configuration", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ExportSnapshot.html" - }, - "GetExtension": { - "privilege": "GetExtension", - "description": "Grants permission to get details about an extension", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetExtension.html" - }, - "GetExtensionVersion": { - "privilege": "GetExtensionVersion", - "description": "Grants permission to get details about an extension version", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetExtensionVersion.html" - }, - "GetGame": { - "privilege": "GetGame", - "description": "Grants permission to get details about a game", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetGame.html" - }, - "GetGameConfiguration": { - "privilege": "GetGameConfiguration", - "description": "Grants permission to get the configuration for the game", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetGameConfiguration.html" - }, - "GetGeneratedCodeJob": { - "privilege": "GetGeneratedCodeJob", - "description": "Grants permission to get details about a job that is generating code for a snapshot", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetGeneratedCodeJob.html" - }, - "GetPlayerConnectionStatus": { - "privilege": "GetPlayerConnectionStatus", - "description": "Grants permission to get the status of a player connection", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetPlayerConnectionStatus.html" - }, - "GetSnapshot": { - "privilege": "GetSnapshot", - "description": "Grants permission to get a snapshot of the game", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetSnapshot.html" - }, - "GetStage": { - "privilege": "GetStage", - "description": "Grants permission to gets information about a stage", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetStage.html" - }, - "GetStageDeployment": { - "privilege": "GetStageDeployment", - "description": "Grants permission to get information about a stage deployment", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetStageDeployment.html" - }, - "ImportGameConfiguration": { - "privilege": "ImportGameConfiguration", - "description": "Grants permission to import a snapshot of a game configuration", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ImportGameConfiguration.html" - }, - "InvokeBackend": { - "privilege": "InvokeBackend", - "description": "Grants permission to invoke backend services for a specific game", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/dg/security-iam-stage-roles.html" - }, - "ListExtensionVersions": { - "privilege": "ListExtensionVersions", - "description": "Grants permission to list the extension versions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListExtensionVersions.html" - }, - "ListExtensions": { - "privilege": "ListExtensions", - "description": "Grants permission to list the extensions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListExtensions.html" - }, - "ListGames": { - "privilege": "ListGames", - "description": "Grants permission to list the games", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListGames.html" - }, - "ListGeneratedCodeJobs": { - "privilege": "ListGeneratedCodeJobs", - "description": "Grants permission to get a list of code generation jobs for a snapshot", - "access_level": "List", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListGeneratedCodeJobs.html" - }, - "ListSnapshots": { - "privilege": "ListSnapshots", - "description": "Grants permission to get a list of snapshot summaries for a game", - "access_level": "List", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListSnapshots.html" - }, - "ListStageDeployments": { - "privilege": "ListStageDeployments", - "description": "Grants permission to get a list of stage deployment summaries for a game", - "access_level": "List", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListStageDeployments.html" - }, - "ListStages": { - "privilege": "ListStages", - "description": "Grants permission to get a list of stage summaries for a game", - "access_level": "List", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListStages.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags associated with a resource", - "access_level": "Read", - "resource_types": { - "game": { - "resource_type": "game", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListTagsForResource.html" - }, - "StartGeneratedCodeJob": { - "privilege": "StartGeneratedCodeJob", - "description": "Grants permission to start an asynchronous process that generates client code for system-defined and custom messages", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_StartGeneratedCodeJob.html" - }, - "StartStageDeployment": { - "privilege": "StartStageDeployment", - "description": "Grants permission to deploy a snapshot to a stage and creates a new game runtime", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_StartStageDeployment.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to adds tags to a resource", - "access_level": "Tagging", - "resource_types": { - "game": { - "resource_type": "game", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "game": { - "resource_type": "game", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UntagResource.html" - }, - "UpdateGame": { - "privilege": "UpdateGame", - "description": "Grants permission to change the metadata of a game", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateGame.html" - }, - "UpdateGameConfiguration": { - "privilege": "UpdateGameConfiguration", - "description": "Grants permission to change the working copy of the game configuration", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateGameConfiguration.html" - }, - "UpdateSnapshot": { - "privilege": "UpdateSnapshot", - "description": "Grants permission to update the metadata of a snapshot", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateSnapshot.html" - }, - "UpdateStage": { - "privilege": "UpdateStage", - "description": "Grants permission to update the metadata of a stage", - "access_level": "Write", - "resource_types": { - "game": { - "resource_type": "game", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateStage.html" - } - }, - "resources": { - "game": { - "resource": "game", - "arn": "arn:${Partition}:gamesparks:${Region}:${Account}:game/${GameId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stage": { - "resource": "stage", - "arn": "arn:${Partition}:gamesparks:${Region}:${Account}:game/${GameId}/stage/${StageName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "glacier": { - "service_name": "Amazon Glacier", - "prefix": "glacier", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonglacier.html", - "privileges": { - "AbortMultipartUpload": { - "privilege": "AbortMultipartUpload", - "description": "Grants permission to abort a multipart upload identified by the upload ID", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-abort-upload.html" - }, - "AbortVaultLock": { - "privilege": "AbortVaultLock", - "description": "Grants permission to abort the vault locking process if the vault lock is not in the Locked state", - "access_level": "Permissions management", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-AbortVaultLock.html" - }, - "AddTagsToVault": { - "privilege": "AddTagsToVault", - "description": "Grants permission to add the specified tags to a vault", - "access_level": "Tagging", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-AddTagsToVault.html" - }, - "CompleteMultipartUpload": { - "privilege": "CompleteMultipartUpload", - "description": "Grants permission to complete a multipart upload process", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-complete-upload.html" - }, - "CompleteVaultLock": { - "privilege": "CompleteVaultLock", - "description": "Grants permission to complete the vault locking process", - "access_level": "Permissions management", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-CompleteVaultLock.html" - }, - "CreateVault": { - "privilege": "CreateVault", - "description": "Grants permission to create a new vault with the specified name", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-put.html" - }, - "DeleteArchive": { - "privilege": "DeleteArchive", - "description": "Grants permission to delete an archive from a vault", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "glacier:ArchiveAgeInDays" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-archive-delete.html" - }, - "DeleteVault": { - "privilege": "DeleteVault", - "description": "Grants permission to delete a vault", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-delete.html" - }, - "DeleteVaultAccessPolicy": { - "privilege": "DeleteVaultAccessPolicy", - "description": "Grants permission to delete the access policy associated with the specified vault", - "access_level": "Permissions management", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-DeleteVaultAccessPolicy.html" - }, - "DeleteVaultNotifications": { - "privilege": "DeleteVaultNotifications", - "description": "Grants permission to delete the notification configuration set for a vault", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-notifications-delete.html" - }, - "DescribeJob": { - "privilege": "DescribeJob", - "description": "Grants permission to get information about a job previously initiated", - "access_level": "Read", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-describe-job-get.html" - }, - "DescribeVault": { - "privilege": "DescribeVault", - "description": "Grants permission to get information about a vault", - "access_level": "Read", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-get.html" - }, - "GetDataRetrievalPolicy": { - "privilege": "GetDataRetrievalPolicy", - "description": "Grants permission to get the data retrieval policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-GetDataRetrievalPolicy.html" - }, - "GetJobOutput": { - "privilege": "GetJobOutput", - "description": "Grants permission to download the output of the job specified", - "access_level": "Read", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-job-output-get.html" - }, - "GetVaultAccessPolicy": { - "privilege": "GetVaultAccessPolicy", - "description": "Grants permission to retrieve the access-policy subresource set on the vault", - "access_level": "Read", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-GetVaultAccessPolicy.html" - }, - "GetVaultLock": { - "privilege": "GetVaultLock", - "description": "Grants permission to retrieve attributes from the lock-policy subresource set on the specified vault", - "access_level": "Read", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-GetVaultLock.html" - }, - "GetVaultNotifications": { - "privilege": "GetVaultNotifications", - "description": "Grants permission to retrieve the notification-configuration subresource set on the vault", - "access_level": "Read", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-notifications-get.html" - }, - "InitiateJob": { - "privilege": "InitiateJob", - "description": "Grants permission to initiate a job of the specified type", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "glacier:ArchiveAgeInDays" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-initiate-job-post.html" - }, - "InitiateMultipartUpload": { - "privilege": "InitiateMultipartUpload", - "description": "Grants permission to initiate a multipart upload", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-initiate-upload.html" - }, - "InitiateVaultLock": { - "privilege": "InitiateVaultLock", - "description": "Grants permission to initiate the vault locking process", - "access_level": "Permissions management", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-InitiateVaultLock.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list jobs for a vault that are in-progress and jobs that have recently finished", - "access_level": "List", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-jobs-get.html" - }, - "ListMultipartUploads": { - "privilege": "ListMultipartUploads", - "description": "Grants permission to list in-progress multipart uploads for the specified vault", - "access_level": "List", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-list-uploads.html" - }, - "ListParts": { - "privilege": "ListParts", - "description": "Grants permission to list the parts of an archive that have been uploaded in a specific multipart upload", - "access_level": "List", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-list-parts.html" - }, - "ListProvisionedCapacity": { - "privilege": "ListProvisionedCapacity", - "description": "Grants permission to list the provisioned capacity for the specified AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-ListProvisionedCapacity.html" - }, - "ListTagsForVault": { - "privilege": "ListTagsForVault", - "description": "Grants permission to list all the tags attached to a vault", - "access_level": "List", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-ListTagsForVault.html" - }, - "ListVaults": { - "privilege": "ListVaults", - "description": "Grants permission to list all vaults", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vaults-get.html" - }, - "PurchaseProvisionedCapacity": { - "privilege": "PurchaseProvisionedCapacity", - "description": "Grants permission to purchases a provisioned capacity unit for an AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-PurchaseProvisionedCapacity.html" - }, - "RemoveTagsFromVault": { - "privilege": "RemoveTagsFromVault", - "description": "Grants permission to remove one or more tags from the set of tags attached to a vault", - "access_level": "Tagging", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-RemoveTagsFromVault.html" - }, - "SetDataRetrievalPolicy": { - "privilege": "SetDataRetrievalPolicy", - "description": "Grants permission to set and then enacts a data retrieval policy in the region specified in the PUT request", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-SetDataRetrievalPolicy.html" - }, - "SetVaultAccessPolicy": { - "privilege": "SetVaultAccessPolicy", - "description": "Grants permission to configure an access policy for a vault; will overwrite an existing policy", - "access_level": "Permissions management", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-SetVaultAccessPolicy.html" - }, - "SetVaultNotifications": { - "privilege": "SetVaultNotifications", - "description": "Grants permission to configure vault notifications", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-notifications-put.html" - }, - "UploadArchive": { - "privilege": "UploadArchive", - "description": "Grants permission to upload an archive to a vault", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-archive-post.html" - }, - "UploadMultipartPart": { - "privilege": "UploadMultipartPart", - "description": "Grants permission to upload a part of an archive", - "access_level": "Write", - "resource_types": { - "vault": { - "resource_type": "vault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-upload-part.html" - } - }, - "resources": { - "vault": { - "resource": "vault", - "arn": "arn:${Partition}:glacier:${Region}:${Account}:vaults/${VaultName}", - "condition_keys": [] - } - }, - "conditions": { - "glacier:ArchiveAgeInDays": { - "condition": "glacier:ArchiveAgeInDays", - "description": "Filters access by how long an archive has been stored in the vault, in days", - "type": "String" - }, - "glacier:ResourceTag/": { - "condition": "glacier:ResourceTag/", - "description": "Filters access by a customer-defined tag", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "groundtruthlabeling": { - "service_name": "Amazon GroundTruth Labeling", - "prefix": "groundtruthlabeling", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazongroundtruthlabeling.html", - "privileges": { - "AssociatePatchToManifestJob": { - "privilege": "AssociatePatchToManifestJob", - "description": "Grants permission to associate a patch file with the manifest file to update the manifest file", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" - }, - "DescribeConsoleJob": { - "privilege": "DescribeConsoleJob", - "description": "Grants permission to get status of GroundTruthLabeling Jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" - }, - "ListDatasetObjects": { - "privilege": "ListDatasetObjects", - "description": "Grants permission to list dataset objects in a manifest file", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" - }, - "RunFilterOrSampleDatasetJob": { - "privilege": "RunFilterOrSampleDatasetJob", - "description": "Grants permission to filter records from a manifest file using S3 select. Get sample entries based on random sampling", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-data-filtering" - }, - "RunGenerateManifestByCrawlingJob": { - "privilege": "RunGenerateManifestByCrawlingJob", - "description": "Grants permission to list a S3 prefix and create manifest files from objects in that location", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" - } - }, - "resources": {}, - "conditions": {} - }, - "guardduty": { - "service_name": "Amazon GuardDuty", - "prefix": "guardduty", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonguardduty.html", - "privileges": { - "AcceptAdministratorInvitation": { - "privilege": "AcceptAdministratorInvitation", - "description": "Grants permission to accept invitations to become a GuardDuty member account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptAdministratorInvitation.html" - }, - "AcceptInvitation": { - "privilege": "AcceptInvitation", - "description": "Grants permission to accept invitations to become a GuardDuty member account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptInvitation.html" - }, - "ArchiveFindings": { - "privilege": "ArchiveFindings", - "description": "Grants permission to archive GuardDuty findings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ArchiveFindings.html" - }, - "CreateDetector": { - "privilege": "CreateDetector", - "description": "Grants permission to create a detector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateDetector.html" - }, - "CreateFilter": { - "privilege": "CreateFilter", - "description": "Grants permission to create GuardDuty filters. A filters defines finding attributes and conditions used to filter findings", - "access_level": "Write", - "resource_types": { - "filter": { - "resource_type": "filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateFilter.html" - }, - "CreateIPSet": { - "privilege": "CreateIPSet", - "description": "Grants permission to create an IPSet", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:DeleteRolePolicy", - "iam:PutRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateIPSet.html" - }, - "CreateMembers": { - "privilege": "CreateMembers", - "description": "Grants permission to create GuardDuty member accounts, where the account used to create a member becomes the GuardDuty administrator account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html" - }, - "CreatePublishingDestination": { - "privilege": "CreatePublishingDestination", - "description": "Grants permission to create a publishing destination", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreatePublishingDestination.html" - }, - "CreateSampleFindings": { - "privilege": "CreateSampleFindings", - "description": "Grants permission to create sample findings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateSampleFindings.html" - }, - "CreateThreatIntelSet": { - "privilege": "CreateThreatIntelSet", - "description": "Grants permission to create GuardDuty ThreatIntelSets, where a ThreatIntelSet consists of known malicious IP addresses used by GuardDuty to generate findings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateThreatIntelSet.html" - }, - "DeclineInvitations": { - "privilege": "DeclineInvitations", - "description": "Grants permission to decline invitations to become a GuardDuty member account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeclineInvitations.html" - }, - "DeleteDetector": { - "privilege": "DeleteDetector", - "description": "Grants permission to delete GuardDuty detectors", - "access_level": "Write", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteDetector.html" - }, - "DeleteFilter": { - "privilege": "DeleteFilter", - "description": "Grants permission to delete GuardDuty filters", - "access_level": "Write", - "resource_types": { - "filter": { - "resource_type": "filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteFilter.html" - }, - "DeleteIPSet": { - "privilege": "DeleteIPSet", - "description": "Grants permission to delete GuardDuty IPSets", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteIPSet.html" - }, - "DeleteInvitations": { - "privilege": "DeleteInvitations", - "description": "Grants permission to delete invitations to become a GuardDuty member account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteInvitations.html" - }, - "DeleteMembers": { - "privilege": "DeleteMembers", - "description": "Grants permission to delete GuardDuty member accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html" - }, - "DeletePublishingDestination": { - "privilege": "DeletePublishingDestination", - "description": "Grants permission to delete a publishing destination", - "access_level": "Write", - "resource_types": { - "publishingDestination": { - "resource_type": "publishingDestination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeletePublishingDestination.html" - }, - "DeleteThreatIntelSet": { - "privilege": "DeleteThreatIntelSet", - "description": "Grants permission to delete GuardDuty ThreatIntelSets", - "access_level": "Write", - "resource_types": { - "threatintelset": { - "resource_type": "threatintelset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteThreatIntelSet.html" - }, - "DescribeMalwareScans": { - "privilege": "DescribeMalwareScans", - "description": "Grants permission to retrieve details about malware scans", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeMalwareScans.html" - }, - "DescribeOrganizationConfiguration": { - "privilege": "DescribeOrganizationConfiguration", - "description": "Grants permission to retrieve details about the delegated administrator associated with a GuardDuty detector", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeOrganizationConfiguration.html" - }, - "DescribePublishingDestination": { - "privilege": "DescribePublishingDestination", - "description": "Grants permission to retrieve details about a publishing destination", - "access_level": "Read", - "resource_types": { - "publishingDestination": { - "resource_type": "publishingDestination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribePublishingDestination.html" - }, - "DisableOrganizationAdminAccount": { - "privilege": "DisableOrganizationAdminAccount", - "description": "Grants permission to disable the organization delegated administrator for GuardDuty", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisableOrganizationAdminAccount.html" - }, - "DisassociateFromAdministratorAccount": { - "privilege": "DisassociateFromAdministratorAccount", - "description": "Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromAdministratorAccount.html" - }, - "DisassociateFromMasterAccount": { - "privilege": "DisassociateFromMasterAccount", - "description": "Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromMasterAccount.html" - }, - "DisassociateMembers": { - "privilege": "DisassociateMembers", - "description": "Grants permission to disassociate GuardDuty member accounts from their administrator GuardDuty account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateMembers.html" - }, - "EnableOrganizationAdminAccount": { - "privilege": "EnableOrganizationAdminAccount", - "description": "Grants permission to enable an organization delegated administrator for GuardDuty", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_EnableOrganizationAdminAccount.html" - }, - "GetAdministratorAccount": { - "privilege": "GetAdministratorAccount", - "description": "Grants permission to retrieve details of the GuardDuty administrator account associated with a member account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetAdministratorAccount.html" - }, - "GetCoverageStatistics": { - "privilege": "GetCoverageStatistics", - "description": "Grants permission to list Amazon GuardDuty coverage statistics for the specified GuardDuty account in a Region", - "access_level": "Read", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetCoverageStatistics.html" - }, - "GetDetector": { - "privilege": "GetDetector", - "description": "Grants permission to retrieve GuardDuty detectors", - "access_level": "Read", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetDetector.html" - }, - "GetFilter": { - "privilege": "GetFilter", - "description": "Grants permission to retrieve GuardDuty filters", - "access_level": "Read", - "resource_types": { - "filter": { - "resource_type": "filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFilter.html" - }, - "GetFindings": { - "privilege": "GetFindings", - "description": "Grants permission to retrieve GuardDuty findings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindings.html" - }, - "GetFindingsStatistics": { - "privilege": "GetFindingsStatistics", - "description": "Grants permission to retrieve a list of GuardDuty finding statistics", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindingsStatistics.html" - }, - "GetIPSet": { - "privilege": "GetIPSet", - "description": "Grants permission to retrieve GuardDuty IPSets", - "access_level": "Read", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetIPSet.html" - }, - "GetInvitationsCount": { - "privilege": "GetInvitationsCount", - "description": "Grants permission to retrieve the count of all GuardDuty invitations sent to a specified account, which does not include the accepted invitation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetInvitationsCount.html" - }, - "GetMalwareScanSettings": { - "privilege": "GetMalwareScanSettings", - "description": "Grants permission to retrieve the malware scan settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScanSettings.html" - }, - "GetMasterAccount": { - "privilege": "GetMasterAccount", - "description": "Grants permission to retrieve details of the GuardDuty administrator account associated with a member account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMasterAccount.html" - }, - "GetMemberDetectors": { - "privilege": "GetMemberDetectors", - "description": "Grants permission to describe which data sources are enabled for member accounts detectors", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMemberDetectors.html" - }, - "GetMembers": { - "privilege": "GetMembers", - "description": "Grants permission to retrieve the member accounts associated with an administrator account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMembers.html" - }, - "GetRemainingFreeTrialDays": { - "privilege": "GetRemainingFreeTrialDays", - "description": "Grants permission to provide the number of days left for each data source used in the free trial period", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetRemainingFreeTrialDays.html" - }, - "GetThreatIntelSet": { - "privilege": "GetThreatIntelSet", - "description": "Grants permission to retrieve GuardDuty ThreatIntelSets", - "access_level": "Read", - "resource_types": { - "threatintelset": { - "resource_type": "threatintelset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetThreatIntelSet.html" - }, - "GetUsageStatistics": { - "privilege": "GetUsageStatistics", - "description": "Grants permission to list Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetUsageStatistics.html" - }, - "InviteMembers": { - "privilege": "InviteMembers", - "description": "Grants permission to invite other AWS accounts to enable GuardDuty and become GuardDuty member accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html" - }, - "ListCoverage": { - "privilege": "ListCoverage", - "description": "Grants permission to list all the resource details for a given account in a Region", - "access_level": "List", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListCoverage.html" - }, - "ListDetectors": { - "privilege": "ListDetectors", - "description": "Grants permission to retrieve a list of GuardDuty detectors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html" - }, - "ListFilters": { - "privilege": "ListFilters", - "description": "Grants permission to retrieve a list of GuardDuty filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFilters.html" - }, - "ListFindings": { - "privilege": "ListFindings", - "description": "Grants permission to retrieve a list of GuardDuty findings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFindings.html" - }, - "ListIPSets": { - "privilege": "ListIPSets", - "description": "Grants permission to retrieve a list of GuardDuty IPSets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListIPSets.html" - }, - "ListInvitations": { - "privilege": "ListInvitations", - "description": "Grants permission to retrieve a list of all of the GuardDuty membership invitations that were sent to an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html" - }, - "ListMembers": { - "privilege": "ListMembers", - "description": "Grants permission to retrieve a list of GuardDuty member accounts associated with an administrator account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMembers.html" - }, - "ListOrganizationAdminAccounts": { - "privilege": "ListOrganizationAdminAccounts", - "description": "Grants permission to list details about the organization delegated administrator for GuardDuty", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListOrganizationAdminAccounts.html" - }, - "ListPublishingDestinations": { - "privilege": "ListPublishingDestinations", - "description": "Grants permission to retrieve a list of publishing destinations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListPublishingDestinations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of tags associated with a GuardDuty resource", - "access_level": "Read", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "filter": { - "resource_type": "filter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "threatintelset": { - "resource_type": "threatintelset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListTagsForResource.html" - }, - "ListThreatIntelSets": { - "privilege": "ListThreatIntelSets", - "description": "Grants permission to retrieve a list of GuardDuty ThreatIntelSets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListThreatIntelSets.html" - }, - "SendSecurityTelemetry": { - "privilege": "SendSecurityTelemetry", - "description": "Grants permission to send security telemetry for a specific GuardDuty account in a Region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SendSecurityTelemetry.html" - }, - "StartMalwareScan": { - "privilege": "StartMalwareScan", - "description": "Grants permission to initiate a new malware scan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMalwareScan.html" - }, - "StartMonitoringMembers": { - "privilege": "StartMonitoringMembers", - "description": "Grants permission to a GuardDuty administrator account to monitor findings from GuardDuty member accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMonitoringMembers.html" - }, - "StopMonitoringMembers": { - "privilege": "StopMonitoringMembers", - "description": "Grants permission to disable monitoring findings from member accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a GuardDuty resource", - "access_level": "Tagging", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "filter": { - "resource_type": "filter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "threatintelset": { - "resource_type": "threatintelset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_TagResource.html" - }, - "UnarchiveFindings": { - "privilege": "UnarchiveFindings", - "description": "Grants permission to unarchive GuardDuty findings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UnarchiveFindings.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a GuardDuty resource", - "access_level": "Tagging", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "filter": { - "resource_type": "filter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "threatintelset": { - "resource_type": "threatintelset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UntagResource.html" - }, - "UpdateDetector": { - "privilege": "UpdateDetector", - "description": "Grants permission to update GuardDuty detectors", - "access_level": "Write", - "resource_types": { - "detector": { - "resource_type": "detector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateDetector.html" - }, - "UpdateFilter": { - "privilege": "UpdateFilter", - "description": "Grants permission to updates GuardDuty filters", - "access_level": "Write", - "resource_types": { - "filter": { - "resource_type": "filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFilter.html" - }, - "UpdateFindingsFeedback": { - "privilege": "UpdateFindingsFeedback", - "description": "Grants permission to update findings feedback to mark GuardDuty findings as useful or not useful", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFindingsFeedback.html" - }, - "UpdateIPSet": { - "privilege": "UpdateIPSet", - "description": "Grants permission to update GuardDuty IPSets", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:DeleteRolePolicy", - "iam:PutRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateIPSet.html" - }, - "UpdateMalwareScanSettings": { - "privilege": "UpdateMalwareScanSettings", - "description": "Grants permission to update the malware scan settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareScanSettings.html" - }, - "UpdateMemberDetectors": { - "privilege": "UpdateMemberDetectors", - "description": "Grants permission to update which data sources are enabled for member accounts detectors", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMemberDetectors.html" - }, - "UpdateOrganizationConfiguration": { - "privilege": "UpdateOrganizationConfiguration", - "description": "Grants permission to update the delegated administrator configuration associated with a GuardDuty detector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateOrganizationConfiguration.html" - }, - "UpdatePublishingDestination": { - "privilege": "UpdatePublishingDestination", - "description": "Grants permission to update a publishing destination", - "access_level": "Write", - "resource_types": { - "publishingDestination": { - "resource_type": "publishingDestination", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdatePublishingDestination.html" - }, - "UpdateThreatIntelSet": { - "privilege": "UpdateThreatIntelSet", - "description": "Grants permission to updates the GuardDuty ThreatIntelSets", - "access_level": "Write", - "resource_types": { - "threatintelset": { - "resource_type": "threatintelset", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:DeleteRolePolicy", - "iam:PutRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateThreatIntelSet.html" - } - }, - "resources": { - "detector": { - "resource": "detector", - "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "filter": { - "resource": "filter", - "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/filter/${FilterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ipset": { - "resource": "ipset", - "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/ipset/${IPSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "threatintelset": { - "resource": "threatintelset", - "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/threatintelset/${ThreatIntelSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "publishingDestination": { - "resource": "publishingDestination", - "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/publishingDestination/${PublishingDestinationId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "healthlake": { - "service_name": "Amazon HealthLake", - "prefix": "healthlake", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonhealthlake.html", - "privileges": { - "CreateFHIRDatastore": { - "privilege": "CreateFHIRDatastore", - "description": "Grants permission to create a datastore that can ingest and export FHIR data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_CreateFHIRDatastore.html" - }, - "CreateResource": { - "privilege": "CreateResource", - "description": "Grants permission to create resource", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" - }, - "DeleteFHIRDatastore": { - "privilege": "DeleteFHIRDatastore", - "description": "Grants permission to delete a datastore", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DeleteFHIRDatastore.html" - }, - "DeleteResource": { - "privilege": "DeleteResource", - "description": "Grants permission to delete resource", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" - }, - "DescribeFHIRDatastore": { - "privilege": "DescribeFHIRDatastore", - "description": "Grants permission to get the properties associated with the FHIR datastore, including the datastore ID, datastore ARN, datastore name, datastore status, created at, datastore type version, and datastore endpoint", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DescribeFHIRDatastore.html" - }, - "DescribeFHIRExportJob": { - "privilege": "DescribeFHIRExportJob", - "description": "Grants permission to display the properties of a FHIR export job, including the ID, ARN, name, and the status of the datastore", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DescribeFHIRExportJob.html" - }, - "DescribeFHIRImportJob": { - "privilege": "DescribeFHIRImportJob", - "description": "Grants permission to display the properties of a FHIR import job, including the ID, ARN, name, and the status of the datastore", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DescribeFHIRImportJob.html" - }, - "GetCapabilities": { - "privilege": "GetCapabilities", - "description": "Grants permission to get the capabilities of a FHIR datastore", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" - }, - "ListFHIRDatastores": { - "privilege": "ListFHIRDatastores", - "description": "Grants permission to list all FHIR datastores that are in the user\u2019s account, regardless of datastore status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListFHIRDatastores.html" - }, - "ListFHIRExportJobs": { - "privilege": "ListFHIRExportJobs", - "description": "Grants permission to get a list of export jobs for the specified datastore", - "access_level": "List", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListFHIRExportJobs.html" - }, - "ListFHIRImportJobs": { - "privilege": "ListFHIRImportJobs", - "description": "Grants permission to get a list of import jobs for the specified datastore", - "access_level": "List", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListFHIRImportJobs.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get a list of tags for the specified datastore", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListTagsForResource.html" - }, - "ReadResource": { - "privilege": "ReadResource", - "description": "Grants permission to read resource", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" - }, - "SearchWithGet": { - "privilege": "SearchWithGet", - "description": "Grants permission to search resources with GET method", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/search-healthlake.html" - }, - "SearchWithPost": { - "privilege": "SearchWithPost", - "description": "Grants permission to search resources with POST method", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/search-healthlake.html" - }, - "StartFHIRExportJob": { - "privilege": "StartFHIRExportJob", - "description": "Grants permission to begin a FHIR Export job", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_StartFHIRExportJob.html" - }, - "StartFHIRImportJob": { - "privilege": "StartFHIRImportJob", - "description": "Grants permission to begin a FHIR Import job", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_StartFHIRImportJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a datastore", - "access_level": "Tagging", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags associated with a datastore", - "access_level": "Tagging", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_UntagResource.html" - }, - "UpdateResource": { - "privilege": "UpdateResource", - "description": "Grants permission to update resource", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" - } - }, - "resources": { - "datastore": { - "resource": "datastore", - "arn": "arn:${Partition}:healthlake:${Region}:${AccountId}:datastore/fhir/${DatastoreId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "honeycode": { - "service_name": "Amazon Honeycode", - "prefix": "honeycode", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonhoneycode.html", - "privileges": { - "ApproveTeamAssociation": { - "privilege": "ApproveTeamAssociation", - "description": "Grants permission to approve a team association request for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team-association.html#approve-team-association" - }, - "BatchCreateTableRows": { - "privilege": "BatchCreateTableRows", - "description": "Grants permission to create new rows in a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchCreateTableRows.html" - }, - "BatchDeleteTableRows": { - "privilege": "BatchDeleteTableRows", - "description": "Grants permission to delete rows from a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchDeleteTableRows.html" - }, - "BatchUpdateTableRows": { - "privilege": "BatchUpdateTableRows", - "description": "Grants permission to update rows in a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchUpdateTableRows.html" - }, - "BatchUpsertTableRows": { - "privilege": "BatchUpsertTableRows", - "description": "Grants permission to upsert rows in a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchUpsertTableRows.html" - }, - "CreateTeam": { - "privilege": "CreateTeam", - "description": "Grants permission to create a new Amazon Honeycode team for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team.html#create-team" - }, - "CreateTenant": { - "privilege": "CreateTenant", - "description": "Grants permission to create a new tenant within Amazon Honeycode for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/tenant.html#create-tenant" - }, - "DeleteDomains": { - "privilege": "DeleteDomains", - "description": "Grants permission to delete Amazon Honeycode domains for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#delete-domains" - }, - "DeregisterGroups": { - "privilege": "DeregisterGroups", - "description": "Grants permission to remove groups from an Amazon Honeycode team for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/group.html#deregister-groups" - }, - "DescribeTableDataImportJob": { - "privilege": "DescribeTableDataImportJob", - "description": "Grants permission to get details about a table data import job", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_DescribeTableDataImportJob.html" - }, - "DescribeTeam": { - "privilege": "DescribeTeam", - "description": "Grants permission to get details about Amazon Honeycode teams for your AWS Account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team.html#describe-team" - }, - "GetScreenData": { - "privilege": "GetScreenData", - "description": "Grants permission to load the data from a screen", - "access_level": "Read", - "resource_types": { - "screen": { - "resource_type": "screen", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_GetScreenData.html" - }, - "InvokeScreenAutomation": { - "privilege": "InvokeScreenAutomation", - "description": "Grants permission to invoke a screen automation", - "access_level": "Write", - "resource_types": { - "screen-automation": { - "resource_type": "screen-automation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_InvokeScreenAutomation.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list all Amazon Honeycode domains and their verification status for your AWS Account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#list-domains" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list all groups in an Amazon Honeycode team for your AWS Account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/group.html#list-groups" - }, - "ListTableColumns": { - "privilege": "ListTableColumns", - "description": "Grants permission to list the columns in a table", - "access_level": "List", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTableColumns.html" - }, - "ListTableRows": { - "privilege": "ListTableRows", - "description": "Grants permission to list the rows in a table", - "access_level": "List", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTableRows.html" - }, - "ListTables": { - "privilege": "ListTables", - "description": "Grants permission to list the tables in a workbook", - "access_level": "List", - "resource_types": { - "workbook": { - "resource_type": "workbook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTables.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTagsForResource.html" - }, - "ListTeamAssociations": { - "privilege": "ListTeamAssociations", - "description": "Grants permission to list all pending and approved team associations with your AWS Account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team-association.html#list-team-associations" - }, - "ListTenants": { - "privilege": "ListTenants", - "description": "Grants permission to list all tenants of Amazon Honeycode for your AWS Account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/tenant.html#list-tenants" - }, - "QueryTableRows": { - "privilege": "QueryTableRows", - "description": "Grants permission to query the rows of a table using a filter", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_QueryTableRows.html" - }, - "RegisterDomainForVerification": { - "privilege": "RegisterDomainForVerification", - "description": "Grants permission to request verification of the Amazon Honeycode domains for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#register-domain-for-verification" - }, - "RegisterGroups": { - "privilege": "RegisterGroups", - "description": "Grants permission to add groups to an Amazon Honeycode team for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/group.html#register-groups" - }, - "RejectTeamAssociation": { - "privilege": "RejectTeamAssociation", - "description": "Grants permission to reject a team association request for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team-association.html#reject-team-association" - }, - "RestartDomainVerification": { - "privilege": "RestartDomainVerification", - "description": "Grants permission to restart verification of the Amazon Honeycode domains for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#restart-domain-verification" - }, - "StartTableDataImportJob": { - "privilege": "StartTableDataImportJob", - "description": "Grants permission to start a table data import job", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_StartTableDataImportJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_UntagResource.html" - }, - "UpdateTeam": { - "privilege": "UpdateTeam", - "description": "Grants permission to update an Amazon Honeycode team for your AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team.html#update-team" - } - }, - "resources": { - "workbook": { - "resource": "workbook", - "arn": "arn:${Partition}:honeycode:${Region}:${Account}:workbook:workbook/${WorkbookId}", - "condition_keys": [] - }, - "table": { - "resource": "table", - "arn": "arn:${Partition}:honeycode:${Region}:${Account}:table:workbook/${WorkbookId}/table/${TableId}", - "condition_keys": [] - }, - "screen": { - "resource": "screen", - "arn": "arn:${Partition}:honeycode:${Region}:${Account}:screen:workbook/${WorkbookId}/app/${AppId}/screen/${ScreenId}", - "condition_keys": [] - }, - "screen-automation": { - "resource": "screen-automation", - "arn": "arn:${Partition}:honeycode:${Region}:${Account}:screen-automation:workbook/${WorkbookId}/app/${AppId}/screen/${ScreenId}/automation/${AutomationId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "inspector": { - "service_name": "Amazon Inspector", - "prefix": "inspector", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninspector.html", - "privileges": { - "AddAttributesToFindings": { - "privilege": "AddAttributesToFindings", - "description": "Grants permission to assign attributes (key and value pairs) to the findings that are specified by the ARNs of the findings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_AddAttributesToFindings.html" - }, - "CreateAssessmentTarget": { - "privilege": "CreateAssessmentTarget", - "description": "Grants permission to create a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateAssessmentTarget.html" - }, - "CreateAssessmentTemplate": { - "privilege": "CreateAssessmentTemplate", - "description": "Grants permission to create an assessment template for the assessment target that is specified by the ARN of the assessment target", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateAssessmentTemplate.html" - }, - "CreateExclusionsPreview": { - "privilege": "CreateExclusionsPreview", - "description": "Grants permission to start the generation of an exclusions preview for the specified assessment template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateExclusionsPreview.html" - }, - "CreateResourceGroup": { - "privilege": "CreateResourceGroup", - "description": "Grants permission to create a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateResourceGroup.html" - }, - "DeleteAssessmentRun": { - "privilege": "DeleteAssessmentRun", - "description": "Grants permission to delete the assessment run that is specified by the ARN of the assessment run", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DeleteAssessmentRun.html" - }, - "DeleteAssessmentTarget": { - "privilege": "DeleteAssessmentTarget", - "description": "Grants permission to delete the assessment target that is specified by the ARN of the assessment target", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DeleteAssessmentTarget.html" - }, - "DeleteAssessmentTemplate": { - "privilege": "DeleteAssessmentTemplate", - "description": "Grants permission to delete the assessment template that is specified by the ARN of the assessment template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DeleteAssessmentTemplate.html" - }, - "DescribeAssessmentRuns": { - "privilege": "DescribeAssessmentRuns", - "description": "Grants permission to describe the assessment runs that are specified by the ARNs of the assessment runs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeAssessmentRuns.html" - }, - "DescribeAssessmentTargets": { - "privilege": "DescribeAssessmentTargets", - "description": "Grants permission to describe the assessment targets that are specified by the ARNs of the assessment targets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeAssessmentTargets.html" - }, - "DescribeAssessmentTemplates": { - "privilege": "DescribeAssessmentTemplates", - "description": "Grants permission to describe the assessment templates that are specified by the ARNs of the assessment templates", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeAssessmentTemplates.html" - }, - "DescribeCrossAccountAccessRole": { - "privilege": "DescribeCrossAccountAccessRole", - "description": "Grants permission to describe the IAM role that enables Amazon Inspector to access your AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeCrossAccountAccessRole.html" - }, - "DescribeExclusions": { - "privilege": "DescribeExclusions", - "description": "Grants permission to describe the exclusions that are specified by the exclusions' ARNs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeExclusions.html" - }, - "DescribeFindings": { - "privilege": "DescribeFindings", - "description": "Grants permission to describe the findings that are specified by the ARNs of the findings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeFindings.html" - }, - "DescribeResourceGroups": { - "privilege": "DescribeResourceGroups", - "description": "Grants permission to describe the resource groups that are specified by the ARNs of the resource groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeResourceGroups.html" - }, - "DescribeRulesPackages": { - "privilege": "DescribeRulesPackages", - "description": "Grants permission to describe the rules packages that are specified by the ARNs of the rules packages", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeRulesPackages.html" - }, - "GetAssessmentReport": { - "privilege": "GetAssessmentReport", - "description": "Grants permission to produce an assessment report that includes detailed and comprehensive results of a specified assessment run", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_GetAssessmentReport.html" - }, - "GetExclusionsPreview": { - "privilege": "GetExclusionsPreview", - "description": "Grants permission to retrieve the exclusions preview (a list of ExclusionPreview objects) specified by the preview token", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_GetExclusionsPreview.html" - }, - "GetTelemetryMetadata": { - "privilege": "GetTelemetryMetadata", - "description": "Grants permission to get information about the data that is collected for the specified assessment run", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_GetTelemetryMetadata.html" - }, - "ListAssessmentRunAgents": { - "privilege": "ListAssessmentRunAgents", - "description": "Grants permission to list the agents of the assessment runs that are specified by the ARNs of the assessment runs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentRunAgents.html" - }, - "ListAssessmentRuns": { - "privilege": "ListAssessmentRuns", - "description": "Grants permission to list the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentRuns.html" - }, - "ListAssessmentTargets": { - "privilege": "ListAssessmentTargets", - "description": "Grants permission to list the ARNs of the assessment targets within this AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentTargets.html" - }, - "ListAssessmentTemplates": { - "privilege": "ListAssessmentTemplates", - "description": "Grants permission to list the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentTemplates.html" - }, - "ListEventSubscriptions": { - "privilege": "ListEventSubscriptions", - "description": "Grants permission to list all the event subscriptions for the assessment template that is specified by the ARN of the assessment template", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListEventSubscriptions.html" - }, - "ListExclusions": { - "privilege": "ListExclusions", - "description": "Grants permission to list exclusions that are generated by the assessment run", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListExclusions.html" - }, - "ListFindings": { - "privilege": "ListFindings", - "description": "Grants permission to list findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListFindings.html" - }, - "ListRulesPackages": { - "privilege": "ListRulesPackages", - "description": "Grants permission to list all available Amazon Inspector rules packages", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListRulesPackages.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags associated with an assessment template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListTagsForResource.html" - }, - "PreviewAgents": { - "privilege": "PreviewAgents", - "description": "Grants permission to preview the agents installed on the EC2 instances that are part of the specified assessment target", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_PreviewAgents.html" - }, - "RegisterCrossAccountAccessRole": { - "privilege": "RegisterCrossAccountAccessRole", - "description": "Grants permission to register the IAM role that Amazon Inspector uses to list your EC2 instances at the start of the assessment run or when you call the PreviewAgents action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_RegisterCrossAccountAccessRole.html" - }, - "RemoveAttributesFromFindings": { - "privilege": "RemoveAttributesFromFindings", - "description": "Grants permission to remove entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_RemoveAttributesFromFindings.html" - }, - "SetTagsForResource": { - "privilege": "SetTagsForResource", - "description": "Grants permission to set tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_SetTagsForResource.html" - }, - "StartAssessmentRun": { - "privilege": "StartAssessmentRun", - "description": "Grants permission to start the assessment run specified by the ARN of the assessment template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_StartAssessmentRun.html" - }, - "StopAssessmentRun": { - "privilege": "StopAssessmentRun", - "description": "Grants permission to stop the assessment run that is specified by the ARN of the assessment run", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_StopAssessmentRun.html" - }, - "SubscribeToEvent": { - "privilege": "SubscribeToEvent", - "description": "Grants permission to enable the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_SubscribeToEvent.html" - }, - "UnsubscribeFromEvent": { - "privilege": "UnsubscribeFromEvent", - "description": "Grants permission to disable the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_UnsubscribeFromEvent.html" - }, - "UpdateAssessmentTarget": { - "privilege": "UpdateAssessmentTarget", - "description": "Grants permission to update the assessment target that is specified by the ARN of the assessment target", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_UpdateAssessmentTarget.html" - } - }, - "resources": {}, - "conditions": {} - }, - "inspector2": { - "service_name": "Amazon Inspector2", - "prefix": "inspector2", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninspector2.html", - "privileges": { - "AssociateMember": { - "privilege": "AssociateMember", - "description": "Grants permission to associate an account with an Amazon Inspector administrator account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_AssociateMember.html" - }, - "BatchGetAccountStatus": { - "privilege": "BatchGetAccountStatus", - "description": "Grants permission to retrieve information about Amazon Inspector accounts for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetAccountStatus.html" - }, - "BatchGetCodeSnippet": { - "privilege": "BatchGetCodeSnippet", - "description": "Grants permission to retrieve code snippet information about one or more code vulnerability findings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetCodeSnippet.html" - }, - "BatchGetFreeTrialInfo": { - "privilege": "BatchGetFreeTrialInfo", - "description": "Grants permission to retrieve free trial period eligibility about Amazon Inspector accounts for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetFreeTrialInfo.html" - }, - "BatchGetMemberEc2DeepInspectionStatus": { - "privilege": "BatchGetMemberEc2DeepInspectionStatus", - "description": "Grants permission to delegated administrator to retrieve ec2 deep inspection status of member accounts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetMemberEc2DeepInspectionStatus.html" - }, - "BatchUpdateMemberEc2DeepInspectionStatus": { - "privilege": "BatchUpdateMemberEc2DeepInspectionStatus", - "description": "Grants permission to update ec2 deep inspection status by delegated administrator for its associated member accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchUpdateMemberEc2DeepInspectionStatus.html" - }, - "CancelFindingsReport": { - "privilege": "CancelFindingsReport", - "description": "Grants permission to cancel the generation of a findings report", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CancelFindingsReport.html" - }, - "CancelSbomExport": { - "privilege": "CancelSbomExport", - "description": "Grants permission to cancel the generation of an SBOM report", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CancelSbomExport.html" - }, - "CreateFilter": { - "privilege": "CreateFilter", - "description": "Grants permission to create and define the settings for a findings filter", - "access_level": "Write", - "resource_types": { - "Filter": { - "resource_type": "Filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CreateFilter.html" - }, - "CreateFindingsReport": { - "privilege": "CreateFindingsReport", - "description": "Grants permission to request the generation of a findings report", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CreateFindingsReport.html" - }, - "CreateSbomExport": { - "privilege": "CreateSbomExport", - "description": "Grants permission to request the generation of an SBOM report", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CreateSbomExport.html" - }, - "DeleteFilter": { - "privilege": "DeleteFilter", - "description": "Grants permission to delete a findings filter", - "access_level": "Write", - "resource_types": { - "Filter": { - "resource_type": "Filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DeleteFilter.html" - }, - "DescribeOrganizationConfiguration": { - "privilege": "DescribeOrganizationConfiguration", - "description": "Grants permission to retrieve information about the Amazon Inspector configuration settings for an AWS organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DescribeOrganizationConfiguration.html" - }, - "Disable": { - "privilege": "Disable", - "description": "Grants permission to disable an Amazon Inspector account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_Disable.html" - }, - "DisableDelegatedAdminAccount": { - "privilege": "DisableDelegatedAdminAccount", - "description": "Grants permission to disable an account as the delegated Amazon Inspector administrator account for an AWS organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DisableDelegatedAdminAccount.html" - }, - "DisassociateMember": { - "privilege": "DisassociateMember", - "description": "Grants permission to an Amazon Inspector administrator account to disassociate from an Inspector member account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DisassociateMember.html" - }, - "Enable": { - "privilege": "Enable", - "description": "Grants permission to enable and specify the configuration settings for a new Amazon Inspector account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_Enable.html" - }, - "EnableDelegatedAdminAccount": { - "privilege": "EnableDelegatedAdminAccount", - "description": "Grants permission to enable an account as the delegated Amazon Inspector administrator account for an AWS organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_EnableDelegatedAdminAccount.html" - }, - "GetConfiguration": { - "privilege": "GetConfiguration", - "description": "Grants permission to retrieve information about the Amazon Inspector configuration settings for an AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetConfiguration.html" - }, - "GetDelegatedAdminAccount": { - "privilege": "GetDelegatedAdminAccount", - "description": "Grants permission to retrieve information about the Amazon Inspector administrator account for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetDelegatedAdminAccount.html" - }, - "GetEc2DeepInspectionConfiguration": { - "privilege": "GetEc2DeepInspectionConfiguration", - "description": "Grants permission to retrieve ec2 deep inspection configuration for standalone accounts, delegated administrator and member account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetEc2DeepInspectionConfiguration.html" - }, - "GetEncryptionKey": { - "privilege": "GetEncryptionKey", - "description": "Grants permission to retrieve information about the KMS key used to encrypt code snippets with", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetEncryptionKey.html" - }, - "GetFindingsReportStatus": { - "privilege": "GetFindingsReportStatus", - "description": "Grants permission to retrieve status for a requested findings report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetFindingsReportStatus.html" - }, - "GetMember": { - "privilege": "GetMember", - "description": "Grants permission to retrieve information about an account that's associated with an Amazon Inspector administrator account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetMember.html" - }, - "GetSbomExport": { - "privilege": "GetSbomExport", - "description": "Grants permission to retrieve a requested SBOM report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetSbomExport.html" - }, - "ListAccountPermissions": { - "privilege": "ListAccountPermissions", - "description": "Grants permission to retrieve feature configuration permissions associated with an Amazon Inspector account within an organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListAccountPermissions.html" - }, - "ListCoverage": { - "privilege": "ListCoverage", - "description": "Grants permission to retrieve the types of statistics Amazon Inspector can generate for resources Inspector monitors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListCoverage.html" - }, - "ListCoverageStatistics": { - "privilege": "ListCoverageStatistics", - "description": "Grants permission to retrieve statistical data and other information about the resources Amazon Inspector monitors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListCoverageStatistics.html" - }, - "ListDelegatedAdminAccounts": { - "privilege": "ListDelegatedAdminAccounts", - "description": "Grants permission to retrieve information about the delegated Amazon Inspector administrator account for an AWS organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListDelegatedAdminAccounts.html" - }, - "ListFilters": { - "privilege": "ListFilters", - "description": "Grants permission to retrieve information about all findings filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListFilters.html" - }, - "ListFindingAggregations": { - "privilege": "ListFindingAggregations", - "description": "Grants permission to retrieve statistical data and other information about Amazon Inspector findings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListFindingAggregations.html" - }, - "ListFindings": { - "privilege": "ListFindings", - "description": "Grants permission to retrieve a subset of information about one or more findings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListFindings.html" - }, - "ListMembers": { - "privilege": "ListMembers", - "description": "Grants permission to retrieve information about the Amazon Inspector member accounts that are associated with an Inspector administrator account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListMembers.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve the tags for an Amazon Inspector resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListTagsForResource.html" - }, - "ListUsageTotals": { - "privilege": "ListUsageTotals", - "description": "Grants permission to retrieve aggregated usage data for an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListUsageTotals.html" - }, - "ResetEncryptionKey": { - "privilege": "ResetEncryptionKey", - "description": "Grants permission to let a customer reset to use an Amazon-owned KMS key to encrypt code snippets with", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ResetEncryptionKey.html" - }, - "SearchVulnerabilities": { - "privilege": "SearchVulnerabilities", - "description": "Grants permission to list Amazon Inspector coverage details for a specific vulnerability", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_SearchVulnerabilities.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update the tags for an Amazon Inspector resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from an Amazon Inspector resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UntagResource.html" - }, - "UpdateConfiguration": { - "privilege": "UpdateConfiguration", - "description": "Grants permission to update information about the Amazon Inspector configuration settings for an AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateConfiguration.html" - }, - "UpdateEc2DeepInspectionConfiguration": { - "privilege": "UpdateEc2DeepInspectionConfiguration", - "description": "Grants permission to update ec2 deep inspection configuration by delegated administrator, member and standalone account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateEc2DeepInspectionConfiguration.html" - }, - "UpdateEncryptionKey": { - "privilege": "UpdateEncryptionKey", - "description": "Grants permission to let a customer use a KMS key to encrypt code snippets with", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateEncryptionKey.html" - }, - "UpdateFilter": { - "privilege": "UpdateFilter", - "description": "Grants permission to update the settings for a findings filter", - "access_level": "Write", - "resource_types": { - "Filter": { - "resource_type": "Filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateFilter.html" - }, - "UpdateOrgEc2DeepInspectionConfiguration": { - "privilege": "UpdateOrgEc2DeepInspectionConfiguration", - "description": "Grants permission to update ec2 deep inspection configuration by delegated administrator for its associated member accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateOrgEc2DeepInspectionConfiguration.html" - }, - "UpdateOrganizationConfiguration": { - "privilege": "UpdateOrganizationConfiguration", - "description": "Grants permission to update Amazon Inspector configuration settings for an AWS organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateOrganizationConfiguration.html" - } - }, - "resources": { - "Filter": { - "resource": "Filter", - "arn": "arn:${Partition}:inspector2:${Region}:${Account}:owner/${OwnerId}/filter/${FilterId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Finding": { - "resource": "Finding", - "arn": "arn:${Partition}:inspector2:${Region}:${Account}:finding/${FindingId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "ivs": { - "service_name": "Amazon Interactive Video Service", - "prefix": "ivs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninteractivevideoservice.html", - "privileges": { - "BatchGetChannel": { - "privilege": "BatchGetChannel", - "description": "Grants permission to get multiple channels simultaneously by channel ARN", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_BatchGetChannel.html" - }, - "BatchGetStreamKey": { - "privilege": "BatchGetStreamKey", - "description": "Grants permission to get multiple stream keys simultaneously by stream key ARN", - "access_level": "Read", - "resource_types": { - "Stream-Key": { - "resource_type": "Stream-Key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_BatchGetStreamKey.html" - }, - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Grants permission to create a new channel and an associated stream key", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Stream-Key": { - "resource_type": "Stream-Key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_CreateChannel.html" - }, - "CreateParticipantToken": { - "privilege": "CreateParticipantToken", - "description": "Grants permission to create a participant token", - "access_level": "Write", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_CreateParticipantToken.html" - }, - "CreateRecordingConfiguration": { - "privilege": "CreateRecordingConfiguration", - "description": "Grants permission to create a a new recording configuration", - "access_level": "Write", - "resource_types": { - "Recording-Configuration": { - "resource_type": "Recording-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_CreateRecordingConfiguration.html" - }, - "CreateStage": { - "privilege": "CreateStage", - "description": "Grants permission to create a stage", - "access_level": "Write", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_CreateStage.html" - }, - "CreateStreamKey": { - "privilege": "CreateStreamKey", - "description": "Grants permission to create a stream key", - "access_level": "Write", - "resource_types": { - "Stream-Key": { - "resource_type": "Stream-Key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_CreateStreamKey.html" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Grants permission to delete a channel and channel's stream keys", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Stream-Key": { - "resource_type": "Stream-Key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeleteChannel.html" - }, - "DeletePlaybackKeyPair": { - "privilege": "DeletePlaybackKeyPair", - "description": "Grants permission to delete the playback key pair for a specified ARN", - "access_level": "Write", - "resource_types": { - "Playback-Key-Pair": { - "resource_type": "Playback-Key-Pair", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeletePlaybackKeyPair.html" - }, - "DeleteRecordingConfiguration": { - "privilege": "DeleteRecordingConfiguration", - "description": "Grants permission to delete a recording configuration for the specified ARN", - "access_level": "Write", - "resource_types": { - "Recording-Configuration": { - "resource_type": "Recording-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeleteRecordingConfiguration.html" - }, - "DeleteStage": { - "privilege": "DeleteStage", - "description": "Grants permission to delete the stage for a specified ARN", - "access_level": "Write", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_DeleteStage.html" - }, - "DeleteStreamKey": { - "privilege": "DeleteStreamKey", - "description": "Grants permission to delete the stream key for a specified ARN", - "access_level": "Write", - "resource_types": { - "Stream-Key": { - "resource_type": "Stream-Key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeleteStreamKey.html" - }, - "DisconnectParticipant": { - "privilege": "DisconnectParticipant", - "description": "Grants permission to disconnect a participant from for the specified stage ARN", - "access_level": "Write", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_DisconnectParticipant.html" - }, - "GetChannel": { - "privilege": "GetChannel", - "description": "Grants permission to get the channel configuration for a specified channel ARN", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetChannel.html" - }, - "GetParticipant": { - "privilege": "GetParticipant", - "description": "Grants permission to get participant information for a specified stage ARN, session, and participant", - "access_level": "Read", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_GetParticipant.html" - }, - "GetPlaybackKeyPair": { - "privilege": "GetPlaybackKeyPair", - "description": "Grants permission to get the playback keypair information for a specified ARN", - "access_level": "Read", - "resource_types": { - "Playback-Key-Pair": { - "resource_type": "Playback-Key-Pair", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetPlaybackKeyPair.html" - }, - "GetRecordingConfiguration": { - "privilege": "GetRecordingConfiguration", - "description": "Grants permission to get the recording configuration for the specified ARN", - "access_level": "Read", - "resource_types": { - "Recording-Configuration": { - "resource_type": "Recording-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetRecordingConfiguration.html" - }, - "GetStage": { - "privilege": "GetStage", - "description": "Grants permission to get stage information for a specified ARN", - "access_level": "Read", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_GetStage.html" - }, - "GetStageSession": { - "privilege": "GetStageSession", - "description": "Grants permission to get stage session information for a specified stage ARN and session", - "access_level": "Read", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_GetStageSession.html" - }, - "GetStream": { - "privilege": "GetStream", - "description": "Grants permission to get information about the active (live) stream on a specified channel", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetStream.html" - }, - "GetStreamKey": { - "privilege": "GetStreamKey", - "description": "Grants permission to get stream-key information for a specified ARN", - "access_level": "Read", - "resource_types": { - "Stream-Key": { - "resource_type": "Stream-Key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetStreamKey.html" - }, - "GetStreamSession": { - "privilege": "GetStreamSession", - "description": "Grants permission to get information about the stream session on a specified channel", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetStreamSession.html" - }, - "ImportPlaybackKeyPair": { - "privilege": "ImportPlaybackKeyPair", - "description": "Grants permission to import the public key", - "access_level": "Write", - "resource_types": { - "Playback-Key-Pair": { - "resource_type": "Playback-Key-Pair", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ImportPlaybackKeyPair.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to get summary information about channels", - "access_level": "List", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListChannels.html" - }, - "ListParticipantEvents": { - "privilege": "ListParticipantEvents", - "description": "Grants permission to list participant events for a specified stage ARN, session, and participant", - "access_level": "List", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListParticipantEvents.html" - }, - "ListParticipants": { - "privilege": "ListParticipants", - "description": "Grants permission to list participants for a specified stage ARN and session", - "access_level": "List", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListParticipants.html" - }, - "ListPlaybackKeyPairs": { - "privilege": "ListPlaybackKeyPairs", - "description": "Grants permission to get summary information about playback key pairs", - "access_level": "List", - "resource_types": { - "Playback-Key-Pair": { - "resource_type": "Playback-Key-Pair", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListPlaybackKeyPairs.html" - }, - "ListRecordingConfigurations": { - "privilege": "ListRecordingConfigurations", - "description": "Grants permission to get summary information about recording configurations", - "access_level": "List", - "resource_types": { - "Recording-Configuration": { - "resource_type": "Recording-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListRecordingConfigurations.html" - }, - "ListStageSessions": { - "privilege": "ListStageSessions", - "description": "Grants permission to list stage sessions for a specified stage ARN", - "access_level": "List", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListStageSessions.html" - }, - "ListStages": { - "privilege": "ListStages", - "description": "Grants permission to get summary information about stages", - "access_level": "List", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListStages.html" - }, - "ListStreamKeys": { - "privilege": "ListStreamKeys", - "description": "Grants permission to get summary information about stream keys", - "access_level": "List", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Stream-Key": { - "resource_type": "Stream-Key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListStreamKeys.html" - }, - "ListStreamSessions": { - "privilege": "ListStreamSessions", - "description": "Grants permission to get summary information about streams sessions on a specified channel", - "access_level": "List", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListStreamSessions.html" - }, - "ListStreams": { - "privilege": "ListStreams", - "description": "Grants permission to get summary information about live streams", - "access_level": "List", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListStreams.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get information about the tags for a specified ARN", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Playback-Key-Pair": { - "resource_type": "Playback-Key-Pair", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Recording-Configuration": { - "resource_type": "Recording-Configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stage": { - "resource_type": "Stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stream-Key": { - "resource_type": "Stream-Key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListTagsForResource.html" - }, - "PutMetadata": { - "privilege": "PutMetadata", - "description": "Grants permission to insert metadata into an RTMP stream for a specified channel", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_PutMetadata.html" - }, - "StopStream": { - "privilege": "StopStream", - "description": "Grants permission to disconnect a streamer on a specified channel", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_StopStream.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update tags for a resource with a specified ARN", - "access_level": "Tagging", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Playback-Key-Pair": { - "resource_type": "Playback-Key-Pair", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Recording-Configuration": { - "resource_type": "Recording-Configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stage": { - "resource_type": "Stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stream-Key": { - "resource_type": "Stream-Key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags for a resource with a specified ARN", - "access_level": "Tagging", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Playback-Key-Pair": { - "resource_type": "Playback-Key-Pair", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Recording-Configuration": { - "resource_type": "Recording-Configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stage": { - "resource_type": "Stage", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Stream-Key": { - "resource_type": "Stream-Key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_UntagResource.html" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Grants permission to update a channel's configuration", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_UpdateChannel.html" - }, - "UpdateStage": { - "privilege": "UpdateStage", - "description": "Grants permission to update a stage's configuration", - "access_level": "Write", - "resource_types": { - "Stage": { - "resource_type": "Stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_UpdateStage.html" - } - }, - "resources": { - "Channel": { - "resource": "Channel", - "arn": "arn:${Partition}:ivs:${Region}:${Account}:channel/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Stream-Key": { - "resource": "Stream-Key", - "arn": "arn:${Partition}:ivs:${Region}:${Account}:stream-key/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Playback-Key-Pair": { - "resource": "Playback-Key-Pair", - "arn": "arn:${Partition}:ivs:${Region}:${Account}:playback-key/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Recording-Configuration": { - "resource": "Recording-Configuration", - "arn": "arn:${Partition}:ivs:${Region}:${Account}:recording-configuration/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Stage": { - "resource": "Stage", - "arn": "arn:${Partition}:ivs:${Region}:${Account}:stage/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags associated with the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "ivschat": { - "service_name": "Amazon Interactive Video Service Chat", - "prefix": "ivschat", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninteractivevideoservicechat.html", - "privileges": { - "CreateChatToken": { - "privilege": "CreateChatToken", - "description": "Grants permission to create an encrypted token that is used to establish an individual WebSocket connection to a room", - "access_level": "Write", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateChatToken.html" - }, - "CreateLoggingConfiguration": { - "privilege": "CreateLoggingConfiguration", - "description": "Grants permission to create a logging configuration that allows clients to record room messages", - "access_level": "Write", - "resource_types": { - "Logging-Configuration": { - "resource_type": "Logging-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateLoggingConfiguration.html" - }, - "CreateRoom": { - "privilege": "CreateRoom", - "description": "Grants permission to create a room that allows clients to connect and pass messages", - "access_level": "Write", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateRoom.html" - }, - "DeleteLoggingConfiguration": { - "privilege": "DeleteLoggingConfiguration", - "description": "Grants permission to delete the logging configuration for a specified logging configuration ARN", - "access_level": "Write", - "resource_types": { - "Logging-Configuration": { - "resource_type": "Logging-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DeleteLoggingConfiguration.html" - }, - "DeleteMessage": { - "privilege": "DeleteMessage", - "description": "Grants permission to send an event to a specific room which directs clients to delete a specific message", - "access_level": "Write", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DeleteMessage.html" - }, - "DeleteRoom": { - "privilege": "DeleteRoom", - "description": "Grants permission to delete the room for a specified room ARN", - "access_level": "Write", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DeleteRoom.html" - }, - "DisconnectUser": { - "privilege": "DisconnectUser", - "description": "Grants permission to disconnect all connections using a specified user ID from a room", - "access_level": "Write", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DisconnectUser.html" - }, - "GetLoggingConfiguration": { - "privilege": "GetLoggingConfiguration", - "description": "Grants permission to get the logging configuration for a specified logging configuration ARN", - "access_level": "Read", - "resource_types": { - "Logging-Configuration": { - "resource_type": "Logging-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_GetLoggingConfiguration.html" - }, - "GetRoom": { - "privilege": "GetRoom", - "description": "Grants permission to get the room configuration for a specified room ARN", - "access_level": "Read", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_GetRoom.html" - }, - "ListLoggingConfigurations": { - "privilege": "ListLoggingConfigurations", - "description": "Grants permission to get summary information about logging configurations", - "access_level": "List", - "resource_types": { - "Logging-Configuration": { - "resource_type": "Logging-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_ListLoggingConfigurations.html" - }, - "ListRooms": { - "privilege": "ListRooms", - "description": "Grants permission to get summary information about rooms", - "access_level": "List", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_ListRooms.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get information about the tags for a specified ARN", - "access_level": "Read", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_ListTagsForResource.html" - }, - "SendEvent": { - "privilege": "SendEvent", - "description": "Grants permission to send an event to a room", - "access_level": "Write", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_SendEvent.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update tags for a resource with a specified ARN", - "access_level": "Tagging", - "resource_types": { - "Logging-Configuration": { - "resource_type": "Logging-Configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Room": { - "resource_type": "Room", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags for a resource with a specified ARN", - "access_level": "Tagging", - "resource_types": { - "Logging-Configuration": { - "resource_type": "Logging-Configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Room": { - "resource_type": "Room", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_UntagResource.html" - }, - "UpdateLoggingConfiguration": { - "privilege": "UpdateLoggingConfiguration", - "description": "Grants permission to update the logging configuration for a specified logging configuration ARN", - "access_level": "Write", - "resource_types": { - "Logging-Configuration": { - "resource_type": "Logging-Configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_UpdateLoggingConfiguration.html" - }, - "UpdateRoom": { - "privilege": "UpdateRoom", - "description": "Grants permission to update the room configuration for a specified room ARN", - "access_level": "Write", - "resource_types": { - "Room": { - "resource_type": "Room", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_UpdateRoom.html" - } - }, - "resources": { - "Room": { - "resource": "Room", - "arn": "arn:${Partition}:ivschat:${Region}:${Account}:room/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Logging-Configuration": { - "resource": "Logging-Configuration", - "arn": "arn:${Partition}:ivschat:${Region}:${Account}:logging-configuration/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags associated with the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "kendra": { - "service_name": "Amazon Kendra", - "prefix": "kendra", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkendra.html", - "privileges": { - "AssociateEntitiesToExperience": { - "privilege": "AssociateEntitiesToExperience", - "description": "Grants permission to put principal mapping in index", - "access_level": "Write", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_PutPrincipalMapping.html" - }, - "AssociatePersonasToEntities": { - "privilege": "AssociatePersonasToEntities", - "description": "Defines the specific permissions of users or groups in your AWS SSO identity source with access to your Amazon Kendra experience", - "access_level": "Write", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_AssociatePersonasToEntities.html" - }, - "BatchDeleteDocument": { - "privilege": "BatchDeleteDocument", - "description": "Grants permission to batch delete document", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_BatchDeleteDocument.html" - }, - "BatchDeleteFeaturedResultsSet": { - "privilege": "BatchDeleteFeaturedResultsSet", - "description": "Grants permission to delete a featured results set", - "access_level": "Write", - "resource_types": { - "featured-results-set": { - "resource_type": "featured-results-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteFeaturedResults.html" - }, - "BatchGetDocumentStatus": { - "privilege": "BatchGetDocumentStatus", - "description": "Grants permission to do batch get document status", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_BatchGetDocumentStatus.html" - }, - "BatchPutDocument": { - "privilege": "BatchPutDocument", - "description": "Grants permission to batch put document", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_BatchPutDocument.html" - }, - "ClearQuerySuggestions": { - "privilege": "ClearQuerySuggestions", - "description": "Grants permission to clear out the suggestions for a given index, generated so far", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ClearQuerySuggestions.html" - }, - "CreateAccessControlConfiguration": { - "privilege": "CreateAccessControlConfiguration", - "description": "Grants permission to create an access control configuration", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateAccessControlConfiguration.html" - }, - "CreateDataSource": { - "privilege": "CreateDataSource", - "description": "Grants permission to create a data source", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateDataSource.html" - }, - "CreateExperience": { - "privilege": "CreateExperience", - "description": "Creates an Amazon Kendra experience such as a search application", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateExperience.html" - }, - "CreateFaq": { - "privilege": "CreateFaq", - "description": "Grants permission to create an Faq", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateFaq.html" - }, - "CreateFeaturedResultsSet": { - "privilege": "CreateFeaturedResultsSet", - "description": "Grants permission to create a featured results set", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateFeaturedResults.html" - }, - "CreateIndex": { - "privilege": "CreateIndex", - "description": "Grants permission to create an Index", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateIndex.html" - }, - "CreateQuerySuggestionsBlockList": { - "privilege": "CreateQuerySuggestionsBlockList", - "description": "Grants permission to create a QuerySuggestions BlockList", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateQuerySuggestionsBlockList.html" - }, - "CreateThesaurus": { - "privilege": "CreateThesaurus", - "description": "Grants permission to create a Thesaurus", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateThesaurus.html" - }, - "DeleteAccessControlConfiguration": { - "privilege": "DeleteAccessControlConfiguration", - "description": "Grants permission to delete an access control configuration", - "access_level": "Write", - "resource_types": { - "access-control-configuration": { - "resource_type": "access-control-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteAccessControlConfiguration.html" - }, - "DeleteDataSource": { - "privilege": "DeleteDataSource", - "description": "Grants permission to delete a data source", - "access_level": "Write", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteDataSource.html" - }, - "DeleteExperience": { - "privilege": "DeleteExperience", - "description": "Deletes your Amazon Kendra experience such as a search application", - "access_level": "Write", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteExperience.html" - }, - "DeleteFaq": { - "privilege": "DeleteFaq", - "description": "Grants permission to delete an Faq", - "access_level": "Write", - "resource_types": { - "faq": { - "resource_type": "faq", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteFaq.html" - }, - "DeleteIndex": { - "privilege": "DeleteIndex", - "description": "Grants permission to delete an Index", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteIndex.html" - }, - "DeletePrincipalMapping": { - "privilege": "DeletePrincipalMapping", - "description": "Grants permission to delete principal mapping from index", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeletePrincipalMapping.html" - }, - "DeleteQuerySuggestionsBlockList": { - "privilege": "DeleteQuerySuggestionsBlockList", - "description": "Grants permission to delete a QuerySuggestions BlockList", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "query-suggestions-block-list": { - "resource_type": "query-suggestions-block-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteQuerySuggestionsBlockList.html" - }, - "DeleteThesaurus": { - "privilege": "DeleteThesaurus", - "description": "Grants permission to delete a Thesaurus", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thesaurus": { - "resource_type": "thesaurus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteThesaurus.html" - }, - "DescribeAccessControlConfiguration": { - "privilege": "DescribeAccessControlConfiguration", - "description": "Grants permission to describe an access control configuration", - "access_level": "Read", - "resource_types": { - "access-control-configuration": { - "resource_type": "access-control-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeAccessControlConfiguration.html" - }, - "DescribeDataSource": { - "privilege": "DescribeDataSource", - "description": "Grants permission to describe a data source", - "access_level": "Read", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeDataSource.html" - }, - "DescribeExperience": { - "privilege": "DescribeExperience", - "description": "Gets information about your Amazon Kendra experience such as a search application", - "access_level": "Read", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeExperience.html" - }, - "DescribeFaq": { - "privilege": "DescribeFaq", - "description": "Grants permission to describe an Faq", - "access_level": "Read", - "resource_types": { - "faq": { - "resource_type": "faq", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeFaq.html" - }, - "DescribeFeaturedResultsSet": { - "privilege": "DescribeFeaturedResultsSet", - "description": "Grants permission to describe a featured results set", - "access_level": "Read", - "resource_types": { - "featured-results-set": { - "resource_type": "featured-results-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeThesaurus.html" - }, - "DescribeIndex": { - "privilege": "DescribeIndex", - "description": "Grants permission to describe an Index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeIndex.html" - }, - "DescribePrincipalMapping": { - "privilege": "DescribePrincipalMapping", - "description": "Grants permission to describe principal mapping from index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribePrincipalMapping.html" - }, - "DescribeQuerySuggestionsBlockList": { - "privilege": "DescribeQuerySuggestionsBlockList", - "description": "Grants permission to describe a QuerySuggestions BlockList", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "query-suggestions-block-list": { - "resource_type": "query-suggestions-block-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeQuerySuggestionsBlockList.html" - }, - "DescribeQuerySuggestionsConfig": { - "privilege": "DescribeQuerySuggestionsConfig", - "description": "Grants permission to describe the query suggestions configuration for an index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeQuerySuggestionsConfig.html" - }, - "DescribeThesaurus": { - "privilege": "DescribeThesaurus", - "description": "Grants permission to describe a Thesaurus", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thesaurus": { - "resource_type": "thesaurus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeThesaurus.html" - }, - "DisassociateEntitiesFromExperience": { - "privilege": "DisassociateEntitiesFromExperience", - "description": "Prevents users or groups in your AWS SSO identity source from accessing your Amazon Kendra experience", - "access_level": "Write", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DisassociateEntitiesFromExperience.html" - }, - "DisassociatePersonasFromEntities": { - "privilege": "DisassociatePersonasFromEntities", - "description": "Removes the specific permissions of users or groups in your AWS SSO identity source with access to your Amazon Kendra experience", - "access_level": "Write", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DisassociatePersonasFromEntities.html" - }, - "GetQuerySuggestions": { - "privilege": "GetQuerySuggestions", - "description": "Grants permission to get suggestions for a query prefix", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html" - }, - "GetSnapshots": { - "privilege": "GetSnapshots", - "description": "Retrieves search metrics data", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_GetSnapshots.html" - }, - "ListAccessControlConfigurations": { - "privilege": "ListAccessControlConfigurations", - "description": "Grants permission to list the access control configurations", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListAccessControlConfigurations.html" - }, - "ListDataSourceSyncJobs": { - "privilege": "ListDataSourceSyncJobs", - "description": "Grants permission to get Data Source sync job history", - "access_level": "List", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListDataSourceSyncJobs.html" - }, - "ListDataSources": { - "privilege": "ListDataSources", - "description": "Grants permission to list the data sources", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListDataSources.html" - }, - "ListEntityPersonas": { - "privilege": "ListEntityPersonas", - "description": "Lists specific permissions of users and groups with access to your Amazon Kendra experience", - "access_level": "List", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListEntityPersonas.html" - }, - "ListExperienceEntities": { - "privilege": "ListExperienceEntities", - "description": "Lists users or groups in your AWS SSO identity source that are granted access to your Amazon Kendra experience", - "access_level": "List", - "resource_types": { - "experience": { - "resource_type": "experience", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListExperienceEntities.html" - }, - "ListExperiences": { - "privilege": "ListExperiences", - "description": "Lists one or more Amazon Kendra experiences. You can create an Amazon Kendra experience such as a search application", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListExperiences.html" - }, - "ListFaqs": { - "privilege": "ListFaqs", - "description": "Grants permission to list the Faqs", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListFaqs.html" - }, - "ListFeaturedResultsSets": { - "privilege": "ListFeaturedResultsSets", - "description": "Grants permission to list the featured results sets", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListFeaturedResults.html" - }, - "ListGroupsOlderThanOrderingId": { - "privilege": "ListGroupsOlderThanOrderingId", - "description": "Grants permission to list groups that are older than an ordering id", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListGroupsOlderThanOrderingId.html" - }, - "ListIndices": { - "privilege": "ListIndices", - "description": "Grants permission to list the indexes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListIndices.html" - }, - "ListQuerySuggestionsBlockLists": { - "privilege": "ListQuerySuggestionsBlockLists", - "description": "Grants permission to list the QuerySuggestions BlockLists", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListQuerySuggestionsBlockLists.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "faq": { - "resource_type": "faq", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "featured-results-set": { - "resource_type": "featured-results-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "query-suggestions-block-list": { - "resource_type": "query-suggestions-block-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thesaurus": { - "resource_type": "thesaurus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListTagsForResource.html" - }, - "ListThesauri": { - "privilege": "ListThesauri", - "description": "Grants permission to list the Thesauri", - "access_level": "List", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListThesauri.html" - }, - "PutPrincipalMapping": { - "privilege": "PutPrincipalMapping", - "description": "Grants permission to put principal mapping in index", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_PutPrincipalMapping.html" - }, - "Query": { - "privilege": "Query", - "description": "Grants permission to query documents and faqs", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html" - }, - "Retrieve": { - "privilege": "Retrieve", - "description": "Grants permission to retrieve relevant content from an index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Retrieve.html" - }, - "StartDataSourceSyncJob": { - "privilege": "StartDataSourceSyncJob", - "description": "Grants permission to start Data Source sync job", - "access_level": "Write", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_StartDataSourceSyncJob.html" - }, - "StopDataSourceSyncJob": { - "privilege": "StopDataSourceSyncJob", - "description": "Grants permission to stop Data Source sync job", - "access_level": "Write", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_StopDataSourceSyncJob.html" - }, - "SubmitFeedback": { - "privilege": "SubmitFeedback", - "description": "Grants permission to send feedback about a query results", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_SubmitFeedback.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource with given key value pairs", - "access_level": "Tagging", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "faq": { - "resource_type": "faq", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "featured-results-set": { - "resource_type": "featured-results-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "query-suggestions-block-list": { - "resource_type": "query-suggestions-block-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thesaurus": { - "resource_type": "thesaurus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the tag with the given key from a resource", - "access_level": "Tagging", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "faq": { - "resource_type": "faq", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "featured-results-set": { - "resource_type": "featured-results-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "query-suggestions-block-list": { - "resource_type": "query-suggestions-block-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thesaurus": { - "resource_type": "thesaurus", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UntagResource.html" - }, - "UpdateAccessControlConfiguration": { - "privilege": "UpdateAccessControlConfiguration", - "description": "Grants permission to update an access control configuration", - "access_level": "Write", - "resource_types": { - "access-control-configuration": { - "resource_type": "access-control-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateAccessControlConfiguration.html" - }, - "UpdateDataSource": { - "privilege": "UpdateDataSource", - "description": "Grants permission to update a data source", - "access_level": "Write", - "resource_types": { - "data-source": { - "resource_type": "data-source", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateDataSource.html" - }, - "UpdateExperience": { - "privilege": "UpdateExperience", - "description": "Updates your Amazon Kendra experience such as a search application", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateExperience.html" - }, - "UpdateFeaturedResultsSet": { - "privilege": "UpdateFeaturedResultsSet", - "description": "Grants permission to update a featured results set", - "access_level": "Write", - "resource_types": { - "featured-results-set": { - "resource_type": "featured-results-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateFeaturedResults.html" - }, - "UpdateIndex": { - "privilege": "UpdateIndex", - "description": "Grants permission to update an Index", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html" - }, - "UpdateQuerySuggestionsBlockList": { - "privilege": "UpdateQuerySuggestionsBlockList", - "description": "Grants permission to update a QuerySuggestions BlockList", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "query-suggestions-block-list": { - "resource_type": "query-suggestions-block-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateQuerySuggestionsBlockList.html" - }, - "UpdateQuerySuggestionsConfig": { - "privilege": "UpdateQuerySuggestionsConfig", - "description": "Grants permission to update the query suggestions configuration for an index", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateQuerySuggestionsConfig.html" - }, - "UpdateThesaurus": { - "privilege": "UpdateThesaurus", - "description": "Grants permission to update a thesaurus", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thesaurus": { - "resource_type": "thesaurus", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateThesaurus.html" - } - }, - "resources": { - "index": { - "resource": "index", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "data-source": { - "resource": "data-source", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/data-source/${DataSourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "faq": { - "resource": "faq", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/faq/${FaqId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "experience": { - "resource": "experience", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/experience/${ExperienceId}", - "condition_keys": [] - }, - "thesaurus": { - "resource": "thesaurus", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/thesaurus/${ThesaurusId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "query-suggestions-block-list": { - "resource": "query-suggestions-block-list", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/query-suggestions-block-list/${QuerySuggestionsBlockListId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "featured-results-set": { - "resource": "featured-results-set", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/featured-results-set/${FeaturedResultsSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "access-control-configuration": { - "resource": "access-control-configuration", - "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/access-control-configuration/${AccessControlConfigurationId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "kendra-ranking": { - "service_name": "Amazon Kendra Intelligent Ranking", - "prefix": "kendra-ranking", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkendraintelligentranking.html", - "privileges": { - "CreateRescoreExecutionPlan": { - "privilege": "CreateRescoreExecutionPlan", - "description": "Grants permission to create a RescoreExecutionPlan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_CreateRescoreExecutionPlan.html" - }, - "DeleteRescoreExecutionPlan": { - "privilege": "DeleteRescoreExecutionPlan", - "description": "Grants permission to delete a RescoreExecutionPlan", - "access_level": "Write", - "resource_types": { - "rescore-execution-plan": { - "resource_type": "rescore-execution-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_DeleteRescoreExecutionPlan.html" - }, - "DescribeRescoreExecutionPlan": { - "privilege": "DescribeRescoreExecutionPlan", - "description": "Grants permission to describe a RescoreExecutionPlan", - "access_level": "Read", - "resource_types": { - "rescore-execution-plan": { - "resource_type": "rescore-execution-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_DescribeRescoreExecutionPlan.html" - }, - "ListRescoreExecutionPlans": { - "privilege": "ListRescoreExecutionPlans", - "description": "Grants permission to list all RescoreExecutionPlans", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_ListRescoreExecutionPlans.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "rescore-execution-plan": { - "resource_type": "rescore-execution-plan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_ListTagsForResource.html" - }, - "Rescore": { - "privilege": "Rescore", - "description": "Grants permission to Rescore documents with Kendra Intelligent Ranking", - "access_level": "Read", - "resource_types": { - "rescore-execution-plan": { - "resource_type": "rescore-execution-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_Rescore.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource with given key value pairs", - "access_level": "Tagging", - "resource_types": { - "rescore-execution-plan": { - "resource_type": "rescore-execution-plan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the tag with the given key from a resource", - "access_level": "Tagging", - "resource_types": { - "rescore-execution-plan": { - "resource_type": "rescore-execution-plan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_UntagResource.html" - }, - "UpdateRescoreExecutionPlan": { - "privilege": "UpdateRescoreExecutionPlan", - "description": "Grants permission to update a RescoreExecutionPlan", - "access_level": "Write", - "resource_types": { - "rescore-execution-plan": { - "resource_type": "rescore-execution-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_UpdateRescoreExecutionPlan.html" - } - }, - "resources": { - "rescore-execution-plan": { - "resource": "rescore-execution-plan", - "arn": "arn:${Partition}:kendra-ranking:${Region}:${Account}:rescore-execution-plan/${RescoreExecutionPlanId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "cassandra": { - "service_name": "Amazon Keyspaces (for Apache Cassandra)", - "prefix": "cassandra", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkeyspacesforapachecassandra.html", - "privileges": { - "Alter": { - "privilege": "Alter", - "description": "Grants permission to alter a keyspace or table", - "access_level": "Write", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "AlterMultiRegionResource": { - "privilege": "AlterMultiRegionResource", - "description": "Grants permission to alter a multiregion keyspace or table", - "access_level": "Write", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "Create": { - "privilege": "Create", - "description": "Grants permission to create a keyspace or table", - "access_level": "Write", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "CreateMultiRegionResource": { - "privilege": "CreateMultiRegionResource", - "description": "Grants permission to create a multiregion keyspace or table", - "access_level": "Write", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "Drop": { - "privilege": "Drop", - "description": "Grants permission to drop a keyspace or table", - "access_level": "Write", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "DropMultiRegionResource": { - "privilege": "DropMultiRegionResource", - "description": "Grants permission to drop a multiregion keyspace or table", - "access_level": "Write", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "Modify": { - "privilege": "Modify", - "description": "Grants permission to INSERT, UPDATE or DELETE data in a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "ModifyMultiRegionResource": { - "privilege": "ModifyMultiRegionResource", - "description": "Grants permission to INSERT, UPDATE or DELETE data in a multiregion table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "Restore": { - "privilege": "Restore", - "description": "Grants permission to restore table from a backup", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "RestoreMultiRegionTable": { - "privilege": "RestoreMultiRegionTable", - "description": "Grants permission to restore multiregion table from a backup", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "Select": { - "privilege": "Select", - "description": "Grants permission to SELECT data from a table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "SelectMultiRegionResource": { - "privilege": "SelectMultiRegionResource", - "description": "Grants permission to SELECT data from a multiregion table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "TagMultiRegionResource": { - "privilege": "TagMultiRegionResource", - "description": "Grants permission to tag a multiregion keyspace or table", - "access_level": "Tagging", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a keyspace or table", - "access_level": "Tagging", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "UnTagMultiRegionResource": { - "privilege": "UnTagMultiRegionResource", - "description": "Grants permission to untag a multiregion keyspace or table", - "access_level": "Tagging", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a keyspace or table", - "access_level": "Tagging", - "resource_types": { - "keyspace": { - "resource_type": "keyspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - }, - "UpdatePartitioner": { - "privilege": "UpdatePartitioner", - "description": "Grants permission to UPDATE the partitioner in a system table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" - } - }, - "resources": { - "keyspace": { - "resource": "keyspace", - "arn": "arn:${Partition}:cassandra:${Region}:${Account}:/keyspace/${KeyspaceName}/", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "table": { - "resource": "table", - "arn": "arn:${Partition}:cassandra:${Region}:${Account}:/keyspace/${KeyspaceName}/table/${TableName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "kinesis": { - "service_name": "Amazon Kinesis", - "prefix": "kinesis", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesis.html", - "privileges": { - "AddTagsToStream": { - "privilege": "AddTagsToStream", - "description": "Grants permission to add or update tags for the specified Amazon Kinesis stream. Each stream can have up to 10 tags", - "access_level": "Tagging", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_AddTagsToStream.html" - }, - "CreateStream": { - "privilege": "CreateStream", - "description": "Grants permission to create a Amazon Kinesis stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_CreateStream.html" - }, - "DecreaseStreamRetentionPeriod": { - "privilege": "DecreaseStreamRetentionPeriod", - "description": "Grants permission to decrease the stream's retention period, which is the length of time data records are accessible after they are added to the stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DecreaseStreamRetentionPeriod.html" - }, - "DeleteStream": { - "privilege": "DeleteStream", - "description": "Grants permission to delete a stream and all its shards and data", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DeleteStream.html" - }, - "DeregisterStreamConsumer": { - "privilege": "DeregisterStreamConsumer", - "description": "Grants permission to deregister a stream consumer with a Kinesis data stream", - "access_level": "Write", - "resource_types": { - "consumer": { - "resource_type": "consumer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DeregisterStreamConsumer.html" - }, - "DescribeLimits": { - "privilege": "DescribeLimits", - "description": "Grants permission to describe the shard limits and usage for the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeLimits.html" - }, - "DescribeStream": { - "privilege": "DescribeStream", - "description": "Grants permission to describe the specified stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeStream.html" - }, - "DescribeStreamConsumer": { - "privilege": "DescribeStreamConsumer", - "description": "Grants permission to get the description of a registered stream consumer", - "access_level": "Read", - "resource_types": { - "consumer": { - "resource_type": "consumer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeStreamConsumer.html" - }, - "DescribeStreamSummary": { - "privilege": "DescribeStreamSummary", - "description": "Grants permission to provide a summarized description of the specified Kinesis data stream without the shard list", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeStreamSummary.html" - }, - "DisableEnhancedMonitoring": { - "privilege": "DisableEnhancedMonitoring", - "description": "Grants permission to disables enhanced monitoring", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DisableEnhancedMonitoring.html" - }, - "EnableEnhancedMonitoring": { - "privilege": "EnableEnhancedMonitoring", - "description": "Grants permission to enable enhanced Kinesis data stream monitoring for shard-level metrics", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_EnableEnhancedMonitoring.html" - }, - "GetRecords": { - "privilege": "GetRecords", - "description": "Grants permission to get data records from a shard", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetRecords.html" - }, - "GetShardIterator": { - "privilege": "GetShardIterator", - "description": "Grants permission to get a shard iterator. A shard iterator expires five minutes after it is returned to the requester", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html" - }, - "IncreaseStreamRetentionPeriod": { - "privilege": "IncreaseStreamRetentionPeriod", - "description": "Grants permission to increase the stream's retention period, which is the length of time data records are accessible after they are added to the stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_IncreaseStreamRetentionPeriod.html" - }, - "ListShards": { - "privilege": "ListShards", - "description": "Grants permission to list the shards in a stream and provides information about each shard", - "access_level": "List", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html" - }, - "ListStreamConsumers": { - "privilege": "ListStreamConsumers", - "description": "Grants permission to list the stream consumers registered to receive data from a Kinesis stream using enhanced fan-out, and provides information about each consumer", - "access_level": "List", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListStreamConsumers.html" - }, - "ListStreams": { - "privilege": "ListStreams", - "description": "Grants permission to list your streams", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListStreams.html" - }, - "ListTagsForStream": { - "privilege": "ListTagsForStream", - "description": "Grants permission to list the tags for the specified Amazon Kinesis stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListTagsForStream.html" - }, - "MergeShards": { - "privilege": "MergeShards", - "description": "Grants permission to merge two adjacent shards in a stream and combines them into a single shard to reduce the stream's capacity to ingest and transport data", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_MergeShards.html" - }, - "PutRecord": { - "privilege": "PutRecord", - "description": "Grants permission to write a single data record from a producer into an Amazon Kinesis stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html" - }, - "PutRecords": { - "privilege": "PutRecords", - "description": "Grants permission to write multiple data records from a producer into an Amazon Kinesis stream in a single call (also referred to as a PutRecords request)", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecords.html" - }, - "RegisterStreamConsumer": { - "privilege": "RegisterStreamConsumer", - "description": "Grants permission to register a stream consumer with a Kinesis data stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_RegisterStreamConsumer.html" - }, - "RemoveTagsFromStream": { - "privilege": "RemoveTagsFromStream", - "description": "Grants permission to remove tags from the specified Kinesis data stream. Removed tags are deleted and cannot be recovered after this operation successfully completes", - "access_level": "Tagging", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_RemoveTagsFromStream.html" - }, - "SplitShard": { - "privilege": "SplitShard", - "description": "Grants permission to split a shard into two new shards in the Kinesis data stream, to increase the stream's capacity to ingest and transport data", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_SplitShard.html" - }, - "StartStreamEncryption": { - "privilege": "StartStreamEncryption", - "description": "Grants permission to enable or update server-side encryption using an AWS KMS key for a specified stream", - "access_level": "Write", - "resource_types": { - "kmsKey": { - "resource_type": "kmsKey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_StartStreamEncryption.html" - }, - "StopStreamEncryption": { - "privilege": "StopStreamEncryption", - "description": "Grants permission to disable server-side encryption for a specified stream", - "access_level": "Write", - "resource_types": { - "kmsKey": { - "resource_type": "kmsKey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_StopStreamEncryption.html" - }, - "SubscribeToShard": { - "privilege": "SubscribeToShard", - "description": "Grants permission to listen to a specific shard with enhanced fan-out", - "access_level": "Read", - "resource_types": { - "consumer": { - "resource_type": "consumer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_SubscribeToShard.html" - }, - "UpdateShardCount": { - "privilege": "UpdateShardCount", - "description": "Grants permission to update the shard count of the specified stream to the specified number of shards", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_UpdateShardCount.html" - }, - "UpdateStreamMode": { - "privilege": "UpdateStreamMode", - "description": "Grants permission to update the capacity mode of the data stream", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_UpdateStreamMode.html" - } - }, - "resources": { - "stream": { - "resource": "stream", - "arn": "arn:${Partition}:kinesis:${Region}:${Account}:stream/${StreamName}", - "condition_keys": [] - }, - "consumer": { - "resource": "consumer", - "arn": "arn:${Partition}:kinesis:${Region}:${Account}:${StreamType}/${StreamName}/consumer/${ConsumerName}:${ConsumerCreationTimpstamp}", - "condition_keys": [] - }, - "kmsKey": { - "resource": "kmsKey", - "arn": "arn:${Partition}:kms:${Region}:${Account}:key/${KeyId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "kinesisanalytics": { - "service_name": "Amazon Kinesis Analytics", - "prefix": "kinesisanalytics", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisanalytics.html", - "privileges": { - "AddApplicationInput": { - "privilege": "AddApplicationInput", - "description": "Grants permission to add input to the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationInput.html" - }, - "AddApplicationOutput": { - "privilege": "AddApplicationOutput", - "description": "Grants permission to add output to the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationOutput.html" - }, - "AddApplicationReferenceDataSource": { - "privilege": "AddApplicationReferenceDataSource", - "description": "Grants permission to add reference data source to the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationReferenceDataSource.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_CreateApplication.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplication.html" - }, - "DeleteApplicationOutput": { - "privilege": "DeleteApplicationOutput", - "description": "Grants permission to delete the specified output of the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationOutput.html" - }, - "DeleteApplicationReferenceDataSource": { - "privilege": "DeleteApplicationReferenceDataSource", - "description": "Grants permission to delete the specified reference data source of the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationReferenceDataSource.html" - }, - "DescribeApplication": { - "privilege": "DescribeApplication", - "description": "Grants permission to describe the specified application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DescribeApplication.html" - }, - "DiscoverInputSchema": { - "privilege": "DiscoverInputSchema", - "description": "Grants permission to discover the input schema for the application", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DiscoverInputSchema.html" - }, - "GetApplicationState": { - "privilege": "GetApplicationState", - "description": "Grants permission to Kinesis Data Analytics console to display stream results for Kinesis Data Analytics SQL runtime applications", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/dev/api-permissions-reference.html#api-permissions-reference-gas" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list applications for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListApplications.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to fetch the tags associated with the application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListTagsForResource.html" - }, - "StartApplication": { - "privilege": "StartApplication", - "description": "Grants permission to start the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_StartApplication.html" - }, - "StopApplication": { - "privilege": "StopApplication", - "description": "Grants permission to stop the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_StopApplication.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to the application", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the specified tags from the application", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_UpdateApplication.html" - }, - "AddApplicationCloudWatchLoggingOption": { - "privilege": "AddApplicationCloudWatchLoggingOption", - "description": "Grants permission to add cloudwatch logging option to the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationCloudWatchLoggingOption.html" - }, - "AddApplicationInputProcessingConfiguration": { - "privilege": "AddApplicationInputProcessingConfiguration", - "description": "Grants permission to add input processing configuration to the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationInputProcessingConfiguration.html" - }, - "AddApplicationVpcConfiguration": { - "privilege": "AddApplicationVpcConfiguration", - "description": "Grants permission to add VPC configuration to the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationVpcConfiguration.html" - }, - "CreateApplicationPresignedUrl": { - "privilege": "CreateApplicationPresignedUrl", - "description": "Grants permission to create and return a URL that you can use to connect to an application's extension", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_CreateApplicationPresignedUrl.html" - }, - "CreateApplicationSnapshot": { - "privilege": "CreateApplicationSnapshot", - "description": "Grants permission to create a snapshot for an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_CreateApplicationSnapshot.html" - }, - "DeleteApplicationCloudWatchLoggingOption": { - "privilege": "DeleteApplicationCloudWatchLoggingOption", - "description": "Grants permission to delete the specified cloudwatch logging option of the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationCloudWatchLoggingOption.html" - }, - "DeleteApplicationInputProcessingConfiguration": { - "privilege": "DeleteApplicationInputProcessingConfiguration", - "description": "Grants permission to delete the specified input processing configuration of the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationInputProcessingConfiguration.html" - }, - "DeleteApplicationSnapshot": { - "privilege": "DeleteApplicationSnapshot", - "description": "Grants permission to delete a snapshot for an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationSnapshot.html" - }, - "DeleteApplicationVpcConfiguration": { - "privilege": "DeleteApplicationVpcConfiguration", - "description": "Grants permission to delete the specified VPC configuration of the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationVpcConfiguration.html" - }, - "DescribeApplicationSnapshot": { - "privilege": "DescribeApplicationSnapshot", - "description": "Grants permission to describe an application snapshot", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DescribeApplicationSnapshot.html" - }, - "DescribeApplicationVersion": { - "privilege": "DescribeApplicationVersion", - "description": "Grants permission to describe the application version of an application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DescribeApplicationVersion.html" - }, - "ListApplicationSnapshots": { - "privilege": "ListApplicationSnapshots", - "description": "Grants permission to list the snapshots for an application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListApplicationSnapshots.html" - }, - "ListApplicationVersions": { - "privilege": "ListApplicationVersions", - "description": "Grants permission to list application versions of an application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListApplicationVersions.html" - }, - "RollbackApplication": { - "privilege": "RollbackApplication", - "description": "Grants permission to perform rollback operation on an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_RollbackApplication.html" - }, - "UpdateApplicationMaintenanceConfiguration": { - "privilege": "UpdateApplicationMaintenanceConfiguration", - "description": "Grants permission to update the maintenance configuration of an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_UpdateApplicationMaintenanceConfiguration.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:kinesisanalytics:${Region}:${Account}:application/${ApplicationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value assoicated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "firehose": { - "service_name": "Amazon Kinesis Firehose", - "prefix": "firehose", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisfirehose.html", - "privileges": { - "CreateDeliveryStream": { - "privilege": "CreateDeliveryStream", - "description": "Grants permission to create a delivery stream", - "access_level": "Write", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html" - }, - "DeleteDeliveryStream": { - "privilege": "DeleteDeliveryStream", - "description": "Grants permission to delete a delivery stream and its data", - "access_level": "Write", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_DeleteDeliveryStream.html" - }, - "DescribeDeliveryStream": { - "privilege": "DescribeDeliveryStream", - "description": "Grants permission to describe the specified delivery stream and gets the status", - "access_level": "Read", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_DescribeDeliveryStream.html" - }, - "ListDeliveryStreams": { - "privilege": "ListDeliveryStreams", - "description": "Grants permission to list your delivery streams", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_ListDeliveryStreams.html" - }, - "ListTagsForDeliveryStream": { - "privilege": "ListTagsForDeliveryStream", - "description": "Grants permission to list the tags for the specified delivery stream", - "access_level": "List", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_ListTagsForDeliveryStream.html" - }, - "PutRecord": { - "privilege": "PutRecord", - "description": "Grants permission to write a single data record into an Amazon Kinesis Firehose delivery stream", - "access_level": "Write", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecord.html" - }, - "PutRecordBatch": { - "privilege": "PutRecordBatch", - "description": "Grants permission to write multiple data records into a delivery stream in a single call, which can achieve higher throughput per producer than when writing single records", - "access_level": "Write", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html" - }, - "StartDeliveryStreamEncryption": { - "privilege": "StartDeliveryStreamEncryption", - "description": "Grants permission to enable server-side encryption (SSE) for the delivery stream", - "access_level": "Write", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_StartDeliveryStreamEncryption.html" - }, - "StopDeliveryStreamEncryption": { - "privilege": "StopDeliveryStreamEncryption", - "description": "Grants permission to disable the specified destination of the specified delivery stream", - "access_level": "Write", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_StopDeliveryStreamEncryption.html" - }, - "TagDeliveryStream": { - "privilege": "TagDeliveryStream", - "description": "Grants permission to add or update tags for the specified delivery stream", - "access_level": "Tagging", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_TagDeliveryStream.html" - }, - "UntagDeliveryStream": { - "privilege": "UntagDeliveryStream", - "description": "Grants permission to remove tags from the specified delivery stream", - "access_level": "Tagging", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_UntagDeliveryStream.html" - }, - "UpdateDestination": { - "privilege": "UpdateDestination", - "description": "Grants permission to update the specified destination of the specified delivery stream", - "access_level": "Write", - "resource_types": { - "deliverystream": { - "resource_type": "deliverystream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_UpdateDestination.html" - } - }, - "resources": { - "deliverystream": { - "resource": "deliverystream", - "arn": "arn:${Partition}:firehose:${Region}:${Account}:deliverystream/${DeliveryStreamName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "kinesisvideo": { - "service_name": "Amazon Kinesis Video Streams", - "prefix": "kinesisvideo", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisvideostreams.html", - "privileges": { - "ConnectAsMaster": { - "privilege": "ConnectAsMaster", - "description": "Grants permission to connect as a master to the signaling channel specified by the endpoint", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ConnectAsMaster.html" - }, - "ConnectAsViewer": { - "privilege": "ConnectAsViewer", - "description": "Grants permission to connect as a viewer to the signaling channel specified by the endpoint", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ConnectAsViewer.html" - }, - "CreateSignalingChannel": { - "privilege": "CreateSignalingChannel", - "description": "Grants permission to create a signaling channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_CreateSignalingChannel.html" - }, - "CreateStream": { - "privilege": "CreateStream", - "description": "Grants permission to create a Kinesis video stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_CreateStream.html" - }, - "DeleteEdgeConfiguration": { - "privilege": "DeleteEdgeConfiguration", - "description": "Grants permission to delete the edge configuration of your Kinesis Video Stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteEdgeConfiguration.html" - }, - "DeleteSignalingChannel": { - "privilege": "DeleteSignalingChannel", - "description": "Grants permission to delete an existing signaling channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteSignalingChannel.html" - }, - "DeleteStream": { - "privilege": "DeleteStream", - "description": "Grants permission to delete an existing Kinesis video stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteStream.html" - }, - "DescribeEdgeConfiguration": { - "privilege": "DescribeEdgeConfiguration", - "description": "Grants permission to describe the edge configuration of your Kinesis Video Stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeEdgeConfiguration.html" - }, - "DescribeImageGenerationConfiguration": { - "privilege": "DescribeImageGenerationConfiguration", - "description": "Grants permission to describe the image generation configuration of your Kinesis video stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeImageGenerationConfiguration.html" - }, - "DescribeMappedResourceConfiguration": { - "privilege": "DescribeMappedResourceConfiguration", - "description": "Grants permission to describe the resource mapped to the Kinesis video stream", - "access_level": "List", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeMappedResourceConfiguration.html" - }, - "DescribeMediaStorageConfiguration": { - "privilege": "DescribeMediaStorageConfiguration", - "description": "Grants permission to describe the media storage configuration of a signaling channel", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeMediaStorageConfiguration.html" - }, - "DescribeNotificationConfiguration": { - "privilege": "DescribeNotificationConfiguration", - "description": "Grants permission to describe the notification configuration of your Kinesis video stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeNotificationConfiguration.html" - }, - "DescribeSignalingChannel": { - "privilege": "DescribeSignalingChannel", - "description": "Grants permission to describe the specified signaling channel", - "access_level": "List", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeSignalingChannel.html" - }, - "DescribeStream": { - "privilege": "DescribeStream", - "description": "Grants permission to describe the specified Kinesis video stream", - "access_level": "List", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeStream.html" - }, - "GetClip": { - "privilege": "GetClip", - "description": "Grants permission to get a media clip from a video stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetClip.html" - }, - "GetDASHStreamingSessionURL": { - "privilege": "GetDASHStreamingSessionURL", - "description": "Grants permission to create a URL for MPEG-DASH video streaming", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetDASHStreamingSessionURL.html" - }, - "GetDataEndpoint": { - "privilege": "GetDataEndpoint", - "description": "Grants permission to get an endpoint for a specified stream for either reading or writing media data to Kinesis Video Streams", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_GetDataEndpoint.html" - }, - "GetHLSStreamingSessionURL": { - "privilege": "GetHLSStreamingSessionURL", - "description": "Grants permission to create a URL for HLS video streaming", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetHLSStreamingSessionURL.html" - }, - "GetIceServerConfig": { - "privilege": "GetIceServerConfig", - "description": "Grants permission to get the ICE server configuration", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_AWSAcuitySignalingService_GetIceServerConfig.html" - }, - "GetImages": { - "privilege": "GetImages", - "description": "Grants permission to get generated images from your Kinesis video stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetImages.html" - }, - "GetMedia": { - "privilege": "GetMedia", - "description": "Grants permission to return media content of a Kinesis video stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_dataplane_GetMedia.html" - }, - "GetMediaForFragmentList": { - "privilege": "GetMediaForFragmentList", - "description": "Grants permission to read and return media data only from persisted storage", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetMediaForFragmentList.html" - }, - "GetSignalingChannelEndpoint": { - "privilege": "GetSignalingChannelEndpoint", - "description": "Grants permission to get endpoints for a specified combination of protocol and role for a signaling channel", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_GetSignalingChannelEndpoint.html" - }, - "JoinStorageSession": { - "privilege": "JoinStorageSession", - "description": "Grants permission to join a storage session for a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_AWSAcuityRoutingServiceLambda_JoinStorageSession.html" - }, - "ListEdgeAgentConfigurations": { - "privilege": "ListEdgeAgentConfigurations", - "description": "Grants permission to list an edge agent configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListEdgeAgentConfigurations.html" - }, - "ListFragments": { - "privilege": "ListFragments", - "description": "Grants permission to list the fragments from archival storage based on the pagination token or selector type with range specified", - "access_level": "List", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_ListFragments.html" - }, - "ListSignalingChannels": { - "privilege": "ListSignalingChannels", - "description": "Grants permission to list your signaling channels", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListSignalingChannels.html" - }, - "ListStreams": { - "privilege": "ListStreams", - "description": "Grants permission to list your Kinesis video streams", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListStreams.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to fetch the tags associated with your resource", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListTagsForResource.html" - }, - "ListTagsForStream": { - "privilege": "ListTagsForStream", - "description": "Grants permission to fetch the tags associated with Kinesis video stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListTagsForStream.html" - }, - "PutMedia": { - "privilege": "PutMedia", - "description": "Grants permission to send media data to a Kinesis video stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_dataplane_PutMedia.html" - }, - "SendAlexaOfferToMaster": { - "privilege": "SendAlexaOfferToMaster", - "description": "Grants permission to send the Alexa SDP offer to the master", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_AWSAcuitySignalingService_SendAlexaOfferToMaster.html" - }, - "StartEdgeConfigurationUpdate": { - "privilege": "StartEdgeConfigurationUpdate", - "description": "Grants permission to start edge configuration update of your Kinesis Video Stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_StartEdgeConfigurationUpdate.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to attach set of tags to your resource", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_TagResource.html" - }, - "TagStream": { - "privilege": "TagStream", - "description": "Grants permission to attach set of tags to your Kinesis video streams", - "access_level": "Tagging", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_TagStream.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from your resource", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UntagResource.html" - }, - "UntagStream": { - "privilege": "UntagStream", - "description": "Grants permission to remove one or more tags from your Kinesis video streams", - "access_level": "Tagging", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UntagStream.html" - }, - "UpdateDataRetention": { - "privilege": "UpdateDataRetention", - "description": "Grants permission to update the data retention period of your Kinesis video stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateDataRetention.html" - }, - "UpdateImageGenerationConfiguration": { - "privilege": "UpdateImageGenerationConfiguration", - "description": "Grants permission to update the image generation configuration of your Kinesis video stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateImageGenerationConfiguration.html" - }, - "UpdateMediaStorageConfiguration": { - "privilege": "UpdateMediaStorageConfiguration", - "description": "Grants permission to create or update an mapping between a signaling channel and stream", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateMediaStorageConfiguration.html" - }, - "UpdateNotificationConfiguration": { - "privilege": "UpdateNotificationConfiguration", - "description": "Grants permission to update the notification configuration of your Kinesis video stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateNotificationConfiguration.html" - }, - "UpdateSignalingChannel": { - "privilege": "UpdateSignalingChannel", - "description": "Grants permission to update an existing signaling channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateSignalingChannel.html" - }, - "UpdateStream": { - "privilege": "UpdateStream", - "description": "Grants permission to update an existing Kinesis video stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateStream.html" - } - }, - "resources": { - "stream": { - "resource": "stream", - "arn": "arn:${Partition}:kinesisvideo:${Region}:${Account}:stream/${StreamName}/${CreationTime}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:kinesisvideo:${Region}:${Account}:channel/${ChannelName}/${CreationTime}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters requests based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value assoicated with the stream", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters requests based on the presence of mandatory tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "lex": { - "service_name": "Amazon Lex", - "prefix": "lex", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlex.html", - "privileges": { - "CreateBotVersion": { - "privilege": "CreateBotVersion", - "description": "Grants permission to create a new version of an existing bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBotVersion.html" - }, - "CreateIntentVersion": { - "privilege": "CreateIntentVersion", - "description": "Creates a new version based on the $LATEST version of the specified intent", - "access_level": "Write", - "resource_types": { - "intent version": { - "resource_type": "intent version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_CreateIntentVersion.html" - }, - "CreateSlotTypeVersion": { - "privilege": "CreateSlotTypeVersion", - "description": "Creates a new version based on the $LATEST version of the specified slot type", - "access_level": "Write", - "resource_types": { - "slottype version": { - "resource_type": "slottype version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_CreateSlotTypeVersion.html" - }, - "DeleteBot": { - "privilege": "DeleteBot", - "description": "Grants permission to delete an existing bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "lex:DeleteBotAlias", - "lex:DeleteBotChannel", - "lex:DeleteBotLocale", - "lex:DeleteBotVersion", - "lex:DeleteIntent", - "lex:DeleteSlot", - "lex:DeleteSlotType" - ] - }, - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBot.html" - }, - "DeleteBotAlias": { - "privilege": "DeleteBotAlias", - "description": "Grants permission to delete an existing bot alias in a bot", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBotAlias.html" - }, - "DeleteBotChannelAssociation": { - "privilege": "DeleteBotChannelAssociation", - "description": "Deletes the association between a Amazon Lex bot alias and a messaging platform", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_DeleteBotChannelAssociation.html" - }, - "DeleteBotVersion": { - "privilege": "DeleteBotVersion", - "description": "Grants permission to delete an existing bot version", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBotVersion.html" - }, - "DeleteIntent": { - "privilege": "DeleteIntent", - "description": "Grants permission to delete an existing intent in a bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteIntent.html" - }, - "DeleteIntentVersion": { - "privilege": "DeleteIntentVersion", - "description": "Deletes a specific version of an intent", - "access_level": "Write", - "resource_types": { - "intent version": { - "resource_type": "intent version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_DeleteIntentVersion.html" - }, - "DeleteSession": { - "privilege": "DeleteSession", - "description": "Grants permission to delete session information for a bot alias and user ID", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_DeleteSession.html" - }, - "DeleteSlotType": { - "privilege": "DeleteSlotType", - "description": "Grants permission to delete an existing slot type in a bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteSlotType.html" - }, - "DeleteSlotTypeVersion": { - "privilege": "DeleteSlotTypeVersion", - "description": "Deletes a specific version of a slot type", - "access_level": "Write", - "resource_types": { - "slottype version": { - "resource_type": "slottype version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_DeleteSlotTypeVersion.html" - }, - "DeleteUtterances": { - "privilege": "DeleteUtterances", - "description": "Grants permission to delete utterance data for a bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteUtterances.html" - }, - "GetBot": { - "privilege": "GetBot", - "description": "Returns information for a specific bot. In addition to the bot name, the bot version or alias is required", - "access_level": "Read", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot version": { - "resource_type": "bot version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBot.html" - }, - "GetBotAlias": { - "privilege": "GetBotAlias", - "description": "Returns information about a Amazon Lex bot alias", - "access_level": "Read", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotAlias.html" - }, - "GetBotAliases": { - "privilege": "GetBotAliases", - "description": "Returns a list of aliases for a given Amazon Lex bot", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotAliases.html" - }, - "GetBotChannelAssociation": { - "privilege": "GetBotChannelAssociation", - "description": "Returns information about the association between a Amazon Lex bot and a messaging platform", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotChannelAssociation.html" - }, - "GetBotChannelAssociations": { - "privilege": "GetBotChannelAssociations", - "description": "Returns a list of all of the channels associated with a single bot", - "access_level": "List", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotChannelAssociations.html" - }, - "GetBotVersions": { - "privilege": "GetBotVersions", - "description": "Returns information for all versions of a specific bot", - "access_level": "List", - "resource_types": { - "bot version": { - "resource_type": "bot version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotVersions.html" - }, - "GetBots": { - "privilege": "GetBots", - "description": "Returns information for the $LATEST version of all bots, subject to filters provided by the client", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBots.html" - }, - "GetBuiltinIntent": { - "privilege": "GetBuiltinIntent", - "description": "Returns information about a built-in intent", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBuiltinIntent.html" - }, - "GetBuiltinIntents": { - "privilege": "GetBuiltinIntents", - "description": "Gets a list of built-in intents that meet the specified criteria", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBuiltinIntents.html" - }, - "GetBuiltinSlotTypes": { - "privilege": "GetBuiltinSlotTypes", - "description": "Gets a list of built-in slot types that meet the specified criteria", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBuiltinSlotTypes.html" - }, - "GetExport": { - "privilege": "GetExport", - "description": "Exports Amazon Lex Resource in a requested format", - "access_level": "Read", - "resource_types": { - "bot version": { - "resource_type": "bot version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetExport.html" - }, - "GetImport": { - "privilege": "GetImport", - "description": "Gets information about an import job started with StartImport", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetImport.html" - }, - "GetIntent": { - "privilege": "GetIntent", - "description": "Returns information for a specific intent. In addition to the intent name, you must also specify the intent version", - "access_level": "Read", - "resource_types": { - "intent version": { - "resource_type": "intent version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetIntent.html" - }, - "GetIntentVersions": { - "privilege": "GetIntentVersions", - "description": "Returns information for all versions of a specific intent", - "access_level": "List", - "resource_types": { - "intent version": { - "resource_type": "intent version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetIntentVersions.html" - }, - "GetIntents": { - "privilege": "GetIntents", - "description": "Returns information for the $LATEST version of all intents, subject to filters provided by the client", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetIntents.html" - }, - "GetMigration": { - "privilege": "GetMigration", - "description": "Grants permission to view an ongoing or completed migration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetMigration.html" - }, - "GetMigrations": { - "privilege": "GetMigrations", - "description": "Grants permission to view list of migrations from Amazon Lex v1 to Amazon Lex v2", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetMigrations.html" - }, - "GetSession": { - "privilege": "GetSession", - "description": "Grants permission to retrieve session information for a bot alias and user ID", - "access_level": "Read", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_GetSession.html" - }, - "GetSlotType": { - "privilege": "GetSlotType", - "description": "Returns information about a specific version of a slot type. In addition to specifying the slot type name, you must also specify the slot type version", - "access_level": "Read", - "resource_types": { - "slottype version": { - "resource_type": "slottype version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetSlotType.html" - }, - "GetSlotTypeVersions": { - "privilege": "GetSlotTypeVersions", - "description": "Returns information for all versions of a specific slot type", - "access_level": "List", - "resource_types": { - "slottype version": { - "resource_type": "slottype version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetSlotTypeVersions.html" - }, - "GetSlotTypes": { - "privilege": "GetSlotTypes", - "description": "Returns information for the $LATEST version of all slot types, subject to filters provided by the client", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetSlotTypes.html" - }, - "GetUtterancesView": { - "privilege": "GetUtterancesView", - "description": "Returns a view of aggregate utterance data for versions of a bot for a recent time period", - "access_level": "List", - "resource_types": { - "bot version": { - "resource_type": "bot version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetUtterancesView.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tags for a Lex resource", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTagsForResource.html" - }, - "PostContent": { - "privilege": "PostContent", - "description": "Sends user input (text or speech) to Amazon Lex", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot version": { - "resource_type": "bot version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_runtime_PostContent.html" - }, - "PostText": { - "privilege": "PostText", - "description": "Sends user input (text-only) to Amazon Lex", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot version": { - "resource_type": "bot version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_runtime_PostText.html" - }, - "PutBot": { - "privilege": "PutBot", - "description": "Creates or updates the $LATEST version of a Amazon Lex conversational bot", - "access_level": "Write", - "resource_types": { - "bot version": { - "resource_type": "bot version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html" - }, - "PutBotAlias": { - "privilege": "PutBotAlias", - "description": "Creates or updates an alias for the specific bot", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutBotAlias.html" - }, - "PutIntent": { - "privilege": "PutIntent", - "description": "Creates or updates the $LATEST version of an intent", - "access_level": "Write", - "resource_types": { - "intent version": { - "resource_type": "intent version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutIntent.html" - }, - "PutSession": { - "privilege": "PutSession", - "description": "Grants permission to create a new session or modify an existing session for a bot alias and user ID", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_PutSession.html" - }, - "PutSlotType": { - "privilege": "PutSlotType", - "description": "Creates or updates the $LATEST version of a slot type", - "access_level": "Write", - "resource_types": { - "slottype version": { - "resource_type": "slottype version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutSlotType.html" - }, - "StartImport": { - "privilege": "StartImport", - "description": "Grants permission to start a new import with the uploaded import file", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "lex:CreateBot", - "lex:CreateBotLocale", - "lex:CreateCustomVocabulary", - "lex:CreateIntent", - "lex:CreateSlot", - "lex:CreateSlotType", - "lex:CreateTestSet", - "lex:DeleteBotLocale", - "lex:DeleteCustomVocabulary", - "lex:DeleteIntent", - "lex:DeleteSlot", - "lex:DeleteSlotType", - "lex:UpdateBot", - "lex:UpdateBotLocale", - "lex:UpdateCustomVocabulary", - "lex:UpdateIntent", - "lex:UpdateSlot", - "lex:UpdateSlotType", - "lex:UpdateTestSet" - ] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartImport.html" - }, - "StartMigration": { - "privilege": "StartMigration", - "description": "Grants permission to migrate a bot from Amazon Lex v1 to Amazon Lex v2", - "access_level": "Write", - "resource_types": { - "bot version": { - "resource_type": "bot version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_StartMigration.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or overwrite tags of a Lex resource", - "access_level": "Tagging", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a Lex resource", - "access_level": "Tagging", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UntagResource.html" - }, - "BatchCreateCustomVocabularyItem": { - "privilege": "BatchCreateCustomVocabularyItem", - "description": "Grants permission to create new items in an existing custom vocabulary", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BatchCreateCustomVocabularyItem.html" - }, - "BatchDeleteCustomVocabularyItem": { - "privilege": "BatchDeleteCustomVocabularyItem", - "description": "Grants permission to delete existing items in an existing custom vocabulary", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BatchDeleteCustomVocabularyItem.html" - }, - "BatchUpdateCustomVocabularyItem": { - "privilege": "BatchUpdateCustomVocabularyItem", - "description": "Grants permission to update existing items in an existing custom vocabulary", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BatchUpdateCustomVocabularyItem.html" - }, - "BuildBotLocale": { - "privilege": "BuildBotLocale", - "description": "Grants permission to build an existing bot locale in a bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BuildBotLocale.html" - }, - "CreateBot": { - "privilege": "CreateBot", - "description": "Grants permission to create a new bot and a test bot alias pointing to the DRAFT bot version", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBot.html" - }, - "CreateBotAlias": { - "privilege": "CreateBotAlias", - "description": "Grants permission to create a new bot alias in a bot", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBotAlias.html" - }, - "CreateBotChannel": { - "privilege": "CreateBotChannel", - "description": "Grants permission to create a bot channel in an existing bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" - }, - "CreateBotLocale": { - "privilege": "CreateBotLocale", - "description": "Grants permission to create a new bot locale in an existing bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBotLocale.html" - }, - "CreateCustomVocabulary": { - "privilege": "CreateCustomVocabulary", - "description": "Grants permission to create a new custom vocabulary in an existing bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/vocab.html" - }, - "CreateExport": { - "privilege": "CreateExport", - "description": "Grants permission to create an export for an existing resource", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateExport.html" - }, - "CreateIntent": { - "privilege": "CreateIntent", - "description": "Grants permission to create a new intent in an existing bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateIntent.html" - }, - "CreateResourcePolicy": { - "privilege": "CreateResourcePolicy", - "description": "Grants permission to create a new resource policy for a Lex resource", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateResourcePolicy.html" - }, - "CreateSlot": { - "privilege": "CreateSlot", - "description": "Grants permission to create a new slot in an intent", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateSlot.html" - }, - "CreateSlotType": { - "privilege": "CreateSlotType", - "description": "Grants permission to create a new slot type in an existing bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateSlotType.html" - }, - "CreateTestSet": { - "privilege": "CreateTestSet", - "description": "Grants permission to import a new test-set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/create-test-set-from-CSV.html" - }, - "CreateTestSetDiscrepancyReport": { - "privilege": "CreateTestSetDiscrepancyReport", - "description": "Grants permission to create a test set discrepancy report", - "access_level": "Write", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateTestSetDiscrepancyReport.html" - }, - "CreateUploadUrl": { - "privilege": "CreateUploadUrl", - "description": "Grants permission to create an upload url for import file", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateUploadUrl.html" - }, - "DeleteBotChannel": { - "privilege": "DeleteBotChannel", - "description": "Grants permission to delete an existing bot channel", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" - }, - "DeleteBotLocale": { - "privilege": "DeleteBotLocale", - "description": "Grants permission to delete an existing bot locale in a bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "lex:DeleteIntent", - "lex:DeleteSlot", - "lex:DeleteSlotType" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBotLocale.html" - }, - "DeleteCustomVocabulary": { - "privilege": "DeleteCustomVocabulary", - "description": "Grants permission to delete an existing custom vocabulary in a bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteCustomVocabulary.html" - }, - "DeleteExport": { - "privilege": "DeleteExport", - "description": "Grants permission to delete an existing export", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteExport.html" - }, - "DeleteImport": { - "privilege": "DeleteImport", - "description": "Grants permission to delete an existing import", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteImport.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete an existing resource policy for a Lex resource", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteSlot": { - "privilege": "DeleteSlot", - "description": "Grants permission to delete an existing slot in an intent", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteSlot.html" - }, - "DeleteTestSet": { - "privilege": "DeleteTestSet", - "description": "Grants permission to delete an existing test set", - "access_level": "Write", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteTestSet.html" - }, - "DescribeBot": { - "privilege": "DescribeBot", - "description": "Grants permission to retrieve an existing bot", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBot.html" - }, - "DescribeBotAlias": { - "privilege": "DescribeBotAlias", - "description": "Grants permission to retrieve an existing bot alias", - "access_level": "Read", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotAlias.html" - }, - "DescribeBotChannel": { - "privilege": "DescribeBotChannel", - "description": "Grants permission to retrieve an existing bot channel", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" - }, - "DescribeBotLocale": { - "privilege": "DescribeBotLocale", - "description": "Grants permission to retrieve an existing bot locale", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotLocale.html" - }, - "DescribeBotRecommendation": { - "privilege": "DescribeBotRecommendation", - "description": "Grants permission to retrieve metadata information about a bot recommendation", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotRecommendation.html" - }, - "DescribeBotVersion": { - "privilege": "DescribeBotVersion", - "description": "Grants permission to retrieve an existing bot version", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotVersion.html" - }, - "DescribeCustomVocabulary": { - "privilege": "DescribeCustomVocabulary", - "description": "Grants permission to retrieve an existing custom vocabulary", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/vocab.html" - }, - "DescribeCustomVocabularyMetadata": { - "privilege": "DescribeCustomVocabularyMetadata", - "description": "Grants permission to retrieve metadata of an existing custom vocabulary", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeCustomVocabularyMetadata.html" - }, - "DescribeExport": { - "privilege": "DescribeExport", - "description": "Grants permission to retrieve an existing export", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "lex:DescribeBot", - "lex:DescribeBotLocale", - "lex:DescribeIntent", - "lex:DescribeSlot", - "lex:DescribeSlotType", - "lex:ListBotLocales", - "lex:ListIntents", - "lex:ListSlotTypes", - "lex:ListSlots" - ] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeExport.html" - }, - "DescribeImport": { - "privilege": "DescribeImport", - "description": "Grants permission to retrieve an existing import", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeImport.html" - }, - "DescribeIntent": { - "privilege": "DescribeIntent", - "description": "Grants permission to retrieve an existing intent", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeIntent.html" - }, - "DescribeResourcePolicy": { - "privilege": "DescribeResourcePolicy", - "description": "Grants permission to retrieve an existing resource policy for a Lex resource", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeResourcePolicy.html" - }, - "DescribeSlot": { - "privilege": "DescribeSlot", - "description": "Grants permission to retrieve an existing slot", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeSlot.html" - }, - "DescribeSlotType": { - "privilege": "DescribeSlotType", - "description": "Grants permission to retrieve an existing slot type", - "access_level": "Read", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeSlotType.html" - }, - "DescribeTestExecution": { - "privilege": "DescribeTestExecution", - "description": "Grants permission to retrieve test execution metadata", - "access_level": "Read", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestExecution.html" - }, - "DescribeTestSet": { - "privilege": "DescribeTestSet", - "description": "Grants permission to retrieve an existing test set", - "access_level": "Read", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestSet.html" - }, - "DescribeTestSetDiscrepancyReport": { - "privilege": "DescribeTestSetDiscrepancyReport", - "description": "Grants permission to retrieve test set discrepancy report metadata", - "access_level": "Read", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestSetDiscrepancyReport.html" - }, - "DescribeTestSetGeneration": { - "privilege": "DescribeTestSetGeneration", - "description": "Grants permission to retrieve test set generation metadata", - "access_level": "Read", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestSetGeneration.html" - }, - "GetTestExecutionArtifactsUrl": { - "privilege": "GetTestExecutionArtifactsUrl", - "description": "Grants permission to retrieve artifacts URL for a test execution", - "access_level": "Read", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_GetTestExecutionArtifactsUrl.html" - }, - "ListAggregatedUtterances": { - "privilege": "ListAggregatedUtterances", - "description": "Grants permission to list utterances and statistics for a bot", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListAggregatedUtterances.html" - }, - "ListBotAliases": { - "privilege": "ListBotAliases", - "description": "Grants permission to list bot aliases in an bot", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotAliases.html" - }, - "ListBotChannels": { - "privilege": "ListBotChannels", - "description": "Grants permission to list bot channels", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" - }, - "ListBotLocales": { - "privilege": "ListBotLocales", - "description": "Grants permission to list bot locales in a bot", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotLocales.html" - }, - "ListBotRecommendations": { - "privilege": "ListBotRecommendations", - "description": "Grants permission to get a list of bot recommendations that meet the specified criteria", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotRecommendations.html" - }, - "ListBotVersions": { - "privilege": "ListBotVersions", - "description": "Grants permission to list existing bot versions", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotVersions.html" - }, - "ListBots": { - "privilege": "ListBots", - "description": "Grants permission to list existing bots", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBots.html" - }, - "ListBuiltInIntents": { - "privilege": "ListBuiltInIntents", - "description": "Grants permission to list built-in intents", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBuiltInIntents.html" - }, - "ListBuiltInSlotTypes": { - "privilege": "ListBuiltInSlotTypes", - "description": "Grants permission to list built-in slot types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBuiltInSlotTypes.html" - }, - "ListCustomVocabularyItems": { - "privilege": "ListCustomVocabularyItems", - "description": "Grants permission to list items of an existing custom vocabulary", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListCustomVocabularyItems.html" - }, - "ListExports": { - "privilege": "ListExports", - "description": "Grants permission to list existing exports", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListExports.html" - }, - "ListImports": { - "privilege": "ListImports", - "description": "Grants permission to list existing imports", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListImports.html" - }, - "ListIntents": { - "privilege": "ListIntents", - "description": "Grants permission to list intents in a bot", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListIntents.html" - }, - "ListRecommendedIntents": { - "privilege": "ListRecommendedIntents", - "description": "Grants permission to get a list of recommended intents provided by the bot recommendation", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListRecommendedIntents.html" - }, - "ListSlotTypes": { - "privilege": "ListSlotTypes", - "description": "Grants permission to list slot types in a bot", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListSlotTypes.html" - }, - "ListSlots": { - "privilege": "ListSlots", - "description": "Grants permission to list slots in an intent", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListSlots.html" - }, - "ListTestExecutionResultItems": { - "privilege": "ListTestExecutionResultItems", - "description": "Grants permission to retrieve test results data for a test execution", - "access_level": "Read", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "lex:ListTestSetRecords" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestExecutionResultItems.html" - }, - "ListTestExecutions": { - "privilege": "ListTestExecutions", - "description": "Grants permission to list test executions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestExecutions.html" - }, - "ListTestSetRecords": { - "privilege": "ListTestSetRecords", - "description": "Grants permission to retrieve records inside an existing test set", - "access_level": "Read", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestSetRecords.html" - }, - "ListTestSets": { - "privilege": "ListTestSets", - "description": "Grants permission to list test sets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestSets.html" - }, - "RecognizeText": { - "privilege": "RecognizeText", - "description": "Grants permission to send user input (text-only) to an bot alias", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_RecognizeText.html" - }, - "RecognizeUtterance": { - "privilege": "RecognizeUtterance", - "description": "Grants permission to send user input (text or speech) to an bot alias", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_RecognizeUtterance.html" - }, - "SearchAssociatedTranscripts": { - "privilege": "SearchAssociatedTranscripts", - "description": "Grants permission to search for associated transcripts that meet the specified criteria", - "access_level": "List", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_SearchAssociatedTranscripts.html" - }, - "StartBotRecommendation": { - "privilege": "StartBotRecommendation", - "description": "Grants permission to start a bot recommendation for an existing bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartBotRecommendation.html" - }, - "StartConversation": { - "privilege": "StartConversation", - "description": "Grants permission to stream user input (speech/text/DTMF) to a bot alias", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_StartConversation.html" - }, - "StartTestExecution": { - "privilege": "StartTestExecution", - "description": "Grants permission to start a test execution using a test set", - "access_level": "Write", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartTestExecution.html" - }, - "StartTestSetGeneration": { - "privilege": "StartTestSetGeneration", - "description": "Grants permission to generate a test set", - "access_level": "Write", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartTestSetGeneration.html" - }, - "StopBotRecommendation": { - "privilege": "StopBotRecommendation", - "description": "Grants permission to stop a bot recommendation for an existing bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StopBotRecommendation.html" - }, - "UpdateBot": { - "privilege": "UpdateBot", - "description": "Grants permission to update an existing bot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBot.html" - }, - "UpdateBotAlias": { - "privilege": "UpdateBotAlias", - "description": "Grants permission to update an existing bot alias", - "access_level": "Write", - "resource_types": { - "bot alias": { - "resource_type": "bot alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBotAlias.html" - }, - "UpdateBotLocale": { - "privilege": "UpdateBotLocale", - "description": "Grants permission to update an existing bot locale", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBotLocale.html" - }, - "UpdateBotRecommendation": { - "privilege": "UpdateBotRecommendation", - "description": "Grants permission to update an existing bot recommendation request", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBotRecommendation.html" - }, - "UpdateCustomVocabulary": { - "privilege": "UpdateCustomVocabulary", - "description": "Grants permission to update an existing custom vocabulary", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/vocab.html" - }, - "UpdateExport": { - "privilege": "UpdateExport", - "description": "Grants permission to update an existing export", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateExport.html" - }, - "UpdateIntent": { - "privilege": "UpdateIntent", - "description": "Grants permission to update an existing intent", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateIntent.html" - }, - "UpdateResourcePolicy": { - "privilege": "UpdateResourcePolicy", - "description": "Grants permission to update an existing resource policy for a Lex resource", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "bot alias": { - "resource_type": "bot alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateResourcePolicy.html" - }, - "UpdateSlot": { - "privilege": "UpdateSlot", - "description": "Grants permission to update an existing slot", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateSlot.html" - }, - "UpdateSlotType": { - "privilege": "UpdateSlotType", - "description": "Grants permission to update an existing slot type", - "access_level": "Write", - "resource_types": { - "bot": { - "resource_type": "bot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateSlotType.html" - }, - "UpdateTestSet": { - "privilege": "UpdateTestSet", - "description": "Grants permission to update an existing test set", - "access_level": "Write", - "resource_types": { - "test set": { - "resource_type": "test set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateTestSet.html" - } - }, - "resources": { - "bot": { - "resource": "bot", - "arn": "arn:${Partition}:lex:${Region}:${Account}:bot/${BotId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "bot version": { - "resource": "bot version", - "arn": "arn:${Partition}:lex:${Region}:${Account}:bot:${BotName}:${BotVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "bot alias": { - "resource": "bot alias", - "arn": "arn:${Partition}:lex:${Region}:${Account}:bot-alias/${BotId}/${BotAliasId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:lex:${Region}:${Account}:bot-channel:${BotName}:${BotAlias}:${ChannelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "intent version": { - "resource": "intent version", - "arn": "arn:${Partition}:lex:${Region}:${Account}:intent:${IntentName}:${IntentVersion}", - "condition_keys": [] - }, - "slottype version": { - "resource": "slottype version", - "arn": "arn:${Partition}:lex:${Region}:${Account}:slottype:${SlotName}:${SlotVersion}", - "condition_keys": [] - }, - "test set": { - "resource": "test set", - "arn": "arn:${Partition}:lex:${Region}:${Account}:test-set/${TestSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags attached to a Lex resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the set of tag keys in the request", - "type": "ArrayOfString" - }, - "lex:associatedIntents": { - "condition": "lex:associatedIntents", - "description": "Enables you to control access based on the intents included in the request", - "type": "ArrayOfString" - }, - "lex:associatedSlotTypes": { - "condition": "lex:associatedSlotTypes", - "description": "Enables you to control access based on the slot types included in the request", - "type": "ArrayOfString" - }, - "lex:channelType": { - "condition": "lex:channelType", - "description": "Enables you to control access based on the channel type included in the request", - "type": "String" - } - } - }, - "lightsail": { - "service_name": "Amazon Lightsail", - "prefix": "lightsail", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlightsail.html", - "privileges": { - "AllocateStaticIp": { - "privilege": "AllocateStaticIp", - "description": "Grants permission to create a static IP address that can be attached to an instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AllocateStaticIp.html" - }, - "AttachCertificateToDistribution": { - "privilege": "AttachCertificateToDistribution", - "description": "Grants permission to attach an SSL/TLS certificate to your Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Write", - "resource_types": { - "Certificate": { - "resource_type": "Certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Distribution": { - "resource_type": "Distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachCertificateToDistribution.html" - }, - "AttachDisk": { - "privilege": "AttachDisk", - "description": "Grants permission to attach a disk to an instance", - "access_level": "Write", - "resource_types": { - "Disk": { - "resource_type": "Disk", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachDisk.html" - }, - "AttachInstancesToLoadBalancer": { - "privilege": "AttachInstancesToLoadBalancer", - "description": "Grants permission to attach one or more instances to a load balancer", - "access_level": "Write", - "resource_types": { - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachInstancesToLoadBalancer.html" - }, - "AttachLoadBalancerTlsCertificate": { - "privilege": "AttachLoadBalancerTlsCertificate", - "description": "Grants permission to attach a TLS certificate to a load balancer", - "access_level": "Write", - "resource_types": { - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachLoadBalancerTlsCertificate.html" - }, - "AttachStaticIp": { - "privilege": "AttachStaticIp", - "description": "Grants permission to attach a static IP address to an instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "StaticIp": { - "resource_type": "StaticIp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachStaticIp.html" - }, - "CloseInstancePublicPorts": { - "privilege": "CloseInstancePublicPorts", - "description": "Grants permission to close a public port of an instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CloseInstancePublicPorts.html" - }, - "CopySnapshot": { - "privilege": "CopySnapshot", - "description": "Grants permission to copy a snapshot from one AWS Region to another in Amazon Lightsail", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CopySnapshot.html" - }, - "CreateBucket": { - "privilege": "CreateBucket", - "description": "Grants permission to create an Amazon Lightsail bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateBucket.html" - }, - "CreateBucketAccessKey": { - "privilege": "CreateBucketAccessKey", - "description": "Grants permission to create a new access key for the specified bucket", - "access_level": "Write", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateBucketAccessKey.html" - }, - "CreateCertificate": { - "privilege": "CreateCertificate", - "description": "Grants permission to create an SSL/TLS certificate", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "lightsail:CreateDomainEntry", - "lightsail:GetDomains" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateCertificate.html" - }, - "CreateCloudFormationStack": { - "privilege": "CreateCloudFormationStack", - "description": "Grants permission to create a new Amazon EC2 instance from an exported Amazon Lightsail snapshot", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateCloudFormationStack.html" - }, - "CreateContactMethod": { - "privilege": "CreateContactMethod", - "description": "Grants permission to create an email or SMS text message contact method", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContactMethod.html" - }, - "CreateContainerService": { - "privilege": "CreateContainerService", - "description": "Grants permission to create an Amazon Lightsail container service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContainerService.html" - }, - "CreateContainerServiceDeployment": { - "privilege": "CreateContainerServiceDeployment", - "description": "Grants permission to create a deployment for your Amazon Lightsail container service", - "access_level": "Write", - "resource_types": { - "ContainerService": { - "resource_type": "ContainerService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContainerServiceDeployment.html" - }, - "CreateContainerServiceRegistryLogin": { - "privilege": "CreateContainerServiceRegistryLogin", - "description": "Grants permission to create a temporary set of log in credentials that you can use to log in to the Docker process on your local machine", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContainerServiceRegistryLogin.html" - }, - "CreateDisk": { - "privilege": "CreateDisk", - "description": "Grants permission to create a disk", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDisk.html" - }, - "CreateDiskFromSnapshot": { - "privilege": "CreateDiskFromSnapshot", - "description": "Grants permission to create a disk from snapshot", - "access_level": "Write", - "resource_types": { - "DiskSnapshot": { - "resource_type": "DiskSnapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDiskFromSnapshot.html" - }, - "CreateDiskSnapshot": { - "privilege": "CreateDiskSnapshot", - "description": "Grants permission to create a disk snapshot", - "access_level": "Write", - "resource_types": { - "Disk": { - "resource_type": "Disk", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDiskSnapshot.html" - }, - "CreateDistribution": { - "privilege": "CreateDistribution", - "description": "Grants permission to create an Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDistribution.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Grants permission to create a domain resource for the specified domain name", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "route53:DeleteHostedZone", - "route53:GetHostedZone", - "route53:ListHostedZonesByName", - "route53domains:GetDomainDetail", - "route53domains:GetOperationDetail", - "route53domains:ListDomains", - "route53domains:ListOperations", - "route53domains:UpdateDomainNameservers" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDomain.html" - }, - "CreateDomainEntry": { - "privilege": "CreateDomainEntry", - "description": "Grants permission to create one or more DNS record entries for a domain resource: Address (A), canonical name (CNAME), mail exchanger (MX), name server (NS), start of authority (SOA), service locator (SRV), or text (TXT)", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDomainEntry.html" - }, - "CreateGUISessionAccessDetails": { - "privilege": "CreateGUISessionAccessDetails", - "description": "Grants permission to create URLs that are used to access an instance's graphical user interface (GUI) session", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateGUISessionAccessDetails.html" - }, - "CreateInstanceSnapshot": { - "privilege": "CreateInstanceSnapshot", - "description": "Grants permission to create an instance snapshot", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateInstanceSnapshot.html" - }, - "CreateInstances": { - "privilege": "CreateInstances", - "description": "Grants permission to create one or more instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateInstances.html" - }, - "CreateInstancesFromSnapshot": { - "privilege": "CreateInstancesFromSnapshot", - "description": "Grants permission to create one or more instances based on an instance snapshot", - "access_level": "Write", - "resource_types": { - "InstanceSnapshot": { - "resource_type": "InstanceSnapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateInstancesFromSnapshot.html" - }, - "CreateKeyPair": { - "privilege": "CreateKeyPair", - "description": "Grants permission to create a key pair used to authenticate and connect to an instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateKeyPair.html" - }, - "CreateLoadBalancer": { - "privilege": "CreateLoadBalancer", - "description": "Grants permission to create a load balancer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "lightsail:CreateDomainEntry", - "lightsail:GetDomains" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateLoadBalancer.html" - }, - "CreateLoadBalancerTlsCertificate": { - "privilege": "CreateLoadBalancerTlsCertificate", - "description": "Grants permission to create a load balancer TLS certificate", - "access_level": "Write", - "resource_types": { - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "lightsail:CreateDomainEntry", - "lightsail:GetDomains" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateLoadBalancerTlsCertificate.html" - }, - "CreateRelationalDatabase": { - "privilege": "CreateRelationalDatabase", - "description": "Grants permission to create a new relational database", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateRelationalDatabase.html" - }, - "CreateRelationalDatabaseFromSnapshot": { - "privilege": "CreateRelationalDatabaseFromSnapshot", - "description": "Grants permission to create a new relational database from a snapshot", - "access_level": "Write", - "resource_types": { - "RelationalDatabaseSnapshot": { - "resource_type": "RelationalDatabaseSnapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateRelationalDatabaseFromSnapshot.html" - }, - "CreateRelationalDatabaseSnapshot": { - "privilege": "CreateRelationalDatabaseSnapshot", - "description": "Grants permission to create a relational database snapshot", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateRelationalDatabaseSnapshot.html" - }, - "DeleteAlarm": { - "privilege": "DeleteAlarm", - "description": "Grants permission to delete an alarm", - "access_level": "Write", - "resource_types": { - "Alarm": { - "resource_type": "Alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteAlarm.html" - }, - "DeleteAutoSnapshot": { - "privilege": "DeleteAutoSnapshot", - "description": "Grants permission to delete an automatic snapshot of an instance or disk", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteAutoSnapshot.html" - }, - "DeleteBucket": { - "privilege": "DeleteBucket", - "description": "Grants permission to delete an Amazon Lightsail bucket", - "access_level": "Write", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteBucket.html" - }, - "DeleteBucketAccessKey": { - "privilege": "DeleteBucketAccessKey", - "description": "Grants permission to delete an access key for the specified Amazon Lightsail bucket", - "access_level": "Write", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteBucketAccessKey.html" - }, - "DeleteCertificate": { - "privilege": "DeleteCertificate", - "description": "Grants permission to delete an SSL/TLS certificate", - "access_level": "Write", - "resource_types": { - "Certificate": { - "resource_type": "Certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteCertificate.html" - }, - "DeleteContactMethod": { - "privilege": "DeleteContactMethod", - "description": "Grants permission to delete a contact method", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteContactMethod.html" - }, - "DeleteContainerImage": { - "privilege": "DeleteContainerImage", - "description": "Grants permission to delete a container image that is registered to your Amazon Lightsail container service", - "access_level": "Write", - "resource_types": { - "ContainerService": { - "resource_type": "ContainerService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteContainerImage.html" - }, - "DeleteContainerService": { - "privilege": "DeleteContainerService", - "description": "Grants permission to delete your Amazon Lightsail container service", - "access_level": "Write", - "resource_types": { - "ContainerService": { - "resource_type": "ContainerService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteContainerService.html" - }, - "DeleteDisk": { - "privilege": "DeleteDisk", - "description": "Grants permission to delete a disk", - "access_level": "Write", - "resource_types": { - "Disk": { - "resource_type": "Disk", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDisk.html" - }, - "DeleteDiskSnapshot": { - "privilege": "DeleteDiskSnapshot", - "description": "Grants permission to delete a disk snapshot", - "access_level": "Write", - "resource_types": { - "DiskSnapshot": { - "resource_type": "DiskSnapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDiskSnapshot.html" - }, - "DeleteDistribution": { - "privilege": "DeleteDistribution", - "description": "Grants permission to delete your Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Write", - "resource_types": { - "Distribution": { - "resource_type": "Distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDistribution.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete a domain resource and all of its DNS records", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDomain.html" - }, - "DeleteDomainEntry": { - "privilege": "DeleteDomainEntry", - "description": "Grants permission to delete a DNS record entry for a domain resource", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDomainEntry.html" - }, - "DeleteInstance": { - "privilege": "DeleteInstance", - "description": "Grants permission to delete an instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteInstance.html" - }, - "DeleteInstanceSnapshot": { - "privilege": "DeleteInstanceSnapshot", - "description": "Grants permission to delete an instance snapshot", - "access_level": "Write", - "resource_types": { - "InstanceSnapshot": { - "resource_type": "InstanceSnapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteInstanceSnapshot.html" - }, - "DeleteKeyPair": { - "privilege": "DeleteKeyPair", - "description": "Grants permission to delete a key pair used to authenticate and connect to an instance", - "access_level": "Write", - "resource_types": { - "KeyPair": { - "resource_type": "KeyPair", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteKeyPair.html" - }, - "DeleteKnownHostKeys": { - "privilege": "DeleteKnownHostKeys", - "description": "Grants permission to delete the known host key or certificate used by the Amazon Lightsail browser-based SSH or RDP clients to authenticate an instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteKnownHostKeys.html" - }, - "DeleteLoadBalancer": { - "privilege": "DeleteLoadBalancer", - "description": "Grants permission to delete a load balancer", - "access_level": "Write", - "resource_types": { - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteLoadBalancer.html" - }, - "DeleteLoadBalancerTlsCertificate": { - "privilege": "DeleteLoadBalancerTlsCertificate", - "description": "Grants permission to delete a load balancer TLS certificate", - "access_level": "Write", - "resource_types": { - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteLoadBalancerTlsCertificate.html" - }, - "DeleteRelationalDatabase": { - "privilege": "DeleteRelationalDatabase", - "description": "Grants permission to delete a relational database", - "access_level": "Write", - "resource_types": { - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteRelationalDatabase.html" - }, - "DeleteRelationalDatabaseSnapshot": { - "privilege": "DeleteRelationalDatabaseSnapshot", - "description": "Grants permission to delete a relational database snapshot", - "access_level": "Write", - "resource_types": { - "RelationalDatabaseSnapshot": { - "resource_type": "RelationalDatabaseSnapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteRelationalDatabaseSnapshot.html" - }, - "DetachCertificateFromDistribution": { - "privilege": "DetachCertificateFromDistribution", - "description": "Grants permission to detach an SSL/TLS certificate from your Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Write", - "resource_types": { - "Distribution": { - "resource_type": "Distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachCertificateFromDistribution.html" - }, - "DetachDisk": { - "privilege": "DetachDisk", - "description": "Grants permission to detach a disk from an instance", - "access_level": "Write", - "resource_types": { - "Disk": { - "resource_type": "Disk", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachDisk.html" - }, - "DetachInstancesFromLoadBalancer": { - "privilege": "DetachInstancesFromLoadBalancer", - "description": "Grants permission to detach one or more instances from a load balancer", - "access_level": "Write", - "resource_types": { - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachInstancesFromLoadBalancer.html" - }, - "DetachStaticIp": { - "privilege": "DetachStaticIp", - "description": "Grants permission to detach a static IP from an instance to which it is attached", - "access_level": "Write", - "resource_types": { - "StaticIp": { - "resource_type": "StaticIp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachStaticIp.html" - }, - "DisableAddOn": { - "privilege": "DisableAddOn", - "description": "Grants permission to disable an add-on for an Amazon Lightsail resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DisableAddOn.html" - }, - "DownloadDefaultKeyPair": { - "privilege": "DownloadDefaultKeyPair", - "description": "Grants permission to download the default key pair used to authenticate and connect to instances in a specific AWS Region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DownloadDefaultKeyPair.html" - }, - "EnableAddOn": { - "privilege": "EnableAddOn", - "description": "Grants permission to enable or modify an add-on for an Amazon Lightsail resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_EnableAddOn.html" - }, - "ExportSnapshot": { - "privilege": "ExportSnapshot", - "description": "Grants permission to export an Amazon Lightsail snapshot to Amazon EC2", - "access_level": "Write", - "resource_types": { - "DiskSnapshot": { - "resource_type": "DiskSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy" - ] - }, - "InstanceSnapshot": { - "resource_type": "InstanceSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ExportSnapshot.html" - }, - "GetActiveNames": { - "privilege": "GetActiveNames", - "description": "Grants permission to get the names of all active (not deleted) resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetActiveNames.html" - }, - "GetAlarms": { - "privilege": "GetAlarms", - "description": "Grants permission to view information about the configured alarms", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetAlarms.html" - }, - "GetAutoSnapshots": { - "privilege": "GetAutoSnapshots", - "description": "Grants permission to view the available automatic snapshots for an instance or disk", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetAutoSnapshots.html" - }, - "GetBlueprints": { - "privilege": "GetBlueprints", - "description": "Grants permission to get a list of instance images, or blueprints. You can use a blueprint to create a new instance already running a specific operating system, as well as a pre-installed application or development stack. The software that runs on your instance depends on the blueprint you define when creating the instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBlueprints.html" - }, - "GetBucketAccessKeys": { - "privilege": "GetBucketAccessKeys", - "description": "Grants permission to get the existing access key IDs for the specified Amazon Lightsail bucket", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBucketAccessKeys.html" - }, - "GetBucketBundles": { - "privilege": "GetBucketBundles", - "description": "Grants permission to get the bundles that can be applied to an Amazon Lightsail bucket", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBucketBundles.html" - }, - "GetBucketMetricData": { - "privilege": "GetBucketMetricData", - "description": "Grants permission to get the data points of a specific metric for an Amazon Lightsail bucket", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBucketMetricData.html" - }, - "GetBuckets": { - "privilege": "GetBuckets", - "description": "Grants permission to get information about one or more Amazon Lightsail buckets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBuckets.html" - }, - "GetBundles": { - "privilege": "GetBundles", - "description": "Grants permission to get a list of instance bundles. You can use a bundle to create a new instance with a set of performance specifications, such as CPU count, disk size, RAM size, and network transfer allowance. The cost of your instance depends on the bundle you define when creating the instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBundles.html" - }, - "GetCertificates": { - "privilege": "GetCertificates", - "description": "Grants permission to view information about one or more Amazon Lightsail SSL/TLS certificates", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetCertificates.html" - }, - "GetCloudFormationStackRecords": { - "privilege": "GetCloudFormationStackRecords", - "description": "Grants permission to get information about all CloudFormation stacks used to create Amazon EC2 resources from exported Amazon Lightsail snapshots", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetCloudFormationStackRecords.html" - }, - "GetContactMethods": { - "privilege": "GetContactMethods", - "description": "Grants permission to view information about the configured contact methods", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContactMethods.html" - }, - "GetContainerAPIMetadata": { - "privilege": "GetContainerAPIMetadata", - "description": "Grants permission to view information about Amazon Lightsail containers, such as the current version of the Lightsail Control (lightsailctl) plugin", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerAPIMetadata.html" - }, - "GetContainerImages": { - "privilege": "GetContainerImages", - "description": "Grants permission to view the container images that are registered to your Amazon Lightsail container service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerImages.html" - }, - "GetContainerLog": { - "privilege": "GetContainerLog", - "description": "Grants permission to view the log events of a container of your Amazon Lightsail container service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerLog.html" - }, - "GetContainerServiceDeployments": { - "privilege": "GetContainerServiceDeployments", - "description": "Grants permission to view the deployments for your Amazon Lightsail container service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServiceDeployments.html" - }, - "GetContainerServiceMetricData": { - "privilege": "GetContainerServiceMetricData", - "description": "Grants permission to view the data points of a specific metric of your Amazon Lightsail container service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServiceMetricData.html" - }, - "GetContainerServicePowers": { - "privilege": "GetContainerServicePowers", - "description": "Grants permission to view the list of powers that can be specified for your Amazon Lightsail container services", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServicePowers.html" - }, - "GetContainerServices": { - "privilege": "GetContainerServices", - "description": "Grants permission to view information about one or more of your Amazon Lightsail container services", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServices.html" - }, - "GetCostEstimate": { - "privilege": "GetCostEstimate", - "description": "Grants permission to get the information about the cost estimate for a specified resource", - "access_level": "Read", - "resource_types": { - "Disk": { - "resource_type": "Disk", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetCostEstimate.html" - }, - "GetDisk": { - "privilege": "GetDisk", - "description": "Grants permission to get information about a disk", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDisk.html" - }, - "GetDiskSnapshot": { - "privilege": "GetDiskSnapshot", - "description": "Grants permission to get information about a disk snapshot", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDiskSnapshot.html" - }, - "GetDiskSnapshots": { - "privilege": "GetDiskSnapshots", - "description": "Grants permission to get information about all disk snapshots", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDiskSnapshots.html" - }, - "GetDisks": { - "privilege": "GetDisks", - "description": "Grants permission to get information about all disks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDisks.html" - }, - "GetDistributionBundles": { - "privilege": "GetDistributionBundles", - "description": "Grants permission to view the list of bundles that can be applied to you Amazon Lightsail content delivery network (CDN) distributions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributionBundles.html" - }, - "GetDistributionLatestCacheReset": { - "privilege": "GetDistributionLatestCacheReset", - "description": "Grants permission to view the timestamp and status of the last cache reset of a specific Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributionLatestCacheReset.html" - }, - "GetDistributionMetricData": { - "privilege": "GetDistributionMetricData", - "description": "Grants permission to view the data points of a specific metric for an Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributionMetricData.html" - }, - "GetDistributions": { - "privilege": "GetDistributions", - "description": "Grants permission to view information about one or more of your Amazon Lightsail content delivery network (CDN) distributions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributions.html" - }, - "GetDomain": { - "privilege": "GetDomain", - "description": "Grants permission to get DNS records for a domain resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDomain.html" - }, - "GetDomains": { - "privilege": "GetDomains", - "description": "Grants permission to get DNS records for all domain resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDomains.html" - }, - "GetExportSnapshotRecords": { - "privilege": "GetExportSnapshotRecords", - "description": "Grants permission to get information about all records of exported Amazon Lightsail snapshots to Amazon EC2", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetExportSnapshotRecords.html" - }, - "GetInstance": { - "privilege": "GetInstance", - "description": "Grants permission to get information about an instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstance.html" - }, - "GetInstanceAccessDetails": { - "privilege": "GetInstanceAccessDetails", - "description": "Grants permission to get temporary keys you can use to authenticate and connect to an instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceAccessDetails.html" - }, - "GetInstanceMetricData": { - "privilege": "GetInstanceMetricData", - "description": "Grants permission to get the data points for the specified metric of an instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceMetricData.html" - }, - "GetInstancePortStates": { - "privilege": "GetInstancePortStates", - "description": "Grants permission to get the port states of an instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstancePortStates.html" - }, - "GetInstanceSnapshot": { - "privilege": "GetInstanceSnapshot", - "description": "Grants permission to get information about an instance snapshot", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceSnapshot.html" - }, - "GetInstanceSnapshots": { - "privilege": "GetInstanceSnapshots", - "description": "Grants permission to get information about all instance snapshots", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceSnapshots.html" - }, - "GetInstanceState": { - "privilege": "GetInstanceState", - "description": "Grants permission to get the state of an instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceState.html" - }, - "GetInstances": { - "privilege": "GetInstances", - "description": "Grants permission to get information about all instances", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstances.html" - }, - "GetKeyPair": { - "privilege": "GetKeyPair", - "description": "Grants permission to get information about a key pair", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetKeyPair.html" - }, - "GetKeyPairs": { - "privilege": "GetKeyPairs", - "description": "Grants permission to get information about all key pairs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetKeyPairs.html" - }, - "GetLoadBalancer": { - "privilege": "GetLoadBalancer", - "description": "Grants permission to get information about a load balancer", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancer.html" - }, - "GetLoadBalancerMetricData": { - "privilege": "GetLoadBalancerMetricData", - "description": "Grants permission to get the data points for the specified metric of a load balancer", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancerMetricData.html" - }, - "GetLoadBalancerTlsCertificates": { - "privilege": "GetLoadBalancerTlsCertificates", - "description": "Grants permission to get information about a load balancer's TLS certificates", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancerTlsCertificates.html" - }, - "GetLoadBalancerTlsPolicies": { - "privilege": "GetLoadBalancerTlsPolicies", - "description": "Grants permission to get a list of TLS security policies that you can apply to Lightsail load balancers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancerTlsPolicies.html" - }, - "GetLoadBalancers": { - "privilege": "GetLoadBalancers", - "description": "Grants permission to get information about load balancers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancers.html" - }, - "GetOperation": { - "privilege": "GetOperation", - "description": "Grants permission to get information about an operation. Operations include events such as when you create an instance, allocate a static IP, attach a static IP, and so on", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetOperation.html" - }, - "GetOperations": { - "privilege": "GetOperations", - "description": "Grants permission to get information about all operations. Operations include events such as when you create an instance, allocate a static IP, attach a static IP, and so on", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetOperations.html" - }, - "GetOperationsForResource": { - "privilege": "GetOperationsForResource", - "description": "Grants permission to get operations for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetOperationsForResource.html" - }, - "GetRegions": { - "privilege": "GetRegions", - "description": "Grants permission to get a list of all valid AWS Regions for Amazon Lightsail", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRegions.html" - }, - "GetRelationalDatabase": { - "privilege": "GetRelationalDatabase", - "description": "Grants permission to get information about a relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabase.html" - }, - "GetRelationalDatabaseBlueprints": { - "privilege": "GetRelationalDatabaseBlueprints", - "description": "Grants permission to get a list of relational database images, or blueprints. You can use a blueprint to create a new database running a specific database engine. The database engine that runs on your database depends on the blueprint you define when creating the relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseBlueprints.html" - }, - "GetRelationalDatabaseBundles": { - "privilege": "GetRelationalDatabaseBundles", - "description": "Grants permission to get a list of relational database bundles. You can use a bundle to create a new database with a set of performance specifications, such as CPU count, disk size, RAM size, network transfer allowance, and standard of high availability. The cost of your database depends on the bundle you define when creating the relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseBundles.html" - }, - "GetRelationalDatabaseEvents": { - "privilege": "GetRelationalDatabaseEvents", - "description": "Grants permission to get events for a relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseEvents.html" - }, - "GetRelationalDatabaseLogEvents": { - "privilege": "GetRelationalDatabaseLogEvents", - "description": "Grants permission to get events for the specified log stream of a relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseLogEvents.html" - }, - "GetRelationalDatabaseLogStreams": { - "privilege": "GetRelationalDatabaseLogStreams", - "description": "Grants permission to get the log streams available for a relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseLogStreams.html" - }, - "GetRelationalDatabaseMasterUserPassword": { - "privilege": "GetRelationalDatabaseMasterUserPassword", - "description": "Grants permission to get the master user password of a relational database", - "access_level": "Permissions management", - "resource_types": { - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseMasterUserPassword.html" - }, - "GetRelationalDatabaseMetricData": { - "privilege": "GetRelationalDatabaseMetricData", - "description": "Grants permission to get the data points for the specified metric of a relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseMetricData.html" - }, - "GetRelationalDatabaseParameters": { - "privilege": "GetRelationalDatabaseParameters", - "description": "Grants permission to get the parameters of a relational database", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseParameters.html" - }, - "GetRelationalDatabaseSnapshot": { - "privilege": "GetRelationalDatabaseSnapshot", - "description": "Grants permission to get information about a relational database snapshot", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseSnapshot.html" - }, - "GetRelationalDatabaseSnapshots": { - "privilege": "GetRelationalDatabaseSnapshots", - "description": "Grants permission to get information about all relational database snapshots", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseSnapshots.html" - }, - "GetRelationalDatabases": { - "privilege": "GetRelationalDatabases", - "description": "Grants permission to get information about all relational databases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabases.html" - }, - "GetStaticIp": { - "privilege": "GetStaticIp", - "description": "Grants permission to get information about a static IP", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetStaticIp.html" - }, - "GetStaticIps": { - "privilege": "GetStaticIps", - "description": "Grants permission to get information about all static IPs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetStaticIps.html" - }, - "ImportKeyPair": { - "privilege": "ImportKeyPair", - "description": "Grants permission to import a public key from a key pair", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ImportKeyPair.html" - }, - "IsVpcPeered": { - "privilege": "IsVpcPeered", - "description": "Grants permission to get a boolean value indicating whether the Amazon Lightsail virtual private cloud (VPC) is peered", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_IsVpcPeered.html" - }, - "OpenInstancePublicPorts": { - "privilege": "OpenInstancePublicPorts", - "description": "Grants permission to add, or open a public port of an instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_OpenInstancePublicPorts.html" - }, - "PeerVpc": { - "privilege": "PeerVpc", - "description": "Grants permission to try to peer the Amazon Lightsail virtual private cloud (VPC) with the default VPC", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PeerVpc.html" - }, - "PutAlarm": { - "privilege": "PutAlarm", - "description": "Grants permission to creates or update an alarm, and associate it with the specified metric", - "access_level": "Write", - "resource_types": { - "Alarm": { - "resource_type": "Alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PutAlarm.html" - }, - "PutInstancePublicPorts": { - "privilege": "PutInstancePublicPorts", - "description": "Grants permission to set the specified open ports for an instance, and closes all ports for every protocol not included in the request", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PutInstancePublicPorts.html" - }, - "RebootInstance": { - "privilege": "RebootInstance", - "description": "Grants permission to reboot an instance that is in a running state", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_RebootInstance.html" - }, - "RebootRelationalDatabase": { - "privilege": "RebootRelationalDatabase", - "description": "Grants permission to reboot a relational database that is in a running state", - "access_level": "Write", - "resource_types": { - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_RebootRelationalDatabase.html" - }, - "RegisterContainerImage": { - "privilege": "RegisterContainerImage", - "description": "Grants permission to register a container image to your Amazon Lightsail container service", - "access_level": "Write", - "resource_types": { - "ContainerService": { - "resource_type": "ContainerService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_RegisterContainerImage.html" - }, - "ReleaseStaticIp": { - "privilege": "ReleaseStaticIp", - "description": "Grants permission to delete a static IP", - "access_level": "Write", - "resource_types": { - "StaticIp": { - "resource_type": "StaticIp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ReleaseStaticIp.html" - }, - "ResetDistributionCache": { - "privilege": "ResetDistributionCache", - "description": "Grants permission to delete currently cached content from your Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Write", - "resource_types": { - "Distribution": { - "resource_type": "Distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ResetDistributionCache.html" - }, - "SendContactMethodVerification": { - "privilege": "SendContactMethodVerification", - "description": "Grants permission to send a verification request to an email contact method to ensure it's owned by the requester", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_SendContactMethodVerification.html" - }, - "SetIpAddressType": { - "privilege": "SetIpAddressType", - "description": "Grants permission to set the IP address type for a Amazon Lightsail resource", - "access_level": "Write", - "resource_types": { - "Distribution": { - "resource_type": "Distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_SetIpAddressType.html" - }, - "SetResourceAccessForBucket": { - "privilege": "SetResourceAccessForBucket", - "description": "Grants permission to set the Amazon Lightsail resources that can access the specified Amazon Lightsail bucket", - "access_level": "Write", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_SetResourceAccessForBucket.html" - }, - "StartGUISession": { - "privilege": "StartGUISession", - "description": "Grants permission to initiate a graphical user interface (GUI) session used to access an instance's operating system or application", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StartGUISession.html" - }, - "StartInstance": { - "privilege": "StartInstance", - "description": "Grants permission to start an instance that is in a stopped state", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StartInstance.html" - }, - "StartRelationalDatabase": { - "privilege": "StartRelationalDatabase", - "description": "Grants permission to start a relational database that is in a stopped state", - "access_level": "Write", - "resource_types": { - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StartRelationalDatabase.html" - }, - "StopGUISession": { - "privilege": "StopGUISession", - "description": "Grants permission to terminate a graphical user interface (GUI) session used to access an instance's operating system or application", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StopGUISession.html" - }, - "StopInstance": { - "privilege": "StopInstance", - "description": "Grants permission to stop an instance that is in a running state", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StopInstance.html" - }, - "StopRelationalDatabase": { - "privilege": "StopRelationalDatabase", - "description": "Grants permission to stop a relational database that is in a running state", - "access_level": "Write", - "resource_types": { - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StopRelationalDatabase.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Certificate": { - "resource_type": "Certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ContainerService": { - "resource_type": "ContainerService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Disk": { - "resource_type": "Disk", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DiskSnapshot": { - "resource_type": "DiskSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Distribution": { - "resource_type": "Distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "InstanceSnapshot": { - "resource_type": "InstanceSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "KeyPair": { - "resource_type": "KeyPair", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RelationalDatabaseSnapshot": { - "resource_type": "RelationalDatabaseSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StaticIp": { - "resource_type": "StaticIp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_TagResource.html" - }, - "TestAlarm": { - "privilege": "TestAlarm", - "description": "Grants permission to test an alarm by displaying a banner on the Amazon Lightsail console or if a notification trigger is configured for the specified alarm, by sending a notification to the notification protocol", - "access_level": "Write", - "resource_types": { - "Alarm": { - "resource_type": "Alarm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_TestAlarm.html" - }, - "UnpeerVpc": { - "privilege": "UnpeerVpc", - "description": "Grants permission to try to unpeer the Amazon Lightsail virtual private cloud (VPC) from the default VPC", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UnpeerVpc.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Certificate": { - "resource_type": "Certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ContainerService": { - "resource_type": "ContainerService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Disk": { - "resource_type": "Disk", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DiskSnapshot": { - "resource_type": "DiskSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Distribution": { - "resource_type": "Distribution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Domain": { - "resource_type": "Domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "InstanceSnapshot": { - "resource_type": "InstanceSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "KeyPair": { - "resource_type": "KeyPair", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RelationalDatabaseSnapshot": { - "resource_type": "RelationalDatabaseSnapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StaticIp": { - "resource_type": "StaticIp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UntagResource.html" - }, - "UpdateBucket": { - "privilege": "UpdateBucket", - "description": "Grants permission to update an existing Amazon Lightsail bucket", - "access_level": "Write", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateBucket.html" - }, - "UpdateBucketBundle": { - "privilege": "UpdateBucketBundle", - "description": "Grants permission to update the bundle, or storage plan, of an existing Amazon Lightsail bucket", - "access_level": "Write", - "resource_types": { - "Bucket": { - "resource_type": "Bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateBucketBundle.html" - }, - "UpdateContainerService": { - "privilege": "UpdateContainerService", - "description": "Grants permission to update the configuration of your Amazon Lightsail container service, such as its power, scale, and public domain names", - "access_level": "Write", - "resource_types": { - "ContainerService": { - "resource_type": "ContainerService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateContainerService.html" - }, - "UpdateDistribution": { - "privilege": "UpdateDistribution", - "description": "Grants permission to update an existing Amazon Lightsail content delivery network (CDN) distribution or its configuration", - "access_level": "Write", - "resource_types": { - "Distribution": { - "resource_type": "Distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateDistribution.html" - }, - "UpdateDistributionBundle": { - "privilege": "UpdateDistributionBundle", - "description": "Grants permission to update the bundle of your Amazon Lightsail content delivery network (CDN) distribution", - "access_level": "Write", - "resource_types": { - "Distribution": { - "resource_type": "Distribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateDistributionBundle.html" - }, - "UpdateDomainEntry": { - "privilege": "UpdateDomainEntry", - "description": "Grants permission to update a domain recordset after it is created", - "access_level": "Write", - "resource_types": { - "Domain": { - "resource_type": "Domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateDomainEntry.html" - }, - "UpdateInstanceMetadataOptions": { - "privilege": "UpdateInstanceMetadataOptions", - "description": "Grants permission to update metadata options for an instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateInstanceMetadataOptions.html" - }, - "UpdateLoadBalancerAttribute": { - "privilege": "UpdateLoadBalancerAttribute", - "description": "Grants permission to update a load balancer attribute, such as the health check path and session stickiness", - "access_level": "Write", - "resource_types": { - "LoadBalancer": { - "resource_type": "LoadBalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachInstancesFromLoadBalancer.html" - }, - "UpdateRelationalDatabase": { - "privilege": "UpdateRelationalDatabase", - "description": "Grants permission to update a relational database", - "access_level": "Write", - "resource_types": { - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateRelationalDatabase.html" - }, - "UpdateRelationalDatabaseParameters": { - "privilege": "UpdateRelationalDatabaseParameters", - "description": "Grants permission to update the parameters of a relational database", - "access_level": "Write", - "resource_types": { - "RelationalDatabase": { - "resource_type": "RelationalDatabase", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateRelationalDatabaseParameters.html" - } - }, - "resources": { - "Domain": { - "resource": "Domain", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Domain/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Instance": { - "resource": "Instance", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Instance/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "InstanceSnapshot": { - "resource": "InstanceSnapshot", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:InstanceSnapshot/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "KeyPair": { - "resource": "KeyPair", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:KeyPair/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "StaticIp": { - "resource": "StaticIp", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:StaticIp/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Disk": { - "resource": "Disk", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Disk/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "DiskSnapshot": { - "resource": "DiskSnapshot", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:DiskSnapshot/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "LoadBalancer": { - "resource": "LoadBalancer", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:LoadBalancer/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "LoadBalancerTlsCertificate": { - "resource": "LoadBalancerTlsCertificate", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:LoadBalancerTlsCertificate/${Id}", - "condition_keys": [] - }, - "ExportSnapshotRecord": { - "resource": "ExportSnapshotRecord", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:ExportSnapshotRecord/${Id}", - "condition_keys": [] - }, - "CloudFormationStackRecord": { - "resource": "CloudFormationStackRecord", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:CloudFormationStackRecord/${Id}", - "condition_keys": [] - }, - "RelationalDatabase": { - "resource": "RelationalDatabase", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:RelationalDatabase/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "RelationalDatabaseSnapshot": { - "resource": "RelationalDatabaseSnapshot", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:RelationalDatabaseSnapshot/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Alarm": { - "resource": "Alarm", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Alarm/${Id}", - "condition_keys": [] - }, - "Certificate": { - "resource": "Certificate", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Certificate/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ContactMethod": { - "resource": "ContactMethod", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:ContactMethod/${Id}", - "condition_keys": [] - }, - "ContainerService": { - "resource": "ContainerService", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:ContainerService/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Distribution": { - "resource": "Distribution", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Distribution/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Bucket": { - "resource": "Bucket", - "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Bucket/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - } - } - }, - "geo": { - "service_name": "Amazon Location", - "prefix": "geo", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlocation.html", - "privileges": { - "AssociateTrackerConsumer": { - "privilege": "AssociateTrackerConsumer", - "description": "Grants permission to create an association between a geofence-collection and a tracker resource", - "access_level": "Write", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_AssociateTrackerConsumer.html" - }, - "BatchDeleteDevicePositionHistory": { - "privilege": "BatchDeleteDevicePositionHistory", - "description": "Grants permission to delete a batch of device position histories from a tracker resource", - "access_level": "Write", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:DeviceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchDeleteDevicePositionHistory.html" - }, - "BatchDeleteGeofence": { - "privilege": "BatchDeleteGeofence", - "description": "Grants permission to delete a batch of geofences from a geofence collection", - "access_level": "Write", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:GeofenceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchDeleteGeofence.html" - }, - "BatchEvaluateGeofences": { - "privilege": "BatchEvaluateGeofences", - "description": "Grants permission to evaluate device positions against the position of geofences in a given geofence collection", - "access_level": "Write", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchEvaluateGeofences.html" - }, - "BatchGetDevicePosition": { - "privilege": "BatchGetDevicePosition", - "description": "Grants permission to send a batch request to retrieve device positions", - "access_level": "Read", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:DeviceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchGetDevicePosition.html" - }, - "BatchPutGeofence": { - "privilege": "BatchPutGeofence", - "description": "Grants permission to send a batch request for adding geofences into a given geofence collection", - "access_level": "Write", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:GeofenceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchPutGeofence.html" - }, - "BatchUpdateDevicePosition": { - "privilege": "BatchUpdateDevicePosition", - "description": "Grants permission to upload a position update for one or more devices to a tracker resource", - "access_level": "Write", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:DeviceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchUpdateDevicePosition.html" - }, - "CalculateRoute": { - "privilege": "CalculateRoute", - "description": "Grants permission to calculate routes using a given route calculator resource", - "access_level": "Read", - "resource_types": { - "route-calculator": { - "resource_type": "route-calculator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CalculateRoute.html" - }, - "CalculateRouteMatrix": { - "privilege": "CalculateRouteMatrix", - "description": "Grants permission to calculate a route matrix using a given route calculator resource", - "access_level": "Read", - "resource_types": { - "route-calculator": { - "resource_type": "route-calculator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CalculateRouteMatrix.html" - }, - "CreateGeofenceCollection": { - "privilege": "CreateGeofenceCollection", - "description": "Grants permission to create a geofence-collection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateGeofenceCollection.html" - }, - "CreateKey": { - "privilege": "CreateKey", - "description": "Grants permission to create an API key resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateKey.html" - }, - "CreateMap": { - "privilege": "CreateMap", - "description": "Grants permission to create a map resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateMap.html" - }, - "CreatePlaceIndex": { - "privilege": "CreatePlaceIndex", - "description": "Grants permission to create a place index resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreatePlaceIndex.html" - }, - "CreateRouteCalculator": { - "privilege": "CreateRouteCalculator", - "description": "Grants permission to create a route calculator resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateRouteCalculator.html" - }, - "CreateTracker": { - "privilege": "CreateTracker", - "description": "Grants permission to create a tracker resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateTracker.html" - }, - "DeleteGeofenceCollection": { - "privilege": "DeleteGeofenceCollection", - "description": "Grants permission to delete a geofence-collection", - "access_level": "Write", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteGeofenceCollection.html" - }, - "DeleteKey": { - "privilege": "DeleteKey", - "description": "Grants permission to delete an API key resource", - "access_level": "Write", - "resource_types": { - "api-key": { - "resource_type": "api-key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteKey.html" - }, - "DeleteMap": { - "privilege": "DeleteMap", - "description": "Grants permission to delete a map resource", - "access_level": "Write", - "resource_types": { - "map": { - "resource_type": "map", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteMap.html" - }, - "DeletePlaceIndex": { - "privilege": "DeletePlaceIndex", - "description": "Grants permission to delete a place index resource", - "access_level": "Write", - "resource_types": { - "place-index": { - "resource_type": "place-index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeletePlaceIndex.html" - }, - "DeleteRouteCalculator": { - "privilege": "DeleteRouteCalculator", - "description": "Grants permission to delete a route calculator resource", - "access_level": "Write", - "resource_types": { - "route-calculator": { - "resource_type": "route-calculator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteRouteCalculator.html" - }, - "DeleteTracker": { - "privilege": "DeleteTracker", - "description": "Grants permission to delete a tracker resource", - "access_level": "Write", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteTracker.html" - }, - "DescribeGeofenceCollection": { - "privilege": "DescribeGeofenceCollection", - "description": "Grants permission to retrieve geofence collection details", - "access_level": "Read", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeGeofenceCollection.html" - }, - "DescribeKey": { - "privilege": "DescribeKey", - "description": "Grants permission to retrieve API key resource details and secret", - "access_level": "Read", - "resource_types": { - "api-key": { - "resource_type": "api-key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeKey.html" - }, - "DescribeMap": { - "privilege": "DescribeMap", - "description": "Grants permission to retrieve map resource details", - "access_level": "Read", - "resource_types": { - "map": { - "resource_type": "map", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeMap.html" - }, - "DescribePlaceIndex": { - "privilege": "DescribePlaceIndex", - "description": "Grants permission to retrieve place-index resource details", - "access_level": "Read", - "resource_types": { - "place-index": { - "resource_type": "place-index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribePlaceIndex.html" - }, - "DescribeRouteCalculator": { - "privilege": "DescribeRouteCalculator", - "description": "Grants permission to retrieve route calculator resource details", - "access_level": "Read", - "resource_types": { - "route-calculator": { - "resource_type": "route-calculator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeRouteCalculator.html" - }, - "DescribeTracker": { - "privilege": "DescribeTracker", - "description": "Grants permission to retrieve a tracker resource details", - "access_level": "Read", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeTracker.html" - }, - "DisassociateTrackerConsumer": { - "privilege": "DisassociateTrackerConsumer", - "description": "Grants permission to remove the association between a tracker resource and a geofence-collection", - "access_level": "Write", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DisassociateTrackerConsumer.html" - }, - "GetDevicePosition": { - "privilege": "GetDevicePosition", - "description": "Grants permission to retrieve the latest device position", - "access_level": "Read", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:DeviceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetDevicePosition.html" - }, - "GetDevicePositionHistory": { - "privilege": "GetDevicePositionHistory", - "description": "Grants permission to retrieve the device position history", - "access_level": "Read", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:DeviceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetDevicePositionHistory.html" - }, - "GetGeofence": { - "privilege": "GetGeofence", - "description": "Grants permission to retrieve the geofence details from a geofence-collection", - "access_level": "Read", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:GeofenceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetGeofence.html" - }, - "GetMapGlyphs": { - "privilege": "GetMapGlyphs", - "description": "Grants permission to retrieve the glyph file for a map resource", - "access_level": "Read", - "resource_types": { - "map": { - "resource_type": "map", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapGlyphs.html" - }, - "GetMapSprites": { - "privilege": "GetMapSprites", - "description": "Grants permission to retrieve the sprite file for a map resource", - "access_level": "Read", - "resource_types": { - "map": { - "resource_type": "map", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapSprites.html" - }, - "GetMapStyleDescriptor": { - "privilege": "GetMapStyleDescriptor", - "description": "Grants permission to retrieve the map style descriptor from a map resource", - "access_level": "Read", - "resource_types": { - "map": { - "resource_type": "map", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapStyleDescriptor.html" - }, - "GetMapTile": { - "privilege": "GetMapTile", - "description": "Grants permission to retrieve the map tile from the map resource", - "access_level": "Read", - "resource_types": { - "map": { - "resource_type": "map", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapTile.html" - }, - "GetPlace": { - "privilege": "GetPlace", - "description": "Grants permission to find a place by its unique ID", - "access_level": "Read", - "resource_types": { - "place-index": { - "resource_type": "place-index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetPlace.html" - }, - "ListDevicePositions": { - "privilege": "ListDevicePositions", - "description": "Grants permission to retrieve a list of devices and their latest positions from the given tracker resource", - "access_level": "Read", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListDevicePositions.html" - }, - "ListGeofenceCollections": { - "privilege": "ListGeofenceCollections", - "description": "Grants permission to lists geofence-collections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListGeofenceCollections.html" - }, - "ListGeofences": { - "privilege": "ListGeofences", - "description": "Grants permission to list geofences stored in a given geofence collection", - "access_level": "Read", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListGeofences.html" - }, - "ListKeys": { - "privilege": "ListKeys", - "description": "Grants permission to list API key resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListKeys.html" - }, - "ListMaps": { - "privilege": "ListMaps", - "description": "Grants permission to list map resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListMaps.html" - }, - "ListPlaceIndexes": { - "privilege": "ListPlaceIndexes", - "description": "Grants permission to return a list of place index resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListPlaceIndexes.html" - }, - "ListRouteCalculators": { - "privilege": "ListRouteCalculators", - "description": "Grants permission to return a list of route calculator resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListRouteCalculators.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags (metadata) which you have assigned to the resource", - "access_level": "Read", - "resource_types": { - "api-key": { - "resource_type": "api-key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "geofence-collection": { - "resource_type": "geofence-collection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "map": { - "resource_type": "map", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "place-index": { - "resource_type": "place-index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route-calculator": { - "resource_type": "route-calculator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "tracker": { - "resource_type": "tracker", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTrackerConsumers": { - "privilege": "ListTrackerConsumers", - "description": "Grants permission to retrieve a list of geofence collections currently associated to the given tracker resource", - "access_level": "Read", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListTrackerConsumers.html" - }, - "ListTrackers": { - "privilege": "ListTrackers", - "description": "Grants permission to return a list of tracker resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListTrackers.html" - }, - "PutGeofence": { - "privilege": "PutGeofence", - "description": "Grants permission to add a new geofence or update an existing geofence to a given geofence-collection", - "access_level": "Write", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "geo:GeofenceIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_PutGeofence.html" - }, - "SearchPlaceIndexForPosition": { - "privilege": "SearchPlaceIndexForPosition", - "description": "Grants permission to reverse geocodes a given coordinate", - "access_level": "Read", - "resource_types": { - "place-index": { - "resource_type": "place-index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_SearchPlaceIndexForPosition.html" - }, - "SearchPlaceIndexForSuggestions": { - "privilege": "SearchPlaceIndexForSuggestions", - "description": "Grants permission to generate suggestions for addresses and points of interest based on partial or misspelled free-form text", - "access_level": "Read", - "resource_types": { - "place-index": { - "resource_type": "place-index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_SearchPlaceIndexForSuggestions.html" - }, - "SearchPlaceIndexForText": { - "privilege": "SearchPlaceIndexForText", - "description": "Grants permission to geocode free-form text, such as an address, name, city or region", - "access_level": "Read", - "resource_types": { - "place-index": { - "resource_type": "place-index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_SearchPlaceIndexForText.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to adds to or modifies the tags of the given resource. Tags are metadata which can be used to manage a resource", - "access_level": "Tagging", - "resource_types": { - "api-key": { - "resource_type": "api-key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "geofence-collection": { - "resource_type": "geofence-collection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "map": { - "resource_type": "map", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "place-index": { - "resource_type": "place-index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route-calculator": { - "resource_type": "route-calculator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "tracker": { - "resource_type": "tracker", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the given tags (metadata) from the resource", - "access_level": "Tagging", - "resource_types": { - "api-key": { - "resource_type": "api-key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "geofence-collection": { - "resource_type": "geofence-collection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "map": { - "resource_type": "map", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "place-index": { - "resource_type": "place-index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route-calculator": { - "resource_type": "route-calculator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "tracker": { - "resource_type": "tracker", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UntagResource.html" - }, - "UpdateGeofenceCollection": { - "privilege": "UpdateGeofenceCollection", - "description": "Grants permission to update a geofence collection", - "access_level": "Write", - "resource_types": { - "geofence-collection": { - "resource_type": "geofence-collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateGeofenceCollection.html" - }, - "UpdateKey": { - "privilege": "UpdateKey", - "description": "Grants permission to update an API key resource", - "access_level": "Write", - "resource_types": { - "api-key": { - "resource_type": "api-key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateKey.html" - }, - "UpdateMap": { - "privilege": "UpdateMap", - "description": "Grants permission to update a map resource", - "access_level": "Write", - "resource_types": { - "map": { - "resource_type": "map", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateMap.html" - }, - "UpdatePlaceIndex": { - "privilege": "UpdatePlaceIndex", - "description": "Grants permission to update a place index resource", - "access_level": "Write", - "resource_types": { - "place-index": { - "resource_type": "place-index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdatePlaceIndex.html" - }, - "UpdateRouteCalculator": { - "privilege": "UpdateRouteCalculator", - "description": "Grants permission to update a route calculator resource", - "access_level": "Write", - "resource_types": { - "route-calculator": { - "resource_type": "route-calculator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateRouteCalculator.html" - }, - "UpdateTracker": { - "privilege": "UpdateTracker", - "description": "Grants permission to update a tracker resource", - "access_level": "Write", - "resource_types": { - "tracker": { - "resource_type": "tracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateTracker.html" - } - }, - "resources": { - "api-key": { - "resource": "api-key", - "arn": "arn:${Partition}:geo:${Region}:${Account}:api-key/${KeyName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "geofence-collection": { - "resource": "geofence-collection", - "arn": "arn:${Partition}:geo:${Region}:${Account}:geofence-collection/${GeofenceCollectionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "geo:GeofenceIds" - ] - }, - "map": { - "resource": "map", - "arn": "arn:${Partition}:geo:${Region}:${Account}:map/${MapName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "place-index": { - "resource": "place-index", - "arn": "arn:${Partition}:geo:${Region}:${Account}:place-index/${IndexName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "route-calculator": { - "resource": "route-calculator", - "arn": "arn:${Partition}:geo:${Region}:${Account}:route-calculator/${CalculatorName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "tracker": { - "resource": "tracker", - "arn": "arn:${Partition}:geo:${Region}:${Account}:tracker/${TrackerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "geo:DeviceIds" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - }, - "geo:DeviceIds": { - "condition": "geo:DeviceIds", - "description": "Filters access by the presence of device ids in the request", - "type": "ArrayOfString" - }, - "geo:GeofenceIds": { - "condition": "geo:GeofenceIds", - "description": "Filters access by the presence of geofence ids in the request", - "type": "ArrayOfString" - } - } - }, - "lookoutequipment": { - "service_name": "Amazon Lookout for Equipment", - "prefix": "lookoutequipment", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlookoutforequipment.html", - "privileges": { - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Grants permission to create a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateDataset.html" - }, - "CreateInferenceScheduler": { - "privilege": "CreateInferenceScheduler", - "description": "Grants permission to create an inference scheduler for a trained model", - "access_level": "Write", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateInferenceScheduler.html" - }, - "CreateLabel": { - "privilege": "CreateLabel", - "description": "Grants permission to create a label", - "access_level": "Write", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateLabel.html" - }, - "CreateLabelGroup": { - "privilege": "CreateLabelGroup", - "description": "Grants permission to create a label group", - "access_level": "Write", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateLabelGroup.html" - }, - "CreateModel": { - "privilege": "CreateModel", - "description": "Grants permission to create a model that is trained on a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateModel.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Grants permission to delete a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteDataset.html" - }, - "DeleteInferenceScheduler": { - "privilege": "DeleteInferenceScheduler", - "description": "Grants permission to delete an inference scheduler", - "access_level": "Write", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteInferenceScheduler.html" - }, - "DeleteLabel": { - "privilege": "DeleteLabel", - "description": "Grants permission to delete a label", - "access_level": "Write", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteLabel.html" - }, - "DeleteLabelGroup": { - "privilege": "DeleteLabelGroup", - "description": "Grants permission to delete a label group", - "access_level": "Write", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteLabelGroup.html" - }, - "DeleteModel": { - "privilege": "DeleteModel", - "description": "Grants permission to delete a model", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteModel.html" - }, - "DescribeDataIngestionJob": { - "privilege": "DescribeDataIngestionJob", - "description": "Grants permission to describe a data ingestion job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeDataIngestionJob" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to describe a dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeDataset.html" - }, - "DescribeInferenceScheduler": { - "privilege": "DescribeInferenceScheduler", - "description": "Grants permission to describe an inference scheduler", - "access_level": "Read", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeInferenceScheduler.html" - }, - "DescribeLabelGroup": { - "privilege": "DescribeLabelGroup", - "description": "Grants permission to describe a label group", - "access_level": "Read", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeLabelGroup.html" - }, - "DescribeModel": { - "privilege": "DescribeModel", - "description": "Grants permission to describe a model", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeModel.html" - }, - "Describelabel": { - "privilege": "Describelabel", - "description": "Grants permission to describe a label", - "access_level": "Read", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeLabel.html" - }, - "ListDataIngestionJobs": { - "privilege": "ListDataIngestionJobs", - "description": "Grants permission to list the data ingestion jobs in your account or for a particular dataset", - "access_level": "List", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListDataIngestionJobs.html" - }, - "ListDatasets": { - "privilege": "ListDatasets", - "description": "Grants permission to list the datasets in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListDatasets.html" - }, - "ListInferenceEvents": { - "privilege": "ListInferenceEvents", - "description": "Grants permission to list the inference events for an inference scheduler", - "access_level": "Read", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListInferenceEvents.html" - }, - "ListInferenceExecutions": { - "privilege": "ListInferenceExecutions", - "description": "Grants permission to list the inference executions for an inference scheduler", - "access_level": "Read", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListInferenceExecutions.html" - }, - "ListInferenceSchedulers": { - "privilege": "ListInferenceSchedulers", - "description": "Grants permission to list the inference schedulers in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListInferenceSchedulers.html" - }, - "ListLabelGroups": { - "privilege": "ListLabelGroups", - "description": "Grants permission to list the label groups in your account", - "access_level": "List", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListLabelGroups.html" - }, - "ListLabels": { - "privilege": "ListLabels", - "description": "Grants permission to list the labels in your account", - "access_level": "List", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListLabels.html" - }, - "ListModels": { - "privilege": "ListModels", - "description": "Grants permission to list the models in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListModels.html" - }, - "ListSensorStatistics": { - "privilege": "ListSensorStatistics", - "description": "Grants permission to list the sensor statistics for a particular dataset or an ingestion job", - "access_level": "List", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListSensorStatistics.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "label-group": { - "resource_type": "label-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListTagsForResource.html" - }, - "StartDataIngestionJob": { - "privilege": "StartDataIngestionJob", - "description": "Grants permission to start a data ingestion job for a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_StartDataIngestionJob.html" - }, - "StartInferenceScheduler": { - "privilege": "StartInferenceScheduler", - "description": "Grants permission to start an inference scheduler", - "access_level": "Write", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_StartInferenceScheduler.html" - }, - "StopInferenceScheduler": { - "privilege": "StopInferenceScheduler", - "description": "Grants permission to stop an inference scheduler", - "access_level": "Write", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_StopInferenceScheduler.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "label-group": { - "resource_type": "label-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "label-group": { - "resource_type": "label-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_UntagResource.html" - }, - "UpdateInferenceScheduler": { - "privilege": "UpdateInferenceScheduler", - "description": "Grants permission to update an inference scheduler", - "access_level": "Write", - "resource_types": { - "inference-scheduler": { - "resource_type": "inference-scheduler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_UpdateInferenceScheduler.html" - }, - "UpdateLabelGroup": { - "privilege": "UpdateLabelGroup", - "description": "Grants permission to update a label group", - "access_level": "Write", - "resource_types": { - "label-group": { - "resource_type": "label-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_UpdateLabelGroup.html" - } - }, - "resources": { - "dataset": { - "resource": "dataset", - "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:dataset/${DatasetName}/${DatasetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "model": { - "resource": "model", - "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:model/${ModelName}/${ModelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "inference-scheduler": { - "resource": "inference-scheduler", - "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:inference-scheduler/${InferenceSchedulerName}/${InferenceSchedulerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "label-group": { - "resource": "label-group", - "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:label-group/${LabelGroupName}/${LabelGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "lookoutmetrics": { - "service_name": "Amazon Lookout for Metrics", - "prefix": "lookoutmetrics", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlookoutformetrics.html", - "privileges": { - "ActivateAnomalyDetector": { - "privilege": "ActivateAnomalyDetector", - "description": "Grants permission to activate an anomaly detector", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ActivateAnomalyDetector.html" - }, - "BackTestAnomalyDetector": { - "privilege": "BackTestAnomalyDetector", - "description": "Grants permission to run a backtest with an anomaly detector", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_BackTestAnomalyDetector.html" - }, - "CreateAlert": { - "privilege": "CreateAlert", - "description": "Grants permission to create an alert for an anomaly detector", - "access_level": "Write", - "resource_types": { - "Alert": { - "resource_type": "Alert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_CreateAlert.html" - }, - "CreateAnomalyDetector": { - "privilege": "CreateAnomalyDetector", - "description": "Grants permission to create an anomaly detector", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_CreateAnomalyDetector.html" - }, - "CreateMetricSet": { - "privilege": "CreateMetricSet", - "description": "Grants permission to create a dataset", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "MetricSet": { - "resource_type": "MetricSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_CreateMetricSet.html" - }, - "DeactivateAnomalyDetector": { - "privilege": "DeactivateAnomalyDetector", - "description": "Grants permission to deactivate an anomaly detector", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DeactivateAnomalyDetector.html" - }, - "DeleteAlert": { - "privilege": "DeleteAlert", - "description": "Grants permission to delete an alert", - "access_level": "Write", - "resource_types": { - "Alert": { - "resource_type": "Alert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DeleteAlert.html" - }, - "DeleteAnomalyDetector": { - "privilege": "DeleteAnomalyDetector", - "description": "Grants permission to delete an anomaly detector", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DeleteAnomalyDetector.html" - }, - "DescribeAlert": { - "privilege": "DescribeAlert", - "description": "Grants permission to get details about an alert", - "access_level": "Read", - "resource_types": { - "Alert": { - "resource_type": "Alert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeAlert.html" - }, - "DescribeAnomalyDetectionExecutions": { - "privilege": "DescribeAnomalyDetectionExecutions", - "description": "Grants permission to get information about an anomaly detection job", - "access_level": "Read", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeAnomalyDetectionExecutions.html" - }, - "DescribeAnomalyDetector": { - "privilege": "DescribeAnomalyDetector", - "description": "Grants permission to get details about an anomaly detector", - "access_level": "Read", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeAnomalyDetector.html" - }, - "DescribeMetricSet": { - "privilege": "DescribeMetricSet", - "description": "Grants permission to get details about a dataset", - "access_level": "Read", - "resource_types": { - "MetricSet": { - "resource_type": "MetricSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeMetricSet.html" - }, - "DetectMetricSetConfig": { - "privilege": "DetectMetricSetConfig", - "description": "Grants permission to detect metric set config from data source", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DetectMetricSetConfig.html" - }, - "GetAnomalyGroup": { - "privilege": "GetAnomalyGroup", - "description": "Grants permission to get details about a group of affected metrics", - "access_level": "Read", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetAnomalyGroup.html" - }, - "GetDataQualityMetrics": { - "privilege": "GetDataQualityMetrics", - "description": "Grants permission to get data quality metrics for an anomaly detector", - "access_level": "Read", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetDataQualityMetrics.html" - }, - "GetFeedback": { - "privilege": "GetFeedback", - "description": "Grants permission to get feedback on affected metrics for an anomaly group", - "access_level": "Read", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetFeedback.html" - }, - "GetSampleData": { - "privilege": "GetSampleData", - "description": "Grants permission to get a selection of sample records from an Amazon S3 datasource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetSampleData.html" - }, - "ListAlerts": { - "privilege": "ListAlerts", - "description": "Grants permission to get a list of alerts for a detector", - "access_level": "List", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAlerts.html" - }, - "ListAnomalyDetectors": { - "privilege": "ListAnomalyDetectors", - "description": "Grants permission to get a list of anomaly detectors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyDetectors.html" - }, - "ListAnomalyGroupRelatedMetrics": { - "privilege": "ListAnomalyGroupRelatedMetrics", - "description": "Grants permission to get a list of related measures in an anomaly group", - "access_level": "List", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyGroupRelatedMetrics.html" - }, - "ListAnomalyGroupSummaries": { - "privilege": "ListAnomalyGroupSummaries", - "description": "Grants permission to get a list of anomaly groups", - "access_level": "List", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyGroupSummaries.html" - }, - "ListAnomalyGroupTimeSeries": { - "privilege": "ListAnomalyGroupTimeSeries", - "description": "Grants permission to get a list of affected metrics for a measure in an anomaly group", - "access_level": "List", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyGroupTimeSeries.html" - }, - "ListMetricSets": { - "privilege": "ListMetricSets", - "description": "Grants permission to get a list of datasets", - "access_level": "List", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListMetricSets.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get a list of tags for a detector, dataset, or alert", - "access_level": "Read", - "resource_types": { - "Alert": { - "resource_type": "Alert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MetricSet": { - "resource_type": "MetricSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListTagsForResource.html" - }, - "PutFeedback": { - "privilege": "PutFeedback", - "description": "Grants permission to add feedback for an affected metric in an anomaly group", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_PutFeedback.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a detector, dataset, or alert", - "access_level": "Tagging", - "resource_types": { - "Alert": { - "resource_type": "Alert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MetricSet": { - "resource_type": "MetricSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a detector, dataset, or alert", - "access_level": "Tagging", - "resource_types": { - "Alert": { - "resource_type": "Alert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MetricSet": { - "resource_type": "MetricSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UntagResource.html" - }, - "UpdateAlert": { - "privilege": "UpdateAlert", - "description": "Grants permission to update an alert for an anomaly detector", - "access_level": "Write", - "resource_types": { - "Alert": { - "resource_type": "Alert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UpdateAlert.html" - }, - "UpdateAnomalyDetector": { - "privilege": "UpdateAnomalyDetector", - "description": "Grants permission to update an anomaly detector", - "access_level": "Write", - "resource_types": { - "AnomalyDetector": { - "resource_type": "AnomalyDetector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UpdateAnomalyDetector.html" - }, - "UpdateMetricSet": { - "privilege": "UpdateMetricSet", - "description": "Grants permission to update a dataset", - "access_level": "Write", - "resource_types": { - "MetricSet": { - "resource_type": "MetricSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UpdateMetricSet.html" - } - }, - "resources": { - "AnomalyDetector": { - "resource": "AnomalyDetector", - "arn": "arn:${Partition}:lookoutmetrics:${Region}:${Account}:AnomalyDetector:${AnomalyDetectorName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "MetricSet": { - "resource": "MetricSet", - "arn": "arn:${Partition}:lookoutmetrics:${Region}:${Account}:MetricSet/${AnomalyDetectorName}/${MetricSetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Alert": { - "resource": "Alert", - "arn": "arn:${Partition}:lookoutmetrics:${Region}:${Account}:Alert:${AlertName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "lookoutvision": { - "service_name": "Amazon Lookout for Vision", - "prefix": "lookoutvision", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlookoutforvision.html", - "privileges": { - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Grants permission to create a dataset manifest", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_CreateDataset.html" - }, - "CreateModel": { - "privilege": "CreateModel", - "description": "Grants permission to create a new anomaly detection model", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_CreateModel.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a new project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_CreateProject.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Grants permission to delete a dataset", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DeleteDataset.html" - }, - "DeleteModel": { - "privilege": "DeleteModel", - "description": "Grants permission to delete a model and all associated assets", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DeleteModel.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to permanently remove a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DeleteProject.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to show detailed information about dataset manifest", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeDataset.html" - }, - "DescribeModel": { - "privilege": "DescribeModel", - "description": "Grants permission to show detailed information about a model", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeModel.html" - }, - "DescribeModelPackagingJob": { - "privilege": "DescribeModelPackagingJob", - "description": "Grants permission to show detailed information about a model packaging job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeModelPackagingJob.html" - }, - "DescribeProject": { - "privilege": "DescribeProject", - "description": "Grants permission to show detailed information about a project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeProject.html" - }, - "DescribeTrialDetection": { - "privilege": "DescribeTrialDetection", - "description": "Grants permission to provides state information about a running anomaly detection job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/developer-guide/trial-detection.html" - }, - "DetectAnomalies": { - "privilege": "DetectAnomalies", - "description": "Grants permission to invoke detection of anomalies", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DetectAnomalies.html" - }, - "ListDatasetEntries": { - "privilege": "ListDatasetEntries", - "description": "Grants permission to list the contents of dataset manifest", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListDatasetEntries.html" - }, - "ListModelPackagingJobs": { - "privilege": "ListModelPackagingJobs", - "description": "Grants permission to list all model packaging jobs associated with a project", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListModelPackagingJobs.html" - }, - "ListModels": { - "privilege": "ListModels", - "description": "Grants permission to list all models associated with a project", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListModels.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list all projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListProjects.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTrialDetections": { - "privilege": "ListTrialDetections", - "description": "Grants permission to list all anomaly detection jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/developer-guide/trial-detection.html" - }, - "StartModel": { - "privilege": "StartModel", - "description": "Grants permission to start anomaly detection model", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_StartModel.html" - }, - "StartModelPackagingJob": { - "privilege": "StartModelPackagingJob", - "description": "Grants permission to start a model packaging job", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_StartModelPackagingJob.html" - }, - "StartTrialDetection": { - "privilege": "StartTrialDetection", - "description": "Grants permission to start bulk detection of anomalies for a set of images stored in an S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/developer-guide/trial-detection.html" - }, - "StopModel": { - "privilege": "StopModel", - "description": "Grants permission to stop anomaly detection model", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_StopModel.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource with given key value pairs", - "access_level": "Tagging", - "resource_types": { - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the tag with the given key from a resource", - "access_level": "Tagging", - "resource_types": { - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_UntagResource.html" - }, - "UpdateDatasetEntries": { - "privilege": "UpdateDatasetEntries", - "description": "Grants permission to update a training or test dataset manifest", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_UpdateDatasetEntries.html" - } - }, - "resources": { - "model": { - "resource": "model", - "arn": "arn:${Partition}:lookoutvision:${Region}:${Account}:model/${ProjectName}/${ModelVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "project": { - "resource": "project", - "arn": "arn:${Partition}:lookoutvision:${Region}:${Account}:project/${ProjectName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "machinelearning": { - "service_name": "Amazon Machine Learning", - "prefix": "machinelearning", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmachinelearning.html", - "privileges": { - "AddTags": { - "privilege": "AddTags", - "description": "Adds one or more tags to an object, up to a limit of 10. Each tag consists of a key and an optional value", - "access_level": "Tagging", - "resource_types": { - "batchprediction": { - "resource_type": "batchprediction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasource": { - "resource_type": "datasource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation": { - "resource_type": "evaluation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mlmodel": { - "resource_type": "mlmodel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_AddTags.html" - }, - "CreateBatchPrediction": { - "privilege": "CreateBatchPrediction", - "description": "Generates predictions for a group of observations", - "access_level": "Write", - "resource_types": { - "batchprediction": { - "resource_type": "batchprediction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateBatchPrediction.html" - }, - "CreateDataSourceFromRDS": { - "privilege": "CreateDataSourceFromRDS", - "description": "Creates a DataSource object from an Amazon RDS", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateDataSourceFromRDS.html" - }, - "CreateDataSourceFromRedshift": { - "privilege": "CreateDataSourceFromRedshift", - "description": "Creates a DataSource from a database hosted on an Amazon Redshift cluster", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateDataSourceFromRedshift.html" - }, - "CreateDataSourceFromS3": { - "privilege": "CreateDataSourceFromS3", - "description": "Creates a DataSource object from S3", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateDataSourceFromS3.html" - }, - "CreateEvaluation": { - "privilege": "CreateEvaluation", - "description": "Creates a new Evaluation of an MLModel", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation": { - "resource_type": "evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateEvaluation.html" - }, - "CreateMLModel": { - "privilege": "CreateMLModel", - "description": "Creates a new MLModel", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateMLModel.html" - }, - "CreateRealtimeEndpoint": { - "privilege": "CreateRealtimeEndpoint", - "description": "Creates a real-time endpoint for the MLModel", - "access_level": "Write", - "resource_types": { - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateRealtimeEndpoint.html" - }, - "DeleteBatchPrediction": { - "privilege": "DeleteBatchPrediction", - "description": "Assigns the DELETED status to a BatchPrediction, rendering it unusable", - "access_level": "Write", - "resource_types": { - "batchprediction": { - "resource_type": "batchprediction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteBatchPrediction.html" - }, - "DeleteDataSource": { - "privilege": "DeleteDataSource", - "description": "Assigns the DELETED status to a DataSource, rendering it unusable", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteDataSource.html" - }, - "DeleteEvaluation": { - "privilege": "DeleteEvaluation", - "description": "Assigns the DELETED status to an Evaluation, rendering it unusable", - "access_level": "Write", - "resource_types": { - "evaluation": { - "resource_type": "evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteEvaluation.html" - }, - "DeleteMLModel": { - "privilege": "DeleteMLModel", - "description": "Assigns the DELETED status to an MLModel, rendering it unusable", - "access_level": "Write", - "resource_types": { - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteMLModel.html" - }, - "DeleteRealtimeEndpoint": { - "privilege": "DeleteRealtimeEndpoint", - "description": "Deletes a real time endpoint of an MLModel", - "access_level": "Write", - "resource_types": { - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteRealtimeEndpoint.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Deletes the specified tags associated with an ML object. After this operation is complete, you can't recover deleted tags", - "access_level": "Tagging", - "resource_types": { - "batchprediction": { - "resource_type": "batchprediction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasource": { - "resource_type": "datasource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation": { - "resource_type": "evaluation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mlmodel": { - "resource_type": "mlmodel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteTags.html" - }, - "DescribeBatchPredictions": { - "privilege": "DescribeBatchPredictions", - "description": "Returns a list of BatchPrediction operations that match the search criteria in the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeBatchPredictions.html" - }, - "DescribeDataSources": { - "privilege": "DescribeDataSources", - "description": "Returns a list of DataSource that match the search criteria in the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeDataSources.html" - }, - "DescribeEvaluations": { - "privilege": "DescribeEvaluations", - "description": "Returns a list of DescribeEvaluations that match the search criteria in the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeEvaluations.html" - }, - "DescribeMLModels": { - "privilege": "DescribeMLModels", - "description": "Returns a list of MLModel that match the search criteria in the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeMLModels.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Describes one or more of the tags for your Amazon ML object", - "access_level": "List", - "resource_types": { - "batchprediction": { - "resource_type": "batchprediction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasource": { - "resource_type": "datasource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation": { - "resource_type": "evaluation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mlmodel": { - "resource_type": "mlmodel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeTags.html" - }, - "GetBatchPrediction": { - "privilege": "GetBatchPrediction", - "description": "Returns a BatchPrediction that includes detailed metadata, status, and data file information", - "access_level": "Read", - "resource_types": { - "batchprediction": { - "resource_type": "batchprediction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetBatchPrediction.html" - }, - "GetDataSource": { - "privilege": "GetDataSource", - "description": "Returns a DataSource that includes metadata and data file information, as well as the current status of the DataSource", - "access_level": "Read", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetDataSource.html" - }, - "GetEvaluation": { - "privilege": "GetEvaluation", - "description": "Returns an Evaluation that includes metadata as well as the current status of the Evaluation", - "access_level": "Read", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetEvaluation.html" - }, - "GetMLModel": { - "privilege": "GetMLModel", - "description": "Returns an MLModel that includes detailed metadata, and data source information as well as the current status of the MLModel", - "access_level": "Read", - "resource_types": { - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetMLModel.html" - }, - "Predict": { - "privilege": "Predict", - "description": "Generates a prediction for the observation using the specified ML Model", - "access_level": "Write", - "resource_types": { - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_Predict.html" - }, - "UpdateBatchPrediction": { - "privilege": "UpdateBatchPrediction", - "description": "Updates the BatchPredictionName of a BatchPrediction", - "access_level": "Write", - "resource_types": { - "batchprediction": { - "resource_type": "batchprediction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateBatchPrediction.html" - }, - "UpdateDataSource": { - "privilege": "UpdateDataSource", - "description": "Updates the DataSourceName of a DataSource", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateDataSource.html" - }, - "UpdateEvaluation": { - "privilege": "UpdateEvaluation", - "description": "Updates the EvaluationName of an Evaluation", - "access_level": "Write", - "resource_types": { - "evaluation": { - "resource_type": "evaluation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateEvaluation.html" - }, - "UpdateMLModel": { - "privilege": "UpdateMLModel", - "description": "Updates the MLModelName and the ScoreThreshold of an MLModel", - "access_level": "Write", - "resource_types": { - "mlmodel": { - "resource_type": "mlmodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateMLModel.html" - } - }, - "resources": { - "batchprediction": { - "resource": "batchprediction", - "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:batchprediction/${BatchPredictionId}", - "condition_keys": [] - }, - "datasource": { - "resource": "datasource", - "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:datasource/${DatasourceId}", - "condition_keys": [] - }, - "evaluation": { - "resource": "evaluation", - "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:evaluation/${EvaluationId}", - "condition_keys": [] - }, - "mlmodel": { - "resource": "mlmodel", - "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:mlmodel/${MlModelId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "macie2": { - "service_name": "Amazon Macie", - "prefix": "macie2", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacie.html", - "privileges": { - "AcceptInvitation": { - "privilege": "AcceptInvitation", - "description": "Grants permission to accept an Amazon Macie membership invitation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-accept.html" - }, - "BatchGetCustomDataIdentifiers": { - "privilege": "BatchGetCustomDataIdentifiers", - "description": "Grants permission to retrieve information about one or more custom data identifiers", - "access_level": "Read", - "resource_types": { - "CustomDataIdentifier": { - "resource_type": "CustomDataIdentifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-get.html" - }, - "CreateAllowList": { - "privilege": "CreateAllowList", - "description": "Grants permission to create and define the settings for an allow list", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html" - }, - "CreateClassificationJob": { - "privilege": "CreateClassificationJob", - "description": "Grants permission to create and define the settings for a sensitive data discovery job", - "access_level": "Write", - "resource_types": { - "ClassificationJob": { - "resource_type": "ClassificationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html" - }, - "CreateCustomDataIdentifier": { - "privilege": "CreateCustomDataIdentifier", - "description": "Grants permission to create and define the settings for a custom data identifier", - "access_level": "Write", - "resource_types": { - "CustomDataIdentifier": { - "resource_type": "CustomDataIdentifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers.html" - }, - "CreateFindingsFilter": { - "privilege": "CreateFindingsFilter", - "description": "Grants permission to create and define the settings for a findings filter", - "access_level": "Write", - "resource_types": { - "FindingsFilter": { - "resource_type": "FindingsFilter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html" - }, - "CreateInvitations": { - "privilege": "CreateInvitations", - "description": "Grants permission to send an Amazon Macie membership invitation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html" - }, - "CreateMember": { - "privilege": "CreateMember", - "description": "Grants permission to associate an account with an Amazon Macie administrator account", - "access_level": "Write", - "resource_types": { - "Member": { - "resource_type": "Member", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members.html" - }, - "CreateSampleFindings": { - "privilege": "CreateSampleFindings", - "description": "Grants permission to create sample findings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-sample.html" - }, - "DeclineInvitations": { - "privilege": "DeclineInvitations", - "description": "Grants permission to decline Amazon Macie membership invitations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-decline.html" - }, - "DeleteAllowList": { - "privilege": "DeleteAllowList", - "description": "Grants permission to delete an allow list", - "access_level": "Write", - "resource_types": { - "AllowList": { - "resource_type": "AllowList", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html" - }, - "DeleteCustomDataIdentifier": { - "privilege": "DeleteCustomDataIdentifier", - "description": "Grants permission to delete a custom data identifier", - "access_level": "Write", - "resource_types": { - "CustomDataIdentifier": { - "resource_type": "CustomDataIdentifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html" - }, - "DeleteFindingsFilter": { - "privilege": "DeleteFindingsFilter", - "description": "Grants permission to delete a findings filter", - "access_level": "Write", - "resource_types": { - "FindingsFilter": { - "resource_type": "FindingsFilter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html" - }, - "DeleteInvitations": { - "privilege": "DeleteInvitations", - "description": "Grants permission to delete Amazon Macie membership invitations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-delete.html" - }, - "DeleteMember": { - "privilege": "DeleteMember", - "description": "Grants permission to delete the association between an Amazon Macie administrator account and an account", - "access_level": "Write", - "resource_types": { - "Member": { - "resource_type": "Member", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html" - }, - "DescribeBuckets": { - "privilege": "DescribeBuckets", - "description": "Grants permission to retrieve statistical data and other information about S3 buckets that Amazon Macie monitors and analyzes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3.html" - }, - "DescribeClassificationJob": { - "privilege": "DescribeClassificationJob", - "description": "Grants permission to retrieve information about the status and settings for a sensitive data discovery job", - "access_level": "Read", - "resource_types": { - "ClassificationJob": { - "resource_type": "ClassificationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html" - }, - "DescribeOrganizationConfiguration": { - "privilege": "DescribeOrganizationConfiguration", - "description": "Grants permission to retrieve information about the Amazon Macie configuration settings for an AWS organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html" - }, - "DisableMacie": { - "privilege": "DisableMacie", - "description": "Grants permission to disable an Amazon Macie account, which also deletes Macie resources for the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" - }, - "DisableOrganizationAdminAccount": { - "privilege": "DisableOrganizationAdminAccount", - "description": "Grants permission to disable an account as the delegated Amazon Macie administrator account for an AWS organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin.html" - }, - "DisassociateFromAdministratorAccount": { - "privilege": "DisassociateFromAdministratorAccount", - "description": "Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/administrator-disassociate.html" - }, - "DisassociateFromMasterAccount": { - "privilege": "DisassociateFromMasterAccount", - "description": "Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/master-disassociate.html" - }, - "DisassociateMember": { - "privilege": "DisassociateMember", - "description": "Grants permission to an Amazon Macie administrator account to disassociate from a Macie member account", - "access_level": "Write", - "resource_types": { - "Member": { - "resource_type": "Member", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members-disassociate-id.html" - }, - "EnableMacie": { - "privilege": "EnableMacie", - "description": "Grants permission to enable and specify the configuration settings for a new Amazon Macie account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" - }, - "EnableOrganizationAdminAccount": { - "privilege": "EnableOrganizationAdminAccount", - "description": "Grants permission to enable an account as the delegated Amazon Macie administrator account for an AWS organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin.html" - }, - "GetAdministratorAccount": { - "privilege": "GetAdministratorAccount", - "description": "Grants permission to retrieve information about the Amazon Macie administrator account for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/administrator.html" - }, - "GetAllowList": { - "privilege": "GetAllowList", - "description": "Grants permission to retrieve the settings and status of an allow list", - "access_level": "Read", - "resource_types": { - "AllowList": { - "resource_type": "AllowList", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html" - }, - "GetAutomatedDiscoveryConfiguration": { - "privilege": "GetAutomatedDiscoveryConfiguration", - "description": "Grants permission to retrieve the configuration settings and status of automated sensitive data discovery for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html" - }, - "GetBucketStatistics": { - "privilege": "GetBucketStatistics", - "description": "Grants permission to retrieve aggregated statistical data for all the S3 buckets that Amazon Macie monitors and analyzes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3-statistics.html" - }, - "GetClassificationExportConfiguration": { - "privilege": "GetClassificationExportConfiguration", - "description": "Grants permission to retrieve the settings for exporting sensitive data discovery results", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html" - }, - "GetClassificationScope": { - "privilege": "GetClassificationScope", - "description": "Grants permission to retrieve the classification scope settings for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html" - }, - "GetCustomDataIdentifier": { - "privilege": "GetCustomDataIdentifier", - "description": "Grants permission to retrieve information about the settings for a custom data identifier", - "access_level": "Read", - "resource_types": { - "CustomDataIdentifier": { - "resource_type": "CustomDataIdentifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html" - }, - "GetFindingStatistics": { - "privilege": "GetFindingStatistics", - "description": "Grants permission to retrieve aggregated statistical data about findings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-statistics.html" - }, - "GetFindings": { - "privilege": "GetFindings", - "description": "Grants permission to retrieve the details of one or more findings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-describe.html" - }, - "GetFindingsFilter": { - "privilege": "GetFindingsFilter", - "description": "Grants permission to retrieve information about the settings for a findings filter", - "access_level": "Read", - "resource_types": { - "FindingsFilter": { - "resource_type": "FindingsFilter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html" - }, - "GetFindingsPublicationConfiguration": { - "privilege": "GetFindingsPublicationConfiguration", - "description": "Grants permission to retrieve the configuration settings for publishing findings to AWS Security Hub", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html" - }, - "GetInvitationsCount": { - "privilege": "GetInvitationsCount", - "description": "Grants permission to retrieve the count of Amazon Macie membership invitations that were received by an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-count.html" - }, - "GetMacieSession": { - "privilege": "GetMacieSession", - "description": "Grants permission to retrieve information about the status and configuration settings for an Amazon Macie account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" - }, - "GetMasterAccount": { - "privilege": "GetMasterAccount", - "description": "Grants permission to retrieve information about the Amazon Macie administrator account for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/master.html" - }, - "GetMember": { - "privilege": "GetMember", - "description": "Grants permission to retrieve information about an account that's associated with an Amazon Macie administrator account", - "access_level": "Read", - "resource_types": { - "Member": { - "resource_type": "Member", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html" - }, - "GetResourceProfile": { - "privilege": "GetResourceProfile", - "description": "Grants permission to retrieve sensitive data discovery statistics and the sensitivity score for an S3 bucket", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html" - }, - "GetRevealConfiguration": { - "privilege": "GetRevealConfiguration", - "description": "Grants permission to retrieve the status and configuration settings for retrieving occurrences of sensitive data reported by findings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html" - }, - "GetSensitiveDataOccurrences": { - "privilege": "GetSensitiveDataOccurrences", - "description": "Grants permission to retrieve occurrences of sensitive data reported by a finding", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal.html" - }, - "GetSensitiveDataOccurrencesAvailability": { - "privilege": "GetSensitiveDataOccurrencesAvailability", - "description": "Grants permission to check whether occurrences of sensitive data can be retrieved for a finding", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal-availability.html" - }, - "GetSensitivityInspectionTemplate": { - "privilege": "GetSensitivityInspectionTemplate", - "description": "Grants permission to retrieve the sensitivity inspection template settings for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html" - }, - "GetUsageStatistics": { - "privilege": "GetUsageStatistics", - "description": "Grants permission to retrieve quotas and aggregated usage data for one or more accounts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/usage-statistics.html" - }, - "GetUsageTotals": { - "privilege": "GetUsageTotals", - "description": "Grants permission to retrieve aggregated usage data for an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/usage.html" - }, - "ListAllowLists": { - "privilege": "ListAllowLists", - "description": "Grants permission to retrieve a subset of information about all the allow lists for an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html" - }, - "ListClassificationJobs": { - "privilege": "ListClassificationJobs", - "description": "Grants permission to retrieve a subset of information about the status and settings for one or more sensitive data discovery jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs-list.html" - }, - "ListClassificationScopes": { - "privilege": "ListClassificationScopes", - "description": "Grants permission to retrieve a subset of information about the classification scope for an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes.html" - }, - "ListCustomDataIdentifiers": { - "privilege": "ListCustomDataIdentifiers", - "description": "Grants permission to retrieve information about all custom data identifiers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-list.html" - }, - "ListFindings": { - "privilege": "ListFindings", - "description": "Grants permission to retrieve a subset of information about one or more findings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings.html" - }, - "ListFindingsFilters": { - "privilege": "ListFindingsFilters", - "description": "Grants permission to retrieve information about all findings filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html" - }, - "ListInvitations": { - "privilege": "ListInvitations", - "description": "Grants permission to retrieve information about all the Amazon Macie membership invitations that were received by an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html" - }, - "ListManagedDataIdentifiers": { - "privilege": "ListManagedDataIdentifiers", - "description": "Grants permission to retrieve information about managed data identifiers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/managed-data-identifiers-list.html" - }, - "ListMembers": { - "privilege": "ListMembers", - "description": "Grants permission to retrieve information about the Amazon Macie member accounts that are associated with a Macie administrator account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members.html" - }, - "ListOrganizationAdminAccounts": { - "privilege": "ListOrganizationAdminAccounts", - "description": "Grants permission to retrieve information about the delegated, Amazon Macie administrator account for an AWS organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin.html" - }, - "ListResourceProfileArtifacts": { - "privilege": "ListResourceProfileArtifacts", - "description": "Grants permission to retrieve information about objects that were selected from an S3 bucket for automated sensitive data discovery", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-artifacts.html" - }, - "ListResourceProfileDetections": { - "privilege": "ListResourceProfileDetections", - "description": "Grants permission to retrieve information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html" - }, - "ListSensitivityInspectionTemplates": { - "privilege": "ListSensitivityInspectionTemplates", - "description": "Grants permission to retrieve a subset of information about the sensitivity inspection template for an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve the tags for an Amazon Macie resource", - "access_level": "Read", - "resource_types": { - "AllowList": { - "resource_type": "AllowList", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ClassificationJob": { - "resource_type": "ClassificationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "CustomDataIdentifier": { - "resource_type": "CustomDataIdentifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FindingsFilter": { - "resource_type": "FindingsFilter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Member": { - "resource_type": "Member", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html" - }, - "PutClassificationExportConfiguration": { - "privilege": "PutClassificationExportConfiguration", - "description": "Grants permission to create or update the settings for storing sensitive data discovery results", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html" - }, - "PutFindingsPublicationConfiguration": { - "privilege": "PutFindingsPublicationConfiguration", - "description": "Grants permission to update the configuration settings for publishing findings to AWS Security Hub", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html" - }, - "SearchResources": { - "privilege": "SearchResources", - "description": "Grants permission to retrieve statistical data and other information about AWS resources that Amazon Macie monitors and analyzes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/datasources-search-resources.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update the tags for an Amazon Macie resource", - "access_level": "Tagging", - "resource_types": { - "AllowList": { - "resource_type": "AllowList", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ClassificationJob": { - "resource_type": "ClassificationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "CustomDataIdentifier": { - "resource_type": "CustomDataIdentifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FindingsFilter": { - "resource_type": "FindingsFilter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Member": { - "resource_type": "Member", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html" - }, - "TestCustomDataIdentifier": { - "privilege": "TestCustomDataIdentifier", - "description": "Grants permission to test a custom data identifier", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-test.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from an Amazon Macie resource", - "access_level": "Tagging", - "resource_types": { - "AllowList": { - "resource_type": "AllowList", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ClassificationJob": { - "resource_type": "ClassificationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "CustomDataIdentifier": { - "resource_type": "CustomDataIdentifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FindingsFilter": { - "resource_type": "FindingsFilter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Member": { - "resource_type": "Member", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html" - }, - "UpdateAllowList": { - "privilege": "UpdateAllowList", - "description": "Grants permission to update the settings for an allow list", - "access_level": "Write", - "resource_types": { - "AllowList": { - "resource_type": "AllowList", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html" - }, - "UpdateAutomatedDiscoveryConfiguration": { - "privilege": "UpdateAutomatedDiscoveryConfiguration", - "description": "Grants permission to enable or disable automated sensitive data discovery for an account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html" - }, - "UpdateClassificationJob": { - "privilege": "UpdateClassificationJob", - "description": "Grants permission to change the status of a sensitive data discovery job", - "access_level": "Write", - "resource_types": { - "ClassificationJob": { - "resource_type": "ClassificationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html" - }, - "UpdateClassificationScope": { - "privilege": "UpdateClassificationScope", - "description": "Grants permission to update the classification scope settings for an account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html" - }, - "UpdateFindingsFilter": { - "privilege": "UpdateFindingsFilter", - "description": "Grants permission to update the settings for a findings filter", - "access_level": "Write", - "resource_types": { - "FindingsFilter": { - "resource_type": "FindingsFilter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html" - }, - "UpdateMacieSession": { - "privilege": "UpdateMacieSession", - "description": "Grants permission to suspend or re-enable an Amazon Macie account, or update the configuration settings for a Macie account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" - }, - "UpdateMemberSession": { - "privilege": "UpdateMemberSession", - "description": "Grants permission to an Amazon Macie administrator account to suspend or re-enable a Macie member account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie-members-id.html" - }, - "UpdateOrganizationConfiguration": { - "privilege": "UpdateOrganizationConfiguration", - "description": "Grants permission to update Amazon Macie configuration settings for an AWS organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html" - }, - "UpdateResourceProfile": { - "privilege": "UpdateResourceProfile", - "description": "Grants permission to update the sensitivity score for an S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html" - }, - "UpdateResourceProfileDetections": { - "privilege": "UpdateResourceProfileDetections", - "description": "Grants permission to update the sensitivity scoring settings for an S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html" - }, - "UpdateRevealConfiguration": { - "privilege": "UpdateRevealConfiguration", - "description": "Grants permission to update the status and configuration settings for retrieving occurrences of sensitive data reported by findings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html" - }, - "UpdateSensitivityInspectionTemplate": { - "privilege": "UpdateSensitivityInspectionTemplate", - "description": "Grants permission to update the sensitivity inspection template settings for an account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html" - } - }, - "resources": { - "AllowList": { - "resource": "AllowList", - "arn": "arn:${Partition}:macie2:${Region}:${Account}:allow-list/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ClassificationJob": { - "resource": "ClassificationJob", - "arn": "arn:${Partition}:macie2:${Region}:${Account}:classification-job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "CustomDataIdentifier": { - "resource": "CustomDataIdentifier", - "arn": "arn:${Partition}:macie2:${Region}:${Account}:custom-data-identifier/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "FindingsFilter": { - "resource": "FindingsFilter", - "arn": "arn:${Partition}:macie2:${Region}:${Account}:findings-filter/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Member": { - "resource": "Member", - "arn": "arn:${Partition}:macie2:${Region}:${Account}:member/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "macie": { - "service_name": "Amazon Macie Classic", - "prefix": "macie", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacieclassic.html", - "privileges": { - "AssociateMemberAccount": { - "privilege": "AssociateMemberAccount", - "description": "Enables the user to associate a specified AWS account with Amazon Macie as a member account.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_AssociateMemberAccount.html" - }, - "AssociateS3Resources": { - "privilege": "AssociateS3Resources", - "description": "Enables the user to associate specified S3 resources with Amazon Macie for monitoring and data classification.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:SourceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_AssociateS3Resources.html" - }, - "DisassociateMemberAccount": { - "privilege": "DisassociateMemberAccount", - "description": "Enables the user to remove the specified member account from Amazon Macie.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_DisassociateMemberAccount.html" - }, - "DisassociateS3Resources": { - "privilege": "DisassociateS3Resources", - "description": "Enables the user to remove specified S3 resources from being monitored by Amazon Macie.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:SourceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_DisassociateS3Resources.html" - }, - "ListMemberAccounts": { - "privilege": "ListMemberAccounts", - "description": "Enables the user to list all Amazon Macie member accounts for the current Macie master account.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_ListMemberAccounts.html" - }, - "ListS3Resources": { - "privilege": "ListS3Resources", - "description": "Enables the user to list all the S3 resources associated with Amazon Macie.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_ListS3Resources.html" - }, - "UpdateS3Resources": { - "privilege": "UpdateS3Resources", - "description": "Enables the user to update the classification types for the specified S3 resources.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:SourceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_UpdateS3Resources.html" - } - }, - "resources": {}, - "conditions": { - "aws:SourceArn": { - "condition": "aws:SourceArn", - "description": "Allow access to the specified actions only when the request operates on the specified aws resource", - "type": "Arn" - } - } - }, - "managedblockchain": { - "service_name": "Amazon Managed Blockchain", - "prefix": "managedblockchain", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedblockchain.html", - "privileges": { - "CreateAccessor": { - "privilege": "CreateAccessor", - "description": "Grants permission to create an Amazon Managed Blockchain accessor", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateAccessor.html" - }, - "CreateMember": { - "privilege": "CreateMember", - "description": "Grants permission to create a member of an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateMember.html" - }, - "CreateNetwork": { - "privilege": "CreateNetwork", - "description": "Grants permission to create an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateNetwork.html" - }, - "CreateNode": { - "privilege": "CreateNode", - "description": "Grants permission to create a node within a member of an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "member": { - "resource_type": "member", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "network": { - "resource_type": "network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateNode.html" - }, - "CreateProposal": { - "privilege": "CreateProposal", - "description": "Grants permission to create a proposal that other blockchain network members can vote on to add or remove a member in an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateProposal.html" - }, - "DeleteAccessor": { - "privilege": "DeleteAccessor", - "description": "Grants permission to delete an Amazon Managed Blockchain accessor", - "access_level": "Write", - "resource_types": { - "accessor": { - "resource_type": "accessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_DeleteAccessor.html" - }, - "DeleteMember": { - "privilege": "DeleteMember", - "description": "Grants permission to delete a member and all associated resources from an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "member": { - "resource_type": "member", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_DeleteMember.html" - }, - "DeleteNode": { - "privilege": "DeleteNode", - "description": "Grants permission to delete a node from a member of an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "node": { - "resource_type": "node", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_DeleteNode.html" - }, - "GET": { - "privilege": "GET", - "description": "Grants permission to send HTTP GET requests to an Ethereum node", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/security_iam_id-based-policy-examples.html" - }, - "GetAccessor": { - "privilege": "GetAccessor", - "description": "Grants permission to return detailed information about an Amazon Managed Blockchain accessor", - "access_level": "Read", - "resource_types": { - "accessor": { - "resource_type": "accessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetAccessor.html" - }, - "GetMember": { - "privilege": "GetMember", - "description": "Grants permission to return detailed information about a member of an Amazon Managed Blockchain network", - "access_level": "Read", - "resource_types": { - "member": { - "resource_type": "member", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetMember.html" - }, - "GetNetwork": { - "privilege": "GetNetwork", - "description": "Grants permission to return detailed information about an Amazon Managed Blockchain network", - "access_level": "Read", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetNetwork.html" - }, - "GetNode": { - "privilege": "GetNode", - "description": "Grants permission to return detailed information about a node within a member of an Amazon Managed Blockchain network", - "access_level": "Read", - "resource_types": { - "node": { - "resource_type": "node", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetNode.html" - }, - "GetProposal": { - "privilege": "GetProposal", - "description": "Grants permission to return detailed information about a proposal of an Amazon Managed Blockchain network", - "access_level": "Read", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetProposal.html" - }, - "Invoke": { - "privilege": "Invoke", - "description": "Grants permission to create WebSocket connections to an Ethereum node", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/security_iam_id-based-policy-examples.html" - }, - "ListAccessors": { - "privilege": "ListAccessors", - "description": "Grants permission to list the Amazon Managed Blockchain accessors owned by the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListAccessors.html" - }, - "ListInvitations": { - "privilege": "ListInvitations", - "description": "Grants permission to list the invitations extended to the active AWS account from any Managed Blockchain network", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListInvitations.html" - }, - "ListMembers": { - "privilege": "ListMembers", - "description": "Grants permission to list the members of an Amazon Managed Blockchain network and the properties of their memberships", - "access_level": "List", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListMembers.html" - }, - "ListNetworks": { - "privilege": "ListNetworks", - "description": "Grants permission to list the Amazon Managed Blockchain networks in which the current AWS account participates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListNetworks.html" - }, - "ListNodes": { - "privilege": "ListNodes", - "description": "Grants permission to list the nodes within a member of an Amazon Managed Blockchain network", - "access_level": "List", - "resource_types": { - "member": { - "resource_type": "member", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network": { - "resource_type": "network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListNodes.html" - }, - "ListProposalVotes": { - "privilege": "ListProposalVotes", - "description": "Grants permission to list all votes for a proposal, including the value of the vote and the unique identifier of the member that cast the vote for the given Amazon Managed Blockchain network", - "access_level": "Read", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListProposalVotes.html" - }, - "ListProposals": { - "privilege": "ListProposals", - "description": "Grants permission to list proposals for the given Amazon Managed Blockchain network", - "access_level": "List", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListProposals.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to view tags associated with an Amazon Managed Blockchain resource", - "access_level": "Read", - "resource_types": { - "accessor": { - "resource_type": "accessor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "invitation": { - "resource_type": "invitation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "member": { - "resource_type": "member", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network": { - "resource_type": "network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "node": { - "resource_type": "node", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proposal": { - "resource_type": "proposal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListTagsForResource.html" - }, - "POST": { - "privilege": "POST", - "description": "Grants permission to send HTTP POST requests to an Ethereum node", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/security_iam_id-based-policy-examples.html" - }, - "RejectInvitation": { - "privilege": "RejectInvitation", - "description": "Grants permission to reject the invitation to join the blockchain network", - "access_level": "Write", - "resource_types": { - "invitation": { - "resource_type": "invitation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_RejectInvitation.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to an Amazon Managed Blockchain resource", - "access_level": "Tagging", - "resource_types": { - "accessor": { - "resource_type": "accessor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "invitation": { - "resource_type": "invitation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "member": { - "resource_type": "member", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network": { - "resource_type": "network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "node": { - "resource_type": "node", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proposal": { - "resource_type": "proposal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from an Amazon Managed Blockchain resource", - "access_level": "Tagging", - "resource_types": { - "accessor": { - "resource_type": "accessor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "invitation": { - "resource_type": "invitation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "member": { - "resource_type": "member", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network": { - "resource_type": "network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "node": { - "resource_type": "node", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proposal": { - "resource_type": "proposal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_UntagResource.html" - }, - "UpdateMember": { - "privilege": "UpdateMember", - "description": "Grants permission to update a member of an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "member": { - "resource_type": "member", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_UpdateMember.html" - }, - "UpdateNode": { - "privilege": "UpdateNode", - "description": "Grants permission to update a node from a member of an Amazon Managed Blockchain network", - "access_level": "Write", - "resource_types": { - "node": { - "resource_type": "node", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_UpdateNode.html" - }, - "VoteOnProposal": { - "privilege": "VoteOnProposal", - "description": "Grants permission to cast a vote for a proposal on behalf of the blockchain network member specified", - "access_level": "Write", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_VoteOnProposal.html" - } - }, - "resources": { - "network": { - "resource": "network", - "arn": "arn:${Partition}:managedblockchain:${Region}::networks/${NetworkId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "member": { - "resource": "member", - "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:members/${MemberId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "node": { - "resource": "node", - "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:nodes/${NodeId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "proposal": { - "resource": "proposal", - "arn": "arn:${Partition}:managedblockchain:${Region}::proposals/${ProposalId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "invitation": { - "resource": "invitation", - "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:invitations/${InvitationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "accessor": { - "resource": "accessor", - "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:accessors/${AccessorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with an Amazon Managed Blockchain resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "grafana": { - "service_name": "Amazon Managed Grafana", - "prefix": "grafana", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedgrafana.html", - "privileges": { - "AssociateLicense": { - "privilege": "AssociateLicense", - "description": "Grants permission to upgrade a workspace with a license", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "aws-marketplace:ViewSubscriptions" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "CreateWorkspace": { - "privilege": "CreateWorkspace", - "description": "Grants permission to create a workspace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:GetManagedPrefixListEntries", - "iam:CreateServiceLinkedRole", - "organizations:DescribeOrganization", - "sso:CreateManagedApplicationInstance", - "sso:DescribeRegisteredRegions", - "sso:GetSharedSsoConfiguration" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "CreateWorkspaceApiKey": { - "privilege": "CreateWorkspaceApiKey", - "description": "Grants permission to create API keys for a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "DeleteWorkspace": { - "privilege": "DeleteWorkspace", - "description": "Grants permission to delete a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso:DeleteManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "DeleteWorkspaceApiKey": { - "privilege": "DeleteWorkspaceApiKey", - "description": "Grants permission to delete API keys from a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "DescribeWorkspace": { - "privilege": "DescribeWorkspace", - "description": "Grants permission to describe a workspace", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "DescribeWorkspaceAuthentication": { - "privilege": "DescribeWorkspaceAuthentication", - "description": "Grants permission to describe authentication providers on a workspace", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "DescribeWorkspaceConfiguration": { - "privilege": "DescribeWorkspaceConfiguration", - "description": "Grants permission to describe the current configuration string for the given workspace", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_DescribeWorkspaceConfiguration.html" - }, - "DisassociateLicense": { - "privilege": "DisassociateLicense", - "description": "Grants permission to remove a license from a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "ListPermissions": { - "privilege": "ListPermissions", - "description": "Grants permission to list the permissions on a wokspace", - "access_level": "List", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags associated with a workspace", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWorkspaces": { - "privilege": "ListWorkspaces", - "description": "Grants permission to list workspaces", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to, or update tag values of, a workspace", - "access_level": "Tagging", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a workspace", - "access_level": "Tagging", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_UntagResource.html" - }, - "UpdatePermissions": { - "privilege": "UpdatePermissions", - "description": "Grants permission to modify the permissions on a workspace", - "access_level": "Permissions management", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "UpdateWorkspace": { - "privilege": "UpdateWorkspace", - "description": "Grants permission to modify a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:GetManagedPrefixListEntries", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "UpdateWorkspaceAuthentication": { - "privilege": "UpdateWorkspaceAuthentication", - "description": "Grants permission to modify authentication providers on a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" - }, - "UpdateWorkspaceConfiguration": { - "privilege": "UpdateWorkspaceConfiguration", - "description": "Grants permission to update the configuration string for the given workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateWorkspaceConfiguration.html" - } - }, - "resources": { - "workspace": { - "resource": "workspace", - "arn": "arn:${Partition}:grafana:${Region}:${Account}:/workspaces/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "aps": { - "service_name": "Amazon Managed Service for Prometheus", - "prefix": "aps", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedserviceforprometheus.html", - "privileges": { - "CreateAlertManagerAlerts": { - "privilege": "CreateAlertManagerAlerts", - "description": "Grants permission to create alerts", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateAlertManagerAlerts" - }, - "CreateAlertManagerDefinition": { - "privilege": "CreateAlertManagerDefinition", - "description": "Grants permission to create an alert manager definition", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateAlertManagerDefinition" - }, - "CreateLoggingConfiguration": { - "privilege": "CreateLoggingConfiguration", - "description": "Grants permission to create a logging configuration", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateLoggingConfiguration" - }, - "CreateRuleGroupsNamespace": { - "privilege": "CreateRuleGroupsNamespace", - "description": "Grants permission to create a rule groups namespace", - "access_level": "Write", - "resource_types": { - "rulegroupsnamespace": { - "resource_type": "rulegroupsnamespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateRuleGroupsNamespace" - }, - "CreateWorkspace": { - "privilege": "CreateWorkspace", - "description": "Grants permission to create a workspace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateWorkspace" - }, - "DeleteAlertManagerDefinition": { - "privilege": "DeleteAlertManagerDefinition", - "description": "Grants permission to delete an alert manager definition", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteAlertManagerDefinition" - }, - "DeleteAlertManagerSilence": { - "privilege": "DeleteAlertManagerSilence", - "description": "Grants permission to delete a silence", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteAlertManagerSilence" - }, - "DeleteLoggingConfiguration": { - "privilege": "DeleteLoggingConfiguration", - "description": "Grants permission to delete a logging configuration", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteLoggingConfiguration" - }, - "DeleteRuleGroupsNamespace": { - "privilege": "DeleteRuleGroupsNamespace", - "description": "Grants permission to delete a rule groups namespace", - "access_level": "Write", - "resource_types": { - "rulegroupsnamespace": { - "resource_type": "rulegroupsnamespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteRuleGroupsNamespace" - }, - "DeleteWorkspace": { - "privilege": "DeleteWorkspace", - "description": "Grants permission to delete a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteWorkspace" - }, - "DescribeAlertManagerDefinition": { - "privilege": "DescribeAlertManagerDefinition", - "description": "Grants permission to describe an alert manager definition", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeAlertManagerDefinition" - }, - "DescribeLoggingConfiguration": { - "privilege": "DescribeLoggingConfiguration", - "description": "Grants permission to describe a logging configuration", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeLoggingConfiguration" - }, - "DescribeRuleGroupsNamespace": { - "privilege": "DescribeRuleGroupsNamespace", - "description": "Grants permission to describe a rule groups namespace", - "access_level": "Read", - "resource_types": { - "rulegroupsnamespace": { - "resource_type": "rulegroupsnamespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeRuleGroupsNamespace" - }, - "DescribeWorkspace": { - "privilege": "DescribeWorkspace", - "description": "Grants permission to describe a workspace", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeWorkspace" - }, - "GetAlertManagerSilence": { - "privilege": "GetAlertManagerSilence", - "description": "Grants permission to get a silence", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetAlertManagerSilence" - }, - "GetAlertManagerStatus": { - "privilege": "GetAlertManagerStatus", - "description": "Grants permission to get current status of an alertmanager", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetAlertManagerStatus" - }, - "GetLabels": { - "privilege": "GetLabels", - "description": "Grants permission to retrieve AMP workspace labels", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetLabels" - }, - "GetMetricMetadata": { - "privilege": "GetMetricMetadata", - "description": "Grants permission to retrieve the metadata for AMP workspace metrics", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetMetricMetadata" - }, - "GetSeries": { - "privilege": "GetSeries", - "description": "Grants permission to retrieve AMP workspace time series data", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetSeries" - }, - "ListAlertManagerAlertGroups": { - "privilege": "ListAlertManagerAlertGroups", - "description": "Grants permission to list groups", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerAlertGroups" - }, - "ListAlertManagerAlerts": { - "privilege": "ListAlertManagerAlerts", - "description": "Grants permission to list alerts", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerAlerts" - }, - "ListAlertManagerReceivers": { - "privilege": "ListAlertManagerReceivers", - "description": "Grants permission to list receivers", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerReceivers" - }, - "ListAlertManagerSilences": { - "privilege": "ListAlertManagerSilences", - "description": "Grants permission to list silences", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerSilences" - }, - "ListAlerts": { - "privilege": "ListAlerts", - "description": "Grants permission to list active alerts", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlerts" - }, - "ListRuleGroupsNamespaces": { - "privilege": "ListRuleGroupsNamespaces", - "description": "Grants permission to list rule groups namespaces", - "access_level": "List", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListRuleGroupsNamespaces" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to list alerting and recording rules", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListRules" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags on an AMP resource", - "access_level": "Read", - "resource_types": { - "rulegroupsnamespace": { - "resource_type": "rulegroupsnamespace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListTagsForResource" - }, - "ListWorkspaces": { - "privilege": "ListWorkspaces", - "description": "Grants permission to list workspaces", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListWorkspaces" - }, - "PutAlertManagerDefinition": { - "privilege": "PutAlertManagerDefinition", - "description": "Grants permission to update an alert manager definition", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-PutAlertManagerDefinition" - }, - "PutAlertManagerSilences": { - "privilege": "PutAlertManagerSilences", - "description": "Grants permission to create or update a silence", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-PutAlertManagerSilences" - }, - "PutRuleGroupsNamespace": { - "privilege": "PutRuleGroupsNamespace", - "description": "Grants permission to update a rule groups namespace", - "access_level": "Write", - "resource_types": { - "rulegroupsnamespace": { - "resource_type": "rulegroupsnamespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-PutRuleGroupsNamespace" - }, - "QueryMetrics": { - "privilege": "QueryMetrics", - "description": "Grants permission to run a query on AMP workspace metrics", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-QueryMetrics" - }, - "RemoteWrite": { - "privilege": "RemoteWrite", - "description": "Grants permission to perform a remote write operation to initiate the streaming of metrics to AMP workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-RemoteWrite" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AMP resource", - "access_level": "Tagging", - "resource_types": { - "rulegroupsnamespace": { - "resource_type": "rulegroupsnamespace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-TagResource" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an AMP resource", - "access_level": "Tagging", - "resource_types": { - "rulegroupsnamespace": { - "resource_type": "rulegroupsnamespace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-UntagResource" - }, - "UpdateLoggingConfiguration": { - "privilege": "UpdateLoggingConfiguration", - "description": "Grants permission to update a logging configuration", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-UpdateLoggingConfiguration" - }, - "UpdateWorkspaceAlias": { - "privilege": "UpdateWorkspaceAlias", - "description": "Grants permission to modify the alias of existing AMP workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-UpdateWorkspaceAlias" - } - }, - "resources": { - "workspace": { - "resource": "workspace", - "arn": "arn:${Partition}:aps:${Region}:${Account}:workspace/${WorkspaceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - }, - "rulegroupsnamespace": { - "resource": "rulegroupsnamespace", - "arn": "arn:${Partition}:aps:${Region}:${Account}:rulegroupsnamespace/${WorkspaceId}/${Namespace}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "kafka": { - "service_name": "Amazon Managed Streaming for Apache Kafka", - "prefix": "kafka", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedstreamingforapachekafka.html", - "privileges": { - "BatchAssociateScramSecret": { - "privilege": "BatchAssociateScramSecret", - "description": "Grants permission to associate one or more Scram Secrets with an Amazon MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "kms:CreateGrant", - "kms:RetireGrant" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-scram-secrets.html#BatchAssociateScramSecret" - }, - "BatchDisassociateScramSecret": { - "privilege": "BatchDisassociateScramSecret", - "description": "Grants permission to disassociate one or more Scram Secrets from an Amazon MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "kms:RetireGrant" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-scram-secrets.html#BatchDisassociateScramSecret" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create an MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "kms:CreateGrant", - "kms:DescribeKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#CreateCluster" - }, - "CreateClusterV2": { - "privilege": "CreateClusterV2", - "description": "Grants permission to create an MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:CreateTags", - "ec2:CreateVpcEndpoint", - "ec2:DeleteVpcEndpoints", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy", - "kms:CreateGrant", - "kms:DescribeKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSK/2.0/APIReference/v2-clusters.html#CreateClusterV2" - }, - "CreateConfiguration": { - "privilege": "CreateConfiguration", - "description": "Grants permission to create an MSK configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations.html#CreateConfiguration" - }, - "CreateVpcConnection": { - "privilege": "CreateVpcConnection", - "description": "Grants permission to create a MSK VPC connection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:CreateTags", - "ec2:CreateVpcEndpoint", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PutRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#CreateVpcConnection" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permission to delete an MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteVpcEndpoints", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn.html#DeleteCluster" - }, - "DeleteClusterPolicy": { - "privilege": "DeleteClusterPolicy", - "description": "Grants permission to delete a cluster resource-based policy", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/cluster-policy.html#DeleteClusterPolicy" - }, - "DeleteConfiguration": { - "privilege": "DeleteConfiguration", - "description": "Grants permission to delete the specified MSK configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn.html#DeleteConfiguration" - }, - "DeleteVpcConnection": { - "privilege": "DeleteVpcConnection", - "description": "Grants permission to delete a MSK VPC connection", - "access_level": "Write", - "resource_types": { - "vpc-connection": { - "resource_type": "vpc-connection", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteVpcEndpoints", - "ec2:DescribeVpcEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#DeleteVpcConnection" - }, - "DescribeCluster": { - "privilege": "DescribeCluster", - "description": "Grants permission to describe an MSK cluster", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn.html#DescribeCluster" - }, - "DescribeClusterOperation": { - "privilege": "DescribeClusterOperation", - "description": "Grants permission to describe the cluster operation that is specified by the given ARN", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/operations-clusteroperationarn.html#DescribeClusterOperation" - }, - "DescribeClusterV2": { - "privilege": "DescribeClusterV2", - "description": "Grants permission to describe an MSK cluster", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSK/2.0/APIReference/v2-clusters-clusterarn.html#DescribeClusterV2" - }, - "DescribeConfiguration": { - "privilege": "DescribeConfiguration", - "description": "Grants permission to describe an MSK configuration", - "access_level": "Read", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn.html#DescribeConfiguration" - }, - "DescribeConfigurationRevision": { - "privilege": "DescribeConfigurationRevision", - "description": "Grants permission to describe an MSK configuration revision", - "access_level": "Read", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn-revisions-revision.html#DescribeConfigurationRevision" - }, - "DescribeVpcConnection": { - "privilege": "DescribeVpcConnection", - "description": "Grants permission to describe a MSK VPC connection", - "access_level": "Read", - "resource_types": { - "vpc-connection": { - "resource_type": "vpc-connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#DescribeVpcConnection" - }, - "GetBootstrapBrokers": { - "privilege": "GetBootstrapBrokers", - "description": "Grants permission to get connection details for the brokers in an MSK cluster", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-bootstrap-brokers.html#GetBootstrapBrokers" - }, - "GetClusterPolicy": { - "privilege": "GetClusterPolicy", - "description": "Grants permission to describe a cluster resource-based policy", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/cluster-policy.html#GetClusterPolicy" - }, - "GetCompatibleKafkaVersions": { - "privilege": "GetCompatibleKafkaVersions", - "description": "Grants permission to get a list of the Apache Kafka versions to which you can update an MSK cluster", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/compatible-kafka-versions.html#GetCompatibleKafkaVersions" - }, - "ListClientVpcConnections": { - "privilege": "ListClientVpcConnections", - "description": "Grants permission to list all MSK VPC connections created for a cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#ListClientVpcConnections" - }, - "ListClusterOperations": { - "privilege": "ListClusterOperations", - "description": "Grants permission to return a list of all the operations that have been performed on the specified MSK cluster", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-operations.html#ListClusterOperations" - }, - "ListClusters": { - "privilege": "ListClusters", - "description": "Grants permission to list all MSK clusters in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#ListClusters" - }, - "ListClustersV2": { - "privilege": "ListClustersV2", - "description": "Grants permission to list all MSK clusters in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSK/2.0/APIReference/v2-clusters.html#ListClustersV2" - }, - "ListConfigurationRevisions": { - "privilege": "ListConfigurationRevisions", - "description": "Grants permission to list all revisions for an MSK configuration in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn-revisions.html#ListConfigurationRevisions" - }, - "ListConfigurations": { - "privilege": "ListConfigurations", - "description": "Grants permission to list all MSK configurations in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations.html#ListConfigurations" - }, - "ListKafkaVersions": { - "privilege": "ListKafkaVersions", - "description": "Grants permission to list all Apache Kafka versions supported by Amazon MSK", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/kafka-versions.html#ListKafkaVersions" - }, - "ListNodes": { - "privilege": "ListNodes", - "description": "Grants permission to list brokers in an MSK cluster", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes.html#ListNodes" - }, - "ListScramSecrets": { - "privilege": "ListScramSecrets", - "description": "Grants permission to list the Scram Secrets associated with an Amazon MSK cluster", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-scram-secrets.html#ListScramSecrets" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags of an MSK resource", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/tags-resourcearn.html#ListTagsForResource" - }, - "ListVpcConnections": { - "privilege": "ListVpcConnections", - "description": "Grants permission to list all MSK VPC connections that this account uses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#ListVpcConnections" - }, - "PutClusterPolicy": { - "privilege": "PutClusterPolicy", - "description": "Grants permission to create or update the resource-based policy for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/cluster-policy.html#PutClusterPolicy" - }, - "RebootBroker": { - "privilege": "RebootBroker", - "description": "Grants permission to reboot broker", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-reboot-broker.html#RebootBroker" - }, - "RejectClientVpcConnection": { - "privilege": "RejectClientVpcConnection", - "description": "Grants permission to reject a MSK VPC connection", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#RejectClientVpcConnection" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an MSK resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpc-connection": { - "resource_type": "vpc-connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/tags-resourcearn.html#TagResource" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from an MSK resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpc-connection": { - "resource_type": "vpc-connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/tags-resourcearn.html#UntagResource" - }, - "UpdateBrokerCount": { - "privilege": "UpdateBrokerCount", - "description": "Grants permission to update the number of brokers of the MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes-count.html#UpdateBrokerCount" - }, - "UpdateBrokerStorage": { - "privilege": "UpdateBrokerStorage", - "description": "Grants permission to update the storage size of the brokers of the MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes-storage.html#UpdateBrokerStorage" - }, - "UpdateBrokerType": { - "privilege": "UpdateBrokerType", - "description": "Grants permission to update the broker type of an Amazon MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes-type.html#UpdateBrokerType" - }, - "UpdateClusterConfiguration": { - "privilege": "UpdateClusterConfiguration", - "description": "Grants permission to update the configuration of the MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-configuration.html#UpdateClusterConfiguration" - }, - "UpdateClusterKafkaVersion": { - "privilege": "UpdateClusterKafkaVersion", - "description": "Grants permission to update the MSK cluster to the specified Apache Kafka version", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-version.html#UpdateClusterKafkaVersion" - }, - "UpdateConfiguration": { - "privilege": "UpdateConfiguration", - "description": "Grants permission to create a new revision of the MSK configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn.html#UpdateConfiguration" - }, - "UpdateConnectivity": { - "privilege": "UpdateConnectivity", - "description": "Grants permission to update the connectivity settings for the MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kafka:publicAccessEnabled" - ], - "dependent_actions": [ - "ec2:DescribeRouteTables", - "ec2:DescribeSubnets" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-connectivity.html#UpdateConnectivity" - }, - "UpdateMonitoring": { - "privilege": "UpdateMonitoring", - "description": "Grants permission to update the monitoring settings for the MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-monitoring.html#UpdateMonitoring" - }, - "UpdateSecurity": { - "privilege": "UpdateSecurity", - "description": "Grants permission to update the security settings for the MSK cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "kms:RetireGrant" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-security.html#UpdateSecurity" - }, - "UpdateStorage": { - "privilege": "UpdateStorage", - "description": "Grants permission to update the EBS storage (size or provisioned throughput) associated with MSK brokers or set cluster storage mode to TIERED", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-storage.html#UpdateStorage" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:cluster/${ClusterName}/${Uuid}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "configuration": { - "resource": "configuration", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:configuration/${ConfigurationName}/${Uuid}", - "condition_keys": [] - }, - "vpc-connection": { - "resource": "vpc-connection", - "arn": "arn:${Partition}:kafka:${Region}:${VpcOwnerAccount}:vpc-connection/${ClusterOwnerAccount}/${ClusterName}/${Uuid}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "topic": { - "resource": "topic", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:topic/${ClusterName}/${ClusterUuid}/${TopicName}", - "condition_keys": [] - }, - "group": { - "resource": "group", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:group/${ClusterName}/${ClusterUuid}/${GroupName}", - "condition_keys": [] - }, - "transactional-id": { - "resource": "transactional-id", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:transactional-id/${ClusterName}/${ClusterUuid}/${TransactionalId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "kafka:publicAccessEnabled": { - "condition": "kafka:publicAccessEnabled", - "description": "Filters access by the presence of public access enabled in the request", - "type": "Bool" - } - } - }, - "kafkaconnect": { - "service_name": "Amazon Managed Streaming for Kafka Connect", - "prefix": "kafkaconnect", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedstreamingforkafkaconnect.html", - "privileges": { - "CreateConnector": { - "privilege": "CreateConnector", - "description": "Grants permission to create an MSK Connect connector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "firehose:TagDeliveryStream", - "iam:AttachRolePolicy", - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "iam:PutRolePolicy", - "logs:CreateLogDelivery", - "logs:DescribeLogGroups", - "logs:DescribeResourcePolicies", - "logs:GetLogDelivery", - "logs:ListLogDeliveries", - "logs:PutResourcePolicy", - "s3:GetBucketPolicy", - "s3:PutBucketPolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_CreateConnector.html" - }, - "CreateCustomPlugin": { - "privilege": "CreateCustomPlugin", - "description": "Grants permission to create an MSK Connect custom plugin", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_CreateCustomPlugin.html" - }, - "CreateWorkerConfiguration": { - "privilege": "CreateWorkerConfiguration", - "description": "Grants permission to create an MSK Connect worker configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_CreateWorkerConfiguration.html" - }, - "DeleteConnector": { - "privilege": "DeleteConnector", - "description": "Grants permission to delete an MSK Connect connector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "logs:DeleteLogDelivery", - "logs:ListLogDeliveries" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DeleteConnector.html" - }, - "DeleteCustomPlugin": { - "privilege": "DeleteCustomPlugin", - "description": "Grants permission to delete an MSK Connect custom plugin", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DeleteCustomPlugin.html" - }, - "DescribeConnector": { - "privilege": "DescribeConnector", - "description": "Grants permission to describe an MSK Connect connector", - "access_level": "Read", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DescribeConnector.html" - }, - "DescribeCustomPlugin": { - "privilege": "DescribeCustomPlugin", - "description": "Grants permission to describe an MSK Connect custom plugin", - "access_level": "Read", - "resource_types": { - "custom plugin": { - "resource_type": "custom plugin", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DescribeCustomPlugin.html" - }, - "DescribeWorkerConfiguration": { - "privilege": "DescribeWorkerConfiguration", - "description": "Grants permission to describe an MSK Connect worker configuration", - "access_level": "Read", - "resource_types": { - "worker configuration": { - "resource_type": "worker configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DescribeWorkerConfiguration.html" - }, - "ListConnectors": { - "privilege": "ListConnectors", - "description": "Grants permission to list all MSK Connect connectors in this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_ListConnectors.html" - }, - "ListCustomPlugins": { - "privilege": "ListCustomPlugins", - "description": "Grants permission to list all MSK Connect custom plugins in this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_ListCustomPlugins.html" - }, - "ListWorkerConfigurations": { - "privilege": "ListWorkerConfigurations", - "description": "Grants permission to list all MSK Connect worker configurations in this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_ListWorkerConfigurations.html" - }, - "UpdateConnector": { - "privilege": "UpdateConnector", - "description": "Grants permission to update an MSK Connect connector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_UpdateConnector.html" - } - }, - "resources": { - "connector": { - "resource": "connector", - "arn": "arn:${Partition}:kafkaconnect:${Region}:${Account}:connector/${ConnectorName}/${UUID}", - "condition_keys": [] - }, - "custom plugin": { - "resource": "custom plugin", - "arn": "arn:${Partition}:kafkaconnect:${Region}:${Account}:custom-plugin/${CustomPluginName}/${UUID}", - "condition_keys": [] - }, - "worker configuration": { - "resource": "worker configuration", - "arn": "arn:${Partition}:kafkaconnect:${Region}:${Account}:worker-configuration/${WorkerConfigurationName}/${UUID}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "airflow": { - "service_name": "Amazon Managed Workflows for Apache Airflow", - "prefix": "airflow", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedworkflowsforapacheairflow.html", - "privileges": { - "CreateCliToken": { - "privilege": "CreateCliToken", - "description": "Grants permission to create a short-lived token that allows a user to invoke Airflow CLI via an endpoint on the Apache Airflow Webserver", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_CreateCliToken.html" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to create an Amazon MWAA environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_CreateEnvironment.html" - }, - "CreateWebLoginToken": { - "privilege": "CreateWebLoginToken", - "description": "Grants permission to create a short-lived token that allows a user to log into Apache Airflow web UI", - "access_level": "Write", - "resource_types": { - "rbac-role": { - "resource_type": "rbac-role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_CreateWebLoginToken.html" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete an Amazon MWAA environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_DeleteEnvironment.html" - }, - "GetEnvironment": { - "privilege": "GetEnvironment", - "description": "Grants permission to view details about an Amazon MWAA environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_GetEnvironment.html" - }, - "ListEnvironments": { - "privilege": "ListEnvironments", - "description": "Grants permission to list the Amazon MWAA environments in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_ListEnvironments.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tag for an Amazon MWAA environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_ListTagsForResource.html" - }, - "PublishMetrics": { - "privilege": "PublishMetrics", - "description": "Grants permission to publish metrics for an Amazon MWAA environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_PublishMetrics.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an Amazon MWAA environment", - "access_level": "Tagging", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an Amazon MWAA environment", - "access_level": "Tagging", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_UntagResource.html" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to modify an Amazon MWAA environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_UpdateEnvironment.html" - } - }, - "resources": { - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:airflow:${Region}:${Account}:environment/${EnvironmentName}", - "condition_keys": [] - }, - "rbac-role": { - "resource": "rbac-role", - "arn": "arn:${Partition}:airflow:${Region}:${Account}:role/${EnvironmentName}/${RoleName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "mechanicalturk": { - "service_name": "Amazon Mechanical Turk", - "prefix": "mechanicalturk", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmechanicalturk.html", - "privileges": { - "AcceptQualificationRequest": { - "privilege": "AcceptQualificationRequest", - "description": "The AcceptQualificationRequest operation grants a Worker's request for a Qualification", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_AcceptQualificationRequestOperation.html" - }, - "ApproveAssignment": { - "privilege": "ApproveAssignment", - "description": "The ApproveAssignment operation approves the results of a completed assignment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ApproveAssignmentOperation.html" - }, - "AssociateQualificationWithWorker": { - "privilege": "AssociateQualificationWithWorker", - "description": "The AssociateQualificationWithWorker operation gives a Worker a Qualification", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_AssociateQualificationWithWorkerOperation.html" - }, - "CreateAdditionalAssignmentsForHIT": { - "privilege": "CreateAdditionalAssignmentsForHIT", - "description": "The CreateAdditionalAssignmentsForHIT operation increases the maximum number of assignments of an existing HIT", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateAdditionalAssignmentsForHITOperation.html" - }, - "CreateHIT": { - "privilege": "CreateHIT", - "description": "The CreateHIT operation creates a new HIT (Human Intelligence Task)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateHITOperation.html" - }, - "CreateHITType": { - "privilege": "CreateHITType", - "description": "The CreateHITType operation creates a new HIT type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateHITTypeOperation.html" - }, - "CreateHITWithHITType": { - "privilege": "CreateHITWithHITType", - "description": "The CreateHITWithHITType operation creates a new Human Intelligence Task (HIT) using an existing HITTypeID generated by the CreateHITType operation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateHITWithHITTypeOperation.html" - }, - "CreateQualificationType": { - "privilege": "CreateQualificationType", - "description": "The CreateQualificationType operation creates a new Qualification type, which is represented by a QualificationType data structure", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateQualificationTypeOperation.html" - }, - "CreateWorkerBlock": { - "privilege": "CreateWorkerBlock", - "description": "The CreateWorkerBlock operation allows you to prevent a Worker from working on your HITs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateWorkerBlockOperation.html" - }, - "DeleteHIT": { - "privilege": "DeleteHIT", - "description": "The DeleteHIT operation disposes of a HIT that is no longer needed", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DeleteHITOperation.html" - }, - "DeleteQualificationType": { - "privilege": "DeleteQualificationType", - "description": "The DeleteQualificationType disposes a Qualification type and disposes any HIT types that are associated with the Qualification type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DeleteQualificationTypeOperation.html" - }, - "DeleteWorkerBlock": { - "privilege": "DeleteWorkerBlock", - "description": "The DeleteWorkerBlock operation allows you to reinstate a blocked Worker to work on your HITs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DeleteWorkerBlockOperation.html" - }, - "DisassociateQualificationFromWorker": { - "privilege": "DisassociateQualificationFromWorker", - "description": "The DisassociateQualificationFromWorker revokes a previously granted Qualification from a user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DisassociateQualificationFromWorkerOperation.html" - }, - "GetAccountBalance": { - "privilege": "GetAccountBalance", - "description": "The GetAccountBalance operation retrieves the amount of money in your Amazon Mechanical Turk account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetAccountBalanceOperation.html" - }, - "GetAssignment": { - "privilege": "GetAssignment", - "description": "The GetAssignment retrieves an assignment with an AssignmentStatus value of Submitted, Approved, or Rejected, using the assignment's ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetAssignmentOperation.html" - }, - "GetFileUploadURL": { - "privilege": "GetFileUploadURL", - "description": "The GetFileUploadURL operation generates and returns a temporary URL", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetFileUploadURLOperation.html" - }, - "GetHIT": { - "privilege": "GetHIT", - "description": "The GetHIT operation retrieves the details of the specified HIT", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetHITOperation.html" - }, - "GetQualificationScore": { - "privilege": "GetQualificationScore", - "description": "The GetQualificationScore operation returns the value of a Worker's Qualification for a given Qualification type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetQualificationScoreOperation.html" - }, - "GetQualificationType": { - "privilege": "GetQualificationType", - "description": "The GetQualificationType operation retrieves information about a Qualification type using its ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetQualificationTypeOperation.html" - }, - "ListAssignmentsForHIT": { - "privilege": "ListAssignmentsForHIT", - "description": "The ListAssignmentsForHIT operation retrieves completed assignments for a HIT", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListAssignmentsForHITOperation.html" - }, - "ListBonusPayments": { - "privilege": "ListBonusPayments", - "description": "The ListBonusPayments operation retrieves the amounts of bonuses you have paid to Workers for a given HIT or assignment", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListBonusPaymentsOperation.html" - }, - "ListHITs": { - "privilege": "ListHITs", - "description": "The ListHITs operation returns all of a Requester's HITs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListHITsOperation.html" - }, - "ListHITsForQualificationType": { - "privilege": "ListHITsForQualificationType", - "description": "The ListHITsForQualificationType operation returns the HITs that use the given QualififcationType for a QualificationRequirement", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListHITsForQualificationTypeOperation.html" - }, - "ListQualificationRequests": { - "privilege": "ListQualificationRequests", - "description": "The ListQualificationRequests operation retrieves requests for Qualifications of a particular Qualification type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListQualificationRequestsOperation.html" - }, - "ListQualificationTypes": { - "privilege": "ListQualificationTypes", - "description": "The ListQualificationTypes operation searches for Qualification types using the specified search query, and returns a list of Qualification types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListQualificationTypesOperation.html" - }, - "ListReviewPolicyResultsForHIT": { - "privilege": "ListReviewPolicyResultsForHIT", - "description": "The ListReviewPolicyResultsForHIT operation retrieves the computed results and the actions taken in the course of executing your Review Policies during a CreateHIT operation", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListReviewPolicyResultsForHITOperation.html" - }, - "ListReviewableHITs": { - "privilege": "ListReviewableHITs", - "description": "The ListReviewableHITs operation returns all of a Requester's HITs that have not been approved or rejected", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListReviewableHITsOperation.html" - }, - "ListWorkerBlocks": { - "privilege": "ListWorkerBlocks", - "description": "The ListWorkersBlocks operation retrieves a list of Workers who are blocked from working on your HITs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListWorkerBlocksOperation.html" - }, - "ListWorkersWithQualificationType": { - "privilege": "ListWorkersWithQualificationType", - "description": "The ListWorkersWithQualificationType operation returns all of the Workers with a given Qualification type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListWorkersWithQualificationTypeOperation.html" - }, - "NotifyWorkers": { - "privilege": "NotifyWorkers", - "description": "The NotifyWorkers operation sends an email to one or more Workers that you specify with the Worker ID", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_NotifyWorkersOperation.html" - }, - "RejectAssignment": { - "privilege": "RejectAssignment", - "description": "The RejectAssignment operation rejects the results of a completed assignment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_RejectAssignmentOperation.html" - }, - "RejectQualificationRequest": { - "privilege": "RejectQualificationRequest", - "description": "The RejectQualificationRequest operation rejects a user's request for a Qualification", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_RejectQualificationRequestOperation.html" - }, - "SendBonus": { - "privilege": "SendBonus", - "description": "The SendBonus operation issues a payment of money from your account to a Worker", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_SendBonusOperation.html" - }, - "SendTestEventNotification": { - "privilege": "SendTestEventNotification", - "description": "The SendTestEventNotification operation causes Amazon Mechanical Turk to send a notification message as if a HIT event occurred, according to the provided notification specification", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_SendTestEventNotificationOperation.html" - }, - "UpdateExpirationForHIT": { - "privilege": "UpdateExpirationForHIT", - "description": "The UpdateExpirationForHIT operation allows you extend the expiration time of a HIT beyond is current expiration or expire a HIT immediately", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateExpirationForHITOperation.html" - }, - "UpdateHITReviewStatus": { - "privilege": "UpdateHITReviewStatus", - "description": "The UpdateHITReviewStatus operation toggles the status of a HIT", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateHITReviewStatusOperation.html" - }, - "UpdateHITTypeOfHIT": { - "privilege": "UpdateHITTypeOfHIT", - "description": "The UpdateHITTypeOfHIT operation allows you to change the HITType properties of a HIT", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateHITTypeOfHITOperation.html" - }, - "UpdateNotificationSettings": { - "privilege": "UpdateNotificationSettings", - "description": "The UpdateNotificationSettings operation creates, updates, disables or re-enables notifications for a HIT type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateNotificationSettingsOperation.html" - }, - "UpdateQualificationType": { - "privilege": "UpdateQualificationType", - "description": "The UpdateQualificationType operation modifies the attributes of an existing Qualification type, which is represented by a QualificationType data structure", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateQualificationTypeOperation.html" - } - }, - "resources": {}, - "conditions": {} - }, - "mediaimport": { - "service_name": "AmazonMediaImport", - "prefix": "mediaimport", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmediaimport.html", - "privileges": { - "CreateDatabaseBinarySnapshot": { - "privilege": "CreateDatabaseBinarySnapshot", - "description": "Grants permission to create a database binary snapshot on the customer's aws account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html" - } - }, - "resources": {}, - "conditions": {} - }, - "memorydb": { - "service_name": "Amazon MemoryDB", - "prefix": "memorydb", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmemorydb.html", - "privileges": { - "BatchUpdateCluster": { - "privilege": "BatchUpdateCluster", - "description": "Grants permissions to apply service updates", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "s3:GetObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_BatchUpdateCluster.html" - }, - "Connect": { - "privilege": "Connect", - "description": "Allows an IAM user or role to connect as a specified MemoryDB user to a node in a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/devguide/auth-iam.html" - }, - "CopySnapshot": { - "privilege": "CopySnapshot", - "description": "Grants permissions to make a copy of an existing snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "memorydb:TagResource", - "s3:DeleteObject", - "s3:GetBucketAcl", - "s3:PutObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CopySnapshot.html" - }, - "CreateAcl": { - "privilege": "CreateAcl", - "description": "Grants permissions to create a new access control list", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "memorydb:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateAcl.html" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permissions to create a cluster", - "access_level": "Write", - "resource_types": { - "acl": { - "resource_type": "acl", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "memorydb:TagResource", - "s3:GetObject" - ] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateCluster.html" - }, - "CreateParameterGroup": { - "privilege": "CreateParameterGroup", - "description": "Grants permissions to create a new parameter group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "memorydb:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateParameterGroup.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permissions to create a backup of a cluster at the current point in time", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "memorydb:TagResource", - "s3:DeleteObject", - "s3:GetBucketAcl", - "s3:PutObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateSnapshot.html" - }, - "CreateSubnetGroup": { - "privilege": "CreateSubnetGroup", - "description": "Grants permissions to create a new subnet group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "memorydb:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateSubnetGroup.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permissions to create a new user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "memorydb:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateUser.html" - }, - "DeleteAcl": { - "privilege": "DeleteAcl", - "description": "Grants permissions to delete an access control list", - "access_level": "Write", - "resource_types": { - "acl": { - "resource_type": "acl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteAcl.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permissions to delete a previously provisioned cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteCluster.html" - }, - "DeleteParameterGroup": { - "privilege": "DeleteParameterGroup", - "description": "Grants permissions to delete a parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteParameterGroup.html" - }, - "DeleteSnapshot": { - "privilege": "DeleteSnapshot", - "description": "Grants permissions to delete a snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteSnapshot.html" - }, - "DeleteSubnetGroup": { - "privilege": "DeleteSubnetGroup", - "description": "Grants permissions to delete a subnet group", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteSubnetGroup.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permissions to delete a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteUser.html" - }, - "DescribeAcls": { - "privilege": "DescribeAcls", - "description": "Grants permissions to retrieve information about access control lists", - "access_level": "Read", - "resource_types": { - "acl": { - "resource_type": "acl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeAcls.html" - }, - "DescribeClusters": { - "privilege": "DescribeClusters", - "description": "Grants permissions to retrieve information about all provisioned clusters if no cluster identifier is specified, or about a specific cluster if a cluster identifier is supplied", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeClusters.html" - }, - "DescribeEngineVersions": { - "privilege": "DescribeEngineVersions", - "description": "Grants permissions to list of the available engines and their versions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeEngineVersions.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permissions to retrieve events related to clusters, subnet groups, and parameter groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeEvents.html" - }, - "DescribeParameterGroups": { - "privilege": "DescribeParameterGroups", - "description": "Grants permissions to retrieve information about parameter groups", - "access_level": "Read", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeParameterGroups.html" - }, - "DescribeParameters": { - "privilege": "DescribeParameters", - "description": "Grants permissions to retrieve a detailed parameter list for a particular parameter group", - "access_level": "Read", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeParameters.html" - }, - "DescribeReservedNodes": { - "privilege": "DescribeReservedNodes", - "description": "Grants permissions to retrieve reserved nodes", - "access_level": "Read", - "resource_types": { - "reservednode": { - "resource_type": "reservednode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeReservedNodes.html" - }, - "DescribeReservedNodesOfferings": { - "privilege": "DescribeReservedNodesOfferings", - "description": "Grants permissions to retrieve reserved nodes offerings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeReservedNodesOfferings.html" - }, - "DescribeServiceUpdates": { - "privilege": "DescribeServiceUpdates", - "description": "Grants permissions to retrieve details of the service updates", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeServiceUpdates.html" - }, - "DescribeSnapshots": { - "privilege": "DescribeSnapshots", - "description": "Grants permissions to retrieve information about cluster snapshots", - "access_level": "Read", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeSnapshots.html" - }, - "DescribeSubnetGroups": { - "privilege": "DescribeSubnetGroups", - "description": "Grants permissions to retrieve a list of subnet group", - "access_level": "Read", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeSubnetGroups.html" - }, - "DescribeUsers": { - "privilege": "DescribeUsers", - "description": "Grants permissions to retrieve information about users", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeUsers.html" - }, - "FailoverShard": { - "privilege": "FailoverShard", - "description": "Grants permissions to test automatic failover on a specified shard in a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_FailoverShard.html" - }, - "ListAllowedNodeTypeUpdates": { - "privilege": "ListAllowedNodeTypeUpdates", - "description": "Grants permissions to list available node type updates", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_ListAllowedNodeTypeUpdates.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permissions to list cost allocation tags", - "access_level": "Read", - "resource_types": { - "acl": { - "resource_type": "acl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_ListTags.html" - }, - "PurchaseReservedNodesOffering": { - "privilege": "PurchaseReservedNodesOffering", - "description": "Grants permissions to purchase a new reserved node", - "access_level": "Write", - "resource_types": { - "reservednode": { - "resource_type": "reservednode", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "memorydb:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_PurchaseReservedNodesOffering.html" - }, - "ResetParameterGroup": { - "privilege": "ResetParameterGroup", - "description": "Grants permissions to modify the parameters of a parameter group to the engine or system default value", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_ResetParameterGroup.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permissions to add up to 10 cost allocation tags to the named resource", - "access_level": "Tagging", - "resource_types": { - "acl": { - "resource_type": "acl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reservednode": { - "resource_type": "reservednode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permissions to remove the tags identified by the TagKeys list from a resource", - "access_level": "Tagging", - "resource_types": { - "acl": { - "resource_type": "acl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UntagResource.html" - }, - "UpdateAcl": { - "privilege": "UpdateAcl", - "description": "Grants permissions to update an access control list", - "access_level": "Write", - "resource_types": { - "acl": { - "resource_type": "acl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateAcl.html" - }, - "UpdateCluster": { - "privilege": "UpdateCluster", - "description": "Grants permissions to update the settings for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "acl": { - "resource_type": "acl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateCluster.html" - }, - "UpdateParameterGroup": { - "privilege": "UpdateParameterGroup", - "description": "Grants permissions to update parameters in a parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateParameterGroup.html" - }, - "UpdateSubnetGroup": { - "privilege": "UpdateSubnetGroup", - "description": "Grants permissions to update a subnet group", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateSubnetGroup.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permissions to update a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateUser.html" - } - }, - "resources": { - "parametergroup": { - "resource": "parametergroup", - "arn": "arn:${Partition}:memorydb:${Region}:${Account}:parametergroup/${ParameterGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "subnetgroup": { - "resource": "subnetgroup", - "arn": "arn:${Partition}:memorydb:${Region}:${Account}:subnetgroup/${SubnetGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:memorydb:${Region}:${Account}:cluster/${ClusterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:memorydb:${Region}:${Account}:snapshot/${SnapshotName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:memorydb:${Region}:${Account}:user/${UserName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "acl": { - "resource": "acl", - "arn": "arn:${Partition}:memorydb:${Region}:${Account}:acl/${AclName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "reservednode": { - "resource": "reservednode", - "arn": "arn:${Partition}:memorydb:${Region}:${Account}:reservednode/${ReservationID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "ec2messages": { - "service_name": "Amazon Message Delivery Service", - "prefix": "ec2messages", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmessagedeliveryservice.html", - "privileges": { - "AcknowledgeMessage": { - "privilege": "AcknowledgeMessage", - "description": "Grants permission to acknowledge a message, ensuring it will not be delivered again", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "DeleteMessage": { - "privilege": "DeleteMessage", - "description": "Grants permission to delete a message", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "FailMessage": { - "privilege": "FailMessage", - "description": "Grants permission to fail a message, signifying the message could not be processed successfully, ensuring it cannot be replied to or delivered again", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "GetEndpoint": { - "privilege": "GetEndpoint", - "description": "Grants permission to route traffic to the correct endpoint based on the given destination for the messages", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "GetMessages": { - "privilege": "GetMessages", - "description": "Grants permission to deliver messages to clients/instances using long polling", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SourceInstanceARN" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "SendReply": { - "privilege": "SendReply", - "description": "Grants permission to send replies from clients/instances to upstream service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SourceInstanceARN" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - } - }, - "resources": {}, - "conditions": { - "ssm:SourceInstanceARN": { - "condition": "ssm:SourceInstanceARN", - "description": "Filters access by verifying the Amazon Resource Name (ARN) of the AWS Systems Manager's managed instance from which the request is made. This key is not present when the request comes from the managed instance authenticated with an IAM role associated with EC2 instance profile", - "type": "String" - } - } - }, - "mobileanalytics": { - "service_name": "Amazon Mobile Analytics", - "prefix": "mobileanalytics", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmobileanalytics.html", - "privileges": { - "GetFinancialReports": { - "privilege": "GetFinancialReports", - "description": "Grant access to financial metrics for an app", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "GetReports": { - "privilege": "GetReports", - "description": "Grant access to standard metrics for an app", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "PutEvents": { - "privilege": "PutEvents", - "description": "The PutEvents operation records one or more events", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobileanalytics/latest/ug/PutEvents.html" - } - }, - "resources": {}, - "conditions": {} - }, - "monitron": { - "service_name": "Amazon Monitron", - "prefix": "monitron", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmonitron.html", - "privileges": { - "AssociateProjectAdminUser": { - "privilege": "AssociateProjectAdminUser", - "description": "Grants permission to associate a user with the project as an administrator", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso-directory:DescribeUsers", - "sso:AssociateProfile", - "sso:GetManagedApplicationInstance", - "sso:GetProfile", - "sso:ListDirectoryAssociations", - "sso:ListProfileAssociations", - "sso:ListProfiles" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/user-management-chapter.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a project", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "kms:CreateGrant", - "sso:CreateManagedApplicationInstance", - "sso:DeleteManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-creating-project.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso:DeleteManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-delete-project.html" - }, - "DisassociateProjectAdminUser": { - "privilege": "DisassociateProjectAdminUser", - "description": "Grants permission to disassociate an administrator from the project", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso-directory:DescribeUsers", - "sso:DisassociateProfile", - "sso:GetManagedApplicationInstance", - "sso:GetProfile", - "sso:ListDirectoryAssociations", - "sso:ListProfiles" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mu-remove-project-admin.html" - }, - "GetProject": { - "privilege": "GetProject", - "description": "Grants permission to get information about a project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-project-tasks.html" - }, - "GetProjectAdminUser": { - "privilege": "GetProjectAdminUser", - "description": "Grants permission to describe an administrator who is associated with the project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso-directory:DescribeUsers", - "sso:GetManagedApplicationInstance", - "sso:ListProfileAssociations" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-project-tasks.html" - }, - "ListProjectAdminUsers": { - "privilege": "ListProjectAdminUsers", - "description": "Grants permission to list all administrators associated with the project", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso-directory:DescribeUsers", - "sso:GetManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/user-management-chapter.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list all projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-project-tasks.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for a resource", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/tagging.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/tagging.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/tagging.html#modify-tag-1" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to update a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-updating-project.html" - } - }, - "resources": { - "project": { - "resource": "project", - "arn": "arn:${Partition}:monitron:${Region}:${Account}:project/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions by the tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "mq": { - "service_name": "Amazon MQ", - "prefix": "mq", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmq.html", - "privileges": { - "CreateBroker": { - "privilege": "CreateBroker", - "description": "Grants permission to create a broker", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:CreateNetworkInterfacePermission", - "ec2:CreateSecurityGroup", - "ec2:CreateVpcEndpoint", - "ec2:DescribeInternetGateways", - "ec2:DescribeNetworkInterfacePermissions", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcEndpoints", - "ec2:DescribeVpcs", - "ec2:ModifyNetworkInterfaceAttribute", - "iam:CreateServiceLinkedRole", - "route53:AssociateVPCWithHostedZone" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-brokers.html#rest-api-brokers-methods-post" - }, - "CreateConfiguration": { - "privilege": "CreateConfiguration", - "description": "Grants permission to create a new configuration for the specified configuration name. Amazon MQ uses the default configuration (the engine type and engine version)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configurations.html#rest-api-configurations-methods-post" - }, - "CreateReplicaBroker": { - "privilege": "CreateReplicaBroker", - "description": "Grants permission to create a replica broker", - "access_level": "Write", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-brokers.html#rest-api-brokers-methods-post" - }, - "CreateTags": { - "privilege": "CreateTags", - "description": "Grants permission to create tags", - "access_level": "Tagging", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurations": { - "resource_type": "configurations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-tags.html#rest-api-tags-methods-post" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create an ActiveMQ user", - "access_level": "Write", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-post" - }, - "DeleteBroker": { - "privilege": "DeleteBroker", - "description": "Grants permission to delete a broker", - "access_level": "Write", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteNetworkInterface", - "ec2:DeleteNetworkInterfacePermission", - "ec2:DeleteVpcEndpoints", - "ec2:DetachNetworkInterface" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-broker.html#rest-api-broker-methods-delete" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete tags", - "access_level": "Tagging", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurations": { - "resource_type": "configurations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-tags.html#rest-api-tags-methods-delete" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete an ActiveMQ user", - "access_level": "Write", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-delete" - }, - "DescribeBroker": { - "privilege": "DescribeBroker", - "description": "Grants permission to return information about the specified broker", - "access_level": "Read", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-broker.html#rest-api-broker-methods-get" - }, - "DescribeBrokerEngineTypes": { - "privilege": "DescribeBrokerEngineTypes", - "description": "Grants permission to return information about broker engines", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/broker-engine-types.html#broker-engine-types-http-methods" - }, - "DescribeBrokerInstanceOptions": { - "privilege": "DescribeBrokerInstanceOptions", - "description": "Grants permission to return information about the broker instance options", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/broker-instance-options.html#broker-engine-types-http-methods" - }, - "DescribeConfiguration": { - "privilege": "DescribeConfiguration", - "description": "Grants permission to return information about the specified configuration", - "access_level": "Read", - "resource_types": { - "configurations": { - "resource_type": "configurations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configuration.html#rest-api-configuration-methods-get" - }, - "DescribeConfigurationRevision": { - "privilege": "DescribeConfigurationRevision", - "description": "Grants permission to return the specified configuration revision for the specified configuration", - "access_level": "Read", - "resource_types": { - "configurations": { - "resource_type": "configurations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configuration-revision.html#rest-api-configuration-revision-methods-get" - }, - "DescribeUser": { - "privilege": "DescribeUser", - "description": "Grants permission to return information about an ActiveMQ user", - "access_level": "Read", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-get" - }, - "ListBrokers": { - "privilege": "ListBrokers", - "description": "Grants permission to return a list of all brokers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-brokers.html#rest-api-brokers-methods-get" - }, - "ListConfigurationRevisions": { - "privilege": "ListConfigurationRevisions", - "description": "Grants permission to return a list of all existing revisions for the specified configuration", - "access_level": "List", - "resource_types": { - "configurations": { - "resource_type": "configurations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-revisions.html#rest-api-revisions-methods-get" - }, - "ListConfigurations": { - "privilege": "ListConfigurations", - "description": "Grants permission to return a list of all configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configurations.html#rest-api-configurations-methods-get" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to return a list of tags", - "access_level": "List", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurations": { - "resource_type": "configurations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-tags.html#rest-api-tags-methods-get" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to return a list of all ActiveMQ users", - "access_level": "List", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-users.html#rest-api-users-methods-get" - }, - "RebootBroker": { - "privilege": "RebootBroker", - "description": "Grants permission to reboot a broker", - "access_level": "Write", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-restart.html#rest-api-reboot-methods-post" - }, - "UpdateBroker": { - "privilege": "UpdateBroker", - "description": "Grants permission to add a pending configuration change to a broker", - "access_level": "Write", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-broker.html#rest-api-broker-methods-get" - }, - "UpdateConfiguration": { - "privilege": "UpdateConfiguration", - "description": "Grants permission to update the specified configuration", - "access_level": "Write", - "resource_types": { - "configurations": { - "resource_type": "configurations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configuration.html#rest-api-configuration-methods-put" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update the information for an ActiveMQ user", - "access_level": "Write", - "resource_types": { - "brokers": { - "resource_type": "brokers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-put" - } - }, - "resources": { - "brokers": { - "resource": "brokers", - "arn": "arn:${Partition}:mq:${Region}:${Account}:broker:${BrokerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "configurations": { - "resource": "configurations", - "arn": "arn:${Partition}:mq:${Region}:${Account}:configuration:${ConfigurationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "neptune-db": { - "service_name": "Amazon Neptune", - "prefix": "neptune-db", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonneptune.html", - "privileges": { - "CancelLoaderJob": { - "privilege": "CancelLoaderJob", - "description": "Grants permission to cancel a loader job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelloaderjob" - }, - "CancelMLDataProcessingJob": { - "privilege": "CancelMLDataProcessingJob", - "description": "Grants permission to cancel an ML data processing job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelmldataprocessingjob" - }, - "CancelMLModelTrainingJob": { - "privilege": "CancelMLModelTrainingJob", - "description": "Grants permission to cancel an ML model training job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelmlmodeltrainingjob" - }, - "CancelMLModelTransformJob": { - "privilege": "CancelMLModelTransformJob", - "description": "Grants permission to cancel an ML model transform job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelmlmodeltransformjob" - }, - "CancelQuery": { - "privilege": "CancelQuery", - "description": "Grants permission to cancel a query", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelquery" - }, - "CreateMLEndpoint": { - "privilege": "CreateMLEndpoint", - "description": "Grants permission to create an ML endpoint", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#createmlendpoint" - }, - "DeleteDataViaQuery": { - "privilege": "DeleteDataViaQuery", - "description": "Grants permission to run delete data via query APIs on database", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "neptune-db:QueryLanguage" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#deletedataviaquery" - }, - "DeleteMLEndpoint": { - "privilege": "DeleteMLEndpoint", - "description": "Grants permission to delete an ML endpoint", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#deletemlendpoint" - }, - "DeleteStatistics": { - "privilege": "DeleteStatistics", - "description": "Grants permission to delete all the statistics in the database", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#deletestatistics" - }, - "GetEngineStatus": { - "privilege": "GetEngineStatus", - "description": "Grants permission to check the status of the Neptune engine", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getenginestatus" - }, - "GetGraphSummary": { - "privilege": "GetGraphSummary", - "description": "Grants permission to get the graph summary from the database", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getgraphsummary" - }, - "GetLoaderJobStatus": { - "privilege": "GetLoaderJobStatus", - "description": "Grants permission to check the status of a loader job", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getloaderjobstatus" - }, - "GetMLDataProcessingJobStatus": { - "privilege": "GetMLDataProcessingJobStatus", - "description": "Grants permission to check the status of an ML data processing job", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmldataprocessingjobstatus" - }, - "GetMLEndpointStatus": { - "privilege": "GetMLEndpointStatus", - "description": "Grants permission to check the status of an ML endpoint", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmlendpointstatus" - }, - "GetMLModelTrainingJobStatus": { - "privilege": "GetMLModelTrainingJobStatus", - "description": "Grants permission to check the status of an ML model training job", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmlmodeltrainingjobstatus" - }, - "GetMLModelTransformJobStatus": { - "privilege": "GetMLModelTransformJobStatus", - "description": "Grants permission to check the status of an ML model transform job", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmlmodeltransformjobstatus" - }, - "GetQueryStatus": { - "privilege": "GetQueryStatus", - "description": "Grants permission to check the status of all active queries", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "neptune-db:QueryLanguage" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getquerystatus" - }, - "GetStatisticsStatus": { - "privilege": "GetStatisticsStatus", - "description": "Grants permission to check the status of statistics of the database", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getstatisticsstatus" - }, - "GetStreamRecords": { - "privilege": "GetStreamRecords", - "description": "Grants permission to fetch stream records from Neptune", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "neptune-db:QueryLanguage" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getstreamrecords" - }, - "ListLoaderJobs": { - "privilege": "ListLoaderJobs", - "description": "Grants permission to list all the loader jobs", - "access_level": "List", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listloaderjobs" - }, - "ListMLDataProcessingJobs": { - "privilege": "ListMLDataProcessingJobs", - "description": "Grants permission to list all the ML data processing jobs", - "access_level": "List", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmldataprocessingjobs" - }, - "ListMLEndpoints": { - "privilege": "ListMLEndpoints", - "description": "Grants permission to list all the ML endpoints", - "access_level": "List", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmlendpoints" - }, - "ListMLModelTrainingJobs": { - "privilege": "ListMLModelTrainingJobs", - "description": "Grants permission to list all the ML model training jobs", - "access_level": "List", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmlmodeltrainingjobs" - }, - "ListMLModelTransformJobs": { - "privilege": "ListMLModelTransformJobs", - "description": "Grants permission to list all the ML model transform jobs", - "access_level": "List", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmlmodeltransformjobs" - }, - "ManageStatistics": { - "privilege": "ManageStatistics", - "description": "Grants permission to manage statistics in the database", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#managestatistics" - }, - "ReadDataViaQuery": { - "privilege": "ReadDataViaQuery", - "description": "Grants permission to run read data via query APIs on database", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "neptune-db:QueryLanguage" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#readdataviaquery" - }, - "ResetDatabase": { - "privilege": "ResetDatabase", - "description": "Grants permission to get the token needed for reset and resets the Neptune database", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#resetdatabase" - }, - "StartLoaderJob": { - "privilege": "StartLoaderJob", - "description": "Grants permission to start a loader job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startloaderjob" - }, - "StartMLDataProcessingJob": { - "privilege": "StartMLDataProcessingJob", - "description": "Grants permission to start an ML data processing job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startmldataprocessingjob" - }, - "StartMLModelTrainingJob": { - "privilege": "StartMLModelTrainingJob", - "description": "Grants permission to start an ML model training job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startmlmodeltrainingjob" - }, - "StartMLModelTransformJob": { - "privilege": "StartMLModelTransformJob", - "description": "Grants permission to start an ML model transform job", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startmlmodeltransformjob" - }, - "WriteDataViaQuery": { - "privilege": "WriteDataViaQuery", - "description": "Grants permission to run write data via query APIs on database", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "neptune-db:QueryLanguage" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#writedataviaquery" - }, - "connect": { - "privilege": "connect", - "description": "Grants permission to all data-access actions in engine versions prior to 1.2.0.0", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html" - } - }, - "resources": { - "database": { - "resource": "database", - "arn": "arn:${Partition}:neptune-db:${Region}:${Account}:${RelativeId}/database", - "condition_keys": [] - } - }, - "conditions": { - "neptune-db:QueryLanguage": { - "condition": "neptune-db:QueryLanguage", - "description": "Filters access by graph model", - "type": "String" - } - } - }, - "nimble": { - "service_name": "Amazon Nimble Studio", - "prefix": "nimble", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonnimblestudio.html", - "privileges": { - "AcceptEulas": { - "privilege": "AcceptEulas", - "description": "Grants permission to accept EULAs", - "access_level": "Write", - "resource_types": { - "eula": { - "resource_type": "eula", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_AcceptEulas.html" - }, - "CreateLaunchProfile": { - "privilege": "CreateLaunchProfile", - "description": "Grants permission to create a launch profile", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeNatGateways", - "ec2:DescribeNetworkAcls", - "ec2:DescribeRouteTables", - "ec2:DescribeSubnets", - "ec2:DescribeVpcEndpoints", - "ec2:RunInstances" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateLaunchProfile.html" - }, - "CreateStreamingImage": { - "privilege": "CreateStreamingImage", - "description": "Grants permission to create a streaming image", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeImages", - "ec2:DescribeSnapshots", - "ec2:ModifyInstanceAttribute", - "ec2:ModifySnapshotAttribute", - "ec2:RegisterImage" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStreamingImage.html" - }, - "CreateStreamingSession": { - "privilege": "CreateStreamingSession", - "description": "Grants permission to create a streaming session", - "access_level": "Write", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:CreateNetworkInterfacePermission", - "nimble:GetLaunchProfile", - "nimble:GetLaunchProfileInitialization", - "nimble:ListEulaAcceptances" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStreamingSession.html" - }, - "CreateStreamingSessionStream": { - "privilege": "CreateStreamingSessionStream", - "description": "Grants permission to create a StreamingSessionStream", - "access_level": "Write", - "resource_types": { - "streaming-session": { - "resource_type": "streaming-session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStreamingSessionStream.html" - }, - "CreateStudio": { - "privilege": "CreateStudio", - "description": "Grants permission to create a studio", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "sso:CreateManagedApplicationInstance" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStudio.html" - }, - "CreateStudioComponent": { - "privilege": "CreateStudioComponent", - "description": "Grants permission to create a studio component. A studio component designates a network resource to which a launch profile will provide access", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:AuthorizeApplication", - "ds:DescribeDirectories", - "ec2:DescribeSecurityGroups", - "fsx:DescribeFileSystems", - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStudioComponent.html" - }, - "DeleteLaunchProfile": { - "privilege": "DeleteLaunchProfile", - "description": "Grants permission to delete a launch profile", - "access_level": "Write", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteLaunchProfile.html" - }, - "DeleteLaunchProfileMember": { - "privilege": "DeleteLaunchProfileMember", - "description": "Grants permission to delete a launch profile member", - "access_level": "Write", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteLaunchProfileMember.html" - }, - "DeleteStreamingImage": { - "privilege": "DeleteStreamingImage", - "description": "Grants permission to delete a streaming image", - "access_level": "Write", - "resource_types": { - "streaming-image": { - "resource_type": "streaming-image", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteSnapshot", - "ec2:DeregisterImage", - "ec2:ModifyInstanceAttribute", - "ec2:ModifySnapshotAttribute" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStreamingImage.html" - }, - "DeleteStreamingSession": { - "privilege": "DeleteStreamingSession", - "description": "Grants permission to delete a streaming session", - "access_level": "Write", - "resource_types": { - "streaming-session": { - "resource_type": "streaming-session", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteNetworkInterface" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStreamingSession.html" - }, - "DeleteStudio": { - "privilege": "DeleteStudio", - "description": "Grants permission to delete a studio", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso:DeleteManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStudio.html" - }, - "DeleteStudioComponent": { - "privilege": "DeleteStudioComponent", - "description": "Grants permission to delete a studio component", - "access_level": "Write", - "resource_types": { - "studio-component": { - "resource_type": "studio-component", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:UnauthorizeApplication" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStudioComponent.html" - }, - "DeleteStudioMember": { - "privilege": "DeleteStudioMember", - "description": "Grants permission to delete a studio member", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStudioMember.html" - }, - "GetEula": { - "privilege": "GetEula", - "description": "Grants permission to get a EULA", - "access_level": "Read", - "resource_types": { - "eula": { - "resource_type": "eula", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetEula.html" - }, - "GetFeatureMap": { - "privilege": "GetFeatureMap", - "description": "Grants permission to allow Nimble Studio portal to show the appropriate features for this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/userguide/security-iam-service-with-iam.html" - }, - "GetLaunchProfile": { - "privilege": "GetLaunchProfile", - "description": "Grants permission to get a launch profile", - "access_level": "Read", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfile.html" - }, - "GetLaunchProfileDetails": { - "privilege": "GetLaunchProfileDetails", - "description": "Grants permission to get a launch profile's details, which includes the summary of studio components and streaming images used by the launch profile", - "access_level": "Read", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfileDetails.html" - }, - "GetLaunchProfileInitialization": { - "privilege": "GetLaunchProfileInitialization", - "description": "Grants permission to get a launch profile initialization. A launch profile initialization is a dereferenced version of a launch profile, including attached studio component connection information", - "access_level": "Read", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories", - "ec2:DescribeSecurityGroups", - "fsx:DescribeFileSystems" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfileInitialization.html" - }, - "GetLaunchProfileMember": { - "privilege": "GetLaunchProfileMember", - "description": "Grants permission to get a launch profile member", - "access_level": "Read", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfileMember.html" - }, - "GetStreamingImage": { - "privilege": "GetStreamingImage", - "description": "Grants permission to get a streaming image", - "access_level": "Read", - "resource_types": { - "streaming-image": { - "resource_type": "streaming-image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingImage.html" - }, - "GetStreamingSession": { - "privilege": "GetStreamingSession", - "description": "Grants permission to get a streaming session", - "access_level": "Read", - "resource_types": { - "streaming-session": { - "resource_type": "streaming-session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingSession.html" - }, - "GetStreamingSessionBackup": { - "privilege": "GetStreamingSessionBackup", - "description": "Grants permission to get a streaming session backup", - "access_level": "Read", - "resource_types": { - "streaming-session-backup": { - "resource_type": "streaming-session-backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingSessionBackup.html" - }, - "GetStreamingSessionStream": { - "privilege": "GetStreamingSessionStream", - "description": "Grants permission to get a streaming session stream", - "access_level": "Read", - "resource_types": { - "streaming-session": { - "resource_type": "streaming-session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingSessionStream.html" - }, - "GetStudio": { - "privilege": "GetStudio", - "description": "Grants permission to get a studio", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStudio.html" - }, - "GetStudioComponent": { - "privilege": "GetStudioComponent", - "description": "Grants permission to get a studio component", - "access_level": "Read", - "resource_types": { - "studio-component": { - "resource_type": "studio-component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStudioComponent.html" - }, - "GetStudioMember": { - "privilege": "GetStudioMember", - "description": "Grants permission to get a studio member", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStudioMember.html" - }, - "ListEulaAcceptances": { - "privilege": "ListEulaAcceptances", - "description": "Grants permission to list EULA acceptances", - "access_level": "Read", - "resource_types": { - "eula-acceptance": { - "resource_type": "eula-acceptance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListEulaAcceptances.html" - }, - "ListEulas": { - "privilege": "ListEulas", - "description": "Grants permission to list EULAs", - "access_level": "Read", - "resource_types": { - "eula": { - "resource_type": "eula", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListEulas.html" - }, - "ListLaunchProfileMembers": { - "privilege": "ListLaunchProfileMembers", - "description": "Grants permission to list launch profile members", - "access_level": "Read", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListLaunchProfileMembers.html" - }, - "ListLaunchProfiles": { - "privilege": "ListLaunchProfiles", - "description": "Grants permission to list launch profiles", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:principalId", - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListLaunchProfiles.html" - }, - "ListStreamingImages": { - "privilege": "ListStreamingImages", - "description": "Grants permission to list streaming images", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStreamingImages.html" - }, - "ListStreamingSessionBackups": { - "privilege": "ListStreamingSessionBackups", - "description": "Grants permission to list streaming session backups", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStreamingSessionBackups.html" - }, - "ListStreamingSessions": { - "privilege": "ListStreamingSessions", - "description": "Grants permission to list streaming sessions", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:createdBy", - "nimble:ownedBy", - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStreamingSessions.html" - }, - "ListStudioComponents": { - "privilege": "ListStudioComponents", - "description": "Grants permission to list studio components", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStudioComponents.html" - }, - "ListStudioMembers": { - "privilege": "ListStudioMembers", - "description": "Grants permission to list studio members", - "access_level": "Read", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStudioMembers.html" - }, - "ListStudios": { - "privilege": "ListStudios", - "description": "Grants permission to list all studios", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStudios.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags on a Nimble Studio resource", - "access_level": "Read", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-image": { - "resource_type": "streaming-image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-session": { - "resource_type": "streaming-session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-session-backup": { - "resource_type": "streaming-session-backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio": { - "resource_type": "studio", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio-component": { - "resource_type": "studio-component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListTagsForResource.html" - }, - "PutLaunchProfileMembers": { - "privilege": "PutLaunchProfileMembers", - "description": "Grants permission to add/update launch profile members", - "access_level": "Write", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso-directory:DescribeUsers" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_PutLaunchProfileMembers.html" - }, - "PutStudioLogEvents": { - "privilege": "PutStudioLogEvents", - "description": "Grants permission to report metrics and logs for the Nimble Studio portal to monitor application health", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/userguide/security-iam-service-with-iam.html" - }, - "PutStudioMembers": { - "privilege": "PutStudioMembers", - "description": "Grants permission to add/update studio members", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso-directory:DescribeUsers" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_PutStudioMembers.html" - }, - "StartStreamingSession": { - "privilege": "StartStreamingSession", - "description": "Grants permission to start a streaming session", - "access_level": "Write", - "resource_types": { - "streaming-session": { - "resource_type": "streaming-session", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "nimble:GetLaunchProfile", - "nimble:GetLaunchProfileMember" - ] - }, - "streaming-session-backup": { - "resource_type": "streaming-session-backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_StartStreamingSession.html" - }, - "StartStudioSSOConfigurationRepair": { - "privilege": "StartStudioSSOConfigurationRepair", - "description": "Grants permission to repair the studio's AWS IAM Identity Center configuration", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso:CreateManagedApplicationInstance", - "sso:GetManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_StartStudioSSOConfigurationRepair.html" - }, - "StopStreamingSession": { - "privilege": "StopStreamingSession", - "description": "Grants permission to stop a streaming session", - "access_level": "Write", - "resource_types": { - "streaming-session": { - "resource_type": "streaming-session", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "nimble:GetLaunchProfile" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "nimble:requesterPrincipalId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_StopStreamingSession.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or overwrite one or more tags for the specified Nimble Studio resource", - "access_level": "Tagging", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-image": { - "resource_type": "streaming-image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-session": { - "resource_type": "streaming-session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-session-backup": { - "resource_type": "streaming-session-backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio": { - "resource_type": "studio", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio-component": { - "resource_type": "studio-component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to disassociate one or more tags from the specified Nimble Studio resource", - "access_level": "Tagging", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-image": { - "resource_type": "streaming-image", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-session": { - "resource_type": "streaming-session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streaming-session-backup": { - "resource_type": "streaming-session-backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio": { - "resource_type": "studio", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "studio-component": { - "resource_type": "studio-component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UntagResource.html" - }, - "UpdateLaunchProfile": { - "privilege": "UpdateLaunchProfile", - "description": "Grants permission to update a launch profile", - "access_level": "Write", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeNatGateways", - "ec2:DescribeNetworkAcls", - "ec2:DescribeRouteTables", - "ec2:DescribeSubnets", - "ec2:DescribeVpcEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateLaunchProfile.html" - }, - "UpdateLaunchProfileMember": { - "privilege": "UpdateLaunchProfileMember", - "description": "Grants permission to update a launch profile member", - "access_level": "Write", - "resource_types": { - "launch-profile": { - "resource_type": "launch-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateLaunchProfileMember.html" - }, - "UpdateStreamingImage": { - "privilege": "UpdateStreamingImage", - "description": "Grants permission to update a streaming image", - "access_level": "Write", - "resource_types": { - "streaming-image": { - "resource_type": "streaming-image", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateStreamingImage.html" - }, - "UpdateStudio": { - "privilege": "UpdateStudio", - "description": "Grants permission to update a studio", - "access_level": "Write", - "resource_types": { - "studio": { - "resource_type": "studio", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateStudio.html" - }, - "UpdateStudioComponent": { - "privilege": "UpdateStudioComponent", - "description": "Grants permission to update a studio component", - "access_level": "Write", - "resource_types": { - "studio-component": { - "resource_type": "studio-component", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:AuthorizeApplication", - "ds:DescribeDirectories", - "ec2:DescribeSecurityGroups", - "fsx:DescribeFileSystems", - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateStudioComponent.html" - } - }, - "resources": { - "studio": { - "resource": "studio", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:studio/${StudioId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "nimble:studioId" - ] - }, - "streaming-image": { - "resource": "streaming-image", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:streaming-image/${StreamingImageId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "nimble:studioId" - ] - }, - "studio-component": { - "resource": "studio-component", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:studio-component/${StudioComponentId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "nimble:studioId" - ] - }, - "launch-profile": { - "resource": "launch-profile", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:launch-profile/${LaunchProfileId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "nimble:studioId" - ] - }, - "streaming-session": { - "resource": "streaming-session", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:streaming-session/${StreamingSessionId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "nimble:createdBy", - "nimble:ownedBy" - ] - }, - "streaming-session-backup": { - "resource": "streaming-session-backup", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:streaming-session-backup/${StreamingSessionBackupId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "nimble:ownedBy" - ] - }, - "eula": { - "resource": "eula", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:eula/${EulaId}", - "condition_keys": [] - }, - "eula-acceptance": { - "resource": "eula-acceptance", - "arn": "arn:${Partition}:nimble:${Region}:${Account}:eula-acceptance/${EulaAcceptanceId}", - "condition_keys": [ - "nimble:studioId" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - }, - "nimble:createdBy": { - "condition": "nimble:createdBy", - "description": "Filters access by the createdBy request parameter or the ID of the creator of the resource", - "type": "String" - }, - "nimble:ownedBy": { - "condition": "nimble:ownedBy", - "description": "Filters access by the ownedBy request parameter or the ID of the owner of the resource", - "type": "String" - }, - "nimble:principalId": { - "condition": "nimble:principalId", - "description": "Filters access by the principalId request parameter", - "type": "String" - }, - "nimble:requesterPrincipalId": { - "condition": "nimble:requesterPrincipalId", - "description": "Filters access by the ID of the logged in user", - "type": "String" - }, - "nimble:studioId": { - "condition": "nimble:studioId", - "description": "Filters access by a specific studio", - "type": "ARN" - } - } - }, - "omics": { - "service_name": "Amazon Omics", - "prefix": "omics", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonomics.html", - "privileges": { - "AbortMultipartReadSetUpload": { - "privilege": "AbortMultipartReadSetUpload", - "description": "Grants permission to abort multipart read set uploads", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_AbortMultipartReadSetUpload.html" - }, - "BatchDeleteReadSet": { - "privilege": "BatchDeleteReadSet", - "description": "Grants permission to batch delete Read Sets in the given Sequence Store", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_BatchDeleteReadSet.html" - }, - "CancelAnnotationImportJob": { - "privilege": "CancelAnnotationImportJob", - "description": "Grants permission to cancel an Annotation Import Job", - "access_level": "Write", - "resource_types": { - "AnnotationImportJob": { - "resource_type": "AnnotationImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CancelAnnotationImportJob.html" - }, - "CancelRun": { - "privilege": "CancelRun", - "description": "Grants permission to cancel a workflow run and stop all workflow tasks", - "access_level": "Write", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CancelRun.html" - }, - "CancelVariantImportJob": { - "privilege": "CancelVariantImportJob", - "description": "Grants permission to cancel a Variant Import Job", - "access_level": "Write", - "resource_types": { - "VariantImportJob": { - "resource_type": "VariantImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CancelVariantImportJob.html" - }, - "CompleteMultipartReadSetUpload": { - "privilege": "CompleteMultipartReadSetUpload", - "description": "Grants permission to complete a multipart read set upload", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CompleteMultipartReadSetUpload.html" - }, - "CreateAnnotationStore": { - "privilege": "CreateAnnotationStore", - "description": "Grants permission to create an Annotation Store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateAnnotationStore.html" - }, - "CreateMultipartReadSetUpload": { - "privilege": "CreateMultipartReadSetUpload", - "description": "Grants permission to create a multipart read set upload", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateMultipartReadSetUpload.html" - }, - "CreateReferenceStore": { - "privilege": "CreateReferenceStore", - "description": "Grants permission to create a Reference Store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateReferenceStore.html" - }, - "CreateRunGroup": { - "privilege": "CreateRunGroup", - "description": "Grants permission to create a new workflow run group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateRunGroup.html" - }, - "CreateSequenceStore": { - "privilege": "CreateSequenceStore", - "description": "Grants permission to create a Sequence Store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateSequenceStore.html" - }, - "CreateVariantStore": { - "privilege": "CreateVariantStore", - "description": "Grants permission to create a Variant Store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateVariantStore.html" - }, - "CreateWorkflow": { - "privilege": "CreateWorkflow", - "description": "Grants permission to create a new workflow with a workflow definition and template of workflow parameters", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateWorkflow.html" - }, - "DeleteAnnotationStore": { - "privilege": "DeleteAnnotationStore", - "description": "Grants permission to delete an Annotation Store", - "access_level": "Write", - "resource_types": { - "AnnotationStore": { - "resource_type": "AnnotationStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteAnnotationStore.html" - }, - "DeleteReference": { - "privilege": "DeleteReference", - "description": "Grants permission to delete a Reference in the given Reference Store", - "access_level": "Write", - "resource_types": { - "reference": { - "resource_type": "reference", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteReference.html" - }, - "DeleteReferenceStore": { - "privilege": "DeleteReferenceStore", - "description": "Grants permission to delete a Reference Store", - "access_level": "Write", - "resource_types": { - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteReferenceStore.html" - }, - "DeleteRun": { - "privilege": "DeleteRun", - "description": "Grants permission to delete a workflow run", - "access_level": "Write", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteRun.html" - }, - "DeleteRunGroup": { - "privilege": "DeleteRunGroup", - "description": "Grants permission to delete a workflow run group", - "access_level": "Write", - "resource_types": { - "runGroup": { - "resource_type": "runGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteRunGroup.html" - }, - "DeleteSequenceStore": { - "privilege": "DeleteSequenceStore", - "description": "Grants permission to delete a Sequence Store", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteSequenceStore.html" - }, - "DeleteVariantStore": { - "privilege": "DeleteVariantStore", - "description": "Grants permission to delete a Variant Store", - "access_level": "Write", - "resource_types": { - "VariantStore": { - "resource_type": "VariantStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteVariantStore.html" - }, - "DeleteWorkflow": { - "privilege": "DeleteWorkflow", - "description": "Grants permission to delete a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteWorkflow.html" - }, - "GetAnnotationImportJob": { - "privilege": "GetAnnotationImportJob", - "description": "Grants permission to get the status of an Annotation Import Job", - "access_level": "Read", - "resource_types": { - "AnnotationImportJob": { - "resource_type": "AnnotationImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetAnnotationImportJob.html" - }, - "GetAnnotationStore": { - "privilege": "GetAnnotationStore", - "description": "Grants permission to get detailed information about an Annotation Store", - "access_level": "Read", - "resource_types": { - "AnnotationStore": { - "resource_type": "AnnotationStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetAnnotationStore.html" - }, - "GetReadSet": { - "privilege": "GetReadSet", - "description": "Grants permission to get a Read Set in the given Sequence Store", - "access_level": "Read", - "resource_types": { - "readSet": { - "resource_type": "readSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSet.html" - }, - "GetReadSetActivationJob": { - "privilege": "GetReadSetActivationJob", - "description": "Grants permission to get details about a Read Set activation job for the given Sequence Store", - "access_level": "Read", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetActivationJob.html" - }, - "GetReadSetExportJob": { - "privilege": "GetReadSetExportJob", - "description": "Grants permission to get details about a Read Set export job for the given Sequence Store", - "access_level": "Read", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetExportJob.html" - }, - "GetReadSetImportJob": { - "privilege": "GetReadSetImportJob", - "description": "Grants permission to get details about a Read Set import job for the given Sequence Store", - "access_level": "Read", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetImportJob.html" - }, - "GetReadSetMetadata": { - "privilege": "GetReadSetMetadata", - "description": "Grants permission to get details about a Read Set in the given Sequence Store", - "access_level": "Read", - "resource_types": { - "readSet": { - "resource_type": "readSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetMetadata.html" - }, - "GetReference": { - "privilege": "GetReference", - "description": "Grants permission to get a Reference in the given Reference Store", - "access_level": "Read", - "resource_types": { - "reference": { - "resource_type": "reference", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReference.html" - }, - "GetReferenceImportJob": { - "privilege": "GetReferenceImportJob", - "description": "Grants permission to get details about a Reference import job for the given Reference Store", - "access_level": "Read", - "resource_types": { - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceImportJob.html" - }, - "GetReferenceMetadata": { - "privilege": "GetReferenceMetadata", - "description": "Grants permission to get details about a Reference in the given Reference Store", - "access_level": "Read", - "resource_types": { - "reference": { - "resource_type": "reference", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceMetadata.html" - }, - "GetReferenceStore": { - "privilege": "GetReferenceStore", - "description": "Grants permission to get details about a Reference Store", - "access_level": "Read", - "resource_types": { - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceStore.html" - }, - "GetRun": { - "privilege": "GetRun", - "description": "Grants permission to retrieve workflow run details", - "access_level": "Read", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetRun.html" - }, - "GetRunGroup": { - "privilege": "GetRunGroup", - "description": "Grants permission to retrieve workflow run group details", - "access_level": "Read", - "resource_types": { - "runGroup": { - "resource_type": "runGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetRunGroup.html" - }, - "GetRunTask": { - "privilege": "GetRunTask", - "description": "Grants permission to retrieve workflow task details", - "access_level": "Read", - "resource_types": { - "TaskResource": { - "resource_type": "TaskResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetRunTask.html" - }, - "GetSequenceStore": { - "privilege": "GetSequenceStore", - "description": "Grants permission to get details about a Sequence Store", - "access_level": "Read", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetSequenceStore.html" - }, - "GetVariantImportJob": { - "privilege": "GetVariantImportJob", - "description": "Grants permission to get the status of a Variant Import Job", - "access_level": "Read", - "resource_types": { - "VariantImportJob": { - "resource_type": "VariantImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetVariantImportJob.html" - }, - "GetVariantStore": { - "privilege": "GetVariantStore", - "description": "Grants permission to get detailed information about a Variant Store", - "access_level": "Read", - "resource_types": { - "VariantStore": { - "resource_type": "VariantStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetVariantStore.html" - }, - "GetWorkflow": { - "privilege": "GetWorkflow", - "description": "Grants permission to retrieve workflow details", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetWorkflow.html" - }, - "ListAnnotationImportJobs": { - "privilege": "ListAnnotationImportJobs", - "description": "Grants permission to get a list of Annotation Import Jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListAnnotationImportJobs.html" - }, - "ListAnnotationStores": { - "privilege": "ListAnnotationStores", - "description": "Grants permission to retrieve a list of information about Annotation Stores", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListAnnotationStores.html" - }, - "ListMultipartReadSetUploads": { - "privilege": "ListMultipartReadSetUploads", - "description": "Grants permission to list multipart read set uploads", - "access_level": "List", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListMultipartReadSetUploads.html" - }, - "ListReadSetActivationJobs": { - "privilege": "ListReadSetActivationJobs", - "description": "Grants permission to list Read Set activation jobs for the given Sequence Store", - "access_level": "List", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetActivationJobs.html" - }, - "ListReadSetExportJobs": { - "privilege": "ListReadSetExportJobs", - "description": "Grants permission to list Read Set export jobs for the given Sequence Store", - "access_level": "List", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetExportJobs.html" - }, - "ListReadSetImportJobs": { - "privilege": "ListReadSetImportJobs", - "description": "Grants permission to list Read Set import jobs for the given Sequence Store", - "access_level": "List", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetImportJobs.html" - }, - "ListReadSetUploadParts": { - "privilege": "ListReadSetUploadParts", - "description": "Grants permission to list read set upload parts", - "access_level": "List", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetUploadParts.html" - }, - "ListReadSets": { - "privilege": "ListReadSets", - "description": "Grants permission to list Read Sets in the given Sequence Store", - "access_level": "List", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSets.html" - }, - "ListReferenceImportJobs": { - "privilege": "ListReferenceImportJobs", - "description": "Grants permission to list Reference import jobs for the given Reference Store", - "access_level": "List", - "resource_types": { - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferenceImportJobs.html" - }, - "ListReferenceStores": { - "privilege": "ListReferenceStores", - "description": "Grants permission to list Reference Stores", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferenceStores.html" - }, - "ListReferences": { - "privilege": "ListReferences", - "description": "Grants permission to list References in the given Reference Store", - "access_level": "List", - "resource_types": { - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferences.html" - }, - "ListRunGroups": { - "privilege": "ListRunGroups", - "description": "Grants permission to retrieve a list of workflow run groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListRunGroups.html" - }, - "ListRunTasks": { - "privilege": "ListRunTasks", - "description": "Grants permission to retrieve a list of tasks for a workflow run", - "access_level": "List", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListRunTasks.html" - }, - "ListRuns": { - "privilege": "ListRuns", - "description": "Grants permission to retrieve a list of workflow runs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListRuns.html" - }, - "ListSequenceStores": { - "privilege": "ListSequenceStores", - "description": "Grants permission to list Sequence Stores", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListSequenceStores.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of resource AWS tags", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListTagsForResource.html" - }, - "ListVariantImportJobs": { - "privilege": "ListVariantImportJobs", - "description": "Grants permission to get a list of Variant Import Jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListVariantImportJobs.html" - }, - "ListVariantStores": { - "privilege": "ListVariantStores", - "description": "Grants permission to retrieve a list of metadata for Variant Stores", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListVariantStores.html" - }, - "ListWorkflows": { - "privilege": "ListWorkflows", - "description": "Grants permission to retrieve a list of available workflows", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListWorkflows.html" - }, - "StartAnnotationImportJob": { - "privilege": "StartAnnotationImportJob", - "description": "Grants permission to import a list of Annotation files to an Annotation Store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartAnnotationImportJob.html" - }, - "StartReadSetActivationJob": { - "privilege": "StartReadSetActivationJob", - "description": "Grants permission to start a Read Set activation job from the given Sequence Store", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetActivationJob.html" - }, - "StartReadSetExportJob": { - "privilege": "StartReadSetExportJob", - "description": "Grants permission to start a Read Set export job from the given Sequence Store", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetExportJob.html" - }, - "StartReadSetImportJob": { - "privilege": "StartReadSetImportJob", - "description": "Grants permission to start a Read Set import job into the given Sequence Store", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetImportJob.html" - }, - "StartReferenceImportJob": { - "privilege": "StartReferenceImportJob", - "description": "Grants permission to start a Reference import job into the given Reference Store", - "access_level": "Write", - "resource_types": { - "referenceStore": { - "resource_type": "referenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReferenceImportJob.html" - }, - "StartRun": { - "privilege": "StartRun", - "description": "Grants permission to start a workflow run", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartRun.html" - }, - "StartVariantImportJob": { - "privilege": "StartVariantImportJob", - "description": "Grants permission to import a list of variant files to an Variant Store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartVariantImportJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add AWS tags to a resource", - "access_level": "Tagging", - "resource_types": { - "readSet": { - "resource_type": "readSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reference": { - "resource_type": "reference", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "referenceStore": { - "resource_type": "referenceStore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "run": { - "resource_type": "run", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "runGroup": { - "resource_type": "runGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sequenceStore": { - "resource_type": "sequenceStore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove resource AWS tags", - "access_level": "Tagging", - "resource_types": { - "readSet": { - "resource_type": "readSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reference": { - "resource_type": "reference", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "referenceStore": { - "resource_type": "referenceStore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "run": { - "resource_type": "run", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "runGroup": { - "resource_type": "runGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sequenceStore": { - "resource_type": "sequenceStore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UntagResource.html" - }, - "UpdateAnnotationStore": { - "privilege": "UpdateAnnotationStore", - "description": "Grants permission to update information about the Annotation Store", - "access_level": "Write", - "resource_types": { - "AnnotationStore": { - "resource_type": "AnnotationStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateAnnotationStore.html" - }, - "UpdateRunGroup": { - "privilege": "UpdateRunGroup", - "description": "Grants permission to update a workflow run group", - "access_level": "Write", - "resource_types": { - "runGroup": { - "resource_type": "runGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateRunGroup.html" - }, - "UpdateVariantStore": { - "privilege": "UpdateVariantStore", - "description": "Grants permission to update metadata about the Variant Store", - "access_level": "Write", - "resource_types": { - "VariantStore": { - "resource_type": "VariantStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateVariantStore.html" - }, - "UpdateWorkflow": { - "privilege": "UpdateWorkflow", - "description": "Grants permission to update workflow details", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateWorkflow.html" - }, - "UploadReadSetPart": { - "privilege": "UploadReadSetPart", - "description": "Grants permission to upload read set parts", - "access_level": "Write", - "resource_types": { - "sequenceStore": { - "resource_type": "sequenceStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UploadReadSetPart.html" - } - }, - "resources": { - "AnnotationImportJob": { - "resource": "AnnotationImportJob", - "arn": "arn:${Partition}:omics:${Region}:${Account}:annotationImportJob/${AnnotationImportJobId}", - "condition_keys": [ - "omics:AnnotationImportJobJobId" - ] - }, - "AnnotationStore": { - "resource": "AnnotationStore", - "arn": "arn:${Partition}:omics:${Region}:${Account}:annotationStore/${AnnotationStoreId}", - "condition_keys": [ - "omics:AnnotationStoreName" - ] - }, - "readSet": { - "resource": "readSet", - "arn": "arn:${Partition}:omics:${Region}:${Account}:sequenceStore/${SequenceStoreId}/readSet/${ReadSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "reference": { - "resource": "reference", - "arn": "arn:${Partition}:omics:${Region}:${Account}:referenceStore/${ReferenceStoreId}/reference/${ReferenceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "referenceStore": { - "resource": "referenceStore", - "arn": "arn:${Partition}:omics:${Region}:${Account}:referenceStore/${ReferenceStoreId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "run": { - "resource": "run", - "arn": "arn:${Partition}:omics:${Region}:${Account}:run/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "runGroup": { - "resource": "runGroup", - "arn": "arn:${Partition}:omics:${Region}:${Account}:runGroup/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "sequenceStore": { - "resource": "sequenceStore", - "arn": "arn:${Partition}:omics:${Region}:${Account}:sequenceStore/${SequenceStoreId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "TaggingResource": { - "resource": "TaggingResource", - "arn": "arn:${Partition}:omics:${Region}:${Account}:tag/${TagKey}", - "condition_keys": [] - }, - "TaskResource": { - "resource": "TaskResource", - "arn": "arn:${Partition}:omics:${Region}:${Account}:task/${Id}", - "condition_keys": [] - }, - "VariantImportJob": { - "resource": "VariantImportJob", - "arn": "arn:${Partition}:omics:${Region}:${Account}:variantImportJob/${VariantImportJobId}", - "condition_keys": [ - "omics:VariantImportJobJobId" - ] - }, - "VariantStore": { - "resource": "VariantStore", - "arn": "arn:${Partition}:omics:${Region}:${Account}:variantStore/${VariantStoreId}", - "condition_keys": [ - "omics:VariantStoreName" - ] - }, - "workflow": { - "resource": "workflow", - "arn": "arn:${Partition}:omics:${Region}:${Account}:workflow/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "omics:AnnotationImportJobJobId": { - "condition": "omics:AnnotationImportJobJobId", - "description": "Filters access by a unique resource identifier", - "type": "String" - }, - "omics:AnnotationStoreName": { - "condition": "omics:AnnotationStoreName", - "description": "Filters access by the name of the store", - "type": "String" - }, - "omics:VariantImportJobJobId": { - "condition": "omics:VariantImportJobJobId", - "description": "Filters access by a unique resource identifier", - "type": "String" - }, - "omics:VariantStoreName": { - "condition": "omics:VariantStoreName", - "description": "Filters access by the name of the store", - "type": "String" - } - } - }, - "osis": { - "service_name": "Amazon OpenSearch Ingestion", - "prefix": "osis", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonopensearchingestion.html", - "privileges": { - "CreatePipeline": { - "privilege": "CreatePipeline", - "description": "Grants permission to create an OpenSearch Ingestion pipeline", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreatePipeline.html" - }, - "DeletePipeline": { - "privilege": "DeletePipeline", - "description": "Grants permission to delete an OpenSearch Ingestion pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DeletePipeline.html" - }, - "GetPipeline": { - "privilege": "GetPipeline", - "description": "Grants permission to retrieve configuration information for an OpenSearch Ingestion pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_GetPipeline.html" - }, - "GetPipelineBlueprint": { - "privilege": "GetPipelineBlueprint", - "description": "Grants permission to get the contents of an OpenSearch Ingestion pipeline blueprint", - "access_level": "Read", - "resource_types": { - "pipeline-blueprint": { - "resource_type": "pipeline-blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_GetPipelineBlueprint.html" - }, - "GetPipelineChangeProgress": { - "privilege": "GetPipelineChangeProgress", - "description": "Grants permission to get granular information about the status of an OpenSearch Ingestion pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_GetPipelineChangeProgress.html" - }, - "Ingest": { - "privilege": "Ingest", - "description": "Grants permission to ingest data through an OpenSearch Ingestion pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configure-client.html" - }, - "ListPipelineBlueprints": { - "privilege": "ListPipelineBlueprints", - "description": "Grants permission to list the names of available blueprints for an OpenSearch Ingestion pipeline configuration", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListPipelineBlueprints.html" - }, - "ListPipelines": { - "privilege": "ListPipelines", - "description": "Grants permission to list basic configuration for each OpenSearch Ingestion pipeline in the current account and Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListPipelines.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all resource tags associated with an OpenSearch Ingestion pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListTagsForResource.html" - }, - "StartPipeline": { - "privilege": "StartPipeline", - "description": "Grants permission to start an OpenSearch Ingestion pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_StartPipeline.html" - }, - "StopPipeline": { - "privilege": "StopPipeline", - "description": "Grants permission to stop an OpenSearch Ingestion pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_StopPipeline.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to attach resource tags to an OpenSearch Ingestion pipeline", - "access_level": "Tagging", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove resource tags from an OpenSearch Ingestion Service pipeline", - "access_level": "Tagging", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UntagResource.html" - }, - "UpdatePipeline": { - "privilege": "UpdatePipeline", - "description": "Grants permission to modify the configuration of an OpenSearch Ingestion pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UpdatePipeline.html" - }, - "ValidatePipeline": { - "privilege": "ValidatePipeline", - "description": "Grants permission to validate the configuration of an OpenSearch Ingestion pipeline", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ValidatePipeline.html" - } - }, - "resources": { - "pipeline": { - "resource": "pipeline", - "arn": "arn:${Partition}:osis:${Region}:${Account}:pipeline/${PipelineName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "pipeline-blueprint": { - "resource": "pipeline-blueprint", - "arn": "arn:${Partition}:osis:${Region}:${Account}:blueprint/${BlueprintName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "aoss": { - "service_name": "Amazon OpenSearch Serverless", - "prefix": "aoss", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonopensearchserverless.html", - "privileges": { - "APIAccessAll": { - "privilege": "APIAccessAll", - "description": "Grant permission to all the supported Opensearch APIs", - "access_level": "Write", - "resource_types": { - "Collection": { - "resource_type": "Collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_APIAccessAll.html" - }, - "BatchGetCollection": { - "privilege": "BatchGetCollection", - "description": "Grants permission to get attributes for one or more collections", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_BatchGetCollection.html" - }, - "BatchGetVpcEndpoint": { - "privilege": "BatchGetVpcEndpoint", - "description": "Grants permission to get attributes for one or more VPC endpoints", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_BatchGetVpcEndpoint.html" - }, - "CreateAccessPolicy": { - "privilege": "CreateAccessPolicy", - "description": "Grants permission to create a data access policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateAccessPolicy.html" - }, - "CreateCollection": { - "privilege": "CreateCollection", - "description": "Grants permission to create a serverless collection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateCollection.html" - }, - "CreateSecurityConfig": { - "privilege": "CreateSecurityConfig", - "description": "Grants permission to create a serverless security configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateSecurityConfig.html" - }, - "CreateSecurityPolicy": { - "privilege": "CreateSecurityPolicy", - "description": "Grants permission to create a network or encryption policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateSecurityPolicy.html" - }, - "CreateVpcEndpoint": { - "privilege": "CreateVpcEndpoint", - "description": "Grants permission to create an OpenSearch-Serverless-managed interface VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateVpcEndpoint.html" - }, - "DashboardsAccessAll": { - "privilege": "DashboardsAccessAll", - "description": "Grants permission to Opensearch Serverless Dashboards", - "access_level": "Write", - "resource_types": { - "Dashboards": { - "resource_type": "Dashboards", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DashboardsAccessAll.html" - }, - "DeleteAccessPolicy": { - "privilege": "DeleteAccessPolicy", - "description": "Grants permission to delete a data access policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteAccessPolicy.html" - }, - "DeleteCollection": { - "privilege": "DeleteCollection", - "description": "Grants permission to delete a serverless collection", - "access_level": "Write", - "resource_types": { - "Collection": { - "resource_type": "Collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteCollection.html" - }, - "DeleteSecurityConfig": { - "privilege": "DeleteSecurityConfig", - "description": "Grants permission to delete a security configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteSecurityConfig.html" - }, - "DeleteSecurityPolicy": { - "privilege": "DeleteSecurityPolicy", - "description": "Grants permission to delete a security policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteSecurityPolicy.html" - }, - "DeleteVpcEndpoint": { - "privilege": "DeleteVpcEndpoint", - "description": "Grants permission to delete an OpenSearch Serverless-managed interface VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteVpcEndpoint.html" - }, - "GetAccessPolicy": { - "privilege": "GetAccessPolicy", - "description": "Grants permission to get information about a data access policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetAccessPolicy.html" - }, - "GetAccountSettings": { - "privilege": "GetAccountSettings", - "description": "Grants permission to get account settings, including capacity settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetAccountSettings.html" - }, - "GetPoliciesStats": { - "privilege": "GetPoliciesStats", - "description": "Grants permission to get statistis about the security policies in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetPoliciesStats.html" - }, - "GetSecurityConfig": { - "privilege": "GetSecurityConfig", - "description": "Grants permission to get information about a serverless security configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetSecurityConfig.html" - }, - "GetSecurityPolicy": { - "privilege": "GetSecurityPolicy", - "description": "Grants permission to get information about a security policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetSecurityPolicy.html" - }, - "ListAccessPolicies": { - "privilege": "ListAccessPolicies", - "description": "Grants permission to list data access policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListAccessPolicies.html" - }, - "ListCollections": { - "privilege": "ListCollections", - "description": "Grants permission to list collections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListCollections.html" - }, - "ListSecurityConfigs": { - "privilege": "ListSecurityConfigs", - "description": "Grants permission to list security configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListSecurityConfigs.html" - }, - "ListSecurityPolicies": { - "privilege": "ListSecurityPolicies", - "description": "Grants permission to list security policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListSecurityPolicies.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a collection", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListTagsForResource.html" - }, - "ListVpcEndpoints": { - "privilege": "ListVpcEndpoints", - "description": "Grants permission to list OpenSearch Serverless-managed VPC endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListVpcEndpoints.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a serverless collection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a collection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UntagResource.html" - }, - "UpdateAccessPolicy": { - "privilege": "UpdateAccessPolicy", - "description": "Grants permission to update a data access policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateAccessPolicy.html" - }, - "UpdateAccountSettings": { - "privilege": "UpdateAccountSettings", - "description": "Grants permission to update account settings, including capacity settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateAccountSettings.html" - }, - "UpdateCollection": { - "privilege": "UpdateCollection", - "description": "Grants permission to update a collection", - "access_level": "Write", - "resource_types": { - "Collection": { - "resource_type": "Collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateCollection.html" - }, - "UpdateSecurityConfig": { - "privilege": "UpdateSecurityConfig", - "description": "Grants permission to update a security configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateSecurityConfig.html" - }, - "UpdateSecurityPolicy": { - "privilege": "UpdateSecurityPolicy", - "description": "Grants permission to update a security policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateSecurityPolicy.html" - }, - "UpdateVpcEndpoint": { - "privilege": "UpdateVpcEndpoint", - "description": "Grants permission to update an OpenSearch Serverless-managed VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateVpcEndpoint.html" - } - }, - "resources": { - "Collection": { - "resource": "Collection", - "arn": "arn:${Partition}:aoss:${Region}:${Account}:collection/${CollectionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Dashboards": { - "resource": "Dashboards", - "arn": "arn:${Partition}:aoss:${Region}:${Account}:dashboards/default", - "condition_keys": [] - } - }, - "conditions": { - "aoss:CollectionId": { - "condition": "aoss:CollectionId", - "description": "Filters access by the identifier of the collection", - "type": "String" - }, - "aoss:collection": { - "condition": "aoss:collection", - "description": "Filters access by the collection name", - "type": "String" - }, - "aoss:index": { - "condition": "aoss:index", - "description": "Filters access by the index", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "es": { - "service_name": "Amazon OpenSearch Service", - "prefix": "es", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonopensearchservice.html", - "privileges": { - "AcceptInboundConnection": { - "privilege": "AcceptInboundConnection", - "description": "Grants permission to the destination domain owner to accept an inbound cross-cluster search connection request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-accept-inbound-cross-cluster-search-connection" - }, - "AcceptInboundCrossClusterSearchConnection": { - "privilege": "AcceptInboundCrossClusterSearchConnection", - "description": "Grants permission to the destination domain owner to accept an inbound cross-cluster search connection request. This permission is deprecated. Use AcceptInboundConnection instead", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-accept-inbound-cross-cluster-search-connection" - }, - "AddTags": { - "privilege": "AddTags", - "description": "Grants permission to attach resource tags to an OpenSearch Service domain", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-addtags" - }, - "AssociatePackage": { - "privilege": "AssociatePackage", - "description": "Grants permission to associate a package with an OpenSearch Service domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-associatepackage" - }, - "AuthorizeVpcEndpointAccess": { - "privilege": "AuthorizeVpcEndpointAccess", - "description": "Grants permission to provide access to an Amazon OpenSearch Service domain through the use of an interface VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_AuthorizeVpcEndpointAccess.html" - }, - "CancelElasticsearchServiceSoftwareUpdate": { - "privilege": "CancelElasticsearchServiceSoftwareUpdate", - "description": "Grants permission to cancel a service software update of a domain. This permission is deprecated. Use CancelServiceSoftwareUpdate instead", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-stopupdate" - }, - "CancelServiceSoftwareUpdate": { - "privilege": "CancelServiceSoftwareUpdate", - "description": "Grants permission to cancel a service software update of a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-stopupdate" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Grants permission to create an Amazon OpenSearch Service domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createdomain" - }, - "CreateElasticsearchDomain": { - "privilege": "CreateElasticsearchDomain", - "description": "Grants permission to create an OpenSearch Service domain. This permission is deprecated. Use CreateDomain instead", - "access_level": "Permissions management", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createdomain" - }, - "CreateElasticsearchServiceRole": { - "privilege": "CreateElasticsearchServiceRole", - "description": "Grants permission to create the service-linked role required for OpenSearch Service domains that use VPC access. This permission is deprecated. OpenSearch Service creates the service-linked role for you", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createservicerole" - }, - "CreateOutboundConnection": { - "privilege": "CreateOutboundConnection", - "description": "Grants permission to create a new cross-cluster search connection from a source domain to a destination domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-create-outbound-cross-cluster-search-connection" - }, - "CreateOutboundCrossClusterSearchConnection": { - "privilege": "CreateOutboundCrossClusterSearchConnection", - "description": "Grants permission to create a new cross-cluster search connection from a source domain to a destination domain. This permission is deprecated. Use CreateOutboundConnection instead", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-create-outbound-cross-cluster-search-connection" - }, - "CreatePackage": { - "privilege": "CreatePackage", - "description": "Grants permission to add a package for use with OpenSearch Service domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createpackage" - }, - "CreateServiceRole": { - "privilege": "CreateServiceRole", - "description": "Grants permission to create the service-linked role required for Amazon OpenSearch Service domains that use VPC access", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createservicerole" - }, - "CreateVpcEndpoint": { - "privilege": "CreateVpcEndpoint", - "description": "Grants permission to create an Amazon OpenSearch Service-managed VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateVpcEndpoint.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete an Amazon OpenSearch Service domain and all of its data", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deletedomain" - }, - "DeleteElasticsearchDomain": { - "privilege": "DeleteElasticsearchDomain", - "description": "Grants permission to delete an OpenSearch Service domain and all of its data. This permission is deprecated. Use DeleteDomain instead", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deletedomain" - }, - "DeleteElasticsearchServiceRole": { - "privilege": "DeleteElasticsearchServiceRole", - "description": "Grants permission to delete the service-linked role required for OpenSearch Service domains that use VPC access. This permission is deprecated. Use the IAM API to delete service-linked roles", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deleteservicerole" - }, - "DeleteInboundConnection": { - "privilege": "DeleteInboundConnection", - "description": "Grants permission to the destination domain owner to delete an existing inbound cross-cluster search connection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-inbound-cross-cluster-search-connection" - }, - "DeleteInboundCrossClusterSearchConnection": { - "privilege": "DeleteInboundCrossClusterSearchConnection", - "description": "Grants permission to the destination domain owner to delete an existing inbound cross-cluster search connection. This permission is deprecated. Use DeleteInboundConnection instead", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-inbound-cross-cluster-search-connection" - }, - "DeleteOutboundConnection": { - "privilege": "DeleteOutboundConnection", - "description": "Grants permission to the source domain owner to delete an existing outbound cross-cluster search connection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-outbound-cross-cluster-search-connection" - }, - "DeleteOutboundCrossClusterSearchConnection": { - "privilege": "DeleteOutboundCrossClusterSearchConnection", - "description": "Grants permission to the source domain owner to delete an existing outbound cross-cluster search connection. This permission is deprecated. Use DeleteOutboundConnection instead", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-outbound-cross-cluster-search-connection" - }, - "DeletePackage": { - "privilege": "DeletePackage", - "description": "Grants permission to delete a package from OpenSearch Service. The package cannot be associated with any domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deletepackage" - }, - "DeleteVpcEndpoint": { - "privilege": "DeleteVpcEndpoint", - "description": "Grants permission to delete an Amazon OpenSearch Service-managed interface VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DeleteVpcEndpoint.html" - }, - "DescribeDomain": { - "privilege": "DescribeDomain", - "description": "Grants permission to view a description of the domain configuration for the specified OpenSearch Service domain, including the domain ID, service endpoint, and ARN", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomain" - }, - "DescribeDomainAutoTunes": { - "privilege": "DescribeDomainAutoTunes", - "description": "Grants permission to view the Auto-Tune configuration of the domain for the specified OpenSearch Service domain, including the Auto-Tune state and maintenance schedules", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describeautotune" - }, - "DescribeDomainChangeProgress": { - "privilege": "DescribeDomainChangeProgress", - "description": "Grants permission to view detail stage progress of an OpenSearch Service domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomainchangeprogress" - }, - "DescribeDomainConfig": { - "privilege": "DescribeDomainConfig", - "description": "Grants permission to view a description of the configuration options and status of an OpenSearch Service domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomainconfig" - }, - "DescribeDomainHealth": { - "privilege": "DescribeDomainHealth", - "description": "Grants permission to view information about domain and node health, the standby Availability Zone, number of nodes per Availability Zone, and shard count per node", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeDomainHealth.html" - }, - "DescribeDomainNodes": { - "privilege": "DescribeDomainNodes", - "description": "Grants permission to view information about nodes configured for the domain and their configurations- the node id, type of node, status of node, Availability Zone, instance type and storage", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeDomainNodes.html" - }, - "DescribeDomains": { - "privilege": "DescribeDomains", - "description": "Grants permission to view a description of the domain configuration for up to five specified OpenSearch Service domains", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomains" - }, - "DescribeDryRunProgress": { - "privilege": "DescribeDryRunProgress", - "description": "Grants permission to describe the status of a pre-update validation check on an OpenSearch Service domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeDryRunProgress.html" - }, - "DescribeElasticsearchDomain": { - "privilege": "DescribeElasticsearchDomain", - "description": "Grants permission to view a description of the domain configuration for the specified OpenSearch Service domain, including the domain ID, service endpoint, and ARN. This permission is deprecated. Use DescribeDomain instead", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomain" - }, - "DescribeElasticsearchDomainConfig": { - "privilege": "DescribeElasticsearchDomainConfig", - "description": "Grants permission to view a description of the configuration and status of an OpenSearch Service domain. This permission is deprecated. Use DescribeDomainConfig instead", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomainconfig" - }, - "DescribeElasticsearchDomains": { - "privilege": "DescribeElasticsearchDomains", - "description": "Grants permission to view a description of the domain configuration for up to five specified Amazon OpenSearch domains. This permission is deprecated. Use DescribeDomains instead", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomains" - }, - "DescribeElasticsearchInstanceTypeLimits": { - "privilege": "DescribeElasticsearchInstanceTypeLimits", - "description": "Grants permission to view the instance count, storage, and master node limits for a given OpenSearch version and instance type. This permission is deprecated. Use DescribeInstanceTypeLimits instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describeinstancetypelimits" - }, - "DescribeInboundConnections": { - "privilege": "DescribeInboundConnections", - "description": "Grants permission to list all the inbound cross-cluster search connections for a destination domain", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-inbound-cross-cluster-search-connections" - }, - "DescribeInboundCrossClusterSearchConnections": { - "privilege": "DescribeInboundCrossClusterSearchConnections", - "description": "Grants permission to list all the inbound cross-cluster search connections for a destination domain. This permission is deprecated. Use DescribeInboundConnections instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-inbound-cross-cluster-search-connections" - }, - "DescribeInstanceTypeLimits": { - "privilege": "DescribeInstanceTypeLimits", - "description": "Grants permission to view the instance count, storage, and master node limits for a given engine version and instance type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describeinstancetypelimits" - }, - "DescribeOutboundConnections": { - "privilege": "DescribeOutboundConnections", - "description": "Grants permission to list all the outbound cross-cluster search connections for a source domain", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-outbound-cross-cluster-search-connections" - }, - "DescribeOutboundCrossClusterSearchConnections": { - "privilege": "DescribeOutboundCrossClusterSearchConnections", - "description": "Grants permission to list all the outbound cross-cluster search connections for a source domain. This permission is deprecated. Use DescribeOutboundConnections instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-outbound-cross-cluster-search-connections" - }, - "DescribePackages": { - "privilege": "DescribePackages", - "description": "Grants permission to describe all packages available to OpenSearch Service domains", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describepackages" - }, - "DescribeReservedElasticsearchInstanceOfferings": { - "privilege": "DescribeReservedElasticsearchInstanceOfferings", - "description": "Grants permission to fetch Reserved Instance offerings for Amazon OpenSearch Service. This permission is deprecated. Use DescribeReservedInstanceOfferings instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstanceofferings" - }, - "DescribeReservedElasticsearchInstances": { - "privilege": "DescribeReservedElasticsearchInstances", - "description": "Grants permission to fetch OpenSearch Service Reserved Instances that have already been purchased. This permission is deprecated. Use DescribeReservedInstances instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstances" - }, - "DescribeReservedInstanceOfferings": { - "privilege": "DescribeReservedInstanceOfferings", - "description": "Grants permission to fetch Reserved Instance offerings for OpenSearch Service", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstanceofferings" - }, - "DescribeReservedInstances": { - "privilege": "DescribeReservedInstances", - "description": "Grants permission to fetch OpenSearch Service Reserved Instances that have already been purchased", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstances" - }, - "DescribeVpcEndpoints": { - "privilege": "DescribeVpcEndpoints", - "description": "Grants permission to describe one or more Amazon OpenSearch Service-managed VPC endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeVpcEndpoints.html" - }, - "DissociatePackage": { - "privilege": "DissociatePackage", - "description": "Grants permission to disassociate a package from the specified OpenSearch Service domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-dissociatepackage" - }, - "ESCrossClusterGet": { - "privilege": "ESCrossClusterGet", - "description": "Grants permission to send cross-cluster requests to a destination domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" - }, - "ESHttpDelete": { - "privilege": "ESHttpDelete", - "description": "Grants permission to send HTTP DELETE requests to the OpenSearch APIs", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" - }, - "ESHttpGet": { - "privilege": "ESHttpGet", - "description": "Grants permission to send HTTP GET requests to the OpenSearch APIs", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" - }, - "ESHttpHead": { - "privilege": "ESHttpHead", - "description": "Grants permission to send HTTP HEAD requests to the OpenSearch APIs", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" - }, - "ESHttpPatch": { - "privilege": "ESHttpPatch", - "description": "Grants permission to send HTTP PATCH requests to the OpenSearch APIs", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" - }, - "ESHttpPost": { - "privilege": "ESHttpPost", - "description": "Grants permission to send HTTP POST requests to the OpenSearch APIs", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" - }, - "ESHttpPut": { - "privilege": "ESHttpPut", - "description": "Grants permission to send HTTP PUT requests to the OpenSearch APIs", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" - }, - "GetCompatibleElasticsearchVersions": { - "privilege": "GetCompatibleElasticsearchVersions", - "description": "Grants permission to fetch a list of compatible OpenSearch and Elasticsearch versions to which an OpenSearch Service domain can be upgraded. This permission is deprecated. Use GetCompatibleVersions instead", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-compat-vers" - }, - "GetCompatibleVersions": { - "privilege": "GetCompatibleVersions", - "description": "Grants permission to fetch list of compatible engine versions to which an OpenSearch Service domain can be upgraded", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-compat-vers" - }, - "GetPackageVersionHistory": { - "privilege": "GetPackageVersionHistory", - "description": "Grants permission to fetch the version history for a package", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-pac-ver-hist" - }, - "GetUpgradeHistory": { - "privilege": "GetUpgradeHistory", - "description": "Grants permission to fetch the upgrade history of a given OpenSearch Service domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-upgrade-hist" - }, - "GetUpgradeStatus": { - "privilege": "GetUpgradeStatus", - "description": "Grants permission to fetch the upgrade status of a given OpenSearch Service domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-upgrade-stat" - }, - "ListDomainNames": { - "privilege": "ListDomainNames", - "description": "Grants permission to display the names of all OpenSearch Service domains that the current user owns", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listdomainnames" - }, - "ListDomainsForPackage": { - "privilege": "ListDomainsForPackage", - "description": "Grants permission to list all OpenSearch Service domains that a package is associated with", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listdomainsforpackage" - }, - "ListElasticsearchInstanceTypeDetails": { - "privilege": "ListElasticsearchInstanceTypeDetails", - "description": "Grants permission to list all instance types and available features for a given OpenSearch version. This permission is deprecated. Use ListInstanceTypeDetails instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listinstancetypedetails" - }, - "ListElasticsearchInstanceTypes": { - "privilege": "ListElasticsearchInstanceTypes", - "description": "Grants permission to list all EC2 instance types that are supported for a given OpenSearch version", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html" - }, - "ListElasticsearchVersions": { - "privilege": "ListElasticsearchVersions", - "description": "Grants permission to list all supported OpenSearch versions on Amazon OpenSearch Service. This permission is deprecated. Use ListVersions instead", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listversions" - }, - "ListInstanceTypeDetails": { - "privilege": "ListInstanceTypeDetails", - "description": "Grants permission to list all instance types and available features for a given OpenSearch or Elasticsearch version", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listinstancetypedetails" - }, - "ListPackagesForDomain": { - "privilege": "ListPackagesForDomain", - "description": "Grants permission to list all packages associated with the OpenSearch Service domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listpackagesfordomain" - }, - "ListScheduledActions": { - "privilege": "ListScheduledActions", - "description": "Grants permission to retrieve a list of configuration changes that are scheduled for a OpenSearch Service domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListScheduledActions.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to display all resource tags for an OpenSearch Service domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listtags" - }, - "ListVersions": { - "privilege": "ListVersions", - "description": "Grants permission to list all supported OpenSearch and Elasticsearch versions in Amazon OpenSearch Service", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listversions" - }, - "ListVpcEndpointAccess": { - "privilege": "ListVpcEndpointAccess", - "description": "Grants permission to retrieve information about each AWS principal that is allowed to access a given Amazon OpenSearch Service domain through the use of an interface VPC endpoint", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListVpcEndpointAccess.html" - }, - "ListVpcEndpoints": { - "privilege": "ListVpcEndpoints", - "description": "Grants permission to retrieve all Amazon OpenSearch Service-managed VPC endpoints in the current AWS account and Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListVpcEndpoints.html" - }, - "ListVpcEndpointsForDomain": { - "privilege": "ListVpcEndpointsForDomain", - "description": "Grants permission to retrieve all Amazon OpenSearch Service-managed VPC endpoints associated with a particular domain", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListVpcEndpointsForDomain.html" - }, - "PurchaseReservedElasticsearchInstanceOffering": { - "privilege": "PurchaseReservedElasticsearchInstanceOffering", - "description": "Grants permission to purchase OpenSearch Service Reserved Instances. This permission is deprecated. Use PurchaseReservedInstanceOffering instead", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-purchasereservedinstance" - }, - "PurchaseReservedInstanceOffering": { - "privilege": "PurchaseReservedInstanceOffering", - "description": "Grants permission to purchase OpenSearch reserved instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-purchasereservedinstance" - }, - "RejectInboundConnection": { - "privilege": "RejectInboundConnection", - "description": "Grants permission to the destination domain owner to reject an inbound cross-cluster search connection request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-reject-inbound-cross-cluster-search-connection" - }, - "RejectInboundCrossClusterSearchConnection": { - "privilege": "RejectInboundCrossClusterSearchConnection", - "description": "Grants permission to the destination domain owner to reject an inbound cross-cluster search connection request. This permission is deprecated. Use RejectInboundConnection instead", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-reject-inbound-cross-cluster-search-connection" - }, - "RemoveTags": { - "privilege": "RemoveTags", - "description": "Grants permission to remove resource tags from an OpenSearch Service domain", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-removetags" - }, - "RevokeVpcEndpointAccess": { - "privilege": "RevokeVpcEndpointAccess", - "description": "Grants permission to revoke access to an Amazon OpenSearch Service domain that was provided through an interface VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_RevokeVpcEndpointAccess.html" - }, - "StartElasticsearchServiceSoftwareUpdate": { - "privilege": "StartElasticsearchServiceSoftwareUpdate", - "description": "Grants permission to start a service software update of a domain. This permission is deprecated. Use StartServiceSoftwareUpdate instead", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-startupdate" - }, - "StartServiceSoftwareUpdate": { - "privilege": "StartServiceSoftwareUpdate", - "description": "Grants permission to start a service software update of a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-startupdate" - }, - "UpdateDomainConfig": { - "privilege": "UpdateDomainConfig", - "description": "Grants permission to modify the configuration of an OpenSearch Service domain, such as the instance type or number of instances", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-updatedomainconfig" - }, - "UpdateElasticsearchDomainConfig": { - "privilege": "UpdateElasticsearchDomainConfig", - "description": "Grants permission to modify the configuration of an OpenSearch Service domain, such as the instance type or number of instances. This permission is deprecated. Use UpdateDomainConfig instead", - "access_level": "Permissions management", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-updatedomainconfig" - }, - "UpdatePackage": { - "privilege": "UpdatePackage", - "description": "Grants permission to update a package for use with OpenSearch Service domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-updatepackage" - }, - "UpdateScheduledAction": { - "privilege": "UpdateScheduledAction", - "description": "Grants permission to reschedule a planned OpenSearch Service domain configuration change for a later time", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UpdateScheduledAction.html" - }, - "UpdateVpcEndpoint": { - "privilege": "UpdateVpcEndpoint", - "description": "Grants permission to modify an Amazon OpenSearch Service-managed interface VPC endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UpdateVpcEndpoint.html" - }, - "UpgradeDomain": { - "privilege": "UpgradeDomain", - "description": "Grants permission to initiate upgrade of an OpenSearch Service domain to a given version", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-upgrade-domain" - }, - "UpgradeElasticsearchDomain": { - "privilege": "UpgradeElasticsearchDomain", - "description": "Grants permission to initiate upgrade of an OpenSearch Service domain to a specified version. This permission is deprecated. Use UpgradeDomain instead", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-upgrade-domain" - } - }, - "resources": { - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:es:${Region}:${Account}:domain/${DomainName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "es_role": { - "resource": "es_role", - "arn": "arn:${Partition}:iam::${Account}:role/aws-service-role/es.amazonaws.com/AWSServiceRoleForAmazonOpenSearchService", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "opensearchservice_role": { - "resource": "opensearchservice_role", - "arn": "arn:${Partition}:iam::${Account}:role/aws-service-role/opensearchservice.amazonaws.com/AWSServiceRoleForAmazonOpenSearchService", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "String" - } - } - }, - "personalize": { - "service_name": "Amazon Personalize", - "prefix": "personalize", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpersonalize.html", - "privileges": { - "CreateBatchInferenceJob": { - "privilege": "CreateBatchInferenceJob", - "description": "Grants permission to create a batch inference job", - "access_level": "Write", - "resource_types": { - "batchInferenceJob": { - "resource_type": "batchInferenceJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateBatchInferenceJob.html" - }, - "CreateBatchSegmentJob": { - "privilege": "CreateBatchSegmentJob", - "description": "Grants permission to create a batch segment job", - "access_level": "Write", - "resource_types": { - "batchSegmentJob": { - "resource_type": "batchSegmentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateBatchSegmentJob.html" - }, - "CreateCampaign": { - "privilege": "CreateCampaign", - "description": "Grants permission to create a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateCampaign.html" - }, - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Grants permission to create a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDataset.html" - }, - "CreateDatasetExportJob": { - "privilege": "CreateDatasetExportJob", - "description": "Grants permission to create a dataset export job", - "access_level": "Write", - "resource_types": { - "datasetExportJob": { - "resource_type": "datasetExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDatasetExportJob.html" - }, - "CreateDatasetGroup": { - "privilege": "CreateDatasetGroup", - "description": "Grants permission to create a dataset group", - "access_level": "Write", - "resource_types": { - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDatasetGroup.html" - }, - "CreateDatasetImportJob": { - "privilege": "CreateDatasetImportJob", - "description": "Grants permission to create a dataset import job", - "access_level": "Write", - "resource_types": { - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDatasetImportJob.html" - }, - "CreateEventTracker": { - "privilege": "CreateEventTracker", - "description": "Grants permission to create an event tracker", - "access_level": "Write", - "resource_types": { - "eventTracker": { - "resource_type": "eventTracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateEventTracker.html" - }, - "CreateFilter": { - "privilege": "CreateFilter", - "description": "Grants permission to create a filter", - "access_level": "Write", - "resource_types": { - "filter": { - "resource_type": "filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateFilter.html" - }, - "CreateMetricAttribution": { - "privilege": "CreateMetricAttribution", - "description": "Grants permission to create a metric attribution", - "access_level": "Write", - "resource_types": { - "metricAttribution": { - "resource_type": "metricAttribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateMetricAttribution.html" - }, - "CreateRecommender": { - "privilege": "CreateRecommender", - "description": "Grants permission to create a recommender", - "access_level": "Write", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateRecommender.html" - }, - "CreateSchema": { - "privilege": "CreateSchema", - "description": "Grants permission to create a schema", - "access_level": "Write", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateSchema.html" - }, - "CreateSolution": { - "privilege": "CreateSolution", - "description": "Grants permission to create a solution", - "access_level": "Write", - "resource_types": { - "solution": { - "resource_type": "solution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateSolution.html" - }, - "CreateSolutionVersion": { - "privilege": "CreateSolutionVersion", - "description": "Grants permission to create a solution version", - "access_level": "Write", - "resource_types": { - "solution": { - "resource_type": "solution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateSolutionVersion.html" - }, - "DeleteCampaign": { - "privilege": "DeleteCampaign", - "description": "Grants permission to delete a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteCampaign.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Grants permission to delete a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteDataset.html" - }, - "DeleteDatasetGroup": { - "privilege": "DeleteDatasetGroup", - "description": "Grants permission to delete a dataset group", - "access_level": "Write", - "resource_types": { - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteDatasetGroup.html" - }, - "DeleteEventTracker": { - "privilege": "DeleteEventTracker", - "description": "Grants permission to delete an event tracker", - "access_level": "Write", - "resource_types": { - "eventTracker": { - "resource_type": "eventTracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteEventTracker.html" - }, - "DeleteFilter": { - "privilege": "DeleteFilter", - "description": "Grants permission to delete a filter", - "access_level": "Write", - "resource_types": { - "filter": { - "resource_type": "filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteFilter.html" - }, - "DeleteMetricAttribution": { - "privilege": "DeleteMetricAttribution", - "description": "Grants permission to delete a metric attribution", - "access_level": "Write", - "resource_types": { - "metricAttribution": { - "resource_type": "metricAttribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteMetricAttribution.html" - }, - "DeleteRecommender": { - "privilege": "DeleteRecommender", - "description": "Grants permission to delete a recommender", - "access_level": "Write", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteRecommender.html" - }, - "DeleteSchema": { - "privilege": "DeleteSchema", - "description": "Grants permission to delete a schema", - "access_level": "Write", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteSchema.html" - }, - "DeleteSolution": { - "privilege": "DeleteSolution", - "description": "Grants permission to delete a solution including all versions of the solution", - "access_level": "Write", - "resource_types": { - "solution": { - "resource_type": "solution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteSolution.html" - }, - "DescribeAlgorithm": { - "privilege": "DescribeAlgorithm", - "description": "Grants permission to describe an algorithm", - "access_level": "Read", - "resource_types": { - "algorithm": { - "resource_type": "algorithm", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeAlgorithm.html" - }, - "DescribeBatchInferenceJob": { - "privilege": "DescribeBatchInferenceJob", - "description": "Grants permission to describe a batch inference job", - "access_level": "Read", - "resource_types": { - "batchInferenceJob": { - "resource_type": "batchInferenceJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeBatchInferenceJob.html" - }, - "DescribeBatchSegmentJob": { - "privilege": "DescribeBatchSegmentJob", - "description": "Grants permission to describe a batch segment job", - "access_level": "Read", - "resource_types": { - "batchSegmentJob": { - "resource_type": "batchSegmentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeBatchSegmentJob.html" - }, - "DescribeCampaign": { - "privilege": "DescribeCampaign", - "description": "Grants permission to describe a campaign", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeCampaign.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to describe a dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDataset.html" - }, - "DescribeDatasetExportJob": { - "privilege": "DescribeDatasetExportJob", - "description": "Grants permission to describe a dataset export job", - "access_level": "Read", - "resource_types": { - "datasetExportJob": { - "resource_type": "datasetExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDatasetExportJob.html" - }, - "DescribeDatasetGroup": { - "privilege": "DescribeDatasetGroup", - "description": "Grants permission to describe a dataset group", - "access_level": "Read", - "resource_types": { - "datasetGroup": { - "resource_type": "datasetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDatasetGroup.html" - }, - "DescribeDatasetImportJob": { - "privilege": "DescribeDatasetImportJob", - "description": "Grants permission to describe a dataset import job", - "access_level": "Read", - "resource_types": { - "datasetImportJob": { - "resource_type": "datasetImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDatasetImportJob.html" - }, - "DescribeEventTracker": { - "privilege": "DescribeEventTracker", - "description": "Grants permission to describe an event tracker", - "access_level": "Read", - "resource_types": { - "eventTracker": { - "resource_type": "eventTracker", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeEventTracker.html" - }, - "DescribeFeatureTransformation": { - "privilege": "DescribeFeatureTransformation", - "description": "Grants permission to describe a feature transformation", - "access_level": "Read", - "resource_types": { - "featureTransformation": { - "resource_type": "featureTransformation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeFeatureTransformation.html" - }, - "DescribeFilter": { - "privilege": "DescribeFilter", - "description": "Grants permission to describe a filter", - "access_level": "Read", - "resource_types": { - "filter": { - "resource_type": "filter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeFilter.html" - }, - "DescribeMetricAttribution": { - "privilege": "DescribeMetricAttribution", - "description": "Grants permission to describe a metric attribution", - "access_level": "Read", - "resource_types": { - "metricAttribution": { - "resource_type": "metricAttribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeMetricAttribution.html" - }, - "DescribeRecipe": { - "privilege": "DescribeRecipe", - "description": "Grants permission to describe a recipe", - "access_level": "Read", - "resource_types": { - "recipe": { - "resource_type": "recipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeRecipe.html" - }, - "DescribeRecommender": { - "privilege": "DescribeRecommender", - "description": "Grants permission to describe a recommender", - "access_level": "Read", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeRecommender.html" - }, - "DescribeSchema": { - "privilege": "DescribeSchema", - "description": "Grants permission to describe a schema", - "access_level": "Read", - "resource_types": { - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeSchema.html" - }, - "DescribeSolution": { - "privilege": "DescribeSolution", - "description": "Grants permission to describe a solution", - "access_level": "Read", - "resource_types": { - "solution": { - "resource_type": "solution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeSolution.html" - }, - "DescribeSolutionVersion": { - "privilege": "DescribeSolutionVersion", - "description": "Grants permission to describe a version of a solution", - "access_level": "Read", - "resource_types": { - "solution": { - "resource_type": "solution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeSolutionVersion.html" - }, - "GetPersonalizedRanking": { - "privilege": "GetPersonalizedRanking", - "description": "Grants permission to get a re-ranked list of recommendations", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_RS_GetPersonalizedRanking.html" - }, - "GetRecommendations": { - "privilege": "GetRecommendations", - "description": "Grants permission to get a list of recommendations from a campaign", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_RS_GetRecommendations.html" - }, - "GetSolutionMetrics": { - "privilege": "GetSolutionMetrics", - "description": "Grants permission to get metrics for a solution version", - "access_level": "Read", - "resource_types": { - "solution": { - "resource_type": "solution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_GetSolutionMetrics.html" - }, - "ListBatchInferenceJobs": { - "privilege": "ListBatchInferenceJobs", - "description": "Grants permission to list batch inference jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListBatchInferenceJobs.html" - }, - "ListBatchSegmentJobs": { - "privilege": "ListBatchSegmentJobs", - "description": "Grants permission to list batch segment jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListBatchSegmentJobs.html" - }, - "ListCampaigns": { - "privilege": "ListCampaigns", - "description": "Grants permission to list campaigns", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListCampaigns.html" - }, - "ListDatasetExportJobs": { - "privilege": "ListDatasetExportJobs", - "description": "Grants permission to list dataset export jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasetExportJobs.html" - }, - "ListDatasetGroups": { - "privilege": "ListDatasetGroups", - "description": "Grants permission to list dataset groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasetGroups.html" - }, - "ListDatasetImportJobs": { - "privilege": "ListDatasetImportJobs", - "description": "Grants permission to list dataset import jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasetImportJobs.html" - }, - "ListDatasets": { - "privilege": "ListDatasets", - "description": "Grants permission to list datasets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasets.html" - }, - "ListEventTrackers": { - "privilege": "ListEventTrackers", - "description": "Grants permission to list event trackers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListEventTrackers.html" - }, - "ListFilters": { - "privilege": "ListFilters", - "description": "Grants permission to list filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListFilters.html" - }, - "ListMetricAttributionMetrics": { - "privilege": "ListMetricAttributionMetrics", - "description": "Grants permission to list metric attribution metrics", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListMetricAttributionMetrics.html" - }, - "ListMetricAttributions": { - "privilege": "ListMetricAttributions", - "description": "Grants permission to list metric attributions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListMetricAttributions.html" - }, - "ListRecipes": { - "privilege": "ListRecipes", - "description": "Grants permission to list recipes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListRecipes.html" - }, - "ListRecommenders": { - "privilege": "ListRecommenders", - "description": "Grants permission to list recommenders", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListRecommenders.html" - }, - "ListSchemas": { - "privilege": "ListSchemas", - "description": "Grants permission to list schemas", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListSchemas.html" - }, - "ListSolutionVersions": { - "privilege": "ListSolutionVersions", - "description": "Grants permission to list versions of a solution", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListSolutionVersions.html" - }, - "ListSolutions": { - "privilege": "ListSolutions", - "description": "Grants permission to list solutions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListSolutions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListTagsForResource.html" - }, - "PutEvents": { - "privilege": "PutEvents", - "description": "Grants permission to put real time event data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UBS_PutEvents.html" - }, - "PutItems": { - "privilege": "PutItems", - "description": "Grants permission to ingest Items data", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UBS_PutItems.html" - }, - "PutUsers": { - "privilege": "PutUsers", - "description": "Grants permission to ingest Users data", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UBS_PutUsers.html" - }, - "StartRecommender": { - "privilege": "StartRecommender", - "description": "Grants permission to start a recommender", - "access_level": "Write", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_StartRecommender.html" - }, - "StopRecommender": { - "privilege": "StopRecommender", - "description": "Grants permission to stop a recommender", - "access_level": "Write", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_StopRecommender.html" - }, - "StopSolutionVersionCreation": { - "privilege": "StopSolutionVersionCreation", - "description": "Grants permission to stop a solution version creation", - "access_level": "Write", - "resource_types": { - "solution": { - "resource_type": "solution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_StopSolutionVersionCreation.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UntagResource.html" - }, - "UpdateCampaign": { - "privilege": "UpdateCampaign", - "description": "Grants permission to update a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateCampaign.html" - }, - "UpdateMetricAttribution": { - "privilege": "UpdateMetricAttribution", - "description": "Grants permission to update a metric attribution", - "access_level": "Write", - "resource_types": { - "metricAttribution": { - "resource_type": "metricAttribution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateMetricAttribution.html" - }, - "UpdateRecommender": { - "privilege": "UpdateRecommender", - "description": "Grants permission to update a recommender", - "access_level": "Write", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateRecommender.html" - } - }, - "resources": { - "schema": { - "resource": "schema", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:schema/${ResourceId}", - "condition_keys": [] - }, - "featureTransformation": { - "resource": "featureTransformation", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:feature-transformation/${ResourceId}", - "condition_keys": [] - }, - "dataset": { - "resource": "dataset", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset/${ResourceId}", - "condition_keys": [] - }, - "datasetGroup": { - "resource": "datasetGroup", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset-group/${ResourceId}", - "condition_keys": [] - }, - "datasetImportJob": { - "resource": "datasetImportJob", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset-import-job/${ResourceId}", - "condition_keys": [] - }, - "datasetExportJob": { - "resource": "datasetExportJob", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset-export-job/${ResourceId}", - "condition_keys": [] - }, - "solution": { - "resource": "solution", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:solution/${ResourceId}", - "condition_keys": [] - }, - "campaign": { - "resource": "campaign", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:campaign/${ResourceId}", - "condition_keys": [] - }, - "eventTracker": { - "resource": "eventTracker", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:event-tracker/${ResourceId}", - "condition_keys": [] - }, - "recipe": { - "resource": "recipe", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:recipe/${ResourceId}", - "condition_keys": [] - }, - "algorithm": { - "resource": "algorithm", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:algorithm/${ResourceId}", - "condition_keys": [] - }, - "batchInferenceJob": { - "resource": "batchInferenceJob", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:batch-inference-job/${ResourceId}", - "condition_keys": [] - }, - "filter": { - "resource": "filter", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:filter/${ResourceId}", - "condition_keys": [] - }, - "recommender": { - "resource": "recommender", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:recommender/${ResourceId}", - "condition_keys": [] - }, - "batchSegmentJob": { - "resource": "batchSegmentJob", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:batch-segment-job/${ResourceId}", - "condition_keys": [] - }, - "metricAttribution": { - "resource": "metricAttribution", - "arn": "arn:${Partition}:personalize:${Region}:${Account}:metric-attribution/${ResourceId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "mobiletargeting": { - "service_name": "Amazon Pinpoint", - "prefix": "mobiletargeting", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpinpoint.html", - "privileges": { - "CreateApp": { - "privilege": "CreateApp", - "description": "Grants permission to create an app", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps.html#CreateApp" - }, - "CreateCampaign": { - "privilege": "CreateCampaign", - "description": "Grants permission to create a campaign for an app", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns.html#CreateCampaign" - }, - "CreateEmailTemplate": { - "privilege": "CreateEmailTemplate", - "description": "Grants permission to create an email template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#CreateEmailTemplate" - }, - "CreateExportJob": { - "privilege": "CreateExportJob", - "description": "Grants permission to create an export job that exports endpoint definitions to Amazon S3", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-export.html#CreateExportJob" - }, - "CreateImportJob": { - "privilege": "CreateImportJob", - "description": "Grants permission to import endpoint definitions from to create a segment", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-import.html#CreateImportJob" - }, - "CreateInAppTemplate": { - "privilege": "CreateInAppTemplate", - "description": "Grants permission to create an in-app message template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#CreateInAppTemplate" - }, - "CreateJourney": { - "privilege": "CreateJourney", - "description": "Grants permission to create a Journey for an app", - "access_level": "Write", - "resource_types": { - "journeys": { - "resource_type": "journeys", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys.html#CreateJourney" - }, - "CreatePushTemplate": { - "privilege": "CreatePushTemplate", - "description": "Grants permission to create a push notification template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#CreatePushTemplate" - }, - "CreateRecommenderConfiguration": { - "privilege": "CreateRecommenderConfiguration", - "description": "Grants permission to create an Amazon Pinpoint configuration for a recommender model", - "access_level": "Write", - "resource_types": { - "recommenders": { - "resource_type": "recommenders", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders.html#CreateRecommenderConfiguration" - }, - "CreateSegment": { - "privilege": "CreateSegment", - "description": "Grants permission to create a segment that is based on endpoint data reported to Pinpoint by your app. To allow a user to create a segment by importing endpoint data from outside of Pinpoint, allow the mobiletargeting:CreateImportJob action", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#CreateSegment" - }, - "CreateSmsTemplate": { - "privilege": "CreateSmsTemplate", - "description": "Grants permission to create an sms message template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#CreateSmsTemplate" - }, - "CreateVoiceTemplate": { - "privilege": "CreateVoiceTemplate", - "description": "Grants permission to create a voice message template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#CreateVoiceTemplate" - }, - "DeleteAdmChannel": { - "privilege": "DeleteAdmChannel", - "description": "Grants permission to delete the ADM channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-adm.html#DeleteAdmChannel" - }, - "DeleteApnsChannel": { - "privilege": "DeleteApnsChannel", - "description": "Grants permission to delete the APNs channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns.html#DeleteApnsChannel" - }, - "DeleteApnsSandboxChannel": { - "privilege": "DeleteApnsSandboxChannel", - "description": "Grants permission to delete the APNs sandbox channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_sandbox.html#DeleteApnsSandboxChannel" - }, - "DeleteApnsVoipChannel": { - "privilege": "DeleteApnsVoipChannel", - "description": "Grants permission to delete the APNs VoIP channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip.html#DeleteApnsVoipChannel" - }, - "DeleteApnsVoipSandboxChannel": { - "privilege": "DeleteApnsVoipSandboxChannel", - "description": "Grants permission to delete the APNs VoIP sandbox channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip_sandbox.html#DeleteApnsVoipSandboxChannel" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Grants permission to delete a specific campaign", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id.html#DeleteApp" - }, - "DeleteBaiduChannel": { - "privilege": "DeleteBaiduChannel", - "description": "Grants permission to delete the Baidu channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-baidu.html#DeleteBaiduChannel" - }, - "DeleteCampaign": { - "privilege": "DeleteCampaign", - "description": "Grants permission to delete a specific campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id.html#DeleteCampaign" - }, - "DeleteEmailChannel": { - "privilege": "DeleteEmailChannel", - "description": "Grants permission to delete the email channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-email.html#DeleteEmailChannel" - }, - "DeleteEmailTemplate": { - "privilege": "DeleteEmailTemplate", - "description": "Grants permission to delete an email template or an email template version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#DeleteEmailTemplate" - }, - "DeleteEndpoint": { - "privilege": "DeleteEndpoint", - "description": "Grants permission to delete an endpoint", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id.html#DeleteEndpoint" - }, - "DeleteEventStream": { - "privilege": "DeleteEventStream", - "description": "Grants permission to delete the event stream for an app", - "access_level": "Write", - "resource_types": { - "event-stream": { - "resource_type": "event-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-eventstream.html#DeleteEventStream" - }, - "DeleteGcmChannel": { - "privilege": "DeleteGcmChannel", - "description": "Grants permission to delete the GCM channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-gcm.html#DeleteGcmChannel" - }, - "DeleteInAppTemplate": { - "privilege": "DeleteInAppTemplate", - "description": "Grants permission to delete an in-app message template or an in-app message template version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#DeleteInAppTemplate" - }, - "DeleteJourney": { - "privilege": "DeleteJourney", - "description": "Grants permission to delete a specific journey", - "access_level": "Write", - "resource_types": { - "journey": { - "resource_type": "journey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id.html#DeleteJourney" - }, - "DeletePushTemplate": { - "privilege": "DeletePushTemplate", - "description": "Grants permission to delete a push notification template or a push notification template version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#DeletePushTemplate" - }, - "DeleteRecommenderConfiguration": { - "privilege": "DeleteRecommenderConfiguration", - "description": "Grants permission to delete an Amazon Pinpoint configuration for a recommender model", - "access_level": "Write", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders-recommender-id.html#DeleteRecommenderConfiguration" - }, - "DeleteSegment": { - "privilege": "DeleteSegment", - "description": "Grants permission to delete a specific segment", - "access_level": "Write", - "resource_types": { - "segment": { - "resource_type": "segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id.html#DeleteSegment" - }, - "DeleteSmsChannel": { - "privilege": "DeleteSmsChannel", - "description": "Grants permission to delete the SMS channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-sms.html#DeleteSmsChannel" - }, - "DeleteSmsTemplate": { - "privilege": "DeleteSmsTemplate", - "description": "Grants permission to delete an sms message template or an sms message template version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#DeleteSmsTemplate" - }, - "DeleteUserEndpoints": { - "privilege": "DeleteUserEndpoints", - "description": "Grants permission to delete all of the endpoints that are associated with a user ID", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-users-user-id.html#DeleteUserEndpoints" - }, - "DeleteVoiceChannel": { - "privilege": "DeleteVoiceChannel", - "description": "Grants permission to delete the Voice channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-voice.html#DeleteVoiceChannel" - }, - "DeleteVoiceTemplate": { - "privilege": "DeleteVoiceTemplate", - "description": "Grants permission to delete a voice message template or a voice message template version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#DeleteVoiceTemplate" - }, - "GetAdmChannel": { - "privilege": "GetAdmChannel", - "description": "Grants permission to retrieve information about the Amazon Device Messaging (ADM) channel for an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-adm.html#GetAdmChannel" - }, - "GetApnsChannel": { - "privilege": "GetApnsChannel", - "description": "Grants permission to retrieve information about the APNs channel for an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns.html#GetApnsChannel" - }, - "GetApnsSandboxChannel": { - "privilege": "GetApnsSandboxChannel", - "description": "Grants permission to retrieve information about the APNs sandbox channel for an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_sandbox.html#GetApnsSandboxChannel" - }, - "GetApnsVoipChannel": { - "privilege": "GetApnsVoipChannel", - "description": "Grants permission to retrieve information about the APNs VoIP channel for an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip.html#GetApnsVoipChannel" - }, - "GetApnsVoipSandboxChannel": { - "privilege": "GetApnsVoipSandboxChannel", - "description": "Grants permission to retrieve information about the APNs VoIP sandbox channel for an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip_sandbox.html#GetApnsVoipSandboxChannel" - }, - "GetApp": { - "privilege": "GetApp", - "description": "Grants permission to retrieve information about a specific app in your Amazon Pinpoint account", - "access_level": "Read", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id.html#GetApp" - }, - "GetApplicationDateRangeKpi": { - "privilege": "GetApplicationDateRangeKpi", - "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard metric that applies to an application", - "access_level": "Read", - "resource_types": { - "application-metrics": { - "resource_type": "application-metrics", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-kpis-daterange-kpi-name.html#GetApplicationDateRangeKpi" - }, - "GetApplicationSettings": { - "privilege": "GetApplicationSettings", - "description": "Grants permission to retrieve the default settings for an app", - "access_level": "List", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-settings.html#GetApplicationSettings" - }, - "GetApps": { - "privilege": "GetApps", - "description": "Grants permission to retrieve a list of apps in your Amazon Pinpoint account", - "access_level": "Read", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps.html#GetApps" - }, - "GetBaiduChannel": { - "privilege": "GetBaiduChannel", - "description": "Grants permission to retrieve information about the Baidu channel for an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-baidu.html#GetBaiduChannel" - }, - "GetCampaign": { - "privilege": "GetCampaign", - "description": "Grants permission to retrieve information about a specific campaign", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id.html#GetCampaign" - }, - "GetCampaignActivities": { - "privilege": "GetCampaignActivities", - "description": "Grants permission to retrieve information about the activities performed by a campaign", - "access_level": "List", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-activities.html#GetCampaignActivities" - }, - "GetCampaignDateRangeKpi": { - "privilege": "GetCampaignDateRangeKpi", - "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard metric that applies to a campaign", - "access_level": "Read", - "resource_types": { - "campaign-metrics": { - "resource_type": "campaign-metrics", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-kpis-daterange-kpi-name.html#GetCampaignDateRangeKpi" - }, - "GetCampaignVersion": { - "privilege": "GetCampaignVersion", - "description": "Grants permission to retrieve information about a specific campaign version", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-versions-version.html#GetCampaignVersion" - }, - "GetCampaignVersions": { - "privilege": "GetCampaignVersions", - "description": "Grants permission to retrieve information about the current and prior versions of a campaign", - "access_level": "List", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-versions.html#GetCampaignVersions" - }, - "GetCampaigns": { - "privilege": "GetCampaigns", - "description": "Grants permission to retrieve information about all campaigns for an app", - "access_level": "List", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns.html#GetCampaigns" - }, - "GetChannels": { - "privilege": "GetChannels", - "description": "Grants permission to get all channels information for your app", - "access_level": "List", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels.html#GetChannels" - }, - "GetEmailChannel": { - "privilege": "GetEmailChannel", - "description": "Grants permission to obtain information about the email channel in an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-email.html#GetEmailChannel" - }, - "GetEmailTemplate": { - "privilege": "GetEmailTemplate", - "description": "Grants permission to retrieve information about a specific or the active version of an email template", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#GetEmailTemplate" - }, - "GetEndpoint": { - "privilege": "GetEndpoint", - "description": "Grants permission to retrieve information about a specific endpoint", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id.html#GetEndpoint" - }, - "GetEventStream": { - "privilege": "GetEventStream", - "description": "Grants permission to retrieve information about the event stream for an app", - "access_level": "Read", - "resource_types": { - "event-stream": { - "resource_type": "event-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-eventstream.html#GetEventStream" - }, - "GetExportJob": { - "privilege": "GetExportJob", - "description": "Grants permission to obtain information about a specific export job", - "access_level": "Read", - "resource_types": { - "export-job": { - "resource_type": "export-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-export-job-id.html#GetExportJob" - }, - "GetExportJobs": { - "privilege": "GetExportJobs", - "description": "Grants permission to retrieve a list of all of the export jobs for an app", - "access_level": "List", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-export.html#GetExportJobs" - }, - "GetGcmChannel": { - "privilege": "GetGcmChannel", - "description": "Grants permission to retrieve information about the GCM channel for an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-gcm.html#GetGcmChannel" - }, - "GetImportJob": { - "privilege": "GetImportJob", - "description": "Grants permission to retrieve information about a specific import job", - "access_level": "Read", - "resource_types": { - "import-job": { - "resource_type": "import-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-import-job-id.html#GetImportJob" - }, - "GetImportJobs": { - "privilege": "GetImportJobs", - "description": "Grants permission to retrieve information about all import jobs for an app", - "access_level": "List", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-import.html#GetImportJobs" - }, - "GetInAppMessages": { - "privilege": "GetInAppMessages", - "description": "Grants permission to retrive in-app messages for the given endpoint id", - "access_level": "Read", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id-inappmessages.html#GetInAppMessages" - }, - "GetInAppTemplate": { - "privilege": "GetInAppTemplate", - "description": "Grants permission to retrieve information about a specific or the active version of an in-app message template", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#GetInAppTemplate" - }, - "GetJourney": { - "privilege": "GetJourney", - "description": "Grants permission to retrieve information about a specific journey", - "access_level": "Read", - "resource_types": { - "journey": { - "resource_type": "journey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id.html#GetJourney" - }, - "GetJourneyDateRangeKpi": { - "privilege": "GetJourneyDateRangeKpi", - "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard engagement metric that applies to a journey", - "access_level": "Read", - "resource_types": { - "journey-metrics": { - "resource_type": "journey-metrics", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-kpis-daterange-kpi-name.html#GetJourneyDateRangeKpi" - }, - "GetJourneyExecutionActivityMetrics": { - "privilege": "GetJourneyExecutionActivityMetrics", - "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey activity", - "access_level": "Read", - "resource_types": { - "journey-execution-activity-metrics": { - "resource_type": "journey-execution-activity-metrics", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-activities-journey-activity-id-execution-metrics.html#GetJourneyExecutionActivityMetrics" - }, - "GetJourneyExecutionMetrics": { - "privilege": "GetJourneyExecutionMetrics", - "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey", - "access_level": "Read", - "resource_types": { - "journey-execution-metrics": { - "resource_type": "journey-execution-metrics", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-execution-metrics.html#GetJourneyExecutionMetrics" - }, - "GetJourneyRunExecutionActivityMetrics": { - "privilege": "GetJourneyRunExecutionActivityMetrics", - "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey activity for a single journey run", - "access_level": "Read", - "resource_types": { - "journey": { - "resource_type": "journey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-runs-run-id-activities-journey-activity-id-execution-metrics.html#GetJourneyRunExecutionActivityMetrics" - }, - "GetJourneyRunExecutionMetrics": { - "privilege": "GetJourneyRunExecutionMetrics", - "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey for a single journey run", - "access_level": "Read", - "resource_types": { - "journey": { - "resource_type": "journey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-runs-run-id-execution-metrics.html#GetJourneyRunExecutionMetrics" - }, - "GetJourneyRuns": { - "privilege": "GetJourneyRuns", - "description": "Grants permission to retrieve information about all journey runs for a journey", - "access_level": "List", - "resource_types": { - "journey": { - "resource_type": "journey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-runs.html" - }, - "GetPushTemplate": { - "privilege": "GetPushTemplate", - "description": "Grants permission to retrieve information about a specific or the active version of an push notification template", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#GetPushTemplate" - }, - "GetRecommenderConfiguration": { - "privilege": "GetRecommenderConfiguration", - "description": "Grants permission to retrieve information about an Amazon Pinpoint configuration for a recommender model", - "access_level": "Read", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders-recommender-id.html#GetRecommenderConfiguration" - }, - "GetRecommenderConfigurations": { - "privilege": "GetRecommenderConfigurations", - "description": "Grants permission to retrieve information about all the recommender model configurations that are associated with an Amazon Pinpoint account", - "access_level": "List", - "resource_types": { - "recommenders": { - "resource_type": "recommenders", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders.html#GetRecommenderConfigurations" - }, - "GetReports": { - "privilege": "GetReports", - "description": "Grants permission to mobiletargeting:GetReports", - "access_level": "Read", - "resource_types": { - "reports": { - "resource_type": "reports", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}/permissions-actions.html" - }, - "GetSegment": { - "privilege": "GetSegment", - "description": "Grants permission to retrieve information about a specific segment", - "access_level": "Read", - "resource_types": { - "segment": { - "resource_type": "segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id.html#GetSegment" - }, - "GetSegmentExportJobs": { - "privilege": "GetSegmentExportJobs", - "description": "Grants permission to retrieve information about jobs that export endpoint definitions from segments to Amazon S3", - "access_level": "List", - "resource_types": { - "segment": { - "resource_type": "segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-jobs-export.html#GetSegmentExportJobs" - }, - "GetSegmentImportJobs": { - "privilege": "GetSegmentImportJobs", - "description": "Grants permission to retrieve information about jobs that create segments by importing endpoint definitions from", - "access_level": "List", - "resource_types": { - "segment": { - "resource_type": "segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-jobs-import.html#GetSegmentImportJobs" - }, - "GetSegmentVersion": { - "privilege": "GetSegmentVersion", - "description": "Grants permission to retrieve information about a specific segment version", - "access_level": "Read", - "resource_types": { - "segment": { - "resource_type": "segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-versions-version.html#GetSegmentVersion" - }, - "GetSegmentVersions": { - "privilege": "GetSegmentVersions", - "description": "Grants permission to retrieve information about the current and prior versions of a segment", - "access_level": "List", - "resource_types": { - "segment": { - "resource_type": "segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-versions.html#GetSegmentVersions" - }, - "GetSegments": { - "privilege": "GetSegments", - "description": "Grants permission to retrieve information about the segments for an app", - "access_level": "List", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#GetSegments" - }, - "GetSmsChannel": { - "privilege": "GetSmsChannel", - "description": "Grants permission to obtain information about the SMS channel in an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-sms.html#GetSmsChannel" - }, - "GetSmsTemplate": { - "privilege": "GetSmsTemplate", - "description": "Grants permission to retrieve information about a specific or the active version of an sms message template", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#GetSmsTemplate" - }, - "GetUserEndpoints": { - "privilege": "GetUserEndpoints", - "description": "Grants permission to retrieve information about the endpoints that are associated with a user ID", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-users-user-id.html#GetUserEndpoints" - }, - "GetVoiceChannel": { - "privilege": "GetVoiceChannel", - "description": "Grants permission to obtain information about the Voice channel in an app", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-voice.html#GetVoiceChannel" - }, - "GetVoiceTemplate": { - "privilege": "GetVoiceTemplate", - "description": "Grants permission to retrieve information about a specific or the active version of a voice message template", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#GetVoiceTemplate" - }, - "ListJourneys": { - "privilege": "ListJourneys", - "description": "Grants permission to retrieve information about all journeys for an app", - "access_level": "List", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys.html#ListJourneys" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "app": { - "resource_type": "app", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "journey": { - "resource_type": "journey", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "segment": { - "resource_type": "segment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/tags-resource-arn.html#ListTagsForResource" - }, - "ListTemplateVersions": { - "privilege": "ListTemplateVersions", - "description": "Grants permission to retrieve all versions about a specific template", - "access_level": "List", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html#ListTemplateVersions" - }, - "ListTemplates": { - "privilege": "ListTemplates", - "description": "Grants permission to retrieve metadata about the queried templates", - "access_level": "List", - "resource_types": { - "templates": { - "resource_type": "templates", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates.html#ListTemplates" - }, - "PhoneNumberValidate": { - "privilege": "PhoneNumberValidate", - "description": "Grants permission to obtain metadata for a phone number, such as the number type (mobile, landline, or VoIP), location, and provider", - "access_level": "Read", - "resource_types": { - "phone-number-validate": { - "resource_type": "phone-number-validate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/phone-number-validate.html#PhoneNumberValidate" - }, - "PutEventStream": { - "privilege": "PutEventStream", - "description": "Grants permission to create or update an event stream for an app", - "access_level": "Write", - "resource_types": { - "event-stream": { - "resource_type": "event-stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-eventstream.html#PutEventStream" - }, - "PutEvents": { - "privilege": "PutEvents", - "description": "Grants permission to create or update events for an app", - "access_level": "Write", - "resource_types": { - "events": { - "resource_type": "events", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-events.html#PutEvents" - }, - "RemoveAttributes": { - "privilege": "RemoveAttributes", - "description": "Grants permission to remove the attributes for an app", - "access_level": "Write", - "resource_types": { - "attribute": { - "resource_type": "attribute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-attributes-attribute-type.html#RemoveAttributes" - }, - "SendMessages": { - "privilege": "SendMessages", - "description": "Grants permission to send an SMS message or push notification to specific endpoints", - "access_level": "Write", - "resource_types": { - "messages": { - "resource_type": "messages", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-messages.html#SendMessages" - }, - "SendOTPMessage": { - "privilege": "SendOTPMessage", - "description": "Grants permission to send an OTP code to a user of your application", - "access_level": "Write", - "resource_types": { - "otp": { - "resource_type": "otp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-otp.html#SendOTPMessage" - }, - "SendUsersMessages": { - "privilege": "SendUsersMessages", - "description": "Grants permission to send an SMS message or push notification to all endpoints that are associated with a specific user ID", - "access_level": "Write", - "resource_types": { - "messages": { - "resource_type": "messages", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-users-messages.html#SendUsersMessages" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "app": { - "resource_type": "app", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "journey": { - "resource_type": "journey", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "segment": { - "resource_type": "segment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/tags-resource-arn.html#TagResource" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "app": { - "resource_type": "app", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "journey": { - "resource_type": "journey", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "segment": { - "resource_type": "segment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/tags-resource-arn.html#UntagResource" - }, - "UpdateAdmChannel": { - "privilege": "UpdateAdmChannel", - "description": "Grants permission to update the Amazon Device Messaging (ADM) channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-adm.html#UpdateAdmChannel" - }, - "UpdateApnsChannel": { - "privilege": "UpdateApnsChannel", - "description": "Grants permission to update the Apple Push Notification service (APNs) channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns.html#UpdateApnsChannel" - }, - "UpdateApnsSandboxChannel": { - "privilege": "UpdateApnsSandboxChannel", - "description": "Grants permission to update the Apple Push Notification service (APNs) sandbox channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_sandbox.html#UpdateApnsSandboxChannel" - }, - "UpdateApnsVoipChannel": { - "privilege": "UpdateApnsVoipChannel", - "description": "Grants permission to update the Apple Push Notification service (APNs) VoIP channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip.html#UpdateApnsVoipChannel" - }, - "UpdateApnsVoipSandboxChannel": { - "privilege": "UpdateApnsVoipSandboxChannel", - "description": "Grants permission to update the Apple Push Notification service (APNs) VoIP sandbox channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip_sandbox.html#UpdateApnsVoipSandboxChannel" - }, - "UpdateApplicationSettings": { - "privilege": "UpdateApplicationSettings", - "description": "Grants permission to update the default settings for an app", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-settings.html#UpdateApplicationSettings" - }, - "UpdateBaiduChannel": { - "privilege": "UpdateBaiduChannel", - "description": "Grants permission to update the Baidu channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-baidu.html#UpdateBaiduChannel" - }, - "UpdateCampaign": { - "privilege": "UpdateCampaign", - "description": "Grants permission to update a specific campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id.html#UpdateCampaign" - }, - "UpdateEmailChannel": { - "privilege": "UpdateEmailChannel", - "description": "Grants permission to update the email channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-email.html#UpdateEmailChannel" - }, - "UpdateEmailTemplate": { - "privilege": "UpdateEmailTemplate", - "description": "Grants permission to update a specific email template under the same version or generate a new version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#UpdateEmailTemplate" - }, - "UpdateEndpoint": { - "privilege": "UpdateEndpoint", - "description": "Grants permission to create an endpoint or update the information for an endpoint", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id.html#UpdateEndpoint" - }, - "UpdateEndpointsBatch": { - "privilege": "UpdateEndpointsBatch", - "description": "Grants permission to create or update endpoints as a batch operation", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints.html#UpdateEndpointsBatch" - }, - "UpdateGcmChannel": { - "privilege": "UpdateGcmChannel", - "description": "Grants permission to update the Firebase Cloud Messaging (FCM) or Google Cloud Messaging (GCM) API key that allows to send push notifications to your Android app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-gcm.html#UpdateGcmChannel" - }, - "UpdateInAppTemplate": { - "privilege": "UpdateInAppTemplate", - "description": "Grants permission to update a specific in-app message template under the same version or generate a new version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#UpdateInAppTemplate" - }, - "UpdateJourney": { - "privilege": "UpdateJourney", - "description": "Grants permission to update a specific journey", - "access_level": "Write", - "resource_types": { - "journey": { - "resource_type": "journey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id.html#UpdateJourney" - }, - "UpdateJourneyState": { - "privilege": "UpdateJourneyState", - "description": "Grants permission to update a specific journey state", - "access_level": "Write", - "resource_types": { - "journey": { - "resource_type": "journey", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-state.html#UpdateJourneyState" - }, - "UpdatePushTemplate": { - "privilege": "UpdatePushTemplate", - "description": "Grants permission to update a specific push notification template under the same version or generate a new version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#UpdatePushTemplate" - }, - "UpdateRecommenderConfiguration": { - "privilege": "UpdateRecommenderConfiguration", - "description": "Grants permission to update an Amazon Pinpoint configuration for a recommender model", - "access_level": "Write", - "resource_types": { - "recommender": { - "resource_type": "recommender", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders-recommender-id.html#UpdateRecommenderConfiguration" - }, - "UpdateSegment": { - "privilege": "UpdateSegment", - "description": "Grants permission to update a specific segment", - "access_level": "Write", - "resource_types": { - "segment": { - "resource_type": "segment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id.html#UpdateSegment" - }, - "UpdateSmsChannel": { - "privilege": "UpdateSmsChannel", - "description": "Grants permission to update the SMS channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-sms.html#UpdateSmsChannel" - }, - "UpdateSmsTemplate": { - "privilege": "UpdateSmsTemplate", - "description": "Grants permission to update a specific sms message template under the same version or generate a new version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#UpdateSmsTemplate" - }, - "UpdateTemplateActiveVersion": { - "privilege": "UpdateTemplateActiveVersion", - "description": "Grants permission to update the active version parameter of a specific template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-active-version.html#UpdateTemplateActiveVersion" - }, - "UpdateVoiceChannel": { - "privilege": "UpdateVoiceChannel", - "description": "Grants permission to update the Voice channel for an app", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-voice.html#UpdateVoiceChannel" - }, - "UpdateVoiceTemplate": { - "privilege": "UpdateVoiceTemplate", - "description": "Grants permission to update a specific voice message template under the same version or generate a new version", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#UpdateVoiceTemplate" - }, - "VerifyOTPMessage": { - "privilege": "VerifyOTPMessage", - "description": "Grants permission to check the validity of One-Time Passwords (OTPs)", - "access_level": "Write", - "resource_types": { - "verify-otp": { - "resource_type": "verify-otp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-verify-otp.html#VerifyOTPMessage" - } - }, - "resources": { - "app": { - "resource": "app", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "apps": { - "resource": "apps", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/*", - "condition_keys": [] - }, - "campaign": { - "resource": "campaign", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/campaigns/${CampaignId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "journey": { - "resource": "journey", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "journeys": { - "resource": "journeys", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys", - "condition_keys": [] - }, - "segment": { - "resource": "segment", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/segments/${SegmentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "template": { - "resource": "template", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:templates/${TemplateName}/${TemplateType}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "templates": { - "resource": "templates", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:templates", - "condition_keys": [] - }, - "recommender": { - "resource": "recommender", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:recommenders/${RecommenderId}", - "condition_keys": [] - }, - "recommenders": { - "resource": "recommenders", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:recommenders/*", - "condition_keys": [] - }, - "phone-number-validate": { - "resource": "phone-number-validate", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:phone/number/validate", - "condition_keys": [] - }, - "channels": { - "resource": "channels", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/channels", - "condition_keys": [] - }, - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/channels/${ChannelType}", - "condition_keys": [] - }, - "event-stream": { - "resource": "event-stream", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/eventstream", - "condition_keys": [] - }, - "events": { - "resource": "events", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/events", - "condition_keys": [] - }, - "messages": { - "resource": "messages", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/messages", - "condition_keys": [] - }, - "verify-otp": { - "resource": "verify-otp", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/verify-otp", - "condition_keys": [] - }, - "otp": { - "resource": "otp", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/otp", - "condition_keys": [] - }, - "attribute": { - "resource": "attribute", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/attributes/${AttributeType}", - "condition_keys": [] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/users/${UserId}", - "condition_keys": [] - }, - "endpoint": { - "resource": "endpoint", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/endpoints/${EndpointId}", - "condition_keys": [] - }, - "import-job": { - "resource": "import-job", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/jobs/import/${JobId}", - "condition_keys": [] - }, - "export-job": { - "resource": "export-job", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/jobs/export/${JobId}", - "condition_keys": [] - }, - "application-metrics": { - "resource": "application-metrics", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/kpis/daterange/${KpiName}", - "condition_keys": [] - }, - "campaign-metrics": { - "resource": "campaign-metrics", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/campaigns/${CampaignId}/kpis/daterange/${KpiName}", - "condition_keys": [] - }, - "journey-metrics": { - "resource": "journey-metrics", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}/kpis/daterange/${KpiName}", - "condition_keys": [] - }, - "journey-execution-metrics": { - "resource": "journey-execution-metrics", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}/execution-metrics", - "condition_keys": [] - }, - "journey-execution-activity-metrics": { - "resource": "journey-execution-activity-metrics", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}/activities/${JourneyActivityId}/execution-metrics", - "condition_keys": [] - }, - "reports": { - "resource": "reports", - "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:reports", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a key that is present in the request the user makes to the pinpoint service", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the list of all the tag key names present in the request the user makes to the pinpoint service", - "type": "ArrayOfString" - } - } - }, - "ses": { - "service_name": "Amazon Pinpoint Email Service", - "prefix": "ses", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpinpointemailservice.html", - "privileges": { - "CreateConfigurationSet": { - "privilege": "CreateConfigurationSet", - "description": "Grants permission to create a new configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateConfigurationSet.html" - }, - "CreateConfigurationSetEventDestination": { - "privilege": "CreateConfigurationSetEventDestination", - "description": "Grants permission to create a configuration set event destination", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateConfigurationSetEventDestination.html" - }, - "CreateDedicatedIpPool": { - "privilege": "CreateDedicatedIpPool", - "description": "Grants permission to create a new pool of dedicated IP addresses", - "access_level": "Write", - "resource_types": { - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateDedicatedIpPool.html" - }, - "CreateDeliverabilityTestReport": { - "privilege": "CreateDeliverabilityTestReport", - "description": "Grants permission to create a new predictive inbox placement test", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateDeliverabilityTestReport.html" - }, - "CreateEmailIdentity": { - "privilege": "CreateEmailIdentity", - "description": "Grants permission to start the process of verifying an email identity", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateEmailIdentity.html" - }, - "DeleteConfigurationSet": { - "privilege": "DeleteConfigurationSet", - "description": "Grants permission to delete an existing configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteConfigurationSet.html" - }, - "DeleteConfigurationSetEventDestination": { - "privilege": "DeleteConfigurationSetEventDestination", - "description": "Grants permission to delete an event destination", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteConfigurationSetEventDestination.html" - }, - "DeleteDedicatedIpPool": { - "privilege": "DeleteDedicatedIpPool", - "description": "Grants permission to delete a dedicated IP pool", - "access_level": "Write", - "resource_types": { - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteDedicatedIpPool.html" - }, - "DeleteEmailIdentity": { - "privilege": "DeleteEmailIdentity", - "description": "Grants permission to delete an email identity", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteEmailIdentity.html" - }, - "GetAccount": { - "privilege": "GetAccount", - "description": "Grants permission to get information about the email-sending status and capabilities for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetAccount.html" - }, - "GetBlacklistReports": { - "privilege": "GetBlacklistReports", - "description": "Grants permission to retrieve a list of the deny lists on which your dedicated IP addresses or tracked domains appear", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetBlacklistReports.html" - }, - "GetConfigurationSet": { - "privilege": "GetConfigurationSet", - "description": "Grants permission to get information about an existing configuration set", - "access_level": "Read", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetConfigurationSet.html" - }, - "GetConfigurationSetEventDestinations": { - "privilege": "GetConfigurationSetEventDestinations", - "description": "Grants permission to retrieve a list of event destinations that are associated with a configuration set", - "access_level": "Read", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetConfigurationSetEventDestinations.html" - }, - "GetDedicatedIp": { - "privilege": "GetDedicatedIp", - "description": "Grants permission to get information about a dedicated IP address", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDedicatedIp.html" - }, - "GetDedicatedIps": { - "privilege": "GetDedicatedIps", - "description": "Grants permission to list the dedicated IP addresses a dedicated IP pool", - "access_level": "Read", - "resource_types": { - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDedicatedIps.html" - }, - "GetDeliverabilityDashboardOptions": { - "privilege": "GetDeliverabilityDashboardOptions", - "description": "Grants permission to get the status of the Deliverability dashboard", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDeliverabilityDashboardOptions.html" - }, - "GetDeliverabilityTestReport": { - "privilege": "GetDeliverabilityTestReport", - "description": "Grants permission to retrieve the results of a predictive inbox placement test", - "access_level": "Read", - "resource_types": { - "deliverability-test-report": { - "resource_type": "deliverability-test-report", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDeliverabilityTestReport.html" - }, - "GetDomainDeliverabilityCampaign": { - "privilege": "GetDomainDeliverabilityCampaign", - "description": "Grants permission to retrieve all the deliverability data for a specific campaign", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDomainDeliverabilityCampaign.html" - }, - "GetDomainStatisticsReport": { - "privilege": "GetDomainStatisticsReport", - "description": "Grants permission to retrieve inbox placement and engagement rates for the domains that you use to send email", - "access_level": "Read", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDomainStatisticsReport.html" - }, - "GetEmailIdentity": { - "privilege": "GetEmailIdentity", - "description": "Grants permission to get information about a specific identity", - "access_level": "Read", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetEmailIdentity.html" - }, - "ListConfigurationSets": { - "privilege": "ListConfigurationSets", - "description": "Grants permission to list all of the configuration sets for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListConfigurationSets.html" - }, - "ListDedicatedIpPools": { - "privilege": "ListDedicatedIpPools", - "description": "Grants permission to list all of the dedicated IP pools for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListDedicatedIpPools.html" - }, - "ListDeliverabilityTestReports": { - "privilege": "ListDeliverabilityTestReports", - "description": "Grants permission to retrieve the list of the predictive inbox placement tests that you've performed, regardless of their statuses, for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListDeliverabilityTestReports.html" - }, - "ListDomainDeliverabilityCampaigns": { - "privilege": "ListDomainDeliverabilityCampaigns", - "description": "Grants permission to list deliverability data for campaigns that used a specific domain to send email during a specified time range", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListDomainDeliverabilityCampaigns.html" - }, - "ListEmailIdentities": { - "privilege": "ListEmailIdentities", - "description": "Grants permission to list the email identities for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListEmailIdentities.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of the tags (keys and values) that are associated with a specific resource for your account", - "access_level": "Read", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-list": { - "resource_type": "contact-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deliverability-test-report": { - "resource_type": "deliverability-test-report", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "identity": { - "resource_type": "identity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListTagsForResource.html" - }, - "PutAccountDedicatedIpWarmupAttributes": { - "privilege": "PutAccountDedicatedIpWarmupAttributes", - "description": "Grants permission to enable or disable the automatic warm-up feature for dedicated IP addresses", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountDedicatedIpWarmupAttributes.html" - }, - "PutAccountSendingAttributes": { - "privilege": "PutAccountSendingAttributes", - "description": "Grants permission to enable or disable the ability to send email for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountSendingAttributes.html" - }, - "PutConfigurationSetDeliveryOptions": { - "privilege": "PutConfigurationSetDeliveryOptions", - "description": "Grants permission to associate a configuration set with a dedicated IP pool", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetDeliveryOptions.html" - }, - "PutConfigurationSetReputationOptions": { - "privilege": "PutConfigurationSetReputationOptions", - "description": "Grants permission to enable or disable collection of reputation metrics for emails that you send using a particular configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetReputationOptions.html" - }, - "PutConfigurationSetSendingOptions": { - "privilege": "PutConfigurationSetSendingOptions", - "description": "Grants permission to enable or disable email sending for messages that use a particular configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetSendingOptions.html" - }, - "PutConfigurationSetTrackingOptions": { - "privilege": "PutConfigurationSetTrackingOptions", - "description": "Grants permission to specify a custom domain to use for open and click tracking elements in email that you send for a particular configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetTrackingOptions.html" - }, - "PutDedicatedIpInPool": { - "privilege": "PutDedicatedIpInPool", - "description": "Grants permission to move a dedicated IP address to an existing dedicated IP pool", - "access_level": "Write", - "resource_types": { - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDedicatedIpInPool.html" - }, - "PutDedicatedIpWarmupAttributes": { - "privilege": "PutDedicatedIpWarmupAttributes", - "description": "Grants permission to put Dedicated IP warm up attributes", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDedicatedIpWarmupAttributes.html" - }, - "PutDeliverabilityDashboardOption": { - "privilege": "PutDeliverabilityDashboardOption", - "description": "Grants permission to enable or disable the Deliverability dashboard", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDeliverabilityDashboardOption.html" - }, - "PutEmailIdentityDkimAttributes": { - "privilege": "PutEmailIdentityDkimAttributes", - "description": "Grants permission to enable or disable DKIM authentication for an email identity", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityDkimAttributes.html" - }, - "PutEmailIdentityFeedbackAttributes": { - "privilege": "PutEmailIdentityFeedbackAttributes", - "description": "Grants permission to enable or disable feedback forwarding for an email identity", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityFeedbackAttributes.html" - }, - "PutEmailIdentityMailFromAttributes": { - "privilege": "PutEmailIdentityMailFromAttributes", - "description": "Grants permission to enable or disable the custom MAIL FROM domain configuration for an email identity", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityMailFromAttributes.html" - }, - "SendEmail": { - "privilege": "SendEmail", - "description": "Grants permission to send an email message", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "ses:FeedbackAddress", - "ses:FromAddress", - "ses:FromDisplayName", - "ses:Recipients" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags (keys and values) to a specified resource", - "access_level": "Tagging", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-list": { - "resource_type": "contact-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deliverability-test-report": { - "resource_type": "deliverability-test-report", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "identity": { - "resource_type": "identity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags (keys and values) from a specified resource", - "access_level": "Tagging", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "contact-list": { - "resource_type": "contact-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deliverability-test-report": { - "resource_type": "deliverability-test-report", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "identity": { - "resource_type": "identity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UntagResource.html" - }, - "UpdateConfigurationSetEventDestination": { - "privilege": "UpdateConfigurationSetEventDestination", - "description": "Grants permission to update the configuration of an event destination for a configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateConfigurationSetEventDestination.html" - }, - "CloneReceiptRuleSet": { - "privilege": "CloneReceiptRuleSet", - "description": "Grants permission to create a receipt rule set by cloning an existing one", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CloneReceiptRuleSet.html" - }, - "CreateConfigurationSetTrackingOptions": { - "privilege": "CreateConfigurationSetTrackingOptions", - "description": "Grants permission to creates an association between a configuration set and a custom domain for open and click event tracking", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateConfigurationSetTrackingOptions.html" - }, - "CreateCustomVerificationEmailTemplate": { - "privilege": "CreateCustomVerificationEmailTemplate", - "description": "Grants permission to create a new custom verification email template", - "access_level": "Write", - "resource_types": { - "custom-verification-email-template": { - "resource_type": "custom-verification-email-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateCustomVerificationEmailTemplate.html" - }, - "CreateReceiptFilter": { - "privilege": "CreateReceiptFilter", - "description": "Grants permission to create a new IP address filter", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateReceiptFilter.html" - }, - "CreateReceiptRule": { - "privilege": "CreateReceiptRule", - "description": "Grants permission to create a receipt rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateReceiptRule.html" - }, - "CreateReceiptRuleSet": { - "privilege": "CreateReceiptRuleSet", - "description": "Grants permission to create an empty receipt rule set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateReceiptRuleSet.html" - }, - "CreateTemplate": { - "privilege": "CreateTemplate", - "description": "Grants permission to creates an email template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateTemplate.html" - }, - "DeleteConfigurationSetTrackingOptions": { - "privilege": "DeleteConfigurationSetTrackingOptions", - "description": "Grants permission to delete an association between a configuration set and a custom domain for open and click event tracking", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteConfigurationSetTrackingOptions.html" - }, - "DeleteCustomVerificationEmailTemplate": { - "privilege": "DeleteCustomVerificationEmailTemplate", - "description": "Grants permission to delete an existing custom verification email template", - "access_level": "Write", - "resource_types": { - "custom-verification-email-template": { - "resource_type": "custom-verification-email-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteCustomVerificationEmailTemplate.html" - }, - "DeleteIdentity": { - "privilege": "DeleteIdentity", - "description": "Grants permission to delete the specified identity", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteIdentity.html" - }, - "DeleteIdentityPolicy": { - "privilege": "DeleteIdentityPolicy", - "description": "Grants permission to delete the specified sending authorization policy for the given identity (an email address or a domain)", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteIdentityPolicy.html" - }, - "DeleteReceiptFilter": { - "privilege": "DeleteReceiptFilter", - "description": "Grants permission to delete the specified IP address filter", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteReceiptFilter.html" - }, - "DeleteReceiptRule": { - "privilege": "DeleteReceiptRule", - "description": "Grants permission to delete the specified receipt rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteReceiptRule.html" - }, - "DeleteReceiptRuleSet": { - "privilege": "DeleteReceiptRuleSet", - "description": "Grants permission to delete the specified receipt rule set and all of the receipt rules it contains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteReceiptRuleSet.html" - }, - "DeleteTemplate": { - "privilege": "DeleteTemplate", - "description": "Grants permission to delete an email template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteTemplate.html" - }, - "DeleteVerifiedEmailAddress": { - "privilege": "DeleteVerifiedEmailAddress", - "description": "Grants permission to delete the specified email address from the list of verified addresses", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteVerifiedEmailAddress.html" - }, - "DescribeActiveReceiptRuleSet": { - "privilege": "DescribeActiveReceiptRuleSet", - "description": "Grants permission to return the metadata and receipt rules for the receipt rule set that is currently active", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeActiveReceiptRuleSet.html" - }, - "DescribeConfigurationSet": { - "privilege": "DescribeConfigurationSet", - "description": "Grants permission to return the details of the specified configuration set", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeConfigurationSet.html" - }, - "DescribeReceiptRule": { - "privilege": "DescribeReceiptRule", - "description": "Grants permission to return the details of the specified receipt rule", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeReceiptRule.html" - }, - "DescribeReceiptRuleSet": { - "privilege": "DescribeReceiptRuleSet", - "description": "Grants permission to return the details of the specified receipt rule set", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeReceiptRuleSet.html" - }, - "GetAccountSendingEnabled": { - "privilege": "GetAccountSendingEnabled", - "description": "Grants permission to return the email sending status of your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetAccountSendingEnabled.html" - }, - "GetCustomVerificationEmailTemplate": { - "privilege": "GetCustomVerificationEmailTemplate", - "description": "Grants permission to return the custom email verification template for the template name you specify", - "access_level": "Read", - "resource_types": { - "custom-verification-email-template": { - "resource_type": "custom-verification-email-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetCustomVerificationEmailTemplate.html" - }, - "GetIdentityDkimAttributes": { - "privilege": "GetIdentityDkimAttributes", - "description": "Grants permission to return the current status of Easy DKIM signing for an entity", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityDkimAttributes.html" - }, - "GetIdentityMailFromDomainAttributes": { - "privilege": "GetIdentityMailFromDomainAttributes", - "description": "Grants permission to return the custom MAIL FROM attributes for a list of identities (email addresses and/or domains)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityMailFromDomainAttributes.html" - }, - "GetIdentityNotificationAttributes": { - "privilege": "GetIdentityNotificationAttributes", - "description": "Grants permission to return a structure describing identity notification attributes for a list of verified identities (email addresses and/or domains),", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityNotificationAttributes.html" - }, - "GetIdentityPolicies": { - "privilege": "GetIdentityPolicies", - "description": "Grants permission to return the requested sending authorization policies for the given identity (an email address or a domain)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityPolicies.html" - }, - "GetIdentityVerificationAttributes": { - "privilege": "GetIdentityVerificationAttributes", - "description": "Grants permission to return the verification status and (for domain identities) the verification token for a list of identities", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityVerificationAttributes.html" - }, - "GetSendQuota": { - "privilege": "GetSendQuota", - "description": "Grants permission to return the user's current sending limits", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetSendQuota.html" - }, - "GetSendStatistics": { - "privilege": "GetSendStatistics", - "description": "Grants permission to returns the user's sending statistics", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetSendStatistics.html" - }, - "GetTemplate": { - "privilege": "GetTemplate", - "description": "Grants permission to return the template object, which includes the subject line, HTML par, and text part for the template you specify", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetTemplate.html" - }, - "ListCustomVerificationEmailTemplates": { - "privilege": "ListCustomVerificationEmailTemplates", - "description": "Grants permission to list all of the existing custom verification email templates for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListCustomVerificationEmailTemplates.html" - }, - "ListIdentities": { - "privilege": "ListIdentities", - "description": "Grants permission to list the email identities for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListIdentities.html" - }, - "ListIdentityPolicies": { - "privilege": "ListIdentityPolicies", - "description": "Grants permission to list all of the email templates for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListIdentityPolicies.html" - }, - "ListReceiptFilters": { - "privilege": "ListReceiptFilters", - "description": "Grants permission to list the IP address filters associated with your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListReceiptFilters.html" - }, - "ListReceiptRuleSets": { - "privilege": "ListReceiptRuleSets", - "description": "Grants permission to list the receipt rule sets that exist under your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListReceiptRuleSets.html" - }, - "ListTemplates": { - "privilege": "ListTemplates", - "description": "Grants permission to list the email templates present in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListTemplates.html" - }, - "ListVerifiedEmailAddresses": { - "privilege": "ListVerifiedEmailAddresses", - "description": "Grants permission to list all of the email addresses that have been verified in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListVerifiedEmailAddresses.html" - }, - "PutIdentityPolicy": { - "privilege": "PutIdentityPolicy", - "description": "Grants permission to add or update a sending authorization policy for the specified identity (an email address or a domain)", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_PutIdentityPolicy.html" - }, - "ReorderReceiptRuleSet": { - "privilege": "ReorderReceiptRuleSet", - "description": "Grants permission to reorder the receipt rules within a receipt rule set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ReorderReceiptRuleSet.html" - }, - "SendBounce": { - "privilege": "SendBounce", - "description": "Grants permission to generate and send a bounce message to the sender of an email you received through Amazon SES", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "ses:FromAddress" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendBounce.html" - }, - "SendBulkTemplatedEmail": { - "privilege": "SendBulkTemplatedEmail", - "description": "Grants permission to compose an email message to multiple destinations", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "ses:FeedbackAddress", - "ses:FromAddress", - "ses:FromDisplayName", - "ses:Recipients" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendBulkTemplatedEmail.html" - }, - "SendCustomVerificationEmail": { - "privilege": "SendCustomVerificationEmail", - "description": "Grants permission to add an email address to the list of identities and attempts to verify it", - "access_level": "Write", - "resource_types": { - "custom-verification-email-template": { - "resource_type": "custom-verification-email-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendCustomVerificationEmail.html" - }, - "SendRawEmail": { - "privilege": "SendRawEmail", - "description": "Grants permission to send an email message, with header and content specified by the client", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "ses:FeedbackAddress", - "ses:FromAddress", - "ses:FromDisplayName", - "ses:Recipients" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendRawEmail.html" - }, - "SendTemplatedEmail": { - "privilege": "SendTemplatedEmail", - "description": "Grants permission to compose an email message using an email template", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "ses:FeedbackAddress", - "ses:FromAddress", - "ses:FromDisplayName", - "ses:Recipients" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendTemplatedEmail.html" - }, - "SetActiveReceiptRuleSet": { - "privilege": "SetActiveReceiptRuleSet", - "description": "Grants permission to set the specified receipt rule set as the active receipt rule set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetActiveReceiptRuleSet.html" - }, - "SetIdentityDkimEnabled": { - "privilege": "SetIdentityDkimEnabled", - "description": "Grants permission to enable or disable Easy DKIM signing of email sent from an identity", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityDkimEnabled.html" - }, - "SetIdentityFeedbackForwardingEnabled": { - "privilege": "SetIdentityFeedbackForwardingEnabled", - "description": "Grants permission to enable or disable whether Amazon SES forwards bounce and complaint notifications for an identity (an email address or a domain)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityFeedbackForwardingEnabled.html" - }, - "SetIdentityHeadersInNotificationsEnabled": { - "privilege": "SetIdentityHeadersInNotificationsEnabled", - "description": "Grants permission to set whether Amazon SES includes the original email headers in the Amazon Simple Notification Service (Amazon SNS) notifications of a specified type for a given identity (an email address or a domain)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityHeadersInNotificationsEnabled.html" - }, - "SetIdentityMailFromDomain": { - "privilege": "SetIdentityMailFromDomain", - "description": "Grants permission to enable or disable the custom MAIL FROM domain setup for a verified identity", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html" - }, - "SetIdentityNotificationTopic": { - "privilege": "SetIdentityNotificationTopic", - "description": "Grants permission to set an Amazon Simple Notification Service (Amazon SNS) topic to use when delivering notifications for a verified identity", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityNotificationTopic.html" - }, - "SetReceiptRulePosition": { - "privilege": "SetReceiptRulePosition", - "description": "Grants permission to set the position of the specified receipt rule in the receipt rule set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetReceiptRulePosition.html" - }, - "TestRenderTemplate": { - "privilege": "TestRenderTemplate", - "description": "Grants permission to create a preview of the MIME content of an email when provided with a template and a set of replacement data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_TestRenderTemplate.html" - }, - "UpdateAccountSendingEnabled": { - "privilege": "UpdateAccountSendingEnabled", - "description": "Grants permission to enable or disable email sending for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateAccountSendingEnabled.html" - }, - "UpdateConfigurationSetReputationMetricsEnabled": { - "privilege": "UpdateConfigurationSetReputationMetricsEnabled", - "description": "Grants permission to enable or disable the publishing of reputation metrics for emails sent using a specific configuration set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateConfigurationSetReputationMetricsEnabled.html" - }, - "UpdateConfigurationSetSendingEnabled": { - "privilege": "UpdateConfigurationSetSendingEnabled", - "description": "Grants permission to enable or disable email sending for messages sent using a specific configuration set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateConfigurationSetSendingEnabled.html" - }, - "UpdateConfigurationSetTrackingOptions": { - "privilege": "UpdateConfigurationSetTrackingOptions", - "description": "Grants permission to modify an association between a configuration set and a custom domain for open and click event tracking", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateConfigurationSetTrackingOptions.html" - }, - "UpdateCustomVerificationEmailTemplate": { - "privilege": "UpdateCustomVerificationEmailTemplate", - "description": "Grants permission to update an existing custom verification email template", - "access_level": "Write", - "resource_types": { - "custom-verification-email-template": { - "resource_type": "custom-verification-email-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateCustomVerificationEmailTemplate.html" - }, - "UpdateReceiptRule": { - "privilege": "UpdateReceiptRule", - "description": "Grants permission to update a receipt rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateReceiptRule.html" - }, - "UpdateTemplate": { - "privilege": "UpdateTemplate", - "description": "Grants permission to update an email template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateTemplate.html" - }, - "VerifyDomainDkim": { - "privilege": "VerifyDomainDkim", - "description": "Grants permission to return a set of DKIM tokens for a domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyDomainDkim.html" - }, - "VerifyDomainIdentity": { - "privilege": "VerifyDomainIdentity", - "description": "Grants permission to verify a domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyDomainIdentity.html" - }, - "VerifyEmailAddress": { - "privilege": "VerifyEmailAddress", - "description": "Grants permission to verify an email address", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyEmailAddress.html" - }, - "VerifyEmailIdentity": { - "privilege": "VerifyEmailIdentity", - "description": "Grants permission to verify an email identity", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyEmailIdentity.html" - }, - "BatchGetMetricData": { - "privilege": "BatchGetMetricData", - "description": "Grants permission to get metric data on your activity", - "access_level": "Read", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "identity": { - "resource_type": "identity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_BatchGetMetricData.html" - }, - "CreateContact": { - "privilege": "CreateContact", - "description": "Grants permission to create a contact", - "access_level": "Write", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateContact.html" - }, - "CreateContactList": { - "privilege": "CreateContactList", - "description": "Grants permission to create a contact list", - "access_level": "Write", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateContactList.html" - }, - "CreateEmailIdentityPolicy": { - "privilege": "CreateEmailIdentityPolicy", - "description": "Grants permission to create the specified sending authorization policy for the given identity", - "access_level": "Permissions management", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateEmailIdentityPolicy.html" - }, - "CreateEmailTemplate": { - "privilege": "CreateEmailTemplate", - "description": "Grants permission to create an email template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateEmailTemplate.html" - }, - "CreateImportJob": { - "privilege": "CreateImportJob", - "description": "Grants permission to creates an import job for a data destination", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateImportJob.html" - }, - "DeleteContact": { - "privilege": "DeleteContact", - "description": "Grants permission to delete a contact from a contact list", - "access_level": "Write", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteContact.html" - }, - "DeleteContactList": { - "privilege": "DeleteContactList", - "description": "Grants permission to delete a contact list with all of its contacts", - "access_level": "Write", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteContactList.html" - }, - "DeleteEmailIdentityPolicy": { - "privilege": "DeleteEmailIdentityPolicy", - "description": "Grants permission to delete the specified sending authorization policy for the given identity (an email address or a domain)", - "access_level": "Permissions management", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteEmailIdentityPolicy.html" - }, - "DeleteEmailTemplate": { - "privilege": "DeleteEmailTemplate", - "description": "Grants permission to delete an email template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteEmailTemplate.html" - }, - "DeleteSuppressedDestination": { - "privilege": "DeleteSuppressedDestination", - "description": "Grants permission to remove an email address from the suppression list for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteSuppressedDestination.html" - }, - "GetContact": { - "privilege": "GetContact", - "description": "Grants permission to return a contact from a contact list", - "access_level": "Read", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetContact.html" - }, - "GetContactList": { - "privilege": "GetContactList", - "description": "Grants permission to return contact list metadata", - "access_level": "Read", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetContactList.html" - }, - "GetDedicatedIpPool": { - "privilege": "GetDedicatedIpPool", - "description": "Grants permission to get information about a dedicated IP pool", - "access_level": "Read", - "resource_types": { - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDedicatedIpPool.html" - }, - "GetEmailIdentityPolicies": { - "privilege": "GetEmailIdentityPolicies", - "description": "Grants permission to return the requested sending authorization policies for the given identity (an email address or a domain)", - "access_level": "Read", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetEmailIdentityPolicies.html" - }, - "GetEmailTemplate": { - "privilege": "GetEmailTemplate", - "description": "Grants permission to return the template object, which includes the subject line, HTML part, and text part for the template you specify", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetEmailTemplate.html" - }, - "GetImportJob": { - "privilege": "GetImportJob", - "description": "Grants permission to provide information about an import job", - "access_level": "Read", - "resource_types": { - "import-job": { - "resource_type": "import-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetImportJob.html" - }, - "GetSuppressedDestination": { - "privilege": "GetSuppressedDestination", - "description": "Grants permission to retrieve information about a specific email address that's on the suppression list for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetSuppressedDestination.html" - }, - "ListContactLists": { - "privilege": "ListContactLists", - "description": "Grants permission to list all of the contact lists available for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListContactLists.html" - }, - "ListContacts": { - "privilege": "ListContacts", - "description": "Grants permission to list the contacts present in a specific contact list", - "access_level": "List", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListContacts.html" - }, - "ListEmailTemplates": { - "privilege": "ListEmailTemplates", - "description": "Grants permission to list all of the email templates for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListEmailTemplates.html" - }, - "ListImportJobs": { - "privilege": "ListImportJobs", - "description": "Grants permission to list all of the import jobs for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListImportJobs.html" - }, - "ListRecommendations": { - "privilege": "ListRecommendations", - "description": "Grants permission to list recommendations for your account", - "access_level": "Read", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListRecommendations.html" - }, - "ListSuppressedDestinations": { - "privilege": "ListSuppressedDestinations", - "description": "Grants permission to list email addresses that are on the suppression list for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListSuppressedDestinations.html" - }, - "PutAccountDetails": { - "privilege": "PutAccountDetails", - "description": "Grants permission to update your account details", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountDetails.html" - }, - "PutAccountSuppressionAttributes": { - "privilege": "PutAccountSuppressionAttributes", - "description": "Grants permission to change the settings for the account-level suppression list", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountSuppressionAttributes.html" - }, - "PutAccountVdmAttributes": { - "privilege": "PutAccountVdmAttributes", - "description": "Grants permission to change the settings for VDM for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountVdmAttributes.html" - }, - "PutConfigurationSetSuppressionOptions": { - "privilege": "PutConfigurationSetSuppressionOptions", - "description": "Grants permission to specify the account suppression list preferences for a particular configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetSuppressionOptions.html" - }, - "PutConfigurationSetVdmOptions": { - "privilege": "PutConfigurationSetVdmOptions", - "description": "Grants permission to override account-level VDM settings for a particular configuration set", - "access_level": "Write", - "resource_types": { - "configuration-set": { - "resource_type": "configuration-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetVdmOptions.html" - }, - "PutDedicatedIpPoolScalingAttributes": { - "privilege": "PutDedicatedIpPoolScalingAttributes", - "description": "Grants permission to transition a dedicated IP pool from Standard to Managed", - "access_level": "Write", - "resource_types": { - "dedicated-ip-pool": { - "resource_type": "dedicated-ip-pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDedicatedIpPoolScalingAttributes.html" - }, - "PutEmailIdentityConfigurationSetAttributes": { - "privilege": "PutEmailIdentityConfigurationSetAttributes", - "description": "Grants permission to associate a configuration set with an email identity", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityConfigurationSetAttributes.html" - }, - "PutEmailIdentityDkimSigningAttributes": { - "privilege": "PutEmailIdentityDkimSigningAttributes", - "description": "Grants permission to configure or change the DKIM authentication settings for an email domain identity", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityDkimSigningAttributes.html" - }, - "PutSuppressedDestination": { - "privilege": "PutSuppressedDestination", - "description": "Grants permission to add an email address to the suppression list", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutSuppressedDestination.html" - }, - "SendBulkEmail": { - "privilege": "SendBulkEmail", - "description": "Grants permission to compose an email message to multiple destinations", - "access_level": "Write", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration-set": { - "resource_type": "configuration-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html" - }, - "TestRenderEmailTemplate": { - "privilege": "TestRenderEmailTemplate", - "description": "Grants permission to create a preview of the MIME content of an email when provided with a template and a set of replacement data", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_TestRenderEmailTemplate.html" - }, - "UpdateContact": { - "privilege": "UpdateContact", - "description": "Grants permission to update a contact's preferences for a list", - "access_level": "Write", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateContact.html" - }, - "UpdateContactList": { - "privilege": "UpdateContactList", - "description": "Grants permission to update contact list metadata", - "access_level": "Write", - "resource_types": { - "contact-list": { - "resource_type": "contact-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateContactList.html" - }, - "UpdateEmailIdentityPolicy": { - "privilege": "UpdateEmailIdentityPolicy", - "description": "Grants permission to update the specified sending authorization policy for the given identity (an email address or a domain)", - "access_level": "Permissions management", - "resource_types": { - "identity": { - "resource_type": "identity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateEmailIdentityPolicy.html" - }, - "UpdateEmailTemplate": { - "privilege": "UpdateEmailTemplate", - "description": "Grants permission to update an email template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ses:ApiVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateEmailTemplate.html" - } - }, - "resources": { - "configuration-set": { - "resource": "configuration-set", - "arn": "arn:${Partition}:ses:${Region}:${Account}:configuration-set/${ConfigurationSetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dedicated-ip-pool": { - "resource": "dedicated-ip-pool", - "arn": "arn:${Partition}:ses:${Region}:${Account}:dedicated-ip-pool/${DedicatedIPPool}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deliverability-test-report": { - "resource": "deliverability-test-report", - "arn": "arn:${Partition}:ses:${Region}:${Account}:deliverability-test-report/${ReportId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "identity": { - "resource": "identity", - "arn": "arn:${Partition}:ses:${Region}:${Account}:identity/${IdentityName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "custom-verification-email-template": { - "resource": "custom-verification-email-template", - "arn": "arn:${Partition}:ses:${Region}:${Account}:custom-verification-email-template/${TemplateName}", - "condition_keys": [] - }, - "template": { - "resource": "template", - "arn": "arn:${Partition}:ses:${Region}:${Account}:template/${TemplateName}", - "condition_keys": [] - }, - "contact-list": { - "resource": "contact-list", - "arn": "arn:${Partition}:ses:${Region}:${Account}:contact-list/${ContactListName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "import-job": { - "resource": "import-job", - "arn": "arn:${Partition}:ses:${Region}:${Account}:import-job/${ImportJobId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "ses:ApiVersion": { - "condition": "ses:ApiVersion", - "description": "Filters actions based on the SES API version", - "type": "String" - }, - "ses:FeedbackAddress": { - "condition": "ses:FeedbackAddress", - "description": "Filters actions based on the \"Return-Path\" address, which specifies where bounces and complaints are sent by email feedback forwarding", - "type": "String" - }, - "ses:FromAddress": { - "condition": "ses:FromAddress", - "description": "Filters actions based on the \"From\" address of a message", - "type": "String" - }, - "ses:FromDisplayName": { - "condition": "ses:FromDisplayName", - "description": "Filters actions based on the \"From\" address that is used as the display name of a message", - "type": "String" - }, - "ses:Recipients": { - "condition": "ses:Recipients", - "description": "Filters actions based on the recipient addresses of a message, which include the \"To\", \"CC\", and \"BCC\" addresses", - "type": "ArrayOfString" - } - } - }, - "sms-voice": { - "service_name": "Amazon Pinpoint SMS and Voice Service", - "prefix": "sms-voice", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpinpointsmsandvoiceservice.html", - "privileges": { - "CreateConfigurationSet": { - "privilege": "CreateConfigurationSet", - "description": "Grants permission to create a configuration set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "sms-voice:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreateConfigurationSet.html" - }, - "CreateConfigurationSetEventDestination": { - "privilege": "CreateConfigurationSetEventDestination", - "description": "Create a new event destination in a configuration set.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations.html" - }, - "DeleteConfigurationSet": { - "privilege": "DeleteConfigurationSet", - "description": "Grants permission to delete a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteConfigurationSet.html" - }, - "DeleteConfigurationSetEventDestination": { - "privilege": "DeleteConfigurationSetEventDestination", - "description": "Deletes an event destination in a configuration set.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations-eventdestinationname.html" - }, - "GetConfigurationSetEventDestinations": { - "privilege": "GetConfigurationSetEventDestinations", - "description": "Obtain information about an event destination, including the types of events it reports, the Amazon Resource Name (ARN) of the destination, and the name of the event destination.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations.html" - }, - "ListConfigurationSets": { - "privilege": "ListConfigurationSets", - "description": "Return a list of configuration sets. This operation only returns the configuration sets that are associated with your account in the current AWS Region.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets.html" - }, - "SendVoiceMessage": { - "privilege": "SendVoiceMessage", - "description": "Grants permission to send a voice message to a destination phone number", - "access_level": "Write", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SendVoiceMessage.html" - }, - "UpdateConfigurationSetEventDestination": { - "privilege": "UpdateConfigurationSetEventDestination", - "description": "Update an event destination in a configuration set. An event destination is a location that you publish information about your voice calls to. For example, you can log an event to an Amazon CloudWatch destination when a call fails.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations-eventdestinationname.html" - }, - "AssociateOriginationIdentity": { - "privilege": "AssociateOriginationIdentity", - "description": "Grants permission to associate an origination phone number or sender ID to a pool", - "access_level": "Write", - "resource_types": { - "Pool": { - "resource_type": "Pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_AssociateOriginationIdentity.html" - }, - "CreateEventDestination": { - "privilege": "CreateEventDestination", - "description": "Grants permission to create an event destination within a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreateEventDestination.html" - }, - "CreateOptOutList": { - "privilege": "CreateOptOutList", - "description": "Grants permission to create an opt-out list", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "sms-voice:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreateOptOutList.html" - }, - "CreatePool": { - "privilege": "CreatePool", - "description": "Grants permission to create a pool", - "access_level": "Write", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "sms-voice:TagResource" - ] - }, - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreatePool.html" - }, - "DeleteDefaultMessageType": { - "privilege": "DeleteDefaultMessageType", - "description": "Grants permission to delete the default message type for a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteDefaultMessageType.html" - }, - "DeleteDefaultSenderId": { - "privilege": "DeleteDefaultSenderId", - "description": "Grants permission to delete the default sender ID for a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteDefaultSenderId.html" - }, - "DeleteEventDestination": { - "privilege": "DeleteEventDestination", - "description": "Grants permission to delete an event destination within a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteEventDestination.html" - }, - "DeleteKeyword": { - "privilege": "DeleteKeyword", - "description": "Grants permission to delete a keyword for a pool or origination phone number", - "access_level": "Write", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteKeyword.html" - }, - "DeleteOptOutList": { - "privilege": "DeleteOptOutList", - "description": "Grants permission to delete an opt-out list", - "access_level": "Write", - "resource_types": { - "OptOutList": { - "resource_type": "OptOutList", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteOptOutList.html" - }, - "DeleteOptedOutNumber": { - "privilege": "DeleteOptedOutNumber", - "description": "Grants permission to delete a destination phone number from an opt-out list", - "access_level": "Write", - "resource_types": { - "OptOutList": { - "resource_type": "OptOutList", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteOptedOutNumber.html" - }, - "DeletePool": { - "privilege": "DeletePool", - "description": "Grants permission to delete a pool", - "access_level": "Write", - "resource_types": { - "Pool": { - "resource_type": "Pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeletePool.html" - }, - "DeleteTextMessageSpendLimitOverride": { - "privilege": "DeleteTextMessageSpendLimitOverride", - "description": "Grants permission to delete an override for your account's text messaging monthly spend limit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteTextMessageSpendLimitOverride.html" - }, - "DeleteVoiceMessageSpendLimitOverride": { - "privilege": "DeleteVoiceMessageSpendLimitOverride", - "description": "Grants permission to delete an override for your account's voice messaging monthly spend limit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteVoiceMessageSpendLimitOverride.html" - }, - "DescribeAccountAttributes": { - "privilege": "DescribeAccountAttributes", - "description": "Grants permission to describe the attributes of your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeAccountAttributes.html" - }, - "DescribeAccountLimits": { - "privilege": "DescribeAccountLimits", - "description": "Grants permission to describe the service quotas for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeAccountLimits.html" - }, - "DescribeConfigurationSets": { - "privilege": "DescribeConfigurationSets", - "description": "Grants permission to describe the configuration sets in your account", - "access_level": "Read", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeConfigurationSets.html" - }, - "DescribeKeywords": { - "privilege": "DescribeKeywords", - "description": "Grants permission to describe the keywords for a pool or origination phone number", - "access_level": "Read", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeKeywords.html" - }, - "DescribeOptOutLists": { - "privilege": "DescribeOptOutLists", - "description": "Grants permission to describe the opt-out lists in your account", - "access_level": "Read", - "resource_types": { - "OptOutList": { - "resource_type": "OptOutList", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeOptOutLists.html" - }, - "DescribeOptedOutNumbers": { - "privilege": "DescribeOptedOutNumbers", - "description": "Grants permission to describe the destination phone numbers in an opt-out list", - "access_level": "Read", - "resource_types": { - "OptOutList": { - "resource_type": "OptOutList", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeOptedOutNumbers.html" - }, - "DescribePhoneNumbers": { - "privilege": "DescribePhoneNumbers", - "description": "Grants permission to describe the origination phone numbers in your account", - "access_level": "Read", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribePhoneNumbers.html" - }, - "DescribePools": { - "privilege": "DescribePools", - "description": "Grants permission to describe the pools in your account", - "access_level": "Read", - "resource_types": { - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribePools.html" - }, - "DescribeSenderIds": { - "privilege": "DescribeSenderIds", - "description": "Grants permission to describe the sender IDs in your account", - "access_level": "Read", - "resource_types": { - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeSenderIds.html" - }, - "DescribeSpendLimits": { - "privilege": "DescribeSpendLimits", - "description": "Grants permission to describe the monthly spend limits for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeSpendLimits.html" - }, - "DisassociateOriginationIdentity": { - "privilege": "DisassociateOriginationIdentity", - "description": "Grants permission to disassociate an origination phone number or sender ID from a pool", - "access_level": "Write", - "resource_types": { - "Pool": { - "resource_type": "Pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DisassociateOriginationIdentity.html" - }, - "ListPoolOriginationIdentities": { - "privilege": "ListPoolOriginationIdentities", - "description": "Grants permission to list all origination phone numbers and sender IDs associated to a pool", - "access_level": "Read", - "resource_types": { - "Pool": { - "resource_type": "Pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_ListPoolOriginationIdentities.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OptOutList": { - "resource_type": "OptOutList", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_ListTagsForResource.html" - }, - "PutKeyword": { - "privilege": "PutKeyword", - "description": "Grants permission to create or update a keyword for a pool or origination phone number", - "access_level": "Write", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_PutKeyword.html" - }, - "PutOptedOutNumber": { - "privilege": "PutOptedOutNumber", - "description": "Grants permission to put a destination phone number into an opt-out list", - "access_level": "Write", - "resource_types": { - "OptOutList": { - "resource_type": "OptOutList", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_PutOptedOutNumber.html" - }, - "ReleasePhoneNumber": { - "privilege": "ReleasePhoneNumber", - "description": "Grants permission to release an origination phone number", - "access_level": "Write", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_ReleasePhoneNumber.html" - }, - "RequestPhoneNumber": { - "privilege": "RequestPhoneNumber", - "description": "Grants permission to request an origination phone number", - "access_level": "Write", - "resource_types": { - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "sms-voice:AssociateOriginationIdentity", - "sms-voice:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_RequestPhoneNumber.html" - }, - "SendTextMessage": { - "privilege": "SendTextMessage", - "description": "Grants permission to send a text message to a destination phone number", - "access_level": "Write", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SendTextMessage.html" - }, - "SetDefaultMessageType": { - "privilege": "SetDefaultMessageType", - "description": "Grants permission to set the default message type for a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetDefaultMessageType.html" - }, - "SetDefaultSenderId": { - "privilege": "SetDefaultSenderId", - "description": "Grants permission to set the default sender ID for a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetDefaultSenderId.html" - }, - "SetTextMessageSpendLimitOverride": { - "privilege": "SetTextMessageSpendLimitOverride", - "description": "Grants permission to set an override for your account's text messaging monthly spend limit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetTextMessageSpendLimitOverride.html" - }, - "SetVoiceMessageSpendLimitOverride": { - "privilege": "SetVoiceMessageSpendLimitOverride", - "description": "Grants permission to set an override for your account's voice messaging monthly spend limit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetVoiceMessageSpendLimitOverride.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OptOutList": { - "resource_type": "OptOutList", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OptOutList": { - "resource_type": "OptOutList", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Pool": { - "resource_type": "Pool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SenderId": { - "resource_type": "SenderId", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UntagResource.html" - }, - "UpdateEventDestination": { - "privilege": "UpdateEventDestination", - "description": "Grants permission to update an event destination within a configuration set", - "access_level": "Write", - "resource_types": { - "ConfigurationSet": { - "resource_type": "ConfigurationSet", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UpdateEventDestination.html" - }, - "UpdatePhoneNumber": { - "privilege": "UpdatePhoneNumber", - "description": "Grants permission to update an origination phone number's configuration", - "access_level": "Write", - "resource_types": { - "PhoneNumber": { - "resource_type": "PhoneNumber", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UpdatePhoneNumber.html" - }, - "UpdatePool": { - "privilege": "UpdatePool", - "description": "Grants permission to update a pool's configuration", - "access_level": "Write", - "resource_types": { - "Pool": { - "resource_type": "Pool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UpdatePool.html" - } - }, - "resources": { - "ConfigurationSet": { - "resource": "ConfigurationSet", - "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:configuration-set/${ConfigurationSetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "OptOutList": { - "resource": "OptOutList", - "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:opt-out-list/${OptOutListName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "PhoneNumber": { - "resource": "PhoneNumber", - "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:phone-number/${PhoneNumberId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Pool": { - "resource": "Pool", - "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:pool/${PoolId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "SenderId": { - "resource": "SenderId", - "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:sender-id/${SenderId}/${IsoCountryCode}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "polly": { - "service_name": "Amazon Polly", - "prefix": "polly", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpolly.html", - "privileges": { - "DeleteLexicon": { - "privilege": "DeleteLexicon", - "description": "Grants permission to delete the specified pronunciation lexicon stored in an AWS Region", - "access_level": "Write", - "resource_types": { - "lexicon": { - "resource_type": "lexicon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_DeleteLexicon.html" - }, - "DescribeVoices": { - "privilege": "DescribeVoices", - "description": "Grants permission to describe the list of voices that are available for use when requesting speech synthesis", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_DescribeVoices.html" - }, - "GetLexicon": { - "privilege": "GetLexicon", - "description": "Grants permission to retrieve the content of the specified pronunciation lexicon stored in an AWS Region", - "access_level": "Read", - "resource_types": { - "lexicon": { - "resource_type": "lexicon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_GetLexicon.html" - }, - "GetSpeechSynthesisTask": { - "privilege": "GetSpeechSynthesisTask", - "description": "Grants permission to get information about specific speech synthesis task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_GetSpeechSynthesisTask.html" - }, - "ListLexicons": { - "privilege": "ListLexicons", - "description": "Grants permission to list the pronunciation lexicons stored in an AWS Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_ListLexicons.html" - }, - "ListSpeechSynthesisTasks": { - "privilege": "ListSpeechSynthesisTasks", - "description": "Grants permission to list requested speech synthesis tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_ListSpeechSynthesisTasks.html" - }, - "PutLexicon": { - "privilege": "PutLexicon", - "description": "Grants permission to store a pronunciation lexicon in an AWS Region", - "access_level": "Write", - "resource_types": { - "lexicon": { - "resource_type": "lexicon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_PutLexicon.html" - }, - "StartSpeechSynthesisTask": { - "privilege": "StartSpeechSynthesisTask", - "description": "Grants permission to synthesize long inputs to the provided S3 location", - "access_level": "Write", - "resource_types": { - "lexicon": { - "resource_type": "lexicon", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_StartSpeechSynthesisTask.html" - }, - "SynthesizeSpeech": { - "privilege": "SynthesizeSpeech", - "description": "Grants permission to synthesize speech", - "access_level": "Read", - "resource_types": { - "lexicon": { - "resource_type": "lexicon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html" - } - }, - "resources": { - "lexicon": { - "resource": "lexicon", - "arn": "arn:${Partition}:polly:${Region}:${Account}:lexicon/${LexiconName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "qldb": { - "service_name": "Amazon QLDB", - "prefix": "qldb", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonqldb.html", - "privileges": { - "CancelJournalKinesisStream": { - "privilege": "CancelJournalKinesisStream", - "description": "Grants permission to cancel a journal kinesis stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_CancelJournalKinesisStream.html" - }, - "CreateLedger": { - "privilege": "CreateLedger", - "description": "Grants permission to create a ledger", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_CreateLedger.html" - }, - "DeleteLedger": { - "privilege": "DeleteLedger", - "description": "Grants permission to delete a ledger", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DeleteLedger.html" - }, - "DescribeJournalKinesisStream": { - "privilege": "DescribeJournalKinesisStream", - "description": "Grants permission to describe information about a journal kinesis stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DescribeJournalKinesisStream.html" - }, - "DescribeJournalS3Export": { - "privilege": "DescribeJournalS3Export", - "description": "Grants permission to describe information about a journal export job", - "access_level": "Read", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DescribeJournalS3Export.html" - }, - "DescribeLedger": { - "privilege": "DescribeLedger", - "description": "Grants permission to describe a ledger", - "access_level": "Read", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DescribeLedger.html" - }, - "ExecuteStatement": { - "privilege": "ExecuteStatement", - "description": "Grants permission to send commands to a ledger via the console", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/console_QLDB.html" - }, - "ExportJournalToS3": { - "privilege": "ExportJournalToS3", - "description": "Grants permission to export journal contents to an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ExportJournalToS3.html" - }, - "GetBlock": { - "privilege": "GetBlock", - "description": "Grants permission to retrieve a block from a ledger for a given BlockAddress", - "access_level": "Read", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_GetBlock.html" - }, - "GetDigest": { - "privilege": "GetDigest", - "description": "Grants permission to retrieve a digest from a ledger for a given BlockAddress", - "access_level": "Read", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_GetDigest.html" - }, - "GetRevision": { - "privilege": "GetRevision", - "description": "Grants permission to retrieve a revision for a given document ID and a given BlockAddress", - "access_level": "Read", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_GetRevision.html" - }, - "InsertSampleData": { - "privilege": "InsertSampleData", - "description": "Grants permission to insert sample application data via the console", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/console_QLDB.html" - }, - "ListJournalKinesisStreamsForLedger": { - "privilege": "ListJournalKinesisStreamsForLedger", - "description": "Grants permission to list journal kinesis streams for a specified ledger", - "access_level": "List", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListJournalKinesisStreamsForLedger.html" - }, - "ListJournalS3Exports": { - "privilege": "ListJournalS3Exports", - "description": "Grants permission to list journal export jobs for all ledgers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListJournalS3Exports.html" - }, - "ListJournalS3ExportsForLedger": { - "privilege": "ListJournalS3ExportsForLedger", - "description": "Grants permission to list journal export jobs for a specified ledger", - "access_level": "List", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListJournalS3ExportsForLedger.html" - }, - "ListLedgers": { - "privilege": "ListLedgers", - "description": "Grants permission to list existing ledgers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListLedgers.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ledger": { - "resource_type": "ledger", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListTagsForResource.html" - }, - "PartiQLCreateIndex": { - "privilege": "PartiQLCreateIndex", - "description": "Grants permission to create an index on a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.create-index.html" - }, - "PartiQLCreateTable": { - "privilege": "PartiQLCreateTable", - "description": "Grants permission to create a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.create-table.html" - }, - "PartiQLDelete": { - "privilege": "PartiQLDelete", - "description": "Grants permission to delete documents from a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.delete.html" - }, - "PartiQLDropIndex": { - "privilege": "PartiQLDropIndex", - "description": "Grants permission to drop an index from a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "qldb:Purge" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.drop-index.html" - }, - "PartiQLDropTable": { - "privilege": "PartiQLDropTable", - "description": "Grants permission to drop a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "qldb:Purge" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.drop-table.html" - }, - "PartiQLHistoryFunction": { - "privilege": "PartiQLHistoryFunction", - "description": "Grants permission to use the history function on a table", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/working.history.html" - }, - "PartiQLInsert": { - "privilege": "PartiQLInsert", - "description": "Grants permission to insert documents into a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.insert.html" - }, - "PartiQLRedact": { - "privilege": "PartiQLRedact", - "description": "Grants permission to redact historic revisions", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-stored-procedures.redact_revision.html" - }, - "PartiQLSelect": { - "privilege": "PartiQLSelect", - "description": "Grants permission to select documents from a table", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.select.html" - }, - "PartiQLUndropTable": { - "privilege": "PartiQLUndropTable", - "description": "Grants permission to undrop a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.undrop-table.html" - }, - "PartiQLUpdate": { - "privilege": "PartiQLUpdate", - "description": "Grants permission to update existing documents in a table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.update.html" - }, - "SendCommand": { - "privilege": "SendCommand", - "description": "Grants permission to send commands to a ledger", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_QLDB-Session_SendCommand.html" - }, - "ShowCatalog": { - "privilege": "ShowCatalog", - "description": "Grants permission to view a ledger's catalog via the console", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/console_QLDB.html" - }, - "StreamJournalToKinesis": { - "privilege": "StreamJournalToKinesis", - "description": "Grants permission to stream journal contents to a Kinesis Data Stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_StreamJournalToKinesis.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a resource", - "access_level": "Tagging", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ledger": { - "resource_type": "ledger", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a resource", - "access_level": "Tagging", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ledger": { - "resource_type": "ledger", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_UntagResource.html" - }, - "UpdateLedger": { - "privilege": "UpdateLedger", - "description": "Grants permission to update properties on a ledger", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_UpdateLedger.html" - }, - "UpdateLedgerPermissionsMode": { - "privilege": "UpdateLedgerPermissionsMode", - "description": "Grants permission to update the permissions mode on a ledger", - "access_level": "Write", - "resource_types": { - "ledger": { - "resource_type": "ledger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_UpdateLedgerPermissionsMode.html" - } - }, - "resources": { - "ledger": { - "resource": "ledger", - "arn": "arn:${Partition}:qldb:${Region}:${Account}:ledger/${LedgerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stream": { - "resource": "stream", - "arn": "arn:${Partition}:qldb:${Region}:${Account}:stream/${LedgerName}/${StreamId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "table": { - "resource": "table", - "arn": "arn:${Partition}:qldb:${Region}:${Account}:ledger/${LedgerName}/table/${TableId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "catalog": { - "resource": "catalog", - "arn": "arn:${Partition}:qldb:${Region}:${Account}:ledger/${LedgerName}/information_schema/user_tables", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - }, - "qldb:Purge": { - "condition": "qldb:Purge", - "description": "Filters access by the value of purge that is specified in a PartiQL DROP statement", - "type": "String" - } - } - }, - "quicksight": { - "service_name": "Amazon QuickSight", - "prefix": "quicksight", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonquicksight.html", - "privileges": { - "AccountConfigurations": { - "privilege": "AccountConfigurations", - "description": "Grants permission to enable setting default access to AWS resources", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/accessing-data-sources.html" - }, - "CancelIngestion": { - "privilege": "CancelIngestion", - "description": "Grants permission to cancel a SPICE ingestions on a dataset", - "access_level": "Write", - "resource_types": { - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CancelIngestion.html" - }, - "CreateAccountCustomization": { - "privilege": "CreateAccountCustomization", - "description": "Grants permission to create an account customization for QuickSight account or namespace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateAccountCustomization.html" - }, - "CreateAccountSubscription": { - "privilege": "CreateAccountSubscription", - "description": "Grants permission to subscribe to QuickSight", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateAccountSubscription.html" - }, - "CreateAdmin": { - "privilege": "CreateAdmin", - "description": "Grants permission to provision Amazon QuickSight administrators, authors, and readers", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "CreateAnalysis": { - "privilege": "CreateAnalysis", - "description": "Grants permission to create an analysis from a template", - "access_level": "Write", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateAnalysis.html" - }, - "CreateCustomPermissions": { - "privilege": "CreateCustomPermissions", - "description": "Grants permission to create a custom permissions resource for restricting user access", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "CreateDashboard": { - "privilege": "CreateDashboard", - "description": "Grants permission to create a QuickSight Dashboard", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDashboard.html" - }, - "CreateDataSet": { - "privilege": "CreateDataSet", - "description": "Grants permission to create a dataset", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "quicksight:PassDataSource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDataSet.html" - }, - "CreateDataSource": { - "privilege": "CreateDataSource", - "description": "Grants permission to create a data source", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDataSource.html" - }, - "CreateEmailCustomizationTemplate": { - "privilege": "CreateEmailCustomizationTemplate", - "description": "Grants permission to create a QuickSight email customization template", - "access_level": "Write", - "resource_types": { - "emailCustomizationTemplate": { - "resource_type": "emailCustomizationTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" - }, - "CreateFolder": { - "privilege": "CreateFolder", - "description": "Grants permission to create a QuickSight folder", - "access_level": "Write", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateFolder.html" - }, - "CreateFolderMembership": { - "privilege": "CreateFolderMembership", - "description": "Grants permission to add a QuickSight Dashboard, Analysis or Dataset to a QuickSight Folder", - "access_level": "Write", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "analysis": { - "resource_type": "analysis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateFolderMembership.html" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a QuickSight group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateGroup.html" - }, - "CreateGroupMembership": { - "privilege": "CreateGroupMembership", - "description": "Grants permission to add a QuickSight user to a QuickSight group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [ - "quicksight:UserName" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateGroupMembership.html" - }, - "CreateIAMPolicyAssignment": { - "privilege": "CreateIAMPolicyAssignment", - "description": "Grants permission to create an assignment with one specified IAM Policy ARN that will be assigned to specified groups or users of QuickSight", - "access_level": "Permissions management", - "resource_types": { - "assignment": { - "resource_type": "assignment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateIAMPolicyAssignment.html" - }, - "CreateIngestion": { - "privilege": "CreateIngestion", - "description": "Grants permission to start a SPICE ingestion on a dataset", - "access_level": "Write", - "resource_types": { - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateIngestion.html" - }, - "CreateNamespace": { - "privilege": "CreateNamespace", - "description": "Grants permission to create an QuickSight namespace", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:CreateIdentityPoolDirectory" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateNamespace.html" - }, - "CreateReader": { - "privilege": "CreateReader", - "description": "Grants permission to provision Amazon QuickSight readers", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "CreateRefreshSchedule": { - "privilege": "CreateRefreshSchedule", - "description": "Grants permission to create a refresh schedule for a dataset", - "access_level": "Write", - "resource_types": { - "refreshschedule": { - "resource_type": "refreshschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateRefreshSchedule.html" - }, - "CreateTemplate": { - "privilege": "CreateTemplate", - "description": "Grants permission to create a template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTemplate.html" - }, - "CreateTemplateAlias": { - "privilege": "CreateTemplateAlias", - "description": "Grants permission to create a template alias", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTemplateAlias.html" - }, - "CreateTheme": { - "privilege": "CreateTheme", - "description": "Grants permission to create a theme", - "access_level": "Write", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTheme.html" - }, - "CreateThemeAlias": { - "privilege": "CreateThemeAlias", - "description": "Grants permission to create an alias for a theme version", - "access_level": "Write", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateThemeAlias.html" - }, - "CreateTopic": { - "privilege": "CreateTopic", - "description": "Grants permission to create a topic", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "quicksight:PassDataSet" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTopic.html" - }, - "CreateTopicRefreshSchedule": { - "privilege": "CreateTopicRefreshSchedule", - "description": "Grants permission to create a refresh schedule for a topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTopicRefreshSchedule.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to provision Amazon QuickSight authors and readers", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "CreateVPCConnection": { - "privilege": "CreateVPCConnection", - "description": "Grants permission to create a vpc connection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateVPCConnection.html" - }, - "DeleteAccountCustomization": { - "privilege": "DeleteAccountCustomization", - "description": "Grants permission to delete an account customization for QuickSight account or namespace", - "access_level": "Write", - "resource_types": { - "customization": { - "resource_type": "customization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteAccountCustomization.html" - }, - "DeleteAccountSubscription": { - "privilege": "DeleteAccountSubscription", - "description": "Grants permission to delete a QuickSight account", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteAccountSubscription.html" - }, - "DeleteAnalysis": { - "privilege": "DeleteAnalysis", - "description": "Grants permission to delete an analysis", - "access_level": "Write", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteAnalysis.html" - }, - "DeleteCustomPermissions": { - "privilege": "DeleteCustomPermissions", - "description": "Grants permission to delete a custom permissions resource", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "DeleteDashboard": { - "privilege": "DeleteDashboard", - "description": "Grants permission to delete a QuickSight Dashboard", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDashboard.html" - }, - "DeleteDataSet": { - "privilege": "DeleteDataSet", - "description": "Grants permission to delete a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDataSet.html" - }, - "DeleteDataSetRefreshProperties": { - "privilege": "DeleteDataSetRefreshProperties", - "description": "Grants permission to delete dataset refresh properties for a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDataSetRefreshProperties.html" - }, - "DeleteDataSource": { - "privilege": "DeleteDataSource", - "description": "Grants permission to delete a data source", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDataSource.html" - }, - "DeleteEmailCustomizationTemplate": { - "privilege": "DeleteEmailCustomizationTemplate", - "description": "Grants permission to delete a QuickSight email customization template", - "access_level": "Write", - "resource_types": { - "emailCustomizationTemplate": { - "resource_type": "emailCustomizationTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" - }, - "DeleteFolder": { - "privilege": "DeleteFolder", - "description": "Grants permission to delete a QuickSight Folder", - "access_level": "Write", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteFolder.html" - }, - "DeleteFolderMembership": { - "privilege": "DeleteFolderMembership", - "description": "Grants permission to remove a QuickSight Dashboard, Analysis or Dataset from a QuickSight Folder", - "access_level": "Write", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "analysis": { - "resource_type": "analysis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteFolderMembership.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to remove a user group from QuickSight", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteGroup.html" - }, - "DeleteGroupMembership": { - "privilege": "DeleteGroupMembership", - "description": "Grants permission to remove a user from a group so that he/she is no longer a member of the group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [ - "quicksight:UserName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteGroupMembership.html" - }, - "DeleteIAMPolicyAssignment": { - "privilege": "DeleteIAMPolicyAssignment", - "description": "Grants permission to update an existing assignment", - "access_level": "Permissions management", - "resource_types": { - "assignment": { - "resource_type": "assignment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteIAMPolicyAssignment.html" - }, - "DeleteNamespace": { - "privilege": "DeleteNamespace", - "description": "Grants permission to delete a QuickSight namespace", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DeleteDirectory" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteNamespace.html" - }, - "DeleteRefreshSchedule": { - "privilege": "DeleteRefreshSchedule", - "description": "Grants permission to delete a refresh schedule for a dataset", - "access_level": "Write", - "resource_types": { - "refreshschedule": { - "resource_type": "refreshschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteRefreshSchedule.html" - }, - "DeleteTemplate": { - "privilege": "DeleteTemplate", - "description": "Grants permission to delete a template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTemplate.html" - }, - "DeleteTemplateAlias": { - "privilege": "DeleteTemplateAlias", - "description": "Grants permission to delete a template alias", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTemplateAlias.html" - }, - "DeleteTheme": { - "privilege": "DeleteTheme", - "description": "Grants permission to delete a theme", - "access_level": "Write", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTheme.html" - }, - "DeleteThemeAlias": { - "privilege": "DeleteThemeAlias", - "description": "Grants permission to delete the alias of a theme", - "access_level": "Write", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteThemeAlias.html" - }, - "DeleteTopic": { - "privilege": "DeleteTopic", - "description": "Grants permission to delete a topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTopic.html" - }, - "DeleteTopicRefreshSchedule": { - "privilege": "DeleteTopicRefreshSchedule", - "description": "Grants permission to delete a refresh schedule for a topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTopicRefreshSchedule.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a QuickSight user, given the user name", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteUser.html" - }, - "DeleteUserByPrincipalId": { - "privilege": "DeleteUserByPrincipalId", - "description": "Grants permission to deletes a user identified by its principal ID", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteUserByPrincipalId.html" - }, - "DeleteVPCConnection": { - "privilege": "DeleteVPCConnection", - "description": "Grants permission to delete a vpc connection", - "access_level": "Write", - "resource_types": { - "vpcconnection": { - "resource_type": "vpcconnection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteVPCConnection.html" - }, - "DescribeAccountCustomization": { - "privilege": "DescribeAccountCustomization", - "description": "Grants permission to describe an account customization for QuickSight account or namespace", - "access_level": "Read", - "resource_types": { - "customization": { - "resource_type": "customization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAccountCustomization.html" - }, - "DescribeAccountSettings": { - "privilege": "DescribeAccountSettings", - "description": "Grants permission to describe the administrative account settings for QuickSight account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAccountSettings.html" - }, - "DescribeAccountSubscription": { - "privilege": "DescribeAccountSubscription", - "description": "Grants permission to describe a QuickSight account", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAccountSubscription.html" - }, - "DescribeAnalysis": { - "privilege": "DescribeAnalysis", - "description": "Grants permission to describe an analysis", - "access_level": "Read", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAnalysis.html" - }, - "DescribeAnalysisPermissions": { - "privilege": "DescribeAnalysisPermissions", - "description": "Grants permission to describe permissions for an analysis", - "access_level": "Read", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAnalysisPermissions.html" - }, - "DescribeAssetBundleExportJob": { - "privilege": "DescribeAssetBundleExportJob", - "description": "Grants permission to describe an asset bundle export job", - "access_level": "Read", - "resource_types": { - "assetBundleExportJob": { - "resource_type": "assetBundleExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAssetBundleExportJob.html" - }, - "DescribeAssetBundleImportJob": { - "privilege": "DescribeAssetBundleImportJob", - "description": "Grants permission to describe an asset bundle import job", - "access_level": "Read", - "resource_types": { - "assetBundleImportJob": { - "resource_type": "assetBundleImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAssetBundleImportJob.html" - }, - "DescribeCustomPermissions": { - "privilege": "DescribeCustomPermissions", - "description": "Grants permission to describe a custom permissions resource in a QuickSight account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "DescribeDashboard": { - "privilege": "DescribeDashboard", - "description": "Grants permission to describe a QuickSight Dashboard", - "access_level": "Read", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDashboard.html" - }, - "DescribeDashboardPermissions": { - "privilege": "DescribeDashboardPermissions", - "description": "Grants permission to describe permissions for a QuickSight Dashboard", - "access_level": "Read", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDashboardPermissions.html" - }, - "DescribeDataSet": { - "privilege": "DescribeDataSet", - "description": "Grants permission to describe a dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSet.html" - }, - "DescribeDataSetPermissions": { - "privilege": "DescribeDataSetPermissions", - "description": "Grants permission to describe the resource policy of a dataset", - "access_level": "Permissions management", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSetPermissions.html" - }, - "DescribeDataSetRefreshProperties": { - "privilege": "DescribeDataSetRefreshProperties", - "description": "Grants permission to describe refresh properties for a dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSetRefreshProperties.html" - }, - "DescribeDataSource": { - "privilege": "DescribeDataSource", - "description": "Grants permission to describe a data source", - "access_level": "Read", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSource.html" - }, - "DescribeDataSourcePermissions": { - "privilege": "DescribeDataSourcePermissions", - "description": "Grants permission to describe the resource policy of a data source", - "access_level": "Permissions management", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSourcePermissions.html" - }, - "DescribeEmailCustomizationTemplate": { - "privilege": "DescribeEmailCustomizationTemplate", - "description": "Grants permission to describe a QuickSight email customization template", - "access_level": "Read", - "resource_types": { - "emailCustomizationTemplate": { - "resource_type": "emailCustomizationTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" - }, - "DescribeFolder": { - "privilege": "DescribeFolder", - "description": "Grants permission to describe a QuickSight Folder", - "access_level": "Read", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeFolder.html" - }, - "DescribeFolderPermissions": { - "privilege": "DescribeFolderPermissions", - "description": "Grants permission to describe permissions for a QuickSight Folder", - "access_level": "Read", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeFolderPermissions.html" - }, - "DescribeFolderResolvedPermissions": { - "privilege": "DescribeFolderResolvedPermissions", - "description": "Grants permission to describe resolved permissions for a QuickSight Folder", - "access_level": "Read", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeFolderResolvedPermissions.html" - }, - "DescribeGroup": { - "privilege": "DescribeGroup", - "description": "Grants permission to describe a QuickSight group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeGroup.html" - }, - "DescribeGroupMembership": { - "privilege": "DescribeGroupMembership", - "description": "Grants permission to describe a QuickSight group member", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [ - "quicksight:UserName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeGroupMembership.html" - }, - "DescribeIAMPolicyAssignment": { - "privilege": "DescribeIAMPolicyAssignment", - "description": "Grants permission to describe an existing assignment", - "access_level": "Read", - "resource_types": { - "assignment": { - "resource_type": "assignment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeIAMPolicyAssignment.html" - }, - "DescribeIngestion": { - "privilege": "DescribeIngestion", - "description": "Grants permission to describe a SPICE ingestion on a dataset", - "access_level": "Read", - "resource_types": { - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeIngestion.html" - }, - "DescribeIpRestriction": { - "privilege": "DescribeIpRestriction", - "description": "Grants permission to describe the IP restrictions for QuickSight account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeIpRestriction.html" - }, - "DescribeNamespace": { - "privilege": "DescribeNamespace", - "description": "Grants permission to describe a QuickSight namespace", - "access_level": "Read", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeNamespace.html" - }, - "DescribeRefreshSchedule": { - "privilege": "DescribeRefreshSchedule", - "description": "Grants permission to describe a refresh schedule for a dataset", - "access_level": "Read", - "resource_types": { - "refreshschedule": { - "resource_type": "refreshschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeRefreshSchedule.html" - }, - "DescribeTemplate": { - "privilege": "DescribeTemplate", - "description": "Grants permission to describe a template", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTemplate.html" - }, - "DescribeTemplateAlias": { - "privilege": "DescribeTemplateAlias", - "description": "Grants permission to describe a template alias", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTemplateAlias.html" - }, - "DescribeTemplatePermissions": { - "privilege": "DescribeTemplatePermissions", - "description": "Grants permission to describe permissions for a template", - "access_level": "Read", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTemplatePermissions.html" - }, - "DescribeTheme": { - "privilege": "DescribeTheme", - "description": "Grants permission to describe a theme", - "access_level": "Read", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTheme.html" - }, - "DescribeThemeAlias": { - "privilege": "DescribeThemeAlias", - "description": "Grants permission to describe a theme alias", - "access_level": "Read", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeThemeAlias.html" - }, - "DescribeThemePermissions": { - "privilege": "DescribeThemePermissions", - "description": "Grants permission to describe permissions for a theme", - "access_level": "Read", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeThemePermissions.html" - }, - "DescribeTopic": { - "privilege": "DescribeTopic", - "description": "Grants permission to describe a topic", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopic.html" - }, - "DescribeTopicPermissions": { - "privilege": "DescribeTopicPermissions", - "description": "Grants permission to describe the resource policy of a topic", - "access_level": "Permissions management", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopicPermissions.html" - }, - "DescribeTopicRefresh": { - "privilege": "DescribeTopicRefresh", - "description": "Grants permission to describe the refresh status of a topic", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopicRefresh.html" - }, - "DescribeTopicRefreshSchedule": { - "privilege": "DescribeTopicRefreshSchedule", - "description": "Grants permission to describe a refresh schedule for a topic", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopicRefreshSchedule.html" - }, - "DescribeUser": { - "privilege": "DescribeUser", - "description": "Grants permission to describe a QuickSight user given the user name", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeUser.html" - }, - "DescribeVPCConnection": { - "privilege": "DescribeVPCConnection", - "description": "Grants permission to describe a vpc connection", - "access_level": "Read", - "resource_types": { - "vpcconnection": { - "resource_type": "vpcconnection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeVPCConnection.html" - }, - "GenerateEmbedUrlForAnonymousUser": { - "privilege": "GenerateEmbedUrlForAnonymousUser", - "description": "Grants permission to generate a URL used to embed a QuickSight Dashboard or Q Topic for a user not registered with QuickSight", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "topic": { - "resource_type": "topic", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "quicksight:AllowedEmbeddingDomains" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GenerateEmbedUrlForAnonymousUser.html" - }, - "GenerateEmbedUrlForRegisteredUser": { - "privilege": "GenerateEmbedUrlForRegisteredUser", - "description": "Grants permission to generate a URL used to embed a QuickSight Dashboard for a user registered with QuickSight", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "quicksight:AllowedEmbeddingDomains" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GenerateEmbedUrlForRegisteredUser.html" - }, - "GetAnonymousUserEmbedUrl": { - "privilege": "GetAnonymousUserEmbedUrl", - "description": "Grants permission to get a URL used to embed a QuickSight Dashboard for a user not registered with QuickSight", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "GetAuthCode": { - "privilege": "GetAuthCode", - "description": "Grants permission to get an auth code representing a QuickSight user", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "GetDashboardEmbedUrl": { - "privilege": "GetDashboardEmbedUrl", - "description": "Grants permission to get a URL used to embed a QuickSight Dashboard", - "access_level": "Read", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GetDashboardEmbedUrl.html" - }, - "GetGroupMapping": { - "privilege": "GetGroupMapping", - "description": "Grants permission to use Amazon QuickSight, in Enterprise edition, to identify and display the Microsoft Active Directory (Microsoft Active Directory) directory groups that are mapped to roles in Amazon QuickSight", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "GetSessionEmbedUrl": { - "privilege": "GetSessionEmbedUrl", - "description": "Grants permission to get a URL to embed QuickSight console experience", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GetSessionEmbedUrl.html" - }, - "ListAnalyses": { - "privilege": "ListAnalyses", - "description": "Grants permission to list all analyses in an account", - "access_level": "List", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListAnalyses.html" - }, - "ListAssetBundleExportJobs": { - "privilege": "ListAssetBundleExportJobs", - "description": "Grants permission to list all asset bundle export jobs", - "access_level": "List", - "resource_types": { - "assetBundleExportJob": { - "resource_type": "assetBundleExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListAssetBundleExportJobs.html" - }, - "ListAssetBundleImportJobs": { - "privilege": "ListAssetBundleImportJobs", - "description": "Grants permission to list all asset bundle import jobs", - "access_level": "List", - "resource_types": { - "assetBundleImportJob": { - "resource_type": "assetBundleImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListAssetBundleImportJobs.html" - }, - "ListCustomPermissions": { - "privilege": "ListCustomPermissions", - "description": "Grants permission to list custom permissions resources in QuickSight account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "ListCustomerManagedKeys": { - "privilege": "ListCustomerManagedKeys", - "description": "Grants permission to list all registered customer managed keys", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" - }, - "ListDashboardVersions": { - "privilege": "ListDashboardVersions", - "description": "Grants permission to list all versions of a QuickSight Dashboard", - "access_level": "List", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDashboardVersions.html" - }, - "ListDashboards": { - "privilege": "ListDashboards", - "description": "Grants permission to list all Dashboards in a QuickSight Account", - "access_level": "List", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDashboards.html" - }, - "ListDataSets": { - "privilege": "ListDataSets", - "description": "Grants permission to list all datasets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDataSets.html" - }, - "ListDataSources": { - "privilege": "ListDataSources", - "description": "Grants permission to list all data sources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDataSources.html" - }, - "ListFolderMembers": { - "privilege": "ListFolderMembers", - "description": "Grants permission to list all members in a folder", - "access_level": "Read", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListFolderMembers.html" - }, - "ListFolders": { - "privilege": "ListFolders", - "description": "Grants permission to list all Folders in a QuickSight Account", - "access_level": "List", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListFolders.html" - }, - "ListGroupMemberships": { - "privilege": "ListGroupMemberships", - "description": "Grants permission to list member users in a group", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListGroupMemberships.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list all user groups in QuickSight", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListGroups.html" - }, - "ListIAMPolicyAssignments": { - "privilege": "ListIAMPolicyAssignments", - "description": "Grants permission to list all assignments in the current Amazon QuickSight account", - "access_level": "List", - "resource_types": { - "assignment": { - "resource_type": "assignment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListIAMPolicyAssignments.html" - }, - "ListIAMPolicyAssignmentsForUser": { - "privilege": "ListIAMPolicyAssignmentsForUser", - "description": "Grants permission to list all assignments assigned to a user and the groups it belongs", - "access_level": "List", - "resource_types": { - "assignment": { - "resource_type": "assignment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListIAMPolicyAssignmentsForUser.html" - }, - "ListIngestions": { - "privilege": "ListIngestions", - "description": "Grants permission to list all SPICE ingestions on a dataset", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListIngestions.html" - }, - "ListKMSKeysForUser": { - "privilege": "ListKMSKeysForUser", - "description": "Grants permission to list a user's KMS keys", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" - }, - "ListNamespaces": { - "privilege": "ListNamespaces", - "description": "Grants permission to lists all namespaces in a QuickSight account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListNamespaces.html" - }, - "ListRefreshSchedules": { - "privilege": "ListRefreshSchedules", - "description": "Grants permission to list all refresh schedules on a dataset", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListRefreshSchedules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags of a QuickSight resource", - "access_level": "Read", - "resource_types": { - "customization": { - "resource_type": "customization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "folder": { - "resource_type": "folder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "theme": { - "resource_type": "theme", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "topic": { - "resource_type": "topic", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTemplateAliases": { - "privilege": "ListTemplateAliases", - "description": "Grants permission to list all aliases for a template", - "access_level": "List", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTemplateAliases.html" - }, - "ListTemplateVersions": { - "privilege": "ListTemplateVersions", - "description": "Grants permission to list all versions of a template", - "access_level": "List", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTemplateVersions.html" - }, - "ListTemplates": { - "privilege": "ListTemplates", - "description": "Grants permission to list all templates in a QuickSight account", - "access_level": "List", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTemplates.html" - }, - "ListThemeAliases": { - "privilege": "ListThemeAliases", - "description": "Grants permission to list all aliases of a theme", - "access_level": "List", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListThemeAliases.html" - }, - "ListThemeVersions": { - "privilege": "ListThemeVersions", - "description": "Grants permission to list all versions of a theme", - "access_level": "List", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListThemeVersions.html" - }, - "ListThemes": { - "privilege": "ListThemes", - "description": "Grants permission to list all themes in an account", - "access_level": "List", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListThemes.html" - }, - "ListTopicRefreshSchedules": { - "privilege": "ListTopicRefreshSchedules", - "description": "Grants permission to list all refresh schedules on a topic", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTopicRefreshSchedules.html" - }, - "ListTopics": { - "privilege": "ListTopics", - "description": "Grants permission to list all topics", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTopics.html" - }, - "ListUserGroups": { - "privilege": "ListUserGroups", - "description": "Grants permission to list groups that a given user is a member of", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListUserGroups.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list all of the QuickSight users belonging to this account", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListUsers.html" - }, - "ListVPCConnections": { - "privilege": "ListVPCConnections", - "description": "Grants permission to list all vpc connections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListVPCConnections.html" - }, - "PassDataSet": { - "privilege": "PassDataSet", - "description": "Grants permission to use a dataset for a template", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/qs-api-overview.html" - }, - "PassDataSource": { - "privilege": "PassDataSource", - "description": "Grants permission to use a data source for a data set", - "access_level": "Read", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/qs-api-overview.html" - }, - "PutDataSetRefreshProperties": { - "privilege": "PutDataSetRefreshProperties", - "description": "Grants permission to put dataset refresh properties for a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_PutDataSetRefreshProperties.html" - }, - "RegisterCustomerManagedKey": { - "privilege": "RegisterCustomerManagedKey", - "description": "Grants permission to register a customer managed key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" - }, - "RegisterUser": { - "privilege": "RegisterUser", - "description": "Grants permission to create a QuickSight user, whose identity is associated with the IAM identity/role specified in the request", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [ - "quicksight:IamArn", - "quicksight:SessionName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RegisterUser.html" - }, - "RemoveCustomerManagedKey": { - "privilege": "RemoveCustomerManagedKey", - "description": "Grants permission to remove a customer managed key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" - }, - "RestoreAnalysis": { - "privilege": "RestoreAnalysis", - "description": "Grants permission to restore a deleted analysis", - "access_level": "Write", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RestoreAnalysis.html" - }, - "ScopeDownPolicy": { - "privilege": "ScopeDownPolicy", - "description": "Grants permission to manage scoping policies for permissions to AWS resources", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/accessing-data-sources.html" - }, - "SearchAnalyses": { - "privilege": "SearchAnalyses", - "description": "Grants permission to search for a sub-set of analyses", - "access_level": "List", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchAnalyses.html" - }, - "SearchDashboards": { - "privilege": "SearchDashboards", - "description": "Grants permission to search for a sub-set of QuickSight Dashboards", - "access_level": "List", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchDashboards.html" - }, - "SearchDataSets": { - "privilege": "SearchDataSets", - "description": "Grants permission to search for a sub-set of QuickSight DatSets", - "access_level": "List", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchDataSets.html" - }, - "SearchDataSources": { - "privilege": "SearchDataSources", - "description": "Grants permission to search for a sub-set of QuickSight Data Sources", - "access_level": "List", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchDataSources.html" - }, - "SearchDirectoryGroups": { - "privilege": "SearchDirectoryGroups", - "description": "Grants permission to use Amazon QuickSight, in Enterprise edition, to display your Microsoft Active Directory directory groups so that you can choose which ones to map to roles in Amazon QuickSight", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "SearchFolders": { - "privilege": "SearchFolders", - "description": "Grants permission to search for a sub-set of QuickSight Folders", - "access_level": "Read", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchFolders.html" - }, - "SearchGroups": { - "privilege": "SearchGroups", - "description": "Grants permission to search for a sub-set of QuickSight groups", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchGroups.html" - }, - "SetGroupMapping": { - "privilege": "SetGroupMapping", - "description": "Grants permission to use Amazon QuickSight, in Enterprise edition, to display your Microsoft Active Directory directory groups so that you can choose which ones to map to roles in Amazon QuickSight", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "StartAssetBundleExportJob": { - "privilege": "StartAssetBundleExportJob", - "description": "Grants permission to start an asset bundle export job", - "access_level": "Write", - "resource_types": { - "assetBundleExportJob": { - "resource_type": "assetBundleExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_StartAssetBundleExportJob.html" - }, - "StartAssetBundleImportJob": { - "privilege": "StartAssetBundleImportJob", - "description": "Grants permission to start an asset bundle import job", - "access_level": "Write", - "resource_types": { - "assetBundleImportJob": { - "resource_type": "assetBundleImportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_StartAssetBundleImportJob.html" - }, - "Subscribe": { - "privilege": "Subscribe", - "description": "Grants permission to subscribe to Amazon QuickSight, and also to allow the user to upgrade the subscription to Enterprise edition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "quicksight:Edition", - "quicksight:DirectoryType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a QuickSight resource", - "access_level": "Tagging", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customization": { - "resource_type": "customization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasource": { - "resource_type": "datasource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "folder": { - "resource_type": "folder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "theme": { - "resource_type": "theme", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "topic": { - "resource_type": "topic", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcconnection": { - "resource_type": "vpcconnection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_TagResource.html" - }, - "Unsubscribe": { - "privilege": "Unsubscribe", - "description": "Grants permission to unsubscribe from Amazon QuickSight, which permanently deletes all users and their resources from Amazon QuickSight", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a QuickSight resource", - "access_level": "Tagging", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customization": { - "resource_type": "customization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datasource": { - "resource_type": "datasource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "folder": { - "resource_type": "folder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "template": { - "resource_type": "template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "theme": { - "resource_type": "theme", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "topic": { - "resource_type": "topic", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcconnection": { - "resource_type": "vpcconnection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UntagResource.html" - }, - "UpdateAccountCustomization": { - "privilege": "UpdateAccountCustomization", - "description": "Grants permission to update an account customization for QuickSight account or namespace", - "access_level": "Write", - "resource_types": { - "customization": { - "resource_type": "customization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAccountCustomization.html" - }, - "UpdateAccountSettings": { - "privilege": "UpdateAccountSettings", - "description": "Grants permission to update the administrative account settings for QuickSight account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAccountSettings.html" - }, - "UpdateAnalysis": { - "privilege": "UpdateAnalysis", - "description": "Grants permission to update an analysis", - "access_level": "Write", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAnalysis.html" - }, - "UpdateAnalysisPermissions": { - "privilege": "UpdateAnalysisPermissions", - "description": "Grants permission to update permissions for an analysis", - "access_level": "Permissions management", - "resource_types": { - "analysis": { - "resource_type": "analysis", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAnalysisPermissions.html" - }, - "UpdateCustomPermissions": { - "privilege": "UpdateCustomPermissions", - "description": "Grants permission to update a custom permissions resource", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" - }, - "UpdateDashboard": { - "privilege": "UpdateDashboard", - "description": "Grants permission to update a QuickSight Dashboard", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDashboard.html" - }, - "UpdateDashboardPermissions": { - "privilege": "UpdateDashboardPermissions", - "description": "Grants permission to update permissions for a QuickSight Dashboard", - "access_level": "Permissions management", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDashboardPermissions.html" - }, - "UpdateDashboardPublishedVersion": { - "privilege": "UpdateDashboardPublishedVersion", - "description": "Grants permission to update a QuickSight Dashboard\u2019s Published Version", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDashboardPublishedVersion.html" - }, - "UpdateDataSet": { - "privilege": "UpdateDataSet", - "description": "Grants permission to update a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "quicksight:PassDataSource" - ] - }, - "datasource": { - "resource_type": "datasource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSet.html" - }, - "UpdateDataSetPermissions": { - "privilege": "UpdateDataSetPermissions", - "description": "Grants permission to update the resource policy of a dataset", - "access_level": "Permissions management", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSetPermissions.html" - }, - "UpdateDataSource": { - "privilege": "UpdateDataSource", - "description": "Grants permission to update a data source", - "access_level": "Write", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSource.html" - }, - "UpdateDataSourcePermissions": { - "privilege": "UpdateDataSourcePermissions", - "description": "Grants permission to update the resource policy of a data source", - "access_level": "Permissions management", - "resource_types": { - "datasource": { - "resource_type": "datasource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSourcePermissions.html" - }, - "UpdateEmailCustomizationTemplate": { - "privilege": "UpdateEmailCustomizationTemplate", - "description": "Grants permission to update a QuickSight email customization template", - "access_level": "Write", - "resource_types": { - "emailCustomizationTemplate": { - "resource_type": "emailCustomizationTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" - }, - "UpdateFolder": { - "privilege": "UpdateFolder", - "description": "Grants permission to update a QuickSight Folder", - "access_level": "Write", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateFolder.html" - }, - "UpdateFolderPermissions": { - "privilege": "UpdateFolderPermissions", - "description": "Grants permission to update permissions for a QuickSight Folder", - "access_level": "Permissions management", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateFolderPermissions.html" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to change group description", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateGroup.html" - }, - "UpdateIAMPolicyAssignment": { - "privilege": "UpdateIAMPolicyAssignment", - "description": "Grants permission to update an existing assignment", - "access_level": "Permissions management", - "resource_types": { - "assignment": { - "resource_type": "assignment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateIAMPolicyAssignment.html" - }, - "UpdateIpRestriction": { - "privilege": "UpdateIpRestriction", - "description": "Grants permission to update the IP restrictions for QuickSight account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateIpRestriction.html" - }, - "UpdatePublicSharingSettings": { - "privilege": "UpdatePublicSharingSettings", - "description": "Grants permission to enable or disable public sharing on an account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdatePublicSharingSettings.html" - }, - "UpdateRefreshSchedule": { - "privilege": "UpdateRefreshSchedule", - "description": "Grants permission to update a refresh schedule for a dataset", - "access_level": "Write", - "resource_types": { - "refreshschedule": { - "resource_type": "refreshschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateRefreshSchedule.html" - }, - "UpdateResourcePermissions": { - "privilege": "UpdateResourcePermissions", - "description": "Grants permission to update resource-level permissions in QuickSight", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/security_iam_service-with-iam.html" - }, - "UpdateTemplate": { - "privilege": "UpdateTemplate", - "description": "Grants permission to update a template", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTemplate.html" - }, - "UpdateTemplateAlias": { - "privilege": "UpdateTemplateAlias", - "description": "Grants permission to update a template alias", - "access_level": "Write", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTemplateAlias.html" - }, - "UpdateTemplatePermissions": { - "privilege": "UpdateTemplatePermissions", - "description": "Grants permission to update permissions for a template", - "access_level": "Permissions management", - "resource_types": { - "template": { - "resource_type": "template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTemplatePermissions.html" - }, - "UpdateTheme": { - "privilege": "UpdateTheme", - "description": "Grants permission to update a theme", - "access_level": "Write", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTheme.html" - }, - "UpdateThemeAlias": { - "privilege": "UpdateThemeAlias", - "description": "Grants permission to update the alias of a theme", - "access_level": "Write", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateThemeAlias.html" - }, - "UpdateThemePermissions": { - "privilege": "UpdateThemePermissions", - "description": "Grants permission to update permissions for a theme", - "access_level": "Permissions management", - "resource_types": { - "theme": { - "resource_type": "theme", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateThemePermissions.html" - }, - "UpdateTopic": { - "privilege": "UpdateTopic", - "description": "Grants permission to update a topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "quicksight:PassDataSet" - ] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTopic.html" - }, - "UpdateTopicPermissions": { - "privilege": "UpdateTopicPermissions", - "description": "Grants permission to update the resource policy of a topic", - "access_level": "Permissions management", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTopicPermissions.html" - }, - "UpdateTopicRefreshSchedule": { - "privilege": "UpdateTopicRefreshSchedule", - "description": "Grants permission to update a refresh schedule for a topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTopicRefreshSchedule.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update an Amazon QuickSight user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateUser.html" - }, - "UpdateVPCConnection": { - "privilege": "UpdateVPCConnection", - "description": "Grants permission to update a vpc connection", - "access_level": "Write", - "resource_types": { - "vpcconnection": { - "resource_type": "vpcconnection", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateVPCConnection.html" - } - }, - "resources": { - "account": { - "resource": "account", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:account/${ResourceId}", - "condition_keys": [] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:user/${ResourceId}", - "condition_keys": [] - }, - "group": { - "resource": "group", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:group/${ResourceId}", - "condition_keys": [] - }, - "analysis": { - "resource": "analysis", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:analysis/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dashboard": { - "resource": "dashboard", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dashboard/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "template": { - "resource": "template", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:template/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vpcconnection": { - "resource": "vpcconnection", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:vpcConnection/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "assetBundleExportJob": { - "resource": "assetBundleExportJob", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:asset-bundle-export-job/${ResourceId}", - "condition_keys": [] - }, - "assetBundleImportJob": { - "resource": "assetBundleImportJob", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:asset-bundle-import-job/${ResourceId}", - "condition_keys": [] - }, - "datasource": { - "resource": "datasource", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:datasource/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dataset": { - "resource": "dataset", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dataset/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ingestion": { - "resource": "ingestion", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dataset/${DatasetId}/ingestion/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "refreshschedule": { - "resource": "refreshschedule", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dataset/${DatasetId}/refresh-schedule/${ResourceId}", - "condition_keys": [] - }, - "theme": { - "resource": "theme", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:theme/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "assignment": { - "resource": "assignment", - "arn": "arn:${Partition}:quicksight::${Account}:assignment/${ResourceId}", - "condition_keys": [] - }, - "customization": { - "resource": "customization", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:customization/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "namespace": { - "resource": "namespace", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:namespace/${ResourceId}", - "condition_keys": [] - }, - "folder": { - "resource": "folder", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:folder/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "emailCustomizationTemplate": { - "resource": "emailCustomizationTemplate", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:email-customization-template/${ResourceId}", - "condition_keys": [] - }, - "topic": { - "resource": "topic", - "arn": "arn:${Partition}:quicksight:${Region}:${Account}:topic/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys", - "type": "ArrayOfString" - }, - "quicksight:AllowedEmbeddingDomains": { - "condition": "quicksight:AllowedEmbeddingDomains", - "description": "Filters access by the allowed embedding domains", - "type": "ArrayOfString" - }, - "quicksight:DirectoryType": { - "condition": "quicksight:DirectoryType", - "description": "Filters access by the user management options", - "type": "String" - }, - "quicksight:Edition": { - "condition": "quicksight:Edition", - "description": "Filters access by the edition of QuickSight", - "type": "String" - }, - "quicksight:IamArn": { - "condition": "quicksight:IamArn", - "description": "Filters access by IAM user or role ARN", - "type": "String" - }, - "quicksight:SessionName": { - "condition": "quicksight:SessionName", - "description": "Filters access by session name", - "type": "String" - }, - "quicksight:UserName": { - "condition": "quicksight:UserName", - "description": "Filters access by user name", - "type": "String" - } - } - }, - "rds": { - "service_name": "Amazon RDS", - "prefix": "rds", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrds.html", - "privileges": { - "AddRoleToDBCluster": { - "privilege": "AddRoleToDBCluster", - "description": "Grants permission to associate an Identity and Access Management (IAM) role from an Aurora DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBCluster.html" - }, - "AddRoleToDBInstance": { - "privilege": "AddRoleToDBInstance", - "description": "Grants permission to associate an AWS Identity and Access Management (IAM) role with a DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBInstance.html" - }, - "AddSourceIdentifierToSubscription": { - "privilege": "AddSourceIdentifierToSubscription", - "description": "Grants permission to add a source identifier to an existing RDS event notification subscription", - "access_level": "Write", - "resource_types": { - "es": { - "resource_type": "es", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddSourceIdentifierToSubscription.html" - }, - "AddTagsToResource": { - "privilege": "AddTagsToResource", - "description": "Grants permission to add metadata tags to an Amazon RDS resource", - "access_level": "Tagging", - "resource_types": { - "cev": { - "resource_type": "cev", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-endpoint": { - "resource_type": "cluster-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "es": { - "resource_type": "es", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy": { - "resource_type": "proxy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy-endpoint": { - "resource_type": "proxy-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ri": { - "resource_type": "ri", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "secgrp": { - "resource_type": "secgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "target-group": { - "resource_type": "target-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddTagsToResource.html" - }, - "ApplyPendingMaintenanceAction": { - "privilege": "ApplyPendingMaintenanceAction", - "description": "Grants permission to apply a pending maintenance action to a resource", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ApplyPendingMaintenanceAction.html" - }, - "AuthorizeDBSecurityGroupIngress": { - "privilege": "AuthorizeDBSecurityGroupIngress", - "description": "Grants permission to enable ingress to a DBSecurityGroup using one of two forms of authorization", - "access_level": "Permissions management", - "resource_types": { - "secgrp": { - "resource_type": "secgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AuthorizeDBSecurityGroupIngress.html" - }, - "BacktrackDBCluster": { - "privilege": "BacktrackDBCluster", - "description": "Grants permission to backtrack a DB cluster to a specific time, without creating a new DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_BacktrackDBCluster.html" - }, - "CancelExportTask": { - "privilege": "CancelExportTask", - "description": "Grants permission to cancel an export task in progress", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CancelExportTask.html" - }, - "CopyDBClusterParameterGroup": { - "privilege": "CopyDBClusterParameterGroup", - "description": "Grants permission to copy the specified DB cluster parameter group", - "access_level": "Write", - "resource_types": { - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterParameterGroup.html" - }, - "CopyDBClusterSnapshot": { - "privilege": "CopyDBClusterSnapshot", - "description": "Grants permission to create a snapshot of a DB cluster", - "access_level": "Write", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterSnapshot.html" - }, - "CopyDBParameterGroup": { - "privilege": "CopyDBParameterGroup", - "description": "Grants permission to copy the specified DB parameter group", - "access_level": "Write", - "resource_types": { - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html" - }, - "CopyDBSnapshot": { - "privilege": "CopyDBSnapshot", - "description": "Grants permission to copy the specified DB snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:CopyOptionGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBSnapshot.html" - }, - "CopyOptionGroup": { - "privilege": "CopyOptionGroup", - "description": "Grants permission to copy the specified option group", - "access_level": "Write", - "resource_types": { - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyOptionGroup.html" - }, - "CreateBlueGreenDeployment": { - "privilege": "CreateBlueGreenDeployment", - "description": "Grants permission to create a blue-green deployment for a given source cluster or instance", - "access_level": "Write", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource", - "rds:CreateDBCluster", - "rds:CreateDBClusterEndpoint", - "rds:CreateDBInstance", - "rds:CreateDBInstanceReadReplica" - ] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "rds:cluster-tag/${TagKey}", - "rds:cluster-pg-tag/${TagKey}", - "rds:db-tag/${TagKey}", - "rds:pg-tag/${TagKey}", - "rds:req-tag/${TagKey}", - "rds:DatabaseEngine", - "rds:DatabaseName", - "rds:StorageEncrypted", - "rds:DatabaseClass", - "rds:StorageSize", - "rds:MultiAz", - "rds:Piops", - "rds:Vpc" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateBlueGreenDeployment.html" - }, - "CreateCustomDBEngineVersion": { - "privilege": "CreateCustomDBEngineVersion", - "description": "Grants permission to create a custom engine version", - "access_level": "Write", - "resource_types": { - "cev": { - "resource_type": "cev", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "mediaimport:CreateDatabaseBinarySnapshot", - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateCustomDBEngineVersion.html" - }, - "CreateDBCluster": { - "privilege": "CreateDBCluster", - "description": "Grants permission to create a new Amazon Aurora DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "rds:AddTagsToResource", - "rds:CreateDBInstance", - "secretsmanager:CreateSecret", - "secretsmanager:TagResource" - ] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "global-cluster": { - "resource_type": "global-cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}", - "rds:DatabaseEngine", - "rds:DatabaseName", - "rds:StorageEncrypted", - "rds:DatabaseClass", - "rds:StorageSize", - "rds:Piops", - "rds:ManageMasterUserPassword" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html" - }, - "CreateDBClusterEndpoint": { - "privilege": "CreateDBClusterEndpoint", - "description": "Grants permission to create a new custom endpoint and associates it with an Amazon Aurora DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "cluster-endpoint": { - "resource_type": "cluster-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "rds:EndpointType", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterEndpoint.html" - }, - "CreateDBClusterParameterGroup": { - "privilege": "CreateDBClusterParameterGroup", - "description": "Grants permission to create a new DB cluster parameter group", - "access_level": "Write", - "resource_types": { - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html" - }, - "CreateDBClusterSnapshot": { - "privilege": "CreateDBClusterSnapshot", - "description": "Grants permission to create a snapshot of a DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterSnapshot.html" - }, - "CreateDBInstance": { - "privilege": "CreateDBInstance", - "description": "Grants permission to create a new DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "rds:AddTagsToResource", - "secretsmanager:CreateSecret", - "secretsmanager:TagResource" - ] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "secgrp": { - "resource_type": "secgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "rds:BackupTarget", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}", - "rds:ManageMasterUserPassword" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html" - }, - "CreateDBInstanceReadReplica": { - "privilege": "CreateDBInstanceReadReplica", - "description": "Grants permission to create a DB instance that acts as a Read Replica of a source DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "rds:AddTagsToResource" - ] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html" - }, - "CreateDBParameterGroup": { - "privilege": "CreateDBParameterGroup", - "description": "Grants permission to create a new DB parameter group", - "access_level": "Write", - "resource_types": { - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html" - }, - "CreateDBProxy": { - "privilege": "CreateDBProxy", - "description": "Grants permission to create a database proxy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxy.html" - }, - "CreateDBProxyEndpoint": { - "privilege": "CreateDBProxyEndpoint", - "description": "Grants permission to create a database proxy endpoint", - "access_level": "Write", - "resource_types": { - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy-endpoint": { - "resource_type": "proxy-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxyEndpoint.html" - }, - "CreateDBSecurityGroup": { - "privilege": "CreateDBSecurityGroup", - "description": "Grants permission to create a new DB security group. DB security groups control access to a DB instance", - "access_level": "Write", - "resource_types": { - "secgrp": { - "resource_type": "secgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSecurityGroup.html" - }, - "CreateDBSnapshot": { - "privilege": "CreateDBSnapshot", - "description": "Grants permission to create a DBSnapshot", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "rds:BackupTarget", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSnapshot.html" - }, - "CreateDBSubnetGroup": { - "privilege": "CreateDBSubnetGroup", - "description": "Grants permission to create a new DB subnet group", - "access_level": "Write", - "resource_types": { - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSubnetGroup.html" - }, - "CreateEventSubscription": { - "privilege": "CreateEventSubscription", - "description": "Grants permission to create an RDS event notification subscription", - "access_level": "Write", - "resource_types": { - "es": { - "resource_type": "es", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateEventSubscription.html" - }, - "CreateGlobalCluster": { - "privilege": "CreateGlobalCluster", - "description": "Grants permission to create an Aurora global database spread across multiple regions", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-cluster": { - "resource_type": "global-cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateGlobalCluster.html" - }, - "CreateOptionGroup": { - "privilege": "CreateOptionGroup", - "description": "Grants permission to create a new option group", - "access_level": "Write", - "resource_types": { - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:AddTagsToResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateOptionGroup.html" - }, - "CrossRegionCommunication": { - "privilege": "CrossRegionCommunication", - "description": "Grants permission to access a resource in the remote Region when executing cross-Region operations, such as cross-Region snapshot copy or cross-Region read replica creation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions" - }, - "DeleteBlueGreenDeployment": { - "privilege": "DeleteBlueGreenDeployment", - "description": "Grants permission to delete blue green deployments", - "access_level": "Write", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:DeleteDBCluster", - "rds:DeleteDBClusterEndpoint", - "rds:DeleteDBInstance" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteBlueGreenDeployment.html" - }, - "DeleteCustomDBEngineVersion": { - "privilege": "DeleteCustomDBEngineVersion", - "description": "Grants permission to delete an existing custom engine version", - "access_level": "Write", - "resource_types": { - "cev": { - "resource_type": "cev", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteCustomDBEngineVersion.html" - }, - "DeleteDBCluster": { - "privilege": "DeleteDBCluster", - "description": "Grants permission to delete a previously provisioned DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:DeleteDBInstance" - ] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBCluster.html" - }, - "DeleteDBClusterEndpoint": { - "privilege": "DeleteDBClusterEndpoint", - "description": "Grants permission to delete a custom endpoint and removes it from an Amazon Aurora DB cluster", - "access_level": "Write", - "resource_types": { - "cluster-endpoint": { - "resource_type": "cluster-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterEndpoint.html" - }, - "DeleteDBClusterParameterGroup": { - "privilege": "DeleteDBClusterParameterGroup", - "description": "Grants permission to delete a specified DB cluster parameter group", - "access_level": "Write", - "resource_types": { - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterParameterGroup.html" - }, - "DeleteDBClusterSnapshot": { - "privilege": "DeleteDBClusterSnapshot", - "description": "Grants permission to delete a DB cluster snapshot", - "access_level": "Write", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterSnapshot.html" - }, - "DeleteDBInstance": { - "privilege": "DeleteDBInstance", - "description": "Grants permission to delete a previously provisioned DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstance.html" - }, - "DeleteDBInstanceAutomatedBackup": { - "privilege": "DeleteDBInstanceAutomatedBackup", - "description": "Grants permission to deletes automated backups based on the source instance's DbiResourceId value or the restorable instance's resource ID", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstanceAutomatedBackup.html" - }, - "DeleteDBParameterGroup": { - "privilege": "DeleteDBParameterGroup", - "description": "Grants permission to delete a specified DBParameterGroup", - "access_level": "Write", - "resource_types": { - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBParameterGroup.html" - }, - "DeleteDBProxy": { - "privilege": "DeleteDBProxy", - "description": "Grants permission to delete a database proxy", - "access_level": "Write", - "resource_types": { - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxy.html" - }, - "DeleteDBProxyEndpoint": { - "privilege": "DeleteDBProxyEndpoint", - "description": "Grants permission to delete a database proxy endpoint", - "access_level": "Write", - "resource_types": { - "proxy-endpoint": { - "resource_type": "proxy-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxyEndpoint.html" - }, - "DeleteDBSecurityGroup": { - "privilege": "DeleteDBSecurityGroup", - "description": "Grants permission to delete a DB security group", - "access_level": "Write", - "resource_types": { - "secgrp": { - "resource_type": "secgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSecurityGroup.html" - }, - "DeleteDBSnapshot": { - "privilege": "DeleteDBSnapshot", - "description": "Grants permission to delete a DBSnapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSnapshot.html" - }, - "DeleteDBSubnetGroup": { - "privilege": "DeleteDBSubnetGroup", - "description": "Grants permission to delete a DB subnet group", - "access_level": "Write", - "resource_types": { - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSubnetGroup.html" - }, - "DeleteEventSubscription": { - "privilege": "DeleteEventSubscription", - "description": "Grants permission to delete an RDS event notification subscription", - "access_level": "Write", - "resource_types": { - "es": { - "resource_type": "es", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteEventSubscription.html" - }, - "DeleteGlobalCluster": { - "privilege": "DeleteGlobalCluster", - "description": "Grants permission to delete a global database cluster", - "access_level": "Write", - "resource_types": { - "global-cluster": { - "resource_type": "global-cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteGlobalCluster.html" - }, - "DeleteOptionGroup": { - "privilege": "DeleteOptionGroup", - "description": "Grants permission to delete an existing option group", - "access_level": "Write", - "resource_types": { - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteOptionGroup.html" - }, - "DeregisterDBProxyTargets": { - "privilege": "DeregisterDBProxyTargets", - "description": "Grants permission to remove targets from a database proxy target group", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "target-group": { - "resource_type": "target-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeregisterDBProxyTargets.html" - }, - "DescribeAccountAttributes": { - "privilege": "DescribeAccountAttributes", - "description": "Grants permission to list all of the attributes for a customer account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeAccountAttributes.html" - }, - "DescribeBlueGreenDeployments": { - "privilege": "DescribeBlueGreenDeployments", - "description": "Grants permission to describe blue green deployments", - "access_level": "List", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeBlueGreenDeployments.html" - }, - "DescribeCertificates": { - "privilege": "DescribeCertificates", - "description": "Grants permission to list the set of CA certificates provided by Amazon RDS for this AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeCertificates.html" - }, - "DescribeDBClusterBacktracks": { - "privilege": "DescribeDBClusterBacktracks", - "description": "Grants permission to return information about backtracks for a DB cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterBacktracks.html" - }, - "DescribeDBClusterEndpoints": { - "privilege": "DescribeDBClusterEndpoints", - "description": "Grants permission to return information about endpoints for an Amazon Aurora DB cluster", - "access_level": "List", - "resource_types": { - "cluster-endpoint": { - "resource_type": "cluster-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterEndpoints.html" - }, - "DescribeDBClusterParameterGroups": { - "privilege": "DescribeDBClusterParameterGroups", - "description": "Grants permission to return a list of DBClusterParameterGroup descriptions", - "access_level": "List", - "resource_types": { - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameterGroups.html" - }, - "DescribeDBClusterParameters": { - "privilege": "DescribeDBClusterParameters", - "description": "Grants permission to return the detailed parameter list for a particular DB cluster parameter group", - "access_level": "List", - "resource_types": { - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameters.html" - }, - "DescribeDBClusterSnapshotAttributes": { - "privilege": "DescribeDBClusterSnapshotAttributes", - "description": "Grants permission to return a list of DB cluster snapshot attribute names and values for a manual DB cluster snapshot", - "access_level": "List", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshotAttributes.html" - }, - "DescribeDBClusterSnapshots": { - "privilege": "DescribeDBClusterSnapshots", - "description": "Grants permission to return information about DB cluster snapshots", - "access_level": "List", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshots.html" - }, - "DescribeDBClusters": { - "privilege": "DescribeDBClusters", - "description": "Grants permission to return information about provisioned Aurora DB clusters", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html" - }, - "DescribeDBEngineVersions": { - "privilege": "DescribeDBEngineVersions", - "description": "Grants permission to return a list of the available DB engines", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBEngineVersions.html" - }, - "DescribeDBInstanceAutomatedBackups": { - "privilege": "DescribeDBInstanceAutomatedBackups", - "description": "Grants permission to return a list of automated backups for both current and deleted instances", - "access_level": "List", - "resource_types": { - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstanceAutomatedBackups.html" - }, - "DescribeDBInstances": { - "privilege": "DescribeDBInstances", - "description": "Grants permission to return information about provisioned RDS instances", - "access_level": "List", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html" - }, - "DescribeDBLogFiles": { - "privilege": "DescribeDBLogFiles", - "description": "Grants permission to return a list of DB log files for the DB instance", - "access_level": "List", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBLogFiles.html" - }, - "DescribeDBParameterGroups": { - "privilege": "DescribeDBParameterGroups", - "description": "Grants permission to return a list of DBParameterGroup descriptions", - "access_level": "List", - "resource_types": { - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameterGroups.html" - }, - "DescribeDBParameters": { - "privilege": "DescribeDBParameters", - "description": "Grants permission to return the detailed parameter list for a particular DB parameter group", - "access_level": "List", - "resource_types": { - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html" - }, - "DescribeDBProxies": { - "privilege": "DescribeDBProxies", - "description": "Grants permission to view proxies", - "access_level": "List", - "resource_types": { - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxies.html" - }, - "DescribeDBProxyEndpoints": { - "privilege": "DescribeDBProxyEndpoints", - "description": "Grants permission to view proxy endpoints", - "access_level": "List", - "resource_types": { - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy-endpoint": { - "resource_type": "proxy-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyEndpoints.html" - }, - "DescribeDBProxyTargetGroups": { - "privilege": "DescribeDBProxyTargetGroups", - "description": "Grants permission to view database proxy target group details", - "access_level": "List", - "resource_types": { - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargetGroups.html" - }, - "DescribeDBProxyTargets": { - "privilege": "DescribeDBProxyTargets", - "description": "Grants permission to view database proxy target details", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "target-group": { - "resource_type": "target-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargets.html" - }, - "DescribeDBSecurityGroups": { - "privilege": "DescribeDBSecurityGroups", - "description": "Grants permission to return a list of DBSecurityGroup descriptions", - "access_level": "List", - "resource_types": { - "secgrp": { - "resource_type": "secgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSecurityGroups.html" - }, - "DescribeDBSnapshotAttributes": { - "privilege": "DescribeDBSnapshotAttributes", - "description": "Grants permission to return a list of DB snapshot attribute names and values for a manual DB snapshot", - "access_level": "List", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshotAttributes.html" - }, - "DescribeDBSnapshots": { - "privilege": "DescribeDBSnapshots", - "description": "Grants permission to return information about DB snapshots", - "access_level": "List", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshots.html" - }, - "DescribeDBSubnetGroups": { - "privilege": "DescribeDBSubnetGroups", - "description": "Grants permission to return a list of DBSubnetGroup descriptions", - "access_level": "List", - "resource_types": { - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSubnetGroups.html" - }, - "DescribeEngineDefaultClusterParameters": { - "privilege": "DescribeEngineDefaultClusterParameters", - "description": "Grants permission to return the default engine and system parameter information for the cluster database engine", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultClusterParameters.html" - }, - "DescribeEngineDefaultParameters": { - "privilege": "DescribeEngineDefaultParameters", - "description": "Grants permission to return the default engine and system parameter information for the specified database engine", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultParameters.html" - }, - "DescribeEventCategories": { - "privilege": "DescribeEventCategories", - "description": "Grants permission to display a list of categories for all event source types, or, if specified, for a specified source type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventCategories.html" - }, - "DescribeEventSubscriptions": { - "privilege": "DescribeEventSubscriptions", - "description": "Grants permission to list all the subscription descriptions for a customer account", - "access_level": "List", - "resource_types": { - "es": { - "resource_type": "es", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventSubscriptions.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to return events related to DB instances, DB security groups, DB snapshots, and DB parameter groups for the past 14 days", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEvents.html" - }, - "DescribeExportTasks": { - "privilege": "DescribeExportTasks", - "description": "Grants permission to return information about the export tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeExportTasks.html" - }, - "DescribeGlobalClusters": { - "privilege": "DescribeGlobalClusters", - "description": "Grants permission to return information about Aurora global database clusters", - "access_level": "List", - "resource_types": { - "global-cluster": { - "resource_type": "global-cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeGlobalClusters.html" - }, - "DescribeOptionGroupOptions": { - "privilege": "DescribeOptionGroupOptions", - "description": "Grants permission to describe all available options", - "access_level": "List", - "resource_types": { - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroupOptions.html" - }, - "DescribeOptionGroups": { - "privilege": "DescribeOptionGroups", - "description": "Grants permission to describe the available option groups", - "access_level": "List", - "resource_types": { - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroups.html" - }, - "DescribeOrderableDBInstanceOptions": { - "privilege": "DescribeOrderableDBInstanceOptions", - "description": "Grants permission to return a list of orderable DB instance options for the specified engine", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOrderableDBInstanceOptions.html" - }, - "DescribePendingMaintenanceActions": { - "privilege": "DescribePendingMaintenanceActions", - "description": "Grants permission to return a list of resources (for example, DB instances) that have at least one pending maintenance action", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribePendingMaintenanceActions.html" - }, - "DescribeRecommendationGroups": { - "privilege": "DescribeRecommendationGroups", - "description": "Grants permission to return information about recommendation groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html" - }, - "DescribeRecommendations": { - "privilege": "DescribeRecommendations", - "description": "Grants permission to return information about recommendations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html" - }, - "DescribeReservedDBInstances": { - "privilege": "DescribeReservedDBInstances", - "description": "Grants permission to return information about reserved DB instances for this account, or about a specified reserved DB instance", - "access_level": "List", - "resource_types": { - "ri": { - "resource_type": "ri", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstances.html" - }, - "DescribeReservedDBInstancesOfferings": { - "privilege": "DescribeReservedDBInstancesOfferings", - "description": "Grants permission to list available reserved DB instance offerings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstancesOfferings.html" - }, - "DescribeSourceRegions": { - "privilege": "DescribeSourceRegions", - "description": "Grants permission to return a list of the source AWS Regions where the current AWS Region can create a Read Replica or copy a DB snapshot from", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeSourceRegions.html" - }, - "DescribeValidDBInstanceModifications": { - "privilege": "DescribeValidDBInstanceModifications", - "description": "Grants permission to list available modifications you can make to your DB instance", - "access_level": "List", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeValidDBInstanceModifications.html" - }, - "DownloadCompleteDBLogFile": { - "privilege": "DownloadCompleteDBLogFile", - "description": "Grants permission to download specified log file", - "access_level": "Read", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_LogAccess.html" - }, - "DownloadDBLogFilePortion": { - "privilege": "DownloadDBLogFilePortion", - "description": "Grants permission to download all or a portion of the specified log file, up to 1 MB in size", - "access_level": "Read", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DownloadDBLogFilePortion.html" - }, - "FailoverDBCluster": { - "privilege": "FailoverDBCluster", - "description": "Grants permission to force a failover for a DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_FailoverDBCluster.html" - }, - "FailoverGlobalCluster": { - "privilege": "FailoverGlobalCluster", - "description": "Grants permission to failover a global cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-cluster": { - "resource_type": "global-cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_FailoverGlobalCluster.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags on an Amazon RDS resource", - "access_level": "Read", - "resource_types": { - "cev": { - "resource_type": "cev", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-endpoint": { - "resource_type": "cluster-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "es": { - "resource_type": "es", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy": { - "resource_type": "proxy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy-endpoint": { - "resource_type": "proxy-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ri": { - "resource_type": "ri", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "secgrp": { - "resource_type": "secgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "target-group": { - "resource_type": "target-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ListTagsForResource.html" - }, - "ModifyActivityStream": { - "privilege": "ModifyActivityStream", - "description": "Grants permission to modify a database activity stream", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyActivityStream.html" - }, - "ModifyCertificates": { - "privilege": "ModifyCertificates", - "description": "Grants permission to modify the system-default Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate for Amazon RDS for new DB instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCertificates.html" - }, - "ModifyCurrentDBClusterCapacity": { - "privilege": "ModifyCurrentDBClusterCapacity", - "description": "Grants permission to modify current cluster capacity for an Amazon Aurora Severless DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCurrentDBClusterCapacity.html" - }, - "ModifyCustomDBEngineVersion": { - "privilege": "ModifyCustomDBEngineVersion", - "description": "Grants permission to modify an existing custom engine version", - "access_level": "Write", - "resource_types": { - "cev": { - "resource_type": "cev", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCustomDBEngineVersion.html" - }, - "ModifyDBCluster": { - "privilege": "ModifyDBCluster", - "description": "Grants permission to modify a setting for an Amazon Aurora DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "rds:ModifyDBInstance", - "secretsmanager:CreateSecret", - "secretsmanager:RotateSecret", - "secretsmanager:TagResource" - ] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "rds:DatabaseClass", - "rds:StorageSize", - "rds:Piops", - "rds:ManageMasterUserPassword" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBCluster.html" - }, - "ModifyDBClusterEndpoint": { - "privilege": "ModifyDBClusterEndpoint", - "description": "Grants permission to modify the properties of an endpoint in an Amazon Aurora DB cluster", - "access_level": "Write", - "resource_types": { - "cluster-endpoint": { - "resource_type": "cluster-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterEndpoint.html" - }, - "ModifyDBClusterParameterGroup": { - "privilege": "ModifyDBClusterParameterGroup", - "description": "Grants permission to modify the parameters of a DB cluster parameter group", - "access_level": "Write", - "resource_types": { - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterParameterGroup.html" - }, - "ModifyDBClusterSnapshotAttribute": { - "privilege": "ModifyDBClusterSnapshotAttribute", - "description": "Grants permission to add an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot", - "access_level": "Permissions management", - "resource_types": { - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html" - }, - "ModifyDBInstance": { - "privilege": "ModifyDBInstance", - "description": "Grants permission to modify settings for a DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "secretsmanager:CreateSecret", - "secretsmanager:RotateSecret", - "secretsmanager:TagResource" - ] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "secgrp": { - "resource_type": "secgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "rds:ManageMasterUserPassword" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBInstance.html" - }, - "ModifyDBParameterGroup": { - "privilege": "ModifyDBParameterGroup", - "description": "Grants permission to modify the parameters of a DB parameter group", - "access_level": "Write", - "resource_types": { - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBParameterGroup.html" - }, - "ModifyDBProxy": { - "privilege": "ModifyDBProxy", - "description": "Grants permission to modify database proxy", - "access_level": "Write", - "resource_types": { - "proxy": { - "resource_type": "proxy", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxy.html" - }, - "ModifyDBProxyEndpoint": { - "privilege": "ModifyDBProxyEndpoint", - "description": "Grants permission to modify database proxy endpoint", - "access_level": "Write", - "resource_types": { - "proxy-endpoint": { - "resource_type": "proxy-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxyEndpoint.html" - }, - "ModifyDBProxyTargetGroup": { - "privilege": "ModifyDBProxyTargetGroup", - "description": "Grants permission to modify target group for a database proxy", - "access_level": "Write", - "resource_types": { - "target-group": { - "resource_type": "target-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxyTargetGroup.html" - }, - "ModifyDBSnapshot": { - "privilege": "ModifyDBSnapshot", - "description": "Grants permission to update a manual DB snapshot, which can be encrypted or not encrypted, with a new engine version", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshot.html" - }, - "ModifyDBSnapshotAttribute": { - "privilege": "ModifyDBSnapshotAttribute", - "description": "Grants permission to add an attribute and values to, or removes an attribute and values from, a manual DB snapshot", - "access_level": "Permissions management", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html" - }, - "ModifyDBSubnetGroup": { - "privilege": "ModifyDBSubnetGroup", - "description": "Grants permission to modify an existing DB subnet group", - "access_level": "Write", - "resource_types": { - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSubnetGroup.html" - }, - "ModifyEventSubscription": { - "privilege": "ModifyEventSubscription", - "description": "Grants permission to modify an existing RDS event notification subscription", - "access_level": "Write", - "resource_types": { - "es": { - "resource_type": "es", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyEventSubscription.html" - }, - "ModifyGlobalCluster": { - "privilege": "ModifyGlobalCluster", - "description": "Grants permission to modify a setting for an Amazon Aurora global cluster", - "access_level": "Write", - "resource_types": { - "global-cluster": { - "resource_type": "global-cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyGlobalCluster.html" - }, - "ModifyOptionGroup": { - "privilege": "ModifyOptionGroup", - "description": "Grants permission to modify an existing option group", - "access_level": "Write", - "resource_types": { - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyOptionGroup.html" - }, - "ModifyRecommendation": { - "privilege": "ModifyRecommendation", - "description": "Grants permission to modify recommendation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html" - }, - "PromoteReadReplica": { - "privilege": "PromoteReadReplica", - "description": "Grants permission to promote a Read Replica DB instance to a standalone DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PromoteReadReplica.html" - }, - "PromoteReadReplicaDBCluster": { - "privilege": "PromoteReadReplicaDBCluster", - "description": "Grants permission to promote a Read Replica DB cluster to a standalone DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PromoteReadReplicaDBCluster.html" - }, - "PurchaseReservedDBInstancesOffering": { - "privilege": "PurchaseReservedDBInstancesOffering", - "description": "Grants permission to purchase a reserved DB instance offering", - "access_level": "Write", - "resource_types": { - "ri": { - "resource_type": "ri", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PurchaseReservedDBInstancesOffering.html" - }, - "RebootDBCluster": { - "privilege": "RebootDBCluster", - "description": "Grants permission to reboot a previously provisioned DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:RebootDBInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RebootDBCluster.html" - }, - "RebootDBInstance": { - "privilege": "RebootDBInstance", - "description": "Grants permission to restart the database engine service", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RebootDBInstance.html" - }, - "RegisterDBProxyTargets": { - "privilege": "RegisterDBProxyTargets", - "description": "Grants permission to add targets to a database proxy target group", - "access_level": "Write", - "resource_types": { - "target-group": { - "resource_type": "target-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RegisterDBProxyTargets.html" - }, - "RemoveFromGlobalCluster": { - "privilege": "RemoveFromGlobalCluster", - "description": "Grants permission to detach an Aurora secondary cluster from an Aurora global database cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-cluster": { - "resource_type": "global-cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveFromGlobalCluster.html" - }, - "RemoveRoleFromDBCluster": { - "privilege": "RemoveRoleFromDBCluster", - "description": "Grants permission to disassociate an AWS Identity and Access Management (IAM) role from an Amazon Aurora DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveRoleFromDBCluster.html" - }, - "RemoveRoleFromDBInstance": { - "privilege": "RemoveRoleFromDBInstance", - "description": "Grants permission to disassociate an AWS Identity and Access Management (IAM) role from a DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveRoleFromDBInstance.html" - }, - "RemoveSourceIdentifierFromSubscription": { - "privilege": "RemoveSourceIdentifierFromSubscription", - "description": "Grants permission to remove a source identifier from an existing RDS event notification subscription", - "access_level": "Write", - "resource_types": { - "es": { - "resource_type": "es", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveSourceIdentifierFromSubscription.html" - }, - "RemoveTagsFromResource": { - "privilege": "RemoveTagsFromResource", - "description": "Grants permission to remove metadata tags from an Amazon RDS resource", - "access_level": "Tagging", - "resource_types": { - "cev": { - "resource_type": "cev", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-endpoint": { - "resource_type": "cluster-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "es": { - "resource_type": "es", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy": { - "resource_type": "proxy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "proxy-endpoint": { - "resource_type": "proxy-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ri": { - "resource_type": "ri", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "secgrp": { - "resource_type": "secgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "target-group": { - "resource_type": "target-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveTagsFromResource.html" - }, - "ResetDBClusterParameterGroup": { - "privilege": "ResetDBClusterParameterGroup", - "description": "Grants permission to modify the parameters of a DB cluster parameter group to the default value", - "access_level": "Write", - "resource_types": { - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBClusterParameterGroup.html" - }, - "ResetDBParameterGroup": { - "privilege": "ResetDBParameterGroup", - "description": "Grants permission to modify the parameters of a DB parameter group to the engine/system default value", - "access_level": "Write", - "resource_types": { - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBParameterGroup.html" - }, - "RestoreDBClusterFromS3": { - "privilege": "RestoreDBClusterFromS3", - "description": "Grants permission to create an Amazon Aurora DB cluster from data stored in an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "rds:AddTagsToResource", - "secretsmanager:CreateSecret", - "secretsmanager:TagResource" - ] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}", - "rds:DatabaseEngine", - "rds:DatabaseName", - "rds:StorageEncrypted", - "rds:ManageMasterUserPassword" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBClusterFromS3.html" - }, - "RestoreDBClusterFromSnapshot": { - "privilege": "RestoreDBClusterFromSnapshot", - "description": "Grants permission to create a new DB cluster from a DB cluster snapshot", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "rds:AddTagsToResource", - "rds:CreateDBInstance" - ] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster-snapshot": { - "resource_type": "cluster-snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}", - "rds:DatabaseClass", - "rds:StorageSize", - "rds:Piops" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBClusterFromSnapshot.html" - }, - "RestoreDBClusterToPointInTime": { - "privilege": "RestoreDBClusterToPointInTime", - "description": "Grants permission to restore a DB cluster to an arbitrary point in time", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "rds:AddTagsToResource", - "rds:CreateDBInstance" - ] - }, - "cluster-pg": { - "resource_type": "cluster-pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}", - "rds:DatabaseClass", - "rds:StorageSize", - "rds:Piops" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBClusterToPointInTime.html" - }, - "RestoreDBInstanceFromDBSnapshot": { - "privilege": "RestoreDBInstanceFromDBSnapshot", - "description": "Grants permission to create a new DB instance from a DB snapshot", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "rds:AddTagsToResource" - ] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "rds:BackupTarget", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html" - }, - "RestoreDBInstanceFromS3": { - "privilege": "RestoreDBInstanceFromS3", - "description": "Grants permission to create a new DB instance from an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey", - "rds:AddTagsToResource", - "secretsmanager:CreateSecret", - "secretsmanager:TagResource" - ] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}", - "rds:ManageMasterUserPassword" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromS3.html" - }, - "RestoreDBInstanceToPointInTime": { - "privilege": "RestoreDBInstanceToPointInTime", - "description": "Grants permission to restore a DB instance to an arbitrary point in time", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "rds:AddTagsToResource" - ] - }, - "og": { - "resource_type": "og", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pg": { - "resource_type": "pg", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subgrp": { - "resource_type": "subgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "rds:BackupTarget", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceToPointInTime.html" - }, - "RevokeDBSecurityGroupIngress": { - "privilege": "RevokeDBSecurityGroupIngress", - "description": "Grants permission to revoke ingress from a DBSecurityGroup for previously authorized IP ranges or EC2 or VPC Security Groups", - "access_level": "Write", - "resource_types": { - "secgrp": { - "resource_type": "secgrp", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RevokeDBSecurityGroupIngress.html" - }, - "StartActivityStream": { - "privilege": "StartActivityStream", - "description": "Grants permission to start Activity Stream", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartActivityStream.html" - }, - "StartDBCluster": { - "privilege": "StartDBCluster", - "description": "Grants permission to start the DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBCluster.html" - }, - "StartDBInstance": { - "privilege": "StartDBInstance", - "description": "Grants permission to start the DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBInstance.html" - }, - "StartDBInstanceAutomatedBackupsReplication": { - "privilege": "StartDBInstanceAutomatedBackupsReplication", - "description": "Grants permission to start replication of automated backups to a different AWS Region", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBInstanceAutomatedBackupsReplication.html" - }, - "StartExportTask": { - "privilege": "StartExportTask", - "description": "Grants permission to start a new Export task for a DB snapshot", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartExportTask.html" - }, - "StopActivityStream": { - "privilege": "StopActivityStream", - "description": "Grants permission to stop Activity Stream", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "db": { - "resource_type": "db", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopActivityStream.html" - }, - "StopDBCluster": { - "privilege": "StopDBCluster", - "description": "Grants permission to stop the DB cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopDBCluster.html" - }, - "StopDBInstance": { - "privilege": "StopDBInstance", - "description": "Grants permission to stop the DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopDBInstance.html" - }, - "StopDBInstanceAutomatedBackupsReplication": { - "privilege": "StopDBInstanceAutomatedBackupsReplication", - "description": "Grants permission to stop automated backup replication for a DB instance", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopDBInstanceAutomatedBackupsReplication.html" - }, - "SwitchoverBlueGreenDeployment": { - "privilege": "SwitchoverBlueGreenDeployment", - "description": "Grants permission to switch a blue-green deployment from source instance or cluster to target", - "access_level": "Write", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds:ModifyDBCluster", - "rds:ModifyDBInstance", - "rds:PromoteReadReplica", - "rds:PromoteReadReplicaDBCluster" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "rds:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_SwitchoverBlueGreenDeployment.html" - }, - "SwitchoverReadReplica": { - "privilege": "SwitchoverReadReplica", - "description": "Grants permission to switch over a read replica, making it the new primary database", - "access_level": "Write", - "resource_types": { - "db": { - "resource_type": "db", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_SwitchoverReadReplica.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster:${DbClusterInstanceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:cluster-tag/${TagKey}" - ] - }, - "cluster-endpoint": { - "resource": "cluster-endpoint", - "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster-endpoint:${DbClusterEndpoint}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "cluster-pg": { - "resource": "cluster-pg", - "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster-pg:${ClusterParameterGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:cluster-pg-tag/${TagKey}" - ] - }, - "cluster-snapshot": { - "resource": "cluster-snapshot", - "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster-snapshot:${ClusterSnapshotName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:cluster-snapshot-tag/${TagKey}" - ] - }, - "db": { - "resource": "db", - "arn": "arn:${Partition}:rds:${Region}:${Account}:db:${DbInstanceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:DatabaseClass", - "rds:DatabaseEngine", - "rds:DatabaseName", - "rds:MultiAz", - "rds:Piops", - "rds:StorageEncrypted", - "rds:StorageSize", - "rds:Vpc", - "rds:db-tag/${TagKey}" - ] - }, - "es": { - "resource": "es", - "arn": "arn:${Partition}:rds:${Region}:${Account}:es:${SubscriptionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:es-tag/${TagKey}" - ] - }, - "global-cluster": { - "resource": "global-cluster", - "arn": "arn:${Partition}:rds::${Account}:global-cluster:${GlobalCluster}", - "condition_keys": [] - }, - "og": { - "resource": "og", - "arn": "arn:${Partition}:rds:${Region}:${Account}:og:${OptionGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:og-tag/${TagKey}" - ] - }, - "pg": { - "resource": "pg", - "arn": "arn:${Partition}:rds:${Region}:${Account}:pg:${ParameterGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:pg-tag/${TagKey}" - ] - }, - "proxy": { - "resource": "proxy", - "arn": "arn:${Partition}:rds:${Region}:${Account}:db-proxy:${DbProxyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "proxy-endpoint": { - "resource": "proxy-endpoint", - "arn": "arn:${Partition}:rds:${Region}:${Account}:db-proxy-endpoint:${DbProxyEndpointId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ri": { - "resource": "ri", - "arn": "arn:${Partition}:rds:${Region}:${Account}:ri:${ReservedDbInstanceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:ri-tag/${TagKey}" - ] - }, - "secgrp": { - "resource": "secgrp", - "arn": "arn:${Partition}:rds:${Region}:${Account}:secgrp:${SecurityGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:secgrp-tag/${TagKey}" - ] - }, - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:rds:${Region}:${Account}:snapshot:${SnapshotName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:snapshot-tag/${TagKey}" - ] - }, - "subgrp": { - "resource": "subgrp", - "arn": "arn:${Partition}:rds:${Region}:${Account}:subgrp:${SubnetGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rds:subgrp-tag/${TagKey}" - ] - }, - "target": { - "resource": "target", - "arn": "arn:${Partition}:rds:${Region}:${Account}:target:${TargetId}", - "condition_keys": [] - }, - "target-group": { - "resource": "target-group", - "arn": "arn:${Partition}:rds:${Region}:${Account}:target-group:${TargetGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "cev": { - "resource": "cev", - "arn": "arn:${Partition}:rds:${Region}:${Account}:cev:${Engine}/${EngineVersion}/${CustomDbEngineVersionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deployment": { - "resource": "deployment", - "arn": "arn:${Partition}:rds:${Region}:${Account}:deployment:${BlueGreenDeploymentIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the set of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the set of tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the set of tag keys in the request", - "type": "ArrayOfString" - }, - "rds:BackupTarget": { - "condition": "rds:BackupTarget", - "description": "Filters access by the type of backup target. One of: REGION, OUTPOSTS", - "type": "String" - }, - "rds:CopyOptionGroup": { - "condition": "rds:CopyOptionGroup", - "description": "Filters access by the value that specifies whether the CopyDBSnapshot action requires copying the DB option group", - "type": "Bool" - }, - "rds:DatabaseClass": { - "condition": "rds:DatabaseClass", - "description": "Filters access by the type of DB instance class", - "type": "String" - }, - "rds:DatabaseEngine": { - "condition": "rds:DatabaseEngine", - "description": "Filters access by the database engine. For possible values refer to the engine parameter in CreateDBInstance API", - "type": "String" - }, - "rds:DatabaseName": { - "condition": "rds:DatabaseName", - "description": "Filters access by the user-defined name of the database on the DB instance", - "type": "String" - }, - "rds:EndpointType": { - "condition": "rds:EndpointType", - "description": "Filters access by the type of the endpoint. One of: READER, WRITER, CUSTOM", - "type": "String" - }, - "rds:ManageMasterUserPassword": { - "condition": "rds:ManageMasterUserPassword", - "description": "Filters access by the value that specifies whether RDS manages master user password in AWS Secrets Manager for the DB instance or cluster", - "type": "Bool" - }, - "rds:MultiAz": { - "condition": "rds:MultiAz", - "description": "Filters access by the value that specifies whether the DB instance runs in multiple Availability Zones. To indicate that the DB instance is using Multi-AZ, specify true", - "type": "Bool" - }, - "rds:Piops": { - "condition": "rds:Piops", - "description": "Filters access by the value that contains the number of Provisioned IOPS (PIOPS) that the instance supports. To indicate a DB instance that does not have PIOPS enabled, specify 0", - "type": "Numeric" - }, - "rds:StorageEncrypted": { - "condition": "rds:StorageEncrypted", - "description": "Filters access by the value that specifies whether the DB instance storage should be encrypted. To enforce storage encryption, specify true", - "type": "Bool" - }, - "rds:StorageSize": { - "condition": "rds:StorageSize", - "description": "Filters access by the storage volume size (in GB)", - "type": "Numeric" - }, - "rds:Vpc": { - "condition": "rds:Vpc", - "description": "Filters access by the value that specifies whether the DB instance runs in an Amazon Virtual Private Cloud (Amazon VPC). To indicate that the DB instance runs in an Amazon VPC, specify true", - "type": "Bool" - }, - "rds:cluster-pg-tag/${TagKey}": { - "condition": "rds:cluster-pg-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB cluster parameter group", - "type": "String" - }, - "rds:cluster-snapshot-tag/${TagKey}": { - "condition": "rds:cluster-snapshot-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB cluster snapshot", - "type": "String" - }, - "rds:cluster-tag/${TagKey}": { - "condition": "rds:cluster-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB cluster", - "type": "String" - }, - "rds:db-tag/${TagKey}": { - "condition": "rds:db-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB instance", - "type": "String" - }, - "rds:es-tag/${TagKey}": { - "condition": "rds:es-tag/${TagKey}", - "description": "Filters access by the tag attached to an event subscription", - "type": "String" - }, - "rds:og-tag/${TagKey}": { - "condition": "rds:og-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB option group", - "type": "String" - }, - "rds:pg-tag/${TagKey}": { - "condition": "rds:pg-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB parameter group", - "type": "String" - }, - "rds:req-tag/${TagKey}": { - "condition": "rds:req-tag/${TagKey}", - "description": "Filters access by the set of tag keys and values that can be used to tag a resource", - "type": "String" - }, - "rds:ri-tag/${TagKey}": { - "condition": "rds:ri-tag/${TagKey}", - "description": "Filters access by the tag attached to a reserved DB instance", - "type": "String" - }, - "rds:secgrp-tag/${TagKey}": { - "condition": "rds:secgrp-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB security group", - "type": "String" - }, - "rds:snapshot-tag/${TagKey}": { - "condition": "rds:snapshot-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB snapshot", - "type": "String" - }, - "rds:subgrp-tag/${TagKey}": { - "condition": "rds:subgrp-tag/${TagKey}", - "description": "Filters access by the tag attached to a DB subnet group", - "type": "String" - } - } - }, - "rds-data": { - "service_name": "Amazon RDS Data API", - "prefix": "rds-data", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrdsdataapi.html", - "privileges": { - "BatchExecuteStatement": { - "privilege": "BatchExecuteStatement", - "description": "Grants permission to run a batch SQL statement over an array of data", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_BatchExecuteStatement.html" - }, - "BeginTransaction": { - "privilege": "BeginTransaction", - "description": "Grants permission to start a SQL transaction", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_BeginTransaction.html" - }, - "CommitTransaction": { - "privilege": "CommitTransaction", - "description": "Grants permission to end a SQL transaction started with the BeginTransaction operation and commits the changes", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds-data:BeginTransaction" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_CommitTransaction.html" - }, - "ExecuteSql": { - "privilege": "ExecuteSql", - "description": "Grants permission to run one or more SQL statements. This operation is deprecated. Use the BatchExecuteStatement or ExecuteStatement operation", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_ExecuteSql.html" - }, - "ExecuteStatement": { - "privilege": "ExecuteStatement", - "description": "Grants permission to run a SQL statement against a database", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_ExecuteStatement.html" - }, - "RollbackTransaction": { - "privilege": "RollbackTransaction", - "description": "Grants permission to perform a rollback of a transaction. Rolling back a transaction cancels its changes", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "rds-data:BeginTransaction" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_RollbackTransaction.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster:${DbClusterInstanceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - } - }, - "conditions": { - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys associated with the resource", - "type": "ArrayOfString" - } - } - }, - "rds-db": { - "service_name": "Amazon RDS IAM Authentication", - "prefix": "rds-db", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrdsiamauthentication.html", - "privileges": { - "connect": { - "privilege": "connect", - "description": "Allows IAM role or user to connect to RDS database", - "access_level": "Permissions management", - "resource_types": { - "db-user": { - "resource_type": "db-user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.IAMPolicy.html" - } - }, - "resources": { - "db-user": { - "resource": "db-user", - "arn": "arn:${Partition}:rds-db:${Region}:${Account}:dbuser:${DbiResourceId}/${DbUserName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "redshift": { - "service_name": "Amazon Redshift", - "prefix": "redshift", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonredshift.html", - "privileges": { - "AcceptReservedNodeExchange": { - "privilege": "AcceptReservedNodeExchange", - "description": "Grants permission to exchange a DC1 reserved node for a DC2 reserved node with no changes to the configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AcceptReservedNodeExchange.html" - }, - "AddPartner": { - "privilege": "AddPartner", - "description": "Grants permission to add a partner integration to a cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AddPartner.html" - }, - "AssociateDataShareConsumer": { - "privilege": "AssociateDataShareConsumer", - "description": "Grants permission to associate a consumer to a datashare", - "access_level": "Write", - "resource_types": { - "datashare": { - "resource_type": "datashare", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift:ConsumerArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AssociateDataShareConsumer.html" - }, - "AuthorizeClusterSecurityGroupIngress": { - "privilege": "AuthorizeClusterSecurityGroupIngress", - "description": "Grants permission to add an inbound (ingress) rule to an Amazon Redshift security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-ec2securitygroup": { - "resource_type": "securitygroupingress-ec2securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeClusterSecurityGroupIngress.html" - }, - "AuthorizeDataShare": { - "privilege": "AuthorizeDataShare", - "description": "Grants permission to authorize the specified datashare consumer to consume a datashare", - "access_level": "Permissions management", - "resource_types": { - "datashare": { - "resource_type": "datashare", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift:ConsumerIdentifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeDataShare.html" - }, - "AuthorizeEndpointAccess": { - "privilege": "AuthorizeEndpointAccess", - "description": "Grants permission to authorize endpoint related activities for redshift-managed vpc endpoint", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeEndpointAccess.html" - }, - "AuthorizeSnapshotAccess": { - "privilege": "AuthorizeSnapshotAccess", - "description": "Grants permission to the specified AWS account to restore a snapshot", - "access_level": "Permissions management", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeSnapshotAccess.html" - }, - "BatchDeleteClusterSnapshots": { - "privilege": "BatchDeleteClusterSnapshots", - "description": "Grants permission to delete snapshots in a batch of size upto 100", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_BatchDeleteClusterSnapshots.html" - }, - "BatchModifyClusterSnapshots": { - "privilege": "BatchModifyClusterSnapshots", - "description": "Grants permission to modify settings for a list of snapshots", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_BatchModifyClusterSnapshots.html" - }, - "CancelQuery": { - "privilege": "CancelQuery", - "description": "Grants permission to cancel a query through the Amazon Redshift console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CancelQuerySession": { - "privilege": "CancelQuerySession", - "description": "Grants permission to see queries in the Amazon Redshift console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CancelResize": { - "privilege": "CancelResize", - "description": "Grants permission to cancel a resize operation", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CancelResize.html" - }, - "CopyClusterSnapshot": { - "privilege": "CopyClusterSnapshot", - "description": "Grants permission to copy a cluster snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CopyClusterSnapshot.html" - }, - "CreateAuthenticationProfile": { - "privilege": "CreateAuthenticationProfile", - "description": "Grants permission to create an Amazon Redshift authentication profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateAuthenticationProfile.html" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateCluster.html" - }, - "CreateClusterParameterGroup": { - "privilege": "CreateClusterParameterGroup", - "description": "Grants permission to create an Amazon Redshift parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterParameterGroup.html" - }, - "CreateClusterSecurityGroup": { - "privilege": "CreateClusterSecurityGroup", - "description": "Grants permission to create an Amazon Redshift security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSecurityGroup.html" - }, - "CreateClusterSnapshot": { - "privilege": "CreateClusterSnapshot", - "description": "Grants permission to create a manual snapshot of the specified cluster", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html" - }, - "CreateClusterSubnetGroup": { - "privilege": "CreateClusterSubnetGroup", - "description": "Grants permission to create an Amazon Redshift subnet group", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSubnetGroup.html" - }, - "CreateClusterUser": { - "privilege": "CreateClusterUser", - "description": "Grants permission to automatically create the specified Amazon Redshift user if it does not exist", - "access_level": "Permissions management", - "resource_types": { - "dbuser": { - "resource_type": "dbuser", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift:DbUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/generating-iam-credentials-role-permissions.html" - }, - "CreateEndpointAccess": { - "privilege": "CreateEndpointAccess", - "description": "Grants permission to create a redshift-managed vpc endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateEndpointAccess.html" - }, - "CreateEventSubscription": { - "privilege": "CreateEventSubscription", - "description": "Grants permission to create an Amazon Redshift event notification subscription", - "access_level": "Write", - "resource_types": { - "eventsubscription": { - "resource_type": "eventsubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateEventSubscription.html" - }, - "CreateHsmClientCertificate": { - "privilege": "CreateHsmClientCertificate", - "description": "Grants permission to create an HSM client certificate that a cluster uses to connect to an HSM", - "access_level": "Write", - "resource_types": { - "hsmclientcertificate": { - "resource_type": "hsmclientcertificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateHsmClientCertificate.html" - }, - "CreateHsmConfiguration": { - "privilege": "CreateHsmConfiguration", - "description": "Grants permission to create an HSM configuration that contains information required by a cluster to store and use database encryption keys in a hardware security module (HSM)", - "access_level": "Write", - "resource_types": { - "hsmconfiguration": { - "resource_type": "hsmconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateHsmConfiguration.html" - }, - "CreateSavedQuery": { - "privilege": "CreateSavedQuery", - "description": "Grants permission to create saved SQL queries through the Amazon Redshift console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateScheduledAction": { - "privilege": "CreateScheduledAction", - "description": "Grants permission to create an Amazon Redshift scheduled action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateScheduledAction.html" - }, - "CreateSnapshotCopyGrant": { - "privilege": "CreateSnapshotCopyGrant", - "description": "Grants permission to create a snapshot copy grant and encrypt copied snapshots in a destination AWS Region", - "access_level": "Permissions management", - "resource_types": { - "snapshotcopygrant": { - "resource_type": "snapshotcopygrant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateSnapshotCopyGrant.html" - }, - "CreateSnapshotSchedule": { - "privilege": "CreateSnapshotSchedule", - "description": "Grants permission to create a snapshot schedule", - "access_level": "Write", - "resource_types": { - "snapshotschedule": { - "resource_type": "snapshotschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateSnapshotSchedule.html" - }, - "CreateTags": { - "privilege": "CreateTags", - "description": "Grants permission to add one or more tags to a specified resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbgroup": { - "resource_type": "dbgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbname": { - "resource_type": "dbname", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbuser": { - "resource_type": "dbuser", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "eventsubscription": { - "resource_type": "eventsubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hsmclientcertificate": { - "resource_type": "hsmclientcertificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hsmconfiguration": { - "resource_type": "hsmconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-cidr": { - "resource_type": "securitygroupingress-cidr", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-ec2securitygroup": { - "resource_type": "securitygroupingress-ec2securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshotcopygrant": { - "resource_type": "snapshotcopygrant", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshotschedule": { - "resource_type": "snapshotschedule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usagelimit": { - "resource_type": "usagelimit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateTags.html" - }, - "CreateUsageLimit": { - "privilege": "CreateUsageLimit", - "description": "Grants permission to create a usage limit", - "access_level": "Write", - "resource_types": { - "usagelimit": { - "resource_type": "usagelimit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateUsageLimit.html" - }, - "DeauthorizeDataShare": { - "privilege": "DeauthorizeDataShare", - "description": "Grants permission to remove permission from the specified datashare consumer to consume a datashare", - "access_level": "Permissions management", - "resource_types": { - "datashare": { - "resource_type": "datashare", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift:ConsumerIdentifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeauthorizeDataShare.html" - }, - "DeleteAuthenticationProfile": { - "privilege": "DeleteAuthenticationProfile", - "description": "Grants permission to delete an Amazon Redshift authentication profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_DeleteAuthenticationProfile.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permission to delete a previously provisioned cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteCluster.html" - }, - "DeleteClusterParameterGroup": { - "privilege": "DeleteClusterParameterGroup", - "description": "Grants permission to delete an Amazon Redshift parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterParameterGroup.html" - }, - "DeleteClusterSecurityGroup": { - "privilege": "DeleteClusterSecurityGroup", - "description": "Grants permission to delete an Amazon Redshift security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterSecurityGroup.html" - }, - "DeleteClusterSnapshot": { - "privilege": "DeleteClusterSnapshot", - "description": "Grants permission to delete a manual snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterSnapshot.html" - }, - "DeleteClusterSubnetGroup": { - "privilege": "DeleteClusterSubnetGroup", - "description": "Grants permission to delete a cluster subnet group", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterSubnetGroup.html" - }, - "DeleteEndpointAccess": { - "privilege": "DeleteEndpointAccess", - "description": "Grants permission to delete a redshift-managed vpc endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteEndpointAccess.html" - }, - "DeleteEventSubscription": { - "privilege": "DeleteEventSubscription", - "description": "Grants permission to delete an Amazon Redshift event notification subscription", - "access_level": "Write", - "resource_types": { - "eventsubscription": { - "resource_type": "eventsubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteEventSubscription.html" - }, - "DeleteHsmClientCertificate": { - "privilege": "DeleteHsmClientCertificate", - "description": "Grants permission to delete an HSM client certificate", - "access_level": "Write", - "resource_types": { - "hsmclientcertificate": { - "resource_type": "hsmclientcertificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteHsmClientCertificate.html" - }, - "DeleteHsmConfiguration": { - "privilege": "DeleteHsmConfiguration", - "description": "Grants permission to delete an Amazon Redshift HSM configuration", - "access_level": "Write", - "resource_types": { - "hsmconfiguration": { - "resource_type": "hsmconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteHsmConfiguration.html" - }, - "DeletePartner": { - "privilege": "DeletePartner", - "description": "Grants permission to delete a partner integration from a cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeletePartner.html" - }, - "DeleteSavedQueries": { - "privilege": "DeleteSavedQueries", - "description": "Grants permission to delete saved SQL queries through the Amazon Redshift console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteScheduledAction": { - "privilege": "DeleteScheduledAction", - "description": "Grants permission to delete an Amazon Redshift scheduled action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_DeleteScheduledAction.html" - }, - "DeleteSnapshotCopyGrant": { - "privilege": "DeleteSnapshotCopyGrant", - "description": "Grants permission to delete a snapshot copy grant", - "access_level": "Write", - "resource_types": { - "snapshotcopygrant": { - "resource_type": "snapshotcopygrant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteSnapshotCopyGrant.html" - }, - "DeleteSnapshotSchedule": { - "privilege": "DeleteSnapshotSchedule", - "description": "Grants permission to delete a snapshot schedule", - "access_level": "Write", - "resource_types": { - "snapshotschedule": { - "resource_type": "snapshotschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteSnapshotSchedule.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete a tag or tags from a resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbgroup": { - "resource_type": "dbgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbname": { - "resource_type": "dbname", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbuser": { - "resource_type": "dbuser", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "eventsubscription": { - "resource_type": "eventsubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hsmclientcertificate": { - "resource_type": "hsmclientcertificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hsmconfiguration": { - "resource_type": "hsmconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-cidr": { - "resource_type": "securitygroupingress-cidr", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-ec2securitygroup": { - "resource_type": "securitygroupingress-ec2securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshotcopygrant": { - "resource_type": "snapshotcopygrant", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshotschedule": { - "resource_type": "snapshotschedule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usagelimit": { - "resource_type": "usagelimit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteTags.html" - }, - "DeleteUsageLimit": { - "privilege": "DeleteUsageLimit", - "description": "Grants permission to delete a usage limit", - "access_level": "Write", - "resource_types": { - "usagelimit": { - "resource_type": "usagelimit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteUsageLimit.html" - }, - "DescribeAccountAttributes": { - "privilege": "DescribeAccountAttributes", - "description": "Grants permission to describe attributes attached to the specified AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeAccountAttributes.html" - }, - "DescribeAuthenticationProfiles": { - "privilege": "DescribeAuthenticationProfiles", - "description": "Grants permission to describe created Amazon Redshift authentication profiles", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_DescribeAuthenticationProfiles.html" - }, - "DescribeClusterDbRevisions": { - "privilege": "DescribeClusterDbRevisions", - "description": "Grants permission to describe database revisions for a cluster", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterDbRevisions.html" - }, - "DescribeClusterParameterGroups": { - "privilege": "DescribeClusterParameterGroups", - "description": "Grants permission to describe Amazon Redshift parameter groups, including parameter groups you created and the default parameter group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterParameterGroups.html" - }, - "DescribeClusterParameters": { - "privilege": "DescribeClusterParameters", - "description": "Grants permission to describe parameters contained within an Amazon Redshift parameter group", - "access_level": "Read", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterParameters.html" - }, - "DescribeClusterSecurityGroups": { - "privilege": "DescribeClusterSecurityGroups", - "description": "Grants permission to describe Amazon Redshift security groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterSecurityGroups.html" - }, - "DescribeClusterSnapshots": { - "privilege": "DescribeClusterSnapshots", - "description": "Grants permission to describe one or more snapshot objects, which contain metadata about your cluster snapshots", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterSnapshots.html" - }, - "DescribeClusterSubnetGroups": { - "privilege": "DescribeClusterSubnetGroups", - "description": "Grants permission to describe one or more cluster subnet group objects, which contain metadata about your cluster subnet groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterSubnetGroups.html" - }, - "DescribeClusterTracks": { - "privilege": "DescribeClusterTracks", - "description": "Grants permission to describe available maintenance tracks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterTracks.html" - }, - "DescribeClusterVersions": { - "privilege": "DescribeClusterVersions", - "description": "Grants permission to describe available Amazon Redshift cluster versions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterVersions.html" - }, - "DescribeClusters": { - "privilege": "DescribeClusters", - "description": "Grants permission to describe properties of provisioned clusters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusters.html" - }, - "DescribeDataShares": { - "privilege": "DescribeDataShares", - "description": "Grants permission to describe datashares created and consumed by your clusters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDataShares.html" - }, - "DescribeDataSharesForConsumer": { - "privilege": "DescribeDataSharesForConsumer", - "description": "Grants permission to describe only datashares consumed by your clusters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDataSharesForConsumer.html" - }, - "DescribeDataSharesForProducer": { - "privilege": "DescribeDataSharesForProducer", - "description": "Grants permission to describe only datashares created by your clusters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDataSharesForProducer.html" - }, - "DescribeDefaultClusterParameters": { - "privilege": "DescribeDefaultClusterParameters", - "description": "Grants permission to describe parameter settings for a parameter group family", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDefaultClusterParameters.html" - }, - "DescribeEndpointAccess": { - "privilege": "DescribeEndpointAccess", - "description": "Grants permission to describe redshift-managed vpc endpoints", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEndpointAccess.html" - }, - "DescribeEndpointAuthorization": { - "privilege": "DescribeEndpointAuthorization", - "description": "Grants permission to authorize describe activity for redshift-managed vpc endpoint", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEndpointAuthorization.html" - }, - "DescribeEventCategories": { - "privilege": "DescribeEventCategories", - "description": "Grants permission to describe event categories for all event source types, or for a specified source type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEventCategories.html" - }, - "DescribeEventSubscriptions": { - "privilege": "DescribeEventSubscriptions", - "description": "Grants permission to describe Amazon Redshift event notification subscriptions for the specified AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEventSubscriptions.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to describe events related to clusters, security groups, snapshots, and parameter groups for the past 14 days", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEvents.html" - }, - "DescribeHsmClientCertificates": { - "privilege": "DescribeHsmClientCertificates", - "description": "Grants permission to describe HSM client certificates", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeHsmClientCertificates.html" - }, - "DescribeHsmConfigurations": { - "privilege": "DescribeHsmConfigurations", - "description": "Grants permission to describe Amazon Redshift HSM configurations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeHsmConfigurations.html" - }, - "DescribeLoggingStatus": { - "privilege": "DescribeLoggingStatus", - "description": "Grants permission to describe whether information, such as queries and connection attempts, is being logged for a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeLoggingStatus.html" - }, - "DescribeNodeConfigurationOptions": { - "privilege": "DescribeNodeConfigurationOptions", - "description": "Grants permission to describe properties of possible node configurations such as node type, number of nodes, and disk usage for the specified action type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeNodeConfigurationOptions.html" - }, - "DescribeOrderableClusterOptions": { - "privilege": "DescribeOrderableClusterOptions", - "description": "Grants permission to describe orderable cluster options", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeOrderableClusterOptions.html" - }, - "DescribePartners": { - "privilege": "DescribePartners", - "description": "Grants permission to retrieve information about the partner integrations defined for a cluster", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribePartners.html" - }, - "DescribeQuery": { - "privilege": "DescribeQuery", - "description": "Grants permission to describe a query through the Amazon Redshift console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DescribeReservedNodeExchangeStatus": { - "privilege": "DescribeReservedNodeExchangeStatus", - "description": "Grants permission to describe exchange status details and associated metadata for a reserved-node exchange. Statuses include such values as in progress and requested", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeReservedNodeExchangeStatus.html" - }, - "DescribeReservedNodeOfferings": { - "privilege": "DescribeReservedNodeOfferings", - "description": "Grants permission to describe available reserved node offerings by Amazon Redshift", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeReservedNodeOfferings.html" - }, - "DescribeReservedNodes": { - "privilege": "DescribeReservedNodes", - "description": "Grants permission to describe the reserved nodes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeReservedNodes.html" - }, - "DescribeResize": { - "privilege": "DescribeResize", - "description": "Grants permission to describe the last resize operation for a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeResize.html" - }, - "DescribeSavedQueries": { - "privilege": "DescribeSavedQueries", - "description": "Grants permission to describe saved queries through the Amazon Redshift console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DescribeScheduledActions": { - "privilege": "DescribeScheduledActions", - "description": "Grants permission to describe created Amazon Redshift scheduled actions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_DescribeScheduledActions.html" - }, - "DescribeSnapshotCopyGrants": { - "privilege": "DescribeSnapshotCopyGrants", - "description": "Grants permission to describe snapshot copy grants owned by the specified AWS account in the destination AWS Region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeSnapshotCopyGrants.html" - }, - "DescribeSnapshotSchedules": { - "privilege": "DescribeSnapshotSchedules", - "description": "Grants permission to describe snapshot schedules", - "access_level": "Read", - "resource_types": { - "snapshotschedule": { - "resource_type": "snapshotschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeSnapshotSchedules.html" - }, - "DescribeStorage": { - "privilege": "DescribeStorage", - "description": "Grants permission to describe account level backups storage size and provisional storage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeStorage.html" - }, - "DescribeTable": { - "privilege": "DescribeTable", - "description": "Grants permission to describe a table through the Amazon Redshift console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DescribeTableRestoreStatus": { - "privilege": "DescribeTableRestoreStatus", - "description": "Grants permission to describe status of one or more table restore requests made using the RestoreTableFromClusterSnapshot API action", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeTableRestoreStatus.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to describe tags", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbgroup": { - "resource_type": "dbgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbname": { - "resource_type": "dbname", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbuser": { - "resource_type": "dbuser", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "eventsubscription": { - "resource_type": "eventsubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hsmclientcertificate": { - "resource_type": "hsmclientcertificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hsmconfiguration": { - "resource_type": "hsmconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parametergroup": { - "resource_type": "parametergroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroup": { - "resource_type": "securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-cidr": { - "resource_type": "securitygroupingress-cidr", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-ec2securitygroup": { - "resource_type": "securitygroupingress-ec2securitygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshotcopygrant": { - "resource_type": "snapshotcopygrant", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshotschedule": { - "resource_type": "snapshotschedule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subnetgroup": { - "resource_type": "subnetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "usagelimit": { - "resource_type": "usagelimit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeTags.html" - }, - "DescribeUsageLimits": { - "privilege": "DescribeUsageLimits", - "description": "Grants permission to describe usage limits", - "access_level": "Read", - "resource_types": { - "usagelimit": { - "resource_type": "usagelimit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeUsageLimits.html" - }, - "DisableLogging": { - "privilege": "DisableLogging", - "description": "Grants permission to disable logging information, such as queries and connection attempts, for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DisableLogging.html" - }, - "DisableSnapshotCopy": { - "privilege": "DisableSnapshotCopy", - "description": "Grants permission to disable the automatic copy of snapshots for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DisableSnapshotCopy.html" - }, - "DisassociateDataShareConsumer": { - "privilege": "DisassociateDataShareConsumer", - "description": "Grants permission to disassociate a consumer from a datashare", - "access_level": "Write", - "resource_types": { - "datashare": { - "resource_type": "datashare", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift:ConsumerArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DisassociateDataShareConsumer.html" - }, - "EnableLogging": { - "privilege": "EnableLogging", - "description": "Grants permission to enable logging information, such as queries and connection attempts, for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_EnableLogging.html" - }, - "EnableSnapshotCopy": { - "privilege": "EnableSnapshotCopy", - "description": "Grants permission to enable the automatic copy of snapshots for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_EnableSnapshotCopy.html" - }, - "ExecuteQuery": { - "privilege": "ExecuteQuery", - "description": "Grants permission to execute a query through the Amazon Redshift console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "FetchResults": { - "privilege": "FetchResults", - "description": "Grants permission to fetch query results through the Amazon Redshift console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetClusterCredentials": { - "privilege": "GetClusterCredentials", - "description": "Grants permission to get temporary credentials to access an Amazon Redshift database by the specified AWS account", - "access_level": "Write", - "resource_types": { - "dbuser": { - "resource_type": "dbuser", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "dbgroup": { - "resource_type": "dbgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dbname": { - "resource_type": "dbname", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift:DbName", - "redshift:DbUser", - "redshift:DurationSeconds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetClusterCredentials.html" - }, - "GetClusterCredentialsWithIAM": { - "privilege": "GetClusterCredentialsWithIAM", - "description": "Grants permission to get enhanced temporary credentials to access an Amazon Redshift database by the specified AWS account", - "access_level": "Write", - "resource_types": { - "dbname": { - "resource_type": "dbname", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift:DbName", - "redshift:DurationSeconds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetClusterCredentialsWithIAM.html" - }, - "GetReservedNodeExchangeConfigurationOptions": { - "privilege": "GetReservedNodeExchangeConfigurationOptions", - "description": "Grants permission to get the configuration options for the reserved-node exchange", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetReservedNodeExchangeConfigurationOptions.html" - }, - "GetReservedNodeExchangeOfferings": { - "privilege": "GetReservedNodeExchangeOfferings", - "description": "Grants permission to get an array of DC2 ReservedNodeOfferings that matches the payment type, term, and usage price of the given DC1 reserved node", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetReservedNodeExchangeOfferings.html" - }, - "JoinGroup": { - "privilege": "JoinGroup", - "description": "Grants permission to join the specified Amazon Redshift group", - "access_level": "Permissions management", - "resource_types": { - "dbgroup": { - "resource_type": "dbgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetClusterCredentials.html" - }, - "ListDatabases": { - "privilege": "ListDatabases", - "description": "Grants permission to list databases through the Amazon Redshift console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListSavedQueries": { - "privilege": "ListSavedQueries", - "description": "Grants permission to list saved queries through the Amazon Redshift console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListSchemas": { - "privilege": "ListSchemas", - "description": "Grants permission to list schemas through the Amazon Redshift console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListTables": { - "privilege": "ListTables", - "description": "Grants permission to list tables through the Amazon Redshift console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ModifyAquaConfiguration": { - "privilege": "ModifyAquaConfiguration", - "description": "Grants permission to modify the AQUA configuration of a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyAquaConfiguration.html" - }, - "ModifyAuthenticationProfile": { - "privilege": "ModifyAuthenticationProfile", - "description": "Grants permission to modify an existing Amazon Redshift authentication profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyAuthenticationProfile.html" - }, - "ModifyCluster": { - "privilege": "ModifyCluster", - "description": "Grants permission to modify the settings of a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyCluster.html" - }, - "ModifyClusterDbRevision": { - "privilege": "ModifyClusterDbRevision", - "description": "Grants permission to modify the database revision of a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterDbRevision.html" - }, - "ModifyClusterIamRoles": { - "privilege": "ModifyClusterIamRoles", - "description": "Grants permission to modify the list of AWS Identity and Access Management (IAM) roles that can be used by a cluster to access other AWS services", - "access_level": "Permissions management", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterIamRoles.html" - }, - "ModifyClusterMaintenance": { - "privilege": "ModifyClusterMaintenance", - "description": "Grants permission to modify the maintenance settings of a cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterMaintenance.html" - }, - "ModifyClusterParameterGroup": { - "privilege": "ModifyClusterParameterGroup", - "description": "Grants permission to modify the parameters of a parameter group", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterParameterGroup.html" - }, - "ModifyClusterSnapshot": { - "privilege": "ModifyClusterSnapshot", - "description": "Grants permission to modify the settings of a snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterSnapshot.html" - }, - "ModifyClusterSnapshotSchedule": { - "privilege": "ModifyClusterSnapshotSchedule", - "description": "Grants permission to modify a snapshot schedule for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterSnapshotSchedule.html" - }, - "ModifyClusterSubnetGroup": { - "privilege": "ModifyClusterSubnetGroup", - "description": "Grants permission to modify a cluster subnet group to include the specified list of VPC subnets", - "access_level": "Write", - "resource_types": { - "subnetgroup": { - "resource_type": "subnetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterSubnetGroup.html" - }, - "ModifyEndpointAccess": { - "privilege": "ModifyEndpointAccess", - "description": "Grants permission to modify a redshift-managed vpc endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyEndpointAccess.html" - }, - "ModifyEventSubscription": { - "privilege": "ModifyEventSubscription", - "description": "Grants permission to modify an existing Amazon Redshift event notification subscription", - "access_level": "Write", - "resource_types": { - "eventsubscription": { - "resource_type": "eventsubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyEventSubscription.html" - }, - "ModifySavedQuery": { - "privilege": "ModifySavedQuery", - "description": "Grants permission to modify an existing saved query through the Amazon Redshift console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ModifyScheduledAction": { - "privilege": "ModifyScheduledAction", - "description": "Grants permission to modify an existing Amazon Redshift scheduled action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyScheduledAction.html" - }, - "ModifySnapshotCopyRetentionPeriod": { - "privilege": "ModifySnapshotCopyRetentionPeriod", - "description": "Grants permission to modify the number of days to retain snapshots in the destination AWS Region after they are copied from the source AWS Region", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifySnapshotCopyRetentionPeriod.html" - }, - "ModifySnapshotSchedule": { - "privilege": "ModifySnapshotSchedule", - "description": "Grants permission to modify a snapshot schedule", - "access_level": "Write", - "resource_types": { - "snapshotschedule": { - "resource_type": "snapshotschedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifySnapshotSchedule.html" - }, - "ModifyUsageLimit": { - "privilege": "ModifyUsageLimit", - "description": "Grants permission to modify a usage limit", - "access_level": "Write", - "resource_types": { - "usagelimit": { - "resource_type": "usagelimit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyUsageLimit.html" - }, - "PauseCluster": { - "privilege": "PauseCluster", - "description": "Grants permission to pause a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_PauseCluster.html" - }, - "PurchaseReservedNodeOffering": { - "privilege": "PurchaseReservedNodeOffering", - "description": "Grants permission to purchase a reserved node", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_PurchaseReservedNodeOffering.html" - }, - "RebootCluster": { - "privilege": "RebootCluster", - "description": "Grants permission to reboot a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RebootCluster.html" - }, - "RejectDataShare": { - "privilege": "RejectDataShare", - "description": "Grants permission to decline a datashare shared from another account", - "access_level": "Permissions management", - "resource_types": { - "datashare": { - "resource_type": "datashare", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RejectDataShare.html" - }, - "ResetClusterParameterGroup": { - "privilege": "ResetClusterParameterGroup", - "description": "Grants permission to set one or more parameters of a parameter group to their default values and set the source values of the parameters to \"engine-default\"", - "access_level": "Write", - "resource_types": { - "parametergroup": { - "resource_type": "parametergroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ResetClusterParameterGroup.html" - }, - "ResizeCluster": { - "privilege": "ResizeCluster", - "description": "Grants permission to change the size of a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ResizeCluster.html" - }, - "RestoreFromClusterSnapshot": { - "privilege": "RestoreFromClusterSnapshot", - "description": "Grants permission to create a cluster from a snapshot", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RestoreFromClusterSnapshot.html" - }, - "RestoreTableFromClusterSnapshot": { - "privilege": "RestoreTableFromClusterSnapshot", - "description": "Grants permission to create a table from a table in an Amazon Redshift cluster snapshot", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RestoreTableFromClusterSnapshot.html" - }, - "ResumeCluster": { - "privilege": "ResumeCluster", - "description": "Grants permission to resume a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ResumeCluster.html" - }, - "RevokeClusterSecurityGroupIngress": { - "privilege": "RevokeClusterSecurityGroupIngress", - "description": "Grants permission to revoke an ingress rule in an Amazon Redshift security group for a previously authorized IP range or Amazon EC2 security group", - "access_level": "Write", - "resource_types": { - "securitygroup": { - "resource_type": "securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "securitygroupingress-ec2securitygroup": { - "resource_type": "securitygroupingress-ec2securitygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RevokeClusterSecurityGroupIngress.html" - }, - "RevokeEndpointAccess": { - "privilege": "RevokeEndpointAccess", - "description": "Grants permission to revoke access for endpoint related activities for redshift-managed vpc endpoint", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RevokeEndpointAccess.html" - }, - "RevokeSnapshotAccess": { - "privilege": "RevokeSnapshotAccess", - "description": "Grants permission to revoke access from the specified AWS account to restore a snapshot", - "access_level": "Permissions management", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RevokeSnapshotAccess.html" - }, - "RotateEncryptionKey": { - "privilege": "RotateEncryptionKey", - "description": "Grants permission to rotate an encryption key for a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RotateEncryptionKey.html" - }, - "UpdatePartnerStatus": { - "privilege": "UpdatePartnerStatus", - "description": "Grants permission to update the status of a partner integration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_UpdatePartnerStatus.html" - }, - "ViewQueriesFromConsole": { - "privilege": "ViewQueriesFromConsole", - "description": "Grants permission to view query results through the Amazon Redshift console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ViewQueriesInConsole": { - "privilege": "ViewQueriesInConsole", - "description": "Grants permission to terminate running queries and loads through the Amazon Redshift console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:cluster:${ClusterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "datashare": { - "resource": "datashare", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:datashare:${ProducerClusterNamespace}/${DataShareName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dbgroup": { - "resource": "dbgroup", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:dbgroup:${ClusterName}/${DbGroup}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dbname": { - "resource": "dbname", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:dbname:${ClusterName}/${DbName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dbuser": { - "resource": "dbuser", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:dbuser:${ClusterName}/${DbUser}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "eventsubscription": { - "resource": "eventsubscription", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:eventsubscription:${EventSubscriptionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "hsmclientcertificate": { - "resource": "hsmclientcertificate", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:hsmclientcertificate:${HSMClientCertificateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "hsmconfiguration": { - "resource": "hsmconfiguration", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:hsmconfiguration:${HSMConfigurationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "namespace": { - "resource": "namespace", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:namespace:${ProducerClusterNamespace}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "parametergroup": { - "resource": "parametergroup", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:parametergroup:${ParameterGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "securitygroup": { - "resource": "securitygroup", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:securitygroup:${SecurityGroupName}/ec2securitygroup/${Owner}/${Ec2SecurityGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "securitygroupingress-cidr": { - "resource": "securitygroupingress-cidr", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:securitygroupingress:${SecurityGroupName}/cidrip/${IpRange}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "securitygroupingress-ec2securitygroup": { - "resource": "securitygroupingress-ec2securitygroup", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:securitygroupingress:${SecurityGroupName}/ec2securitygroup/${Owner}/${Ece2SecuritygroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:snapshot:${ClusterName}/${SnapshotName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "snapshotcopygrant": { - "resource": "snapshotcopygrant", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:snapshotcopygrant:${SnapshotCopyGrantName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "snapshotschedule": { - "resource": "snapshotschedule", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:snapshotschedule:${ParameterGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "subnetgroup": { - "resource": "subnetgroup", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:subnetgroup:${SubnetGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "usagelimit": { - "resource": "usagelimit", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:usagelimit:${UsageLimitId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by actions based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by actions based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "redshift:ConsumerArn": { - "condition": "redshift:ConsumerArn", - "description": "Filters access by the datashare consumer arn", - "type": "String" - }, - "redshift:ConsumerIdentifier": { - "condition": "redshift:ConsumerIdentifier", - "description": "Filters access by the datashare consumer", - "type": "String" - }, - "redshift:DbName": { - "condition": "redshift:DbName", - "description": "Filters access by the database name", - "type": "String" - }, - "redshift:DbUser": { - "condition": "redshift:DbUser", - "description": "Filters access by the database user name", - "type": "String" - }, - "redshift:DurationSeconds": { - "condition": "redshift:DurationSeconds", - "description": "Filters access by the number of seconds until a temporary credential set expires", - "type": "String" - } - } - }, - "redshift-data": { - "service_name": "Amazon Redshift Data API", - "prefix": "redshift-data", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonredshiftdataapi.html", - "privileges": { - "BatchExecuteStatement": { - "privilege": "BatchExecuteStatement", - "description": "Grants permission to execute multiple queries under a single connection", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_BatchExecuteStatement.html" - }, - "CancelStatement": { - "privilege": "CancelStatement", - "description": "Grants permission to cancel a running query", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift-data:statement-owner-iam-userid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_CancelStatement.html" - }, - "DescribeStatement": { - "privilege": "DescribeStatement", - "description": "Grants permission to retrieve detailed information about a statement execution", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift-data:statement-owner-iam-userid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_DescribeStatement.html" - }, - "DescribeTable": { - "privilege": "DescribeTable", - "description": "Grants permission to retrieve metadata about a particular table", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_DescribeTable.html" - }, - "ExecuteStatement": { - "privilege": "ExecuteStatement", - "description": "Grants permission to execute a query", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ExecuteStatement.html" - }, - "GetStatementResult": { - "privilege": "GetStatementResult", - "description": "Grants permission to fetch the result of a query", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift-data:statement-owner-iam-userid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_GetStatementResult.html" - }, - "ListDatabases": { - "privilege": "ListDatabases", - "description": "Grants permission to list databases for a given cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListDatabases.html" - }, - "ListSchemas": { - "privilege": "ListSchemas", - "description": "Grants permission to list schemas for a given cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListSchemas.html" - }, - "ListStatements": { - "privilege": "ListStatements", - "description": "Grants permission to list queries for a given principal", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "redshift-data:statement-owner-iam-userid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListStatements.html" - }, - "ListTables": { - "privilege": "ListTables", - "description": "Grants permission to list tables for a given cluster", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListTables.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:redshift:${Region}:${Account}:cluster:${ClusterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workgroup": { - "resource": "workgroup", - "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:workgroup/${WorkgroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "redshift-data:statement-owner-iam-userid": { - "condition": "redshift-data:statement-owner-iam-userid", - "description": "Filters access by statement owner iam userid", - "type": "String" - } - } - }, - "redshift-serverless": { - "service_name": "Amazon Redshift Serverless", - "prefix": "redshift-serverless", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonredshiftserverless.html", - "privileges": { - "ConvertRecoveryPointToSnapshot": { - "privilege": "ConvertRecoveryPointToSnapshot", - "description": "Grants permission to convert a recovery point to a snapshot", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ConvertRecoveryPointToSnapshot.html" - }, - "CreateEndpointAccess": { - "privilege": "CreateEndpointAccess", - "description": "Grants permission to create an Amazon Redshift Serverless managed VPC endpoint", - "access_level": "Write", - "resource_types": { - "endpointAccess": { - "resource_type": "endpointAccess", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateEndpointAccess.html" - }, - "CreateNamespace": { - "privilege": "CreateNamespace", - "description": "Grants permission to create an Amazon Redshift Serverless namespace", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateNamespace.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to create a snapshot of all databases in a namespace", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateSnapshot.html" - }, - "CreateUsageLimit": { - "privilege": "CreateUsageLimit", - "description": "Grants permission to create a usage limit for a specified Amazon Redshift Serverless usage type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateUsageLimit.html" - }, - "CreateWorkgroup": { - "privilege": "CreateWorkgroup", - "description": "Grants permission to create a workgroup in Amazon Redshift Serverless", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateWorkgroup.html" - }, - "DeleteEndpointAccess": { - "privilege": "DeleteEndpointAccess", - "description": "Grants permission to delete an Amazon Redshift Serverless managed VPC endpoint", - "access_level": "Write", - "resource_types": { - "endpointAccess": { - "resource_type": "endpointAccess", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteEndpointAccess.html" - }, - "DeleteNamespace": { - "privilege": "DeleteNamespace", - "description": "Grants permission to delete a namespace from Amazon Redshift Serverless", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteNamespace.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete the specified resource policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteSnapshot": { - "privilege": "DeleteSnapshot", - "description": "Grants permission to delete a snapshot from Amazon Redshift Serverless", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteSnapshot.html" - }, - "DeleteUsageLimit": { - "privilege": "DeleteUsageLimit", - "description": "Grants permission to delete a usage limit from Amazon Redshift Serverless", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteUsageLimit.html" - }, - "DeleteWorkgroup": { - "privilege": "DeleteWorkgroup", - "description": "Grants permission to delete a workgroup", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteWorkgroup.html" - }, - "GetCredentials": { - "privilege": "GetCredentials", - "description": "Grants permission to get a database user name and temporary password with temporary authorization to log on to Amazon Redshift Serverless", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetCredentials.html" - }, - "GetEndpointAccess": { - "privilege": "GetEndpointAccess", - "description": "Grants permission to create an Amazon Redshift Serverless managed VPC endpoint", - "access_level": "Read", - "resource_types": { - "endpointAccess": { - "resource_type": "endpointAccess", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetEndpointAccess.html" - }, - "GetNamespace": { - "privilege": "GetNamespace", - "description": "Grants permission to get information about a namespace in Amazon Redshift Serverless", - "access_level": "Read", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetNamespace.html" - }, - "GetRecoveryPoint": { - "privilege": "GetRecoveryPoint", - "description": "Grants permission to get information about a recovery point", - "access_level": "Read", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetRecoveryPoint.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to get a resource policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetResourcePolicy.html" - }, - "GetSnapshot": { - "privilege": "GetSnapshot", - "description": "Grants permission to get information about a specific snapshot", - "access_level": "Read", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetSnapshot.html" - }, - "GetTableRestoreStatus": { - "privilege": "GetTableRestoreStatus", - "description": "Grants permission to get table restore status about a specific snapshot", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetTableRestoreStatus.html" - }, - "GetUsageLimit": { - "privilege": "GetUsageLimit", - "description": "Grants permission to get information about a usage limit in Amazon Redshift Serverless", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetUsageLimit.html" - }, - "GetWorkgroup": { - "privilege": "GetWorkgroup", - "description": "Grants permission to get information about a specific workgroup", - "access_level": "Read", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetWorkgroup.html" - }, - "ListEndpointAccess": { - "privilege": "ListEndpointAccess", - "description": "Grants permission to list EndpointAccess objects and relevant information", - "access_level": "List", - "resource_types": { - "endpointAccess": { - "resource_type": "endpointAccess", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListEndpointAccess.html" - }, - "ListNamespaces": { - "privilege": "ListNamespaces", - "description": "Grants permission to list namespaces in Amazon Redshift Serverless", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListNamespaces.html" - }, - "ListRecoveryPoints": { - "privilege": "ListRecoveryPoints", - "description": "Grants permission to list an array of recovery points", - "access_level": "List", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListRecoveryPoints.html" - }, - "ListSnapshots": { - "privilege": "ListSnapshots", - "description": "Grants permission to list snapshots", - "access_level": "List", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListSnapshots.html" - }, - "ListTableRestoreStatus": { - "privilege": "ListTableRestoreStatus", - "description": "Grants permission to list table restore status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListTableRestoreStatus.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags assigned to a resource", - "access_level": "List", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListTagsForResource.html" - }, - "ListUsageLimits": { - "privilege": "ListUsageLimits", - "description": "Grants permission to list all usage limits within Amazon Redshift Serverless", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListUsageLimits.html" - }, - "ListWorkgroups": { - "privilege": "ListWorkgroups", - "description": "Grants permission to list workgroups in Amazon Redshift Serverless", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListWorkgroups.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create or update a resource policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_PutResourcePolicy.html" - }, - "RestoreFromRecoveryPoint": { - "privilege": "RestoreFromRecoveryPoint", - "description": "Grants permission to restore the data from a recovery point", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_RestoreFromRecoveryPoint.html" - }, - "RestoreFromSnapshot": { - "privilege": "RestoreFromSnapshot", - "description": "Grants permission to restore a namespace from a snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_RestoreFromSnapshot.html" - }, - "RestoreTableFromSnapshot": { - "privilege": "RestoreTableFromSnapshot", - "description": "Grants permission to restore a table from a snapshot", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_RestoreTableFromSnapshot.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign one or more tags to a resource", - "access_level": "Tagging", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag or set of tags from a resource", - "access_level": "Tagging", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workgroup": { - "resource_type": "workgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UntagResource.html" - }, - "UpdateEndpointAccess": { - "privilege": "UpdateEndpointAccess", - "description": "Grants permission to update an Amazon Redshift Serverless managed VPC endpoint", - "access_level": "Write", - "resource_types": { - "endpointAccess": { - "resource_type": "endpointAccess", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateEndpointAccess.html" - }, - "UpdateNamespace": { - "privilege": "UpdateNamespace", - "description": "Grants permission to update a namespace with the specified configuration settings", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateNamespace.html" - }, - "UpdateSnapshot": { - "privilege": "UpdateSnapshot", - "description": "Grants permission to update a snapshot", - "access_level": "Write", - "resource_types": { - "snapshot": { - "resource_type": "snapshot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateSnapshot.html" - }, - "UpdateUsageLimit": { - "privilege": "UpdateUsageLimit", - "description": "Grants permission to update a usage limit in Amazon Redshift Serverless", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateUsageLimit.html" - }, - "UpdateWorkgroup": { - "privilege": "UpdateWorkgroup", - "description": "Grants permission to update an Amazon Redshift Serverless workgroup with the specified configuration settings", - "access_level": "Write", - "resource_types": { - "workgroup": { - "resource_type": "workgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateWorkgroup.html" - } - }, - "resources": { - "namespace": { - "resource": "namespace", - "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:namespace/${NamespaceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "snapshot": { - "resource": "snapshot", - "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:snapshot/${SnapshotId}", - "condition_keys": [] - }, - "workgroup": { - "resource": "workgroup", - "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:workgroup/${WorkgroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "recoveryPoint": { - "resource": "recoveryPoint", - "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:recoverypoint/${RecoveryPointId}", - "condition_keys": [] - }, - "endpointAccess": { - "resource": "endpointAccess", - "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:managedvpcendpoint/${EndpointAccessId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "redshift-serverless:endpointAccessId": { - "condition": "redshift-serverless:endpointAccessId", - "description": "Filters access by the endpoint access identifier", - "type": "String" - }, - "redshift-serverless:namespaceId": { - "condition": "redshift-serverless:namespaceId", - "description": "Filters access by the namespace identifier", - "type": "String" - }, - "redshift-serverless:recoveryPointId": { - "condition": "redshift-serverless:recoveryPointId", - "description": "Filters access by the recovery point identifier", - "type": "String" - }, - "redshift-serverless:snapshotId": { - "condition": "redshift-serverless:snapshotId", - "description": "Filters access by the snapshot identifier", - "type": "String" - }, - "redshift-serverless:tableRestoreRequestId": { - "condition": "redshift-serverless:tableRestoreRequestId", - "description": "Filters access by the table restore request identifier", - "type": "String" - }, - "redshift-serverless:workgroupId": { - "condition": "redshift-serverless:workgroupId", - "description": "Filters access by the workgroup identifier", - "type": "String" - } - } - }, - "rekognition": { - "service_name": "Amazon Rekognition", - "prefix": "rekognition", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrekognition.html", - "privileges": { - "AssociateFaces": { - "privilege": "AssociateFaces", - "description": "Grants permission to associate multiple individual faces with a single user", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_AssociateFaces.html" - }, - "CompareFaces": { - "privilege": "CompareFaces", - "description": "Grants permission to compare faces in the source input image with each face detected in the target input image", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CompareFaces.html" - }, - "CopyProjectVersion": { - "privilege": "CopyProjectVersion", - "description": "Grants permission to copy an existing model version to a new model version", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "projectversion": { - "resource_type": "projectversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CopyProjectVersion.html" - }, - "CreateCollection": { - "privilege": "CreateCollection", - "description": "Grants permission to create a collection in an AWS Region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateCollection.html" - }, - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Grants permission to create a new Amazon Rekognition Custom Labels dataset", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateDataset.html" - }, - "CreateFaceLivenessSession": { - "privilege": "CreateFaceLivenessSession", - "description": "Grants permission to create a face liveness session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateFaceLivenessSession.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create an Amazon Rekognition Custom Labels project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateProject.html" - }, - "CreateProjectVersion": { - "privilege": "CreateProjectVersion", - "description": "Grants permission to begin training a new version of a model", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateProjectVersion.html" - }, - "CreateStreamProcessor": { - "privilege": "CreateStreamProcessor", - "description": "Grants permission to create an Amazon Rekognition stream processor", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a new user in a collection using a unique user ID you provide", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateUser.html" - }, - "DeleteCollection": { - "privilege": "DeleteCollection", - "description": "Grants permission to delete the specified collection", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteCollection.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Grants permission to delete an existing Amazon Rekognition Custom Labels dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteDataset.html" - }, - "DeleteFaces": { - "privilege": "DeleteFaces", - "description": "Grants permission to delete faces from a collection", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteFaces.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteProject.html" - }, - "DeleteProjectPolicy": { - "privilege": "DeleteProjectPolicy", - "description": "Grants permission to delete a resource policy attached to a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteProjectPolicy.html" - }, - "DeleteProjectVersion": { - "privilege": "DeleteProjectVersion", - "description": "Grants permission to delete a model", - "access_level": "Write", - "resource_types": { - "projectversion": { - "resource_type": "projectversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteProjectVersion.html" - }, - "DeleteStreamProcessor": { - "privilege": "DeleteStreamProcessor", - "description": "Grants permission to delete the specified stream processor", - "access_level": "Write", - "resource_types": { - "streamprocessor": { - "resource_type": "streamprocessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteStreamProcessor.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user from a collection based on the provided user ID", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteUser.html" - }, - "DescribeCollection": { - "privilege": "DescribeCollection", - "description": "Grants permission to read details about a collection", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeCollection.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to describe an Amazon Rekognition Custom Labels dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeDataset.html" - }, - "DescribeProjectVersions": { - "privilege": "DescribeProjectVersions", - "description": "Grants permission to list the versions of a model in an Amazon Rekognition Custom Labels project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeProjectVersions.html" - }, - "DescribeProjects": { - "privilege": "DescribeProjects", - "description": "Grants permission to list Amazon Rekognition Custom Labels projects", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeProjects.html" - }, - "DescribeStreamProcessor": { - "privilege": "DescribeStreamProcessor", - "description": "Grants permission to get information about the specified stream processor", - "access_level": "Read", - "resource_types": { - "streamprocessor": { - "resource_type": "streamprocessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeStreamProcessor.html" - }, - "DetectCustomLabels": { - "privilege": "DetectCustomLabels", - "description": "Grants permission to detect custom labels in a supplied image", - "access_level": "Read", - "resource_types": { - "projectversion": { - "resource_type": "projectversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectCustomLabels.html" - }, - "DetectFaces": { - "privilege": "DetectFaces", - "description": "Grants permission to detect human faces within an image provided as input", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectFaces.html" - }, - "DetectLabels": { - "privilege": "DetectLabels", - "description": "Grants permission to detect instances of real-world labels within an image provided as input", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectLabels.html" - }, - "DetectModerationLabels": { - "privilege": "DetectModerationLabels", - "description": "Grants permission to detect moderation labels within the input image", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectModerationLabels.html" - }, - "DetectProtectiveEquipment": { - "privilege": "DetectProtectiveEquipment", - "description": "Grants permission to detect Personal Protective Equipment in the input image", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectProtectiveEquipment.html" - }, - "DetectText": { - "privilege": "DetectText", - "description": "Grants permission to detect text in the input image and convert it into machine-readable text", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectText.html" - }, - "DisassociateFaces": { - "privilege": "DisassociateFaces", - "description": "Grants permission to remove the association between a user ID and a face ID", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DisassociateFaces.html" - }, - "DistributeDatasetEntries": { - "privilege": "DistributeDatasetEntries", - "description": "Grants permission to distribute the entries in a training dataset across the training dataset and the test dataset for a project", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DistributeDatasetEntries.html" - }, - "GetCelebrityInfo": { - "privilege": "GetCelebrityInfo", - "description": "Grants permission to read the name, and additional information, of a celebrity", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetCelebrityInfo.html" - }, - "GetCelebrityRecognition": { - "privilege": "GetCelebrityRecognition", - "description": "Grants permission to read the celebrity recognition results found in a stored video by an asynchronous celebrity recognition job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetCelebrityRecognition.html" - }, - "GetContentModeration": { - "privilege": "GetContentModeration", - "description": "Grants permission to read the content moderation analysis results found in a stored video by an asynchronous content moderation job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetContentModeration.html" - }, - "GetFaceDetection": { - "privilege": "GetFaceDetection", - "description": "Grants permission to read the faces detection results found in a stored video by an asynchronous face detection job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetFaceDetection.html" - }, - "GetFaceLivenessSessionResults": { - "privilege": "GetFaceLivenessSessionResults", - "description": "Grants permission to get results of a face liveness session", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetFaceLivenessSessionResults.html" - }, - "GetFaceSearch": { - "privilege": "GetFaceSearch", - "description": "Grants permission to read the matching collection faces found in a stored video by an asynchronous face search job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetFaceSearch.html" - }, - "GetLabelDetection": { - "privilege": "GetLabelDetection", - "description": "Grants permission to read the label detected resuls found in a stored video by an asynchronous label detection job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetLabelDetection.html" - }, - "GetPersonTracking": { - "privilege": "GetPersonTracking", - "description": "Grants permission to read the list of persons detected in a stored video by an asynchronous person tracking job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetPersonTracking.html" - }, - "GetSegmentDetection": { - "privilege": "GetSegmentDetection", - "description": "Grants permission to get the vdeo segments found in a stored video by an asynchronous segment detection job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetSegmentDetection.html" - }, - "GetTextDetection": { - "privilege": "GetTextDetection", - "description": "Grants permission to get the text found in a stored video by an asynchronous text detection job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetTextDetection.html" - }, - "IndexFaces": { - "privilege": "IndexFaces", - "description": "Grants permission to update an existing collection with faces detected in the input image", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_IndexFaces.html" - }, - "ListCollections": { - "privilege": "ListCollections", - "description": "Grants permission to read the collection Id's in your account", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListCollections.html" - }, - "ListDatasetEntries": { - "privilege": "ListDatasetEntries", - "description": "Grants permission to list the dataset entries in an existing Amazon Rekognition Custom Labels dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListDatasetEntries.html" - }, - "ListDatasetLabels": { - "privilege": "ListDatasetLabels", - "description": "Grants permission to list the labels in a dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListDatasetLabels.html" - }, - "ListFaces": { - "privilege": "ListFaces", - "description": "Grants permission to read metadata for faces in the specificed collection", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListFaces.html" - }, - "ListProjectPolicies": { - "privilege": "ListProjectPolicies", - "description": "Grants permission to list the resource policies attached to a project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListProjectPolicies.html" - }, - "ListStreamProcessors": { - "privilege": "ListStreamProcessors", - "description": "Grants permission to get a list of your stream processors", - "access_level": "List", - "resource_types": { - "streamprocessor": { - "resource_type": "streamprocessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListStreamProcessors.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return a list of tags associated with a resource", - "access_level": "Read", - "resource_types": { - "projectversion": { - "resource_type": "projectversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListTagsForResource.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list UserIds and the UserStatus", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListUsers.html" - }, - "PutProjectPolicy": { - "privilege": "PutProjectPolicy", - "description": "Grants permission to attach a resource policy to a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_PutProjectPolicy.html" - }, - "RecognizeCelebrities": { - "privilege": "RecognizeCelebrities", - "description": "Grants permission to detect celebrities in the input image", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RecognizeCelebrities.html" - }, - "SearchFaces": { - "privilege": "SearchFaces", - "description": "Grants permission to search the specificed collection for the supplied face ID", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchFaces.html" - }, - "SearchFacesByImage": { - "privilege": "SearchFacesByImage", - "description": "Grants permission to search the specificed collection for the largest face in the input image", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchFacesByImage.html" - }, - "SearchUsers": { - "privilege": "SearchUsers", - "description": "Grants permission to search the specificed collection for user match result with given either face ID or user ID", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchUsers.html" - }, - "SearchUsersByImage": { - "privilege": "SearchUsersByImage", - "description": "Grants permission to search the specificed collection for user match result by using the largest face in the input image", - "access_level": "Read", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchUsersByImage.html" - }, - "StartCelebrityRecognition": { - "privilege": "StartCelebrityRecognition", - "description": "Grants permission to start the asynchronous recognition of celebrities in a stored video", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartCelebrityRecognition.html" - }, - "StartContentModeration": { - "privilege": "StartContentModeration", - "description": "Grants permission to start asynchronous detection of explicit or suggestive adult content in a stored video", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartContentModeration.html" - }, - "StartFaceDetection": { - "privilege": "StartFaceDetection", - "description": "Grants permission to start asynchronous detection of faces in a stored video", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartFaceDetection.html" - }, - "StartFaceLivenessSession": { - "privilege": "StartFaceLivenessSession", - "description": "Grants permission to start streaming video for a face liveness session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_rekognitionstreaming_StartFaceLivenessSession.html" - }, - "StartFaceSearch": { - "privilege": "StartFaceSearch", - "description": "Grants permission to start an asynchronous search for faces in a collection that match the faces of persons detected in a stored video", - "access_level": "Write", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartFaceSearch.html" - }, - "StartLabelDetection": { - "privilege": "StartLabelDetection", - "description": "Grants permission to start asynchronous detection of labels in a stored video", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartLabelDetection.html" - }, - "StartPersonTracking": { - "privilege": "StartPersonTracking", - "description": "Grants permission to start the asynchronous tracking of persons in a stored video", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartPersonTracking.html" - }, - "StartProjectVersion": { - "privilege": "StartProjectVersion", - "description": "Grants permission to start running a model version", - "access_level": "Write", - "resource_types": { - "projectversion": { - "resource_type": "projectversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartProjectVersion.html" - }, - "StartSegmentDetection": { - "privilege": "StartSegmentDetection", - "description": "Grants permission to start the asynchronous detection of segments in a stored video", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartSegmentDetection.html" - }, - "StartStreamProcessor": { - "privilege": "StartStreamProcessor", - "description": "Grants permission to start running a stream processor", - "access_level": "Write", - "resource_types": { - "streamprocessor": { - "resource_type": "streamprocessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartStreamProcessor.html" - }, - "StartTextDetection": { - "privilege": "StartTextDetection", - "description": "Grants permission to start the asynchronous detection of text in a stored video", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartTextDetection.html" - }, - "StopProjectVersion": { - "privilege": "StopProjectVersion", - "description": "Grants permission to stop a running model version", - "access_level": "Write", - "resource_types": { - "projectversion": { - "resource_type": "projectversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StopProjectVersion.html" - }, - "StopStreamProcessor": { - "privilege": "StopStreamProcessor", - "description": "Grants permission to stop a running stream processor", - "access_level": "Write", - "resource_types": { - "streamprocessor": { - "resource_type": "streamprocessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StopStreamProcessor.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a resource", - "access_level": "Tagging", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "projectversion": { - "resource_type": "projectversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streamprocessor": { - "resource_type": "streamprocessor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a resource", - "access_level": "Tagging", - "resource_types": { - "collection": { - "resource_type": "collection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "projectversion": { - "resource_type": "projectversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "streamprocessor": { - "resource_type": "streamprocessor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_UntagResource.html" - }, - "UpdateDatasetEntries": { - "privilege": "UpdateDatasetEntries", - "description": "Grants permission to add or update one or more JSON Lines (entries) in a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_UpdateDatasetEntries.html" - }, - "UpdateStreamProcessor": { - "privilege": "UpdateStreamProcessor", - "description": "Grants permission to modify properties for a stream processor", - "access_level": "Write", - "resource_types": { - "streamprocessor": { - "resource_type": "streamprocessor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_UpdateStreamProcessor.html" - } - }, - "resources": { - "collection": { - "resource": "collection", - "arn": "arn:${Partition}:rekognition:${Region}:${Account}:collection/${CollectionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "streamprocessor": { - "resource": "streamprocessor", - "arn": "arn:${Partition}:rekognition:${Region}:${Account}:streamprocessor/${StreamprocessorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "project": { - "resource": "project", - "arn": "arn:${Partition}:rekognition:${Region}:${Account}:project/${ProjectName}/${CreationTimestamp}", - "condition_keys": [] - }, - "projectversion": { - "resource": "projectversion", - "arn": "arn:${Partition}:rekognition:${Region}:${Account}:project/${ProjectName}/version/${VersionName}/${CreationTimestamp}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dataset": { - "resource": "dataset", - "arn": "arn:${Partition}:rekognition:${Region}:${Account}:project/${ProjectName}/dataset/${DatasetType}/${CreationTimestamp}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "tag": { - "service_name": "Amazon Resource Group Tagging API", - "prefix": "tag", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonresourcegrouptaggingapi.html", - "privileges": { - "DescribeReportCreation": { - "privilege": "DescribeReportCreation", - "description": "Grants permission to describe the status of the StartReportCreation operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_DescribeReportCreation.html" - }, - "GetComplianceSummary": { - "privilege": "GetComplianceSummary", - "description": "Grants permission to retrieve a summary of how many resources are noncompliant with their effective tag policies", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetComplianceSummary.html" - }, - "GetResources": { - "privilege": "GetResources", - "description": "Grants permission to return tagged or previously tagged resources in the specified AWS Region for the calling account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetResources.html" - }, - "GetTagKeys": { - "privilege": "GetTagKeys", - "description": "Grants permission to returns tag keys currently in use in the specified AWS Region for the calling account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetTagKeys.html" - }, - "GetTagValues": { - "privilege": "GetTagValues", - "description": "Grants permission to return tag values for the specified key that are used in the specified AWS Region for the calling account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetTagValues.html" - }, - "StartReportCreation": { - "privilege": "StartReportCreation", - "description": "Grants permission to start generating a report listing all tagged resources in accounts across your organization, and whether each resource is compliant with the effective tag policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_StartReportCreation.html" - }, - "TagResources": { - "privilege": "TagResources", - "description": "Grants permission to apply one or more tags to the specified resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_TagResources.html" - }, - "UntagResources": { - "privilege": "UntagResources", - "description": "Grants permission to remove the specified tags from the specified resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_UntagResources.html" - } - }, - "resources": {}, - "conditions": {} - }, - "rhelkb": { - "service_name": "Amazon RHEL Knowledgebase Portal", - "prefix": "rhelkb", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrhelknowledgebaseportal.html", - "privileges": { - "GetRhelURL": { - "privilege": "GetRhelURL", - "description": "Grants permission to access the Red Hat Knowledgebase portal", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rhel.html" - } - }, - "resources": {}, - "conditions": {} - }, - "route53": { - "service_name": "Amazon Route 53", - "prefix": "route53", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53.html", - "privileges": { - "ActivateKeySigningKey": { - "privilege": "ActivateKeySigningKey", - "description": "Grants permission to activate a key-signing key so that it can be used for signing by DNSSEC", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ActivateKeySigningKey.html" - }, - "AssociateVPCWithHostedZone": { - "privilege": "AssociateVPCWithHostedZone", - "description": "Grants permission to associate an additional Amazon VPC with a private hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_AssociateVPCWithHostedZone.html" - }, - "ChangeCidrCollection": { - "privilege": "ChangeCidrCollection", - "description": "Grants permission to create or delete CIDR blocks within a CIDR collection", - "access_level": "Write", - "resource_types": { - "cidrcollection": { - "resource_type": "cidrcollection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeCidrCollection.html" - }, - "ChangeResourceRecordSets": { - "privilege": "ChangeResourceRecordSets", - "description": "Grants permission to create, update, or delete a record, which contains authoritative DNS information for a specified domain or subdomain name", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "route53:ChangeResourceRecordSetsNormalizedRecordNames", - "route53:ChangeResourceRecordSetsRecordTypes", - "route53:ChangeResourceRecordSetsActions" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeResourceRecordSets.html" - }, - "ChangeTagsForResource": { - "privilege": "ChangeTagsForResource", - "description": "Grants permission to add, edit, or delete tags for a health check or a hosted zone", - "access_level": "Tagging", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeTagsForResource.html" - }, - "CreateCidrCollection": { - "privilege": "CreateCidrCollection", - "description": "Grants permission to create a new CIDR collection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateCidrCollection.html" - }, - "CreateHealthCheck": { - "privilege": "CreateHealthCheck", - "description": "Grants permission to create a new health check, which monitors the health and performance of your web applications, web servers, and other resources", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateHealthCheck.html" - }, - "CreateHostedZone": { - "privilege": "CreateHostedZone", - "description": "Grants permission to create a public hosted zone, which you use to specify how the Domain Name System (DNS) routes traffic on the Internet for a domain, such as example.com, and its subdomains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateHostedZone.html" - }, - "CreateKeySigningKey": { - "privilege": "CreateKeySigningKey", - "description": "Grants permission to create a new key-signing key associated with a hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateKeySigningKey.html" - }, - "CreateQueryLoggingConfig": { - "privilege": "CreateQueryLoggingConfig", - "description": "Grants permission to create a configuration for DNS query logging", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateQueryLoggingConfig.html" - }, - "CreateReusableDelegationSet": { - "privilege": "CreateReusableDelegationSet", - "description": "Grants permission to create a delegation set (a group of four name servers) that can be reused by multiple hosted zones", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html" - }, - "CreateTrafficPolicy": { - "privilege": "CreateTrafficPolicy", - "description": "Grants permission to create a traffic policy, which you use to create multiple DNS records for one domain name (such as example.com) or one subdomain name (such as www.example.com)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicy.html" - }, - "CreateTrafficPolicyInstance": { - "privilege": "CreateTrafficPolicyInstance", - "description": "Grants permission to create records in a specified hosted zone based on the settings in a specified traffic policy version", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "trafficpolicy": { - "resource_type": "trafficpolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicyInstance.html" - }, - "CreateTrafficPolicyVersion": { - "privilege": "CreateTrafficPolicyVersion", - "description": "Grants permission to create a new version of an existing traffic policy", - "access_level": "Write", - "resource_types": { - "trafficpolicy": { - "resource_type": "trafficpolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicyVersion.html" - }, - "CreateVPCAssociationAuthorization": { - "privilege": "CreateVPCAssociationAuthorization", - "description": "Grants permission to authorize the AWS account that created a specified VPC to submit an AssociateVPCWithHostedZone request, which associates the VPC with a specified hosted zone that was created by a different account", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateVPCAssociationAuthorization.html" - }, - "DeactivateKeySigningKey": { - "privilege": "DeactivateKeySigningKey", - "description": "Grants permission to deactivate a key-signing key so that it will not be used for signing by DNSSEC", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeactivateKeySigningKey.html" - }, - "DeleteCidrCollection": { - "privilege": "DeleteCidrCollection", - "description": "Grants permission to delete a CIDR collection", - "access_level": "Write", - "resource_types": { - "cidrcollection": { - "resource_type": "cidrcollection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteCidrCollection.html" - }, - "DeleteHealthCheck": { - "privilege": "DeleteHealthCheck", - "description": "Grants permission to delete a health check", - "access_level": "Write", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteHealthCheck.html" - }, - "DeleteHostedZone": { - "privilege": "DeleteHostedZone", - "description": "Grants permission to delete a hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteHostedZone.html" - }, - "DeleteKeySigningKey": { - "privilege": "DeleteKeySigningKey", - "description": "Grants permission to delete a key-signing key", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteKeySigningKey.html" - }, - "DeleteQueryLoggingConfig": { - "privilege": "DeleteQueryLoggingConfig", - "description": "Grants permission to delete a configuration for DNS query logging", - "access_level": "Write", - "resource_types": { - "queryloggingconfig": { - "resource_type": "queryloggingconfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html" - }, - "DeleteReusableDelegationSet": { - "privilege": "DeleteReusableDelegationSet", - "description": "Grants permission to delete a reusable delegation set", - "access_level": "Write", - "resource_types": { - "delegationset": { - "resource_type": "delegationset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteReusableDelegationSet.html" - }, - "DeleteTrafficPolicy": { - "privilege": "DeleteTrafficPolicy", - "description": "Grants permission to delete a traffic policy", - "access_level": "Write", - "resource_types": { - "trafficpolicy": { - "resource_type": "trafficpolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html" - }, - "DeleteTrafficPolicyInstance": { - "privilege": "DeleteTrafficPolicyInstance", - "description": "Grants permission to delete a traffic policy instance and all the records that Route 53 created when you created the instance", - "access_level": "Write", - "resource_types": { - "trafficpolicyinstance": { - "resource_type": "trafficpolicyinstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicyInstance.html" - }, - "DeleteVPCAssociationAuthorization": { - "privilege": "DeleteVPCAssociationAuthorization", - "description": "Grants permission to remove authorization for associating an Amazon Virtual Private Cloud with a Route 53 private hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteVPCAssociationAuthorization.html" - }, - "DisableHostedZoneDNSSEC": { - "privilege": "DisableHostedZoneDNSSEC", - "description": "Grants permission to disable DNSSEC signing in a specific hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DisableHostedZoneDNSSEC.html" - }, - "DisassociateVPCFromHostedZone": { - "privilege": "DisassociateVPCFromHostedZone", - "description": "Grants permission to disassociate an Amazon Virtual Private Cloud from a Route 53 private hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DisassociateVPCFromHostedZone.html" - }, - "EnableHostedZoneDNSSEC": { - "privilege": "EnableHostedZoneDNSSEC", - "description": "Grants permission to enable DNSSEC signing in a specific hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_EnableHostedZoneDNSSEC.html" - }, - "GetAccountLimit": { - "privilege": "GetAccountLimit", - "description": "Grants permission to get the specified limit for the current account, for example, the maximum number of health checks that you can create using the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html" - }, - "GetChange": { - "privilege": "GetChange", - "description": "Grants permission to get the current status of a request to create, update, or delete one or more records", - "access_level": "List", - "resource_types": { - "change": { - "resource_type": "change", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetChange.html" - }, - "GetCheckerIpRanges": { - "privilege": "GetCheckerIpRanges", - "description": "Grants permission to get a list of the IP ranges that are used by Route 53 health checkers to check the health of your resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetCheckerIpRanges.html" - }, - "GetDNSSEC": { - "privilege": "GetDNSSEC", - "description": "Grants permission to get information about DNSSEC for a specific hosted zone, including the key-signing keys in the hosted zone", - "access_level": "Read", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetDNSSEC.html" - }, - "GetGeoLocation": { - "privilege": "GetGeoLocation", - "description": "Grants permission to get information about whether a specified geographic location is supported for Route 53 geolocation records", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetGeoLocation.html" - }, - "GetHealthCheck": { - "privilege": "GetHealthCheck", - "description": "Grants permission to get information about a specified health check", - "access_level": "Read", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheck.html" - }, - "GetHealthCheckCount": { - "privilege": "GetHealthCheckCount", - "description": "Grants permission to get the number of health checks that are associated with the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheckCount.html" - }, - "GetHealthCheckLastFailureReason": { - "privilege": "GetHealthCheckLastFailureReason", - "description": "Grants permission to get the reason that a specified health check failed most recently", - "access_level": "List", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheckLastFailureReason.html" - }, - "GetHealthCheckStatus": { - "privilege": "GetHealthCheckStatus", - "description": "Grants permission to get the status of a specified health check", - "access_level": "List", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheckStatus.html" - }, - "GetHostedZone": { - "privilege": "GetHostedZone", - "description": "Grants permission to get information about a specified hosted zone including the four name servers that Route 53 assigned to the hosted zone", - "access_level": "List", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHostedZone.html" - }, - "GetHostedZoneCount": { - "privilege": "GetHostedZoneCount", - "description": "Grants permission to get the number of hosted zones that are associated with the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHostedZoneCount.html" - }, - "GetHostedZoneLimit": { - "privilege": "GetHostedZoneLimit", - "description": "Grants permission to get the specified limit for a specified hosted zone", - "access_level": "Read", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHostedZoneLimit.html" - }, - "GetQueryLoggingConfig": { - "privilege": "GetQueryLoggingConfig", - "description": "Grants permission to get information about a specified configuration for DNS query logging", - "access_level": "Read", - "resource_types": { - "queryloggingconfig": { - "resource_type": "queryloggingconfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetQueryLoggingConfig.html" - }, - "GetReusableDelegationSet": { - "privilege": "GetReusableDelegationSet", - "description": "Grants permission to get information about a specified reusable delegation set, including the four name servers that are assigned to the delegation set", - "access_level": "List", - "resource_types": { - "delegationset": { - "resource_type": "delegationset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetReusableDelegationSet.html" - }, - "GetReusableDelegationSetLimit": { - "privilege": "GetReusableDelegationSetLimit", - "description": "Grants permission to get the maximum number of hosted zones that you can associate with the specified reusable delegation set", - "access_level": "Read", - "resource_types": { - "delegationset": { - "resource_type": "delegationset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetReusableDelegationSetLimit.html" - }, - "GetTrafficPolicy": { - "privilege": "GetTrafficPolicy", - "description": "Grants permission to get information about a specified traffic policy version", - "access_level": "Read", - "resource_types": { - "trafficpolicy": { - "resource_type": "trafficpolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicy.html" - }, - "GetTrafficPolicyInstance": { - "privilege": "GetTrafficPolicyInstance", - "description": "Grants permission to get information about a specified traffic policy instance", - "access_level": "Read", - "resource_types": { - "trafficpolicyinstance": { - "resource_type": "trafficpolicyinstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicyInstance.html" - }, - "GetTrafficPolicyInstanceCount": { - "privilege": "GetTrafficPolicyInstanceCount", - "description": "Grants permission to get the number of traffic policy instances that are associated with the current AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicyInstanceCount.html" - }, - "ListCidrBlocks": { - "privilege": "ListCidrBlocks", - "description": "Grants permission to get a list of the CIDR blocks within a specified CIDR collection", - "access_level": "List", - "resource_types": { - "cidrcollection": { - "resource_type": "cidrcollection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListCidrBlocks.html" - }, - "ListCidrCollections": { - "privilege": "ListCidrCollections", - "description": "Grants permission to get a list of the CIDR collections that are associated with the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListCidrCollections.html" - }, - "ListCidrLocations": { - "privilege": "ListCidrLocations", - "description": "Grants permission to get a list of the CIDR locations that belong to a specified CIDR collection", - "access_level": "List", - "resource_types": { - "cidrcollection": { - "resource_type": "cidrcollection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListCidrLocations.html" - }, - "ListGeoLocations": { - "privilege": "ListGeoLocations", - "description": "Grants permission to get a list of geographic locations that Route 53 supports for geolocation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListGeoLocations.html" - }, - "ListHealthChecks": { - "privilege": "ListHealthChecks", - "description": "Grants permission to get a list of the health checks that are associated with the current AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHealthChecks.html" - }, - "ListHostedZones": { - "privilege": "ListHostedZones", - "description": "Grants permission to get a list of the public and private hosted zones that are associated with the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHostedZones.html" - }, - "ListHostedZonesByName": { - "privilege": "ListHostedZonesByName", - "description": "Grants permission to get a list of your hosted zones in lexicographic order. Hosted zones are sorted by name with the labels reversed, for example, com.example.www", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHostedZonesByName.html" - }, - "ListHostedZonesByVPC": { - "privilege": "ListHostedZonesByVPC", - "description": "Grants permission to get a list of all the private hosted zones that a specified VPC is associated with", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHostedZonesByVPC.html" - }, - "ListQueryLoggingConfigs": { - "privilege": "ListQueryLoggingConfigs", - "description": "Grants permission to list the configurations for DNS query logging that are associated with the current AWS account or the configuration that is associated with a specified hosted zone", - "access_level": "List", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListQueryLoggingConfigs.html" - }, - "ListResourceRecordSets": { - "privilege": "ListResourceRecordSets", - "description": "Grants permission to list the records in a specified hosted zone", - "access_level": "List", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListResourceRecordSets.html" - }, - "ListReusableDelegationSets": { - "privilege": "ListReusableDelegationSets", - "description": "Grants permission to list the reusable delegation sets that are associated with the current AWS account.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListReusableDelegationSets.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for one health check or hosted zone", - "access_level": "Read", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hostedzone": { - "resource_type": "hostedzone", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTagsForResources": { - "privilege": "ListTagsForResources", - "description": "Grants permission to list tags for up to 10 health checks or hosted zones", - "access_level": "Read", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hostedzone": { - "resource_type": "hostedzone", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTagsForResources.html" - }, - "ListTrafficPolicies": { - "privilege": "ListTrafficPolicies", - "description": "Grants permission to get information about the latest version for every traffic policy that is associated with the current AWS account. Policies are listed in the order in which they were created", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicies.html" - }, - "ListTrafficPolicyInstances": { - "privilege": "ListTrafficPolicyInstances", - "description": "Grants permission to get information about the traffic policy instances that you created by using the current AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyInstances.html" - }, - "ListTrafficPolicyInstancesByHostedZone": { - "privilege": "ListTrafficPolicyInstancesByHostedZone", - "description": "Grants permission to get information about the traffic policy instances that you created in a specified hosted zone", - "access_level": "List", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyInstancesByHostedZone.html" - }, - "ListTrafficPolicyInstancesByPolicy": { - "privilege": "ListTrafficPolicyInstancesByPolicy", - "description": "Grants permission to get information about the traffic policy instances that you created using a specified traffic policy version", - "access_level": "List", - "resource_types": { - "trafficpolicy": { - "resource_type": "trafficpolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyInstancesByPolicy.html" - }, - "ListTrafficPolicyVersions": { - "privilege": "ListTrafficPolicyVersions", - "description": "Grants permission to get information about all the versions for a specified traffic policy", - "access_level": "List", - "resource_types": { - "trafficpolicy": { - "resource_type": "trafficpolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyVersions.html" - }, - "ListVPCAssociationAuthorizations": { - "privilege": "ListVPCAssociationAuthorizations", - "description": "Grants permission to get a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone", - "access_level": "List", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListVPCAssociationAuthorizations.html" - }, - "TestDNSAnswer": { - "privilege": "TestDNSAnswer", - "description": "Grants permission to get the value that Route 53 returns in response to a DNS query for a specified record name and type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_TestDNSAnswer.html" - }, - "UpdateHealthCheck": { - "privilege": "UpdateHealthCheck", - "description": "Grants permission to update an existing health check", - "access_level": "Write", - "resource_types": { - "healthcheck": { - "resource_type": "healthcheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html" - }, - "UpdateHostedZoneComment": { - "privilege": "UpdateHostedZoneComment", - "description": "Grants permission to update the comment for a specified hosted zone", - "access_level": "Write", - "resource_types": { - "hostedzone": { - "resource_type": "hostedzone", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHostedZoneComment.html" - }, - "UpdateTrafficPolicyComment": { - "privilege": "UpdateTrafficPolicyComment", - "description": "Grants permission to update the comment for a specified traffic policy version", - "access_level": "Write", - "resource_types": { - "trafficpolicy": { - "resource_type": "trafficpolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateTrafficPolicyComment.html" - }, - "UpdateTrafficPolicyInstance": { - "privilege": "UpdateTrafficPolicyInstance", - "description": "Grants permission to update the records in a specified hosted zone that were created based on the settings in a specified traffic policy version", - "access_level": "Write", - "resource_types": { - "trafficpolicyinstance": { - "resource_type": "trafficpolicyinstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateTrafficPolicyInstance.html" - } - }, - "resources": { - "cidrcollection": { - "resource": "cidrcollection", - "arn": "arn:${Partition}:route53:::cidrcollection/${Id}", - "condition_keys": [] - }, - "change": { - "resource": "change", - "arn": "arn:${Partition}:route53:::change/${Id}", - "condition_keys": [] - }, - "delegationset": { - "resource": "delegationset", - "arn": "arn:${Partition}:route53:::delegationset/${Id}", - "condition_keys": [] - }, - "healthcheck": { - "resource": "healthcheck", - "arn": "arn:${Partition}:route53:::healthcheck/${Id}", - "condition_keys": [] - }, - "hostedzone": { - "resource": "hostedzone", - "arn": "arn:${Partition}:route53:::hostedzone/${Id}", - "condition_keys": [] - }, - "trafficpolicy": { - "resource": "trafficpolicy", - "arn": "arn:${Partition}:route53:::trafficpolicy/${Id}", - "condition_keys": [] - }, - "trafficpolicyinstance": { - "resource": "trafficpolicyinstance", - "arn": "arn:${Partition}:route53:::trafficpolicyinstance/${Id}", - "condition_keys": [] - }, - "queryloggingconfig": { - "resource": "queryloggingconfig", - "arn": "arn:${Partition}:route53:::queryloggingconfig/${Id}", - "condition_keys": [] - }, - "vpc": { - "resource": "vpc", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc/${VpcId}", - "condition_keys": [] - } - }, - "conditions": { - "route53:ChangeResourceRecordSetsActions": { - "condition": "route53:ChangeResourceRecordSetsActions", - "description": "Filters access by the change actions, CREATE, UPSERT, or DELETE, in a ChangeResourceRecordSets request", - "type": "ArrayOfString" - }, - "route53:ChangeResourceRecordSetsNormalizedRecordNames": { - "condition": "route53:ChangeResourceRecordSetsNormalizedRecordNames", - "description": "Filters access by the normalized DNS record names in a ChangeResourceRecordSets request", - "type": "ArrayOfString" - }, - "route53:ChangeResourceRecordSetsRecordTypes": { - "condition": "route53:ChangeResourceRecordSetsRecordTypes", - "description": "Filters access by the DNS record types in a ChangeResourceRecordSets request", - "type": "ArrayOfString" - } - } - }, - "arc-zonal-shift": { - "service_name": "Amazon Route 53 Application Recovery Controller - Zonal Shift", - "prefix": "arc-zonal-shift", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53applicationrecoverycontroller-zonalshift.html", - "privileges": { - "CancelZonalShift": { - "privilege": "CancelZonalShift", - "description": "Grants permission to cancel an active zonal shift", - "access_level": "Write", - "resource_types": { - "ALB": { - "resource_type": "ALB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "NLB": { - "resource_type": "NLB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_CancelZonalShift.html" - }, - "GetManagedResource": { - "privilege": "GetManagedResource", - "description": "Grants permission to get information about a managed resource", - "access_level": "Read", - "resource_types": { - "ALB": { - "resource_type": "ALB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "NLB": { - "resource_type": "NLB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_GetManagedResource.html" - }, - "ListManagedResources": { - "privilege": "ListManagedResources", - "description": "Grants permission to list managed resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_ListManagedResources.html" - }, - "ListZonalShifts": { - "privilege": "ListZonalShifts", - "description": "Grants permission to list zonal shifts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_ListZonalShifts.html" - }, - "StartZonalShift": { - "privilege": "StartZonalShift", - "description": "Grants permission to start a zonal shift", - "access_level": "Write", - "resource_types": { - "ALB": { - "resource_type": "ALB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "NLB": { - "resource_type": "NLB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_StartZonalShift.html" - }, - "UpdateZonalShift": { - "privilege": "UpdateZonalShift", - "description": "Grants permission to update an existing zonal shift", - "access_level": "Write", - "resource_types": { - "ALB": { - "resource_type": "ALB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "NLB": { - "resource_type": "NLB", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_UpdateZonalShift.html" - } - }, - "resources": { - "ALB": { - "resource": "ALB", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "NLB": { - "resource": "NLB", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/net/${LoadBalancerName}/${LoadBalancerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the managed resource", - "type": "String" - }, - "elasticloadbalancing:ResourceTag/${TagKey}": { - "condition": "elasticloadbalancing:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the managed resource", - "type": "String" - } - } - }, - "route53domains": { - "service_name": "Amazon Route 53 Domains", - "prefix": "route53domains", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53domains.html", - "privileges": { - "AcceptDomainTransferFromAnotherAwsAccount": { - "privilege": "AcceptDomainTransferFromAnotherAwsAccount", - "description": "Grants permission to accept the transfer of a domain from another AWS account to the current AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AcceptDomainTransferFromAnotherAwsAccount.html" - }, - "AssociateDelegationSignerToDomain": { - "privilege": "AssociateDelegationSignerToDomain", - "description": "Grants permission to associate a new delegation signer to a domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AssociateDelegationSignerToDomain.html" - }, - "CancelDomainTransferToAnotherAwsAccount": { - "privilege": "CancelDomainTransferToAnotherAwsAccount", - "description": "Grants permission to cancel the transfer of a domain from the current AWS account to another AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_CancelDomainTransferToAnotherAwsAccount.html" - }, - "CheckDomainAvailability": { - "privilege": "CheckDomainAvailability", - "description": "Grants permission to check the availability of one domain name", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_CheckDomainAvailability.html" - }, - "CheckDomainTransferability": { - "privilege": "CheckDomainTransferability", - "description": "Grants permission to check whether a domain name can be transferred to Amazon Route 53", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_CheckDomainTransferability.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DeleteDomain.html" - }, - "DeleteTagsForDomain": { - "privilege": "DeleteTagsForDomain", - "description": "Grants permission to delete the specified tags for a domain", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DeleteTagsForDomain.html" - }, - "DisableDomainAutoRenew": { - "privilege": "DisableDomainAutoRenew", - "description": "Grants permission to configure Amazon Route 53 to automatically renew the specified domain before the domain registration expires", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisableDomainAutoRenew.html" - }, - "DisableDomainTransferLock": { - "privilege": "DisableDomainTransferLock", - "description": "Grants permission to remove the transfer lock on the domain (specifically the clientTransferProhibited status) to allow domain transfers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisableDomainTransferLock.html" - }, - "DisassociateDelegationSignerFromDomain": { - "privilege": "DisassociateDelegationSignerFromDomain", - "description": "Grants permission to disassociate an existing delegation signer from a domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisassociateDelegationSignerFromDomain.html" - }, - "EnableDomainAutoRenew": { - "privilege": "EnableDomainAutoRenew", - "description": "Grants permission to configure Amazon Route 53 to automatically renew the specified domain before the domain registration expires", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisableDomainAutoRenew.html" - }, - "EnableDomainTransferLock": { - "privilege": "EnableDomainTransferLock", - "description": "Grants permission to set the transfer lock on the domain (specifically the clientTransferProhibited status) to prevent domain transfers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_EnableDomainTransferLock.html" - }, - "GetContactReachabilityStatus": { - "privilege": "GetContactReachabilityStatus", - "description": "Grants permission to get information about whether the registrant contact has responded for operations that require confirmation that the email address for the registrant contact is valid, such as registering a new domain", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetContactReachabilityStatus.html" - }, - "GetDomainDetail": { - "privilege": "GetDomainDetail", - "description": "Grants permission to get detailed information about a domain", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetDomainDetail.html" - }, - "GetDomainSuggestions": { - "privilege": "GetDomainSuggestions", - "description": "Grants permission to get a list of suggested domain names given a string, which can either be a domain name or simply a word or phrase (without spaces)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetDomainSuggestions.html" - }, - "GetOperationDetail": { - "privilege": "GetOperationDetail", - "description": "Grants permission to get the current status of an operation that is not completed", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetOperationDetail.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list all the domain names registered with Amazon Route 53 for the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListDomains.html" - }, - "ListOperations": { - "privilege": "ListOperations", - "description": "Grants permission to list the operation IDs of operations that are not yet complete", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListOperations.html" - }, - "ListPrices": { - "privilege": "ListPrices", - "description": "Grants permission to list the prices of operations for TLDs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListPrices.html" - }, - "ListTagsForDomain": { - "privilege": "ListTagsForDomain", - "description": "Grants permission to list all the tags that are associated with the specified domain", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListTagsForDomain.html" - }, - "PushDomain": { - "privilege": "PushDomain", - "description": "Grants permission to change the IPS tag of .uk domain to initiate a transfer process from Route 53 to another registrar", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_PushDomain.html" - }, - "RegisterDomain": { - "privilege": "RegisterDomain", - "description": "Grants permission to register domains", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RegisterDomain.html" - }, - "RejectDomainTransferFromAnotherAwsAccount": { - "privilege": "RejectDomainTransferFromAnotherAwsAccount", - "description": "Grants permission to reject the transfer of a domain from another AWS account to the current AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RejectDomainTransferFromAnotherAwsAccount.html" - }, - "RenewDomain": { - "privilege": "RenewDomain", - "description": "Grants permission to renew domains for the specified number of years", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RenewDomain.html" - }, - "ResendContactReachabilityEmail": { - "privilege": "ResendContactReachabilityEmail", - "description": "Grants permission to resend the confirmation email to the current email address for the registrant contact for operations that require confirmation that the email address for the registrant contact is valid, such as registering a new domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ResendContactReachabilityEmail.html" - }, - "ResendOperationAuthorization": { - "privilege": "ResendOperationAuthorization", - "description": "Grants permission to resend the operation authorization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ResendOperationAuthorization.html" - }, - "RetrieveDomainAuthCode": { - "privilege": "RetrieveDomainAuthCode", - "description": "Grants permission to get the AuthCode for the domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RetrieveDomainAuthCode.html" - }, - "TransferDomain": { - "privilege": "TransferDomain", - "description": "Grants permission to transfer a domain from another registrar to Amazon Route 53", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_TransferDomain.html" - }, - "TransferDomainToAnotherAwsAccount": { - "privilege": "TransferDomainToAnotherAwsAccount", - "description": "Grants permission to transfer a domain from the current AWS account to another AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_TransferDomainToAnotherAwsAccount.html" - }, - "UpdateDomainContact": { - "privilege": "UpdateDomainContact", - "description": "Grants permission to update the contact information for domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateDomainContact.html" - }, - "UpdateDomainContactPrivacy": { - "privilege": "UpdateDomainContactPrivacy", - "description": "Grants permission to update the domain contact privacy setting", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateDomainContactPrivacy.html" - }, - "UpdateDomainNameservers": { - "privilege": "UpdateDomainNameservers", - "description": "Grants permission to replace the current set of name servers for a domain with the specified set of name servers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateDomainNameservers.html" - }, - "UpdateTagsForDomain": { - "privilege": "UpdateTagsForDomain", - "description": "Grants permission to add or update tags for a specified domain", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateTagsForDomain.html" - }, - "ViewBilling": { - "privilege": "ViewBilling", - "description": "Grants permission to get all the domain-related billing records for the current AWS account for a specified period", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ViewBilling.html" - } - }, - "resources": {}, - "conditions": {} - }, - "route53-recovery-cluster": { - "service_name": "Amazon Route 53 Recovery Cluster", - "prefix": "route53-recovery-cluster", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53recoverycluster.html", - "privileges": { - "GetRoutingControlState": { - "privilege": "GetRoutingControlState", - "description": "Grants permission to get a routing control state", - "access_level": "Read", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_GetRoutingControlState.html" - }, - "ListRoutingControls": { - "privilege": "ListRoutingControls", - "description": "Grants permission to list routing controls", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_ListRoutingControls.html" - }, - "UpdateRoutingControlState": { - "privilege": "UpdateRoutingControlState", - "description": "Grants permission to update a routing control state", - "access_level": "Write", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "route53-recovery-cluster:AllowSafetyRulesOverrides" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_UpdateRoutingControlState.html" - }, - "UpdateRoutingControlStates": { - "privilege": "UpdateRoutingControlStates", - "description": "Grants permission to update a batch of routing control states", - "access_level": "Write", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "route53-recovery-cluster:AllowSafetyRulesOverrides" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_UpdateRoutingControlStates.html" - } - }, - "resources": { - "routingcontrol": { - "resource": "routingcontrol", - "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}/routingcontrol/${RoutingControlId}", - "condition_keys": [] - } - }, - "conditions": { - "route53-recovery-cluster:AllowSafetyRulesOverrides": { - "condition": "route53-recovery-cluster:AllowSafetyRulesOverrides", - "description": "Override safety rules to allow routing control state updates", - "type": "Bool" - } - } - }, - "route53-recovery-control-config": { - "service_name": "Amazon Route 53 Recovery Controls", - "prefix": "route53-recovery-control-config", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53recoverycontrols.html", - "privileges": { - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster.html" - }, - "CreateControlPanel": { - "privilege": "CreateControlPanel", - "description": "Grants permission to create a control panel", - "access_level": "Write", - "resource_types": { - "controlpanel": { - "resource_type": "controlpanel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel.html" - }, - "CreateRoutingControl": { - "privilege": "CreateRoutingControl", - "description": "Grants permission to create a routing control", - "access_level": "Write", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol.html" - }, - "CreateSafetyRule": { - "privilege": "CreateSafetyRule", - "description": "Grants permission to create a safety rule", - "access_level": "Write", - "resource_types": { - "safetyrule": { - "resource_type": "safetyrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Grants permission to delete a cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster-clusterarn.html" - }, - "DeleteControlPanel": { - "privilege": "DeleteControlPanel", - "description": "Grants permission to delete a control panel", - "access_level": "Write", - "resource_types": { - "controlpanel": { - "resource_type": "controlpanel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn.html" - }, - "DeleteRoutingControl": { - "privilege": "DeleteRoutingControl", - "description": "Grants permission to delete a routing control", - "access_level": "Write", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn.html" - }, - "DeleteSafetyRule": { - "privilege": "DeleteSafetyRule", - "description": "Grants permission to delete a safety rule", - "access_level": "Write", - "resource_types": { - "safetyrule": { - "resource_type": "safetyrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule-safetyrulearn.html" - }, - "DescribeCluster": { - "privilege": "DescribeCluster", - "description": "Grants permission to describe a cluster", - "access_level": "Read", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster-clusterarn.html" - }, - "DescribeControlPanel": { - "privilege": "DescribeControlPanel", - "description": "Grants permission to describe a control panel", - "access_level": "Read", - "resource_types": { - "controlpanel": { - "resource_type": "controlpanel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn.html" - }, - "DescribeRoutingControl": { - "privilege": "DescribeRoutingControl", - "description": "Grants permission to describe a routing control", - "access_level": "Read", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn.html" - }, - "DescribeRoutingControlByName": { - "privilege": "DescribeRoutingControlByName", - "description": "Grants permission to describe a routing control", - "access_level": "Read", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn.html" - }, - "DescribeSafetyRule": { - "privilege": "DescribeSafetyRule", - "description": "Grants permission to describe a safety rule", - "access_level": "Read", - "resource_types": { - "safetyrule": { - "resource_type": "safetyrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule-safetyrulearn.html" - }, - "ListAssociatedRoute53HealthChecks": { - "privilege": "ListAssociatedRoute53HealthChecks", - "description": "Grants permission to list associated Route 53 health checks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn-associatedroute53healthchecks.html" - }, - "ListClusters": { - "privilege": "ListClusters", - "description": "Grants permission to list clusters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster.html" - }, - "ListControlPanels": { - "privilege": "ListControlPanels", - "description": "Grants permission to list control panels", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanels.html" - }, - "ListRoutingControls": { - "privilege": "ListRoutingControls", - "description": "Grants permission to list routing controls", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn-routingcontrols.html" - }, - "ListSafetyRules": { - "privilege": "ListSafetyRules", - "description": "Grants permission to list safety rules", - "access_level": "Read", - "resource_types": { - "controlpanel": { - "resource_type": "controlpanel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn-safetyrules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/tags-resource-arn.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "controlpanel": { - "resource_type": "controlpanel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "safetyrule": { - "resource_type": "safetyrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/tags-resource-arn.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "controlpanel": { - "resource_type": "controlpanel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "safetyrule": { - "resource_type": "safetyrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/tags-resource-arn.html" - }, - "UpdateControlPanel": { - "privilege": "UpdateControlPanel", - "description": "Grants permission to update a cluster", - "access_level": "Write", - "resource_types": { - "controlpanel": { - "resource_type": "controlpanel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel.html" - }, - "UpdateRoutingControl": { - "privilege": "UpdateRoutingControl", - "description": "Grants permission to update a routing control", - "access_level": "Write", - "resource_types": { - "routingcontrol": { - "resource_type": "routingcontrol", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn-routingcontrols.html" - }, - "UpdateSafetyRule": { - "privilege": "UpdateSafetyRule", - "description": "Grants permission to update a safety rule", - "access_level": "Write", - "resource_types": { - "safetyrule": { - "resource_type": "safetyrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule.html" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:route53-recovery-control::${Account}:cluster/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "controlpanel": { - "resource": "controlpanel", - "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "routingcontrol": { - "resource": "routingcontrol", - "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}/routingcontrol/${RoutingControlId}", - "condition_keys": [] - }, - "safetyrule": { - "resource": "safetyrule", - "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}/safetyrule/${SafetyRuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the presence of tag keys in the request", - "type": "String" - } - } - }, - "route53-recovery-readiness": { - "service_name": "Amazon Route 53 Recovery Readiness", - "prefix": "route53-recovery-readiness", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53recoveryreadiness.html", - "privileges": { - "CreateCell": { - "privilege": "CreateCell", - "description": "Grants permission to create a new cell", - "access_level": "Write", - "resource_types": { - "cell": { - "resource_type": "cell", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells.html" - }, - "CreateCrossAccountAuthorization": { - "privilege": "CreateCrossAccountAuthorization", - "description": "Grants permission to create a cross account authorization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/crossaccountauthorizations.html" - }, - "CreateReadinessCheck": { - "privilege": "CreateReadinessCheck", - "description": "Grants permission to create a readiness check", - "access_level": "Write", - "resource_types": { - "readinesscheck": { - "resource_type": "readinesscheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks.html" - }, - "CreateRecoveryGroup": { - "privilege": "CreateRecoveryGroup", - "description": "Grants permission to create a recovery group", - "access_level": "Write", - "resource_types": { - "recoverygroup": { - "resource_type": "recoverygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups.html" - }, - "CreateResourceSet": { - "privilege": "CreateResourceSet", - "description": "Grants permission to create a resource set", - "access_level": "Write", - "resource_types": { - "resourceset": { - "resource_type": "resourceset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets.html" - }, - "DeleteCell": { - "privilege": "DeleteCell", - "description": "Grants permission to delete a cell", - "access_level": "Write", - "resource_types": { - "cell": { - "resource_type": "cell", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells-cellname.html" - }, - "DeleteCrossAccountAuthorization": { - "privilege": "DeleteCrossAccountAuthorization", - "description": "Grants permission to delete a cross account authorization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/crossaccountauthorizations-crossaccountauthorization.html" - }, - "DeleteReadinessCheck": { - "privilege": "DeleteReadinessCheck", - "description": "Grants permission to delete a readiness check", - "access_level": "Write", - "resource_types": { - "readinesscheck": { - "resource_type": "readinesscheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname.html" - }, - "DeleteRecoveryGroup": { - "privilege": "DeleteRecoveryGroup", - "description": "Grants permission to delete a recovery group", - "access_level": "Write", - "resource_types": { - "recoverygroup": { - "resource_type": "recoverygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname.html" - }, - "DeleteResourceSet": { - "privilege": "DeleteResourceSet", - "description": "Grants permission to delete a resource set", - "access_level": "Write", - "resource_types": { - "resourceset": { - "resource_type": "resourceset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets-resourcesetname.html" - }, - "GetArchitectureRecommendations": { - "privilege": "GetArchitectureRecommendations", - "description": "Grants permission to get architecture recommendations for a recovery group", - "access_level": "Read", - "resource_types": { - "recoverygroup": { - "resource_type": "recoverygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname-architecturerecommendations.html" - }, - "GetCell": { - "privilege": "GetCell", - "description": "Grants permission to get information about a cell", - "access_level": "Read", - "resource_types": { - "cell": { - "resource_type": "cell", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells-cellname.html" - }, - "GetCellReadinessSummary": { - "privilege": "GetCellReadinessSummary", - "description": "Grants permission to get a readiness summary for a cell", - "access_level": "Read", - "resource_types": { - "cell": { - "resource_type": "cell", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cellreadiness-cellname.html" - }, - "GetReadinessCheck": { - "privilege": "GetReadinessCheck", - "description": "Grants permission to get information about a readiness check", - "access_level": "Read", - "resource_types": { - "readinesscheck": { - "resource_type": "readinesscheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname.html" - }, - "GetReadinessCheckResourceStatus": { - "privilege": "GetReadinessCheckResourceStatus", - "description": "Grants permission to get the readiness status for an individual resource", - "access_level": "Read", - "resource_types": { - "readinesscheck": { - "resource_type": "readinesscheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname-resource-resourceidentifier-status.html" - }, - "GetReadinessCheckStatus": { - "privilege": "GetReadinessCheckStatus", - "description": "Grants permission to get the status of a readiness check (for a resource set)", - "access_level": "Read", - "resource_types": { - "readinesscheck": { - "resource_type": "readinesscheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname-status.html" - }, - "GetRecoveryGroup": { - "privilege": "GetRecoveryGroup", - "description": "Grants permission to get information about a recovery group", - "access_level": "Read", - "resource_types": { - "recoverygroup": { - "resource_type": "recoverygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname.html" - }, - "GetRecoveryGroupReadinessSummary": { - "privilege": "GetRecoveryGroupReadinessSummary", - "description": "Grants permission to get a readiness summary for a recovery group", - "access_level": "Read", - "resource_types": { - "recoverygroup": { - "resource_type": "recoverygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroupreadiness-recoverygroupname.html" - }, - "GetResourceSet": { - "privilege": "GetResourceSet", - "description": "Grants permission to get information about a resource set", - "access_level": "Read", - "resource_types": { - "resourceset": { - "resource_type": "resourceset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets-resourcesetname.html" - }, - "ListCells": { - "privilege": "ListCells", - "description": "Grants permission to list cells", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells.html" - }, - "ListCrossAccountAuthorizations": { - "privilege": "ListCrossAccountAuthorizations", - "description": "Grants permission to list cross account authorizations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/crossaccountauthorizations.html" - }, - "ListReadinessChecks": { - "privilege": "ListReadinessChecks", - "description": "Grants permission to list readiness checks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks.html" - }, - "ListRecoveryGroups": { - "privilege": "ListRecoveryGroups", - "description": "Grants permission to list recovery groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups.html" - }, - "ListResourceSets": { - "privilege": "ListResourceSets", - "description": "Grants permission to list resource sets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets.html" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to list readiness rules", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/rules.html" - }, - "ListTagsForResources": { - "privilege": "ListTagsForResources", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/tags-resource-arn.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a tag to a resource", - "access_level": "Tagging", - "resource_types": { - "cell": { - "resource_type": "cell", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "readinesscheck": { - "resource_type": "readinesscheck", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "recoverygroup": { - "resource_type": "recoverygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resourceset": { - "resource_type": "resourceset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/tags-resource-arn.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a resource", - "access_level": "Tagging", - "resource_types": { - "cell": { - "resource_type": "cell", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "readinesscheck": { - "resource_type": "readinesscheck", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "recoverygroup": { - "resource_type": "recoverygroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resourceset": { - "resource_type": "resourceset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/tags-resource-arn.html" - }, - "UpdateCell": { - "privilege": "UpdateCell", - "description": "Grants permission to update a cell", - "access_level": "Write", - "resource_types": { - "cell": { - "resource_type": "cell", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells-cellname.html" - }, - "UpdateReadinessCheck": { - "privilege": "UpdateReadinessCheck", - "description": "Grants permission to update a readiness check", - "access_level": "Write", - "resource_types": { - "readinesscheck": { - "resource_type": "readinesscheck", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname.html" - }, - "UpdateRecoveryGroup": { - "privilege": "UpdateRecoveryGroup", - "description": "Grants permission to update a recovery group", - "access_level": "Write", - "resource_types": { - "recoverygroup": { - "resource_type": "recoverygroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname.html" - }, - "UpdateResourceSet": { - "privilege": "UpdateResourceSet", - "description": "Grants permission to update a resource set", - "access_level": "Write", - "resource_types": { - "resourceset": { - "resource_type": "resourceset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets-resourcesetname.html" - } - }, - "resources": { - "readinesscheck": { - "resource": "readinesscheck", - "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:readiness-check/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resourceset": { - "resource": "resourceset", - "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:resource-set/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "cell": { - "resource": "cell", - "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:cell/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "recoverygroup": { - "resource": "recoverygroup", - "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:recovery-group/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "route53resolver": { - "service_name": "Amazon Route 53 Resolver", - "prefix": "route53resolver", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53resolver.html", - "privileges": { - "AssociateFirewallRuleGroup": { - "privilege": "AssociateFirewallRuleGroup", - "description": "Grants permission to associate an Amazon VPC with a specified firewall rule group", - "access_level": "Write", - "resource_types": { - "firewall-rule-group-association": { - "resource_type": "firewall-rule-group-association", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateFirewallRuleGroup.html" - }, - "AssociateResolverEndpointIpAddress": { - "privilege": "AssociateResolverEndpointIpAddress", - "description": "Grants permission to associate a specified IP address with a Resolver endpoint. This is an IP address that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound)", - "access_level": "Write", - "resource_types": { - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverEndpointIpAddress.html" - }, - "AssociateResolverQueryLogConfig": { - "privilege": "AssociateResolverQueryLogConfig", - "description": "Grants permission to associate an Amazon VPC with a specified query logging configuration", - "access_level": "Write", - "resource_types": { - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverQueryLogConfig.html" - }, - "AssociateResolverRule": { - "privilege": "AssociateResolverRule", - "description": "Grants permission to associate a specified Resolver rule with a specified VPC", - "access_level": "Write", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverRule.html" - }, - "CreateFirewallDomainList": { - "privilege": "CreateFirewallDomainList", - "description": "Grants permission to create a Firewall domain list", - "access_level": "Write", - "resource_types": { - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallDomainList.html" - }, - "CreateFirewallRule": { - "privilege": "CreateFirewallRule", - "description": "Grants permission to create a Firewall rule within a Firewall rule group", - "access_level": "Write", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallRule.html" - }, - "CreateFirewallRuleGroup": { - "privilege": "CreateFirewallRuleGroup", - "description": "Grants permission to create a Firewall rule group", - "access_level": "Write", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallRuleGroup.html" - }, - "CreateResolverEndpoint": { - "privilege": "CreateResolverEndpoint", - "description": "Grants permission to create a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound", - "access_level": "Write", - "resource_types": { - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html" - }, - "CreateResolverQueryLogConfig": { - "privilege": "CreateResolverQueryLogConfig", - "description": "Grants permission to create a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverQueryLogConfig.html" - }, - "CreateResolverRule": { - "privilege": "CreateResolverRule", - "description": "Grants permission to define how to route queries originating from your VPC out of the VPC", - "access_level": "Write", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html" - }, - "DeleteFirewallDomainList": { - "privilege": "DeleteFirewallDomainList", - "description": "Grants permission to delete a Firewall domain list", - "access_level": "Write", - "resource_types": { - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallDomainList.html" - }, - "DeleteFirewallRule": { - "privilege": "DeleteFirewallRule", - "description": "Grants permission to delete a Firewall rule within a Firewall rule group", - "access_level": "Write", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallRule.html" - }, - "DeleteFirewallRuleGroup": { - "privilege": "DeleteFirewallRuleGroup", - "description": "Grants permission to delete a Firewall rule group", - "access_level": "Write", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallRuleGroup.html" - }, - "DeleteResolverEndpoint": { - "privilege": "DeleteResolverEndpoint", - "description": "Grants permission to delete a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound endpoint", - "access_level": "Write", - "resource_types": { - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverEndpoint.html" - }, - "DeleteResolverQueryLogConfig": { - "privilege": "DeleteResolverQueryLogConfig", - "description": "Grants permission to delete a Resolver query logging configuration", - "access_level": "Write", - "resource_types": { - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverQueryLogConfig.html" - }, - "DeleteResolverRule": { - "privilege": "DeleteResolverRule", - "description": "Grants permission to delete a Resolver rule", - "access_level": "Write", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverRule.html" - }, - "DisassociateFirewallRuleGroup": { - "privilege": "DisassociateFirewallRuleGroup", - "description": "Grants permission to remove the association between a specified Firewall rule group and a specified VPC", - "access_level": "Write", - "resource_types": { - "firewall-rule-group-association": { - "resource_type": "firewall-rule-group-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateFirewallRuleGroup.html" - }, - "DisassociateResolverEndpointIpAddress": { - "privilege": "DisassociateResolverEndpointIpAddress", - "description": "Grants permission to remove a specified IP address from a Resolver endpoint. This is an IP address that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound)", - "access_level": "Write", - "resource_types": { - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteNetworkInterface", - "ec2:DescribeNetworkInterfaces" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverEndpointIpAddress.html" - }, - "DisassociateResolverQueryLogConfig": { - "privilege": "DisassociateResolverQueryLogConfig", - "description": "Grants permission to remove the association between a specified Resolver query logging configuration and a specified VPC", - "access_level": "Write", - "resource_types": { - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverQueryLogConfig.html" - }, - "DisassociateResolverRule": { - "privilege": "DisassociateResolverRule", - "description": "Grants permission to remove the association between a specified Resolver rule and a specified VPC", - "access_level": "Write", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverRule.html" - }, - "GetFirewallConfig": { - "privilege": "GetFirewallConfig", - "description": "Grants permission to get information about a specified Firewall config", - "access_level": "Read", - "resource_types": { - "firewall-config": { - "resource_type": "firewall-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallConfig.html" - }, - "GetFirewallDomainList": { - "privilege": "GetFirewallDomainList", - "description": "Grants permission to get information about a specified Firewall domain list", - "access_level": "Read", - "resource_types": { - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallDomainList.html" - }, - "GetFirewallRuleGroup": { - "privilege": "GetFirewallRuleGroup", - "description": "Grants permission to get information about a specified Firewall rule group", - "access_level": "Read", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroup.html" - }, - "GetFirewallRuleGroupAssociation": { - "privilege": "GetFirewallRuleGroupAssociation", - "description": "Grants permission to get information about an association between a specified Firewall rule group and a VPC", - "access_level": "Read", - "resource_types": { - "firewall-rule-group-association": { - "resource_type": "firewall-rule-group-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroupAssociation.html" - }, - "GetFirewallRuleGroupPolicy": { - "privilege": "GetFirewallRuleGroupPolicy", - "description": "Grants permission to get information about a specified Firewall rule group policy, which specifies the Firewall rule group operations and resources that you want to allow another AWS account to use", - "access_level": "Read", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroupPolicy.html" - }, - "GetResolverConfig": { - "privilege": "GetResolverConfig", - "description": "Grants permission to get the Resolver Config status within the specified resource", - "access_level": "Read", - "resource_types": { - "resolver-config": { - "resource_type": "resolver-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverConfig.html" - }, - "GetResolverDnssecConfig": { - "privilege": "GetResolverDnssecConfig", - "description": "Grants permission to get the DNSSEC validation support status for DNS queries within the specified resource", - "access_level": "Read", - "resource_types": { - "resolver-dnssec-config": { - "resource_type": "resolver-dnssec-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverDnssecConfig.html" - }, - "GetResolverEndpoint": { - "privilege": "GetResolverEndpoint", - "description": "Grants permission to get information about a specified Resolver endpoint, such as whether it's an inbound or an outbound endpoint, and the IP addresses in your VPC that DNS queries are forwarded to on the way into or out of your VPC", - "access_level": "Read", - "resource_types": { - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html" - }, - "GetResolverQueryLogConfig": { - "privilege": "GetResolverQueryLogConfig", - "description": "Grants permission to get information about a specified Resolver query logging configuration, such as the number of VPCs that the configuration is logging queries for and the location that logs are sent to", - "access_level": "Read", - "resource_types": { - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfig.html" - }, - "GetResolverQueryLogConfigAssociation": { - "privilege": "GetResolverQueryLogConfigAssociation", - "description": "Grants permission to get information about a specified association between a Resolver query logging configuration and an Amazon VPC. When you associate a VPC with a query logging configuration, Resolver logs DNS queries that originate in that VPC", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfigAssociation.html" - }, - "GetResolverQueryLogConfigPolicy": { - "privilege": "GetResolverQueryLogConfigPolicy", - "description": "Grants permission to get information about a specified Resolver query logging policy, which specifies the Resolver query logging operations and resources that you want to allow another AWS account to use", - "access_level": "Read", - "resource_types": { - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfigPolicy.html" - }, - "GetResolverRule": { - "privilege": "GetResolverRule", - "description": "Grants permission to get information about a specified Resolver rule, such as the domain name that the rule forwards DNS queries for and the IP address that queries are forwarded to", - "access_level": "Read", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRule.html" - }, - "GetResolverRuleAssociation": { - "privilege": "GetResolverRuleAssociation", - "description": "Grants permission to get information about an association between a specified Resolver rule and a VPC", - "access_level": "Read", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRuleAssociation.html" - }, - "GetResolverRulePolicy": { - "privilege": "GetResolverRulePolicy", - "description": "Grants permission to get information about a Resolver rule policy, which specifies the Resolver operations and resources that you want to allow another AWS account to use", - "access_level": "Read", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRulePolicy.html" - }, - "ImportFirewallDomains": { - "privilege": "ImportFirewallDomains", - "description": "Grants permission to add, remove or replace Firewall domains in a Firewall domain list", - "access_level": "Write", - "resource_types": { - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ImportFirewallDomains.html" - }, - "ListFirewallConfigs": { - "privilege": "ListFirewallConfigs", - "description": "Grants permission to list all the Firewall config that current AWS account is able to check", - "access_level": "List", - "resource_types": { - "firewall-config": { - "resource_type": "firewall-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallConfigs.html" - }, - "ListFirewallDomainLists": { - "privilege": "ListFirewallDomainLists", - "description": "Grants permission to list all the Firewall domain list that current AWS account is able to use", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomainLists.html" - }, - "ListFirewallDomains": { - "privilege": "ListFirewallDomains", - "description": "Grants permission to list all the Firewall domain under a speicfied Firewall domain list", - "access_level": "List", - "resource_types": { - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomains.html" - }, - "ListFirewallRuleGroupAssociations": { - "privilege": "ListFirewallRuleGroupAssociations", - "description": "Grants permission to list information about associations between Amazon VPCs and Firewall rule group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRuleGroupAssociations.html" - }, - "ListFirewallRuleGroups": { - "privilege": "ListFirewallRuleGroups", - "description": "Grants permission to list all the Firewall rule group that current AWS account is able to use", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRuleGroups.html" - }, - "ListFirewallRules": { - "privilege": "ListFirewallRules", - "description": "Grants permission to list all the Firewall rule under a speicfied Firewall rule group", - "access_level": "List", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRules.html" - }, - "ListResolverConfigs": { - "privilege": "ListResolverConfigs", - "description": "Grants permission to list Resolver Config statuses", - "access_level": "List", - "resource_types": { - "resolver-config": { - "resource_type": "resolver-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverConfigs.html" - }, - "ListResolverDnssecConfigs": { - "privilege": "ListResolverDnssecConfigs", - "description": "Grants permission to list the DNSSEC validation support status for DNS queries", - "access_level": "List", - "resource_types": { - "resolver-dnssec-config": { - "resource_type": "resolver-dnssec-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverDnssecConfigs.html" - }, - "ListResolverEndpointIpAddresses": { - "privilege": "ListResolverEndpointIpAddresses", - "description": "Grants permission to list the IP addresses that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound) for a specified Resolver endpoint", - "access_level": "List", - "resource_types": { - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpointIpAddresses.html" - }, - "ListResolverEndpoints": { - "privilege": "ListResolverEndpoints", - "description": "Grants permission to list all the Resolver endpoints that were created using the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpoints.html" - }, - "ListResolverQueryLogConfigAssociations": { - "privilege": "ListResolverQueryLogConfigAssociations", - "description": "Grants permission to list information about associations between Amazon VPCs and query logging configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigAssociations.html" - }, - "ListResolverQueryLogConfigs": { - "privilege": "ListResolverQueryLogConfigs", - "description": "Grants permission to list information about the specified query logging configurations, which define where you want Resolver to save DNS query logs and specify the VPCs that you want to log queries for", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigs.html" - }, - "ListResolverRuleAssociations": { - "privilege": "ListResolverRuleAssociations", - "description": "Grants permission to list the associations that were created between Resolver rules and VPCs using the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRuleAssociations.html" - }, - "ListResolverRules": { - "privilege": "ListResolverRules", - "description": "Grants permission to list the Resolver rules that were created using the current AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags that you associated with the specified resource", - "access_level": "Read", - "resource_types": { - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-rule-group-association": { - "resource_type": "firewall-rule-group-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-rule": { - "resource_type": "resolver-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListTagsForResource.html" - }, - "PutFirewallRuleGroupPolicy": { - "privilege": "PutFirewallRuleGroupPolicy", - "description": "Grants permission to specify an AWS account that you want to share a Firewall rule group with, the Firewall rule group that you want to share, and the operations that you want the account to be able to perform on the configuration", - "access_level": "Permissions management", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutFirewallRuleGroupPolicy.html" - }, - "PutResolverQueryLogConfigPolicy": { - "privilege": "PutResolverQueryLogConfigPolicy", - "description": "Grants permission to specify an AWS account that you want to share a query logging configuration with, the query logging configuration that you want to share, and the operations that you want the account to be able to perform on the configuration", - "access_level": "Permissions management", - "resource_types": { - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutResolverQueryLogConfigPolicy.html" - }, - "PutResolverRulePolicy": { - "privilege": "PutResolverRulePolicy", - "description": "Grants permission to specify an AWS account that you want to share rules with, the Resolver rules that you want to share, and the operations that you want the account to be able to perform on those rules", - "access_level": "Permissions management", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutResolverRulePolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a specified resource", - "access_level": "Tagging", - "resource_types": { - "firewall-config": { - "resource_type": "firewall-config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-rule-group-association": { - "resource_type": "firewall-rule-group-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-dnssec-config": { - "resource_type": "resolver-dnssec-config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-rule": { - "resource_type": "resolver-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a specified resource", - "access_level": "Tagging", - "resource_types": { - "firewall-config": { - "resource_type": "firewall-config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "firewall-rule-group-association": { - "resource_type": "firewall-rule-group-association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-dnssec-config": { - "resource_type": "resolver-dnssec-config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-query-log-config": { - "resource_type": "resolver-query-log-config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resolver-rule": { - "resource_type": "resolver-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UntagResource.html" - }, - "UpdateFirewallConfig": { - "privilege": "UpdateFirewallConfig", - "description": "Grants permission to update selected settings for an Firewall config", - "access_level": "Write", - "resource_types": { - "firewall-config": { - "resource_type": "firewall-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallConfig.html" - }, - "UpdateFirewallDomains": { - "privilege": "UpdateFirewallDomains", - "description": "Grants permission to add, remove or replace Firewall domains in a Firewall domain list", - "access_level": "Write", - "resource_types": { - "firewall-domain-list": { - "resource_type": "firewall-domain-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallDomains.html" - }, - "UpdateFirewallRule": { - "privilege": "UpdateFirewallRule", - "description": "Grants permission to update selected settings for an Firewall rule in a Firewall rule group", - "access_level": "Write", - "resource_types": { - "firewall-rule-group": { - "resource_type": "firewall-rule-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallRule.html" - }, - "UpdateFirewallRuleGroupAssociation": { - "privilege": "UpdateFirewallRuleGroupAssociation", - "description": "Grants permission to update selected settings for an Firewall rule group association", - "access_level": "Write", - "resource_types": { - "firewall-rule-group-association": { - "resource_type": "firewall-rule-group-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallRuleGroupAssociation.html" - }, - "UpdateResolverConfig": { - "privilege": "UpdateResolverConfig", - "description": "Grants permission to update the Resolver Config status within the specified resource", - "access_level": "Write", - "resource_types": { - "resolver-config": { - "resource_type": "resolver-config", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverConfig.html" - }, - "UpdateResolverDnssecConfig": { - "privilege": "UpdateResolverDnssecConfig", - "description": "Grants permission to update the DNSSEC validation support status for DNS queries within the specified resource", - "access_level": "Write", - "resource_types": { - "resolver-dnssec-config": { - "resource_type": "resolver-dnssec-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverDnssecConfig.html" - }, - "UpdateResolverEndpoint": { - "privilege": "UpdateResolverEndpoint", - "description": "Grants permission to update selected settings for an inbound or an outbound Resolver endpoint", - "access_level": "Write", - "resource_types": { - "resolver-endpoint": { - "resource_type": "resolver-endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:AssignIpv6Addresses", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:ModifyNetworkInterfaceAttribute", - "ec2:UnassignIpv6Addresses" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverEndpoint.html" - }, - "UpdateResolverRule": { - "privilege": "UpdateResolverRule", - "description": "Grants permission to update settings for a specified Resolver rule", - "access_level": "Write", - "resource_types": { - "resolver-rule": { - "resource_type": "resolver-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverRule.html" - } - }, - "resources": { - "resolver-dnssec-config": { - "resource": "resolver-dnssec-config", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-dnssec-config/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resolver-query-log-config": { - "resource": "resolver-query-log-config", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-query-log-config/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resolver-rule": { - "resource": "resolver-rule", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-rule/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resolver-endpoint": { - "resource": "resolver-endpoint", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-endpoint/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "firewall-rule-group": { - "resource": "firewall-rule-group", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-rule-group/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "firewall-rule-group-association": { - "resource": "firewall-rule-group-association", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-rule-group-association/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "firewall-domain-list": { - "resource": "firewall-domain-list", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-domain-list/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "firewall-config": { - "resource": "firewall-config", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-config/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resolver-config": { - "resource": "resolver-config", - "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-config/${ResourceId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "s3": { - "service_name": "Amazon S3", - "prefix": "s3", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3.html", - "privileges": { - "AbortMultipartUpload": { - "privilege": "AbortMultipartUpload", - "description": "Grants permission to abort a multipart upload", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointArn", - "s3:DataAccessPointAccount", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html" - }, - "BypassGovernanceRetention": { - "privilege": "BypassGovernanceRetention", - "description": "Grants permission to allow circumvention of governance-mode object retention settings", - "access_level": "Permissions management", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:RequestObjectTag/", - "s3:RequestObjectTagKeys", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-acl", - "s3:x-amz-content-sha256", - "s3:x-amz-copy-source", - "s3:x-amz-grant-full-control", - "s3:x-amz-grant-read", - "s3:x-amz-grant-read-acp", - "s3:x-amz-grant-write", - "s3:x-amz-grant-write-acp", - "s3:x-amz-metadata-directive", - "s3:x-amz-server-side-encryption", - "s3:x-amz-server-side-encryption-aws-kms-key-id", - "s3:x-amz-server-side-encryption-customer-algorithm", - "s3:x-amz-storage-class", - "s3:x-amz-website-redirect-location", - "s3:object-lock-mode", - "s3:object-lock-retain-until-date", - "s3:object-lock-remaining-retention-days", - "s3:object-lock-legal-hold" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-bypass" - }, - "CreateAccessPoint": { - "privilege": "CreateAccessPoint", - "description": "Grants permission to create a new access point", - "access_level": "Write", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:locationconstraint", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-acl", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html" - }, - "CreateAccessPointForObjectLambda": { - "privilege": "CreateAccessPointForObjectLambda", - "description": "Grants permission to create an object lambda enabled accesspoint", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html" - }, - "CreateBucket": { - "privilege": "CreateBucket", - "description": "Grants permission to create a new bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:locationconstraint", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-acl", - "s3:x-amz-content-sha256", - "s3:x-amz-grant-full-control", - "s3:x-amz-grant-read", - "s3:x-amz-grant-read-acp", - "s3:x-amz-grant-write", - "s3:x-amz-grant-write-acp", - "s3:x-amz-object-ownership" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Grants permission to create a new Amazon S3 Batch Operations job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:RequestJobPriority", - "s3:RequestJobOperation", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html" - }, - "CreateMultiRegionAccessPoint": { - "privilege": "CreateMultiRegionAccessPoint", - "description": "Grants permission to create a new Multi-Region Access Point", - "access_level": "Write", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html" - }, - "DeleteAccessPoint": { - "privilege": "DeleteAccessPoint", - "description": "Grants permission to delete the access point named in the URI", - "access_level": "Write", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointArn", - "s3:DataAccessPointAccount", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html" - }, - "DeleteAccessPointForObjectLambda": { - "privilege": "DeleteAccessPointForObjectLambda", - "description": "Grants permission to delete the object lambda enabled access point named in the URI", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointArn", - "s3:DataAccessPointAccount", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html" - }, - "DeleteAccessPointPolicy": { - "privilege": "DeleteAccessPointPolicy", - "description": "Grants permission to delete the policy on a specified access point", - "access_level": "Permissions management", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointArn", - "s3:DataAccessPointAccount", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html" - }, - "DeleteAccessPointPolicyForObjectLambda": { - "privilege": "DeleteAccessPointPolicyForObjectLambda", - "description": "Grants permission to delete the policy on a specified object lambda enabled access point", - "access_level": "Permissions management", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointArn", - "s3:DataAccessPointAccount", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicyForObjectLambda.html" - }, - "DeleteBucket": { - "privilege": "DeleteBucket", - "description": "Grants permission to delete the bucket named in the URI", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html" - }, - "DeleteBucketPolicy": { - "privilege": "DeleteBucketPolicy", - "description": "Grants permission to delete the policy on a specified bucket", - "access_level": "Permissions management", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketPolicy.html" - }, - "DeleteBucketWebsite": { - "privilege": "DeleteBucketWebsite", - "description": "Grants permission to remove the website configuration for a bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html" - }, - "DeleteJobTagging": { - "privilege": "DeleteJobTagging", - "description": "Grants permission to remove tags from an existing Amazon S3 Batch Operations job", - "access_level": "Tagging", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:ExistingJobPriority", - "s3:ExistingJobOperation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteJobTagging.html" - }, - "DeleteMultiRegionAccessPoint": { - "privilege": "DeleteMultiRegionAccessPoint", - "description": "Grants permission to delete the Multi-Region Access Point named in the URI", - "access_level": "Write", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html" - }, - "DeleteObject": { - "privilege": "DeleteObject", - "description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" - }, - "DeleteObjectTagging": { - "privilege": "DeleteObjectTagging", - "description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" - }, - "DeleteObjectVersion": { - "privilege": "DeleteObjectVersion", - "description": "Grants permission to remove a specific version of an object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" - }, - "DeleteObjectVersionTagging": { - "privilege": "DeleteObjectVersionTagging", - "description": "Grants permission to remove the entire tag set for a specific version of the object", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" - }, - "DeleteStorageLensConfiguration": { - "privilege": "DeleteStorageLensConfiguration", - "description": "Grants permission to delete an existing Amazon S3 Storage Lens configuration", - "access_level": "Write", - "resource_types": { - "storagelensconfiguration": { - "resource_type": "storagelensconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteStorageLensConfiguration.html" - }, - "DeleteStorageLensConfigurationTagging": { - "privilege": "DeleteStorageLensConfigurationTagging", - "description": "Grants permission to remove tags from an existing Amazon S3 Storage Lens configuration", - "access_level": "Tagging", - "resource_types": { - "storagelensconfiguration": { - "resource_type": "storagelensconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteStorageLensConfigurationTagging.html" - }, - "DescribeJob": { - "privilege": "DescribeJob", - "description": "Grants permission to retrieve the configuration parameters and status for a batch operations job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeJob.html" - }, - "DescribeMultiRegionAccessPointOperation": { - "privilege": "DescribeMultiRegionAccessPointOperation", - "description": "Grants permission to retrieve the configurations for a Multi-Region Access Point", - "access_level": "Read", - "resource_types": { - "multiregionaccesspointrequestarn": { - "resource_type": "multiregionaccesspointrequestarn", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html" - }, - "GetAccelerateConfiguration": { - "privilege": "GetAccelerateConfiguration", - "description": "Grants permission to uses the accelerate subresource to return the Transfer Acceleration state of a bucket, which is either Enabled or Suspended", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html" - }, - "GetAccessPoint": { - "privilege": "GetAccessPoint", - "description": "Grants permission to return configuration information about the specified access point", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html" - }, - "GetAccessPointConfigurationForObjectLambda": { - "privilege": "GetAccessPointConfigurationForObjectLambda", - "description": "Grants permission to retrieve the configuration of the object lambda enabled access point", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointArn", - "s3:DataAccessPointAccount", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointConfigurationForObjectLambda.html" - }, - "GetAccessPointForObjectLambda": { - "privilege": "GetAccessPointForObjectLambda", - "description": "Grants permission to create an object lambda enabled accesspoint", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html" - }, - "GetAccessPointPolicy": { - "privilege": "GetAccessPointPolicy", - "description": "Grants permission to returns the access point policy associated with the specified access point", - "access_level": "Read", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html" - }, - "GetAccessPointPolicyForObjectLambda": { - "privilege": "GetAccessPointPolicyForObjectLambda", - "description": "Grants permission to returns the access point policy associated with the specified object lambda enabled access point", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyForObjectLambda.html" - }, - "GetAccessPointPolicyStatus": { - "privilege": "GetAccessPointPolicyStatus", - "description": "Grants permission to return the policy status for a specific access point policy", - "access_level": "Read", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyStatus.html" - }, - "GetAccessPointPolicyStatusForObjectLambda": { - "privilege": "GetAccessPointPolicyStatusForObjectLambda", - "description": "Grants permission to return the policy status for a specific object lambda access point policy", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyStatusForObjectLambda.html" - }, - "GetAccountPublicAccessBlock": { - "privilege": "GetAccountPublicAccessBlock", - "description": "Grants permission to retrieve the PublicAccessBlock configuration for an AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetPublicAccessBlock.html" - }, - "GetAnalyticsConfiguration": { - "privilege": "GetAnalyticsConfiguration", - "description": "Grants permission to get an analytics configuration from an Amazon S3 bucket, identified by the analytics configuration ID", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html" - }, - "GetBucketAcl": { - "privilege": "GetBucketAcl", - "description": "Grants permission to use the acl subresource to return the access control list (ACL) of an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAcl.html" - }, - "GetBucketCORS": { - "privilege": "GetBucketCORS", - "description": "Grants permission to return the CORS configuration information set for an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html" - }, - "GetBucketLocation": { - "privilege": "GetBucketLocation", - "description": "Grants permission to return the Region that an Amazon S3 bucket resides in", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLocation.html" - }, - "GetBucketLogging": { - "privilege": "GetBucketLogging", - "description": "Grants permission to return the logging status of an Amazon S3 bucket and the permissions users have to view or modify that status", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html" - }, - "GetBucketNotification": { - "privilege": "GetBucketNotification", - "description": "Grants permission to get the notification configuration of an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotification.html" - }, - "GetBucketObjectLockConfiguration": { - "privilege": "GetBucketObjectLockConfiguration", - "description": "Grants permission to get the Object Lock configuration of an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:signatureversion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLockConfiguration.html" - }, - "GetBucketOwnershipControls": { - "privilege": "GetBucketOwnershipControls", - "description": "Grants permission to retrieve ownership controls on a bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketOwnershipControls.html" - }, - "GetBucketPolicy": { - "privilege": "GetBucketPolicy", - "description": "Grants permission to return the policy of the specified bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicy.html" - }, - "GetBucketPolicyStatus": { - "privilege": "GetBucketPolicyStatus", - "description": "Grants permission to retrieve the policy status for a specific Amazon S3 bucket, which indicates whether the bucket is public", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html" - }, - "GetBucketPublicAccessBlock": { - "privilege": "GetBucketPublicAccessBlock", - "description": "Grants permission to retrieve the PublicAccessBlock configuration for an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html" - }, - "GetBucketRequestPayment": { - "privilege": "GetBucketRequestPayment", - "description": "Grants permission to return the request payment configuration for an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html" - }, - "GetBucketTagging": { - "privilege": "GetBucketTagging", - "description": "Grants permission to return the tag set associated with an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html" - }, - "GetBucketVersioning": { - "privilege": "GetBucketVersioning", - "description": "Grants permission to return the versioning state of an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html" - }, - "GetBucketWebsite": { - "privilege": "GetBucketWebsite", - "description": "Grants permission to return the website configuration for an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html" - }, - "GetEncryptionConfiguration": { - "privilege": "GetEncryptionConfiguration", - "description": "Grants permission to return the default encryption configuration an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html" - }, - "GetIntelligentTieringConfiguration": { - "privilege": "GetIntelligentTieringConfiguration", - "description": "Grants permission to get an or list all Amazon S3 Intelligent Tiering configuration in a S3 Bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html" - }, - "GetInventoryConfiguration": { - "privilege": "GetInventoryConfiguration", - "description": "Grants permission to return an inventory configuration from an Amazon S3 bucket, identified by the inventory configuration ID", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html" - }, - "GetJobTagging": { - "privilege": "GetJobTagging", - "description": "Grants permission to return the tag set of an existing Amazon S3 Batch Operations job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetJobTagging.html" - }, - "GetLifecycleConfiguration": { - "privilege": "GetLifecycleConfiguration", - "description": "Grants permission to return the lifecycle configuration information set on an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html" - }, - "GetMetricsConfiguration": { - "privilege": "GetMetricsConfiguration", - "description": "Grants permission to get a metrics configuration from an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html" - }, - "GetMultiRegionAccessPoint": { - "privilege": "GetMultiRegionAccessPoint", - "description": "Grants permission to return configuration information about the specified Multi-Region Access Point", - "access_level": "Read", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html" - }, - "GetMultiRegionAccessPointPolicy": { - "privilege": "GetMultiRegionAccessPointPolicy", - "description": "Grants permission to returns the access point policy associated with the specified Multi-Region Access Point", - "access_level": "Read", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicy.html" - }, - "GetMultiRegionAccessPointPolicyStatus": { - "privilege": "GetMultiRegionAccessPointPolicyStatus", - "description": "Grants permission to return the policy status for a specific Multi-Region Access Point policy", - "access_level": "Read", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicyStatus.html" - }, - "GetMultiRegionAccessPointRoutes": { - "privilege": "GetMultiRegionAccessPointRoutes", - "description": "Grants permission to return the route configuration for a Multi-Region Access Point", - "access_level": "Read", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointRoutes.html" - }, - "GetObject": { - "privilege": "GetObject", - "description": "Grants permission to retrieve objects from Amazon S3", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetObjectAcl": { - "privilege": "GetObjectAcl", - "description": "Grants permission to return the access control list (ACL) of an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" - }, - "GetObjectAttributes": { - "privilege": "GetObjectAttributes", - "description": "Grants permission to retrieve attributes related to a specific object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html" - }, - "GetObjectLegalHold": { - "privilege": "GetObjectLegalHold", - "description": "Grants permission to get an object's current Legal Hold status", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html" - }, - "GetObjectRetention": { - "privilege": "GetObjectRetention", - "description": "Grants permission to retrieve the retention settings for an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html" - }, - "GetObjectTagging": { - "privilege": "GetObjectTagging", - "description": "Grants permission to return the tag set of an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html" - }, - "GetObjectTorrent": { - "privilege": "GetObjectTorrent", - "description": "Grants permission to return torrent files from an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTorrent.html" - }, - "GetObjectVersion": { - "privilege": "GetObjectVersion", - "description": "Grants permission to retrieve a specific version of an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetObjectVersionAcl": { - "privilege": "GetObjectVersionAcl", - "description": "Grants permission to return the access control list (ACL) of a specific object version", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" - }, - "GetObjectVersionAttributes": { - "privilege": "GetObjectVersionAttributes", - "description": "Grants permission to retrieve attributes related to a specific version of an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html" - }, - "GetObjectVersionForReplication": { - "privilege": "GetObjectVersionForReplication", - "description": "Grants permission to replicate both unencrypted objects and objects encrypted with SSE-S3 or SSE-KMS", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-config-for-kms-objects.html" - }, - "GetObjectVersionTagging": { - "privilege": "GetObjectVersionTagging", - "description": "Grants permission to return the tag set for a specific version of the object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" - }, - "GetObjectVersionTorrent": { - "privilege": "GetObjectVersionTorrent", - "description": "Grants permission to get Torrent files about a different version using the versionId subresource", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTorrent.html" - }, - "GetReplicationConfiguration": { - "privilege": "GetReplicationConfiguration", - "description": "Grants permission to get the replication configuration information set on an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html" - }, - "GetStorageLensConfiguration": { - "privilege": "GetStorageLensConfiguration", - "description": "Grants permission to get an Amazon S3 Storage Lens configuration", - "access_level": "Read", - "resource_types": { - "storagelensconfiguration": { - "resource_type": "storagelensconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetStorageLensConfiguration.html" - }, - "GetStorageLensConfigurationTagging": { - "privilege": "GetStorageLensConfigurationTagging", - "description": "Grants permission to get the tag set of an existing Amazon S3 Storage Lens configuration", - "access_level": "Read", - "resource_types": { - "storagelensconfiguration": { - "resource_type": "storagelensconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetStorageLensConfigurationTagging.html" - }, - "GetStorageLensDashboard": { - "privilege": "GetStorageLensDashboard", - "description": "Grants permission to get an Amazon S3 Storage Lens dashboard", - "access_level": "Read", - "resource_types": { - "storagelensconfiguration": { - "resource_type": "storagelensconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_dashboard.html" - }, - "InitiateReplication": { - "privilege": "InitiateReplication", - "description": "Grants permission to initiate the replication process by setting replication status of an object to pending", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:ResourceAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" - }, - "ListAccessPoints": { - "privilege": "ListAccessPoints", - "description": "Grants permission to list access points", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html" - }, - "ListAccessPointsForObjectLambda": { - "privilege": "ListAccessPointsForObjectLambda", - "description": "Grants permission to list object lambda enabled accesspoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html" - }, - "ListAllMyBuckets": { - "privilege": "ListAllMyBuckets", - "description": "Grants permission to list all buckets owned by the authenticated sender of the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html" - }, - "ListBucket": { - "privilege": "ListBucket", - "description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)", - "access_level": "List", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:delimiter", - "s3:max-keys", - "s3:prefix", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html" - }, - "ListBucketMultipartUploads": { - "privilege": "ListBucketMultipartUploads", - "description": "Grants permission to list in-progress multipart uploads", - "access_level": "List", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html" - }, - "ListBucketVersions": { - "privilege": "ListBucketVersions", - "description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket", - "access_level": "List", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:delimiter", - "s3:max-keys", - "s3:prefix", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectVersions.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list current jobs and jobs that have ended recently", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListJobs.html" - }, - "ListMultiRegionAccessPoints": { - "privilege": "ListMultiRegionAccessPoints", - "description": "Grants permission to list Multi-Region Access Points", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html" - }, - "ListMultipartUploadParts": { - "privilege": "ListMultipartUploadParts", - "description": "Grants permission to list the parts that have been uploaded for a specific multipart upload", - "access_level": "List", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html" - }, - "ListStorageLensConfigurations": { - "privilege": "ListStorageLensConfigurations", - "description": "Grants permission to list Amazon S3 Storage Lens configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListStorageLensConfigurations.html" - }, - "ObjectOwnerOverrideToBucketOwner": { - "privilege": "ObjectOwnerOverrideToBucketOwner", - "description": "Grants permission to change replica ownership", - "access_level": "Permissions management", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-change-owner.html#repl-ownership-add-role-permission" - }, - "PutAccelerateConfiguration": { - "privilege": "PutAccelerateConfiguration", - "description": "Grants permission to use the accelerate subresource to set the Transfer Acceleration state of an existing S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html" - }, - "PutAccessPointConfigurationForObjectLambda": { - "privilege": "PutAccessPointConfigurationForObjectLambda", - "description": "Grants permission to set the configuration of the object lambda enabled access point", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointArn", - "s3:DataAccessPointAccount", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointConfigurationForObjectLambda.html" - }, - "PutAccessPointPolicy": { - "privilege": "PutAccessPointPolicy", - "description": "Grants permission to associate an access policy with a specified access point", - "access_level": "Permissions management", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html" - }, - "PutAccessPointPolicyForObjectLambda": { - "privilege": "PutAccessPointPolicyForObjectLambda", - "description": "Grants permission to associate an access policy with a specified object lambda enabled access point", - "access_level": "Permissions management", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicyForObjectLambda.html" - }, - "PutAccessPointPublicAccessBlock": { - "privilege": "PutAccessPointPublicAccessBlock", - "description": "Grants permission to associate public access block configurations with a specified access point, while creating a access point", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html#access-control-block-public-access-examples-access-point" - }, - "PutAccountPublicAccessBlock": { - "privilege": "PutAccountPublicAccessBlock", - "description": "Grants permission to create or modify the PublicAccessBlock configuration for an AWS account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutPublicAccessBlock.html" - }, - "PutAnalyticsConfiguration": { - "privilege": "PutAnalyticsConfiguration", - "description": "Grants permission to set an analytics configuration for the bucket, specified by the analytics configuration ID", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html" - }, - "PutBucketAcl": { - "privilege": "PutBucketAcl", - "description": "Grants permission to set the permissions on an existing bucket using access control lists (ACLs)", - "access_level": "Permissions management", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-acl", - "s3:x-amz-content-sha256", - "s3:x-amz-grant-full-control", - "s3:x-amz-grant-read", - "s3:x-amz-grant-read-acp", - "s3:x-amz-grant-write", - "s3:x-amz-grant-write-acp" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAcl.html" - }, - "PutBucketCORS": { - "privilege": "PutBucketCORS", - "description": "Grants permission to set the CORS configuration for an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html" - }, - "PutBucketLogging": { - "privilege": "PutBucketLogging", - "description": "Grants permission to set the logging parameters for an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLogging.html" - }, - "PutBucketNotification": { - "privilege": "PutBucketNotification", - "description": "Grants permission to receive notifications when certain events happen in an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotification.html" - }, - "PutBucketObjectLockConfiguration": { - "privilege": "PutBucketObjectLockConfiguration", - "description": "Grants permission to put Object Lock configuration on a specific bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:TlsVersion", - "s3:signatureversion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLockConfiguration.html" - }, - "PutBucketOwnershipControls": { - "privilege": "PutBucketOwnershipControls", - "description": "Grants permission to add, replace or delete ownership controls on a bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketOwnershipControls.html" - }, - "PutBucketPolicy": { - "privilege": "PutBucketPolicy", - "description": "Grants permission to add or replace a bucket policy on a bucket", - "access_level": "Permissions management", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketPolicy.html" - }, - "PutBucketPublicAccessBlock": { - "privilege": "PutBucketPublicAccessBlock", - "description": "Grants permission to create or modify the PublicAccessBlock configuration for a specific Amazon S3 bucket", - "access_level": "Permissions management", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html" - }, - "PutBucketRequestPayment": { - "privilege": "PutBucketRequestPayment", - "description": "Grants permission to set the request payment configuration of a bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketRequestPayment.html" - }, - "PutBucketTagging": { - "privilege": "PutBucketTagging", - "description": "Grants permission to add a set of tags to an existing Amazon S3 bucket", - "access_level": "Tagging", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html" - }, - "PutBucketVersioning": { - "privilege": "PutBucketVersioning", - "description": "Grants permission to set the versioning state of an existing Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html" - }, - "PutBucketWebsite": { - "privilege": "PutBucketWebsite", - "description": "Grants permission to set the configuration of the website that is specified in the website subresource", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html" - }, - "PutEncryptionConfiguration": { - "privilege": "PutEncryptionConfiguration", - "description": "Grants permission to set the encryption configuration for an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html" - }, - "PutIntelligentTieringConfiguration": { - "privilege": "PutIntelligentTieringConfiguration", - "description": "Grants permission to create new or update or delete an existing Amazon S3 Intelligent Tiering configuration", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html" - }, - "PutInventoryConfiguration": { - "privilege": "PutInventoryConfiguration", - "description": "Grants permission to add an inventory configuration to the bucket, identified by the inventory ID", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html" - }, - "PutJobTagging": { - "privilege": "PutJobTagging", - "description": "Grants permission to replace tags on an existing Amazon S3 Batch Operations job", - "access_level": "Tagging", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:ExistingJobPriority", - "s3:ExistingJobOperation", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutJobTagging.html" - }, - "PutLifecycleConfiguration": { - "privilege": "PutLifecycleConfiguration", - "description": "Grants permission to create a new lifecycle configuration for the bucket or replace an existing lifecycle configuration", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html" - }, - "PutMetricsConfiguration": { - "privilege": "PutMetricsConfiguration", - "description": "Grants permission to set or update a metrics configuration for the CloudWatch request metrics from an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html" - }, - "PutMultiRegionAccessPointPolicy": { - "privilege": "PutMultiRegionAccessPointPolicy", - "description": "Grants permission to associate an access policy with a specified Multi-Region Access Point", - "access_level": "Permissions management", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutMultiRegionAccessPointPolicy.html" - }, - "PutObject": { - "privilege": "PutObject", - "description": "Grants permission to add an object to a bucket", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:RequestObjectTag/", - "s3:RequestObjectTagKeys", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-acl", - "s3:x-amz-content-sha256", - "s3:x-amz-copy-source", - "s3:x-amz-grant-full-control", - "s3:x-amz-grant-read", - "s3:x-amz-grant-read-acp", - "s3:x-amz-grant-write", - "s3:x-amz-grant-write-acp", - "s3:x-amz-metadata-directive", - "s3:x-amz-server-side-encryption", - "s3:x-amz-server-side-encryption-aws-kms-key-id", - "s3:x-amz-server-side-encryption-customer-algorithm", - "s3:x-amz-storage-class", - "s3:x-amz-website-redirect-location", - "s3:object-lock-mode", - "s3:object-lock-retain-until-date", - "s3:object-lock-remaining-retention-days", - "s3:object-lock-legal-hold" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" - }, - "PutObjectAcl": { - "privilege": "PutObjectAcl", - "description": "Grants permission to set the access control list (ACL) permissions for new or existing objects in an S3 bucket", - "access_level": "Permissions management", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-acl", - "s3:x-amz-content-sha256", - "s3:x-amz-grant-full-control", - "s3:x-amz-grant-read", - "s3:x-amz-grant-read-acp", - "s3:x-amz-grant-write", - "s3:x-amz-grant-write-acp", - "s3:x-amz-storage-class" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" - }, - "PutObjectLegalHold": { - "privilege": "PutObjectLegalHold", - "description": "Grants permission to apply a Legal Hold configuration to the specified object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:object-lock-legal-hold" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLegalHold.html" - }, - "PutObjectRetention": { - "privilege": "PutObjectRetention", - "description": "Grants permission to place an Object Retention configuration on an object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:object-lock-mode", - "s3:object-lock-retain-until-date", - "s3:object-lock-remaining-retention-days" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectRetention.html" - }, - "PutObjectTagging": { - "privilege": "PutObjectTagging", - "description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:RequestObjectTag/", - "s3:RequestObjectTagKeys", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" - }, - "PutObjectVersionAcl": { - "privilege": "PutObjectVersionAcl", - "description": "Grants permission to use the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket", - "access_level": "Permissions management", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-acl", - "s3:x-amz-content-sha256", - "s3:x-amz-grant-full-control", - "s3:x-amz-grant-read", - "s3:x-amz-grant-read-acp", - "s3:x-amz-grant-write", - "s3:x-amz-grant-write-acp", - "s3:x-amz-storage-class" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" - }, - "PutObjectVersionTagging": { - "privilege": "PutObjectVersionTagging", - "description": "Grants permission to set the supplied tag-set for a specific version of an object", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:ExistingObjectTag/", - "s3:RequestObjectTag/", - "s3:RequestObjectTagKeys", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:versionid", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" - }, - "PutReplicationConfiguration": { - "privilege": "PutReplicationConfiguration", - "description": "Grants permission to create a new replication configuration or replace an existing one", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html" - }, - "PutStorageLensConfiguration": { - "privilege": "PutStorageLensConfiguration", - "description": "Grants permission to create or update an Amazon S3 Storage Lens configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutStorageLensConfiguration.html" - }, - "PutStorageLensConfigurationTagging": { - "privilege": "PutStorageLensConfigurationTagging", - "description": "Grants permission to put or replace tags on an existing Amazon S3 Storage Lens configuration", - "access_level": "Tagging", - "resource_types": { - "storagelensconfiguration": { - "resource_type": "storagelensconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutStorageLensConfigurationTagging.html" - }, - "ReplicateDelete": { - "privilege": "ReplicateDelete", - "description": "Grants permission to replicate delete markers to the destination bucket", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" - }, - "ReplicateObject": { - "privilege": "ReplicateObject", - "description": "Grants permission to replicate objects and object tags to the destination bucket", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:x-amz-server-side-encryption", - "s3:x-amz-server-side-encryption-aws-kms-key-id", - "s3:x-amz-server-side-encryption-customer-algorithm" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" - }, - "ReplicateTags": { - "privilege": "ReplicateTags", - "description": "Grants permission to replicate object tags to the destination bucket", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" - }, - "RestoreObject": { - "privilege": "RestoreObject", - "description": "Grants permission to restore an archived copy of an object back into Amazon S3", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html" - }, - "SubmitMultiRegionAccessPointRoutes": { - "privilege": "SubmitMultiRegionAccessPointRoutes", - "description": "Grants permission to submit a route configuration update for a Multi-Region Access Point", - "access_level": "Write", - "resource_types": { - "multiregionaccesspoint": { - "resource_type": "multiregionaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:DataAccessPointAccount", - "s3:DataAccessPointArn", - "s3:AccessPointNetworkOrigin", - "s3:authType", - "s3:ResourceAccount", - "s3:signatureversion", - "s3:signatureAge", - "s3:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_SubmitMultiRegionAccessPointRoutes.html" - }, - "UpdateJobPriority": { - "privilege": "UpdateJobPriority", - "description": "Grants permission to update the priority of an existing job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:RequestJobPriority", - "s3:ExistingJobPriority", - "s3:ExistingJobOperation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobPriority.html" - }, - "UpdateJobStatus": { - "privilege": "UpdateJobStatus", - "description": "Grants permission to update the status for the specified job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3:authType", - "s3:ResourceAccount", - "s3:signatureAge", - "s3:signatureversion", - "s3:TlsVersion", - "s3:x-amz-content-sha256", - "s3:ExistingJobPriority", - "s3:ExistingJobOperation", - "s3:JobSuspendedCause" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobStatus.html" - } - }, - "resources": { - "accesspoint": { - "resource": "accesspoint", - "arn": "arn:${Partition}:s3:${Region}:${Account}:accesspoint/${AccessPointName}", - "condition_keys": [] - }, - "bucket": { - "resource": "bucket", - "arn": "arn:${Partition}:s3:::${BucketName}", - "condition_keys": [] - }, - "object": { - "resource": "object", - "arn": "arn:${Partition}:s3:::${BucketName}/${ObjectName}", - "condition_keys": [] - }, - "job": { - "resource": "job", - "arn": "arn:${Partition}:s3:${Region}:${Account}:job/${JobId}", - "condition_keys": [] - }, - "storagelensconfiguration": { - "resource": "storagelensconfiguration", - "arn": "arn:${Partition}:s3:${Region}:${Account}:storage-lens/${ConfigId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "objectlambdaaccesspoint": { - "resource": "objectlambdaaccesspoint", - "arn": "arn:${Partition}:s3-object-lambda:${Region}:${Account}:accesspoint/${AccessPointName}", - "condition_keys": [] - }, - "multiregionaccesspoint": { - "resource": "multiregionaccesspoint", - "arn": "arn:${Partition}:s3::${Account}:accesspoint/${AccessPointAlias}", - "condition_keys": [] - }, - "multiregionaccesspointrequestarn": { - "resource": "multiregionaccesspointrequestarn", - "arn": "arn:${Partition}:s3:us-west-2:${Account}:async-request/mrap/${Operation}/${Token}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "s3:AccessPointNetworkOrigin": { - "condition": "s3:AccessPointNetworkOrigin", - "description": "Filters access by the network origin (Internet or VPC)", - "type": "String" - }, - "s3:DataAccessPointAccount": { - "condition": "s3:DataAccessPointAccount", - "description": "Filters access by the AWS Account ID that owns the access point", - "type": "String" - }, - "s3:DataAccessPointArn": { - "condition": "s3:DataAccessPointArn", - "description": "Filters access by an access point Amazon Resource Name (ARN)", - "type": "ARN" - }, - "s3:ExistingJobOperation": { - "condition": "s3:ExistingJobOperation", - "description": "Filters access by operation to updating the job priority", - "type": "String" - }, - "s3:ExistingJobPriority": { - "condition": "s3:ExistingJobPriority", - "description": "Filters access by priority range to cancelling existing jobs", - "type": "Numeric" - }, - "s3:ExistingObjectTag/": { - "condition": "s3:ExistingObjectTag/", - "description": "Filters access by existing object tag key and value", - "type": "String" - }, - "s3:JobSuspendedCause": { - "condition": "s3:JobSuspendedCause", - "description": "Filters access by a specific job suspended cause (for example, AWAITING_CONFIRMATION) to cancelling suspended jobs", - "type": "String" - }, - "s3:RequestJobOperation": { - "condition": "s3:RequestJobOperation", - "description": "Filters access by operation to creating jobs", - "type": "String" - }, - "s3:RequestJobPriority": { - "condition": "s3:RequestJobPriority", - "description": "Filters access by priority range to creating new jobs", - "type": "Numeric" - }, - "s3:RequestObjectTag/": { - "condition": "s3:RequestObjectTag/", - "description": "Filters access by the tag keys and values to be added to objects", - "type": "String" - }, - "s3:RequestObjectTagKeys": { - "condition": "s3:RequestObjectTagKeys", - "description": "Filters access by the tag keys to be added to objects", - "type": "ArrayOfString" - }, - "s3:ResourceAccount": { - "condition": "s3:ResourceAccount", - "description": "Filters access by the resource owner AWS account ID", - "type": "String" - }, - "s3:TlsVersion": { - "condition": "s3:TlsVersion", - "description": "Filters access by the TLS version used by the client", - "type": "Numeric" - }, - "s3:authType": { - "condition": "s3:authType", - "description": "Filters access by authentication method", - "type": "String" - }, - "s3:delimiter": { - "condition": "s3:delimiter", - "description": "Filters access by delimiter parameter", - "type": "String" - }, - "s3:locationconstraint": { - "condition": "s3:locationconstraint", - "description": "Filters access by a specific Region", - "type": "String" - }, - "s3:max-keys": { - "condition": "s3:max-keys", - "description": "Filters access by maximum number of keys returned in a ListBucket request", - "type": "Numeric" - }, - "s3:object-lock-legal-hold": { - "condition": "s3:object-lock-legal-hold", - "description": "Filters access by object legal hold status", - "type": "String" - }, - "s3:object-lock-mode": { - "condition": "s3:object-lock-mode", - "description": "Filters access by object retention mode (COMPLIANCE or GOVERNANCE)", - "type": "String" - }, - "s3:object-lock-remaining-retention-days": { - "condition": "s3:object-lock-remaining-retention-days", - "description": "Filters access by remaining object retention days", - "type": "Numeric" - }, - "s3:object-lock-retain-until-date": { - "condition": "s3:object-lock-retain-until-date", - "description": "Filters access by object retain-until date", - "type": "Date" - }, - "s3:prefix": { - "condition": "s3:prefix", - "description": "Filters access by key name prefix", - "type": "String" - }, - "s3:signatureAge": { - "condition": "s3:signatureAge", - "description": "Filters access by the age in milliseconds of the request signature", - "type": "Numeric" - }, - "s3:signatureversion": { - "condition": "s3:signatureversion", - "description": "Filters access by the version of AWS Signature used on the request", - "type": "String" - }, - "s3:versionid": { - "condition": "s3:versionid", - "description": "Filters access by a specific object version", - "type": "String" - }, - "s3:x-amz-acl": { - "condition": "s3:x-amz-acl", - "description": "Filters access by canned ACL in the request's x-amz-acl header", - "type": "String" - }, - "s3:x-amz-content-sha256": { - "condition": "s3:x-amz-content-sha256", - "description": "Filters access by unsigned content in your bucket", - "type": "String" - }, - "s3:x-amz-copy-source": { - "condition": "s3:x-amz-copy-source", - "description": "Filters access by copy source bucket, prefix, or object in the copy object requests", - "type": "String" - }, - "s3:x-amz-grant-full-control": { - "condition": "s3:x-amz-grant-full-control", - "description": "Filters access by x-amz-grant-full-control (full control) header", - "type": "String" - }, - "s3:x-amz-grant-read": { - "condition": "s3:x-amz-grant-read", - "description": "Filters access by x-amz-grant-read (read access) header", - "type": "String" - }, - "s3:x-amz-grant-read-acp": { - "condition": "s3:x-amz-grant-read-acp", - "description": "Filters access by the x-amz-grant-read-acp (read permissions for the ACL) header", - "type": "String" - }, - "s3:x-amz-grant-write": { - "condition": "s3:x-amz-grant-write", - "description": "Filters access by the x-amz-grant-write (write access) header", - "type": "String" - }, - "s3:x-amz-grant-write-acp": { - "condition": "s3:x-amz-grant-write-acp", - "description": "Filters access by the x-amz-grant-write-acp (write permissions for the ACL) header", - "type": "String" - }, - "s3:x-amz-metadata-directive": { - "condition": "s3:x-amz-metadata-directive", - "description": "Filters access by object metadata behavior (COPY or REPLACE) when objects are copied", - "type": "String" - }, - "s3:x-amz-object-ownership": { - "condition": "s3:x-amz-object-ownership", - "description": "Filters access by Object Ownership", - "type": "String" - }, - "s3:x-amz-server-side-encryption": { - "condition": "s3:x-amz-server-side-encryption", - "description": "Filters access by server-side encryption", - "type": "String" - }, - "s3:x-amz-server-side-encryption-aws-kms-key-id": { - "condition": "s3:x-amz-server-side-encryption-aws-kms-key-id", - "description": "Filters access by AWS KMS customer managed CMK for server-side encryption", - "type": "String" - }, - "s3:x-amz-server-side-encryption-customer-algorithm": { - "condition": "s3:x-amz-server-side-encryption-customer-algorithm", - "description": "Filters access by customer specified algorithm for server-side encryption", - "type": "String" - }, - "s3:x-amz-storage-class": { - "condition": "s3:x-amz-storage-class", - "description": "Filters access by storage class", - "type": "String" - }, - "s3:x-amz-website-redirect-location": { - "condition": "s3:x-amz-website-redirect-location", - "description": "Filters access by a specific website redirect location for buckets that are configured as static websites", - "type": "String" - } - } - }, - "s3-object-lambda": { - "service_name": "Amazon S3 Object Lambda", - "prefix": "s3-object-lambda", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3objectlambda.html", - "privileges": { - "AbortMultipartUpload": { - "privilege": "AbortMultipartUpload", - "description": "Grants permission to abort a multipart upload", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html" - }, - "DeleteObject": { - "privilege": "DeleteObject", - "description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" - }, - "DeleteObjectTagging": { - "privilege": "DeleteObjectTagging", - "description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object", - "access_level": "Tagging", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" - }, - "DeleteObjectVersion": { - "privilege": "DeleteObjectVersion", - "description": "Grants permission to remove a specific version of an object", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion", - "s3-object-lambda:versionid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" - }, - "DeleteObjectVersionTagging": { - "privilege": "DeleteObjectVersionTagging", - "description": "Grants permission to remove the entire tag set for a specific version of the object", - "access_level": "Tagging", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion", - "s3-object-lambda:versionid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" - }, - "GetObject": { - "privilege": "GetObject", - "description": "Grants permission to retrieve objects from Amazon S3", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetObjectAcl": { - "privilege": "GetObjectAcl", - "description": "Grants permission to return the access control list (ACL) of an object", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" - }, - "GetObjectLegalHold": { - "privilege": "GetObjectLegalHold", - "description": "Grants permission to get an object's current Legal Hold status", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html" - }, - "GetObjectRetention": { - "privilege": "GetObjectRetention", - "description": "Grants permission to retrieve the retention settings for an object", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html" - }, - "GetObjectTagging": { - "privilege": "GetObjectTagging", - "description": "Grants permission to return the tag set of an object", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html" - }, - "GetObjectVersion": { - "privilege": "GetObjectVersion", - "description": "Grants permission to retrieve a specific version of an object", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion", - "s3-object-lambda:versionid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetObjectVersionAcl": { - "privilege": "GetObjectVersionAcl", - "description": "Grants permission to return the access control list (ACL) of a specific object version", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion", - "s3-object-lambda:versionid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" - }, - "GetObjectVersionTagging": { - "privilege": "GetObjectVersionTagging", - "description": "Grants permission to return the tag set for a specific version of the object", - "access_level": "Read", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion", - "s3-object-lambda:versionid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/dev/setting-repl-config-perm-overview.html" - }, - "ListBucket": { - "privilege": "ListBucket", - "description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)", - "access_level": "List", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html" - }, - "ListBucketMultipartUploads": { - "privilege": "ListBucketMultipartUploads", - "description": "Grants permission to list in-progress multipart uploads", - "access_level": "List", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html" - }, - "ListBucketVersions": { - "privilege": "ListBucketVersions", - "description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket", - "access_level": "List", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectVersions.html" - }, - "ListMultipartUploadParts": { - "privilege": "ListMultipartUploadParts", - "description": "Grants permission to list the parts that have been uploaded for a specific multipart upload", - "access_level": "List", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html" - }, - "PutObject": { - "privilege": "PutObject", - "description": "Grants permission to add an object to a bucket", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" - }, - "PutObjectAcl": { - "privilege": "PutObjectAcl", - "description": "Grants permission to set the access control list (ACL) permissions for new or existing objects in an S3 bucket.", - "access_level": "Permissions management", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" - }, - "PutObjectLegalHold": { - "privilege": "PutObjectLegalHold", - "description": "Grants permission to apply a Legal Hold configuration to the specified object", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLegalHold.html" - }, - "PutObjectRetention": { - "privilege": "PutObjectRetention", - "description": "Grants permission to place an Object Retention configuration on an object", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectRetention.html" - }, - "PutObjectTagging": { - "privilege": "PutObjectTagging", - "description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket", - "access_level": "Tagging", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" - }, - "PutObjectVersionAcl": { - "privilege": "PutObjectVersionAcl", - "description": "Grants permission to use the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket", - "access_level": "Permissions management", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion", - "s3-object-lambda:versionid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" - }, - "PutObjectVersionTagging": { - "privilege": "PutObjectVersionTagging", - "description": "Grants permission to set the supplied tag-set for a specific version of an object", - "access_level": "Tagging", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion", - "s3-object-lambda:versionid" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" - }, - "RestoreObject": { - "privilege": "RestoreObject", - "description": "Grants permission to restore an archived copy of an object back into Amazon S3", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html" - }, - "WriteGetObjectResponse": { - "privilege": "WriteGetObjectResponse", - "description": "Grants permission to provide data for GetObject requests send to S3 Object Lambda", - "access_level": "Write", - "resource_types": { - "objectlambdaaccesspoint": { - "resource_type": "objectlambdaaccesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-object-lambda:authType", - "s3-object-lambda:signatureAge", - "s3-object-lambda:TlsVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_WriteGetObjectResponse.html" - } - }, - "resources": { - "objectlambdaaccesspoint": { - "resource": "objectlambdaaccesspoint", - "arn": "arn:${Partition}:s3-object-lambda:${Region}:${Account}:accesspoint/${AccessPointName}", - "condition_keys": [] - } - }, - "conditions": { - "s3-object-lambda:TlsVersion": { - "condition": "s3-object-lambda:TlsVersion", - "description": "Filters access by the TLS version used by the client", - "type": "Numeric" - }, - "s3-object-lambda:authType": { - "condition": "s3-object-lambda:authType", - "description": "Filters access by authentication method", - "type": "String" - }, - "s3-object-lambda:signatureAge": { - "condition": "s3-object-lambda:signatureAge", - "description": "Filters access by the age in milliseconds of the request signature", - "type": "Numeric" - }, - "s3-object-lambda:versionid": { - "condition": "s3-object-lambda:versionid", - "description": "Filters access by a specific object version", - "type": "String" - } - } - }, - "s3-outposts": { - "service_name": "Amazon S3 on Outposts", - "prefix": "s3-outposts", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3onoutposts.html", - "privileges": { - "AbortMultipartUpload": { - "privilege": "AbortMultipartUpload", - "description": "Grants permission to abort a multipart upload", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointArn", - "s3-outposts:DataAccessPointAccount", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html" - }, - "CreateAccessPoint": { - "privilege": "CreateAccessPoint", - "description": "Grants permission to create a new access point", - "access_level": "Write", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html" - }, - "CreateBucket": { - "privilege": "CreateBucket", - "description": "Grants permission to create a new bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html" - }, - "CreateEndpoint": { - "privilege": "CreateEndpoint", - "description": "Grants permission to create a new endpoint", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_CreateEndpoint.html" - }, - "DeleteAccessPoint": { - "privilege": "DeleteAccessPoint", - "description": "Grants permission to delete the access point named in the URI", - "access_level": "Write", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointArn", - "s3-outposts:DataAccessPointAccount", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html" - }, - "DeleteAccessPointPolicy": { - "privilege": "DeleteAccessPointPolicy", - "description": "Grants permission to delete the policy on a specified access point", - "access_level": "Permissions management", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointArn", - "s3-outposts:DataAccessPointAccount", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html" - }, - "DeleteBucket": { - "privilege": "DeleteBucket", - "description": "Grants permission to delete the bucket named in the URI", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucket.html" - }, - "DeleteBucketPolicy": { - "privilege": "DeleteBucketPolicy", - "description": "Grants permission to delete the policy on a specified bucket", - "access_level": "Permissions management", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html" - }, - "DeleteEndpoint": { - "privilege": "DeleteEndpoint", - "description": "Grants permission to delete the endpoint named in the URI", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_DeleteEndpoint.html" - }, - "DeleteObject": { - "privilege": "DeleteObject", - "description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" - }, - "DeleteObjectTagging": { - "privilege": "DeleteObjectTagging", - "description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" - }, - "DeleteObjectVersion": { - "privilege": "DeleteObjectVersion", - "description": "Grants permission to remove a specific version of an object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:versionid", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" - }, - "DeleteObjectVersionTagging": { - "privilege": "DeleteObjectVersionTagging", - "description": "Grants permission to remove the entire tag set for a specific version of the object", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:versionid", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" - }, - "GetAccessPoint": { - "privilege": "GetAccessPoint", - "description": "Grants permission to return configuration information about the specified access point", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html" - }, - "GetAccessPointPolicy": { - "privilege": "GetAccessPointPolicy", - "description": "Grants permission to returns the access point policy associated with the specified access point", - "access_level": "Read", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html" - }, - "GetBucket": { - "privilege": "GetBucket", - "description": "Grants permission to return the bucket configuration associated with an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucket.html" - }, - "GetBucketPolicy": { - "privilege": "GetBucketPolicy", - "description": "Grants permission to return the policy of the specified bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketPolicy.html" - }, - "GetBucketTagging": { - "privilege": "GetBucketTagging", - "description": "Grants permission to return the tag set associated with an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketTagging.html" - }, - "GetBucketVersioning": { - "privilege": "GetBucketVersioning", - "description": "Grants permission to return the versioning state of an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html" - }, - "GetLifecycleConfiguration": { - "privilege": "GetLifecycleConfiguration", - "description": "Grants permission to return the lifecycle configuration information set on an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html" - }, - "GetObject": { - "privilege": "GetObject", - "description": "Grants permission to retrieve objects from Amazon S3", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetObjectTagging": { - "privilege": "GetObjectTagging", - "description": "Grants permission to return the tag set of an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html" - }, - "GetObjectVersion": { - "privilege": "GetObjectVersion", - "description": "Grants permission to retrieve a specific version of an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:versionid", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetObjectVersionForReplication": { - "privilege": "GetObjectVersionForReplication", - "description": "Grants permission to replicate both unencrypted objects and objects encrypted with SSE-KMS", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetObjectVersionTagging": { - "privilege": "GetObjectVersionTagging", - "description": "Grants permission to return the tag set for a specific version of the object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:versionid", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" - }, - "GetReplicationConfiguration": { - "privilege": "GetReplicationConfiguration", - "description": "Grants permission to get the replication configuration information set on an Amazon S3 bucket", - "access_level": "Read", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketReplication.html" - }, - "ListAccessPoints": { - "privilege": "ListAccessPoints", - "description": "Grants permission to list access points", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html" - }, - "ListBucket": { - "privilege": "ListBucket", - "description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)", - "access_level": "List", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:delimiter", - "s3-outposts:max-keys", - "s3-outposts:prefix", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html" - }, - "ListBucketMultipartUploads": { - "privilege": "ListBucketMultipartUploads", - "description": "Grants permission to list in-progress multipart uploads", - "access_level": "List", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html" - }, - "ListBucketVersions": { - "privilege": "ListBucketVersions", - "description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket", - "access_level": "List", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:delimiter", - "s3-outposts:max-keys", - "s3-outposts:prefix", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectVersions.html" - }, - "ListEndpoints": { - "privilege": "ListEndpoints", - "description": "Grants permission to list endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListEndpoints.html" - }, - "ListMultipartUploadParts": { - "privilege": "ListMultipartUploadParts", - "description": "Grants permission to list the parts that have been uploaded for a specific multipart upload", - "access_level": "List", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html" - }, - "ListOutpostsWithS3": { - "privilege": "ListOutpostsWithS3", - "description": "Grants permission to list outposts with S3 capacity", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListOutpostsWithS3.html" - }, - "ListRegionalBuckets": { - "privilege": "ListRegionalBuckets", - "description": "Grants permission to list all buckets owned by the authenticated sender of the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListRegionalBuckets.html" - }, - "ListSharedEndpoints": { - "privilege": "ListSharedEndpoints", - "description": "Grants permission to list shared endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListSharedEndpoints.html" - }, - "PutAccessPointPolicy": { - "privilege": "PutAccessPointPolicy", - "description": "Grants permission to associate an access policy with a specified access point", - "access_level": "Permissions management", - "resource_types": { - "accesspoint": { - "resource_type": "accesspoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html" - }, - "PutBucketPolicy": { - "privilege": "PutBucketPolicy", - "description": "Grants permission to add or replace a bucket policy on a bucket", - "access_level": "Permissions management", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketPolicy.html" - }, - "PutBucketTagging": { - "privilege": "PutBucketTagging", - "description": "Grants permission to add a set of tags to an existing Amazon S3 bucket", - "access_level": "Tagging", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketTagging.html" - }, - "PutBucketVersioning": { - "privilege": "PutBucketVersioning", - "description": "Grants permission to set the versioning state of an existing Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html" - }, - "PutLifecycleConfiguration": { - "privilege": "PutLifecycleConfiguration", - "description": "Grants permission to create a new lifecycle configuration for the bucket or replace an existing lifecycle configuration", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html" - }, - "PutObject": { - "privilege": "PutObject", - "description": "Grants permission to add an object to a bucket", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:RequestObjectTag/", - "s3-outposts:RequestObjectTagKeys", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-acl", - "s3-outposts:x-amz-content-sha256", - "s3-outposts:x-amz-copy-source", - "s3-outposts:x-amz-metadata-directive", - "s3-outposts:x-amz-server-side-encryption", - "s3-outposts:x-amz-storage-class" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" - }, - "PutObjectAcl": { - "privilege": "PutObjectAcl", - "description": "Grants permission to set the access control list (ACL) permissions for an object that already exists in a bucket", - "access_level": "Permissions management", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-acl", - "s3-outposts:x-amz-content-sha256", - "s3-outposts:x-amz-storage-class" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" - }, - "PutObjectTagging": { - "privilege": "PutObjectTagging", - "description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:RequestObjectTag/", - "s3-outposts:RequestObjectTagKeys", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" - }, - "PutObjectVersionTagging": { - "privilege": "PutObjectVersionTagging", - "description": "Grants permission to set the supplied tag-set for a specific version of an object", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:DataAccessPointAccount", - "s3-outposts:DataAccessPointArn", - "s3-outposts:AccessPointNetworkOrigin", - "s3-outposts:ExistingObjectTag/", - "s3-outposts:RequestObjectTag/", - "s3-outposts:RequestObjectTagKeys", - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:versionid", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" - }, - "PutReplicationConfiguration": { - "privilege": "PutReplicationConfiguration", - "description": "Grants permission to create a new replication configuration or replace an existing one", - "access_level": "Write", - "resource_types": { - "bucket": { - "resource_type": "bucket", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketReplication.html" - }, - "ReplicateDelete": { - "privilege": "ReplicateDelete", - "description": "Grants permission to replicate delete markers to the destination bucket", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" - }, - "ReplicateObject": { - "privilege": "ReplicateObject", - "description": "Grants permission to replicate objects and object tags to the destination bucket", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256", - "s3-outposts:x-amz-server-side-encryption" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" - }, - "ReplicateTags": { - "privilege": "ReplicateTags", - "description": "Grants permission to replicate object tags to the destination bucket", - "access_level": "Tagging", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "s3-outposts:authType", - "s3-outposts:signatureAge", - "s3-outposts:signatureversion", - "s3-outposts:x-amz-content-sha256" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" - } - }, - "resources": { - "accesspoint": { - "resource": "accesspoint", - "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/accesspoint/${AccessPointName}", - "condition_keys": [] - }, - "bucket": { - "resource": "bucket", - "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/bucket/${BucketName}", - "condition_keys": [] - }, - "endpoint": { - "resource": "endpoint", - "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/endpoint/${EndpointId}", - "condition_keys": [] - }, - "object": { - "resource": "object", - "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/bucket/${BucketName}/object/${ObjectName}", - "condition_keys": [] - } - }, - "conditions": { - "s3-outposts:AccessPointNetworkOrigin": { - "condition": "s3-outposts:AccessPointNetworkOrigin", - "description": "Filters access by the network origin (Internet or VPC)", - "type": "String" - }, - "s3-outposts:DataAccessPointAccount": { - "condition": "s3-outposts:DataAccessPointAccount", - "description": "Filters access by the AWS Account ID that owns the access point", - "type": "String" - }, - "s3-outposts:DataAccessPointArn": { - "condition": "s3-outposts:DataAccessPointArn", - "description": "Filters access by an access point Amazon Resource Name (ARN)", - "type": "String" - }, - "s3-outposts:ExistingObjectTag/": { - "condition": "s3-outposts:ExistingObjectTag/", - "description": "Filters access by requiring that an existing object tag has a specific tag key and value", - "type": "String" - }, - "s3-outposts:RequestObjectTag/": { - "condition": "s3-outposts:RequestObjectTag/", - "description": "Filters access by restricting the tag keys and values allowed on objects", - "type": "String" - }, - "s3-outposts:RequestObjectTagKeys": { - "condition": "s3-outposts:RequestObjectTagKeys", - "description": "Filters access by restricting the tag keys allowed on objects", - "type": "String" - }, - "s3-outposts:authType": { - "condition": "s3-outposts:authType", - "description": "Filters access by restricting incoming requests to a specific authentication method", - "type": "String" - }, - "s3-outposts:delimiter": { - "condition": "s3-outposts:delimiter", - "description": "Filters access by requiring the delimiter parameter", - "type": "String" - }, - "s3-outposts:max-keys": { - "condition": "s3-outposts:max-keys", - "description": "Filters access by limiting the maximum number of keys returned in a ListBucket request", - "type": "Numeric" - }, - "s3-outposts:prefix": { - "condition": "s3-outposts:prefix", - "description": "Filters access by key name prefix", - "type": "String" - }, - "s3-outposts:signatureAge": { - "condition": "s3-outposts:signatureAge", - "description": "Filters access by identifying the length of time, in milliseconds, that a signature is valid in an authenticated request", - "type": "Numeric" - }, - "s3-outposts:signatureversion": { - "condition": "s3-outposts:signatureversion", - "description": "Filters access by identifying the version of AWS Signature that is supported for authenticated requests", - "type": "String" - }, - "s3-outposts:versionid": { - "condition": "s3-outposts:versionid", - "description": "Filters access by a specific object version", - "type": "String" - }, - "s3-outposts:x-amz-acl": { - "condition": "s3-outposts:x-amz-acl", - "description": "Filters access by requiring the x-amz-acl header with a specific canned ACL in a request", - "type": "String" - }, - "s3-outposts:x-amz-content-sha256": { - "condition": "s3-outposts:x-amz-content-sha256", - "description": "Filters access by disallowing unsigned content in your bucket", - "type": "String" - }, - "s3-outposts:x-amz-copy-source": { - "condition": "s3-outposts:x-amz-copy-source", - "description": "Filters access by restricting the copy source to a specific bucket, prefix, or object", - "type": "String" - }, - "s3-outposts:x-amz-metadata-directive": { - "condition": "s3-outposts:x-amz-metadata-directive", - "description": "Filters access by enabling enforcement of object metadata behavior (COPY or REPLACE) when objects are copied", - "type": "String" - }, - "s3-outposts:x-amz-server-side-encryption": { - "condition": "s3-outposts:x-amz-server-side-encryption", - "description": "Filters access by requiring server-side encryption", - "type": "String" - }, - "s3-outposts:x-amz-storage-class": { - "condition": "s3-outposts:x-amz-storage-class", - "description": "Filters access by storage class", - "type": "String" - } - } - }, - "sagemaker": { - "service_name": "Amazon SageMaker", - "prefix": "sagemaker", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html", - "privileges": { - "AddAssociation": { - "privilege": "AddAssociation", - "description": "Grants permission to associate a lineage entity (artifact, context, action, experiment, experiment-trial-component) to each other", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "artifact": { - "resource_type": "artifact", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "context": { - "resource_type": "context", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddAssociation.html" - }, - "AddTags": { - "privilege": "AddTags", - "description": "Grants permission to add or overwrite one or more tags for the specified Amazon SageMaker resource", - "access_level": "Tagging", - "resource_types": { - "action": { - "resource_type": "action", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "algorithm": { - "resource_type": "algorithm", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "app": { - "resource_type": "app", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "app-image-config": { - "resource_type": "app-image-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "artifact": { - "resource_type": "artifact", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "automl-job": { - "resource_type": "automl-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "code-repository": { - "resource_type": "code-repository", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "compilation-job": { - "resource_type": "compilation-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "context": { - "resource_type": "context", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "data-quality-job-definition": { - "resource_type": "data-quality-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "device-fleet": { - "resource_type": "device-fleet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "edge-packaging-job": { - "resource_type": "edge-packaging-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "endpoint-config": { - "resource_type": "endpoint-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial": { - "resource_type": "experiment-trial", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "feature-group": { - "resource_type": "feature-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "flow-definition": { - "resource_type": "flow-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "human-task-ui": { - "resource_type": "human-task-ui", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "hyper-parameter-tuning-job": { - "resource_type": "hyper-parameter-tuning-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "inference-recommendations-job": { - "resource_type": "inference-recommendations-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "labeling-job": { - "resource_type": "labeling-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-bias-job-definition": { - "resource_type": "model-bias-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-card": { - "resource_type": "model-card", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-explainability-job-definition": { - "resource_type": "model-explainability-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-package": { - "resource_type": "model-package", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-package-group": { - "resource_type": "model-package-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-quality-job-definition": { - "resource_type": "model-quality-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "notebook-instance": { - "resource_type": "notebook-instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "processing-job": { - "resource_type": "processing-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "studio-lifecycle-config": { - "resource_type": "studio-lifecycle-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "training-job": { - "resource_type": "training-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transform-job": { - "resource_type": "transform-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "user-profile": { - "resource_type": "user-profile", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "workteam": { - "resource_type": "workteam", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:TaggingAction" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html" - }, - "AssociateTrialComponent": { - "privilege": "AssociateTrialComponent", - "description": "Grants permission to associate a trial component with a trial", - "access_level": "Write", - "resource_types": { - "experiment-trial": { - "resource_type": "experiment-trial", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AssociateTrialComponent.html" - }, - "BatchDescribeModelPackage": { - "privilege": "BatchDescribeModelPackage", - "description": "Grants permission to describe one or more ModelPackages", - "access_level": "Read", - "resource_types": { - "model-package": { - "resource_type": "model-package", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_BatchDescribeModelPackage.html" - }, - "BatchGetMetrics": { - "privilege": "BatchGetMetrics", - "description": "Grants permission to retrieve metrics associated with SageMaker Resources such as Training Jobs or Trial Components. This API is not publicly exposed at this point, however admins can control this action", - "access_level": "Read", - "resource_types": { - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "training-job": { - "resource_type": "training-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/" - }, - "BatchGetRecord": { - "privilege": "BatchGetRecord", - "description": "Grants permission to get a batch of records from one or more feature groups", - "access_level": "Read", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_BatchGetRecord.html" - }, - "BatchPutMetrics": { - "privilege": "BatchPutMetrics", - "description": "Grants permission to publish metrics associated with a SageMaker Resource such as a Training Job or Trial Component", - "access_level": "Write", - "resource_types": { - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "training-job": { - "resource_type": "training-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/" - }, - "CreateAction": { - "privilege": "CreateAction", - "description": "Grants permission to create an action", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAction.html" - }, - "CreateAlgorithm": { - "privilege": "CreateAlgorithm", - "description": "Grants permission to create an algorithm", - "access_level": "Write", - "resource_types": { - "algorithm": { - "resource_type": "algorithm", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAlgorithm.html" - }, - "CreateApp": { - "privilege": "CreateApp", - "description": "Grants permission to create an App for a SageMaker UserProfile or Space", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:ImageArns", - "sagemaker:ImageVersionArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateApp.html" - }, - "CreateAppImageConfig": { - "privilege": "CreateAppImageConfig", - "description": "Grants permission to create an AppImageConfig", - "access_level": "Write", - "resource_types": { - "app-image-config": { - "resource_type": "app-image-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAppImageConfig.html" - }, - "CreateArtifact": { - "privilege": "CreateArtifact", - "description": "Grants permission to create an artifact", - "access_level": "Write", - "resource_types": { - "artifact": { - "resource_type": "artifact", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateArtifact.html" - }, - "CreateAutoMLJob": { - "privilege": "CreateAutoMLJob", - "description": "Grants permission to create an AutoML job", - "access_level": "Write", - "resource_types": { - "automl-job": { - "resource_type": "automl-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJob.html" - }, - "CreateAutoMLJobV2": { - "privilege": "CreateAutoMLJobV2", - "description": "Grants permission to create a V2 AutoML job", - "access_level": "Write", - "resource_types": { - "automl-job": { - "resource_type": "automl-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJobV2.html" - }, - "CreateCodeRepository": { - "privilege": "CreateCodeRepository", - "description": "Grants permission to create a CodeRepository", - "access_level": "Write", - "resource_types": { - "code-repository": { - "resource_type": "code-repository", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateCodeRepository.html" - }, - "CreateCompilationJob": { - "privilege": "CreateCompilationJob", - "description": "Grants permission to create a compilation job", - "access_level": "Write", - "resource_types": { - "compilation-job": { - "resource_type": "compilation-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateCompilationJob.html" - }, - "CreateContext": { - "privilege": "CreateContext", - "description": "Grants permission to create a context", - "access_level": "Write", - "resource_types": { - "context": { - "resource_type": "context", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateContext.html" - }, - "CreateDataQualityJobDefinition": { - "privilege": "CreateDataQualityJobDefinition", - "description": "Grants permission to create a data quality job definition", - "access_level": "Write", - "resource_types": { - "data-quality-job-definition": { - "resource_type": "data-quality-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDataQualityJobDefinition.html" - }, - "CreateDeviceFleet": { - "privilege": "CreateDeviceFleet", - "description": "Grants permission to create a device fleet", - "access_level": "Write", - "resource_types": { - "device-fleet": { - "resource_type": "device-fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDeviceFleet.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Grants permission to create a Domain for SageMaker Studio", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:AppNetworkAccessType", - "sagemaker:InstanceTypes", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets", - "sagemaker:DomainSharingOutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:ImageArns", - "sagemaker:ImageVersionArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDomain.html" - }, - "CreateEdgeDeploymentPlan": { - "privilege": "CreateEdgeDeploymentPlan", - "description": "Grants permission to create an edge deployment plan", - "access_level": "Write", - "resource_types": { - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEdgeDeploymentPlan.html" - }, - "CreateEdgeDeploymentStage": { - "privilege": "CreateEdgeDeploymentStage", - "description": "Grants permission to create an edge deployment stage", - "access_level": "Write", - "resource_types": { - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEdgeDeploymentStage.html" - }, - "CreateEdgePackagingJob": { - "privilege": "CreateEdgePackagingJob", - "description": "Grants permission to create an edge packaging job", - "access_level": "Write", - "resource_types": { - "edge-packaging-job": { - "resource_type": "edge-packaging-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEdgePackagingJob.html" - }, - "CreateEndpoint": { - "privilege": "CreateEndpoint", - "description": "Grants permission to create an endpoint using the endpoint configuration specified in the request", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpoint.html" - }, - "CreateEndpointConfig": { - "privilege": "CreateEndpointConfig", - "description": "Grants permission to create an endpoint configuration that can be deployed using Amazon SageMaker hosting services", - "access_level": "Write", - "resource_types": { - "endpoint-config": { - "resource_type": "endpoint-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:AcceleratorTypes", - "sagemaker:InstanceTypes", - "sagemaker:ModelArn", - "sagemaker:VolumeKmsKey", - "sagemaker:ServerlessMaxConcurrency", - "sagemaker:ServerlessMemorySize" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpointConfig.html" - }, - "CreateExperiment": { - "privilege": "CreateExperiment", - "description": "Grants permission to create an experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateExperiment.html" - }, - "CreateFeatureGroup": { - "privilege": "CreateFeatureGroup", - "description": "Grants permission to create a feature group", - "access_level": "Write", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:FeatureGroupOnlineStoreKmsKey", - "sagemaker:FeatureGroupOfflineStoreKmsKey", - "sagemaker:FeatureGroupOfflineStoreS3Uri", - "sagemaker:FeatureGroupEnableOnlineStore", - "sagemaker:FeatureGroupOfflineStoreConfig", - "sagemaker:FeatureGroupDisableGlueTableCreation" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFeatureGroup.html" - }, - "CreateFlowDefinition": { - "privilege": "CreateFlowDefinition", - "description": "Grants permission to create a flow definition, which defines settings for a human workflow", - "access_level": "Write", - "resource_types": { - "flow-definition": { - "resource_type": "flow-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:WorkteamArn", - "sagemaker:WorkteamType", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFlowDefinition.html" - }, - "CreateHub": { - "privilege": "CreateHub", - "description": "Grants permission to create a hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHub.html" - }, - "CreateHumanTaskUi": { - "privilege": "CreateHumanTaskUi", - "description": "Grants permission to define the settings you will use for the human review workflow user interface", - "access_level": "Write", - "resource_types": { - "human-task-ui": { - "resource_type": "human-task-ui", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHumanTaskUi.html" - }, - "CreateHyperParameterTuningJob": { - "privilege": "CreateHyperParameterTuningJob", - "description": "Grants permission to create a hyper parameter tuning job that can be deployed using Amazon SageMaker", - "access_level": "Write", - "resource_types": { - "hyper-parameter-tuning-job": { - "resource_type": "hyper-parameter-tuning-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:FileSystemAccessMode", - "sagemaker:FileSystemDirectoryPath", - "sagemaker:FileSystemId", - "sagemaker:FileSystemType", - "sagemaker:InstanceTypes", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html" - }, - "CreateImage": { - "privilege": "CreateImage", - "description": "Grants permission to create a SageMaker Image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImage.html" - }, - "CreateImageVersion": { - "privilege": "CreateImageVersion", - "description": "Grants permission to create a SageMaker ImageVersion", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImageVersion.html" - }, - "CreateInferenceExperiment": { - "privilege": "CreateInferenceExperiment", - "description": "Grants permission to create an inference experiment", - "access_level": "Write", - "resource_types": { - "inference-experiment": { - "resource_type": "inference-experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceExperiment.html" - }, - "CreateInferenceRecommendationsJob": { - "privilege": "CreateInferenceRecommendationsJob", - "description": "Grants permission to create an inference recommendations job", - "access_level": "Write", - "resource_types": { - "inference-recommendations-job": { - "resource_type": "inference-recommendations-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html" - }, - "CreateLabelingJob": { - "privilege": "CreateLabelingJob", - "description": "Grants permission to start a labeling job. A labeling job takes unlabeled data in and produces labeled data as output, which can be used for training SageMaker models", - "access_level": "Write", - "resource_types": { - "labeling-job": { - "resource_type": "labeling-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:WorkteamArn", - "sagemaker:WorkteamType", - "sagemaker:VolumeKmsKey", - "sagemaker:OutputKmsKey", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html" - }, - "CreateLineageGroupPolicy": { - "privilege": "CreateLineageGroupPolicy", - "description": "Grants permission to create a lineage group policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/Welcome.html" - }, - "CreateModel": { - "privilege": "CreateModel", - "description": "Grants permission to create a model in Amazon SageMaker. In the request, you specify a name for the model and describe one or more containers", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:NetworkIsolation", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html" - }, - "CreateModelBiasJobDefinition": { - "privilege": "CreateModelBiasJobDefinition", - "description": "Grants permission to create a model bias job definition", - "access_level": "Write", - "resource_types": { - "model-bias-job-definition": { - "resource_type": "model-bias-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelBiasJobDefinition.html" - }, - "CreateModelCard": { - "privilege": "CreateModelCard", - "description": "Grants permission to create a model card", - "access_level": "Write", - "resource_types": { - "model-card": { - "resource_type": "model-card", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelCard.html" - }, - "CreateModelCardExportJob": { - "privilege": "CreateModelCardExportJob", - "description": "Grants permission to create an export job for a model card", - "access_level": "Write", - "resource_types": { - "model-card": { - "resource_type": "model-card", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelCardExportJob.html" - }, - "CreateModelExplainabilityJobDefinition": { - "privilege": "CreateModelExplainabilityJobDefinition", - "description": "Grants permission to create a model explainability job definition", - "access_level": "Write", - "resource_types": { - "model-explainability-job-definition": { - "resource_type": "model-explainability-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelExplainabilityJobDefinition.html" - }, - "CreateModelPackage": { - "privilege": "CreateModelPackage", - "description": "Grants permission to create a ModelPackage", - "access_level": "Write", - "resource_types": { - "model-package": { - "resource_type": "model-package", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "model-package-group": { - "resource_type": "model-package-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:ModelApprovalStatus", - "sagemaker:CustomerMetadataProperties/${MetadataKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackage.html" - }, - "CreateModelPackageGroup": { - "privilege": "CreateModelPackageGroup", - "description": "Grants permission to create a ModelPackageGroup", - "access_level": "Write", - "resource_types": { - "model-package-group": { - "resource_type": "model-package-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackageGroup.html" - }, - "CreateModelQualityJobDefinition": { - "privilege": "CreateModelQualityJobDefinition", - "description": "Grants permission to create a model quality job definition", - "access_level": "Write", - "resource_types": { - "model-quality-job-definition": { - "resource_type": "model-quality-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelQualityJobDefinition.html" - }, - "CreateMonitoringSchedule": { - "privilege": "CreateMonitoringSchedule", - "description": "Grants permission to create a monitoring schedule", - "access_level": "Write", - "resource_types": { - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateMonitoringSchedule.html" - }, - "CreateNotebookInstance": { - "privilege": "CreateNotebookInstance", - "description": "Grants permission to create an Amazon SageMaker notebook instance. A notebook instance is an Amazon EC2 instance running on a Jupyter Notebook", - "access_level": "Write", - "resource_types": { - "notebook-instance": { - "resource_type": "notebook-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:AcceleratorTypes", - "sagemaker:DirectInternetAccess", - "sagemaker:InstanceTypes", - "sagemaker:MinimumInstanceMetadataServiceVersion", - "sagemaker:RootAccess", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html" - }, - "CreateNotebookInstanceLifecycleConfig": { - "privilege": "CreateNotebookInstanceLifecycleConfig", - "description": "Grants permission to create a notebook instance lifecycle configuration that can be deployed using Amazon SageMaker", - "access_level": "Write", - "resource_types": { - "notebook-instance-lifecycle-config": { - "resource_type": "notebook-instance-lifecycle-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstanceLifecycleConfig.html" - }, - "CreatePipeline": { - "privilege": "CreatePipeline", - "description": "Grants permission to create a pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePipeline.html" - }, - "CreatePresignedDomainUrl": { - "privilege": "CreatePresignedDomainUrl", - "description": "Grants permission to return a URL that you can use from your browser to connect to the Domain as a specified UserProfile when AuthMode is 'IAM'", - "access_level": "Write", - "resource_types": { - "user-profile": { - "resource_type": "user-profile", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedDomainUrl.html" - }, - "CreatePresignedNotebookInstanceUrl": { - "privilege": "CreatePresignedNotebookInstanceUrl", - "description": "Grants permission to create a URL that you can use from your browser to connect to the Notebook Instance", - "access_level": "Write", - "resource_types": { - "notebook-instance": { - "resource_type": "notebook-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html" - }, - "CreateProcessingJob": { - "privilege": "CreateProcessingJob", - "description": "Grants permission to start a processing job. After processing completes, Amazon SageMaker saves the resulting artifacts and other optional output to an Amazon S3 location that you specify", - "access_level": "Write", - "resource_types": { - "processing-job": { - "resource_type": "processing-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets", - "sagemaker:InterContainerTrafficEncryption" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a Project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProject.html" - }, - "CreateSharedModel": { - "privilege": "CreateSharedModel", - "description": "Grants permission to create a shared model in a SageMaker Studio application", - "access_level": "Write", - "resource_types": { - "shared-model": { - "resource_type": "shared-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" - }, - "CreateSpace": { - "privilege": "CreateSpace", - "description": "Grants permission to create a Space for a SageMaker Domain", - "access_level": "Write", - "resource_types": { - "space": { - "resource_type": "space", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:ImageArns", - "sagemaker:ImageVersionArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateSpace.html" - }, - "CreateStudioLifecycleConfig": { - "privilege": "CreateStudioLifecycleConfig", - "description": "Grants permission to create a Studio Lifecycle Configuration that can be deployed using Amazon SageMaker", - "access_level": "Write", - "resource_types": { - "studio-lifecycle-config": { - "resource_type": "studio-lifecycle-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateStudioLifecycleConfig.html" - }, - "CreateTrainingJob": { - "privilege": "CreateTrainingJob", - "description": "Grants permission to start a model training job. After training completes, Amazon SageMaker saves the resulting model artifacts and other optional output to an Amazon S3 location that you specify", - "access_level": "Write", - "resource_types": { - "training-job": { - "resource_type": "training-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:FileSystemAccessMode", - "sagemaker:FileSystemDirectoryPath", - "sagemaker:FileSystemId", - "sagemaker:FileSystemType", - "sagemaker:InstanceTypes", - "sagemaker:InterContainerTrafficEncryption", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets", - "sagemaker:KeepAlivePeriod" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html" - }, - "CreateTransformJob": { - "privilege": "CreateTransformJob", - "description": "Grants permission to start a transform job. After the results are obtained, Amazon SageMaker saves them to an Amazon S3 location that you specify", - "access_level": "Write", - "resource_types": { - "transform-job": { - "resource_type": "transform-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:ModelArn", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html" - }, - "CreateTrial": { - "privilege": "CreateTrial", - "description": "Grants permission to create a trial", - "access_level": "Write", - "resource_types": { - "experiment-trial": { - "resource_type": "experiment-trial", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrial.html" - }, - "CreateTrialComponent": { - "privilege": "CreateTrialComponent", - "description": "Grants permission to create a trial component", - "access_level": "Write", - "resource_types": { - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrialComponent.html" - }, - "CreateUserProfile": { - "privilege": "CreateUserProfile", - "description": "Grants permission to create a UserProfile for a SageMaker Domain", - "access_level": "Write", - "resource_types": { - "user-profile": { - "resource_type": "user-profile", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:InstanceTypes", - "sagemaker:DomainSharingOutputKmsKey", - "sagemaker:ImageArns", - "sagemaker:ImageVersionArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateUserProfile.html" - }, - "CreateWorkforce": { - "privilege": "CreateWorkforce", - "description": "Grants permission to create a workforce", - "access_level": "Write", - "resource_types": { - "workforce": { - "resource_type": "workforce", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkforce.html" - }, - "CreateWorkteam": { - "privilege": "CreateWorkteam", - "description": "Grants permission to create a workteam", - "access_level": "Write", - "resource_types": { - "workteam": { - "resource_type": "workteam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkteam.html" - }, - "DeleteAction": { - "privilege": "DeleteAction", - "description": "Grants permission to delete an action", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAction.html" - }, - "DeleteAlgorithm": { - "privilege": "DeleteAlgorithm", - "description": "Grants permission to delete an algorithm", - "access_level": "Write", - "resource_types": { - "algorithm": { - "resource_type": "algorithm", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAlgorithm.html" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Grants permission to delete an App", - "access_level": "Write", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteApp.html" - }, - "DeleteAppImageConfig": { - "privilege": "DeleteAppImageConfig", - "description": "Grants permission to delete an AppImageConfig", - "access_level": "Write", - "resource_types": { - "app-image-config": { - "resource_type": "app-image-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAppImageConfig.html" - }, - "DeleteArtifact": { - "privilege": "DeleteArtifact", - "description": "Grants permission to delete an artifact", - "access_level": "Write", - "resource_types": { - "artifact": { - "resource_type": "artifact", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteArtifact.html" - }, - "DeleteAssociation": { - "privilege": "DeleteAssociation", - "description": "Grants permission to delete the association from a lineage entity (artifact, context, action, experiment, experiment-trial-component) to another", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "artifact": { - "resource_type": "artifact", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "context": { - "resource_type": "context", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAssociation.html" - }, - "DeleteCodeRepository": { - "privilege": "DeleteCodeRepository", - "description": "Grants permission to delete a CodeRepository", - "access_level": "Write", - "resource_types": { - "code-repository": { - "resource_type": "code-repository", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteCodeRepository.html" - }, - "DeleteContext": { - "privilege": "DeleteContext", - "description": "Grants permission to delete a context", - "access_level": "Write", - "resource_types": { - "context": { - "resource_type": "context", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteContext.html" - }, - "DeleteDataQualityJobDefinition": { - "privilege": "DeleteDataQualityJobDefinition", - "description": "Grants permission to delete the data quality job definition created using the CreateDataQualityJobDefinition API", - "access_level": "Write", - "resource_types": { - "data-quality-job-definition": { - "resource_type": "data-quality-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDataQualityJobDefinition.html" - }, - "DeleteDeviceFleet": { - "privilege": "DeleteDeviceFleet", - "description": "Grants permission to delete a device fleet", - "access_level": "Write", - "resource_types": { - "device-fleet": { - "resource_type": "device-fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDeviceFleet.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete a Domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDomain.html" - }, - "DeleteEdgeDeploymentPlan": { - "privilege": "DeleteEdgeDeploymentPlan", - "description": "Grants permission to delete an edge deployment plan", - "access_level": "Write", - "resource_types": { - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEdgeDeploymentPlan.html" - }, - "DeleteEdgeDeploymentStage": { - "privilege": "DeleteEdgeDeploymentStage", - "description": "Grants permission to delete an edge deployment stage", - "access_level": "Write", - "resource_types": { - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEdgeDeploymentStage.html" - }, - "DeleteEndpoint": { - "privilege": "DeleteEndpoint", - "description": "Grants permission to delete an endpoint. Amazon SageMaker frees up all the resources that were deployed when the endpoint was created", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html" - }, - "DeleteEndpointConfig": { - "privilege": "DeleteEndpointConfig", - "description": "Grants permission to delete the endpoint configuration created using the CreateEndpointConfig API. The DeleteEndpointConfig API deletes only the specified configuration. It does not delete any endpoints created using the configuration", - "access_level": "Write", - "resource_types": { - "endpoint-config": { - "resource_type": "endpoint-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpointConfig.html" - }, - "DeleteExperiment": { - "privilege": "DeleteExperiment", - "description": "Grants permission to delete an experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteExperiment.html" - }, - "DeleteFeatureGroup": { - "privilege": "DeleteFeatureGroup", - "description": "Grants permission to delete a feature group", - "access_level": "Write", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteFeatureGroup.html" - }, - "DeleteFlowDefinition": { - "privilege": "DeleteFlowDefinition", - "description": "Grants permission to delete the specified flow definition", - "access_level": "Write", - "resource_types": { - "flow-definition": { - "resource_type": "flow-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteFlowDefinition.html" - }, - "DeleteHub": { - "privilege": "DeleteHub", - "description": "Grants permission to delete hubs", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHub.html" - }, - "DeleteHubContent": { - "privilege": "DeleteHubContent", - "description": "Grants permission to delete hub content", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "hub-content": { - "resource_type": "hub-content", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHubContent.html" - }, - "DeleteHumanLoop": { - "privilege": "DeleteHumanLoop", - "description": "Grants permission to delete a specified human loop", - "access_level": "Write", - "resource_types": { - "human-loop": { - "resource_type": "human-loop", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHumanLoop.html" - }, - "DeleteHumanTaskUi": { - "privilege": "DeleteHumanTaskUi", - "description": "Grants permission to delete the specified human task user interface (worker task template)", - "access_level": "Write", - "resource_types": { - "human-task-ui": { - "resource_type": "human-task-ui", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHumanTaskUi.html" - }, - "DeleteImage": { - "privilege": "DeleteImage", - "description": "Grants permission to delete a SageMaker Image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImage.html" - }, - "DeleteImageVersion": { - "privilege": "DeleteImageVersion", - "description": "Grants permission to delete a SageMaker ImageVersion", - "access_level": "Write", - "resource_types": { - "image-version": { - "resource_type": "image-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImageVersion.html" - }, - "DeleteInferenceExperiment": { - "privilege": "DeleteInferenceExperiment", - "description": "Grants permission to delete an inference experiment", - "access_level": "Write", - "resource_types": { - "inference-experiment": { - "resource_type": "inference-experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteInferenceExperiment.html" - }, - "DeleteLineageGroupPolicy": { - "privilege": "DeleteLineageGroupPolicy", - "description": "Grants permission to delete a lineage group policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/Welcome.html" - }, - "DeleteModel": { - "privilege": "DeleteModel", - "description": "Grants permission to delete a model created using the CreateModel API. The DeleteModel API deletes only the model entry in Amazon SageMaker that you created by calling the CreateModel API. It does not delete model artifacts, inference code, or the IAM role that you specified when creating the model", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModel.html" - }, - "DeleteModelBiasJobDefinition": { - "privilege": "DeleteModelBiasJobDefinition", - "description": "Grants permission to delete the model bias job definition created using the CreateModelBiasJobDefinition API", - "access_level": "Write", - "resource_types": { - "model-bias-job-definition": { - "resource_type": "model-bias-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelBiasJobDefinition.html" - }, - "DeleteModelCard": { - "privilege": "DeleteModelCard", - "description": "Grants permission to delete a model card", - "access_level": "Write", - "resource_types": { - "model-card": { - "resource_type": "model-card", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelCard.html" - }, - "DeleteModelExplainabilityJobDefinition": { - "privilege": "DeleteModelExplainabilityJobDefinition", - "description": "Grants permission to delete the model explainability job definition created using the CreateModelExplainabilityJobDefinition API", - "access_level": "Write", - "resource_types": { - "model-explainability-job-definition": { - "resource_type": "model-explainability-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelExplainabilityJobDefinition.html" - }, - "DeleteModelPackage": { - "privilege": "DeleteModelPackage", - "description": "Grants permission to delete a ModelPackage", - "access_level": "Write", - "resource_types": { - "model-package": { - "resource_type": "model-package", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackage.html" - }, - "DeleteModelPackageGroup": { - "privilege": "DeleteModelPackageGroup", - "description": "Grants permission to delete a ModelPackageGroup", - "access_level": "Write", - "resource_types": { - "model-package-group": { - "resource_type": "model-package-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroup.html" - }, - "DeleteModelPackageGroupPolicy": { - "privilege": "DeleteModelPackageGroupPolicy", - "description": "Grants permission to delete a ModelPackageGroup policy", - "access_level": "Write", - "resource_types": { - "model-package-group": { - "resource_type": "model-package-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroupPolicy.html" - }, - "DeleteModelQualityJobDefinition": { - "privilege": "DeleteModelQualityJobDefinition", - "description": "Grants permission to delete the model quality job definition created using the CreateModelQualityJobDefinition API", - "access_level": "Write", - "resource_types": { - "model-quality-job-definition": { - "resource_type": "model-quality-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelQualityJobDefinition.html" - }, - "DeleteMonitoringSchedule": { - "privilege": "DeleteMonitoringSchedule", - "description": "Grants permission to delete a monitoring schedule", - "access_level": "Write", - "resource_types": { - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteMonitoringSchedule.html" - }, - "DeleteNotebookInstance": { - "privilege": "DeleteNotebookInstance", - "description": "Grants permission to delete a Amazon SageMaker notebook instance. Before you can delete a notebook instance, you must call the StopNotebookInstance API", - "access_level": "Write", - "resource_types": { - "notebook-instance": { - "resource_type": "notebook-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteNotebookInstance.html" - }, - "DeleteNotebookInstanceLifecycleConfig": { - "privilege": "DeleteNotebookInstanceLifecycleConfig", - "description": "Grants permission to delete a notebook instance lifecycle configuration", - "access_level": "Write", - "resource_types": { - "notebook-instance-lifecycle-config": { - "resource_type": "notebook-instance-lifecycle-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteNotebookInstanceLifecycleConfig.html" - }, - "DeletePipeline": { - "privilege": "DeletePipeline", - "description": "Grants permission to delete a pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeletePipeline.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteProject.html" - }, - "DeleteRecord": { - "privilege": "DeleteRecord", - "description": "Grants permission to delete a record from a feature group", - "access_level": "Write", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html" - }, - "DeleteSpace": { - "privilege": "DeleteSpace", - "description": "Grants permission to delete a Space", - "access_level": "Write", - "resource_types": { - "space": { - "resource_type": "space", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteSpace.html" - }, - "DeleteStudioLifecycleConfig": { - "privilege": "DeleteStudioLifecycleConfig", - "description": "Grants permission to delete a Studio Lifecycle Configuration", - "access_level": "Write", - "resource_types": { - "studio-lifecycle-config": { - "resource_type": "studio-lifecycle-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteStudioLifecycleConfig.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete the specified set of tags from an Amazon SageMaker resource", - "access_level": "Tagging", - "resource_types": { - "action": { - "resource_type": "action", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "algorithm": { - "resource_type": "algorithm", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "app": { - "resource_type": "app", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "app-image-config": { - "resource_type": "app-image-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "artifact": { - "resource_type": "artifact", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "automl-job": { - "resource_type": "automl-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "code-repository": { - "resource_type": "code-repository", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "compilation-job": { - "resource_type": "compilation-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "context": { - "resource_type": "context", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "data-quality-job-definition": { - "resource_type": "data-quality-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "device-fleet": { - "resource_type": "device-fleet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "edge-packaging-job": { - "resource_type": "edge-packaging-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "endpoint-config": { - "resource_type": "endpoint-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial": { - "resource_type": "experiment-trial", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "feature-group": { - "resource_type": "feature-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "flow-definition": { - "resource_type": "flow-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "human-task-ui": { - "resource_type": "human-task-ui", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "hyper-parameter-tuning-job": { - "resource_type": "hyper-parameter-tuning-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "inference-recommendations-job": { - "resource_type": "inference-recommendations-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "labeling-job": { - "resource_type": "labeling-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-bias-job-definition": { - "resource_type": "model-bias-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-card": { - "resource_type": "model-card", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-explainability-job-definition": { - "resource_type": "model-explainability-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-package": { - "resource_type": "model-package", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-package-group": { - "resource_type": "model-package-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-quality-job-definition": { - "resource_type": "model-quality-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "notebook-instance": { - "resource_type": "notebook-instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "processing-job": { - "resource_type": "processing-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "studio-lifecycle-config": { - "resource_type": "studio-lifecycle-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "training-job": { - "resource_type": "training-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transform-job": { - "resource_type": "transform-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "user-profile": { - "resource_type": "user-profile", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "workteam": { - "resource_type": "workteam", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTags.html" - }, - "DeleteTrial": { - "privilege": "DeleteTrial", - "description": "Grants permission to delete a trial", - "access_level": "Write", - "resource_types": { - "experiment-trial": { - "resource_type": "experiment-trial", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTrial.html" - }, - "DeleteTrialComponent": { - "privilege": "DeleteTrialComponent", - "description": "Grants permission to delete a trial component", - "access_level": "Write", - "resource_types": { - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTrialComponent.html" - }, - "DeleteUserProfile": { - "privilege": "DeleteUserProfile", - "description": "Grants permission to delete a UserProfile", - "access_level": "Write", - "resource_types": { - "user-profile": { - "resource_type": "user-profile", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteUserProfile.html" - }, - "DeleteWorkforce": { - "privilege": "DeleteWorkforce", - "description": "Grants permission to delete a workforce", - "access_level": "Write", - "resource_types": { - "workforce": { - "resource_type": "workforce", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkforce.html" - }, - "DeleteWorkteam": { - "privilege": "DeleteWorkteam", - "description": "Grants permission to delete a workteam", - "access_level": "Write", - "resource_types": { - "workteam": { - "resource_type": "workteam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkteam.html" - }, - "DeregisterDevices": { - "privilege": "DeregisterDevices", - "description": "Grants permission to deregister a set of devices", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeregisterDevices.html" - }, - "DescribeAction": { - "privilege": "DescribeAction", - "description": "Grants permission to get information about an action", - "access_level": "Read", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAction.html" - }, - "DescribeAlgorithm": { - "privilege": "DescribeAlgorithm", - "description": "Grants permission to describe an algorithm", - "access_level": "Read", - "resource_types": { - "algorithm": { - "resource_type": "algorithm", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAlgorithm.html" - }, - "DescribeApp": { - "privilege": "DescribeApp", - "description": "Grants permission to describe an App", - "access_level": "Read", - "resource_types": { - "app": { - "resource_type": "app", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeApp.html" - }, - "DescribeAppImageConfig": { - "privilege": "DescribeAppImageConfig", - "description": "Grants permission to describe an AppImageConfig", - "access_level": "Read", - "resource_types": { - "app-image-config": { - "resource_type": "app-image-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAppImageConfig.html" - }, - "DescribeArtifact": { - "privilege": "DescribeArtifact", - "description": "Grants permission to get information about an artifact", - "access_level": "Read", - "resource_types": { - "artifact": { - "resource_type": "artifact", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeArtifact.html" - }, - "DescribeAutoMLJob": { - "privilege": "DescribeAutoMLJob", - "description": "Grants permission to describe an AutoML job that was created via the CreateAutoMLJob API", - "access_level": "Read", - "resource_types": { - "automl-job": { - "resource_type": "automl-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJob.html" - }, - "DescribeAutoMLJobV2": { - "privilege": "DescribeAutoMLJobV2", - "description": "Grants permission to describe an AutoML job that was created via the CreateAutoMLJobV2 API", - "access_level": "Read", - "resource_types": { - "automl-job": { - "resource_type": "automl-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJobV2.html" - }, - "DescribeCodeRepository": { - "privilege": "DescribeCodeRepository", - "description": "Grants permission to describe a CodeRepository", - "access_level": "Read", - "resource_types": { - "code-repository": { - "resource_type": "code-repository", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeCodeRepository.html" - }, - "DescribeCompilationJob": { - "privilege": "DescribeCompilationJob", - "description": "Grants permission to return information about a compilation job", - "access_level": "Read", - "resource_types": { - "compilation-job": { - "resource_type": "compilation-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeCompilationJob.html" - }, - "DescribeContext": { - "privilege": "DescribeContext", - "description": "Grants permission to get information about a context", - "access_level": "Read", - "resource_types": { - "context": { - "resource_type": "context", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeContext.html" - }, - "DescribeDataQualityJobDefinition": { - "privilege": "DescribeDataQualityJobDefinition", - "description": "Grants permission to return information about a data quality job definition", - "access_level": "Read", - "resource_types": { - "data-quality-job-definition": { - "resource_type": "data-quality-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDataQualityJobDefinition.html" - }, - "DescribeDevice": { - "privilege": "DescribeDevice", - "description": "Grants permission to access information about a device", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDevice.html" - }, - "DescribeDeviceFleet": { - "privilege": "DescribeDeviceFleet", - "description": "Grants permission to access information about a device fleet", - "access_level": "Read", - "resource_types": { - "device-fleet": { - "resource_type": "device-fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDeviceFleet.html" - }, - "DescribeDomain": { - "privilege": "DescribeDomain", - "description": "Grants permission to describe a Domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDomain.html" - }, - "DescribeEdgeDeploymentPlan": { - "privilege": "DescribeEdgeDeploymentPlan", - "description": "Grants permission to access information about an edge deployment plan", - "access_level": "Read", - "resource_types": { - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEdgeDeploymentPlan.html" - }, - "DescribeEdgePackagingJob": { - "privilege": "DescribeEdgePackagingJob", - "description": "Grants permission to access information about an edge packaging job", - "access_level": "Read", - "resource_types": { - "edge-packaging-job": { - "resource_type": "edge-packaging-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEdgePackagingJob.html" - }, - "DescribeEndpoint": { - "privilege": "DescribeEndpoint", - "description": "Grants permission to return the description of an endpoint", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpoint.html" - }, - "DescribeEndpointConfig": { - "privilege": "DescribeEndpointConfig", - "description": "Grants permission to return the description of an endpoint configuration, which was created using the CreateEndpointConfig API", - "access_level": "Read", - "resource_types": { - "endpoint-config": { - "resource_type": "endpoint-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpointConfig.html" - }, - "DescribeExperiment": { - "privilege": "DescribeExperiment", - "description": "Grants permission to return information about an experiment", - "access_level": "Read", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeExperiment.html" - }, - "DescribeFeatureGroup": { - "privilege": "DescribeFeatureGroup", - "description": "Grants permission to return information about a feature group", - "access_level": "Read", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFeatureGroup.html" - }, - "DescribeFeatureMetadata": { - "privilege": "DescribeFeatureMetadata", - "description": "Grants permission to return information about a feature metadata", - "access_level": "Read", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFeatureMetadata.html" - }, - "DescribeFlowDefinition": { - "privilege": "DescribeFlowDefinition", - "description": "Grants permission to return information about the specified flow definition", - "access_level": "Read", - "resource_types": { - "flow-definition": { - "resource_type": "flow-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFlowDefinition.html" - }, - "DescribeHub": { - "privilege": "DescribeHub", - "description": "Grants permission to describe hubs", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHub.html" - }, - "DescribeHubContent": { - "privilege": "DescribeHubContent", - "description": "Grants permission to describe hub content", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "hub-content": { - "resource_type": "hub-content", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHubContent.html" - }, - "DescribeHumanLoop": { - "privilege": "DescribeHumanLoop", - "description": "Grants permission to return information about the specified human loop", - "access_level": "Read", - "resource_types": { - "human-loop": { - "resource_type": "human-loop", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHumanLoop.html" - }, - "DescribeHumanTaskUi": { - "privilege": "DescribeHumanTaskUi", - "description": "Grants permission to return detailed information about the specified human review workflow user interface", - "access_level": "Read", - "resource_types": { - "human-task-ui": { - "resource_type": "human-task-ui", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHumanTaskUi.html" - }, - "DescribeHyperParameterTuningJob": { - "privilege": "DescribeHyperParameterTuningJob", - "description": "Grants permission to describe a hyper parameter tuning job that was created via the CreateHyperParameterTuningJob API", - "access_level": "Read", - "resource_types": { - "hyper-parameter-tuning-job": { - "resource_type": "hyper-parameter-tuning-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHyperParameterTuningJob.html" - }, - "DescribeImage": { - "privilege": "DescribeImage", - "description": "Grants permission to return information about a SageMaker Image", - "access_level": "Read", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImage.html" - }, - "DescribeImageVersion": { - "privilege": "DescribeImageVersion", - "description": "Grants permission to return information about a SageMaker ImageVersion", - "access_level": "Read", - "resource_types": { - "image-version": { - "resource_type": "image-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImageVersion.html" - }, - "DescribeInferenceExperiment": { - "privilege": "DescribeInferenceExperiment", - "description": "Grants permission to get information about an inference experiment", - "access_level": "Read", - "resource_types": { - "inference-experiment": { - "resource_type": "inference-experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeInferenceExperiment.html" - }, - "DescribeInferenceRecommendationsJob": { - "privilege": "DescribeInferenceRecommendationsJob", - "description": "Grants permission to get information about an inference recommendations job", - "access_level": "Read", - "resource_types": { - "inference-recommendations-job": { - "resource_type": "inference-recommendations-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeInferenceRecommendationsJob.html" - }, - "DescribeLabelingJob": { - "privilege": "DescribeLabelingJob", - "description": "Grants permission to return information about a labeling job", - "access_level": "Read", - "resource_types": { - "labeling-job": { - "resource_type": "labeling-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeLabelingJob.html" - }, - "DescribeLineageGroup": { - "privilege": "DescribeLineageGroup", - "description": "Grants permission to describe a lineage group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeLineageGroup.html" - }, - "DescribeModel": { - "privilege": "DescribeModel", - "description": "Grants permission to describe a model that you created using the CreateModel API", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModel.html" - }, - "DescribeModelBiasJobDefinition": { - "privilege": "DescribeModelBiasJobDefinition", - "description": "Grants permission to return information about a model bias job definition", - "access_level": "Read", - "resource_types": { - "model-bias-job-definition": { - "resource_type": "model-bias-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelBiasJobDefinition.html" - }, - "DescribeModelCard": { - "privilege": "DescribeModelCard", - "description": "Grants permission to get information about a model card", - "access_level": "Read", - "resource_types": { - "model-card": { - "resource_type": "model-card", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelCard.html" - }, - "DescribeModelCardExportJob": { - "privilege": "DescribeModelCardExportJob", - "description": "Grants permission to get information about a model card export job", - "access_level": "Read", - "resource_types": { - "model-card-export-job": { - "resource_type": "model-card-export-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelCardExportJob.html" - }, - "DescribeModelExplainabilityJobDefinition": { - "privilege": "DescribeModelExplainabilityJobDefinition", - "description": "Grants permission to return information about a model explainability job definition", - "access_level": "Read", - "resource_types": { - "model-explainability-job-definition": { - "resource_type": "model-explainability-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelExplainabilityJobDefinition.html" - }, - "DescribeModelPackage": { - "privilege": "DescribeModelPackage", - "description": "Grants permission to describe a ModelPackage", - "access_level": "Read", - "resource_types": { - "model-package": { - "resource_type": "model-package", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackage.html" - }, - "DescribeModelPackageGroup": { - "privilege": "DescribeModelPackageGroup", - "description": "Grants permission to describe a ModelPackageGroup", - "access_level": "Read", - "resource_types": { - "model-package-group": { - "resource_type": "model-package-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackageGroup.html" - }, - "DescribeModelQualityJobDefinition": { - "privilege": "DescribeModelQualityJobDefinition", - "description": "Grants permission to return information about a model quality job definition", - "access_level": "Read", - "resource_types": { - "model-quality-job-definition": { - "resource_type": "model-quality-job-definition", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelQualityJobDefinition.html" - }, - "DescribeMonitoringSchedule": { - "privilege": "DescribeMonitoringSchedule", - "description": "Grants permission to return information about a monitoring schedule", - "access_level": "Read", - "resource_types": { - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeMonitoringSchedule.html" - }, - "DescribeNotebookInstance": { - "privilege": "DescribeNotebookInstance", - "description": "Grants permission to return information about a notebook instance", - "access_level": "Read", - "resource_types": { - "notebook-instance": { - "resource_type": "notebook-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeNotebookInstance.html" - }, - "DescribeNotebookInstanceLifecycleConfig": { - "privilege": "DescribeNotebookInstanceLifecycleConfig", - "description": "Grants permission to describe a notebook instance lifecycle configuration that was created via the CreateNotebookInstanceLifecycleConfig API", - "access_level": "Read", - "resource_types": { - "notebook-instance-lifecycle-config": { - "resource_type": "notebook-instance-lifecycle-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeNotebookInstanceLifecycleConfig.html" - }, - "DescribePipeline": { - "privilege": "DescribePipeline", - "description": "Grants permission to get information about a pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipeline.html" - }, - "DescribePipelineDefinitionForExecution": { - "privilege": "DescribePipelineDefinitionForExecution", - "description": "Grants permission to get the pipeline definition for a pipeline execution", - "access_level": "Read", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineDefinitionForExecution.html" - }, - "DescribePipelineExecution": { - "privilege": "DescribePipelineExecution", - "description": "Grants permission to get information about a pipeline execution", - "access_level": "Read", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineExecution.html" - }, - "DescribeProcessingJob": { - "privilege": "DescribeProcessingJob", - "description": "Grants permission to return information about a processing job", - "access_level": "Read", - "resource_types": { - "processing-job": { - "resource_type": "processing-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeProcessingJob.html" - }, - "DescribeProject": { - "privilege": "DescribeProject", - "description": "Grants permission to describe a project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeProject.html" - }, - "DescribeSharedModel": { - "privilege": "DescribeSharedModel", - "description": "Grants permission to describe a shared model in a SageMaker Studio application", - "access_level": "Read", - "resource_types": { - "shared-model": { - "resource_type": "shared-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" - }, - "DescribeSpace": { - "privilege": "DescribeSpace", - "description": "Grants permission to describe a Space", - "access_level": "Read", - "resource_types": { - "space": { - "resource_type": "space", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeSpace.html" - }, - "DescribeStudioLifecycleConfig": { - "privilege": "DescribeStudioLifecycleConfig", - "description": "Grants permission to describe a Studio Lifecycle Configuration", - "access_level": "Read", - "resource_types": { - "studio-lifecycle-config": { - "resource_type": "studio-lifecycle-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeStudioLifecycleConfig.html" - }, - "DescribeSubscribedWorkteam": { - "privilege": "DescribeSubscribedWorkteam", - "description": "Grants permission to return information about a subscribed workteam", - "access_level": "Read", - "resource_types": { - "workteam": { - "resource_type": "workteam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeSubscribedWorkteam.html" - }, - "DescribeTrainingJob": { - "privilege": "DescribeTrainingJob", - "description": "Grants permission to return information about a training job", - "access_level": "Read", - "resource_types": { - "training-job": { - "resource_type": "training-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrainingJob.html" - }, - "DescribeTransformJob": { - "privilege": "DescribeTransformJob", - "description": "Grants permission to return information about a transform job", - "access_level": "Read", - "resource_types": { - "transform-job": { - "resource_type": "transform-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTransformJob.html" - }, - "DescribeTrial": { - "privilege": "DescribeTrial", - "description": "Grants permission to return information about a trial", - "access_level": "Read", - "resource_types": { - "experiment-trial": { - "resource_type": "experiment-trial", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrial.html" - }, - "DescribeTrialComponent": { - "privilege": "DescribeTrialComponent", - "description": "Grants permission to return information about a trial component", - "access_level": "Read", - "resource_types": { - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrialComponent.html" - }, - "DescribeUserProfile": { - "privilege": "DescribeUserProfile", - "description": "Grants permission to describe a UserProfile", - "access_level": "Read", - "resource_types": { - "user-profile": { - "resource_type": "user-profile", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeUserProfile.html" - }, - "DescribeWorkforce": { - "privilege": "DescribeWorkforce", - "description": "Grants permission to return information about a workforce", - "access_level": "Read", - "resource_types": { - "workforce": { - "resource_type": "workforce", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkforce.html" - }, - "DescribeWorkteam": { - "privilege": "DescribeWorkteam", - "description": "Grants permission to return information about a workteam", - "access_level": "Read", - "resource_types": { - "workteam": { - "resource_type": "workteam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkteam.html" - }, - "DisableSagemakerServicecatalogPortfolio": { - "privilege": "DisableSagemakerServicecatalogPortfolio", - "description": "Grants permission to disable a SageMaker Service Catalog Portfolio", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DisableSagemakerServicecatalogPortfolio.html" - }, - "DisassociateTrialComponent": { - "privilege": "DisassociateTrialComponent", - "description": "Grants permission to disassociate a trial component from a trial", - "access_level": "Write", - "resource_types": { - "experiment-trial": { - "resource_type": "experiment-trial", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "processing-job": { - "resource_type": "processing-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DisassociateTrialComponent.html" - }, - "EnableSagemakerServicecatalogPortfolio": { - "privilege": "EnableSagemakerServicecatalogPortfolio", - "description": "Grants permission to enable a SageMaker Service Catalog Portfolio", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_EnableSagemakerServicecatalogPortfolio.html" - }, - "GetDeployments": { - "privilege": "GetDeployments", - "description": "Grants permission to get deployment plan for device", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_edge_GetDeployments.html" - }, - "GetDeviceFleetReport": { - "privilege": "GetDeviceFleetReport", - "description": "Grants permission to access a summary of the devices in a device fleet", - "access_level": "Read", - "resource_types": { - "device-fleet": { - "resource_type": "device-fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetDeviceFleetReport.html" - }, - "GetDeviceRegistration": { - "privilege": "GetDeviceRegistration", - "description": "Grants permission to get device registration. After you deploy a model onto edge devices this api is used to get current device registration", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_edge_GetDeviceRegistration.html" - }, - "GetLineageGroupPolicy": { - "privilege": "GetLineageGroupPolicy", - "description": "Grants permission to retreive a lineage group policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetLineageGroupPolicy.html" - }, - "GetModelPackageGroupPolicy": { - "privilege": "GetModelPackageGroupPolicy", - "description": "Grants permission to get a ModelPackageGroup policy", - "access_level": "Read", - "resource_types": { - "model-package-group": { - "resource_type": "model-package-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetModelPackageGroupPolicy.html" - }, - "GetRecord": { - "privilege": "GetRecord", - "description": "Grants permission to get a record from a feature group", - "access_level": "Read", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_GetRecord.html" - }, - "GetSagemakerServicecatalogPortfolioStatus": { - "privilege": "GetSagemakerServicecatalogPortfolioStatus", - "description": "Grants permission to get a SageMaker Service Catalog Portfolio", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetSagemakerServicecatalogPortfolioStatus.html" - }, - "GetSearchSuggestions": { - "privilege": "GetSearchSuggestions", - "description": "Grants permission to get search suggestions when provided with a keyword", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetSearchSuggestions.html" - }, - "ImportHubContent": { - "privilege": "ImportHubContent", - "description": "Grants permission to import hub content", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "sagemaker:AddTags" - ] - }, - "hub-content": { - "resource_type": "hub-content", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ImportHubContent.html" - }, - "InvokeEndpoint": { - "privilege": "InvokeEndpoint", - "description": "Grants permission to invoke an endpoint. After you deploy a model into production using Amazon SageMaker hosting services, your client applications use this API to get inferences from the model hosted at the specified endpoint", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:TargetModel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html" - }, - "InvokeEndpointAsync": { - "privilege": "InvokeEndpointAsync", - "description": "Grants permission to get inferences from the hosted model at the specified endpoint in an asynchronous manner", - "access_level": "Read", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpointAsync.html" - }, - "ListActions": { - "privilege": "ListActions", - "description": "Grants permission to list actions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListActions.html" - }, - "ListAlgorithms": { - "privilege": "ListAlgorithms", - "description": "Grants permission to list Algorithms", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAlgorithms.html" - }, - "ListAliases": { - "privilege": "ListAliases", - "description": "Grants permission to list Aliases that belong to a SageMaker Image or Sagemaker ImageVersion", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image-version": { - "resource_type": "image-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAliases.html" - }, - "ListAppImageConfigs": { - "privilege": "ListAppImageConfigs", - "description": "Grants permission to list the AppImageConfigs in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAppImageConfigs.html" - }, - "ListApps": { - "privilege": "ListApps", - "description": "Grants permission to list the Apps in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListApps.html" - }, - "ListArtifacts": { - "privilege": "ListArtifacts", - "description": "Grants permission to list artifacts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListArtifacts.html" - }, - "ListAssociations": { - "privilege": "ListAssociations", - "description": "Grants permission to list associations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAssociations.html" - }, - "ListAutoMLJobs": { - "privilege": "ListAutoMLJobs", - "description": "Grants permission to list AutoML jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAutoMLJobs.html" - }, - "ListCandidatesForAutoMLJob": { - "privilege": "ListCandidatesForAutoMLJob", - "description": "Grants permission to lists candidates for an AutoML job", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListCandidatesForAutoMLJob.html" - }, - "ListCodeRepositories": { - "privilege": "ListCodeRepositories", - "description": "Grants permission to list code repositories", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListCodeRepositories.html" - }, - "ListCompilationJobs": { - "privilege": "ListCompilationJobs", - "description": "Grants permission to list compilation jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListCompilationJobs.html" - }, - "ListContexts": { - "privilege": "ListContexts", - "description": "Grants permission to list contexts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListContexts.html" - }, - "ListDataQualityJobDefinitions": { - "privilege": "ListDataQualityJobDefinitions", - "description": "Grants permission to list data quality job definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDataQualityJobDefinitions.html" - }, - "ListDeviceFleets": { - "privilege": "ListDeviceFleets", - "description": "Grants permission to list device fleets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDeviceFleets.html" - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Grants permission to list devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDevices.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list the Domains in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDomains.html" - }, - "ListEdgeDeploymentPlans": { - "privilege": "ListEdgeDeploymentPlans", - "description": "Grants permission to list edge deployment plans", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEdgeDeploymentPlans.html" - }, - "ListEdgePackagingJobs": { - "privilege": "ListEdgePackagingJobs", - "description": "Grants permission to list edge packaging jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEdgePackagingJobs.html" - }, - "ListEndpointConfigs": { - "privilege": "ListEndpointConfigs", - "description": "Grants permission to list endpoint configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpointConfigs.html" - }, - "ListEndpoints": { - "privilege": "ListEndpoints", - "description": "Grants permission to list endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpoints.html" - }, - "ListExperiments": { - "privilege": "ListExperiments", - "description": "Grants permission to list experiments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListExperiments.html" - }, - "ListFeatureGroups": { - "privilege": "ListFeatureGroups", - "description": "Grants permission to list feature groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListFeatureGroups.html" - }, - "ListFlowDefinitions": { - "privilege": "ListFlowDefinitions", - "description": "Grants permission to return summary information about flow definitions, given the specified parameters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListFlowDefinitions.html" - }, - "ListHubContentVersions": { - "privilege": "ListHubContentVersions", - "description": "Grants permission to list all versions of hub content", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "hub-content": { - "resource_type": "hub-content", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHubContentVersions.html" - }, - "ListHubContents": { - "privilege": "ListHubContents", - "description": "Grants permission to list newest versions of hub content", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHubContents.html" - }, - "ListHubs": { - "privilege": "ListHubs", - "description": "Grants permission to list hubs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHubs.html" - }, - "ListHumanLoops": { - "privilege": "ListHumanLoops", - "description": "Grants permission to return summary information about human loops, given the specified parameters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHumanLoops.html" - }, - "ListHumanTaskUis": { - "privilege": "ListHumanTaskUis", - "description": "Grants permission to return summary information about human review workflow user interfaces, given the specified parameters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHumanTaskUis.html" - }, - "ListHyperParameterTuningJobs": { - "privilege": "ListHyperParameterTuningJobs", - "description": "Grants permission to list hyper parameter tuning jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHyperParameterTuningJobs.html" - }, - "ListImageVersions": { - "privilege": "ListImageVersions", - "description": "Grants permission to list ImageVersions that belong to a SageMaker Image", - "access_level": "List", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImageVersions.html" - }, - "ListImages": { - "privilege": "ListImages", - "description": "Grants permission to list SageMaker Images in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImages.html" - }, - "ListInferenceExperiments": { - "privilege": "ListInferenceExperiments", - "description": "Grants permission to list inference experiments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceExperiments.html" - }, - "ListInferenceRecommendationsJobSteps": { - "privilege": "ListInferenceRecommendationsJobSteps", - "description": "Grants permission to list inference recommendations job steps", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceRecommendationsJobSteps.html" - }, - "ListInferenceRecommendationsJobs": { - "privilege": "ListInferenceRecommendationsJobs", - "description": "Grants permission to list inference recommendations jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceRecommendationsJobs.html" - }, - "ListLabelingJobs": { - "privilege": "ListLabelingJobs", - "description": "Grants permission to list labeling jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobs.html" - }, - "ListLabelingJobsForWorkteam": { - "privilege": "ListLabelingJobsForWorkteam", - "description": "Grants permission to list labeling jobs for workteam", - "access_level": "List", - "resource_types": { - "workteam": { - "resource_type": "workteam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobs.html" - }, - "ListLineageGroups": { - "privilege": "ListLineageGroups", - "description": "Grants permission to list lineage groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLineageGroups.html" - }, - "ListModelBiasJobDefinitions": { - "privilege": "ListModelBiasJobDefinitions", - "description": "Grants permission to list model bias job definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelBiasJobDefinitions.html" - }, - "ListModelCardExportJobs": { - "privilege": "ListModelCardExportJobs", - "description": "Grants permission to list export jobs for a model card", - "access_level": "List", - "resource_types": { - "model-card": { - "resource_type": "model-card", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelCardExportJobs.html" - }, - "ListModelCardVersions": { - "privilege": "ListModelCardVersions", - "description": "Grants permission to list versions of a model card", - "access_level": "List", - "resource_types": { - "model-card": { - "resource_type": "model-card", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelCardVersions.html" - }, - "ListModelCards": { - "privilege": "ListModelCards", - "description": "Grants permission to list model cards", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelCards.html" - }, - "ListModelExplainabilityJobDefinitions": { - "privilege": "ListModelExplainabilityJobDefinitions", - "description": "Grants permission to list model explainability job definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelExplainabilityJobDefinitions.html" - }, - "ListModelMetadata": { - "privilege": "ListModelMetadata", - "description": "Grants permission to list model metadata for inference recommendations jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelMetadata.html" - }, - "ListModelPackageGroups": { - "privilege": "ListModelPackageGroups", - "description": "Grants permission to list ModelPackageGroups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelPackageGroups.html" - }, - "ListModelPackages": { - "privilege": "ListModelPackages", - "description": "Grants permission to list ModelPackages", - "access_level": "List", - "resource_types": { - "model-package-group": { - "resource_type": "model-package-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelPackages.html" - }, - "ListModelQualityJobDefinitions": { - "privilege": "ListModelQualityJobDefinitions", - "description": "Grants permission to list model quality job definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelQualityJobDefinitions.html" - }, - "ListModels": { - "privilege": "ListModels", - "description": "Grants permission to list the models created with the CreateModel API", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModels.html" - }, - "ListMonitoringAlertHistory": { - "privilege": "ListMonitoringAlertHistory", - "description": "Grants permission to list the history of a monitoring alert", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringHistory.html" - }, - "ListMonitoringAlerts": { - "privilege": "ListMonitoringAlerts", - "description": "Grants permission to list monitoring alerts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringAlerts.html" - }, - "ListMonitoringExecutions": { - "privilege": "ListMonitoringExecutions", - "description": "Grants permission to list monitoring executions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringExecutions.html" - }, - "ListMonitoringSchedules": { - "privilege": "ListMonitoringSchedules", - "description": "Grants permission to list monitoring schedules", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringSchedules.html" - }, - "ListNotebookInstanceLifecycleConfigs": { - "privilege": "ListNotebookInstanceLifecycleConfigs", - "description": "Grants permission to list the notebook instance lifecycle configurations that can be deployed using Amazon SageMaker", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListNotebookInstanceLifecycleConfigs.html" - }, - "ListNotebookInstances": { - "privilege": "ListNotebookInstances", - "description": "Grants permission to list the Amazon SageMaker notebook instances in the requester's account in an AWS Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListNotebookInstances.html" - }, - "ListPipelineExecutionSteps": { - "privilege": "ListPipelineExecutionSteps", - "description": "Grants permission to list steps for a pipeline execution", - "access_level": "List", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutionSteps.html" - }, - "ListPipelineExecutions": { - "privilege": "ListPipelineExecutions", - "description": "Grants permission to list executions for a pipeline", - "access_level": "List", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutions.html" - }, - "ListPipelineParametersForExecution": { - "privilege": "ListPipelineParametersForExecution", - "description": "Grants permission to list parameters for a pipeline execution", - "access_level": "List", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineParametersForExecution.html" - }, - "ListPipelines": { - "privilege": "ListPipelines", - "description": "Grants permission to list pipelines", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelines.html" - }, - "ListProcessingJobs": { - "privilege": "ListProcessingJobs", - "description": "Grants permission to list processing jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListProcessingJobs.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list Projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListProjects.html" - }, - "ListSharedModelEvents": { - "privilege": "ListSharedModelEvents", - "description": "Grants permission to list shared model events", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" - }, - "ListSharedModelVersions": { - "privilege": "ListSharedModelVersions", - "description": "Grants permission to list shared model versions", - "access_level": "List", - "resource_types": { - "shared-model": { - "resource_type": "shared-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" - }, - "ListSharedModels": { - "privilege": "ListSharedModels", - "description": "Grants permission to list shared models", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" - }, - "ListSpaces": { - "privilege": "ListSpaces", - "description": "Grants permission to list the Spaces in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListSpaces.html" - }, - "ListStageDevices": { - "privilege": "ListStageDevices", - "description": "Grants permission to list stage devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListStageDevices.html" - }, - "ListStudioLifecycleConfigs": { - "privilege": "ListStudioLifecycleConfigs", - "description": "Grants permission to list the Studio Lifecycle Configurations that can be deployed using Amazon SageMaker", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListStudioLifecycleConfigs.html" - }, - "ListSubscribedWorkteams": { - "privilege": "ListSubscribedWorkteams", - "description": "Grants permission to list subscribed workteams", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListSubscribedWorkteams.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to list the tag set associated with the specified resource", - "access_level": "List", - "resource_types": { - "action": { - "resource_type": "action", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "algorithm": { - "resource_type": "algorithm", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "app": { - "resource_type": "app", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "app-image-config": { - "resource_type": "app-image-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "artifact": { - "resource_type": "artifact", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "automl-job": { - "resource_type": "automl-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "code-repository": { - "resource_type": "code-repository", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "compilation-job": { - "resource_type": "compilation-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "context": { - "resource_type": "context", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "data-quality-job-definition": { - "resource_type": "data-quality-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "device-fleet": { - "resource_type": "device-fleet", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "edge-packaging-job": { - "resource_type": "edge-packaging-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "endpoint": { - "resource_type": "endpoint", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "endpoint-config": { - "resource_type": "endpoint-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial": { - "resource_type": "experiment-trial", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "feature-group": { - "resource_type": "feature-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "flow-definition": { - "resource_type": "flow-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "human-task-ui": { - "resource_type": "human-task-ui", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "hyper-parameter-tuning-job": { - "resource_type": "hyper-parameter-tuning-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "image": { - "resource_type": "image", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "inference-recommendations-job": { - "resource_type": "inference-recommendations-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "labeling-job": { - "resource_type": "labeling-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-bias-job-definition": { - "resource_type": "model-bias-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-card": { - "resource_type": "model-card", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-explainability-job-definition": { - "resource_type": "model-explainability-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-package": { - "resource_type": "model-package", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-package-group": { - "resource_type": "model-package-group", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "model-quality-job-definition": { - "resource_type": "model-quality-job-definition", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "notebook-instance": { - "resource_type": "notebook-instance", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "processing-job": { - "resource_type": "processing-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "studio-lifecycle-config": { - "resource_type": "studio-lifecycle-config", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "training-job": { - "resource_type": "training-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "transform-job": { - "resource_type": "transform-job", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "user-profile": { - "resource_type": "user-profile", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "workteam": { - "resource_type": "workteam", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTags.html" - }, - "ListTrainingJobs": { - "privilege": "ListTrainingJobs", - "description": "Grants permission to list training jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrainingJobs.html" - }, - "ListTrainingJobsForHyperParameterTuningJob": { - "privilege": "ListTrainingJobsForHyperParameterTuningJob", - "description": "Grants permission to list training jobs for a hyper parameter tuning job", - "access_level": "List", - "resource_types": { - "hyper-parameter-tuning-job": { - "resource_type": "hyper-parameter-tuning-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrainingJobsForHyperParameterTuningJob.html" - }, - "ListTransformJobs": { - "privilege": "ListTransformJobs", - "description": "Grants permission to list transform jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTransformJobs.html" - }, - "ListTrialComponents": { - "privilege": "ListTrialComponents", - "description": "Grants permission to list trial components", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrialComponents.html" - }, - "ListTrials": { - "privilege": "ListTrials", - "description": "Grants permission to list trials", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrials.html" - }, - "ListUserProfiles": { - "privilege": "ListUserProfiles", - "description": "Grants permission to list the UserProfiles in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListUserProfiles.html" - }, - "ListWorkforces": { - "privilege": "ListWorkforces", - "description": "Grants permission to list workforces", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkforces.html" - }, - "ListWorkteams": { - "privilege": "ListWorkteams", - "description": "Grants permission to list workteams", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkteams.html" - }, - "PutLineageGroupPolicy": { - "privilege": "PutLineageGroupPolicy", - "description": "Grants permission to put a lineage group policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/Welcome.html" - }, - "PutModelPackageGroupPolicy": { - "privilege": "PutModelPackageGroupPolicy", - "description": "Grants permission to put a ModelPackageGroup policy", - "access_level": "Write", - "resource_types": { - "model-package-group": { - "resource_type": "model-package-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_PutModelPackageGroupPolicy.html" - }, - "PutRecord": { - "privilege": "PutRecord", - "description": "Grants permission to put a record to a feature group", - "access_level": "Write", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_PutRecord.html" - }, - "QueryLineage": { - "privilege": "QueryLineage", - "description": "Grants permission to explore the lineage graph", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_QueryLineage.html" - }, - "RegisterDevices": { - "privilege": "RegisterDevices", - "description": "Grants permission to register a set of devices", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RegisterDevices.html" - }, - "RenderUiTemplate": { - "privilege": "RenderUiTemplate", - "description": "Grants permission to render a UI template used for a human annotation task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RenderUiTemplate.html" - }, - "RetryPipelineExecution": { - "privilege": "RetryPipelineExecution", - "description": "Grants permission to retry a pipeline execution", - "access_level": "Write", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RetryPipelineExecution.html" - }, - "Search": { - "privilege": "Search", - "description": "Grants permission to search for SageMaker objects", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html" - }, - "SendHeartbeat": { - "privilege": "SendHeartbeat", - "description": "Grants permission to publish heartbeat data from devices. After you deploy a model onto edge devices this api is used to report device status", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_edge_SendHeartbeat.html" - }, - "SendPipelineExecutionStepFailure": { - "privilege": "SendPipelineExecutionStepFailure", - "description": "Grants permission to fail a pending callback step", - "access_level": "Write", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepFailure.html" - }, - "SendPipelineExecutionStepSuccess": { - "privilege": "SendPipelineExecutionStepSuccess", - "description": "Grants permission to succeed a pending callback step", - "access_level": "Write", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepSuccess.html" - }, - "SendSharedModelEvent": { - "privilege": "SendSharedModelEvent", - "description": "Grants permission to send a shared model event", - "access_level": "Write", - "resource_types": { - "shared-model-event": { - "resource_type": "shared-model-event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" - }, - "StartEdgeDeploymentStage": { - "privilege": "StartEdgeDeploymentStage", - "description": "Grants permission to start an edge deployment stage", - "access_level": "Write", - "resource_types": { - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartEdgeDeploymentStage.html" - }, - "StartHumanLoop": { - "privilege": "StartHumanLoop", - "description": "Grants permission to start a human loop", - "access_level": "Write", - "resource_types": { - "flow-definition": { - "resource_type": "flow-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartHumanLoop.html" - }, - "StartInferenceExperiment": { - "privilege": "StartInferenceExperiment", - "description": "Grants permission to start an inference experiment", - "access_level": "Write", - "resource_types": { - "inference-experiment": { - "resource_type": "inference-experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartInferenceExperiment.html" - }, - "StartMonitoringSchedule": { - "privilege": "StartMonitoringSchedule", - "description": "Grants permission to start a monitoring schedule", - "access_level": "Write", - "resource_types": { - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartMonitoringSchedule.html" - }, - "StartNotebookInstance": { - "privilege": "StartNotebookInstance", - "description": "Grants permission to start a notebook instance. This launches an EC2 instance with the latest version of the libraries and attaches your EBS volume", - "access_level": "Write", - "resource_types": { - "notebook-instance": { - "resource_type": "notebook-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartNotebookInstance.html" - }, - "StartPipelineExecution": { - "privilege": "StartPipelineExecution", - "description": "Grants permission to start a pipeline execution", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html" - }, - "StopAutoMLJob": { - "privilege": "StopAutoMLJob", - "description": "Grants permission to stop a running AutoML job", - "access_level": "Write", - "resource_types": { - "automl-job": { - "resource_type": "automl-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopAutoMLJob.html" - }, - "StopCompilationJob": { - "privilege": "StopCompilationJob", - "description": "Grants permission to stop a compilation job", - "access_level": "Write", - "resource_types": { - "compilation-job": { - "resource_type": "compilation-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopCompilationJob.html" - }, - "StopEdgeDeploymentStage": { - "privilege": "StopEdgeDeploymentStage", - "description": "Grants permission to stop an edge deployment stage", - "access_level": "Write", - "resource_types": { - "edge-deployment-plan": { - "resource_type": "edge-deployment-plan", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopEdgeDeploymentStage.html" - }, - "StopEdgePackagingJob": { - "privilege": "StopEdgePackagingJob", - "description": "Grants permission to stop an edge packaging job", - "access_level": "Write", - "resource_types": { - "edge-packaging-job": { - "resource_type": "edge-packaging-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopEdgePackagingJob.html" - }, - "StopHumanLoop": { - "privilege": "StopHumanLoop", - "description": "Grants permission to stop a specified human loop", - "access_level": "Write", - "resource_types": { - "human-loop": { - "resource_type": "human-loop", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopHumanLoop.html" - }, - "StopHyperParameterTuningJob": { - "privilege": "StopHyperParameterTuningJob", - "description": "Grants permission to stop a running hyper parameter tuning job create via the CreateHyperParameterTuningJob", - "access_level": "Write", - "resource_types": { - "hyper-parameter-tuning-job": { - "resource_type": "hyper-parameter-tuning-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopHyperParameterTuningJob.html" - }, - "StopInferenceExperiment": { - "privilege": "StopInferenceExperiment", - "description": "Grants permission to stop an inference experiment", - "access_level": "Write", - "resource_types": { - "inference-experiment": { - "resource_type": "inference-experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopInferenceExperiment.html" - }, - "StopInferenceRecommendationsJob": { - "privilege": "StopInferenceRecommendationsJob", - "description": "Grants permission to stop an inference recommendations job", - "access_level": "Write", - "resource_types": { - "inference-recommendations-job": { - "resource_type": "inference-recommendations-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopInferenceRecommendationsJob.html" - }, - "StopLabelingJob": { - "privilege": "StopLabelingJob", - "description": "Grants permission to stop a labeling job. Any labels already generated will be exported before stopping", - "access_level": "Write", - "resource_types": { - "labeling-job": { - "resource_type": "labeling-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopLabelingJob.html" - }, - "StopMonitoringSchedule": { - "privilege": "StopMonitoringSchedule", - "description": "Grants permission to stop a monitoring schedule", - "access_level": "Write", - "resource_types": { - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopMonitoringSchedule.html" - }, - "StopNotebookInstance": { - "privilege": "StopNotebookInstance", - "description": "Grants permission to stop a notebook instance. This terminates the EC2 instance. Before terminating the instance, Amazon SageMaker disconnects the EBS volume from it. Amazon SageMaker preserves the EBS volume", - "access_level": "Write", - "resource_types": { - "notebook-instance": { - "resource_type": "notebook-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopNotebookInstance.html" - }, - "StopPipelineExecution": { - "privilege": "StopPipelineExecution", - "description": "Grants permission to stop a pipeline execution", - "access_level": "Write", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopPipelineExecution.html" - }, - "StopProcessingJob": { - "privilege": "StopProcessingJob", - "description": "Grants permission to stop a processing job. To stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds", - "access_level": "Write", - "resource_types": { - "processing-job": { - "resource_type": "processing-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopProcessingJob.html" - }, - "StopTrainingJob": { - "privilege": "StopTrainingJob", - "description": "Grants permission to stop a training job. To stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds", - "access_level": "Write", - "resource_types": { - "training-job": { - "resource_type": "training-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTrainingJob.html" - }, - "StopTransformJob": { - "privilege": "StopTransformJob", - "description": "Grants permission to stop a transform job. When Amazon SageMaker receives a StopTransformJob request, the status of the job changes to Stopping. After Amazon SageMaker stops the job, the status is set to Stopped", - "access_level": "Write", - "resource_types": { - "transform-job": { - "resource_type": "transform-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTransformJob.html" - }, - "UpdateAction": { - "privilege": "UpdateAction", - "description": "Grants permission to update an action", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateAction.html" - }, - "UpdateAppImageConfig": { - "privilege": "UpdateAppImageConfig", - "description": "Grants permission to update an AppImageConfig", - "access_level": "Write", - "resource_types": { - "app-image-config": { - "resource_type": "app-image-config", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateAppImageConfig.html" - }, - "UpdateArtifact": { - "privilege": "UpdateArtifact", - "description": "Grants permission to update an artifact", - "access_level": "Write", - "resource_types": { - "artifact": { - "resource_type": "artifact", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateArtifact.html" - }, - "UpdateCodeRepository": { - "privilege": "UpdateCodeRepository", - "description": "Grants permission to update a CodeRepository", - "access_level": "Write", - "resource_types": { - "code-repository": { - "resource_type": "code-repository", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateCodeRepository.html" - }, - "UpdateContext": { - "privilege": "UpdateContext", - "description": "Grants permission to update a context", - "access_level": "Write", - "resource_types": { - "context": { - "resource_type": "context", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateContext.html" - }, - "UpdateDeviceFleet": { - "privilege": "UpdateDeviceFleet", - "description": "Grants permission to update a device fleet", - "access_level": "Write", - "resource_types": { - "device-fleet": { - "resource_type": "device-fleet", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDeviceFleet.html" - }, - "UpdateDevices": { - "privilege": "UpdateDevices", - "description": "Grants permission to update a set of devices", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDevices.html" - }, - "UpdateDomain": { - "privilege": "UpdateDomain", - "description": "Grants permission to update a Domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:VpcSecurityGroupIds", - "sagemaker:InstanceTypes", - "sagemaker:DomainSharingOutputKmsKey", - "sagemaker:ImageArns", - "sagemaker:ImageVersionArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDomain.html" - }, - "UpdateEndpoint": { - "privilege": "UpdateEndpoint", - "description": "Grants permission to update an endpoint to use the endpoint configuration specified in the request", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpoint.html" - }, - "UpdateEndpointWeightsAndCapacities": { - "privilege": "UpdateEndpointWeightsAndCapacities", - "description": "Grants permission to update variant weight, capacity, or both of one or more variants associated with an endpoint", - "access_level": "Write", - "resource_types": { - "endpoint": { - "resource_type": "endpoint", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html" - }, - "UpdateExperiment": { - "privilege": "UpdateExperiment", - "description": "Grants permission to update an experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateExperiment.html" - }, - "UpdateFeatureGroup": { - "privilege": "UpdateFeatureGroup", - "description": "Grants permission to update a feature group", - "access_level": "Write", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateFeatureGroup.html" - }, - "UpdateFeatureMetadata": { - "privilege": "UpdateFeatureMetadata", - "description": "Grants permission to update a feature metadata", - "access_level": "Write", - "resource_types": { - "feature-group": { - "resource_type": "feature-group", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateFeatureMetadata.html" - }, - "UpdateHub": { - "privilege": "UpdateHub", - "description": "Grants permission to update hubs", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateHub.html" - }, - "UpdateImage": { - "privilege": "UpdateImage", - "description": "Grants permission to update the properties of a SageMaker Image", - "access_level": "Write", - "resource_types": { - "image": { - "resource_type": "image", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImage.html" - }, - "UpdateImageVersion": { - "privilege": "UpdateImageVersion", - "description": "Grants permission to update the properties of a SageMaker ImageVersion", - "access_level": "Write", - "resource_types": { - "image-version": { - "resource_type": "image-version", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImageVersion.html" - }, - "UpdateInferenceExperiment": { - "privilege": "UpdateInferenceExperiment", - "description": "Grants permission to update an inference experiment", - "access_level": "Write", - "resource_types": { - "inference-experiment": { - "resource_type": "inference-experiment", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateInferenceExperiment.html" - }, - "UpdateModelCard": { - "privilege": "UpdateModelCard", - "description": "Grants permission to update a model card", - "access_level": "Write", - "resource_types": { - "model-card": { - "resource_type": "model-card", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateModelCard.html" - }, - "UpdateModelPackage": { - "privilege": "UpdateModelPackage", - "description": "Grants permission to update a ModelPackage", - "access_level": "Write", - "resource_types": { - "model-package": { - "resource_type": "model-package", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:ModelApprovalStatus", - "sagemaker:CustomerMetadataProperties/${MetadataKey}", - "sagemaker:CustomerMetadataPropertiesToRemove" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateModelPackage.html" - }, - "UpdateMonitoringAlert": { - "privilege": "UpdateMonitoringAlert", - "description": "Grants permission to update a monitoring alert", - "access_level": "Write", - "resource_types": { - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "monitoring-schedule-alert": { - "resource_type": "monitoring-schedule-alert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateMonitoringAlert.html" - }, - "UpdateMonitoringSchedule": { - "privilege": "UpdateMonitoringSchedule", - "description": "Grants permission to update a monitoring schedule", - "access_level": "Write", - "resource_types": { - "monitoring-schedule": { - "resource_type": "monitoring-schedule", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "sagemaker:InstanceTypes", - "sagemaker:MaxRuntimeInSeconds", - "sagemaker:NetworkIsolation", - "sagemaker:OutputKmsKey", - "sagemaker:VolumeKmsKey", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:VpcSubnets", - "sagemaker:InterContainerTrafficEncryption" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateMonitoringSchedule.html" - }, - "UpdateNotebookInstance": { - "privilege": "UpdateNotebookInstance", - "description": "Grants permission to update a notebook instance. Notebook instance updates include upgrading or downgrading the EC2 instance used for your notebook instance to accommodate changes in your workload requirements", - "access_level": "Write", - "resource_types": { - "notebook-instance": { - "resource_type": "notebook-instance", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:AcceleratorTypes", - "sagemaker:InstanceTypes", - "sagemaker:MinimumInstanceMetadataServiceVersion", - "sagemaker:RootAccess" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html" - }, - "UpdateNotebookInstanceLifecycleConfig": { - "privilege": "UpdateNotebookInstanceLifecycleConfig", - "description": "Grants permission to updates a notebook instance lifecycle configuration created with the CreateNotebookInstanceLifecycleConfig API", - "access_level": "Write", - "resource_types": { - "notebook-instance-lifecycle-config": { - "resource_type": "notebook-instance-lifecycle-config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstanceLifecycleConfig.html" - }, - "UpdatePipeline": { - "privilege": "UpdatePipeline", - "description": "Grants permission to update a pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipeline.html" - }, - "UpdatePipelineExecution": { - "privilege": "UpdatePipelineExecution", - "description": "Grants permission to update a pipeline execution", - "access_level": "Write", - "resource_types": { - "pipeline-execution": { - "resource_type": "pipeline-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipelineExecution.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to update a Project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateProject.html" - }, - "UpdateSharedModel": { - "privilege": "UpdateSharedModel", - "description": "Grants permission to update a shared model", - "access_level": "Write", - "resource_types": { - "shared-model": { - "resource_type": "shared-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" - }, - "UpdateSpace": { - "privilege": "UpdateSpace", - "description": "Grants permission to update a Space", - "access_level": "Write", - "resource_types": { - "space": { - "resource_type": "space", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:InstanceTypes", - "sagemaker:ImageArns", - "sagemaker:ImageVersionArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html" - }, - "UpdateTrainingJob": { - "privilege": "UpdateTrainingJob", - "description": "Grants permission to update a training job", - "access_level": "Write", - "resource_types": { - "training-job": { - "resource_type": "training-job", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:InstanceTypes", - "sagemaker:KeepAlivePeriod" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateTrainingJob.html" - }, - "UpdateTrial": { - "privilege": "UpdateTrial", - "description": "Grants permission to update a trial", - "access_level": "Write", - "resource_types": { - "experiment-trial": { - "resource_type": "experiment-trial", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateTrial.html" - }, - "UpdateTrialComponent": { - "privilege": "UpdateTrialComponent", - "description": "Grants permission to update a trial component", - "access_level": "Write", - "resource_types": { - "experiment-trial-component": { - "resource_type": "experiment-trial-component", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateTrialComponent.html" - }, - "UpdateUserProfile": { - "privilege": "UpdateUserProfile", - "description": "Grants permission to update a UserProfile", - "access_level": "Write", - "resource_types": { - "user-profile": { - "resource_type": "user-profile", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sagemaker:InstanceTypes", - "sagemaker:VpcSecurityGroupIds", - "sagemaker:InstanceTypes", - "sagemaker:DomainSharingOutputKmsKey", - "sagemaker:ImageArns", - "sagemaker:ImageVersionArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateUserProfile.html" - }, - "UpdateWorkforce": { - "privilege": "UpdateWorkforce", - "description": "Grants permission to update a workforce", - "access_level": "Write", - "resource_types": { - "workforce": { - "resource_type": "workforce", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkforce.html" - }, - "UpdateWorkteam": { - "privilege": "UpdateWorkteam", - "description": "Grants permission to update a workteam", - "access_level": "Write", - "resource_types": { - "workteam": { - "resource_type": "workteam", - "required": true, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkteam.html" - } - }, - "resources": { - "device": { - "resource": "device", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:device-fleet/${DeviceFleetName}/device/${DeviceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "device-fleet": { - "resource": "device-fleet", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:device-fleet/${DeviceFleetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "edge-packaging-job": { - "resource": "edge-packaging-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:edge-packaging-job/${EdgePackagingJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "edge-deployment-plan": { - "resource": "edge-deployment-plan", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:edge-deployment/${EdgeDeploymentPlanName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "human-loop": { - "resource": "human-loop", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:human-loop/${HumanLoopName}", - "condition_keys": [] - }, - "flow-definition": { - "resource": "flow-definition", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:flow-definition/${FlowDefinitionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "human-task-ui": { - "resource": "human-task-ui", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:human-task-ui/${HumanTaskUiName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "hub": { - "resource": "hub", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:hub/${HubName}", - "condition_keys": [] - }, - "hub-content": { - "resource": "hub-content", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:hub-content/${HubName}/${HubContentType}/${HubContentName}", - "condition_keys": [] - }, - "inference-recommendations-job": { - "resource": "inference-recommendations-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:inference-recommendations-job/${InferenceRecommendationsJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "inference-experiment": { - "resource": "inference-experiment", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:inference-experiment/${InferenceExperimentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "labeling-job": { - "resource": "labeling-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:labeling-job/${LabelingJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "workteam": { - "resource": "workteam", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:workteam/${WorkteamName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "workforce": { - "resource": "workforce", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:workforce/${WorkforceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:domain/${DomainId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "user-profile": { - "resource": "user-profile", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:user-profile/${DomainId}/${UserProfileName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "space": { - "resource": "space", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:space/${DomainId}/${SpaceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "app": { - "resource": "app", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:app/${DomainId}/${UserProfileName}/${AppType}/${AppName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "app-image-config": { - "resource": "app-image-config", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:app-image-config/${AppImageConfigName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "studio-lifecycle-config": { - "resource": "studio-lifecycle-config", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:studio-lifecycle-config/${StudioLifecycleConfigName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "notebook-instance": { - "resource": "notebook-instance", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:notebook-instance/${NotebookInstanceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "notebook-instance-lifecycle-config": { - "resource": "notebook-instance-lifecycle-config", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:notebook-instance-lifecycle-config/${NotebookInstanceLifecycleConfigName}", - "condition_keys": [] - }, - "code-repository": { - "resource": "code-repository", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:code-repository/${CodeRepositoryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "image": { - "resource": "image", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:image/${ImageName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "image-version": { - "resource": "image-version", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:image-version/${ImageName}/${Version}", - "condition_keys": [] - }, - "algorithm": { - "resource": "algorithm", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:algorithm/${AlgorithmName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "training-job": { - "resource": "training-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:training-job/${TrainingJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "processing-job": { - "resource": "processing-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:processing-job/${ProcessingJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "hyper-parameter-tuning-job": { - "resource": "hyper-parameter-tuning-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:hyper-parameter-tuning-job/${HyperParameterTuningJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "project": { - "resource": "project", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:project/${ProjectName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model-package": { - "resource": "model-package", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-package/${ModelPackageName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model-package-group": { - "resource": "model-package-group", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-package-group/${ModelPackageGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model": { - "resource": "model", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model/${ModelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "endpoint-config": { - "resource": "endpoint-config", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:endpoint-config/${EndpointConfigName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "endpoint": { - "resource": "endpoint", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:endpoint/${EndpointName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "transform-job": { - "resource": "transform-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:transform-job/${TransformJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "compilation-job": { - "resource": "compilation-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:compilation-job/${CompilationJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "automl-job": { - "resource": "automl-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:automl-job/${AutoMLJobJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "monitoring-schedule": { - "resource": "monitoring-schedule", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:monitoring-schedule/${MonitoringScheduleName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "monitoring-schedule-alert": { - "resource": "monitoring-schedule-alert", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:monitoring-schedule/${MonitoringScheduleName}/alert/${MonitoringScheduleAlertName}", - "condition_keys": [] - }, - "data-quality-job-definition": { - "resource": "data-quality-job-definition", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:data-quality-job-definition/${DataQualityJobDefinitionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model-quality-job-definition": { - "resource": "model-quality-job-definition", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-quality-job-definition/${ModelQualityJobDefinitionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model-bias-job-definition": { - "resource": "model-bias-job-definition", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-bias-job-definition/${ModelBiasJobDefinitionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model-explainability-job-definition": { - "resource": "model-explainability-job-definition", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-explainability-job-definition/${ModelExplainabilityJobDefinitionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "experiment": { - "resource": "experiment", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:experiment/${ExperimentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "experiment-trial": { - "resource": "experiment-trial", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:experiment-trial/${TrialName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "experiment-trial-component": { - "resource": "experiment-trial-component", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:experiment-trial-component/${TrialComponentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "feature-group": { - "resource": "feature-group", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:feature-group/${FeatureGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "pipeline": { - "resource": "pipeline", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:pipeline/${PipelineName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "pipeline-execution": { - "resource": "pipeline-execution", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:pipeline/${PipelineName}/execution/${RandomString}", - "condition_keys": [] - }, - "artifact": { - "resource": "artifact", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:artifact/${HashOfArtifactSource}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "context": { - "resource": "context", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:context/${ContextName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "action": { - "resource": "action", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:action/${ActionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "lineage-group": { - "resource": "lineage-group", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:lineage-group/${LineageGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model-card": { - "resource": "model-card", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-card/${ModelCardName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "model-card-export-job": { - "resource": "model-card-export-job", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-card/${ModelCardName}/export-job/${ExportJobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "sagemaker:ResourceTag/${TagKey}" - ] - }, - "shared-model": { - "resource": "shared-model", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:shared-model/${SharedModelId}", - "condition_keys": [] - }, - "shared-model-event": { - "resource": "shared-model-event", - "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:shared-model-event/${EventId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a key that is present in the request the user makes to the SageMaker service", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the list of all the tag key names associated with the resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:AcceleratorTypes": { - "condition": "sagemaker:AcceleratorTypes", - "description": "Filters access by the list of all accelerator types associated with the resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:AppNetworkAccessType": { - "condition": "sagemaker:AppNetworkAccessType", - "description": "Filters access by the app network access type associated with the resource in the request", - "type": "String" - }, - "sagemaker:CustomerMetadataProperties/${MetadataKey}": { - "condition": "sagemaker:CustomerMetadataProperties/${MetadataKey}", - "description": "Filters access by a metadata key and value pair", - "type": "String" - }, - "sagemaker:CustomerMetadataPropertiesToRemove": { - "condition": "sagemaker:CustomerMetadataPropertiesToRemove", - "description": "Filters access by the list of metadata properties associated with the model-package resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:DirectInternetAccess": { - "condition": "sagemaker:DirectInternetAccess", - "description": "Filters access by the direct internet access associated with the resource in the request", - "type": "String" - }, - "sagemaker:DomainSharingOutputKmsKey": { - "condition": "sagemaker:DomainSharingOutputKmsKey", - "description": "Filters access by the Domain sharing output KMS key associated with the resource in the request", - "type": "ARN" - }, - "sagemaker:FeatureGroupDisableGlueTableCreation": { - "condition": "sagemaker:FeatureGroupDisableGlueTableCreation", - "description": "Filters access by the DisableGlueTableCreation flag associated with the feature group resource in the request", - "type": "Bool" - }, - "sagemaker:FeatureGroupEnableOnlineStore": { - "condition": "sagemaker:FeatureGroupEnableOnlineStore", - "description": "Filters access by the EnableOnlineStore flag associated with feature group in the request", - "type": "Bool" - }, - "sagemaker:FeatureGroupOfflineStoreConfig": { - "condition": "sagemaker:FeatureGroupOfflineStoreConfig", - "description": "Filters access by the presence of an OfflineStoreConfig in the feature group resource in the request. This access filter only supports the null-conditional operator", - "type": "Bool" - }, - "sagemaker:FeatureGroupOfflineStoreKmsKey": { - "condition": "sagemaker:FeatureGroupOfflineStoreKmsKey", - "description": "Filters access by the offline store kms key associated with the feature group resource in the request", - "type": "ARN" - }, - "sagemaker:FeatureGroupOfflineStoreS3Uri": { - "condition": "sagemaker:FeatureGroupOfflineStoreS3Uri", - "description": "Filters access by the offline store s3 uri associated with the feature group resource in the request", - "type": "String" - }, - "sagemaker:FeatureGroupOnlineStoreKmsKey": { - "condition": "sagemaker:FeatureGroupOnlineStoreKmsKey", - "description": "Filters access by the online store kms key associated with the feature group resource in the request", - "type": "ARN" - }, - "sagemaker:FileSystemAccessMode": { - "condition": "sagemaker:FileSystemAccessMode", - "description": "Filters access by a file system access mode associated with the resource in the request", - "type": "String" - }, - "sagemaker:FileSystemDirectoryPath": { - "condition": "sagemaker:FileSystemDirectoryPath", - "description": "Filters access by a file system directory path associated with the resource in the request", - "type": "String" - }, - "sagemaker:FileSystemId": { - "condition": "sagemaker:FileSystemId", - "description": "Filters access by a file system ID associated with the resource in the request", - "type": "String" - }, - "sagemaker:FileSystemType": { - "condition": "sagemaker:FileSystemType", - "description": "Filters access by a file system type associated with the resource in the request", - "type": "String" - }, - "sagemaker:HomeEfsFileSystemKmsKey": { - "condition": "sagemaker:HomeEfsFileSystemKmsKey", - "description": "Filters access by a key that is present in the request the user makes to the SageMaker service. This key is deprecated. It has been replaced by sagemaker:VolumeKmsKey", - "type": "ARN" - }, - "sagemaker:ImageArns": { - "condition": "sagemaker:ImageArns", - "description": "Filters access by the list of all image arns associated with the resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:ImageVersionArns": { - "condition": "sagemaker:ImageVersionArns", - "description": "Filters access by the list of all image version arns associated with the resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:InstanceTypes": { - "condition": "sagemaker:InstanceTypes", - "description": "Filters access by the list of all instance types associated with the resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:InterContainerTrafficEncryption": { - "condition": "sagemaker:InterContainerTrafficEncryption", - "description": "Filters access by the inter container traffic encryption associated with the resource in the request", - "type": "Bool" - }, - "sagemaker:KeepAlivePeriod": { - "condition": "sagemaker:KeepAlivePeriod", - "description": "Filters access by the keep-alive period associated with the resource in the request", - "type": "Numeric" - }, - "sagemaker:MaxRuntimeInSeconds": { - "condition": "sagemaker:MaxRuntimeInSeconds", - "description": "Filters access by the max runtime in seconds associated with the resource in the request", - "type": "Numeric" - }, - "sagemaker:MinimumInstanceMetadataServiceVersion": { - "condition": "sagemaker:MinimumInstanceMetadataServiceVersion", - "description": "Filters access by the minimum instance metadata service version used by the resource in the request", - "type": "String" - }, - "sagemaker:ModelApprovalStatus": { - "condition": "sagemaker:ModelApprovalStatus", - "description": "Filters access by the model approval status with the model-package in the request", - "type": "String" - }, - "sagemaker:ModelArn": { - "condition": "sagemaker:ModelArn", - "description": "Filters access by the model arn associated with the resource in the request", - "type": "ARN" - }, - "sagemaker:NetworkIsolation": { - "condition": "sagemaker:NetworkIsolation", - "description": "Filters access by the network isolation associated with the resource in the request", - "type": "Bool" - }, - "sagemaker:OutputKmsKey": { - "condition": "sagemaker:OutputKmsKey", - "description": "Filters access by the output kms key associated with the resource in the request", - "type": "ARN" - }, - "sagemaker:ResourceTag/": { - "condition": "sagemaker:ResourceTag/", - "description": "Filters access by the preface string for a tag key and value pair attached to a resource", - "type": "String" - }, - "sagemaker:ResourceTag/${TagKey}": { - "condition": "sagemaker:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair", - "type": "String" - }, - "sagemaker:RootAccess": { - "condition": "sagemaker:RootAccess", - "description": "Filters access by the root access associated with the resource in the request", - "type": "String" - }, - "sagemaker:ServerlessMaxConcurrency": { - "condition": "sagemaker:ServerlessMaxConcurrency", - "description": "Filters access by limiting maximum concurrency used for Serverless inference in the request", - "type": "Numeric" - }, - "sagemaker:ServerlessMemorySize": { - "condition": "sagemaker:ServerlessMemorySize", - "description": "Filters access by limiting memory size used for Serverless inference in the request", - "type": "Numeric" - }, - "sagemaker:TaggingAction": { - "condition": "sagemaker:TaggingAction", - "description": "Filters access by the API actions to which a user can apply tags. Uses the name of the API operation that creates a taggable resource to filter access", - "type": "String" - }, - "sagemaker:TargetModel": { - "condition": "sagemaker:TargetModel", - "description": "Filters access by the target model associated with the Multi-Model Endpoint in the request", - "type": "String" - }, - "sagemaker:VolumeKmsKey": { - "condition": "sagemaker:VolumeKmsKey", - "description": "Filters access by the volume kms key associated with the resource in the request", - "type": "ARN" - }, - "sagemaker:VpcSecurityGroupIds": { - "condition": "sagemaker:VpcSecurityGroupIds", - "description": "Filters access by the list of all VPC security group ids associated with the resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:VpcSubnets": { - "condition": "sagemaker:VpcSubnets", - "description": "Filters access by the list of all VPC subnets associated with the resource in the request", - "type": "ArrayOfString" - }, - "sagemaker:WorkteamArn": { - "condition": "sagemaker:WorkteamArn", - "description": "Filters access by the workteam arn associated to the request", - "type": "ARN" - }, - "sagemaker:WorkteamType": { - "condition": "sagemaker:WorkteamType", - "description": "Filters access by the workteam type associated to the request. This can be public-crowd, private-crowd or vendor-crowd", - "type": "String" - } - } - }, - "sagemaker-geospatial": { - "service_name": "Amazon SageMaker geospatial capabilities", - "prefix": "sagemaker-geospatial", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemakergeospatialcapabilities.html", - "privileges": { - "DeleteEarthObservationJob": { - "privilege": "DeleteEarthObservationJob", - "description": "Grants permission to the DeleteEarthObservationJob operation which deletes an existing earth observation job", - "access_level": "Write", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_DeleteEarthObservationJob.html" - }, - "DeleteVectorEnrichmentJob": { - "privilege": "DeleteVectorEnrichmentJob", - "description": "Grants permission to the DeleteVectorEnrichmentJob operation which deletes an existing vector enrichment job", - "access_level": "Write", - "resource_types": { - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_DeleteVectorEnrichmentJob.html" - }, - "ExportEarthObservationJob": { - "privilege": "ExportEarthObservationJob", - "description": "Grants permission to copy results of an earth observation job to an S3 location", - "access_level": "Write", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ExportEarthObservationJob.html" - }, - "ExportVectorEnrichmentJob": { - "privilege": "ExportVectorEnrichmentJob", - "description": "Grants permission to copy results of an VectorEnrichmentJob to an S3 location", - "access_level": "Write", - "resource_types": { - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ExportVectorEnrichmentJob.html" - }, - "GetEarthObservationJob": { - "privilege": "GetEarthObservationJob", - "description": "Grants permission to return details about the earth observation job", - "access_level": "Read", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetEarthObservationJob.html" - }, - "GetRasterDataCollection": { - "privilege": "GetRasterDataCollection", - "description": "Grants permission to return details about the raster data collection", - "access_level": "Read", - "resource_types": { - "RasterDataCollection": { - "resource_type": "RasterDataCollection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetRasterDataCollection.html" - }, - "GetTile": { - "privilege": "GetTile", - "description": "Grants permission to get the tile of an earth observation job", - "access_level": "Read", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetTile.html" - }, - "GetVectorEnrichmentJob": { - "privilege": "GetVectorEnrichmentJob", - "description": "Grants permission to return details about the vector enrichment job", - "access_level": "Read", - "resource_types": { - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetVectorEnrichmentJob.html" - }, - "ListEarthObservationJobs": { - "privilege": "ListEarthObservationJobs", - "description": "Grants permission to return an array of earth observation jobs associated with the current account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListEarthObservationJobs.html" - }, - "ListRasterDataCollections": { - "privilege": "ListRasterDataCollections", - "description": "Grants permission to return an array of aster data collections associated with the given model name", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListRasterDataCollections.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tag for an SageMaker Geospatial resource", - "access_level": "List", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RasterDataCollection": { - "resource_type": "RasterDataCollection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListTagsForResource.html" - }, - "ListVectorEnrichmentJobs": { - "privilege": "ListVectorEnrichmentJobs", - "description": "Grants permission to return an array of vector enrichment jobs associated with the current account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListVectorEnrichmentJobs.html" - }, - "SearchRasterDataCollection": { - "privilege": "SearchRasterDataCollection", - "description": "Grants permission to query raster data collections", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_SearchRasterDataCollection.html" - }, - "StartEarthObservationJob": { - "privilege": "StartEarthObservationJob", - "description": "Grants permission to the StartEarthObservationJob operation which starts a new earth observation job to your account", - "access_level": "Write", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StartEarthObservationJob.html" - }, - "StartVectorEnrichmentJob": { - "privilege": "StartVectorEnrichmentJob", - "description": "Grants permission to the StartVectorEnrichmentJob operation which starts a new vector enrichment job to your account", - "access_level": "Write", - "resource_types": { - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StartVectorEnrichmentJob.html" - }, - "StopEarthObservationJob": { - "privilege": "StopEarthObservationJob", - "description": "Grants permission to the StopEarthObservationJob operation which stops an existing earth observation job", - "access_level": "Write", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StopEarthObservationJob.html" - }, - "StopVectorEnrichmentJob": { - "privilege": "StopVectorEnrichmentJob", - "description": "Grants permission to the StopVectorEnrichmentJob operation which stops an existing vector enrichment job", - "access_level": "Write", - "resource_types": { - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StopVectorEnrichmentJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an SageMaker Geospatial resource", - "access_level": "Tagging", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RasterDataCollection": { - "resource_type": "RasterDataCollection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an SageMaker Geospatial resource", - "access_level": "Tagging", - "resource_types": { - "EarthObservationJob": { - "resource_type": "EarthObservationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RasterDataCollection": { - "resource_type": "RasterDataCollection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "VectorEnrichmentJob": { - "resource_type": "VectorEnrichmentJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_UntagResource.html" - } - }, - "resources": { - "EarthObservationJob": { - "resource": "EarthObservationJob", - "arn": "arn:${Partition}:sagemaker-geospatial:${Region}:${Account}:earth-observation-job/${JobID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "RasterDataCollection": { - "resource": "RasterDataCollection", - "arn": "arn:${Partition}:sagemaker-geospatial:${Region}:${Account}:raster-data-collection/${CollectionID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "VectorEnrichmentJob": { - "resource": "VectorEnrichmentJob", - "arn": "arn:${Partition}:sagemaker-geospatial:${Region}:${Account}:vector-enrichment-job/${JobID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "sagemaker-groundtruth-synthetic": { - "service_name": "Amazon SageMaker Ground Truth Synthetic", - "prefix": "sagemaker-groundtruth-synthetic", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemakergroundtruthsynthetic.html", - "privileges": { - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a project", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "GetAccountDetails": { - "privilege": "GetAccountDetails", - "description": "Grants permission to get account details", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "GetBatch": { - "privilege": "GetBatch", - "description": "Grants permission to get a batch", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "GetProject": { - "privilege": "GetProject", - "description": "Grants permission to get a project", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListBatchDataTransfers": { - "privilege": "ListBatchDataTransfers", - "description": "Grants permission to list batch data transfers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListBatchSummaries": { - "privilege": "ListBatchSummaries", - "description": "Grants permission to list batch summaries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListProjectDataTransfers": { - "privilege": "ListProjectDataTransfers", - "description": "Grants permission to list project data transfers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "ListProjectSummaries": { - "privilege": "ListProjectSummaries", - "description": "Grants permission to list project summaries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "StartBatchDataTransfer": { - "privilege": "StartBatchDataTransfer", - "description": "Grants permission to start a batch data transfer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "StartProjectDataTransfer": { - "privilege": "StartProjectDataTransfer", - "description": "Grants permission to start a project data transfer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - }, - "UpdateBatch": { - "privilege": "UpdateBatch", - "description": "Grants permission to update a batch", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${APIReferenceDocPage}" - } - }, - "resources": {}, - "conditions": {} - }, - "securitylake": { - "service_name": "Amazon Security Lake", - "prefix": "securitylake", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsecuritylake.html", - "privileges": { - "CreateAwsLogSource": { - "privilege": "CreateAwsLogSource", - "description": "Grants permission to enable any source type in any region for accounts that are either part of a trusted organization or standalone account", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "glue:CreateDatabase", - "glue:CreateTable", - "glue:GetDatabase", - "glue:GetTable", - "iam:CreateServiceLinkedRole", - "kms:CreateGrant", - "kms:DescribeKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateAwsLogSource.html" - }, - "CreateCustomLogSource": { - "privilege": "CreateCustomLogSource", - "description": "Grants permission to add a custom source", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "glue:CreateCrawler", - "glue:CreateDatabase", - "glue:CreateTable", - "glue:StartCrawlerSchedule", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:PassRole", - "iam:PutRolePolicy", - "kms:CreateGrant", - "kms:DescribeKey", - "kms:GenerateDataKey", - "lakeformation:GrantPermissions", - "lakeformation:RegisterResource", - "s3:ListBucket", - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateCustomLogSource.html" - }, - "CreateDataLake": { - "privilege": "CreateDataLake", - "description": "Grants permission to create a new security data lake", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:PutRule", - "events:PutTargets", - "iam:CreateServiceLinkedRole", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:PassRole", - "iam:PutRolePolicy", - "kms:CreateGrant", - "kms:DescribeKey", - "lakeformation:GetDataLakeSettings", - "lakeformation:PutDataLakeSettings", - "lambda:CreateEventSourceMapping", - "lambda:CreateFunction", - "organizations:DescribeOrganization", - "organizations:ListAccounts", - "organizations:ListDelegatedServicesForAccount", - "s3:CreateBucket", - "s3:ListBucket", - "s3:PutBucketPolicy", - "s3:PutBucketPublicAccessBlock", - "s3:PutBucketVersioning", - "sqs:CreateQueue", - "sqs:GetQueueAttributes", - "sqs:SetQueueAttributes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLake.html" - }, - "CreateDataLakeExceptionSubscription": { - "privilege": "CreateDataLakeExceptionSubscription", - "description": "Grants permission to get instant notifications about exceptions. Subscribes to the SNS topics for exception notifications", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLakeExceptionSubscription.html" - }, - "CreateDataLakeOrganizationConfiguration": { - "privilege": "CreateDataLakeOrganizationConfiguration", - "description": "Grants permission to automatically enable Amazon Security Lake for new member accounts in your organization", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLakeOrganizationConfiguration.html" - }, - "CreateSubscriber": { - "privilege": "CreateSubscriber", - "description": "Grants permission to create a subscriber", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateRole", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:PutRolePolicy", - "lakeformation:GrantPermissions", - "lakeformation:ListPermissions", - "lakeformation:RegisterResource", - "lakeformation:RevokePermissions", - "ram:GetResourceShareAssociations", - "ram:GetResourceShares", - "ram:UpdateResourceShare", - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateSubscriber.html" - }, - "CreateSubscriberNotification": { - "privilege": "CreateSubscriberNotification", - "description": "Grants permission to create a webhook invocation to notify a client when there is new data in the data lake", - "access_level": "Write", - "resource_types": { - "subscriber": { - "resource_type": "subscriber", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:CreateApiDestination", - "events:CreateConnection", - "events:DescribeRule", - "events:ListApiDestinations", - "events:ListConnections", - "events:PutRule", - "events:PutTargets", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:PassRole", - "s3:GetBucketNotification", - "s3:PutBucketNotification", - "sqs:CreateQueue", - "sqs:DeleteQueue", - "sqs:GetQueueAttributes", - "sqs:GetQueueUrl", - "sqs:SetQueueAttributes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateSubscriberNotification.html" - }, - "DeleteAwsLogSource": { - "privilege": "DeleteAwsLogSource", - "description": "Grants permission to disable any source type in any region for accounts that are part of a trusted organization or standalone accounts", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteAwsLogSource.html" - }, - "DeleteCustomLogSource": { - "privilege": "DeleteCustomLogSource", - "description": "Grants permission to remove a custom source", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "glue:StopCrawlerSchedule" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteCustomLogSource.html" - }, - "DeleteDataLake": { - "privilege": "DeleteDataLake", - "description": "Grants permission to delete security data lake", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization", - "organizations:ListDelegatedAdministrators", - "organizations:ListDelegatedServicesForAccount" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLake.html" - }, - "DeleteDataLakeExceptionSubscription": { - "privilege": "DeleteDataLakeExceptionSubscription", - "description": "Grants permission to unsubscribe from SNS topics for exception notifications. Removes exception notifications for the SNS topic", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLakeExceptionSubscription.html" - }, - "DeleteDataLakeOrganizationConfiguration": { - "privilege": "DeleteDataLakeOrganizationConfiguration", - "description": "Grants permission to remove the automatic enablement of Amazon Security Lake access for new organization accounts", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLakeOrganizationConfiguration.html" - }, - "DeleteSubscriber": { - "privilege": "DeleteSubscriber", - "description": "Grants permission to delete the specified subscriber", - "access_level": "Write", - "resource_types": { - "subscriber": { - "resource_type": "subscriber", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:DeleteApiDestination", - "events:DeleteConnection", - "events:DeleteRule", - "events:DescribeRule", - "events:ListApiDestinations", - "events:ListTargetsByRule", - "events:RemoveTargets", - "iam:DeleteRole", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:ListRolePolicies", - "lakeformation:ListPermissions", - "lakeformation:RevokePermissions", - "sqs:DeleteQueue", - "sqs:GetQueueUrl" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteSubscriber.html" - }, - "DeleteSubscriberNotification": { - "privilege": "DeleteSubscriberNotification", - "description": "Grants permission to remove a webhook invocation to notify a client when there is new data in the data lake", - "access_level": "Write", - "resource_types": { - "subscriber": { - "resource_type": "subscriber", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:DeleteApiDestination", - "events:DeleteConnection", - "events:DeleteRule", - "events:DescribeRule", - "events:ListApiDestinations", - "events:ListTargetsByRule", - "events:RemoveTargets", - "iam:DeleteRole", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:ListRolePolicies", - "lakeformation:RevokePermissions", - "sqs:DeleteQueue", - "sqs:GetQueueUrl" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteSubscriberNotification.html" - }, - "DeregisterDataLakeDelegatedAdministrator": { - "privilege": "DeregisterDataLakeDelegatedAdministrator", - "description": "Grants permission to remove the Delegated Administrator account and disable Amazon Security Lake as a service for this organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DeregisterDelegatedAdministrator", - "organizations:DescribeOrganization", - "organizations:ListDelegatedServicesForAccount" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeregisterDataLakeDelegatedAdministrator.html" - }, - "GetDataLakeExceptionSubscription": { - "privilege": "GetDataLakeExceptionSubscription", - "description": "Grants permission to query the protocol and endpoint that were provided when subscribing to SNS topics for exception notifications", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeExceptionSubscription.html" - }, - "GetDataLakeOrganizationConfiguration": { - "privilege": "GetDataLakeOrganizationConfiguration", - "description": "Grants permission to get an organization\u2019s configuration setting for automatically enabling Amazon Security Lake access for new organization accounts", - "access_level": "Read", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeOrganizationConfiguration.html" - }, - "GetDataLakeSources": { - "privilege": "GetDataLakeSources", - "description": "Grants permission to get a static snapshot of the security data lake in the current region. The snapshot includes enabled accounts and log sources", - "access_level": "Read", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeSources.html" - }, - "GetSubscriber": { - "privilege": "GetSubscriber", - "description": "Grants permission to get information about subscriber that is already created", - "access_level": "Read", - "resource_types": { - "subscriber": { - "resource_type": "subscriber", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetSubscriber.html" - }, - "ListDataLakeExceptions": { - "privilege": "ListDataLakeExceptions", - "description": "Grants permission to get the list of all non-retryable failures", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListDataLakeExceptions.html" - }, - "ListDataLakes": { - "privilege": "ListDataLakes", - "description": "Grants permission to list information about the security data lakes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListDataLakes.html" - }, - "ListLogSources": { - "privilege": "ListLogSources", - "description": "Grants permission to view the enabled accounts. You can view the enabled sources in the enabled regions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListLogSources.html" - }, - "ListSubscribers": { - "privilege": "ListSubscribers", - "description": "Grants permission to list all subscribers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListSubscribers.html" - }, - "RegisterDataLakeDelegatedAdministrator": { - "privilege": "RegisterDataLakeDelegatedAdministrator", - "description": "Grants permission to designate an account as the Amazon Security Lake administrator account for the organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "organizations:DescribeOrganization", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators", - "organizations:ListDelegatedServicesForAccount", - "organizations:RegisterDelegatedAdministrator" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_RegisterDataLakeDelegatedAdministrator.html" - }, - "UpdateDataLake": { - "privilege": "UpdateDataLake", - "description": "Grants permission to update a security data lake", - "access_level": "Write", - "resource_types": { - "data-lake": { - "resource_type": "data-lake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:PutRule", - "events:PutTargets", - "iam:CreateServiceLinkedRole", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:PutRolePolicy", - "kms:CreateGrant", - "kms:DescribeKey", - "lakeformation:GetDataLakeSettings", - "lakeformation:PutDataLakeSettings", - "lambda:CreateEventSourceMapping", - "lambda:CreateFunction", - "organizations:DescribeOrganization", - "organizations:ListDelegatedServicesForAccount", - "s3:CreateBucket", - "s3:ListBucket", - "s3:PutBucketPolicy", - "s3:PutBucketPublicAccessBlock", - "s3:PutBucketVersioning", - "sqs:CreateQueue", - "sqs:GetQueueAttributes", - "sqs:SetQueueAttributes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDataLake.html" - }, - "UpdateDataLakeExceptionSubscription": { - "privilege": "UpdateDataLakeExceptionSubscription", - "description": "Grants permission to update subscriptions to the SNS topics for exception notifications", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDataLakeExceptionSubscription.html" - }, - "UpdateSubscriber": { - "privilege": "UpdateSubscriber", - "description": "Grants permission to update subscriber", - "access_level": "Write", - "resource_types": { - "subscriber": { - "resource_type": "subscriber", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:CreateApiDestination", - "events:CreateConnection", - "events:DescribeRule", - "events:ListApiDestinations", - "events:ListConnections", - "events:PutRule", - "events:PutTargets", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:PutRolePolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateSubscriber.html" - }, - "UpdateSubscriberNotification": { - "privilege": "UpdateSubscriberNotification", - "description": "Grants permission to update a webhook invocation to notify a client when there is new data in the data lake", - "access_level": "Write", - "resource_types": { - "subscriber": { - "resource_type": "subscriber", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "events:CreateApiDestination", - "events:CreateConnection", - "events:DescribeRule", - "events:ListApiDestinations", - "events:ListConnections", - "events:PutRule", - "events:PutTargets", - "iam:CreateServiceLinkedRole", - "iam:DeleteRolePolicy", - "iam:GetRole", - "iam:PassRole", - "iam:PutRolePolicy", - "s3:CreateBucket", - "s3:GetBucketNotification", - "s3:ListBucket", - "s3:PutBucketNotification", - "s3:PutBucketPolicy", - "s3:PutBucketPublicAccessBlock", - "s3:PutBucketVersioning", - "s3:PutLifecycleConfiguration", - "sqs:CreateQueue", - "sqs:DeleteQueue", - "sqs:GetQueueAttributes", - "sqs:GetQueueUrl", - "sqs:SetQueueAttributes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateSubscriberNotification.html" - } - }, - "resources": { - "data-lake": { - "resource": "data-lake", - "arn": "arn:${Partition}:securitylake:${Region}:${Account}:data-lake/default", - "condition_keys": [] - }, - "subscriber": { - "resource": "subscriber", - "arn": "arn:${Partition}:securitylake:${Region}:${Account}:subscriber/${SubscriberId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "ssmmessages": { - "service_name": "Amazon Session Manager Message Gateway Service", - "prefix": "ssmmessages", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsessionmanagermessagegatewayservice.html", - "privileges": { - "CreateControlChannel": { - "privilege": "CreateControlChannel", - "description": "Grants permission to register a control channel for an instance to send control messages to Systems Manager service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SourceInstanceARN" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" - }, - "CreateDataChannel": { - "privilege": "CreateDataChannel", - "description": "Grants permission to register a data channel for an instance to send data messages to Systems Manager service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" - }, - "OpenControlChannel": { - "privilege": "OpenControlChannel", - "description": "Grants permission to open a websocket connection for a registered control channel stream from an instance to Systems Manager service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" - }, - "OpenDataChannel": { - "privilege": "OpenDataChannel", - "description": "Grants permission to open a websocket connection for a registered data channel stream from an instance to Systems Manager service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" - } - }, - "resources": {}, - "conditions": { - "ssm:SourceInstanceARN": { - "condition": "ssm:SourceInstanceARN", - "description": "Filters access by verifying the Amazon Resource Name (ARN) of the AWS Systems Manager's managed instance from which the request is made. This key is not present when the request comes from the managed instance authenticated with an IAM role associated with EC2 instance profile", - "type": "String" - } - } - }, - "sdb": { - "service_name": "Amazon SimpleDB", - "prefix": "sdb", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsimpledb.html", - "privileges": { - "BatchDeleteAttributes": { - "privilege": "BatchDeleteAttributes", - "description": "Performs multiple DeleteAttributes operations in a single call, which reduces round trips and latencies", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_BatchDeleteAttributes.html" - }, - "BatchPutAttributes": { - "privilege": "BatchPutAttributes", - "description": "With the BatchPutAttributes operation, you can perform multiple PutAttribute operations in a single call. With the BatchPutAttributes operation, you can perform multiple PutAttribute operations in a single call", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_BatchPutAttributes.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "The CreateDomain operation creates a new domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_CreateDomain.html" - }, - "DeleteAttributes": { - "privilege": "DeleteAttributes", - "description": "Deletes one or more attributes associated with the item", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_DeleteAttributes.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "The DeleteDomain operation deletes a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_DeleteDomain.html" - }, - "DomainMetadata": { - "privilege": "DomainMetadata", - "description": "Returns information about the domain, including when the domain was created, the number of items and attributes, and the size of attribute names and values", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_DomainMetadata.html" - }, - "GetAttributes": { - "privilege": "GetAttributes", - "description": "Returns all of the attributes associated with the item", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_GetAttributes.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Description for ListDomains", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_ListDomains.html" - }, - "PutAttributes": { - "privilege": "PutAttributes", - "description": "The PutAttributes operation creates or replaces attributes in an item", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_PutAttributes.html" - }, - "Select": { - "privilege": "Select", - "description": "Description for Select", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_Select.html" - } - }, - "resources": { - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:sdb:${Region}:${Account}:domain/${DomainName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "swf": { - "service_name": "Amazon Simple Workflow Service", - "prefix": "swf", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsimpleworkflowservice.html", - "privileges": { - "CancelTimer": { - "privilege": "CancelTimer", - "description": "Grants permission to cancel a previously started timer and record a TimerCanceled event in the history", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "CancelWorkflowExecution": { - "privilege": "CancelWorkflowExecution", - "description": "Grants permission to close the workflow execution and record a WorkflowExecutionCanceled event in the history", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "CompleteWorkflowExecution": { - "privilege": "CompleteWorkflowExecution", - "description": "Grants permission to close the workflow execution and record a WorkflowExecutionCompleted event in the history", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "ContinueAsNewWorkflowExecution": { - "privilege": "ContinueAsNewWorkflowExecution", - "description": "Grants permission to close the workflow execution and start a new workflow execution of the same type using the same workflow ID and a unique run Id", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "CountClosedWorkflowExecutions": { - "privilege": "CountClosedWorkflowExecutions", - "description": "Grants permission to return the number of closed workflow executions within the given domain that meet the specified filtering criteria", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:tagFilter.tag", - "swf:typeFilter.name", - "swf:typeFilter.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountClosedWorkflowExecutions.html" - }, - "CountOpenWorkflowExecutions": { - "privilege": "CountOpenWorkflowExecutions", - "description": "Grants permission to return the number of open workflow executions within the given domain that meet the specified filtering criteria", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:tagFilter.tag", - "swf:typeFilter.name", - "swf:typeFilter.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountOpenWorkflowExecutions.html" - }, - "CountPendingActivityTasks": { - "privilege": "CountPendingActivityTasks", - "description": "Grants permission to return the estimated number of activity tasks in the specified task list", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:taskList.name" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountPendingActivityTasks.html" - }, - "CountPendingDecisionTasks": { - "privilege": "CountPendingDecisionTasks", - "description": "Grants permission to return the estimated number of decision tasks in the specified task list", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:taskList.name" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountPendingDecisionTasks.html" - }, - "DeprecateActivityType": { - "privilege": "DeprecateActivityType", - "description": "Grants permission to deprecate the specified activity type", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:activityType.name", - "swf:activityType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DeprecateActivityType.html" - }, - "DeprecateDomain": { - "privilege": "DeprecateDomain", - "description": "Grants permission to deprecate the specified domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DeprecateDomain.html" - }, - "DeprecateWorkflowType": { - "privilege": "DeprecateWorkflowType", - "description": "Grants permission to deprecate the specified workflow type", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:workflowType.name", - "swf:workflowType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DeprecateWorkflowType.html" - }, - "DescribeActivityType": { - "privilege": "DescribeActivityType", - "description": "Grants permission to return information about the specified activity type", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:activityType.name", - "swf:activityType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeActivityType.html" - }, - "DescribeDomain": { - "privilege": "DescribeDomain", - "description": "Grants permission to return information about the specified domain, including its description and status", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeDomain.html" - }, - "DescribeWorkflowExecution": { - "privilege": "DescribeWorkflowExecution", - "description": "Grants permission to return information about the specified workflow execution including its type and some statistics", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeWorkflowExecution.html" - }, - "DescribeWorkflowType": { - "privilege": "DescribeWorkflowType", - "description": "Grants permission to return information about the specified workflow type", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:workflowType.name", - "swf:workflowType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeWorkflowType.html" - }, - "FailWorkflowExecution": { - "privilege": "FailWorkflowExecution", - "description": "Grants permission to close the workflow execution and record a WorkflowExecutionFailed event in the history", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "GetWorkflowExecutionHistory": { - "privilege": "GetWorkflowExecutionHistory", - "description": "Grants permission to return the history of the specified workflow execution", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_GetWorkflowExecutionHistory.html" - }, - "ListActivityTypes": { - "privilege": "ListActivityTypes", - "description": "Grants permission to return information about all activities registered in the specified domain that match the specified name and registration status", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListActivityTypes.html" - }, - "ListClosedWorkflowExecutions": { - "privilege": "ListClosedWorkflowExecutions", - "description": "Grants permission to return a list of closed workflow executions in the specified domain that meet the filtering criteria", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:tagFilter.tag", - "swf:typeFilter.name", - "swf:typeFilter.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListClosedWorkflowExecutions.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to return the list of domains registered in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListDomains.html" - }, - "ListOpenWorkflowExecutions": { - "privilege": "ListOpenWorkflowExecutions", - "description": "Grants permission to return a list of open workflow executions in the specified domain that meet the filtering criteria", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:tagFilter.tag", - "swf:typeFilter.name", - "swf:typeFilter.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListOpenWorkflowExecutions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS SWF resource", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListTagsForResource.html" - }, - "ListWorkflowTypes": { - "privilege": "ListWorkflowTypes", - "description": "Grants permission to return information about workflow types in the specified domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListWorkflowTypes.html" - }, - "PollForActivityTask": { - "privilege": "PollForActivityTask", - "description": "Grants permission to workers to get an ActivityTask from the specified activity taskList", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:taskList.name" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_PollForActivityTask.html" - }, - "PollForDecisionTask": { - "privilege": "PollForDecisionTask", - "description": "Grants permission to deciders to get a DecisionTask from the specified decision taskList", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:taskList.name" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_PollForDecisionTask.html" - }, - "RecordActivityTaskHeartbeat": { - "privilege": "RecordActivityTaskHeartbeat", - "description": "Grants permission to workers to report to the service that the ActivityTask represented by the specified taskToken is still making progress", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RecordActivityTaskHeartbeat.html" - }, - "RecordMarker": { - "privilege": "RecordMarker", - "description": "Grants permission to record a MarkerRecorded event in the history", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "RegisterActivityType": { - "privilege": "RegisterActivityType", - "description": "Grants permission to register a new activity type along with its configuration settings in the specified domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:defaultTaskList.name", - "swf:name", - "swf:version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RegisterActivityType.html" - }, - "RegisterDomain": { - "privilege": "RegisterDomain", - "description": "Grants permission to register a new domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RegisterDomain.html" - }, - "RegisterWorkflowType": { - "privilege": "RegisterWorkflowType", - "description": "Grants permission to register a new workflow type and its configuration settings in the specified domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:defaultTaskList.name", - "swf:name", - "swf:version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RegisterWorkflowType.html" - }, - "RequestCancelActivityTask": { - "privilege": "RequestCancelActivityTask", - "description": "Grants permission to attempt to cancel a previously scheduled activity task", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "RequestCancelExternalWorkflowExecution": { - "privilege": "RequestCancelExternalWorkflowExecution", - "description": "Grants permission to request that a request be made to cancel the specified external workflow execution", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "RequestCancelWorkflowExecution": { - "privilege": "RequestCancelWorkflowExecution", - "description": "Grants permission to record a WorkflowExecutionCancelRequested event in the currently running workflow execution identified by the given domain, workflowId, and runId", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RequestCancelWorkflowExecution.html" - }, - "RespondActivityTaskCanceled": { - "privilege": "RespondActivityTaskCanceled", - "description": "Grants permission to workers to tell the service that the ActivityTask identified by the taskToken was successfully canceled", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondActivityTaskCanceled.html" - }, - "RespondActivityTaskCompleted": { - "privilege": "RespondActivityTaskCompleted", - "description": "Grants permission to workers to tell the service that the ActivityTask identified by the taskToken completed successfully with a result (if provided)", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:activityType.name", - "swf:activityType.version", - "swf:tagList.member.0", - "swf:tagList.member.1", - "swf:tagList.member.2", - "swf:tagList.member.3", - "swf:tagList.member.4", - "swf:taskList.name", - "swf:workflowType.name", - "swf:workflowType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondActivityTaskCompleted.html" - }, - "RespondActivityTaskFailed": { - "privilege": "RespondActivityTaskFailed", - "description": "Grants permission to workers to tell the service that the ActivityTask identified by the taskToken has failed with reason (if specified)", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondActivityTaskFailed.html" - }, - "RespondDecisionTaskCompleted": { - "privilege": "RespondDecisionTaskCompleted", - "description": "Grants permission to deciders to tell the service that the DecisionTask identified by the taskToken has successfully completed", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondDecisionTaskCompleted.html" - }, - "ScheduleActivityTask": { - "privilege": "ScheduleActivityTask", - "description": "Grants permission to schedule an activity task", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "SignalExternalWorkflowExecution": { - "privilege": "SignalExternalWorkflowExecution", - "description": "Grants permission to request a signal to be delivered to the specified external workflow execution and records", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "SignalWorkflowExecution": { - "privilege": "SignalWorkflowExecution", - "description": "Grants permission to record a WorkflowExecutionSignaled event in the workflow execution history and create a decision task for the workflow execution identified by the given domain, workflowId and runId", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_SignalWorkflowExecution.html" - }, - "StartChildWorkflowExecution": { - "privilege": "StartChildWorkflowExecution", - "description": "Grants permission to request that a child workflow execution be started", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "StartTimer": { - "privilege": "StartTimer", - "description": "Grants permission to start a timer for a workflow execution", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" - }, - "StartWorkflowExecution": { - "privilege": "StartWorkflowExecution", - "description": "Grants permission to start an execution of the workflow type in the specified domain using the provided workflowId and input data", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:tagList.member.0", - "swf:tagList.member.1", - "swf:tagList.member.2", - "swf:tagList.member.3", - "swf:tagList.member.4", - "swf:taskList.name", - "swf:workflowType.name", - "swf:workflowType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_StartWorkflowExecution.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS SWF resource", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_TagResource.html" - }, - "TerminateWorkflowExecution": { - "privilege": "TerminateWorkflowExecution", - "description": "Grants permission to record a WorkflowExecutionTerminated event and force closure of the workflow execution identified by the given domain, runId, and workflowId", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_TerminateWorkflowExecution.html" - }, - "UndeprecateActivityType": { - "privilege": "UndeprecateActivityType", - "description": "Grants permission to undeprecate a previously deprecated activity type", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:activityType.name", - "swf:activityType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UndeprecateActivityType.html" - }, - "UndeprecateDomain": { - "privilege": "UndeprecateDomain", - "description": "Grants permission to undeprecate a previously deprecated domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UndeprecateDomain.html" - }, - "UndeprecateWorkflowType": { - "privilege": "UndeprecateWorkflowType", - "description": "Grants permission to undeprecate a previously deprecated workflow type", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "swf:workflowType.name", - "swf:workflowType.version" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UndeprecateWorkflowType.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an AWS SWF resource", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UntagResource.html" - } - }, - "resources": { - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:swf::${Account}:/domain/${DomainName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tag of the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag of the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag of the key", - "type": "ArrayOfString" - }, - "swf:activityType.name": { - "condition": "swf:activityType.name", - "description": "Filters access by the name of the activity type", - "type": "String" - }, - "swf:activityType.version": { - "condition": "swf:activityType.version", - "description": "Filters access by the version of the activity type", - "type": "String" - }, - "swf:defaultTaskList.name": { - "condition": "swf:defaultTaskList.name", - "description": "Filters access by the name of the default task list", - "type": "String" - }, - "swf:name": { - "condition": "swf:name", - "description": "Filters access by the name of activities or workflows", - "type": "String" - }, - "swf:tagFilter.tag": { - "condition": "swf:tagFilter.tag", - "description": "Filters access by the value of tagFilter.tag", - "type": "String" - }, - "swf:tagList.member.0": { - "condition": "swf:tagList.member.0", - "description": "Filters access by the specified tag", - "type": "String" - }, - "swf:tagList.member.1": { - "condition": "swf:tagList.member.1", - "description": "Filters access by the specified tag", - "type": "String" - }, - "swf:tagList.member.2": { - "condition": "swf:tagList.member.2", - "description": "Filters access by the specified tag", - "type": "String" - }, - "swf:tagList.member.3": { - "condition": "swf:tagList.member.3", - "description": "Filters access by the specified tag", - "type": "String" - }, - "swf:tagList.member.4": { - "condition": "swf:tagList.member.4", - "description": "Filters access by the specified tag", - "type": "String" - }, - "swf:taskList.name": { - "condition": "swf:taskList.name", - "description": "Filters access by the name of the tasklist", - "type": "String" - }, - "swf:typeFilter.name": { - "condition": "swf:typeFilter.name", - "description": "Filters access by the name of the type filter", - "type": "String" - }, - "swf:typeFilter.version": { - "condition": "swf:typeFilter.version", - "description": "Filters access by the version of the type filter", - "type": "String" - }, - "swf:version": { - "condition": "swf:version", - "description": "Filters access by the version of activities or workflows", - "type": "String" - }, - "swf:workflowType.name": { - "condition": "swf:workflowType.name", - "description": "Filters access by the name of the workflow type", - "type": "String" - }, - "swf:workflowType.version": { - "condition": "swf:workflowType.version", - "description": "Filters access by the version of the workflow type", - "type": "String" - } - } - }, - "sns": { - "service_name": "Amazon SNS", - "prefix": "sns", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsns.html", - "privileges": { - "AddPermission": { - "privilege": "AddPermission", - "description": "Grants permission to add a statement to a topic's access control policy, granting access for the specified AWS accounts to the specified actions", - "access_level": "Permissions management", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_AddPermission.html" - }, - "CheckIfPhoneNumberIsOptedOut": { - "privilege": "CheckIfPhoneNumberIsOptedOut", - "description": "Grants permission to accept a phone number and indicate whether the phone holder has opted out of receiving SMS messages from your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CheckIfPhoneNumberIsOptedOut.html" - }, - "ConfirmSubscription": { - "privilege": "ConfirmSubscription", - "description": "Grants permission to verify an endpoint owner's intent to receive messages by validating the token sent to the endpoint by an earlier Subscribe action", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ConfirmSubscription.html" - }, - "CreatePlatformApplication": { - "privilege": "CreatePlatformApplication", - "description": "Grants permission to create a platform application object for one of the supported push notification services, such as APNS and GCM, to which devices and mobile apps may register", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html" - }, - "CreatePlatformEndpoint": { - "privilege": "CreatePlatformEndpoint", - "description": "Grants permission to create an endpoint for a device and mobile app on one of the supported push notification services, such as GCM and APNS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformEndpoint.html" - }, - "CreateSMSSandboxPhoneNumber": { - "privilege": "CreateSMSSandboxPhoneNumber", - "description": "Grants permission to add a destination phone number and send a one-time password (OTP) to that phone number for an AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreateSMSSandboxPhoneNumber.html" - }, - "CreateTopic": { - "privilege": "CreateTopic", - "description": "Grants permission to create a topic to which notifications can be published", - "access_level": "Permissions management", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreateTopic.html" - }, - "DeleteEndpoint": { - "privilege": "DeleteEndpoint", - "description": "Grants permission to delete the endpoint for a device and mobile app from Amazon SNS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeleteEndpoint.html" - }, - "DeletePlatformApplication": { - "privilege": "DeletePlatformApplication", - "description": "Grants permission to delete a platform application object for one of the supported push notification services, such as APNS and GCM", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeletePlatformApplication.html" - }, - "DeleteSMSSandboxPhoneNumber": { - "privilege": "DeleteSMSSandboxPhoneNumber", - "description": "Grants permission to delete an AWS account's verified or pending phone number", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeleteSMSSandboxPhoneNumber.html" - }, - "DeleteTopic": { - "privilege": "DeleteTopic", - "description": "Grants permission to delete a topic and all its subscriptions", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeleteTopic.html" - }, - "GetDataProtectionPolicy": { - "privilege": "GetDataProtectionPolicy", - "description": "Grants permission to return the data protection policy of the topic", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetDataProtectionPolicy.html" - }, - "GetEndpointAttributes": { - "privilege": "GetEndpointAttributes", - "description": "Grants permission to retrieve the endpoint attributes for a device on one of the supported push notification services, such as GCM and APNS", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetEndpointAttributes.html" - }, - "GetPlatformApplicationAttributes": { - "privilege": "GetPlatformApplicationAttributes", - "description": "Grants permission to retrieve the attributes of the platform application object for the supported push notification services, such as APNS and GCM", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetPlatformApplicationAttributes.html" - }, - "GetSMSAttributes": { - "privilege": "GetSMSAttributes", - "description": "Grants permission to return the settings for sending SMS messages from your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetSMSAttributes.html" - }, - "GetSMSSandboxAccountStatus": { - "privilege": "GetSMSSandboxAccountStatus", - "description": "Grants permission to retrieve the sandbox status for the calling account in the target region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetSMSSandboxAccountStatus.html" - }, - "GetSubscriptionAttributes": { - "privilege": "GetSubscriptionAttributes", - "description": "Grants permission to return all of the properties of a subscription", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html" - }, - "GetTopicAttributes": { - "privilege": "GetTopicAttributes", - "description": "Grants permission to return all of the properties of a topic", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html" - }, - "ListEndpointsByPlatformApplication": { - "privilege": "ListEndpointsByPlatformApplication", - "description": "Grants permission to list the endpoints and endpoint attributes for devices in a supported push notification service, such as GCM and APNS", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListEndpointsByPlatformApplication.html" - }, - "ListOriginationNumbers": { - "privilege": "ListOriginationNumbers", - "description": "Grants permission to list all origination numbers, and their metadata", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListOriginationNumbers.html" - }, - "ListPhoneNumbersOptedOut": { - "privilege": "ListPhoneNumbersOptedOut", - "description": "Grants permission to return a list of phone numbers that are opted out, meaning you cannot send SMS messages to them", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListPhoneNumbersOptedOut.html" - }, - "ListPlatformApplications": { - "privilege": "ListPlatformApplications", - "description": "Grants permission to list the platform application objects for the supported push notification services, such as APNS and GCM", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListPlatformApplications.html" - }, - "ListSMSSandboxPhoneNumbers": { - "privilege": "ListSMSSandboxPhoneNumbers", - "description": "Grants permission to list the calling account's current pending and verified destination phone numbers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListSMSSandboxPhoneNumbers.html" - }, - "ListSubscriptions": { - "privilege": "ListSubscriptions", - "description": "Grants permission to return a list of the requester's subscriptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListSubscriptions.html" - }, - "ListSubscriptionsByTopic": { - "privilege": "ListSubscriptionsByTopic", - "description": "Grants permission to return a list of the subscriptions to a specific topic", - "access_level": "List", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListSubscriptionsByTopic.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags added to the specified Amazon SNS topic", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListTagsForResource.html" - }, - "ListTopics": { - "privilege": "ListTopics", - "description": "Grants permission to return a list of the requester's topics", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html" - }, - "OptInPhoneNumber": { - "privilege": "OptInPhoneNumber", - "description": "Grants permission to opt in a phone number that is currently opted out, which enables you to resume sending SMS messages to the number", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_OptInPhoneNumber.html" - }, - "Publish": { - "privilege": "Publish", - "description": "Grants permission to send a message to all of a topic's subscribed endpoints", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_Publish.html" - }, - "PutDataProtectionPolicy": { - "privilege": "PutDataProtectionPolicy", - "description": "Grants permission to allow a topic owner to set the data protection policy", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_PutDataProtectionPolicy.html" - }, - "RemovePermission": { - "privilege": "RemovePermission", - "description": "Grants permission to remove a statement from a topic's access control policy", - "access_level": "Permissions management", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_RemovePermission.html" - }, - "SetEndpointAttributes": { - "privilege": "SetEndpointAttributes", - "description": "Grants permission to set the attributes for an endpoint for a device on one of the supported push notification services, such as GCM and APNS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetEndpointAttributes.html" - }, - "SetPlatformApplicationAttributes": { - "privilege": "SetPlatformApplicationAttributes", - "description": "Grants permission to set the attributes of the platform application object for the supported push notification services, such as APNS and GCM", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetPlatformApplicationAttributes.html" - }, - "SetSMSAttributes": { - "privilege": "SetSMSAttributes", - "description": "Grants permission to set the default settings for sending SMS messages and receiving daily SMS usage reports", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetSMSAttributes.html" - }, - "SetSubscriptionAttributes": { - "privilege": "SetSubscriptionAttributes", - "description": "Grants permission to allow a subscription owner to set an attribute of the topic to a new value", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetSubscriptionAttributes.html" - }, - "SetTopicAttributes": { - "privilege": "SetTopicAttributes", - "description": "Grants permission to allow a topic owner to set an attribute of the topic to a new value", - "access_level": "Permissions management", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetTopicAttributes.html" - }, - "Subscribe": { - "privilege": "Subscribe", - "description": "Grants permission to prepare to subscribe an endpoint by sending the endpoint a confirmation message", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sns:Endpoint", - "sns:Protocol" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to the specified Amazon SNS topic", - "access_level": "Tagging", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_TagResource.html" - }, - "Unsubscribe": { - "privilege": "Unsubscribe", - "description": "Grants permission to delete a subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_Unsubscribe.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from the specified Amazon SNS topic", - "access_level": "Tagging", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_UntagResource.html" - }, - "VerifySMSSandboxPhoneNumber": { - "privilege": "VerifySMSSandboxPhoneNumber", - "description": "Grants permission to verify a destination phone number with a one-time password (OTP) for an AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_VerifySMSSandboxPhoneNumber.html" - } - }, - "resources": { - "topic": { - "resource": "topic", - "arn": "arn:${Partition}:sns:${Region}:${Account}:${TopicName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags from request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys from request", - "type": "ArrayOfString" - }, - "sns:Endpoint": { - "condition": "sns:Endpoint", - "description": "Filters access by the URL, email address, or ARN from a Subscribe request or a previously confirmed subscription", - "type": "String" - }, - "sns:Protocol": { - "condition": "sns:Protocol", - "description": "Filters access by the protocol value from a Subscribe request or a previously confirmed subscription", - "type": "String" - } - } - }, - "sqs": { - "service_name": "Amazon SQS", - "prefix": "sqs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsqs.html", - "privileges": { - "AddPermission": { - "privilege": "AddPermission", - "description": "Grants permission to a queue for a specific principal", - "access_level": "Permissions management", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_AddPermission.html" - }, - "CancelMessageMoveTask": { - "privilege": "CancelMessageMoveTask", - "description": "Grants permission to cancel an in progress message move task", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CancelMessageMoveTask.html" - }, - "ChangeMessageVisibility": { - "privilege": "ChangeMessageVisibility", - "description": "Grants permission to change the visibility timeout of a specified message in a queue to a new value", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ChangeMessageVisibility.html" - }, - "CreateQueue": { - "privilege": "CreateQueue", - "description": "Grants permission to create a new queue, or returns the URL of an existing one", - "access_level": "Permissions management", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html" - }, - "DeleteMessage": { - "privilege": "DeleteMessage", - "description": "Grants permission to delete the specified message from the specified queue", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_DeleteMessage.html" - }, - "DeleteQueue": { - "privilege": "DeleteQueue", - "description": "Grants permission to delete the queue specified by the queue URL, regardless of whether the queue is empty", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_DeleteQueue.html" - }, - "GetQueueAttributes": { - "privilege": "GetQueueAttributes", - "description": "Grants permission to get attributes for the specified queue", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_GetQueueAttributes.html" - }, - "GetQueueUrl": { - "privilege": "GetQueueUrl", - "description": "Grants permission to return the URL of an existing queue", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_GetQueueUrl.html" - }, - "ListDeadLetterSourceQueues": { - "privilege": "ListDeadLetterSourceQueues", - "description": "Grants permission to return a list of your queues that have the RedrivePolicy queue attribute configured with a dead letter queue", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListDeadLetterSourceQueues.html" - }, - "ListMessageMoveTasks": { - "privilege": "ListMessageMoveTasks", - "description": "Grants permission to list message move tasks", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListMessageMoveTasks.html" - }, - "ListQueueTags": { - "privilege": "ListQueueTags", - "description": "Grants permission to list tags added to an SQS queue", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListQueueTags.html" - }, - "ListQueues": { - "privilege": "ListQueues", - "description": "Grants permission to return a list of your queues", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListQueues.html" - }, - "PurgeQueue": { - "privilege": "PurgeQueue", - "description": "Grants permission to delete the messages in a queue specified by the queue URL", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_PurgeQueue.html" - }, - "ReceiveMessage": { - "privilege": "ReceiveMessage", - "description": "Grants permission to retrieve one or more messages, with a maximum limit of 10 messages, from the specified queue", - "access_level": "Read", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ReceiveMessage.html" - }, - "RemovePermission": { - "privilege": "RemovePermission", - "description": "Grants permission to revoke any permissions in the queue policy that matches the specified Label parameter", - "access_level": "Permissions management", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_RemovePermission.html" - }, - "SendMessage": { - "privilege": "SendMessage", - "description": "Grants permission to deliver a message to the specified queue", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html" - }, - "SetQueueAttributes": { - "privilege": "SetQueueAttributes", - "description": "Grants permission to set the value of one or more queue attributes", - "access_level": "Permissions management", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SetQueueAttributes.html" - }, - "StartMessageMoveTask": { - "privilege": "StartMessageMoveTask", - "description": "Grants permission to start a message move task", - "access_level": "Write", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_StartMessageMoveTask.html" - }, - "TagQueue": { - "privilege": "TagQueue", - "description": "Grants permission to add tags to the specified SQS queue", - "access_level": "Tagging", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_TagQueue.html" - }, - "UntagQueue": { - "privilege": "UntagQueue", - "description": "Grants permission to remove tags from the specified SQS queue", - "access_level": "Tagging", - "resource_types": { - "queue": { - "resource_type": "queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_UntagQueue.html" - } - }, - "resources": { - "queue": { - "resource": "queue", - "arn": "arn:${Partition}:sqs:${Region}:${Account}:${QueueName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "storagegateway": { - "service_name": "Amazon Storage Gateway", - "prefix": "storagegateway", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonstoragegateway.html", - "privileges": { - "ActivateGateway": { - "privilege": "ActivateGateway", - "description": "Grants permission to activate the gateway you previously deployed on your host", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ActivateGateway.html" - }, - "AddCache": { - "privilege": "AddCache", - "description": "Grants permission to configure one or more gateway local disks as cache for a cached-volume gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddCache.html" - }, - "AddTagsToResource": { - "privilege": "AddTagsToResource", - "description": "Grants permission to add one or more tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "share": { - "resource_type": "share", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddTagsToResource.html" - }, - "AddUploadBuffer": { - "privilege": "AddUploadBuffer", - "description": "Grants permission to configure one or more gateway local disks as upload buffer for a specified gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddUploadBuffer.html" - }, - "AddWorkingStorage": { - "privilege": "AddWorkingStorage", - "description": "Grants permission to configure one or more gateway local disks as working storage for a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddWorkingStorage.html" - }, - "AssignTapePool": { - "privilege": "AssignTapePool", - "description": "Grants permission to move a tape to the target pool specified", - "access_level": "Write", - "resource_types": { - "tape": { - "resource_type": "tape", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tapepool": { - "resource_type": "tapepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AssignTapePool.html" - }, - "AssociateFileSystem": { - "privilege": "AssociateFileSystem", - "description": "Grants permission to associate an Amazon FSx file system with the Amazon FSx file gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories", - "ec2:DescribeNetworkInterfaces", - "fsx:DescribeFileSystems", - "iam:CreateServiceLinkedRole", - "logs:CreateLogDelivery", - "logs:GetLogDelivery", - "logs:ListLogDeliveries", - "logs:UpdateLogDelivery" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AssociateFileSystem.html" - }, - "AttachVolume": { - "privilege": "AttachVolume", - "description": "Grants permission to connect a volume to an iSCSI connection and then attaches the volume to the specified gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AttachVolume.html" - }, - "BypassGovernanceRetention": { - "privilege": "BypassGovernanceRetention", - "description": "Grants permission to allow the governance retention lock on a pool to be bypassed", - "access_level": "Write", - "resource_types": { - "tapepool": { - "resource_type": "tapepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/userguide/CreatingCustomTapePool.html#TapeRetentionLock" - }, - "CancelArchival": { - "privilege": "CancelArchival", - "description": "Grants permission to cancel archiving of a virtual tape to the virtual tape shelf (VTS) after the archiving process is initiated", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CancelArchival.html" - }, - "CancelRetrieval": { - "privilege": "CancelRetrieval", - "description": "Grants permission to cancel retrieval of a virtual tape from the virtual tape shelf (VTS) to a gateway after the retrieval process is initiated", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CancelRetrieval.html" - }, - "CreateCachediSCSIVolume": { - "privilege": "CreateCachediSCSIVolume", - "description": "Grants permission to create a cached volume on a specified cached gateway. This operation is supported only for the gateway-cached volume architecture", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateCachediSCSIVolume.html" - }, - "CreateNFSFileShare": { - "privilege": "CreateNFSFileShare", - "description": "Grants permission to create a NFS file share on an existing file gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html" - }, - "CreateSMBFileShare": { - "privilege": "CreateSMBFileShare", - "description": "Grants permission to create a SMB file share on an existing file gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSMBFileShare.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to initiate a snapshot of a volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSnapshot.html" - }, - "CreateSnapshotFromVolumeRecoveryPoint": { - "privilege": "CreateSnapshotFromVolumeRecoveryPoint", - "description": "Grants permission to initiate a snapshot of a gateway from a volume recovery point", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSnapshotFromVolumeRecoveryPoint.html" - }, - "CreateStorediSCSIVolume": { - "privilege": "CreateStorediSCSIVolume", - "description": "Grants permission to create a volume on a specified gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateStorediSCSIVolume.html" - }, - "CreateTapePool": { - "privilege": "CreateTapePool", - "description": "Grants permission to create a tape pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapePool.html" - }, - "CreateTapeWithBarcode": { - "privilege": "CreateTapeWithBarcode", - "description": "Grants permission to create a virtual tape by using your own barcode", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tapepool": { - "resource_type": "tapepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapeWithBarcode.html" - }, - "CreateTapes": { - "privilege": "CreateTapes", - "description": "Grants permission to create one or more virtual tapes. You write data to the virtual tapes and then archive the tapes", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tapepool": { - "resource_type": "tapepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapes.html" - }, - "DeleteAutomaticTapeCreationPolicy": { - "privilege": "DeleteAutomaticTapeCreationPolicy", - "description": "Grants permission to delete the automatic tape creation policy configured on a gateway-VTL", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteAutomaticTapeCreationPolicy.html" - }, - "DeleteBandwidthRateLimit": { - "privilege": "DeleteBandwidthRateLimit", - "description": "Grants permission to delete the bandwidth rate limits of a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteBandwidthRateLimit.html" - }, - "DeleteChapCredentials": { - "privilege": "DeleteChapCredentials", - "description": "Grants permission to delete Challenge-Handshake Authentication Protocol (CHAP) credentials for a specified iSCSI target and initiator pair", - "access_level": "Permissions management", - "resource_types": { - "target": { - "resource_type": "target", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteChapCredentials.html" - }, - "DeleteFileShare": { - "privilege": "DeleteFileShare", - "description": "Grants permission to delete a file share from a file gateway", - "access_level": "Write", - "resource_types": { - "share": { - "resource_type": "share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteFileShare.html" - }, - "DeleteGateway": { - "privilege": "DeleteGateway", - "description": "Grants permission to delete a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteGateway.html" - }, - "DeleteSnapshotSchedule": { - "privilege": "DeleteSnapshotSchedule", - "description": "Grants permission to delete a snapshot of a volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteSnapshotSchedule.html" - }, - "DeleteTape": { - "privilege": "DeleteTape", - "description": "Grants permission to delete the specified virtual tape", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTape.html" - }, - "DeleteTapeArchive": { - "privilege": "DeleteTapeArchive", - "description": "Grants permission to delete the specified virtual tape from the virtual tape shelf (VTS)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTapeArchive.html" - }, - "DeleteTapePool": { - "privilege": "DeleteTapePool", - "description": "Grants permission to delete the specified tape pool", - "access_level": "Write", - "resource_types": { - "tapepool": { - "resource_type": "tapepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTapePool.html" - }, - "DeleteVolume": { - "privilege": "DeleteVolume", - "description": "Grants permission to delete the specified gateway volume that you previously created using the CreateCachediSCSIVolume or CreateStorediSCSIVolume API", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteVolume.html" - }, - "DescribeAvailabilityMonitorTest": { - "privilege": "DescribeAvailabilityMonitorTest", - "description": "Grants permission to get the information about the most recent high availability monitoring test that was performed on the gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeAvailabilityMonitorTest.html" - }, - "DescribeBandwidthRateLimit": { - "privilege": "DescribeBandwidthRateLimit", - "description": "Grants permission to get the bandwidth rate limits of a gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeBandwidthRateLimit.html" - }, - "DescribeBandwidthRateLimitSchedule": { - "privilege": "DescribeBandwidthRateLimitSchedule", - "description": "Grants permission to get the bandwidth rate limit schedule of a gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeBandwidthRateLimitSchedule.html" - }, - "DescribeCache": { - "privilege": "DescribeCache", - "description": "Grants permission to get information about the cache of a gateway. This operation is supported only for the gateway-cached volume architecture", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeCache.html" - }, - "DescribeCachediSCSIVolumes": { - "privilege": "DescribeCachediSCSIVolumes", - "description": "Grants permission to get a description of the gateway volumes specified in the request. This operation is supported only for the gateway-cached volume architecture", - "access_level": "Read", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeCachediSCSIVolumes.html" - }, - "DescribeChapCredentials": { - "privilege": "DescribeChapCredentials", - "description": "Grants permission to get an array of Challenge-Handshake Authentication Protocol (CHAP) credentials information for a specified iSCSI target, one for each target-initiator pair", - "access_level": "Read", - "resource_types": { - "target": { - "resource_type": "target", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeChapCredentials.html" - }, - "DescribeFileSystemAssociations": { - "privilege": "DescribeFileSystemAssociations", - "description": "Grants permission to get a description for one or more file system associations", - "access_level": "Read", - "resource_types": { - "fs-association": { - "resource_type": "fs-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeFileSystemAssociations.html" - }, - "DescribeGatewayInformation": { - "privilege": "DescribeGatewayInformation", - "description": "Grants permission to get metadata about a gateway such as its name, network interfaces, configured time zone, and the state (whether the gateway is running or not)", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeGatewayInformation.html" - }, - "DescribeMaintenanceStartTime": { - "privilege": "DescribeMaintenanceStartTime", - "description": "Grants permission to get your gateway's weekly maintenance start time including the day and time of the week", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeMaintenanceStartTime.html" - }, - "DescribeNFSFileShares": { - "privilege": "DescribeNFSFileShares", - "description": "Grants permission to get a description for one or more file shares from a file gateway", - "access_level": "Read", - "resource_types": { - "share": { - "resource_type": "share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeNFSFileShares.html" - }, - "DescribeSMBFileShares": { - "privilege": "DescribeSMBFileShares", - "description": "Grants permission to get a description for one or more file shares from a file gateway", - "access_level": "Read", - "resource_types": { - "share": { - "resource_type": "share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSMBFileShares.html" - }, - "DescribeSMBSettings": { - "privilege": "DescribeSMBSettings", - "description": "Grants permission to get a description of a Server Message Block (SMB) file share settings from a file gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSMBSettings.html" - }, - "DescribeSnapshotSchedule": { - "privilege": "DescribeSnapshotSchedule", - "description": "Grants permission to describe the snapshot schedule for the specified gateway volume", - "access_level": "Read", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSnapshotSchedule.html" - }, - "DescribeStorediSCSIVolumes": { - "privilege": "DescribeStorediSCSIVolumes", - "description": "Grants permission to get the description of the gateway volumes specified in the request", - "access_level": "Read", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeStorediSCSIVolumes.html" - }, - "DescribeTapeArchives": { - "privilege": "DescribeTapeArchives", - "description": "Grants permission to get a description of specified virtual tapes in the virtual tape shelf (VTS)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapeArchives.html" - }, - "DescribeTapeRecoveryPoints": { - "privilege": "DescribeTapeRecoveryPoints", - "description": "Grants permission to get a list of virtual tape recovery points that are available for the specified gateway-VTL", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapeRecoveryPoints.html" - }, - "DescribeTapes": { - "privilege": "DescribeTapes", - "description": "Grants permission to get a description of the specified Amazon Resource Name (ARN) of virtual tapes", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapes.html" - }, - "DescribeUploadBuffer": { - "privilege": "DescribeUploadBuffer", - "description": "Grants permission to get information about the upload buffer of a gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeUploadBuffer.html" - }, - "DescribeVTLDevices": { - "privilege": "DescribeVTLDevices", - "description": "Grants permission to get a description of virtual tape library (VTL) devices for the specified gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeVTLDevices.html" - }, - "DescribeWorkingStorage": { - "privilege": "DescribeWorkingStorage", - "description": "Grants permission to get information about the working storage of a gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeWorkingStorage.html" - }, - "DetachVolume": { - "privilege": "DetachVolume", - "description": "Grants permission to disconnect a volume from an iSCSI connection and then detaches the volume from the specified gateway", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DetachVolume.html" - }, - "DisableGateway": { - "privilege": "DisableGateway", - "description": "Grants permission to disable a gateway when the gateway is no longer functioning", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DisableGateway.html" - }, - "DisassociateFileSystem": { - "privilege": "DisassociateFileSystem", - "description": "Grants permission to disassociate an Amazon FSx file system from an Amazon FSx file gateway", - "access_level": "Write", - "resource_types": { - "fs-association": { - "resource_type": "fs-association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DisassociateFileSystem.html" - }, - "JoinDomain": { - "privilege": "JoinDomain", - "description": "Grants permission to enable you to join an Active Directory Domain", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_JoinDomain.html" - }, - "ListAutomaticTapeCreationPolicies": { - "privilege": "ListAutomaticTapeCreationPolicies", - "description": "Grants permission to list the automatic tape creation policies configured on the specified gateway-VTL or all gateway-VTLs owned by your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListAutomaticTapeCreationPolicies.html" - }, - "ListFileShares": { - "privilege": "ListFileShares", - "description": "Grants permission to get a list of the file shares for a specific file gateway, or the list of file shares that belong to the calling user account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListFileShares.html" - }, - "ListFileSystemAssociations": { - "privilege": "ListFileSystemAssociations", - "description": "Grants permission to get a list of the file system associations for the specified gateway", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListFileSystemAssociations.html" - }, - "ListGateways": { - "privilege": "ListGateways", - "description": "Grants permission to list gateways owned by an AWS account in a region specified in the request. The returned list is ordered by gateway Amazon Resource Name (ARN)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListGateways.html" - }, - "ListLocalDisks": { - "privilege": "ListLocalDisks", - "description": "Grants permission to get a list of the gateway's local disks", - "access_level": "List", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListLocalDisks.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get the tags that have been added to the specified resource", - "access_level": "List", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "share": { - "resource_type": "share", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTapePools": { - "privilege": "ListTapePools", - "description": "Grants permission to list tape pools owned by your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTapePools.html" - }, - "ListTapes": { - "privilege": "ListTapes", - "description": "Grants permission to list virtual tapes in your virtual tape library (VTL) and your virtual tape shelf (VTS)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTapes.html" - }, - "ListVolumeInitiators": { - "privilege": "ListVolumeInitiators", - "description": "Grants permission to list iSCSI initiators that are connected to a volume", - "access_level": "List", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumeInitiators.html" - }, - "ListVolumeRecoveryPoints": { - "privilege": "ListVolumeRecoveryPoints", - "description": "Grants permission to list the recovery points for a specified gateway", - "access_level": "List", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumeRecoveryPoints.html" - }, - "ListVolumes": { - "privilege": "ListVolumes", - "description": "Grants permission to list the iSCSI stored volumes of a gateway", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumes.html" - }, - "NotifyWhenUploaded": { - "privilege": "NotifyWhenUploaded", - "description": "Grants permission to send you a notification through CloudWatch Events when all files written to your NFS file share have been uploaded to Amazon S3", - "access_level": "Write", - "resource_types": { - "share": { - "resource_type": "share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_NotifyWhenUploaded.html" - }, - "RefreshCache": { - "privilege": "RefreshCache", - "description": "Grants permission to refresh the cache for the specified file share", - "access_level": "Write", - "resource_types": { - "share": { - "resource_type": "share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RefreshCache.html" - }, - "RemoveTagsFromResource": { - "privilege": "RemoveTagsFromResource", - "description": "Grants permission to remove one or more tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "share": { - "resource_type": "share", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "volume": { - "resource_type": "volume", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RemoveTagsFromResource.html" - }, - "ResetCache": { - "privilege": "ResetCache", - "description": "Grants permission to reset all cache disks that have encountered a error and makes the disks available for reconfiguration as cache storage", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ResetCache.html" - }, - "RetrieveTapeArchive": { - "privilege": "RetrieveTapeArchive", - "description": "Grants permission to retrieve an archived virtual tape from the virtual tape shelf (VTS) to a gateway-VTL", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RetrieveTapeArchive.html" - }, - "RetrieveTapeRecoveryPoint": { - "privilege": "RetrieveTapeRecoveryPoint", - "description": "Grants permission to retrieve the recovery point for the specified virtual tape", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tape": { - "resource_type": "tape", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RetrieveTapeRecoveryPoint.html" - }, - "SetLocalConsolePassword": { - "privilege": "SetLocalConsolePassword", - "description": "Grants permission to set the password for your VM local console", - "access_level": "Permissions management", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_SetLocalConsolePassword.html" - }, - "SetSMBGuestPassword": { - "privilege": "SetSMBGuestPassword", - "description": "Grants permission to set the password for SMB Guest user", - "access_level": "Permissions management", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_SetSMBGuestPassword.html" - }, - "ShutdownGateway": { - "privilege": "ShutdownGateway", - "description": "Grants permission to shut down a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ShutdownGateway.html" - }, - "StartAvailabilityMonitorTest": { - "privilege": "StartAvailabilityMonitorTest", - "description": "Grants permission to start a test that verifies that the specified gateway is configured for High Availability monitoring in your host environment", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_StartAvailabilityMonitorTest.html" - }, - "StartGateway": { - "privilege": "StartGateway", - "description": "Grants permission to start a gateway that you previously shut down", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_StartGateway.html" - }, - "UpdateAutomaticTapeCreationPolicy": { - "privilege": "UpdateAutomaticTapeCreationPolicy", - "description": "Grants permission to update the automatic tape creation policy configured on a gateway-VTL", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "tapepool": { - "resource_type": "tapepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateAutomaticTapeCreationPolicy.html" - }, - "UpdateBandwidthRateLimit": { - "privilege": "UpdateBandwidthRateLimit", - "description": "Grants permission to update the bandwidth rate limits of a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateBandwidthRateLimit.html" - }, - "UpdateBandwidthRateLimitSchedule": { - "privilege": "UpdateBandwidthRateLimitSchedule", - "description": "Grants permission to update the bandwidth rate limit schedule of a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateBandwidthRateLimitSchedule.html" - }, - "UpdateChapCredentials": { - "privilege": "UpdateChapCredentials", - "description": "Grants permission to update the Challenge-Handshake Authentication Protocol (CHAP) credentials for a specified iSCSI target", - "access_level": "Permissions management", - "resource_types": { - "target": { - "resource_type": "target", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateChapCredentials.html" - }, - "UpdateFileSystemAssociation": { - "privilege": "UpdateFileSystemAssociation", - "description": "Grants permission to update a file system association", - "access_level": "Write", - "resource_types": { - "fs-association": { - "resource_type": "fs-association", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:CreateLogDelivery", - "logs:DeleteLogDelivery", - "logs:GetLogDelivery", - "logs:ListLogDeliveries", - "logs:UpdateLogDelivery" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateFileSystemAssociation.html" - }, - "UpdateGatewayInformation": { - "privilege": "UpdateGatewayInformation", - "description": "Grants permission to update a gateway's metadata, which includes the gateway's name and time zone", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateGatewayInformation.html" - }, - "UpdateGatewaySoftwareNow": { - "privilege": "UpdateGatewaySoftwareNow", - "description": "Grants permission to update the gateway virtual machine (VM) software", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateGatewaySoftwareNow.html" - }, - "UpdateMaintenanceStartTime": { - "privilege": "UpdateMaintenanceStartTime", - "description": "Grants permission to update a gateway's weekly maintenance start time information, including day and time of the week. The maintenance time is the time in your gateway's time zone", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateMaintenanceStartTime.html" - }, - "UpdateNFSFileShare": { - "privilege": "UpdateNFSFileShare", - "description": "Grants permission to update a NFS file share", - "access_level": "Write", - "resource_types": { - "share": { - "resource_type": "share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateNFSFileShare.html" - }, - "UpdateSMBFileShare": { - "privilege": "UpdateSMBFileShare", - "description": "Grants permission to update a SMB file share", - "access_level": "Write", - "resource_types": { - "share": { - "resource_type": "share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBFileShare.html" - }, - "UpdateSMBFileShareVisibility": { - "privilege": "UpdateSMBFileShareVisibility", - "description": "Grants permission to update whether the shares on a gateway are visible in a net view or browse list", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBFileShareVisibility.html" - }, - "UpdateSMBLocalGroups": { - "privilege": "UpdateSMBLocalGroups", - "description": "Grants permission to update the list of Active Directory users and groups that have special permissions for SMB file shares on the gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBLocalGroups.html" - }, - "UpdateSMBSecurityStrategy": { - "privilege": "UpdateSMBSecurityStrategy", - "description": "Grants permission to update the SMB security strategy on a file gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBSecurityStrategy.html" - }, - "UpdateSnapshotSchedule": { - "privilege": "UpdateSnapshotSchedule", - "description": "Grants permission to update a snapshot schedule configured for a gateway volume", - "access_level": "Write", - "resource_types": { - "volume": { - "resource_type": "volume", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSnapshotSchedule.html" - }, - "UpdateVTLDeviceType": { - "privilege": "UpdateVTLDeviceType", - "description": "Grants permission to update the type of medium changer in a gateway-VTL", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateVTLDeviceType.html" - } - }, - "resources": { - "device": { - "resource": "device", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}/device/${Vtldevice}", - "condition_keys": [] - }, - "fs-association": { - "resource": "fs-association", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:fs-association/${FsaId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "gateway": { - "resource": "gateway", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "share": { - "resource": "share", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:share/${ShareId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "tape": { - "resource": "tape", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:tape/${TapeBarcode}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "tapepool": { - "resource": "tapepool", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:tapepool/${PoolId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "target": { - "resource": "target", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}/target/${IscsiTarget}", - "condition_keys": [] - }, - "volume": { - "resource": "volume", - "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}/volume/${VolumeId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "sumerian": { - "service_name": "Amazon Sumerian", - "prefix": "sumerian", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsumerian.html", - "privileges": { - "Login": { - "privilege": "Login", - "description": "Grants permission to log into the Sumerian console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sumerian/latest/userguide/sumerian-permissions.html" - }, - "ViewRelease": { - "privilege": "ViewRelease", - "description": "Grants permission to view a project release", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/sumerian/latest/userguide/sumerian-permissions.html" - } - }, - "resources": { - "project": { - "resource": "project", - "arn": "arn:${Partition}:sumerian:${Region}:${Account}:project:${ProjectName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "textract": { - "service_name": "Amazon Textract", - "prefix": "textract", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontextract.html", - "privileges": { - "AnalyzeDocument": { - "privilege": "AnalyzeDocument", - "description": "Grants permission to detect instances of real-world document entities within an image provided as input", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_AnalyzeDocument.html" - }, - "AnalyzeExpense": { - "privilege": "AnalyzeExpense", - "description": "Grants permission to detect instances of real-world document entities within an image provided as input", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_AnalyzeExpense.html" - }, - "AnalyzeID": { - "privilege": "AnalyzeID", - "description": "Grants permission to detect relevant information from identity documents provided as input", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_AnalyzeID.html" - }, - "DetectDocumentText": { - "privilege": "DetectDocumentText", - "description": "Grants permission to detect text in document images", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_DetectDocumentText.html" - }, - "GetDocumentAnalysis": { - "privilege": "GetDocumentAnalysis", - "description": "Grants permission to return information about a document analysis job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetDocumentAnalysis.html" - }, - "GetDocumentTextDetection": { - "privilege": "GetDocumentTextDetection", - "description": "Grants permission to return information about a document text detection job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetDocumentTextDetection.html" - }, - "GetExpenseAnalysis": { - "privilege": "GetExpenseAnalysis", - "description": "Grants permission to return information about an expense analysis job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetExpenseAnalysis.html" - }, - "GetLendingAnalysis": { - "privilege": "GetLendingAnalysis", - "description": "Grants permission to retrieve page-level information regarding a lending analysis job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetLendingAnalysis.html" - }, - "GetLendingAnalysisSummary": { - "privilege": "GetLendingAnalysisSummary", - "description": "Grants permission to retrieve summarized information regarding a lending analysis job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetLendingAnalysisSummary.html" - }, - "StartDocumentAnalysis": { - "privilege": "StartDocumentAnalysis", - "description": "Grants permission to start an asynchronous job to detect instances of real-world document entities within an image or pdf provided as input", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartDocumentAnalysis.html" - }, - "StartDocumentTextDetection": { - "privilege": "StartDocumentTextDetection", - "description": "Grants permission to start an asynchronous job to detect text in document images or pdfs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartDocumentTextDetection.html" - }, - "StartExpenseAnalysis": { - "privilege": "StartExpenseAnalysis", - "description": "Grants permission to start an asynchronous job to detect instances of invoices or receipts within an image or pdf provided as input", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartExpenseAnalysis.html" - }, - "StartLendingAnalysis": { - "privilege": "StartLendingAnalysis", - "description": "Grants permission to start an asynchronous job for detection of entities in a lending document, takes a provided image or PDF as input", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartLendingAnalysis.html" - } - }, - "resources": {}, - "conditions": {} - }, - "timestream": { - "service_name": "Amazon Timestream", - "prefix": "timestream", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontimestream.html", - "privileges": { - "CancelQuery": { - "privilege": "CancelQuery", - "description": "Grants permission to cancel queries in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_CancelQuery.html" - }, - "CreateBatchLoadTask": { - "privilege": "CreateBatchLoadTask", - "description": "Grants permission to create a batch load task in your account", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints", - "timestream:WriteRecords" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateBatchLoadTask.html" - }, - "CreateDatabase": { - "privilege": "CreateDatabase", - "description": "Grants permission to create a database in your account", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateDatabase.html" - }, - "CreateScheduledQuery": { - "privilege": "CreateScheduledQuery", - "description": "Grants permission to create a scheduled query in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:PassRole", - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateScheduledQuery.html" - }, - "CreateTable": { - "privilege": "CreateTable", - "description": "Grants permission to create a table in your account", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateTable.html" - }, - "DeleteDatabase": { - "privilege": "DeleteDatabase", - "description": "Grants permission to delete a database in your account", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DeleteDatabase.html" - }, - "DeleteScheduledQuery": { - "privilege": "DeleteScheduledQuery", - "description": "Grants permission to delete a scheduled query in your account", - "access_level": "Write", - "resource_types": { - "scheduled-query": { - "resource_type": "scheduled-query", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DeleteScheduledQuery.html" - }, - "DeleteTable": { - "privilege": "DeleteTable", - "description": "Grants permission to delete a table in your account", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DeleteTable.html" - }, - "DescribeBatchLoadTask": { - "privilege": "DescribeBatchLoadTask", - "description": "Grants permission to describe a batch load task in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeBatchLoadTask.html" - }, - "DescribeDatabase": { - "privilege": "DescribeDatabase", - "description": "Grants permission to describe a database in your account", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeDatabase.html" - }, - "DescribeEndpoints": { - "privilege": "DescribeEndpoints", - "description": "Grants permission to describe timestream endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeEndpoints.html" - }, - "DescribeScheduledQuery": { - "privilege": "DescribeScheduledQuery", - "description": "Grants permission to describe a scheduled query in your account", - "access_level": "Read", - "resource_types": { - "scheduled-query": { - "resource_type": "scheduled-query", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeScheduledQuery.html" - }, - "DescribeTable": { - "privilege": "DescribeTable", - "description": "Grants permission to describe a table in your account", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeTable.html" - }, - "ExecuteScheduledQuery": { - "privilege": "ExecuteScheduledQuery", - "description": "Grants permission to execute a scheduled query in your account", - "access_level": "Write", - "resource_types": { - "scheduled-query": { - "resource_type": "scheduled-query", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ExecuteScheduledQuery.html" - }, - "GetAwsBackupStatus": { - "privilege": "GetAwsBackupStatus", - "description": "Grants permission to get Status of a Timestream Table Backup", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" - }, - "GetAwsRestoreStatus": { - "privilege": "GetAwsRestoreStatus", - "description": "Grants permission to get Status of a Timestream Table Restore", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" - }, - "ListBatchLoadTasks": { - "privilege": "ListBatchLoadTasks", - "description": "Grants permission to list batch load tasks in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListBatchLoadTasks.html" - }, - "ListDatabases": { - "privilege": "ListDatabases", - "description": "Grants permission to list databases in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListDatabases.html" - }, - "ListMeasures": { - "privilege": "ListMeasures", - "description": "Grants permission to list measures of a table in your account", - "access_level": "List", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" - }, - "ListScheduledQueries": { - "privilege": "ListScheduledQueries", - "description": "Grants permission to list scheduled queries in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListScheduledQueries.html" - }, - "ListTables": { - "privilege": "ListTables", - "description": "Grants permission to list tables in your account", - "access_level": "List", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListTables.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags of a resource in your account", - "access_level": "Read", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - }, - "scheduled-query": { - "resource_type": "scheduled-query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListTagsForResource.html" - }, - "PrepareQuery": { - "privilege": "PrepareQuery", - "description": "Grants permission to issue prepare queries", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints", - "timestream:Select" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_PrepareQuery.html" - }, - "ResumeBatchLoadTask": { - "privilege": "ResumeBatchLoadTask", - "description": "Grants permission to resume a batch load task in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints", - "timestream:WriteRecords" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ResumeBatchLoadTask.html" - }, - "Select": { - "privilege": "Select", - "description": "Grants permission to issue 'select from table' queries", - "access_level": "Read", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" - }, - "SelectValues": { - "privilege": "SelectValues", - "description": "Grants permission to issue 'select 1' queries", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" - }, - "StartAwsBackupJob": { - "privilege": "StartAwsBackupJob", - "description": "Grants permission to start a Backup Job for a Timestream Table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" - }, - "StartAwsRestoreJob": { - "privilege": "StartAwsRestoreJob", - "description": "Grants permission to start Restore Job for a Backup of Timestream Table", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - }, - "scheduled-query": { - "resource_type": "scheduled-query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_TagResource.html" - }, - "Unload": { - "privilege": "Unload", - "description": "Grants permission to issue Unload queries", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:AbortMultipartUpload", - "s3:GetObject", - "s3:PutObject", - "timestream:DescribeEndpoints", - "timestream:Select" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a resource", - "access_level": "Tagging", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - }, - "scheduled-query": { - "resource_type": "scheduled-query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UntagResource.html" - }, - "UpdateDatabase": { - "privilege": "UpdateDatabase", - "description": "Grants permission to update a database in your account", - "access_level": "Write", - "resource_types": { - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UpdateDatabase.html" - }, - "UpdateScheduledQuery": { - "privilege": "UpdateScheduledQuery", - "description": "Grants permission to update a scheduled query in your account", - "access_level": "Write", - "resource_types": { - "scheduled-query": { - "resource_type": "scheduled-query", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UpdateScheduledQuery.html" - }, - "UpdateTable": { - "privilege": "UpdateTable", - "description": "Grants permission to update a table in your account", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UpdateTable.html" - }, - "WriteRecords": { - "privilege": "WriteRecords", - "description": "Grants permission to ingest data to a table in your account", - "access_level": "Write", - "resource_types": { - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "timestream:DescribeEndpoints" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_WriteRecords.html" - } - }, - "resources": { - "database": { - "resource": "database", - "arn": "arn:${Partition}:timestream:${Region}:${Account}:database/${DatabaseName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "table": { - "resource": "table", - "arn": "arn:${Partition}:timestream:${Region}:${Account}:database/${DatabaseName}/table/${TableName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "scheduled-query": { - "resource": "scheduled-query", - "arn": "arn:${Partition}:timestream:${Region}:${Account}:scheduled-query/${ScheduledQueryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "transcribe": { - "service_name": "Amazon Transcribe", - "prefix": "transcribe", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontranscribe.html", - "privileges": { - "CreateCallAnalyticsCategory": { - "privilege": "CreateCallAnalyticsCategory", - "description": "Grants permission to create an analytics category. Amazon Transcribe applies the conditions specified by your analytics categories to your call analytics jobs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateCallAnalyticsCategory.html" - }, - "CreateLanguageModel": { - "privilege": "CreateLanguageModel", - "description": "Grants permission to create a new custom language model", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "s3:GetObject", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateLanguageModel.html" - }, - "CreateMedicalVocabulary": { - "privilege": "CreateMedicalVocabulary", - "description": "Grants permission to create a new custom vocabulary that you can use to change the way Amazon Transcribe Medical handles transcription of an audio file", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateMedicalVocabulary.html" - }, - "CreateVocabulary": { - "privilege": "CreateVocabulary", - "description": "Grants permission to create a new custom vocabulary that you can use to change the way Amazon Transcribe handles transcription of an audio file", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateVocabulary.html" - }, - "CreateVocabularyFilter": { - "privilege": "CreateVocabularyFilter", - "description": "Grants permission to create a new vocabulary filter that you can use to filter out words from the transcription of an audio file generated by Amazon Transcribe", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateVocabularyFilter.html" - }, - "DeleteCallAnalyticsCategory": { - "privilege": "DeleteCallAnalyticsCategory", - "description": "Grants permission to delete a call analytics category using its name from Amazon Transcribe", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteCallAnalyticsCategory.html" - }, - "DeleteCallAnalyticsJob": { - "privilege": "DeleteCallAnalyticsJob", - "description": "Grants permission to delete a previously submitted call analytics job along with any other generated results such as the transcription, models, and so on", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteCallAnalyticsJob.html" - }, - "DeleteLanguageModel": { - "privilege": "DeleteLanguageModel", - "description": "Grants permission to delete a previously created custom language model", - "access_level": "Write", - "resource_types": { - "languagemodel": { - "resource_type": "languagemodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteLanguageModel.html" - }, - "DeleteMedicalTranscriptionJob": { - "privilege": "DeleteMedicalTranscriptionJob", - "description": "Grants permission to delete a previously submitted medical transcription job", - "access_level": "Write", - "resource_types": { - "medicaltranscriptionjob": { - "resource_type": "medicaltranscriptionjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteMedicalTranscriptionJob.html" - }, - "DeleteMedicalVocabulary": { - "privilege": "DeleteMedicalVocabulary", - "description": "Grants permission to delete a medical vocabulary from Amazon Transcribe", - "access_level": "Write", - "resource_types": { - "medicalvocabulary": { - "resource_type": "medicalvocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteMedicalVocabulary.html" - }, - "DeleteTranscriptionJob": { - "privilege": "DeleteTranscriptionJob", - "description": "Grants permission to delete a previously submitted transcription job along with any other generated results such as the transcription, models, and so on", - "access_level": "Write", - "resource_types": { - "transcriptionjob": { - "resource_type": "transcriptionjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteTranscriptionJob.html" - }, - "DeleteVocabulary": { - "privilege": "DeleteVocabulary", - "description": "Grants permission to delete a vocabulary from Amazon Transcribe", - "access_level": "Write", - "resource_types": { - "vocabulary": { - "resource_type": "vocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteVocabulary.html" - }, - "DeleteVocabularyFilter": { - "privilege": "DeleteVocabularyFilter", - "description": "Grants permission to delete a vocabulary filter from Amazon Transcribe", - "access_level": "Write", - "resource_types": { - "vocabularyfilter": { - "resource_type": "vocabularyfilter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteVocabularyFilter.html" - }, - "DescribeLanguageModel": { - "privilege": "DescribeLanguageModel", - "description": "Grants permission to return information about a custom language model", - "access_level": "Read", - "resource_types": { - "languagemodel": { - "resource_type": "languagemodel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DescribeLanguageModel.html" - }, - "GetCallAnalyticsCategory": { - "privilege": "GetCallAnalyticsCategory", - "description": "Grants permission to retrieve information about a call analytics category", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetCallAnalyticsCategory.html" - }, - "GetCallAnalyticsJob": { - "privilege": "GetCallAnalyticsJob", - "description": "Grants permission to return information about a call analytics job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetCallAnalyticsJob.html" - }, - "GetMedicalTranscriptionJob": { - "privilege": "GetMedicalTranscriptionJob", - "description": "Grants permission to return information about a medical transcription job", - "access_level": "Read", - "resource_types": { - "medicaltranscriptionjob": { - "resource_type": "medicaltranscriptionjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetMedicalTranscriptionJob.html" - }, - "GetMedicalVocabulary": { - "privilege": "GetMedicalVocabulary", - "description": "Grants permission to get information about a medical vocabulary", - "access_level": "Read", - "resource_types": { - "medicalvocabulary": { - "resource_type": "medicalvocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetMedicalVocabulary.html" - }, - "GetTranscriptionJob": { - "privilege": "GetTranscriptionJob", - "description": "Grants permission to return information about a transcription job", - "access_level": "Read", - "resource_types": { - "transcriptionjob": { - "resource_type": "transcriptionjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetTranscriptionJob.html" - }, - "GetVocabulary": { - "privilege": "GetVocabulary", - "description": "Grants permission to to get information about a vocabulary", - "access_level": "Read", - "resource_types": { - "vocabulary": { - "resource_type": "vocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetVocabulary.html" - }, - "GetVocabularyFilter": { - "privilege": "GetVocabularyFilter", - "description": "Grants permission to get information about a vocabulary filter", - "access_level": "Read", - "resource_types": { - "vocabularyfilter": { - "resource_type": "vocabularyfilter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetVocabularyFilter.html" - }, - "ListCallAnalyticsCategories": { - "privilege": "ListCallAnalyticsCategories", - "description": "Grants permission to list call analytics categories that has been created", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListCallAnalyticsCategories.html" - }, - "ListCallAnalyticsJobs": { - "privilege": "ListCallAnalyticsJobs", - "description": "Grants permission to list call analytics jobs with the specified status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListCallAnalyticsJobs.html" - }, - "ListLanguageModels": { - "privilege": "ListLanguageModels", - "description": "Grants permission to list custom language models", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListLanguageModels.html" - }, - "ListMedicalTranscriptionJobs": { - "privilege": "ListMedicalTranscriptionJobs", - "description": "Grants permission to list medical transcription jobs with the specified status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListMedicalTranscriptionJobs.html" - }, - "ListMedicalVocabularies": { - "privilege": "ListMedicalVocabularies", - "description": "Grants permission to return a list of medical vocabularies that match the specified criteria. If no criteria are specified, returns the entire list of vocabularies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListMedicalVocabularies.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListTagsForResource.html" - }, - "ListTranscriptionJobs": { - "privilege": "ListTranscriptionJobs", - "description": "Grants permission to list transcription jobs with the specified status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListTranscriptionJobs.html" - }, - "ListVocabularies": { - "privilege": "ListVocabularies", - "description": "Grants permission to return a list of vocabularies that match the specified criteria. If no criteria are specified, returns the entire list of vocabularies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListVocabularies.html" - }, - "ListVocabularyFilters": { - "privilege": "ListVocabularyFilters", - "description": "Grants permission to return a list of vocabulary filters that match the specified criteria. If no criteria are specified, returns the at most 5 vocabulary filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListVocabularyFilters.html" - }, - "StartCallAnalyticsJob": { - "privilege": "StartCallAnalyticsJob", - "description": "Grants permission to start an asynchronous analytics job that not only transcribes the audio recording of a caller and agent, but also returns additional insights", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "transcribe:OutputEncryptionKMSKeyId", - "transcribe:OutputLocation" - ], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_StartCallAnalyticsJob.html" - }, - "StartCallAnalyticsStreamTranscription": { - "privilege": "StartCallAnalyticsStreamTranscription", - "description": "Grants permission to start a protocol where audio is streamed to Transcribe Call Analytics and the transcription results are streamed to your application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartCallAnalyticsStreamTranscription.html" - }, - "StartCallAnalyticsStreamTranscriptionWebSocket": { - "privilege": "StartCallAnalyticsStreamTranscriptionWebSocket", - "description": "Grants permission to start a WebSocket where audio is streamed to Transcribe Call Analytics and the transcription results are streamed to your application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartCallAnalyticsStreamTranscriptionWebSocket.html" - }, - "StartMedicalStreamTranscription": { - "privilege": "StartMedicalStreamTranscription", - "description": "Grants permission to start a protocol where audio is streamed to Transcribe Medical and the transcription results are streamed to your application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartMedicalStreamTranscription.html" - }, - "StartMedicalStreamTranscriptionWebSocket": { - "privilege": "StartMedicalStreamTranscriptionWebSocket", - "description": "Grants permission to start a WebSocket where audio is streamed to Transcribe Medical and the transcription results are streamed to your application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartMedicalStreamTranscriptionWebSocket.html" - }, - "StartMedicalTranscriptionJob": { - "privilege": "StartMedicalTranscriptionJob", - "description": "Grants permission to start an asynchronous job to transcribe medical speech to text", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "transcribe:OutputBucketName", - "transcribe:OutputEncryptionKMSKeyId", - "transcribe:OutputKey", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_StartMedicalTranscriptionJob.html" - }, - "StartStreamTranscription": { - "privilege": "StartStreamTranscription", - "description": "Grants permission to start a bidirectional HTTP2 stream to transcribe speech to text in real time", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartStreamTranscription.html" - }, - "StartStreamTranscriptionWebSocket": { - "privilege": "StartStreamTranscriptionWebSocket", - "description": "Grants permission to start a websocket stream to transcribe speech to text in real time", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartStreamTranscriptionWebSocket.html" - }, - "StartTranscriptionJob": { - "privilege": "StartTranscriptionJob", - "description": "Grants permission to start an asynchronous job to transcribe speech to text", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "transcribe:OutputBucketName", - "transcribe:OutputEncryptionKMSKeyId", - "transcribe:OutputKey", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_StartTranscriptionJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource with given key value pairs", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource with given key", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UntagResource.html" - }, - "UpdateCallAnalyticsCategory": { - "privilege": "UpdateCallAnalyticsCategory", - "description": "Grants permission to update the call analytics category with new values. The UpdateCallAnalyticsCategory operation overwrites all of the existing information with the values that you provide in the request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateCallAnalyticsCategory.html" - }, - "UpdateMedicalVocabulary": { - "privilege": "UpdateMedicalVocabulary", - "description": "Grants permission to update an existing medical vocabulary with new values. The UpdateMedicalVocabulary operation overwrites all of the existing information with the values that you provide in the request", - "access_level": "Write", - "resource_types": { - "medicalvocabulary": { - "resource_type": "medicalvocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateMedicalVocabulary.html" - }, - "UpdateVocabulary": { - "privilege": "UpdateVocabulary", - "description": "Grants permission to update an existing vocabulary with new values. The UpdateVocabulary operation overwrites all of the existing information with the values that you provide in the request", - "access_level": "Write", - "resource_types": { - "vocabulary": { - "resource_type": "vocabulary", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateVocabulary.html" - }, - "UpdateVocabularyFilter": { - "privilege": "UpdateVocabularyFilter", - "description": "Grants permission to update an existing vocabulary filter with new values. The UpdateVocabularyFilter operation overwrites all of the existing information with the values that you provide in the request", - "access_level": "Write", - "resource_types": { - "vocabularyfilter": { - "resource_type": "vocabularyfilter", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateVocabularyFilter.html" - } - }, - "resources": { - "transcriptionjob": { - "resource": "transcriptionjob", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:transcription-job/${JobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vocabulary": { - "resource": "vocabulary", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:vocabulary/${VocabularyName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vocabularyfilter": { - "resource": "vocabularyfilter", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:vocabulary-filter/${VocabularyFilterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "languagemodel": { - "resource": "languagemodel", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:language-model/${ModelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "medicaltranscriptionjob": { - "resource": "medicaltranscriptionjob", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:medical-transcription-job/${JobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "medicalvocabulary": { - "resource": "medicalvocabulary", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:medical-vocabulary/${VocabularyName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "callanalyticsjob": { - "resource": "callanalyticsjob", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:analytics-job/${JobName}", - "condition_keys": [] - }, - "callanalyticscategory": { - "resource": "callanalyticscategory", - "arn": "arn:${Partition}:transcribe:${Region}:${Account}:analytics-category/${CategoryName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by requiring tag values present in a resource creation request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by requiring tag value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by requiring the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "transcribe:OutputBucketName": { - "condition": "transcribe:OutputBucketName", - "description": "Filters access based on the output bucket name included in the request", - "type": "String" - }, - "transcribe:OutputEncryptionKMSKeyId": { - "condition": "transcribe:OutputEncryptionKMSKeyId", - "description": "Filters access based on the KMS key id included in the request", - "type": "String" - }, - "transcribe:OutputKey": { - "condition": "transcribe:OutputKey", - "description": "Filters access based on the output key included in the request", - "type": "String" - }, - "transcribe:OutputLocation": { - "condition": "transcribe:OutputLocation", - "description": "Filters access based on the output location included in the request", - "type": "String" - } - } - }, - "translate": { - "service_name": "Amazon Translate", - "prefix": "translate", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontranslate.html", - "privileges": { - "CreateParallelData": { - "privilege": "CreateParallelData", - "description": "Grants permission to create a Parallel Data", - "access_level": "Write", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_CreateParallelData.html" - }, - "DeleteParallelData": { - "privilege": "DeleteParallelData", - "description": "Grants permission to delete a Parallel Data", - "access_level": "Write", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_DeleteParallelData.html" - }, - "DeleteTerminology": { - "privilege": "DeleteTerminology", - "description": "Grants permission to delete a terminology", - "access_level": "Write", - "resource_types": { - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_DeleteTerminology.html" - }, - "DescribeTextTranslationJob": { - "privilege": "DescribeTextTranslationJob", - "description": "Grants permission to get the properties associated with an asynchronous batch translation job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_DescribeTextTranslationJob.html" - }, - "GetParallelData": { - "privilege": "GetParallelData", - "description": "Grants permission to get a Parallel Data", - "access_level": "Read", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_GetParallelData.html" - }, - "GetTerminology": { - "privilege": "GetTerminology", - "description": "Grants permission to retrieve a terminology", - "access_level": "Read", - "resource_types": { - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_GetTerminology.html" - }, - "ImportTerminology": { - "privilege": "ImportTerminology", - "description": "Grants permission to create or update a terminology, depending on whether or not one already exists for the given terminology name", - "access_level": "Write", - "resource_types": { - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ImportTerminology.html" - }, - "ListLanguages": { - "privilege": "ListLanguages", - "description": "Grants permission to list supported languages", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListLanguages.html" - }, - "ListParallelData": { - "privilege": "ListParallelData", - "description": "Grants permission to list Parallel Data associated with your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListParallelData.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTerminologies": { - "privilege": "ListTerminologies", - "description": "Grants permission to list terminologies associated with your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListTerminologies.html" - }, - "ListTextTranslationJobs": { - "privilege": "ListTextTranslationJobs", - "description": "Grants permission to list batch translation jobs that you have submitted", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListTextTranslationJobs.html" - }, - "StartTextTranslationJob": { - "privilege": "StartTextTranslationJob", - "description": "Grants permission to start an asynchronous batch translation job. Batch translation jobs can be used to translate large volumes of text across multiple documents at once", - "access_level": "Write", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_StartTextTranslationJob.html" - }, - "StopTextTranslationJob": { - "privilege": "StopTextTranslationJob", - "description": "Grants permission to stop an asynchronous batch translation job that is in progress", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_StopTextTranslationJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource with given key value pairs", - "access_level": "Tagging", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_TagResource.html" - }, - "TranslateDocument": { - "privilege": "TranslateDocument", - "description": "Grants permission to translate a document from a source language to a target language", - "access_level": "Read", - "resource_types": { - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_TranslateDocument.html" - }, - "TranslateText": { - "privilege": "TranslateText", - "description": "Grants permission to translate text from a source language to a target language", - "access_level": "Read", - "resource_types": { - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_TranslateText.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource with given key", - "access_level": "Tagging", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "terminology": { - "resource_type": "terminology", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_UntagResource.html" - }, - "UpdateParallelData": { - "privilege": "UpdateParallelData", - "description": "Grants permission to update an existing Parallel Data", - "access_level": "Write", - "resource_types": { - "parallel-data": { - "resource_type": "parallel-data", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_UpdateParallelData.html" - } - }, - "resources": { - "terminology": { - "resource": "terminology", - "arn": "arn:${Partition}:translate:${Region}:${Account}:terminology/${ResourceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "parallel-data": { - "resource": "parallel-data", - "arn": "arn:${Partition}:translate:${Region}:${Account}:parallel-data/${ResourceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by requiring tag values present in a resource creation request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by requiring tag value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by requiring the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "verifiedpermissions": { - "service_name": "Amazon Verified Permissions", - "prefix": "verifiedpermissions", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonverifiedpermissions.html", - "privileges": { - "CreateIdentitySource": { - "privilege": "CreateIdentitySource", - "description": "Grants permission to create a reference to an external identity provider (IdP) that is compatible with OpenID Connect (OIDC) authentication protocol, such as Amazon Cognito", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html" - }, - "CreatePolicy": { - "privilege": "CreatePolicy", - "description": "Grants permission to create a Cedar policy and save it in the specified policy store", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html" - }, - "CreatePolicyStore": { - "privilege": "CreatePolicyStore", - "description": "Grants permission to create a Cedar policy and save it in the specified policy store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html" - }, - "CreatePolicyTemplate": { - "privilege": "CreatePolicyTemplate", - "description": "Grants permission to create a policy template", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyTemplate.html" - }, - "DeleteIdentitySource": { - "privilege": "DeleteIdentitySource", - "description": "Grants permission to delete an identity source that references an identity provider (IdP) such as Amazon Cognito", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeleteIdentitySource.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to delete the specified policy from the policy store", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeletePolicy.html" - }, - "DeletePolicyStore": { - "privilege": "DeletePolicyStore", - "description": "Grants permission to delete the specified policy store", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeletePolicyStore.html" - }, - "DeletePolicyTemplate": { - "privilege": "DeletePolicyTemplate", - "description": "Grants permission to delete the specified policy template from the policy store", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeletePolicyTemplate.html" - }, - "GetIdentitySource": { - "privilege": "GetIdentitySource", - "description": "Grants permission to retrieve the details about the specified identity source", - "access_level": "Read", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to retrieve information about the specified policy", - "access_level": "Read", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html" - }, - "GetPolicyStore": { - "privilege": "GetPolicyStore", - "description": "Grants permission to retrieve details about a policy store", - "access_level": "Read", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicyStore.html" - }, - "GetPolicyTemplate": { - "privilege": "GetPolicyTemplate", - "description": "Grants permission to retrieve the details for the specified policy template in the specified policy store", - "access_level": "Read", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicyTemplate.html" - }, - "GetSchema": { - "privilege": "GetSchema", - "description": "Grants permission to retrieve the details for the specified schema in the specified policy store", - "access_level": "Read", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetSchema.html" - }, - "IsAuthorized": { - "privilege": "IsAuthorized", - "description": "Grants permission to make an authorization decision about a service request described in the parameters", - "access_level": "Read", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html" - }, - "IsAuthorizedWithToken": { - "privilege": "IsAuthorizedWithToken", - "description": "Grants permission to make an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source", - "access_level": "Read", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html" - }, - "ListIdentitySources": { - "privilege": "ListIdentitySources", - "description": "Grants permission to return a paginated list of all of the identity sources defined in the specified policy store", - "access_level": "List", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html" - }, - "ListPolicies": { - "privilege": "ListPolicies", - "description": "Grants permission to return a paginated list of all policies stored in the specified policy store", - "access_level": "List", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html" - }, - "ListPolicyStores": { - "privilege": "ListPolicyStores", - "description": "Grants permission to return a paginated list of all policy stores in the calling Amazon Web Services account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html" - }, - "ListPolicyTemplates": { - "privilege": "ListPolicyTemplates", - "description": "Grants permission to return a paginated list of all policy templates in the specified policy store", - "access_level": "List", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html" - }, - "PutSchema": { - "privilege": "PutSchema", - "description": "Grants permission to create or update the policy schema in the specified policy store", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PutSchema.html" - }, - "UpdateIdentitySource": { - "privilege": "UpdateIdentitySource", - "description": "Grants permission to update the specified identity source to use a new identity provider (IdP) source, or to change the mapping of identities from the IdP to a different principal entity type", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateIdentitySource.html" - }, - "UpdatePolicy": { - "privilege": "UpdatePolicy", - "description": "Grants permission to modify the specified Cedar static policy in the specified policy store", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html" - }, - "UpdatePolicyStore": { - "privilege": "UpdatePolicyStore", - "description": "Grants permission to modify the validation setting for a policy store", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html" - }, - "UpdatePolicyTemplate": { - "privilege": "UpdatePolicyTemplate", - "description": "Grants permission to update the specified policy template", - "access_level": "Write", - "resource_types": { - "policy-store": { - "resource_type": "policy-store", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html" - } - }, - "resources": { - "policy-store": { - "resource": "policy-store", - "arn": "arn:${Partition}:verifiedpermissions::${Account}:policy-store/${PolicyStoreId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "vpc-lattice": { - "service_name": "Amazon VPC Lattice", - "prefix": "vpc-lattice", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonvpclattice.html", - "privileges": { - "CreateAccessLogSubscription": { - "privilege": "CreateAccessLogSubscription", - "description": "Grants permission to create an access log subscription", - "access_level": "Write", - "resource_types": { - "AccessLogSubscription": { - "resource_type": "AccessLogSubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:CreateLogDelivery", - "logs:GetLogDelivery" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateAccessLogSubscription.html" - }, - "CreateListener": { - "privilege": "CreateListener", - "description": "Grants permission to create a listener", - "access_level": "Write", - "resource_types": { - "Listener": { - "resource_type": "Listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:Protocol", - "vpc-lattice:TargetGroupArns", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateListener.html" - }, - "CreateRule": { - "privilege": "CreateRule", - "description": "Grants permission to create a rule", - "access_level": "Write", - "resource_types": { - "Rule": { - "resource_type": "Rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:TargetGroupArns", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateRule.html" - }, - "CreateService": { - "privilege": "CreateService", - "description": "Grants permission to create a service", - "access_level": "Write", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:AuthType", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateService.html" - }, - "CreateServiceNetwork": { - "privilege": "CreateServiceNetwork", - "description": "Grants permission to create a service network", - "access_level": "Write", - "resource_types": { - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:AuthType", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetwork.html" - }, - "CreateServiceNetworkServiceAssociation": { - "privilege": "CreateServiceNetworkServiceAssociation", - "description": "Grants permission to create a service network and service association", - "access_level": "Write", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetworkServiceAssociation": { - "resource_type": "ServiceNetworkServiceAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:ServiceNetworkArn", - "vpc-lattice:ServiceArn", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetworkServiceAssociation.html" - }, - "CreateServiceNetworkVpcAssociation": { - "privilege": "CreateServiceNetworkVpcAssociation", - "description": "Grants permission to create a service network and VPC association", - "access_level": "Write", - "resource_types": { - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVpcs" - ] - }, - "ServiceNetworkVpcAssociation": { - "resource_type": "ServiceNetworkVpcAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:VpcId", - "vpc-lattice:ServiceNetworkArn", - "vpc-lattice:SecurityGroupIds", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetworkVpcAssociation.html" - }, - "CreateTargetGroup": { - "privilege": "CreateTargetGroup", - "description": "Grants permission to create a target group", - "access_level": "Write", - "resource_types": { - "TargetGroup": { - "resource_type": "TargetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:VpcId", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateTargetGroup.html" - }, - "DeleteAccessLogSubscription": { - "privilege": "DeleteAccessLogSubscription", - "description": "Grants permission to delete an access log subscription", - "access_level": "Write", - "resource_types": { - "AccessLogSubscription": { - "resource_type": "AccessLogSubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:DeleteLogDelivery", - "logs:GetLogDelivery" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteAccessLogSubscription.html" - }, - "DeleteAuthPolicy": { - "privilege": "DeleteAuthPolicy", - "description": "Grants permission to delete an auth policy", - "access_level": "Permissions management", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteAuthPolicy.html" - }, - "DeleteListener": { - "privilege": "DeleteListener", - "description": "Grants permission to delete a listener", - "access_level": "Write", - "resource_types": { - "Listener": { - "resource_type": "Listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteListener.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy", - "access_level": "Write", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete a rule", - "access_level": "Write", - "resource_types": { - "Rule": { - "resource_type": "Rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteRule.html" - }, - "DeleteService": { - "privilege": "DeleteService", - "description": "Grants permission to delete a service", - "access_level": "Write", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteService.html" - }, - "DeleteServiceNetwork": { - "privilege": "DeleteServiceNetwork", - "description": "Grants permission to delete a service network", - "access_level": "Write", - "resource_types": { - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetwork.html" - }, - "DeleteServiceNetworkServiceAssociation": { - "privilege": "DeleteServiceNetworkServiceAssociation", - "description": "Grants permission to delete a service network service association", - "access_level": "Write", - "resource_types": { - "ServiceNetworkServiceAssociation": { - "resource_type": "ServiceNetworkServiceAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:ServiceNetworkArn", - "vpc-lattice:ServiceArn", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetworkServiceAssociation.html" - }, - "DeleteServiceNetworkVpcAssociation": { - "privilege": "DeleteServiceNetworkVpcAssociation", - "description": "Grants permission to delete a service network and VPC association", - "access_level": "Write", - "resource_types": { - "ServiceNetworkVpcAssociation": { - "resource_type": "ServiceNetworkVpcAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:VpcId", - "vpc-lattice:ServiceNetworkArn", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetworkVpcAssociation.html" - }, - "DeleteTargetGroup": { - "privilege": "DeleteTargetGroup", - "description": "Grants permission to delete a target group", - "access_level": "Write", - "resource_types": { - "TargetGroup": { - "resource_type": "TargetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteTargetGroup.html" - }, - "DeregisterTargets": { - "privilege": "DeregisterTargets", - "description": "Grants permission to deregister targets from a target group", - "access_level": "Write", - "resource_types": { - "TargetGroup": { - "resource_type": "TargetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeregisterTargets.html" - }, - "GetAccessLogSubscription": { - "privilege": "GetAccessLogSubscription", - "description": "Grants permission to get information about an access log subscription", - "access_level": "Read", - "resource_types": { - "AccessLogSubscription": { - "resource_type": "AccessLogSubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:GetLogDelivery" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetAccessLogSubscription.html" - }, - "GetAuthPolicy": { - "privilege": "GetAuthPolicy", - "description": "Grants permission to get information about an auth policy", - "access_level": "Read", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetAuthPolicy.html" - }, - "GetListener": { - "privilege": "GetListener", - "description": "Grants permission to get information about a listener", - "access_level": "Read", - "resource_types": { - "Listener": { - "resource_type": "Listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetListener.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to get information about a resource policy", - "access_level": "Read", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetResourcePolicy.html" - }, - "GetRule": { - "privilege": "GetRule", - "description": "Grants permission to get information about a rule", - "access_level": "Read", - "resource_types": { - "Rule": { - "resource_type": "Rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetRule.html" - }, - "GetService": { - "privilege": "GetService", - "description": "Grants permission to get information about a service", - "access_level": "Read", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetService.html" - }, - "GetServiceNetwork": { - "privilege": "GetServiceNetwork", - "description": "Grants permission to get information about a service network", - "access_level": "Read", - "resource_types": { - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetwork.html" - }, - "GetServiceNetworkServiceAssociation": { - "privilege": "GetServiceNetworkServiceAssociation", - "description": "Grants permission to get information about a service network and service association", - "access_level": "Read", - "resource_types": { - "ServiceNetworkServiceAssociation": { - "resource_type": "ServiceNetworkServiceAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:ServiceNetworkArn", - "vpc-lattice:ServiceArn", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetworkServiceAssociation.html" - }, - "GetServiceNetworkVpcAssociation": { - "privilege": "GetServiceNetworkVpcAssociation", - "description": "Grants permission to get information about a service network and VPC association", - "access_level": "Read", - "resource_types": { - "ServiceNetworkVpcAssociation": { - "resource_type": "ServiceNetworkVpcAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:VpcId", - "vpc-lattice:ServiceNetworkArn", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetworkVpcAssociation.html" - }, - "GetTargetGroup": { - "privilege": "GetTargetGroup", - "description": "Grants permission to get information about a target group", - "access_level": "Read", - "resource_types": { - "TargetGroup": { - "resource_type": "TargetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html" - }, - "ListAccessLogSubscriptions": { - "privilege": "ListAccessLogSubscriptions", - "description": "Grants permission to list some or all access log subscriptions about a service network or a service", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListAccessLogSubscriptions.html" - }, - "ListListeners": { - "privilege": "ListListeners", - "description": "Grants permission to list some or all listeners", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListListeners.html" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to list some or all rules", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListRules.html" - }, - "ListServiceNetworkServiceAssociations": { - "privilege": "ListServiceNetworkServiceAssociations", - "description": "Grants permission to list some or all service network and service associations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:ServiceNetworkArn", - "vpc-lattice:ServiceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkServiceAssociations.html" - }, - "ListServiceNetworkVpcAssociations": { - "privilege": "ListServiceNetworkVpcAssociations", - "description": "Grants permission to list some or all service network and VPC associations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:VpcId", - "vpc-lattice:ServiceNetworkArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkVpcAssociations.html" - }, - "ListServiceNetworks": { - "privilege": "ListServiceNetworks", - "description": "Grants permission to list the service networks owned by a caller account or shared with the caller account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworks.html" - }, - "ListServices": { - "privilege": "ListServices", - "description": "Grants permission to list the services owned by a caller account or shared with the caller account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServices.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a vpc-lattice resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTargetGroups": { - "privilege": "ListTargetGroups", - "description": "Grants permission to list some or all target groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTargetGroups.html" - }, - "ListTargets": { - "privilege": "ListTargets", - "description": "Grants permission to list some or all targets in a target group", - "access_level": "List", - "resource_types": { - "TargetGroup": { - "resource_type": "TargetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTargets.html" - }, - "PutAuthPolicy": { - "privilege": "PutAuthPolicy", - "description": "Grants permission to create or update the auth policy for a service network or a service", - "access_level": "Permissions management", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_PutAuthPolicy.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create a resource policy for a service network or a service", - "access_level": "Write", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_PutResourcePolicy.html" - }, - "RegisterTargets": { - "privilege": "RegisterTargets", - "description": "Grants permission to register targets to a target group", - "access_level": "Write", - "resource_types": { - "TargetGroup": { - "resource_type": "TargetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_RegisterTargets.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a vpc-lattice resource", - "access_level": "Tagging", - "resource_types": { - "AccessLogSubscription": { - "resource_type": "AccessLogSubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Listener": { - "resource_type": "Listener", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Rule": { - "resource_type": "Rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetworkServiceAssociation": { - "resource_type": "ServiceNetworkServiceAssociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetworkVpcAssociation": { - "resource_type": "ServiceNetworkVpcAssociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TargetGroup": { - "resource_type": "TargetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a vpc-lattice resource", - "access_level": "Tagging", - "resource_types": { - "AccessLogSubscription": { - "resource_type": "AccessLogSubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Listener": { - "resource_type": "Listener", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Rule": { - "resource_type": "Rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Service": { - "resource_type": "Service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetworkServiceAssociation": { - "resource_type": "ServiceNetworkServiceAssociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceNetworkVpcAssociation": { - "resource_type": "ServiceNetworkVpcAssociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TargetGroup": { - "resource_type": "TargetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UntagResource.html" - }, - "UpdateAccessLogSubscription": { - "privilege": "UpdateAccessLogSubscription", - "description": "Grants permission to update an access log subscription", - "access_level": "Write", - "resource_types": { - "AccessLogSubscription": { - "resource_type": "AccessLogSubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:GetLogDelivery", - "logs:UpdateLogDelivery" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateAccessLogSubscription.html" - }, - "UpdateListener": { - "privilege": "UpdateListener", - "description": "Grants permission to update a listener", - "access_level": "Write", - "resource_types": { - "Listener": { - "resource_type": "Listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:TargetGroupArns", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateListener.html" - }, - "UpdateRule": { - "privilege": "UpdateRule", - "description": "Grants permission to update a rule", - "access_level": "Write", - "resource_types": { - "Rule": { - "resource_type": "Rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:TargetGroupArns", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateRule.html" - }, - "UpdateService": { - "privilege": "UpdateService", - "description": "Grants permission to update a service", - "access_level": "Write", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:AuthType", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateService.html" - }, - "UpdateServiceNetwork": { - "privilege": "UpdateServiceNetwork", - "description": "Grants permission to update a service network", - "access_level": "Write", - "resource_types": { - "ServiceNetwork": { - "resource_type": "ServiceNetwork", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:AuthType", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateServiceNetwork.html" - }, - "UpdateServiceNetworkVpcAssociation": { - "privilege": "UpdateServiceNetworkVpcAssociation", - "description": "Grants permission to update a service network and VPC association", - "access_level": "Write", - "resource_types": { - "ServiceNetworkVpcAssociation": { - "resource_type": "ServiceNetworkVpcAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeSecurityGroups", - "ec2:DescribeVpcs" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice:VpcId", - "vpc-lattice:ServiceNetworkArn", - "vpc-lattice:SecurityGroupIds", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateServiceNetworkVpcAssociation.html" - }, - "UpdateTargetGroup": { - "privilege": "UpdateTargetGroup", - "description": "Grants permission to update a target group", - "access_level": "Write", - "resource_types": { - "TargetGroup": { - "resource_type": "TargetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateTargetGroup.html" - } - }, - "resources": { - "ServiceNetwork": { - "resource": "ServiceNetwork", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetwork/${ServiceNetworkId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "vpc-lattice:AuthType" - ] - }, - "Service": { - "resource": "Service", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "vpc-lattice:AuthType" - ] - }, - "ServiceNetworkVpcAssociation": { - "resource": "ServiceNetworkVpcAssociation", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetworkvpcassociation/${ServiceNetworkVpcAssociationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "vpc-lattice:SecurityGroupIds", - "vpc-lattice:ServiceNetworkArn", - "vpc-lattice:VpcId" - ] - }, - "ServiceNetworkServiceAssociation": { - "resource": "ServiceNetworkServiceAssociation", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetworkserviceassociation/${ServiceNetworkServiceAssociationId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "vpc-lattice:ServiceArn", - "vpc-lattice:ServiceNetworkArn" - ] - }, - "TargetGroup": { - "resource": "TargetGroup", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:targetgroup/${TargetGroupId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "vpc-lattice:VpcId" - ] - }, - "Listener": { - "resource": "Listener", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/listener/${ListenerId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "vpc-lattice:Protocol", - "vpc-lattice:TargetGroupArns" - ] - }, - "Rule": { - "resource": "Rule", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/listener/${ListenerId}/rule/${RuleId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "vpc-lattice:TargetGroupArns" - ] - }, - "AccessLogSubscription": { - "resource": "AccessLogSubscription", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:accesslogsubscription/${AccessLogSubscriptionId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "vpc-lattice:AuthType": { - "condition": "vpc-lattice:AuthType", - "description": "Filters access by the auth type specified in the request", - "type": "String" - }, - "vpc-lattice:Protocol": { - "condition": "vpc-lattice:Protocol", - "description": "Filters access by the protocol specified in the request", - "type": "String" - }, - "vpc-lattice:SecurityGroupIds": { - "condition": "vpc-lattice:SecurityGroupIds", - "description": "Filters access by the IDs of security groups", - "type": "ArrayOfString" - }, - "vpc-lattice:ServiceArn": { - "condition": "vpc-lattice:ServiceArn", - "description": "Filters access by the ARN of a service", - "type": "ARN" - }, - "vpc-lattice:ServiceNetworkArn": { - "condition": "vpc-lattice:ServiceNetworkArn", - "description": "Filters access by the ARN of a service network", - "type": "ARN" - }, - "vpc-lattice:TargetGroupArns": { - "condition": "vpc-lattice:TargetGroupArns", - "description": "Filters access by the ARNs of target groups", - "type": "ArrayOfARN" - }, - "vpc-lattice:VpcId": { - "condition": "vpc-lattice:VpcId", - "description": "Filters access by the ID of a virtual private cloud (VPC)", - "type": "String" - } - } - }, - "vpc-lattice-svcs": { - "service_name": "Amazon VPC Lattice Services", - "prefix": "vpc-lattice-svcs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonvpclatticeservices.html", - "privileges": { - "Invoke": { - "privilege": "Invoke", - "description": "Grants permission to invoke a VPC Lattice service", - "access_level": "Write", - "resource_types": { - "Service": { - "resource_type": "Service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "vpc-lattice-svcs:Port", - "vpc-lattice-svcs:ServiceNetworkArn", - "vpc-lattice-svcs:ServiceArn", - "vpc-lattice-svcs:SourceVpc", - "vpc-lattice-svcs:SourceVpcOwnerAccount", - "vpc-lattice-svcs:RequestHeader/${HeaderName}", - "vpc-lattice-svcs:RequestQueryString/${QueryStringKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/sigv4-authenticated-requests.html" - } - }, - "resources": { - "Service": { - "resource": "Service", - "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/${RequestPath}", - "condition_keys": [] - } - }, - "conditions": { - "vpc-lattice-svcs:Port": { - "condition": "vpc-lattice-svcs:Port", - "description": "Filters access by the destination port the request is made to", - "type": "Numeric" - }, - "vpc-lattice-svcs:RequestHeader/${HeaderName}": { - "condition": "vpc-lattice-svcs:RequestHeader/${HeaderName}", - "description": "Filters access by a header name-value pair in the request headers", - "type": "String" - }, - "vpc-lattice-svcs:RequestMethod": { - "condition": "vpc-lattice-svcs:RequestMethod", - "description": "Filters access by the method of the request", - "type": "String" - }, - "vpc-lattice-svcs:RequestQueryString/${QueryStringKey}": { - "condition": "vpc-lattice-svcs:RequestQueryString/${QueryStringKey}", - "description": "Filters access by the query string key-value pairs in the request URL", - "type": "ArrayOfString" - }, - "vpc-lattice-svcs:ServiceArn": { - "condition": "vpc-lattice-svcs:ServiceArn", - "description": "Filters access by the ARN of the service receiving the request", - "type": "ARN" - }, - "vpc-lattice-svcs:ServiceNetworkArn": { - "condition": "vpc-lattice-svcs:ServiceNetworkArn", - "description": "Filters access by the ARN of the service network receiving the request", - "type": "ARN" - }, - "vpc-lattice-svcs:SourceVpc": { - "condition": "vpc-lattice-svcs:SourceVpc", - "description": "Filters access by the VPC the request is made from", - "type": "String" - }, - "vpc-lattice-svcs:SourceVpcOwnerAccount": { - "condition": "vpc-lattice-svcs:SourceVpcOwnerAccount", - "description": "Filters access by the owning account of the VPC the request is made from", - "type": "String" - } - } - }, - "workdocs": { - "service_name": "Amazon WorkDocs", - "prefix": "workdocs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkdocs.html", - "privileges": { - "AbortDocumentVersionUpload": { - "privilege": "AbortDocumentVersionUpload", - "description": "Grants permission to abort the upload of the specified document version that was previously initiated by InitiateDocumentVersionUpload", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_AbortDocumentVersionUpload.html" - }, - "ActivateUser": { - "privilege": "ActivateUser", - "description": "Grants permission to activate the specified user. Only active users can access Amazon WorkDocs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_ActivateUser.html" - }, - "AddNotificationPermissions": { - "privilege": "AddNotificationPermissions", - "description": "Grants permission to add principals that are allowed to call notification subscription APIs for a given WorkDocs site", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-notifications.html" - }, - "AddResourcePermissions": { - "privilege": "AddResourcePermissions", - "description": "Grants permission to create a set of permissions for the specified folder or document", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_AddResourcePermissions.html" - }, - "AddUserToGroup": { - "privilege": "AddUserToGroup", - "description": "Grants permission to add a user to a group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage_set_admin.html" - }, - "CheckAlias": { - "privilege": "CheckAlias", - "description": "Grants permission to check an alias", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/cloud_quick_start.html" - }, - "CreateComment": { - "privilege": "CreateComment", - "description": "Grants permission to add a new comment to the specified document version", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateComment.html" - }, - "CreateCustomMetadata": { - "privilege": "CreateCustomMetadata", - "description": "Grants permission to add one or more custom properties to the specified resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateCustomMetadata.html" - }, - "CreateFolder": { - "privilege": "CreateFolder", - "description": "Grants permission to create a folder with the specified name and parent folder", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateFolder.html" - }, - "CreateInstance": { - "privilege": "CreateInstance", - "description": "Grants permission to create an instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" - }, - "CreateLabels": { - "privilege": "CreateLabels", - "description": "Grants permission to add labels to the given resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateLabels.html" - }, - "CreateNotificationSubscription": { - "privilege": "CreateNotificationSubscription", - "description": "Grants permission to configure WorkDocs to use Amazon SNS notifications", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateNotificationSubscription.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user in a Simple AD or Microsoft AD directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateUser.html" - }, - "DeactivateUser": { - "privilege": "DeactivateUser", - "description": "Grants permission to deactivate the specified user, which revokes the user's access to Amazon WorkDocs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeactivateUser.html" - }, - "DeleteComment": { - "privilege": "DeleteComment", - "description": "Grants permission to delete the specified comment from the document version", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteComment.html" - }, - "DeleteCustomMetadata": { - "privilege": "DeleteCustomMetadata", - "description": "Grants permission to delete custom metadata from the specified resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteCustomMetadata.html" - }, - "DeleteDocument": { - "privilege": "DeleteDocument", - "description": "Grants permission to permanently delete the specified document and its associated metadata", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteDocument.html" - }, - "DeleteDocumentVersion": { - "privilege": "DeleteDocumentVersion", - "description": "Grants permission to delete versions of a specified document", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteDocumentVersion.html" - }, - "DeleteFolder": { - "privilege": "DeleteFolder", - "description": "Grants permission to permanently delete the specified folder and its contents", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteFolder.html" - }, - "DeleteFolderContents": { - "privilege": "DeleteFolderContents", - "description": "Grants permission to delete the contents of the specified folder", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteFolderContents.html" - }, - "DeleteInstance": { - "privilege": "DeleteInstance", - "description": "Grants permission to delete an instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-sites.html#delete_site" - }, - "DeleteLabels": { - "privilege": "DeleteLabels", - "description": "Grants permission to delete one or more labels from a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteLabels.html" - }, - "DeleteNotificationPermissions": { - "privilege": "DeleteNotificationPermissions", - "description": "Grants permission to delete principals that are allowed to call notification subscription APIs for a given WorkDocs site", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-notifications.html" - }, - "DeleteNotificationSubscription": { - "privilege": "DeleteNotificationSubscription", - "description": "Grants permission to delete the specified subscription from the specified organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteNotificationSubscription.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete the specified user from a Simple AD or Microsoft AD directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteUser.html" - }, - "DeregisterDirectory": { - "privilege": "DeregisterDirectory", - "description": "Grants permission to deregister a directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-sites.html#delete_site" - }, - "DescribeActivities": { - "privilege": "DescribeActivities", - "description": "Grants permission to fetch user activities in a specified time period", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeActivities.html" - }, - "DescribeAvailableDirectories": { - "privilege": "DescribeAvailableDirectories", - "description": "Grants permission to describe available directories", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" - }, - "DescribeComments": { - "privilege": "DescribeComments", - "description": "Grants permission to list all the comments for the specified document version", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeComments.html" - }, - "DescribeDocumentVersions": { - "privilege": "DescribeDocumentVersions", - "description": "Grants permission to retrieve the document versions for the specified document", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeDocumentVersions.html" - }, - "DescribeFolderContents": { - "privilege": "DescribeFolderContents", - "description": "Grants permission to describe the contents of the specified folder, including its documents and sub-folders", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeFolderContents.html" - }, - "DescribeGroups": { - "privilege": "DescribeGroups", - "description": "Grants permission to describe the user groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeGroups.html" - }, - "DescribeInstances": { - "privilege": "DescribeInstances", - "description": "Grants permission to describe instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" - }, - "DescribeNotificationPermissions": { - "privilege": "DescribeNotificationPermissions", - "description": "Grants permission to describe principals that are allowed to call notification subscription APIs for a given WorkDocs site", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-notifications.html" - }, - "DescribeNotificationSubscriptions": { - "privilege": "DescribeNotificationSubscriptions", - "description": "Grants permission to list the specified notification subscriptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeNotificationSubscriptions.html" - }, - "DescribeResourcePermissions": { - "privilege": "DescribeResourcePermissions", - "description": "Grants permission to view a description of a specified resource's permissions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeResourcePermissions.html" - }, - "DescribeRootFolders": { - "privilege": "DescribeRootFolders", - "description": "Grants permission to describe the root folders", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeRootFolders.html" - }, - "DescribeUsers": { - "privilege": "DescribeUsers", - "description": "Grants permission to view a description of the specified users. You can describe all users or filter the results (for example, by status or organization)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeUsers.html" - }, - "DownloadDocumentVersion": { - "privilege": "DownloadDocumentVersion", - "description": "Grants permission to download a specified document version", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocumentVersion.html" - }, - "GetCurrentUser": { - "privilege": "GetCurrentUser", - "description": "Grants permission to retrieve the details of the current user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetCurrentUser.html" - }, - "GetDocument": { - "privilege": "GetDocument", - "description": "Grants permission to retrieve the specified document object", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocument.html" - }, - "GetDocumentPath": { - "privilege": "GetDocumentPath", - "description": "Grants permission to retrieve the path information (the hierarchy from the root folder) for the requested document", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocumentPath.html" - }, - "GetDocumentVersion": { - "privilege": "GetDocumentVersion", - "description": "Grants permission to retrieve version metadata for the specified document", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocumentVersion.html" - }, - "GetFolder": { - "privilege": "GetFolder", - "description": "Grants permission to retrieve the metadata of the specified folder", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetFolder.html" - }, - "GetFolderPath": { - "privilege": "GetFolderPath", - "description": "Grants permission to retrieve the path information (the hierarchy from the root folder) for the specified folder", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetFolderPath.html" - }, - "GetGroup": { - "privilege": "GetGroup", - "description": "Grants permission to retrieve details for the specified group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_Operations.html" - }, - "GetResources": { - "privilege": "GetResources", - "description": "Grants permission to get a collection of resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetResources.html" - }, - "InitiateDocumentVersionUpload": { - "privilege": "InitiateDocumentVersionUpload", - "description": "Grants permission to create a new document object and version object", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_InitiateDocumentVersionUpload.html" - }, - "RegisterDirectory": { - "privilege": "RegisterDirectory", - "description": "Grants permission to register a directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/existing-dir-setup.html" - }, - "RemoveAllResourcePermissions": { - "privilege": "RemoveAllResourcePermissions", - "description": "Grants permission to remove all the permissions from the specified resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_RemoveAllResourcePermissions.html" - }, - "RemoveResourcePermission": { - "privilege": "RemoveResourcePermission", - "description": "Grants permission to remove the permission for the specified principal from the specified resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_RemoveResourcePermission.html" - }, - "RestoreDocumentVersions": { - "privilege": "RestoreDocumentVersions", - "description": "Grants permission to restore versions of a specified document", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_RestoreDocumentVersions.html" - }, - "SearchResources": { - "privilege": "SearchResources", - "description": "Grants permission to search metadata and the content of resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_SearchResources.html" - }, - "UpdateDocument": { - "privilege": "UpdateDocument", - "description": "Grants permission to update the specified attributes of the specified document", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateDocument.html" - }, - "UpdateDocumentVersion": { - "privilege": "UpdateDocumentVersion", - "description": "Grants permission to change the status of the document version to ACTIVE", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateDocumentVersion.html" - }, - "UpdateFolder": { - "privilege": "UpdateFolder", - "description": "Grants permission to update the specified attributes of the specified folder", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateFolder.html" - }, - "UpdateInstanceAlias": { - "privilege": "UpdateInstanceAlias", - "description": "Grants permission to update an instance alias", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update the specified attributes of the specified user, and grants or revokes administrative privileges to the Amazon WorkDocs site", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateUser.html" - } - }, - "resources": {}, - "conditions": {} - }, - "worklink": { - "service_name": "Amazon WorkLink", - "prefix": "worklink", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworklink.html", - "privileges": { - "AssociateDomain": { - "privilege": "AssociateDomain", - "description": "Grants permission to associate a domain with an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_AssociateDomain.html" - }, - "AssociateWebsiteAuthorizationProvider": { - "privilege": "AssociateWebsiteAuthorizationProvider", - "description": "Grants permission to associate a website authorization provider with an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_AssociateWebsiteAuthorizationProvider.html" - }, - "AssociateWebsiteCertificateAuthority": { - "privilege": "AssociateWebsiteCertificateAuthority", - "description": "Grants permission to associate a website certificate authority with an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_AssociateWebsiteCertificateAuthority.html" - }, - "CreateFleet": { - "privilege": "CreateFleet", - "description": "Grants permission to create an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_CreateFleet.html" - }, - "DeleteFleet": { - "privilege": "DeleteFleet", - "description": "Grants permission to delete an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DeleteFleet.html" - }, - "DescribeAuditStreamConfiguration": { - "privilege": "DescribeAuditStreamConfiguration", - "description": "Grants permission to describe the audit stream configuration for an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeAuditStreamConfiguration.html" - }, - "DescribeCompanyNetworkConfiguration": { - "privilege": "DescribeCompanyNetworkConfiguration", - "description": "Grants permission to describe the company network configuration for an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeCompanyNetworkConfiguration.html" - }, - "DescribeDevice": { - "privilege": "DescribeDevice", - "description": "Grants permission to describe details of a device associated with an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDevice.html" - }, - "DescribeDevicePolicyConfiguration": { - "privilege": "DescribeDevicePolicyConfiguration", - "description": "Grants permission to describe the device policy configuration for an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDevicePolicyConfiguration.html" - }, - "DescribeDomain": { - "privilege": "DescribeDomain", - "description": "Grants permission to describe details about a domain associated with an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDomain.html" - }, - "DescribeFleetMetadata": { - "privilege": "DescribeFleetMetadata", - "description": "Grants permission to describe metadata of an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeFleetMetadata.html" - }, - "DescribeIdentityProviderConfiguration": { - "privilege": "DescribeIdentityProviderConfiguration", - "description": "Grants permission to describe the identity provider configuration for an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeIdentityProviderConfiguration.html" - }, - "DescribeWebsiteCertificateAuthority": { - "privilege": "DescribeWebsiteCertificateAuthority", - "description": "Grants permission to describe a website certificate authority associated with an Amazon WorkLink fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeWebsiteCertificateAuthority.html" - }, - "DisassociateDomain": { - "privilege": "DisassociateDomain", - "description": "Grants permission to disassociate a domain from an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateDomain.html" - }, - "DisassociateWebsiteAuthorizationProvider": { - "privilege": "DisassociateWebsiteAuthorizationProvider", - "description": "Grants permission to disassociate a website authorization provider from an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateWebsiteAuthorizationProvider.html" - }, - "DisassociateWebsiteCertificateAuthority": { - "privilege": "DisassociateWebsiteCertificateAuthority", - "description": "Grants permission to disassociate a website certificate authority from an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateWebsiteCertificateAuthority.html" - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Grants permission to list the devices associated with an Amazon WorkLink fleet", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListDevices.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list the associated domains for an Amazon WorkLink fleet", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListDomains.html" - }, - "ListFleets": { - "privilege": "ListFleets", - "description": "Grants permission to list the Amazon WorkLink fleets associated with the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListFleets.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListTagsForResource.html" - }, - "ListWebsiteAuthorizationProviders": { - "privilege": "ListWebsiteAuthorizationProviders", - "description": "Grants permission to list the website authorization providers for an Amazon WorkLink fleet", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListWebsiteAuthorizationProviders.html" - }, - "ListWebsiteCertificateAuthorities": { - "privilege": "ListWebsiteCertificateAuthorities", - "description": "Grants permission to list the website certificate authorities associated with an Amazon WorkLink fleet", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListWebsiteCertificateAuthorities.html" - }, - "RestoreDomainAccess": { - "privilege": "RestoreDomainAccess", - "description": "Grants permission to restore access to a domain associated with an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_RestoreDomainAccess.html" - }, - "RevokeDomainAccess": { - "privilege": "RevokeDomainAccess", - "description": "Grants permission to revoke access to a domain associated with an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_RevokeDomainAccess.html" - }, - "SearchEntity": { - "privilege": "SearchEntity", - "description": "Grants permission to list devices for an Amazon WorkLink fleet", - "access_level": "List", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/ag/manage-devices.html" - }, - "SignOutUser": { - "privilege": "SignOutUser", - "description": "Grants permission to sign out a user from an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_SignOutUser.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a resource", - "access_level": "Tagging", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a resource", - "access_level": "Tagging", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UntagResource.html" - }, - "UpdateAuditStreamConfiguration": { - "privilege": "UpdateAuditStreamConfiguration", - "description": "Grants permission to update the audit stream configuration for an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateAuditStreamConfiguration.html" - }, - "UpdateCompanyNetworkConfiguration": { - "privilege": "UpdateCompanyNetworkConfiguration", - "description": "Grants permission to update the company network configuration for an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateCompanyNetworkConfiguration.html" - }, - "UpdateDevicePolicyConfiguration": { - "privilege": "UpdateDevicePolicyConfiguration", - "description": "Grants permission to update the device policy configuration for an Amazon WorkLink fleet", - "access_level": "Permissions management", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateDevicePolicyConfiguration.html" - }, - "UpdateDomainMetadata": { - "privilege": "UpdateDomainMetadata", - "description": "Grants permission to update the metadata for a domain associated with an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateDomainMetadata.html" - }, - "UpdateFleetMetadata": { - "privilege": "UpdateFleetMetadata", - "description": "Grants permission to update the metadata of an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateFleetMetadata.html" - }, - "UpdateIdentityProviderConfiguration": { - "privilege": "UpdateIdentityProviderConfiguration", - "description": "Grants permission to update the identity provider configuration for an Amazon WorkLink fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateIdentityProviderConfiguration.html" - } - }, - "resources": { - "fleet": { - "resource": "fleet", - "arn": "arn:${Partition}:worklink::${Account}:fleet/${FleetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "workmail": { - "service_name": "Amazon WorkMail", - "prefix": "workmail", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkmail.html", - "privileges": { - "AddMembersToGroup": { - "privilege": "AddMembersToGroup", - "description": "Grants permission to add a list of members (users or groups) to a group", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" - }, - "AssociateDelegateToResource": { - "privilege": "AssociateDelegateToResource", - "description": "Grants permission to add a member (user or group) to the resource's set of delegates", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_AssociateDelegateToResource.html" - }, - "AssociateMemberToGroup": { - "privilege": "AssociateMemberToGroup", - "description": "Grants permission to add a member (user or group) to the group's set", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_AssociateMemberToGroup.html" - }, - "AssumeImpersonationRole": { - "privilege": "AssumeImpersonationRole", - "description": "Grants permission to assume an impersonation role for the given Amazon WorkMail organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_AssumeImpersonationRole.html" - }, - "CancelMailboxExportJob": { - "privilege": "CancelMailboxExportJob", - "description": "Grants permission to cancel a currently running mailbox export job", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CancelMailboxExportJob.html" - }, - "CreateAlias": { - "privilege": "CreateAlias", - "description": "Grants permission to add an alias to the set of a given member (user or group) of WorkMail", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateAlias.html" - }, - "CreateAvailabilityConfiguration": { - "privilege": "CreateAvailabilityConfiguration", - "description": "Grants permission to create an AvailabilityConfiguration for the given Amazon WorkMail organization and domain", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateAvailabilityConfiguration.html" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a group that can be used in WorkMail by calling the RegisterToWorkMail operation", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateGroup.html" - }, - "CreateImpersonationRole": { - "privilege": "CreateImpersonationRole", - "description": "Grants permission to create an impersonation role for the given Amazon WorkMail organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateImpersonationRole.html" - }, - "CreateInboundMailFlowRule": { - "privilege": "CreateInboundMailFlowRule", - "description": "Grants permission to create an inbound email flow rule which will apply to all email sent to an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/create-email-rules.html" - }, - "CreateMailDomain": { - "privilege": "CreateMailDomain", - "description": "Grants permission to create a mail domain", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_domain.html" - }, - "CreateMailUser": { - "privilege": "CreateMailUser", - "description": "Grants permission to create a user in the directory", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html" - }, - "CreateMobileDeviceAccessRule": { - "privilege": "CreateMobileDeviceAccessRule", - "description": "Grants permission to create a new mobile device access rule", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateMobileDeviceAccessRule.html" - }, - "CreateOrganization": { - "privilege": "CreateOrganization", - "description": "Grants permission to create a new Amazon WorkMail organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateOrganization.html" - }, - "CreateOutboundMailFlowRule": { - "privilege": "CreateOutboundMailFlowRule", - "description": "Grants permission to create an outbound email flow rule which will apply to all email sent from an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/create-email-rules.html" - }, - "CreateResource": { - "privilege": "CreateResource", - "description": "Grants permission to create a new WorkMail resource", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateResource.html" - }, - "CreateSmtpGateway": { - "privilege": "CreateSmtpGateway", - "description": "Grants permission to register an SMTP gateway to a WorkMail organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user, which can be enabled afterwards by calling the RegisterToWorkMail operation", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateUser.html" - }, - "DeleteAccessControlRule": { - "privilege": "DeleteAccessControlRule", - "description": "Grants permission to delete an access control rule", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteAccessControlRule.html" - }, - "DeleteAlias": { - "privilege": "DeleteAlias", - "description": "Grants permission to remove one or more specified aliases from a set of aliases for a given user", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteAlias.html" - }, - "DeleteAvailabilityConfiguration": { - "privilege": "DeleteAvailabilityConfiguration", - "description": "Grants permission to delete the AvailabilityConfiguration for the given Amazon WorkMail organization and domain", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteAvailabilityConfiguration.html" - }, - "DeleteEmailMonitoringConfiguration": { - "privilege": "DeleteEmailMonitoringConfiguration", - "description": "Grants permission to delete the email monitoring configuration for an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteEmailMonitoringConfiguration.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete a group from WorkMail", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteGroup.html" - }, - "DeleteImpersonationRole": { - "privilege": "DeleteImpersonationRole", - "description": "Grants permission to delete an impersonation role for the given Amazon WorkMail organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteImpersonationRole.html" - }, - "DeleteInboundMailFlowRule": { - "privilege": "DeleteInboundMailFlowRule", - "description": "Grants permission to remove an inbound email flow rule to no longer apply to emails sent to an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove-email-flow-rule.html" - }, - "DeleteMailDomain": { - "privilege": "DeleteMailDomain", - "description": "Grants permission to remove an unused mail domain from an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove_domain.html" - }, - "DeleteMailboxPermissions": { - "privilege": "DeleteMailboxPermissions", - "description": "Grants permission to delete permissions granted to a member (user or group)", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteMailboxPermissions.html" - }, - "DeleteMobileDevice": { - "privilege": "DeleteMobileDevice", - "description": "Grants permission to remove a mobile device from a user", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html#remove_mobile_device" - }, - "DeleteMobileDeviceAccessOverride": { - "privilege": "DeleteMobileDeviceAccessOverride", - "description": "Grants permission to delete a mobile device access override", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteMobileDeviceAccessOverride.html" - }, - "DeleteMobileDeviceAccessRule": { - "privilege": "DeleteMobileDeviceAccessRule", - "description": "Grants permission to delete a mobile device access rule", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteMobileDeviceAccessRule.html" - }, - "DeleteOrganization": { - "privilege": "DeleteOrganization", - "description": "Grants permission to delete an Amazon WorkMail organization and all underlying AWS resources managed by Amazon WorkMail as part of the organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteOrganization.html" - }, - "DeleteOutboundMailFlowRule": { - "privilege": "DeleteOutboundMailFlowRule", - "description": "Grants permission to remove an outbound email flow rule so that it no longer applies to emails sent from an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove-email-flow-rule.html" - }, - "DeleteResource": { - "privilege": "DeleteResource", - "description": "Grants permission to delete the specified resource", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteResource.html" - }, - "DeleteRetentionPolicy": { - "privilege": "DeleteRetentionPolicy", - "description": "Grants permission to delete the retention policy based on the supplied organization and policy identifiers", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteRetentionPolicy.html" - }, - "DeleteSmtpGateway": { - "privilege": "DeleteSmtpGateway", - "description": "Grants permission to remove an SMTP gateway from an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user from WorkMail and all subsequent systems", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteUser.html" - }, - "DeregisterFromWorkMail": { - "privilege": "DeregisterFromWorkMail", - "description": "Grants permission to mark a user, group, or resource as no longer used in WorkMail", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeregisterFromWorkMail.html" - }, - "DeregisterMailDomain": { - "privilege": "DeregisterMailDomain", - "description": "Grants permission to deregister a mail domain from an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeregisterMailDomain.html" - }, - "DescribeDirectories": { - "privilege": "DescribeDirectories", - "description": "Grants permission to show a list of directories available for use in creating an organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_new_organization.html" - }, - "DescribeEmailMonitoringConfiguration": { - "privilege": "DescribeEmailMonitoringConfiguration", - "description": "Grants permission to retrieve the email monitoring configuration for an organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeEmailMonitoringConfiguration.html" - }, - "DescribeGroup": { - "privilege": "DescribeGroup", - "description": "Grants permission to read the details for a group", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeGroup.html" - }, - "DescribeInboundDmarcSettings": { - "privilege": "DescribeInboundDmarcSettings", - "description": "Grants permission to read the settings in a DMARC policy for a specified organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeInboundDmarcSettings.html" - }, - "DescribeInboundMailFlowRule": { - "privilege": "DescribeInboundMailFlowRule", - "description": "Grants permission to read the details of an inbound mail flow rule configured for an organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-actions" - }, - "DescribeKmsKeys": { - "privilege": "DescribeKmsKeys", - "description": "Grants permission to show a list of KMS Keys available for use in creating an organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_new_organization.html" - }, - "DescribeMailDomains": { - "privilege": "DescribeMailDomains", - "description": "Grants permission to show the details of all mail domains associated with the organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/domains_overview.html" - }, - "DescribeMailGroups": { - "privilege": "DescribeMailGroups", - "description": "Grants permission to show the details of all groups associated with the organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" - }, - "DescribeMailUsers": { - "privilege": "DescribeMailUsers", - "description": "Grants permission to show the details of all users associated with the organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/users_overview.html" - }, - "DescribeMailboxExportJob": { - "privilege": "DescribeMailboxExportJob", - "description": "Grants permission to retrieve details of a mailbox export job", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeMailboxExportJob.html" - }, - "DescribeOrganization": { - "privilege": "DescribeOrganization", - "description": "Grants permission to read details of an organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeOrganization.html" - }, - "DescribeOrganizations": { - "privilege": "DescribeOrganizations", - "description": "Grants permission to show a summary of all organizations associated with the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html" - }, - "DescribeOutboundMailFlowRule": { - "privilege": "DescribeOutboundMailFlowRule", - "description": "Grants permission to read the details of an outbound mail flow rule configured for an organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-outbound" - }, - "DescribeResource": { - "privilege": "DescribeResource", - "description": "Grants permission to read the details for a resource", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeResource.html" - }, - "DescribeSmtpGateway": { - "privilege": "DescribeSmtpGateway", - "description": "Grants permission to read the details of an SMTP gateway registered to an organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" - }, - "DescribeUser": { - "privilege": "DescribeUser", - "description": "Grants permission to read details for a user", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeUser.html" - }, - "DisableMailGroups": { - "privilege": "DisableMailGroups", - "description": "Grants permission to disable a mail group when it is not being used, in order to allow it to be deleted", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove_group.html" - }, - "DisableMailUsers": { - "privilege": "DisableMailUsers", - "description": "Grants permission to disable a user mailbox when it is no longer being used, in order to allow it to be deleted", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-mailboxes.html#delete_user_mailbox" - }, - "DisassociateDelegateFromResource": { - "privilege": "DisassociateDelegateFromResource", - "description": "Grants permission to remove a member from the resource's set of delegates", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DisassociateDelegateFromResource.html" - }, - "DisassociateMemberFromGroup": { - "privilege": "DisassociateMemberFromGroup", - "description": "Grants permission to remove a member from a group", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DisassociateMemberFromGroup.html" - }, - "EnableMailDomain": { - "privilege": "EnableMailDomain", - "description": "Grants permission to enable a mail domain in the organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_domain.html" - }, - "EnableMailGroups": { - "privilege": "EnableMailGroups", - "description": "Grants permission to enable a mail group after it has been created to allow it to receive mail", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/enable_existing_group.html" - }, - "EnableMailUsers": { - "privilege": "EnableMailUsers", - "description": "Grants permission to enable a user's mailbox after it has been created to allow it to receive mail", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html#enable_existing_user" - }, - "GetAccessControlEffect": { - "privilege": "GetAccessControlEffect", - "description": "Grants permission to get the effects of access control rules as they apply to a specified IPv4 address, access protocol action, or user ID", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetAccessControlEffect.html" - }, - "GetDefaultRetentionPolicy": { - "privilege": "GetDefaultRetentionPolicy", - "description": "Grants permission to retrieve the retention policy associated at an organizational level", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetDefaultRetentionPolicy.html" - }, - "GetImpersonationRole": { - "privilege": "GetImpersonationRole", - "description": "Grants permission to retrieve an impersonation role for the given Amazon WorkMail organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetImpersonationRole.html" - }, - "GetImpersonationRoleEffect": { - "privilege": "GetImpersonationRoleEffect", - "description": "Grants permission to get the effect of the rules associated to an impersonation role for a specific user", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetImpersonationRoleEffect.html" - }, - "GetJournalingRules": { - "privilege": "GetJournalingRules", - "description": "Grants permission to read the configured journaling and fallback email addresses for email journaling", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/journaling_overview.html" - }, - "GetMailDomain": { - "privilege": "GetMailDomain", - "description": "Grants permission to retrieve details of a given mail domain in an organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMailDomain.html" - }, - "GetMailDomainDetails": { - "privilege": "GetMailDomainDetails", - "description": "Grants permission to get the details of the mail domain", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/domains_overview.html" - }, - "GetMailGroupDetails": { - "privilege": "GetMailGroupDetails", - "description": "Grants permission to get the details of the mail group", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" - }, - "GetMailUserDetails": { - "privilege": "GetMailUserDetails", - "description": "Grants permission to get the details of the user's mailbox and account", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/users_overview.html" - }, - "GetMailboxDetails": { - "privilege": "GetMailboxDetails", - "description": "Grants permission to read the details of the user's mailbox", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMailboxDetails.html" - }, - "GetMobileDeviceAccessEffect": { - "privilege": "GetMobileDeviceAccessEffect", - "description": "Grants permission to simulate the effect of the mobile device access rules for the given attributes of a sample access event", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMobileDeviceAccessEffect.html" - }, - "GetMobileDeviceAccessOverride": { - "privilege": "GetMobileDeviceAccessOverride", - "description": "Grants permission to retrieve a mobile device access override", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMobileDeviceAccessOverride.html" - }, - "GetMobileDeviceDetails": { - "privilege": "GetMobileDeviceDetails", - "description": "Grants permission to get the details of the mobile device", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html" - }, - "GetMobileDevicesForUser": { - "privilege": "GetMobileDevicesForUser", - "description": "Grants permission to get a list of the mobile devices associated with the user", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html" - }, - "GetMobilePolicyDetails": { - "privilege": "GetMobilePolicyDetails", - "description": "Grants permission to get the details of the mobile device policy associated with the organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/edit_organization_mobile_policy.html" - }, - "ListAccessControlRules": { - "privilege": "ListAccessControlRules", - "description": "Grants permission to list the access control rules", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListAccessControlRules.html" - }, - "ListAliases": { - "privilege": "ListAliases", - "description": "Grants permission to list the aliases associated with a given entity", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListAliases.html" - }, - "ListAvailabilityConfigurations": { - "privilege": "ListAvailabilityConfigurations", - "description": "Grants permission to list all the AvailabilityConfiguration's for the given Amazon WorkMail organization", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListAvailabilityConfigurations.html" - }, - "ListGroupMembers": { - "privilege": "ListGroupMembers", - "description": "Grants permission to read an overview of the members of a group. Users and groups can be members of a group", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListGroupMembers.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list summaries of the organization's groups", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListGroups.html" - }, - "ListImpersonationRoles": { - "privilege": "ListImpersonationRoles", - "description": "Grants permission to list the impersonation roles for the given Amazon WorkMail organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListImpersonationRoles.html" - }, - "ListInboundMailFlowRules": { - "privilege": "ListInboundMailFlowRules", - "description": "Grants permission to list inbound mail flow rules configured for an organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-actions" - }, - "ListMailDomains": { - "privilege": "ListMailDomains", - "description": "Grants permission to list the mail domains for a given organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMailDomains.html" - }, - "ListMailboxExportJobs": { - "privilege": "ListMailboxExportJobs", - "description": "Grants permission to list mailbox export jobs", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMailboxExportJobs.html" - }, - "ListMailboxPermissions": { - "privilege": "ListMailboxPermissions", - "description": "Grants permission to list the mailbox permissions associated with a user, group, or resource mailbox", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMailboxPermissions.html" - }, - "ListMembersInMailGroup": { - "privilege": "ListMembersInMailGroup", - "description": "Grants permission to get a list of all the members in a mail group", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" - }, - "ListMobileDeviceAccessOverrides": { - "privilege": "ListMobileDeviceAccessOverrides", - "description": "Grants permission to list the mobile device access overrides", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMobileDeviceAccessOverrides.html" - }, - "ListMobileDeviceAccessRules": { - "privilege": "ListMobileDeviceAccessRules", - "description": "Grants permission to list the mobile device access rules", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMobileDeviceAccessRules.html" - }, - "ListOrganizations": { - "privilege": "ListOrganizations", - "description": "Grants permission to list the non-deleted organizations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html" - }, - "ListOutboundMailFlowRules": { - "privilege": "ListOutboundMailFlowRules", - "description": "Grants permission to list outbound mail flow rules configured for an organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-outbound" - }, - "ListResourceDelegates": { - "privilege": "ListResourceDelegates", - "description": "Grants permission to list the delegates associated with a resource", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListResourceDelegates.html" - }, - "ListResources": { - "privilege": "ListResources", - "description": "Grants permission to list the organization's resources", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListResources.html" - }, - "ListSmtpGateways": { - "privilege": "ListSmtpGateways", - "description": "Grants permission to list SMTP gateways registered to the organization", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags applied to an Amazon WorkMail organization resource", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListTagsForResource.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list the organization's users", - "access_level": "List", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListUsers.html" - }, - "PutAccessControlRule": { - "privilege": "PutAccessControlRule", - "description": "Grants permission to add a new access control rule", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutAccessControlRule.html" - }, - "PutEmailMonitoringConfiguration": { - "privilege": "PutEmailMonitoringConfiguration", - "description": "Grants permission to add or update the email monitoring configuration for an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutEmailMonitoringConfiguration.html" - }, - "PutInboundDmarcSettings": { - "privilege": "PutInboundDmarcSettings", - "description": "Grants permission to enable or disable a DMARC policy for a given organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutInboundDmarcSettings.html" - }, - "PutMailboxPermissions": { - "privilege": "PutMailboxPermissions", - "description": "Grants permission to set permissions for a user, group, or resource, replacing any existing permissions", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutMailboxPermissions.html" - }, - "PutMobileDeviceAccessOverride": { - "privilege": "PutMobileDeviceAccessOverride", - "description": "Grants permission to add or update a mobile device access override", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutMobileDeviceAccessOverride.html" - }, - "PutRetentionPolicy": { - "privilege": "PutRetentionPolicy", - "description": "Grants permission to add or update the retention policy", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutRetentionPolicy.html" - }, - "RegisterMailDomain": { - "privilege": "RegisterMailDomain", - "description": "Grants permission to register a new mail domain in an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_RegisterMailDomain.html" - }, - "RegisterToWorkMail": { - "privilege": "RegisterToWorkMail", - "description": "Grants permission to register an existing and disabled user, group, or resource for use by associating a mailbox and calendaring capabilities", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_RegisterToWorkMail.html" - }, - "RemoveMembersFromGroup": { - "privilege": "RemoveMembersFromGroup", - "description": "Grants permission to remove members from a mail group", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" - }, - "ResetPassword": { - "privilege": "ResetPassword", - "description": "Grants permission to allow the administrator to reset the password for a user", - "access_level": "Permissions management", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ResetPassword.html" - }, - "ResetUserPassword": { - "privilege": "ResetUserPassword", - "description": "Grants permission to reset the password for a user's account", - "access_level": "Permissions management", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html#reset_user_password" - }, - "SearchMembers": { - "privilege": "SearchMembers", - "description": "Grants permission to perform a prefix search to find a specific user in a mail group", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" - }, - "SetAdmin": { - "privilege": "SetAdmin", - "description": "Grants permission to mark a user as being an administrator", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/users_overview.html" - }, - "SetDefaultMailDomain": { - "privilege": "SetDefaultMailDomain", - "description": "Grants permission to set the default mail domain for the organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/default_domain.html" - }, - "SetJournalingRules": { - "privilege": "SetJournalingRules", - "description": "Grants permission to set journaling and fallback email addresses for email journaling", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/journaling_overview.html" - }, - "SetMailGroupDetails": { - "privilege": "SetMailGroupDetails", - "description": "Grants permission to set the details of the mail group which has just been created", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_new_group.html" - }, - "SetMailUserDetails": { - "privilege": "SetMailUserDetails", - "description": "Grants permission to set the details for the user account which has just been created", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html" - }, - "SetMobilePolicyDetails": { - "privilege": "SetMobilePolicyDetails", - "description": "Grants permission to set the details of a mobile policy associated with the organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/edit_organization_mobile_policy.html" - }, - "StartMailboxExportJob": { - "privilege": "StartMailboxExportJob", - "description": "Grants permission to start a new mailbox export job", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_StartMailboxExportJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag the specified Amazon WorkMail organization resource", - "access_level": "Tagging", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_TagResource.html" - }, - "TestAvailabilityConfiguration": { - "privilege": "TestAvailabilityConfiguration", - "description": "Grants permission to performs a test on an availability provider to ensure that access is allowed", - "access_level": "Read", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_TestAvailabilityConfiguration.html" - }, - "TestInboundMailFlowRules": { - "privilege": "TestInboundMailFlowRules", - "description": "Grants permission to test what inbound rules will apply to an email with a given sender and recipient", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/test-email-flow-rule.html" - }, - "TestOutboundMailFlowRules": { - "privilege": "TestOutboundMailFlowRules", - "description": "Grants permission to test what outbound rules will apply to an email with a given sender and recipient", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/test-email-flow-rule.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified Amazon WorkMail organization resource", - "access_level": "Tagging", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UntagResource.html" - }, - "UpdateAvailabilityConfiguration": { - "privilege": "UpdateAvailabilityConfiguration", - "description": "Grants permission to update an existing AvailabilityConfiguration for the given Amazon WorkMail organization and domain", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateAvailabilityConfiguration.html" - }, - "UpdateDefaultMailDomain": { - "privilege": "UpdateDefaultMailDomain", - "description": "Grants permission to update which domain is the default domain for an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateDefaultMailDomain.html" - }, - "UpdateImpersonationRole": { - "privilege": "UpdateImpersonationRole", - "description": "Grants permission to update an existing impersonation role for the given Amazon WorkMail organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateImpersonationRole.html" - }, - "UpdateInboundMailFlowRule": { - "privilege": "UpdateInboundMailFlowRule", - "description": "Grants permission to update the details of an inbound email flow rule which will apply to all email sent to an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/modify-email-flow-rule.html" - }, - "UpdateMailboxQuota": { - "privilege": "UpdateMailboxQuota", - "description": "Grants permission to update the maximum size (in MB) of the user's mailbox", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateMailboxQuota.html" - }, - "UpdateMobileDeviceAccessRule": { - "privilege": "UpdateMobileDeviceAccessRule", - "description": "Grants permission to update a mobile device access rule", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateMobileDeviceAccessRule.html" - }, - "UpdateOutboundMailFlowRule": { - "privilege": "UpdateOutboundMailFlowRule", - "description": "Grants permission to update the details of an outbound email flow rule which will apply to all email sent from an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/modify-email-flow-rule.html" - }, - "UpdatePrimaryEmailAddress": { - "privilege": "UpdatePrimaryEmailAddress", - "description": "Grants permission to update the primary email for a user, group, or resource", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdatePrimaryEmailAddress.html" - }, - "UpdateResource": { - "privilege": "UpdateResource", - "description": "Grants permission to update details for the resource", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateResource.html" - }, - "UpdateSmtpGateway": { - "privilege": "UpdateSmtpGateway", - "description": "Grants permission to update the details of an existing SMTP gateway registered to an organization", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" - }, - "WipeMobileDevice": { - "privilege": "WipeMobileDevice", - "description": "Grants permission to remotely wipe the mobile device associated with a user's account", - "access_level": "Write", - "resource_types": { - "organization": { - "resource_type": "organization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html#remote_wipe_device" - } - }, - "resources": { - "organization": { - "resource": "organization", - "arn": "arn:${Partition}:workmail:${Region}:${Account}:organization/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "workmailmessageflow": { - "service_name": "Amazon WorkMail Message Flow", - "prefix": "workmailmessageflow", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkmailmessageflow.html", - "privileges": { - "GetRawMessageContent": { - "privilege": "GetRawMessageContent", - "description": "Grants permission to read the content of email messages with the specified message ID", - "access_level": "Read", - "resource_types": { - "RawMessage": { - "resource_type": "RawMessage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_messageflow_GetRawMessageContent.html" - }, - "PutRawMessageContent": { - "privilege": "PutRawMessageContent", - "description": "Grants permission to update the content of email messages with the specified message ID", - "access_level": "Write", - "resource_types": { - "RawMessage": { - "resource_type": "RawMessage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_messageflow_PutRawMessageContent.html" - } - }, - "resources": { - "RawMessage": { - "resource": "RawMessage", - "arn": "arn:${Partition}:workmailmessageflow:${Region}:${Account}:message/${OrganizationId}/${Context}/${MessageId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "workspaces": { - "service_name": "Amazon WorkSpaces", - "prefix": "workspaces", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspaces.html", - "privileges": { - "AssociateConnectionAlias": { - "privilege": "AssociateConnectionAlias", - "description": "Grants permission to associate connection aliases with directories", - "access_level": "Write", - "resource_types": { - "connectionalias": { - "resource_type": "connectionalias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_AssociateConnectionAlias.html" - }, - "AssociateIpGroups": { - "privilege": "AssociateIpGroups", - "description": "Grants permission to associate IP access control groups with directories", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspaceipgroup": { - "resource_type": "workspaceipgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_AssociateIpGroups.html" - }, - "AuthorizeIpRules": { - "privilege": "AuthorizeIpRules", - "description": "Grants permission to add rules to IP access control groups", - "access_level": "Write", - "resource_types": { - "workspaceipgroup": { - "resource_type": "workspaceipgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_AuthorizeIpRules.html" - }, - "CopyWorkspaceImage": { - "privilege": "CopyWorkspaceImage", - "description": "Grants permission to copy a WorkSpace image", - "access_level": "Write", - "resource_types": { - "workspaceimage": { - "resource_type": "workspaceimage", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "workspaces:DescribeWorkspaceImages" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CopyWorkspaceImage.html" - }, - "CreateConnectClientAddIn": { - "privilege": "CreateConnectClientAddIn", - "description": "Grants permission to create an Amazon Connect client add-in within a directory", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateConnectClientAddIn.html" - }, - "CreateConnectionAlias": { - "privilege": "CreateConnectionAlias", - "description": "Grants permission to create connection aliases for use with cross-Region redirection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateConnectionAlias.html" - }, - "CreateIpGroup": { - "privilege": "CreateIpGroup", - "description": "Grants permission to create IP access control groups", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateIpGroup.html" - }, - "CreateStandbyWorkspaces": { - "privilege": "CreateStandbyWorkspaces", - "description": "Grants permission to create one or more Standby WorkSpaces", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateStandbyWorkspaces.html" - }, - "CreateTags": { - "privilege": "CreateTags", - "description": "Grants permission to create tags for WorkSpaces resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateTags.html" - }, - "CreateUpdatedWorkspaceImage": { - "privilege": "CreateUpdatedWorkspaceImage", - "description": "Grants permission to create an updated WorkSpace image", - "access_level": "Write", - "resource_types": { - "workspaceimage": { - "resource_type": "workspaceimage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateUpdatedWorkspaceImage.html" - }, - "CreateWorkspaceBundle": { - "privilege": "CreateWorkspaceBundle", - "description": "Grants permission to create a WorkSpace bundle", - "access_level": "Write", - "resource_types": { - "workspacebundle": { - "resource_type": "workspacebundle", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "workspaces:CreateTags" - ] - }, - "workspaceimage": { - "resource_type": "workspaceimage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateWorkspaceBundle.html" - }, - "CreateWorkspaceImage": { - "privilege": "CreateWorkspaceImage", - "description": "Grants permission to create a new WorkSpace image", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateWorkspaceImage.html" - }, - "CreateWorkspaces": { - "privilege": "CreateWorkspaces", - "description": "Grants permission to create one or more WorkSpaces", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspacebundle": { - "resource_type": "workspacebundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateWorkspaces.html" - }, - "DeleteClientBranding": { - "privilege": "DeleteClientBranding", - "description": "Grants permission to delete AWS WorkSpaces Client branding data within a directory", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteClientBranding.html" - }, - "DeleteConnectClientAddIn": { - "privilege": "DeleteConnectClientAddIn", - "description": "Grants permission to delete an Amazon Connect client add-in that is configured within a directory", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteConnectClientAddIn.html" - }, - "DeleteConnectionAlias": { - "privilege": "DeleteConnectionAlias", - "description": "Grants permission to delete connection aliases", - "access_level": "Write", - "resource_types": { - "connectionalias": { - "resource_type": "connectionalias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteConnectionAlias.html" - }, - "DeleteIpGroup": { - "privilege": "DeleteIpGroup", - "description": "Grants permission to delete IP access control groups", - "access_level": "Write", - "resource_types": { - "workspaceipgroup": { - "resource_type": "workspaceipgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteIpGroup.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete tags from WorkSpaces resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteTags.html" - }, - "DeleteWorkspaceBundle": { - "privilege": "DeleteWorkspaceBundle", - "description": "Grants permission to delete WorkSpace bundles", - "access_level": "Write", - "resource_types": { - "workspacebundle": { - "resource_type": "workspacebundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteWorkspaceBundle.html" - }, - "DeleteWorkspaceImage": { - "privilege": "DeleteWorkspaceImage", - "description": "Grants permission to delete WorkSpace images", - "access_level": "Write", - "resource_types": { - "workspaceimage": { - "resource_type": "workspaceimage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteWorkspaceImage.html" - }, - "DeregisterWorkspaceDirectory": { - "privilege": "DeregisterWorkspaceDirectory", - "description": "Grants permission to deregister directories from use with Amazon WorkSpaces", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeregisterWorkspaceDirectory.html" - }, - "DescribeAccount": { - "privilege": "DescribeAccount", - "description": "Grants permission to retrieve the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeAccount.html" - }, - "DescribeAccountModifications": { - "privilege": "DescribeAccountModifications", - "description": "Grants permission to retrieve modifications to the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeAccountModifications.html" - }, - "DescribeClientBranding": { - "privilege": "DescribeClientBranding", - "description": "Grants permission to retrieve AWS WorkSpaces Client branding data within a directory", - "access_level": "Read", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeClientBranding.html" - }, - "DescribeClientProperties": { - "privilege": "DescribeClientProperties", - "description": "Grants permission to retrieve information about WorkSpaces clients", - "access_level": "List", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeClientProperties.html" - }, - "DescribeConnectClientAddIns": { - "privilege": "DescribeConnectClientAddIns", - "description": "Grants permission to retrieve a list of Amazon Connect client add-ins that have been created", - "access_level": "List", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeConnectClientAddIns.html" - }, - "DescribeConnectionAliasPermissions": { - "privilege": "DescribeConnectionAliasPermissions", - "description": "Grants permission to retrieve the permissions that the owners of connection aliases have granted to other AWS accounts for connection aliases", - "access_level": "Read", - "resource_types": { - "connectionalias": { - "resource_type": "connectionalias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeConnectionAliasPermissions.html" - }, - "DescribeConnectionAliases": { - "privilege": "DescribeConnectionAliases", - "description": "Grants permission to retrieve a list that describes the connection aliases used for cross-Region redirection", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeConnectionAliases.html" - }, - "DescribeIpGroups": { - "privilege": "DescribeIpGroups", - "description": "Grants permission to retrieve information about IP access control groups", - "access_level": "Read", - "resource_types": { - "workspaceipgroup": { - "resource_type": "workspaceipgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeIpGroups.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to describe the tags for WorkSpaces resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeTags.html" - }, - "DescribeWorkspaceBundles": { - "privilege": "DescribeWorkspaceBundles", - "description": "Grants permission to obtain information about WorkSpace bundles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceBundles.html" - }, - "DescribeWorkspaceDirectories": { - "privilege": "DescribeWorkspaceDirectories", - "description": "Grants permission to retrieve information about directories that are registered with WorkSpaces", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceDirectories.html" - }, - "DescribeWorkspaceImagePermissions": { - "privilege": "DescribeWorkspaceImagePermissions", - "description": "Grants permission to retrieve information about WorkSpace image permissions", - "access_level": "Read", - "resource_types": { - "workspaceimage": { - "resource_type": "workspaceimage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceImagePermissions.html" - }, - "DescribeWorkspaceImages": { - "privilege": "DescribeWorkspaceImages", - "description": "Grants permission to retrieve information about WorkSpace images", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceImages.html" - }, - "DescribeWorkspaceSnapshots": { - "privilege": "DescribeWorkspaceSnapshots", - "description": "Grants permission to retrieve information about WorkSpace snapshots", - "access_level": "List", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceSnapshots.html" - }, - "DescribeWorkspaces": { - "privilege": "DescribeWorkspaces", - "description": "Grants permission to obtain information about WorkSpaces", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaces.html" - }, - "DescribeWorkspacesConnectionStatus": { - "privilege": "DescribeWorkspacesConnectionStatus", - "description": "Grants permission to obtain the connection status of WorkSpaces", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspacesConnectionStatus.html" - }, - "DisassociateConnectionAlias": { - "privilege": "DisassociateConnectionAlias", - "description": "Grants permission to disassociate connection aliases from directories", - "access_level": "Write", - "resource_types": { - "connectionalias": { - "resource_type": "connectionalias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DisassociateConnectionAlias.html" - }, - "DisassociateIpGroups": { - "privilege": "DisassociateIpGroups", - "description": "Grants permission to disassociate IP access control groups from directories", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspaceipgroup": { - "resource_type": "workspaceipgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DisassociateIpGroups.html" - }, - "ImportClientBranding": { - "privilege": "ImportClientBranding", - "description": "Grants permission to import AWS WorkSpaces Client branding data within a directory", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ImportClientBranding.html" - }, - "ImportWorkspaceImage": { - "privilege": "ImportWorkspaceImage", - "description": "Grants permission to import Bring Your Own License (BYOL) images into Amazon WorkSpaces", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeImages", - "ec2:ModifyImageAttribute" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ImportWorkspaceImage.html" - }, - "ListAvailableManagementCidrRanges": { - "privilege": "ListAvailableManagementCidrRanges", - "description": "Grants permission to list the available CIDR ranges for enabling Bring Your Own License (BYOL) for WorkSpaces accounts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ListAvailableManagementCidrRanges.html" - }, - "MigrateWorkspace": { - "privilege": "MigrateWorkspace", - "description": "Grants permission to migrate WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspacebundle": { - "resource_type": "workspacebundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_MigrateWorkspace.html" - }, - "ModifyAccount": { - "privilege": "ModifyAccount", - "description": "Grants permission to modify the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyAccount.html" - }, - "ModifyCertificateBasedAuthProperties": { - "privilege": "ModifyCertificateBasedAuthProperties", - "description": "Grants permission to modify the certificate-based authorization properties of a directory", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyCertificateBasedAuthProperties.html" - }, - "ModifyClientProperties": { - "privilege": "ModifyClientProperties", - "description": "Grants permission to modify the properties of WorkSpaces clients", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyClientProperties.html" - }, - "ModifySamlProperties": { - "privilege": "ModifySamlProperties", - "description": "Grants permission to modify the SAML properties of a directory", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifySamlProperties.html" - }, - "ModifySelfservicePermissions": { - "privilege": "ModifySelfservicePermissions", - "description": "Grants permission to modify the self-service WorkSpace management capabilities for your users", - "access_level": "Permissions management", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifySelfservicePermissions.html" - }, - "ModifyWorkspaceAccessProperties": { - "privilege": "ModifyWorkspaceAccessProperties", - "description": "Grants permission to specify which devices and operating systems users can use to access their WorkSpaces", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceAccessProperties.html" - }, - "ModifyWorkspaceCreationProperties": { - "privilege": "ModifyWorkspaceCreationProperties", - "description": "Grants permission to modify the default properties used to create WorkSpaces", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceCreationProperties.html" - }, - "ModifyWorkspaceProperties": { - "privilege": "ModifyWorkspaceProperties", - "description": "Grants permission to modify WorkSpace properties, including the running mode and the AutoStop period", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceProperties.html" - }, - "ModifyWorkspaceState": { - "privilege": "ModifyWorkspaceState", - "description": "Grants permission to modify the state of WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceState.html" - }, - "RebootWorkspaces": { - "privilege": "RebootWorkspaces", - "description": "Grants permission to reboot WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RebootWorkspaces.html" - }, - "RebuildWorkspaces": { - "privilege": "RebuildWorkspaces", - "description": "Grants permission to rebuild WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RebuildWorkspaces.html" - }, - "RegisterWorkspaceDirectory": { - "privilege": "RegisterWorkspaceDirectory", - "description": "Grants permission to register directories for use with Amazon WorkSpaces", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RegisterWorkspaceDirectory.html" - }, - "RestoreWorkspace": { - "privilege": "RestoreWorkspace", - "description": "Grants permission to restore WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RestoreWorkspace.html" - }, - "RevokeIpRules": { - "privilege": "RevokeIpRules", - "description": "Grants permission to remove rules from IP access control groups", - "access_level": "Write", - "resource_types": { - "workspaceipgroup": { - "resource_type": "workspaceipgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RevokeIpRules.html" - }, - "StartWorkspaces": { - "privilege": "StartWorkspaces", - "description": "Grants permission to start AutoStop WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_StartWorkspaces.html" - }, - "StopWorkspaces": { - "privilege": "StopWorkspaces", - "description": "Grants permission to stop AutoStop WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_StopWorkspaces.html" - }, - "Stream": { - "privilege": "Stream", - "description": "Grants permission to federated users to sign in by using their existing credentials and stream their workspace", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "workspaces:userId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_Stream.html" - }, - "TerminateWorkspaces": { - "privilege": "TerminateWorkspaces", - "description": "Grants permission to terminate WorkSpaces", - "access_level": "Write", - "resource_types": { - "workspaceid": { - "resource_type": "workspaceid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_TerminateWorkspaces.html" - }, - "UpdateConnectClientAddIn": { - "privilege": "UpdateConnectClientAddIn", - "description": "Grants permission to update an Amazon Connect client add-in. Use this action to update the name and endpoint URL of an Amazon Connect client add-in", - "access_level": "Write", - "resource_types": { - "directoryid": { - "resource_type": "directoryid", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateConnectClientAddIn.html" - }, - "UpdateConnectionAliasPermission": { - "privilege": "UpdateConnectionAliasPermission", - "description": "Grants permission to share or unshare connection aliases with other accounts", - "access_level": "Permissions management", - "resource_types": { - "connectionalias": { - "resource_type": "connectionalias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateConnectionAliasPermission.html" - }, - "UpdateRulesOfIpGroup": { - "privilege": "UpdateRulesOfIpGroup", - "description": "Grants permission to replace rules for IP access control groups", - "access_level": "Write", - "resource_types": { - "workspaceipgroup": { - "resource_type": "workspaceipgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateRulesOfIpGroup.html" - }, - "UpdateWorkspaceBundle": { - "privilege": "UpdateWorkspaceBundle", - "description": "Grants permission to update the WorkSpace images used in WorkSpace bundles", - "access_level": "Write", - "resource_types": { - "workspacebundle": { - "resource_type": "workspacebundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspaceimage": { - "resource_type": "workspaceimage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateWorkspaceBundle.html" - }, - "UpdateWorkspaceImagePermission": { - "privilege": "UpdateWorkspaceImagePermission", - "description": "Grants permission to share or unshare WorkSpace images with other accounts by specifying whether other accounts have permission to copy the image", - "access_level": "Permissions management", - "resource_types": { - "workspaceimage": { - "resource_type": "workspaceimage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateWorkspaceImagePermission.html" - } - }, - "resources": { - "directoryid": { - "resource": "directoryid", - "arn": "arn:${Partition}:workspaces:${Region}:${Account}:directory/${DirectoryId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workspacebundle": { - "resource": "workspacebundle", - "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspacebundle/${BundleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workspaceid": { - "resource": "workspaceid", - "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspace/${WorkspaceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workspaceimage": { - "resource": "workspaceimage", - "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspaceimage/${ImageId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workspaceipgroup": { - "resource": "workspaceipgroup", - "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspaceipgroup/${GroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "connectionalias": { - "resource": "connectionalias", - "arn": "arn:${Partition}:workspaces:${Region}:${Account}:connectionalias/${ConnectionAliasId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "workspaces:userId": { - "condition": "workspaces:userId", - "description": "Filters access by the ID of the Workspaces user", - "type": "String" - } - } - }, - "wam": { - "service_name": "Amazon WorkSpaces Application Manager", - "prefix": "wam", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspacesapplicationmanager.html", - "privileges": { - "AuthenticatePackager": { - "privilege": "AuthenticatePackager", - "description": "Allows the Amazon WAM packaging instance to access your application package catalog.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wam/latest/adminguide/iam.html" - } - }, - "resources": {}, - "conditions": {} - }, - "workspaces-web": { - "service_name": "Amazon WorkSpaces Web", - "prefix": "workspaces-web", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspacesweb.html", - "privileges": { - "AssociateBrowserSettings": { - "privilege": "AssociateBrowserSettings", - "description": "Grants permission to associate browser settings to web portals", - "access_level": "Write", - "resource_types": { - "browserSettings": { - "resource_type": "browserSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateBrowserSettings.html" - }, - "AssociateIpAccessSettings": { - "privilege": "AssociateIpAccessSettings", - "description": "Grants permission to associate ip access settings with web portals", - "access_level": "Write", - "resource_types": { - "ipAccessSettings": { - "resource_type": "ipAccessSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateIpAccessSettings.html" - }, - "AssociateNetworkSettings": { - "privilege": "AssociateNetworkSettings", - "description": "Grants permission to associate network settings to web portals", - "access_level": "Write", - "resource_types": { - "networkSettings": { - "resource_type": "networkSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:CreateNetworkInterfacePermission", - "ec2:CreateTags", - "ec2:DeleteNetworkInterface", - "ec2:DeleteNetworkInterfacePermission", - "ec2:ModifyNetworkInterfaceAttribute" - ] - }, - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateNetworkSettings.html" - }, - "AssociateTrustStore": { - "privilege": "AssociateTrustStore", - "description": "Grants permission to associate trust stores with web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "trustStore": { - "resource_type": "trustStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateTrustStore.html" - }, - "AssociateUserAccessLoggingSettings": { - "privilege": "AssociateUserAccessLoggingSettings", - "description": "Grants permission to associate user access logging settings with web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kinesis:PutRecord", - "kinesis:PutRecords" - ] - }, - "userAccessLoggingSettings": { - "resource_type": "userAccessLoggingSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateUserAccessLoggingSettings.html" - }, - "AssociateUserSettings": { - "privilege": "AssociateUserSettings", - "description": "Grants permission to associate user settings with web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "userSettings": { - "resource_type": "userSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateUserSettings.html" - }, - "CreateBrowserSettings": { - "privilege": "CreateBrowserSettings", - "description": "Grants permission to create browser settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateBrowserSettings.html" - }, - "CreateIdentityProvider": { - "privilege": "CreateIdentityProvider", - "description": "Grants permission to create identity providers", - "access_level": "Write", - "resource_types": { - "identityProvider": { - "resource_type": "identityProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateIdentityProvider.html" - }, - "CreateIpAccessSettings": { - "privilege": "CreateIpAccessSettings", - "description": "Grants permission to create ip access settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateIpAccessSettings.html" - }, - "CreateNetworkSettings": { - "privilege": "CreateNetworkSettings", - "description": "Grants permission to create network settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateNetworkSettings.html" - }, - "CreatePortal": { - "privilege": "CreatePortal", - "description": "Grants permission to create web portals", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreatePortal.html" - }, - "CreateTrustStore": { - "privilege": "CreateTrustStore", - "description": "Grants permission to create trust stores", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateTrustStore.html" - }, - "CreateUserAccessLoggingSettings": { - "privilege": "CreateUserAccessLoggingSettings", - "description": "Grants permission to create user access logging settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateUserAccessLoggingSettings.html" - }, - "CreateUserSettings": { - "privilege": "CreateUserSettings", - "description": "Grants permission to create user settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateUserSettings.html" - }, - "DeleteBrowserSettings": { - "privilege": "DeleteBrowserSettings", - "description": "Grants permission to delete browser settings", - "access_level": "Write", - "resource_types": { - "browserSettings": { - "resource_type": "browserSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteBrowserSettings.html" - }, - "DeleteIdentityProvider": { - "privilege": "DeleteIdentityProvider", - "description": "Grants permission to delete identity providers", - "access_level": "Write", - "resource_types": { - "identityProvider": { - "resource_type": "identityProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteIdentityProvider.html" - }, - "DeleteIpAccessSettings": { - "privilege": "DeleteIpAccessSettings", - "description": "Grants permission to delete ip access settings", - "access_level": "Write", - "resource_types": { - "ipAccessSettings": { - "resource_type": "ipAccessSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteIpAccessSettings.html" - }, - "DeleteNetworkSettings": { - "privilege": "DeleteNetworkSettings", - "description": "Grants permission to delete network settings", - "access_level": "Write", - "resource_types": { - "networkSettings": { - "resource_type": "networkSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteNetworkSettings.html" - }, - "DeletePortal": { - "privilege": "DeletePortal", - "description": "Grants permission to delete web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeletePortal.html" - }, - "DeleteTrustStore": { - "privilege": "DeleteTrustStore", - "description": "Grants permission to delete trust stores", - "access_level": "Write", - "resource_types": { - "trustStore": { - "resource_type": "trustStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteTrustStore.html" - }, - "DeleteUserAccessLoggingSettings": { - "privilege": "DeleteUserAccessLoggingSettings", - "description": "Grants permission to delete user access logging settings", - "access_level": "Write", - "resource_types": { - "userAccessLoggingSettings": { - "resource_type": "userAccessLoggingSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteUserAccessLoggingSettings.html" - }, - "DeleteUserSettings": { - "privilege": "DeleteUserSettings", - "description": "Grants permission to delete user settings", - "access_level": "Write", - "resource_types": { - "userSettings": { - "resource_type": "userSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteUserSettings.html" - }, - "DisassociateBrowserSettings": { - "privilege": "DisassociateBrowserSettings", - "description": "Grants permission to disassociate browser settings from web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateBrowserSettings.html" - }, - "DisassociateIpAccessSettings": { - "privilege": "DisassociateIpAccessSettings", - "description": "Grants permission to disassociate ip access logging from web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateIpAccessSettings.html" - }, - "DisassociateNetworkSettings": { - "privilege": "DisassociateNetworkSettings", - "description": "Grants permission to disassociate network settings from web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateNetworkSettings.html" - }, - "DisassociateTrustStore": { - "privilege": "DisassociateTrustStore", - "description": "Grants permission to disassociate trust stores from web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateTrustStore.html" - }, - "DisassociateUserAccessLoggingSettings": { - "privilege": "DisassociateUserAccessLoggingSettings", - "description": "Grants permission to disassociate user access logging settings from web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateUserAccessLoggingSettings.html" - }, - "DisassociateUserSettings": { - "privilege": "DisassociateUserSettings", - "description": "Grants permission to disassociate user settings from web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateUserSettings.html" - }, - "GetBrowserSettings": { - "privilege": "GetBrowserSettings", - "description": "Grants permission to get details on browser settings", - "access_level": "Read", - "resource_types": { - "browserSettings": { - "resource_type": "browserSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetBrowserSettings.html" - }, - "GetIdentityProvider": { - "privilege": "GetIdentityProvider", - "description": "Grants permission to get details on identity providers", - "access_level": "Read", - "resource_types": { - "identityProvider": { - "resource_type": "identityProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetIdentityProvider.html" - }, - "GetIpAccessSettings": { - "privilege": "GetIpAccessSettings", - "description": "Grants permission to get details on ip access settings", - "access_level": "Read", - "resource_types": { - "ipAccessSettings": { - "resource_type": "ipAccessSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetIpAccessSettings.html" - }, - "GetNetworkSettings": { - "privilege": "GetNetworkSettings", - "description": "Grants permission to get details on network settings", - "access_level": "Read", - "resource_types": { - "networkSettings": { - "resource_type": "networkSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetNetworkSettings.html" - }, - "GetPortal": { - "privilege": "GetPortal", - "description": "Grants permission to get details on web portals", - "access_level": "Read", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetPortal.html" - }, - "GetPortalServiceProviderMetadata": { - "privilege": "GetPortalServiceProviderMetadata", - "description": "Grants permission to get service provider metadata information for web portals", - "access_level": "Read", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetPortalServiceProviderMetadata.html" - }, - "GetTrustStore": { - "privilege": "GetTrustStore", - "description": "Grants permission to get details on trust stores", - "access_level": "Read", - "resource_types": { - "trustStore": { - "resource_type": "trustStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetTrustStore.html" - }, - "GetTrustStoreCertificate": { - "privilege": "GetTrustStoreCertificate", - "description": "Grants permission to get certificates from trust stores", - "access_level": "Read", - "resource_types": { - "trustStore": { - "resource_type": "trustStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetTrustStoreCertificate.html" - }, - "GetUserAccessLoggingSettings": { - "privilege": "GetUserAccessLoggingSettings", - "description": "Grants permission to get details on user access logging settings", - "access_level": "Read", - "resource_types": { - "userAccessLoggingSettings": { - "resource_type": "userAccessLoggingSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetUserAccessLoggingSettings.html" - }, - "GetUserSettings": { - "privilege": "GetUserSettings", - "description": "Grants permission to get details on user settings", - "access_level": "Read", - "resource_types": { - "userSettings": { - "resource_type": "userSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetUserSettings.html" - }, - "ListBrowserSettings": { - "privilege": "ListBrowserSettings", - "description": "Grants permission to list browser settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListBrowserSettings.html" - }, - "ListIdentityProviders": { - "privilege": "ListIdentityProviders", - "description": "Grants permission to list identity providers", - "access_level": "Read", - "resource_types": { - "identityProvider": { - "resource_type": "identityProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListIdentityProviders.html" - }, - "ListIpAccessSettings": { - "privilege": "ListIpAccessSettings", - "description": "Grants permission to list ip access settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListIpAccessSettings.html" - }, - "ListNetworkSettings": { - "privilege": "ListNetworkSettings", - "description": "Grants permission to list network settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListNetworkSettings.html" - }, - "ListPortals": { - "privilege": "ListPortals", - "description": "Grants permission to list web portals", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListPortals.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTrustStoreCertificates": { - "privilege": "ListTrustStoreCertificates", - "description": "Grants permission to list certificates in a trust store", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListTrustStoreCertificates.html" - }, - "ListTrustStores": { - "privilege": "ListTrustStores", - "description": "Grants permission to list trust stores", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListTrustStores.html" - }, - "ListUserAccessLoggingSettings": { - "privilege": "ListUserAccessLoggingSettings", - "description": "Grants permission to list user access logging settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListUserAccessLoggingSettings.html" - }, - "ListUserSettings": { - "privilege": "ListUserSettings", - "description": "Grants permission to list user settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListUserSettings.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a resource", - "access_level": "Tagging", - "resource_types": { - "browserSettings": { - "resource_type": "browserSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ipAccessSettings": { - "resource_type": "ipAccessSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "networkSettings": { - "resource_type": "networkSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trustStore": { - "resource_type": "trustStore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "userAccessLoggingSettings": { - "resource_type": "userAccessLoggingSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "userSettings": { - "resource_type": "userSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a resource", - "access_level": "Tagging", - "resource_types": { - "browserSettings": { - "resource_type": "browserSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ipAccessSettings": { - "resource_type": "ipAccessSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "networkSettings": { - "resource_type": "networkSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trustStore": { - "resource_type": "trustStore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "userAccessLoggingSettings": { - "resource_type": "userAccessLoggingSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "userSettings": { - "resource_type": "userSettings", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UntagResource.html" - }, - "UpdateBrowserSettings": { - "privilege": "UpdateBrowserSettings", - "description": "Grants permission to update browser settings", - "access_level": "Write", - "resource_types": { - "browserSettings": { - "resource_type": "browserSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateBrowserSettings.html" - }, - "UpdateIdentityProvider": { - "privilege": "UpdateIdentityProvider", - "description": "Grants permission to update identity provider", - "access_level": "Write", - "resource_types": { - "identityProvider": { - "resource_type": "identityProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateIdentityProvider.html" - }, - "UpdateIpAccessSettings": { - "privilege": "UpdateIpAccessSettings", - "description": "Grants permission to update ip access settings", - "access_level": "Write", - "resource_types": { - "ipAccessSettings": { - "resource_type": "ipAccessSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateIpAccessSettings.html" - }, - "UpdateNetworkSettings": { - "privilege": "UpdateNetworkSettings", - "description": "Grants permission to update network settings", - "access_level": "Write", - "resource_types": { - "networkSettings": { - "resource_type": "networkSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:CreateNetworkInterfacePermission", - "ec2:CreateTags", - "ec2:DeleteNetworkInterface", - "ec2:DeleteNetworkInterfacePermission", - "ec2:ModifyNetworkInterfaceAttribute" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateNetworkSettings.html" - }, - "UpdatePortal": { - "privilege": "UpdatePortal", - "description": "Grants permission to update web portals", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdatePortal.html" - }, - "UpdateTrustStore": { - "privilege": "UpdateTrustStore", - "description": "Grants permission to update trust stores", - "access_level": "Write", - "resource_types": { - "trustStore": { - "resource_type": "trustStore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateTrustStore.html" - }, - "UpdateUserAccessLoggingSettings": { - "privilege": "UpdateUserAccessLoggingSettings", - "description": "Grants permission to update user access logging settings", - "access_level": "Write", - "resource_types": { - "userAccessLoggingSettings": { - "resource_type": "userAccessLoggingSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kinesis:PutRecord", - "kinesis:PutRecords" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateUserAccessLoggingSettings.html" - }, - "UpdateUserSettings": { - "privilege": "UpdateUserSettings", - "description": "Grants permission to update user settings", - "access_level": "Write", - "resource_types": { - "userSettings": { - "resource_type": "userSettings", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateUserSettings.html" - } - }, - "resources": { - "browserSettings": { - "resource": "browserSettings", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:browserSettings/${BrowserSettingsId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "identityProvider": { - "resource": "identityProvider", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:identityProvider/${PortalId}/${IdentityProviderId}", - "condition_keys": [] - }, - "networkSettings": { - "resource": "networkSettings", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:networkSettings/${NetworkSettingsId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "portal": { - "resource": "portal", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:portal/${PortalId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "trustStore": { - "resource": "trustStore", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:trustStore/${TrustStoreId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "userSettings": { - "resource": "userSettings", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:userSettings/${UserSettingsId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "userAccessLoggingSettings": { - "resource": "userAccessLoggingSettings", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:userAccessLoggingSettings/${UserAccessLoggingSettingsId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ipAccessSettings": { - "resource": "ipAccessSettings", - "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:ipAccessSettings/${IpAccessSettingsId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "kafka-cluster": { - "service_name": "Apache Kafka APIs for Amazon MSK clusters", - "prefix": "kafka-cluster", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_apachekafkaapisforamazonmskclusters.html", - "privileges": { - "AlterCluster": { - "privilege": "AlterCluster", - "description": "Grants permission to alter various aspects of the cluster, equivalent to Apache Kafka's ALTER CLUSTER ACL", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeCluster" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "AlterClusterDynamicConfiguration": { - "privilege": "AlterClusterDynamicConfiguration", - "description": "Grants permission to alter the dynamic configuration of a cluster, equivalent to Apache Kafka's ALTER_CONFIGS CLUSTER ACL", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeClusterDynamicConfiguration" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "AlterGroup": { - "privilege": "AlterGroup", - "description": "Grants permission to join groups on a cluster, equivalent to Apache Kafka's READ GROUP ACL", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeGroup" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "AlterTopic": { - "privilege": "AlterTopic", - "description": "Grants permission to alter topics on a cluster, equivalent to Apache Kafka's ALTER TOPIC ACL", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeTopic" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "AlterTopicDynamicConfiguration": { - "privilege": "AlterTopicDynamicConfiguration", - "description": "Grants permission to alter the dynamic configuration of topics on a cluster, equivalent to Apache Kafka's ALTER_CONFIGS TOPIC ACL", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeTopicDynamicConfiguration" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "AlterTransactionalId": { - "privilege": "AlterTransactionalId", - "description": "Grants permission to alter transactional IDs on a cluster, equivalent to Apache Kafka's WRITE TRANSACTIONAL_ID ACL", - "access_level": "Write", - "resource_types": { - "transactional-id": { - "resource_type": "transactional-id", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeTransactionalId", - "kafka-cluster:WriteData" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "Connect": { - "privilege": "Connect", - "description": "Grants permission to connect and authenticate to the cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "CreateTopic": { - "privilege": "CreateTopic", - "description": "Grants permission to create topics on a cluster, equivalent to Apache Kafka's CREATE CLUSTER/TOPIC ACL", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete groups on a cluster, equivalent to Apache Kafka's DELETE GROUP ACL", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeGroup" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DeleteTopic": { - "privilege": "DeleteTopic", - "description": "Grants permission to delete topics on a cluster, equivalent to Apache Kafka's DELETE TOPIC ACL", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeTopic" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DescribeCluster": { - "privilege": "DescribeCluster", - "description": "Grants permission to describe various aspects of the cluster, equivalent to Apache Kafka's DESCRIBE CLUSTER ACL", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DescribeClusterDynamicConfiguration": { - "privilege": "DescribeClusterDynamicConfiguration", - "description": "Grants permission to describe the dynamic configuration of a cluster, equivalent to Apache Kafka's DESCRIBE_CONFIGS CLUSTER ACL", - "access_level": "List", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DescribeGroup": { - "privilege": "DescribeGroup", - "description": "Grants permission to describe groups on a cluster, equivalent to Apache Kafka's DESCRIBE GROUP ACL", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DescribeTopic": { - "privilege": "DescribeTopic", - "description": "Grants permission to describe topics on a cluster, equivalent to Apache Kafka's DESCRIBE TOPIC ACL", - "access_level": "List", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DescribeTopicDynamicConfiguration": { - "privilege": "DescribeTopicDynamicConfiguration", - "description": "Grants permission to describe the dynamic configuration of topics on a cluster, equivalent to Apache Kafka's DESCRIBE_CONFIGS TOPIC ACL", - "access_level": "List", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "DescribeTransactionalId": { - "privilege": "DescribeTransactionalId", - "description": "Grants permission to describe transactional IDs on a cluster, equivalent to Apache Kafka's DESCRIBE TRANSACTIONAL_ID ACL", - "access_level": "List", - "resource_types": { - "transactional-id": { - "resource_type": "transactional-id", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "ReadData": { - "privilege": "ReadData", - "description": "Grants permission to read data from topics on a cluster, equivalent to Apache Kafka's READ TOPIC ACL", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:AlterGroup", - "kafka-cluster:Connect", - "kafka-cluster:DescribeTopic" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "WriteData": { - "privilege": "WriteData", - "description": "Grants permission to write data to topics on a cluster, equivalent to Apache Kafka's WRITE TOPIC ACL", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:DescribeTopic" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - }, - "WriteDataIdempotently": { - "privilege": "WriteDataIdempotently", - "description": "Grants permission to write data idempotently on a cluster, equivalent to Apache Kafka's IDEMPOTENT_WRITE CLUSTER ACL", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kafka-cluster:Connect", - "kafka-cluster:WriteData" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" - } - }, - "resources": { - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:cluster/${ClusterName}/${ClusterUuid}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "topic": { - "resource": "topic", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:topic/${ClusterName}/${ClusterUuid}/${TopicName}", - "condition_keys": [] - }, - "group": { - "resource": "group", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:group/${ClusterName}/${ClusterUuid}/${GroupName}", - "condition_keys": [] - }, - "transactional-id": { - "resource": "transactional-id", - "arn": "arn:${Partition}:kafka:${Region}:${Account}:transactional-id/${ClusterName}/${ClusterUuid}/${TransactionalId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource. The resource tag context key will only apply to the cluster resource, not topics, groups and transactional IDs", - "type": "String" - } - } - }, - "discovery": { - "service_name": "Application Discovery", - "prefix": "discovery", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_applicationdiscovery.html", - "privileges": { - "AssociateConfigurationItemsToApplication": { - "privilege": "AssociateConfigurationItemsToApplication", - "description": "Grants permission to AssociateConfigurationItemsToApplication API. AssociateConfigurationItemsToApplication associates one or more configuration items with an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_AssociateConfigurationItemsToApplication.html" - }, - "BatchDeleteImportData": { - "privilege": "BatchDeleteImportData", - "description": "Grants permission to BatchDeleteImportData API. BatchDeleteImportData deletes one or more Migration Hub import tasks, each identified by their import ID. Each import task has a number of records, which can identify servers or applications", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_BatchDeleteImportData.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to CreateApplication API. CreateApplication creates an application with the given name and description", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_CreateApplication.html" - }, - "CreateTags": { - "privilege": "CreateTags", - "description": "Grants permission to CreateTags API. CreateTags creates one or more tags for configuration items. Tags are metadata that help you categorize IT assets. This API accepts a list of multiple configuration items", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_CreateTags.html" - }, - "DeleteApplications": { - "privilege": "DeleteApplications", - "description": "Grants permission to DeleteApplications API. DeleteApplications deletes a list of applications and their associations with configuration items", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DeleteApplications.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to DeleteTags API. DeleteTags deletes the association between configuration items and one or more tags. This API accepts a list of multiple configuration items", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DeleteTags.html" - }, - "DescribeAgents": { - "privilege": "DescribeAgents", - "description": "Grants permission to DescribeAgents API. DescribeAgents lists agents or the Connector by ID or lists all agents/Connectors associated with your user if you did not specify an ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeAgents.html" - }, - "DescribeConfigurations": { - "privilege": "DescribeConfigurations", - "description": "Grants permission to DescribeConfigurations API. DescribeConfigurations retrieves attributes for a list of configuration item IDs. All of the supplied IDs must be for the same asset type (server, application, process, or connection). Output fields are specific to the asset type selected. For example, the output for a server configuration item includes a list of attributes about the server, such as host name, operating system, and number of network cards", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeConfigurations.html" - }, - "DescribeContinuousExports": { - "privilege": "DescribeContinuousExports", - "description": "Grants permission to DescribeContinuousExports API. DescribeContinuousExports lists exports as specified by ID. All continuous exports associated with your user can be listed if you call DescribeContinuousExports as is without passing any parameters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeContinuousExports.html" - }, - "DescribeExportConfigurations": { - "privilege": "DescribeExportConfigurations", - "description": "Grants permission to DescribeExportConfigurations API. DescribeExportConfigurations retrieves the status of a given export process. You can retrieve status from a maximum of 100 processes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeExportConfigurations.html" - }, - "DescribeExportTasks": { - "privilege": "DescribeExportTasks", - "description": "Grants permission to DescribeExportTasks API. DescribeExportTasks retrieve status of one or more export tasks. You can retrieve the status of up to 100 export tasks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeExportTasks.html" - }, - "DescribeImportTasks": { - "privilege": "DescribeImportTasks", - "description": "Grants permission to DescribeImportTasks API. DescribeImportTasks returns an array of import tasks for your user, including status information, times, IDs, the Amazon S3 Object URL for the import file, and more", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeImportTasks.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to DescribeTags API. DescribeTags retrieves a list of configuration items that are tagged with a specific tag. Or retrieves a list of all tags assigned to a specific configuration item", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeTags.html" - }, - "DisassociateConfigurationItemsFromApplication": { - "privilege": "DisassociateConfigurationItemsFromApplication", - "description": "Grants permission to DisassociateConfigurationItemsFromApplication API. DisassociateConfigurationItemsFromApplication disassociates one or more configuration items from an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DisassociateConfigurationItemsFromApplication.html" - }, - "ExportConfigurations": { - "privilege": "ExportConfigurations", - "description": "Grants permission to ExportConfigurations API. ExportConfigurations exports all discovered configuration data to an Amazon S3 bucket or an application that enables you to view and evaluate the data. Data includes tags and tag associations, processes, connections, servers, and system performance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_ExportConfigurations.html" - }, - "GetDiscoverySummary": { - "privilege": "GetDiscoverySummary", - "description": "Grants permission to GetDiscoverySummary API. GetDiscoverySummary retrieves a short summary of discovered assets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_GetDiscoverySummary.html" - }, - "ListConfigurations": { - "privilege": "ListConfigurations", - "description": "Grants permission to ListConfigurations API. ListConfigurations retrieves a list of configuration items according to criteria you specify in a filter. The filter criteria identify relationship requirements", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_ListConfigurations.html" - }, - "ListServerNeighbors": { - "privilege": "ListServerNeighbors", - "description": "Grants permission to ListServerNeighbors API. ListServerNeighbors retrieves a list of servers which are one network hop away from a specified server", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_ListServerNeighbors.html" - }, - "StartContinuousExport": { - "privilege": "StartContinuousExport", - "description": "Grants permission to StartContinuousExport API. StartContinuousExport start the continuous flow of agent's discovered data into Amazon Athena", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:AttachRolePolicy", - "iam:CreatePolicy", - "iam:CreateRole", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartContinuousExport.html" - }, - "StartDataCollectionByAgentIds": { - "privilege": "StartDataCollectionByAgentIds", - "description": "Grants permission to StartDataCollectionByAgentIds API. StartDataCollectionByAgentIds instructs the specified agents or Connectors to start collecting data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartDataCollectionByAgentIds.html" - }, - "StartExportTask": { - "privilege": "StartExportTask", - "description": "Grants permission to StartExportTask API. StartExportTask export the configuration data about discovered configuration items and relationships to an S3 bucket in a specified format", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartExportTask.html" - }, - "StartImportTask": { - "privilege": "StartImportTask", - "description": "Grants permission to StartImportTask API. StartImportTask starts an import task. The Migration Hub import feature allows you to import details of your on-premises environment directly into AWS without having to use the Application Discovery Service (ADS) tools such as the Discovery Connector or Discovery Agent. This gives you the option to perform migration assessment and planning directly from your imported data including the ability to group your devices as applications and track their migration status", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "discovery:AssociateConfigurationItemsToApplication", - "discovery:CreateApplication", - "discovery:CreateTags", - "discovery:GetDiscoverySummary", - "discovery:ListConfigurations", - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartImportTask.html" - }, - "StopContinuousExport": { - "privilege": "StopContinuousExport", - "description": "Grants permission to StopContinuousExport API. StopContinuousExport stops the continuous flow of agent's discovered data into Amazon Athena", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StopContinuousExport.html" - }, - "StopDataCollectionByAgentIds": { - "privilege": "StopDataCollectionByAgentIds", - "description": "Grants permission to StopDataCollectionByAgentIds API. StopDataCollectionByAgentIds instructs the specified agents or Connectors to stop collecting data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StopDataCollectionByAgentIds.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to UpdateApplication API. UpdateApplication updates metadata about an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_UpdateApplication.html" - }, - "GetNetworkConnectionGraph": { - "privilege": "GetNetworkConnectionGraph", - "description": "Grants permission to GetNetworkConnectionGraph API. GetNetworkConnectionGraph accepts input list of one of - Ip Addresses, server ids or node ids. Returns a list of nodes and edges which help customer visualize network connection graph. This API is used for visualize network graph functionality in MigrationHub console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_GetNetworkConnectionGraph.html" - } - }, - "resources": {}, - "conditions": { - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "arsenal": { - "service_name": "Application Discovery Arsenal", - "prefix": "arsenal", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_applicationdiscoveryarsenal.html", - "privileges": { - "RegisterOnPremisesAgent": { - "privilege": "RegisterOnPremisesAgent", - "description": "Grants permission to register AWS provided data collectors to the Application Discovery Service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/userguide/setting-up.html" - } - }, - "resources": {}, - "conditions": {} - }, - "account": { - "service_name": "AWS Account Management", - "prefix": "account", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsaccountmanagement.html", - "privileges": { - "CloseAccount": { - "privilege": "CloseAccount", - "description": "Grants permission to close an account", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" - }, - "DeleteAlternateContact": { - "privilege": "DeleteAlternateContact", - "description": "Grants permission to delete the alternate contacts for an account", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "account:AlternateContactTypes" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_DeleteAlternateContact.html" - }, - "DisableRegion": { - "privilege": "DisableRegion", - "description": "Grants permission to disable use of a Region", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "account:TargetRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_DisableRegion.html" - }, - "EnableRegion": { - "privilege": "EnableRegion", - "description": "Grants permission to enable use of a Region", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "account:TargetRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_EnableRegion.html" - }, - "GetAccountInformation": { - "privilege": "GetAccountInformation", - "description": "Grants permission to retrieve the account information for an account", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" - }, - "GetAlternateContact": { - "privilege": "GetAlternateContact", - "description": "Grants permission to retrieve the alternate contacts for an account", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "account:AlternateContactTypes" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_GetAlternateContact.html" - }, - "GetChallengeQuestions": { - "privilege": "GetChallengeQuestions", - "description": "Grants permission to retrieve the challenge questions for an account", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" - }, - "GetContactInformation": { - "privilege": "GetContactInformation", - "description": "Grants permission to retrieve the primary contact information for an account", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_GetContactInformation.html" - }, - "GetRegionOptStatus": { - "privilege": "GetRegionOptStatus", - "description": "Grants permission to get the opt-in status of a Region", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "account:TargetRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_GetRegionOptStatus.html" - }, - "ListRegions": { - "privilege": "ListRegions", - "description": "Grants permission to list the available Regions", - "access_level": "List", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_ListRegions.html" - }, - "PutAlternateContact": { - "privilege": "PutAlternateContact", - "description": "Grants permission to modify the alternate contacts for an account", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "account:AlternateContactTypes" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_PutAlternateContact.html" - }, - "PutChallengeQuestions": { - "privilege": "PutChallengeQuestions", - "description": "Grants permission to modify the challenge questions for an account", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" - }, - "PutContactInformation": { - "privilege": "PutContactInformation", - "description": "Grants permission to update the primary contact information for an account", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "accountInOrganization": { - "resource_type": "accountInOrganization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_PutContactInformation.html" - } - }, - "resources": { - "account": { - "resource": "account", - "arn": "arn:${Partition}:account::${Account}:account", - "condition_keys": [] - }, - "accountInOrganization": { - "resource": "accountInOrganization", - "arn": "arn:${Partition}:account::${ManagementAccountId}:account/o-${OrganizationId}/${MemberAccountId}", - "condition_keys": [] - } - }, - "conditions": { - "account:AccountResourceOrgPaths": { - "condition": "account:AccountResourceOrgPaths", - "description": "Filters access by the resource path for an account in an organization", - "type": "ArrayOfString" - }, - "account:AccountResourceOrgTags/${TagKey}": { - "condition": "account:AccountResourceOrgTags/${TagKey}", - "description": "Filters access by resource tags for an account in an organization", - "type": "ArrayOfString" - }, - "account:AlternateContactTypes": { - "condition": "account:AlternateContactTypes", - "description": "Filters access by alternate contact types", - "type": "ArrayOfString" - }, - "account:TargetRegion": { - "condition": "account:TargetRegion", - "description": "Filters access by a list of Regions. Enables or disables all the Regions specified here", - "type": "String" - } - } - }, - "activate": { - "service_name": "AWS Activate", - "prefix": "activate", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsactivate.html", - "privileges": { - "CreateForm": { - "privilege": "CreateForm", - "description": "Grants permission to submit an Activate application form", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - }, - "GetAccountContact": { - "privilege": "GetAccountContact", - "description": "Grants permission to get the AWS account contact information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - }, - "GetContentInfo": { - "privilege": "GetContentInfo", - "description": "Grants permission to get Activate tech posts and offer information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - }, - "GetCosts": { - "privilege": "GetCosts", - "description": "Grants permission to get the AWS cost information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - }, - "GetCredits": { - "privilege": "GetCredits", - "description": "Grants permission to get the AWS credit information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - }, - "GetMemberInfo": { - "privilege": "GetMemberInfo", - "description": "Grants permission to get the Activate member information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - }, - "GetProgram": { - "privilege": "GetProgram", - "description": "Grants permission to get an Activate program", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - }, - "PutMemberInfo": { - "privilege": "PutMemberInfo", - "description": "Grants permission to create or update the Activate member information", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/" - } - }, - "resources": {}, - "conditions": {} - }, - "amplify": { - "service_name": "AWS Amplify", - "prefix": "amplify", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsamplify.html", - "privileges": { - "CreateApp": { - "privilege": "CreateApp", - "description": "Grants permission to create a new Amplify App", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "CreateBackendEnvironment": { - "privilege": "CreateBackendEnvironment", - "description": "Grants permission to create a new backend environment for an Amplify App", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "CreateBranch": { - "privilege": "CreateBranch", - "description": "Grants permission to create a new Branch for an Amplify App", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "CreateDeployment": { - "privilege": "CreateDeployment", - "description": "Grants permission to create a deployment for manual deploy apps. (Apps are not connected to repository)", - "access_level": "Write", - "resource_types": { - "branches": { - "resource_type": "branches", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "CreateDomainAssociation": { - "privilege": "CreateDomainAssociation", - "description": "Grants permission to create a new DomainAssociation on an App", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "CreateWebHook": { - "privilege": "CreateWebHook", - "description": "Grants permission to create a new webhook on an App", - "access_level": "Write", - "resource_types": { - "branches": { - "resource_type": "branches", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Grants permission to delete an existing Amplify App by appId", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "DeleteBackendEnvironment": { - "privilege": "DeleteBackendEnvironment", - "description": "Grants permission to delete a branch for an Amplify App", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "DeleteBranch": { - "privilege": "DeleteBranch", - "description": "Grants permission to delete a branch for an Amplify App", - "access_level": "Write", - "resource_types": { - "branches": { - "resource_type": "branches", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "DeleteDomainAssociation": { - "privilege": "DeleteDomainAssociation", - "description": "Grants permission to delete a DomainAssociation", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "DeleteJob": { - "privilege": "DeleteJob", - "description": "Grants permission to delete a job, for an Amplify branch, part of Amplify App", - "access_level": "Write", - "resource_types": { - "jobs": { - "resource_type": "jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "DeleteWebHook": { - "privilege": "DeleteWebHook", - "description": "Grants permission to delete a webhook by id", - "access_level": "Write", - "resource_types": { - "webhooks": { - "resource_type": "webhooks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GenerateAccessLogs": { - "privilege": "GenerateAccessLogs", - "description": "Grants permission to generate website access logs for a specific time range via a pre-signed URL", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GetApp": { - "privilege": "GetApp", - "description": "Grants permission to retrieve an existing Amplify App by appId", - "access_level": "Read", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GetArtifactUrl": { - "privilege": "GetArtifactUrl", - "description": "Grants permission to retrieve artifact info that corresponds to a artifactId", - "access_level": "Read", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GetBackendEnvironment": { - "privilege": "GetBackendEnvironment", - "description": "Grants permission to retrieve a backend environment for an Amplify App", - "access_level": "Read", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GetBranch": { - "privilege": "GetBranch", - "description": "Grants permission to retrieve a branch for an Amplify App", - "access_level": "Read", - "resource_types": { - "branches": { - "resource_type": "branches", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GetDomainAssociation": { - "privilege": "GetDomainAssociation", - "description": "Grants permission to retrieve domain info that corresponds to an appId and domainName", - "access_level": "Read", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GetJob": { - "privilege": "GetJob", - "description": "Grants permission to get a job for a branch, part of an Amplify App", - "access_level": "Read", - "resource_types": { - "jobs": { - "resource_type": "jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "GetWebHook": { - "privilege": "GetWebHook", - "description": "Grants permission to retrieve webhook info that corresponds to a webhookId", - "access_level": "Read", - "resource_types": { - "webhooks": { - "resource_type": "webhooks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListApps": { - "privilege": "ListApps", - "description": "Grants permission to list existing Amplify Apps", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListArtifacts": { - "privilege": "ListArtifacts", - "description": "Grants permission to list artifacts with an app, a branch, a job and an artifact type", - "access_level": "List", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListBackendEnvironments": { - "privilege": "ListBackendEnvironments", - "description": "Grants permission to list backend environments for an Amplify App", - "access_level": "List", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListBranches": { - "privilege": "ListBranches", - "description": "Grants permission to list branches for an Amplify App", - "access_level": "List", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListDomainAssociations": { - "privilege": "ListDomainAssociations", - "description": "Grants permission to list domains with an app", - "access_level": "List", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list Jobs for a branch, part of an Amplify App", - "access_level": "List", - "resource_types": { - "branches": { - "resource_type": "branches", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS Amplify Console resource", - "access_level": "Read", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "branches": { - "resource_type": "branches", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobs": { - "resource_type": "jobs", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "ListWebHooks": { - "privilege": "ListWebHooks", - "description": "Grants permission to list webhooks on an App", - "access_level": "List", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "StartDeployment": { - "privilege": "StartDeployment", - "description": "Grants permission to start a deployment for manual deploy apps. (Apps are not connected to repository)", - "access_level": "Write", - "resource_types": { - "branches": { - "resource_type": "branches", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "StartJob": { - "privilege": "StartJob", - "description": "Grants permission to start a new job for a branch, part of an Amplify App", - "access_level": "Write", - "resource_types": { - "jobs": { - "resource_type": "jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "StopJob": { - "privilege": "StopJob", - "description": "Grants permission to stop a job that is in progress, for an Amplify branch, part of Amplify App", - "access_level": "Write", - "resource_types": { - "jobs": { - "resource_type": "jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS Amplify Console resource", - "access_level": "Tagging", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "branches": { - "resource_type": "branches", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobs": { - "resource_type": "jobs", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an AWS Amplify Console resource", - "access_level": "Tagging", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "branches": { - "resource_type": "branches", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobs": { - "resource_type": "jobs", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "UpdateApp": { - "privilege": "UpdateApp", - "description": "Grants permission to update an existing Amplify App", - "access_level": "Write", - "resource_types": { - "apps": { - "resource_type": "apps", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "UpdateBranch": { - "privilege": "UpdateBranch", - "description": "Grants permission to update a branch for an Amplify App", - "access_level": "Write", - "resource_types": { - "branches": { - "resource_type": "branches", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "UpdateDomainAssociation": { - "privilege": "UpdateDomainAssociation", - "description": "Grants permission to update a DomainAssociation on an App", - "access_level": "Write", - "resource_types": { - "domains": { - "resource_type": "domains", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - }, - "UpdateWebHook": { - "privilege": "UpdateWebHook", - "description": "Grants permission to update a webhook", - "access_level": "Write", - "resource_types": { - "webhooks": { - "resource_type": "webhooks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" - } - }, - "resources": { - "apps": { - "resource": "apps", - "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "branches": { - "resource": "branches", - "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}/branches/${BranchName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "jobs": { - "resource": "jobs", - "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}/branches/${BranchName}/jobs/${JobId}", - "condition_keys": [] - }, - "domains": { - "resource": "domains", - "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}/domains/${DomainName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "webhooks": { - "resource": "webhooks", - "arn": "arn:${Partition}:amplify:${Region}:${Account}:webhooks/${WebhookId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag's key associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - } - } - }, - "amplifybackend": { - "service_name": "AWS Amplify Admin", - "prefix": "amplifybackend", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsamplifyadmin.html", - "privileges": { - "CloneBackend": { - "privilege": "CloneBackend", - "description": "Grants permission to clone an existing Amplify Admin backend environment into a new Amplify Admin backend enviroment", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-environments-backendenvironmentname-clone.html#CloneBackend" - }, - "CreateBackend": { - "privilege": "CreateBackend", - "description": "Grants permission to create a new Amplify Admin backend environment by Amplify appId", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend.html#CreateBackend" - }, - "CreateBackendAPI": { - "privilege": "CreateBackendAPI", - "description": "Grants permission to create an API for an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "api": { - "resource_type": "api", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api.html#CreateBackendAPI" - }, - "CreateBackendAuth": { - "privilege": "CreateBackendAuth", - "description": "Grants permission to create an auth resource for an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "auth": { - "resource_type": "auth", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth.html#CreateBackendAuth" - }, - "CreateBackendConfig": { - "privilege": "CreateBackendConfig", - "description": "Grants permission to create a new Amplify Admin backend config by Amplify appId", - "access_level": "Write", - "resource_types": { - "config": { - "resource_type": "config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-config.html#CreateBackendConfig" - }, - "CreateBackendStorage": { - "privilege": "CreateBackendStorage", - "description": "Grants permission to create a backend storage resource", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#CreateBackendStorage" - }, - "CreateToken": { - "privilege": "CreateToken", - "description": "Grants permission to create an Amplify Admin challenge token by appId", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-challenge.html#CreateToken" - }, - "DeleteBackend": { - "privilege": "DeleteBackend", - "description": "Grants permission to delete an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-environments-backendenvironmentname-remove.html#DeleteBackend" - }, - "DeleteBackendAPI": { - "privilege": "DeleteBackendAPI", - "description": "Grants permission to delete an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "api": { - "resource_type": "api", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-remove.html#DeleteBackendAPI" - }, - "DeleteBackendAuth": { - "privilege": "DeleteBackendAuth", - "description": "Grants permission to delete an auth resource of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "auth": { - "resource_type": "auth", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname-remove.html#DeleteBackendAuth" - }, - "DeleteBackendStorage": { - "privilege": "DeleteBackendStorage", - "description": "Grants permission to delete a backend storage resource", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "storage": { - "resource_type": "storage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#DeleteBackendStorage" - }, - "DeleteToken": { - "privilege": "DeleteToken", - "description": "Grants permission to delete an Amplify Admin challenge token by appId", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-challenge-sessionid-remove.html#DeleteToken" - }, - "GenerateBackendAPIModels": { - "privilege": "GenerateBackendAPIModels", - "description": "Grants permission to generate models for an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "api": { - "resource_type": "api", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-generatemodels.html#GenerateBackendAPIModels" - }, - "GetBackend": { - "privilege": "GetBackend", - "description": "Grants permission to retrieve an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Read", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-details.html#GetBackend" - }, - "GetBackendAPI": { - "privilege": "GetBackendAPI", - "description": "Grants permission to retrieve an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Read", - "resource_types": { - "api": { - "resource_type": "api", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-details.html#GetBackendAPI" - }, - "GetBackendAPIModels": { - "privilege": "GetBackendAPIModels", - "description": "Grants permission to retrieve models for an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Read", - "resource_types": { - "api": { - "resource_type": "api", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-getmodels.html#GetBackendAPIModels" - }, - "GetBackendAuth": { - "privilege": "GetBackendAuth", - "description": "Grants permission to retrieve an auth resource of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Read", - "resource_types": { - "auth": { - "resource_type": "auth", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname-details.html#GetBackendAuth" - }, - "GetBackendJob": { - "privilege": "GetBackendJob", - "description": "Grants permission to retrieve a job of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Read", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-job-backendenvironmentname-jobid.html#GetBackendJob" - }, - "GetBackendStorage": { - "privilege": "GetBackendStorage", - "description": "Grants permission to retrieve an existing backend storage resource", - "access_level": "Read", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#GetBackendStorage" - }, - "GetToken": { - "privilege": "GetToken", - "description": "Grants permission to retrieve an Amplify Admin challenge token by appId", - "access_level": "Read", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-challenge-sessionid.html#GetToken" - }, - "ImportBackendAuth": { - "privilege": "ImportBackendAuth", - "description": "Grants permission to import an existing auth resource of an Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "auth": { - "resource_type": "auth", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname.html#ImportBackendAuth" - }, - "ImportBackendStorage": { - "privilege": "ImportBackendStorage", - "description": "Grants permission to import an existing backend storage resource", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "storage": { - "resource_type": "storage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#ImportBackendStorage" - }, - "ListBackendJobs": { - "privilege": "ListBackendJobs", - "description": "Grants permission to retrieve the jobs of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "List", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-job-backendenvironmentname.html#ListBackendJobs" - }, - "ListS3Buckets": { - "privilege": "ListS3Buckets", - "description": "Grants permission to retrieve s3 buckets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#ListS3Buckets" - }, - "RemoveAllBackends": { - "privilege": "RemoveAllBackends", - "description": "Grants permission to delete all existing Amplify Admin backend environments by appId", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-remove.html#RemoveAllBackends" - }, - "RemoveBackendConfig": { - "privilege": "RemoveBackendConfig", - "description": "Grants permission to delete an Amplify Admin backend config by Amplify appId", - "access_level": "Write", - "resource_types": { - "config": { - "resource_type": "config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-config-remove.html#RemoveBackendConfig" - }, - "UpdateBackendAPI": { - "privilege": "UpdateBackendAPI", - "description": "Grants permission to update an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "api": { - "resource_type": "api", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname.html#UpdateBackendAPI" - }, - "UpdateBackendAuth": { - "privilege": "UpdateBackendAuth", - "description": "Grants permission to update an auth resource of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "auth": { - "resource_type": "auth", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname.html#UpdateBackendAuth" - }, - "UpdateBackendConfig": { - "privilege": "UpdateBackendConfig", - "description": "Grants permission to update an Amplify Admin backend config by Amplify appId", - "access_level": "Write", - "resource_types": { - "config": { - "resource_type": "config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-config-update.html#UpdateBackendConfig" - }, - "UpdateBackendJob": { - "privilege": "UpdateBackendJob", - "description": "Grants permission to update a job of an existing Amplify Admin backend environment by appId and backendEnvironmentName", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-job-backendenvironmentname-jobid.html#UpdateBackendJob" - }, - "UpdateBackendStorage": { - "privilege": "UpdateBackendStorage", - "description": "Grants permission to update a backend storage resource", - "access_level": "Write", - "resource_types": { - "backend": { - "resource_type": "backend", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "storage": { - "resource_type": "storage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#UpdateBackendStorage" - } - }, - "resources": { - "backend": { - "resource": "backend", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}", - "condition_keys": [] - }, - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/environments", - "condition_keys": [] - }, - "api": { - "resource": "api", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/api", - "condition_keys": [] - }, - "auth": { - "resource": "auth", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/auth", - "condition_keys": [] - }, - "job": { - "resource": "job", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/job", - "condition_keys": [] - }, - "config": { - "resource": "config", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/config/*", - "condition_keys": [] - }, - "token": { - "resource": "token", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/token", - "condition_keys": [] - }, - "storage": { - "resource": "storage", - "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/storage", - "condition_keys": [] - } - }, - "conditions": {} - }, - "amplifyuibuilder": { - "service_name": "AWS Amplify UI Builder", - "prefix": "amplifyuibuilder", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsamplifyuibuilder.html", - "privileges": { - "CreateComponent": { - "privilege": "CreateComponent", - "description": "Grants permission to create a component", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_CreateComponent.html" - }, - "CreateForm": { - "privilege": "CreateForm", - "description": "Grants permission to create a form", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_CreateForm.html" - }, - "CreateTheme": { - "privilege": "CreateTheme", - "description": "Grants permission to create a theme", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_CreateTheme.html" - }, - "DeleteComponent": { - "privilege": "DeleteComponent", - "description": "Grants permission to delete a component", - "access_level": "Write", - "resource_types": { - "ComponentResource": { - "resource_type": "ComponentResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_DeleteComponent.html" - }, - "DeleteForm": { - "privilege": "DeleteForm", - "description": "Grants permission to delete a form", - "access_level": "Write", - "resource_types": { - "FormResource": { - "resource_type": "FormResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_DeleteForm.html" - }, - "DeleteTheme": { - "privilege": "DeleteTheme", - "description": "Grants permission to delete a theme", - "access_level": "Write", - "resource_types": { - "ThemeResource": { - "resource_type": "ThemeResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_DeleteTheme.html" - }, - "ExportComponents": { - "privilege": "ExportComponents", - "description": "Grants permission to export components", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportComponents.html" - }, - "ExportForms": { - "privilege": "ExportForms", - "description": "Grants permission to export forms", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportForms.html" - }, - "ExportThemes": { - "privilege": "ExportThemes", - "description": "Grants permission to export themes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportThemes.html" - }, - "GetComponent": { - "privilege": "GetComponent", - "description": "Grants permission to get an existing component", - "access_level": "Read", - "resource_types": { - "ComponentResource": { - "resource_type": "ComponentResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetComponent.html" - }, - "GetForm": { - "privilege": "GetForm", - "description": "Grants permission to get an existing form", - "access_level": "Read", - "resource_types": { - "FormResource": { - "resource_type": "FormResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetForm.html" - }, - "GetMetadata": { - "privilege": "GetMetadata", - "description": "Grants permission to get an existing metadata", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetMetadata.html" - }, - "GetTheme": { - "privilege": "GetTheme", - "description": "Grants permission to get an existing theme", - "access_level": "Read", - "resource_types": { - "ThemeResource": { - "resource_type": "ThemeResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetTheme.html" - }, - "ListComponents": { - "privilege": "ListComponents", - "description": "Grants permission to list components", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListComponents.html" - }, - "ListForms": { - "privilege": "ListForms", - "description": "Grants permission to list forms", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListForms.html" - }, - "ListThemes": { - "privilege": "ListThemes", - "description": "Grants permission to list themes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListThemes.html" - }, - "PutMetadataFlag": { - "privilege": "PutMetadataFlag", - "description": "Grants permission to put an existing metadata", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_PutMetadataFlag.html" - }, - "ResetMetadataFlag": { - "privilege": "ResetMetadataFlag", - "description": "Grants permission to reset an existing metadata", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ResetMetadataFlag.html" - }, - "UpdateComponent": { - "privilege": "UpdateComponent", - "description": "Grants permission to update a component", - "access_level": "Write", - "resource_types": { - "ComponentResource": { - "resource_type": "ComponentResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_UpdateComponent.html" - }, - "UpdateForm": { - "privilege": "UpdateForm", - "description": "Grants permission to update a form", - "access_level": "Write", - "resource_types": { - "FormResource": { - "resource_type": "FormResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_UpdateForm.html" - }, - "UpdateTheme": { - "privilege": "UpdateTheme", - "description": "Grants permission to update a theme", - "access_level": "Write", - "resource_types": { - "ThemeResource": { - "resource_type": "ThemeResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "amplify:GetApp" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_UpdateTheme.html" - } - }, - "resources": { - "ComponentResource": { - "resource": "ComponentResource", - "arn": "arn:${Partition}:amplifyuibuilder:${Region}:${Account}:app/${AppId}/environment/${EnvironmentName}/components/${Id}", - "condition_keys": [ - "amplifyuibuilder:ComponentResourceAppId", - "amplifyuibuilder:ComponentResourceEnvironmentName", - "amplifyuibuilder:ComponentResourceId", - "aws:ResourceTag/${TagKey}" - ] - }, - "FormResource": { - "resource": "FormResource", - "arn": "arn:${Partition}:amplifyuibuilder:${Region}:${Account}:app/${AppId}/environment/${EnvironmentName}/forms/${Id}", - "condition_keys": [ - "amplifyuibuilder:FormResourceAppId", - "amplifyuibuilder:FormResourceEnvironmentName", - "amplifyuibuilder:FormResourceId", - "aws:ResourceTag/${TagKey}" - ] - }, - "ThemeResource": { - "resource": "ThemeResource", - "arn": "arn:${Partition}:amplifyuibuilder:${Region}:${Account}:app/${AppId}/environment/${EnvironmentName}/themes/${Id}", - "condition_keys": [ - "amplifyuibuilder:ThemeResourceAppId", - "amplifyuibuilder:ThemeResourceEnvironmentName", - "amplifyuibuilder:ThemeResourceId", - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "amplifyuibuilder:ComponentResourceAppId": { - "condition": "amplifyuibuilder:ComponentResourceAppId", - "description": "Filters access by the app ID", - "type": "String" - }, - "amplifyuibuilder:ComponentResourceEnvironmentName": { - "condition": "amplifyuibuilder:ComponentResourceEnvironmentName", - "description": "Filters access by the backend environment name", - "type": "String" - }, - "amplifyuibuilder:ComponentResourceId": { - "condition": "amplifyuibuilder:ComponentResourceId", - "description": "Filters access by the component ID", - "type": "String" - }, - "amplifyuibuilder:FormResourceAppId": { - "condition": "amplifyuibuilder:FormResourceAppId", - "description": "Filters access by the app ID", - "type": "String" - }, - "amplifyuibuilder:FormResourceEnvironmentName": { - "condition": "amplifyuibuilder:FormResourceEnvironmentName", - "description": "Filters access by the backend environment name", - "type": "String" - }, - "amplifyuibuilder:FormResourceId": { - "condition": "amplifyuibuilder:FormResourceId", - "description": "Filters access by the form ID", - "type": "String" - }, - "amplifyuibuilder:ThemeResourceAppId": { - "condition": "amplifyuibuilder:ThemeResourceAppId", - "description": "Filters access by the app ID", - "type": "String" - }, - "amplifyuibuilder:ThemeResourceEnvironmentName": { - "condition": "amplifyuibuilder:ThemeResourceEnvironmentName", - "description": "Filters access by the backend environment name", - "type": "String" - }, - "amplifyuibuilder:ThemeResourceId": { - "condition": "amplifyuibuilder:ThemeResourceId", - "description": "Filters access by the theme ID", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "a2c": { - "service_name": "AWS App2Container", - "prefix": "a2c", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapp2container.html", - "privileges": { - "GetContainerizationJobDetails": { - "privilege": "GetContainerizationJobDetails", - "description": "Grants permission to get the details of all Containerization jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" - }, - "GetDeploymentJobDetails": { - "privilege": "GetDeploymentJobDetails", - "description": "Grants permission to get the details of all Deployment jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" - }, - "StartContainerizationJob": { - "privilege": "StartContainerizationJob", - "description": "Grants permission to start a Containerization job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" - }, - "StartDeploymentJob": { - "privilege": "StartDeploymentJob", - "description": "Grants permission to start a Deploymnet job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" - } - }, - "resources": {}, - "conditions": {} - }, - "appconfig": { - "service_name": "AWS AppConfig", - "prefix": "appconfig", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappconfig.html", - "privileges": { - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateApplication.html" - }, - "CreateConfigurationProfile": { - "privilege": "CreateConfigurationProfile", - "description": "Grants permission to create a configuration profile", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateConfigurationProfile.html" - }, - "CreateDeploymentStrategy": { - "privilege": "CreateDeploymentStrategy", - "description": "Grants permission to create a deployment strategy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateDeploymentStrategy.html" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to create an environment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateEnvironment.html" - }, - "CreateExtension": { - "privilege": "CreateExtension", - "description": "Grants permission to create an extension", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateExtension.html" - }, - "CreateExtensionAssociation": { - "privilege": "CreateExtensionAssociation", - "description": "Grants permission to create an extension association", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateExtensionAssociation.html" - }, - "CreateHostedConfigurationVersion": { - "privilege": "CreateHostedConfigurationVersion", - "description": "Grants permission to create a hosted configuration version", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateHostedConfigurationVersion.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteApplication.html" - }, - "DeleteConfigurationProfile": { - "privilege": "DeleteConfigurationProfile", - "description": "Grants permission to delete a configuration profile", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteConfigurationProfile.html" - }, - "DeleteDeploymentStrategy": { - "privilege": "DeleteDeploymentStrategy", - "description": "Grants permission to delete a deployment strategy", - "access_level": "Write", - "resource_types": { - "deploymentstrategy": { - "resource_type": "deploymentstrategy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteDeploymentStrategy.html" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete an environment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteEnvironment.html" - }, - "DeleteExtension": { - "privilege": "DeleteExtension", - "description": "Grants permission to delete an extension", - "access_level": "Write", - "resource_types": { - "extension": { - "resource_type": "extension", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteExtension.html" - }, - "DeleteExtensionAssociation": { - "privilege": "DeleteExtensionAssociation", - "description": "Grants permission to delete an extension association", - "access_level": "Write", - "resource_types": { - "extensionassociation": { - "resource_type": "extensionassociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteExtensionAssociation.html" - }, - "DeleteHostedConfigurationVersion": { - "privilege": "DeleteHostedConfigurationVersion", - "description": "Grants permission to delete a hosted configuration version", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "hostedconfigurationversion": { - "resource_type": "hostedconfigurationversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteHostedConfigurationVersion.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to view details about an application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetApplication.html" - }, - "GetConfiguration": { - "privilege": "GetConfiguration", - "description": "Grants permission to view details about a configuration", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html" - }, - "GetConfigurationProfile": { - "privilege": "GetConfigurationProfile", - "description": "Grants permission to view details about a configuration profile", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfigurationProfile.html" - }, - "GetDeployment": { - "privilege": "GetDeployment", - "description": "Grants permission to view details about a deployment", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetDeployment.html" - }, - "GetDeploymentStrategy": { - "privilege": "GetDeploymentStrategy", - "description": "Grants permission to view details about a deployment strategy", - "access_level": "Read", - "resource_types": { - "deploymentstrategy": { - "resource_type": "deploymentstrategy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetDeploymentStrategy.html" - }, - "GetEnvironment": { - "privilege": "GetEnvironment", - "description": "Grants permission to view details about an environment", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetEnvironment.html" - }, - "GetExtension": { - "privilege": "GetExtension", - "description": "Grants permission to view details about an extension", - "access_level": "Read", - "resource_types": { - "extension": { - "resource_type": "extension", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetExtension.html" - }, - "GetExtensionAssociation": { - "privilege": "GetExtensionAssociation", - "description": "Grants permission to view details about an extension association", - "access_level": "Read", - "resource_types": { - "extensionassociation": { - "resource_type": "extensionassociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetExtensionAssociation.html" - }, - "GetHostedConfigurationVersion": { - "privilege": "GetHostedConfigurationVersion", - "description": "Grants permission to view details about a hosted configuration version", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "hostedconfigurationversion": { - "resource_type": "hostedconfigurationversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetHostedConfigurationVersion.html" - }, - "GetLatestConfiguration": { - "privilege": "GetLatestConfiguration", - "description": "Grants permission to retrieve a deployed configuration", - "access_level": "Read", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list the applications in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListApplications.html" - }, - "ListConfigurationProfiles": { - "privilege": "ListConfigurationProfiles", - "description": "Grants permission to list the configuration profiles for an application", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListConfigurationProfiles.html" - }, - "ListDeploymentStrategies": { - "privilege": "ListDeploymentStrategies", - "description": "Grants permission to list the deployment strategies for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListDeploymentStrategies.html" - }, - "ListDeployments": { - "privilege": "ListDeployments", - "description": "Grants permission to list the deployments for an environment", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListDeployments.html" - }, - "ListEnvironments": { - "privilege": "ListEnvironments", - "description": "Grants permission to list the environments for an application", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListEnvironments.html" - }, - "ListExtensionAssociations": { - "privilege": "ListExtensionAssociations", - "description": "Grants permission to list the extension associations in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListExtensionAssociations.html" - }, - "ListExtensions": { - "privilege": "ListExtensions", - "description": "Grants permission to list the extensions in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListExtensions.html" - }, - "ListHostedConfigurationVersions": { - "privilege": "ListHostedConfigurationVersions", - "description": "Grants permission to list the hosted configuration versions for a configuration profile", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListHostedConfigurationVersions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to view a list of resource tags for a specified resource", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentstrategy": { - "resource_type": "deploymentstrategy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "extension": { - "resource_type": "extension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "extensionassociation": { - "resource_type": "extensionassociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListTagsForResource.html" - }, - "StartConfigurationSession": { - "privilege": "StartConfigurationSession", - "description": "Grants permission to start a configuration session", - "access_level": "Write", - "resource_types": { - "configuration": { - "resource_type": "configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_StartConfigurationSession.html" - }, - "StartDeployment": { - "privilege": "StartDeployment", - "description": "Grants permission to initiate a deployment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentstrategy": { - "resource_type": "deploymentstrategy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_StartDeployment.html" - }, - "StopDeployment": { - "privilege": "StopDeployment", - "description": "Grants permission to stop a deployment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_StopDeployment.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an appconfig resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration": { - "resource_type": "configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentstrategy": { - "resource_type": "deploymentstrategy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "extension": { - "resource_type": "extension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "extensionassociation": { - "resource_type": "extensionassociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an appconfig resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configuration": { - "resource_type": "configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentstrategy": { - "resource_type": "deploymentstrategy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "extension": { - "resource_type": "extension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "extensionassociation": { - "resource_type": "extensionassociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to modify an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateApplication.html" - }, - "UpdateConfigurationProfile": { - "privilege": "UpdateConfigurationProfile", - "description": "Grants permission to modify a configuration profile", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateConfigurationProfile.html" - }, - "UpdateDeploymentStrategy": { - "privilege": "UpdateDeploymentStrategy", - "description": "Grants permission to modify a deployment strategy", - "access_level": "Write", - "resource_types": { - "deploymentstrategy": { - "resource_type": "deploymentstrategy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateDeploymentStrategy.html" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to modify an environment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateEnvironment.html" - }, - "UpdateExtension": { - "privilege": "UpdateExtension", - "description": "Grants permission to modify an extension", - "access_level": "Write", - "resource_types": { - "extension": { - "resource_type": "extension", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateExtension.html" - }, - "UpdateExtensionAssociation": { - "privilege": "UpdateExtensionAssociation", - "description": "Grants permission to modify an extension association", - "access_level": "Write", - "resource_types": { - "extensionassociation": { - "resource_type": "extensionassociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateExtensionAssociation.html" - }, - "ValidateConfiguration": { - "privilege": "ValidateConfiguration", - "description": "Grants permission to validate a configuration", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationprofile": { - "resource_type": "configurationprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ValidateConfiguration.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/environment/${EnvironmentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "configurationprofile": { - "resource": "configurationprofile", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/configurationprofile/${ConfigurationProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deploymentstrategy": { - "resource": "deploymentstrategy", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:deploymentstrategy/${DeploymentStrategyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deployment": { - "resource": "deployment", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/environment/${EnvironmentId}/deployment/${DeploymentNumber}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "hostedconfigurationversion": { - "resource": "hostedconfigurationversion", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/configurationprofile/${ConfigurationProfileId}/hostedconfigurationversion/${VersionNumber}", - "condition_keys": [] - }, - "configuration": { - "resource": "configuration", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/environment/${EnvironmentId}/configuration/${ConfigurationProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "extension": { - "resource": "extension", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:extension/${ExtensionId}/${ExtensionVersionNumber}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "extensionassociation": { - "resource": "extensionassociation", - "arn": "arn:${Partition}:appconfig:${Region}:${Account}:extensionassociation/${ExtensionAssociationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for a specified tag", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key-value pair assigned to the AWS resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - } - } - }, - "appfabric": { - "service_name": "AWS AppFabric", - "prefix": "appfabric", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappfabric.html", - "privileges": { - "BatchGetUserAccessTasks": { - "privilege": "BatchGetUserAccessTasks", - "description": "Grants permission to start user access tasks for multiple users", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_BatchGetUserAccessTasks.html" - }, - "ConnectAppAuthorization": { - "privilege": "ConnectAppAuthorization", - "description": "Grants permission to connect application authorizations", - "access_level": "Write", - "resource_types": { - "appauthorization": { - "resource_type": "appauthorization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ConnectAppAuthorization.html" - }, - "CreateAppAuthorization": { - "privilege": "CreateAppAuthorization", - "description": "Grants permission to create application authorizations for application bundles", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateAppAuthorization.html" - }, - "CreateAppBundle": { - "privilege": "CreateAppBundle", - "description": "Grants permission to create application bundles in your account", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateAppBundle.html" - }, - "CreateIngestion": { - "privilege": "CreateIngestion", - "description": "Grants permission to create ingestions for application bundles", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateIngestion.html" - }, - "CreateIngestionDestination": { - "privilege": "CreateIngestionDestination", - "description": "Grants permission to create ingestion destinations for application bundles", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateIngestionDestination.html" - }, - "DeleteAppAuthorization": { - "privilege": "DeleteAppAuthorization", - "description": "Grants permission to delete application authorizations within an application bundle", - "access_level": "Write", - "resource_types": { - "appauthorization": { - "resource_type": "appauthorization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteAppAuthorization.html" - }, - "DeleteAppBundle": { - "privilege": "DeleteAppBundle", - "description": "Grants permission to delete application bundles in your account", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteAppBundle.html" - }, - "DeleteIngestion": { - "privilege": "DeleteIngestion", - "description": "Grants permission to delete ingestions within an application bundle", - "access_level": "Write", - "resource_types": { - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteIngestion.html" - }, - "DeleteIngestionDestination": { - "privilege": "DeleteIngestionDestination", - "description": "Grants permission to delete destinations within an ingestion", - "access_level": "Write", - "resource_types": { - "ingestiondestination": { - "resource_type": "ingestiondestination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteIngestionDestination.html" - }, - "GetAppAuthorization": { - "privilege": "GetAppAuthorization", - "description": "Grants permission to view details about application authorizations", - "access_level": "Read", - "resource_types": { - "appauthorization": { - "resource_type": "appauthorization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetAppAuthorization.html" - }, - "GetAppBundle": { - "privilege": "GetAppBundle", - "description": "Grants permission to view details about application bundles", - "access_level": "Read", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetAppBundle.html" - }, - "GetIngestion": { - "privilege": "GetIngestion", - "description": "Grants permission to view details about ingestions", - "access_level": "Read", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetIngestion.html" - }, - "GetIngestionDestination": { - "privilege": "GetIngestionDestination", - "description": "Grants permission to view details about ingestion destinations", - "access_level": "Read", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestiondestination": { - "resource_type": "ingestiondestination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetIngestionDestination.html" - }, - "ListAppAuthorizations": { - "privilege": "ListAppAuthorizations", - "description": "Grants permission to retrieve a list of application authorizations within an application bundle", - "access_level": "List", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListAppAuthorizations.html" - }, - "ListAppBundles": { - "privilege": "ListAppBundles", - "description": "Grants permission to retrieve a list of application bundles in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListAppBundles.html" - }, - "ListIngestionDestinations": { - "privilege": "ListIngestionDestinations", - "description": "Grants permission to retrieve a list of destinations within an ingestion", - "access_level": "List", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListIngestionDestinations.html" - }, - "ListIngestions": { - "privilege": "ListIngestions", - "description": "Grants permission to retrieve a list of ingestions within an application bundle", - "access_level": "List", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListIngestions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for AppFabric resouces", - "access_level": "Read", - "resource_types": { - "appauthorization": { - "resource_type": "appauthorization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "appbundle": { - "resource_type": "appbundle", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestiondestination": { - "resource_type": "ingestiondestination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListTagsForResource.html" - }, - "StartIngestion": { - "privilege": "StartIngestion", - "description": "Grants permission to start ingestions", - "access_level": "Write", - "resource_types": { - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_StartIngestion.html" - }, - "StartUserAccessTasks": { - "privilege": "StartUserAccessTasks", - "description": "Grants permission to start user access tasks", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_StartUserAccessTasks.html" - }, - "StopIngestion": { - "privilege": "StopIngestion", - "description": "Grants permission to stop ingestions", - "access_level": "Write", - "resource_types": { - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_StopIngestion.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag AppFabric resources", - "access_level": "Tagging", - "resource_types": { - "appauthorization": { - "resource_type": "appauthorization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "appbundle": { - "resource_type": "appbundle", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestiondestination": { - "resource_type": "ingestiondestination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag AppFabric resources", - "access_level": "Tagging", - "resource_types": { - "appauthorization": { - "resource_type": "appauthorization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "appbundle": { - "resource_type": "appbundle", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestiondestination": { - "resource_type": "ingestiondestination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_UntagResource.html" - }, - "UpdateAppAuthorization": { - "privilege": "UpdateAppAuthorization", - "description": "Grants permission to update application authorizations within application bundles", - "access_level": "Write", - "resource_types": { - "appauthorization": { - "resource_type": "appauthorization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_UpdateAppAuthorization.html" - }, - "UpdateIngestionDestination": { - "privilege": "UpdateIngestionDestination", - "description": "Grants permission to update destinations within ingestions", - "access_level": "Write", - "resource_types": { - "appbundle": { - "resource_type": "appbundle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestion": { - "resource_type": "ingestion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ingestiondestination": { - "resource_type": "ingestiondestination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_UpdateIngestionDestination.html" - } - }, - "resources": { - "appbundle": { - "resource": "appbundle", - "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppBundleIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "appauthorization": { - "resource": "appauthorization", - "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppbundleId}/appauthorization/${AppAuthorizationIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ingestion": { - "resource": "ingestion", - "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppbundleId}/ingestion/${AppAuthorizationIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ingestiondestination": { - "resource": "ingestiondestination", - "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppbundleId}/ingestion/${AppAuthorizationIdentifier}/ingestiondestination/${IngestionDestinationIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "application-autoscaling": { - "service_name": "AWS Application Auto Scaling", - "prefix": "application-autoscaling", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapplicationautoscaling.html", - "privileges": { - "DeleteScalingPolicy": { - "privilege": "DeleteScalingPolicy", - "description": "Grants permission to delete a scaling policy", - "access_level": "Write", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "application-autoscaling:service-namespace", - "application-autoscaling:scalable-dimension" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DeleteScalingPolicy.html" - }, - "DeleteScheduledAction": { - "privilege": "DeleteScheduledAction", - "description": "Grants permission to delete a scheduled action", - "access_level": "Write", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "application-autoscaling:service-namespace", - "application-autoscaling:scalable-dimension" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DeleteScheduledAction.html" - }, - "DeregisterScalableTarget": { - "privilege": "DeregisterScalableTarget", - "description": "Grants permission to deregister a scalable target", - "access_level": "Write", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "application-autoscaling:service-namespace", - "application-autoscaling:scalable-dimension" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DeregisterScalableTarget.html" - }, - "DescribeScalableTargets": { - "privilege": "DescribeScalableTargets", - "description": "Grants permission to describe one or more scalable targets in the specified namespace", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScalableTargets.html" - }, - "DescribeScalingActivities": { - "privilege": "DescribeScalingActivities", - "description": "Grants permission to describe a set of scaling activities or all scaling activities in the specified namespace", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScalingActivities.html" - }, - "DescribeScalingPolicies": { - "privilege": "DescribeScalingPolicies", - "description": "Grants permission to describe a set of scaling policies or all scaling policies in the specified namespace", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScalingPolicies.html" - }, - "DescribeScheduledActions": { - "privilege": "DescribeScheduledActions", - "description": "Grants permission to describe a set of scheduled actions or all scheduled actions in the specified namespace", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScheduledActions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a scalable target", - "access_level": "Tagging", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_ListTagsForResource.html" - }, - "PutScalingPolicy": { - "privilege": "PutScalingPolicy", - "description": "Grants permission to create and update a scaling policy for a scalable target", - "access_level": "Write", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "application-autoscaling:service-namespace", - "application-autoscaling:scalable-dimension" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScalingPolicy.html" - }, - "PutScheduledAction": { - "privilege": "PutScheduledAction", - "description": "Grants permission to create and update a scheduled action for a scalable target", - "access_level": "Write", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "application-autoscaling:service-namespace", - "application-autoscaling:scalable-dimension" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html" - }, - "RegisterScalableTarget": { - "privilege": "RegisterScalableTarget", - "description": "Grants permission to register AWS or custom resources as scalable targets with Application Auto Scaling and to update configuration parameters used to manage a scalable target", - "access_level": "Write", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "application-autoscaling:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "application-autoscaling:service-namespace", - "application-autoscaling:scalable-dimension" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a scalable target", - "access_level": "Tagging", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a scalable target", - "access_level": "Tagging", - "resource_types": { - "ScalableTarget": { - "resource_type": "ScalableTarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_UntagResource.html" - } - }, - "resources": { - "ScalableTarget": { - "resource": "ScalableTarget", - "arn": "arn:${Partition}:application-autoscaling:${Region}:${Account}:scalable-target/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "application-autoscaling:scalable-dimension": { - "condition": "application-autoscaling:scalable-dimension", - "description": "Filters access by the scalable dimension that is passed in the request", - "type": "String" - }, - "application-autoscaling:service-namespace": { - "condition": "application-autoscaling:service-namespace", - "description": "Filters access by the service namespace that is passed in the request", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "application-cost-profiler": { - "service_name": "AWS Application Cost Profiler Service", - "prefix": "application-cost-profiler", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapplicationcostprofilerservice.html", - "privileges": { - "DeleteReportDefinition": { - "privilege": "DeleteReportDefinition", - "description": "Grants permission to delete the configuration with specific Application Cost Profiler Report thereby effectively disabling report generation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_DeleteReportDefinition.html" - }, - "GetReportDefinition": { - "privilege": "GetReportDefinition", - "description": "Grants permission to fetch the configuration with specific Application Cost Profiler Report request", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_GetReportDefinition.html" - }, - "ImportApplicationUsage": { - "privilege": "ImportApplicationUsage", - "description": "Grants permission to import the application usage from S3", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_ImportApplicationUsage.html" - }, - "ListReportDefinitions": { - "privilege": "ListReportDefinitions", - "description": "Grants permission to get a list of the different Application Cost Profiler Report configurations they have created", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_ListReportDefinitions.html" - }, - "PutReportDefinition": { - "privilege": "PutReportDefinition", - "description": "Grants permission to create Application Cost Profiler Report configurations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_PutReportDefinition.html" - }, - "UpdateReportDefinition": { - "privilege": "UpdateReportDefinition", - "description": "Grants permission to update an existing Application Cost Profiler Report configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_UpdateReportDefinition.html" - } - }, - "resources": {}, - "conditions": {} - }, - "mgn": { - "service_name": "AWS Application Migration Service", - "prefix": "mgn", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapplicationmigrationservice.html", - "privileges": { - "ArchiveApplication": { - "privilege": "ArchiveApplication", - "description": "Grants permission to archive an application", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ArchiveApplication.html" - }, - "ArchiveWave": { - "privilege": "ArchiveWave", - "description": "Grants permission to archive a wave", - "access_level": "Write", - "resource_types": { - "WaveResource": { - "resource_type": "WaveResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ArchiveWave.html" - }, - "AssociateApplications": { - "privilege": "AssociateApplications", - "description": "Grants permission to associate applications to a wave", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WaveResource": { - "resource_type": "WaveResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_AssociateApplications.html" - }, - "AssociateSourceServers": { - "privilege": "AssociateSourceServers", - "description": "Grants permission to associate source servers to an application", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_AssociateSourceServers.html" - }, - "BatchCreateVolumeSnapshotGroupForMgn": { - "privilege": "BatchCreateVolumeSnapshotGroupForMgn", - "description": "Grants permission to create volume snapshot group", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "BatchDeleteSnapshotRequestForMgn": { - "privilege": "BatchDeleteSnapshotRequestForMgn", - "description": "Grants permission to batch delete snapshot request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "ChangeServerLifeCycleState": { - "privilege": "ChangeServerLifeCycleState", - "description": "Grants permission to change source server life cycle state", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ChangeServerLifeCycleState.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateApplication.html" - }, - "CreateLaunchConfigurationTemplate": { - "privilege": "CreateLaunchConfigurationTemplate", - "description": "Grants permission to create launch configuration template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateLaunchConfigurationTemplate.html" - }, - "CreateReplicationConfigurationTemplate": { - "privilege": "CreateReplicationConfigurationTemplate", - "description": "Grants permission to create replication configuration template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateReplicationConfigurationTemplate.html" - }, - "CreateVcenterClientForMgn": { - "privilege": "CreateVcenterClientForMgn", - "description": "Grants permission to create vcenter client", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "CreateWave": { - "privilege": "CreateWave", - "description": "Grants permission to create a wave", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateWave.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteApplication.html" - }, - "DeleteJob": { - "privilege": "DeleteJob", - "description": "Grants permission to delete job", - "access_level": "Write", - "resource_types": { - "JobResource": { - "resource_type": "JobResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteJob.html" - }, - "DeleteLaunchConfigurationTemplate": { - "privilege": "DeleteLaunchConfigurationTemplate", - "description": "Grants permission to delete launch configuration template", - "access_level": "Write", - "resource_types": { - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteLaunchConfigurationTemplate.html" - }, - "DeleteReplicationConfigurationTemplate": { - "privilege": "DeleteReplicationConfigurationTemplate", - "description": "Grants permission to delete replication configuration template", - "access_level": "Write", - "resource_types": { - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteReplicationConfigurationTemplate.html" - }, - "DeleteSourceServer": { - "privilege": "DeleteSourceServer", - "description": "Grants permission to delete source server", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteSourceServer.html" - }, - "DeleteVcenterClient": { - "privilege": "DeleteVcenterClient", - "description": "Grants permission to delete vcenter client", - "access_level": "Write", - "resource_types": { - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteVcenterClient.html" - }, - "DeleteWave": { - "privilege": "DeleteWave", - "description": "Grants permission to delete a wave", - "access_level": "Write", - "resource_types": { - "WaveResource": { - "resource_type": "WaveResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteWave.html" - }, - "DescribeJobLogItems": { - "privilege": "DescribeJobLogItems", - "description": "Grants permission to describe job log items", - "access_level": "Read", - "resource_types": { - "JobResource": { - "resource_type": "JobResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeJobLogItems.html" - }, - "DescribeJobs": { - "privilege": "DescribeJobs", - "description": "Grants permission to describe jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeJobs.html" - }, - "DescribeLaunchConfigurationTemplates": { - "privilege": "DescribeLaunchConfigurationTemplates", - "description": "Grants permission to describe launch configuration template", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeLaunchConfigurationTemplates.html" - }, - "DescribeReplicationConfigurationTemplates": { - "privilege": "DescribeReplicationConfigurationTemplates", - "description": "Grants permission to describe replication configuration template", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeReplicationConfigurationTemplates.html" - }, - "DescribeReplicationServerAssociationsForMgn": { - "privilege": "DescribeReplicationServerAssociationsForMgn", - "description": "Grants permission to describe replication server associations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "DescribeSnapshotRequestsForMgn": { - "privilege": "DescribeSnapshotRequestsForMgn", - "description": "Grants permission to describe snapshots requests", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "DescribeSourceServers": { - "privilege": "DescribeSourceServers", - "description": "Grants permission to describe source servers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeSourceServers.html" - }, - "DescribeVcenterClients": { - "privilege": "DescribeVcenterClients", - "description": "Grants permission to describe vcenter clients", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeVcenterClients.html" - }, - "DisassociateApplications": { - "privilege": "DisassociateApplications", - "description": "Grants permission to disassociate applications from a wave", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WaveResource": { - "resource_type": "WaveResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DisassociateApplications.html" - }, - "DisassociateSourceServers": { - "privilege": "DisassociateSourceServers", - "description": "Grants permission to disassociate source servers from an application", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DisassociateSourceServers.html" - }, - "DisconnectFromService": { - "privilege": "DisconnectFromService", - "description": "Grants permission to disconnect source server from service", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DisconnectFromService.html" - }, - "FinalizeCutover": { - "privilege": "FinalizeCutover", - "description": "Grants permission to finalize cutover", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_FinalizeCutover.html" - }, - "GetAgentCommandForMgn": { - "privilege": "GetAgentCommandForMgn", - "description": "Grants permission to get agent command", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "GetAgentConfirmedResumeInfoForMgn": { - "privilege": "GetAgentConfirmedResumeInfoForMgn", - "description": "Grants permission to get agent confirmed resume info", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "GetAgentInstallationAssetsForMgn": { - "privilege": "GetAgentInstallationAssetsForMgn", - "description": "Grants permission to get agent installation assets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "GetAgentReplicationInfoForMgn": { - "privilege": "GetAgentReplicationInfoForMgn", - "description": "Grants permission to get agent replication info", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "GetAgentRuntimeConfigurationForMgn": { - "privilege": "GetAgentRuntimeConfigurationForMgn", - "description": "Grants permission to get agent runtime configuration", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "GetAgentSnapshotCreditsForMgn": { - "privilege": "GetAgentSnapshotCreditsForMgn", - "description": "Grants permission to get agent snapshots credits", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "GetChannelCommandsForMgn": { - "privilege": "GetChannelCommandsForMgn", - "description": "Grants permission to get channel commands", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "GetLaunchConfiguration": { - "privilege": "GetLaunchConfiguration", - "description": "Grants permission to get launch configuration", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_GetLaunchConfiguration.html" - }, - "GetReplicationConfiguration": { - "privilege": "GetReplicationConfiguration", - "description": "Grants permission to get replication configuration", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_GetReplicationConfiguration.html" - }, - "GetVcenterClientCommandsForMgn": { - "privilege": "GetVcenterClientCommandsForMgn", - "description": "Grants permission to get vcenter client commands", - "access_level": "Read", - "resource_types": { - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "InitializeService": { - "privilege": "InitializeService", - "description": "Grants permission to initialize service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:AddRoleToInstanceProfile", - "iam:CreateInstanceProfile", - "iam:CreateServiceLinkedRole", - "iam:GetInstanceProfile" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_InitializeService.html" - }, - "IssueClientCertificateForMgn": { - "privilege": "IssueClientCertificateForMgn", - "description": "Grants permission to issue a client certificate", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list application summaries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListApplications.html" - }, - "ListExportErrors": { - "privilege": "ListExportErrors", - "description": "Grants permission to list the errors of an export task", - "access_level": "List", - "resource_types": { - "ExportResource": { - "resource_type": "ExportResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListExportErrors.html" - }, - "ListExports": { - "privilege": "ListExports", - "description": "Grants permission to list export tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListExports.html" - }, - "ListImportErrors": { - "privilege": "ListImportErrors", - "description": "Grants permission to list the errors of an import task", - "access_level": "List", - "resource_types": { - "ImportResource": { - "resource_type": "ImportResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListImportErrors.html" - }, - "ListImports": { - "privilege": "ListImports", - "description": "Grants permission to list the import tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListImports.html" - }, - "ListManagedAccounts": { - "privilege": "ListManagedAccounts", - "description": "Grants permission to list managed accounts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListManagedAccounts.html" - }, - "ListSourceServerActions": { - "privilege": "ListSourceServerActions", - "description": "Grants permission to list source server action documents", - "access_level": "List", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListSourceServerActions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTemplateActions": { - "privilege": "ListTemplateActions", - "description": "Grants permission to list launch configuration template action documents", - "access_level": "List", - "resource_types": { - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListTemplateActions.html" - }, - "ListWaves": { - "privilege": "ListWaves", - "description": "Grants permission to list wave summaries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListWaves.html" - }, - "MarkAsArchived": { - "privilege": "MarkAsArchived", - "description": "Grants permission to mark source server as archived", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_MarkAsArchived.html" - }, - "NotifyAgentAuthenticationForMgn": { - "privilege": "NotifyAgentAuthenticationForMgn", - "description": "Grants permission to notify agent authentication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "NotifyAgentConnectedForMgn": { - "privilege": "NotifyAgentConnectedForMgn", - "description": "Grants permission to notify agent is connected", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "NotifyAgentDisconnectedForMgn": { - "privilege": "NotifyAgentDisconnectedForMgn", - "description": "Grants permission to notify agent is disconnected", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "NotifyAgentReplicationProgressForMgn": { - "privilege": "NotifyAgentReplicationProgressForMgn", - "description": "Grants permission to notify agent replication progress", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "NotifyVcenterClientStartedForMgn": { - "privilege": "NotifyVcenterClientStartedForMgn", - "description": "Grants permission to notify vcenter client started", - "access_level": "Write", - "resource_types": { - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "PauseReplication": { - "privilege": "PauseReplication", - "description": "Grants permission to pause replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_PauseReplication.html" - }, - "PutSourceServerAction": { - "privilege": "PutSourceServerAction", - "description": "Grants permission to put source server action document", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_PutSourceServerAction.html" - }, - "PutTemplateAction": { - "privilege": "PutTemplateAction", - "description": "Grants permission to put launch configuration template action document", - "access_level": "Write", - "resource_types": { - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_PutTemplateAction.html" - }, - "RegisterAgentForMgn": { - "privilege": "RegisterAgentForMgn", - "description": "Grants permission to register agent", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "RemoveSourceServerAction": { - "privilege": "RemoveSourceServerAction", - "description": "Grants permission to remove source server action document", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_RemoveSourceServerAction.html" - }, - "RemoveTemplateAction": { - "privilege": "RemoveTemplateAction", - "description": "Grants permission to remove launch configuration template action document", - "access_level": "Write", - "resource_types": { - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_RemoveTemplateAction.html" - }, - "ResumeReplication": { - "privilege": "ResumeReplication", - "description": "Grants permission to resume replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ResumeReplication.html" - }, - "RetryDataReplication": { - "privilege": "RetryDataReplication", - "description": "Grants permission to retry replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_RetryDataReplication.html" - }, - "SendAgentLogsForMgn": { - "privilege": "SendAgentLogsForMgn", - "description": "Grants permission to send agent logs", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "SendAgentMetricsForMgn": { - "privilege": "SendAgentMetricsForMgn", - "description": "Grants permission to send agent metrics", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "SendChannelCommandResultForMgn": { - "privilege": "SendChannelCommandResultForMgn", - "description": "Grants permission to send channel command result", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "SendClientLogsForMgn": { - "privilege": "SendClientLogsForMgn", - "description": "Grants permission to send client logs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "SendClientMetricsForMgn": { - "privilege": "SendClientMetricsForMgn", - "description": "Grants permission to send client metrics", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "SendVcenterClientCommandResultForMgn": { - "privilege": "SendVcenterClientCommandResultForMgn", - "description": "Grants permission to send vcenter client command result", - "access_level": "Write", - "resource_types": { - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "SendVcenterClientLogsForMgn": { - "privilege": "SendVcenterClientLogsForMgn", - "description": "Grants permission to send vcenter client logs", - "access_level": "Write", - "resource_types": { - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "SendVcenterClientMetricsForMgn": { - "privilege": "SendVcenterClientMetricsForMgn", - "description": "Grants permission to send vcenter client metrics", - "access_level": "Write", - "resource_types": { - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "StartCutover": { - "privilege": "StartCutover", - "description": "Grants permission to start cutover", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:AttachVolume", - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:CreateLaunchTemplate", - "ec2:CreateLaunchTemplateVersion", - "ec2:CreateSecurityGroup", - "ec2:CreateSnapshot", - "ec2:CreateTags", - "ec2:CreateVolume", - "ec2:DeleteLaunchTemplateVersions", - "ec2:DeleteSnapshot", - "ec2:DeleteVolume", - "ec2:DescribeAccountAttributes", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeImages", - "ec2:DescribeInstanceAttribute", - "ec2:DescribeInstanceStatus", - "ec2:DescribeInstanceTypes", - "ec2:DescribeInstances", - "ec2:DescribeLaunchTemplateVersions", - "ec2:DescribeLaunchTemplates", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSnapshots", - "ec2:DescribeSubnets", - "ec2:DescribeVolumes", - "ec2:DetachVolume", - "ec2:ModifyInstanceAttribute", - "ec2:ModifyLaunchTemplate", - "ec2:ReportInstanceStatus", - "ec2:RevokeSecurityGroupEgress", - "ec2:RunInstances", - "ec2:StartInstances", - "ec2:StopInstances", - "ec2:TerminateInstances", - "iam:PassRole", - "mgn:ListTagsForResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartCutover.html" - }, - "StartExport": { - "privilege": "StartExport", - "description": "Grants permission to start an export task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeLaunchTemplateVersions", - "mgn:DescribeSourceServers", - "mgn:GetLaunchConfiguration", - "mgn:ListApplications", - "mgn:ListWaves", - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartExport.html" - }, - "StartImport": { - "privilege": "StartImport", - "description": "Grants permission to create an import task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateLaunchTemplateVersion", - "ec2:DescribeLaunchTemplateVersions", - "ec2:ModifyLaunchTemplate", - "mgn:DescribeSourceServers", - "mgn:GetLaunchConfiguration", - "mgn:ListApplications", - "mgn:ListWaves", - "mgn:TagResource", - "mgn:UpdateLaunchConfiguration", - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartImport.html" - }, - "StartReplication": { - "privilege": "StartReplication", - "description": "Grants permission to start replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartReplication.html" - }, - "StartTest": { - "privilege": "StartTest", - "description": "Grants permission to start test", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:AttachVolume", - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:CreateLaunchTemplate", - "ec2:CreateLaunchTemplateVersion", - "ec2:CreateSecurityGroup", - "ec2:CreateSnapshot", - "ec2:CreateTags", - "ec2:CreateVolume", - "ec2:DeleteLaunchTemplateVersions", - "ec2:DeleteSnapshot", - "ec2:DeleteVolume", - "ec2:DescribeAccountAttributes", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeImages", - "ec2:DescribeInstanceAttribute", - "ec2:DescribeInstanceStatus", - "ec2:DescribeInstanceTypes", - "ec2:DescribeInstances", - "ec2:DescribeLaunchTemplateVersions", - "ec2:DescribeLaunchTemplates", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSnapshots", - "ec2:DescribeSubnets", - "ec2:DescribeVolumes", - "ec2:DetachVolume", - "ec2:ModifyInstanceAttribute", - "ec2:ModifyLaunchTemplate", - "ec2:ReportInstanceStatus", - "ec2:RevokeSecurityGroupEgress", - "ec2:RunInstances", - "ec2:StartInstances", - "ec2:StopInstances", - "ec2:TerminateInstances", - "iam:PassRole", - "mgn:ListTagsForResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartTest.html" - }, - "StopReplication": { - "privilege": "StopReplication", - "description": "Grants permission to stop replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StopReplication.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign a resource tag", - "access_level": "Tagging", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "JobResource": { - "resource_type": "JobResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WaveResource": { - "resource_type": "WaveResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "mgn:CreateAction", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_TagResource.html" - }, - "TerminateTargetInstances": { - "privilege": "TerminateTargetInstances", - "description": "Grants permission to terminate target instances", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteVolume", - "ec2:DescribeInstances", - "ec2:DescribeVolumes", - "ec2:TerminateInstances" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_TerminateTargetInstances.html" - }, - "UnarchiveApplication": { - "privilege": "UnarchiveApplication", - "description": "Grants permission to unarchive an application", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UnarchiveApplication.html" - }, - "UnarchiveWave": { - "privilege": "UnarchiveWave", - "description": "Grants permission to unarchive a wave", - "access_level": "Write", - "resource_types": { - "WaveResource": { - "resource_type": "WaveResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UnarchiveWave.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "JobResource": { - "resource_type": "JobResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "VcenterClientResource": { - "resource_type": "VcenterClientResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WaveResource": { - "resource_type": "WaveResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UntagResource.html" - }, - "UpdateAgentBacklogForMgn": { - "privilege": "UpdateAgentBacklogForMgn", - "description": "Grants permission to update agent backlog", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "UpdateAgentConversionInfoForMgn": { - "privilege": "UpdateAgentConversionInfoForMgn", - "description": "Grants permission to update agent conversion info", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "UpdateAgentReplicationInfoForMgn": { - "privilege": "UpdateAgentReplicationInfoForMgn", - "description": "Grants permission to update agent replication info", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "UpdateAgentReplicationProcessStateForMgn": { - "privilege": "UpdateAgentReplicationProcessStateForMgn", - "description": "Grants permission to update agent replication process state", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "UpdateAgentSourcePropertiesForMgn": { - "privilege": "UpdateAgentSourcePropertiesForMgn", - "description": "Grants permission to update agent source properties", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update an application", - "access_level": "Write", - "resource_types": { - "ApplicationResource": { - "resource_type": "ApplicationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateApplication.html" - }, - "UpdateLaunchConfiguration": { - "privilege": "UpdateLaunchConfiguration", - "description": "Grants permission to update launch configuration", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateLaunchConfiguration.html" - }, - "UpdateLaunchConfigurationTemplate": { - "privilege": "UpdateLaunchConfigurationTemplate", - "description": "Grants permission to update launch configuration", - "access_level": "Write", - "resource_types": { - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateLaunchConfigurationTemplate.html" - }, - "UpdateReplicationConfiguration": { - "privilege": "UpdateReplicationConfiguration", - "description": "Grants permission to update replication configuration", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateReplicationConfiguration.html" - }, - "UpdateReplicationConfigurationTemplate": { - "privilege": "UpdateReplicationConfigurationTemplate", - "description": "Grants permission to update replication configuration template", - "access_level": "Write", - "resource_types": { - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateReplicationConfigurationTemplate.html" - }, - "UpdateSourceServerReplicationType": { - "privilege": "UpdateSourceServerReplicationType", - "description": "Grants permission to update source server replication type", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateSourceServerReplicationType.html" - }, - "UpdateWave": { - "privilege": "UpdateWave", - "description": "Grants permission to update a wave", - "access_level": "Write", - "resource_types": { - "WaveResource": { - "resource_type": "WaveResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateWave.html" - }, - "VerifyClientRoleForMgn": { - "privilege": "VerifyClientRoleForMgn", - "description": "Grants permission to verify client role", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" - } - }, - "resources": { - "JobResource": { - "resource": "JobResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:job/${JobID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ReplicationConfigurationTemplateResource": { - "resource": "ReplicationConfigurationTemplateResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:replication-configuration-template/${ReplicationConfigurationTemplateID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "LaunchConfigurationTemplateResource": { - "resource": "LaunchConfigurationTemplateResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:launch-configuration-template/${LaunchConfigurationTemplateID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "VcenterClientResource": { - "resource": "VcenterClientResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:vcenter-client/${VcenterClientID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "SourceServerResource": { - "resource": "SourceServerResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:source-server/${SourceServerID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ApplicationResource": { - "resource": "ApplicationResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:application/${ApplicationID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "WaveResource": { - "resource": "WaveResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:wave/${WaveID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ImportResource": { - "resource": "ImportResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:import/${ImportID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ExportResource": { - "resource": "ExportResource", - "arn": "arn:${Partition}:mgn:${Region}:${Account}:export/${ExportID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by presence of tag keys in the request", - "type": "ArrayOfString" - }, - "mgn:CreateAction": { - "condition": "mgn:CreateAction", - "description": "Filters access by the name of a resource-creating API action", - "type": "String" - } - } - }, - "appmesh": { - "service_name": "AWS App Mesh", - "prefix": "appmesh", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappmesh.html", - "privileges": { - "CreateGatewayRoute": { - "privilege": "CreateGatewayRoute", - "description": "Grants permission to create a gateway route that is associated with a virtual gateway", - "access_level": "Write", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateGatewayRoute.html" - }, - "CreateMesh": { - "privilege": "CreateMesh", - "description": "Grants permission to create a service mesh", - "access_level": "Write", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateMesh.html" - }, - "CreateRoute": { - "privilege": "CreateRoute", - "description": "Grants permission to create a route that is associated with a virtual router", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateRoute.html" - }, - "CreateVirtualGateway": { - "privilege": "CreateVirtualGateway", - "description": "Grants permission to create a virtual gateway within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualGateway.html" - }, - "CreateVirtualNode": { - "privilege": "CreateVirtualNode", - "description": "Grants permission to create a virtual node within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualNode.html" - }, - "CreateVirtualRouter": { - "privilege": "CreateVirtualRouter", - "description": "Grants permission to create a virtual router within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualRouter.html" - }, - "CreateVirtualService": { - "privilege": "CreateVirtualService", - "description": "Grants permission to create a virtual service within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualRouter": { - "resource_type": "virtualRouter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualService.html" - }, - "DeleteGatewayRoute": { - "privilege": "DeleteGatewayRoute", - "description": "Grants permission to delete an existing gateway route", - "access_level": "Write", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteGatewayRoute.html" - }, - "DeleteMesh": { - "privilege": "DeleteMesh", - "description": "Grants permission to delete an existing service mesh", - "access_level": "Write", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteMesh.html" - }, - "DeleteRoute": { - "privilege": "DeleteRoute", - "description": "Grants permission to delete an existing route", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteRoute.html" - }, - "DeleteVirtualGateway": { - "privilege": "DeleteVirtualGateway", - "description": "Grants permission to delete an existing virtual gateway", - "access_level": "Write", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualGateway.html" - }, - "DeleteVirtualNode": { - "privilege": "DeleteVirtualNode", - "description": "Grants permission to delete an existing virtual node", - "access_level": "Write", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualNode.html" - }, - "DeleteVirtualRouter": { - "privilege": "DeleteVirtualRouter", - "description": "Grants permission to delete an existing virtual router", - "access_level": "Write", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualRouter.html" - }, - "DeleteVirtualService": { - "privilege": "DeleteVirtualService", - "description": "Grants permission to delete an existing virtual service", - "access_level": "Write", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualService.html" - }, - "DescribeGatewayRoute": { - "privilege": "DescribeGatewayRoute", - "description": "Grants permission to describe an existing gateway route", - "access_level": "Read", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeGatewayRoute.html" - }, - "DescribeMesh": { - "privilege": "DescribeMesh", - "description": "Grants permission to describe an existing service mesh", - "access_level": "Read", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeMesh.html" - }, - "DescribeRoute": { - "privilege": "DescribeRoute", - "description": "Grants permission to describe an existing route", - "access_level": "Read", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeRoute.html" - }, - "DescribeVirtualGateway": { - "privilege": "DescribeVirtualGateway", - "description": "Grants permission to describe an existing virtual gateway", - "access_level": "Read", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualGateway.html" - }, - "DescribeVirtualNode": { - "privilege": "DescribeVirtualNode", - "description": "Grants permission to describe an existing virtual node", - "access_level": "Read", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualNode.html" - }, - "DescribeVirtualRouter": { - "privilege": "DescribeVirtualRouter", - "description": "Grants permission to describe an existing virtual router", - "access_level": "Read", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualRouter.html" - }, - "DescribeVirtualService": { - "privilege": "DescribeVirtualService", - "description": "Grants permission to describe an existing virtual service", - "access_level": "Read", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualService.html" - }, - "ListGatewayRoutes": { - "privilege": "ListGatewayRoutes", - "description": "Grants permission to list existing gateway routes in a service mesh", - "access_level": "List", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListGatewayRoutes.html" - }, - "ListMeshes": { - "privilege": "ListMeshes", - "description": "Grants permission to list existing service meshes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListMeshes.html" - }, - "ListRoutes": { - "privilege": "ListRoutes", - "description": "Grants permission to list existing routes in a service mesh", - "access_level": "List", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListRoutes.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for an App Mesh resource", - "access_level": "List", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mesh": { - "resource_type": "mesh", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route": { - "resource_type": "route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualGateway": { - "resource_type": "virtualGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualRouter": { - "resource_type": "virtualRouter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListTagsForResource.html" - }, - "ListVirtualGateways": { - "privilege": "ListVirtualGateways", - "description": "Grants permission to list existing virtual gateways in a service mesh", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualGateways.html" - }, - "ListVirtualNodes": { - "privilege": "ListVirtualNodes", - "description": "Grants permission to list existing virtual nodes", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualNodes.html" - }, - "ListVirtualRouters": { - "privilege": "ListVirtualRouters", - "description": "Grants permission to list existing virtual routers in a service mesh", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualRouters.html" - }, - "ListVirtualServices": { - "privilege": "ListVirtualServices", - "description": "Grants permission to list existing virtual services in a service mesh", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualServices.html" - }, - "StreamAggregatedResources": { - "privilege": "StreamAggregatedResources", - "description": "Grants permission to receive streamed resources for an App Mesh endpoint (VirtualNode/VirtualGateway)", - "access_level": "Read", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource with a specified resourceArn", - "access_level": "Tagging", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mesh": { - "resource_type": "mesh", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route": { - "resource_type": "route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualGateway": { - "resource_type": "virtualGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualRouter": { - "resource_type": "virtualRouter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to delete a tag from a resource", - "access_level": "Tagging", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mesh": { - "resource_type": "mesh", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route": { - "resource_type": "route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualGateway": { - "resource_type": "virtualGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualRouter": { - "resource_type": "virtualRouter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UntagResource.html" - }, - "UpdateGatewayRoute": { - "privilege": "UpdateGatewayRoute", - "description": "Grants permission to update an existing gateway route for a specified service mesh and virtual gateway", - "access_level": "Write", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateGatewayRoute.html" - }, - "UpdateMesh": { - "privilege": "UpdateMesh", - "description": "Grants permission to update an existing service mesh", - "access_level": "Write", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateMesh.html" - }, - "UpdateRoute": { - "privilege": "UpdateRoute", - "description": "Grants permission to update an existing route for a specified service mesh and virtual router", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateRoute.html" - }, - "UpdateVirtualGateway": { - "privilege": "UpdateVirtualGateway", - "description": "Grants permission to update an existing virtual gateway in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualGateway.html" - }, - "UpdateVirtualNode": { - "privilege": "UpdateVirtualNode", - "description": "Grants permission to update an existing virtual node in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualNode.html" - }, - "UpdateVirtualRouter": { - "privilege": "UpdateVirtualRouter", - "description": "Grants permission to update an existing virtual router in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualRouter.html" - }, - "UpdateVirtualService": { - "privilege": "UpdateVirtualService", - "description": "Grants permission to update an existing virtual service in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualRouter": { - "resource_type": "virtualRouter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualService.html" - } - }, - "resources": { - "mesh": { - "resource": "mesh", - "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "virtualService": { - "resource": "virtualService", - "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualService/${VirtualServiceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "virtualNode": { - "resource": "virtualNode", - "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualNode/${VirtualNodeName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "virtualRouter": { - "resource": "virtualRouter", - "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "route": { - "resource": "route", - "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}/route/${RouteName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "virtualGateway": { - "resource": "virtualGateway", - "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "gatewayRoute": { - "resource": "gatewayRoute", - "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}/gatewayRoute/${GatewayRouteName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "appmesh-preview": { - "service_name": "AWS App Mesh Preview", - "prefix": "appmesh-preview", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappmeshpreview.html", - "privileges": { - "CreateGatewayRoute": { - "privilege": "CreateGatewayRoute", - "description": "Grants permission to create a gateway route that is associated with a virtual gateway", - "access_level": "Write", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateGatewayRoute.html" - }, - "CreateMesh": { - "privilege": "CreateMesh", - "description": "Grants permission to create a service mesh", - "access_level": "Write", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateMesh.html" - }, - "CreateRoute": { - "privilege": "CreateRoute", - "description": "Grants permission to create a route that is associated with a virtual router", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateRoute.html" - }, - "CreateVirtualGateway": { - "privilege": "CreateVirtualGateway", - "description": "Grants permission to create a virtual gateway within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualGateway.html" - }, - "CreateVirtualNode": { - "privilege": "CreateVirtualNode", - "description": "Grants permission to create a virtual node within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualNode.html" - }, - "CreateVirtualRouter": { - "privilege": "CreateVirtualRouter", - "description": "Grants permission to create a virtual router within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualRouter.html" - }, - "CreateVirtualService": { - "privilege": "CreateVirtualService", - "description": "Grants permission to create a virtual service within a service mesh", - "access_level": "Write", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualRouter": { - "resource_type": "virtualRouter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualService.html" - }, - "DeleteGatewayRoute": { - "privilege": "DeleteGatewayRoute", - "description": "Grants permission to delete an existing gateway route", - "access_level": "Write", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteGatewayRoute.html" - }, - "DeleteMesh": { - "privilege": "DeleteMesh", - "description": "Grants permission to delete an existing service mesh", - "access_level": "Write", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteMesh.html" - }, - "DeleteRoute": { - "privilege": "DeleteRoute", - "description": "Grants permission to delete an existing route", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteRoute.html" - }, - "DeleteVirtualGateway": { - "privilege": "DeleteVirtualGateway", - "description": "Grants permission to delete an existing virtual gateway", - "access_level": "Write", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualGateway.html" - }, - "DeleteVirtualNode": { - "privilege": "DeleteVirtualNode", - "description": "Grants permission to delete an existing virtual node", - "access_level": "Write", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualNode.html" - }, - "DeleteVirtualRouter": { - "privilege": "DeleteVirtualRouter", - "description": "Grants permission to delete an existing virtual router", - "access_level": "Write", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualRouter.html" - }, - "DeleteVirtualService": { - "privilege": "DeleteVirtualService", - "description": "Grants permission to delete an existing virtual service", - "access_level": "Write", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualService.html" - }, - "DescribeGatewayRoute": { - "privilege": "DescribeGatewayRoute", - "description": "Grants permission to describe an existing gateway route", - "access_level": "Read", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeGatewayRoute.html" - }, - "DescribeMesh": { - "privilege": "DescribeMesh", - "description": "Grants permission to describe an existing service mesh", - "access_level": "Read", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeMesh.html" - }, - "DescribeRoute": { - "privilege": "DescribeRoute", - "description": "Grants permission to describe an existing route", - "access_level": "Read", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeRoute.html" - }, - "DescribeVirtualGateway": { - "privilege": "DescribeVirtualGateway", - "description": "Grants permission to describe an existing virtual gateway", - "access_level": "Read", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualGateway.html" - }, - "DescribeVirtualNode": { - "privilege": "DescribeVirtualNode", - "description": "Grants permission to describe an existing virtual node", - "access_level": "Read", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualNode.html" - }, - "DescribeVirtualRouter": { - "privilege": "DescribeVirtualRouter", - "description": "Grants permission to describe an existing virtual router", - "access_level": "Read", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualRouter.html" - }, - "DescribeVirtualService": { - "privilege": "DescribeVirtualService", - "description": "Grants permission to describe an existing virtual service", - "access_level": "Read", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualService.html" - }, - "ListGatewayRoutes": { - "privilege": "ListGatewayRoutes", - "description": "Grants permission to list existing gateway routes in a service mesh", - "access_level": "List", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListGatewayRoutes.html" - }, - "ListMeshes": { - "privilege": "ListMeshes", - "description": "Grants permission to list existing service meshes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListMeshes.html" - }, - "ListRoutes": { - "privilege": "ListRoutes", - "description": "Grants permission to list existing routes in a service mesh", - "access_level": "List", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListRoutes.html" - }, - "ListVirtualGateways": { - "privilege": "ListVirtualGateways", - "description": "Grants permission to list existing virtual gateways in a service mesh", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualGateways.html" - }, - "ListVirtualNodes": { - "privilege": "ListVirtualNodes", - "description": "Grants permission to list existing virtual nodes", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualNodes.html" - }, - "ListVirtualRouters": { - "privilege": "ListVirtualRouters", - "description": "Grants permission to list existing virtual routers in a service mesh", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualRouters.html" - }, - "ListVirtualServices": { - "privilege": "ListVirtualServices", - "description": "Grants permission to list existing virtual services in a service mesh", - "access_level": "List", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualServices.html" - }, - "StreamAggregatedResources": { - "privilege": "StreamAggregatedResources", - "description": "Grants permission to receive streamed resources for an App Mesh endpoint (VirtualNode/VirtualGateway)", - "access_level": "Read", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html" - }, - "UpdateGatewayRoute": { - "privilege": "UpdateGatewayRoute", - "description": "Grants permission to update an existing gateway route for a specified service mesh and virtual gateway", - "access_level": "Write", - "resource_types": { - "gatewayRoute": { - "resource_type": "gatewayRoute", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualService": { - "resource_type": "virtualService", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateGatewayRoute.html" - }, - "UpdateMesh": { - "privilege": "UpdateMesh", - "description": "Grants permission to update an existing service mesh", - "access_level": "Write", - "resource_types": { - "mesh": { - "resource_type": "mesh", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateMesh.html" - }, - "UpdateRoute": { - "privilege": "UpdateRoute", - "description": "Grants permission to update an existing route for a specified service mesh and virtual router", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateRoute.html" - }, - "UpdateVirtualGateway": { - "privilege": "UpdateVirtualGateway", - "description": "Grants permission to update an existing virtual gateway in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualGateway": { - "resource_type": "virtualGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualGateway.html" - }, - "UpdateVirtualNode": { - "privilege": "UpdateVirtualNode", - "description": "Grants permission to update an existing virtual node in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualNode": { - "resource_type": "virtualNode", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualNode.html" - }, - "UpdateVirtualRouter": { - "privilege": "UpdateVirtualRouter", - "description": "Grants permission to update an existing virtual router in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualRouter": { - "resource_type": "virtualRouter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualRouter.html" - }, - "UpdateVirtualService": { - "privilege": "UpdateVirtualService", - "description": "Grants permission to update an existing virtual service in a specified service mesh", - "access_level": "Write", - "resource_types": { - "virtualService": { - "resource_type": "virtualService", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualNode": { - "resource_type": "virtualNode", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualRouter": { - "resource_type": "virtualRouter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualService.html" - } - }, - "resources": { - "mesh": { - "resource": "mesh", - "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}", - "condition_keys": [] - }, - "virtualService": { - "resource": "virtualService", - "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualService/${VirtualServiceName}", - "condition_keys": [] - }, - "virtualNode": { - "resource": "virtualNode", - "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualNode/${VirtualNodeName}", - "condition_keys": [] - }, - "virtualRouter": { - "resource": "virtualRouter", - "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}", - "condition_keys": [] - }, - "route": { - "resource": "route", - "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}/route/${RouteName}", - "condition_keys": [] - }, - "virtualGateway": { - "resource": "virtualGateway", - "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}", - "condition_keys": [] - }, - "gatewayRoute": { - "resource": "gatewayRoute", - "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}/gatewayRoute/${GatewayRouteName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "apprunner": { - "service_name": "AWS App Runner", - "prefix": "apprunner", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapprunner.html", - "privileges": { - "AssociateCustomDomain": { - "privilege": "AssociateCustomDomain", - "description": "Grants permission to associate your own domain name with the AWS App Runner subdomain URL of your App Runner service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_AssociateCustomDomain.html" - }, - "AssociateWebAcl": { - "privilege": "AssociateWebAcl", - "description": "Grants permission to associate the service with an AWS WAF web ACL", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}waf-manage.html" - }, - "CreateAutoScalingConfiguration": { - "privilege": "CreateAutoScalingConfiguration", - "description": "Grants permission to create an AWS App Runner automatic scaling configuration resource", - "access_level": "Write", - "resource_types": { - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateAutoScalingConfiguration.html" - }, - "CreateConnection": { - "privilege": "CreateConnection", - "description": "Grants permission to create an AWS App Runner connection resource", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateConnection.html" - }, - "CreateObservabilityConfiguration": { - "privilege": "CreateObservabilityConfiguration", - "description": "Grants permission to create an AWS App Runner observability configuration resource", - "access_level": "Write", - "resource_types": { - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateObservabilityConfiguration.html" - }, - "CreateService": { - "privilege": "CreateService", - "description": "Grants permission to create an AWS App Runner service resource", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcconnector": { - "resource_type": "vpcconnector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "apprunner:ConnectionArn", - "apprunner:AutoScalingConfigurationArn", - "apprunner:ObservabilityConfigurationArn", - "apprunner:VpcConnectorArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateService.html" - }, - "CreateVpcConnector": { - "privilege": "CreateVpcConnector", - "description": "Grants permission to create an AWS App Runner VPC connector resource", - "access_level": "Write", - "resource_types": { - "vpcconnector": { - "resource_type": "vpcconnector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateVpcConnector.html" - }, - "CreateVpcIngressConnection": { - "privilege": "CreateVpcIngressConnection", - "description": "Grants permission to create an AWS App Runner VpcIngressConnection resource", - "access_level": "Write", - "resource_types": { - "vpcingressconnection": { - "resource_type": "vpcingressconnection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "apprunner:ServiceArn", - "apprunner:VpcId", - "apprunner:VpcEndpointId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateVpcIngressConnection.html" - }, - "DeleteAutoScalingConfiguration": { - "privilege": "DeleteAutoScalingConfiguration", - "description": "Grants permission to delete an AWS App Runner automatic scaling configuration resource", - "access_level": "Write", - "resource_types": { - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteAutoScalingConfiguration.html" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete an AWS App Runner connection resource", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteConnection.html" - }, - "DeleteObservabilityConfiguration": { - "privilege": "DeleteObservabilityConfiguration", - "description": "Grants permission to delete an AWS App Runner observability configuration resource", - "access_level": "Write", - "resource_types": { - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteObservabilityConfiguration.html" - }, - "DeleteService": { - "privilege": "DeleteService", - "description": "Grants permission to delete an AWS App Runner service resource", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteService.html" - }, - "DeleteVpcConnector": { - "privilege": "DeleteVpcConnector", - "description": "Grants permission to delete an AWS App Runner VPC connector resource", - "access_level": "Write", - "resource_types": { - "vpcconnector": { - "resource_type": "vpcconnector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteVpcConnector.html" - }, - "DeleteVpcIngressConnection": { - "privilege": "DeleteVpcIngressConnection", - "description": "Grants permission to delete an AWS App Runner VpcIngressConnection resource", - "access_level": "Write", - "resource_types": { - "vpcingressconnection": { - "resource_type": "vpcingressconnection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteVpcIngressConnection.html" - }, - "DescribeAutoScalingConfiguration": { - "privilege": "DescribeAutoScalingConfiguration", - "description": "Grants permission to retrieve the description of an AWS App Runner automatic scaling configuration resource", - "access_level": "Read", - "resource_types": { - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeAutoScalingConfiguration.html" - }, - "DescribeCustomDomains": { - "privilege": "DescribeCustomDomains", - "description": "Grants permission to retrieve descriptions of custom domain names associated with an AWS App Runner service", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeCustomDomains.html" - }, - "DescribeObservabilityConfiguration": { - "privilege": "DescribeObservabilityConfiguration", - "description": "Grants permission to retrieve the description of an AWS App Runner observability configuration resource", - "access_level": "Read", - "resource_types": { - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeObservabilityConfiguration.html" - }, - "DescribeOperation": { - "privilege": "DescribeOperation", - "description": "Grants permission to retrieve the description of an operation that occurred on an AWS App Runner service", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeOperation.html" - }, - "DescribeService": { - "privilege": "DescribeService", - "description": "Grants permission to retrieve the description of an AWS App Runner service resource", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeService.html" - }, - "DescribeVpcConnector": { - "privilege": "DescribeVpcConnector", - "description": "Grants permission to retrieve the description of an AWS App Runner VPC connector resource", - "access_level": "Read", - "resource_types": { - "vpcconnector": { - "resource_type": "vpcconnector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeVpcConnector.html" - }, - "DescribeVpcIngressConnection": { - "privilege": "DescribeVpcIngressConnection", - "description": "Grants permission to retrieve the description of an AWS App Runner VpcIngressConnection resource", - "access_level": "Read", - "resource_types": { - "vpcingressconnection": { - "resource_type": "vpcingressconnection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeVpcIngressConnection.html" - }, - "DescribeWebAclForService": { - "privilege": "DescribeWebAclForService", - "description": "Grants permission to get the AWS WAF web ACL that is associated with an AWS App Runner service", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}waf-manage.html" - }, - "DisassociateCustomDomain": { - "privilege": "DisassociateCustomDomain", - "description": "Grants permission to disassociate a custom domain name from an AWS App Runner service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DisassociateCustomDomain.html" - }, - "DisassociateWebAcl": { - "privilege": "DisassociateWebAcl", - "description": "Grants permission to disassociate the service with an AWS WAF web ACL", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}waf-manage.html" - }, - "ListAssociatedServicesForWebAcl": { - "privilege": "ListAssociatedServicesForWebAcl", - "description": "Grants permission to list the services that are associated with an AWS WAF web ACL", - "access_level": "List", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}waf-manage.html" - }, - "ListAutoScalingConfigurations": { - "privilege": "ListAutoScalingConfigurations", - "description": "Grants permission to retrieve a list of AWS App Runner automatic scaling configurations in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListAutoScalingConfigurations.html" - }, - "ListConnections": { - "privilege": "ListConnections", - "description": "Grants permission to retrieve a list of AWS App Runner connections in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListConnections.html" - }, - "ListObservabilityConfigurations": { - "privilege": "ListObservabilityConfigurations", - "description": "Grants permission to retrieve a list of AWS App Runner observability configurations in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListObservabilityConfigurations.html" - }, - "ListOperations": { - "privilege": "ListOperations", - "description": "Grants permission to retrieve a list of operations that occurred on an AWS App Runner service resource", - "access_level": "List", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListOperations.html" - }, - "ListServices": { - "privilege": "ListServices", - "description": "Grants permission to retrieve a list of running AWS App Runner services in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListServices.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags associated with an AWS App Runner resource", - "access_level": "Read", - "resource_types": { - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcconnector": { - "resource_type": "vpcconnector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListTagsForResource.html" - }, - "ListVpcConnectors": { - "privilege": "ListVpcConnectors", - "description": "Grants permission to retrieve a list of AWS App Runner VPC connectors in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListVpcConnectors.html" - }, - "ListVpcIngressConnections": { - "privilege": "ListVpcIngressConnections", - "description": "Grants permission to retrieve a list of AWS App Runner VpcIngressConnections in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListVpcConnections.html" - }, - "PauseService": { - "privilege": "PauseService", - "description": "Grants permission to pause an active AWS App Runner service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_PauseService.html" - }, - "ResumeService": { - "privilege": "ResumeService", - "description": "Grants permission to resume an active AWS App Runner service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ResumeService.html" - }, - "StartDeployment": { - "privilege": "StartDeployment", - "description": "Grants permission to initiate a manual deployemnt to an AWS App Runner service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_StartDeployment.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to, or update tag values of, an AWS App Runner resource", - "access_level": "Tagging", - "resource_types": { - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcconnector": { - "resource_type": "vpcconnector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcingressconnection": { - "resource_type": "vpcingressconnection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from an AWS App Runner resource", - "access_level": "Tagging", - "resource_types": { - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcconnector": { - "resource_type": "vpcconnector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcingressconnection": { - "resource_type": "vpcingressconnection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_UntagResource.html" - }, - "UpdateService": { - "privilege": "UpdateService", - "description": "Grants permission to update an AWS App Runner service resource", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "autoscalingconfiguration": { - "resource_type": "autoscalingconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "observabilityconfiguration": { - "resource_type": "observabilityconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpcconnector": { - "resource_type": "vpcconnector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "apprunner:ConnectionArn", - "apprunner:AutoScalingConfigurationArn", - "apprunner:ObservabilityConfigurationArn", - "apprunner:VpcConnectorArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_UpdateService.html" - }, - "UpdateVpcIngressConnection": { - "privilege": "UpdateVpcIngressConnection", - "description": "Grants permission to update an AWS App Runner VpcIngressConnection resource", - "access_level": "Write", - "resource_types": { - "vpcingressconnection": { - "resource_type": "vpcingressconnection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "apprunner:VpcId", - "apprunner:VpcEndpointId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_UpdateVpcIngressConnection.html" - } - }, - "resources": { - "service": { - "resource": "service", - "arn": "arn:${Partition}:apprunner:${Region}:${Account}:service/${ServiceName}/${ServiceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "connection": { - "resource": "connection", - "arn": "arn:${Partition}:apprunner:${Region}:${Account}:connection/${ConnectionName}/${ConnectionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "autoscalingconfiguration": { - "resource": "autoscalingconfiguration", - "arn": "arn:${Partition}:apprunner:${Region}:${Account}:autoscalingconfiguration/${AutoscalingConfigurationName}/${AutoscalingConfigurationVersion}/${AutoscalingConfigurationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "observabilityconfiguration": { - "resource": "observabilityconfiguration", - "arn": "arn:${Partition}:apprunner:${Region}:${Account}:observabilityconfiguration/${ObservabilityConfigurationName}/${ObservabilityConfigurationVersion}/${ObservabilityConfigurationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vpcconnector": { - "resource": "vpcconnector", - "arn": "arn:${Partition}:apprunner:${Region}:${Account}:vpcconnector/${VpcConnectorName}/${VpcConnectorVersion}/${VpcConnectorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vpcingressconnection": { - "resource": "vpcingressconnection", - "arn": "arn:${Partition}:apprunner:${Region}:${Account}:vpcingressconnection/${VpcIngressConnectionName}/${VpcIngressConnectionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "webacl": { - "resource": "webacl", - "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/webacl/${Name}/${Id}", - "condition_keys": [] - } - }, - "conditions": { - "apprunner:AutoScalingConfigurationArn": { - "condition": "apprunner:AutoScalingConfigurationArn", - "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated AutoScalingConfiguration resource", - "type": "ARN" - }, - "apprunner:ConnectionArn": { - "condition": "apprunner:ConnectionArn", - "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated Connection resource", - "type": "ARN" - }, - "apprunner:ObservabilityConfigurationArn": { - "condition": "apprunner:ObservabilityConfigurationArn", - "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated ObservabilityConfiguration resource", - "type": "ARN" - }, - "apprunner:ServiceArn": { - "condition": "apprunner:ServiceArn", - "description": "Filters access by the CreateVpcIngressConnection action based on the ARN of an associated Service resource", - "type": "ARN" - }, - "apprunner:VpcConnectorArn": { - "condition": "apprunner:VpcConnectorArn", - "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated VpcConnector resource", - "type": "ARN" - }, - "apprunner:VpcEndpointId": { - "condition": "apprunner:VpcEndpointId", - "description": "Filters access by the CreateVpcIngressConnection and UpdateVpcIngressConnection actions based on the VPC Endpoint in the request", - "type": "String" - }, - "apprunner:VpcId": { - "condition": "apprunner:VpcId", - "description": "Filters access by the CreateVpcIngressConnection and UpdateVpcIngressConnection actions based on the VPC in the request", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "appsync": { - "service_name": "AWS AppSync", - "prefix": "appsync", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappsync.html", - "privileges": { - "AssociateApi": { - "privilege": "AssociateApi", - "description": "Grants permission to attach a GraphQL API to a custom domain name in AppSync", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_AssociateApi.html" - }, - "AssociateMergedGraphqlApi": { - "privilege": "AssociateMergedGraphqlApi", - "description": "Grants permission to associate a merged API to a source API", - "access_level": "Write", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_AssociateMergedGraphqlApi.html" - }, - "AssociateSourceGraphqlApi": { - "privilege": "AssociateSourceGraphqlApi", - "description": "Grants permission to associate a source API to a merged API", - "access_level": "Write", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_AssociateSourceGraphqlApi.html" - }, - "CreateApiCache": { - "privilege": "CreateApiCache", - "description": "Grants permission to create an API cache in AppSync", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateApiCache.html" - }, - "CreateApiKey": { - "privilege": "CreateApiKey", - "description": "Grants permission to create a unique key that you can distribute to clients who are executing your API", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateApiKey.html" - }, - "CreateDataSource": { - "privilege": "CreateDataSource", - "description": "Grants permission to create a data source", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateDataSource.html" - }, - "CreateDomainName": { - "privilege": "CreateDomainName", - "description": "Grants permission to create a custom domain name in AppSync", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateDomainName.html" - }, - "CreateFunction": { - "privilege": "CreateFunction", - "description": "Grants permission to create a new function", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateFunction.html" - }, - "CreateGraphqlApi": { - "privilege": "CreateGraphqlApi", - "description": "Grants permission to create a GraphQL API, which is the top level AppSync resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "appsync:Visibility" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateGraphqlApi.html" - }, - "CreateResolver": { - "privilege": "CreateResolver", - "description": "Grants permission to create a resolver. A resolver converts incoming requests into a format that a data source can understand, and converts the data source's responses into GraphQL", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateResolver.html" - }, - "CreateType": { - "privilege": "CreateType", - "description": "Grants permission to create a type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateType.html" - }, - "DeleteApiCache": { - "privilege": "DeleteApiCache", - "description": "Grants permission to delete an API cache in AppSync", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteApiCache.html" - }, - "DeleteApiKey": { - "privilege": "DeleteApiKey", - "description": "Grants permission to delete an API key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteApiKey.html" - }, - "DeleteDataSource": { - "privilege": "DeleteDataSource", - "description": "Grants permission to delete a data source", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteDataSource.html" - }, - "DeleteDomainName": { - "privilege": "DeleteDomainName", - "description": "Grants permission to delete a custom domain name in AppSync", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteDomainName.html" - }, - "DeleteFunction": { - "privilege": "DeleteFunction", - "description": "Grants permission to delete a function", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteFunction.html" - }, - "DeleteGraphqlApi": { - "privilege": "DeleteGraphqlApi", - "description": "Grants permission to delete a GraphQL Api. This will also clean up every AppSync resource below that API", - "access_level": "Write", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteGraphqlApi.html" - }, - "DeleteResolver": { - "privilege": "DeleteResolver", - "description": "Grants permission to delete a resolver", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteResolver.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to remove a resource policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/merge-api.html" - }, - "DeleteType": { - "privilege": "DeleteType", - "description": "Grants permission to delete a type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteType.html" - }, - "DisassociateApi": { - "privilege": "DisassociateApi", - "description": "Grants permission to detach a GraphQL API to a custom domain name in AppSync", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DisassociateApi.html" - }, - "DisassociateMergedGraphqlApi": { - "privilege": "DisassociateMergedGraphqlApi", - "description": "Grants permission to remove an associated source API from a merged API identified by the source API", - "access_level": "Write", - "resource_types": { - "mergedApiAssociation": { - "resource_type": "mergedApiAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DisassociateMergedGraphqlApi.html" - }, - "DisassociateSourceGraphqlApi": { - "privilege": "DisassociateSourceGraphqlApi", - "description": "Grants permission to remove an associated source API from a merged API identified by the merged API", - "access_level": "Write", - "resource_types": { - "sourceApiAssociation": { - "resource_type": "sourceApiAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DisassociateSourceGraphqlApi.html" - }, - "EvaluateCode": { - "privilege": "EvaluateCode", - "description": "Grants permission to evaluate code with a runtime and context", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_EvaluateCode.html" - }, - "EvaluateMappingTemplate": { - "privilege": "EvaluateMappingTemplate", - "description": "Grants permission to evaluate template mapping", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_EvaluateMappingTemplate.html" - }, - "FlushApiCache": { - "privilege": "FlushApiCache", - "description": "Grants permission to flush an API cache in AppSync", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_FlushApiCache.html" - }, - "GetApiAssociation": { - "privilege": "GetApiAssociation", - "description": "Grants permission to read custom domain name - GraphQL API association details in AppSync", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetApiAssociation.html" - }, - "GetApiCache": { - "privilege": "GetApiCache", - "description": "Grants permission to read information about an API cache in AppSync", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetApiCache.html" - }, - "GetDataSource": { - "privilege": "GetDataSource", - "description": "Grants permission to retrieve a data source", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetDataSource.html" - }, - "GetDomainName": { - "privilege": "GetDomainName", - "description": "Grants permission to read information about a custom domain name in AppSync", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetDomainName.html" - }, - "GetFunction": { - "privilege": "GetFunction", - "description": "Grants permission to retrieve a function", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetFunction.html" - }, - "GetGraphqlApi": { - "privilege": "GetGraphqlApi", - "description": "Grants permission to retrieve a GraphQL API", - "access_level": "Read", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetGraphqlApi.html" - }, - "GetIntrospectionSchema": { - "privilege": "GetIntrospectionSchema", - "description": "Grants permission to retrieve the introspection schema for a GraphQL API", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetIntrospectionSchema.html" - }, - "GetResolver": { - "privilege": "GetResolver", - "description": "Grants permission to retrieve a resolver", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetResolver.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to read a resource policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/merge-api.html" - }, - "GetSchemaCreationStatus": { - "privilege": "GetSchemaCreationStatus", - "description": "Grants permission to retrieve the current status of a schema creation operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetSchemaCreationStatus.html" - }, - "GetSourceApiAssociation": { - "privilege": "GetSourceApiAssociation", - "description": "Grants permission to read information about a merged API associated source API", - "access_level": "Read", - "resource_types": { - "sourceApiAssociation": { - "resource_type": "sourceApiAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetSourceApiAssociation.html" - }, - "GetType": { - "privilege": "GetType", - "description": "Grants permission to retrieve a type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetType.html" - }, - "GraphQL": { - "privilege": "GraphQL", - "description": "Grants permission to send a GraphQL query to a GraphQL API", - "access_level": "Write", - "resource_types": { - "field": { - "resource_type": "field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "graphqlapi": { - "resource_type": "graphqlapi", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/using-your-api.html" - }, - "ListApiKeys": { - "privilege": "ListApiKeys", - "description": "Grants permission to list the API keys for a given API", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListApiKeys.html" - }, - "ListDataSources": { - "privilege": "ListDataSources", - "description": "Grants permission to list the data sources for a given API", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListDataSources.html" - }, - "ListDomainNames": { - "privilege": "ListDomainNames", - "description": "Grants permission to enumerate custom domain names in AppSync", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListDomainNames.html" - }, - "ListFunctions": { - "privilege": "ListFunctions", - "description": "Grants permission to list the functions for a given API", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListFunctions.html" - }, - "ListGraphqlApis": { - "privilege": "ListGraphqlApis", - "description": "Grants permission to list GraphQL APIs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListGraphqlApis.html" - }, - "ListResolvers": { - "privilege": "ListResolvers", - "description": "Grants permission to list the resolvers for a given API and type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListResolvers.html" - }, - "ListResolversByFunction": { - "privilege": "ListResolversByFunction", - "description": "Grants permission to list the resolvers that are associated with a specific function", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListResolversByFunction.html" - }, - "ListSourceApiAssociations": { - "privilege": "ListSourceApiAssociations", - "description": "Grants permission to list source APIs associated to a given merged API", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListSourceApiAssociations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTypes": { - "privilege": "ListTypes", - "description": "Grants permission to list the types for a given API", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListTypes.html" - }, - "ListTypesByAssociation": { - "privilege": "ListTypesByAssociation", - "description": "Grants permission to list the types for a given merged API and source API association", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListTypesByAssociation.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to set a resource policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/merge-api.html" - }, - "SetWebACL": { - "privilege": "SetWebACL", - "description": "Grants permission to set a web ACL", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_SetWebACL.html" - }, - "SourceGraphQL": { - "privilege": "SourceGraphQL", - "description": "Grants permission to send a GraphQL query to a source API of a merged API", - "access_level": "Write", - "resource_types": { - "field": { - "resource_type": "field", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "graphqlapi": { - "resource_type": "graphqlapi", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/using-your-api.html" - }, - "StartSchemaCreation": { - "privilege": "StartSchemaCreation", - "description": "Grants permission to add a new schema to your GraphQL API. This operation is asynchronous - GetSchemaCreationStatus can show when it has completed", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_StartSchemaCreation.html" - }, - "StartSchemaMerge": { - "privilege": "StartSchemaMerge", - "description": "Grants permission to initiate a schema merge for a given merged API and associated source API", - "access_level": "Write", - "resource_types": { - "sourceApiAssociation": { - "resource_type": "sourceApiAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_StartSchemaMerge.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UntagResource.html" - }, - "UpdateApiCache": { - "privilege": "UpdateApiCache", - "description": "Grants permission to update an API cache in AppSync", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateApiCache.html" - }, - "UpdateApiKey": { - "privilege": "UpdateApiKey", - "description": "Grants permission to update an API key for a given API", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateApiKey.html" - }, - "UpdateDataSource": { - "privilege": "UpdateDataSource", - "description": "Grants permission to update a data source", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateDataSource.html" - }, - "UpdateDomainName": { - "privilege": "UpdateDomainName", - "description": "Grants permission to update a custom domain name in AppSync", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateDomainName.html" - }, - "UpdateFunction": { - "privilege": "UpdateFunction", - "description": "Grants permission to update an existing function", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateFunction.html" - }, - "UpdateGraphqlApi": { - "privilege": "UpdateGraphqlApi", - "description": "Grants permission to update a GraphQL API", - "access_level": "Write", - "resource_types": { - "graphqlapi": { - "resource_type": "graphqlapi", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateGraphqlApi.html" - }, - "UpdateResolver": { - "privilege": "UpdateResolver", - "description": "Grants permission to update a resolver", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateResolver.html" - }, - "UpdateSourceApiAssociation": { - "privilege": "UpdateSourceApiAssociation", - "description": "Grants permission to update a merged API source API association", - "access_level": "Write", - "resource_types": { - "sourceApiAssociation": { - "resource_type": "sourceApiAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateSourceApiAssociation.html" - }, - "UpdateType": { - "privilege": "UpdateType", - "description": "Grants permission to update a type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateType.html" - } - }, - "resources": { - "datasource": { - "resource": "datasource", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/datasources/${DatasourceName}", - "condition_keys": [] - }, - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:domainnames/${DomainName}", - "condition_keys": [] - }, - "graphqlapi": { - "resource": "graphqlapi", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "field": { - "resource": "field", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/types/${TypeName}/fields/${FieldName}", - "condition_keys": [] - }, - "type": { - "resource": "type", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/types/${TypeName}", - "condition_keys": [] - }, - "function": { - "resource": "function", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/functions/${FunctionId}", - "condition_keys": [] - }, - "sourceApiAssociation": { - "resource": "sourceApiAssociation", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${MergedGraphQLAPIId}/sourceApiAssociations/${Associationid}", - "condition_keys": [] - }, - "mergedApiAssociation": { - "resource": "mergedApiAssociation", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${SourceGraphQLAPIId}/mergedApiAssociations/${Associationid}", - "condition_keys": [] - } - }, - "conditions": { - "appsync:Visibility": { - "condition": "appsync:Visibility", - "description": "Filters access by the visibility of an API", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "artifact": { - "service_name": "AWS Artifact", - "prefix": "artifact", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsartifact.html", - "privileges": { - "AcceptAgreement": { - "privilege": "AcceptAgreement", - "description": "Grants permission to accept an AWS agreement that has not yet been accepted by the customer account", - "access_level": "Write", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/managing-agreements.html" - }, - "DownloadAgreement": { - "privilege": "DownloadAgreement", - "description": "Grants permission to download an AWS agreement that has not yet been accepted or a customer agreement that has been accepted by the customer account", - "access_level": "Read", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customer-agreement": { - "resource_type": "customer-agreement", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/managing-agreements.html" - }, - "Get": { - "privilege": "Get", - "description": "Grants permission to download an AWS compliance report package", - "access_level": "Read", - "resource_types": { - "report-package": { - "resource_type": "report-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" - }, - "GetReport": { - "privilege": "GetReport", - "description": "Grants permission to download a report", - "access_level": "Read", - "resource_types": { - "report": { - "resource_type": "report", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" - }, - "GetReportMetadata": { - "privilege": "GetReportMetadata", - "description": "Grants permission to download metadata associated with a report", - "access_level": "Read", - "resource_types": { - "report": { - "resource_type": "report", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" - }, - "GetTermForReport": { - "privilege": "GetTermForReport", - "description": "Grants permission to download a term associated with a report", - "access_level": "Read", - "resource_types": { - "report": { - "resource_type": "report", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" - }, - "ListReports": { - "privilege": "ListReports", - "description": "Grants permission to list reports in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" - }, - "TerminateAgreement": { - "privilege": "TerminateAgreement", - "description": "Grants permission to terminate a customer agreement that was previously accepted by the customer account", - "access_level": "Write", - "resource_types": { - "customer-agreement": { - "resource_type": "customer-agreement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/managing-agreements.html" - } - }, - "resources": { - "report-package": { - "resource": "report-package", - "arn": "arn:${Partition}:artifact:::report-package/*", - "condition_keys": [] - }, - "customer-agreement": { - "resource": "customer-agreement", - "arn": "arn:${Partition}:artifact::${Account}:customer-agreement/*", - "condition_keys": [] - }, - "agreement": { - "resource": "agreement", - "arn": "arn:${Partition}:artifact:::agreement/*", - "condition_keys": [] - }, - "report": { - "resource": "report", - "arn": "arn:${Partition}:artifact:${Region}::report/*", - "condition_keys": [] - } - }, - "conditions": {} - }, - "auditmanager": { - "service_name": "AWS Audit Manager", - "prefix": "auditmanager", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsauditmanager.html", - "privileges": { - "AssociateAssessmentReportEvidenceFolder": { - "privilege": "AssociateAssessmentReportEvidenceFolder", - "description": "Grants permission to associate an evidence folder with an assessment report in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_AssociateAssessmentReportEvidenceFolder.html" - }, - "BatchAssociateAssessmentReportEvidence": { - "privilege": "BatchAssociateAssessmentReportEvidence", - "description": "Grants permission to associate a list of evidence to an assessment report in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchAssociateAssessmentReportEvidence.html" - }, - "BatchCreateDelegationByAssessment": { - "privilege": "BatchCreateDelegationByAssessment", - "description": "Grants permission to create delegations for an assessment in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchCreateDelegationByAssessment.html" - }, - "BatchDeleteDelegationByAssessment": { - "privilege": "BatchDeleteDelegationByAssessment", - "description": "Grants permission to delete delegations for an assessment in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchDeleteDelegationByAssessment.html" - }, - "BatchDisassociateAssessmentReportEvidence": { - "privilege": "BatchDisassociateAssessmentReportEvidence", - "description": "Grants permission to disassociate a list of evidence from an assessment report in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchDisassociateAssessmentReportEvidence.html" - }, - "BatchImportEvidenceToAssessmentControl": { - "privilege": "BatchImportEvidenceToAssessmentControl", - "description": "Grants permission to import a list of evidence to an assessment control in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessmentControlSet": { - "resource_type": "assessmentControlSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchImportEvidenceToAssessmentControl.html" - }, - "CreateAssessment": { - "privilege": "CreateAssessment", - "description": "Grants permission to create an assessment to be used with AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessment.html" - }, - "CreateAssessmentFramework": { - "privilege": "CreateAssessmentFramework", - "description": "Grants permission to create a framework for use in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessmentFramework.html" - }, - "CreateAssessmentReport": { - "privilege": "CreateAssessmentReport", - "description": "Grants permission to create an assessment report in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessmentReport.html" - }, - "CreateControl": { - "privilege": "CreateControl", - "description": "Grants permission to create a control to be used in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateControl.html" - }, - "DeleteAssessment": { - "privilege": "DeleteAssessment", - "description": "Grants permission to delete an assessment in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html" - }, - "DeleteAssessmentFramework": { - "privilege": "DeleteAssessmentFramework", - "description": "Grants permission to delete an assessment framework in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessmentFramework": { - "resource_type": "assessmentFramework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html" - }, - "DeleteAssessmentFrameworkShare": { - "privilege": "DeleteAssessmentFrameworkShare", - "description": "Grants permission to delete a share request for a custom framework in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html" - }, - "DeleteAssessmentReport": { - "privilege": "DeleteAssessmentReport", - "description": "Grants permission to delete an assessment report in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html" - }, - "DeleteControl": { - "privilege": "DeleteControl", - "description": "Grants permission to delete a control in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "control": { - "resource_type": "control", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html" - }, - "DeregisterAccount": { - "privilege": "DeregisterAccount", - "description": "Grants permission to deregister an account in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ DeregisterAccount.html" - }, - "DeregisterOrganizationAdminAccount": { - "privilege": "DeregisterOrganizationAdminAccount", - "description": "Grants permission to deregister the delegated administrator account for AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterOrganizationAdminAccount.html" - }, - "DisassociateAssessmentReportEvidenceFolder": { - "privilege": "DisassociateAssessmentReportEvidenceFolder", - "description": "Grants permission to disassociate an evidence folder from an assessment report in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DisassociateAssessmentReportEvidenceFolder.html" - }, - "GetAccountStatus": { - "privilege": "GetAccountStatus", - "description": "Grants permission to get the status of an account in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAccountStatus.html" - }, - "GetAssessment": { - "privilege": "GetAssessment", - "description": "Grants permission to get an assessment created in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAssessment.html" - }, - "GetAssessmentFramework": { - "privilege": "GetAssessmentFramework", - "description": "Grants permission to get an assessment framework in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessmentFramework": { - "resource_type": "assessmentFramework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAssessmentFramework.html" - }, - "GetAssessmentReportUrl": { - "privilege": "GetAssessmentReportUrl", - "description": "Grants permission to get the URL for an assessment report in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAssessmentReportUrl.html" - }, - "GetChangeLogs": { - "privilege": "GetChangeLogs", - "description": "Grants permission to get changelogs for an assessment in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetChangeLogs.html" - }, - "GetControl": { - "privilege": "GetControl", - "description": "Grants permission to get a control in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "control": { - "resource_type": "control", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetControl.html" - }, - "GetDelegations": { - "privilege": "GetDelegations", - "description": "Grants permission to get all delegations in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetDelegations.html" - }, - "GetEvidence": { - "privilege": "GetEvidence", - "description": "Grants permission to get evidence from AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessmentControlSet": { - "resource_type": "assessmentControlSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidence.html" - }, - "GetEvidenceByEvidenceFolder": { - "privilege": "GetEvidenceByEvidenceFolder", - "description": "Grants permission to get all the evidence from an evidence folder in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessmentControlSet": { - "resource_type": "assessmentControlSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceByEvidenceFolder.html" - }, - "GetEvidenceFileUploadUrl": { - "privilege": "GetEvidenceFileUploadUrl", - "description": "Grants permission to get a presigned Amazon S3 URL that can be used to upload a file as manual evidence", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFileUploadUrl.html" - }, - "GetEvidenceFolder": { - "privilege": "GetEvidenceFolder", - "description": "Grants permission to get the evidence folder from AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessmentControlSet": { - "resource_type": "assessmentControlSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFolder.html" - }, - "GetEvidenceFoldersByAssessment": { - "privilege": "GetEvidenceFoldersByAssessment", - "description": "Grants permission to get the evidence folders from an assessment in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFoldersByAssessment.html" - }, - "GetEvidenceFoldersByAssessmentControl": { - "privilege": "GetEvidenceFoldersByAssessmentControl", - "description": "Grants permission to get the evidence folders from an assessment control in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "assessmentControlSet": { - "resource_type": "assessmentControlSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFoldersByAssessmentControl.html" - }, - "GetInsights": { - "privilege": "GetInsights", - "description": "Grants permission to get analytics data for all active assessments", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetInsights.html" - }, - "GetInsightsByAssessment": { - "privilege": "GetInsightsByAssessment", - "description": "Grants permission to get analytics data for a specific active assessment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetInsightsByAssessment.html" - }, - "GetOrganizationAdminAccount": { - "privilege": "GetOrganizationAdminAccount", - "description": "Grants permission to get the delegated administrator account in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetOrganizationAdminAccount.html" - }, - "GetServicesInScope": { - "privilege": "GetServicesInScope", - "description": "Grants permission to get the services in scope for an assessment in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetServicesInScope.html" - }, - "GetSettings": { - "privilege": "GetSettings", - "description": "Grants permission to get all settings configured in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetSettings.html" - }, - "ListAssessmentControlInsightsByControlDomain": { - "privilege": "ListAssessmentControlInsightsByControlDomain", - "description": "Grants permission to list analytics data for controls in a specific control domain and active assessment", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentControlInsightsByControlDomain.html" - }, - "ListAssessmentFrameworkShareRequests": { - "privilege": "ListAssessmentFrameworkShareRequests", - "description": "Grants permission to list all sent or received share requests for custom frameworks in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentFrameworkShareRequests.html" - }, - "ListAssessmentFrameworks": { - "privilege": "ListAssessmentFrameworks", - "description": "Grants permission to list all assessment frameworks in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentFrameworks.html" - }, - "ListAssessmentReports": { - "privilege": "ListAssessmentReports", - "description": "Grants permission to list all assessment reports in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentReports.html" - }, - "ListAssessments": { - "privilege": "ListAssessments", - "description": "Grants permission to list all assessments in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessments.html" - }, - "ListControlDomainInsights": { - "privilege": "ListControlDomainInsights", - "description": "Grants permission to list analytics data for control domains across all active assessments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControlDomainInsights.html" - }, - "ListControlDomainInsightsByAssessment": { - "privilege": "ListControlDomainInsightsByAssessment", - "description": "Grants permission to list analytics data for control domains in a specific active assessment", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControlDomainInsightsByAssessment.html" - }, - "ListControlInsightsByControlDomain": { - "privilege": "ListControlInsightsByControlDomain", - "description": "Grants permission to list analytics data for controls in a specific control domain across all active assessments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControlInsightsByControlDomain.html" - }, - "ListControls": { - "privilege": "ListControls", - "description": "Grants permission to list all controls in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControls.html" - }, - "ListKeywordsForDataSource": { - "privilege": "ListKeywordsForDataSource", - "description": "Grants permission to list all the data source keywords in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListKeywordsForDataSource.html" - }, - "ListNotifications": { - "privilege": "ListNotifications", - "description": "Grants permission to list all notifications in AWS Audit Manager", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListNotifications.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS Audit Manager resource", - "access_level": "Read", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "control": { - "resource_type": "control", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListTagsForResource.html" - }, - "RegisterAccount": { - "privilege": "RegisterAccount", - "description": "Grants permission to register an account in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html" - }, - "RegisterOrganizationAdminAccount": { - "privilege": "RegisterOrganizationAdminAccount", - "description": "Grants permission to register an account within the organization as the delegated administrator for AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterOrganizationAdminAccount.html" - }, - "StartAssessmentFrameworkShare": { - "privilege": "StartAssessmentFrameworkShare", - "description": "Grants permission to create a share request for a custom framework in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessmentFramework": { - "resource_type": "assessmentFramework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_StartAssessmentFrameworkShare.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS Audit Manager resource", - "access_level": "Tagging", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "control": { - "resource_type": "control", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an AWS Audit Manager resource", - "access_level": "Tagging", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "control": { - "resource_type": "control", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UntagResource.html" - }, - "UpdateAssessment": { - "privilege": "UpdateAssessment", - "description": "Grants permission to update an assessment in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessment.html" - }, - "UpdateAssessmentControl": { - "privilege": "UpdateAssessmentControl", - "description": "Grants permission to update an assessment control in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessmentControlSet": { - "resource_type": "assessmentControlSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentControl.html" - }, - "UpdateAssessmentControlSetStatus": { - "privilege": "UpdateAssessmentControlSetStatus", - "description": "Grants permission to update the status of an assessment control set in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessmentControlSet": { - "resource_type": "assessmentControlSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentControlSetStatus.html" - }, - "UpdateAssessmentFramework": { - "privilege": "UpdateAssessmentFramework", - "description": "Grants permission to update an assessment framework in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessmentFramework": { - "resource_type": "assessmentFramework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentFramework.html" - }, - "UpdateAssessmentFrameworkShare": { - "privilege": "UpdateAssessmentFrameworkShare", - "description": "Grants permission to update a share request for a custom framework in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentFrameworkShare.html" - }, - "UpdateAssessmentStatus": { - "privilege": "UpdateAssessmentStatus", - "description": "Grants permission to update the status of an assessment in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "assessment": { - "resource_type": "assessment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentStatus.html" - }, - "UpdateControl": { - "privilege": "UpdateControl", - "description": "Grants permission to update a control in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "control": { - "resource_type": "control", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateControl.html" - }, - "UpdateSettings": { - "privilege": "UpdateSettings", - "description": "Grants permission to update settings in AWS Audit Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateSettings.html" - }, - "ValidateAssessmentReportIntegrity": { - "privilege": "ValidateAssessmentReportIntegrity", - "description": "Grants permission to validate the integrity of an assessment report in AWS Audit Manager", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ValidateAssessmentReportIntegrity.html" - } - }, - "resources": { - "assessment": { - "resource": "assessment", - "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:assessment/${AssessmentId}", - "condition_keys": [] - }, - "assessmentFramework": { - "resource": "assessmentFramework", - "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:assessmentFramework/${AssessmentFrameworkId}", - "condition_keys": [] - }, - "assessmentControlSet": { - "resource": "assessmentControlSet", - "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:assessment/${AssessmentId}/controlSet/${ControlSetId}", - "condition_keys": [] - }, - "control": { - "resource": "control", - "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:control/${ControlId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "autoscaling-plans": { - "service_name": "AWS Auto Scaling", - "prefix": "autoscaling-plans", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsautoscaling.html", - "privileges": { - "CreateScalingPlan": { - "privilege": "CreateScalingPlan", - "description": "Creates a scaling plan.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CreateScalingPlan.html" - }, - "DeleteScalingPlan": { - "privilege": "DeleteScalingPlan", - "description": "Deletes the specified scaling plan.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_DeleteScalingPlan.html" - }, - "DescribeScalingPlanResources": { - "privilege": "DescribeScalingPlanResources", - "description": "Describes the scalable resources in the specified scaling plan.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_DescribeScalingPlanResources.html" - }, - "DescribeScalingPlans": { - "privilege": "DescribeScalingPlans", - "description": "Describes the specified scaling plans or all of your scaling plans.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_DescribeScalingPlans.html" - }, - "GetScalingPlanResourceForecastData": { - "privilege": "GetScalingPlanResourceForecastData", - "description": "Retrieves the forecast data for a scalable resource.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_GetScalingPlanResourceForecastData.html" - }, - "UpdateScalingPlan": { - "privilege": "UpdateScalingPlan", - "description": "Updates a scaling plan.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_UpdateScalingPlan.html" - } - }, - "resources": {}, - "conditions": {} - }, - "backup": { - "service_name": "AWS Backup", - "prefix": "backup", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackup.html", - "privileges": { - "CancelLegalHold": { - "privilege": "CancelLegalHold", - "description": "Grants permission to cancel a legal hold", - "access_level": "Write", - "resource_types": { - "legalHold": { - "resource_type": "legalHold", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CancelLegalHold.html" - }, - "CopyFromBackupVault": { - "privilege": "CopyFromBackupVault", - "description": "Grants permission to copy from a backup vault", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "backup:CopyTargets", - "backup:CopyTargetOrgPaths" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartCopyJob.html" - }, - "CopyIntoBackupVault": { - "privilege": "CopyIntoBackupVault", - "description": "Grants permission to copy into a backup vault", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartCopyJob.html" - }, - "CreateBackupPlan": { - "privilege": "CreateBackupPlan", - "description": "Grants permission to create a new backup plan", - "access_level": "Write", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupPlan.html" - }, - "CreateBackupSelection": { - "privilege": "CreateBackupSelection", - "description": "Grants permission to create a new resource assignment in a backup plan", - "access_level": "Write", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupSelection.html" - }, - "CreateBackupVault": { - "privilege": "CreateBackupVault", - "description": "Grants permission to create a new backup vault", - "access_level": "Write", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupVault.html" - }, - "CreateFramework": { - "privilege": "CreateFramework", - "description": "Grants permission to create a new framework", - "access_level": "Write", - "resource_types": { - "framework": { - "resource_type": "framework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateFramework.html" - }, - "CreateLegalHold": { - "privilege": "CreateLegalHold", - "description": "Grants permission to create a new legal hold", - "access_level": "Write", - "resource_types": { - "legalHold": { - "resource_type": "legalHold", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateLegalHold.html" - }, - "CreateReportPlan": { - "privilege": "CreateReportPlan", - "description": "Grants permission to create a new report plan", - "access_level": "Write", - "resource_types": { - "reportPlan": { - "resource_type": "reportPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "backup:FrameworkArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateReportPlan.html" - }, - "DeleteBackupPlan": { - "privilege": "DeleteBackupPlan", - "description": "Grants permission to delete a backup plan", - "access_level": "Write", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupPlan.html" - }, - "DeleteBackupSelection": { - "privilege": "DeleteBackupSelection", - "description": "Grants permission to delete a resource assignment from a backup plan", - "access_level": "Write", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupSelection.html" - }, - "DeleteBackupVault": { - "privilege": "DeleteBackupVault", - "description": "Grants permission to delete a backup vault", - "access_level": "Write", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVault.html" - }, - "DeleteBackupVaultAccessPolicy": { - "privilege": "DeleteBackupVaultAccessPolicy", - "description": "Grants permission to delete backup vault access policy", - "access_level": "Permissions management", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVaultAccessPolicy.html" - }, - "DeleteBackupVaultLockConfiguration": { - "privilege": "DeleteBackupVaultLockConfiguration", - "description": "Grants permission to remove the lock configuration from a backup vault", - "access_level": "Write", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVaultLockConfiguration.html" - }, - "DeleteBackupVaultNotifications": { - "privilege": "DeleteBackupVaultNotifications", - "description": "Grants permission to remove the notifications from a backup vault", - "access_level": "Write", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVaultNotifications.html" - }, - "DeleteFramework": { - "privilege": "DeleteFramework", - "description": "Grants permission to delete a framework", - "access_level": "Write", - "resource_types": { - "framework": { - "resource_type": "framework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteFramework.html" - }, - "DeleteRecoveryPoint": { - "privilege": "DeleteRecoveryPoint", - "description": "Grants permission to delete a recovery point from a backup vault", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteRecoveryPoint.html" - }, - "DeleteReportPlan": { - "privilege": "DeleteReportPlan", - "description": "Grants permission to delete a report plan", - "access_level": "Write", - "resource_types": { - "reportPlan": { - "resource_type": "reportPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteReportPlan.html" - }, - "DescribeBackupJob": { - "privilege": "DescribeBackupJob", - "description": "Grants permission to describe a backup job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeBackupJob.html" - }, - "DescribeBackupVault": { - "privilege": "DescribeBackupVault", - "description": "Grants permission to describe a new backup vault with the specified name", - "access_level": "Read", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeBackupVault.html" - }, - "DescribeCopyJob": { - "privilege": "DescribeCopyJob", - "description": "Grants permission to describe a copy job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeCopyJob.html" - }, - "DescribeFramework": { - "privilege": "DescribeFramework", - "description": "Grants permission to describe a framework with the specified name", - "access_level": "Read", - "resource_types": { - "framework": { - "resource_type": "framework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeFramework.html" - }, - "DescribeGlobalSettings": { - "privilege": "DescribeGlobalSettings", - "description": "Grants permission to describe global settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeGlobalSettings.html" - }, - "DescribeProtectedResource": { - "privilege": "DescribeProtectedResource", - "description": "Grants permission to describe a protected resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeProtectedResource.html" - }, - "DescribeRecoveryPoint": { - "privilege": "DescribeRecoveryPoint", - "description": "Grants permission to describe a recovery point", - "access_level": "Read", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeRecoveryPoint.html" - }, - "DescribeRegionSettings": { - "privilege": "DescribeRegionSettings", - "description": "Grants permission to describe region settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeRegionSettings.html" - }, - "DescribeReportJob": { - "privilege": "DescribeReportJob", - "description": "Grants permission to describe a report job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeReportJob.html" - }, - "DescribeReportPlan": { - "privilege": "DescribeReportPlan", - "description": "Grants permission to describe a report plan with the specified name", - "access_level": "Read", - "resource_types": { - "reportPlan": { - "resource_type": "reportPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeReportPlan.html" - }, - "DescribeRestoreJob": { - "privilege": "DescribeRestoreJob", - "description": "Grants permission to describe a restore job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeRestoreJob.html" - }, - "DisassociateRecoveryPoint": { - "privilege": "DisassociateRecoveryPoint", - "description": "Grants permission to disassociate a recovery point from a backup vault", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DisassociateRecoveryPoint.html" - }, - "DisassociateRecoveryPointFromParent": { - "privilege": "DisassociateRecoveryPointFromParent", - "description": "Grants permission to disassociate a recovery point from its parent", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DisassociateRecoveryPointFromParent.html" - }, - "ExportBackupPlanTemplate": { - "privilege": "ExportBackupPlanTemplate", - "description": "Grants permission to export a backup plan as a JSON", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ExportBackupPlanTemplate.html" - }, - "GetBackupPlan": { - "privilege": "GetBackupPlan", - "description": "Grants permission to get a backup plan", - "access_level": "Read", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupPlan.html" - }, - "GetBackupPlanFromJSON": { - "privilege": "GetBackupPlanFromJSON", - "description": "Grants permission to transform a JSON to a backup plan", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupPlanFromJSON.html" - }, - "GetBackupPlanFromTemplate": { - "privilege": "GetBackupPlanFromTemplate", - "description": "Grants permission to transform a template to a backup plan", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupPlanFromTemplate.html" - }, - "GetBackupSelection": { - "privilege": "GetBackupSelection", - "description": "Grants permission to get a backup plan resource assignment", - "access_level": "Read", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupSelection.html" - }, - "GetBackupVaultAccessPolicy": { - "privilege": "GetBackupVaultAccessPolicy", - "description": "Grants permission to get backup vault access policy", - "access_level": "Read", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupVaultAccessPolicy.html" - }, - "GetBackupVaultNotifications": { - "privilege": "GetBackupVaultNotifications", - "description": "Grants permission to get backup vault notifications", - "access_level": "Read", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupVaultNotifications.html" - }, - "GetLegalHold": { - "privilege": "GetLegalHold", - "description": "Grants permission to get a legal hold", - "access_level": "Read", - "resource_types": { - "legalHold": { - "resource_type": "legalHold", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetLegalHold.html" - }, - "GetRecoveryPointRestoreMetadata": { - "privilege": "GetRecoveryPointRestoreMetadata", - "description": "Grants permission to get recovery point restore metadata", - "access_level": "Read", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetRecoveryPointRestoreMetadata.html" - }, - "GetSupportedResourceTypes": { - "privilege": "GetSupportedResourceTypes", - "description": "Grants permission to get supported resource types", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetSupportedResourceTypes.html" - }, - "ListBackupJobs": { - "privilege": "ListBackupJobs", - "description": "Grants permission to list backup jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupJobs.html" - }, - "ListBackupPlanTemplates": { - "privilege": "ListBackupPlanTemplates", - "description": "Grants permission to list backup plan templates provided by AWS Backup", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupPlanTemplates.html" - }, - "ListBackupPlanVersions": { - "privilege": "ListBackupPlanVersions", - "description": "Grants permission to list backup plan versions", - "access_level": "List", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupPlanVersions.html" - }, - "ListBackupPlans": { - "privilege": "ListBackupPlans", - "description": "Grants permission to list backup plans", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupPlans.html" - }, - "ListBackupSelections": { - "privilege": "ListBackupSelections", - "description": "Grants permission to list resource assignments for a specific backup plan", - "access_level": "List", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupSelections.html" - }, - "ListBackupVaults": { - "privilege": "ListBackupVaults", - "description": "Grants permission to list backup vaults", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupVaults.html" - }, - "ListCopyJobs": { - "privilege": "ListCopyJobs", - "description": "Grants permission to list copy jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListCopyJobs.html" - }, - "ListFrameworks": { - "privilege": "ListFrameworks", - "description": "Grants permission to list frameworks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListFrameworks.html" - }, - "ListLegalHolds": { - "privilege": "ListLegalHolds", - "description": "Grants permission to list legal holds", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListLegalHolds.html" - }, - "ListProtectedResources": { - "privilege": "ListProtectedResources", - "description": "Grants permission to list protected resources by AWS Backup", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListProtectedResources.html" - }, - "ListRecoveryPointsByBackupVault": { - "privilege": "ListRecoveryPointsByBackupVault", - "description": "Grants permission to list recovery points inside a backup vault", - "access_level": "List", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRecoveryPointsByBackupVault.html" - }, - "ListRecoveryPointsByLegalHold": { - "privilege": "ListRecoveryPointsByLegalHold", - "description": "Grants permission to list recovery points by legal hold", - "access_level": "List", - "resource_types": { - "legalHold": { - "resource_type": "legalHold", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRecoveryPointsByLegalHold.html" - }, - "ListRecoveryPointsByResource": { - "privilege": "ListRecoveryPointsByResource", - "description": "Grants permission to list recovery points for a resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRecoveryPointsByResource.html" - }, - "ListReportJobs": { - "privilege": "ListReportJobs", - "description": "Grants permission to list report jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListReportJobs.html" - }, - "ListReportPlans": { - "privilege": "ListReportPlans", - "description": "Grants permission to list report plans", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListReportPlans.html" - }, - "ListRestoreJobs": { - "privilege": "ListRestoreJobs", - "description": "Grants permission to lists restore jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRestoreJobs.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "backupVault": { - "resource_type": "backupVault", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "framework": { - "resource_type": "framework", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "legalHold": { - "resource_type": "legalHold", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reportPlan": { - "resource_type": "reportPlan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListTags.html" - }, - "PutBackupVaultAccessPolicy": { - "privilege": "PutBackupVaultAccessPolicy", - "description": "Grants permission to add an access policy to the backup vault", - "access_level": "Permissions management", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultAccessPolicy.html" - }, - "PutBackupVaultLockConfiguration": { - "privilege": "PutBackupVaultLockConfiguration", - "description": "Grants permission to add a lock configuration to the backup vault", - "access_level": "Write", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "backup:ChangeableForDays" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultLockConfiguration.html" - }, - "PutBackupVaultNotifications": { - "privilege": "PutBackupVaultNotifications", - "description": "Grants permission to add an SNS topic to the backup vault", - "access_level": "Write", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html" - }, - "StartBackupJob": { - "privilege": "StartBackupJob", - "description": "Grants permission to start a new backup job", - "access_level": "Write", - "resource_types": { - "backupVault": { - "resource_type": "backupVault", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartBackupJob.html" - }, - "StartCopyJob": { - "privilege": "StartCopyJob", - "description": "Grants permission to copy a backup from a source backup vault to a destination backup vault", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartCopyJob.html" - }, - "StartReportJob": { - "privilege": "StartReportJob", - "description": "Grants permission to start a new report job", - "access_level": "Write", - "resource_types": { - "reportPlan": { - "resource_type": "reportPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartReportJob.html" - }, - "StartRestoreJob": { - "privilege": "StartRestoreJob", - "description": "Grants permission to start a new restore job", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartRestoreJob.html" - }, - "StopBackupJob": { - "privilege": "StopBackupJob", - "description": "Grants permission to stop a backup job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StopBackupJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "backupVault": { - "resource_type": "backupVault", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "framework": { - "resource_type": "framework", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "legalHold": { - "resource_type": "legalHold", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reportPlan": { - "resource_type": "reportPlan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "backupVault": { - "resource_type": "backupVault", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "framework": { - "resource_type": "framework", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "legalHold": { - "resource_type": "legalHold", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reportPlan": { - "resource_type": "reportPlan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UntagResource.html" - }, - "UpdateBackupPlan": { - "privilege": "UpdateBackupPlan", - "description": "Grants permission to update a backup plan", - "access_level": "Write", - "resource_types": { - "backupPlan": { - "resource_type": "backupPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateBackupPlan.html" - }, - "UpdateFramework": { - "privilege": "UpdateFramework", - "description": "Grants permission to update a framework", - "access_level": "Write", - "resource_types": { - "framework": { - "resource_type": "framework", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateFramework.html" - }, - "UpdateGlobalSettings": { - "privilege": "UpdateGlobalSettings", - "description": "Grants permission to update the current global settings for the AWS Account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateGlobalSettings.html" - }, - "UpdateRecoveryPointLifecycle": { - "privilege": "UpdateRecoveryPointLifecycle", - "description": "Grants permission to update the lifecycle of the recovery point", - "access_level": "Write", - "resource_types": { - "recoveryPoint": { - "resource_type": "recoveryPoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateRecoveryPointLifecycle.html" - }, - "UpdateRegionSettings": { - "privilege": "UpdateRegionSettings", - "description": "Grants permission to update the current service opt-in settings for the Region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateRegionSettings.html" - }, - "UpdateReportPlan": { - "privilege": "UpdateReportPlan", - "description": "Grants permission to update a report plan", - "access_level": "Write", - "resource_types": { - "reportPlan": { - "resource_type": "reportPlan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "backup:FrameworkArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateReportPlan.html" - } - }, - "resources": { - "backupVault": { - "resource": "backupVault", - "arn": "arn:${Partition}:backup:${Region}:${Account}:backup-vault:${BackupVaultName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "backupPlan": { - "resource": "backupPlan", - "arn": "arn:${Partition}:backup:${Region}:${Account}:backup-plan:${BackupPlanId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "recoveryPoint": { - "resource": "recoveryPoint", - "arn": "arn:${Partition}:${Vendor}:${Region}:*:${ResourceType}:${RecoveryPointId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "framework": { - "resource": "framework", - "arn": "arn:${Partition}:backup:${Region}:${Account}:framework:${FrameworkName}-${FrameworkId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "reportPlan": { - "resource": "reportPlan", - "arn": "arn:${Partition}:backup:${Region}:${Account}:report-plan:${ReportPlanName}-${ReportPlanId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "legalHold": { - "resource": "legalHold", - "arn": "arn:${Partition}:backup:${Region}:${Account}:legal-hold:${LegalHoldId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "backup:ChangeableForDays": { - "condition": "backup:ChangeableForDays", - "description": "Filters access by the value of the ChangeableForDays parameter", - "type": "Numeric" - }, - "backup:CopyTargetOrgPaths": { - "condition": "backup:CopyTargetOrgPaths", - "description": "Filters access by the organization unit", - "type": "ArrayOfString" - }, - "backup:CopyTargets": { - "condition": "backup:CopyTargets", - "description": "Filters access by the ARN of an backup vault", - "type": "ArrayOfARN" - }, - "backup:FrameworkArns": { - "condition": "backup:FrameworkArns", - "description": "Filters access by the Framework ARNs", - "type": "ArrayOfARN" - } - } - }, - "backup-gateway": { - "service_name": "AWS Backup Gateway", - "prefix": "backup-gateway", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackupgateway.html", - "privileges": { - "AssociateGatewayToServer": { - "privilege": "AssociateGatewayToServer", - "description": "Grants permission to AssociateGatewayToServer", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "hypervisor": { - "resource_type": "hypervisor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_AssociateGatewayToServer.html" - }, - "Backup": { - "privilege": "Backup", - "description": "Grants permission to Backup", - "access_level": "Write", - "resource_types": { - "virtualmachine": { - "resource_type": "virtualmachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartBackupJob.html" - }, - "CreateGateway": { - "privilege": "CreateGateway", - "description": "Grants permission to to CreateGateway", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_CreateGateway.html" - }, - "DeleteGateway": { - "privilege": "DeleteGateway", - "description": "Grants permission to DeleteGateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_DeleteGateway.html" - }, - "DeleteHypervisor": { - "privilege": "DeleteHypervisor", - "description": "Grants permission to DeleteHypervisor", - "access_level": "Write", - "resource_types": { - "hypervisor": { - "resource_type": "hypervisor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_DeleteHypervisor.html" - }, - "DisassociateGatewayFromServer": { - "privilege": "DisassociateGatewayFromServer", - "description": "Grants permission to DisassociateGatewayFromServer", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_DisassociateGatewayFromServer.html" - }, - "GetBandwidthRateLimitSchedule": { - "privilege": "GetBandwidthRateLimitSchedule", - "description": "Grants permission to GetBandwidthRateLimitSchedule", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetBandwidthRateLimitSchedule.html" - }, - "GetGateway": { - "privilege": "GetGateway", - "description": "Grants permission to GetGateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetGateway.html" - }, - "GetHypervisor": { - "privilege": "GetHypervisor", - "description": "Grants permission to GetHypervisor", - "access_level": "Read", - "resource_types": { - "hypervisor": { - "resource_type": "hypervisor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetHypervisor.html" - }, - "GetHypervisorPropertyMappings": { - "privilege": "GetHypervisorPropertyMappings", - "description": "Grants permission to GetHypervisorPropertyMappings", - "access_level": "Read", - "resource_types": { - "hypervisor": { - "resource_type": "hypervisor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetHypervisorPropertyMappings.html" - }, - "GetVirtualMachine": { - "privilege": "GetVirtualMachine", - "description": "Grants permission to GetVirtualMachine", - "access_level": "Read", - "resource_types": { - "virtualmachine": { - "resource_type": "virtualmachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetVirtualMachine.html" - }, - "ImportHypervisorConfiguration": { - "privilege": "ImportHypervisorConfiguration", - "description": "Grants permission to ImportHypervisorConfiguration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ImportHypervisorConfiguration.html" - }, - "ListGateways": { - "privilege": "ListGateways", - "description": "Grants permission to ListGateways", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListGateways.html" - }, - "ListHypervisors": { - "privilege": "ListHypervisors", - "description": "Grants permission to ListHypervisors", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListHypervisors.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to ListTagsForResource", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hypervisor": { - "resource_type": "hypervisor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualmachine": { - "resource_type": "virtualmachine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListTagsForResource.html" - }, - "ListVirtualMachines": { - "privilege": "ListVirtualMachines", - "description": "Grants permission to ListVirtualMachines", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListVirtualMachines.html" - }, - "PutBandwidthRateLimitSchedule": { - "privilege": "PutBandwidthRateLimitSchedule", - "description": "Grants permission to PutBandwidthRateLimitSchedule", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_PutBandwidthRateLimitSchedule.html" - }, - "PutHypervisorPropertyMappings": { - "privilege": "PutHypervisorPropertyMappings", - "description": "Grants permission to PutHypervisorPropertyMappings", - "access_level": "Write", - "resource_types": { - "hypervisor": { - "resource_type": "hypervisor", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_PutHypervisorPropertyMappings.html" - }, - "PutMaintenanceStartTime": { - "privilege": "PutMaintenanceStartTime", - "description": "Grants permission to PutMaintenanceStartTime", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_PutMaintenanceStartTime.html" - }, - "Restore": { - "privilege": "Restore", - "description": "Grants permission to Restore", - "access_level": "Write", - "resource_types": { - "hypervisor": { - "resource_type": "hypervisor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartRestoreJob.html" - }, - "StartVirtualMachinesMetadataSync": { - "privilege": "StartVirtualMachinesMetadataSync", - "description": "Grants permission to StartVirtualMachinesMetadataSync", - "access_level": "Write", - "resource_types": { - "hypervisor": { - "resource_type": "hypervisor", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_StartVirtualMachinesMetadataSync.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to TagResource", - "access_level": "Tagging", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hypervisor": { - "resource_type": "hypervisor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualmachine": { - "resource_type": "virtualmachine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_TagResource.html" - }, - "TestHypervisorConfiguration": { - "privilege": "TestHypervisorConfiguration", - "description": "Grants permission to TestHypervisorConfiguration", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_TestHypervisorConfiguration.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to UntagResource", - "access_level": "Tagging", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hypervisor": { - "resource_type": "hypervisor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "virtualmachine": { - "resource_type": "virtualmachine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UntagResource.html" - }, - "UpdateGatewayInformation": { - "privilege": "UpdateGatewayInformation", - "description": "Grants permission to UpdateGatewayInformation", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UpdateGatewayInformation.html" - }, - "UpdateGatewaySoftwareNow": { - "privilege": "UpdateGatewaySoftwareNow", - "description": "Grants permission to UpdateGatewaySoftwareNow", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UpdateGatewaySoftwareNow.html" - }, - "UpdateHypervisor": { - "privilege": "UpdateHypervisor", - "description": "Grants permission to UpdateHypervisor", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UpdateHypervisor.html" - } - }, - "resources": { - "gateway": { - "resource": "gateway", - "arn": "arn:${Partition}:backup-gateway::${Account}:gateway/${GatewayId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "hypervisor": { - "resource": "hypervisor", - "arn": "arn:${Partition}:backup-gateway::${Account}:hypervisor/${HypervisorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "virtualmachine": { - "resource": "virtualmachine", - "arn": "arn:${Partition}:backup-gateway::${Account}:vm/${VirtualmachineId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "backup-storage": { - "service_name": "AWS Backup storage", - "prefix": "backup-storage", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackupstorage.html", - "privileges": { - "CommitBackupJob": { - "privilege": "CommitBackupJob", - "description": "Grants permission to commit backup job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "DeleteObjects": { - "privilege": "DeleteObjects", - "description": "Grants permission to delete objects", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "DescribeBackupJob": { - "privilege": "DescribeBackupJob", - "description": "Grants permission to describe backup job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "GetBaseBackup": { - "privilege": "GetBaseBackup", - "description": "Grants permission to get base backup", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "GetChunk": { - "privilege": "GetChunk", - "description": "Grants permission to get data from a recovery point for a restore job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "GetIncrementalBaseBackup": { - "privilege": "GetIncrementalBaseBackup", - "description": "Grants permission to get incremental base backup", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "GetObjectMetadata": { - "privilege": "GetObjectMetadata", - "description": "Grants permission to get metadata from a recovery point for a restore job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "ListChunks": { - "privilege": "ListChunks", - "description": "Grants permission to list data from a recovery point for a restore job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "ListObjects": { - "privilege": "ListObjects", - "description": "Grants permission to list data from a recovery point for a restore job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "MountCapsule": { - "privilege": "MountCapsule", - "description": "Associates a KMS key to a backup vault", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupVault.html" - }, - "NotifyObjectComplete": { - "privilege": "NotifyObjectComplete", - "description": "Grants permission to mark an uploaded data as completed for a backup job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "PutChunk": { - "privilege": "PutChunk", - "description": "Grants permission to upload data to an AWS Backup-managed recovery point for a backup job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "PutObject": { - "privilege": "PutObject", - "description": "Grants permission to put object", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "StartObject": { - "privilege": "StartObject", - "description": "Grants permission to upload data to an AWS Backup-managed recovery point for a backup job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - }, - "UpdateObjectComplete": { - "privilege": "UpdateObjectComplete", - "description": "Grants permission to update object complete", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" - } - }, - "resources": {}, - "conditions": {} - }, - "batch": { - "service_name": "AWS Batch", - "prefix": "batch", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbatch.html", - "privileges": { - "CancelJob": { - "privilege": "CancelJob", - "description": "Grants permission to cancel a job in an AWS Batch job queue in your account", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CancelJob.html" - }, - "CreateComputeEnvironment": { - "privilege": "CreateComputeEnvironment", - "description": "Grants permission to create an AWS Batch compute environment in your account", - "access_level": "Write", - "resource_types": { - "compute-environment": { - "resource_type": "compute-environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateComputeEnvironment.html" - }, - "CreateJobQueue": { - "privilege": "CreateJobQueue", - "description": "Grants permission to create an AWS Batch job queue in your account", - "access_level": "Write", - "resource_types": { - "compute-environment": { - "resource_type": "compute-environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "job-queue": { - "resource_type": "job-queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateJobQueue.html" - }, - "CreateSchedulingPolicy": { - "privilege": "CreateSchedulingPolicy", - "description": "Grants permission to create an AWS Batch scheduling policy in your account", - "access_level": "Write", - "resource_types": { - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateSchedulingPolicy.html" - }, - "DeleteComputeEnvironment": { - "privilege": "DeleteComputeEnvironment", - "description": "Grants permission to delete an AWS Batch compute environment in your account", - "access_level": "Write", - "resource_types": { - "compute-environment": { - "resource_type": "compute-environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeleteComputeEnvironment.html" - }, - "DeleteJobQueue": { - "privilege": "DeleteJobQueue", - "description": "Grants permission to delete an AWS Batch job queue in your account", - "access_level": "Write", - "resource_types": { - "job-queue": { - "resource_type": "job-queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeleteJobQueue.html" - }, - "DeleteSchedulingPolicy": { - "privilege": "DeleteSchedulingPolicy", - "description": "Grants permission to delete an AWS Batch scheduling policy in your account", - "access_level": "Write", - "resource_types": { - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeleteSchedulingPolicy.html" - }, - "DeregisterJobDefinition": { - "privilege": "DeregisterJobDefinition", - "description": "Grants permission to deregister an AWS Batch job definition in your account", - "access_level": "Write", - "resource_types": { - "job-definition": { - "resource_type": "job-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeregisterJobDefinition.html" - }, - "DescribeComputeEnvironments": { - "privilege": "DescribeComputeEnvironments", - "description": "Grants permission to describe one or more AWS Batch compute environments in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeComputeEnvironments.html" - }, - "DescribeJobDefinitions": { - "privilege": "DescribeJobDefinitions", - "description": "Grants permission to describe one or more AWS Batch job definitions in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeJobDefinitions.html" - }, - "DescribeJobQueues": { - "privilege": "DescribeJobQueues", - "description": "Grants permission to describe one or more AWS Batch job queues in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeJobQueues.html" - }, - "DescribeJobs": { - "privilege": "DescribeJobs", - "description": "Grants permission to describe a list of AWS Batch jobs in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeJobs.html" - }, - "DescribeSchedulingPolicies": { - "privilege": "DescribeSchedulingPolicies", - "description": "Grants permission to describe one or more AWS Batch scheduling policies in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeSchedulingPolicies.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list jobs for a specified AWS Batch job queue in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_ListJobs.html" - }, - "ListSchedulingPolicies": { - "privilege": "ListSchedulingPolicies", - "description": "Grants permission to list AWS Batch scheduling policies in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_ListSchedulingPolicies.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS Batch resource in your account", - "access_level": "Read", - "resource_types": { - "compute-environment": { - "resource_type": "compute-environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job-definition": { - "resource_type": "job-definition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job-queue": { - "resource_type": "job-queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_ListTagsForResource.html" - }, - "RegisterJobDefinition": { - "privilege": "RegisterJobDefinition", - "description": "Grants permission to register an AWS Batch job definition in your account", - "access_level": "Write", - "resource_types": { - "job-definition": { - "resource_type": "job-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "batch:User", - "batch:Privileged", - "batch:Image", - "batch:LogDriver", - "batch:AWSLogsGroup", - "batch:AWSLogsRegion", - "batch:AWSLogsStreamPrefix", - "batch:AWSLogsCreateGroup", - "batch:EKSServiceAccountName", - "batch:EKSImage", - "batch:EKSRunAsUser", - "batch:EKSRunAsGroup", - "batch:EKSPrivileged", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html" - }, - "SubmitJob": { - "privilege": "SubmitJob", - "description": "Grants permission to submit an AWS Batch job from a job definition in your account", - "access_level": "Write", - "resource_types": { - "job-definition": { - "resource_type": "job-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "job-queue": { - "resource_type": "job-queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "batch:ShareIdentifier", - "batch:EKSImage" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_SubmitJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS Batch resource in your account", - "access_level": "Tagging", - "resource_types": { - "compute-environment": { - "resource_type": "compute-environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job-definition": { - "resource_type": "job-definition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job-queue": { - "resource_type": "job-queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_TagResource.html" - }, - "TerminateJob": { - "privilege": "TerminateJob", - "description": "Grants permission to terminate a job in an AWS Batch job queue in your account", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_TerminateJob.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an AWS Batch resource in your account", - "access_level": "Tagging", - "resource_types": { - "compute-environment": { - "resource_type": "compute-environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job-definition": { - "resource_type": "job-definition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job-queue": { - "resource_type": "job-queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UntagResource.html" - }, - "UpdateComputeEnvironment": { - "privilege": "UpdateComputeEnvironment", - "description": "Grants permission to update an AWS Batch compute environment in your account", - "access_level": "Write", - "resource_types": { - "compute-environment": { - "resource_type": "compute-environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html" - }, - "UpdateJobQueue": { - "privilege": "UpdateJobQueue", - "description": "Grants permission to update an AWS Batch job queue in your account", - "access_level": "Write", - "resource_types": { - "job-queue": { - "resource_type": "job-queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "compute-environment": { - "resource_type": "compute-environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateJobQueue.html" - }, - "UpdateSchedulingPolicy": { - "privilege": "UpdateSchedulingPolicy", - "description": "Grants permission to update an AWS Batch scheduling policy in your account", - "access_level": "Write", - "resource_types": { - "scheduling-policy": { - "resource_type": "scheduling-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateSchedulingPolicy.html" - } - }, - "resources": { - "compute-environment": { - "resource": "compute-environment", - "arn": "arn:${Partition}:batch:${Region}:${Account}:compute-environment/${ComputeEnvironmentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "job-queue": { - "resource": "job-queue", - "arn": "arn:${Partition}:batch:${Region}:${Account}:job-queue/${JobQueueName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "job-definition": { - "resource": "job-definition", - "arn": "arn:${Partition}:batch:${Region}:${Account}:job-definition/${JobDefinitionName}:${Revision}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "job": { - "resource": "job", - "arn": "arn:${Partition}:batch:${Region}:${Account}:job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "scheduling-policy": { - "resource": "scheduling-policy", - "arn": "arn:${Partition}:batch:${Region}:${Account}:scheduling-policy/${SchedulingPolicyName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "batch:AWSLogsCreateGroup": { - "condition": "batch:AWSLogsCreateGroup", - "description": "Filters access by the specified logging driver to determine whether awslogs group will be created for the logs", - "type": "Bool" - }, - "batch:AWSLogsGroup": { - "condition": "batch:AWSLogsGroup", - "description": "Filters access by the awslogs group where the logs are located", - "type": "String" - }, - "batch:AWSLogsRegion": { - "condition": "batch:AWSLogsRegion", - "description": "Filters access by the region where the logs are sent to", - "type": "String" - }, - "batch:AWSLogsStreamPrefix": { - "condition": "batch:AWSLogsStreamPrefix", - "description": "Filters access by the awslogs log stream prefix", - "type": "String" - }, - "batch:EKSImage": { - "condition": "batch:EKSImage", - "description": "Filters access by the image used to start a container for an Amazon EKS job", - "type": "String" - }, - "batch:EKSPrivileged": { - "condition": "batch:EKSPrivileged", - "description": "Filters access by the specified privileged parameter value that determines whether the container is given elevated privileges on the host container instance (similar to the root user) for an Amazon EKS job", - "type": "Bool" - }, - "batch:EKSRunAsGroup": { - "condition": "batch:EKSRunAsGroup", - "description": "Filters access by the specified group numeric ID (gid) used to start a container in an Amazon EKS job", - "type": "Numeric" - }, - "batch:EKSRunAsUser": { - "condition": "batch:EKSRunAsUser", - "description": "Filters access by the specified user numeric ID (uid) used to start a a container in an Amazon EKS job", - "type": "Numeric" - }, - "batch:EKSServiceAccountName": { - "condition": "batch:EKSServiceAccountName", - "description": "Filters access by the name of the service account used to run the pod for an Amazon EKS job", - "type": "String" - }, - "batch:Image": { - "condition": "batch:Image", - "description": "Filters access by the image used to start a container", - "type": "String" - }, - "batch:LogDriver": { - "condition": "batch:LogDriver", - "description": "Filters access by the log driver used for the container", - "type": "String" - }, - "batch:Privileged": { - "condition": "batch:Privileged", - "description": "Filters access by the specified privileged parameter value that determines whether the container is given elevated privileges on the host container instance (similar to the root user)", - "type": "Bool" - }, - "batch:ShareIdentifier": { - "condition": "batch:ShareIdentifier", - "description": "Filters access by the shareIdentifier used inside submit job", - "type": "String" - }, - "batch:User": { - "condition": "batch:User", - "description": "Filters access by user name or numeric uid used inside the container", - "type": "String" - } - } - }, - "aws-portal": { - "service_name": "AWS Billing and Cost Management", - "prefix": "aws-portal", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbilling.html", - "privileges": { - "ModifyAccount": { - "privilege": "ModifyAccount", - "description": "Allow or deny IAM users permission to modify Account Settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ModifyBilling": { - "privilege": "ModifyBilling", - "description": "Allow or deny IAM users permission to modify billing settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ModifyPaymentMethods": { - "privilege": "ModifyPaymentMethods", - "description": "Allow or deny IAM users permission to modify payment methods", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ViewAccount": { - "privilege": "ViewAccount", - "description": "Allow or deny IAM users permission to view account settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ViewBilling": { - "privilege": "ViewBilling", - "description": "Allow or deny IAM users permission to view billing pages in the console", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ViewPaymentMethods": { - "privilege": "ViewPaymentMethods", - "description": "Allow or deny IAM users permission to view payment methods", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ViewUsage": { - "privilege": "ViewUsage", - "description": "Allow or deny IAM users permission to view AWS usage reports", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetConsoleActionSetEnforced": { - "privilege": "GetConsoleActionSetEnforced", - "description": "Grants permission to view whether existing or fine-grained IAM actions are being used to control authorization to Billing, Cost Management, and Account consoles", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdateConsoleActionSetEnforced": { - "privilege": "UpdateConsoleActionSetEnforced", - "description": "Grants permission to change whether existing or fine-grained IAM actions will be used to control authorization to Billing, Cost Management, and Account consoles", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - } - }, - "resources": {}, - "conditions": {} - }, - "billing": { - "service_name": "AWS Billing and Cost Management", - "prefix": "billing", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbilling_.html", - "privileges": { - "GetBillingData": { - "privilege": "GetBillingData", - "description": "Grants permission to perform queries on billing information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetBillingDetails": { - "privilege": "GetBillingDetails", - "description": "Grants permission to view detailed line item billing information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetBillingNotifications": { - "privilege": "GetBillingNotifications", - "description": "Grants permission to view notifications sent by AWS related to your accounts billing information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetBillingPreferences": { - "privilege": "GetBillingPreferences", - "description": "Grants permission to view billing preferences such as reserved instance, savings plans and credits sharing", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetContractInformation": { - "privilege": "GetContractInformation", - "description": "Grants permission to view the account's contract information including the contract number, end-user organization names, PO numbers and if the account is used to service public-sector customers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetCredits": { - "privilege": "GetCredits", - "description": "Grants permission to view credits that have been redeemed", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetIAMAccessPreference": { - "privilege": "GetIAMAccessPreference", - "description": "Grants permission to retrieve the state of the Allow IAM Access billing preference", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetSellerOfRecord": { - "privilege": "GetSellerOfRecord", - "description": "Grants permission to retrieve the account's default Seller of Record", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ListBillingViews": { - "privilege": "ListBillingViews", - "description": "Grants permission to get billing information for your proforma billing groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "PutContractInformation": { - "privilege": "PutContractInformation", - "description": "Grants permission to set the account's contract information end-user organization names and if the account is used to service public-sector customers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "RedeemCredits": { - "privilege": "RedeemCredits", - "description": "Grants permission to redeem an AWS credit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdateBillingPreferences": { - "privilege": "UpdateBillingPreferences", - "description": "Grants permission to update billing preferences such as reserved instance, savings plans and credits sharing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdateIAMAccessPreference": { - "privilege": "UpdateIAMAccessPreference", - "description": "Grants permission to update the Allow IAM Access billing preference", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - } - }, - "resources": {}, - "conditions": {} - }, - "billingconductor": { - "service_name": "AWS Billing Conductor", - "prefix": "billingconductor", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbillingconductor.html", - "privileges": { - "AssociateAccounts": { - "privilege": "AssociateAccounts", - "description": "Grants permission to associate between one and 30 accounts to a billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_AssociateAccounts.html" - }, - "AssociatePricingRules": { - "privilege": "AssociatePricingRules", - "description": "Grants permission to associate pricing rules", - "access_level": "Write", - "resource_types": { - "pricingplan": { - "resource_type": "pricingplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingrule": { - "resource_type": "pricingrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_AssociatePricingRules.html" - }, - "BatchAssociateResourcesToCustomLineItem": { - "privilege": "BatchAssociateResourcesToCustomLineItem", - "description": "Grants permission to batch associate resources to a percentage custom line item", - "access_level": "Write", - "resource_types": { - "customlineitem": { - "resource_type": "customlineitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_BatchAssociateResourcesToCustomLineItem.html" - }, - "BatchDisassociateResourcesFromCustomLineItem": { - "privilege": "BatchDisassociateResourcesFromCustomLineItem", - "description": "Grants permission to batch disassociate resources from a percentage custom line item", - "access_level": "Write", - "resource_types": { - "customlineitem": { - "resource_type": "customlineitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_BatchDisassociateResourcesFromCustomLineItem.html" - }, - "CreateBillingGroup": { - "privilege": "CreateBillingGroup", - "description": "Grants permission to create a billing group", - "access_level": "Write", - "resource_types": { - "pricingplan": { - "resource_type": "pricingplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreateBillingGroup.html" - }, - "CreateCustomLineItem": { - "privilege": "CreateCustomLineItem", - "description": "Grants permission to create a custom line item", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreateCustomLineItem.html" - }, - "CreatePricingPlan": { - "privilege": "CreatePricingPlan", - "description": "Grants permission to create a pricing plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreatePricingPlan.html" - }, - "CreatePricingRule": { - "privilege": "CreatePricingRule", - "description": "Grants permission to create a pricing rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreatePricingRule.html" - }, - "DeleteBillingGroup": { - "privilege": "DeleteBillingGroup", - "description": "Grants permission to delete a billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeleteBillingGroup.html" - }, - "DeleteCustomLineItem": { - "privilege": "DeleteCustomLineItem", - "description": "Grants permission to delete a custom line item", - "access_level": "Write", - "resource_types": { - "customlineitem": { - "resource_type": "customlineitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeleteCustomLineItem.html" - }, - "DeletePricingPlan": { - "privilege": "DeletePricingPlan", - "description": "Grants permission to delete a pricing plan", - "access_level": "Write", - "resource_types": { - "pricingplan": { - "resource_type": "pricingplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeletePricingPlan.html" - }, - "DeletePricingRule": { - "privilege": "DeletePricingRule", - "description": "Grants permission to delete a pricing rule", - "access_level": "Write", - "resource_types": { - "pricingrule": { - "resource_type": "pricingrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeletePricingRule.html" - }, - "DisassociateAccounts": { - "privilege": "DisassociateAccounts", - "description": "Grants permission to detach between one and 30 accounts from a billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DisassociateAccounts.html" - }, - "DisassociatePricingRules": { - "privilege": "DisassociatePricingRules", - "description": "Grants permission to disassociate pricing rules", - "access_level": "Write", - "resource_types": { - "pricingplan": { - "resource_type": "pricingplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingrule": { - "resource_type": "pricingrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DisassociatePricingRules.html" - }, - "ListAccountAssociations": { - "privilege": "ListAccountAssociations", - "description": "Grants permission to list the linked accounts of the payer account for the given billing period while also providing the billing group the linked accounts belong to", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListAccountAssociations.html" - }, - "ListBillingGroupCostReports": { - "privilege": "ListBillingGroupCostReports", - "description": "Grants permission to view the billing group cost report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListBillingGroupCostReports.html" - }, - "ListBillingGroups": { - "privilege": "ListBillingGroups", - "description": "Grants permission to view the details of billing groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListBillingGroups.html" - }, - "ListCustomLineItemVersions": { - "privilege": "ListCustomLineItemVersions", - "description": "Grants permission to view custom line item versions", - "access_level": "Read", - "resource_types": { - "customlineitem": { - "resource_type": "customlineitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListCustomLineItemVersions.html" - }, - "ListCustomLineItems": { - "privilege": "ListCustomLineItems", - "description": "Grants permission to view custom line item details", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListCustomLineItems.html" - }, - "ListPricingPlans": { - "privilege": "ListPricingPlans", - "description": "Grants permission to view the pricing plans details", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingPlans.html" - }, - "ListPricingPlansAssociatedWithPricingRule": { - "privilege": "ListPricingPlansAssociatedWithPricingRule", - "description": "Grants permission to list pricing plans associated with a pricing rule", - "access_level": "List", - "resource_types": { - "pricingplan": { - "resource_type": "pricingplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingrule": { - "resource_type": "pricingrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingPlansAssociatedWithPricingRule.html" - }, - "ListPricingRules": { - "privilege": "ListPricingRules", - "description": "Grants permission to view pricing rules details", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingRules.html" - }, - "ListPricingRulesAssociatedToPricingPlan": { - "privilege": "ListPricingRulesAssociatedToPricingPlan", - "description": "Grants permission to list pricing rules associated to a pricing plan", - "access_level": "List", - "resource_types": { - "pricingplan": { - "resource_type": "pricingplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingrule": { - "resource_type": "pricingrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingRulesAssociatedToPricingPlan.html" - }, - "ListResourcesAssociatedToCustomLineItem": { - "privilege": "ListResourcesAssociatedToCustomLineItem", - "description": "Grants permission to list resources associated to a percentage custom line item", - "access_level": "List", - "resource_types": { - "customlineitem": { - "resource_type": "customlineitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListResourcesAssociatedToCustomLineItem.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags of a resource", - "access_level": "Read", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customlineitem": { - "resource_type": "customlineitem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingplan": { - "resource_type": "pricingplan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingrule": { - "resource_type": "pricingrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customlineitem": { - "resource_type": "customlineitem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingplan": { - "resource_type": "pricingplan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingrule": { - "resource_type": "pricingrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customlineitem": { - "resource_type": "customlineitem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingplan": { - "resource_type": "pricingplan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pricingrule": { - "resource_type": "pricingrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UntagResource.html" - }, - "UpdateBillingGroup": { - "privilege": "UpdateBillingGroup", - "description": "Grants permission to update a billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdateBillingGroup.html" - }, - "UpdateCustomLineItem": { - "privilege": "UpdateCustomLineItem", - "description": "Grants permission to update a custom line item", - "access_level": "Write", - "resource_types": { - "customlineitem": { - "resource_type": "customlineitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdateCustomLineItem.html" - }, - "UpdatePricingPlan": { - "privilege": "UpdatePricingPlan", - "description": "Grants permission to update a pricing plan", - "access_level": "Write", - "resource_types": { - "pricingplan": { - "resource_type": "pricingplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdatePricingPlan.html" - }, - "UpdatePricingRule": { - "privilege": "UpdatePricingRule", - "description": "Grants permission to update a pricing rule", - "access_level": "Write", - "resource_types": { - "pricingrule": { - "resource_type": "pricingrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdatePricingRule.html" - } - }, - "resources": { - "billinggroup": { - "resource": "billinggroup", - "arn": "arn:${Partition}:billingconductor::${Account}:billinggroup/${BillingGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "pricingplan": { - "resource": "pricingplan", - "arn": "arn:${Partition}:billingconductor::${Account}:pricingplan/${PricingPlanId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "pricingrule": { - "resource": "pricingrule", - "arn": "arn:${Partition}:billingconductor::${Account}:pricingrule/${PricingRuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "customlineitem": { - "resource": "customlineitem", - "arn": "arn:${Partition}:billingconductor::${Account}:customlineitem/${CustomLineItemId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "budgets": { - "service_name": "AWS Budget Service", - "prefix": "budgets", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbudgetservice.html", - "privileges": { - "CreateBudgetAction": { - "privilege": "CreateBudgetAction", - "description": "Grants permission to create and define a response that you can configure to execute once your budget has exceeded a specific budget threshold", - "access_level": "Write", - "resource_types": { - "budgetAction": { - "resource_type": "budgetAction", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "DeleteBudgetAction": { - "privilege": "DeleteBudgetAction", - "description": "Grants permission to delete an action that is associated with a specific budget", - "access_level": "Write", - "resource_types": { - "budgetAction": { - "resource_type": "budgetAction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "DescribeBudgetAction": { - "privilege": "DescribeBudgetAction", - "description": "Grants permission to retrieve the details of a specific budget action associated with a budget", - "access_level": "Read", - "resource_types": { - "budgetAction": { - "resource_type": "budgetAction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "DescribeBudgetActionHistories": { - "privilege": "DescribeBudgetActionHistories", - "description": "Grants permission to retrieve a historical view of the budget actions statuses associated with a particular budget action. These status include statues such as 'Standby', 'Pending' and 'Executed'", - "access_level": "Read", - "resource_types": { - "budgetAction": { - "resource_type": "budgetAction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "DescribeBudgetActionsForAccount": { - "privilege": "DescribeBudgetActionsForAccount", - "description": "Grants permission to retrieve the details of all of the budget actions associated with your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "DescribeBudgetActionsForBudget": { - "privilege": "DescribeBudgetActionsForBudget", - "description": "Grants permission to retrieve the details of all of the budget actions associated with a budget", - "access_level": "Read", - "resource_types": { - "budget": { - "resource_type": "budget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ExecuteBudgetAction": { - "privilege": "ExecuteBudgetAction", - "description": "Grants permission to initiate a pending budget action as well as reverse a previously executed budget action", - "access_level": "Write", - "resource_types": { - "budgetAction": { - "resource_type": "budgetAction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ModifyBudget": { - "privilege": "ModifyBudget", - "description": "Grants permission to modify budgets and budget details", - "access_level": "Write", - "resource_types": { - "budget": { - "resource_type": "budget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdateBudgetAction": { - "privilege": "UpdateBudgetAction", - "description": "Grants permission to update the details of a specific budget action associated with a budget", - "access_level": "Write", - "resource_types": { - "budgetAction": { - "resource_type": "budgetAction", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ViewBudget": { - "privilege": "ViewBudget", - "description": "Grants permission to view budgets and budget details", - "access_level": "Read", - "resource_types": { - "budget": { - "resource_type": "budget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - } - }, - "resources": { - "budget": { - "resource": "budget", - "arn": "arn:${Partition}:budgets::${Account}:budget/${BudgetName}", - "condition_keys": [] - }, - "budgetAction": { - "resource": "budgetAction", - "arn": "arn:${Partition}:budgets::${Account}:budget/${BudgetName}/action/${ActionId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "bugbust": { - "service_name": "AWS BugBust", - "prefix": "bugbust", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbugbust.html", - "privileges": { - "CreateEvent": { - "privilege": "CreateEvent", - "description": "Grants permission to create a BugBust event", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "EvaluateProfilingGroups": { - "privilege": "EvaluateProfilingGroups", - "description": "Grants permission to evaluate checked-in profiling groups", - "access_level": "Write", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "GetEvent": { - "privilege": "GetEvent", - "description": "Grants permission to view customer details about an event", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "GetJoinEventStatus": { - "privilege": "GetJoinEventStatus", - "description": "Grants permission to view the status of a BugBust player's attempt to join a BugBust event", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "JoinEvent": { - "privilege": "JoinEvent", - "description": "Grants permission to join an event", - "access_level": "Write", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "ListBugs": { - "privilege": "ListBugs", - "description": "Grants permission to view the bugs that were imported into an event for players to work on", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "codeguru-reviewer:DescribeCodeReview", - "codeguru-reviewer:ListRecommendations" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "ListEventParticipants": { - "privilege": "ListEventParticipants", - "description": "Grants permission to view the participants of an event", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "ListEventScores": { - "privilege": "ListEventScores", - "description": "Grants permission to view the scores of an event's players", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "ListEvents": { - "privilege": "ListEvents", - "description": "Grants permission to List BugBust events", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "ListProfilingGroups": { - "privilege": "ListProfilingGroups", - "description": "Grants permission to view the profiling groups that were imported into an event for players to work on", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "ListPullRequests": { - "privilege": "ListPullRequests", - "description": "Grants permission to view the pull requests used by players to submit fixes to their claimed bugs in an event", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tag for a Bugbust resource", - "access_level": "Read", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a Bugbust resource", - "access_level": "Tagging", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a Bugbust resource", - "access_level": "Tagging", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "UpdateEvent": { - "privilege": "UpdateEvent", - "description": "Grants permission to update a BugBust event", - "access_level": "Write", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "codeguru-profiler:DescribeProfilingGroup", - "codeguru-profiler:ListProfilingGroups", - "codeguru-reviewer:DescribeCodeReview", - "codeguru-reviewer:ListCodeReviews", - "codeguru-reviewer:ListRecommendations", - "codeguru-reviewer:TagResource", - "codeguru-reviewer:UnTagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "UpdateWorkItem": { - "privilege": "UpdateWorkItem", - "description": "Grants permission to update a work item as claimed or unclaimed (bug or profiling group)", - "access_level": "Write", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "codeguru-reviewer:ListRecommendations" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - }, - "UpdateWorkItemAdmin": { - "privilege": "UpdateWorkItemAdmin", - "description": "Grants permission to update an event's work item (bug or profiling group)", - "access_level": "Write", - "resource_types": { - "Event": { - "resource_type": "Event", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "codeguru-reviewer:ListRecommendations" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" - } - }, - "resources": { - "Event": { - "resource": "Event", - "arn": "arn:${Partition}:bugbust:${Region}:${Account}:events/${EventId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "acm": { - "service_name": "AWS Certificate Manager", - "prefix": "acm", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscertificatemanager.html", - "privileges": { - "AddTagsToCertificate": { - "privilege": "AddTagsToCertificate", - "description": "Grants permission to add one or more tags to a certificate", - "access_level": "Tagging", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_AddTagsToCertificate.html" - }, - "DeleteCertificate": { - "privilege": "DeleteCertificate", - "description": "Grants permission to delete a certificate and its associated private key", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_DeleteCertificate.html" - }, - "DescribeCertificate": { - "privilege": "DescribeCertificate", - "description": "Grants permission to retreive a certificates and its metadata", - "access_level": "Read", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_DescribeCertificate.html" - }, - "ExportCertificate": { - "privilege": "ExportCertificate", - "description": "Grants permission to export a private certificate issued by a private certificate authority (CA) for use anywhere", - "access_level": "Read", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ExportCertificate.html" - }, - "GetAccountConfiguration": { - "privilege": "GetAccountConfiguration", - "description": "Grants permission to retrieve account level configuration from AWS Certificate Manager", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_GetAccountConfiguration.html" - }, - "GetCertificate": { - "privilege": "GetCertificate", - "description": "Grants permission to retrieve a certificate and certificate chain for a certificate ARN", - "access_level": "Read", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_GetCertificate.html" - }, - "ImportCertificate": { - "privilege": "ImportCertificate", - "description": "Grants permission to import a 3rd party certificate into AWS Certificate Manager (ACM)", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ImportCertificate.html" - }, - "ListCertificates": { - "privilege": "ListCertificates", - "description": "Grants permission to retrieve a list of the certificate ARNs and the domain name for each ARN", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ListCertificates.html" - }, - "ListTagsForCertificate": { - "privilege": "ListTagsForCertificate", - "description": "Grants permission to lists the tags that have been associated with a certificate", - "access_level": "Read", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ListTagsForCertificate.html" - }, - "PutAccountConfiguration": { - "privilege": "PutAccountConfiguration", - "description": "Grants permission to update account level configuration in AWS Certificate Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_PutAccountConfiguration.html" - }, - "RemoveTagsFromCertificate": { - "privilege": "RemoveTagsFromCertificate", - "description": "Grants permission to remove one or more tags from a certificate", - "access_level": "Tagging", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_RemoveTagsFromCertificate.html" - }, - "RenewCertificate": { - "privilege": "RenewCertificate", - "description": "Grants permission to renew an eligible private certificate", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_RenewCertificate.html" - }, - "RequestCertificate": { - "privilege": "RequestCertificate", - "description": "Grants permission to requests a public or private certificate", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_RequestCertificate.html" - }, - "ResendValidationEmail": { - "privilege": "ResendValidationEmail", - "description": "Grants permission to resend an email to request domain ownership validation", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ResendValidationEmail.html" - }, - "UpdateCertificateOptions": { - "privilege": "UpdateCertificateOptions", - "description": "Grants permission to update a certificate configuration. Use this to specify whether to opt in to or out of certificate transparency logging", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_UpdateCertificateOptions.html" - } - }, - "resources": { - "certificate": { - "resource": "certificate", - "arn": "arn:${Partition}:acm:${Region}:${Account}:certificate/${CertificateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filter access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filter access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "acm-pca": { - "service_name": "AWS Certificate Manager Private Certificate Authority", - "prefix": "acm-pca", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscertificatemanagerprivatecertificateauthority.html", - "privileges": { - "CreateCertificateAuthority": { - "privilege": "CreateCertificateAuthority", - "description": "Grants permission to create an AWS Private CA and its associated private key and configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html" - }, - "CreateCertificateAuthorityAuditReport": { - "privilege": "CreateCertificateAuthorityAuditReport", - "description": "Grants permission to create an audit report for an AWS Private CA", - "access_level": "Write", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html" - }, - "CreatePermission": { - "privilege": "CreatePermission", - "description": "Grants permission to create a permission for an AWS Private CA", - "access_level": "Permissions management", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreatePermission.html" - }, - "DeleteCertificateAuthority": { - "privilege": "DeleteCertificateAuthority", - "description": "Grants permission to delete an AWS Private CA and its associated private key and configuration", - "access_level": "Write", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeleteCertificateAuthority.html" - }, - "DeletePermission": { - "privilege": "DeletePermission", - "description": "Grants permission to delete a permission for an AWS Private CA", - "access_level": "Permissions management", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeletePermission.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to delete the policy for an AWS Private CA", - "access_level": "Permissions management", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeletePolicy.html" - }, - "DescribeCertificateAuthority": { - "privilege": "DescribeCertificateAuthority", - "description": "Grants permission to return a list of the configuration and status fields contained in the specified AWS Private CA", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DescribeCertificateAuthority.html" - }, - "DescribeCertificateAuthorityAuditReport": { - "privilege": "DescribeCertificateAuthorityAuditReport", - "description": "Grants permission to return the status and information about an AWS Private CA audit report", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DescribeCertificateAuthorityAuditReport.html" - }, - "GetCertificate": { - "privilege": "GetCertificate", - "description": "Grants permission to retrieve an AWS Private CA certificate and certificate chain for the certificate authority specified by an ARN", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetCertificate.html" - }, - "GetCertificateAuthorityCertificate": { - "privilege": "GetCertificateAuthorityCertificate", - "description": "Grants permission to retrieve an AWS Private CA certificate and certificate chain for the certificate authority specified by an ARN", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetCertificateAuthorityCertificate.html" - }, - "GetCertificateAuthorityCsr": { - "privilege": "GetCertificateAuthorityCsr", - "description": "Grants permission to retrieve an AWS Private CA certificate signing request (CSR) for the certificate-authority specified by an ARN", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetCertificateAuthorityCsr.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to retrieve the policy on an AWS Private CA", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetPolicy.html" - }, - "ImportCertificateAuthorityCertificate": { - "privilege": "ImportCertificateAuthorityCertificate", - "description": "Grants permission to import an SSL/TLS certificate into AWS Private CA for use as the CA certificate of an AWS Private CA", - "access_level": "Write", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html" - }, - "IssueCertificate": { - "privilege": "IssueCertificate", - "description": "Grants permission to issue an AWS Private CA certificate", - "access_level": "Write", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "acm-pca:TemplateArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_IssueCertificate.html" - }, - "ListCertificateAuthorities": { - "privilege": "ListCertificateAuthorities", - "description": "Grants permission to retrieve a list of the AWS Private CA certificate authority ARNs, and a summary of the status of each CA in the calling account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListCertificateAuthorities.html" - }, - "ListPermissions": { - "privilege": "ListPermissions", - "description": "Grants permission to list the permissions that have been applied to the AWS Private CA certificate authority", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListPermissions.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to list the tags that have been applied to the AWS Private CA certificate authority", - "access_level": "Read", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListTags.html" - }, - "PutPolicy": { - "privilege": "PutPolicy", - "description": "Grants permission to put a policy on an AWS Private CA", - "access_level": "Permissions management", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_PutPolicy.html" - }, - "RestoreCertificateAuthority": { - "privilege": "RestoreCertificateAuthority", - "description": "Grants permission to restore an AWS Private CA from the deleted state to the state it was in when deleted", - "access_level": "Write", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_RestoreCertificateAuthority.html" - }, - "RevokeCertificate": { - "privilege": "RevokeCertificate", - "description": "Grants permission to revoke a certificate issued by an AWS Private CA", - "access_level": "Write", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html" - }, - "TagCertificateAuthority": { - "privilege": "TagCertificateAuthority", - "description": "Grants permission to add one or more tags to an AWS Private CA", - "access_level": "Tagging", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_TagCertificateAuthority.html" - }, - "UntagCertificateAuthority": { - "privilege": "UntagCertificateAuthority", - "description": "Grants permission to remove one or more tags from an AWS Private CA", - "access_level": "Tagging", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_UntagCertificateAuthority.html" - }, - "UpdateCertificateAuthority": { - "privilege": "UpdateCertificateAuthority", - "description": "Grants permission to update the configuration of an AWS Private CA", - "access_level": "Write", - "resource_types": { - "certificate-authority": { - "resource_type": "certificate-authority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html" - } - }, - "resources": { - "certificate-authority": { - "resource": "certificate-authority", - "arn": "arn:${Partition}:acm-pca:${Region}:${Account}:certificate-authority/${CertificateAuthorityId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "acm-pca:TemplateArn": { - "condition": "acm-pca:TemplateArn", - "description": "Filters issue certificate requests based on the presence of TemplateArn in the request", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters create requests based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters create requests based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "chatbot": { - "service_name": "AWS Chatbot", - "prefix": "chatbot", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html", - "privileges": { - "CreateChimeWebhookConfiguration": { - "privilege": "CreateChimeWebhookConfiguration", - "description": "Grants permission to create an AWS Chatbot Chime Webhook Configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "CreateMicrosoftTeamsChannelConfiguration": { - "privilege": "CreateMicrosoftTeamsChannelConfiguration", - "description": "Grants permission to create an AWS Chatbot Microsoft Teams Channel Configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "CreateSlackChannelConfiguration": { - "privilege": "CreateSlackChannelConfiguration", - "description": "Grants permission to create an AWS Chatbot Slack Channel Configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DeleteChimeWebhookConfiguration": { - "privilege": "DeleteChimeWebhookConfiguration", - "description": "Grants permission to delete an AWS Chatbot Chime Webhook Configuration", - "access_level": "Write", - "resource_types": { - "ChatbotConfiguration": { - "resource_type": "ChatbotConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DeleteMicrosoftTeamsChannelConfiguration": { - "privilege": "DeleteMicrosoftTeamsChannelConfiguration", - "description": "Grants permission to delete an AWS Chatbot Microsoft Teams Channel Configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DeleteMicrosoftTeamsConfiguredTeam": { - "privilege": "DeleteMicrosoftTeamsConfiguredTeam", - "description": "Grants permission to delete the Microsoft Teams configured with AWS Chatbot in an AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DeleteMicrosoftTeamsUserIdentity": { - "privilege": "DeleteMicrosoftTeamsUserIdentity", - "description": "Grants permission to delete an AWS Chatbot Microsoft Teams User Identity", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DeleteSlackChannelConfiguration": { - "privilege": "DeleteSlackChannelConfiguration", - "description": "Grants permission to delete an AWS Chatbot Slack Channel Configuration", - "access_level": "Write", - "resource_types": { - "ChatbotConfiguration": { - "resource_type": "ChatbotConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DeleteSlackUserIdentity": { - "privilege": "DeleteSlackUserIdentity", - "description": "Grants permission to delete an AWS Chatbot Slack User Identity", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DeleteSlackWorkspaceAuthorization": { - "privilege": "DeleteSlackWorkspaceAuthorization", - "description": "Grants permission to delete the Slack workspace authorization with AWS Chatbot, associated with an AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DescribeChimeWebhookConfigurations": { - "privilege": "DescribeChimeWebhookConfigurations", - "description": "Grants permission to list all AWS Chatbot Chime Webhook Configurations in an AWS Account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DescribeSlackChannelConfigurations": { - "privilege": "DescribeSlackChannelConfigurations", - "description": "Grants permission to list all AWS Chatbot Slack Channel Configurations in an AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DescribeSlackChannels": { - "privilege": "DescribeSlackChannels", - "description": "Grants permission to list all public Slack channels in the Slack workspace connected to the AWS Account onboarded with AWS Chatbot service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DescribeSlackUserIdentities": { - "privilege": "DescribeSlackUserIdentities", - "description": "Grants permission to describe AWS Chatbot Slack User Identities", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "DescribeSlackWorkspaces": { - "privilege": "DescribeSlackWorkspaces", - "description": "Grants permission to list all authorized Slack workspaces connected to the AWS Account onboarded with AWS Chatbot service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "GetAccountPreferences": { - "privilege": "GetAccountPreferences", - "description": "Grants permission to retrieve AWS Chatbot account preferences", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "GetMicrosoftTeamsChannelConfiguration": { - "privilege": "GetMicrosoftTeamsChannelConfiguration", - "description": "Grants permission to get a single AWS Chatbot Microsoft Teams Channel Configurations in an AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "GetMicrosoftTeamsOauthParameters": { - "privilege": "GetMicrosoftTeamsOauthParameters", - "description": "Grants permission to generate OAuth parameters to request Microsoft Teams OAuth code to be used by the AWS Chatbot service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "GetSlackOauthParameters": { - "privilege": "GetSlackOauthParameters", - "description": "Grants permission to generate OAuth parameters to request Slack OAuth code to be used by the AWS Chatbot service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "ListMicrosoftTeamsChannelConfigurations": { - "privilege": "ListMicrosoftTeamsChannelConfigurations", - "description": "Grants permission to list all AWS Chatbot Microsoft Teams Channel Configurations in an AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "ListMicrosoftTeamsConfiguredTeams": { - "privilege": "ListMicrosoftTeamsConfiguredTeams", - "description": "Grants permission to list all Microsoft Teams connected to the AWS Account onboarded with AWS Chatbot service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "ListMicrosoftTeamsUserIdentities": { - "privilege": "ListMicrosoftTeamsUserIdentities", - "description": "Grants permission to describe AWS Chatbot Microsoft Teams User Identities", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "RedeemMicrosoftTeamsOauthCode": { - "privilege": "RedeemMicrosoftTeamsOauthCode", - "description": "Grants permission to redeem previously generated parameters with Microsoft APIs, to acquire OAuth tokens to be used by the AWS Chatbot service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "RedeemSlackOauthCode": { - "privilege": "RedeemSlackOauthCode", - "description": "Grants permission to redeem previously generated parameters with Slack API, to acquire OAuth tokens to be used by the AWS Chatbot service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "UpdateAccountPreferences": { - "privilege": "UpdateAccountPreferences", - "description": "Grants permission to update AWS Chatbot account preferences", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "UpdateChimeWebhookConfiguration": { - "privilege": "UpdateChimeWebhookConfiguration", - "description": "Grants permission to update an AWS Chatbot Chime Webhook Configuration", - "access_level": "Write", - "resource_types": { - "ChatbotConfiguration": { - "resource_type": "ChatbotConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "UpdateMicrosoftTeamsChannelConfiguration": { - "privilege": "UpdateMicrosoftTeamsChannelConfiguration", - "description": "Grants permission to update an AWS Chatbot Microsoft Teams Channel Configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - }, - "UpdateSlackChannelConfiguration": { - "privilege": "UpdateSlackChannelConfiguration", - "description": "Grants permission to update an AWS Chatbot Slack Channel Configuration", - "access_level": "Write", - "resource_types": { - "ChatbotConfiguration": { - "resource_type": "ChatbotConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" - } - }, - "resources": { - "ChatbotConfiguration": { - "resource": "ChatbotConfiguration", - "arn": "arn:${Partition}:chatbot::${Account}:chat-configuration/${ConfigurationType}/${ChatbotConfigurationName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "cleanrooms": { - "service_name": "AWS Clean Rooms", - "prefix": "cleanrooms", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscleanrooms.html", - "privileges": { - "BatchGetSchema": { - "privilege": "BatchGetSchema", - "description": "Grants permission to view details for schemas", - "access_level": "Read", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cleanrooms:GetSchema" - ] - }, - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_BatchGetSchema.html" - }, - "CreateCollaboration": { - "privilege": "CreateCollaboration", - "description": "Grants permission to create a new collaboration, a shared data collaboration environment", - "access_level": "Write", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html" - }, - "CreateConfiguredTable": { - "privilege": "CreateConfiguredTable", - "description": "Grants permission to create a new configured table", - "access_level": "Write", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "glue:BatchGetPartition", - "glue:GetDatabase", - "glue:GetDatabases", - "glue:GetPartition", - "glue:GetPartitions", - "glue:GetSchemaVersion", - "glue:GetTable", - "glue:GetTables" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateConfiguredTable.html" - }, - "CreateConfiguredTableAnalysisRule": { - "privilege": "CreateConfiguredTableAnalysisRule", - "description": "Grants permission to create a analysis rule for a configured table", - "access_level": "Write", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateConfiguredTableAnalysisRule.html" - }, - "CreateConfiguredTableAssociation": { - "privilege": "CreateConfiguredTableAssociation", - "description": "Grants permission to link a configured table with a collaboration by creating a new association", - "access_level": "Write", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - }, - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateConfiguredTableAssociation.html" - }, - "CreateMembership": { - "privilege": "CreateMembership", - "description": "Grants permission to join collaborations by creating a membership", - "access_level": "Write", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "logs:CreateLogDelivery", - "logs:CreateLogGroup", - "logs:DeleteLogDelivery", - "logs:DescribeLogGroups", - "logs:DescribeResourcePolicies", - "logs:GetLogDelivery", - "logs:ListLogDeliveries", - "logs:PutResourcePolicy", - "logs:UpdateLogDelivery" - ] - }, - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateMembership.html" - }, - "DeleteCollaboration": { - "privilege": "DeleteCollaboration", - "description": "Grants permission to delete an existing collaboration", - "access_level": "Write", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteCollaboration.html" - }, - "DeleteConfiguredTable": { - "privilege": "DeleteConfiguredTable", - "description": "Grants permission to delete a configured table", - "access_level": "Write", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteConfiguredTable.html" - }, - "DeleteConfiguredTableAnalysisRule": { - "privilege": "DeleteConfiguredTableAnalysisRule", - "description": "Grants permission to delete an existing analysis rule", - "access_level": "Write", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteConfiguredTableAnalysisRule.html" - }, - "DeleteConfiguredTableAssociation": { - "privilege": "DeleteConfiguredTableAssociation", - "description": "Grants permission to remove a configured table association from a collaboration", - "access_level": "Write", - "resource_types": { - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteConfiguredTableAssociation.html" - }, - "DeleteMember": { - "privilege": "DeleteMember", - "description": "Grants permission to delete members from a collaboration", - "access_level": "Write", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteMember.html" - }, - "DeleteMembership": { - "privilege": "DeleteMembership", - "description": "Grants permission to leave collaborations by deleting a membership", - "access_level": "Write", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteMembership.html" - }, - "GetCollaboration": { - "privilege": "GetCollaboration", - "description": "Grants permission to view details for a collaboration", - "access_level": "Read", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetCollaboration.html" - }, - "GetConfiguredTable": { - "privilege": "GetConfiguredTable", - "description": "Grants permission to view details for a configured table", - "access_level": "Read", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetConfiguredTable.html" - }, - "GetConfiguredTableAnalysisRule": { - "privilege": "GetConfiguredTableAnalysisRule", - "description": "Grants permission to view analysis rules for a configured table", - "access_level": "Read", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetConfiguredTableAnalysisRule.html" - }, - "GetConfiguredTableAssociation": { - "privilege": "GetConfiguredTableAssociation", - "description": "Grants permission to view details for a configured table association", - "access_level": "Read", - "resource_types": { - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetConfiguredTableAssociation.html" - }, - "GetMembership": { - "privilege": "GetMembership", - "description": "Grants permission to view details about a membership", - "access_level": "Read", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetMembership.html" - }, - "GetProtectedQuery": { - "privilege": "GetProtectedQuery", - "description": "Grants permission to view a protected query", - "access_level": "Read", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetProtectedQuery.html" - }, - "GetSchema": { - "privilege": "GetSchema", - "description": "Grants permission to view details for a schema", - "access_level": "Read", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetSchema.html" - }, - "GetSchemaAnalysisRule": { - "privilege": "GetSchemaAnalysisRule", - "description": "Grants permission to view analysis rules associated with a schema", - "access_level": "Read", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cleanrooms:GetSchema" - ] - }, - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetSchemaAnalysisRule.html" - }, - "ListCollaborations": { - "privilege": "ListCollaborations", - "description": "Grants permission to list available collaborations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListCollaborations.html" - }, - "ListConfiguredTableAssociations": { - "privilege": "ListConfiguredTableAssociations", - "description": "Grants permission to list available configured table associations for a membership", - "access_level": "List", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListConfiguredTableAssociations.html" - }, - "ListConfiguredTables": { - "privilege": "ListConfiguredTables", - "description": "Grants permission to list available configured tables", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListConfiguredTables.html" - }, - "ListMembers": { - "privilege": "ListMembers", - "description": "Grants permission to list the members of a collaboration", - "access_level": "List", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListMembers.html" - }, - "ListMemberships": { - "privilege": "ListMemberships", - "description": "Grants permission to list available memberships", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListMemberships.html" - }, - "ListProtectedQueries": { - "privilege": "ListProtectedQueries", - "description": "Grants permission to list protected queries", - "access_level": "List", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListProtectedQueries.html" - }, - "ListSchemas": { - "privilege": "ListSchemas", - "description": "Grants permission to view available schemas for a collaboration", - "access_level": "List", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListSchemas.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "List", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Membership": { - "resource_type": "Membership", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListTagsForResource.html" - }, - "StartProtectedQuery": { - "privilege": "StartProtectedQuery", - "description": "Grants permission to start protected queries", - "access_level": "Write", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cleanrooms:GetSchema", - "s3:GetBucketLocation", - "s3:ListBucket", - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_StartProtectedQuery.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Membership": { - "resource_type": "Membership", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Membership": { - "resource_type": "Membership", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UntagResource.html" - }, - "UpdateCollaboration": { - "privilege": "UpdateCollaboration", - "description": "Grants permission to update details of the collaboration", - "access_level": "Write", - "resource_types": { - "Collaboration": { - "resource_type": "Collaboration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateCollaboration.html" - }, - "UpdateConfiguredTable": { - "privilege": "UpdateConfiguredTable", - "description": "Grants permission to update an existing configured table", - "access_level": "Write", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateConfiguredTable.html" - }, - "UpdateConfiguredTableAnalysisRule": { - "privilege": "UpdateConfiguredTableAnalysisRule", - "description": "Grants permission to update analysis rules for a configured table", - "access_level": "Write", - "resource_types": { - "ConfiguredTable": { - "resource_type": "ConfiguredTable", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateConfiguredTableAnalysisRule.html" - }, - "UpdateConfiguredTableAssociation": { - "privilege": "UpdateConfiguredTableAssociation", - "description": "Grants permission to update a configured table association", - "access_level": "Write", - "resource_types": { - "ConfiguredTableAssociation": { - "resource_type": "ConfiguredTableAssociation", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateConfiguredTableAssociation.html" - }, - "UpdateMembership": { - "privilege": "UpdateMembership", - "description": "Grants permission to update details of a membership", - "access_level": "Write", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "logs:CreateLogDelivery", - "logs:CreateLogGroup", - "logs:DeleteLogDelivery", - "logs:DescribeLogGroups", - "logs:DescribeResourcePolicies", - "logs:GetLogDelivery", - "logs:ListLogDeliveries", - "logs:PutResourcePolicy", - "logs:UpdateLogDelivery" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateMembership.html" - }, - "UpdateProtectedQuery": { - "privilege": "UpdateProtectedQuery", - "description": "Grants permission to update protected queries", - "access_level": "Write", - "resource_types": { - "Membership": { - "resource_type": "Membership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateProtectedQuery.html" - } - }, - "resources": { - "Collaboration": { - "resource": "Collaboration", - "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:collaboration/${CollaborationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ConfiguredTable": { - "resource": "ConfiguredTable", - "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:configuredtable/${ConfiguredTableId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ConfiguredTableAssociation": { - "resource": "ConfiguredTableAssociation", - "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:membership/${MembershipId}/configuredtableassociation/${ConfiguredTableAssociationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Membership": { - "resource": "Membership", - "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:membership/${MembershipId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "cloud9": { - "service_name": "AWS Cloud9", - "prefix": "cloud9", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloud9.html", - "privileges": { - "ActivateEC2Remote": { - "privilege": "ActivateEC2Remote", - "description": "Grants permission to start the Amazon EC2 instance that your AWS Cloud9 IDE connects to", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "CreateEnvironmentEC2": { - "privilege": "CreateEnvironmentEC2", - "description": "Grants permission to create an AWS Cloud9 development environment, launches an Amazon Elastic Compute Cloud (Amazon EC2) instance, and then hosts the environment on the instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloud9:EnvironmentName", - "cloud9:InstanceType", - "cloud9:SubnetId", - "cloud9:UserArn", - "cloud9:OwnerArn", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_CreateEnvironmentEC2.html" - }, - "CreateEnvironmentMembership": { - "privilege": "CreateEnvironmentMembership", - "description": "Grants permission to add an environment member to an AWS Cloud9 development environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloud9:UserArn", - "cloud9:EnvironmentId", - "cloud9:Permissions" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_CreateEnvironmentMembership.html" - }, - "CreateEnvironmentSSH": { - "privilege": "CreateEnvironmentSSH", - "description": "Grants permission to create an AWS Cloud9 SSH development environment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloud9:EnvironmentName", - "cloud9:OwnerArn", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "CreateEnvironmentToken": { - "privilege": "CreateEnvironmentToken", - "description": "Grants permission to create an authentication token that allows a connection between the AWS Cloud9 IDE and the user's environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete an AWS Cloud9 development environment. If the environment is hosted on an Amazon Elastic Compute Cloud (Amazon EC2) instance, also terminates the instance", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DeleteEnvironment.html" - }, - "DeleteEnvironmentMembership": { - "privilege": "DeleteEnvironmentMembership", - "description": "Grants permission to delete an environment member from an AWS Cloud9 development environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DeleteEnvironmentMembership.html" - }, - "DescribeEC2Remote": { - "privilege": "DescribeEC2Remote", - "description": "Grants permission to get details about the connection to the EC2 development environment, including host, user, and port", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "DescribeEnvironmentMemberships": { - "privilege": "DescribeEnvironmentMemberships", - "description": "Grants permission to get information about environment members for an AWS Cloud9 development environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloud9:UserArn", - "cloud9:EnvironmentId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DescribeEnvironmentMemberships.html" - }, - "DescribeEnvironmentStatus": { - "privilege": "DescribeEnvironmentStatus", - "description": "Grants permission to get status information for an AWS Cloud9 development environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DescribeEnvironmentStatus.html" - }, - "DescribeEnvironments": { - "privilege": "DescribeEnvironments", - "description": "Grants permission to get information about AWS Cloud9 development environments", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DescribeEnvironments.html" - }, - "DescribeSSHRemote": { - "privilege": "DescribeSSHRemote", - "description": "Grants permission to get details about the connection to the SSH development environment, including host, user, and port", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "GetEnvironmentConfig": { - "privilege": "GetEnvironmentConfig", - "description": "Grants permission to get configuration information that's used to initialize the AWS Cloud9 IDE", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "GetEnvironmentSettings": { - "privilege": "GetEnvironmentSettings", - "description": "Grants permission to get the AWS Cloud9 IDE settings for a specified development environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "GetMembershipSettings": { - "privilege": "GetMembershipSettings", - "description": "Grants permission to get the AWS Cloud9 IDE settings for a specified environment member", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "GetMigrationExperiences": { - "privilege": "GetMigrationExperiences", - "description": "Grants permission to get the migration experience for a cloud9 user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "GetUserPublicKey": { - "privilege": "GetUserPublicKey", - "description": "Grants permission to get the user's public SSH key, which is used by AWS Cloud9 to connect to SSH development environments", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloud9:UserArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "GetUserSettings": { - "privilege": "GetUserSettings", - "description": "Grants permission to get the AWS Cloud9 IDE settings for a specified user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "ListEnvironments": { - "privilege": "ListEnvironments", - "description": "Grants permission to get a list of AWS Cloud9 development environment identifiers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_ListEnvironments.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a cloud9 environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_ListTagsForResource.html" - }, - "ModifyTemporaryCredentialsOnEnvironmentEC2": { - "privilege": "ModifyTemporaryCredentialsOnEnvironmentEC2", - "description": "Grants permission to set AWS managed temporary credentials on the Amazon EC2 instance that's used by the AWS Cloud9 integrated development environment (IDE)", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a cloud9 environment", - "access_level": "Tagging", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a cloud9 environment", - "access_level": "Tagging", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_UntagResource.html" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to change the settings of an existing AWS Cloud9 development environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_UpdateEnvironment.html" - }, - "UpdateEnvironmentMembership": { - "privilege": "UpdateEnvironmentMembership", - "description": "Grants permission to change the settings of an existing environment member for an AWS Cloud9 development environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloud9:UserArn", - "cloud9:EnvironmentId", - "cloud9:Permissions" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_UpdateEnvironmentMembership.html" - }, - "UpdateEnvironmentSettings": { - "privilege": "UpdateEnvironmentSettings", - "description": "Grants permission to update the AWS Cloud9 IDE settings for a specified development environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "UpdateMembershipSettings": { - "privilege": "UpdateMembershipSettings", - "description": "Grants permission to update the AWS Cloud9 IDE settings for a specified environment member", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "UpdateSSHRemote": { - "privilege": "UpdateSSHRemote", - "description": "Grants permission to update details about the connection to the SSH development environment, including host, user, and port", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "UpdateUserSettings": { - "privilege": "UpdateUserSettings", - "description": "Grants permission to update IDE-specific settings of an AWS Cloud9 user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - }, - "ValidateEnvironmentName": { - "privilege": "ValidateEnvironmentName", - "description": "Grants permission to validate the environment name during the process of creating an AWS Cloud9 development environment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" - } - }, - "resources": { - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:cloud9:${Region}:${Account}:environment:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "cloud9:EnvironmentId": { - "condition": "cloud9:EnvironmentId", - "description": "Filters access by the AWS Cloud9 environment ID", - "type": "String" - }, - "cloud9:EnvironmentName": { - "condition": "cloud9:EnvironmentName", - "description": "Filters access by the AWS Cloud9 environment name", - "type": "String" - }, - "cloud9:InstanceType": { - "condition": "cloud9:InstanceType", - "description": "Filters access by the instance type of the AWS Cloud9 environment's Amazon EC2 instance", - "type": "String" - }, - "cloud9:OwnerArn": { - "condition": "cloud9:OwnerArn", - "description": "Filters access by the owner ARN specified", - "type": "ARN" - }, - "cloud9:Permissions": { - "condition": "cloud9:Permissions", - "description": "Filters access by the type of AWS Cloud9 permissions", - "type": "String" - }, - "cloud9:SubnetId": { - "condition": "cloud9:SubnetId", - "description": "Filters access by the subnet ID that the AWS Cloud9 environment will be created in", - "type": "String" - }, - "cloud9:UserArn": { - "condition": "cloud9:UserArn", - "description": "Filters access by the user ARN specified", - "type": "ARN" - } - } - }, - "cloudformation": { - "service_name": "AWS Cloud Control API", - "prefix": "cloudformation", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudcontrolapi.html", - "privileges": { - "CancelResourceRequest": { - "privilege": "CancelResourceRequest", - "description": "Grants permission to cancel resource requests in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_CancelResourceRequest.html" - }, - "CreateResource": { - "privilege": "CreateResource", - "description": "Grants permission to create resources in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_CreateResource.html" - }, - "DeleteResource": { - "privilege": "DeleteResource", - "description": "Grants permission to delete resources in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_DeleteResource.html" - }, - "GetResource": { - "privilege": "GetResource", - "description": "Grants permission to get resources in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_GetResource.html" - }, - "GetResourceRequestStatus": { - "privilege": "GetResourceRequestStatus", - "description": "Grants permission to get resource requests in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_GetResourceRequestStatus.html" - }, - "ListResourceRequests": { - "privilege": "ListResourceRequests", - "description": "Grants permission to list resource requests in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_ListResourceRequests.html" - }, - "ListResources": { - "privilege": "ListResources", - "description": "Grants permission to list resources in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_ListResources.html" - }, - "UpdateResource": { - "privilege": "UpdateResource", - "description": "Grants permission to update resources in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_UpdateResource.html" - }, - "ActivateOrganizationsAccess": { - "privilege": "ActivateOrganizationsAccess", - "description": "Grants permission to activate trusted access between StackSets and Organizations. With trusted access between StackSets and Organizations activated, the management account has permissions to create and manage StackSets for your organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ActivateOrganizationsAccess.html" - }, - "ActivateType": { - "privilege": "ActivateType", - "description": "Grants permission to activate a public third-party extension, making it available for use in stack templates", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ActivateType.html" - }, - "BatchDescribeTypeConfigurations": { - "privilege": "BatchDescribeTypeConfigurations", - "description": "Grants permission to return configuration data for the specified CloudFormation extensions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_BatchDescribeTypeConfigurations.html" - }, - "CancelUpdateStack": { - "privilege": "CancelUpdateStack", - "description": "Grants permission to cancel an update on the specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CancelUpdateStack.html" - }, - "ContinueUpdateRollback": { - "privilege": "ContinueUpdateRollback", - "description": "Grants permission to continue rolling back a stack that is in the UPDATE_ROLLBACK_FAILED state to the UPDATE_ROLLBACK_COMPLETE state", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:RoleArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ContinueUpdateRollback.html" - }, - "CreateChangeSet": { - "privilege": "CreateChangeSet", - "description": "Grants permission to create a list of changes for a stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:ChangeSetName", - "cloudformation:ResourceTypes", - "cloudformation:ImportResourceTypes", - "cloudformation:RoleArn", - "cloudformation:StackPolicyUrl", - "cloudformation:TemplateUrl", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateChangeSet.html" - }, - "CreateStack": { - "privilege": "CreateStack", - "description": "Grants permission to create a stack as specified in the template", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:ResourceTypes", - "cloudformation:RoleArn", - "cloudformation:StackPolicyUrl", - "cloudformation:TemplateUrl", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStack.html" - }, - "CreateStackInstances": { - "privilege": "CreateStackInstances", - "description": "Grants permission to create stack instances for the specified accounts, within the specified regions", - "access_level": "Write", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stackset-target": { - "resource_type": "stackset-target", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "type": { - "resource_type": "type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "cloudformation:TargetRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStackInstances.html" - }, - "CreateStackSet": { - "privilege": "CreateStackSet", - "description": "Grants permission to create a stackset as specified in the template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:RoleArn", - "cloudformation:TemplateUrl", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStackSet.html" - }, - "CreateUploadBucket": { - "privilege": "CreateUploadBucket", - "description": "Grants permission to upload templates to Amazon S3 buckets. Used only by the AWS CloudFormation console and is not documented in the API reference", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html" - }, - "DeactivateOrganizationsAccess": { - "privilege": "DeactivateOrganizationsAccess", - "description": "Grants permission to deactivate trusted access between StackSets and Organizations. If trusted access is deactivated, the management account does not have permissions to create and manage service-managed StackSets for your organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeactivateOrganizationsAccess.html" - }, - "DeactivateType": { - "privilege": "DeactivateType", - "description": "Grants permission to deactivate a public extension that was previously activated in this account and region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeactivateType.html" - }, - "DeleteChangeSet": { - "privilege": "DeleteChangeSet", - "description": "Grants permission to delete the specified change set. Deleting change sets ensures that no one executes the wrong change set", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:ChangeSetName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteChangeSet.html" - }, - "DeleteStack": { - "privilege": "DeleteStack", - "description": "Grants permission to delete a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:RoleArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteStack.html" - }, - "DeleteStackInstances": { - "privilege": "DeleteStackInstances", - "description": "Grants permission to delete stack instances for the specified accounts, in the specified regions", - "access_level": "Write", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stackset-target": { - "resource_type": "stackset-target", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "type": { - "resource_type": "type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:TargetRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteStackInstances.html" - }, - "DeleteStackSet": { - "privilege": "DeleteStackSet", - "description": "Grants permission to delete a specified stackset", - "access_level": "Write", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteStackSet.html" - }, - "DeregisterType": { - "privilege": "DeregisterType", - "description": "Grants permission to deregister an existing CloudFormation type or type version", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeregisterType.html" - }, - "DescribeAccountLimits": { - "privilege": "DescribeAccountLimits", - "description": "Grants permission to retrieve your account's AWS CloudFormation limits", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeAccountLimits.html" - }, - "DescribeChangeSet": { - "privilege": "DescribeChangeSet", - "description": "Grants permission to return the description for the specified change set", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:ChangeSetName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeChangeSet.html" - }, - "DescribeChangeSetHooks": { - "privilege": "DescribeChangeSetHooks", - "description": "Grants permission to return the Hook invocation information for the specified change set", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:ChangeSetName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeChangeSetHooks.html" - }, - "DescribeOrganizationsAccess": { - "privilege": "DescribeOrganizationsAccess", - "description": "Grants permission to return information about the account's OrganizationAccess status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeOrganizationsAccess.html" - }, - "DescribePublisher": { - "privilege": "DescribePublisher", - "description": "Grants permission to return information about a CloudFormation extension publisher", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribePublisher.html" - }, - "DescribeStackDriftDetectionStatus": { - "privilege": "DescribeStackDriftDetectionStatus", - "description": "Grants permission to return information about a stack drift detection operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackDriftDetectionStatus.html" - }, - "DescribeStackEvents": { - "privilege": "DescribeStackEvents", - "description": "Grants permission to return all stack related events for a specified stack", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackEvents.html" - }, - "DescribeStackInstance": { - "privilege": "DescribeStackInstance", - "description": "Grants permission to return the stack instance that's associated with the specified stack set, AWS account, and region", - "access_level": "Read", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackInstance.html" - }, - "DescribeStackResource": { - "privilege": "DescribeStackResource", - "description": "Grants permission to return a description of the specified resource in the specified stack", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackResource.html" - }, - "DescribeStackResourceDrifts": { - "privilege": "DescribeStackResourceDrifts", - "description": "Grants permission to return drift information for the resources that have been checked for drift in the specified stack", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackResourceDrifts.html" - }, - "DescribeStackResources": { - "privilege": "DescribeStackResources", - "description": "Grants permission to return AWS resource descriptions for running and deleted stacks", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackResources.html" - }, - "DescribeStackSet": { - "privilege": "DescribeStackSet", - "description": "Grants permission to return the description of the specified stack set", - "access_level": "Read", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackSet.html" - }, - "DescribeStackSetOperation": { - "privilege": "DescribeStackSetOperation", - "description": "Grants permission to return the description of the specified stack set operation", - "access_level": "Read", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackSetOperation.html" - }, - "DescribeStacks": { - "privilege": "DescribeStacks", - "description": "Grants permission to return the description for the specified stack, and to all stacks when used in combination with the ListStacks action", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:ListStacks" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStacks.html" - }, - "DescribeType": { - "privilege": "DescribeType", - "description": "Grants permission to return information about the CloudFormation type requested", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeType.html" - }, - "DescribeTypeRegistration": { - "privilege": "DescribeTypeRegistration", - "description": "Grants permission to return information about the registration process for a CloudFormation type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeTypeRegistration.html" - }, - "DetectStackDrift": { - "privilege": "DetectStackDrift", - "description": "Grants permission to detects whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DetectStackDrift.html" - }, - "DetectStackResourceDrift": { - "privilege": "DetectStackResourceDrift", - "description": "Grants permission to return information about whether a resource's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DetectStackResourceDrift.html" - }, - "DetectStackSetDrift": { - "privilege": "DetectStackSetDrift", - "description": "Grants permission to enable users to detect drift on a stack set and the stack instances that belong to that stack set", - "access_level": "Read", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DetectStackSetDrift.html" - }, - "EstimateTemplateCost": { - "privilege": "EstimateTemplateCost", - "description": "Grants permission to return the estimated monthly cost of a template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:TemplateUrl" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_EstimateTemplateCost.html" - }, - "ExecuteChangeSet": { - "privilege": "ExecuteChangeSet", - "description": "Grants permission to update a stack using the input information that was provided when the specified change set was created", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:ChangeSetName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ExecuteChangeSet.html" - }, - "GetStackPolicy": { - "privilege": "GetStackPolicy", - "description": "Grants permission to return the stack policy for a specified stack", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_GetStackPolicy.html" - }, - "GetTemplate": { - "privilege": "GetTemplate", - "description": "Grants permission to return the template body for a specified stack", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_GetTemplate.html" - }, - "GetTemplateSummary": { - "privilege": "GetTemplateSummary", - "description": "Grants permission to return information about a new or existing template", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stackset": { - "resource_type": "stackset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:TemplateUrl" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_GetTemplateSummary.html" - }, - "ImportStacksToStackSet": { - "privilege": "ImportStacksToStackSet", - "description": "Grants permission to enable users to import existing stacks to a new or existing stackset", - "access_level": "Write", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ImportStacksToStackSet.html" - }, - "ListChangeSets": { - "privilege": "ListChangeSets", - "description": "Grants permission to return the ID and status of each active change set for a stack. For example, AWS CloudFormation lists change sets that are in the CREATE_IN_PROGRESS or CREATE_PENDING state", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListChangeSets.html" - }, - "ListExports": { - "privilege": "ListExports", - "description": "Grants permission to list all exported output values in the account and region in which you call this action", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListExports.html" - }, - "ListImports": { - "privilege": "ListImports", - "description": "Grants permission to list all stacks that are importing an exported output value", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListImports.html" - }, - "ListStackInstanceResourceDrifts": { - "privilege": "ListStackInstanceResourceDrifts", - "description": "Grants permission to return drift information for the resources that have been checked for drift in the specified stack instance", - "access_level": "List", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackInstanceResourceDrifts.html" - }, - "ListStackInstances": { - "privilege": "ListStackInstances", - "description": "Grants permission to return summary information about stack instances that are associated with the specified stack set", - "access_level": "List", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSets.html" - }, - "ListStackResources": { - "privilege": "ListStackResources", - "description": "Grants permission to return descriptions of all resources of the specified stack", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackResources.html" - }, - "ListStackSetOperationResults": { - "privilege": "ListStackSetOperationResults", - "description": "Grants permission to return summary information about the results of a stack set operation", - "access_level": "List", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSetOperationResults.html" - }, - "ListStackSetOperations": { - "privilege": "ListStackSetOperations", - "description": "Grants permission to return summary information about operations performed on a stack set", - "access_level": "List", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSetOperations.html" - }, - "ListStackSets": { - "privilege": "ListStackSets", - "description": "Grants permission to return summary information about stack sets that are associated with the user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSets.html" - }, - "ListStacks": { - "privilege": "ListStacks", - "description": "Grants permission to return the summary information for stacks whose status matches the specified StackStatusFilter. In combination with the DescribeStacks action, grants permission to list descriptions for stacks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStacks.html" - }, - "ListTypeRegistrations": { - "privilege": "ListTypeRegistrations", - "description": "Grants permission to list CloudFormation type registration attempts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListTypeRegistrations.html" - }, - "ListTypeVersions": { - "privilege": "ListTypeVersions", - "description": "Grants permission to list versions of a particular CloudFormation type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListTypeVersions.html" - }, - "ListTypes": { - "privilege": "ListTypes", - "description": "Grants permission to list available CloudFormation types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListTypes.html" - }, - "PublishType": { - "privilege": "PublishType", - "description": "Grants permission to publish the specified extension to the CloudFormation registry as a public extension in this region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_PublishType.html" - }, - "RecordHandlerProgress": { - "privilege": "RecordHandlerProgress", - "description": "Grants permission to record the handler progress", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RecordHandlerProgress.html" - }, - "RegisterPublisher": { - "privilege": "RegisterPublisher", - "description": "Grants permission to register account as a publisher of public extensions in the CloudFormation registry", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterPublisher.html" - }, - "RegisterType": { - "privilege": "RegisterType", - "description": "Grants permission to register a new CloudFormation type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterType.html" - }, - "RollbackStack": { - "privilege": "RollbackStack", - "description": "Grants permission to rollback the stack to the last stable state", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:RoleArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RollbackStack.html" - }, - "SetStackPolicy": { - "privilege": "SetStackPolicy", - "description": "Grants permission to set a stack policy for a specified stack", - "access_level": "Permissions management", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:StackPolicyUrl" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetStackPolicy.html" - }, - "SetTypeConfiguration": { - "privilege": "SetTypeConfiguration", - "description": "Grants permission to set the configuration data for a registered CloudFormation extension, in the given account and region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetTypeConfiguration.html" - }, - "SetTypeDefaultVersion": { - "privilege": "SetTypeDefaultVersion", - "description": "Grants permission to set which version of a CloudFormation type applies to CloudFormation operations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetTypeDefaultVersion.html" - }, - "SignalResource": { - "privilege": "SignalResource", - "description": "Grants permission to send a signal to the specified resource with a success or failure status", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SignalResource.html" - }, - "StopStackSetOperation": { - "privilege": "StopStackSetOperation", - "description": "Grants permission to stop an in-progress operation on a stack set and its associated stack instances", - "access_level": "Write", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_StopStackSetOperation.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag cloudformation resources", - "access_level": "Tagging", - "resource_types": { - "changeset": { - "resource_type": "changeset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stackset": { - "resource_type": "stackset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_TagResource.html" - }, - "TestType": { - "privilege": "TestType", - "description": "Grants permission to test a registered extension to make sure it meets all necessary requirements for being published in the CloudFormation registry", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_TestType.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag cloudformation resources", - "access_level": "Tagging", - "resource_types": { - "changeset": { - "resource_type": "changeset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stackset": { - "resource_type": "stackset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UntagResource.html" - }, - "UpdateStack": { - "privilege": "UpdateStack", - "description": "Grants permission to update a stack as specified in the template", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:ResourceTypes", - "cloudformation:RoleArn", - "cloudformation:StackPolicyUrl", - "cloudformation:TemplateUrl", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStack.html" - }, - "UpdateStackInstances": { - "privilege": "UpdateStackInstances", - "description": "Grants permission to update the parameter values for stack instances for the specified accounts, within the specified regions", - "access_level": "Write", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stackset-target": { - "resource_type": "stackset-target", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "type": { - "resource_type": "type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:TargetRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStackInstances.html" - }, - "UpdateStackSet": { - "privilege": "UpdateStackSet", - "description": "Grants permission to update a stackset as specified in the template", - "access_level": "Write", - "resource_types": { - "stackset": { - "resource_type": "stackset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "stackset-target": { - "resource_type": "stackset-target", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "type": { - "resource_type": "type", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:RoleArn", - "cloudformation:TemplateUrl", - "cloudformation:TargetRegion", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStackSet.html" - }, - "UpdateTerminationProtection": { - "privilege": "UpdateTerminationProtection", - "description": "Grants permission to update termination protection for the specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateTerminationProtection.html" - }, - "ValidateTemplate": { - "privilege": "ValidateTemplate", - "description": "Grants permission to validate a specified template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cloudformation:TemplateUrl" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ValidateTemplate.html" - } - }, - "resources": { - "changeset": { - "resource": "changeset", - "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:changeSet/${ChangeSetName}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stack": { - "resource": "stack", - "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:stack/${StackName}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stackset": { - "resource": "stackset", - "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:stackset/${StackSetName}:${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stackset-target": { - "resource": "stackset-target", - "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:stackset-target/${StackSetTarget}", - "condition_keys": [] - }, - "type": { - "resource": "type", - "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:type/resource/${Type}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "cloudformation:ChangeSetName": { - "condition": "cloudformation:ChangeSetName", - "description": "Filters access by an AWS CloudFormation change set name. Use to control which change sets IAM users can execute or delete", - "type": "String" - }, - "cloudformation:ImportResourceTypes": { - "condition": "cloudformation:ImportResourceTypes", - "description": "Filters access by the template resource types, such as AWS::EC2::Instance. Use to control which resource types IAM users can work with when they want to import a resource into a stack", - "type": "String" - }, - "cloudformation:ResourceTypes": { - "condition": "cloudformation:ResourceTypes", - "description": "Filters access by the template resource types, such as AWS::EC2::Instance. Use to control which resource types IAM users can work with when they create or update a stack", - "type": "ArrayOfString" - }, - "cloudformation:RoleArn": { - "condition": "cloudformation:RoleArn", - "description": "Filters access by the ARN of an IAM service role. Use to control which service role IAM users can use to work with stacks or change sets", - "type": "ARN" - }, - "cloudformation:StackPolicyUrl": { - "condition": "cloudformation:StackPolicyUrl", - "description": "Filters access by an Amazon S3 stack policy URL. Use to control which stack policies IAM users can associate with a stack during a create or update stack action", - "type": "String" - }, - "cloudformation:TargetRegion": { - "condition": "cloudformation:TargetRegion", - "description": "Filters access by stack set target region. Use to control which regions IAM users can use when they create or update stack sets", - "type": "ArrayOfString" - }, - "cloudformation:TemplateUrl": { - "condition": "cloudformation:TemplateUrl", - "description": "Filters access by an Amazon S3 template URL. Use to control which templates IAM users can use when they create or update stacks", - "type": "String" - } - } - }, - "cloudhsm": { - "service_name": "AWS CloudHSM", - "prefix": "cloudhsm", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudhsm.html", - "privileges": { - "AddTagsToResource": { - "privilege": "AddTagsToResource", - "description": "Adds or overwrites one or more tags for the specified AWS CloudHSM resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_AddTagsToResource.html" - }, - "CopyBackupToRegion": { - "privilege": "CopyBackupToRegion", - "description": "Creates a copy of a backup in the specified region", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CopyBackupToRegion.html" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Creates a new AWS CloudHSM cluster", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateCluster.html" - }, - "CreateHapg": { - "privilege": "CreateHapg", - "description": "Creates a high-availability partition group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_CreateHapg.html" - }, - "CreateHsm": { - "privilege": "CreateHsm", - "description": "Creates a new hardware security module (HSM) in the specified AWS CloudHSM cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html" - }, - "CreateLunaClient": { - "privilege": "CreateLunaClient", - "description": "Creates an HSM client", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_CreateLunaClient.html" - }, - "DeleteBackup": { - "privilege": "DeleteBackup", - "description": "Deletes the specified CloudHSM backup", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DeleteBackup.html" - }, - "DeleteCluster": { - "privilege": "DeleteCluster", - "description": "Deletes the specified AWS CloudHSM cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DeleteCluster.html" - }, - "DeleteHapg": { - "privilege": "DeleteHapg", - "description": "Deletes a high-availability partition group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DeleteHapg.html" - }, - "DeleteHsm": { - "privilege": "DeleteHsm", - "description": "Deletes the specified HSM", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DeleteHsm.html" - }, - "DeleteLunaClient": { - "privilege": "DeleteLunaClient", - "description": "Deletes a client", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DeleteLunaClient.html" - }, - "DescribeBackups": { - "privilege": "DescribeBackups", - "description": "Gets information about backups of AWS CloudHSM clusters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeBackups.html" - }, - "DescribeClusters": { - "privilege": "DescribeClusters", - "description": "Gets information about AWS CloudHSM clusters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html" - }, - "DescribeHapg": { - "privilege": "DescribeHapg", - "description": "Retrieves information about a high-availability partition group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DescribeHapg.html" - }, - "DescribeHsm": { - "privilege": "DescribeHsm", - "description": "Retrieves information about an HSM. You can identify the HSM by its ARN or its serial number", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DescribeHsm.html" - }, - "DescribeLunaClient": { - "privilege": "DescribeLunaClient", - "description": "Retrieves information about an HSM client", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DescribeLunaClient.html" - }, - "GetConfig": { - "privilege": "GetConfig", - "description": "Gets the configuration files necessary to connect to all high availability partition groups the client is associated with", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_GetConfig.html" - }, - "InitializeCluster": { - "privilege": "InitializeCluster", - "description": "Claims an AWS CloudHSM cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_InitializeCluster.html" - }, - "ListAvailableZones": { - "privilege": "ListAvailableZones", - "description": "Lists the Availability Zones that have available AWS CloudHSM capacity", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListAvailableZones.html" - }, - "ListHapgs": { - "privilege": "ListHapgs", - "description": "Lists the high-availability partition groups for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListHapgs.html" - }, - "ListHsms": { - "privilege": "ListHsms", - "description": "Retrieves the identifiers of all of the HSMs provisioned for the current customer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListHsms.html" - }, - "ListLunaClients": { - "privilege": "ListLunaClients", - "description": "Lists all of the clients", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListLunaClients.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Gets a list of tags for the specified AWS CloudHSM cluster", - "access_level": "Read", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_ListTags.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Returns a list of all tags for the specified AWS CloudHSM resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListTagsForResource.html" - }, - "ModifyBackupAttributes": { - "privilege": "ModifyBackupAttributes", - "description": "Modifies attributes for AWS CloudHSM backup", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_ModifyBackupAttributes.html" - }, - "ModifyCluster": { - "privilege": "ModifyCluster", - "description": "Modifies AWS CloudHSM cluster", - "access_level": "Write", - "resource_types": { - "cluster": { - "resource_type": "cluster", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_ModifyCluster.html" - }, - "ModifyHapg": { - "privilege": "ModifyHapg", - "description": "Modifies an existing high-availability partition group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ModifyHapg.html" - }, - "ModifyHsm": { - "privilege": "ModifyHsm", - "description": "Modifies an HSM", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ModifyHsm.html" - }, - "ModifyLunaClient": { - "privilege": "ModifyLunaClient", - "description": "Modifies the certificate used by the client", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ModifyLunaClient.html" - }, - "RemoveTagsFromResource": { - "privilege": "RemoveTagsFromResource", - "description": "Removes one or more tags from the specified AWS CloudHSM resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_RemoveTagsFromResource.html" - }, - "RestoreBackup": { - "privilege": "RestoreBackup", - "description": "Restores the specified CloudHSM backup", - "access_level": "Write", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_RestoreBackup.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Adds or overwrites one or more tags for the specified AWS CloudHSM cluster", - "access_level": "Tagging", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Removes the specified tag or tags from the specified AWS CloudHSM cluster", - "access_level": "Tagging", - "resource_types": { - "backup": { - "resource_type": "backup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cluster": { - "resource_type": "cluster", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_UntagResource.html" - } - }, - "resources": { - "backup": { - "resource": "backup", - "arn": "arn:${Partition}:cloudhsm:${Region}:${Account}:backup/${CloudHsmBackupInstanceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "cluster": { - "resource": "cluster", - "arn": "arn:${Partition}:cloudhsm:${Region}:${Account}:cluster/${CloudHsmClusterInstanceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "servicediscovery": { - "service_name": "AWS Cloud Map", - "prefix": "servicediscovery", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudmap.html", - "privileges": { - "CreateHttpNamespace": { - "privilege": "CreateHttpNamespace", - "description": "Grants permission to create an HTTP namespace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateHttpNamespace.html" - }, - "CreatePrivateDnsNamespace": { - "privilege": "CreatePrivateDnsNamespace", - "description": "Grants permission to create a private namespace based on DNS, which will be visible only inside a specified Amazon VPC", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreatePrivateDnsNamespace.html" - }, - "CreatePublicDnsNamespace": { - "privilege": "CreatePublicDnsNamespace", - "description": "Grants permission to create a public namespace based on DNS, which will be visible on the internet", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreatePublicDnsNamespace.html" - }, - "CreateService": { - "privilege": "CreateService", - "description": "Grants permission to create a service", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:NamespaceArn", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html" - }, - "DeleteNamespace": { - "privilege": "DeleteNamespace", - "description": "Grants permission to delete a specified namespace", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DeleteNamespace.html" - }, - "DeleteService": { - "privilege": "DeleteService", - "description": "Grants permission to delete a specified service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DeleteService.html" - }, - "DeregisterInstance": { - "privilege": "DeregisterInstance", - "description": "Grants permission to delete the records and the health check, if any, that Amazon Route 53 created for the specified instance", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:ServiceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DeregisterInstance.html" - }, - "DiscoverInstances": { - "privilege": "DiscoverInstances", - "description": "Grants permission to discover registered instances for a specified namespace and service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:NamespaceName", - "servicediscovery:ServiceName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html" - }, - "GetInstance": { - "privilege": "GetInstance", - "description": "Grants permission to get information about a specified instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:ServiceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetInstance.html" - }, - "GetInstancesHealthStatus": { - "privilege": "GetInstancesHealthStatus", - "description": "Grants permission to get the current health status (Healthy, Unhealthy, or Unknown) of one or more instances", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:ServiceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetInstancesHealthStatus.html" - }, - "GetNamespace": { - "privilege": "GetNamespace", - "description": "Grants permission to get information about a namespace", - "access_level": "Read", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetNamespace.html" - }, - "GetOperation": { - "privilege": "GetOperation", - "description": "Grants permission to get information about a specific operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetOperation.html" - }, - "GetService": { - "privilege": "GetService", - "description": "Grants permission to get the settings for a specified service", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetService.html" - }, - "ListInstances": { - "privilege": "ListInstances", - "description": "Grants permission to get summary information about the instances that were registered with a specified service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:ServiceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListInstances.html" - }, - "ListNamespaces": { - "privilege": "ListNamespaces", - "description": "Grants permission to get information about the namespaces", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListNamespaces.html" - }, - "ListOperations": { - "privilege": "ListOperations", - "description": "Grants permission to list operations that match the criteria that you specify", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListOperations.html" - }, - "ListServices": { - "privilege": "ListServices", - "description": "Grants permission to get settings for all the services that match specified filters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListServices.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tags for the specified resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListTagsForResource.html" - }, - "RegisterInstance": { - "privilege": "RegisterInstance", - "description": "Grants permission to register an instance based on the settings in a specified service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:ServiceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UntagResource.html" - }, - "UpdateHttpNamespace": { - "privilege": "UpdateHttpNamespace", - "description": "Grants permission to update the settings for a HTTP namespace", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateHttpNamespace.html" - }, - "UpdateInstanceCustomHealthStatus": { - "privilege": "UpdateInstanceCustomHealthStatus", - "description": "Grants permission to update the current health status for an instance that has a custom health check", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicediscovery:ServiceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateInstanceCustomHealthStatus.html" - }, - "UpdatePrivateDnsNamespace": { - "privilege": "UpdatePrivateDnsNamespace", - "description": "Grants permission to update the settings for a private DNS namespace", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdatePrivateDnsNamespace.html" - }, - "UpdatePublicDnsNamespace": { - "privilege": "UpdatePublicDnsNamespace", - "description": "Grants permission to update the settings for a public DNS namespace", - "access_level": "Write", - "resource_types": { - "namespace": { - "resource_type": "namespace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdatePublicDnsNamespace.html" - }, - "UpdateService": { - "privilege": "UpdateService", - "description": "Grants permission to update the settings in a specified service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateService.html" - } - }, - "resources": { - "namespace": { - "resource": "namespace", - "arn": "arn:${Partition}:servicediscovery:${Region}:${Account}:namespace/${NamespaceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "service": { - "resource": "service", - "arn": "arn:${Partition}:servicediscovery:${Region}:${Account}:service/${ServiceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "servicediscovery:NamespaceArn": { - "condition": "servicediscovery:NamespaceArn", - "description": "Filters access by specifying the Amazon Resource Name (ARN) for the related namespace", - "type": "String" - }, - "servicediscovery:NamespaceName": { - "condition": "servicediscovery:NamespaceName", - "description": "Filters access by specifying the name of the related namespace", - "type": "String" - }, - "servicediscovery:ServiceArn": { - "condition": "servicediscovery:ServiceArn", - "description": "Filters access by specifying the Amazon Resource Name (ARN) for the related service", - "type": "String" - }, - "servicediscovery:ServiceName": { - "condition": "servicediscovery:ServiceName", - "description": "Filters access by specifying the name of the related service", - "type": "String" - } - } - }, - "cloudshell": { - "service_name": "AWS CloudShell", - "prefix": "cloudshell", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudshell.html", - "privileges": { - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permissions to create a CloudShell environment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#CreateEnvironment" - }, - "CreateSession": { - "privilege": "CreateSession", - "description": "Grants permissions to connect to a CloudShell environment from the AWS Management Console", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#CreateSession" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete a CloudShell environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#DeleteEnvironment" - }, - "GetEnvironmentStatus": { - "privilege": "GetEnvironmentStatus", - "description": "Grants permission to read a CloudShell environment status", - "access_level": "Read", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#GetEnvironmentStatus" - }, - "GetFileDownloadUrls": { - "privilege": "GetFileDownloadUrls", - "description": "Grants permissions to download files from a CloudShell environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#GetFileDownloadUrls" - }, - "GetFileUploadUrls": { - "privilege": "GetFileUploadUrls", - "description": "Grants permissions to upload files to a CloudShell environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#GetFileUploadUrls" - }, - "PutCredentials": { - "privilege": "PutCredentials", - "description": "Grants permissions to forward console credentials to the environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#PutCredentials" - }, - "StartEnvironment": { - "privilege": "StartEnvironment", - "description": "Grants permission to start a stopped CloudShell environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#StartEnvironment" - }, - "StopEnvironment": { - "privilege": "StopEnvironment", - "description": "Grants permission to stop a running CloudShell environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#StopEnvironment" - } - }, - "resources": { - "Environment": { - "resource": "Environment", - "arn": "arn:${Partition}:cloudshell:${Region}:${Account}:environment/${EnvironmentId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "cloudtrail": { - "service_name": "AWS CloudTrail", - "prefix": "cloudtrail", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudtrail.html", - "privileges": { - "AddTags": { - "privilege": "AddTags", - "description": "Grants permission to add one or more tags to a trail, event data store, or channel, up to a limit of 50", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "eventdatastore": { - "resource_type": "eventdatastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trail": { - "resource_type": "trail", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AddTags.html" - }, - "CancelQuery": { - "privilege": "CancelQuery", - "description": "Grants permission to cancel a running query", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CancelQuery.html" - }, - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Grants permission to create a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudtrail:AddTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CreateChannel.html" - }, - "CreateEventDataStore": { - "privilege": "CreateEventDataStore", - "description": "Grants permission to create an event data store", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudtrail:AddTags", - "iam:CreateServiceLinkedRole", - "iam:GetRole", - "kms:Decrypt", - "kms:GenerateDataKey", - "organizations:ListAWSServiceAccessForOrganization" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CreateEventDataStore.html" - }, - "CreateServiceLinkedChannel": { - "privilege": "CreateServiceLinkedChannel", - "description": "Grants permission to create a service-linked channel that specifies the settings for delivery of log data to an AWS service", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_CreateServiceLinkedChannel.html" - }, - "CreateTrail": { - "privilege": "CreateTrail", - "description": "Grants permission to create a trail that specifies the settings for delivery of log data to an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudtrail:AddTags", - "iam:CreateServiceLinkedRole", - "iam:GetRole", - "organizations:ListAWSServiceAccessForOrganization" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CreateTrail.html" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Grants permission to delete a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteChannel.html" - }, - "DeleteEventDataStore": { - "privilege": "DeleteEventDataStore", - "description": "Grants permission to delete an event data store", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteEventDataStore.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy from the provided resource", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteServiceLinkedChannel": { - "privilege": "DeleteServiceLinkedChannel", - "description": "Grants permission to delete a service-linked channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_DeleteServiceLinkedChannel.html" - }, - "DeleteTrail": { - "privilege": "DeleteTrail", - "description": "Grants permission to delete a trail", - "access_level": "Write", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteTrail.html" - }, - "DeregisterOrganizationDelegatedAdmin": { - "privilege": "DeregisterOrganizationDelegatedAdmin", - "description": "Grants permission to deregister an AWS Organizations member account as a delegated administrator", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DeregisterDelegatedAdministrator", - "organizations:ListAWSServiceAccessForOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeregisterOrganizationDelegatedAdmin.html" - }, - "DescribeQuery": { - "privilege": "DescribeQuery", - "description": "Grants permission to list details for the query", - "access_level": "Read", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DescribeQuery.html" - }, - "DescribeTrails": { - "privilege": "DescribeTrails", - "description": "Grants permission to list settings for the trails associated with the current region for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DescribeTrails.html" - }, - "GetChannel": { - "privilege": "GetChannel", - "description": "Grants permission to return information about a specific channel", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetChannel.html" - }, - "GetEventDataStore": { - "privilege": "GetEventDataStore", - "description": "Grants permission to list settings for the event data store", - "access_level": "Read", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetEventDataStore.html" - }, - "GetEventSelectors": { - "privilege": "GetEventSelectors", - "description": "Grants permission to list settings for event selectors configured for a trail", - "access_level": "Read", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetEventSelectors.html" - }, - "GetImport": { - "privilege": "GetImport", - "description": "Grants permission to return information about a specific import", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetImport.html" - }, - "GetInsightSelectors": { - "privilege": "GetInsightSelectors", - "description": "Grants permission to list CloudTrail Insights selectors that are configured for a trail", - "access_level": "Read", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetInsightSelectors.html" - }, - "GetQueryResults": { - "privilege": "GetQueryResults", - "description": "Grants permission to fetch results of a complete query", - "access_level": "Read", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kms:Decrypt", - "kms:GenerateDataKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetQueryResults.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to get the resource policy attached to the provided resource", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetResourcePolicy.html" - }, - "GetServiceLinkedChannel": { - "privilege": "GetServiceLinkedChannel", - "description": "Grants permission to list settings for the service-linked channel", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_GetServiceLinkedChannel.html" - }, - "GetTrail": { - "privilege": "GetTrail", - "description": "Grants permission to list settings for the trail", - "access_level": "Read", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetTrail.html" - }, - "GetTrailStatus": { - "privilege": "GetTrailStatus", - "description": "Grants permission to retrieve a JSON-formatted list of information about the specified trail", - "access_level": "Read", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetTrailStatus.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to list the channels in the current account, and their source names", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListChannels.html" - }, - "ListEventDataStores": { - "privilege": "ListEventDataStores", - "description": "Grants permission to list event data stores associated with the current region for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListEventDataStores.html" - }, - "ListImportFailures": { - "privilege": "ListImportFailures", - "description": "Grants permission to return a list of failures for the specified import", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListImportFailures.html" - }, - "ListImports": { - "privilege": "ListImports", - "description": "Grants permission to return information on all imports, or a select set of imports by ImportStatus or Destination", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListImports.html" - }, - "ListPublicKeys": { - "privilege": "ListPublicKeys", - "description": "Grants permission to list the public keys whose private keys were used to sign trail digest files within a specified time range", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListPublicKeys.html" - }, - "ListQueries": { - "privilege": "ListQueries", - "description": "Grants permission to list queries associated with an event data store", - "access_level": "List", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListQueries.html" - }, - "ListServiceLinkedChannels": { - "privilege": "ListServiceLinkedChannels", - "description": "Grants permission to list service-linked channels associated with the current region for a specified account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_ListServiceLinkedChannels.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to list the tags for trails, event data stores, or channels in the current region", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "eventdatastore": { - "resource_type": "eventdatastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trail": { - "resource_type": "trail", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListTags.html" - }, - "ListTrails": { - "privilege": "ListTrails", - "description": "Grants permission to list trails associated with the current region for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListTrails.html" - }, - "LookupEvents": { - "privilege": "LookupEvents", - "description": "Grants permission to look up API activity events captured by CloudTrail that create, update, or delete resources in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_LookupEvents.html" - }, - "PutEventSelectors": { - "privilege": "PutEventSelectors", - "description": "Grants permission to create and update event selectors for a trail", - "access_level": "Write", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_PutEventSelectors.html" - }, - "PutInsightSelectors": { - "privilege": "PutInsightSelectors", - "description": "Grants permission to create and update CloudTrail Insights selectors for a trail", - "access_level": "Write", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_PutInsightSelectors.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to attach a resource policy to the provided resource", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_PutResourcePolicy.html" - }, - "RegisterOrganizationDelegatedAdmin": { - "privilege": "RegisterOrganizationDelegatedAdmin", - "description": "Grants permission to register an AWS Organizations member account as a delegated administrator", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:GetRole", - "organizations:ListAWSServiceAccessForOrganization", - "organizations:RegisterDelegatedAdministrator" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_RegisterOrganizationDelegatedAdmin.html" - }, - "RemoveTags": { - "privilege": "RemoveTags", - "description": "Grants permission to remove tags from a trail, event data store, or channel", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "eventdatastore": { - "resource_type": "eventdatastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trail": { - "resource_type": "trail", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_RemoveTags.html" - }, - "RestoreEventDataStore": { - "privilege": "RestoreEventDataStore", - "description": "Grants permission to restore an event data store", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_RestoreEventDataStore.html" - }, - "StartEventDataStoreIngestion": { - "privilege": "StartEventDataStoreIngestion", - "description": "Grants permission to start ingestion on an event data store", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartEventDataStoreIngestion.html" - }, - "StartImport": { - "privilege": "StartImport", - "description": "Grants permission to start an import of logged trail events from a source S3 bucket to a destination event data store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartImport.html" - }, - "StartLogging": { - "privilege": "StartLogging", - "description": "Grants permission to start the recording of AWS API calls and log file delivery for a trail", - "access_level": "Write", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartLogging.html" - }, - "StartQuery": { - "privilege": "StartQuery", - "description": "Grants permission to start a new query on a specified event data store", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "kms:Decrypt", - "kms:GenerateDataKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartQuery.html" - }, - "StopEventDataStoreIngestion": { - "privilege": "StopEventDataStoreIngestion", - "description": "Grants permission to stop ingestion on an event data store", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StopEventDataStoreIngestion.html" - }, - "StopImport": { - "privilege": "StopImport", - "description": "Grants permission to stop a specified import", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StopImport.html" - }, - "StopLogging": { - "privilege": "StopLogging", - "description": "Grants permission to stop the recording of AWS API calls and log file delivery for a trail", - "access_level": "Write", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StopLogging.html" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Grants permission to update a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateChannel.html" - }, - "UpdateEventDataStore": { - "privilege": "UpdateEventDataStore", - "description": "Grants permission to update an event data store", - "access_level": "Write", - "resource_types": { - "eventdatastore": { - "resource_type": "eventdatastore", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:GetRole", - "kms:Decrypt", - "kms:GenerateDataKey", - "organizations:ListAWSServiceAccessForOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateEventDataStore.html" - }, - "UpdateServiceLinkedChannel": { - "privilege": "UpdateServiceLinkedChannel", - "description": "Grants permission to update the settings that specify delivery of log files", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "API_UpdateServiceLinkedChannel.html" - }, - "UpdateTrail": { - "privilege": "UpdateTrail", - "description": "Grants permission to update the settings that specify delivery of log files", - "access_level": "Write", - "resource_types": { - "trail": { - "resource_type": "trail", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:GetRole", - "organizations:ListAWSServiceAccessForOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateTrail.html" - } - }, - "resources": { - "trail": { - "resource": "trail", - "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:trail/${TrailName}", - "condition_keys": [] - }, - "eventdatastore": { - "resource": "eventdatastore", - "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:eventdatastore/${EventDataStoreId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:channel/${ChannelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - } - } - }, - "cloudtrail-data": { - "service_name": "AWS CloudTrail Data", - "prefix": "cloudtrail-data", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudtraildata.html", - "privileges": { - "PutAuditEvents": { - "privilege": "PutAuditEvents", - "description": "Grants permission to ingest your application events into CloudTrail Lake", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awscloudtraildata/latest/APIReference/API_PutAuditEvents.html" - } - }, - "resources": { - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:channel/${ChannelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - } - } - }, - "rum": { - "service_name": "AWS CloudWatch RUM", - "prefix": "rum", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudwatchrum.html", - "privileges": { - "BatchCreateRumMetricDefinitions": { - "privilege": "BatchCreateRumMetricDefinitions", - "description": "Grants permission to create rum metric definitions", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_BatchCreateRumMetricDefinitions.html" - }, - "BatchDeleteRumMetricDefinitions": { - "privilege": "BatchDeleteRumMetricDefinitions", - "description": "Grants permission to remove rum metric definitions", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_BatchDeleteRumMetricDefinitions.html" - }, - "BatchGetRumMetricDefinitions": { - "privilege": "BatchGetRumMetricDefinitions", - "description": "Grants permission to get rum metric definitions", - "access_level": "Read", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_BatchGetRumMetricDefinitions.html" - }, - "CreateAppMonitor": { - "privilege": "CreateAppMonitor", - "description": "Grants permission to create appMonitor metadata", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:GetRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_CreateAppMonitor.html" - }, - "DeleteAppMonitor": { - "privilege": "DeleteAppMonitor", - "description": "Grants permission to delete appMonitor metadata", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_DeleteAppMonitor.html" - }, - "DeleteRumMetricsDestination": { - "privilege": "DeleteRumMetricsDestination", - "description": "Grants permission to delete rum metrics destinations", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_DeleteRumMetricsDestination.html" - }, - "GetAppMonitor": { - "privilege": "GetAppMonitor", - "description": "Grants permission to get appMonitor metadata", - "access_level": "Read", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_GetAppMonitor.html" - }, - "GetAppMonitorData": { - "privilege": "GetAppMonitorData", - "description": "Grants permission to get appMonitor data", - "access_level": "Read", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_GetAppMonitorData.html" - }, - "ListAppMonitors": { - "privilege": "ListAppMonitors", - "description": "Grants permission to list appMonitors metadata", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_ListAppMonitors.html" - }, - "ListRumMetricsDestinations": { - "privilege": "ListRumMetricsDestinations", - "description": "Grants permission to list rum metrics destinations", - "access_level": "Read", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_ListRumMetricsDestinations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_ListTagsForResource.html" - }, - "PutRumEvents": { - "privilege": "PutRumEvents", - "description": "Grants permission to put RUM events for appmonitor", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_PutRumEvents.html" - }, - "PutRumMetricsDestination": { - "privilege": "PutRumMetricsDestination", - "description": "Grants permission to put rum metrics destinations", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_PutRumMetricsDestination.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag resources", - "access_level": "Tagging", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag resources", - "access_level": "Tagging", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_UntagResource.html" - }, - "UpdateAppMonitor": { - "privilege": "UpdateAppMonitor", - "description": "Grants permission to update appmonitor metadata", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:GetRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_UpdateAppMonitor.html" - }, - "UpdateRumMetricDefinition": { - "privilege": "UpdateRumMetricDefinition", - "description": "Grants permission to update rum metric definition", - "access_level": "Write", - "resource_types": { - "AppMonitorResource": { - "resource_type": "AppMonitorResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_UpdateRumMetricDefinition.html" - } - }, - "resources": { - "AppMonitorResource": { - "resource": "AppMonitorResource", - "arn": "arn:${Partition}:rum:${Region}:${Account}:appmonitor/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed the request on behalf of the IAM principal", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource that make the request on behalf of the IAM principal", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request on behalf of the IAM principal", - "type": "ArrayOfString" - } - } - }, - "codeartifact": { - "service_name": "AWS CodeArtifact", - "prefix": "codeartifact", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodeartifact.html", - "privileges": { - "AssociateExternalConnection": { - "privilege": "AssociateExternalConnection", - "description": "Grants permission to add an external connection to a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_AssociateExternalConnection.html" - }, - "AssociateWithDownstreamRepository": { - "privilege": "AssociateWithDownstreamRepository", - "description": "Grants permission to associate an existing repository as an upstream repository to another repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html" - }, - "CopyPackageVersions": { - "privilege": "CopyPackageVersions", - "description": "Grants permission to copy package versions from one repository to another repository in the same domain", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_CopyPackageVersions.html" - }, - "CreateDomain": { - "privilege": "CreateDomain", - "description": "Grants permission to create a new domain", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_CreateDomain.html" - }, - "CreateRepository": { - "privilege": "CreateRepository", - "description": "Grants permission to create a new repository", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_CreateRepository.html" - }, - "DeleteDomain": { - "privilege": "DeleteDomain", - "description": "Grants permission to delete a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteDomain.html" - }, - "DeleteDomainPermissionsPolicy": { - "privilege": "DeleteDomainPermissionsPolicy", - "description": "Grants permission to delete the resource policy set on a domain", - "access_level": "Permissions management", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteDomainPermissionsPolicy.html" - }, - "DeletePackage": { - "privilege": "DeletePackage", - "description": "Grants permission to delete a package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeletePackage.html" - }, - "DeletePackageVersions": { - "privilege": "DeletePackageVersions", - "description": "Grants permission to delete package versions", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeletePackageVersions.html" - }, - "DeleteRepository": { - "privilege": "DeleteRepository", - "description": "Grants permission to delete a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteRepository.html" - }, - "DeleteRepositoryPermissionsPolicy": { - "privilege": "DeleteRepositoryPermissionsPolicy", - "description": "Grants permission to delete the resource policy set on a repository", - "access_level": "Permissions management", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteRepositoryPermissionsPolicy.html" - }, - "DescribeDomain": { - "privilege": "DescribeDomain", - "description": "Grants permission to return information about a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribeDomain.html" - }, - "DescribePackage": { - "privilege": "DescribePackage", - "description": "Grants permission to retrieve information about a package", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribePackage.html" - }, - "DescribePackageVersion": { - "privilege": "DescribePackageVersion", - "description": "Grants permission to return information about a package version", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribePackageVersion.html" - }, - "DescribeRepository": { - "privilege": "DescribeRepository", - "description": "Grants permission to return detailed information about a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribeRepository.html" - }, - "DisassociateExternalConnection": { - "privilege": "DisassociateExternalConnection", - "description": "Grants permission to disassociate an external connection from a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DisassociateExternalConnection.html" - }, - "DisposePackageVersions": { - "privilege": "DisposePackageVersions", - "description": "Grants permission to set the status of package versions to Disposed and delete their assets", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DisposePackageVersions.html" - }, - "GetAuthorizationToken": { - "privilege": "GetAuthorizationToken", - "description": "Grants permission to generate a temporary authentication token for accessing repositories in a domain", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetAuthorizationToken.html" - }, - "GetDomainPermissionsPolicy": { - "privilege": "GetDomainPermissionsPolicy", - "description": "Grants permission to return a domain's resource policy", - "access_level": "Read", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetDomainPermissionsPolicy.html" - }, - "GetPackageVersionAsset": { - "privilege": "GetPackageVersionAsset", - "description": "Grants permission to return an asset (or file) that is part of a package version", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetPackageVersionAsset.html" - }, - "GetPackageVersionReadme": { - "privilege": "GetPackageVersionReadme", - "description": "Grants permission to return a package version's readme file", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetPackageVersionReadme.html" - }, - "GetRepositoryEndpoint": { - "privilege": "GetRepositoryEndpoint", - "description": "Grants permission to return an endpoint for a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetRepositoryEndpoint.html" - }, - "GetRepositoryPermissionsPolicy": { - "privilege": "GetRepositoryPermissionsPolicy", - "description": "Grants permission to return a repository's resource policy", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetRepositoryPermissionsPolicy.html" - }, - "ListDomains": { - "privilege": "ListDomains", - "description": "Grants permission to list the domains in the current user's AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListDomains.html" - }, - "ListPackageVersionAssets": { - "privilege": "ListPackageVersionAssets", - "description": "Grants permission to list a package version's assets", - "access_level": "List", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackageVersionAssets.html" - }, - "ListPackageVersionDependencies": { - "privilege": "ListPackageVersionDependencies", - "description": "Grants permission to list the direct dependencies of a package version", - "access_level": "List", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackageVersionDependencies.html" - }, - "ListPackageVersions": { - "privilege": "ListPackageVersions", - "description": "Grants permission to list a package's versions", - "access_level": "List", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackageVersions.html" - }, - "ListPackages": { - "privilege": "ListPackages", - "description": "Grants permission to list the packages in a repository", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackages.html" - }, - "ListRepositories": { - "privilege": "ListRepositories", - "description": "Grants permission to list the repositories administered by the calling account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListRepositories.html" - }, - "ListRepositoriesInDomain": { - "privilege": "ListRepositoriesInDomain", - "description": "Grants permission to list the repositories in a domain", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListRepositoriesInDomain.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a CodeArtifact resource", - "access_level": "List", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListTagsForResource.html" - }, - "PublishPackageVersion": { - "privilege": "PublishPackageVersion", - "description": "Grants permission to publish assets and metadata to a repository endpoint", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repo-policies.html" - }, - "PutDomainPermissionsPolicy": { - "privilege": "PutDomainPermissionsPolicy", - "description": "Grants permission to attach a resource policy to a domain", - "access_level": "Write", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_PutDomainPermissionsPolicy.html" - }, - "PutPackageMetadata": { - "privilege": "PutPackageMetadata", - "description": "Grants permission to add, modify or remove package metadata using a repository endpoint", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repo-policies.html" - }, - "PutPackageOriginConfiguration": { - "privilege": "PutPackageOriginConfiguration", - "description": "Grants permission to set origin configuration for a package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_PutPackageOriginConfiguration.html" - }, - "PutRepositoryPermissionsPolicy": { - "privilege": "PutRepositoryPermissionsPolicy", - "description": "Grants permission to attach a resource policy to a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_PutRepositoryPermissionsPolicy.html" - }, - "ReadFromRepository": { - "privilege": "ReadFromRepository", - "description": "Grants permission to return package assets and metadata from a repository endpoint", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repo-policies.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a CodeArtifact resource", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a CodeArtifact resource", - "access_level": "Tagging", - "resource_types": { - "domain": { - "resource_type": "domain", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_UntagResource.html" - }, - "UpdatePackageVersionsStatus": { - "privilege": "UpdatePackageVersionsStatus", - "description": "Grants permission to modify the status of one or more versions of a package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_UpdatePackageVersionsStatus.html" - }, - "UpdateRepository": { - "privilege": "UpdateRepository", - "description": "Grants permission to modify the properties of a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_UpdateRepository.html" - } - }, - "resources": { - "domain": { - "resource": "domain", - "arn": "arn:${Partition}:codeartifact:${Region}:${Account}:domain/${DomainName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "repository": { - "resource": "repository", - "arn": "arn:${Partition}:codeartifact:${Region}:${Account}:repository/${DomainName}/${RepositoryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "package": { - "resource": "package", - "arn": "arn:${Partition}:codeartifact:${Region}:${Account}:package/${DomainName}/${RepositoryName}/${PackageFormat}/${PackageNamespace}/${PackageName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "codebuild": { - "service_name": "AWS CodeBuild", - "prefix": "codebuild", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodebuild.html", - "privileges": { - "BatchDeleteBuilds": { - "privilege": "BatchDeleteBuilds", - "description": "Grants permission to delete one or more builds", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchDeleteBuilds.html" - }, - "BatchGetBuildBatches": { - "privilege": "BatchGetBuildBatches", - "description": "Grants permission to get information about one or more build batches", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetBuildBatches.html" - }, - "BatchGetBuilds": { - "privilege": "BatchGetBuilds", - "description": "Grants permission to get information about one or more builds", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetBuilds.html" - }, - "BatchGetProjects": { - "privilege": "BatchGetProjects", - "description": "Grants permission to get information about one or more build projects", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetProjects.html" - }, - "BatchGetReportGroups": { - "privilege": "BatchGetReportGroups", - "description": "Grants permission to return an array of ReportGroup objects that are specified by the input reportGroupArns parameter", - "access_level": "Read", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetReportGroups.html" - }, - "BatchGetReports": { - "privilege": "BatchGetReports", - "description": "Grants permission to return an array of the Report objects specified by the input reportArns parameter", - "access_level": "Read", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetReports.html" - }, - "BatchPutCodeCoverages": { - "privilege": "BatchPutCodeCoverages", - "description": "Grants permission to add or update information about a report", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "BatchPutTestCases": { - "privilege": "BatchPutTestCases", - "description": "Grants permission to add or update information about a report", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a build project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_CreateProject.html" - }, - "CreateReport": { - "privilege": "CreateReport", - "description": "Grants permission to create a report. A report is created when tests specified in the buildspec file for a report groups run during the build of a project", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "CreateReportGroup": { - "privilege": "CreateReportGroup", - "description": "Grants permission to create a report group", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_CreateReportGroup.html" - }, - "CreateWebhook": { - "privilege": "CreateWebhook", - "description": "Grants permission to create webhook. For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables AWS CodeBuild to start rebuilding the source code every time a code change is pushed to the repository", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_CreateWebhook.html" - }, - "DeleteBuildBatch": { - "privilege": "DeleteBuildBatch", - "description": "Grants permission to delete a build batch", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteBuildBatch.html" - }, - "DeleteOAuthToken": { - "privilege": "DeleteOAuthToken", - "description": "Grants permission to delete an OAuth token from a connected third-party OAuth provider. Only used in the AWS CodeBuild console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a build project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteProject.html" - }, - "DeleteReport": { - "privilege": "DeleteReport", - "description": "Grants permission to delete a report", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteReport.html" - }, - "DeleteReportGroup": { - "privilege": "DeleteReportGroup", - "description": "Grants permission to delete a report group", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteReportGroup.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy for the associated project or report group", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "report-group": { - "resource_type": "report-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteSourceCredentials": { - "privilege": "DeleteSourceCredentials", - "description": "Grants permission to delete a set of GitHub, GitHub Enterprise, or Bitbucket source credentials", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteSourceCredentials.html" - }, - "DeleteWebhook": { - "privilege": "DeleteWebhook", - "description": "Grants permission to delete webhook. For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops AWS CodeBuild from rebuilding the source code every time a code change is pushed to the repository", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteWebhook.html" - }, - "DescribeCodeCoverages": { - "privilege": "DescribeCodeCoverages", - "description": "Grants permission to return an array of CodeCoverage objects", - "access_level": "Read", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DescribeCodeCoverages.html" - }, - "DescribeTestCases": { - "privilege": "DescribeTestCases", - "description": "Grants permission to return an array of TestCase objects", - "access_level": "Read", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DescribeTestCases.html" - }, - "GetReportGroupTrend": { - "privilege": "GetReportGroupTrend", - "description": "Grants permission to analyze and accumulate test report values for the test reports in the specified report group", - "access_level": "Read", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_GetReportGroupTrend.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to return a resource policy for the specified project or report group", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "report-group": { - "resource_type": "report-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_GetResourcePolicy.html" - }, - "ImportSourceCredentials": { - "privilege": "ImportSourceCredentials", - "description": "Grants permission to import the source repository credentials for an AWS CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, or Bitbucket repository", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ImportSourceCredentials.html" - }, - "InvalidateProjectCache": { - "privilege": "InvalidateProjectCache", - "description": "Grants permission to reset the cache for a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_InvalidateProjectCache.html" - }, - "ListBuildBatches": { - "privilege": "ListBuildBatches", - "description": "Grants permission to get a list of build batch IDs, with each build batch ID representing a single build batch", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuildBatches.html" - }, - "ListBuildBatchesForProject": { - "privilege": "ListBuildBatchesForProject", - "description": "Grants permission to get a list of build batch IDs for the specified build project, with each build batch ID representing a single build batch", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuildBatchesForProject.html" - }, - "ListBuilds": { - "privilege": "ListBuilds", - "description": "Grants permission to get a list of build IDs, with each build ID representing a single build", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuilds.html" - }, - "ListBuildsForProject": { - "privilege": "ListBuildsForProject", - "description": "Grants permission to get a list of build IDs for the specified build project, with each build ID representing a single build", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuildsForProject.html" - }, - "ListConnectedOAuthAccounts": { - "privilege": "ListConnectedOAuthAccounts", - "description": "Grants permission to list connected third-party OAuth providers. Only used in the AWS CodeBuild console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "ListCuratedEnvironmentImages": { - "privilege": "ListCuratedEnvironmentImages", - "description": "Grants permission to get information about Docker images that are managed by AWS CodeBuild", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListCuratedEnvironmentImages.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to get a list of build project names, with each build project name representing a single build project", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListProjects.html" - }, - "ListReportGroups": { - "privilege": "ListReportGroups", - "description": "Grants permission to return a list of report group ARNs. Each report group ARN represents one report group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListReportGroups.html" - }, - "ListReports": { - "privilege": "ListReports", - "description": "Grants permission to return a list of report ARNs. Each report ARN representing one report", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListReports.html" - }, - "ListReportsForReportGroup": { - "privilege": "ListReportsForReportGroup", - "description": "Grants permission to return a list of report ARNs that belong to the specified report group. Each report ARN represents one report", - "access_level": "List", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListReportsForReportGroup.html" - }, - "ListRepositories": { - "privilege": "ListRepositories", - "description": "Grants permission to list source code repositories from a connected third-party OAuth provider. Only used in the AWS CodeBuild console", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "ListSharedProjects": { - "privilege": "ListSharedProjects", - "description": "Grants permission to return a list of project ARNs that have been shared with the requester. Each project ARN represents one project", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListSharedProjects.html" - }, - "ListSharedReportGroups": { - "privilege": "ListSharedReportGroups", - "description": "Grants permission to return a list of report group ARNs that have been shared with the requester. Each report group ARN represents one report group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListSharedReportGroups.html" - }, - "ListSourceCredentials": { - "privilege": "ListSourceCredentials", - "description": "Grants permission to return a list of SourceCredentialsInfo objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListSourceCredentials.html" - }, - "PersistOAuthToken": { - "privilege": "PersistOAuthToken", - "description": "Grants permission to save an OAuth token from a connected third-party OAuth provider. Only used in the AWS CodeBuild console", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create a resource policy for the associated project or report group", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "report-group": { - "resource_type": "report-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_PutResourcePolicy.html" - }, - "RetryBuild": { - "privilege": "RetryBuild", - "description": "Grants permission to retry a build", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_RetryBuild.html" - }, - "RetryBuildBatch": { - "privilege": "RetryBuildBatch", - "description": "Grants permission to retry a build batch", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_RetryBuildBatch.html" - }, - "StartBuild": { - "privilege": "StartBuild", - "description": "Grants permission to start running a build", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StartBuild.html" - }, - "StartBuildBatch": { - "privilege": "StartBuildBatch", - "description": "Grants permission to start running a build batch", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StartBuildBatch.html" - }, - "StopBuild": { - "privilege": "StopBuild", - "description": "Grants permission to attempt to stop running a build", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StopBuild.html" - }, - "StopBuildBatch": { - "privilege": "StopBuildBatch", - "description": "Grants permission to attempt to stop running a build batch", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StopBuildBatch.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to change the settings of an existing build project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateProject.html" - }, - "UpdateProjectVisibility": { - "privilege": "UpdateProjectVisibility", - "description": "Grants permission to change the public visibility of a project and its builds", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateProjectVisibility.html" - }, - "UpdateReport": { - "privilege": "UpdateReport", - "description": "Grants permission to update information about a report", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" - }, - "UpdateReportGroup": { - "privilege": "UpdateReportGroup", - "description": "Grants permission to change the settings of an existing report group", - "access_level": "Write", - "resource_types": { - "report-group": { - "resource_type": "report-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateReportGroup.html" - }, - "UpdateWebhook": { - "privilege": "UpdateWebhook", - "description": "Grants permission to update the webhook associated with an AWS CodeBuild build project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateWebhook.html" - } - }, - "resources": { - "build": { - "resource": "build", - "arn": "arn:${Partition}:codebuild:${Region}:${Account}:build/${BuildId}", - "condition_keys": [] - }, - "build-batch": { - "resource": "build-batch", - "arn": "arn:${Partition}:codebuild:${Region}:${Account}:build-batch/${BuildBatchId}", - "condition_keys": [] - }, - "project": { - "resource": "project", - "arn": "arn:${Partition}:codebuild:${Region}:${Account}:project/${ProjectName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "report-group": { - "resource": "report-group", - "arn": "arn:${Partition}:codebuild:${Region}:${Account}:report-group/${ReportGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "report": { - "resource": "report", - "arn": "arn:${Partition}:codebuild:${Region}:${Account}:report/${ReportGroupName}:${ReportId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "codecommit": { - "service_name": "AWS CodeCommit", - "prefix": "codecommit", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodecommit.html", - "privileges": { - "AssociateApprovalRuleTemplateWithRepository": { - "privilege": "AssociateApprovalRuleTemplateWithRepository", - "description": "Grants permission to associate an approval rule template with a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_AssociateApprovalRuleTemplateWithRepository.html" - }, - "BatchAssociateApprovalRuleTemplateWithRepositories": { - "privilege": "BatchAssociateApprovalRuleTemplateWithRepositories", - "description": "Grants permission to associate an approval rule template with multiple repositories in a single operation", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchAssociateApprovalRuleTemplateWithRepositories.html" - }, - "BatchDescribeMergeConflicts": { - "privilege": "BatchDescribeMergeConflicts", - "description": "Grants permission to get information about multiple merge conflicts when attempting to merge two commits using either the three-way merge or the squash merge option", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchDescribeMergeConflicts.html" - }, - "BatchDisassociateApprovalRuleTemplateFromRepositories": { - "privilege": "BatchDisassociateApprovalRuleTemplateFromRepositories", - "description": "Grants permission to remove the association between an approval rule template and multiple repositories in a single operation", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchDisassociateApprovalRuleTemplateFromRepositories.html" - }, - "BatchGetCommits": { - "privilege": "BatchGetCommits", - "description": "Grants permission to get return information about one or more commits in an AWS CodeCommit repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchGetCommits.html" - }, - "BatchGetPullRequests": { - "privilege": "BatchGetPullRequests", - "description": "Grants permission to return information about one or more pull requests in an AWS CodeCommit repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-pr" - }, - "BatchGetRepositories": { - "privilege": "BatchGetRepositories", - "description": "Grants permission to get information about multiple repositories", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchGetRepositories.html" - }, - "CancelUploadArchive": { - "privilege": "CancelUploadArchive", - "description": "Grants permission to cancel the uploading of an archive to a pipeline in AWS CodePipeline", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-acp" - }, - "CreateApprovalRuleTemplate": { - "privilege": "CreateApprovalRuleTemplate", - "description": "Grants permission to create an approval rule template that will automatically create approval rules in pull requests that match the conditions defined in the template; does not grant permission to create approval rules for individual pull requests", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateApprovalRuleTemplate.html" - }, - "CreateBranch": { - "privilege": "CreateBranch", - "description": "Grants permission to create a branch in an AWS CodeCommit repository with this API; does not control Git create branch actions", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateBranch.html" - }, - "CreateCommit": { - "privilege": "CreateCommit", - "description": "Grants permission to add, copy, move or update single or multiple files in a branch in an AWS CodeCommit repository, and generate a commit for the changes in the specified branch", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateCommit.html" - }, - "CreatePullRequest": { - "privilege": "CreatePullRequest", - "description": "Grants permission to create a pull request in the specified repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreatePullRequest.html" - }, - "CreatePullRequestApprovalRule": { - "privilege": "CreatePullRequestApprovalRule", - "description": "Grants permission to create an approval rule specific to an individual pull request; does not grant permission to create approval rule templates", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreatePullRequestApprovalRule.html" - }, - "CreateRepository": { - "privilege": "CreateRepository", - "description": "Grants permission to create an AWS CodeCommit repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateRepository.html" - }, - "CreateUnreferencedMergeCommit": { - "privilege": "CreateUnreferencedMergeCommit", - "description": "Grants permission to create an unreferenced commit that contains the result of merging two commits using either the three-way or the squash merge option; does not control Git merge actions", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateUnreferencedMergeCommit.html" - }, - "DeleteApprovalRuleTemplate": { - "privilege": "DeleteApprovalRuleTemplate", - "description": "Grants permission to delete an approval rule template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteApprovalRuleTemplate.html" - }, - "DeleteBranch": { - "privilege": "DeleteBranch", - "description": "Grants permission to delete a branch in an AWS CodeCommit repository with this API; does not control Git delete branch actions", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteBranch.html" - }, - "DeleteCommentContent": { - "privilege": "DeleteCommentContent", - "description": "Grants permission to delete the content of a comment made on a change, file, or commit in a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteCommentContent.html" - }, - "DeleteFile": { - "privilege": "DeleteFile", - "description": "Grants permission to delete a specified file from a specified branch", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteFile.html" - }, - "DeletePullRequestApprovalRule": { - "privilege": "DeletePullRequestApprovalRule", - "description": "Grants permission to delete approval rule created for a pull request if the rule was not created by an approval rule template", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeletePullRequestApprovalRule.html" - }, - "DeleteRepository": { - "privilege": "DeleteRepository", - "description": "Grants permission to delete an AWS CodeCommit repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteRepository.html" - }, - "DescribeMergeConflicts": { - "privilege": "DescribeMergeConflicts", - "description": "Grants permission to get information about specific merge conflicts when attempting to merge two commits using either the three-way or the squash merge option", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DescribeMergeConflicts.html" - }, - "DescribePullRequestEvents": { - "privilege": "DescribePullRequestEvents", - "description": "Grants permission to return information about one or more pull request events", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DescribePullRequestEvents.html" - }, - "DisassociateApprovalRuleTemplateFromRepository": { - "privilege": "DisassociateApprovalRuleTemplateFromRepository", - "description": "Grants permission to remove the association between an approval rule template and a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DisassociateApprovalRuleTemplateFromRepository.html" - }, - "EvaluatePullRequestApprovalRules": { - "privilege": "EvaluatePullRequestApprovalRules", - "description": "Grants permission to evaluate whether a pull request is mergable based on its current approval state and approval rule requirements", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_EvaluatePullRequestApprovalRules.html" - }, - "GetApprovalRuleTemplate": { - "privilege": "GetApprovalRuleTemplate", - "description": "Grants permission to return information about an approval rule template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetApprovalRuleTemplate.html" - }, - "GetBlob": { - "privilege": "GetBlob", - "description": "Grants permission to view the encoded content of an individual file in an AWS CodeCommit repository from the AWS CodeCommit console", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetBlob.html" - }, - "GetBranch": { - "privilege": "GetBranch", - "description": "Grants permission to get details about a branch in an AWS CodeCommit repository with this API; does not control Git branch actions", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetBranch.html" - }, - "GetComment": { - "privilege": "GetComment", - "description": "Grants permission to get the content of a comment made on a change, file, or commit in a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetComment.html" - }, - "GetCommentReactions": { - "privilege": "GetCommentReactions", - "description": "Grants permission to get the reactions on a comment", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommentReactions.html" - }, - "GetCommentsForComparedCommit": { - "privilege": "GetCommentsForComparedCommit", - "description": "Grants permission to get information about comments made on the comparison between two commits", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommentsForComparedCommit.html" - }, - "GetCommentsForPullRequest": { - "privilege": "GetCommentsForPullRequest", - "description": "Grants permission to get comments made on a pull request", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommentsForPullRequest.html" - }, - "GetCommit": { - "privilege": "GetCommit", - "description": "Grants permission to return information about a commit, including commit message and committer information, with this API; does not control Git log actions", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommit.html" - }, - "GetCommitHistory": { - "privilege": "GetCommitHistory", - "description": "Grants permission to get information about the history of commits in a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" - }, - "GetCommitsFromMergeBase": { - "privilege": "GetCommitsFromMergeBase", - "description": "Grants permission to get information about the difference between commits in the context of a potential merge", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-pr" - }, - "GetDifferences": { - "privilege": "GetDifferences", - "description": "Grants permission to view information about the differences between valid commit specifiers such as a branch, tag, HEAD, commit ID, or other fully qualified reference", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetDifferences.html" - }, - "GetFile": { - "privilege": "GetFile", - "description": "Grants permission to return the base-64 encoded contents of a specified file and its metadata", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFile.html" - }, - "GetFolder": { - "privilege": "GetFolder", - "description": "Grants permission to return the contents of a specified folder in a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFolder.html" - }, - "GetMergeCommit": { - "privilege": "GetMergeCommit", - "description": "Grants permission to get information about a merge commit created by one of the merge options for pull requests that creates merge commits. Not all merge options create merge commits. This permission does not control Git merge actions", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetMergeCommit.html" - }, - "GetMergeConflicts": { - "privilege": "GetMergeConflicts", - "description": "Grants permission to get information about merge conflicts between the before and after commit IDs for a pull request in a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetMergeConflicts.html" - }, - "GetMergeOptions": { - "privilege": "GetMergeOptions", - "description": "Grants permission to get information about merge options for pull requests that can be used to merge two commits; does not control Git merge actions", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetMergeOptions.html" - }, - "GetObjectIdentifier": { - "privilege": "GetObjectIdentifier", - "description": "Grants permission to resolve blobs, trees, and commits to their identifier", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" - }, - "GetPullRequest": { - "privilege": "GetPullRequest", - "description": "Grants permission to get information about a pull request in a specified repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequest.html" - }, - "GetPullRequestApprovalStates": { - "privilege": "GetPullRequestApprovalStates", - "description": "Grants permission to retrieve the current approvals on an inputted pull request", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequestApprovalStates.html" - }, - "GetPullRequestOverrideState": { - "privilege": "GetPullRequestOverrideState", - "description": "Grants permission to retrieve the current override state of a given pull request", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequestOverrideState.html" - }, - "GetReferences": { - "privilege": "GetReferences", - "description": "Grants permission to get details about references in an AWS CodeCommit repository; does not control Git reference actions", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" - }, - "GetRepository": { - "privilege": "GetRepository", - "description": "Grants permission to get information about an AWS CodeCommit repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetRepository.html" - }, - "GetRepositoryTriggers": { - "privilege": "GetRepositoryTriggers", - "description": "Grants permission to get information about triggers configured for a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetRepositoryTriggers.html" - }, - "GetTree": { - "privilege": "GetTree", - "description": "Grants permission to view the contents of a specified tree in an AWS CodeCommit repository from the AWS CodeCommit console", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" - }, - "GetUploadArchiveStatus": { - "privilege": "GetUploadArchiveStatus", - "description": "Grants permission to get status information about an archive upload to a pipeline in AWS CodePipeline", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-acp" - }, - "GitPull": { - "privilege": "GitPull", - "description": "Grants permission to pull information from an AWS CodeCommit repository to a local repo", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-git" - }, - "GitPush": { - "privilege": "GitPush", - "description": "Grants permission to push information from a local repo to an AWS CodeCommit repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-git" - }, - "ListApprovalRuleTemplates": { - "privilege": "ListApprovalRuleTemplates", - "description": "Grants permission to list all approval rule templates in an AWS Region for the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListApprovalRuleTemplates.html" - }, - "ListAssociatedApprovalRuleTemplatesForRepository": { - "privilege": "ListAssociatedApprovalRuleTemplatesForRepository", - "description": "Grants permission to list approval rule templates that are associated with a repository", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListAssociatedApprovalRuleTemplatesForRepository.html" - }, - "ListBranches": { - "privilege": "ListBranches", - "description": "Grants permission to list branches for an AWS CodeCommit repository with this API; does not control Git branch actions", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListBranches.html" - }, - "ListPullRequests": { - "privilege": "ListPullRequests", - "description": "Grants permission to list pull requests for a specified repository", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListPullRequests.html" - }, - "ListRepositories": { - "privilege": "ListRepositories", - "description": "Grants permission to list information about AWS CodeCommit repositories in the current Region for your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListRepositories.html" - }, - "ListRepositoriesForApprovalRuleTemplate": { - "privilege": "ListRepositoriesForApprovalRuleTemplate", - "description": "Grants permission to list repositories that are associated with an approval rule template", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListRepositoriesForApprovalRuleTemplate.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the resource attached to a CodeCommit resource ARN", - "access_level": "List", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListTagsForResource.html" - }, - "MergeBranchesByFastForward": { - "privilege": "MergeBranchesByFastForward", - "description": "Grants permission to merge two commits into the specified destination branch using the fast-forward merge option", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergeBranchesByFastForward.html" - }, - "MergeBranchesBySquash": { - "privilege": "MergeBranchesBySquash", - "description": "Grants permission to merge two commits into the specified destination branch using the squash merge option", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergeBranchesBySquash.html" - }, - "MergeBranchesByThreeWay": { - "privilege": "MergeBranchesByThreeWay", - "description": "Grants permission to merge two commits into the specified destination branch using the three-way merge option", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergeBranchesByThreeWay.html" - }, - "MergePullRequestByFastForward": { - "privilege": "MergePullRequestByFastForward", - "description": "Grants permission to close a pull request and attempt to merge it into the specified destination branch for that pull request at the specified commit using the fast-forward merge option", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestByFastForward.html" - }, - "MergePullRequestBySquash": { - "privilege": "MergePullRequestBySquash", - "description": "Grants permission to close a pull request and attempt to merge it into the specified destination branch for that pull request at the specified commit using the squash merge option", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestBySquash.html" - }, - "MergePullRequestByThreeWay": { - "privilege": "MergePullRequestByThreeWay", - "description": "Grants permission to close a pull request and attempt to merge it into the specified destination branch for that pull request at the specified commit using the three-way merge option", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestByThreeWay.html" - }, - "OverridePullRequestApprovalRules": { - "privilege": "OverridePullRequestApprovalRules", - "description": "Grants permission to override all approval rules for a pull request, including approval rules created by a template", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_OverridePullRequestApprovalRules.html" - }, - "PostCommentForComparedCommit": { - "privilege": "PostCommentForComparedCommit", - "description": "Grants permission to post a comment on the comparison between two commits", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PostCommentForComparedCommit.html" - }, - "PostCommentForPullRequest": { - "privilege": "PostCommentForPullRequest", - "description": "Grants permission to post a comment on a pull request", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PostCommentForPullRequest.html" - }, - "PostCommentReply": { - "privilege": "PostCommentReply", - "description": "Grants permission to post a comment in reply to a comment on a comparison between commits or a pull request", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PostCommentReply.html" - }, - "PutCommentReaction": { - "privilege": "PutCommentReaction", - "description": "Grants permission to post a reaction on a comment", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PutCommentReaction.html" - }, - "PutFile": { - "privilege": "PutFile", - "description": "Grants permission to add or update a file in a branch in an AWS CodeCommit repository, and generate a commit for the addition in the specified branch", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codecommit:References" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PutFile.html" - }, - "PutRepositoryTriggers": { - "privilege": "PutRepositoryTriggers", - "description": "Grants permission to create, update, or delete triggers for a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PutRepositoryTriggers.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to attach resource tags to a CodeCommit resource ARN", - "access_level": "Tagging", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_TagResource.html" - }, - "TestRepositoryTriggers": { - "privilege": "TestRepositoryTriggers", - "description": "Grants permission to test the functionality of repository triggers by sending information to the trigger target", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_TestRepositoryTriggers.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to disassociate resource tags from a CodeCommit resource ARN", - "access_level": "Tagging", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UntagResource.html" - }, - "UpdateApprovalRuleTemplateContent": { - "privilege": "UpdateApprovalRuleTemplateContent", - "description": "Grants permission to update the content of approval rule templates; does not grant permission to update content of approval rules created specifically for pull requests", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateApprovalRuleTemplateContent.html" - }, - "UpdateApprovalRuleTemplateDescription": { - "privilege": "UpdateApprovalRuleTemplateDescription", - "description": "Grants permission to update the description of approval rule templates", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateApprovalRuleTemplateDescription.html" - }, - "UpdateApprovalRuleTemplateName": { - "privilege": "UpdateApprovalRuleTemplateName", - "description": "Grants permission to update the name of approval rule templates", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateApprovalRuleTemplateName.html" - }, - "UpdateComment": { - "privilege": "UpdateComment", - "description": "Grants permission to update the contents of a comment if the identity matches the identity used to create the comment", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateComment.html" - }, - "UpdateDefaultBranch": { - "privilege": "UpdateDefaultBranch", - "description": "Grants permission to change the default branch in an AWS CodeCommit repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateDefaultBranch.html" - }, - "UpdatePullRequestApprovalRuleContent": { - "privilege": "UpdatePullRequestApprovalRuleContent", - "description": "Grants permission to update the content for approval rules created for a specific pull requests; does not grant permission to update approval rule content for rules created with an approval rule template", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestApprovalRuleContent.html" - }, - "UpdatePullRequestApprovalState": { - "privilege": "UpdatePullRequestApprovalState", - "description": "Grants permission to update the approval state for pull requests", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestApprovalState.html" - }, - "UpdatePullRequestDescription": { - "privilege": "UpdatePullRequestDescription", - "description": "Grants permission to update the description of a pull request", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestDescription.html" - }, - "UpdatePullRequestStatus": { - "privilege": "UpdatePullRequestStatus", - "description": "Grants permission to update the status of a pull request", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestStatus.html" - }, - "UpdatePullRequestTitle": { - "privilege": "UpdatePullRequestTitle", - "description": "Grants permission to update the title of a pull request", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestTitle.html" - }, - "UpdateRepositoryDescription": { - "privilege": "UpdateRepositoryDescription", - "description": "Grants permission to change the description of an AWS CodeCommit repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateRepositoryDescription.html" - }, - "UpdateRepositoryName": { - "privilege": "UpdateRepositoryName", - "description": "Grants permission to change the name of an AWS CodeCommit repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateRepositoryName.html" - }, - "UploadArchive": { - "privilege": "UploadArchive", - "description": "Grants permission to the service role for AWS CodePipeline to upload repository changes into a pipeline", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-acp" - } - }, - "resources": { - "repository": { - "resource": "repository", - "arn": "arn:${Partition}:codecommit:${Region}:${Account}:${RepositoryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "codecommit:References": { - "condition": "codecommit:References", - "description": "Filters access by Git reference to specified AWS CodeCommit actions", - "type": "String" - } - } - }, - "codedeploy": { - "service_name": "AWS CodeDeploy", - "prefix": "codedeploy", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodedeploy.html", - "privileges": { - "AddTagsToOnPremisesInstances": { - "privilege": "AddTagsToOnPremisesInstances", - "description": "Grants permission to add tags to one or more on-premises instances", - "access_level": "Tagging", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_AddTagsToOnPremisesInstances.html" - }, - "BatchGetApplicationRevisions": { - "privilege": "BatchGetApplicationRevisions", - "description": "Grants permission to get information about one or more application revisions", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetApplicationRevisions.html" - }, - "BatchGetApplications": { - "privilege": "BatchGetApplications", - "description": "Grants permission to get information about multiple applications associated with the IAM user", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetApplications.html" - }, - "BatchGetDeploymentGroups": { - "privilege": "BatchGetDeploymentGroups", - "description": "Grants permission to get information about one or more deployment groups", - "access_level": "Read", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeploymentGroups.html" - }, - "BatchGetDeploymentInstances": { - "privilege": "BatchGetDeploymentInstances", - "description": "Grants permission to get information about one or more instance that are part of a deployment group", - "access_level": "Read", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeploymentInstances.html" - }, - "BatchGetDeploymentTargets": { - "privilege": "BatchGetDeploymentTargets", - "description": "Grants permission to return an array of one or more targets associated with a deployment. This method works with all compute types and should be used instead of the deprecated BatchGetDeploymentInstances. The maximum number of targets that can be returned is 25", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeploymentTargets.html" - }, - "BatchGetDeployments": { - "privilege": "BatchGetDeployments", - "description": "Grants permission to get information about multiple deployments associated with the IAM user", - "access_level": "Read", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeployments.html" - }, - "BatchGetOnPremisesInstances": { - "privilege": "BatchGetOnPremisesInstances", - "description": "Grants permission to get information about one or more on-premises instances", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetOnPremisesInstances.html" - }, - "ContinueDeployment": { - "privilege": "ContinueDeployment", - "description": "Grants permission to start the process of rerouting traffic from instances in the original environment to instances in thereplacement environment without waiting for a specified wait time to elapse", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application associated with the IAM user", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateApplication.html" - }, - "CreateCloudFormationDeployment": { - "privilege": "CreateCloudFormationDeployment", - "description": "Grants permission to create CloudFormation deployment to cooperate ochestration for a CloudFormation stack update", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "CreateDeployment": { - "privilege": "CreateDeployment", - "description": "Grants permission to create a deployment for an application associated with the IAM user", - "access_level": "Write", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeployment.html" - }, - "CreateDeploymentConfig": { - "privilege": "CreateDeploymentConfig", - "description": "Grants permission to create a custom deployment configuration associated with the IAM user", - "access_level": "Write", - "resource_types": { - "deploymentconfig": { - "resource_type": "deploymentconfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeploymentConfig.html" - }, - "CreateDeploymentGroup": { - "privilege": "CreateDeploymentGroup", - "description": "Grants permission to create a deployment group for an application associated with the IAM user", - "access_level": "Write", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeploymentGroup.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application associated with the IAM user", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteApplication.html" - }, - "DeleteDeploymentConfig": { - "privilege": "DeleteDeploymentConfig", - "description": "Grants permission to delete a custom deployment configuration associated with the IAM user", - "access_level": "Write", - "resource_types": { - "deploymentconfig": { - "resource_type": "deploymentconfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteDeploymentConfig.html" - }, - "DeleteDeploymentGroup": { - "privilege": "DeleteDeploymentGroup", - "description": "Grants permission to delete a deployment group for an application associated with the IAM user", - "access_level": "Write", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteDeploymentGroup.html" - }, - "DeleteGitHubAccountToken": { - "privilege": "DeleteGitHubAccountToken", - "description": "Grants permission to delete a GitHub account connection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteGitHubAccountToken.html" - }, - "DeleteResourcesByExternalId": { - "privilege": "DeleteResourcesByExternalId", - "description": "Grants permission to delete resources associated with the given external Id", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteResourcesByExternalId.html" - }, - "DeregisterOnPremisesInstance": { - "privilege": "DeregisterOnPremisesInstance", - "description": "Grants permission to deregister an on-premises instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeregisterOnPremisesInstance.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to get information about a single application associated with the IAM user", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetApplication.html" - }, - "GetApplicationRevision": { - "privilege": "GetApplicationRevision", - "description": "Grants permission to get information about a single application revision for an application associated with the IAM user", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetApplicationRevision.html" - }, - "GetDeployment": { - "privilege": "GetDeployment", - "description": "Grants permission to get information about a single deployment to a deployment group for an application associated with the IAM user", - "access_level": "List", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeployment.html" - }, - "GetDeploymentConfig": { - "privilege": "GetDeploymentConfig", - "description": "Grants permission to get information about a single deployment configuration associated with the IAM user", - "access_level": "List", - "resource_types": { - "deploymentconfig": { - "resource_type": "deploymentconfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentConfig.html" - }, - "GetDeploymentGroup": { - "privilege": "GetDeploymentGroup", - "description": "Grants permission to get information about a single deployment group for an application associated with the IAM user", - "access_level": "List", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentGroup.html" - }, - "GetDeploymentInstance": { - "privilege": "GetDeploymentInstance", - "description": "Grants permission to get information about a single instance in a deployment associated with the IAM user", - "access_level": "List", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentInstance.html" - }, - "GetDeploymentTarget": { - "privilege": "GetDeploymentTarget", - "description": "Grants permission to return information about a deployment target", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentTarget.html" - }, - "GetOnPremisesInstance": { - "privilege": "GetOnPremisesInstance", - "description": "Grants permission to get information about a single on-premises instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetOnPremisesInstance.html" - }, - "ListApplicationRevisions": { - "privilege": "ListApplicationRevisions", - "description": "Grants permission to get information about all application revisions for an application associated with the IAM user", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListApplicationRevisions.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to get information about all applications associated with the IAM user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListApplications.html" - }, - "ListDeploymentConfigs": { - "privilege": "ListDeploymentConfigs", - "description": "Grants permission to get information about all deployment configurations associated with the IAM user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentConfigs.html" - }, - "ListDeploymentGroups": { - "privilege": "ListDeploymentGroups", - "description": "Grants permission to get information about all deployment groups for an application associated with the IAM user", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentGroups.html" - }, - "ListDeploymentInstances": { - "privilege": "ListDeploymentInstances", - "description": "Grants permission to get information about all instances in a deployment associated with the IAM user", - "access_level": "List", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentInstances.html" - }, - "ListDeploymentTargets": { - "privilege": "ListDeploymentTargets", - "description": "Grants permission to return an array of target IDs that are associated a deployment", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentTargets.html" - }, - "ListDeployments": { - "privilege": "ListDeployments", - "description": "Grants permission to get information about all deployments to a deployment group associated with the IAM user, or to get all deployments associated with the IAM user", - "access_level": "List", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeployments.html" - }, - "ListGitHubAccountTokenNames": { - "privilege": "ListGitHubAccountTokenNames", - "description": "Grants permission to list the names of stored connections to GitHub accounts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListGitHubAccountTokenNames.html" - }, - "ListOnPremisesInstances": { - "privilege": "ListOnPremisesInstances", - "description": "Grants permission to get a list of one or more on-premises instance names", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListOnPremisesInstances.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return a list of tags for the resource identified by a specified ARN. Tags are used to organize and categorize your CodeDeploy resources", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListTagsForResource.html" - }, - "PutLifecycleEventHookExecutionStatus": { - "privilege": "PutLifecycleEventHookExecutionStatus", - "description": "Grants permission to notify a lifecycle event hook execution status for associated deployment with the IAM user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_PutLifecycleEventHookExecutionStatus.html" - }, - "RegisterApplicationRevision": { - "privilege": "RegisterApplicationRevision", - "description": "Grants permission to register information about an application revision for an application associated with the IAM user", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_RegisterApplicationRevision.html" - }, - "RegisterOnPremisesInstance": { - "privilege": "RegisterOnPremisesInstance", - "description": "Grants permission to register an on-premises instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_RegisterOnPremisesInstance.html" - }, - "RemoveTagsFromOnPremisesInstances": { - "privilege": "RemoveTagsFromOnPremisesInstances", - "description": "Grants permission to remove tags from one or more on-premises instances", - "access_level": "Tagging", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_RemoveTagsFromOnPremisesInstances.html" - }, - "SkipWaitTimeForInstanceTermination": { - "privilege": "SkipWaitTimeForInstanceTermination", - "description": "Grants permission to override any specified wait time and starts terminating instances immediately after the traffic routing is complete. This action applies to blue-green deployments only", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_SkipWaitTimeForInstanceTermination.html" - }, - "StopDeployment": { - "privilege": "StopDeployment", - "description": "Grants permission to stop a deployment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_StopDeployment.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate the list of tags in the input Tags parameter with the resource identified by the ResourceArn input parameter", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to disassociate a resource from a list of tags. The resource is identified by the ResourceArn input parameter. The tags are identfied by the list of keys in the TagKeys input parameter", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_UpdateApplication.html" - }, - "UpdateDeploymentGroup": { - "privilege": "UpdateDeploymentGroup", - "description": "Grants permission to change information about a single deployment group for an application associated with the IAM user", - "access_level": "Write", - "resource_types": { - "deploymentgroup": { - "resource_type": "deploymentgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_UpdateDeploymentGroup.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:application:${ApplicationName}", - "condition_keys": [] - }, - "deploymentconfig": { - "resource": "deploymentconfig", - "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:deploymentconfig:${DeploymentConfigurationName}", - "condition_keys": [] - }, - "deploymentgroup": { - "resource": "deploymentgroup", - "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:deploymentgroup:${ApplicationName}/${DeploymentGroupName}", - "condition_keys": [] - }, - "instance": { - "resource": "instance", - "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:instance:${InstanceName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "codedeploy-commands-secure": { - "service_name": "AWS CodeDeploy secure host commands service", - "prefix": "codedeploy-commands-secure", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodedeploysecurehostcommandsservice.html", - "privileges": { - "GetDeploymentSpecification": { - "privilege": "GetDeploymentSpecification", - "description": "Grants permission to get deployment specification", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" - }, - "PollHostCommand": { - "privilege": "PollHostCommand", - "description": "Grants permission to request host agent commands", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" - }, - "PutHostCommandAcknowledgement": { - "privilege": "PutHostCommandAcknowledgement", - "description": "Grants permission to mark host agent commands acknowledged", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" - }, - "PutHostCommandComplete": { - "privilege": "PutHostCommandComplete", - "description": "Grants permission to mark host agent commands completed", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" - } - }, - "resources": {}, - "conditions": {} - }, - "codepipeline": { - "service_name": "AWS CodePipeline", - "prefix": "codepipeline", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodepipeline.html", - "privileges": { - "AcknowledgeJob": { - "privilege": "AcknowledgeJob", - "description": "Grants permission to view information about a specified job and whether that job has been received by the job worker", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_AcknowledgeJob.html" - }, - "AcknowledgeThirdPartyJob": { - "privilege": "AcknowledgeThirdPartyJob", - "description": "Grants permission to confirm that a job worker has received the specified job (partner actions only)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_AcknowledgeThirdPartyJob.html" - }, - "CreateCustomActionType": { - "privilege": "CreateCustomActionType", - "description": "Grants permission to create a custom action that you can use in the pipelines associated with your AWS account", - "access_level": "Write", - "resource_types": { - "actiontype": { - "resource_type": "actiontype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_CreateCustomActionType.html" - }, - "CreatePipeline": { - "privilege": "CreatePipeline", - "description": "Grants permission to create a uniquely named pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_CreatePipeline.html" - }, - "DeleteCustomActionType": { - "privilege": "DeleteCustomActionType", - "description": "Grants permission to delete a custom action", - "access_level": "Write", - "resource_types": { - "actiontype": { - "resource_type": "actiontype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeleteCustomActionType.html" - }, - "DeletePipeline": { - "privilege": "DeletePipeline", - "description": "Grants permission to delete a specified pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeletePipeline.html" - }, - "DeleteWebhook": { - "privilege": "DeleteWebhook", - "description": "Grants permission to delete a specified webhook", - "access_level": "Write", - "resource_types": { - "webhook": { - "resource_type": "webhook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeleteWebhook.html" - }, - "DeregisterWebhookWithThirdParty": { - "privilege": "DeregisterWebhookWithThirdParty", - "description": "Grants permission to remove the registration of a webhook with the third party specified in its configuration", - "access_level": "Write", - "resource_types": { - "webhook": { - "resource_type": "webhook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeregisterWebhookWithThirdParty.html" - }, - "DisableStageTransition": { - "privilege": "DisableStageTransition", - "description": "Grants permission to prevent revisions from transitioning to the next stage in a pipeline", - "access_level": "Write", - "resource_types": { - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DisableStageTransition.html" - }, - "EnableStageTransition": { - "privilege": "EnableStageTransition", - "description": "Grants permission to allow revisions to transition to the next stage in a pipeline", - "access_level": "Write", - "resource_types": { - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_EnableStageTransition.html" - }, - "GetActionType": { - "privilege": "GetActionType", - "description": "Grants permission to view information about an action type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetActionType.html" - }, - "GetJobDetails": { - "privilege": "GetJobDetails", - "description": "Grants permission to view information about a job (custom actions only)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetJobDetails.html" - }, - "GetPipeline": { - "privilege": "GetPipeline", - "description": "Grants permission to retrieve information about a pipeline structure", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetPipeline.html" - }, - "GetPipelineExecution": { - "privilege": "GetPipelineExecution", - "description": "Grants permission to view information about an execution of a pipeline, including details about artifacts, the pipeline execution ID, and the name, version, and status of the pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetPipelineExecution.html" - }, - "GetPipelineState": { - "privilege": "GetPipelineState", - "description": "Grants permission to view information about the current state of the stages and actions of a pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetPipelineState.html" - }, - "GetThirdPartyJobDetails": { - "privilege": "GetThirdPartyJobDetails", - "description": "Grants permission to view the details of a job for a third-party action (partner actions only)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetThirdPartyJobDetails.html" - }, - "ListActionExecutions": { - "privilege": "ListActionExecutions", - "description": "Grants permission to list the action executions that have occurred in a pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListActionExecutions.html" - }, - "ListActionTypes": { - "privilege": "ListActionTypes", - "description": "Grants permission to list a summary of all the action types available for pipelines in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListActionTypes.html" - }, - "ListPipelineExecutions": { - "privilege": "ListPipelineExecutions", - "description": "Grants permission to list a summary of the most recent executions for a pipeline", - "access_level": "List", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListPipelineExecutions.html" - }, - "ListPipelines": { - "privilege": "ListPipelines", - "description": "Grants permission to list a summary of all the pipelines associated with your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListPipelines.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a CodePipeline resource", - "access_level": "Read", - "resource_types": { - "actiontype": { - "resource_type": "actiontype", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webhook": { - "resource_type": "webhook", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWebhooks": { - "privilege": "ListWebhooks", - "description": "Grants permission to list all of the webhooks associated with your AWS account", - "access_level": "List", - "resource_types": { - "webhook": { - "resource_type": "webhook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListWebhooks.html" - }, - "PollForJobs": { - "privilege": "PollForJobs", - "description": "Grants permission to view information about any jobs for CodePipeline to act on", - "access_level": "Write", - "resource_types": { - "actiontype": { - "resource_type": "actiontype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PollForJobs.html" - }, - "PollForThirdPartyJobs": { - "privilege": "PollForThirdPartyJobs", - "description": "Grants permission to determine whether there are any third-party jobs for a job worker to act on (partner actions only)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PollForThirdPartyJobs.html" - }, - "PutActionRevision": { - "privilege": "PutActionRevision", - "description": "Grants permission to edit actions in a pipeline", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutActionRevision.html" - }, - "PutApprovalResult": { - "privilege": "PutApprovalResult", - "description": "Grants permission to provide a response (Approved or Rejected) to a manual approval request in CodePipeline", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutApprovalResult.html" - }, - "PutJobFailureResult": { - "privilege": "PutJobFailureResult", - "description": "Grants permission to represent the failure of a job as returned to the pipeline by a job worker (custom actions only)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutJobFailureResult.html" - }, - "PutJobSuccessResult": { - "privilege": "PutJobSuccessResult", - "description": "Grants permission to represent the success of a job as returned to the pipeline by a job worker (custom actions only)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutJobSuccessResult.html" - }, - "PutThirdPartyJobFailureResult": { - "privilege": "PutThirdPartyJobFailureResult", - "description": "Grants permission to represent the failure of a third-party job as returned to the pipeline by a job worker (partner actions only)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutThirdPartyJobFailureResult.html" - }, - "PutThirdPartyJobSuccessResult": { - "privilege": "PutThirdPartyJobSuccessResult", - "description": "Grants permission to represent the success of a third-party job as returned to the pipeline by a job worker (partner actions only)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutThirdPartyJobSuccessResult.html" - }, - "PutWebhook": { - "privilege": "PutWebhook", - "description": "Grants permission to create or update a webhook", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "webhook": { - "resource_type": "webhook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutWebhook.html" - }, - "RegisterWebhookWithThirdParty": { - "privilege": "RegisterWebhookWithThirdParty", - "description": "Grants permission to register a webhook with the third party specified in its configuration", - "access_level": "Write", - "resource_types": { - "webhook": { - "resource_type": "webhook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_RegisterWebhookWithThirdParty.html" - }, - "RetryStageExecution": { - "privilege": "RetryStageExecution", - "description": "Grants permission to resume the pipeline execution by retrying the last failed actions in a stage", - "access_level": "Write", - "resource_types": { - "stage": { - "resource_type": "stage", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_RetryStageExecution.html" - }, - "StartPipelineExecution": { - "privilege": "StartPipelineExecution", - "description": "Grants permission to run the most recent revision through the pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_StartPipelineExecution.html" - }, - "StopPipelineExecution": { - "privilege": "StopPipelineExecution", - "description": "Grants permission to stop an in-progress pipeline execution", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_StopPipelineExecution.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a CodePipeline resource", - "access_level": "Tagging", - "resource_types": { - "actiontype": { - "resource_type": "actiontype", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webhook": { - "resource_type": "webhook", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a CodePipeline resource", - "access_level": "Tagging", - "resource_types": { - "actiontype": { - "resource_type": "actiontype", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webhook": { - "resource_type": "webhook", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_UntagResource.html" - }, - "UpdateActionType": { - "privilege": "UpdateActionType", - "description": "Grants permission to update an action type", - "access_level": "Write", - "resource_types": { - "actiontype": { - "resource_type": "actiontype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_UpdateActionType.html" - }, - "UpdatePipeline": { - "privilege": "UpdatePipeline", - "description": "Grants permission to update a pipeline with changes to the structure of the pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_UpdatePipeline.html" - } - }, - "resources": { - "action": { - "resource": "action", - "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:${PipelineName}/${StageName}/${ActionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "actiontype": { - "resource": "actiontype", - "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:actiontype:${Owner}/${Category}/${Provider}/${Version}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "pipeline": { - "resource": "pipeline", - "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:${PipelineName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stage": { - "resource": "stage", - "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:${PipelineName}/${StageName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "webhook": { - "resource": "webhook", - "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:webhook:${WebhookName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "codestar": { - "service_name": "AWS CodeStar", - "prefix": "codestar", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodestar.html", - "privileges": { - "AssociateTeamMember": { - "privilege": "AssociateTeamMember", - "description": "Grants permission to add a user to the team for an AWS CodeStar project", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_AssociateTeamMember.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a project with minimal structure, customer policies, and no resources", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_CreateProject.html" - }, - "CreateUserProfile": { - "privilege": "CreateUserProfile", - "description": "Grants permission to create a profile for a user that includes user preferences, display name, and email", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_CreateUserProfile.html" - }, - "DeleteExtendedAccess": { - "privilege": "DeleteExtendedAccess", - "description": "Grants permission to extended delete APIs", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project, including project resources. Does not delete users associated with the project, but does delete the IAM roles that allowed access to the project", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DeleteProject.html" - }, - "DeleteUserProfile": { - "privilege": "DeleteUserProfile", - "description": "Grants permission to delete a user profile in AWS CodeStar, including all personal preference data associated with that profile, such as display name and email address. It does not delete the history of that user, for example the history of commits made by that user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DeleteUserProfile.html" - }, - "DescribeProject": { - "privilege": "DescribeProject", - "description": "Grants permission to describe a project and its resources", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DescribeProject.html" - }, - "DescribeUserProfile": { - "privilege": "DescribeUserProfile", - "description": "Grants permission to describe a user in AWS CodeStar and the user attributes across all projects", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DescribeUserProfile.html" - }, - "DisassociateTeamMember": { - "privilege": "DisassociateTeamMember", - "description": "Grants permission to remove a user from a project. Removing a user from a project also removes the IAM policies from that user that allowed access to the project and its resources", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DisassociateTeamMember.html" - }, - "GetExtendedAccess": { - "privilege": "GetExtendedAccess", - "description": "Grants permission to extended read APIs", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list all projects in CodeStar associated with your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListProjects.html" - }, - "ListResources": { - "privilege": "ListResources", - "description": "Grants permission to list all resources associated with a project in CodeStar", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListResources.html" - }, - "ListTagsForProject": { - "privilege": "ListTagsForProject", - "description": "Grants permission to list the tags associated with a project in CodeStar", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListTagsForProject.html" - }, - "ListTeamMembers": { - "privilege": "ListTeamMembers", - "description": "Grants permission to list all team members associated with a project", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListTeamMembers.html" - }, - "ListUserProfiles": { - "privilege": "ListUserProfiles", - "description": "Grants permission to list user profiles in AWS CodeStar", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListUserProfiles.html" - }, - "PutExtendedAccess": { - "privilege": "PutExtendedAccess", - "description": "Grants permission to extended write APIs", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "TagProject": { - "privilege": "TagProject", - "description": "Grants permission to add tags to a project in CodeStar", - "access_level": "Tagging", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_TagProject.html" - }, - "UntagProject": { - "privilege": "UntagProject", - "description": "Grants permission to remove tags from a project in CodeStar", - "access_level": "Tagging", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UntagProject.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to update a project in CodeStar", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UpdateProject.html" - }, - "UpdateTeamMember": { - "privilege": "UpdateTeamMember", - "description": "Grants permission to update team member attributes within a CodeStar project", - "access_level": "Permissions management", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UpdateTeamMember.html" - }, - "UpdateUserProfile": { - "privilege": "UpdateUserProfile", - "description": "Grants permission to update a profile for a user that includes user preferences, display name, and email", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UpdateUserProfile.html" - }, - "VerifyServiceRole": { - "privilege": "VerifyServiceRole", - "description": "Grants permission to verify whether the AWS CodeStar service role exists in the customer's account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - } - }, - "resources": { - "project": { - "resource": "project", - "arn": "arn:${Partition}:codestar:${Region}:${Account}:project/${ProjectId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:iam::${Account}:user/${AwsUserName}", - "condition_keys": [ - "iam:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by requests based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by requests based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "iam:ResourceTag/${TagKey}": { - "condition": "iam:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag-value associated with the resource", - "type": "String" - } - } - }, - "codestar-connections": { - "service_name": "AWS CodeStar Connections", - "prefix": "codestar-connections", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodestarconnections.html", - "privileges": { - "CreateConnection": { - "privilege": "CreateConnection", - "description": "Grants permission to create a Connection resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-connections:ProviderType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_CreateConnection.html" - }, - "CreateHost": { - "privilege": "CreateHost", - "description": "Grants permission to create a host resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-connections:ProviderType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_CreateHost.html" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete a Connection resource", - "access_level": "Write", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_DeleteConnection.html" - }, - "DeleteHost": { - "privilege": "DeleteHost", - "description": "Grants permission to delete a host resource", - "access_level": "Write", - "resource_types": { - "Host": { - "resource_type": "Host", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_DeleteHost.html" - }, - "GetConnection": { - "privilege": "GetConnection", - "description": "Grants permission to get details about a Connection resource", - "access_level": "Read", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_GetConnection.html" - }, - "GetHost": { - "privilege": "GetHost", - "description": "Grants permission to get details about a host resource", - "access_level": "Read", - "resource_types": { - "Host": { - "resource_type": "Host", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_GetHost.html" - }, - "GetIndividualAccessToken": { - "privilege": "GetIndividualAccessToken", - "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:ProviderType" - ], - "dependent_actions": [ - "codestar-connections:StartOAuthHandshake" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" - }, - "GetInstallationUrl": { - "privilege": "GetInstallationUrl", - "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:ProviderType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" - }, - "ListConnections": { - "privilege": "ListConnections", - "description": "Grants permission to list Connection resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:ProviderTypeFilter" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_ListConnections.html" - }, - "ListHosts": { - "privilege": "ListHosts", - "description": "Grants permission to list host resources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:ProviderTypeFilter" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_ListHosts.html" - }, - "ListInstallationTargets": { - "privilege": "ListInstallationTargets", - "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "codestar-connections:GetIndividualAccessToken", - "codestar-connections:StartOAuthHandshake" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Gets the set of key-value pairs that are used to manage the resource", - "access_level": "List", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_ListTagsForResource.html" - }, - "PassConnection": { - "privilege": "PassConnection", - "description": "Grants permission to pass a Connection resource to an AWS service that accepts a Connection ARN as input, such as codepipeline:CreatePipeline", - "access_level": "Read", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:PassedToService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-passconnection" - }, - "RegisterAppCode": { - "privilege": "RegisterAppCode", - "description": "Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:HostArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#connections-permissions-actions-host-registration" - }, - "StartAppRegistrationHandshake": { - "privilege": "StartAppRegistrationHandshake", - "description": "Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:HostArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#connections-permissions-actions-host-registration" - }, - "StartOAuthHandshake": { - "privilege": "StartOAuthHandshake", - "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:ProviderType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Adds to or modifies the tags of the given resource", - "access_level": "Tagging", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Removes tags from an AWS resource", - "access_level": "Tagging", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_UntagResource.html" - }, - "UpdateConnectionInstallation": { - "privilege": "UpdateConnectionInstallation", - "description": "Grants permission to update a Connection resource with an installation of the CodeStar Connections App", - "access_level": "Write", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "codestar-connections:GetIndividualAccessToken", - "codestar-connections:GetInstallationUrl", - "codestar-connections:ListInstallationTargets", - "codestar-connections:StartOAuthHandshake" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:InstallationId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" - }, - "UpdateHost": { - "privilege": "UpdateHost", - "description": "Grants permission to update a host resource", - "access_level": "Write", - "resource_types": { - "Host": { - "resource_type": "Host", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_UpdateHost.html" - }, - "UseConnection": { - "privilege": "UseConnection", - "description": "Grants permission to use a Connection resource to call provider actions", - "access_level": "Read", - "resource_types": { - "Connection": { - "resource_type": "Connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "codestar-connections:FullRepositoryId", - "codestar-connections:ProviderAction", - "codestar-connections:ProviderPermissionsRequired" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use" - } - }, - "resources": { - "Connection": { - "resource": "Connection", - "arn": "arn:${Partition}:codestar-connections:${Region}:${Account}:connection/${ConnectionId}", - "condition_keys": [] - }, - "Host": { - "resource": "Host", - "arn": "arn:${Partition}:codestar-connections:${Region}:${Account}:host/${HostId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "codestar-connections:BranchName": { - "condition": "codestar-connections:BranchName", - "description": "Filters access by the branch name that is passed in the request. Applies only to UseConnection requests for access to a specific repository branch", - "type": "String" - }, - "codestar-connections:FullRepositoryId": { - "condition": "codestar-connections:FullRepositoryId", - "description": "Filters access by the repository that is passed in the request. Applies only to UseConnection requests for access to a specific repository", - "type": "String" - }, - "codestar-connections:HostArn": { - "condition": "codestar-connections:HostArn", - "description": "Filters access by the host resource associated with the connection used in the request", - "type": "String" - }, - "codestar-connections:InstallationId": { - "condition": "codestar-connections:InstallationId", - "description": "Filters access by the third-party ID (such as the Bitbucket App installation ID for CodeStar Connections) that is used to update a Connection. Allows you to restrict which third-party App installations can be used to make a Connection", - "type": "String" - }, - "codestar-connections:OwnerId": { - "condition": "codestar-connections:OwnerId", - "description": "Filters access by the owner of the third-party repository. Applies only to UseConnection requests for access to repositories owned by a specific user", - "type": "String" - }, - "codestar-connections:PassedToService": { - "condition": "codestar-connections:PassedToService", - "description": "Filters access by the service to which the principal is allowed to pass a Connection", - "type": "String" - }, - "codestar-connections:ProviderAction": { - "condition": "codestar-connections:ProviderAction", - "description": "Filters access by the provider action in a UseConnection request such as ListRepositories. See documentation for all valid values", - "type": "String" - }, - "codestar-connections:ProviderPermissionsRequired": { - "condition": "codestar-connections:ProviderPermissionsRequired", - "description": "Filters access by the write permissions of a provider action in a UseConnection request. Valid types include read_only and read_write", - "type": "String" - }, - "codestar-connections:ProviderType": { - "condition": "codestar-connections:ProviderType", - "description": "Filters access by the type of third-party provider passed in the request", - "type": "String" - }, - "codestar-connections:ProviderTypeFilter": { - "condition": "codestar-connections:ProviderTypeFilter", - "description": "Filters access by the type of third-party provider used to filter results", - "type": "String" - }, - "codestar-connections:RepositoryName": { - "condition": "codestar-connections:RepositoryName", - "description": "Filters access by the repository name that is passed in the request. Applies only to UseConnection requests for creating new repositories", - "type": "String" - } - } - }, - "codestar-notifications": { - "service_name": "AWS CodeStar Notifications", - "prefix": "codestar-notifications", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodestarnotifications.html", - "privileges": { - "CreateNotificationRule": { - "privilege": "CreateNotificationRule", - "description": "Grants permission to create a notification rule for a resource", - "access_level": "Write", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-notifications:NotificationsForResource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_CreateNotificationRule.html" - }, - "DeleteNotificationRule": { - "privilege": "DeleteNotificationRule", - "description": "Grants permission to delete a notification rule for a resource", - "access_level": "Write", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-notifications:NotificationsForResource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_DeleteNotificationRule.html" - }, - "DeleteTarget": { - "privilege": "DeleteTarget", - "description": "Grants permission to delete a target for a notification rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_DeleteTarget.html" - }, - "DescribeNotificationRule": { - "privilege": "DescribeNotificationRule", - "description": "Grants permission to get information about a notification rule", - "access_level": "Read", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-notifications:NotificationsForResource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_DescribeNotificationRule.html" - }, - "ListEventTypes": { - "privilege": "ListEventTypes", - "description": "Grants permission to list notifications event types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListEventTypes.html" - }, - "ListNotificationRules": { - "privilege": "ListNotificationRules", - "description": "Grants permission to list notification rules in an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListNotificationRules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags attached to a notification rule resource ARN", - "access_level": "List", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTargets": { - "privilege": "ListTargets", - "description": "Grants permission to list the notification rule targets for an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListTargets.html" - }, - "Subscribe": { - "privilege": "Subscribe", - "description": "Grants permission to create an association between a notification rule and an Amazon SNS topic", - "access_level": "Write", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-notifications:NotificationsForResource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_Subscribe.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to attach resource tags to a notification rule resource ARN", - "access_level": "Tagging", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_TagResource.html" - }, - "Unsubscribe": { - "privilege": "Unsubscribe", - "description": "Grants permission to remove an association between a notification rule and an Amazon SNS topic", - "access_level": "Write", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-notifications:NotificationsForResource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_Unsubscribe.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to disassociate resource tags from a notification rule resource ARN", - "access_level": "Tagging", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_UntagResource.html" - }, - "UpdateNotificationRule": { - "privilege": "UpdateNotificationRule", - "description": "Grants permission to change a notification rule for a resource", - "access_level": "Write", - "resource_types": { - "notificationrule": { - "resource_type": "notificationrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "codestar-notifications:NotificationsForResource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_UpdateNotificationRule.html" - } - }, - "resources": { - "notificationrule": { - "resource": "notificationrule", - "arn": "arn:${Partition}:codestar-notifications:${Region}:${Account}:notificationrule/${NotificationRuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "codestar-notifications:NotificationsForResource": { - "condition": "codestar-notifications:NotificationsForResource", - "description": "Filters access based on the ARN of the resource for which notifications are configured", - "type": "ARN" - } - } - }, - "compute-optimizer": { - "service_name": "AWS Compute Optimizer", - "prefix": "compute-optimizer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscomputeoptimizer.html", - "privileges": { - "DeleteRecommendationPreferences": { - "privilege": "DeleteRecommendationPreferences", - "description": "Grants permission to delete recommendation preferences", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "compute-optimizer:ResourceType" - ], - "dependent_actions": [ - "autoscaling:DescribeAutoScalingGroups", - "ec2:DescribeInstances" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_DeleteRecommendationPreferences.html" - }, - "DescribeRecommendationExportJobs": { - "privilege": "DescribeRecommendationExportJobs", - "description": "Grants permission to view the status of recommendation export jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_DescribeRecommendationExportJobs.html" - }, - "ExportAutoScalingGroupRecommendations": { - "privilege": "ExportAutoScalingGroupRecommendations", - "description": "Grants permission to export AutoScaling group recommendations to S3 for the provided accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "autoscaling:DescribeAutoScalingGroups", - "compute-optimizer:GetAutoScalingGroupRecommendations" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportAutoScalingGroupRecommendations.html" - }, - "ExportEBSVolumeRecommendations": { - "privilege": "ExportEBSVolumeRecommendations", - "description": "Grants permission to export EBS volume recommendations to S3 for the provided accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "compute-optimizer:GetEBSVolumeRecommendations", - "ec2:DescribeVolumes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportEBSVolumeRecommendations.html" - }, - "ExportEC2InstanceRecommendations": { - "privilege": "ExportEC2InstanceRecommendations", - "description": "Grants permission to export EC2 instance recommendations to S3 for the provided accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "compute-optimizer:GetEC2InstanceRecommendations", - "ec2:DescribeInstances" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportEC2InstanceRecommendations.html" - }, - "ExportECSServiceRecommendations": { - "privilege": "ExportECSServiceRecommendations", - "description": "Grants permission to export ECS service recommendations to S3 for the provided accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "compute-optimizer:GetECSServiceRecommendations", - "ecs:ListClusters", - "ecs:ListServices" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportECSServiceRecommendations.html" - }, - "ExportLambdaFunctionRecommendations": { - "privilege": "ExportLambdaFunctionRecommendations", - "description": "Grants permission to export Lambda function recommendations to S3 for the provided accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "compute-optimizer:GetLambdaFunctionRecommendations", - "lambda:ListFunctions", - "lambda:ListProvisionedConcurrencyConfigs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportLambdaFunctionRecommendations.html" - }, - "GetAutoScalingGroupRecommendations": { - "privilege": "GetAutoScalingGroupRecommendations", - "description": "Grants permission to get recommendations for the provided AutoScaling groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "autoscaling:DescribeAutoScalingGroups" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetAutoScalingGroupRecommendations.html" - }, - "GetEBSVolumeRecommendations": { - "privilege": "GetEBSVolumeRecommendations", - "description": "Grants permission to get recommendations for the provided EBS volumes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeVolumes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEBSVolumeRecommendations.html" - }, - "GetEC2InstanceRecommendations": { - "privilege": "GetEC2InstanceRecommendations", - "description": "Grants permission to get recommendations for the provided EC2 instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeInstances" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEC2InstanceRecommendations.html" - }, - "GetEC2RecommendationProjectedMetrics": { - "privilege": "GetEC2RecommendationProjectedMetrics", - "description": "Grants permission to get the recommendation projected metrics of the specified instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:DescribeInstances" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEC2RecommendationProjectedMetrics.html" - }, - "GetECSServiceRecommendationProjectedMetrics": { - "privilege": "GetECSServiceRecommendationProjectedMetrics", - "description": "Grants permission to get the recommendation projected metrics of the specified ECS service", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetECSServiceRecommendationProjectedMetrics.html" - }, - "GetECSServiceRecommendations": { - "privilege": "GetECSServiceRecommendations", - "description": "Grants permission to get recommendations for the provided ECS services", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ecs:ListClusters", - "ecs:ListServices" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetECSServiceRecommendations.html" - }, - "GetEffectiveRecommendationPreferences": { - "privilege": "GetEffectiveRecommendationPreferences", - "description": "Grants permission to get recommendation preferences that are in effect", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "compute-optimizer:ResourceType" - ], - "dependent_actions": [ - "autoscaling:DescribeAutoScalingGroups", - "autoscaling:DescribeAutoScalingInstances", - "ec2:DescribeInstances" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEffectiveRecommendationPreferences.html" - }, - "GetEnrollmentStatus": { - "privilege": "GetEnrollmentStatus", - "description": "Grants permission to get the enrollment status for the specified account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEnrollmentStatus.html" - }, - "GetEnrollmentStatusesForOrganization": { - "privilege": "GetEnrollmentStatusesForOrganization", - "description": "Grants permission to get the enrollment statuses for member accounts of the organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEnrollmentStatusesForOrganization.html" - }, - "GetLambdaFunctionRecommendations": { - "privilege": "GetLambdaFunctionRecommendations", - "description": "Grants permission to get recommendations for the provided Lambda functions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "lambda:ListFunctions", - "lambda:ListProvisionedConcurrencyConfigs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetLambdaFunctionRecommendations.html" - }, - "GetRecommendationPreferences": { - "privilege": "GetRecommendationPreferences", - "description": "Grants permission to get recommendation preferences", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "compute-optimizer:ResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetRecommendationPreferences.html" - }, - "GetRecommendationSummaries": { - "privilege": "GetRecommendationSummaries", - "description": "Grants permission to get the recommendation summaries for the specified account(s)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetRecommendationSummaries.html" - }, - "PutRecommendationPreferences": { - "privilege": "PutRecommendationPreferences", - "description": "Grants permission to put recommendation preferences", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "compute-optimizer:ResourceType" - ], - "dependent_actions": [ - "autoscaling:DescribeAutoScalingGroups", - "autoscaling:DescribeAutoScalingInstances", - "ec2:DescribeInstances" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_PutRecommendationPreferences.html" - }, - "UpdateEnrollmentStatus": { - "privilege": "UpdateEnrollmentStatus", - "description": "Grants permission to update the enrollment status", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_UpdateEnrollmentStatus.html" - } - }, - "resources": {}, - "conditions": { - "compute-optimizer:ResourceType": { - "condition": "compute-optimizer:ResourceType", - "description": "Filters access by the resource type", - "type": "String" - } - } - }, - "config": { - "service_name": "AWS Config", - "prefix": "config", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconfig.html", - "privileges": { - "BatchGetAggregateResourceConfig": { - "privilege": "BatchGetAggregateResourceConfig", - "description": "Grants permission to return the current configuration items for resources that are present in your AWS Config aggregator", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetAggregateResourceConfig.html" - }, - "BatchGetResourceConfig": { - "privilege": "BatchGetResourceConfig", - "description": "Grants permission to return the current configuration for one or more requested resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetResourceConfig.html" - }, - "DeleteAggregationAuthorization": { - "privilege": "DeleteAggregationAuthorization", - "description": "Grants permission to delete the authorization granted to the specified configuration aggregator account in a specified region", - "access_level": "Write", - "resource_types": { - "AggregationAuthorization": { - "resource_type": "AggregationAuthorization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteAggregationAuthorization.html" - }, - "DeleteConfigRule": { - "privilege": "DeleteConfigRule", - "description": "Grants permission to delete the specified AWS Config rule and all of its evaluation results", - "access_level": "Write", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigRule.html" - }, - "DeleteConfigurationAggregator": { - "privilege": "DeleteConfigurationAggregator", - "description": "Grants permission to delete the specified configuration aggregator and the aggregated data associated with the aggregator", - "access_level": "Write", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationAggregator.html" - }, - "DeleteConfigurationRecorder": { - "privilege": "DeleteConfigurationRecorder", - "description": "Grants permission to delete the configuration recorder", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationRecorder.html" - }, - "DeleteConformancePack": { - "privilege": "DeleteConformancePack", - "description": "Grants permission to delete the specified conformance pack and all the AWS Config rules and all evaluation results within that conformance pack", - "access_level": "Write", - "resource_types": { - "ConformancePack": { - "resource_type": "ConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConformancePack.html" - }, - "DeleteDeliveryChannel": { - "privilege": "DeleteDeliveryChannel", - "description": "Grants permission to delete the delivery channel", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteDeliveryChannel.html" - }, - "DeleteEvaluationResults": { - "privilege": "DeleteEvaluationResults", - "description": "Grants permission to delete the evaluation results for the specified Config rule", - "access_level": "Write", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteEvaluationResults.html" - }, - "DeleteOrganizationConfigRule": { - "privilege": "DeleteOrganizationConfigRule", - "description": "Grants permission to delete the specified organization config rule and all of its evaluation results from all member accounts in that organization", - "access_level": "Write", - "resource_types": { - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConfigRule.html" - }, - "DeleteOrganizationConformancePack": { - "privilege": "DeleteOrganizationConformancePack", - "description": "Grants permission to delete the specified organization conformance pack and all of its evaluation results from all member accounts in that organization", - "access_level": "Write", - "resource_types": { - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConformancePack.html" - }, - "DeletePendingAggregationRequest": { - "privilege": "DeletePendingAggregationRequest", - "description": "Grants permission to delete pending authorization requests for a specified aggregator account in a specified region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeletePendingAggregationRequest.html" - }, - "DeleteRemediationConfiguration": { - "privilege": "DeleteRemediationConfiguration", - "description": "Grants permission to delete the remediation configuration", - "access_level": "Write", - "resource_types": { - "RemediationConfiguration": { - "resource_type": "RemediationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationConfiguration.html" - }, - "DeleteRemediationExceptions": { - "privilege": "DeleteRemediationExceptions", - "description": "Grants permission to delete one or more remediation exceptions for specific resource keys for a specific AWS Config Rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationExceptions.html" - }, - "DeleteResourceConfig": { - "privilege": "DeleteResourceConfig", - "description": "Grants permission to record the configuration state for a custom resource that has been deleted", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteResourceConfig.html" - }, - "DeleteRetentionConfiguration": { - "privilege": "DeleteRetentionConfiguration", - "description": "Grants permission to delete the retention configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRetentionConfiguration.html" - }, - "DeleteStoredQuery": { - "privilege": "DeleteStoredQuery", - "description": "Grants permission to delete the stored query for an AWS account in an AWS Region", - "access_level": "Write", - "resource_types": { - "StoredQuery": { - "resource_type": "StoredQuery", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteStoredQuery.html" - }, - "DeliverConfigSnapshot": { - "privilege": "DeliverConfigSnapshot", - "description": "Grants permission to schedule delivery of a configuration snapshot to the Amazon S3 bucket in the specified delivery channel", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeliverConfigSnapshot.html" - }, - "DescribeAggregateComplianceByConfigRules": { - "privilege": "DescribeAggregateComplianceByConfigRules", - "description": "Grants permission to return a list of compliant and noncompliant rules with the number of resources for compliant and noncompliant rules", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConfigRules.html" - }, - "DescribeAggregateComplianceByConformancePacks": { - "privilege": "DescribeAggregateComplianceByConformancePacks", - "description": "Grants permission to return a list of compliant and noncompliant conformance packs along with count of compliant, non-compliant and total rules within each conformance pack", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConformancePacks.html" - }, - "DescribeAggregationAuthorizations": { - "privilege": "DescribeAggregationAuthorizations", - "description": "Grants permission to return a list of authorizations granted to various aggregator accounts and regions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregationAuthorizations.html" - }, - "DescribeComplianceByConfigRule": { - "privilege": "DescribeComplianceByConfigRule", - "description": "Grants permission to indicate whether the specified AWS Config rules are compliant", - "access_level": "Read", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByConfigRule.html" - }, - "DescribeComplianceByResource": { - "privilege": "DescribeComplianceByResource", - "description": "Grants permission to indicate whether the specified AWS resources are compliant", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByResource.html" - }, - "DescribeConfigRuleEvaluationStatus": { - "privilege": "DescribeConfigRuleEvaluationStatus", - "description": "Grants permission to return status information for each of your AWS managed Config rules", - "access_level": "Read", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRuleEvaluationStatus.html" - }, - "DescribeConfigRules": { - "privilege": "DescribeConfigRules", - "description": "Grants permission to return details about your AWS Config rules", - "access_level": "List", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRules.html" - }, - "DescribeConfigurationAggregatorSourcesStatus": { - "privilege": "DescribeConfigurationAggregatorSourcesStatus", - "description": "Grants permission to return status information for sources within an aggregator", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregatorSourcesStatus.html" - }, - "DescribeConfigurationAggregators": { - "privilege": "DescribeConfigurationAggregators", - "description": "Grants permission to return the details of one or more configuration aggregators", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregators.html" - }, - "DescribeConfigurationRecorderStatus": { - "privilege": "DescribeConfigurationRecorderStatus", - "description": "Grants permission to return the current status of the specified configuration recorder", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorderStatus.html" - }, - "DescribeConfigurationRecorders": { - "privilege": "DescribeConfigurationRecorders", - "description": "Grants permission to return the names of one or more specified configuration recorders", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorders.html" - }, - "DescribeConformancePackCompliance": { - "privilege": "DescribeConformancePackCompliance", - "description": "Grants permission to return compliance information for each rule in that conformance pack", - "access_level": "Read", - "resource_types": { - "ConformancePack": { - "resource_type": "ConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackCompliance.html" - }, - "DescribeConformancePackStatus": { - "privilege": "DescribeConformancePackStatus", - "description": "Grants permission to provide one or more conformance packs deployment status", - "access_level": "Read", - "resource_types": { - "ConformancePack": { - "resource_type": "ConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackStatus.html" - }, - "DescribeConformancePacks": { - "privilege": "DescribeConformancePacks", - "description": "Grants permission to return a list of one or more conformance packs", - "access_level": "List", - "resource_types": { - "ConformancePack": { - "resource_type": "ConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePacks.html" - }, - "DescribeDeliveryChannelStatus": { - "privilege": "DescribeDeliveryChannelStatus", - "description": "Grants permission to return the current status of the specified delivery channel", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannelStatus.html" - }, - "DescribeDeliveryChannels": { - "privilege": "DescribeDeliveryChannels", - "description": "Grants permission to return details about the specified delivery channel", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannels.html" - }, - "DescribeOrganizationConfigRuleStatuses": { - "privilege": "DescribeOrganizationConfigRuleStatuses", - "description": "Grants permission to provide organization config rule deployment status for an organization", - "access_level": "Read", - "resource_types": { - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRuleStatuses.html" - }, - "DescribeOrganizationConfigRules": { - "privilege": "DescribeOrganizationConfigRules", - "description": "Grants permission to return a list of organization config rules", - "access_level": "List", - "resource_types": { - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRules.html" - }, - "DescribeOrganizationConformancePackStatuses": { - "privilege": "DescribeOrganizationConformancePackStatuses", - "description": "Grants permission to provide organization conformance pack deployment status for an organization", - "access_level": "Read", - "resource_types": { - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePackStatuses.html" - }, - "DescribeOrganizationConformancePacks": { - "privilege": "DescribeOrganizationConformancePacks", - "description": "Grants permission to return a list of organization conformance packs", - "access_level": "List", - "resource_types": { - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePacks.html" - }, - "DescribePendingAggregationRequests": { - "privilege": "DescribePendingAggregationRequests", - "description": "Grants permission to return a list of all pending aggregation requests", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribePendingAggregationRequests.html" - }, - "DescribeRemediationConfigurations": { - "privilege": "DescribeRemediationConfigurations", - "description": "Grants permission to return the details of one or more remediation configurations", - "access_level": "List", - "resource_types": { - "RemediationConfiguration": { - "resource_type": "RemediationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationConfigurations.html" - }, - "DescribeRemediationExceptions": { - "privilege": "DescribeRemediationExceptions", - "description": "Grants permission to return the details of one or more remediation exceptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExceptions.html" - }, - "DescribeRemediationExecutionStatus": { - "privilege": "DescribeRemediationExecutionStatus", - "description": "Grants permission to provide a detailed view of a Remediation Execution for a set of resources including state, timestamps and any error messages for steps that have failed", - "access_level": "Read", - "resource_types": { - "RemediationConfiguration": { - "resource_type": "RemediationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExecutionStatus.html" - }, - "DescribeRetentionConfigurations": { - "privilege": "DescribeRetentionConfigurations", - "description": "Grants permission to return the details of one or more retention configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRetentionConfigurations.html" - }, - "GetAggregateComplianceDetailsByConfigRule": { - "privilege": "GetAggregateComplianceDetailsByConfigRule", - "description": "Grants permission to return the evaluation results for the specified AWS Config rule for a specific resource in a rule", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateComplianceDetailsByConfigRule.html" - }, - "GetAggregateConfigRuleComplianceSummary": { - "privilege": "GetAggregateConfigRuleComplianceSummary", - "description": "Grants permission to return the number of compliant and noncompliant rules for one or more accounts and regions in an aggregator", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConfigRuleComplianceSummary.html" - }, - "GetAggregateConformancePackComplianceSummary": { - "privilege": "GetAggregateConformancePackComplianceSummary", - "description": "Grants permission to return the number of compliant and noncompliant conformance packs for one or more accounts and regions in an aggregator", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConformancePackComplianceSummary.html" - }, - "GetAggregateDiscoveredResourceCounts": { - "privilege": "GetAggregateDiscoveredResourceCounts", - "description": "Grants permission to return the resource counts across accounts and regions that are present in your AWS Config aggregator", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateDiscoveredResourceCounts.html" - }, - "GetAggregateResourceConfig": { - "privilege": "GetAggregateResourceConfig", - "description": "Grants permission to return configuration item that is aggregated for your specific resource in a specific source account and region", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateResourceConfig.html" - }, - "GetComplianceDetailsByConfigRule": { - "privilege": "GetComplianceDetailsByConfigRule", - "description": "Grants permission to return the evaluation results for the specified AWS Config rule", - "access_level": "Read", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByConfigRule.html" - }, - "GetComplianceDetailsByResource": { - "privilege": "GetComplianceDetailsByResource", - "description": "Grants permission to return the evaluation results for the specified AWS resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByResource.html" - }, - "GetComplianceSummaryByConfigRule": { - "privilege": "GetComplianceSummaryByConfigRule", - "description": "Grants permission to return the number of AWS Config rules that are compliant and noncompliant, up to a maximum of 25 for each", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByConfigRule.html" - }, - "GetComplianceSummaryByResourceType": { - "privilege": "GetComplianceSummaryByResourceType", - "description": "Grants permission to return the number of resources that are compliant and the number that are noncompliant", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByResourceType.html" - }, - "GetConformancePackComplianceDetails": { - "privilege": "GetConformancePackComplianceDetails", - "description": "Grants permission to return compliance details of a conformance pack for all AWS resources that are monitered by conformance pack", - "access_level": "Read", - "resource_types": { - "ConformancePack": { - "resource_type": "ConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceDetails.html" - }, - "GetConformancePackComplianceSummary": { - "privilege": "GetConformancePackComplianceSummary", - "description": "Grants permission to provide compliance summary for one or more conformance packs", - "access_level": "Read", - "resource_types": { - "ConformancePack": { - "resource_type": "ConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceSummary.html" - }, - "GetCustomRulePolicy": { - "privilege": "GetCustomRulePolicy", - "description": "Grants permission to return the policy definition containing the logic for your AWS Config Custom Policy rule", - "access_level": "Read", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetCustomRulePolicy.html" - }, - "GetDiscoveredResourceCounts": { - "privilege": "GetDiscoveredResourceCounts", - "description": "Grants permission to return the resource types, the number of each resource type, and the total number of resources that AWS Config is recording in this region for your AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetDiscoveredResourceCounts.html" - }, - "GetOrganizationConfigRuleDetailedStatus": { - "privilege": "GetOrganizationConfigRuleDetailedStatus", - "description": "Grants permission to return detailed status for each member account within an organization for a given organization config rule", - "access_level": "Read", - "resource_types": { - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConfigRuleDetailedStatus.html" - }, - "GetOrganizationConformancePackDetailedStatus": { - "privilege": "GetOrganizationConformancePackDetailedStatus", - "description": "Grants permission to return detailed status for each member account within an organization for a given organization conformance pack", - "access_level": "Read", - "resource_types": { - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConformancePackDetailedStatus.html" - }, - "GetOrganizationCustomRulePolicy": { - "privilege": "GetOrganizationCustomRulePolicy", - "description": "Grants permission to return the policy definition containing the logic for your organization AWS Config Custom Policy rule", - "access_level": "Read", - "resource_types": { - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationCustomRulePolicy.html" - }, - "GetResourceConfigHistory": { - "privilege": "GetResourceConfigHistory", - "description": "Grants permission to return a list of configuration items for the specified resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceConfigHistory.html" - }, - "GetResourceEvaluationSummary": { - "privilege": "GetResourceEvaluationSummary", - "description": "Grants permission to return the summary of resource evaluations for a specific resource evaluation ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceEvaluationSummary.html" - }, - "GetStoredQuery": { - "privilege": "GetStoredQuery", - "description": "Grants permission to return the details of a specific stored query", - "access_level": "Read", - "resource_types": { - "StoredQuery": { - "resource_type": "StoredQuery", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetStoredQuery.html" - }, - "ListAggregateDiscoveredResources": { - "privilege": "ListAggregateDiscoveredResources", - "description": "Grants permission to accept a resource type and returns a list of resource identifiers that are aggregated for a specific resource type across accounts and regions", - "access_level": "List", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListAggregateDiscoveredResources.html" - }, - "ListConformancePackComplianceScores": { - "privilege": "ListConformancePackComplianceScores", - "description": "Grants permission to return the percentage of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListConformancePackComplianceScores.html" - }, - "ListDiscoveredResources": { - "privilege": "ListDiscoveredResources", - "description": "Grants permission to accept a resource type and returns a list of resource identifiers for the resources of that type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListDiscoveredResources.html" - }, - "ListResourceEvaluations": { - "privilege": "ListResourceEvaluations", - "description": "Grants permission to list the resource evaluation summaries for an AWS account in an AWS Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListResourceEvaluations.html" - }, - "ListStoredQueries": { - "privilege": "ListStoredQueries", - "description": "Grants permission to list the stored queries for an AWS account in an AWS Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListStoredQueries.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for AWS Config resource", - "access_level": "Read", - "resource_types": { - "AggregationAuthorization": { - "resource_type": "AggregationAuthorization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfigRule": { - "resource_type": "ConfigRule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConformancePack": { - "resource_type": "ConformancePack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StoredQuery": { - "resource_type": "StoredQuery", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListTagsForResource.html" - }, - "PutAggregationAuthorization": { - "privilege": "PutAggregationAuthorization", - "description": "Grants permission to authorize the aggregator account and region to collect data from the source account and region", - "access_level": "Write", - "resource_types": { - "AggregationAuthorization": { - "resource_type": "AggregationAuthorization", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutAggregationAuthorization.html" - }, - "PutConfigRule": { - "privilege": "PutConfigRule", - "description": "Grants permission to add or update an AWS Config rule for evaluating whether your AWS resources comply with your desired configurations", - "access_level": "Write", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigRule.html" - }, - "PutConfigurationAggregator": { - "privilege": "PutConfigurationAggregator", - "description": "Grants permission to create and update the configuration aggregator with the selected source accounts and regions", - "access_level": "Write", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationAggregator.html" - }, - "PutConfigurationRecorder": { - "privilege": "PutConfigurationRecorder", - "description": "Grants permission to create a new configuration recorder to record the selected resource configurations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationRecorder.html" - }, - "PutConformancePack": { - "privilege": "PutConformancePack", - "description": "Grants permission to create or update a conformance pack", - "access_level": "Write", - "resource_types": { - "ConformancePack": { - "resource_type": "ConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "s3:GetObject", - "s3:ListBucket", - "ssm:GetDocument" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConformancePack.html" - }, - "PutDeliveryChannel": { - "privilege": "PutDeliveryChannel", - "description": "Grants permission to create a delivery channel object to deliver configuration information to an Amazon S3 bucket and Amazon SNS topic", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutDeliveryChannel.html" - }, - "PutEvaluations": { - "privilege": "PutEvaluations", - "description": "Grants permission to be used by an AWS Lambda function to deliver evaluation results to AWS Config", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutEvaluations.html" - }, - "PutExternalEvaluation": { - "privilege": "PutExternalEvaluation", - "description": "Grants permission to deliver evaluation result to AWS Config", - "access_level": "Write", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutExternalEvaluation.html" - }, - "PutOrganizationConfigRule": { - "privilege": "PutOrganizationConfigRule", - "description": "Grants permission to add or update organization config rule for your entire organization evaluating whether your AWS resources comply with your desired configurations", - "access_level": "Write", - "resource_types": { - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConfigRule.html" - }, - "PutOrganizationConformancePack": { - "privilege": "PutOrganizationConformancePack", - "description": "Grants permission to add or update organization conformance pack for your entire organization evaluating whether your AWS resources comply with your desired configurations", - "access_level": "Write", - "resource_types": { - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators", - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConformancePack.html" - }, - "PutRemediationConfigurations": { - "privilege": "PutRemediationConfigurations", - "description": "Grants permission to add or update the remediation configuration with a specific AWS Config rule with the selected target or action", - "access_level": "Write", - "resource_types": { - "RemediationConfiguration": { - "resource_type": "RemediationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationConfigurations.html" - }, - "PutRemediationExceptions": { - "privilege": "PutRemediationExceptions", - "description": "Grants permission to add or update remediation exceptions for specific resources for a specific AWS Config rule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationExceptions.html" - }, - "PutResourceConfig": { - "privilege": "PutResourceConfig", - "description": "Grants permission to record the configuration state for the resource provided in the request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutResourceConfig.html" - }, - "PutRetentionConfiguration": { - "privilege": "PutRetentionConfiguration", - "description": "Grants permission to create and update the retention configuration with details about retention period (number of days) that AWS Config stores your historical information", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutRetentionConfiguration.html" - }, - "PutStoredQuery": { - "privilege": "PutStoredQuery", - "description": "Grants permission to save a new query or updates an existing saved query", - "access_level": "Write", - "resource_types": { - "StoredQuery": { - "resource_type": "StoredQuery", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutStoredQuery.html" - }, - "SelectAggregateResourceConfig": { - "privilege": "SelectAggregateResourceConfig", - "description": "Grants permission to accept a structured query language (SQL) SELECT command and an aggregator to query configuration state of AWS resources across multiple accounts and regions, performs the corresponding search, and returns resource configurations matching the properties", - "access_level": "Read", - "resource_types": { - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_SelectAggregateResourceConfig.html" - }, - "SelectResourceConfig": { - "privilege": "SelectResourceConfig", - "description": "Grants permission to accept a structured query language (SQL) SELECT command, performs the corresponding search, and returns resource configurations matching the properties", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_SelectResourceConfig.html" - }, - "StartConfigRulesEvaluation": { - "privilege": "StartConfigRulesEvaluation", - "description": "Grants permission to evaluate your resources against the specified Config rules", - "access_level": "Write", - "resource_types": { - "ConfigRule": { - "resource_type": "ConfigRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigRulesEvaluation.html" - }, - "StartConfigurationRecorder": { - "privilege": "StartConfigurationRecorder", - "description": "Grants permission to start recording configurations of the AWS resources you have selected to record in your AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigurationRecorder.html" - }, - "StartRemediationExecution": { - "privilege": "StartRemediationExecution", - "description": "Grants permission to run an on-demand remediation for the specified AWS Config rules against the last known remediation configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartRemediationExecution.html" - }, - "StartResourceEvaluation": { - "privilege": "StartResourceEvaluation", - "description": "Grants permission to evaluate your resource details against the AWS Config rules in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeType" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartResourceEvaluation.html" - }, - "StopConfigurationRecorder": { - "privilege": "StopConfigurationRecorder", - "description": "Grants permission to stop recording configurations of the AWS resources you have selected to record in your AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StopConfigurationRecorder.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate the specified tags to a resource with the specified resourceArn", - "access_level": "Tagging", - "resource_types": { - "AggregationAuthorization": { - "resource_type": "AggregationAuthorization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfigRule": { - "resource_type": "ConfigRule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConformancePack": { - "resource_type": "ConformancePack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StoredQuery": { - "resource_type": "StoredQuery", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to delete specified tags from a resource", - "access_level": "Tagging", - "resource_types": { - "AggregationAuthorization": { - "resource_type": "AggregationAuthorization", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfigRule": { - "resource_type": "ConfigRule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConfigurationAggregator": { - "resource_type": "ConfigurationAggregator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ConformancePack": { - "resource_type": "ConformancePack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OrganizationConfigRule": { - "resource_type": "OrganizationConfigRule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OrganizationConformancePack": { - "resource_type": "OrganizationConformancePack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StoredQuery": { - "resource_type": "StoredQuery", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_UntagResource.html" - } - }, - "resources": { - "AggregationAuthorization": { - "resource": "AggregationAuthorization", - "arn": "arn:${Partition}:config:${Region}:${Account}:aggregation-authorization/${AggregatorAccount}/${AggregatorRegion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ConfigurationAggregator": { - "resource": "ConfigurationAggregator", - "arn": "arn:${Partition}:config:${Region}:${Account}:config-aggregator/${AggregatorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ConfigRule": { - "resource": "ConfigRule", - "arn": "arn:${Partition}:config:${Region}:${Account}:config-rule/${ConfigRuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ConformancePack": { - "resource": "ConformancePack", - "arn": "arn:${Partition}:config:${Region}:${Account}:conformance-pack/${ConformancePackName}/${ConformancePackId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "OrganizationConfigRule": { - "resource": "OrganizationConfigRule", - "arn": "arn:${Partition}:config:${Region}:${Account}:organization-config-rule/${OrganizationConfigRuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "OrganizationConformancePack": { - "resource": "OrganizationConformancePack", - "arn": "arn:${Partition}:config:${Region}:${Account}:organization-conformance-pack/${OrganizationConformancePackId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "RemediationConfiguration": { - "resource": "RemediationConfiguration", - "arn": "arn:${Partition}:config:${Region}:${Account}:remediation-configuration/${RemediationConfigurationId}", - "condition_keys": [] - }, - "StoredQuery": { - "resource": "StoredQuery", - "arn": "arn:${Partition}:config:${Region}:${Account}:stored-query/${StoredQueryName}/${StoredQueryId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "awsconnector": { - "service_name": "AWS Connector Service", - "prefix": "awsconnector", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconnectorservice.html", - "privileges": { - "GetConnectorHealth": { - "privilege": "GetConnectorHealth", - "description": "Retrieves all health metrics that were published from the Server Migration Connector.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/userguide/prereqs.html#connector-permissions" - }, - "RegisterConnector": { - "privilege": "RegisterConnector", - "description": "Registers AWS Connector with AWS Connector Service.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/userguide/prereqs.html#connector-permissions" - }, - "ValidateConnectorId": { - "privilege": "ValidateConnectorId", - "description": "Validates Server Migration Connector Id that was registered with AWS Connector Service.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/userguide/prereqs.html#connector-permissions" - } - }, - "resources": {}, - "conditions": {} - }, - "consoleapp": { - "service_name": "AWS Management Console Mobile App", - "prefix": "consoleapp", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconsolemobileapp.html", - "privileges": { - "GetDeviceIdentity": { - "privilege": "GetDeviceIdentity", - "description": "Grants permission to retrieve the device identity for a Console Mobile App device", - "access_level": "Read", - "resource_types": { - "DeviceIdentity": { - "resource_type": "DeviceIdentity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/consolemobileapp/latest/userguide/permissions-policies.html" - }, - "ListDeviceIdentities": { - "privilege": "ListDeviceIdentities", - "description": "Grants permission to retrieve a list of device identities", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/consolemobileapp/latest/userguide/permissions-policies.html" - } - }, - "resources": { - "DeviceIdentity": { - "resource": "DeviceIdentity", - "arn": "arn:${Partition}:consoleapp::${Account}:device/${DeviceId}/identity/${IdentityId}", - "condition_keys": [ - "consoleapp:DeviceIdentityArn" - ] - } - }, - "conditions": { - "consoleapp:DeviceIdentityArn": { - "condition": "consoleapp:DeviceIdentityArn", - "description": "A unique identifier for an identity on a device", - "type": "String" - } - } - }, - "consolidatedbilling": { - "service_name": "AWS Consolidated Billing", - "prefix": "consolidatedbilling", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconsolidatedbilling.html", - "privileges": { - "GetAccountBillingRole": { - "privilege": "GetAccountBillingRole", - "description": "Grants permission to get account role (Payer, Linked, Regular)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "ListLinkedAccounts": { - "privilege": "ListLinkedAccounts", - "description": "Grants permission to get list of member/linked accounts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - } - }, - "resources": {}, - "conditions": {} - }, - "controltower": { - "service_name": "AWS Control Tower", - "prefix": "controltower", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscontroltower.html", - "privileges": { - "CreateManagedAccount": { - "privilege": "CreateManagedAccount", - "description": "Grants permission to create an account managed by AWS Control Tower", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - }, - "DeleteLandingZone": { - "privilege": "DeleteLandingZone", - "description": "Grants permission to delete AWS Control Tower landing zone", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/decommission-landing-zone.html" - }, - "DeregisterManagedAccount": { - "privilege": "DeregisterManagedAccount", - "description": "Grants permission to deregister an account created through the account factory from AWS Control Tower", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - }, - "DeregisterOrganizationalUnit": { - "privilege": "DeregisterOrganizationalUnit", - "description": "Grants permission to deregister an organizational unit from AWS Control Tower management", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" - }, - "DescribeAccountFactoryConfig": { - "privilege": "DescribeAccountFactoryConfig", - "description": "Grants permission to describe the current account factory configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - }, - "DescribeCoreService": { - "privilege": "DescribeCoreService", - "description": "Grants permission to describe resources managed by core accounts in AWS Control Tower", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/how-control-tower-works.html#what-shared" - }, - "DescribeGuardrail": { - "privilege": "DescribeGuardrail", - "description": "Grants permission to describe a guardrail", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" - }, - "DescribeGuardrailForTarget": { - "privilege": "DescribeGuardrailForTarget", - "description": "Grants permission to describe a guardrail for a organizational unit", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" - }, - "DescribeLandingZoneConfiguration": { - "privilege": "DescribeLandingZoneConfiguration", - "description": "Grants permission to describe the current Landing Zone configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/step-two.html" - }, - "DescribeManagedAccount": { - "privilege": "DescribeManagedAccount", - "description": "Grants permission to describe an account created through account factory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - }, - "DescribeManagedOrganizationalUnit": { - "privilege": "DescribeManagedOrganizationalUnit", - "description": "Grants permission to describe an AWS Organizations organizational unit managed by AWS Control Tower", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" - }, - "DescribeRegisterOrganizationalUnitOperation": { - "privilege": "DescribeRegisterOrganizationalUnitOperation", - "description": "Grants permission to describe a Register Organizational Unit Operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/about-extending-governance.html" - }, - "DescribeSingleSignOn": { - "privilege": "DescribeSingleSignOn", - "description": "Grants permission to describe the current AWS Control Tower SSO configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/sso.html" - }, - "DisableControl": { - "privilege": "DisableControl", - "description": "Grants permission to remove a control from an organizational unit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_DisableControl.html" - }, - "DisableGuardrail": { - "privilege": "DisableGuardrail", - "description": "Grants permission to disable a guardrail from an organizational unit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls-on-ou.html" - }, - "EnableControl": { - "privilege": "EnableControl", - "description": "Grants permission to activate a control for an organizational unit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_EnableControl.html" - }, - "EnableGuardrail": { - "privilege": "EnableGuardrail", - "description": "Grants permission to enable a guardrail to an organizational unit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls-on-ou.html" - }, - "GetAccountInfo": { - "privilege": "GetAccountInfo", - "description": "Grants permission to describe an account email and validate that it exists", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/accounts.html" - }, - "GetAvailableUpdates": { - "privilege": "GetAvailableUpdates", - "description": "Grants permission to list available updates for the current AWS Control Tower deployment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/configuration-updates.html" - }, - "GetControlOperation": { - "privilege": "GetControlOperation", - "description": "Grants permission to get the current status of a particular EnabledControl or DisableControl operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_GetControlOperation.html" - }, - "GetGuardrailComplianceStatus": { - "privilege": "GetGuardrailComplianceStatus", - "description": "Grants permission to get the current compliance status of a guardrail", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" - }, - "GetHomeRegion": { - "privilege": "GetHomeRegion", - "description": "Grants permission to get the home region of the AWS Control Tower setup", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/how-control-tower-works.html#region-how" - }, - "GetLandingZoneDriftStatus": { - "privilege": "GetLandingZoneDriftStatus", - "description": "Grants permission to get the current landing zone drift status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/drift.html" - }, - "GetLandingZoneStatus": { - "privilege": "GetLandingZoneStatus", - "description": "Grants permission to get the current status of the landing zone setup", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html#step-two" - }, - "ListDirectoryGroups": { - "privilege": "ListDirectoryGroups", - "description": "Grants permission to list the current directory groups available through SSO", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/sso.html" - }, - "ListDriftDetails": { - "privilege": "ListDriftDetails", - "description": "Grants permission to list occurrences of drift in AWS Control Tower", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/drift.html" - }, - "ListEnabledControls": { - "privilege": "ListEnabledControls", - "description": "Grants permission to list all enabled controls in a specified organizational unit", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_ListEnabledControls.html" - }, - "ListEnabledGuardrails": { - "privilege": "ListEnabledGuardrails", - "description": "Grants permission to list currently enabled guardrails", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" - }, - "ListExtendGovernancePrecheckDetails": { - "privilege": "ListExtendGovernancePrecheckDetails", - "description": "Grants permission to list Precheck details for an Organizational Unit", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/about-extending-governance.html" - }, - "ListExternalConfigRuleCompliance": { - "privilege": "ListExternalConfigRuleCompliance", - "description": "Grants permission to list the compliance of external AWS Config rules", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/review-compliance.html" - }, - "ListGuardrailViolations": { - "privilege": "ListGuardrailViolations", - "description": "Grants permission to list existing guardrail violations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" - }, - "ListGuardrails": { - "privilege": "ListGuardrails", - "description": "Grants permission to list all available guardrails", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" - }, - "ListGuardrailsForTarget": { - "privilege": "ListGuardrailsForTarget", - "description": "Grants permission to list guardrails and their current state for a organizational unit", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" - }, - "ListManagedAccounts": { - "privilege": "ListManagedAccounts", - "description": "Grants permission to list accounts managed through AWS Control Tower", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - }, - "ListManagedAccountsForGuardrail": { - "privilege": "ListManagedAccountsForGuardrail", - "description": "Grants permission to list managed accounts with a specified guardrail applied", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - }, - "ListManagedAccountsForParent": { - "privilege": "ListManagedAccountsForParent", - "description": "Grants permission to list managed accounts under an organizational unit", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - }, - "ListManagedOrganizationalUnits": { - "privilege": "ListManagedOrganizationalUnits", - "description": "Grants permission to list organizational units managed by AWS Control Tower", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" - }, - "ListManagedOrganizationalUnitsForGuardrail": { - "privilege": "ListManagedOrganizationalUnitsForGuardrail", - "description": "Grants permission to list managed organizational units that have a specified guardrail applied", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" - }, - "ManageOrganizationalUnit": { - "privilege": "ManageOrganizationalUnit", - "description": "Grants permission to set up an organizational unit to be managed by AWS Control Tower", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" - }, - "PerformPreLaunchChecks": { - "privilege": "PerformPreLaunchChecks", - "description": "Grants permission to perform validations in an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-prereqs.html" - }, - "SetupLandingZone": { - "privilege": "SetupLandingZone", - "description": "Grants permission to set up or update AWS Control Tower landing zone", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html#step-two" - }, - "UpdateAccountFactoryConfig": { - "privilege": "UpdateAccountFactoryConfig", - "description": "Grants permission to update the account factory configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" - } - }, - "resources": {}, - "conditions": {} - }, - "cur": { - "service_name": "AWS Cost and Usage Report", - "prefix": "cur", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscostandusagereport.html", - "privileges": { - "DeleteReportDefinition": { - "privilege": "DeleteReportDefinition", - "description": "Grants permission to delete Cost and Usage Report Definition", - "access_level": "Write", - "resource_types": { - "cur": { - "resource_type": "cur", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_DeleteReportDefinition.html" - }, - "DescribeReportDefinitions": { - "privilege": "DescribeReportDefinitions", - "description": "Grants permission to get Cost and Usage Report Definitions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_DescribeReportDefinitions.html" - }, - "GetClassicReport": { - "privilege": "GetClassicReport", - "description": "Grants permission to get Bills CSV report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" - }, - "GetClassicReportPreferences": { - "privilege": "GetClassicReportPreferences", - "description": "Grants permission to get the classic report enablement status for Usage Reports", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" - }, - "GetUsageReport": { - "privilege": "GetUsageReport", - "description": "Grants permission to get list of AWS services, usage type and operation for the Usage Report workflow. Allows or denies download of usage reports too", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" - }, - "ModifyReportDefinition": { - "privilege": "ModifyReportDefinition", - "description": "Grants permission to modify Cost and Usage Report Definition", - "access_level": "Write", - "resource_types": { - "cur": { - "resource_type": "cur", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_ModifyReportDefinition.html" - }, - "PutClassicReportPreferences": { - "privilege": "PutClassicReportPreferences", - "description": "Grants permission to enable classic reports", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" - }, - "PutReportDefinition": { - "privilege": "PutReportDefinition", - "description": "Grants permission to write Cost and Usage Report Definition", - "access_level": "Write", - "resource_types": { - "cur": { - "resource_type": "cur", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_PutReportDefinition.html" - }, - "ValidateReportDestination": { - "privilege": "ValidateReportDestination", - "description": "Grants permission to validates if the s3 bucket exists with appropriate permissions for CUR delivery", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" - } - }, - "resources": { - "cur": { - "resource": "cur", - "arn": "arn:${Partition}:cur:${Region}:${Account}:definition/${ReportName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "ce": { - "service_name": "AWS Cost Explorer Service", - "prefix": "ce", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscostexplorerservice.html", - "privileges": { - "CreateAnomalyMonitor": { - "privilege": "CreateAnomalyMonitor", - "description": "Grants permission to create a new Anomaly Monitor", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_CreateAnomalyMonitor.html" - }, - "CreateAnomalySubscription": { - "privilege": "CreateAnomalySubscription", - "description": "Grants permission to create a new Anomaly Subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_CreateAnomalySubscription.html" - }, - "CreateCostCategoryDefinition": { - "privilege": "CreateCostCategoryDefinition", - "description": "Grants permission to create a new Cost Category with the requested name and rules", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_CreateCostCategoryDefinition.html" - }, - "CreateNotificationSubscription": { - "privilege": "CreateNotificationSubscription", - "description": "Grants permission to create Reservation expiration alerts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "CreateReport": { - "privilege": "CreateReport", - "description": "Grants permission to create Cost Explorer Reports", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "DeleteAnomalyMonitor": { - "privilege": "DeleteAnomalyMonitor", - "description": "Grants permission to delete an Anomaly Monitor", - "access_level": "Write", - "resource_types": { - "anomalymonitor": { - "resource_type": "anomalymonitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DeleteAnomalyMonitor.html" - }, - "DeleteAnomalySubscription": { - "privilege": "DeleteAnomalySubscription", - "description": "Grants permission to delete an Anomaly Subscription", - "access_level": "Write", - "resource_types": { - "anomalysubscription": { - "resource_type": "anomalysubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DeleteAnomalySubscription.html" - }, - "DeleteCostCategoryDefinition": { - "privilege": "DeleteCostCategoryDefinition", - "description": "Grants permission to delete a Cost Category", - "access_level": "Write", - "resource_types": { - "costcategory": { - "resource_type": "costcategory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DeleteCostCategoryDefinition.html" - }, - "DeleteNotificationSubscription": { - "privilege": "DeleteNotificationSubscription", - "description": "Grants permission to delete Reservation expiration alerts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "DeleteReport": { - "privilege": "DeleteReport", - "description": "Grants permission to delete Cost Explorer Reports", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "DescribeCostCategoryDefinition": { - "privilege": "DescribeCostCategoryDefinition", - "description": "Grants permission to retrieve descriptions such as the name, ARN, rules, definition, and effective dates of a Cost Category", - "access_level": "Read", - "resource_types": { - "costcategory": { - "resource_type": "costcategory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DescribeCostCategoryDefinition.html" - }, - "DescribeNotificationSubscription": { - "privilege": "DescribeNotificationSubscription", - "description": "Grants permission to view Reservation expiration alerts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "DescribeReport": { - "privilege": "DescribeReport", - "description": "Grants permission to view Cost Explorer Reports page", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetAnomalies": { - "privilege": "GetAnomalies", - "description": "Grants permission to retrieve anomalies", - "access_level": "Read", - "resource_types": { - "anomalymonitor": { - "resource_type": "anomalymonitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetAnomalies.html" - }, - "GetAnomalyMonitors": { - "privilege": "GetAnomalyMonitors", - "description": "Grants permission to query Anomaly Monitors", - "access_level": "Read", - "resource_types": { - "anomalymonitor": { - "resource_type": "anomalymonitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetAnomalyMonitors.html" - }, - "GetAnomalySubscriptions": { - "privilege": "GetAnomalySubscriptions", - "description": "Grants permission to query Anomaly Subscriptions", - "access_level": "Read", - "resource_types": { - "anomalysubscription": { - "resource_type": "anomalysubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetAnomalySubscriptions.html" - }, - "GetConsoleActionSetEnforced": { - "privilege": "GetConsoleActionSetEnforced", - "description": "Grants permission to view whether existing or fine-grained IAM actions are being used to control authorization to Billing, Cost Management, and Account consoles", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetCostAndUsage": { - "privilege": "GetCostAndUsage", - "description": "Grants permission to retrieve the cost and usage metrics for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostAndUsage.html" - }, - "GetCostAndUsageWithResources": { - "privilege": "GetCostAndUsageWithResources", - "description": "Grants permission to retrieve the cost and usage metrics with resources for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostAndUsageWithResources.html" - }, - "GetCostCategories": { - "privilege": "GetCostCategories", - "description": "Grants permission to query Cost Catagory names and values for a specified time period", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostCategories.html" - }, - "GetCostForecast": { - "privilege": "GetCostForecast", - "description": "Grants permission to retrieve a cost forecast for a forecast time period", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostForecast.html" - }, - "GetDimensionValues": { - "privilege": "GetDimensionValues", - "description": "Grants permission to retrieve all available filter values for a filter for a period of time", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetDimensionValues.html" - }, - "GetPreferences": { - "privilege": "GetPreferences", - "description": "Grants permission to view Cost Explorer Preferences page", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetReservationCoverage": { - "privilege": "GetReservationCoverage", - "description": "Grants permission to retrieve the reservation coverage for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetReservationCoverage.html" - }, - "GetReservationPurchaseRecommendation": { - "privilege": "GetReservationPurchaseRecommendation", - "description": "Grants permission to retrieve the reservation recommendations for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetReservationPurchaseRecommendation.html" - }, - "GetReservationUtilization": { - "privilege": "GetReservationUtilization", - "description": "Grants permission to retrieve the reservation utilization for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetReservationUtilization.html" - }, - "GetRightsizingRecommendation": { - "privilege": "GetRightsizingRecommendation", - "description": "Grants permission to retrieve the rightsizing recommendations for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetRightsizingRecommendation.html" - }, - "GetSavingsPlansCoverage": { - "privilege": "GetSavingsPlansCoverage", - "description": "Grants permission to retrieve the Savings Plans coverage for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansCoverage.html" - }, - "GetSavingsPlansPurchaseRecommendation": { - "privilege": "GetSavingsPlansPurchaseRecommendation", - "description": "Grants permission to retrieve the Savings Plans recommendations for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansPurchaseRecommendation.html" - }, - "GetSavingsPlansUtilization": { - "privilege": "GetSavingsPlansUtilization", - "description": "Grants permission to retrieve the Savings Plans utilization for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansUtilization.html" - }, - "GetSavingsPlansUtilizationDetails": { - "privilege": "GetSavingsPlansUtilizationDetails", - "description": "Grants permission to retrieve the Savings Plans utilization details for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansUtilizationDetails.html" - }, - "GetTags": { - "privilege": "GetTags", - "description": "Grants permission to query tags for a specified time period", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetTags.html" - }, - "GetUsageForecast": { - "privilege": "GetUsageForecast", - "description": "Grants permission to retrieve a usage forecast for a forecast time period", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetUsageForecast.html" - }, - "ListCostAllocationTags": { - "privilege": "ListCostAllocationTags", - "description": "Grants permission to list Cost Allocation Tags", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListCostAllocationTags.html" - }, - "ListCostCategoryDefinitions": { - "privilege": "ListCostCategoryDefinitions", - "description": "Grants permission to retrieve names, ARN, and effective dates for all Cost Categories", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListCostCategoryDefinitions.html" - }, - "ListSavingsPlansPurchaseRecommendationGeneration": { - "privilege": "ListSavingsPlansPurchaseRecommendationGeneration", - "description": "Grants permission to retrieve a list of your historical recommendation generations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListSavingsPlansPurchaseRecommendationGeneration.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a Cost Explorer resource", - "access_level": "Read", - "resource_types": { - "anomalymonitor": { - "resource_type": "anomalymonitor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "anomalysubscription": { - "resource_type": "anomalysubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "costcategory": { - "resource_type": "costcategory", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListTagsForResource.html" - }, - "ProvideAnomalyFeedback": { - "privilege": "ProvideAnomalyFeedback", - "description": "Grants permission to provide feedback on detected anomalies", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ProvideAnomalyFeedback.html" - }, - "StartSavingsPlansPurchaseRecommendationGeneration": { - "privilege": "StartSavingsPlansPurchaseRecommendationGeneration", - "description": "Grants permission to request a Savings Plans recommendation generation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_StartSavingsPlansPurchaseRecommendationGeneration.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a Cost Explorer resource", - "access_level": "Tagging", - "resource_types": { - "anomalymonitor": { - "resource_type": "anomalymonitor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "anomalysubscription": { - "resource_type": "anomalysubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "costcategory": { - "resource_type": "costcategory", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a Cost Explorer resource", - "access_level": "Tagging", - "resource_types": { - "anomalymonitor": { - "resource_type": "anomalymonitor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "anomalysubscription": { - "resource_type": "anomalysubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "costcategory": { - "resource_type": "costcategory", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UntagResource.html" - }, - "UpdateAnomalyMonitor": { - "privilege": "UpdateAnomalyMonitor", - "description": "Grants permission to update an existing Anomaly Monitor", - "access_level": "Write", - "resource_types": { - "anomalymonitor": { - "resource_type": "anomalymonitor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateAnomalyMonitor.html" - }, - "UpdateAnomalySubscription": { - "privilege": "UpdateAnomalySubscription", - "description": "Grants permission to update an existing Anomaly Subscription", - "access_level": "Write", - "resource_types": { - "anomalysubscription": { - "resource_type": "anomalysubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateAnomalySubscription.html" - }, - "UpdateConsoleActionSetEnforced": { - "privilege": "UpdateConsoleActionSetEnforced", - "description": "Grants permission to change whether existing or fine-grained IAM actions will be used to control authorization to Billing, Cost Management, and Account consoles", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "UpdateCostAllocationTagsStatus": { - "privilege": "UpdateCostAllocationTagsStatus", - "description": "Grants permission to update existing Cost Allocation Tags status", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateCostAllocationTagsStatus.html" - }, - "UpdateCostCategoryDefinition": { - "privilege": "UpdateCostCategoryDefinition", - "description": "Grants permission to update an existing Cost Category", - "access_level": "Write", - "resource_types": { - "costcategory": { - "resource_type": "costcategory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateCostCategoryDefinition.html" - }, - "UpdateNotificationSubscription": { - "privilege": "UpdateNotificationSubscription", - "description": "Grants permission to update Reservation expiration alerts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "UpdatePreferences": { - "privilege": "UpdatePreferences", - "description": "Grants permission to edit Cost Explorer Preferences page", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "UpdateReport": { - "privilege": "UpdateReport", - "description": "Grants permission to update Cost Explorer Reports", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - } - }, - "resources": { - "anomalysubscription": { - "resource": "anomalysubscription", - "arn": "arn:${Partition}:ce::${Account}:anomalysubscription/${Identifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "anomalymonitor": { - "resource": "anomalymonitor", - "arn": "arn:${Partition}:ce::${Account}:anomalymonitor/${Identifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "costcategory": { - "resource": "costcategory", - "arn": "arn:${Partition}:ce::${Account}:costcategory/${Identifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "customer-verification": { - "service_name": "AWS Customer Verification Service", - "prefix": "customer-verification", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscustomerverificationservice.html", - "privileges": { - "CreateCustomerVerificationDetails": { - "privilege": "CreateCustomerVerificationDetails", - "description": "Grants permission to create customer verification data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetCustomerVerificationDetails": { - "privilege": "GetCustomerVerificationDetails", - "description": "Grants permission to get customer verification data", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetCustomerVerificationEligibility": { - "privilege": "GetCustomerVerificationEligibility", - "description": "Grants permission to get customer verification eligibility", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdateCustomerVerificationDetails": { - "privilege": "UpdateCustomerVerificationDetails", - "description": "Grants permission to update customer verification data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - } - }, - "resources": {}, - "conditions": {} - }, - "dms": { - "service_name": "AWS Database Migration Service", - "prefix": "dms", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatabasemigrationservice.html", - "privileges": { - "AddTagsToResource": { - "privilege": "AddTagsToResource", - "description": "Grants permission to add metadata tags to DMS resources, including replication instances, endpoints, security groups, and migration tasks", - "access_level": "Tagging", - "resource_types": { - "Certificate": { - "resource_type": "Certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataMigration": { - "resource_type": "DataMigration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataProvider": { - "resource_type": "DataProvider", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Endpoint": { - "resource_type": "Endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "EventSubscription": { - "resource_type": "EventSubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationSubnetGroup": { - "resource_type": "ReplicationSubnetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_AddTagsToResource.html" - }, - "ApplyPendingMaintenanceAction": { - "privilege": "ApplyPendingMaintenanceAction", - "description": "Grants permission to apply a pending maintenance action to a resource (for example, to a replication instance)", - "access_level": "Write", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ApplyPendingMaintenanceAction.html" - }, - "AssociateExtensionPack": { - "privilege": "AssociateExtensionPack", - "description": "Grants permission to associate a extension pack", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:StartExtensionPackAssociation" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "BatchStartRecommendations": { - "privilege": "BatchStartRecommendations", - "description": "Grants permission to start the analysis of up to 20 source databases to recommend target engines for each source database", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_BatchStartRecommendations.html" - }, - "CancelMetadataModelAssessment": { - "privilege": "CancelMetadataModelAssessment", - "description": "Grants permission to cancel a single metadata model assessment run", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CancelMetadataModelConversion": { - "privilege": "CancelMetadataModelConversion", - "description": "Grants permission to cancel a single metadata model conversion run", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CancelMetadataModelExport": { - "privilege": "CancelMetadataModelExport", - "description": "Grants permission to cancel a single metadata model export run", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CancelReplicationTaskAssessmentRun": { - "privilege": "CancelReplicationTaskAssessmentRun", - "description": "Grants permission to cancel a single premigration assessment run", - "access_level": "Write", - "resource_types": { - "ReplicationTaskAssessmentRun": { - "resource_type": "ReplicationTaskAssessmentRun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CancelReplicationTaskAssessmentRun.html" - }, - "CreateDataMigration": { - "privilege": "CreateDataMigration", - "description": "Grants permission to create a database migration using the provided settings", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CreateDataProvider": { - "privilege": "CreateDataProvider", - "description": "Grants permission to create an data provider using the provided settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CreateEndpoint": { - "privilege": "CreateEndpoint", - "description": "Grants permission to create an endpoint using the provided settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateEndpoint.html" - }, - "CreateEventSubscription": { - "privilege": "CreateEventSubscription", - "description": "Grants permission to create an AWS DMS event notification subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateEventSubscription.html" - }, - "CreateFleetAdvisorCollector": { - "privilege": "CreateFleetAdvisorCollector", - "description": "Grants permission to create a Fleet Advisor collector using the specified parameters", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateFleetAdvisorCollector.html" - }, - "CreateInstanceProfile": { - "privilege": "CreateInstanceProfile", - "description": "Grants permission to create an instance profile using the provided settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CreateMigrationProject": { - "privilege": "CreateMigrationProject", - "description": "Grants permission to create an migration project using the provided settings", - "access_level": "Write", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CreateReplicationConfig": { - "privilege": "CreateReplicationConfig", - "description": "Grants permission to create a replication config using the provided settings", - "access_level": "Write", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "CreateReplicationInstance": { - "privilege": "CreateReplicationInstance", - "description": "Grants permission to create a replication instance using the specified parameters", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationInstance.html" - }, - "CreateReplicationSubnetGroup": { - "privilege": "CreateReplicationSubnetGroup", - "description": "Grants permission to create a replication subnet group given a list of the subnet IDs in a VPC", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationSubnetGroup.html" - }, - "CreateReplicationTask": { - "privilege": "CreateReplicationTask", - "description": "Grants permission to create a replication task using the specified parameters", - "access_level": "Write", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "dms:req-tag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html" - }, - "DeleteCertificate": { - "privilege": "DeleteCertificate", - "description": "Grants permission to delete the specified certificate", - "access_level": "Write", - "resource_types": { - "Certificate": { - "resource_type": "Certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteCertificate.html" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete the specified connection between a replication instance and an endpoint", - "access_level": "Write", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteConnection.html" - }, - "DeleteDataMigration": { - "privilege": "DeleteDataMigration", - "description": "Grants permission to delete the specified database migration", - "access_level": "Write", - "resource_types": { - "DataMigration": { - "resource_type": "DataMigration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DeleteDataProvider": { - "privilege": "DeleteDataProvider", - "description": "Grants permission to delete the specified data provider", - "access_level": "Write", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DeleteEndpoint": { - "privilege": "DeleteEndpoint", - "description": "Grants permission to delete the specified endpoint", - "access_level": "Write", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteEndpoint.html" - }, - "DeleteEventSubscription": { - "privilege": "DeleteEventSubscription", - "description": "Grants permission to delete an AWS DMS event subscription", - "access_level": "Write", - "resource_types": { - "EventSubscription": { - "resource_type": "EventSubscription", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteEventSubscription.html" - }, - "DeleteFleetAdvisorCollector": { - "privilege": "DeleteFleetAdvisorCollector", - "description": "Grants permission to delete the specified Fleet Advisor collector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteFleetAdvisorCollector.html" - }, - "DeleteFleetAdvisorDatabases": { - "privilege": "DeleteFleetAdvisorDatabases", - "description": "Grants permission to delete the specified Fleet Advisor databases", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteFleetAdvisorDatabases.html" - }, - "DeleteInstanceProfile": { - "privilege": "DeleteInstanceProfile", - "description": "Grants permission to delete the specified instance profile", - "access_level": "Write", - "resource_types": { - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DeleteMigrationProject": { - "privilege": "DeleteMigrationProject", - "description": "Grants permission to delete the specified migration project", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DeleteReplicationConfig": { - "privilege": "DeleteReplicationConfig", - "description": "Grants permission to delete the specified replication config", - "access_level": "Write", - "resource_types": { - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DeleteReplicationInstance": { - "privilege": "DeleteReplicationInstance", - "description": "Grants permission to delete the specified replication instance", - "access_level": "Write", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationInstance.html" - }, - "DeleteReplicationSubnetGroup": { - "privilege": "DeleteReplicationSubnetGroup", - "description": "Grants permission to deletes a subnet group", - "access_level": "Write", - "resource_types": { - "ReplicationSubnetGroup": { - "resource_type": "ReplicationSubnetGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationSubnetGroup.html" - }, - "DeleteReplicationTask": { - "privilege": "DeleteReplicationTask", - "description": "Grants permission to delete the specified replication task", - "access_level": "Write", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationTask.html" - }, - "DeleteReplicationTaskAssessmentRun": { - "privilege": "DeleteReplicationTaskAssessmentRun", - "description": "Grants permission to delete the record of a single premigration assessment run", - "access_level": "Write", - "resource_types": { - "ReplicationTaskAssessmentRun": { - "resource_type": "ReplicationTaskAssessmentRun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationTaskAssessmentRun.html" - }, - "DescribeAccountAttributes": { - "privilege": "DescribeAccountAttributes", - "description": "Grants permission to list all of the AWS DMS attributes for a customer account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeAccountAttributes.html" - }, - "DescribeApplicableIndividualAssessments": { - "privilege": "DescribeApplicableIndividualAssessments", - "description": "Grants permission to list individual assessments that you can specify for a new premigration assessment run", - "access_level": "Read", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeApplicableIndividualAssessments.html" - }, - "DescribeCertificates": { - "privilege": "DescribeCertificates", - "description": "Grants permission to provide a description of the certificate", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeCertificates.html" - }, - "DescribeConnections": { - "privilege": "DescribeConnections", - "description": "Grants permission to describe the status of the connections that have been made between the replication instance and an endpoint", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeConnections.html" - }, - "DescribeConversionConfiguration": { - "privilege": "DescribeConversionConfiguration", - "description": "Grants permission to return information about DMS Schema Conversion project configuration", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DescribeDataMigrations": { - "privilege": "DescribeDataMigrations", - "description": "Grants permission to return information about database migrations for your account in the specified region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DescribeDataProviders": { - "privilege": "DescribeDataProviders", - "description": "Grants permission to list the AWS DMS attributes for a data providers. Note. This action should be added along with ListDataProviders, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:ListDataProviders" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeEndpointSettings": { - "privilege": "DescribeEndpointSettings", - "description": "Grants permission to return the possible endpoint settings available when you create an endpoint for a specific database engine", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEndpointSettings.html" - }, - "DescribeEndpointTypes": { - "privilege": "DescribeEndpointTypes", - "description": "Grants permission to return information about the type of endpoints available", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEndpointTypes.html" - }, - "DescribeEndpoints": { - "privilege": "DescribeEndpoints", - "description": "Grants permission to return information about the endpoints for your account in the current region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEndpoints.html" - }, - "DescribeEventCategories": { - "privilege": "DescribeEventCategories", - "description": "Grants permission to list categories for all event source types, or, if specified, for a specified source type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEventCategories.html" - }, - "DescribeEventSubscriptions": { - "privilege": "DescribeEventSubscriptions", - "description": "Grants permission to list all the event subscriptions for a customer account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEventSubscriptions.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to list events for a given source identifier and source type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEvents.html" - }, - "DescribeExtensionPackAssociations": { - "privilege": "DescribeExtensionPackAssociations", - "description": "Grants permission to list the AWS DMS attributes for extension packs. Note. This action should be added along with ListExtensionPacks, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ListExtensionPacks" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeFleetAdvisorCollectors": { - "privilege": "DescribeFleetAdvisorCollectors", - "description": "Grants permission to return a paginated list of Fleet Advisor collectors in your account based on filter settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorCollectors.html" - }, - "DescribeFleetAdvisorDatabases": { - "privilege": "DescribeFleetAdvisorDatabases", - "description": "Grants permission to return a paginated list of Fleet Advisor databases in your account based on filter settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorDatabases.html" - }, - "DescribeFleetAdvisorLsaAnalysis": { - "privilege": "DescribeFleetAdvisorLsaAnalysis", - "description": "Grants permission to return a paginated list of descriptions of large-scale assessment (LSA) analyses produced by your Fleet Advisor collectors", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorLsaAnalysis.html" - }, - "DescribeFleetAdvisorSchemaObjectSummary": { - "privilege": "DescribeFleetAdvisorSchemaObjectSummary", - "description": "Grants permission to return a paginated list of descriptions of schemas discovered by your Fleet Advisor collectors based on filter settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorSchemaObjectSummary.html" - }, - "DescribeFleetAdvisorSchemas": { - "privilege": "DescribeFleetAdvisorSchemas", - "description": "Grants permission to return a paginated list of schemas discovered by your Fleet Advisor collectors based on filter settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorSchemas.html" - }, - "DescribeInstanceProfiles": { - "privilege": "DescribeInstanceProfiles", - "description": "Grants permission to list the AWS DMS attributes for a instance profiles. Note. This action should be added along with ListInstanceProfiles, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:ListInstanceProfiles" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeMetadataModelAssessments": { - "privilege": "DescribeMetadataModelAssessments", - "description": "Grants permission to list the AWS DMS attributes for metadata model assessments. Note. This action should be added along with ListMetadataModelAssessments, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ListMetadataModelAssessments" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeMetadataModelConversions": { - "privilege": "DescribeMetadataModelConversions", - "description": "Grants permission to list the AWS DMS attributes for a metadata model conversions. Note. This action should be added along with ListMetadataModelConversions, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ListMetadataModelConversions" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeMetadataModelExportsAsScript": { - "privilege": "DescribeMetadataModelExportsAsScript", - "description": "Grants permission to list the AWS DMS attributes for a metadata model exports. Note. This action should be added along with ListMetadataModelExports, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ListMetadataModelExports" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeMetadataModelExportsToTarget": { - "privilege": "DescribeMetadataModelExportsToTarget", - "description": "Grants permission to list the AWS DMS attributes for a metadata model exports. Note. This action should be added along with ListMetadataModelExports, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ListMetadataModelExports" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeMetadataModelImports": { - "privilege": "DescribeMetadataModelImports", - "description": "Grants permission to return information about start metadata model import operations for a migration project", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DescribeMigrationProjects": { - "privilege": "DescribeMigrationProjects", - "description": "Grants permission to list the AWS DMS attributes for a migration projects. Note. This action should be added along with ListMigrationProjects, but does not currently authorize the described Schema Conversion operation", - "access_level": "Read", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:ListMigrationProjects" - ] - }, - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "Welcome.html" - }, - "DescribeOrderableReplicationInstances": { - "privilege": "DescribeOrderableReplicationInstances", - "description": "Grants permission to return information about the replication instance types that can be created in the specified region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeOrderableReplicationInstances.html" - }, - "DescribePendingMaintenanceActions": { - "privilege": "DescribePendingMaintenanceActions", - "description": "Grants permission to return information about pending maintenance actions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribePendingMaintenanceActions.html" - }, - "DescribeRecommendationLimitations": { - "privilege": "DescribeRecommendationLimitations", - "description": "Grants permission to return a paginated list of descriptions of limitations for recommendations of target AWS engines", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorLsaAnalysis.html" - }, - "DescribeRecommendations": { - "privilege": "DescribeRecommendations", - "description": "Grants permission to return a paginated list of descriptions of target engine recommendations for your source databases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeRecommendations.html" - }, - "DescribeRefreshSchemasStatus": { - "privilege": "DescribeRefreshSchemasStatus", - "description": "Grants permission to returns the status of the RefreshSchemas operation", - "access_level": "Read", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeRefreshSchemasStatus.html" - }, - "DescribeReplicationConfigs": { - "privilege": "DescribeReplicationConfigs", - "description": "Grants permission to describe replication configs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DescribeReplicationInstanceTaskLogs": { - "privilege": "DescribeReplicationInstanceTaskLogs", - "description": "Grants permission to return information about the task logs for the specified task", - "access_level": "Read", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationInstanceTaskLogs.html" - }, - "DescribeReplicationInstances": { - "privilege": "DescribeReplicationInstances", - "description": "Grants permission to return information about replication instances for your account in the current region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationInstances.html" - }, - "DescribeReplicationSubnetGroups": { - "privilege": "DescribeReplicationSubnetGroups", - "description": "Grants permission to return information about the replication subnet groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationSubnetGroups.html" - }, - "DescribeReplicationTableStatistics": { - "privilege": "DescribeReplicationTableStatistics", - "description": "Grants permission to describe replication table statistics", - "access_level": "Read", - "resource_types": { - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DescribeReplicationTaskAssessmentResults": { - "privilege": "DescribeReplicationTaskAssessmentResults", - "description": "Grants permission to return the latest task assessment results from Amazon S3", - "access_level": "Read", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTaskAssessmentResults.html" - }, - "DescribeReplicationTaskAssessmentRuns": { - "privilege": "DescribeReplicationTaskAssessmentRuns", - "description": "Grants permission to return a paginated list of premigration assessment runs based on filter settings", - "access_level": "Read", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTaskAssessmentRun": { - "resource_type": "ReplicationTaskAssessmentRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTaskAssessmentRuns.html" - }, - "DescribeReplicationTaskIndividualAssessments": { - "privilege": "DescribeReplicationTaskIndividualAssessments", - "description": "Grants permission to return a paginated list of individual assessments based on filter settings", - "access_level": "Read", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTaskAssessmentRun": { - "resource_type": "ReplicationTaskAssessmentRun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTaskIndividualAssessments.html" - }, - "DescribeReplicationTasks": { - "privilege": "DescribeReplicationTasks", - "description": "Grants permission to return information about replication tasks for your account in the current region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTasks.html" - }, - "DescribeReplications": { - "privilege": "DescribeReplications", - "description": "Grants permission to describe replications", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "DescribeSchemas": { - "privilege": "DescribeSchemas", - "description": "Grants permission to return information about the schema for the specified endpoint", - "access_level": "Read", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeSchemas.html" - }, - "DescribeTableStatistics": { - "privilege": "DescribeTableStatistics", - "description": "Grants permission to return table statistics on the database migration task, including table name, rows inserted, rows updated, and rows deleted", - "access_level": "Read", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeTableStatistics.html" - }, - "DisassociateExtensionPack": { - "privilege": "DisassociateExtensionPack", - "description": "Grants permission to disassociate a extension pack", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ExportMetadataModelAssessment": { - "privilege": "ExportMetadataModelAssessment", - "description": "Grants permission to export the specified metadata model assessment", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "GetMetadataModel": { - "privilege": "GetMetadataModel", - "description": "Grants permission to list all of the AWS DMS attributes for a metadata model", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ImportCertificate": { - "privilege": "ImportCertificate", - "description": "Grants permission to upload the specified certificate", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ImportCertificate.html" - }, - "ListDataProviders": { - "privilege": "ListDataProviders", - "description": "Grants permission to list the AWS DMS attributes for a data providers", - "access_level": "Read", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:DescribeDataProviders" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListExtensionPacks": { - "privilege": "ListExtensionPacks", - "description": "Grants permission to list the AWS DMS attributes for a extension packs", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:DescribeExtensionPackAssociations" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListInstanceProfiles": { - "privilege": "ListInstanceProfiles", - "description": "Grants permission to list the AWS DMS attributes for a instance profiles", - "access_level": "Read", - "resource_types": { - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:DescribeInstanceProfiles" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListMetadataModelAssessmentActionItems": { - "privilege": "ListMetadataModelAssessmentActionItems", - "description": "Grants permission to list the AWS DMS attributes for a metadata model assessment action items", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListMetadataModelAssessments": { - "privilege": "ListMetadataModelAssessments", - "description": "Grants permission to list the AWS DMS attributes for a metadata model assessments", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:DescribeMetadataModelAssessments" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListMetadataModelConversions": { - "privilege": "ListMetadataModelConversions", - "description": "Grants permission to list the AWS DMS attributes for a metadata model conversions", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:DescribeMetadataModelConversions" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListMetadataModelExports": { - "privilege": "ListMetadataModelExports", - "description": "Grants permission to list the AWS DMS attributes for a metadata model exports", - "access_level": "Read", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:DescribeMetadataModelExportsAsScript", - "dms:DescribeMetadataModelExportsToTarget" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListMigrationProjects": { - "privilege": "ListMigrationProjects", - "description": "Grants permission to list the AWS DMS attributes for a migration projects", - "access_level": "Read", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "dms:DescribeMigrationProjects" - ] - }, - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for an AWS DMS resource", - "access_level": "Read", - "resource_types": { - "Certificate": { - "resource_type": "Certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataMigration": { - "resource_type": "DataMigration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataProvider": { - "resource_type": "DataProvider", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Endpoint": { - "resource_type": "Endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "EventSubscription": { - "resource_type": "EventSubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationSubnetGroup": { - "resource_type": "ReplicationSubnetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ListTagsForResource.html" - }, - "ModifyConversionConfiguration": { - "privilege": "ModifyConversionConfiguration", - "description": "Grants permission to update a conversion configuration. Note. This action should be added along with UpdateConversionConfiguration, but does not currently authorize the described Schema Conversion operation", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:UpdateConversionConfiguration" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "ModifyDataMigration": { - "privilege": "ModifyDataMigration", - "description": "Grants permission to modify the specified database migration", - "access_level": "Write", - "resource_types": { - "DataMigration": { - "resource_type": "DataMigration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ModifyDataProvider": { - "privilege": "ModifyDataProvider", - "description": "Grants permission to modify the specified data provider. Note. This action should be added along with UpdateDataProvider, but does not currently authorize the described Schema Conversion operation", - "access_level": "Write", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:UpdateDataProvider" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "ModifyEndpoint": { - "privilege": "ModifyEndpoint", - "description": "Grants permission to modify the specified endpoint", - "access_level": "Write", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Certificate": { - "resource_type": "Certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyEndpoint.html" - }, - "ModifyEventSubscription": { - "privilege": "ModifyEventSubscription", - "description": "Grants permission to modify an existing AWS DMS event notification subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyEventSubscription.html" - }, - "ModifyFleetAdvisorCollector": { - "privilege": "ModifyFleetAdvisorCollector", - "description": "Grants permission to modify the name and description of the specified Fleet Advisor collector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ModifyFleetAdvisorCollectorStatuses": { - "privilege": "ModifyFleetAdvisorCollectorStatuses", - "description": "Grants permission to modify the status of the specified Fleet Advisor collector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ModifyInstanceProfile": { - "privilege": "ModifyInstanceProfile", - "description": "Grants permission to modify the specified instance profile. Note. This action should be added along with UpdateInstanceProfile, but does not currently authorize the described Schema Conversion operation", - "access_level": "Write", - "resource_types": { - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:UpdateInstanceProfile" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "ModifyMigrationProject": { - "privilege": "ModifyMigrationProject", - "description": "Grants permission to modify the specified migration project. Note. This action should be added along with UpdateMigrationProject, but does not currently authorize the described Schema Conversion operation", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:UpdateMigrationProject" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "ModifyReplicationConfig": { - "privilege": "ModifyReplicationConfig", - "description": "Grants permission to modify the specified replication config", - "access_level": "Write", - "resource_types": { - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ModifyReplicationInstance": { - "privilege": "ModifyReplicationInstance", - "description": "Grants permission to modify the replication instance to apply new settings", - "access_level": "Write", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationInstance.html" - }, - "ModifyReplicationSubnetGroup": { - "privilege": "ModifyReplicationSubnetGroup", - "description": "Grants permission to modify the settings for the specified replication subnet group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationSubnetGroup.html" - }, - "ModifyReplicationTask": { - "privilege": "ModifyReplicationTask", - "description": "Grants permission to modify the specified replication task", - "access_level": "Write", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html" - }, - "MoveReplicationTask": { - "privilege": "MoveReplicationTask", - "description": "Grants permission to move the specified replication task to a different replication instance", - "access_level": "Write", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_MoveReplicationTask.html" - }, - "RebootReplicationInstance": { - "privilege": "RebootReplicationInstance", - "description": "Grants permission to reboot a replication instance. Rebooting results in a momentary outage, until the replication instance becomes available again", - "access_level": "Write", - "resource_types": { - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RebootReplicationInstance.html" - }, - "RefreshSchemas": { - "privilege": "RefreshSchemas", - "description": "Grants permission to populate the schema for the specified endpoint", - "access_level": "Write", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RefreshSchemas.html" - }, - "ReloadReplicationTables": { - "privilege": "ReloadReplicationTables", - "description": "Grants permission to reload the target database table with the source for a replication", - "access_level": "Write", - "resource_types": { - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "ReloadTables": { - "privilege": "ReloadTables", - "description": "Grants permission to reload the target database table with the source data", - "access_level": "Write", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ReloadTables.html" - }, - "RemoveTagsFromResource": { - "privilege": "RemoveTagsFromResource", - "description": "Grants permission to remove metadata tags from a DMS resource", - "access_level": "Tagging", - "resource_types": { - "Certificate": { - "resource_type": "Certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataMigration": { - "resource_type": "DataMigration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataProvider": { - "resource_type": "DataProvider", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Endpoint": { - "resource_type": "Endpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "EventSubscription": { - "resource_type": "EventSubscription", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MigrationProject": { - "resource_type": "MigrationProject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationSubnetGroup": { - "resource_type": "ReplicationSubnetGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RemoveTagsFromResource.html" - }, - "RunFleetAdvisorLsaAnalysis": { - "privilege": "RunFleetAdvisorLsaAnalysis", - "description": "Grants permission to run a large-scale assessment (LSA) analysis on every Fleet Advisor collector in your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RunFleetAdvisorLsaAnalysis.html" - }, - "StartDataMigration": { - "privilege": "StartDataMigration", - "description": "Grants permission to start the database migration", - "access_level": "Write", - "resource_types": { - "DataMigration": { - "resource_type": "DataMigration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StartExtensionPackAssociation": { - "privilege": "StartExtensionPackAssociation", - "description": "Grants permission to associate an extension pack. Note. This action should be added along with AssociateExtensionPack, but does not currently authorize the described Schema Conversion operation", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:AssociateExtensionPack" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "StartMetadataModelAssessment": { - "privilege": "StartMetadataModelAssessment", - "description": "Grants permission to start a new assessment of metadata model", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StartMetadataModelConversion": { - "privilege": "StartMetadataModelConversion", - "description": "Grants permission to start a new conversion of metadata model", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StartMetadataModelExportAsScript": { - "privilege": "StartMetadataModelExportAsScript", - "description": "Grants permission to start a new export of metadata model as script. Note. This action should be added along with StartMetadataModelExportAsScripts, but does not currently authorize the described Schema Conversion operation", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:StartMetadataModelExportAsScripts" - ] - } - }, - "api_documentation_link": "Welcome.html" - }, - "StartMetadataModelExportAsScripts": { - "privilege": "StartMetadataModelExportAsScripts", - "description": "Grants permission to start a new export of metadata model as script", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:StartMetadataModelExportAsScript" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StartMetadataModelExportToTarget": { - "privilege": "StartMetadataModelExportToTarget", - "description": "Grants permission to start a new export of metadata model to target", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StartMetadataModelImport": { - "privilege": "StartMetadataModelImport", - "description": "Grants permission to start a new import of metadata model", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StartRecommendations": { - "privilege": "StartRecommendations", - "description": "Grants permission to start the analysis of your source database to provide recommendations of target engines", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartRecommendations.html" - }, - "StartReplication": { - "privilege": "StartReplication", - "description": "Grants permission to start a replication", - "access_level": "Write", - "resource_types": { - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StartReplicationTask": { - "privilege": "StartReplicationTask", - "description": "Grants permission to start the replication task", - "access_level": "Write", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html" - }, - "StartReplicationTaskAssessment": { - "privilege": "StartReplicationTaskAssessment", - "description": "Grants permission to start the replication task assessment for unsupported data types in the source database", - "access_level": "Write", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTaskAssessment.html" - }, - "StartReplicationTaskAssessmentRun": { - "privilege": "StartReplicationTaskAssessmentRun", - "description": "Grants permission to start a new premigration assessment run for one or more individual assessments of a migration task", - "access_level": "Write", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTaskAssessmentRun.html" - }, - "StopDataMigration": { - "privilege": "StopDataMigration", - "description": "Grants permission to stop the database migration", - "access_level": "Write", - "resource_types": { - "DataMigration": { - "resource_type": "DataMigration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StopReplication": { - "privilege": "StopReplication", - "description": "Grants permission to stop a replication", - "access_level": "Write", - "resource_types": { - "ReplicationConfig": { - "resource_type": "ReplicationConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "StopReplicationTask": { - "privilege": "StopReplicationTask", - "description": "Grants permission to stop the replication task", - "access_level": "Write", - "resource_types": { - "ReplicationTask": { - "resource_type": "ReplicationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StopReplicationTask.html" - }, - "TestConnection": { - "privilege": "TestConnection", - "description": "Grants permission to test the connection between the replication instance and the endpoint", - "access_level": "Read", - "resource_types": { - "Endpoint": { - "resource_type": "Endpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationInstance": { - "resource_type": "ReplicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_TestConnection.html" - }, - "UpdateConversionConfiguration": { - "privilege": "UpdateConversionConfiguration", - "description": "Grants permission to update a conversion configuration", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ModifyConversionConfiguration" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "UpdateDataProvider": { - "privilege": "UpdateDataProvider", - "description": "Grants permission to update the specified data provider", - "access_level": "Write", - "resource_types": { - "DataProvider": { - "resource_type": "DataProvider", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ModifyDataProvider" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "UpdateInstanceProfile": { - "privilege": "UpdateInstanceProfile", - "description": "Grants permission to update the specified instance profile", - "access_level": "Write", - "resource_types": { - "InstanceProfile": { - "resource_type": "InstanceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ModifyInstanceProfile" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "UpdateMigrationProject": { - "privilege": "UpdateMigrationProject", - "description": "Grants permission to update the specified migration project", - "access_level": "Write", - "resource_types": { - "MigrationProject": { - "resource_type": "MigrationProject", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dms:ModifyMigrationProject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - }, - "UpdateSubscriptionsToEventBridge": { - "privilege": "UpdateSubscriptionsToEventBridge", - "description": "Grants permission to migrate DMS subcriptions to Eventbridge", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_UpdateSubscriptionsToEventBridge.html" - }, - "UploadFileMetadataList": { - "privilege": "UploadFileMetadataList", - "description": "Grants permission to upload files to your Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" - } - }, - "resources": { - "Certificate": { - "resource": "Certificate", - "arn": "arn:${Partition}:dms:${Region}:${Account}:cert:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:cert-tag/${TagKey}" - ] - }, - "DataProvider": { - "resource": "DataProvider", - "arn": "arn:${Partition}:dms:${Region}:${Account}:data-provider:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:data-provider-tag/${TagKey}" - ] - }, - "DataMigration": { - "resource": "DataMigration", - "arn": "arn:${Partition}:dms:${Region}:${Account}:data-migration:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:data-migration-tag/${TagKey}" - ] - }, - "Endpoint": { - "resource": "Endpoint", - "arn": "arn:${Partition}:dms:${Region}:${Account}:endpoint:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:endpoint-tag/${TagKey}" - ] - }, - "EventSubscription": { - "resource": "EventSubscription", - "arn": "arn:${Partition}:dms:${Region}:${Account}:es:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:es-tag/${TagKey}" - ] - }, - "InstanceProfile": { - "resource": "InstanceProfile", - "arn": "arn:${Partition}:dms:${Region}:${Account}:instance-profile:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:instance-profile-tag/${TagKey}" - ] - }, - "MigrationProject": { - "resource": "MigrationProject", - "arn": "arn:${Partition}:dms:${Region}:${Account}:migration-project:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:migration-project-tag/${TagKey}" - ] - }, - "ReplicationConfig": { - "resource": "ReplicationConfig", - "arn": "arn:${Partition}:dms:${Region}:${Account}:replication-config:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:replication-config-tag/${TagKey}" - ] - }, - "ReplicationInstance": { - "resource": "ReplicationInstance", - "arn": "arn:${Partition}:dms:${Region}:${Account}:rep:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:rep-tag/${TagKey}" - ] - }, - "ReplicationSubnetGroup": { - "resource": "ReplicationSubnetGroup", - "arn": "arn:${Partition}:dms:${Region}:${Account}:subgrp:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:subgrp-tag/${TagKey}" - ] - }, - "ReplicationTask": { - "resource": "ReplicationTask", - "arn": "arn:${Partition}:dms:${Region}:${Account}:task:*", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "dms:task-tag/${TagKey}" - ] - }, - "ReplicationTaskAssessmentRun": { - "resource": "ReplicationTaskAssessmentRun", - "arn": "arn:${Partition}:dms:${Region}:${Account}:assessment-run:*", - "condition_keys": [] - }, - "ReplicationTaskIndividualAssessment": { - "resource": "ReplicationTaskIndividualAssessment", - "arn": "arn:${Partition}:dms:${Region}:${Account}:individual-assessment:*", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "dms:cert-tag/${TagKey}": { - "condition": "dms:cert-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for Certificate", - "type": "String" - }, - "dms:data-migration-tag/${TagKey}": { - "condition": "dms:data-migration-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for DataMigration", - "type": "String" - }, - "dms:data-provider-tag/${TagKey}": { - "condition": "dms:data-provider-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for DataProvider", - "type": "String" - }, - "dms:endpoint-tag/${TagKey}": { - "condition": "dms:endpoint-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for Endpoint", - "type": "String" - }, - "dms:es-tag/${TagKey}": { - "condition": "dms:es-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for EventSubscription", - "type": "String" - }, - "dms:instance-profile-tag/${TagKey}": { - "condition": "dms:instance-profile-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for InstanceProfile", - "type": "String" - }, - "dms:migration-project-tag/${TagKey}": { - "condition": "dms:migration-project-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for MigrationProject", - "type": "String" - }, - "dms:rep-tag/${TagKey}": { - "condition": "dms:rep-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationInstance", - "type": "String" - }, - "dms:replication-config-tag/${TagKey}": { - "condition": "dms:replication-config-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationConfig", - "type": "String" - }, - "dms:req-tag/${TagKey}": { - "condition": "dms:req-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the given request", - "type": "String" - }, - "dms:subgrp-tag/${TagKey}": { - "condition": "dms:subgrp-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationSubnetGroup", - "type": "String" - }, - "dms:task-tag/${TagKey}": { - "condition": "dms:task-tag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationTask", - "type": "String" - } - } - }, - "dataexchange": { - "service_name": "AWS Data Exchange", - "prefix": "dataexchange", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdataexchange.html", - "privileges": { - "CancelJob": { - "privilege": "CancelJob", - "description": "Grants permission to cancel a job", - "access_level": "Write", - "resource_types": { - "jobs": { - "resource_type": "jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CancelJob.html" - }, - "CreateAsset": { - "privilege": "CreateAsset", - "description": "Grants permission to create an asset (for example, in a Job)", - "access_level": "Write", - "resource_types": { - "revisions": { - "resource_type": "revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/userguide/api-permissions-ref.html" - }, - "CreateDataSet": { - "privilege": "CreateDataSet", - "description": "Grants permission to create a data set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateDataSet.html" - }, - "CreateEventAction": { - "privilege": "CreateEventAction", - "description": "Grants permission to create an event action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateEventAction.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Grants permission to create a job to import or export assets", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateJob.html" - }, - "CreateRevision": { - "privilege": "CreateRevision", - "description": "Grants permission to create a revision", - "access_level": "Write", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateRevision.html" - }, - "DeleteAsset": { - "privilege": "DeleteAsset", - "description": "Grants permission to delete an asset", - "access_level": "Write", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteAsset.html" - }, - "DeleteDataSet": { - "privilege": "DeleteDataSet", - "description": "Grants permission to delete a data set", - "access_level": "Write", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteDataSet.html" - }, - "DeleteEventAction": { - "privilege": "DeleteEventAction", - "description": "Grants permission to delete an event action", - "access_level": "Write", - "resource_types": { - "event-actions": { - "resource_type": "event-actions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteEventAction.html" - }, - "DeleteRevision": { - "privilege": "DeleteRevision", - "description": "Grants permission to delete a revision", - "access_level": "Write", - "resource_types": { - "revisions": { - "resource_type": "revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteRevision.html" - }, - "GetAsset": { - "privilege": "GetAsset", - "description": "Grants permission to get information about an asset and to export it (for example, in a Job)", - "access_level": "Read", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entitled-assets": { - "resource_type": "entitled-assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetAsset.html" - }, - "GetDataSet": { - "privilege": "GetDataSet", - "description": "Grants permission to get information about a data set", - "access_level": "Read", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entitled-data-sets": { - "resource_type": "entitled-data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetDataSet.html" - }, - "GetEventAction": { - "privilege": "GetEventAction", - "description": "Grants permission to get an event action", - "access_level": "Read", - "resource_types": { - "event-actions": { - "resource_type": "event-actions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetEventAction.html" - }, - "GetJob": { - "privilege": "GetJob", - "description": "Grants permission to get information about a job", - "access_level": "Read", - "resource_types": { - "jobs": { - "resource_type": "jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetJob.html" - }, - "GetRevision": { - "privilege": "GetRevision", - "description": "Grants permission to get information about a revision", - "access_level": "Read", - "resource_types": { - "entitled-revisions": { - "resource_type": "entitled-revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "revisions": { - "resource_type": "revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetRevision.html" - }, - "ListDataSetRevisions": { - "privilege": "ListDataSetRevisions", - "description": "Grants permission to list the revisions of a data set", - "access_level": "List", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entitled-data-sets": { - "resource_type": "entitled-data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListDataSetRevisions.html" - }, - "ListDataSets": { - "privilege": "ListDataSets", - "description": "Grants permission to list data sets for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListDataSets.html" - }, - "ListEventActions": { - "privilege": "ListEventActions", - "description": "Grants permission to list event actions for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListEventActions.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list jobs for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListJobs.html" - }, - "ListRevisionAssets": { - "privilege": "ListRevisionAssets", - "description": "Grants permission to get list the assets of a revision", - "access_level": "List", - "resource_types": { - "entitled-revisions": { - "resource_type": "entitled-revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "revisions": { - "resource_type": "revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListRevisionAssets.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags that you associated with the specified resource", - "access_level": "List", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "revisions": { - "resource_type": "revisions", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListTagsForResource.html" - }, - "PublishDataSet": { - "privilege": "PublishDataSet", - "description": "Grants permission to publish a data set", - "access_level": "Write", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/userguide/api-permissions-ref.html" - }, - "RevokeRevision": { - "privilege": "RevokeRevision", - "description": "Grants permission to revoke subscriber access to a revision", - "access_level": "Write", - "resource_types": { - "revisions": { - "resource_type": "revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_RevokeRevision.html" - }, - "SendApiAsset": { - "privilege": "SendApiAsset", - "description": "Grants permission to send a request to an API asset", - "access_level": "Write", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "entitled-assets": { - "resource_type": "entitled-assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_SendApiAsset.html" - }, - "StartJob": { - "privilege": "StartJob", - "description": "Grants permission to start a job", - "access_level": "Write", - "resource_types": { - "jobs": { - "resource_type": "jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dataexchange:CreateAsset" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_StartJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a specified resource", - "access_level": "Tagging", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "revisions": { - "resource_type": "revisions", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a specified resource", - "access_level": "Tagging", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "revisions": { - "resource_type": "revisions", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UntagResource.html" - }, - "UpdateAsset": { - "privilege": "UpdateAsset", - "description": "Grants permission to get update information about an asset", - "access_level": "Write", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateAsset.html" - }, - "UpdateDataSet": { - "privilege": "UpdateDataSet", - "description": "Grants permission to update information about a data set", - "access_level": "Write", - "resource_types": { - "data-sets": { - "resource_type": "data-sets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateDataSet.html" - }, - "UpdateEventAction": { - "privilege": "UpdateEventAction", - "description": "Grants permission to update information for an event action", - "access_level": "Write", - "resource_types": { - "event-actions": { - "resource_type": "event-actions", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateEventAction.html" - }, - "UpdateRevision": { - "privilege": "UpdateRevision", - "description": "Grants permission to update information about a revision", - "access_level": "Write", - "resource_types": { - "revisions": { - "resource_type": "revisions", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "dataexchange:PublishDataSet" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateRevision.html" - } - }, - "resources": { - "jobs": { - "resource": "jobs", - "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:jobs/${JobId}", - "condition_keys": [ - "dataexchange:JobType" - ] - }, - "data-sets": { - "resource": "data-sets", - "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:data-sets/${DataSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "entitled-data-sets": { - "resource": "entitled-data-sets", - "arn": "arn:${Partition}:dataexchange:${Region}::data-sets/${DataSetId}", - "condition_keys": [] - }, - "revisions": { - "resource": "revisions", - "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:data-sets/${DataSetId}/revisions/${RevisionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "entitled-revisions": { - "resource": "entitled-revisions", - "arn": "arn:${Partition}:dataexchange:${Region}::data-sets/${DataSetId}/revisions/${RevisionId}", - "condition_keys": [] - }, - "assets": { - "resource": "assets", - "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:data-sets/${DataSetId}/revisions/${RevisionId}/assets/${AssetId}", - "condition_keys": [] - }, - "entitled-assets": { - "resource": "entitled-assets", - "arn": "arn:${Partition}:dataexchange:${Region}::data-sets/${DataSetId}/revisions/${RevisionId}/assets/${AssetId}", - "condition_keys": [] - }, - "event-actions": { - "resource": "event-actions", - "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:event-actions/${EventActionId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the mandatory tags in the create request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the create request", - "type": "ArrayOfString" - }, - "dataexchange:JobType": { - "condition": "dataexchange:JobType", - "description": "Filters access by the specified job type", - "type": "String" - } - } - }, - "datapipeline": { - "service_name": "AWS Data Pipeline", - "prefix": "datapipeline", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatapipeline.html", - "privileges": { - "ActivatePipeline": { - "privilege": "ActivatePipeline", - "description": "Validates the specified pipeline and starts processing pipeline tasks. If the pipeline does not pass validation, activation fails.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag", - "datapipeline:workerGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ActivatePipeline.html" - }, - "AddTags": { - "privilege": "AddTags", - "description": "Adds or modifies tags for the specified pipeline.", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_AddTags.html" - }, - "CreatePipeline": { - "privilege": "CreatePipeline", - "description": "Creates a new, empty pipeline.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_CreatePipeline.html" - }, - "DeactivatePipeline": { - "privilege": "DeactivatePipeline", - "description": "Deactivates the specified running pipeline.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag", - "datapipeline:workerGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DeactivatePipeline.html" - }, - "DeletePipeline": { - "privilege": "DeletePipeline", - "description": "Deletes a pipeline, its pipeline definition, and its run history.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DeletePipeline.html" - }, - "DescribeObjects": { - "privilege": "DescribeObjects", - "description": "Gets the object definitions for a set of objects associated with the pipeline.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DescribeObjects.html" - }, - "DescribePipelines": { - "privilege": "DescribePipelines", - "description": "Retrieves metadata about one or more pipelines.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DescribePipelines.html" - }, - "EvaluateExpression": { - "privilege": "EvaluateExpression", - "description": "Task runners call EvaluateExpression to evaluate a string in the context of the specified object.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_EvaluateExpression.html" - }, - "GetAccountLimits": { - "privilege": "GetAccountLimits", - "description": "Description for GetAccountLimits", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_GetAccountLimits.html" - }, - "GetPipelineDefinition": { - "privilege": "GetPipelineDefinition", - "description": "Gets the definition of the specified pipeline.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag", - "datapipeline:workerGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_GetPipelineDefinition.html" - }, - "ListPipelines": { - "privilege": "ListPipelines", - "description": "Lists the pipeline identifiers for all active pipelines that you have permission to access.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ListPipelines.html" - }, - "PollForTask": { - "privilege": "PollForTask", - "description": "Task runners call PollForTask to receive a task to perform from AWS Data Pipeline.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:workerGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PollForTask.html" - }, - "PutAccountLimits": { - "privilege": "PutAccountLimits", - "description": "Description for PutAccountLimits", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutAccountLimits.html" - }, - "PutPipelineDefinition": { - "privilege": "PutPipelineDefinition", - "description": "Adds tasks, schedules, and preconditions to the specified pipeline.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag", - "datapipeline:workerGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutPipelineDefinition.html" - }, - "QueryObjects": { - "privilege": "QueryObjects", - "description": "Queries the specified pipeline for the names of objects that match the specified set of conditions.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_QueryObjects.html" - }, - "RemoveTags": { - "privilege": "RemoveTags", - "description": "Removes existing tags from the specified pipeline.", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_RemoveTags.html" - }, - "ReportTaskProgress": { - "privilege": "ReportTaskProgress", - "description": "Task runners call ReportTaskProgress when assigned a task to acknowledge that it has the task.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ReportTaskProgress.html" - }, - "ReportTaskRunnerHeartbeat": { - "privilege": "ReportTaskRunnerHeartbeat", - "description": "Task runners call ReportTaskRunnerHeartbeat every 15 minutes to indicate that they are operational.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ReportTaskRunnerHeartbeat.html" - }, - "SetStatus": { - "privilege": "SetStatus", - "description": "Requests that the status of the specified physical or logical pipeline objects be updated in the specified pipeline.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_SetStatus.html" - }, - "SetTaskStatus": { - "privilege": "SetTaskStatus", - "description": "Task runners call SetTaskStatus to notify AWS Data Pipeline that a task is completed and provide information about the final status.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_SetTaskStatus.html" - }, - "ValidatePipelineDefinition": { - "privilege": "ValidatePipelineDefinition", - "description": "Validates the specified pipeline definition to ensure that it is well formed and can be run without error.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "datapipeline:PipelineCreator", - "datapipeline:Tag", - "datapipeline:workerGroup" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ValidatePipelineDefinition.html" - } - }, - "resources": { - "pipeline": { - "resource": "pipeline", - "arn": "arn:${Partition}:datapipeline:${Region}:${Account}:pipeline/${PipelineId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "datapipeline:PipelineCreator": { - "condition": "datapipeline:PipelineCreator", - "description": "The IAM user that created the pipeline.", - "type": "ARN" - }, - "datapipeline:Tag": { - "condition": "datapipeline:Tag", - "description": "A customer-specified key/value pair that can be attached to a resource.", - "type": "ARN" - }, - "datapipeline:workerGroup": { - "condition": "datapipeline:workerGroup", - "description": "The name of a worker group for which a Task Runner retrieves work.", - "type": "ARN" - } - } - }, - "datasync": { - "service_name": "AWS DataSync", - "prefix": "datasync", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatasync.html", - "privileges": { - "AddStorageSystem": { - "privilege": "AddStorageSystem", - "description": "Grants permission to create a storage system", - "access_level": "Write", - "resource_types": { - "agent": { - "resource_type": "agent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_AddStorageSystem.html" - }, - "CancelTaskExecution": { - "privilege": "CancelTaskExecution", - "description": "Grants permission to cancel execution of a sync task", - "access_level": "Write", - "resource_types": { - "taskexecution": { - "resource_type": "taskexecution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CancelTaskExecution.html" - }, - "CreateAgent": { - "privilege": "CreateAgent", - "description": "Grants permission to activate an agent that you have deployed on your host", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateAgent.html" - }, - "CreateLocationEfs": { - "privilege": "CreateLocationEfs", - "description": "Grants permission to create an endpoint for an Amazon EFS file system", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationEfs.html" - }, - "CreateLocationFsxLustre": { - "privilege": "CreateLocationFsxLustre", - "description": "Grants permission to create an endpoint for an Amazon Fsx Lustre", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxLustre.html" - }, - "CreateLocationFsxOntap": { - "privilege": "CreateLocationFsxOntap", - "description": "Grants permission to create an endpoint for Amazon FSx for ONTAP", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html" - }, - "CreateLocationFsxOpenZfs": { - "privilege": "CreateLocationFsxOpenZfs", - "description": "Grants permission to create an endpoint for Amazon FSx for OpenZFS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOpenZfs.html" - }, - "CreateLocationFsxWindows": { - "privilege": "CreateLocationFsxWindows", - "description": "Grants permission to create an endpoint for an Amazon FSx Windows File Server file system", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxWindows.html" - }, - "CreateLocationHdfs": { - "privilege": "CreateLocationHdfs", - "description": "Grants permission to create an endpoint for an Amazon Hdfs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationHdfs.html" - }, - "CreateLocationNfs": { - "privilege": "CreateLocationNfs", - "description": "Grants permission to create an endpoint for a NFS file system", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationNfs.html" - }, - "CreateLocationObjectStorage": { - "privilege": "CreateLocationObjectStorage", - "description": "Grants permission to create an endpoint for a self-managed object storage bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationObjectStorage.html" - }, - "CreateLocationS3": { - "privilege": "CreateLocationS3", - "description": "Grants permission to create an endpoint for an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationS3.html" - }, - "CreateLocationSmb": { - "privilege": "CreateLocationSmb", - "description": "Grants permission to create an endpoint for an SMB file system", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationSmb.html" - }, - "CreateTask": { - "privilege": "CreateTask", - "description": "Grants permission to create a sync task", - "access_level": "Write", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "agent": { - "resource_type": "agent", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html" - }, - "DeleteAgent": { - "privilege": "DeleteAgent", - "description": "Grants permission to delete an agent", - "access_level": "Write", - "resource_types": { - "agent": { - "resource_type": "agent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteAgent.html" - }, - "DeleteLocation": { - "privilege": "DeleteLocation", - "description": "Grants permission to delete a location used by AWS DataSync", - "access_level": "Write", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteLocation.html" - }, - "DeleteTask": { - "privilege": "DeleteTask", - "description": "Grants permission to delete a sync task", - "access_level": "Write", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteTask.html" - }, - "DescribeAgent": { - "privilege": "DescribeAgent", - "description": "Grants permission to view metadata such as name, network interfaces, and the status (that is, whether the agent is running or not) about a sync agent", - "access_level": "Read", - "resource_types": { - "agent": { - "resource_type": "agent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeAgent.html" - }, - "DescribeDiscoveryJob": { - "privilege": "DescribeDiscoveryJob", - "description": "Grants permission to describe metadata about a discovery job", - "access_level": "Read", - "resource_types": { - "discoveryjob": { - "resource_type": "discoveryjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeDiscoveryJob.html" - }, - "DescribeLocationEfs": { - "privilege": "DescribeLocationEfs", - "description": "Grants permission to view metadata, such as the path information about an Amazon EFS sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationEfs.html" - }, - "DescribeLocationFsxLustre": { - "privilege": "DescribeLocationFsxLustre", - "description": "Grants permission to view metadata, such as the path information about an Amazon FSx Lustre sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxLustre.html" - }, - "DescribeLocationFsxOntap": { - "privilege": "DescribeLocationFsxOntap", - "description": "Grants permission to view metadata, such as the path information about an Amazon FSx for ONTAP sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxOntap.html" - }, - "DescribeLocationFsxOpenZfs": { - "privilege": "DescribeLocationFsxOpenZfs", - "description": "Grants permission to view metadata, such as the path information about an Amazon FSx OpenZFS sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxOpenZfs.html" - }, - "DescribeLocationFsxWindows": { - "privilege": "DescribeLocationFsxWindows", - "description": "Grants permission to view metadata, such as the path information about an Amazon FSx Windows sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxWindows.html" - }, - "DescribeLocationHdfs": { - "privilege": "DescribeLocationHdfs", - "description": "Grants permission to view metadata, such as the path information about an Amazon HDFS sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationHdfs.html" - }, - "DescribeLocationNfs": { - "privilege": "DescribeLocationNfs", - "description": "Grants permission to view metadata, such as the path information, about a NFS sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationNfs.html" - }, - "DescribeLocationObjectStorage": { - "privilege": "DescribeLocationObjectStorage", - "description": "Grants permission to view metadata about a self-managed object storage server location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationObjectStorage.html" - }, - "DescribeLocationS3": { - "privilege": "DescribeLocationS3", - "description": "Grants permission to view metadata, such as bucket name, about an Amazon S3 bucket sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationS3.html" - }, - "DescribeLocationSmb": { - "privilege": "DescribeLocationSmb", - "description": "Grants permission to view metadata, such as the path information, about an SMB sync location", - "access_level": "Read", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationSmb.html" - }, - "DescribeStorageSystem": { - "privilege": "DescribeStorageSystem", - "description": "Grants permission to view metadata about a storage system", - "access_level": "Read", - "resource_types": { - "storagesystem": { - "resource_type": "storagesystem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystem.html" - }, - "DescribeStorageSystemResourceMetrics": { - "privilege": "DescribeStorageSystemResourceMetrics", - "description": "Grants permission to describe resource metrics collected by a discovery job", - "access_level": "List", - "resource_types": { - "discoveryjob": { - "resource_type": "discoveryjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystemResourceMetrics.html" - }, - "DescribeStorageSystemResources": { - "privilege": "DescribeStorageSystemResources", - "description": "Grants permission to describe resources identified by a discovery job", - "access_level": "List", - "resource_types": { - "discoveryjob": { - "resource_type": "discoveryjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystemResources.html" - }, - "DescribeTask": { - "privilege": "DescribeTask", - "description": "Grants permission to view metadata about a sync task", - "access_level": "Read", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeTask.html" - }, - "DescribeTaskExecution": { - "privilege": "DescribeTaskExecution", - "description": "Grants permission to view metadata about a sync task that is being executed", - "access_level": "Read", - "resource_types": { - "taskexecution": { - "resource_type": "taskexecution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeTaskExecution.html" - }, - "GenerateRecommendations": { - "privilege": "GenerateRecommendations", - "description": "Grants permission to generate recommendations for a resource identified by a discovery job", - "access_level": "Write", - "resource_types": { - "discoveryjob": { - "resource_type": "discoveryjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_GenerateRecommendations.html" - }, - "ListAgents": { - "privilege": "ListAgents", - "description": "Grants permission to list agents owned by an AWS account in a region specified in the request", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListAgents.html" - }, - "ListDiscoveryJobs": { - "privilege": "ListDiscoveryJobs", - "description": "Grants permission to list discovery jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListDiscoveryJobs.html" - }, - "ListLocations": { - "privilege": "ListLocations", - "description": "Grants permission to list source and destination sync locations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListLocations.html" - }, - "ListStorageSystems": { - "privilege": "ListStorageSystems", - "description": "Grants permission to list storage systems", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListStorageSystems.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags that have been added to the specified resource", - "access_level": "Read", - "resource_types": { - "agent": { - "resource_type": "agent", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "discoveryjob": { - "resource_type": "discoveryjob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "location": { - "resource_type": "location", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "storagesystem": { - "resource_type": "storagesystem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "taskexecution": { - "resource_type": "taskexecution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTagsForResource.html" - }, - "ListTaskExecutions": { - "privilege": "ListTaskExecutions", - "description": "Grants permission to list executed sync tasks", - "access_level": "List", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTaskExecutions.html" - }, - "ListTasks": { - "privilege": "ListTasks", - "description": "Grants permission to list of all the sync tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTasks.html" - }, - "RemoveStorageSystem": { - "privilege": "RemoveStorageSystem", - "description": "Grants permission to delete a storage system", - "access_level": "Write", - "resource_types": { - "storagesystem": { - "resource_type": "storagesystem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_RemoveStorageSystem.html" - }, - "StartDiscoveryJob": { - "privilege": "StartDiscoveryJob", - "description": "Grants permission to start a discovery job for a storage system", - "access_level": "Write", - "resource_types": { - "storagesystem": { - "resource_type": "storagesystem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_StartDiscoveryJob.html" - }, - "StartTaskExecution": { - "privilege": "StartTaskExecution", - "description": "Grants permission to start a specific invocation of a sync task", - "access_level": "Write", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_StartTaskExecution.html" - }, - "StopDiscoveryJob": { - "privilege": "StopDiscoveryJob", - "description": "Grants permission to stop a discovery job", - "access_level": "Write", - "resource_types": { - "discoveryjob": { - "resource_type": "discoveryjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_StopDiscoveryJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to apply a key-value pair to an AWS resource", - "access_level": "Tagging", - "resource_types": { - "agent": { - "resource_type": "agent", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "discoveryjob": { - "resource_type": "discoveryjob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "location": { - "resource_type": "location", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "storagesystem": { - "resource_type": "storagesystem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "taskexecution": { - "resource_type": "taskexecution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "agent": { - "resource_type": "agent", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "discoveryjob": { - "resource_type": "discoveryjob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "location": { - "resource_type": "location", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "storagesystem": { - "resource_type": "storagesystem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "taskexecution": { - "resource_type": "taskexecution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UntagResource.html" - }, - "UpdateAgent": { - "privilege": "UpdateAgent", - "description": "Grants permission to update the name of an agent", - "access_level": "Write", - "resource_types": { - "agent": { - "resource_type": "agent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateAgent.html" - }, - "UpdateDiscoveryJob": { - "privilege": "UpdateDiscoveryJob", - "description": "Grants permission to update a discovery job", - "access_level": "Write", - "resource_types": { - "discoveryjob": { - "resource_type": "discoveryjob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateDiscoveryJob.html" - }, - "UpdateLocationHdfs": { - "privilege": "UpdateLocationHdfs", - "description": "Grants permission to update an HDFS sync Location", - "access_level": "Write", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationHdfs.html" - }, - "UpdateLocationNfs": { - "privilege": "UpdateLocationNfs", - "description": "Grants permission to update an NFS sync Location", - "access_level": "Write", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationNfs.html" - }, - "UpdateLocationObjectStorage": { - "privilege": "UpdateLocationObjectStorage", - "description": "Grants permission to update a self-managed object storage server location", - "access_level": "Write", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationObjectStorage.html" - }, - "UpdateLocationSmb": { - "privilege": "UpdateLocationSmb", - "description": "Grants permission to update a SMB sync location", - "access_level": "Write", - "resource_types": { - "location": { - "resource_type": "location", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationSmb.html" - }, - "UpdateStorageSystem": { - "privilege": "UpdateStorageSystem", - "description": "Grants permission to update a storage system", - "access_level": "Write", - "resource_types": { - "storagesystem": { - "resource_type": "storagesystem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateStorageSystem.html" - }, - "UpdateTask": { - "privilege": "UpdateTask", - "description": "Grants permission to update metadata associated with a sync task", - "access_level": "Write", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateTask.html" - }, - "UpdateTaskExecution": { - "privilege": "UpdateTaskExecution", - "description": "Grants permission to update execution of a sync task", - "access_level": "Write", - "resource_types": { - "taskexecution": { - "resource_type": "taskexecution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateTaskExecution.html" - } - }, - "resources": { - "agent": { - "resource": "agent", - "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:agent/${AgentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "location": { - "resource": "location", - "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:location/${LocationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "task": { - "resource": "task", - "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:task/${TaskId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "taskexecution": { - "resource": "taskexecution", - "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:task/${TaskId}/execution/${ExecutionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "storagesystem": { - "resource": "storagesystem", - "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:system/${StorageSystemId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "discoveryjob": { - "resource": "discoveryjob", - "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:system/${StorageSystemId}/job/${DiscoveryJobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "deepcomposer": { - "service_name": "AWS DeepComposer", - "prefix": "deepcomposer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdeepcomposer.html", - "privileges": { - "AssociateCoupon": { - "privilege": "AssociateCoupon", - "description": "Grants permission to associate a DeepComposer coupon (or DSN) with the account associated with the sender of the request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/what-it-is-keyboard.html" - }, - "CreateAudio": { - "privilege": "CreateAudio", - "description": "Grants permission to create an audio file by converting the midi composition into a wav or mp3 file", - "access_level": "Write", - "resource_types": { - "audio": { - "resource_type": "audio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "CreateComposition": { - "privilege": "CreateComposition", - "description": "Grants permission to create a multi-track midi composition", - "access_level": "Write", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "CreateModel": { - "privilege": "CreateModel", - "description": "Grants permission to start creating/training a generative-model that is able to perform inference against the user-provided piano-melody to create a multi-track midi composition", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" - }, - "DeleteComposition": { - "privilege": "DeleteComposition", - "description": "Grants permission to delete the composition", - "access_level": "Write", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "DeleteModel": { - "privilege": "DeleteModel", - "description": "Grants permission to delete the model", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" - }, - "GetComposition": { - "privilege": "GetComposition", - "description": "Grants permission to get information about the composition", - "access_level": "Read", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "GetModel": { - "privilege": "GetModel", - "description": "Grants permission to get information about the model", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" - }, - "GetSampleModel": { - "privilege": "GetSampleModel", - "description": "Grants permission to get information about the sample/pre-trained DeepComposer model", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "ListCompositions": { - "privilege": "ListCompositions", - "description": "Grants permission to list all the compositions owned by the sender of the request", - "access_level": "List", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "ListModels": { - "privilege": "ListModels", - "description": "Grants permission to list all the models owned by the sender of the request", - "access_level": "List", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" - }, - "ListSampleModels": { - "privilege": "ListSampleModels", - "description": "Grants permission to list all the sample/pre-trained models provided by the DeepComposer service", - "access_level": "List", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "List", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/deepcomposer-tagging.html" - }, - "ListTrainingTopics": { - "privilege": "ListTrainingTopics", - "description": "Grants permission to list all the training options or topic for creating/training a model", - "access_level": "List", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/deepcomposer-tagging.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "model": { - "resource_type": "model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/deepcomposer-tagging.html" - }, - "UpdateComposition": { - "privilege": "UpdateComposition", - "description": "Grants permission to modify the mutable properties associated with a composition", - "access_level": "Write", - "resource_types": { - "composition": { - "resource_type": "composition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" - }, - "UpdateModel": { - "privilege": "UpdateModel", - "description": "Grants permission to to modify the mutable properties associated with a model", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" - } - }, - "resources": { - "model": { - "resource": "model", - "arn": "arn:${Partition}:deepcomposer:${Region}:${Account}:model/${ModelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "composition": { - "resource": "composition", - "arn": "arn:${Partition}:deepcomposer:${Region}:${Account}:composition/${CompositionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "audio": { - "resource": "audio", - "arn": "arn:${Partition}:deepcomposer:${Region}:${Account}:audio/${AudioId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "deeplens": { - "service_name": "AWS DeepLens", - "prefix": "deeplens", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdeeplens.html", - "privileges": { - "AssociateServiceRoleToAccount": { - "privilege": "AssociateServiceRoleToAccount", - "description": "Associates the user's account with IAM roles controlling various permissions needed by AWS DeepLens for proper functionality.", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "BatchGetDevice": { - "privilege": "BatchGetDevice", - "description": "Retrieves a list of AWS DeepLens devices.", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "BatchGetModel": { - "privilege": "BatchGetModel", - "description": "Retrieves a list of AWS DeepLens Models.", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "BatchGetProject": { - "privilege": "BatchGetProject", - "description": "Retrieves a list of AWS DeepLens Projects.", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "CreateDeviceCertificates": { - "privilege": "CreateDeviceCertificates", - "description": "Creates a certificate package that is used to successfully authenticate and Register an AWS DeepLens device.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "CreateModel": { - "privilege": "CreateModel", - "description": "Creates a new AWS DeepLens Model.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Creates a new AWS DeepLens Project.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DeleteModel": { - "privilege": "DeleteModel", - "description": "Deletes an AWS DeepLens Model.", - "access_level": "Write", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Deletes an AWS DeepLens Project.", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DeployProject": { - "privilege": "DeployProject", - "description": "Deploys an AWS DeepLens project to a registered AWS DeepLens device.", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DeregisterDevice": { - "privilege": "DeregisterDevice", - "description": "Begins a device de-registration workflow for a registered AWS DeepLens device.", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "GetAssociatedResources": { - "privilege": "GetAssociatedResources", - "description": "Retrieves the account level resources associated with the user's account.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "GetDeploymentStatus": { - "privilege": "GetDeploymentStatus", - "description": "Retrieves the the deployment status of a particular AWS DeepLens device, along with any associated metadata.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "GetDevice": { - "privilege": "GetDevice", - "description": "Retrieves information about an AWS DeepLens device.", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "GetModel": { - "privilege": "GetModel", - "description": "Retrieves an AWS DeepLens Model.", - "access_level": "Read", - "resource_types": { - "model": { - "resource_type": "model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "GetProject": { - "privilege": "GetProject", - "description": "Retrieves an AWS DeepLens Project.", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ImportProjectFromTemplate": { - "privilege": "ImportProjectFromTemplate", - "description": "Creates a new AWS DeepLens project from a sample project template.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListDeployments": { - "privilege": "ListDeployments", - "description": "Retrieves a list of AWS DeepLens Deployment identifiers.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Retrieves a list of AWS DeepLens device identifiers.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListModels": { - "privilege": "ListModels", - "description": "Retrieves a list of AWS DeepLens Model identifiers.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Retrieves a list of AWS DeepLens Project identifiers.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "RegisterDevice": { - "privilege": "RegisterDevice", - "description": "Begins a device registration workflow for an AWS DeepLens device.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "RemoveProject": { - "privilege": "RemoveProject", - "description": "Removes a deployed AWS DeepLens project from an AWS DeepLens device.", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Updates an existing AWS DeepLens Project.", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - } - }, - "resources": { - "device": { - "resource": "device", - "arn": "arn:${Partition}:deeplens:${Region}:${Account}:device/${DeviceName}", - "condition_keys": [] - }, - "project": { - "resource": "project", - "arn": "arn:${Partition}:deeplens:${Region}:${Account}:project/${ProjectName}", - "condition_keys": [] - }, - "model": { - "resource": "model", - "arn": "arn:${Partition}:deeplens:${Region}:${Account}:model/${ModelName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "deepracer": { - "service_name": "AWS DeepRacer", - "prefix": "deepracer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdeepracer.html", - "privileges": { - "AddLeaderboardAccessPermission": { - "privilege": "AddLeaderboardAccessPermission", - "description": "Grants permission to add access for a private leaderboard", - "access_level": "Write", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" - }, - "AdminGetAccountConfig": { - "privilege": "AdminGetAccountConfig", - "description": "Grants permission to get current admin multiuser configuration for this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-set-account-config.html" - }, - "AdminListAssociatedResources": { - "privilege": "AdminListAssociatedResources", - "description": "Grants permission to list all deepracer users with their associated resources created under this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-list-associated-resources.html" - }, - "AdminListAssociatedUsers": { - "privilege": "AdminListAssociatedUsers", - "description": "Grants permission to list user data for all users associated with this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-list-associated-users.html" - }, - "AdminManageUser": { - "privilege": "AdminManageUser", - "description": "Grants permission to manage a user associated with this account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-manage-user.html" - }, - "AdminSetAccountConfig": { - "privilege": "AdminSetAccountConfig", - "description": "Grants permission to set configuration options for this account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-set-account-config.html" - }, - "CloneReinforcementLearningModel": { - "privilege": "CloneReinforcementLearningModel", - "description": "Grants permission to clone an existing DeepRacer model", - "access_level": "Write", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "track": { - "resource_type": "track", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html#deepracer-clone-trained-model" - }, - "CreateCar": { - "privilege": "CreateCar", - "description": "Grants permission to create a DeepRacer car in your garage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" - }, - "CreateLeaderboard": { - "privilege": "CreateLeaderboard", - "description": "Grants permission to create a leaderboard", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-create-community-race.html" - }, - "CreateLeaderboardAccessToken": { - "privilege": "CreateLeaderboardAccessToken", - "description": "Grants permission to create an access token for a private leaderboard", - "access_level": "Write", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" - }, - "CreateLeaderboardSubmission": { - "privilege": "CreateLeaderboardSubmission", - "description": "Grants permission to submit a DeepRacer model to be evaluated for leaderboards", - "access_level": "Write", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "CreateReinforcementLearningModel": { - "privilege": "CreateReinforcementLearningModel", - "description": "Grants permission to create ra einforcement learning model for DeepRacer", - "access_level": "Write", - "resource_types": { - "track": { - "resource_type": "track", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" - }, - "DeleteLeaderboard": { - "privilege": "DeleteLeaderboard", - "description": "Grants permission to delete a leaderboard", - "access_level": "Write", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" - }, - "DeleteModel": { - "privilege": "DeleteModel", - "description": "Grants permission to delete a DeepRacer model", - "access_level": "Write", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" - }, - "EditLeaderboard": { - "privilege": "EditLeaderboard", - "description": "Grants permission to edit a leaderboard", - "access_level": "Write", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" - }, - "GetAccountConfig": { - "privilege": "GetAccountConfig", - "description": "Grants permission to get current multiuser configuration for this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-set-account-config.html" - }, - "GetAlias": { - "privilege": "GetAlias", - "description": "Grants permission to retrieve the user's alias for submitting a DeepRacer model to leaderboards", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "GetAssetUrl": { - "privilege": "GetAssetUrl", - "description": "Grants permission to download artifacts for an existing DeepRacer model", - "access_level": "Read", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html" - }, - "GetCar": { - "privilege": "GetCar", - "description": "Grants permission to retrieve a specific DeepRacer car from your garage", - "access_level": "Read", - "resource_types": { - "car": { - "resource_type": "car", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" - }, - "GetCars": { - "privilege": "GetCars", - "description": "Grants permission to view all the DeepRacer cars in your garage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" - }, - "GetEvaluation": { - "privilege": "GetEvaluation", - "description": "Grants permission to retrieve information about an existing DeepRacer model's evaluation jobs", - "access_level": "Read", - "resource_types": { - "evaluation_job": { - "resource_type": "evaluation_job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" - }, - "GetLatestUserSubmission": { - "privilege": "GetLatestUserSubmission", - "description": "Grants permission to retrieve information about how the latest submitted DeepRacer model for a user performed on a leaderboard", - "access_level": "Read", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "GetLeaderboard": { - "privilege": "GetLeaderboard", - "description": "Grants permission to retrieve information about leaderboards", - "access_level": "Read", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "GetModel": { - "privilege": "GetModel", - "description": "Grants permission to retrieve information about an existing DeepRacer model", - "access_level": "Read", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" - }, - "GetPrivateLeaderboard": { - "privilege": "GetPrivateLeaderboard", - "description": "Grants permission to retrieve information about private leaderboards", - "access_level": "Read", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" - }, - "GetRankedUserSubmission": { - "privilege": "GetRankedUserSubmission", - "description": "Grants permission to retrieve information about the performance of a user's DeepRacer model that got placed on a leaderboard", - "access_level": "Read", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "GetTrack": { - "privilege": "GetTrack", - "description": "Grants permission to retrieve information about DeepRacer tracks", - "access_level": "Read", - "resource_types": { - "track": { - "resource_type": "track", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html" - }, - "GetTrainingJob": { - "privilege": "GetTrainingJob", - "description": "Grants permission to retrieve information about an existing DeepRacer model's training job", - "access_level": "Read", - "resource_types": { - "training_job": { - "resource_type": "training_job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" - }, - "ImportModel": { - "privilege": "ImportModel", - "description": "Grants permission to import a reinforcement learning model for DeepRacer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-troubleshooting-service-migration-errors.html" - }, - "ListEvaluations": { - "privilege": "ListEvaluations", - "description": "Grants permission to list a DeepRacer model's evaluation jobs", - "access_level": "Read", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" - }, - "ListLeaderboardSubmissions": { - "privilege": "ListLeaderboardSubmissions", - "description": "Grants permission to list all the DeepRacer model submissions of a user on a leaderboard", - "access_level": "Read", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "ListLeaderboards": { - "privilege": "ListLeaderboards", - "description": "Grants permission to list all the available leaderboards", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "ListModels": { - "privilege": "ListModels", - "description": "Grants permission to list all existing DeepRacer models", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" - }, - "ListPrivateLeaderboardParticipants": { - "privilege": "ListPrivateLeaderboardParticipants", - "description": "Grants permission to retrieve participant information about private leaderboards", - "access_level": "Read", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" - }, - "ListPrivateLeaderboards": { - "privilege": "ListPrivateLeaderboards", - "description": "Grants permission to list all the available private leaderboards", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" - }, - "ListSubscribedPrivateLeaderboards": { - "privilege": "ListSubscribedPrivateLeaderboards", - "description": "Grants permission to list all the subscribed private leaderboards", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tag for a resource", - "access_level": "Read", - "resource_types": { - "car": { - "resource_type": "car", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation_job": { - "resource_type": "evaluation_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "leaderboard": { - "resource_type": "leaderboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "leaderboard_evaluation_job": { - "resource_type": "leaderboard_evaluation_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "training_job": { - "resource_type": "training_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-tagging.html" - }, - "ListTracks": { - "privilege": "ListTracks", - "description": "Grants permission to list all DeepRacer tracks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html" - }, - "ListTrainingJobs": { - "privilege": "ListTrainingJobs", - "description": "Grants permission to list a DeepRacer model's training jobs", - "access_level": "Read", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" - }, - "MigrateModels": { - "privilege": "MigrateModels", - "description": "Grants permission to migrate previous reinforcement learning models for DeepRacer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-troubleshooting-service-migration-errors.html" - }, - "PerformLeaderboardOperation": { - "privilege": "PerformLeaderboardOperation", - "description": "Grants permission to performs the leaderboard operation mentioned in the operation attribute", - "access_level": "Write", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-perform-leaderboard-operation.html" - }, - "RemoveLeaderboardAccessPermission": { - "privilege": "RemoveLeaderboardAccessPermission", - "description": "Grants permission to remove access for a private leaderboard", - "access_level": "Write", - "resource_types": { - "leaderboard": { - "resource_type": "leaderboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" - }, - "SetAlias": { - "privilege": "SetAlias", - "description": "Grants permission to set the user's alias for submitting a DeepRacer model to leaderboards", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" - }, - "StartEvaluation": { - "privilege": "StartEvaluation", - "description": "Grants permission to evaluate a DeepRacer model in a simulated environment", - "access_level": "Write", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "track": { - "resource_type": "track", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" - }, - "StopEvaluation": { - "privilege": "StopEvaluation", - "description": "Grants permission to stop DeepRacer model evaluations", - "access_level": "Write", - "resource_types": { - "evaluation_job": { - "resource_type": "evaluation_job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" - }, - "StopTrainingReinforcementLearningModel": { - "privilege": "StopTrainingReinforcementLearningModel", - "description": "Grants permission to stop training a DeepRacer model", - "access_level": "Write", - "resource_types": { - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "car": { - "resource_type": "car", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation_job": { - "resource_type": "evaluation_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "leaderboard": { - "resource_type": "leaderboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "leaderboard_evaluation_job": { - "resource_type": "leaderboard_evaluation_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "training_job": { - "resource_type": "training_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-tagging.html" - }, - "TestRewardFunction": { - "privilege": "TestRewardFunction", - "description": "Grants permission to test reward functions for correctness", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html#deepracer-train-models-define-reward-function" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "car": { - "resource_type": "car", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "evaluation_job": { - "resource_type": "evaluation_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "leaderboard": { - "resource_type": "leaderboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "leaderboard_evaluation_job": { - "resource_type": "leaderboard_evaluation_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reinforcement_learning_model": { - "resource_type": "reinforcement_learning_model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "training_job": { - "resource_type": "training_job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-tagging.html" - }, - "UpdateCar": { - "privilege": "UpdateCar", - "description": "Grants permission to update a DeepRacer car in your garage", - "access_level": "Write", - "resource_types": { - "car": { - "resource_type": "car", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "deepracer:UserToken", - "deepracer:MultiUser" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" - } - }, - "resources": { - "car": { - "resource": "car", - "arn": "arn:${Partition}:deepracer:${Region}:${Account}:car/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "evaluation_job": { - "resource": "evaluation_job", - "arn": "arn:${Partition}:deepracer:${Region}:${Account}:evaluation_job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "leaderboard": { - "resource": "leaderboard", - "arn": "arn:${Partition}:deepracer:${Region}::leaderboard/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "leaderboard_evaluation_job": { - "resource": "leaderboard_evaluation_job", - "arn": "arn:${Partition}:deepracer:${Region}:${Account}:leaderboard_evaluation_job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "reinforcement_learning_model": { - "resource": "reinforcement_learning_model", - "arn": "arn:${Partition}:deepracer:${Region}:${Account}:model/reinforcement_learning/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "track": { - "resource": "track", - "arn": "arn:${Partition}:deepracer:${Region}::track/${ResourceId}", - "condition_keys": [] - }, - "training_job": { - "resource": "training_job", - "arn": "arn:${Partition}:deepracer:${Region}:${Account}:training_job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions by tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions by tag keys in the request", - "type": "ArrayOfString" - }, - "deepracer:MultiUser": { - "condition": "deepracer:MultiUser", - "description": "Filters access by multiuser flag", - "type": "Bool" - }, - "deepracer:UserToken": { - "condition": "deepracer:UserToken", - "description": "Filters access by user token in the request", - "type": "String" - } - } - }, - "devicefarm": { - "service_name": "AWS Device Farm", - "prefix": "devicefarm", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdevicefarm.html", - "privileges": { - "CreateDevicePool": { - "privilege": "CreateDevicePool", - "description": "Grants permission to create a device pool within a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateDevicePool.html" - }, - "CreateInstanceProfile": { - "privilege": "CreateInstanceProfile", - "description": "Grants permission to create a device instance profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateInstanceProfile.html" - }, - "CreateNetworkProfile": { - "privilege": "CreateNetworkProfile", - "description": "Grants permission to create a network profile within a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateNetworkProfile.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a project for mobile testing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateProject.html" - }, - "CreateRemoteAccessSession": { - "privilege": "CreateRemoteAccessSession", - "description": "Grants permission to start a remote access session to a device instance", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "deviceinstance": { - "resource_type": "deviceinstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "upload": { - "resource_type": "upload", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateRemoteAccessSession.html" - }, - "CreateTestGridProject": { - "privilege": "CreateTestGridProject", - "description": "Grants permission to create a project for desktop testing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateTestGridProject.html" - }, - "CreateTestGridUrl": { - "privilege": "CreateTestGridUrl", - "description": "Grants permission to generate a new pre-signed url used to access our test grid service", - "access_level": "Write", - "resource_types": { - "testgrid-project": { - "resource_type": "testgrid-project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateTestGridUrl.html" - }, - "CreateUpload": { - "privilege": "CreateUpload", - "description": "Grants permission to upload a new file or app within a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateUpload.html" - }, - "CreateVPCEConfiguration": { - "privilege": "CreateVPCEConfiguration", - "description": "Grants permission to create an Amazon Virtual Private Cloud (VPC) endpoint configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateVPCEConfiguration.html" - }, - "DeleteDevicePool": { - "privilege": "DeleteDevicePool", - "description": "Grants permission to delete a user-generated device pool", - "access_level": "Write", - "resource_types": { - "devicepool": { - "resource_type": "devicepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteDevicePool.html" - }, - "DeleteInstanceProfile": { - "privilege": "DeleteInstanceProfile", - "description": "Grants permission to delete a user-generated instance profile", - "access_level": "Write", - "resource_types": { - "instanceprofile": { - "resource_type": "instanceprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteInstanceProfile.html" - }, - "DeleteNetworkProfile": { - "privilege": "DeleteNetworkProfile", - "description": "Grants permission to delete a user-generated network profile", - "access_level": "Write", - "resource_types": { - "networkprofile": { - "resource_type": "networkprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/DeleteNetworkProfile.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a mobile testing project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteProject.html" - }, - "DeleteRemoteAccessSession": { - "privilege": "DeleteRemoteAccessSession", - "description": "Grants permission to delete a completed remote access session and its results", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteRemoteAccessSession.html" - }, - "DeleteRun": { - "privilege": "DeleteRun", - "description": "Grants permission to delete a run", - "access_level": "Write", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteRun.html" - }, - "DeleteTestGridProject": { - "privilege": "DeleteTestGridProject", - "description": "Grants permission to delete a desktop testing project", - "access_level": "Write", - "resource_types": { - "testgrid-project": { - "resource_type": "testgrid-project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteTestGridProject.html" - }, - "DeleteUpload": { - "privilege": "DeleteUpload", - "description": "Grants permission to delete a user-uploaded file", - "access_level": "Write", - "resource_types": { - "upload": { - "resource_type": "upload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteUpload.html" - }, - "DeleteVPCEConfiguration": { - "privilege": "DeleteVPCEConfiguration", - "description": "Grants permission to delete an Amazon Virtual Private Cloud (VPC) endpoint configuration", - "access_level": "Write", - "resource_types": { - "vpceconfiguration": { - "resource_type": "vpceconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteVPCEConfiguration.html" - }, - "GetAccountSettings": { - "privilege": "GetAccountSettings", - "description": "Grants permission to retrieve the number of unmetered iOS and/or unmetered Android devices purchased by the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetAccountSettings.html" - }, - "GetDevice": { - "privilege": "GetDevice", - "description": "Grants permission to retrieve the information of a unique device type", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDevice.html" - }, - "GetDeviceInstance": { - "privilege": "GetDeviceInstance", - "description": "Grants permission to retireve the information of a device instance", - "access_level": "Read", - "resource_types": { - "deviceinstance": { - "resource_type": "deviceinstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDeviceInstance.html" - }, - "GetDevicePool": { - "privilege": "GetDevicePool", - "description": "Grants permission to retireve the information of a device pool", - "access_level": "Read", - "resource_types": { - "devicepool": { - "resource_type": "devicepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDevicePool.html" - }, - "GetDevicePoolCompatibility": { - "privilege": "GetDevicePoolCompatibility", - "description": "Grants permission to retrieve information about the compatibility of a test and/or app with a device pool", - "access_level": "Read", - "resource_types": { - "devicepool": { - "resource_type": "devicepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "upload": { - "resource_type": "upload", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDevicePoolCompatibility.html" - }, - "GetInstanceProfile": { - "privilege": "GetInstanceProfile", - "description": "Grants permission to retireve the information of an instance profile", - "access_level": "Read", - "resource_types": { - "instanceprofile": { - "resource_type": "instanceprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetInstanceProfile.html" - }, - "GetJob": { - "privilege": "GetJob", - "description": "Grants permission to retireve the information of a job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetJob.html" - }, - "GetNetworkProfile": { - "privilege": "GetNetworkProfile", - "description": "Grants permission to retireve the information of a network profile", - "access_level": "Read", - "resource_types": { - "networkprofile": { - "resource_type": "networkprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetNetworkProfile.html" - }, - "GetOfferingStatus": { - "privilege": "GetOfferingStatus", - "description": "Grants permission to retrieve the current status and future status of all offerings purchased by an AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetOfferingStatus.html" - }, - "GetProject": { - "privilege": "GetProject", - "description": "Grants permission to retrieve information about a mobile testing project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetProject.html" - }, - "GetRemoteAccessSession": { - "privilege": "GetRemoteAccessSession", - "description": "Grants permission to retireve the link to a currently running remote access session", - "access_level": "Read", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetRemoteAccessSession.html" - }, - "GetRun": { - "privilege": "GetRun", - "description": "Grants permission to retireve the information of a run", - "access_level": "Read", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetRun.html" - }, - "GetSuite": { - "privilege": "GetSuite", - "description": "Grants permission to retireve the information of a testing suite", - "access_level": "Read", - "resource_types": { - "suite": { - "resource_type": "suite", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetSuite.html" - }, - "GetTest": { - "privilege": "GetTest", - "description": "Grants permission to retireve the information of a test case", - "access_level": "Read", - "resource_types": { - "test": { - "resource_type": "test", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetTest.html" - }, - "GetTestGridProject": { - "privilege": "GetTestGridProject", - "description": "Grants permission to retrieve information about a desktop testing project", - "access_level": "Read", - "resource_types": { - "testgrid-project": { - "resource_type": "testgrid-project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetTestGridProject.html" - }, - "GetTestGridSession": { - "privilege": "GetTestGridSession", - "description": "Grants permission to retireve the information of a test grid session", - "access_level": "Read", - "resource_types": { - "testgrid-project": { - "resource_type": "testgrid-project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "testgrid-session": { - "resource_type": "testgrid-session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetTestGridSession.html" - }, - "GetUpload": { - "privilege": "GetUpload", - "description": "Grants permission to retireve the information of an uploaded file", - "access_level": "Read", - "resource_types": { - "upload": { - "resource_type": "upload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetUpload.html" - }, - "GetVPCEConfiguration": { - "privilege": "GetVPCEConfiguration", - "description": "Grants permission to retireve the information of an Amazon Virtual Private Cloud (VPC) endpoint configuration", - "access_level": "Read", - "resource_types": { - "vpceconfiguration": { - "resource_type": "vpceconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetVPCEConfiguration.html" - }, - "InstallToRemoteAccessSession": { - "privilege": "InstallToRemoteAccessSession", - "description": "Grants permission to install an application to a device in a remote access session", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "upload": { - "resource_type": "upload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_InstallToRemoteAccessSession.html" - }, - "ListArtifacts": { - "privilege": "ListArtifacts", - "description": "Grants permission to list the artifacts in a project", - "access_level": "List", - "resource_types": { - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "run": { - "resource_type": "run", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "suite": { - "resource_type": "suite", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "test": { - "resource_type": "test", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListArtifacts.html" - }, - "ListDeviceInstances": { - "privilege": "ListDeviceInstances", - "description": "Grants permission to list the information of device instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListDeviceInstances.html" - }, - "ListDevicePools": { - "privilege": "ListDevicePools", - "description": "Grants permission to list the information of device pools", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListDevicePools.html" - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Grants permission to list the information of unique device types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListDevices.html" - }, - "ListInstanceProfiles": { - "privilege": "ListInstanceProfiles", - "description": "Grants permission to list the information of device instance profiles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListInstanceProfiles.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list the information of jobs within a run", - "access_level": "List", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListJobs.html" - }, - "ListNetworkProfiles": { - "privilege": "ListNetworkProfiles", - "description": "Grants permission to list the information of network profiles within a project", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListNetworkProfiles.html" - }, - "ListOfferingPromotions": { - "privilege": "ListOfferingPromotions", - "description": "Grants permission to list the offering promotions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListOfferingPromotions.html" - }, - "ListOfferingTransactions": { - "privilege": "ListOfferingTransactions", - "description": "Grants permission to list all of the historical purchases, renewals, and system renewal transactions for an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListOfferingTransactions.html" - }, - "ListOfferings": { - "privilege": "ListOfferings", - "description": "Grants permission to list the products or offerings that the user can manage through the API", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListOfferings.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list the information of mobile testing projects for an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListProjects.html" - }, - "ListRemoteAccessSessions": { - "privilege": "ListRemoteAccessSessions", - "description": "Grants permission to list the information of currently running remote access sessions", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListRemoteAccessSessions.html" - }, - "ListRuns": { - "privilege": "ListRuns", - "description": "Grants permission to list the information of runs within a project", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListRuns.html" - }, - "ListSamples": { - "privilege": "ListSamples", - "description": "Grants permission to list the information of samples within a project", - "access_level": "List", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListSamples.html" - }, - "ListSuites": { - "privilege": "ListSuites", - "description": "Grants permission to list the information of testing suites within a job", - "access_level": "List", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListSuites.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags of a resource", - "access_level": "List", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deviceinstance": { - "resource_type": "deviceinstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "devicepool": { - "resource_type": "devicepool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instanceprofile": { - "resource_type": "instanceprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "networkprofile": { - "resource_type": "networkprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "run": { - "resource_type": "run", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "session": { - "resource_type": "session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "testgrid-project": { - "resource_type": "testgrid-project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "testgrid-session": { - "resource_type": "testgrid-session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpceconfiguration": { - "resource_type": "vpceconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTestGridProjects": { - "privilege": "ListTestGridProjects", - "description": "Grants permission to list the information of desktop testing projects for an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridProjects.html" - }, - "ListTestGridSessionActions": { - "privilege": "ListTestGridSessionActions", - "description": "Grants permission to list the session actions performed during a test grid session", - "access_level": "List", - "resource_types": { - "testgrid-session": { - "resource_type": "testgrid-session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridSessionActions.html" - }, - "ListTestGridSessionArtifacts": { - "privilege": "ListTestGridSessionArtifacts", - "description": "Grants permission to list the artifacts generated by a test grid session", - "access_level": "List", - "resource_types": { - "testgrid-session": { - "resource_type": "testgrid-session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridSessionArtifacts.html" - }, - "ListTestGridSessions": { - "privilege": "ListTestGridSessions", - "description": "Grants permission to list the sessions within a test grid project", - "access_level": "List", - "resource_types": { - "testgrid-project": { - "resource_type": "testgrid-project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridSessions.html" - }, - "ListTests": { - "privilege": "ListTests", - "description": "Grants permission to list the information of tests within a testing suite", - "access_level": "List", - "resource_types": { - "suite": { - "resource_type": "suite", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTests.html" - }, - "ListUniqueProblems": { - "privilege": "ListUniqueProblems", - "description": "Grants permission to list the information of unique problems within a run", - "access_level": "List", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListUniqueProblems.html" - }, - "ListUploads": { - "privilege": "ListUploads", - "description": "Grants permission to list the information of uploads within a project", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListUploads.html" - }, - "ListVPCEConfigurations": { - "privilege": "ListVPCEConfigurations", - "description": "Grants permission to list the information of Amazon Virtual Private Cloud (VPC) endpoint configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListVPCEConfigurations.html" - }, - "PurchaseOffering": { - "privilege": "PurchaseOffering", - "description": "Grants permission to purchase offerings for an AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_PurchaseOffering.html" - }, - "RenewOffering": { - "privilege": "RenewOffering", - "description": "Grants permission to set the quantity of devices to renew for an offering", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_RenewOffering.html" - }, - "ScheduleRun": { - "privilege": "ScheduleRun", - "description": "Grants permission to schedule a run", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "devicepool": { - "resource_type": "devicepool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "upload": { - "resource_type": "upload", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ScheduleRun.html" - }, - "StopJob": { - "privilege": "StopJob", - "description": "Grants permission to terminate a running job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_StopJob.html" - }, - "StopRemoteAccessSession": { - "privilege": "StopRemoteAccessSession", - "description": "Grants permission to terminate a running remote access session", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_StopRemoteAccessSession.html" - }, - "StopRun": { - "privilege": "StopRun", - "description": "Grants permission to terminate a running test run", - "access_level": "Write", - "resource_types": { - "run": { - "resource_type": "run", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_StopRun.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deviceinstance": { - "resource_type": "deviceinstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "devicepool": { - "resource_type": "devicepool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instanceprofile": { - "resource_type": "instanceprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "networkprofile": { - "resource_type": "networkprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "run": { - "resource_type": "run", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "session": { - "resource_type": "session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "testgrid-project": { - "resource_type": "testgrid-project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "testgrid-session": { - "resource_type": "testgrid-session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpceconfiguration": { - "resource_type": "vpceconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deviceinstance": { - "resource_type": "deviceinstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "devicepool": { - "resource_type": "devicepool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instanceprofile": { - "resource_type": "instanceprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "networkprofile": { - "resource_type": "networkprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "run": { - "resource_type": "run", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "session": { - "resource_type": "session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "testgrid-project": { - "resource_type": "testgrid-project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "testgrid-session": { - "resource_type": "testgrid-session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vpceconfiguration": { - "resource_type": "vpceconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UntagResource.html" - }, - "UpdateDeviceInstance": { - "privilege": "UpdateDeviceInstance", - "description": "Grants permission to modify an existing device instance", - "access_level": "Write", - "resource_types": { - "deviceinstance": { - "resource_type": "deviceinstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instanceprofile": { - "resource_type": "instanceprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateDeviceInstance.html" - }, - "UpdateDevicePool": { - "privilege": "UpdateDevicePool", - "description": "Grants permission to modify an existing device pool", - "access_level": "Write", - "resource_types": { - "devicepool": { - "resource_type": "devicepool", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateDevicePool.html" - }, - "UpdateInstanceProfile": { - "privilege": "UpdateInstanceProfile", - "description": "Grants permission to modify an existing instance profile", - "access_level": "Write", - "resource_types": { - "instanceprofile": { - "resource_type": "instanceprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateInstanceProfile.html" - }, - "UpdateNetworkProfile": { - "privilege": "UpdateNetworkProfile", - "description": "Grants permission to modify an existing network profile", - "access_level": "Write", - "resource_types": { - "networkprofile": { - "resource_type": "networkprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateNetworkProfile.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to modify an existing mobile testing project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateProject.html" - }, - "UpdateTestGridProject": { - "privilege": "UpdateTestGridProject", - "description": "Grants permission to modify an existing desktop testing project", - "access_level": "Write", - "resource_types": { - "testgrid-project": { - "resource_type": "testgrid-project", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateTestGridProject.html" - }, - "UpdateUpload": { - "privilege": "UpdateUpload", - "description": "Grants permission to modify an existing upload", - "access_level": "Write", - "resource_types": { - "upload": { - "resource_type": "upload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateUpload.html" - }, - "UpdateVPCEConfiguration": { - "privilege": "UpdateVPCEConfiguration", - "description": "Grants permission to modify an existing Amazon Virtual Private Cloud (VPC) endpoint configuration", - "access_level": "Write", - "resource_types": { - "vpceconfiguration": { - "resource_type": "vpceconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateVPCEConfiguration.html" - } - }, - "resources": { - "project": { - "resource": "project", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:project:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "run": { - "resource": "run", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:run:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "job": { - "resource": "job", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:job:${ResourceId}", - "condition_keys": [] - }, - "suite": { - "resource": "suite", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:suite:${ResourceId}", - "condition_keys": [] - }, - "test": { - "resource": "test", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:test:${ResourceId}", - "condition_keys": [] - }, - "upload": { - "resource": "upload", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:upload:${ResourceId}", - "condition_keys": [] - }, - "artifact": { - "resource": "artifact", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:artifact:${ResourceId}", - "condition_keys": [] - }, - "sample": { - "resource": "sample", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:sample:${ResourceId}", - "condition_keys": [] - }, - "networkprofile": { - "resource": "networkprofile", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:networkprofile:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deviceinstance": { - "resource": "deviceinstance", - "arn": "arn:${Partition}:devicefarm:${Region}::deviceinstance:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "session": { - "resource": "session", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:session:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "devicepool": { - "resource": "devicepool", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:devicepool:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "device": { - "resource": "device", - "arn": "arn:${Partition}:devicefarm:${Region}::device:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "instanceprofile": { - "resource": "instanceprofile", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:instanceprofile:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vpceconfiguration": { - "resource": "vpceconfiguration", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:vpceconfiguration:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "testgrid-project": { - "resource": "testgrid-project", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:testgrid-project:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "testgrid-session": { - "resource": "testgrid-session", - "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:testgrid-session:${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value assoicated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "directconnect": { - "service_name": "AWS Direct Connect", - "prefix": "directconnect", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdirectconnect.html", - "privileges": { - "AcceptDirectConnectGatewayAssociationProposal": { - "privilege": "AcceptDirectConnectGatewayAssociationProposal", - "description": "Grants permission to accept a proposal request to attach a virtual private gateway to a Direct Connect gateway", - "access_level": "Write", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AcceptDirectConnectGatewayAssociationProposal.html" - }, - "AllocateConnectionOnInterconnect": { - "privilege": "AllocateConnectionOnInterconnect", - "description": "Grants permission to create a hosted connection on an interconnect", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateConnectionOnInterconnect.html" - }, - "AllocateHostedConnection": { - "privilege": "AllocateHostedConnection", - "description": "Grants permission to create a new hosted connection between a AWS Direct Connect partner's network and a specific AWS Direct Connect location", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateHostedConnection.html" - }, - "AllocatePrivateVirtualInterface": { - "privilege": "AllocatePrivateVirtualInterface", - "description": "Grants permission to provision a private virtual interface to be owned by a different customer", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocatePrivateVirtualInterface.html" - }, - "AllocatePublicVirtualInterface": { - "privilege": "AllocatePublicVirtualInterface", - "description": "Grants permission to provision a public virtual interface to be owned by a different customer", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocatePublicVirtualInterface.html" - }, - "AllocateTransitVirtualInterface": { - "privilege": "AllocateTransitVirtualInterface", - "description": "Grants permission to provision a transit virtual interface to be owned by a different customer", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateTransitVirtualInterface.html" - }, - "AssociateConnectionWithLag": { - "privilege": "AssociateConnectionWithLag", - "description": "Grants permission to associate a connection with a LAG", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateConnectionWithLag.html" - }, - "AssociateHostedConnection": { - "privilege": "AssociateHostedConnection", - "description": "Grants permission to associate a hosted connection and its virtual interfaces with a link aggregation group (LAG) or interconnect", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateHostedConnection.html" - }, - "AssociateMacSecKey": { - "privilege": "AssociateMacSecKey", - "description": "Grants permission to associate a MAC Security (MACsec) Connection Key Name (CKN)/ Connectivity Association Key (CAK) pair with an AWS Direct Connect dedicated connection", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateMacSecKey.html" - }, - "AssociateVirtualInterface": { - "privilege": "AssociateVirtualInterface", - "description": "Grants permission to associate a virtual interface with a specified link aggregation group (LAG) or connection", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateVirtualInterface.html" - }, - "ConfirmConnection": { - "privilege": "ConfirmConnection", - "description": "Grants permission to confirm the creation of a hosted connection on an interconnect", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmConnection.html" - }, - "ConfirmCustomerAgreement": { - "privilege": "ConfirmCustomerAgreement", - "description": "Grants permission to confirm the the terms of agreement when creating the connection or link aggregation group (LAG)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmCustomerAgreement.html" - }, - "ConfirmPrivateVirtualInterface": { - "privilege": "ConfirmPrivateVirtualInterface", - "description": "Grants permission to accept ownership of a private virtual interface created by another customer", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmPrivateVirtualInterface.html" - }, - "ConfirmPublicVirtualInterface": { - "privilege": "ConfirmPublicVirtualInterface", - "description": "Grants permission to accept ownership of a public virtual interface created by another customer", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmPublicVirtualInterface.html" - }, - "ConfirmTransitVirtualInterface": { - "privilege": "ConfirmTransitVirtualInterface", - "description": "Grants permission to accept ownership of a transit virtual interface created by another customer", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmTransitVirtualInterface.html" - }, - "CreateBGPPeer": { - "privilege": "CreateBGPPeer", - "description": "Grants permission to create a BGP peer on the specified virtual interface", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateBGPPeer.html" - }, - "CreateConnection": { - "privilege": "CreateConnection", - "description": "Grants permission to create a new connection between the customer network and a specific AWS Direct Connect location", - "access_level": "Write", - "resource_types": { - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateConnection.html" - }, - "CreateDirectConnectGateway": { - "privilege": "CreateDirectConnectGateway", - "description": "Grants permission to create a Direct Connect gateway, which is an intermediate object that enables you to connect a set of virtual interfaces and virtual private gateways", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateDirectConnectGateway.html" - }, - "CreateDirectConnectGatewayAssociation": { - "privilege": "CreateDirectConnectGatewayAssociation", - "description": "Grants permission to create an association between a Direct Connect gateway and a virtual private gateway", - "access_level": "Write", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateDirectConnectGatewayAssociation.html" - }, - "CreateDirectConnectGatewayAssociationProposal": { - "privilege": "CreateDirectConnectGatewayAssociationProposal", - "description": "Grants permission to create a proposal to associate the specified virtual private gateway with the specified Direct Connect gateway", - "access_level": "Write", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateDirectConnectGatewayAssociationProposal.html" - }, - "CreateInterconnect": { - "privilege": "CreateInterconnect", - "description": "Grants permission to create a new interconnect between a AWS Direct Connect partner's network and a specific AWS Direct Connect location", - "access_level": "Write", - "resource_types": { - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateInterconnect.html" - }, - "CreateLag": { - "privilege": "CreateLag", - "description": "Grants permission to create a link aggregation group (LAG) with the specified number of bundled physical connections between the customer network and a specific AWS Direct Connect location", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateLag.html" - }, - "CreatePrivateVirtualInterface": { - "privilege": "CreatePrivateVirtualInterface", - "description": "Grants permission to create a new private virtual interface", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreatePrivateVirtualInterface.html" - }, - "CreatePublicVirtualInterface": { - "privilege": "CreatePublicVirtualInterface", - "description": "Grants permission to create a new public virtual interface", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreatePublicVirtualInterface.html" - }, - "CreateTransitVirtualInterface": { - "privilege": "CreateTransitVirtualInterface", - "description": "Grants permission to create a new transit virtual interface", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateTransitVirtualInterface.html" - }, - "DeleteBGPPeer": { - "privilege": "DeleteBGPPeer", - "description": "Grants permission to delete the specified BGP peer on the specified virtual interface with the specified customer address and ASN", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteBGPPeer.html" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete the connection", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteConnection.html" - }, - "DeleteDirectConnectGateway": { - "privilege": "DeleteDirectConnectGateway", - "description": "Grants permission to delete the specified Direct Connect gateway", - "access_level": "Write", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteDirectConnectGateway.html" - }, - "DeleteDirectConnectGatewayAssociation": { - "privilege": "DeleteDirectConnectGatewayAssociation", - "description": "Grants permission to delete the association between the specified Direct Connect gateway and virtual private gateway", - "access_level": "Write", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteDirectConnectGatewayAssociation.html" - }, - "DeleteDirectConnectGatewayAssociationProposal": { - "privilege": "DeleteDirectConnectGatewayAssociationProposal", - "description": "Grants permission to delete the association proposal request between the specified Direct Connect gateway and virtual private gateway", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteDirectConnectGatewayAssociationProposal.html" - }, - "DeleteInterconnect": { - "privilege": "DeleteInterconnect", - "description": "Grants permission to delete the specified interconnect", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteInterconnect.html" - }, - "DeleteLag": { - "privilege": "DeleteLag", - "description": "Grants permission to delete the specified link aggregation group (LAG)", - "access_level": "Write", - "resource_types": { - "dxlag": { - "resource_type": "dxlag", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteLag.html" - }, - "DeleteVirtualInterface": { - "privilege": "DeleteVirtualInterface", - "description": "Grants permission to delete a virtual interface", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteVirtualInterface.html" - }, - "DescribeConnectionLoa": { - "privilege": "DescribeConnectionLoa", - "description": "Grants permission to describe the LOA-CFA for a Connection", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeConnectionLoa.html" - }, - "DescribeConnections": { - "privilege": "DescribeConnections", - "description": "Grants permission to describe all connections in this region", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeConnections.html" - }, - "DescribeConnectionsOnInterconnect": { - "privilege": "DescribeConnectionsOnInterconnect", - "description": "Grants permission to describe a list of connections that have been provisioned on the given interconnect", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeConnectionsOnInterconnect.html" - }, - "DescribeCustomerMetadata": { - "privilege": "DescribeCustomerMetadata", - "description": "Grants permission to view a list of customer agreements, along with their signed status and whether the customer is an NNIPartner, NNIPartnerV2, or a nonPartner", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeCustomerMetadata.html" - }, - "DescribeDirectConnectGatewayAssociationProposals": { - "privilege": "DescribeDirectConnectGatewayAssociationProposals", - "description": "Grants permission to describe one or more association proposals for connection between a virtual private gateway and a Direct Connect gateway", - "access_level": "Read", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGatewayAssociationProposals.html" - }, - "DescribeDirectConnectGatewayAssociations": { - "privilege": "DescribeDirectConnectGatewayAssociations", - "description": "Grants permission to describe the associations between your Direct Connect gateways and virtual private gateways", - "access_level": "Read", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGatewayAssociations.html" - }, - "DescribeDirectConnectGatewayAttachments": { - "privilege": "DescribeDirectConnectGatewayAttachments", - "description": "Grants permission to describe the attachments between your Direct Connect gateways and virtual interfaces", - "access_level": "Read", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGatewayAttachments.html" - }, - "DescribeDirectConnectGateways": { - "privilege": "DescribeDirectConnectGateways", - "description": "Grants permission to describe all your Direct Connect gateways or only the specified Direct Connect gateway", - "access_level": "Read", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGateways.html" - }, - "DescribeHostedConnections": { - "privilege": "DescribeHostedConnections", - "description": "Grants permission to describe the hosted connections that have been provisioned on the specified interconnect or link aggregation group (LAG)", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeHostedConnections.html" - }, - "DescribeInterconnectLoa": { - "privilege": "DescribeInterconnectLoa", - "description": "Grants permission to describe the LOA-CFA for an Interconnect", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeInterconnectLoa.html" - }, - "DescribeInterconnects": { - "privilege": "DescribeInterconnects", - "description": "Grants permission to describe a list of interconnects owned by the AWS account", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeInterconnects.html" - }, - "DescribeLags": { - "privilege": "DescribeLags", - "description": "Grants permission to describe all your link aggregation groups (LAG) or the specified LAG", - "access_level": "Read", - "resource_types": { - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLags.html" - }, - "DescribeLoa": { - "privilege": "DescribeLoa", - "description": "Grants permission to describe the LOA-CFA for a connection, interconnect, or link aggregation group (LAG)", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLoa.html" - }, - "DescribeLocations": { - "privilege": "DescribeLocations", - "description": "Grants permission to describe the list of AWS Direct Connect locations in the current AWS region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html" - }, - "DescribeRouterConfiguration": { - "privilege": "DescribeRouterConfiguration", - "description": "Grants permission to describe Details about the router for a virtual interface", - "access_level": "Read", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeRouterConfiguration.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to describe the tags associated with the specified AWS Direct Connect resources", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxvif": { - "resource_type": "dxvif", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeTags.html" - }, - "DescribeVirtualGateways": { - "privilege": "DescribeVirtualGateways", - "description": "Grants permission to describe a list of virtual private gateways owned by the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeVirtualGateways.html" - }, - "DescribeVirtualInterfaces": { - "privilege": "DescribeVirtualInterfaces", - "description": "Grants permission to describe all virtual interfaces for an AWS account", - "access_level": "Read", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxvif": { - "resource_type": "dxvif", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeVirtualInterfaces.html" - }, - "DisassociateConnectionFromLag": { - "privilege": "DisassociateConnectionFromLag", - "description": "Grants permission to disassociate a connection from a link aggregation group (LAG)", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DisassociateConnectionFromLag.html" - }, - "DisassociateMacSecKey": { - "privilege": "DisassociateMacSecKey", - "description": "Grants permission to remove the association between a MAC Security (MACsec) security key and an AWS Direct Connect dedicated connection", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DisassociateMacSecKey.html" - }, - "ListVirtualInterfaceTestHistory": { - "privilege": "ListVirtualInterfaceTestHistory", - "description": "Grants permission to list the virtual interface failover test history", - "access_level": "List", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ListVirtualInterfaceTestHistory.html" - }, - "StartBgpFailoverTest": { - "privilege": "StartBgpFailoverTest", - "description": "Grants permission to start the virtual interface failover test that verifies your configuration meets your resiliency requirements by placing the BGP peering session in the DOWN state. You can then send traffic to verify that there are no outages", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_StartBgpFailoverTest.html" - }, - "StopBgpFailoverTest": { - "privilege": "StopBgpFailoverTest", - "description": "Grants permission to stop the virtual interface failover test", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_StopBgpFailoverTest.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add the specified tags to the specified AWS Direct Connect resource. Each resource can have a maximum of 50 tags", - "access_level": "Tagging", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxvif": { - "resource_type": "dxvif", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from the specified AWS Direct Connect resource", - "access_level": "Tagging", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxlag": { - "resource_type": "dxlag", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dxvif": { - "resource_type": "dxvif", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UntagResource.html" - }, - "UpdateConnection": { - "privilege": "UpdateConnection", - "description": "Grants permission to update the AWS Direct Connect dedicated connection configuration. You can update the following parameters for a connection: The connection name or The connection's MAC Security (MACsec) encryption mode", - "access_level": "Write", - "resource_types": { - "dxcon": { - "resource_type": "dxcon", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateConnection.html" - }, - "UpdateDirectConnectGateway": { - "privilege": "UpdateDirectConnectGateway", - "description": "Grants permission to update the name of a Direct Connect gateway", - "access_level": "Write", - "resource_types": { - "dx-gateway": { - "resource_type": "dx-gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateDirectConnectGateway.html" - }, - "UpdateDirectConnectGatewayAssociation": { - "privilege": "UpdateDirectConnectGatewayAssociation", - "description": "Grants permission to update the specified attributes of the Direct Connect gateway association", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateDirectConnectGatewayAssociation.html" - }, - "UpdateLag": { - "privilege": "UpdateLag", - "description": "Grants permission to update the attributes of the specified link aggregation group (LAG)", - "access_level": "Write", - "resource_types": { - "dxlag": { - "resource_type": "dxlag", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateLag.html" - }, - "UpdateVirtualInterfaceAttributes": { - "privilege": "UpdateVirtualInterfaceAttributes", - "description": "Grants permission to update the specified attributes of the specified virtual private interface", - "access_level": "Write", - "resource_types": { - "dxvif": { - "resource_type": "dxvif", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateVirtualInterfaceAttributes.html" - } - }, - "resources": { - "dxcon": { - "resource": "dxcon", - "arn": "arn:${Partition}:directconnect:${Region}:${Account}:dxcon/${ConnectionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dxlag": { - "resource": "dxlag", - "arn": "arn:${Partition}:directconnect:${Region}:${Account}:dxlag/${LagId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dxvif": { - "resource": "dxvif", - "arn": "arn:${Partition}:directconnect:${Region}:${Account}:dxvif/${VirtualInterfaceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dx-gateway": { - "resource": "dx-gateway", - "arn": "arn:${Partition}:directconnect::${Account}:dx-gateway/${DirectConnectGatewayId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by actions based on the presence of tag keys in the request", - "type": "String" - } - } - }, - "ds": { - "service_name": "AWS Directory Service", - "prefix": "ds", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdirectoryservice.html", - "privileges": { - "AcceptSharedDirectory": { - "privilege": "AcceptSharedDirectory", - "description": "Grants permission to accept a directory sharing request that was sent from the directory owner account", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AcceptSharedDirectory.html" - }, - "AddIpRoutes": { - "privilege": "AddIpRoutes", - "description": "Grants permission to add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:DescribeSecurityGroups" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddIpRoutes.html" - }, - "AddRegion": { - "privilege": "AddRegion", - "description": "Grants permission to add two domain controllers in the specified Region for the specified directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddRegion.html" - }, - "AddTagsToResource": { - "privilege": "AddTagsToResource", - "description": "Grants permission to add or overwrite one or more tags for the specified Amazon Directory Services directory", - "access_level": "Tagging", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddTagsToResource.html" - }, - "AuthorizeApplication": { - "privilege": "AuthorizeApplication", - "description": "Grants permission to authorize an application for your AWS Directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "CancelSchemaExtension": { - "privilege": "CancelSchemaExtension", - "description": "Grants permission to cancel an in-progress schema extension to a Microsoft AD directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CancelSchemaExtension.html" - }, - "CheckAlias": { - "privilege": "CheckAlias", - "description": "Grants permission to verify that the alias is available for use", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ConnectDirectory": { - "privilege": "ConnectDirectory", - "description": "Grants permission to create an AD Connector to connect to an on-premises directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:CreateNetworkInterface", - "ec2:CreateSecurityGroup", - "ec2:CreateTags", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ConnectDirectory.html" - }, - "CreateAlias": { - "privilege": "CreateAlias", - "description": "Grants permission to create an alias for a directory and assigns the alias to the directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateAlias.html" - }, - "CreateComputer": { - "privilege": "CreateComputer", - "description": "Grants permission to create a computer account in the specified directory, and joins the computer to the directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateComputer.html" - }, - "CreateConditionalForwarder": { - "privilege": "CreateConditionalForwarder", - "description": "Grants permission to create a conditional forwarder associated with your AWS directory", - "access_level": "Permissions management", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateConditionalForwarder.html" - }, - "CreateDirectory": { - "privilege": "CreateDirectory", - "description": "Grants permission to create a Simple AD directory", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:CreateNetworkInterface", - "ec2:CreateSecurityGroup", - "ec2:CreateTags", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html" - }, - "CreateIdentityPoolDirectory": { - "privilege": "CreateIdentityPoolDirectory", - "description": "Grants permission to create an IdentityPool Directory in the AWS cloud", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "CreateLogSubscription": { - "privilege": "CreateLogSubscription", - "description": "Grants permission to create a subscription to forward real time Directory Service domain controller security logs to the specified CloudWatch log group in your AWS account", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateLogSubscription.html" - }, - "CreateMicrosoftAD": { - "privilege": "CreateMicrosoftAD", - "description": "Grants permission to create a Microsoft AD in the AWS cloud", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:CreateNetworkInterface", - "ec2:CreateSecurityGroup", - "ec2:CreateTags", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateMicrosoftAD.html" - }, - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to create a snapshot of a Simple AD or Microsoft AD directory in the AWS cloud", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateSnapshot.html" - }, - "CreateTrust": { - "privilege": "CreateTrust", - "description": "Grants permission to initiate the creation of the AWS side of a trust relationship between a Microsoft AD in the AWS cloud and an external domain", - "access_level": "Permissions management", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateTrust.html" - }, - "DeleteConditionalForwarder": { - "privilege": "DeleteConditionalForwarder", - "description": "Grants permission to delete a conditional forwarder that has been set up for your AWS directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteConditionalForwarder.html" - }, - "DeleteDirectory": { - "privilege": "DeleteDirectory", - "description": "Grants permission to delete an AWS Directory Service directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteNetworkInterface", - "ec2:DeleteSecurityGroup", - "ec2:DescribeNetworkInterfaces", - "ec2:RevokeSecurityGroupEgress", - "ec2:RevokeSecurityGroupIngress" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteDirectory.html" - }, - "DeleteLogSubscription": { - "privilege": "DeleteLogSubscription", - "description": "Grants permission to delete the specified log subscription", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteLogSubscription.html" - }, - "DeleteSnapshot": { - "privilege": "DeleteSnapshot", - "description": "Grants permission to delete a directory snapshot", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteSnapshot.html" - }, - "DeleteTrust": { - "privilege": "DeleteTrust", - "description": "Grants permission to delete an existing trust relationship between your Microsoft AD in the AWS cloud and an external domain", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/DeleteTrust.html" - }, - "DeregisterCertificate": { - "privilege": "DeregisterCertificate", - "description": "Grants permission to delete from the system the certificate that was registered for a secured LDAP connection", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeregisterCertificate.html" - }, - "DeregisterEventTopic": { - "privilege": "DeregisterEventTopic", - "description": "Grants permission to remove the specified directory as a publisher to the specified SNS topic", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeregisterEventTopic.html" - }, - "DescribeCertificate": { - "privilege": "DescribeCertificate", - "description": "Grants permission to display information about the certificate registered for a secured LDAP connection", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeCertificate.html" - }, - "DescribeClientAuthenticationSettings": { - "privilege": "DescribeClientAuthenticationSettings", - "description": "Grants permission to retrieve information about the type of client authentication for the specified directory, if the type is specified. If no type is specified, information about all client authentication types that are supported for the specified directory is retrieved. Currently, only SmartCard is supported", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeClientAuthenticationSettings.html" - }, - "DescribeConditionalForwarders": { - "privilege": "DescribeConditionalForwarders", - "description": "Grants permission to obtain information about the conditional forwarders for this account", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeConditionalForwarders.html" - }, - "DescribeDirectories": { - "privilege": "DescribeDirectories", - "description": "Grants permission to obtain information about the directories that belong to this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDirectories.html" - }, - "DescribeDomainControllers": { - "privilege": "DescribeDomainControllers", - "description": "Grants permission to provide information about any domain controllers in your directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDomainControllers.html" - }, - "DescribeEventTopics": { - "privilege": "DescribeEventTopics", - "description": "Grants permission to obtain information about which SNS topics receive status messages from the specified directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeEventTopics.html" - }, - "DescribeLDAPSSettings": { - "privilege": "DescribeLDAPSSettings", - "description": "Grants permission to describe the status of LDAP security for the specified directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeLDAPSSettings.html" - }, - "DescribeRegions": { - "privilege": "DescribeRegions", - "description": "Grants permission to provide information about the Regions that are configured for multi-Region replication", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeRegions.html" - }, - "DescribeSettings": { - "privilege": "DescribeSettings", - "description": "Grants permission to retrieve information about the configurable settings for the specified directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSettings.html" - }, - "DescribeSharedDirectories": { - "privilege": "DescribeSharedDirectories", - "description": "Grants permission to return the shared directories in your account", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSharedDirectories.html" - }, - "DescribeSnapshots": { - "privilege": "DescribeSnapshots", - "description": "Grants permission to obtain information about the directory snapshots that belong to this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSnapshots.html" - }, - "DescribeTrusts": { - "privilege": "DescribeTrusts", - "description": "Grants permission to obtain information about the trust relationships for this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeTrusts.html" - }, - "DescribeUpdateDirectory": { - "privilege": "DescribeUpdateDirectory", - "description": "Grants permission to describe the updates of a directory for a particular update type", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeUpdateDirectory.html" - }, - "DisableClientAuthentication": { - "privilege": "DisableClientAuthentication", - "description": "Grants permission to disable alternative client authentication methods for the specified directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableClientAuthentication.html" - }, - "DisableLDAPS": { - "privilege": "DisableLDAPS", - "description": "Grants permission to deactivate LDAP secure calls for the specified directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableLDAPS.html" - }, - "DisableRadius": { - "privilege": "DisableRadius", - "description": "Grants permission to disable multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableRadius.html" - }, - "DisableSso": { - "privilege": "DisableSso", - "description": "Grants permission to disable single-sign on for a directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableSso.html" - }, - "EnableClientAuthentication": { - "privilege": "EnableClientAuthentication", - "description": "Grants permission to enable alternative client authentication methods for the specified directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableClientAuthentication.html" - }, - "EnableLDAPS": { - "privilege": "EnableLDAPS", - "description": "Grants permission to activate the switch for the specific directory to always use LDAP secure calls", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableLDAPS.html" - }, - "EnableRadius": { - "privilege": "EnableRadius", - "description": "Grants permission to enable multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableRadius.html" - }, - "EnableSso": { - "privilege": "EnableSso", - "description": "Grants permission to enable single-sign on for a directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableSso.html" - }, - "GetAuthorizedApplicationDetails": { - "privilege": "GetAuthorizedApplicationDetails", - "description": "Grants permission to retrieve the details of the authorized applications on a directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_GetAuthorizedApplicationDetails.html" - }, - "GetDirectoryLimits": { - "privilege": "GetDirectoryLimits", - "description": "Grants permission to obtain directory limit information for the current region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_GetDirectoryLimits.html" - }, - "GetSnapshotLimits": { - "privilege": "GetSnapshotLimits", - "description": "Grants permission to obtain the manual snapshot limits for a directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_GetSnapshotLimits.html" - }, - "ListAuthorizedApplications": { - "privilege": "ListAuthorizedApplications", - "description": "Grants permission to obtain the AWS applications authorized for a directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListCertificates": { - "privilege": "ListCertificates", - "description": "Grants permission to list all the certificates registered for a secured LDAP connection, for the specified directory", - "access_level": "List", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListCertificates.html" - }, - "ListIpRoutes": { - "privilege": "ListIpRoutes", - "description": "Grants permission to list the address blocks that you have added to a directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListIpRoutes.html" - }, - "ListLogSubscriptions": { - "privilege": "ListLogSubscriptions", - "description": "Grants permission to list the active log subscriptions for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListLogSubscriptions.html" - }, - "ListSchemaExtensions": { - "privilege": "ListSchemaExtensions", - "description": "Grants permission to list all schema extensions applied to a Microsoft AD Directory", - "access_level": "List", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListSchemaExtensions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags on an Amazon Directory Services directory", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListTagsForResource.html" - }, - "RegisterCertificate": { - "privilege": "RegisterCertificate", - "description": "Grants permission to register a certificate for secured LDAP connection", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RegisterCertificate.html" - }, - "RegisterEventTopic": { - "privilege": "RegisterEventTopic", - "description": "Grants permission to associate a directory with an SNS topic", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sns:GetTopicAttributes" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RegisterEventTopic.html" - }, - "RejectSharedDirectory": { - "privilege": "RejectSharedDirectory", - "description": "Grants permission to reject a directory sharing request that was sent from the directory owner account", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RejectSharedDirectory.html" - }, - "RemoveIpRoutes": { - "privilege": "RemoveIpRoutes", - "description": "Grants permission to remove IP address blocks from a directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveIpRoutes.html" - }, - "RemoveRegion": { - "privilege": "RemoveRegion", - "description": "Grants permission to stop all replication and removes the domain controllers from the specified Region. You cannot remove the primary Region with this operation", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveRegion.html" - }, - "RemoveTagsFromResource": { - "privilege": "RemoveTagsFromResource", - "description": "Grants permission to remove tags from an Amazon Directory Services directory", - "access_level": "Tagging", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:DeleteTags" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveTagsFromResource.html" - }, - "ResetUserPassword": { - "privilege": "ResetUserPassword", - "description": "Grants permission to reset the password for any user in your AWS Managed Microsoft AD or Simple AD directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html" - }, - "RestoreFromSnapshot": { - "privilege": "RestoreFromSnapshot", - "description": "Grants permission to restore a directory using an existing directory snapshot", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RestoreFromSnapshot.html" - }, - "ShareDirectory": { - "privilege": "ShareDirectory", - "description": "Grants permission to share a specified directory in your AWS account (directory owner) with another AWS account (directory consumer). With this operation you can use your directory from any AWS account and from any Amazon VPC within an AWS Region", - "access_level": "Permissions management", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ShareDirectory.html" - }, - "StartSchemaExtension": { - "privilege": "StartSchemaExtension", - "description": "Grants permission to apply a schema extension to a Microsoft AD directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_StartSchemaExtension.html" - }, - "UnauthorizeApplication": { - "privilege": "UnauthorizeApplication", - "description": "Grants permission to unauthorize an application from your AWS Directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "UnshareDirectory": { - "privilege": "UnshareDirectory", - "description": "Grants permission to stop the directory sharing between the directory owner and consumer accounts", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UnshareDirectory.html" - }, - "UpdateConditionalForwarder": { - "privilege": "UpdateConditionalForwarder", - "description": "Grants permission to update a conditional forwarder that has been set up for your AWS directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateConditionalForwarder.html" - }, - "UpdateDirectorySetup": { - "privilege": "UpdateDirectorySetup", - "description": "Grants permission to update the directory for a particular update type", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateDirectorySetup.html" - }, - "UpdateNumberOfDomainControllers": { - "privilege": "UpdateNumberOfDomainControllers", - "description": "Grants permission to add or remove domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateNumberOfDomainControllers.html" - }, - "UpdateRadius": { - "privilege": "UpdateRadius", - "description": "Grants permission to update the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateRadius.html" - }, - "UpdateSettings": { - "privilege": "UpdateSettings", - "description": "Grants permission to update the configurable settings for the specified directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateSettings.html" - }, - "UpdateTrust": { - "privilege": "UpdateTrust", - "description": "Grants permission to update the trust that has been set up between your AWS Managed Microsoft AD directory and an on-premises Active Directory", - "access_level": "Write", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateTrust.html" - }, - "VerifyTrust": { - "privilege": "VerifyTrust", - "description": "Grants permission to verify a trust relationship between your Microsoft AD in the AWS cloud and an external domain", - "access_level": "Read", - "resource_types": { - "directory": { - "resource_type": "directory", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_VerifyTrust.html" - } - }, - "resources": { - "directory": { - "resource": "directory", - "arn": "arn:${Partition}:ds:${Region}:${Account}:directory/${DirectoryId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the value of the request to AWS DS", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the AWS DS Resource being acted upon", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "elasticbeanstalk": { - "service_name": "AWS Elastic Beanstalk", - "prefix": "elasticbeanstalk", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticbeanstalk.html", - "privileges": { - "AbortEnvironmentUpdate": { - "privilege": "AbortEnvironmentUpdate", - "description": "Grants permission to cancel in-progress environment configuration update or application version deployment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_AbortEnvironmentUpdate.html" - }, - "AddTags": { - "privilege": "AddTags", - "description": "Grants permission to add tags to an Elastic Beanstalk resource and to update tag values", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "applicationversion": { - "resource_type": "applicationversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "platform": { - "resource_type": "platform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateTagsForResource.html" - }, - "ApplyEnvironmentManagedAction": { - "privilege": "ApplyEnvironmentManagedAction", - "description": "Grants permission to apply a scheduled managed action immediately", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ApplyEnvironmentManagedAction.html" - }, - "AssociateEnvironmentOperationsRole": { - "privilege": "AssociateEnvironmentOperationsRole", - "description": "Grants permission to associate an operations role with an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_AssociateEnvironmentOperationsRole.html" - }, - "CheckDNSAvailability": { - "privilege": "CheckDNSAvailability", - "description": "Grants permission to check CNAME availability", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CheckDNSAvailability.html" - }, - "ComposeEnvironments": { - "privilege": "ComposeEnvironments", - "description": "Grants permission to create or update a group of environments, each running a separate component of a single application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "applicationversion": { - "resource_type": "applicationversion", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ComposeEnvironments.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create a new application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateApplication.html" - }, - "CreateApplicationVersion": { - "privilege": "CreateApplicationVersion", - "description": "Grants permission to create an application version for an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "applicationversion": { - "resource_type": "applicationversion", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateApplicationVersion.html" - }, - "CreateConfigurationTemplate": { - "privilege": "CreateConfigurationTemplate", - "description": "Grants permission to create a configuration template", - "access_level": "Write", - "resource_types": { - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticbeanstalk:FromApplication", - "elasticbeanstalk:FromApplicationVersion", - "elasticbeanstalk:FromConfigurationTemplate", - "elasticbeanstalk:FromEnvironment", - "elasticbeanstalk:FromSolutionStack", - "elasticbeanstalk:FromPlatform", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateConfigurationTemplate.html" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to launch an environment for an application", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticbeanstalk:FromApplicationVersion", - "elasticbeanstalk:FromConfigurationTemplate", - "elasticbeanstalk:FromSolutionStack", - "elasticbeanstalk:FromPlatform", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateEnvironment.html" - }, - "CreatePlatformVersion": { - "privilege": "CreatePlatformVersion", - "description": "Grants permission to create a new version of a custom platform", - "access_level": "Write", - "resource_types": { - "platform": { - "resource_type": "platform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreatePlatformVersion.html" - }, - "CreateStorageLocation": { - "privilege": "CreateStorageLocation", - "description": "Grants permission to create the Amazon S3 storage location for the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateStorageLocation.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application along with all associated versions and configurations", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteApplication.html" - }, - "DeleteApplicationVersion": { - "privilege": "DeleteApplicationVersion", - "description": "Grants permission to delete an application version from an application", - "access_level": "Write", - "resource_types": { - "applicationversion": { - "resource_type": "applicationversion", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteApplicationVersion.html" - }, - "DeleteConfigurationTemplate": { - "privilege": "DeleteConfigurationTemplate", - "description": "Grants permission to delete a configuration template", - "access_level": "Write", - "resource_types": { - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteConfigurationTemplate.html" - }, - "DeleteEnvironmentConfiguration": { - "privilege": "DeleteEnvironmentConfiguration", - "description": "Grants permission to delete the draft configuration associated with the running environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteEnvironmentConfiguration.html" - }, - "DeletePlatformVersion": { - "privilege": "DeletePlatformVersion", - "description": "Grants permission to delete a version of a custom platform", - "access_level": "Write", - "resource_types": { - "platform": { - "resource_type": "platform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeletePlatformVersion.html" - }, - "DescribeAccountAttributes": { - "privilege": "DescribeAccountAttributes", - "description": "Grants permission to retrieve a list of account attributes, including resource quotas", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeAccountAttributes.html" - }, - "DescribeApplicationVersions": { - "privilege": "DescribeApplicationVersions", - "description": "Grants permission to retrieve a list of application versions stored in an AWS Elastic Beanstalk storage bucket", - "access_level": "List", - "resource_types": { - "applicationversion": { - "resource_type": "applicationversion", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeApplicationVersions.html" - }, - "DescribeApplications": { - "privilege": "DescribeApplications", - "description": "Grants permission to retrieve the descriptions of existing applications", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeApplications.html" - }, - "DescribeConfigurationOptions": { - "privilege": "DescribeConfigurationOptions", - "description": "Grants permission to retrieve descriptions of environment configuration options", - "access_level": "Read", - "resource_types": { - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "solutionstack": { - "resource_type": "solutionstack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeConfigurationOptions.html" - }, - "DescribeConfigurationSettings": { - "privilege": "DescribeConfigurationSettings", - "description": "Grants permission to retrieve a description of the settings for a configuration set", - "access_level": "Read", - "resource_types": { - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeConfigurationSettings.html" - }, - "DescribeEnvironmentHealth": { - "privilege": "DescribeEnvironmentHealth", - "description": "Grants permission to retrieve information about the overall health of an environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentHealth.html" - }, - "DescribeEnvironmentManagedActionHistory": { - "privilege": "DescribeEnvironmentManagedActionHistory", - "description": "Grants permission to retrieve a list of an environment's completed and failed managed actions", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentManagedActionHistory.html" - }, - "DescribeEnvironmentManagedActions": { - "privilege": "DescribeEnvironmentManagedActions", - "description": "Grants permission to retrieve a list of an environment's upcoming and in-progress managed actions", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentManagedActions.html" - }, - "DescribeEnvironmentResources": { - "privilege": "DescribeEnvironmentResources", - "description": "Grants permission to retrieve a list of AWS resources for an environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentResources.html" - }, - "DescribeEnvironments": { - "privilege": "DescribeEnvironments", - "description": "Grants permission to retrieve descriptions for existing environments", - "access_level": "List", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to retrieve a list of event descriptions matching a set of criteria", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "applicationversion": { - "resource_type": "applicationversion", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEvents.html" - }, - "DescribeInstancesHealth": { - "privilege": "DescribeInstancesHealth", - "description": "Grants permission to retrieve more detailed information about the health of environment instances", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeInstancesHealth.html" - }, - "DescribePlatformVersion": { - "privilege": "DescribePlatformVersion", - "description": "Grants permission to retrieve a description of a platform version", - "access_level": "Read", - "resource_types": { - "platform": { - "resource_type": "platform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribePlatformVersion.html" - }, - "DisassociateEnvironmentOperationsRole": { - "privilege": "DisassociateEnvironmentOperationsRole", - "description": "Grants permission to disassociate an operations role with an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DisassociateEnvironmentOperationsRole.html" - }, - "ListAvailableSolutionStacks": { - "privilege": "ListAvailableSolutionStacks", - "description": "Grants permission to retrieve a list of the available solution stack names", - "access_level": "List", - "resource_types": { - "solutionstack": { - "resource_type": "solutionstack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html" - }, - "ListPlatformBranches": { - "privilege": "ListPlatformBranches", - "description": "Grants permission to retrieve a list of the available platform branches", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListPlatformBranches.html" - }, - "ListPlatformVersions": { - "privilege": "ListPlatformVersions", - "description": "Grants permission to retrieve a list of the available platforms", - "access_level": "List", - "resource_types": { - "platform": { - "resource_type": "platform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListPlatformVersions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of tags of an Elastic Beanstalk resource", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "applicationversion": { - "resource_type": "applicationversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "platform": { - "resource_type": "platform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListTagsForResource.html" - }, - "PutInstanceStatistics": { - "privilege": "PutInstanceStatistics", - "description": "Grants permission to submit instance statistics for enhanced health", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/health-enhanced.html#health-enhanced-authz" - }, - "RebuildEnvironment": { - "privilege": "RebuildEnvironment", - "description": "Grants permission to delete and recreate all of the AWS resources for an environment and to force a restart", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RebuildEnvironment.html" - }, - "RemoveTags": { - "privilege": "RemoveTags", - "description": "Grants permission to remove tags from an Elastic Beanstalk resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "applicationversion": { - "resource_type": "applicationversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "platform": { - "resource_type": "platform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateTagsForResource.html" - }, - "RequestEnvironmentInfo": { - "privilege": "RequestEnvironmentInfo", - "description": "Grants permission to initiate a request to compile information of the deployed environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RequestEnvironmentInfo.html" - }, - "RestartAppServer": { - "privilege": "RestartAppServer", - "description": "Grants permission to request an environment to restart the application container server running on each Amazon EC2 instance", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RestartAppServer.html" - }, - "RetrieveEnvironmentInfo": { - "privilege": "RetrieveEnvironmentInfo", - "description": "Grants permission to retrieve the compiled information from a RequestEnvironmentInfo request", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RetrieveEnvironmentInfo.html" - }, - "SwapEnvironmentCNAMEs": { - "privilege": "SwapEnvironmentCNAMEs", - "description": "Grants permission to swap the CNAMEs of two environments", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticbeanstalk:FromEnvironment" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_SwapEnvironmentCNAMEs.html" - }, - "TerminateEnvironment": { - "privilege": "TerminateEnvironment", - "description": "Grants permission to terminate an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_TerminateEnvironment.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update an application with specified properties", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateApplication.html" - }, - "UpdateApplicationResourceLifecycle": { - "privilege": "UpdateApplicationResourceLifecycle", - "description": "Grants permission to update the application version lifecycle policy associated with the application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateApplicationResourceLifecycle.html" - }, - "UpdateApplicationVersion": { - "privilege": "UpdateApplicationVersion", - "description": "Grants permission to update an application version with specified properties", - "access_level": "Write", - "resource_types": { - "applicationversion": { - "resource_type": "applicationversion", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateApplicationVersion.html" - }, - "UpdateConfigurationTemplate": { - "privilege": "UpdateConfigurationTemplate", - "description": "Grants permission to update a configuration template with specified properties or configuration option values", - "access_level": "Write", - "resource_types": { - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticbeanstalk:FromApplication", - "elasticbeanstalk:FromApplicationVersion", - "elasticbeanstalk:FromConfigurationTemplate", - "elasticbeanstalk:FromEnvironment", - "elasticbeanstalk:FromSolutionStack", - "elasticbeanstalk:FromPlatform" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateConfigurationTemplate.html" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to update an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "elasticbeanstalk:FromApplicationVersion", - "elasticbeanstalk:FromConfigurationTemplate", - "elasticbeanstalk:FromSolutionStack", - "elasticbeanstalk:FromPlatform" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateEnvironment.html" - }, - "UpdateTagsForResource": { - "privilege": "UpdateTagsForResource", - "description": "Grants permission to add tags to an Elastic Beanstalk resource, remove tags, and to update tag values", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "applicationversion": { - "resource_type": "applicationversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "platform": { - "resource_type": "platform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateTagsForResource.html" - }, - "ValidateConfigurationSettings": { - "privilege": "ValidateConfigurationSettings", - "description": "Grants permission to check the validity of a set of configuration settings for a configuration template or an environment", - "access_level": "Read", - "resource_types": { - "configurationtemplate": { - "resource_type": "configurationtemplate", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [ - "elasticbeanstalk:InApplication" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ValidateConfigurationSettings.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:application/${ApplicationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "applicationversion": { - "resource": "applicationversion", - "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:applicationversion/${ApplicationName}/${VersionLabel}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticbeanstalk:InApplication" - ] - }, - "configurationtemplate": { - "resource": "configurationtemplate", - "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:configurationtemplate/${ApplicationName}/${TemplateName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticbeanstalk:InApplication" - ] - }, - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:environment/${ApplicationName}/${EnvironmentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticbeanstalk:InApplication" - ] - }, - "solutionstack": { - "resource": "solutionstack", - "arn": "arn:${Partition}:elasticbeanstalk:${Region}::solutionstack/${SolutionStackName}", - "condition_keys": [] - }, - "platform": { - "resource": "platform", - "arn": "arn:${Partition}:elasticbeanstalk:${Region}::platform/${PlatformNameWithVersion}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "elasticbeanstalk:FromApplication": { - "condition": "elasticbeanstalk:FromApplication", - "description": "Filters access by an application as a dependency or a constraint on an input parameter", - "type": "ARN" - }, - "elasticbeanstalk:FromApplicationVersion": { - "condition": "elasticbeanstalk:FromApplicationVersion", - "description": "Filters access by an application version as a dependency or a constraint on an input parameter", - "type": "ARN" - }, - "elasticbeanstalk:FromConfigurationTemplate": { - "condition": "elasticbeanstalk:FromConfigurationTemplate", - "description": "Filters access by a configuration template as a dependency or a constraint on an input parameter", - "type": "ARN" - }, - "elasticbeanstalk:FromEnvironment": { - "condition": "elasticbeanstalk:FromEnvironment", - "description": "Filters access by an environment as a dependency or a constraint on an input parameter", - "type": "ARN" - }, - "elasticbeanstalk:FromPlatform": { - "condition": "elasticbeanstalk:FromPlatform", - "description": "Filters access by a platform as a dependency or a constraint on an input parameter", - "type": "ARN" - }, - "elasticbeanstalk:FromSolutionStack": { - "condition": "elasticbeanstalk:FromSolutionStack", - "description": "Filters access by a solution stack as a dependency or a constraint on an input parameter", - "type": "ARN" - }, - "elasticbeanstalk:InApplication": { - "condition": "elasticbeanstalk:InApplication", - "description": "Filters access by the application that contains the resource that the action operates on", - "type": "ARN" - } - } - }, - "drs": { - "service_name": "AWS Elastic Disaster Recovery", - "prefix": "drs", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticdisasterrecovery.html", - "privileges": { - "AssociateFailbackClientToRecoveryInstanceForDrs": { - "privilege": "AssociateFailbackClientToRecoveryInstanceForDrs", - "description": "Grants permission to get associate failback client to recovery instance", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "AssociateSourceNetworkStack": { - "privilege": "AssociateSourceNetworkStack", - "description": "Grants permission to associate CloudFormation stack with source network", - "access_level": "Write", - "resource_types": { - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStackResource", - "cloudformation:DescribeStacks", - "drs:GetLaunchConfiguration", - "ec2:CreateLaunchTemplateVersion", - "ec2:DescribeLaunchTemplateVersions", - "ec2:DescribeLaunchTemplates", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "ec2:ModifyLaunchTemplate" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_AssociateSourceNetworkStack.html" - }, - "BatchCreateVolumeSnapshotGroupForDrs": { - "privilege": "BatchCreateVolumeSnapshotGroupForDrs", - "description": "Grants permission to batch create volume snapshot group", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "BatchDeleteSnapshotRequestForDrs": { - "privilege": "BatchDeleteSnapshotRequestForDrs", - "description": "Grants permission to batch delete snapshot request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "CreateConvertedSnapshotForDrs": { - "privilege": "CreateConvertedSnapshotForDrs", - "description": "Grants permission to create converted snapshot", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "CreateExtendedSourceServer": { - "privilege": "CreateExtendedSourceServer", - "description": "Grants permission to extend a source server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "drs:DescribeSourceServers", - "drs:GetReplicationConfiguration" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateExtendedSourceServer.html" - }, - "CreateLaunchConfigurationTemplate": { - "privilege": "CreateLaunchConfigurationTemplate", - "description": "Grants permission to create launch configuration template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateLaunchConfigurationTemplate.html" - }, - "CreateRecoveryInstanceForDrs": { - "privilege": "CreateRecoveryInstanceForDrs", - "description": "Grants permission to create recovery instance", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "CreateReplicationConfigurationTemplate": { - "privilege": "CreateReplicationConfigurationTemplate", - "description": "Grants permission to create replication configuration template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:CreateSecurityGroup", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:GetEbsDefaultKmsKeyId", - "ec2:GetEbsEncryptionByDefault", - "kms:CreateGrant", - "kms:DescribeKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateReplicationConfigurationTemplate.html" - }, - "CreateSourceNetwork": { - "privilege": "CreateSourceNetwork", - "description": "Grants permission to create a source network", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:DescribeInstances", - "ec2:DescribeVpcs" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateSourceNetwork.html" - }, - "CreateSourceServerForDrs": { - "privilege": "CreateSourceServerForDrs", - "description": "Grants permission to create a source server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "DeleteJob": { - "privilege": "DeleteJob", - "description": "Grants permission to delete a job", - "access_level": "Write", - "resource_types": { - "JobResource": { - "resource_type": "JobResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteJob.html" - }, - "DeleteLaunchConfigurationTemplate": { - "privilege": "DeleteLaunchConfigurationTemplate", - "description": "Grants permission to delete launch configuration template", - "access_level": "Write", - "resource_types": { - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteLaunchConfigurationTemplate.html" - }, - "DeleteRecoveryInstance": { - "privilege": "DeleteRecoveryInstance", - "description": "Grants permission to delete recovery instance", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteRecoveryInstance.html" - }, - "DeleteReplicationConfigurationTemplate": { - "privilege": "DeleteReplicationConfigurationTemplate", - "description": "Grants permission to delete replication configuration template", - "access_level": "Write", - "resource_types": { - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteReplicationConfigurationTemplate.html" - }, - "DeleteSourceNetwork": { - "privilege": "DeleteSourceNetwork", - "description": "Grants permission to delete source network", - "access_level": "Write", - "resource_types": { - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteSourceNetwork.html" - }, - "DeleteSourceServer": { - "privilege": "DeleteSourceServer", - "description": "Grants permission to delete source server", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteSourceServer.html" - }, - "DescribeJobLogItems": { - "privilege": "DescribeJobLogItems", - "description": "Grants permission to describe job log items", - "access_level": "Read", - "resource_types": { - "JobResource": { - "resource_type": "JobResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeJobLogItems.html" - }, - "DescribeJobs": { - "privilege": "DescribeJobs", - "description": "Grants permission to describe jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeJobs.html" - }, - "DescribeLaunchConfigurationTemplates": { - "privilege": "DescribeLaunchConfigurationTemplates", - "description": "Grants permission to describe launch configuration template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeLaunchConfigurationTemplates.html" - }, - "DescribeRecoveryInstances": { - "privilege": "DescribeRecoveryInstances", - "description": "Grants permission to describe recovery instances", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "drs:DescribeSourceServers", - "ec2:DescribeInstances" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeRecoveryInstances.html" - }, - "DescribeRecoverySnapshots": { - "privilege": "DescribeRecoverySnapshots", - "description": "Grants permission to describe recovery snapshots", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeRecoverySnapshots.html" - }, - "DescribeReplicationConfigurationTemplates": { - "privilege": "DescribeReplicationConfigurationTemplates", - "description": "Grants permission to describe replication configuration template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeReplicationConfigurationTemplates.html" - }, - "DescribeReplicationServerAssociationsForDrs": { - "privilege": "DescribeReplicationServerAssociationsForDrs", - "description": "Grants permission to describe replication server associations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "DescribeSnapshotRequestsForDrs": { - "privilege": "DescribeSnapshotRequestsForDrs", - "description": "Grants permission to describe snapshot requests", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "DescribeSourceNetworks": { - "privilege": "DescribeSourceNetworks", - "description": "Grants permission to describe source networks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeSourceNetworks.html" - }, - "DescribeSourceServers": { - "privilege": "DescribeSourceServers", - "description": "Grants permission to describe source servers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeSourceServers.html" - }, - "DisconnectRecoveryInstance": { - "privilege": "DisconnectRecoveryInstance", - "description": "Grants permission to disconnect recovery instance", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DisconnectRecoveryInstance.html" - }, - "DisconnectSourceServer": { - "privilege": "DisconnectSourceServer", - "description": "Grants permission to disconnect source server", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DisconnectSourceServer.html" - }, - "ExportSourceNetworkCfnTemplate": { - "privilege": "ExportSourceNetworkCfnTemplate", - "description": "Grants permission to export CloudFormation template which contains source network resources", - "access_level": "Write", - "resource_types": { - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetBucketLocation", - "s3:GetObject", - "s3:PutObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ExportSourceNetworkCfnTemplate.html" - }, - "GetAgentCommandForDrs": { - "privilege": "GetAgentCommandForDrs", - "description": "Grants permission to get agent command", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetAgentConfirmedResumeInfoForDrs": { - "privilege": "GetAgentConfirmedResumeInfoForDrs", - "description": "Grants permission to get agent confirmed resume info", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetAgentInstallationAssetsForDrs": { - "privilege": "GetAgentInstallationAssetsForDrs", - "description": "Grants permission to get agent installation assets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetAgentReplicationInfoForDrs": { - "privilege": "GetAgentReplicationInfoForDrs", - "description": "Grants permission to get agent replication info", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetAgentRuntimeConfigurationForDrs": { - "privilege": "GetAgentRuntimeConfigurationForDrs", - "description": "Grants permission to get agent runtime configuration", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetAgentSnapshotCreditsForDrs": { - "privilege": "GetAgentSnapshotCreditsForDrs", - "description": "Grants permission to get agent snapshot credits", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetChannelCommandsForDrs": { - "privilege": "GetChannelCommandsForDrs", - "description": "Grants permission to get channel commands", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetFailbackCommandForDrs": { - "privilege": "GetFailbackCommandForDrs", - "description": "Grants permission to get failback command", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetFailbackLaunchRequestedForDrs": { - "privilege": "GetFailbackLaunchRequestedForDrs", - "description": "Grants permission to get failback launch requested", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "GetFailbackReplicationConfiguration": { - "privilege": "GetFailbackReplicationConfiguration", - "description": "Grants permission to get failback replication configuration", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_GetFailbackReplicationConfiguration.html" - }, - "GetLaunchConfiguration": { - "privilege": "GetLaunchConfiguration", - "description": "Grants permission to get launch configuration", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_GetLaunchConfiguration.html" - }, - "GetReplicationConfiguration": { - "privilege": "GetReplicationConfiguration", - "description": "Grants permission to get replication configuration", - "access_level": "Read", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_GetReplicationConfiguration.html" - }, - "GetSuggestedFailbackClientDeviceMappingForDrs": { - "privilege": "GetSuggestedFailbackClientDeviceMappingForDrs", - "description": "Grants permission to get suggested failback client device mapping", - "access_level": "Read", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "InitializeService": { - "privilege": "InitializeService", - "description": "Grants permission to initialize service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:AddRoleToInstanceProfile", - "iam:CreateInstanceProfile", - "iam:CreateServiceLinkedRole", - "iam:GetInstanceProfile" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_InitializeService.html" - }, - "IssueAgentCertificateForDrs": { - "privilege": "IssueAgentCertificateForDrs", - "description": "Grants permission to issue an agent certificate", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "ListExtensibleSourceServers": { - "privilege": "ListExtensibleSourceServers", - "description": "Grants permission to list extensible source servers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "drs:DescribeSourceServers" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ListExtensibleSourceServers.html" - }, - "ListStagingAccounts": { - "privilege": "ListStagingAccounts", - "description": "Grants permission to list staging accounts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ListStagingAccounts.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ListTagsForResource.html" - }, - "NotifyAgentAuthenticationForDrs": { - "privilege": "NotifyAgentAuthenticationForDrs", - "description": "Grants permission to notify agent authentication", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "NotifyAgentConnectedForDrs": { - "privilege": "NotifyAgentConnectedForDrs", - "description": "Grants permission to notify agent is connected", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "NotifyAgentDisconnectedForDrs": { - "privilege": "NotifyAgentDisconnectedForDrs", - "description": "Grants permission to notify agent is disconnected", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "NotifyAgentReplicationProgressForDrs": { - "privilege": "NotifyAgentReplicationProgressForDrs", - "description": "Grants permission to notify agent replication progress", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "NotifyConsistencyAttainedForDrs": { - "privilege": "NotifyConsistencyAttainedForDrs", - "description": "Grants permission to notify consistency attained", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "NotifyReplicationServerAuthenticationForDrs": { - "privilege": "NotifyReplicationServerAuthenticationForDrs", - "description": "Grants permission to notify replication server authentication", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "NotifyVolumeEventForDrs": { - "privilege": "NotifyVolumeEventForDrs", - "description": "Grants permission to notify replicator volume events", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "RetryDataReplication": { - "privilege": "RetryDataReplication", - "description": "Grants permission to retry data replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_RetryDataReplication.html" - }, - "ReverseReplication": { - "privilege": "ReverseReplication", - "description": "Grants permission to reverse replication", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "drs:DescribeReplicationConfigurationTemplates", - "drs:DescribeSourceServers", - "ec2:DescribeInstances" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ReverseReplication.html" - }, - "SendAgentLogsForDrs": { - "privilege": "SendAgentLogsForDrs", - "description": "Grants permission to send agent logs", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "SendAgentMetricsForDrs": { - "privilege": "SendAgentMetricsForDrs", - "description": "Grants permission to send agent metrics", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "SendChannelCommandResultForDrs": { - "privilege": "SendChannelCommandResultForDrs", - "description": "Grants permission to send channel command result", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "SendClientLogsForDrs": { - "privilege": "SendClientLogsForDrs", - "description": "Grants permission to send client logs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "SendClientMetricsForDrs": { - "privilege": "SendClientMetricsForDrs", - "description": "Grants permission to send client metrics", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "SendVolumeStatsForDrs": { - "privilege": "SendVolumeStatsForDrs", - "description": "Grants permission to send volume throughput statistics", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "StartFailbackLaunch": { - "privilege": "StartFailbackLaunch", - "description": "Grants permission to start failback launch", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartFailbackLaunch.html" - }, - "StartRecovery": { - "privilege": "StartRecovery", - "description": "Grants permission to start recovery", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "drs:CreateRecoveryInstanceForDrs", - "drs:ListTagsForResource", - "ec2:AttachVolume", - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:CreateLaunchTemplate", - "ec2:CreateLaunchTemplateVersion", - "ec2:CreateSnapshot", - "ec2:CreateTags", - "ec2:CreateVolume", - "ec2:DeleteLaunchTemplateVersions", - "ec2:DeleteSnapshot", - "ec2:DeleteVolume", - "ec2:DescribeAccountAttributes", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeImages", - "ec2:DescribeInstanceAttribute", - "ec2:DescribeInstanceStatus", - "ec2:DescribeInstanceTypes", - "ec2:DescribeInstances", - "ec2:DescribeLaunchTemplateVersions", - "ec2:DescribeLaunchTemplates", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSnapshots", - "ec2:DescribeSubnets", - "ec2:DescribeVolumes", - "ec2:DetachVolume", - "ec2:ModifyInstanceAttribute", - "ec2:ModifyLaunchTemplate", - "ec2:RevokeSecurityGroupEgress", - "ec2:RunInstances", - "ec2:StartInstances", - "ec2:StopInstances", - "ec2:TerminateInstances", - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartRecovery.html" - }, - "StartReplication": { - "privilege": "StartReplication", - "description": "Grants permission to start replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartReplication.html" - }, - "StartSourceNetworkRecovery": { - "privilege": "StartSourceNetworkRecovery", - "description": "Grants permission to start network recovery", - "access_level": "Write", - "resource_types": { - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:CreateStack", - "cloudformation:DescribeStackResource", - "cloudformation:DescribeStacks", - "cloudformation:UpdateStack", - "drs:GetLaunchConfiguration", - "ec2:CreateLaunchTemplateVersion", - "ec2:DescribeLaunchTemplateVersions", - "ec2:DescribeLaunchTemplates", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs", - "ec2:ModifyLaunchTemplate", - "s3:GetObject", - "s3:PutObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartSourceNetworkRecovery.html" - }, - "StartSourceNetworkReplication": { - "privilege": "StartSourceNetworkReplication", - "description": "Grants permission to start network replication", - "access_level": "Write", - "resource_types": { - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartSourceNetworkReplication.html" - }, - "StopFailback": { - "privilege": "StopFailback", - "description": "Grants permission to stop failback", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StopFailback.html" - }, - "StopReplication": { - "privilege": "StopReplication", - "description": "Grants permission to stop replication", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StopReplication.html" - }, - "StopSourceNetworkReplication": { - "privilege": "StopSourceNetworkReplication", - "description": "Grants permission to stop network replication", - "access_level": "Write", - "resource_types": { - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StopSourceNetworkReplication.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign a resource tag", - "access_level": "Tagging", - "resource_types": { - "JobResource": { - "resource_type": "JobResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "drs:CreateAction" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_TagResource.html" - }, - "TerminateRecoveryInstances": { - "privilege": "TerminateRecoveryInstances", - "description": "Grants permission to terminate recovery instances", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "drs:DescribeSourceServers", - "ec2:DeleteVolume", - "ec2:DescribeInstances", - "ec2:DescribeVolumes", - "ec2:TerminateInstances" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_TerminateRecoveryInstances.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "JobResource": { - "resource_type": "JobResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceNetworkResource": { - "resource_type": "SourceNetworkResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UntagResource.html" - }, - "UpdateAgentBacklogForDrs": { - "privilege": "UpdateAgentBacklogForDrs", - "description": "Grants permission to update agent backlog", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateAgentConversionInfoForDrs": { - "privilege": "UpdateAgentConversionInfoForDrs", - "description": "Grants permission to update agent conversion info", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateAgentReplicationInfoForDrs": { - "privilege": "UpdateAgentReplicationInfoForDrs", - "description": "Grants permission to update agent replication info", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateAgentReplicationProcessStateForDrs": { - "privilege": "UpdateAgentReplicationProcessStateForDrs", - "description": "Grants permission to update agent replication process state", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateAgentSourcePropertiesForDrs": { - "privilege": "UpdateAgentSourcePropertiesForDrs", - "description": "Grants permission to update agent source properties", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateFailbackClientDeviceMappingForDrs": { - "privilege": "UpdateFailbackClientDeviceMappingForDrs", - "description": "Grants permission to update failback client device mapping", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateFailbackClientLastSeenForDrs": { - "privilege": "UpdateFailbackClientLastSeenForDrs", - "description": "Grants permission to update failback client last seen", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateFailbackReplicationConfiguration": { - "privilege": "UpdateFailbackReplicationConfiguration", - "description": "Grants permission to update failback replication configuration", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateFailbackReplicationConfiguration.html" - }, - "UpdateLaunchConfiguration": { - "privilege": "UpdateLaunchConfiguration", - "description": "Grants permission to update launch configuration", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateLaunchConfiguration.html" - }, - "UpdateLaunchConfigurationTemplate": { - "privilege": "UpdateLaunchConfigurationTemplate", - "description": "Grants permission to update launch configuration", - "access_level": "Write", - "resource_types": { - "LaunchConfigurationTemplateResource": { - "resource_type": "LaunchConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateLaunchConfigurationTemplate.html" - }, - "UpdateReplicationCertificateForDrs": { - "privilege": "UpdateReplicationCertificateForDrs", - "description": "Grants permission to update a replication certificate", - "access_level": "Write", - "resource_types": { - "RecoveryInstanceResource": { - "resource_type": "RecoveryInstanceResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" - }, - "UpdateReplicationConfiguration": { - "privilege": "UpdateReplicationConfiguration", - "description": "Grants permission to update replication configuration", - "access_level": "Write", - "resource_types": { - "SourceServerResource": { - "resource_type": "SourceServerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateSecurityGroup", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:GetEbsDefaultKmsKeyId", - "ec2:GetEbsEncryptionByDefault", - "kms:CreateGrant", - "kms:DescribeKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateReplicationConfiguration.html" - }, - "UpdateReplicationConfigurationTemplate": { - "privilege": "UpdateReplicationConfigurationTemplate", - "description": "Grants permission to update replication configuration template", - "access_level": "Write", - "resource_types": { - "ReplicationConfigurationTemplateResource": { - "resource_type": "ReplicationConfigurationTemplateResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ec2:CreateSecurityGroup", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:GetEbsDefaultKmsKeyId", - "ec2:GetEbsEncryptionByDefault", - "kms:CreateGrant", - "kms:DescribeKey" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateReplicationConfigurationTemplate.html" - } - }, - "resources": { - "JobResource": { - "resource": "JobResource", - "arn": "arn:${Partition}:drs:${Region}:${Account}:job/${JobID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "RecoveryInstanceResource": { - "resource": "RecoveryInstanceResource", - "arn": "arn:${Partition}:drs:${Region}:${Account}:recovery-instance/${RecoveryInstanceID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "drs:EC2InstanceARN" - ] - }, - "ReplicationConfigurationTemplateResource": { - "resource": "ReplicationConfigurationTemplateResource", - "arn": "arn:${Partition}:drs:${Region}:${Account}:replication-configuration-template/${ReplicationConfigurationTemplateID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "LaunchConfigurationTemplateResource": { - "resource": "LaunchConfigurationTemplateResource", - "arn": "arn:${Partition}:drs:${Region}:${Account}:launch-configuration-template/${LaunchConfigurationTemplateID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "SourceServerResource": { - "resource": "SourceServerResource", - "arn": "arn:${Partition}:drs:${Region}:${Account}:source-server/${SourceServerID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "SourceNetworkResource": { - "resource": "SourceNetworkResource", - "arn": "arn:${Partition}:drs:${Region}:${Account}:source-network/${SourceNetworkID}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "drs:CreateAction": { - "condition": "drs:CreateAction", - "description": "Filters access by the name of a resource-creating API action", - "type": "String" - }, - "drs:EC2InstanceARN": { - "condition": "drs:EC2InstanceARN", - "description": "Filters access by the EC2 instance the request originated from", - "type": "String" - } - } - }, - "elasticloadbalancing": { - "service_name": "AWS Elastic Load Balancing", - "prefix": "elasticloadbalancing", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticloadbalancing.html", - "privileges": { - "AddTags": { - "privilege": "AddTags", - "description": "Grants permission to add the specified tags to the specified load balancer. Each load balancer can have a maximum of 10 tags", - "access_level": "Tagging", - "resource_types": { - "listener-rule/app": { - "resource_type": "listener-rule/app", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "listener-rule/net": { - "resource_type": "listener-rule/net", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/app": { - "resource_type": "listener/app", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/net": { - "resource_type": "listener/net", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "targetgroup": { - "resource_type": "targetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddTags.html" - }, - "ApplySecurityGroupsToLoadBalancer": { - "privilege": "ApplySecurityGroupsToLoadBalancer", - "description": "Grants permission to associate one or more security groups with your load balancer in a virtual private cloud (VPC)", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_ApplySecurityGroupsToLoadBalancer.html" - }, - "AttachLoadBalancerToSubnets": { - "privilege": "AttachLoadBalancerToSubnets", - "description": "Grants permission to add one or more subnets to the set of configured subnets for the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_AttachLoadBalancerToSubnets.html" - }, - "ConfigureHealthCheck": { - "privilege": "ConfigureHealthCheck", - "description": "Grants permission to specify the health check settings to use when evaluating the health state of your back-end instances", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_ConfigureHealthCheck.html" - }, - "CreateAppCookieStickinessPolicy": { - "privilege": "CreateAppCookieStickinessPolicy", - "description": "Grants permission to generate a stickiness policy with sticky session lifetimes that follow that of an application-generated cookie", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateAppCookieStickinessPolicy.html" - }, - "CreateLBCookieStickinessPolicy": { - "privilege": "CreateLBCookieStickinessPolicy", - "description": "Grants permission to generate a stickiness policy with sticky session lifetimes controlled by the lifetime of the browser (user-agent) or a specified expiration period", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateLBCookieStickinessPolicy.html" - }, - "CreateLoadBalancer": { - "privilege": "CreateLoadBalancer", - "description": "Grants permission to create a load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateLoadBalancer.html" - }, - "CreateLoadBalancerListeners": { - "privilege": "CreateLoadBalancerListeners", - "description": "Grants permission to create one or more listeners for the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateLoadBalancerListeners.html" - }, - "CreateLoadBalancerPolicy": { - "privilege": "CreateLoadBalancerPolicy", - "description": "Grants permission to create a policy with the specified attributes for the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateLoadBalancerPolicy.html" - }, - "DeleteLoadBalancer": { - "privilege": "DeleteLoadBalancer", - "description": "Grants permission to delete the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteLoadBalancer.html" - }, - "DeleteLoadBalancerListeners": { - "privilege": "DeleteLoadBalancerListeners", - "description": "Grants permission to delete the specified listeners from the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DeleteLoadBalancerListeners.html" - }, - "DeleteLoadBalancerPolicy": { - "privilege": "DeleteLoadBalancerPolicy", - "description": "Grants permission to delete the specified policy from the specified load balancer. This policy must not be enabled for any listeners", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DeleteLoadBalancerPolicy.html" - }, - "DeregisterInstancesFromLoadBalancer": { - "privilege": "DeregisterInstancesFromLoadBalancer", - "description": "Grants permission to deregister the specified instances from the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DeregisterInstancesFromLoadBalancer.html" - }, - "DescribeInstanceHealth": { - "privilege": "DescribeInstanceHealth", - "description": "Grants permission to describe the state of the specified instances with respect to the specified load balancer", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeInstanceHealth.html" - }, - "DescribeLoadBalancerAttributes": { - "privilege": "DescribeLoadBalancerAttributes", - "description": "Grants permission to describe the attributes for the specified load balancer", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancerAttributes.html" - }, - "DescribeLoadBalancerPolicies": { - "privilege": "DescribeLoadBalancerPolicies", - "description": "Grants permission to describe the specified policies", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancerPolicies.html" - }, - "DescribeLoadBalancerPolicyTypes": { - "privilege": "DescribeLoadBalancerPolicyTypes", - "description": "Grants permission to describe the specified load balancer policy types", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancerPolicyTypes.html" - }, - "DescribeLoadBalancers": { - "privilege": "DescribeLoadBalancers", - "description": "Grants permission to describe the specified the load balancers. If no load balancers are specified, the call describes all of your load balancers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html" - }, - "DescribeTags": { - "privilege": "DescribeTags", - "description": "Grants permission to describe the tags associated with the specified resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTags.html" - }, - "DetachLoadBalancerFromSubnets": { - "privilege": "DetachLoadBalancerFromSubnets", - "description": "Grants permission to remove the specified subnets from the set of configured subnets for the load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DetachLoadBalancerFromSubnets.html" - }, - "DisableAvailabilityZonesForLoadBalancer": { - "privilege": "DisableAvailabilityZonesForLoadBalancer", - "description": "Grants permission to remove the specified Availability Zones from the set of Availability Zones for the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DisableAvailabilityZonesForLoadBalancer.html" - }, - "EnableAvailabilityZonesForLoadBalancer": { - "privilege": "EnableAvailabilityZonesForLoadBalancer", - "description": "Grants permission to add the specified Availability Zones to the set of Availability Zones for the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_EnableAvailabilityZonesForLoadBalancer.html" - }, - "ModifyLoadBalancerAttributes": { - "privilege": "ModifyLoadBalancerAttributes", - "description": "Grants permission to modify the attributes of the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyLoadBalancerAttributes.html" - }, - "RegisterInstancesWithLoadBalancer": { - "privilege": "RegisterInstancesWithLoadBalancer", - "description": "Grants permission to add the specified instances to the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_RegisterInstancesWithLoadBalancer.html" - }, - "RemoveTags": { - "privilege": "RemoveTags", - "description": "Grants permission to remove one or more tags from the specified load balancer", - "access_level": "Tagging", - "resource_types": { - "listener-rule/app": { - "resource_type": "listener-rule/app", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "listener-rule/net": { - "resource_type": "listener-rule/net", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/app": { - "resource_type": "listener/app", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/net": { - "resource_type": "listener/net", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "targetgroup": { - "resource_type": "targetgroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RemoveTags.html" - }, - "SetLoadBalancerListenerSSLCertificate": { - "privilege": "SetLoadBalancerListenerSSLCertificate", - "description": "Grants permission to set the certificate that terminates the specified listener's SSL connections", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_SetLoadBalancerListenerSSLCertificate.html" - }, - "SetLoadBalancerPoliciesForBackendServer": { - "privilege": "SetLoadBalancerPoliciesForBackendServer", - "description": "Grants permission to replace the set of policies associated with the specified port on which the back-end server is listening with a new set of policies", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_SetLoadBalancerPoliciesForBackendServer.html" - }, - "SetLoadBalancerPoliciesOfListener": { - "privilege": "SetLoadBalancerPoliciesOfListener", - "description": "Grants permission to replace the current set of policies for the specified load balancer port with the specified set of policies", - "access_level": "Write", - "resource_types": { - "loadbalancer": { - "resource_type": "loadbalancer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_SetLoadBalancerPoliciesOfListener.html" - }, - "AddListenerCertificates": { - "privilege": "AddListenerCertificates", - "description": "Grants permission to add the specified certificates to the specified secure listener", - "access_level": "Write", - "resource_types": { - "listener/app": { - "resource_type": "listener/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/net": { - "resource_type": "listener/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddListenerCertificates.html" - }, - "CreateListener": { - "privilege": "CreateListener", - "description": "Grants permission to create a listener for the specified Application Load Balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateListener.html" - }, - "CreateRule": { - "privilege": "CreateRule", - "description": "Grants permission to create a rule for the specified listener", - "access_level": "Write", - "resource_types": { - "listener/app": { - "resource_type": "listener/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/net": { - "resource_type": "listener/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateRule.html" - }, - "CreateTargetGroup": { - "privilege": "CreateTargetGroup", - "description": "Grants permission to create a target group", - "access_level": "Write", - "resource_types": { - "targetgroup": { - "resource_type": "targetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html" - }, - "DeleteListener": { - "privilege": "DeleteListener", - "description": "Grants permission to delete the specified listener", - "access_level": "Write", - "resource_types": { - "listener/app": { - "resource_type": "listener/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/net": { - "resource_type": "listener/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteListener.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete the specified rule", - "access_level": "Write", - "resource_types": { - "listener-rule/app": { - "resource_type": "listener-rule/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener-rule/net": { - "resource_type": "listener-rule/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteRule.html" - }, - "DeleteTargetGroup": { - "privilege": "DeleteTargetGroup", - "description": "Grants permission to delete the specified target group", - "access_level": "Write", - "resource_types": { - "targetgroup": { - "resource_type": "targetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteTargetGroup.html" - }, - "DeregisterTargets": { - "privilege": "DeregisterTargets", - "description": "Grants permission to deregister the specified targets from the specified target group", - "access_level": "Write", - "resource_types": { - "targetgroup": { - "resource_type": "targetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeregisterTargets.html" - }, - "DescribeAccountLimits": { - "privilege": "DescribeAccountLimits", - "description": "Grants permission to describe the Elastic Load Balancing resource limits for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeAccountLimits.html" - }, - "DescribeListenerCertificates": { - "privilege": "DescribeListenerCertificates", - "description": "Grants permission to describe the certificates for the specified secure listener", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeListenerCertificates.html" - }, - "DescribeListeners": { - "privilege": "DescribeListeners", - "description": "Grants permission to describe the specified listeners or the listeners for the specified Application Load Balancer", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeListeners.html" - }, - "DescribeRules": { - "privilege": "DescribeRules", - "description": "Grants permission to describe the specified rules or the rules for the specified listener", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeRules.html" - }, - "DescribeSSLPolicies": { - "privilege": "DescribeSSLPolicies", - "description": "Grants permission to describe the specified policies or all policies used for SSL negotiation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeSSLPolicies.html" - }, - "DescribeTargetGroupAttributes": { - "privilege": "DescribeTargetGroupAttributes", - "description": "Grants permission to describe the attributes for the specified target group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroupAttributes.html" - }, - "DescribeTargetGroups": { - "privilege": "DescribeTargetGroups", - "description": "Grants permission to describe the specified target groups or all of your target groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html" - }, - "DescribeTargetHealth": { - "privilege": "DescribeTargetHealth", - "description": "Grants permission to describe the health of the specified targets or all of your targets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetHealth.html" - }, - "ModifyListener": { - "privilege": "ModifyListener", - "description": "Grants permission to modify the specified properties of the specified listener", - "access_level": "Write", - "resource_types": { - "listener/app": { - "resource_type": "listener/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/net": { - "resource_type": "listener/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyListener.html" - }, - "ModifyRule": { - "privilege": "ModifyRule", - "description": "Grants permission to modify the specified rule", - "access_level": "Write", - "resource_types": { - "listener-rule/app": { - "resource_type": "listener-rule/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener-rule/net": { - "resource_type": "listener-rule/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyRule.html" - }, - "ModifyTargetGroup": { - "privilege": "ModifyTargetGroup", - "description": "Grants permission to modify the health checks used when evaluating the health state of the targets in the specified target group", - "access_level": "Write", - "resource_types": { - "targetgroup": { - "resource_type": "targetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyTargetGroup.html" - }, - "ModifyTargetGroupAttributes": { - "privilege": "ModifyTargetGroupAttributes", - "description": "Grants permission to modify the specified attributes of the specified target group", - "access_level": "Write", - "resource_types": { - "targetgroup": { - "resource_type": "targetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyTargetGroupAttributes.html" - }, - "RegisterTargets": { - "privilege": "RegisterTargets", - "description": "Grants permission to register the specified targets with the specified target group", - "access_level": "Write", - "resource_types": { - "targetgroup": { - "resource_type": "targetgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RegisterTargets.html" - }, - "RemoveListenerCertificates": { - "privilege": "RemoveListenerCertificates", - "description": "Grants permission to remove the specified certificates of the specified secure listener", - "access_level": "Write", - "resource_types": { - "listener/app": { - "resource_type": "listener/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener/net": { - "resource_type": "listener/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RemoveListenerCertificates.html" - }, - "SetIpAddressType": { - "privilege": "SetIpAddressType", - "description": "Grants permission to set the type of IP addresses used by the subnets of the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetIpAddressType.html" - }, - "SetRulePriorities": { - "privilege": "SetRulePriorities", - "description": "Grants permission to set the priorities of the specified rules", - "access_level": "Write", - "resource_types": { - "listener-rule/app": { - "resource_type": "listener-rule/app", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "listener-rule/net": { - "resource_type": "listener-rule/net", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetRulePriorities.html" - }, - "SetSecurityGroups": { - "privilege": "SetSecurityGroups", - "description": "Grants permission to associate the specified security groups with the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetSecurityGroups.html" - }, - "SetSubnets": { - "privilege": "SetSubnets", - "description": "Grants permission to enable the Availability Zone for the specified subnets for the specified load balancer", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/net/": { - "resource_type": "loadbalancer/net/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetSubnets.html" - }, - "SetWebAcl": { - "privilege": "SetWebAcl", - "description": "Grants permission to give WebAcl permission to WAF", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetWebAcl.html" - } - }, - "resources": { - "loadbalancer": { - "resource": "loadbalancer", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/${LoadBalancerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "listener/app": { - "resource": "listener/app", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener/app/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "listener-rule/app": { - "resource": "listener-rule/app", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener-rule/app/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}/${ListenerRuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "listener/net": { - "resource": "listener/net", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener/net/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "listener-rule/net": { - "resource": "listener-rule/net", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener-rule/net/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}/${ListenerRuleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "loadbalancer/app/": { - "resource": "loadbalancer/app/", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "loadbalancer/net/": { - "resource": "loadbalancer/net/", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/net/${LoadBalancerName}/${LoadBalancerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - }, - "targetgroup": { - "resource": "targetgroup", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:targetgroup/${TargetGroupName}/${TargetGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "elasticloadbalancing:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "A key that is present in the request the user makes to the ELB service", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Global tag key and value pair", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "The list of all the tag key names associated with the resource in the request", - "type": "ArrayOfString" - }, - "elasticloadbalancing:CreateAction": { - "condition": "elasticloadbalancing:CreateAction", - "description": "Filters access by the name of a resource-creating API action", - "type": "String" - }, - "elasticloadbalancing:ResourceTag/": { - "condition": "elasticloadbalancing:ResourceTag/", - "description": "The preface string for a tag key and value pair attached to a resource", - "type": "String" - }, - "elasticloadbalancing:ResourceTag/${TagKey}": { - "condition": "elasticloadbalancing:ResourceTag/${TagKey}", - "description": "A tag key and value pair", - "type": "String" - } - } - }, - "elemental-appliances-software": { - "service_name": "AWS Elemental Appliances and Software", - "prefix": "elemental-appliances-software", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalappliancesandsoftware.html", - "privileges": { - "CompleteUpload": { - "privilege": "CompleteUpload", - "description": "Grants permission to complete an upload of an attachment for a quote or order", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "CreateOrderV1": { - "privilege": "CreateOrderV1", - "description": "Grants permission to create an order", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "CreateQuote": { - "privilege": "CreateQuote", - "description": "Grants permission to create a quote", - "access_level": "Tagging", - "resource_types": { - "quote": { - "resource_type": "quote", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetAvsCorrectAddress": { - "privilege": "GetAvsCorrectAddress", - "description": "Grants permission to validate an address", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetBillingAddresses": { - "privilege": "GetBillingAddresses", - "description": "Grants permission to list the billing addresses in the user account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetDeliveryAddressesV2": { - "privilege": "GetDeliveryAddressesV2", - "description": "Grants permission to list the delivery addresses in the user account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetOrder": { - "privilege": "GetOrder", - "description": "Grants permission to describe an order", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetOrdersV2": { - "privilege": "GetOrdersV2", - "description": "Grants permission to list the orders in the user account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetQuote": { - "privilege": "GetQuote", - "description": "Grants permission to describe a quote", - "access_level": "Read", - "resource_types": { - "quote": { - "resource_type": "quote", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetTaxes": { - "privilege": "GetTaxes", - "description": "Grants permission to calculate taxes for an order", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "ListQuotes": { - "privilege": "ListQuotes", - "description": "Grants permission to list the quotes in the user account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists tags for an AWS Elemental Appliances and Software resource", - "access_level": "Read", - "resource_types": { - "quote": { - "resource_type": "quote", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "StartUpload": { - "privilege": "StartUpload", - "description": "Grants permission to start an upload of an attachment for a quote or order", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "SubmitOrderV1": { - "privilege": "SubmitOrderV1", - "description": "Grants permission to submit an order", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS Elemental Appliances and Software resource", - "access_level": "Tagging", - "resource_types": { - "quote": { - "resource_type": "quote", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an AWS Elemental Appliances and Software resource", - "access_level": "Tagging", - "resource_types": { - "quote": { - "resource_type": "quote", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "UpdateQuote": { - "privilege": "UpdateQuote", - "description": "Grants permission to modify a quote", - "access_level": "Write", - "resource_types": { - "quote": { - "resource_type": "quote", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - } - }, - "resources": { - "quote": { - "resource": "quote", - "arn": "arn:${Partition}:elemental-appliances-software:${Region}:${Account}:quote/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by request tag", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by resource tag", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys", - "type": "ArrayOfString" - } - } - }, - "elemental-activations": { - "service_name": "AWS Elemental Appliances and Software Activation Service", - "prefix": "elemental-activations", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalappliancesandsoftwareactivationservice.html", - "privileges": { - "CompleteAccountRegistration": { - "privilege": "CompleteAccountRegistration", - "description": "Grants permission to complete the process of registering customer account for AWS Elemental Appliances and Software Purchases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "CompleteFileUpload": { - "privilege": "CompleteFileUpload", - "description": "Grants permission to complete the process of uploading a Software file for AWS Elemental Appliances and Software Purchases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "DownloadSoftware": { - "privilege": "DownloadSoftware", - "description": "Grants permission to download the Software files for AWS Elemental Appliances and Software Purchases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "GenerateLicenses": { - "privilege": "GenerateLicenses", - "description": "Grants permission to generate Software Licenses for AWS Elemental Appliances and Software Purchases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "GetActivation": { - "privilege": "GetActivation", - "description": "Grants permission to describe an activation", - "access_level": "Read", - "resource_types": { - "activation": { - "resource_type": "activation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS Elemental Activations resource", - "access_level": "Read", - "resource_types": { - "activation": { - "resource_type": "activation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "StartAccountRegistration": { - "privilege": "StartAccountRegistration", - "description": "Grants permission to start the process of registering customer account for AWS Elemental Appliances and Software Purchases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "StartFileUpload": { - "privilege": "StartFileUpload", - "description": "Grants permission to start the process of uploading a Software file for AWS Elemental Appliances and Software Purchases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a tag for an AWS Elemental Activations resource", - "access_level": "Tagging", - "resource_types": { - "activation": { - "resource_type": "activation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an AWS Elemental Activations resource", - "access_level": "Tagging", - "resource_types": { - "activation": { - "resource_type": "activation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" - } - }, - "resources": { - "activation": { - "resource": "activation", - "arn": "arn:${Partition}:elemental-activations:${Region}:${Account}:activation/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "mediaconnect": { - "service_name": "AWS Elemental MediaConnect", - "prefix": "mediaconnect", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediaconnect.html", - "privileges": { - "AddBridgeOutputs": { - "privilege": "AddBridgeOutputs", - "description": "Grants permission to add outputs to an existing bridge", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-outputs.html" - }, - "AddBridgeSources": { - "privilege": "AddBridgeSources", - "description": "Grants permission to add sources to an existing bridge", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-sources.html" - }, - "AddFlowMediaStreams": { - "privilege": "AddFlowMediaStreams", - "description": "Grants permission to add media streams to any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-mediastreams.html" - }, - "AddFlowOutputs": { - "privilege": "AddFlowOutputs", - "description": "Grants permission to add outputs to any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-outputs.html" - }, - "AddFlowSources": { - "privilege": "AddFlowSources", - "description": "Grants permission to add sources to any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-source.html" - }, - "AddFlowVpcInterfaces": { - "privilege": "AddFlowVpcInterfaces", - "description": "Grants permission to add VPC interfaces to any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-vpcinterfaces.html" - }, - "CreateBridge": { - "privilege": "CreateBridge", - "description": "Grants permission to create bridges", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges.html" - }, - "CreateFlow": { - "privilege": "CreateFlow", - "description": "Grants permission to create flows", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" - }, - "CreateGateway": { - "privilege": "CreateGateway", - "description": "Grants permission to create gateways", - "access_level": "Write", - "resource_types": { - "Gateway": { - "resource_type": "Gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways.html" - }, - "DeleteBridge": { - "privilege": "DeleteBridge", - "description": "Grants permission to delete bridges", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn.html" - }, - "DeleteFlow": { - "privilege": "DeleteFlow", - "description": "Grants permission to delete flows", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn.html" - }, - "DeleteGateway": { - "privilege": "DeleteGateway", - "description": "Grants permission to delete gateways", - "access_level": "Write", - "resource_types": { - "Gateway": { - "resource_type": "Gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways-gatewayarn.html" - }, - "DeregisterGatewayInstance": { - "privilege": "DeregisterGatewayInstance", - "description": "Grants permission to deregister gateway instance", - "access_level": "Write", - "resource_types": { - "GatewayInstance": { - "resource_type": "GatewayInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances-gatewayinstancearn.html" - }, - "DescribeBridge": { - "privilege": "DescribeBridge", - "description": "Grants permission to display the details of a bridge", - "access_level": "Read", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn.html" - }, - "DescribeFlow": { - "privilege": "DescribeFlow", - "description": "Grants permission to display the details of a flow including the flow ARN, name, and Availability Zone, as well as details about the source, outputs, and entitlements", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn.html" - }, - "DescribeGateway": { - "privilege": "DescribeGateway", - "description": "Grants permission to display the details of a gateway including the gateway ARN, name, and CIDR blocks, as well as details about the networks", - "access_level": "Read", - "resource_types": { - "Gateway": { - "resource_type": "Gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways-gatewayarn.html" - }, - "DescribeGatewayInstance": { - "privilege": "DescribeGatewayInstance", - "description": "Grants permission to display the details of a gateway instance", - "access_level": "Read", - "resource_types": { - "GatewayInstance": { - "resource_type": "GatewayInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances-gatewayinstancearn.html" - }, - "DescribeOffering": { - "privilege": "DescribeOffering", - "description": "Grants permission to display the details of an offering", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-offerings-offeringarn.html" - }, - "DescribeReservation": { - "privilege": "DescribeReservation", - "description": "Grants permission to display the details of a reservation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-reservations-reservationarn.html" - }, - "DiscoverGatewayPollEndpoint": { - "privilege": "DiscoverGatewayPollEndpoint", - "description": "Grants permission to discover gateway poll endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" - }, - "GrantFlowEntitlements": { - "privilege": "GrantFlowEntitlements", - "description": "Grants permission to grant entitlements on any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-entitlements.html" - }, - "ListBridges": { - "privilege": "ListBridges", - "description": "Grants permission to display a list of bridges that are associated with this account and an optionally specified Arn", - "access_level": "List", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges.html" - }, - "ListEntitlements": { - "privilege": "ListEntitlements", - "description": "Grants permission to display a list of all entitlements that have been granted to the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-entitlements.html" - }, - "ListFlows": { - "privilege": "ListFlows", - "description": "Grants permission to display a list of flows that are associated with this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" - }, - "ListGatewayInstances": { - "privilege": "ListGatewayInstances", - "description": "Grants permission to display a list of instances that are associated with this gateway", - "access_level": "List", - "resource_types": { - "GatewayInstance": { - "resource_type": "GatewayInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances.html" - }, - "ListGateways": { - "privilege": "ListGateways", - "description": "Grants permission to display a list of gateways that are associated with this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways.html" - }, - "ListOfferings": { - "privilege": "ListOfferings", - "description": "Grants permission to display a list of all offerings that are available to the account in the current AWS Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-offerings.html" - }, - "ListReservations": { - "privilege": "ListReservations", - "description": "Grants permission to display a list of all reservations that have been purchased by the account in the current AWS Region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-reservations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to display a list of all tags associated with a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/tags-resourcearn.html" - }, - "PollGateway": { - "privilege": "PollGateway", - "description": "Grants permission to poll gateway", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" - }, - "PurchaseOffering": { - "privilege": "PurchaseOffering", - "description": "Grants permission to purchase an offering", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-offerings-offeringarn.html" - }, - "RemoveBridgeOutput": { - "privilege": "RemoveBridgeOutput", - "description": "Grants permission to remove an output of an existing bridge", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-outputs-outputname.html" - }, - "RemoveBridgeSource": { - "privilege": "RemoveBridgeSource", - "description": "Grants permission to remove a source of an existing bridge", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-sources-sourcename.html" - }, - "RemoveFlowMediaStream": { - "privilege": "RemoveFlowMediaStream", - "description": "Grants permission to remove media streams from any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-mediastreams-mediastreamname.html" - }, - "RemoveFlowOutput": { - "privilege": "RemoveFlowOutput", - "description": "Grants permission to remove outputs from any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-outputs-outputarn.html" - }, - "RemoveFlowSource": { - "privilege": "RemoveFlowSource", - "description": "Grants permission to remove sources from any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-source-sourcearn.html" - }, - "RemoveFlowVpcInterface": { - "privilege": "RemoveFlowVpcInterface", - "description": "Grants permission to remove VPC interfaces from any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-vpcinterfaces-vpcinterfacename.html" - }, - "RevokeFlowEntitlement": { - "privilege": "RevokeFlowEntitlement", - "description": "Grants permission to revoke entitlements on any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-entitlements-entitlementarn.html" - }, - "StartFlow": { - "privilege": "StartFlow", - "description": "Grants permission to start flows", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-start-flowarn.html" - }, - "StopFlow": { - "privilege": "StopFlow", - "description": "Grants permission to stop flows", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-stop-flowarn.html" - }, - "SubmitGatewayStateChange": { - "privilege": "SubmitGatewayStateChange", - "description": "Grants permission to submit gateway state change", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate tags with resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/tags-resourcearn.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/tags-resourcearn.html" - }, - "UpdateBridge": { - "privilege": "UpdateBridge", - "description": "Grants permission to update bridges", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn.html" - }, - "UpdateBridgeOutput": { - "privilege": "UpdateBridgeOutput", - "description": "Grants permission to update an output of an existing bridge", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-outputs-outputname.html" - }, - "UpdateBridgeSource": { - "privilege": "UpdateBridgeSource", - "description": "Grants permission to update a source of an existing bridge", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-sources-sourcename.html" - }, - "UpdateBridgeState": { - "privilege": "UpdateBridgeState", - "description": "Grants permission to update the state of an existing bridge", - "access_level": "Write", - "resource_types": { - "Bridge": { - "resource_type": "Bridge", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-state.html" - }, - "UpdateFlow": { - "privilege": "UpdateFlow", - "description": "Grants permission to update flows", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn.html" - }, - "UpdateFlowEntitlement": { - "privilege": "UpdateFlowEntitlement", - "description": "Grants permission to update entitlements on any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-entitlements-entitlementarn.html" - }, - "UpdateFlowMediaStream": { - "privilege": "UpdateFlowMediaStream", - "description": "Grants permission to update media streams on any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-mediastreams-mediastreamname.html" - }, - "UpdateFlowOutput": { - "privilege": "UpdateFlowOutput", - "description": "Grants permission to update outputs on any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-outputs-outputarn.html" - }, - "UpdateFlowSource": { - "privilege": "UpdateFlowSource", - "description": "Grants permission to update the source of any flow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-source-sourcearn.html" - }, - "UpdateGatewayInstance": { - "privilege": "UpdateGatewayInstance", - "description": "Grants permission to update the configuration of an existing Gateway Instance", - "access_level": "Write", - "resource_types": { - "GatewayInstance": { - "resource_type": "GatewayInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances-gatewayinstancearn.html" - } - }, - "resources": { - "Entitlement": { - "resource": "Entitlement", - "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:entitlement:${FlowId}:${EntitlementName}", - "condition_keys": [] - }, - "Flow": { - "resource": "Flow", - "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:flow:${FlowId}:${FlowName}", - "condition_keys": [] - }, - "Output": { - "resource": "Output", - "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:output:${OutputId}:${OutputName}", - "condition_keys": [] - }, - "Source": { - "resource": "Source", - "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:source:${SourceId}:${SourceName}", - "condition_keys": [] - }, - "Gateway": { - "resource": "Gateway", - "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:gateway:${GatewayId}:${GatewayName}", - "condition_keys": [] - }, - "Bridge": { - "resource": "Bridge", - "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:bridge:${FlowId}:${FlowName}", - "condition_keys": [] - }, - "GatewayInstance": { - "resource": "GatewayInstance", - "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:gateway:${GatewayId}:${GatewayName}:instance:${InstanceId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "mediaconvert": { - "service_name": "AWS Elemental MediaConvert", - "prefix": "mediaconvert", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediaconvert.html", - "privileges": { - "AssociateCertificate": { - "privilege": "AssociateCertificate", - "description": "Grants permission to associate an AWS Certificate Manager (ACM) Amazon Resource Name (ARN) with AWS Elemental MediaConvert", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/certificates.html" - }, - "CancelJob": { - "privilege": "CancelJob", - "description": "Grants permission to cancel an AWS Elemental MediaConvert job that is waiting in queue", - "access_level": "Write", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs-id.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Grants permission to create and submit an AWS Elemental MediaConvert job", - "access_level": "Write", - "resource_types": { - "JobTemplate": { - "resource_type": "JobTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Preset": { - "resource_type": "Preset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Queue": { - "resource_type": "Queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs.html" - }, - "CreateJobTemplate": { - "privilege": "CreateJobTemplate", - "description": "Grants permission to create an AWS Elemental MediaConvert custom job template", - "access_level": "Write", - "resource_types": { - "Preset": { - "resource_type": "Preset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Queue": { - "resource_type": "Queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs-id.html" - }, - "CreatePreset": { - "privilege": "CreatePreset", - "description": "Grants permission to create an AWS Elemental MediaConvert custom output preset", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets.html" - }, - "CreateQueue": { - "privilege": "CreateQueue", - "description": "Grants permission to create an AWS Elemental MediaConvert job queue", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues.html" - }, - "DeleteJobTemplate": { - "privilege": "DeleteJobTemplate", - "description": "Grants permission to delete an AWS Elemental MediaConvert custom job template", - "access_level": "Write", - "resource_types": { - "JobTemplate": { - "resource_type": "JobTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates-name.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to delete an AWS Elemental MediaConvert policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/policy.html" - }, - "DeletePreset": { - "privilege": "DeletePreset", - "description": "Grants permission to delete an AWS Elemental MediaConvert custom output preset", - "access_level": "Write", - "resource_types": { - "Preset": { - "resource_type": "Preset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets-name.html" - }, - "DeleteQueue": { - "privilege": "DeleteQueue", - "description": "Grants permission to delete an AWS Elemental MediaConvert job queue", - "access_level": "Write", - "resource_types": { - "Queue": { - "resource_type": "Queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues-name.html" - }, - "DescribeEndpoints": { - "privilege": "DescribeEndpoints", - "description": "Grants permission to subscribe to the AWS Elemental MediaConvert service, by sending a request for an account-specific endpoint. All transcoding requests must be sent to the endpoint that the service returns", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/endpoints.html" - }, - "DisassociateCertificate": { - "privilege": "DisassociateCertificate", - "description": "Grants permission to remove an association between the Amazon Resource Name (ARN) of an AWS Certificate Manager (ACM) certificate and an AWS Elemental MediaConvert resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/certificates-arn.html" - }, - "GetJob": { - "privilege": "GetJob", - "description": "Grants permission to get an AWS Elemental MediaConvert job", - "access_level": "Read", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs-id.html" - }, - "GetJobTemplate": { - "privilege": "GetJobTemplate", - "description": "Grants permission to get an AWS Elemental MediaConvert job template", - "access_level": "Read", - "resource_types": { - "JobTemplate": { - "resource_type": "JobTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates-name.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to get an AWS Elemental MediaConvert policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/policy.html" - }, - "GetPreset": { - "privilege": "GetPreset", - "description": "Grants permission to get an AWS Elemental MediaConvert output preset", - "access_level": "Read", - "resource_types": { - "Preset": { - "resource_type": "Preset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets-name.html" - }, - "GetQueue": { - "privilege": "GetQueue", - "description": "Grants permission to get an AWS Elemental MediaConvert job queue", - "access_level": "Read", - "resource_types": { - "Queue": { - "resource_type": "Queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues-name.html" - }, - "ListJobTemplates": { - "privilege": "ListJobTemplates", - "description": "Grants permission to list AWS Elemental MediaConvert job templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list AWS Elemental MediaConvert jobs", - "access_level": "List", - "resource_types": { - "Queue": { - "resource_type": "Queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs.html" - }, - "ListPresets": { - "privilege": "ListPresets", - "description": "Grants permission to list AWS Elemental MediaConvert output presets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets.html" - }, - "ListQueues": { - "privilege": "ListQueues", - "description": "Grants permission to list AWS Elemental MediaConvert job queues", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve the tags for a MediaConvert queue, preset, or job template", - "access_level": "Read", - "resource_types": { - "JobTemplate": { - "resource_type": "JobTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Preset": { - "resource_type": "Preset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Queue": { - "resource_type": "Queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/tags-arn.html" - }, - "PutPolicy": { - "privilege": "PutPolicy", - "description": "Grants permission to put an AWS Elemental MediaConvert policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/policy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a MediaConvert queue, preset, or job template", - "access_level": "Tagging", - "resource_types": { - "JobTemplate": { - "resource_type": "JobTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Preset": { - "resource_type": "Preset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Queue": { - "resource_type": "Queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/tags.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a MediaConvert queue, preset, or job template", - "access_level": "Tagging", - "resource_types": { - "JobTemplate": { - "resource_type": "JobTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Preset": { - "resource_type": "Preset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Queue": { - "resource_type": "Queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/tags-arn.html" - }, - "UpdateJobTemplate": { - "privilege": "UpdateJobTemplate", - "description": "Grants permission to update an AWS Elemental MediaConvert custom job template", - "access_level": "Write", - "resource_types": { - "JobTemplate": { - "resource_type": "JobTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Preset": { - "resource_type": "Preset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Queue": { - "resource_type": "Queue", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates-name.html" - }, - "UpdatePreset": { - "privilege": "UpdatePreset", - "description": "Grants permission to update an AWS Elemental MediaConvert custom output preset", - "access_level": "Write", - "resource_types": { - "Preset": { - "resource_type": "Preset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets-name.html" - }, - "UpdateQueue": { - "privilege": "UpdateQueue", - "description": "Grants permission to update an AWS Elemental MediaConvert job queue", - "access_level": "Write", - "resource_types": { - "Queue": { - "resource_type": "Queue", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues-name.html" - } - }, - "resources": { - "Job": { - "resource": "Job", - "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:jobs/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Queue": { - "resource": "Queue", - "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:queues/${QueueName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Preset": { - "resource": "Preset", - "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:presets/${PresetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "JobTemplate": { - "resource": "JobTemplate", - "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:jobTemplates/${JobTemplateName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "CertificateAssociation": { - "resource": "CertificateAssociation", - "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:certificates/${CertificateArn}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "medialive": { - "service_name": "AWS Elemental MediaLive", - "prefix": "medialive", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmedialive.html", - "privileges": { - "AcceptInputDeviceTransfer": { - "privilege": "AcceptInputDeviceTransfer", - "description": "Grants permission to accept an input device transfer", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "BatchDelete": { - "privilege": "BatchDelete", - "description": "Grants permission to delete channels, inputs, input security groups, and multiplexes", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" - }, - "BatchStart": { - "privilege": "BatchStart", - "description": "Grants permission to start channels and multiplexes", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" - }, - "BatchStop": { - "privilege": "BatchStop", - "description": "Grants permission to stop channels and multiplexes", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" - }, - "BatchUpdateSchedule": { - "privilege": "BatchUpdateSchedule", - "description": "Grants permission to add and remove actions from a channel's schedule", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/submitting-batch-command.html" - }, - "CancelInputDeviceTransfer": { - "privilege": "CancelInputDeviceTransfer", - "description": "Grants permission to cancel an input device transfer", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "ClaimDevice": { - "privilege": "ClaimDevice", - "description": "Grants permission to claim an input device", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Grants permission to create a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/creating-channel-scratch.html" - }, - "CreateInput": { - "privilege": "CreateInput", - "description": "Grants permission to create an input", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "input-security-group": { - "resource_type": "input-security-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/creating-input.html" - }, - "CreateInputSecurityGroup": { - "privilege": "CreateInputSecurityGroup", - "description": "Grants permission to create an input security group", - "access_level": "Write", - "resource_types": { - "input-security-group": { - "resource_type": "input-security-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/working-with-input-security-groups.html" - }, - "CreateMultiplex": { - "privilege": "CreateMultiplex", - "description": "Grants permission to create a multiplex", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/multiplex-create.html" - }, - "CreateMultiplexProgram": { - "privilege": "CreateMultiplexProgram", - "description": "Grants permission to create a multiplex program", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/multiplex-create.html" - }, - "CreatePartnerInput": { - "privilege": "CreatePartnerInput", - "description": "Grants permission to create a partner input", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/input-create-cdi-partners.html" - }, - "CreateTags": { - "privilege": "CreateTags", - "description": "Grants permission to create tags for channels, inputs, input security groups, multiplexes, and reservations", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input": { - "resource_type": "input", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input-security-group": { - "resource_type": "input-security-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "multiplex": { - "resource_type": "multiplex", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reservation": { - "resource_type": "reservation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/tagging.html" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Grants permission to delete a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" - }, - "DeleteInput": { - "privilege": "DeleteInput", - "description": "Grants permission to delete an input", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-input.html" - }, - "DeleteInputSecurityGroup": { - "privilege": "DeleteInputSecurityGroup", - "description": "Grants permission to delete an input security group", - "access_level": "Write", - "resource_types": { - "input-security-group": { - "resource_type": "input-security-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-input-security-group.html" - }, - "DeleteMultiplex": { - "privilege": "DeleteMultiplex", - "description": "Grants permission to delete a multiplex", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-multiplex-program.html" - }, - "DeleteMultiplexProgram": { - "privilege": "DeleteMultiplexProgram", - "description": "Grants permission to delete a multiplex program", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-multiplex-program.html" - }, - "DeleteReservation": { - "privilege": "DeleteReservation", - "description": "Grants permission to delete an expired reservation", - "access_level": "Write", - "resource_types": { - "reservation": { - "resource_type": "reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/deleting-reservations.html" - }, - "DeleteSchedule": { - "privilege": "DeleteSchedule", - "description": "Grants permission to delete all schedule actions for a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/schedule-using-console-delete.html" - }, - "DeleteTags": { - "privilege": "DeleteTags", - "description": "Grants permission to delete tags from channels, inputs, input security groups, multiplexes, and reservations", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input": { - "resource_type": "input", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input-security-group": { - "resource_type": "input-security-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "multiplex": { - "resource_type": "multiplex", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reservation": { - "resource_type": "reservation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/tagging.html" - }, - "DescribeChannel": { - "privilege": "DescribeChannel", - "description": "Grants permission to get details about a channel", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/viewing-channel-configuration.html" - }, - "DescribeInput": { - "privilege": "DescribeInput", - "description": "Grants permission to describe an input", - "access_level": "Read", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input.html" - }, - "DescribeInputDevice": { - "privilege": "DescribeInputDevice", - "description": "Grants permission to describe an input device", - "access_level": "Read", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" - }, - "DescribeInputDeviceThumbnail": { - "privilege": "DescribeInputDeviceThumbnail", - "description": "Grants permission to describe an input device thumbnail", - "access_level": "Read", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" - }, - "DescribeInputSecurityGroup": { - "privilege": "DescribeInputSecurityGroup", - "description": "Grants permission to describe an input security group", - "access_level": "Read", - "resource_types": { - "input-security-group": { - "resource_type": "input-security-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input-security-group.html" - }, - "DescribeMultiplex": { - "privilege": "DescribeMultiplex", - "description": "Grants permission to describe a multiplex", - "access_level": "Read", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" - }, - "DescribeMultiplexProgram": { - "privilege": "DescribeMultiplexProgram", - "description": "Grants permission to describe a multiplex program", - "access_level": "Read", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/monitoring-multiplex-console.html" - }, - "DescribeOffering": { - "privilege": "DescribeOffering", - "description": "Grants permission to get details about a reservation offering", - "access_level": "Read", - "resource_types": { - "offering": { - "resource_type": "offering", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/purchasing-reservations.html" - }, - "DescribeReservation": { - "privilege": "DescribeReservation", - "description": "Grants permission to get details about a reservation", - "access_level": "Read", - "resource_types": { - "reservation": { - "resource_type": "reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/view-reservations.html" - }, - "DescribeSchedule": { - "privilege": "DescribeSchedule", - "description": "Grants permission to view a list of actions scheduled on a channel", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/schedule-using-console-view.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to list channels", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/viewing-channel-configuration.html" - }, - "ListInputDeviceTransfers": { - "privilege": "ListInputDeviceTransfers", - "description": "Grants permission to list input device transfers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "ListInputDevices": { - "privilege": "ListInputDevices", - "description": "Grants permission to list input devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" - }, - "ListInputSecurityGroups": { - "privilege": "ListInputSecurityGroups", - "description": "Grants permission to list input security groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input-security-group.html" - }, - "ListInputs": { - "privilege": "ListInputs", - "description": "Grants permission to list inputs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input.html" - }, - "ListMultiplexPrograms": { - "privilege": "ListMultiplexPrograms", - "description": "Grants permission to list multiplex programs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/monitoring-multiplex-console.html" - }, - "ListMultiplexes": { - "privilege": "ListMultiplexes", - "description": "Grants permission to list multiplexes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" - }, - "ListOfferings": { - "privilege": "ListOfferings", - "description": "Grants permission to list reservation offerings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/purchasing-reservations.html" - }, - "ListReservations": { - "privilege": "ListReservations", - "description": "Grants permission to list reservations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/view-reservations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for channels, inputs, input security groups, multiplexes, and reservations", - "access_level": "List", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input": { - "resource_type": "input", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input-security-group": { - "resource_type": "input-security-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "multiplex": { - "resource_type": "multiplex", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "reservation": { - "resource_type": "reservation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/tagging.html" - }, - "PurchaseOffering": { - "privilege": "PurchaseOffering", - "description": "Grants permission to purchase a reservation offering", - "access_level": "Write", - "resource_types": { - "offering": { - "resource_type": "offering", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "reservation": { - "resource_type": "reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/purchasing-reservations.html" - }, - "RebootInputDevice": { - "privilege": "RebootInputDevice", - "description": "Grants permission to reboot an input device", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "RejectInputDeviceTransfer": { - "privilege": "RejectInputDeviceTransfer", - "description": "Grants permission to reject an input device transfer", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "StartChannel": { - "privilege": "StartChannel", - "description": "Grants permission to start a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" - }, - "StartInputDeviceMaintenanceWindow": { - "privilege": "StartInputDeviceMaintenanceWindow", - "description": "Grants permission to start a maintenance window for an input device", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "StartMultiplex": { - "privilege": "StartMultiplex", - "description": "Grants permission to start a multiplex", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/start-multiplex.html" - }, - "StopChannel": { - "privilege": "StopChannel", - "description": "Grants permission to stop a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" - }, - "StopMultiplex": { - "privilege": "StopMultiplex", - "description": "Grants permission to stop a multiplex", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/stop-multiplex.title.html" - }, - "TransferInputDevice": { - "privilege": "TransferInputDevice", - "description": "Grants permission to transfer an input device", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Grants permission to update a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" - }, - "UpdateChannelClass": { - "privilege": "UpdateChannelClass", - "description": "Grants permission to update the class of a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" - }, - "UpdateInput": { - "privilege": "UpdateInput", - "description": "Grants permission to update an input", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input.html" - }, - "UpdateInputDevice": { - "privilege": "UpdateInputDevice", - "description": "Grants permission to update an input device", - "access_level": "Write", - "resource_types": { - "input-device": { - "resource_type": "input-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" - }, - "UpdateInputSecurityGroup": { - "privilege": "UpdateInputSecurityGroup", - "description": "Grants permission to update an input security group", - "access_level": "Write", - "resource_types": { - "input-security-group": { - "resource_type": "input-security-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input-security-group.html" - }, - "UpdateMultiplex": { - "privilege": "UpdateMultiplex", - "description": "Grants permission to update a multiplex", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" - }, - "UpdateMultiplexProgram": { - "privilege": "UpdateMultiplexProgram", - "description": "Grants permission to update a multiplex program", - "access_level": "Write", - "resource_types": { - "multiplex": { - "resource_type": "multiplex", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" - }, - "UpdateReservation": { - "privilege": "UpdateReservation", - "description": "Grants permission to update a reservation", - "access_level": "Write", - "resource_types": { - "reservation": { - "resource_type": "reservation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/reservations.html" - } - }, - "resources": { - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:medialive:${Region}:${Account}:channel:${ChannelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "input": { - "resource": "input", - "arn": "arn:${Partition}:medialive:${Region}:${Account}:input:${InputId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "input-device": { - "resource": "input-device", - "arn": "arn:${Partition}:medialive:${Region}:${Account}:inputDevice:${DeviceId}", - "condition_keys": [] - }, - "input-security-group": { - "resource": "input-security-group", - "arn": "arn:${Partition}:medialive:${Region}:${Account}:inputSecurityGroup:${InputSecurityGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "multiplex": { - "resource": "multiplex", - "arn": "arn:${Partition}:medialive:${Region}:${Account}:multiplex:${MultiplexId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "reservation": { - "resource": "reservation", - "arn": "arn:${Partition}:medialive:${Region}:${Account}:reservation:${ReservationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "offering": { - "resource": "offering", - "arn": "arn:${Partition}:medialive:${Region}:${Account}:offering:${OfferingId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "mediapackage": { - "service_name": "AWS Elemental MediaPackage", - "prefix": "mediapackage", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediapackage.html", - "privileges": { - "ConfigureLogs": { - "privilege": "ConfigureLogs", - "description": "Grants permission to configure access logs for a Channel", - "access_level": "Write", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id-configure_logs.html#channels-id-configure_logsput" - }, - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Grants permission to create a channel in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels.html#channelspost" - }, - "CreateHarvestJob": { - "privilege": "CreateHarvestJob", - "description": "Grants permission to create a harvest job in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/harvest_jobs.html#harvest_jobspost" - }, - "CreateOriginEndpoint": { - "privilege": "CreateOriginEndpoint", - "description": "Grants permission to create an endpoint in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints.html#origin_endpointspost" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Grants permission to delete a channel in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id.html#channels-iddelete" - }, - "DeleteOriginEndpoint": { - "privilege": "DeleteOriginEndpoint", - "description": "Grants permission to delete an endpoint in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "origin_endpoints": { - "resource_type": "origin_endpoints", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints-id.html#origin_endpoints-iddelete" - }, - "DescribeChannel": { - "privilege": "DescribeChannel", - "description": "Grants permission to view the details of a channel in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id.html#channels-idget" - }, - "DescribeHarvestJob": { - "privilege": "DescribeHarvestJob", - "description": "Grants permission to view the details of a harvest job in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "harvest_jobs": { - "resource_type": "harvest_jobs", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/harvest_jobs-id.html#harvest_jobs-idget" - }, - "DescribeOriginEndpoint": { - "privilege": "DescribeOriginEndpoint", - "description": "Grants permission to view the details of an endpoint in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "origin_endpoints": { - "resource_type": "origin_endpoints", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints-id.html#origin_endpoints-idget" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to view a list of channels in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels.html#channelsget" - }, - "ListHarvestJobs": { - "privilege": "ListHarvestJobs", - "description": "Grants permission to view a list of harvest jobs in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/harvest_jobs.html#harvest_jobsget" - }, - "ListOriginEndpoints": { - "privilege": "ListOriginEndpoints", - "description": "Grants permission to view a list of endpoints in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints.html#origin_endpointsget" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags assigned to a Channel or OriginEndpoint", - "access_level": "Read", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "harvest_jobs": { - "resource_type": "harvest_jobs", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "origin_endpoints": { - "resource_type": "origin_endpoints", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/tags-resource-arn.html#tags-resource-arnget" - }, - "RotateChannelCredentials": { - "privilege": "RotateChannelCredentials", - "description": "Grants permission to rotate credentials for the first IngestEndpoint of a Channel in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id-credentials.html#channels-id-credentialsput" - }, - "RotateIngestEndpointCredentials": { - "privilege": "RotateIngestEndpointCredentials", - "description": "Grants permission to rotate IngestEndpoint credentials for a Channel in AWS Elemental MediaPackage", - "access_level": "Permissions management", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id-ingest_endpoints-ingest_endpoint_id-credentials.html#channels-id-ingest_endpoints-ingest_endpoint_id-credentialsput" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a MediaPackage resource", - "access_level": "Tagging", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "harvest_jobs": { - "resource_type": "harvest_jobs", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "origin_endpoints": { - "resource_type": "origin_endpoints", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/hj-create.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to delete tags to a Channel or OriginEndpoint", - "access_level": "Tagging", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "harvest_jobs": { - "resource_type": "harvest_jobs", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "origin_endpoints": { - "resource_type": "origin_endpoints", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/tags-resource-arn.html#tags-resource-arndelete" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Grants permission to make changes to a channel in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "channels": { - "resource_type": "channels", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id.html#channels-idput" - }, - "UpdateOriginEndpoint": { - "privilege": "UpdateOriginEndpoint", - "description": "Grants permission to make changes to an endpoint in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "origin_endpoints": { - "resource_type": "origin_endpoints", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints-id.html#origin_endpoints-idput" - } - }, - "resources": { - "channels": { - "resource": "channels", - "arn": "arn:${Partition}:mediapackage:${Region}:${Account}:channels/${ChannelIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "origin_endpoints": { - "resource": "origin_endpoints", - "arn": "arn:${Partition}:mediapackage:${Region}:${Account}:origin_endpoints/${OriginEndpointIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "harvest_jobs": { - "resource": "harvest_jobs", - "arn": "arn:${Partition}:mediapackage:${Region}:${Account}:harvest_jobs/${HarvestJobIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag for a MediaPackage request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag for a MediaPackage resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys for a MediaPackage resource or request", - "type": "ArrayOfString" - } - } - }, - "mediapackagev2": { - "service_name": "AWS Elemental MediaPackage V2", - "prefix": "mediapackagev2", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediapackagev2.html", - "privileges": { - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Grants permission to create a channel in a channel group", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_CreateChannel.html" - }, - "CreateChannelGroup": { - "privilege": "CreateChannelGroup", - "description": "Grants permission to create a channel group", - "access_level": "Write", - "resource_types": { - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_CreateChannelGroup.html" - }, - "CreateOriginEndpoint": { - "privilege": "CreateOriginEndpoint", - "description": "Grants permission to create an origin endpoint for a channel", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_CreateOriginEndpoint.html" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Grants permission to delete a channel in a channel group", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteChannel.html" - }, - "DeleteChannelGroup": { - "privilege": "DeleteChannelGroup", - "description": "Grants permission to delete a channel group", - "access_level": "Write", - "resource_types": { - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteChannelGroup.html" - }, - "DeleteChannelPolicy": { - "privilege": "DeleteChannelPolicy", - "description": "Grants permission to delete a resource policy from a channel", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelPolicy": { - "resource_type": "ChannelPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteChannelPolicy.html" - }, - "DeleteOriginEndpoint": { - "privilege": "DeleteOriginEndpoint", - "description": "Grants permission to delete an origin endpoint of a channel", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteOriginEndpoint.html" - }, - "DeleteOriginEndpointPolicy": { - "privilege": "DeleteOriginEndpointPolicy", - "description": "Grants permission to delete a resource policy from an origin endpoint", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpointPolicy": { - "resource_type": "OriginEndpointPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteOriginEndpointPolicy.html" - }, - "GetChannel": { - "privilege": "GetChannel", - "description": "Grants permission to retrieve details of a channel in a channel group", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetChannel.html" - }, - "GetChannelGroup": { - "privilege": "GetChannelGroup", - "description": "Grants permission to retrieve details of a channel group", - "access_level": "Read", - "resource_types": { - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetChannelGroup.html" - }, - "GetChannelPolicy": { - "privilege": "GetChannelPolicy", - "description": "Grants permission to retrieve a resource policy for a channel", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelPolicy": { - "resource_type": "ChannelPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetChannelPolicy.html" - }, - "GetHeadObject": { - "privilege": "GetHeadObject", - "description": "Grants permission to make GetHeadObject requests to MediaPackage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/userguide/dataplane-apis.html" - }, - "GetObject": { - "privilege": "GetObject", - "description": "Grants permission to make GetObject requests to MediaPackage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/userguide/dataplane-apis.html" - }, - "GetOriginEndpoint": { - "privilege": "GetOriginEndpoint", - "description": "Grants permission to retrieve details of an origin endpoint", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetOriginEndpoint.html" - }, - "GetOriginEndpointPolicy": { - "privilege": "GetOriginEndpointPolicy", - "description": "Grants permission to retrieve details of a resource policy for an origin endpoint", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpointPolicy": { - "resource_type": "OriginEndpointPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetOriginEndpointPolicy.html" - }, - "ListChannelGroups": { - "privilege": "ListChannelGroups", - "description": "Grants permission to list all channel groups for an aws account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListChannelGroups.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to list all channels in a channel group", - "access_level": "List", - "resource_types": { - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListChannels.html" - }, - "ListOriginEndpoints": { - "privilege": "ListOriginEndpoints", - "description": "Grants permission to list all origin endpoints of a channel", - "access_level": "List", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListOriginEndpoints.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for the specified resource", - "access_level": "Read", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListTagsForResource.html" - }, - "PutChannelPolicy": { - "privilege": "PutChannelPolicy", - "description": "Grants permission to attach a resource policy for a channel", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelPolicy": { - "resource_type": "ChannelPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_PutChannelPolicy.html" - }, - "PutObject": { - "privilege": "PutObject", - "description": "Grants permission to make PutObject requests to MediaPackage", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/userguide/dataplane-apis.html" - }, - "PutOriginEndpointPolicy": { - "privilege": "PutOriginEndpointPolicy", - "description": "Grants permission to attach a resource policy to an origin endpoint", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpointPolicy": { - "resource_type": "OriginEndpointPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_PutOriginEndpointPolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add specified tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the specified tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UntagResource.html" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Grants permission to update a channel in a channel group", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UpdateChannel.html" - }, - "UpdateChannelGroup": { - "privilege": "UpdateChannelGroup", - "description": "Grants permission to update a channel group", - "access_level": "Write", - "resource_types": { - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UpdateChannelGroup.html" - }, - "UpdateOriginEndpoint": { - "privilege": "UpdateOriginEndpoint", - "description": "Grants permission to update an origin endpoint of a channel", - "access_level": "Write", - "resource_types": { - "Channel": { - "resource_type": "Channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ChannelGroup": { - "resource_type": "ChannelGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "OriginEndpoint": { - "resource_type": "OriginEndpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UpdateOriginEndpoint.html" - } - }, - "resources": { - "ChannelGroup": { - "resource": "ChannelGroup", - "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ChannelPolicy": { - "resource": "ChannelPolicy", - "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}", - "condition_keys": [] - }, - "Channel": { - "resource": "Channel", - "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "OriginEndpointPolicy": { - "resource": "OriginEndpointPolicy", - "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}/originEndpoint/${OriginEndpointName}", - "condition_keys": [] - }, - "OriginEndpoint": { - "resource": "OriginEndpoint", - "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}/originEndpoint/${OriginEndpointName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "mediapackage-vod": { - "service_name": "AWS Elemental MediaPackage VOD", - "prefix": "mediapackage-vod", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediapackagevod.html", - "privileges": { - "ConfigureLogs": { - "privilege": "ConfigureLogs", - "description": "Grants permission to configure egress access logs for a PackagingGroup", - "access_level": "Write", - "resource_types": { - "packaging-groups": { - "resource_type": "packaging-groups", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id-configure_logs.html#packaging_groups-id-configure_logsput" - }, - "CreateAsset": { - "privilege": "CreateAsset", - "description": "Grants permission to create an asset in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets.html#assetspost" - }, - "CreatePackagingConfiguration": { - "privilege": "CreatePackagingConfiguration", - "description": "Grants permission to create a packaging configuration in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations.html#packaging_configurationspost" - }, - "CreatePackagingGroup": { - "privilege": "CreatePackagingGroup", - "description": "Grants permission to create a packaging group in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups.html#packaging_groupspost" - }, - "DeleteAsset": { - "privilege": "DeleteAsset", - "description": "Grants permission to delete an asset in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets-id.html#assets-iddelete" - }, - "DeletePackagingConfiguration": { - "privilege": "DeletePackagingConfiguration", - "description": "Grants permission to delete a packaging configuration in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "packaging-configurations": { - "resource_type": "packaging-configurations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations-id.html#packaging_configurations-iddelete" - }, - "DeletePackagingGroup": { - "privilege": "DeletePackagingGroup", - "description": "Grants permission to delete a packaging group in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "packaging-groups": { - "resource_type": "packaging-groups", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id.html#packaging_groups-iddelete" - }, - "DescribeAsset": { - "privilege": "DescribeAsset", - "description": "Grants permission to view the details of an asset in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets-id.html#assets-idget" - }, - "DescribePackagingConfiguration": { - "privilege": "DescribePackagingConfiguration", - "description": "Grants permission to view the details of a packaging configuration in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "packaging-configurations": { - "resource_type": "packaging-configurations", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations-id.html#packaging_configurations-idget" - }, - "DescribePackagingGroup": { - "privilege": "DescribePackagingGroup", - "description": "Grants permission to view the details of a packaging group in AWS Elemental MediaPackage", - "access_level": "Read", - "resource_types": { - "packaging-groups": { - "resource_type": "packaging-groups", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id.html#packaging_groups-idget" - }, - "ListAssets": { - "privilege": "ListAssets", - "description": "Grants permission to view a list of assets in AWS Elemental MediaPackage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets.html#assetsget" - }, - "ListPackagingConfigurations": { - "privilege": "ListPackagingConfigurations", - "description": "Grants permission to view a list of packaging configurations in AWS Elemental MediaPackage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations.html#packaging_configurationsget" - }, - "ListPackagingGroups": { - "privilege": "ListPackagingGroups", - "description": "Grants permission to view a list of packaging groups in AWS Elemental MediaPackage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups.html#packaging_groupsget" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags assigned to a PackagingGroup, PackagingConfiguration, or Asset", - "access_level": "Read", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packaging-configurations": { - "resource_type": "packaging-configurations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packaging-groups": { - "resource_type": "packaging-groups", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/tags-resource-arn.html#tags-resource-arnget" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign tags to a PackagingGroup, PackagingConfiguration, or Asset", - "access_level": "Tagging", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packaging-configurations": { - "resource_type": "packaging-configurations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packaging-groups": { - "resource_type": "packaging-groups", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/tags-resource-arn.html#tags-resource-arnpost" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to delete tags from a PackagingGroup, PackagingConfiguration, or Asset", - "access_level": "Tagging", - "resource_types": { - "assets": { - "resource_type": "assets", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packaging-configurations": { - "resource_type": "packaging-configurations", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packaging-groups": { - "resource_type": "packaging-groups", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/tags-resource-arn.html#tags-resource-arndelete" - }, - "UpdatePackagingGroup": { - "privilege": "UpdatePackagingGroup", - "description": "Grants permission to update a packaging group in AWS Elemental MediaPackage", - "access_level": "Write", - "resource_types": { - "packaging-groups": { - "resource_type": "packaging-groups", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id.html#packaging_groups-idput" - } - }, - "resources": { - "assets": { - "resource": "assets", - "arn": "arn:${Partition}:mediapackage-vod:${Region}:${Account}:assets/${AssetIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "packaging-configurations": { - "resource": "packaging-configurations", - "arn": "arn:${Partition}:mediapackage-vod:${Region}:${Account}:packaging-configurations/${PackagingConfigurationIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "packaging-groups": { - "resource": "packaging-groups", - "arn": "arn:${Partition}:mediapackage-vod:${Region}:${Account}:packaging-groups/${PackagingGroupIdentifier}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "mediastore": { - "service_name": "AWS Elemental MediaStore", - "prefix": "mediastore", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediastore.html", - "privileges": { - "CreateContainer": { - "privilege": "CreateContainer", - "description": "Grants permission to create a container", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_CreateContainer.html" - }, - "DeleteContainer": { - "privilege": "DeleteContainer", - "description": "Grants permission to delete a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteContainer.html" - }, - "DeleteContainerPolicy": { - "privilege": "DeleteContainerPolicy", - "description": "Grants permission to delete the access policy of a container", - "access_level": "Permissions management", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteContainerPolicy.html" - }, - "DeleteCorsPolicy": { - "privilege": "DeleteCorsPolicy", - "description": "Grants permission to delete the CORS policy from a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteCorsPolicy.html" - }, - "DeleteLifecyclePolicy": { - "privilege": "DeleteLifecyclePolicy", - "description": "Grants permission to delete the lifecycle policy from a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteLifecyclePolicy.html" - }, - "DeleteMetricPolicy": { - "privilege": "DeleteMetricPolicy", - "description": "Grants permission to delete the metric policy from a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteMetricPolicy.html" - }, - "DeleteObject": { - "privilege": "DeleteObject", - "description": "Grants permission to delete an object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_DeleteObject.html" - }, - "DescribeContainer": { - "privilege": "DescribeContainer", - "description": "Grants permission to retrieve details on a container", - "access_level": "List", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DescribeContainer.html" - }, - "DescribeObject": { - "privilege": "DescribeObject", - "description": "Grants permission to retrieve metadata for an object", - "access_level": "List", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_DescribeObject.html" - }, - "GetContainerPolicy": { - "privilege": "GetContainerPolicy", - "description": "Grants permission to retrieve the access policy of a container", - "access_level": "Read", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetContainerPolicy.html" - }, - "GetCorsPolicy": { - "privilege": "GetCorsPolicy", - "description": "Grants permission to retrieve the CORS policy of a container", - "access_level": "Read", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetCorsPolicy.html" - }, - "GetLifecyclePolicy": { - "privilege": "GetLifecyclePolicy", - "description": "Grants permission to retrieve the lifecycle policy that is assigned to a container", - "access_level": "Read", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetLifecyclePolicy.html" - }, - "GetMetricPolicy": { - "privilege": "GetMetricPolicy", - "description": "Grants permission to retrieve the metric policy that is assigned to a container", - "access_level": "Read", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetMetricPolicy.html" - }, - "GetObject": { - "privilege": "GetObject", - "description": "Grants permission to retrieve an object", - "access_level": "Read", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_GetObject.html" - }, - "ListContainers": { - "privilege": "ListContainers", - "description": "Grants permission to retrieve a list of containers in the current account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_ListContainers.html" - }, - "ListItems": { - "privilege": "ListItems", - "description": "Grants permission to retrieve a list of objects and subfolders that are stored in a folder", - "access_level": "List", - "resource_types": { - "folder": { - "resource_type": "folder", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_ListItems.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags on a container", - "access_level": "Read", - "resource_types": { - "container": { - "resource_type": "container", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_ListTagsForResource.html" - }, - "PutContainerPolicy": { - "privilege": "PutContainerPolicy", - "description": "Grants permission to create or replace the access policy of a container", - "access_level": "Permissions management", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutContainerPolicy.html" - }, - "PutCorsPolicy": { - "privilege": "PutCorsPolicy", - "description": "Grants permission to add or modify the CORS policy of a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutCorsPolicy.html" - }, - "PutLifecyclePolicy": { - "privilege": "PutLifecyclePolicy", - "description": "Grants permission to add or modify the lifecycle policy that is assigned to a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutLifecyclePolicy.html" - }, - "PutMetricPolicy": { - "privilege": "PutMetricPolicy", - "description": "Grants permission to add or modify the metric policy that is assigned to a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutMetricPolicy.html" - }, - "PutObject": { - "privilege": "PutObject", - "description": "Grants permission to upload an object", - "access_level": "Write", - "resource_types": { - "object": { - "resource_type": "object", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_PutObject.html" - }, - "StartAccessLogging": { - "privilege": "StartAccessLogging", - "description": "Grants permission to start access logging on a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_StartAccessLogging.html" - }, - "StopAccessLogging": { - "privilege": "StopAccessLogging", - "description": "Grants permission to stop access logging on a container", - "access_level": "Write", - "resource_types": { - "container": { - "resource_type": "container", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_StopAccessLogging.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a container", - "access_level": "Tagging", - "resource_types": { - "container": { - "resource_type": "container", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a container", - "access_level": "Tagging", - "resource_types": { - "container": { - "resource_type": "container", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_UntagResource.html" - } - }, - "resources": { - "container": { - "resource": "container", - "arn": "arn:${Partition}:mediastore:${Region}:${Account}:container/${ContainerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "object": { - "resource": "object", - "arn": "arn:${Partition}:mediastore:${Region}:${Account}:container/${ContainerName}/${ObjectPath}", - "condition_keys": [] - }, - "folder": { - "resource": "folder", - "arn": "arn:${Partition}:mediastore:${Region}:${Account}:container/${ContainerName}/${FolderPath}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "mediatailor": { - "service_name": "AWS Elemental MediaTailor", - "prefix": "mediatailor", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediatailor.html", - "privileges": { - "ConfigureLogsForChannel": { - "privilege": "ConfigureLogsForChannel", - "description": "Grants permission to configure logs on the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/configurelogs-channel.html" - }, - "ConfigureLogsForPlaybackConfiguration": { - "privilege": "ConfigureLogsForPlaybackConfiguration", - "description": "Grants permission to configure logs for a playback configuration", - "access_level": "Write", - "resource_types": { - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/configurelogs-playbackconfiguration.html" - }, - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Grants permission to create a new channel", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" - }, - "CreateLiveSource": { - "privilege": "CreateLiveSource", - "description": "Grants permission to create a new live source on the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" - }, - "CreatePrefetchSchedule": { - "privilege": "CreatePrefetchSchedule", - "description": "Grants permission to create a prefetch schedule for the playback configuration with the specified playback configuration name", - "access_level": "Write", - "resource_types": { - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname-name.html" - }, - "CreateProgram": { - "privilege": "CreateProgram", - "description": "Grants permission to create a new program on the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" - }, - "CreateSourceLocation": { - "privilege": "CreateSourceLocation", - "description": "Grants permission to create a new source location", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" - }, - "CreateVodSource": { - "privilege": "CreateVodSource", - "description": "Grants permission to create a new VOD source on the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Grants permission to delete the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" - }, - "DeleteChannelPolicy": { - "privilege": "DeleteChannelPolicy", - "description": "Grants permission to delete the IAM policy on the channel with the specified channel name", - "access_level": "Permissions management", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-policy.html" - }, - "DeleteLiveSource": { - "privilege": "DeleteLiveSource", - "description": "Grants permission to delete the live source with the specified live source name on the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "liveSource": { - "resource_type": "liveSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" - }, - "DeletePlaybackConfiguration": { - "privilege": "DeletePlaybackConfiguration", - "description": "Grants permission to delete the specified playback configuration", - "access_level": "Write", - "resource_types": { - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfiguration-name.html" - }, - "DeletePrefetchSchedule": { - "privilege": "DeletePrefetchSchedule", - "description": "Grants permission to delete a prefetch schedule for a playback configuration with the specified prefetch schedule name", - "access_level": "Write", - "resource_types": { - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "prefetchSchedule": { - "resource_type": "prefetchSchedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname-name.html" - }, - "DeleteProgram": { - "privilege": "DeleteProgram", - "description": "Grants permission to delete the program with the specified program name on the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "program": { - "resource_type": "program", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" - }, - "DeleteSourceLocation": { - "privilege": "DeleteSourceLocation", - "description": "Grants permission to delete the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "sourceLocation": { - "resource_type": "sourceLocation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" - }, - "DeleteVodSource": { - "privilege": "DeleteVodSource", - "description": "Grants permission to delete the VOD source with the specified VOD source name on the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "vodSource": { - "resource_type": "vodSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" - }, - "DescribeChannel": { - "privilege": "DescribeChannel", - "description": "Grants permission to retrieve the channel with the specified channel name", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" - }, - "DescribeLiveSource": { - "privilege": "DescribeLiveSource", - "description": "Grants permission to retrieve the live source with the specified live source name on the source location with the specified source location name", - "access_level": "Read", - "resource_types": { - "liveSource": { - "resource_type": "liveSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" - }, - "DescribeProgram": { - "privilege": "DescribeProgram", - "description": "Grants permission to retrieve the program with the specified program name on the channel with the specified channel name", - "access_level": "Read", - "resource_types": { - "program": { - "resource_type": "program", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" - }, - "DescribeSourceLocation": { - "privilege": "DescribeSourceLocation", - "description": "Grants permission to retrieve the source location with the specified source location name", - "access_level": "Read", - "resource_types": { - "sourceLocation": { - "resource_type": "sourceLocation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" - }, - "DescribeVodSource": { - "privilege": "DescribeVodSource", - "description": "Grants permission to retrieve the VOD source with the specified VOD source name on the source location with the specified source location name", - "access_level": "Read", - "resource_types": { - "vodSource": { - "resource_type": "vodSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" - }, - "GetChannelPolicy": { - "privilege": "GetChannelPolicy", - "description": "Grants permission to read the IAM policy on the channel with the specified channel name", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-policy.html" - }, - "GetChannelSchedule": { - "privilege": "GetChannelSchedule", - "description": "Grants permission to retrieve the schedule of programs on the channel with the specified channel name", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-schedule.html" - }, - "GetPlaybackConfiguration": { - "privilege": "GetPlaybackConfiguration", - "description": "Grants permission to retrieve the configuration for the specified name", - "access_level": "Read", - "resource_types": { - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfiguration-name.html" - }, - "GetPrefetchSchedule": { - "privilege": "GetPrefetchSchedule", - "description": "Grants permission to retrieve prefetch schedule for a playback configuration with the specified prefetch schedule name", - "access_level": "Read", - "resource_types": { - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "prefetchSchedule": { - "resource_type": "prefetchSchedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname-name.html" - }, - "ListAlerts": { - "privilege": "ListAlerts", - "description": "Grants permission to retrieve the list of alerts on a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/alerts.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to retrieve the list of existing channels", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channels.html" - }, - "ListLiveSources": { - "privilege": "ListLiveSources", - "description": "Grants permission to retrieve the list of existing live sources on the source location with the specified source location name", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesources.html" - }, - "ListPlaybackConfigurations": { - "privilege": "ListPlaybackConfigurations", - "description": "Grants permission to retrieve the list of available configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfigurations.html" - }, - "ListPrefetchSchedules": { - "privilege": "ListPrefetchSchedules", - "description": "Grants permission to retrieve the list of prefetch schedules for a playback configuration", - "access_level": "List", - "resource_types": { - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname.html" - }, - "ListSourceLocations": { - "privilege": "ListSourceLocations", - "description": "Grants permission to retrieve the list of existing source locations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags assigned to the specified playback configuration resource", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "liveSource": { - "resource_type": "liveSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sourceLocation": { - "resource_type": "sourceLocation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vodSource": { - "resource_type": "vodSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/tags-resourcearn.html" - }, - "ListVodSources": { - "privilege": "ListVodSources", - "description": "Grants permission to retrieve the list of existing VOD sources on the source location with the specified source location name", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsources.html" - }, - "PutChannelPolicy": { - "privilege": "PutChannelPolicy", - "description": "Grants permission to set the IAM policy on the channel with the specified channel name", - "access_level": "Permissions management", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-policy.html" - }, - "PutPlaybackConfiguration": { - "privilege": "PutPlaybackConfiguration", - "description": "Grants permission to add a new configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfiguration.html" - }, - "StartChannel": { - "privilege": "StartChannel", - "description": "Grants permission to start the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-start.html" - }, - "StopChannel": { - "privilege": "StopChannel", - "description": "Grants permission to stop the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-stop.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to the specified playback configuration resource", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "liveSource": { - "resource_type": "liveSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sourceLocation": { - "resource_type": "sourceLocation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vodSource": { - "resource_type": "vodSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/tags-resourcearn.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from the specified playback configuration resource", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "liveSource": { - "resource_type": "liveSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "playbackConfiguration": { - "resource_type": "playbackConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sourceLocation": { - "resource_type": "sourceLocation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vodSource": { - "resource_type": "vodSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/tags-resourcearn.html" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Grants permission to update the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" - }, - "UpdateLiveSource": { - "privilege": "UpdateLiveSource", - "description": "Grants permission to update the live source with the specified live source name on the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "liveSource": { - "resource_type": "liveSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" - }, - "UpdateProgram": { - "privilege": "UpdateProgram", - "description": "Grants permission to update the program with the specified program name on the channel with the specified channel name", - "access_level": "Write", - "resource_types": { - "program": { - "resource_type": "program", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" - }, - "UpdateSourceLocation": { - "privilege": "UpdateSourceLocation", - "description": "Grants permission to update the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "sourceLocation": { - "resource_type": "sourceLocation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" - }, - "UpdateVodSource": { - "privilege": "UpdateVodSource", - "description": "Grants permission to update the VOD source with the specified VOD source name on the source location with the specified source location name", - "access_level": "Write", - "resource_types": { - "vodSource": { - "resource_type": "vodSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" - } - }, - "resources": { - "playbackConfiguration": { - "resource": "playbackConfiguration", - "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:playbackConfiguration/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "prefetchSchedule": { - "resource": "prefetchSchedule", - "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:prefetchSchedule/${ResourceId}", - "condition_keys": [] - }, - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:channel/${ChannelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "program": { - "resource": "program", - "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:program/${ChannelName}/${ProgramName}", - "condition_keys": [] - }, - "sourceLocation": { - "resource": "sourceLocation", - "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:sourceLocation/${SourceLocationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vodSource": { - "resource": "vodSource", - "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:vodSource/${SourceLocationName}/${VodSourceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "liveSource": { - "resource": "liveSource", - "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:liveSource/${SourceLocationName}/${LiveSourceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "elemental-support-cases": { - "service_name": "AWS Elemental Support Cases", - "prefix": "elemental-support-cases", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalsupportcases.html", - "privileges": { - "CheckCasePermission": { - "privilege": "CheckCasePermission", - "description": "Verify whether the caller has the permissions to perform support case operations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "CreateCase": { - "privilege": "CreateCase", - "description": "Grant the permission to create a support case", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetCase": { - "privilege": "GetCase", - "description": "Grant the permission to describe a support case in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "GetCases": { - "privilege": "GetCases", - "description": "Grant the permission to list the support cases in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - }, - "UpdateCase": { - "privilege": "UpdateCase", - "description": "Grant the permission to update a support case", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - } - }, - "resources": {}, - "conditions": {} - }, - "elemental-support-content": { - "service_name": "AWS Elemental Support Content", - "prefix": "elemental-support-content", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalsupportcontent.html", - "privileges": { - "Query": { - "privilege": "Query", - "description": "Grant the permission to search support content", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" - } - }, - "resources": {}, - "conditions": {} - }, - "fis": { - "service_name": "AWS Fault Injection Simulator", - "prefix": "fis", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsfaultinjectionsimulator.html", - "privileges": { - "CreateExperimentTemplate": { - "privilege": "CreateExperimentTemplate", - "description": "Grants permission to create an AWS FIS experiment template", - "access_level": "Write", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment-template": { - "resource_type": "experiment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_CreateExperimentTemplate.html" - }, - "DeleteExperimentTemplate": { - "privilege": "DeleteExperimentTemplate", - "description": "Grants permission to delete the AWS FIS experiment template", - "access_level": "Write", - "resource_types": { - "experiment-template": { - "resource_type": "experiment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_DeleteExperimentTemplate.html" - }, - "GetAction": { - "privilege": "GetAction", - "description": "Grants permission to retrieve an AWS FIS action", - "access_level": "Read", - "resource_types": { - "action": { - "resource_type": "action", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetAction.html" - }, - "GetExperiment": { - "privilege": "GetExperiment", - "description": "Grants permission to retrieve an AWS FIS experiment", - "access_level": "Read", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetExperiment.html" - }, - "GetExperimentTemplate": { - "privilege": "GetExperimentTemplate", - "description": "Grants permission to retrieve an AWS FIS Experiment Template", - "access_level": "Read", - "resource_types": { - "experiment-template": { - "resource_type": "experiment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetExperimentTemplate.html" - }, - "GetTargetResourceType": { - "privilege": "GetTargetResourceType", - "description": "Grants permission to get information about the specified resource type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetTargetResourceType.html" - }, - "InjectApiInternalError": { - "privilege": "InjectApiInternalError", - "description": "Grants permission to inject an API internal error on the provided AWS service from an FIS Experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "fis:Service", - "fis:Operations", - "fis:Percentage", - "fis:Targets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#fis-actions-reference-fis" - }, - "InjectApiThrottleError": { - "privilege": "InjectApiThrottleError", - "description": "Grants permission to inject an API throttle error on the provided AWS service from an FIS Experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "fis:Service", - "fis:Operations", - "fis:Percentage", - "fis:Targets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#fis-actions-reference-fis" - }, - "InjectApiUnavailableError": { - "privilege": "InjectApiUnavailableError", - "description": "Grants permission to inject an API unavailable error on the provided AWS service from an FIS Experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "fis:Service", - "fis:Operations", - "fis:Percentage", - "fis:Targets" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#fis-actions-reference-fis" - }, - "ListActions": { - "privilege": "ListActions", - "description": "Grants permission to list all available AWS FIS actions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListActions.html" - }, - "ListExperimentTemplates": { - "privilege": "ListExperimentTemplates", - "description": "Grants permission to list all available AWS FIS experiment templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListExperimentTemplates.html" - }, - "ListExperiments": { - "privilege": "ListExperiments", - "description": "Grants permission to list all available AWS FIS experiments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListExperiments.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for an AWS FIS resource", - "access_level": "Read", - "resource_types": { - "action": { - "resource_type": "action", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment-template": { - "resource_type": "experiment-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTargetResourceTypes": { - "privilege": "ListTargetResourceTypes", - "description": "Grants permission to list the resource types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListTargetResourceTypes.html" - }, - "StartExperiment": { - "privilege": "StartExperiment", - "description": "Grants permission to run an AWS FIS experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "experiment-template": { - "resource_type": "experiment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_StartExperiment.html" - }, - "StopExperiment": { - "privilege": "StopExperiment", - "description": "Grants permission to stop an AWS FIS experiment", - "access_level": "Write", - "resource_types": { - "experiment": { - "resource_type": "experiment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_StopExperiment.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag AWS FIS resources", - "access_level": "Tagging", - "resource_types": { - "action": { - "resource_type": "action", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment-template": { - "resource_type": "experiment-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag AWS FIS resources", - "access_level": "Tagging", - "resource_types": { - "action": { - "resource_type": "action", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment": { - "resource_type": "experiment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "experiment-template": { - "resource_type": "experiment-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_UntagResource.html" - }, - "UpdateExperimentTemplate": { - "privilege": "UpdateExperimentTemplate", - "description": "Grants permission to update the specified AWS FIS experiment template", - "access_level": "Write", - "resource_types": { - "experiment-template": { - "resource_type": "experiment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "action": { - "resource_type": "action", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_UpdateExperimentTemplate.html" - } - }, - "resources": { - "action": { - "resource": "action", - "arn": "arn:${Partition}:fis:${Region}:${Account}:action/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "experiment": { - "resource": "experiment", - "arn": "arn:${Partition}:fis:${Region}:${Account}:experiment/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "experiment-template": { - "resource": "experiment-template", - "arn": "arn:${Partition}:fis:${Region}:${Account}:experiment-template/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - }, - "fis:Operations": { - "condition": "fis:Operations", - "description": "Filters access by the list of operations on the AWS service that is being affected by the AWS FIS action", - "type": "ArrayOfString" - }, - "fis:Percentage": { - "condition": "fis:Percentage", - "description": "Filters access by the percentage of calls being affected by the AWS FIS action", - "type": "Numeric" - }, - "fis:Service": { - "condition": "fis:Service", - "description": "Filters access by the AWS service that is being affected by the AWS FIS action", - "type": "String" - }, - "fis:Targets": { - "condition": "fis:Targets", - "description": "Filters access by the list of resource ARNs being targeted by the AWS FIS action", - "type": "ArrayOfString" - } - } - }, - "fms": { - "service_name": "AWS Firewall Manager", - "prefix": "fms", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsfirewallmanager.html", - "privileges": { - "AssociateAdminAccount": { - "privilege": "AssociateAdminAccount", - "description": "Grants permission to set the AWS Firewall Manager administrator account and enables the service in all organization accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_AssociateAdminAccount.html" - }, - "AssociateThirdPartyFirewall": { - "privilege": "AssociateThirdPartyFirewall", - "description": "Grants permission to set the Firewall Manager administrator as a tenant administrator of a third-party firewall service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_AssociateThirdPartyFirewall.html" - }, - "BatchAssociateResource": { - "privilege": "BatchAssociateResource", - "description": "Grants permission to associate resources to an AWS Firewall Manager resource set", - "access_level": "Write", - "resource_types": { - "resource-set": { - "resource_type": "resource-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_BatchAssociateResource.html" - }, - "BatchDisassociateResource": { - "privilege": "BatchDisassociateResource", - "description": "Grants permission to disassociate resources from an AWS Firewall Manager resource set", - "access_level": "Write", - "resource_types": { - "resource-set": { - "resource_type": "resource-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_BatchDisassociateResource.html" - }, - "DeleteAppsList": { - "privilege": "DeleteAppsList", - "description": "Grants permission to permanently deletes an AWS Firewall Manager applications list", - "access_level": "Write", - "resource_types": { - "applications-list": { - "resource_type": "applications-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteAppsList.html" - }, - "DeleteNotificationChannel": { - "privilege": "DeleteNotificationChannel", - "description": "Grants permission to delete an AWS Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to notify the FM administrator about major FM events and errors across the organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteNotificationChannel.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to permanently delete an AWS Firewall Manager policy", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html" - }, - "DeleteProtocolsList": { - "privilege": "DeleteProtocolsList", - "description": "Grants permission to permanently deletes an AWS Firewall Manager protocols list", - "access_level": "Write", - "resource_types": { - "protocols-list": { - "resource_type": "protocols-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteProtocolsList.html" - }, - "DeleteResourceSet": { - "privilege": "DeleteResourceSet", - "description": "Grants permission to permanently delete an AWS Firewall Manager resource set", - "access_level": "Write", - "resource_types": { - "resource-set": { - "resource_type": "resource-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteResourceSet.html" - }, - "DisassociateAdminAccount": { - "privilege": "DisassociateAdminAccount", - "description": "Grants permission to disassociate the account that has been set as the AWS Firewall Manager administrator account and and disables the service in all organization accounts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DisassociateAdminAccount.html" - }, - "DisassociateThirdPartyFirewall": { - "privilege": "DisassociateThirdPartyFirewall", - "description": "Grants permission to disassociate a Firewall Manager administrator from a third-party firewall tenant", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DisassociateThirdPartyFirewall.html" - }, - "GetAdminAccount": { - "privilege": "GetAdminAccount", - "description": "Grants permission to return the AWS Organizations account that is associated with AWS Firewall Manager as the AWS Firewall Manager administrator", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetAdminAccount.html" - }, - "GetAdminScope": { - "privilege": "GetAdminScope", - "description": "Grants permission to return information about the specified account's administrative scope", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetAdminScope.html" - }, - "GetAppsList": { - "privilege": "GetAppsList", - "description": "Grants permission to return information about the specified AWS Firewall Manager applications list", - "access_level": "Read", - "resource_types": { - "applications-list": { - "resource_type": "applications-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetAppsList.html" - }, - "GetComplianceDetail": { - "privilege": "GetComplianceDetail", - "description": "Grants permission to retrieve detailed compliance information about the specified member account. Details include resources that are in and out of compliance with the specified policy", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetComplianceDetail.html" - }, - "GetNotificationChannel": { - "privilege": "GetNotificationChannel", - "description": "Grants permission to retrieve information about the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetNotificationChannel.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to retrieve information about the specified AWS Firewall Manager policy", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetPolicy.html" - }, - "GetProtectionStatus": { - "privilege": "GetProtectionStatus", - "description": "Grants permission to retrieve policy-level attack summary information in the event of a potential DDoS attack", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetProtectionStatus.html" - }, - "GetProtocolsList": { - "privilege": "GetProtocolsList", - "description": "Grants permission to return information about the specified AWS Firewall Manager protocols list", - "access_level": "Read", - "resource_types": { - "protocols-list": { - "resource_type": "protocols-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetProtocolsList.html" - }, - "GetResourceSet": { - "privilege": "GetResourceSet", - "description": "Grants permission to retrieve information about the specified AWS Firewall Manager resource set", - "access_level": "Read", - "resource_types": { - "resource-set": { - "resource_type": "resource-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetResourceSet.html" - }, - "GetThirdPartyFirewallAssociationStatus": { - "privilege": "GetThirdPartyFirewallAssociationStatus", - "description": "Grants permission to retrieve the onboarding status of a Firewall Manager administrator account to third-party firewall vendor tenant", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetThirdPartyFirewallAssociationStatus.html" - }, - "GetViolationDetails": { - "privilege": "GetViolationDetails", - "description": "Grants permission to retrieve violations for a resource based on the specified AWS Firewall Manager policy and AWS account", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetViolationDetails.html" - }, - "ListAdminAccountsForOrganization": { - "privilege": "ListAdminAccountsForOrganization", - "description": "Grants permission to return a AdminAccounts object that lists the Firewall Manager administrators within the organization that are onboarded to Firewall Manager by AssociateAdminAccount", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListAdminAccountsForOrganization.html" - }, - "ListAdminsManagingAccount": { - "privilege": "ListAdminsManagingAccount", - "description": "Grants permission to list the accounts that are managing the specified AWS Organizations member account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListAdminsManagingAccount.html" - }, - "ListAppsLists": { - "privilege": "ListAppsLists", - "description": "Grants permission to return an array of AppsListDataSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListAppsLists.html" - }, - "ListComplianceStatus": { - "privilege": "ListComplianceStatus", - "description": "Grants permission to retrieve an array of PolicyComplianceStatus objects in the response. Use PolicyComplianceStatus to get a summary of which member accounts are protected by the specified policy", - "access_level": "List", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListComplianceStatus.html" - }, - "ListDiscoveredResources": { - "privilege": "ListDiscoveredResources", - "description": "Grants permission to retrieve an array of resources in the organization's accounts that are available to be associated with a resource set", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListDiscoveredResources.html" - }, - "ListMemberAccounts": { - "privilege": "ListMemberAccounts", - "description": "Grants permission to retrieve an array of member account ids if the caller is FMS admin account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListMemberAccounts.html" - }, - "ListPolicies": { - "privilege": "ListPolicies", - "description": "Grants permission to retrieve an array of PolicySummary objects in the response", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListPolicies.html" - }, - "ListProtocolsLists": { - "privilege": "ListProtocolsLists", - "description": "Grants permission to return an array of ProtocolsListDataSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListProtocolsLists.html" - }, - "ListResourceSetResources": { - "privilege": "ListResourceSetResources", - "description": "Grants permission to retrieve an array of resources that are currently associated to a resource set", - "access_level": "List", - "resource_types": { - "resource-set": { - "resource_type": "resource-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListResourceSetResources.html" - }, - "ListResourceSets": { - "privilege": "ListResourceSets", - "description": "Grants permission to retrieve an array of ResourceSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListResourceSets.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list Tags for a given resource", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListTagsForResource.html" - }, - "ListThirdPartyFirewallFirewallPolicies": { - "privilege": "ListThirdPartyFirewallFirewallPolicies", - "description": "Grants permission to retrieve a list of all of the third-party firewall policies that are associated with the third-party firewall administrator's account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListThirdPartyFirewallFirewallPolicies.html" - }, - "PutAdminAccount": { - "privilege": "PutAdminAccount", - "description": "Grants permission to create or update an Firewall Manager administrator account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutAdminAccount.html" - }, - "PutAppsList": { - "privilege": "PutAppsList", - "description": "Grants permission to create an AWS Firewall Manager applications list", - "access_level": "Write", - "resource_types": { - "applications-list": { - "resource_type": "applications-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutAppsList.html" - }, - "PutNotificationChannel": { - "privilege": "PutNotificationChannel", - "description": "Grants permission to designate the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager (FM) could use to notify the FM administrator about major FM events and errors across the organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutNotificationChannel.html" - }, - "PutPolicy": { - "privilege": "PutPolicy", - "description": "Grants permission to create an AWS Firewall Manager policy", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutPolicy.html" - }, - "PutProtocolsList": { - "privilege": "PutProtocolsList", - "description": "Grants permission to creates an AWS Firewall Manager protocols list", - "access_level": "Write", - "resource_types": { - "protocols-list": { - "resource_type": "protocols-list", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutProtocolsList.html" - }, - "PutResourceSet": { - "privilege": "PutResourceSet", - "description": "Grants permission to create an AWS Firewall Manager resource set", - "access_level": "Write", - "resource_types": { - "resource-set": { - "resource_type": "resource-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutResourceSet.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a Tag to a given resource", - "access_level": "Tagging", - "resource_types": { - "applications-list": { - "resource_type": "applications-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "protocols-list": { - "resource_type": "protocols-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resource-set": { - "resource_type": "resource-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a Tag from a given resource", - "access_level": "Tagging", - "resource_types": { - "applications-list": { - "resource_type": "applications-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "protocols-list": { - "resource_type": "protocols-list", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resource-set": { - "resource_type": "resource-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_UntagResource.html" - } - }, - "resources": { - "policy": { - "resource": "policy", - "arn": "arn:${Partition}:fms:${Region}:${Account}:policy/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "applications-list": { - "resource": "applications-list", - "arn": "arn:${Partition}:fms:${Region}:${Account}:applications-list/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "protocols-list": { - "resource": "protocols-list", - "arn": "arn:${Partition}:fms:${Region}:${Account}:protocols-list/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resource-set": { - "resource": "resource-set", - "arn": "arn:${Partition}:fms:${Region}:${Account}:resource-set/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "freetier": { - "service_name": "AWS Free Tier", - "prefix": "freetier", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsfreetier.html", - "privileges": { - "GetFreeTierAlertPreference": { - "privilege": "GetFreeTierAlertPreference", - "description": "Allow or deny IAM users permission to get free tier alert preference (email address)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/tracking-free-tier-usage.html" - }, - "GetFreeTierUsage": { - "privilege": "GetFreeTierUsage", - "description": "Allow or deny IAM users permission to get free tier usage limits and MTD usage status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/tracking-free-tier-usage.html" - }, - "PutFreeTierAlertPreference": { - "privilege": "PutFreeTierAlertPreference", - "description": "Allow or deny IAM users permission to set free tier alert preference (email address)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/tracking-free-tier-usage.html" - } - }, - "resources": {}, - "conditions": {} - }, - "globalaccelerator": { - "service_name": "AWS Global Accelerator", - "prefix": "globalaccelerator", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsglobalaccelerator.html", - "privileges": { - "AddCustomRoutingEndpoints": { - "privilege": "AddCustomRoutingEndpoints", - "description": "Grants permission to add a virtual private cloud (VPC) subnet endpoint to a custom routing accelerator endpoint group", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AddCustomRoutingEndpoints.html" - }, - "AddEndpoints": { - "privilege": "AddEndpoints", - "description": "Grants permission to add an endpoint to a standard accelerator endpoint group", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AddEndpoints.html" - }, - "AdvertiseByoipCidr": { - "privilege": "AdvertiseByoipCidr", - "description": "Grants permission to advertises an IPv4 address range that is provisioned for use with your accelerator through bring your own IP addresses (BYOIP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AdvertiseByoipCidr.html" - }, - "AllowCustomRoutingTraffic": { - "privilege": "AllowCustomRoutingTraffic", - "description": "Grants permission to allows custom routing of user traffic to a private destination IP:PORT in a specific VPC subnet", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AllowCustomRoutingTraffic.html" - }, - "CreateAccelerator": { - "privilege": "CreateAccelerator", - "description": "Grants permission to create a standard accelerator", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateAccelerator.html" - }, - "CreateCustomRoutingAccelerator": { - "privilege": "CreateCustomRoutingAccelerator", - "description": "Grants permission to create a Custom Routing accelerator", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateCustomRoutingAccelerator.html" - }, - "CreateCustomRoutingEndpointGroup": { - "privilege": "CreateCustomRoutingEndpointGroup", - "description": "Grants permission to create an endpoint group for the specified listener for a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateCustomRoutingEndpointGroup.html" - }, - "CreateCustomRoutingListener": { - "privilege": "CreateCustomRoutingListener", - "description": "Grants permission to create a listener to process inbound connections from clients to a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateCustomRoutingListener.html" - }, - "CreateEndpointGroup": { - "privilege": "CreateEndpointGroup", - "description": "Grants permission to add an endpoint group to a standard accelerator listener", - "access_level": "Write", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateEndpointGroup.html" - }, - "CreateListener": { - "privilege": "CreateListener", - "description": "Grants permission to add a listener to a standard accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateListener.html" - }, - "DeleteAccelerator": { - "privilege": "DeleteAccelerator", - "description": "Grants permission to delete a standard accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteAccelerator.html" - }, - "DeleteCustomRoutingAccelerator": { - "privilege": "DeleteCustomRoutingAccelerator", - "description": "Grants permission to delete a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteCustomRoutingAccelerator.html" - }, - "DeleteCustomRoutingEndpointGroup": { - "privilege": "DeleteCustomRoutingEndpointGroup", - "description": "Grants permission to delete an endpoint group from a listener for a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteCustomRoutingEndpointGroup.html" - }, - "DeleteCustomRoutingListener": { - "privilege": "DeleteCustomRoutingListener", - "description": "Grants permission to delete a listener for a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteCustomRoutingListener.html" - }, - "DeleteEndpointGroup": { - "privilege": "DeleteEndpointGroup", - "description": "Grants permission to delete an endpoint group associated with a standard accelerator listener", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteEndpointGroup.html" - }, - "DeleteListener": { - "privilege": "DeleteListener", - "description": "Grants permission to delete a listener from a standard accelerator", - "access_level": "Write", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteListener.html" - }, - "DenyCustomRoutingTraffic": { - "privilege": "DenyCustomRoutingTraffic", - "description": "Grants permission to disallows custom routing of user traffic to a private destination IP:PORT in a specific VPC subnet", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DenyCustomRoutingTraffic.html" - }, - "DeprovisionByoipCidr": { - "privilege": "DeprovisionByoipCidr", - "description": "Grants permission to releases the specified address range that you provisioned for use with your accelerator through bring your own IP addresses (BYOIP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeprovisionByoipCidr.html" - }, - "DescribeAccelerator": { - "privilege": "DescribeAccelerator", - "description": "Grants permissions to describe a standard accelerator", - "access_level": "Read", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html" - }, - "DescribeAcceleratorAttributes": { - "privilege": "DescribeAcceleratorAttributes", - "description": "Grants permission to describe a standard accelerator attributes", - "access_level": "Read", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAcceleratorAttributes.html" - }, - "DescribeCustomRoutingAccelerator": { - "privilege": "DescribeCustomRoutingAccelerator", - "description": "Grants permission to describe a custom routing accelerator", - "access_level": "Read", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingAccelerator.html" - }, - "DescribeCustomRoutingAcceleratorAttributes": { - "privilege": "DescribeCustomRoutingAcceleratorAttributes", - "description": "Grants permission to describe the attributes of a custom routing accelerator", - "access_level": "Read", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingAcceleratorAttributes.html" - }, - "DescribeCustomRoutingEndpointGroup": { - "privilege": "DescribeCustomRoutingEndpointGroup", - "description": "Grants permission to describe an endpoint group for a custom routing accelerator", - "access_level": "Read", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingEndpointGroup.html" - }, - "DescribeCustomRoutingListener": { - "privilege": "DescribeCustomRoutingListener", - "description": "Grants permission to describe a listener for a custom routing accelerator", - "access_level": "Read", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingListener.html" - }, - "DescribeEndpointGroup": { - "privilege": "DescribeEndpointGroup", - "description": "Grants permission to describe a standard accelerator endpoint group", - "access_level": "Read", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeEndpointGroup.html" - }, - "DescribeListener": { - "privilege": "DescribeListener", - "description": "Grants permission to describe a standard accelerator listener", - "access_level": "Read", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeListener.html" - }, - "ListAccelerators": { - "privilege": "ListAccelerators", - "description": "Grants permission to list all standard accelerators", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListAccelerators.html" - }, - "ListByoipCidrs": { - "privilege": "ListByoipCidrs", - "description": "Grants permission to list the BYOIP cidrs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListByoipCidrs.html" - }, - "ListCustomRoutingAccelerators": { - "privilege": "ListCustomRoutingAccelerators", - "description": "Grants permission to list the custom routing accelerators for an AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingAccelerators.html" - }, - "ListCustomRoutingEndpointGroups": { - "privilege": "ListCustomRoutingEndpointGroups", - "description": "Grants permission to list the endpoint groups that are associated with a listener for a custom routing accelerator", - "access_level": "List", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingEndpointGroups.html" - }, - "ListCustomRoutingListeners": { - "privilege": "ListCustomRoutingListeners", - "description": "Grants permission to list the listeners for a custom routing accelerator", - "access_level": "List", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingListeners.html" - }, - "ListCustomRoutingPortMappings": { - "privilege": "ListCustomRoutingPortMappings", - "description": "Grants permission to list the port mappings for a custom routing accelerator", - "access_level": "List", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingPortMappings.html" - }, - "ListCustomRoutingPortMappingsByDestination": { - "privilege": "ListCustomRoutingPortMappingsByDestination", - "description": "Grants permission to list the port mappings for a specific endpoint IP address (a destination address) in a subnet", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingPortMappingsByDestination.html" - }, - "ListEndpointGroups": { - "privilege": "ListEndpointGroups", - "description": "Grants permission to list all endpoint groups associated with a standard accelerator listener", - "access_level": "List", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListEndpointGroups.html" - }, - "ListListeners": { - "privilege": "ListListeners", - "description": "Grants permission to list all listeners associated with a standard accelerator", - "access_level": "List", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListListeners.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a globalaccelerator resource", - "access_level": "Read", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListTagsForResource.html" - }, - "ProvisionByoipCidr": { - "privilege": "ProvisionByoipCidr", - "description": "Grants permission to provisions an address range for use with your accelerator through bring your own IP addresses (BYOIP)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ProvisionByoipCidr.html" - }, - "RemoveCustomRoutingEndpoints": { - "privilege": "RemoveCustomRoutingEndpoints", - "description": "Grants permission to remove virtual private cloud (VPC) subnet endpoints from a custom routing accelerator endpoint group", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_RemoveCustomRoutingEndpoints.html" - }, - "RemoveEndpoints": { - "privilege": "RemoveEndpoints", - "description": "Grants permission to remove an endpoint from a standard accelerator endpoint group", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_RemoveEndpoints.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a globalaccelerator resource", - "access_level": "Tagging", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a globalaccelerator resource", - "access_level": "Tagging", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UntagResource.html" - }, - "UpdateAccelerator": { - "privilege": "UpdateAccelerator", - "description": "Grants permission to update a standard accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateAccelerator.html" - }, - "UpdateAcceleratorAttributes": { - "privilege": "UpdateAcceleratorAttributes", - "description": "Grants permission to update a standard accelerator attributes", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateAcceleratorAttributes.html" - }, - "UpdateCustomRoutingAccelerator": { - "privilege": "UpdateCustomRoutingAccelerator", - "description": "Grants permission to update a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateCustomRoutingAccelerator.html" - }, - "UpdateCustomRoutingAcceleratorAttributes": { - "privilege": "UpdateCustomRoutingAcceleratorAttributes", - "description": "Grants permission to update the attributes for a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "accelerator": { - "resource_type": "accelerator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateCustomRoutingAcceleratorAttributes.html" - }, - "UpdateCustomRoutingListener": { - "privilege": "UpdateCustomRoutingListener", - "description": "Grants permission to update a listener for a custom routing accelerator", - "access_level": "Write", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateCustomRoutingListener.html" - }, - "UpdateEndpointGroup": { - "privilege": "UpdateEndpointGroup", - "description": "Grants permission to update an endpoint group on a standard accelerator listener", - "access_level": "Write", - "resource_types": { - "endpointgroup": { - "resource_type": "endpointgroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateEndpointGroup.html" - }, - "UpdateListener": { - "privilege": "UpdateListener", - "description": "Grants permission to update a listener on a standard accelerator", - "access_level": "Write", - "resource_types": { - "listener": { - "resource_type": "listener", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateListener.html" - }, - "WithdrawByoipCidr": { - "privilege": "WithdrawByoipCidr", - "description": "Grants permission to stops advertising a BYOIP IPv4 address", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_WithdrawByoipCidr.html" - } - }, - "resources": { - "accelerator": { - "resource": "accelerator", - "arn": "arn:${Partition}:globalaccelerator::${Account}:accelerator/${AcceleratorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "listener": { - "resource": "listener", - "arn": "arn:${Partition}:globalaccelerator::${Account}:accelerator/${AcceleratorId}/listener/${ListenerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "endpointgroup": { - "resource": "endpointgroup", - "arn": "arn:${Partition}:globalaccelerator::${Account}:accelerator/${AcceleratorId}/listener/${ListenerId}/endpoint-group/${EndpointGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "glue": { - "service_name": "AWS Glue", - "prefix": "glue", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsglue.html", - "privileges": { - "BatchCreatePartition": { - "privilege": "BatchCreatePartition", - "description": "Grants permission to create one or more partitions", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchCreatePartition" - }, - "BatchDeleteConnection": { - "privilege": "BatchDeleteConnection", - "description": "Grants permission to delete one or more connections", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-BatchDeleteConnection" - }, - "BatchDeletePartition": { - "privilege": "BatchDeletePartition", - "description": "Grants permission to delete one or more partitions", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchDeletePartition" - }, - "BatchDeleteTable": { - "privilege": "BatchDeleteTable", - "description": "Grants permission to delete one or more tables", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-BatchDeleteTable" - }, - "BatchDeleteTableVersion": { - "privilege": "BatchDeleteTableVersion", - "description": "Grants permission to delete one or more versions of a table", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteTableVersion" - }, - "BatchGetBlueprints": { - "privilege": "BatchGetBlueprints", - "description": "Grants permission to retrieve one or more blueprints", - "access_level": "Read", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-BatchGetBlueprints" - }, - "BatchGetCrawlers": { - "privilege": "BatchGetCrawlers", - "description": "Grants permission to retrieve one or more crawlers", - "access_level": "Read", - "resource_types": { - "crawler": { - "resource_type": "crawler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-BatchGetCrawlers" - }, - "BatchGetCustomEntityTypes": { - "privilege": "BatchGetCustomEntityTypes", - "description": "Grants permission to retrieve one or more Custom Entity Types", - "access_level": "Read", - "resource_types": { - "customEntityType": { - "resource_type": "customEntityType", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-BatchGetCustomEntityTypes" - }, - "BatchGetDevEndpoints": { - "privilege": "BatchGetDevEndpoints", - "description": "Grants permission to retrieve one or more development endpoints", - "access_level": "Read", - "resource_types": { - "devendpoint": { - "resource_type": "devendpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-BatchGetDevEndpoints" - }, - "BatchGetJobs": { - "privilege": "BatchGetJobs", - "description": "Grants permission to retrieve one or more jobs", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-BatchGetJobs" - }, - "BatchGetPartition": { - "privilege": "BatchGetPartition", - "description": "Grants permission to retrieve one or more partitions", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchGetPartition" - }, - "BatchGetTriggers": { - "privilege": "BatchGetTriggers", - "description": "Grants permission to retrieve one or more triggers", - "access_level": "Read", - "resource_types": { - "trigger": { - "resource_type": "trigger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-BatchGetTriggers" - }, - "BatchGetWorkflows": { - "privilege": "BatchGetWorkflows", - "description": "Grants permission to retrieve one or more workflows", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-BatchGetWorkflows" - }, - "BatchStopJobRun": { - "privilege": "BatchStopJobRun", - "description": "Grants permission to stop one or more job runs for a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-BatchStopStartJobRun" - }, - "BatchUpdatePartition": { - "privilege": "BatchUpdatePartition", - "description": "Grants permission to update one or more partitions", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchUpdatePartition" - }, - "CancelDataQualityRuleRecommendationRun": { - "privilege": "CancelDataQualityRuleRecommendationRun", - "description": "Grants permission to stop a running Data Quality rule recommendation run", - "access_level": "Write", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-CancelDataQualityRuleRecommendationRun" - }, - "CancelDataQualityRulesetEvaluationRun": { - "privilege": "CancelDataQualityRulesetEvaluationRun", - "description": "Grants permission to stop a running Data Quality ruleset evaluation run", - "access_level": "Write", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-CancelDataQualityRulesetEvaluationRun" - }, - "CancelMLTaskRun": { - "privilege": "CancelMLTaskRun", - "description": "Grants permission to stop a running ML Task Run", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-CancelMLTaskRun" - }, - "CancelStatement": { - "privilege": "CancelStatement", - "description": "Grants permission to cancel a statement in an interactive session", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-CancelStatement" - }, - "CheckSchemaVersionValidity": { - "privilege": "CheckSchemaVersionValidity", - "description": "Grants permission to retrieve a check the validity of schema version", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-CheckSchemaVersionValidity" - }, - "CreateBlueprint": { - "privilege": "CreateBlueprint", - "description": "Grants permission to create a blueprint", - "access_level": "Write", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-CreateBlueprint" - }, - "CreateClassifier": { - "privilege": "CreateClassifier", - "description": "Grants permission to create a classifier", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-CreateClassifier" - }, - "CreateConnection": { - "privilege": "CreateConnection", - "description": "Grants permission to create a connection", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-CreateConnection" - }, - "CreateCrawler": { - "privilege": "CreateCrawler", - "description": "Grants permission to create a crawler", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-CreateCrawler" - }, - "CreateCustomEntityType": { - "privilege": "CreateCustomEntityType", - "description": "Grants permission to create a Custom Entity Type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-CreateCustomEntityType" - }, - "CreateDataQualityRuleset": { - "privilege": "CreateDataQualityRuleset", - "description": "Grants permission to create a Data Quality ruleset", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-CreateDataQualityRuleset" - }, - "CreateDatabase": { - "privilege": "CreateDatabase", - "description": "Grants permission to create a database", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-CreateDatabase" - }, - "CreateDevEndpoint": { - "privilege": "CreateDevEndpoint", - "description": "Grants permission to create a development endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-CreateDevEndpoint" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Grants permission to create a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "glue:VpcIds", - "glue:SubnetIds", - "glue:SecurityGroupIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-CreateJob" - }, - "CreateMLTransform": { - "privilege": "CreateMLTransform", - "description": "Grants permission to create an ML Transform", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-CreateMLTransform" - }, - "CreatePartition": { - "privilege": "CreatePartition", - "description": "Grants permission to create a partition", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-CreatePartition" - }, - "CreatePartitionIndex": { - "privilege": "CreatePartitionIndex", - "description": "Grants permission to create a specified partition index in an existing table", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-CreatePartitionIndex" - }, - "CreateRegistry": { - "privilege": "CreateRegistry", - "description": "Grants permission to create a new schema registry", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-CreateRegistry" - }, - "CreateSchema": { - "privilege": "CreateSchema", - "description": "Grants permission to create a new schema container", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-CreateSchema" - }, - "CreateScript": { - "privilege": "CreateScript", - "description": "Grants permission to create a script", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-CreateScript" - }, - "CreateSecurityConfiguration": { - "privilege": "CreateSecurityConfiguration", - "description": "Grants permission to create a security configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-CreateSecurityConfiguration" - }, - "CreateSession": { - "privilege": "CreateSession", - "description": "Grants permission to create an interactive session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-api-interactive-sessions-CreateSession" - }, - "CreateTable": { - "privilege": "CreateTable", - "description": "Grants permission to create a table", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-CreateTable" - }, - "CreateTrigger": { - "privilege": "CreateTrigger", - "description": "Grants permission to create a trigger", - "access_level": "Write", - "resource_types": { - "trigger": { - "resource_type": "trigger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-CreateTrigger" - }, - "CreateUserDefinedFunction": { - "privilege": "CreateUserDefinedFunction", - "description": "Grants permission to create a function definition", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-CreateUserDefinedFunction" - }, - "CreateWorkflow": { - "privilege": "CreateWorkflow", - "description": "Grants permission to create a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-CreateWorkflow" - }, - "DeleteBlueprint": { - "privilege": "DeleteBlueprint", - "description": "Grants permission to delete a blueprint", - "access_level": "Write", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-DeleteBlueprint" - }, - "DeleteClassifier": { - "privilege": "DeleteClassifier", - "description": "Grants permission to delete a classifier", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-DeleteClassifier" - }, - "DeleteColumnStatisticsForPartition": { - "privilege": "DeleteColumnStatisticsForPartition", - "description": "Grants permission to delete the partition column statistics of a column", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-DeleteColumnStatisticsForPartition" - }, - "DeleteColumnStatisticsForTable": { - "privilege": "DeleteColumnStatisticsForTable", - "description": "Grants permission to delete the table statistics of columns", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteColumnStatisticsForTable" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete a connection", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-DeleteConnection" - }, - "DeleteCrawler": { - "privilege": "DeleteCrawler", - "description": "Grants permission to delete a crawler", - "access_level": "Write", - "resource_types": { - "crawler": { - "resource_type": "crawler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-DeleteCrawler" - }, - "DeleteCustomEntityType": { - "privilege": "DeleteCustomEntityType", - "description": "Grants permission to delete a Custom Entity Type", - "access_level": "Write", - "resource_types": { - "customEntityType": { - "resource_type": "customEntityType", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-DeleteCustomEntityType" - }, - "DeleteDataQualityRuleset": { - "privilege": "DeleteDataQualityRuleset", - "description": "Grants permission to delete a Data Quality ruleset", - "access_level": "Write", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-DeleteDataQualityRuleset" - }, - "DeleteDatabase": { - "privilege": "DeleteDatabase", - "description": "Grants permission to delete a database", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "userdefinedfunction": { - "resource_type": "userdefinedfunction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-DeleteDatabase" - }, - "DeleteDevEndpoint": { - "privilege": "DeleteDevEndpoint", - "description": "Grants permission to delete a development endpoint", - "access_level": "Write", - "resource_types": { - "devendpoint": { - "resource_type": "devendpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-DeleteDevEndpoint" - }, - "DeleteJob": { - "privilege": "DeleteJob", - "description": "Grants permission to delete a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-DeleteJob" - }, - "DeleteMLTransform": { - "privilege": "DeleteMLTransform", - "description": "Grants permission to delete an ML Transform", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-DeleteMLTransform" - }, - "DeletePartition": { - "privilege": "DeletePartition", - "description": "Grants permission to delete a partition", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-DeletePartition" - }, - "DeletePartitionIndex": { - "privilege": "DeletePartitionIndex", - "description": "Grants permission to delete a specified partition index from an existing table", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeletePartitionIndex" - }, - "DeleteRegistry": { - "privilege": "DeleteRegistry", - "description": "Grants permission to delete a schema registry", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-DeleteRegistry" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy", - "access_level": "Permissions management", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-DeleteResourcePolicy" - }, - "DeleteSchema": { - "privilege": "DeleteSchema", - "description": "Grants permission to delete a schema container", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-DeleteSchema" - }, - "DeleteSchemaVersions": { - "privilege": "DeleteSchemaVersions", - "description": "Grants permission to delete a range of schema versions", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-DeleteSchemaVersions" - }, - "DeleteSecurityConfiguration": { - "privilege": "DeleteSecurityConfiguration", - "description": "Grants permission to delete a security configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-DeleteSecurityConfiguration" - }, - "DeleteSession": { - "privilege": "DeleteSession", - "description": "Grants permission to delete an interactive session after stopping the session if not already stopped", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-DeleteSession" - }, - "DeleteTable": { - "privilege": "DeleteTable", - "description": "Grants permission to delete a table", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteTable" - }, - "DeleteTableVersion": { - "privilege": "DeleteTableVersion", - "description": "Grants permission to delete a version of a table", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteTableVersion" - }, - "DeleteTrigger": { - "privilege": "DeleteTrigger", - "description": "Grants permission to delete a trigger", - "access_level": "Write", - "resource_types": { - "trigger": { - "resource_type": "trigger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-DeleteTrigger" - }, - "DeleteUserDefinedFunction": { - "privilege": "DeleteUserDefinedFunction", - "description": "Grants permission to delete a function definition", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "userdefinedfunction": { - "resource_type": "userdefinedfunction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-DeleteUserDefinedFunction" - }, - "DeleteWorkflow": { - "privilege": "DeleteWorkflow", - "description": "Grants permission to delete a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-DeleteWorkflow" - }, - "DeregisterDataPreview": { - "privilege": "DeregisterDataPreview", - "description": "Grants permission to terminate Glue Studio Notebook session", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "GetBlueprint": { - "privilege": "GetBlueprint", - "description": "Grants permission to retrieve a blueprint", - "access_level": "Read", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetBlueprint" - }, - "GetBlueprintRun": { - "privilege": "GetBlueprintRun", - "description": "Grants permission to retrieve a blueprint run", - "access_level": "Read", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetBlueprintRun" - }, - "GetBlueprintRuns": { - "privilege": "GetBlueprintRuns", - "description": "Grants permission to retrieve all runs of a blueprint", - "access_level": "Read", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetBlueprintRuns" - }, - "GetCatalogImportStatus": { - "privilege": "GetCatalogImportStatus", - "description": "Grants permission to retrieve the catalog import status", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-migration.html#aws-glue-api-catalog-migration-GetCatalogImportStatus" - }, - "GetClassifier": { - "privilege": "GetClassifier", - "description": "Grants permission to retrieve a classifier", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-GetClassifier" - }, - "GetClassifiers": { - "privilege": "GetClassifiers", - "description": "Grants permission to list all classifiers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-GetClassifiers" - }, - "GetColumnStatisticsForPartition": { - "privilege": "GetColumnStatisticsForPartition", - "description": "Grants permission to retrieve partition statistics of columns", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-GetColumnStatisticsForPartition" - }, - "GetColumnStatisticsForTable": { - "privilege": "GetColumnStatisticsForTable", - "description": "Grants permission to retrieve table statistics of columns", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetColumnStatisticsForTable" - }, - "GetConnection": { - "privilege": "GetConnection", - "description": "Grants permission to retrieve a connection", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-GetConnection" - }, - "GetConnections": { - "privilege": "GetConnections", - "description": "Grants permission to retrieve a list of connections", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-GetConnections" - }, - "GetCrawler": { - "privilege": "GetCrawler", - "description": "Grants permission to retrieve a crawler", - "access_level": "Read", - "resource_types": { - "crawler": { - "resource_type": "crawler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-GetCrawler" - }, - "GetCrawlerMetrics": { - "privilege": "GetCrawlerMetrics", - "description": "Grants permission to retrieve metrics about crawlers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-GetCrawlerMetrics" - }, - "GetCrawlers": { - "privilege": "GetCrawlers", - "description": "Grants permission to retrieve all crawlers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-GetCrawlers" - }, - "GetCustomEntityType": { - "privilege": "GetCustomEntityType", - "description": "Grants permission to read a Custom Entity Type", - "access_level": "Read", - "resource_types": { - "customEntityType": { - "resource_type": "customEntityType", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-GetCustomEntityType" - }, - "GetDataCatalogEncryptionSettings": { - "privilege": "GetDataCatalogEncryptionSettings", - "description": "Grants permission to retrieve catalog encryption settings", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetDataCatalogEncryptionSettings" - }, - "GetDataPreviewStatement": { - "privilege": "GetDataPreviewStatement", - "description": "Grants permission to get Data Preview Statement", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "GetDataQualityResult": { - "privilege": "GetDataQualityResult", - "description": "Grants permission to retrieve a Data Quality result", - "access_level": "Read", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityResult" - }, - "GetDataQualityRuleRecommendationRun": { - "privilege": "GetDataQualityRuleRecommendationRun", - "description": "Grants permission to retrieve a Data Quality rule recommendation run", - "access_level": "Read", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityRuleRecommendationRun" - }, - "GetDataQualityRuleset": { - "privilege": "GetDataQualityRuleset", - "description": "Grants permission to retrieve a Data Quality ruleset", - "access_level": "Read", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityRuleset" - }, - "GetDataQualityRulesetEvaluationRun": { - "privilege": "GetDataQualityRulesetEvaluationRun", - "description": "Grants permission to retrieve a Data Quality rule recommendation run", - "access_level": "Read", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityRulesetEvaluationRun" - }, - "GetDatabase": { - "privilege": "GetDatabase", - "description": "Grants permission to retrieve a database", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-GetDatabase" - }, - "GetDatabases": { - "privilege": "GetDatabases", - "description": "Grants permission to retrieve all databases", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-GetDatabases" - }, - "GetDataflowGraph": { - "privilege": "GetDataflowGraph", - "description": "Grants permission to transform a script into a directed acyclic graph (DAG)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-GetDataflowGraph" - }, - "GetDevEndpoint": { - "privilege": "GetDevEndpoint", - "description": "Grants permission to retrieve a development endpoint", - "access_level": "Read", - "resource_types": { - "devendpoint": { - "resource_type": "devendpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-GetDevEndpoint" - }, - "GetDevEndpoints": { - "privilege": "GetDevEndpoints", - "description": "Grants permission to retrieve all development endpoints", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-GetDevEndpoints" - }, - "GetJob": { - "privilege": "GetJob", - "description": "Grants permission to retrieve a job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-GetJob" - }, - "GetJobBookmark": { - "privilege": "GetJobBookmark", - "description": "Grants permission to retrieve a job bookmark", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-job-GetJobBookmark" - }, - "GetJobRun": { - "privilege": "GetJobRun", - "description": "Grants permission to retrieve a job run", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-GetJobRun" - }, - "GetJobRuns": { - "privilege": "GetJobRuns", - "description": "Grants permission to retrieve all job runs of a job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-GetJobRuns" - }, - "GetJobs": { - "privilege": "GetJobs", - "description": "Grants permission to retrieve all current jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-GetJobs" - }, - "GetMLTaskRun": { - "privilege": "GetMLTaskRun", - "description": "Grants permission to retrieve an ML Task Run", - "access_level": "Read", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTaskRun" - }, - "GetMLTaskRuns": { - "privilege": "GetMLTaskRuns", - "description": "Grants permission to retrieve all ML Task Runs", - "access_level": "List", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTaskRuns" - }, - "GetMLTransform": { - "privilege": "GetMLTransform", - "description": "Grants permission to retrieve an ML Transform", - "access_level": "Read", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTransform" - }, - "GetMLTransforms": { - "privilege": "GetMLTransforms", - "description": "Grants permission to retrieve all ML Transforms", - "access_level": "List", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTransforms" - }, - "GetMapping": { - "privilege": "GetMapping", - "description": "Grants permission to create a mapping", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-GetMapping" - }, - "GetNotebookInstanceStatus": { - "privilege": "GetNotebookInstanceStatus", - "description": "Grants permission to retrieve Glue Studio Notebooks session status", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "GetPartition": { - "privilege": "GetPartition", - "description": "Grants permission to retrieve a partition", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-GetPartition" - }, - "GetPartitionIndexes": { - "privilege": "GetPartitionIndexes", - "description": "Grants permission to retrieve partition indexes for a table", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetPartitionIndexes" - }, - "GetPartitions": { - "privilege": "GetPartitions", - "description": "Grants permission to retrieve the partitions of a table", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-GetPartitions" - }, - "GetPlan": { - "privilege": "GetPlan", - "description": "Grants permission to retrieve a mapping for a script", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-GetPlan" - }, - "GetRegistry": { - "privilege": "GetRegistry", - "description": "Grants permission to retrieve a schema registry", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetRegistry" - }, - "GetResourcePolicies": { - "privilege": "GetResourcePolicies", - "description": "Grants permission to retrieve resource policies", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetResourcePolicies" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to retrieve a resource policy", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetResourcePolicy" - }, - "GetSchema": { - "privilege": "GetSchema", - "description": "Grants permission to retrieve a schema container", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchema" - }, - "GetSchemaByDefinition": { - "privilege": "GetSchemaByDefinition", - "description": "Grants permission to retrieve a schema version based on schema definition", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchemaByDefinition" - }, - "GetSchemaVersion": { - "privilege": "GetSchemaVersion", - "description": "Grants permission to retrieve a schema version", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchemaVersion" - }, - "GetSchemaVersionsDiff": { - "privilege": "GetSchemaVersionsDiff", - "description": "Grants permission to compare two schema versions in schema registry", - "access_level": "Read", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchemaVersionsDiff" - }, - "GetSecurityConfiguration": { - "privilege": "GetSecurityConfiguration", - "description": "Grants permission to retrieve a security configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetSecurityConfiguration" - }, - "GetSecurityConfigurations": { - "privilege": "GetSecurityConfigurations", - "description": "Grants permission to retrieve one or more security configurations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetSecurityConfigurations" - }, - "GetSession": { - "privilege": "GetSession", - "description": "Grants permission to retrieve an interactive session", - "access_level": "Read", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-GetSession" - }, - "GetStatement": { - "privilege": "GetStatement", - "description": "Grants permission to retrieve result and information about a statement in an interactive session", - "access_level": "Read", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-GetStatement" - }, - "GetTable": { - "privilege": "GetTable", - "description": "Grants permission to retrieve a table", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTable" - }, - "GetTableVersion": { - "privilege": "GetTableVersion", - "description": "Grants permission to retrieve a version of a table", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTableVersion" - }, - "GetTableVersions": { - "privilege": "GetTableVersions", - "description": "Grants permission to retrieve a list of versions of a table", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTableVersions" - }, - "GetTables": { - "privilege": "GetTables", - "description": "Grants permission to retrieve the tables in a database", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTables" - }, - "GetTags": { - "privilege": "GetTags", - "description": "Grants permission to retrieve all tags associated with a resource", - "access_level": "Read", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "crawler": { - "resource_type": "crawler", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customEntityType": { - "resource_type": "customEntityType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "devendpoint": { - "resource_type": "devendpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trigger": { - "resource_type": "trigger", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-tags.html#aws-glue-api-tags-UntagResource" - }, - "GetTrigger": { - "privilege": "GetTrigger", - "description": "Grants permission to retrieve a trigger", - "access_level": "Read", - "resource_types": { - "trigger": { - "resource_type": "trigger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-GetTrigger" - }, - "GetTriggers": { - "privilege": "GetTriggers", - "description": "Grants permission to retrieve the triggers associated with a job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-GetTriggers" - }, - "GetUserDefinedFunction": { - "privilege": "GetUserDefinedFunction", - "description": "Grants permission to retrieve a function definition", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "userdefinedfunction": { - "resource_type": "userdefinedfunction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-GetUserDefinedFunction" - }, - "GetUserDefinedFunctions": { - "privilege": "GetUserDefinedFunctions", - "description": "Grants permission to retrieve multiple function definitions", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "userdefinedfunction": { - "resource_type": "userdefinedfunction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-GetUserDefinedFunctions" - }, - "GetWorkflow": { - "privilege": "GetWorkflow", - "description": "Grants permission to retrieve a workflow", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflow" - }, - "GetWorkflowRun": { - "privilege": "GetWorkflowRun", - "description": "Grants permission to retrieve a workflow run", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflowRun" - }, - "GetWorkflowRunProperties": { - "privilege": "GetWorkflowRunProperties", - "description": "Grants permission to retrieve workflow run properties", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflowRunProperties" - }, - "GetWorkflowRuns": { - "privilege": "GetWorkflowRuns", - "description": "Grants permission to retrieve all runs of a workflow", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflowRuns" - }, - "GlueNotebookAuthorize": { - "privilege": "GlueNotebookAuthorize", - "description": "Grants permission to access Glue Studio Notebooks", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "GlueNotebookRefreshCredentials": { - "privilege": "GlueNotebookRefreshCredentials", - "description": "Grants permission to refresh Glue Studio Notebooks credentials", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "ImportCatalogToGlue": { - "privilege": "ImportCatalogToGlue", - "description": "Grants permission to import an Athena data catalog into AWS Glue", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-migration.html#aws-glue-api-catalog-migration-ImportCatalogToGlue" - }, - "ListBlueprints": { - "privilege": "ListBlueprints", - "description": "Grants permission to retrieve all blueprints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-ListBlueprints" - }, - "ListCrawlers": { - "privilege": "ListCrawlers", - "description": "Grants permission to retrieve all crawlers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-ListCrawlers" - }, - "ListCrawls": { - "privilege": "ListCrawls", - "description": "Grants permission to retrieve crawl run history for a crawler", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-ListCrawls" - }, - "ListCustomEntityTypes": { - "privilege": "ListCustomEntityTypes", - "description": "Grants permission to retrieve all Custom Entity Types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-ListGetCustomEntityTypes" - }, - "ListDataQualityResults": { - "privilege": "ListDataQualityResults", - "description": "Grants permission to retrieve all Data Quality results", - "access_level": "List", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityResults" - }, - "ListDataQualityRuleRecommendationRuns": { - "privilege": "ListDataQualityRuleRecommendationRuns", - "description": "Grants permission to retrieve all Data Quality rule recommendation runs", - "access_level": "List", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityRuleRecommendationRuns" - }, - "ListDataQualityRulesetEvaluationRuns": { - "privilege": "ListDataQualityRulesetEvaluationRuns", - "description": "Grants permission to retrieve all Data Quality rule recommendation runs", - "access_level": "List", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityRulesetEvaluationRuns" - }, - "ListDataQualityRulesets": { - "privilege": "ListDataQualityRulesets", - "description": "Grants permission to retrieve a list of Data Quality rulesets", - "access_level": "List", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityRulesets" - }, - "ListDevEndpoints": { - "privilege": "ListDevEndpoints", - "description": "Grants permission to retrieve all development endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-ListDevEndpoints" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to retrieve all current jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-ListJobs" - }, - "ListMLTransforms": { - "privilege": "ListMLTransforms", - "description": "Grants permission to retrieve all ML Transforms", - "access_level": "List", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-ListMLTransforms" - }, - "ListRegistries": { - "privilege": "ListRegistries", - "description": "Grants permission to retrieve a list of schema registries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-ListRegistries" - }, - "ListSchemaVersions": { - "privilege": "ListSchemaVersions", - "description": "Grants permission to retrieve a list of schema versions", - "access_level": "List", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-ListSchemaVersions" - }, - "ListSchemas": { - "privilege": "ListSchemas", - "description": "Grants permission to retrieve a list of schema containers", - "access_level": "List", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-ListSchemas" - }, - "ListSessions": { - "privilege": "ListSessions", - "description": "Grants permission to retrieve a list of interactive session", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-ListSessions" - }, - "ListStatements": { - "privilege": "ListStatements", - "description": "Grants permission to retrieve a list of statements in an interactive session", - "access_level": "List", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-ListStatements" - }, - "ListTriggers": { - "privilege": "ListTriggers", - "description": "Grants permission to retrieve all triggers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-ListTriggers" - }, - "ListWorkflows": { - "privilege": "ListWorkflows", - "description": "Grants permission to retrieve all workflows", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-ListWorkflows" - }, - "NotifyEvent": { - "privilege": "NotifyEvent", - "description": "Grants permission to notify an event to the event-driven workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/starting-workflow-eventbridge.html" - }, - "PublishDataQuality": { - "privilege": "PublishDataQuality", - "description": "Grants permission to publish Data Quality results", - "access_level": "Write", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html" - }, - "PutDataCatalogEncryptionSettings": { - "privilege": "PutDataCatalogEncryptionSettings", - "description": "Grants permission to update catalog encryption settings", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-PutDataCatalogEncryptionSettings" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to update a resource policy", - "access_level": "Permissions management", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-PutResourcePolicy" - }, - "PutSchemaVersionMetadata": { - "privilege": "PutSchemaVersionMetadata", - "description": "Grants permission to add metadata to schema version", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-PutSchemaVersionMetadata" - }, - "PutWorkflowRunProperties": { - "privilege": "PutWorkflowRunProperties", - "description": "Grants permission to update workflow run properties", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-PutWorkflowRunProperties" - }, - "QuerySchemaVersionMetadata": { - "privilege": "QuerySchemaVersionMetadata", - "description": "Grants permission to fetch metadata for a schema version", - "access_level": "List", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-QuerySchemaVersionMetadata" - }, - "RegisterSchemaVersion": { - "privilege": "RegisterSchemaVersion", - "description": "Grants permission to create a new schema version", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-RegisterSchemaVersion" - }, - "RemoveSchemaVersionMetadata": { - "privilege": "RemoveSchemaVersionMetadata", - "description": "Grants permission to remove metadata from schema version", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-RemoveSchemaVersionMetadata" - }, - "ResetJobBookmark": { - "privilege": "ResetJobBookmark", - "description": "Grants permission to reset a job bookmark", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-ResetJobBookmark" - }, - "ResumeWorkflowRun": { - "privilege": "ResumeWorkflowRun", - "description": "Grants permission to resume a workflow run", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-ResumeWorkflowRun" - }, - "RunDataPreviewStatement": { - "privilege": "RunDataPreviewStatement", - "description": "Grants permission to run Data Preview Statement", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "RunStatement": { - "privilege": "RunStatement", - "description": "Grants permission to run a code or statement in an interactive session", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-RunStatement" - }, - "SearchTables": { - "privilege": "SearchTables", - "description": "Grants permission to retrieve the tables in the catalog", - "access_level": "Read", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-SearchTables" - }, - "StartBlueprintRun": { - "privilege": "StartBlueprintRun", - "description": "Grants permission to start running a blueprint", - "access_level": "Write", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-StartBlueprintRun" - }, - "StartCrawler": { - "privilege": "StartCrawler", - "description": "Grants permission to start a crawler", - "access_level": "Write", - "resource_types": { - "crawler": { - "resource_type": "crawler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-StartCrawler" - }, - "StartCrawlerSchedule": { - "privilege": "StartCrawlerSchedule", - "description": "Grants permission to change the schedule state of a crawler to SCHEDULED", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-scheduler.html#aws-glue-api-crawler-scheduler-StartCrawlerSchedule" - }, - "StartDataQualityRuleRecommendationRun": { - "privilege": "StartDataQualityRuleRecommendationRun", - "description": "Grants permission to start a Data Quality rule recommendation run", - "access_level": "Write", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-StartDataQualityRuleRecommendationRun" - }, - "StartDataQualityRulesetEvaluationRun": { - "privilege": "StartDataQualityRulesetEvaluationRun", - "description": "Grants permission to start a Data Quality rule recommendation run", - "access_level": "Write", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-StartDataQualityRulesetEvaluationRun" - }, - "StartExportLabelsTaskRun": { - "privilege": "StartExportLabelsTaskRun", - "description": "Grants permission to start an Export Labels ML Task Run", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartExportLabelsTaskRun" - }, - "StartImportLabelsTaskRun": { - "privilege": "StartImportLabelsTaskRun", - "description": "Grants permission to start an Import Labels ML Task Run", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartImportLabelsTaskRun" - }, - "StartJobRun": { - "privilege": "StartJobRun", - "description": "Grants permission to start running a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-StartJobRun" - }, - "StartMLEvaluationTaskRun": { - "privilege": "StartMLEvaluationTaskRun", - "description": "Grants permission to start an Evaluation ML Task Run", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartMLEvaluationTaskRun" - }, - "StartMLLabelingSetGenerationTaskRun": { - "privilege": "StartMLLabelingSetGenerationTaskRun", - "description": "Grants permission to start a Labeling Set Generation ML Task Run", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartMLLabelingSetGenerationTaskRun" - }, - "StartNotebook": { - "privilege": "StartNotebook", - "description": "Grants permission to start Glue Studio Notebooks", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "StartTrigger": { - "privilege": "StartTrigger", - "description": "Grants permission to start a trigger", - "access_level": "Write", - "resource_types": { - "trigger": { - "resource_type": "trigger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-StartTrigger" - }, - "StartWorkflowRun": { - "privilege": "StartWorkflowRun", - "description": "Grants permission to start running a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-StartWorkflowRun" - }, - "StopCrawler": { - "privilege": "StopCrawler", - "description": "Grants permission to stop a running crawler", - "access_level": "Write", - "resource_types": { - "crawler": { - "resource_type": "crawler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-StopCrawler" - }, - "StopCrawlerSchedule": { - "privilege": "StopCrawlerSchedule", - "description": "Grants permission to set the schedule state of a crawler to NOT_SCHEDULED", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-scheduler.html#aws-glue-api-crawler-scheduler-StopCrawlerSchedule" - }, - "StopSession": { - "privilege": "StopSession", - "description": "Grants permission to stop an interactive session", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-StopSession" - }, - "StopTrigger": { - "privilege": "StopTrigger", - "description": "Grants permission to stop a trigger", - "access_level": "Write", - "resource_types": { - "trigger": { - "resource_type": "trigger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-StopTrigger" - }, - "StopWorkflowRun": { - "privilege": "StopWorkflowRun", - "description": "Grants permission to stop a workflow run", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-StopWorkflowRun" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "crawler": { - "resource_type": "crawler", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customEntityType": { - "resource_type": "customEntityType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "devendpoint": { - "resource_type": "devendpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mlTransform": { - "resource_type": "mlTransform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "session": { - "resource_type": "session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trigger": { - "resource_type": "trigger", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-tags.html#aws-glue-api-tags-TagResource" - }, - "TerminateNotebook": { - "privilege": "TerminateNotebook", - "description": "Grants permission to terminate Glue Studio Notebooks", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" - }, - "TestConnection": { - "privilege": "TestConnection", - "description": "Grants permission to test connection in Glue Studio", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/console-test-connections.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags associated with a resource", - "access_level": "Tagging", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "crawler": { - "resource_type": "crawler", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "customEntityType": { - "resource_type": "customEntityType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "devendpoint": { - "resource_type": "devendpoint", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mlTransform": { - "resource_type": "mlTransform", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "registry": { - "resource_type": "registry", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "session": { - "resource_type": "session", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trigger": { - "resource_type": "trigger", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-tags.html#aws-glue-api-tags-UntagResource" - }, - "UpdateBlueprint": { - "privilege": "UpdateBlueprint", - "description": "Grants permission to update a blueprint", - "access_level": "Write", - "resource_types": { - "blueprint": { - "resource_type": "blueprint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-UpdateBlueprint" - }, - "UpdateClassifier": { - "privilege": "UpdateClassifier", - "description": "Grants permission to update a classifier", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-UpdateClassifier" - }, - "UpdateColumnStatisticsForPartition": { - "privilege": "UpdateColumnStatisticsForPartition", - "description": "Grants permission to update partition statistics of columns", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-UpdateColumnStatisticsForPartition" - }, - "UpdateColumnStatisticsForTable": { - "privilege": "UpdateColumnStatisticsForTable", - "description": "Grants permission to update table statistics of columns", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-UpdateColumnStatisticsForTable" - }, - "UpdateConnection": { - "privilege": "UpdateConnection", - "description": "Grants permission to update a connection", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-UpdateConnection" - }, - "UpdateCrawler": { - "privilege": "UpdateCrawler", - "description": "Grants permission to update a crawler", - "access_level": "Write", - "resource_types": { - "crawler": { - "resource_type": "crawler", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-UpdateCrawler" - }, - "UpdateCrawlerSchedule": { - "privilege": "UpdateCrawlerSchedule", - "description": "Grants permission to update the schedule of a crawler", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-scheduler.html#aws-glue-api-crawler-scheduler-UpdateCrawlerSchedule" - }, - "UpdateDataQualityRuleset": { - "privilege": "UpdateDataQualityRuleset", - "description": "Grants permission to update a Data Quality ruleset", - "access_level": "Write", - "resource_types": { - "dataQualityRuleset": { - "resource_type": "dataQualityRuleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-UpdateDataQualityRuleset" - }, - "UpdateDatabase": { - "privilege": "UpdateDatabase", - "description": "Grants permission to update a database", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-UpdateDatabase" - }, - "UpdateDevEndpoint": { - "privilege": "UpdateDevEndpoint", - "description": "Grants permission to update a development endpoint", - "access_level": "Write", - "resource_types": { - "devendpoint": { - "resource_type": "devendpoint", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-UpdateDevEndpoint" - }, - "UpdateJob": { - "privilege": "UpdateJob", - "description": "Grants permission to update a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "glue:VpcIds", - "glue:SubnetIds", - "glue:SecurityGroupIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-UpdateJob" - }, - "UpdateJobFromSourceControl": { - "privilege": "UpdateJobFromSourceControl", - "description": "Grants permission to update a job from source control provider", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-UpdateJobFromSourceControl" - }, - "UpdateMLTransform": { - "privilege": "UpdateMLTransform", - "description": "Grants permission to update an ML Transform", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-UpdateMLTransform" - }, - "UpdatePartition": { - "privilege": "UpdatePartition", - "description": "Grants permission to update a partition", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-UpdatePartition" - }, - "UpdateRegistry": { - "privilege": "UpdateRegistry", - "description": "Grants permission to update a schema registry", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-UpdateRegistry" - }, - "UpdateSchema": { - "privilege": "UpdateSchema", - "description": "Grants permission to update a schema container", - "access_level": "Write", - "resource_types": { - "registry": { - "resource_type": "registry", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "schema": { - "resource_type": "schema", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-UpdateSchema" - }, - "UpdateSourceControlFromJob": { - "privilege": "UpdateSourceControlFromJob", - "description": "Grants permission to update source control provider from a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-UpdateSourceControlFromJob" - }, - "UpdateTable": { - "privilege": "UpdateTable", - "description": "Grants permission to update a table", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "table": { - "resource_type": "table", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-UpdateTable" - }, - "UpdateTrigger": { - "privilege": "UpdateTrigger", - "description": "Grants permission to update a trigger", - "access_level": "Write", - "resource_types": { - "trigger": { - "resource_type": "trigger", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-UpdateTrigger" - }, - "UpdateUserDefinedFunction": { - "privilege": "UpdateUserDefinedFunction", - "description": "Grants permission to update a function definition", - "access_level": "Write", - "resource_types": { - "catalog": { - "resource_type": "catalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "userdefinedfunction": { - "resource_type": "userdefinedfunction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-UpdateUserDefinedFunction" - }, - "UpdateWorkflow": { - "privilege": "UpdateWorkflow", - "description": "Grants permission to update a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-UpdateWorkflow" - }, - "UseGlueStudio": { - "privilege": "UseGlueStudio", - "description": "Grants permission to use Glue Studio and access its internal APIs", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/setting-up.html#getting-started-min-privs" - }, - "UseMLTransforms": { - "privilege": "UseMLTransforms", - "description": "Grants permission to use an ML Transform from within a Glue ETL Script", - "access_level": "Write", - "resource_types": { - "mlTransform": { - "resource_type": "mlTransform", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html" - } - }, - "resources": { - "catalog": { - "resource": "catalog", - "arn": "arn:${Partition}:glue:${Region}:${Account}:catalog", - "condition_keys": [] - }, - "database": { - "resource": "database", - "arn": "arn:${Partition}:glue:${Region}:${Account}:database/${DatabaseName}", - "condition_keys": [] - }, - "table": { - "resource": "table", - "arn": "arn:${Partition}:glue:${Region}:${Account}:table/${DatabaseName}/${TableName}", - "condition_keys": [] - }, - "tableversion": { - "resource": "tableversion", - "arn": "arn:${Partition}:glue:${Region}:${Account}:tableVersion/${DatabaseName}/${TableName}/${TableVersionName}", - "condition_keys": [] - }, - "connection": { - "resource": "connection", - "arn": "arn:${Partition}:glue:${Region}:${Account}:connection/${ConnectionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "userdefinedfunction": { - "resource": "userdefinedfunction", - "arn": "arn:${Partition}:glue:${Region}:${Account}:userDefinedFunction/${DatabaseName}/${UserDefinedFunctionName}", - "condition_keys": [] - }, - "devendpoint": { - "resource": "devendpoint", - "arn": "arn:${Partition}:glue:${Region}:${Account}:devEndpoint/${DevEndpointName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "job": { - "resource": "job", - "arn": "arn:${Partition}:glue:${Region}:${Account}:job/${JobName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "trigger": { - "resource": "trigger", - "arn": "arn:${Partition}:glue:${Region}:${Account}:trigger/${TriggerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "crawler": { - "resource": "crawler", - "arn": "arn:${Partition}:glue:${Region}:${Account}:crawler/${CrawlerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workflow": { - "resource": "workflow", - "arn": "arn:${Partition}:glue:${Region}:${Account}:workflow/${WorkflowName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "blueprint": { - "resource": "blueprint", - "arn": "arn:${Partition}:glue:${Region}:${Account}:blueprint/${BlueprintName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "mlTransform": { - "resource": "mlTransform", - "arn": "arn:${Partition}:glue:${Region}:${Account}:mlTransform/${TransformId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "registry": { - "resource": "registry", - "arn": "arn:${Partition}:glue:${Region}:${Account}:registry/${RegistryName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "schema": { - "resource": "schema", - "arn": "arn:${Partition}:glue:${Region}:${Account}:schema/${SchemaName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "session": { - "resource": "session", - "arn": "arn:${Partition}:glue:${Region}:${Account}:session/${SessionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dataQualityRuleset": { - "resource": "dataQualityRuleset", - "arn": "arn:${Partition}:glue:${Region}:${Account}:dataQualityRuleset/${RulesetName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "customEntityType": { - "resource": "customEntityType", - "arn": "arn:${Partition}:glue:${Region}:${Account}:customEntityType/${CustomEntityTypeId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "glue:CredentialIssuingService": { - "condition": "glue:CredentialIssuingService", - "description": "Filters access by the service from which the credentials of the request is issued", - "type": "String" - }, - "glue:RoleAssumedBy": { - "condition": "glue:RoleAssumedBy", - "description": "Filters access by the service from which the credentials of the request is obtained by assuming the customer role", - "type": "String" - }, - "glue:SecurityGroupIds": { - "condition": "glue:SecurityGroupIds", - "description": "Filters access by the ID of security groups configured for the Glue job", - "type": "ArrayOfString" - }, - "glue:SubnetIds": { - "condition": "glue:SubnetIds", - "description": "Filters access by the ID of subnets configured for the Glue job", - "type": "ArrayOfString" - }, - "glue:VpcIds": { - "condition": "glue:VpcIds", - "description": "Filters access by the ID of the VPC configured for the Glue job", - "type": "ArrayOfString" - } - } - }, - "databrew": { - "service_name": "AWS Glue DataBrew", - "prefix": "databrew", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsgluedatabrew.html", - "privileges": { - "BatchDeleteRecipeVersion": { - "privilege": "BatchDeleteRecipeVersion", - "description": "Grants permission to delete one or more recipe versions", - "access_level": "Write", - "resource_types": { - "Recipe": { - "resource_type": "Recipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_BatchDeleteRecipeVersion.html" - }, - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Grants permission to create a dataset", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateDataset.html" - }, - "CreateProfileJob": { - "privilege": "CreateProfileJob", - "description": "Grants permission to create a profile job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateProfileJob.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a project", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateProject.html" - }, - "CreateRecipe": { - "privilege": "CreateRecipe", - "description": "Grants permission to create a recipe", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateRecipe.html" - }, - "CreateRecipeJob": { - "privilege": "CreateRecipeJob", - "description": "Grants permission to create a recipe job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateRecipeJob.html" - }, - "CreateRuleset": { - "privilege": "CreateRuleset", - "description": "Grants permission to create a ruleset", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateRuleset.html" - }, - "CreateSchedule": { - "privilege": "CreateSchedule", - "description": "Grants permission to create a schedule", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateSchedule.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Grants permission to delete a dataset", - "access_level": "Write", - "resource_types": { - "Dataset": { - "resource_type": "Dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteDataset.html" - }, - "DeleteJob": { - "privilege": "DeleteJob", - "description": "Grants permission to delete a job", - "access_level": "Write", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteJob.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteProject.html" - }, - "DeleteRecipeVersion": { - "privilege": "DeleteRecipeVersion", - "description": "Grants permission to delete a recipe version", - "access_level": "Write", - "resource_types": { - "Recipe": { - "resource_type": "Recipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteRecipeVersion.html" - }, - "DeleteRuleset": { - "privilege": "DeleteRuleset", - "description": "Grants permission to delete a ruleset", - "access_level": "Write", - "resource_types": { - "Ruleset": { - "resource_type": "Ruleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteRuleset.html" - }, - "DeleteSchedule": { - "privilege": "DeleteSchedule", - "description": "Grants permission to delete a schedule", - "access_level": "Write", - "resource_types": { - "Schedule": { - "resource_type": "Schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteSchedule.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Grants permission to view details about a dataset", - "access_level": "Read", - "resource_types": { - "Dataset": { - "resource_type": "Dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeDataset.html" - }, - "DescribeJob": { - "privilege": "DescribeJob", - "description": "Grants permission to view details about a job", - "access_level": "Read", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeJob.html" - }, - "DescribeJobRun": { - "privilege": "DescribeJobRun", - "description": "Grants permission to view details about job run for a given job", - "access_level": "Read", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeJobRun.html" - }, - "DescribeProject": { - "privilege": "DescribeProject", - "description": "Grants permission to view details about a project", - "access_level": "Read", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeProject.html" - }, - "DescribeRecipe": { - "privilege": "DescribeRecipe", - "description": "Grants permission to view details about a recipe", - "access_level": "Read", - "resource_types": { - "Recipe": { - "resource_type": "Recipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeRecipe.html" - }, - "DescribeRuleset": { - "privilege": "DescribeRuleset", - "description": "Grants permission to view details about a ruleset", - "access_level": "Read", - "resource_types": { - "Ruleset": { - "resource_type": "Ruleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeRuleset.html" - }, - "DescribeSchedule": { - "privilege": "DescribeSchedule", - "description": "Grants permission to view details about a schedule", - "access_level": "Read", - "resource_types": { - "Schedule": { - "resource_type": "Schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeSchedule.html" - }, - "ListDatasets": { - "privilege": "ListDatasets", - "description": "Grants permission to list datasets in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListDatasets.html" - }, - "ListJobRuns": { - "privilege": "ListJobRuns", - "description": "Grants permission to list job runs for a given job", - "access_level": "Read", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListJobRuns.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list jobs in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListJobs.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list projects in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListProjects.html" - }, - "ListRecipeVersions": { - "privilege": "ListRecipeVersions", - "description": "Grants permission to list versions in your recipe", - "access_level": "Read", - "resource_types": { - "Recipe": { - "resource_type": "Recipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListRecipeVersions.html" - }, - "ListRecipes": { - "privilege": "ListRecipes", - "description": "Grants permission to list recipes in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListRecipes.html" - }, - "ListRulesets": { - "privilege": "ListRulesets", - "description": "Grants permission to list rulesets in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListRulesets.html" - }, - "ListSchedules": { - "privilege": "ListSchedules", - "description": "Grants permission to list schedules in your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListSchedules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve tags associated with a resource", - "access_level": "Read", - "resource_types": { - "Dataset": { - "resource_type": "Dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Job": { - "resource_type": "Job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Project": { - "resource_type": "Project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Recipe": { - "resource_type": "Recipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Ruleset": { - "resource_type": "Ruleset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Schedule": { - "resource_type": "Schedule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListTagsForResource.html" - }, - "PublishRecipe": { - "privilege": "PublishRecipe", - "description": "Grants permission to publish a major verison of a recipe", - "access_level": "Write", - "resource_types": { - "Recipe": { - "resource_type": "Recipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_PublishRecipe.html" - }, - "SendProjectSessionAction": { - "privilege": "SendProjectSessionAction", - "description": "Grants permission to submit an action to the interactive session for a project", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_SendProjectSessionAction.html" - }, - "StartJobRun": { - "privilege": "StartJobRun", - "description": "Grants permission to start running a job", - "access_level": "Write", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_StartJobRun.html" - }, - "StartProjectSession": { - "privilege": "StartProjectSession", - "description": "Grants permission to start an interactive session for a project", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_StartProjectSession.html" - }, - "StopJobRun": { - "privilege": "StopJobRun", - "description": "Grants permission to stop a job run for a job", - "access_level": "Write", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_StopJobRun.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "Dataset": { - "resource_type": "Dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Job": { - "resource_type": "Job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Project": { - "resource_type": "Project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Recipe": { - "resource_type": "Recipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Ruleset": { - "resource_type": "Ruleset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Schedule": { - "resource_type": "Schedule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags associated with a resource", - "access_level": "Tagging", - "resource_types": { - "Dataset": { - "resource_type": "Dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Job": { - "resource_type": "Job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Project": { - "resource_type": "Project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Recipe": { - "resource_type": "Recipe", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Ruleset": { - "resource_type": "Ruleset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Schedule": { - "resource_type": "Schedule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UntagResource.html" - }, - "UpdateDataset": { - "privilege": "UpdateDataset", - "description": "Grants permission to modify a dataset", - "access_level": "Write", - "resource_types": { - "Dataset": { - "resource_type": "Dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateDataset.html" - }, - "UpdateProfileJob": { - "privilege": "UpdateProfileJob", - "description": "Grants permission to modify a profile job", - "access_level": "Write", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateProfileJob.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to modify a project", - "access_level": "Write", - "resource_types": { - "Project": { - "resource_type": "Project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateProject.html" - }, - "UpdateRecipe": { - "privilege": "UpdateRecipe", - "description": "Grants permission to modify a recipe", - "access_level": "Write", - "resource_types": { - "Recipe": { - "resource_type": "Recipe", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateRecipe.html" - }, - "UpdateRecipeJob": { - "privilege": "UpdateRecipeJob", - "description": "Grants permission to modify a recipe job", - "access_level": "Write", - "resource_types": { - "Job": { - "resource_type": "Job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateRecipeJob.html" - }, - "UpdateRuleset": { - "privilege": "UpdateRuleset", - "description": "Grants permission to modify a ruleset", - "access_level": "Write", - "resource_types": { - "Ruleset": { - "resource_type": "Ruleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateRuleset.html" - }, - "UpdateSchedule": { - "privilege": "UpdateSchedule", - "description": "Grants permission to modify a schedule", - "access_level": "Write", - "resource_types": { - "Schedule": { - "resource_type": "Schedule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateSchedule.html" - } - }, - "resources": { - "Project": { - "resource": "Project", - "arn": "arn:${Partition}:databrew:${Region}:${Account}:project/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Dataset": { - "resource": "Dataset", - "arn": "arn:${Partition}:databrew:${Region}:${Account}:dataset/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Ruleset": { - "resource": "Ruleset", - "arn": "arn:${Partition}:databrew:${Region}:${Account}:ruleset/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Recipe": { - "resource": "Recipe", - "arn": "arn:${Partition}:databrew:${Region}:${Account}:recipe/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Job": { - "resource": "Job", - "arn": "arn:${Partition}:databrew:${Region}:${Account}:job/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Schedule": { - "resource": "Schedule", - "arn": "arn:${Partition}:databrew:${Region}:${Account}:schedule/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "groundstation": { - "service_name": "AWS Ground Station", - "prefix": "groundstation", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsgroundstation.html", - "privileges": { - "CancelContact": { - "privilege": "CancelContact", - "description": "Grants permission to cancel a contact", - "access_level": "Write", - "resource_types": { - "Contact": { - "resource_type": "Contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CancelContact.html" - }, - "CreateConfig": { - "privilege": "CreateConfig", - "description": "Grants permission to create a configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateConfig.html" - }, - "CreateDataflowEndpointGroup": { - "privilege": "CreateDataflowEndpointGroup", - "description": "Grants permission to create a data flow endpoint group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateDataflowEndpointGroup.html" - }, - "CreateEphemeris": { - "privilege": "CreateEphemeris", - "description": "Grants permission to create an ephemeris item", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateEphemeris.html" - }, - "CreateMissionProfile": { - "privilege": "CreateMissionProfile", - "description": "Grants permission to create a mission profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateMissionProfile.html" - }, - "DeleteConfig": { - "privilege": "DeleteConfig", - "description": "Grants permission to delete a config", - "access_level": "Write", - "resource_types": { - "Config": { - "resource_type": "Config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteConfig.html" - }, - "DeleteDataflowEndpointGroup": { - "privilege": "DeleteDataflowEndpointGroup", - "description": "Grants permission to delete a data flow endpoint group", - "access_level": "Write", - "resource_types": { - "DataflowEndpointGroup": { - "resource_type": "DataflowEndpointGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteDataflowEndpointGroup.html" - }, - "DeleteEphemeris": { - "privilege": "DeleteEphemeris", - "description": "Grants permission to delete an ephemeris item", - "access_level": "Write", - "resource_types": { - "EphemerisItem": { - "resource_type": "EphemerisItem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteEphemeris.html" - }, - "DeleteMissionProfile": { - "privilege": "DeleteMissionProfile", - "description": "Grants permission to delete a mission profile", - "access_level": "Write", - "resource_types": { - "MissionProfile": { - "resource_type": "MissionProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteMissionProfile.html" - }, - "DescribeContact": { - "privilege": "DescribeContact", - "description": "Grants permission to describe a contact", - "access_level": "Read", - "resource_types": { - "Contact": { - "resource_type": "Contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DescribeContact.html" - }, - "DescribeEphemeris": { - "privilege": "DescribeEphemeris", - "description": "Grants permission to describe an ephemeris item", - "access_level": "Read", - "resource_types": { - "EphemerisItem": { - "resource_type": "EphemerisItem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DescribeEphemeris.html" - }, - "GetAgentConfiguration": { - "privilege": "GetAgentConfiguration", - "description": "Grants permission to get the configuration of an agent", - "access_level": "Read", - "resource_types": { - "Agent": { - "resource_type": "Agent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetAgentConfiguration.html" - }, - "GetConfig": { - "privilege": "GetConfig", - "description": "Grants permission to return a configuration", - "access_level": "Read", - "resource_types": { - "Config": { - "resource_type": "Config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetConfig.html" - }, - "GetDataflowEndpointGroup": { - "privilege": "GetDataflowEndpointGroup", - "description": "Grants permission to return a data flow endpoint group", - "access_level": "Read", - "resource_types": { - "DataflowEndpointGroup": { - "resource_type": "DataflowEndpointGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetDataflowEndpointGroup.html" - }, - "GetMinuteUsage": { - "privilege": "GetMinuteUsage", - "description": "Grants permission to return minutes usage", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetMinuteUsage.html" - }, - "GetMissionProfile": { - "privilege": "GetMissionProfile", - "description": "Grants permission to retrieve a mission profile", - "access_level": "Read", - "resource_types": { - "MissionProfile": { - "resource_type": "MissionProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetMissionProfile.html" - }, - "GetSatellite": { - "privilege": "GetSatellite", - "description": "Grants permission to return information about a satellite", - "access_level": "Read", - "resource_types": { - "Satellite": { - "resource_type": "Satellite", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetSatellite.html" - }, - "ListConfigs": { - "privilege": "ListConfigs", - "description": "Grants permission to return a list of past configurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListConfigs.html" - }, - "ListContacts": { - "privilege": "ListContacts", - "description": "Grants permission to return a list of contacts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListContacts.html" - }, - "ListDataflowEndpointGroups": { - "privilege": "ListDataflowEndpointGroups", - "description": "Grants permission to list data flow endpoint groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListDataflowEndpointGroups.html" - }, - "ListEphemerides": { - "privilege": "ListEphemerides", - "description": "Grants permission to list ephemerides", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListEphemerides.html" - }, - "ListGroundStations": { - "privilege": "ListGroundStations", - "description": "Grants permission to list ground stations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListGroundStations.html" - }, - "ListMissionProfiles": { - "privilege": "ListMissionProfiles", - "description": "Grants permission to return a list of mission profiles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListMissionProfiles.html" - }, - "ListSatellites": { - "privilege": "ListSatellites", - "description": "Grants permission to list satellites", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListSatellites.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "Config": { - "resource_type": "Config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Contact": { - "resource_type": "Contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataflowEndpointGroup": { - "resource_type": "DataflowEndpointGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MissionProfile": { - "resource_type": "MissionProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListTagsForResource.html" - }, - "RegisterAgent": { - "privilege": "RegisterAgent", - "description": "Grants permission to register an agent", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_RegisterAgent.html" - }, - "ReserveContact": { - "privilege": "ReserveContact", - "description": "Grants permission to reserve a contact", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ReserveContact.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign a resource tag", - "access_level": "Tagging", - "resource_types": { - "Config": { - "resource_type": "Config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Contact": { - "resource_type": "Contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataflowEndpointGroup": { - "resource_type": "DataflowEndpointGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "EphemerisItem": { - "resource_type": "EphemerisItem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MissionProfile": { - "resource_type": "MissionProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to unassign a resource tag", - "access_level": "Tagging", - "resource_types": { - "Config": { - "resource_type": "Config", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Contact": { - "resource_type": "Contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DataflowEndpointGroup": { - "resource_type": "DataflowEndpointGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "EphemerisItem": { - "resource_type": "EphemerisItem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MissionProfile": { - "resource_type": "MissionProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UntagResource.html" - }, - "UpdateAgentStatus": { - "privilege": "UpdateAgentStatus", - "description": "Grants permission to update the status of an agent", - "access_level": "Write", - "resource_types": { - "Agent": { - "resource_type": "Agent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateAgentStatus.html" - }, - "UpdateConfig": { - "privilege": "UpdateConfig", - "description": "Grants permission to update a configuration", - "access_level": "Write", - "resource_types": { - "Config": { - "resource_type": "Config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateConfig.html" - }, - "UpdateEphemeris": { - "privilege": "UpdateEphemeris", - "description": "Grants permission to update an ephemeris item", - "access_level": "Write", - "resource_types": { - "EphemerisItem": { - "resource_type": "EphemerisItem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateEphemeris.html" - }, - "UpdateMissionProfile": { - "privilege": "UpdateMissionProfile", - "description": "Grants permission to update a mission profile", - "access_level": "Write", - "resource_types": { - "MissionProfile": { - "resource_type": "MissionProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateMissionProfile.html" - } - }, - "resources": { - "Config": { - "resource": "Config", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:config/${ConfigType}/${ConfigId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "groundstation:ConfigId", - "groundstation:ConfigType" - ] - }, - "Contact": { - "resource": "Contact", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:contact/${ContactId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "groundstation:ContactId" - ] - }, - "DataflowEndpointGroup": { - "resource": "DataflowEndpointGroup", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:dataflow-endpoint-group/${DataflowEndpointGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "groundstation:DataflowEndpointGroupId" - ] - }, - "EphemerisItem": { - "resource": "EphemerisItem", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:ephemeris/${EphemerisId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "groundstation:EphemerisId" - ] - }, - "GroundStationResource": { - "resource": "GroundStationResource", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:groundstation:${GroundStationId}", - "condition_keys": [ - "groundstation:GroundStationId" - ] - }, - "MissionProfile": { - "resource": "MissionProfile", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:mission-profile/${MissionProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "groundstation:MissionProfileId" - ] - }, - "Satellite": { - "resource": "Satellite", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:satellite/${SatelliteId}", - "condition_keys": [ - "groundstation:SatelliteId" - ] - }, - "Agent": { - "resource": "Agent", - "arn": "arn:${Partition}:groundstation:${Region}:${Account}:agent/${AgentId}", - "condition_keys": [ - "groundstation:AgentId" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "groundstation:AgentId": { - "condition": "groundstation:AgentId", - "description": "Filters access by the ID of an agent", - "type": "String" - }, - "groundstation:ConfigId": { - "condition": "groundstation:ConfigId", - "description": "Filters access by the ID of a config", - "type": "String" - }, - "groundstation:ConfigType": { - "condition": "groundstation:ConfigType", - "description": "Filters access by the type of a config", - "type": "String" - }, - "groundstation:ContactId": { - "condition": "groundstation:ContactId", - "description": "Filters access by the ID of a contact", - "type": "String" - }, - "groundstation:DataflowEndpointGroupId": { - "condition": "groundstation:DataflowEndpointGroupId", - "description": "Filters access by the ID of a dataflow endpoint group", - "type": "String" - }, - "groundstation:EphemerisId": { - "condition": "groundstation:EphemerisId", - "description": "Filters access by the ID of an ephemeris", - "type": "String" - }, - "groundstation:GroundStationId": { - "condition": "groundstation:GroundStationId", - "description": "Filters access by the ID of a ground station", - "type": "String" - }, - "groundstation:MissionProfileId": { - "condition": "groundstation:MissionProfileId", - "description": "Filters access by the ID of a mission profile", - "type": "String" - }, - "groundstation:SatelliteId": { - "condition": "groundstation:SatelliteId", - "description": "Filters access by the ID of a satellite", - "type": "String" - } - } - }, - "health": { - "service_name": "AWS Health APIs and Notifications", - "prefix": "health", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awshealthapisandnotifications.html", - "privileges": { - "DescribeAffectedAccountsForOrganization": { - "privilege": "DescribeAffectedAccountsForOrganization", - "description": "Grants permission to retrieve a list of accounts that have been affected by the specified events in organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:ListAccounts" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeAffectedAccountsForOrganization.html" - }, - "DescribeAffectedEntities": { - "privilege": "DescribeAffectedEntities", - "description": "Grants permission to retrieve a list of entities that have been affected by the specified events", - "access_level": "Read", - "resource_types": { - "event": { - "resource_type": "event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "health:eventTypeCode", - "health:service" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeAffectedEntities.html" - }, - "DescribeAffectedEntitiesForOrganization": { - "privilege": "DescribeAffectedEntitiesForOrganization", - "description": "Grants permission to retrieve a list of entities that have been affected by the specified events and accounts in organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:ListAccounts" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeAffectedEntitiesForOrganization.html" - }, - "DescribeEntityAggregates": { - "privilege": "DescribeEntityAggregates", - "description": "Grants permission to retrieve the number of entities that are affected by each of the specified events", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEntityAggregates.html" - }, - "DescribeEventAggregates": { - "privilege": "DescribeEventAggregates", - "description": "Grants permission to retrieve the number of events of each event type (issue, scheduled change, and account notification)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventAggregates.html" - }, - "DescribeEventDetails": { - "privilege": "DescribeEventDetails", - "description": "Grants permission to retrieve detailed information about one or more specified events", - "access_level": "Read", - "resource_types": { - "event": { - "resource_type": "event", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "health:eventTypeCode", - "health:service" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventDetails.html" - }, - "DescribeEventDetailsForOrganization": { - "privilege": "DescribeEventDetailsForOrganization", - "description": "Grants permission to retrieve detailed information about one or more specified events for provided accounts in organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:ListAccounts" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventDetailsForOrganization.html" - }, - "DescribeEventTypes": { - "privilege": "DescribeEventTypes", - "description": "Grants permission to retrieve the event types that meet the specified filter criteria", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventTypes.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to retrieve information about events that meet the specified filter criteria", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEvents.html" - }, - "DescribeEventsForOrganization": { - "privilege": "DescribeEventsForOrganization", - "description": "Grants permission to retrieve information about events that meet the specified filter criteria in organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:ListAccounts" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventsForOrganization.html" - }, - "DescribeHealthServiceStatusForOrganization": { - "privilege": "DescribeHealthServiceStatusForOrganization", - "description": "Grants permission to retrieve the status of enabling or disabling the Organizational View feature", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:ListAccounts" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeHealthServiceStatusForOrganization.html" - }, - "DisableHealthServiceAccessForOrganization": { - "privilege": "DisableHealthServiceAccessForOrganization", - "description": "Grants permission to disable the Organizational View feature", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DisableAWSServiceAccess", - "organizations:ListAccounts" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DisableHealthServiceAccessForOrganization.html" - }, - "EnableHealthServiceAccessForOrganization": { - "privilege": "EnableHealthServiceAccessForOrganization", - "description": "Grants permission to enable the Organizational View feature", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListAccounts" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_EnableHealthServiceAccessForOrganization.html" - } - }, - "resources": { - "event": { - "resource": "event", - "arn": "arn:${Partition}:health:*::event/${Service}/${EventTypeCode}/*", - "condition_keys": [] - } - }, - "conditions": { - "health:eventTypeCode": { - "condition": "health:eventTypeCode", - "description": "Filters access by event type", - "type": "String" - }, - "health:service": { - "condition": "health:service", - "description": "Filters access by impacted service", - "type": "String" - } - } - }, - "access-analyzer": { - "service_name": "AWS IAM Access Analyzer", - "prefix": "access-analyzer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiamaccessanalyzer.html", - "privileges": { - "ApplyArchiveRule": { - "privilege": "ApplyArchiveRule", - "description": "Grants permission to apply an archive rule", - "access_level": "Write", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ApplyArchiveRule.html" - }, - "CancelPolicyGeneration": { - "privilege": "CancelPolicyGeneration", - "description": "Grants permission to cancel a policy generation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CancelPolicyGeneration.html" - }, - "CreateAccessPreview": { - "privilege": "CreateAccessPreview", - "description": "Grants permission to create an access preview for the specified analyzer", - "access_level": "Write", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CreateAccessPreview.html" - }, - "CreateAnalyzer": { - "privilege": "CreateAnalyzer", - "description": "Grants permission to create an analyzer", - "access_level": "Write", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CreateAnalyzer.html" - }, - "CreateArchiveRule": { - "privilege": "CreateArchiveRule", - "description": "Grants permission to create an archive rule for the specified analyzer", - "access_level": "Write", - "resource_types": { - "ArchiveRule": { - "resource_type": "ArchiveRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CreateArchiveRule.html" - }, - "DeleteAnalyzer": { - "privilege": "DeleteAnalyzer", - "description": "Grants permission to delete the specified analyzer", - "access_level": "Write", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_DeleteAnalyzer.html" - }, - "DeleteArchiveRule": { - "privilege": "DeleteArchiveRule", - "description": "Grants permission to delete archive rules for the specified analyzer", - "access_level": "Write", - "resource_types": { - "ArchiveRule": { - "resource_type": "ArchiveRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_DeleteArchiveRule.html" - }, - "GetAccessPreview": { - "privilege": "GetAccessPreview", - "description": "Grants permission to retrieve information about an access preview", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetAccessPreview.html" - }, - "GetAnalyzedResource": { - "privilege": "GetAnalyzedResource", - "description": "Grants permission to retrieve information about an analyzed resource", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetAnalyzedResource.html" - }, - "GetAnalyzer": { - "privilege": "GetAnalyzer", - "description": "Grants permission to retrieve information about analyzers", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetAnalyzer.html" - }, - "GetArchiveRule": { - "privilege": "GetArchiveRule", - "description": "Grants permission to retrieve information about archive rules for the specified analyzer", - "access_level": "Read", - "resource_types": { - "ArchiveRule": { - "resource_type": "ArchiveRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetArchiveRule.html" - }, - "GetFinding": { - "privilege": "GetFinding", - "description": "Grants permission to retrieve findings", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetFinding.html" - }, - "GetGeneratedPolicy": { - "privilege": "GetGeneratedPolicy", - "description": "Grants permission to retrieve a policy that was generated using StartPolicyGeneration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetGeneratedPolicy.html" - }, - "ListAccessPreviewFindings": { - "privilege": "ListAccessPreviewFindings", - "description": "Grants permission to retrieve a list of findings from an access preview", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAccessPreviewFindings.html" - }, - "ListAccessPreviews": { - "privilege": "ListAccessPreviews", - "description": "Grants permission to retrieve a list of access previews", - "access_level": "List", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAccessPreviews.html" - }, - "ListAnalyzedResources": { - "privilege": "ListAnalyzedResources", - "description": "Grants permission to retrieve a list of resources that have been analyzed", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAnalyzedResources.html" - }, - "ListAnalyzers": { - "privilege": "ListAnalyzers", - "description": "Grants permission to retrieves a list of analyzers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAnalyzers.html" - }, - "ListArchiveRules": { - "privilege": "ListArchiveRules", - "description": "Grants permission to retrieve a list of archive rules from an analyzer", - "access_level": "List", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListArchiveRules.html" - }, - "ListFindings": { - "privilege": "ListFindings", - "description": "Grants permission to retrieve a list of findings from an analyzer", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListFindings.html" - }, - "ListPolicyGenerations": { - "privilege": "ListPolicyGenerations", - "description": "Grants permission to list all the recently started policy generations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListPolicyGenerations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of tags applied to a resource", - "access_level": "Read", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListTagsForResource.html" - }, - "StartPolicyGeneration": { - "privilege": "StartPolicyGeneration", - "description": "Grants permission to start a policy generation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_StartPolicyGeneration.html" - }, - "StartResourceScan": { - "privilege": "StartResourceScan", - "description": "Grants permission to start a scan of the policies applied to a resource", - "access_level": "Write", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_StartResourceScan.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a tag to a resource", - "access_level": "Tagging", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a resource", - "access_level": "Tagging", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_UntagResource.html" - }, - "UpdateArchiveRule": { - "privilege": "UpdateArchiveRule", - "description": "Grants permission to modify an archive rule", - "access_level": "Write", - "resource_types": { - "ArchiveRule": { - "resource_type": "ArchiveRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_UpdateArchiveRule.html" - }, - "UpdateFindings": { - "privilege": "UpdateFindings", - "description": "Grants permission to modify findings", - "access_level": "Write", - "resource_types": { - "Analyzer": { - "resource_type": "Analyzer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_UpdateFindings.html" - }, - "ValidatePolicy": { - "privilege": "ValidatePolicy", - "description": "Grants permission to validate a policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ValidatePolicy.html" - } - }, - "resources": { - "Analyzer": { - "resource": "Analyzer", - "arn": "arn:${Partition}:access-analyzer:${Region}:${Account}:analyzer/${AnalyzerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ArchiveRule": { - "resource": "ArchiveRule", - "arn": "arn:${Partition}:access-analyzer:${Region}:${Account}:analyzer/${AnalyzerName}/archive-rule/${RuleName}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "sso": { - "service_name": "AWS IAM Identity Center (successor to AWS Single Sign-On)", - "prefix": "sso", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiamidentitycentersuccessortoawssinglesign-on.html", - "privileges": { - "AssociateDirectory": { - "privilege": "AssociateDirectory", - "description": "Grants permission to connect a directory to be used by AWS Single Sign-On", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ds:AuthorizeApplication" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "AssociateProfile": { - "privilege": "AssociateProfile", - "description": "Grants permission to create an association between a directory user or group and a profile", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "AttachCustomerManagedPolicyReferenceToPermissionSet": { - "privilege": "AttachCustomerManagedPolicyReferenceToPermissionSet", - "description": "Grants permission to attach a customer managed policy reference to a permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_AttachCustomerManagedPolicyReferenceToPermissionSet.html" - }, - "AttachManagedPolicyToPermissionSet": { - "privilege": "AttachManagedPolicyToPermissionSet", - "description": "Grants permission to attach an AWS managed policy to a permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_AttachManagedPolicyToPermissionSet.html" - }, - "CreateAccountAssignment": { - "privilege": "CreateAccountAssignment", - "description": "Grants permission to assign access to a Principal for a specified AWS account using a specified permission set", - "access_level": "Write", - "resource_types": { - "Account": { - "resource_type": "Account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_CreateAccountAssignment.html" - }, - "CreateApplicationInstance": { - "privilege": "CreateApplicationInstance", - "description": "Grants permission to add an application instance to AWS Single Sign-On", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateApplicationInstanceCertificate": { - "privilege": "CreateApplicationInstanceCertificate", - "description": "Grants permission to add a new certificate for an application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateInstanceAccessControlAttributeConfiguration": { - "privilege": "CreateInstanceAccessControlAttributeConfiguration", - "description": "Grants permission to enable the instance for ABAC and specify the attributes", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_CreateInstanceAccessControlAttributeConfiguration.html" - }, - "CreateManagedApplicationInstance": { - "privilege": "CreateManagedApplicationInstance", - "description": "Grants permission to add a managed application instance to AWS Single Sign-On", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreatePermissionSet": { - "privilege": "CreatePermissionSet", - "description": "Grants permission to create a permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_CreatePermissionSet.html" - }, - "CreateProfile": { - "privilege": "CreateProfile", - "description": "Grants permission to create a profile for an application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateTrust": { - "privilege": "CreateTrust", - "description": "Grants permission to create a federation trust in a target account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteAccountAssignment": { - "privilege": "DeleteAccountAssignment", - "description": "Grants permission to delete a Principal's access from a specified AWS account using a specified permission set", - "access_level": "Write", - "resource_types": { - "Account": { - "resource_type": "Account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeleteAccountAssignment.html" - }, - "DeleteApplicationInstance": { - "privilege": "DeleteApplicationInstance", - "description": "Grants permission to delete the application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteApplicationInstanceCertificate": { - "privilege": "DeleteApplicationInstanceCertificate", - "description": "Grants permission to delete an inactive or expired certificate from the application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteInlinePolicyFromPermissionSet": { - "privilege": "DeleteInlinePolicyFromPermissionSet", - "description": "Grants permission to delete the inline policy from a specified permission set", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeleteInlinePolicyFromPermissionSet.html" - }, - "DeleteInstanceAccessControlAttributeConfiguration": { - "privilege": "DeleteInstanceAccessControlAttributeConfiguration", - "description": "Grants permission to disable ABAC and remove the attributes list for the instance", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeleteInstanceAccessControlAttributeConfiguration.html" - }, - "DeleteManagedApplicationInstance": { - "privilege": "DeleteManagedApplicationInstance", - "description": "Grants permission to delete the managed application instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeletePermissionSet": { - "privilege": "DeletePermissionSet", - "description": "Grants permission to delete a permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "{DocHomeURL}singlesignon/latest/APIReference/API_DeletePermissionSet.html" - }, - "DeletePermissionsBoundaryFromPermissionSet": { - "privilege": "DeletePermissionsBoundaryFromPermissionSet", - "description": "Grants permission to remove permissions boundary from a permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeletePermissionsBoundaryFromPermissionSet.html" - }, - "DeletePermissionsPolicy": { - "privilege": "DeletePermissionsPolicy", - "description": "Grants permission to delete the permission policy associated with a permission set", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteProfile": { - "privilege": "DeleteProfile", - "description": "Grants permission to delete the profile for an application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeAccountAssignmentCreationStatus": { - "privilege": "DescribeAccountAssignmentCreationStatus", - "description": "Grants permission to describe the status of the assignment creation request", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribeAccountAssignmentCreationStatus.html" - }, - "DescribeAccountAssignmentDeletionStatus": { - "privilege": "DescribeAccountAssignmentDeletionStatus", - "description": "Grants permission to describe the status of an assignment deletion request", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribeAccountAssignmentDeletionStatus.html" - }, - "DescribeDirectories": { - "privilege": "DescribeDirectories", - "description": "Grants permission to obtain information about the directories for this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeInstanceAccessControlAttributeConfiguration": { - "privilege": "DescribeInstanceAccessControlAttributeConfiguration", - "description": "Grants permission to get the list of attributes used by the instance for ABAC", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribeInstanceAccessControlAttributeConfiguration.html" - }, - "DescribePermissionSet": { - "privilege": "DescribePermissionSet", - "description": "Grants permission to describe a permission set", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribePermissionSet.html" - }, - "DescribePermissionSetProvisioningStatus": { - "privilege": "DescribePermissionSetProvisioningStatus", - "description": "Grants permission to describe the status for the given Permission Set Provisioning request", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribePermissionSetProvisioningStatus.html" - }, - "DescribePermissionsPolicies": { - "privilege": "DescribePermissionsPolicies", - "description": "Grants permission to retrieve all the permissions policies associated with a permission set", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeRegisteredRegions": { - "privilege": "DescribeRegisteredRegions", - "description": "Grants permission to obtain the regions where your organization has enabled AWS Single Sign-on", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeTrusts": { - "privilege": "DescribeTrusts", - "description": "Grants permission to obtain information about the trust relationships for this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DetachCustomerManagedPolicyReferenceFromPermissionSet": { - "privilege": "DetachCustomerManagedPolicyReferenceFromPermissionSet", - "description": "Grants permission to detach a customer managed policy reference from a permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DetachCustomerManagedPolicyReferenceFromPermissionSet.html" - }, - "DetachManagedPolicyFromPermissionSet": { - "privilege": "DetachManagedPolicyFromPermissionSet", - "description": "Grants permission to detach the attached AWS managed policy from the specified permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DetachManagedPolicyFromPermissionSet.html" - }, - "DisassociateDirectory": { - "privilege": "DisassociateDirectory", - "description": "Grants permission to disassociate a directory to be used by AWS Single Sign-On", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ds:UnauthorizeApplication" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DisassociateProfile": { - "privilege": "DisassociateProfile", - "description": "Grants permission to disassociate a directory user or group from a profile", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetApplicationInstance": { - "privilege": "GetApplicationInstance", - "description": "Grants permission to retrieve details for an application instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetApplicationTemplate": { - "privilege": "GetApplicationTemplate", - "description": "Grants permission to retrieve application template details", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetInlinePolicyForPermissionSet": { - "privilege": "GetInlinePolicyForPermissionSet", - "description": "Grants permission to obtain the inline policy assigned to the permission set", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_GetInlinePolicyForPermissionSet.html" - }, - "GetManagedApplicationInstance": { - "privilege": "GetManagedApplicationInstance", - "description": "Grants permission to retrieve details for an application instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetMfaDeviceManagementForDirectory": { - "privilege": "GetMfaDeviceManagementForDirectory", - "description": "Grants permission to retrieve Mfa Device Management settings for the directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetPermissionSet": { - "privilege": "GetPermissionSet", - "description": "Grants permission to retrieve details of a permission set", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetPermissionsBoundaryForPermissionSet": { - "privilege": "GetPermissionsBoundaryForPermissionSet", - "description": "Grants permission to get permissions boundary for a permission set", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_GetPermissionsBoundaryForPermissionSet.html" - }, - "GetPermissionsPolicy": { - "privilege": "GetPermissionsPolicy", - "description": "Grants permission to retrieve all permission policies associated with a permission set", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "sso:DescribePermissionsPolicies" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetProfile": { - "privilege": "GetProfile", - "description": "Grants permission to retrieve a profile for an application instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetSSOStatus": { - "privilege": "GetSSOStatus", - "description": "Grants permission to check if AWS Single Sign-On is enabled", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetSharedSsoConfiguration": { - "privilege": "GetSharedSsoConfiguration", - "description": "Grants permission to retrieve shared configuration for the current SSO instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetSsoConfiguration": { - "privilege": "GetSsoConfiguration", - "description": "Grants permission to retrieve configuration for the current SSO instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetTrust": { - "privilege": "GetTrust", - "description": "Grants permission to retrieve the federation trust in a target account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ImportApplicationInstanceServiceProviderMetadata": { - "privilege": "ImportApplicationInstanceServiceProviderMetadata", - "description": "Grants permission to update the application instance by uploading an application SAML metadata file provided by the service provider", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListAccountAssignmentCreationStatus": { - "privilege": "ListAccountAssignmentCreationStatus", - "description": "Grants permission to list the status of the AWS account assignment creation requests for a specified SSO instance", - "access_level": "List", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountAssignmentCreationStatus.html" - }, - "ListAccountAssignmentDeletionStatus": { - "privilege": "ListAccountAssignmentDeletionStatus", - "description": "Grants permission to list the status of the AWS account assignment deletion requests for a specified SSO instance", - "access_level": "List", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountAssignmentDeletionStatus.html" - }, - "ListAccountAssignments": { - "privilege": "ListAccountAssignments", - "description": "Grants permission to list the assignee of the specified AWS account with the specified permission set", - "access_level": "List", - "resource_types": { - "Account": { - "resource_type": "Account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountAssignments.html" - }, - "ListAccountsForProvisionedPermissionSet": { - "privilege": "ListAccountsForProvisionedPermissionSet", - "description": "Grants permission to list all the AWS accounts where the specified permission set is provisioned", - "access_level": "List", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountsForProvisionedPermissionSet.html" - }, - "ListApplicationInstanceCertificates": { - "privilege": "ListApplicationInstanceCertificates", - "description": "Grants permission to retrieve all of the certificates for a given application instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListApplicationInstances": { - "privilege": "ListApplicationInstances", - "description": "Grants permission to retrieve all application instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "sso:GetApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListApplicationTemplates": { - "privilege": "ListApplicationTemplates", - "description": "Grants permission to retrieve all supported application templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "sso:GetApplicationTemplate" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to retrieve all supported applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListCustomerManagedPolicyReferencesInPermissionSet": { - "privilege": "ListCustomerManagedPolicyReferencesInPermissionSet", - "description": "Grants permission to list the customer managed policy references that are attached to a permission set", - "access_level": "List", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListCustomerManagedPolicyReferencesInPermissionSet.html" - }, - "ListDirectoryAssociations": { - "privilege": "ListDirectoryAssociations", - "description": "Grants permission to retrieve details about the directory connected to AWS Single Sign-On", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListInstances": { - "privilege": "ListInstances", - "description": "Grants permission to list the SSO Instances that the caller has access to", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html" - }, - "ListManagedPoliciesInPermissionSet": { - "privilege": "ListManagedPoliciesInPermissionSet", - "description": "Grants permission to list the AWS managed policies that are attached to a specified permission set", - "access_level": "List", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListManagedPoliciesInPermissionSet.html" - }, - "ListPermissionSetProvisioningStatus": { - "privilege": "ListPermissionSetProvisioningStatus", - "description": "Grants permission to list the status of the Permission Set Provisioning requests for a specified SSO instance", - "access_level": "List", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListPermissionSetProvisioningStatus.html" - }, - "ListPermissionSets": { - "privilege": "ListPermissionSets", - "description": "Grants permission to retrieve all permission sets", - "access_level": "List", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "{DocHomeURL}singlesignon/latest/APIReference/API_ListPermissionSets.html" - }, - "ListPermissionSetsProvisionedToAccount": { - "privilege": "ListPermissionSetsProvisionedToAccount", - "description": "Grants permission to list all the permission sets that are provisioned to a specified AWS account", - "access_level": "List", - "resource_types": { - "Account": { - "resource_type": "Account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListPermissionSetsProvisionedToAccount.html" - }, - "ListProfileAssociations": { - "privilege": "ListProfileAssociations", - "description": "Grants permission to retrieve the directory user or group associated with the profile", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListProfiles": { - "privilege": "ListProfiles", - "description": "Grants permission to retrieve all profiles for an application instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "sso:GetProfile" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags that are attached to a specified resource", - "access_level": "Read", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListTagsForResource.html" - }, - "ProvisionPermissionSet": { - "privilege": "ProvisionPermissionSet", - "description": "Grants permission to provision a specified permission set to the specified target", - "access_level": "Write", - "resource_types": { - "Account": { - "resource_type": "Account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ProvisionPermissionSet.html" - }, - "PutApplicationAssignmentConfiguration": { - "privilege": "PutApplicationAssignmentConfiguration", - "description": "Grants permission to add assignment configurations to an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "iam-auth-access-using-id-policies.html#policyexample" - }, - "PutInlinePolicyToPermissionSet": { - "privilege": "PutInlinePolicyToPermissionSet", - "description": "Grants permission to attach an IAM inline policy to a permission set", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_PutInlinePolicyToPermissionSet.html" - }, - "PutMfaDeviceManagementForDirectory": { - "privilege": "PutMfaDeviceManagementForDirectory", - "description": "Grants permission to put Mfa Device Management settings for the directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "PutPermissionsBoundaryToPermissionSet": { - "privilege": "PutPermissionsBoundaryToPermissionSet", - "description": "Grants permission to add permissions boundary to a permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_PutPermissionsBoundaryToPermissionSet.html" - }, - "PutPermissionsPolicy": { - "privilege": "PutPermissionsPolicy", - "description": "Grants permission to add a policy to a permission set", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "SearchGroups": { - "privilege": "SearchGroups", - "description": "Grants permission to search for groups within the associated directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "SearchUsers": { - "privilege": "SearchUsers", - "description": "Grants permission to search for users within the associated directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ds:DescribeDirectories" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "StartSSO": { - "privilege": "StartSSO", - "description": "Grants permission to initialize AWS Single Sign-On", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization", - "organizations:EnableAWSServiceAccess" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate a set of tags with a specified resource", - "access_level": "Tagging", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to disassociate a set of tags from a specified resource", - "access_level": "Tagging", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_UntagResource.html" - }, - "UpdateApplicationInstanceActiveCertificate": { - "privilege": "UpdateApplicationInstanceActiveCertificate", - "description": "Grants permission to set a certificate as the active one for this application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateApplicationInstanceDisplayData": { - "privilege": "UpdateApplicationInstanceDisplayData", - "description": "Grants permission to update display data of an application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateApplicationInstanceResponseConfiguration": { - "privilege": "UpdateApplicationInstanceResponseConfiguration", - "description": "Grants permission to update federation response configuration for the application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateApplicationInstanceResponseSchemaConfiguration": { - "privilege": "UpdateApplicationInstanceResponseSchemaConfiguration", - "description": "Grants permission to update federation response schema configuration for the application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateApplicationInstanceSecurityConfiguration": { - "privilege": "UpdateApplicationInstanceSecurityConfiguration", - "description": "Grants permission to update security details for the application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateApplicationInstanceServiceProviderConfiguration": { - "privilege": "UpdateApplicationInstanceServiceProviderConfiguration", - "description": "Grants permission to update service provider related configuration for the application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateApplicationInstanceStatus": { - "privilege": "UpdateApplicationInstanceStatus", - "description": "Grants permission to update the status of an application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateDirectoryAssociation": { - "privilege": "UpdateDirectoryAssociation", - "description": "Grants permission to update the user attribute mappings for your connected directory", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateInstanceAccessControlAttributeConfiguration": { - "privilege": "UpdateInstanceAccessControlAttributeConfiguration", - "description": "Grants permission to update the attributes to use with the instance for ABAC", - "access_level": "Write", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_UpdateInstanceAccessControlAttributeConfiguration.html" - }, - "UpdateManagedApplicationInstanceStatus": { - "privilege": "UpdateManagedApplicationInstanceStatus", - "description": "Grants permission to update the status of a managed application instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdatePermissionSet": { - "privilege": "UpdatePermissionSet", - "description": "Grants permission to update the permission set", - "access_level": "Permissions management", - "resource_types": { - "Instance": { - "resource_type": "Instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "PermissionSet": { - "resource_type": "PermissionSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "{DocHomeURL}singlesignon/latest/APIReference/API_UpdatePermissionSet.html" - }, - "UpdateProfile": { - "privilege": "UpdateProfile", - "description": "Grants permission to update the profile for an application instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateSSOConfiguration": { - "privilege": "UpdateSSOConfiguration", - "description": "Grants permission to update the configuration for the current SSO instance", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateTrust": { - "privilege": "UpdateTrust", - "description": "Grants permission to update the federation trust in a target account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - } - }, - "resources": { - "PermissionSet": { - "resource": "PermissionSet", - "arn": "arn:${Partition}:sso:::permissionSet/${InstanceId}/${PermissionSetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Account": { - "resource": "Account", - "arn": "arn:${Partition}:sso:::account/${AccountId}", - "condition_keys": [] - }, - "Instance": { - "resource": "Instance", - "arn": "arn:${Partition}:sso:::instance/${InstanceId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "sso-directory": { - "service_name": "AWS IAM Identity Center (successor to AWS Single Sign-On) directory", - "prefix": "sso-directory", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiamidentitycentersuccessortoawssinglesign-ondirectory.html", - "privileges": { - "AddMemberToGroup": { - "privilege": "AddMemberToGroup", - "description": "Grants permission to add a member to a group in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CompleteVirtualMfaDeviceRegistration": { - "privilege": "CompleteVirtualMfaDeviceRegistration", - "description": "Grants permission to complete the creation process of a virtual MFA device", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CompleteWebAuthnDeviceRegistration": { - "privilege": "CompleteWebAuthnDeviceRegistration", - "description": "Grants permission to complete the registration process of a WebAuthn device", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateAlias": { - "privilege": "CreateAlias", - "description": "Grants permission to create an alias for the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateBearerToken": { - "privilege": "CreateBearerToken", - "description": "Grants permission to create a bearer token for a given provisioning tenant", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateExternalIdPConfigurationForDirectory": { - "privilege": "CreateExternalIdPConfigurationForDirectory", - "description": "Grants permission to create an External Identity Provider configuration for the directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a group in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateProvisioningTenant": { - "privilege": "CreateProvisioningTenant", - "description": "Grants permission to create a provisioning tenant for a given directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteBearerToken": { - "privilege": "DeleteBearerToken", - "description": "Grants permission to delete a bearer token", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteExternalIdPCertificate": { - "privilege": "DeleteExternalIdPCertificate", - "description": "Grants permission to delete the given external IdP certificate", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteExternalIdPConfigurationForDirectory": { - "privilege": "DeleteExternalIdPConfigurationForDirectory", - "description": "Grants permission to delete an External Identity Provider configuration associated with the directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete a group from the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteMfaDeviceForUser": { - "privilege": "DeleteMfaDeviceForUser", - "description": "Grants permission to delete a MFA device by device name for a given user", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteProvisioningTenant": { - "privilege": "DeleteProvisioningTenant", - "description": "Grants permission to delete the provisioning tenant", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user from the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeDirectory": { - "privilege": "DescribeDirectory", - "description": "Grants permission to retrieve information about the directory that AWS SSO provides by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeGroup": { - "privilege": "DescribeGroup", - "description": "Grants permission to query the group data, not including user and group members", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeGroups": { - "privilege": "DescribeGroups", - "description": "Grants permission to retrieve information about groups from the directory that AWS SSO provides by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeProvisioningTenant": { - "privilege": "DescribeProvisioningTenant", - "description": "Grants permission to describes the provisioning tenant", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeUser": { - "privilege": "DescribeUser", - "description": "Grants permission to retrieve information about a user from the directory that AWS SSO provides by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeUserByUniqueAttribute": { - "privilege": "DescribeUserByUniqueAttribute", - "description": "Grants permission to describe user with a valid unique attribute represented for the user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DescribeUsers": { - "privilege": "DescribeUsers", - "description": "Grants permission to retrieve information about user from the directory that AWS SSO provides by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DisableExternalIdPConfigurationForDirectory": { - "privilege": "DisableExternalIdPConfigurationForDirectory", - "description": "Grants permission to disable authentication of end users with an External Identity Provider", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "DisableUser": { - "privilege": "DisableUser", - "description": "Grants permission to deactivate a user in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "EnableExternalIdPConfigurationForDirectory": { - "privilege": "EnableExternalIdPConfigurationForDirectory", - "description": "Grants permission to enable authentication of end users with an External Identity Provider", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "EnableUser": { - "privilege": "EnableUser", - "description": "Grants permission to activate user in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetAWSSPConfigurationForDirectory": { - "privilege": "GetAWSSPConfigurationForDirectory", - "description": "Grants permission to retrieve the AWS SSO Service Provider configurations for the directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "GetUserPoolInfo": { - "privilege": "GetUserPoolInfo", - "description": "(Deprecated) Grants permission to get UserPool Info", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ImportExternalIdPCertificate": { - "privilege": "ImportExternalIdPCertificate", - "description": "Grants permission to import the IdP certificate used for verifying external IdP responses", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "IsMemberInGroup": { - "privilege": "IsMemberInGroup", - "description": "Grants permission to check if a member is a part of the group in the directory that AWS SSO provides by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListBearerTokens": { - "privilege": "ListBearerTokens", - "description": "Grants permission to list bearer tokens for a given provisioning tenant", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListExternalIdPCertificates": { - "privilege": "ListExternalIdPCertificates", - "description": "Grants permission to list the external IdP certificates of a given directory and IdP", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListExternalIdPConfigurationsForDirectory": { - "privilege": "ListExternalIdPConfigurationsForDirectory", - "description": "Grants permission to list all the External Identity Provider configurations created for the directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListGroupsForMember": { - "privilege": "ListGroupsForMember", - "description": "Grants permission to list groups of the target member", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListGroupsForUser": { - "privilege": "ListGroupsForUser", - "description": "Grants permission to list groups for a user from the directory that AWS SSO provides by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListMembersInGroup": { - "privilege": "ListMembersInGroup", - "description": "Grants permission to retrieve all members that are part of a group in the directory that AWS SSO provides by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListMfaDevicesForUser": { - "privilege": "ListMfaDevicesForUser", - "description": "Grants permission to list all active MFA devices and their MFA device metadata for a user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "ListProvisioningTenants": { - "privilege": "ListProvisioningTenants", - "description": "Grants permission to list provisioning tenants for a given directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "RemoveMemberFromGroup": { - "privilege": "RemoveMemberFromGroup", - "description": "Grants permission to remove a member that is part of a group in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "SearchGroups": { - "privilege": "SearchGroups", - "description": "Grants permission to search for groups within the associated directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "SearchUsers": { - "privilege": "SearchUsers", - "description": "Grants permission to search for users within the associated directory", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "StartVirtualMfaDeviceRegistration": { - "privilege": "StartVirtualMfaDeviceRegistration", - "description": "Grants permission to begin the creation process of virtual mfa device", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "StartWebAuthnDeviceRegistration": { - "privilege": "StartWebAuthnDeviceRegistration", - "description": "Grants permission to begin the registration process of a WebAuthn device", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateExternalIdPConfigurationForDirectory": { - "privilege": "UpdateExternalIdPConfigurationForDirectory", - "description": "Grants permission to update an External Identity Provider configuration associated with the directory", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to update information about a group in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateGroupDisplayName": { - "privilege": "UpdateGroupDisplayName", - "description": "Grants permission to update group display name update group display name response", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateMfaDeviceForUser": { - "privilege": "UpdateMfaDeviceForUser", - "description": "Grants permission to update MFA device information", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdatePassword": { - "privilege": "UpdatePassword", - "description": "Grants permission to update a password by sending password reset link via email or generating one time password for a user in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update user information in the directory that AWS SSO provides by default", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "UpdateUserName": { - "privilege": "UpdateUserName", - "description": "Grants permission to update user name update user name response", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - }, - "VerifyEmail": { - "privilege": "VerifyEmail", - "description": "Grants permission to verify an email address of an User", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" - } - }, - "resources": {}, - "conditions": {} - }, - "iam": { - "service_name": "AWS Identity and Access Management", - "prefix": "iam", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentityandaccessmanagement.html", - "privileges": { - "AddClientIDToOpenIDConnectProvider": { - "privilege": "AddClientIDToOpenIDConnectProvider", - "description": "Grants permission to add a new client ID (audience) to the list of registered IDs for the specified IAM OpenID Connect (OIDC) provider resource", - "access_level": "Permissions management", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddClientIDToOpenIDConnectProvider.html" - }, - "AddRoleToInstanceProfile": { - "privilege": "AddRoleToInstanceProfile", - "description": "Grants permission to add an IAM role to the specified instance profile", - "access_level": "Permissions management", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddRoleToInstanceProfile.html" - }, - "AddUserToGroup": { - "privilege": "AddUserToGroup", - "description": "Grants permission to add an IAM user to the specified IAM group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddUserToGroup.html" - }, - "AttachGroupPolicy": { - "privilege": "AttachGroupPolicy", - "description": "Grants permission to attach a managed policy to the specified IAM group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PolicyARN" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html" - }, - "AttachRolePolicy": { - "privilege": "AttachRolePolicy", - "description": "Grants permission to attach a managed policy to the specified IAM role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PolicyARN", - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachRolePolicy.html" - }, - "AttachUserPolicy": { - "privilege": "AttachUserPolicy", - "description": "Grants permission to attach a managed policy to the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PolicyARN", - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html" - }, - "ChangePassword": { - "privilege": "ChangePassword", - "description": "Grants permission for an IAM user to to change their own password", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html" - }, - "CreateAccessKey": { - "privilege": "CreateAccessKey", - "description": "Grants permission to create access key and secret access key for the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccessKey.html" - }, - "CreateAccountAlias": { - "privilege": "CreateAccountAlias", - "description": "Grants permission to create an alias for your AWS account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccountAlias.html" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a new group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateGroup.html" - }, - "CreateInstanceProfile": { - "privilege": "CreateInstanceProfile", - "description": "Grants permission to create a new instance profile", - "access_level": "Permissions management", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateInstanceProfile.html" - }, - "CreateLoginProfile": { - "privilege": "CreateLoginProfile", - "description": "Grants permission to create a password for the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateLoginProfile.html" - }, - "CreateOpenIDConnectProvider": { - "privilege": "CreateOpenIDConnectProvider", - "description": "Grants permission to create an IAM resource that describes an identity provider (IdP) that supports OpenID Connect (OIDC)", - "access_level": "Permissions management", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html" - }, - "CreatePolicy": { - "privilege": "CreatePolicy", - "description": "Grants permission to create a new managed policy", - "access_level": "Permissions management", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html" - }, - "CreatePolicyVersion": { - "privilege": "CreatePolicyVersion", - "description": "Grants permission to create a new version of the specified managed policy", - "access_level": "Permissions management", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicyVersion.html" - }, - "CreateRole": { - "privilege": "CreateRole", - "description": "Grants permission to create a new role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html" - }, - "CreateSAMLProvider": { - "privilege": "CreateSAMLProvider", - "description": "Grants permission to create an IAM resource that describes an identity provider (IdP) that supports SAML 2.0", - "access_level": "Permissions management", - "resource_types": { - "saml-provider": { - "resource_type": "saml-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateSAMLProvider.html" - }, - "CreateServiceLinkedRole": { - "privilege": "CreateServiceLinkedRole", - "description": "Grants permission to create an IAM role that allows an AWS service to perform actions on your behalf", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:AWSServiceName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateServiceLinkedRole.html" - }, - "CreateServiceSpecificCredential": { - "privilege": "CreateServiceSpecificCredential", - "description": "Grants permission to create a new service-specific credential for an IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateServiceSpecificCredential.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a new IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary", - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateUser.html" - }, - "CreateVirtualMFADevice": { - "privilege": "CreateVirtualMFADevice", - "description": "Grants permission to create a new virtual MFA device", - "access_level": "Permissions management", - "resource_types": { - "mfa": { - "resource_type": "mfa", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateVirtualMFADevice.html" - }, - "DeactivateMFADevice": { - "privilege": "DeactivateMFADevice", - "description": "Grants permission to deactivate the specified MFA device and remove its association with the IAM user for which it was originally enabled", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeactivateMFADevice.html" - }, - "DeleteAccessKey": { - "privilege": "DeleteAccessKey", - "description": "Grants permission to delete the access key pair that is associated with the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccessKey.html" - }, - "DeleteAccountAlias": { - "privilege": "DeleteAccountAlias", - "description": "Grants permission to delete the specified AWS account alias", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccountAlias.html" - }, - "DeleteAccountPasswordPolicy": { - "privilege": "DeleteAccountPasswordPolicy", - "description": "Grants permission to delete the password policy for the AWS account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccountPasswordPolicy.html" - }, - "DeleteCloudFrontPublicKey": { - "privilege": "DeleteCloudFrontPublicKey", - "description": "Grants permission to delete an existing CloudFront public key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete the specified IAM group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteGroup.html" - }, - "DeleteGroupPolicy": { - "privilege": "DeleteGroupPolicy", - "description": "Grants permission to delete the specified inline policy from its group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteGroupPolicy.html" - }, - "DeleteInstanceProfile": { - "privilege": "DeleteInstanceProfile", - "description": "Grants permission to delete the specified instance profile", - "access_level": "Permissions management", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteInstanceProfile.html" - }, - "DeleteLoginProfile": { - "privilege": "DeleteLoginProfile", - "description": "Grants permission to delete the password for the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteLoginProfile.html" - }, - "DeleteOpenIDConnectProvider": { - "privilege": "DeleteOpenIDConnectProvider", - "description": "Grants permission to delete an OpenID Connect identity provider (IdP) resource object in IAM", - "access_level": "Permissions management", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteOpenIDConnectProvider.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to delete the specified managed policy and remove it from any IAM entities (users, groups, or roles) to which it is attached", - "access_level": "Permissions management", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html" - }, - "DeletePolicyVersion": { - "privilege": "DeletePolicyVersion", - "description": "Grants permission to delete a version from the specified managed policy", - "access_level": "Permissions management", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicyVersion.html" - }, - "DeleteRole": { - "privilege": "DeleteRole", - "description": "Grants permission to delete the specified role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRole.html" - }, - "DeleteRolePermissionsBoundary": { - "privilege": "DeleteRolePermissionsBoundary", - "description": "Grants permission to remove the permissions boundary from a role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRolePermissionsBoundary.html" - }, - "DeleteRolePolicy": { - "privilege": "DeleteRolePolicy", - "description": "Grants permission to delete the specified inline policy from the specified role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRolePolicy.html" - }, - "DeleteSAMLProvider": { - "privilege": "DeleteSAMLProvider", - "description": "Grants permission to delete a SAML provider resource in IAM", - "access_level": "Permissions management", - "resource_types": { - "saml-provider": { - "resource_type": "saml-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSAMLProvider.html" - }, - "DeleteSSHPublicKey": { - "privilege": "DeleteSSHPublicKey", - "description": "Grants permission to delete the specified SSH public key", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSSHPublicKey.html" - }, - "DeleteServerCertificate": { - "privilege": "DeleteServerCertificate", - "description": "Grants permission to delete the specified server certificate", - "access_level": "Permissions management", - "resource_types": { - "server-certificate": { - "resource_type": "server-certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServerCertificate.html" - }, - "DeleteServiceLinkedRole": { - "privilege": "DeleteServiceLinkedRole", - "description": "Grants permission to delete an IAM role that is linked to a specific AWS service, if the service is no longer using it", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServiceLinkedRole.html" - }, - "DeleteServiceSpecificCredential": { - "privilege": "DeleteServiceSpecificCredential", - "description": "Grants permission to delete the specified service-specific credential for an IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServiceSpecificCredential.html" - }, - "DeleteSigningCertificate": { - "privilege": "DeleteSigningCertificate", - "description": "Grants permission to delete a signing certificate that is associated with the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSigningCertificate.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUser.html" - }, - "DeleteUserPermissionsBoundary": { - "privilege": "DeleteUserPermissionsBoundary", - "description": "Grants permission to remove the permissions boundary from the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPermissionsBoundary.html" - }, - "DeleteUserPolicy": { - "privilege": "DeleteUserPolicy", - "description": "Grants permission to delete the specified inline policy from an IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPolicy.html" - }, - "DeleteVirtualMFADevice": { - "privilege": "DeleteVirtualMFADevice", - "description": "Grants permission to delete a virtual MFA device", - "access_level": "Permissions management", - "resource_types": { - "mfa": { - "resource_type": "mfa", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sms-mfa": { - "resource_type": "sms-mfa", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteVirtualMFADevice.html" - }, - "DetachGroupPolicy": { - "privilege": "DetachGroupPolicy", - "description": "Grants permission to detach a managed policy from the specified IAM group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PolicyARN" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html" - }, - "DetachRolePolicy": { - "privilege": "DetachRolePolicy", - "description": "Grants permission to detach a managed policy from the specified role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PolicyARN", - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html" - }, - "DetachUserPolicy": { - "privilege": "DetachUserPolicy", - "description": "Grants permission to detach a managed policy from the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PolicyARN", - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html" - }, - "EnableMFADevice": { - "privilege": "EnableMFADevice", - "description": "Grants permission to enable an MFA device and associate it with the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html" - }, - "GenerateCredentialReport": { - "privilege": "GenerateCredentialReport", - "description": "Grants permission to generate a credential report for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateCredentialReport.html" - }, - "GenerateOrganizationsAccessReport": { - "privilege": "GenerateOrganizationsAccessReport", - "description": "Grants permission to generate an access report for an AWS Organizations entity", - "access_level": "Read", - "resource_types": { - "access-report": { - "resource_type": "access-report", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribePolicy", - "organizations:ListChildren", - "organizations:ListParents", - "organizations:ListPoliciesForTarget", - "organizations:ListRoots", - "organizations:ListTargetsForPolicy" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:OrganizationsPolicyId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateOrganizationsAccessReport.html" - }, - "GenerateServiceLastAccessedDetails": { - "privilege": "GenerateServiceLastAccessedDetails", - "description": "Grants permission to generate a service last accessed data report for an IAM resource", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateServiceLastAccessedDetails.html" - }, - "GetAccessKeyLastUsed": { - "privilege": "GetAccessKeyLastUsed", - "description": "Grants permission to retrieve information about when the specified access key was last used", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccessKeyLastUsed.html" - }, - "GetAccountAuthorizationDetails": { - "privilege": "GetAccountAuthorizationDetails", - "description": "Grants permission to retrieve information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountAuthorizationDetails.html" - }, - "GetAccountEmailAddress": { - "privilege": "GetAccountEmailAddress", - "description": "Grants permission to retrieve the email address that is associated with the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" - }, - "GetAccountName": { - "privilege": "GetAccountName", - "description": "Grants permission to retrieve the account name that is associated with the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" - }, - "GetAccountPasswordPolicy": { - "privilege": "GetAccountPasswordPolicy", - "description": "Grants permission to retrieve the password policy for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountPasswordPolicy.html" - }, - "GetAccountSummary": { - "privilege": "GetAccountSummary", - "description": "Grants permission to retrieve information about IAM entity usage and IAM quotas in the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountSummary.html" - }, - "GetCloudFrontPublicKey": { - "privilege": "GetCloudFrontPublicKey", - "description": "Grants permission to retrieve information about the specified CloudFront public key", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" - }, - "GetContextKeysForCustomPolicy": { - "privilege": "GetContextKeysForCustomPolicy", - "description": "Grants permission to retrieve a list of all of the context keys that are referenced in the specified policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetContextKeysForCustomPolicy.html" - }, - "GetContextKeysForPrincipalPolicy": { - "privilege": "GetContextKeysForPrincipalPolicy", - "description": "Grants permission to retrieve a list of all context keys that are referenced in all IAM policies that are attached to the specified IAM identity (user, group, or role)", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "role": { - "resource_type": "role", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetContextKeysForPrincipalPolicy.html" - }, - "GetCredentialReport": { - "privilege": "GetCredentialReport", - "description": "Grants permission to retrieve a credential report for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetCredentialReport.html" - }, - "GetGroup": { - "privilege": "GetGroup", - "description": "Grants permission to retrieve a list of IAM users in the specified IAM group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetGroup.html" - }, - "GetGroupPolicy": { - "privilege": "GetGroupPolicy", - "description": "Grants permission to retrieve an inline policy document that is embedded in the specified IAM group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetGroupPolicy.html" - }, - "GetInstanceProfile": { - "privilege": "GetInstanceProfile", - "description": "Grants permission to retrieve information about the specified instance profile, including the instance profile's path, GUID, ARN, and role", - "access_level": "Read", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetInstanceProfile.html" - }, - "GetLoginProfile": { - "privilege": "GetLoginProfile", - "description": "Grants permission to retrieve the user name and password creation date for the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetLoginProfile.html" - }, - "GetOpenIDConnectProvider": { - "privilege": "GetOpenIDConnectProvider", - "description": "Grants permission to retrieve information about the specified OpenID Connect (OIDC) provider resource in IAM", - "access_level": "Read", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetOpenIDConnectProvider.html" - }, - "GetOrganizationsAccessReport": { - "privilege": "GetOrganizationsAccessReport", - "description": "Grants permission to retrieve an AWS Organizations access report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetOrganizationsAccessReport.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to retrieve information about the specified managed policy, including the policy's default version and the total number of identities to which the policy is attached", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html" - }, - "GetPolicyVersion": { - "privilege": "GetPolicyVersion", - "description": "Grants permission to retrieve information about a version of the specified managed policy, including the policy document", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicyVersion.html" - }, - "GetRole": { - "privilege": "GetRole", - "description": "Grants permission to retrieve information about the specified role, including the role's path, GUID, ARN, and the role's trust policy", - "access_level": "Read", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRole.html" - }, - "GetRolePolicy": { - "privilege": "GetRolePolicy", - "description": "Grants permission to retrieve an inline policy document that is embedded with the specified IAM role", - "access_level": "Read", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRolePolicy.html" - }, - "GetSAMLProvider": { - "privilege": "GetSAMLProvider", - "description": "Grants permission to retrieve the SAML provider metadocument that was uploaded when the IAM SAML provider resource was created or updated", - "access_level": "Read", - "resource_types": { - "saml-provider": { - "resource_type": "saml-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetSAMLProvider.html" - }, - "GetSSHPublicKey": { - "privilege": "GetSSHPublicKey", - "description": "Grants permission to retrieve the specified SSH public key, including metadata about the key", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetSSHPublicKey.html" - }, - "GetServerCertificate": { - "privilege": "GetServerCertificate", - "description": "Grants permission to retrieve information about the specified server certificate stored in IAM", - "access_level": "Read", - "resource_types": { - "server-certificate": { - "resource_type": "server-certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServerCertificate.html" - }, - "GetServiceLastAccessedDetails": { - "privilege": "GetServiceLastAccessedDetails", - "description": "Grants permission to retrieve information about the service last accessed data report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLastAccessedDetails.html" - }, - "GetServiceLastAccessedDetailsWithEntities": { - "privilege": "GetServiceLastAccessedDetailsWithEntities", - "description": "Grants permission to retrieve information about the entities from the service last accessed data report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLastAccessedDetailsWithEntities.html" - }, - "GetServiceLinkedRoleDeletionStatus": { - "privilege": "GetServiceLinkedRoleDeletionStatus", - "description": "Grants permission to retrieve an IAM service-linked role deletion status", - "access_level": "Read", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLinkedRoleDeletionStatus.html" - }, - "GetUser": { - "privilege": "GetUser", - "description": "Grants permission to retrieve information about the specified IAM user, including the user's creation date, path, unique ID, and ARN", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUser.html" - }, - "GetUserPolicy": { - "privilege": "GetUserPolicy", - "description": "Grants permission to retrieve an inline policy document that is embedded in the specified IAM user", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUserPolicy.html" - }, - "ListAccessKeys": { - "privilege": "ListAccessKeys", - "description": "Grants permission to list information about the access key IDs that are associated with the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAccessKeys.html" - }, - "ListAccountAliases": { - "privilege": "ListAccountAliases", - "description": "Grants permission to list the account alias that is associated with the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAccountAliases.html" - }, - "ListAttachedGroupPolicies": { - "privilege": "ListAttachedGroupPolicies", - "description": "Grants permission to list all managed policies that are attached to the specified IAM group", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedGroupPolicies.html" - }, - "ListAttachedRolePolicies": { - "privilege": "ListAttachedRolePolicies", - "description": "Grants permission to list all managed policies that are attached to the specified IAM role", - "access_level": "List", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html" - }, - "ListAttachedUserPolicies": { - "privilege": "ListAttachedUserPolicies", - "description": "Grants permission to list all managed policies that are attached to the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedUserPolicies.html" - }, - "ListCloudFrontPublicKeys": { - "privilege": "ListCloudFrontPublicKeys", - "description": "Grants permission to list all current CloudFront public keys for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" - }, - "ListEntitiesForPolicy": { - "privilege": "ListEntitiesForPolicy", - "description": "Grants permission to list all IAM identities to which the specified managed policy is attached", - "access_level": "List", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListEntitiesForPolicy.html" - }, - "ListGroupPolicies": { - "privilege": "ListGroupPolicies", - "description": "Grants permission to list the names of the inline policies that are embedded in the specified IAM group", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroupPolicies.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list the IAM groups that have the specified path prefix", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroups.html" - }, - "ListGroupsForUser": { - "privilege": "ListGroupsForUser", - "description": "Grants permission to list the IAM groups that the specified IAM user belongs to", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroupsForUser.html" - }, - "ListInstanceProfileTags": { - "privilege": "ListInstanceProfileTags", - "description": "Grants permission to list the tags that are attached to the specified instance profile", - "access_level": "List", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfileTags.html" - }, - "ListInstanceProfiles": { - "privilege": "ListInstanceProfiles", - "description": "Grants permission to list the instance profiles that have the specified path prefix", - "access_level": "List", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html" - }, - "ListInstanceProfilesForRole": { - "privilege": "ListInstanceProfilesForRole", - "description": "Grants permission to list the instance profiles that have the specified associated IAM role", - "access_level": "List", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfilesForRole.html" - }, - "ListMFADeviceTags": { - "privilege": "ListMFADeviceTags", - "description": "Grants permission to list the tags that are attached to the specified virtual mfa device", - "access_level": "List", - "resource_types": { - "mfa": { - "resource_type": "mfa", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADeviceTags.html" - }, - "ListMFADevices": { - "privilege": "ListMFADevices", - "description": "Grants permission to list the MFA devices for an IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html" - }, - "ListOpenIDConnectProviderTags": { - "privilege": "ListOpenIDConnectProviderTags", - "description": "Grants permission to list the tags that are attached to the specified OpenID Connect provider", - "access_level": "List", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListOpenIDConnectProviderTags.html" - }, - "ListOpenIDConnectProviders": { - "privilege": "ListOpenIDConnectProviders", - "description": "Grants permission to list information about the IAM OpenID Connect (OIDC) provider resource objects that are defined in the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListOpenIDConnectProviders.html" - }, - "ListPolicies": { - "privilege": "ListPolicies", - "description": "Grants permission to list all managed policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html" - }, - "ListPoliciesGrantingServiceAccess": { - "privilege": "ListPoliciesGrantingServiceAccess", - "description": "Grants permission to list information about the policies that grant an entity access to a specific service", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPoliciesGrantingServiceAccess.html" - }, - "ListPolicyTags": { - "privilege": "ListPolicyTags", - "description": "Grants permission to list the tags that are attached to the specified managed policy", - "access_level": "List", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicyTags.html" - }, - "ListPolicyVersions": { - "privilege": "ListPolicyVersions", - "description": "Grants permission to list information about the versions of the specified managed policy, including the version that is currently set as the policy's default version", - "access_level": "List", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicyVersions.html" - }, - "ListRolePolicies": { - "privilege": "ListRolePolicies", - "description": "Grants permission to list the names of the inline policies that are embedded in the specified IAM role", - "access_level": "List", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html" - }, - "ListRoleTags": { - "privilege": "ListRoleTags", - "description": "Grants permission to list the tags that are attached to the specified IAM role", - "access_level": "List", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRoleTags.html" - }, - "ListRoles": { - "privilege": "ListRoles", - "description": "Grants permission to list the IAM roles that have the specified path prefix", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRoles.html" - }, - "ListSAMLProviderTags": { - "privilege": "ListSAMLProviderTags", - "description": "Grants permission to list the tags that are attached to the specified SAML provider", - "access_level": "List", - "resource_types": { - "saml-provider": { - "resource_type": "saml-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSAMLProviderTags.html" - }, - "ListSAMLProviders": { - "privilege": "ListSAMLProviders", - "description": "Grants permission to list the SAML provider resources in IAM", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSAMLProviders.html" - }, - "ListSSHPublicKeys": { - "privilege": "ListSSHPublicKeys", - "description": "Grants permission to list information about the SSH public keys that are associated with the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSSHPublicKeys.html" - }, - "ListSTSRegionalEndpointsStatus": { - "privilege": "ListSTSRegionalEndpointsStatus", - "description": "Grants permission to list the status of all active STS regional endpoints", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html" - }, - "ListServerCertificateTags": { - "privilege": "ListServerCertificateTags", - "description": "Grants permission to list the tags that are attached to the specified server certificate", - "access_level": "List", - "resource_types": { - "server-certificate": { - "resource_type": "server-certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServerCertificateTags.html" - }, - "ListServerCertificates": { - "privilege": "ListServerCertificates", - "description": "Grants permission to list the server certificates that have the specified path prefix", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServerCertificates.html" - }, - "ListServiceSpecificCredentials": { - "privilege": "ListServiceSpecificCredentials", - "description": "Grants permission to list the service-specific credentials that are associated with the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServiceSpecificCredentials.html" - }, - "ListSigningCertificates": { - "privilege": "ListSigningCertificates", - "description": "Grants permission to list information about the signing certificates that are associated with the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSigningCertificates.html" - }, - "ListUserPolicies": { - "privilege": "ListUserPolicies", - "description": "Grants permission to list the names of the inline policies that are embedded in the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUserPolicies.html" - }, - "ListUserTags": { - "privilege": "ListUserTags", - "description": "Grants permission to list the tags that are attached to the specified IAM user", - "access_level": "List", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUserTags.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list the IAM users that have the specified path prefix", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUsers.html" - }, - "ListVirtualMFADevices": { - "privilege": "ListVirtualMFADevices", - "description": "Grants permission to list virtual MFA devices by assignment status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListVirtualMFADevices.html" - }, - "PassRole": { - "privilege": "PassRole", - "description": "Grants permission to pass a role to a service", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:AssociatedResourceArn", - "iam:PassedToService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html" - }, - "PutGroupPolicy": { - "privilege": "PutGroupPolicy", - "description": "Grants permission to create or update an inline policy document that is embedded in the specified IAM group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutGroupPolicy.html" - }, - "PutRolePermissionsBoundary": { - "privilege": "PutRolePermissionsBoundary", - "description": "Grants permission to set a managed policy as a permissions boundary for a role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePermissionsBoundary.html" - }, - "PutRolePolicy": { - "privilege": "PutRolePolicy", - "description": "Grants permission to create or update an inline policy document that is embedded in the specified IAM role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html" - }, - "PutUserPermissionsBoundary": { - "privilege": "PutUserPermissionsBoundary", - "description": "Grants permission to set a managed policy as a permissions boundary for an IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPermissionsBoundary.html" - }, - "PutUserPolicy": { - "privilege": "PutUserPolicy", - "description": "Grants permission to create or update an inline policy document that is embedded in the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iam:PermissionsBoundary" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPolicy.html" - }, - "RemoveClientIDFromOpenIDConnectProvider": { - "privilege": "RemoveClientIDFromOpenIDConnectProvider", - "description": "Grants permission to remove the client ID (audience) from the list of client IDs in the specified IAM OpenID Connect (OIDC) provider resource", - "access_level": "Permissions management", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveClientIDFromOpenIDConnectProvider.html" - }, - "RemoveRoleFromInstanceProfile": { - "privilege": "RemoveRoleFromInstanceProfile", - "description": "Grants permission to remove an IAM role from the specified EC2 instance profile", - "access_level": "Permissions management", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveRoleFromInstanceProfile.html" - }, - "RemoveUserFromGroup": { - "privilege": "RemoveUserFromGroup", - "description": "Grants permission to remove an IAM user from the specified group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveUserFromGroup.html" - }, - "ResetServiceSpecificCredential": { - "privilege": "ResetServiceSpecificCredential", - "description": "Grants permission to reset the password for an existing service-specific credential for an IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ResetServiceSpecificCredential.html" - }, - "ResyncMFADevice": { - "privilege": "ResyncMFADevice", - "description": "Grants permission to synchronize the specified MFA device with its IAM entity (user or role)", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ResyncMFADevice.html" - }, - "SetDefaultPolicyVersion": { - "privilege": "SetDefaultPolicyVersion", - "description": "Grants permission to set the version of the specified policy as the policy's default version", - "access_level": "Permissions management", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SetDefaultPolicyVersion.html" - }, - "SetSTSRegionalEndpointStatus": { - "privilege": "SetSTSRegionalEndpointStatus", - "description": "Grants permission to activate or deactivate an STS regional endpoint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html" - }, - "SetSecurityTokenServicePreferences": { - "privilege": "SetSecurityTokenServicePreferences", - "description": "Grants permission to set the STS global endpoint token version", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SetSecurityTokenServicePreferences.html" - }, - "SimulateCustomPolicy": { - "privilege": "SimulateCustomPolicy", - "description": "Grants permission to simulate whether an identity-based policy or resource-based policy provides permissions for specific API operations and resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulateCustomPolicy.html" - }, - "SimulatePrincipalPolicy": { - "privilege": "SimulatePrincipalPolicy", - "description": "Grants permission to simulate whether an identity-based policy that is attached to a specified IAM entity (user or role) provides permissions for specific API operations and resources", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "role": { - "resource_type": "role", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html" - }, - "TagInstanceProfile": { - "privilege": "TagInstanceProfile", - "description": "Grants permission to add tags to an instance profile", - "access_level": "Tagging", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagInstanceProfile.html" - }, - "TagMFADevice": { - "privilege": "TagMFADevice", - "description": "Grants permission to add tags to a virtual mfa device", - "access_level": "Tagging", - "resource_types": { - "mfa": { - "resource_type": "mfa", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagMFADevice.html" - }, - "TagOpenIDConnectProvider": { - "privilege": "TagOpenIDConnectProvider", - "description": "Grants permission to add tags to an OpenID Connect provider", - "access_level": "Tagging", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagOpenIDConnectProvider.html" - }, - "TagPolicy": { - "privilege": "TagPolicy", - "description": "Grants permission to add tags to a managed policy", - "access_level": "Tagging", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagPolicy.html" - }, - "TagRole": { - "privilege": "TagRole", - "description": "Grants permission to add tags to an IAM role", - "access_level": "Tagging", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagRole.html" - }, - "TagSAMLProvider": { - "privilege": "TagSAMLProvider", - "description": "Grants permission to add tags to a SAML Provider", - "access_level": "Tagging", - "resource_types": { - "saml-provider": { - "resource_type": "saml-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagSAMLProvider.html" - }, - "TagServerCertificate": { - "privilege": "TagServerCertificate", - "description": "Grants permission to add tags to a server certificate", - "access_level": "Tagging", - "resource_types": { - "server-certificate": { - "resource_type": "server-certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagServerCertificate.html" - }, - "TagUser": { - "privilege": "TagUser", - "description": "Grants permission to add tags to an IAM user", - "access_level": "Tagging", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagUser.html" - }, - "UntagInstanceProfile": { - "privilege": "UntagInstanceProfile", - "description": "Grants permission to remove the specified tags from the instance profile", - "access_level": "Tagging", - "resource_types": { - "instance-profile": { - "resource_type": "instance-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagInstanceProfile.html" - }, - "UntagMFADevice": { - "privilege": "UntagMFADevice", - "description": "Grants permission to remove the specified tags from the virtual mfa device", - "access_level": "Tagging", - "resource_types": { - "mfa": { - "resource_type": "mfa", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagMFADevice.html" - }, - "UntagOpenIDConnectProvider": { - "privilege": "UntagOpenIDConnectProvider", - "description": "Grants permission to remove the specified tags from the OpenID Connect provider", - "access_level": "Tagging", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagOpenIDConnectProvider.html" - }, - "UntagPolicy": { - "privilege": "UntagPolicy", - "description": "Grants permission to remove the specified tags from the managed policy", - "access_level": "Tagging", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagPolicy.html" - }, - "UntagRole": { - "privilege": "UntagRole", - "description": "Grants permission to remove the specified tags from the role", - "access_level": "Tagging", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagRole.html" - }, - "UntagSAMLProvider": { - "privilege": "UntagSAMLProvider", - "description": "Grants permission to remove the specified tags from the SAML Provider", - "access_level": "Tagging", - "resource_types": { - "saml-provider": { - "resource_type": "saml-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagSAMLProvider.html" - }, - "UntagServerCertificate": { - "privilege": "UntagServerCertificate", - "description": "Grants permission to remove the specified tags from the server certificate", - "access_level": "Tagging", - "resource_types": { - "server-certificate": { - "resource_type": "server-certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagServerCertificate.html" - }, - "UntagUser": { - "privilege": "UntagUser", - "description": "Grants permission to remove the specified tags from the user", - "access_level": "Tagging", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagUser.html" - }, - "UpdateAccessKey": { - "privilege": "UpdateAccessKey", - "description": "Grants permission to update the status of the specified access key as Active or Inactive", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccessKey.html" - }, - "UpdateAccountEmailAddress": { - "privilege": "UpdateAccountEmailAddress", - "description": "Grants permission to update the email address that is associated with the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" - }, - "UpdateAccountName": { - "privilege": "UpdateAccountName", - "description": "Grants permission to update the account name that is associated with the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" - }, - "UpdateAccountPasswordPolicy": { - "privilege": "UpdateAccountPasswordPolicy", - "description": "Grants permission to update the password policy settings for the AWS account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccountPasswordPolicy.html" - }, - "UpdateAssumeRolePolicy": { - "privilege": "UpdateAssumeRolePolicy", - "description": "Grants permission to update the policy that grants an IAM entity permission to assume a role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html" - }, - "UpdateCloudFrontPublicKey": { - "privilege": "UpdateCloudFrontPublicKey", - "description": "Grants permission to update an existing CloudFront public key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to update the name or path of the specified IAM group", - "access_level": "Permissions management", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateGroup.html" - }, - "UpdateLoginProfile": { - "privilege": "UpdateLoginProfile", - "description": "Grants permission to change the password for the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateLoginProfile.html" - }, - "UpdateOpenIDConnectProviderThumbprint": { - "privilege": "UpdateOpenIDConnectProviderThumbprint", - "description": "Grants permission to update the entire list of server certificate thumbprints that are associated with an OpenID Connect (OIDC) provider resource", - "access_level": "Permissions management", - "resource_types": { - "oidc-provider": { - "resource_type": "oidc-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateOpenIDConnectProviderThumbprint.html" - }, - "UpdateRole": { - "privilege": "UpdateRole", - "description": "Grants permission to update the description or maximum session duration setting of a role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateRole.html" - }, - "UpdateRoleDescription": { - "privilege": "UpdateRoleDescription", - "description": "Grants permission to update only the description of a role", - "access_level": "Permissions management", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateRoleDescription.html" - }, - "UpdateSAMLProvider": { - "privilege": "UpdateSAMLProvider", - "description": "Grants permission to update the metadata document for an existing SAML provider resource", - "access_level": "Permissions management", - "resource_types": { - "saml-provider": { - "resource_type": "saml-provider", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSAMLProvider.html" - }, - "UpdateSSHPublicKey": { - "privilege": "UpdateSSHPublicKey", - "description": "Grants permission to update the status of an IAM user's SSH public key to active or inactive", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSSHPublicKey.html" - }, - "UpdateServerCertificate": { - "privilege": "UpdateServerCertificate", - "description": "Grants permission to update the name or the path of the specified server certificate stored in IAM", - "access_level": "Permissions management", - "resource_types": { - "server-certificate": { - "resource_type": "server-certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateServerCertificate.html" - }, - "UpdateServiceSpecificCredential": { - "privilege": "UpdateServiceSpecificCredential", - "description": "Grants permission to update the status of a service-specific credential to active or inactive for an IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateServiceSpecificCredential.html" - }, - "UpdateSigningCertificate": { - "privilege": "UpdateSigningCertificate", - "description": "Grants permission to update the status of the specified user signing certificate to active or disabled", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSigningCertificate.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update the name or the path of the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateUser.html" - }, - "UploadCloudFrontPublicKey": { - "privilege": "UploadCloudFrontPublicKey", - "description": "Grants permission to upload a CloudFront public key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" - }, - "UploadSSHPublicKey": { - "privilege": "UploadSSHPublicKey", - "description": "Grants permission to upload an SSH public key and associate it with the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadSSHPublicKey.html" - }, - "UploadServerCertificate": { - "privilege": "UploadServerCertificate", - "description": "Grants permission to upload a server certificate entity for the AWS account", - "access_level": "Permissions management", - "resource_types": { - "server-certificate": { - "resource_type": "server-certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadServerCertificate.html" - }, - "UploadSigningCertificate": { - "privilege": "UploadSigningCertificate", - "description": "Grants permission to upload an X.509 signing certificate and associate it with the specified IAM user", - "access_level": "Permissions management", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadSigningCertificate.html" - }, - "GetMFADevice": { - "privilege": "GetMFADevice", - "description": "Grants permission to retrieve information about an MFA device for the specified user", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetMFADevice.html" - } - }, - "resources": { - "access-report": { - "resource": "access-report", - "arn": "arn:${Partition}:iam::${Account}:access-report/${EntityPath}", - "condition_keys": [] - }, - "assumed-role": { - "resource": "assumed-role", - "arn": "arn:${Partition}:iam::${Account}:assumed-role/${RoleName}/${RoleSessionName}", - "condition_keys": [] - }, - "federated-user": { - "resource": "federated-user", - "arn": "arn:${Partition}:iam::${Account}:federated-user/${UserName}", - "condition_keys": [] - }, - "group": { - "resource": "group", - "arn": "arn:${Partition}:iam::${Account}:group/${GroupNameWithPath}", - "condition_keys": [] - }, - "instance-profile": { - "resource": "instance-profile", - "arn": "arn:${Partition}:iam::${Account}:instance-profile/${InstanceProfileNameWithPath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "mfa": { - "resource": "mfa", - "arn": "arn:${Partition}:iam::${Account}:mfa/${MfaTokenIdWithPath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "oidc-provider": { - "resource": "oidc-provider", - "arn": "arn:${Partition}:iam::${Account}:oidc-provider/${OidcProviderName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "policy": { - "resource": "policy", - "arn": "arn:${Partition}:iam::${Account}:policy/${PolicyNameWithPath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "role": { - "resource": "role", - "arn": "arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "iam:ResourceTag/${TagKey}" - ] - }, - "saml-provider": { - "resource": "saml-provider", - "arn": "arn:${Partition}:iam::${Account}:saml-provider/${SamlProviderName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "server-certificate": { - "resource": "server-certificate", - "arn": "arn:${Partition}:iam::${Account}:server-certificate/${CertificateNameWithPath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "sms-mfa": { - "resource": "sms-mfa", - "arn": "arn:${Partition}:iam::${Account}:sms-mfa/${MfaTokenIdWithPath}", - "condition_keys": [] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:iam::${Account}:user/${UserNameWithPath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "iam:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "iam:AWSServiceName": { - "condition": "iam:AWSServiceName", - "description": "Filters access by the AWS service to which this role is attached", - "type": "String" - }, - "iam:AssociatedResourceArn": { - "condition": "iam:AssociatedResourceArn", - "description": "Filters by the resource that the role will be used on behalf of", - "type": "ARN" - }, - "iam:OrganizationsPolicyId": { - "condition": "iam:OrganizationsPolicyId", - "description": "Filters access by the ID of an AWS Organizations policy", - "type": "String" - }, - "iam:PassedToService": { - "condition": "iam:PassedToService", - "description": "Filters access by the AWS service to which this role is passed", - "type": "String" - }, - "iam:PermissionsBoundary": { - "condition": "iam:PermissionsBoundary", - "description": "Filters access if the specified policy is set as the permissions boundary on the IAM entity (user or role)", - "type": "String" - }, - "iam:PolicyARN": { - "condition": "iam:PolicyARN", - "description": "Filters access by the ARN of an IAM policy", - "type": "ARN" - }, - "iam:ResourceTag/${TagKey}": { - "condition": "iam:ResourceTag/${TagKey}", - "description": "Filters access by the tags attached to an IAM entity (user or role)", - "type": "String" - }, - "iam:FIDO-FIPS-140-2-certification": { - "condition": "iam:FIDO-FIPS-140-2-certification", - "description": "Filters access by the MFA device FIPS-140-2 validation certification level at the time of registration of a FIDO security key", - "type": "String" - }, - "iam:FIDO-FIPS-140-3-certification": { - "condition": "iam:FIDO-FIPS-140-3-certification", - "description": "Filters access by the MFA device FIPS-140-3 validation certification level at the time of registration of a FIDO security key", - "type": "String" - }, - "iam:FIDO-certification": { - "condition": "iam:FIDO-certification", - "description": "Filters access by the MFA device FIDO certification level at the time of registration of a FIDO security key", - "type": "String" - }, - "iam:RegisterSecurityKey": { - "condition": "iam:RegisterSecurityKey", - "description": "Filters access by the current state of MFA device enablement", - "type": "String" - } - } - }, - "rolesanywhere": { - "service_name": "AWS Identity and Access Management Roles Anywhere", - "prefix": "rolesanywhere", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentityandaccessmanagementrolesanywhere.html", - "privileges": { - "CreateProfile": { - "privilege": "CreateProfile", - "description": "Grants permission to create a profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateProfile.html" - }, - "CreateTrustAnchor": { - "privilege": "CreateTrustAnchor", - "description": "Grants permission to create a trust anchor", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateTrustAnchor.html" - }, - "DeleteCrl": { - "privilege": "DeleteCrl", - "description": "Grants permission to delete a certificate revocation list (crl)", - "access_level": "Write", - "resource_types": { - "crl": { - "resource_type": "crl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DeleteCrl.html" - }, - "DeleteProfile": { - "privilege": "DeleteProfile", - "description": "Grants permission to delete a profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DeleteProfile.html" - }, - "DeleteTrustAnchor": { - "privilege": "DeleteTrustAnchor", - "description": "Grants permission to delete a trust anchor", - "access_level": "Write", - "resource_types": { - "trust-anchor": { - "resource_type": "trust-anchor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DeleteTrustAnchor.html" - }, - "DisableCrl": { - "privilege": "DisableCrl", - "description": "Grants permission to disable a certificate revocation list (crl)", - "access_level": "Write", - "resource_types": { - "crl": { - "resource_type": "crl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DisableCrl.html" - }, - "DisableProfile": { - "privilege": "DisableProfile", - "description": "Grants permission to disable a profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DisableProfile.html" - }, - "DisableTrustAnchor": { - "privilege": "DisableTrustAnchor", - "description": "Grants permission to disable a trust anchor", - "access_level": "Write", - "resource_types": { - "trust-anchor": { - "resource_type": "trust-anchor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DisableTrustAnchor.html" - }, - "EnableCrl": { - "privilege": "EnableCrl", - "description": "Grants permission to enable a certificate revocation list (crl)", - "access_level": "Write", - "resource_types": { - "crl": { - "resource_type": "crl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_EnableCrl.html" - }, - "EnableProfile": { - "privilege": "EnableProfile", - "description": "Grants permission to enable a profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_EnableProfile.html" - }, - "EnableTrustAnchor": { - "privilege": "EnableTrustAnchor", - "description": "Grants permission to enable a trust anchor", - "access_level": "Write", - "resource_types": { - "trust-anchor": { - "resource_type": "trust-anchor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_EnableTrustAnchor.html" - }, - "GetCrl": { - "privilege": "GetCrl", - "description": "Grants permission to get a certificate revocation list (crl)", - "access_level": "Read", - "resource_types": { - "crl": { - "resource_type": "crl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetCrl.html" - }, - "GetProfile": { - "privilege": "GetProfile", - "description": "Grants permission to get a profile", - "access_level": "Read", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetProfile.html" - }, - "GetSubject": { - "privilege": "GetSubject", - "description": "Grants permission to get a subject", - "access_level": "Read", - "resource_types": { - "subject": { - "resource_type": "subject", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetSubject.html" - }, - "GetTrustAnchor": { - "privilege": "GetTrustAnchor", - "description": "Grants permission to get a trust anchor", - "access_level": "Read", - "resource_types": { - "trust-anchor": { - "resource_type": "trust-anchor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetTrustAnchor.html" - }, - "ImportCrl": { - "privilege": "ImportCrl", - "description": "Grants permission to import a certificate revocation list (crl)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ImportCrl.html" - }, - "ListCrls": { - "privilege": "ListCrls", - "description": "Grants permission to list certificate revocation lists (crls)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListCrls.html" - }, - "ListProfiles": { - "privilege": "ListProfiles", - "description": "Grants permission to list profiles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListProfiles.html" - }, - "ListSubjects": { - "privilege": "ListSubjects", - "description": "Grants permission to list subjects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListSubjects.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTrustAnchors": { - "privilege": "ListTrustAnchors", - "description": "Grants permission to list trust anchors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListTrustAnchors.html" - }, - "PutNotificationSettings": { - "privilege": "PutNotificationSettings", - "description": "Grants permission to attach notification settings to a trust anchor", - "access_level": "Write", - "resource_types": { - "trust-anchor": { - "resource_type": "trust-anchor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_PutNotificationSettings.html" - }, - "ResetNotificationSettings": { - "privilege": "ResetNotificationSettings", - "description": "Grants permission to reset custom notification settings to IAM Roles Anywhere defined default state", - "access_level": "Write", - "resource_types": { - "trust-anchor": { - "resource_type": "trust-anchor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ResetNotificationSettings.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "crl": { - "resource_type": "crl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subject": { - "resource_type": "subject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trust-anchor": { - "resource_type": "trust-anchor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "crl": { - "resource_type": "crl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "subject": { - "resource_type": "subject", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "trust-anchor": { - "resource_type": "trust-anchor", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UntagResource.html" - }, - "UpdateCrl": { - "privilege": "UpdateCrl", - "description": "Grants permission to update a certificate revocation list (crl)", - "access_level": "Write", - "resource_types": { - "crl": { - "resource_type": "crl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UpdateCrl.html" - }, - "UpdateProfile": { - "privilege": "UpdateProfile", - "description": "Grants permission to update a profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UpdateProfile.html" - }, - "UpdateTrustAnchor": { - "privilege": "UpdateTrustAnchor", - "description": "Grants permission to update a trust anchor", - "access_level": "Write", - "resource_types": { - "trust-anchor": { - "resource_type": "trust-anchor", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UpdateTrustAnchor.html" - } - }, - "resources": { - "trust-anchor": { - "resource": "trust-anchor", - "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:trust-anchor/${TrustAnchorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "profile": { - "resource": "profile", - "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:profile/${ProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "subject": { - "resource": "subject", - "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:subject/${SubjectId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "crl": { - "resource": "crl", - "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:crl/${CrlId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "identitystore": { - "service_name": "AWS Identity Store", - "prefix": "identitystore", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentitystore.html", - "privileges": { - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a group in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroup.html" - }, - "CreateGroupMembership": { - "privilege": "CreateGroupMembership", - "description": "Grants permission to create a member to a group in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroupMembership.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to create a user in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateUser.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete a group in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroup.html" - }, - "DeleteGroupMembership": { - "privilege": "DeleteGroupMembership", - "description": "Grants permission to remove a member that is part of a group in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "GroupMembership": { - "resource_type": "GroupMembership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroupMembership.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteUser.html" - }, - "DescribeGroup": { - "privilege": "DescribeGroup", - "description": "Grants permission to retrieve information about a group in the specified IdentityStore", - "access_level": "Read", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeGroup.html" - }, - "DescribeGroupMembership": { - "privilege": "DescribeGroupMembership", - "description": "Grants permission to retrieve information about a member that is part of a group in the specified IdentityStore", - "access_level": "Read", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "GroupMembership": { - "resource_type": "GroupMembership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeGroupMembership.html" - }, - "DescribeUser": { - "privilege": "DescribeUser", - "description": "Grants permission to retrieve information about user in the specified IdentityStore", - "access_level": "Read", - "resource_types": { - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeUser.html" - }, - "GetGroupId": { - "privilege": "GetGroupId", - "description": "Grants permission to retrieve ID information about group in the specified IdentityStore", - "access_level": "Read", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetGroupId.html" - }, - "GetGroupMembershipId": { - "privilege": "GetGroupMembershipId", - "description": "Grants permission to retrieve ID information of a member which is part of a group in the specified IdentityStore", - "access_level": "Read", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "GroupMembership": { - "resource_type": "GroupMembership", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetGroupMembershipId.html" - }, - "GetUserId": { - "privilege": "GetUserId", - "description": "Grants permission to retrieves ID information about user in the specified IdentityStore", - "access_level": "Read", - "resource_types": { - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.html" - }, - "IsMemberInGroups": { - "privilege": "IsMemberInGroups", - "description": "Grants permission to check if a member is a part of groups in the specified IdentityStore", - "access_level": "Read", - "resource_types": { - "AllGroupMemberships": { - "resource_type": "AllGroupMemberships", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_IsMemberInGroups.html" - }, - "ListGroupMemberships": { - "privilege": "ListGroupMemberships", - "description": "Grants permission to retrieve all members that are part of a group in the specified IdentityStore", - "access_level": "List", - "resource_types": { - "AllGroupMemberships": { - "resource_type": "AllGroupMemberships", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMemberships.html" - }, - "ListGroupMembershipsForMember": { - "privilege": "ListGroupMembershipsForMember", - "description": "Grants permission to list groups of the target member in the specified IdentityStore", - "access_level": "List", - "resource_types": { - "AllGroupMemberships": { - "resource_type": "AllGroupMemberships", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMembershipsForMember.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to search for groups within the specified IdentityStore", - "access_level": "List", - "resource_types": { - "AllGroups": { - "resource_type": "AllGroups", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroups.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to search for users in the specified IdentityStore", - "access_level": "List", - "resource_types": { - "AllUsers": { - "resource_type": "AllUsers", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListUsers.html" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to update information about a group in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Group": { - "resource_type": "Group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_UpdateGroup.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update user information in the specified IdentityStore", - "access_level": "Write", - "resource_types": { - "Identitystore": { - "resource_type": "Identitystore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "User": { - "resource_type": "User", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_UpdateUser.html" - } - }, - "resources": { - "Identitystore": { - "resource": "Identitystore", - "arn": "arn:${Partition}:identitystore::${Account}:identitystore/${IdentityStoreId}", - "condition_keys": [] - }, - "User": { - "resource": "User", - "arn": "arn:${Partition}:identitystore:::user/${UserId}", - "condition_keys": [] - }, - "Group": { - "resource": "Group", - "arn": "arn:${Partition}:identitystore:::group/${GroupId}", - "condition_keys": [] - }, - "GroupMembership": { - "resource": "GroupMembership", - "arn": "arn:${Partition}:identitystore:::membership/${MembershipId}", - "condition_keys": [] - }, - "AllUsers": { - "resource": "AllUsers", - "arn": "arn:${Partition}:identitystore:::user/*", - "condition_keys": [] - }, - "AllGroups": { - "resource": "AllGroups", - "arn": "arn:${Partition}:identitystore:::group/*", - "condition_keys": [] - }, - "AllGroupMemberships": { - "resource": "AllGroupMemberships", - "arn": "arn:${Partition}:identitystore:::membership/*", - "condition_keys": [] - } - }, - "conditions": {} - }, - "identitystore-auth": { - "service_name": "AWS Identity Store Auth", - "prefix": "identitystore-auth", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentitystoreauth.html", - "privileges": { - "BatchDeleteSession": { - "privilege": "BatchDeleteSession", - "description": "Grants permission to delete a batch of specified sessions", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-app-session.html" - }, - "BatchGetSession": { - "privilege": "BatchGetSession", - "description": "Grants permission to return session attributes for a batch of specified sessions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-app-session.html" - }, - "ListSessions": { - "privilege": "ListSessions", - "description": "Grants permission to retrieve a list of active sessions for the specified user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-app-session.html" - } - }, - "resources": {}, - "conditions": {} - }, - "identity-sync": { - "service_name": "AWS Identity Sync", - "prefix": "identity-sync", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentitysync.html", - "privileges": { - "CreateSyncFilter": { - "privilege": "CreateSyncFilter", - "description": "Grants permission to create a sync filter on the sync profile", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "CreateSyncProfile": { - "privilege": "CreateSyncProfile", - "description": "Grants permission to create a sync profile for the source", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "ds:AuthorizeApplication" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "CreateSyncTarget": { - "privilege": "CreateSyncTarget", - "description": "Grants permission to create a sync target for the source", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "DeleteSyncFilter": { - "privilege": "DeleteSyncFilter", - "description": "Grants permission to delete a sync filter on the sync profile", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "DeleteSyncProfile": { - "privilege": "DeleteSyncProfile", - "description": "Grants permission to delete a sync profile on the source", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ds:UnauthorizeApplication" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "DeleteSyncTarget": { - "privilege": "DeleteSyncTarget", - "description": "Grants permission to delete a sync target on the source", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SyncTargetResource": { - "resource_type": "SyncTargetResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "GetSyncProfile": { - "privilege": "GetSyncProfile", - "description": "Grants permission to retrieve a sync profile using sync profile name", - "access_level": "Read", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "GetSyncTarget": { - "privilege": "GetSyncTarget", - "description": "Grants permission to retrieve a sync target on the sync profile", - "access_level": "Read", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SyncTargetResource": { - "resource_type": "SyncTargetResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "ListSyncFilters": { - "privilege": "ListSyncFilters", - "description": "Grants permission to list the sync filters on the sync profile", - "access_level": "List", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "StartSync": { - "privilege": "StartSync", - "description": "Grants permission to start a synchronization process or to restart a synchronization that was previously stopped", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "StopSync": { - "privilege": "StopSync", - "description": "Grants permission to stop any planned synchronizations in the synchronization schedule from starting", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - }, - "UpdateSyncTarget": { - "privilege": "UpdateSyncTarget", - "description": "Grants permission to update a sync target on the sync profile", - "access_level": "Write", - "resource_types": { - "SyncProfileResource": { - "resource_type": "SyncProfileResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "SyncTargetResource": { - "resource_type": "SyncTargetResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" - } - }, - "resources": { - "SyncProfileResource": { - "resource": "SyncProfileResource", - "arn": "^arn:${Partition}:identity-sync:${Region}:${Account}:profile/${SyncProfileName}", - "condition_keys": [] - }, - "SyncTargetResource": { - "resource": "SyncTargetResource", - "arn": "^arn:${Partition}:identity-sync:${Region}:${Account}:target/${SyncProfileName}/${SyncTargetName}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "importexport": { - "service_name": "AWS Import Export Disk Service", - "prefix": "importexport", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsimportexportdiskservice.html", - "privileges": { - "CancelJob": { - "privilege": "CancelJob", - "description": "This action cancels a specified job. Only the job owner can cancel it. The action fails if the job has already started or is complete.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebCancelJob.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "This action initiates the process of scheduling an upload or download of your data.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebCreateJob.html" - }, - "GetShippingLabel": { - "privilege": "GetShippingLabel", - "description": "This action generates a pre-paid shipping label that you will use to ship your device to AWS for processing.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebGetShippingLabel.html" - }, - "GetStatus": { - "privilege": "GetStatus", - "description": "This action returns information about a job, including where the job is in the processing pipeline, the status of the results, and the signature value associated with the job.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebGetStatus.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "This action returns the jobs associated with the requester.", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebListJobs.html" - }, - "UpdateJob": { - "privilege": "UpdateJob", - "description": "You use this action to change the parameters specified in the original manifest file by supplying a new manifest file.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebUpdateJob.html" - } - }, - "resources": {}, - "conditions": {} - }, - "invoicing": { - "service_name": "AWS Invoicing Service", - "prefix": "invoicing", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsinvoicingservice.html", - "privileges": { - "GetInvoiceEmailDeliveryPreferences": { - "privilege": "GetInvoiceEmailDeliveryPreferences", - "description": "Grants permission to get Invoice Email Delivery Preferences", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetInvoicePDF": { - "privilege": "GetInvoicePDF", - "description": "Grants permission to get Invoice PDF", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ListInvoiceSummaries": { - "privilege": "ListInvoiceSummaries", - "description": "Grants permission to get Invoice summary information for your account or linked account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "PutInvoiceEmailDeliveryPreferences": { - "privilege": "PutInvoiceEmailDeliveryPreferences", - "description": "Grants permission to put Invoice Email Delivery Preferences", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - } - }, - "resources": {}, - "conditions": {} - }, - "iot": { - "service_name": "AWS IoT", - "prefix": "iot", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html", - "privileges": { - "AcceptCertificateTransfer": { - "privilege": "AcceptCertificateTransfer", - "description": "Grants permission to accept a pending certificate transfer", - "access_level": "Write", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AcceptCertificateTransfer.html" - }, - "AddThingToBillingGroup": { - "privilege": "AddThingToBillingGroup", - "description": "Grants permission to add a thing to the specified billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToBillingGroup.html" - }, - "AddThingToThingGroup": { - "privilege": "AddThingToThingGroup", - "description": "Grants permission to add a thing to the specified thing group", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToThingGroup.html" - }, - "AssociateTargetsWithJob": { - "privilege": "AssociateTargetsWithJob", - "description": "Grants permission to associate a group with a continuous job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateTargetsWithJob.html" - }, - "AttachPolicy": { - "privilege": "AttachPolicy", - "description": "Grants permission to attach a policy to the specified target", - "access_level": "Permissions management", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPolicy.html" - }, - "AttachPrincipalPolicy": { - "privilege": "AttachPrincipalPolicy", - "description": "Grants permission to attach the specified policy to the specified principal (certificate or other credential)", - "access_level": "Permissions management", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPrincipalPolicy.html" - }, - "AttachSecurityProfile": { - "privilege": "AttachSecurityProfile", - "description": "Grants permission to associate a Device Defender security profile with a thing group or with this account", - "access_level": "Write", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachSecurityProfile.html" - }, - "AttachThingPrincipal": { - "privilege": "AttachThingPrincipal", - "description": "Grants permission to attach the specified principal to the specified thing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachThingPrincipal.html" - }, - "CancelAuditMitigationActionsTask": { - "privilege": "CancelAuditMitigationActionsTask", - "description": "Grants permission to cancel a mitigation action task that is in progress", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditMitigationActionsTask.html" - }, - "CancelAuditTask": { - "privilege": "CancelAuditTask", - "description": "Grants permission to cancel an audit that is in progress. The audit can be either scheduled or on-demand", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditTask.html" - }, - "CancelCertificateTransfer": { - "privilege": "CancelCertificateTransfer", - "description": "Grants permission to cancel a pending transfer for the specified certificate", - "access_level": "Write", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelCertificateTransfer.html" - }, - "CancelDetectMitigationActionsTask": { - "privilege": "CancelDetectMitigationActionsTask", - "description": "Grants permission to cancel a Device Defender ML Detect mitigation action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelDetectMitigationActionsTask.html" - }, - "CancelJob": { - "privilege": "CancelJob", - "description": "Grants permission to cancel a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJob.html" - }, - "CancelJobExecution": { - "privilege": "CancelJobExecution", - "description": "Grants permission to cancel a job execution on a particular device", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJobExecution.html" - }, - "ClearDefaultAuthorizer": { - "privilege": "ClearDefaultAuthorizer", - "description": "Grants permission to clear the default authorizer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ClearDefaultAuthorizer.html" - }, - "CloseTunnel": { - "privilege": "CloseTunnel", - "description": "Grants permission to close a tunnel", - "access_level": "Write", - "resource_types": { - "tunnel": { - "resource_type": "tunnel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iot:Delete" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_CloseTunnel.html" - }, - "ConfirmTopicRuleDestination": { - "privilege": "ConfirmTopicRuleDestination", - "description": "Grants permission to confirm a http url TopicRuleDestinationDestination", - "access_level": "Write", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ConfirmTopicRuleDestination.html" - }, - "Connect": { - "privilege": "Connect", - "description": "Grants permission to connect as the specified client", - "access_level": "Write", - "resource_types": { - "client": { - "resource_type": "client", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "CreateAuditSuppression": { - "privilege": "CreateAuditSuppression", - "description": "Grants permission to create a Device Defender audit suppression", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuditSuppression.html" - }, - "CreateAuthorizer": { - "privilege": "CreateAuthorizer", - "description": "Grants permission to create an authorizer", - "access_level": "Write", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuthorizer.html" - }, - "CreateBillingGroup": { - "privilege": "CreateBillingGroup", - "description": "Grants permission to create a billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateBillingGroup.html" - }, - "CreateCertificateFromCsr": { - "privilege": "CreateCertificateFromCsr", - "description": "Grants permission to create an X.509 certificate using the specified certificate signing request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html" - }, - "CreateCustomMetric": { - "privilege": "CreateCustomMetric", - "description": "Grants permission to create a custom metric for device side metric reporting and monitoring", - "access_level": "Write", - "resource_types": { - "custommetric": { - "resource_type": "custommetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCustomMetric.html" - }, - "CreateDimension": { - "privilege": "CreateDimension", - "description": "Grants permission to define a dimension that can be used to to limit the scope of a metric used in a security profile", - "access_level": "Write", - "resource_types": { - "dimension": { - "resource_type": "dimension", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDimension.html" - }, - "CreateDomainConfiguration": { - "privilege": "CreateDomainConfiguration", - "description": "Grants permission to create a domain configuration", - "access_level": "Write", - "resource_types": { - "domainconfiguration": { - "resource_type": "domainconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "iot:DomainName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDomainConfiguration.html" - }, - "CreateDynamicThingGroup": { - "privilege": "CreateDynamicThingGroup", - "description": "Grants permission to create a Dynamic Thing Group", - "access_level": "Write", - "resource_types": { - "dynamicthinggroup": { - "resource_type": "dynamicthinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDynamicThingGroup.html" - }, - "CreateFleetMetric": { - "privilege": "CreateFleetMetric", - "description": "Grants permission to create a fleet metric", - "access_level": "Write", - "resource_types": { - "fleetmetric": { - "resource_type": "fleetmetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateFleetMetric.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Grants permission to create a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "jobtemplate": { - "resource_type": "jobtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJob.html" - }, - "CreateJobTemplate": { - "privilege": "CreateJobTemplate", - "description": "Grants permission to create a job template", - "access_level": "Write", - "resource_types": { - "jobtemplate": { - "resource_type": "jobtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJobTemplate.html" - }, - "CreateKeysAndCertificate": { - "privilege": "CreateKeysAndCertificate", - "description": "Grants permission to create a 2048 bit RSA key pair and issues an X.509 certificate using the issued public key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html" - }, - "CreateMitigationAction": { - "privilege": "CreateMitigationAction", - "description": "Grants permission to define an action that can be applied to audit findings by using StartAuditMitigationActionsTask", - "access_level": "Write", - "resource_types": { - "mitigationaction": { - "resource_type": "mitigationaction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateMitigationAction.html" - }, - "CreateOTAUpdate": { - "privilege": "CreateOTAUpdate", - "description": "Grants permission to create an OTA update job", - "access_level": "Write", - "resource_types": { - "otaupdate": { - "resource_type": "otaupdate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateOTAUpdate.html" - }, - "CreatePackage": { - "privilege": "CreatePackage", - "description": "Grants permission to create a software package that you can deploy to your devices", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:GetIndexingConfiguration" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackage.html" - }, - "CreatePackageVersion": { - "privilege": "CreatePackageVersion", - "description": "Grants permission to create a version under the specified package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:GetIndexingConfiguration" - ] - }, - "packageversion": { - "resource_type": "packageversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackageVersion.html" - }, - "CreatePolicy": { - "privilege": "CreatePolicy", - "description": "Grants permission to create an AWS IoT policy", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicy.html" - }, - "CreatePolicyVersion": { - "privilege": "CreatePolicyVersion", - "description": "Grants permission to create a new version of the specified AWS IoT policy", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicyVersion.html" - }, - "CreateProvisioningClaim": { - "privilege": "CreateProvisioningClaim", - "description": "Grants permission to create a provisioning claim", - "access_level": "Write", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningClaim.html" - }, - "CreateProvisioningTemplate": { - "privilege": "CreateProvisioningTemplate", - "description": "Grants permission to create a fleet provisioning template", - "access_level": "Write", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html" - }, - "CreateProvisioningTemplateVersion": { - "privilege": "CreateProvisioningTemplateVersion", - "description": "Grants permission to create a new version of a fleet provisioning template", - "access_level": "Write", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplateVersion.html" - }, - "CreateRoleAlias": { - "privilege": "CreateRoleAlias", - "description": "Grants permission to create a role alias", - "access_level": "Write", - "resource_types": { - "rolealias": { - "resource_type": "rolealias", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateRoleAlias.html" - }, - "CreateScheduledAudit": { - "privilege": "CreateScheduledAudit", - "description": "Grants permission to create a scheduled audit that is run at a specified time interval", - "access_level": "Write", - "resource_types": { - "scheduledaudit": { - "resource_type": "scheduledaudit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateScheduledAudit.html" - }, - "CreateSecurityProfile": { - "privilege": "CreateSecurityProfile", - "description": "Grants permission to create a Device Defender security profile", - "access_level": "Write", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateSecurityProfile.html" - }, - "CreateStream": { - "privilege": "CreateStream", - "description": "Grants permission to create a new AWS IoT stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateStream.html" - }, - "CreateThing": { - "privilege": "CreateThing", - "description": "Grants permission to create a thing in the thing registry", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "billinggroup": { - "resource_type": "billinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThing.html" - }, - "CreateThingGroup": { - "privilege": "CreateThingGroup", - "description": "Grants permission to create a thing group", - "access_level": "Write", - "resource_types": { - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingGroup.html" - }, - "CreateThingType": { - "privilege": "CreateThingType", - "description": "Grants permission to create a new thing type", - "access_level": "Write", - "resource_types": { - "thingtype": { - "resource_type": "thingtype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingType.html" - }, - "CreateTopicRule": { - "privilege": "CreateTopicRule", - "description": "Grants permission to create a rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRule.html" - }, - "CreateTopicRuleDestination": { - "privilege": "CreateTopicRuleDestination", - "description": "Grants permission to create a TopicRuleDestination", - "access_level": "Write", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRuleDestination.html" - }, - "DeleteAccountAuditConfiguration": { - "privilege": "DeleteAccountAuditConfiguration", - "description": "Grants permission to delete the audit configuration associated with the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAccountAuditConfiguration.html" - }, - "DeleteAuditSuppression": { - "privilege": "DeleteAuditSuppression", - "description": "Grants permission to delete a Device Defender audit suppression", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuditSuppression.html" - }, - "DeleteAuthorizer": { - "privilege": "DeleteAuthorizer", - "description": "Grants permission to delete the specified authorizer", - "access_level": "Write", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuthorizer.html" - }, - "DeleteBillingGroup": { - "privilege": "DeleteBillingGroup", - "description": "Grants permission to delete the specified billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteBillingGroup.html" - }, - "DeleteCACertificate": { - "privilege": "DeleteCACertificate", - "description": "Grants permission to delete a registered CA certificate", - "access_level": "Write", - "resource_types": { - "cacert": { - "resource_type": "cacert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCACertificate.html" - }, - "DeleteCertificate": { - "privilege": "DeleteCertificate", - "description": "Grants permission to delete the specified certificate", - "access_level": "Write", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificate.html" - }, - "DeleteCustomMetric": { - "privilege": "DeleteCustomMetric", - "description": "Grants permission to deletes the specified custom metric from your AWS account", - "access_level": "Write", - "resource_types": { - "custommetric": { - "resource_type": "custommetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCustomMetric.html" - }, - "DeleteDimension": { - "privilege": "DeleteDimension", - "description": "Grants permission to remove the specified dimension from your AWS account", - "access_level": "Write", - "resource_types": { - "dimension": { - "resource_type": "dimension", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDimension.html" - }, - "DeleteDomainConfiguration": { - "privilege": "DeleteDomainConfiguration", - "description": "Grants permission to delete a domain configuration", - "access_level": "Write", - "resource_types": { - "domainconfiguration": { - "resource_type": "domainconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDomainConfiguration.html" - }, - "DeleteDynamicThingGroup": { - "privilege": "DeleteDynamicThingGroup", - "description": "Grants permission to delete the specified Dynamic Thing Group", - "access_level": "Write", - "resource_types": { - "dynamicthinggroup": { - "resource_type": "dynamicthinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDynamicThingGroup.html" - }, - "DeleteFleetMetric": { - "privilege": "DeleteFleetMetric", - "description": "Grants permission to delete the specified fleet metric", - "access_level": "Write", - "resource_types": { - "fleetmetric": { - "resource_type": "fleetmetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteFleetMetric.html" - }, - "DeleteJob": { - "privilege": "DeleteJob", - "description": "Grants permission to delete a job and its related job executions", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJob.html" - }, - "DeleteJobExecution": { - "privilege": "DeleteJobExecution", - "description": "Grants permission to delete a job execution", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobExecution.html" - }, - "DeleteJobTemplate": { - "privilege": "DeleteJobTemplate", - "description": "Grants permission to delete a job template", - "access_level": "Write", - "resource_types": { - "jobtemplate": { - "resource_type": "jobtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobTemplate.html" - }, - "DeleteMitigationAction": { - "privilege": "DeleteMitigationAction", - "description": "Grants permission to delete a defined mitigation action from your AWS account", - "access_level": "Write", - "resource_types": { - "mitigationaction": { - "resource_type": "mitigationaction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteMitigationAction.html" - }, - "DeleteOTAUpdate": { - "privilege": "DeleteOTAUpdate", - "description": "Grants permission to delete an OTA update job", - "access_level": "Write", - "resource_types": { - "otaupdate": { - "resource_type": "otaupdate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteOTAUpdate.html" - }, - "DeletePackage": { - "privilege": "DeletePackage", - "description": "Grants permission to delete a package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackage.html" - }, - "DeletePackageVersion": { - "privilege": "DeletePackageVersion", - "description": "Grants permission to delete a version of the specified package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "packageversion": { - "resource_type": "packageversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackageVersion.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to delete the specified policy", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicy.html" - }, - "DeletePolicyVersion": { - "privilege": "DeletePolicyVersion", - "description": "Grants permission to Delete the specified version of the specified policy", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicyVersion.html" - }, - "DeleteProvisioningTemplate": { - "privilege": "DeleteProvisioningTemplate", - "description": "Grants permission to delete a fleet provisioning template", - "access_level": "Write", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplate.html" - }, - "DeleteProvisioningTemplateVersion": { - "privilege": "DeleteProvisioningTemplateVersion", - "description": "Grants permission to delete a fleet provisioning template version", - "access_level": "Write", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplateVersion.html" - }, - "DeleteRegistrationCode": { - "privilege": "DeleteRegistrationCode", - "description": "Grants permission to delete a CA certificate registration code", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRegistrationCode.html" - }, - "DeleteRoleAlias": { - "privilege": "DeleteRoleAlias", - "description": "Grants permission to delete the specified role alias", - "access_level": "Write", - "resource_types": { - "rolealias": { - "resource_type": "rolealias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRoleAlias.html" - }, - "DeleteScheduledAudit": { - "privilege": "DeleteScheduledAudit", - "description": "Grants permission to delete a scheduled audit", - "access_level": "Write", - "resource_types": { - "scheduledaudit": { - "resource_type": "scheduledaudit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteScheduledAudit.html" - }, - "DeleteSecurityProfile": { - "privilege": "DeleteSecurityProfile", - "description": "Grants permission to delete a Device Defender security profile", - "access_level": "Write", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteSecurityProfile.html" - }, - "DeleteStream": { - "privilege": "DeleteStream", - "description": "Grants permission to delete a specified stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteStream.html" - }, - "DeleteThing": { - "privilege": "DeleteThing", - "description": "Grants permission to delete the specified thing", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThing.html" - }, - "DeleteThingGroup": { - "privilege": "DeleteThingGroup", - "description": "Grants permission to delete the specified thing group", - "access_level": "Write", - "resource_types": { - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingGroup.html" - }, - "DeleteThingShadow": { - "privilege": "DeleteThingShadow", - "description": "Grants permission to delete the specified thing shadow", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "DeleteThingType": { - "privilege": "DeleteThingType", - "description": "Grants permission to delete the specified thing type", - "access_level": "Write", - "resource_types": { - "thingtype": { - "resource_type": "thingtype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingType.html" - }, - "DeleteTopicRule": { - "privilege": "DeleteTopicRule", - "description": "Grants permission to delete the specified rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRule.html" - }, - "DeleteTopicRuleDestination": { - "privilege": "DeleteTopicRuleDestination", - "description": "Grants permission to delete a TopicRuleDestination", - "access_level": "Write", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRuleDestination.html" - }, - "DeleteV2LoggingLevel": { - "privilege": "DeleteV2LoggingLevel", - "description": "Grants permission to delete the specified v2 logging level", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteV2LoggingLevel.html" - }, - "DeprecateThingType": { - "privilege": "DeprecateThingType", - "description": "Grants permission to deprecate the specified thing type", - "access_level": "Write", - "resource_types": { - "thingtype": { - "resource_type": "thingtype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeprecateThingType.html" - }, - "DescribeAccountAuditConfiguration": { - "privilege": "DescribeAccountAuditConfiguration", - "description": "Grants permission to get information about audit configurations for the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAccountAuditConfiguration.html" - }, - "DescribeAuditFinding": { - "privilege": "DescribeAuditFinding", - "description": "Grants permission to get information about a single audit finding. Properties include the reason for noncompliance, the severity of the issue, and when the audit that returned the finding was started", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditFinding.html" - }, - "DescribeAuditMitigationActionsTask": { - "privilege": "DescribeAuditMitigationActionsTask", - "description": "Grants permission to get information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditMitigationActionsTask.html" - }, - "DescribeAuditSuppression": { - "privilege": "DescribeAuditSuppression", - "description": "Grants permission to get information about a Device Defender audit suppression", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditSuppression.html" - }, - "DescribeAuditTask": { - "privilege": "DescribeAuditTask", - "description": "Grants permission to get information about a Device Defender audit", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditTask.html" - }, - "DescribeAuthorizer": { - "privilege": "DescribeAuthorizer", - "description": "Grants permission to describe an authorizer", - "access_level": "Read", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuthorizer.html" - }, - "DescribeBillingGroup": { - "privilege": "DescribeBillingGroup", - "description": "Grants permission to get information about the specified billing group", - "access_level": "Read", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeBillingGroup.html" - }, - "DescribeCACertificate": { - "privilege": "DescribeCACertificate", - "description": "Grants permission to describe a registered CA certificate", - "access_level": "Read", - "resource_types": { - "cacert": { - "resource_type": "cacert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCACertificate.html" - }, - "DescribeCertificate": { - "privilege": "DescribeCertificate", - "description": "Grants permission to get information about the specified certificate", - "access_level": "Read", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificate.html" - }, - "DescribeCustomMetric": { - "privilege": "DescribeCustomMetric", - "description": "Grants permission to describe a custom metric that is defined in your AWS account", - "access_level": "Read", - "resource_types": { - "custommetric": { - "resource_type": "custommetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCustomMetric.html" - }, - "DescribeDefaultAuthorizer": { - "privilege": "DescribeDefaultAuthorizer", - "description": "Grants permission to describe the default authorizer", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDefaultAuthorizer.html" - }, - "DescribeDetectMitigationActionsTask": { - "privilege": "DescribeDetectMitigationActionsTask", - "description": "Grants permission to describe a Device Defender ML Detect mitigation action", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDetectMitigationActionsTask.html" - }, - "DescribeDimension": { - "privilege": "DescribeDimension", - "description": "Grants permission to get details about a dimension that is defined in your AWS account", - "access_level": "Read", - "resource_types": { - "dimension": { - "resource_type": "dimension", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDimension.html" - }, - "DescribeDomainConfiguration": { - "privilege": "DescribeDomainConfiguration", - "description": "Grants permission to get information about the domain configuration", - "access_level": "Read", - "resource_types": { - "domainconfiguration": { - "resource_type": "domainconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDomainConfiguration.html" - }, - "DescribeEndpoint": { - "privilege": "DescribeEndpoint", - "description": "Grants permission to get a unique endpoint specific to the AWS account making the call", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEndpoint.html" - }, - "DescribeEventConfigurations": { - "privilege": "DescribeEventConfigurations", - "description": "Grants permission to get account event configurations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEventConfigurations.html" - }, - "DescribeFleetMetric": { - "privilege": "DescribeFleetMetric", - "description": "Grants permission to get information about the specified fleet metric", - "access_level": "Read", - "resource_types": { - "fleetmetric": { - "resource_type": "fleetmetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeFleetMetric.html" - }, - "DescribeIndex": { - "privilege": "DescribeIndex", - "description": "Grants permission to get information about the specified index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeIndex.html" - }, - "DescribeJob": { - "privilege": "DescribeJob", - "description": "Grants permission to describe a job", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJob.html" - }, - "DescribeJobExecution": { - "privilege": "DescribeJobExecution", - "description": "Grants permission to describe a job execution", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobExecution.html" - }, - "DescribeJobTemplate": { - "privilege": "DescribeJobTemplate", - "description": "Grants permission to describe a job template", - "access_level": "Read", - "resource_types": { - "jobtemplate": { - "resource_type": "jobtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobTemplate.html" - }, - "DescribeManagedJobTemplate": { - "privilege": "DescribeManagedJobTemplate", - "description": "Grants permission to describe a managed job template", - "access_level": "Read", - "resource_types": { - "jobtemplate": { - "resource_type": "jobtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeManagedJobTemplate.html" - }, - "DescribeMitigationAction": { - "privilege": "DescribeMitigationAction", - "description": "Grants permission to get information about a mitigation action", - "access_level": "Read", - "resource_types": { - "mitigationaction": { - "resource_type": "mitigationaction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeMitigationAction.html" - }, - "DescribeProvisioningTemplate": { - "privilege": "DescribeProvisioningTemplate", - "description": "Grants permission to get information about a fleet provisioning template", - "access_level": "Read", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplate.html" - }, - "DescribeProvisioningTemplateVersion": { - "privilege": "DescribeProvisioningTemplateVersion", - "description": "Grants permission to get information about a fleet provisioning template version", - "access_level": "Read", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplateVersion.html" - }, - "DescribeRoleAlias": { - "privilege": "DescribeRoleAlias", - "description": "Grants permission to describe a role alias", - "access_level": "Read", - "resource_types": { - "rolealias": { - "resource_type": "rolealias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeRoleAlias.html" - }, - "DescribeScheduledAudit": { - "privilege": "DescribeScheduledAudit", - "description": "Grants permission to get information about a scheduled audit", - "access_level": "Read", - "resource_types": { - "scheduledaudit": { - "resource_type": "scheduledaudit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeScheduledAudit.html" - }, - "DescribeSecurityProfile": { - "privilege": "DescribeSecurityProfile", - "description": "Grants permission to get information about a Device Defender security profile", - "access_level": "Read", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeSecurityProfile.html" - }, - "DescribeStream": { - "privilege": "DescribeStream", - "description": "Grants permission to get information about the specified stream", - "access_level": "Read", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeStream.html" - }, - "DescribeThing": { - "privilege": "DescribeThing", - "description": "Grants permission to get information about the specified thing", - "access_level": "Read", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThing.html" - }, - "DescribeThingGroup": { - "privilege": "DescribeThingGroup", - "description": "Grants permission to get information about the specified thing group", - "access_level": "Read", - "resource_types": { - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingGroup.html" - }, - "DescribeThingRegistrationTask": { - "privilege": "DescribeThingRegistrationTask", - "description": "Grants permission to get information about the bulk thing registration task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingRegistrationTask.html" - }, - "DescribeThingType": { - "privilege": "DescribeThingType", - "description": "Grants permission to get information about the specified thing type", - "access_level": "Read", - "resource_types": { - "thingtype": { - "resource_type": "thingtype", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingType.html" - }, - "DescribeTunnel": { - "privilege": "DescribeTunnel", - "description": "Grants permission to describe a tunnel", - "access_level": "Read", - "resource_types": { - "tunnel": { - "resource_type": "tunnel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_DescribeTunnel.html" - }, - "DetachPolicy": { - "privilege": "DetachPolicy", - "description": "Grants permission to detach a policy from the specified target", - "access_level": "Permissions management", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPolicy.html" - }, - "DetachPrincipalPolicy": { - "privilege": "DetachPrincipalPolicy", - "description": "Grants permission to remove the specified policy from the specified certificate", - "access_level": "Permissions management", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPrincipalPolicy.html" - }, - "DetachSecurityProfile": { - "privilege": "DetachSecurityProfile", - "description": "Grants permission to disassociate a Device Defender security profile from a thing group or from this account", - "access_level": "Write", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachSecurityProfile.html" - }, - "DetachThingPrincipal": { - "privilege": "DetachThingPrincipal", - "description": "Grants permission to detach the specified principal from the specified thing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachThingPrincipal.html" - }, - "DisableTopicRule": { - "privilege": "DisableTopicRule", - "description": "Grants permission to disable the specified rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DisableTopicRule.html" - }, - "EnableTopicRule": { - "privilege": "EnableTopicRule", - "description": "Grants permission to enable the specified rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_EnableTopicRule.html" - }, - "GetBehaviorModelTrainingSummaries": { - "privilege": "GetBehaviorModelTrainingSummaries", - "description": "Grants permission to fetch a Device Defender's ML Detect Security Profile training model's status", - "access_level": "List", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetBehaviorModelTrainingSummaries.html" - }, - "GetBucketsAggregation": { - "privilege": "GetBucketsAggregation", - "description": "Grants permission to get buckets aggregation for IoT fleet index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetBucketsAggregation.html" - }, - "GetCardinality": { - "privilege": "GetCardinality", - "description": "Grants permission to get cardinality for IoT fleet index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetCardinality.html" - }, - "GetEffectivePolicies": { - "privilege": "GetEffectivePolicies", - "description": "Grants permission to get effective policies", - "access_level": "Read", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetEffectivePolicies.html" - }, - "GetIndexingConfiguration": { - "privilege": "GetIndexingConfiguration", - "description": "Grants permission to get current fleet indexing configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetIndexingConfiguration.html" - }, - "GetJobDocument": { - "privilege": "GetJobDocument", - "description": "Grants permission to get a job document", - "access_level": "Read", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetJobDocument.html" - }, - "GetLoggingOptions": { - "privilege": "GetLoggingOptions", - "description": "Grants permission to get the logging options", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetLoggingOptions.html" - }, - "GetOTAUpdate": { - "privilege": "GetOTAUpdate", - "description": "Grants permission to get the information about the OTA update job", - "access_level": "Read", - "resource_types": { - "otaupdate": { - "resource_type": "otaupdate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetOTAUpdate.html" - }, - "GetPackage": { - "privilege": "GetPackage", - "description": "Grants permission to get the information about the package", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackage.html" - }, - "GetPackageConfiguration": { - "privilege": "GetPackageConfiguration", - "description": "Grants permission to get the package configuration of the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageConfiguration.html" - }, - "GetPackageVersion": { - "privilege": "GetPackageVersion", - "description": "Grants permission to get the version of the package", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "packageversion": { - "resource_type": "packageversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageVersion.html" - }, - "GetPercentiles": { - "privilege": "GetPercentiles", - "description": "Grants permission to get percentiles for IoT fleet index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPercentiles.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to get information about the specified policy with the policy document of the default version", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicy.html" - }, - "GetPolicyVersion": { - "privilege": "GetPolicyVersion", - "description": "Grants permission to get information about the specified policy version", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicyVersion.html" - }, - "GetRegistrationCode": { - "privilege": "GetRegistrationCode", - "description": "Grants permission to get a registration code used to register a CA certificate with AWS IoT", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetRegistrationCode.html" - }, - "GetRetainedMessage": { - "privilege": "GetRetainedMessage", - "description": "Grants permission to get the retained message on the specified topic", - "access_level": "Read", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "GetStatistics": { - "privilege": "GetStatistics", - "description": "Grants permission to get statistics for IoT fleet index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetStatistics.html" - }, - "GetThingShadow": { - "privilege": "GetThingShadow", - "description": "Grants permission to get the thing shadow", - "access_level": "Read", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "GetTopicRule": { - "privilege": "GetTopicRule", - "description": "Grants permission to get information about the specified rule", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRule.html" - }, - "GetTopicRuleDestination": { - "privilege": "GetTopicRuleDestination", - "description": "Grants permission to get a TopicRuleDestination", - "access_level": "Read", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRuleDestination.html" - }, - "GetV2LoggingOptions": { - "privilege": "GetV2LoggingOptions", - "description": "Grants permission to get v2 logging options", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetV2LoggingOptions.html" - }, - "ListActiveViolations": { - "privilege": "ListActiveViolations", - "description": "Grants permission to list the active violations for a given Device Defender security profile or Thing", - "access_level": "List", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListActiveViolations.html" - }, - "ListAttachedPolicies": { - "privilege": "ListAttachedPolicies", - "description": "Grants permission to list the policies attached to the specified thing group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAttachedPolicies.html" - }, - "ListAuditFindings": { - "privilege": "ListAuditFindings", - "description": "Grants permission to list the findings (results) of a Device Defender audit or of the audits performed during a specified time period", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditFindings.html" - }, - "ListAuditMitigationActionsExecutions": { - "privilege": "ListAuditMitigationActionsExecutions", - "description": "Grants permission to get the status of audit mitigation action tasks that were executed", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsExecutions.html" - }, - "ListAuditMitigationActionsTasks": { - "privilege": "ListAuditMitigationActionsTasks", - "description": "Grants permission to get a list of audit mitigation action tasks that match the specified filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsTasks.html" - }, - "ListAuditSuppressions": { - "privilege": "ListAuditSuppressions", - "description": "Grants permission to list your Device Defender audit suppressions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditSuppressions.html" - }, - "ListAuditTasks": { - "privilege": "ListAuditTasks", - "description": "Grants permission to list the Device Defender audits that have been performed during a given time period", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditTasks.html" - }, - "ListAuthorizers": { - "privilege": "ListAuthorizers", - "description": "Grants permission to list the authorizers registered in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuthorizers.html" - }, - "ListBillingGroups": { - "privilege": "ListBillingGroups", - "description": "Grants permission to list all billing groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListBillingGroups.html" - }, - "ListCACertificates": { - "privilege": "ListCACertificates", - "description": "Grants permission to list the CA certificates registered for your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCACertificates.html" - }, - "ListCertificates": { - "privilege": "ListCertificates", - "description": "Grants permission to list your certificates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificates.html" - }, - "ListCertificatesByCA": { - "privilege": "ListCertificatesByCA", - "description": "Grants permission to list the device certificates signed by the specified CA certificate", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificatesByCA.html" - }, - "ListCustomMetrics": { - "privilege": "ListCustomMetrics", - "description": "Grants permission to list the custom metrics in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCustomMetrics.html" - }, - "ListDetectMitigationActionsExecutions": { - "privilege": "ListDetectMitigationActionsExecutions", - "description": "Grants permission to lists mitigation actions executions for a Device Defender ML Detect Security Profile", - "access_level": "List", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsExecutions.html" - }, - "ListDetectMitigationActionsTasks": { - "privilege": "ListDetectMitigationActionsTasks", - "description": "Grants permission to list Device Defender ML Detect mitigation actions tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsTasks.html" - }, - "ListDimensions": { - "privilege": "ListDimensions", - "description": "Grants permission to list the dimensions that are defined for your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDimensions.html" - }, - "ListDomainConfigurations": { - "privilege": "ListDomainConfigurations", - "description": "Grants permission to list the domain configuration created by your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDomainConfigurations.html" - }, - "ListFleetMetrics": { - "privilege": "ListFleetMetrics", - "description": "Grants permission to list the fleet metrics in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListFleetMetrics.html" - }, - "ListIndices": { - "privilege": "ListIndices", - "description": "Grants permission to list all indices for fleet index", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListIndices.html" - }, - "ListJobExecutionsForJob": { - "privilege": "ListJobExecutionsForJob", - "description": "Grants permission to list the job executions for a job", - "access_level": "List", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForJob.html" - }, - "ListJobExecutionsForThing": { - "privilege": "ListJobExecutionsForThing", - "description": "Grants permission to list the job executions for the specified thing", - "access_level": "List", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForThing.html" - }, - "ListJobTemplates": { - "privilege": "ListJobTemplates", - "description": "Grants permission to list job templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobTemplates.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobs.html" - }, - "ListManagedJobTemplates": { - "privilege": "ListManagedJobTemplates", - "description": "Grants permission to list managed job templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListManagedJobTemplates.html" - }, - "ListMetricValues": { - "privilege": "ListMetricValues", - "description": "Grants permissions to list the metric values for a thing based on the metricName, and dimension if specified", - "access_level": "List", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListMetricValues.html" - }, - "ListMitigationActions": { - "privilege": "ListMitigationActions", - "description": "Grants permission to get a list of all mitigation actions that match the specified filter criteria", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListMitigationActions.html" - }, - "ListNamedShadowsForThing": { - "privilege": "ListNamedShadowsForThing", - "description": "Grants permission to list all named shadows for a given thing", - "access_level": "List", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListNamedShadowsForThing.html" - }, - "ListOTAUpdates": { - "privilege": "ListOTAUpdates", - "description": "Grants permission to list OTA update jobs in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListOTAUpdates.html" - }, - "ListOutgoingCertificates": { - "privilege": "ListOutgoingCertificates", - "description": "Grants permission to list certificates that are being transfered but not yet accepted", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListOutgoingCertificates.html" - }, - "ListPackageVersions": { - "privilege": "ListPackageVersions", - "description": "Grants permission to list versions for a package in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackageVersions.html" - }, - "ListPackages": { - "privilege": "ListPackages", - "description": "Grants permission to list packages in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackages.html" - }, - "ListPolicies": { - "privilege": "ListPolicies", - "description": "Grants permission to list your policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicies.html" - }, - "ListPolicyPrincipals": { - "privilege": "ListPolicyPrincipals", - "description": "Grants permission to list the principals associated with the specified policy", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyPrincipals.html" - }, - "ListPolicyVersions": { - "privilege": "ListPolicyVersions", - "description": "Grants permission to list the versions of the specified policy, and identifies the default version", - "access_level": "List", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyVersions.html" - }, - "ListPrincipalPolicies": { - "privilege": "ListPrincipalPolicies", - "description": "Grants permission to list the policies attached to the specified principal. If you use an Amazon Cognito identity, the ID needs to be in Amazon Cognito Identity format", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalPolicies.html" - }, - "ListPrincipalThings": { - "privilege": "ListPrincipalThings", - "description": "Grants permission to list the things associated with the specified principal", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalThings.html" - }, - "ListProvisioningTemplateVersions": { - "privilege": "ListProvisioningTemplateVersions", - "description": "Grants permission to get a list of fleet provisioning template versions", - "access_level": "List", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplateVersions.html" - }, - "ListProvisioningTemplates": { - "privilege": "ListProvisioningTemplates", - "description": "Grants permission to list the fleet provisioning templates in your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplates.html" - }, - "ListRelatedResourcesForAuditFinding": { - "privilege": "ListRelatedResourcesForAuditFinding", - "description": "Grants permission to list related resources for a single audit finding", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListRelatedResourcesForAuditFinding.html" - }, - "ListRetainedMessages": { - "privilege": "ListRetainedMessages", - "description": "Grants permission to list the retained messages for your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "ListRoleAliases": { - "privilege": "ListRoleAliases", - "description": "Grants permission to list role aliases", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListRoleAliases.html" - }, - "ListScheduledAudits": { - "privilege": "ListScheduledAudits", - "description": "Grants permission to list all of your scheduled audits", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListScheduledAudits.html" - }, - "ListSecurityProfiles": { - "privilege": "ListSecurityProfiles", - "description": "Grants permission to list the Device Defender security profiles you have created", - "access_level": "List", - "resource_types": { - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfiles.html" - }, - "ListSecurityProfilesForTarget": { - "privilege": "ListSecurityProfilesForTarget", - "description": "Grants permission to list the Device Defender security profiles attached to a target", - "access_level": "List", - "resource_types": { - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfilesForTarget.html" - }, - "ListStreams": { - "privilege": "ListStreams", - "description": "Grants permission to list the streams in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListStreams.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for a given resource", - "access_level": "Read", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "billinggroup": { - "resource_type": "billinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cacert": { - "resource_type": "cacert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "domainconfiguration": { - "resource_type": "domainconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dynamicthinggroup": { - "resource_type": "dynamicthinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleetmetric": { - "resource_type": "fleetmetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobtemplate": { - "resource_type": "jobtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mitigationaction": { - "resource_type": "mitigationaction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "otaupdate": { - "resource_type": "otaupdate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rolealias": { - "resource_type": "rolealias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduledaudit": { - "resource_type": "scheduledaudit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securityprofile": { - "resource_type": "securityprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thingtype": { - "resource_type": "thingtype", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTagsForResource.html" - }, - "ListTargetsForPolicy": { - "privilege": "ListTargetsForPolicy", - "description": "Grants permission to list targets for the specified policy", - "access_level": "List", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForPolicy.html" - }, - "ListTargetsForSecurityProfile": { - "privilege": "ListTargetsForSecurityProfile", - "description": "Grants permission to list the targets associated with a given Device Defender security profile", - "access_level": "List", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForSecurityProfile.html" - }, - "ListThingGroups": { - "privilege": "ListThingGroups", - "description": "Grants permission to list all thing groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroups.html" - }, - "ListThingGroupsForThing": { - "privilege": "ListThingGroupsForThing", - "description": "Grants permission to list thing groups to which the specified thing belongs", - "access_level": "List", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroupsForThing.html" - }, - "ListThingPrincipals": { - "privilege": "ListThingPrincipals", - "description": "Grants permission to list the principals associated with the specified thing", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingPrincipals.html" - }, - "ListThingRegistrationTaskReports": { - "privilege": "ListThingRegistrationTaskReports", - "description": "Grants permission to list information about bulk thing registration tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTaskReports.html" - }, - "ListThingRegistrationTasks": { - "privilege": "ListThingRegistrationTasks", - "description": "Grants permission to list bulk thing registration tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTasks.html" - }, - "ListThingTypes": { - "privilege": "ListThingTypes", - "description": "Grants permission to list all thing types", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingTypes.html" - }, - "ListThings": { - "privilege": "ListThings", - "description": "Grants permission to list all things", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThings.html" - }, - "ListThingsInBillingGroup": { - "privilege": "ListThingsInBillingGroup", - "description": "Grants permission to list all things in the specified billing group", - "access_level": "List", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInBillingGroup.html" - }, - "ListThingsInThingGroup": { - "privilege": "ListThingsInThingGroup", - "description": "Grants permission to list all things in the specified thing group", - "access_level": "List", - "resource_types": { - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInThingGroup.html" - }, - "ListTopicRuleDestinations": { - "privilege": "ListTopicRuleDestinations", - "description": "Grants permission to list all TopicRuleDestinations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRuleDestinations.html" - }, - "ListTopicRules": { - "privilege": "ListTopicRules", - "description": "Grants permission to list the rules for the specific topic", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRules.html" - }, - "ListTunnels": { - "privilege": "ListTunnels", - "description": "Grants permission to list tunnels", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_ListTunnels.html" - }, - "ListV2LoggingLevels": { - "privilege": "ListV2LoggingLevels", - "description": "Grants permission to list the v2 logging levels", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListV2LoggingLevels.html" - }, - "ListViolationEvents": { - "privilege": "ListViolationEvents", - "description": "Grants permission to list the Device Defender security profile violations discovered during the given time period", - "access_level": "List", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListViolationEvents.html" - }, - "OpenTunnel": { - "privilege": "OpenTunnel", - "description": "Grants permission to open a tunnel", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "iot:ThingGroupArn", - "iot:TunnelDestinationService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_OpenTunnel.html" - }, - "Publish": { - "privilege": "Publish", - "description": "Grants permission to publish to the specified topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "PutVerificationStateOnViolation": { - "privilege": "PutVerificationStateOnViolation", - "description": "Grants permission to put verification state on a violation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_PutVerificationStateOnViolation.html" - }, - "Receive": { - "privilege": "Receive", - "description": "Grants permission to receive from the specified topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "RegisterCACertificate": { - "privilege": "RegisterCACertificate", - "description": "Grants permission to register a CA certificate with AWS IoT", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCACertificate.html" - }, - "RegisterCertificate": { - "privilege": "RegisterCertificate", - "description": "Grants permission to register a device certificate with AWS IoT", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificate.html" - }, - "RegisterCertificateWithoutCA": { - "privilege": "RegisterCertificateWithoutCA", - "description": "Grants permission to register a device certificate with AWS IoT without a registered CA (certificate authority)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificateWithoutCA.html" - }, - "RegisterThing": { - "privilege": "RegisterThing", - "description": "Grants permission to register your thing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterThing.html" - }, - "RejectCertificateTransfer": { - "privilege": "RejectCertificateTransfer", - "description": "Grants permission to reject a pending certificate transfer", - "access_level": "Write", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RejectCertificateTransfer.html" - }, - "RemoveThingFromBillingGroup": { - "privilege": "RemoveThingFromBillingGroup", - "description": "Grants permission to remove thing from the specified billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromBillingGroup.html" - }, - "RemoveThingFromThingGroup": { - "privilege": "RemoveThingFromThingGroup", - "description": "Grants permission to remove thing from the specified thing group", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromThingGroup.html" - }, - "ReplaceTopicRule": { - "privilege": "ReplaceTopicRule", - "description": "Grants permission to replace the specified rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ReplaceTopicRule.html" - }, - "RetainPublish": { - "privilege": "RetainPublish", - "description": "Grants permission to publish a retained message to the specified topic", - "access_level": "Write", - "resource_types": { - "topic": { - "resource_type": "topic", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "RotateTunnelAccessToken": { - "privilege": "RotateTunnelAccessToken", - "description": "Grants permission to rotate the access token of a tunnel", - "access_level": "Write", - "resource_types": { - "tunnel": { - "resource_type": "tunnel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iot:ThingGroupArn", - "iot:TunnelDestinationService", - "iot:ClientMode" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_RotateTunnelAccessToken.html" - }, - "SearchIndex": { - "privilege": "SearchIndex", - "description": "Grants permission to search IoT fleet index", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SearchIndex.html" - }, - "SetDefaultAuthorizer": { - "privilege": "SetDefaultAuthorizer", - "description": "Grants permission to set the default authorizer. This will be used if a websocket connection is made without specifying an authorizer", - "access_level": "Permissions management", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultAuthorizer.html" - }, - "SetDefaultPolicyVersion": { - "privilege": "SetDefaultPolicyVersion", - "description": "Grants permission to set the specified version of the specified policy as the policy's default (operative) version", - "access_level": "Permissions management", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultPolicyVersion.html" - }, - "SetLoggingOptions": { - "privilege": "SetLoggingOptions", - "description": "Grants permission to set the logging options", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetLoggingOptions.html" - }, - "SetV2LoggingLevel": { - "privilege": "SetV2LoggingLevel", - "description": "Grants permission to set the v2 logging level", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingLevel.html" - }, - "SetV2LoggingOptions": { - "privilege": "SetV2LoggingOptions", - "description": "Grants permission to set the v2 logging options", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingOptions.html" - }, - "StartAuditMitigationActionsTask": { - "privilege": "StartAuditMitigationActionsTask", - "description": "Grants permission to start a task that applies a set of mitigation actions to the specified target", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartAuditMitigationActionsTask.html" - }, - "StartDetectMitigationActionsTask": { - "privilege": "StartDetectMitigationActionsTask", - "description": "Grants permission to start a Device Defender ML Detect mitigation actions task", - "access_level": "Write", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartDetectMitigationActionsTask.html" - }, - "StartOnDemandAuditTask": { - "privilege": "StartOnDemandAuditTask", - "description": "Grants permission to start an on-demand Device Defender audit", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartOnDemandAuditTask.html" - }, - "StartThingRegistrationTask": { - "privilege": "StartThingRegistrationTask", - "description": "Grants permission to start a bulk thing registration task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartThingRegistrationTask.html" - }, - "StopThingRegistrationTask": { - "privilege": "StopThingRegistrationTask", - "description": "Grants permission to stop a bulk thing registration task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StopThingRegistrationTask.html" - }, - "Subscribe": { - "privilege": "Subscribe", - "description": "Grants permission to subscribe to the specified TopicFilter", - "access_level": "Write", - "resource_types": { - "topicfilter": { - "resource_type": "topicfilter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a specified resource", - "access_level": "Tagging", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "billinggroup": { - "resource_type": "billinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cacert": { - "resource_type": "cacert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "domainconfiguration": { - "resource_type": "domainconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dynamicthinggroup": { - "resource_type": "dynamicthinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleetmetric": { - "resource_type": "fleetmetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobtemplate": { - "resource_type": "jobtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mitigationaction": { - "resource_type": "mitigationaction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "otaupdate": { - "resource_type": "otaupdate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "package": { - "resource_type": "package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packageversion": { - "resource_type": "packageversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rolealias": { - "resource_type": "rolealias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduledaudit": { - "resource_type": "scheduledaudit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securityprofile": { - "resource_type": "securityprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thingtype": { - "resource_type": "thingtype", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TagResource.html" - }, - "TestAuthorization": { - "privilege": "TestAuthorization", - "description": "Grants permission to test the policies evaluation for group policies", - "access_level": "Read", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TestAuthorization.html" - }, - "TestInvokeAuthorizer": { - "privilege": "TestInvokeAuthorizer", - "description": "Grants permission to test invoke the specified custom authorizer for testing purposes", - "access_level": "Read", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TestInvokeAuthorizer.html" - }, - "TransferCertificate": { - "privilege": "TransferCertificate", - "description": "Grants permission to transfer the specified certificate to the specified AWS account", - "access_level": "Write", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TransferCertificate.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a specified resource", - "access_level": "Tagging", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "billinggroup": { - "resource_type": "billinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "cacert": { - "resource_type": "cacert", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "domainconfiguration": { - "resource_type": "domainconfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dynamicthinggroup": { - "resource_type": "dynamicthinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleetmetric": { - "resource_type": "fleetmetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "job": { - "resource_type": "job", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "jobtemplate": { - "resource_type": "jobtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "mitigationaction": { - "resource_type": "mitigationaction", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "otaupdate": { - "resource_type": "otaupdate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "package": { - "resource_type": "package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "packageversion": { - "resource_type": "packageversion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rolealias": { - "resource_type": "rolealias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scheduledaudit": { - "resource_type": "scheduledaudit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "securityprofile": { - "resource_type": "securityprofile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "stream": { - "resource_type": "stream", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "thingtype": { - "resource_type": "thingtype", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UntagResource.html" - }, - "UpdateAccountAuditConfiguration": { - "privilege": "UpdateAccountAuditConfiguration", - "description": "Grants permission to configure or reconfigure the Device Defender audit settings for this account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAccountAuditConfiguration.html" - }, - "UpdateAuditSuppression": { - "privilege": "UpdateAuditSuppression", - "description": "Grants permission to update a Device Defender audit suppression", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuditSuppression.html" - }, - "UpdateAuthorizer": { - "privilege": "UpdateAuthorizer", - "description": "Grants permission to update an authorizer", - "access_level": "Write", - "resource_types": { - "authorizer": { - "resource_type": "authorizer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuthorizer.html" - }, - "UpdateBillingGroup": { - "privilege": "UpdateBillingGroup", - "description": "Grants permission to update information associated with the specified billing group", - "access_level": "Write", - "resource_types": { - "billinggroup": { - "resource_type": "billinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateBillingGroup.html" - }, - "UpdateCACertificate": { - "privilege": "UpdateCACertificate", - "description": "Grants permission to update a registered CA certificate", - "access_level": "Write", - "resource_types": { - "cacert": { - "resource_type": "cacert", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCACertificate.html" - }, - "UpdateCertificate": { - "privilege": "UpdateCertificate", - "description": "Grants permission to update the status of the specified certificate. This operation is idempotent", - "access_level": "Write", - "resource_types": { - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificate.html" - }, - "UpdateCustomMetric": { - "privilege": "UpdateCustomMetric", - "description": "Grants permission to update the specified custom metric", - "access_level": "Write", - "resource_types": { - "custommetric": { - "resource_type": "custommetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCustomMetric.html" - }, - "UpdateDimension": { - "privilege": "UpdateDimension", - "description": "Grants permission to update the definition for a dimension", - "access_level": "Write", - "resource_types": { - "dimension": { - "resource_type": "dimension", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDimension.html" - }, - "UpdateDomainConfiguration": { - "privilege": "UpdateDomainConfiguration", - "description": "Grants permission to update a domain configuration", - "access_level": "Write", - "resource_types": { - "domainconfiguration": { - "resource_type": "domainconfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDomainConfiguration.html" - }, - "UpdateDynamicThingGroup": { - "privilege": "UpdateDynamicThingGroup", - "description": "Grants permission to update a Dynamic Thing Group", - "access_level": "Write", - "resource_types": { - "dynamicthinggroup": { - "resource_type": "dynamicthinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDynamicThingGroup.html" - }, - "UpdateEventConfigurations": { - "privilege": "UpdateEventConfigurations", - "description": "Grants permission to update event configurations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateEventConfigurations.html" - }, - "UpdateFleetMetric": { - "privilege": "UpdateFleetMetric", - "description": "Grants permission to update a fleet metric", - "access_level": "Write", - "resource_types": { - "fleetmetric": { - "resource_type": "fleetmetric", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateFleetMetric.html" - }, - "UpdateIndexingConfiguration": { - "privilege": "UpdateIndexingConfiguration", - "description": "Grants permission to update fleet indexing configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateIndexingConfiguration.html" - }, - "UpdateJob": { - "privilege": "UpdateJob", - "description": "Grants permission to update a job", - "access_level": "Write", - "resource_types": { - "job": { - "resource_type": "job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateJob.html" - }, - "UpdateMitigationAction": { - "privilege": "UpdateMitigationAction", - "description": "Grants permission to update the definition for the specified mitigation action", - "access_level": "Write", - "resource_types": { - "mitigationaction": { - "resource_type": "mitigationaction", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateMitigationAction.html" - }, - "UpdatePackage": { - "privilege": "UpdatePackage", - "description": "Grants permission to update a package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:GetIndexingConfiguration" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackage.html" - }, - "UpdatePackageConfiguration": { - "privilege": "UpdatePackageConfiguration", - "description": "Grants permission to update the package configuration of the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageConfiguration.html" - }, - "UpdatePackageVersion": { - "privilege": "UpdatePackageVersion", - "description": "Grants permission to update the version of the specified package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:GetIndexingConfiguration" - ] - }, - "packageversion": { - "resource_type": "packageversion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageVersion.html" - }, - "UpdateProvisioningTemplate": { - "privilege": "UpdateProvisioningTemplate", - "description": "Grants permission to update a fleet provisioning template", - "access_level": "Write", - "resource_types": { - "provisioningtemplate": { - "resource_type": "provisioningtemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateProvisioningTemplate.html" - }, - "UpdateRoleAlias": { - "privilege": "UpdateRoleAlias", - "description": "Grants permission to update the role alias", - "access_level": "Write", - "resource_types": { - "rolealias": { - "resource_type": "rolealias", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateRoleAlias.html" - }, - "UpdateScheduledAudit": { - "privilege": "UpdateScheduledAudit", - "description": "Grants permission to update a scheduled audit, including what checks are performed and how often the audit takes place", - "access_level": "Write", - "resource_types": { - "scheduledaudit": { - "resource_type": "scheduledaudit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateScheduledAudit.html" - }, - "UpdateSecurityProfile": { - "privilege": "UpdateSecurityProfile", - "description": "Grants permission to update a Device Defender security profile", - "access_level": "Write", - "resource_types": { - "securityprofile": { - "resource_type": "securityprofile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "custommetric": { - "resource_type": "custommetric", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dimension": { - "resource_type": "dimension", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateSecurityProfile.html" - }, - "UpdateStream": { - "privilege": "UpdateStream", - "description": "Grants permission to update the data for a stream", - "access_level": "Write", - "resource_types": { - "stream": { - "resource_type": "stream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateStream.html" - }, - "UpdateThing": { - "privilege": "UpdateThing", - "description": "Grants permission to update information associated with the specified thing", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThing.html" - }, - "UpdateThingGroup": { - "privilege": "UpdateThingGroup", - "description": "Grants permission to update information associated with the specified thing group", - "access_level": "Write", - "resource_types": { - "thinggroup": { - "resource_type": "thinggroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroup.html" - }, - "UpdateThingGroupsForThing": { - "privilege": "UpdateThingGroupsForThing", - "description": "Grants permission to update the thing groups to which the thing belongs", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "thinggroup": { - "resource_type": "thinggroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroupsForThing.html" - }, - "UpdateThingShadow": { - "privilege": "UpdateThingShadow", - "description": "Grants permission to update the thing shadow", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" - }, - "UpdateTopicRuleDestination": { - "privilege": "UpdateTopicRuleDestination", - "description": "Grants permission to update a TopicRuleDestination", - "access_level": "Write", - "resource_types": { - "destination": { - "resource_type": "destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateTopicRuleDestination.html" - }, - "ValidateSecurityProfileBehaviors": { - "privilege": "ValidateSecurityProfileBehaviors", - "description": "Grants permission to validate a Device Defender security profile behaviors specification", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ValidateSecurityProfileBehaviors.html" - } - }, - "resources": { - "client": { - "resource": "client", - "arn": "arn:${Partition}:iot:${Region}:${Account}:client/${ClientId}", - "condition_keys": [] - }, - "index": { - "resource": "index", - "arn": "arn:${Partition}:iot:${Region}:${Account}:index/${IndexName}", - "condition_keys": [] - }, - "fleetmetric": { - "resource": "fleetmetric", - "arn": "arn:${Partition}:iot:${Region}:${Account}:fleetmetric/${FleetMetricName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "job": { - "resource": "job", - "arn": "arn:${Partition}:iot:${Region}:${Account}:job/${JobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "jobtemplate": { - "resource": "jobtemplate", - "arn": "arn:${Partition}:iot:${Region}:${Account}:jobtemplate/${JobTemplateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "tunnel": { - "resource": "tunnel", - "arn": "arn:${Partition}:iot:${Region}:${Account}:tunnel/${TunnelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "thing": { - "resource": "thing", - "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", - "condition_keys": [] - }, - "thinggroup": { - "resource": "thinggroup", - "arn": "arn:${Partition}:iot:${Region}:${Account}:thinggroup/${ThingGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "billinggroup": { - "resource": "billinggroup", - "arn": "arn:${Partition}:iot:${Region}:${Account}:billinggroup/${BillingGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dynamicthinggroup": { - "resource": "dynamicthinggroup", - "arn": "arn:${Partition}:iot:${Region}:${Account}:thinggroup/${ThingGroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "thingtype": { - "resource": "thingtype", - "arn": "arn:${Partition}:iot:${Region}:${Account}:thingtype/${ThingTypeName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "topic": { - "resource": "topic", - "arn": "arn:${Partition}:iot:${Region}:${Account}:topic/${TopicName}", - "condition_keys": [] - }, - "topicfilter": { - "resource": "topicfilter", - "arn": "arn:${Partition}:iot:${Region}:${Account}:topicfilter/${TopicFilter}", - "condition_keys": [] - }, - "rolealias": { - "resource": "rolealias", - "arn": "arn:${Partition}:iot:${Region}:${Account}:rolealias/${RoleAlias}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "authorizer": { - "resource": "authorizer", - "arn": "arn:${Partition}:iot:${Region}:${Account}:authorizer/${AuthorizerName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "policy": { - "resource": "policy", - "arn": "arn:${Partition}:iot:${Region}:${Account}:policy/${PolicyName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "cert": { - "resource": "cert", - "arn": "arn:${Partition}:iot:${Region}:${Account}:cert/${Certificate}", - "condition_keys": [] - }, - "cacert": { - "resource": "cacert", - "arn": "arn:${Partition}:iot:${Region}:${Account}:cacert/${CACertificate}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "stream": { - "resource": "stream", - "arn": "arn:${Partition}:iot:${Region}:${Account}:stream/${StreamId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "otaupdate": { - "resource": "otaupdate", - "arn": "arn:${Partition}:iot:${Region}:${Account}:otaupdate/${OtaUpdateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "scheduledaudit": { - "resource": "scheduledaudit", - "arn": "arn:${Partition}:iot:${Region}:${Account}:scheduledaudit/${ScheduleName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "mitigationaction": { - "resource": "mitigationaction", - "arn": "arn:${Partition}:iot:${Region}:${Account}:mitigationaction/${MitigationActionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "securityprofile": { - "resource": "securityprofile", - "arn": "arn:${Partition}:iot:${Region}:${Account}:securityprofile/${SecurityProfileName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "custommetric": { - "resource": "custommetric", - "arn": "arn:${Partition}:iot:${Region}:${Account}:custommetric/${MetricName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dimension": { - "resource": "dimension", - "arn": "arn:${Partition}:iot:${Region}:${Account}:dimension/${DimensionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "rule": { - "resource": "rule", - "arn": "arn:${Partition}:iot:${Region}:${Account}:rule/${RuleName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "destination": { - "resource": "destination", - "arn": "arn:${Partition}:iot:${Region}:${Account}:destination/${DestinationType}/${Uuid}", - "condition_keys": [] - }, - "provisioningtemplate": { - "resource": "provisioningtemplate", - "arn": "arn:${Partition}:iot:${Region}:${Account}:provisioningtemplate/${ProvisioningTemplate}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "domainconfiguration": { - "resource": "domainconfiguration", - "arn": "arn:${Partition}:iot:${Region}:${Account}:domainconfiguration/${DomainConfigurationName}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "package": { - "resource": "package", - "arn": "arn:${Partition}:iot:${Region}:${Account}:package/${PackageName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "packageversion": { - "resource": "packageversion", - "arn": "arn:${Partition}:iot:${Region}:${Account}:package/${PackageName}/version/${VersionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key that is present in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key component of a tag associated to the IoT resource in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys associated to the IoT resource in the request", - "type": "ArrayOfString" - }, - "iot:ClientMode": { - "condition": "iot:ClientMode", - "description": "Filters access by the mode of the client for IoT Tunnel", - "type": "String" - }, - "iot:Delete": { - "condition": "iot:Delete", - "description": "Filters access by a flag indicating whether or not to also delete an IoT Tunnel immediately when making iot:CloseTunnel request", - "type": "Bool" - }, - "iot:DomainName": { - "condition": "iot:DomainName", - "description": "Filters access by based on the domain name of an IoT DomainConfiguration", - "type": "String" - }, - "iot:ThingGroupArn": { - "condition": "iot:ThingGroupArn", - "description": "Filters access by a list of IoT Thing Group ARNs that the destination IoT Thing belongs to for an IoT Tunnel", - "type": "ArrayOfString" - }, - "iot:TunnelDestinationService": { - "condition": "iot:TunnelDestinationService", - "description": "Filters access by a list of destination services for an IoT Tunnel", - "type": "ArrayOfString" - } - } - }, - "iot1click": { - "service_name": "AWS IoT 1-Click", - "prefix": "iot1click", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot1-click.html", - "privileges": { - "AssociateDeviceWithPlacement": { - "privilege": "AssociateDeviceWithPlacement", - "description": "Grants permission to associate a device to a placement", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_AssociateDeviceWithPlacement.html" - }, - "ClaimDevicesByClaimCode": { - "privilege": "ClaimDevicesByClaimCode", - "description": "Grants permission to claim a batch of devices with a claim code", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/claims-claimcode.html" - }, - "CreatePlacement": { - "privilege": "CreatePlacement", - "description": "Grants permission to create a new placement in a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_CreatePlacement.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a new project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_CreateProject.html" - }, - "DeletePlacement": { - "privilege": "DeletePlacement", - "description": "Grants permission to delete a placement from a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DeletePlacement.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DeleteProject.html" - }, - "DescribeDevice": { - "privilege": "DescribeDevice", - "description": "Grants permission to describe a device", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid.html" - }, - "DescribePlacement": { - "privilege": "DescribePlacement", - "description": "Grants permission to describe a placement", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DescribePlacement.html" - }, - "DescribeProject": { - "privilege": "DescribeProject", - "description": "Grants permission to describe a project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DescribeProject.html" - }, - "DisassociateDeviceFromPlacement": { - "privilege": "DisassociateDeviceFromPlacement", - "description": "Grants permission to disassociate a device from a placement", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DisassociateDeviceFromPlacement.html" - }, - "FinalizeDeviceClaim": { - "privilege": "FinalizeDeviceClaim", - "description": "Grants permission to finalize a device claim", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-finalize-claim.html" - }, - "GetDeviceMethods": { - "privilege": "GetDeviceMethods", - "description": "Grants permission to get available methods of a device", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-methods.html" - }, - "GetDevicesInPlacement": { - "privilege": "GetDevicesInPlacement", - "description": "Grants permission to get devices associated to a placement", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_GetDevicesInPlacement.html" - }, - "InitiateDeviceClaim": { - "privilege": "InitiateDeviceClaim", - "description": "Grants permission to initialize a device claim", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-initiate-claim.html" - }, - "InvokeDeviceMethod": { - "privilege": "InvokeDeviceMethod", - "description": "Grants permission to invoke a device method", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-methods.html" - }, - "ListDeviceEvents": { - "privilege": "ListDeviceEvents", - "description": "Grants permission to list past events published by a device", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-events.html" - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Grants permission to list all devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices.html" - }, - "ListPlacements": { - "privilege": "ListPlacements", - "description": "Grants permission to list placements in a project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_ListPlacements.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list all projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_ListProjects.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists the tags for a resource", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or modify the tags of a resource", - "access_level": "Tagging", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_TagResource.html" - }, - "UnclaimDevice": { - "privilege": "UnclaimDevice", - "description": "Grants permission to unclaim a device", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-unclaim.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the given tags (metadata) from a resource", - "access_level": "Tagging", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_UntagResource.html" - }, - "UpdateDeviceState": { - "privilege": "UpdateDeviceState", - "description": "Grants permission to update device state", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-state.html" - }, - "UpdatePlacement": { - "privilege": "UpdatePlacement", - "description": "Grants permission to update a placement", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_UpdatePlacement.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Update a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_UpdateProject.html" - } - }, - "resources": { - "device": { - "resource": "device", - "arn": "arn:${Partition}:iot1click:${Region}:${Account}:devices/${DeviceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "project": { - "resource": "project", - "arn": "arn:${Partition}:iot1click:${Region}:${Account}:projects/${ProjectName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "iotanalytics": { - "service_name": "AWS IoT Analytics", - "prefix": "iotanalytics", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotanalytics.html", - "privileges": { - "BatchPutMessage": { - "privilege": "BatchPutMessage", - "description": "Puts a batch of messages into the specified channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html" - }, - "CancelPipelineReprocessing": { - "privilege": "CancelPipelineReprocessing", - "description": "Cancels reprocessing for the specified pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CancelPipelineReprocessing.html" - }, - "CreateChannel": { - "privilege": "CreateChannel", - "description": "Creates a channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateChannel.html" - }, - "CreateDataset": { - "privilege": "CreateDataset", - "description": "Creates a dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateDataset.html" - }, - "CreateDatasetContent": { - "privilege": "CreateDatasetContent", - "description": "Generates content from the specified dataset (by executing the dataset actions)", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateDatasetContent.html" - }, - "CreateDatastore": { - "privilege": "CreateDatastore", - "description": "Creates a datastore", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateDatastore.html" - }, - "CreatePipeline": { - "privilege": "CreatePipeline", - "description": "Creates a pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreatePipeline.html" - }, - "DeleteChannel": { - "privilege": "DeleteChannel", - "description": "Deletes the specified channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteChannel.html" - }, - "DeleteDataset": { - "privilege": "DeleteDataset", - "description": "Deletes the specified dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteDataset.html" - }, - "DeleteDatasetContent": { - "privilege": "DeleteDatasetContent", - "description": "Deletes the content of the specified dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteDatasetContent.html" - }, - "DeleteDatastore": { - "privilege": "DeleteDatastore", - "description": "Deletes the specified datastore", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteDatastore.html" - }, - "DeletePipeline": { - "privilege": "DeletePipeline", - "description": "Deletes the specified pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeletePipeline.html" - }, - "DescribeChannel": { - "privilege": "DescribeChannel", - "description": "Describes the specified channel", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeChannel.html" - }, - "DescribeDataset": { - "privilege": "DescribeDataset", - "description": "Describes the specified dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeDataset.html" - }, - "DescribeDatastore": { - "privilege": "DescribeDatastore", - "description": "Describes the specified datastore", - "access_level": "Read", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeDatastore.html" - }, - "DescribeLoggingOptions": { - "privilege": "DescribeLoggingOptions", - "description": "Describes logging options for the the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeLoggingOptions.html" - }, - "DescribePipeline": { - "privilege": "DescribePipeline", - "description": "Describes the specified pipeline", - "access_level": "Read", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribePipeline.html" - }, - "GetDatasetContent": { - "privilege": "GetDatasetContent", - "description": "Gets the content of the specified dataset", - "access_level": "Read", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_GetDatasetContent.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Lists the channels for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListChannels.html" - }, - "ListDatasetContents": { - "privilege": "ListDatasetContents", - "description": "Lists information about dataset contents that have been created", - "access_level": "List", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListDatasetContents.html" - }, - "ListDatasets": { - "privilege": "ListDatasets", - "description": "Lists the datasets for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListDatasets.html" - }, - "ListDatastores": { - "privilege": "ListDatastores", - "description": "Lists the datastores for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListDatastores.html" - }, - "ListPipelines": { - "privilege": "ListPipelines", - "description": "Lists the pipelines for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListPipelines.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Lists the tags (metadata) which you have assigned to the resource", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datastore": { - "resource_type": "datastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListTagsForResource.html" - }, - "PutLoggingOptions": { - "privilege": "PutLoggingOptions", - "description": "Puts logging options for the the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_PutLoggingOptions.html" - }, - "RunPipelineActivity": { - "privilege": "RunPipelineActivity", - "description": "Runs the specified pipeline activity", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_RunPipelineActivity.html" - }, - "SampleChannelData": { - "privilege": "SampleChannelData", - "description": "Samples the specified channel's data", - "access_level": "Read", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_SampleChannelData.html" - }, - "StartPipelineReprocessing": { - "privilege": "StartPipelineReprocessing", - "description": "Starts reprocessing for the specified pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_StartPipelineReprocessing.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Adds to or modifies the tags of the given resource. Tags are metadata which can be used to manage a resource", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datastore": { - "resource_type": "datastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Removes the given tags (metadata) from the resource", - "access_level": "Tagging", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dataset": { - "resource_type": "dataset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "datastore": { - "resource_type": "datastore", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "pipeline": { - "resource_type": "pipeline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UntagResource.html" - }, - "UpdateChannel": { - "privilege": "UpdateChannel", - "description": "Updates the specified channel", - "access_level": "Write", - "resource_types": { - "channel": { - "resource_type": "channel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdateChannel.html" - }, - "UpdateDataset": { - "privilege": "UpdateDataset", - "description": "Updates the specified dataset", - "access_level": "Write", - "resource_types": { - "dataset": { - "resource_type": "dataset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdateDataset.html" - }, - "UpdateDatastore": { - "privilege": "UpdateDatastore", - "description": "Updates the specified datastore", - "access_level": "Write", - "resource_types": { - "datastore": { - "resource_type": "datastore", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdateDatastore.html" - }, - "UpdatePipeline": { - "privilege": "UpdatePipeline", - "description": "Updates the specified pipeline", - "access_level": "Write", - "resource_types": { - "pipeline": { - "resource_type": "pipeline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdatePipeline.html" - } - }, - "resources": { - "channel": { - "resource": "channel", - "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:channel/${ChannelName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "iotanalytics:ResourceTag/${TagKey}" - ] - }, - "dataset": { - "resource": "dataset", - "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:dataset/${DatasetName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "iotanalytics:ResourceTag/${TagKey}" - ] - }, - "datastore": { - "resource": "datastore", - "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:datastore/${DatastoreName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "iotanalytics:ResourceTag/${TagKey}" - ] - }, - "pipeline": { - "resource": "pipeline", - "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:pipeline/${PipelineName}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "iotanalytics:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "iotanalytics:ResourceTag/${TagKey}": { - "condition": "iotanalytics:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - } - } - }, - "iotdeviceadvisor": { - "service_name": "AWS IoT Core Device Advisor", - "prefix": "iotdeviceadvisor", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotcoredeviceadvisor.html", - "privileges": { - "CreateSuiteDefinition": { - "privilege": "CreateSuiteDefinition", - "description": "Grants permission to create a suite definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_CreateSuiteDefinition.html" - }, - "DeleteSuiteDefinition": { - "privilege": "DeleteSuiteDefinition", - "description": "Grants permission to delete a suite definition", - "access_level": "Write", - "resource_types": { - "Suitedefinition": { - "resource_type": "Suitedefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeleteSuiteDefinition.html" - }, - "GetEndpoint": { - "privilege": "GetEndpoint", - "description": "Grants permission to get a Device Advisor endpoint", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetEndpoint.html" - }, - "GetSuiteDefinition": { - "privilege": "GetSuiteDefinition", - "description": "Grants permission to get a suite definition", - "access_level": "Read", - "resource_types": { - "Suitedefinition": { - "resource_type": "Suitedefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetSuiteDefinition.html" - }, - "GetSuiteRun": { - "privilege": "GetSuiteRun", - "description": "Grants permission to get a suite run", - "access_level": "Read", - "resource_types": { - "Suiterun": { - "resource_type": "Suiterun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetSuiteRun.html" - }, - "GetSuiteRunReport": { - "privilege": "GetSuiteRunReport", - "description": "Grants permission to get the qualification report for a suite run", - "access_level": "Read", - "resource_types": { - "Suiterun": { - "resource_type": "Suiterun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetSuiteRunReport.html" - }, - "ListSuiteDefinitions": { - "privilege": "ListSuiteDefinitions", - "description": "Grants permission to list suite definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_ListSuiteDefinitions.html" - }, - "ListSuiteRuns": { - "privilege": "ListSuiteRuns", - "description": "Grants permission to list suite runs", - "access_level": "List", - "resource_types": { - "Suitedefinition": { - "resource_type": "Suitedefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_ListSuiteRuns.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags (metadata) assigned to a resource", - "access_level": "Read", - "resource_types": { - "Suitedefinition": { - "resource_type": "Suitedefinition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Suiterun": { - "resource_type": "Suiterun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_ListTagsForResource.html" - }, - "StartSuiteRun": { - "privilege": "StartSuiteRun", - "description": "Grants permission to start a suite run", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_StartSuiteRun.html" - }, - "StopSuiteRun": { - "privilege": "StopSuiteRun", - "description": "Grants permission to stop a suite run", - "access_level": "Write", - "resource_types": { - "Suiterun": { - "resource_type": "Suiterun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_StopSuiteRun.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add to or modify the tags of the given resource. Tags are metadata which can be used to manage a resource", - "access_level": "Tagging", - "resource_types": { - "Suitedefinition": { - "resource_type": "Suitedefinition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Suiterun": { - "resource_type": "Suiterun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the given tags (metadata) from a resource", - "access_level": "Tagging", - "resource_types": { - "Suitedefinition": { - "resource_type": "Suitedefinition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Suiterun": { - "resource_type": "Suiterun", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_UntagResource.html" - }, - "UpdateSuiteDefinition": { - "privilege": "UpdateSuiteDefinition", - "description": "Grants permission to update a suite definition", - "access_level": "Write", - "resource_types": { - "Suitedefinition": { - "resource_type": "Suitedefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_UpdateSuiteDefinition.html" - } - }, - "resources": { - "Suitedefinition": { - "resource": "Suitedefinition", - "arn": "arn:${Partition}:iotdeviceadvisor:${Region}:${Account}:suitedefinition/${SuiteDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Suiterun": { - "resource": "Suiterun", - "arn": "arn:${Partition}:iotdeviceadvisor:${Region}:${Account}:suiterun/${SuiteDefinitionId}/${SuiteRunId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "iotwireless": { - "service_name": "AWS IoT Core for LoRaWAN", - "prefix": "iotwireless", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotcoreforlorawan.html", - "privileges": { - "AssociateAwsAccountWithPartnerAccount": { - "privilege": "AssociateAwsAccountWithPartnerAccount", - "description": "Grants permission to link partner accounts with AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateAwsAccountWithPartnerAccount.html" - }, - "AssociateMulticastGroupWithFuotaTask": { - "privilege": "AssociateMulticastGroupWithFuotaTask", - "description": "Grants permission to associate the MulticastGroup with FuotaTask", - "access_level": "Write", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateMulticastGroupWithFuotaTask.html" - }, - "AssociateWirelessDeviceWithFuotaTask": { - "privilege": "AssociateWirelessDeviceWithFuotaTask", - "description": "Grants permission to associate the wireless device with FuotaTask", - "access_level": "Write", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessDeviceWithFuotaTask.html" - }, - "AssociateWirelessDeviceWithMulticastGroup": { - "privilege": "AssociateWirelessDeviceWithMulticastGroup", - "description": "Grants permission to associate the WirelessDevice with MulticastGroup", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessDeviceWithMulticastGroup.html" - }, - "AssociateWirelessDeviceWithThing": { - "privilege": "AssociateWirelessDeviceWithThing", - "description": "Grants permission to associate the wireless device with AWS IoT thing for a given wirelessDeviceId", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeThing" - ] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessDeviceWithThing.html" - }, - "AssociateWirelessGatewayWithCertificate": { - "privilege": "AssociateWirelessGatewayWithCertificate", - "description": "Grants permission to associate a WirelessGateway with the IoT Core Identity certificate", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessGatewayWithCertificate.html" - }, - "AssociateWirelessGatewayWithThing": { - "privilege": "AssociateWirelessGatewayWithThing", - "description": "Grants permission to associate the wireless gateway with AWS IoT thing for a given wirelessGatewayId", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeThing" - ] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessGatewayWithThing.html" - }, - "CancelMulticastGroupSession": { - "privilege": "CancelMulticastGroupSession", - "description": "Grants permission to cancel the MulticastGroup session", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CancelMulticastGroupSession.html" - }, - "CreateDestination": { - "privilege": "CreateDestination", - "description": "Grants permission to create a Destination resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateDestination.html" - }, - "CreateDeviceProfile": { - "privilege": "CreateDeviceProfile", - "description": "Grants permission to create a DeviceProfile resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateDeviceProfile.html" - }, - "CreateFuotaTask": { - "privilege": "CreateFuotaTask", - "description": "Grants permission to create a FuotaTask resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateFuotaTask.html" - }, - "CreateMulticastGroup": { - "privilege": "CreateMulticastGroup", - "description": "Grants permission to create a MulticastGroup resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateMulticastGroup.html" - }, - "CreateNetworkAnalyzerConfiguration": { - "privilege": "CreateNetworkAnalyzerConfiguration", - "description": "Grants permission to create a NetworkAnalyzerConfiguration resource", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateNetworkAnalyzerConfiguration.html" - }, - "CreateServiceProfile": { - "privilege": "CreateServiceProfile", - "description": "Grants permission to create a ServiceProfile resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateServiceProfile.html" - }, - "CreateWirelessDevice": { - "privilege": "CreateWirelessDevice", - "description": "Grants permission to create a WirelessDevice resource with given Destination", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessDevice.html" - }, - "CreateWirelessGateway": { - "privilege": "CreateWirelessGateway", - "description": "Grants permission to create a WirelessGateway resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessGateway.html" - }, - "CreateWirelessGatewayTask": { - "privilege": "CreateWirelessGatewayTask", - "description": "Grants permission to create a task for a given WirelessGateway", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessGatewayTask.html" - }, - "CreateWirelessGatewayTaskDefinition": { - "privilege": "CreateWirelessGatewayTaskDefinition", - "description": "Grants permission to create a WirelessGateway task definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessGatewayTaskDefinition.html" - }, - "DeleteDestination": { - "privilege": "DeleteDestination", - "description": "Grants permission to delete a Destination", - "access_level": "Write", - "resource_types": { - "Destination": { - "resource_type": "Destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteDestination.html" - }, - "DeleteDeviceProfile": { - "privilege": "DeleteDeviceProfile", - "description": "Grants permission to delete a DeviceProfile", - "access_level": "Write", - "resource_types": { - "DeviceProfile": { - "resource_type": "DeviceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteDeviceProfile.html" - }, - "DeleteFuotaTask": { - "privilege": "DeleteFuotaTask", - "description": "Grants permission to delete the FuotaTask", - "access_level": "Write", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteFuotaTask.html" - }, - "DeleteMulticastGroup": { - "privilege": "DeleteMulticastGroup", - "description": "Grants permission to delete the MulticastGroup", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteMulticastGroup.html" - }, - "DeleteNetworkAnalyzerConfiguration": { - "privilege": "DeleteNetworkAnalyzerConfiguration", - "description": "Grants permission to delete the NetworkAnalyzerConfiguration", - "access_level": "Write", - "resource_types": { - "NetworkAnalyzerConfiguration": { - "resource_type": "NetworkAnalyzerConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteNetworkAnalyzerConfiguration.html" - }, - "DeleteQueuedMessages": { - "privilege": "DeleteQueuedMessages", - "description": "Grants permission to delete QueuedMessages", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteQueuedMessages.html" - }, - "DeleteServiceProfile": { - "privilege": "DeleteServiceProfile", - "description": "Grants permission to delete a ServiceProfile", - "access_level": "Write", - "resource_types": { - "ServiceProfile": { - "resource_type": "ServiceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteServiceProfile.html" - }, - "DeleteWirelessDevice": { - "privilege": "DeleteWirelessDevice", - "description": "Grants permission to delete a WirelessDevice", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessDevice.html" - }, - "DeleteWirelessGateway": { - "privilege": "DeleteWirelessGateway", - "description": "Grants permission to delete a WirelessGateway", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessGateway.html" - }, - "DeleteWirelessGatewayTask": { - "privilege": "DeleteWirelessGatewayTask", - "description": "Grants permission to delete task for a given WirelessGateway", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessGatewayTask.html" - }, - "DeleteWirelessGatewayTaskDefinition": { - "privilege": "DeleteWirelessGatewayTaskDefinition", - "description": "Grants permission to delete a WirelessGateway task definition", - "access_level": "Write", - "resource_types": { - "WirelessGatewayTaskDefinition": { - "resource_type": "WirelessGatewayTaskDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessGatewayTaskDefinition.html" - }, - "DisassociateAwsAccountFromPartnerAccount": { - "privilege": "DisassociateAwsAccountFromPartnerAccount", - "description": "Grants permission to disassociate an AWS account from a partner account", - "access_level": "Write", - "resource_types": { - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateAwsAccountFromPartnerAccount.html" - }, - "DisassociateMulticastGroupFromFuotaTask": { - "privilege": "DisassociateMulticastGroupFromFuotaTask", - "description": "Grants permission to disassociate the MulticastGroup from FuotaTask", - "access_level": "Write", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateMulticastGroupFromFuotaTask.html" - }, - "DisassociateWirelessDeviceFromFuotaTask": { - "privilege": "DisassociateWirelessDeviceFromFuotaTask", - "description": "Grants permission to disassociate the wireless device from FuotaTask", - "access_level": "Write", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessDeviceFromFuotaTask.html" - }, - "DisassociateWirelessDeviceFromMulticastGroup": { - "privilege": "DisassociateWirelessDeviceFromMulticastGroup", - "description": "Grants permission to disassociate the wireless device from MulticastGroup", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessDeviceFromMulticastGroup.html" - }, - "DisassociateWirelessDeviceFromThing": { - "privilege": "DisassociateWirelessDeviceFromThing", - "description": "Grants permission to disassociate a wireless device from a AWS IoT thing", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeThing" - ] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessDeviceFromThing.html" - }, - "DisassociateWirelessGatewayFromCertificate": { - "privilege": "DisassociateWirelessGatewayFromCertificate", - "description": "Grants permission to disassociate a WirelessGateway from a IoT Core Identity certificate", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "cert": { - "resource_type": "cert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessGatewayFromCertificate.html" - }, - "DisassociateWirelessGatewayFromThing": { - "privilege": "DisassociateWirelessGatewayFromThing", - "description": "Grants permission to disassociate a WirelessGateway from a IoT Core thing", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeThing" - ] - }, - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessGatewayFromThing.html" - }, - "GetDestination": { - "privilege": "GetDestination", - "description": "Grants permission to get the Destination", - "access_level": "Read", - "resource_types": { - "Destination": { - "resource_type": "Destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetDestination.html" - }, - "GetDeviceProfile": { - "privilege": "GetDeviceProfile", - "description": "Grants permission to get the DeviceProfile", - "access_level": "Read", - "resource_types": { - "DeviceProfile": { - "resource_type": "DeviceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetDeviceProfile.html" - }, - "GetEventConfigurationByResourceTypes": { - "privilege": "GetEventConfigurationByResourceTypes", - "description": "Grants permission to get event configuration by resource types", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetEventConfigurationByResourceTypes.html" - }, - "GetFuotaTask": { - "privilege": "GetFuotaTask", - "description": "Grants permission to get the FuotaTask", - "access_level": "Read", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetFuotaTask.html" - }, - "GetLogLevelsByResourceTypes": { - "privilege": "GetLogLevelsByResourceTypes", - "description": "Grants permission to get log levels by resource types", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetLogLevelsByResourceTypes.html" - }, - "GetMulticastGroup": { - "privilege": "GetMulticastGroup", - "description": "Grants permission to get the MulticastGroup", - "access_level": "Read", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetMulticastGroup.html" - }, - "GetMulticastGroupSession": { - "privilege": "GetMulticastGroupSession", - "description": "Grants permission to get the MulticastGroup session", - "access_level": "Read", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetMulticastGroupSession.html" - }, - "GetNetworkAnalyzerConfiguration": { - "privilege": "GetNetworkAnalyzerConfiguration", - "description": "Grants permission to get the NetworkAnalyzerConfiguration", - "access_level": "Read", - "resource_types": { - "NetworkAnalyzerConfiguration": { - "resource_type": "NetworkAnalyzerConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetNetworkAnalyzerConfiguration.html" - }, - "GetPartnerAccount": { - "privilege": "GetPartnerAccount", - "description": "Grants permission to get the associated PartnerAccount", - "access_level": "Read", - "resource_types": { - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPartnerAccount.html" - }, - "GetPosition": { - "privilege": "GetPosition", - "description": "Grants permission to get position for a given resource", - "access_level": "Read", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPosition.html" - }, - "GetPositionConfiguration": { - "privilege": "GetPositionConfiguration", - "description": "Grants permission to get position configuration for a given resource", - "access_level": "Read", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPositionConfiguration.html" - }, - "GetPositionEstimate": { - "privilege": "GetPositionEstimate", - "description": "Grants permission to get position estimate", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPositionEstimate.html" - }, - "GetResourceEventConfiguration": { - "privilege": "GetResourceEventConfiguration", - "description": "Grants permission to get an event configuration for an identifier", - "access_level": "Read", - "resource_types": { - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetResourceEventConfiguration.html" - }, - "GetResourceLogLevel": { - "privilege": "GetResourceLogLevel", - "description": "Grants permission to get resource log level", - "access_level": "Read", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetResourceLogLevel.html" - }, - "GetResourcePosition": { - "privilege": "GetResourcePosition", - "description": "Grants permission to get position for a given resource", - "access_level": "Read", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetResourcePosition.html" - }, - "GetServiceEndpoint": { - "privilege": "GetServiceEndpoint", - "description": "Grants permission to retrieve the customer account specific endpoint for CUPS protocol connection or LoRaWAN Network Server (LNS) protocol connection, and optionally server trust certificate in PEM format", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetServiceEndpoint.html" - }, - "GetServiceProfile": { - "privilege": "GetServiceProfile", - "description": "Grants permission to get the ServiceProfile", - "access_level": "Read", - "resource_types": { - "ServiceProfile": { - "resource_type": "ServiceProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetServiceProfile.html" - }, - "GetWirelessDevice": { - "privilege": "GetWirelessDevice", - "description": "Grants permission to get the WirelessDevice", - "access_level": "Read", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessDevice.html" - }, - "GetWirelessDeviceStatistics": { - "privilege": "GetWirelessDeviceStatistics", - "description": "Grants permission to get statistics info for a given WirelessDevice", - "access_level": "Read", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessDeviceStatistics.html" - }, - "GetWirelessGateway": { - "privilege": "GetWirelessGateway", - "description": "Grants permission to get the WirelessGateway", - "access_level": "Read", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGateway.html" - }, - "GetWirelessGatewayCertificate": { - "privilege": "GetWirelessGatewayCertificate", - "description": "Grants permission to get the IoT Core Identity certificate id associated with the WirelessGateway", - "access_level": "Read", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayCertificate.html" - }, - "GetWirelessGatewayFirmwareInformation": { - "privilege": "GetWirelessGatewayFirmwareInformation", - "description": "Grants permission to get Current firmware version and other information for the WirelessGateway", - "access_level": "Read", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayFirmwareInformation.html" - }, - "GetWirelessGatewayStatistics": { - "privilege": "GetWirelessGatewayStatistics", - "description": "Grants permission to get statistics info for a given WirelessGateway", - "access_level": "Read", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayStatistics.html" - }, - "GetWirelessGatewayTask": { - "privilege": "GetWirelessGatewayTask", - "description": "Grants permission to get the task for a given WirelessGateway", - "access_level": "Read", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayTask.html" - }, - "GetWirelessGatewayTaskDefinition": { - "privilege": "GetWirelessGatewayTaskDefinition", - "description": "Grants permission to get the given WirelessGateway task definition", - "access_level": "Read", - "resource_types": { - "WirelessGatewayTaskDefinition": { - "resource_type": "WirelessGatewayTaskDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayTaskDefinition.html" - }, - "ListDestinations": { - "privilege": "ListDestinations", - "description": "Grants permission to list information of available Destinations based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListDestinations.html" - }, - "ListDeviceProfiles": { - "privilege": "ListDeviceProfiles", - "description": "Grants permission to list information of available DeviceProfiles based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListDeviceProfiles.html" - }, - "ListEventConfigurations": { - "privilege": "ListEventConfigurations", - "description": "Grants permission to list information of available event configurations based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListEventConfigurations.html" - }, - "ListFuotaTasks": { - "privilege": "ListFuotaTasks", - "description": "Grants permission to list information of available FuotaTasks based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListFuotaTasks.html" - }, - "ListMulticastGroups": { - "privilege": "ListMulticastGroups", - "description": "Grants permission to list information of available MulticastGroups based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListMulticastGroups.html" - }, - "ListMulticastGroupsByFuotaTask": { - "privilege": "ListMulticastGroupsByFuotaTask", - "description": "Grants permission to list information of available MulticastGroups by FuotaTask based on the AWS account", - "access_level": "Read", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListMulticastGroupsByFuotaTask.html" - }, - "ListNetworkAnalyzerConfigurations": { - "privilege": "ListNetworkAnalyzerConfigurations", - "description": "Grants permission to list information of available NetworkAnalyzerConfigurations based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListNetworkAnalyzerConfigurations.html" - }, - "ListPartnerAccounts": { - "privilege": "ListPartnerAccounts", - "description": "Grants permission to list the available partner accounts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListPartnerAccounts.html" - }, - "ListPositionConfigurations": { - "privilege": "ListPositionConfigurations", - "description": "Grants permission to list information of available position configurations based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListPositionConfigurations.html" - }, - "ListQueuedMessages": { - "privilege": "ListQueuedMessages", - "description": "Grants permission to list the Queued Messages", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListQueuedMessages.html" - }, - "ListServiceProfiles": { - "privilege": "ListServiceProfiles", - "description": "Grants permission to list information of available ServiceProfiles based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListServiceProfiles.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for a given resource", - "access_level": "Read", - "resource_types": { - "Destination": { - "resource_type": "Destination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DeviceProfile": { - "resource_type": "DeviceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FuotaTask": { - "resource_type": "FuotaTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "NetworkAnalyzerConfiguration": { - "resource_type": "NetworkAnalyzerConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceProfile": { - "resource_type": "ServiceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGatewayTaskDefinition": { - "resource_type": "WirelessGatewayTaskDefinition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListTagsForResource.html" - }, - "ListWirelessDevices": { - "privilege": "ListWirelessDevices", - "description": "Grants permission to list information of available WirelessDevices based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessDevices.html" - }, - "ListWirelessGatewayTaskDefinitions": { - "privilege": "ListWirelessGatewayTaskDefinitions", - "description": "Grants permission to list information of available WirelessGateway task definitions based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessGatewayTaskDefinitions.html" - }, - "ListWirelessGateways": { - "privilege": "ListWirelessGateways", - "description": "Grants permission to list information of available WirelessGateways based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessGateways.html" - }, - "PutPositionConfiguration": { - "privilege": "PutPositionConfiguration", - "description": "Grants permission to put position configuration for a given resource", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_PutPositionConfiguration.html" - }, - "PutResourceLogLevel": { - "privilege": "PutResourceLogLevel", - "description": "Grants permission to put resource log level", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_PutResourceLogLevel.html" - }, - "ResetAllResourceLogLevels": { - "privilege": "ResetAllResourceLogLevels", - "description": "Grants permission to reset all resource log levels", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ResetAllResourceLogLevels.html" - }, - "ResetResourceLogLevel": { - "privilege": "ResetResourceLogLevel", - "description": "Grants permission to reset resource log level", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ResetResourceLogLevel.html" - }, - "SendDataToMulticastGroup": { - "privilege": "SendDataToMulticastGroup", - "description": "Grants permission to send data to the MulticastGroup", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_SendDataToMulticastGroup.html" - }, - "SendDataToWirelessDevice": { - "privilege": "SendDataToWirelessDevice", - "description": "Grants permission to send the decrypted application data frame to the target device", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_SendDataToWirelessDevice.html" - }, - "StartBulkAssociateWirelessDeviceWithMulticastGroup": { - "privilege": "StartBulkAssociateWirelessDeviceWithMulticastGroup", - "description": "Grants permission to associate the WirelessDevices with MulticastGroup", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartBulkAssociateWirelessDeviceWithMulticastGroup.html" - }, - "StartBulkDisassociateWirelessDeviceFromMulticastGroup": { - "privilege": "StartBulkDisassociateWirelessDeviceFromMulticastGroup", - "description": "Grants permission to bulk disassociate the WirelessDevices from MulticastGroup", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartBulkDisassociateWirelessDeviceFromMulticastGroup.html" - }, - "StartFuotaTask": { - "privilege": "StartFuotaTask", - "description": "Grants permission to start the FuotaTask", - "access_level": "Write", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartFuotaTask.html" - }, - "StartMulticastGroupSession": { - "privilege": "StartMulticastGroupSession", - "description": "Grants permission to start the MulticastGroup session", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartMulticastGroupSession.html" - }, - "StartNetworkAnalyzerStream": { - "privilege": "StartNetworkAnalyzerStream", - "description": "Grants permission to start NetworkAnalyzer stream", - "access_level": "Write", - "resource_types": { - "NetworkAnalyzerConfiguration": { - "resource_type": "NetworkAnalyzerConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/connect-iot-lorawan-network-analyzer-api.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a given resource", - "access_level": "Tagging", - "resource_types": { - "Destination": { - "resource_type": "Destination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DeviceProfile": { - "resource_type": "DeviceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FuotaTask": { - "resource_type": "FuotaTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "NetworkAnalyzerConfiguration": { - "resource_type": "NetworkAnalyzerConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceProfile": { - "resource_type": "ServiceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDeviceImportTask": { - "resource_type": "WirelessDeviceImportTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGatewayTaskDefinition": { - "resource_type": "WirelessGatewayTaskDefinition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_TagResource.html" - }, - "TestWirelessDevice": { - "privilege": "TestWirelessDevice", - "description": "Grants permission to simulate a provisioned device to send an uplink data with payload of 'Hello'", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_TestWirelessDevice.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the given tags from the resource", - "access_level": "Tagging", - "resource_types": { - "Destination": { - "resource_type": "Destination", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "DeviceProfile": { - "resource_type": "DeviceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FuotaTask": { - "resource_type": "FuotaTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "NetworkAnalyzerConfiguration": { - "resource_type": "NetworkAnalyzerConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "ServiceProfile": { - "resource_type": "ServiceProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDeviceImportTask": { - "resource_type": "WirelessDeviceImportTask", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGatewayTaskDefinition": { - "resource_type": "WirelessGatewayTaskDefinition", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UntagResource.html" - }, - "UpdateDestination": { - "privilege": "UpdateDestination", - "description": "Grants permission to update a Destination resource", - "access_level": "Write", - "resource_types": { - "Destination": { - "resource_type": "Destination", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateDestination.html" - }, - "UpdateEventConfigurationByResourceTypes": { - "privilege": "UpdateEventConfigurationByResourceTypes", - "description": "Grants permission to update event configuration by resource types", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateEventConfigurationByResourceTypes.html" - }, - "UpdateFuotaTask": { - "privilege": "UpdateFuotaTask", - "description": "Grants permission to update the FuotaTask", - "access_level": "Write", - "resource_types": { - "FuotaTask": { - "resource_type": "FuotaTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateFuotaTask.html" - }, - "UpdateLogLevelsByResourceTypes": { - "privilege": "UpdateLogLevelsByResourceTypes", - "description": "Grants permission to update log levels by resource types", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateLogLevelsByResourceTypes.html" - }, - "UpdateMulticastGroup": { - "privilege": "UpdateMulticastGroup", - "description": "Grants permission to update the MulticastGroup", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateMulticastGroup.html" - }, - "UpdateNetworkAnalyzerConfiguration": { - "privilege": "UpdateNetworkAnalyzerConfiguration", - "description": "Grants permission to update the NetworkAnalyzerConfiguration", - "access_level": "Write", - "resource_types": { - "MulticastGroup": { - "resource_type": "MulticastGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "NetworkAnalyzerConfiguration": { - "resource_type": "NetworkAnalyzerConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateNetworkAnalyzerConfiguration.html" - }, - "UpdatePartnerAccount": { - "privilege": "UpdatePartnerAccount", - "description": "Grants permission to update a partner account", - "access_level": "Write", - "resource_types": { - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdatePartnerAccount.html" - }, - "UpdatePosition": { - "privilege": "UpdatePosition", - "description": "Grants permission to update position for a given resource", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdatePosition.html" - }, - "UpdateResourceEventConfiguration": { - "privilege": "UpdateResourceEventConfiguration", - "description": "Grants permission to update an event configuration for an identifier", - "access_level": "Write", - "resource_types": { - "SidewalkAccount": { - "resource_type": "SidewalkAccount", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateResourceEventConfiguration.html" - }, - "UpdateResourcePosition": { - "privilege": "UpdateResourcePosition", - "description": "Grants permission to update position for a given resource", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateResourcePosition.html" - }, - "UpdateWirelessDevice": { - "privilege": "UpdateWirelessDevice", - "description": "Grants permission to update a WirelessDevice resource", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateWirelessDevice.html" - }, - "UpdateWirelessGateway": { - "privilege": "UpdateWirelessGateway", - "description": "Grants permission to update a WirelessGateway resource", - "access_level": "Write", - "resource_types": { - "WirelessGateway": { - "resource_type": "WirelessGateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateWirelessGateway.html" - }, - "DeleteWirelessDeviceImportTask": { - "privilege": "DeleteWirelessDeviceImportTask", - "description": "Grants permission to delete the wireless device import task", - "access_level": "Write", - "resource_types": { - "WirelessDeviceImportTask": { - "resource_type": "WirelessDeviceImportTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessDeviceImportTask.html" - }, - "DeregisterWirelessDevice": { - "privilege": "DeregisterWirelessDevice", - "description": "Grants permission to deregister wireless device", - "access_level": "Write", - "resource_types": { - "WirelessDevice": { - "resource_type": "WirelessDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeregisterWirelessDevice.html" - }, - "GetWirelessDeviceImportTask": { - "privilege": "GetWirelessDeviceImportTask", - "description": "Grants permission to get the wireless device import task", - "access_level": "Read", - "resource_types": { - "WirelessDeviceImportTask": { - "resource_type": "WirelessDeviceImportTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessDeviceImportTask.html" - }, - "ListDevicesForWirelessDeviceImportTask": { - "privilege": "ListDevicesForWirelessDeviceImportTask", - "description": "Grants permission to list information of devices by wireless device import task based on the AWS account", - "access_level": "Read", - "resource_types": { - "WirelessDeviceImportTask": { - "resource_type": "WirelessDeviceImportTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListDevicesForWirelessDeviceImportTask.html" - }, - "ListWirelessDeviceImportTasks": { - "privilege": "ListWirelessDeviceImportTasks", - "description": "Grants permission to list wireless device import tasks information of based on the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessDeviceImportTasks.html" - }, - "StartSingleWirelessDeviceImportTask": { - "privilege": "StartSingleWirelessDeviceImportTask", - "description": "Grants permission to start the single wireless device import task", - "access_level": "Write", - "resource_types": { - "WirelessDeviceImportTask": { - "resource_type": "WirelessDeviceImportTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartSingleWirelessDeviceImportTask.html" - }, - "StartWirelessDeviceImportTask": { - "privilege": "StartWirelessDeviceImportTask", - "description": "Grants permission to start the wireless device import task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartWirelessDeviceImportTask.html" - }, - "UpdateWirelessDeviceImportTask": { - "privilege": "UpdateWirelessDeviceImportTask", - "description": "Grants permission to update a wireless device import task", - "access_level": "Write", - "resource_types": { - "WirelessDeviceImportTask": { - "resource_type": "WirelessDeviceImportTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateWirelessDeviceImportTask.html" - } - }, - "resources": { - "WirelessDevice": { - "resource": "WirelessDevice", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessDevice/${WirelessDeviceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "WirelessGateway": { - "resource": "WirelessGateway", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessGateway/${WirelessGatewayId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "DeviceProfile": { - "resource": "DeviceProfile", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:DeviceProfile/${DeviceProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ServiceProfile": { - "resource": "ServiceProfile", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:ServiceProfile/${ServiceProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Destination": { - "resource": "Destination", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:Destination/${DestinationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "SidewalkAccount": { - "resource": "SidewalkAccount", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:SidewalkAccount/${SidewalkAccountId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "WirelessGatewayTaskDefinition": { - "resource": "WirelessGatewayTaskDefinition", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessGatewayTaskDefinition/${WirelessGatewayTaskDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "FuotaTask": { - "resource": "FuotaTask", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:FuotaTask/${FuotaTaskId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "MulticastGroup": { - "resource": "MulticastGroup", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:MulticastGroup/${MulticastGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "NetworkAnalyzerConfiguration": { - "resource": "NetworkAnalyzerConfiguration", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:NetworkAnalyzerConfiguration/${NetworkAnalyzerConfigurationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "thing": { - "resource": "thing", - "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", - "condition_keys": [] - }, - "cert": { - "resource": "cert", - "arn": "arn:${Partition}:iot:${Region}:${Account}:cert/${Certificate}", - "condition_keys": [] - }, - "WirelessDeviceImportTask": { - "resource": "WirelessDeviceImportTask", - "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessDeviceImportTask/${WirelessDeviceImportTaskId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key that is present in the request that the user makes to IoT Wireless", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key component of a tag attached to an IoT Wireless resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the list of all the tag key names associated with the resource in the request", - "type": "ArrayOfString" - } - } - }, - "iot-device-tester": { - "service_name": "AWS IoT Device Tester", - "prefix": "iot-device-tester", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotdevicetester.html", - "privileges": { - "CheckVersion": { - "privilege": "CheckVersion", - "description": "Grants permission to IoT Device Tester to check if a given set of product, test suite and device tester version are compatible", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" - }, - "DownloadTestSuite": { - "privilege": "DownloadTestSuite", - "description": "Grants permission to IoT Device Tester to download compatible test suite versions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" - }, - "LatestIdt": { - "privilege": "LatestIdt", - "description": "Grants permission to IoT Device Tester to get information on latest version of device tester available", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" - }, - "SendMetrics": { - "privilege": "SendMetrics", - "description": "Grants permission to IoT Device Tester to send usage metrics on your behalf", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" - }, - "SupportedVersion": { - "privilege": "SupportedVersion", - "description": "Grants permission to IoT Device Tester to get list of supported products and test suite versions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" - } - }, - "resources": {}, - "conditions": {} - }, - "iotevents": { - "service_name": "AWS IoT Events", - "prefix": "iotevents", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotevents.html", - "privileges": { - "BatchAcknowledgeAlarm": { - "privilege": "BatchAcknowledgeAlarm", - "description": "Grants permission to send one or more acknowledge action requests to AWS IoT Events", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchAcknowledgeAlarm.html" - }, - "BatchDeleteDetector": { - "privilege": "BatchDeleteDetector", - "description": "Grants permission to delete a detector instance within the AWS IoT Events system", - "access_level": "Write", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchDeleteDetector.html" - }, - "BatchDisableAlarm": { - "privilege": "BatchDisableAlarm", - "description": "Grants permission to disable one or more alarm instances", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchDisableAlarm.html" - }, - "BatchEnableAlarm": { - "privilege": "BatchEnableAlarm", - "description": "Grants permission to enable one or more alarm instances", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchEnableAlarm.html" - }, - "BatchPutMessage": { - "privilege": "BatchPutMessage", - "description": "Grants permission to send a set of messages to the AWS IoT Events system", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html" - }, - "BatchResetAlarm": { - "privilege": "BatchResetAlarm", - "description": "Grants permission to reset one or more alarm instances", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchResetAlarm.html" - }, - "BatchSnoozeAlarm": { - "privilege": "BatchSnoozeAlarm", - "description": "Grants permission to change one or more alarm instances to the snooze mode", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchSnoozeAlarm.html" - }, - "BatchUpdateDetector": { - "privilege": "BatchUpdateDetector", - "description": "Grants permission to update a detector instance within the AWS IoT Events system", - "access_level": "Write", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchUpdateDetector.html" - }, - "CreateAlarmModel": { - "privilege": "CreateAlarmModel", - "description": "Grants permission to create an alarm model to monitor an AWS IoT Events input attribute or an AWS IoT SiteWise asset property", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_CreateAlarmModel.html" - }, - "CreateDetectorModel": { - "privilege": "CreateDetectorModel", - "description": "Grants permission to create a detector model to monitor an AWS IoT Events input attribute", - "access_level": "Write", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_CreateDetectorModel.html" - }, - "CreateInput": { - "privilege": "CreateInput", - "description": "Grants permission to create an Input in IotEvents", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_CreateInput.html" - }, - "DeleteAlarmModel": { - "privilege": "DeleteAlarmModel", - "description": "Grants permission to delete an alarm model", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DeleteAlarmModel.html" - }, - "DeleteDetectorModel": { - "privilege": "DeleteDetectorModel", - "description": "Grants permission to delete a detector model", - "access_level": "Write", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DeleteDetectorModel.html" - }, - "DeleteInput": { - "privilege": "DeleteInput", - "description": "Grants permission to delete an input", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DeleteInput.html" - }, - "DescribeAlarm": { - "privilege": "DescribeAlarm", - "description": "Grants permission to retrieve information about an alarm instance", - "access_level": "Read", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_DescribeAlarm.html" - }, - "DescribeAlarmModel": { - "privilege": "DescribeAlarmModel", - "description": "Grants permission to retrieve information about an alarm model", - "access_level": "Read", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeAlarmModel.html" - }, - "DescribeDetector": { - "privilege": "DescribeDetector", - "description": "Grants permission to retriev information about a detector instance", - "access_level": "Read", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_DescribeDetector.html" - }, - "DescribeDetectorModel": { - "privilege": "DescribeDetectorModel", - "description": "Grants permission to retrieve information about a detector model", - "access_level": "Read", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeDetectorModel.html" - }, - "DescribeDetectorModelAnalysis": { - "privilege": "DescribeDetectorModelAnalysis", - "description": "Grants permission to retrieve the detector model analysis information", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeDetectorModelAnalysis.html" - }, - "DescribeInput": { - "privilege": "DescribeInput", - "description": "Grants permission to retrieve an information about Input", - "access_level": "Read", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeInput.html" - }, - "DescribeLoggingOptions": { - "privilege": "DescribeLoggingOptions", - "description": "Grants permission to retrieve the current settings of the AWS IoT Events logging options", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeLoggingOptions.html" - }, - "GetDetectorModelAnalysisResults": { - "privilege": "GetDetectorModelAnalysisResults", - "description": "Grants permission to retrieve the detector model analysis results", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_GetDetectorModelAnalysisResults.html" - }, - "ListAlarmModelVersions": { - "privilege": "ListAlarmModelVersions", - "description": "Grants permission to list all the versions of an alarm model", - "access_level": "List", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListAlarmModelVersions.html" - }, - "ListAlarmModels": { - "privilege": "ListAlarmModels", - "description": "Grants permission to list the alarm models that you created", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListAlarmModels.html" - }, - "ListAlarms": { - "privilege": "ListAlarms", - "description": "Grants permission to retrieve information about all alarm instances per alarmModel", - "access_level": "List", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_ListAlarms.html" - }, - "ListDetectorModelVersions": { - "privilege": "ListDetectorModelVersions", - "description": "Grants permission to list all the versions of a detector model", - "access_level": "List", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListDetectorModelVersions.html" - }, - "ListDetectorModels": { - "privilege": "ListDetectorModels", - "description": "Grants permission to list the detector models that you created", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListDetectorModels.html" - }, - "ListDetectors": { - "privilege": "ListDetectors", - "description": "Grants permission to retrieve information about all detector instances per detectormodel", - "access_level": "List", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_ListDetectors.html" - }, - "ListInputRoutings": { - "privilege": "ListInputRoutings", - "description": "Grants permission to list one or more input routings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListInputRoutings.html" - }, - "ListInputs": { - "privilege": "ListInputs", - "description": "Grants permission to lists the inputs you have created", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListInputs.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags (metadata) which you have assigned to the resource", - "access_level": "Read", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detectorModel": { - "resource_type": "detectorModel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input": { - "resource_type": "input", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListTagsForResource.html" - }, - "PutLoggingOptions": { - "privilege": "PutLoggingOptions", - "description": "Grants permission to set or update the AWS IoT Events logging options", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_PutLoggingOptions.html" - }, - "StartDetectorModelAnalysis": { - "privilege": "StartDetectorModelAnalysis", - "description": "Grants permission to start the detector model analysis", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_StartDetectorModelAnalysis.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to adds to or modifies the tags of the given resource.Tags are metadata which can be used to manage a resource", - "access_level": "Tagging", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detectorModel": { - "resource_type": "detectorModel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input": { - "resource_type": "input", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the given tags (metadata) from the resource", - "access_level": "Tagging", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "detectorModel": { - "resource_type": "detectorModel", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "input": { - "resource_type": "input", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UntagResource.html" - }, - "UpdateAlarmModel": { - "privilege": "UpdateAlarmModel", - "description": "Grants permission to update an alarm model", - "access_level": "Write", - "resource_types": { - "alarmModel": { - "resource_type": "alarmModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateAlarmModel.html" - }, - "UpdateDetectorModel": { - "privilege": "UpdateDetectorModel", - "description": "Grants permission to update a detector model", - "access_level": "Write", - "resource_types": { - "detectorModel": { - "resource_type": "detectorModel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateDetectorModel.html" - }, - "UpdateInput": { - "privilege": "UpdateInput", - "description": "Grants permission to update an input", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateInput.html" - }, - "UpdateInputRouting": { - "privilege": "UpdateInputRouting", - "description": "Grants permission to update input routing", - "access_level": "Write", - "resource_types": { - "input": { - "resource_type": "input", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateInputRouting.html" - } - }, - "resources": { - "detectorModel": { - "resource": "detectorModel", - "arn": "arn:${Partition}:iotevents:${Region}:${Account}:detectorModel/${DetectorModelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "alarmModel": { - "resource": "alarmModel", - "arn": "arn:${Partition}:iotevents:${Region}:${Account}:alarmModel/${AlarmModelName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "input": { - "resource": "input", - "arn": "arn:${Partition}:iotevents:${Region}:${Account}:input/${InputName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions by the tag keys in the request", - "type": "ArrayOfString" - }, - "iotevents:keyValue": { - "condition": "iotevents:keyValue", - "description": "Filters access by the instanceId (key-value) of the message", - "type": "String" - } - } - }, - "iotfleethub": { - "service_name": "AWS IoT Fleet Hub for Device Management", - "prefix": "iotfleethub", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleethubfordevicemanagement.html", - "privileges": { - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "sso:CreateManagedApplicationInstance", - "sso:DescribeRegisteredRegions" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_CreateApplication.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso:DeleteManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_DeleteApplication.html" - }, - "DescribeApplication": { - "privilege": "DescribeApplication", - "description": "Grants permission to describe an application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_DescribeApplication.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list all applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_ListApplications.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for a resource", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update an application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_UpdateApplication.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:iotfleethub:${Region}:${Account}:application/${ApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions by the tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "iotfleetwise": { - "service_name": "AWS IoT FleetWise", - "prefix": "iotfleetwise", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html", - "privileges": { - "AssociateVehicleFleet": { - "privilege": "AssociateVehicleFleet", - "description": "Grants permission to associate the given vehicle to a fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_AssociateVehicleFleet.html" - }, - "BatchCreateVehicle": { - "privilege": "BatchCreateVehicle", - "description": "Grants permission to create a batch of vehicles", - "access_level": "Write", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:CreateThing", - "iot:DescribeThing" - ] - }, - "modelmanifest": { - "resource_type": "modelmanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_BatchCreateVehicle.html" - }, - "BatchUpdateVehicle": { - "privilege": "BatchUpdateVehicle", - "description": "Grants permission to update a batch of vehicles", - "access_level": "Write", - "resource_types": { - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "decodermanifest": { - "resource_type": "decodermanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "modelmanifest": { - "resource_type": "modelmanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iotfleetwise:UpdateToModelManifestArn", - "iotfleetwise:UpdateToDecoderManifestArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_BatchUpdateVehicle.html" - }, - "CreateCampaign": { - "privilege": "CreateCampaign", - "description": "Grants permission to create a campaign", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "signalcatalog": { - "resource_type": "signalcatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "iotfleetwise:DestinationArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateCampaign.html" - }, - "CreateDecoderManifest": { - "privilege": "CreateDecoderManifest", - "description": "Grants permission to create a decoder manifest for an existing model", - "access_level": "Write", - "resource_types": { - "modelmanifest": { - "resource_type": "modelmanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateDecoderManifest.html" - }, - "CreateFleet": { - "privilege": "CreateFleet", - "description": "Grants permission to create a fleet", - "access_level": "Write", - "resource_types": { - "signalcatalog": { - "resource_type": "signalcatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateFleet.html" - }, - "CreateModelManifest": { - "privilege": "CreateModelManifest", - "description": "Grants permission to create a model manifest definition", - "access_level": "Write", - "resource_types": { - "signalcatalog": { - "resource_type": "signalcatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateModelManifest.html" - }, - "CreateSignalCatalog": { - "privilege": "CreateSignalCatalog", - "description": "Grants permission to create a signal catalog", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateSignalCatalog.html" - }, - "CreateVehicle": { - "privilege": "CreateVehicle", - "description": "Grants permission to create a vehicle", - "access_level": "Write", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:CreateThing", - "iot:DescribeThing" - ] - }, - "modelmanifest": { - "resource_type": "modelmanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateVehicle.html" - }, - "DeleteCampaign": { - "privilege": "DeleteCampaign", - "description": "Grants permission to delete a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteCampaign.html" - }, - "DeleteDecoderManifest": { - "privilege": "DeleteDecoderManifest", - "description": "Grants permission to delete the given decoder manifest", - "access_level": "Write", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteDecoderManifest.html" - }, - "DeleteFleet": { - "privilege": "DeleteFleet", - "description": "Grants permission to delete a fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteFleet.html" - }, - "DeleteModelManifest": { - "privilege": "DeleteModelManifest", - "description": "Grants permission to delete the given model manifest", - "access_level": "Write", - "resource_types": { - "modelmanifest": { - "resource_type": "modelmanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteModelManifest.html" - }, - "DeleteSignalCatalog": { - "privilege": "DeleteSignalCatalog", - "description": "Grants permission to delete a specific signal catalog", - "access_level": "Write", - "resource_types": { - "signalcatalog": { - "resource_type": "signalcatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteSignalCatalog.html" - }, - "DeleteVehicle": { - "privilege": "DeleteVehicle", - "description": "Grants permission to delete a vehicle", - "access_level": "Write", - "resource_types": { - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteVehicle.html" - }, - "DisassociateVehicleFleet": { - "privilege": "DisassociateVehicleFleet", - "description": "Grants permission to disassociate a vehicle from an existing fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DisassociateVehicleFleet.html" - }, - "GetCampaign": { - "privilege": "GetCampaign", - "description": "Grants permission to get summary information for a given campaign", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetCampaign.html" - }, - "GetDecoderManifest": { - "privilege": "GetDecoderManifest", - "description": "Grants permission to get summary information for a given decoder manifest definition", - "access_level": "Read", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetDecoderManifest.html" - }, - "GetFleet": { - "privilege": "GetFleet", - "description": "Grants permission to get summary information for a fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetFleet.html" - }, - "GetLoggingOptions": { - "privilege": "GetLoggingOptions", - "description": "Grants permission to get the logging options for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetLoggingOptions.html" - }, - "GetModelManifest": { - "privilege": "GetModelManifest", - "description": "Grants permission to get summary information for a given model manifest definition", - "access_level": "Read", - "resource_types": { - "modelmanifest": { - "resource_type": "modelmanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetModelManifest.html" - }, - "GetRegisterAccountStatus": { - "privilege": "GetRegisterAccountStatus", - "description": "Grants permission to get the account registration status with IoT FleetWise", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetRegisterAccountStatus.html" - }, - "GetSignalCatalog": { - "privilege": "GetSignalCatalog", - "description": "Grants permission to get summary information for a specific signal catalog", - "access_level": "Read", - "resource_types": { - "signalcatalog": { - "resource_type": "signalcatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetSignalCatalog.html" - }, - "GetVehicle": { - "privilege": "GetVehicle", - "description": "Grants permission to get summary information for a vehicle", - "access_level": "Read", - "resource_types": { - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetVehicle.html" - }, - "GetVehicleStatus": { - "privilege": "GetVehicleStatus", - "description": "Grants permission to get the status of the campaigns running on a specific vehicle", - "access_level": "Read", - "resource_types": { - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetVehicleStatus.html" - }, - "ImportDecoderManifest": { - "privilege": "ImportDecoderManifest", - "description": "Grants permission to import an existing decoder manifest", - "access_level": "Write", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ImportDecoderManifest.html" - }, - "ImportSignalCatalog": { - "privilege": "ImportSignalCatalog", - "description": "Grants permission to create a signal catalog by importing existing definitions", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ImportSignalCatalog.html" - }, - "ListCampaigns": { - "privilege": "ListCampaigns", - "description": "Grants permission to list campaigns", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListCampaigns.html" - }, - "ListDecoderManifestNetworkInterfaces": { - "privilege": "ListDecoderManifestNetworkInterfaces", - "description": "Grants permission to list network interfaces associated to the existing decoder manifest", - "access_level": "List", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifestNetworkInterfaces.html" - }, - "ListDecoderManifestSignals": { - "privilege": "ListDecoderManifestSignals", - "description": "Grants permission to list decoder manifest signals", - "access_level": "List", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifestSignals.html" - }, - "ListDecoderManifests": { - "privilege": "ListDecoderManifests", - "description": "Grants permission to list all decoder manifests, with an optional filter on model manifest", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifests.html" - }, - "ListFleets": { - "privilege": "ListFleets", - "description": "Grants permission to list all fleets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListFleets.html" - }, - "ListFleetsForVehicle": { - "privilege": "ListFleetsForVehicle", - "description": "Grants permission to list all the fleets that the given vehicle is associated with", - "access_level": "Read", - "resource_types": { - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListFleetsForVehicle.html" - }, - "ListModelManifestNodes": { - "privilege": "ListModelManifestNodes", - "description": "Grants permission to list all nodes for the given model manifest", - "access_level": "List", - "resource_types": { - "modelmanifest": { - "resource_type": "modelmanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListModelManifestNodes.html" - }, - "ListModelManifests": { - "privilege": "ListModelManifests", - "description": "Grants permission to list all model manifests, with an optional filter on signal catalog", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListModelManifests.html" - }, - "ListSignalCatalogNodes": { - "privilege": "ListSignalCatalogNodes", - "description": "Grants permission to list all nodes for a given signal catalog", - "access_level": "Read", - "resource_types": { - "signalcatalog": { - "resource_type": "signalcatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListSignalCatalogNodes.html" - }, - "ListSignalCatalogs": { - "privilege": "ListSignalCatalogs", - "description": "Grants permission to list all signal catalogs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListSignalCatalogs.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "decodermanifest": { - "resource_type": "decodermanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "modelmanifest": { - "resource_type": "modelmanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "signalcatalog": { - "resource_type": "signalcatalog", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vehicle": { - "resource_type": "vehicle", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListTagsForResource.html" - }, - "ListVehicles": { - "privilege": "ListVehicles", - "description": "Grants permission to list all vehicles, with an optional filter on model manifest", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListVehicles.html" - }, - "ListVehiclesInFleet": { - "privilege": "ListVehiclesInFleet", - "description": "Grants permission to list vehicles in the given fleet", - "access_level": "Read", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListVehiclesInFleet.html" - }, - "PutLoggingOptions": { - "privilege": "PutLoggingOptions", - "description": "Grants permission to put the logging options for the AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_PutLoggingOptions.html" - }, - "RegisterAccount": { - "privilege": "RegisterAccount", - "description": "Grants permission to register an AWS account to IoT FleetWise", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_RegisterAccount.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "decodermanifest": { - "resource_type": "decodermanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "modelmanifest": { - "resource_type": "modelmanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "signalcatalog": { - "resource_type": "signalcatalog", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vehicle": { - "resource_type": "vehicle", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "decodermanifest": { - "resource_type": "decodermanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "fleet": { - "resource_type": "fleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "modelmanifest": { - "resource_type": "modelmanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "signalcatalog": { - "resource_type": "signalcatalog", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "vehicle": { - "resource_type": "vehicle", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UntagResource.html" - }, - "UpdateCampaign": { - "privilege": "UpdateCampaign", - "description": "Grants permission to update the given campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateCampaign.html" - }, - "UpdateDecoderManifest": { - "privilege": "UpdateDecoderManifest", - "description": "Grants permission to update a decoder manifest defnition", - "access_level": "Write", - "resource_types": { - "decodermanifest": { - "resource_type": "decodermanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateDecoderManifest.html" - }, - "UpdateFleet": { - "privilege": "UpdateFleet", - "description": "Grants permission to update the fleet", - "access_level": "Write", - "resource_types": { - "fleet": { - "resource_type": "fleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateFleet.html" - }, - "UpdateModelManifest": { - "privilege": "UpdateModelManifest", - "description": "Grants permission to update the given model manifest definition", - "access_level": "Write", - "resource_types": { - "modelmanifest": { - "resource_type": "modelmanifest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateModelManifest.html" - }, - "UpdateSignalCatalog": { - "privilege": "UpdateSignalCatalog", - "description": "Grants permission to update a specific signal catalog definition", - "access_level": "Write", - "resource_types": { - "signalcatalog": { - "resource_type": "signalcatalog", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateSignalCatalog.html" - }, - "UpdateVehicle": { - "privilege": "UpdateVehicle", - "description": "Grants permission to update the vehicle", - "access_level": "Write", - "resource_types": { - "vehicle": { - "resource_type": "vehicle", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "decodermanifest": { - "resource_type": "decodermanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "modelmanifest": { - "resource_type": "modelmanifest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iotfleetwise:UpdateToModelManifestArn", - "iotfleetwise:UpdateToDecoderManifestArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateVehicle.html" - } - }, - "resources": { - "campaign": { - "resource": "campaign", - "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:campaign/${CampaignName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "decodermanifest": { - "resource": "decodermanifest", - "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:decoder-manifest/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "fleet": { - "resource": "fleet", - "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:fleet/${FleetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "modelmanifest": { - "resource": "modelmanifest", - "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:model-manifest/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "signalcatalog": { - "resource": "signalcatalog", - "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:signal-catalog/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "vehicle": { - "resource": "vehicle", - "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:vehicle/${VehicleId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "iotfleetwise:DestinationArn": { - "condition": "iotfleetwise:DestinationArn", - "description": "Filters access by campaign destination ARN, eg. an S3 bucket ARN or a Timestream ARN", - "type": "String" - }, - "iotfleetwise:UpdateToDecoderManifestArn": { - "condition": "iotfleetwise:UpdateToDecoderManifestArn", - "description": "Filters access by a list of IoT FleetWise Decoder Manifest ARNs", - "type": "String" - }, - "iotfleetwise:UpdateToModelManifestArn": { - "condition": "iotfleetwise:UpdateToModelManifestArn", - "description": "Filters access by a list of IoT FleetWise Model Manifest ARNs", - "type": "String" - } - } - }, - "greengrass": { - "service_name": "AWS IoT Greengrass", - "prefix": "greengrass", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotgreengrass.html", - "privileges": { - "AssociateRoleToGroup": { - "privilege": "AssociateRoleToGroup", - "description": "Grants permission to associate a role with a group. The role's permissions must allow Greengrass core Lambda functions and connectors to perform actions in other AWS services", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/associateroletogroup-put.html" - }, - "AssociateServiceRoleToAccount": { - "privilege": "AssociateServiceRoleToAccount", - "description": "Grants permission to associate a role with your account. AWS IoT Greengrass uses this role to access your Lambda functions and AWS IoT resources", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_AssociateServiceRoleToAccount.html" - }, - "CreateConnectorDefinition": { - "privilege": "CreateConnectorDefinition", - "description": "Grants permission to create a connector definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createconnectordefinition-post.html" - }, - "CreateConnectorDefinitionVersion": { - "privilege": "CreateConnectorDefinitionVersion", - "description": "Grants permission to create a version of an existing connector definition", - "access_level": "Write", - "resource_types": { - "connectorDefinition": { - "resource_type": "connectorDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createconnectordefinitionversion-post.html" - }, - "CreateCoreDefinition": { - "privilege": "CreateCoreDefinition", - "description": "Grants permission to create a core definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createcoredefinition-post.html" - }, - "CreateCoreDefinitionVersion": { - "privilege": "CreateCoreDefinitionVersion", - "description": "Grants permission to create a version of an existing core definition. Greengrass groups must each contain exactly one Greengrass core", - "access_level": "Write", - "resource_types": { - "coreDefinition": { - "resource_type": "coreDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createcoredefinitionversion-post.html" - }, - "CreateDeployment": { - "privilege": "CreateDeployment", - "description": "Grants permission to create a deployment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iot:CancelJob", - "iot:CreateJob", - "iot:DeleteThingShadow", - "iot:DescribeJob", - "iot:DescribeThing", - "iot:DescribeThingGroup", - "iot:GetThingShadow", - "iot:UpdateJob", - "iot:UpdateThingShadow" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_CreateDeployment.html" - }, - "CreateDeviceDefinition": { - "privilege": "CreateDeviceDefinition", - "description": "Grants permission to create a device definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createdevicedefinition-post.html" - }, - "CreateDeviceDefinitionVersion": { - "privilege": "CreateDeviceDefinitionVersion", - "description": "Grants permission to create a version of an existing device definition", - "access_level": "Write", - "resource_types": { - "deviceDefinition": { - "resource_type": "deviceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createdevicedefinitionversion-post.html" - }, - "CreateFunctionDefinition": { - "privilege": "CreateFunctionDefinition", - "description": "Grants permission to create a Lambda function definition to be used in a group that contains a list of Lambda functions and their configurations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createfunctiondefinition-post.html" - }, - "CreateFunctionDefinitionVersion": { - "privilege": "CreateFunctionDefinitionVersion", - "description": "Grants permission to create a version of an existing Lambda function definition", - "access_level": "Write", - "resource_types": { - "functionDefinition": { - "resource_type": "functionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createfunctiondefinitionversion-post.html" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/creategroup-post.html" - }, - "CreateGroupCertificateAuthority": { - "privilege": "CreateGroupCertificateAuthority", - "description": "Grants permission to create a CA for the group, or rotate the existing CA", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/creategroupcertificateauthority-post.html" - }, - "CreateGroupVersion": { - "privilege": "CreateGroupVersion", - "description": "Grants permission to create a version of a group that has already been defined", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/creategroupversion-post.html" - }, - "CreateLoggerDefinition": { - "privilege": "CreateLoggerDefinition", - "description": "Grants permission to create a logger definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createloggerdefinition-post.html" - }, - "CreateLoggerDefinitionVersion": { - "privilege": "CreateLoggerDefinitionVersion", - "description": "Grants permission to create a version of an existing logger definition", - "access_level": "Write", - "resource_types": { - "loggerDefinition": { - "resource_type": "loggerDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createloggerdefinitionversion-post.html" - }, - "CreateResourceDefinition": { - "privilege": "CreateResourceDefinition", - "description": "Grants permission to create a resource definition that contains a list of resources to be used in a group", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createresourcedefinition-post.html" - }, - "CreateResourceDefinitionVersion": { - "privilege": "CreateResourceDefinitionVersion", - "description": "Grants permission to create a version of an existing resource definition", - "access_level": "Write", - "resource_types": { - "resourceDefinition": { - "resource_type": "resourceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createresourcedefinitionversion-post.html" - }, - "CreateSoftwareUpdateJob": { - "privilege": "CreateSoftwareUpdateJob", - "description": "Grants permission to create an AWS IoT job that will trigger your Greengrass cores to update the software they are running", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createsoftwareupdatejob-post.html" - }, - "CreateSubscriptionDefinition": { - "privilege": "CreateSubscriptionDefinition", - "description": "Grants permission to create a subscription definition", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createsubscriptiondefinition-post.html" - }, - "CreateSubscriptionDefinitionVersion": { - "privilege": "CreateSubscriptionDefinitionVersion", - "description": "Grants permission to create a version of an existing subscription definition", - "access_level": "Write", - "resource_types": { - "subscriptionDefinition": { - "resource_type": "subscriptionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createsubscriptiondefinitionversion-post.html" - }, - "DeleteConnectorDefinition": { - "privilege": "DeleteConnectorDefinition", - "description": "Grants permission to delete a connector definition", - "access_level": "Write", - "resource_types": { - "connectorDefinition": { - "resource_type": "connectorDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deleteconnectordefinition-delete.html" - }, - "DeleteCoreDefinition": { - "privilege": "DeleteCoreDefinition", - "description": "Grants permission to delete a core definition. Deleting a definition that is currently in use in a deployment affects future deployments", - "access_level": "Write", - "resource_types": { - "coreDefinition": { - "resource_type": "coreDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletecoredefinition-delete.html" - }, - "DeleteDeviceDefinition": { - "privilege": "DeleteDeviceDefinition", - "description": "Grants permission to delete a device definition. Deleting a definition that is currently in use in a deployment affects future deployments", - "access_level": "Write", - "resource_types": { - "deviceDefinition": { - "resource_type": "deviceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletedevicedefinition-delete.html" - }, - "DeleteFunctionDefinition": { - "privilege": "DeleteFunctionDefinition", - "description": "Grants permission to delete a Lambda function definition. Deleting a definition that is currently in use in a deployment affects future deployments", - "access_level": "Write", - "resource_types": { - "functionDefinition": { - "resource_type": "functionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletefunctiondefinition-delete.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete a group that is not currently in use in a deployment", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletegroup-delete.html" - }, - "DeleteLoggerDefinition": { - "privilege": "DeleteLoggerDefinition", - "description": "Grants permission to delete a logger definition. Deleting a definition that is currently in use in a deployment affects future deployments", - "access_level": "Write", - "resource_types": { - "loggerDefinition": { - "resource_type": "loggerDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deleteloggerdefinition-delete.html" - }, - "DeleteResourceDefinition": { - "privilege": "DeleteResourceDefinition", - "description": "Grants permission to delete a resource definition", - "access_level": "Write", - "resource_types": { - "resourceDefinition": { - "resource_type": "resourceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deleteresourcedefinition-delete.html" - }, - "DeleteSubscriptionDefinition": { - "privilege": "DeleteSubscriptionDefinition", - "description": "Grants permission to delete a subscription definition. Deleting a definition that is currently in use in a deployment affects future deployments", - "access_level": "Write", - "resource_types": { - "subscriptionDefinition": { - "resource_type": "subscriptionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletesubscriptiondefinition-delete.html" - }, - "DisassociateRoleFromGroup": { - "privilege": "DisassociateRoleFromGroup", - "description": "Grants permission to disassociate the role from a group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/disassociaterolefromgroup-delete.html" - }, - "DisassociateServiceRoleFromAccount": { - "privilege": "DisassociateServiceRoleFromAccount", - "description": "Grants permission to disassociate the service role from an account. Without a service role, deployments will not work", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DisassociateServiceRoleFromAccount.html" - }, - "Discover": { - "privilege": "Discover", - "description": "Grants permission to retrieve information required to connect to a Greengrass core", - "access_level": "Read", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/latest/developerguide/gg-discover-api.html" - }, - "GetAssociatedRole": { - "privilege": "GetAssociatedRole", - "description": "Grants permission to retrieve the role associated with a group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getassociatedrole-get.html" - }, - "GetBulkDeploymentStatus": { - "privilege": "GetBulkDeploymentStatus", - "description": "Grants permission to return the status of a bulk deployment", - "access_level": "Read", - "resource_types": { - "bulkDeployment": { - "resource_type": "bulkDeployment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getbulkdeploymentstatus-get.html" - }, - "GetConnectivityInfo": { - "privilege": "GetConnectivityInfo", - "description": "Grants permission to retrieve the connectivity information for a Greengrass core device", - "access_level": "Read", - "resource_types": { - "connectivityInfo": { - "resource_type": "connectivityInfo", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:GetThingShadow" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetConnectivityInfo.html" - }, - "GetConnectorDefinition": { - "privilege": "GetConnectorDefinition", - "description": "Grants permission to retrieve information about a connector definition", - "access_level": "Read", - "resource_types": { - "connectorDefinition": { - "resource_type": "connectorDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getconnectordefinition-get.html" - }, - "GetConnectorDefinitionVersion": { - "privilege": "GetConnectorDefinitionVersion", - "description": "Grants permission to retrieve information about a connector definition version", - "access_level": "Read", - "resource_types": { - "connectorDefinition": { - "resource_type": "connectorDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connectorDefinitionVersion": { - "resource_type": "connectorDefinitionVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getconnectordefinitionversion-get.html" - }, - "GetCoreDefinition": { - "privilege": "GetCoreDefinition", - "description": "Grants permission to retrieve information about a core definition", - "access_level": "Read", - "resource_types": { - "coreDefinition": { - "resource_type": "coreDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getcoredefinition-get.html" - }, - "GetCoreDefinitionVersion": { - "privilege": "GetCoreDefinitionVersion", - "description": "Grants permission to retrieve information about a core definition version", - "access_level": "Read", - "resource_types": { - "coreDefinition": { - "resource_type": "coreDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "coreDefinitionVersion": { - "resource_type": "coreDefinitionVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getcoredefinitionversion-get.html" - }, - "GetDeploymentStatus": { - "privilege": "GetDeploymentStatus", - "description": "Grants permission to return the status of a deployment", - "access_level": "Read", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getdeploymentstatus-get.html" - }, - "GetDeviceDefinition": { - "privilege": "GetDeviceDefinition", - "description": "Grants permission to retrieve information about a device definition", - "access_level": "Read", - "resource_types": { - "deviceDefinition": { - "resource_type": "deviceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getdevicedefinition-get.html" - }, - "GetDeviceDefinitionVersion": { - "privilege": "GetDeviceDefinitionVersion", - "description": "Grants permission to retrieve information about a device definition version", - "access_level": "Read", - "resource_types": { - "deviceDefinition": { - "resource_type": "deviceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "deviceDefinitionVersion": { - "resource_type": "deviceDefinitionVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getdevicedefinitionversion-get.html" - }, - "GetFunctionDefinition": { - "privilege": "GetFunctionDefinition", - "description": "Grants permission to retrieve information about a Lambda function definition, such as its creation time and latest version", - "access_level": "Read", - "resource_types": { - "functionDefinition": { - "resource_type": "functionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getfunctiondefinition-get.html" - }, - "GetFunctionDefinitionVersion": { - "privilege": "GetFunctionDefinitionVersion", - "description": "Grants permission to retrieve information about a Lambda function definition version, such as which Lambda functions are included in the version and their configurations", - "access_level": "Read", - "resource_types": { - "functionDefinition": { - "resource_type": "functionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "functionDefinitionVersion": { - "resource_type": "functionDefinitionVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getfunctiondefinitionversion-get.html" - }, - "GetGroup": { - "privilege": "GetGroup", - "description": "Grants permission to retrieve information about a group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroup-get.html" - }, - "GetGroupCertificateAuthority": { - "privilege": "GetGroupCertificateAuthority", - "description": "Grants permission to return the public key of the CA associated with a group", - "access_level": "Read", - "resource_types": { - "certificateAuthority": { - "resource_type": "certificateAuthority", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroupcertificateauthority-get.html" - }, - "GetGroupCertificateConfiguration": { - "privilege": "GetGroupCertificateConfiguration", - "description": "Grants permission to retrieve the current configuration for the CA used by a group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroupcertificateconfiguration-get.html" - }, - "GetGroupVersion": { - "privilege": "GetGroupVersion", - "description": "Grants permission to retrieve information about a group version", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "groupVersion": { - "resource_type": "groupVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroupversion-get.html" - }, - "GetLoggerDefinition": { - "privilege": "GetLoggerDefinition", - "description": "Grants permission to retrieve information about a logger definition", - "access_level": "Read", - "resource_types": { - "loggerDefinition": { - "resource_type": "loggerDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getloggerdefinition-get.html" - }, - "GetLoggerDefinitionVersion": { - "privilege": "GetLoggerDefinitionVersion", - "description": "Grants permission to retrieve information about a logger definition version", - "access_level": "Read", - "resource_types": { - "loggerDefinition": { - "resource_type": "loggerDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "loggerDefinitionVersion": { - "resource_type": "loggerDefinitionVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getloggerdefinitionversion-get.html" - }, - "GetResourceDefinition": { - "privilege": "GetResourceDefinition", - "description": "Grants permission to retrieve information about a resource definition, such as its creation time and latest version", - "access_level": "Read", - "resource_types": { - "resourceDefinition": { - "resource_type": "resourceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getresourcedefinition-get.html" - }, - "GetResourceDefinitionVersion": { - "privilege": "GetResourceDefinitionVersion", - "description": "Grants permission to retrieve information about a resource definition version, such as which resources are included in the version", - "access_level": "Read", - "resource_types": { - "resourceDefinition": { - "resource_type": "resourceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "resourceDefinitionVersion": { - "resource_type": "resourceDefinitionVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getresourcedefinitionversion-get.html" - }, - "GetServiceRoleForAccount": { - "privilege": "GetServiceRoleForAccount", - "description": "Grants permission to retrieve the service role that is attached to an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetServiceRoleForAccount.html" - }, - "GetSubscriptionDefinition": { - "privilege": "GetSubscriptionDefinition", - "description": "Grants permission to retrieve information about a subscription definition", - "access_level": "Read", - "resource_types": { - "subscriptionDefinition": { - "resource_type": "subscriptionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getsubscriptiondefinition-get.html" - }, - "GetSubscriptionDefinitionVersion": { - "privilege": "GetSubscriptionDefinitionVersion", - "description": "Grants permission to retrieve information about a subscription definition version", - "access_level": "Read", - "resource_types": { - "subscriptionDefinition": { - "resource_type": "subscriptionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "subscriptionDefinitionVersion": { - "resource_type": "subscriptionDefinitionVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getsubscriptiondefinitionversion-get.html" - }, - "GetThingRuntimeConfiguration": { - "privilege": "GetThingRuntimeConfiguration", - "description": "Grants permission to retrieve runtime configuration of a thing", - "access_level": "Read", - "resource_types": { - "thingRuntimeConfig": { - "resource_type": "thingRuntimeConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getthingruntimeconfiguration-get.html" - }, - "ListBulkDeploymentDetailedReports": { - "privilege": "ListBulkDeploymentDetailedReports", - "description": "Grants permission to retrieve a paginated list of the deployments that have been started in a bulk deployment operation and their current deployment status", - "access_level": "Read", - "resource_types": { - "bulkDeployment": { - "resource_type": "bulkDeployment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listbulkdeploymentdetailedreports-get.html" - }, - "ListBulkDeployments": { - "privilege": "ListBulkDeployments", - "description": "Grants permission to retrieve a list of bulk deployments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listbulkdeployments-get.html" - }, - "ListConnectorDefinitionVersions": { - "privilege": "ListConnectorDefinitionVersions", - "description": "Grants permission to list the versions of a connector definition", - "access_level": "List", - "resource_types": { - "connectorDefinition": { - "resource_type": "connectorDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listconnectordefinitionversions-get.html" - }, - "ListConnectorDefinitions": { - "privilege": "ListConnectorDefinitions", - "description": "Grants permission to retrieve a list of connector definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listconnectordefinitions-get.html" - }, - "ListCoreDefinitionVersions": { - "privilege": "ListCoreDefinitionVersions", - "description": "Grants permission to list the versions of a core definition", - "access_level": "List", - "resource_types": { - "coreDefinition": { - "resource_type": "coreDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listcoredefinitionversions-get.html" - }, - "ListCoreDefinitions": { - "privilege": "ListCoreDefinitions", - "description": "Grants permission to retrieve a list of core definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listcoredefinitions-get.html" - }, - "ListDeployments": { - "privilege": "ListDeployments", - "description": "Grants permission to retrieves a paginated list of deployments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeJob", - "iot:DescribeThing", - "iot:DescribeThingGroup", - "iot:GetThingShadow" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListDeployments.html" - }, - "ListDeviceDefinitionVersions": { - "privilege": "ListDeviceDefinitionVersions", - "description": "Grants permission to list the versions of a device definition", - "access_level": "List", - "resource_types": { - "deviceDefinition": { - "resource_type": "deviceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listdevicedefinitionversions-get.html" - }, - "ListDeviceDefinitions": { - "privilege": "ListDeviceDefinitions", - "description": "Grants permission to retrieve a list of device definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listdevicedefinitions-get.html" - }, - "ListFunctionDefinitionVersions": { - "privilege": "ListFunctionDefinitionVersions", - "description": "Grants permission to list the versions of a Lambda function definition", - "access_level": "List", - "resource_types": { - "functionDefinition": { - "resource_type": "functionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listfunctiondefinitionversions-get.html" - }, - "ListFunctionDefinitions": { - "privilege": "ListFunctionDefinitions", - "description": "Grants permission to retrieve a list of Lambda function definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listfunctiondefinitions-get.html" - }, - "ListGroupCertificateAuthorities": { - "privilege": "ListGroupCertificateAuthorities", - "description": "Grants permission to retrieve a list of current CAs for a group", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listgroupcertificateauthorities-get.html" - }, - "ListGroupVersions": { - "privilege": "ListGroupVersions", - "description": "Grants permission to list the versions of a group", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listgroupversions-get.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to retrieve a list of groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listgroups-get.html" - }, - "ListLoggerDefinitionVersions": { - "privilege": "ListLoggerDefinitionVersions", - "description": "Grants permission to list the versions of a logger definition", - "access_level": "List", - "resource_types": { - "loggerDefinition": { - "resource_type": "loggerDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listloggerdefinitionversions-get.html" - }, - "ListLoggerDefinitions": { - "privilege": "ListLoggerDefinitions", - "description": "Grants permission to retrieve a list of logger definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listloggerdefinitions-get.html" - }, - "ListResourceDefinitionVersions": { - "privilege": "ListResourceDefinitionVersions", - "description": "Grants permission to list the versions of a resource definition", - "access_level": "List", - "resource_types": { - "resourceDefinition": { - "resource_type": "resourceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listresourcedefinitionversions-get.html" - }, - "ListResourceDefinitions": { - "privilege": "ListResourceDefinitions", - "description": "Grants permission to retrieve a list of resource definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listresourcedefinitions-get.html" - }, - "ListSubscriptionDefinitionVersions": { - "privilege": "ListSubscriptionDefinitionVersions", - "description": "Grants permission to list the versions of a subscription definition", - "access_level": "List", - "resource_types": { - "subscriptionDefinition": { - "resource_type": "subscriptionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listsubscriptiondefinitionversions-get.html" - }, - "ListSubscriptionDefinitions": { - "privilege": "ListSubscriptionDefinitions", - "description": "Grants permission to retrieve a list of subscription definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listsubscriptiondefinitions-get.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "componentVersion": { - "resource_type": "componentVersion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "coreDevice": { - "resource_type": "coreDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListTagsForResource.html" - }, - "ResetDeployments": { - "privilege": "ResetDeployments", - "description": "Grants permission to reset a group's deployments", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/resetdeployments-post.html" - }, - "StartBulkDeployment": { - "privilege": "StartBulkDeployment", - "description": "Grants permission to deploy multiple groups in one operation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/startbulkdeployment-post.html" - }, - "StopBulkDeployment": { - "privilege": "StopBulkDeployment", - "description": "Grants permission to stop the execution of a bulk deployment", - "access_level": "Write", - "resource_types": { - "bulkDeployment": { - "resource_type": "bulkDeployment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/stopbulkdeployment-put.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "componentVersion": { - "resource_type": "componentVersion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "coreDevice": { - "resource_type": "coreDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "componentVersion": { - "resource_type": "componentVersion", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "coreDevice": { - "resource_type": "coreDevice", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deployment": { - "resource_type": "deployment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_UntagResource.html" - }, - "UpdateConnectivityInfo": { - "privilege": "UpdateConnectivityInfo", - "description": "Grants permission to update the connectivity information for a Greengrass core. Any devices that belong to the group that has this core will receive this information in order to find the location of the core and connect to it", - "access_level": "Write", - "resource_types": { - "connectivityInfo": { - "resource_type": "connectivityInfo", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:GetThingShadow", - "iot:UpdateThingShadow" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_UpdateConnectivityInfo.html" - }, - "UpdateConnectorDefinition": { - "privilege": "UpdateConnectorDefinition", - "description": "Grants permission to update a connector definition", - "access_level": "Write", - "resource_types": { - "connectorDefinition": { - "resource_type": "connectorDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updateconnectordefinition-put.html" - }, - "UpdateCoreDefinition": { - "privilege": "UpdateCoreDefinition", - "description": "Grants permission to update a core definition", - "access_level": "Write", - "resource_types": { - "coreDefinition": { - "resource_type": "coreDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatecoredefinition-put.html" - }, - "UpdateDeviceDefinition": { - "privilege": "UpdateDeviceDefinition", - "description": "Grants permission to update a device definition", - "access_level": "Write", - "resource_types": { - "deviceDefinition": { - "resource_type": "deviceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatedevicedefinition-put.html" - }, - "UpdateFunctionDefinition": { - "privilege": "UpdateFunctionDefinition", - "description": "Grants permission to update a Lambda function definition", - "access_level": "Write", - "resource_types": { - "functionDefinition": { - "resource_type": "functionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatefunctiondefinition-put.html" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to update a group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updategroup-put.html" - }, - "UpdateGroupCertificateConfiguration": { - "privilege": "UpdateGroupCertificateConfiguration", - "description": "Grants permission to update the certificate expiry time for a group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updategroupcertificateconfiguration-put.html" - }, - "UpdateLoggerDefinition": { - "privilege": "UpdateLoggerDefinition", - "description": "Grants permission to update a logger definition", - "access_level": "Write", - "resource_types": { - "loggerDefinition": { - "resource_type": "loggerDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updateloggerdefinition-put.html" - }, - "UpdateResourceDefinition": { - "privilege": "UpdateResourceDefinition", - "description": "Grants permission to update a resource definition", - "access_level": "Write", - "resource_types": { - "resourceDefinition": { - "resource_type": "resourceDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updateresourcedefinition-put.html" - }, - "UpdateSubscriptionDefinition": { - "privilege": "UpdateSubscriptionDefinition", - "description": "Grants permission to update a subscription definition", - "access_level": "Write", - "resource_types": { - "subscriptionDefinition": { - "resource_type": "subscriptionDefinition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatesubscriptiondefinition-put.html" - }, - "UpdateThingRuntimeConfiguration": { - "privilege": "UpdateThingRuntimeConfiguration", - "description": "Grants permission to update runtime configuration of a thing", - "access_level": "Write", - "resource_types": { - "thingRuntimeConfig": { - "resource_type": "thingRuntimeConfig", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatethingruntimeconfiguration-put.html" - }, - "BatchAssociateClientDeviceWithCoreDevice": { - "privilege": "BatchAssociateClientDeviceWithCoreDevice", - "description": "Grants permission to associate a list of client devices with a core device", - "access_level": "Write", - "resource_types": { - "coreDevice": { - "resource_type": "coreDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_BatchAssociateClientDeviceWithCoreDevice.html" - }, - "BatchDisassociateClientDeviceFromCoreDevice": { - "privilege": "BatchDisassociateClientDeviceFromCoreDevice", - "description": "Grants permission to disassociate a list of client devices from a core device", - "access_level": "Write", - "resource_types": { - "coreDevice": { - "resource_type": "coreDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_BatchDisassociateClientDeviceFromCoreDevice.html" - }, - "CancelDeployment": { - "privilege": "CancelDeployment", - "description": "Grants permission to cancel a deployment", - "access_level": "Write", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:CancelJob", - "iot:DeleteThingShadow", - "iot:DescribeJob", - "iot:DescribeThing", - "iot:DescribeThingGroup", - "iot:GetThingShadow", - "iot:UpdateJob", - "iot:UpdateThingShadow" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_CancelDeployment.html" - }, - "CreateComponentVersion": { - "privilege": "CreateComponentVersion", - "description": "Grants permission to create a component", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_CreateComponentVersion.html" - }, - "DeleteComponent": { - "privilege": "DeleteComponent", - "description": "Grants permission to delete a component", - "access_level": "Write", - "resource_types": { - "componentVersion": { - "resource_type": "componentVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DeleteComponent.html" - }, - "DeleteCoreDevice": { - "privilege": "DeleteCoreDevice", - "description": "Grants permission to delete a AWS IoT Greengrass core device, which is an AWS IoT thing. This operation removes the core device from the list of core devices. This operation doesn't delete the AWS IoT thing", - "access_level": "Write", - "resource_types": { - "coreDevice": { - "resource_type": "coreDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeJobExecution" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DeleteCoreDevice.html" - }, - "DeleteDeployment": { - "privilege": "DeleteDeployment", - "description": "Grants permission to delete a deployment. To delete an active deployment, it needs to be cancelled first", - "access_level": "Write", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DeleteJob" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DeleteDeployment.html" - }, - "DescribeComponent": { - "privilege": "DescribeComponent", - "description": "Grants permission to retrieve metadata for a version of a component", - "access_level": "Read", - "resource_types": { - "componentVersion": { - "resource_type": "componentVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DescribeComponent.html" - }, - "GetComponent": { - "privilege": "GetComponent", - "description": "Grants permission to get the recipe for a version of a component", - "access_level": "Read", - "resource_types": { - "componentVersion": { - "resource_type": "componentVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetComponent.html" - }, - "GetComponentVersionArtifact": { - "privilege": "GetComponentVersionArtifact", - "description": "Grants permission to get the pre-signed URL to download a public component artifact", - "access_level": "Read", - "resource_types": { - "componentVersion": { - "resource_type": "componentVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetComponentVersionArtifact.html" - }, - "GetCoreDevice": { - "privilege": "GetCoreDevice", - "description": "Grants permission to retrieves metadata for a AWS IoT Greengrass core device", - "access_level": "Read", - "resource_types": { - "coreDevice": { - "resource_type": "coreDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetCoreDevice.html" - }, - "GetDeployment": { - "privilege": "GetDeployment", - "description": "Grants permission to get a deployment", - "access_level": "Read", - "resource_types": { - "deployment": { - "resource_type": "deployment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeJob", - "iot:DescribeThing", - "iot:DescribeThingGroup", - "iot:GetThingShadow" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetDeployment.html" - }, - "ListClientDevicesAssociatedWithCoreDevice": { - "privilege": "ListClientDevicesAssociatedWithCoreDevice", - "description": "Grants permission to retrieve a paginated list of client devices associated to a AWS IoT Greengrass core device", - "access_level": "List", - "resource_types": { - "coreDevice": { - "resource_type": "coreDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListClientDevicesAssociatedWithCoreDevice.html" - }, - "ListComponentVersions": { - "privilege": "ListComponentVersions", - "description": "Grants permission to retrieve a paginated list of all versions for a component", - "access_level": "List", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListComponentVersions.html" - }, - "ListComponents": { - "privilege": "ListComponents", - "description": "Grants permission to retrieve a paginated list of component summaries", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListComponents.html" - }, - "ListCoreDevices": { - "privilege": "ListCoreDevices", - "description": "Grants permission to retrieve a paginated list of AWS IoT Greengrass core devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListCoreDevices.html" - }, - "ListEffectiveDeployments": { - "privilege": "ListEffectiveDeployments", - "description": "Grants permission to retrieves a paginated list of deployment jobs that AWS IoT Greengrass sends to AWS IoT Greengrass core devices", - "access_level": "List", - "resource_types": { - "coreDevice": { - "resource_type": "coreDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeJob", - "iot:DescribeJobExecution", - "iot:DescribeThing", - "iot:DescribeThingGroup", - "iot:GetThingShadow" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListEffectiveDeployments.html" - }, - "ListInstalledComponents": { - "privilege": "ListInstalledComponents", - "description": "Grants permission to retrieve a paginated list of the components that a AWS IoT Greengrass core device runs", - "access_level": "List", - "resource_types": { - "coreDevice": { - "resource_type": "coreDevice", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListInstalledComponents.html" - }, - "ResolveComponentCandidates": { - "privilege": "ResolveComponentCandidates", - "description": "Grants permission to list components that meet the component, version, and platform requirements of a deployment", - "access_level": "List", - "resource_types": { - "componentVersion": { - "resource_type": "componentVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ResolveComponentCandidates.html" - } - }, - "resources": { - "connectivityInfo": { - "resource": "connectivityInfo", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/things/${ThingName}/connectivityInfo", - "condition_keys": [] - }, - "certificateAuthority": { - "resource": "certificateAuthority", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/groups/${GroupId}/certificateauthorities/${CertificateAuthorityId}", - "condition_keys": [] - }, - "deployment": { - "resource": "deployment", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:deployments:${DeploymentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "bulkDeployment": { - "resource": "bulkDeployment", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/bulk/deployments/${BulkDeploymentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "group": { - "resource": "group", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/groups/${GroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "groupVersion": { - "resource": "groupVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/groups/${GroupId}/versions/${VersionId}", - "condition_keys": [] - }, - "coreDefinition": { - "resource": "coreDefinition", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/cores/${CoreDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "coreDefinitionVersion": { - "resource": "coreDefinitionVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/cores/${CoreDefinitionId}/versions/${VersionId}", - "condition_keys": [] - }, - "deviceDefinition": { - "resource": "deviceDefinition", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/devices/${DeviceDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deviceDefinitionVersion": { - "resource": "deviceDefinitionVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/devices/${DeviceDefinitionId}/versions/${VersionId}", - "condition_keys": [] - }, - "functionDefinition": { - "resource": "functionDefinition", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/functions/${FunctionDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "functionDefinitionVersion": { - "resource": "functionDefinitionVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/functions/${FunctionDefinitionId}/versions/${VersionId}", - "condition_keys": [] - }, - "subscriptionDefinition": { - "resource": "subscriptionDefinition", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/subscriptions/${SubscriptionDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "subscriptionDefinitionVersion": { - "resource": "subscriptionDefinitionVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/subscriptions/${SubscriptionDefinitionId}/versions/${VersionId}", - "condition_keys": [] - }, - "loggerDefinition": { - "resource": "loggerDefinition", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/loggers/${LoggerDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "loggerDefinitionVersion": { - "resource": "loggerDefinitionVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/loggers/${LoggerDefinitionId}/versions/${VersionId}", - "condition_keys": [] - }, - "resourceDefinition": { - "resource": "resourceDefinition", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/resources/${ResourceDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resourceDefinitionVersion": { - "resource": "resourceDefinitionVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/resources/${ResourceDefinitionId}/versions/${VersionId}", - "condition_keys": [] - }, - "connectorDefinition": { - "resource": "connectorDefinition", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/connectors/${ConnectorDefinitionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "connectorDefinitionVersion": { - "resource": "connectorDefinitionVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/connectors/${ConnectorDefinitionId}/versions/${VersionId}", - "condition_keys": [] - }, - "thing": { - "resource": "thing", - "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", - "condition_keys": [] - }, - "thingRuntimeConfig": { - "resource": "thingRuntimeConfig", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/things/${ThingName}/runtimeconfig", - "condition_keys": [] - }, - "component": { - "resource": "component", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:components:${ComponentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "componentVersion": { - "resource": "componentVersion", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:components:${ComponentName}:versions:${ComponentVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "coreDevice": { - "resource": "coreDevice", - "arn": "arn:${Partition}:greengrass:${Region}:${Account}:coreDevices:${CoreDeviceThingName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by checking tag key/value pairs included in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by checking tag key/value pairs associated with a specific resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by checking tag keys passed in the request", - "type": "ArrayOfString" - } - } - }, - "iotjobsdata": { - "service_name": "AWS IoT Jobs DataPlane", - "prefix": "iotjobsdata", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotjobsdataplane.html", - "privileges": { - "DescribeJobExecution": { - "privilege": "DescribeJobExecution", - "description": "Grants permission to describe a job execution", - "access_level": "Read", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iot:JobId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_DescribeJobExecution.html" - }, - "GetPendingJobExecutions": { - "privilege": "GetPendingJobExecutions", - "description": "Grants permission to get the list of all jobs for a thing that are not in a terminal state", - "access_level": "Read", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_GetPendingJobExecutions.html" - }, - "StartNextPendingJobExecution": { - "privilege": "StartNextPendingJobExecution", - "description": "Grants permission to get and start the next pending job execution for a thing", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_StartNextPendingJobExecution.html" - }, - "UpdateJobExecution": { - "privilege": "UpdateJobExecution", - "description": "Grants permission to update a job execution", - "access_level": "Write", - "resource_types": { - "thing": { - "resource_type": "thing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "iot:JobId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_UpdateJobExecution.html" - } - }, - "resources": { - "thing": { - "resource": "thing", - "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", - "condition_keys": [] - } - }, - "conditions": { - "iot:JobId": { - "condition": "iot:JobId", - "description": "Filters access by jobId for iotjobsdata:DescribeJobExecution and iotjobsdata:UpdateJobExecution APIs", - "type": "String" - } - } - }, - "iotroborunner": { - "service_name": "AWS IoT RoboRunner", - "prefix": "iotroborunner", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotroborunner.html", - "privileges": { - "CreateDestination": { - "privilege": "CreateDestination", - "description": "Grants permission to create a destination", - "access_level": "Write", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateDestination.html" - }, - "CreateSite": { - "privilege": "CreateSite", - "description": "Grants permission to create a site", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateSite.html" - }, - "CreateWorker": { - "privilege": "CreateWorker", - "description": "Grants permission to create a worker", - "access_level": "Write", - "resource_types": { - "WorkerFleetResource": { - "resource_type": "WorkerFleetResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateWorker.html" - }, - "CreateWorkerFleet": { - "privilege": "CreateWorkerFleet", - "description": "Grants permission to create a worker fleet", - "access_level": "Write", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateWorkerFleet.html" - }, - "DeleteDestination": { - "privilege": "DeleteDestination", - "description": "Grants permission to delete a destination", - "access_level": "Write", - "resource_types": { - "DestinationResource": { - "resource_type": "DestinationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteDestination.html" - }, - "DeleteSite": { - "privilege": "DeleteSite", - "description": "Grants permission to delete a site", - "access_level": "Write", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteSite.html" - }, - "DeleteWorker": { - "privilege": "DeleteWorker", - "description": "Grants permission to delete a worker", - "access_level": "Write", - "resource_types": { - "WorkerResource": { - "resource_type": "WorkerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteWorker.html" - }, - "DeleteWorkerFleet": { - "privilege": "DeleteWorkerFleet", - "description": "Grants permission to delete a worker fleet", - "access_level": "Write", - "resource_types": { - "WorkerFleetResource": { - "resource_type": "WorkerFleetResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteWorkerFleet.html" - }, - "GetDestination": { - "privilege": "GetDestination", - "description": "Grants permission to get a destination", - "access_level": "Read", - "resource_types": { - "DestinationResource": { - "resource_type": "DestinationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetDestination.html" - }, - "GetSite": { - "privilege": "GetSite", - "description": "Grants permission to get a site", - "access_level": "Read", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetSite.html" - }, - "GetWorker": { - "privilege": "GetWorker", - "description": "Grants permission to get a worker", - "access_level": "Read", - "resource_types": { - "WorkerResource": { - "resource_type": "WorkerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetWorker.html" - }, - "GetWorkerFleet": { - "privilege": "GetWorkerFleet", - "description": "Grants permission to get a worker fleet", - "access_level": "Read", - "resource_types": { - "WorkerFleetResource": { - "resource_type": "WorkerFleetResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetWorkerFleet.html" - }, - "ListDestinations": { - "privilege": "ListDestinations", - "description": "Grants permission to list destinations", - "access_level": "Read", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListDestinations.html" - }, - "ListSites": { - "privilege": "ListSites", - "description": "Grants permission to list sites", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListSites.html" - }, - "ListWorkerFleets": { - "privilege": "ListWorkerFleets", - "description": "Grants permission to list worker fleets", - "access_level": "Read", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListWorkerFleets.html" - }, - "ListWorkers": { - "privilege": "ListWorkers", - "description": "Grants permission to list workers", - "access_level": "Read", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListWorkers.html" - }, - "UpdateDestination": { - "privilege": "UpdateDestination", - "description": "Grants permission to update a destination", - "access_level": "Write", - "resource_types": { - "DestinationResource": { - "resource_type": "DestinationResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateDestination.html" - }, - "UpdateSite": { - "privilege": "UpdateSite", - "description": "Grants permission to update a site", - "access_level": "Write", - "resource_types": { - "SiteResource": { - "resource_type": "SiteResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateSite.html" - }, - "UpdateWorker": { - "privilege": "UpdateWorker", - "description": "Grants permission to update a worker", - "access_level": "Write", - "resource_types": { - "WorkerResource": { - "resource_type": "WorkerResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateWorker.html" - }, - "UpdateWorkerFleet": { - "privilege": "UpdateWorkerFleet", - "description": "Grants permission to update a worker fleet", - "access_level": "Write", - "resource_types": { - "WorkerFleetResource": { - "resource_type": "WorkerFleetResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateWorkerFleet.html" - } - }, - "resources": { - "DestinationResource": { - "resource": "DestinationResource", - "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}/destination/${DestinationId}", - "condition_keys": [ - "iotroborunner:DestinationResourceId" - ] - }, - "SiteResource": { - "resource": "SiteResource", - "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}", - "condition_keys": [ - "iotroborunner:SiteResourceId" - ] - }, - "WorkerFleetResource": { - "resource": "WorkerFleetResource", - "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}/worker-fleet/${WorkerFleetId}", - "condition_keys": [ - "iotroborunner:WorkerFleetResourceId" - ] - }, - "WorkerResource": { - "resource": "WorkerResource", - "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}/worker-fleet/${WorkerFleetId}/worker/${WorkerId}", - "condition_keys": [ - "iotroborunner:WorkerResourceId" - ] - } - }, - "conditions": { - "iotroborunner:DestinationResourceId": { - "condition": "iotroborunner:DestinationResourceId", - "description": "Filters access by the destination's identifier", - "type": "String" - }, - "iotroborunner:SiteResourceId": { - "condition": "iotroborunner:SiteResourceId", - "description": "Filters access by the site's identifier", - "type": "String" - }, - "iotroborunner:WorkerFleetResourceId": { - "condition": "iotroborunner:WorkerFleetResourceId", - "description": "Filters access by the worker fleet's identifier", - "type": "String" - }, - "iotroborunner:WorkerResourceId": { - "condition": "iotroborunner:WorkerResourceId", - "description": "Filters access by the workers identifier", - "type": "String" - } - } - }, - "iotsitewise": { - "service_name": "AWS IoT SiteWise", - "prefix": "iotsitewise", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotsitewise.html", - "privileges": { - "AssociateAssets": { - "privilege": "AssociateAssets", - "description": "Grants permission to associate a child asset with a parent asset through a hierarchy", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssociateAssets.html" - }, - "AssociateTimeSeriesToAssetProperty": { - "privilege": "AssociateTimeSeriesToAssetProperty", - "description": "Grants permission to associate a time series with an asset property", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssociateTimeSeriesToAssetProperty.html" - }, - "BatchAssociateProjectAssets": { - "privilege": "BatchAssociateProjectAssets", - "description": "Grants permission to associate assets to a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchAssociateProjectAssets.html" - }, - "BatchDisassociateProjectAssets": { - "privilege": "BatchDisassociateProjectAssets", - "description": "Grants permission to disassociate assets from a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchDisassociateProjectAssets.html" - }, - "BatchGetAssetPropertyAggregates": { - "privilege": "BatchGetAssetPropertyAggregates", - "description": "Grants permission to retrieve computed aggregates for multiple asset properties", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchGetAssetPropertyAggregates.html" - }, - "BatchGetAssetPropertyValue": { - "privilege": "BatchGetAssetPropertyValue", - "description": "Grants permission to retrieve the latest value for multiple asset properties", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchGetAssetPropertyValue.html" - }, - "BatchGetAssetPropertyValueHistory": { - "privilege": "BatchGetAssetPropertyValueHistory", - "description": "Grants permission to retrieve the value history for multiple asset properties", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchGetAssetPropertyValueHistory.html" - }, - "BatchPutAssetPropertyValue": { - "privilege": "BatchPutAssetPropertyValue", - "description": "Grants permission to put property values for asset properties", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchPutAssetPropertyValue.html" - }, - "CreateAccessPolicy": { - "privilege": "CreateAccessPolicy", - "description": "Grants permission to create an access policy for a portal or a project", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAccessPolicy.html" - }, - "CreateAsset": { - "privilege": "CreateAsset", - "description": "Grants permission to create an asset from an asset model", - "access_level": "Write", - "resource_types": { - "asset-model": { - "resource_type": "asset-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAsset.html" - }, - "CreateAssetModel": { - "privilege": "CreateAssetModel", - "description": "Grants permission to create an asset model", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html" - }, - "CreateBulkImportJob": { - "privilege": "CreateBulkImportJob", - "description": "Grants permission to create bulk import job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateBulkImportJob.html" - }, - "CreateDashboard": { - "privilege": "CreateDashboard", - "description": "Grants permission to create a dashboard in a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateDashboard.html" - }, - "CreateGateway": { - "privilege": "CreateGateway", - "description": "Grants permission to create a gateway", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateGateway.html" - }, - "CreatePortal": { - "privilege": "CreatePortal", - "description": "Grants permission to create a portal", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "sso:CreateManagedApplicationInstance", - "sso:DescribeRegisteredRegions" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreatePortal.html" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to create a project in a portal", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateProject.html" - }, - "DeleteAccessPolicy": { - "privilege": "DeleteAccessPolicy", - "description": "Grants permission to delete an access policy", - "access_level": "Write", - "resource_types": { - "access-policy": { - "resource_type": "access-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteAccessPolicy.html" - }, - "DeleteAsset": { - "privilege": "DeleteAsset", - "description": "Grants permission to delete an asset", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteAsset.html" - }, - "DeleteAssetModel": { - "privilege": "DeleteAssetModel", - "description": "Grants permission to delete an asset model", - "access_level": "Write", - "resource_types": { - "asset-model": { - "resource_type": "asset-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteAssetModel.html" - }, - "DeleteDashboard": { - "privilege": "DeleteDashboard", - "description": "Grants permission to delete a dashboard", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteDashboard.html" - }, - "DeleteGateway": { - "privilege": "DeleteGateway", - "description": "Grants permission to delete a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteGateway.html" - }, - "DeletePortal": { - "privilege": "DeletePortal", - "description": "Grants permission to delete a portal", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "sso:DeleteManagedApplicationInstance" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeletePortal.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Grants permission to delete a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteProject.html" - }, - "DeleteTimeSeries": { - "privilege": "DeleteTimeSeries", - "description": "Grants permission to delete a time series", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteTimeSeries.html" - }, - "DescribeAccessPolicy": { - "privilege": "DescribeAccessPolicy", - "description": "Grants permission to describe an access policy", - "access_level": "Read", - "resource_types": { - "access-policy": { - "resource_type": "access-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAccessPolicy.html" - }, - "DescribeAsset": { - "privilege": "DescribeAsset", - "description": "Grants permission to describe an asset", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAsset.html" - }, - "DescribeAssetModel": { - "privilege": "DescribeAssetModel", - "description": "Grants permission to describe an asset model", - "access_level": "Read", - "resource_types": { - "asset-model": { - "resource_type": "asset-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAssetModel.html" - }, - "DescribeAssetProperty": { - "privilege": "DescribeAssetProperty", - "description": "Grants permission to describe an asset property", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAssetProperty.html" - }, - "DescribeBulkImportJob": { - "privilege": "DescribeBulkImportJob", - "description": "Grants permission to describe bulk import job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeBulkImportJob.html" - }, - "DescribeDashboard": { - "privilege": "DescribeDashboard", - "description": "Grants permission to describe a dashboard", - "access_level": "Read", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeDashboard.html" - }, - "DescribeDefaultEncryptionConfiguration": { - "privilege": "DescribeDefaultEncryptionConfiguration", - "description": "Grants permission to describe the default encryption configuration for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeDefaultEncryptionConfiguration.html" - }, - "DescribeGateway": { - "privilege": "DescribeGateway", - "description": "Grants permission to describe a gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGateway.html" - }, - "DescribeGatewayCapabilityConfiguration": { - "privilege": "DescribeGatewayCapabilityConfiguration", - "description": "Grants permission to describe a capability configuration for a gateway", - "access_level": "Read", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html" - }, - "DescribeLoggingOptions": { - "privilege": "DescribeLoggingOptions", - "description": "Grants permission to describe logging options for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeLoggingOptions.html" - }, - "DescribePortal": { - "privilege": "DescribePortal", - "description": "Grants permission to describe a portal", - "access_level": "Read", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribePortal.html" - }, - "DescribeProject": { - "privilege": "DescribeProject", - "description": "Grants permission to describe a project", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeProject.html" - }, - "DescribeStorageConfiguration": { - "privilege": "DescribeStorageConfiguration", - "description": "Grants permission to describe the storage configuration for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeStorageConfiguration.html" - }, - "DescribeTimeSeries": { - "privilege": "DescribeTimeSeries", - "description": "Grants permission to describe a time series", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeTimeSeries.html" - }, - "DisassociateAssets": { - "privilege": "DisassociateAssets", - "description": "Grants permission to disassociate a child asset from a parent asset by a hierarchy", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DisassociateAssets.html" - }, - "DisassociateTimeSeriesFromAssetProperty": { - "privilege": "DisassociateTimeSeriesFromAssetProperty", - "description": "Grants permission to disassociate a time series from an asset property", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DisassociateTimeSeriesFromAssetProperty.html" - }, - "GetAssetPropertyAggregates": { - "privilege": "GetAssetPropertyAggregates", - "description": "Grants permission to retrieve computed aggregates for an asset property", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetAssetPropertyAggregates.html" - }, - "GetAssetPropertyValue": { - "privilege": "GetAssetPropertyValue", - "description": "Grants permission to retrieve the latest value for an asset property", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetAssetPropertyValue.html" - }, - "GetAssetPropertyValueHistory": { - "privilege": "GetAssetPropertyValueHistory", - "description": "Grants permission to retrieve the value history for an asset property", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetAssetPropertyValueHistory.html" - }, - "GetInterpolatedAssetPropertyValues": { - "privilege": "GetInterpolatedAssetPropertyValues", - "description": "Grants permission to retrieve interpolated values for an asset property", - "access_level": "Read", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetInterpolatedAssetPropertyValues.html" - }, - "ListAccessPolicies": { - "privilege": "ListAccessPolicies", - "description": "Grants permission to list all access policies for an identity or a resource", - "access_level": "List", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAccessPolicies.html" - }, - "ListAssetModelProperties": { - "privilege": "ListAssetModelProperties", - "description": "Grants permission to list asset model properties", - "access_level": "List", - "resource_types": { - "asset-model": { - "resource_type": "asset-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetModelProperties.html" - }, - "ListAssetModels": { - "privilege": "ListAssetModels", - "description": "Grants permission to list all asset models", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetModels.html" - }, - "ListAssetProperties": { - "privilege": "ListAssetProperties", - "description": "Grants permission to list asset properties", - "access_level": "List", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetProperties.html" - }, - "ListAssetRelationships": { - "privilege": "ListAssetRelationships", - "description": "Grants permission to list the asset relationship graph for an asset", - "access_level": "List", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetRelationships.html" - }, - "ListAssets": { - "privilege": "ListAssets", - "description": "Grants permission to list all assets", - "access_level": "List", - "resource_types": { - "asset-model": { - "resource_type": "asset-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssets.html" - }, - "ListAssociatedAssets": { - "privilege": "ListAssociatedAssets", - "description": "Grants permission to list all assets associated with an asset through a hierarchy", - "access_level": "List", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssociatedAssets.html" - }, - "ListBulkImportJobs": { - "privilege": "ListBulkImportJobs", - "description": "Grants permission to list bulk import jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListBulkImportJobs.html" - }, - "ListDashboards": { - "privilege": "ListDashboards", - "description": "Grants permission to list all dashboards in a project", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListDashboards.html" - }, - "ListGateways": { - "privilege": "ListGateways", - "description": "Grants permission to list all gateways", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListGateways.html" - }, - "ListPortals": { - "privilege": "ListPortals", - "description": "Grants permission to list all portals", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListPortals.html" - }, - "ListProjectAssets": { - "privilege": "ListProjectAssets", - "description": "Grants permission to list all assets associated with a project", - "access_level": "List", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListProjectAssets.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "Grants permission to list all projects in a portal", - "access_level": "List", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListProjects.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for a resource", - "access_level": "Read", - "resource_types": { - "access-policy": { - "resource_type": "access-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "asset-model": { - "resource_type": "asset-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTimeSeries": { - "privilege": "ListTimeSeries", - "description": "Grants permission to list time series", - "access_level": "List", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListTimeSeries.html" - }, - "PutDefaultEncryptionConfiguration": { - "privilege": "PutDefaultEncryptionConfiguration", - "description": "Grants permission to set the default encryption configuration for the AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_PutDefaultEncryptionConfiguration.html" - }, - "PutLoggingOptions": { - "privilege": "PutLoggingOptions", - "description": "Grants permission to set logging options for the AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_PutLoggingOptions.html" - }, - "PutStorageConfiguration": { - "privilege": "PutStorageConfiguration", - "description": "Grants permission to configure storage settings for the AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_PutStorageConfiguration.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "access-policy": { - "resource_type": "access-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "asset-model": { - "resource_type": "asset-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "access-policy": { - "resource_type": "access-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "asset": { - "resource_type": "asset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "asset-model": { - "resource_type": "asset-model", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "dashboard": { - "resource_type": "dashboard", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "gateway": { - "resource_type": "gateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "portal": { - "resource_type": "portal", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "project": { - "resource_type": "project", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "time-series": { - "resource_type": "time-series", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UntagResource.html" - }, - "UpdateAccessPolicy": { - "privilege": "UpdateAccessPolicy", - "description": "Grants permission to update an access policy", - "access_level": "Write", - "resource_types": { - "access-policy": { - "resource_type": "access-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAccessPolicy.html" - }, - "UpdateAsset": { - "privilege": "UpdateAsset", - "description": "Grants permission to update an asset", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAsset.html" - }, - "UpdateAssetModel": { - "privilege": "UpdateAssetModel", - "description": "Grants permission to update an asset model", - "access_level": "Write", - "resource_types": { - "asset-model": { - "resource_type": "asset-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html" - }, - "UpdateAssetModelPropertyRouting": { - "privilege": "UpdateAssetModelPropertyRouting", - "description": "Grants permission to update an AssetModel property routing", - "access_level": "Write", - "resource_types": { - "asset-model": { - "resource_type": "asset-model", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "${UserGuideDocPage}alarms-iam-permissions.html" - }, - "UpdateAssetProperty": { - "privilege": "UpdateAssetProperty", - "description": "Grants permission to update an asset property", - "access_level": "Write", - "resource_types": { - "asset": { - "resource_type": "asset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetProperty.html" - }, - "UpdateDashboard": { - "privilege": "UpdateDashboard", - "description": "Grants permission to update a dashboard", - "access_level": "Write", - "resource_types": { - "dashboard": { - "resource_type": "dashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateDashboard.html" - }, - "UpdateGateway": { - "privilege": "UpdateGateway", - "description": "Grants permission to update a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateGateway.html" - }, - "UpdateGatewayCapabilityConfiguration": { - "privilege": "UpdateGatewayCapabilityConfiguration", - "description": "Grants permission to update a capability configuration for a gateway", - "access_level": "Write", - "resource_types": { - "gateway": { - "resource_type": "gateway", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateGatewayCapabilityConfiguration.html" - }, - "UpdatePortal": { - "privilege": "UpdatePortal", - "description": "Grants permission to update a portal", - "access_level": "Write", - "resource_types": { - "portal": { - "resource_type": "portal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdatePortal.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Grants permission to update a project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateProject.html" - } - }, - "resources": { - "asset": { - "resource": "asset", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:asset/${AssetId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "asset-model": { - "resource": "asset-model", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:asset-model/${AssetModelId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "time-series": { - "resource": "time-series", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:time-series/${TimeSeriesId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "gateway": { - "resource": "gateway", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:gateway/${GatewayId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "portal": { - "resource": "portal", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:portal/${PortalId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "project": { - "resource": "project", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:project/${ProjectId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "dashboard": { - "resource": "dashboard", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:dashboard/${DashboardId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "access-policy": { - "resource": "access-policy", - "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:access-policy/${AccessPolicyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in the request", - "type": "ArrayOfString" - }, - "iotsitewise:assetHierarchyPath": { - "condition": "iotsitewise:assetHierarchyPath", - "description": "Filters access by an asset hierarchy path, which is the string of asset IDs in the asset's hierarchy, each separated by a forward slash", - "type": "String" - }, - "iotsitewise:childAssetId": { - "condition": "iotsitewise:childAssetId", - "description": "Filters access by the ID of a child asset being associated whith a parent asset", - "type": "String" - }, - "iotsitewise:group": { - "condition": "iotsitewise:group", - "description": "Filters access by the ID of an AWS Single Sign-On group", - "type": "String" - }, - "iotsitewise:iam": { - "condition": "iotsitewise:iam", - "description": "Filters access by the ID of an AWS IAM identity", - "type": "String" - }, - "iotsitewise:isAssociatedWithAssetProperty": { - "condition": "iotsitewise:isAssociatedWithAssetProperty", - "description": "Filters access by data streams associated with or not associated with asset properties", - "type": "String" - }, - "iotsitewise:portal": { - "condition": "iotsitewise:portal", - "description": "Filters access by the ID of a portal", - "type": "String" - }, - "iotsitewise:project": { - "condition": "iotsitewise:project", - "description": "Filters access by the ID of a project", - "type": "String" - }, - "iotsitewise:propertyAlias": { - "condition": "iotsitewise:propertyAlias", - "description": "Filters access by the property alias", - "type": "String" - }, - "iotsitewise:propertyId": { - "condition": "iotsitewise:propertyId", - "description": "Filters access by the ID of an asset property", - "type": "String" - }, - "iotsitewise:user": { - "condition": "iotsitewise:user", - "description": "Filters access by the ID of an AWS Single Sign-On user", - "type": "String" - } - } - }, - "iotthingsgraph": { - "service_name": "AWS IoT Things Graph", - "prefix": "iotthingsgraph", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotthingsgraph.html", - "privileges": { - "AssociateEntityToThing": { - "privilege": "AssociateEntityToThing", - "description": "Associates a device with a concrete thing that is in the user's registry. A thing can be associated with only one device at a time. If you associate a thing with a new device id, its previous association will be removed", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeThing", - "iot:DescribeThingGroup" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_AssociateEntityToThing.html" - }, - "CreateFlowTemplate": { - "privilege": "CreateFlowTemplate", - "description": "Creates a workflow template. Workflows can be created only in the user's namespace. (The public namespace contains only entities.) The workflow can contain only entities in the specified namespace. The workflow is validated against the entities in the latest version of the user's namespace unless another namespace version is specified in the request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_CreateFlowTemplate.html" - }, - "CreateSystemInstance": { - "privilege": "CreateSystemInstance", - "description": "Creates an instance of a system with specified configurations and Things", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_CreateSystemInstance.html" - }, - "CreateSystemTemplate": { - "privilege": "CreateSystemTemplate", - "description": "Creates a system. The system is validated against the entities in the latest version of the user's namespace unless another namespace version is specified in the request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_CreateSystemTemplate.html" - }, - "DeleteFlowTemplate": { - "privilege": "DeleteFlowTemplate", - "description": "Deletes a workflow. Any new system or system instance that contains this workflow will fail to update or deploy. Existing system instances that contain the workflow will continue to run (since they use a snapshot of the workflow taken at the time of deploying the system instance)", - "access_level": "Write", - "resource_types": { - "Workflow": { - "resource_type": "Workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteFlowTemplate.html" - }, - "DeleteNamespace": { - "privilege": "DeleteNamespace", - "description": "Deletes the specified namespace. This action deletes all of the entities in the namespace. Delete the systems and flows in the namespace before performing this action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteNamespace.html" - }, - "DeleteSystemInstance": { - "privilege": "DeleteSystemInstance", - "description": "Deletes a system instance. Only instances that have never been deployed, or that have been undeployed from the target can be deleted. Users can create a new system instance that has the same ID as a deleted system instance", - "access_level": "Write", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteSystemInstance.html" - }, - "DeleteSystemTemplate": { - "privilege": "DeleteSystemTemplate", - "description": "Deletes a system. New system instances can't contain the system after its deletion. Existing system instances that contain the system will continue to work because they use a snapshot of the system that is taken when it is deployed", - "access_level": "Write", - "resource_types": { - "System": { - "resource_type": "System", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteSystemTemplate.html" - }, - "DeploySystemInstance": { - "privilege": "DeploySystemInstance", - "description": "Deploys the system instance to the target specified in CreateSystemInstance", - "access_level": "Write", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeploySystemInstance.html" - }, - "DeprecateFlowTemplate": { - "privilege": "DeprecateFlowTemplate", - "description": "Deprecates the specified workflow. This action marks the workflow for deletion. Deprecated flows can't be deployed, but existing system instances that use the flow will continue to run", - "access_level": "Write", - "resource_types": { - "Workflow": { - "resource_type": "Workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeprecateFlowTemplate.html" - }, - "DeprecateSystemTemplate": { - "privilege": "DeprecateSystemTemplate", - "description": "Deprecates the specified system", - "access_level": "Write", - "resource_types": { - "System": { - "resource_type": "System", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeprecateSystemTemplate.html" - }, - "DescribeNamespace": { - "privilege": "DescribeNamespace", - "description": "Gets the latest version of the user's namespace and the public version that it is tracking", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DescribeNamespace.html" - }, - "DissociateEntityFromThing": { - "privilege": "DissociateEntityFromThing", - "description": "Dissociates a device entity from a concrete thing. The action takes only the type of the entity that you need to dissociate because only one entity of a particular type can be associated with a thing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iot:DescribeThing", - "iot:DescribeThingGroup" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DissociateEntityFromThing.html" - }, - "GetEntities": { - "privilege": "GetEntities", - "description": "Gets descriptions of the specified entities. Uses the latest version of the user's namespace by default", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetEntities.html" - }, - "GetFlowTemplate": { - "privilege": "GetFlowTemplate", - "description": "Gets the latest version of the DefinitionDocument and FlowTemplateSummary for the specified workflow", - "access_level": "Read", - "resource_types": { - "Workflow": { - "resource_type": "Workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetFlowTemplate.html" - }, - "GetFlowTemplateRevisions": { - "privilege": "GetFlowTemplateRevisions", - "description": "Gets revisions of the specified workflow. Only the last 100 revisions are stored. If the workflow has been deprecated, this action will return revisions that occurred before the deprecation. This action won't work for workflows that have been deleted", - "access_level": "Read", - "resource_types": { - "Workflow": { - "resource_type": "Workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetFlowTemplateRevisions.html" - }, - "GetNamespaceDeletionStatus": { - "privilege": "GetNamespaceDeletionStatus", - "description": "Gets the status of a namespace deletion task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetNamespaceDeletionStatus.html" - }, - "GetSystemInstance": { - "privilege": "GetSystemInstance", - "description": "Gets a system instance", - "access_level": "Read", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetSystemInstance.html" - }, - "GetSystemTemplate": { - "privilege": "GetSystemTemplate", - "description": "Gets a system", - "access_level": "Read", - "resource_types": { - "System": { - "resource_type": "System", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetSystemTemplate.html" - }, - "GetSystemTemplateRevisions": { - "privilege": "GetSystemTemplateRevisions", - "description": "Gets revisions made to the specified system template. Only the previous 100 revisions are stored. If the system has been deprecated, this action will return the revisions that occurred before its deprecation. This action won't work with systems that have been deleted", - "access_level": "Read", - "resource_types": { - "System": { - "resource_type": "System", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetSystemTemplateRevisions.html" - }, - "GetUploadStatus": { - "privilege": "GetUploadStatus", - "description": "Gets the status of the specified upload", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetUploadStatus.html" - }, - "ListFlowExecutionMessages": { - "privilege": "ListFlowExecutionMessages", - "description": "Lists details of a single workflow execution", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_ListFlowExecutionMessages.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Lists all tags for a given resource", - "access_level": "List", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_ListTagsForResource.html" - }, - "SearchEntities": { - "privilege": "SearchEntities", - "description": "Searches for entities of the specified type. You can search for entities in your namespace and the public namespace that you're tracking", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchEntities.html" - }, - "SearchFlowExecutions": { - "privilege": "SearchFlowExecutions", - "description": "Searches for workflow executions of a system instance", - "access_level": "Read", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchFlowExecutions.html" - }, - "SearchFlowTemplates": { - "privilege": "SearchFlowTemplates", - "description": "Searches for summary information about workflows", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchFlowTemplates.html" - }, - "SearchSystemInstances": { - "privilege": "SearchSystemInstances", - "description": "Searches for system instances in the user's account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchSystemInstances.html" - }, - "SearchSystemTemplates": { - "privilege": "SearchSystemTemplates", - "description": "Searches for summary information about systems in the user's account. You can filter by the ID of a workflow to return only systems that use the specified workflow", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchSystemTemplates.html" - }, - "SearchThings": { - "privilege": "SearchThings", - "description": "Searches for things associated with the specified entity. You can search by both device and device model", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchThings.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Tag a specified resource", - "access_level": "Tagging", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_TagResource.html" - }, - "UndeploySystemInstance": { - "privilege": "UndeploySystemInstance", - "description": "Removes the system instance and associated triggers from the target", - "access_level": "Write", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UndeploySystemInstance.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Untag a specified resource", - "access_level": "Tagging", - "resource_types": { - "SystemInstance": { - "resource_type": "SystemInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UntagResource.html" - }, - "UpdateFlowTemplate": { - "privilege": "UpdateFlowTemplate", - "description": "Updates the specified workflow. All deployed systems and system instances that use the workflow will see the changes in the flow when it is redeployed. The workflow can contain only entities in the specified namespace", - "access_level": "Write", - "resource_types": { - "Workflow": { - "resource_type": "Workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UpdateFlowTemplate.html" - }, - "UpdateSystemTemplate": { - "privilege": "UpdateSystemTemplate", - "description": "Updates the specified system. You don't need to run this action after updating a workflow. Any system instance that uses the system will see the changes in the system when it is redeployed", - "access_level": "Write", - "resource_types": { - "System": { - "resource_type": "System", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UpdateSystemTemplate.html" - }, - "UploadEntityDefinitions": { - "privilege": "UploadEntityDefinitions", - "description": "Asynchronously uploads one or more entity definitions to the user's namespace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UploadEntityDefinitions.html" - } - }, - "resources": { - "Workflow": { - "resource": "Workflow", - "arn": "arn:${Partition}:iotthingsgraph:${Region}:${Account}:Workflow/${NamespacePath}", - "condition_keys": [] - }, - "System": { - "resource": "System", - "arn": "arn:${Partition}:iotthingsgraph:${Region}:${Account}:System/${NamespacePath}", - "condition_keys": [] - }, - "SystemInstance": { - "resource": "SystemInstance", - "arn": "arn:${Partition}:iotthingsgraph:${Region}:${Account}:Deployment/${NamespacePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a key that is present in the request the user makes to the thingsgraph service", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the list of all the tag key names present in the request the user makes to the thingsgraph service", - "type": "String" - } - } - }, - "iottwinmaker": { - "service_name": "AWS IoT TwinMaker", - "prefix": "iottwinmaker", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiottwinmaker.html", - "privileges": { - "BatchPutPropertyValues": { - "privilege": "BatchPutPropertyValues", - "description": "Grants permission to set values for multiple time series properties", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iottwinmaker:GetComponentType", - "iottwinmaker:GetEntity", - "iottwinmaker:GetWorkspace" - ] - }, - "entity": { - "resource_type": "entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_BatchPutPropertyValues.html" - }, - "CreateComponentType": { - "privilege": "CreateComponentType", - "description": "Grants permission to create a componentType", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateComponentType.html" - }, - "CreateEntity": { - "privilege": "CreateEntity", - "description": "Grants permission to create an entity", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateEntity.html" - }, - "CreateScene": { - "privilege": "CreateScene", - "description": "Grants permission to create a scene", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateScene.html" - }, - "CreateSyncJob": { - "privilege": "CreateSyncJob", - "description": "Grants permission to create a sync job", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateSyncJob.html" - }, - "CreateWorkspace": { - "privilege": "CreateWorkspace", - "description": "Grants permission to create a workspace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateWorkspace.html" - }, - "DeleteComponentType": { - "privilege": "DeleteComponentType", - "description": "Grants permission to delete a componentType", - "access_level": "Write", - "resource_types": { - "componentType": { - "resource_type": "componentType", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteComponentType.html" - }, - "DeleteEntity": { - "privilege": "DeleteEntity", - "description": "Grants permission to delete an entity", - "access_level": "Write", - "resource_types": { - "entity": { - "resource_type": "entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteEntity.html" - }, - "DeleteScene": { - "privilege": "DeleteScene", - "description": "Grants permission to delete a scene", - "access_level": "Write", - "resource_types": { - "scene": { - "resource_type": "scene", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteScene.html" - }, - "DeleteSyncJob": { - "privilege": "DeleteSyncJob", - "description": "Grants permission to delete a sync job", - "access_level": "Write", - "resource_types": { - "syncJob": { - "resource_type": "syncJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteSyncJob.html" - }, - "DeleteWorkspace": { - "privilege": "DeleteWorkspace", - "description": "Grants permission to delete a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteWorkspace.html" - }, - "ExecuteQuery": { - "privilege": "ExecuteQuery", - "description": "Grants permission to execute query", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ExecuteQuery.html" - }, - "GetComponentType": { - "privilege": "GetComponentType", - "description": "Grants permission to get a componentType", - "access_level": "Read", - "resource_types": { - "componentType": { - "resource_type": "componentType", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetComponentType.html" - }, - "GetEntity": { - "privilege": "GetEntity", - "description": "Grants permission to get an entity", - "access_level": "Read", - "resource_types": { - "entity": { - "resource_type": "entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetEntity.html" - }, - "GetPricingPlan": { - "privilege": "GetPricingPlan", - "description": "Grants permission to get pricing plan", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetPricingPlan.html" - }, - "GetPropertyValue": { - "privilege": "GetPropertyValue", - "description": "Grants permission to retrieve the property values", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iottwinmaker:GetComponentType", - "iottwinmaker:GetEntity", - "iottwinmaker:GetWorkspace" - ] - }, - "componentType": { - "resource_type": "componentType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity": { - "resource_type": "entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetPropertyValue.html" - }, - "GetPropertyValueHistory": { - "privilege": "GetPropertyValueHistory", - "description": "Grants permission to retrieve the time series value history", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iottwinmaker:GetComponentType", - "iottwinmaker:GetEntity", - "iottwinmaker:GetWorkspace" - ] - }, - "componentType": { - "resource_type": "componentType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity": { - "resource_type": "entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetPropertyValueHistory.html" - }, - "GetScene": { - "privilege": "GetScene", - "description": "Grants permission to get a scene", - "access_level": "Read", - "resource_types": { - "scene": { - "resource_type": "scene", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetScene.html" - }, - "GetSyncJob": { - "privilege": "GetSyncJob", - "description": "Grants permission to get a sync job", - "access_level": "Read", - "resource_types": { - "syncJob": { - "resource_type": "syncJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetSyncJob.html" - }, - "GetWorkspace": { - "privilege": "GetWorkspace", - "description": "Grants permission to get a workspace", - "access_level": "Read", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetWorkspace.html" - }, - "ListComponentTypes": { - "privilege": "ListComponentTypes", - "description": "Grants permission to list all componentTypes in a workspace", - "access_level": "List", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListComponentTypes.html" - }, - "ListEntities": { - "privilege": "ListEntities", - "description": "Grants permission to list all entities in a workspace", - "access_level": "List", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListEntities.html" - }, - "ListScenes": { - "privilege": "ListScenes", - "description": "Grants permission to list all scenes in a workspace", - "access_level": "List", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListScenes.html" - }, - "ListSyncJobs": { - "privilege": "ListSyncJobs", - "description": "Grants permission to list all sync jobs in a workspace", - "access_level": "List", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListSyncJobs.html" - }, - "ListSyncResources": { - "privilege": "ListSyncResources", - "description": "Grants permission to list all sync resources for a sync job", - "access_level": "List", - "resource_types": { - "syncJob": { - "resource_type": "syncJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListSyncResources.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for a resource", - "access_level": "List", - "resource_types": { - "componentType": { - "resource_type": "componentType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity": { - "resource_type": "entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scene": { - "resource_type": "scene", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "syncJob": { - "resource_type": "syncJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListTagsForResource.html" - }, - "ListWorkspaces": { - "privilege": "ListWorkspaces", - "description": "Grants permission to list all workspaces", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListWorkspaces.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "componentType": { - "resource_type": "componentType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity": { - "resource_type": "entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scene": { - "resource_type": "scene", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "syncJob": { - "resource_type": "syncJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "componentType": { - "resource_type": "componentType", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "entity": { - "resource_type": "entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "scene": { - "resource_type": "scene", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "syncJob": { - "resource_type": "syncJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UntagResource.html" - }, - "UpdateComponentType": { - "privilege": "UpdateComponentType", - "description": "Grants permission to update a componentType", - "access_level": "Write", - "resource_types": { - "componentType": { - "resource_type": "componentType", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateComponentType.html" - }, - "UpdateEntity": { - "privilege": "UpdateEntity", - "description": "Grants permission to update an entity", - "access_level": "Write", - "resource_types": { - "entity": { - "resource_type": "entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateEntity.html" - }, - "UpdatePricingPlan": { - "privilege": "UpdatePricingPlan", - "description": "Grants permission to update pricing plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdatePricingPlan.html" - }, - "UpdateScene": { - "privilege": "UpdateScene", - "description": "Grants permission to update a scene", - "access_level": "Write", - "resource_types": { - "scene": { - "resource_type": "scene", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateScene.html" - }, - "UpdateWorkspace": { - "privilege": "UpdateWorkspace", - "description": "Grants permission to update a workspace", - "access_level": "Write", - "resource_types": { - "workspace": { - "resource_type": "workspace", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateWorkspace.html" - } - }, - "resources": { - "workspace": { - "resource": "workspace", - "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "entity": { - "resource": "entity", - "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/entity/${EntityId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "componentType": { - "resource": "componentType", - "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/component-type/${ComponentTypeId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "scene": { - "resource": "scene", - "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/scene/${SceneId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "syncJob": { - "resource": "syncJob", - "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/sync-job/${SyncJobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "iq": { - "service_name": "AWS IQ", - "prefix": "iq", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiq.html", - "privileges": { - "AcceptCall": { - "privilege": "AcceptCall", - "description": "Grants permission to accept an incoming voice/video call", - "access_level": "Write", - "resource_types": { - "call": { - "resource_type": "call", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ApprovePaymentRequest": { - "privilege": "ApprovePaymentRequest", - "description": "Grants permission to approve a payment request", - "access_level": "Write", - "resource_types": { - "paymentRequest": { - "resource_type": "paymentRequest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ApproveProposal": { - "privilege": "ApproveProposal", - "description": "Grants permission to approve a proposal", - "access_level": "Write", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ArchiveConversation": { - "privilege": "ArchiveConversation", - "description": "Grants permission to archive a conversation", - "access_level": "Write", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CompleteProposal": { - "privilege": "CompleteProposal", - "description": "Grants permission to complete a proposal", - "access_level": "Write", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateConversation": { - "privilege": "CreateConversation", - "description": "Grants permission to respond to a request or send a direct message to initiate a conversation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateExpert": { - "privilege": "CreateExpert", - "description": "Grants permission to create an expert profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateListing": { - "privilege": "CreateListing", - "description": "Grants permission to create a listing", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateMilestoneProposal": { - "privilege": "CreateMilestoneProposal", - "description": "Grants permission to create a milestone proposal", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreatePaymentRequest": { - "privilege": "CreatePaymentRequest", - "description": "Grants permission to create a payment request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateProject": { - "privilege": "CreateProject", - "description": "Grants permission to submit new requests", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateRequest": { - "privilege": "CreateRequest", - "description": "Grants permission to submit new requests", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateScheduledProposal": { - "privilege": "CreateScheduledProposal", - "description": "Grants permission to create a scheduled proposal", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateSeller": { - "privilege": "CreateSeller", - "description": "Grants permission to create a seller profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreateUpfrontProposal": { - "privilege": "CreateUpfrontProposal", - "description": "Grants permission to create an upfront proposal", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "DeclineCall": { - "privilege": "DeclineCall", - "description": "Grants permission to decline an incoming voice/video call", - "access_level": "Write", - "resource_types": { - "call": { - "resource_type": "call", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "DeleteAttachment": { - "privilege": "DeleteAttachment", - "description": "Grants permission to delete an existing attachment", - "access_level": "Write", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "DisableIndividualPublicProfile": { - "privilege": "DisableIndividualPublicProfile", - "description": "Grants permission to disable individual public profile page", - "access_level": "Write", - "resource_types": { - "expert": { - "resource_type": "expert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "DownloadAttachment": { - "privilege": "DownloadAttachment", - "description": "Grants permission to download existing attachment", - "access_level": "Read", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "EnableIndividualPublicProfile": { - "privilege": "EnableIndividualPublicProfile", - "description": "Grants permission to enable individual public profile page", - "access_level": "Write", - "resource_types": { - "expert": { - "resource_type": "expert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "EndCall": { - "privilege": "EndCall", - "description": "Grants permission to end a voice/video call", - "access_level": "Write", - "resource_types": { - "call": { - "resource_type": "call", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetBuyer": { - "privilege": "GetBuyer", - "description": "Grants permission to read buyer information", - "access_level": "Read", - "resource_types": { - "buyer": { - "resource_type": "buyer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetCall": { - "privilege": "GetCall", - "description": "Grants permission to read details of a voice/video call", - "access_level": "Read", - "resource_types": { - "call": { - "resource_type": "call", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetChatInfo": { - "privilege": "GetChatInfo", - "description": "Grants permission to read the chat environment details about a conversation", - "access_level": "Read", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetChatMessages": { - "privilege": "GetChatMessages", - "description": "Grants permission to read chat messages in a conversation", - "access_level": "Read", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetChatToken": { - "privilege": "GetChatToken", - "description": "Grants permission to request a websocket token for the conversation notifications", - "access_level": "Read", - "resource_types": { - "token": { - "resource_type": "token", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetCompanyChatMessages": { - "privilege": "GetCompanyChatMessages", - "description": "Grants permission to read chat messages in a company conversation", - "access_level": "Read", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetCompanyProfile": { - "privilege": "GetCompanyProfile", - "description": "Grants permission to read a company profile", - "access_level": "Read", - "resource_types": { - "company": { - "resource_type": "company", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetConversation": { - "privilege": "GetConversation", - "description": "Grants permission to read details of a conversation", - "access_level": "Read", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetExpert": { - "privilege": "GetExpert", - "description": "Grants permission to read expert information", - "access_level": "Read", - "resource_types": { - "expert": { - "resource_type": "expert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetListing": { - "privilege": "GetListing", - "description": "Grants permission to read a listing", - "access_level": "Read", - "resource_types": { - "listing": { - "resource_type": "listing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetMarketplaceSeller": { - "privilege": "GetMarketplaceSeller", - "description": "Grants permission to read a seller profile information", - "access_level": "Read", - "resource_types": { - "seller": { - "resource_type": "seller", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetPaymentRequest": { - "privilege": "GetPaymentRequest", - "description": "Grants permission to read a payment request", - "access_level": "Read", - "resource_types": { - "paymentRequest": { - "resource_type": "paymentRequest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetProposal": { - "privilege": "GetProposal", - "description": "Grants permission to read a proposal", - "access_level": "Read", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetRequest": { - "privilege": "GetRequest", - "description": "Grants permission to get a created request", - "access_level": "Read", - "resource_types": { - "request": { - "resource_type": "request", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetReview": { - "privilege": "GetReview", - "description": "Grants permission to read a review for an expert", - "access_level": "Read", - "resource_types": { - "seller": { - "resource_type": "seller", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "HideRequest": { - "privilege": "HideRequest", - "description": "Grants permission to hide a request", - "access_level": "Write", - "resource_types": { - "request": { - "resource_type": "request", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "InitiateCall": { - "privilege": "InitiateCall", - "description": "Grants permission to start a voice/video call", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "LinkAwsCertification": { - "privilege": "LinkAwsCertification", - "description": "Grants permission to link an AWS certification to individual profile", - "access_level": "Write", - "resource_types": { - "expert": { - "resource_type": "expert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListAttachments": { - "privilege": "ListAttachments", - "description": "Grants permission to list existing attachments", - "access_level": "List", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListConversations": { - "privilege": "ListConversations", - "description": "Grants permission to list existing conversations", - "access_level": "Read", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListExpertAccessLogs": { - "privilege": "ListExpertAccessLogs", - "description": "Grants permission to list access logs of expert activity", - "access_level": "Read", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListListings": { - "privilege": "ListListings", - "description": "Grants permission to list listings", - "access_level": "Read", - "resource_types": { - "listing": { - "resource_type": "listing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListPaymentRequests": { - "privilege": "ListPaymentRequests", - "description": "Grants permission to list payment requests", - "access_level": "Read", - "resource_types": { - "paymentRequest": { - "resource_type": "paymentRequest", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "paymentSchedule": { - "resource_type": "paymentSchedule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListProposals": { - "privilege": "ListProposals", - "description": "Grants permission to list proposals", - "access_level": "Read", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListRequests": { - "privilege": "ListRequests", - "description": "Grants permission to list requests that are created", - "access_level": "Read", - "resource_types": { - "request": { - "resource_type": "request", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListReviews": { - "privilege": "ListReviews", - "description": "Grants permission to list reviews for an expert", - "access_level": "Read", - "resource_types": { - "seller": { - "resource_type": "seller", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "MarkChatMessageRead": { - "privilege": "MarkChatMessageRead", - "description": "Grants permission to mark a message as read in a conversation", - "access_level": "Write", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "RejectPaymentRequest": { - "privilege": "RejectPaymentRequest", - "description": "Grants permission to reject a payment request", - "access_level": "Write", - "resource_types": { - "paymentRequest": { - "resource_type": "paymentRequest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "RejectProposal": { - "privilege": "RejectProposal", - "description": "Grants permission to reject a proposal", - "access_level": "Write", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "SendCompanyChatMessage": { - "privilege": "SendCompanyChatMessage", - "description": "Grants permission to send a message in a conversation as a company", - "access_level": "Write", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "SendIndividualChatMessage": { - "privilege": "SendIndividualChatMessage", - "description": "Grants permission to send a message in a conversation as an individual", - "access_level": "Write", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UnarchiveConversation": { - "privilege": "UnarchiveConversation", - "description": "Grants permission to unarchive a conversation", - "access_level": "Write", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UnlinkAwsCertification": { - "privilege": "UnlinkAwsCertification", - "description": "Grants permission to unlink an AWS certification from individual profile", - "access_level": "Write", - "resource_types": { - "expert": { - "resource_type": "expert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UpdateCompanyProfile": { - "privilege": "UpdateCompanyProfile", - "description": "Grants permission to update a company profile", - "access_level": "Write", - "resource_types": { - "company": { - "resource_type": "company", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UpdateConversationMembers": { - "privilege": "UpdateConversationMembers", - "description": "Grants permission to add more participants into a conversation", - "access_level": "Write", - "resource_types": { - "conversation": { - "resource_type": "conversation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UpdateExpert": { - "privilege": "UpdateExpert", - "description": "Grants permission to update an expert information", - "access_level": "Write", - "resource_types": { - "expert": { - "resource_type": "expert", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UpdateListing": { - "privilege": "UpdateListing", - "description": "Grants permission to update a listing", - "access_level": "Write", - "resource_types": { - "listing": { - "resource_type": "listing", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UpdateRequest": { - "privilege": "UpdateRequest", - "description": "Grants permission to update a request", - "access_level": "Write", - "resource_types": { - "request": { - "resource_type": "request", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "UploadAttachment": { - "privilege": "UploadAttachment", - "description": "Grants permission to upload an attachment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "WithdrawPaymentRequest": { - "privilege": "WithdrawPaymentRequest", - "description": "Grants permission to withdraw a payment request", - "access_level": "Write", - "resource_types": { - "paymentRequest": { - "resource_type": "paymentRequest", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "WithdrawProposal": { - "privilege": "WithdrawProposal", - "description": "Grants permission to withdraw a proposal", - "access_level": "Write", - "resource_types": { - "proposal": { - "resource_type": "proposal", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "WriteReview": { - "privilege": "WriteReview", - "description": "Grants permission to write a review for an expert", - "access_level": "Write", - "resource_types": { - "seller": { - "resource_type": "seller", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - } - }, - "resources": { - "conversation": { - "resource": "conversation", - "arn": "arn:${Partition}:iq:${Region}::conversation/${ConversationId}", - "condition_keys": [] - }, - "buyer": { - "resource": "buyer", - "arn": "arn:${Partition}:iq:${Region}::buyer/${BuyerId}", - "condition_keys": [] - }, - "expert": { - "resource": "expert", - "arn": "arn:${Partition}:iq:${Region}::expert/${ExpertId}", - "condition_keys": [] - }, - "call": { - "resource": "call", - "arn": "arn:${Partition}:iq:${Region}::call/${CallId}", - "condition_keys": [] - }, - "token": { - "resource": "token", - "arn": "arn:${Partition}:iq:${Region}::token/${TokenId}", - "condition_keys": [] - }, - "proposal": { - "resource": "proposal", - "arn": "arn:${Partition}:iq:${Region}::proposal/${ConversationId}/${ProposalId}", - "condition_keys": [] - }, - "paymentRequest": { - "resource": "paymentRequest", - "arn": "arn:${Partition}:iq:${Region}::paymentRequest/${ConversationId}/${ProposalId}/${PaymentRequestId}", - "condition_keys": [] - }, - "paymentSchedule": { - "resource": "paymentSchedule", - "arn": "arn:${Partition}:iq:${Region}::paymentSchedule/${ConversationId}/${ProposalId}/${VersionId}", - "condition_keys": [] - }, - "seller": { - "resource": "seller", - "arn": "arn:${Partition}:iq:${Region}::seller/${SellerAwsAccountId}", - "condition_keys": [] - }, - "company": { - "resource": "company", - "arn": "arn:${Partition}:iq:${Region}::company/${CompanyId}", - "condition_keys": [] - }, - "request": { - "resource": "request", - "arn": "arn:${Partition}:iq:${Region}::request/${RequestId}", - "condition_keys": [] - }, - "listing": { - "resource": "listing", - "arn": "arn:${Partition}:iq:${Region}::listing/${ListingId}", - "condition_keys": [] - }, - "attachment": { - "resource": "attachment", - "arn": "arn:${Partition}:iq:${Region}::attachment/${AttachmentId}", - "condition_keys": [] - }, - "permission": { - "resource": "permission", - "arn": "arn:${Partition}:iq-permission:${Region}::permission/${PermissionRequestId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "iq-permission": { - "service_name": "AWS IQ Permissions", - "prefix": "iq-permission", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiqpermissions.html", - "privileges": { - "ApproveAccessGrant": { - "privilege": "ApproveAccessGrant", - "description": "Grants permission to approve a permission request", - "access_level": "Write", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ApprovePermissionRequest": { - "privilege": "ApprovePermissionRequest", - "description": "Grants permission to approve a permission request", - "access_level": "Write", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "CreatePermissionRequest": { - "privilege": "CreatePermissionRequest", - "description": "Grants permission to create a permission request", - "access_level": "Write", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "GetPermissionRequest": { - "privilege": "GetPermissionRequest", - "description": "Grants permission to get a permission request", - "access_level": "Read", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "ListPermissionRequests": { - "privilege": "ListPermissionRequests", - "description": "Grants permission to list permission requests", - "access_level": "Read", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "RejectPermissionRequest": { - "privilege": "RejectPermissionRequest", - "description": "Grants permission to reject a permission request", - "access_level": "Write", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "RevokePermissionRequest": { - "privilege": "RevokePermissionRequest", - "description": "Grants permission to revoke a permission request which was previously approved", - "access_level": "Write", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - }, - "WithdrawPermissionRequest": { - "privilege": "WithdrawPermissionRequest", - "description": "Grants permission to withdraw a permission request that has not been approved or declined", - "access_level": "Write", - "resource_types": { - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://aws.amazon.com/iq/" - } - }, - "resources": { - "permission": { - "resource": "permission", - "arn": "arn:${Partition}:iq-permission:${Region}::permission/${PermissionRequestId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "kms": { - "service_name": "AWS Key Management Service", - "prefix": "kms", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awskeymanagementservice.html", - "privileges": { - "CancelKeyDeletion": { - "privilege": "CancelKeyDeletion", - "description": "Controls permission to cancel the scheduled deletion of an AWS KMS key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html" - }, - "ConnectCustomKeyStore": { - "privilege": "ConnectCustomKeyStore", - "description": "Controls permission to connect or reconnect a custom key store to its associated AWS CloudHSM cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ConnectCustomKeyStore.html" - }, - "CreateAlias": { - "privilege": "CreateAlias", - "description": "Controls permission to create an alias for an AWS KMS key. Aliases are optional friendly names that you can associate with KMS keys", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateAlias.html" - }, - "CreateCustomKeyStore": { - "privilege": "CreateCustomKeyStore", - "description": "Controls permission to create a custom key store that is associated with an AWS CloudHSM cluster that you own and manage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount" - ], - "dependent_actions": [ - "cloudhsm:DescribeClusters", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateCustomKeyStore.html" - }, - "CreateGrant": { - "privilege": "CreateGrant", - "description": "Controls permission to add a grant to an AWS KMS key. You can use grants to add permissions without changing the key policy or IAM policy", - "access_level": "Permissions management", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:GrantConstraintType", - "kms:GranteePrincipal", - "kms:GrantIsForAWSResource", - "kms:GrantOperations", - "kms:RetiringPrincipal", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateGrant.html" - }, - "CreateKey": { - "privilege": "CreateKey", - "description": "Controls permission to create an AWS KMS key that can be used to protect data keys and other sensitive information", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "kms:BypassPolicyLockoutSafetyCheck", - "kms:CallerAccount", - "kms:KeySpec", - "kms:KeyUsage", - "kms:KeyOrigin", - "kms:MultiRegion", - "kms:MultiRegionKeyType", - "kms:ViaService" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "kms:PutKeyPolicy", - "kms:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateKey.html" - }, - "Decrypt": { - "privilege": "Decrypt", - "description": "Controls permission to decrypt ciphertext that was encrypted under an AWS KMS key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:RecipientAttestation:ImageSha384", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Decrypt.html" - }, - "DeleteAlias": { - "privilege": "DeleteAlias", - "description": "Controls permission to delete an alias. Aliases are optional friendly names that you can associate with AWS KMS keys", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DeleteAlias.html" - }, - "DeleteCustomKeyStore": { - "privilege": "DeleteCustomKeyStore", - "description": "Controls permission to delete a custom key store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DeleteCustomKeyStore.html" - }, - "DeleteImportedKeyMaterial": { - "privilege": "DeleteImportedKeyMaterial", - "description": "Controls permission to delete cryptographic material that you imported into an AWS KMS key. This action makes the key unusable", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DeleteImportedKeyMaterial.html" - }, - "DescribeCustomKeyStores": { - "privilege": "DescribeCustomKeyStores", - "description": "Controls permission to view detailed information about custom key stores in the account and region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeCustomKeyStores.html" - }, - "DescribeKey": { - "privilege": "DescribeKey", - "description": "Controls permission to view detailed information about an AWS KMS key", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html" - }, - "DisableKey": { - "privilege": "DisableKey", - "description": "Controls permission to disable an AWS KMS key, which prevents it from being used in cryptographic operations", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html" - }, - "DisableKeyRotation": { - "privilege": "DisableKeyRotation", - "description": "Controls permission to disable automatic rotation of a customer managed AWS KMS key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKeyRotation.html" - }, - "DisconnectCustomKeyStore": { - "privilege": "DisconnectCustomKeyStore", - "description": "Controls permission to disconnect the custom key store from its associated AWS CloudHSM cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DisconnectCustomKeyStore.html" - }, - "EnableKey": { - "privilege": "EnableKey", - "description": "Controls permission to change the state of an AWS KMS key to enabled. This allows the KMS key to be used in cryptographic operations", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html" - }, - "EnableKeyRotation": { - "privilege": "EnableKeyRotation", - "description": "Controls permission to enable automatic rotation of the cryptographic material in an AWS KMS key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKeyRotation.html" - }, - "Encrypt": { - "privilege": "Encrypt", - "description": "Controls permission to use the specified AWS KMS key to encrypt data and data keys", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html" - }, - "GenerateDataKey": { - "privilege": "GenerateDataKey", - "description": "Controls permission to use the AWS KMS key to generate data keys. You can use the data keys to encrypt data outside of AWS KMS", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:RecipientAttestation:ImageSha384", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey.html" - }, - "GenerateDataKeyPair": { - "privilege": "GenerateDataKeyPair", - "description": "Controls permission to use the AWS KMS key to generate data key pairs", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:DataKeyPairSpec", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKeyPair.html" - }, - "GenerateDataKeyPairWithoutPlaintext": { - "privilege": "GenerateDataKeyPairWithoutPlaintext", - "description": "Controls permission to use the AWS KMS key to generate data key pairs. Unlike the GenerateDataKeyPair operation, this operation returns an encrypted private key without a plaintext copy", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:DataKeyPairSpec", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKeyPairWithoutPlaintext.html" - }, - "GenerateDataKeyWithoutPlaintext": { - "privilege": "GenerateDataKeyWithoutPlaintext", - "description": "Controls permission to use the AWS KMS key to generate a data key. Unlike the GenerateDataKey operation, this operation returns an encrypted data key without a plaintext version of the data key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKeyWithoutPlaintext.html" - }, - "GenerateMac": { - "privilege": "GenerateMac", - "description": "Controls permission to use the AWS KMS key to generate message authentication codes", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:MacAlgorithm", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateMac.html" - }, - "GenerateRandom": { - "privilege": "GenerateRandom", - "description": "Controls permission to get a cryptographically secure random byte string from AWS KMS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:RecipientAttestation:ImageSha384" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateRandom.html" - }, - "GetKeyPolicy": { - "privilege": "GetKeyPolicy", - "description": "Controls permission to view the key policy for the specified AWS KMS key", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetKeyPolicy.html" - }, - "GetKeyRotationStatus": { - "privilege": "GetKeyRotationStatus", - "description": "Controls permission to determine whether automatic key rotation is enabled on the AWS KMS key", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetKeyRotationStatus.html" - }, - "GetParametersForImport": { - "privilege": "GetParametersForImport", - "description": "Controls permission to get data that is required to import cryptographic material into a customer managed key, including a public key and import token", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService", - "kms:WrappingAlgorithm", - "kms:WrappingKeySpec" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetParametersForImport.html" - }, - "GetPublicKey": { - "privilege": "GetPublicKey", - "description": "Controls permission to download the public key of an asymmetric AWS KMS key", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html" - }, - "ImportKeyMaterial": { - "privilege": "ImportKeyMaterial", - "description": "Controls permission to import cryptographic material into an AWS KMS key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ExpirationModel", - "kms:ValidTo", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ImportKeyMaterial.html" - }, - "ListAliases": { - "privilege": "ListAliases", - "description": "Controls permission to view the aliases that are defined in the account. Aliases are optional friendly names that you can associate with AWS KMS keys", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListAliases.html" - }, - "ListGrants": { - "privilege": "ListGrants", - "description": "Controls permission to view all grants for an AWS KMS key", - "access_level": "List", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:GrantIsForAWSResource", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListGrants.html" - }, - "ListKeyPolicies": { - "privilege": "ListKeyPolicies", - "description": "Controls permission to view the names of key policies for an AWS KMS key", - "access_level": "List", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeyPolicies.html" - }, - "ListKeys": { - "privilege": "ListKeys", - "description": "Controls permission to view the key ID and Amazon Resource Name (ARN) of all AWS KMS keys in the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html" - }, - "ListResourceTags": { - "privilege": "ListResourceTags", - "description": "Controls permission to view all tags that are attached to an AWS KMS key", - "access_level": "List", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListResourceTags.html" - }, - "ListRetirableGrants": { - "privilege": "ListRetirableGrants", - "description": "Controls permission to view grants in which the specified principal is the retiring principal. Other principals might be able to retire the grant and this principal might be able to retire other grants", - "access_level": "List", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListRetirableGrants.html" - }, - "PutKeyPolicy": { - "privilege": "PutKeyPolicy", - "description": "Controls permission to replace the key policy for the specified AWS KMS key", - "access_level": "Permissions management", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:BypassPolicyLockoutSafetyCheck", - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html" - }, - "ReEncryptFrom": { - "privilege": "ReEncryptFrom", - "description": "Controls permission to decrypt data as part of the process that decrypts and reencrypts the data within AWS KMS", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:ReEncryptOnSameKey", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ReEncrypt.html" - }, - "ReEncryptTo": { - "privilege": "ReEncryptTo", - "description": "Controls permission to encrypt data as part of the process that decrypts and reencrypts the data within AWS KMS", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:EncryptionAlgorithm", - "kms:EncryptionContext:${EncryptionContextKey}", - "kms:EncryptionContextKeys", - "kms:ReEncryptOnSameKey", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ReEncrypt.html" - }, - "ReplicateKey": { - "privilege": "ReplicateKey", - "description": "Controls permission to replicate a multi-Region primary key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "kms:CreateKey", - "kms:PutKeyPolicy", - "kms:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ReplicaRegion", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ReplicateKey.html" - }, - "RetireGrant": { - "privilege": "RetireGrant", - "description": "Controls permission to retire a grant. The RetireGrant operation is typically called by the grant user after they complete the tasks that the grant allowed them to perform", - "access_level": "Permissions management", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html" - }, - "RevokeGrant": { - "privilege": "RevokeGrant", - "description": "Controls permission to revoke a grant, which denies permission for all operations that depend on the grant", - "access_level": "Permissions management", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:GrantIsForAWSResource", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_RevokeGrant.html" - }, - "ScheduleKeyDeletion": { - "privilege": "ScheduleKeyDeletion", - "description": "Controls permission to schedule deletion of an AWS KMS key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ScheduleKeyDeletionPendingWindowInDays", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html" - }, - "Sign": { - "privilege": "Sign", - "description": "Controls permission to produce a digital signature for a message", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:MessageType", - "kms:RequestAlias", - "kms:SigningAlgorithm", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Sign.html" - }, - "SynchronizeMultiRegionKey": { - "privilege": "SynchronizeMultiRegionKey", - "description": "Controls access to internal APIs that synchronize multi-Region keys", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-auth.html#multi-region-auth-slr" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Controls permission to create or update tags that are attached to an AWS KMS key", - "access_level": "Tagging", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Controls permission to delete tags that are attached to an AWS KMS key", - "access_level": "Tagging", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UntagResource.html" - }, - "UpdateAlias": { - "privilege": "UpdateAlias", - "description": "Controls permission to associate an alias with a different AWS KMS key. An alias is an optional friendly name that you can associate with a KMS key", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdateAlias.html" - }, - "UpdateCustomKeyStore": { - "privilege": "UpdateCustomKeyStore", - "description": "Controls permission to change the properties of a custom key store", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdateCustomKeyStore.html" - }, - "UpdateKeyDescription": { - "privilege": "UpdateKeyDescription", - "description": "Controls permission to delete or change the description of an AWS KMS key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdateKeyDescription.html" - }, - "UpdatePrimaryRegion": { - "privilege": "UpdatePrimaryRegion", - "description": "Controls permission to update the primary Region of a multi-Region primary key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:PrimaryRegion", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdatePrimaryRegion.html" - }, - "Verify": { - "privilege": "Verify", - "description": "Controls permission to use the specified AWS KMS key to verify digital signatures", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:MessageType", - "kms:RequestAlias", - "kms:SigningAlgorithm", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Verify.html" - }, - "VerifyMac": { - "privilege": "VerifyMac", - "description": "Controls permission to use the AWS KMS key to verify message authentication codes", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "kms:CallerAccount", - "kms:MacAlgorithm", - "kms:RequestAlias", - "kms:ViaService" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_VerifyMac.html" - } - }, - "resources": { - "alias": { - "resource": "alias", - "arn": "arn:${Partition}:kms:${Region}:${Account}:alias/${Alias}", - "condition_keys": [] - }, - "key": { - "resource": "key", - "arn": "arn:${Partition}:kms:${Region}:${Account}:key/${KeyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "kms:KeyOrigin", - "kms:KeySpec", - "kms:KeyUsage", - "kms:MultiRegion", - "kms:MultiRegionKeyType", - "kms:ResourceAliases" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access to the specified AWS KMS operations based on both the key and value of the tag in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access to the specified AWS KMS operations based on tags assigned to the AWS KMS key", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access to the specified AWS KMS operations based on tag keys in the request", - "type": "ArrayOfString" - }, - "kms:BypassPolicyLockoutSafetyCheck": { - "condition": "kms:BypassPolicyLockoutSafetyCheck", - "description": "Filters access to the CreateKey and PutKeyPolicy operations based on the value of the BypassPolicyLockoutSafetyCheck parameter in the request", - "type": "Bool" - }, - "kms:CallerAccount": { - "condition": "kms:CallerAccount", - "description": "Filters access to specified AWS KMS operations based on the AWS account ID of the caller. You can use this condition key to allow or deny access to all IAM users and roles in an AWS account in a single policy statement", - "type": "String" - }, - "kms:CustomerMasterKeySpec": { - "condition": "kms:CustomerMasterKeySpec", - "description": "The kms:CustomerMasterKeySpec condition key is deprecated. Instead, use the kms:KeySpec condition key", - "type": "String" - }, - "kms:CustomerMasterKeyUsage": { - "condition": "kms:CustomerMasterKeyUsage", - "description": "The kms:CustomerMasterKeyUsage condition key is deprecated. Instead, use the kms:KeyUsage condition key", - "type": "String" - }, - "kms:DataKeyPairSpec": { - "condition": "kms:DataKeyPairSpec", - "description": "Filters access to GenerateDataKeyPair and GenerateDataKeyPairWithoutPlaintext operations based on the value of the KeyPairSpec parameter in the request", - "type": "String" - }, - "kms:EncryptionAlgorithm": { - "condition": "kms:EncryptionAlgorithm", - "description": "Filters access to encryption operations based on the value of the encryption algorithm in the request", - "type": "String" - }, - "kms:EncryptionContext:${EncryptionContextKey}": { - "condition": "kms:EncryptionContext:${EncryptionContextKey}", - "description": "Filters access to a symmetric AWS KMS key based on the encryption context in a cryptographic operation. This condition evaluates the key and value in each key-value encryption context pair", - "type": "String" - }, - "kms:EncryptionContextKeys": { - "condition": "kms:EncryptionContextKeys", - "description": "Filters access to a symmetric AWS KMS key based on the encryption context in a cryptographic operation. This condition key evaluates only the key in each key-value encryption context pair", - "type": "ArrayOfString" - }, - "kms:ExpirationModel": { - "condition": "kms:ExpirationModel", - "description": "Filters access to the ImportKeyMaterial operation based on the value of the ExpirationModel parameter in the request", - "type": "String" - }, - "kms:GrantConstraintType": { - "condition": "kms:GrantConstraintType", - "description": "Filters access to the CreateGrant operation based on the grant constraint in the request", - "type": "String" - }, - "kms:GrantIsForAWSResource": { - "condition": "kms:GrantIsForAWSResource", - "description": "Filters access to the CreateGrant operation when the request comes from a specified AWS service", - "type": "Bool" - }, - "kms:GrantOperations": { - "condition": "kms:GrantOperations", - "description": "Filters access to the CreateGrant operation based on the operations in the grant", - "type": "ArrayOfString" - }, - "kms:GranteePrincipal": { - "condition": "kms:GranteePrincipal", - "description": "Filters access to the CreateGrant operation based on the grantee principal in the grant", - "type": "String" - }, - "kms:KeyOrigin": { - "condition": "kms:KeyOrigin", - "description": "Filters access to an API operation based on the Origin property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key", - "type": "String" - }, - "kms:KeySpec": { - "condition": "kms:KeySpec", - "description": "Filters access to an API operation based on the KeySpec property of the AWS KMS key that is created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", - "type": "String" - }, - "kms:KeyUsage": { - "condition": "kms:KeyUsage", - "description": "Filters access to an API operation based on the KeyUsage property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", - "type": "String" - }, - "kms:MacAlgorithm": { - "condition": "kms:MacAlgorithm", - "description": "Filters access to the GenerateMac and VerifyMac operations based on the MacAlgorithm parameter in the request", - "type": "String" - }, - "kms:MessageType": { - "condition": "kms:MessageType", - "description": "Filters access to the Sign and Verify operations based on the value of the MessageType parameter in the request", - "type": "String" - }, - "kms:MultiRegion": { - "condition": "kms:MultiRegion", - "description": "Filters access to an API operation based on the MultiRegion property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", - "type": "Bool" - }, - "kms:MultiRegionKeyType": { - "condition": "kms:MultiRegionKeyType", - "description": "Filters access to an API operation based on the MultiRegionKeyType property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", - "type": "String" - }, - "kms:PrimaryRegion": { - "condition": "kms:PrimaryRegion", - "description": "Filters access to the UpdatePrimaryRegion operation based on the value of the PrimaryRegion parameter in the request", - "type": "String" - }, - "kms:ReEncryptOnSameKey": { - "condition": "kms:ReEncryptOnSameKey", - "description": "Filters access to the ReEncrypt operation when it uses the same AWS KMS key that was used for the Encrypt operation", - "type": "Bool" - }, - "kms:RecipientAttestation:ImageSha384": { - "condition": "kms:RecipientAttestation:ImageSha384", - "description": "Filters access to the Decrypt, GenerateDataKey, and GenerateRandom operations based on the image hash in the attestation document in the request", - "type": "String" - }, - "kms:RecipientAttestation:PCR": { - "condition": "kms:RecipientAttestation:PCR", - "description": "Filters access to the Decrypt, GenerateDataKey, and GenerateRandom operations based on the platform configuration registers (PCRs) in the attestation document in the request", - "type": "String" - }, - "kms:ReplicaRegion": { - "condition": "kms:ReplicaRegion", - "description": "Filters access to the ReplicateKey operation based on the value of the ReplicaRegion parameter in the request", - "type": "String" - }, - "kms:RequestAlias": { - "condition": "kms:RequestAlias", - "description": "Filters access to cryptographic operations, DescribeKey, and GetPublicKey based on the alias in the request", - "type": "String" - }, - "kms:ResourceAliases": { - "condition": "kms:ResourceAliases", - "description": "Filters access to specified AWS KMS operations based on aliases associated with the AWS KMS key", - "type": "ArrayOfString" - }, - "kms:RetiringPrincipal": { - "condition": "kms:RetiringPrincipal", - "description": "Filters access to the CreateGrant operation based on the retiring principal in the grant", - "type": "String" - }, - "kms:ScheduleKeyDeletionPendingWindowInDays": { - "condition": "kms:ScheduleKeyDeletionPendingWindowInDays", - "description": "Filters access to the ScheduleKeyDeletion operation based on the value of the PendingWindowInDays parameter in the request", - "type": "Numeric" - }, - "kms:SigningAlgorithm": { - "condition": "kms:SigningAlgorithm", - "description": "Filters access to the Sign and Verify operations based on the signing algorithm in the request", - "type": "String" - }, - "kms:ValidTo": { - "condition": "kms:ValidTo", - "description": "Filters access to the ImportKeyMaterial operation based on the value of the ValidTo parameter in the request. You can use this condition key to allow users to import key material only when it expires by the specified date", - "type": "Date" - }, - "kms:ViaService": { - "condition": "kms:ViaService", - "description": "Filters access when a request made on the principal's behalf comes from a specified AWS service", - "type": "String" - }, - "kms:WrappingAlgorithm": { - "condition": "kms:WrappingAlgorithm", - "description": "Filters access to the GetParametersForImport operation based on the value of the WrappingAlgorithm parameter in the request", - "type": "String" - }, - "kms:WrappingKeySpec": { - "condition": "kms:WrappingKeySpec", - "description": "Filters access to the GetParametersForImport operation based on the value of the WrappingKeySpec parameter in the request", - "type": "String" - } - } - }, - "lakeformation": { - "service_name": "AWS Lake Formation", - "prefix": "lakeformation", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslakeformation.html", - "privileges": { - "AddLFTagsToResource": { - "privilege": "AddLFTagsToResource", - "description": "Grants permission to attach Lake Formation tags to catalog resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-AddLFTagsToResource" - }, - "BatchGrantPermissions": { - "privilege": "BatchGrantPermissions", - "description": "Grants permission to data lake permissions to one or more principals in a batch", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-BatchGrantPermissions" - }, - "BatchRevokePermissions": { - "privilege": "BatchRevokePermissions", - "description": "Grants permission to revoke data lake permissions from one or more principals in a batch", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-BatchRevokePermissions" - }, - "CancelTransaction": { - "privilege": "CancelTransaction", - "description": "Grants permission to cancel the given transaction", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-CancelTransaction" - }, - "CommitTransaction": { - "privilege": "CommitTransaction", - "description": "Grants permission to commit the given transaction", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-CommitTransaction" - }, - "CreateDataCellsFilter": { - "privilege": "CreateDataCellsFilter", - "description": "Grants permission to create a Lake Formation data cell filter", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-CreateDataCellsFilter" - }, - "CreateLFTag": { - "privilege": "CreateLFTag", - "description": "Grants permission to create a Lake Formation tag", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-CreateLFTag" - }, - "DeleteDataCellsFilter": { - "privilege": "DeleteDataCellsFilter", - "description": "Grants permission to delete a Lake Formation data cell filter", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-DeleteDataCellsFilter" - }, - "DeleteLFTag": { - "privilege": "DeleteLFTag", - "description": "Grants permission to delete a Lake Formation tag", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-DeleteLFTag" - }, - "DeleteObjectsOnCancel": { - "privilege": "DeleteObjectsOnCancel", - "description": "Grants permission to delete the specified objects if the transaction is canceled", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-DeleteObjectsOnCancel" - }, - "DeregisterResource": { - "privilege": "DeregisterResource", - "description": "Grants permission to deregister a registered location", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-DeregisterResource" - }, - "DescribeResource": { - "privilege": "DescribeResource", - "description": "Grants permission to describe a registered location", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-DescribeResource" - }, - "DescribeTransaction": { - "privilege": "DescribeTransaction", - "description": "Grants permission to get status of the given transaction", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-DescribeTransaction" - }, - "ExtendTransaction": { - "privilege": "ExtendTransaction", - "description": "Grants permission to extend the timeout of the given transaction", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-ExtendTransaction" - }, - "GetDataAccess": { - "privilege": "GetDataAccess", - "description": "Grants permission to virtual data lake access", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetDataAccess" - }, - "GetDataCellsFilter": { - "privilege": "GetDataCellsFilter", - "description": "Grants permission to retrieve a Lake Formation data cell filter", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-GetDataCellsFilter" - }, - "GetDataLakeSettings": { - "privilege": "GetDataLakeSettings", - "description": "Grants permission to retrieve data lake settings such as the list of data lake administrators and database and table default permissions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetDataLakeSettings" - }, - "GetEffectivePermissionsForPath": { - "privilege": "GetEffectivePermissionsForPath", - "description": "Grants permission to retrieve permissions attached to resources in the given path", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetEffectivePermissionsForPath" - }, - "GetLFTag": { - "privilege": "GetLFTag", - "description": "Grants permission to retrieve a Lake Formation tag", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetLFTag" - }, - "GetQueryState": { - "privilege": "GetQueryState", - "description": "Grants permission to retrieve the state of the given query", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "lakeformation:StartQueryPlanning" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetQueryState" - }, - "GetQueryStatistics": { - "privilege": "GetQueryStatistics", - "description": "Grants permission to retrieve the statistics for the given query", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "lakeformation:StartQueryPlanning" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetQueryStatistics" - }, - "GetResourceLFTags": { - "privilege": "GetResourceLFTags", - "description": "Grants permission to retrieve lakeformation tags on a catalog resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetResourceLFTags" - }, - "GetTableObjects": { - "privilege": "GetTableObjects", - "description": "Grants permission to retrieve objects from a table", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-objects.html#aws-lake-formation-api-objects-GetTableObjects" - }, - "GetWorkUnitResults": { - "privilege": "GetWorkUnitResults", - "description": "Grants permission to retrieve the results for the given work units", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "lakeformation:GetWorkUnits", - "lakeformation:StartQueryPlanning" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetWorkUnitResults" - }, - "GetWorkUnits": { - "privilege": "GetWorkUnits", - "description": "Grants permission to retrieve the work units for the given query", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "lakeformation:StartQueryPlanning" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetWorkUnits" - }, - "GrantPermissions": { - "privilege": "GrantPermissions", - "description": "Grants permission to data lake permissions to a principal", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GrantPermissions" - }, - "ListDataCellsFilter": { - "privilege": "ListDataCellsFilter", - "description": "Grants permission to list cell filters", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-ListDataCellsFilter" - }, - "ListLFTags": { - "privilege": "ListLFTags", - "description": "Grants permission to list Lake Formation tags", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-ListLFTags" - }, - "ListPermissions": { - "privilege": "ListPermissions", - "description": "Grants permission to list permissions filtered by principal or resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-ListPermissions" - }, - "ListResources": { - "privilege": "ListResources", - "description": "Grants permission to List registered locations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-ListResources" - }, - "ListTableStorageOptimizers": { - "privilege": "ListTableStorageOptimizers", - "description": "Grants permission to list all the storage optimizers for the Governed table", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-optimizers.html#aws-lake-formation-api-optimizers-ListTableStorageOptimizers" - }, - "ListTransactions": { - "privilege": "ListTransactions", - "description": "Grants permission to list all transactions in the system", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-ListTransactions" - }, - "PutDataLakeSettings": { - "privilege": "PutDataLakeSettings", - "description": "Grants permission to overwrite data lake settings such as the list of data lake administrators and database and table default permissions", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-PutDataLakeSettings" - }, - "RegisterResource": { - "privilege": "RegisterResource", - "description": "Grants permission to register a new location to be managed by Lake Formation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-RegisterResource" - }, - "RemoveLFTagsFromResource": { - "privilege": "RemoveLFTagsFromResource", - "description": "Grants permission to remove lakeformation tags from catalog resources", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-RemoveLFTagsFromResource" - }, - "RevokePermissions": { - "privilege": "RevokePermissions", - "description": "Grants permission to revoke data lake permissions from a principal", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-RevokePermissions" - }, - "SearchDatabasesByLFTags": { - "privilege": "SearchDatabasesByLFTags", - "description": "Grants permission to list catalog databases with Lake Formation tags", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-SearchDatabasesByLFTags" - }, - "SearchTablesByLFTags": { - "privilege": "SearchTablesByLFTags", - "description": "Grants permission to list catalog tables with Lake Formation tags", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-SearchTablesByLFTags" - }, - "StartQueryPlanning": { - "privilege": "StartQueryPlanning", - "description": "Grants permission to initiate the planning of the given query", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-StartQueryPlanning" - }, - "StartTransaction": { - "privilege": "StartTransaction", - "description": "Grants permission to start a new transaction", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-StartTransaction" - }, - "UpdateDataCellsFilter": { - "privilege": "UpdateDataCellsFilter", - "description": "Grants permission to update a Lake Formation data cell filter", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-UpdateDataCellsFilter" - }, - "UpdateLFTag": { - "privilege": "UpdateLFTag", - "description": "Grants permission to update a Lake Formation tag", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-UpdateLFTag" - }, - "UpdateResource": { - "privilege": "UpdateResource", - "description": "Grants permission to update a registered location", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-UpdateResource" - }, - "UpdateTableObjects": { - "privilege": "UpdateTableObjects", - "description": "Grants permission to add or delete the specified objects to or from a table", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-objects.html#aws-lake-formation-api-objects-UpdateTableObjects" - }, - "UpdateTableStorageOptimizer": { - "privilege": "UpdateTableStorageOptimizer", - "description": "Grants permission to update the configuration of the storage optimizer for the Governed table", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-optimizers.html#aws-lake-formation-api-optimizers-UpdateTableStorageOptimizer" - } - }, - "resources": {}, - "conditions": {} - }, - "lambda": { - "service_name": "AWS Lambda", - "prefix": "lambda", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslambda.html", - "privileges": { - "AddLayerVersionPermission": { - "privilege": "AddLayerVersionPermission", - "description": "Grants permission to add permissions to the resource-based policy of a version of an AWS Lambda layer", - "access_level": "Permissions management", - "resource_types": { - "layerVersion": { - "resource_type": "layerVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_AddLayerVersionPermission.html" - }, - "AddPermission": { - "privilege": "AddPermission", - "description": "Grants permission to give an AWS service or another account permission to use an AWS Lambda function", - "access_level": "Permissions management", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:Principal", - "lambda:FunctionUrlAuthType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html" - }, - "CreateAlias": { - "privilege": "CreateAlias", - "description": "Grants permission to create an alias for a Lambda function version", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateAlias.html" - }, - "CreateCodeSigningConfig": { - "privilege": "CreateCodeSigningConfig", - "description": "Grants permission to create an AWS Lambda code signing config", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateCodeSigningConfig.html" - }, - "CreateEventSourceMapping": { - "privilege": "CreateEventSourceMapping", - "description": "Grants permission to create a mapping between an event source and an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateEventSourceMapping.html" - }, - "CreateFunction": { - "privilege": "CreateFunction", - "description": "Grants permission to create an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:Layer", - "lambda:VpcIds", - "lambda:SubnetIds", - "lambda:SecurityGroupIds", - "lambda:CodeSigningConfigArn", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html" - }, - "CreateFunctionUrlConfig": { - "privilege": "CreateFunctionUrlConfig", - "description": "Grants permission to create a function url configuration for a Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionUrlAuthType", - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html" - }, - "DeleteAlias": { - "privilege": "DeleteAlias", - "description": "Grants permission to delete an AWS Lambda function alias", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteAlias.html" - }, - "DeleteCodeSigningConfig": { - "privilege": "DeleteCodeSigningConfig", - "description": "Grants permission to delete an AWS Lambda code signing config", - "access_level": "Write", - "resource_types": { - "code signing config": { - "resource_type": "code signing config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteCodeSigningConfig.html" - }, - "DeleteEventSourceMapping": { - "privilege": "DeleteEventSourceMapping", - "description": "Grants permission to delete an AWS Lambda event source mapping", - "access_level": "Write", - "resource_types": { - "eventSourceMapping": { - "resource_type": "eventSourceMapping", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteEventSourceMapping.html" - }, - "DeleteFunction": { - "privilege": "DeleteFunction", - "description": "Grants permission to delete an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunction.html" - }, - "DeleteFunctionCodeSigningConfig": { - "privilege": "DeleteFunctionCodeSigningConfig", - "description": "Grants permission to detach a code signing config from an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionCodeSigningConfig.html" - }, - "DeleteFunctionConcurrency": { - "privilege": "DeleteFunctionConcurrency", - "description": "Grants permission to remove a concurrent execution limit from an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionConcurrency.html" - }, - "DeleteFunctionEventInvokeConfig": { - "privilege": "DeleteFunctionEventInvokeConfig", - "description": "Grants permission to delete the configuration for asynchronous invocation for an AWS Lambda function, version, or alias", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionEventInvokeConfig.html" - }, - "DeleteFunctionUrlConfig": { - "privilege": "DeleteFunctionUrlConfig", - "description": "Grants permission to delete function url configuration for a Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionUrlAuthType", - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionUrlConfig.html" - }, - "DeleteLayerVersion": { - "privilege": "DeleteLayerVersion", - "description": "Grants permission to delete a version of an AWS Lambda layer", - "access_level": "Write", - "resource_types": { - "layerVersion": { - "resource_type": "layerVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteLayerVersion.html" - }, - "DeleteProvisionedConcurrencyConfig": { - "privilege": "DeleteProvisionedConcurrencyConfig", - "description": "Grants permission to delete the provisioned concurrency configuration for an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function alias": { - "resource_type": "function alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "function version": { - "resource_type": "function version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteProvisionedConcurrencyConfig.html" - }, - "DisableReplication": { - "privilege": "DisableReplication", - "description": "Grants permission to disable replication for a Lambda@Edge function", - "access_level": "Permissions management", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-edge-permissions.html" - }, - "EnableReplication": { - "privilege": "EnableReplication", - "description": "Grants permission to enable replication for a Lambda@Edge function", - "access_level": "Permissions management", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-edge-permissions.html" - }, - "GetAccountSettings": { - "privilege": "GetAccountSettings", - "description": "Grants permission to view details about an account's limits and usage in an AWS Region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetAccountSettings.html" - }, - "GetAlias": { - "privilege": "GetAlias", - "description": "Grants permission to view details about an AWS Lambda function alias", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetAlias.html" - }, - "GetCodeSigningConfig": { - "privilege": "GetCodeSigningConfig", - "description": "Grants permission to view details about an AWS Lambda code signing config", - "access_level": "Read", - "resource_types": { - "code signing config": { - "resource_type": "code signing config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetCodeSigningConfig.html" - }, - "GetEventSourceMapping": { - "privilege": "GetEventSourceMapping", - "description": "Grants permission to view details about an AWS Lambda event source mapping", - "access_level": "Read", - "resource_types": { - "eventSourceMapping": { - "resource_type": "eventSourceMapping", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetEventSourceMapping.html" - }, - "GetFunction": { - "privilege": "GetFunction", - "description": "Grants permission to view details about an AWS Lambda function", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunction.html" - }, - "GetFunctionCodeSigningConfig": { - "privilege": "GetFunctionCodeSigningConfig", - "description": "Grants permission to view the code signing config arn attached to an AWS Lambda function", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionCodeSigningConfig.html" - }, - "GetFunctionConcurrency": { - "privilege": "GetFunctionConcurrency", - "description": "Grants permission to view details about the reserved concurrency configuration for a function", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionConcurrency.html" - }, - "GetFunctionConfiguration": { - "privilege": "GetFunctionConfiguration", - "description": "Grants permission to view details about the version-specific settings of an AWS Lambda function or version", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionConfiguration.html" - }, - "GetFunctionEventInvokeConfig": { - "privilege": "GetFunctionEventInvokeConfig", - "description": "Grants permission to view the configuration for asynchronous invocation for a function, version, or alias", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionEventInvokeConfig.html" - }, - "GetFunctionUrlConfig": { - "privilege": "GetFunctionUrlConfig", - "description": "Grants permission to read function url configuration for a Lambda function", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionUrlAuthType", - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionUrlConfig.html" - }, - "GetLayerVersion": { - "privilege": "GetLayerVersion", - "description": "Grants permission to view details about a version of an AWS Lambda layer. Note this action also supports GetLayerVersionByArn API", - "access_level": "Read", - "resource_types": { - "layerVersion": { - "resource_type": "layerVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html" - }, - "GetLayerVersionPolicy": { - "privilege": "GetLayerVersionPolicy", - "description": "Grants permission to view the resource-based policy for a version of an AWS Lambda layer", - "access_level": "Read", - "resource_types": { - "layerVersion": { - "resource_type": "layerVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersionPolicy.html" - }, - "GetPolicy": { - "privilege": "GetPolicy", - "description": "Grants permission to view the resource-based policy for an AWS Lambda function, version, or alias", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetPolicy.html" - }, - "GetProvisionedConcurrencyConfig": { - "privilege": "GetProvisionedConcurrencyConfig", - "description": "Grants permission to view the provisioned concurrency configuration for an AWS Lambda function's alias or version", - "access_level": "Read", - "resource_types": { - "function alias": { - "resource_type": "function alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "function version": { - "resource_type": "function version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetProvisionedConcurrencyConfig.html" - }, - "GetRuntimeManagementConfig": { - "privilege": "GetRuntimeManagementConfig", - "description": "Grants permission to view the runtime management configuration of an AWS Lambda function", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetRuntimeManagementConfig.html" - }, - "InvokeAsync": { - "privilege": "InvokeAsync", - "description": "Grants permission to invoke a function asynchronously (Deprecated)", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_InvokeAsync.html" - }, - "InvokeFunction": { - "privilege": "InvokeFunction", - "description": "Grants permission to invoke an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html" - }, - "InvokeFunctionUrl": { - "privilege": "InvokeFunctionUrl", - "description": "Grants permission to invoke an AWS Lambda function through url", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionUrlAuthType", - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_InvokeFunctionUrl.html" - }, - "ListAliases": { - "privilege": "ListAliases", - "description": "Grants permission to retrieve a list of aliases for an AWS Lambda function", - "access_level": "List", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListAliases.html" - }, - "ListCodeSigningConfigs": { - "privilege": "ListCodeSigningConfigs", - "description": "Grants permission to retrieve a list of AWS Lambda code signing configs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListCodeSigningConfigs.html" - }, - "ListEventSourceMappings": { - "privilege": "ListEventSourceMappings", - "description": "Grants permission to retrieve a list of AWS Lambda event source mappings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListEventSourceMappings.html" - }, - "ListFunctionEventInvokeConfigs": { - "privilege": "ListFunctionEventInvokeConfigs", - "description": "Grants permission to retrieve a list of configurations for asynchronous invocation for a function", - "access_level": "List", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionEventInvokeConfigs.html" - }, - "ListFunctionUrlConfigs": { - "privilege": "ListFunctionUrlConfigs", - "description": "Grants permission to read function url configurations for a function", - "access_level": "List", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionUrlAuthType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionUrlConfigs.html" - }, - "ListFunctions": { - "privilege": "ListFunctions", - "description": "Grants permission to retrieve a list of AWS Lambda functions, with the version-specific configuration of each function", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctions.html" - }, - "ListFunctionsByCodeSigningConfig": { - "privilege": "ListFunctionsByCodeSigningConfig", - "description": "Grants permission to retrieve a list of AWS Lambda functions by the code signing config assigned", - "access_level": "List", - "resource_types": { - "code signing config": { - "resource_type": "code signing config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionsByCodeSigningConfig.html" - }, - "ListLayerVersions": { - "privilege": "ListLayerVersions", - "description": "Grants permission to retrieve a list of versions of an AWS Lambda layer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html" - }, - "ListLayers": { - "privilege": "ListLayers", - "description": "Grants permission to retrieve a list of AWS Lambda layers, with details about the latest version of each layer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html" - }, - "ListProvisionedConcurrencyConfigs": { - "privilege": "ListProvisionedConcurrencyConfigs", - "description": "Grants permission to retrieve a list of provisioned concurrency configurations for an AWS Lambda function", - "access_level": "List", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListProvisionedConcurrencyConfigs.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to retrieve a list of tags for an AWS Lambda function", - "access_level": "Read", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListTags.html" - }, - "ListVersionsByFunction": { - "privilege": "ListVersionsByFunction", - "description": "Grants permission to retrieve a list of versions for an AWS Lambda function", - "access_level": "List", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListVersionsByFunction.html" - }, - "PublishLayerVersion": { - "privilege": "PublishLayerVersion", - "description": "Grants permission to create an AWS Lambda layer", - "access_level": "Write", - "resource_types": { - "layer": { - "resource_type": "layer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html" - }, - "PublishVersion": { - "privilege": "PublishVersion", - "description": "Grants permission to create an AWS Lambda function version", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PublishVersion.html" - }, - "PutFunctionCodeSigningConfig": { - "privilege": "PutFunctionCodeSigningConfig", - "description": "Grants permission to attach a code signing config to an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "code signing config": { - "resource_type": "code signing config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:CodeSigningConfigArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutFunctionCodeSigningConfig.html" - }, - "PutFunctionConcurrency": { - "privilege": "PutFunctionConcurrency", - "description": "Grants permission to configure reserved concurrency for an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutFunctionConcurrency.html" - }, - "PutFunctionEventInvokeConfig": { - "privilege": "PutFunctionEventInvokeConfig", - "description": "Grants permission to configures options for asynchronous invocation on an AWS Lambda function, version, or alias", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutFunctionEventInvokeConfig.html" - }, - "PutProvisionedConcurrencyConfig": { - "privilege": "PutProvisionedConcurrencyConfig", - "description": "Grants permission to configure provisioned concurrency for an AWS Lambda function's alias or version", - "access_level": "Write", - "resource_types": { - "function alias": { - "resource_type": "function alias", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "function version": { - "resource_type": "function version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutProvisionedConcurrencyConfig.html" - }, - "PutRuntimeManagementConfig": { - "privilege": "PutRuntimeManagementConfig", - "description": "Grants permission to update the runtime management configuration of an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutRuntimeManagementConfig.html" - }, - "RemoveLayerVersionPermission": { - "privilege": "RemoveLayerVersionPermission", - "description": "Grants permission to remove a statement from the permissions policy for a version of an AWS Lambda layer", - "access_level": "Permissions management", - "resource_types": { - "layerVersion": { - "resource_type": "layerVersion", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_RemoveLayerVersionPermission.html" - }, - "RemovePermission": { - "privilege": "RemovePermission", - "description": "Grants permission to revoke function-use permission from an AWS service or another account", - "access_level": "Permissions management", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:Principal", - "lambda:FunctionUrlAuthType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_RemovePermission.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to an AWS Lambda function", - "access_level": "Tagging", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_TagResources.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from an AWS Lambda function", - "access_level": "Tagging", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UntagResource.html" - }, - "UpdateAlias": { - "privilege": "UpdateAlias", - "description": "Grants permission to update the configuration of an AWS Lambda function's alias", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateAlias.html" - }, - "UpdateCodeSigningConfig": { - "privilege": "UpdateCodeSigningConfig", - "description": "Grants permission to update an AWS Lambda code signing config", - "access_level": "Write", - "resource_types": { - "code signing config": { - "resource_type": "code signing config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateCodeSigningConfig.html" - }, - "UpdateEventSourceMapping": { - "privilege": "UpdateEventSourceMapping", - "description": "Grants permission to update the configuration of an AWS Lambda event source mapping", - "access_level": "Write", - "resource_types": { - "eventSourceMapping": { - "resource_type": "eventSourceMapping", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateEventSourceMapping.html" - }, - "UpdateFunctionCode": { - "privilege": "UpdateFunctionCode", - "description": "Grants permission to update the code of an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionCode.html" - }, - "UpdateFunctionCodeSigningConfig": { - "privilege": "UpdateFunctionCodeSigningConfig", - "description": "Grants permission to update the code signing config of an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "code signing config": { - "resource_type": "code signing config", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionCodeSigningConfig.html" - }, - "UpdateFunctionConfiguration": { - "privilege": "UpdateFunctionConfiguration", - "description": "Grants permission to modify the version-specific settings of an AWS Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:Layer", - "lambda:VpcIds", - "lambda:SubnetIds", - "lambda:SecurityGroupIds" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionConfiguration.html" - }, - "UpdateFunctionEventInvokeConfig": { - "privilege": "UpdateFunctionEventInvokeConfig", - "description": "Grants permission to modify the configuration for asynchronous invocation for an AWS Lambda function, version, or alias", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionEventInvokeConfig.html" - }, - "UpdateFunctionUrlConfig": { - "privilege": "UpdateFunctionUrlConfig", - "description": "Grants permission to update a function url configuration for a Lambda function", - "access_level": "Write", - "resource_types": { - "function": { - "resource_type": "function", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "lambda:FunctionUrlAuthType", - "lambda:FunctionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionUrlConfig.html" - } - }, - "resources": { - "code signing config": { - "resource": "code signing config", - "arn": "arn:${Partition}:lambda:${Region}:${Account}:code-signing-config:${CodeSigningConfigId}", - "condition_keys": [] - }, - "eventSourceMapping": { - "resource": "eventSourceMapping", - "arn": "arn:${Partition}:lambda:${Region}:${Account}:event-source-mapping:${UUID}", - "condition_keys": [] - }, - "function": { - "resource": "function", - "arn": "arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "function alias": { - "resource": "function alias", - "arn": "arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName}:${Alias}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "function version": { - "resource": "function version", - "arn": "arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName}:${Version}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "layer": { - "resource": "layer", - "arn": "arn:${Partition}:lambda:${Region}:${Account}:layer:${LayerName}", - "condition_keys": [] - }, - "layerVersion": { - "resource": "layerVersion", - "arn": "arn:${Partition}:lambda:${Region}:${Account}:layer:${LayerName}:${LayerVersion}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "lambda:CodeSigningConfigArn": { - "condition": "lambda:CodeSigningConfigArn", - "description": "Filters access by the ARN of an AWS Lambda code signing config", - "type": "String" - }, - "lambda:FunctionArn": { - "condition": "lambda:FunctionArn", - "description": "Filters access by the ARN of an AWS Lambda function", - "type": "ARN" - }, - "lambda:FunctionUrlAuthType": { - "condition": "lambda:FunctionUrlAuthType", - "description": "Filters access by authorization type specified in request. Available during CreateFunctionUrlConfig, UpdateFunctionUrlConfig, DeleteFunctionUrlConfig, GetFunctionUrlConfig, ListFunctionUrlConfig, AddPermission and RemovePermission operations", - "type": "String" - }, - "lambda:Layer": { - "condition": "lambda:Layer", - "description": "Filters access by the ARN of a version of an AWS Lambda layer", - "type": "ArrayOfString" - }, - "lambda:Principal": { - "condition": "lambda:Principal", - "description": "Filters access by restricting the AWS service or account that can invoke a function", - "type": "String" - }, - "lambda:SecurityGroupIds": { - "condition": "lambda:SecurityGroupIds", - "description": "Filters access by the ID of security groups configured for the AWS Lambda function", - "type": "ArrayOfString" - }, - "lambda:SourceFunctionArn": { - "condition": "lambda:SourceFunctionArn", - "description": "Filters access by the ARN of the AWS Lambda function from which the request originated", - "type": "ARN" - }, - "lambda:SubnetIds": { - "condition": "lambda:SubnetIds", - "description": "Filters access by the ID of subnets configured for the AWS Lambda function", - "type": "ArrayOfString" - }, - "lambda:VpcIds": { - "condition": "lambda:VpcIds", - "description": "Filters access by the ID of the VPC configured for the AWS Lambda function", - "type": "String" - } - } - }, - "launchwizard": { - "service_name": "AWS Launch Wizard", - "prefix": "launchwizard", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslaunchwizard.html", - "privileges": { - "CreateAdditionalNode": { - "privilege": "CreateAdditionalNode", - "description": "Grants permission to create an additional node", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "CreateSettingsSet": { - "privilege": "CreateSettingsSet", - "description": "Grants permission to create an application settings set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "DeleteAdditionalNode": { - "privilege": "DeleteAdditionalNode", - "description": "Grants permission to delete an additional node", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Delete an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "DeleteSettingsSet": { - "privilege": "DeleteSettingsSet", - "description": "Grants permission to delete an application settings set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "DescribeAdditionalNode": { - "privilege": "DescribeAdditionalNode", - "description": "Grants permission to describe an additional node", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "DescribeProvisionedApp": { - "privilege": "DescribeProvisionedApp", - "description": "Describe provisioning applications", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "DescribeProvisioningEvents": { - "privilege": "DescribeProvisioningEvents", - "description": "Describe provisioning events", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "DescribeSettingsSet": { - "privilege": "DescribeSettingsSet", - "description": "Grants permission to describe an application settings set", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "GetInfrastructureSuggestion": { - "privilege": "GetInfrastructureSuggestion", - "description": "Get infrastructure suggestion", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "GetIpAddress": { - "privilege": "GetIpAddress", - "description": "Get customer's ip address", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "GetResourceCostEstimate": { - "privilege": "GetResourceCostEstimate", - "description": "Get resource cost estimate", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "GetWorkloadAssets": { - "privilege": "GetWorkloadAssets", - "description": "Grants permission to get workload assets", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "ListAdditionalNodes": { - "privilege": "ListAdditionalNodes", - "description": "Grants permission to list additional nodes", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "ListProvisionedApps": { - "privilege": "ListProvisionedApps", - "description": "List provisioning applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "ListSettingsSets": { - "privilege": "ListSettingsSets", - "description": "Grants permission to list application settings sets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "ListWorkloadDeploymentOptions": { - "privilege": "ListWorkloadDeploymentOptions", - "description": "Grants permission to list deployment options of a given workload", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "ListWorkloads": { - "privilege": "ListWorkloads", - "description": "Grants permission to list workloads", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "StartProvisioning": { - "privilege": "StartProvisioning", - "description": "Start a provisioning", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - }, - "UpdateSettingsSet": { - "privilege": "UpdateSettingsSet", - "description": "Grants permission to update an application settings set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" - } - }, - "resources": {}, - "conditions": {} - }, - "license-manager": { - "service_name": "AWS License Manager", - "prefix": "license-manager", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslicensemanager.html", - "privileges": { - "AcceptGrant": { - "privilege": "AcceptGrant", - "description": "Grants permission to accept a grant", - "access_level": "Write", - "resource_types": { - "grant": { - "resource_type": "grant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_AcceptGrant.html" - }, - "CheckInLicense": { - "privilege": "CheckInLicense", - "description": "Grants permission to check in license entitlements back to pool", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CheckInLicense.html" - }, - "CheckoutBorrowLicense": { - "privilege": "CheckoutBorrowLicense", - "description": "Grants permission to check out license entitlements for borrow use case", - "access_level": "Write", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CheckoutBorrowLicense.html" - }, - "CheckoutLicense": { - "privilege": "CheckoutLicense", - "description": "Grants permission to check out license entitlements", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CheckoutLicense.html" - }, - "CreateGrant": { - "privilege": "CreateGrant", - "description": "Grants permission to create a new grant for license", - "access_level": "Write", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateGrant.html" - }, - "CreateGrantVersion": { - "privilege": "CreateGrantVersion", - "description": "Grants permission to create new version of grant", - "access_level": "Write", - "resource_types": { - "grant": { - "resource_type": "grant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateGrantVersion.html" - }, - "CreateLicense": { - "privilege": "CreateLicense", - "description": "Grants permission to create a new license", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicense.html" - }, - "CreateLicenseConfiguration": { - "privilege": "CreateLicenseConfiguration", - "description": "Grants permission to create a new license configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseConfiguration.html" - }, - "CreateLicenseConversionTaskForResource": { - "privilege": "CreateLicenseConversionTaskForResource", - "description": "Grants permission to create a license conversion task for a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseConversionTaskForResource.html" - }, - "CreateLicenseManagerReportGenerator": { - "privilege": "CreateLicenseManagerReportGenerator", - "description": "Grants permission to create a report generator for a license configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseManagerReportGenerator.html" - }, - "CreateLicenseVersion": { - "privilege": "CreateLicenseVersion", - "description": "Grants permission to create new version of license", - "access_level": "Write", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseVersion.html" - }, - "CreateToken": { - "privilege": "CreateToken", - "description": "Grants permission to create a new token for license", - "access_level": "Write", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateToken.html" - }, - "DeleteGrant": { - "privilege": "DeleteGrant", - "description": "Grants permission to delete a grant", - "access_level": "Write", - "resource_types": { - "grant": { - "resource_type": "grant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteGrant.html" - }, - "DeleteLicense": { - "privilege": "DeleteLicense", - "description": "Grants permission to delete a license", - "access_level": "Write", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteLicense.html" - }, - "DeleteLicenseConfiguration": { - "privilege": "DeleteLicenseConfiguration", - "description": "Grants permission to permanently delete a license configuration", - "access_level": "Write", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteLicenseConfiguration.html" - }, - "DeleteLicenseManagerReportGenerator": { - "privilege": "DeleteLicenseManagerReportGenerator", - "description": "Grants permission to delete a report generator", - "access_level": "Write", - "resource_types": { - "report-generator": { - "resource_type": "report-generator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteLicenseManagerReportGenerator.html" - }, - "DeleteToken": { - "privilege": "DeleteToken", - "description": "Grants permission to delete token", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteToken.html" - }, - "ExtendLicenseConsumption": { - "privilege": "ExtendLicenseConsumption", - "description": "Grants permission to extend consumption period of already checkout license entitlements", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ExtendLicenseConsumption.html" - }, - "GetAccessToken": { - "privilege": "GetAccessToken", - "description": "Grants permission to get access token", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetAccessToken.html" - }, - "GetGrant": { - "privilege": "GetGrant", - "description": "Grants permission to get a grant", - "access_level": "Read", - "resource_types": { - "grant": { - "resource_type": "grant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetGrant.html" - }, - "GetLicense": { - "privilege": "GetLicense", - "description": "Grants permission to get a license", - "access_level": "Read", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicense.html" - }, - "GetLicenseConfiguration": { - "privilege": "GetLicenseConfiguration", - "description": "Grants permission to get a license configuration", - "access_level": "Read", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseConfiguration.html" - }, - "GetLicenseConversionTask": { - "privilege": "GetLicenseConversionTask", - "description": "Grants permission to retrieve a license conversion task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseConversionTask.html" - }, - "GetLicenseManagerReportGenerator": { - "privilege": "GetLicenseManagerReportGenerator", - "description": "Grants permission to get a report generator", - "access_level": "Read", - "resource_types": { - "report-generator": { - "resource_type": "report-generator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseManagerReportGenerator.html" - }, - "GetLicenseUsage": { - "privilege": "GetLicenseUsage", - "description": "Grants permission to get a license usage", - "access_level": "Read", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseUsage.html" - }, - "GetServiceSettings": { - "privilege": "GetServiceSettings", - "description": "Grants permission to get service settings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetServiceSettings.html" - }, - "ListAssociationsForLicenseConfiguration": { - "privilege": "ListAssociationsForLicenseConfiguration", - "description": "Grants permission to list associations for a selected license configuration", - "access_level": "List", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListAssociationsForLicenseConfiguration.html" - }, - "ListDistributedGrants": { - "privilege": "ListDistributedGrants", - "description": "Grants permission to list distributed grants", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListDistributedGrants.html" - }, - "ListFailuresForLicenseConfigurationOperations": { - "privilege": "ListFailuresForLicenseConfigurationOperations", - "description": "Grants permission to list the license configuration operations that failed", - "access_level": "List", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListFailuresForLicenseConfigurationOperations.html" - }, - "ListLicenseConfigurations": { - "privilege": "ListLicenseConfigurations", - "description": "Grants permission to list license configurations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseConfigurations.html" - }, - "ListLicenseConversionTasks": { - "privilege": "ListLicenseConversionTasks", - "description": "Grants permission to list license conversion tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseConversionTasks.html" - }, - "ListLicenseManagerReportGenerators": { - "privilege": "ListLicenseManagerReportGenerators", - "description": "Grants permission to list report generators", - "access_level": "List", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseManagerReportGenerators.html" - }, - "ListLicenseSpecificationsForResource": { - "privilege": "ListLicenseSpecificationsForResource", - "description": "Grants permission to list license specifications associated with a selected resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseSpecificationsForResource.html" - }, - "ListLicenseVersions": { - "privilege": "ListLicenseVersions", - "description": "Grants permission to list license versions", - "access_level": "List", - "resource_types": { - "license": { - "resource_type": "license", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseVersions.html" - }, - "ListLicenses": { - "privilege": "ListLicenses", - "description": "Grants permission to list licenses", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenses.html" - }, - "ListReceivedGrants": { - "privilege": "ListReceivedGrants", - "description": "Grants permission to list received grants", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedGrants.html" - }, - "ListReceivedGrantsForOrganization": { - "privilege": "ListReceivedGrantsForOrganization", - "description": "Grants permission to list received grants for organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedGrantsForOrganization.html" - }, - "ListReceivedLicenses": { - "privilege": "ListReceivedLicenses", - "description": "Grants permission to list received licenses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedLicenses.html" - }, - "ListReceivedLicensesForOrganization": { - "privilege": "ListReceivedLicensesForOrganization", - "description": "Grants permission to list received licenses for organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedLicensesForOrganization.html" - }, - "ListResourceInventory": { - "privilege": "ListResourceInventory", - "description": "Grants permission to list resource inventory", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListResourceInventory.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a selected resource", - "access_level": "Read", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTokens": { - "privilege": "ListTokens", - "description": "Grants permission to list tokens", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListTokens.html" - }, - "ListUsageForLicenseConfiguration": { - "privilege": "ListUsageForLicenseConfiguration", - "description": "Grants permission to list usage records for selected license configuration", - "access_level": "List", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListUsageForLicenseConfiguration.html" - }, - "RejectGrant": { - "privilege": "RejectGrant", - "description": "Grants permission to reject a grant", - "access_level": "Write", - "resource_types": { - "grant": { - "resource_type": "grant", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_RejectGrant.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a selected resource", - "access_level": "Tagging", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a selected resource", - "access_level": "Tagging", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UntagResource.html" - }, - "UpdateLicenseConfiguration": { - "privilege": "UpdateLicenseConfiguration", - "description": "Grants permission to update an existing license configuration", - "access_level": "Write", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateLicenseConfiguration.html" - }, - "UpdateLicenseManagerReportGenerator": { - "privilege": "UpdateLicenseManagerReportGenerator", - "description": "Grants permission to update a report generator for a license configuration", - "access_level": "Write", - "resource_types": { - "report-generator": { - "resource_type": "report-generator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateLicenseManagerReportGenerator.html" - }, - "UpdateLicenseSpecificationsForResource": { - "privilege": "UpdateLicenseSpecificationsForResource", - "description": "Grants permission to updates license specifications for a selected resource", - "access_level": "Write", - "resource_types": { - "license-configuration": { - "resource_type": "license-configuration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateLicenseSpecificationsForResource.html" - }, - "UpdateServiceSettings": { - "privilege": "UpdateServiceSettings", - "description": "Grants permission to updates service settings", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateServiceSettings.html" - } - }, - "resources": { - "license-configuration": { - "resource": "license-configuration", - "arn": "arn:${Partition}:license-manager:${Region}:${Account}:license-configuration:${LicenseConfigurationId}", - "condition_keys": [ - "license-manager:ResourceTag/${TagKey}" - ] - }, - "license": { - "resource": "license", - "arn": "arn:${Partition}:license-manager::${Account}:license:${LicenseId}", - "condition_keys": [] - }, - "grant": { - "resource": "grant", - "arn": "arn:${Partition}:license-manager::${Account}:grant:${GrantId}", - "condition_keys": [] - }, - "report-generator": { - "resource": "report-generator", - "arn": "arn:${Partition}:license-manager:${Region}:${Account}:report-generator:${ReportGeneratorId}", - "condition_keys": [ - "license-manager:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "license-manager:ResourceTag/${TagKey}": { - "condition": "license-manager:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - } - } - }, - "license-manager-linux-subscriptions": { - "service_name": "AWS License Manager Linux Subscriptions Manager", - "prefix": "license-manager-linux-subscriptions", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslicensemanagerlinuxsubscriptionsmanager.html", - "privileges": { - "GetServiceSettings": { - "privilege": "GetServiceSettings", - "description": "Grants permission to get the service settings for Linux subscriptions in AWS License Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetServiceSettings.html" - }, - "ListLinuxSubscriptionInstances": { - "privilege": "ListLinuxSubscriptionInstances", - "description": "Grants permission to list all instances with Linux subscriptions in AWS License Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLinuxSubscriptionInstances.html" - }, - "ListLinuxSubscriptions": { - "privilege": "ListLinuxSubscriptions", - "description": "Grants permission to list all Linux subscriptions in AWS License Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLinuxSubscriptions.html" - }, - "UpdateServiceSettings": { - "privilege": "UpdateServiceSettings", - "description": "Grants permission to update the service settings for Linux subscriptions in AWS License Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateServiceSettings.html" - } - }, - "resources": {}, - "conditions": {} - }, - "license-manager-user-subscriptions": { - "service_name": "AWS License Manager User Subscriptions", - "prefix": "license-manager-user-subscriptions", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslicensemanagerusersubscriptions.html", - "privileges": { - "AssociateUser": { - "privilege": "AssociateUser", - "description": "Grants permission to associate a subscribed user to an instance launched with license manager user subscriptions products", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_AssociateUser.html" - }, - "DeregisterIdentityProvider": { - "privilege": "DeregisterIdentityProvider", - "description": "Grants permission to deregister Microsoft Active Directory with license-manager-user-subscriptions for a product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_DeregisterIdentityProvider.html" - }, - "DisassociateUser": { - "privilege": "DisassociateUser", - "description": "Grants permission to disassociate a subscribed user from an instance launched with license manager user subscriptions products", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_DisassociateUser.html" - }, - "ListIdentityProviders": { - "privilege": "ListIdentityProviders", - "description": "Grants permission to list all the identity providers on license manager user subscriptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListIdentityProviders.html" - }, - "ListInstances": { - "privilege": "ListInstances", - "description": "Grants permission to list all the instances launched with license manager user subscription products", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListInstances.html" - }, - "ListProductSubscriptions": { - "privilege": "ListProductSubscriptions", - "description": "Grants permission to lists all the product subscriptions for a product and identity provider", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListProductSubscriptions.html" - }, - "ListUserAssociations": { - "privilege": "ListUserAssociations", - "description": "Grants permission to list all the users associated to an instance launched for a product", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListUserAssociations.html" - }, - "RegisterIdentityProvider": { - "privilege": "RegisterIdentityProvider", - "description": "Grants permission to registers Microsoft Active Directory with license-manager-user-subscriptions for a product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_RegisterIdentityProvider.html" - }, - "StartProductSubscription": { - "privilege": "StartProductSubscription", - "description": "Grants permission to start product subscription for a user on a registered active directory for a product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_StartProductSubscription.html" - }, - "StopProductSubscription": { - "privilege": "StopProductSubscription", - "description": "Grants permission to stop product subscription for a user on a registered active directory for a product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_StopProductSubscription.html" - }, - "UpdateIdentityProviderSettings": { - "privilege": "UpdateIdentityProviderSettings", - "description": "Grants permission to update the identity provider configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_UpdateIdentityProviderSettings.html" - } - }, - "resources": {}, - "conditions": {} - }, - "m2": { - "service_name": "AWS Mainframe Modernization Service", - "prefix": "m2", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmainframemodernizationservice.html", - "privileges": { - "CancelBatchJobExecution": { - "privilege": "CancelBatchJobExecution", - "description": "Grants permission to cancel the execution of a batch job", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CancelBatchJobExecution.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "s3:GetObject", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateApplication.html" - }, - "CreateDataSetImportTask": { - "privilege": "CreateDataSetImportTask", - "description": "Grants permission to create a data set import task", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateDataSetImportTask.html" - }, - "CreateDeployment": { - "privilege": "CreateDeployment", - "description": "Grants permission to create a deployment", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticloadbalancing:AddTags", - "elasticloadbalancing:CreateListener", - "elasticloadbalancing:CreateTargetGroup", - "elasticloadbalancing:RegisterTargets" - ] - }, - "Environment": { - "resource_type": "Environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateDeployment.html" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to Create an environment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ec2:CreateNetworkInterface", - "ec2:CreateNetworkInterfacePermission", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcAttribute", - "ec2:DescribeVpcs", - "ec2:ModifyNetworkInterfaceAttribute", - "elasticfilesystem:DescribeMountTargets", - "elasticloadbalancing:AddTags", - "elasticloadbalancing:CreateLoadBalancer", - "fsx:DescribeFileSystems", - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateEnvironment.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticloadbalancing:DeleteListener", - "elasticloadbalancing:DeleteTargetGroup" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteApplication.html" - }, - "DeleteApplicationFromEnvironment": { - "privilege": "DeleteApplicationFromEnvironment", - "description": "Grants permission to delete an application from a runtime environment", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticloadbalancing:DeleteListener", - "elasticloadbalancing:DeleteTargetGroup" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteApplicationFromEnvironment.html" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete a runtime environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "elasticloadbalancing:DeleteLoadBalancer" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteEnvironment.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to retrieve an application", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetApplication.html" - }, - "GetApplicationVersion": { - "privilege": "GetApplicationVersion", - "description": "Grants permission to retrieve an application version", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetApplicationVersion.html" - }, - "GetBatchJobExecution": { - "privilege": "GetBatchJobExecution", - "description": "Grants permission to retrieve a batch job execution", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetBatchJobExecution.html" - }, - "GetDataSetDetails": { - "privilege": "GetDataSetDetails", - "description": "Grants permission to retrieve data set details", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDataSetDetails.html" - }, - "GetDataSetImportTask": { - "privilege": "GetDataSetImportTask", - "description": "Grants permission to retrieve a data set import task", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDataSetImportTask.html" - }, - "GetDeployment": { - "privilege": "GetDeployment", - "description": "Grants permission to retrieve a deployment", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDeployment.html" - }, - "GetEnvironment": { - "privilege": "GetEnvironment", - "description": "Grants permission to retrieve a runtime environment", - "access_level": "Read", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetEnvironment.html" - }, - "ListApplicationVersions": { - "privilege": "ListApplicationVersions", - "description": "Grants permission to list the versions of an application", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListApplicationVersions.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListApplications.html" - }, - "ListBatchJobDefinitions": { - "privilege": "ListBatchJobDefinitions", - "description": "Grants permission to list batch job definitions", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListBatchJobDefinitions.html" - }, - "ListBatchJobExecutions": { - "privilege": "ListBatchJobExecutions", - "description": "Grants permission to list executions for a batch job", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListBatchJobExecutions.html" - }, - "ListDataSetImportHistory": { - "privilege": "ListDataSetImportHistory", - "description": "Grants permission to list data set import history", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDataSetImportHistory.html" - }, - "ListDataSets": { - "privilege": "ListDataSets", - "description": "Grants permission to list data sets", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDataSets.html" - }, - "ListDeployments": { - "privilege": "ListDeployments", - "description": "Grants permission to list deployments", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDeployments.html" - }, - "ListEngineVersions": { - "privilege": "ListEngineVersions", - "description": "Grants permission to list engine versions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListEngineVersions.html" - }, - "ListEnvironments": { - "privilege": "ListEnvironments", - "description": "Grants permission to list runtime environments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListEnvironments.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListTagsForResource.html" - }, - "StartApplication": { - "privilege": "StartApplication", - "description": "Grants permission to start an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_StartApplication.html" - }, - "StartBatchJob": { - "privilege": "StartBatchJob", - "description": "Grants permission to start a batch job", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_StartBatchJob.html" - }, - "StopApplication": { - "privilege": "StopApplication", - "description": "Grants permission to stop an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_StopApplication.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Environment": { - "resource_type": "Environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Environment": { - "resource_type": "Environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject", - "s3:ListBucket" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_UpdateApplication.html" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to update a runtime environment", - "access_level": "Write", - "resource_types": { - "Environment": { - "resource_type": "Environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_UpdateEnvironment.html" - } - }, - "resources": { - "Application": { - "resource": "Application", - "arn": "arn:${Partition}:m2:${Region}:${Account}:app/${ApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Environment": { - "resource": "Environment", - "arn": "arn:${Partition}:m2:${Region}:${Account}:env/${EnvironmentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - } - } - }, - "aws-marketplace": { - "service_name": "AWS Marketplace", - "prefix": "aws-marketplace", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplace.html", - "privileges": { - "AcceptAgreementApprovalRequest": { - "privilege": "AcceptAgreementApprovalRequest", - "description": "Grants permission to users to approve an incoming subscription request (for providers who provide products that require subscription verification)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "AcceptAgreementRequest": { - "privilege": "AcceptAgreementRequest", - "description": "Grants permission to users to accept their agreement requests. Note that this action is not applicable to Marketplace purchases", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "CancelAgreement": { - "privilege": "CancelAgreement", - "description": "Grants permission to users to cancel their agreements. Note that this action is not applicable to Marketplace purchases", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "CancelAgreementRequest": { - "privilege": "CancelAgreementRequest", - "description": "Grants permission to users to cancel pending subscription requests for products that require subscription verification", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "CreateAgreementRequest": { - "privilege": "CreateAgreementRequest", - "description": "Grants permission to users to create an agreement request. Note that this action is not applicable to Marketplace purchases", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "DescribeAgreement": { - "privilege": "DescribeAgreement", - "description": "Grants permission to users to describe the metadata about the agreement", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "GetAgreementApprovalRequest": { - "privilege": "GetAgreementApprovalRequest", - "description": "Grants permission to users to view the details of their incoming subscription requests (for providers who provide products that require subscription verification)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "GetAgreementRequest": { - "privilege": "GetAgreementRequest", - "description": "Grants permission to users to view the details of their subscription requests for data products that require subscription verification", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "GetAgreementTerms": { - "privilege": "GetAgreementTerms", - "description": "Grants permission to users to get a list of terms for an agreement", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "ListAgreementApprovalRequests": { - "privilege": "ListAgreementApprovalRequests", - "description": "Grants permission to users to list their incoming subscription requests (for providers who provide products that require subscription verification)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "ListAgreementRequests": { - "privilege": "ListAgreementRequests", - "description": "Grants permission to users to list their subscription requests for products that require subscription verification", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "ListEntitlementDetails": { - "privilege": "ListEntitlementDetails", - "description": "Grants permission to users to view details of the entitlements associated with an agreement. Note that this action is not applicable to Marketplace purchases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "RejectAgreementApprovalRequest": { - "privilege": "RejectAgreementApprovalRequest", - "description": "Grants permission to users to decline an incoming subscription requests (for providers who provide products that require subscription verification)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "SearchAgreements": { - "privilege": "SearchAgreements", - "description": "Grants permission to users to search their agreements", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "Subscribe": { - "privilege": "Subscribe", - "description": "Grants permission to users to subscribe to AWS Marketplace products. Includes the ability to send a subscription request for products that require subscription verification. Includes the ability to enable auto-renewal for an existing subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "Unsubscribe": { - "privilege": "Unsubscribe", - "description": "Grants permission to users to remove subscriptions to AWS Marketplace products. Includes the ability to disable auto-renewal for an existing subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "UpdateAgreementApprovalRequest": { - "privilege": "UpdateAgreementApprovalRequest", - "description": "Grants permission to users to make changes to an incoming subscription request, including the ability to delete the prospective subscriber's information (for providers who provide products that require subscription verification)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "ViewSubscriptions": { - "privilege": "ViewSubscriptions", - "description": "Grants permission to users to see their account's subscriptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" - }, - "CancelChangeSet": { - "privilege": "CancelChangeSet", - "description": "Grants permission to cancel a running change set", - "access_level": "Write", - "resource_types": { - "ChangeSet": { - "resource_type": "ChangeSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_CancelChangeSet.html" - }, - "CompleteTask": { - "privilege": "CompleteTask", - "description": "Grants permission to complete an existing task and submit the content to the associated change", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete the resource policy of an existing entity", - "access_level": "Permissions management", - "resource_types": { - "Entity": { - "resource_type": "Entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_DeleteResourcePolicy.html" - }, - "DescribeChangeSet": { - "privilege": "DescribeChangeSet", - "description": "Grants permission to return the details of an existing change set", - "access_level": "Read", - "resource_types": { - "ChangeSet": { - "resource_type": "ChangeSet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_DescribeChangeSet.html" - }, - "DescribeEntity": { - "privilege": "DescribeEntity", - "description": "Grants permission to return the details of an existing entity", - "access_level": "Read", - "resource_types": { - "Entity": { - "resource_type": "Entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_DescribeEntity.html" - }, - "DescribeTask": { - "privilege": "DescribeTask", - "description": "Grants permission to return the details of an existing task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to get the resource policy of an existing entity", - "access_level": "Read", - "resource_types": { - "Entity": { - "resource_type": "Entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_GetResourcePolicy.html" - }, - "ListChangeSets": { - "privilege": "ListChangeSets", - "description": "Grants permission to list existing change sets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_ListChangeSets.html" - }, - "ListEntities": { - "privilege": "ListEntities", - "description": "Grants permission to list existing entities", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_ListEntities.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags on an existing entity or a change set", - "access_level": "Read", - "resource_types": { - "ChangeSet": { - "resource_type": "ChangeSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Entity": { - "resource_type": "Entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_ListTagsForResource.html" - }, - "ListTasks": { - "privilege": "ListTasks", - "description": "Grants permission to list existing tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to attach a resource policy to an existing entity", - "access_level": "Permissions management", - "resource_types": { - "Entity": { - "resource_type": "Entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_PutResourcePolicy.html" - }, - "StartChangeSet": { - "privilege": "StartChangeSet", - "description": "Grants permission to request a new change set (Note: resource-level permissions for this action and condition context keys for this action are only supported when used with Catalog API and are not supported when used with AWS Marketplace Management Portal)", - "access_level": "Write", - "resource_types": { - "Entity": { - "resource_type": "Entity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "catalog:ChangeType", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_StartChangeSet.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an existing entity or a change set", - "access_level": "Tagging", - "resource_types": { - "ChangeSet": { - "resource_type": "ChangeSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Entity": { - "resource_type": "Entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an existing entity or a change set", - "access_level": "Tagging", - "resource_types": { - "ChangeSet": { - "resource_type": "ChangeSet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Entity": { - "resource_type": "Entity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_UntagResource.html" - }, - "UpdateTask": { - "privilege": "UpdateTask", - "description": "Grants permission to update the contents of an existing task", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" - }, - "ListPrivateListings": { - "privilege": "ListPrivateListings", - "description": "Grants permission to users to list their private offers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-offers-page.html" - }, - "GetEntitlements": { - "privilege": "GetEntitlements", - "description": "Retrieves entitlement values for a given product. The results can be filtered based on customer identifier or product dimensions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "DescribeBuilds": { - "privilege": "DescribeBuilds", - "description": "Describes Image Builds identified by a build Id", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/api-reference.html" - }, - "ListBuilds": { - "privilege": "ListBuilds", - "description": "Lists Image Builds.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/api-reference.html" - }, - "StartBuild": { - "privilege": "StartBuild", - "description": "Starts an Image Build", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/api-reference.html" - }, - "BatchMeterUsage": { - "privilege": "BatchMeterUsage", - "description": "Grants permission to post metering records for a set of customers for SaaS applications", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_BatchMeterUsage.html" - }, - "MeterUsage": { - "privilege": "MeterUsage", - "description": "Grants permission to emit metering records", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_MeterUsage.html" - }, - "RegisterUsage": { - "privilege": "RegisterUsage", - "description": "Grants permission to to verify that the customer running your paid software is subscribed to your product on AWS Marketplace, enabling you to guard against unauthorized use. Meters software use per ECS task, per hour, with usage prorated to the second", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_RegisterUsage.html" - }, - "ResolveCustomer": { - "privilege": "ResolveCustomer", - "description": "Grants permission to resolve a registration token to obtain a CustomerIdentifier and product code", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_ResolveCustomer.html" - }, - "AssociateProductsWithPrivateMarketplace": { - "privilege": "AssociateProductsWithPrivateMarketplace", - "description": "Grants permission to approve a request for a product to be associated with the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" - }, - "CreatePrivateMarketplaceRequests": { - "privilege": "CreatePrivateMarketplaceRequests", - "description": "Grants permission to create a new request for a product or products to be associated with the Private Marketplace. This action can be performed by any account in an in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" - }, - "DescribePrivateMarketplaceRequests": { - "privilege": "DescribePrivateMarketplaceRequests", - "description": "Grants permission to describe requests and associated products in the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" - }, - "DisassociateProductsFromPrivateMarketplace": { - "privilege": "DisassociateProductsFromPrivateMarketplace", - "description": "Grants permission to decline a request for a product to be associated with the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" - }, - "ListPrivateMarketplaceRequests": { - "privilege": "ListPrivateMarketplaceRequests", - "description": "Grants permission to get a queryable list for requests and associated products in the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" - }, - "DescribeProcurementSystemConfiguration": { - "privilege": "DescribeProcurementSystemConfiguration", - "description": "Grants permission to describe the Procurement System integration configuration (e.g. Coupa) for the individual account, or for the entire AWS Organization if one exists. This action can only be performed by the master account if using an AWS Organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/procurement-systems-integration.html" - }, - "PutProcurementSystemConfiguration": { - "privilege": "PutProcurementSystemConfiguration", - "description": "Grants permission to create or update the Procurement System integration configuration (e.g. Coupa) for the individual account, or for the entire AWS Organization if one exists. This action can only be performed by the master account if using an AWS Organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/procurement-systems-integration.html" - }, - "GetSellerDashboard": { - "privilege": "GetSellerDashboard", - "description": "Grants permission to view a seller dashboard", - "access_level": "Read", - "resource_types": { - "SellerDashboard": { - "resource_type": "SellerDashboard", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/dashboards.html#reports-accessing" - } - }, - "resources": { - "Entity": { - "resource": "Entity", - "arn": "arn:${Partition}:aws-marketplace:${Region}:${Account}:${Catalog}/${EntityType}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "catalog:ChangeType" - ] - }, - "ChangeSet": { - "resource": "ChangeSet", - "arn": "arn:${Partition}:aws-marketplace:${Region}:${Account}:${Catalog}/ChangeSet/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "catalog:ChangeType" - ] - }, - "SellerDashboard": { - "resource": "SellerDashboard", - "arn": "arn:${Partition}:aws-marketplace::${Account}:${Catalog}/ReportingData/${FactTable}/Dashboard/${DashboardName}", - "condition_keys": [] - } - }, - "conditions": { - "aws-marketplace:AgreementType": { - "condition": "aws-marketplace:AgreementType", - "description": "Filters access by the type of the agreement", - "type": "ArrayOfString" - }, - "aws-marketplace:PartyType": { - "condition": "aws-marketplace:PartyType", - "description": "Filters access by the party type of the agreement", - "type": "String" - }, - "aws-marketplace:ProductId": { - "condition": "aws-marketplace:ProductId", - "description": "Filters access by product id for AWS Marketplace RedHat OpenShift products in the RedHat console. Note: This condition key only applies to the RedHat console, and using it will not restrict access to products in AWS Marketplace", - "type": "ArrayOfString" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "catalog:ChangeType": { - "condition": "catalog:ChangeType", - "description": "Filters access by the change type in the StartChangeSet request", - "type": "String" - } - } - }, - "marketplacecommerceanalytics": { - "service_name": "AWS Marketplace Commerce Analytics Service", - "prefix": "marketplacecommerceanalytics", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplacecommerceanalyticsservice.html", - "privileges": { - "GenerateDataSet": { - "privilege": "GenerateDataSet", - "description": "Request a data set to be published to your Amazon S3 bucket.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "StartSupportDataExport": { - "privilege": "StartSupportDataExport", - "description": "Request a support data set to be published to your Amazon S3 bucket.", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - } - }, - "resources": {}, - "conditions": {} - }, - "aws-marketplace-management": { - "service_name": "AWS Marketplace Management Portal", - "prefix": "aws-marketplace-management", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplacemanagementportal.html", - "privileges": { - "GetAdditionalSellerNotificationRecipients": { - "privilege": "GetAdditionalSellerNotificationRecipients", - "description": "Grants permission to view additional seller notification recipients", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "GetBankAccountVerificationDetails": { - "privilege": "GetBankAccountVerificationDetails", - "description": "Grants permission to view bank account verification status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "GetSecondaryUserVerificationDetails": { - "privilege": "GetSecondaryUserVerificationDetails", - "description": "Grants permission to view secondary user account verification status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "GetSellerVerificationDetails": { - "privilege": "GetSellerVerificationDetails", - "description": "Grants permission to view account verification status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "PutAdditionalSellerNotificationRecipients": { - "privilege": "PutAdditionalSellerNotificationRecipients", - "description": "Grants permission to update additional seller notification recipients", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "PutBankAccountVerificationDetails": { - "privilege": "PutBankAccountVerificationDetails", - "description": "Grants permission to update bank account verification status", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "PutSecondaryUserVerificationDetails": { - "privilege": "PutSecondaryUserVerificationDetails", - "description": "Grants permission to update secondary user account verification status", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "PutSellerVerificationDetails": { - "privilege": "PutSellerVerificationDetails", - "description": "Grants permission to update account verification status", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "uploadFiles": { - "privilege": "uploadFiles", - "description": "Allows access to the File Upload page inside the AWS Marketplace Management Portal", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "viewMarketing": { - "privilege": "viewMarketing", - "description": "Allows access to the Marketing page inside the AWS Marketplace Management Portal", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "viewReports": { - "privilege": "viewReports", - "description": "Allows access to the Reports page inside the AWS Marketplace Management Portal", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "viewSettings": { - "privilege": "viewSettings", - "description": "Allows access to the Settings page inside the AWS Marketplace Management Portal", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - }, - "viewSupport": { - "privilege": "viewSupport", - "description": "Allows access to the Customer Support Eligibility page inside the AWS Marketplace Management Portal", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" - } - }, - "resources": {}, - "conditions": {} - }, - "vendor-insights": { - "service_name": "AWS Marketplace Vendor Insights", - "prefix": "vendor-insights", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplacevendorinsights.html", - "privileges": { - "ActivateSecurityProfile": { - "privilege": "ActivateSecurityProfile", - "description": "Grants permission to activate the security profile", - "access_level": "Write", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "AssociateDataSource": { - "privilege": "AssociateDataSource", - "description": "Grants permission to associate security profile with a data source", - "access_level": "Write", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "vendor-insights:GetDataSource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "CreateDataSource": { - "privilege": "CreateDataSource", - "description": "Grants permission to create a new data source", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "vendor-insights:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "CreateSecurityProfile": { - "privilege": "CreateSecurityProfile", - "description": "Grants permission to create a new security profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "vendor-insights:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "DeactivateSecurityProfile": { - "privilege": "DeactivateSecurityProfile", - "description": "Grants permission to deactivate the security profile", - "access_level": "Write", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "DeleteDataSource": { - "privilege": "DeleteDataSource", - "description": "Grants permission to delete a data source", - "access_level": "Write", - "resource_types": { - "DataSource": { - "resource_type": "DataSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "DisassociateDataSource": { - "privilege": "DisassociateDataSource", - "description": "Grants permission to disassociate security profile from a data source", - "access_level": "Write", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "vendor-insights:GetDataSource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "GetDataSource": { - "privilege": "GetDataSource", - "description": "Grants permission to retrieve the details of an existing data source", - "access_level": "Read", - "resource_types": { - "DataSource": { - "resource_type": "DataSource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "GetEntitledSecurityProfileSnapshot": { - "privilege": "GetEntitledSecurityProfileSnapshot", - "description": "Grants permission to return the details of a security profile snapshot that requester is entitled to read", - "access_level": "Read", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" - }, - "GetProfileAccessTerms": { - "privilege": "GetProfileAccessTerms", - "description": "Grants permission to get the access terms for a vendor insights profile", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" - }, - "GetSecurityProfile": { - "privilege": "GetSecurityProfile", - "description": "Grants permission to return the details of an existing security profile", - "access_level": "Read", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "GetSecurityProfileSnapshot": { - "privilege": "GetSecurityProfileSnapshot", - "description": "Grants permission to return the details of a security profile snapshot", - "access_level": "Read", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "ListDataSources": { - "privilege": "ListDataSources", - "description": "Grants permission to list existing data sources", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "ListEntitledSecurityProfileSnapshots": { - "privilege": "ListEntitledSecurityProfileSnapshots", - "description": "Grants permission to return the snapshot summary list for an existing security profile that requester is entitled to list", - "access_level": "List", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" - }, - "ListEntitledSecurityProfiles": { - "privilege": "ListEntitledSecurityProfiles", - "description": "Grants permission to list entitled security profiles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" - }, - "ListSecurityProfileSnapshots": { - "privilege": "ListSecurityProfileSnapshots", - "description": "Grants permission to return the snapshot summary list for an existing security profile", - "access_level": "List", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "ListSecurityProfiles": { - "privilege": "ListSecurityProfiles", - "description": "Grants permission to list existing security profiles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for vendor insights resource", - "access_level": "Read", - "resource_types": { - "DataSource": { - "resource_type": "DataSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag vendor insights resource", - "access_level": "Tagging", - "resource_types": { - "DataSource": { - "resource_type": "DataSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag vendor insights resource", - "access_level": "Tagging", - "resource_types": { - "DataSource": { - "resource_type": "DataSource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "UpdateSecurityProfile": { - "privilege": "UpdateSecurityProfile", - "description": "Grants permission to update the security profile", - "access_level": "Write", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "UpdateSecurityProfileSnapshotCreationConfiguration": { - "privilege": "UpdateSecurityProfileSnapshotCreationConfiguration", - "description": "Grants permission to update the security profile snapshot creation configuration", - "access_level": "Write", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - }, - "UpdateSecurityProfileSnapshotReleaseConfiguration": { - "privilege": "UpdateSecurityProfileSnapshotReleaseConfiguration", - "description": "Grants permission to update the security profile snapshot release configuration", - "access_level": "Write", - "resource_types": { - "SecurityProfile": { - "resource_type": "SecurityProfile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" - } - }, - "resources": { - "DataSource": { - "resource": "DataSource", - "arn": "arn:${Partition}:vendor-insights:::data-source:${ResourceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - }, - "SecurityProfile": { - "resource": "SecurityProfile", - "arn": "arn:${Partition}:vendor-insights:::security-profile:${ResourceId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "serviceextract": { - "service_name": "AWS Microservice Extractor for .NET", - "prefix": "serviceextract", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmicroserviceextractorfor.net.html", - "privileges": { - "GetConfig": { - "privilege": "GetConfig", - "description": "Grants permission to get required configuration for the AWS Microservice Extractor for .NET desktop client", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/microservice-extractor/latest/userguide/what-is-microservice-extractor.html" - } - }, - "resources": {}, - "conditions": {} - }, - "mgh": { - "service_name": "AWS Migration Hub", - "prefix": "mgh", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhub.html", - "privileges": { - "AssociateCreatedArtifact": { - "privilege": "AssociateCreatedArtifact", - "description": "Associate a given AWS artifact to a MigrationTask", - "access_level": "Write", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_AssociateCreatedArtifact.html" - }, - "AssociateDiscoveredResource": { - "privilege": "AssociateDiscoveredResource", - "description": "Associate a given ADS resource to a MigrationTask", - "access_level": "Write", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_AssociateDiscoveredResource.html" - }, - "CreateHomeRegionControl": { - "privilege": "CreateHomeRegionControl", - "description": "Create a Migration Hub Home Region Control", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_CreateHomeRegionControl.html" - }, - "CreateProgressUpdateStream": { - "privilege": "CreateProgressUpdateStream", - "description": "Create a ProgressUpdateStream", - "access_level": "Write", - "resource_types": { - "progressUpdateStream": { - "resource_type": "progressUpdateStream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_CreateProgressUpdateStream.html" - }, - "DeleteProgressUpdateStream": { - "privilege": "DeleteProgressUpdateStream", - "description": "Delete a ProgressUpdateStream", - "access_level": "Write", - "resource_types": { - "progressUpdateStream": { - "resource_type": "progressUpdateStream", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DeleteProgressUpdateStream.html" - }, - "DescribeApplicationState": { - "privilege": "DescribeApplicationState", - "description": "Get an Application Discovery Service Application's state", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DescribeApplicationState.html" - }, - "DescribeHomeRegionControls": { - "privilege": "DescribeHomeRegionControls", - "description": "List Home Region Controls", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DescribeHomeRegionControls.html" - }, - "DescribeMigrationTask": { - "privilege": "DescribeMigrationTask", - "description": "Describe a MigrationTask", - "access_level": "Read", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DescribeMigrationTask.html" - }, - "DisassociateCreatedArtifact": { - "privilege": "DisassociateCreatedArtifact", - "description": "Disassociate a given AWS artifact from a MigrationTask", - "access_level": "Write", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DisassociateCreatedArtifact.html" - }, - "DisassociateDiscoveredResource": { - "privilege": "DisassociateDiscoveredResource", - "description": "Disassociate a given ADS resource from a MigrationTask", - "access_level": "Write", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DisassociateDiscoveredResource.html" - }, - "GetHomeRegion": { - "privilege": "GetHomeRegion", - "description": "Get the Migration Hub Home Region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_GetHomeRegion.html" - }, - "ImportMigrationTask": { - "privilege": "ImportMigrationTask", - "description": "Import a MigrationTask", - "access_level": "Write", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ImportMigrationTask.html" - }, - "ListApplicationStates": { - "privilege": "ListApplicationStates", - "description": "List Application statuses", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListApplicationStates.html" - }, - "ListCreatedArtifacts": { - "privilege": "ListCreatedArtifacts", - "description": "List associated created artifacts for a MigrationTask", - "access_level": "List", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListCreatedArtifacts.html" - }, - "ListDiscoveredResources": { - "privilege": "ListDiscoveredResources", - "description": "List associated ADS resources from MigrationTask", - "access_level": "List", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListDiscoveredResources.html" - }, - "ListMigrationTasks": { - "privilege": "ListMigrationTasks", - "description": "List MigrationTasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListMigrationTasks.html" - }, - "ListProgressUpdateStreams": { - "privilege": "ListProgressUpdateStreams", - "description": "List ProgressUpdateStreams", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListProgressUpdateStreams.html" - }, - "NotifyApplicationState": { - "privilege": "NotifyApplicationState", - "description": "Update an Application Discovery Service Application's state", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_NotifyApplicationState.html" - }, - "NotifyMigrationTaskState": { - "privilege": "NotifyMigrationTaskState", - "description": "Notify latest MigrationTask state", - "access_level": "Write", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_NotifyMigrationTaskState.html" - }, - "PutResourceAttributes": { - "privilege": "PutResourceAttributes", - "description": "Put ResourceAttributes", - "access_level": "Write", - "resource_types": { - "migrationTask": { - "resource_type": "migrationTask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_PutResourceAttributes.html" - } - }, - "resources": { - "progressUpdateStream": { - "resource": "progressUpdateStream", - "arn": "arn:${Partition}:mgh:${Region}:${Account}:progressUpdateStream/${Stream}", - "condition_keys": [] - }, - "migrationTask": { - "resource": "migrationTask", - "arn": "arn:${Partition}:mgh:${Region}:${Account}:progressUpdateStream/${Stream}/migrationTask/${Task}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "migrationhub-orchestrator": { - "service_name": "AWS Migration Hub Orchestrator", - "prefix": "migrationhub-orchestrator", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhuborchestrator.html", - "privileges": { - "CreateWorkflow": { - "privilege": "CreateWorkflow", - "description": "Grants permission to create a workflow based on the selected template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_CreateWorkflow.html" - }, - "CreateWorkflowStep": { - "privilege": "CreateWorkflowStep", - "description": "Grants permission to create a step under a workflow and a specific step group", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_CreateWorkflowStep.html" - }, - "CreateWorkflowStepGroup": { - "privilege": "CreateWorkflowStepGroup", - "description": "Grants permission to to create a custom step group for a given workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_CreateWorkflowStepGroup.html" - }, - "DeleteWorkflow": { - "privilege": "DeleteWorkflow", - "description": "Grants permission to a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_DeleteWorkflow.html" - }, - "DeleteWorkflowStep": { - "privilege": "DeleteWorkflowStep", - "description": "Grants permission to delete a step from a specific step group under a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_DeleteWorkflowStep.html" - }, - "DeleteWorkflowStepGroup": { - "privilege": "DeleteWorkflowStepGroup", - "description": "Grants permission to delete a step group associated with a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_DeleteWorkflowStepGroup.html" - }, - "GetMessage": { - "privilege": "GetMessage", - "description": "Grants permission to the plugin to receive information from the service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetMessage.html" - }, - "GetTemplate": { - "privilege": "GetTemplate", - "description": "Grants permission to get retrieve metadata for a Template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetTemplate.html" - }, - "GetTemplateStep": { - "privilege": "GetTemplateStep", - "description": "Grants permission to retrieve details of a step associated with a template and a step group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetTemplateStep.html" - }, - "GetTemplateStepGroup": { - "privilege": "GetTemplateStepGroup", - "description": "Grants permission to retrieve metadata of a step group under a template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetTemplateStepGroup.html" - }, - "GetWorkflow": { - "privilege": "GetWorkflow", - "description": "Grants permission to retrieve metadata asscociated with a workflow", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetWorkflow.html" - }, - "GetWorkflowStep": { - "privilege": "GetWorkflowStep", - "description": "Grants permission to get details of step associated with a workflow and a step group", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetWorkflowStep.html" - }, - "GetWorkflowStepGroup": { - "privilege": "GetWorkflowStepGroup", - "description": "Grants permission to get details of a step group associated with a workflow", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetWorkflowStepGroup.html" - }, - "ListPlugins": { - "privilege": "ListPlugins", - "description": "Grants permission to get a list all registered Plugins", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListPlugins.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get a list of all the tags tied to a resource", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTemplateStepGroups": { - "privilege": "ListTemplateStepGroups", - "description": "Grants permission to lists step groups of a template", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListTemplateStepGroups.html" - }, - "ListTemplateSteps": { - "privilege": "ListTemplateSteps", - "description": "Grants permission to get a list of steps in a step group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListServers.html" - }, - "ListTemplates": { - "privilege": "ListTemplates", - "description": "Grants permission to get a list of all Templates available to customer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListTemplates.html" - }, - "ListWorkflowStepGroups": { - "privilege": "ListWorkflowStepGroups", - "description": "Grants permission to get list of step groups associated with a workflow", - "access_level": "List", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListWorkflowStepGroups.html" - }, - "ListWorkflowSteps": { - "privilege": "ListWorkflowSteps", - "description": "Grants permission to get a list of steps within step group associated with a workflow", - "access_level": "List", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListAntiPatterns.html" - }, - "ListWorkflows": { - "privilege": "ListWorkflows", - "description": "Grants permission to list all workflows", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListWorkflows.html" - }, - "RegisterPlugin": { - "privilege": "RegisterPlugin", - "description": "Grants permission to register the plugin to receive an ID and to start receiving messages from the service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_RegisterPlugin.html" - }, - "RetryWorkflowStep": { - "privilege": "RetryWorkflowStep", - "description": "Grants permission to retry a failed step within a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_RetryWorkflowStep.html" - }, - "SendMessage": { - "privilege": "SendMessage", - "description": "Grants permission to the plugin to send information to the service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_SendMessage.html" - }, - "StartWorkflow": { - "privilege": "StartWorkflow", - "description": "Grants permission to start a workflow or resume a stopped workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_StartWorkflow.html" - }, - "StopWorkflow": { - "privilege": "StopWorkflow", - "description": "Grants permission to stop a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_StopWorkflow.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UntagResource.html" - }, - "UpdateWorkflow": { - "privilege": "UpdateWorkflow", - "description": "Grants permission to update the metadata associated with the workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UpdateWorkflow.html" - }, - "UpdateWorkflowStep": { - "privilege": "UpdateWorkflowStep", - "description": "Grants permission to update metadata and status of a custom step within a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UpdateWorkflowStep.html" - }, - "UpdateWorkflowStepGroup": { - "privilege": "UpdateWorkflowStepGroup", - "description": "Grants permission to update metadata associated with a step group in a given workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UpdateWorkflowStepGroup.html" - } - }, - "resources": { - "workflow": { - "resource": "workflow", - "arn": "arn:${Partition}:migrationhub-orchestrator:${Region}:${Account}:workflow/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "refactor-spaces": { - "service_name": "AWS Migration Hub Refactor Spaces", - "prefix": "refactor-spaces", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhubrefactorspaces.html", - "privileges": { - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application within an environment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateApplication.html" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to create an environment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html" - }, - "CreateRoute": { - "privilege": "CreateRoute", - "description": "Grants permission to create a route within an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:RouteCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:SourcePath", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateRoute.html" - }, - "CreateService": { - "privilege": "CreateService", - "description": "Grants permission to create a service within an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateService.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application from an environment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteApplication.html" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteEnvironment.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteRoute": { - "privilege": "DeleteRoute", - "description": "Grants permission to delete a route from an application", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:RouteCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:SourcePath", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteRoute.html" - }, - "DeleteService": { - "privilege": "DeleteService", - "description": "Grants permission to delete a service from an application", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteService.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to get more information about an application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetApplication.html" - }, - "GetEnvironment": { - "privilege": "GetEnvironment", - "description": "Grants permission to get more information for an environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetEnvironment.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to get the details about a resource policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetResourcePolicy.html" - }, - "GetRoute": { - "privilege": "GetRoute", - "description": "Grants permission to get more information about a route", - "access_level": "Read", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:RouteCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:SourcePath", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetRoute.html" - }, - "GetService": { - "privilege": "GetService", - "description": "Grants permission to get more information about a service", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetService.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list all the applications in an environment", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListApplications.html" - }, - "ListEnvironmentVpcs": { - "privilege": "ListEnvironmentVpcs", - "description": "Grants permission to list all the VPCs for the environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListEnvironmentVpcs.html" - }, - "ListEnvironments": { - "privilege": "ListEnvironments", - "description": "Grants permission to list all environments", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListEnvironments.html" - }, - "ListRoutes": { - "privilege": "ListRoutes", - "description": "Grants permission to list all the routes in an application", - "access_level": "Read", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListRoutes.html" - }, - "ListServices": { - "privilege": "ListServices", - "description": "Grants permission to list all the services in an environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListServices.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all the tags for a given resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListTagsForResource.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to add a resource policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_PutResourcePolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route": { - "resource_type": "route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:RouteCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:SourcePath", - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a resource", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "route": { - "resource_type": "route", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:RouteCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:SourcePath", - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_UntagResource.html" - }, - "UpdateRoute": { - "privilege": "UpdateRoute", - "description": "Grants permission to update a route from an application", - "access_level": "Write", - "resource_types": { - "route": { - "resource_type": "route", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:RouteCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:SourcePath", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_UpdateRoute.html" - } - }, - "resources": { - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "application": { - "resource": "application", - "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}/application/${ApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:CreatedByAccountIds" - ] - }, - "service": { - "resource": "service", - "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}/application/${ApplicationId}/service/${ServiceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:ServiceCreatedByAccount" - ] - }, - "route": { - "resource": "route", - "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}/application/${ApplicationId}/route/${RouteId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "refactor-spaces:ApplicationCreatedByAccount", - "refactor-spaces:CreatedByAccountIds", - "refactor-spaces:RouteCreatedByAccount", - "refactor-spaces:ServiceCreatedByAccount", - "refactor-spaces:SourcePath" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "refactor-spaces:ApplicationCreatedByAccount": { - "condition": "refactor-spaces:ApplicationCreatedByAccount", - "description": "Filters access by restricting the action to only those accounts that created the application within an environment", - "type": "String" - }, - "refactor-spaces:CreatedByAccountIds": { - "condition": "refactor-spaces:CreatedByAccountIds", - "description": "Filters access by the accounts that created the resource", - "type": "ArrayOfString" - }, - "refactor-spaces:RouteCreatedByAccount": { - "condition": "refactor-spaces:RouteCreatedByAccount", - "description": "Filters access by restricting the action to only those accounts that created the route within an application", - "type": "String" - }, - "refactor-spaces:ServiceCreatedByAccount": { - "condition": "refactor-spaces:ServiceCreatedByAccount", - "description": "Filters access by restricting the action to only those accounts that created the service within an application", - "type": "String" - }, - "refactor-spaces:SourcePath": { - "condition": "refactor-spaces:SourcePath", - "description": "Filters access by the path of the route", - "type": "String" - } - } - }, - "migrationhub-strategy": { - "service_name": "AWS Migration Hub Strategy Recommendations.", - "prefix": "migrationhub-strategy", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhubstrategyrecommendations..html", - "privileges": { - "GetAntiPattern": { - "privilege": "GetAntiPattern", - "description": "Grants permission to get details of each anti pattern that collector should look at in a customer's environment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetAntiPattern.html" - }, - "GetApplicationComponentDetails": { - "privilege": "GetApplicationComponentDetails", - "description": "Grants permission to get details of an application", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetApplicationComponentDetails.html" - }, - "GetApplicationComponentStrategies": { - "privilege": "GetApplicationComponentStrategies", - "description": "Grants permission to get a list of all recommended strategies and tools for an application running in a server", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetApplicationComponentStrategies.html" - }, - "GetAssessment": { - "privilege": "GetAssessment", - "description": "Grants permission to retrieve status of an on-going assessment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetAssessment.html" - }, - "GetImportFileTask": { - "privilege": "GetImportFileTask", - "description": "Grants permission to get details of a specific import task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetImportFileTask.html" - }, - "GetMessage": { - "privilege": "GetMessage", - "description": "Grants permission to the collector to receive information from the service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetMessage.html" - }, - "GetPortfolioPreferences": { - "privilege": "GetPortfolioPreferences", - "description": "Grants permission to retrieve customer migration/Modernization preferences", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetPortfolioPreferences.html" - }, - "GetPortfolioSummary": { - "privilege": "GetPortfolioSummary", - "description": "Grants permission to retrieve overall summary (number-of servers to rehost etc as well as overall number of anti patterns)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetPortfolioSummary.html" - }, - "GetRecommendationReportDetails": { - "privilege": "GetRecommendationReportDetails", - "description": "Grants permission to retrieve detailed information about a recommendation report", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetRecommendationReportDetails.html" - }, - "GetServerDetails": { - "privilege": "GetServerDetails", - "description": "Grants permission to get info about a specific server", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetServerDetails.html" - }, - "GetServerStrategies": { - "privilege": "GetServerStrategies", - "description": "Grants permission to get recommended strategies and tools for a specific server", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetServerStrategies.html" - }, - "ListAntiPatterns": { - "privilege": "ListAntiPatterns", - "description": "Grants permission to get a list of all anti patterns that collector should look for in a customer's environment", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListAntiPatterns.html" - }, - "ListApplicationComponents": { - "privilege": "ListApplicationComponents", - "description": "Grants permission to get a list of all applications running on servers on customer's servers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListApplicationComponents.html" - }, - "ListCollectors": { - "privilege": "ListCollectors", - "description": "Grants permission to get a list of all collectors installed by the customer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListCollectors.html" - }, - "ListImportFileTask": { - "privilege": "ListImportFileTask", - "description": "Grants permission to get list of all imports performed by the customer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListImportFileTask.html" - }, - "ListJarArtifacts": { - "privilege": "ListJarArtifacts", - "description": "Grants permission to get a list of binaries that collector should assess", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListJarArtifacts.html" - }, - "ListServers": { - "privilege": "ListServers", - "description": "Grants permission to get a list of all servers in a customer's environment", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListServers.html" - }, - "PutPortfolioPreferences": { - "privilege": "PutPortfolioPreferences", - "description": "Grants permission to save customer's Migration/Modernization preferences", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_PutPortfolioPreferences.html" - }, - "RegisterCollector": { - "privilege": "RegisterCollector", - "description": "Grants permission to register the collector to receive an ID and to start receiving messages from the service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_RegisterCollector.html" - }, - "SendMessage": { - "privilege": "SendMessage", - "description": "Grants permission to the collector to send information to the service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_SendMessage.html" - }, - "StartAssessment": { - "privilege": "StartAssessment", - "description": "Grants permission to start assessment in a customer's environment (collect data from all servers and provide recommendations)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StartAssessment.html" - }, - "StartImportFileTask": { - "privilege": "StartImportFileTask", - "description": "Grants permission to start importing data from a file provided by customer", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StartImportFileTask.html" - }, - "StartRecommendationReportGeneration": { - "privilege": "StartRecommendationReportGeneration", - "description": "Grants permission to start generating a recommendation report", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StartRecommendationReportGeneration.html" - }, - "StopAssessment": { - "privilege": "StopAssessment", - "description": "Grants permission to stop an on-going assessment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StopAssessment.html" - }, - "UpdateApplicationComponentConfig": { - "privilege": "UpdateApplicationComponentConfig", - "description": "Grants permission to update details for an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_UpdateApplicationComponentConfig.html" - }, - "UpdateServerConfig": { - "privilege": "UpdateServerConfig", - "description": "Grants permission to update info on a server along with the recommended strategy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_UpdateServerConfig.html" - }, - "GetLatestAssessmentId": { - "privilege": "GetLatestAssessmentId", - "description": "Grants permission to retrieve the latest assessment id", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetLatestAssessmentId.html" - }, - "UpdateCollectorConfiguration": { - "privilege": "UpdateCollectorConfiguration", - "description": "Grants permission to the collector to send configuration information to the service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_UpdateCollectorConfiguration.html" - } - }, - "resources": {}, - "conditions": {} - }, - "mobilehub": { - "service_name": "AWS Mobile Hub", - "prefix": "mobilehub", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmobilehub.html", - "privileges": { - "CreateProject": { - "privilege": "CreateProject", - "description": "Create a project", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "CreateServiceRole": { - "privilege": "CreateServiceRole", - "description": "Enable AWS Mobile Hub in the account by creating the required service role", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "DeleteProject": { - "privilege": "DeleteProject", - "description": "Delete the specified project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "DeleteProjectSnapshot": { - "privilege": "DeleteProjectSnapshot", - "description": "Delete a saved snapshot of project configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "DeployToStage": { - "privilege": "DeployToStage", - "description": "Deploy changes to the specified stage", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "DescribeBundle": { - "privilege": "DescribeBundle", - "description": "Describe the download bundle", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ExportBundle": { - "privilege": "ExportBundle", - "description": "Export the download bundle", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ExportProject": { - "privilege": "ExportProject", - "description": "Export the project configuration", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "GenerateProjectParameters": { - "privilege": "GenerateProjectParameters", - "description": "Generate project parameters required for code generation", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "GetProject": { - "privilege": "GetProject", - "description": "Get project configuration and resources", - "access_level": "Read", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "GetProjectSnapshot": { - "privilege": "GetProjectSnapshot", - "description": "Fetch the previously exported project configuration snapshot", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ImportProject": { - "privilege": "ImportProject", - "description": "Create a new project from the previously exported project configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "InstallBundle": { - "privilege": "InstallBundle", - "description": "Install a bundle in the project deployments S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ListAvailableConnectors": { - "privilege": "ListAvailableConnectors", - "description": "List the available SaaS (Software as a Service) connectors", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ListAvailableFeatures": { - "privilege": "ListAvailableFeatures", - "description": "List available features", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ListAvailableRegions": { - "privilege": "ListAvailableRegions", - "description": "List available regions for projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ListBundles": { - "privilege": "ListBundles", - "description": "List the available download bundles", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ListProjectSnapshots": { - "privilege": "ListProjectSnapshots", - "description": "List saved snapshots of project configuration", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ListProjects": { - "privilege": "ListProjects", - "description": "List projects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "SynchronizeProject": { - "privilege": "SynchronizeProject", - "description": "Synchronize state of resources into project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "UpdateProject": { - "privilege": "UpdateProject", - "description": "Update project", - "access_level": "Write", - "resource_types": { - "project": { - "resource_type": "project", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "ValidateProject": { - "privilege": "ValidateProject", - "description": "Validate a mobile hub project.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - }, - "VerifyServiceRole": { - "privilege": "VerifyServiceRole", - "description": "Verify AWS Mobile Hub is enabled in the account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" - } - }, - "resources": { - "project": { - "resource": "project", - "arn": "arn:${Partition}:mobilehub:${Region}:${Account}:project/${ProjectId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "network-firewall": { - "service_name": "AWS Network Firewall", - "prefix": "network-firewall", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsnetworkfirewall.html", - "privileges": { - "AssociateFirewallPolicy": { - "privilege": "AssociateFirewallPolicy", - "description": "Grants permission to create an association between a firewall policy and a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateFirewallPolicy.html" - }, - "AssociateSubnets": { - "privilege": "AssociateSubnets", - "description": "Grants permission to associate VPC subnets to a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateSubnets.html" - }, - "CreateFirewall": { - "privilege": "CreateFirewall", - "description": "Grants permission to create an AWS Network Firewall firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewall.html" - }, - "CreateFirewallPolicy": { - "privilege": "CreateFirewallPolicy", - "description": "Grants permission to create an AWS Network Firewall firewall policy", - "access_level": "Write", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewallPolicy.html" - }, - "CreateRuleGroup": { - "privilege": "CreateRuleGroup", - "description": "Grants permission to create an AWS Network Firewall rule group", - "access_level": "Write", - "resource_types": { - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateRuleGroup.html" - }, - "CreateTLSInspectionConfiguration": { - "privilege": "CreateTLSInspectionConfiguration", - "description": "Grants permission to create an AWS Network Firewall tls inspection configuration", - "access_level": "Write", - "resource_types": { - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateTLSInspectionConfiguration.html" - }, - "DeleteFirewall": { - "privilege": "DeleteFirewall", - "description": "Grants permission to delete a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewall.html" - }, - "DeleteFirewallPolicy": { - "privilege": "DeleteFirewallPolicy", - "description": "Grants permission to delete a firewall policy", - "access_level": "Write", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewallPolicy.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy for a firewall policy or rule group", - "access_level": "Write", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteRuleGroup": { - "privilege": "DeleteRuleGroup", - "description": "Grants permission to delete a rule group", - "access_level": "Write", - "resource_types": { - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteRuleGroup.html" - }, - "DeleteTLSInspectionConfiguration": { - "privilege": "DeleteTLSInspectionConfiguration", - "description": "Grants permission to delete a tls inspection configuration", - "access_level": "Write", - "resource_types": { - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteTLSInspectionConfiguration.html" - }, - "DescribeFirewall": { - "privilege": "DescribeFirewall", - "description": "Grants permission to retrieve the data objects that define a firewall", - "access_level": "Read", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewall.html" - }, - "DescribeFirewallPolicy": { - "privilege": "DescribeFirewallPolicy", - "description": "Grants permission to retrieve the data objects that define a firewall policy", - "access_level": "Read", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewallPolicy.html" - }, - "DescribeLoggingConfiguration": { - "privilege": "DescribeLoggingConfiguration", - "description": "Grants permission to describe the logging configuration of a firewall", - "access_level": "Read", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeLoggingConfiguration.html" - }, - "DescribeResourcePolicy": { - "privilege": "DescribeResourcePolicy", - "description": "Grants permission to describe a resource policy for a firewall policy or rule group", - "access_level": "Read", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeResourcePolicy.html" - }, - "DescribeRuleGroup": { - "privilege": "DescribeRuleGroup", - "description": "Grants permission to retrieve the data objects that define a rule group", - "access_level": "Read", - "resource_types": { - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html" - }, - "DescribeRuleGroupMetadata": { - "privilege": "DescribeRuleGroupMetadata", - "description": "Grants permission to retrieve the high-level information about a rule group", - "access_level": "Read", - "resource_types": { - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroupMetadata.html" - }, - "DescribeTLSInspectionConfiguration": { - "privilege": "DescribeTLSInspectionConfiguration", - "description": "Grants permission to retrieve the data objects that define a tls inspection configuration", - "access_level": "Read", - "resource_types": { - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeTLSInspectionConfiguration.html" - }, - "DisassociateSubnets": { - "privilege": "DisassociateSubnets", - "description": "Grants permission to disassociate VPC subnets from a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DisassociateSubnets.html" - }, - "ListFirewallPolicies": { - "privilege": "ListFirewallPolicies", - "description": "Grants permission to retrieve the metadata for firewall policies", - "access_level": "List", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewallPolicies.html" - }, - "ListFirewalls": { - "privilege": "ListFirewalls", - "description": "Grants permission to retrieve the metadata for firewalls", - "access_level": "List", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewalls.html" - }, - "ListRuleGroups": { - "privilege": "ListRuleGroups", - "description": "Grants permission to retrieve the metadata for rule groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListRuleGroups.html" - }, - "ListTLSInspectionConfigurations": { - "privilege": "ListTLSInspectionConfigurations", - "description": "Grants permission to retrieve the metadata for tls inspection configurations", - "access_level": "List", - "resource_types": { - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTLSInspectionConfigurations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve the tags for a resource", - "access_level": "List", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTagsForResource.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to put a resource policy for a firewall policy or rule group", - "access_level": "Write", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_PutResourcePolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to attach tags to a resource", - "access_level": "Tagging", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UntagResource.html" - }, - "UpdateFirewallDeleteProtection": { - "privilege": "UpdateFirewallDeleteProtection", - "description": "Grants permission to add or remove delete protection for a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDeleteProtection.html" - }, - "UpdateFirewallDescription": { - "privilege": "UpdateFirewallDescription", - "description": "Grants permission to modify the description for a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDescription.html" - }, - "UpdateFirewallEncryptionConfiguration": { - "privilege": "UpdateFirewallEncryptionConfiguration", - "description": "Grants permission to modify the encryption configuration of a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallEncryptionConfiguration.html" - }, - "UpdateFirewallPolicy": { - "privilege": "UpdateFirewallPolicy", - "description": "Grants permission to modify a firewall policy", - "access_level": "Write", - "resource_types": { - "FirewallPolicy": { - "resource_type": "FirewallPolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicy.html" - }, - "UpdateFirewallPolicyChangeProtection": { - "privilege": "UpdateFirewallPolicyChangeProtection", - "description": "Grants permission to add or remove firewall policy change protection for a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicyChangeProtection.html" - }, - "UpdateLoggingConfiguration": { - "privilege": "UpdateLoggingConfiguration", - "description": "Grants permission to modify the logging configuration of a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateLoggingConfiguration.html" - }, - "UpdateRuleGroup": { - "privilege": "UpdateRuleGroup", - "description": "Grants permission to modify a rule group", - "access_level": "Write", - "resource_types": { - "StatefulRuleGroup": { - "resource_type": "StatefulRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "StatelessRuleGroup": { - "resource_type": "StatelessRuleGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateRuleGroup.html" - }, - "UpdateSubnetChangeProtection": { - "privilege": "UpdateSubnetChangeProtection", - "description": "Grants permission to add or remove subnet change protection for a firewall", - "access_level": "Write", - "resource_types": { - "Firewall": { - "resource_type": "Firewall", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateSubnetChangeProtection.html" - }, - "UpdateTLSInspectionConfiguration": { - "privilege": "UpdateTLSInspectionConfiguration", - "description": "Grants permission to modify a tls inspection configuration", - "access_level": "Write", - "resource_types": { - "TLSInspectionConfiguration": { - "resource_type": "TLSInspectionConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateTLSInspectionConfiguration.html" - } - }, - "resources": { - "Firewall": { - "resource": "Firewall", - "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:firewall/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "FirewallPolicy": { - "resource": "FirewallPolicy", - "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:firewall-policy/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "StatefulRuleGroup": { - "resource": "StatefulRuleGroup", - "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:stateful-rulegroup/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "StatelessRuleGroup": { - "resource": "StatelessRuleGroup", - "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:stateless-rulegroup/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "TLSInspectionConfiguration": { - "resource": "TLSInspectionConfiguration", - "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:tls-configuration/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "networkmanager": { - "service_name": "AWS Network Manager", - "prefix": "networkmanager", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsnetworkmanager.html", - "privileges": { - "AcceptAttachment": { - "privilege": "AcceptAttachment", - "description": "Grants permission to accept creation of an attachment between a source and destination in a core network", - "access_level": "Write", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AcceptAttachment.html" - }, - "AssociateConnectPeer": { - "privilege": "AssociateConnectPeer", - "description": "Grants permission to associate a Connect Peer", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateConnectPeer.html" - }, - "AssociateCustomerGateway": { - "privilege": "AssociateCustomerGateway", - "description": "Grants permission to associate a customer gateway to a device", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "networkmanager:cgwArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateCustomerGateway.html" - }, - "AssociateLink": { - "privilege": "AssociateLink", - "description": "Grants permission to associate a link to a device", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateLink.html" - }, - "AssociateTransitGatewayConnectPeer": { - "privilege": "AssociateTransitGatewayConnectPeer", - "description": "Grants permission to associate a transit gateway connect peer to a device", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "networkmanager:tgwConnectPeerArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateTransitGatewayConnectPeer.html" - }, - "CreateConnectAttachment": { - "privilege": "CreateConnectAttachment", - "description": "Grants permission to create a Connect attachment", - "access_level": "Write", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateConnectAttachment.html" - }, - "CreateConnectPeer": { - "privilege": "CreateConnectPeer", - "description": "Grants permission to create a Connect Peer connection", - "access_level": "Write", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateConnectPeer.html" - }, - "CreateConnection": { - "privilege": "CreateConnection", - "description": "Grants permission to create a new connection", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateConnection.html" - }, - "CreateCoreNetwork": { - "privilege": "CreateCoreNetwork", - "description": "Grants permission to create a new core network", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateCoreNetwork.html" - }, - "CreateDevice": { - "privilege": "CreateDevice", - "description": "Grants permission to create a new device", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateDevice.html" - }, - "CreateGlobalNetwork": { - "privilege": "CreateGlobalNetwork", - "description": "Grants permission to create a new global network", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateGlobalNetwork.html" - }, - "CreateLink": { - "privilege": "CreateLink", - "description": "Grants permission to create a new link", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateLink.html" - }, - "CreateSite": { - "privilege": "CreateSite", - "description": "Grants permission to create a new site", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateSite.html" - }, - "CreateSiteToSiteVpnAttachment": { - "privilege": "CreateSiteToSiteVpnAttachment", - "description": "Grants permission to create a site-to-site VPN attachment", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "networkmanager:vpnConnectionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateSiteToSiteVpnAttachment.html" - }, - "CreateTransitGatewayPeering": { - "privilege": "CreateTransitGatewayPeering", - "description": "Grants permission to create a Transit Gateway peering", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "networkmanager:tgwArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateTransitGatewayPeering.html" - }, - "CreateTransitGatewayRouteTableAttachment": { - "privilege": "CreateTransitGatewayRouteTableAttachment", - "description": "Grants permission to create a TGW RTB attachment", - "access_level": "Write", - "resource_types": { - "peering": { - "resource_type": "peering", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "networkmanager:tgwRtbArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateTransitGatewayRouteTableAttachment.html" - }, - "CreateVpcAttachment": { - "privilege": "CreateVpcAttachment", - "description": "Grants permission to create a VPC attachment", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "networkmanager:vpcArn", - "networkmanager:subnetArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateVpcAttachment.html" - }, - "DeleteAttachment": { - "privilege": "DeleteAttachment", - "description": "Grants permission to delete an attachment", - "access_level": "Write", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteAttachment.html" - }, - "DeleteConnectPeer": { - "privilege": "DeleteConnectPeer", - "description": "Grants permission to delete a Connect Peer", - "access_level": "Write", - "resource_types": { - "connect-peer": { - "resource_type": "connect-peer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteConnectPeer.html" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to delete a connection", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteConnection.html" - }, - "DeleteCoreNetwork": { - "privilege": "DeleteCoreNetwork", - "description": "Grants permission to delete a core network", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteCoreNetwork.html" - }, - "DeleteCoreNetworkPolicyVersion": { - "privilege": "DeleteCoreNetworkPolicyVersion", - "description": "Grants permission to delete the core network policy version", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteCoreNetworkPolicyVersion.html" - }, - "DeleteDevice": { - "privilege": "DeleteDevice", - "description": "Grants permission to delete a device", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteDevice.html" - }, - "DeleteGlobalNetwork": { - "privilege": "DeleteGlobalNetwork", - "description": "Grants permission to delete a global network", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteGlobalNetwork.html" - }, - "DeleteLink": { - "privilege": "DeleteLink", - "description": "Grants permission to delete a link", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteLink.html" - }, - "DeletePeering": { - "privilege": "DeletePeering", - "description": "Grants permission to delete a peering", - "access_level": "Write", - "resource_types": { - "peering": { - "resource_type": "peering", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeletePeering.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteSite": { - "privilege": "DeleteSite", - "description": "Grants permission to delete a site", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteSite.html" - }, - "DeregisterTransitGateway": { - "privilege": "DeregisterTransitGateway", - "description": "Grants permission to deregister a transit gateway from a global network", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "networkmanager:tgwArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeregisterTransitGateway.html" - }, - "DescribeGlobalNetworks": { - "privilege": "DescribeGlobalNetworks", - "description": "Grants permission to describe global networks", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DescribeGlobalNetworks.html" - }, - "DisassociateConnectPeer": { - "privilege": "DisassociateConnectPeer", - "description": "Grants permission to disassociate a Connect Peer", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateConnectPeer.html" - }, - "DisassociateCustomerGateway": { - "privilege": "DisassociateCustomerGateway", - "description": "Grants permission to disassociate a customer gateway from a device", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "networkmanager:cgwArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateCustomerGateway.html" - }, - "DisassociateLink": { - "privilege": "DisassociateLink", - "description": "Grants permission to disassociate a link from a device", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateLink.html" - }, - "DisassociateTransitGatewayConnectPeer": { - "privilege": "DisassociateTransitGatewayConnectPeer", - "description": "Grants permission to disassociate a transit gateway connect peer from a device", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "networkmanager:tgwConnectPeerArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateTransitGatewayConnectPeer.html" - }, - "ExecuteCoreNetworkChangeSet": { - "privilege": "ExecuteCoreNetworkChangeSet", - "description": "Grants permission to apply changes to the core network", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ExecuteCoreNetworkChangeSet.html" - }, - "GetConnectAttachment": { - "privilege": "GetConnectAttachment", - "description": "Grants permission to retrieve a Connect attachment", - "access_level": "Read", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnectAttachment.html" - }, - "GetConnectPeer": { - "privilege": "GetConnectPeer", - "description": "Grants permission to retrieve a Connect Peer", - "access_level": "Read", - "resource_types": { - "connect-peer": { - "resource_type": "connect-peer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnectPeer.html" - }, - "GetConnectPeerAssociations": { - "privilege": "GetConnectPeerAssociations", - "description": "Grants permission to describe Connect Peer associations", - "access_level": "Read", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnectPeerAssociations.html" - }, - "GetConnections": { - "privilege": "GetConnections", - "description": "Grants permission to describe connections", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnections.html" - }, - "GetCoreNetwork": { - "privilege": "GetCoreNetwork", - "description": "Grants permission to retrieve a core network", - "access_level": "Read", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetwork.html" - }, - "GetCoreNetworkChangeEvents": { - "privilege": "GetCoreNetworkChangeEvents", - "description": "Grants permission to retrieve a list of core network change events", - "access_level": "Read", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetworkChangeEvents.html" - }, - "GetCoreNetworkChangeSet": { - "privilege": "GetCoreNetworkChangeSet", - "description": "Grants permission to retrieve a list of core network change sets", - "access_level": "Read", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetworkChangeSet.html" - }, - "GetCoreNetworkPolicy": { - "privilege": "GetCoreNetworkPolicy", - "description": "Grants permission to retrieve core network policy", - "access_level": "Read", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetworkPolicy.html" - }, - "GetCustomerGatewayAssociations": { - "privilege": "GetCustomerGatewayAssociations", - "description": "Grants permission to describe customer gateway associations", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCustomerGatewayAssociations.html" - }, - "GetDevices": { - "privilege": "GetDevices", - "description": "Grants permission to describe devices", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetDevices.html" - }, - "GetLinkAssociations": { - "privilege": "GetLinkAssociations", - "description": "Grants permission to describe link associations", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetLinkAssociations.html" - }, - "GetLinks": { - "privilege": "GetLinks", - "description": "Grants permission to describe links", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetLinks.html" - }, - "GetNetworkResourceCounts": { - "privilege": "GetNetworkResourceCounts", - "description": "Grants permission to return the number of resources for a global network grouped by type", - "access_level": "Read", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkResourceCounts.html" - }, - "GetNetworkResourceRelationships": { - "privilege": "GetNetworkResourceRelationships", - "description": "Grants permission to retrieve related resources for a resource within the global network", - "access_level": "Read", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkResourceRelationships.html" - }, - "GetNetworkResources": { - "privilege": "GetNetworkResources", - "description": "Grants permission to retrieve a global network resource", - "access_level": "Read", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkResources.html" - }, - "GetNetworkRoutes": { - "privilege": "GetNetworkRoutes", - "description": "Grants permission to retrieve routes for a route table within the global network", - "access_level": "Read", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkRoutes.html" - }, - "GetNetworkTelemetry": { - "privilege": "GetNetworkTelemetry", - "description": "Grants permission to retrieve network telemetry objects for the global network", - "access_level": "Read", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkTelemetry.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to retrieve a resource policy", - "access_level": "Read", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetResourcePolicy.html" - }, - "GetRouteAnalysis": { - "privilege": "GetRouteAnalysis", - "description": "Grants permission to retrieve a route analysis configuration and result", - "access_level": "Read", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetRouteAnalysis.html" - }, - "GetSiteToSiteVpnAttachment": { - "privilege": "GetSiteToSiteVpnAttachment", - "description": "Grants permission to retrieve a site-to-site VPN attachment", - "access_level": "Read", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetSiteToSiteVpnAttachment.html" - }, - "GetSites": { - "privilege": "GetSites", - "description": "Grants permission to describe global networks", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetSites.html" - }, - "GetTransitGatewayConnectPeerAssociations": { - "privilege": "GetTransitGatewayConnectPeerAssociations", - "description": "Grants permission to describe transit gateway connect peer associations", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayConnectPeerAssociations.html" - }, - "GetTransitGatewayPeering": { - "privilege": "GetTransitGatewayPeering", - "description": "Grants permission to retrieve a Transit Gateway peering", - "access_level": "Read", - "resource_types": { - "peering": { - "resource_type": "peering", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayPeering.html" - }, - "GetTransitGatewayRegistrations": { - "privilege": "GetTransitGatewayRegistrations", - "description": "Grants permission to describe transit gateway registrations", - "access_level": "List", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayRegistrations.html" - }, - "GetTransitGatewayRouteTableAttachment": { - "privilege": "GetTransitGatewayRouteTableAttachment", - "description": "Grants permission to retrieve a TGW RTB attachment", - "access_level": "Read", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayRouteTableAttachment.html" - }, - "GetVpcAttachment": { - "privilege": "GetVpcAttachment", - "description": "Grants permission to retrieve a VPC attachment", - "access_level": "Read", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetVpcAttachment.html" - }, - "ListAttachments": { - "privilege": "ListAttachments", - "description": "Grants permission to describe attachments", - "access_level": "List", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListAttachments.html" - }, - "ListConnectPeers": { - "privilege": "ListConnectPeers", - "description": "Grants permission to describe Connect Peers", - "access_level": "List", - "resource_types": { - "connect-peer": { - "resource_type": "connect-peer", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListConnectPeers.html" - }, - "ListCoreNetworkPolicyVersions": { - "privilege": "ListCoreNetworkPolicyVersions", - "description": "Grants permission to list core network policy versions", - "access_level": "List", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListCoreNetworkPolicyVersions.html" - }, - "ListCoreNetworks": { - "privilege": "ListCoreNetworks", - "description": "Grants permission to list core networks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListCoreNetworks.html" - }, - "ListOrganizationServiceAccessStatus": { - "privilege": "ListOrganizationServiceAccessStatus", - "description": "Grants permission to list organization service access status", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListOrganizationServiceAccessStatus.html" - }, - "ListPeerings": { - "privilege": "ListPeerings", - "description": "Grants permission to describe peerings", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListPeerings.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a Network Manager resource", - "access_level": "Read", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connect-peer": { - "resource_type": "connect-peer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "core-network": { - "resource_type": "core-network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListTagsForResource.html" - }, - "PutCoreNetworkPolicy": { - "privilege": "PutCoreNetworkPolicy", - "description": "Grants permission to create a core network policy", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_PutCoreNetworkPolicy.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create or update a resource policy", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_PutResourcePolicy.html" - }, - "RegisterTransitGateway": { - "privilege": "RegisterTransitGateway", - "description": "Grants permission to register a transit gateway to a global network", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "networkmanager:tgwArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_RegisterTransitGateway.html" - }, - "RejectAttachment": { - "privilege": "RejectAttachment", - "description": "Grants permission to reject attachment request", - "access_level": "Write", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_RejectAttachment.html" - }, - "RestoreCoreNetworkPolicyVersion": { - "privilege": "RestoreCoreNetworkPolicyVersion", - "description": "Grants permission to restore the core network policy to a previous version", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_RestoreCoreNetworkPolicyVersion.html" - }, - "StartOrganizationServiceAccessUpdate": { - "privilege": "StartOrganizationServiceAccessUpdate", - "description": "Grants permission to start organization service access update", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_StartOrganizationServiceAccessUpdate.html" - }, - "StartRouteAnalysis": { - "privilege": "StartRouteAnalysis", - "description": "Grants permission to start a route analysis and stores analysis configuration", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_StartRouteAnalysis.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a Network Manager resource", - "access_level": "Tagging", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connect-peer": { - "resource_type": "connect-peer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "core-network": { - "resource_type": "core-network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a Network Manager resource", - "access_level": "Tagging", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connect-peer": { - "resource_type": "connect-peer", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "core-network": { - "resource_type": "core-network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UntagResource.html" - }, - "UpdateConnection": { - "privilege": "UpdateConnection", - "description": "Grants permission to update a connection", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateConnection.html" - }, - "UpdateCoreNetwork": { - "privilege": "UpdateCoreNetwork", - "description": "Grants permission to update a core network", - "access_level": "Write", - "resource_types": { - "core-network": { - "resource_type": "core-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateCoreNetwork.html" - }, - "UpdateDevice": { - "privilege": "UpdateDevice", - "description": "Grants permission to update a device", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateDevice.html" - }, - "UpdateGlobalNetwork": { - "privilege": "UpdateGlobalNetwork", - "description": "Grants permission to update a global network", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateGlobalNetwork.html" - }, - "UpdateLink": { - "privilege": "UpdateLink", - "description": "Grants permission to update a link", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "link": { - "resource_type": "link", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateLink.html" - }, - "UpdateNetworkResourceMetadata": { - "privilege": "UpdateNetworkResourceMetadata", - "description": "Grants permission to add or update metadata key/value pairs on network resource", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateNetworkResourceMetadata.html" - }, - "UpdateSite": { - "privilege": "UpdateSite", - "description": "Grants permission to update a site", - "access_level": "Write", - "resource_types": { - "global-network": { - "resource_type": "global-network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateSite.html" - }, - "UpdateVpcAttachment": { - "privilege": "UpdateVpcAttachment", - "description": "Grants permission to update a VPC attachment", - "access_level": "Write", - "resource_types": { - "attachment": { - "resource_type": "attachment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "networkmanager:subnetArns" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateVpcAttachment.html" - } - }, - "resources": { - "global-network": { - "resource": "global-network", - "arn": "arn:${Partition}:networkmanager::${Account}:global-network/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "site": { - "resource": "site", - "arn": "arn:${Partition}:networkmanager::${Account}:site/${GlobalNetworkId}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "link": { - "resource": "link", - "arn": "arn:${Partition}:networkmanager::${Account}:link/${GlobalNetworkId}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "device": { - "resource": "device", - "arn": "arn:${Partition}:networkmanager::${Account}:device/${GlobalNetworkId}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "connection": { - "resource": "connection", - "arn": "arn:${Partition}:networkmanager::${Account}:connection/${GlobalNetworkId}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "core-network": { - "resource": "core-network", - "arn": "arn:${Partition}:networkmanager::${Account}:core-network/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "attachment": { - "resource": "attachment", - "arn": "arn:${Partition}:networkmanager::${Account}:attachment/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "connect-peer": { - "resource": "connect-peer", - "arn": "arn:${Partition}:networkmanager::${Account}:connect-peer/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "peering": { - "resource": "peering", - "arn": "arn:${Partition}:networkmanager::${Account}:peering/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "networkmanager:cgwArn": { - "condition": "networkmanager:cgwArn", - "description": "Filters access by which customer gateways can be associated or disassociated", - "type": "String" - }, - "networkmanager:subnetArns": { - "condition": "networkmanager:subnetArns", - "description": "Filters access by which VPC subnets can be added or removed from a VPC attachment", - "type": "ArrayOfString" - }, - "networkmanager:tgwArn": { - "condition": "networkmanager:tgwArn", - "description": "Filters access by which transit gateways can be registered or deregistered", - "type": "String" - }, - "networkmanager:tgwConnectPeerArn": { - "condition": "networkmanager:tgwConnectPeerArn", - "description": "Filters access by which transit gateway connect peers can be associated or disassociated", - "type": "String" - }, - "networkmanager:tgwRtbArn": { - "condition": "networkmanager:tgwRtbArn", - "description": "Filters access by which Transit Gateway Route Table can be used to create an attachment", - "type": "ARN" - }, - "networkmanager:vpcArn": { - "condition": "networkmanager:vpcArn", - "description": "Filters access by which VPC can be used to a create/update attachment", - "type": "String" - }, - "networkmanager:vpnConnectionArn": { - "condition": "networkmanager:vpnConnectionArn", - "description": "Filters access by which Site-to-Site VPN can be used to a create/update attachment", - "type": "String" - } - } - }, - "opsworks": { - "service_name": "AWS OpsWorks", - "prefix": "opsworks", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsopsworks.html", - "privileges": { - "AssignInstance": { - "privilege": "AssignInstance", - "description": "Grants permission to assign a registered instance to a layer", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AssignInstance.html" - }, - "AssignVolume": { - "privilege": "AssignVolume", - "description": "Grants permission to assign one of the stack's registered Amazon EBS volumes to a specified instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AssignVolume.html" - }, - "AssociateElasticIp": { - "privilege": "AssociateElasticIp", - "description": "Grants permission to associate one of the stack's registered Elastic IP addresses with a specified instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AssociateElasticIp.html" - }, - "AttachElasticLoadBalancer": { - "privilege": "AttachElasticLoadBalancer", - "description": "Grants permission to attach an Elastic Load Balancing load balancer to a specified layer", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AttachElasticLoadBalancer.html" - }, - "CloneStack": { - "privilege": "CloneStack", - "description": "Grants permission to create a clone of a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CloneStack.html" - }, - "CreateApp": { - "privilege": "CreateApp", - "description": "Grants permission to create an app for a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateApp.html" - }, - "CreateDeployment": { - "privilege": "CreateDeployment", - "description": "Grants permission to run deployment or stack commands", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateDeployment.html" - }, - "CreateInstance": { - "privilege": "CreateInstance", - "description": "Grants permission to create an instance in a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateInstance.html" - }, - "CreateLayer": { - "privilege": "CreateLayer", - "description": "Grants permission to create a layer", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateLayer.html" - }, - "CreateStack": { - "privilege": "CreateStack", - "description": "Grants permission to create a new stack", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateStack.html" - }, - "CreateUserProfile": { - "privilege": "CreateUserProfile", - "description": "Grants permission to create a new user profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateUserProfile.html" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Grants permission to delete a specified app", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteApp.html" - }, - "DeleteInstance": { - "privilege": "DeleteInstance", - "description": "Grants permission to delete a specified instance, which terminates the associated Amazon EC2 instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteInstance.html" - }, - "DeleteLayer": { - "privilege": "DeleteLayer", - "description": "Grants permission to delete a specified layer", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteLayer.html" - }, - "DeleteStack": { - "privilege": "DeleteStack", - "description": "Grants permission to delete a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteStack.html" - }, - "DeleteUserProfile": { - "privilege": "DeleteUserProfile", - "description": "Grants permission to delete a user profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteUserProfile.html" - }, - "DeregisterEcsCluster": { - "privilege": "DeregisterEcsCluster", - "description": "Grants permission to delete a user profile", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterEcsCluster.html" - }, - "DeregisterElasticIp": { - "privilege": "DeregisterElasticIp", - "description": "Grants permission to deregister a specified Elastic IP address", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterElasticIp.html" - }, - "DeregisterInstance": { - "privilege": "DeregisterInstance", - "description": "Grants permission to deregister a registered Amazon EC2 or on-premises instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterInstance.html" - }, - "DeregisterRdsDbInstance": { - "privilege": "DeregisterRdsDbInstance", - "description": "Grants permission to deregister an Amazon RDS instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterRdsDbInstance.html" - }, - "DeregisterVolume": { - "privilege": "DeregisterVolume", - "description": "Grants permission to deregister an Amazon EBS volume", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterVolume.html" - }, - "DescribeAgentVersions": { - "privilege": "DescribeAgentVersions", - "description": "Grants permission to describe the available AWS OpsWorks agent versions", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeAgentVersions.html" - }, - "DescribeApps": { - "privilege": "DescribeApps", - "description": "Grants permission to request a description of a specified set of apps", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeApps.html" - }, - "DescribeCommands": { - "privilege": "DescribeCommands", - "description": "Grants permission to describe the results of specified commands", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeCommands.html" - }, - "DescribeDeployments": { - "privilege": "DescribeDeployments", - "description": "Grants permission to request a description of a specified set of deployments", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeDeployments.html" - }, - "DescribeEcsClusters": { - "privilege": "DescribeEcsClusters", - "description": "Grants permission to describe Amazon ECS clusters that are registered with a stack", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeEcsClusters.html" - }, - "DescribeElasticIps": { - "privilege": "DescribeElasticIps", - "description": "Grants permission to describe Elastic IP addresses", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeElasticIps.html" - }, - "DescribeElasticLoadBalancers": { - "privilege": "DescribeElasticLoadBalancers", - "description": "Grants permission to describe a stack's Elastic Load Balancing instances", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeElasticLoadBalancers.html" - }, - "DescribeInstances": { - "privilege": "DescribeInstances", - "description": "Grants permission to request a description of a set of instances", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeInstances.html" - }, - "DescribeLayers": { - "privilege": "DescribeLayers", - "description": "Grants permission to request a description of one or more layers in a specified stack", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeLayers.html" - }, - "DescribeLoadBasedAutoScaling": { - "privilege": "DescribeLoadBasedAutoScaling", - "description": "Grants permission to describe load-based auto scaling configurations for specified layers", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeLoadBasedAutoScaling.html" - }, - "DescribeMyUserProfile": { - "privilege": "DescribeMyUserProfile", - "description": "Grants permission to describe a user's SSH information", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeMyUserProfile.html" - }, - "DescribeOperatingSystems": { - "privilege": "DescribeOperatingSystems", - "description": "Grants permission to describe the operating systems that are supported by AWS OpsWorks Stacks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeOperatingSystems.html" - }, - "DescribePermissions": { - "privilege": "DescribePermissions", - "description": "Grants permission to describe the permissions for a specified stack", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribePermissions.html" - }, - "DescribeRaidArrays": { - "privilege": "DescribeRaidArrays", - "description": "Grants permission to describe an instance's RAID arrays", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeRaidArrays.html" - }, - "DescribeRdsDbInstances": { - "privilege": "DescribeRdsDbInstances", - "description": "Grants permission to describe Amazon RDS instances", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeRdsDbInstances.html" - }, - "DescribeServiceErrors": { - "privilege": "DescribeServiceErrors", - "description": "Grants permission to describe AWS OpsWorks service errors", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeServiceErrors.html" - }, - "DescribeStackProvisioningParameters": { - "privilege": "DescribeStackProvisioningParameters", - "description": "Grants permission to request a description of a stack's provisioning parameters", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeStackProvisioningParameters.html" - }, - "DescribeStackSummary": { - "privilege": "DescribeStackSummary", - "description": "Grants permission to describe the number of layers and apps in a specified stack, and the number of instances in each state, such as running_setup or online", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeStackSummary.html" - }, - "DescribeStacks": { - "privilege": "DescribeStacks", - "description": "Grants permission to request a description of one or more stacks", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeStacks.html" - }, - "DescribeTimeBasedAutoScaling": { - "privilege": "DescribeTimeBasedAutoScaling", - "description": "Grants permission to describe time-based auto scaling configurations for specified instances", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeTimeBasedAutoScaling.html" - }, - "DescribeUserProfiles": { - "privilege": "DescribeUserProfiles", - "description": "Grants permission to describe specified users", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeUserProfiles.html" - }, - "DescribeVolumes": { - "privilege": "DescribeVolumes", - "description": "Grants permission to describe an instance's Amazon EBS volumes", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeVolumes.html" - }, - "DetachElasticLoadBalancer": { - "privilege": "DetachElasticLoadBalancer", - "description": "Grants permission to detache a specified Elastic Load Balancing instance from its layer", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DetachElasticLoadBalancer.html" - }, - "DisassociateElasticIp": { - "privilege": "DisassociateElasticIp", - "description": "Grants permission to disassociate an Elastic IP address from its instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DisassociateElasticIp.html" - }, - "GetHostnameSuggestion": { - "privilege": "GetHostnameSuggestion", - "description": "Grants permission to get a generated host name for the specified layer, based on the current host name theme", - "access_level": "Read", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_GetHostnameSuggestion.html" - }, - "GrantAccess": { - "privilege": "GrantAccess", - "description": "Grants permission to grant RDP access to a Windows instance for a specified time period", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RebootInstance.html" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to return a list of tags that are applied to the specified stack or layer", - "access_level": "List", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_ListTags.html" - }, - "RebootInstance": { - "privilege": "RebootInstance", - "description": "Grants permission to reboot a specified instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RebootInstance.html" - }, - "RegisterEcsCluster": { - "privilege": "RegisterEcsCluster", - "description": "Grants permission to register a specified Amazon ECS cluster with a stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterEcsCluster.html" - }, - "RegisterElasticIp": { - "privilege": "RegisterElasticIp", - "description": "Grants permission to register an Elastic IP address with a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterElasticIp.html" - }, - "RegisterInstance": { - "privilege": "RegisterInstance", - "description": "Grants permission to register instances with a specified stack that were created outside of AWS OpsWorks", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterInstance.html" - }, - "RegisterRdsDbInstance": { - "privilege": "RegisterRdsDbInstance", - "description": "Grants permission to register an Amazon RDS instance with a stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterRdsDbInstance.html" - }, - "RegisterVolume": { - "privilege": "RegisterVolume", - "description": "Grants permission to register an Amazon EBS volume with a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterVolume.html" - }, - "SetLoadBasedAutoScaling": { - "privilege": "SetLoadBasedAutoScaling", - "description": "Grants permission to specify the load-based auto scaling configuration for a specified layer", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_SetLoadBasedAutoScaling.html" - }, - "SetPermission": { - "privilege": "SetPermission", - "description": "Grants permission to specify a user's permissions", - "access_level": "Permissions management", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_SetPermission.html" - }, - "SetTimeBasedAutoScaling": { - "privilege": "SetTimeBasedAutoScaling", - "description": "Grants permission to specify the time-based auto scaling configuration for a specified instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_SetTimeBasedAutoScaling.html" - }, - "StartInstance": { - "privilege": "StartInstance", - "description": "Grants permission to start a specified instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StartInstance.html" - }, - "StartStack": { - "privilege": "StartStack", - "description": "Grants permission to start a stack's instances", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StartStack.html" - }, - "StopInstance": { - "privilege": "StopInstance", - "description": "Grants permission to stop a specified instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StopInstance.html" - }, - "StopStack": { - "privilege": "StopStack", - "description": "Grants permission to stop a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StopStack.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to apply tags to a specified stack or layer", - "access_level": "Tagging", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_TagResource.html" - }, - "UnassignInstance": { - "privilege": "UnassignInstance", - "description": "Grants permission to unassign a registered instance from all of it's layers", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UnassignInstance.html" - }, - "UnassignVolume": { - "privilege": "UnassignVolume", - "description": "Grants permission to unassign an assigned Amazon EBS volume", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UnassignVolume.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a specified stack or layer", - "access_level": "Tagging", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UntagResource.html" - }, - "UpdateApp": { - "privilege": "UpdateApp", - "description": "Grants permission to update a specified app", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateApp.html" - }, - "UpdateElasticIp": { - "privilege": "UpdateElasticIp", - "description": "Grants permission to update a registered Elastic IP address's name", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateElasticIp.html" - }, - "UpdateInstance": { - "privilege": "UpdateInstance", - "description": "Grants permission to update a specified instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateInstance.html" - }, - "UpdateLayer": { - "privilege": "UpdateLayer", - "description": "Grants permission to update a specified layer", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateLayer.html" - }, - "UpdateMyUserProfile": { - "privilege": "UpdateMyUserProfile", - "description": "Grants permission to update a user's SSH public key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateMyUserProfile.html" - }, - "UpdateRdsDbInstance": { - "privilege": "UpdateRdsDbInstance", - "description": "Grants permission to update an Amazon RDS instance", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateRdsDbInstance.html" - }, - "UpdateStack": { - "privilege": "UpdateStack", - "description": "Grants permission to update a specified stack", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateStack.html" - }, - "UpdateUserProfile": { - "privilege": "UpdateUserProfile", - "description": "Grants permission to update a specified user profile", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateUserProfile.html" - }, - "UpdateVolume": { - "privilege": "UpdateVolume", - "description": "Grants permission to update an Amazon EBS volume's name or mount point", - "access_level": "Write", - "resource_types": { - "stack": { - "resource_type": "stack", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateVolume.html" - } - }, - "resources": { - "stack": { - "resource": "stack", - "arn": "arn:${Partition}:opsworks:${Region}:${Account}:stack/${StackId}/", - "condition_keys": [] - } - }, - "conditions": {} - }, - "opsworks-cm": { - "service_name": "AWS OpsWorks Configuration Management", - "prefix": "opsworks-cm", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsopsworksconfigurationmanagement.html", - "privileges": { - "AssociateNode": { - "privilege": "AssociateNode", - "description": "Grants permission to associate a node to a configuration management server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_AssociateNode.html" - }, - "CreateBackup": { - "privilege": "CreateBackup", - "description": "Grants permission to create a backup for the specified server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_CreateBackup.html" - }, - "CreateServer": { - "privilege": "CreateServer", - "description": "Grants permission to create a new server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_CreateServer.html" - }, - "DeleteBackup": { - "privilege": "DeleteBackup", - "description": "Grants permission to delete the specified backup and possibly its S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DeleteBackup.html" - }, - "DeleteServer": { - "privilege": "DeleteServer", - "description": "Grants permission to delete the specified server with its corresponding CloudFormation stack and possibly the S3 bucket", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DeleteServer.html" - }, - "DescribeAccountAttributes": { - "privilege": "DescribeAccountAttributes", - "description": "Grants permission to describe the service limits for the user's account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeAccountAttributes.html" - }, - "DescribeBackups": { - "privilege": "DescribeBackups", - "description": "Grants permission to describe a single backup, all backups of a specified server or all backups of the user's account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeBackups.html" - }, - "DescribeEvents": { - "privilege": "DescribeEvents", - "description": "Grants permission to describe all events of the specified server", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeEvents.html" - }, - "DescribeNodeAssociationStatus": { - "privilege": "DescribeNodeAssociationStatus", - "description": "Grants permission to describe the association status for the specified node token and the specified server", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeNodeAssociationStatus.html" - }, - "DescribeServers": { - "privilege": "DescribeServers", - "description": "Grants permission to describe the specified server or all servers of the user's account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeServers.html" - }, - "DisassociateNode": { - "privilege": "DisassociateNode", - "description": "Grants permission to disassociate a specified node from a server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DisassociateNode.html" - }, - "ExportServerEngineAttribute": { - "privilege": "ExportServerEngineAttribute", - "description": "Grants permission to export an engine attribute from a server", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_ExportServerEngineAttribute.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags that are applied to the specified server or backup", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_ListTagsForResource.html" - }, - "RestoreServer": { - "privilege": "RestoreServer", - "description": "Grants permission to apply a backup to specified server. Possibly swaps out the ec2-instance if specified", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_RestoreServer.html" - }, - "StartMaintenance": { - "privilege": "StartMaintenance", - "description": "Grants permission to start the server maintenance immediately", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_StartMaintenance.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to apply tags to the specified server or backup", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from the specified server or backup", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_UntagResource.html" - }, - "UpdateServer": { - "privilege": "UpdateServer", - "description": "Grants permission to update general server settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_UpdateServer.html" - }, - "UpdateServerEngineAttributes": { - "privilege": "UpdateServerEngineAttributes", - "description": "Grants permission to update server settings specific to the configuration management type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_UpdateServerEngineAttributes.html" - } - }, - "resources": { - "server": { - "resource": "server", - "arn": "arn:${Partition}:opsworks-cm::${Account}:server/${ServerName}/${UniqueId}", - "condition_keys": [] - }, - "backup": { - "resource": "backup", - "arn": "arn:${Partition}:opsworks-cm::${Account}:backup/${ServerName}-{Date-and-Time-Stamp-of-Backup}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "organizations": { - "service_name": "AWS Organizations", - "prefix": "organizations", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html", - "privileges": { - "AcceptHandshake": { - "privilege": "AcceptHandshake", - "description": "Grants permission to send a response to the originator of a handshake agreeing to the action proposed by the handshake request", - "access_level": "Write", - "resource_types": { - "handshake": { - "resource_type": "handshake", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_AcceptHandshake.html" - }, - "AttachPolicy": { - "privilege": "AttachPolicy", - "description": "Grants permission to attach a policy to a root, an organizational unit, or an individual account", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_AttachPolicy.html" - }, - "CancelHandshake": { - "privilege": "CancelHandshake", - "description": "Grants permission to cancel a handshake", - "access_level": "Write", - "resource_types": { - "handshake": { - "resource_type": "handshake", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CancelHandshake.html" - }, - "CloseAccount": { - "privilege": "CloseAccount", - "description": "Grants permission to close an AWS account that is now a part of an Organizations, either created within the organization, or invited to join the organization", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CloseAccount.html" - }, - "CreateAccount": { - "privilege": "CreateAccount", - "description": "Grants permission to create an AWS account that is automatically a member of the organization with the credentials that made the request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateAccount.html" - }, - "CreateGovCloudAccount": { - "privilege": "CreateGovCloudAccount", - "description": "Grants permission to create an AWS GovCloud (US) account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateGovCloudAccount.html" - }, - "CreateOrganization": { - "privilege": "CreateOrganization", - "description": "Grants permission to create an organization. The account with the credentials that calls the CreateOrganization operation automatically becomes the management account of the new organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateOrganization.html" - }, - "CreateOrganizationalUnit": { - "privilege": "CreateOrganizationalUnit", - "description": "Grants permission to create an organizational unit (OU) within a root or parent OU", - "access_level": "Write", - "resource_types": { - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateOrganizationalUnit.html" - }, - "CreatePolicy": { - "privilege": "CreatePolicy", - "description": "Grants permission to create a policy that you can attach to a root, an organizational unit (OU), or an individual AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreatePolicy.html" - }, - "DeclineHandshake": { - "privilege": "DeclineHandshake", - "description": "Grants permission to decline a handshake request. This sets the handshake state to DECLINED and effectively deactivates the request", - "access_level": "Write", - "resource_types": { - "handshake": { - "resource_type": "handshake", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeclineHandshake.html" - }, - "DeleteOrganization": { - "privilege": "DeleteOrganization", - "description": "Grants permission to delete the organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeleteOrganization.html" - }, - "DeleteOrganizationalUnit": { - "privilege": "DeleteOrganizationalUnit", - "description": "Grants permission to delete an organizational unit from a root or another OU", - "access_level": "Write", - "resource_types": { - "organizationalunit": { - "resource_type": "organizationalunit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeleteOrganizationalUnit.html" - }, - "DeletePolicy": { - "privilege": "DeletePolicy", - "description": "Grants permission to delete a policy from your organization", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeletePolicy.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a resource policy from your organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeregisterDelegatedAdministrator": { - "privilege": "DeregisterDelegatedAdministrator", - "description": "Grants permission to deregister the specified member AWS account as a delegated administrator for the AWS service that is specified by ServicePrincipal", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:ServicePrincipal" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeregisterDelegatedAdministrator.html" - }, - "DescribeAccount": { - "privilege": "DescribeAccount", - "description": "Grants permission to retrieve Organizations-related details about the specified account", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeAccount.html" - }, - "DescribeCreateAccountStatus": { - "privilege": "DescribeCreateAccountStatus", - "description": "Grants permission to retrieve the current status of an asynchronous request to create an account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeCreateAccountStatus.html" - }, - "DescribeEffectivePolicy": { - "privilege": "DescribeEffectivePolicy", - "description": "Grants permission to retrieve the effective policy for an account", - "access_level": "Read", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeEffectivePolicy.html" - }, - "DescribeHandshake": { - "privilege": "DescribeHandshake", - "description": "Grants permission to retrieve details about a previously requested handshake", - "access_level": "Read", - "resource_types": { - "handshake": { - "resource_type": "handshake", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeHandshake.html" - }, - "DescribeOrganization": { - "privilege": "DescribeOrganization", - "description": "Grants permission to retrieves details about the organization that the calling credentials belong to", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeOrganization.html" - }, - "DescribeOrganizationalUnit": { - "privilege": "DescribeOrganizationalUnit", - "description": "Grants permission to retrieve details about an organizational unit (OU)", - "access_level": "Read", - "resource_types": { - "organizationalunit": { - "resource_type": "organizationalunit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeOrganizationalUnit.html" - }, - "DescribePolicy": { - "privilege": "DescribePolicy", - "description": "Grants permission to retrieves details about a policy", - "access_level": "Read", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribePolicy.html" - }, - "DescribeResourcePolicy": { - "privilege": "DescribeResourcePolicy", - "description": "Grants permission to retrieve information about a resource policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeResourcePolicy.html" - }, - "DetachPolicy": { - "privilege": "DetachPolicy", - "description": "Grants permission to detach a policy from a target root, organizational unit, or account", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DetachPolicy.html" - }, - "DisableAWSServiceAccess": { - "privilege": "DisableAWSServiceAccess", - "description": "Grants permission to disable integration of an AWS service (the service that is specified by ServicePrincipal) with AWS Organizations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:ServicePrincipal" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DisableAWSServiceAccess.html" - }, - "DisablePolicyType": { - "privilege": "DisablePolicyType", - "description": "Grants permission to disable an organization policy type in a root", - "access_level": "Write", - "resource_types": { - "root": { - "resource_type": "root", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DisablePolicyType.html" - }, - "EnableAWSServiceAccess": { - "privilege": "EnableAWSServiceAccess", - "description": "Grants permission to enable integration of an AWS service (the service that is specified by ServicePrincipal) with AWS Organizations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:ServicePrincipal" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html" - }, - "EnableAllFeatures": { - "privilege": "EnableAllFeatures", - "description": "Grants permission to start the process to enable all features in an organization, upgrading it from supporting only Consolidated Billing features", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAllFeatures.html" - }, - "EnablePolicyType": { - "privilege": "EnablePolicyType", - "description": "Grants permission to enable a policy type in a root", - "access_level": "Write", - "resource_types": { - "root": { - "resource_type": "root", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html" - }, - "InviteAccountToOrganization": { - "privilege": "InviteAccountToOrganization", - "description": "Grants permission to send an invitation to another AWS account, asking it to join your organization as a member account", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_InviteAccountToOrganization.html" - }, - "LeaveOrganization": { - "privilege": "LeaveOrganization", - "description": "Grants permission to remove a member account from its parent organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_LeaveOrganization.html" - }, - "ListAWSServiceAccessForOrganization": { - "privilege": "ListAWSServiceAccessForOrganization", - "description": "Grants permission to retrieve the list of the AWS services for which you enabled integration with your organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAWSServiceAccessForOrganization.html" - }, - "ListAccounts": { - "privilege": "ListAccounts", - "description": "Grants permission to list all of the the accounts in the organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html" - }, - "ListAccountsForParent": { - "privilege": "ListAccountsForParent", - "description": "Grants permission to list the accounts in an organization that are contained by a root or organizational unit (OU)", - "access_level": "List", - "resource_types": { - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccountsForParent.html" - }, - "ListChildren": { - "privilege": "ListChildren", - "description": "Grants permission to list all of the OUs or accounts that are contained in a parent OU or root", - "access_level": "List", - "resource_types": { - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListChildren.html" - }, - "ListCreateAccountStatus": { - "privilege": "ListCreateAccountStatus", - "description": "Grants permission to list the asynchronous account creation requests that are currently being tracked for the organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListCreateAccountStatus.html" - }, - "ListDelegatedAdministrators": { - "privilege": "ListDelegatedAdministrators", - "description": "Grants permission to list the AWS accounts that are designated as delegated administrators in this organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:ServicePrincipal" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListDelegatedAdministrators.html" - }, - "ListDelegatedServicesForAccount": { - "privilege": "ListDelegatedServicesForAccount", - "description": "Grants permission to list the AWS services for which the specified account is a delegated administrator in this organization", - "access_level": "List", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListDelegatedServicesForAccount.html" - }, - "ListHandshakesForAccount": { - "privilege": "ListHandshakesForAccount", - "description": "Grants permission to list all of the handshakes that are associated with an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListHandshakesForAccount.html" - }, - "ListHandshakesForOrganization": { - "privilege": "ListHandshakesForOrganization", - "description": "Grants permission to list the handshakes that are associated with the organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListHandshakesForOrganization.html" - }, - "ListOrganizationalUnitsForParent": { - "privilege": "ListOrganizationalUnitsForParent", - "description": "Grants permission to lists all of the organizational units (OUs) in a parent organizational unit or root", - "access_level": "List", - "resource_types": { - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html" - }, - "ListParents": { - "privilege": "ListParents", - "description": "Grants permission to list the root or organizational units (OUs) that serve as the immediate parent of a child OU or account", - "access_level": "List", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListParents.html" - }, - "ListPolicies": { - "privilege": "ListPolicies", - "description": "Grants permission to list all of the policies in an organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListPolicies.html" - }, - "ListPoliciesForTarget": { - "privilege": "ListPoliciesForTarget", - "description": "Grants permission to list all of the policies that are directly attached to a root, organizational unit (OU), or account", - "access_level": "List", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListPoliciesForTarget.html" - }, - "ListRoots": { - "privilege": "ListRoots", - "description": "Grants permission to list all of the roots that are defined in the organization", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list all tags for the specified resource", - "access_level": "List", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resourcepolicy": { - "resource_type": "resourcepolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTargetsForPolicy": { - "privilege": "ListTargetsForPolicy", - "description": "Grants permission to list all the roots, OUs, and accounts to which a policy is attached", - "access_level": "List", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListTargetsForPolicy.html" - }, - "MoveAccount": { - "privilege": "MoveAccount", - "description": "Grants permission to move an account from its current root or OU to another parent root or OU", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_MoveAccount.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create or update a resource policy", - "access_level": "Write", - "resource_types": { - "resourcepolicy": { - "resource_type": "resourcepolicy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_PutResourcePolicy.html" - }, - "RegisterDelegatedAdministrator": { - "privilege": "RegisterDelegatedAdministrator", - "description": "Grants permission to register the specified member account to administer the Organizations features of the AWS service that is specified by ServicePrincipal", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:ServicePrincipal" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_RegisterDelegatedAdministrator.html" - }, - "RemoveAccountFromOrganization": { - "privilege": "RemoveAccountFromOrganization", - "description": "Grants permission to removes the specified account from the organization", - "access_level": "Write", - "resource_types": { - "account": { - "resource_type": "account", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_RemoveAccountFromOrganization.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resourcepolicy": { - "resource_type": "resourcepolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "account": { - "resource_type": "account", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "organizationalunit": { - "resource_type": "organizationalunit", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "policy": { - "resource_type": "policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resourcepolicy": { - "resource_type": "resourcepolicy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "root": { - "resource_type": "root", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_UntagResource.html" - }, - "UpdateOrganizationalUnit": { - "privilege": "UpdateOrganizationalUnit", - "description": "Grants permission to rename an organizational unit (OU)", - "access_level": "Write", - "resource_types": { - "organizationalunit": { - "resource_type": "organizationalunit", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_UpdateOrganizationalUnit.html" - }, - "UpdatePolicy": { - "privilege": "UpdatePolicy", - "description": "Grants permission to update an existing policy with a new name, description, or content", - "access_level": "Write", - "resource_types": { - "policy": { - "resource_type": "policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "organizations:PolicyType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_UpdatePolicy.html" - } - }, - "resources": { - "account": { - "resource": "account", - "arn": "arn:${Partition}:organizations::${Account}:account/o-${OrganizationId}/${AccountId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "handshake": { - "resource": "handshake", - "arn": "arn:${Partition}:organizations::${Account}:handshake/o-${OrganizationId}/${HandshakeType}/h-${HandshakeId}", - "condition_keys": [] - }, - "organization": { - "resource": "organization", - "arn": "arn:${Partition}:organizations::${Account}:organization/o-${OrganizationId}", - "condition_keys": [] - }, - "organizationalunit": { - "resource": "organizationalunit", - "arn": "arn:${Partition}:organizations::${Account}:ou/o-${OrganizationId}/ou-${OrganizationalUnitId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "policy": { - "resource": "policy", - "arn": "arn:${Partition}:organizations::${Account}:policy/o-${OrganizationId}/${PolicyType}/p-${PolicyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "resourcepolicy": { - "resource": "resourcepolicy", - "arn": "arn:${Partition}:organizations::${Account}:resourcepolicy/o-${OrganizationId}/rp-${ResourcePolicyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "awspolicy": { - "resource": "awspolicy", - "arn": "arn:${Partition}:organizations::aws:policy/${PolicyType}/p-${PolicyId}", - "condition_keys": [] - }, - "root": { - "resource": "root", - "arn": "arn:${Partition}:organizations::${Account}:root/o-${OrganizationId}/r-${RootId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "organizations:PolicyType": { - "condition": "organizations:PolicyType", - "description": "Filters access by the specified policy type names", - "type": "String" - }, - "organizations:ServicePrincipal": { - "condition": "organizations:ServicePrincipal", - "description": "Filters access by the specified service principal names", - "type": "String" - } - } - }, - "outposts": { - "service_name": "AWS Outposts", - "prefix": "outposts", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsoutposts.html", - "privileges": { - "CancelOrder": { - "privilege": "CancelOrder", - "description": "Grants permission to cancel an order", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CancelOrder.html" - }, - "CreateOrder": { - "privilege": "CreateOrder", - "description": "Grants permission to create an order", - "access_level": "Write", - "resource_types": { - "outpost": { - "resource_type": "outpost", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CreateOrder.html" - }, - "CreateOutpost": { - "privilege": "CreateOutpost", - "description": "Grants permission to create an Outpost", - "access_level": "Write", - "resource_types": { - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CreateOutpost.html" - }, - "CreatePrivateConnectivityConfig": { - "privilege": "CreatePrivateConnectivityConfig", - "description": "Grants permission to create a private connectivity configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/how-outposts-works.html#private-connectivity" - }, - "CreateSite": { - "privilege": "CreateSite", - "description": "Grants permission to create a site", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CreateSite.html" - }, - "DeleteOutpost": { - "privilege": "DeleteOutpost", - "description": "Grants permission to delete an Outpost", - "access_level": "Write", - "resource_types": { - "outpost": { - "resource_type": "outpost", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_DeleteOutpost.html" - }, - "DeleteSite": { - "privilege": "DeleteSite", - "description": "Grants permission to delete a site", - "access_level": "Write", - "resource_types": { - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_DeleteSite.html" - }, - "GetCatalogItem": { - "privilege": "GetCatalogItem", - "description": "Grants permission to get a catalog item", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetCatalogItem.html" - }, - "GetConnection": { - "privilege": "GetConnection", - "description": "Grants permission to get information about the connection for your Outpost server", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetConnection.html" - }, - "GetOrder": { - "privilege": "GetOrder", - "description": "Grants permission to get information about an order", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetOrder.html" - }, - "GetOutpost": { - "privilege": "GetOutpost", - "description": "Grants permission to get information about the specified Outpost", - "access_level": "Read", - "resource_types": { - "outpost": { - "resource_type": "outpost", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetOutpost.html" - }, - "GetOutpostInstanceTypes": { - "privilege": "GetOutpostInstanceTypes", - "description": "Grants permission to get the instance types for the specified Outpost", - "access_level": "Read", - "resource_types": { - "outpost": { - "resource_type": "outpost", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetOutpostInstanceTypes.html" - }, - "GetPrivateConnectivityConfig": { - "privilege": "GetPrivateConnectivityConfig", - "description": "Grants permission to get a private connectivity configuration", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/how-outposts-works.html#private-connectivity" - }, - "GetSite": { - "privilege": "GetSite", - "description": "Grants permission to get a site", - "access_level": "Read", - "resource_types": { - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetSite.html" - }, - "GetSiteAddress": { - "privilege": "GetSiteAddress", - "description": "Grants permission to get a site address", - "access_level": "Read", - "resource_types": { - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetSiteAddress.html" - }, - "ListAssets": { - "privilege": "ListAssets", - "description": "Grants permission to list the assets for your Outpost", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListAssets.html" - }, - "ListCatalogItems": { - "privilege": "ListCatalogItems", - "description": "Grants permission to list all catalog items", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListCatalogItems.html" - }, - "ListOrders": { - "privilege": "ListOrders", - "description": "Grants permission to list the orders for your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListOrders.html" - }, - "ListOutposts": { - "privilege": "ListOutposts", - "description": "Grants permission to list the Outposts for your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListOutposts.html" - }, - "ListSites": { - "privilege": "ListSites", - "description": "Grants permission to list the sites for your AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListSites.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListTagsForResource.html" - }, - "StartConnection": { - "privilege": "StartConnection", - "description": "Grants permission to start a connection for your Outpost server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_StartConnection.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "outpost": { - "resource_type": "outpost", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "outpost": { - "resource_type": "outpost", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "site": { - "resource_type": "site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UntagResource.html" - }, - "UpdateOutpost": { - "privilege": "UpdateOutpost", - "description": "Grants permission to update an Outpost", - "access_level": "Write", - "resource_types": { - "outpost": { - "resource_type": "outpost", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateOutpost.html" - }, - "UpdateSite": { - "privilege": "UpdateSite", - "description": "Grants permission to update a site", - "access_level": "Write", - "resource_types": { - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateSite.html" - }, - "UpdateSiteAddress": { - "privilege": "UpdateSiteAddress", - "description": "Grants permission to update the site address", - "access_level": "Write", - "resource_types": { - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateSiteAddress.html" - }, - "UpdateSiteRackPhysicalProperties": { - "privilege": "UpdateSiteRackPhysicalProperties", - "description": "Grants permission to update the physical properties of a rack at a site", - "access_level": "Write", - "resource_types": { - "site": { - "resource_type": "site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateSiteRackPhysicalProperties.html" - } - }, - "resources": { - "outpost": { - "resource": "outpost", - "arn": "arn:${Partition}:outposts:${Region}:${Account}:outpost/${OutpostId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "site": { - "resource": "site", - "arn": "arn:${Partition}:outposts:${Region}:${Account}:site/${SiteId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "panorama": { - "service_name": "AWS Panorama", - "prefix": "panorama", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspanorama.html", - "privileges": { - "CreateApplicationInstance": { - "privilege": "CreateApplicationInstance", - "description": "Grants permission to create an AWS Panorama Application Instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreateApplicationInstance.html" - }, - "CreateJobForDevices": { - "privilege": "CreateJobForDevices", - "description": "Grants permission to create a job for an AWS Panorama Appliance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreateJobForDevices.html" - }, - "CreateNodeFromTemplateJob": { - "privilege": "CreateNodeFromTemplateJob", - "description": "Grants permission to create an AWS Panorama Node", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreateNodeFromTemplateJob.html" - }, - "CreatePackage": { - "privilege": "CreatePackage", - "description": "Grants permission to create an AWS Panorama Package", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreatePackage.html" - }, - "CreatePackageImportJob": { - "privilege": "CreatePackageImportJob", - "description": "Grants permission to create an AWS Panorama Package", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreatePackageImportJob.html" - }, - "DeleteDevice": { - "privilege": "DeleteDevice", - "description": "Grants permission to deregister an AWS Panorama Appliance", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DeleteDevice.html" - }, - "DeletePackage": { - "privilege": "DeletePackage", - "description": "Grants permission to delete an AWS Panorama Package", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DeletePackage.html" - }, - "DeregisterPackageVersion": { - "privilege": "DeregisterPackageVersion", - "description": "Grants permission to deregister an AWS Panorama package version", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DeregisterPackageVersion.html" - }, - "DescribeApplicationInstance": { - "privilege": "DescribeApplicationInstance", - "description": "Grants permission to view details about an AWS Panorama application instance", - "access_level": "Read", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeApplicationInstance.html" - }, - "DescribeApplicationInstanceDetails": { - "privilege": "DescribeApplicationInstanceDetails", - "description": "Grants permission to view details about an AWS Panorama application instance", - "access_level": "Read", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeApplicationInstanceDetails.html" - }, - "DescribeDevice": { - "privilege": "DescribeDevice", - "description": "Grants permission to view details about an AWS Panorama Appliance", - "access_level": "Read", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeDevice.html" - }, - "DescribeDeviceJob": { - "privilege": "DescribeDeviceJob", - "description": "Grants permission to view job details for an AWS Panorama Appliance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeDeviceJob.html" - }, - "DescribeNode": { - "privilege": "DescribeNode", - "description": "Grants permission to view details about an AWS Panorama application node", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeNode.html" - }, - "DescribeNodeFromTemplateJob": { - "privilege": "DescribeNodeFromTemplateJob", - "description": "Grants permission to view details about AWS Panorama application node", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeNodeFromTemplateJob.html" - }, - "DescribePackage": { - "privilege": "DescribePackage", - "description": "Grants permission to view details about an AWS Panorama package", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribePackage.html" - }, - "DescribePackageImportJob": { - "privilege": "DescribePackageImportJob", - "description": "Grants permission to view details about an AWS Panorama package", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribePackageImportJob.html" - }, - "DescribePackageVersion": { - "privilege": "DescribePackageVersion", - "description": "Grants permission to view details about an AWS Panorama package version", - "access_level": "Read", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribePackageVersion.html" - }, - "DescribeSoftware": { - "privilege": "DescribeSoftware", - "description": "Grants permission to view details about a software version for the AWS Panorama Appliance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspanorama.html" - }, - "GetWebSocketURL": { - "privilege": "GetWebSocketURL", - "description": "Grants permission to generate a WebSocket endpoint for communication with AWS Panorama", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspanorama.html" - }, - "ListApplicationInstanceDependencies": { - "privilege": "ListApplicationInstanceDependencies", - "description": "Grants permission to retrieve a list of application instance dependencies in AWS Panorama", - "access_level": "List", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListApplicationInstanceDependencies.html" - }, - "ListApplicationInstanceNodeInstances": { - "privilege": "ListApplicationInstanceNodeInstances", - "description": "Grants permission to retrieve a list of node instances of application instances in AWS Panorama", - "access_level": "List", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListApplicationInstanceNodeInstances.html" - }, - "ListApplicationInstances": { - "privilege": "ListApplicationInstances", - "description": "Grants permission to retrieve a list of application instances in AWS Panorama", - "access_level": "List", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListApplicationInstances.html" - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Grants permission to retrieve a list of appliances in AWS Panorama", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListDevices.html" - }, - "ListDevicesJobs": { - "privilege": "ListDevicesJobs", - "description": "Grants permission to retrieve a list of jobs for an AWS Panorama Appliance", - "access_level": "List", - "resource_types": { - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListDevicesJobs.html" - }, - "ListNodeFromTemplateJobs": { - "privilege": "ListNodeFromTemplateJobs", - "description": "Grants permission to retrieve a list of Nodes for an AWS Panorama Appliance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListNodeFromTemplateJobs.html" - }, - "ListNodes": { - "privilege": "ListNodes", - "description": "Grants permission to retrieve a list of nodes in AWS Panorama", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListNodes.html" - }, - "ListPackageImportJobs": { - "privilege": "ListPackageImportJobs", - "description": "Grants permission to retrieve a list of packages in AWS Panorama", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListPackageImportJobs.html" - }, - "ListPackages": { - "privilege": "ListPackages", - "description": "Grants permission to retrieve a list of packages in AWS Panorama", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListPackages.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve a list of tags for a resource in AWS Panorama", - "access_level": "Read", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "package": { - "resource_type": "package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListTagsForResource.html" - }, - "ProvisionDevice": { - "privilege": "ProvisionDevice", - "description": "Grants permission to register an AWS Panorama Appliance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ProvisionDevice.html" - }, - "RegisterPackageVersion": { - "privilege": "RegisterPackageVersion", - "description": "Grants permission to register an AWS Panorama package version", - "access_level": "Write", - "resource_types": { - "package": { - "resource_type": "package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_RegisterPackageVersion.html" - }, - "RemoveApplicationInstance": { - "privilege": "RemoveApplicationInstance", - "description": "Grants permission to remove an AWS Panorama application instance", - "access_level": "Write", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_RemoveApplicationInstance.html" - }, - "SignalApplicationInstanceNodeInstances": { - "privilege": "SignalApplicationInstanceNodeInstances", - "description": "Grants permission to signal camera nodes in an application instance to pause or resume", - "access_level": "Write", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_SignalApplicationInstanceNodeInstances.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource in AWS Panorama", - "access_level": "Tagging", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "package": { - "resource_type": "package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource in AWS Panorama", - "access_level": "Tagging", - "resource_types": { - "applicationInstance": { - "resource_type": "applicationInstance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "device": { - "resource_type": "device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "package": { - "resource_type": "package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_UntagResource.html" - }, - "UpdateDeviceMetadata": { - "privilege": "UpdateDeviceMetadata", - "description": "Grants permission to modify basic settings for an AWS Panorama Appliance", - "access_level": "Write", - "resource_types": { - "device": { - "resource_type": "device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_UpdateDeviceMetadata.html" - } - }, - "resources": { - "device": { - "resource": "device", - "arn": "arn:${Partition}:panorama:${Region}:${Account}:device/${DeviceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "package": { - "resource": "package", - "arn": "arn:${Partition}:panorama:${Region}:${Account}:package/${PackageId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "applicationInstance": { - "resource": "applicationInstance", - "arn": "arn:${Partition}:panorama:${Region}:${Account}:applicationInstance/${ApplicationInstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "payment-cryptography": { - "service_name": "AWS Payment Cryptography", - "prefix": "payment-cryptography", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspaymentcryptography.html", - "privileges": { - "CreateAlias": { - "privilege": "CreateAlias", - "description": "Grants permission to create a user-friendly name for a Key", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html" - }, - "CreateKey": { - "privilege": "CreateKey", - "description": "Grants permission to create a unique customer managed key in the caller's AWS account and region", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "payment-cryptography:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html" - }, - "DecryptData": { - "privilege": "DecryptData", - "description": "Grants permission to decrypt ciphertext data to plaintext using symmetric, asymmetric or DUKPT data encryption key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_DecryptData.html" - }, - "DeleteAlias": { - "privilege": "DeleteAlias", - "description": "Grants permission to delete the specified alias", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html" - }, - "DeleteKey": { - "privilege": "DeleteKey", - "description": "Grants permission to schedule the deletion of a Key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html" - }, - "EncryptData": { - "privilege": "EncryptData", - "description": "Grants permission to encrypt plaintext data to ciphertext using symmetric, asymmetric or DUKPT data encryption key", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_EncryptData.html" - }, - "ExportKey": { - "privilege": "ExportKey", - "description": "Grants permission to export a key from the service", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ExportKey.html" - }, - "GenerateCardValidationData": { - "privilege": "GenerateCardValidationData", - "description": "Grants permission to generate card-related data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) or Card Security Codes (CSC) that check the validity of a magnetic stripe card", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateCardValidationData.html" - }, - "GenerateMac": { - "privilege": "GenerateMac", - "description": "Grants permission to generate a MAC (Message Authentication Code) cryptogram", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateMac.html" - }, - "GeneratePinData": { - "privilege": "GeneratePinData", - "description": "Grants permission to generate pin-related data such as PIN, PIN Verification Value (PVV), PIN Block and PIN Offset during new card issuance or card re-issuance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GeneratePinData.html" - }, - "GetAlias": { - "privilege": "GetAlias", - "description": "Grants permission to return the keyArn associated with an aliasName", - "access_level": "Read", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html" - }, - "GetKey": { - "privilege": "GetKey", - "description": "Grants permission to return the detailed information about the specified key", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey.html" - }, - "GetParametersForExport": { - "privilege": "GetParametersForExport", - "description": "Grants permission to get the export token and the signing key certificate to initiate a TR-34 key export", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForExport.html" - }, - "GetParametersForImport": { - "privilege": "GetParametersForImport", - "description": "Grants permission to get the import token and the wrapping key certificate to initiate a TR-34 key import", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html" - }, - "GetPublicKeyCertificate": { - "privilege": "GetPublicKeyCertificate", - "description": "Grants permission to return the public key from a key of class PUBLIC_KEY", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html" - }, - "ImportKey": { - "privilege": "ImportKey", - "description": "Grants permission to imports keys and public key certificates", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "payment-cryptography:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html" - }, - "ListAliases": { - "privilege": "ListAliases", - "description": "Grants permission to return a list of aliases created for all keys in the caller's AWS account and Region", - "access_level": "List", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html" - }, - "ListKeys": { - "privilege": "ListKeys", - "description": "Grants permission to return a list of keys created in the caller's AWS account and Region", - "access_level": "List", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return a list of tags created in the caller's AWS account and Region", - "access_level": "Read", - "resource_types": { - "key": { - "resource_type": "key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html" - }, - "ReEncryptData": { - "privilege": "ReEncryptData", - "description": "Grants permission to re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption Keys", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_ReEncryptData.html" - }, - "RestoreKey": { - "privilege": "RestoreKey", - "description": "Grants permission to cancel a scheduled key deletion if at any point during the waiting period a Key needs to be revived", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_RestoreKey.html" - }, - "StartKeyUsage": { - "privilege": "StartKeyUsage", - "description": "Grants permission to enable a disabled Key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html" - }, - "StopKeyUsage": { - "privilege": "StopKeyUsage", - "description": "Grants permission to disable an enabled Key", - "access_level": "Write", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or overwrites one or more tags for the specified resource", - "access_level": "Tagging", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html" - }, - "TranslatePinData": { - "privilege": "TranslatePinData", - "description": "Grants permission to translate encrypted PIN block from and to ISO 9564 formats 0,1,3,4", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_TranslatePinData.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove the specified tag or tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UntagResource.html" - }, - "UpdateAlias": { - "privilege": "UpdateAlias", - "description": "Grants permission to change the key to which an alias is assigned, or unassign it from its current key", - "access_level": "Write", - "resource_types": { - "alias": { - "resource_type": "alias", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "key": { - "resource_type": "key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html" - }, - "VerifyAuthRequestCryptogram": { - "privilege": "VerifyAuthRequestCryptogram", - "description": "Grants permission to verify Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyAuthRequestCryptogram.html" - }, - "VerifyCardValidationData": { - "privilege": "VerifyCardValidationData", - "description": "Grants permission to verify card-related validation data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) and Card Security Codes (CSC)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyCardValidationData.html" - }, - "VerifyMac": { - "privilege": "VerifyMac", - "description": "Grants permission to verify MAC (Message Authentication Code) of input data against a provided MAC", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyMac.html" - }, - "VerifyPinData": { - "privilege": "VerifyPinData", - "description": "Grants permission to verify pin-related data such as PIN and PIN Offset using algorithms including VISA PVV and IBM3624", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyPinData.html" - } - }, - "resources": { - "key": { - "resource": "key", - "arn": "arn:${Partition}:payment-cryptography:${Region}:${Account}:key/${KeyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "payment-cryptography:ResourceAliases" - ] - }, - "alias": { - "resource": "alias", - "arn": "arn:${Partition}:payment-cryptography:${Region}:${Account}:alias/${Alias}", - "condition_keys": [ - "payment-cryptography:ResourceAliases" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by both the key and value of the tag in the request for the specified operation", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags assigned to a key for the specified operation", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in the request for the specified operation", - "type": "ArrayOfString" - }, - "payment-cryptography:CertificateAuthorityPublicKeyIdentifier": { - "condition": "payment-cryptography:CertificateAuthorityPublicKeyIdentifier", - "description": "Filters access by the CertificateAuthorityPublicKeyIdentifier specified in the request or the ImportKey, and ExportKey operations", - "type": "String" - }, - "payment-cryptography:ImportKeyMaterial": { - "condition": "payment-cryptography:ImportKeyMaterial", - "description": "Filters access by the type of key material being imported [RootCertificatePublicKey, TrustedCertificatePublicKey, Tr34KeyBlock, Tr31KeyBlock] for the ImportKey operation", - "type": "String" - }, - "payment-cryptography:KeyAlgorithm": { - "condition": "payment-cryptography:KeyAlgorithm", - "description": "Filters access by KeyAlgorithm specified in the request for the CreateKey operation", - "type": "String" - }, - "payment-cryptography:KeyClass": { - "condition": "payment-cryptography:KeyClass", - "description": "Filters access by KeyClass specified in the request for the CreateKey operation", - "type": "String" - }, - "payment-cryptography:KeyUsage": { - "condition": "payment-cryptography:KeyUsage", - "description": "Filters access by KeyClass specified in the request or associated with a key for the CreateKey operation", - "type": "String" - }, - "payment-cryptography:RequestAlias": { - "condition": "payment-cryptography:RequestAlias", - "description": "Filters access by aliases in the request for the specified operation", - "type": "String" - }, - "payment-cryptography:ResourceAliases": { - "condition": "payment-cryptography:ResourceAliases", - "description": "Filters access by aliases associated with a key for the specified operation", - "type": "ArrayOfString" - }, - "payment-cryptography:WrappingKeyIdentifier": { - "condition": "payment-cryptography:WrappingKeyIdentifier", - "description": "Filters access by the WrappingKeyIdentifier specified in the request for the ImportKey, and ExportKey operations", - "type": "String" - } - } - }, - "payments": { - "service_name": "AWS Payments", - "prefix": "payments", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspayments.html", - "privileges": { - "CreatePaymentInstrument": { - "privilege": "CreatePaymentInstrument", - "description": "Grants permission to create a payment instrument", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "DeletePaymentInstrument": { - "privilege": "DeletePaymentInstrument", - "description": "Grants permission to delete a payment instrument", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetPaymentInstrument": { - "privilege": "GetPaymentInstrument", - "description": "Grants permission to get information about a payment instrument", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetPaymentStatus": { - "privilege": "GetPaymentStatus", - "description": "Grants permission to get payment status of invoices", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "ListPaymentPreferences": { - "privilege": "ListPaymentPreferences", - "description": "Grants permission to get payment preferences (preferred payment currency, preferred payment method, etc.)", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "MakePayment": { - "privilege": "MakePayment", - "description": "Grants permission to make a payment, authenticate a payment, verify a payment method, and generate a funding request document for Advance Pay", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "UpdatePaymentPreferences": { - "privilege": "UpdatePaymentPreferences", - "description": "Grants permission to update payment preferences (preferred payment currency, preferred payment method, etc.)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - } - }, - "resources": {}, - "conditions": {} - }, - "pi": { - "service_name": "AWS Performance Insights", - "prefix": "pi", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsperformanceinsights.html", - "privileges": { - "DescribeDimensionKeys": { - "privilege": "DescribeDimensionKeys", - "description": "Grants permission to call DescribeDimensionKeys API to retrieve the top N dimension keys for a metric for a specific time period", - "access_level": "Read", - "resource_types": { - "metric-resource": { - "resource_type": "metric-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_DescribeDimensionKeys.html" - }, - "GetDimensionKeyDetails": { - "privilege": "GetDimensionKeyDetails", - "description": "Grants permission to call GetDimensionKeyDetails API to retrieve the attributes of the specified dimension group", - "access_level": "Read", - "resource_types": { - "metric-resource": { - "resource_type": "metric-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_GetDimensionKeyDetails.html" - }, - "GetResourceMetadata": { - "privilege": "GetResourceMetadata", - "description": "Grants permission to call GetResourceMetadata API to retrieve the metadata for different features", - "access_level": "Read", - "resource_types": { - "metric-resource": { - "resource_type": "metric-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_GetResourceMetadata.html" - }, - "GetResourceMetrics": { - "privilege": "GetResourceMetrics", - "description": "Grants permission to call GetResourceMetrics API to retrieve PI metrics for a set of data sources, over a time period", - "access_level": "Read", - "resource_types": { - "metric-resource": { - "resource_type": "metric-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_GetResourceMetrics.html" - }, - "ListAvailableResourceDimensions": { - "privilege": "ListAvailableResourceDimensions", - "description": "Grants permission to call ListAvailableResourceDimensions API to retrieve the dimensions that can be queried for each specified metric type on a specified DB instance", - "access_level": "Read", - "resource_types": { - "metric-resource": { - "resource_type": "metric-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_ListAvailableResourceDimensions.html" - }, - "ListAvailableResourceMetrics": { - "privilege": "ListAvailableResourceMetrics", - "description": "Grants permission to call ListAvailableResourceMetrics API to retrieve metrics of the specified types that can be queried for a specified DB instance", - "access_level": "Read", - "resource_types": { - "metric-resource": { - "resource_type": "metric-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_ListAvailableResourceMetrics.html" - } - }, - "resources": { - "metric-resource": { - "resource": "metric-resource", - "arn": "arn:${Partition}:pi:${Region}:${Account}:metrics/${ServiceType}/${Identifier}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "pricing": { - "service_name": "AWS Price List", - "prefix": "pricing", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspricelist.html", - "privileges": { - "DescribeServices": { - "privilege": "DescribeServices", - "description": "Grants permission to retrieve service details for all (paginated) services (if serviceCode is not set) or service detail for a particular service (if given serviceCode)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_DescribeServices.html" - }, - "GetAttributeValues": { - "privilege": "GetAttributeValues", - "description": "Grants permission to retrieve all (paginated) possible values for a given attribute", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_GetAttributeValues.html" - }, - "GetPriceListFileUrl": { - "privilege": "GetPriceListFileUrl", - "description": "Grants permission to retrieve the price list file URL for the given parameters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_GetPriceListFileUrl.html" - }, - "GetProducts": { - "privilege": "GetProducts", - "description": "Grants permission to retrieve all matching products with given search criteria", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_GetProducts.html" - }, - "ListPriceLists": { - "privilege": "ListPriceLists", - "description": "Grants permission to list all (paginated) eligible price lists for the given parameters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_ListPriceLists.html" - } - }, - "resources": {}, - "conditions": {} - }, - "proton": { - "service_name": "AWS Proton", - "prefix": "proton", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsproton.html", - "privileges": { - "AcceptEnvironmentAccountConnection": { - "privilege": "AcceptEnvironmentAccountConnection", - "description": "Grants permission to reject an environment account connection request from another environment account", - "access_level": "Write", - "resource_types": { - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_AcceptEnvironmentAccountConnection.html" - }, - "CancelComponentDeployment": { - "privilege": "CancelComponentDeployment", - "description": "Grants permission to cancel component deployment", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelComponentDeployment.html" - }, - "CancelEnvironmentDeployment": { - "privilege": "CancelEnvironmentDeployment", - "description": "Grants permission to cancel an environment deployment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:EnvironmentTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelEnvironmentDeployment.html" - }, - "CancelServiceInstanceDeployment": { - "privilege": "CancelServiceInstanceDeployment", - "description": "Grants permission to cancel a service instance deployment", - "access_level": "Write", - "resource_types": { - "service-instance": { - "resource_type": "service-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelServiceInstanceDeployment.html" - }, - "CancelServicePipelineDeployment": { - "privilege": "CancelServicePipelineDeployment", - "description": "Grants permission to cancel a service pipeline deployment", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelServicePipelineDeployment.html" - }, - "CreateComponent": { - "privilege": "CreateComponent", - "description": "Grants permission to create component", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateComponent.html" - }, - "CreateEnvironment": { - "privilege": "CreateEnvironment", - "description": "Grants permission to create an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "proton:EnvironmentTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironment.html" - }, - "CreateEnvironmentAccountConnection": { - "privilege": "CreateEnvironmentAccountConnection", - "description": "Grants permission to create an environment account connection", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentAccountConnection.html" - }, - "CreateEnvironmentTemplate": { - "privilege": "CreateEnvironmentTemplate", - "description": "Grants permission to create an environment template", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplate.html" - }, - "CreateEnvironmentTemplateMajorVersion": { - "privilege": "CreateEnvironmentTemplateMajorVersion", - "description": "Grants permission to create an environment template major version. DEPRECATED - use CreateEnvironmentTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplateMajorVersion.html" - }, - "CreateEnvironmentTemplateMinorVersion": { - "privilege": "CreateEnvironmentTemplateMinorVersion", - "description": "Grants permission to create an environment template minor version. DEPRECATED - use CreateEnvironmentTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplateMinorVersion.html" - }, - "CreateEnvironmentTemplateVersion": { - "privilege": "CreateEnvironmentTemplateVersion", - "description": "Grants permission to create an environment template version", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplateVersion.html" - }, - "CreateRepository": { - "privilege": "CreateRepository", - "description": "Grants permission to create a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateRepository.html" - }, - "CreateService": { - "privilege": "CreateService", - "description": "Grants permission to create a service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "codestar-connections:PassConnection" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateService.html" - }, - "CreateServiceInstance": { - "privilege": "CreateServiceInstance", - "description": "Grants permission to create a service instance", - "access_level": "Write", - "resource_types": { - "service-instance": { - "resource_type": "service-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceInstance.html" - }, - "CreateServiceSyncConfig": { - "privilege": "CreateServiceSyncConfig", - "description": "Grants permission to create a service sync config", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceSyncConfig.html" - }, - "CreateServiceTemplate": { - "privilege": "CreateServiceTemplate", - "description": "Grants permission to create a service template", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplate.html" - }, - "CreateServiceTemplateMajorVersion": { - "privilege": "CreateServiceTemplateMajorVersion", - "description": "Grants permission to create a service template major version. DEPRECATED - use CreateServiceTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplateMajorVersion.html" - }, - "CreateServiceTemplateMinorVersion": { - "privilege": "CreateServiceTemplateMinorVersion", - "description": "Grants permission to create a service template minor version. DEPRECATED - use CreateServiceTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplateMinorVersion.html" - }, - "CreateServiceTemplateVersion": { - "privilege": "CreateServiceTemplateVersion", - "description": "Grants permission to create a service template version", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplateVersion.html" - }, - "CreateTemplateSyncConfig": { - "privilege": "CreateTemplateSyncConfig", - "description": "Grants permission to create a template sync config", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateTemplateSyncConfig.html" - }, - "DeleteAccountRoles": { - "privilege": "DeleteAccountRoles", - "description": "Grants permission to delete account roles. DEPRECATED - use UpdateAccountSettings instead", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteAccountRoles.html" - }, - "DeleteComponent": { - "privilege": "DeleteComponent", - "description": "Grants permission to delete component", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteComponent.html" - }, - "DeleteEnvironment": { - "privilege": "DeleteEnvironment", - "description": "Grants permission to delete an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:EnvironmentTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironment.html" - }, - "DeleteEnvironmentAccountConnection": { - "privilege": "DeleteEnvironmentAccountConnection", - "description": "Grants permission to delete an environment account connection", - "access_level": "Write", - "resource_types": { - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentAccountConnection.html" - }, - "DeleteEnvironmentTemplate": { - "privilege": "DeleteEnvironmentTemplate", - "description": "Grants permission to delete an environment template", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplate.html" - }, - "DeleteEnvironmentTemplateMajorVersion": { - "privilege": "DeleteEnvironmentTemplateMajorVersion", - "description": "Grants permission to delete an environment template major version. DEPRECATED - use DeleteEnvironmentTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplateMajorVersion.html" - }, - "DeleteEnvironmentTemplateMinorVersion": { - "privilege": "DeleteEnvironmentTemplateMinorVersion", - "description": "Grants permission to delete an environment template minor version. DEPRECATED - use DeleteEnvironmentTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplateMinorVersion.html" - }, - "DeleteEnvironmentTemplateVersion": { - "privilege": "DeleteEnvironmentTemplateVersion", - "description": "Grants permission to delete an environment template version", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplateVersion.html" - }, - "DeleteRepository": { - "privilege": "DeleteRepository", - "description": "Grants permission to delete a repository", - "access_level": "Write", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteRepository.html" - }, - "DeleteService": { - "privilege": "DeleteService", - "description": "Grants permission to delete a service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteService.html" - }, - "DeleteServiceSyncConfig": { - "privilege": "DeleteServiceSyncConfig", - "description": "Grants permission to delete a service sync config", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceSyncConfig.html" - }, - "DeleteServiceTemplate": { - "privilege": "DeleteServiceTemplate", - "description": "Grants permission to delete a service template", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplate.html" - }, - "DeleteServiceTemplateMajorVersion": { - "privilege": "DeleteServiceTemplateMajorVersion", - "description": "Grants permission to delete a service template major version. DEPRECATED - use DeleteServiceTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplateMajorVersion.html" - }, - "DeleteServiceTemplateMinorVersion": { - "privilege": "DeleteServiceTemplateMinorVersion", - "description": "Grants permission to delete a service template minor version. DEPRECATED - use DeleteServiceTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplateMinorVersion.html" - }, - "DeleteServiceTemplateVersion": { - "privilege": "DeleteServiceTemplateVersion", - "description": "Grants permission to delete a service template version", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplateVersion.html" - }, - "DeleteTemplateSyncConfig": { - "privilege": "DeleteTemplateSyncConfig", - "description": "Grants permission to delete a TemplateSyncConfig", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteTemplateSyncConfig.html" - }, - "GetAccountRoles": { - "privilege": "GetAccountRoles", - "description": "Grants permission to get account roles. DEPRECATED - use GetAccountSettings instead", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetAccountRoles.html" - }, - "GetAccountSettings": { - "privilege": "GetAccountSettings", - "description": "Grants permission to describe the account settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetAccountSettings.html" - }, - "GetComponent": { - "privilege": "GetComponent", - "description": "Grants permission to describe a component", - "access_level": "Read", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetComponent.html" - }, - "GetEnvironment": { - "privilege": "GetEnvironment", - "description": "Grants permission to describe an environment", - "access_level": "Read", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironment.html" - }, - "GetEnvironmentAccountConnection": { - "privilege": "GetEnvironmentAccountConnection", - "description": "Grants permission to describe an environment account connection", - "access_level": "Read", - "resource_types": { - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentAccountConnection.html" - }, - "GetEnvironmentTemplate": { - "privilege": "GetEnvironmentTemplate", - "description": "Grants permission to describe an environment template", - "access_level": "Read", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplate.html" - }, - "GetEnvironmentTemplateMajorVersion": { - "privilege": "GetEnvironmentTemplateMajorVersion", - "description": "Grants permission to get an environment template major version. DEPRECATED - use GetEnvironmentTemplateVersion instead", - "access_level": "Read", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplateMajorVersion.html" - }, - "GetEnvironmentTemplateMinorVersion": { - "privilege": "GetEnvironmentTemplateMinorVersion", - "description": "Grants permission to get an environment template minor version. DEPRECATED - use GetEnvironmentTemplateVersion instead", - "access_level": "Read", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplateMinorVersion.html" - }, - "GetEnvironmentTemplateVersion": { - "privilege": "GetEnvironmentTemplateVersion", - "description": "Grants permission to describe an environment template version", - "access_level": "Read", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplateVersion.html" - }, - "GetRepository": { - "privilege": "GetRepository", - "description": "Grants permission to describe a repository", - "access_level": "Read", - "resource_types": { - "repository": { - "resource_type": "repository", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetRepository.html" - }, - "GetRepositorySyncStatus": { - "privilege": "GetRepositorySyncStatus", - "description": "Grants permission to get the latest sync status for a repository", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetRepositorySyncStatus.html" - }, - "GetResourceTemplateVersionStatusCounts": { - "privilege": "GetResourceTemplateVersionStatusCounts", - "description": "Grants permission to list resource template version status counts", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetResourceTemplateVersionStatusCounts.html" - }, - "GetResourcesSummary": { - "privilege": "GetResourcesSummary", - "description": "Grants permission to get resources summary", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetResourcesSummary.html" - }, - "GetService": { - "privilege": "GetService", - "description": "Grants permission to describe a service", - "access_level": "Read", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetService.html" - }, - "GetServiceInstance": { - "privilege": "GetServiceInstance", - "description": "Grants permission to describe a service instance", - "access_level": "Read", - "resource_types": { - "service-instance": { - "resource_type": "service-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceInstance.html" - }, - "GetServiceInstanceSyncStatus": { - "privilege": "GetServiceInstanceSyncStatus", - "description": "Grants permission to describe the sync status of a service instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceInstanceSyncStatus.html" - }, - "GetServiceSyncBlockerSummary": { - "privilege": "GetServiceSyncBlockerSummary", - "description": "Grants permission to describe service sync blockers on a service or service instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceSyncBlockerSummary.html" - }, - "GetServiceSyncConfig": { - "privilege": "GetServiceSyncConfig", - "description": "Grants permission to describe a service sync config", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceSyncConfig.html" - }, - "GetServiceTemplate": { - "privilege": "GetServiceTemplate", - "description": "Grants permission to describe a service template", - "access_level": "Read", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplate.html" - }, - "GetServiceTemplateMajorVersion": { - "privilege": "GetServiceTemplateMajorVersion", - "description": "Grants permission to get a service template major version. DEPRECATED - use GetServiceTemplateVersion instead", - "access_level": "Read", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplateMajorVersion.html" - }, - "GetServiceTemplateMinorVersion": { - "privilege": "GetServiceTemplateMinorVersion", - "description": "Grants permission to get a service template minor version. DEPRECATED - use GetServiceTemplateVersion instead", - "access_level": "Read", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplateMinorVersion.html" - }, - "GetServiceTemplateVersion": { - "privilege": "GetServiceTemplateVersion", - "description": "Grants permission to describe a service template version", - "access_level": "Read", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplateVersion.html" - }, - "GetTemplateSyncConfig": { - "privilege": "GetTemplateSyncConfig", - "description": "Grants permission to describe a TemplateSyncConfig", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetTemplateSyncConfig.html" - }, - "GetTemplateSyncStatus": { - "privilege": "GetTemplateSyncStatus", - "description": "Grants permission to describe the sync status of a template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetTemplateSyncStatus.html" - }, - "ListComponentOutputs": { - "privilege": "ListComponentOutputs", - "description": "Grants permission to list component outputs", - "access_level": "List", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListComponentOutputs.html" - }, - "ListComponentProvisionedResources": { - "privilege": "ListComponentProvisionedResources", - "description": "Grants permission to list component provisioned resources", - "access_level": "List", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListComponentProvisionedResources.html" - }, - "ListComponents": { - "privilege": "ListComponents", - "description": "Grants permission to list components", - "access_level": "List", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-instance": { - "resource_type": "service-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListComponents.html" - }, - "ListEnvironmentAccountConnections": { - "privilege": "ListEnvironmentAccountConnections", - "description": "Grants permission to list environment account connections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentAccountConnections.html" - }, - "ListEnvironmentOutputs": { - "privilege": "ListEnvironmentOutputs", - "description": "Grants permission to list environment outputs", - "access_level": "List", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentOutputs.html" - }, - "ListEnvironmentProvisionedResources": { - "privilege": "ListEnvironmentProvisionedResources", - "description": "Grants permission to list environment provisioned resources", - "access_level": "List", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentProvisionedResources.html" - }, - "ListEnvironmentTemplateMajorVersions": { - "privilege": "ListEnvironmentTemplateMajorVersions", - "description": "Grants permission to list environment template major versions. DEPRECATED - use ListEnvironmentTemplateVersions instead", - "access_level": "List", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplateMajorVersions.html" - }, - "ListEnvironmentTemplateMinorVersions": { - "privilege": "ListEnvironmentTemplateMinorVersions", - "description": "Grants permission to list an environment template minor versions. DEPRECATED - use ListEnvironmentTemplateVersions instead", - "access_level": "List", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplateMinorVersions.html" - }, - "ListEnvironmentTemplateVersions": { - "privilege": "ListEnvironmentTemplateVersions", - "description": "Grants permission to list environment template versions", - "access_level": "List", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplateVersions.html" - }, - "ListEnvironmentTemplates": { - "privilege": "ListEnvironmentTemplates", - "description": "Grants permission to list environment templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplates.html" - }, - "ListEnvironments": { - "privilege": "ListEnvironments", - "description": "Grants permission to list environments", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironments.html" - }, - "ListRepositories": { - "privilege": "ListRepositories", - "description": "Grants permission to list repositories", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListRepositories.html" - }, - "ListRepositorySyncDefinitions": { - "privilege": "ListRepositorySyncDefinitions", - "description": "Grants permission to list repository sync definitions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListRepositorySyncDefinitions.html" - }, - "ListServiceInstanceOutputs": { - "privilege": "ListServiceInstanceOutputs", - "description": "Grants permission to list service instance outputs", - "access_level": "List", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "service-instance": { - "resource_type": "service-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceInstanceOutputs.html" - }, - "ListServiceInstanceProvisionedResources": { - "privilege": "ListServiceInstanceProvisionedResources", - "description": "Grants permission to list service instance provisioned resources", - "access_level": "List", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "service-instance": { - "resource_type": "service-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceInstanceProvisionedResources.html" - }, - "ListServiceInstances": { - "privilege": "ListServiceInstances", - "description": "Grants permission to list service instances", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceInstances.html" - }, - "ListServicePipelineOutputs": { - "privilege": "ListServicePipelineOutputs", - "description": "Grants permission to list service pipeline outputs", - "access_level": "List", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServicePipelineOutputs.html" - }, - "ListServicePipelineProvisionedResources": { - "privilege": "ListServicePipelineProvisionedResources", - "description": "Grants permission to list service pipeline provisioned resources", - "access_level": "List", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServicePipelineProvisionedResources.html" - }, - "ListServiceTemplateMajorVersions": { - "privilege": "ListServiceTemplateMajorVersions", - "description": "Grants permission to list service template major versions. DEPRECATED - use ListServiceTemplateVersions instead", - "access_level": "List", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplateMajorVersions.html" - }, - "ListServiceTemplateMinorVersions": { - "privilege": "ListServiceTemplateMinorVersions", - "description": "Grants permission to list service template minor versions. DEPRECATED - use ListServiceTemplateVersions instead", - "access_level": "List", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplateMinorVersions.html" - }, - "ListServiceTemplateVersions": { - "privilege": "ListServiceTemplateVersions", - "description": "Grants permission to list service template versions", - "access_level": "List", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplateVersions.html" - }, - "ListServiceTemplates": { - "privilege": "ListServiceTemplates", - "description": "Grants permission to list service templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplates.html" - }, - "ListServices": { - "privilege": "ListServices", - "description": "Grants permission to list services", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServices.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags of a resource", - "access_level": "Read", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template": { - "resource_type": "environment-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-major-version": { - "resource_type": "environment-template-major-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-minor-version": { - "resource_type": "environment-template-minor-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-version": { - "resource_type": "environment-template-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-instance": { - "resource_type": "service-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template": { - "resource_type": "service-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-major-version": { - "resource_type": "service-template-major-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-minor-version": { - "resource_type": "service-template-minor-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-version": { - "resource_type": "service-template-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListTagsForResource.html" - }, - "NotifyResourceDeploymentStatusChange": { - "privilege": "NotifyResourceDeploymentStatusChange", - "description": "Grants permission to notify Proton of resource deployment status changes", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-instance": { - "resource_type": "service-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_NotifyResourceDeploymentStatusChange.html" - }, - "RejectEnvironmentAccountConnection": { - "privilege": "RejectEnvironmentAccountConnection", - "description": "Grants permission to reject an environment account connection request from another environment account", - "access_level": "Write", - "resource_types": { - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_RejectEnvironmentAccountConnection.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a resource", - "access_level": "Tagging", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template": { - "resource_type": "environment-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-major-version": { - "resource_type": "environment-template-major-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-minor-version": { - "resource_type": "environment-template-minor-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-version": { - "resource_type": "environment-template-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-instance": { - "resource_type": "service-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template": { - "resource_type": "service-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-major-version": { - "resource_type": "service-template-major-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-minor-version": { - "resource_type": "service-template-minor-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-version": { - "resource_type": "service-template-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "component": { - "resource_type": "component", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment": { - "resource_type": "environment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template": { - "resource_type": "environment-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-major-version": { - "resource_type": "environment-template-major-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-minor-version": { - "resource_type": "environment-template-minor-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "environment-template-version": { - "resource_type": "environment-template-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "repository": { - "resource_type": "repository", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service": { - "resource_type": "service", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-instance": { - "resource_type": "service-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template": { - "resource_type": "service-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-major-version": { - "resource_type": "service-template-major-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-minor-version": { - "resource_type": "service-template-minor-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "service-template-version": { - "resource_type": "service-template-version", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UntagResource.html" - }, - "UpdateAccountRoles": { - "privilege": "UpdateAccountRoles", - "description": "Grants permission to update account roles. DEPRECATED - use UpdateAccountSettings instead", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateAccountRoles.html" - }, - "UpdateAccountSettings": { - "privilege": "UpdateAccountSettings", - "description": "Grants permission to update the account settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateAccountSettings.html" - }, - "UpdateComponent": { - "privilege": "UpdateComponent", - "description": "Grants permission to update component", - "access_level": "Write", - "resource_types": { - "component": { - "resource_type": "component", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateComponent.html" - }, - "UpdateEnvironment": { - "privilege": "UpdateEnvironment", - "description": "Grants permission to update an environment", - "access_level": "Write", - "resource_types": { - "environment": { - "resource_type": "environment", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:EnvironmentTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironment.html" - }, - "UpdateEnvironmentAccountConnection": { - "privilege": "UpdateEnvironmentAccountConnection", - "description": "Grants permission to update an environment account connection", - "access_level": "Write", - "resource_types": { - "environment-account-connection": { - "resource_type": "environment-account-connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentAccountConnection.html" - }, - "UpdateEnvironmentTemplate": { - "privilege": "UpdateEnvironmentTemplate", - "description": "Grants permission to update an environment template", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplate.html" - }, - "UpdateEnvironmentTemplateMajorVersion": { - "privilege": "UpdateEnvironmentTemplateMajorVersion", - "description": "Grants permission to update an environment template major version. DEPRECATED - use UpdateEnvironmentTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplateMajorVersion.html" - }, - "UpdateEnvironmentTemplateMinorVersion": { - "privilege": "UpdateEnvironmentTemplateMinorVersion", - "description": "Grants permission to update an environment template minor version. DEPRECATED - use UpdateEnvironmentTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplateMinorVersion.html" - }, - "UpdateEnvironmentTemplateVersion": { - "privilege": "UpdateEnvironmentTemplateVersion", - "description": "Grants permission to update an environment template version", - "access_level": "Write", - "resource_types": { - "environment-template": { - "resource_type": "environment-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplateVersion.html" - }, - "UpdateService": { - "privilege": "UpdateService", - "description": "Grants permission to update a service", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateService.html" - }, - "UpdateServiceInstance": { - "privilege": "UpdateServiceInstance", - "description": "Grants permission to update a service instance", - "access_level": "Write", - "resource_types": { - "service-instance": { - "resource_type": "service-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceInstance.html" - }, - "UpdateServicePipeline": { - "privilege": "UpdateServicePipeline", - "description": "Grants permission to update a service pipeline", - "access_level": "Write", - "resource_types": { - "service": { - "resource_type": "service", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "proton:ServiceTemplate" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServicePipeline.html" - }, - "UpdateServiceSyncBlocker": { - "privilege": "UpdateServiceSyncBlocker", - "description": "Grants permission to update a service sync blocker", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceSyncBlocker.html" - }, - "UpdateServiceSyncConfig": { - "privilege": "UpdateServiceSyncConfig", - "description": "Grants permission to update a service sync config", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceSyncConfig.html" - }, - "UpdateServiceTemplate": { - "privilege": "UpdateServiceTemplate", - "description": "Grants permission to update a service template", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplate.html" - }, - "UpdateServiceTemplateMajorVersion": { - "privilege": "UpdateServiceTemplateMajorVersion", - "description": "Grants permission to update a service template major version. DEPRECATED - use UpdateServiceTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplateMajorVersion.html" - }, - "UpdateServiceTemplateMinorVersion": { - "privilege": "UpdateServiceTemplateMinorVersion", - "description": "Grants permission to create a service template minor version. DEPRECATED - use UpdateServiceTemplateVersion instead", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplateMinorVersion.html" - }, - "UpdateServiceTemplateVersion": { - "privilege": "UpdateServiceTemplateVersion", - "description": "Grants permission to update a service template version", - "access_level": "Write", - "resource_types": { - "service-template": { - "resource_type": "service-template", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplateVersion.html" - }, - "UpdateTemplateSyncConfig": { - "privilege": "UpdateTemplateSyncConfig", - "description": "Grants permission to update a TemplateSyncConfig", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateTemplateSyncConfig.html" - } - }, - "resources": { - "environment-template": { - "resource": "environment-template", - "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "environment-template-version": { - "resource": "environment-template-version", - "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}:${MajorVersion}.${MinorVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "environment-template-major-version": { - "resource": "environment-template-major-version", - "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}:${MajorVersionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "environment-template-minor-version": { - "resource": "environment-template-minor-version", - "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}:${MajorVersionId}.${MinorVersionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "service-template": { - "resource": "service-template", - "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "service-template-version": { - "resource": "service-template-version", - "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}:${MajorVersion}.${MinorVersion}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "service-template-major-version": { - "resource": "service-template-major-version", - "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}:${MajorVersionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "service-template-minor-version": { - "resource": "service-template-minor-version", - "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}:${MajorVersionId}.${MinorVersionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "environment": { - "resource": "environment", - "arn": "arn:${Partition}:proton:${Region}:${Account}:environment/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "service": { - "resource": "service", - "arn": "arn:${Partition}:proton:${Region}:${Account}:service/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "service-instance": { - "resource": "service-instance", - "arn": "arn:${Partition}:proton:${Region}:${Account}:service/${ServiceName}/service-instance/${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "environment-account-connection": { - "resource": "environment-account-connection", - "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-account-connection/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "repository": { - "resource": "repository", - "arn": "arn:${Partition}:proton:${Region}:${Account}:repository/${Provider}:${Name}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "component": { - "resource": "component", - "arn": "arn:${Partition}:proton:${Region}:${Account}:component/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys in the request", - "type": "ArrayOfString" - }, - "proton:EnvironmentTemplate": { - "condition": "proton:EnvironmentTemplate", - "description": "Filters access by specified environment template related to resource", - "type": "String" - }, - "proton:ServiceTemplate": { - "condition": "proton:ServiceTemplate", - "description": "Filters access by specified service template related to resource", - "type": "String" - } - } - }, - "purchase-orders": { - "service_name": "AWS Purchase Orders Console", - "prefix": "purchase-orders", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspurchaseordersconsole.html", - "privileges": { - "AddPurchaseOrder": { - "privilege": "AddPurchaseOrder", - "description": "Grants permission to add a new purchase order", - "access_level": "Write", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "DeletePurchaseOrder": { - "privilege": "DeletePurchaseOrder", - "description": "Grants permission to delete a purchase order", - "access_level": "Write", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetConsoleActionSetEnforced": { - "privilege": "GetConsoleActionSetEnforced", - "description": "Grants permission to view whether existing or fine-grained IAM actions are being used to control authorization to Billing, Cost Management, and Account consoles", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "GetPurchaseOrder": { - "privilege": "GetPurchaseOrder", - "description": "Grants permission to get a purchase order", - "access_level": "Read", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ListPurchaseOrderInvoices": { - "privilege": "ListPurchaseOrderInvoices", - "description": "Grants permission to list purchase order invoices", - "access_level": "List", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ListPurchaseOrders": { - "privilege": "ListPurchaseOrders", - "description": "Grants permission to list all purchase orders for an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a purchase order", - "access_level": "Read", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ModifyPurchaseOrders": { - "privilege": "ModifyPurchaseOrders", - "description": "Grants permission to modify purchase orders and details", - "access_level": "Write", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag purchase orders with given key value pairs", - "access_level": "Tagging", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a purchase order", - "access_level": "Tagging", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdateConsoleActionSetEnforced": { - "privilege": "UpdateConsoleActionSetEnforced", - "description": "Grants permission to change whether existing or fine-grained IAM actions will be used to control authorization to Billing, Cost Management, and Account consoles", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdatePurchaseOrder": { - "privilege": "UpdatePurchaseOrder", - "description": "Grants permission to update an existing purchase order", - "access_level": "Write", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "UpdatePurchaseOrderStatus": { - "privilege": "UpdatePurchaseOrderStatus", - "description": "Grants permission to set purchase order status", - "access_level": "Write", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - }, - "ViewPurchaseOrders": { - "privilege": "ViewPurchaseOrders", - "description": "Grants permission to view purchase orders and details", - "access_level": "Read", - "resource_types": { - "purchase-order": { - "resource_type": "purchase-order", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" - } - }, - "resources": { - "purchase-order": { - "resource": "purchase-order", - "arn": "arn:${Partition}:purchase-orders::${Account}:purchase-order/${ResourceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the set of tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - } - } - }, - "rbin": { - "service_name": "AWS Recycle Bin", - "prefix": "rbin", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsrecyclebin.html", - "privileges": { - "CreateRule": { - "privilege": "CreateRule", - "description": "Grants permission to create a Recycle Bin retention rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_CreateRule.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete a Recycle Bin retention rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_DeleteRule.html" - }, - "GetRule": { - "privilege": "GetRule", - "description": "Grants permission to get detailed information about a Recycle Bin retention rule", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_GetRule.html" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to list the Recycle Bin retention rules in the Region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_ListRules.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags associated with a resource", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_ListTagsForResource.html" - }, - "LockRule": { - "privilege": "LockRule", - "description": "Grants permission to lock an existing Recycle Bin retention rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rbin:Attribute/ResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_LockRule.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or update tags of a resource", - "access_level": "Tagging", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_TagResource.html" - }, - "UnlockRule": { - "privilege": "UnlockRule", - "description": "Grants permission to unlock an existing Recycle Bin retention rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "rbin:Attribute/ResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_UnlockRule.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags associated with a resource", - "access_level": "Tagging", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_UntagResource.html" - }, - "UpdateRule": { - "privilege": "UpdateRule", - "description": "Grants permission to update an existing Recycle Bin retention rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_UpdateRule.html" - } - }, - "resources": { - "rule": { - "resource": "rule", - "arn": "arn:${Partition}:rbin:${Region}:${Account}:rule/${ResourceName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - }, - "rbin:Attribute/ResourceType": { - "condition": "rbin:Attribute/ResourceType", - "description": "Filters access by the resource type of the existing rule", - "type": "String" - }, - "rbin:Request/ResourceType": { - "condition": "rbin:Request/ResourceType", - "description": "Filters access by the resource type in a request", - "type": "String" - } - } - }, - "resiliencehub": { - "service_name": "AWS Resilience Hub Service", - "prefix": "resiliencehub", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresiliencehubservice.html", - "privileges": { - "AddDraftAppVersionResourceMappings": { - "privilege": "AddDraftAppVersionResourceMappings", - "description": "Grants permission to add draft application version resource mappings", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStacks", - "cloudformation:ListStackResources", - "resource-groups:GetGroup", - "resource-groups:ListGroupResources", - "servicecatalog:GetApplication", - "servicecatalog:ListAssociatedResources" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_AddDraftAppVersionResourceMappings.html" - }, - "CreateApp": { - "privilege": "CreateApp", - "description": "Grants permission to create application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateApp.html" - }, - "CreateAppVersionAppComponent": { - "privilege": "CreateAppVersionAppComponent", - "description": "Grants permission to create application app component", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateAppVersionAppComponent.html" - }, - "CreateAppVersionResource": { - "privilege": "CreateAppVersionResource", - "description": "Grants permission to create application resource", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateAppVersionResource.html" - }, - "CreateRecommendationTemplate": { - "privilege": "CreateRecommendationTemplate", - "description": "Grants permission to create recommendation template", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:CreateBucket", - "s3:ListBucket", - "s3:PutObject" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateRecommendationTemplate.html" - }, - "CreateResiliencyPolicy": { - "privilege": "CreateResiliencyPolicy", - "description": "Grants permission to create resiliency policy", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateResiliencyPolicy.html" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Grants permission to batch delete application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteApp.html" - }, - "DeleteAppAssessment": { - "privilege": "DeleteAppAssessment", - "description": "Grants permission to batch delete application assessment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppAssessment.html" - }, - "DeleteAppInputSource": { - "privilege": "DeleteAppInputSource", - "description": "Grants permission to remove application input source", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppInputSource.html" - }, - "DeleteAppVersionAppComponent": { - "privilege": "DeleteAppVersionAppComponent", - "description": "Grants permission to delete application app component", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppVersionAppComponent.html" - }, - "DeleteAppVersionResource": { - "privilege": "DeleteAppVersionResource", - "description": "Grants permission to delete application resource", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppVersionResource.html" - }, - "DeleteRecommendationTemplate": { - "privilege": "DeleteRecommendationTemplate", - "description": "Grants permission to batch delete recommendation template", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteRecommendationTemplate.html" - }, - "DeleteResiliencyPolicy": { - "privilege": "DeleteResiliencyPolicy", - "description": "Grants permission to batch delete resiliency policy", - "access_level": "Write", - "resource_types": { - "resiliency-policy": { - "resource_type": "resiliency-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteResiliencyPolicy.html" - }, - "DescribeApp": { - "privilege": "DescribeApp", - "description": "Grants permission to describe application", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeApp.html" - }, - "DescribeAppAssessment": { - "privilege": "DescribeAppAssessment", - "description": "Grants permission to describe application assessment", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppAssessment.html" - }, - "DescribeAppVersion": { - "privilege": "DescribeAppVersion", - "description": "Grants permission to describe application version", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersion.html" - }, - "DescribeAppVersionAppComponent": { - "privilege": "DescribeAppVersionAppComponent", - "description": "Grants permission to describe application version app component", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionAppComponent.html" - }, - "DescribeAppVersionResource": { - "privilege": "DescribeAppVersionResource", - "description": "Grants permission to describe application version resource", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionResource.html" - }, - "DescribeAppVersionResourcesResolutionStatus": { - "privilege": "DescribeAppVersionResourcesResolutionStatus", - "description": "Grants permission to describe application resolution", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionResourcesResolutionStatus.html" - }, - "DescribeAppVersionTemplate": { - "privilege": "DescribeAppVersionTemplate", - "description": "Grants permission to describe application version template", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionTemplate.html" - }, - "DescribeDraftAppVersionResourcesImportStatus": { - "privilege": "DescribeDraftAppVersionResourcesImportStatus", - "description": "Grants permission to describe draft application version resources import status", - "access_level": "Read", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeDraftAppVersionResourcesImportStatus.html" - }, - "DescribeResiliencyPolicy": { - "privilege": "DescribeResiliencyPolicy", - "description": "Grants permission to describe resiliency policy", - "access_level": "Read", - "resource_types": { - "resiliency-policy": { - "resource_type": "resiliency-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeResiliencyPolicy.html" - }, - "ImportResourcesToDraftAppVersion": { - "privilege": "ImportResourcesToDraftAppVersion", - "description": "Grants permission to import resources to draft application version", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStacks", - "cloudformation:ListStackResources", - "resource-groups:GetGroup", - "resource-groups:ListGroupResources", - "servicecatalog:GetApplication", - "servicecatalog:ListAssociatedResources" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ImportResourcesToDraftAppVersion.html" - }, - "ListAlarmRecommendations": { - "privilege": "ListAlarmRecommendations", - "description": "Grants permission to list alarm recommendation", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAlarmRecommendations.html" - }, - "ListAppAssessments": { - "privilege": "ListAppAssessments", - "description": "Grants permission to list application assessment", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppAssessments.html" - }, - "ListAppComponentCompliances": { - "privilege": "ListAppComponentCompliances", - "description": "Grants permission to list app component compliances", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppComponentCompliances.html" - }, - "ListAppComponentRecommendations": { - "privilege": "ListAppComponentRecommendations", - "description": "Grants permission to list app component recommendations", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppComponentRecommendations.html" - }, - "ListAppInputSources": { - "privilege": "ListAppInputSources", - "description": "Grants permission to list application input sources", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppInputSources.html" - }, - "ListAppVersionAppComponents": { - "privilege": "ListAppVersionAppComponents", - "description": "Grants permission to list application version app components", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersionAppComponents.html" - }, - "ListAppVersionResourceMappings": { - "privilege": "ListAppVersionResourceMappings", - "description": "Grants permission to application version resource mappings", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersionResourceMappings.html" - }, - "ListAppVersionResources": { - "privilege": "ListAppVersionResources", - "description": "Grants permission to list application resources", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersionResources.html" - }, - "ListAppVersions": { - "privilege": "ListAppVersions", - "description": "Grants permission to list application version", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersions.html" - }, - "ListApps": { - "privilege": "ListApps", - "description": "Grants permission to list applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListApps.html" - }, - "ListRecommendationTemplates": { - "privilege": "ListRecommendationTemplates", - "description": "Grants permission to list recommendation templates", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListRecommendationTemplates.html" - }, - "ListResiliencyPolicies": { - "privilege": "ListResiliencyPolicies", - "description": "Grants permission to list resiliency policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListResiliencyPolicies.html" - }, - "ListSopRecommendations": { - "privilege": "ListSopRecommendations", - "description": "Grants permission to list SOP recommendations", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListSopRecommendations.html" - }, - "ListSuggestedResiliencyPolicies": { - "privilege": "ListSuggestedResiliencyPolicies", - "description": "Grants permission to list suggested resiliency policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListSuggestedResiliencyPolicies.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTestRecommendations": { - "privilege": "ListTestRecommendations", - "description": "Grants permission to list test recommendations", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListTestRecommendations.html" - }, - "ListUnsupportedAppVersionResources": { - "privilege": "ListUnsupportedAppVersionResources", - "description": "Grants permission to list unsupported application version resources", - "access_level": "List", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListUnsupportedAppVersionResources.html" - }, - "PublishAppVersion": { - "privilege": "PublishAppVersion", - "description": "Grants permission to publish application version", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_PublishAppVersion.html" - }, - "PutDraftAppVersionTemplate": { - "privilege": "PutDraftAppVersionTemplate", - "description": "Grants permission to put draft application version template", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html" - }, - "RemoveDraftAppVersionResourceMappings": { - "privilege": "RemoveDraftAppVersionResourceMappings", - "description": "Grants permission to remove draft application version mappings", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_RemoveDraftAppVersionResourceMappings.html" - }, - "ResolveAppVersionResources": { - "privilege": "ResolveAppVersionResources", - "description": "Grants permission to resolve application version resources", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStacks", - "cloudformation:ListStackResources", - "resource-groups:GetGroup", - "resource-groups:ListGroupResources", - "servicecatalog:GetApplication", - "servicecatalog:ListAssociatedResources" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ResolveAppVersionResources.html" - }, - "StartAppAssessment": { - "privilege": "StartAppAssessment", - "description": "Grants permission to create application assessment", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStacks", - "cloudformation:ListStackResources", - "cloudwatch:DescribeAlarms", - "cloudwatch:GetMetricData", - "cloudwatch:GetMetricStatistics", - "cloudwatch:PutMetricData", - "ec2:DescribeRegions", - "fis:GetExperimentTemplate", - "fis:ListExperimentTemplates", - "fis:ListExperiments", - "resource-groups:GetGroup", - "resource-groups:ListGroupResources", - "servicecatalog:GetApplication", - "servicecatalog:ListAssociatedResources", - "ssm:GetParametersByPath" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_StartAppAssessment.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to assign a resource tag", - "access_level": "Tagging", - "resource_types": { - "app-assessment": { - "resource_type": "app-assessment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "recommendation-template": { - "resource_type": "recommendation-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resiliency-policy": { - "resource_type": "resiliency-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "app-assessment": { - "resource_type": "app-assessment", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "recommendation-template": { - "resource_type": "recommendation-template", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resiliency-policy": { - "resource_type": "resiliency-policy", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UntagResource.html" - }, - "UpdateApp": { - "privilege": "UpdateApp", - "description": "Grants permission to update application", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateApp.html" - }, - "UpdateAppVersion": { - "privilege": "UpdateAppVersion", - "description": "Grants permission to update application version", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateAppVersion.html" - }, - "UpdateAppVersionAppComponent": { - "privilege": "UpdateAppVersionAppComponent", - "description": "Grants permission to update application app component", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateAppVersionAppComponent.html" - }, - "UpdateAppVersionResource": { - "privilege": "UpdateAppVersionResource", - "description": "Grants permission to update application resource", - "access_level": "Write", - "resource_types": { - "application": { - "resource_type": "application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateAppVersionResource.html" - }, - "UpdateResiliencyPolicy": { - "privilege": "UpdateResiliencyPolicy", - "description": "Grants permission to update resiliency policy", - "access_level": "Write", - "resource_types": { - "resiliency-policy": { - "resource_type": "resiliency-policy", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateResiliencyPolicy.html" - } - }, - "resources": { - "resiliency-policy": { - "resource": "resiliency-policy", - "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:resiliency-policy/${ResiliencyPolicyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "application": { - "resource": "application", - "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:app/${AppId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "app-assessment": { - "resource": "app-assessment", - "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:app-assessment/${AppAssessmentId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "recommendation-template": { - "resource": "recommendation-template", - "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:recommendation-template/${RecommendationTemplateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "ram": { - "service_name": "AWS Resource Access Manager", - "prefix": "ram", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresourceaccessmanager.html", - "privileges": { - "AcceptResourceShareInvitation": { - "privilege": "AcceptResourceShareInvitation", - "description": "Grants permission to accept the specified resource share invitation", - "access_level": "Permissions management", - "resource_types": { - "resource-share-invitation": { - "resource_type": "resource-share-invitation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:ShareOwnerAccountId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AcceptResourceShareInvitation.html" - }, - "AssociateResourceShare": { - "privilege": "AssociateResourceShare", - "description": "Grants permission to associate resource(s) and/or principal(s) to a resource share", - "access_level": "Permissions management", - "resource_types": { - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:ResourceTag/${TagKey}", - "ram:ResourceShareName", - "ram:AllowsExternalPrincipals", - "ram:Principal", - "ram:RequestedResourceType", - "ram:ResourceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AssociateResourceShare.html" - }, - "AssociateResourceSharePermission": { - "privilege": "AssociateResourceSharePermission", - "description": "Grants permission to associate a Permission with a Resource Share", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AssociateResourceSharePermission.html" - }, - "CreateResourceShare": { - "privilege": "CreateResourceShare", - "description": "Grants permission to create a resource share with provided resource(s) and/or principal(s)", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ram:RequestedResourceType", - "ram:ResourceArn", - "ram:RequestedAllowsExternalPrincipals", - "ram:Principal" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreateResourceShare.html" - }, - "DeleteResourceShare": { - "privilege": "DeleteResourceShare", - "description": "Grants permission to delete resource share", - "access_level": "Permissions management", - "resource_types": { - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:ResourceTag/${TagKey}", - "ram:ResourceShareName", - "ram:AllowsExternalPrincipals" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeleteResourceShare.html" - }, - "DisassociateResourceShare": { - "privilege": "DisassociateResourceShare", - "description": "Grants permission to disassociate resource(s) and/or principal(s) from a resource share", - "access_level": "Permissions management", - "resource_types": { - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:ResourceTag/${TagKey}", - "ram:ResourceShareName", - "ram:AllowsExternalPrincipals", - "ram:Principal", - "ram:RequestedResourceType", - "ram:ResourceArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DisassociateResourceShare.html" - }, - "DisassociateResourceSharePermission": { - "privilege": "DisassociateResourceSharePermission", - "description": "Grants permission to disassociate a Permission from a Resource Share", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DisassociateResourceSharePermission.html" - }, - "EnableSharingWithAwsOrganization": { - "privilege": "EnableSharingWithAwsOrganization", - "description": "Grants permission to access customer's organization and create a SLR in the customer's account", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "organizations:DescribeOrganization", - "organizations:EnableAWSServiceAccess" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_EnableSharingWithAwsOrganization.html" - }, - "GetPermission": { - "privilege": "GetPermission", - "description": "Grants permission to get the contents of an AWS RAM permission", - "access_level": "Read", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetPermission.html" - }, - "GetResourcePolicies": { - "privilege": "GetResourcePolicies", - "description": "Grants permission to get the policies for the specified resources that you own and have shared", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourcePolicies.html" - }, - "GetResourceShareAssociations": { - "privilege": "GetResourceShareAssociations", - "description": "Grants permission to get a set of resource share associations from a provided list or with a specified status of the specified type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareAssociations.html" - }, - "GetResourceShareInvitations": { - "privilege": "GetResourceShareInvitations", - "description": "Grants permission to get resource share invitations by the specified invitation arn or those for the resource share", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareInvitations.html" - }, - "GetResourceShares": { - "privilege": "GetResourceShares", - "description": "Grants permission to get a set of resource shares from a provided list or with a specified status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShares.html" - }, - "ListPendingInvitationResources": { - "privilege": "ListPendingInvitationResources", - "description": "Grants permission to list the resources in a resource share that is shared with you but that the invitation is still pending for", - "access_level": "Read", - "resource_types": { - "resource-share-invitation": { - "resource_type": "resource-share-invitation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPendingInvitationResources.html" - }, - "ListPermissionVersions": { - "privilege": "ListPermissionVersions", - "description": "Grants permission to list the versions of an AWS RAM permission", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissionVersions.html" - }, - "ListPermissions": { - "privilege": "ListPermissions", - "description": "Grants permission to list the AWS RAM permissions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissions.html" - }, - "ListPrincipals": { - "privilege": "ListPrincipals", - "description": "Grants permission to list the principals that you have shared resources with or that have shared resources with you", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPrincipals.html" - }, - "ListResourceSharePermissions": { - "privilege": "ListResourceSharePermissions", - "description": "Grants permission to list the Permissions associated with a Resource Share", - "access_level": "List", - "resource_types": { - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:ResourceShareName", - "ram:AllowsExternalPrincipals" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceSharePermissions.html" - }, - "ListResourceTypes": { - "privilege": "ListResourceTypes", - "description": "Grants permission to list the shareable resource types supported by AWS RAM", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html" - }, - "ListResources": { - "privilege": "ListResources", - "description": "Grants permission to list the resources that you added to resource shares or the resources that are shared with you", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResources.html" - }, - "PromoteResourceShareCreatedFromPolicy": { - "privilege": "PromoteResourceShareCreatedFromPolicy", - "description": "Grants permission to promote the specified resource share", - "access_level": "Write", - "resource_types": { - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_PromoteResourceShareCreatedFromPolicy.html" - }, - "RejectResourceShareInvitation": { - "privilege": "RejectResourceShareInvitation", - "description": "Grants permission to reject the specified resource share invitation", - "access_level": "Permissions management", - "resource_types": { - "resource-share-invitation": { - "resource_type": "resource-share-invitation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:ShareOwnerAccountId" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_RejectResourceShareInvitation.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag the specified resource share or permission", - "access_level": "Tagging", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resource-share": { - "resource_type": "resource-share", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified resource share or permission", - "access_level": "Tagging", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "resource-share": { - "resource_type": "resource-share", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_UntagResource.html" - }, - "UpdateResourceShare": { - "privilege": "UpdateResourceShare", - "description": "Grants permission to update attributes of the resource share", - "access_level": "Permissions management", - "resource_types": { - "resource-share": { - "resource_type": "resource-share", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:ResourceTag/${TagKey}", - "ram:ResourceShareName", - "ram:AllowsExternalPrincipals", - "ram:RequestedAllowsExternalPrincipals" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_UpdateResourceShare.html" - }, - "CreatePermission": { - "privilege": "CreatePermission", - "description": "Grants permission to create a Permission that can be associated to a Resource Share", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType", - "aws:ResourceTag/${TagKey}", - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [ - "ram:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreatePermission.html" - }, - "CreatePermissionVersion": { - "privilege": "CreatePermissionVersion", - "description": "Grants permission to create a new version of a Permission that can be associated to a Resource Share", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreatePermissionVersion.html" - }, - "DeletePermission": { - "privilege": "DeletePermission", - "description": "Grants permission to delete a specified Permission", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:PermissionArn", - "ram:PermissionResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeletePermission.html" - }, - "DeletePermissionVersion": { - "privilege": "DeletePermissionVersion", - "description": "Grants permission to delete a specified version of a permission", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeletePermissionVersion.html" - }, - "ListPermissionAssociations": { - "privilege": "ListPermissionAssociations", - "description": "Grants permission to list information about the permission and any associations", - "access_level": "List", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissionAssociations.html" - }, - "ListReplacePermissionAssociationsWork": { - "privilege": "ListReplacePermissionAssociationsWork", - "description": "Grants permission to retrieve the status of the asynchronous permission replacement", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListReplacePermissionAssociationsWork.html" - }, - "PromotePermissionCreatedFromPolicy": { - "privilege": "PromotePermissionCreatedFromPolicy", - "description": "Grants permission to create a separate, fully manageable customer managed permission", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_PromotePermissionCreatedFromPolicy.html" - }, - "ReplacePermissionAssociations": { - "privilege": "ReplacePermissionAssociations", - "description": "Grants permission to update all resource shares to a new permission", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "permission": { - "resource_type": "permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ReplacePermissionAssociations.html" - }, - "SetDefaultPermissionVersion": { - "privilege": "SetDefaultPermissionVersion", - "description": "Grants permission to specify a version number as the default version for the respective customer managed permission", - "access_level": "Write", - "resource_types": { - "customer-managed-permission": { - "resource_type": "customer-managed-permission", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_SetDefaultPermissionVersion.html" - } - }, - "resources": { - "resource-share": { - "resource": "resource-share", - "arn": "arn:${Partition}:ram:${Region}:${Account}:resource-share/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:AllowsExternalPrincipals", - "ram:ResourceShareName" - ] - }, - "resource-share-invitation": { - "resource": "resource-share-invitation", - "arn": "arn:${Partition}:ram:${Region}:${Account}:resource-share-invitation/${ResourcePath}", - "condition_keys": [ - "ram:ShareOwnerAccountId" - ] - }, - "permission": { - "resource": "permission", - "arn": "arn:${Partition}:ram::${Account}:permission/${ResourcePath}", - "condition_keys": [ - "ram:PermissionArn", - "ram:PermissionResourceType" - ] - }, - "customer-managed-permission": { - "resource": "customer-managed-permission", - "arn": "arn:${Partition}:ram:${Region}:${Account}:permission/${ResourcePath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ram:PermissionArn", - "ram:PermissionResourceType" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request when creating or tagging a resource share. If users don't pass these specific tags, or if they don't specify tags at all, the request fails", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed when creating or tagging a resource share", - "type": "ArrayOfString" - }, - "ram:AllowsExternalPrincipals": { - "condition": "ram:AllowsExternalPrincipals", - "description": "Filters access by resource shares that allow or deny sharing with external principals. For example, specify true if the action can only be performed on resource shares that allow sharing with external principals. External principals are AWS accounts that are outside of its AWS organization", - "type": "Bool" - }, - "ram:PermissionArn": { - "condition": "ram:PermissionArn", - "description": "Filters access by the specified Permission ARN", - "type": "ARN" - }, - "ram:PermissionResourceType": { - "condition": "ram:PermissionResourceType", - "description": "Filters access by permissions of specified resource type", - "type": "String" - }, - "ram:Principal": { - "condition": "ram:Principal", - "description": "Filters access by format of the specified principal", - "type": "String" - }, - "ram:RequestedAllowsExternalPrincipals": { - "condition": "ram:RequestedAllowsExternalPrincipals", - "description": "Filters access by the specified value for 'allowExternalPrincipals'. External principals are AWS accounts that are outside of its AWS Organization", - "type": "Bool" - }, - "ram:RequestedResourceType": { - "condition": "ram:RequestedResourceType", - "description": "Filters access by the specified resource type", - "type": "String" - }, - "ram:ResourceArn": { - "condition": "ram:ResourceArn", - "description": "Filters access by the specified ARN", - "type": "ARN" - }, - "ram:ResourceShareName": { - "condition": "ram:ResourceShareName", - "description": "Filters access by a resource share with the specified name", - "type": "String" - }, - "ram:ShareOwnerAccountId": { - "condition": "ram:ShareOwnerAccountId", - "description": "Filters access by resource shares owned by a specific account. For example, you can use this condition key to specify which resource share invitations can be accepted or rejected based on the resource share owner\u2019s account ID", - "type": "String" - }, - "ram:ResourceTag/${TagKey}": { - "condition": "ram:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - } - } - }, - "resource-explorer-2": { - "service_name": "AWS Resource Explorer", - "prefix": "resource-explorer-2", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresourceexplorer.html", - "privileges": { - "AssociateDefaultView": { - "privilege": "AssociateDefaultView", - "description": "Grants permission to set the specified view as the default for this AWS Region in this AWS account", - "access_level": "Write", - "resource_types": { - "view": { - "resource_type": "view", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_AssociateDefaultView.html" - }, - "BatchGetView": { - "privilege": "BatchGetView", - "description": "Grants permission to retrieve details about views that you specify by a list of ARNs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "resource-explorer-2:GetView" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_BatchGetView.html" - }, - "CreateIndex": { - "privilege": "CreateIndex", - "description": "Grants permission to turn on Resource Explorer in the AWS Region in which you called this operation by creating an index", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_CreateIndex.html" - }, - "CreateView": { - "privilege": "CreateView", - "description": "Grants permission to create a view that users can query", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_CreateView.html" - }, - "DeleteIndex": { - "privilege": "DeleteIndex", - "description": "Grants permission to turn off Resource Explorer in the specified AWS Region by deleting the index", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_DeleteIndex.html" - }, - "DeleteView": { - "privilege": "DeleteView", - "description": "Grants permission to delete a view", - "access_level": "Write", - "resource_types": { - "view": { - "resource_type": "view", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_DeleteView.html" - }, - "DisassociateDefaultView": { - "privilege": "DisassociateDefaultView", - "description": "Grants permission to remove the default view for the AWS Region in which you call this operation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_DisassociateDefaultView.html" - }, - "GetDefaultView": { - "privilege": "GetDefaultView", - "description": "Grants permission to retrieve the Amazon resource name (ARN) of the view that is the default for the AWS Region in which you call this operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_GetDefaultView.html" - }, - "GetIndex": { - "privilege": "GetIndex", - "description": "Grants permission to retrieve information about the index in the AWS Region in which you call this operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_GetIndex.html" - }, - "GetView": { - "privilege": "GetView", - "description": "Grants permission to retrieve information about the specified view", - "access_level": "Read", - "resource_types": { - "view": { - "resource_type": "view", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_GetView.html" - }, - "ListIndexes": { - "privilege": "ListIndexes", - "description": "Grants permission to list the indexes in all AWS Regions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListIndexes.html" - }, - "ListSupportedResourceTypes": { - "privilege": "ListSupportedResourceTypes", - "description": "Grants permission to retrieve a list of all resource types currently supported by Resource Explorer", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListSupportedResourceTypes.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags that are attached to the specified resource", - "access_level": "Read", - "resource_types": { - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "view": { - "resource_type": "view", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListTagsForResource.html" - }, - "ListViews": { - "privilege": "ListViews", - "description": "Grants permission to list the Amazon resource names (ARNs) of all of the views available in the AWS Region in which you call this operation", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListViews.html" - }, - "Search": { - "privilege": "Search", - "description": "Grants permission to search for resources and display details about all resources that match the specified criteria", - "access_level": "Read", - "resource_types": { - "view": { - "resource_type": "view", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tag key and value pairs to the specified resource", - "access_level": "Tagging", - "resource_types": { - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "view": { - "resource_type": "view", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tag key and value pairs from the specified resource", - "access_level": "Tagging", - "resource_types": { - "index": { - "resource_type": "index", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "view": { - "resource_type": "view", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_UntagResource.html" - }, - "UpdateIndexType": { - "privilege": "UpdateIndexType", - "description": "Grants permission to change the type of the index from LOCAL to AGGREGATOR or back", - "access_level": "Write", - "resource_types": { - "index": { - "resource_type": "index", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_UpdateIndexType.html" - }, - "UpdateView": { - "privilege": "UpdateView", - "description": "Grants permission to modify some of the details of a view", - "access_level": "Write", - "resource_types": { - "view": { - "resource_type": "view", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_UpdateView.html" - } - }, - "resources": { - "view": { - "resource": "view", - "arn": "arn:${Partition}:resource-explorer-2:${Region}:${Account}:view/${ViewName}/${ViewUuid}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "index": { - "resource": "index", - "arn": "arn:${Partition}:resource-explorer-2:${Region}:${Account}:index/${IndexUuid}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tag keys that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag keyss attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "resource-groups": { - "service_name": "AWS Resource Groups", - "prefix": "resource-groups", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresourcegroups.html", - "privileges": { - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a resource group with a specified name, description, and resource query", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_CreateGroup.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete a specified resource group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_DeleteGroup.html" - }, - "GetAccountSettings": { - "privilege": "GetAccountSettings", - "description": "Grants permission to get the current status of optional features in Resource Groups", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetAccountSettings.html" - }, - "GetGroup": { - "privilege": "GetGroup", - "description": "Grants permission to get information of a specified resource group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetGroup.html" - }, - "GetGroupConfiguration": { - "privilege": "GetGroupConfiguration", - "description": "Grants permission to get the service configuration associated with the specified resource group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetGroupConfiguration.html" - }, - "GetGroupQuery": { - "privilege": "GetGroupQuery", - "description": "Grants permission to get the query associated with a specified resource group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetGroupQuery.html" - }, - "GetTags": { - "privilege": "GetTags", - "description": "Grants permission to get the tags associated with a specified resource group", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetTags.html" - }, - "GroupResources": { - "privilege": "GroupResources", - "description": "Grants permission to add the specified resources to the specified group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GroupResources.html" - }, - "ListGroupResources": { - "privilege": "ListGroupResources", - "description": "Grants permission to list the resources that are members of a specified resource group", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStacks", - "cloudformation:ListStackResources", - "tag:GetResources" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_ListGroupResources.html" - }, - "ListGroups": { - "privilege": "ListGroups", - "description": "Grants permission to list all resource groups in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_ListGroups.html" - }, - "PutGroupConfiguration": { - "privilege": "PutGroupConfiguration", - "description": "Grants permission to put the service configuration associated with the specified resource group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_PutGroupConfiguration.html" - }, - "PutGroupPolicy": { - "privilege": "PutGroupPolicy", - "description": "Grants permission to add a resource-based policy for the specified group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/userguide/management-role.html#service-linked-role-permissions-management-role" - }, - "SearchResources": { - "privilege": "SearchResources", - "description": "Grants permission to search for AWS resources matching the given query", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStacks", - "cloudformation:ListStackResources", - "tag:GetResources" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_SearchResources.html" - }, - "Tag": { - "privilege": "Tag", - "description": "Grants permission to tag a specified resource group", - "access_level": "Tagging", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_Tag.html" - }, - "UngroupResources": { - "privilege": "UngroupResources", - "description": "Grants permission to remove the specified resources from the specified group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UngroupResources.html" - }, - "Untag": { - "privilege": "Untag", - "description": "Grants permission to remove tags associated with a specified resource group", - "access_level": "Tagging", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_Untag.html" - }, - "UpdateAccountSettings": { - "privilege": "UpdateAccountSettings", - "description": "Grants permission to update optional features in Resource Groups", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UpdateAccountSettings.html" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to update a specified resource group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UpdateGroup.html" - }, - "UpdateGroupQuery": { - "privilege": "UpdateGroupQuery", - "description": "Grants permission to update the query associated with a specified resource group", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UpdateGroupQuery.html" - } - }, - "resources": { - "group": { - "resource": "group", - "arn": "arn:${Partition}:resource-groups:${Region}:${Account}:group/${GroupName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "robomaker": { - "service_name": "AWS RoboMaker", - "prefix": "robomaker", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsrobomaker.html", - "privileges": { - "BatchDeleteWorlds": { - "privilege": "BatchDeleteWorlds", - "description": "Delete one or more worlds in a batch operation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_BatchDeleteWorlds.html" - }, - "BatchDescribeSimulationJob": { - "privilege": "BatchDescribeSimulationJob", - "description": "Describe multiple simulation jobs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_BatchDescribeSimulationJob.html" - }, - "CancelDeploymentJob": { - "privilege": "CancelDeploymentJob", - "description": "Cancel a deployment job", - "access_level": "Write", - "resource_types": { - "deploymentJob": { - "resource_type": "deploymentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelDeploymentJob.html" - }, - "CancelSimulationJob": { - "privilege": "CancelSimulationJob", - "description": "Cancel a simulation job", - "access_level": "Write", - "resource_types": { - "simulationJob": { - "resource_type": "simulationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelSimulationJob.html" - }, - "CancelSimulationJobBatch": { - "privilege": "CancelSimulationJobBatch", - "description": "Cancel a simulation job batch", - "access_level": "Write", - "resource_types": { - "simulationJobBatch": { - "resource_type": "simulationJobBatch", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelSimulationJobBatch.html" - }, - "CancelWorldExportJob": { - "privilege": "CancelWorldExportJob", - "description": "Cancel a world export job", - "access_level": "Write", - "resource_types": { - "worldExportJob": { - "resource_type": "worldExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelWorldExportJob.html" - }, - "CancelWorldGenerationJob": { - "privilege": "CancelWorldGenerationJob", - "description": "Cancel a world generation job", - "access_level": "Write", - "resource_types": { - "worldGenerationJob": { - "resource_type": "worldGenerationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelWorldGenerationJob.html" - }, - "CreateDeploymentJob": { - "privilege": "CreateDeploymentJob", - "description": "Create a deployment job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateDeploymentJob.html" - }, - "CreateFleet": { - "privilege": "CreateFleet", - "description": "Create a deployment fleet that represents a logical group of robots running the same robot application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateFleet.html" - }, - "CreateRobot": { - "privilege": "CreateRobot", - "description": "Create a robot that can be registered to a fleet", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateRobot.html" - }, - "CreateRobotApplication": { - "privilege": "CreateRobotApplication", - "description": "Create a robot application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateRobotApplication.html" - }, - "CreateRobotApplicationVersion": { - "privilege": "CreateRobotApplicationVersion", - "description": "Create a snapshot of a robot application", - "access_level": "Write", - "resource_types": { - "robotApplication": { - "resource_type": "robotApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateRobotApplicationVersion.html" - }, - "CreateSimulationApplication": { - "privilege": "CreateSimulationApplication", - "description": "Create a simulation application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateSimulationApplication.html" - }, - "CreateSimulationApplicationVersion": { - "privilege": "CreateSimulationApplicationVersion", - "description": "Create a snapshot of a simulation application", - "access_level": "Write", - "resource_types": { - "simulationApplication": { - "resource_type": "simulationApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:GetObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateSimulationApplicationVersion.html" - }, - "CreateSimulationJob": { - "privilege": "CreateSimulationJob", - "description": "Create a simulation job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateSimulationJob.html" - }, - "CreateWorldExportJob": { - "privilege": "CreateWorldExportJob", - "description": "Create a world export job", - "access_level": "Write", - "resource_types": { - "world": { - "resource_type": "world", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateWorldExportJob.html" - }, - "CreateWorldGenerationJob": { - "privilege": "CreateWorldGenerationJob", - "description": "Create a world generation job", - "access_level": "Write", - "resource_types": { - "worldTemplate": { - "resource_type": "worldTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateWorldGenerationJob.html" - }, - "CreateWorldTemplate": { - "privilege": "CreateWorldTemplate", - "description": "Create a world template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateWorldTemplate.html" - }, - "DeleteFleet": { - "privilege": "DeleteFleet", - "description": "Delete a deployment fleet", - "access_level": "Write", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteFleet.html" - }, - "DeleteRobot": { - "privilege": "DeleteRobot", - "description": "Delete a robot", - "access_level": "Write", - "resource_types": { - "robot": { - "resource_type": "robot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteRobot.html" - }, - "DeleteRobotApplication": { - "privilege": "DeleteRobotApplication", - "description": "Delete a robot application", - "access_level": "Write", - "resource_types": { - "robotApplication": { - "resource_type": "robotApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteRobotApplication.html" - }, - "DeleteSimulationApplication": { - "privilege": "DeleteSimulationApplication", - "description": "Delete a simulation application", - "access_level": "Write", - "resource_types": { - "simulationApplication": { - "resource_type": "simulationApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteSimulationApplication.html" - }, - "DeleteWorldTemplate": { - "privilege": "DeleteWorldTemplate", - "description": "Delete a world template", - "access_level": "Write", - "resource_types": { - "worldTemplate": { - "resource_type": "worldTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteWorldTemplate.html" - }, - "DeregisterRobot": { - "privilege": "DeregisterRobot", - "description": "Deregister a robot from a fleet", - "access_level": "Write", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "robot": { - "resource_type": "robot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeregisterRobot.html" - }, - "DescribeDeploymentJob": { - "privilege": "DescribeDeploymentJob", - "description": "Describe a deployment job", - "access_level": "Read", - "resource_types": { - "deploymentJob": { - "resource_type": "deploymentJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeDeploymentJob.html" - }, - "DescribeFleet": { - "privilege": "DescribeFleet", - "description": "Describe a deployment fleet", - "access_level": "Read", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeFleet.html" - }, - "DescribeRobot": { - "privilege": "DescribeRobot", - "description": "Describe a robot", - "access_level": "Read", - "resource_types": { - "robot": { - "resource_type": "robot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeRobot.html" - }, - "DescribeRobotApplication": { - "privilege": "DescribeRobotApplication", - "description": "Describe a robot application", - "access_level": "Read", - "resource_types": { - "robotApplication": { - "resource_type": "robotApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeRobotApplication.html" - }, - "DescribeSimulationApplication": { - "privilege": "DescribeSimulationApplication", - "description": "Describe a simulation application", - "access_level": "Read", - "resource_types": { - "simulationApplication": { - "resource_type": "simulationApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeSimulationApplication.html" - }, - "DescribeSimulationJob": { - "privilege": "DescribeSimulationJob", - "description": "Describe a simulation job", - "access_level": "Read", - "resource_types": { - "simulationJob": { - "resource_type": "simulationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeSimulationJob.html" - }, - "DescribeSimulationJobBatch": { - "privilege": "DescribeSimulationJobBatch", - "description": "Describe a simulation job batch", - "access_level": "Read", - "resource_types": { - "simulationJobBatch": { - "resource_type": "simulationJobBatch", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeSimulationJobBatch.html" - }, - "DescribeWorld": { - "privilege": "DescribeWorld", - "description": "Describe a world", - "access_level": "Read", - "resource_types": { - "world": { - "resource_type": "world", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorld.html" - }, - "DescribeWorldExportJob": { - "privilege": "DescribeWorldExportJob", - "description": "Describe a world export job", - "access_level": "Read", - "resource_types": { - "worldExportJob": { - "resource_type": "worldExportJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorldExportJob.html" - }, - "DescribeWorldGenerationJob": { - "privilege": "DescribeWorldGenerationJob", - "description": "Describe a world generation job", - "access_level": "Read", - "resource_types": { - "worldGenerationJob": { - "resource_type": "worldGenerationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorldGenerationJob.html" - }, - "DescribeWorldTemplate": { - "privilege": "DescribeWorldTemplate", - "description": "Describe a world template", - "access_level": "Read", - "resource_types": { - "worldTemplate": { - "resource_type": "worldTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorldTemplate.html" - }, - "GetWorldTemplateBody": { - "privilege": "GetWorldTemplateBody", - "description": "Get the body of a world template", - "access_level": "Read", - "resource_types": { - "worldTemplate": { - "resource_type": "worldTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_GetWorldTemplateBody.html" - }, - "ListDeploymentJobs": { - "privilege": "ListDeploymentJobs", - "description": "List deployment jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListDeploymentJobs.html" - }, - "ListFleets": { - "privilege": "ListFleets", - "description": "List fleets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListFleets.html" - }, - "ListRobotApplications": { - "privilege": "ListRobotApplications", - "description": "List robot applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListRobotApplications.html" - }, - "ListRobots": { - "privilege": "ListRobots", - "description": "List robots", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListRobots.html" - }, - "ListSimulationApplications": { - "privilege": "ListSimulationApplications", - "description": "List simulation applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListSimulationApplications.html" - }, - "ListSimulationJobBatches": { - "privilege": "ListSimulationJobBatches", - "description": "List simulation job batches", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListSimulationJobBatches.html" - }, - "ListSimulationJobs": { - "privilege": "ListSimulationJobs", - "description": "List simulation jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListSimulationJobs.html" - }, - "ListSupportedAvailabilityZones": { - "privilege": "ListSupportedAvailabilityZones", - "description": "Lists supported availability zones", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "List tags for a RoboMaker resource", - "access_level": "List", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentJob": { - "resource_type": "deploymentJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "robot": { - "resource_type": "robot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "robotApplication": { - "resource_type": "robotApplication", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationApplication": { - "resource_type": "simulationApplication", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationJob": { - "resource_type": "simulationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationJobBatch": { - "resource_type": "simulationJobBatch", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "world": { - "resource_type": "world", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldExportJob": { - "resource_type": "worldExportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldGenerationJob": { - "resource_type": "worldGenerationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldTemplate": { - "resource_type": "worldTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListTagsForResource.html" - }, - "ListWorldExportJobs": { - "privilege": "ListWorldExportJobs", - "description": "List world export jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorldExportJobs.html" - }, - "ListWorldGenerationJobs": { - "privilege": "ListWorldGenerationJobs", - "description": "List world generation jobs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorldGenerationJobs.html" - }, - "ListWorldTemplates": { - "privilege": "ListWorldTemplates", - "description": "List world templates", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorldTemplates.html" - }, - "ListWorlds": { - "privilege": "ListWorlds", - "description": "List worlds", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorlds.html" - }, - "RegisterRobot": { - "privilege": "RegisterRobot", - "description": "Register a robot to a fleet", - "access_level": "Write", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "robot": { - "resource_type": "robot", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_RegisterRobot.html" - }, - "RestartSimulationJob": { - "privilege": "RestartSimulationJob", - "description": "Restart a running simulation job", - "access_level": "Write", - "resource_types": { - "simulationJob": { - "resource_type": "simulationJob", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_RestartSimulationJob.html" - }, - "StartSimulationJobBatch": { - "privilege": "StartSimulationJobBatch", - "description": "Create a simulation job batch", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_StartSimulationJobBatch.html" - }, - "SyncDeploymentJob": { - "privilege": "SyncDeploymentJob", - "description": "Ensures the most recently deployed robot application is deployed to all robots in the fleet", - "access_level": "Write", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_SyncDeploymentJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Add tags to a RoboMaker resource", - "access_level": "Tagging", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentJob": { - "resource_type": "deploymentJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "robot": { - "resource_type": "robot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "robotApplication": { - "resource_type": "robotApplication", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationApplication": { - "resource_type": "simulationApplication", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationJob": { - "resource_type": "simulationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationJobBatch": { - "resource_type": "simulationJobBatch", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "world": { - "resource_type": "world", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldExportJob": { - "resource_type": "worldExportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldGenerationJob": { - "resource_type": "worldGenerationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldTemplate": { - "resource_type": "worldTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Remove tags from a RoboMaker resource", - "access_level": "Tagging", - "resource_types": { - "deploymentFleet": { - "resource_type": "deploymentFleet", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "deploymentJob": { - "resource_type": "deploymentJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "robot": { - "resource_type": "robot", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "robotApplication": { - "resource_type": "robotApplication", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationApplication": { - "resource_type": "simulationApplication", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationJob": { - "resource_type": "simulationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "simulationJobBatch": { - "resource_type": "simulationJobBatch", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "world": { - "resource_type": "world", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldExportJob": { - "resource_type": "worldExportJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldGenerationJob": { - "resource_type": "worldGenerationJob", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "worldTemplate": { - "resource_type": "worldTemplate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UntagResource.html" - }, - "UpdateRobotApplication": { - "privilege": "UpdateRobotApplication", - "description": "Update a robot application", - "access_level": "Write", - "resource_types": { - "robotApplication": { - "resource_type": "robotApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UpdateRobotApplication.html" - }, - "UpdateRobotDeployment": { - "privilege": "UpdateRobotDeployment", - "description": "Report the deployment status for an individual robot", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "UpdateSimulationApplication": { - "privilege": "UpdateSimulationApplication", - "description": "Update a simulation application", - "access_level": "Write", - "resource_types": { - "simulationApplication": { - "resource_type": "simulationApplication", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UpdateSimulationApplication.html" - }, - "UpdateWorldTemplate": { - "privilege": "UpdateWorldTemplate", - "description": "Update a world template", - "access_level": "Write", - "resource_types": { - "worldTemplate": { - "resource_type": "worldTemplate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UpdateWorldTemplate.html" - } - }, - "resources": { - "robotApplication": { - "resource": "robotApplication", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:robot-application/${ApplicationName}/${CreatedOnEpoch}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "simulationApplication": { - "resource": "simulationApplication", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:simulation-application/${ApplicationName}/${CreatedOnEpoch}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "simulationJob": { - "resource": "simulationJob", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:simulation-job/${SimulationJobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "simulationJobBatch": { - "resource": "simulationJobBatch", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:simulation-job-batch/${SimulationJobBatchId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deploymentJob": { - "resource": "deploymentJob", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:deployment-job/${DeploymentJobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "robot": { - "resource": "robot", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:robot/${RobotName}/${CreatedOnEpoch}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "deploymentFleet": { - "resource": "deploymentFleet", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:deployment-fleet/${FleetName}/${CreatedOnEpoch}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "worldGenerationJob": { - "resource": "worldGenerationJob", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world-generation-job/${WorldGenerationJobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "worldExportJob": { - "resource": "worldExportJob", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world-export-job/${WorldExportJobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "worldTemplate": { - "resource": "worldTemplate", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world-template/${WorldTemplateJobId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "world": { - "resource": "world", - "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world/${WorldId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "savingsplans": { - "service_name": "AWS Savings Plans", - "prefix": "savingsplans", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssavingsplans.html", - "privileges": { - "CreateSavingsPlan": { - "privilege": "CreateSavingsPlan", - "description": "Grants permission to create a savings plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_CreateSavingsPlan.html" - }, - "DeleteQueuedSavingsPlan": { - "privilege": "DeleteQueuedSavingsPlan", - "description": "Grants permission to delete the queued savings plan associated with customers account", - "access_level": "Write", - "resource_types": { - "savingsplan": { - "resource_type": "savingsplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DeleteQueuedSavingsPlan.html" - }, - "DescribeSavingsPlanRates": { - "privilege": "DescribeSavingsPlanRates", - "description": "Grants permission to describe the rates associated with customers savings plan", - "access_level": "Read", - "resource_types": { - "savingsplan": { - "resource_type": "savingsplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlanRates.html" - }, - "DescribeSavingsPlans": { - "privilege": "DescribeSavingsPlans", - "description": "Grants permission to describe the savings plans associated with customers account", - "access_level": "Read", - "resource_types": { - "savingsplan": { - "resource_type": "savingsplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlans.html" - }, - "DescribeSavingsPlansOfferingRates": { - "privilege": "DescribeSavingsPlansOfferingRates", - "description": "Grants permission to describe the rates assciated with savings plans offerings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlansOfferingRates.html" - }, - "DescribeSavingsPlansOfferings": { - "privilege": "DescribeSavingsPlansOfferings", - "description": "Grants permission to describe the savings plans offerings that customer is eligible to purchase", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlansOfferings.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a savings plan", - "access_level": "List", - "resource_types": { - "savingsplan": { - "resource_type": "savingsplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a savings plan", - "access_level": "Tagging", - "resource_types": { - "savingsplan": { - "resource_type": "savingsplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a savings plan", - "access_level": "Tagging", - "resource_types": { - "savingsplan": { - "resource_type": "savingsplan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_UntagResource.html" - } - }, - "resources": { - "savingsplan": { - "resource": "savingsplan", - "arn": "arn:${Partition}:savingsplans::${Account}:savingsplan/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value assoicated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of mandatory tags in the request", - "type": "String" - } - } - }, - "secretsmanager": { - "service_name": "AWS Secrets Manager", - "prefix": "secretsmanager", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html", - "privileges": { - "CancelRotateSecret": { - "privilege": "CancelRotateSecret", - "description": "Grants permission to cancel an in-progress secret rotation", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CancelRotateSecret.html" - }, - "CreateSecret": { - "privilege": "CreateSecret", - "description": "Grants permission to create a secret that stores encrypted data that can be queried and rotated", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:Name", - "secretsmanager:Description", - "secretsmanager:KmsKeyId", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "secretsmanager:ResourceTag/tag-key", - "secretsmanager:AddReplicaRegions", - "secretsmanager:ForceOverwriteReplicaSecret" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete the resource policy attached to a secret", - "access_level": "Permissions management", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteResourcePolicy.html" - }, - "DeleteSecret": { - "privilege": "DeleteSecret", - "description": "Grants permission to delete a secret", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:RecoveryWindowInDays", - "secretsmanager:ForceDeleteWithoutRecovery", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html" - }, - "DescribeSecret": { - "privilege": "DescribeSecret", - "description": "Grants permission to retrieve the metadata about a secret, but not the encrypted data", - "access_level": "Read", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DescribeSecret.html" - }, - "GetRandomPassword": { - "privilege": "GetRandomPassword", - "description": "Grants permission to generate a random string for use in password creation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetRandomPassword.html" - }, - "GetResourcePolicy": { - "privilege": "GetResourcePolicy", - "description": "Grants permission to get the resource policy attached to a secret", - "access_level": "Read", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetResourcePolicy.html" - }, - "GetSecretValue": { - "privilege": "GetSecretValue", - "description": "Grants permission to retrieve and decrypt the encrypted data", - "access_level": "Read", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:VersionId", - "secretsmanager:VersionStage", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html" - }, - "ListSecretVersionIds": { - "privilege": "ListSecretVersionIds", - "description": "Grants permission to list the available versions of a secret", - "access_level": "Read", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ListSecretVersionIds.html" - }, - "ListSecrets": { - "privilege": "ListSecrets", - "description": "Grants permission to list the available secrets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ListSecrets.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to attach a resource policy to a secret", - "access_level": "Permissions management", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:BlockPublicPolicy", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_PutResourcePolicy.html" - }, - "PutSecretValue": { - "privilege": "PutSecretValue", - "description": "Grants permission to create a new version of the secret with new encrypted data", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_PutSecretValue.html" - }, - "RemoveRegionsFromReplication": { - "privilege": "RemoveRegionsFromReplication", - "description": "Grants permission to remove regions from replication", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RemoveRegionsFromReplication.html" - }, - "ReplicateSecretToRegions": { - "privilege": "ReplicateSecretToRegions", - "description": "Grants permission to convert an existing secret to a multi-Region secret and begin replicating the secret to a list of new regions", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion", - "secretsmanager:AddReplicaRegions", - "secretsmanager:ForceOverwriteReplicaSecret" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ReplicateSecretToRegions.html" - }, - "RestoreSecret": { - "privilege": "RestoreSecret", - "description": "Grants permission to cancel deletion of a secret", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RestoreSecret.html" - }, - "RotateSecret": { - "privilege": "RotateSecret", - "description": "Grants permission to start rotation of a secret", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:RotationLambdaARN", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion", - "secretsmanager:ModifyRotationRules", - "secretsmanager:RotateImmediately" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RotateSecret.html" - }, - "StopReplicationToReplica": { - "privilege": "StopReplicationToReplica", - "description": "Grants permission to remove the secret from replication and promote the secret to a regional secret in the replica Region", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_StopReplicationToReplica.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a secret", - "access_level": "Tagging", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a secret", - "access_level": "Tagging", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "aws:TagKeys", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UntagResource.html" - }, - "UpdateSecret": { - "privilege": "UpdateSecret", - "description": "Grants permission to update a secret with new metadata or with a new version of the encrypted data", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:Description", - "secretsmanager:KmsKeyId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UpdateSecret.html" - }, - "UpdateSecretVersionStage": { - "privilege": "UpdateSecretVersionStage", - "description": "Grants permission to move a stage from one secret to another", - "access_level": "Write", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:VersionStage", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UpdateSecretVersionStage.html" - }, - "ValidateResourcePolicy": { - "privilege": "ValidateResourcePolicy", - "description": "Grants permission to validate a resource policy before attaching policy", - "access_level": "Permissions management", - "resource_types": { - "Secret": { - "resource_type": "Secret", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "secretsmanager:SecretId", - "secretsmanager:resource/AllowRotationLambdaArn", - "secretsmanager:ResourceTag/tag-key", - "aws:ResourceTag/${TagKey}", - "secretsmanager:SecretPrimaryRegion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ValidateResourcePolicy.html" - } - }, - "resources": { - "Secret": { - "resource": "Secret", - "arn": "arn:${Partition}:secretsmanager:${Region}:${Account}:secret:${SecretId}", - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}", - "aws:TagKeys", - "secretsmanager:ResourceTag/tag-key", - "secretsmanager:resource/AllowRotationLambdaArn" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a key that is present in the request the user makes to the Secrets Manager service", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the list of all the tag key names present in the request the user makes to the Secrets Manager service", - "type": "ArrayOfString" - }, - "secretsmanager:AddReplicaRegions": { - "condition": "secretsmanager:AddReplicaRegions", - "description": "Filters access by the list of Regions in which to replicate the secret", - "type": "ArrayOfString" - }, - "secretsmanager:BlockPublicPolicy": { - "condition": "secretsmanager:BlockPublicPolicy", - "description": "Filters access by whether the resource policy blocks broad AWS account access", - "type": "Bool" - }, - "secretsmanager:Description": { - "condition": "secretsmanager:Description", - "description": "Filters access by the description text in the request", - "type": "String" - }, - "secretsmanager:ForceDeleteWithoutRecovery": { - "condition": "secretsmanager:ForceDeleteWithoutRecovery", - "description": "Filters access by whether the secret is to be deleted immediately without any recovery window", - "type": "Bool" - }, - "secretsmanager:ForceOverwriteReplicaSecret": { - "condition": "secretsmanager:ForceOverwriteReplicaSecret", - "description": "Filters access by whether to overwrite a secret with the same name in the destination Region", - "type": "Bool" - }, - "secretsmanager:KmsKeyId": { - "condition": "secretsmanager:KmsKeyId", - "description": "Filters access by the ARN of the KMS key in the request", - "type": "String" - }, - "secretsmanager:ModifyRotationRules": { - "condition": "secretsmanager:ModifyRotationRules", - "description": "Filters access by whether the rotation rules of the secret are to be modified", - "type": "Bool" - }, - "secretsmanager:Name": { - "condition": "secretsmanager:Name", - "description": "Filters access by the friendly name of the secret in the request", - "type": "String" - }, - "secretsmanager:RecoveryWindowInDays": { - "condition": "secretsmanager:RecoveryWindowInDays", - "description": "Filters access by the number of days that Secrets Manager waits before it can delete the secret", - "type": "Numeric" - }, - "secretsmanager:ResourceTag/tag-key": { - "condition": "secretsmanager:ResourceTag/tag-key", - "description": "Filters access by a tag key and value pair", - "type": "String" - }, - "secretsmanager:RotateImmediately": { - "condition": "secretsmanager:RotateImmediately", - "description": "Filters access by whether the secret is to be rotated immediately", - "type": "Bool" - }, - "secretsmanager:RotationLambdaARN": { - "condition": "secretsmanager:RotationLambdaARN", - "description": "Filters access by the ARN of the rotation Lambda function in the request", - "type": "ARN" - }, - "secretsmanager:SecretId": { - "condition": "secretsmanager:SecretId", - "description": "Filters access by the SecretID value in the request", - "type": "ARN" - }, - "secretsmanager:SecretPrimaryRegion": { - "condition": "secretsmanager:SecretPrimaryRegion", - "description": "Filters access by primary region in which the secret is created", - "type": "String" - }, - "secretsmanager:VersionId": { - "condition": "secretsmanager:VersionId", - "description": "Filters access by the unique identifier of the version of the secret in the request", - "type": "String" - }, - "secretsmanager:VersionStage": { - "condition": "secretsmanager:VersionStage", - "description": "Filters access by the list of version stages in the request", - "type": "String" - }, - "secretsmanager:resource/AllowRotationLambdaArn": { - "condition": "secretsmanager:resource/AllowRotationLambdaArn", - "description": "Filters access by the ARN of the rotation Lambda function associated with the secret", - "type": "ARN" - } - } - }, - "securityhub": { - "service_name": "AWS Security Hub", - "prefix": "securityhub", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html", - "privileges": { - "AcceptAdministratorInvitation": { - "privilege": "AcceptAdministratorInvitation", - "description": "Grants permission to accept Security Hub invitations to become a member account", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AcceptAdministratorInvitation.html" - }, - "AcceptInvitation": { - "privilege": "AcceptInvitation", - "description": "Grants permission to accept Security Hub invitations to become a member account", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AcceptInvitation.html" - }, - "BatchDeleteAutomationRules": { - "privilege": "BatchDeleteAutomationRules", - "description": "Grants permission to delete one or more automation rules in Security Hub", - "access_level": "Write", - "resource_types": { - "automation-rule": { - "resource_type": "automation-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" - }, - "BatchDisableStandards": { - "privilege": "BatchDisableStandards", - "description": "Grants permission to disable standards in Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchDisableStandards.html" - }, - "BatchEnableStandards": { - "privilege": "BatchEnableStandards", - "description": "Grants permission to enable standards in Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchEnableStandards.html" - }, - "BatchGetAutomationRules": { - "privilege": "BatchGetAutomationRules", - "description": "Grants permission to retrieve a list of details for automation rules from Security Hub based on rule Amazon Resource Names (ARNs)", - "access_level": "Read", - "resource_types": { - "automation-rule": { - "resource_type": "automation-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" - }, - "BatchGetControlEvaluations": { - "privilege": "BatchGetControlEvaluations", - "description": "Grants permission to get the enablement and compliance status of controls, the findings count for controls, and the overall security score for controls on the Security Hub console", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/iam-permissions-controls-standards.html" - }, - "BatchGetSecurityControls": { - "privilege": "BatchGetSecurityControls", - "description": "Grants permission to get details about specific security controls identified by ID or ARN", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "securityhub:DescribeStandardsControls" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchGetSecurityControls.html" - }, - "BatchGetStandardsControlAssociations": { - "privilege": "BatchGetStandardsControlAssociations", - "description": "Grants permission to get the enablement status of a batch of security controls in standards", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "securityhub:DescribeStandardsControls" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchGetStandardsControlAssociations.html" - }, - "BatchImportFindings": { - "privilege": "BatchImportFindings", - "description": "Grants permission to import findings into Security Hub from an integrated product", - "access_level": "Write", - "resource_types": { - "product": { - "resource_type": "product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "securityhub:TargetAccount" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html" - }, - "BatchUpdateAutomationRules": { - "privilege": "BatchUpdateAutomationRules", - "description": "Grants permission to update one or more automation rules from Security Hub based on rule Amazon Resource Names (ARNs) and input parameters", - "access_level": "Write", - "resource_types": { - "automation-rule": { - "resource_type": "automation-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" - }, - "BatchUpdateFindings": { - "privilege": "BatchUpdateFindings", - "description": "Grants permission to update customer-controlled fields for a selected set of Security Hub findings", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "securityhub:ASFFSyntaxPath/${ASFFSyntaxPath}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html" - }, - "BatchUpdateStandardsControlAssociations": { - "privilege": "BatchUpdateStandardsControlAssociations", - "description": "Grants permission to update the enablement status of a batch of security controls in standards", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "securityhub:UpdateStandardsControl" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html" - }, - "CreateActionTarget": { - "privilege": "CreateActionTarget", - "description": "Grants permission to create custom actions in Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_CreateActionTarget.html" - }, - "CreateAutomationRule": { - "privilege": "CreateAutomationRule", - "description": "Grants permission to create an automation rule based on input parameters", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" - }, - "CreateFindingAggregator": { - "privilege": "CreateFindingAggregator", - "description": "Grants permission to create a finding aggregator, which contains the cross-Region finding aggregation configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindingAggregator.html" - }, - "CreateInsight": { - "privilege": "CreateInsight", - "description": "Grants permission to create insights in Security Hub. Insights are collections of related findings", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_CreateInsight.html" - }, - "CreateMembers": { - "privilege": "CreateMembers", - "description": "Grants permission to create member accounts in Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_CreateMembers.html" - }, - "DeclineInvitations": { - "privilege": "DeclineInvitations", - "description": "Grants permission to decline Security Hub invitations to become a member account", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeclineInvitations.html" - }, - "DeleteActionTarget": { - "privilege": "DeleteActionTarget", - "description": "Grants permission to delete custom actions in Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteActionTarget.html" - }, - "DeleteFindingAggregator": { - "privilege": "DeleteFindingAggregator", - "description": "Grants permission to delete a finding aggregator, which disables finding aggregation across Regions", - "access_level": "Write", - "resource_types": { - "finding-aggregator": { - "resource_type": "finding-aggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteFindingAggregator.html" - }, - "DeleteInsight": { - "privilege": "DeleteInsight", - "description": "Grants permission to delete insights from Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteInsight.html" - }, - "DeleteInvitations": { - "privilege": "DeleteInvitations", - "description": "Grants permission to delete Security Hub invitations to become a member account", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteInvitations.html" - }, - "DeleteMembers": { - "privilege": "DeleteMembers", - "description": "Grants permission to delete Security Hub member accounts", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteMembers.html" - }, - "DescribeActionTargets": { - "privilege": "DescribeActionTargets", - "description": "Grants permission to retrieve a list of custom actions using the API", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeActionTargets.html" - }, - "DescribeHub": { - "privilege": "DescribeHub", - "description": "Grants permission to retrieve information about the hub resource in your account", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeHub.html" - }, - "DescribeOrganizationConfiguration": { - "privilege": "DescribeOrganizationConfiguration", - "description": "Grants permission to describe the organization configuration for Security Hub", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeOrganizationConfiguration.html" - }, - "DescribeProducts": { - "privilege": "DescribeProducts", - "description": "Grants permission to retrieve information about the available Security Hub product integrations", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeProducts.html" - }, - "DescribeStandards": { - "privilege": "DescribeStandards", - "description": "Grants permission to retrieve information about Security Hub standards", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html" - }, - "DescribeStandardsControls": { - "privilege": "DescribeStandardsControls", - "description": "Grants permission to retrieve information about Security Hub standards controls", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandardsControls.html" - }, - "DisableImportFindingsForProduct": { - "privilege": "DisableImportFindingsForProduct", - "description": "Grants permission to disable the findings importing for a Security Hub integrated product", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisableImportFindingsForProduct.html" - }, - "DisableOrganizationAdminAccount": { - "privilege": "DisableOrganizationAdminAccount", - "description": "Grants permission to remove the Security Hub administrator account for your organization", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisableOrganizationAdminAccount.html" - }, - "DisableSecurityHub": { - "privilege": "DisableSecurityHub", - "description": "Grants permission to disable Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisableSecurityHub.html" - }, - "DisassociateFromAdministratorAccount": { - "privilege": "DisassociateFromAdministratorAccount", - "description": "Grants permission to a Security Hub member account to disassociate from the associated administrator account", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisassociateFromAdministratorAccount.html" - }, - "DisassociateFromMasterAccount": { - "privilege": "DisassociateFromMasterAccount", - "description": "Grants permission to a Security Hub member account to disassociate from the associated master account", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisassociateFromMasterAccount.html" - }, - "DisassociateMembers": { - "privilege": "DisassociateMembers", - "description": "Grants permission to disassociate Security Hub member accounts from the associated administrator account", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisassociateMembers.html" - }, - "EnableImportFindingsForProduct": { - "privilege": "EnableImportFindingsForProduct", - "description": "Grants permission to enable the findings importing for a Security Hub integrated product", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableImportFindingsForProduct.html" - }, - "EnableOrganizationAdminAccount": { - "privilege": "EnableOrganizationAdminAccount", - "description": "Grants permission to designate a Security Hub administrator account for your organization", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization", - "organizations:EnableAWSServiceAccess", - "organizations:RegisterDelegatedAdministrator" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableOrganizationAdminAccount.html" - }, - "EnableSecurityHub": { - "privilege": "EnableSecurityHub", - "description": "Grants permission to enable Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableSecurityHub.html" - }, - "GetAdhocInsightResults": { - "privilege": "GetAdhocInsightResults", - "description": "Grants permission to retrieve insight results by providing a set of filters instead of an insight ARN", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetAdhocInsightResults.html" - }, - "GetAdministratorAccount": { - "privilege": "GetAdministratorAccount", - "description": "Grants permission to retrieve details about the Security Hub administrator account", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetAdministratorAccount.html" - }, - "GetControlFindingSummary": { - "privilege": "GetControlFindingSummary", - "description": "Grants permission to retrieve a security score and counts of finding and control statuses for a security standard", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetControlFindingSummary.html" - }, - "GetEnabledStandards": { - "privilege": "GetEnabledStandards", - "description": "Grants permission to retrieve a list of the standards that are enabled in Security Hub", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetEnabledStandards.html" - }, - "GetFindingAggregator": { - "privilege": "GetFindingAggregator", - "description": "Grants permission to retrieve details for a finding aggregator, which configures finding aggregation across Regions", - "access_level": "Read", - "resource_types": { - "finding-aggregator": { - "resource_type": "finding-aggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingAggregator.html" - }, - "GetFindingHistory": { - "privilege": "GetFindingHistory", - "description": "Grants permission to retrieve a list of finding history from Security Hub", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingHistory.html" - }, - "GetFindings": { - "privilege": "GetFindings", - "description": "Grants permission to retrieve a list of findings from Security Hub", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindings.html" - }, - "GetFreeTrialEndDate": { - "privilege": "GetFreeTrialEndDate", - "description": "Grants permission to retrieve the end date for an account's free trial of Security Hub", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFreeTrialEndDate.html" - }, - "GetFreeTrialUsage": { - "privilege": "GetFreeTrialUsage", - "description": "Grants permission to retrieve information about Security Hub usage during the free trial period", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFreeTrialUsage.html" - }, - "GetInsightFindingTrend": { - "privilege": "GetInsightFindingTrend", - "description": "Grants permission to retrieve an insight finding trend from Security Hub in order to generate a graph", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsightFindingTrend.html" - }, - "GetInsightResults": { - "privilege": "GetInsightResults", - "description": "Grants permission to retrieve insight results from Security Hub", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsightResults.html" - }, - "GetInsights": { - "privilege": "GetInsights", - "description": "Grants permission to retrieve Security Hub insights", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsights.html" - }, - "GetInvitationsCount": { - "privilege": "GetInvitationsCount", - "description": "Grants permission to retrieve the count of Security Hub membership invitations sent to the account", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInvitationsCount.html" - }, - "GetMasterAccount": { - "privilege": "GetMasterAccount", - "description": "Grants permission to retrieve details about the Security Hub master account", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetMasterAccount.html" - }, - "GetMembers": { - "privilege": "GetMembers", - "description": "Grants permission to retrieve the details of Security Hub member accounts", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetMembers.html" - }, - "GetUsage": { - "privilege": "GetUsage", - "description": "Grants permission to retrieve information about Security Hub usage by accounts", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetUsage.html" - }, - "InviteMembers": { - "privilege": "InviteMembers", - "description": "Grants permission to invite other AWS accounts to become Security Hub member accounts", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_InviteMembers.html" - }, - "ListAutomationRules": { - "privilege": "ListAutomationRules", - "description": "Grants permission to retrieve a list of automation rules and their metadata for the calling account from Security Hub", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" - }, - "ListControlEvaluationSummaries": { - "privilege": "ListControlEvaluationSummaries", - "description": "Grants permission to retrieve a list of controls for a standard, including the control IDs, statuses and finding counts", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListControlEvaluationSummaries.html" - }, - "ListEnabledProductsForImport": { - "privilege": "ListEnabledProductsForImport", - "description": "Grants permission to retrieve the Security Hub integrated products that are currently enabled", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListEnabledProductsForImport.html" - }, - "ListFindingAggregators": { - "privilege": "ListFindingAggregators", - "description": "Grants permission to retrieve a list of finding aggregators, which contain the cross-Region finding aggregation configuration", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindingAggregator.html" - }, - "ListInvitations": { - "privilege": "ListInvitations", - "description": "Grants permission to retrieve the Security Hub invitations sent to the account", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListInvitations.html" - }, - "ListMembers": { - "privilege": "ListMembers", - "description": "Grants permission to retrieve details about Security Hub member accounts associated with the administrator account", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListMembers.html" - }, - "ListOrganizationAdminAccounts": { - "privilege": "ListOrganizationAdminAccounts", - "description": "Grants permission to list the Security Hub administrator accounts for your organization", - "access_level": "List", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "organizations:DescribeOrganization" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListOrganizationAdminAccounts.html" - }, - "ListSecurityControlDefinitions": { - "privilege": "ListSecurityControlDefinitions", - "description": "Grants permission to retrieve a list of security control definitions, which contain details for security controls in the current region", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListSecurityControlDefinitions.html" - }, - "ListStandardsControlAssociations": { - "privilege": "ListStandardsControlAssociations", - "description": "Grants permission to list the enablement status of a security control in standards", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "securityhub:DescribeStandardsControls" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListStandardsControlAssociations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list of tags associated with a resource", - "access_level": "Read", - "resource_types": { - "automation-rule": { - "resource_type": "automation-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListTagsForResource.html" - }, - "SendFindingEvents": { - "privilege": "SendFindingEvents", - "description": "Grants permission to use a custom action to send Security Hub findings to Amazon EventBridge", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_SendFindingEvents.html" - }, - "SendInsightEvents": { - "privilege": "SendInsightEvents", - "description": "Grants permission to use a custom action to send Security Hub insights to Amazon EventBridge", - "access_level": "Read", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_SendInsightEvents.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a Security Hub resource", - "access_level": "Tagging", - "resource_types": { - "automation-rule": { - "resource_type": "automation-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a Security Hub resource", - "access_level": "Tagging", - "resource_types": { - "automation-rule": { - "resource_type": "automation-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UntagResource.html" - }, - "UpdateActionTarget": { - "privilege": "UpdateActionTarget", - "description": "Grants permission to update custom actions in Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateActionTarget.html" - }, - "UpdateFindingAggregator": { - "privilege": "UpdateFindingAggregator", - "description": "Grants permission to update a finding aggregator, which contains the cross-Region finding aggregation configuration", - "access_level": "Write", - "resource_types": { - "finding-aggregator": { - "resource_type": "finding-aggregator", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindingAggregator.html" - }, - "UpdateFindings": { - "privilege": "UpdateFindings", - "description": "Grants permission to update Security Hub findings", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindings.html" - }, - "UpdateInsight": { - "privilege": "UpdateInsight", - "description": "Grants permission to update insights in Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateInsight.html" - }, - "UpdateOrganizationConfiguration": { - "privilege": "UpdateOrganizationConfiguration", - "description": "Grants permission to update the organization configuration for Security Hub", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateOrganizationConfiguration.html" - }, - "UpdateSecurityHubConfiguration": { - "privilege": "UpdateSecurityHubConfiguration", - "description": "Grants permission to update Security Hub configuration", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html" - }, - "UpdateStandardsControl": { - "privilege": "UpdateStandardsControl", - "description": "Grants permission to update Security Hub standards controls", - "access_level": "Write", - "resource_types": { - "hub": { - "resource_type": "hub", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateStandardsControl.html" - } - }, - "resources": { - "hub": { - "resource": "hub", - "arn": "arn:${Partition}:securityhub:${Region}:${Account}:hub/default", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "product": { - "resource": "product", - "arn": "arn:${Partition}:securityhub:${Region}:${Account}:product/${Company}/${ProductId}", - "condition_keys": [] - }, - "finding-aggregator": { - "resource": "finding-aggregator", - "arn": "arn:${Partition}:securityhub:${Region}:${Account}:finding-aggregator/${FindingAggregatorId}", - "condition_keys": [] - }, - "automation-rule": { - "resource": "automation-rule", - "arn": "arn:${Partition}:securityhub:${Region}:${Account}:automation-rule/${AutomationRuleId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "securityhub:ASFFSyntaxPath/${ASFFSyntaxPath}": { - "condition": "securityhub:ASFFSyntaxPath/${ASFFSyntaxPath}", - "description": "Filters access by the specified fields and values in the request", - "type": "String" - }, - "securityhub:TargetAccount": { - "condition": "securityhub:TargetAccount", - "description": "Filters access by the AwsAccountId field that is specified in the request", - "type": "String" - } - } - }, - "sts": { - "service_name": "AWS Security Token Service", - "prefix": "sts", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html", - "privileges": { - "AssumeRole": { - "privilege": "AssumeRole", - "description": "Grants permission to obtain a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to", - "access_level": "Write", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "sts:TransitiveTagKeys", - "sts:ExternalId", - "sts:RoleSessionName", - "iam:ResourceTag/${TagKey}", - "sts:SourceIdentity" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html" - }, - "AssumeRoleWithSAML": { - "privilege": "AssumeRoleWithSAML", - "description": "Grants permission to obtain a set of temporary security credentials for users who have been authenticated via a SAML authentication response", - "access_level": "Write", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "saml:namequalifier", - "saml:sub", - "saml:sub_type", - "saml:aud", - "saml:iss", - "saml:doc", - "saml:cn", - "saml:commonName", - "saml:eduorghomepageuri", - "saml:eduorgidentityauthnpolicyuri", - "saml:eduorglegalname", - "saml:eduorgsuperioruri", - "saml:eduorgwhitepagesuri", - "saml:edupersonaffiliation", - "saml:edupersonassurance", - "saml:edupersonentitlement", - "saml:edupersonnickname", - "saml:edupersonorgdn", - "saml:edupersonorgunitdn", - "saml:edupersonprimaryaffiliation", - "saml:edupersonprimaryorgunitdn", - "saml:edupersonprincipalname", - "saml:edupersonscopedaffiliation", - "saml:edupersontargetedid", - "saml:givenName", - "saml:mail", - "saml:name", - "saml:organizationStatus", - "saml:primaryGroupSID", - "saml:surname", - "saml:uid", - "saml:x500UniqueIdentifier", - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "sts:TransitiveTagKeys", - "sts:SourceIdentity", - "sts:RoleSessionName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html" - }, - "AssumeRoleWithWebIdentity": { - "privilege": "AssumeRoleWithWebIdentity", - "description": "Grants permission to obtain a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider", - "access_level": "Write", - "resource_types": { - "role": { - "resource_type": "role", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "cognito-identity.amazonaws.com:amr", - "cognito-identity.amazonaws.com:aud", - "cognito-identity.amazonaws.com:sub", - "www.amazon.com:app_id", - "www.amazon.com:user_id", - "graph.facebook.com:app_id", - "graph.facebook.com:id", - "accounts.google.com:aud", - "accounts.google.com:oaud", - "accounts.google.com:sub", - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "sts:TransitiveTagKeys", - "sts:SourceIdentity", - "sts:RoleSessionName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html" - }, - "DecodeAuthorizationMessage": { - "privilege": "DecodeAuthorizationMessage", - "description": "Grants permission to decode additional information about the authorization status of a request from an encoded message returned in response to an AWS request", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_DecodeAuthorizationMessage.html" - }, - "GetAccessKeyInfo": { - "privilege": "GetAccessKeyInfo", - "description": "Grants permission to obtain details about the access key id passed as a parameter to the request", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetAccessKeyInfo.html" - }, - "GetCallerIdentity": { - "privilege": "GetCallerIdentity", - "description": "Grants permission to obtain details about the IAM identity whose credentials are used to call the API", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html" - }, - "GetFederationToken": { - "privilege": "GetFederationToken", - "description": "Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetFederationToken.html" - }, - "GetServiceBearerToken": { - "privilege": "GetServiceBearerToken", - "description": "Grants permission to obtain a STS bearer token for an AWS root user, IAM role, or an IAM user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sts:AWSServiceName" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_bearer.html" - }, - "GetSessionToken": { - "privilege": "GetSessionToken", - "description": "Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for an AWS account or IAM user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html" - }, - "SetSourceIdentity": { - "privilege": "SetSourceIdentity", - "description": "Grants permission to set a source identity on a STS session", - "access_level": "Write", - "resource_types": { - "role": { - "resource_type": "role", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "sts:SourceIdentity" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html#id_credentials_temp_control-access_monitor-perms" - }, - "TagSession": { - "privilege": "TagSession", - "description": "Grants permission to add tags to a STS session", - "access_level": "Tagging", - "resource_types": { - "role": { - "resource_type": "role", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "sts:TransitiveTagKeys", - "saml:aud" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html" - } - }, - "resources": { - "role": { - "resource": "role", - "arn": "arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "user": { - "resource": "user", - "arn": "arn:${Partition}:iam::${Account}:user/${UserNameWithPath}", - "condition_keys": [] - } - }, - "conditions": { - "accounts.google.com:aud": { - "condition": "accounts.google.com:aud", - "description": "Filters access by the Google application ID", - "type": "String" - }, - "accounts.google.com:oaud": { - "condition": "accounts.google.com:oaud", - "description": "Filters access by the Google audience", - "type": "String" - }, - "accounts.google.com:sub": { - "condition": "accounts.google.com:sub", - "description": "Filters access by the subject of the claim (the Google user ID)", - "type": "String" - }, - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "cognito-identity.amazonaws.com:amr": { - "condition": "cognito-identity.amazonaws.com:amr", - "description": "Filters access by the login information for Amazon Cognito", - "type": "String" - }, - "cognito-identity.amazonaws.com:aud": { - "condition": "cognito-identity.amazonaws.com:aud", - "description": "Filters access by the Amazon Cognito identity pool ID", - "type": "String" - }, - "cognito-identity.amazonaws.com:sub": { - "condition": "cognito-identity.amazonaws.com:sub", - "description": "Filters access by the subject of the claim (the Amazon Cognito user ID)", - "type": "String" - }, - "graph.facebook.com:app_id": { - "condition": "graph.facebook.com:app_id", - "description": "Filters access by the Facebook application ID", - "type": "String" - }, - "graph.facebook.com:id": { - "condition": "graph.facebook.com:id", - "description": "Filters access by the Facebook user ID", - "type": "String" - }, - "iam:ResourceTag/${TagKey}": { - "condition": "iam:ResourceTag/${TagKey}", - "description": "Filters access by the tags that are attached to the role that is being assumed", - "type": "String" - }, - "saml:aud": { - "condition": "saml:aud", - "description": "Filters access by the endpoint URL to which SAML assertions are presented", - "type": "String" - }, - "saml:cn": { - "condition": "saml:cn", - "description": "Filters access by the eduOrg attribute", - "type": "ArrayOfString" - }, - "saml:commonName": { - "condition": "saml:commonName", - "description": "Filters access by the commonName attribute", - "type": "String" - }, - "saml:doc": { - "condition": "saml:doc", - "description": "Filters access by on the principal that was used to assume the role", - "type": "String" - }, - "saml:eduorghomepageuri": { - "condition": "saml:eduorghomepageuri", - "description": "Filters access by the eduOrg attribute", - "type": "ArrayOfString" - }, - "saml:eduorgidentityauthnpolicyuri": { - "condition": "saml:eduorgidentityauthnpolicyuri", - "description": "Filters access by the eduOrg attribute", - "type": "ArrayOfString" - }, - "saml:eduorglegalname": { - "condition": "saml:eduorglegalname", - "description": "Filters access by the eduOrg attribute", - "type": "ArrayOfString" - }, - "saml:eduorgsuperioruri": { - "condition": "saml:eduorgsuperioruri", - "description": "Filters access by the eduOrg attribute", - "type": "ArrayOfString" - }, - "saml:eduorgwhitepagesuri": { - "condition": "saml:eduorgwhitepagesuri", - "description": "Filters access by the eduOrg attribute", - "type": "ArrayOfString" - }, - "saml:edupersonaffiliation": { - "condition": "saml:edupersonaffiliation", - "description": "Filters access by the eduPerson attribute", - "type": "ArrayOfString" - }, - "saml:edupersonassurance": { - "condition": "saml:edupersonassurance", - "description": "Filters access by the eduPerson attribute", - "type": "ArrayOfString" - }, - "saml:edupersonentitlement": { - "condition": "saml:edupersonentitlement", - "description": "Filters access by the eduPerson attribute", - "type": "ArrayOfString" - }, - "saml:edupersonnickname": { - "condition": "saml:edupersonnickname", - "description": "Filters access by the eduPerson attribute", - "type": "ArrayOfString" - }, - "saml:edupersonorgdn": { - "condition": "saml:edupersonorgdn", - "description": "Filters access by the eduPerson attribute", - "type": "String" - }, - "saml:edupersonorgunitdn": { - "condition": "saml:edupersonorgunitdn", - "description": "Filters access by the eduPerson attribute", - "type": "ArrayOfString" - }, - "saml:edupersonprimaryaffiliation": { - "condition": "saml:edupersonprimaryaffiliation", - "description": "Filters access by the eduPerson attribute", - "type": "String" - }, - "saml:edupersonprimaryorgunitdn": { - "condition": "saml:edupersonprimaryorgunitdn", - "description": "Filters access by the eduPerson attribute", - "type": "String" - }, - "saml:edupersonprincipalname": { - "condition": "saml:edupersonprincipalname", - "description": "Filters access by the eduPerson attribute", - "type": "String" - }, - "saml:edupersonscopedaffiliation": { - "condition": "saml:edupersonscopedaffiliation", - "description": "Filters access by the eduPerson attribute", - "type": "ArrayOfString" - }, - "saml:edupersontargetedid": { - "condition": "saml:edupersontargetedid", - "description": "Filters access by the eduPerson attribute", - "type": "ArrayOfString" - }, - "saml:givenName": { - "condition": "saml:givenName", - "description": "Filters access by the givenName attribute", - "type": "String" - }, - "saml:iss": { - "condition": "saml:iss", - "description": "Filters access by on the issuer, which is represented by a URN", - "type": "String" - }, - "saml:mail": { - "condition": "saml:mail", - "description": "Filters access by the mail attribute", - "type": "String" - }, - "saml:name": { - "condition": "saml:name", - "description": "Filters access by the name attribute", - "type": "String" - }, - "saml:namequalifier": { - "condition": "saml:namequalifier", - "description": "Filters access by the hash value of the issuer, account ID, and friendly name", - "type": "String" - }, - "saml:organizationStatus": { - "condition": "saml:organizationStatus", - "description": "Filters access by the organizationStatus attribute", - "type": "String" - }, - "saml:primaryGroupSID": { - "condition": "saml:primaryGroupSID", - "description": "Filters access by the primaryGroupSID attribute", - "type": "String" - }, - "saml:sub": { - "condition": "saml:sub", - "description": "Filters access by the subject of the claim (the SAML user ID)", - "type": "String" - }, - "saml:sub_type": { - "condition": "saml:sub_type", - "description": "Filters access by the value persistent, transient, or the full Format URI", - "type": "String" - }, - "saml:surname": { - "condition": "saml:surname", - "description": "Filters access by the surname attribute", - "type": "String" - }, - "saml:uid": { - "condition": "saml:uid", - "description": "Filters access by the uid attribute", - "type": "String" - }, - "saml:x500UniqueIdentifier": { - "condition": "saml:x500UniqueIdentifier", - "description": "Filters access by the uid attribute", - "type": "String" - }, - "sts:AWSServiceName": { - "condition": "sts:AWSServiceName", - "description": "Filters access by the service that is obtaining a bearer token", - "type": "String" - }, - "sts:ExternalId": { - "condition": "sts:ExternalId", - "description": "Filters access by the unique identifier required when you assume a role in another account", - "type": "String" - }, - "sts:RoleSessionName": { - "condition": "sts:RoleSessionName", - "description": "Filters access by the role session name required when you assume a role", - "type": "String" - }, - "sts:SourceIdentity": { - "condition": "sts:SourceIdentity", - "description": "Filters access by the source identity that is passed in the request", - "type": "String" - }, - "sts:TransitiveTagKeys": { - "condition": "sts:TransitiveTagKeys", - "description": "Filters access by the transitive tag keys that are passed in the request", - "type": "String" - }, - "www.amazon.com:app_id": { - "condition": "www.amazon.com:app_id", - "description": "Filters access by the Login with Amazon application ID", - "type": "String" - }, - "www.amazon.com:user_id": { - "condition": "www.amazon.com:user_id", - "description": "Filters access by the Login with Amazon user ID", - "type": "String" - } - } - }, - "serverlessrepo": { - "service_name": "AWS Serverless Application Repository", - "prefix": "serverlessrepo", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsserverlessapplicationrepository.html", - "privileges": { - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application, optionally including an AWS SAM file to create the first application version in the same call", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications.html" - }, - "CreateApplicationVersion": { - "privilege": "CreateApplicationVersion", - "description": "Grants permission to create an application version", - "access_level": "Write", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-versions-semanticversion.html" - }, - "CreateCloudFormationChangeSet": { - "privilege": "CreateCloudFormationChangeSet", - "description": "Grants permission to create an AWS CloudFormation ChangeSet for the given application", - "access_level": "Write", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "serverlessrepo:applicationType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-changesets.html" - }, - "CreateCloudFormationTemplate": { - "privilege": "CreateCloudFormationTemplate", - "description": "Grants permission to create an AWS CloudFormation template", - "access_level": "Write", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "serverlessrepo:applicationType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-templates.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete the specified application", - "access_level": "Write", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to get the specified application", - "access_level": "Read", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "serverlessrepo:applicationType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" - }, - "GetApplicationPolicy": { - "privilege": "GetApplicationPolicy", - "description": "Grants permission to get the policy for the specified application", - "access_level": "Read", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-policy.html" - }, - "GetCloudFormationTemplate": { - "privilege": "GetCloudFormationTemplate", - "description": "Grants permission to get the specified AWS CloudFormation template", - "access_level": "Read", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-templates-templateid.html" - }, - "ListApplicationDependencies": { - "privilege": "ListApplicationDependencies", - "description": "Grants permission to retrieve the list of applications nested in the containing application", - "access_level": "List", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "serverlessrepo:applicationType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-dependencies.html" - }, - "ListApplicationVersions": { - "privilege": "ListApplicationVersions", - "description": "Grants permission to list versions for the specified application owned by the requester", - "access_level": "List", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "serverlessrepo:applicationType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-versions.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list applications owned by the requester", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications.html" - }, - "PutApplicationPolicy": { - "privilege": "PutApplicationPolicy", - "description": "Grants permission to put the policy for the specified application", - "access_level": "Write", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-policy.html" - }, - "SearchApplications": { - "privilege": "SearchApplications", - "description": "Grants permission to get all applications authorized for this user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "serverlessrepo:applicationType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" - }, - "UnshareApplication": { - "privilege": "UnshareApplication", - "description": "Grants permission to unshare the specified application", - "access_level": "Write", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update meta-data of the application", - "access_level": "Write", - "resource_types": { - "applications": { - "resource_type": "applications", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" - } - }, - "resources": { - "applications": { - "resource": "applications", - "arn": "arn:${Partition}:serverlessrepo:${Region}:${Account}:applications/${ResourceId}", - "condition_keys": [] - } - }, - "conditions": { - "serverlessrepo:applicationType": { - "condition": "serverlessrepo:applicationType", - "description": "Filters access by application type", - "type": "String" - } - } - }, - "sms": { - "service_name": "AWS Server Migration Service", - "prefix": "sms", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsservermigrationservice.html", - "privileges": { - "CreateApp": { - "privilege": "CreateApp", - "description": "Grants permission to create an application configuration to migrate on-premise application onto AWS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_CreateApp.html" - }, - "CreateReplicationJob": { - "privilege": "CreateReplicationJob", - "description": "Grants permission to create a job to migrate on-premise server onto AWS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_CreateReplicationJob.html" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Grants permission to delete an existing application configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteApp.html" - }, - "DeleteAppLaunchConfiguration": { - "privilege": "DeleteAppLaunchConfiguration", - "description": "Grants permission to delete launch configuration for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteAppLaunchConfiguration.html" - }, - "DeleteAppReplicationConfiguration": { - "privilege": "DeleteAppReplicationConfiguration", - "description": "Grants permission to delete replication configuration for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteAppReplicationConfiguration.html" - }, - "DeleteAppValidationConfiguration": { - "privilege": "DeleteAppValidationConfiguration", - "description": "Grants permission to delete validation configuration for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteAppValidationConfiguration.html" - }, - "DeleteReplicationJob": { - "privilege": "DeleteReplicationJob", - "description": "Grants permission to delete an existing job to migrate on-premise server onto AWS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteReplicationJob.html" - }, - "DeleteServerCatalog": { - "privilege": "DeleteServerCatalog", - "description": "Grants permission to delete the complete list of on-premise servers gathered into AWS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteServerCatalog.html" - }, - "DisassociateConnector": { - "privilege": "DisassociateConnector", - "description": "Grants permission to disassociate a connector that has been associated", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DisassociateConnector.html" - }, - "GenerateChangeSet": { - "privilege": "GenerateChangeSet", - "description": "Grants permission to generate a changeSet for the CloudFormation stack of an application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GenerateChangeSet.html" - }, - "GenerateTemplate": { - "privilege": "GenerateTemplate", - "description": "Grants permission to generate a CloudFormation template for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GenerateTemplate.html" - }, - "GetApp": { - "privilege": "GetApp", - "description": "Grants permission to get the configuration and statuses for an existing application", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetApp.html" - }, - "GetAppLaunchConfiguration": { - "privilege": "GetAppLaunchConfiguration", - "description": "Grants permission to get launch configuration for an existing application", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppLaunchConfiguration.html" - }, - "GetAppReplicationConfiguration": { - "privilege": "GetAppReplicationConfiguration", - "description": "Grants permission to get replication configuration for an existing application", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppReplicationConfiguration.html" - }, - "GetAppValidationConfiguration": { - "privilege": "GetAppValidationConfiguration", - "description": "Grants permission to get validation configuration for an existing application", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppValidationConfiguration.html" - }, - "GetAppValidationOutput": { - "privilege": "GetAppValidationOutput", - "description": "Grants permission to get notification sent from application validation script.", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppValidationOutput.html" - }, - "GetConnectors": { - "privilege": "GetConnectors", - "description": "Grants permission to get all connectors that have been associated", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetConnectors.html" - }, - "GetMessages": { - "privilege": "GetMessages", - "description": "Grants permission to gets messages from AWS Server Migration Service to Server Migration Connector", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "GetReplicationJobs": { - "privilege": "GetReplicationJobs", - "description": "Grants permission to get all existing jobs to migrate on-premise servers onto AWS", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetReplicationJobs.html" - }, - "GetReplicationRuns": { - "privilege": "GetReplicationRuns", - "description": "Grants permission to get all runs for an existing job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetReplicationRuns.html" - }, - "GetServers": { - "privilege": "GetServers", - "description": "Grants permission to get all servers that have been imported", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetServers.html" - }, - "ImportAppCatalog": { - "privilege": "ImportAppCatalog", - "description": "Grants permission to import application catalog from AWS Application Discovery Service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_ImportAppCatalog.html" - }, - "ImportServerCatalog": { - "privilege": "ImportServerCatalog", - "description": "Grants permission to gather a complete list of on-premise servers", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_ImportServerCatalog.html" - }, - "LaunchApp": { - "privilege": "LaunchApp", - "description": "Grants permission to create and launch a CloudFormation stack for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_LaunchApp.html" - }, - "ListApps": { - "privilege": "ListApps", - "description": "Grants permission to get a list of summaries for existing applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_ListAppss.html" - }, - "NotifyAppValidationOutput": { - "privilege": "NotifyAppValidationOutput", - "description": "Grants permission to send notification for application validation script", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_NotifyAppValidationOutput.html" - }, - "PutAppLaunchConfiguration": { - "privilege": "PutAppLaunchConfiguration", - "description": "Grants permission to create or update launch configuration for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_PutAppLaunchConfiguration.html" - }, - "PutAppReplicationConfiguration": { - "privilege": "PutAppReplicationConfiguration", - "description": "Grants permission to create or update replication configuration for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_PutAppReplicationConfiguration.html" - }, - "PutAppValidationConfiguration": { - "privilege": "PutAppValidationConfiguration", - "description": "Grants permission to put validation configuration for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_PutAppValidationConfiguration.html" - }, - "SendMessage": { - "privilege": "SendMessage", - "description": "Grants permission to send message from Server Migration Connector to AWS Server Migration Service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "StartAppReplication": { - "privilege": "StartAppReplication", - "description": "Grants permission to create and start replication jobs for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StartAppReplication.html" - }, - "StartOnDemandAppReplication": { - "privilege": "StartOnDemandAppReplication", - "description": "Grants permission to start a replication run for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StartOnDemandAppReplication.html" - }, - "StartOnDemandReplicationRun": { - "privilege": "StartOnDemandReplicationRun", - "description": "Grants permission to start a replication run for an existing replication job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StartOnDemandReplicationRun.html" - }, - "StopAppReplication": { - "privilege": "StopAppReplication", - "description": "Grants permission to stop and delete replication jobs for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StopAppReplication.html" - }, - "TerminateApp": { - "privilege": "TerminateApp", - "description": "Grants permission to terminate the CloudFormation stack for an existing application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_TerminateApp.html" - }, - "UpdateApp": { - "privilege": "UpdateApp", - "description": "Grants permission to update an existing application configuration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_UpdateApp.html" - }, - "UpdateReplicationJob": { - "privilege": "UpdateReplicationJob", - "description": "Grants permission to update an existing job to migrate on-premise server onto AWS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_UpdateReplicationJob.html" - } - }, - "resources": {}, - "conditions": {} - }, - "servicecatalog": { - "service_name": "AWS Service Catalog", - "prefix": "servicecatalog", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsservicecatalog.html", - "privileges": { - "AcceptPortfolioShare": { - "privilege": "AcceptPortfolioShare", - "description": "Grants permission to accept a portfolio that has been shared with you", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AcceptPortfolioShare.html" - }, - "AssociateAttributeGroup": { - "privilege": "AssociateAttributeGroup", - "description": "Grants permission to associate an attribute group with an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_AssociateAttributeGroup.html" - }, - "AssociateBudgetWithResource": { - "privilege": "AssociateBudgetWithResource", - "description": "Grants permission to associate a budget with a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateBudgetWithResource.html" - }, - "AssociatePrincipalWithPortfolio": { - "privilege": "AssociatePrincipalWithPortfolio", - "description": "Grants permission to associate an IAM principal with a portfolio, giving the specified principal access to any products associated with the specified portfolio", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociatePrincipalWithPortfolio.html" - }, - "AssociateProductWithPortfolio": { - "privilege": "AssociateProductWithPortfolio", - "description": "Grants permission to associate a product with a portfolio", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateProductWithPortfolio.html" - }, - "AssociateResource": { - "privilege": "AssociateResource", - "description": "Grants permission to associate a resource with an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:DescribeStacks", - "resource-groups:CreateGroup", - "resource-groups:GetGroup", - "resource-groups:Tag" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:ResourceType", - "servicecatalog:Resource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_AssociateResource.html" - }, - "AssociateServiceActionWithProvisioningArtifact": { - "privilege": "AssociateServiceActionWithProvisioningArtifact", - "description": "Grants permission to associate an action with a provisioning artifact", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateServiceActionWithProvisioningArtifact.html" - }, - "AssociateTagOptionWithResource": { - "privilege": "AssociateTagOptionWithResource", - "description": "Grants permission to associate the specified TagOption with the specified portfolio or product", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Product": { - "resource_type": "Product", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateTagOptionWithResource.html" - }, - "BatchAssociateServiceActionWithProvisioningArtifact": { - "privilege": "BatchAssociateServiceActionWithProvisioningArtifact", - "description": "Grants permission to associate multiple self-service actions with provisioning artifacts", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_BatchAssociateServiceActionWithProvisioningArtifact.html" - }, - "BatchDisassociateServiceActionFromProvisioningArtifact": { - "privilege": "BatchDisassociateServiceActionFromProvisioningArtifact", - "description": "Grants permission to disassociate a batch of self-service actions from the specified provisioning artifact", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_BatchDisassociateServiceActionFromProvisioningArtifact.html" - }, - "CopyProduct": { - "privilege": "CopyProduct", - "description": "Grants permission to copy the specified source product to the specified target product or a new product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CopyProduct.html" - }, - "CreateApplication": { - "privilege": "CreateApplication", - "description": "Grants permission to create an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_CreateApplication.html" - }, - "CreateAttributeGroup": { - "privilege": "CreateAttributeGroup", - "description": "Grants permission to create an attribute group", - "access_level": "Write", - "resource_types": { - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_CreateAttributeGroup.html" - }, - "CreateConstraint": { - "privilege": "CreateConstraint", - "description": "Grants permission to create a constraint on an associated product and portfolio", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateConstraint.html" - }, - "CreatePortfolio": { - "privilege": "CreatePortfolio", - "description": "Grants permission to create a portfolio", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreatePortfolio.html" - }, - "CreatePortfolioShare": { - "privilege": "CreatePortfolioShare", - "description": "Grants permission to share a portfolio you own with another AWS account", - "access_level": "Permissions management", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreatePortfolioShare.html" - }, - "CreateProduct": { - "privilege": "CreateProduct", - "description": "Grants permission to create a product and that product's first provisioning artifact", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProduct.html" - }, - "CreateProvisionedProductPlan": { - "privilege": "CreateProvisionedProductPlan", - "description": "Grants permission to add a new provisioned product plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProvisionedProductPlan.html" - }, - "CreateProvisioningArtifact": { - "privilege": "CreateProvisioningArtifact", - "description": "Grants permission to add a new provisioning artifact to an existing product", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProvisioningArtifact.html" - }, - "CreateServiceAction": { - "privilege": "CreateServiceAction", - "description": "Grants permission to create a self-service action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateServiceAction.html" - }, - "CreateTagOption": { - "privilege": "CreateTagOption", - "description": "Grants permission to create a TagOption", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateTagOption.html" - }, - "DeleteApplication": { - "privilege": "DeleteApplication", - "description": "Grants permission to delete an application if all associations have been removed from the application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DeleteApplication.html" - }, - "DeleteAttributeGroup": { - "privilege": "DeleteAttributeGroup", - "description": "Grants permission to delete an attribute group if all associations have been removed from the attribute group", - "access_level": "Write", - "resource_types": { - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DeleteAttributeGroup.html" - }, - "DeleteConstraint": { - "privilege": "DeleteConstraint", - "description": "Grants permission to remove and delete an existing constraint from an associated product and portfolio", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteConstraint.html" - }, - "DeletePortfolio": { - "privilege": "DeletePortfolio", - "description": "Grants permission to delete a portfolio if all associations and shares have been removed from the portfolio", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeletePortfolio.html" - }, - "DeletePortfolioShare": { - "privilege": "DeletePortfolioShare", - "description": "Grants permission to unshare a portfolio you own from an AWS account you previously shared the portfolio with", - "access_level": "Permissions management", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeletePortfolioShare.html" - }, - "DeleteProduct": { - "privilege": "DeleteProduct", - "description": "Grants permission to delete a product if all associations have been removed from the product", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteProduct.html" - }, - "DeleteProvisionedProductPlan": { - "privilege": "DeleteProvisionedProductPlan", - "description": "Grants permission to delete a provisioned product plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteProvisionedProductPlan.html" - }, - "DeleteProvisioningArtifact": { - "privilege": "DeleteProvisioningArtifact", - "description": "Grants permission to delete a provisioning artifact from a product", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteProvisioningArtifact.html" - }, - "DeleteServiceAction": { - "privilege": "DeleteServiceAction", - "description": "Grants permission to delete a self-service action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteServiceAction.html" - }, - "DeleteTagOption": { - "privilege": "DeleteTagOption", - "description": "Grants permission to delete the specified TagOption", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteTagOption.html" - }, - "DescribeConstraint": { - "privilege": "DescribeConstraint", - "description": "Grants permission to describe a constraint", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeConstraint.html" - }, - "DescribeCopyProductStatus": { - "privilege": "DescribeCopyProductStatus", - "description": "Grants permission to get the status of the specified copy product operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeCopyProductStatus.html" - }, - "DescribePortfolio": { - "privilege": "DescribePortfolio", - "description": "Grants permission to describe a portfolio", - "access_level": "Read", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribePortfolio.html" - }, - "DescribePortfolioShareStatus": { - "privilege": "DescribePortfolioShareStatus", - "description": "Grants permission to get the status of the specified portfolio share operation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribePortfolioShareStatus.html" - }, - "DescribePortfolioShares": { - "privilege": "DescribePortfolioShares", - "description": "Grants permission to view a summary of each of the portfolio shares that were created for the specified portfolio", - "access_level": "List", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribePortfolioShares.html" - }, - "DescribeProduct": { - "privilege": "DescribeProduct", - "description": "Grants permission to describe a product as an end-user", - "access_level": "Read", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProduct.html" - }, - "DescribeProductAsAdmin": { - "privilege": "DescribeProductAsAdmin", - "description": "Grants permission to describe a product as an admin", - "access_level": "Read", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProductAsAdmin.html" - }, - "DescribeProductView": { - "privilege": "DescribeProductView", - "description": "Grants permission to describe a product as an end-user", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProductView.html" - }, - "DescribeProvisionedProduct": { - "privilege": "DescribeProvisionedProduct", - "description": "Grants permission to describe a provisioned product", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisionedProduct.html" - }, - "DescribeProvisionedProductPlan": { - "privilege": "DescribeProvisionedProductPlan", - "description": "Grants permission to describe a provisioned product plan", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisionedProductPlan.html" - }, - "DescribeProvisioningArtifact": { - "privilege": "DescribeProvisioningArtifact", - "description": "Grants permission to describe a provisioning artifact", - "access_level": "Read", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisioningArtifact.html" - }, - "DescribeProvisioningParameters": { - "privilege": "DescribeProvisioningParameters", - "description": "Grants permission to describe the parameters that you need to specify to successfully provision a specified provisioning artifact", - "access_level": "Read", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisioningParameters.html" - }, - "DescribeRecord": { - "privilege": "DescribeRecord", - "description": "Grants permission to describe a record and lists any outputs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeRecord.html" - }, - "DescribeServiceAction": { - "privilege": "DescribeServiceAction", - "description": "Grants permission to describe a self-service action", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeServiceAction.html" - }, - "DescribeServiceActionExecutionParameters": { - "privilege": "DescribeServiceActionExecutionParameters", - "description": "Grants permission to get the default parameters if you executed the specified Service Action on the specified Provisioned Product", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeServiceActionExecutionParameters.html" - }, - "DescribeTagOption": { - "privilege": "DescribeTagOption", - "description": "Grants permission to get information about the specified TagOption", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeTagOption.html" - }, - "DisableAWSOrganizationsAccess": { - "privilege": "DisableAWSOrganizationsAccess", - "description": "Grants permission to disable portfolio sharing through AWS Organizations feature", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisableAWSOrganizationsAccess.html" - }, - "DisassociateAttributeGroup": { - "privilege": "DisassociateAttributeGroup", - "description": "Grants permission to disassociate an attribute group from an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DisassociateAttributeGroup.html" - }, - "DisassociateBudgetFromResource": { - "privilege": "DisassociateBudgetFromResource", - "description": "Grants permission to disassociate a budget from a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateBudgetFromResource.html" - }, - "DisassociatePrincipalFromPortfolio": { - "privilege": "DisassociatePrincipalFromPortfolio", - "description": "Grants permission to disassociate an IAM principal from a portfolio", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociatePrincipalFromPortfolio.html" - }, - "DisassociateProductFromPortfolio": { - "privilege": "DisassociateProductFromPortfolio", - "description": "Grants permission to disassociate a product from a portfolio", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateProductFromPortfolio.html" - }, - "DisassociateResource": { - "privilege": "DisassociateResource", - "description": "Grants permission to disassociate a resource from an application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "resource-groups:DeleteGroup" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:ResourceType", - "servicecatalog:Resource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DisassociateResource.html" - }, - "DisassociateServiceActionFromProvisioningArtifact": { - "privilege": "DisassociateServiceActionFromProvisioningArtifact", - "description": "Grants permission to disassociate the specified self-service action association from the specified provisioning artifact", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateServiceActionFromProvisioningArtifact.html" - }, - "DisassociateTagOptionFromResource": { - "privilege": "DisassociateTagOptionFromResource", - "description": "Grants permission to disassociate the specified TagOption from the specified resource", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "Product": { - "resource_type": "Product", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateTagOptionFromResource.html" - }, - "EnableAWSOrganizationsAccess": { - "privilege": "EnableAWSOrganizationsAccess", - "description": "Grants permission to enable portfolio sharing feature through AWS Organizations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_EnableAWSOrganizationsAccess.html" - }, - "ExecuteProvisionedProductPlan": { - "privilege": "ExecuteProvisionedProductPlan", - "description": "Grants permission to execute a provisioned product plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ExecuteProvisionedProductPlan.html" - }, - "ExecuteProvisionedProductServiceAction": { - "privilege": "ExecuteProvisionedProductServiceAction", - "description": "Grants permission to executes a provisioned product plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ExecuteProvisionedProductServiceAction.html" - }, - "GetAWSOrganizationsAccessStatus": { - "privilege": "GetAWSOrganizationsAccessStatus", - "description": "Grants permission to get the access status of AWS Organization portfolio share feature", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_GetAWSOrganizationsAccessStatus.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to get an application", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetApplication.html" - }, - "GetAssociatedResource": { - "privilege": "GetAssociatedResource", - "description": "Grants permission to get information about a resource associated to an application", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:ResourceType", - "servicecatalog:Resource" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetAssociatedResource.html" - }, - "GetAttributeGroup": { - "privilege": "GetAttributeGroup", - "description": "Grants permission to get an attribute group", - "access_level": "Read", - "resource_types": { - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetAttributeGroup.html" - }, - "GetConfiguration": { - "privilege": "GetConfiguration", - "description": "Grants permission to read AppRegistry configurations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetConfiguration.html" - }, - "GetProvisionedProductOutputs": { - "privilege": "GetProvisionedProductOutputs", - "description": "Grants permission to get the provisioned product output with either provisioned product id or name", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_GetProvisionedProductOutputs.html" - }, - "ImportAsProvisionedProduct": { - "privilege": "ImportAsProvisionedProduct", - "description": "Grants permission to import a resource into a provisioned product", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ImportAsProvisionedProduct.html" - }, - "ListAcceptedPortfolioShares": { - "privilege": "ListAcceptedPortfolioShares", - "description": "Grants permission to list the portfolios that have been shared with you and you have accepted", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListAcceptedPortfolioShares.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to list your applications", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListApplications.html" - }, - "ListAssociatedAttributeGroups": { - "privilege": "ListAssociatedAttributeGroups", - "description": "Grants permission to list the attribute groups associated with an application", - "access_level": "List", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAssociatedAttributeGroups.html" - }, - "ListAssociatedResources": { - "privilege": "ListAssociatedResources", - "description": "Grants permission to list the resources associated with an application", - "access_level": "List", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAssociatedResources.html" - }, - "ListAttributeGroups": { - "privilege": "ListAttributeGroups", - "description": "Grants permission to list your attribute groups", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAttributeGroups.html" - }, - "ListAttributeGroupsForApplication": { - "privilege": "ListAttributeGroupsForApplication", - "description": "Grants permission to list the associated attribute groups for a given application", - "access_level": "List", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAttributeGroupsForApplication.html" - }, - "ListBudgetsForResource": { - "privilege": "ListBudgetsForResource", - "description": "Grants permission to list all the budgets associated to a resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListBudgetsForResource.html" - }, - "ListConstraintsForPortfolio": { - "privilege": "ListConstraintsForPortfolio", - "description": "Grants permission to list constraints associated with a given portfolio", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListConstraintsForPortfolio.html" - }, - "ListLaunchPaths": { - "privilege": "ListLaunchPaths", - "description": "Grants permission to list the different ways to launch a given product as an end-user", - "access_level": "List", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html" - }, - "ListOrganizationPortfolioAccess": { - "privilege": "ListOrganizationPortfolioAccess", - "description": "Grants permission to list the organization nodes that have access to the specified portfolio", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListOrganizationPortfolioAccess.html" - }, - "ListPortfolioAccess": { - "privilege": "ListPortfolioAccess", - "description": "Grants permission to list the AWS accounts you have shared a given portfolio with", - "access_level": "List", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPortfolioAccess.html" - }, - "ListPortfolios": { - "privilege": "ListPortfolios", - "description": "Grants permission to list the portfolios in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPortfolios.html" - }, - "ListPortfoliosForProduct": { - "privilege": "ListPortfoliosForProduct", - "description": "Grants permission to list the portfolios associated with a given product", - "access_level": "List", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPortfoliosForProduct.html" - }, - "ListPrincipalsForPortfolio": { - "privilege": "ListPrincipalsForPortfolio", - "description": "Grants permission to list the IAM principals associated with a given portfolio", - "access_level": "List", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPrincipalsForPortfolio.html" - }, - "ListProvisionedProductPlans": { - "privilege": "ListProvisionedProductPlans", - "description": "Grants permission to list the provisioned product plans", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListProvisionedProductPlans.html" - }, - "ListProvisioningArtifacts": { - "privilege": "ListProvisioningArtifacts", - "description": "Grants permission to list the provisioning artifacts associated with a given product", - "access_level": "List", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListProvisioningArtifacts.html" - }, - "ListProvisioningArtifactsForServiceAction": { - "privilege": "ListProvisioningArtifactsForServiceAction", - "description": "Grants permission to list all provisioning artifacts for the specified self-service action", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListProvisioningArtifactsForServiceAction.html" - }, - "ListRecordHistory": { - "privilege": "ListRecordHistory", - "description": "Grants permission to list all the records in your account or all the records related to a given provisioned product", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListRecordHistory.html" - }, - "ListResourcesForTagOption": { - "privilege": "ListResourcesForTagOption", - "description": "Grants permission to list the resources associated with the specified TagOption", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListResourcesForTagOption.html" - }, - "ListServiceActions": { - "privilege": "ListServiceActions", - "description": "Grants permission to list all self-service actions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListServiceActions.html" - }, - "ListServiceActionsForProvisioningArtifact": { - "privilege": "ListServiceActionsForProvisioningArtifact", - "description": "Grants permission to list all the service actions associated with the specified provisioning artifact in your account", - "access_level": "List", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListServiceActionsForProvisioningArtifact.html" - }, - "ListStackInstancesForProvisionedProduct": { - "privilege": "ListStackInstancesForProvisionedProduct", - "description": "Grants permission to list account, region and status of each stack instances that are associated with a CFN_STACKSET type provisioned product", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListStackInstancesForProvisionedProduct.html" - }, - "ListTagOptions": { - "privilege": "ListTagOptions", - "description": "Grants permission to list the specified TagOptions or all TagOptions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListTagOptions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a service catalog appregistry resource", - "access_level": "Read", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListTagsForResource.html" - }, - "NotifyProvisionProductEngineWorkflowResult": { - "privilege": "NotifyProvisionProductEngineWorkflowResult", - "description": "Grants permission to notify the result of the provisioning engine execution", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_NotifyProvisionProductEngineWorkflowResult.html" - }, - "NotifyTerminateProvisionedProductEngineWorkflowResult": { - "privilege": "NotifyTerminateProvisionedProductEngineWorkflowResult", - "description": "Grants permission to notify the result of the terminate engine execution", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_NotifyTerminateProvisionedProductEngineWorkflowResult.html" - }, - "NotifyUpdateProvisionedProductEngineWorkflowResult": { - "privilege": "NotifyUpdateProvisionedProductEngineWorkflowResult", - "description": "Grants permission to notify the result of the update engine execution", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_NotifyUpdateProvisionedProductEngineWorkflowResult.html" - }, - "ProvisionProduct": { - "privilege": "ProvisionProduct", - "description": "Grants permission to provision a product with a specified provisioning artifact and launch parameters", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ProvisionProduct.html" - }, - "PutConfiguration": { - "privilege": "PutConfiguration", - "description": "Grants permission to assign AppRegistry configurations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_PutConfiguration.html" - }, - "RejectPortfolioShare": { - "privilege": "RejectPortfolioShare", - "description": "Grants permission to reject a portfolio that has been shared with you that you previously accepted", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_RejectPortfolioShare.html" - }, - "ScanProvisionedProducts": { - "privilege": "ScanProvisionedProducts", - "description": "Grants permission to list all the provisioned products in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ScanProvisionedProducts.html" - }, - "SearchProducts": { - "privilege": "SearchProducts", - "description": "Grants permission to list the products available to you as an end-user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_SearchProducts.html" - }, - "SearchProductsAsAdmin": { - "privilege": "SearchProductsAsAdmin", - "description": "Grants permission to list all the products in your account or all the products associated with a given portfolio", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_SearchProductsAsAdmin.html" - }, - "SearchProvisionedProducts": { - "privilege": "SearchProvisionedProducts", - "description": "Grants permission to list all the provisioned products in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_SearchProvisionedProducts.html" - }, - "SyncResource": { - "privilege": "SyncResource", - "description": "Grants permission to sync a resource with its current state in AppRegistry", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "cloudformation:UpdateStack" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_SyncResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a service catalog appregistry resource", - "access_level": "Tagging", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_TagResource.html" - }, - "TerminateProvisionedProduct": { - "privilege": "TerminateProvisionedProduct", - "description": "Grants permission to terminate an existing provisioned product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_TerminateProvisionedProduct.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from a service catalog appregistry resource", - "access_level": "Tagging", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_UntagResource.html" - }, - "UpdateApplication": { - "privilege": "UpdateApplication", - "description": "Grants permission to update the attributes of an existing application", - "access_level": "Write", - "resource_types": { - "Application": { - "resource_type": "Application", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_UpdateApplication.html" - }, - "UpdateAttributeGroup": { - "privilege": "UpdateAttributeGroup", - "description": "Grants permission to update the attributes of an existing attribute group", - "access_level": "Write", - "resource_types": { - "AttributeGroup": { - "resource_type": "AttributeGroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_UpdateAttributeGroup.html" - }, - "UpdateConstraint": { - "privilege": "UpdateConstraint", - "description": "Grants permission to update the metadata fields of an existing constraint", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateConstraint.html" - }, - "UpdatePortfolio": { - "privilege": "UpdatePortfolio", - "description": "Grants permission to update the metadata fields and/or tags of an existing portfolio", - "access_level": "Write", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdatePortfolio.html" - }, - "UpdatePortfolioShare": { - "privilege": "UpdatePortfolioShare", - "description": "Grants permission to enable or disable resource sharing for an existing portfolio share", - "access_level": "Permissions management", - "resource_types": { - "Portfolio": { - "resource_type": "Portfolio", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdatePortfolioShare.html" - }, - "UpdateProduct": { - "privilege": "UpdateProduct", - "description": "Grants permission to update the metadata fields and/or tags of an existing product", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProduct.html" - }, - "UpdateProvisionedProduct": { - "privilege": "UpdateProvisionedProduct", - "description": "Grants permission to update an existing provisioned product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicecatalog:accountLevel", - "servicecatalog:roleLevel", - "servicecatalog:userLevel" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProvisionedProduct.html" - }, - "UpdateProvisionedProductProperties": { - "privilege": "UpdateProvisionedProductProperties", - "description": "Grants permission to update the properties of an existing provisioned product", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProvisionedProductProperties.html" - }, - "UpdateProvisioningArtifact": { - "privilege": "UpdateProvisioningArtifact", - "description": "Grants permission to update the metadata fields of an existing provisioning artifact", - "access_level": "Write", - "resource_types": { - "Product": { - "resource_type": "Product", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProvisioningArtifact.html" - }, - "UpdateServiceAction": { - "privilege": "UpdateServiceAction", - "description": "Grants permission to update a self-service action", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateServiceAction.html" - }, - "UpdateTagOption": { - "privilege": "UpdateTagOption", - "description": "Grants permission to update the specified TagOption", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateTagOption.html" - } - }, - "resources": { - "Application": { - "resource": "Application", - "arn": "arn:${Partition}:servicecatalog:${Region}:${Account}:/applications/${ApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "AttributeGroup": { - "resource": "AttributeGroup", - "arn": "arn:${Partition}:servicecatalog:${Region}:${Account}:/attribute-groups/${AttributeGroupId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Portfolio": { - "resource": "Portfolio", - "arn": "arn:${Partition}:catalog:${Region}:${Account}:portfolio/${PortfolioId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "Product": { - "resource": "Product", - "arn": "arn:${Partition}:catalog:${Region}:${Account}:product/${ProductId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of tag keys in the request", - "type": "ArrayOfString" - }, - "servicecatalog:Resource": { - "condition": "servicecatalog:Resource", - "description": "Filters access by controlling what value can be specified as the Resource parameter in an AppRegistry associate resource API", - "type": "String" - }, - "servicecatalog:ResourceType": { - "condition": "servicecatalog:ResourceType", - "description": "Filters access by controlling what value can be specified as the ResourceType parameter in an AppRegistry associate resource API", - "type": "String" - }, - "servicecatalog:accountLevel": { - "condition": "servicecatalog:accountLevel", - "description": "Filters access by user to see and perform actions on resources created by anyone in the account", - "type": "String" - }, - "servicecatalog:roleLevel": { - "condition": "servicecatalog:roleLevel", - "description": "Filters access by user to see and perform actions on resources created either by them or by anyone federating into the same role as them", - "type": "String" - }, - "servicecatalog:userLevel": { - "condition": "servicecatalog:userLevel", - "description": "Filters access by user to see and perform actions on only resources that they created", - "type": "String" - } - } - }, - "private-networks": { - "service_name": "AWS service providing managed private networks", - "prefix": "private-networks", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsserviceprovidingmanagedprivatenetworks.html", - "privileges": { - "AcknowledgeOrderReceipt": { - "privilege": "AcknowledgeOrderReceipt", - "description": "Grants permission to acknowledge that an order has been received", - "access_level": "Write", - "resource_types": { - "order": { - "resource_type": "order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_AcknowledgeOrderReceipt.html" - }, - "ActivateDeviceIdentifier": { - "privilege": "ActivateDeviceIdentifier", - "description": "Grants permission to activate a device identifier", - "access_level": "Write", - "resource_types": { - "device-identifier": { - "resource_type": "device-identifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ActivateDeviceIdentifier.html" - }, - "ActivateNetworkSite": { - "privilege": "ActivateNetworkSite", - "description": "Grants permission to activate a network site", - "access_level": "Write", - "resource_types": { - "network-site": { - "resource_type": "network-site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "order": { - "resource_type": "order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ActivateNetworkSite.html" - }, - "ConfigureAccessPoint": { - "privilege": "ConfigureAccessPoint", - "description": "Grants permission to configure an access point", - "access_level": "Write", - "resource_types": { - "network-resource": { - "resource_type": "network-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ConfigureAccessPoint.html" - }, - "CreateNetwork": { - "privilege": "CreateNetwork", - "description": "Grants permission to create a network", - "access_level": "Write", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_CreateNetwork.html" - }, - "CreateNetworkSite": { - "privilege": "CreateNetworkSite", - "description": "Grants permission to create a network site", - "access_level": "Write", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_CreateNetworkSite.html" - }, - "DeactivateDeviceIdentifier": { - "privilege": "DeactivateDeviceIdentifier", - "description": "Grants permission to deactivate a device identifier", - "access_level": "Write", - "resource_types": { - "device-identifier": { - "resource_type": "device-identifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_DeactivateDeviceIdentifier.html" - }, - "DeleteNetwork": { - "privilege": "DeleteNetwork", - "description": "Grants permission to delete a network", - "access_level": "Write", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_DeleteNetwork.html" - }, - "DeleteNetworkSite": { - "privilege": "DeleteNetworkSite", - "description": "Grants permission to delete a network site", - "access_level": "Write", - "resource_types": { - "network-site": { - "resource_type": "network-site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_DeleteNetworkSite.html" - }, - "GetDeviceIdentifier": { - "privilege": "GetDeviceIdentifier", - "description": "Grants permission to get a device identifier", - "access_level": "Read", - "resource_types": { - "device-identifier": { - "resource_type": "device-identifier", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetDeviceIdentifier.html" - }, - "GetNetwork": { - "privilege": "GetNetwork", - "description": "Grants permission to get a network", - "access_level": "Read", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetNetwork.html" - }, - "GetNetworkResource": { - "privilege": "GetNetworkResource", - "description": "Grants permission to get a network resource", - "access_level": "Read", - "resource_types": { - "network-resource": { - "resource_type": "network-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetNetworkResource.html" - }, - "GetNetworkSite": { - "privilege": "GetNetworkSite", - "description": "Grants permission to get a network site", - "access_level": "Read", - "resource_types": { - "network-site": { - "resource_type": "network-site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetNetworkSite.html" - }, - "GetOrder": { - "privilege": "GetOrder", - "description": "Grants permission to get a network order", - "access_level": "Read", - "resource_types": { - "order": { - "resource_type": "order", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetOrder.html" - }, - "ListDeviceIdentifiers": { - "privilege": "ListDeviceIdentifiers", - "description": "Grants permission to list device identifiers", - "access_level": "List", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListDeviceIdentifiers.html" - }, - "ListNetworkResources": { - "privilege": "ListNetworkResources", - "description": "Grants permission to list network resources", - "access_level": "List", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListNetworkResources.html" - }, - "ListNetworkSites": { - "privilege": "ListNetworkSites", - "description": "Grants permission to list network sites", - "access_level": "List", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListNetworkSites.html" - }, - "ListNetworks": { - "privilege": "ListNetworks", - "description": "Grants permission to list networks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListNetworks.html" - }, - "ListOrders": { - "privilege": "ListOrders", - "description": "Grants permission to list network orders", - "access_level": "List", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListOrders.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return a list of tags for a resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListTagsForResource.html" - }, - "Ping": { - "privilege": "Ping", - "description": "Grants permission to check the health of the service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_Ping.html" - }, - "StartNetworkResourceUpdate": { - "privilege": "StartNetworkResourceUpdate", - "description": "Grants permission to start an update on the specified network resource", - "access_level": "Write", - "resource_types": { - "network-resource": { - "resource_type": "network-resource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_StartNetworkResourceUpdate.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to adds tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "device-identifier": { - "resource_type": "device-identifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network": { - "resource_type": "network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-resource": { - "resource_type": "network-resource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-site": { - "resource_type": "network-site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "order": { - "resource_type": "order", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to removes tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "device-identifier": { - "resource_type": "device-identifier", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network": { - "resource_type": "network", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-resource": { - "resource_type": "network-resource", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-site": { - "resource_type": "network-site", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "order": { - "resource_type": "order", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_UntagResource.html" - }, - "UpdateNetworkSite": { - "privilege": "UpdateNetworkSite", - "description": "Grants permission to update a network site", - "access_level": "Write", - "resource_types": { - "network-site": { - "resource_type": "network-site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_UpdateNetworkSite.html" - }, - "UpdateNetworkSitePlan": { - "privilege": "UpdateNetworkSitePlan", - "description": "Grants permission to update a plan at a network site", - "access_level": "Write", - "resource_types": { - "network-site": { - "resource_type": "network-site", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_UpdateNetworkSitePlan.html" - } - }, - "resources": { - "network": { - "resource": "network", - "arn": "arn:${Partition}:private-networks:${Region}:${Account}:network/${NetworkName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "network-site": { - "resource": "network-site", - "arn": "arn:${Partition}:private-networks:${Region}:${Account}:network-site/${NetworkName}/${NetworkSiteName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "network-resource": { - "resource": "network-resource", - "arn": "arn:${Partition}:private-networks:${Region}:${Account}:network-resource/${NetworkName}/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "order": { - "resource": "order", - "arn": "arn:${Partition}:private-networks:${Region}:${Account}:order/${NetworkName}/${OrderId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "device-identifier": { - "resource": "device-identifier", - "arn": "arn:${Partition}:private-networks:${Region}:${Account}:device-identifier/${NetworkName}/${DeviceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by checking the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by checking tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "shield": { - "service_name": "AWS Shield", - "prefix": "shield", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsshield.html", - "privileges": { - "AssociateDRTLogBucket": { - "privilege": "AssociateDRTLogBucket", - "description": "Grants permission to authorize the DDoS Response team to access the specified Amazon S3 bucket containing your flow logs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:GetBucketPolicy", - "s3:PutBucketPolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateDRTLogBucket.html" - }, - "AssociateDRTRole": { - "privilege": "AssociateDRTRole", - "description": "Grants permission to authorize the DDoS Response team using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:GetRole", - "iam:ListAttachedRolePolicies", - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateDRTRole.html" - }, - "AssociateHealthCheck": { - "privilege": "AssociateHealthCheck", - "description": "Grants permission to add health-based detection to the Shield Advanced protection for a resource", - "access_level": "Write", - "resource_types": { - "protection": { - "resource_type": "protection", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "route53:GetHealthCheck" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateHealthCheck.html" - }, - "AssociateProactiveEngagementDetails": { - "privilege": "AssociateProactiveEngagementDetails", - "description": "Grants permission to initialize proactive engagement and set the list of contacts for the DDoS Response Team (DRT) to use", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateProactiveEngagementDetails.html" - }, - "CreateProtection": { - "privilege": "CreateProtection", - "description": "Grants permission to activate DDoS protection service for a given resource ARN", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateProtection.html" - }, - "CreateProtectionGroup": { - "privilege": "CreateProtectionGroup", - "description": "Grants permission to create a grouping of protected resources so they can be handled as a collective", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateProtectionGroup.html" - }, - "CreateSubscription": { - "privilege": "CreateSubscription", - "description": "Grants permission to activate subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateSubscription.html" - }, - "DeleteProtection": { - "privilege": "DeleteProtection", - "description": "Grants permission to delete an existing protection", - "access_level": "Write", - "resource_types": { - "protection": { - "resource_type": "protection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DeleteProtection.html" - }, - "DeleteProtectionGroup": { - "privilege": "DeleteProtectionGroup", - "description": "Grants permission to remove the specified protection group", - "access_level": "Write", - "resource_types": { - "protection-group": { - "resource_type": "protection-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DeleteProtectionGroup.html" - }, - "DeleteSubscription": { - "privilege": "DeleteSubscription", - "description": "Grants permission to deactivate subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DeleteSubscription.html" - }, - "DescribeAttack": { - "privilege": "DescribeAttack", - "description": "Grants permission to get attack details", - "access_level": "Read", - "resource_types": { - "attack": { - "resource_type": "attack", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeAttack.html" - }, - "DescribeAttackStatistics": { - "privilege": "DescribeAttackStatistics", - "description": "Grants permission to describe information about the number and type of attacks AWS Shield has detected in the last year", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeAttackStatistics.html" - }, - "DescribeDRTAccess": { - "privilege": "DescribeDRTAccess", - "description": "Grants permission to describe the current role and list of Amazon S3 log buckets used by the DDoS Response team to access your AWS account while assisting with attack mitigation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeDRTAccess.html" - }, - "DescribeEmergencyContactSettings": { - "privilege": "DescribeEmergencyContactSettings", - "description": "Grants permission to list the email addresses that the DRT can use to contact you during a suspected attack", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeEmergencyContactSettings.html" - }, - "DescribeProtection": { - "privilege": "DescribeProtection", - "description": "Grants permission to get protection details", - "access_level": "Read", - "resource_types": { - "protection": { - "resource_type": "protection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeProtection.html" - }, - "DescribeProtectionGroup": { - "privilege": "DescribeProtectionGroup", - "description": "Grants permission to describe the specification for the specified protection group", - "access_level": "Read", - "resource_types": { - "protection-group": { - "resource_type": "protection-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeProtectionGroup.html" - }, - "DescribeSubscription": { - "privilege": "DescribeSubscription", - "description": "Grants permission to get subscription details, such as start time", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeSubscription.html" - }, - "DisableApplicationLayerAutomaticResponse": { - "privilege": "DisableApplicationLayerAutomaticResponse", - "description": "Grants permission to disable application layer automatic response for Shield Advanced protection for a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisableApplicationLayerAutomaticResponse.html" - }, - "DisableProactiveEngagement": { - "privilege": "DisableProactiveEngagement", - "description": "Grants permission to remove authorization from the DDoS Response Team (DRT) to notify contacts about escalations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisableProactiveEngagement.html" - }, - "DisassociateDRTLogBucket": { - "privilege": "DisassociateDRTLogBucket", - "description": "Grants permission to remove the DDoS Response team's access to the specified Amazon S3 bucket containing your flow logs", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "s3:DeleteBucketPolicy", - "s3:GetBucketPolicy", - "s3:PutBucketPolicy" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisassociateDRTLogBucket.html" - }, - "DisassociateDRTRole": { - "privilege": "DisassociateDRTRole", - "description": "Grants permission to remove the DDoS Response team's access to your AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisassociateDRTRole.html" - }, - "DisassociateHealthCheck": { - "privilege": "DisassociateHealthCheck", - "description": "Grants permission to remove health-based detection from the Shield Advanced protection for a resource", - "access_level": "Write", - "resource_types": { - "protection": { - "resource_type": "protection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisassociateHealthCheck.html" - }, - "EnableApplicationLayerAutomaticResponse": { - "privilege": "EnableApplicationLayerAutomaticResponse", - "description": "Grants permission to enable application layer automatic response for Shield Advanced protection for a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "cloudfront:GetDistribution", - "iam:CreateServiceLinkedRole", - "iam:GetRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_EnableApplicationLayerAutomaticResponse.html" - }, - "EnableProactiveEngagement": { - "privilege": "EnableProactiveEngagement", - "description": "Grants permission to authorize the DDoS Response Team (DRT) to use email and phone to notify contacts about escalations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_EnableProactiveEngagement.html" - }, - "GetSubscriptionState": { - "privilege": "GetSubscriptionState", - "description": "Grants permission to get subscription state", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_GetSubscriptionState.html" - }, - "ListAttacks": { - "privilege": "ListAttacks", - "description": "Grants permission to list all existing attacks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListAttacks.html" - }, - "ListProtectionGroups": { - "privilege": "ListProtectionGroups", - "description": "Grants permission to retrieve the protection groups for the account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListProtectionGroups.html" - }, - "ListProtections": { - "privilege": "ListProtections", - "description": "Grants permission to list all existing protections", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListProtections.html" - }, - "ListResourcesInProtectionGroup": { - "privilege": "ListResourcesInProtectionGroup", - "description": "Grants permission to retrieve the resources that are included in the protection group", - "access_level": "List", - "resource_types": { - "protection-group": { - "resource_type": "protection-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListResourcesInProtectionGroup.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get information about AWS tags for a specified Amazon Resource Name (ARN) in AWS Shield", - "access_level": "Read", - "resource_types": { - "protection": { - "resource_type": "protection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "protection-group": { - "resource_type": "protection-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListTagsForResource.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add or updates tags for a resource in AWS Shield", - "access_level": "Tagging", - "resource_types": { - "protection": { - "resource_type": "protection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "protection-group": { - "resource_type": "protection-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource in AWS Shield", - "access_level": "Tagging", - "resource_types": { - "protection": { - "resource_type": "protection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "protection-group": { - "resource_type": "protection-group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UntagResource.html" - }, - "UpdateApplicationLayerAutomaticResponse": { - "privilege": "UpdateApplicationLayerAutomaticResponse", - "description": "Grants permission to update application layer automatic response for Shield Advanced protection for a resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateApplicationLayerAutomaticResponse.html" - }, - "UpdateEmergencyContactSettings": { - "privilege": "UpdateEmergencyContactSettings", - "description": "Grants permission to update the details of the list of email addresses that the DRT can use to contact you during a suspected attack", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateEmergencyContactSettings.html" - }, - "UpdateProtectionGroup": { - "privilege": "UpdateProtectionGroup", - "description": "Grants permission to update an existing protection group", - "access_level": "Write", - "resource_types": { - "protection-group": { - "resource_type": "protection-group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateProtectionGroup.html" - }, - "UpdateSubscription": { - "privilege": "UpdateSubscription", - "description": "Grants permission to update the details of an existing subscription", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateSubscription.html" - } - }, - "resources": { - "attack": { - "resource": "attack", - "arn": "arn:${Partition}:shield::${Account}:attack/${Id}", - "condition_keys": [] - }, - "protection": { - "resource": "protection", - "arn": "arn:${Partition}:shield::${Account}:protection/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "protection-group": { - "resource": "protection-group", - "arn": "arn:${Partition}:shield::${Account}:protection-group/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "signer": { - "service_name": "AWS Signer", - "prefix": "signer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssigner.html", - "privileges": { - "AddProfilePermission": { - "privilege": "AddProfilePermission", - "description": "Grants permission to add cross-account permissions to a Signing Profile", - "access_level": "Permissions management", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_AddProfilePermission.html" - }, - "CancelSigningProfile": { - "privilege": "CancelSigningProfile", - "description": "Grants permission to change the state of a Signing Profile to CANCELED", - "access_level": "Write", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_CancelSigningProfile.html" - }, - "DescribeSigningJob": { - "privilege": "DescribeSigningJob", - "description": "Grants permission to return information about a specific Signing Job", - "access_level": "Read", - "resource_types": { - "signing-job": { - "resource_type": "signing-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_DescribeSigningJob.html" - }, - "GetRevocationStatus": { - "privilege": "GetRevocationStatus", - "description": "Grants permission to query revocation info of signing resources", - "access_level": "Read", - "resource_types": { - "signing-job": { - "resource_type": "signing-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_GetRevocationStatus.html" - }, - "GetSigningPlatform": { - "privilege": "GetSigningPlatform", - "description": "Grants permission to return information about a specific Signing Platform", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_GetSigningPlatform.html" - }, - "GetSigningProfile": { - "privilege": "GetSigningProfile", - "description": "Grants permission to return information about a specific Signing Profile", - "access_level": "Read", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_GetSigningProfile.html" - }, - "ListProfilePermissions": { - "privilege": "ListProfilePermissions", - "description": "Grants permission to list the cross-account permissions associated with a Signing Profile", - "access_level": "Read", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListProfilePermissions.html" - }, - "ListSigningJobs": { - "privilege": "ListSigningJobs", - "description": "Grants permission to list all Signing Jobs in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListSigningJobs.html" - }, - "ListSigningPlatforms": { - "privilege": "ListSigningPlatforms", - "description": "Grants permission to list all available Signing Platforms", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListSigningPlatforms.html" - }, - "ListSigningProfiles": { - "privilege": "ListSigningProfiles", - "description": "Grants permission to list all Signing Profiles in your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListSigningProfiles.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags associated with a Signing Profile", - "access_level": "Read", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListTagsForResource.html" - }, - "PutSigningProfile": { - "privilege": "PutSigningProfile", - "description": "Grants permission to create a new Signing Profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_PutSigningProfile.html" - }, - "RemoveProfilePermission": { - "privilege": "RemoveProfilePermission", - "description": "Grants permission to remove cross-account permissions from a Signing Profile", - "access_level": "Permissions management", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_RemoveProfilePermission.html" - }, - "RevokeSignature": { - "privilege": "RevokeSignature", - "description": "Grants permission to change the state of a Signing Job to REVOKED", - "access_level": "Write", - "resource_types": { - "signing-job": { - "resource_type": "signing-job", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_RevokeSignature.html" - }, - "RevokeSigningProfile": { - "privilege": "RevokeSigningProfile", - "description": "Grants permission to change the state of a Signing Profile to REVOKED", - "access_level": "Write", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_RevokeSigningProfile.html" - }, - "SignPayload": { - "privilege": "SignPayload", - "description": "Grants permission to initiate a Signing Job on the provided payload", - "access_level": "Write", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_SignPayload.html" - }, - "StartSigningJob": { - "privilege": "StartSigningJob", - "description": "Grants permission to initiate a Signing Job on the provided code", - "access_level": "Write", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "signer:ProfileVersion" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_StartSigningJob.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add one or more tags to a Signing Profile", - "access_level": "Tagging", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove one or more tags from a Signing Profile", - "access_level": "Tagging", - "resource_types": { - "signing-profile": { - "resource_type": "signing-profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_UntagResource.html" - } - }, - "resources": { - "signing-profile": { - "resource": "signing-profile", - "arn": "arn:${Partition}:signer:${Region}:${Account}:/signing-profiles/${ProfileName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "signing-job": { - "resource": "signing-job", - "arn": "arn:${Partition}:signer:${Region}:${Account}:/signing-jobs/${JobId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by presence of mandatory tags in the request", - "type": "ArrayOfString" - }, - "signer:ProfileVersion": { - "condition": "signer:ProfileVersion", - "description": "Filters access by version of the Signing Profile", - "type": "String" - } - } - }, - "simspaceweaver": { - "service_name": "AWS SimSpace Weaver", - "prefix": "simspaceweaver", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssimspaceweaver.html", - "privileges": { - "CreateSnapshot": { - "privilege": "CreateSnapshot", - "description": "Grants permission to create a snapshot", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_CreateSnapshot.html" - }, - "DeleteApp": { - "privilege": "DeleteApp", - "description": "Grants permission to delete an app", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DeleteApp.html" - }, - "DeleteSimulation": { - "privilege": "DeleteSimulation", - "description": "Grants permission to delete a simulation", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DeleteSimulation.html" - }, - "DescribeApp": { - "privilege": "DescribeApp", - "description": "Grants permission to describe an app", - "access_level": "Read", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DescribeApp.html" - }, - "DescribeSimulation": { - "privilege": "DescribeSimulation", - "description": "Grants permission to describe a simulation", - "access_level": "Read", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DescribeSimulation.html" - }, - "ListApps": { - "privilege": "ListApps", - "description": "Grants permission to list apps", - "access_level": "Read", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_ListApps.html" - }, - "ListSimulations": { - "privilege": "ListSimulations", - "description": "Grants permission to list simulations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_ListSimulations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_ListTagsForResource.html" - }, - "StartApp": { - "privilege": "StartApp", - "description": "Grants permission to start an app", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StartApp.html" - }, - "StartClock": { - "privilege": "StartClock", - "description": "Grants permission to start a simulation clock", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StartClock.html" - }, - "StartSimulation": { - "privilege": "StartSimulation", - "description": "Grants permission to start a simulation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StartSimulation.html" - }, - "StopApp": { - "privilege": "StopApp", - "description": "Grants permission to stop an app", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StopApp.html" - }, - "StopClock": { - "privilege": "StopClock", - "description": "Grants permission to stop a simulation clock", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StopClock.html" - }, - "StopSimulation": { - "privilege": "StopSimulation", - "description": "Grants permission to stop a simulation", - "access_level": "Write", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StopSimulation.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "Simulation": { - "resource_type": "Simulation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_UntagResource.html" - } - }, - "resources": { - "Simulation": { - "resource": "Simulation", - "arn": "arn:${Partition}:simspaceweaver:${Region}:${Account}:simulation/${SimulationName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "snowball": { - "service_name": "AWS Snowball", - "prefix": "snowball", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssnowball.html", - "privileges": { - "CancelCluster": { - "privilege": "CancelCluster", - "description": "Grants permission to cancel a cluster job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CancelCluster.html" - }, - "CancelJob": { - "privilege": "CancelJob", - "description": "Grants permission to cancel the specified job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CancelJob.html" - }, - "CreateAddress": { - "privilege": "CreateAddress", - "description": "Grants permission to create an address for a Snowball to be shipped to", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateAddress.html" - }, - "CreateCluster": { - "privilege": "CreateCluster", - "description": "Grants permission to create an empty cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateCluster.html" - }, - "CreateJob": { - "privilege": "CreateJob", - "description": "Grants permission to creates a job to import or export data between Amazon S3 and your on-premises data center", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateJob.html" - }, - "CreateLongTermPricing": { - "privilege": "CreateLongTermPricing", - "description": "Grants permission to creates a LongTermPricingListEntry for allowing customers to add an upfront billing contract for a job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateLongTermPricing.html" - }, - "CreateReturnShippingLabel": { - "privilege": "CreateReturnShippingLabel", - "description": "Grants permission to create a shipping label that will be used to return the Snow device to AWS", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateReturnShippingLabel.html" - }, - "DescribeAddress": { - "privilege": "DescribeAddress", - "description": "Grants permission to get specific details about that address in the form of an Address object", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeAddress.html" - }, - "DescribeAddresses": { - "privilege": "DescribeAddresses", - "description": "Grants permission to describe a specified number of ADDRESS objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeAddresses.html" - }, - "DescribeCluster": { - "privilege": "DescribeCluster", - "description": "Grants permission to describe information about a specific cluster including shipping information, cluster status, and other important metadata", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeCluster.html" - }, - "DescribeJob": { - "privilege": "DescribeJob", - "description": "Grants permission to describe information about a specific job including shipping information, job status, and other important metadata", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeJob.html" - }, - "DescribeReturnShippingLabel": { - "privilege": "DescribeReturnShippingLabel", - "description": "Grants permission to describe information on the shipping label of a Snow device that is being returned to AWS", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeReturnShippingLabel.html" - }, - "GetJobManifest": { - "privilege": "GetJobManifest", - "description": "Grants permission to get a link to an Amazon S3 presigned URL for the manifest file associated with the specified JobId value", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetJobManifest.html" - }, - "GetJobUnlockCode": { - "privilege": "GetJobUnlockCode", - "description": "Grants permission to get the UnlockCode code value for the specified job", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetJobUnlockCode.html" - }, - "GetSnowballUsage": { - "privilege": "GetSnowballUsage", - "description": "Grants permission to get information about the Snowball service limit for your account, and also the number of Snowballs your account has in use", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetSnowballUsage.html" - }, - "GetSoftwareUpdates": { - "privilege": "GetSoftwareUpdates", - "description": "Grants permission to return an Amazon S3 presigned URL for an update file associated with a specified JobId", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetSoftwareUpdates.html" - }, - "ListClusterJobs": { - "privilege": "ListClusterJobs", - "description": "Grants permission to list JobListEntry objects of the specified length", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListClusterJobs.html" - }, - "ListClusters": { - "privilege": "ListClusters", - "description": "Grants permission to list ClusterListEntry objects of the specified length", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListClusters.html" - }, - "ListCompatibleImages": { - "privilege": "ListCompatibleImages", - "description": "Grants permission to return a list of the different Amazon EC2 Amazon Machine Images (AMIs) that are owned by your AWS account that would be supported for use on a Snow device", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListCompatibleImages.html" - }, - "ListJobs": { - "privilege": "ListJobs", - "description": "Grants permission to list JobListEntry objects of the specified length", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListJobs.html" - }, - "ListLongTermPricing": { - "privilege": "ListLongTermPricing", - "description": "Grants permission to list LongTermPricingListEntry objects for the account making the request", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListLongTermPricing.html" - }, - "ListServiceVersions": { - "privilege": "ListServiceVersions", - "description": "Grants permission to list all supported versions for Snow on-device services", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListServiceVersions.html" - }, - "UpdateCluster": { - "privilege": "UpdateCluster", - "description": "Grants permission to update while a cluster's ClusterState value is in the AwaitingQuorum state, you can update some of the information associated with a cluster", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateCluster.html" - }, - "UpdateJob": { - "privilege": "UpdateJob", - "description": "Grants permission to update while a job's JobState value is New, you can update some of the information associated with a job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateJob.html" - }, - "UpdateJobShipmentState": { - "privilege": "UpdateJobShipmentState", - "description": "Grants permission to update the state when a the shipment states changes to a different state", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateJobShipmentState.html" - }, - "UpdateLongTermPricing": { - "privilege": "UpdateLongTermPricing", - "description": "Grants permission to update a specific upfront billing contract for a job", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateLongTermPricing.html" - } - }, - "resources": {}, - "conditions": {} - }, - "snow-device-management": { - "service_name": "AWS Snow Device Management", - "prefix": "snow-device-management", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssnowdevicemanagement.html", - "privileges": { - "CancelTask": { - "privilege": "CancelTask", - "description": "Grants permission to cancel tasks on remote devices", - "access_level": "Write", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-cancel-task.html" - }, - "CreateTask": { - "privilege": "CreateTask", - "description": "Grants permission to create tasks on remote devices", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-create-task.html" - }, - "DescribeDevice": { - "privilege": "DescribeDevice", - "description": "Grants permission to describe a remotely-managed device", - "access_level": "Read", - "resource_types": { - "managed-device": { - "resource_type": "managed-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-device.html" - }, - "DescribeDeviceEc2Instances": { - "privilege": "DescribeDeviceEc2Instances", - "description": "Grants permission to describe a remotely-managed device's EC2 instances", - "access_level": "Read", - "resource_types": { - "managed-device": { - "resource_type": "managed-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-ec2-instances.html" - }, - "DescribeExecution": { - "privilege": "DescribeExecution", - "description": "Grants permission to describe task executions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-execution.html" - }, - "DescribeTask": { - "privilege": "DescribeTask", - "description": "Grants permission to describe a task", - "access_level": "Read", - "resource_types": { - "task": { - "resource_type": "task", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-task.html" - }, - "ListDeviceResources": { - "privilege": "ListDeviceResources", - "description": "Grants permission to list a remotely-managed device's resources", - "access_level": "List", - "resource_types": { - "managed-device": { - "resource_type": "managed-device", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-device-resources.html" - }, - "ListDevices": { - "privilege": "ListDevices", - "description": "Grants permission to list remotely-managed devices", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-devices.html" - }, - "ListExecutions": { - "privilege": "ListExecutions", - "description": "Grants permission to list task executions", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-executions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags for a resource (device or task)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-tags-for-resource.html" - }, - "ListTasks": { - "privilege": "ListTasks", - "description": "Grants permission to list tasks", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-tasks.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "managed-device": { - "resource_type": "managed-device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-tag-resource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "managed-device": { - "resource_type": "managed-device", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-untag-resources.html" - } - }, - "resources": { - "managed-device": { - "resource": "managed-device", - "arn": "arn:${Partition}:snow-device-management:${Region}:${Account}:managed-device/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "task": { - "resource": "task", - "arn": "arn:${Partition}:snow-device-management:${Region}:${Account}:task/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access based on the presence of tag keys in the request", - "type": "String" - } - } - }, - "sqlworkbench": { - "service_name": "AWS SQL Workbench", - "prefix": "sqlworkbench", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssqlworkbench.html", - "privileges": { - "AssociateConnectionWithChart": { - "privilege": "AssociateConnectionWithChart", - "description": "Grants permission to associate connection to a chart", - "access_level": "Write", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "AssociateConnectionWithTab": { - "privilege": "AssociateConnectionWithTab", - "description": "Grants permission to associate connection to a tab", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "AssociateNotebookWithTab": { - "privilege": "AssociateNotebookWithTab", - "description": "Grants permission to associate notebook to a tab", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "AssociateQueryWithTab": { - "privilege": "AssociateQueryWithTab", - "description": "Grants permission to associate query to a tab", - "access_level": "Write", - "resource_types": { - "query": { - "resource_type": "query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "BatchDeleteFolder": { - "privilege": "BatchDeleteFolder", - "description": "Grants permission to delete folders on your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "BatchGetNotebookCell": { - "privilege": "BatchGetNotebookCell", - "description": "Grants permission to get notebook cells content on your account", - "access_level": "Read", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateAccount": { - "privilege": "CreateAccount", - "description": "Grants permission to create SQLWorkbench account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateChart": { - "privilege": "CreateChart", - "description": "Grants permission to create new saved chart on your account", - "access_level": "Write", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateConnection": { - "privilege": "CreateConnection", - "description": "Grants permission to create a new connection on your account", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateFolder": { - "privilege": "CreateFolder", - "description": "Grants permission to create folder on your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateNotebook": { - "privilege": "CreateNotebook", - "description": "Grants permission to create a new notebook on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateNotebookCell": { - "privilege": "CreateNotebookCell", - "description": "Grants permission to create a notebook cell on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateNotebookFromVersion": { - "privilege": "CreateNotebookFromVersion", - "description": "Grants permission to create a new notebook from a notebook version on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateNotebookVersion": { - "privilege": "CreateNotebookVersion", - "description": "Grants permission to create a notebook version on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "CreateSavedQuery": { - "privilege": "CreateSavedQuery", - "description": "Grants permission to create a new saved query on your account", - "access_level": "Write", - "resource_types": { - "query": { - "resource_type": "query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteChart": { - "privilege": "DeleteChart", - "description": "Grants permission to remove charts on your account", - "access_level": "Write", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteConnection": { - "privilege": "DeleteConnection", - "description": "Grants permission to remove connections on your account", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteNotebook": { - "privilege": "DeleteNotebook", - "description": "Grants permission to remove notebooks on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteNotebookCell": { - "privilege": "DeleteNotebookCell", - "description": "Grants permission to remove notebooks cells on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteNotebookVersion": { - "privilege": "DeleteNotebookVersion", - "description": "Grants permission to remove notebooks cells on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteSavedQuery": { - "privilege": "DeleteSavedQuery", - "description": "Grants permission to remove saved queries on your account", - "access_level": "Write", - "resource_types": { - "query": { - "resource_type": "query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DeleteTab": { - "privilege": "DeleteTab", - "description": "Grants permission to remove a tab on your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DriverExecute": { - "privilege": "DriverExecute", - "description": "Grants permission to execute a query in your redshift cluster", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "DuplicateNotebook": { - "privilege": "DuplicateNotebook", - "description": "Grants permission to create a new notebook by duplicating an existing one on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ExportNotebook": { - "privilege": "ExportNotebook", - "description": "Grants permission to export a notebook on your account", - "access_level": "Read", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GenerateSession": { - "privilege": "GenerateSession", - "description": "Grants permission to generate a new session on your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetAccountInfo": { - "privilege": "GetAccountInfo", - "description": "Grants permission to get account info", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetAccountSettings": { - "privilege": "GetAccountSettings", - "description": "Grants permission to get account settings", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetChart": { - "privilege": "GetChart", - "description": "Grants permission to get charts on your account", - "access_level": "Read", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetConnection": { - "privilege": "GetConnection", - "description": "Grants permission to get connections on your account", - "access_level": "Read", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetNotebook": { - "privilege": "GetNotebook", - "description": "Grants permission to get notebook metadata on your account", - "access_level": "Read", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetNotebookVersion": { - "privilege": "GetNotebookVersion", - "description": "Grants permission to get the content of a notebook version on your account", - "access_level": "Read", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetQueryExecutionHistory": { - "privilege": "GetQueryExecutionHistory", - "description": "Grants permission to get the query execution history on your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetSavedQuery": { - "privilege": "GetSavedQuery", - "description": "Grants permission to get saved query on your account", - "access_level": "Read", - "resource_types": { - "query": { - "resource_type": "query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetSchemaInference": { - "privilege": "GetSchemaInference", - "description": "Grants permission to get the columns and data types inferred from a file", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetUserInfo": { - "privilege": "GetUserInfo", - "description": "Grants permission to get user info", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "GetUserWorkspaceSettings": { - "privilege": "GetUserWorkspaceSettings", - "description": "Grants permission to get workspace settings on your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ImportNotebook": { - "privilege": "ImportNotebook", - "description": "Grants permission to import a notebook on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListConnections": { - "privilege": "ListConnections", - "description": "Grants permission to list the connections on your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListDatabases": { - "privilege": "ListDatabases", - "description": "Grants permission to list databases of your redshift cluster", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListFiles": { - "privilege": "ListFiles", - "description": "Grants permission to list files and folders", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListNotebookVersions": { - "privilege": "ListNotebookVersions", - "description": "Grants permission to get notebook versions metadata on your account", - "access_level": "List", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListNotebooks": { - "privilege": "ListNotebooks", - "description": "Grants permission to list the notebooks on your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListQueryExecutionHistory": { - "privilege": "ListQueryExecutionHistory", - "description": "Grants permission to list the query execution history on your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListRedshiftClusters": { - "privilege": "ListRedshiftClusters", - "description": "Grants permission to list redshift clusters on your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListSampleDatabases": { - "privilege": "ListSampleDatabases", - "description": "Grants permission to list sample databases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListSavedQueryVersions": { - "privilege": "ListSavedQueryVersions", - "description": "Grants permission to list versions of saved query on your account", - "access_level": "List", - "resource_types": { - "query": { - "resource_type": "query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListTabs": { - "privilege": "ListTabs", - "description": "Grants permission to list tabs on your account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListTaggedResources": { - "privilege": "ListTaggedResources", - "description": "Grants permission to list tagged resources", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags of an sqlworkbench resource", - "access_level": "Read", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "notebook": { - "resource_type": "notebook", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "query": { - "resource_type": "query", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "PutTab": { - "privilege": "PutTab", - "description": "Grants permission to create or update a tab on your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "PutUserWorkspaceSettings": { - "privilege": "PutUserWorkspaceSettings", - "description": "Grants permission to update workspace settings on your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "RestoreNotebookVersion": { - "privilege": "RestoreNotebookVersion", - "description": "Grants permission to restore a notebook on your account to a version", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an sqlworkbench resource", - "access_level": "Tagging", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "notebook": { - "resource_type": "notebook", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "query": { - "resource_type": "query", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an sqlworkbench resource", - "access_level": "Tagging", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connection": { - "resource_type": "connection", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "notebook": { - "resource_type": "notebook", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "query": { - "resource_type": "query", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateAccountConnectionSettings": { - "privilege": "UpdateAccountConnectionSettings", - "description": "Grants permission to update account-wide connection settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateAccountExportSettings": { - "privilege": "UpdateAccountExportSettings", - "description": "Grants permission to update account-wide export settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateAccountGeneralSettings": { - "privilege": "UpdateAccountGeneralSettings", - "description": "Grants permission to update account-wide general settings", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateChart": { - "privilege": "UpdateChart", - "description": "Grants permission to update a chart on your account", - "access_level": "Write", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateConnection": { - "privilege": "UpdateConnection", - "description": "Grants permission to update a connection on your account", - "access_level": "Write", - "resource_types": { - "connection": { - "resource_type": "connection", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateFileFolder": { - "privilege": "UpdateFileFolder", - "description": "Grants permission to move files on your account", - "access_level": "Write", - "resource_types": { - "chart": { - "resource_type": "chart", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "query": { - "resource_type": "query", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateFolder": { - "privilege": "UpdateFolder", - "description": "Grants permission to update a folder's name and details on your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateNotebook": { - "privilege": "UpdateNotebook", - "description": "Grants permission to update a notebook metadata on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateNotebookCellContent": { - "privilege": "UpdateNotebookCellContent", - "description": "Grants permission to update a notebook cell content on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateNotebookCellLayout": { - "privilege": "UpdateNotebookCellLayout", - "description": "Grants permission to update a notebook cell layout on your account", - "access_level": "Write", - "resource_types": { - "notebook": { - "resource_type": "notebook", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - }, - "UpdateSavedQuery": { - "privilege": "UpdateSavedQuery", - "description": "Grants permission to update a saved query on your account", - "access_level": "Write", - "resource_types": { - "query": { - "resource_type": "query", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" - } - }, - "resources": { - "connection": { - "resource": "connection", - "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:connection/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "query": { - "resource": "query", - "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:query/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "chart": { - "resource": "chart", - "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:chart/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "notebook": { - "resource": "notebook", - "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:notebook/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags that are associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "states": { - "service_name": "AWS Step Functions", - "prefix": "states", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsstepfunctions.html", - "privileges": { - "CreateActivity": { - "privilege": "CreateActivity", - "description": "Grants permission to create an activity", - "access_level": "Write", - "resource_types": { - "activity": { - "resource_type": "activity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_CreateActivity.html" - }, - "CreateStateMachine": { - "privilege": "CreateStateMachine", - "description": "Grants permission to create a state machine", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "states:PublishStateMachineVersion" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_CreateStateMachine.html" - }, - "CreateStateMachineAlias": { - "privilege": "CreateStateMachineAlias", - "description": "Grants permission to create a state machine alias", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_CreateStateMachineAlias.html" - }, - "DeleteActivity": { - "privilege": "DeleteActivity", - "description": "Grants permission to delete an activity", - "access_level": "Write", - "resource_types": { - "activity": { - "resource_type": "activity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteActivity.html" - }, - "DeleteStateMachine": { - "privilege": "DeleteStateMachine", - "description": "Grants permission to delete a state machine", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteStateMachine.html" - }, - "DeleteStateMachineAlias": { - "privilege": "DeleteStateMachineAlias", - "description": "Grants permission to delete a state machine alias", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteStateMachineAlias.html" - }, - "DeleteStateMachineVersion": { - "privilege": "DeleteStateMachineVersion", - "description": "Grants permission to delete a state machine version", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteStateMachineVersion.html" - }, - "DescribeActivity": { - "privilege": "DescribeActivity", - "description": "Grants permission to describe an activity", - "access_level": "Read", - "resource_types": { - "activity": { - "resource_type": "activity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeActivity.html" - }, - "DescribeExecution": { - "privilege": "DescribeExecution", - "description": "Grants permission to describe an execution", - "access_level": "Read", - "resource_types": { - "execution": { - "resource_type": "execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "express": { - "resource_type": "express", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeExecution.html" - }, - "DescribeMapRun": { - "privilege": "DescribeMapRun", - "description": "Grants permission to describe a map run", - "access_level": "Read", - "resource_types": { - "maprun": { - "resource_type": "maprun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeMapRun.html" - }, - "DescribeStateMachine": { - "privilege": "DescribeStateMachine", - "description": "Grants permission to describe a state machine", - "access_level": "Read", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeStateMachine.html" - }, - "DescribeStateMachineAlias": { - "privilege": "DescribeStateMachineAlias", - "description": "Grants permission to describe a state machine alias", - "access_level": "Read", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeStateMachineAlias.html" - }, - "DescribeStateMachineForExecution": { - "privilege": "DescribeStateMachineForExecution", - "description": "Grants permission to describe the state machine for an execution", - "access_level": "Read", - "resource_types": { - "execution": { - "resource_type": "execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeStateMachineForExecution.html" - }, - "GetActivityTask": { - "privilege": "GetActivityTask", - "description": "Grants permission to be used by workers to retrieve a task (with the specified activity ARN) which has been scheduled for execution by a running state machine", - "access_level": "Write", - "resource_types": { - "activity": { - "resource_type": "activity", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_GetActivityTask.html" - }, - "GetExecutionHistory": { - "privilege": "GetExecutionHistory", - "description": "Grants permission to return the history of the specified execution as a list of events", - "access_level": "Read", - "resource_types": { - "execution": { - "resource_type": "execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_GetExecutionHistory.html" - }, - "ListActivities": { - "privilege": "ListActivities", - "description": "Grants permission to list the existing activities", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListActivities.html" - }, - "ListExecutions": { - "privilege": "ListExecutions", - "description": "Grants permission to list the executions of a state machine", - "access_level": "List", - "resource_types": { - "maprun": { - "resource_type": "maprun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListExecutions.html" - }, - "ListMapRuns": { - "privilege": "ListMapRuns", - "description": "Grants permission to list the map runs of an execution", - "access_level": "List", - "resource_types": { - "execution": { - "resource_type": "execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListMapRuns.html" - }, - "ListStateMachineAliases": { - "privilege": "ListStateMachineAliases", - "description": "Grants permission to list the aliases of a state machine", - "access_level": "List", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListStateMachineAliases.html" - }, - "ListStateMachineVersions": { - "privilege": "ListStateMachineVersions", - "description": "Grants permission to list the versions of a state machine", - "access_level": "List", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListStateMachineVersions.html" - }, - "ListStateMachines": { - "privilege": "ListStateMachines", - "description": "Grants permission to lists the existing state machines", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListStateMachines.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS Step Functions resource", - "access_level": "List", - "resource_types": { - "activity": { - "resource_type": "activity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "statemachine": { - "resource_type": "statemachine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListTagsForResource.html" - }, - "PublishStateMachineVersion": { - "privilege": "PublishStateMachineVersion", - "description": "Grants permission to publish a state machine version", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_PublishStateMachineVersion.html" - }, - "SendTaskFailure": { - "privilege": "SendTaskFailure", - "description": "Grants permission to report that the task identified by the taskToken failed", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_SendTaskFailure.html" - }, - "SendTaskHeartbeat": { - "privilege": "SendTaskHeartbeat", - "description": "Grants permission to report to the service that the task represented by the specified taskToken is still making progress", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_SendTaskHeartbeat.html" - }, - "SendTaskSuccess": { - "privilege": "SendTaskSuccess", - "description": "Grants permission to report that the task identified by the taskToken completed successfully", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_SendTaskSuccess.html" - }, - "StartExecution": { - "privilege": "StartExecution", - "description": "Grants permission to start a state machine execution", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html" - }, - "StartSyncExecution": { - "privilege": "StartSyncExecution", - "description": "Grants permission to start a Synchronous Express state machine execution", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html" - }, - "StopExecution": { - "privilege": "StopExecution", - "description": "Grants permission to stop an execution", - "access_level": "Write", - "resource_types": { - "execution": { - "resource_type": "execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_StopExecution.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS Step Functions resource", - "access_level": "Tagging", - "resource_types": { - "activity": { - "resource_type": "activity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "statemachine": { - "resource_type": "statemachine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a tag from an AWS Step Functions resource", - "access_level": "Tagging", - "resource_types": { - "activity": { - "resource_type": "activity", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "statemachine": { - "resource_type": "statemachine", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UntagResource.html" - }, - "UpdateMapRun": { - "privilege": "UpdateMapRun", - "description": "Grants permission to update a map run", - "access_level": "Write", - "resource_types": { - "maprun": { - "resource_type": "maprun", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateMapRun.html" - }, - "UpdateStateMachine": { - "privilege": "UpdateStateMachine", - "description": "Grants permission to update a state machine", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "states:PublishStateMachineVersion" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateStateMachine.html" - }, - "UpdateStateMachineAlias": { - "privilege": "UpdateStateMachineAlias", - "description": "Grants permission to update a state machine alias", - "access_level": "Write", - "resource_types": { - "statemachine": { - "resource_type": "statemachine", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "states:StateMachineQualifier" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateStateMachineAlias.html" - } - }, - "resources": { - "activity": { - "resource": "activity", - "arn": "arn:${Partition}:states:${Region}:${Account}:activity:${ActivityName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "execution": { - "resource": "execution", - "arn": "arn:${Partition}:states:${Region}:${Account}:execution:${StateMachineName}:${ExecutionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "express": { - "resource": "express", - "arn": "arn:${Partition}:states:${Region}:${Account}:express:${StateMachineName}:${ExecutionId}:${ExpressId}", - "condition_keys": [] - }, - "statemachine": { - "resource": "statemachine", - "arn": "arn:${Partition}:states:${Region}:${Account}:stateMachine:${StateMachineName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "statemachineversion": { - "resource": "statemachineversion", - "arn": "arn:${Partition}:states:${Region}:${Account}:stateMachine:${StateMachineName}:${StateMachineVersionId}", - "condition_keys": [] - }, - "statemachinealias": { - "resource": "statemachinealias", - "arn": "arn:${Partition}:states:${Region}:${Account}:stateMachine:${StateMachineName}:${StateMachineAliasName}", - "condition_keys": [] - }, - "maprun": { - "resource": "maprun", - "arn": "arn:${Partition}:states:${Region}:${Account}:mapRun:${StateMachineName}/${MapRunLabel}:${MapRunId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag key and value pair that is allowed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by a tag key and value pair of a resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by a list of tag keys that are allowed in the request", - "type": "ArrayOfString" - }, - "states:StateMachineQualifier": { - "condition": "states:StateMachineQualifier", - "description": "Filters access by the qualifier of a state machine ARN", - "type": "String" - } - } - }, - "scn": { - "service_name": "AWS Supply Chain", - "prefix": "scn", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html", - "privileges": { - "AssignAdminPermissionsToUser": { - "privilege": "AssignAdminPermissionsToUser", - "description": "Grants permission to add AWS Supply Chain administrator permission to federated user", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "CreateInstance": { - "privilege": "CreateInstance", - "description": "Grants permission to create a new AWS Supply Chain instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "CreateSSOApplication": { - "privilege": "CreateSSOApplication", - "description": "Grants permission to create IAM Identity Center application for a AWS Supply Chain instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "DeleteInstance": { - "privilege": "DeleteInstance", - "description": "Grants permission to delete an AWS Supply Chain instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "DeleteSSOApplication": { - "privilege": "DeleteSSOApplication", - "description": "Grants permission to delete IAM Identity Center application of the AWS Supply Chain instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "DescribeInstance": { - "privilege": "DescribeInstance", - "description": "Grants permission to view details of an AWS Supply Chain instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "ListAdminUsers": { - "privilege": "ListAdminUsers", - "description": "Grants permission to list AWS Supply Chain administrators of an instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "ListInstances": { - "privilege": "ListInstances", - "description": "Grants permission to view the AWS Supply Chain instances associated with an AWS account", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS Supply Chain instance", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "RemoveAdminPermissionsForUser": { - "privilege": "RemoveAdminPermissionsForUser", - "description": "Grants permission to remove AWS Supply Chain administrator permission from federated user", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS Supply Chain instance", - "access_level": "Tagging", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tag from an AWS Supply Chain instance", - "access_level": "Tagging", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - }, - "UpdateInstance": { - "privilege": "UpdateInstance", - "description": "Grants permission to update an AWS Supply Chain instance", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" - } - }, - "resources": { - "instance": { - "resource": "instance", - "arn": "arn:${Partition}:scn:${Region}:${Account}:instance/${InstanceId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by using tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by using tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by using tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "support": { - "service_name": "AWS Support", - "prefix": "support", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupport.html", - "privileges": { - "AddAttachmentsToSet": { - "privilege": "AddAttachmentsToSet", - "description": "Grants permission to add one or more attachments to an AWS Support case", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_AddAttachmentsToSet.html" - }, - "AddCommunicationToCase": { - "privilege": "AddCommunicationToCase", - "description": "Grants permission to add a customer communication to an AWS Support case", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_AddCommunicationToCase.html" - }, - "CreateCase": { - "privilege": "CreateCase", - "description": "Grants permission to creates a new AWS Support case", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_CreateCase.html" - }, - "DescribeAttachment": { - "privilege": "DescribeAttachment", - "description": "Grants permission to describe attachment detail", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeAttachment.html" - }, - "DescribeCaseAttributes": { - "privilege": "DescribeCaseAttributes", - "description": "Grants permission to allow secondary services to read AWS Support case attributes.This is an internally managed function", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - }, - "DescribeCases": { - "privilege": "DescribeCases", - "description": "Grants permission to list AWS Support cases that matches the given inputs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeCases.html" - }, - "DescribeCommunications": { - "privilege": "DescribeCommunications", - "description": "Grants permission to list the communications and attachments for one or more AWS Support cases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeCommunications.html" - }, - "DescribeCreateCaseOptions": { - "privilege": "DescribeCreateCaseOptions", - "description": "Grants permission to describes the available options for creating a support case", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeCreateCaseOptions.html" - }, - "DescribeIssueTypes": { - "privilege": "DescribeIssueTypes", - "description": "Grants permission to return issue types for AWS Support cases", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - }, - "DescribeServices": { - "privilege": "DescribeServices", - "description": "Grants permission to list AWS services and categories that applies to each service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeServices.html" - }, - "DescribeSeverityLevels": { - "privilege": "DescribeSeverityLevels", - "description": "Grants permission to list severity levels that can be assigned to an AWS Support case", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeSeverityLevels.html" - }, - "DescribeSupportLevel": { - "privilege": "DescribeSupportLevel", - "description": "Grants permission to return the support level for an AWS Account identifier", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - }, - "DescribeSupportedLanguages": { - "privilege": "DescribeSupportedLanguages", - "description": "Grants permission to describes the available support languages for a given category code, service code and issue type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeSupportedLanguages.html" - }, - "DescribeTrustedAdvisorCheckRefreshStatuses": { - "privilege": "DescribeTrustedAdvisorCheckRefreshStatuses", - "description": "Grants permission to get the status of a Trusted Advisor refresh check based on a list of check identifiers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorCheckRefreshStatuses.html" - }, - "DescribeTrustedAdvisorCheckResult": { - "privilege": "DescribeTrustedAdvisorCheckResult", - "description": "Grants permission to get the results of the Trusted Advisor check that has the specified check identifier", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorCheckResult.html" - }, - "DescribeTrustedAdvisorCheckSummaries": { - "privilege": "DescribeTrustedAdvisorCheckSummaries", - "description": "Grants permission to get the summaries of the results of the Trusted Advisor checks that have the specified check identifiers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorCheckSummaries.html" - }, - "DescribeTrustedAdvisorChecks": { - "privilege": "DescribeTrustedAdvisorChecks", - "description": "Grants permission to get a list of all available Trusted Advisor checks, including name, identifier, category and description", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorChecks.html" - }, - "InitiateCallForCase": { - "privilege": "InitiateCallForCase", - "description": "Grants permission to initiate a call on AWS Support Center. This is an internally managed function", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - }, - "InitiateChatForCase": { - "privilege": "InitiateChatForCase", - "description": "Grants permission to initiate a chat on AWS Support Center.This is an internally managed function", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - }, - "PutCaseAttributes": { - "privilege": "PutCaseAttributes", - "description": "Grants permission to allow secondary services to attach attributes to AWS Support cases. This is an internally managed function", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - }, - "RateCaseCommunication": { - "privilege": "RateCaseCommunication", - "description": "Grants permission to rate an AWS Support case communication", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - }, - "RefreshTrustedAdvisorCheck": { - "privilege": "RefreshTrustedAdvisorCheck", - "description": "Grants permission to requests a refresh of the Trusted Advisor check that has the specified check identifier", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_RefreshTrustedAdvisorCheck.html" - }, - "ResolveCase": { - "privilege": "ResolveCase", - "description": "Grants permission to resolve an AWS Support case", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_ResolveCase.html" - }, - "SearchForCases": { - "privilege": "SearchForCases", - "description": "Grants permission to return a list of AWS Support cases that matches the given inputs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" - } - }, - "resources": {}, - "conditions": {} - }, - "supportapp": { - "service_name": "AWS Support App for Slack", - "prefix": "supportapp", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupportappforslack.html", - "privileges": { - "CreateSlackChannelConfiguration": { - "privilege": "CreateSlackChannelConfiguration", - "description": "Grants permission to create a Slack channel configuration for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_CreateSlackChannelConfiguration.html" - }, - "DeleteAccountAlias": { - "privilege": "DeleteAccountAlias", - "description": "Grants permission to delete an alias from your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_DeleteAccountAlias.html" - }, - "DeleteSlackChannelConfiguration": { - "privilege": "DeleteSlackChannelConfiguration", - "description": "Grants permission to delete a Slack channel configuration from your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_DeleteSlackChannelConfiguration.html" - }, - "DeleteSlackWorkspaceConfiguration": { - "privilege": "DeleteSlackWorkspaceConfiguration", - "description": "Grants permission to delete a Slack workspace configuration from your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_DeleteSlackWorkspaceConfiguration.html" - }, - "GetAccountAlias": { - "privilege": "GetAccountAlias", - "description": "Grants permission to get the alias for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_GetAccountAlias.html" - }, - "ListSlackChannelConfigurations": { - "privilege": "ListSlackChannelConfigurations", - "description": "Grants permission to list all Slack channel configurations for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_ListSlackChannelConfigurations.html" - }, - "ListSlackWorkspaceConfigurations": { - "privilege": "ListSlackWorkspaceConfigurations", - "description": "Grants permission to list all Slack workspace configurations for your account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_ListSlackWorkspaceConfigurations.html" - }, - "PutAccountAlias": { - "privilege": "PutAccountAlias", - "description": "Grants permission to create or update an alias for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_PutAccountAlias.html" - }, - "RegisterSlackWorkspaceForOrganization": { - "privilege": "RegisterSlackWorkspaceForOrganization", - "description": "Grants permission to register a Slack workspace for an AWS account that is part of an organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_RegisterSlackWorkspaceForOrganization.html" - }, - "UpdateSlackChannelConfiguration": { - "privilege": "UpdateSlackChannelConfiguration", - "description": "Grants permission to update a Slack channel configuration for your account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_UpdateSlackChannelConfiguration.html" - }, - "DescribeSlackChannels": { - "privilege": "DescribeSlackChannels", - "description": "Grants permission to list all public Slack channels in a workspace that have invited the AWS Support App", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/slack-authorization-permissions.html" - }, - "GetSlackOauthParameters": { - "privilege": "GetSlackOauthParameters", - "description": "Grants permission to get parameters for the Slack OAuth code, which the AWS Support App uses to authorize the workspace", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/slack-authorization-permissions.html" - }, - "RedeemSlackOauthCode": { - "privilege": "RedeemSlackOauthCode", - "description": "Grants permission to redeem the Slack OAuth code, which the AWS Support App uses to authorize the workspace", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/slack-authorization-permissions.html" - } - }, - "resources": {}, - "conditions": {} - }, - "supportplans": { - "service_name": "AWS Support Plans", - "prefix": "supportplans", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupportplans.html", - "privileges": { - "CreateSupportPlanSchedule": { - "privilege": "CreateSupportPlanSchedule", - "description": "Grants permission to create support plan schedules for this AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" - }, - "GetSupportPlan": { - "privilege": "GetSupportPlan", - "description": "Grants permission to view details about the current support plan for this AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" - }, - "GetSupportPlanUpdateStatus": { - "privilege": "GetSupportPlanUpdateStatus", - "description": "Grants permission to view details about the status for a request to update a support plan", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" - }, - "StartSupportPlanUpdate": { - "privilege": "StartSupportPlanUpdate", - "description": "Grants permission to update the support plan for this AWS account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" - } - }, - "resources": {}, - "conditions": {} - }, - "sustainability": { - "service_name": "AWS Sustainability", - "prefix": "sustainability", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssustainability.html", - "privileges": { - "GetCarbonFootprintSummary": { - "privilege": "GetCarbonFootprintSummary", - "description": "Grants permission to view the carbon footprint tool", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - } - }, - "resources": {}, - "conditions": {} - }, - "ssm": { - "service_name": "AWS Systems Manager", - "prefix": "ssm", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanager.html", - "privileges": { - "AddTagsToResource": { - "privilege": "AddTagsToResource", - "description": "Grants permission to add or overwrite one or more tags for a specified AWS resource", - "access_level": "Tagging", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "automation-execution": { - "resource_type": "automation-execution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document": { - "resource_type": "document", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "opsitem": { - "resource_type": "opsitem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "opsmetadata": { - "resource_type": "opsmetadata", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parameter": { - "resource_type": "parameter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "patchbaseline": { - "resource_type": "patchbaseline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_AddTagsToResource.html" - }, - "AssociateOpsItemRelatedItem": { - "privilege": "AssociateOpsItemRelatedItem", - "description": "Grants permission to associate RelatedItem to an OpsItem", - "access_level": "Write", - "resource_types": { - "opsitem": { - "resource_type": "opsitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_AssociateOpsItemRelatedItem.html" - }, - "CancelCommand": { - "privilege": "CancelCommand", - "description": "Grants permission to cancel a specified Run Command command", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CancelCommand.html" - }, - "CancelMaintenanceWindowExecution": { - "privilege": "CancelMaintenanceWindowExecution", - "description": "Grants permission to cancel an in-progress maintenance window execution", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CancelMaintenanceWindowExecution.html" - }, - "CreateActivation": { - "privilege": "CreateActivation", - "description": "Grants permission to create an activation that is used to register on-premises servers and virtual machines (VMs) with Systems Manager", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateActivation.html" - }, - "CreateAssociation": { - "privilege": "CreateAssociation", - "description": "Grants permission to associate a specified Systems Manager document with specified instances or other targets", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociation.html" - }, - "CreateAssociationBatch": { - "privilege": "CreateAssociationBatch", - "description": "Grants permission to combine entries for multiple CreateAssociation operations in a single command", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociationBatch.html" - }, - "CreateDocument": { - "privilege": "CreateDocument", - "description": "Grants permission to create a Systems Manager SSM document", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateDocument.html" - }, - "CreateMaintenanceWindow": { - "privilege": "CreateMaintenanceWindow", - "description": "Grants permission to create a maintenance window", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateMaintenanceWindow.html" - }, - "CreateOpsItem": { - "privilege": "CreateOpsItem", - "description": "Grants permission to create an OpsItem in OpsCenter", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateOpsItem.html" - }, - "CreateOpsMetadata": { - "privilege": "CreateOpsMetadata", - "description": "Grants permission to create an OpsMetadata object for an AWS resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateOpsMetadata.html" - }, - "CreatePatchBaseline": { - "privilege": "CreatePatchBaseline", - "description": "Grants permission to create a patch baseline", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreatePatchBaseline.html" - }, - "CreateResourceDataSync": { - "privilege": "CreateResourceDataSync", - "description": "Grants permission to create a resource data sync configuration, which regularly collects inventory data from managed instances and updates the data in an Amazon S3 bucket", - "access_level": "Write", - "resource_types": { - "resourcedatasync": { - "resource_type": "resourcedatasync", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SyncType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateResourceDataSync.html" - }, - "DeleteActivation": { - "privilege": "DeleteActivation", - "description": "Grants permission to delete a specified activation for managed instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteActivation.html" - }, - "DeleteAssociation": { - "privilege": "DeleteAssociation", - "description": "Grants permission to disassociate a specified SSM document from a specified instance", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document": { - "resource_type": "document", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteAssociation.html" - }, - "DeleteDocument": { - "privilege": "DeleteDocument", - "description": "Grants permission to delete a specified SSM document and its instance associations", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteDocument.html" - }, - "DeleteInventory": { - "privilege": "DeleteInventory", - "description": "Grants permission to delete a specified custom inventory type, or the data associated with a custom inventory type", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteInventory.html" - }, - "DeleteMaintenanceWindow": { - "privilege": "DeleteMaintenanceWindow", - "description": "Grants permission to delete a specified maintenance window", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteMaintenanceWindow.html" - }, - "DeleteOpsMetadata": { - "privilege": "DeleteOpsMetadata", - "description": "Grants permission to delete an OpsMetadata object", - "access_level": "Write", - "resource_types": { - "opsmetadata": { - "resource_type": "opsmetadata", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteOpsMetadata.html" - }, - "DeleteParameter": { - "privilege": "DeleteParameter", - "description": "Grants permission to delete a specified SSM parameter", - "access_level": "Write", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteParameter.html" - }, - "DeleteParameters": { - "privilege": "DeleteParameters", - "description": "Grants permission to delete multiple specified SSM parameters", - "access_level": "Write", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteParameters.html" - }, - "DeletePatchBaseline": { - "privilege": "DeletePatchBaseline", - "description": "Grants permission to delete a specified patch baseline", - "access_level": "Write", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeletePatchBaseline.html" - }, - "DeleteResourceDataSync": { - "privilege": "DeleteResourceDataSync", - "description": "Grants permission to delete a specified resource data sync", - "access_level": "Write", - "resource_types": { - "resourcedatasync": { - "resource_type": "resourcedatasync", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SyncType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteResourceDataSync.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete a Systems Manager resource policy", - "access_level": "Permissions management", - "resource_types": { - "resourcearn": { - "resource_type": "resourcearn", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeregisterManagedInstance": { - "privilege": "DeregisterManagedInstance", - "description": "Grants permission to deregister a specified on-premises server or virtual machine (VM) from Systems Manager", - "access_level": "Write", - "resource_types": { - "managed-instance": { - "resource_type": "managed-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:resourceTag/tag-key" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterManagedInstance.html" - }, - "DeregisterPatchBaselineForPatchGroup": { - "privilege": "DeregisterPatchBaselineForPatchGroup", - "description": "Grants permission to deregister a specified patch baseline from being the default patch baseline for a specified patch group", - "access_level": "Write", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterPatchBaselineForPatchGroup.html" - }, - "DeregisterTargetFromMaintenanceWindow": { - "privilege": "DeregisterTargetFromMaintenanceWindow", - "description": "Grants permission to deregister a specified target from a maintenance window", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterTargetFromMaintenanceWindow.html" - }, - "DeregisterTaskFromMaintenanceWindow": { - "privilege": "DeregisterTaskFromMaintenanceWindow", - "description": "Grants permission to deregister a specified task from a maintenance window", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterTaskFromMaintenanceWindow.html" - }, - "DescribeActivations": { - "privilege": "DescribeActivations", - "description": "Grants permission to view details about a specified managed instance activation, such as when it was created and the number of instances registered using the activation", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeActivations.html" - }, - "DescribeAssociation": { - "privilege": "DescribeAssociation", - "description": "Grants permission to view details about the specified association for a specified instance or target", - "access_level": "Read", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document": { - "resource_type": "document", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAssociation.html" - }, - "DescribeAssociationExecutionTargets": { - "privilege": "DescribeAssociationExecutionTargets", - "description": "Grants permission to view information about a specified association execution", - "access_level": "Read", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAssociationExecutionTargets.html" - }, - "DescribeAssociationExecutions": { - "privilege": "DescribeAssociationExecutions", - "description": "Grants permission to view all executions for a specified association", - "access_level": "Read", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAssociationExecutions.html" - }, - "DescribeAutomationExecutions": { - "privilege": "DescribeAutomationExecutions", - "description": "Grants permission to view details about all active and terminated Automation executions", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAutomationExecutions.html" - }, - "DescribeAutomationStepExecutions": { - "privilege": "DescribeAutomationStepExecutions", - "description": "Grants permission to view information about all active and terminated step executions in an Automation workflow", - "access_level": "Read", - "resource_types": { - "automation-execution": { - "resource_type": "automation-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAutomationStepExecutions.html" - }, - "DescribeAvailablePatches": { - "privilege": "DescribeAvailablePatches", - "description": "Grants permission to view all patches eligible to include in a patch baseline", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAvailablePatches.html" - }, - "DescribeDocument": { - "privilege": "DescribeDocument", - "description": "Grants permission to view details about a specified SSM document", - "access_level": "Read", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeDocument.html" - }, - "DescribeDocumentParameters": { - "privilege": "DescribeDocumentParameters", - "description": "Grants permission to display information about SSM document parameters in the Systems Manager console (internal Systems Manager action)", - "access_level": "Read", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "DescribeDocumentPermission": { - "privilege": "DescribeDocumentPermission", - "description": "Grants permission to view the permissions for a specified SSM document", - "access_level": "Read", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeDocumentPermission.html" - }, - "DescribeEffectiveInstanceAssociations": { - "privilege": "DescribeEffectiveInstanceAssociations", - "description": "Grants permission to view all current associations for a specified instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeEffectiveInstanceAssociations.html" - }, - "DescribeEffectivePatchesForPatchBaseline": { - "privilege": "DescribeEffectivePatchesForPatchBaseline", - "description": "Grants permission to view details about the patches currently associated with the specified patch baseline (Windows only)", - "access_level": "Read", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeEffectivePatchesForPatchBaseline.html" - }, - "DescribeInstanceAssociationsStatus": { - "privilege": "DescribeInstanceAssociationsStatus", - "description": "Grants permission to view the status of the associations for a specified instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstanceAssociationsStatus.html" - }, - "DescribeInstanceInformation": { - "privilege": "DescribeInstanceInformation", - "description": "Grants permission to view details about a specified instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstanceInformation.html" - }, - "DescribeInstancePatchStates": { - "privilege": "DescribeInstancePatchStates", - "description": "Grants permission to view status details about patches on a specified instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstancePatchStates.html" - }, - "DescribeInstancePatchStatesForPatchGroup": { - "privilege": "DescribeInstancePatchStatesForPatchGroup", - "description": "Grants permission to describe the high-level patch state for the instances in the specified patch group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstancePatchStatesForPatchGroup.html" - }, - "DescribeInstancePatches": { - "privilege": "DescribeInstancePatches", - "description": "Grants permission to view general details about the patches on a specified instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstancePatches.html" - }, - "DescribeInstanceProperties": { - "privilege": "DescribeInstanceProperties", - "description": "Grants permission to user's Amazon EC2 console to render managed instances' nodes", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "DescribeInventoryDeletions": { - "privilege": "DescribeInventoryDeletions", - "description": "Grants permission to view details about a specified inventory deletion", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInventoryDeletions.html" - }, - "DescribeMaintenanceWindowExecutionTaskInvocations": { - "privilege": "DescribeMaintenanceWindowExecutionTaskInvocations", - "description": "Grants permission to view details of a specified task execution for a maintenance window", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowExecutionTaskInvocations.html" - }, - "DescribeMaintenanceWindowExecutionTasks": { - "privilege": "DescribeMaintenanceWindowExecutionTasks", - "description": "Grants permission to view details about the tasks that ran during a specified maintenance window execution", - "access_level": "List", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowExecutionTasks.html" - }, - "DescribeMaintenanceWindowExecutions": { - "privilege": "DescribeMaintenanceWindowExecutions", - "description": "Grants permission to view the executions of a specified maintenance window", - "access_level": "List", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowExecutions.html" - }, - "DescribeMaintenanceWindowSchedule": { - "privilege": "DescribeMaintenanceWindowSchedule", - "description": "Grants permission to view details about upcoming executions of a specified maintenance window", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowSchedule.html" - }, - "DescribeMaintenanceWindowTargets": { - "privilege": "DescribeMaintenanceWindowTargets", - "description": "Grants permission to view a list of the targets associated with a specified maintenance window", - "access_level": "List", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowTargets.html" - }, - "DescribeMaintenanceWindowTasks": { - "privilege": "DescribeMaintenanceWindowTasks", - "description": "Grants permission to view a list of the tasks associated with a specified maintenance window", - "access_level": "List", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowTasks.html" - }, - "DescribeMaintenanceWindows": { - "privilege": "DescribeMaintenanceWindows", - "description": "Grants permission to view information about all or specified maintenance windows", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindows.html" - }, - "DescribeMaintenanceWindowsForTarget": { - "privilege": "DescribeMaintenanceWindowsForTarget", - "description": "Grants permission to view information about the maintenance window targets and tasks associated with a specified instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowsForTarget.html" - }, - "DescribeOpsItems": { - "privilege": "DescribeOpsItems", - "description": "Grants permission to view details about specified OpsItems", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeOpsItems.html" - }, - "DescribeParameters": { - "privilege": "DescribeParameters", - "description": "Grants permission to view details about a specified SSM parameter", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeParameters.html" - }, - "DescribePatchBaselines": { - "privilege": "DescribePatchBaselines", - "description": "Grants permission to view information about patch baselines that meet the specified criteria", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchBaselines.html" - }, - "DescribePatchGroupState": { - "privilege": "DescribePatchGroupState", - "description": "Grants permission to view aggregated status details for patches for a specified patch group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchGroupState.html" - }, - "DescribePatchGroups": { - "privilege": "DescribePatchGroups", - "description": "Grants permission to view information about the patch baseline for a specified patch group", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchGroups.html" - }, - "DescribePatchProperties": { - "privilege": "DescribePatchProperties", - "description": "Grants permission to view details of available patches for a specified operating system and patch property", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchProperties.html" - }, - "DescribeSessions": { - "privilege": "DescribeSessions", - "description": "Grants permission to view a list of recent Session Manager sessions that meet the specified search criteria", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeSessions.html" - }, - "DisassociateOpsItemRelatedItem": { - "privilege": "DisassociateOpsItemRelatedItem", - "description": "Grants permission to disassociate RelatedItem from an OpsItem", - "access_level": "Write", - "resource_types": { - "opsitem": { - "resource_type": "opsitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DisassociateOpsItemRelatedItem.html" - }, - "GetAutomationExecution": { - "privilege": "GetAutomationExecution", - "description": "Grants permission to view details of a specified Automation execution", - "access_level": "Read", - "resource_types": { - "automation-execution": { - "resource_type": "automation-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_AutomationExecution.html" - }, - "GetCalendar": { - "privilege": "GetCalendar", - "description": "Grants permission to view details of a specific calendar", - "access_level": "Read", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar-prereqs.html" - }, - "GetCalendarState": { - "privilege": "GetCalendarState", - "description": "Grants permission to view the calendar state for a change calendar or a list of change calendars", - "access_level": "Read", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetCalendarState.html" - }, - "GetCommandInvocation": { - "privilege": "GetCommandInvocation", - "description": "Grants permission to view details about the command execution of a specified invocation or plugin", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetCommandInvocation.html" - }, - "GetConnectionStatus": { - "privilege": "GetConnectionStatus", - "description": "Grants permission to view the Session Manager connection status for a specified managed instance", - "access_level": "Read", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:resourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetConnectionStatus.html" - }, - "GetDefaultPatchBaseline": { - "privilege": "GetDefaultPatchBaseline", - "description": "Grants permission to view the current default patch baseline for a specified operating system type", - "access_level": "Read", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetDefaultPatchBaseline.html" - }, - "GetDeployablePatchSnapshotForInstance": { - "privilege": "GetDeployablePatchSnapshotForInstance", - "description": "Grants permission to retrieve the current patch baseline snapshot for a specified instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetDeployablePatchSnapshotForInstance.html" - }, - "GetDocument": { - "privilege": "GetDocument", - "description": "Grants permission to view the contents of a specified SSM document", - "access_level": "Read", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:DocumentCategories" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetDocument.html" - }, - "GetInventory": { - "privilege": "GetInventory", - "description": "Grants permission to view instance inventory details per the specified criteria", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetInventory.html" - }, - "GetInventorySchema": { - "privilege": "GetInventorySchema", - "description": "Grants permission to view a list of inventory types or attribute names for a specified inventory item type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetInventorySchema.html" - }, - "GetMaintenanceWindow": { - "privilege": "GetMaintenanceWindow", - "description": "Grants permission to view details about a specified maintenance window", - "access_level": "Read", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindow.html" - }, - "GetMaintenanceWindowExecution": { - "privilege": "GetMaintenanceWindowExecution", - "description": "Grants permission to view details about a specified maintenance window execution", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowExecution.html" - }, - "GetMaintenanceWindowExecutionTask": { - "privilege": "GetMaintenanceWindowExecutionTask", - "description": "Grants permission to view details about a specified maintenance window execution task", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowExecutionTask.html" - }, - "GetMaintenanceWindowExecutionTaskInvocation": { - "privilege": "GetMaintenanceWindowExecutionTaskInvocation", - "description": "Grants permission to view details about a specific maintenance window task running on a specific target", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowExecutionTaskInvocation.html" - }, - "GetMaintenanceWindowTask": { - "privilege": "GetMaintenanceWindowTask", - "description": "Grants permission to view details about tasks registered with a specified maintenance window", - "access_level": "Read", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowTask.html" - }, - "GetManifest": { - "privilege": "GetManifest", - "description": "Grants permission to Systems Manager and SSM Agent to determine package installation requirements for an instance (internal Systems Manager call)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "GetOpsItem": { - "privilege": "GetOpsItem", - "description": "Grants permission to view information about a specified OpsItem", - "access_level": "Read", - "resource_types": { - "opsitem": { - "resource_type": "opsitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetOpsItem.html" - }, - "GetOpsMetadata": { - "privilege": "GetOpsMetadata", - "description": "Grants permission to retrieve an OpsMetadata object", - "access_level": "Read", - "resource_types": { - "opsmetadata": { - "resource_type": "opsmetadata", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetOpsMetadata.html" - }, - "GetOpsSummary": { - "privilege": "GetOpsSummary", - "description": "Grants permission to view summary information about OpsItems based on specified filters and aggregators", - "access_level": "Read", - "resource_types": { - "resourcedatasync": { - "resource_type": "resourcedatasync", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetOpsSummary.html" - }, - "GetParameter": { - "privilege": "GetParameter", - "description": "Grants permission to view information about a specified parameter", - "access_level": "Read", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParameter.html" - }, - "GetParameterHistory": { - "privilege": "GetParameterHistory", - "description": "Grants permission to view details and changes for a specified parameter", - "access_level": "Read", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParameterHistory.html" - }, - "GetParameters": { - "privilege": "GetParameters", - "description": "Grants permission to view information about multiple specified parameters", - "access_level": "Read", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParameters.html" - }, - "GetParametersByPath": { - "privilege": "GetParametersByPath", - "description": "Grants permission to view information about parameters in a specified hierarchy", - "access_level": "Read", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:Recursive" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParametersByPath.html" - }, - "GetPatchBaseline": { - "privilege": "GetPatchBaseline", - "description": "Grants permission to view information about a specified patch baseline", - "access_level": "Read", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetPatchBaseline.html" - }, - "GetPatchBaselineForPatchGroup": { - "privilege": "GetPatchBaselineForPatchGroup", - "description": "Grants permission to view the ID of the current patch baseline for a specified patch group", - "access_level": "Read", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetPatchBaselineForPatchGroup.html" - }, - "GetResourcePolicies": { - "privilege": "GetResourcePolicies", - "description": "Grants permission to retrieve lists of Systems Manager resource policies", - "access_level": "List", - "resource_types": { - "resourcearn": { - "resource_type": "resourcearn", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetResourcePolicies.html" - }, - "GetServiceSetting": { - "privilege": "GetServiceSetting", - "description": "Grants permission to view the account-level setting for an AWS service", - "access_level": "Read", - "resource_types": { - "servicesetting": { - "resource_type": "servicesetting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetServiceSetting.html" - }, - "LabelParameterVersion": { - "privilege": "LabelParameterVersion", - "description": "Grants permission to apply an identifying label to a specified version of a parameter", - "access_level": "Write", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_LabelParameterVersion.html" - }, - "ListAssociationVersions": { - "privilege": "ListAssociationVersions", - "description": "Grants permission to list versions of the specified association", - "access_level": "List", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListAssociationVersions.html" - }, - "ListAssociations": { - "privilege": "ListAssociations", - "description": "Grants permission to list the associations for a specified SSM document or managed instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListAssociations.html" - }, - "ListCommandInvocations": { - "privilege": "ListCommandInvocations", - "description": "Grants permission to list information about command invocations sent to a specified instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListCommandInvocations.html" - }, - "ListCommands": { - "privilege": "ListCommands", - "description": "Grants permission to list the commands sent to a specified instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListCommands.html" - }, - "ListComplianceItems": { - "privilege": "ListComplianceItems", - "description": "Grants permission to list compliance status for specified resource types on a specified resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListComplianceItems.html" - }, - "ListComplianceSummaries": { - "privilege": "ListComplianceSummaries", - "description": "Grants permission to list a summary count of compliant and noncompliant resources for a specified compliance type", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListComplianceSummaries.html" - }, - "ListDocumentMetadataHistory": { - "privilege": "ListDocumentMetadataHistory", - "description": "Grants permission to view metadata history about a specified SSM document", - "access_level": "List", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListDocumentMetadataHistory.html" - }, - "ListDocumentVersions": { - "privilege": "ListDocumentVersions", - "description": "Grants permission to list all versions of a specified document", - "access_level": "List", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListDocumentVersions.html" - }, - "ListDocuments": { - "privilege": "ListDocuments", - "description": "Grants permission to view information about a specified SSM document", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListDocuments.html" - }, - "ListInstanceAssociations": { - "privilege": "ListInstanceAssociations", - "description": "Grants permission to SSM Agent to check for new State Manager associations (internal Systems Manager call)", - "access_level": "List", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "ListInventoryEntries": { - "privilege": "ListInventoryEntries", - "description": "Grants permission to view a list of specified inventory types for a specified instance", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListInventoryEntries.html" - }, - "ListOpsItemEvents": { - "privilege": "ListOpsItemEvents", - "description": "Grants permission to view details about OpsItemEvents", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListOpsItemEvents.html" - }, - "ListOpsItemRelatedItems": { - "privilege": "ListOpsItemRelatedItems", - "description": "Grants permission to view details about OpsItem RelatedItems", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListOpsItemRelatedItems.html" - }, - "ListOpsMetadata": { - "privilege": "ListOpsMetadata", - "description": "Grants permission to view a list of OpsMetadata objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListOpsMetadata.html" - }, - "ListResourceComplianceSummaries": { - "privilege": "ListResourceComplianceSummaries", - "description": "Grants permission to list resource-level summary count", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListResourceComplianceSummaries.html" - }, - "ListResourceDataSync": { - "privilege": "ListResourceDataSync", - "description": "Grants permission to list information about resource data sync configurations in an account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SyncType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListResourceDataSync.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to view a list of resource tags for a specified resource", - "access_level": "List", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "automation-execution": { - "resource_type": "automation-execution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document": { - "resource_type": "document", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "opsitem": { - "resource_type": "opsitem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "opsmetadata": { - "resource_type": "opsmetadata", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parameter": { - "resource_type": "parameter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "patchbaseline": { - "resource_type": "patchbaseline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListTagsForResource.html" - }, - "ModifyDocumentPermission": { - "privilege": "ModifyDocumentPermission", - "description": "Grants permission to share a custom SSM document publicly or privately with specified AWS accounts", - "access_level": "Permissions management", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ModifyDocumentPermission.html" - }, - "PutCalendar": { - "privilege": "PutCalendar", - "description": "Grants permission to create/edit a specific calendar", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar-prereqs.html" - }, - "PutComplianceItems": { - "privilege": "PutComplianceItems", - "description": "Grants permission to register a compliance type and other compliance details on a specified resource", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutComplianceItems.html" - }, - "PutConfigurePackageResult": { - "privilege": "PutConfigurePackageResult", - "description": "Grants permission to SSM Agent to generate a report of the results of specific agent requests (internal Systems Manager call)", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "PutInventory": { - "privilege": "PutInventory", - "description": "Grants permission to add or update inventory items on multiple specified managed instances", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutInventory.html" - }, - "PutParameter": { - "privilege": "PutParameter", - "description": "Grants permission to create an SSM parameter", - "access_level": "Write", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ssm:Overwrite" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create or update a Systems Manager resource policy", - "access_level": "Permissions management", - "resource_types": { - "resourcearn": { - "resource_type": "resourcearn", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutResourcePolicy.html" - }, - "RegisterDefaultPatchBaseline": { - "privilege": "RegisterDefaultPatchBaseline", - "description": "Grants permission to specify the default patch baseline for an operating system type", - "access_level": "Write", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterDefaultPatchBaseline.html" - }, - "RegisterManagedInstance": { - "privilege": "RegisterManagedInstance", - "description": "Grants permission to register a Systems Manager Agent", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "RegisterPatchBaselineForPatchGroup": { - "privilege": "RegisterPatchBaselineForPatchGroup", - "description": "Grants permission to specify the default patch baseline for a specified patch group", - "access_level": "Write", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterPatchBaselineForPatchGroup.html" - }, - "RegisterTargetWithMaintenanceWindow": { - "privilege": "RegisterTargetWithMaintenanceWindow", - "description": "Grants permission to register a target with a specified maintenance window", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTargetWithMaintenanceWindow.html" - }, - "RegisterTaskWithMaintenanceWindow": { - "privilege": "RegisterTaskWithMaintenanceWindow", - "description": "Grants permission to register a task with a specified maintenance window", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTaskWithMaintenanceWindow.html" - }, - "RemoveTagsFromResource": { - "privilege": "RemoveTagsFromResource", - "description": "Grants permission to remove a specified tag key from a specified resource", - "access_level": "Tagging", - "resource_types": { - "association": { - "resource_type": "association", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "automation-execution": { - "resource_type": "automation-execution", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "document": { - "resource_type": "document", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "opsitem": { - "resource_type": "opsitem", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "opsmetadata": { - "resource_type": "opsmetadata", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "parameter": { - "resource_type": "parameter", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "patchbaseline": { - "resource_type": "patchbaseline", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RemoveTagsFromResource.html" - }, - "ResetServiceSetting": { - "privilege": "ResetServiceSetting", - "description": "Grants permission to reset the service setting for an AWS account to the default value", - "access_level": "Write", - "resource_types": { - "servicesetting": { - "resource_type": "servicesetting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ResetServiceSetting.html" - }, - "ResumeSession": { - "privilege": "ResumeSession", - "description": "Grants permission to reconnect a Session Manager session to a managed instance", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ResumeSession.html" - }, - "SendAutomationSignal": { - "privilege": "SendAutomationSignal", - "description": "Grants permission to send a signal to change the current behavior or status of a specified Automation execution", - "access_level": "Write", - "resource_types": { - "automation-execution": { - "resource_type": "automation-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendAutomationSignal.html" - }, - "SendCommand": { - "privilege": "SendCommand", - "description": "Grants permission to run commands on one or more specified managed instances", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "bucket": { - "resource_type": "bucket", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html" - }, - "StartAssociationsOnce": { - "privilege": "StartAssociationsOnce", - "description": "Grants permission to run a specified association manually", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartAssociationsOnce.html" - }, - "StartAutomationExecution": { - "privilege": "StartAutomationExecution", - "description": "Grants permission to initiate the execution of an Automation document", - "access_level": "Write", - "resource_types": { - "automation-definition": { - "resource_type": "automation-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartAutomationExecution.html" - }, - "StartChangeRequestExecution": { - "privilege": "StartChangeRequestExecution", - "description": "Grants permission to initiate the execution of an Automation Change Template document", - "access_level": "Write", - "resource_types": { - "automation-definition": { - "resource_type": "automation-definition", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys", - "ssm:AutoApprove" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartChangeRequestExecution.html" - }, - "StartSession": { - "privilege": "StartSession", - "description": "Grants permission to initiate a connection to a specified target for a Session Manager session", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "task": { - "resource_type": "task", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SessionDocumentAccessCheck", - "ssm:resourceTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartSession.html" - }, - "StopAutomationExecution": { - "privilege": "StopAutomationExecution", - "description": "Grants permission to stop a specified Automation execution that is already in progress", - "access_level": "Write", - "resource_types": { - "automation-execution": { - "resource_type": "automation-execution", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StopAutomationExecution.html" - }, - "TerminateSession": { - "privilege": "TerminateSession", - "description": "Grants permission to permanently end a Session Manager connection to an instance", - "access_level": "Write", - "resource_types": { - "session": { - "resource_type": "session", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_TerminateSession.html" - }, - "UnlabelParameterVersion": { - "privilege": "UnlabelParameterVersion", - "description": "Grants permission to remove an identifying label from a specified version of a parameter", - "access_level": "Write", - "resource_types": { - "parameter": { - "resource_type": "parameter", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UnlabelParameterVersion.html" - }, - "UpdateAssociation": { - "privilege": "UpdateAssociation", - "description": "Grants permission to update an association and immediately run the association on the specified targets", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "document": { - "resource_type": "document", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateAssociation.html" - }, - "UpdateAssociationStatus": { - "privilege": "UpdateAssociationStatus", - "description": "Grants permission to update the status of the SSM document associated with a specified instance", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateAssociationStatus.html" - }, - "UpdateDocument": { - "privilege": "UpdateDocument", - "description": "Grants permission to update one or more values for an SSM document", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateDocument.html" - }, - "UpdateDocumentDefaultVersion": { - "privilege": "UpdateDocumentDefaultVersion", - "description": "Grants permission to change the default version of an SSM document", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateDocumentDefaultVersion.html" - }, - "UpdateDocumentMetadata": { - "privilege": "UpdateDocumentMetadata", - "description": "Grants permission to update the metadata of an SSM document", - "access_level": "Write", - "resource_types": { - "document": { - "resource_type": "document", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateDocumentMetadata.html" - }, - "UpdateInstanceAssociationStatus": { - "privilege": "UpdateInstanceAssociationStatus", - "description": "Grants permission to SSM Agent to update the status of the association that it is currently running (internal Systems Manager call)", - "access_level": "Write", - "resource_types": { - "association": { - "resource_type": "association", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "UpdateInstanceInformation": { - "privilege": "UpdateInstanceInformation", - "description": "Grants permission to SSM Agent to send a heartbeat signal to the Systems Manager service in the cloud", - "access_level": "Write", - "resource_types": { - "instance": { - "resource_type": "instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managed-instance": { - "resource_type": "managed-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" - }, - "UpdateMaintenanceWindow": { - "privilege": "UpdateMaintenanceWindow", - "description": "Grants permission to update a specified maintenance window", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateMaintenanceWindow.html" - }, - "UpdateMaintenanceWindowTarget": { - "privilege": "UpdateMaintenanceWindowTarget", - "description": "Grants permission to update a specified maintenance window target", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "windowtarget": { - "resource_type": "windowtarget", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateMaintenanceWindowTarget.html" - }, - "UpdateMaintenanceWindowTask": { - "privilege": "UpdateMaintenanceWindowTask", - "description": "Grants permission to update a specified maintenance window task", - "access_level": "Write", - "resource_types": { - "maintenancewindow": { - "resource_type": "maintenancewindow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "windowtask": { - "resource_type": "windowtask", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateMaintenanceWindowTask.html" - }, - "UpdateManagedInstanceRole": { - "privilege": "UpdateManagedInstanceRole", - "description": "Grants permission to assign or change the IAM role assigned to a specified managed instance", - "access_level": "Write", - "resource_types": { - "managed-instance": { - "resource_type": "managed-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:resourceTag/tag-key" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateManagedInstanceRole.html" - }, - "UpdateOpsItem": { - "privilege": "UpdateOpsItem", - "description": "Grants permission to edit or change an OpsItem", - "access_level": "Write", - "resource_types": { - "opsitem": { - "resource_type": "opsitem", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateOpsItem.html" - }, - "UpdateOpsMetadata": { - "privilege": "UpdateOpsMetadata", - "description": "Grants permission to update an OpsMetadata object", - "access_level": "Write", - "resource_types": { - "opsmetadata": { - "resource_type": "opsmetadata", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateOpsMetadata.html" - }, - "UpdatePatchBaseline": { - "privilege": "UpdatePatchBaseline", - "description": "Grants permission to update a specified patch baseline", - "access_level": "Write", - "resource_types": { - "patchbaseline": { - "resource_type": "patchbaseline", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdatePatchBaseline.html" - }, - "UpdateResourceDataSync": { - "privilege": "UpdateResourceDataSync", - "description": "Grants permission to update a resource data sync", - "access_level": "Write", - "resource_types": { - "resourcedatasync": { - "resource_type": "resourcedatasync", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "ssm:SyncType" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateResourceDataSync.html" - }, - "UpdateServiceSetting": { - "privilege": "UpdateServiceSetting", - "description": "Grants permission to update the service setting for an AWS account", - "access_level": "Write", - "resource_types": { - "servicesetting": { - "resource_type": "servicesetting", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateServiceSetting.html" - } - }, - "resources": { - "association": { - "resource": "association", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:association/${AssociationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "automation-execution": { - "resource": "automation-execution", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:automation-execution/${AutomationExecutionId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/tag-key" - ] - }, - "automation-definition": { - "resource": "automation-definition", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:automation-definition/${AutomationDefinitionName}:${VersionId}", - "condition_keys": [] - }, - "bucket": { - "resource": "bucket", - "arn": "arn:${Partition}:s3:::${BucketName}", - "condition_keys": [] - }, - "document": { - "resource": "document", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:document/${DocumentName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:DocumentCategories" - ] - }, - "instance": { - "resource": "instance", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance/${InstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/${TagKey}" - ] - }, - "maintenancewindow": { - "resource": "maintenancewindow", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:maintenancewindow/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/tag-key" - ] - }, - "managed-instance": { - "resource": "managed-instance", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:managed-instance/${InstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/tag-key" - ] - }, - "managed-instance-inventory": { - "resource": "managed-instance-inventory", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:managed-instance-inventory/${InstanceId}", - "condition_keys": [] - }, - "opsitem": { - "resource": "opsitem", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:opsitem/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "opsmetadata": { - "resource": "opsmetadata", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:opsmetadata/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/${TagKey}" - ] - }, - "parameter": { - "resource": "parameter", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:parameter/${ParameterNameWithoutLeadingSlash}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/tag-key" - ] - }, - "patchbaseline": { - "resource": "patchbaseline", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:patchbaseline/${PatchBaselineIdResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}", - "ssm:resourceTag/tag-key" - ] - }, - "resourcearn": { - "resource": "resourcearn", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:opsitemgroup/default", - "condition_keys": [] - }, - "session": { - "resource": "session", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:session/${SessionId}", - "condition_keys": [] - }, - "resourcedatasync": { - "resource": "resourcedatasync", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:resource-data-sync/${SyncName}", - "condition_keys": [] - }, - "servicesetting": { - "resource": "servicesetting", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:servicesetting/${ResourceId}", - "condition_keys": [] - }, - "windowtarget": { - "resource": "windowtarget", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:windowtarget/${WindowTargetId}", - "condition_keys": [] - }, - "windowtask": { - "resource": "windowtask", - "arn": "arn:${Partition}:ssm:${Region}:${Account}:windowtask/${WindowTaskId}", - "condition_keys": [] - }, - "task": { - "resource": "task", - "arn": "arn:${Partition}:ecs:${Region}:${Account}:task/${TaskId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by 'Create' requests based on the allowed set of values for a specified tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by based on a tag key-value pair assigned to the AWS resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by 'Create' requests based on whether mandatory tags are included in the request", - "type": "ArrayOfString" - }, - "ssm:AutoApprove": { - "condition": "ssm:AutoApprove", - "description": "Filters access by verifying that a user has permission to start Change Manager workflows without a review step (with the exception of change freeze events)", - "type": "Bool" - }, - "ssm:DocumentCategories": { - "condition": "ssm:DocumentCategories", - "description": "Filters access by verifying that a user has permission to access a document belonging to a specific category enum", - "type": "ArrayOfString" - }, - "ssm:Overwrite": { - "condition": "ssm:Overwrite", - "description": "Controls whether Systems Manager parameters can be overwritten", - "type": "String" - }, - "ssm:Recursive": { - "condition": "ssm:Recursive", - "description": "Filters access to Systems Manager parameters created in a hierarchical structure", - "type": "String" - }, - "ssm:SessionDocumentAccessCheck": { - "condition": "ssm:SessionDocumentAccessCheck", - "description": "Filters access by verifying that a user has permission to access either the default Session Manager configuration document or the custom configuration document specified in a request", - "type": "Bool" - }, - "ssm:SyncType": { - "condition": "ssm:SyncType", - "description": "Filters access by verifying that a user also has access to the ResourceDataSync SyncType specified in the request", - "type": "String" - }, - "ssm:resourceTag/${TagKey}": { - "condition": "ssm:resourceTag/${TagKey}", - "description": "Filters access based on a tag key-value pair assigned to the Systems Manager resource", - "type": "String" - }, - "ssm:resourceTag/tag-key": { - "condition": "ssm:resourceTag/tag-key", - "description": "Filters access by based on a tag key-value pair assigned to the Systems Manager resource", - "type": "String" - } - } - }, - "ssm-sap": { - "service_name": "AWS Systems Manager for SAP", - "prefix": "ssm-sap", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerforsap.html", - "privileges": { - "BackupDatabase": { - "privilege": "BackupDatabase", - "description": "Grants permission to perform backup operation on a specified database", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "DeleteResourcePermission": { - "privilege": "DeleteResourcePermission", - "description": "Grants permission to delete the SSM for SAP level resource permissions associated with a SSM for SAP database resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "DeregisterApplication": { - "privilege": "DeregisterApplication", - "description": "Grants permission to deregister an SAP application with SSM for SAP", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "GetApplication": { - "privilege": "GetApplication", - "description": "Grants permission to access information about an application registered with SSM for SAP by providing the application ID or application ARN", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "GetComponent": { - "privilege": "GetComponent", - "description": "Grants permission to access information about a component registered with SSM for SAP by providing the application ID and component ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "GetDatabase": { - "privilege": "GetDatabase", - "description": "Grants permission to access information about a database registered with SSM for SAP by providing the application ID, component ID, and database ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "GetOperation": { - "privilege": "GetOperation", - "description": "Grants permission to access information about an operation by providing its operation ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "GetResourcePermission": { - "privilege": "GetResourcePermission", - "description": "Grants permission to get the SSM for SAP level resource permissions associated with a SSM for SAP database resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "ListApplications": { - "privilege": "ListApplications", - "description": "Grants permission to retrieve a list of all applications registered with SSM for SAP under the customer AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "ListComponents": { - "privilege": "ListComponents", - "description": "Grants permission to retrieve a list of all components in the account of customer, or a specific application", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "ListDatabases": { - "privilege": "ListDatabases", - "description": "Grants permission to retrieve a list of all databases in the account of customer, or a specific application", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "ListOperations": { - "privilege": "ListOperations", - "description": "Grants permission to retrieve a list of all operations in the account of customer, additional filters can be applied", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags on a specified resource ARN", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "PutResourcePermission": { - "privilege": "PutResourcePermission", - "description": "Grants permission to add the SSM for SAP level resource permissions associated with a SSM for SAP database resource", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "RegisterApplication": { - "privilege": "RegisterApplication", - "description": "Grants permission to registers an SAP application with SSM for SAP", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "RestoreDatabase": { - "privilege": "RestoreDatabase", - "description": "Grants permission to restore a database from another database", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a specified resource ARN", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a specified resource ARN", - "access_level": "Tagging", - "resource_types": { - "application": { - "resource_type": "application", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "database": { - "resource_type": "database", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "UpdateApplicationSettings": { - "privilege": "UpdateApplicationSettings", - "description": "Grants permission to update settings of a registered SSM for SAP application", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - }, - "UpdateHANABackupSettings": { - "privilege": "UpdateHANABackupSettings", - "description": "Grants permission to update the HANA backup settings of a specified database", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" - } - }, - "resources": { - "application": { - "resource": "application", - "arn": "arn:${Partition}:ssm-sap:${Region}:${Account}:${ApplicationType}/${ApplicationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "database": { - "resource": "database", - "arn": "arn:${Partition}:ssm-sap:${Region}:${Account}:${ApplicationType}/${ApplicationId}/DB/${DatabaseId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "ssm-guiconnect": { - "service_name": "AWS Systems Manager GUI Connect", - "prefix": "ssm-guiconnect", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerguiconnect.html", - "privileges": { - "CancelConnection": { - "privilege": "CancelConnection", - "description": "Grants permission to terminate a GUI Connect session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rdp.html" - }, - "GetConnection": { - "privilege": "GetConnection", - "description": "Grants permission to get the metadata for a GUI Connect session", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rdp.html" - }, - "StartConnection": { - "privilege": "StartConnection", - "description": "Grants permission to start a GUI Connect session", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rdp.html" - } - }, - "resources": {}, - "conditions": {} - }, - "ssm-incidents": { - "service_name": "AWS Systems Manager Incident Manager", - "prefix": "ssm-incidents", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerincidentmanager.html", - "privileges": { - "CreateReplicationSet": { - "privilege": "CreateReplicationSet", - "description": "Grants permission to create a replication set", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:CreateServiceLinkedRole", - "ssm-incidents:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateReplicationSet.html" - }, - "CreateResponsePlan": { - "privilege": "CreateResponsePlan", - "description": "Grants permission to create a response plan", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole", - "ssm-incidents:TagResource" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateResponsePlan.html" - }, - "CreateTimelineEvent": { - "privilege": "CreateTimelineEvent", - "description": "Grants permission to create a timeline event for an incident record", - "access_level": "Write", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateTimelineEvent.html" - }, - "DeleteIncidentRecord": { - "privilege": "DeleteIncidentRecord", - "description": "Grants permission to delete an incident record", - "access_level": "Write", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteIncidentRecord.html" - }, - "DeleteReplicationSet": { - "privilege": "DeleteReplicationSet", - "description": "Grants permission to delete a replication set", - "access_level": "Write", - "resource_types": { - "replication-set": { - "resource_type": "replication-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteReplicationSet.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete resource policy from a response plan", - "access_level": "Permissions management", - "resource_types": { - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteResourcePolicy.html" - }, - "DeleteResponsePlan": { - "privilege": "DeleteResponsePlan", - "description": "Grants permission to delete a response plan", - "access_level": "Write", - "resource_types": { - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteResponsePlan.html" - }, - "DeleteTimelineEvent": { - "privilege": "DeleteTimelineEvent", - "description": "Grants permission to delete a timeline event", - "access_level": "Write", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteTimelineEvent.html" - }, - "GetIncidentRecord": { - "privilege": "GetIncidentRecord", - "description": "Grants permission to view the contents of an incident record", - "access_level": "Read", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetIncidentRecord.html" - }, - "GetReplicationSet": { - "privilege": "GetReplicationSet", - "description": "Grants permission to view the replication set", - "access_level": "Read", - "resource_types": { - "replication-set": { - "resource_type": "replication-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetReplicationSet.html" - }, - "GetResourcePolicies": { - "privilege": "GetResourcePolicies", - "description": "Grants permission to view resource policies of a response plan", - "access_level": "Read", - "resource_types": { - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetResourcePolicies.html" - }, - "GetResponsePlan": { - "privilege": "GetResponsePlan", - "description": "Grants permission to view the contents of a specified response plan", - "access_level": "Read", - "resource_types": { - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetResponsePlan.html" - }, - "GetTimelineEvent": { - "privilege": "GetTimelineEvent", - "description": "Grants permission to view a timeline event", - "access_level": "Read", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetTimelineEvent.html" - }, - "ListIncidentRecords": { - "privilege": "ListIncidentRecords", - "description": "Grants permission to list the contents of all incident records", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListIncidentRecords.html" - }, - "ListRelatedItems": { - "privilege": "ListRelatedItems", - "description": "Grants permission to list related items of an incident records", - "access_level": "List", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListRelatedItems.html" - }, - "ListReplicationSets": { - "privilege": "ListReplicationSets", - "description": "Grants permission to list all replication sets", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListReplicationSets.html" - }, - "ListResponsePlans": { - "privilege": "ListResponsePlans", - "description": "Grants permission to list all response plans", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListResponsePlans.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to view a list of resource tags for a specified resource", - "access_level": "Read", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replication-set": { - "resource_type": "replication-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListTagsForResource.html" - }, - "ListTimelineEvents": { - "privilege": "ListTimelineEvents", - "description": "Grants permission to list all timeline events for an incident record", - "access_level": "List", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListTimelineEvents.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to put resource policy on a response plan", - "access_level": "Permissions management", - "resource_types": { - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_PutResourcePolicy.html" - }, - "StartIncident": { - "privilege": "StartIncident", - "description": "Grants permission to start a new incident using a response plan", - "access_level": "Write", - "resource_types": { - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_StartIncident.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a response plan", - "access_level": "Tagging", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replication-set": { - "resource_type": "replication-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a response plan", - "access_level": "Tagging", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "replication-set": { - "resource_type": "replication-set", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UntagResource.html" - }, - "UpdateDeletionProtection": { - "privilege": "UpdateDeletionProtection", - "description": "Grants permission to update replication set deletion protection", - "access_level": "Write", - "resource_types": { - "replication-set": { - "resource_type": "replication-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateDeletionProtection.html" - }, - "UpdateIncidentRecord": { - "privilege": "UpdateIncidentRecord", - "description": "Grants permission to update the contents of an incident record", - "access_level": "Write", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateIncidentRecord.html" - }, - "UpdateRelatedItems": { - "privilege": "UpdateRelatedItems", - "description": "Grants permission to update related items of an incident record", - "access_level": "Write", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateRelatedItems.html" - }, - "UpdateReplicationSet": { - "privilege": "UpdateReplicationSet", - "description": "Grants permission to update a replication set", - "access_level": "Write", - "resource_types": { - "replication-set": { - "resource_type": "replication-set", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateReplicationSet.html" - }, - "UpdateResponsePlan": { - "privilege": "UpdateResponsePlan", - "description": "Grants permission to update the contents of a response plan", - "access_level": "Write", - "resource_types": { - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole", - "ssm-incidents:TagResource" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateResponsePlan.html" - }, - "UpdateTimelineEvent": { - "privilege": "UpdateTimelineEvent", - "description": "Grants permission to update a timeline event", - "access_level": "Write", - "resource_types": { - "incident-record": { - "resource_type": "incident-record", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "response-plan": { - "resource_type": "response-plan", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateTimelineEvent.html" - } - }, - "resources": { - "response-plan": { - "resource": "response-plan", - "arn": "arn:${Partition}:ssm-incidents::${Account}:response-plan/${ResponsePlan}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "incident-record": { - "resource": "incident-record", - "arn": "arn:${Partition}:ssm-incidents::${Account}:incident-record/${ResponsePlan}/${IncidentRecord}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "replication-set": { - "resource": "replication-set", - "arn": "arn:${Partition}:ssm-incidents::${Account}:replication-set/${ReplicationSet}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "ssm-contacts": { - "service_name": "AWS Systems Manager Incident Manager Contacts", - "prefix": "ssm-contacts", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerincidentmanagercontacts.html", - "privileges": { - "AcceptPage": { - "privilege": "AcceptPage", - "description": "Grants permission to accept a page", - "access_level": "Write", - "resource_types": { - "page": { - "resource_type": "page", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_AcceptPage.html" - }, - "ActivateContactChannel": { - "privilege": "ActivateContactChannel", - "description": "Grants permission to activate a contact's contact channel", - "access_level": "Write", - "resource_types": { - "contactchannel": { - "resource_type": "contactchannel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ActivateContactChannel.html" - }, - "AssociateContact": { - "privilege": "AssociateContact", - "description": "Grants permission to use a contact in an escalation plan", - "access_level": "Permissions management", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/userguide/contacts.html" - }, - "CreateContact": { - "privilege": "CreateContact", - "description": "Grants permission to create a contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ssm-contacts:AssociateContact" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateContact.html" - }, - "CreateContactChannel": { - "privilege": "CreateContactChannel", - "description": "Grants permission to create a contact channel for a contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateContactChannel.html" - }, - "CreateRotation": { - "privilege": "CreateRotation", - "description": "Grants permission to create a rotation in an on-call schedule", - "access_level": "Write", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateRotation.html" - }, - "CreateRotationOverride": { - "privilege": "CreateRotationOverride", - "description": "Grants permission to create an override for a rotation in an on-call schedule", - "access_level": "Write", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateRotationOverride.html" - }, - "DeactivateContactChannel": { - "privilege": "DeactivateContactChannel", - "description": "Grants permission to deactivate a contact's contact channel", - "access_level": "Write", - "resource_types": { - "contactchannel": { - "resource_type": "contactchannel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeactivateContactChannel.html" - }, - "DeleteContact": { - "privilege": "DeleteContact", - "description": "Grants permission to delete a contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteContact.html" - }, - "DeleteContactChannel": { - "privilege": "DeleteContactChannel", - "description": "Grants permission to delete a contact's contact channel", - "access_level": "Write", - "resource_types": { - "contactchannel": { - "resource_type": "contactchannel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteContactChannel.html" - }, - "DeleteRotation": { - "privilege": "DeleteRotation", - "description": "Grants permission to delete a rotation", - "access_level": "Write", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteRotation.html" - }, - "DeleteRotationOverride": { - "privilege": "DeleteRotationOverride", - "description": "Grants permission to delete a rotation's rotation override", - "access_level": "Write", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteRotationOverride.html" - }, - "DescribeEngagement": { - "privilege": "DescribeEngagement", - "description": "Grants permission to describe an engagement", - "access_level": "Read", - "resource_types": { - "engagement": { - "resource_type": "engagement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DescribeEngagement.html" - }, - "DescribePage": { - "privilege": "DescribePage", - "description": "Grants permission to describe a page", - "access_level": "Read", - "resource_types": { - "page": { - "resource_type": "page", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DescribePage.html" - }, - "GetContact": { - "privilege": "GetContact", - "description": "Grants permission to get a contact", - "access_level": "Read", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetContact.html" - }, - "GetContactChannel": { - "privilege": "GetContactChannel", - "description": "Grants permission to get a contact's contact channel", - "access_level": "Read", - "resource_types": { - "contactchannel": { - "resource_type": "contactchannel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetContactChannel.html" - }, - "GetContactPolicy": { - "privilege": "GetContactPolicy", - "description": "Grants permission to get a contact's resource policy", - "access_level": "Read", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetContactPolicy.html" - }, - "GetRotation": { - "privilege": "GetRotation", - "description": "Grants permission to retrieve information about an on-call rotation", - "access_level": "Read", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetRotation.html" - }, - "GetRotationOverride": { - "privilege": "GetRotationOverride", - "description": "Grants permission to retrieve information about an override in an on-call rotation", - "access_level": "Read", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetRotationOverride.html" - }, - "ListContactChannels": { - "privilege": "ListContactChannels", - "description": "Grants permission to list all of a contact's contact channels", - "access_level": "List", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListContactChannels.html" - }, - "ListContacts": { - "privilege": "ListContacts", - "description": "Grants permission to list all contacts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListContacts.html" - }, - "ListEngagements": { - "privilege": "ListEngagements", - "description": "Grants permission to list all engagements", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListEngagements.html" - }, - "ListPageReceipts": { - "privilege": "ListPageReceipts", - "description": "Grants permission to list all receipts of a page", - "access_level": "List", - "resource_types": { - "page": { - "resource_type": "page", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPageReceipts.html" - }, - "ListPageResolutions": { - "privilege": "ListPageResolutions", - "description": "Grants permission to list the resolution path of an engagement", - "access_level": "List", - "resource_types": { - "page": { - "resource_type": "page", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPageResolutions.html" - }, - "ListPagesByContact": { - "privilege": "ListPagesByContact", - "description": "Grants permission to list all pages sent to a contact", - "access_level": "List", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPagesByContact.html" - }, - "ListPagesByEngagement": { - "privilege": "ListPagesByEngagement", - "description": "Grants permission to list all pages created in an engagement", - "access_level": "List", - "resource_types": { - "engagement": { - "resource_type": "engagement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPagesByEngagement.html" - }, - "ListPreviewRotationShifts": { - "privilege": "ListPreviewRotationShifts", - "description": "Grants permission to retrieve a list of shifts based on rotation configuration parameters", - "access_level": "List", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPreviewRotationShifts.html" - }, - "ListRotationOverrides": { - "privilege": "ListRotationOverrides", - "description": "Grants permission to retrieve a list of overrides currently specified for an on-call rotation", - "access_level": "List", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListRotationOverrides.html" - }, - "ListRotationShifts": { - "privilege": "ListRotationShifts", - "description": "Grants permission to retrieve a list of rotation shifts in an on-call schedule", - "access_level": "List", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListRotationShifts.html" - }, - "ListRotations": { - "privilege": "ListRotations", - "description": "Grants permission to retrieve a list of on-call rotations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListRotations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to view a list of resource tags for a specified resource", - "access_level": "Read", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rotation": { - "resource_type": "rotation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListTagsForResource.html" - }, - "PutContactPolicy": { - "privilege": "PutContactPolicy", - "description": "Grants permission to add a resource policy to a contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_PutContactPolicy.html" - }, - "SendActivationCode": { - "privilege": "SendActivationCode", - "description": "Grants permission to send the activation code of a contact's contact channel", - "access_level": "Write", - "resource_types": { - "contactchannel": { - "resource_type": "contactchannel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_SendActivationCode.html" - }, - "StartEngagement": { - "privilege": "StartEngagement", - "description": "Grants permission to start an engagement", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_StartEngagement.html" - }, - "StopEngagement": { - "privilege": "StopEngagement", - "description": "Grants permission to stop an engagement", - "access_level": "Write", - "resource_types": { - "engagement": { - "resource_type": "engagement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_StopEngagement.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rotation": { - "resource_type": "rotation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rotation": { - "resource_type": "rotation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UntagResource.html" - }, - "UpdateContact": { - "privilege": "UpdateContact", - "description": "Grants permission to update a contact", - "access_level": "Write", - "resource_types": { - "contact": { - "resource_type": "contact", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "ssm-contacts:AssociateContact" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UpdateContact.html" - }, - "UpdateContactChannel": { - "privilege": "UpdateContactChannel", - "description": "Grants permission to update a contact's contact channel", - "access_level": "Write", - "resource_types": { - "contactchannel": { - "resource_type": "contactchannel", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UpdateContactChannel.html" - }, - "UpdateRotation": { - "privilege": "UpdateRotation", - "description": "Grants permission to update the information specified for an on-call rotation", - "access_level": "Write", - "resource_types": { - "rotation": { - "resource_type": "rotation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UpdateRotation.html" - } - }, - "resources": { - "contact": { - "resource": "contact", - "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:contact/${ContactAlias}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "contactchannel": { - "resource": "contactchannel", - "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:contactchannel/${ContactAlias}/${ContactChannelId}", - "condition_keys": [] - }, - "engagement": { - "resource": "engagement", - "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:engagement/${ContactAlias}/${EngagementId}", - "condition_keys": [] - }, - "page": { - "resource": "page", - "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:page/${ContactAlias}/${PageId}", - "condition_keys": [] - }, - "rotation": { - "resource": "rotation", - "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:rotation/${RotationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "resource-explorer": { - "service_name": "AWS Tag Editor", - "prefix": "resource-explorer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstageditor.html", - "privileges": { - "ListResourceTypes": { - "privilege": "ListResourceTypes", - "description": "Grants permission to retrieve the resource types currently supported by Tag Editor", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/userguide/gettingstarted-prereqs.html#rg-permissions-te" - }, - "ListResources": { - "privilege": "ListResources", - "description": "Grants permission to retrieve the identifiers of the resources in the AWS account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/userguide/gettingstarted-prereqs.html#rg-permissions-te" - }, - "ListTags": { - "privilege": "ListTags", - "description": "Grants permission to retrieve the tags attached to the specified resource identifiers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "tag:GetResources" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/userguide/gettingstarted-prereqs.html#rg-permissions-te" - } - }, - "resources": {}, - "conditions": {} - }, - "tax": { - "service_name": "AWS Tax Settings", - "prefix": "tax", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstaxsettings.html", - "privileges": { - "BatchPutTaxRegistration": { - "privilege": "BatchPutTaxRegistration", - "description": "Grants permission to batch update tax registrations", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "DeleteTaxRegistration": { - "privilege": "DeleteTaxRegistration", - "description": "Grants permission to delete tax registration data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetExemptions": { - "privilege": "GetExemptions", - "description": "Grants permission to view tax exemptions data", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetTaxInheritance": { - "privilege": "GetTaxInheritance", - "description": "Grants permission to view tax inheritance status", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "GetTaxInterview": { - "privilege": "GetTaxInterview", - "description": "Grants permission to retrieve tax interview data", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" - }, - "GetTaxRegistration": { - "privilege": "GetTaxRegistration", - "description": "Grants permission to view tax registrations data", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" - }, - "GetTaxRegistrationDocument": { - "privilege": "GetTaxRegistrationDocument", - "description": "Grants permission to download tax registration documents", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "ListTaxRegistrations": { - "privilege": "ListTaxRegistrations", - "description": "Grants permission to view tax registrations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "PutTaxInheritance": { - "privilege": "PutTaxInheritance", - "description": "Grants permission to set tax inheritance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - }, - "PutTaxInterview": { - "privilege": "PutTaxInterview", - "description": "Grants permission to update tax interview data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" - }, - "PutTaxRegistration": { - "privilege": "PutTaxRegistration", - "description": "Grants permission to update tax registrations data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" - }, - "UpdateExemptions": { - "privilege": "UpdateExemptions", - "description": "Grants permission to update tax exemptions data", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" - } - }, - "resources": {}, - "conditions": {} - }, - "tnb": { - "service_name": "AWS Telco Network Builder", - "prefix": "tnb", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstelconetworkbuilder.html", - "privileges": { - "CancelSolNetworkOperation": { - "privilege": "CancelSolNetworkOperation", - "description": "Grants permission to cancel a network operation", - "access_level": "Write", - "resource_types": { - "network-operation": { - "resource_type": "network-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CancelSolNetworkOperation.html" - }, - "CreateSolFunctionPackage": { - "privilege": "CreateSolFunctionPackage", - "description": "Grants permission to create a function package", - "access_level": "Write", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CreateSolFunctionPackage.html" - }, - "CreateSolNetworkInstance": { - "privilege": "CreateSolNetworkInstance", - "description": "Grants permission to create a network instance", - "access_level": "Write", - "resource_types": { - "network-instance": { - "resource_type": "network-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CreateSolNetworkInstance.html" - }, - "CreateSolNetworkPackage": { - "privilege": "CreateSolNetworkPackage", - "description": "Grants permission to create a network package", - "access_level": "Write", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CreateSolNetworkPackage.html" - }, - "DeleteSolFunctionPackage": { - "privilege": "DeleteSolFunctionPackage", - "description": "Grants permission to delete a function package", - "access_level": "Write", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_DeleteSolFunctionPackage.html" - }, - "DeleteSolNetworkInstance": { - "privilege": "DeleteSolNetworkInstance", - "description": "Grants permission to delete a network instance", - "access_level": "Write", - "resource_types": { - "network-instance": { - "resource_type": "network-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_DeleteSolNetworkInstance.html" - }, - "DeleteSolNetworkPackage": { - "privilege": "DeleteSolNetworkPackage", - "description": "Grants permission to delete a network package", - "access_level": "Write", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_DeleteSolNetworkPackage.html" - }, - "GetSolFunctionInstance": { - "privilege": "GetSolFunctionInstance", - "description": "Grants permission to get a function instance", - "access_level": "Read", - "resource_types": { - "function-instance": { - "resource_type": "function-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionInstance.html" - }, - "GetSolFunctionPackage": { - "privilege": "GetSolFunctionPackage", - "description": "Grants permission to get a function package", - "access_level": "Read", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionPackage.html" - }, - "GetSolFunctionPackageContent": { - "privilege": "GetSolFunctionPackageContent", - "description": "Grants permission to get a function package contents", - "access_level": "Read", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionPackageContent.html" - }, - "GetSolFunctionPackageDescriptor": { - "privilege": "GetSolFunctionPackageDescriptor", - "description": "Grants permission to get a function package descriptor", - "access_level": "Read", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionPackageDescriptor.html" - }, - "GetSolNetworkInstance": { - "privilege": "GetSolNetworkInstance", - "description": "Grants permission to get a network instance", - "access_level": "Read", - "resource_types": { - "network-instance": { - "resource_type": "network-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkInstance.html" - }, - "GetSolNetworkOperation": { - "privilege": "GetSolNetworkOperation", - "description": "Grants permission to get a network operation", - "access_level": "Read", - "resource_types": { - "network-operation": { - "resource_type": "network-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkOperation.html" - }, - "GetSolNetworkPackage": { - "privilege": "GetSolNetworkPackage", - "description": "Grants permission to get a network package", - "access_level": "Read", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkPackage.html" - }, - "GetSolNetworkPackageContent": { - "privilege": "GetSolNetworkPackageContent", - "description": "Grants permission to get a network package contents", - "access_level": "Read", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkPackageContent.html" - }, - "GetSolNetworkPackageDescriptor": { - "privilege": "GetSolNetworkPackageDescriptor", - "description": "Grants permission to get a network package descriptor", - "access_level": "Read", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkPackageDescriptor.html" - }, - "InstantiateSolNetworkInstance": { - "privilege": "InstantiateSolNetworkInstance", - "description": "Grants permission to instantiate a network instance", - "access_level": "Write", - "resource_types": { - "network-instance": { - "resource_type": "network-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_InstantiateSolNetworkInstance.html" - }, - "ListSolFunctionInstances": { - "privilege": "ListSolFunctionInstances", - "description": "Grants permission to list function instances", - "access_level": "List", - "resource_types": { - "function-instance": { - "resource_type": "function-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolFunctionInstances.html" - }, - "ListSolFunctionPackages": { - "privilege": "ListSolFunctionPackages", - "description": "Grants permission to list function packages", - "access_level": "List", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolFunctionPackages.html" - }, - "ListSolNetworkInstances": { - "privilege": "ListSolNetworkInstances", - "description": "Grants permission to list network instances", - "access_level": "List", - "resource_types": { - "network-instance": { - "resource_type": "network-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolNetworkInstances.html" - }, - "ListSolNetworkOperations": { - "privilege": "ListSolNetworkOperations", - "description": "Grants permission to list network operations", - "access_level": "List", - "resource_types": { - "network-operation": { - "resource_type": "network-operation", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolNetworkOperations.html" - }, - "ListSolNetworkPackages": { - "privilege": "ListSolNetworkPackages", - "description": "Grants permission to list network packages", - "access_level": "List", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolNetworkPackages.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to return a list of tags for a resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListTagsForResource.html" - }, - "PutSolFunctionPackageContent": { - "privilege": "PutSolFunctionPackageContent", - "description": "Grants permission to upload function package content", - "access_level": "Write", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_PutSolFunctionPackageContent.html" - }, - "PutSolNetworkPackageContent": { - "privilege": "PutSolNetworkPackageContent", - "description": "Grants permission to upload network package content", - "access_level": "Write", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_PutSolNetworkPackageContent.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to the specified resource", - "access_level": "Tagging", - "resource_types": { - "function-instance": { - "resource_type": "function-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "function-package": { - "resource_type": "function-package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-instance": { - "resource_type": "network-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-operation": { - "resource_type": "network-operation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-package": { - "resource_type": "network-package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_TagResource.html" - }, - "TerminateSolNetworkInstance": { - "privilege": "TerminateSolNetworkInstance", - "description": "Grants permission to terminate a network instance", - "access_level": "Write", - "resource_types": { - "network-instance": { - "resource_type": "network-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_TerminateSolNetworkInstance.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from the specified resource", - "access_level": "Tagging", - "resource_types": { - "function-instance": { - "resource_type": "function-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "function-package": { - "resource_type": "function-package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-instance": { - "resource_type": "network-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-operation": { - "resource_type": "network-operation", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "network-package": { - "resource_type": "network-package", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UntagResource.html" - }, - "UpdateSolFunctionPackage": { - "privilege": "UpdateSolFunctionPackage", - "description": "Grants permission to update a function package", - "access_level": "Write", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UpdateSolFunctionPackage.html" - }, - "UpdateSolNetworkInstance": { - "privilege": "UpdateSolNetworkInstance", - "description": "Grants permission to update a network instance", - "access_level": "Write", - "resource_types": { - "function-instance": { - "resource_type": "function-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "network-instance": { - "resource_type": "network-instance", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UpdateSolNetworkInstance.html" - }, - "UpdateSolNetworkPackage": { - "privilege": "UpdateSolNetworkPackage", - "description": "Grants permission to update a network package", - "access_level": "Write", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UpdateSolNetworkPackage.html" - }, - "ValidateSolFunctionPackageContent": { - "privilege": "ValidateSolFunctionPackageContent", - "description": "Grants permission to validate function package content", - "access_level": "Write", - "resource_types": { - "function-package": { - "resource_type": "function-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ValidateSolFunctionPackageContent.html" - }, - "ValidateSolNetworkPackageContent": { - "privilege": "ValidateSolNetworkPackageContent", - "description": "Grants permission to validate network package content", - "access_level": "Write", - "resource_types": { - "network-package": { - "resource_type": "network-package", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ValidateSolNetworkPackageContent.html" - } - }, - "resources": { - "function-package": { - "resource": "function-package", - "arn": "arn:${Partition}:tnb:${Region}:${Account}:function-package/${FunctionPackageId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "network-package": { - "resource": "network-package", - "arn": "arn:${Partition}:tnb:${Region}:${Account}:network-package/${NetworkPackageId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "network-instance": { - "resource": "network-instance", - "arn": "arn:${Partition}:tnb:${Region}:${Account}:network-instance/${NetworkInstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "function-instance": { - "resource": "function-instance", - "arn": "arn:${Partition}:tnb:${Region}:${Account}:function-instance/${FunctionInstanceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "network-operation": { - "resource": "network-operation", - "arn": "arn:${Partition}:tnb:${Region}:${Account}:network-operation/${NetworkOperationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by checking the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by checking tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "tiros": { - "service_name": "AWS Tiros", - "prefix": "tiros", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstiros.html", - "privileges": { - "CreateQuery": { - "privilege": "CreateQuery", - "description": "Grants permission to create a VPC reachability query", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" - }, - "ExtendQuery": { - "privilege": "ExtendQuery", - "description": "Grants permission to extend a VPC reachability query to include the calling principals account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" - }, - "GetQueryAnswer": { - "privilege": "GetQueryAnswer", - "description": "Grants permission to get VPC reachability query answers", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" - }, - "GetQueryExplanation": { - "privilege": "GetQueryExplanation", - "description": "Grants permission to get VPC reachability query explanations", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" - }, - "GetQueryExtensionAccounts": { - "privilege": "GetQueryExtensionAccounts", - "description": "Grants permission to list accounts that might be useful in a new query", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" - } - }, - "resources": {}, - "conditions": {} - }, - "transfer": { - "service_name": "AWS Transfer Family", - "prefix": "transfer", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstransferfamily.html", - "privileges": { - "CreateAccess": { - "privilege": "CreateAccess", - "description": "Grants permission to add an access associated with a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateAccess.html" - }, - "CreateAgreement": { - "privilege": "CreateAgreement", - "description": "Grants permission to add an agreement associated with a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateAgreement.html" - }, - "CreateConnector": { - "privilege": "CreateConnector", - "description": "Grants permission to create a connector", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateConnector.html" - }, - "CreateProfile": { - "privilege": "CreateProfile", - "description": "Grants permission to create a profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateProfile.html" - }, - "CreateServer": { - "privilege": "CreateServer", - "description": "Grants permission to create a server", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateServer.html" - }, - "CreateUser": { - "privilege": "CreateUser", - "description": "Grants permission to add a user associated with a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateUser.html" - }, - "CreateWorkflow": { - "privilege": "CreateWorkflow", - "description": "Grants permission to create a workflow", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateWorkflow.html" - }, - "DeleteAccess": { - "privilege": "DeleteAccess", - "description": "Grants permission to delete access", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteAccess.html" - }, - "DeleteAgreement": { - "privilege": "DeleteAgreement", - "description": "Grants permission to delete agreement", - "access_level": "Write", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteAgreement.html" - }, - "DeleteCertificate": { - "privilege": "DeleteCertificate", - "description": "Grants permission to delete certificate", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteCertificate.html" - }, - "DeleteConnector": { - "privilege": "DeleteConnector", - "description": "Grants permission to delete connector", - "access_level": "Write", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteConnector.html" - }, - "DeleteHostKey": { - "privilege": "DeleteHostKey", - "description": "Grants permission to delete a host key associated with a server", - "access_level": "Write", - "resource_types": { - "host-key": { - "resource_type": "host-key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteHostKey.html" - }, - "DeleteProfile": { - "privilege": "DeleteProfile", - "description": "Grants permission to delete profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteProfile.html" - }, - "DeleteServer": { - "privilege": "DeleteServer", - "description": "Grants permission to delete a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteServer.html" - }, - "DeleteSshPublicKey": { - "privilege": "DeleteSshPublicKey", - "description": "Grants permission to delete an SSH public key from a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteSshPublicKey.html" - }, - "DeleteUser": { - "privilege": "DeleteUser", - "description": "Grants permission to delete a user associated with a server", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteUser.html" - }, - "DeleteWorkflow": { - "privilege": "DeleteWorkflow", - "description": "Grants permission to delete a workflow", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteWorkflow.html" - }, - "DescribeAccess": { - "privilege": "DescribeAccess", - "description": "Grants permission to describe an access assigned to a server", - "access_level": "Read", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeAccess.html" - }, - "DescribeAgreement": { - "privilege": "DescribeAgreement", - "description": "Grants permission to describe an agreement assigned to a server", - "access_level": "Read", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeAgreement.html" - }, - "DescribeCertificate": { - "privilege": "DescribeCertificate", - "description": "Grants permission to describe a certificate", - "access_level": "Read", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeCertificate.html" - }, - "DescribeConnector": { - "privilege": "DescribeConnector", - "description": "Grants permission to describe a connector", - "access_level": "Read", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeConnector.html" - }, - "DescribeExecution": { - "privilege": "DescribeExecution", - "description": "Grants permission to describe an execution associated with a workflow", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeExecution.html" - }, - "DescribeHostKey": { - "privilege": "DescribeHostKey", - "description": "Grants permission to describe a host key associated with a server", - "access_level": "Read", - "resource_types": { - "host-key": { - "resource_type": "host-key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeHostKey.html" - }, - "DescribeProfile": { - "privilege": "DescribeProfile", - "description": "Grants permission to describe a profile", - "access_level": "Read", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeProfile.html" - }, - "DescribeSecurityPolicy": { - "privilege": "DescribeSecurityPolicy", - "description": "Grants permission to describe a security policy", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeSecurityPolicy.html" - }, - "DescribeServer": { - "privilege": "DescribeServer", - "description": "Grants permission to describe a server", - "access_level": "Read", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeServer.html" - }, - "DescribeUser": { - "privilege": "DescribeUser", - "description": "Grants permission to describe a user associated with a server", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeUser.html" - }, - "DescribeWorkflow": { - "privilege": "DescribeWorkflow", - "description": "Grants permission to describe a workflow", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeWorkflow.html" - }, - "ImportCertificate": { - "privilege": "ImportCertificate", - "description": "Grants permission to add a certificate", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ImportCertificate.html" - }, - "ImportHostKey": { - "privilege": "ImportHostKey", - "description": "Grants permission to add a host key to a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ImportHostKey.html" - }, - "ImportSshPublicKey": { - "privilege": "ImportSshPublicKey", - "description": "Grants permission to add an SSH public key to a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ImportSshPublicKey.html" - }, - "ListAccesses": { - "privilege": "ListAccesses", - "description": "Grants permission to list accesses", - "access_level": "Read", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListAccesses.html" - }, - "ListAgreements": { - "privilege": "ListAgreements", - "description": "Grants permission to list agreements", - "access_level": "Read", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListAgreements.html" - }, - "ListCertificates": { - "privilege": "ListCertificates", - "description": "Grants permission to list certificates", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListCertificates.html" - }, - "ListConnectors": { - "privilege": "ListConnectors", - "description": "Grants permission to list connectors", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListConnectors.html" - }, - "ListExecutions": { - "privilege": "ListExecutions", - "description": "Grants permission to list executions associated with a workflow", - "access_level": "Read", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListExecutions.html" - }, - "ListHostKeys": { - "privilege": "ListHostKeys", - "description": "Grants permission to list host keys associated with a server", - "access_level": "Read", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListHostKeys.html" - }, - "ListProfiles": { - "privilege": "ListProfiles", - "description": "Grants permission to list profiles", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListProfiles.html" - }, - "ListSecurityPolicies": { - "privilege": "ListSecurityPolicies", - "description": "Grants permission to list security policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListSecurityPolicies.html" - }, - "ListServers": { - "privilege": "ListServers", - "description": "Grants permission to list servers", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListServers.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an AWS Transfer Family resource", - "access_level": "Read", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "certificate": { - "resource_type": "certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connector": { - "resource_type": "connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "host-key": { - "resource_type": "host-key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "server": { - "resource_type": "server", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListTagsForResource.html" - }, - "ListUsers": { - "privilege": "ListUsers", - "description": "Grants permission to list users associated with a server", - "access_level": "List", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListUsers.html" - }, - "ListWorkflows": { - "privilege": "ListWorkflows", - "description": "Grants permission to list workflows", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListWorkflows.html" - }, - "SendWorkflowStepState": { - "privilege": "SendWorkflowStepState", - "description": "Grants permission to send a callback for asynchronous custom steps", - "access_level": "Write", - "resource_types": { - "workflow": { - "resource_type": "workflow", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_SendWorkflowStepState.html" - }, - "StartFileTransfer": { - "privilege": "StartFileTransfer", - "description": "Grants permission to initiate a connector file transfer", - "access_level": "Write", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_StartFileTransfer.html" - }, - "StartServer": { - "privilege": "StartServer", - "description": "Grants permission to start a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_StartServer.html" - }, - "StopServer": { - "privilege": "StopServer", - "description": "Grants permission to stop a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_StopServer.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag an AWS Transfer Family resource", - "access_level": "Tagging", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "certificate": { - "resource_type": "certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connector": { - "resource_type": "connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "host-key": { - "resource_type": "host-key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "server": { - "resource_type": "server", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_TagResource.html" - }, - "TestIdentityProvider": { - "privilege": "TestIdentityProvider", - "description": "Grants permission to test a server's custom identity provider", - "access_level": "Read", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_TestIdentityProvider.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag an AWS Transfer Family resource", - "access_level": "Tagging", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "certificate": { - "resource_type": "certificate", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "connector": { - "resource_type": "connector", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "host-key": { - "resource_type": "host-key", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "server": { - "resource_type": "server", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "user": { - "resource_type": "user", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workflow": { - "resource_type": "workflow", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UntagResource.html" - }, - "UpdateAccess": { - "privilege": "UpdateAccess", - "description": "Grants permission to update access", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateAccess.html" - }, - "UpdateAgreement": { - "privilege": "UpdateAgreement", - "description": "Grants permission to update an agreement", - "access_level": "Write", - "resource_types": { - "agreement": { - "resource_type": "agreement", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateAgreement.html" - }, - "UpdateCertificate": { - "privilege": "UpdateCertificate", - "description": "Grants permission to update a certificate", - "access_level": "Write", - "resource_types": { - "certificate": { - "resource_type": "certificate", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateCertificate.html" - }, - "UpdateConnector": { - "privilege": "UpdateConnector", - "description": "Grants permission to update a connector", - "access_level": "Write", - "resource_types": { - "connector": { - "resource_type": "connector", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateConnector.html" - }, - "UpdateHostKey": { - "privilege": "UpdateHostKey", - "description": "Grants permission to update a host key", - "access_level": "Write", - "resource_types": { - "host-key": { - "resource_type": "host-key", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateHostKey.html" - }, - "UpdateProfile": { - "privilege": "UpdateProfile", - "description": "Grants permission to update a profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateProfile.html" - }, - "UpdateServer": { - "privilege": "UpdateServer", - "description": "Grants permission to update the configuration of a server", - "access_level": "Write", - "resource_types": { - "server": { - "resource_type": "server", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html" - }, - "UpdateUser": { - "privilege": "UpdateUser", - "description": "Grants permission to update the configuration of a user", - "access_level": "Write", - "resource_types": { - "user": { - "resource_type": "user", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:PassRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateUser.html" - } - }, - "resources": { - "user": { - "resource": "user", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:user/${ServerId}/${UserName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "server": { - "resource": "server", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:server/${ServerId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "workflow": { - "resource": "workflow", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:workflow/${WorkflowId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "certificate": { - "resource": "certificate", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:certificate/${CertificateId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "connector": { - "resource": "connector", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:connector/${ConnectorId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "profile": { - "resource": "profile", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:profile/${ProfileId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "agreement": { - "resource": "agreement", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:agreement/${AgreementId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "host-key": { - "resource": "host-key", - "arn": "arn:${Partition}:transfer:${Region}:${Account}:host-key/${ServerId}/${HostKeyId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "trustedadvisor": { - "service_name": "AWS Trusted Advisor", - "prefix": "trustedadvisor", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstrustedadvisor.html", - "privileges": { - "CreateEngagement": { - "privilege": "CreateEngagement", - "description": "Grants permission to create an engagement", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "CreateEngagementAttachment": { - "privilege": "CreateEngagementAttachment", - "description": "Grants permission to create an engagement attachment", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "CreateEngagementCommunication": { - "privilege": "CreateEngagementCommunication", - "description": "Grants permission to create an engagement communication", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DeleteNotificationConfigurationForDelegatedAdmin": { - "privilege": "DeleteNotificationConfigurationForDelegatedAdmin", - "description": "Grants permission to the organization management account to delete email notification preferences from a delegated administrator account for Trusted Advisor Priority", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeAccount": { - "privilege": "DescribeAccount", - "description": "Grants permission to view the AWS Support plan and various AWS Trusted Advisor preferences", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeAccountAccess": { - "privilege": "DescribeAccountAccess", - "description": "Grants permission to view if the AWS account has enabled or disabled AWS Trusted Advisor", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeCheckItems": { - "privilege": "DescribeCheckItems", - "description": "Grants permission to view details for the check items", - "access_level": "Read", - "resource_types": { - "checks": { - "resource_type": "checks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeCheckRefreshStatuses": { - "privilege": "DescribeCheckRefreshStatuses", - "description": "Grants permission to view the refresh statuses for AWS Trusted Advisor checks", - "access_level": "Read", - "resource_types": { - "checks": { - "resource_type": "checks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeCheckStatusHistoryChanges": { - "privilege": "DescribeCheckStatusHistoryChanges", - "description": "Grants permission to view the results and changed statuses for checks in the last 30 days", - "access_level": "Read", - "resource_types": { - "checks": { - "resource_type": "checks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeCheckSummaries": { - "privilege": "DescribeCheckSummaries", - "description": "Grants permission to view AWS Trusted Advisor check summaries", - "access_level": "Read", - "resource_types": { - "checks": { - "resource_type": "checks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeChecks": { - "privilege": "DescribeChecks", - "description": "Grants permission to view details for AWS Trusted Advisor checks", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeNotificationConfigurations": { - "privilege": "DescribeNotificationConfigurations", - "description": "Grants permission to get your email notification preferences for Trusted Advisor Priority", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeNotificationPreferences": { - "privilege": "DescribeNotificationPreferences", - "description": "Grants permission to view the notification preferences for the AWS account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeOrganization": { - "privilege": "DescribeOrganization", - "description": "Grants permission to view if the AWS account meets the requirements to enable the organizational view feature", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeOrganizationAccounts": { - "privilege": "DescribeOrganizationAccounts", - "description": "Grants permission to view the linked AWS accounts that are in the organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeReports": { - "privilege": "DescribeReports", - "description": "Grants permission to view details for organizational view reports, such as the report name, runtime, date created, status, and format", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeRisk": { - "privilege": "DescribeRisk", - "description": "Grants permission to view risk details in AWS Trusted Advisor Priority", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeRiskResources": { - "privilege": "DescribeRiskResources", - "description": "Grants permission to view affected resources for a risk in AWS Trusted Advisor Priority", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeRisks": { - "privilege": "DescribeRisks", - "description": "Grants permission to view risks in AWS Trusted Advisor Priority", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DescribeServiceMetadata": { - "privilege": "DescribeServiceMetadata", - "description": "Grants permission to view information about organizational view reports, such as the AWS Regions, check categories, check names, and resource statuses", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "DownloadRisk": { - "privilege": "DownloadRisk", - "description": "Grants permission to download a file that contains details about the risk in AWS Trusted Advisor Priority", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "ExcludeCheckItems": { - "privilege": "ExcludeCheckItems", - "description": "Grants permission to exclude recommendations for AWS Trusted Advisor checks", - "access_level": "Write", - "resource_types": { - "checks": { - "resource_type": "checks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "GenerateReport": { - "privilege": "GenerateReport", - "description": "Grants permission to create a report for AWS Trusted Advisor checks in your organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "GetEngagement": { - "privilege": "GetEngagement", - "description": "Grants permission to view an engagment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "GetEngagementAttachment": { - "privilege": "GetEngagementAttachment", - "description": "Grants permission to view an engagment attachment", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "GetEngagementType": { - "privilege": "GetEngagementType", - "description": "Grants permission to view a specific engagement type", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "IncludeCheckItems": { - "privilege": "IncludeCheckItems", - "description": "Grants permission to include recommendations for AWS Trusted Advisor checks", - "access_level": "Write", - "resource_types": { - "checks": { - "resource_type": "checks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "ListAccountsForParent": { - "privilege": "ListAccountsForParent", - "description": "Grants permission to view, in the Trusted Advisor console, all of the accounts in an AWS organization that are contained by a root or organizational unit (OU)", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "ListEngagementCommunications": { - "privilege": "ListEngagementCommunications", - "description": "Grants permission to view all communications for an engagement", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "ListEngagementTypes": { - "privilege": "ListEngagementTypes", - "description": "Grants permission to view all engagement types", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "ListEngagements": { - "privilege": "ListEngagements", - "description": "Grants permission to view all engagements", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "ListOrganizationalUnitsForParent": { - "privilege": "ListOrganizationalUnitsForParent", - "description": "Grants permission to view, in the Trusted Advisor console, all of the organizational units (OUs) in a parent organizational unit or root", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "ListRoots": { - "privilege": "ListRoots", - "description": "Grants permission to view, in the Trusted Advisor console, all of the roots that are defined in an AWS organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "RefreshCheck": { - "privilege": "RefreshCheck", - "description": "Grants permission to refresh an AWS Trusted Advisor check", - "access_level": "Write", - "resource_types": { - "checks": { - "resource_type": "checks", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "SetAccountAccess": { - "privilege": "SetAccountAccess", - "description": "Grants permission to enable or disable AWS Trusted Advisor for the account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "SetOrganizationAccess": { - "privilege": "SetOrganizationAccess", - "description": "Grants permission to enable the organizational view feature for AWS Trusted Advisor", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "UpdateEngagementStatus": { - "privilege": "UpdateEngagementStatus", - "description": "Grants permission to update the status of an engagement", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "UpdateNotificationConfigurations": { - "privilege": "UpdateNotificationConfigurations", - "description": "Grants permission to create or update your email notification preferences for Trusted Advisor Priority", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "UpdateNotificationPreferences": { - "privilege": "UpdateNotificationPreferences", - "description": "Grants permission to update notification preferences for AWS Trusted Advisor", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - }, - "UpdateRiskStatus": { - "privilege": "UpdateRiskStatus", - "description": "Grants permission to update the risk status in AWS Trusted Advisor Priority", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" - } - }, - "resources": { - "checks": { - "resource": "checks", - "arn": "arn:${Partition}:trustedadvisor:${Region}:${Account}:checks/${CategoryCode}/${CheckId}", - "condition_keys": [] - } - }, - "conditions": {} - }, - "notifications": { - "service_name": "AWS User Notifications", - "prefix": "notifications", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsusernotifications.html", - "privileges": { - "AssociateChannel": { - "privilege": "AssociateChannel", - "description": "Grants permission to associate a new Channel with a particular NotificationConfiguration", - "access_level": "Write", - "resource_types": { - "NotificationConfiguration": { - "resource_type": "NotificationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "CreateEventRule": { - "privilege": "CreateEventRule", - "description": "Grants permission to create a new EventRule, associating it with a NotificationConfiguration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "CreateNotificationConfiguration": { - "privilege": "CreateNotificationConfiguration", - "description": "Grants permission to create a NotificationConfiguration", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "DeleteEventRule": { - "privilege": "DeleteEventRule", - "description": "Grants permission to delete an EventRule", - "access_level": "Write", - "resource_types": { - "EventRule": { - "resource_type": "EventRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "DeleteNotificationConfiguration": { - "privilege": "DeleteNotificationConfiguration", - "description": "Grants permission to delete a NotificationConfiguration", - "access_level": "Write", - "resource_types": { - "NotificationConfiguration": { - "resource_type": "NotificationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "DeregisterNotificationHub": { - "privilege": "DeregisterNotificationHub", - "description": "Grants permission to deregister a NotificationHub", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "DisassociateChannel": { - "privilege": "DisassociateChannel", - "description": "Grants permission to remove a Channel from a NotificationConfiguration", - "access_level": "Write", - "resource_types": { - "NotificationConfiguration": { - "resource_type": "NotificationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "GetEventRule": { - "privilege": "GetEventRule", - "description": "Grants permission to get an EventRule", - "access_level": "Read", - "resource_types": { - "EventRule": { - "resource_type": "EventRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "GetNotificationConfiguration": { - "privilege": "GetNotificationConfiguration", - "description": "Grants permission to get a NotificationConfiguration", - "access_level": "Read", - "resource_types": { - "NotificationConfiguration": { - "resource_type": "NotificationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "GetNotificationEvent": { - "privilege": "GetNotificationEvent", - "description": "Grants permission to get a NotificationEvent", - "access_level": "Read", - "resource_types": { - "NotificationEvent": { - "resource_type": "NotificationEvent", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListChannels": { - "privilege": "ListChannels", - "description": "Grants permission to list Channels by NotificationConfiguration", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListEventRules": { - "privilege": "ListEventRules", - "description": "Grants permission to list EventRules", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListNotificationConfigurations": { - "privilege": "ListNotificationConfigurations", - "description": "Grants permission to list NotificationConfigurations", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListNotificationEvents": { - "privilege": "ListNotificationEvents", - "description": "Grants permission to list NotificationEvents", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListNotificationHubs": { - "privilege": "ListNotificationHubs", - "description": "Grants permission to list NotificationHubs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "RegisterNotificationHub": { - "privilege": "RegisterNotificationHub", - "description": "Grants permission to register a NotificationHub", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "NotificationConfiguration": { - "resource_type": "NotificationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "NotificationConfiguration": { - "resource_type": "NotificationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "UpdateEventRule": { - "privilege": "UpdateEventRule", - "description": "Grants permission to update an EventRule", - "access_level": "Write", - "resource_types": { - "EventRule": { - "resource_type": "EventRule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "UpdateNotificationConfiguration": { - "privilege": "UpdateNotificationConfiguration", - "description": "Grants permission to update a NotificationConfiguration", - "access_level": "Write", - "resource_types": { - "NotificationConfiguration": { - "resource_type": "NotificationConfiguration", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - } - }, - "resources": { - "EventRule": { - "resource": "EventRule", - "arn": "arn:${Partition}:notifications::${Account}:configuration/${NotificationConfigurationId}/rule/${EventRuleId}", - "condition_keys": [] - }, - "NotificationConfiguration": { - "resource": "NotificationConfiguration", - "arn": "arn:${Partition}:notifications::${Account}:configuration/${NotificationConfigurationId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "NotificationEvent": { - "resource": "NotificationEvent", - "arn": "arn:${Partition}:notifications:${Region}:${Account}:configuration/${NotificationConfigurationId}/event/${NotificationEventId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "notifications-contacts": { - "service_name": "AWS User Notifications Contacts", - "prefix": "notifications-contacts", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsusernotificationscontacts.html", - "privileges": { - "ActivateEmailContact": { - "privilege": "ActivateEmailContact", - "description": "Grants permission to activate the email contact associated with the given ARN if the provided code is valid", - "access_level": "Write", - "resource_types": { - "EmailContactResource": { - "resource_type": "EmailContactResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "CreateEmailContact": { - "privilege": "CreateEmailContact", - "description": "Grants permission to create an email contact", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "DeleteEmailContact": { - "privilege": "DeleteEmailContact", - "description": "Grants permission to delete an email contact associated with the given ARN", - "access_level": "Write", - "resource_types": { - "EmailContactResource": { - "resource_type": "EmailContactResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "GetEmailContact": { - "privilege": "GetEmailContact", - "description": "Grants permission to get an email contact associated with the given ARN", - "access_level": "Read", - "resource_types": { - "EmailContactResource": { - "resource_type": "EmailContactResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListEmailContacts": { - "privilege": "ListEmailContacts", - "description": "Grants permission to list email contacts", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to get tags for a resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "SendActivationCode": { - "privilege": "SendActivationCode", - "description": "Grants permission to send an activation link to the email associated with the given ARN", - "access_level": "Write", - "resource_types": { - "EmailContactResource": { - "resource_type": "EmailContactResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "EmailContactResource": { - "resource_type": "EmailContactResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from a resource", - "access_level": "Tagging", - "resource_types": { - "EmailContactResource": { - "resource_type": "EmailContactResource", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" - } - }, - "resources": { - "EmailContactResource": { - "resource": "EmailContactResource", - "arn": "arn:${Partition}:notifications-contacts::${Account}:emailcontact/${EmailContactId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "verified-access": { - "service_name": "AWS Verified Access", - "prefix": "verified-access", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsverifiedaccess.html", - "privileges": { - "AllowVerifiedAccess": { - "privilege": "AllowVerifiedAccess", - "description": "Grants permission to create Verified Access Instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-create-instance" - } - }, - "resources": {}, - "conditions": {} - }, - "waf": { - "service_name": "AWS WAF", - "prefix": "waf", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswaf.html", - "privileges": { - "CreateByteMatchSet": { - "privilege": "CreateByteMatchSet", - "description": "Grants permission to create a ByteMatchSet", - "access_level": "Write", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateByteMatchSet.html" - }, - "CreateGeoMatchSet": { - "privilege": "CreateGeoMatchSet", - "description": "Grants permission to create a GeoMatchSet", - "access_level": "Write", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateGeoMatchSet.html" - }, - "CreateIPSet": { - "privilege": "CreateIPSet", - "description": "Grants permission to create an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateIPSet.html" - }, - "CreateRateBasedRule": { - "privilege": "CreateRateBasedRule", - "description": "Grants permission to create a RateBasedRule for limiting the volume of requests from a single IP address", - "access_level": "Write", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRateBasedRule.html" - }, - "CreateRegexMatchSet": { - "privilege": "CreateRegexMatchSet", - "description": "Grants permission to create a RegexMatchSet", - "access_level": "Write", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRegexMatchSet.html" - }, - "CreateRegexPatternSet": { - "privilege": "CreateRegexPatternSet", - "description": "Grants permission to create a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRegexPatternSet.html" - }, - "CreateRule": { - "privilege": "CreateRule", - "description": "Grants permission to create a Rule for filtering web requests", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRule.html" - }, - "CreateRuleGroup": { - "privilege": "CreateRuleGroup", - "description": "Grants permission to create a RuleGroup, which is a collection of predefined rules that you can use in a WebACL", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRuleGroup.html" - }, - "CreateSizeConstraintSet": { - "privilege": "CreateSizeConstraintSet", - "description": "Grants permission to create a SizeConstraintSet", - "access_level": "Write", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateSizeConstraintSet.html" - }, - "CreateSqlInjectionMatchSet": { - "privilege": "CreateSqlInjectionMatchSet", - "description": "Grants permission to create an SqlInjectionMatchSet", - "access_level": "Write", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateSqlInjectionMatchSet.html" - }, - "CreateWebACL": { - "privilege": "CreateWebACL", - "description": "Grants permission to create a WebACL, which contains rules for filtering web requests", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateWebACL.html" - }, - "CreateWebACLMigrationStack": { - "privilege": "CreateWebACLMigrationStack", - "description": "Grants permission to create a CloudFormation web ACL template in an S3 bucket for the purposes of migrating the web ACL from AWS WAF Classic to AWS WAF v2", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateWebACLMigrationStack.html" - }, - "CreateXssMatchSet": { - "privilege": "CreateXssMatchSet", - "description": "Grants permission to create an XssMatchSet, which you use to detect requests that contain cross-site scripting attacks", - "access_level": "Write", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateXssMatchSet.html" - }, - "DeleteByteMatchSet": { - "privilege": "DeleteByteMatchSet", - "description": "Grants permission to delete a ByteMatchSet", - "access_level": "Write", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteByteMatchSet.html" - }, - "DeleteGeoMatchSet": { - "privilege": "DeleteGeoMatchSet", - "description": "Grants permission to delete a GeoMatchSet", - "access_level": "Write", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteGeoMatchSet.html" - }, - "DeleteIPSet": { - "privilege": "DeleteIPSet", - "description": "Grants permission to delete an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteIPSet.html" - }, - "DeleteLoggingConfiguration": { - "privilege": "DeleteLoggingConfiguration", - "description": "Grants permission to delete the LoggingConfiguration from a web ACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteLoggingConfiguration.html" - }, - "DeletePermissionPolicy": { - "privilege": "DeletePermissionPolicy", - "description": "Grants permission to delete an IAM policy from a rule group", - "access_level": "Permissions management", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeletePermissionPolicy.html" - }, - "DeleteRateBasedRule": { - "privilege": "DeleteRateBasedRule", - "description": "Grants permission to delete a RateBasedRule", - "access_level": "Write", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRateBasedRule.html" - }, - "DeleteRegexMatchSet": { - "privilege": "DeleteRegexMatchSet", - "description": "Grants permission to delete a RegexMatchSet", - "access_level": "Write", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRegexMatchSet.html" - }, - "DeleteRegexPatternSet": { - "privilege": "DeleteRegexPatternSet", - "description": "Grants permission to delete a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRegexPatternSet.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete a Rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRule.html" - }, - "DeleteRuleGroup": { - "privilege": "DeleteRuleGroup", - "description": "Grants permission to delete a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRuleGroup.html" - }, - "DeleteSizeConstraintSet": { - "privilege": "DeleteSizeConstraintSet", - "description": "Grants permission to delete a SizeConstraintSet", - "access_level": "Write", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteSizeConstraintSet.html" - }, - "DeleteSqlInjectionMatchSet": { - "privilege": "DeleteSqlInjectionMatchSet", - "description": "Grants permission to delete an SqlInjectionMatchSet", - "access_level": "Write", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteSqlInjectionMatchSet.html" - }, - "DeleteWebACL": { - "privilege": "DeleteWebACL", - "description": "Grants permission to delete a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteWebACL.html" - }, - "DeleteXssMatchSet": { - "privilege": "DeleteXssMatchSet", - "description": "Grants permission to delete an XssMatchSet", - "access_level": "Write", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteXssMatchSet.html" - }, - "GetByteMatchSet": { - "privilege": "GetByteMatchSet", - "description": "Grants permission to retrieve a ByteMatchSet", - "access_level": "Read", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetByteMatchSet.html" - }, - "GetChangeToken": { - "privilege": "GetChangeToken", - "description": "Grants permission to retrieve a change token to use in create, update, and delete requests", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetChangeToken.html" - }, - "GetChangeTokenStatus": { - "privilege": "GetChangeTokenStatus", - "description": "Grants permission to retrieve the status of a change token", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetChangeTokenStatus.html" - }, - "GetGeoMatchSet": { - "privilege": "GetGeoMatchSet", - "description": "Grants permission to retrieve a GeoMatchSet", - "access_level": "Read", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetGeoMatchSet.html" - }, - "GetIPSet": { - "privilege": "GetIPSet", - "description": "Grants permission to retrieve an IPSet", - "access_level": "Read", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetIPSet.html" - }, - "GetLoggingConfiguration": { - "privilege": "GetLoggingConfiguration", - "description": "Grants permission to retrieve a LoggingConfiguration for a web ACL", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetLoggingConfiguration.html" - }, - "GetPermissionPolicy": { - "privilege": "GetPermissionPolicy", - "description": "Grants permission to retrieve an IAM policy for a rule group", - "access_level": "Read", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetPermissionPolicy.html" - }, - "GetRateBasedRule": { - "privilege": "GetRateBasedRule", - "description": "Grants permission to retrieve a RateBasedRule", - "access_level": "Read", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRateBasedRule.html" - }, - "GetRateBasedRuleManagedKeys": { - "privilege": "GetRateBasedRuleManagedKeys", - "description": "Grants permission to retrieve the array of IP addresses that are currently being blocked by a RateBasedRule", - "access_level": "Read", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRateBasedRuleManagedKeys.html" - }, - "GetRegexMatchSet": { - "privilege": "GetRegexMatchSet", - "description": "Grants permission to retrieve a RegexMatchSet", - "access_level": "Read", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRegexMatchSet.html" - }, - "GetRegexPatternSet": { - "privilege": "GetRegexPatternSet", - "description": "Grants permission to retrieve a RegexPatternSet", - "access_level": "Read", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRegexPatternSet.html" - }, - "GetRule": { - "privilege": "GetRule", - "description": "Grants permission to retrieve a Rule", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRule.html" - }, - "GetRuleGroup": { - "privilege": "GetRuleGroup", - "description": "Grants permission to retrieve a RuleGroup", - "access_level": "Read", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRuleGroup.html" - }, - "GetSampledRequests": { - "privilege": "GetSampledRequests", - "description": "Grants permission to retrieve detailed information about a sample set of web requests", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetSampledRequests.html" - }, - "GetSizeConstraintSet": { - "privilege": "GetSizeConstraintSet", - "description": "Grants permission to retrieve a SizeConstraintSet", - "access_level": "Read", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetSizeConstraintSet.html" - }, - "GetSqlInjectionMatchSet": { - "privilege": "GetSqlInjectionMatchSet", - "description": "Grants permission to retrieve an SqlInjectionMatchSet", - "access_level": "Read", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetSqlInjectionMatchSet.html" - }, - "GetWebACL": { - "privilege": "GetWebACL", - "description": "Grants permission to retrieve a WebACL", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetWebACL.html" - }, - "GetXssMatchSet": { - "privilege": "GetXssMatchSet", - "description": "Grants permission to retrieve an XssMatchSet", - "access_level": "Read", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetXssMatchSet.html" - }, - "ListActivatedRulesInRuleGroup": { - "privilege": "ListActivatedRulesInRuleGroup", - "description": "Grants permission to retrieve an array of ActivatedRule objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListActivatedRulesInRuleGroup.html" - }, - "ListByteMatchSets": { - "privilege": "ListByteMatchSets", - "description": "Grants permission to retrieve an array of ByteMatchSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListByteMatchSets.html" - }, - "ListGeoMatchSets": { - "privilege": "ListGeoMatchSets", - "description": "Grants permission to retrieve an array of GeoMatchSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListGeoMatchSets.html" - }, - "ListIPSets": { - "privilege": "ListIPSets", - "description": "Grants permission to retrieve an array of IPSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListIPSets.html" - }, - "ListLoggingConfigurations": { - "privilege": "ListLoggingConfigurations", - "description": "Grants permission to retrieve an array of LoggingConfiguration objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListLoggingConfigurations.html" - }, - "ListRateBasedRules": { - "privilege": "ListRateBasedRules", - "description": "Grants permission to retrieve an array of RuleSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRateBasedRules.html" - }, - "ListRegexMatchSets": { - "privilege": "ListRegexMatchSets", - "description": "Grants permission to retrieve an array of RegexMatchSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRegexMatchSets.html" - }, - "ListRegexPatternSets": { - "privilege": "ListRegexPatternSets", - "description": "Grants permission to retrieve an array of RegexPatternSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRegexPatternSets.html" - }, - "ListRuleGroups": { - "privilege": "ListRuleGroups", - "description": "Grants permission to retrieve an array of RuleGroup objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRuleGroups.html" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to retrieve an array of RuleSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRules.html" - }, - "ListSizeConstraintSets": { - "privilege": "ListSizeConstraintSets", - "description": "Grants permission to retrieve an array of SizeConstraintSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListSizeConstraintSets.html" - }, - "ListSqlInjectionMatchSets": { - "privilege": "ListSqlInjectionMatchSets", - "description": "Grants permission to retrieve an array of SqlInjectionMatchSet objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListSqlInjectionMatchSets.html" - }, - "ListSubscribedRuleGroups": { - "privilege": "ListSubscribedRuleGroups", - "description": "Grants permission to retrieve an array of RuleGroup objects that you are subscribed to", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListSubscribedRuleGroups.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to retrieve the tags for a resource", - "access_level": "Read", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListTagsForResource.html" - }, - "ListWebACLs": { - "privilege": "ListWebACLs", - "description": "Grants permission to retrieve an array of WebACLSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListWebACLs.html" - }, - "ListXssMatchSets": { - "privilege": "ListXssMatchSets", - "description": "Grants permission to retrieve an array of XssMatchSet objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListXssMatchSets.html" - }, - "PutLoggingConfiguration": { - "privilege": "PutLoggingConfiguration", - "description": "Grants permission to associate a LoggingConfiguration with a specified web ACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_PutLoggingConfiguration.html" - }, - "PutPermissionPolicy": { - "privilege": "PutPermissionPolicy", - "description": "Grants permission to attach an IAM policy to a rule group, to share the rule group between accounts", - "access_level": "Permissions management", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_PutPermissionPolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a Tag to a resource", - "access_level": "Tagging", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a Tag from a resource", - "access_level": "Tagging", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UntagResource.html" - }, - "UpdateByteMatchSet": { - "privilege": "UpdateByteMatchSet", - "description": "Grants permission to insert or delete ByteMatchTuple objects in a ByteMatchSet", - "access_level": "Write", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateByteMatchSet.html" - }, - "UpdateGeoMatchSet": { - "privilege": "UpdateGeoMatchSet", - "description": "Grants permission to insert or delete GeoMatchConstraint objects in a GeoMatchSet", - "access_level": "Write", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateGeoMatchSet.html" - }, - "UpdateIPSet": { - "privilege": "UpdateIPSet", - "description": "Grants permission to insert or delete IPSetDescriptor objects in an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateIPSet.html" - }, - "UpdateRateBasedRule": { - "privilege": "UpdateRateBasedRule", - "description": "Grants permission to modify a rate based rule", - "access_level": "Write", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRateBasedRule.html" - }, - "UpdateRegexMatchSet": { - "privilege": "UpdateRegexMatchSet", - "description": "Grants permission to insert or delete RegexMatchTuple objects in a RegexMatchSet", - "access_level": "Write", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRegexMatchSet.html" - }, - "UpdateRegexPatternSet": { - "privilege": "UpdateRegexPatternSet", - "description": "Grants permission to insert or delete RegexPatternStrings in a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRegexPatternSet.html" - }, - "UpdateRule": { - "privilege": "UpdateRule", - "description": "Grants permission to modify a Rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRule.html" - }, - "UpdateRuleGroup": { - "privilege": "UpdateRuleGroup", - "description": "Grants permission to insert or delete ActivatedRule objects in a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRuleGroup.html" - }, - "UpdateSizeConstraintSet": { - "privilege": "UpdateSizeConstraintSet", - "description": "Grants permission to insert or delete SizeConstraint objects in a SizeConstraintSet", - "access_level": "Write", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateSizeConstraintSet.html" - }, - "UpdateSqlInjectionMatchSet": { - "privilege": "UpdateSqlInjectionMatchSet", - "description": "Grants permission to insert or delete SqlInjectionMatchTuple objects in an SqlInjectionMatchSet", - "access_level": "Write", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateSqlInjectionMatchSet.html" - }, - "UpdateWebACL": { - "privilege": "UpdateWebACL", - "description": "Grants permission to insert or delete ActivatedRule objects in a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateWebACL.html" - }, - "UpdateXssMatchSet": { - "privilege": "UpdateXssMatchSet", - "description": "Grants permission to insert or delete XssMatchTuple objects in an XssMatchSet", - "access_level": "Write", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateXssMatchSet.html" - } - }, - "resources": { - "bytematchset": { - "resource": "bytematchset", - "arn": "arn:${Partition}:waf::${Account}:bytematchset/${Id}", - "condition_keys": [] - }, - "ipset": { - "resource": "ipset", - "arn": "arn:${Partition}:waf::${Account}:ipset/${Id}", - "condition_keys": [] - }, - "ratebasedrule": { - "resource": "ratebasedrule", - "arn": "arn:${Partition}:waf::${Account}:ratebasedrule/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "rule": { - "resource": "rule", - "arn": "arn:${Partition}:waf::${Account}:rule/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "sizeconstraintset": { - "resource": "sizeconstraintset", - "arn": "arn:${Partition}:waf::${Account}:sizeconstraintset/${Id}", - "condition_keys": [] - }, - "sqlinjectionmatchset": { - "resource": "sqlinjectionmatchset", - "arn": "arn:${Partition}:waf::${Account}:sqlinjectionset/${Id}", - "condition_keys": [] - }, - "webacl": { - "resource": "webacl", - "arn": "arn:${Partition}:waf::${Account}:webacl/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "xssmatchset": { - "resource": "xssmatchset", - "arn": "arn:${Partition}:waf::${Account}:xssmatchset/${Id}", - "condition_keys": [] - }, - "regexmatchset": { - "resource": "regexmatchset", - "arn": "arn:${Partition}:waf::${Account}:regexmatch/${Id}", - "condition_keys": [] - }, - "regexpatternset": { - "resource": "regexpatternset", - "arn": "arn:${Partition}:waf::${Account}:regexpatternset/${Id}", - "condition_keys": [] - }, - "geomatchset": { - "resource": "geomatchset", - "arn": "arn:${Partition}:waf::${Account}:geomatchset/${Id}", - "condition_keys": [] - }, - "rulegroup": { - "resource": "rulegroup", - "arn": "arn:${Partition}:waf::${Account}:rulegroup/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "waf-regional": { - "service_name": "AWS WAF Regional", - "prefix": "waf-regional", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswafregional.html", - "privileges": { - "AssociateWebACL": { - "privilege": "AssociateWebACL", - "description": "Grants permission to associate a web ACL with a resource", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_AssociateWebACL.html" - }, - "CreateByteMatchSet": { - "privilege": "CreateByteMatchSet", - "description": "Grants permission to create a ByteMatchSet", - "access_level": "Write", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateByteMatchSet.html" - }, - "CreateGeoMatchSet": { - "privilege": "CreateGeoMatchSet", - "description": "Grants permission to create a GeoMatchSet", - "access_level": "Write", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateGeoMatchSet.html" - }, - "CreateIPSet": { - "privilege": "CreateIPSet", - "description": "Grants permission to create an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateIPSet.html" - }, - "CreateRateBasedRule": { - "privilege": "CreateRateBasedRule", - "description": "Grants permission to create a RateBasedRule", - "access_level": "Write", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRateBasedRule.html" - }, - "CreateRegexMatchSet": { - "privilege": "CreateRegexMatchSet", - "description": "Grants permission to create a RegexMatchSet", - "access_level": "Write", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRegexMatchSet.html" - }, - "CreateRegexPatternSet": { - "privilege": "CreateRegexPatternSet", - "description": "Grants permission to create a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRegexPatternSet.html" - }, - "CreateRule": { - "privilege": "CreateRule", - "description": "Grants permission to create a Rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRule.html" - }, - "CreateRuleGroup": { - "privilege": "CreateRuleGroup", - "description": "Grants permission to create a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRuleGroup.html" - }, - "CreateSizeConstraintSet": { - "privilege": "CreateSizeConstraintSet", - "description": "Grants permission to create a SizeConstraintSet", - "access_level": "Write", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateSizeConstraintSet.html" - }, - "CreateSqlInjectionMatchSet": { - "privilege": "CreateSqlInjectionMatchSet", - "description": "Grants permission to create an SqlInjectionMatchSet", - "access_level": "Write", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateSqlInjectionMatchSet.html" - }, - "CreateWebACL": { - "privilege": "CreateWebACL", - "description": "Grants permission to create a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateWebACL.html" - }, - "CreateWebACLMigrationStack": { - "privilege": "CreateWebACLMigrationStack", - "description": "Grants permission to create a CloudFormation web ACL template in an S3 bucket for the purposes of migrating the web ACL from AWS WAF Classic to AWS WAF v2", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "s3:PutObject" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateWebACLMigrationStack.html" - }, - "CreateXssMatchSet": { - "privilege": "CreateXssMatchSet", - "description": "Grants permission to create an XssMatchSet", - "access_level": "Write", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateXssMatchSet.html" - }, - "DeleteByteMatchSet": { - "privilege": "DeleteByteMatchSet", - "description": "Grants permission to delete a ByteMatchSet", - "access_level": "Write", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteByteMatchSet.html" - }, - "DeleteGeoMatchSet": { - "privilege": "DeleteGeoMatchSet", - "description": "Grants permission to delete a GeoMatchSet", - "access_level": "Write", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteGeoMatchSet.html" - }, - "DeleteIPSet": { - "privilege": "DeleteIPSet", - "description": "Grants permission to delete an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteIPSet.html" - }, - "DeleteLoggingConfiguration": { - "privilege": "DeleteLoggingConfiguration", - "description": "Grants permission to delete a LoggingConfiguration from a web ACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteLoggingConfiguration.html" - }, - "DeletePermissionPolicy": { - "privilege": "DeletePermissionPolicy", - "description": "Grants permission to delete an IAM policy from a rule group", - "access_level": "Permissions management", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeletePermissionPolicy.html" - }, - "DeleteRateBasedRule": { - "privilege": "DeleteRateBasedRule", - "description": "Grants permission to delete a RateBasedRule", - "access_level": "Write", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRateBasedRule.html" - }, - "DeleteRegexMatchSet": { - "privilege": "DeleteRegexMatchSet", - "description": "Grants permission to delete a RegexMatchSet", - "access_level": "Write", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRegexMatchSet.html" - }, - "DeleteRegexPatternSet": { - "privilege": "DeleteRegexPatternSet", - "description": "Grants permission to delete a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRegexPatternSet.html" - }, - "DeleteRule": { - "privilege": "DeleteRule", - "description": "Grants permission to delete a Rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRule.html" - }, - "DeleteRuleGroup": { - "privilege": "DeleteRuleGroup", - "description": "Grants permission to delete a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRuleGroup.html" - }, - "DeleteSizeConstraintSet": { - "privilege": "DeleteSizeConstraintSet", - "description": "Grants permission to delete a SizeConstraintSet", - "access_level": "Write", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteSizeConstraintSet.html" - }, - "DeleteSqlInjectionMatchSet": { - "privilege": "DeleteSqlInjectionMatchSet", - "description": "Grants permission to delete an SqlInjectionMatchSet", - "access_level": "Write", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteSqlInjectionMatchSet.html" - }, - "DeleteWebACL": { - "privilege": "DeleteWebACL", - "description": "Grants permission to delete a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteWebACL.html" - }, - "DeleteXssMatchSet": { - "privilege": "DeleteXssMatchSet", - "description": "Grants permission to delete an XssMatchSet", - "access_level": "Write", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteXssMatchSet.html" - }, - "DisassociateWebACL": { - "privilege": "DisassociateWebACL", - "description": "Grants permission to delete an association between a web ACL and a resource", - "access_level": "Write", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DisassociateWebACL.html" - }, - "GetByteMatchSet": { - "privilege": "GetByteMatchSet", - "description": "Grants permission to retrieve a ByteMatchSet", - "access_level": "Read", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetByteMatchSet.html" - }, - "GetChangeToken": { - "privilege": "GetChangeToken", - "description": "Grants permission to retrieve a change token to use in create, update, and delete requests", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetChangeToken.html" - }, - "GetChangeTokenStatus": { - "privilege": "GetChangeTokenStatus", - "description": "Grants permission to retrieve the status of a change token", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetChangeTokenStatus.html" - }, - "GetGeoMatchSet": { - "privilege": "GetGeoMatchSet", - "description": "Grants permission to retrieve a GeoMatchSet", - "access_level": "Read", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetGeoMatchSet.html" - }, - "GetIPSet": { - "privilege": "GetIPSet", - "description": "Grants permission to retrieve an IPSet", - "access_level": "Read", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetIPSet.html" - }, - "GetLoggingConfiguration": { - "privilege": "GetLoggingConfiguration", - "description": "Grants permission to retrieve a LoggingConfiguration", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetLoggingConfiguration.html" - }, - "GetPermissionPolicy": { - "privilege": "GetPermissionPolicy", - "description": "Grants permission to retrieve an IAM policy attached to a RuleGroup", - "access_level": "Read", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetPermissionPolicy.html" - }, - "GetRateBasedRule": { - "privilege": "GetRateBasedRule", - "description": "Grants permission to retrieve a RateBasedRule", - "access_level": "Read", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRateBasedRule.html" - }, - "GetRateBasedRuleManagedKeys": { - "privilege": "GetRateBasedRuleManagedKeys", - "description": "Grants permission to retrieve the array of IP addresses that are currently being blocked by a RateBasedRule", - "access_level": "Read", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRateBasedRuleManagedKeys.html" - }, - "GetRegexMatchSet": { - "privilege": "GetRegexMatchSet", - "description": "Grants permission to retrieve a RegexMatchSet", - "access_level": "Read", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRegexMatchSet.html" - }, - "GetRegexPatternSet": { - "privilege": "GetRegexPatternSet", - "description": "Grants permission to retrieve a RegexPatternSet", - "access_level": "Read", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRegexPatternSet.html" - }, - "GetRule": { - "privilege": "GetRule", - "description": "Grants permission to retrieve a Rule", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRule.html" - }, - "GetRuleGroup": { - "privilege": "GetRuleGroup", - "description": "Grants permission to retrieve a RuleGroup", - "access_level": "Read", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRuleGroup.html" - }, - "GetSampledRequests": { - "privilege": "GetSampledRequests", - "description": "Grants permission to retrieve detailed information for a sample set of web requests", - "access_level": "Read", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetSampledRequests.html" - }, - "GetSizeConstraintSet": { - "privilege": "GetSizeConstraintSet", - "description": "Grants permission to retrieve a SizeConstraintSet", - "access_level": "Read", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetSizeConstraintSet.html" - }, - "GetSqlInjectionMatchSet": { - "privilege": "GetSqlInjectionMatchSet", - "description": "Grants permission to retrieve an SqlInjectionMatchSet", - "access_level": "Read", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetSqlInjectionMatchSet.html" - }, - "GetWebACL": { - "privilege": "GetWebACL", - "description": "Grants permission to retrieve a WebACL", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetWebACL.html" - }, - "GetWebACLForResource": { - "privilege": "GetWebACLForResource", - "description": "Grants permission to retrieve a WebACL that's associated with a specified resource", - "access_level": "Read", - "resource_types": { - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetWebACLForResource.html" - }, - "GetXssMatchSet": { - "privilege": "GetXssMatchSet", - "description": "Grants permission to retrieve an XssMatchSet", - "access_level": "Read", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetXssMatchSet.html" - }, - "ListActivatedRulesInRuleGroup": { - "privilege": "ListActivatedRulesInRuleGroup", - "description": "Grants permission to retrieve an array of ActivatedRule objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListActivatedRulesInRuleGroup.html" - }, - "ListByteMatchSets": { - "privilege": "ListByteMatchSets", - "description": "Grants permission to retrieve an array of ByteMatchSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListByteMatchSets.html" - }, - "ListGeoMatchSets": { - "privilege": "ListGeoMatchSets", - "description": "Grants permission to retrieve an array of GeoMatchSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListGeoMatchSets.html" - }, - "ListIPSets": { - "privilege": "ListIPSets", - "description": "Grants permission to retrieve an array of IPSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListIPSets.html" - }, - "ListLoggingConfigurations": { - "privilege": "ListLoggingConfigurations", - "description": "Grants permission to retrieve an array of LoggingConfiguration objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListLoggingConfigurations.html" - }, - "ListRateBasedRules": { - "privilege": "ListRateBasedRules", - "description": "Grants permission to retrieve an array of RuleSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRateBasedRules.html" - }, - "ListRegexMatchSets": { - "privilege": "ListRegexMatchSets", - "description": "Grants permission to retrieve an array of RegexMatchSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRegexMatchSets.html" - }, - "ListRegexPatternSets": { - "privilege": "ListRegexPatternSets", - "description": "Grants permission to retrieve an array of RegexPatternSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRegexPatternSets.html" - }, - "ListResourcesForWebACL": { - "privilege": "ListResourcesForWebACL", - "description": "Grants permission to retrieve an array of resources associated with a specified WebACL", - "access_level": "List", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListResourcesForWebACL.html" - }, - "ListRuleGroups": { - "privilege": "ListRuleGroups", - "description": "Grants permission to retrieve an array of RuleGroup objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRuleGroups.html" - }, - "ListRules": { - "privilege": "ListRules", - "description": "Grants permission to retrieve an array of RuleSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRules.html" - }, - "ListSizeConstraintSets": { - "privilege": "ListSizeConstraintSets", - "description": "Grants permission to retrieve an array of SizeConstraintSetSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListSizeConstraintSets.html" - }, - "ListSqlInjectionMatchSets": { - "privilege": "ListSqlInjectionMatchSets", - "description": "Grants permission to retrieve an array of SqlInjectionMatchSet objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListSqlInjectionMatchSets.html" - }, - "ListSubscribedRuleGroups": { - "privilege": "ListSubscribedRuleGroups", - "description": "Grants permission to retrieve an array of RuleGroup objects that you are subscribed to", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListSubscribedRuleGroups.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to lists the Tags for a resource", - "access_level": "Read", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListTagsForResource.html" - }, - "ListWebACLs": { - "privilege": "ListWebACLs", - "description": "Grants permission to retrieve an array of WebACLSummary objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListWebACLs.html" - }, - "ListXssMatchSets": { - "privilege": "ListXssMatchSets", - "description": "Grants permission to retrieve an array of XssMatchSet objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListXssMatchSets.html" - }, - "PutLoggingConfiguration": { - "privilege": "PutLoggingConfiguration", - "description": "Grants permission to associates a LoggingConfiguration with a web ACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_PutLoggingConfiguration.html" - }, - "PutPermissionPolicy": { - "privilege": "PutPermissionPolicy", - "description": "Grants permission to attach an IAM policy to a specified rule group, to support rule group sharing between accounts", - "access_level": "Permissions management", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_PutPermissionPolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add a Tag to a resource", - "access_level": "Tagging", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a Tag from a resource", - "access_level": "Tagging", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rule": { - "resource_type": "rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UntagResource.html" - }, - "UpdateByteMatchSet": { - "privilege": "UpdateByteMatchSet", - "description": "Grants permission to insert or delete ByteMatchTuple objects in a ByteMatchSet", - "access_level": "Write", - "resource_types": { - "bytematchset": { - "resource_type": "bytematchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateByteMatchSet.html" - }, - "UpdateGeoMatchSet": { - "privilege": "UpdateGeoMatchSet", - "description": "Grants permission to insert or delete GeoMatchConstraint objects in a GeoMatchSet", - "access_level": "Write", - "resource_types": { - "geomatchset": { - "resource_type": "geomatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateGeoMatchSet.html" - }, - "UpdateIPSet": { - "privilege": "UpdateIPSet", - "description": "Grants permission to insert or delete IPSetDescriptor objects in an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateIPSet.html" - }, - "UpdateRateBasedRule": { - "privilege": "UpdateRateBasedRule", - "description": "Grants permission to insert or delete predicate objects in a rate based rule and update the RateLimit in the rule", - "access_level": "Write", - "resource_types": { - "ratebasedrule": { - "resource_type": "ratebasedrule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRateBasedRule.html" - }, - "UpdateRegexMatchSet": { - "privilege": "UpdateRegexMatchSet", - "description": "Grants permission to insert or delete RegexMatchTuple objects in a RegexMatchSet", - "access_level": "Write", - "resource_types": { - "regexmatchset": { - "resource_type": "regexmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRegexMatchSet.html" - }, - "UpdateRegexPatternSet": { - "privilege": "UpdateRegexPatternSet", - "description": "Grants permission to insert or delete RegexPatternStrings in a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRegexPatternSet.html" - }, - "UpdateRule": { - "privilege": "UpdateRule", - "description": "Grants permission to insert or delete predicate objects in a Rule", - "access_level": "Write", - "resource_types": { - "rule": { - "resource_type": "rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRule.html" - }, - "UpdateRuleGroup": { - "privilege": "UpdateRuleGroup", - "description": "Grants permission to insert or delete ActivatedRule objects in a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRuleGroup.html" - }, - "UpdateSizeConstraintSet": { - "privilege": "UpdateSizeConstraintSet", - "description": "Grants permission to insert or delete SizeConstraint objects in a SizeConstraintSet", - "access_level": "Write", - "resource_types": { - "sizeconstraintset": { - "resource_type": "sizeconstraintset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateSizeConstraintSet.html" - }, - "UpdateSqlInjectionMatchSet": { - "privilege": "UpdateSqlInjectionMatchSet", - "description": "Grants permission to insert or delete SqlInjectionMatchTuple objects in an SqlInjectionMatchSet", - "access_level": "Write", - "resource_types": { - "sqlinjectionmatchset": { - "resource_type": "sqlinjectionmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateSqlInjectionMatchSet.html" - }, - "UpdateWebACL": { - "privilege": "UpdateWebACL", - "description": "Grants permission to insert or delete ActivatedRule objects in a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateWebACL.html" - }, - "UpdateXssMatchSet": { - "privilege": "UpdateXssMatchSet", - "description": "Grants permission to insert or delete XssMatchTuple objects in an XssMatchSet", - "access_level": "Write", - "resource_types": { - "xssmatchset": { - "resource_type": "xssmatchset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateXssMatchSet.html" - } - }, - "resources": { - "bytematchset": { - "resource": "bytematchset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:bytematchset/${Id}", - "condition_keys": [] - }, - "ipset": { - "resource": "ipset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:ipset/${Id}", - "condition_keys": [] - }, - "loadbalancer/app/": { - "resource": "loadbalancer/app/", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", - "condition_keys": [] - }, - "ratebasedrule": { - "resource": "ratebasedrule", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:ratebasedrule/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "rule": { - "resource": "rule", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:rule/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "sizeconstraintset": { - "resource": "sizeconstraintset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:sizeconstraintset/${Id}", - "condition_keys": [] - }, - "sqlinjectionmatchset": { - "resource": "sqlinjectionmatchset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:sqlinjectionset/${Id}", - "condition_keys": [] - }, - "webacl": { - "resource": "webacl", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:webacl/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "xssmatchset": { - "resource": "xssmatchset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:xssmatchset/${Id}", - "condition_keys": [] - }, - "regexmatchset": { - "resource": "regexmatchset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:regexmatch/${Id}", - "condition_keys": [] - }, - "regexpatternset": { - "resource": "regexpatternset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:regexpatternset/${Id}", - "condition_keys": [] - }, - "geomatchset": { - "resource": "geomatchset", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:geomatchset/${Id}", - "condition_keys": [] - }, - "rulegroup": { - "resource": "rulegroup", - "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:rulegroup/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag-value assoicated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "wafv2": { - "service_name": "AWS WAF V2", - "prefix": "wafv2", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswafv2.html", - "privileges": { - "AssociateWebACL": { - "privilege": "AssociateWebACL", - "description": "Grants permission to associate a WebACL with a resource", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "apigateway": { - "resource_type": "apigateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "apprunner": { - "resource_type": "apprunner", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "appsync": { - "resource_type": "appsync", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "userpool": { - "resource_type": "userpool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_AssociateWebACL.html" - }, - "CheckCapacity": { - "privilege": "CheckCapacity", - "description": "Grants permission to calculate web ACL capacity unit (WCU) requirements for a specified scope and set of rules", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CheckCapacity.html" - }, - "CreateAPIKey": { - "privilege": "CreateAPIKey", - "description": "Grants permission to create an API key for use in the integration of the CAPTCHA API in your JavaScript client applications", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateAPIKey.html" - }, - "CreateIPSet": { - "privilege": "CreateIPSet", - "description": "Grants permission to create an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateIPSet.html" - }, - "CreateRegexPatternSet": { - "privilege": "CreateRegexPatternSet", - "description": "Grants permission to create a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateRegexPatternSet.html" - }, - "CreateRuleGroup": { - "privilege": "CreateRuleGroup", - "description": "Grants permission to create a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "regexpatternset": { - "resource_type": "regexpatternset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateRuleGroup.html" - }, - "CreateWebACL": { - "privilege": "CreateWebACL", - "description": "Grants permission to create a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managedruleset": { - "resource_type": "managedruleset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "regexpatternset": { - "resource_type": "regexpatternset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateWebACL.html" - }, - "DeleteFirewallManagerRuleGroups": { - "privilege": "DeleteFirewallManagerRuleGroups", - "description": "Grants permission to delete FirewallManagedRulesGroups from a WebACL if not managed by Firewall Manager anymore", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteFirewallManagerRuleGroups.html" - }, - "DeleteIPSet": { - "privilege": "DeleteIPSet", - "description": "Grants permission to delete an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteIPSet.html" - }, - "DeleteLoggingConfiguration": { - "privilege": "DeleteLoggingConfiguration", - "description": "Grants permission to delete the LoggingConfiguration from a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteLoggingConfiguration.html" - }, - "DeletePermissionPolicy": { - "privilege": "DeletePermissionPolicy", - "description": "Grants permission to delete the PermissionPolicy on a RuleGroup", - "access_level": "Permissions management", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeletePermissionPolicy.html" - }, - "DeleteRegexPatternSet": { - "privilege": "DeleteRegexPatternSet", - "description": "Grants permission to delete a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteRegexPatternSet.html" - }, - "DeleteRuleGroup": { - "privilege": "DeleteRuleGroup", - "description": "Grants permission to delete a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteRuleGroup.html" - }, - "DeleteWebACL": { - "privilege": "DeleteWebACL", - "description": "Grants permission to delete a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteWebACL.html" - }, - "DescribeAllManagedProducts": { - "privilege": "DescribeAllManagedProducts", - "description": "Grants permission to retrieve product information for a managed rule group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DescribeAllManagedProducts.html" - }, - "DescribeManagedProductsByVendor": { - "privilege": "DescribeManagedProductsByVendor", - "description": "Grants permission to retrieve product information for a managed rule group by a given vendor", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DescribeManagedProductsByVendor.html" - }, - "DescribeManagedRuleGroup": { - "privilege": "DescribeManagedRuleGroup", - "description": "Grants permission to retrieve high-level information for a managed rule group", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DescribeManagedRuleGroup.html" - }, - "DisassociateFirewallManager": { - "privilege": "DisassociateFirewallManager", - "description": "Grants permission to disassociate Firewall Manager from a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DisassociateFirewallManager.html" - }, - "DisassociateWebACL": { - "privilege": "DisassociateWebACL", - "description": "Grants permission to disassociate a WebACL from an application resource", - "access_level": "Write", - "resource_types": { - "apigateway": { - "resource_type": "apigateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "apprunner": { - "resource_type": "apprunner", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "appsync": { - "resource_type": "appsync", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "userpool": { - "resource_type": "userpool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DisassociateWebACL.html" - }, - "GenerateMobileSdkReleaseUrl": { - "privilege": "GenerateMobileSdkReleaseUrl", - "description": "Grants permission to generate a presigned download URL for the specified release of the mobile SDK", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GenerateMobileSdkReleaseUrl.html" - }, - "GetDecryptedAPIKey": { - "privilege": "GetDecryptedAPIKey", - "description": "Grants permission to return your API key in decrypted form. Use this to check the token domains that you have defined for the key", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetDecryptedAPIKey.html" - }, - "GetIPSet": { - "privilege": "GetIPSet", - "description": "Grants permission to retrieve details about an IPSet", - "access_level": "Read", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetIPSet.html" - }, - "GetLoggingConfiguration": { - "privilege": "GetLoggingConfiguration", - "description": "Grants permission to retrieve LoggingConfiguration for a WebACL", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetLoggingConfiguration.html" - }, - "GetManagedRuleSet": { - "privilege": "GetManagedRuleSet", - "description": "Grants permission to retrieve details about a ManagedRuleSet", - "access_level": "Read", - "resource_types": { - "managedruleset": { - "resource_type": "managedruleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetManagedRuleSet.html" - }, - "GetMobileSdkRelease": { - "privilege": "GetMobileSdkRelease", - "description": "Grants permission to retrieve information for the specified mobile SDK release, including release notes and tags", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetMobileSdkRelease.html" - }, - "GetPermissionPolicy": { - "privilege": "GetPermissionPolicy", - "description": "Grants permission to retrieve a PermissionPolicy for a RuleGroup", - "access_level": "Read", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetPermissionPolicy.html" - }, - "GetRateBasedStatementManagedKeys": { - "privilege": "GetRateBasedStatementManagedKeys", - "description": "Grants permission to retrieve the keys that are currently blocked by a rate-based rule", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetRateBasedStatementManagedKeys.html" - }, - "GetRegexPatternSet": { - "privilege": "GetRegexPatternSet", - "description": "Grants permission to retrieve details about a RegexPatternSet", - "access_level": "Read", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetRegexPatternSet.html" - }, - "GetRuleGroup": { - "privilege": "GetRuleGroup", - "description": "Grants permission to retrieve details about a RuleGroup", - "access_level": "Read", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetRuleGroup.html" - }, - "GetSampledRequests": { - "privilege": "GetSampledRequests", - "description": "Grants permission to retrieve detailed information about a sampling of web requests", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetSampledRequests.html" - }, - "GetWebACL": { - "privilege": "GetWebACL", - "description": "Grants permission to retrieve details about a WebACL", - "access_level": "Read", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetWebACL.html" - }, - "GetWebACLForResource": { - "privilege": "GetWebACLForResource", - "description": "Grants permission to retrieve the WebACL that's associated with a resource", - "access_level": "Read", - "resource_types": { - "apigateway": { - "resource_type": "apigateway", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "apprunner": { - "resource_type": "apprunner", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "appsync": { - "resource_type": "appsync", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "loadbalancer/app/": { - "resource_type": "loadbalancer/app/", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "userpool": { - "resource_type": "userpool", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "verified-access-instance": { - "resource_type": "verified-access-instance", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetWebACLForResource.html" - }, - "ListAPIKeys": { - "privilege": "ListAPIKeys", - "description": "Grants permission to retrieve a list of the API keys that you've defined for the specified scope", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListAPIKeys.html" - }, - "ListAvailableManagedRuleGroupVersions": { - "privilege": "ListAvailableManagedRuleGroupVersions", - "description": "Grants permission to retrieve an array of managed rule group versions that are available for you to use", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListAvailableManagedRuleGroupVersions.html" - }, - "ListAvailableManagedRuleGroups": { - "privilege": "ListAvailableManagedRuleGroups", - "description": "Grants permission to retrieve an array of managed rule groups that are available for you to use", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListAvailableManagedRuleGroups.html" - }, - "ListIPSets": { - "privilege": "ListIPSets", - "description": "Grants permission to retrieve an array of IPSetSummary objects for the IP sets that you manage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListIPSets.html" - }, - "ListLoggingConfigurations": { - "privilege": "ListLoggingConfigurations", - "description": "Grants permission to retrieve an array of your LoggingConfiguration objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListLoggingConfigurations.html" - }, - "ListManagedRuleSets": { - "privilege": "ListManagedRuleSets", - "description": "Grants permission to retrieve an array of your ManagedRuleSet objects", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListManagedRuleSets.html" - }, - "ListMobileSdkReleases": { - "privilege": "ListMobileSdkReleases", - "description": "Grants permission to retrieve a list of the available releases for the mobile SDK and the specified device platform", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListMobileSdkReleases.html" - }, - "ListRegexPatternSets": { - "privilege": "ListRegexPatternSets", - "description": "Grants permission to retrieve an array of RegexPatternSetSummary objects for the regex pattern sets that you manage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListRegexPatternSets.html" - }, - "ListResourcesForWebACL": { - "privilege": "ListResourcesForWebACL", - "description": "Grants permission to retrieve an array of the Amazon Resource Names (ARNs) for the resources that are associated with a web ACL", - "access_level": "List", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListResourcesForWebACL.html" - }, - "ListRuleGroups": { - "privilege": "ListRuleGroups", - "description": "Grants permission to retrieve an array of RuleGroupSummary objects for the rule groups that you manage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListRuleGroups.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "regexpatternset": { - "resource_type": "regexpatternset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWebACLs": { - "privilege": "ListWebACLs", - "description": "Grants permission to retrieve an array of WebACLSummary objects for the web ACLs that you manage", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListWebACLs.html" - }, - "PutFirewallManagerRuleGroups": { - "privilege": "PutFirewallManagerRuleGroups", - "description": "Grants permission to create FirewallManagedRulesGroups in a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutFirewallManagerRuleGroups.html" - }, - "PutLoggingConfiguration": { - "privilege": "PutLoggingConfiguration", - "description": "Grants permission to enable a LoggingConfiguration, to start logging for a web ACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [ - "iam:CreateServiceLinkedRole" - ] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutLoggingConfiguration.html" - }, - "PutManagedRuleSetVersions": { - "privilege": "PutManagedRuleSetVersions", - "description": "Grants permission to enable create a new or update an existing version of a ManagedRuleSet", - "access_level": "Write", - "resource_types": { - "managedruleset": { - "resource_type": "managedruleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutManagedRuleSetVersions.html" - }, - "PutPermissionPolicy": { - "privilege": "PutPermissionPolicy", - "description": "Grants permission to attach an IAM policy to a resource, used to share rule groups between accounts", - "access_level": "Permissions management", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutPermissionPolicy.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate tags with a AWS resource", - "access_level": "Tagging", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "regexpatternset": { - "resource_type": "regexpatternset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to disassociate tags from an AWS resource", - "access_level": "Tagging", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "regexpatternset": { - "resource_type": "regexpatternset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "webacl": { - "resource_type": "webacl", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UntagResource.html" - }, - "UpdateIPSet": { - "privilege": "UpdateIPSet", - "description": "Grants permission to update an IPSet", - "access_level": "Write", - "resource_types": { - "ipset": { - "resource_type": "ipset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateIPSet.html" - }, - "UpdateManagedRuleSetVersionExpiryDate": { - "privilege": "UpdateManagedRuleSetVersionExpiryDate", - "description": "Grants permission to update the expiry date of a version in ManagedRuleSet", - "access_level": "Write", - "resource_types": { - "managedruleset": { - "resource_type": "managedruleset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateManagedRuleSetVersionExpiryDate.html" - }, - "UpdateRegexPatternSet": { - "privilege": "UpdateRegexPatternSet", - "description": "Grants permission to update a RegexPatternSet", - "access_level": "Write", - "resource_types": { - "regexpatternset": { - "resource_type": "regexpatternset", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateRegexPatternSet.html" - }, - "UpdateRuleGroup": { - "privilege": "UpdateRuleGroup", - "description": "Grants permission to update a RuleGroup", - "access_level": "Write", - "resource_types": { - "rulegroup": { - "resource_type": "rulegroup", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "regexpatternset": { - "resource_type": "regexpatternset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateRuleGroup.html" - }, - "UpdateWebACL": { - "privilege": "UpdateWebACL", - "description": "Grants permission to update a WebACL", - "access_level": "Write", - "resource_types": { - "webacl": { - "resource_type": "webacl", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "ipset": { - "resource_type": "ipset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "managedruleset": { - "resource_type": "managedruleset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "regexpatternset": { - "resource_type": "regexpatternset", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "rulegroup": { - "resource_type": "rulegroup", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateWebACL.html" - } - }, - "resources": { - "webacl": { - "resource": "webacl", - "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/webacl/${Name}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "ipset": { - "resource": "ipset", - "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/ipset/${Name}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "managedruleset": { - "resource": "managedruleset", - "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/managedruleset/${Name}/${Id}", - "condition_keys": [] - }, - "rulegroup": { - "resource": "rulegroup", - "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/rulegroup/${Name}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "regexpatternset": { - "resource": "regexpatternset", - "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/regexpatternset/${Name}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "loadbalancer/app/": { - "resource": "loadbalancer/app/", - "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", - "condition_keys": [] - }, - "apigateway": { - "resource": "apigateway", - "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${ApiId}/stages/${StageName}", - "condition_keys": [] - }, - "appsync": { - "resource": "appsync", - "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}", - "condition_keys": [] - }, - "userpool": { - "resource": "userpool", - "arn": "arn:${Partition}:cognito-idp:${Region}:${Account}:userpool/${UserPoolId}", - "condition_keys": [] - }, - "apprunner": { - "resource": "apprunner", - "arn": "arn:${Partition}:apprunner:${Region}:${Account}:service/${ServiceName}/${ServiceId}", - "condition_keys": [] - }, - "verified-access-instance": { - "resource": "verified-access-instance", - "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-instance/${VerifiedAccessInstanceId}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the allowed set of values for each of the tags", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag-value associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the presence of mandatory tags in the request", - "type": "ArrayOfString" - } - } - }, - "wellarchitected": { - "service_name": "AWS Well-Architected Tool", - "prefix": "wellarchitected", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswell-architectedtool.html", - "privileges": { - "AssociateLenses": { - "privilege": "AssociateLenses", - "description": "Grants permission to associate a lens to the specified workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_AssociateLenses.html" - }, - "AssociateProfiles": { - "privilege": "AssociateProfiles", - "description": "Grants permission to associate a profile to the specified workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_AssociateProfiles.html" - }, - "CreateLensShare": { - "privilege": "CreateLensShare", - "description": "Grants permission to an owner of a lens to share with other AWS accounts and IAM Users", - "access_level": "Write", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensShare.html" - }, - "CreateLensVersion": { - "privilege": "CreateLensVersion", - "description": "Grants permission to create a new lens version", - "access_level": "Write", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensVersion.html" - }, - "CreateMilestone": { - "privilege": "CreateMilestone", - "description": "Grants permission to create a new milestone for the specified workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateMilestone.html" - }, - "CreateProfile": { - "privilege": "CreateProfile", - "description": "Grants permission to create a new profile", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateProfile.html" - }, - "CreateProfileShare": { - "privilege": "CreateProfileShare", - "description": "Grants permission to an owner of a profile to share with other AWS accounts and IAM Users", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateProfileShare.html" - }, - "CreateWorkload": { - "privilege": "CreateWorkload", - "description": "Grants permission to create a new workload", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateWorkload.html" - }, - "CreateWorkloadShare": { - "privilege": "CreateWorkloadShare", - "description": "Grants permission to share a workload with another account", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateWorkloadShare.html" - }, - "DeleteLens": { - "privilege": "DeleteLens", - "description": "Grants permission to delete a lens", - "access_level": "Write", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteLens.html" - }, - "DeleteLensShare": { - "privilege": "DeleteLensShare", - "description": "Grants permission to delete an existing lens share", - "access_level": "Write", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteLensShare.html" - }, - "DeleteProfile": { - "privilege": "DeleteProfile", - "description": "Grants permission to delete a profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteProfile.html" - }, - "DeleteProfileShare": { - "privilege": "DeleteProfileShare", - "description": "Grants permission to delete an existing profile share", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteProfileShare.html" - }, - "DeleteWorkload": { - "privilege": "DeleteWorkload", - "description": "Grants permission to delete an existing workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteWorkload.html" - }, - "DeleteWorkloadShare": { - "privilege": "DeleteWorkloadShare", - "description": "Grants permission to delete an existing workload share", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteWorkloadShare.html" - }, - "DisassociateLenses": { - "privilege": "DisassociateLenses", - "description": "Grants permission to disassociate a lens from the specified workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DisassociateLenses.html" - }, - "DisassociateProfiles": { - "privilege": "DisassociateProfiles", - "description": "Grants permission to disassociate a profile from the specified workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DisassociateProfiles.html" - }, - "ExportLens": { - "privilege": "ExportLens", - "description": "Grants permission to export an existing lens", - "access_level": "Read", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ExportLens.html" - }, - "GetAnswer": { - "privilege": "GetAnswer", - "description": "Grants permission to retrieve the specified answer from the specified lens review", - "access_level": "Read", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetAnswer.html" - }, - "GetConsolidatedReport": { - "privilege": "GetConsolidatedReport", - "description": "Grants permission to get consolidated report metrics or to generate the consolidated report PDF in this account", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetConsolidatedReport.html" - }, - "GetLens": { - "privilege": "GetLens", - "description": "Grants permission to get an existing lens", - "access_level": "Read", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteLensShare.html" - }, - "GetLensReview": { - "privilege": "GetLensReview", - "description": "Grants permission to retrieve the specified lens review of the specified workload", - "access_level": "Read", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetLensReview.html" - }, - "GetLensReviewReport": { - "privilege": "GetLensReviewReport", - "description": "Grants permission to retrieve the report for the specified lens review", - "access_level": "Read", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetLensReviewReport.html" - }, - "GetLensVersionDifference": { - "privilege": "GetLensVersionDifference", - "description": "Grants permission to get the difference between the specified lens version and latest available lens version", - "access_level": "Read", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetLensVersionDifference.html" - }, - "GetMilestone": { - "privilege": "GetMilestone", - "description": "Grants permission to retrieve the specified milestone of the specified workload", - "access_level": "Read", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetMilestone.html" - }, - "GetProfile": { - "privilege": "GetProfile", - "description": "Grants permission to retrieve the specified profile", - "access_level": "Read", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetProfile.html" - }, - "GetProfileTemplate": { - "privilege": "GetProfileTemplate", - "description": "Grants permission to retrieve the specified profile template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetProfileTemplate.html" - }, - "GetWorkload": { - "privilege": "GetWorkload", - "description": "Grants permission to retrieve the specified workload", - "access_level": "Read", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetWorkload.html" - }, - "ImportLens": { - "privilege": "ImportLens", - "description": "Grants permission to import a new lens", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ImportLens.html" - }, - "ListAnswers": { - "privilege": "ListAnswers", - "description": "Grants permission to list the answers from the specified lens review", - "access_level": "List", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListAnswers.html" - }, - "ListCheckDetails": { - "privilege": "ListCheckDetails", - "description": "Grants permission to list the check-details for the workload", - "access_level": "List", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListCheckDetails.html" - }, - "ListCheckSummaries": { - "privilege": "ListCheckSummaries", - "description": "Grants permission to list the check-summaries for the workload", - "access_level": "List", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListCheckSummaries.html" - }, - "ListLensReviewImprovements": { - "privilege": "ListLensReviewImprovements", - "description": "Grants permission to list the improvements of the specified lens review", - "access_level": "List", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLensReviewImprovements.html" - }, - "ListLensReviews": { - "privilege": "ListLensReviews", - "description": "Grants permission to list the lens reviews of the specified workload", - "access_level": "List", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLensReviews.html" - }, - "ListLensShares": { - "privilege": "ListLensShares", - "description": "Grants permission to list all shares created for a lens", - "access_level": "List", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLensShares.html" - }, - "ListLenses": { - "privilege": "ListLenses", - "description": "Grants permission to list the lenses available to this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLenses.html" - }, - "ListMilestones": { - "privilege": "ListMilestones", - "description": "Grants permission to list the milestones of the specified workload", - "access_level": "List", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListMilestones.html" - }, - "ListNotifications": { - "privilege": "ListNotifications", - "description": "Grants permission to list notifications related to the account or specified resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListNotifications.html" - }, - "ListProfileNotifications": { - "privilege": "ListProfileNotifications", - "description": "Grants permission to list profile notifications related to specified resource", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListProfileNotifications.html" - }, - "ListProfileShares": { - "privilege": "ListProfileShares", - "description": "Grants permission to list all shares created for a profile", - "access_level": "List", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListProfileShares.html" - }, - "ListProfiles": { - "privilege": "ListProfiles", - "description": "Grants permission to list the profiles available to this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListProfiles.html" - }, - "ListShareInvitations": { - "privilege": "ListShareInvitations", - "description": "Grants permission to list the workload share invitations of the specified account or user", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListShareInvitations.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a Well-Architected resource", - "access_level": "Read", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workload": { - "resource_type": "workload", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListTagsForResource.html" - }, - "ListWorkloadShares": { - "privilege": "ListWorkloadShares", - "description": "Grants permission to list the workload shares of the specified workload", - "access_level": "List", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListWorkloadShares.html" - }, - "ListWorkloads": { - "privilege": "ListWorkloads", - "description": "Grants permission to list the workloads in this account", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListWorkloads.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a Well-Architected resource", - "access_level": "Tagging", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workload": { - "resource_type": "workload", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a Well-Architected resource", - "access_level": "Tagging", - "resource_types": { - "lens": { - "resource_type": "lens", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "profile": { - "resource_type": "profile", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "workload": { - "resource_type": "workload", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UntagResource.html" - }, - "UpdateAnswer": { - "privilege": "UpdateAnswer", - "description": "Grants permission to update properties of the specified answer", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateAnswer.html" - }, - "UpdateGlobalSettings": { - "privilege": "UpdateGlobalSettings", - "description": "Grants permission to update settings to enable aws-organization support", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateGlobalSettings.html" - }, - "UpdateLensReview": { - "privilege": "UpdateLensReview", - "description": "Grants permission to update properties of the specified lens review", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateLensReview.html" - }, - "UpdateProfile": { - "privilege": "UpdateProfile", - "description": "Grants permission to update properties of the specified profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateProfile.html" - }, - "UpdateShareInvitation": { - "privilege": "UpdateShareInvitation", - "description": "Grants permission to update status of the specified workload share invitation", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateShareInvitation.html" - }, - "UpdateWorkload": { - "privilege": "UpdateWorkload", - "description": "Grants permission to update properties of the specified workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateWorkload.html" - }, - "UpdateWorkloadShare": { - "privilege": "UpdateWorkloadShare", - "description": "Grants permission to update properties of the specified workload", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateWorkloadShare.html" - }, - "UpgradeLensReview": { - "privilege": "UpgradeLensReview", - "description": "Grants permission to upgrade the specified lens review to use the latest version of the associated lens", - "access_level": "Write", - "resource_types": { - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpgradeLensReview.html" - }, - "UpgradeProfileVersion": { - "privilege": "UpgradeProfileVersion", - "description": "Grants permission to upgrade the specified workload to use the latest version of the associated profile", - "access_level": "Write", - "resource_types": { - "profile": { - "resource_type": "profile", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "workload": { - "resource_type": "workload", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpgradeProfileVersion.html" - } - }, - "resources": { - "workload": { - "resource": "workload", - "arn": "arn:${Partition}:wellarchitected:${Region}:${Account}:workload/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "lens": { - "resource": "lens", - "arn": "arn:${Partition}:wellarchitected:${Region}:${Account}:lens/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "profile": { - "resource": "profile", - "arn": "arn:${Partition}:wellarchitected:${Region}:${Account}:profile/${ResourceId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "wickr": { - "service_name": "AWS Wickr", - "prefix": "wickr", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswickr.html", - "privileges": { - "CreateAdminSession": { - "privilege": "CreateAdminSession", - "description": "Grants permission to create and manage Wickr networks", - "access_level": "Write", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" - }, - "CreateNetwork": { - "privilege": "CreateNetwork", - "description": "Grants permission to create a new wickr network", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" - }, - "ListNetworks": { - "privilege": "ListNetworks", - "description": "Grants permission to view Wickr networks", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list the tags applied to a Wickr resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to a specified wickr resource", - "access_level": "Tagging", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}", - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag the specified tags from the specified wickr resource", - "access_level": "Tagging", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" - }, - "UpdateNetworkDetails": { - "privilege": "UpdateNetworkDetails", - "description": "Grants permission to update Wickr network details", - "access_level": "Write", - "resource_types": { - "network": { - "resource_type": "network", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" - } - }, - "resources": { - "network": { - "resource": "network", - "arn": "arn:${Partition}:wickr:${Region}:${Account}:network/${NetworkId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by a tag's key and value in a request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys in a request", - "type": "ArrayOfString" - } - } - }, - "xray": { - "service_name": "AWS X-Ray", - "prefix": "xray", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsx-ray.html", - "privileges": { - "BatchGetTraceSummaryById": { - "privilege": "BatchGetTraceSummaryById", - "description": "Grants permission to retrieve metadata for a list of traces specified by ID", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/devguide/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-console" - }, - "BatchGetTraces": { - "privilege": "BatchGetTraces", - "description": "Grants permission to retrieve a list of traces specified by ID. Each trace is a collection of segment documents that originates from a single request. Use GetTraceSummaries to get a list of trace IDs", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_BatchGetTraces.html" - }, - "CreateGroup": { - "privilege": "CreateGroup", - "description": "Grants permission to create a group resource with a name and a filter expression", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_CreateGroup.html" - }, - "CreateSamplingRule": { - "privilege": "CreateSamplingRule", - "description": "Grants permission to create a rule to control sampling behavior for instrumented applications", - "access_level": "Write", - "resource_types": { - "sampling-rule": { - "resource_type": "sampling-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_CreateSamplingRule.html" - }, - "DeleteGroup": { - "privilege": "DeleteGroup", - "description": "Grants permission to delete a group resource", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_DeleteGroup.html" - }, - "DeleteResourcePolicy": { - "privilege": "DeleteResourcePolicy", - "description": "Grants permission to delete resource policies", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_DeleteResourcePolicy.html" - }, - "DeleteSamplingRule": { - "privilege": "DeleteSamplingRule", - "description": "Grants permission to delete a sampling rule", - "access_level": "Write", - "resource_types": { - "sampling-rule": { - "resource_type": "sampling-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_DeleteSamplingRule.html" - }, - "GetDistinctTraceGraphs": { - "privilege": "GetDistinctTraceGraphs", - "description": "Grants permission to retrieve distinct service graphs for one or more specific trace IDs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/devguide/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-console" - }, - "GetEncryptionConfig": { - "privilege": "GetEncryptionConfig", - "description": "Grants permission to retrieve the current encryption configuration for X-Ray data", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetEncryptionConfig.html" - }, - "GetGroup": { - "privilege": "GetGroup", - "description": "Grants permission to retrieve group resource details", - "access_level": "Read", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetGroup.html" - }, - "GetGroups": { - "privilege": "GetGroups", - "description": "Grants permission to retrieve all active group details", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetGroups.html" - }, - "GetInsight": { - "privilege": "GetInsight", - "description": "Grants permission to retrieve the details of a specific insight", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsight.html" - }, - "GetInsightEvents": { - "privilege": "GetInsightEvents", - "description": "Grants permission to retrieve the events of a specific insight", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsightEvents.html" - }, - "GetInsightImpactGraph": { - "privilege": "GetInsightImpactGraph", - "description": "Grants permission to retrieve the part of the service graph which is impacted for a specific insight", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsightImpactGraph.html" - }, - "GetInsightSummaries": { - "privilege": "GetInsightSummaries", - "description": "Grants permission to retrieve the summary of all insights for a group and time range with optional filters", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsightSummaries.html" - }, - "GetSamplingRules": { - "privilege": "GetSamplingRules", - "description": "Grants permission to retrieve all sampling rules", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetSamplingRules.html" - }, - "GetSamplingStatisticSummaries": { - "privilege": "GetSamplingStatisticSummaries", - "description": "Grants permission to retrieve information about recent sampling results for all sampling rules", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetSamplingStatisticSummaries.html" - }, - "GetSamplingTargets": { - "privilege": "GetSamplingTargets", - "description": "Grants permission to request a sampling quota for rules that the service is using to sample requests", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetSamplingTargets.html" - }, - "GetServiceGraph": { - "privilege": "GetServiceGraph", - "description": "Grants permission to retrieve a document that describes services that process incoming requests, and downstream services that they call as a result", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetServiceGraph.html" - }, - "GetTimeSeriesServiceStatistics": { - "privilege": "GetTimeSeriesServiceStatistics", - "description": "Grants permission to retrieve an aggregation of service statistics defined by a specific time range bucketed into time intervals", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetTimeSeriesServiceStatistics.html" - }, - "GetTraceGraph": { - "privilege": "GetTraceGraph", - "description": "Grants permission to retrieve a service graph for one or more specific trace IDs", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetTraceGraph.html" - }, - "GetTraceSummaries": { - "privilege": "GetTraceSummaries", - "description": "Grants permission to retrieve IDs and metadata for traces available for a specified time frame using an optional filter. To get the full traces, pass the trace IDs to BatchGetTraces", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetTraceSummaries.html" - }, - "Link": { - "privilege": "Link", - "description": "Grants permission to share X-Ray resources with a monitoring account", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" - }, - "ListResourcePolicies": { - "privilege": "ListResourcePolicies", - "description": "Grants permission to list resource policies", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_ListResourcePolicies.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for an X-Ray resource", - "access_level": "List", - "resource_types": { - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sampling-rule": { - "resource_type": "sampling-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_ListTagsForResource.html" - }, - "PutEncryptionConfig": { - "privilege": "PutEncryptionConfig", - "description": "Grants permission to update the encryption configuration for X-Ray data", - "access_level": "Permissions management", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutEncryptionConfig.html" - }, - "PutResourcePolicy": { - "privilege": "PutResourcePolicy", - "description": "Grants permission to create or update resource policies", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutResourcePolicy.html" - }, - "PutTelemetryRecords": { - "privilege": "PutTelemetryRecords", - "description": "Grants permission to send AWS X-Ray daemon telemetry to the service", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutTelemetryRecords.html" - }, - "PutTraceSegments": { - "privilege": "PutTraceSegments", - "description": "Grants permission to upload segment documents to AWS X-Ray. The X-Ray SDK generates segment documents and sends them to the X-Ray daemon, which uploads them in batches", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutTraceSegments.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to add tags to an X-Ray resource", - "access_level": "Tagging", - "resource_types": { - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sampling-rule": { - "resource_type": "sampling-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_TagResource.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove tags from an X-Ray resource", - "access_level": "Tagging", - "resource_types": { - "group": { - "resource_type": "group", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "sampling-rule": { - "resource_type": "sampling-rule", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_UntagResource.html" - }, - "UpdateGroup": { - "privilege": "UpdateGroup", - "description": "Grants permission to update a group resource", - "access_level": "Write", - "resource_types": { - "group": { - "resource_type": "group", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_UpdateGroup.html" - }, - "UpdateSamplingRule": { - "privilege": "UpdateSamplingRule", - "description": "Grants permission to modify a sampling rule's configuration", - "access_level": "Write", - "resource_types": { - "sampling-rule": { - "resource_type": "sampling-rule", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_UpdateSamplingRule.html" - } - }, - "resources": { - "group": { - "resource": "group", - "arn": "arn:${Partition}:xray:${Region}:${Account}:group/${GroupName}/${Id}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - }, - "sampling-rule": { - "resource": "sampling-rule", - "arn": "arn:${Partition}:xray:${Region}:${Account}:sampling-rule/${SamplingRuleName}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - } - } - }, - "dbqms": { - "service_name": "Database Query Metadata Service", - "prefix": "dbqms", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_databasequerymetadataservice.html", - "privileges": { - "CreateFavoriteQuery": { - "privilege": "CreateFavoriteQuery", - "description": "Grants permission to create a new favorite query", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#CreateFavoriteQuery" - }, - "CreateQueryHistory": { - "privilege": "CreateQueryHistory", - "description": "Grants permission to add a query to the history", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": null - }, - "CreateTab": { - "privilege": "CreateTab", - "description": "Grants permission to create a new query tab", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#CreateTab" - }, - "DeleteFavoriteQueries": { - "privilege": "DeleteFavoriteQueries", - "description": "Grants permission to delete saved queries", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DeleteFavoriteQueries" - }, - "DeleteQueryHistory": { - "privilege": "DeleteQueryHistory", - "description": "Grants permission to delete a historical query", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DeleteQueryHistory" - }, - "DeleteTab": { - "privilege": "DeleteTab", - "description": "Grants permission to delete query tab", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DeleteTab" - }, - "DescribeFavoriteQueries": { - "privilege": "DescribeFavoriteQueries", - "description": "Grants permission to list saved queries and associated metadata", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DescribeFavoriteQueries" - }, - "DescribeQueryHistory": { - "privilege": "DescribeQueryHistory", - "description": "Grants permission to list history of queries that were run", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DescribeQueryHistory" - }, - "DescribeTabs": { - "privilege": "DescribeTabs", - "description": "Grants permission to list query tabs and associated metadata", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DescribeTabs" - }, - "GetQueryString": { - "privilege": "GetQueryString", - "description": "Grants permission to retrieve favorite or history query string by id", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#GetQueryString" - }, - "UpdateFavoriteQuery": { - "privilege": "UpdateFavoriteQuery", - "description": "Grants permission to update saved query and description", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#UpdateFavoriteQuery" - }, - "UpdateQueryHistory": { - "privilege": "UpdateQueryHistory", - "description": "Grants permission to update the query history", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#UpdateQueryHistory" - }, - "UpdateTab": { - "privilege": "UpdateTab", - "description": "Grants permission to update query tab", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#UpdateTab" - } - }, - "resources": {}, - "conditions": {} - }, - "connect-campaigns": { - "service_name": "High-volume outbound communications", - "prefix": "connect-campaigns", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_high-volumeoutboundcommunications.html", - "privileges": { - "CreateCampaign": { - "privilege": "CreateCampaign", - "description": "Grants permission to create a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "DeleteCampaign": { - "privilege": "DeleteCampaign", - "description": "Grants permission to delete a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "DeleteConnectInstanceConfig": { - "privilege": "DeleteConnectInstanceConfig", - "description": "Grants permission to remove configuration information for an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "DeleteInstanceOnboardingJob": { - "privilege": "DeleteInstanceOnboardingJob", - "description": "Grants permission to remove onboarding job for an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "DescribeCampaign": { - "privilege": "DescribeCampaign", - "description": "Grants permission to describe a specific campaign", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "GetCampaignState": { - "privilege": "GetCampaignState", - "description": "Grants permission to get state of a campaign", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "GetCampaignStateBatch": { - "privilege": "GetCampaignStateBatch", - "description": "Grants permission to get state of campaigns", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "GetConnectInstanceConfig": { - "privilege": "GetConnectInstanceConfig", - "description": "Grants permission to get configuration information for an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "GetInstanceOnboardingJobStatus": { - "privilege": "GetInstanceOnboardingJobStatus", - "description": "Grants permission to get onboarding job status for an Amazon Connect instance", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "ListCampaigns": { - "privilege": "ListCampaigns", - "description": "Grants permission to provide summary of all campaigns", - "access_level": "List", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to list tags for a resource", - "access_level": "Read", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "PauseCampaign": { - "privilege": "PauseCampaign", - "description": "Grants permission to pause a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "PutDialRequestBatch": { - "privilege": "PutDialRequestBatch", - "description": "Grants permission to create dial requests for the specified campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "ResumeCampaign": { - "privilege": "ResumeCampaign", - "description": "Grants permission to resume a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "StartCampaign": { - "privilege": "StartCampaign", - "description": "Grants permission to start a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "StartInstanceOnboardingJob": { - "privilege": "StartInstanceOnboardingJob", - "description": "Grants permission to start onboarding job for an Amazon Connect instance", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "StopCampaign": { - "privilege": "StopCampaign", - "description": "Grants permission to stop a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to tag a resource", - "access_level": "Tagging", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to untag a resource", - "access_level": "Tagging", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "UpdateCampaignDialerConfig": { - "privilege": "UpdateCampaignDialerConfig", - "description": "Grants permission to update the dialer configuration of a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "UpdateCampaignName": { - "privilege": "UpdateCampaignName", - "description": "Grants permission to update the name of a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - }, - "UpdateCampaignOutboundCallConfig": { - "privilege": "UpdateCampaignOutboundCallConfig", - "description": "Grants permission to update the outbound call configuration of a campaign", - "access_level": "Write", - "resource_types": { - "campaign": { - "resource_type": "campaign", - "required": true, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" - } - }, - "resources": { - "campaign": { - "resource": "campaign", - "arn": "arn:${Partition}:connect-campaigns:${Region}:${Account}:campaign/${CampaignId}", - "condition_keys": [ - "aws:ResourceTag/${TagKey}" - ] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters actions based on the presence of tag key-value pairs in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters actions based on tag key-value pairs attached to the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters actions based on the presence of tag keys in the request", - "type": "ArrayOfString" - } - } - }, - "servicequotas": { - "service_name": "Service Quotas", - "prefix": "servicequotas", - "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_servicequotas.html", - "privileges": { - "AssociateServiceQuotaTemplate": { - "privilege": "AssociateServiceQuotaTemplate", - "description": "Grants permission to associate the Service Quotas template with your organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_AssociateServiceQuotaTemplate.html" - }, - "DeleteServiceQuotaIncreaseRequestFromTemplate": { - "privilege": "DeleteServiceQuotaIncreaseRequestFromTemplate", - "description": "Grants permission to remove the specified service quota from the service quota template", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_DeleteServiceQuotaIncreaseRequestFromTemplate.html" - }, - "DisassociateServiceQuotaTemplate": { - "privilege": "DisassociateServiceQuotaTemplate", - "description": "Grants permission to disassociate the Service Quotas template from your organization", - "access_level": "Write", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_DisassociateServiceQuotaTemplate.html" - }, - "GetAWSDefaultServiceQuota": { - "privilege": "GetAWSDefaultServiceQuota", - "description": "Grants permission to return the details for the specified service quota, including the AWS default value", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetAWSDefaultServiceQuota.html" - }, - "GetAssociationForServiceQuotaTemplate": { - "privilege": "GetAssociationForServiceQuotaTemplate", - "description": "Grants permission to retrieve the ServiceQuotaTemplateAssociationStatus value, which tells you if the Service Quotas template is associated with an organization", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetAssociationForServiceQuotaTemplate.html" - }, - "GetRequestedServiceQuotaChange": { - "privilege": "GetRequestedServiceQuotaChange", - "description": "Grants permission to retrieve the details for a particular service quota increase request", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetRequestedServiceQuotaChange.html" - }, - "GetServiceQuota": { - "privilege": "GetServiceQuota", - "description": "Grants permission to return the details for the specified service quota, including the applied value", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetServiceQuota.html" - }, - "GetServiceQuotaIncreaseRequestFromTemplate": { - "privilege": "GetServiceQuotaIncreaseRequestFromTemplate", - "description": "Grants permission to retrieve the details for a service quota increase request from the service quota template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetServiceQuotaIncreaseRequestFromTemplate.html" - }, - "ListAWSDefaultServiceQuotas": { - "privilege": "ListAWSDefaultServiceQuotas", - "description": "Grants permission to list all default service quotas for the specified AWS service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListAWSDefaultServiceQuotas.html" - }, - "ListRequestedServiceQuotaChangeHistory": { - "privilege": "ListRequestedServiceQuotaChangeHistory", - "description": "Grants permission to request a list of the changes to quotas for a service", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListRequestedServiceQuotaChangeHistory.html" - }, - "ListRequestedServiceQuotaChangeHistoryByQuota": { - "privilege": "ListRequestedServiceQuotaChangeHistoryByQuota", - "description": "Grants permission to request a list of the changes to specific service quotas", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListRequestedServiceQuotaChangeHistoryByQuota.html" - }, - "ListServiceQuotaIncreaseRequestsInTemplate": { - "privilege": "ListServiceQuotaIncreaseRequestsInTemplate", - "description": "Grants permission to return a list of the service quota increase requests from the service quota template", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotaIncreaseRequestsInTemplate" - }, - "ListServiceQuotas": { - "privilege": "ListServiceQuotas", - "description": "Grants permission to list all service quotas for the specified AWS service, in that account, in that Region", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html" - }, - "ListServices": { - "privilege": "ListServices", - "description": "Grants permission to list the AWS services available in Service Quotas", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServices.html" - }, - "ListTagsForResource": { - "privilege": "ListTagsForResource", - "description": "Grants permission to view the existing tags on a SQ resource", - "access_level": "Read", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListTagsForResource" - }, - "PutServiceQuotaIncreaseRequestIntoTemplate": { - "privilege": "PutServiceQuotaIncreaseRequestIntoTemplate", - "description": "Grants permission to define and add a quota to the service quota template", - "access_level": "Write", - "resource_types": { - "quota": { - "resource_type": "quota", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicequotas:service" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_PutServiceQuotaIncreaseRequestIntoTemplate.html" - }, - "RequestServiceQuotaIncrease": { - "privilege": "RequestServiceQuotaIncrease", - "description": "Grants permission to submit the request for a service quota increase", - "access_level": "Write", - "resource_types": { - "quota": { - "resource_type": "quota", - "required": false, - "condition_keys": [], - "dependent_actions": [] - }, - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "servicequotas:service" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_RequestServiceQuotaIncrease.html" - }, - "TagResource": { - "privilege": "TagResource", - "description": "Grants permission to associate a set of tags with an existing SQ resource", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_TagResource" - }, - "UntagResource": { - "privilege": "UntagResource", - "description": "Grants permission to remove a set of tags from a SQ resource, where tags to be removed match a set of customer-supplied tag keys", - "access_level": "Tagging", - "resource_types": { - "": { - "resource_type": "", - "required": false, - "condition_keys": [ - "aws:RequestTag/${TagKey}", - "aws:TagKeys" - ], - "dependent_actions": [] - } - }, - "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_UntagResource" - } - }, - "resources": { - "quota": { - "resource": "quota", - "arn": "arn:${Partition}:servicequotas:${Region}:${Account}:${ServiceCode}/${QuotaCode}", - "condition_keys": [] - } - }, - "conditions": { - "aws:RequestTag/${TagKey}": { - "condition": "aws:RequestTag/${TagKey}", - "description": "Filters access by the tags that are passed in the request", - "type": "String" - }, - "aws:ResourceTag/${TagKey}": { - "condition": "aws:ResourceTag/${TagKey}", - "description": "Filters access by the tags associated with the resource", - "type": "String" - }, - "aws:TagKeys": { - "condition": "aws:TagKeys", - "description": "Filters access by the tag keys that are passed in the request", - "type": "ArrayOfString" - }, - "servicequotas:service": { - "condition": "servicequotas:service", - "description": "Filters access by the specified AWS service", - "type": "String" - } - } + "policy_sentry_schema_version": "v2", + "a4b": { + "service_name": "Alexa for Business", + "prefix": "a4b", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_alexaforbusiness.html", + "privileges": { + "ApproveSkill": { + "privilege": "ApproveSkill", + "description": "Grants permission to associate a skill with the organization under the customer's AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ApproveSkill.html" + }, + "AssociateContactWithAddressBook": { + "privilege": "AssociateContactWithAddressBook", + "description": "Grants permission to associate a contact with a given address book", + "access_level": "Write", + "resource_types": { + "addressbook": { + "resource_type": "addressbook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addressbook": "addressbook", + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateContactWithAddressBook.html" + }, + "AssociateDeviceWithNetworkProfile": { + "privilege": "AssociateDeviceWithNetworkProfile", + "description": "Grants permission to associate a device with the specified network profile", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "networkprofile": { + "resource_type": "networkprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "networkprofile": "networkprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateDeviceWithNetworkProfile.html" + }, + "AssociateDeviceWithRoom": { + "privilege": "AssociateDeviceWithRoom", + "description": "Grants permission to associate device with given room", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateDeviceWithRoom.html" + }, + "AssociateSkillGroupWithRoom": { + "privilege": "AssociateSkillGroupWithRoom", + "description": "Grants permission to associate the skill group with given room", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "skillgroup": { + "resource_type": "skillgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room", + "skillgroup": "skillgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateSkillGroupWithRoom.html" + }, + "AssociateSkillWithSkillGroup": { + "privilege": "AssociateSkillWithSkillGroup", + "description": "Grants permission to associate a skill with a skill group", + "access_level": "Write", + "resource_types": { + "skillgroup": { + "resource_type": "skillgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "skillgroup": "skillgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateSkillWithSkillGroup.html" + }, + "AssociateSkillWithUsers": { + "privilege": "AssociateSkillWithUsers", + "description": "Grants permission to make a private skill available for enrolled users to enable on their devices", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_AssociateSkillWithUsers.html" + }, + "CompleteRegistration": { + "privilege": "CompleteRegistration", + "description": "Grants permission to complete the operation of registering an Alexa device", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/ag/manage-devices.html" + }, + "CreateAddressBook": { + "privilege": "CreateAddressBook", + "description": "Grants permission to create an address book with the specified details", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateAddressBook.html" + }, + "CreateBusinessReportSchedule": { + "privilege": "CreateBusinessReportSchedule", + "description": "Grants permission to create a recurring schedule for usage reports to deliver to the specified S3 location with a specified daily or weekly interval", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateBusinessReportSchedule.html" + }, + "CreateConferenceProvider": { + "privilege": "CreateConferenceProvider", + "description": "Grants permission to add a new conference provider under the user's AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateConferenceProvider.html" + }, + "CreateContact": { + "privilege": "CreateContact", + "description": "Grants permission to create a contact with the specified details", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateContact.html" + }, + "CreateGatewayGroup": { + "privilege": "CreateGatewayGroup", + "description": "Grants permission to create a gateway group with the specified details", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateGatewayGroup.html" + }, + "CreateNetworkProfile": { + "privilege": "CreateNetworkProfile", + "description": "Grants permission to create a network profile with the specified details", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateNetworkProfile.html" + }, + "CreateProfile": { + "privilege": "CreateProfile", + "description": "Grants permission to create a new profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateProfile.html" + }, + "CreateRoom": { + "privilege": "CreateRoom", + "description": "Grants permission to create room with the specified details", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateRoom.html" + }, + "CreateSkillGroup": { + "privilege": "CreateSkillGroup", + "description": "Grants permission to create a skill group with given name and description", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateSkillGroup.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_CreateUser.html" + }, + "DeleteAddressBook": { + "privilege": "DeleteAddressBook", + "description": "Grants permission to delete an address book by the address book ARN", + "access_level": "Write", + "resource_types": { + "addressbook": { + "resource_type": "addressbook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addressbook": "addressbook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteAddressBook.html" + }, + "DeleteBusinessReportSchedule": { + "privilege": "DeleteBusinessReportSchedule", + "description": "Grants permission to delete the recurring report delivery schedule with the specified schedule ARN", + "access_level": "Write", + "resource_types": { + "schedule": { + "resource_type": "schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteBusinessReportSchedule.html" + }, + "DeleteConferenceProvider": { + "privilege": "DeleteConferenceProvider", + "description": "Grants permission to delete a conference provider", + "access_level": "Write", + "resource_types": { + "conferenceprovider": { + "resource_type": "conferenceprovider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conferenceprovider": "conferenceprovider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteConferenceProvider.html" + }, + "DeleteContact": { + "privilege": "DeleteContact", + "description": "Grants permission to delete a contact by the contact ARN", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteContact.html" + }, + "DeleteDevice": { + "privilege": "DeleteDevice", + "description": "Grants permission to remove a device from Alexa For Business", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteDevice.html" + }, + "DeleteDeviceUsageData": { + "privilege": "DeleteDeviceUsageData", + "description": "Grants permission to delete the device's entire previous history of voice input data and associated response data", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteDeviceUsageData.html" + }, + "DeleteGatewayGroup": { + "privilege": "DeleteGatewayGroup", + "description": "Grants permission to delete a gateway group", + "access_level": "Write", + "resource_types": { + "gatewaygroup": { + "resource_type": "gatewaygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewaygroup": "gatewaygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteGatewayGroup.html" + }, + "DeleteNetworkProfile": { + "privilege": "DeleteNetworkProfile", + "description": "Grants permission to delete a network profile by the network profile ARN", + "access_level": "Write", + "resource_types": { + "networkprofile": { + "resource_type": "networkprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkprofile": "networkprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteNetworkProfile.html" + }, + "DeleteProfile": { + "privilege": "DeleteProfile", + "description": "Grants permission to delete profile by profile ARN", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteProfile.html" + }, + "DeleteRoom": { + "privilege": "DeleteRoom", + "description": "Grants permission to delete room", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteRoom.html" + }, + "DeleteRoomSkillParameter": { + "privilege": "DeleteRoomSkillParameter", + "description": "Grants permission to delete a parameter from a skill and room", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteRoomSkillParameter.html" + }, + "DeleteSkillAuthorization": { + "privilege": "DeleteSkillAuthorization", + "description": "Grants permission to unlink a third-party account from a skill", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteSkillAuthorization.html" + }, + "DeleteSkillGroup": { + "privilege": "DeleteSkillGroup", + "description": "Grants permission to delete skill group with skill group ARN", + "access_level": "Write", + "resource_types": { + "skillgroup": { + "resource_type": "skillgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "skillgroup": "skillgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteSkillGroup.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DeleteUser.html" + }, + "DisassociateContactFromAddressBook": { + "privilege": "DisassociateContactFromAddressBook", + "description": "Grants permission to disassociate a contact from a given address book", + "access_level": "Write", + "resource_types": { + "addressbook": { + "resource_type": "addressbook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addressbook": "addressbook", + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateContactFromAddressBook.html" + }, + "DisassociateDeviceFromRoom": { + "privilege": "DisassociateDeviceFromRoom", + "description": "Grants permission to disassociate device from its current room", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateDeviceFromRoom.html" + }, + "DisassociateSkillFromSkillGroup": { + "privilege": "DisassociateSkillFromSkillGroup", + "description": "Grants permission to disassociate a skill from a skill group", + "access_level": "Write", + "resource_types": { + "skillgroup": { + "resource_type": "skillgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "skillgroup": "skillgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateSkillFromSkillGroup.html" + }, + "DisassociateSkillFromUsers": { + "privilege": "DisassociateSkillFromUsers", + "description": "Grants permission to make a private skill unavailable for enrolled users and prevent them from enabling it on their devices", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateSkillFromUsers.html" + }, + "DisassociateSkillGroupFromRoom": { + "privilege": "DisassociateSkillGroupFromRoom", + "description": "Grants permission to disassociate the skill group from given room", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "skillgroup": { + "resource_type": "skillgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room", + "skillgroup": "skillgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_DisassociateSkillGroupFromRoom.html" + }, + "ForgetSmartHomeAppliances": { + "privilege": "ForgetSmartHomeAppliances", + "description": "Grants permission to forget smart home appliances associated to a room", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ForgetSmartHomeAppliances.html" + }, + "GetAddressBook": { + "privilege": "GetAddressBook", + "description": "Grants permission to get the address book details by the address book ARN", + "access_level": "Read", + "resource_types": { + "addressbook": { + "resource_type": "addressbook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addressbook": "addressbook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetAddressBook.html" + }, + "GetConferencePreference": { + "privilege": "GetConferencePreference", + "description": "Grants permission to retrieve the existing conference preferences", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetConferencePreference.html" + }, + "GetConferenceProvider": { + "privilege": "GetConferenceProvider", + "description": "Grants permission to get details about a specific conference provider", + "access_level": "Read", + "resource_types": { + "conferenceprovider": { + "resource_type": "conferenceprovider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conferenceprovider": "conferenceprovider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetConferenceProvider.html" + }, + "GetContact": { + "privilege": "GetContact", + "description": "Grants permission to get the contact details by the contact ARN", + "access_level": "Read", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetContact.html" + }, + "GetDevice": { + "privilege": "GetDevice", + "description": "Grants permission to get device details", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetDevice.html" + }, + "GetGateway": { + "privilege": "GetGateway", + "description": "Grants permission to retrieve the details of a gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetGateway.html" + }, + "GetGatewayGroup": { + "privilege": "GetGatewayGroup", + "description": "Grants permission to retrieve the details of a gateway group", + "access_level": "Read", + "resource_types": { + "gatewaygroup": { + "resource_type": "gatewaygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewaygroup": "gatewaygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetGatewayGroup.html" + }, + "GetInvitationConfiguration": { + "privilege": "GetInvitationConfiguration", + "description": "Grants permission to retrieve the configured values for the user enrollment invitation email template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetInvitationConfiguration.html" + }, + "GetNetworkProfile": { + "privilege": "GetNetworkProfile", + "description": "Grants permission to get the network profile details by the network profile ARN", + "access_level": "Read", + "resource_types": { + "networkprofile": { + "resource_type": "networkprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkprofile": "networkprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetNetworkProfile.html" + }, + "GetProfile": { + "privilege": "GetProfile", + "description": "Grants permission to get profile when provided with Profile ARN", + "access_level": "Read", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetProfile.html" + }, + "GetRoom": { + "privilege": "GetRoom", + "description": "Grants permission to get room details", + "access_level": "Read", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetRoom.html" + }, + "GetRoomSkillParameter": { + "privilege": "GetRoomSkillParameter", + "description": "Grants permission to get an existing parameter that has been set for a skill and room", + "access_level": "Read", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetRoomSkillParameter.html" + }, + "GetSkillGroup": { + "privilege": "GetSkillGroup", + "description": "Grants permission to get skill group details with skill group ARN", + "access_level": "Read", + "resource_types": { + "skillgroup": { + "resource_type": "skillgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "skillgroup": "skillgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_GetSkillGroup.html" + }, + "ListBusinessReportSchedules": { + "privilege": "ListBusinessReportSchedules", + "description": "Grants permission to list the details of the schedules that a user configured", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListBusinessReportSchedules.html" + }, + "ListConferenceProviders": { + "privilege": "ListConferenceProviders", + "description": "Grants permission to list conference providers under a specific AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListConferenceProviders.html" + }, + "ListDeviceEvents": { + "privilege": "ListDeviceEvents", + "description": "Grants permission to list the device event history, including device connection status, for up to 30 days", + "access_level": "List", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListDeviceEvents.html" + }, + "ListGatewayGroups": { + "privilege": "ListGatewayGroups", + "description": "Grants permission to list gateway group summaries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListGatewayGroups.html" + }, + "ListGateways": { + "privilege": "ListGateways", + "description": "Grants permission to list gateway summaries", + "access_level": "List", + "resource_types": { + "gatewaygroup": { + "resource_type": "gatewaygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewaygroup": "gatewaygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListGateways.html" + }, + "ListSkills": { + "privilege": "ListSkills", + "description": "Grants permission to list skills", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSkills.html" + }, + "ListSkillsStoreCategories": { + "privilege": "ListSkillsStoreCategories", + "description": "Grants permission to list all categories in the Alexa skill store", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSkillsStoreCategories.html" + }, + "ListSkillsStoreSkillsByCategory": { + "privilege": "ListSkillsStoreSkillsByCategory", + "description": "Grants permission to list all skills in the Alexa skill store by category", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSkillsStoreSkillsByCategory.html" + }, + "ListSmartHomeAppliances": { + "privilege": "ListSmartHomeAppliances", + "description": "Grants permission to list all of the smart home appliances associated with a room", + "access_level": "List", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListSmartHomeAppliances.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to list all tags on a resource", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "room": { + "resource_type": "room", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "room": "room", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ListTags.html" + }, + "PutConferencePreference": { + "privilege": "PutConferencePreference", + "description": "Grants permission to set the conference preferences on a specific conference provider at the account level", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutConferencePreference.html" + }, + "PutDeviceSetupEvents": { + "privilege": "PutDeviceSetupEvents", + "description": "Grants permission to publish Alexa device setup events", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/ag/manage-devices.html" + }, + "PutInvitationConfiguration": { + "privilege": "PutInvitationConfiguration", + "description": "Grants permission to configure the email template for the user enrollment invitation with the specified attributes", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutInvitationConfiguration.html" + }, + "PutRoomSkillParameter": { + "privilege": "PutRoomSkillParameter", + "description": "Grants permission to put a room specific parameter for a skill", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutRoomSkillParameter.html" + }, + "PutSkillAuthorization": { + "privilege": "PutSkillAuthorization", + "description": "Grants permission to link a user's account to a third-party skill provider", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_PutSkillAuthorization.html" + }, + "RegisterAVSDevice": { + "privilege": "RegisterAVSDevice", + "description": "Grants permission to register an Alexa-enabled device built by an Original Equipment Manufacturer (OEM) using Alexa Voice Service (AVS)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_RegisterAVSDevice.html" + }, + "RegisterDevice": { + "privilege": "RegisterDevice", + "description": "Grants permission to register an Alexa device", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/ag/manage-devices.html" + }, + "RejectSkill": { + "privilege": "RejectSkill", + "description": "Grants permission to disassociate a skill from the organization under a user's AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_RejectSkill.html" + }, + "ResolveRoom": { + "privilege": "ResolveRoom", + "description": "Grants permission to resolve room information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_ResolveRoom.html" + }, + "RevokeInvitation": { + "privilege": "RevokeInvitation", + "description": "Grants permission to revoke an invitation", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_RevokeInvitation.html" + }, + "SearchAddressBooks": { + "privilege": "SearchAddressBooks", + "description": "Grants permission to search address books and list the ones that meet a set of filter and sort criteria", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchAddressBooks.html" + }, + "SearchContacts": { + "privilege": "SearchContacts", + "description": "Grants permission to search contacts and list the ones that meet a set of filter and sort criteria", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchContacts.html" + }, + "SearchDevices": { + "privilege": "SearchDevices", + "description": "Grants permission to search for devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchDevices.html" + }, + "SearchNetworkProfiles": { + "privilege": "SearchNetworkProfiles", + "description": "Grants permission to search network profiles and list the ones that meet a set of filter and sort criteria", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchNetworkProfiles.html" + }, + "SearchProfiles": { + "privilege": "SearchProfiles", + "description": "Grants permission to search for profiles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchProfiles.html" + }, + "SearchRooms": { + "privilege": "SearchRooms", + "description": "Grants permission to search for rooms", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchRooms.html" + }, + "SearchSkillGroups": { + "privilege": "SearchSkillGroups", + "description": "Grants permission to search for skill groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchSkillGroups.html" + }, + "SearchUsers": { + "privilege": "SearchUsers", + "description": "Grants permission to search for users", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SearchUsers.html" + }, + "SendAnnouncement": { + "privilege": "SendAnnouncement", + "description": "Grants permission to trigger an asynchronous flow to send text, SSML, or audio announcements to rooms that are identified by a search or filter", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SendAnnouncement.html" + }, + "SendInvitation": { + "privilege": "SendInvitation", + "description": "Grants permission to send an invitation to a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_SendInvitation.html" + }, + "StartDeviceSync": { + "privilege": "StartDeviceSync", + "description": "Grants permission to restore the device and its account to its known, default settings by clearing all information and settings set by its previous users", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_StartDeviceSync.html" + }, + "StartSmartHomeApplianceDiscovery": { + "privilege": "StartSmartHomeApplianceDiscovery", + "description": "Grants permission to initiate the discovery of any smart home appliances associated with the room", + "access_level": "Read", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_StartSmartHomeApplianceDiscovery.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add metadata tags to a resource", + "access_level": "Tagging", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "room": { + "resource_type": "room", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "room": "room", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove metadata tags from a resource", + "access_level": "Tagging", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "room": { + "resource_type": "room", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "room": "room", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UntagResource.html" + }, + "UpdateAddressBook": { + "privilege": "UpdateAddressBook", + "description": "Grants permission to update address book details by the address book ARN", + "access_level": "Write", + "resource_types": { + "addressbook": { + "resource_type": "addressbook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addressbook": "addressbook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateAddressBook.html" + }, + "UpdateBusinessReportSchedule": { + "privilege": "UpdateBusinessReportSchedule", + "description": "Grants permission to update the configuration of the report delivery schedule with the specified schedule ARN", + "access_level": "Write", + "resource_types": { + "schedule": { + "resource_type": "schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateBusinessReportSchedule.html" + }, + "UpdateConferenceProvider": { + "privilege": "UpdateConferenceProvider", + "description": "Grants permission to update an existing conference provider's settings", + "access_level": "Write", + "resource_types": { + "conferenceprovider": { + "resource_type": "conferenceprovider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conferenceprovider": "conferenceprovider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateConferenceProvider.html" + }, + "UpdateContact": { + "privilege": "UpdateContact", + "description": "Grants permission to update the contact details by the contact ARN", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateContact.html" + }, + "UpdateDevice": { + "privilege": "UpdateDevice", + "description": "Grants permission to update device name", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateDevice.html" + }, + "UpdateGateway": { + "privilege": "UpdateGateway", + "description": "Grants permission to update the details of a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateGateway.html" + }, + "UpdateGatewayGroup": { + "privilege": "UpdateGatewayGroup", + "description": "Grants permission to update the details of a gateway group", + "access_level": "Write", + "resource_types": { + "gatewaygroup": { + "resource_type": "gatewaygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewaygroup": "gatewaygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateGatewayGroup.html" + }, + "UpdateNetworkProfile": { + "privilege": "UpdateNetworkProfile", + "description": "Grants permission to update a network profile by the network profile ARN", + "access_level": "Write", + "resource_types": { + "networkprofile": { + "resource_type": "networkprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkprofile": "networkprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateNetworkProfile.html" + }, + "UpdateProfile": { + "privilege": "UpdateProfile", + "description": "Grants permission to update an existing profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateProfile.html" + }, + "UpdateRoom": { + "privilege": "UpdateRoom", + "description": "Grants permission to update room details", + "access_level": "Write", + "resource_types": { + "room": { + "resource_type": "room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateRoom.html" + }, + "UpdateSkillGroup": { + "privilege": "UpdateSkillGroup", + "description": "Grants permission to update skill group details with skill group ARN", + "access_level": "Write", + "resource_types": { + "skillgroup": { + "resource_type": "skillgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "skillgroup": "skillgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/a4b/latest/APIReference/API_UpdateSkillGroup.html" + } + }, + "privileges_lower_name": { + "approveskill": "ApproveSkill", + "associatecontactwithaddressbook": "AssociateContactWithAddressBook", + "associatedevicewithnetworkprofile": "AssociateDeviceWithNetworkProfile", + "associatedevicewithroom": "AssociateDeviceWithRoom", + "associateskillgroupwithroom": "AssociateSkillGroupWithRoom", + "associateskillwithskillgroup": "AssociateSkillWithSkillGroup", + "associateskillwithusers": "AssociateSkillWithUsers", + "completeregistration": "CompleteRegistration", + "createaddressbook": "CreateAddressBook", + "createbusinessreportschedule": "CreateBusinessReportSchedule", + "createconferenceprovider": "CreateConferenceProvider", + "createcontact": "CreateContact", + "creategatewaygroup": "CreateGatewayGroup", + "createnetworkprofile": "CreateNetworkProfile", + "createprofile": "CreateProfile", + "createroom": "CreateRoom", + "createskillgroup": "CreateSkillGroup", + "createuser": "CreateUser", + "deleteaddressbook": "DeleteAddressBook", + "deletebusinessreportschedule": "DeleteBusinessReportSchedule", + "deleteconferenceprovider": "DeleteConferenceProvider", + "deletecontact": "DeleteContact", + "deletedevice": "DeleteDevice", + "deletedeviceusagedata": "DeleteDeviceUsageData", + "deletegatewaygroup": "DeleteGatewayGroup", + "deletenetworkprofile": "DeleteNetworkProfile", + "deleteprofile": "DeleteProfile", + "deleteroom": "DeleteRoom", + "deleteroomskillparameter": "DeleteRoomSkillParameter", + "deleteskillauthorization": "DeleteSkillAuthorization", + "deleteskillgroup": "DeleteSkillGroup", + "deleteuser": "DeleteUser", + "disassociatecontactfromaddressbook": "DisassociateContactFromAddressBook", + "disassociatedevicefromroom": "DisassociateDeviceFromRoom", + "disassociateskillfromskillgroup": "DisassociateSkillFromSkillGroup", + "disassociateskillfromusers": "DisassociateSkillFromUsers", + "disassociateskillgroupfromroom": "DisassociateSkillGroupFromRoom", + "forgetsmarthomeappliances": "ForgetSmartHomeAppliances", + "getaddressbook": "GetAddressBook", + "getconferencepreference": "GetConferencePreference", + "getconferenceprovider": "GetConferenceProvider", + "getcontact": "GetContact", + "getdevice": "GetDevice", + "getgateway": "GetGateway", + "getgatewaygroup": "GetGatewayGroup", + "getinvitationconfiguration": "GetInvitationConfiguration", + "getnetworkprofile": "GetNetworkProfile", + "getprofile": "GetProfile", + "getroom": "GetRoom", + "getroomskillparameter": "GetRoomSkillParameter", + "getskillgroup": "GetSkillGroup", + "listbusinessreportschedules": "ListBusinessReportSchedules", + "listconferenceproviders": "ListConferenceProviders", + "listdeviceevents": "ListDeviceEvents", + "listgatewaygroups": "ListGatewayGroups", + "listgateways": "ListGateways", + "listskills": "ListSkills", + "listskillsstorecategories": "ListSkillsStoreCategories", + "listskillsstoreskillsbycategory": "ListSkillsStoreSkillsByCategory", + "listsmarthomeappliances": "ListSmartHomeAppliances", + "listtags": "ListTags", + "putconferencepreference": "PutConferencePreference", + "putdevicesetupevents": "PutDeviceSetupEvents", + "putinvitationconfiguration": "PutInvitationConfiguration", + "putroomskillparameter": "PutRoomSkillParameter", + "putskillauthorization": "PutSkillAuthorization", + "registeravsdevice": "RegisterAVSDevice", + "registerdevice": "RegisterDevice", + "rejectskill": "RejectSkill", + "resolveroom": "ResolveRoom", + "revokeinvitation": "RevokeInvitation", + "searchaddressbooks": "SearchAddressBooks", + "searchcontacts": "SearchContacts", + "searchdevices": "SearchDevices", + "searchnetworkprofiles": "SearchNetworkProfiles", + "searchprofiles": "SearchProfiles", + "searchrooms": "SearchRooms", + "searchskillgroups": "SearchSkillGroups", + "searchusers": "SearchUsers", + "sendannouncement": "SendAnnouncement", + "sendinvitation": "SendInvitation", + "startdevicesync": "StartDeviceSync", + "startsmarthomeappliancediscovery": "StartSmartHomeApplianceDiscovery", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaddressbook": "UpdateAddressBook", + "updatebusinessreportschedule": "UpdateBusinessReportSchedule", + "updateconferenceprovider": "UpdateConferenceProvider", + "updatecontact": "UpdateContact", + "updatedevice": "UpdateDevice", + "updategateway": "UpdateGateway", + "updategatewaygroup": "UpdateGatewayGroup", + "updatenetworkprofile": "UpdateNetworkProfile", + "updateprofile": "UpdateProfile", + "updateroom": "UpdateRoom", + "updateskillgroup": "UpdateSkillGroup" + }, + "resources": { + "profile": { + "resource": "profile", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:profile/${ResourceId}", + "condition_keys": [] + }, + "room": { + "resource": "room", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:room/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "device": { + "resource": "device", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:device/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "skillgroup": { + "resource": "skillgroup", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:skill-group/${ResourceId}", + "condition_keys": [] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:user/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "addressbook": { + "resource": "addressbook", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:address-book/${ResourceId}", + "condition_keys": [] + }, + "conferenceprovider": { + "resource": "conferenceprovider", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:conference-provider/${ResourceId}", + "condition_keys": [] + }, + "contact": { + "resource": "contact", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:contact/${ResourceId}", + "condition_keys": [] + }, + "schedule": { + "resource": "schedule", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:schedule/${ResourceId}", + "condition_keys": [] + }, + "networkprofile": { + "resource": "networkprofile", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:network-profile/${ResourceId}", + "condition_keys": [] + }, + "gateway": { + "resource": "gateway", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:gateway/${ResourceId}", + "condition_keys": [] + }, + "gatewaygroup": { + "resource": "gatewaygroup", + "arn": "arn:${Partition}:a4b:${Region}:${Account}:gateway-group/${ResourceId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "profile": "profile", + "room": "room", + "device": "device", + "skillgroup": "skillgroup", + "user": "user", + "addressbook": "addressbook", + "conferenceprovider": "conferenceprovider", + "contact": "contact", + "schedule": "schedule", + "networkprofile": "networkprofile", + "gateway": "gateway", + "gatewaygroup": "gatewaygroup" + }, + "conditions": { + "a4b:amazonId": { + "condition": "a4b:amazonId", + "description": "Filters actions based on the Amazon Id in the request", + "type": "String" + }, + "a4b:filters_deviceType": { + "condition": "a4b:filters_deviceType", + "description": "Filters actions based on the device type in the request", + "type": "ArrayOfString" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value assoicated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "execute-api": { + "service_name": "Amazon API Gateway", + "prefix": "execute-api", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonapigateway.html", + "privileges": { + "InvalidateCache": { + "privilege": "InvalidateCache", + "description": "Used to invalidate API cache upon a client request", + "access_level": "Write", + "resource_types": { + "execute-api-general": { + "resource_type": "execute-api-general", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execute-api-general": "execute-api-general" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigateway/api-reference/api-gateway-caching.html" + }, + "Invoke": { + "privilege": "Invoke", + "description": "Used to invoke an API upon a client request", + "access_level": "Write", + "resource_types": { + "execute-api-general": { + "resource_type": "execute-api-general", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execute-api-general": "execute-api-general" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigateway/api-reference/how-to-call-api.html" + }, + "ManageConnections": { + "privilege": "ManageConnections", + "description": "ManageConnections controls access to the @connections API", + "access_level": "Write", + "resource_types": { + "execute-api-general": { + "resource_type": "execute-api-general", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execute-api-general": "execute-api-general" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigateway/api-reference/apigateway-websocket-control-access-iam.html" + } + }, + "privileges_lower_name": { + "invalidatecache": "InvalidateCache", + "invoke": "Invoke", + "manageconnections": "ManageConnections" + }, + "resources": { + "execute-api-general": { + "resource": "execute-api-general", + "arn": "arn:${Partition}:execute-api:${Region}:${Account}:${ApiId}/${Stage}/${Method}/${ApiSpecificResourcePath}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "execute-api-general": "execute-api-general" + }, + "conditions": {} + }, + "apigateway": { + "service_name": "Amazon API Gateway Management", + "prefix": "apigateway", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonapigatewaymanagement.html", + "privileges": { + "AddCertificateToDomain": { + "privilege": "AddCertificateToDomain", + "description": "Grants permission to add certificates for mutual TLS authentication to a domain name. This is an additional authorization control for managing the DomainName resource due to the sensitive nature of mTLS", + "access_level": "Permissions management", + "resource_types": { + "DomainName": { + "resource_type": "DomainName", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DomainNames": { + "resource_type": "DomainNames", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domainname": "DomainName", + "domainnames": "DomainNames" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" + }, + "DELETE": { + "privilege": "DELETE", + "description": "Grants permission to delete a particular resource", + "access_level": "Write", + "resource_types": { + "AccessLogSettings": { + "resource_type": "AccessLogSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Api": { + "resource_type": "Api", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ApiMapping": { + "resource_type": "ApiMapping", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Authorizer": { + "resource_type": "Authorizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AuthorizersCache": { + "resource_type": "AuthorizersCache", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Cors": { + "resource_type": "Cors", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Deployment": { + "resource_type": "Deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Integration": { + "resource_type": "Integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "IntegrationResponse": { + "resource_type": "IntegrationResponse", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Model": { + "resource_type": "Model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Route": { + "resource_type": "Route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteRequestParameter": { + "resource_type": "RouteRequestParameter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteResponse": { + "resource_type": "RouteResponse", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteSettings": { + "resource_type": "RouteSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stage": { + "resource_type": "Stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VpcLink": { + "resource_type": "VpcLink", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsettings": "AccessLogSettings", + "api": "Api", + "apimapping": "ApiMapping", + "authorizer": "Authorizer", + "authorizerscache": "AuthorizersCache", + "cors": "Cors", + "deployment": "Deployment", + "integration": "Integration", + "integrationresponse": "IntegrationResponse", + "model": "Model", + "route": "Route", + "routerequestparameter": "RouteRequestParameter", + "routeresponse": "RouteResponse", + "routesettings": "RouteSettings", + "stage": "Stage", + "vpclink": "VpcLink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_DELETE.html" + }, + "GET": { + "privilege": "GET", + "description": "Grants permission to read a particular resource", + "access_level": "Read", + "resource_types": { + "AccessLogSettings": { + "resource_type": "AccessLogSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Api": { + "resource_type": "Api", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ApiMapping": { + "resource_type": "ApiMapping", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ApiMappings": { + "resource_type": "ApiMappings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Apis": { + "resource_type": "Apis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Authorizer": { + "resource_type": "Authorizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Authorizers": { + "resource_type": "Authorizers", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AuthorizersCache": { + "resource_type": "AuthorizersCache", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Cors": { + "resource_type": "Cors", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Deployment": { + "resource_type": "Deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Deployments": { + "resource_type": "Deployments", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ExportedAPI": { + "resource_type": "ExportedAPI", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Integration": { + "resource_type": "Integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "IntegrationResponse": { + "resource_type": "IntegrationResponse", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "IntegrationResponses": { + "resource_type": "IntegrationResponses", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Integrations": { + "resource_type": "Integrations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Model": { + "resource_type": "Model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ModelTemplate": { + "resource_type": "ModelTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Models": { + "resource_type": "Models", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Route": { + "resource_type": "Route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteRequestParameter": { + "resource_type": "RouteRequestParameter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteResponse": { + "resource_type": "RouteResponse", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteResponses": { + "resource_type": "RouteResponses", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteSettings": { + "resource_type": "RouteSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Routes": { + "resource_type": "Routes", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stage": { + "resource_type": "Stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stages": { + "resource_type": "Stages", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VpcLink": { + "resource_type": "VpcLink", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VpcLinks": { + "resource_type": "VpcLinks", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsettings": "AccessLogSettings", + "api": "Api", + "apimapping": "ApiMapping", + "apimappings": "ApiMappings", + "apis": "Apis", + "authorizer": "Authorizer", + "authorizers": "Authorizers", + "authorizerscache": "AuthorizersCache", + "cors": "Cors", + "deployment": "Deployment", + "deployments": "Deployments", + "exportedapi": "ExportedAPI", + "integration": "Integration", + "integrationresponse": "IntegrationResponse", + "integrationresponses": "IntegrationResponses", + "integrations": "Integrations", + "model": "Model", + "modeltemplate": "ModelTemplate", + "models": "Models", + "route": "Route", + "routerequestparameter": "RouteRequestParameter", + "routeresponse": "RouteResponse", + "routeresponses": "RouteResponses", + "routesettings": "RouteSettings", + "routes": "Routes", + "stage": "Stage", + "stages": "Stages", + "vpclink": "VpcLink", + "vpclinks": "VpcLinks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_GET.html" + }, + "PATCH": { + "privilege": "PATCH", + "description": "Grants permission to update a particular resource", + "access_level": "Write", + "resource_types": { + "Api": { + "resource_type": "Api", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ApiMapping": { + "resource_type": "ApiMapping", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Authorizer": { + "resource_type": "Authorizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Deployment": { + "resource_type": "Deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Integration": { + "resource_type": "Integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "IntegrationResponse": { + "resource_type": "IntegrationResponse", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Model": { + "resource_type": "Model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Route": { + "resource_type": "Route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteRequestParameter": { + "resource_type": "RouteRequestParameter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteResponse": { + "resource_type": "RouteResponse", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stage": { + "resource_type": "Stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VpcLink": { + "resource_type": "VpcLink", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "Api", + "apimapping": "ApiMapping", + "authorizer": "Authorizer", + "deployment": "Deployment", + "integration": "Integration", + "integrationresponse": "IntegrationResponse", + "model": "Model", + "route": "Route", + "routerequestparameter": "RouteRequestParameter", + "routeresponse": "RouteResponse", + "stage": "Stage", + "vpclink": "VpcLink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_PATCH.html" + }, + "POST": { + "privilege": "POST", + "description": "Grants permission to create a particular resource", + "access_level": "Write", + "resource_types": { + "ApiMappings": { + "resource_type": "ApiMappings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Apis": { + "resource_type": "Apis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Authorizers": { + "resource_type": "Authorizers", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Deployments": { + "resource_type": "Deployments", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "IntegrationResponses": { + "resource_type": "IntegrationResponses", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Integrations": { + "resource_type": "Integrations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Models": { + "resource_type": "Models", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RouteResponses": { + "resource_type": "RouteResponses", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Routes": { + "resource_type": "Routes", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stages": { + "resource_type": "Stages", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VpcLinks": { + "resource_type": "VpcLinks", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apimappings": "ApiMappings", + "apis": "Apis", + "authorizers": "Authorizers", + "deployments": "Deployments", + "integrationresponses": "IntegrationResponses", + "integrations": "Integrations", + "models": "Models", + "routeresponses": "RouteResponses", + "routes": "Routes", + "stages": "Stages", + "vpclinks": "VpcLinks", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_POST.html" + }, + "PUT": { + "privilege": "PUT", + "description": "Grants permission to update a particular resource", + "access_level": "Write", + "resource_types": { + "Api": { + "resource_type": "Api", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Apis": { + "resource_type": "Apis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "Api", + "apis": "Apis", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/API_PUT.html" + }, + "RemoveCertificateFromDomain": { + "privilege": "RemoveCertificateFromDomain", + "description": "Grants permission to remove certificates for mutual TLS authentication from a domain name. This is an additional authorization control for managing the DomainName resource due to the sensitive nature of mTLS", + "access_level": "Permissions management", + "resource_types": { + "DomainName": { + "resource_type": "DomainName", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DomainNames": { + "resource_type": "DomainNames", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domainname": "DomainName", + "domainnames": "DomainNames" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" + }, + "SetWebACL": { + "privilege": "SetWebACL", + "description": "Grants permission to set a WAF access control list (ACL). This is an additional authorization control for managing the Stage resource due to the sensitive nature of WebAcl's", + "access_level": "Permissions management", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stages": { + "resource_type": "Stages", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage", + "stages": "Stages" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" + }, + "UpdateRestApiPolicy": { + "privilege": "UpdateRestApiPolicy", + "description": "Grants permission to manage the IAM resource policy for an API. This is an additional authorization control for managing an API due to the sensitive nature of the resource policy", + "access_level": "Permissions management", + "resource_types": { + "RestApi": { + "resource_type": "RestApi", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RestApis": { + "resource_type": "RestApis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "restapi": "RestApi", + "restapis": "RestApis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html" + } + }, + "privileges_lower_name": { + "addcertificatetodomain": "AddCertificateToDomain", + "delete": "DELETE", + "get": "GET", + "patch": "PATCH", + "post": "POST", + "put": "PUT", + "removecertificatefromdomain": "RemoveCertificateFromDomain", + "setwebacl": "SetWebACL", + "updaterestapipolicy": "UpdateRestApiPolicy" + }, + "resources": { + "Account": { + "resource": "Account", + "arn": "arn:${Partition}:apigateway:${Region}::/account", + "condition_keys": [] + }, + "ApiKey": { + "resource": "ApiKey", + "arn": "arn:${Partition}:apigateway:${Region}::/apikeys/${ApiKeyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ApiKeys": { + "resource": "ApiKeys", + "arn": "arn:${Partition}:apigateway:${Region}::/apikeys", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Authorizer": { + "resource": "Authorizer", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/authorizers/${AuthorizerId}", + "condition_keys": [ + "apigateway:Request/AuthorizerType", + "apigateway:Request/AuthorizerUri", + "apigateway:Resource/AuthorizerType", + "apigateway:Resource/AuthorizerUri", + "aws:ResourceTag/${TagKey}" + ] + }, + "Authorizers": { + "resource": "Authorizers", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/authorizers", + "condition_keys": [ + "apigateway:Request/AuthorizerType", + "apigateway:Request/AuthorizerUri", + "aws:ResourceTag/${TagKey}" + ] + }, + "BasePathMapping": { + "resource": "BasePathMapping", + "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/basepathmappings/${BasePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "BasePathMappings": { + "resource": "BasePathMappings", + "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/basepathmappings", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ClientCertificate": { + "resource": "ClientCertificate", + "arn": "arn:${Partition}:apigateway:${Region}::/clientcertificates/${ClientCertificateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ClientCertificates": { + "resource": "ClientCertificates", + "arn": "arn:${Partition}:apigateway:${Region}::/clientcertificates", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Deployment": { + "resource": "Deployment", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/deployments/${DeploymentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Deployments": { + "resource": "Deployments", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/deployments", + "condition_keys": [ + "apigateway:Request/StageName", + "aws:ResourceTag/${TagKey}" + ] + }, + "DocumentationPart": { + "resource": "DocumentationPart", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/parts/${DocumentationPartId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "DocumentationParts": { + "resource": "DocumentationParts", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/parts", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "DocumentationVersion": { + "resource": "DocumentationVersion", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/versions/${DocumentationVersionId}", + "condition_keys": [] + }, + "DocumentationVersions": { + "resource": "DocumentationVersions", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/documentation/versions", + "condition_keys": [] + }, + "DomainName": { + "resource": "DomainName", + "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}", + "condition_keys": [ + "apigateway:Request/EndpointType", + "apigateway:Request/MtlsTrustStoreUri", + "apigateway:Request/MtlsTrustStoreVersion", + "apigateway:Request/SecurityPolicy", + "apigateway:Resource/EndpointType", + "apigateway:Resource/MtlsTrustStoreUri", + "apigateway:Resource/MtlsTrustStoreVersion", + "apigateway:Resource/SecurityPolicy", + "aws:ResourceTag/${TagKey}" + ] + }, + "DomainNames": { + "resource": "DomainNames", + "arn": "arn:${Partition}:apigateway:${Region}::/domainnames", + "condition_keys": [ + "apigateway:Request/EndpointType", + "apigateway:Request/MtlsTrustStoreUri", + "apigateway:Request/MtlsTrustStoreVersion", + "apigateway:Request/SecurityPolicy", + "aws:ResourceTag/${TagKey}" + ] + }, + "GatewayResponse": { + "resource": "GatewayResponse", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/gatewayresponses/${ResponseType}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "GatewayResponses": { + "resource": "GatewayResponses", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/gatewayresponses", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Integration": { + "resource": "Integration", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations/${IntegrationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "IntegrationResponse": { + "resource": "IntegrationResponse", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations/${IntegrationId}/integrationresponses/${IntegrationResponseId}", + "condition_keys": [] + }, + "Method": { + "resource": "Method", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources/${ResourceId}/methods/${HttpMethodType}", + "condition_keys": [ + "apigateway:Request/ApiKeyRequired", + "apigateway:Request/RouteAuthorizationType", + "apigateway:Resource/ApiKeyRequired", + "apigateway:Resource/RouteAuthorizationType", + "aws:ResourceTag/${TagKey}" + ] + }, + "MethodResponse": { + "resource": "MethodResponse", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources/${ResourceId}/methods/${HttpMethodType}/responses/${StatusCode}", + "condition_keys": [] + }, + "Model": { + "resource": "Model", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/models/${ModelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Models": { + "resource": "Models", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/models", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "RequestValidator": { + "resource": "RequestValidator", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/requestvalidators/${RequestValidatorId}", + "condition_keys": [] + }, + "RequestValidators": { + "resource": "RequestValidators", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/requestvalidators", + "condition_keys": [] + }, + "Resource": { + "resource": "Resource", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Resources": { + "resource": "Resources", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/resources", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "RestApi": { + "resource": "RestApi", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}", + "condition_keys": [ + "apigateway:Request/ApiKeyRequired", + "apigateway:Request/ApiName", + "apigateway:Request/AuthorizerType", + "apigateway:Request/AuthorizerUri", + "apigateway:Request/DisableExecuteApiEndpoint", + "apigateway:Request/EndpointType", + "apigateway:Request/RouteAuthorizationType", + "apigateway:Resource/ApiKeyRequired", + "apigateway:Resource/ApiName", + "apigateway:Resource/AuthorizerType", + "apigateway:Resource/AuthorizerUri", + "apigateway:Resource/DisableExecuteApiEndpoint", + "apigateway:Resource/EndpointType", + "apigateway:Resource/RouteAuthorizationType", + "aws:ResourceTag/${TagKey}" + ] + }, + "RestApis": { + "resource": "RestApis", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis", + "condition_keys": [ + "apigateway:Request/ApiKeyRequired", + "apigateway:Request/ApiName", + "apigateway:Request/AuthorizerType", + "apigateway:Request/AuthorizerUri", + "apigateway:Request/DisableExecuteApiEndpoint", + "apigateway:Request/EndpointType", + "apigateway:Request/RouteAuthorizationType", + "aws:ResourceTag/${TagKey}" + ] + }, + "Sdk": { + "resource": "Sdk", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${RestApiId}/stages/${StageName}/sdks/${SdkType}", + "condition_keys": [] + }, + "Stage": { + "resource": "Stage", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}", + "condition_keys": [ + "apigateway:Request/AccessLoggingDestination", + "apigateway:Request/AccessLoggingFormat", + "apigateway:Resource/AccessLoggingDestination", + "apigateway:Resource/AccessLoggingFormat", + "aws:ResourceTag/${TagKey}" + ] + }, + "Stages": { + "resource": "Stages", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages", + "condition_keys": [ + "apigateway:Request/AccessLoggingDestination", + "apigateway:Request/AccessLoggingFormat", + "aws:ResourceTag/${TagKey}" + ] + }, + "Template": { + "resource": "Template", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/models/${ModelName}/template", + "condition_keys": [] + }, + "UsagePlan": { + "resource": "UsagePlan", + "arn": "arn:${Partition}:apigateway:${Region}::/usageplans/${UsagePlanId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "UsagePlans": { + "resource": "UsagePlans", + "arn": "arn:${Partition}:apigateway:${Region}::/usageplans", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "UsagePlanKey": { + "resource": "UsagePlanKey", + "arn": "arn:${Partition}:apigateway:${Region}::/usageplans/${UsagePlanId}/keys/${Id}", + "condition_keys": [] + }, + "UsagePlanKeys": { + "resource": "UsagePlanKeys", + "arn": "arn:${Partition}:apigateway:${Region}::/usageplans/${UsagePlanId}/keys", + "condition_keys": [] + }, + "VpcLink": { + "resource": "VpcLink", + "arn": "arn:${Partition}:apigateway:${Region}::/vpclinks/${VpcLinkId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "VpcLinks": { + "resource": "VpcLinks", + "arn": "arn:${Partition}:apigateway:${Region}::/vpclinks", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Tags": { + "resource": "Tags", + "arn": "arn:${Partition}:apigateway:${Region}::/tags/${UrlEncodedResourceARN}", + "condition_keys": [] + }, + "AccessLogSettings": { + "resource": "AccessLogSettings", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}/accesslogsettings", + "condition_keys": [] + }, + "Api": { + "resource": "Api", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}", + "condition_keys": [ + "apigateway:Request/ApiKeyRequired", + "apigateway:Request/ApiName", + "apigateway:Request/AuthorizerType", + "apigateway:Request/AuthorizerUri", + "apigateway:Request/DisableExecuteApiEndpoint", + "apigateway:Request/EndpointType", + "apigateway:Request/RouteAuthorizationType", + "apigateway:Resource/ApiKeyRequired", + "apigateway:Resource/ApiName", + "apigateway:Resource/AuthorizerType", + "apigateway:Resource/AuthorizerUri", + "apigateway:Resource/DisableExecuteApiEndpoint", + "apigateway:Resource/EndpointType", + "apigateway:Resource/RouteAuthorizationType", + "aws:ResourceTag/${TagKey}" + ] + }, + "Apis": { + "resource": "Apis", + "arn": "arn:${Partition}:apigateway:${Region}::/apis", + "condition_keys": [ + "apigateway:Request/ApiKeyRequired", + "apigateway:Request/ApiName", + "apigateway:Request/AuthorizerType", + "apigateway:Request/AuthorizerUri", + "apigateway:Request/DisableExecuteApiEndpoint", + "apigateway:Request/EndpointType", + "apigateway:Request/RouteAuthorizationType", + "aws:ResourceTag/${TagKey}" + ] + }, + "ApiMapping": { + "resource": "ApiMapping", + "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/apimappings/${ApiMappingId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ApiMappings": { + "resource": "ApiMappings", + "arn": "arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}/apimappings", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "AuthorizersCache": { + "resource": "AuthorizersCache", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}/cache/authorizers", + "condition_keys": [] + }, + "Cors": { + "resource": "Cors", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/cors", + "condition_keys": [] + }, + "ExportedAPI": { + "resource": "ExportedAPI", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/exports/${Specification}", + "condition_keys": [] + }, + "Integrations": { + "resource": "Integrations", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "IntegrationResponses": { + "resource": "IntegrationResponses", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/integrations/${IntegrationId}/integrationresponses", + "condition_keys": [] + }, + "ModelTemplate": { + "resource": "ModelTemplate", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/models/${ModelId}/template", + "condition_keys": [] + }, + "Route": { + "resource": "Route", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}", + "condition_keys": [ + "apigateway:Request/ApiKeyRequired", + "apigateway:Request/RouteAuthorizationType", + "apigateway:Resource/ApiKeyRequired", + "apigateway:Resource/RouteAuthorizationType", + "aws:ResourceTag/${TagKey}" + ] + }, + "Routes": { + "resource": "Routes", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes", + "condition_keys": [ + "apigateway:Request/ApiKeyRequired", + "apigateway:Request/RouteAuthorizationType", + "aws:ResourceTag/${TagKey}" + ] + }, + "RouteResponse": { + "resource": "RouteResponse", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}/routeresponses/${RouteResponseId}", + "condition_keys": [] + }, + "RouteResponses": { + "resource": "RouteResponses", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}/routeresponses", + "condition_keys": [] + }, + "RouteRequestParameter": { + "resource": "RouteRequestParameter", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/routes/${RouteId}/requestparameters/${RequestParameterKey}", + "condition_keys": [] + }, + "RouteSettings": { + "resource": "RouteSettings", + "arn": "arn:${Partition}:apigateway:${Region}::/apis/${ApiId}/stages/${StageName}/routesettings/${RouteKey}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "account": "Account", + "apikey": "ApiKey", + "apikeys": "ApiKeys", + "authorizer": "Authorizer", + "authorizers": "Authorizers", + "basepathmapping": "BasePathMapping", + "basepathmappings": "BasePathMappings", + "clientcertificate": "ClientCertificate", + "clientcertificates": "ClientCertificates", + "deployment": "Deployment", + "deployments": "Deployments", + "documentationpart": "DocumentationPart", + "documentationparts": "DocumentationParts", + "documentationversion": "DocumentationVersion", + "documentationversions": "DocumentationVersions", + "domainname": "DomainName", + "domainnames": "DomainNames", + "gatewayresponse": "GatewayResponse", + "gatewayresponses": "GatewayResponses", + "integration": "Integration", + "integrationresponse": "IntegrationResponse", + "method": "Method", + "methodresponse": "MethodResponse", + "model": "Model", + "models": "Models", + "requestvalidator": "RequestValidator", + "requestvalidators": "RequestValidators", + "resource": "Resource", + "resources": "Resources", + "restapi": "RestApi", + "restapis": "RestApis", + "sdk": "Sdk", + "stage": "Stage", + "stages": "Stages", + "template": "Template", + "usageplan": "UsagePlan", + "usageplans": "UsagePlans", + "usageplankey": "UsagePlanKey", + "usageplankeys": "UsagePlanKeys", + "vpclink": "VpcLink", + "vpclinks": "VpcLinks", + "tags": "Tags", + "accesslogsettings": "AccessLogSettings", + "api": "Api", + "apis": "Apis", + "apimapping": "ApiMapping", + "apimappings": "ApiMappings", + "authorizerscache": "AuthorizersCache", + "cors": "Cors", + "exportedapi": "ExportedAPI", + "integrations": "Integrations", + "integrationresponses": "IntegrationResponses", + "modeltemplate": "ModelTemplate", + "route": "Route", + "routes": "Routes", + "routeresponse": "RouteResponse", + "routeresponses": "RouteResponses", + "routerequestparameter": "RouteRequestParameter", + "routesettings": "RouteSettings" + }, + "conditions": { + "apigateway:Request/AccessLoggingDestination": { + "condition": "apigateway:Request/AccessLoggingDestination", + "description": "Filters access by access log destination. Available during the CreateStage and UpdateStage operations", + "type": "String" + }, + "apigateway:Request/AccessLoggingFormat": { + "condition": "apigateway:Request/AccessLoggingFormat", + "description": "Filters access by access log format. Available during the CreateStage and UpdateStage operations", + "type": "String" + }, + "apigateway:Request/ApiKeyRequired": { + "condition": "apigateway:Request/ApiKeyRequired", + "description": "Filters access by the requirement of API. Available during the CreateRoute and UpdateRoute operations. Also available as a collection during import and reimport", + "type": "ArrayOfBool" + }, + "apigateway:Request/ApiName": { + "condition": "apigateway:Request/ApiName", + "description": "Filters access by API name. Available during the CreateApi and UpdateApi operations", + "type": "String" + }, + "apigateway:Request/AuthorizerType": { + "condition": "apigateway:Request/AuthorizerType", + "description": "Filters access by type of authorizer in the request, for example REQUEST or JWT. Available during CreateAuthorizer and UpdateAuthorizer. Also available during import and reimport as an ArrayOfString", + "type": "ArrayOfString" + }, + "apigateway:Request/AuthorizerUri": { + "condition": "apigateway:Request/AuthorizerUri", + "description": "Filters access by URI of a Lambda authorizer function. Available during CreateAuthorizer and UpdateAuthorizer. Also available during import and reimport as an ArrayOfString", + "type": "ArrayOfString" + }, + "apigateway:Request/DisableExecuteApiEndpoint": { + "condition": "apigateway:Request/DisableExecuteApiEndpoint", + "description": "Filters access by status of the default execute-api endpoint. Available during the CreateApi and UpdateApi operations", + "type": "Bool" + }, + "apigateway:Request/EndpointType": { + "condition": "apigateway:Request/EndpointType", + "description": "Filters access by endpoint type. Available during the CreateDomainName, UpdateDomainName, CreateApi, and UpdateApi operations", + "type": "ArrayOfString" + }, + "apigateway:Request/MtlsTrustStoreUri": { + "condition": "apigateway:Request/MtlsTrustStoreUri", + "description": "Filters access by URI of the truststore used for mutual TLS authentication. Available during the CreateDomainName and UpdateDomainName operations", + "type": "String" + }, + "apigateway:Request/MtlsTrustStoreVersion": { + "condition": "apigateway:Request/MtlsTrustStoreVersion", + "description": "Filters access by version of the truststore used for mutual TLS authentication. Available during the CreateDomainName and UpdateDomainName operations", + "type": "String" + }, + "apigateway:Request/RouteAuthorizationType": { + "condition": "apigateway:Request/RouteAuthorizationType", + "description": "Filters access by authorization type, for example NONE, AWS_IAM, CUSTOM, JWT. Available during the CreateRoute and UpdateRoute operations. Also available as a collection during import", + "type": "ArrayOfString" + }, + "apigateway:Request/SecurityPolicy": { + "condition": "apigateway:Request/SecurityPolicy", + "description": "Filters access by TLS version. Available during the CreateDomain and UpdateDomain operations", + "type": "ArrayOfString" + }, + "apigateway:Request/StageName": { + "condition": "apigateway:Request/StageName", + "description": "Filters access by stage name of the deployment that you attempt to create. Available during the CreateDeployment operation", + "type": "String" + }, + "apigateway:Resource/AccessLoggingDestination": { + "condition": "apigateway:Resource/AccessLoggingDestination", + "description": "Filters access by access log destination of the current Stage resource. Available during the UpdateStage and DeleteStage operations", + "type": "String" + }, + "apigateway:Resource/AccessLoggingFormat": { + "condition": "apigateway:Resource/AccessLoggingFormat", + "description": "Filters access by access log format of the current Stage resource. Available during the UpdateStage and DeleteStage operations", + "type": "String" + }, + "apigateway:Resource/ApiKeyRequired": { + "condition": "apigateway:Resource/ApiKeyRequired", + "description": "Filters access by the requirement of API key for the existing Route resource. Available during the UpdateRoute and DeleteRoute operations. Also available as a collection during reimport", + "type": "ArrayOfBool" + }, + "apigateway:Resource/ApiName": { + "condition": "apigateway:Resource/ApiName", + "description": "Filters access by API name. Available during the UpdateApi and DeleteApi operations", + "type": "String" + }, + "apigateway:Resource/AuthorizerType": { + "condition": "apigateway:Resource/AuthorizerType", + "description": "Filters access by the current type of authorizer, for example REQUEST or JWT. Available during UpdateAuthorizer and DeleteAuthorizer operations. Also available during import and reimport as an ArrayOfString", + "type": "ArrayOfString" + }, + "apigateway:Resource/AuthorizerUri": { + "condition": "apigateway:Resource/AuthorizerUri", + "description": "Filters access by the URI of the current Lambda authorizer associated with the current API. Available during UpdateAuthorizer and DeleteAuthorizer. Also available as a collection during reimport", + "type": "ArrayOfString" + }, + "apigateway:Resource/DisableExecuteApiEndpoint": { + "condition": "apigateway:Resource/DisableExecuteApiEndpoint", + "description": "Filters access by status of the default execute-api endpoint. Available during the UpdateApi and DeleteApi operations", + "type": "Bool" + }, + "apigateway:Resource/EndpointType": { + "condition": "apigateway:Resource/EndpointType", + "description": "Filters access by endpoint type. Available during the UpdateDomainName, DeleteDomainName, UpdateApi, and DeleteApi operations", + "type": "ArrayOfString" + }, + "apigateway:Resource/MtlsTrustStoreUri": { + "condition": "apigateway:Resource/MtlsTrustStoreUri", + "description": "Filters access by URI of the truststore used for mutual TLS authentication. Available during the UpdateDomainName and DeleteDomainName operations", + "type": "String" + }, + "apigateway:Resource/MtlsTrustStoreVersion": { + "condition": "apigateway:Resource/MtlsTrustStoreVersion", + "description": "Filters access by version of the truststore used for mutual TLS authentication. Available during the UpdateDomainName and DeleteDomainName operations", + "type": "String" + }, + "apigateway:Resource/RouteAuthorizationType": { + "condition": "apigateway:Resource/RouteAuthorizationType", + "description": "Filters access by authorization type of the existing Route resource, for example NONE, AWS_IAM, CUSTOM. Available during the UpdateRoute and DeleteRoute operations. Also available as a collection during reimport", + "type": "ArrayOfString" + }, + "apigateway:Resource/SecurityPolicy": { + "condition": "apigateway:Resource/SecurityPolicy", + "description": "Filters access by TLS version. Available during the UpdateDomainName and DeleteDomainName operations", + "type": "ArrayOfString" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "appflow": { + "service_name": "Amazon AppFlow", + "prefix": "appflow", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonappflow.html", + "privileges": { + "CancelFlowExecutions": { + "privilege": "CancelFlowExecutions", + "description": "Grants permission to cancel in-progress executions of an Amazon AppFlow flow", + "access_level": "Write", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CancelFlowExecutions.html" + }, + "CreateConnectorProfile": { + "privilege": "CreateConnectorProfile", + "description": "Grants permission to create a login profile to be used with Amazon AppFlow flows", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateConnectorProfile.html" + }, + "CreateFlow": { + "privilege": "CreateFlow", + "description": "Grants permission to create an Amazon AppFlow flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateFlow.html" + }, + "DeleteConnectorProfile": { + "privilege": "DeleteConnectorProfile", + "description": "Grants permission to delete a login profile configured in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectorProfiles.html" + }, + "DeleteFlow": { + "privilege": "DeleteFlow", + "description": "Grants permission to delete an Amazon AppFlow flow", + "access_level": "Write", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DeleteFlow.html" + }, + "DescribeConnector": { + "privilege": "DescribeConnector", + "description": "Grants permission to describe a connector registered in Amazon AppFlow", + "access_level": "Read", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnector.html" + }, + "DescribeConnectorEntity": { + "privilege": "DescribeConnectorEntity", + "description": "Grants permission to describe all fields for an object in a login profile configured in Amazon AppFlow", + "access_level": "Read", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectorEntity.html" + }, + "DescribeConnectorFields": { + "privilege": "DescribeConnectorFields", + "description": "Grants permission to describe all fields for an object in a login profile configured in Amazon AppFlow (Console Only)", + "access_level": "Read", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" + }, + "DescribeConnectorProfiles": { + "privilege": "DescribeConnectorProfiles", + "description": "Grants permission to describe all login profiles configured in Amazon AppFlow", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectorProfiles.html" + }, + "DescribeConnectors": { + "privilege": "DescribeConnectors", + "description": "Grants permission to describe all connectors supported by Amazon AppFlow", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeConnectors.html " + }, + "DescribeFlow": { + "privilege": "DescribeFlow", + "description": "Grants permission to describe a specific flow configured in Amazon AppFlow", + "access_level": "Read", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeFlow.html" + }, + "DescribeFlowExecution": { + "privilege": "DescribeFlowExecution", + "description": "Grants permission to describe all flow executions for a flow configured in Amazon AppFlow (Console Only)", + "access_level": "Read", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" + }, + "DescribeFlowExecutionRecords": { + "privilege": "DescribeFlowExecutionRecords", + "description": "Grants permission to describe all flow executions for a flow configured in Amazon AppFlow", + "access_level": "Read", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_DescribeFlowExecutionRecords.html" + }, + "DescribeFlows": { + "privilege": "DescribeFlows", + "description": "Grants permission to describe all flows configured in Amazon AppFlow (Console Only)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" + }, + "ListConnectorEntities": { + "privilege": "ListConnectorEntities", + "description": "Grants permission to list all objects for a login profile configured in Amazon AppFlow", + "access_level": "List", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListConnectorEntities.html" + }, + "ListConnectorFields": { + "privilege": "ListConnectorFields", + "description": "Grants permission to list all objects for a login profile configured in Amazon AppFlow (Console Only)", + "access_level": "Read", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" + }, + "ListConnectors": { + "privilege": "ListConnectors", + "description": "Grants permission to list all connectors supported in Amazon AppFlow", + "access_level": "List", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListConnectors.html" + }, + "ListFlows": { + "privilege": "ListFlows", + "description": "Grants permission to list all flows configured in Amazon AppFlow", + "access_level": "List", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListFlows.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a flow", + "access_level": "Read", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ListTagsForResource.html" + }, + "RegisterConnector": { + "privilege": "RegisterConnector", + "description": "Grants permission to register an Amazon AppFlow connector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_RegisterConnector.html" + }, + "ResetConnectorMetadataCache": { + "privilege": "ResetConnectorMetadataCache", + "description": "Grants permission to resets metadata of connector entities that Amazon AppFlow stored in its cache", + "access_level": "Write", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_ResetConnectorMetadataCache.html" + }, + "RunFlow": { + "privilege": "RunFlow", + "description": "Grants permission to run a flow configured in Amazon AppFlow (Console Only)", + "access_level": "Write", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/latest/userguide/identity-access-management.html#appflow-api-actions" + }, + "StartFlow": { + "privilege": "StartFlow", + "description": "Grants permission to activate (for scheduled and event-triggered flows) or run (for on-demand flows) a flow configured in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_StartFlow.html" + }, + "StopFlow": { + "privilege": "StopFlow", + "description": "Grants permission to deactivate a scheduled or event-triggered flow configured in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_StopFlow.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a flow or a connector", + "access_level": "Tagging", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flow": { + "resource_type": "flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector", + "flow": "flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_TagResource.html" + }, + "UnRegisterConnector": { + "privilege": "UnRegisterConnector", + "description": "Grants permission to un-register a connector in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UnregisterConnector.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a flow or a connector", + "access_level": "Tagging", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flow": { + "resource_type": "flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector", + "flow": "flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UntagResource.html" + }, + "UpdateConnectorProfile": { + "privilege": "UpdateConnectorProfile", + "description": "Grants permission to update a login profile configured in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UpdateConnectorProfile.html" + }, + "UpdateConnectorRegistration": { + "privilege": "UpdateConnectorRegistration", + "description": "Grants permission to update a registered connector configured in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UpdateConnectorRegistration.html" + }, + "UpdateFlow": { + "privilege": "UpdateFlow", + "description": "Grants permission to update a flow configured in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "flow": { + "resource_type": "flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow": "flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appflow/1.0/APIReference/API_UpdateFlow.html" + }, + "UseConnectorProfile": { + "privilege": "UseConnectorProfile", + "description": "Grants permission to use a connector profile while creating a flow in Amazon AppFlow", + "access_level": "Write", + "resource_types": { + "connectorprofile": { + "resource_type": "connectorprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectorprofile": "connectorprofile" + }, + "api_documentation_link": "API_CreateFlow.html" + } + }, + "privileges_lower_name": { + "cancelflowexecutions": "CancelFlowExecutions", + "createconnectorprofile": "CreateConnectorProfile", + "createflow": "CreateFlow", + "deleteconnectorprofile": "DeleteConnectorProfile", + "deleteflow": "DeleteFlow", + "describeconnector": "DescribeConnector", + "describeconnectorentity": "DescribeConnectorEntity", + "describeconnectorfields": "DescribeConnectorFields", + "describeconnectorprofiles": "DescribeConnectorProfiles", + "describeconnectors": "DescribeConnectors", + "describeflow": "DescribeFlow", + "describeflowexecution": "DescribeFlowExecution", + "describeflowexecutionrecords": "DescribeFlowExecutionRecords", + "describeflows": "DescribeFlows", + "listconnectorentities": "ListConnectorEntities", + "listconnectorfields": "ListConnectorFields", + "listconnectors": "ListConnectors", + "listflows": "ListFlows", + "listtagsforresource": "ListTagsForResource", + "registerconnector": "RegisterConnector", + "resetconnectormetadatacache": "ResetConnectorMetadataCache", + "runflow": "RunFlow", + "startflow": "StartFlow", + "stopflow": "StopFlow", + "tagresource": "TagResource", + "unregisterconnector": "UnRegisterConnector", + "untagresource": "UntagResource", + "updateconnectorprofile": "UpdateConnectorProfile", + "updateconnectorregistration": "UpdateConnectorRegistration", + "updateflow": "UpdateFlow", + "useconnectorprofile": "UseConnectorProfile" + }, + "resources": { + "connectorprofile": { + "resource": "connectorprofile", + "arn": "arn:${Partition}:appflow:${Region}:${Account}:connectorprofile/${ProfileName}", + "condition_keys": [] + }, + "flow": { + "resource": "flow", + "arn": "arn:${Partition}:appflow:${Region}:${Account}:flow/${FlowName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "connector": { + "resource": "connector", + "arn": "arn:${Partition}:appflow:${Region}:${Account}:connector/${ConnectorLabel}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "connectorprofile": "connectorprofile", + "flow": "flow", + "connector": "connector" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "app-integrations": { + "service_name": "Amazon AppIntegrations", + "prefix": "app-integrations", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonappintegrations.html", + "privileges": { + "CreateDataIntegration": { + "privilege": "CreateDataIntegration", + "description": "Grants permission to create a new DataIntegration", + "access_level": "Write", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "appflow:DeleteFlow", + "appflow:DescribeConnectorProfiles", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "kms:CreateGrant" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateDataIntegration.html" + }, + "CreateDataIntegrationAssociation": { + "privilege": "CreateDataIntegrationAssociation", + "description": "Grants permission to create a DataIntegrationAssociation", + "access_level": "Write", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "appflow:CreateFlow", + "appflow:DeleteFlow", + "appflow:DescribeConnectorEntity", + "appflow:DescribeConnectorProfiles", + "appflow:TagResource", + "appflow:UseConnectorProfile" + ] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateDataIntegrationAssociation.html" + }, + "CreateEventIntegration": { + "privilege": "CreateEventIntegration", + "description": "Grants permission to create a new EventIntegration", + "access_level": "Write", + "resource_types": { + "event-integration": { + "resource_type": "event-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-integration": "event-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateEventIntegration.html" + }, + "CreateEventIntegrationAssociation": { + "privilege": "CreateEventIntegrationAssociation", + "description": "Grants permission to create an EventIntegrationAssociation", + "access_level": "Write", + "resource_types": { + "event-integration": { + "resource_type": "event-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:PutRule", + "events:PutTargets" + ] + } + }, + "resource_types_lower_name": { + "event-integration": "event-integration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_CreateEventIntegrationAssociation.html" + }, + "DeleteDataIntegration": { + "privilege": "DeleteDataIntegration", + "description": "Grants permission to delete a DataIntegration", + "access_level": "Write", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteDataIntegration.html" + }, + "DeleteDataIntegrationAssociation": { + "privilege": "DeleteDataIntegrationAssociation", + "description": "Grants permission to delete a DataIntegrationAssociation", + "access_level": "Write", + "resource_types": { + "data-integration-association": { + "resource_type": "data-integration-association", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "appflow:CreateFlow", + "appflow:DeleteFlow", + "appflow:DescribeConnectorEntity", + "appflow:DescribeConnectorProfiles", + "appflow:StopFlow", + "appflow:TagResource", + "appflow:UseConnectorProfile" + ] + } + }, + "resource_types_lower_name": { + "data-integration-association": "data-integration-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteDataIntegrationAssociation.html" + }, + "DeleteEventIntegration": { + "privilege": "DeleteEventIntegration", + "description": "Grants permission to delete an EventIntegration", + "access_level": "Write", + "resource_types": { + "event-integration": { + "resource_type": "event-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-integration": "event-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteEventIntegration.html" + }, + "DeleteEventIntegrationAssociation": { + "privilege": "DeleteEventIntegrationAssociation", + "description": "Grants permission to delete an EventIntegrationAssociation", + "access_level": "Write", + "resource_types": { + "event-integration-association": { + "resource_type": "event-integration-association", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:DeleteRule", + "events:ListTargetsByRule", + "events:RemoveTargets" + ] + } + }, + "resource_types_lower_name": { + "event-integration-association": "event-integration-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_DeleteEventIntegrationAssociation.html" + }, + "GetDataIntegration": { + "privilege": "GetDataIntegration", + "description": "Grants permission to view details about DataIntegrations", + "access_level": "Read", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_GetDataIntegration.html" + }, + "GetEventIntegration": { + "privilege": "GetEventIntegration", + "description": "Grants permission to view details about EventIntegrations", + "access_level": "Read", + "resource_types": { + "event-integration": { + "resource_type": "event-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-integration": "event-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_GetEventIntegration.html" + }, + "ListDataIntegrationAssociations": { + "privilege": "ListDataIntegrationAssociations", + "description": "Grants permission to list DataIntegrationAssociations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListDataIntegrationAssociations.html" + }, + "ListDataIntegrations": { + "privilege": "ListDataIntegrations", + "description": "Grants permission to list DataIntegrations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListDataIntegrations.html" + }, + "ListEventIntegrationAssociations": { + "privilege": "ListEventIntegrationAssociations", + "description": "Grants permission to list EventIntegrationAssociations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListEventIntegrationAssociations" + }, + "ListEventIntegrations": { + "privilege": "ListEventIntegrations", + "description": "Grants permission to list EventIntegrations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListEventIntegrations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tag for an Amazon AppIntegration resource", + "access_level": "Read", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "data-integration-association": { + "resource_type": "data-integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-integration": { + "resource_type": "event-integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-integration-association": { + "resource_type": "event-integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration", + "data-integration-association": "data-integration-association", + "event-integration": "event-integration", + "event-integration-association": "event-integration-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon AppIntegration resource", + "access_level": "Tagging", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "data-integration-association": { + "resource_type": "data-integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-integration": { + "resource_type": "event-integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-integration-association": { + "resource_type": "event-integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration", + "data-integration-association": "data-integration-association", + "event-integration": "event-integration", + "event-integration-association": "event-integration-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Amazon AppIntegration resource", + "access_level": "Tagging", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "data-integration-association": { + "resource_type": "data-integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-integration": { + "resource_type": "event-integration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-integration-association": { + "resource_type": "event-integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration", + "data-integration-association": "data-integration-association", + "event-integration": "event-integration", + "event-integration-association": "event-integration-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_UntagResource.html" + }, + "UpdateDataIntegration": { + "privilege": "UpdateDataIntegration", + "description": "Grants permission to modify a DataIntegration", + "access_level": "Write", + "resource_types": { + "data-integration": { + "resource_type": "data-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-integration": "data-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_UpdateDataIntegration.html" + }, + "UpdateEventIntegration": { + "privilege": "UpdateEventIntegration", + "description": "Grants permission to modify an EventIntegration", + "access_level": "Write", + "resource_types": { + "event-integration": { + "resource_type": "event-integration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-integration": "event-integration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appintegrations/latest/APIReference/API_UpdateEventIntegration.html" + } + }, + "privileges_lower_name": { + "createdataintegration": "CreateDataIntegration", + "createdataintegrationassociation": "CreateDataIntegrationAssociation", + "createeventintegration": "CreateEventIntegration", + "createeventintegrationassociation": "CreateEventIntegrationAssociation", + "deletedataintegration": "DeleteDataIntegration", + "deletedataintegrationassociation": "DeleteDataIntegrationAssociation", + "deleteeventintegration": "DeleteEventIntegration", + "deleteeventintegrationassociation": "DeleteEventIntegrationAssociation", + "getdataintegration": "GetDataIntegration", + "geteventintegration": "GetEventIntegration", + "listdataintegrationassociations": "ListDataIntegrationAssociations", + "listdataintegrations": "ListDataIntegrations", + "listeventintegrationassociations": "ListEventIntegrationAssociations", + "listeventintegrations": "ListEventIntegrations", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedataintegration": "UpdateDataIntegration", + "updateeventintegration": "UpdateEventIntegration" + }, + "resources": { + "event-integration": { + "resource": "event-integration", + "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:event-integration/${EventIntegrationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "event-integration-association": { + "resource": "event-integration-association", + "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:event-integration-association/${EventIntegrationName}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "data-integration": { + "resource": "data-integration", + "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:data-integration/${DataIntegrationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "data-integration-association": { + "resource": "data-integration-association", + "arn": "arn:${Partition}:app-integrations:${Region}:${Account}:data-integration-association/${DataIntegrationId}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "event-integration": "event-integration", + "event-integration-association": "event-integration-association", + "data-integration": "data-integration", + "data-integration-association": "data-integration-association" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "appstream": { + "service_name": "Amazon AppStream 2.0", + "prefix": "appstream", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonappstream2.0.html", + "privileges": { + "AssociateAppBlockBuilderAppBlock": { + "privilege": "AssociateAppBlockBuilderAppBlock", + "description": "Grants permission to associate the specified app block builder with the app block", + "access_level": "Write", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block", + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateAppBlockBuilderAppBlock.html" + }, + "AssociateApplicationFleet": { + "privilege": "AssociateApplicationFleet", + "description": "Grants permission to associate the specified application with the fleet", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateApplicationFleet.html" + }, + "AssociateApplicationToEntitlement": { + "privilege": "AssociateApplicationToEntitlement", + "description": "Grants permission to associate the specified application to the specified entitlement", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateApplicationToEntitlement.html" + }, + "AssociateFleet": { + "privilege": "AssociateFleet", + "description": "Grants permission to associate the specified fleet with the specified stack", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AssociateFleet.html" + }, + "BatchAssociateUserStack": { + "privilege": "BatchAssociateUserStack", + "description": "Grants permission to associate the specified users with the specified stacks. Users in a user pool cannot be assigned to stacks with fleets that are joined to an Active Directory domain", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_BatchAssociateUserStack.html" + }, + "BatchDisassociateUserStack": { + "privilege": "BatchDisassociateUserStack", + "description": "Grants permission to disassociate the specified users from the specified stacks", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_BatchDisassociateUserStack.html" + }, + "CopyImage": { + "privilege": "CopyImage", + "description": "Grants permission to copy the specified image within the same Region or to a new Region within the same AWS account", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CopyImage.html" + }, + "CreateAppBlock": { + "privilege": "CreateAppBlock", + "description": "Grants permission to create an app block. App blocks store details about the virtual hard disk that contains the files for the application in an S3 bucket. It also stores the setup script with details about how to mount the virtual hard disk. App blocks are only supported for Elastic fleets", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateAppBlock.html" + }, + "CreateAppBlockBuilder": { + "privilege": "CreateAppBlockBuilder", + "description": "Grants permission to create an app block builder. An app block builder is a virtual machine that is used to create an app block", + "access_level": "Write", + "resource_types": { + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateAppBlockBuilder.html" + }, + "CreateAppBlockBuilderStreamingURL": { + "privilege": "CreateAppBlockBuilderStreamingURL", + "description": "Grants permission to create a URL to start an app block builder streaming session", + "access_level": "Write", + "resource_types": { + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateAppBlockBuilderStreamingURL.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application within customer account. Applications store the details about how to launch applications on streaming instances. This is only supported for Elastic fleets", + "access_level": "Write", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateApplication.html" + }, + "CreateDirectoryConfig": { + "privilege": "CreateDirectoryConfig", + "description": "Grants permission to create a Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateDirectoryConfig.html" + }, + "CreateEntitlement": { + "privilege": "CreateEntitlement", + "description": "Grants permission to create an entitlement to control access to applications based on user attributes", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateEntitlement.html" + }, + "CreateFleet": { + "privilege": "CreateFleet", + "description": "Grants permission to create a fleet. A fleet is a group of streaming instances from which applications are launched and streamed to users", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateFleet.html" + }, + "CreateImageBuilder": { + "privilege": "CreateImageBuilder", + "description": "Grants permission to create an image builder. An image builder is a virtual machine that is used to create an image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "image-builder": { + "resource_type": "image-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "image-builder": "image-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateImageBuilder.html" + }, + "CreateImageBuilderStreamingURL": { + "privilege": "CreateImageBuilderStreamingURL", + "description": "Grants permission to create a URL to start an image builder streaming session", + "access_level": "Write", + "resource_types": { + "image-builder": { + "resource_type": "image-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-builder": "image-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateImageBuilderStreamingURL.html" + }, + "CreateStack": { + "privilege": "CreateStack", + "description": "Grants permission to create a stack to start streaming applications to users. A stack consists of an associated fleet, user access policies, and storage configurations", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateStack.html" + }, + "CreateStreamingURL": { + "privilege": "CreateStreamingURL", + "description": "Grants permission to create a temporary URL to start an AppStream 2.0 streaming session for the specified user. A streaming URL enables application streaming to be tested without user setup", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateStreamingURL.html" + }, + "CreateUpdatedImage": { + "privilege": "CreateUpdatedImage", + "description": "Grants permission to update an existing image within customer account", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateUpdatedImage.html" + }, + "CreateUsageReportSubscription": { + "privilege": "CreateUsageReportSubscription", + "description": "Grants permission to create a usage report subscription. Usage reports are generated daily", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateUsageReportSubscription.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a new user in the user pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_CreateUser.html" + }, + "DeleteAppBlock": { + "privilege": "DeleteAppBlock", + "description": "Grants permission to delete the specified app block", + "access_level": "Write", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteAppBlock.html" + }, + "DeleteAppBlockBuilder": { + "privilege": "DeleteAppBlockBuilder", + "description": "Grants permission to delete the specified app block builder and release capacity", + "access_level": "Write", + "resource_types": { + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteAppBlockBuilder.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete the specified application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteApplication.html" + }, + "DeleteDirectoryConfig": { + "privilege": "DeleteDirectoryConfig", + "description": "Grants permission to delete the specified Directory Config object from AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteDirectoryConfig.html" + }, + "DeleteEntitlement": { + "privilege": "DeleteEntitlement", + "description": "Grants permission to delete the specified entitlement", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteEntitlement.html" + }, + "DeleteFleet": { + "privilege": "DeleteFleet", + "description": "Grants permission to delete the specified fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteFleet.html" + }, + "DeleteImage": { + "privilege": "DeleteImage", + "description": "Grants permission to delete the specified image. An image cannot be deleted when it is in use", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteImage.html" + }, + "DeleteImageBuilder": { + "privilege": "DeleteImageBuilder", + "description": "Grants permission to delete the specified image builder and release capacity", + "access_level": "Write", + "resource_types": { + "image-builder": { + "resource_type": "image-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-builder": "image-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteImageBuilder.html" + }, + "DeleteImagePermissions": { + "privilege": "DeleteImagePermissions", + "description": "Grants permission to delete permissions for the specified private image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteImagePermissions.html" + }, + "DeleteStack": { + "privilege": "DeleteStack", + "description": "Grants permission to delete the specified stack. After the stack is deleted, the application streaming environment provided by the stack is no longer available to users. Also, any reservations made for application streaming sessions for the stack are released", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteStack.html" + }, + "DeleteUsageReportSubscription": { + "privilege": "DeleteUsageReportSubscription", + "description": "Grants permission to disable usage report generation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteUsageReportSubscription.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user from the user pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DeleteUser.html" + }, + "DescribeAppBlockBuilderAppBlockAssociations": { + "privilege": "DescribeAppBlockBuilderAppBlockAssociations", + "description": "Grants permission to retrieve the associations that are associated with the specified app block builder or app block", + "access_level": "Read", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-block-builder": { + "resource_type": "app-block-builder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block", + "app-block-builder": "app-block-builder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeAppBlockBuilderAppBlockAssociations.html" + }, + "DescribeAppBlockBuilders": { + "privilege": "DescribeAppBlockBuilders", + "description": "Grants permission to retrieve a list that describes one or more specified app block builders, if the app block builder names are provided. Otherwise, all app block builders in the account are described", + "access_level": "Read", + "resource_types": { + "app-block-builder": { + "resource_type": "app-block-builder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block-builder": "app-block-builder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeAppBlockBuilders.html" + }, + "DescribeAppBlocks": { + "privilege": "DescribeAppBlocks", + "description": "Grants permission to retrieve a list that describes one or more specified app blocks, if the app block arns are provided. Otherwise, all app blocks in the account are described", + "access_level": "Read", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeAppBlocks.html" + }, + "DescribeApplicationFleetAssociations": { + "privilege": "DescribeApplicationFleetAssociations", + "description": "Grants permission to retrieve the associations that are associated with the specified application or fleet", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeApplicationFleetAssociations.html" + }, + "DescribeApplications": { + "privilege": "DescribeApplications", + "description": "Grants permission to retrieve a list that describes one or more specified applications, if the application arns are provided. Otherwise, all applications in the account are described", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeApplications.html" + }, + "DescribeDirectoryConfigs": { + "privilege": "DescribeDirectoryConfigs", + "description": "Grants permission to retrieve a list that describes one or more specified Directory Config objects for AppStream 2.0, if the names for these objects are provided. Otherwise, all Directory Config objects in the account are described. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeDirectoryConfigs.html" + }, + "DescribeEntitlements": { + "privilege": "DescribeEntitlements", + "description": "Grants permission to retrieve one or all entitlements for the specified stack", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeEntitlements.html" + }, + "DescribeFleets": { + "privilege": "DescribeFleets", + "description": "Grants permission to retrieve a list that describes one or more specified fleets, if the fleet names are provided. Otherwise, all fleets in the account are described", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeFleets.html" + }, + "DescribeImageBuilders": { + "privilege": "DescribeImageBuilders", + "description": "Grants permission to retrieve a list that describes one or more specified image builders, if the image builder names are provided. Otherwise, all image builders in the account are described", + "access_level": "Read", + "resource_types": { + "image-builder": { + "resource_type": "image-builder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-builder": "image-builder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeImageBuilders.html" + }, + "DescribeImagePermissions": { + "privilege": "DescribeImagePermissions", + "description": "Grants permission to retrieve a list that describes the permissions for shared AWS account IDs on a private image that you own", + "access_level": "Read", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeImagePermissions.html" + }, + "DescribeImages": { + "privilege": "DescribeImages", + "description": "Grants permission to retrieve a list that describes one or more specified images, if the image names or image ARNs are provided. Otherwise, all images in the account are described", + "access_level": "Read", + "resource_types": { + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeImages.html" + }, + "DescribeSessions": { + "privilege": "DescribeSessions", + "description": "Grants permission to retrieve a list that describes the streaming sessions for the specified stack and fleet. If a user ID is provided for the stack and fleet, only the streaming sessions for that user are described", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeSessions.html" + }, + "DescribeStacks": { + "privilege": "DescribeStacks", + "description": "Grants permission to retrieve a list that describes one or more specified stacks, if the stack names are provided. Otherwise, all stacks in the account are described", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeStacks.html" + }, + "DescribeUsageReportSubscriptions": { + "privilege": "DescribeUsageReportSubscriptions", + "description": "Grants permission to retrieve a list that describes one or more usage report subscriptions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeUsageReportSubscriptions.html" + }, + "DescribeUserStackAssociations": { + "privilege": "DescribeUserStackAssociations", + "description": "Grants permission to retrieve a list that describes the UserStackAssociation objects", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeUserStackAssociations.html" + }, + "DescribeUsers": { + "privilege": "DescribeUsers", + "description": "Grants permission to retrieve a list that describes users in the user pool", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DescribeUsers.html" + }, + "DisableUser": { + "privilege": "DisableUser", + "description": "Grants permission to disable the specified user in the user pool. This action does not delete the user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisableUser.html" + }, + "DisassociateAppBlockBuilderAppBlock": { + "privilege": "DisassociateAppBlockBuilderAppBlock", + "description": "Grants permission to disassociate the specified app block builder with the app block", + "access_level": "Write", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block", + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateAppBlockBuilderAppBlock.html" + }, + "DisassociateApplicationFleet": { + "privilege": "DisassociateApplicationFleet", + "description": "Grants permission to disassociate the specified application from the specified fleet", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateApplicationFleet.html" + }, + "DisassociateApplicationFromEntitlement": { + "privilege": "DisassociateApplicationFromEntitlement", + "description": "Grants permission to disassociate the specified application from the specified entitlement", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateApplicationFromEntitlement.html" + }, + "DisassociateFleet": { + "privilege": "DisassociateFleet", + "description": "Grants permission to disassociate the specified fleet from the specified stack", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_DisassociateFleet.html" + }, + "EnableUser": { + "privilege": "EnableUser", + "description": "Grants permission to enable a user in the user pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_EnableUser.html" + }, + "ExpireSession": { + "privilege": "ExpireSession", + "description": "Grants permission to immediately stop the specified streaming session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ExpireSession.html" + }, + "ListAssociatedFleets": { + "privilege": "ListAssociatedFleets", + "description": "Grants permission to retrieve the name of the fleet that is associated with the specified stack", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListAssociatedFleets.html" + }, + "ListAssociatedStacks": { + "privilege": "ListAssociatedStacks", + "description": "Grants permission to retrieve the name of the stack with which the specified fleet is associated", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListAssociatedStacks.html" + }, + "ListEntitledApplications": { + "privilege": "ListEntitledApplications", + "description": "Grants permission to retrieve the applications that are associated with the specified entitlement", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListEntitledApplications.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of all tags for the specified AppStream 2.0 resource. The following resources can be tagged: Image builders, images, fleets, and stacks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_ListTagsForResource.html" + }, + "StartAppBlockBuilder": { + "privilege": "StartAppBlockBuilder", + "description": "Grants permission to start the specified app block builder", + "access_level": "Write", + "resource_types": { + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StartAppBlockBuilder.html" + }, + "StartFleet": { + "privilege": "StartFleet", + "description": "Grants permission to start the specified fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StartFleet.html" + }, + "StartImageBuilder": { + "privilege": "StartImageBuilder", + "description": "Grants permission to start the specified image builder", + "access_level": "Write", + "resource_types": { + "image-builder": { + "resource_type": "image-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-builder": "image-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StartImageBuilder.html" + }, + "StopAppBlockBuilder": { + "privilege": "StopAppBlockBuilder", + "description": "Grants permission to stop the specified app block builder", + "access_level": "Write", + "resource_types": { + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StopAppBlockBuilder.html" + }, + "StopFleet": { + "privilege": "StopFleet", + "description": "Grants permission to stop the specified fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StopFleet.html" + }, + "StopImageBuilder": { + "privilege": "StopImageBuilder", + "description": "Grants permission to stop the specified image builder", + "access_level": "Write", + "resource_types": { + "image-builder": { + "resource_type": "image-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-builder": "image-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_StopImageBuilder.html" + }, + "Stream": { + "privilege": "Stream", + "description": "Grants permission to federated users to sign in by using their existing credentials and stream applications from the specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "appstream:userId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/developerguide/external-identity-providers-setting-up-saml.html#external-identity-providers-embed-inline-policy-for-IAM-role" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or overwrite one or more tags for the specified AppStream 2.0 resource. The following resources can be tagged: Image builders, images, fleets, stacks, app blocks and applications", + "access_level": "Tagging", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-block-builder": { + "resource_type": "app-block-builder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "image-builder": { + "resource_type": "image-builder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block", + "app-block-builder": "app-block-builder", + "application": "application", + "fleet": "fleet", + "image": "image", + "image-builder": "image-builder", + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to disassociate one or more tags from the specified AppStream 2.0 resource", + "access_level": "Tagging", + "resource_types": { + "app-block": { + "resource_type": "app-block", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-block-builder": { + "resource_type": "app-block-builder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "image-builder": { + "resource_type": "image-builder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block": "app-block", + "app-block-builder": "app-block-builder", + "application": "application", + "fleet": "fleet", + "image": "image", + "image-builder": "image-builder", + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UntagResource.html" + }, + "UpdateAppBlockBuilder": { + "privilege": "UpdateAppBlockBuilder", + "description": "Grants permission to update a specific app block builder. An app block builder is a virtual machine that is used to create an app block", + "access_level": "Write", + "resource_types": { + "app-block-builder": { + "resource_type": "app-block-builder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-block-builder": "app-block-builder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateAppBlockBuilder.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update the specified fields for the specified application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-block": { + "resource_type": "app-block", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "app-block": "app-block", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateApplication.html" + }, + "UpdateDirectoryConfig": { + "privilege": "UpdateDirectoryConfig", + "description": "Grants permission to update the specified Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateDirectoryConfig.html" + }, + "UpdateEntitlement": { + "privilege": "UpdateEntitlement", + "description": "Grants permission to update the specified fields for the specified entitlement", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateEntitlement.html" + }, + "UpdateFleet": { + "privilege": "UpdateFleet", + "description": "Grants permission to update the specified fleet. All attributes except the fleet name can be updated when the fleet is in the STOPPED state", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateFleet.html" + }, + "UpdateImagePermissions": { + "privilege": "UpdateImagePermissions", + "description": "Grants permission to add or update permissions for the specified private image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateImagePermissions.html" + }, + "UpdateStack": { + "privilege": "UpdateStack", + "description": "Grants permission to update the specified fields for the specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appstream2/latest/APIReference/API_UpdateStack.html" + } + }, + "privileges_lower_name": { + "associateappblockbuilderappblock": "AssociateAppBlockBuilderAppBlock", + "associateapplicationfleet": "AssociateApplicationFleet", + "associateapplicationtoentitlement": "AssociateApplicationToEntitlement", + "associatefleet": "AssociateFleet", + "batchassociateuserstack": "BatchAssociateUserStack", + "batchdisassociateuserstack": "BatchDisassociateUserStack", + "copyimage": "CopyImage", + "createappblock": "CreateAppBlock", + "createappblockbuilder": "CreateAppBlockBuilder", + "createappblockbuilderstreamingurl": "CreateAppBlockBuilderStreamingURL", + "createapplication": "CreateApplication", + "createdirectoryconfig": "CreateDirectoryConfig", + "createentitlement": "CreateEntitlement", + "createfleet": "CreateFleet", + "createimagebuilder": "CreateImageBuilder", + "createimagebuilderstreamingurl": "CreateImageBuilderStreamingURL", + "createstack": "CreateStack", + "createstreamingurl": "CreateStreamingURL", + "createupdatedimage": "CreateUpdatedImage", + "createusagereportsubscription": "CreateUsageReportSubscription", + "createuser": "CreateUser", + "deleteappblock": "DeleteAppBlock", + "deleteappblockbuilder": "DeleteAppBlockBuilder", + "deleteapplication": "DeleteApplication", + "deletedirectoryconfig": "DeleteDirectoryConfig", + "deleteentitlement": "DeleteEntitlement", + "deletefleet": "DeleteFleet", + "deleteimage": "DeleteImage", + "deleteimagebuilder": "DeleteImageBuilder", + "deleteimagepermissions": "DeleteImagePermissions", + "deletestack": "DeleteStack", + "deleteusagereportsubscription": "DeleteUsageReportSubscription", + "deleteuser": "DeleteUser", + "describeappblockbuilderappblockassociations": "DescribeAppBlockBuilderAppBlockAssociations", + "describeappblockbuilders": "DescribeAppBlockBuilders", + "describeappblocks": "DescribeAppBlocks", + "describeapplicationfleetassociations": "DescribeApplicationFleetAssociations", + "describeapplications": "DescribeApplications", + "describedirectoryconfigs": "DescribeDirectoryConfigs", + "describeentitlements": "DescribeEntitlements", + "describefleets": "DescribeFleets", + "describeimagebuilders": "DescribeImageBuilders", + "describeimagepermissions": "DescribeImagePermissions", + "describeimages": "DescribeImages", + "describesessions": "DescribeSessions", + "describestacks": "DescribeStacks", + "describeusagereportsubscriptions": "DescribeUsageReportSubscriptions", + "describeuserstackassociations": "DescribeUserStackAssociations", + "describeusers": "DescribeUsers", + "disableuser": "DisableUser", + "disassociateappblockbuilderappblock": "DisassociateAppBlockBuilderAppBlock", + "disassociateapplicationfleet": "DisassociateApplicationFleet", + "disassociateapplicationfromentitlement": "DisassociateApplicationFromEntitlement", + "disassociatefleet": "DisassociateFleet", + "enableuser": "EnableUser", + "expiresession": "ExpireSession", + "listassociatedfleets": "ListAssociatedFleets", + "listassociatedstacks": "ListAssociatedStacks", + "listentitledapplications": "ListEntitledApplications", + "listtagsforresource": "ListTagsForResource", + "startappblockbuilder": "StartAppBlockBuilder", + "startfleet": "StartFleet", + "startimagebuilder": "StartImageBuilder", + "stopappblockbuilder": "StopAppBlockBuilder", + "stopfleet": "StopFleet", + "stopimagebuilder": "StopImageBuilder", + "stream": "Stream", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateappblockbuilder": "UpdateAppBlockBuilder", + "updateapplication": "UpdateApplication", + "updatedirectoryconfig": "UpdateDirectoryConfig", + "updateentitlement": "UpdateEntitlement", + "updatefleet": "UpdateFleet", + "updateimagepermissions": "UpdateImagePermissions", + "updatestack": "UpdateStack" + }, + "resources": { + "fleet": { + "resource": "fleet", + "arn": "arn:${Partition}:appstream:${Region}:${Account}:fleet/${FleetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "image": { + "resource": "image", + "arn": "arn:${Partition}:appstream:${Region}:${Account}:image/${ImageName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "image-builder": { + "resource": "image-builder", + "arn": "arn:${Partition}:appstream:${Region}:${Account}:image-builder/${ImageBuilderName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stack": { + "resource": "stack", + "arn": "arn:${Partition}:appstream:${Region}:${Account}:stack/${StackName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "app-block": { + "resource": "app-block", + "arn": "arn:${Partition}:appstream:${Region}:${Account}:app-block/${AppBlockName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "application": { + "resource": "application", + "arn": "arn:${Partition}:appstream:${Region}:${Account}:application/${ApplicationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "app-block-builder": { + "resource": "app-block-builder", + "arn": "arn:${Partition}:appstream:${Region}:${Account}:app-block-builder/${AppBlockBuilderName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "fleet": "fleet", + "image": "image", + "image-builder": "image-builder", + "stack": "stack", + "app-block": "app-block", + "application": "application", + "app-block-builder": "app-block-builder" + }, + "conditions": { + "appstream:userId": { + "condition": "appstream:userId", + "description": "Filters access by the ID of the AppStream 2.0 user", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "athena": { + "service_name": "Amazon Athena", + "prefix": "athena", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonathena.html", + "privileges": { + "BatchGetNamedQuery": { + "privilege": "BatchGetNamedQuery", + "description": "Grants permission to get information about one or more named queries", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_BatchGetNamedQuery.html" + }, + "BatchGetPreparedStatement": { + "privilege": "BatchGetPreparedStatement", + "description": "Grants permission to get information about one or more prepared statements", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_BatchGetPreparedStatement.html" + }, + "BatchGetQueryExecution": { + "privilege": "BatchGetQueryExecution", + "description": "Grants permission to get information about one or more query executions", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_BatchGetQueryExecution.html" + }, + "CancelCapacityReservation": { + "privilege": "CancelCapacityReservation", + "description": "Grants permission to cancel a capacity reservation", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CancelCapacityReservation.html" + }, + "CreateCapacityReservation": { + "privilege": "CreateCapacityReservation", + "description": "Grants permission to create a capacity reservation", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateCapacityReservation.html" + }, + "CreateDataCatalog": { + "privilege": "CreateDataCatalog", + "description": "Grants permission to create a datacatalog", + "access_level": "Write", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateDataCatalog.html" + }, + "CreateNamedQuery": { + "privilege": "CreateNamedQuery", + "description": "Grants permission to create a named query", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateNamedQuery.html" + }, + "CreateNotebook": { + "privilege": "CreateNotebook", + "description": "Grants permission to create a notebook", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateNotebook.html" + }, + "CreatePreparedStatement": { + "privilege": "CreatePreparedStatement", + "description": "Grants permission to create a prepared statement", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreatePreparedStatement.html" + }, + "CreatePresignedNotebookUrl": { + "privilege": "CreatePresignedNotebookUrl", + "description": "Grants permission to create a presigned notebook url", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreatePresignedNotebookUrl.html" + }, + "CreateWorkGroup": { + "privilege": "CreateWorkGroup", + "description": "Grants permission to create a workgroup", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_CreateWorkGroup.html" + }, + "DeleteCapacityReservation": { + "privilege": "DeleteCapacityReservation", + "description": "Grants permission to delete a capacity reservation", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteCapacityReservation.html" + }, + "DeleteDataCatalog": { + "privilege": "DeleteDataCatalog", + "description": "Grants permission to delete a datacatalog", + "access_level": "Write", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteDataCatalog.html" + }, + "DeleteNamedQuery": { + "privilege": "DeleteNamedQuery", + "description": "Grants permission to delete a named query specified", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteNamedQuery.html" + }, + "DeleteNotebook": { + "privilege": "DeleteNotebook", + "description": "Grants permission to delete a notebook", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteNotebook.html" + }, + "DeletePreparedStatement": { + "privilege": "DeletePreparedStatement", + "description": "Grants permission to delete a prepared statement specified", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeletePreparedStatement.html" + }, + "DeleteWorkGroup": { + "privilege": "DeleteWorkGroup", + "description": "Grants permission to delete a workgroup", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_DeleteWorkGroup.html" + }, + "ExportNotebook": { + "privilege": "ExportNotebook", + "description": "Grants permission to export a notebook", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ExportNotebook.html" + }, + "GetCalculationExecution": { + "privilege": "GetCalculationExecution", + "description": "Grants permission to get a calculation execution", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCalculationExecution.html" + }, + "GetCalculationExecutionCode": { + "privilege": "GetCalculationExecutionCode", + "description": "Grants permission to get a calculation execution code", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCalculationExecutionCode.html" + }, + "GetCalculationExecutionStatus": { + "privilege": "GetCalculationExecutionStatus", + "description": "Grants permission to get a calculation execution status", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCalculationExecutionStatus.html" + }, + "GetCapacityAssignmentConfiguration": { + "privilege": "GetCapacityAssignmentConfiguration", + "description": "Grants permission to get capacity assignment information for a capacity reservation", + "access_level": "Read", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCapacityAssignmentConfiguration.html" + }, + "GetCapacityReservation": { + "privilege": "GetCapacityReservation", + "description": "Grants permission to get a capacity reservation", + "access_level": "Read", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetCapacityReservation.html" + }, + "GetDataCatalog": { + "privilege": "GetDataCatalog", + "description": "Grants permission to get a datacatalog", + "access_level": "Read", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetDataCatalog.html" + }, + "GetDatabase": { + "privilege": "GetDatabase", + "description": "Grants permission to get a database for a given datacatalog", + "access_level": "Read", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetDatabase.html" + }, + "GetNamedQuery": { + "privilege": "GetNamedQuery", + "description": "Grants permission to get information about the specified named query", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetNamedQuery.html" + }, + "GetNotebookMetadata": { + "privilege": "GetNotebookMetadata", + "description": "Grants permission to get notebook metadata", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetNotebookMetadata.html" + }, + "GetPreparedStatement": { + "privilege": "GetPreparedStatement", + "description": "Grants permission to get information about the specified prepared statement", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetPreparedStatement.html" + }, + "GetQueryExecution": { + "privilege": "GetQueryExecution", + "description": "Grants permission to get information about the specified query execution", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetQueryExecution.html" + }, + "GetQueryResults": { + "privilege": "GetQueryResults", + "description": "Grants permission to get the query results", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetQueryResults.html" + }, + "GetQueryResultsStream": { + "privilege": "GetQueryResultsStream", + "description": "Grants permission to get the query results stream", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/ug/connect-with-previous-jdbc.html#jdbc-prev-version-policies" + }, + "GetQueryRuntimeStatistics": { + "privilege": "GetQueryRuntimeStatistics", + "description": "Grants permission to get runtime statistics for the specified query execution", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetQueryRuntimeStatistics.html" + }, + "GetSession": { + "privilege": "GetSession", + "description": "Grants permission to get a session", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetSession.html" + }, + "GetSessionStatus": { + "privilege": "GetSessionStatus", + "description": "Grants permission to get a session status", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetSessionStatus.html" + }, + "GetTableMetadata": { + "privilege": "GetTableMetadata", + "description": "Grants permission to get a metadata about a table for a given datacatalog", + "access_level": "Read", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetTableMetadata.html" + }, + "GetWorkGroup": { + "privilege": "GetWorkGroup", + "description": "Grants permission to get a workgroup", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_GetWorkGroup.html" + }, + "ImportNotebook": { + "privilege": "ImportNotebook", + "description": "Grants permission to import a notebook", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ImportNotebook.html" + }, + "ListApplicationDPUSizes": { + "privilege": "ListApplicationDPUSizes", + "description": "Grants permission to return a list of ApplicationRuntimeIds", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListApplicationDPUSizes.html" + }, + "ListCalculationExecutions": { + "privilege": "ListCalculationExecutions", + "description": "Grants permission to return a list of calculation executions", + "access_level": "List", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListCalculationExecutions.html" + }, + "ListCapacityReservations": { + "privilege": "ListCapacityReservations", + "description": "Grants permission to return a list of capacity reservations for the specified AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListCapacityReservations.html" + }, + "ListDataCatalogs": { + "privilege": "ListDataCatalogs", + "description": "Grants permission to return a list of datacatalogs for the specified AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListDataCatalogs.html" + }, + "ListDatabases": { + "privilege": "ListDatabases", + "description": "Grants permission to return a list of databases for a given datacatalog", + "access_level": "List", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListDatabases.html" + }, + "ListEngineVersions": { + "privilege": "ListEngineVersions", + "description": "Grants permission to return a list of athena engine versions for the specified AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListEngineVersions.html" + }, + "ListExecutors": { + "privilege": "ListExecutors", + "description": "Grants permission to return a list of executors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListExecutors.html" + }, + "ListNamedQueries": { + "privilege": "ListNamedQueries", + "description": "Grants permission to return a list of named queries in Amazon Athena for the specified AWS account", + "access_level": "List", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListNamedQueries.html" + }, + "ListNotebookMetadata": { + "privilege": "ListNotebookMetadata", + "description": "Grants permission to return a list of notebooks for a given workgroup", + "access_level": "List", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListNotebookMetadata.html" + }, + "ListNotebookSessions": { + "privilege": "ListNotebookSessions", + "description": "Grants permission to return a list of sessions for a given notebook", + "access_level": "List", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListNotebookSessions.html" + }, + "ListPreparedStatements": { + "privilege": "ListPreparedStatements", + "description": "Grants permission to return a list of prepared statements for the specified workgroup", + "access_level": "List", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListPreparedStatements.html" + }, + "ListQueryExecutions": { + "privilege": "ListQueryExecutions", + "description": "Grants permission to return a list of query executions for the specified AWS account", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListQueryExecutions.html" + }, + "ListSessions": { + "privilege": "ListSessions", + "description": "Grants permission to return a list of sessions for a given workgroup", + "access_level": "List", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListSessions.html" + }, + "ListTableMetadata": { + "privilege": "ListTableMetadata", + "description": "Grants permission to return a list of table metadata in a database for a given datacatalog", + "access_level": "Read", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListTableMetadata.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return a list of tags for a resource", + "access_level": "Read", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "datacatalog": "datacatalog", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListTagsForResource.html" + }, + "ListWorkGroups": { + "privilege": "ListWorkGroups", + "description": "Grants permission to return a list of workgroups for the specified AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_ListWorkGroups.html" + }, + "PutCapacityAssignmentConfiguration": { + "privilege": "PutCapacityAssignmentConfiguration", + "description": "Grants permission to assign capacity from a capacity reservation to queries", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_PutCapacityAssignmentConfiguration.html" + }, + "StartCalculationExecution": { + "privilege": "StartCalculationExecution", + "description": "Grants permission to start a calculation execution", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StartCalculationExecution.html" + }, + "StartQueryExecution": { + "privilege": "StartQueryExecution", + "description": "Grants permission to start a query execution using an SQL query provided as a string", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StartQueryExecution.html" + }, + "StartSession": { + "privilege": "StartSession", + "description": "Grants permission to start a session", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StartSession.html" + }, + "StopCalculationExecution": { + "privilege": "StopCalculationExecution", + "description": "Grants permission to stop a calculation execution", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StopCalculationExecution.html" + }, + "StopQueryExecution": { + "privilege": "StopQueryExecution", + "description": "Grants permission to stop the specified query execution", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_StopQueryExecution.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a tag to a resource", + "access_level": "Tagging", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "datacatalog": "datacatalog", + "workgroup": "workgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_TagResource.html" + }, + "TerminateSession": { + "privilege": "TerminateSession", + "description": "Grants permission to terminate a session", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_TerminateSession.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a resource", + "access_level": "Tagging", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "datacatalog": "datacatalog", + "workgroup": "workgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UntagResource.html" + }, + "UpdateCapacityReservation": { + "privilege": "UpdateCapacityReservation", + "description": "Grants permission to update a capacity reservation", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateCapacityReservation.html" + }, + "UpdateDataCatalog": { + "privilege": "UpdateDataCatalog", + "description": "Grants permission to update a datacatalog", + "access_level": "Write", + "resource_types": { + "datacatalog": { + "resource_type": "datacatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datacatalog": "datacatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateDataCatalog.html" + }, + "UpdateNamedQuery": { + "privilege": "UpdateNamedQuery", + "description": "Grants permission to update a named query specified", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateNamedQuery.html" + }, + "UpdateNotebook": { + "privilege": "UpdateNotebook", + "description": "Grants permission to update a notebook", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateNotebook.html" + }, + "UpdateNotebookMetadata": { + "privilege": "UpdateNotebookMetadata", + "description": "Grants permission to update notebook metadata", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateNotebookMetadata.html" + }, + "UpdatePreparedStatement": { + "privilege": "UpdatePreparedStatement", + "description": "Grants permission to update a prepared statement", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdatePreparedStatement.html" + }, + "UpdateWorkGroup": { + "privilege": "UpdateWorkGroup", + "description": "Grants permission to update a workgroup", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/athena/latest/APIReference/API_UpdateWorkGroup.html" + } + }, + "privileges_lower_name": { + "batchgetnamedquery": "BatchGetNamedQuery", + "batchgetpreparedstatement": "BatchGetPreparedStatement", + "batchgetqueryexecution": "BatchGetQueryExecution", + "cancelcapacityreservation": "CancelCapacityReservation", + "createcapacityreservation": "CreateCapacityReservation", + "createdatacatalog": "CreateDataCatalog", + "createnamedquery": "CreateNamedQuery", + "createnotebook": "CreateNotebook", + "createpreparedstatement": "CreatePreparedStatement", + "createpresignednotebookurl": "CreatePresignedNotebookUrl", + "createworkgroup": "CreateWorkGroup", + "deletecapacityreservation": "DeleteCapacityReservation", + "deletedatacatalog": "DeleteDataCatalog", + "deletenamedquery": "DeleteNamedQuery", + "deletenotebook": "DeleteNotebook", + "deletepreparedstatement": "DeletePreparedStatement", + "deleteworkgroup": "DeleteWorkGroup", + "exportnotebook": "ExportNotebook", + "getcalculationexecution": "GetCalculationExecution", + "getcalculationexecutioncode": "GetCalculationExecutionCode", + "getcalculationexecutionstatus": "GetCalculationExecutionStatus", + "getcapacityassignmentconfiguration": "GetCapacityAssignmentConfiguration", + "getcapacityreservation": "GetCapacityReservation", + "getdatacatalog": "GetDataCatalog", + "getdatabase": "GetDatabase", + "getnamedquery": "GetNamedQuery", + "getnotebookmetadata": "GetNotebookMetadata", + "getpreparedstatement": "GetPreparedStatement", + "getqueryexecution": "GetQueryExecution", + "getqueryresults": "GetQueryResults", + "getqueryresultsstream": "GetQueryResultsStream", + "getqueryruntimestatistics": "GetQueryRuntimeStatistics", + "getsession": "GetSession", + "getsessionstatus": "GetSessionStatus", + "gettablemetadata": "GetTableMetadata", + "getworkgroup": "GetWorkGroup", + "importnotebook": "ImportNotebook", + "listapplicationdpusizes": "ListApplicationDPUSizes", + "listcalculationexecutions": "ListCalculationExecutions", + "listcapacityreservations": "ListCapacityReservations", + "listdatacatalogs": "ListDataCatalogs", + "listdatabases": "ListDatabases", + "listengineversions": "ListEngineVersions", + "listexecutors": "ListExecutors", + "listnamedqueries": "ListNamedQueries", + "listnotebookmetadata": "ListNotebookMetadata", + "listnotebooksessions": "ListNotebookSessions", + "listpreparedstatements": "ListPreparedStatements", + "listqueryexecutions": "ListQueryExecutions", + "listsessions": "ListSessions", + "listtablemetadata": "ListTableMetadata", + "listtagsforresource": "ListTagsForResource", + "listworkgroups": "ListWorkGroups", + "putcapacityassignmentconfiguration": "PutCapacityAssignmentConfiguration", + "startcalculationexecution": "StartCalculationExecution", + "startqueryexecution": "StartQueryExecution", + "startsession": "StartSession", + "stopcalculationexecution": "StopCalculationExecution", + "stopqueryexecution": "StopQueryExecution", + "tagresource": "TagResource", + "terminatesession": "TerminateSession", + "untagresource": "UntagResource", + "updatecapacityreservation": "UpdateCapacityReservation", + "updatedatacatalog": "UpdateDataCatalog", + "updatenamedquery": "UpdateNamedQuery", + "updatenotebook": "UpdateNotebook", + "updatenotebookmetadata": "UpdateNotebookMetadata", + "updatepreparedstatement": "UpdatePreparedStatement", + "updateworkgroup": "UpdateWorkGroup" + }, + "resources": { + "datacatalog": { + "resource": "datacatalog", + "arn": "arn:${Partition}:athena:${Region}:${Account}:datacatalog/${DataCatalogName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workgroup": { + "resource": "workgroup", + "arn": "arn:${Partition}:athena:${Region}:${Account}:workgroup/${WorkGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "capacity-reservation": { + "resource": "capacity-reservation", + "arn": "arn:${Partition}:athena:${Region}:${Account}:capacity-reservation/${CapacityReservationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "datacatalog": "datacatalog", + "workgroup": "workgroup", + "capacity-reservation": "capacity-reservation" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "bedrock": { + "service_name": "Amazon Bedrock", + "prefix": "bedrock", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonbedrock.html", + "privileges": { + "CreateModelCustomizationJob": { + "privilege": "CreateModelCustomizationJob", + "description": "Grants permission to create a job for customizing the model with your custom training data", + "access_level": "Write", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "foundation-model": { + "resource_type": "foundation-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "model-customization-job": { + "resource_type": "model-customization-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model", + "foundation-model": "foundation-model", + "model-customization-job": "model-customization-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_CreateModelCustomizationJob.html" + }, + "DeleteCustomModel": { + "privilege": "DeleteCustomModel", + "description": "Grants permission to delete a custom model that you created earlier", + "access_level": "Write", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_DeleteCustomModel.html" + }, + "DeletePrompt": { + "privilege": "DeletePrompt", + "description": "Grants permission to delete a saved prompt", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_DeletePrompt.html" + }, + "GetCustomModel": { + "privilege": "GetCustomModel", + "description": "Grants permission to get the properties associated with a Bedrock custom model that you have created", + "access_level": "Read", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_GetCustomModel.html" + }, + "GetModelCustomizationJob": { + "privilege": "GetModelCustomizationJob", + "description": "Grants permission to get the properties associated with a model-customization job. Use this operation to get the status of a model-customization job", + "access_level": "Read", + "resource_types": { + "model-customization-job": { + "resource_type": "model-customization-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-customization-job": "model-customization-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_GetModelCustomizationJob.html" + }, + "GetPrompt": { + "privilege": "GetPrompt", + "description": "Grants permission to get a saved prompt", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_GetPrompt.html" + }, + "InvokeModel": { + "privilege": "InvokeModel", + "description": "Grants permission to invoke the specified Bedrock model to run inference using the input provided in the request body", + "access_level": "Write", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "foundation-model": { + "resource_type": "foundation-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model", + "foundation-model": "foundation-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_InvokeModel.html" + }, + "InvokeModelWithResponseStream": { + "privilege": "InvokeModelWithResponseStream", + "description": "Grants permission to invoke the specified Bedrock model to run inference using the input provided in the request body with streaming response", + "access_level": "Write", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "foundation-model": { + "resource_type": "foundation-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model", + "foundation-model": "foundation-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_InvokeModelWithResponseStream.html" + }, + "ListCustomModels": { + "privilege": "ListCustomModels", + "description": "Grants permission to get a list of Bedrock custom models that you have created", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_ListCustomModels.html" + }, + "ListFoundationModels": { + "privilege": "ListFoundationModels", + "description": "Grants permission to list Bedrock foundation models that you can use", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_ListFoundationModels.html" + }, + "ListModelCustomizationJobs": { + "privilege": "ListModelCustomizationJobs", + "description": "Grants permission to get the list of model customization jobs that you have submitted", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_ListModelCustomizationJobs.html" + }, + "ListPrompts": { + "privilege": "ListPrompts", + "description": "Grants permission to lists all prompts saved to a playground", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_ListPrompts.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a Bedrock resource", + "access_level": "List", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "model-customization-job": { + "resource_type": "model-customization-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model", + "model-customization-job": "model-customization-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_ListTagsForResource.html" + }, + "StopModelCustomizationJob": { + "privilege": "StopModelCustomizationJob", + "description": "Grants permission to stop a Bedrock model customization job while in progress", + "access_level": "Write", + "resource_types": { + "model-customization-job": { + "resource_type": "model-customization-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-customization-job": "model-customization-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_StopModelCustomizationJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to Tag a Bedrock resource", + "access_level": "Tagging", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model-customization-job": { + "resource_type": "model-customization-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model", + "model-customization-job": "model-customization-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to Untag a Bedrock resource", + "access_level": "Tagging", + "resource_types": { + "custom-model": { + "resource_type": "custom-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model-customization-job": { + "resource_type": "model-customization-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-model": "custom-model", + "model-customization-job": "model-customization-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_UntagResource.html" + }, + "UpdatePrompt": { + "privilege": "UpdatePrompt", + "description": "Grants permission to updates a saved prompt", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/bedrock/latest/APIReference/API_UpdatePrompt.html" + } + }, + "privileges_lower_name": { + "createmodelcustomizationjob": "CreateModelCustomizationJob", + "deletecustommodel": "DeleteCustomModel", + "deleteprompt": "DeletePrompt", + "getcustommodel": "GetCustomModel", + "getmodelcustomizationjob": "GetModelCustomizationJob", + "getprompt": "GetPrompt", + "invokemodel": "InvokeModel", + "invokemodelwithresponsestream": "InvokeModelWithResponseStream", + "listcustommodels": "ListCustomModels", + "listfoundationmodels": "ListFoundationModels", + "listmodelcustomizationjobs": "ListModelCustomizationJobs", + "listprompts": "ListPrompts", + "listtagsforresource": "ListTagsForResource", + "stopmodelcustomizationjob": "StopModelCustomizationJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateprompt": "UpdatePrompt" + }, + "resources": { + "foundation-model": { + "resource": "foundation-model", + "arn": "arn:${Partition}:bedrock:${Region}::foundation-model/${ResourceId}", + "condition_keys": [] + }, + "custom-model": { + "resource": "custom-model", + "arn": "arn:${Partition}:bedrock:${Region}:${Account}:custom-model/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "model-customization-job": { + "resource": "model-customization-job", + "arn": "arn:${Partition}:bedrock:${Region}:${Account}:model-customization-job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "foundation-model": "foundation-model", + "custom-model": "custom-model", + "model-customization-job": "model-customization-job" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by creating requests based on the allowed set of values for each of the mandatory tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by having actions based on the tag value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by creating requests based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "braket": { + "service_name": "Amazon Braket", + "prefix": "braket", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonbraket.html", + "privileges": { + "CancelJob": { + "privilege": "CancelJob", + "description": "Grants permission to cancel a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CancelJob.html" + }, + "CancelQuantumTask": { + "privilege": "CancelQuantumTask", + "description": "Grants permission to cancel a quantum task", + "access_level": "Write", + "resource_types": { + "quantum-task": { + "resource_type": "quantum-task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quantum-task": "quantum-task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CancelQuantumTask.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Grants permission to create a job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CreateJob.html" + }, + "CreateQuantumTask": { + "privilege": "CreateQuantumTask", + "description": "Grants permission to create a quantum task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_CreateQuantumTask.html" + }, + "GetDevice": { + "privilege": "GetDevice", + "description": "Grants permission to retrieve information about the devices available in Amazon Braket", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_GetDevice.html" + }, + "GetJob": { + "privilege": "GetJob", + "description": "Grants permission to retrieve jobs", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_Job.html" + }, + "GetQuantumTask": { + "privilege": "GetQuantumTask", + "description": "Grants permission to retrieve quantum tasks", + "access_level": "Read", + "resource_types": { + "quantum-task": { + "resource_type": "quantum-task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quantum-task": "quantum-task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_GetQuantumTask.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to listing the tags that have been applied to the quantum task resource or the job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "quantum-task": { + "resource_type": "quantum-task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "quantum-task": "quantum-task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_ListTagsForResource.html" + }, + "SearchDevices": { + "privilege": "SearchDevices", + "description": "Grants permission to search for devices available in Amazon Braket", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_SearchDevices.html" + }, + "SearchJobs": { + "privilege": "SearchJobs", + "description": "Grants permission to search for jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_SearchJob.html" + }, + "SearchQuantumTasks": { + "privilege": "SearchQuantumTasks", + "description": "Grants permission to search for quantum tasks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_SearchQuantumTasks.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a quantum task", + "access_level": "Tagging", + "resource_types": { + "quantum-task": { + "resource_type": "quantum-task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quantum-task": "quantum-task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a quantum task resource or a job. A tag consists of a key-value pair", + "access_level": "Tagging", + "resource_types": { + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "quantum-task": { + "resource_type": "quantum-task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "quantum-task": "quantum-task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/braket/latest/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "canceljob": "CancelJob", + "cancelquantumtask": "CancelQuantumTask", + "createjob": "CreateJob", + "createquantumtask": "CreateQuantumTask", + "getdevice": "GetDevice", + "getjob": "GetJob", + "getquantumtask": "GetQuantumTask", + "listtagsforresource": "ListTagsForResource", + "searchdevices": "SearchDevices", + "searchjobs": "SearchJobs", + "searchquantumtasks": "SearchQuantumTasks", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "quantum-task": { + "resource": "quantum-task", + "arn": "arn:${Partition}:braket:${Region}:${Account}:quantum-task/${RandomId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "job": { + "resource": "job", + "arn": "arn:${Partition}:braket:${Region}:${Account}:job/${JobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "quantum-task": "quantum-task", + "job": "job" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "chime": { + "service_name": "Amazon Chime", + "prefix": "chime", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonchime.html", + "privileges": { + "AcceptDelegate": { + "privilege": "AcceptDelegate", + "description": "Grants permission to accept the delegate invitation to share management of an Amazon Chime account with another AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ActivateUsers": { + "privilege": "ActivateUsers", + "description": "Grants permission to activate users in an Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" + }, + "AddDomain": { + "privilege": "AddDomain", + "description": "Grants permission to add a domain to your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" + }, + "AddOrUpdateGroups": { + "privilege": "AddOrUpdateGroups", + "description": "Grants permission to add new or update existing Active Directory or Okta user groups associated with your Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-chime-account.html" + }, + "AssociateChannelFlow": { + "privilege": "AssociateChannelFlow", + "description": "Grants permission to associate a flow with a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel-flow": { + "resource_type": "channel-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel", + "channel-flow": "channel-flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_AssociateChannelFlow.html" + }, + "AssociatePhoneNumberWithUser": { + "privilege": "AssociatePhoneNumberWithUser", + "description": "Grants permission to associate a phone number with an Amazon Chime user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociatePhoneNumberWithUser.html" + }, + "AssociatePhoneNumbersWithVoiceConnector": { + "privilege": "AssociatePhoneNumbersWithVoiceConnector", + "description": "Grants permission to associate multiple phone numbers with an Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociatePhoneNumbersWithVoiceConnector.html" + }, + "AssociatePhoneNumbersWithVoiceConnectorGroup": { + "privilege": "AssociatePhoneNumbersWithVoiceConnectorGroup", + "description": "Grants permission to associate multiple phone numbers with an Amazon Chime Voice Connector Group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociatePhoneNumbersWithVoiceConnectorGroup.html" + }, + "AssociateSigninDelegateGroupsWithAccount": { + "privilege": "AssociateSigninDelegateGroupsWithAccount", + "description": "Grants permission to associate the specified sign-in delegate groups with the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_AssociateSigninDelegateGroupsWithAccount.html" + }, + "AuthorizeDirectory": { + "privilege": "AuthorizeDirectory", + "description": "Grants permission to authorize an Active Directory for your Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "BatchCreateAttendee": { + "privilege": "BatchCreateAttendee", + "description": "Grants permission to create new attendees for an active Amazon Chime SDK meeting", + "access_level": "Write", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchCreateAttendee.html" + }, + "BatchCreateChannelMembership": { + "privilege": "BatchCreateChannelMembership", + "description": "Grants permission to add multiple users and bots to a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_BatchCreateChannelMembership.html" + }, + "BatchCreateRoomMembership": { + "privilege": "BatchCreateRoomMembership", + "description": "Grants permission to batch add room members", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchCreateRoomMembership.html" + }, + "BatchDeletePhoneNumber": { + "privilege": "BatchDeletePhoneNumber", + "description": "Grants permission to move up to 50 phone numbers to the deletion queue", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchDeletePhoneNumber.html" + }, + "BatchSuspendUser": { + "privilege": "BatchSuspendUser", + "description": "Grants permission to suspend up to 50 users from a Team or EnterpriseLWA Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchSuspendUser.html" + }, + "BatchUnsuspendUser": { + "privilege": "BatchUnsuspendUser", + "description": "Grants permission to remove the suspension from up to 50 previously suspended users for the specified Amazon Chime EnterpriseLWA account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchUnsuspendUser.html" + }, + "BatchUpdateAttendeeCapabilitiesExcept": { + "privilege": "BatchUpdateAttendeeCapabilitiesExcept", + "description": "Grants permission to update AttendeeCapabilities except the capabilities listed in an ExcludedAttendeeIds table", + "access_level": "Write", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_meeting-chime_BatchUpdateAttendeeCapabilitiesExcept.html" + }, + "BatchUpdatePhoneNumber": { + "privilege": "BatchUpdatePhoneNumber", + "description": "Grants permission to update phone number details within the UpdatePhoneNumberRequestItem object for up to 50 phone numbers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchUpdatePhoneNumber.html" + }, + "BatchUpdateUser": { + "privilege": "BatchUpdateUser", + "description": "Grants permission to update user details within the UpdateUserRequestItem object for up to 20 users for the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_BatchUpdateUser.html" + }, + "ChannelFlowCallback": { + "privilege": "ChannelFlowCallback", + "description": "Grants permission to callback for a message on a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ChannelFlowCallback.html" + }, + "Connect": { + "privilege": "Connect", + "description": "Grants permission to establish a web socket connection for app instance user to the messaging session endpoint", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_Connect.html" + }, + "ConnectDirectory": { + "privilege": "ConnectDirectory", + "description": "Grants permission to connect an Active Directory to your Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ds:ConnectDirectory" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/active_directory.html" + }, + "CreateAccount": { + "privilege": "CreateAccount", + "description": "Grants permission to create an Amazon Chime account under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateAccount.html" + }, + "CreateApiKey": { + "privilege": "CreateApiKey", + "description": "Grants permission to create a new SCIM access key for your Amazon Chime account and Okta configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" + }, + "CreateAppInstance": { + "privilege": "CreateAppInstance", + "description": "Grants permission to create an app instance under the AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstance.html" + }, + "CreateAppInstanceAdmin": { + "privilege": "CreateAppInstanceAdmin", + "description": "Grants permission to promote a user or bot to an AppInstanceAdmin", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstanceAdmin.html" + }, + "CreateAppInstanceBot": { + "privilege": "CreateAppInstanceBot", + "description": "Grants permission to create a bot under an Amazon Chime AppInstance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstanceBot.html" + }, + "CreateAppInstanceUser": { + "privilege": "CreateAppInstanceUser", + "description": "Grants permission to create a user under an Amazon Chime AppInstance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_CreateAppInstanceUser.html" + }, + "CreateAttendee": { + "privilege": "CreateAttendee", + "description": "Grants permission to create a new attendee for an active Amazon Chime SDK meeting", + "access_level": "Write", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateAttendee.html" + }, + "CreateBot": { + "privilege": "CreateBot", + "description": "Grants permission to create a bot for an Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateBot.html" + }, + "CreateCDRBucket": { + "privilege": "CreateCDRBucket", + "description": "Grants permission to create a new Call Detail Record S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:CreateBucket", + "s3:ListAllMyBuckets" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" + }, + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Grants permission to create a channel for an app instance under the AWS account", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannel.html" + }, + "CreateChannelBan": { + "privilege": "CreateChannelBan", + "description": "Grants permission to ban a user or bot from a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelBan.html" + }, + "CreateChannelFlow": { + "privilege": "CreateChannelFlow", + "description": "Grants permission to create a channel flow for an app instance under the AWS account", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelFlow.html" + }, + "CreateChannelMembership": { + "privilege": "CreateChannelMembership", + "description": "Grants permission to add a user or bot to a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelMembership.html" + }, + "CreateChannelModerator": { + "privilege": "CreateChannelModerator", + "description": "Grants permission to create a channel moderator", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_CreateChannelModerator.html" + }, + "CreateMediaCapturePipeline": { + "privilege": "CreateMediaCapturePipeline", + "description": "Grants permission to create a media capture pipeline", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "s3:GetBucketPolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaCapturePipeline.html" + }, + "CreateMediaConcatenationPipeline": { + "privilege": "CreateMediaConcatenationPipeline", + "description": "Grants permission to create a media concatenation pipeline", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "s3:GetBucketPolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaConcatenationPipeline.html" + }, + "CreateMediaInsightsPipeline": { + "privilege": "CreateMediaInsightsPipeline", + "description": "Grants permission to create a media insights pipeline", + "access_level": "Write", + "resource_types": { + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "chime:TagResource", + "kinesisvideo:DescribeStream" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaInsightsPipeline.html" + }, + "CreateMediaInsightsPipelineConfiguration": { + "privilege": "CreateMediaInsightsPipelineConfiguration", + "description": "Grants permission to create a media insights pipeline configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "chime:TagResource", + "iam:PassRole", + "kinesis:DescribeStream", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaInsightsPipelineConfiguration.html" + }, + "CreateMediaLiveConnectorPipeline": { + "privilege": "CreateMediaLiveConnectorPipeline", + "description": "Grants permission to create a media live connector pipeline", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_CreateMediaLiveConnectorPipeline.html" + }, + "CreateMeeting": { + "privilege": "CreateMeeting", + "description": "Grants permission to create a new Amazon Chime SDK meeting in the specified media Region, with no initial attendees", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateMeeting.html" + }, + "CreateMeetingDialOut": { + "privilege": "CreateMeetingDialOut", + "description": "Grants permission to call a phone number to join the specified Amazon Chime SDK meeting", + "access_level": "Write", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateMeetingDialOut.html" + }, + "CreateMeetingWithAttendees": { + "privilege": "CreateMeetingWithAttendees", + "description": "Grants permission to create a new Amazon Chime SDK meeting in the specified media Region, with a set of attendees", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateMeetingWithAttendees.html" + }, + "CreatePhoneNumberOrder": { + "privilege": "CreatePhoneNumberOrder", + "description": "Grants permission to create a phone number order with the Carriers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreatePhoneNumberOrder.html" + }, + "CreateProxySession": { + "privilege": "CreateProxySession", + "description": "Grants permission to create a proxy session for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateProxySession.html" + }, + "CreateRoom": { + "privilege": "CreateRoom", + "description": "Grants permission to create a room", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateRoom.html" + }, + "CreateRoomMembership": { + "privilege": "CreateRoomMembership", + "description": "Grants permission to add a room member", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateRoomMembership.html" + }, + "CreateSipMediaApplication": { + "privilege": "CreateSipMediaApplication", + "description": "Grants permission to create an Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateSipMediaApplication.html" + }, + "CreateSipMediaApplicationCall": { + "privilege": "CreateSipMediaApplicationCall", + "description": "Grants permission to create outbound call for Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateSipMediaApplicationCall.html" + }, + "CreateSipRule": { + "privilege": "CreateSipRule", + "description": "Grants permission to create an Amazon Chime SIP rule under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateSipRule.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user under the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateUser.html" + }, + "CreateVoiceConnector": { + "privilege": "CreateVoiceConnector", + "description": "Grants permission to create a Amazon Chime Voice Connector under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateVoiceConnector.html" + }, + "CreateVoiceConnectorGroup": { + "privilege": "CreateVoiceConnectorGroup", + "description": "Grants permission to create a Amazon Chime Voice Connector Group under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_CreateVoiceConnectorGroup.html" + }, + "CreateVoiceProfile": { + "privilege": "CreateVoiceProfile", + "description": "Grants permission to create a voice profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_CreateVoiceProfile.html" + }, + "CreateVoiceProfileDomain": { + "privilege": "CreateVoiceProfileDomain", + "description": "Grants permission to create a voice profile domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "chime:TagResource", + "kms:CreateGrant", + "kms:DescribeKey" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_CreateVoiceProfileDomain.html" + }, + "DeleteAccount": { + "privilege": "DeleteAccount", + "description": "Grants permission to delete the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteAccount.html" + }, + "DeleteAccountOpenIdConfig": { + "privilege": "DeleteAccountOpenIdConfig", + "description": "Grants permission to delete the OpenIdConfig attributes from your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" + }, + "DeleteApiKey": { + "privilege": "DeleteApiKey", + "description": "Grants permission to delete the specified SCIM access key associated with your Amazon Chime account and Okta configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" + }, + "DeleteAppInstance": { + "privilege": "DeleteAppInstance", + "description": "Grants permission to delete an AppInstance", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstance.html" + }, + "DeleteAppInstanceAdmin": { + "privilege": "DeleteAppInstanceAdmin", + "description": "Grants permission to demote an AppInstanceAdmin to a user or bot", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstanceAdmin.html" + }, + "DeleteAppInstanceBot": { + "privilege": "DeleteAppInstanceBot", + "description": "Grants permission to delete an AppInstanceBot", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstanceBot.html" + }, + "DeleteAppInstanceStreamingConfigurations": { + "privilege": "DeleteAppInstanceStreamingConfigurations", + "description": "Grants permission to disable data streaming for the app instance", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_DeleteAppInstanceStreamingConfigurations.html" + }, + "DeleteAppInstanceUser": { + "privilege": "DeleteAppInstanceUser", + "description": "Grants permission to delete an AppInstanceUser", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeleteAppInstanceUser.html" + }, + "DeleteAttendee": { + "privilege": "DeleteAttendee", + "description": "Grants permission to delete the specified attendee from an Amazon Chime SDK meeting", + "access_level": "Write", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteAttendee.html" + }, + "DeleteCDRBucket": { + "privilege": "DeleteCDRBucket", + "description": "Grants permission to delete a Call Detail Record S3 bucket from your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:DeleteBucket" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Grants permission to delete a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannel.html" + }, + "DeleteChannelBan": { + "privilege": "DeleteChannelBan", + "description": "Grants permission to remove a user or bot from a channel's ban list", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelBan.html" + }, + "DeleteChannelFlow": { + "privilege": "DeleteChannelFlow", + "description": "Grants permission to delete a channel flow", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelFlow.html" + }, + "DeleteChannelMembership": { + "privilege": "DeleteChannelMembership", + "description": "Grants permission to remove a member from a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelMembership.html" + }, + "DeleteChannelMessage": { + "privilege": "DeleteChannelMessage", + "description": "Grants permission to delete a channel message", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelMessage.html" + }, + "DeleteChannelModerator": { + "privilege": "DeleteChannelModerator", + "description": "Grants permission to delete a channel moderator", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteChannelModerator.html" + }, + "DeleteDelegate": { + "privilege": "DeleteDelegate", + "description": "Grants permission to delete delegated AWS account management from your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete a domain from your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" + }, + "DeleteEventsConfiguration": { + "privilege": "DeleteEventsConfiguration", + "description": "Grants permission to delete an events configuration for a bot to receive outgoing events", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteEventsConfiguration.html" + }, + "DeleteGroups": { + "privilege": "DeleteGroups", + "description": "Grants permission to delete Active Directory or Okta user groups from your Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "DeleteMediaCapturePipeline": { + "privilege": "DeleteMediaCapturePipeline", + "description": "Grants permission to delete a media capture pipeline", + "access_level": "Write", + "resource_types": { + "media-pipeline": { + "resource_type": "media-pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "media-pipeline": "media-pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_DeleteMediaCapturePipeline.html" + }, + "DeleteMediaInsightsPipelineConfiguration": { + "privilege": "DeleteMediaInsightsPipelineConfiguration", + "description": "Grants permission to delete a media insights pipeline configuration", + "access_level": "Write", + "resource_types": { + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "chime:ListVoiceConnectors" + ] + } + }, + "resource_types_lower_name": { + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_DeleteMediaInsightsPipelineConfiguration.html" + }, + "DeleteMediaPipeline": { + "privilege": "DeleteMediaPipeline", + "description": "Grants permission to delete a media pipeline", + "access_level": "Write", + "resource_types": { + "media-pipeline": { + "resource_type": "media-pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "media-pipeline": "media-pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_DeleteMediaPipeline.html" + }, + "DeleteMeeting": { + "privilege": "DeleteMeeting", + "description": "Grants permission to delete the specified Amazon Chime SDK meeting", + "access_level": "Write", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteMeeting.html" + }, + "DeleteMessagingStreamingConfigurations": { + "privilege": "DeleteMessagingStreamingConfigurations", + "description": "Grants permission to delete the data streaming configurations of an AppInstance", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DeleteMessagingStreamingConfigurations.html" + }, + "DeletePhoneNumber": { + "privilege": "DeletePhoneNumber", + "description": "Grants permission to move a phone number to the deletion queue", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeletePhoneNumber.html" + }, + "DeleteProxySession": { + "privilege": "DeleteProxySession", + "description": "Grants permission to delete a proxy session for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteProxySession.html" + }, + "DeleteRoom": { + "privilege": "DeleteRoom", + "description": "Grants permission to delete a room", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteRoom.html" + }, + "DeleteRoomMembership": { + "privilege": "DeleteRoomMembership", + "description": "Grants permission to remove a room member", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteRoomMembership.html" + }, + "DeleteSipMediaApplication": { + "privilege": "DeleteSipMediaApplication", + "description": "Grants permission to delete Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteSipMediaApplication.html" + }, + "DeleteSipRule": { + "privilege": "DeleteSipRule", + "description": "Grants permission to delete Amazon Chime SIP rule under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteSipRule.html" + }, + "DeleteVoiceConnector": { + "privilege": "DeleteVoiceConnector", + "description": "Grants permission to delete the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:CreateLogDelivery", + "logs:DeleteLogDelivery", + "logs:GetLogDelivery", + "logs:ListLogDeliveries" + ] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnector.html" + }, + "DeleteVoiceConnectorEmergencyCallingConfiguration": { + "privilege": "DeleteVoiceConnectorEmergencyCallingConfiguration", + "description": "Grants permission to delete emergency calling configuration for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorEmergencyCallingConfiguration.html" + }, + "DeleteVoiceConnectorGroup": { + "privilege": "DeleteVoiceConnectorGroup", + "description": "Grants permission to delete the specified Amazon Chime Voice Connector Group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorGroup.html" + }, + "DeleteVoiceConnectorOrigination": { + "privilege": "DeleteVoiceConnectorOrigination", + "description": "Grants permission to delete the origination settings for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorOrigination.html" + }, + "DeleteVoiceConnectorProxy": { + "privilege": "DeleteVoiceConnectorProxy", + "description": "Grants permission to delete proxy configuration for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorProxy.html" + }, + "DeleteVoiceConnectorStreamingConfiguration": { + "privilege": "DeleteVoiceConnectorStreamingConfiguration", + "description": "Grants permission to delete streaming configuration for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorStreamingConfiguration.html" + }, + "DeleteVoiceConnectorTermination": { + "privilege": "DeleteVoiceConnectorTermination", + "description": "Grants permission to delete the termination settings for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorTermination.html" + }, + "DeleteVoiceConnectorTerminationCredentials": { + "privilege": "DeleteVoiceConnectorTerminationCredentials", + "description": "Grants permission to delete SIP termination credentials for the specified Amazon Chime Voice Connector", + "access_level": "Permissions management", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DeleteVoiceConnectorTerminationCredentials.html" + }, + "DeleteVoiceProfile": { + "privilege": "DeleteVoiceProfile", + "description": "Grants permission to delete a voice profile", + "access_level": "Write", + "resource_types": { + "voice-profile": { + "resource_type": "voice-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-profile": "voice-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_DeleteVoiceProfile.html" + }, + "DeleteVoiceProfileDomain": { + "privilege": "DeleteVoiceProfileDomain", + "description": "Grants permission to delete a voice profile domain", + "access_level": "Write", + "resource_types": { + "voice-profile-domain": { + "resource_type": "voice-profile-domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-profile-domain": "voice-profile-domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_DeleteVoiceProfileDomain.html" + }, + "DeregisterAppInstanceUserEndpoint": { + "privilege": "DeregisterAppInstanceUserEndpoint", + "description": "Grants permission to deregister an endpoint for an app instance user", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DeregisterAppInstanceUserEndpoint.html" + }, + "DescribeAppInstance": { + "privilege": "DescribeAppInstance", + "description": "Grants permission to get the full details of an AppInstance", + "access_level": "Read", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstance.html" + }, + "DescribeAppInstanceAdmin": { + "privilege": "DescribeAppInstanceAdmin", + "description": "Grants permission to get the full details of an AppInstanceAdmin", + "access_level": "Read", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceAdmin.html" + }, + "DescribeAppInstanceBot": { + "privilege": "DescribeAppInstanceBot", + "description": "Grants permission to get the full details of an AppInstanceBot", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceBot.html" + }, + "DescribeAppInstanceUser": { + "privilege": "DescribeAppInstanceUser", + "description": "Grants permission to get the full details of an AppInstanceUser", + "access_level": "Read", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceUser.html" + }, + "DescribeAppInstanceUserEndpoint": { + "privilege": "DescribeAppInstanceUserEndpoint", + "description": "Grants permission to describe an endpoint registered for an app instance user", + "access_level": "Read", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_DescribeAppInstanceUserEndpoint.html" + }, + "DescribeChannel": { + "privilege": "DescribeChannel", + "description": "Grants permission to get the full details of a channel", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannel.html" + }, + "DescribeChannelBan": { + "privilege": "DescribeChannelBan", + "description": "Grants permission to get the full details of a channel ban", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelBan.html" + }, + "DescribeChannelFlow": { + "privilege": "DescribeChannelFlow", + "description": "Grants permission to get the full details of a channel flow", + "access_level": "Read", + "resource_types": { + "channel-flow": { + "resource_type": "channel-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel-flow": "channel-flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelFlow.html" + }, + "DescribeChannelMembership": { + "privilege": "DescribeChannelMembership", + "description": "Grants permission to get the full details of a channel membership", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelMembership.html" + }, + "DescribeChannelMembershipForAppInstanceUser": { + "privilege": "DescribeChannelMembershipForAppInstanceUser", + "description": "Grants permission to get the details of a channel based on the membership of the specified user or bot", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelMembershipForAppInstanceUser.html" + }, + "DescribeChannelModeratedByAppInstanceUser": { + "privilege": "DescribeChannelModeratedByAppInstanceUser", + "description": "Grants permission to get the full details of a channel moderated by the specified user or bot", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelModeratedByAppInstanceUser.html" + }, + "DescribeChannelModerator": { + "privilege": "DescribeChannelModerator", + "description": "Grants permission to get the full details of a single ChannelModerator", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DescribeChannelModerator.html" + }, + "DisassociateChannelFlow": { + "privilege": "DisassociateChannelFlow", + "description": "Grants permission to disassociate a flow from a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel-flow": { + "resource_type": "channel-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel", + "channel-flow": "channel-flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_DisassociateChannelFlow.html" + }, + "DisassociatePhoneNumberFromUser": { + "privilege": "DisassociatePhoneNumberFromUser", + "description": "Grants permission to disassociate the primary provisioned number from the specified Amazon Chime user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociatePhoneNumberFromUser.html" + }, + "DisassociatePhoneNumbersFromVoiceConnector": { + "privilege": "DisassociatePhoneNumbersFromVoiceConnector", + "description": "Grants permission to disassociate multiple phone numbers from the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociatePhoneNumbersFromVoiceConnector.html" + }, + "DisassociatePhoneNumbersFromVoiceConnectorGroup": { + "privilege": "DisassociatePhoneNumbersFromVoiceConnectorGroup", + "description": "Grants permission to disassociate multiple phone numbers from the specified Amazon Chime Voice Connector Group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociatePhoneNumbersFromVoiceConnectorGroup.html" + }, + "DisassociateSigninDelegateGroupsFromAccount": { + "privilege": "DisassociateSigninDelegateGroupsFromAccount", + "description": "Grants permission to disassociate the specified sign-in delegate groups from the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_DisassociateSigninDelegateGroupsFromAccount.html" + }, + "DisconnectDirectory": { + "privilege": "DisconnectDirectory", + "description": "Grants permission to disconnect the Active Directory from your Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "GetAccount": { + "privilege": "GetAccount", + "description": "Grants permission to get details for the specified Amazon Chime account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetAccount.html" + }, + "GetAccountResource": { + "privilege": "GetAccountResource", + "description": "Grants permission to get details for the account resource associated with your Amazon Chime account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "GetAccountSettings": { + "privilege": "GetAccountSettings", + "description": "Grants permission to get account settings for the specified Amazon Chime account ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetAccountSettings.html" + }, + "GetAccountWithOpenIdConfig": { + "privilege": "GetAccountWithOpenIdConfig", + "description": "Grants permission to get the account details and OpenIdConfig attributes for your Amazon Chime account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" + }, + "GetAppInstanceRetentionSettings": { + "privilege": "GetAppInstanceRetentionSettings", + "description": "Grants permission to get retention settings for an app instance", + "access_level": "Read", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_GetAppInstanceRetentionSettings.html" + }, + "GetAppInstanceStreamingConfigurations": { + "privilege": "GetAppInstanceStreamingConfigurations", + "description": "Grants permission to get the streaming configurations for an app instance", + "access_level": "Read", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_GetAppInstanceStreamingConfigurations.html" + }, + "GetAttendee": { + "privilege": "GetAttendee", + "description": "Grants permission to get attendee details for a specified meeting ID and attendee ID", + "access_level": "Read", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetAttendee.html" + }, + "GetBot": { + "privilege": "GetBot", + "description": "Grants permission to retrieve details for the specified bot", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetBot.html" + }, + "GetCDRBucket": { + "privilege": "GetCDRBucket", + "description": "Grants permission to get details of a Call Detail Record S3 bucket associated with your Amazon Chime account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetBucketAcl", + "s3:GetBucketLocation", + "s3:GetBucketLogging", + "s3:GetBucketVersioning", + "s3:GetBucketWebsite" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "GetChannelMembershipPreferences": { + "privilege": "GetChannelMembershipPreferences", + "description": "Grants permission to get the preferences for a channel membership", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetChannelMembershipPreferences.html" + }, + "GetChannelMessage": { + "privilege": "GetChannelMessage", + "description": "Grants permission to get the full details of a channel message", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetChannelMessage.html" + }, + "GetChannelMessageStatus": { + "privilege": "GetChannelMessageStatus", + "description": "Grants permission to get the status of a channel message", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetChannelMessageStatus.html" + }, + "GetDomain": { + "privilege": "GetDomain", + "description": "Grants permission to get domain details for a domain associated with your Amazon Chime account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" + }, + "GetEventsConfiguration": { + "privilege": "GetEventsConfiguration", + "description": "Grants permission to retrieve details for an events configuration for a bot to receive outgoing events", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetEventsConfiguration.html" + }, + "GetGlobalSettings": { + "privilege": "GetGlobalSettings", + "description": "Grants permission to get global settings related to Amazon Chime for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetGlobalSettings.html" + }, + "GetMediaCapturePipeline": { + "privilege": "GetMediaCapturePipeline", + "description": "Grants permission to get an existing media capture pipeline", + "access_level": "Read", + "resource_types": { + "media-pipeline": { + "resource_type": "media-pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "media-pipeline": "media-pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_GetMediaCapturePipeline.html" + }, + "GetMediaInsightsPipelineConfiguration": { + "privilege": "GetMediaInsightsPipelineConfiguration", + "description": "Grants permission to get a media insights pipeline configuration", + "access_level": "Read", + "resource_types": { + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_GetMediaInsightsPipelineConfiguration.html" + }, + "GetMediaPipeline": { + "privilege": "GetMediaPipeline", + "description": "Grants permission to get an existing media pipeline", + "access_level": "Read", + "resource_types": { + "media-pipeline": { + "resource_type": "media-pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "media-pipeline": "media-pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_GetMediaPipeline.html" + }, + "GetMeeting": { + "privilege": "GetMeeting", + "description": "Grants permission to get the meeting record for a specified meeting ID", + "access_level": "Read", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetMeeting.html" + }, + "GetMeetingDetail": { + "privilege": "GetMeetingDetail", + "description": "Grants permission to get attendee, connection, and other details for a meeting", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "GetMessagingSessionEndpoint": { + "privilege": "GetMessagingSessionEndpoint", + "description": "Grants permission to get the endpoint for the messaging session", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetMessagingSessionEndpoint.html" + }, + "GetMessagingStreamingConfigurations": { + "privilege": "GetMessagingStreamingConfigurations", + "description": "Grants permission to get the data streaming configurations of an AppInstance", + "access_level": "Read", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_GetMessagingStreamingConfigurations.html" + }, + "GetPhoneNumber": { + "privilege": "GetPhoneNumber", + "description": "Grants permission to get details for the specified phone number", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetPhoneNumber.html" + }, + "GetPhoneNumberOrder": { + "privilege": "GetPhoneNumberOrder", + "description": "Grants permission to get details for the specified phone number order", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetPhoneNumberOrder.html" + }, + "GetPhoneNumberSettings": { + "privilege": "GetPhoneNumberSettings", + "description": "Grants permission to get phone number settings related to Amazon Chime for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetPhoneNumberSettings.html" + }, + "GetProxySession": { + "privilege": "GetProxySession", + "description": "Grants permission to get details of the specified proxy session for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetProxySession.html" + }, + "GetRetentionSettings": { + "privilege": "GetRetentionSettings", + "description": "Grants permission to retrieve the retention settings for the specified Amazon Chime account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetRetentionSettings.html" + }, + "GetRoom": { + "privilege": "GetRoom", + "description": "Grants permission to retrieve a room", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetRoom.html" + }, + "GetSipMediaApplication": { + "privilege": "GetSipMediaApplication", + "description": "Grants permission to get details of Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Read", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetSipMediaApplication.html" + }, + "GetSipMediaApplicationAlexaSkillConfiguration": { + "privilege": "GetSipMediaApplicationAlexaSkillConfiguration", + "description": "Grants permission to get Alexa Skill configuration settings for Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Read", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetSipMediaApplicationAlexaSkillConfiguration.html" + }, + "GetSipMediaApplicationLoggingConfiguration": { + "privilege": "GetSipMediaApplicationLoggingConfiguration", + "description": "Grants permission to get logging configuration settings for Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Read", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetSipMediaApplicationLoggingConfiguration.html" + }, + "GetSipRule": { + "privilege": "GetSipRule", + "description": "Grants permission to get details of Amazon Chime SIP rule under the administrator's AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetSipRule.html" + }, + "GetSpeakerSearchTask": { + "privilege": "GetSpeakerSearchTask", + "description": "Grants permission to get a speaker search task", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetSpeakerSearchTask.html" + }, + "GetTelephonyLimits": { + "privilege": "GetTelephonyLimits", + "description": "Grants permission to get telephony limits for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/phone-numbers.html" + }, + "GetUser": { + "privilege": "GetUser", + "description": "Grants permission to get details for the specified user ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetUser.html" + }, + "GetUserActivityReportData": { + "privilege": "GetUserActivityReportData", + "description": "Grants permission to get a summary of user activity on the user details page", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/user-details.html" + }, + "GetUserByEmail": { + "privilege": "GetUserByEmail", + "description": "Grants permission to get user details for an Amazon Chime user based on the email address in an Amazon Chime Enterprise or Team account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/user-details.html" + }, + "GetUserSettings": { + "privilege": "GetUserSettings", + "description": "Grants permission to get user settings related to the specified Amazon Chime user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetUserSettings.html" + }, + "GetVoiceConnector": { + "privilege": "GetVoiceConnector", + "description": "Grants permission to get details for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnector.html" + }, + "GetVoiceConnectorEmergencyCallingConfiguration": { + "privilege": "GetVoiceConnectorEmergencyCallingConfiguration", + "description": "Grants permission to get details of the emergency calling configuration for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorEmergencyCallingConfiguration.html" + }, + "GetVoiceConnectorGroup": { + "privilege": "GetVoiceConnectorGroup", + "description": "Grants permission to get details for the specified Amazon Chime Voice Connector Group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorGroup.html" + }, + "GetVoiceConnectorLoggingConfiguration": { + "privilege": "GetVoiceConnectorLoggingConfiguration", + "description": "Grants permission to get details of the logging configuration for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorLoggingConfiguration.html" + }, + "GetVoiceConnectorOrigination": { + "privilege": "GetVoiceConnectorOrigination", + "description": "Grants permission to get details of the origination settings for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorOrigination.html" + }, + "GetVoiceConnectorProxy": { + "privilege": "GetVoiceConnectorProxy", + "description": "Grants permission to get details of the proxy configuration for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorProxy.html" + }, + "GetVoiceConnectorStreamingConfiguration": { + "privilege": "GetVoiceConnectorStreamingConfiguration", + "description": "Grants permission to get details of the streaming configuration for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorStreamingConfiguration.html" + }, + "GetVoiceConnectorTermination": { + "privilege": "GetVoiceConnectorTermination", + "description": "Grants permission to get details of the termination settings for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorTermination.html" + }, + "GetVoiceConnectorTerminationHealth": { + "privilege": "GetVoiceConnectorTerminationHealth", + "description": "Grants permission to get details of the termination health for the specified Amazon Chime Voice Connector", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_GetVoiceConnectorTerminationHealth.html" + }, + "GetVoiceProfile": { + "privilege": "GetVoiceProfile", + "description": "Grants permission to get a voice profile", + "access_level": "Read", + "resource_types": { + "voice-profile": { + "resource_type": "voice-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-profile": "voice-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetVoiceProfile.html" + }, + "GetVoiceProfileDomain": { + "privilege": "GetVoiceProfileDomain", + "description": "Grants permission to get a voice profile domain", + "access_level": "Read", + "resource_types": { + "voice-profile-domain": { + "resource_type": "voice-profile-domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-profile-domain": "voice-profile-domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetVoiceProfileDomain.html" + }, + "GetVoiceToneAnalysisTask": { + "privilege": "GetVoiceToneAnalysisTask", + "description": "Grants permission to get a voice tone analysis task", + "access_level": "Read", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_GetVoiceToneAnalysisTask.html" + }, + "InviteDelegate": { + "privilege": "InviteDelegate", + "description": "Grants permission to send an invitation to accept a request for AWS account delegation for an Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "InviteUsers": { + "privilege": "InviteUsers", + "description": "Grants permission to invite as many as 50 users to the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_InviteUsers.html" + }, + "InviteUsersFromProvider": { + "privilege": "InviteUsersFromProvider", + "description": "Grants permission to invite users from a third party provider to your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ListAccountUsageReportData": { + "privilege": "ListAccountUsageReportData", + "description": "Grants permission to list Amazon Chime account usage reporting data", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/view-reports.html" + }, + "ListAccounts": { + "privilege": "ListAccounts", + "description": "Grants permission to list the Amazon Chime accounts under the administrator's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListAccounts.html" + }, + "ListApiKeys": { + "privilege": "ListApiKeys", + "description": "Grants permission to list the SCIM access keys defined for your Amazon Chime account and Okta configuration", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" + }, + "ListAppInstanceAdmins": { + "privilege": "ListAppInstanceAdmins", + "description": "Grants permission to list administrators in the app instance", + "access_level": "List", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceAdmins.html" + }, + "ListAppInstanceBots": { + "privilege": "ListAppInstanceBots", + "description": "Grants permission to list all AppInstanceBots created under a single app instance", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceBots.html" + }, + "ListAppInstanceUserEndpoints": { + "privilege": "ListAppInstanceUserEndpoints", + "description": "Grants permission to list the endpoints registered for an app instance user", + "access_level": "List", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceUserEndpoints.html" + }, + "ListAppInstanceUsers": { + "privilege": "ListAppInstanceUsers", + "description": "Grants permission to list all AppInstanceUsers created under a single app instance", + "access_level": "List", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstanceUsers.html" + }, + "ListAppInstances": { + "privilege": "ListAppInstances", + "description": "Grants permission to list all Amazon Chime app instances created under a single AWS account", + "access_level": "List", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_ListAppInstances.html" + }, + "ListAttendeeTags": { + "privilege": "ListAttendeeTags", + "description": "Grants permission to list the tags applied to an Amazon Chime SDK attendee resource", + "access_level": "List", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListAttendeeTags.html" + }, + "ListAttendees": { + "privilege": "ListAttendees", + "description": "Grants permission to list up to 100 attendees for a specified Amazon Chime SDK meeting", + "access_level": "List", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListAttendees.html" + }, + "ListAvailableVoiceConnectorRegions": { + "privilege": "ListAvailableVoiceConnectorRegions", + "description": "Grants permission to list the available AWS Regions in which you can create an Amazon Chime SDK Voice Connector", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "API_ListAvailableVoiceConnectorRegions.html" + }, + "ListBots": { + "privilege": "ListBots", + "description": "Grants permission to list the bots associated with the administrator's Amazon Chime Enterprise account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListBots.html" + }, + "ListCDRBucket": { + "privilege": "ListCDRBucket", + "description": "Grants permission to list Call Detail Record S3 buckets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:ListAllMyBuckets", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ListCallingRegions": { + "privilege": "ListCallingRegions", + "description": "Grants permission to list the calling regions available for the administrator's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/phone-numbers.html" + }, + "ListChannelBans": { + "privilege": "ListChannelBans", + "description": "Grants permission to list all the users and bots banned from a particular channel", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelBans.html" + }, + "ListChannelFlows": { + "privilege": "ListChannelFlows", + "description": "Grants permission to list all the Channel Flows created under a single Chime AppInstance", + "access_level": "List", + "resource_types": { + "channel-flow": { + "resource_type": "channel-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel-flow": "channel-flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelFlows.html" + }, + "ListChannelMemberships": { + "privilege": "ListChannelMemberships", + "description": "Grants permission to list all channel memberships in a channel", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelMemberships.html" + }, + "ListChannelMembershipsForAppInstanceUser": { + "privilege": "ListChannelMembershipsForAppInstanceUser", + "description": "Grants permission to list all channels that a particular user or bot is a part of", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelMembershipsForAppInstanceUser.html" + }, + "ListChannelMessages": { + "privilege": "ListChannelMessages", + "description": "Grants permission to list all the messages in a channel", + "access_level": "Read", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelMessages.html" + }, + "ListChannelModerators": { + "privilege": "ListChannelModerators", + "description": "Grants permission to list all the moderators for a channel", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelModerators.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to list all the Channels created under a single Chime AppInstance", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannels.html" + }, + "ListChannelsAssociatedWithChannelFlow": { + "privilege": "ListChannelsAssociatedWithChannelFlow", + "description": "Grants permission to list all the Channels associated with a single Chime Channel Flow", + "access_level": "List", + "resource_types": { + "channel-flow": { + "resource_type": "channel-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel-flow": "channel-flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelsAssociatedWithChannelFlow.html" + }, + "ListChannelsModeratedByAppInstanceUser": { + "privilege": "ListChannelsModeratedByAppInstanceUser", + "description": "Grants permission to list all channels moderated by a user or bot", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListChannelsModeratedByAppInstanceUser.html" + }, + "ListDelegates": { + "privilege": "ListDelegates", + "description": "Grants permission to list account delegate information associated with your Amazon Chime account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ListDirectories": { + "privilege": "ListDirectories", + "description": "Grants permission to list active Active Directories hosted in the Directory Service of your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list domains associated with your Amazon Chime account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/claim-domain.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list Active Directory or Okta user groups associated with your Amazon Chime Enterprise account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ListMediaCapturePipelines": { + "privilege": "ListMediaCapturePipelines", + "description": "Grants permission to list media capture pipelines", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_ListMediaCapturePipelines.html" + }, + "ListMediaInsightsPipelineConfigurations": { + "privilege": "ListMediaInsightsPipelineConfigurations", + "description": "Grants permission to list all media insights pipeline configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_ListMediaInsightsPipelineConfigurations.html" + }, + "ListMediaPipelines": { + "privilege": "ListMediaPipelines", + "description": "Grants permission to list media pipelines", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_ListMediaPipelines.html" + }, + "ListMeetingEvents": { + "privilege": "ListMeetingEvents", + "description": "Grants permission to list all events that occurred for a specified meeting", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/view-reports.html" + }, + "ListMeetingTags": { + "privilege": "ListMeetingTags", + "description": "Grants permission to list the tags applied to an Amazon Chime SDK meeting resource", + "access_level": "List", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListMeetingTags.html" + }, + "ListMeetings": { + "privilege": "ListMeetings", + "description": "Grants permission to list up to 100 active Amazon Chime SDK meetings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListMeetings.html" + }, + "ListMeetingsReportData": { + "privilege": "ListMeetingsReportData", + "description": "Grants permission to list meetings ended during the specified date range", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/view-reports.html" + }, + "ListPhoneNumberOrders": { + "privilege": "ListPhoneNumberOrders", + "description": "Grants permission to list the phone number orders under the administrator's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListPhoneNumberOrders.html" + }, + "ListPhoneNumbers": { + "privilege": "ListPhoneNumbers", + "description": "Grants permission to list the phone numbers under the administrator's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListPhoneNumbers.html" + }, + "ListProxySessions": { + "privilege": "ListProxySessions", + "description": "Grants permission to list proxy sessions for the specified Amazon Chime Voice Connector", + "access_level": "List", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListProxySessions.html" + }, + "ListRoomMemberships": { + "privilege": "ListRoomMemberships", + "description": "Grants permission to list all room members", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListRoomMemberships.html" + }, + "ListRooms": { + "privilege": "ListRooms", + "description": "Grants permission to list rooms", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListRooms.html" + }, + "ListSipMediaApplications": { + "privilege": "ListSipMediaApplications", + "description": "Grants permission to list all Amazon Chime SIP media applications under the administrator's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListSipMediaApplications.html" + }, + "ListSipRules": { + "privilege": "ListSipRules", + "description": "Grants permission to list all Amazon Chime SIP rules under the administrator's AWS account", + "access_level": "List", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListSipRules.html" + }, + "ListSubChannels": { + "privilege": "ListSubChannels", + "description": "Grants permission to list all the SubChannels under a single Channel", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_ListSubChannels.html" + }, + "ListSupportedPhoneNumberCountries": { + "privilege": "ListSupportedPhoneNumberCountries", + "description": "Grants permission to list the phone number countries supported by the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "API_ListSupportedPhoneNumberCountries.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags applied to an Amazon Chime resource", + "access_level": "Read", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "channel-flow": { + "resource_type": "channel-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "media-pipeline": { + "resource_type": "media-pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "meeting": { + "resource_type": "meeting", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sip-media-application": { + "resource_type": "sip-media-application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "voice-connector": { + "resource_type": "voice-connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "voice-profile-domain": { + "resource_type": "voice-profile-domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel", + "channel-flow": "channel-flow", + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration", + "media-pipeline": "media-pipeline", + "meeting": "meeting", + "sip-media-application": "sip-media-application", + "voice-connector": "voice-connector", + "voice-profile-domain": "voice-profile-domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListTagsForResource.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list the users that belong to the specified Amazon Chime account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListUsers.html" + }, + "ListVoiceConnectorGroups": { + "privilege": "ListVoiceConnectorGroups", + "description": "Grants permission to list the Amazon Chime Voice Connector Groups under the administrator's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListVoiceConnectorGroups.html" + }, + "ListVoiceConnectorTerminationCredentials": { + "privilege": "ListVoiceConnectorTerminationCredentials", + "description": "Grants permission to list the SIP termination credentials for the specified Amazon Chime Voice Connector", + "access_level": "List", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListVoiceConnectorTerminationCredentials.html" + }, + "ListVoiceConnectors": { + "privilege": "ListVoiceConnectors", + "description": "Grants permission to list the Amazon Chime Voice Connectors under the administrator's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ListVoiceConnectors.html" + }, + "ListVoiceProfileDomains": { + "privilege": "ListVoiceProfileDomains", + "description": "Grants permission to list voice profile domains", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_ListVoiceProfileDomains.html" + }, + "ListVoiceProfiles": { + "privilege": "ListVoiceProfiles", + "description": "Grants permission to list voice profiles", + "access_level": "List", + "resource_types": { + "voice-profile-domain": { + "resource_type": "voice-profile-domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-profile-domain": "voice-profile-domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_ListVoiceProfiles.html" + }, + "LogoutUser": { + "privilege": "LogoutUser", + "description": "Grants permission to log out the specified user from all of the devices they are currently logged into", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_LogoutUser.html" + }, + "PutAppInstanceRetentionSettings": { + "privilege": "PutAppInstanceRetentionSettings", + "description": "Grants permission to enable data retention for the app instance", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_PutAppInstanceRetentionSettings.html" + }, + "PutAppInstanceStreamingConfigurations": { + "privilege": "PutAppInstanceStreamingConfigurations", + "description": "Grants permission to configure data streaming for the app instance", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_PutAppInstanceStreamingConfigurations.html" + }, + "PutAppInstanceUserExpirationSettings": { + "privilege": "PutAppInstanceUserExpirationSettings", + "description": "Grants permission to put expiration settings for an AppInstanceUser", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_PutAppInstanceUserExpirationSettings.html" + }, + "PutChannelExpirationSettings": { + "privilege": "PutChannelExpirationSettings", + "description": "Grants permission to put expiration settings for a channel", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_PutChannelExpirationSettings.html" + }, + "PutChannelMembershipPreferences": { + "privilege": "PutChannelMembershipPreferences", + "description": "Grants permission to put the preferences for a channel membership", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_PutChannelMembershipPreferences.html" + }, + "PutEventsConfiguration": { + "privilege": "PutEventsConfiguration", + "description": "Grants permission to update details for an events configuration for a bot to receive outgoing events", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutEventsConfiguration.html" + }, + "PutMessagingStreamingConfigurations": { + "privilege": "PutMessagingStreamingConfigurations", + "description": "Grants permission to put the data streaming configurations of an AppInstance", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_PutMessagingStreamingConfigurations.html" + }, + "PutRetentionSettings": { + "privilege": "PutRetentionSettings", + "description": "Grants permission to create or update retention settings for the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutRetentionSettings.html" + }, + "PutSipMediaApplicationAlexaSkillConfiguration": { + "privilege": "PutSipMediaApplicationAlexaSkillConfiguration", + "description": "Grants permission to update Alexa Skill configuration settings for Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_PutSipMediaApplicationAlexaSkillConfiguration.html" + }, + "PutSipMediaApplicationLoggingConfiguration": { + "privilege": "PutSipMediaApplicationLoggingConfiguration", + "description": "Grants permission to update logging configuration settings for Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutSipMediaApplicationLoggingConfiguration.html" + }, + "PutVoiceConnectorEmergencyCallingConfiguration": { + "privilege": "PutVoiceConnectorEmergencyCallingConfiguration", + "description": "Grants permission to add emergency calling configuration for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorEmergencyCallingConfiguration.html" + }, + "PutVoiceConnectorLoggingConfiguration": { + "privilege": "PutVoiceConnectorLoggingConfiguration", + "description": "Grants permission to add logging configuration for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:CreateLogDelivery", + "logs:CreateLogGroup", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:GetLogDelivery", + "logs:ListLogDeliveries" + ] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorLoggingConfiguration.html" + }, + "PutVoiceConnectorOrigination": { + "privilege": "PutVoiceConnectorOrigination", + "description": "Grants permission to update the origination settings for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorOrigination.html" + }, + "PutVoiceConnectorProxy": { + "privilege": "PutVoiceConnectorProxy", + "description": "Grants permission to add proxy configuration for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorProxy.html" + }, + "PutVoiceConnectorStreamingConfiguration": { + "privilege": "PutVoiceConnectorStreamingConfiguration", + "description": "Grants permission to add streaming configuration for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "chime:GetMediaInsightsPipelineConfiguration" + ] + }, + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector", + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorStreamingConfiguration.html" + }, + "PutVoiceConnectorTermination": { + "privilege": "PutVoiceConnectorTermination", + "description": "Grants permission to update the termination settings for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorTermination.html" + }, + "PutVoiceConnectorTerminationCredentials": { + "privilege": "PutVoiceConnectorTerminationCredentials", + "description": "Grants permission to add SIP termination credentials for the specified Amazon Chime Voice Connector", + "access_level": "Permissions management", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_PutVoiceConnectorTerminationCredentials.html" + }, + "RedactChannelMessage": { + "privilege": "RedactChannelMessage", + "description": "Grants permission to redact message content", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_RedactChannelMessage.html" + }, + "RedactConversationMessage": { + "privilege": "RedactConversationMessage", + "description": "Grants permission to redact the specified Chime conversation Message", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RedactConversationMessage.html" + }, + "RedactRoomMessage": { + "privilege": "RedactRoomMessage", + "description": "Grants permission to redacts the specified Chime room Message", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RedactRoomMessage.html" + }, + "RegenerateSecurityToken": { + "privilege": "RegenerateSecurityToken", + "description": "Grants permission to regenerate the security token for the specified bot", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RegenerateSecurityToken.html" + }, + "RegisterAppInstanceUserEndpoint": { + "privilege": "RegisterAppInstanceUserEndpoint", + "description": "Grants permission to register an endpoint for an app instance user", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "mobiletargeting:GetApp" + ] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_RegisterAppInstanceUserEndpoint.html" + }, + "RenameAccount": { + "privilege": "RenameAccount", + "description": "Grants permission to modify the account name for your Amazon Chime Enterprise or Team account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/rename-account.html" + }, + "RenewDelegate": { + "privilege": "RenewDelegate", + "description": "Grants permission to renew the delegation request associated with an Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ResetAccountResource": { + "privilege": "ResetAccountResource", + "description": "Grants permission to reset the account resource in your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ResetPersonalPIN": { + "privilege": "ResetPersonalPIN", + "description": "Grants permission to reset the personal meeting PIN for the specified user on an Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ResetPersonalPIN.html" + }, + "RestorePhoneNumber": { + "privilege": "RestorePhoneNumber", + "description": "Grants permission to restore the specified phone number from the deltion queue back to the phone number inventory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_RestorePhoneNumber.html" + }, + "RetrieveDataExports": { + "privilege": "RetrieveDataExports", + "description": "Grants permission to download the file containing links to all user attachments returned as part of the \"Request attachments\" action", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/request-attachments.html" + }, + "SearchAvailablePhoneNumbers": { + "privilege": "SearchAvailablePhoneNumbers", + "description": "Grants permission to search phone numbers that can be ordered from the carrier", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_SearchAvailablePhoneNumbers.html" + }, + "SearchChannels": { + "privilege": "SearchChannels", + "description": "Grants permission to search channels that an AppInstanceUser belongs to, or search channels across the AppInstance for an AppInstaceAdmin", + "access_level": "List", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_SearchChannels.html" + }, + "SendChannelMessage": { + "privilege": "SendChannelMessage", + "description": "Grants permission to send a message to a particular channel that the member is a part of", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_SendChannelMessage.html" + }, + "StartDataExport": { + "privilege": "StartDataExport", + "description": "Grants permission to submit the \"Request attachments\" request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/request-attachments.html" + }, + "StartMeetingTranscription": { + "privilege": "StartMeetingTranscription", + "description": "Grants permission to start transcription for a meeting", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_StartMeetingTranscription.html" + }, + "StartSpeakerSearchTask": { + "privilege": "StartSpeakerSearchTask", + "description": "Grants permission to start a speaker search task", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StartSpeakerSearchTask.html" + }, + "StartVoiceToneAnalysisTask": { + "privilege": "StartVoiceToneAnalysisTask", + "description": "Grants permission to start a voice tone analysis task", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StartVoiceToneAnalysisTask.html" + }, + "StopMeetingTranscription": { + "privilege": "StopMeetingTranscription", + "description": "Grants permission to stop transcription for a meeting", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_StopMeetingTranscription.html" + }, + "StopSpeakerSearchTask": { + "privilege": "StopSpeakerSearchTask", + "description": "Grants permission to stop a speaker search task", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StopSpeakerSearchTask.html" + }, + "StopVoiceToneAnalysisTask": { + "privilege": "StopVoiceToneAnalysisTask", + "description": "Grants permission to stop a voice tone analysis task", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_StopVoiceToneAnalysisTask.html" + }, + "SubmitSupportRequest": { + "privilege": "SubmitSupportRequest", + "description": "Grants permission to submit a customer service support request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/chime-getting-admin-support.html" + }, + "SuspendUsers": { + "privilege": "SuspendUsers", + "description": "Grants permission to suspend users from an Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" + }, + "TagAttendee": { + "privilege": "TagAttendee", + "description": "Grants permission to apply the specified tags to the specified Amazon Chime SDK attendee", + "access_level": "Tagging", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_TagAttendee.html" + }, + "TagMeeting": { + "privilege": "TagMeeting", + "description": "Grants permission to apply the specified tags to the specified Amazon Chime SDK meeting", + "access_level": "Tagging", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_TagMeeting.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to apply the specified tags to the specified Amazon Chime resource", + "access_level": "Tagging", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "channel-flow": { + "resource_type": "channel-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "media-pipeline": { + "resource_type": "media-pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "meeting": { + "resource_type": "meeting", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sip-media-application": { + "resource_type": "sip-media-application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "voice-connector": { + "resource_type": "voice-connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "voice-profile-domain": { + "resource_type": "voice-profile-domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel", + "channel-flow": "channel-flow", + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration", + "media-pipeline": "media-pipeline", + "meeting": "meeting", + "sip-media-application": "sip-media-application", + "voice-connector": "voice-connector", + "voice-profile-domain": "voice-profile-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_TagResource.html" + }, + "UnauthorizeDirectory": { + "privilege": "UnauthorizeDirectory", + "description": "Grants permission to unauthorize an Active Directory from your Amazon Chime Enterprise account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "UntagAttendee": { + "privilege": "UntagAttendee", + "description": "Grants permission to untag the specified tags from the specified Amazon Chime SDK attendee", + "access_level": "Tagging", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UntagAttendee.html" + }, + "UntagMeeting": { + "privilege": "UntagMeeting", + "description": "Grants permission to untag the specified tags from the specified Amazon Chime SDK meeting", + "access_level": "Tagging", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UntagMeeting.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified tags from the specified Amazon Chime resource", + "access_level": "Tagging", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "channel-flow": { + "resource_type": "channel-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "media-pipeline": { + "resource_type": "media-pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "meeting": { + "resource_type": "meeting", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sip-media-application": { + "resource_type": "sip-media-application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "voice-connector": { + "resource_type": "voice-connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "voice-profile-domain": { + "resource_type": "voice-profile-domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance", + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel", + "channel-flow": "channel-flow", + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration", + "media-pipeline": "media-pipeline", + "meeting": "meeting", + "sip-media-application": "sip-media-application", + "voice-connector": "voice-connector", + "voice-profile-domain": "voice-profile-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UntagResource.html" + }, + "UpdateAccount": { + "privilege": "UpdateAccount", + "description": "Grants permission to update account details for the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateAccount.html" + }, + "UpdateAccountOpenIdConfig": { + "privilege": "UpdateAccountOpenIdConfig", + "description": "Grants permission to update the OpenIdConfig attributes for your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/okta_sso.html" + }, + "UpdateAccountResource": { + "privilege": "UpdateAccountResource", + "description": "Grants permission to update the account resource in your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "UpdateAccountSettings": { + "privilege": "UpdateAccountSettings", + "description": "Grants permission to update the settings for the specified Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateAccountSettings.html" + }, + "UpdateAppInstance": { + "privilege": "UpdateAppInstance", + "description": "Grants permission to update AppInstance metadata", + "access_level": "Write", + "resource_types": { + "app-instance": { + "resource_type": "app-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance": "app-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstance.html" + }, + "UpdateAppInstanceBot": { + "privilege": "UpdateAppInstanceBot", + "description": "Grants permission to update the details for an AppInstanceBot", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstanceBot.html" + }, + "UpdateAppInstanceUser": { + "privilege": "UpdateAppInstanceUser", + "description": "Grants permission to update the details for an AppInstanceUser", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstanceUser.html" + }, + "UpdateAppInstanceUserEndpoint": { + "privilege": "UpdateAppInstanceUserEndpoint", + "description": "Grants permission to update an endpoint registered for an app instance user", + "access_level": "Write", + "resource_types": { + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-user": "app-instance-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_identity-chime_UpdateAppInstanceUserEndpoint.html" + }, + "UpdateAttendeeCapabilities": { + "privilege": "UpdateAttendeeCapabilities", + "description": "Grants permission to the capabilties that you want to update", + "access_level": "Write", + "resource_types": { + "meeting": { + "resource_type": "meeting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "meeting": "meeting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_meeting-chime_UpdateAttendeeCapabilities.html" + }, + "UpdateBot": { + "privilege": "UpdateBot", + "description": "Grants permission to update the status of the specified bot", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateBot.html" + }, + "UpdateCDRSettings": { + "privilege": "UpdateCDRSettings", + "description": "Grants permission to update your Call Detail Record S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:CreateBucket", + "s3:DeleteBucket", + "s3:ListAllMyBuckets" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Grants permission to update a channel's attributes", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannel.html" + }, + "UpdateChannelFlow": { + "privilege": "UpdateChannelFlow", + "description": "Grants permission to update a channel flow", + "access_level": "Write", + "resource_types": { + "channel-flow": { + "resource_type": "channel-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel-flow": "channel-flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannelFlow.html" + }, + "UpdateChannelMessage": { + "privilege": "UpdateChannelMessage", + "description": "Grants permission to update the content of a message", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannelMessage.html" + }, + "UpdateChannelReadMarker": { + "privilege": "UpdateChannelReadMarker", + "description": "Grants permission to set the timestamp to the point when a user last read messages in a channel", + "access_level": "Write", + "resource_types": { + "app-instance-bot": { + "resource_type": "app-instance-bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "app-instance-user": { + "resource_type": "app-instance-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-instance-bot": "app-instance-bot", + "app-instance-user": "app-instance-user", + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_messaging-chime_UpdateChannelReadMarker.html" + }, + "UpdateGlobalSettings": { + "privilege": "UpdateGlobalSettings", + "description": "Grants permission to update the global settings related to Amazon Chime for the AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateGlobalSettings.html" + }, + "UpdateMediaInsightsPipelineConfiguration": { + "privilege": "UpdateMediaInsightsPipelineConfiguration", + "description": "Grants permission to update the status of a media insights pipeline configuration", + "access_level": "Write", + "resource_types": { + "media-insights-pipeline-configuration": { + "resource_type": "media-insights-pipeline-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "chime:ListVoiceConnectors", + "iam:PassRole", + "kinesis:DescribeStream", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_UpdateMediaInsightsPipelineConfiguration.html" + }, + "UpdateMediaInsightsPipelineStatus": { + "privilege": "UpdateMediaInsightsPipelineStatus", + "description": "Grants permission to update the status of a media insights pipeline", + "access_level": "Write", + "resource_types": { + "media-pipeline": { + "resource_type": "media-pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "media-pipeline": "media-pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_media-pipelines-chime_UpdateMediaInsightsPipelineStatus.html" + }, + "UpdatePhoneNumber": { + "privilege": "UpdatePhoneNumber", + "description": "Grants permission to update phone number details for the specified phone number", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdatePhoneNumber.html" + }, + "UpdatePhoneNumberSettings": { + "privilege": "UpdatePhoneNumberSettings", + "description": "Grants permission to update phone number settings related to Amazon Chime for the AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdatePhoneNumberSettings.html" + }, + "UpdateProxySession": { + "privilege": "UpdateProxySession", + "description": "Grants permission to update a proxy session for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateProxySession.html" + }, + "UpdateRoom": { + "privilege": "UpdateRoom", + "description": "Grants permission to update a room", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateRoom.html" + }, + "UpdateRoomMembership": { + "privilege": "UpdateRoomMembership", + "description": "Grants permission to update room membership role", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateRoomMembership.html" + }, + "UpdateSipMediaApplication": { + "privilege": "UpdateSipMediaApplication", + "description": "Grants permission to update properties of Amazon Chime SIP media application under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateSipMediaApplication.html" + }, + "UpdateSipMediaApplicationCall": { + "privilege": "UpdateSipMediaApplicationCall", + "description": "Grants permission to update an Amazon Chime SIP media application call under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateSipMediaApplicationCall.html" + }, + "UpdateSipRule": { + "privilege": "UpdateSipRule", + "description": "Grants permission to update properties of Amazon Chime SIP rule under the administrator's AWS account", + "access_level": "Write", + "resource_types": { + "sip-media-application": { + "resource_type": "sip-media-application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sip-media-application": "sip-media-application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateSipRule.html" + }, + "UpdateSupportedLicenses": { + "privilege": "UpdateSupportedLicenses", + "description": "Grants permission to update the supported license tiers available for users in your Amazon Chime account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update user details for a specified user ID", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateUser.html" + }, + "UpdateUserLicenses": { + "privilege": "UpdateUserLicenses", + "description": "Grants permission to update the licenses for your Amazon Chime users", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/manage-access.html" + }, + "UpdateUserSettings": { + "privilege": "UpdateUserSettings", + "description": "Grants permission to update user settings related to the specified Amazon Chime user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateUserSettings.html" + }, + "UpdateVoiceConnector": { + "privilege": "UpdateVoiceConnector", + "description": "Grants permission to update Amazon Chime Voice Connector details for the specified Amazon Chime Voice Connector", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateVoiceConnector.html" + }, + "UpdateVoiceConnectorGroup": { + "privilege": "UpdateVoiceConnectorGroup", + "description": "Grants permission to update Amazon Chime Voice Connector Group details for the specified Amazon Chime Voice Connector Group", + "access_level": "Write", + "resource_types": { + "voice-connector": { + "resource_type": "voice-connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-connector": "voice-connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_UpdateVoiceConnectorGroup.html" + }, + "UpdateVoiceProfile": { + "privilege": "UpdateVoiceProfile", + "description": "Grants permission to update a voice profile", + "access_level": "Write", + "resource_types": { + "voice-profile": { + "resource_type": "voice-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-profile": "voice-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_UpdateVoiceProfile.html" + }, + "UpdateVoiceProfileDomain": { + "privilege": "UpdateVoiceProfileDomain", + "description": "Grants permission to update a voice profile domain", + "access_level": "Write", + "resource_types": { + "voice-profile-domain": { + "resource_type": "voice-profile-domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "voice-profile-domain": "voice-profile-domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime-sdk/latest/APIReference/API_voice-chime_UpdateVoiceProfileDomain.html" + }, + "ValidateAccountResource": { + "privilege": "ValidateAccountResource", + "description": "Grants permission to validate the account resource in your Amazon Chime account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/ag/control-access.html" + }, + "ValidateE911Address": { + "privilege": "ValidateE911Address", + "description": "Grants permission to validate an address to be used for 911 calls made with Amazon Chime Voice Connectors", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chime/latest/APIReference/API_ValidateE911Address.html" + } + }, + "privileges_lower_name": { + "acceptdelegate": "AcceptDelegate", + "activateusers": "ActivateUsers", + "adddomain": "AddDomain", + "addorupdategroups": "AddOrUpdateGroups", + "associatechannelflow": "AssociateChannelFlow", + "associatephonenumberwithuser": "AssociatePhoneNumberWithUser", + "associatephonenumberswithvoiceconnector": "AssociatePhoneNumbersWithVoiceConnector", + "associatephonenumberswithvoiceconnectorgroup": "AssociatePhoneNumbersWithVoiceConnectorGroup", + "associatesignindelegategroupswithaccount": "AssociateSigninDelegateGroupsWithAccount", + "authorizedirectory": "AuthorizeDirectory", + "batchcreateattendee": "BatchCreateAttendee", + "batchcreatechannelmembership": "BatchCreateChannelMembership", + "batchcreateroommembership": "BatchCreateRoomMembership", + "batchdeletephonenumber": "BatchDeletePhoneNumber", + "batchsuspenduser": "BatchSuspendUser", + "batchunsuspenduser": "BatchUnsuspendUser", + "batchupdateattendeecapabilitiesexcept": "BatchUpdateAttendeeCapabilitiesExcept", + "batchupdatephonenumber": "BatchUpdatePhoneNumber", + "batchupdateuser": "BatchUpdateUser", + "channelflowcallback": "ChannelFlowCallback", + "connect": "Connect", + "connectdirectory": "ConnectDirectory", + "createaccount": "CreateAccount", + "createapikey": "CreateApiKey", + "createappinstance": "CreateAppInstance", + "createappinstanceadmin": "CreateAppInstanceAdmin", + "createappinstancebot": "CreateAppInstanceBot", + "createappinstanceuser": "CreateAppInstanceUser", + "createattendee": "CreateAttendee", + "createbot": "CreateBot", + "createcdrbucket": "CreateCDRBucket", + "createchannel": "CreateChannel", + "createchannelban": "CreateChannelBan", + "createchannelflow": "CreateChannelFlow", + "createchannelmembership": "CreateChannelMembership", + "createchannelmoderator": "CreateChannelModerator", + "createmediacapturepipeline": "CreateMediaCapturePipeline", + "createmediaconcatenationpipeline": "CreateMediaConcatenationPipeline", + "createmediainsightspipeline": "CreateMediaInsightsPipeline", + "createmediainsightspipelineconfiguration": "CreateMediaInsightsPipelineConfiguration", + "createmedialiveconnectorpipeline": "CreateMediaLiveConnectorPipeline", + "createmeeting": "CreateMeeting", + "createmeetingdialout": "CreateMeetingDialOut", + "createmeetingwithattendees": "CreateMeetingWithAttendees", + "createphonenumberorder": "CreatePhoneNumberOrder", + "createproxysession": "CreateProxySession", + "createroom": "CreateRoom", + "createroommembership": "CreateRoomMembership", + "createsipmediaapplication": "CreateSipMediaApplication", + "createsipmediaapplicationcall": "CreateSipMediaApplicationCall", + "createsiprule": "CreateSipRule", + "createuser": "CreateUser", + "createvoiceconnector": "CreateVoiceConnector", + "createvoiceconnectorgroup": "CreateVoiceConnectorGroup", + "createvoiceprofile": "CreateVoiceProfile", + "createvoiceprofiledomain": "CreateVoiceProfileDomain", + "deleteaccount": "DeleteAccount", + "deleteaccountopenidconfig": "DeleteAccountOpenIdConfig", + "deleteapikey": "DeleteApiKey", + "deleteappinstance": "DeleteAppInstance", + "deleteappinstanceadmin": "DeleteAppInstanceAdmin", + "deleteappinstancebot": "DeleteAppInstanceBot", + "deleteappinstancestreamingconfigurations": "DeleteAppInstanceStreamingConfigurations", + "deleteappinstanceuser": "DeleteAppInstanceUser", + "deleteattendee": "DeleteAttendee", + "deletecdrbucket": "DeleteCDRBucket", + "deletechannel": "DeleteChannel", + "deletechannelban": "DeleteChannelBan", + "deletechannelflow": "DeleteChannelFlow", + "deletechannelmembership": "DeleteChannelMembership", + "deletechannelmessage": "DeleteChannelMessage", + "deletechannelmoderator": "DeleteChannelModerator", + "deletedelegate": "DeleteDelegate", + "deletedomain": "DeleteDomain", + "deleteeventsconfiguration": "DeleteEventsConfiguration", + "deletegroups": "DeleteGroups", + "deletemediacapturepipeline": "DeleteMediaCapturePipeline", + "deletemediainsightspipelineconfiguration": "DeleteMediaInsightsPipelineConfiguration", + "deletemediapipeline": "DeleteMediaPipeline", + "deletemeeting": "DeleteMeeting", + "deletemessagingstreamingconfigurations": "DeleteMessagingStreamingConfigurations", + "deletephonenumber": "DeletePhoneNumber", + "deleteproxysession": "DeleteProxySession", + "deleteroom": "DeleteRoom", + "deleteroommembership": "DeleteRoomMembership", + "deletesipmediaapplication": "DeleteSipMediaApplication", + "deletesiprule": "DeleteSipRule", + "deletevoiceconnector": "DeleteVoiceConnector", + "deletevoiceconnectoremergencycallingconfiguration": "DeleteVoiceConnectorEmergencyCallingConfiguration", + "deletevoiceconnectorgroup": "DeleteVoiceConnectorGroup", + "deletevoiceconnectororigination": "DeleteVoiceConnectorOrigination", + "deletevoiceconnectorproxy": "DeleteVoiceConnectorProxy", + "deletevoiceconnectorstreamingconfiguration": "DeleteVoiceConnectorStreamingConfiguration", + "deletevoiceconnectortermination": "DeleteVoiceConnectorTermination", + "deletevoiceconnectorterminationcredentials": "DeleteVoiceConnectorTerminationCredentials", + "deletevoiceprofile": "DeleteVoiceProfile", + "deletevoiceprofiledomain": "DeleteVoiceProfileDomain", + "deregisterappinstanceuserendpoint": "DeregisterAppInstanceUserEndpoint", + "describeappinstance": "DescribeAppInstance", + "describeappinstanceadmin": "DescribeAppInstanceAdmin", + "describeappinstancebot": "DescribeAppInstanceBot", + "describeappinstanceuser": "DescribeAppInstanceUser", + "describeappinstanceuserendpoint": "DescribeAppInstanceUserEndpoint", + "describechannel": "DescribeChannel", + "describechannelban": "DescribeChannelBan", + "describechannelflow": "DescribeChannelFlow", + "describechannelmembership": "DescribeChannelMembership", + "describechannelmembershipforappinstanceuser": "DescribeChannelMembershipForAppInstanceUser", + "describechannelmoderatedbyappinstanceuser": "DescribeChannelModeratedByAppInstanceUser", + "describechannelmoderator": "DescribeChannelModerator", + "disassociatechannelflow": "DisassociateChannelFlow", + "disassociatephonenumberfromuser": "DisassociatePhoneNumberFromUser", + "disassociatephonenumbersfromvoiceconnector": "DisassociatePhoneNumbersFromVoiceConnector", + "disassociatephonenumbersfromvoiceconnectorgroup": "DisassociatePhoneNumbersFromVoiceConnectorGroup", + "disassociatesignindelegategroupsfromaccount": "DisassociateSigninDelegateGroupsFromAccount", + "disconnectdirectory": "DisconnectDirectory", + "getaccount": "GetAccount", + "getaccountresource": "GetAccountResource", + "getaccountsettings": "GetAccountSettings", + "getaccountwithopenidconfig": "GetAccountWithOpenIdConfig", + "getappinstanceretentionsettings": "GetAppInstanceRetentionSettings", + "getappinstancestreamingconfigurations": "GetAppInstanceStreamingConfigurations", + "getattendee": "GetAttendee", + "getbot": "GetBot", + "getcdrbucket": "GetCDRBucket", + "getchannelmembershippreferences": "GetChannelMembershipPreferences", + "getchannelmessage": "GetChannelMessage", + "getchannelmessagestatus": "GetChannelMessageStatus", + "getdomain": "GetDomain", + "geteventsconfiguration": "GetEventsConfiguration", + "getglobalsettings": "GetGlobalSettings", + "getmediacapturepipeline": "GetMediaCapturePipeline", + "getmediainsightspipelineconfiguration": "GetMediaInsightsPipelineConfiguration", + "getmediapipeline": "GetMediaPipeline", + "getmeeting": "GetMeeting", + "getmeetingdetail": "GetMeetingDetail", + "getmessagingsessionendpoint": "GetMessagingSessionEndpoint", + "getmessagingstreamingconfigurations": "GetMessagingStreamingConfigurations", + "getphonenumber": "GetPhoneNumber", + "getphonenumberorder": "GetPhoneNumberOrder", + "getphonenumbersettings": "GetPhoneNumberSettings", + "getproxysession": "GetProxySession", + "getretentionsettings": "GetRetentionSettings", + "getroom": "GetRoom", + "getsipmediaapplication": "GetSipMediaApplication", + "getsipmediaapplicationalexaskillconfiguration": "GetSipMediaApplicationAlexaSkillConfiguration", + "getsipmediaapplicationloggingconfiguration": "GetSipMediaApplicationLoggingConfiguration", + "getsiprule": "GetSipRule", + "getspeakersearchtask": "GetSpeakerSearchTask", + "gettelephonylimits": "GetTelephonyLimits", + "getuser": "GetUser", + "getuseractivityreportdata": "GetUserActivityReportData", + "getuserbyemail": "GetUserByEmail", + "getusersettings": "GetUserSettings", + "getvoiceconnector": "GetVoiceConnector", + "getvoiceconnectoremergencycallingconfiguration": "GetVoiceConnectorEmergencyCallingConfiguration", + "getvoiceconnectorgroup": "GetVoiceConnectorGroup", + "getvoiceconnectorloggingconfiguration": "GetVoiceConnectorLoggingConfiguration", + "getvoiceconnectororigination": "GetVoiceConnectorOrigination", + "getvoiceconnectorproxy": "GetVoiceConnectorProxy", + "getvoiceconnectorstreamingconfiguration": "GetVoiceConnectorStreamingConfiguration", + "getvoiceconnectortermination": "GetVoiceConnectorTermination", + "getvoiceconnectorterminationhealth": "GetVoiceConnectorTerminationHealth", + "getvoiceprofile": "GetVoiceProfile", + "getvoiceprofiledomain": "GetVoiceProfileDomain", + "getvoicetoneanalysistask": "GetVoiceToneAnalysisTask", + "invitedelegate": "InviteDelegate", + "inviteusers": "InviteUsers", + "inviteusersfromprovider": "InviteUsersFromProvider", + "listaccountusagereportdata": "ListAccountUsageReportData", + "listaccounts": "ListAccounts", + "listapikeys": "ListApiKeys", + "listappinstanceadmins": "ListAppInstanceAdmins", + "listappinstancebots": "ListAppInstanceBots", + "listappinstanceuserendpoints": "ListAppInstanceUserEndpoints", + "listappinstanceusers": "ListAppInstanceUsers", + "listappinstances": "ListAppInstances", + "listattendeetags": "ListAttendeeTags", + "listattendees": "ListAttendees", + "listavailablevoiceconnectorregions": "ListAvailableVoiceConnectorRegions", + "listbots": "ListBots", + "listcdrbucket": "ListCDRBucket", + "listcallingregions": "ListCallingRegions", + "listchannelbans": "ListChannelBans", + "listchannelflows": "ListChannelFlows", + "listchannelmemberships": "ListChannelMemberships", + "listchannelmembershipsforappinstanceuser": "ListChannelMembershipsForAppInstanceUser", + "listchannelmessages": "ListChannelMessages", + "listchannelmoderators": "ListChannelModerators", + "listchannels": "ListChannels", + "listchannelsassociatedwithchannelflow": "ListChannelsAssociatedWithChannelFlow", + "listchannelsmoderatedbyappinstanceuser": "ListChannelsModeratedByAppInstanceUser", + "listdelegates": "ListDelegates", + "listdirectories": "ListDirectories", + "listdomains": "ListDomains", + "listgroups": "ListGroups", + "listmediacapturepipelines": "ListMediaCapturePipelines", + "listmediainsightspipelineconfigurations": "ListMediaInsightsPipelineConfigurations", + "listmediapipelines": "ListMediaPipelines", + "listmeetingevents": "ListMeetingEvents", + "listmeetingtags": "ListMeetingTags", + "listmeetings": "ListMeetings", + "listmeetingsreportdata": "ListMeetingsReportData", + "listphonenumberorders": "ListPhoneNumberOrders", + "listphonenumbers": "ListPhoneNumbers", + "listproxysessions": "ListProxySessions", + "listroommemberships": "ListRoomMemberships", + "listrooms": "ListRooms", + "listsipmediaapplications": "ListSipMediaApplications", + "listsiprules": "ListSipRules", + "listsubchannels": "ListSubChannels", + "listsupportedphonenumbercountries": "ListSupportedPhoneNumberCountries", + "listtagsforresource": "ListTagsForResource", + "listusers": "ListUsers", + "listvoiceconnectorgroups": "ListVoiceConnectorGroups", + "listvoiceconnectorterminationcredentials": "ListVoiceConnectorTerminationCredentials", + "listvoiceconnectors": "ListVoiceConnectors", + "listvoiceprofiledomains": "ListVoiceProfileDomains", + "listvoiceprofiles": "ListVoiceProfiles", + "logoutuser": "LogoutUser", + "putappinstanceretentionsettings": "PutAppInstanceRetentionSettings", + "putappinstancestreamingconfigurations": "PutAppInstanceStreamingConfigurations", + "putappinstanceuserexpirationsettings": "PutAppInstanceUserExpirationSettings", + "putchannelexpirationsettings": "PutChannelExpirationSettings", + "putchannelmembershippreferences": "PutChannelMembershipPreferences", + "puteventsconfiguration": "PutEventsConfiguration", + "putmessagingstreamingconfigurations": "PutMessagingStreamingConfigurations", + "putretentionsettings": "PutRetentionSettings", + "putsipmediaapplicationalexaskillconfiguration": "PutSipMediaApplicationAlexaSkillConfiguration", + "putsipmediaapplicationloggingconfiguration": "PutSipMediaApplicationLoggingConfiguration", + "putvoiceconnectoremergencycallingconfiguration": "PutVoiceConnectorEmergencyCallingConfiguration", + "putvoiceconnectorloggingconfiguration": "PutVoiceConnectorLoggingConfiguration", + "putvoiceconnectororigination": "PutVoiceConnectorOrigination", + "putvoiceconnectorproxy": "PutVoiceConnectorProxy", + "putvoiceconnectorstreamingconfiguration": "PutVoiceConnectorStreamingConfiguration", + "putvoiceconnectortermination": "PutVoiceConnectorTermination", + "putvoiceconnectorterminationcredentials": "PutVoiceConnectorTerminationCredentials", + "redactchannelmessage": "RedactChannelMessage", + "redactconversationmessage": "RedactConversationMessage", + "redactroommessage": "RedactRoomMessage", + "regeneratesecuritytoken": "RegenerateSecurityToken", + "registerappinstanceuserendpoint": "RegisterAppInstanceUserEndpoint", + "renameaccount": "RenameAccount", + "renewdelegate": "RenewDelegate", + "resetaccountresource": "ResetAccountResource", + "resetpersonalpin": "ResetPersonalPIN", + "restorephonenumber": "RestorePhoneNumber", + "retrievedataexports": "RetrieveDataExports", + "searchavailablephonenumbers": "SearchAvailablePhoneNumbers", + "searchchannels": "SearchChannels", + "sendchannelmessage": "SendChannelMessage", + "startdataexport": "StartDataExport", + "startmeetingtranscription": "StartMeetingTranscription", + "startspeakersearchtask": "StartSpeakerSearchTask", + "startvoicetoneanalysistask": "StartVoiceToneAnalysisTask", + "stopmeetingtranscription": "StopMeetingTranscription", + "stopspeakersearchtask": "StopSpeakerSearchTask", + "stopvoicetoneanalysistask": "StopVoiceToneAnalysisTask", + "submitsupportrequest": "SubmitSupportRequest", + "suspendusers": "SuspendUsers", + "tagattendee": "TagAttendee", + "tagmeeting": "TagMeeting", + "tagresource": "TagResource", + "unauthorizedirectory": "UnauthorizeDirectory", + "untagattendee": "UntagAttendee", + "untagmeeting": "UntagMeeting", + "untagresource": "UntagResource", + "updateaccount": "UpdateAccount", + "updateaccountopenidconfig": "UpdateAccountOpenIdConfig", + "updateaccountresource": "UpdateAccountResource", + "updateaccountsettings": "UpdateAccountSettings", + "updateappinstance": "UpdateAppInstance", + "updateappinstancebot": "UpdateAppInstanceBot", + "updateappinstanceuser": "UpdateAppInstanceUser", + "updateappinstanceuserendpoint": "UpdateAppInstanceUserEndpoint", + "updateattendeecapabilities": "UpdateAttendeeCapabilities", + "updatebot": "UpdateBot", + "updatecdrsettings": "UpdateCDRSettings", + "updatechannel": "UpdateChannel", + "updatechannelflow": "UpdateChannelFlow", + "updatechannelmessage": "UpdateChannelMessage", + "updatechannelreadmarker": "UpdateChannelReadMarker", + "updateglobalsettings": "UpdateGlobalSettings", + "updatemediainsightspipelineconfiguration": "UpdateMediaInsightsPipelineConfiguration", + "updatemediainsightspipelinestatus": "UpdateMediaInsightsPipelineStatus", + "updatephonenumber": "UpdatePhoneNumber", + "updatephonenumbersettings": "UpdatePhoneNumberSettings", + "updateproxysession": "UpdateProxySession", + "updateroom": "UpdateRoom", + "updateroommembership": "UpdateRoomMembership", + "updatesipmediaapplication": "UpdateSipMediaApplication", + "updatesipmediaapplicationcall": "UpdateSipMediaApplicationCall", + "updatesiprule": "UpdateSipRule", + "updatesupportedlicenses": "UpdateSupportedLicenses", + "updateuser": "UpdateUser", + "updateuserlicenses": "UpdateUserLicenses", + "updateusersettings": "UpdateUserSettings", + "updatevoiceconnector": "UpdateVoiceConnector", + "updatevoiceconnectorgroup": "UpdateVoiceConnectorGroup", + "updatevoiceprofile": "UpdateVoiceProfile", + "updatevoiceprofiledomain": "UpdateVoiceProfileDomain", + "validateaccountresource": "ValidateAccountResource", + "validatee911address": "ValidateE911Address" + }, + "resources": { + "meeting": { + "resource": "meeting", + "arn": "arn:${Partition}:chime::${AccountId}:meeting/${MeetingId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "app-instance": { + "resource": "app-instance", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "app-instance-user": { + "resource": "app-instance-user", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/user/${AppInstanceUserId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "app-instance-bot": { + "resource": "app-instance-bot", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/bot/${AppInstanceBotId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/channel/${ChannelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "channel-flow": { + "resource": "channel-flow", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:app-instance/${AppInstanceId}/channel-flow/${ChannelFlowId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "media-pipeline": { + "resource": "media-pipeline", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:media-pipeline/${MediaPipelineId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "media-insights-pipeline-configuration": { + "resource": "media-insights-pipeline-configuration", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:media-insights-pipeline-configuration/${ConfigurationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "voice-profile-domain": { + "resource": "voice-profile-domain", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:voice-profile-domain/${VoiceProfileDomainId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "voice-profile": { + "resource": "voice-profile", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:voice-profile/${VoiceProfileId}", + "condition_keys": [] + }, + "voice-connector": { + "resource": "voice-connector", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:vc/${VoiceConnectorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "sip-media-application": { + "resource": "sip-media-application", + "arn": "arn:${Partition}:chime:${Region}:${AccountId}:sma/${SipMediaApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "meeting": "meeting", + "app-instance": "app-instance", + "app-instance-user": "app-instance-user", + "app-instance-bot": "app-instance-bot", + "channel": "channel", + "channel-flow": "channel-flow", + "media-pipeline": "media-pipeline", + "media-insights-pipeline-configuration": "media-insights-pipeline-configuration", + "voice-profile-domain": "voice-profile-domain", + "voice-profile": "voice-profile", + "voice-connector": "voice-connector", + "sip-media-application": "sip-media-application" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + } + } + }, + "clouddirectory": { + "service_name": "Amazon Cloud Directory", + "prefix": "clouddirectory", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonclouddirectory.html", + "privileges": { + "AddFacetToObject": { + "privilege": "AddFacetToObject", + "description": "Grants permission to add a new Facet to an object", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AddFacetToObject.html" + }, + "ApplySchema": { + "privilege": "ApplySchema", + "description": "Grants permission to copy input published schema into Directory with same name and version as that of published schema", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ApplySchema.html" + }, + "AttachObject": { + "privilege": "AttachObject", + "description": "Grants permission to attach an existing object to another existing object", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachObject.html" + }, + "AttachPolicy": { + "privilege": "AttachPolicy", + "description": "Grants permission to attach a policy object to any other object", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachPolicy.html" + }, + "AttachToIndex": { + "privilege": "AttachToIndex", + "description": "Grants permission to attach the specified object to the specified index", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachToIndex.html" + }, + "AttachTypedLink": { + "privilege": "AttachTypedLink", + "description": "Grants permission to attach a typed link b/w a source & target object reference", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_AttachTypedLink.html" + }, + "BatchRead": { + "privilege": "BatchRead", + "description": "Grants permission to perform all the read operations in a batch. Each individual operation inside BatchRead needs to be granted permissions explicitly", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_BatchRead.html" + }, + "BatchWrite": { + "privilege": "BatchWrite", + "description": "Grants permission to perform all the write operations in a batch. Each individual operation inside BatchWrite needs to be granted permissions explicitly", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_BatchWrite.html" + }, + "CreateDirectory": { + "privilege": "CreateDirectory", + "description": "Grants permission to create a Directory by copying the published schema into the directory", + "access_level": "Write", + "resource_types": { + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateDirectory.html" + }, + "CreateFacet": { + "privilege": "CreateFacet", + "description": "Grants permission to create a new Facet in a schema", + "access_level": "Write", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateFacet.html" + }, + "CreateIndex": { + "privilege": "CreateIndex", + "description": "Grants permission to create an index object", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateIndex.html" + }, + "CreateObject": { + "privilege": "CreateObject", + "description": "Grants permission to create an object in a Directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateObject.html" + }, + "CreateSchema": { + "privilege": "CreateSchema", + "description": "Grants permission to create a new schema in a development state", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateSchema.html" + }, + "CreateTypedLinkFacet": { + "privilege": "CreateTypedLinkFacet", + "description": "Grants permission to create a new Typed Link facet in a schema", + "access_level": "Write", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_CreateTypedLinkFacet.html" + }, + "DeleteDirectory": { + "privilege": "DeleteDirectory", + "description": "Grants permission to delete a directory. Only disabled directories can be deleted", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteDirectory.html" + }, + "DeleteFacet": { + "privilege": "DeleteFacet", + "description": "Grants permission to delete a given Facet. All attributes and Rules associated with the facet will be deleted", + "access_level": "Write", + "resource_types": { + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteFacet.html" + }, + "DeleteObject": { + "privilege": "DeleteObject", + "description": "Grants permission to delete an object and its associated attributes", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteObject.html" + }, + "DeleteSchema": { + "privilege": "DeleteSchema", + "description": "Grants permission to delete a given schema", + "access_level": "Write", + "resource_types": { + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteSchema.html" + }, + "DeleteTypedLinkFacet": { + "privilege": "DeleteTypedLinkFacet", + "description": "Grants permission to delete a given TypedLink Facet. All attributes and Rules associated with the facet will be deleted", + "access_level": "Write", + "resource_types": { + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DeleteTypedLinkFacet.html" + }, + "DetachFromIndex": { + "privilege": "DetachFromIndex", + "description": "Grants permission to detach the specified object from the specified index", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachFromIndex.html" + }, + "DetachObject": { + "privilege": "DetachObject", + "description": "Grants permission to detach a given object from the parent object", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachObject.html" + }, + "DetachPolicy": { + "privilege": "DetachPolicy", + "description": "Grants permission to detach a policy from an object", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachPolicy.html" + }, + "DetachTypedLink": { + "privilege": "DetachTypedLink", + "description": "Grants permission to detach a given typed link b/w given source and target object reference", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DetachTypedLink.html" + }, + "DisableDirectory": { + "privilege": "DisableDirectory", + "description": "Grants permission to disable the specified directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_DisableDirectory.html" + }, + "EnableDirectory": { + "privilege": "EnableDirectory", + "description": "Grants permission to enable the specified directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_EnableDirectory.html" + }, + "GetAppliedSchemaVersion": { + "privilege": "GetAppliedSchemaVersion", + "description": "Grants permission to return current applied schema version ARN, including the minor version in use", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetAppliedSchemaVersion.html" + }, + "GetDirectory": { + "privilege": "GetDirectory", + "description": "Grants permission to retrieve metadata about a directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetDirectory.html" + }, + "GetFacet": { + "privilege": "GetFacet", + "description": "Grants permission to get details of the Facet, such as Facet Name, Attributes, Rules, or ObjectType", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetFacet.html" + }, + "GetLinkAttributes": { + "privilege": "GetLinkAttributes", + "description": "Grants permission to retrieve attributes that are associated with a typed link", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetLinkAttributes.html" + }, + "GetObjectAttributes": { + "privilege": "GetObjectAttributes", + "description": "Grants permission to retrieve attributes within a facet that are associated with an object", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetObjectAttributes.html" + }, + "GetObjectInformation": { + "privilege": "GetObjectInformation", + "description": "Grants permission to retrieve metadata about an object", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetObjectInformation.html" + }, + "GetSchemaAsJson": { + "privilege": "GetSchemaAsJson", + "description": "Grants permission to retrieve a JSON representation of the schema", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetSchemaAsJson.html" + }, + "GetTypedLinkFacetInformation": { + "privilege": "GetTypedLinkFacetInformation", + "description": "Grants permission to return identity attributes order information associated with a given typed link facet", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_GetTypedLinkFacetInformation.html" + }, + "ListAppliedSchemaArns": { + "privilege": "ListAppliedSchemaArns", + "description": "Grants permission to list schemas applied to a directory", + "access_level": "List", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListAppliedSchemaArns.html" + }, + "ListAttachedIndices": { + "privilege": "ListAttachedIndices", + "description": "Grants permission to list indices attached to an object", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListAttachedIndices.html" + }, + "ListDevelopmentSchemaArns": { + "privilege": "ListDevelopmentSchemaArns", + "description": "Grants permission to retrieve the ARNs of schemas in the development state", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListDevelopmentSchemaArns.html" + }, + "ListDirectories": { + "privilege": "ListDirectories", + "description": "Grants permission to list directories created within an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListDirectories.html" + }, + "ListFacetAttributes": { + "privilege": "ListFacetAttributes", + "description": "Grants permission to retrieve attributes attached to the facet", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListFacetAttributes.html" + }, + "ListFacetNames": { + "privilege": "ListFacetNames", + "description": "Grants permission to retrieve the names of facets that exist in a schema", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListFacetNames.html" + }, + "ListIncomingTypedLinks": { + "privilege": "ListIncomingTypedLinks", + "description": "Grants permission to return a paginated list of all incoming TypedLinks for a given object", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListIncomingTypedLinks.html" + }, + "ListIndex": { + "privilege": "ListIndex", + "description": "Grants permission to list objects attached to the specified index", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListIndex.html" + }, + "ListManagedSchemaArns": { + "privilege": "ListManagedSchemaArns", + "description": "Grants permission to list the major version families of each managed schema. If a major version ARN is provided as SchemaArn, the minor version revisions in that family are listed instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListManagedSchemaArns.html" + }, + "ListObjectAttributes": { + "privilege": "ListObjectAttributes", + "description": "Grants permission to list all attributes associated with an object", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectAttributes.html" + }, + "ListObjectChildren": { + "privilege": "ListObjectChildren", + "description": "Grants permission to return a paginated list of child objects associated with a given object", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectChildren.html" + }, + "ListObjectParentPaths": { + "privilege": "ListObjectParentPaths", + "description": "Grants permission to retrieve all available parent paths for any object type such as node, leaf node, policy node, and index node objects", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectParentPaths.html" + }, + "ListObjectParents": { + "privilege": "ListObjectParents", + "description": "Grants permission to list parent objects associated with a given object in pagination fashion", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectParents.html" + }, + "ListObjectPolicies": { + "privilege": "ListObjectPolicies", + "description": "Grants permission to return policies attached to an object in pagination fashion", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListObjectPolicies.html" + }, + "ListOutgoingTypedLinks": { + "privilege": "ListOutgoingTypedLinks", + "description": "Grants permission to return a paginated list of all outgoing TypedLinks for a given object", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListOutgoingTypedLinks.html" + }, + "ListPolicyAttachments": { + "privilege": "ListPolicyAttachments", + "description": "Grants permission to return all of the ObjectIdentifiers to which a given policy is attached", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListPolicyAttachments.html" + }, + "ListPublishedSchemaArns": { + "privilege": "ListPublishedSchemaArns", + "description": "Grants permission to retrieve published schema ARNs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListPublishedSchemaArns.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return tags for a resource", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTypedLinkFacetAttributes": { + "privilege": "ListTypedLinkFacetAttributes", + "description": "Grants permission to return a paginated list of attributes associated with typed link facet", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListTypedLinkFacetAttributes.html" + }, + "ListTypedLinkFacetNames": { + "privilege": "ListTypedLinkFacetNames", + "description": "Grants permission to return a paginated list of typed link facet names that exist in a schema", + "access_level": "Read", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_ListTypedLinkFacetNames.html" + }, + "LookupPolicy": { + "privilege": "LookupPolicy", + "description": "Grants permission to list all policies from the root of the Directory to the object specified", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_LookupPolicy.html" + }, + "PublishSchema": { + "privilege": "PublishSchema", + "description": "Grants permission to publish a development schema with a version", + "access_level": "Write", + "resource_types": { + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_PublishSchema.html" + }, + "PutSchemaFromJson": { + "privilege": "PutSchemaFromJson", + "description": "Grants permission to update a schema using JSON upload. Only available for development schemas", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_PutSchemaFromJson.html" + }, + "RemoveFacetFromObject": { + "privilege": "RemoveFacetFromObject", + "description": "Grants permission to remove the specified facet from the specified object", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_RemoveFacetFromObject.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UntagResource.html" + }, + "UpdateFacet": { + "privilege": "UpdateFacet", + "description": "Grants permission to add/update/delete existing Attributes, Rules, or ObjectType of a Facet", + "access_level": "Write", + "resource_types": { + "appliedSchema": { + "resource_type": "appliedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateFacet.html" + }, + "UpdateLinkAttributes": { + "privilege": "UpdateLinkAttributes", + "description": "Grants permission to update a given typed link\u2019s attributes. Attributes to be updated must not contribute to the typed link\u2019s identity, as defined by its IdentityAttributeOrder", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateLinkAttributes.html" + }, + "UpdateObjectAttributes": { + "privilege": "UpdateObjectAttributes", + "description": "Grants permission to update a given object's attributes", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateObjectAttributes.html" + }, + "UpdateSchema": { + "privilege": "UpdateSchema", + "description": "Grants permission to update the schema name with a new name", + "access_level": "Write", + "resource_types": { + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateSchema.html" + }, + "UpdateTypedLinkFacet": { + "privilege": "UpdateTypedLinkFacet", + "description": "Grants permission to add/update/delete existing Attributes, Rules, identity attribute order of a TypedLink Facet", + "access_level": "Write", + "resource_types": { + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "developmentschema": "developmentSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpdateTypedLinkFacet.html" + }, + "UpgradeAppliedSchema": { + "privilege": "UpgradeAppliedSchema", + "description": "Grants permission to upgrade a single directory in-place using the PublishedSchemaArn with schema updates found in MinorVersion. Backwards-compatible minor version upgrades are instantaneously available for readers on all objects in the directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpgradeAppliedSchema.html" + }, + "UpgradePublishedSchema": { + "privilege": "UpgradePublishedSchema", + "description": "Grants permission to upgrade a published schema under a new minor version revision using the current contents of DevelopmentSchemaArn", + "access_level": "Write", + "resource_types": { + "developmentSchema": { + "resource_type": "developmentSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "publishedSchema": { + "resource_type": "publishedSchema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "developmentschema": "developmentSchema", + "publishedschema": "publishedSchema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/APIReference/API_UpgradePublishedSchema.html" + } + }, + "privileges_lower_name": { + "addfacettoobject": "AddFacetToObject", + "applyschema": "ApplySchema", + "attachobject": "AttachObject", + "attachpolicy": "AttachPolicy", + "attachtoindex": "AttachToIndex", + "attachtypedlink": "AttachTypedLink", + "batchread": "BatchRead", + "batchwrite": "BatchWrite", + "createdirectory": "CreateDirectory", + "createfacet": "CreateFacet", + "createindex": "CreateIndex", + "createobject": "CreateObject", + "createschema": "CreateSchema", + "createtypedlinkfacet": "CreateTypedLinkFacet", + "deletedirectory": "DeleteDirectory", + "deletefacet": "DeleteFacet", + "deleteobject": "DeleteObject", + "deleteschema": "DeleteSchema", + "deletetypedlinkfacet": "DeleteTypedLinkFacet", + "detachfromindex": "DetachFromIndex", + "detachobject": "DetachObject", + "detachpolicy": "DetachPolicy", + "detachtypedlink": "DetachTypedLink", + "disabledirectory": "DisableDirectory", + "enabledirectory": "EnableDirectory", + "getappliedschemaversion": "GetAppliedSchemaVersion", + "getdirectory": "GetDirectory", + "getfacet": "GetFacet", + "getlinkattributes": "GetLinkAttributes", + "getobjectattributes": "GetObjectAttributes", + "getobjectinformation": "GetObjectInformation", + "getschemaasjson": "GetSchemaAsJson", + "gettypedlinkfacetinformation": "GetTypedLinkFacetInformation", + "listappliedschemaarns": "ListAppliedSchemaArns", + "listattachedindices": "ListAttachedIndices", + "listdevelopmentschemaarns": "ListDevelopmentSchemaArns", + "listdirectories": "ListDirectories", + "listfacetattributes": "ListFacetAttributes", + "listfacetnames": "ListFacetNames", + "listincomingtypedlinks": "ListIncomingTypedLinks", + "listindex": "ListIndex", + "listmanagedschemaarns": "ListManagedSchemaArns", + "listobjectattributes": "ListObjectAttributes", + "listobjectchildren": "ListObjectChildren", + "listobjectparentpaths": "ListObjectParentPaths", + "listobjectparents": "ListObjectParents", + "listobjectpolicies": "ListObjectPolicies", + "listoutgoingtypedlinks": "ListOutgoingTypedLinks", + "listpolicyattachments": "ListPolicyAttachments", + "listpublishedschemaarns": "ListPublishedSchemaArns", + "listtagsforresource": "ListTagsForResource", + "listtypedlinkfacetattributes": "ListTypedLinkFacetAttributes", + "listtypedlinkfacetnames": "ListTypedLinkFacetNames", + "lookuppolicy": "LookupPolicy", + "publishschema": "PublishSchema", + "putschemafromjson": "PutSchemaFromJson", + "removefacetfromobject": "RemoveFacetFromObject", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatefacet": "UpdateFacet", + "updatelinkattributes": "UpdateLinkAttributes", + "updateobjectattributes": "UpdateObjectAttributes", + "updateschema": "UpdateSchema", + "updatetypedlinkfacet": "UpdateTypedLinkFacet", + "upgradeappliedschema": "UpgradeAppliedSchema", + "upgradepublishedschema": "UpgradePublishedSchema" + }, + "resources": { + "appliedSchema": { + "resource": "appliedSchema", + "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:directory/${DirectoryId}/schema/${SchemaName}/${Version}", + "condition_keys": [] + }, + "developmentSchema": { + "resource": "developmentSchema", + "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:schema/development/${SchemaName}", + "condition_keys": [] + }, + "directory": { + "resource": "directory", + "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:directory/${DirectoryId}", + "condition_keys": [] + }, + "publishedSchema": { + "resource": "publishedSchema", + "arn": "arn:${Partition}:clouddirectory:${Region}:${Account}:schema/published/${SchemaName}/${Version}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "appliedschema": "appliedSchema", + "developmentschema": "developmentSchema", + "directory": "directory", + "publishedschema": "publishedSchema" + }, + "conditions": {} + }, + "cloudfront": { + "service_name": "Amazon CloudFront", + "prefix": "cloudfront", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudfront.html", + "privileges": { + "AssociateAlias": { + "privilege": "AssociateAlias", + "description": "Grants permission to associate an alias to a CloudFront distribution", + "access_level": "Write", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_AssociateAlias.html" + }, + "CopyDistribution": { + "privilege": "CopyDistribution", + "description": "Grants permission to copy an existing distribution and create a new web distribution", + "access_level": "Write", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudfront:CopyDistribution", + "cloudfront:CreateDistribution", + "cloudfront:GetDistribution" + ] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CopyDistribution.html" + }, + "CreateCachePolicy": { + "privilege": "CreateCachePolicy", + "description": "Grants permission to add a new cache policy to CloudFront", + "access_level": "Write", + "resource_types": { + "cache-policy": { + "resource_type": "cache-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cache-policy": "cache-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateCachePolicy.html" + }, + "CreateCloudFrontOriginAccessIdentity": { + "privilege": "CreateCloudFrontOriginAccessIdentity", + "description": "Grants permission to create a new CloudFront origin access identity", + "access_level": "Write", + "resource_types": { + "origin-access-identity": { + "resource_type": "origin-access-identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-identity": "origin-access-identity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateCloudFrontOriginAccessIdentity.html" + }, + "CreateContinuousDeploymentPolicy": { + "privilege": "CreateContinuousDeploymentPolicy", + "description": "Grants permission to add a new continuous-deployment policy to CloudFront", + "access_level": "Write", + "resource_types": { + "continuous-deployment-policy": { + "resource_type": "continuous-deployment-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "continuous-deployment-policy": "continuous-deployment-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateContinuousDeploymentPolicy.html" + }, + "CreateDistribution": { + "privilege": "CreateDistribution", + "description": "Grants permission to create a new web distribution", + "access_level": "Write", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html" + }, + "CreateFieldLevelEncryptionConfig": { + "privilege": "CreateFieldLevelEncryptionConfig", + "description": "Grants permission to create a new field-level encryption configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateFieldLevelEncryptionConfig.html" + }, + "CreateFieldLevelEncryptionProfile": { + "privilege": "CreateFieldLevelEncryptionProfile", + "description": "Grants permission to create a field-level encryption profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateFieldLevelEncryptionProfile.html" + }, + "CreateFunction": { + "privilege": "CreateFunction", + "description": "Grants permission to create a CloudFront function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateFunction.html" + }, + "CreateInvalidation": { + "privilege": "CreateInvalidation", + "description": "Grants permission to create a new invalidation batch request", + "access_level": "Write", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateInvalidation.html" + }, + "CreateKeyGroup": { + "privilege": "CreateKeyGroup", + "description": "Grants permission to add a new key group to CloudFront", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateKeyGroup.html" + }, + "CreateMonitoringSubscription": { + "privilege": "CreateMonitoringSubscription", + "description": "Grants permission to enable additional CloudWatch metrics for the specified CloudFront distribution. The additional metrics incur an additional cost", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateMonitoringSubscription.html" + }, + "CreateOriginAccessControl": { + "privilege": "CreateOriginAccessControl", + "description": "Grants permission to create a new origin access control", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateOriginAccessControl.html" + }, + "CreateOriginRequestPolicy": { + "privilege": "CreateOriginRequestPolicy", + "description": "Grants permission to add a new origin request policy to CloudFront", + "access_level": "Write", + "resource_types": { + "origin-request-policy": { + "resource_type": "origin-request-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-request-policy": "origin-request-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateOriginRequestPolicy.html" + }, + "CreatePublicKey": { + "privilege": "CreatePublicKey", + "description": "Grants permission to add a new public key to CloudFront", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreatePublicKey.html" + }, + "CreateRealtimeLogConfig": { + "privilege": "CreateRealtimeLogConfig", + "description": "Grants permission to create a real-time log configuration", + "access_level": "Write", + "resource_types": { + "realtime-log-config": { + "resource_type": "realtime-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "realtime-log-config": "realtime-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateRealtimeLogConfig.html" + }, + "CreateResponseHeadersPolicy": { + "privilege": "CreateResponseHeadersPolicy", + "description": "Grants permission to add a new response headers policy to CloudFront", + "access_level": "Write", + "resource_types": { + "response-headers-policy": { + "resource_type": "response-headers-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-headers-policy": "response-headers-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateResponseHeadersPolicy.html" + }, + "CreateSavingsPlan": { + "privilege": "CreateSavingsPlan", + "description": "Grants permission to create a new savings plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" + }, + "CreateStreamingDistribution": { + "privilege": "CreateStreamingDistribution", + "description": "Grants permission to create a new RTMP distribution", + "access_level": "Write", + "resource_types": { + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-distribution": "streaming-distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateStreamingDistribution.html" + }, + "CreateStreamingDistributionWithTags": { + "privilege": "CreateStreamingDistributionWithTags", + "description": "Grants permission to create a new RTMP distribution with tags", + "access_level": "Write", + "resource_types": { + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-distribution": "streaming-distribution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateStreamingDistributionWithTags.html" + }, + "DeleteCachePolicy": { + "privilege": "DeleteCachePolicy", + "description": "Grants permission to delete a cache policy", + "access_level": "Write", + "resource_types": { + "cache-policy": { + "resource_type": "cache-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cache-policy": "cache-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteCachePolicy.html" + }, + "DeleteCloudFrontOriginAccessIdentity": { + "privilege": "DeleteCloudFrontOriginAccessIdentity", + "description": "Grants permission to delete a CloudFront origin access identity", + "access_level": "Write", + "resource_types": { + "origin-access-identity": { + "resource_type": "origin-access-identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-identity": "origin-access-identity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteCloudFrontOriginAccessIdentity.html" + }, + "DeleteContinuousDeploymentPolicy": { + "privilege": "DeleteContinuousDeploymentPolicy", + "description": "Grants permission to delete a continuous-deployment policy", + "access_level": "Write", + "resource_types": { + "continuous-deployment-policy": { + "resource_type": "continuous-deployment-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "continuous-deployment-policy": "continuous-deployment-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteContinuousDeploymentPolicy.html" + }, + "DeleteDistribution": { + "privilege": "DeleteDistribution", + "description": "Grants permission to delete a web distribution", + "access_level": "Write", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteDistribution.html" + }, + "DeleteFieldLevelEncryptionConfig": { + "privilege": "DeleteFieldLevelEncryptionConfig", + "description": "Grants permission to delete a field-level encryption configuration", + "access_level": "Write", + "resource_types": { + "field-level-encryption-config": { + "resource_type": "field-level-encryption-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field-level-encryption-config": "field-level-encryption-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteFieldLevelEncryptionConfig.html" + }, + "DeleteFieldLevelEncryptionProfile": { + "privilege": "DeleteFieldLevelEncryptionProfile", + "description": "Grants permission to delete a field-level encryption profile", + "access_level": "Write", + "resource_types": { + "field-level-encryption-profile": { + "resource_type": "field-level-encryption-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field-level-encryption-profile": "field-level-encryption-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteFieldLevelEncryptionProfile.html" + }, + "DeleteFunction": { + "privilege": "DeleteFunction", + "description": "Grants permission to delete a CloudFront function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteFunction.html" + }, + "DeleteKeyGroup": { + "privilege": "DeleteKeyGroup", + "description": "Grants permission to delete a key group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteKeyGroup.html" + }, + "DeleteMonitoringSubscription": { + "privilege": "DeleteMonitoringSubscription", + "description": "Grants permission to disable additional CloudWatch metrics for the specified CloudFront distribution", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteMonitoringSubscription.html" + }, + "DeleteOriginAccessControl": { + "privilege": "DeleteOriginAccessControl", + "description": "Grants permission to delete an origin access control", + "access_level": "Write", + "resource_types": { + "origin-access-control": { + "resource_type": "origin-access-control", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-control": "origin-access-control" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteOriginAccessControl.html" + }, + "DeleteOriginRequestPolicy": { + "privilege": "DeleteOriginRequestPolicy", + "description": "Grants permission to delete an origin request policy", + "access_level": "Write", + "resource_types": { + "origin-request-policy": { + "resource_type": "origin-request-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-request-policy": "origin-request-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteOriginRequestPolicy.html" + }, + "DeletePublicKey": { + "privilege": "DeletePublicKey", + "description": "Grants permission to delete a public key from CloudFront", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeletePublicKey.html" + }, + "DeleteRealtimeLogConfig": { + "privilege": "DeleteRealtimeLogConfig", + "description": "Grants permission to delete a real-time log configuration", + "access_level": "Write", + "resource_types": { + "realtime-log-config": { + "resource_type": "realtime-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "realtime-log-config": "realtime-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteRealtimeLogConfig.html" + }, + "DeleteResponseHeadersPolicy": { + "privilege": "DeleteResponseHeadersPolicy", + "description": "Grants permission to delete a response headers policy", + "access_level": "Write", + "resource_types": { + "response-headers-policy": { + "resource_type": "response-headers-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-headers-policy": "response-headers-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteResponseHeadersPolicy.html" + }, + "DeleteStreamingDistribution": { + "privilege": "DeleteStreamingDistribution", + "description": "Grants permission to delete an RTMP distribution", + "access_level": "Write", + "resource_types": { + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-distribution": "streaming-distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DeleteStreamingDistribution.html" + }, + "DescribeFunction": { + "privilege": "DescribeFunction", + "description": "Grants permission to get a CloudFront function summary", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DescribeFunction.html" + }, + "GetCachePolicy": { + "privilege": "GetCachePolicy", + "description": "Grants permission to get the cache policy", + "access_level": "Read", + "resource_types": { + "cache-policy": { + "resource_type": "cache-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cache-policy": "cache-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCachePolicy.html" + }, + "GetCachePolicyConfig": { + "privilege": "GetCachePolicyConfig", + "description": "Grants permission to get the cache policy configuration", + "access_level": "Read", + "resource_types": { + "cache-policy": { + "resource_type": "cache-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cache-policy": "cache-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCachePolicyConfig.html" + }, + "GetCloudFrontOriginAccessIdentity": { + "privilege": "GetCloudFrontOriginAccessIdentity", + "description": "Grants permission to get the information about a CloudFront origin access identity", + "access_level": "Read", + "resource_types": { + "origin-access-identity": { + "resource_type": "origin-access-identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-identity": "origin-access-identity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCloudFrontOriginAccessIdentity.html" + }, + "GetCloudFrontOriginAccessIdentityConfig": { + "privilege": "GetCloudFrontOriginAccessIdentityConfig", + "description": "Grants permission to get the configuration information about a Cloudfront origin access identity", + "access_level": "Read", + "resource_types": { + "origin-access-identity": { + "resource_type": "origin-access-identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-identity": "origin-access-identity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetCloudFrontOriginAccessIdentityConfig.html" + }, + "GetContinuousDeploymentPolicy": { + "privilege": "GetContinuousDeploymentPolicy", + "description": "Grants permission to get the continuous-deployment policy", + "access_level": "Read", + "resource_types": { + "continuous-deployment-policy": { + "resource_type": "continuous-deployment-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "continuous-deployment-policy": "continuous-deployment-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetContinuousDeploymentPolicy.html" + }, + "GetContinuousDeploymentPolicyConfig": { + "privilege": "GetContinuousDeploymentPolicyConfig", + "description": "Grants permission to get the continuous-deployment policy configuration", + "access_level": "Read", + "resource_types": { + "continuous-deployment-policy": { + "resource_type": "continuous-deployment-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "continuous-deployment-policy": "continuous-deployment-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetContinuousDeploymentPolicyConfig.html" + }, + "GetDistribution": { + "privilege": "GetDistribution", + "description": "Grants permission to get the information about a web distribution", + "access_level": "Read", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistribution.html" + }, + "GetDistributionConfig": { + "privilege": "GetDistributionConfig", + "description": "Grants permission to get the configuration information about a distribution", + "access_level": "Read", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistributionConfig.html" + }, + "GetFieldLevelEncryption": { + "privilege": "GetFieldLevelEncryption", + "description": "Grants permission to get the field-level encryption configuration information", + "access_level": "Read", + "resource_types": { + "field-level-encryption-config": { + "resource_type": "field-level-encryption-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field-level-encryption-config": "field-level-encryption-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryption.html" + }, + "GetFieldLevelEncryptionConfig": { + "privilege": "GetFieldLevelEncryptionConfig", + "description": "Grants permission to get the field-level encryption configuration information", + "access_level": "Read", + "resource_types": { + "field-level-encryption-config": { + "resource_type": "field-level-encryption-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field-level-encryption-config": "field-level-encryption-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryptionConfig.html" + }, + "GetFieldLevelEncryptionProfile": { + "privilege": "GetFieldLevelEncryptionProfile", + "description": "Grants permission to get the field-level encryption configuration information", + "access_level": "Read", + "resource_types": { + "field-level-encryption-profile": { + "resource_type": "field-level-encryption-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field-level-encryption-profile": "field-level-encryption-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryptionProfile.html" + }, + "GetFieldLevelEncryptionProfileConfig": { + "privilege": "GetFieldLevelEncryptionProfileConfig", + "description": "Grants permission to get the field-level encryption profile configuration information", + "access_level": "Read", + "resource_types": { + "field-level-encryption-profile": { + "resource_type": "field-level-encryption-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field-level-encryption-profile": "field-level-encryption-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFieldLevelEncryptionProfileConfig.html" + }, + "GetFunction": { + "privilege": "GetFunction", + "description": "Grants permission to get a CloudFront function's code", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetFunction.html" + }, + "GetInvalidation": { + "privilege": "GetInvalidation", + "description": "Grants permission to get the information about an invalidation", + "access_level": "Read", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetInvalidation.html" + }, + "GetKeyGroup": { + "privilege": "GetKeyGroup", + "description": "Grants permission to get a key group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetKeyGroup.html" + }, + "GetKeyGroupConfig": { + "privilege": "GetKeyGroupConfig", + "description": "Grants permission to get a key group configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetKeyGroupConfig.html" + }, + "GetMonitoringSubscription": { + "privilege": "GetMonitoringSubscription", + "description": "Grants permission to get information about whether additional CloudWatch metrics are enabled for the specified CloudFront distribution", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetMonitoringSubscription.html" + }, + "GetOriginAccessControl": { + "privilege": "GetOriginAccessControl", + "description": "Grants permission to get the origin access control", + "access_level": "Read", + "resource_types": { + "origin-access-control": { + "resource_type": "origin-access-control", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-control": "origin-access-control" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginAccessControl.html" + }, + "GetOriginAccessControlConfig": { + "privilege": "GetOriginAccessControlConfig", + "description": "Grants permission to get the origin access control configuration", + "access_level": "Read", + "resource_types": { + "origin-access-control": { + "resource_type": "origin-access-control", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-control": "origin-access-control" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginAccessControlConfig.html" + }, + "GetOriginRequestPolicy": { + "privilege": "GetOriginRequestPolicy", + "description": "Grants permission to get the origin request policy", + "access_level": "Read", + "resource_types": { + "origin-request-policy": { + "resource_type": "origin-request-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-request-policy": "origin-request-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginRequestPolicy.html" + }, + "GetOriginRequestPolicyConfig": { + "privilege": "GetOriginRequestPolicyConfig", + "description": "Grants permission to get the origin request policy configuration", + "access_level": "Read", + "resource_types": { + "origin-request-policy": { + "resource_type": "origin-request-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-request-policy": "origin-request-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetOriginRequestPolicyConfig.html" + }, + "GetPublicKey": { + "privilege": "GetPublicKey", + "description": "Grants permission to get the public key information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetPublicKey.html" + }, + "GetPublicKeyConfig": { + "privilege": "GetPublicKeyConfig", + "description": "Grants permission to get the public key configuration information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetPublicKeyConfig.html" + }, + "GetRealtimeLogConfig": { + "privilege": "GetRealtimeLogConfig", + "description": "Grants permission to get a real-time log configuration", + "access_level": "Read", + "resource_types": { + "realtime-log-config": { + "resource_type": "realtime-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "realtime-log-config": "realtime-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetRealtimeLogConfig.html" + }, + "GetResponseHeadersPolicy": { + "privilege": "GetResponseHeadersPolicy", + "description": "Grants permission to get the response headers policy", + "access_level": "Read", + "resource_types": { + "response-headers-policy": { + "resource_type": "response-headers-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-headers-policy": "response-headers-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetResponseHeadersPolicy.html" + }, + "GetResponseHeadersPolicyConfig": { + "privilege": "GetResponseHeadersPolicyConfig", + "description": "Grants permission to get the response headers policy configuration", + "access_level": "Read", + "resource_types": { + "response-headers-policy": { + "resource_type": "response-headers-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-headers-policy": "response-headers-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetResponseHeadersPolicyConfig.html" + }, + "GetSavingsPlan": { + "privilege": "GetSavingsPlan", + "description": "Grants permission to get a savings plan", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" + }, + "GetStreamingDistribution": { + "privilege": "GetStreamingDistribution", + "description": "Grants permission to get the information about an RTMP distribution", + "access_level": "Read", + "resource_types": { + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-distribution": "streaming-distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetStreamingDistribution.html" + }, + "GetStreamingDistributionConfig": { + "privilege": "GetStreamingDistributionConfig", + "description": "Grants permission to get the configuration information about a streaming distribution", + "access_level": "Read", + "resource_types": { + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-distribution": "streaming-distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetStreamingDistributionConfig.html" + }, + "ListCachePolicies": { + "privilege": "ListCachePolicies", + "description": "Grants permission to list all cache policies that have been created in CloudFront for this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListCachePolicies.html" + }, + "ListCloudFrontOriginAccessIdentities": { + "privilege": "ListCloudFrontOriginAccessIdentities", + "description": "Grants permission to list your CloudFront origin access identities", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListCloudFrontOriginAccessIdentities.html" + }, + "ListConflictingAliases": { + "privilege": "ListConflictingAliases", + "description": "Grants permission to list all aliases that conflict with the given alias in CloudFront", + "access_level": "List", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListConflictingAliases.html" + }, + "ListContinuousDeploymentPolicies": { + "privilege": "ListContinuousDeploymentPolicies", + "description": "Grants permission to list all continuous-deployment policies in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListContinuousDeploymentPolicies.html" + }, + "ListDistributions": { + "privilege": "ListDistributions", + "description": "Grants permission to list the distributions associated with your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributions.html" + }, + "ListDistributionsByCachePolicyId": { + "privilege": "ListDistributionsByCachePolicyId", + "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified cache policy", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByCachePolicyId.html" + }, + "ListDistributionsByKeyGroup": { + "privilege": "ListDistributionsByKeyGroup", + "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified key group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByKeyGroup.html" + }, + "ListDistributionsByLambdaFunction": { + "privilege": "ListDistributionsByLambdaFunction", + "description": "Grants permission to list the distributions associated a Lambda function", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" + }, + "ListDistributionsByOriginRequestPolicyId": { + "privilege": "ListDistributionsByOriginRequestPolicyId", + "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified origin request policy", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByOriginRequestPolicyId.html" + }, + "ListDistributionsByRealtimeLogConfig": { + "privilege": "ListDistributionsByRealtimeLogConfig", + "description": "Grants permission to get a list of distributions that have a cache behavior that\u2019s associated with the specified real-time log configuration", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByRealtimeLogConfig.html" + }, + "ListDistributionsByResponseHeadersPolicyId": { + "privilege": "ListDistributionsByResponseHeadersPolicyId", + "description": "Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified response headers policy", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByResponseHeadersPolicyId.html" + }, + "ListDistributionsByWebACLId": { + "privilege": "ListDistributionsByWebACLId", + "description": "Grants permission to list the distributions associated with your AWS account with given AWS WAF web ACL", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDistributionsByWebACLId.html" + }, + "ListFieldLevelEncryptionConfigs": { + "privilege": "ListFieldLevelEncryptionConfigs", + "description": "Grants permission to list all field-level encryption configurations that have been created in CloudFront for this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListFieldLevelEncryptionConfigs.html" + }, + "ListFieldLevelEncryptionProfiles": { + "privilege": "ListFieldLevelEncryptionProfiles", + "description": "Grants permission to list all field-level encryption profiles that have been created in CloudFront for this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListFieldLevelEncryptionProfiles.html" + }, + "ListFunctions": { + "privilege": "ListFunctions", + "description": "Grants permission to get a list of CloudFront functions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListFunctions.html" + }, + "ListInvalidations": { + "privilege": "ListInvalidations", + "description": "Grants permission to list your invalidation batches", + "access_level": "List", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListInvalidations.html" + }, + "ListKeyGroups": { + "privilege": "ListKeyGroups", + "description": "Grants permission to list all key groups that have been created in CloudFront for this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListKeyGroups.html" + }, + "ListOriginAccessControls": { + "privilege": "ListOriginAccessControls", + "description": "Grants permission to list all origin access controls in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListOriginAccessControls.html" + }, + "ListOriginRequestPolicies": { + "privilege": "ListOriginRequestPolicies", + "description": "Grants permission to list all origin request policies that have been created in CloudFront for this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListOriginRequestPolicies.html" + }, + "ListPublicKeys": { + "privilege": "ListPublicKeys", + "description": "Grants permission to list all public keys that have been added to CloudFront for this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListPublicKeys.html" + }, + "ListRateCards": { + "privilege": "ListRateCards", + "description": "Grants permission to list CloudFront rate cards for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" + }, + "ListRealtimeLogConfigs": { + "privilege": "ListRealtimeLogConfigs", + "description": "Grants permission to get a list of real-time log configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListRealtimeLogConfigs.html" + }, + "ListResponseHeadersPolicies": { + "privilege": "ListResponseHeadersPolicies", + "description": "Grants permission to list all response headers policies that have been created in CloudFront for this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListResponseHeadersPolicies.html" + }, + "ListSavingsPlans": { + "privilege": "ListSavingsPlans", + "description": "Grants permission to list savings plans in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" + }, + "ListStreamingDistributions": { + "privilege": "ListStreamingDistributions", + "description": "Grants permission to list your RTMP distributions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListStreamingDistributions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a CloudFront resource", + "access_level": "Read", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListTagsForResource.html" + }, + "ListUsages": { + "privilege": "ListUsages", + "description": "Grants permission to list CloudFront usage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" + }, + "PublishFunction": { + "privilege": "PublishFunction", + "description": "Grants permission to publish a CloudFront function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_PublishFunction.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a CloudFront resource", + "access_level": "Tagging", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution", + "streaming-distribution": "streaming-distribution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_TagResource.html" + }, + "TestFunction": { + "privilege": "TestFunction", + "description": "Grants permission to test a CloudFront function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_TestFunction.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a CloudFront resource", + "access_level": "Tagging", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution", + "streaming-distribution": "streaming-distribution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UntagResource.html" + }, + "UpdateCachePolicy": { + "privilege": "UpdateCachePolicy", + "description": "Grants permission to update a cache policy", + "access_level": "Write", + "resource_types": { + "cache-policy": { + "resource_type": "cache-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cache-policy": "cache-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateCachePolicy.html" + }, + "UpdateCloudFrontOriginAccessIdentity": { + "privilege": "UpdateCloudFrontOriginAccessIdentity", + "description": "Grants permission to set the configuration for a CloudFront origin access identity", + "access_level": "Write", + "resource_types": { + "origin-access-identity": { + "resource_type": "origin-access-identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-identity": "origin-access-identity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateCloudFrontOriginAccessIdentity.html" + }, + "UpdateContinuousDeploymentPolicy": { + "privilege": "UpdateContinuousDeploymentPolicy", + "description": "Grants permission to update a continuous-deployment policy", + "access_level": "Write", + "resource_types": { + "continuous-deployment-policy": { + "resource_type": "continuous-deployment-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "continuous-deployment-policy": "continuous-deployment-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateContinuousDeploymentPolicy.html" + }, + "UpdateDistribution": { + "privilege": "UpdateDistribution", + "description": "Grants permission to update the configuration for a web distribution", + "access_level": "Write", + "resource_types": { + "distribution": { + "resource_type": "distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html" + }, + "UpdateFieldLevelEncryptionConfig": { + "privilege": "UpdateFieldLevelEncryptionConfig", + "description": "Grants permission to update a field-level encryption configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateFieldLevelEncryptionConfig.html" + }, + "UpdateFieldLevelEncryptionProfile": { + "privilege": "UpdateFieldLevelEncryptionProfile", + "description": "Grants permission to update a field-level encryption profile", + "access_level": "Write", + "resource_types": { + "field-level-encryption-profile": { + "resource_type": "field-level-encryption-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field-level-encryption-profile": "field-level-encryption-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateFieldLevelEncryptionProfile.html" + }, + "UpdateFunction": { + "privilege": "UpdateFunction", + "description": "Grants permission to update a CloudFront function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateFunction.html" + }, + "UpdateKeyGroup": { + "privilege": "UpdateKeyGroup", + "description": "Grants permission to update a key group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateKeyGroup.html" + }, + "UpdateOriginAccessControl": { + "privilege": "UpdateOriginAccessControl", + "description": "Grants permission to update an origin access control", + "access_level": "Write", + "resource_types": { + "origin-access-control": { + "resource_type": "origin-access-control", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-access-control": "origin-access-control" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateOriginAccessControl.html" + }, + "UpdateOriginRequestPolicy": { + "privilege": "UpdateOriginRequestPolicy", + "description": "Grants permission to update an origin request policy", + "access_level": "Write", + "resource_types": { + "origin-request-policy": { + "resource_type": "origin-request-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin-request-policy": "origin-request-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateOriginRequestPolicy.html" + }, + "UpdatePublicKey": { + "privilege": "UpdatePublicKey", + "description": "Grants permission to update public key information", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdatePublicKey.html" + }, + "UpdateRealtimeLogConfig": { + "privilege": "UpdateRealtimeLogConfig", + "description": "Grants permission to update a real-time log configuration", + "access_level": "Write", + "resource_types": { + "realtime-log-config": { + "resource_type": "realtime-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "realtime-log-config": "realtime-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateRealtimeLogConfig.html" + }, + "UpdateResponseHeadersPolicy": { + "privilege": "UpdateResponseHeadersPolicy", + "description": "Grants permission to update a response headers policy", + "access_level": "Write", + "resource_types": { + "response-headers-policy": { + "resource_type": "response-headers-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-headers-policy": "response-headers-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateResponseHeadersPolicy.html" + }, + "UpdateSavingsPlan": { + "privilege": "UpdateSavingsPlan", + "description": "Grants permission to update a savings plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html" + }, + "UpdateStreamingDistribution": { + "privilege": "UpdateStreamingDistribution", + "description": "Grants permission to update the configuration for an RTMP distribution", + "access_level": "Write", + "resource_types": { + "streaming-distribution": { + "resource_type": "streaming-distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-distribution": "streaming-distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateStreamingDistribution.html" + } + }, + "privileges_lower_name": { + "associatealias": "AssociateAlias", + "copydistribution": "CopyDistribution", + "createcachepolicy": "CreateCachePolicy", + "createcloudfrontoriginaccessidentity": "CreateCloudFrontOriginAccessIdentity", + "createcontinuousdeploymentpolicy": "CreateContinuousDeploymentPolicy", + "createdistribution": "CreateDistribution", + "createfieldlevelencryptionconfig": "CreateFieldLevelEncryptionConfig", + "createfieldlevelencryptionprofile": "CreateFieldLevelEncryptionProfile", + "createfunction": "CreateFunction", + "createinvalidation": "CreateInvalidation", + "createkeygroup": "CreateKeyGroup", + "createmonitoringsubscription": "CreateMonitoringSubscription", + "createoriginaccesscontrol": "CreateOriginAccessControl", + "createoriginrequestpolicy": "CreateOriginRequestPolicy", + "createpublickey": "CreatePublicKey", + "createrealtimelogconfig": "CreateRealtimeLogConfig", + "createresponseheaderspolicy": "CreateResponseHeadersPolicy", + "createsavingsplan": "CreateSavingsPlan", + "createstreamingdistribution": "CreateStreamingDistribution", + "createstreamingdistributionwithtags": "CreateStreamingDistributionWithTags", + "deletecachepolicy": "DeleteCachePolicy", + "deletecloudfrontoriginaccessidentity": "DeleteCloudFrontOriginAccessIdentity", + "deletecontinuousdeploymentpolicy": "DeleteContinuousDeploymentPolicy", + "deletedistribution": "DeleteDistribution", + "deletefieldlevelencryptionconfig": "DeleteFieldLevelEncryptionConfig", + "deletefieldlevelencryptionprofile": "DeleteFieldLevelEncryptionProfile", + "deletefunction": "DeleteFunction", + "deletekeygroup": "DeleteKeyGroup", + "deletemonitoringsubscription": "DeleteMonitoringSubscription", + "deleteoriginaccesscontrol": "DeleteOriginAccessControl", + "deleteoriginrequestpolicy": "DeleteOriginRequestPolicy", + "deletepublickey": "DeletePublicKey", + "deleterealtimelogconfig": "DeleteRealtimeLogConfig", + "deleteresponseheaderspolicy": "DeleteResponseHeadersPolicy", + "deletestreamingdistribution": "DeleteStreamingDistribution", + "describefunction": "DescribeFunction", + "getcachepolicy": "GetCachePolicy", + "getcachepolicyconfig": "GetCachePolicyConfig", + "getcloudfrontoriginaccessidentity": "GetCloudFrontOriginAccessIdentity", + "getcloudfrontoriginaccessidentityconfig": "GetCloudFrontOriginAccessIdentityConfig", + "getcontinuousdeploymentpolicy": "GetContinuousDeploymentPolicy", + "getcontinuousdeploymentpolicyconfig": "GetContinuousDeploymentPolicyConfig", + "getdistribution": "GetDistribution", + "getdistributionconfig": "GetDistributionConfig", + "getfieldlevelencryption": "GetFieldLevelEncryption", + "getfieldlevelencryptionconfig": "GetFieldLevelEncryptionConfig", + "getfieldlevelencryptionprofile": "GetFieldLevelEncryptionProfile", + "getfieldlevelencryptionprofileconfig": "GetFieldLevelEncryptionProfileConfig", + "getfunction": "GetFunction", + "getinvalidation": "GetInvalidation", + "getkeygroup": "GetKeyGroup", + "getkeygroupconfig": "GetKeyGroupConfig", + "getmonitoringsubscription": "GetMonitoringSubscription", + "getoriginaccesscontrol": "GetOriginAccessControl", + "getoriginaccesscontrolconfig": "GetOriginAccessControlConfig", + "getoriginrequestpolicy": "GetOriginRequestPolicy", + "getoriginrequestpolicyconfig": "GetOriginRequestPolicyConfig", + "getpublickey": "GetPublicKey", + "getpublickeyconfig": "GetPublicKeyConfig", + "getrealtimelogconfig": "GetRealtimeLogConfig", + "getresponseheaderspolicy": "GetResponseHeadersPolicy", + "getresponseheaderspolicyconfig": "GetResponseHeadersPolicyConfig", + "getsavingsplan": "GetSavingsPlan", + "getstreamingdistribution": "GetStreamingDistribution", + "getstreamingdistributionconfig": "GetStreamingDistributionConfig", + "listcachepolicies": "ListCachePolicies", + "listcloudfrontoriginaccessidentities": "ListCloudFrontOriginAccessIdentities", + "listconflictingaliases": "ListConflictingAliases", + "listcontinuousdeploymentpolicies": "ListContinuousDeploymentPolicies", + "listdistributions": "ListDistributions", + "listdistributionsbycachepolicyid": "ListDistributionsByCachePolicyId", + "listdistributionsbykeygroup": "ListDistributionsByKeyGroup", + "listdistributionsbylambdafunction": "ListDistributionsByLambdaFunction", + "listdistributionsbyoriginrequestpolicyid": "ListDistributionsByOriginRequestPolicyId", + "listdistributionsbyrealtimelogconfig": "ListDistributionsByRealtimeLogConfig", + "listdistributionsbyresponseheaderspolicyid": "ListDistributionsByResponseHeadersPolicyId", + "listdistributionsbywebaclid": "ListDistributionsByWebACLId", + "listfieldlevelencryptionconfigs": "ListFieldLevelEncryptionConfigs", + "listfieldlevelencryptionprofiles": "ListFieldLevelEncryptionProfiles", + "listfunctions": "ListFunctions", + "listinvalidations": "ListInvalidations", + "listkeygroups": "ListKeyGroups", + "listoriginaccesscontrols": "ListOriginAccessControls", + "listoriginrequestpolicies": "ListOriginRequestPolicies", + "listpublickeys": "ListPublicKeys", + "listratecards": "ListRateCards", + "listrealtimelogconfigs": "ListRealtimeLogConfigs", + "listresponseheaderspolicies": "ListResponseHeadersPolicies", + "listsavingsplans": "ListSavingsPlans", + "liststreamingdistributions": "ListStreamingDistributions", + "listtagsforresource": "ListTagsForResource", + "listusages": "ListUsages", + "publishfunction": "PublishFunction", + "tagresource": "TagResource", + "testfunction": "TestFunction", + "untagresource": "UntagResource", + "updatecachepolicy": "UpdateCachePolicy", + "updatecloudfrontoriginaccessidentity": "UpdateCloudFrontOriginAccessIdentity", + "updatecontinuousdeploymentpolicy": "UpdateContinuousDeploymentPolicy", + "updatedistribution": "UpdateDistribution", + "updatefieldlevelencryptionconfig": "UpdateFieldLevelEncryptionConfig", + "updatefieldlevelencryptionprofile": "UpdateFieldLevelEncryptionProfile", + "updatefunction": "UpdateFunction", + "updatekeygroup": "UpdateKeyGroup", + "updateoriginaccesscontrol": "UpdateOriginAccessControl", + "updateoriginrequestpolicy": "UpdateOriginRequestPolicy", + "updatepublickey": "UpdatePublicKey", + "updaterealtimelogconfig": "UpdateRealtimeLogConfig", + "updateresponseheaderspolicy": "UpdateResponseHeadersPolicy", + "updatesavingsplan": "UpdateSavingsPlan", + "updatestreamingdistribution": "UpdateStreamingDistribution" + }, + "resources": { + "distribution": { + "resource": "distribution", + "arn": "arn:${Partition}:cloudfront::${Account}:distribution/${DistributionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "streaming-distribution": { + "resource": "streaming-distribution", + "arn": "arn:${Partition}:cloudfront::${Account}:streaming-distribution/${DistributionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "origin-access-identity": { + "resource": "origin-access-identity", + "arn": "arn:${Partition}:cloudfront::${Account}:origin-access-identity/${Id}", + "condition_keys": [] + }, + "field-level-encryption-config": { + "resource": "field-level-encryption-config", + "arn": "arn:${Partition}:cloudfront::${Account}:field-level-encryption-config/${Id}", + "condition_keys": [] + }, + "field-level-encryption-profile": { + "resource": "field-level-encryption-profile", + "arn": "arn:${Partition}:cloudfront::${Account}:field-level-encryption-profile/${Id}", + "condition_keys": [] + }, + "cache-policy": { + "resource": "cache-policy", + "arn": "arn:${Partition}:cloudfront::${Account}:cache-policy/${Id}", + "condition_keys": [] + }, + "origin-request-policy": { + "resource": "origin-request-policy", + "arn": "arn:${Partition}:cloudfront::${Account}:origin-request-policy/${Id}", + "condition_keys": [] + }, + "realtime-log-config": { + "resource": "realtime-log-config", + "arn": "arn:${Partition}:cloudfront::${Account}:realtime-log-config/${Name}", + "condition_keys": [] + }, + "function": { + "resource": "function", + "arn": "arn:${Partition}:cloudfront::${Account}:function/${Name}", + "condition_keys": [] + }, + "response-headers-policy": { + "resource": "response-headers-policy", + "arn": "arn:${Partition}:cloudfront::${Account}:response-headers-policy/${Id}", + "condition_keys": [] + }, + "origin-access-control": { + "resource": "origin-access-control", + "arn": "arn:${Partition}:cloudfront::${Account}:origin-access-control/${Id}", + "condition_keys": [] + }, + "continuous-deployment-policy": { + "resource": "continuous-deployment-policy", + "arn": "arn:${Partition}:cloudfront::${Account}:continuous-deployment-policy/${Id}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "distribution": "distribution", + "streaming-distribution": "streaming-distribution", + "origin-access-identity": "origin-access-identity", + "field-level-encryption-config": "field-level-encryption-config", + "field-level-encryption-profile": "field-level-encryption-profile", + "cache-policy": "cache-policy", + "origin-request-policy": "origin-request-policy", + "realtime-log-config": "realtime-log-config", + "function": "function", + "response-headers-policy": "response-headers-policy", + "origin-access-control": "origin-access-control", + "continuous-deployment-policy": "continuous-deployment-policy" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "cloudsearch": { + "service_name": "Amazon CloudSearch", + "prefix": "cloudsearch", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudsearch.html", + "privileges": { + "AddTags": { + "privilege": "AddTags", + "description": "Attaches resource tags to an Amazon CloudSearch domain", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_AddTags.html" + }, + "BuildSuggesters": { + "privilege": "BuildSuggesters", + "description": "Indexes the search suggestions", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_BuildSuggesters.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Creates a new search domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_CreateDomain.html" + }, + "DefineAnalysisScheme": { + "privilege": "DefineAnalysisScheme", + "description": "Configures an analysis scheme that can be applied to a text or text-array field to define language-specific text processing options", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineAnalysisScheme.html" + }, + "DefineExpression": { + "privilege": "DefineExpression", + "description": "Configures an Expression for the search domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineExpression.html" + }, + "DefineIndexField": { + "privilege": "DefineIndexField", + "description": "Configures an IndexField for the search domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineIndexField.html" + }, + "DefineSuggester": { + "privilege": "DefineSuggester", + "description": "Configures a suggester for a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DefineSuggester.html" + }, + "DeleteAnalysisScheme": { + "privilege": "DeleteAnalysisScheme", + "description": "Deletes an analysis scheme", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteAnalysisScheme.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Permanently deletes a search domain and all of its data", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteDomain.html" + }, + "DeleteExpression": { + "privilege": "DeleteExpression", + "description": "Removes an Expression from the search domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteExpression.html" + }, + "DeleteIndexField": { + "privilege": "DeleteIndexField", + "description": "Removes an IndexField from the search domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteIndexField.html" + }, + "DeleteSuggester": { + "privilege": "DeleteSuggester", + "description": "Deletes a suggester", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DeleteSuggester.html" + }, + "DescribeAnalysisSchemes": { + "privilege": "DescribeAnalysisSchemes", + "description": "Gets the analysis schemes configured for a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeAnalysisSchemes.html" + }, + "DescribeAvailabilityOptions": { + "privilege": "DescribeAvailabilityOptions", + "description": "Gets the availability options configured for a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeAvailabilityOptions.html" + }, + "DescribeDomainEndpointOptions": { + "privilege": "DescribeDomainEndpointOptions", + "description": "Gets the domain endpoint options configured for a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeDomainEndpointOptions.html" + }, + "DescribeDomains": { + "privilege": "DescribeDomains", + "description": "Gets information about the search domains owned by this account", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeDomains.html" + }, + "DescribeExpressions": { + "privilege": "DescribeExpressions", + "description": "Gets the expressions configured for the search domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeExpressions.html" + }, + "DescribeIndexFields": { + "privilege": "DescribeIndexFields", + "description": "Gets information about the index fields configured for the search domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeIndexFields.html" + }, + "DescribeScalingParameters": { + "privilege": "DescribeScalingParameters", + "description": "Gets the scaling parameters configured for a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeScalingParameters.html" + }, + "DescribeServiceAccessPolicies": { + "privilege": "DescribeServiceAccessPolicies", + "description": "Gets information about the access policies that control access to the domain's document and search endpoints", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeServiceAccessPolicies.html" + }, + "DescribeSuggesters": { + "privilege": "DescribeSuggesters", + "description": "Gets the suggesters configured for a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DescribeSuggesters.html" + }, + "IndexDocuments": { + "privilege": "IndexDocuments", + "description": "Tells the search domain to start indexing its documents using the latest indexing options", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_IndexDocuments.html" + }, + "ListDomainNames": { + "privilege": "ListDomainNames", + "description": "Lists all search domains owned by an account", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_ListDomainNames.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Displays all of the resource tags for an Amazon CloudSearch domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_ListTags.html" + }, + "RemoveTags": { + "privilege": "RemoveTags", + "description": "Removes the specified resource tags from an Amazon ES domain", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_RemoveTags.html" + }, + "UpdateAvailabilityOptions": { + "privilege": "UpdateAvailabilityOptions", + "description": "Configures the availability options for a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateAvailabilityOptions.html" + }, + "UpdateDomainEndpointOptions": { + "privilege": "UpdateDomainEndpointOptions", + "description": "Configures the domain endpoint options for a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateDomainEndpointOptions.html" + }, + "UpdateScalingParameters": { + "privilege": "UpdateScalingParameters", + "description": "Configures scaling parameters for a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateScalingParameters.html" + }, + "UpdateServiceAccessPolicies": { + "privilege": "UpdateServiceAccessPolicies", + "description": "Configures the access rules that control access to the domain's document and search endpoints", + "access_level": "Permissions management", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_UpdateServiceAccessPolicies.html" + }, + "document": { + "privilege": "document", + "description": "Allows access to the document service operations", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html#cloudsearch-actions" + }, + "search": { + "privilege": "search", + "description": "Allows access to the search operations", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html#cloudsearch-actions" + }, + "suggest": { + "privilege": "suggest", + "description": "Allows access to the suggest operations", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html#cloudsearch-actions" + } + }, + "privileges_lower_name": { + "addtags": "AddTags", + "buildsuggesters": "BuildSuggesters", + "createdomain": "CreateDomain", + "defineanalysisscheme": "DefineAnalysisScheme", + "defineexpression": "DefineExpression", + "defineindexfield": "DefineIndexField", + "definesuggester": "DefineSuggester", + "deleteanalysisscheme": "DeleteAnalysisScheme", + "deletedomain": "DeleteDomain", + "deleteexpression": "DeleteExpression", + "deleteindexfield": "DeleteIndexField", + "deletesuggester": "DeleteSuggester", + "describeanalysisschemes": "DescribeAnalysisSchemes", + "describeavailabilityoptions": "DescribeAvailabilityOptions", + "describedomainendpointoptions": "DescribeDomainEndpointOptions", + "describedomains": "DescribeDomains", + "describeexpressions": "DescribeExpressions", + "describeindexfields": "DescribeIndexFields", + "describescalingparameters": "DescribeScalingParameters", + "describeserviceaccesspolicies": "DescribeServiceAccessPolicies", + "describesuggesters": "DescribeSuggesters", + "indexdocuments": "IndexDocuments", + "listdomainnames": "ListDomainNames", + "listtags": "ListTags", + "removetags": "RemoveTags", + "updateavailabilityoptions": "UpdateAvailabilityOptions", + "updatedomainendpointoptions": "UpdateDomainEndpointOptions", + "updatescalingparameters": "UpdateScalingParameters", + "updateserviceaccesspolicies": "UpdateServiceAccessPolicies", + "document": "document", + "search": "search", + "suggest": "suggest" + }, + "resources": { + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:cloudsearch:${Region}:${Account}:domain/${DomainName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "domain": "domain" + }, + "conditions": {} + }, + "cloudwatch": { + "service_name": "Amazon CloudWatch", + "prefix": "cloudwatch", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatch.html", + "privileges": { + "DeleteAlarms": { + "privilege": "DeleteAlarms", + "description": "Grants permission to delete a collection of alarms", + "access_level": "Write", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteAlarms.html" + }, + "DeleteAnomalyDetector": { + "privilege": "DeleteAnomalyDetector", + "description": "Grants permission to delete the specified anomaly detection model from your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteAnomalyDetector.html" + }, + "DeleteDashboards": { + "privilege": "DeleteDashboards", + "description": "Grants permission to delete all CloudWatch dashboards that you specify", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteDashboards.html" + }, + "DeleteInsightRules": { + "privilege": "DeleteInsightRules", + "description": "Grants permission to delete a collection of insight rules", + "access_level": "Write", + "resource_types": { + "insight-rule": { + "resource_type": "insight-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "insight-rule": "insight-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteInsightRules.html" + }, + "DeleteMetricStream": { + "privilege": "DeleteMetricStream", + "description": "Grants permission to delete the CloudWatch metric stream that you specify", + "access_level": "Write", + "resource_types": { + "metric-stream": { + "resource_type": "metric-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-stream": "metric-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DeleteMetricStream.html" + }, + "DescribeAlarmHistory": { + "privilege": "DescribeAlarmHistory", + "description": "Grants permission to retrieve the history for the specified alarm", + "access_level": "Read", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAlarmHistory.html" + }, + "DescribeAlarms": { + "privilege": "DescribeAlarms", + "description": "Grants permission to describe all alarms, currently owned by the user's account", + "access_level": "Read", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAlarms.html" + }, + "DescribeAlarmsForMetric": { + "privilege": "DescribeAlarmsForMetric", + "description": "Grants permission to describe all alarms configured on the specified metric, currently owned by the user's account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAlarmsForMetric.html" + }, + "DescribeAnomalyDetectors": { + "privilege": "DescribeAnomalyDetectors", + "description": "Grants permission to list the anomaly detection models that you have created in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAnomalyDetectors.html" + }, + "DescribeInsightRules": { + "privilege": "DescribeInsightRules", + "description": "Grants permission to describe all insight rules, currently owned by the user's account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeInsightRules.html" + }, + "DisableAlarmActions": { + "privilege": "DisableAlarmActions", + "description": "Grants permission to disable actions for a collection of alarms", + "access_level": "Write", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DisableAlarmActions.html" + }, + "DisableInsightRules": { + "privilege": "DisableInsightRules", + "description": "Grants permission to disable a collection of insight rules", + "access_level": "Write", + "resource_types": { + "insight-rule": { + "resource_type": "insight-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "insight-rule": "insight-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DisableInsightRules.html" + }, + "EnableAlarmActions": { + "privilege": "EnableAlarmActions", + "description": "Grants permission to enable actions for a collection of alarms", + "access_level": "Write", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_EnableAlarmActions.html" + }, + "EnableInsightRules": { + "privilege": "EnableInsightRules", + "description": "Grants permission to enable a collection of insight rules", + "access_level": "Write", + "resource_types": { + "insight-rule": { + "resource_type": "insight-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "insight-rule": "insight-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_EnableInsightRules.html" + }, + "GetDashboard": { + "privilege": "GetDashboard", + "description": "Grants permission to display the details of the CloudWatch dashboard you specify", + "access_level": "Read", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetDashboard.html" + }, + "GetInsightRuleReport": { + "privilege": "GetInsightRuleReport", + "description": "Grants permission to return the top-N report of unique contributors over a time range for a given insight rule", + "access_level": "Read", + "resource_types": { + "insight-rule": { + "resource_type": "insight-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "insight-rule": "insight-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetInsightRuleReport.html" + }, + "GetMetricData": { + "privilege": "GetMetricData", + "description": "Grants permission to retrieve batch amounts of CloudWatch metric data and perform metric math on retrieved data", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricData.html" + }, + "GetMetricStatistics": { + "privilege": "GetMetricStatistics", + "description": "Grants permission to retrieve statistics for the specified metric", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStatistics.html" + }, + "GetMetricStream": { + "privilege": "GetMetricStream", + "description": "Grants permission to return the details of a CloudWatch metric stream", + "access_level": "Read", + "resource_types": { + "metric-stream": { + "resource_type": "metric-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-stream": "metric-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStream.html" + }, + "GetMetricWidgetImage": { + "privilege": "GetMetricWidgetImage", + "description": "Grants permission to retrieve snapshots of metric widgets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricWidgetImage.html" + }, + "Link": { + "privilege": "Link", + "description": "Grants permission to share CloudWatch resources with a monitoring account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" + }, + "ListDashboards": { + "privilege": "ListDashboards", + "description": "Grants permission to return a list of all CloudWatch dashboards in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListDashboards.html" + }, + "ListManagedInsightRules": { + "privilege": "ListManagedInsightRules", + "description": "Grants permission to list available managed Insight Rules for a given Resource ARN", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "cloudwatch:requestManagedResourceARNs" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListManagedInsightRules.html" + }, + "ListMetricStreams": { + "privilege": "ListMetricStreams", + "description": "Grants permission to return a list of all CloudWatch metric streams in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetricStreams.html" + }, + "ListMetrics": { + "privilege": "ListMetrics", + "description": "Grants permission to retrieve a list of valid metrics stored for the AWS account owner", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an Amazon CloudWatch resource", + "access_level": "List", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "insight-rule": { + "resource_type": "insight-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm", + "insight-rule": "insight-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListTagsForResource.html" + }, + "PutAnomalyDetector": { + "privilege": "PutAnomalyDetector", + "description": "Grants permission to create or update an anomaly detection model for a CloudWatch metric", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutAnomalyDetector.html" + }, + "PutCompositeAlarm": { + "privilege": "PutCompositeAlarm", + "description": "Grants permission to create or update a composite alarm", + "access_level": "Write", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "cloudwatch:AlarmActions" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html" + }, + "PutDashboard": { + "privilege": "PutDashboard", + "description": "Grants permission to create a CloudWatch dashboard, or update an existing dashboard if it already exists", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutDashboard.html" + }, + "PutInsightRule": { + "privilege": "PutInsightRule", + "description": "Grants permission to create a new insight rule or replace an existing insight rule", + "access_level": "Write", + "resource_types": { + "insight-rule": { + "resource_type": "insight-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "cloudwatch:requestInsightRuleLogGroups" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "insight-rule": "insight-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutInsightRule.html" + }, + "PutManagedInsightRules": { + "privilege": "PutManagedInsightRules", + "description": "Grants permission to create managed Insight Rules", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "cloudwatch:requestManagedResourceARNs" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutManagedInsightRules.html" + }, + "PutMetricAlarm": { + "privilege": "PutMetricAlarm", + "description": "Grants permission to create or update an alarm and associates it with the specified Amazon CloudWatch metric", + "access_level": "Write", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "cloudwatch:AlarmActions" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html" + }, + "PutMetricData": { + "privilege": "PutMetricData", + "description": "Grants permission to publish metric data points to Amazon CloudWatch", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudwatch:namespace" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricData.html" + }, + "PutMetricStream": { + "privilege": "PutMetricStream", + "description": "Grants permission to create a CloudWatch metric stream, or update an existing metric stream if it already exists", + "access_level": "Write", + "resource_types": { + "metric-stream": { + "resource_type": "metric-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-stream": "metric-stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricStream.html" + }, + "SetAlarmState": { + "privilege": "SetAlarmState", + "description": "Grants permission to temporarily set the state of an alarm for testing purposes", + "access_level": "Write", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_SetAlarmState.html" + }, + "StartMetricStreams": { + "privilege": "StartMetricStreams", + "description": "Grants permission to start all CloudWatch metric streams that you specify", + "access_level": "Write", + "resource_types": { + "metric-stream": { + "resource_type": "metric-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-stream": "metric-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_StartMetricStreams.html" + }, + "StopMetricStreams": { + "privilege": "StopMetricStreams", + "description": "Grants permission to stop all CloudWatch metric streams that you specify", + "access_level": "Write", + "resource_types": { + "metric-stream": { + "resource_type": "metric-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-stream": "metric-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_StopMetricStreams.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to an Amazon CloudWatch resource", + "access_level": "Tagging", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "insight-rule": { + "resource_type": "insight-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm", + "insight-rule": "insight-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an Amazon CloudWatch resource", + "access_level": "Tagging", + "resource_types": { + "alarm": { + "resource_type": "alarm", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "insight-rule": { + "resource_type": "insight-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "alarm", + "insight-rule": "insight-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "deletealarms": "DeleteAlarms", + "deleteanomalydetector": "DeleteAnomalyDetector", + "deletedashboards": "DeleteDashboards", + "deleteinsightrules": "DeleteInsightRules", + "deletemetricstream": "DeleteMetricStream", + "describealarmhistory": "DescribeAlarmHistory", + "describealarms": "DescribeAlarms", + "describealarmsformetric": "DescribeAlarmsForMetric", + "describeanomalydetectors": "DescribeAnomalyDetectors", + "describeinsightrules": "DescribeInsightRules", + "disablealarmactions": "DisableAlarmActions", + "disableinsightrules": "DisableInsightRules", + "enablealarmactions": "EnableAlarmActions", + "enableinsightrules": "EnableInsightRules", + "getdashboard": "GetDashboard", + "getinsightrulereport": "GetInsightRuleReport", + "getmetricdata": "GetMetricData", + "getmetricstatistics": "GetMetricStatistics", + "getmetricstream": "GetMetricStream", + "getmetricwidgetimage": "GetMetricWidgetImage", + "link": "Link", + "listdashboards": "ListDashboards", + "listmanagedinsightrules": "ListManagedInsightRules", + "listmetricstreams": "ListMetricStreams", + "listmetrics": "ListMetrics", + "listtagsforresource": "ListTagsForResource", + "putanomalydetector": "PutAnomalyDetector", + "putcompositealarm": "PutCompositeAlarm", + "putdashboard": "PutDashboard", + "putinsightrule": "PutInsightRule", + "putmanagedinsightrules": "PutManagedInsightRules", + "putmetricalarm": "PutMetricAlarm", + "putmetricdata": "PutMetricData", + "putmetricstream": "PutMetricStream", + "setalarmstate": "SetAlarmState", + "startmetricstreams": "StartMetricStreams", + "stopmetricstreams": "StopMetricStreams", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "alarm": { + "resource": "alarm", + "arn": "arn:${Partition}:cloudwatch:${Region}:${Account}:alarm:${AlarmName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dashboard": { + "resource": "dashboard", + "arn": "arn:${Partition}:cloudwatch::${Account}:dashboard/${DashboardName}", + "condition_keys": [] + }, + "insight-rule": { + "resource": "insight-rule", + "arn": "arn:${Partition}:cloudwatch:${Region}:${Account}:insight-rule/${InsightRuleName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "metric-stream": { + "resource": "metric-stream", + "arn": "arn:${Partition}:cloudwatch:${Region}:${Account}:metric-stream/${MetricStreamName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "alarm": "alarm", + "dashboard": "dashboard", + "insight-rule": "insight-rule", + "metric-stream": "metric-stream" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "cloudwatch:AlarmActions": { + "condition": "cloudwatch:AlarmActions", + "description": "Filters actions based on defined alarm actions", + "type": "ArrayOfString" + }, + "cloudwatch:namespace": { + "condition": "cloudwatch:namespace", + "description": "Filters actions based on the presence of optional namespace values", + "type": "String" + }, + "cloudwatch:requestInsightRuleLogGroups": { + "condition": "cloudwatch:requestInsightRuleLogGroups", + "description": "Filters actions based on the Log Groups specified in an Insight Rule", + "type": "ArrayOfString" + }, + "cloudwatch:requestManagedResourceARNs": { + "condition": "cloudwatch:requestManagedResourceARNs", + "description": "Filters access by the Resource ARNs specified in a managed Insight Rule", + "type": "ArrayOfString" + } + } + }, + "applicationinsights": { + "service_name": "Amazon CloudWatch Application Insights", + "prefix": "applicationinsights", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchapplicationinsights.html", + "privileges": { + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application from a resource group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_CreateApplication.html" + }, + "CreateComponent": { + "privilege": "CreateComponent", + "description": "Grants permission to create a component from a group of resources", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_CreateComponent.html" + }, + "CreateLogPattern": { + "privilege": "CreateLogPattern", + "description": "Grants permission to create log a pattern", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_CreateLogPattern.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DeleteApplication.html" + }, + "DeleteComponent": { + "privilege": "DeleteComponent", + "description": "Grants permission to delete a component", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DeleteComponent.html" + }, + "DeleteLogPattern": { + "privilege": "DeleteLogPattern", + "description": "Grants permission to delete a log pattern", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DeleteLogPattern.html" + }, + "DescribeApplication": { + "privilege": "DescribeApplication", + "description": "Grants permission to describe an application", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeApplication.html" + }, + "DescribeComponent": { + "privilege": "DescribeComponent", + "description": "Grants permission to describe a component", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeComponent.html" + }, + "DescribeComponentConfiguration": { + "privilege": "DescribeComponentConfiguration", + "description": "Grants permission to describe a component's configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeComponentConfiguration.html" + }, + "DescribeComponentConfigurationRecommendation": { + "privilege": "DescribeComponentConfigurationRecommendation", + "description": "Grants permission to describe the recommended application component configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeComponentConfigurationRecommendation.html" + }, + "DescribeLogPattern": { + "privilege": "DescribeLogPattern", + "description": "Grants permission to describe a log pattern", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeLogPattern.html" + }, + "DescribeObservation": { + "privilege": "DescribeObservation", + "description": "Grants permission to describe an observation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeObservation.html" + }, + "DescribeProblem": { + "privilege": "DescribeProblem", + "description": "Grants permission to describe a problem", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeProblem.html" + }, + "DescribeProblemObservations": { + "privilege": "DescribeProblemObservations", + "description": "Grants permission to describe the observation in a problem", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_DescribeProblemObservations.html" + }, + "Link": { + "privilege": "Link", + "description": "Grants permission to share Application Insights resources with a monitoring account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list all applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListApplications.html" + }, + "ListComponents": { + "privilege": "ListComponents", + "description": "Grants permission to list an application's components", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListComponents.html" + }, + "ListConfigurationHistory": { + "privilege": "ListConfigurationHistory", + "description": "Grants permission to list configuration history", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListConfigurationHistory.html" + }, + "ListLogPatternSets": { + "privilege": "ListLogPatternSets", + "description": "Grants permission to list log pattern sets for an application", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListLogPatternSets.html" + }, + "ListLogPatterns": { + "privilege": "ListLogPatterns", + "description": "Grants permission to list log patterns", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListLogPatterns.html" + }, + "ListProblems": { + "privilege": "ListProblems", + "description": "Grants permission to list the problems in an application", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListProblems.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for the resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateApplication.html" + }, + "UpdateComponent": { + "privilege": "UpdateComponent", + "description": "Grants permission to update a component", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateComponent.html" + }, + "UpdateComponentConfiguration": { + "privilege": "UpdateComponentConfiguration", + "description": "Grants permission to update a component's configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateComponentConfiguration.html" + }, + "UpdateLogPattern": { + "privilege": "UpdateLogPattern", + "description": "Grants permission to update a log pattern", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appinsights/latest/APIReference/API_UpdateLogPattern.html" + } + }, + "privileges_lower_name": { + "createapplication": "CreateApplication", + "createcomponent": "CreateComponent", + "createlogpattern": "CreateLogPattern", + "deleteapplication": "DeleteApplication", + "deletecomponent": "DeleteComponent", + "deletelogpattern": "DeleteLogPattern", + "describeapplication": "DescribeApplication", + "describecomponent": "DescribeComponent", + "describecomponentconfiguration": "DescribeComponentConfiguration", + "describecomponentconfigurationrecommendation": "DescribeComponentConfigurationRecommendation", + "describelogpattern": "DescribeLogPattern", + "describeobservation": "DescribeObservation", + "describeproblem": "DescribeProblem", + "describeproblemobservations": "DescribeProblemObservations", + "link": "Link", + "listapplications": "ListApplications", + "listcomponents": "ListComponents", + "listconfigurationhistory": "ListConfigurationHistory", + "listlogpatternsets": "ListLogPatternSets", + "listlogpatterns": "ListLogPatterns", + "listproblems": "ListProblems", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication", + "updatecomponent": "UpdateComponent", + "updatecomponentconfiguration": "UpdateComponentConfiguration", + "updatelogpattern": "UpdateLogPattern" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + } + } + }, + "evidently": { + "service_name": "Amazon CloudWatch Evidently", + "prefix": "evidently", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchevidently.html", + "privileges": { + "BatchEvaluateFeature": { + "privilege": "BatchEvaluateFeature", + "description": "Grants permission to send a batched evaluate feature request", + "access_level": "Write", + "resource_types": { + "Feature": { + "resource_type": "Feature", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature": "Feature" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_BatchEvaluateFeature.html" + }, + "CreateExperiment": { + "privilege": "CreateExperiment", + "description": "Grants permission to create an experiment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateExperiment.html" + }, + "CreateFeature": { + "privilege": "CreateFeature", + "description": "Grants permission to create a feature", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateFeature.html" + }, + "CreateLaunch": { + "privilege": "CreateLaunch", + "description": "Grants permission to create a launch", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateLaunch.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a project", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:GetRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateProject.html" + }, + "CreateSegment": { + "privilege": "CreateSegment", + "description": "Grants permission to create a segment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_CreateSegment.html" + }, + "DeleteExperiment": { + "privilege": "DeleteExperiment", + "description": "Grants permission to delete an experiment", + "access_level": "Write", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteExperiment.html" + }, + "DeleteFeature": { + "privilege": "DeleteFeature", + "description": "Grants permission to delete a feature", + "access_level": "Write", + "resource_types": { + "Feature": { + "resource_type": "Feature", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature": "Feature" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteFeature.html" + }, + "DeleteLaunch": { + "privilege": "DeleteLaunch", + "description": "Grants permission to delete a launch", + "access_level": "Write", + "resource_types": { + "Launch": { + "resource_type": "Launch", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch": "Launch" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteLaunch.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteProject.html" + }, + "DeleteSegment": { + "privilege": "DeleteSegment", + "description": "Grants permission to delete a segment", + "access_level": "Write", + "resource_types": { + "Segment": { + "resource_type": "Segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "Segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_DeleteSegment.html" + }, + "EvaluateFeature": { + "privilege": "EvaluateFeature", + "description": "Grants permission to send an evaluate feature request", + "access_level": "Write", + "resource_types": { + "Feature": { + "resource_type": "Feature", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature": "Feature" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html" + }, + "GetExperiment": { + "privilege": "GetExperiment", + "description": "Grants permission to get experiment details", + "access_level": "Read", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetExperiment.html" + }, + "GetExperimentResults": { + "privilege": "GetExperimentResults", + "description": "Grants permission to get experiment result", + "access_level": "Read", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetExperimentResults.html" + }, + "GetFeature": { + "privilege": "GetFeature", + "description": "Grants permission to get feature details", + "access_level": "Read", + "resource_types": { + "Feature": { + "resource_type": "Feature", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature": "Feature" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetFeature.html" + }, + "GetLaunch": { + "privilege": "GetLaunch", + "description": "Grants permission to get launch details", + "access_level": "Read", + "resource_types": { + "Launch": { + "resource_type": "Launch", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch": "Launch" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetLaunch.html" + }, + "GetProject": { + "privilege": "GetProject", + "description": "Grants permission to get project details", + "access_level": "Read", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetProject.html" + }, + "GetSegment": { + "privilege": "GetSegment", + "description": "Grants permission to get segment details", + "access_level": "Read", + "resource_types": { + "Segment": { + "resource_type": "Segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "Segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_GetSegment.html" + }, + "ListExperiments": { + "privilege": "ListExperiments", + "description": "Grants permission to list experiments", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListExperiments.html" + }, + "ListFeatures": { + "privilege": "ListFeatures", + "description": "Grants permission to list features", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListFeatures.html" + }, + "ListLaunches": { + "privilege": "ListLaunches", + "description": "Grants permission to list launches", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListLaunches.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list projects", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListProjects.html" + }, + "ListSegmentReferences": { + "privilege": "ListSegmentReferences", + "description": "Grants permission to list resources referencing a segment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListSegmentReferences.html" + }, + "ListSegments": { + "privilege": "ListSegments", + "description": "Grants permission to list segments", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListSegments.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_ListTagsForResource.html" + }, + "PutProjectEvents": { + "privilege": "PutProjectEvents", + "description": "Grants permission to send performance events", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_PutProjectEvents.html" + }, + "StartExperiment": { + "privilege": "StartExperiment", + "description": "Grants permission to start an experiment", + "access_level": "Write", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StartExperiment.html" + }, + "StartLaunch": { + "privilege": "StartLaunch", + "description": "Grants permission to start a launch", + "access_level": "Write", + "resource_types": { + "Launch": { + "resource_type": "Launch", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch": "Launch" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StartLaunch.html" + }, + "StopExperiment": { + "privilege": "StopExperiment", + "description": "Grants permission to stop an experiment", + "access_level": "Write", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StopExperiment.html" + }, + "StopLaunch": { + "privilege": "StopLaunch", + "description": "Grants permission to stop a launch", + "access_level": "Write", + "resource_types": { + "Launch": { + "resource_type": "Launch", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch": "Launch" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_StopLaunch.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag resources", + "access_level": "Tagging", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Feature": { + "resource_type": "Feature", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Launch": { + "resource_type": "Launch", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Project": { + "resource_type": "Project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Segment": { + "resource_type": "Segment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment", + "feature": "Feature", + "launch": "Launch", + "project": "Project", + "segment": "Segment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_TagResource.html" + }, + "TestSegmentPattern": { + "privilege": "TestSegmentPattern", + "description": "Grants permission to test a segment pattern", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_TestSegmentPattern.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag resources", + "access_level": "Tagging", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Feature": { + "resource_type": "Feature", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Launch": { + "resource_type": "Launch", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Project": { + "resource_type": "Project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Segment": { + "resource_type": "Segment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment", + "feature": "Feature", + "launch": "Launch", + "project": "Project", + "segment": "Segment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UntagResource.html" + }, + "UpdateExperiment": { + "privilege": "UpdateExperiment", + "description": "Grants permission to update experiment", + "access_level": "Write", + "resource_types": { + "Experiment": { + "resource_type": "Experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "Experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateExperiment.html" + }, + "UpdateFeature": { + "privilege": "UpdateFeature", + "description": "Grants permission to update feature", + "access_level": "Write", + "resource_types": { + "Feature": { + "resource_type": "Feature", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature": "Feature" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateFeature.html" + }, + "UpdateLaunch": { + "privilege": "UpdateLaunch", + "description": "Grants permission to update a launch", + "access_level": "Write", + "resource_types": { + "Launch": { + "resource_type": "Launch", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch": "Launch" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateLaunch.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to update project", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:GetRole" + ] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateProject.html" + }, + "UpdateProjectDataDelivery": { + "privilege": "UpdateProjectDataDelivery", + "description": "Grants permission to update project data delivery", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_UpdateProjectDataDelivery.html" + } + }, + "privileges_lower_name": { + "batchevaluatefeature": "BatchEvaluateFeature", + "createexperiment": "CreateExperiment", + "createfeature": "CreateFeature", + "createlaunch": "CreateLaunch", + "createproject": "CreateProject", + "createsegment": "CreateSegment", + "deleteexperiment": "DeleteExperiment", + "deletefeature": "DeleteFeature", + "deletelaunch": "DeleteLaunch", + "deleteproject": "DeleteProject", + "deletesegment": "DeleteSegment", + "evaluatefeature": "EvaluateFeature", + "getexperiment": "GetExperiment", + "getexperimentresults": "GetExperimentResults", + "getfeature": "GetFeature", + "getlaunch": "GetLaunch", + "getproject": "GetProject", + "getsegment": "GetSegment", + "listexperiments": "ListExperiments", + "listfeatures": "ListFeatures", + "listlaunches": "ListLaunches", + "listprojects": "ListProjects", + "listsegmentreferences": "ListSegmentReferences", + "listsegments": "ListSegments", + "listtagsforresource": "ListTagsForResource", + "putprojectevents": "PutProjectEvents", + "startexperiment": "StartExperiment", + "startlaunch": "StartLaunch", + "stopexperiment": "StopExperiment", + "stoplaunch": "StopLaunch", + "tagresource": "TagResource", + "testsegmentpattern": "TestSegmentPattern", + "untagresource": "UntagResource", + "updateexperiment": "UpdateExperiment", + "updatefeature": "UpdateFeature", + "updatelaunch": "UpdateLaunch", + "updateproject": "UpdateProject", + "updateprojectdatadelivery": "UpdateProjectDataDelivery" + }, + "resources": { + "Project": { + "resource": "Project", + "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Feature": { + "resource": "Feature", + "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}/feature/${FeatureName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Experiment": { + "resource": "Experiment", + "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}/experiment/${ExperimentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Launch": { + "resource": "Launch", + "arn": "arn:${Partition}:evidently:${Region}:${Account}:project/${ProjectName}/launch/${LaunchName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Segment": { + "resource": "Segment", + "arn": "arn:${Partition}:evidently:${Region}:${Account}:segment/${SegmentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "project": "Project", + "feature": "Feature", + "experiment": "Experiment", + "launch": "Launch", + "segment": "Segment" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed the request on behalf of the IAM principal", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource that make the request on behalf of the IAM principal", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request on behalf of the IAM principal", + "type": "ArrayOfString" + } + } + }, + "internetmonitor": { + "service_name": "Amazon CloudWatch Internet Monitor", + "prefix": "internetmonitor", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchinternetmonitor.html", + "privileges": { + "CreateMonitor": { + "privilege": "CreateMonitor", + "description": "Grants permission to create a monitor", + "access_level": "Write", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_CreateMonitor.html" + }, + "DeleteMonitor": { + "privilege": "DeleteMonitor", + "description": "Grants permission to delete a monitor", + "access_level": "Write", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_DeleteMonitor.html" + }, + "GetHealthEvent": { + "privilege": "GetHealthEvent", + "description": "Grants permission to get information about a health event for a specified monitor", + "access_level": "Read", + "resource_types": { + "HealthEvent": { + "resource_type": "HealthEvent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthevent": "HealthEvent" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_GetHealthEvent.html" + }, + "GetMonitor": { + "privilege": "GetMonitor", + "description": "Grants permission to get information about a monitor", + "access_level": "Read", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_GetMonitor.html" + }, + "ListHealthEvents": { + "privilege": "ListHealthEvents", + "description": "Grants permission to list all health events for a monitor", + "access_level": "List", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_ListHealthEvents.html" + }, + "ListMonitors": { + "privilege": "ListMonitors", + "description": "Grants permission to list all monitors in an account and their statuses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_ListMonitors.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_UntagResource.html" + }, + "UpdateMonitor": { + "privilege": "UpdateMonitor", + "description": "Grants permission to update a monitor", + "access_level": "Write", + "resource_types": { + "Monitor": { + "resource_type": "Monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "Monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/internet-monitor/latest/api/API_UpdateMonitor.html" + } + }, + "privileges_lower_name": { + "createmonitor": "CreateMonitor", + "deletemonitor": "DeleteMonitor", + "gethealthevent": "GetHealthEvent", + "getmonitor": "GetMonitor", + "listhealthevents": "ListHealthEvents", + "listmonitors": "ListMonitors", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatemonitor": "UpdateMonitor" + }, + "resources": { + "HealthEvent": { + "resource": "HealthEvent", + "arn": "arn:${Partition}:internetmonitor:${Region}:${Account}:monitor/${MonitorName}/health-event/${EventId}", + "condition_keys": [] + }, + "Monitor": { + "resource": "Monitor", + "arn": "arn:${Partition}:internetmonitor:${Region}:${Account}:monitor/${MonitorName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "healthevent": "HealthEvent", + "monitor": "Monitor" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "logs": { + "service_name": "Amazon CloudWatch Logs", + "prefix": "logs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchlogs.html", + "privileges": { + "AssociateKmsKey": { + "privilege": "AssociateKmsKey", + "description": "Grants permission to associate the specified AWS Key Management Service (AWS KMS) customer master key (CMK) with the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_AssociateKmsKey.html" + }, + "CancelExportTask": { + "privilege": "CancelExportTask", + "description": "Grants permission to cancel an export task if it is in PENDING or RUNNING state", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CancelExportTask.html" + }, + "CreateExportTask": { + "privilege": "CreateExportTask", + "description": "Grants permission to create an ExportTask which allows you to efficiently export data from a Log Group to your Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateExportTask.html" + }, + "CreateLogDelivery": { + "privilege": "CreateLogDelivery", + "description": "Grants permission to create the log delivery", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" + }, + "CreateLogGroup": { + "privilege": "CreateLogGroup", + "description": "Grants permission to create a new log group with the specified name", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogGroup.html" + }, + "CreateLogStream": { + "privilege": "CreateLogStream", + "description": "Grants permission to create a new log stream with the specified name", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogStream.html" + }, + "DeleteAccountPolicy": { + "privilege": "DeleteAccountPolicy", + "description": "Grants permission to delete a data protection policy attached to an account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDataProtectionPolicy.html" + }, + "DeleteDataProtectionPolicy": { + "privilege": "DeleteDataProtectionPolicy", + "description": "Grants permission to delete a data protection policy attached to a log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDataProtectionPolicy.html" + }, + "DeleteDestination": { + "privilege": "DeleteDestination", + "description": "Grants permission to delete the destination with the specified name", + "access_level": "Write", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDestination.html" + }, + "DeleteLogDelivery": { + "privilege": "DeleteLogDelivery", + "description": "Grants permission to delete the log delivery information for specified log delivery", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" + }, + "DeleteLogGroup": { + "privilege": "DeleteLogGroup", + "description": "Grants permission to delete the log group with the specified name", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteLogGroup.html" + }, + "DeleteLogStream": { + "privilege": "DeleteLogStream", + "description": "Grants permission to delete a log stream", + "access_level": "Write", + "resource_types": { + "log-stream": { + "resource_type": "log-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-stream": "log-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteLogStream.html" + }, + "DeleteMetricFilter": { + "privilege": "DeleteMetricFilter", + "description": "Grants permission to delete a metric filter associated with the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteMetricFilter.html" + }, + "DeleteQueryDefinition": { + "privilege": "DeleteQueryDefinition", + "description": "Grants permission to delete a saved CloudWatch Logs Insights query definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteQueryDefinition.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy from this account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteRetentionPolicy": { + "privilege": "DeleteRetentionPolicy", + "description": "Grants permission to delete the retention policy of the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html" + }, + "DeleteSubscriptionFilter": { + "privilege": "DeleteSubscriptionFilter", + "description": "Grants permission to delete a subscription filter associated with the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteSubscriptionFilter.html" + }, + "DescribeAccountPolicies": { + "privilege": "DescribeAccountPolicies", + "description": "Grants permission to retrieve a data protection policy attached to an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeAccountPolicies.html" + }, + "DescribeDestinations": { + "privilege": "DescribeDestinations", + "description": "Grants permission to return all the destinations that are associated with the AWS account making the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDestinations.html" + }, + "DescribeExportTasks": { + "privilege": "DescribeExportTasks", + "description": "Grants permission to return all the export tasks that are associated with the AWS account making the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeExportTasks.html" + }, + "DescribeLogGroups": { + "privilege": "DescribeLogGroups", + "description": "Grants permission to return all the log groups that are associated with the AWS account making the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogGroups.html" + }, + "DescribeLogStreams": { + "privilege": "DescribeLogStreams", + "description": "Grants permission to return all the log streams that are associated with the specified log group", + "access_level": "List", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogStreams.html" + }, + "DescribeMetricFilters": { + "privilege": "DescribeMetricFilters", + "description": "Grants permission to return all the metrics filters associated with the specified log group", + "access_level": "List", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeMetricFilters.html" + }, + "DescribeQueries": { + "privilege": "DescribeQueries", + "description": "Grants permission to return a list of CloudWatch Logs Insights queries that are scheduled, executing, or have been executed recently in this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueries.html" + }, + "DescribeQueryDefinitions": { + "privilege": "DescribeQueryDefinitions", + "description": "Grants permission to return a paginated list of your saved CloudWatch Logs Insights query definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html" + }, + "DescribeResourcePolicies": { + "privilege": "DescribeResourcePolicies", + "description": "Grants permission to return all the resource policies in this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeResourcePolicies.html" + }, + "DescribeSubscriptionFilters": { + "privilege": "DescribeSubscriptionFilters", + "description": "Grants permission to return all the subscription filters associated with the specified log group", + "access_level": "List", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeSubscriptionFilters.html" + }, + "DisassociateKmsKey": { + "privilege": "DisassociateKmsKey", + "description": "Grants permission to disassociate the associated AWS Key Management Service (AWS KMS) customer master key (CMK) from the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DisassociateKmsKey.html" + }, + "FilterLogEvents": { + "privilege": "FilterLogEvents", + "description": "Grants permission to retrieve log events, optionally filtered by a filter pattern from the specified log group", + "access_level": "Read", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html" + }, + "GetDataProtectionPolicy": { + "privilege": "GetDataProtectionPolicy", + "description": "Grants permission to retrieve a data protection policy attached to a log group", + "access_level": "Read", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetDataProtectionPolicy.html" + }, + "GetLogDelivery": { + "privilege": "GetLogDelivery", + "description": "Grants permission to get the log delivery information for specified log delivery", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" + }, + "GetLogEvents": { + "privilege": "GetLogEvents", + "description": "Grants permission to retrieve log events from the specified log stream", + "access_level": "Read", + "resource_types": { + "log-stream": { + "resource_type": "log-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-stream": "log-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html" + }, + "GetLogGroupFields": { + "privilege": "GetLogGroupFields", + "description": "Grants permission to return a list of the fields that are included in log events in the specified log group, along with the percentage of log events that contain each field", + "access_level": "Read", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogGroupFields.html" + }, + "GetLogRecord": { + "privilege": "GetLogRecord", + "description": "Grants permission to retrieve all the fields and values of a single log event", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogRecord.html" + }, + "GetQueryResults": { + "privilege": "GetQueryResults", + "description": "Grants permission to return the results from the specified query", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetQueryResults.html" + }, + "Link": { + "privilege": "Link", + "description": "Grants permission to share CloudWatch resources with a monitoring account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" + }, + "ListLogDeliveries": { + "privilege": "ListLogDeliveries", + "description": "Grants permission to list all the log deliveries for specified account and/or log source", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for the specified resource", + "access_level": "List", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "log-group": { + "resource_type": "log-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination", + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTagsLogGroup": { + "privilege": "ListTagsLogGroup", + "description": "Grants permission to list the tags for the specified log group", + "access_level": "List", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html" + }, + "PutAccountPolicy": { + "privilege": "PutAccountPolicy", + "description": "Grants permission to attach a data protection policy at account level to detect and redact sensitive information from log events", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html" + }, + "PutDataProtectionPolicy": { + "privilege": "PutDataProtectionPolicy", + "description": "Grants permission to attach a data protection policy to detect and redact sensitive information from log events", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html" + }, + "PutDestination": { + "privilege": "PutDestination", + "description": "Grants permission to create or update a Destination", + "access_level": "Write", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html" + }, + "PutDestinationPolicy": { + "privilege": "PutDestinationPolicy", + "description": "Grants permission to create or update an access policy associated with an existing Destination", + "access_level": "Write", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html" + }, + "PutLogEvents": { + "privilege": "PutLogEvents", + "description": "Grants permission to upload a batch of log events to the specified log stream", + "access_level": "Write", + "resource_types": { + "log-stream": { + "resource_type": "log-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-stream": "log-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html" + }, + "PutMetricFilter": { + "privilege": "PutMetricFilter", + "description": "Grants permission to create or update a metric filter and associates it with the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutMetricFilter.html" + }, + "PutQueryDefinition": { + "privilege": "PutQueryDefinition", + "description": "Grants permission to create or update a query definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutQueryDefinition.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create or update a resource policy allowing other AWS services to put log events to this account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutResourcePolicy.html" + }, + "PutRetentionPolicy": { + "privilege": "PutRetentionPolicy", + "description": "Grants permission to set the retention of the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutRetentionPolicy.html" + }, + "PutSubscriptionFilter": { + "privilege": "PutSubscriptionFilter", + "description": "Grants permission to create or update a subscription filter and associates it with the specified log group", + "access_level": "Write", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "destination": { + "resource_type": "destination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group", + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutSubscriptionFilter.html" + }, + "StartLiveTail": { + "privilege": "StartLiveTail", + "description": "Grants permission to start a livetail session in CloudWatch Logs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs_LiveTail.html" + }, + "StartQuery": { + "privilege": "StartQuery", + "description": "Grants permission to schedule a query of a log group using CloudWatch Logs Insights", + "access_level": "Read", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html" + }, + "StopLiveTail": { + "privilege": "StopLiveTail", + "description": "Grants permission to stop a CloudWatch Logs livetail session that is in progress", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs_LiveTail.html" + }, + "StopQuery": { + "privilege": "StopQuery", + "description": "Grants permission to stop a CloudWatch Logs Insights query that is in progress", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StopQuery.html" + }, + "TagLogGroup": { + "privilege": "TagLogGroup", + "description": "Grants permission to add or update the specified tags for the specified log group", + "access_level": "Tagging", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagLogGroup.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update the specified tags for the specified resource", + "access_level": "Tagging", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "log-group": { + "resource_type": "log-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination", + "log-group": "log-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html" + }, + "TestMetricFilter": { + "privilege": "TestMetricFilter", + "description": "Grants permission to test the filter pattern of a metric filter against a sample of log event messages", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TestMetricFilter.html" + }, + "Unmask": { + "privilege": "Unmask", + "description": "Grants permission to fetch unmasked log events that have been redacted with a data protection policy", + "access_level": "Read", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html" + }, + "UntagLogGroup": { + "privilege": "UntagLogGroup", + "description": "Grants permission to remove the specified tags from the specified log group", + "access_level": "Tagging", + "resource_types": { + "log-group": { + "resource_type": "log-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "log-group": "log-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagLogGroup.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the specified tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "log-group": { + "resource_type": "log-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination", + "log-group": "log-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html" + }, + "UpdateLogDelivery": { + "privilege": "UpdateLogDelivery", + "description": "Grants permission to update the log delivery information for specified log delivery", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html" + } + }, + "privileges_lower_name": { + "associatekmskey": "AssociateKmsKey", + "cancelexporttask": "CancelExportTask", + "createexporttask": "CreateExportTask", + "createlogdelivery": "CreateLogDelivery", + "createloggroup": "CreateLogGroup", + "createlogstream": "CreateLogStream", + "deleteaccountpolicy": "DeleteAccountPolicy", + "deletedataprotectionpolicy": "DeleteDataProtectionPolicy", + "deletedestination": "DeleteDestination", + "deletelogdelivery": "DeleteLogDelivery", + "deleteloggroup": "DeleteLogGroup", + "deletelogstream": "DeleteLogStream", + "deletemetricfilter": "DeleteMetricFilter", + "deletequerydefinition": "DeleteQueryDefinition", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteretentionpolicy": "DeleteRetentionPolicy", + "deletesubscriptionfilter": "DeleteSubscriptionFilter", + "describeaccountpolicies": "DescribeAccountPolicies", + "describedestinations": "DescribeDestinations", + "describeexporttasks": "DescribeExportTasks", + "describeloggroups": "DescribeLogGroups", + "describelogstreams": "DescribeLogStreams", + "describemetricfilters": "DescribeMetricFilters", + "describequeries": "DescribeQueries", + "describequerydefinitions": "DescribeQueryDefinitions", + "describeresourcepolicies": "DescribeResourcePolicies", + "describesubscriptionfilters": "DescribeSubscriptionFilters", + "disassociatekmskey": "DisassociateKmsKey", + "filterlogevents": "FilterLogEvents", + "getdataprotectionpolicy": "GetDataProtectionPolicy", + "getlogdelivery": "GetLogDelivery", + "getlogevents": "GetLogEvents", + "getloggroupfields": "GetLogGroupFields", + "getlogrecord": "GetLogRecord", + "getqueryresults": "GetQueryResults", + "link": "Link", + "listlogdeliveries": "ListLogDeliveries", + "listtagsforresource": "ListTagsForResource", + "listtagsloggroup": "ListTagsLogGroup", + "putaccountpolicy": "PutAccountPolicy", + "putdataprotectionpolicy": "PutDataProtectionPolicy", + "putdestination": "PutDestination", + "putdestinationpolicy": "PutDestinationPolicy", + "putlogevents": "PutLogEvents", + "putmetricfilter": "PutMetricFilter", + "putquerydefinition": "PutQueryDefinition", + "putresourcepolicy": "PutResourcePolicy", + "putretentionpolicy": "PutRetentionPolicy", + "putsubscriptionfilter": "PutSubscriptionFilter", + "startlivetail": "StartLiveTail", + "startquery": "StartQuery", + "stoplivetail": "StopLiveTail", + "stopquery": "StopQuery", + "tagloggroup": "TagLogGroup", + "tagresource": "TagResource", + "testmetricfilter": "TestMetricFilter", + "unmask": "Unmask", + "untagloggroup": "UntagLogGroup", + "untagresource": "UntagResource", + "updatelogdelivery": "UpdateLogDelivery" + }, + "resources": { + "log-group": { + "resource": "log-group", + "arn": "arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "log-stream": { + "resource": "log-stream", + "arn": "arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "destination": { + "resource": "destination", + "arn": "arn:${Partition}:logs:${Region}:${Account}:destination:${DestinationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "log-group": "log-group", + "log-stream": "log-stream", + "destination": "destination" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "oam": { + "service_name": "Amazon CloudWatch Observability Access Manager", + "prefix": "oam", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchobservabilityaccessmanager.html", + "privileges": { + "CreateLink": { + "privilege": "CreateLink", + "description": "Grants permission to create a link between a monitoring account and a source account for cross-account monitoring", + "access_level": "Write", + "resource_types": { + "Sink": { + "resource_type": "Sink", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "oam:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "oam:ResourceTypes" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_CreateLink.html" + }, + "CreateSink": { + "privilege": "CreateSink", + "description": "Grants permission to create a sink in an account so that it can be used as a monitoring account for cross-account monitoring", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "oam:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_CreateSink.html" + }, + "DeleteLink": { + "privilege": "DeleteLink", + "description": "Grants permission to delete a link between a monitoring account and a source account for cross-account monitoring", + "access_level": "Write", + "resource_types": { + "Link": { + "resource_type": "Link", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "link": "Link", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_DeleteLink.html" + }, + "DeleteSink": { + "privilege": "DeleteSink", + "description": "Grants permission to delete a cross-account monitoring sink in a monitoring account", + "access_level": "Write", + "resource_types": { + "Sink": { + "resource_type": "Sink", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_DeleteSink.html" + }, + "GetLink": { + "privilege": "GetLink", + "description": "Grants permission to retrieve complete information about one cross-account monitoring link", + "access_level": "Read", + "resource_types": { + "Link": { + "resource_type": "Link", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "link": "Link", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_GetLink.html" + }, + "GetSink": { + "privilege": "GetSink", + "description": "Grants permission to retrieve complete information about one cross-account monitoring sink", + "access_level": "Read", + "resource_types": { + "Sink": { + "resource_type": "Sink", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_GetSink.html" + }, + "GetSinkPolicy": { + "privilege": "GetSinkPolicy", + "description": "Grants permission to retrieve information for the IAM policy for a cross-account monitoring sink", + "access_level": "Read", + "resource_types": { + "Sink": { + "resource_type": "Sink", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_GetSinkPolicy.html" + }, + "ListAttachedLinks": { + "privilege": "ListAttachedLinks", + "description": "Grants permission to retrieve a list of links that are linked for a cross-account monitoring sink", + "access_level": "Read", + "resource_types": { + "Sink": { + "resource_type": "Sink", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListAttachedLinks.html" + }, + "ListLinks": { + "privilege": "ListLinks", + "description": "Grants permission to retrieve the ARNs of cross-account monitoring links in this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListLinks.html" + }, + "ListSinks": { + "privilege": "ListSinks", + "description": "Grants permission to retrieve the ARNs of cross-account monitoring sinks in this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "Link": { + "resource_type": "Link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Sink": { + "resource_type": "Sink", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "link": "Link", + "sink": "Sink" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListTagsForResource.html" + }, + "PutSinkPolicy": { + "privilege": "PutSinkPolicy", + "description": "Grants permission to create or update the IAM policy for a cross-account monitoring sink", + "access_level": "Write", + "resource_types": { + "Sink": { + "resource_type": "Sink", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_PutSinkPolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "Link": { + "resource_type": "Link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Sink": { + "resource_type": "Sink", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "link": "Link", + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "Link": { + "resource_type": "Link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Sink": { + "resource_type": "Sink", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "link": "Link", + "sink": "Sink", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_UntagResource.html" + }, + "UpdateLink": { + "privilege": "UpdateLink", + "description": "Grants permission to update an existing link between a monitoring account and a source account", + "access_level": "Write", + "resource_types": { + "Link": { + "resource_type": "Link", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "oam:ResourceTypes" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "link": "Link", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/OAM/latest/APIReference/API_UpdateLink.html" + } + }, + "privileges_lower_name": { + "createlink": "CreateLink", + "createsink": "CreateSink", + "deletelink": "DeleteLink", + "deletesink": "DeleteSink", + "getlink": "GetLink", + "getsink": "GetSink", + "getsinkpolicy": "GetSinkPolicy", + "listattachedlinks": "ListAttachedLinks", + "listlinks": "ListLinks", + "listsinks": "ListSinks", + "listtagsforresource": "ListTagsForResource", + "putsinkpolicy": "PutSinkPolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatelink": "UpdateLink" + }, + "resources": { + "Link": { + "resource": "Link", + "arn": "arn:${Partition}:oam:${Region}:${Account}:link/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Sink": { + "resource": "Sink", + "arn": "arn:${Partition}:oam:${Region}:${Account}:sink/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "link": "Link", + "sink": "Sink" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "oam:ResourceTypes": { + "condition": "oam:ResourceTypes", + "description": "Filters access by the presence of resource types in the request", + "type": "ArrayOfString" + } + } + }, + "synthetics": { + "service_name": "Amazon CloudWatch Synthetics", + "prefix": "synthetics", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchsynthetics.html", + "privileges": { + "AssociateResource": { + "privilege": "AssociateResource", + "description": "Grants permission to associate a resource with a group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_AssociateResource.html" + }, + "CreateCanary": { + "privilege": "CreateCanary", + "description": "Grants permission to create a canary", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CreateCanary.html" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CreateGroup.html" + }, + "DeleteCanary": { + "privilege": "DeleteCanary", + "description": "Grants permission to delete a canary. Amazon Synthetics deletes all the resources except for the Lambda function and the CloudWatch Alarms if you created one", + "access_level": "Write", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteCanary.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete a group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteGroup.html" + }, + "DescribeCanaries": { + "privilege": "DescribeCanaries", + "description": "Grants permission to list information of all canaries", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "synthetics:Names" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DescribeCanaries.html" + }, + "DescribeCanariesLastRun": { + "privilege": "DescribeCanariesLastRun", + "description": "Grants permission to list information about the last test run associated with all canaries", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "synthetics:Names" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DescribeCanariesLastRun.html" + }, + "DescribeRuntimeVersions": { + "privilege": "DescribeRuntimeVersions", + "description": "Grants permission to list information about Synthetics canary runtime versions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DescribeRuntimeVersions.html" + }, + "DisassociateResource": { + "privilege": "DisassociateResource", + "description": "Grants permission to disassociate a resource from a group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DisassociateResource.html" + }, + "GetCanary": { + "privilege": "GetCanary", + "description": "Grants permission to view the details of a canary", + "access_level": "Read", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanary.html" + }, + "GetCanaryRuns": { + "privilege": "GetCanaryRuns", + "description": "Grants permission to list information about all the test runs associated with a canary", + "access_level": "Read", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html" + }, + "GetGroup": { + "privilege": "GetGroup", + "description": "Grants permission to view the details of a group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetGroup.html" + }, + "ListAssociatedGroups": { + "privilege": "ListAssociatedGroups", + "description": "Grants permission to list information about the associated groups of a canary", + "access_level": "List", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListAssociatedGroups.html" + }, + "ListGroupResources": { + "privilege": "ListGroupResources", + "description": "Grants permission to list information about canaries in a group", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListGroupResources.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list information of all groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListGroups.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags and values associated with a resource", + "access_level": "Read", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_ListTagsForResource.html" + }, + "StartCanary": { + "privilege": "StartCanary", + "description": "Grants permission to start a canary, so that Amazon CloudWatch Synthetics starts monitoring a website", + "access_level": "Write", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_StartCanary.html" + }, + "StopCanary": { + "privilege": "StopCanary", + "description": "Grants permission to stop a canary", + "access_level": "Write", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_StopCanary.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a resource", + "access_level": "Tagging", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a resource", + "access_level": "Tagging", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_UntagResource.html" + }, + "UpdateCanary": { + "privilege": "UpdateCanary", + "description": "Grants permission to update a canary", + "access_level": "Write", + "resource_types": { + "canary": { + "resource_type": "canary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "canary": "canary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_UpdateCanary.html" + } + }, + "privileges_lower_name": { + "associateresource": "AssociateResource", + "createcanary": "CreateCanary", + "creategroup": "CreateGroup", + "deletecanary": "DeleteCanary", + "deletegroup": "DeleteGroup", + "describecanaries": "DescribeCanaries", + "describecanarieslastrun": "DescribeCanariesLastRun", + "describeruntimeversions": "DescribeRuntimeVersions", + "disassociateresource": "DisassociateResource", + "getcanary": "GetCanary", + "getcanaryruns": "GetCanaryRuns", + "getgroup": "GetGroup", + "listassociatedgroups": "ListAssociatedGroups", + "listgroupresources": "ListGroupResources", + "listgroups": "ListGroups", + "listtagsforresource": "ListTagsForResource", + "startcanary": "StartCanary", + "stopcanary": "StopCanary", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecanary": "UpdateCanary" + }, + "resources": { + "canary": { + "resource": "canary", + "arn": "arn:${Partition}:synthetics:${Region}:${Account}:canary:${CanaryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "group": { + "resource": "group", + "arn": "arn:${Partition}:synthetics:${Region}:${Account}:group:${GroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "canary": "canary", + "group": "group" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "synthetics:Names": { + "condition": "synthetics:Names", + "description": "Filters access based on the name of the canary", + "type": "ArrayOfString" + } + } + }, + "codecatalyst": { + "service_name": "Amazon CodeCatalyst", + "prefix": "codecatalyst", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodecatalyst.html", + "privileges": { + "AcceptConnection": { + "privilege": "AcceptConnection", + "description": "Grants permission to accept a request to connect this account to an Amazon CodeCatalyst space", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "AssociateIamRoleToConnection": { + "privilege": "AssociateIamRoleToConnection", + "description": "Grants permission to associate an IAM role to a connection", + "access_level": "Write", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete a connection", + "access_level": "Write", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "DisassociateIamRoleFromConnection": { + "privilege": "DisassociateIamRoleFromConnection", + "description": "Grants permission to disassociate an IAM role from a connection", + "access_level": "Write", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "GetBillingAuthorization": { + "privilege": "GetBillingAuthorization", + "description": "Grants permission to describe the billing authorization for a connection", + "access_level": "Read", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "GetConnection": { + "privilege": "GetConnection", + "description": "Grants permission to get a connection", + "access_level": "Read", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "GetPendingConnection": { + "privilege": "GetPendingConnection", + "description": "Grants permission to get a pending request to connect this account to an Amazon CodeCatalyst space", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "ListConnections": { + "privilege": "ListConnections", + "description": "Grants permission to list connections that are not pending", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "ListIamRolesForConnection": { + "privilege": "ListIamRolesForConnection", + "description": "Grants permission to list IAM roles associated with a connection", + "access_level": "List", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an Amazon CodeCatalyst resource", + "access_level": "Read", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "PutBillingAuthorization": { + "privilege": "PutBillingAuthorization", + "description": "Grants permission to create or update the billing authorization for a connection", + "access_level": "Write", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "RejectConnection": { + "privilege": "RejectConnection", + "description": "Grants permission to reject a request to connect this account to an Amazon CodeCatalyst space", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon CodeCatalyst resource", + "access_level": "Tagging", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Amazon CodeCatalyst resource", + "access_level": "Tagging", + "resource_types": { + "connections": { + "resource_type": "connections", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connections": "connections", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecatalyst/latest/userguide/security-iam.html#permissions-reference-connections" + } + }, + "privileges_lower_name": { + "acceptconnection": "AcceptConnection", + "associateiamroletoconnection": "AssociateIamRoleToConnection", + "deleteconnection": "DeleteConnection", + "disassociateiamrolefromconnection": "DisassociateIamRoleFromConnection", + "getbillingauthorization": "GetBillingAuthorization", + "getconnection": "GetConnection", + "getpendingconnection": "GetPendingConnection", + "listconnections": "ListConnections", + "listiamrolesforconnection": "ListIamRolesForConnection", + "listtagsforresource": "ListTagsForResource", + "putbillingauthorization": "PutBillingAuthorization", + "rejectconnection": "RejectConnection", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "connections": { + "resource": "connections", + "arn": "arn:${Partition}:codecatalyst:${Region}:${Account}:/connections/${ConnectionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "connections": "connections" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + } + } + }, + "codeguru": { + "service_name": "Amazon CodeGuru", + "prefix": "codeguru", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodeguru.html", + "privileges": { + "GetCodeGuruFreeTrialSummary": { + "privilege": "GetCodeGuruFreeTrialSummary", + "description": "Grants permission to get free trial summary for the CodeGuru service which includes expiration date", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetCodeGuruFreeTrialSummary.html" + } + }, + "privileges_lower_name": { + "getcodegurufreetrialsummary": "GetCodeGuruFreeTrialSummary" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "codeguru-profiler": { + "service_name": "Amazon CodeGuru Profiler", + "prefix": "codeguru-profiler", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodeguruprofiler.html", + "privileges": { + "AddNotificationChannels": { + "privilege": "AddNotificationChannels", + "description": "Grants permission to add up to 2 topic ARNs of existing AWS SNS topics to publish notifications", + "access_level": "Write", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_AddNotificationChannels.html" + }, + "BatchGetFrameMetricData": { + "privilege": "BatchGetFrameMetricData", + "description": "Grants permission to get the frame metric data for a Profiling Group", + "access_level": "List", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_BatchGetFrameMetricData.html" + }, + "ConfigureAgent": { + "privilege": "ConfigureAgent", + "description": "Grants permission to register with the orchestration service and retrieve profiling configuration information, used by agents", + "access_level": "Write", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html" + }, + "CreateProfilingGroup": { + "privilege": "CreateProfilingGroup", + "description": "Grants permission to create a profiling group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_CreateProfilingGroup.html" + }, + "DeleteProfilingGroup": { + "privilege": "DeleteProfilingGroup", + "description": "Grants permission to delete a profiling group", + "access_level": "Write", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_DeleteProfilingGroup.html" + }, + "DescribeProfilingGroup": { + "privilege": "DescribeProfilingGroup", + "description": "Grants permission to describe a profiling group", + "access_level": "Read", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_DescribeProfilingGroup.html" + }, + "GetFindingsReportAccountSummary": { + "privilege": "GetFindingsReportAccountSummary", + "description": "Grants permission to get a summary of recent recommendations for each profiling group in the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetFindingsReportAccountSummary.html" + }, + "GetNotificationConfiguration": { + "privilege": "GetNotificationConfiguration", + "description": "Grants permission to get the notification configuration", + "access_level": "Read", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetNotificationConfiguration.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to get the resource policy associated with the specified Profiling Group", + "access_level": "Read", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetPolicy.html" + }, + "GetProfile": { + "privilege": "GetProfile", + "description": "Grants permission to get aggregated profiles for a specific profiling group", + "access_level": "Read", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetProfile.html" + }, + "GetRecommendations": { + "privilege": "GetRecommendations", + "description": "Grants permission to get recommendations", + "access_level": "Read", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_GetRecommendations.html" + }, + "ListFindingsReports": { + "privilege": "ListFindingsReports", + "description": "Grants permission to list the available recommendations reports for a specific profiling group", + "access_level": "List", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListFindingsReports.html" + }, + "ListProfileTimes": { + "privilege": "ListProfileTimes", + "description": "Grants permission to list the start times of the available aggregated profiles for a specific profiling group", + "access_level": "List", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListProfileTimes.html" + }, + "ListProfilingGroups": { + "privilege": "ListProfilingGroups", + "description": "Grants permission to list profiling groups in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListProfilingGroups.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a Profiling Group", + "access_level": "List", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ListTagsForResource.html" + }, + "PostAgentProfile": { + "privilege": "PostAgentProfile", + "description": "Grants permission to submit a profile collected by an agent belonging to a specific profiling group for aggregation", + "access_level": "Write", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html" + }, + "PutPermission": { + "privilege": "PutPermission", + "description": "Grants permission to update the list of principals allowed for an action group in the resource policy associated with the specified Profiling Group", + "access_level": "Permissions management", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PutPermission.html" + }, + "RemoveNotificationChannel": { + "privilege": "RemoveNotificationChannel", + "description": "Grants permission to delete an already configured SNStopic arn from the notification configuration", + "access_level": "Write", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_RemoveNotificationChannel.html" + }, + "RemovePermission": { + "privilege": "RemovePermission", + "description": "Grants permission to remove the permission of specified Action Group from the resource policy associated with the specified Profiling Group", + "access_level": "Permissions management", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_RemovePermission.html" + }, + "SubmitFeedback": { + "privilege": "SubmitFeedback", + "description": "Grants permission to submit user feedback for useful or non useful anomaly", + "access_level": "Write", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_SubmitFeedback.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or overwrite tags to a Profiling Group", + "access_level": "Tagging", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a Profiling Group", + "access_level": "Tagging", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_UntagResource.html" + }, + "UpdateProfilingGroup": { + "privilege": "UpdateProfilingGroup", + "description": "Grants permission to update a specific profiling group", + "access_level": "Write", + "resource_types": { + "ProfilingGroup": { + "resource_type": "ProfilingGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_UpdateProfilingGroup.html" + } + }, + "privileges_lower_name": { + "addnotificationchannels": "AddNotificationChannels", + "batchgetframemetricdata": "BatchGetFrameMetricData", + "configureagent": "ConfigureAgent", + "createprofilinggroup": "CreateProfilingGroup", + "deleteprofilinggroup": "DeleteProfilingGroup", + "describeprofilinggroup": "DescribeProfilingGroup", + "getfindingsreportaccountsummary": "GetFindingsReportAccountSummary", + "getnotificationconfiguration": "GetNotificationConfiguration", + "getpolicy": "GetPolicy", + "getprofile": "GetProfile", + "getrecommendations": "GetRecommendations", + "listfindingsreports": "ListFindingsReports", + "listprofiletimes": "ListProfileTimes", + "listprofilinggroups": "ListProfilingGroups", + "listtagsforresource": "ListTagsForResource", + "postagentprofile": "PostAgentProfile", + "putpermission": "PutPermission", + "removenotificationchannel": "RemoveNotificationChannel", + "removepermission": "RemovePermission", + "submitfeedback": "SubmitFeedback", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateprofilinggroup": "UpdateProfilingGroup" + }, + "resources": { + "ProfilingGroup": { + "resource": "ProfilingGroup", + "arn": "arn:${Partition}:codeguru-profiler:${Region}:${Account}:profilingGroup/${ProfilingGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "profilinggroup": "ProfilingGroup" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "codeguru-reviewer": { + "service_name": "Amazon CodeGuru Reviewer", + "prefix": "codeguru-reviewer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodegurureviewer.html", + "privileges": { + "AssociateRepository": { + "privilege": "AssociateRepository", + "description": "Grants permission to associates a repository with Amazon CodeGuru Reviewer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "codecommit:GetRepository", + "codecommit:ListRepositories", + "codecommit:TagResource", + "codestar-connections:PassConnection", + "events:PutRule", + "events:PutTargets", + "iam:CreateServiceLinkedRole", + "s3:CreateBucket", + "s3:ListBucket", + "s3:PutBucketPolicy", + "s3:PutLifecycleConfiguration" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_AssociateRepository.html" + }, + "CreateCodeReview": { + "privilege": "CreateCodeReview", + "description": "Grants permission to create a code review", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_CreateCodeReview.html" + }, + "CreateConnectionToken": { + "privilege": "CreateConnectionToken", + "description": "Grants permission to perform webbased oauth handshake for 3rd party providers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/Welcome.html" + }, + "DescribeCodeReview": { + "privilege": "DescribeCodeReview", + "description": "Grants permission to describe a code review", + "access_level": "Read", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DescribeCodeReview.html" + }, + "DescribeRecommendationFeedback": { + "privilege": "DescribeRecommendationFeedback", + "description": "Grants permission to describe a recommendation feedback on a code review", + "access_level": "Read", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DescribeRecommendationFeedback.html" + }, + "DescribeRepositoryAssociation": { + "privilege": "DescribeRepositoryAssociation", + "description": "Grants permission to describe a repository association", + "access_level": "Read", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DescribeRepositoryAssociation.html" + }, + "DisassociateRepository": { + "privilege": "DisassociateRepository", + "description": "Grants permission to disassociate a repository with Amazon CodeGuru Reviewer", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "codecommit:UntagResource", + "events:DeleteRule", + "events:RemoveTargets" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_DisassociateRepository.html" + }, + "GetMetricsData": { + "privilege": "GetMetricsData", + "description": "Grants permission to view pull request metrics in console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/Welcome.html" + }, + "ListCodeReviews": { + "privilege": "ListCodeReviews", + "description": "Grants permission to list summary of code reviews", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListCodeReviews.html" + }, + "ListRecommendationFeedback": { + "privilege": "ListRecommendationFeedback", + "description": "Grants permission to list summary of recommendation feedback on a code review", + "access_level": "List", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListRecommendationFeedback.html" + }, + "ListRecommendations": { + "privilege": "ListRecommendations", + "description": "Grants permission to list summary of recommendations on a code review", + "access_level": "List", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListRecommendations.html" + }, + "ListRepositoryAssociations": { + "privilege": "ListRepositoryAssociations", + "description": "Grants permission to list summary of repository associations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListRepositoryAssociations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the resource attached to a associated repository ARN", + "access_level": "List", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_ListTagsForResource.html" + }, + "ListThirdPartyRepositories": { + "privilege": "ListThirdPartyRepositories", + "description": "Grants permission to list 3rd party providers repositories in console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/Welcome.html" + }, + "PutRecommendationFeedback": { + "privilege": "PutRecommendationFeedback", + "description": "Grants permission to put feedback for a recommendation on a code review", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_PutRecommendationFeedback.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to attach resource tags to an associated repository ARN", + "access_level": "Tagging", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_TagResource.html" + }, + "UnTagResource": { + "privilege": "UnTagResource", + "description": "Grants permission to disassociate resource tags from an associated repository ARN", + "access_level": "Tagging", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/reviewer-api/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "associaterepository": "AssociateRepository", + "createcodereview": "CreateCodeReview", + "createconnectiontoken": "CreateConnectionToken", + "describecodereview": "DescribeCodeReview", + "describerecommendationfeedback": "DescribeRecommendationFeedback", + "describerepositoryassociation": "DescribeRepositoryAssociation", + "disassociaterepository": "DisassociateRepository", + "getmetricsdata": "GetMetricsData", + "listcodereviews": "ListCodeReviews", + "listrecommendationfeedback": "ListRecommendationFeedback", + "listrecommendations": "ListRecommendations", + "listrepositoryassociations": "ListRepositoryAssociations", + "listtagsforresource": "ListTagsForResource", + "listthirdpartyrepositories": "ListThirdPartyRepositories", + "putrecommendationfeedback": "PutRecommendationFeedback", + "tagresource": "TagResource", + "untagresource": "UnTagResource" + }, + "resources": { + "association": { + "resource": "association", + "arn": "arn:${Partition}:codeguru-reviewer:${Region}:${Account}:association:${ResourceId}", + "condition_keys": [] + }, + "codereview": { + "resource": "codereview", + "arn": "arn:${Partition}:codeguru-reviewer:${Region}:${Account}:association:${ResourceId}:codereview:${CodeReviewId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "association": "association", + "codereview": "codereview" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "codeguru-security": { + "service_name": "Amazon CodeGuru Security", + "prefix": "codeguru-security", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodegurusecurity.html", + "privileges": { + "BatchGetFindings": { + "privilege": "BatchGetFindings", + "description": "Grants permission to batch retrieve specific findings generated by CodeGuru Security", + "access_level": "Read", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_BatchGetFindings.html" + }, + "CreateScan": { + "privilege": "CreateScan", + "description": "Grants permission to create a CodeGuru Security scan", + "access_level": "Write", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_CreateScan.html" + }, + "CreateUploadUrl": { + "privilege": "CreateUploadUrl", + "description": "Grants permission to generate a presigned url for uploading code archives", + "access_level": "Write", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_CreateUploadUrl.html" + }, + "DeleteScansByCategory": { + "privilege": "DeleteScansByCategory", + "description": "Grants permission to delete all the scans and related findings from CodeGuru Security by given category", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${AuthZDocPage}" + }, + "GetAccountConfiguration": { + "privilege": "GetAccountConfiguration", + "description": "Grants permission to retrieve the account level configurations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_GetAccountConfiguration.html" + }, + "GetFindings": { + "privilege": "GetFindings", + "description": "Grants permission to retrieve findings for a scan generated by CodeGuru Security", + "access_level": "List", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_GetFindings.html" + }, + "GetMetricsSummary": { + "privilege": "GetMetricsSummary", + "description": "Grants permission to retrieve AWS accout level metrics summary generated by CodeGuru Security", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_GetMetricsSummary.html" + }, + "GetScan": { + "privilege": "GetScan", + "description": "Grants permission to retrieve CodeGuru Security scan metadata", + "access_level": "Read", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_GetScan.html" + }, + "ListFindings": { + "privilege": "ListFindings", + "description": "Grants permission to retrieve findings generated by CodeGuru Security", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${AuthZDocPage}" + }, + "ListFindingsMetrics": { + "privilege": "ListFindingsMetrics", + "description": "Grants permission to retrieve a list of account level findings metrics within a date range", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_ListFindingsMetrics.html" + }, + "ListScans": { + "privilege": "ListScans", + "description": "Grants permission to retrieve list of CodeGuru Security scan metadata", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_ListScans.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of tags for a scan name ARN", + "access_level": "Read", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a scan name ARN", + "access_level": "Tagging", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a scan name ARN", + "access_level": "Tagging", + "resource_types": { + "ScanName": { + "resource_type": "ScanName", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scanname": "ScanName", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_UntagResource.html" + }, + "UpdateAccountConfiguration": { + "privilege": "UpdateAccountConfiguration", + "description": "Grants permission to update the account level configurations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/security-api/API_UpdateAccountConfiguration.html" + } + }, + "privileges_lower_name": { + "batchgetfindings": "BatchGetFindings", + "createscan": "CreateScan", + "createuploadurl": "CreateUploadUrl", + "deletescansbycategory": "DeleteScansByCategory", + "getaccountconfiguration": "GetAccountConfiguration", + "getfindings": "GetFindings", + "getmetricssummary": "GetMetricsSummary", + "getscan": "GetScan", + "listfindings": "ListFindings", + "listfindingsmetrics": "ListFindingsMetrics", + "listscans": "ListScans", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccountconfiguration": "UpdateAccountConfiguration" + }, + "resources": { + "ScanName": { + "resource": "ScanName", + "arn": "arn:${Partition}:codeguru-security:${Region}:${Account}:scans/${ScanName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "scanname": "ScanName" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "codewhisperer": { + "service_name": "Amazon CodeWhisperer", + "prefix": "codewhisperer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodewhisperer.html", + "privileges": { + "CreateProfile": { + "privilege": "CreateProfile", + "description": "Grants permission to invoke CreateProfile on CodeWhisperer", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + }, + "DeleteProfile": { + "privilege": "DeleteProfile", + "description": "Grants permission to invoke DeleteProfile on CodeWhisperer", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + }, + "GenerateRecommendations": { + "privilege": "GenerateRecommendations", + "description": "Grants permission to invoke GenerateRecommendations on CodeWhisperer", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + }, + "ListProfiles": { + "privilege": "ListProfiles", + "description": "Grants permission to invoke ListProfiles on CodeWhisperer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to invoke ListTagsForResource on CodeWhisperer", + "access_level": "List", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to invoke TagResource on CodeWhisperer", + "access_level": "Tagging", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to invoke UntagResource on CodeWhisperer", + "access_level": "Tagging", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + }, + "UpdateProfile": { + "privilege": "UpdateProfile", + "description": "Grants permission to invoke UpdateProfile on CodeWhisperer", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html" + } + }, + "privileges_lower_name": { + "createprofile": "CreateProfile", + "deleteprofile": "DeleteProfile", + "generaterecommendations": "GenerateRecommendations", + "listprofiles": "ListProfiles", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateprofile": "UpdateProfile" + }, + "resources": { + "profile": { + "resource": "profile", + "arn": "arn:${Partition}:codewhisperer::${Account}:profile/${Identifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "profile": "profile" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with CodeWhisperer resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "cognito-identity": { + "service_name": "Amazon Cognito Identity", + "prefix": "cognito-identity", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncognitoidentity.html", + "privileges": { + "CreateIdentityPool": { + "privilege": "CreateIdentityPool", + "description": "Grants permission to create a new identity pool", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CreateIdentityPool.html" + }, + "DeleteIdentities": { + "privilege": "DeleteIdentities", + "description": "Grants permission to delete identities from an identity pool. You can specify a list of 1-60 identities that you want to delete", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DeleteIdentities.html" + }, + "DeleteIdentityPool": { + "privilege": "DeleteIdentityPool", + "description": "Grants permission to delete a user pool. Once a pool is deleted, users will not be able to authenticate with the pool", + "access_level": "Permissions management", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DeleteIdentityPool.html" + }, + "DescribeIdentity": { + "privilege": "DescribeIdentity", + "description": "Grants permission to return metadata related to the given identity, including when the identity was created and any associated linked logins", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DescribeIdentity.html" + }, + "DescribeIdentityPool": { + "privilege": "DescribeIdentityPool", + "description": "Grants permission to get details about a particular identity pool, including the pool name, ID description, creation date, and current number of users", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_DescribeIdentityPool.html" + }, + "GetCredentialsForIdentity": { + "privilege": "GetCredentialsForIdentity", + "description": "Grants permission to return credentials for the provided identity ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetCredentialsForIdentity.html" + }, + "GetId": { + "privilege": "GetId", + "description": "Grants permission to generate (or retrieve) a Cognito ID. Supplying multiple logins will create an implicit linked account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html" + }, + "GetIdentityPoolRoles": { + "privilege": "GetIdentityPoolRoles", + "description": "Grants permission to get the roles for an identity pool", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetIdentityPoolRoles.html" + }, + "GetOpenIdToken": { + "privilege": "GetOpenIdToken", + "description": "Grants permission to get an OpenID token, using a known Cognito ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdToken.html" + }, + "GetOpenIdTokenForDeveloperIdentity": { + "privilege": "GetOpenIdTokenForDeveloperIdentity", + "description": "Grants permission to register (or retrieve) a Cognito IdentityId and an OpenID Connect token for a user authenticated by your backend authentication process", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdTokenForDeveloperIdentity.html" + }, + "GetPrincipalTagAttributeMap": { + "privilege": "GetPrincipalTagAttributeMap", + "description": "Grants permission to get the principal tags for an identity pool and provider", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetPrincipalTagAttributeMap.html" + }, + "ListIdentities": { + "privilege": "ListIdentities", + "description": "Grants permission to list the identities in an identity pool", + "access_level": "List", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_ListIdentities.html" + }, + "ListIdentityPools": { + "privilege": "ListIdentityPools", + "description": "Grants permission to list all of the Cognito identity pools registered for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_ListIdentityPools.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags that are assigned to an Amazon Cognito identity pool", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_ListTagsForResource.html" + }, + "LookupDeveloperIdentity": { + "privilege": "LookupDeveloperIdentity", + "description": "Grants permission to retrieve the IdentityId associated with a DeveloperUserIdentifier or the list of DeveloperUserIdentifiers associated with an IdentityId for an existing identity", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_LookupDeveloperIdentity.html" + }, + "MergeDeveloperIdentities": { + "privilege": "MergeDeveloperIdentities", + "description": "Grants permission to merge two users having different IdentityIds, existing in the same identity pool, and identified by the same developer provider", + "access_level": "Permissions management", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_MergeDeveloperIdentities.html" + }, + "SetIdentityPoolRoles": { + "privilege": "SetIdentityPoolRoles", + "description": "Grants permission to set the roles for an identity pool. These roles are used when making calls to GetCredentialsForIdentity action", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_SetIdentityPoolRoles.html" + }, + "SetPrincipalTagAttributeMap": { + "privilege": "SetPrincipalTagAttributeMap", + "description": "Grants permission to set the principal tags for an identity pool and provider. These tags are used when making calls to GetOpenIdToken action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_SetPrincipalTagAttributeMap.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign a set of tags to an Amazon Cognito identity pool", + "access_level": "Tagging", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_TagResource.html" + }, + "UnlinkDeveloperIdentity": { + "privilege": "UnlinkDeveloperIdentity", + "description": "Grants permission to unlink a DeveloperUserIdentifier from an existing identity", + "access_level": "Permissions management", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UnlinkDeveloperIdentity.html" + }, + "UnlinkIdentity": { + "privilege": "UnlinkIdentity", + "description": "Grants permission to unlink a federated identity from an existing account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UnlinkIdentity.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the specified tags from an Amazon Cognito identity pool", + "access_level": "Tagging", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UntagResource.html" + }, + "UpdateIdentityPool": { + "privilege": "UpdateIdentityPool", + "description": "Grants permission to update an identity pool", + "access_level": "Permissions management", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_UpdateIdentityPool.html" + } + }, + "privileges_lower_name": { + "createidentitypool": "CreateIdentityPool", + "deleteidentities": "DeleteIdentities", + "deleteidentitypool": "DeleteIdentityPool", + "describeidentity": "DescribeIdentity", + "describeidentitypool": "DescribeIdentityPool", + "getcredentialsforidentity": "GetCredentialsForIdentity", + "getid": "GetId", + "getidentitypoolroles": "GetIdentityPoolRoles", + "getopenidtoken": "GetOpenIdToken", + "getopenidtokenfordeveloperidentity": "GetOpenIdTokenForDeveloperIdentity", + "getprincipaltagattributemap": "GetPrincipalTagAttributeMap", + "listidentities": "ListIdentities", + "listidentitypools": "ListIdentityPools", + "listtagsforresource": "ListTagsForResource", + "lookupdeveloperidentity": "LookupDeveloperIdentity", + "mergedeveloperidentities": "MergeDeveloperIdentities", + "setidentitypoolroles": "SetIdentityPoolRoles", + "setprincipaltagattributemap": "SetPrincipalTagAttributeMap", + "tagresource": "TagResource", + "unlinkdeveloperidentity": "UnlinkDeveloperIdentity", + "unlinkidentity": "UnlinkIdentity", + "untagresource": "UntagResource", + "updateidentitypool": "UpdateIdentityPool" + }, + "resources": { + "identitypool": { + "resource": "identitypool", + "arn": "arn:${Partition}:cognito-identity:${Region}:${Account}:identitypool/${IdentityPoolId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "identitypool": "identitypool" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a key that is present in the request", + "type": "ArrayOfString" + } + } + }, + "cognito-sync": { + "service_name": "Amazon Cognito Sync", + "prefix": "cognito-sync", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncognitosync.html", + "privileges": { + "BulkPublish": { + "privilege": "BulkPublish", + "description": "Grants permission to initiate a bulk publish of all existing datasets for an Identity Pool to the configured stream", + "access_level": "Write", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_BulkPublish.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Grants permission to delete a specific dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DeleteDataset.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to get metadata about a dataset by identity and dataset name", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DescribeDataset.html" + }, + "DescribeIdentityPoolUsage": { + "privilege": "DescribeIdentityPoolUsage", + "description": "Grants permission to get usage details (for example, data storage) about a particular identity pool", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DescribeIdentityPoolUsage.html" + }, + "DescribeIdentityUsage": { + "privilege": "DescribeIdentityUsage", + "description": "Grants permission to get usage information for an identity, including number of datasets and data usage", + "access_level": "Read", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_DescribeIdentityUsage.html" + }, + "GetBulkPublishDetails": { + "privilege": "GetBulkPublishDetails", + "description": "Grants permission to get the status of the last BulkPublish operation for an identity pool", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_GetBulkPublishDetails.html" + }, + "GetCognitoEvents": { + "privilege": "GetCognitoEvents", + "description": "Grants permission to get the events and the corresponding Lambda functions associated with an identity pool", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_GetCognitoEvents.html" + }, + "GetIdentityPoolConfiguration": { + "privilege": "GetIdentityPoolConfiguration", + "description": "Grants permission to get the configuration settings of an identity pool", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_GetIdentityPoolConfiguration.html" + }, + "ListDatasets": { + "privilege": "ListDatasets", + "description": "Grants permission to list datasets for an identity", + "access_level": "List", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_ListDatasets.html" + }, + "ListIdentityPoolUsage": { + "privilege": "ListIdentityPoolUsage", + "description": "Grants permission to get a list of identity pools registered with Cognito", + "access_level": "Read", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_ListIdentityPoolUsage.html" + }, + "ListRecords": { + "privilege": "ListRecords", + "description": "Grants permission to get paginated records, optionally changed after a particular sync count for a dataset and identity", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_ListRecords.html" + }, + "QueryRecords": { + "privilege": "QueryRecords", + "description": "Grants permission to query records", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "RegisterDevice": { + "privilege": "RegisterDevice", + "description": "Grants permission to register a device to receive push sync notifications", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_RegisterDevice.html" + }, + "SetCognitoEvents": { + "privilege": "SetCognitoEvents", + "description": "Grants permission to set the AWS Lambda function for a given event type for an identity pool", + "access_level": "Write", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_SetCognitoEvents.html" + }, + "SetDatasetConfiguration": { + "privilege": "SetDatasetConfiguration", + "description": "Grants permission to configure datasets", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": null + }, + "SetIdentityPoolConfiguration": { + "privilege": "SetIdentityPoolConfiguration", + "description": "Grants permission to set the necessary configuration for push sync", + "access_level": "Write", + "resource_types": { + "identitypool": { + "resource_type": "identitypool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitypool": "identitypool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_SetIdentityPoolConfiguration.html" + }, + "SubscribeToDataset": { + "privilege": "SubscribeToDataset", + "description": "Grants permission to subscribe to receive notifications when a dataset is modified by another device", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_SubscribeToDataset.html" + }, + "UnsubscribeFromDataset": { + "privilege": "UnsubscribeFromDataset", + "description": "Grants permission to unsubscribe from receiving notifications when a dataset is modified by another device", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_UnsubscribeFromDataset.html" + }, + "UpdateRecords": { + "privilege": "UpdateRecords", + "description": "Grants permission to post updates to records and add and delete records for a dataset and user", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognitosync/latest/APIReference/API_UpdateRecords.html" + } + }, + "privileges_lower_name": { + "bulkpublish": "BulkPublish", + "deletedataset": "DeleteDataset", + "describedataset": "DescribeDataset", + "describeidentitypoolusage": "DescribeIdentityPoolUsage", + "describeidentityusage": "DescribeIdentityUsage", + "getbulkpublishdetails": "GetBulkPublishDetails", + "getcognitoevents": "GetCognitoEvents", + "getidentitypoolconfiguration": "GetIdentityPoolConfiguration", + "listdatasets": "ListDatasets", + "listidentitypoolusage": "ListIdentityPoolUsage", + "listrecords": "ListRecords", + "queryrecords": "QueryRecords", + "registerdevice": "RegisterDevice", + "setcognitoevents": "SetCognitoEvents", + "setdatasetconfiguration": "SetDatasetConfiguration", + "setidentitypoolconfiguration": "SetIdentityPoolConfiguration", + "subscribetodataset": "SubscribeToDataset", + "unsubscribefromdataset": "UnsubscribeFromDataset", + "updaterecords": "UpdateRecords" + }, + "resources": { + "dataset": { + "resource": "dataset", + "arn": "arn:${Partition}:cognito-sync:${Region}:${Account}:identitypool/${IdentityPoolId}/identity/${IdentityId}/dataset/${DatasetName}", + "condition_keys": [] + }, + "identity": { + "resource": "identity", + "arn": "arn:${Partition}:cognito-sync:${Region}:${Account}:identitypool/${IdentityPoolId}/identity/${IdentityId}", + "condition_keys": [] + }, + "identitypool": { + "resource": "identitypool", + "arn": "arn:${Partition}:cognito-sync:${Region}:${Account}:identitypool/${IdentityPoolId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "dataset": "dataset", + "identity": "identity", + "identitypool": "identitypool" + }, + "conditions": {} + }, + "cognito-idp": { + "service_name": "Amazon Cognito User Pools", + "prefix": "cognito-idp", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncognitouserpools.html", + "privileges": { + "AddCustomAttributes": { + "privilege": "AddCustomAttributes", + "description": "Grants permission to add user attributes to the user pool schema", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AddCustomAttributes.html" + }, + "AdminAddUserToGroup": { + "privilege": "AdminAddUserToGroup", + "description": "Grants permission to add any user to any group", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminAddUserToGroup.html" + }, + "AdminConfirmSignUp": { + "privilege": "AdminConfirmSignUp", + "description": "Grants permission to confirm any user's registration without a confirmation code", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminConfirmSignUp.html" + }, + "AdminCreateUser": { + "privilege": "AdminCreateUser", + "description": "Grants permission to create new users and send welcome messages via email or SMS", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html" + }, + "AdminDeleteUser": { + "privilege": "AdminDeleteUser", + "description": "Grants permission to delete any user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDeleteUser.html" + }, + "AdminDeleteUserAttributes": { + "privilege": "AdminDeleteUserAttributes", + "description": "Grants permission to delete attributes from any user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDeleteUserAttributes.html" + }, + "AdminDisableProviderForUser": { + "privilege": "AdminDisableProviderForUser", + "description": "Grants permission to unlink any user pool user from a third-party identity provider (IdP) user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDisableProviderForUser.html" + }, + "AdminDisableUser": { + "privilege": "AdminDisableUser", + "description": "Grants permission to deactivate any user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminDisableUser.html" + }, + "AdminEnableUser": { + "privilege": "AdminEnableUser", + "description": "Grants permission to activate any user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminEnableUser.html" + }, + "AdminForgetDevice": { + "privilege": "AdminForgetDevice", + "description": "Grants permission to deregister any user's devices", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminForgetDevice.html" + }, + "AdminGetDevice": { + "privilege": "AdminGetDevice", + "description": "Grants permission to get information about any user's devices", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetDevice.html" + }, + "AdminGetUser": { + "privilege": "AdminGetUser", + "description": "Grants permission to look up any user by user name", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetUser.html" + }, + "AdminInitiateAuth": { + "privilege": "AdminInitiateAuth", + "description": "Grants permission to authenticate any user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html" + }, + "AdminLinkProviderForUser": { + "privilege": "AdminLinkProviderForUser", + "description": "Grants permission to link any user pool user to a third-party IdP user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html" + }, + "AdminListDevices": { + "privilege": "AdminListDevices", + "description": "Grants permission to list any user's remembered devices", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminListDevices.html" + }, + "AdminListGroupsForUser": { + "privilege": "AdminListGroupsForUser", + "description": "Grants permission to list the groups that any user belongs to", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminListGroupsForUser.html" + }, + "AdminListUserAuthEvents": { + "privilege": "AdminListUserAuthEvents", + "description": "Grants permission to lists sign-in events for any user", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminListUserAuthEvents.html" + }, + "AdminRemoveUserFromGroup": { + "privilege": "AdminRemoveUserFromGroup", + "description": "Grants permission to remove any user from any group", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminRemoveUserFromGroup.html" + }, + "AdminResetUserPassword": { + "privilege": "AdminResetUserPassword", + "description": "Grants permission to reset any user's password", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminResetUserPassword.html" + }, + "AdminRespondToAuthChallenge": { + "privilege": "AdminRespondToAuthChallenge", + "description": "Grants permission to respond to an authentication challenge during the authentication of any user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminRespondToAuthChallenge.html" + }, + "AdminSetUserMFAPreference": { + "privilege": "AdminSetUserMFAPreference", + "description": "Grants permission to set any user's preferred MFA method", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html" + }, + "AdminSetUserPassword": { + "privilege": "AdminSetUserPassword", + "description": "Grants permission to set any user's password", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html" + }, + "AdminSetUserSettings": { + "privilege": "AdminSetUserSettings", + "description": "Grants permission to set user settings for any user", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserSettings.html" + }, + "AdminUpdateAuthEventFeedback": { + "privilege": "AdminUpdateAuthEventFeedback", + "description": "Grants permission to update advanced security feedback for any user's authentication event", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateAuthEventFeedback.html" + }, + "AdminUpdateDeviceStatus": { + "privilege": "AdminUpdateDeviceStatus", + "description": "Grants permission to update the status of any user's remembered devices", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateDeviceStatus.html" + }, + "AdminUpdateUserAttributes": { + "privilege": "AdminUpdateUserAttributes", + "description": "Grants permission to updates any user's standard or custom attributes", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html" + }, + "AdminUserGlobalSignOut": { + "privilege": "AdminUserGlobalSignOut", + "description": "Grants permission to sign out any user from all sessions", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUserGlobalSignOut.html" + }, + "AssociateSoftwareToken": { + "privilege": "AssociateSoftwareToken", + "description": "Returns a unique generated shared secret key code for the user account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html" + }, + "AssociateWebACL": { + "privilege": "AssociateWebACL", + "description": "Grants permission to associate the user pool with an AWS WAF web ACL", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool", + "webacl": "webacl" + }, + "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" + }, + "ChangePassword": { + "privilege": "ChangePassword", + "description": "Changes the password for a specified user in a user pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ChangePassword.html" + }, + "ConfirmDevice": { + "privilege": "ConfirmDevice", + "description": "Confirms tracking of the device. This API call is the call that begins device tracking", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html" + }, + "ConfirmForgotPassword": { + "privilege": "ConfirmForgotPassword", + "description": "Allows a user to enter a confirmation code to reset a forgotten password", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html" + }, + "ConfirmSignUp": { + "privilege": "ConfirmSignUp", + "description": "Confirms registration of a user and handles the existing alias from a previous user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmSignUp.html" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create new user pool groups", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateGroup.html" + }, + "CreateIdentityProvider": { + "privilege": "CreateIdentityProvider", + "description": "Grants permission to add identity providers to user pools", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateIdentityProvider.html" + }, + "CreateResourceServer": { + "privilege": "CreateResourceServer", + "description": "Grants permission to create and configure scopes for OAuth 2.0 resource servers", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateResourceServer.html" + }, + "CreateUserImportJob": { + "privilege": "CreateUserImportJob", + "description": "Grants permission to create user CSV import jobs", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserImportJob.html" + }, + "CreateUserPool": { + "privilege": "CreateUserPool", + "description": "Grants permission to create and set password policy for user pools", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html" + }, + "CreateUserPoolClient": { + "privilege": "CreateUserPoolClient", + "description": "Grants permission to create user pool app clients", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolClient.html" + }, + "CreateUserPoolDomain": { + "privilege": "CreateUserPoolDomain", + "description": "Grants permission to add user pool domains", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolDomain.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete any empty user pool group", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteGroup.html" + }, + "DeleteIdentityProvider": { + "privilege": "DeleteIdentityProvider", + "description": "Grants permission to delete any identity provider from user pools", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteIdentityProvider.html" + }, + "DeleteResourceServer": { + "privilege": "DeleteResourceServer", + "description": "Grants permission to delete any OAuth 2.0 resource server from user pools", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteResourceServer.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Allows a user to delete one's self", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUser.html" + }, + "DeleteUserAttributes": { + "privilege": "DeleteUserAttributes", + "description": "Deletes the attributes for a user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserAttributes.html" + }, + "DeleteUserPool": { + "privilege": "DeleteUserPool", + "description": "Grants permission to delete user pools", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserPool.html" + }, + "DeleteUserPoolClient": { + "privilege": "DeleteUserPoolClient", + "description": "Grants permission to delete any user pool app client", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserPoolClient.html" + }, + "DeleteUserPoolDomain": { + "privilege": "DeleteUserPoolDomain", + "description": "Grants permission to delete any user pool domain", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DeleteUserPoolDomain.html" + }, + "DescribeIdentityProvider": { + "privilege": "DescribeIdentityProvider", + "description": "Grants permission to describe any user pool identity provider", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeIdentityProvider.html" + }, + "DescribeResourceServer": { + "privilege": "DescribeResourceServer", + "description": "Grants permission to describe any OAuth 2.0 resource server", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeResourceServer.html" + }, + "DescribeRiskConfiguration": { + "privilege": "DescribeRiskConfiguration", + "description": "Grants permission to describe the risk configuration settings of user pools and app clients", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html" + }, + "DescribeUserImportJob": { + "privilege": "DescribeUserImportJob", + "description": "Grants permission to describe any user import job", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserImportJob.html" + }, + "DescribeUserPool": { + "privilege": "DescribeUserPool", + "description": "Grants permission to describe user pools", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html" + }, + "DescribeUserPoolClient": { + "privilege": "DescribeUserPoolClient", + "description": "Grants permission to describe any user pool app client", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html" + }, + "DescribeUserPoolDomain": { + "privilege": "DescribeUserPoolDomain", + "description": "Grants permission to describe any user pool domain", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolDomain.html" + }, + "DisassociateWebACL": { + "privilege": "DisassociateWebACL", + "description": "Grants permission to disassociate the user pool with an AWS WAF web ACL", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" + }, + "ForgetDevice": { + "privilege": "ForgetDevice", + "description": "Forgets the specified device", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgetDevice.html" + }, + "ForgotPassword": { + "privilege": "ForgotPassword", + "description": "Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html" + }, + "GetCSVHeader": { + "privilege": "GetCSVHeader", + "description": "Grants permission to generate headers for a user import .csv file", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetCSVHeader.html" + }, + "GetDevice": { + "privilege": "GetDevice", + "description": "Gets the device", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetDevice.html" + }, + "GetGroup": { + "privilege": "GetGroup", + "description": "Grants permission to describe a user pool group", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetGroup.html" + }, + "GetIdentityProviderByIdentifier": { + "privilege": "GetIdentityProviderByIdentifier", + "description": "Grants permission to correlate a user pool IdP identifier to the IdP Name", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetIdentityProviderByIdentifier.html" + }, + "GetSigningCertificate": { + "privilege": "GetSigningCertificate", + "description": "Grants permission to look up signing certificates for user pools", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetSigningCertificate.html" + }, + "GetUICustomization": { + "privilege": "GetUICustomization", + "description": "Grants permission to get UI customization information for the hosted UI of any app client", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUICustomization.html" + }, + "GetUser": { + "privilege": "GetUser", + "description": "Gets the user attributes and metadata for a user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html" + }, + "GetUserAttributeVerificationCode": { + "privilege": "GetUserAttributeVerificationCode", + "description": "Gets the user attribute verification code for the specified attribute name", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserAttributeVerificationCode.html" + }, + "GetUserPoolMfaConfig": { + "privilege": "GetUserPoolMfaConfig", + "description": "Grants permission to look up the MFA configuration of user pools", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html" + }, + "GetWebACLForResource": { + "privilege": "GetWebACLForResource", + "description": "Grants permission to get the AWS WAF web ACL that is associated with an Amazon Cognito user pool", + "access_level": "Read", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" + }, + "GlobalSignOut": { + "privilege": "GlobalSignOut", + "description": "Signs out users from all devices", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GlobalSignOut.html" + }, + "InitiateAuth": { + "privilege": "InitiateAuth", + "description": "Initiates the authentication flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html" + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Lists the devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListDevices.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list all groups in user pools", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListGroups.html" + }, + "ListIdentityProviders": { + "privilege": "ListIdentityProviders", + "description": "Grants permission to list all identity providers in user pools", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListIdentityProviders.html" + }, + "ListResourceServers": { + "privilege": "ListResourceServers", + "description": "Grants permission to list all resource servers in user pools", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListResourceServers.html" + }, + "ListResourcesForWebACL": { + "privilege": "ListResourcesForWebACL", + "description": "Grants permission to list the user pools that are associated with an AWS WAF web ACL", + "access_level": "List", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "${UserGuideDocPage}user-pool-waf.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags that are assigned to an Amazon Cognito user pool", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListTagsForResource.html" + }, + "ListUserImportJobs": { + "privilege": "ListUserImportJobs", + "description": "Grants permission to list all user import jobs", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUserImportJobs.html" + }, + "ListUserPoolClients": { + "privilege": "ListUserPoolClients", + "description": "Grants permission to list all app clients in user pools", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUserPoolClients.html" + }, + "ListUserPools": { + "privilege": "ListUserPools", + "description": "Grants permission to list all user pools", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUserPools.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list all user pool users", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsers.html" + }, + "ListUsersInGroup": { + "privilege": "ListUsersInGroup", + "description": "Grants permission to list the users in any group", + "access_level": "List", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsersInGroup.html" + }, + "ResendConfirmationCode": { + "privilege": "ResendConfirmationCode", + "description": "Resends the confirmation (for confirmation of registration) to a specific user in the user pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ResendConfirmationCode.html" + }, + "RespondToAuthChallenge": { + "privilege": "RespondToAuthChallenge", + "description": "Responds to the authentication challenge", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RespondToAuthChallenge.html" + }, + "RevokeToken": { + "privilege": "RevokeToken", + "description": "Revokes all of the access tokens generated by the specified refresh token", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html" + }, + "SetRiskConfiguration": { + "privilege": "SetRiskConfiguration", + "description": "Grants permission to set risk configuration for user pools and app clients", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html" + }, + "SetUICustomization": { + "privilege": "SetUICustomization", + "description": "Grants permission to customize the hosted UI for any app client", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUICustomization.html" + }, + "SetUserMFAPreference": { + "privilege": "SetUserMFAPreference", + "description": "Sets MFA preference for the user in the userpool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html" + }, + "SetUserPoolMfaConfig": { + "privilege": "SetUserPoolMfaConfig", + "description": "Grants permission to set user pool MFA configuration", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html" + }, + "SetUserSettings": { + "privilege": "SetUserSettings", + "description": "Sets the user settings like multi-factor authentication (MFA)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserSettings.html" + }, + "SignUp": { + "privilege": "SignUp", + "description": "Registers the user in the specified user pool and creates a user name, password, and user attributes", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html" + }, + "StartUserImportJob": { + "privilege": "StartUserImportJob", + "description": "Grants permission to start any user import job", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_StartUserImportJob.html" + }, + "StopUserImportJob": { + "privilege": "StopUserImportJob", + "description": "Grants permission to stop any user import job", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_StopUserImportJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a user pool", + "access_level": "Tagging", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a user pool", + "access_level": "Tagging", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UntagResource.html" + }, + "UpdateAuthEventFeedback": { + "privilege": "UpdateAuthEventFeedback", + "description": "Updates the feedback for the user authentication event", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateAuthEventFeedback.html" + }, + "UpdateDeviceStatus": { + "privilege": "UpdateDeviceStatus", + "description": "Updates the device status", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to update the configuration of any group", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateGroup.html" + }, + "UpdateIdentityProvider": { + "privilege": "UpdateIdentityProvider", + "description": "Grants permission to update the configuration of any user pool IdP", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateIdentityProvider.html" + }, + "UpdateResourceServer": { + "privilege": "UpdateResourceServer", + "description": "Grants permission to update the configuration of any OAuth 2.0 resource server", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateResourceServer.html" + }, + "UpdateUserAttributes": { + "privilege": "UpdateUserAttributes", + "description": "Allows a user to update a specific attribute (one at a time)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html" + }, + "UpdateUserPool": { + "privilege": "UpdateUserPool", + "description": "Grants permission to updates the configuration of user pools", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html" + }, + "UpdateUserPoolClient": { + "privilege": "UpdateUserPoolClient", + "description": "Grants permission to update any user pool client", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPoolClient.html" + }, + "UpdateUserPoolDomain": { + "privilege": "UpdateUserPoolDomain", + "description": "Grants permission to replace the certificate for any custom domain", + "access_level": "Write", + "resource_types": { + "userpool": { + "resource_type": "userpool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "userpool": "userpool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPoolDomain.html" + }, + "VerifySoftwareToken": { + "privilege": "VerifySoftwareToken", + "description": "Registers a user's entered TOTP code and mark the user's software token MFA status as verified if successful", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html" + }, + "VerifyUserAttribute": { + "privilege": "VerifyUserAttribute", + "description": "Verifies a user attribute using a one time verification code", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifyUserAttribute.html" + } + }, + "privileges_lower_name": { + "addcustomattributes": "AddCustomAttributes", + "adminaddusertogroup": "AdminAddUserToGroup", + "adminconfirmsignup": "AdminConfirmSignUp", + "admincreateuser": "AdminCreateUser", + "admindeleteuser": "AdminDeleteUser", + "admindeleteuserattributes": "AdminDeleteUserAttributes", + "admindisableproviderforuser": "AdminDisableProviderForUser", + "admindisableuser": "AdminDisableUser", + "adminenableuser": "AdminEnableUser", + "adminforgetdevice": "AdminForgetDevice", + "admingetdevice": "AdminGetDevice", + "admingetuser": "AdminGetUser", + "admininitiateauth": "AdminInitiateAuth", + "adminlinkproviderforuser": "AdminLinkProviderForUser", + "adminlistdevices": "AdminListDevices", + "adminlistgroupsforuser": "AdminListGroupsForUser", + "adminlistuserauthevents": "AdminListUserAuthEvents", + "adminremoveuserfromgroup": "AdminRemoveUserFromGroup", + "adminresetuserpassword": "AdminResetUserPassword", + "adminrespondtoauthchallenge": "AdminRespondToAuthChallenge", + "adminsetusermfapreference": "AdminSetUserMFAPreference", + "adminsetuserpassword": "AdminSetUserPassword", + "adminsetusersettings": "AdminSetUserSettings", + "adminupdateautheventfeedback": "AdminUpdateAuthEventFeedback", + "adminupdatedevicestatus": "AdminUpdateDeviceStatus", + "adminupdateuserattributes": "AdminUpdateUserAttributes", + "adminuserglobalsignout": "AdminUserGlobalSignOut", + "associatesoftwaretoken": "AssociateSoftwareToken", + "associatewebacl": "AssociateWebACL", + "changepassword": "ChangePassword", + "confirmdevice": "ConfirmDevice", + "confirmforgotpassword": "ConfirmForgotPassword", + "confirmsignup": "ConfirmSignUp", + "creategroup": "CreateGroup", + "createidentityprovider": "CreateIdentityProvider", + "createresourceserver": "CreateResourceServer", + "createuserimportjob": "CreateUserImportJob", + "createuserpool": "CreateUserPool", + "createuserpoolclient": "CreateUserPoolClient", + "createuserpooldomain": "CreateUserPoolDomain", + "deletegroup": "DeleteGroup", + "deleteidentityprovider": "DeleteIdentityProvider", + "deleteresourceserver": "DeleteResourceServer", + "deleteuser": "DeleteUser", + "deleteuserattributes": "DeleteUserAttributes", + "deleteuserpool": "DeleteUserPool", + "deleteuserpoolclient": "DeleteUserPoolClient", + "deleteuserpooldomain": "DeleteUserPoolDomain", + "describeidentityprovider": "DescribeIdentityProvider", + "describeresourceserver": "DescribeResourceServer", + "describeriskconfiguration": "DescribeRiskConfiguration", + "describeuserimportjob": "DescribeUserImportJob", + "describeuserpool": "DescribeUserPool", + "describeuserpoolclient": "DescribeUserPoolClient", + "describeuserpooldomain": "DescribeUserPoolDomain", + "disassociatewebacl": "DisassociateWebACL", + "forgetdevice": "ForgetDevice", + "forgotpassword": "ForgotPassword", + "getcsvheader": "GetCSVHeader", + "getdevice": "GetDevice", + "getgroup": "GetGroup", + "getidentityproviderbyidentifier": "GetIdentityProviderByIdentifier", + "getsigningcertificate": "GetSigningCertificate", + "getuicustomization": "GetUICustomization", + "getuser": "GetUser", + "getuserattributeverificationcode": "GetUserAttributeVerificationCode", + "getuserpoolmfaconfig": "GetUserPoolMfaConfig", + "getwebaclforresource": "GetWebACLForResource", + "globalsignout": "GlobalSignOut", + "initiateauth": "InitiateAuth", + "listdevices": "ListDevices", + "listgroups": "ListGroups", + "listidentityproviders": "ListIdentityProviders", + "listresourceservers": "ListResourceServers", + "listresourcesforwebacl": "ListResourcesForWebACL", + "listtagsforresource": "ListTagsForResource", + "listuserimportjobs": "ListUserImportJobs", + "listuserpoolclients": "ListUserPoolClients", + "listuserpools": "ListUserPools", + "listusers": "ListUsers", + "listusersingroup": "ListUsersInGroup", + "resendconfirmationcode": "ResendConfirmationCode", + "respondtoauthchallenge": "RespondToAuthChallenge", + "revoketoken": "RevokeToken", + "setriskconfiguration": "SetRiskConfiguration", + "setuicustomization": "SetUICustomization", + "setusermfapreference": "SetUserMFAPreference", + "setuserpoolmfaconfig": "SetUserPoolMfaConfig", + "setusersettings": "SetUserSettings", + "signup": "SignUp", + "startuserimportjob": "StartUserImportJob", + "stopuserimportjob": "StopUserImportJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateautheventfeedback": "UpdateAuthEventFeedback", + "updatedevicestatus": "UpdateDeviceStatus", + "updategroup": "UpdateGroup", + "updateidentityprovider": "UpdateIdentityProvider", + "updateresourceserver": "UpdateResourceServer", + "updateuserattributes": "UpdateUserAttributes", + "updateuserpool": "UpdateUserPool", + "updateuserpoolclient": "UpdateUserPoolClient", + "updateuserpooldomain": "UpdateUserPoolDomain", + "verifysoftwaretoken": "VerifySoftwareToken", + "verifyuserattribute": "VerifyUserAttribute" + }, + "resources": { + "userpool": { + "resource": "userpool", + "arn": "arn:${Partition}:cognito-idp:${Region}:${Account}:userpool/${UserPoolId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "webacl": { + "resource": "webacl", + "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/webacl/${Name}/${Id}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "userpool": "userpool", + "webacl": "webacl" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a key that is present in the request", + "type": "ArrayOfString" + } + } + }, + "comprehend": { + "service_name": "Amazon Comprehend", + "prefix": "comprehend", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncomprehend.html", + "privileges": { + "BatchDetectDominantLanguage": { + "privilege": "BatchDetectDominantLanguage", + "description": "Grants permission to detect the language or languages present in the list of text documents", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectDominantLanguage.html" + }, + "BatchDetectEntities": { + "privilege": "BatchDetectEntities", + "description": "Grants permission to detect the named entities (\"People\", \"Places\", \"Locations\", etc) within the given list of text documents", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectEntities.html" + }, + "BatchDetectKeyPhrases": { + "privilege": "BatchDetectKeyPhrases", + "description": "Grants permission to detect the phrases in the list of text documents that are most indicative of the content", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectKeyPhrases.html" + }, + "BatchDetectSentiment": { + "privilege": "BatchDetectSentiment", + "description": "Grants permission to detect the sentiment of a text in the list of documents (Positive, Negative, Neutral, or Mixed)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectSentiment.html" + }, + "BatchDetectSyntax": { + "privilege": "BatchDetectSyntax", + "description": "Grants permission to detect syntactic information (like Part of Speech, Tokens) in a list of text documents", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectSyntax.html" + }, + "BatchDetectTargetedSentiment": { + "privilege": "BatchDetectTargetedSentiment", + "description": "Grants permission to detect the sentiments associated with specific entities (such as brands or products) within the given list of text documents", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_BatchDetectTargetedSentiment.html" + }, + "ClassifyDocument": { + "privilege": "ClassifyDocument", + "description": "Grants permission to create a new document classification request to analyze a single document in real-time, using a previously created and trained custom model and an endpoint", + "access_level": "Read", + "resource_types": { + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier-endpoint": "document-classifier-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ClassifyDocument.html" + }, + "ContainsPiiEntities": { + "privilege": "ContainsPiiEntities", + "description": "Grants permission to classify the personally identifiable information within given documents in real-time", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ContainsPiiEntities.html" + }, + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Grants permission to create a new dataset within a flywheel", + "access_level": "Write", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateDataset.html" + }, + "CreateDocumentClassifier": { + "privilege": "CreateDocumentClassifier", + "description": "Grants permission to create a new document classifier that you can use to categorize documents", + "access_level": "Write", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:ModelKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateDocumentClassifier.html" + }, + "CreateEndpoint": { + "privilege": "CreateEndpoint", + "description": "Grants permission to create a model-specific endpoint for synchronous inference for a previously trained custom model", + "access_level": "Write", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel": { + "resource_type": "flywheel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier", + "document-classifier-endpoint": "document-classifier-endpoint", + "entity-recognizer": "entity-recognizer", + "entity-recognizer-endpoint": "entity-recognizer-endpoint", + "flywheel": "flywheel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateEndpoint.html" + }, + "CreateEntityRecognizer": { + "privilege": "CreateEntityRecognizer", + "description": "Grants permission to create an entity recognizer using submitted files", + "access_level": "Write", + "resource_types": { + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:ModelKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-recognizer": "entity-recognizer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateEntityRecognizer.html" + }, + "CreateFlywheel": { + "privilege": "CreateFlywheel", + "description": "Grants permission to create a new flywheel that you can use to train model versions", + "access_level": "Write", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier": { + "resource_type": "document-classifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:ModelKmsKey", + "comprehend:DataLakeKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel", + "document-classifier": "document-classifier", + "entity-recognizer": "entity-recognizer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_CreateFlywheel.html" + }, + "DeleteDocumentClassifier": { + "privilege": "DeleteDocumentClassifier", + "description": "Grants permission to delete a previously created document classifier", + "access_level": "Write", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteDocumentClassifier.html" + }, + "DeleteEndpoint": { + "privilege": "DeleteEndpoint", + "description": "Grants permission to delete a model-specific endpoint for a previously-trained custom model. All endpoints must be deleted in order for the model to be deleted", + "access_level": "Write", + "resource_types": { + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier-endpoint": "document-classifier-endpoint", + "entity-recognizer-endpoint": "entity-recognizer-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteEndpoint.html" + }, + "DeleteEntityRecognizer": { + "privilege": "DeleteEntityRecognizer", + "description": "Grants permission to delete a submitted entity recognizer", + "access_level": "Write", + "resource_types": { + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-recognizer": "entity-recognizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteEntityRecognizer.html" + }, + "DeleteFlywheel": { + "privilege": "DeleteFlywheel", + "description": "Grants permission to Delete a flywheel", + "access_level": "Write", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteFlywheel.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to remove policy on resource", + "access_level": "Write", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier", + "entity-recognizer": "entity-recognizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to get the properties associated with a dataset", + "access_level": "Read", + "resource_types": { + "flywheel-dataset": { + "resource_type": "flywheel-dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel-dataset": "flywheel-dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDataset.html" + }, + "DescribeDocumentClassificationJob": { + "privilege": "DescribeDocumentClassificationJob", + "description": "Grants permission to get the properties associated with a document classification job", + "access_level": "Read", + "resource_types": { + "document-classification-job": { + "resource_type": "document-classification-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classification-job": "document-classification-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDocumentClassificationJob.html" + }, + "DescribeDocumentClassifier": { + "privilege": "DescribeDocumentClassifier", + "description": "Grants permission to get the properties associated with a document classifier", + "access_level": "Read", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDocumentClassifier.html" + }, + "DescribeDominantLanguageDetectionJob": { + "privilege": "DescribeDominantLanguageDetectionJob", + "description": "Grants permission to get the properties associated with a dominant language detection job", + "access_level": "Read", + "resource_types": { + "dominant-language-detection-job": { + "resource_type": "dominant-language-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dominant-language-detection-job": "dominant-language-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeDominantLanguageDetectionJob.html" + }, + "DescribeEndpoint": { + "privilege": "DescribeEndpoint", + "description": "Grants permission to get the properties associated with a specific endpoint. Use this operation to get the status of an endpoint", + "access_level": "Read", + "resource_types": { + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier-endpoint": "document-classifier-endpoint", + "entity-recognizer-endpoint": "entity-recognizer-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEndpoint.html" + }, + "DescribeEntitiesDetectionJob": { + "privilege": "DescribeEntitiesDetectionJob", + "description": "Grants permission to get the properties associated with an entities detection job", + "access_level": "Read", + "resource_types": { + "entities-detection-job": { + "resource_type": "entities-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entities-detection-job": "entities-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEntitiesDetectionJob.html" + }, + "DescribeEntityRecognizer": { + "privilege": "DescribeEntityRecognizer", + "description": "Grants permission to provide details about an entity recognizer including status, S3 buckets containing training data, recognizer metadata, metrics, and so on", + "access_level": "Read", + "resource_types": { + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-recognizer": "entity-recognizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEntityRecognizer.html" + }, + "DescribeEventsDetectionJob": { + "privilege": "DescribeEventsDetectionJob", + "description": "Grants permission to get the properties associated with an Events detection job", + "access_level": "Read", + "resource_types": { + "events-detection-job": { + "resource_type": "events-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "events-detection-job": "events-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeEventsDetectionJob.html" + }, + "DescribeFlywheel": { + "privilege": "DescribeFlywheel", + "description": "Grants permission to get the properties associated with a flywheel", + "access_level": "Read", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeFlywheel.html" + }, + "DescribeFlywheelIteration": { + "privilege": "DescribeFlywheelIteration", + "description": "Grants permission to get the properties associated with a flywheel iteration for a flywheel", + "access_level": "Read", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "comprehend:FlywheelIterationId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeFlywheelIteration.html" + }, + "DescribeKeyPhrasesDetectionJob": { + "privilege": "DescribeKeyPhrasesDetectionJob", + "description": "Grants permission to get the properties associated with a key phrases detection job", + "access_level": "Read", + "resource_types": { + "key-phrases-detection-job": { + "resource_type": "key-phrases-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key-phrases-detection-job": "key-phrases-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeKeyPhrasesDetectionJob.html" + }, + "DescribePiiEntitiesDetectionJob": { + "privilege": "DescribePiiEntitiesDetectionJob", + "description": "Grants permission to get the properties associated with a PII entities detection job", + "access_level": "Read", + "resource_types": { + "pii-entities-detection-job": { + "resource_type": "pii-entities-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pii-entities-detection-job": "pii-entities-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribePiiEntitiesDetectionJob.html" + }, + "DescribeResourcePolicy": { + "privilege": "DescribeResourcePolicy", + "description": "Grants permission to read attached policy on resource", + "access_level": "Read", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier", + "entity-recognizer": "entity-recognizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeResourcePolicy.html" + }, + "DescribeSentimentDetectionJob": { + "privilege": "DescribeSentimentDetectionJob", + "description": "Grants permission to get the properties associated with a sentiment detection job", + "access_level": "Read", + "resource_types": { + "sentiment-detection-job": { + "resource_type": "sentiment-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sentiment-detection-job": "sentiment-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeSentimentDetectionJob.html" + }, + "DescribeTargetedSentimentDetectionJob": { + "privilege": "DescribeTargetedSentimentDetectionJob", + "description": "Grants permission to get the properties associated with a targeted sentiment detection job", + "access_level": "Read", + "resource_types": { + "targeted-sentiment-detection-job": { + "resource_type": "targeted-sentiment-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targeted-sentiment-detection-job": "targeted-sentiment-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeTargetedSentimentDetectionJob.html" + }, + "DescribeTopicsDetectionJob": { + "privilege": "DescribeTopicsDetectionJob", + "description": "Grants permission to get the properties associated with a topic detection job", + "access_level": "Read", + "resource_types": { + "topics-detection-job": { + "resource_type": "topics-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topics-detection-job": "topics-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DescribeTopicsDetectionJob.html" + }, + "DetectDominantLanguage": { + "privilege": "DetectDominantLanguage", + "description": "Grants permission to detect the language or languages present in the text", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectDominantLanguage.html" + }, + "DetectEntities": { + "privilege": "DetectEntities", + "description": "Grants permission to detect the named entities (\"People\", \"Places\", \"Locations\", etc) within the given text document", + "access_level": "Read", + "resource_types": { + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-recognizer-endpoint": "entity-recognizer-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectEntities.html" + }, + "DetectKeyPhrases": { + "privilege": "DetectKeyPhrases", + "description": "Grants permission to detect the phrases in the text that are most indicative of the content", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectKeyPhrases.html" + }, + "DetectPiiEntities": { + "privilege": "DetectPiiEntities", + "description": "Grants permission to detect the personally identifiable information entities (\"Name\", \"SSN\", \"PIN\", etc) within the given text document", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectPiiEntities.html" + }, + "DetectSentiment": { + "privilege": "DetectSentiment", + "description": "Grants permission to detect the sentiment of a text in a document (Positive, Negative, Neutral, or Mixed)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectSentiment.html" + }, + "DetectSyntax": { + "privilege": "DetectSyntax", + "description": "Grants permission to detect syntactic information (like Part of Speech, Tokens) in a text document", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectSyntax.html" + }, + "DetectTargetedSentiment": { + "privilege": "DetectTargetedSentiment", + "description": "Grants permission to detect the sentiments associated with specific entities (such as brands or products) in a document", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectTargetedSentiment.html" + }, + "ImportModel": { + "privilege": "ImportModel", + "description": "Grants permission to import a trained Comprehend model", + "access_level": "Write", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:ModelKmsKey" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier", + "entity-recognizer": "entity-recognizer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ImportModel.html" + }, + "ListDatasets": { + "privilege": "ListDatasets", + "description": "Grants permission to get a list of the Datasets associated with a flywheel", + "access_level": "Read", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDatasets.html" + }, + "ListDocumentClassificationJobs": { + "privilege": "ListDocumentClassificationJobs", + "description": "Grants permission to get a list of the document classification jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDocumentClassificationJobs.html" + }, + "ListDocumentClassifierSummaries": { + "privilege": "ListDocumentClassifierSummaries", + "description": "Grants permission to get a list of summaries of the document classifiers that you have created", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDocumentClassifierSummaries.html" + }, + "ListDocumentClassifiers": { + "privilege": "ListDocumentClassifiers", + "description": "Grants permission to get a list of the document classifiers that you have created", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDocumentClassifiers.html" + }, + "ListDominantLanguageDetectionJobs": { + "privilege": "ListDominantLanguageDetectionJobs", + "description": "Grants permission to get a list of the dominant language detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListDominantLanguageDetectionJobs.html" + }, + "ListEndpoints": { + "privilege": "ListEndpoints", + "description": "Grants permission to get a list of all existing endpoints that you've created", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEndpoints.html" + }, + "ListEntitiesDetectionJobs": { + "privilege": "ListEntitiesDetectionJobs", + "description": "Grants permission to get a list of the entity detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEntitiesDetectionJobs.html" + }, + "ListEntityRecognizerSummaries": { + "privilege": "ListEntityRecognizerSummaries", + "description": "Grants permission to get a list of summaries for the entity recognizers that you have created", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEntityRecognizerSummaries.html" + }, + "ListEntityRecognizers": { + "privilege": "ListEntityRecognizers", + "description": "Grants permission to get a list of the properties of all entity recognizers that you created, including recognizers currently in training", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEntityRecognizers.html" + }, + "ListEventsDetectionJobs": { + "privilege": "ListEventsDetectionJobs", + "description": "Grants permission to get a list of Events detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListEventsDetectionJobs.html" + }, + "ListFlywheelIterationHistory": { + "privilege": "ListFlywheelIterationHistory", + "description": "Grants permission to get a list of iterations associated for a flywheel", + "access_level": "Read", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListFlywheelIterationHistory.html" + }, + "ListFlywheels": { + "privilege": "ListFlywheels", + "description": "Grants permission to get a list of the flywheels that you have created", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListFlywheels.html" + }, + "ListKeyPhrasesDetectionJobs": { + "privilege": "ListKeyPhrasesDetectionJobs", + "description": "Grants permission to get a list of key phrase detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListKeyPhrasesDetectionJobs.html" + }, + "ListPiiEntitiesDetectionJobs": { + "privilege": "ListPiiEntitiesDetectionJobs", + "description": "Grants permission to get a list of PII entities detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListPiiEntitiesDetectionJobs.html" + }, + "ListSentimentDetectionJobs": { + "privilege": "ListSentimentDetectionJobs", + "description": "Grants permission to get a list of sentiment detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListSentimentDetectionJobs.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "document-classification-job": { + "resource_type": "document-classification-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier": { + "resource_type": "document-classifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dominant-language-detection-job": { + "resource_type": "dominant-language-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entities-detection-job": { + "resource_type": "entities-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "events-detection-job": { + "resource_type": "events-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel": { + "resource_type": "flywheel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel-dataset": { + "resource_type": "flywheel-dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "key-phrases-detection-job": { + "resource_type": "key-phrases-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pii-entities-detection-job": { + "resource_type": "pii-entities-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sentiment-detection-job": { + "resource_type": "sentiment-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "targeted-sentiment-detection-job": { + "resource_type": "targeted-sentiment-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "topics-detection-job": { + "resource_type": "topics-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classification-job": "document-classification-job", + "document-classifier": "document-classifier", + "document-classifier-endpoint": "document-classifier-endpoint", + "dominant-language-detection-job": "dominant-language-detection-job", + "entities-detection-job": "entities-detection-job", + "entity-recognizer": "entity-recognizer", + "entity-recognizer-endpoint": "entity-recognizer-endpoint", + "events-detection-job": "events-detection-job", + "flywheel": "flywheel", + "flywheel-dataset": "flywheel-dataset", + "key-phrases-detection-job": "key-phrases-detection-job", + "pii-entities-detection-job": "pii-entities-detection-job", + "sentiment-detection-job": "sentiment-detection-job", + "targeted-sentiment-detection-job": "targeted-sentiment-detection-job", + "topics-detection-job": "topics-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTargetedSentimentDetectionJobs": { + "privilege": "ListTargetedSentimentDetectionJobs", + "description": "Grants permission to get a list of targeted sentiment detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListTargetedSentimentDetectionJobs.html" + }, + "ListTopicsDetectionJobs": { + "privilege": "ListTopicsDetectionJobs", + "description": "Grants permission to get a list of the topic detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ListTopicsDetectionJobs.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to attach policy to resource", + "access_level": "Write", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier", + "entity-recognizer": "entity-recognizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_PutResourcePolicy.html" + }, + "StartDocumentClassificationJob": { + "privilege": "StartDocumentClassificationJob", + "description": "Grants permission to start an asynchronous document classification job", + "access_level": "Write", + "resource_types": { + "document-classification-job": { + "resource_type": "document-classification-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier": { + "resource_type": "document-classifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel": { + "resource_type": "flywheel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classification-job": "document-classification-job", + "document-classifier": "document-classifier", + "flywheel": "flywheel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartDocumentClassificationJob.html" + }, + "StartDominantLanguageDetectionJob": { + "privilege": "StartDominantLanguageDetectionJob", + "description": "Grants permission to start an asynchronous dominant language detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "dominant-language-detection-job": { + "resource_type": "dominant-language-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dominant-language-detection-job": "dominant-language-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartDominantLanguageDetectionJob.html" + }, + "StartEntitiesDetectionJob": { + "privilege": "StartEntitiesDetectionJob", + "description": "Grants permission to start an asynchronous entity detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "entities-detection-job": { + "resource_type": "entities-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel": { + "resource_type": "flywheel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entities-detection-job": "entities-detection-job", + "entity-recognizer": "entity-recognizer", + "flywheel": "flywheel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartEntitiesDetectionJob.html" + }, + "StartEventsDetectionJob": { + "privilege": "StartEventsDetectionJob", + "description": "Grants permission to start an asynchronous Events detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "events-detection-job": { + "resource_type": "events-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:OutputKmsKey" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "events-detection-job": "events-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartEventsDetectionJob.html" + }, + "StartFlywheelIteration": { + "privilege": "StartFlywheelIteration", + "description": "Grants permission to start a flywheel iteration for a flywheel", + "access_level": "Write", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartFlywheelIteration.html" + }, + "StartKeyPhrasesDetectionJob": { + "privilege": "StartKeyPhrasesDetectionJob", + "description": "Grants permission to start an asynchronous key phrase detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "key-phrases-detection-job": { + "resource_type": "key-phrases-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key-phrases-detection-job": "key-phrases-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartKeyPhrasesDetectionJob.html" + }, + "StartPiiEntitiesDetectionJob": { + "privilege": "StartPiiEntitiesDetectionJob", + "description": "Grants permission to start an asynchronous PII entities detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "pii-entities-detection-job": { + "resource_type": "pii-entities-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:OutputKmsKey" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pii-entities-detection-job": "pii-entities-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartPiiEntitiesDetectionJob.html" + }, + "StartSentimentDetectionJob": { + "privilege": "StartSentimentDetectionJob", + "description": "Grants permission to start an asynchronous sentiment detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "sentiment-detection-job": { + "resource_type": "sentiment-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sentiment-detection-job": "sentiment-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartSentimentDetectionJob.html" + }, + "StartTargetedSentimentDetectionJob": { + "privilege": "StartTargetedSentimentDetectionJob", + "description": "Grants permission to start an asynchronous targeted sentiment detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "targeted-sentiment-detection-job": { + "resource_type": "targeted-sentiment-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targeted-sentiment-detection-job": "targeted-sentiment-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartTargetedSentimentDetectionJob.html" + }, + "StartTopicsDetectionJob": { + "privilege": "StartTopicsDetectionJob", + "description": "Grants permission to start an asynchronous job to detect the most common topics in the collection of documents and the phrases associated with each topic", + "access_level": "Write", + "resource_types": { + "topics-detection-job": { + "resource_type": "topics-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "comprehend:VolumeKmsKey", + "comprehend:OutputKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topics-detection-job": "topics-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StartTopicsDetectionJob.html" + }, + "StopDominantLanguageDetectionJob": { + "privilege": "StopDominantLanguageDetectionJob", + "description": "Grants permission to stop a dominant language detection job", + "access_level": "Write", + "resource_types": { + "dominant-language-detection-job": { + "resource_type": "dominant-language-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dominant-language-detection-job": "dominant-language-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopDominantLanguageDetectionJob.html" + }, + "StopEntitiesDetectionJob": { + "privilege": "StopEntitiesDetectionJob", + "description": "Grants permission to stop an entity detection job", + "access_level": "Write", + "resource_types": { + "entities-detection-job": { + "resource_type": "entities-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entities-detection-job": "entities-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopEntitiesDetectionJob.html" + }, + "StopEventsDetectionJob": { + "privilege": "StopEventsDetectionJob", + "description": "Grants permission to stop an Events detection job", + "access_level": "Write", + "resource_types": { + "events-detection-job": { + "resource_type": "events-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "events-detection-job": "events-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopEventsDetectionJob.html" + }, + "StopKeyPhrasesDetectionJob": { + "privilege": "StopKeyPhrasesDetectionJob", + "description": "Grants permission to stop a key phrase detection job", + "access_level": "Write", + "resource_types": { + "key-phrases-detection-job": { + "resource_type": "key-phrases-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key-phrases-detection-job": "key-phrases-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopKeyPhrasesDetectionJob.html" + }, + "StopPiiEntitiesDetectionJob": { + "privilege": "StopPiiEntitiesDetectionJob", + "description": "Grants permission to stop a PII entities detection job", + "access_level": "Write", + "resource_types": { + "pii-entities-detection-job": { + "resource_type": "pii-entities-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pii-entities-detection-job": "pii-entities-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopPiiEntitiesDetectionJob.html" + }, + "StopSentimentDetectionJob": { + "privilege": "StopSentimentDetectionJob", + "description": "Grants permission to stop a sentiment detection job", + "access_level": "Write", + "resource_types": { + "sentiment-detection-job": { + "resource_type": "sentiment-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sentiment-detection-job": "sentiment-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopSentimentDetectionJob.html" + }, + "StopTargetedSentimentDetectionJob": { + "privilege": "StopTargetedSentimentDetectionJob", + "description": "Grants permission to stop a targeted sentiment detection job", + "access_level": "Write", + "resource_types": { + "targeted-sentiment-detection-job": { + "resource_type": "targeted-sentiment-detection-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targeted-sentiment-detection-job": "targeted-sentiment-detection-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopTargetedSentimentDetectionJob.html" + }, + "StopTrainingDocumentClassifier": { + "privilege": "StopTrainingDocumentClassifier", + "description": "Grants permission to stop a previously created document classifier training job", + "access_level": "Write", + "resource_types": { + "document-classifier": { + "resource_type": "document-classifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier": "document-classifier" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopTrainingDocumentClassifier.html" + }, + "StopTrainingEntityRecognizer": { + "privilege": "StopTrainingEntityRecognizer", + "description": "Grants permission to stop a previously created entity recognizer training job", + "access_level": "Write", + "resource_types": { + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-recognizer": "entity-recognizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_StopTrainingEntityRecognizer.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource with given key value pairs", + "access_level": "Tagging", + "resource_types": { + "document-classification-job": { + "resource_type": "document-classification-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier": { + "resource_type": "document-classifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dominant-language-detection-job": { + "resource_type": "dominant-language-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entities-detection-job": { + "resource_type": "entities-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "events-detection-job": { + "resource_type": "events-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel": { + "resource_type": "flywheel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel-dataset": { + "resource_type": "flywheel-dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "key-phrases-detection-job": { + "resource_type": "key-phrases-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pii-entities-detection-job": { + "resource_type": "pii-entities-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sentiment-detection-job": { + "resource_type": "sentiment-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "targeted-sentiment-detection-job": { + "resource_type": "targeted-sentiment-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "topics-detection-job": { + "resource_type": "topics-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classification-job": "document-classification-job", + "document-classifier": "document-classifier", + "document-classifier-endpoint": "document-classifier-endpoint", + "dominant-language-detection-job": "dominant-language-detection-job", + "entities-detection-job": "entities-detection-job", + "entity-recognizer": "entity-recognizer", + "entity-recognizer-endpoint": "entity-recognizer-endpoint", + "events-detection-job": "events-detection-job", + "flywheel": "flywheel", + "flywheel-dataset": "flywheel-dataset", + "key-phrases-detection-job": "key-phrases-detection-job", + "pii-entities-detection-job": "pii-entities-detection-job", + "sentiment-detection-job": "sentiment-detection-job", + "targeted-sentiment-detection-job": "targeted-sentiment-detection-job", + "topics-detection-job": "topics-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource with given key", + "access_level": "Tagging", + "resource_types": { + "document-classification-job": { + "resource_type": "document-classification-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier": { + "resource_type": "document-classifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dominant-language-detection-job": { + "resource_type": "dominant-language-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entities-detection-job": { + "resource_type": "entities-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "events-detection-job": { + "resource_type": "events-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel": { + "resource_type": "flywheel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel-dataset": { + "resource_type": "flywheel-dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "key-phrases-detection-job": { + "resource_type": "key-phrases-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pii-entities-detection-job": { + "resource_type": "pii-entities-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sentiment-detection-job": { + "resource_type": "sentiment-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "targeted-sentiment-detection-job": { + "resource_type": "targeted-sentiment-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "topics-detection-job": { + "resource_type": "topics-detection-job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classification-job": "document-classification-job", + "document-classifier": "document-classifier", + "document-classifier-endpoint": "document-classifier-endpoint", + "dominant-language-detection-job": "dominant-language-detection-job", + "entities-detection-job": "entities-detection-job", + "entity-recognizer": "entity-recognizer", + "entity-recognizer-endpoint": "entity-recognizer-endpoint", + "events-detection-job": "events-detection-job", + "flywheel": "flywheel", + "flywheel-dataset": "flywheel-dataset", + "key-phrases-detection-job": "key-phrases-detection-job", + "pii-entities-detection-job": "pii-entities-detection-job", + "sentiment-detection-job": "sentiment-detection-job", + "targeted-sentiment-detection-job": "targeted-sentiment-detection-job", + "topics-detection-job": "topics-detection-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_UntagResource.html" + }, + "UpdateEndpoint": { + "privilege": "UpdateEndpoint", + "description": "Grants permission to update information about the specified endpoint", + "access_level": "Write", + "resource_types": { + "document-classifier-endpoint": { + "resource_type": "document-classifier-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer-endpoint": { + "resource_type": "entity-recognizer-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "flywheel": { + "resource_type": "flywheel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document-classifier-endpoint": "document-classifier-endpoint", + "entity-recognizer-endpoint": "entity-recognizer-endpoint", + "flywheel": "flywheel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_UpdateEndpoint.html" + }, + "UpdateFlywheel": { + "privilege": "UpdateFlywheel", + "description": "Grants permission to Update a flywheel's configuration", + "access_level": "Write", + "resource_types": { + "flywheel": { + "resource_type": "flywheel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "document-classifier": { + "resource_type": "document-classifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-recognizer": { + "resource_type": "entity-recognizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "comprehend:VolumeKmsKey", + "comprehend:ModelKmsKey", + "comprehend:VpcSecurityGroupIds", + "comprehend:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flywheel": "flywheel", + "document-classifier": "document-classifier", + "entity-recognizer": "entity-recognizer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_UpdateFlywheel.html" + } + }, + "privileges_lower_name": { + "batchdetectdominantlanguage": "BatchDetectDominantLanguage", + "batchdetectentities": "BatchDetectEntities", + "batchdetectkeyphrases": "BatchDetectKeyPhrases", + "batchdetectsentiment": "BatchDetectSentiment", + "batchdetectsyntax": "BatchDetectSyntax", + "batchdetecttargetedsentiment": "BatchDetectTargetedSentiment", + "classifydocument": "ClassifyDocument", + "containspiientities": "ContainsPiiEntities", + "createdataset": "CreateDataset", + "createdocumentclassifier": "CreateDocumentClassifier", + "createendpoint": "CreateEndpoint", + "createentityrecognizer": "CreateEntityRecognizer", + "createflywheel": "CreateFlywheel", + "deletedocumentclassifier": "DeleteDocumentClassifier", + "deleteendpoint": "DeleteEndpoint", + "deleteentityrecognizer": "DeleteEntityRecognizer", + "deleteflywheel": "DeleteFlywheel", + "deleteresourcepolicy": "DeleteResourcePolicy", + "describedataset": "DescribeDataset", + "describedocumentclassificationjob": "DescribeDocumentClassificationJob", + "describedocumentclassifier": "DescribeDocumentClassifier", + "describedominantlanguagedetectionjob": "DescribeDominantLanguageDetectionJob", + "describeendpoint": "DescribeEndpoint", + "describeentitiesdetectionjob": "DescribeEntitiesDetectionJob", + "describeentityrecognizer": "DescribeEntityRecognizer", + "describeeventsdetectionjob": "DescribeEventsDetectionJob", + "describeflywheel": "DescribeFlywheel", + "describeflywheeliteration": "DescribeFlywheelIteration", + "describekeyphrasesdetectionjob": "DescribeKeyPhrasesDetectionJob", + "describepiientitiesdetectionjob": "DescribePiiEntitiesDetectionJob", + "describeresourcepolicy": "DescribeResourcePolicy", + "describesentimentdetectionjob": "DescribeSentimentDetectionJob", + "describetargetedsentimentdetectionjob": "DescribeTargetedSentimentDetectionJob", + "describetopicsdetectionjob": "DescribeTopicsDetectionJob", + "detectdominantlanguage": "DetectDominantLanguage", + "detectentities": "DetectEntities", + "detectkeyphrases": "DetectKeyPhrases", + "detectpiientities": "DetectPiiEntities", + "detectsentiment": "DetectSentiment", + "detectsyntax": "DetectSyntax", + "detecttargetedsentiment": "DetectTargetedSentiment", + "importmodel": "ImportModel", + "listdatasets": "ListDatasets", + "listdocumentclassificationjobs": "ListDocumentClassificationJobs", + "listdocumentclassifiersummaries": "ListDocumentClassifierSummaries", + "listdocumentclassifiers": "ListDocumentClassifiers", + "listdominantlanguagedetectionjobs": "ListDominantLanguageDetectionJobs", + "listendpoints": "ListEndpoints", + "listentitiesdetectionjobs": "ListEntitiesDetectionJobs", + "listentityrecognizersummaries": "ListEntityRecognizerSummaries", + "listentityrecognizers": "ListEntityRecognizers", + "listeventsdetectionjobs": "ListEventsDetectionJobs", + "listflywheeliterationhistory": "ListFlywheelIterationHistory", + "listflywheels": "ListFlywheels", + "listkeyphrasesdetectionjobs": "ListKeyPhrasesDetectionJobs", + "listpiientitiesdetectionjobs": "ListPiiEntitiesDetectionJobs", + "listsentimentdetectionjobs": "ListSentimentDetectionJobs", + "listtagsforresource": "ListTagsForResource", + "listtargetedsentimentdetectionjobs": "ListTargetedSentimentDetectionJobs", + "listtopicsdetectionjobs": "ListTopicsDetectionJobs", + "putresourcepolicy": "PutResourcePolicy", + "startdocumentclassificationjob": "StartDocumentClassificationJob", + "startdominantlanguagedetectionjob": "StartDominantLanguageDetectionJob", + "startentitiesdetectionjob": "StartEntitiesDetectionJob", + "starteventsdetectionjob": "StartEventsDetectionJob", + "startflywheeliteration": "StartFlywheelIteration", + "startkeyphrasesdetectionjob": "StartKeyPhrasesDetectionJob", + "startpiientitiesdetectionjob": "StartPiiEntitiesDetectionJob", + "startsentimentdetectionjob": "StartSentimentDetectionJob", + "starttargetedsentimentdetectionjob": "StartTargetedSentimentDetectionJob", + "starttopicsdetectionjob": "StartTopicsDetectionJob", + "stopdominantlanguagedetectionjob": "StopDominantLanguageDetectionJob", + "stopentitiesdetectionjob": "StopEntitiesDetectionJob", + "stopeventsdetectionjob": "StopEventsDetectionJob", + "stopkeyphrasesdetectionjob": "StopKeyPhrasesDetectionJob", + "stoppiientitiesdetectionjob": "StopPiiEntitiesDetectionJob", + "stopsentimentdetectionjob": "StopSentimentDetectionJob", + "stoptargetedsentimentdetectionjob": "StopTargetedSentimentDetectionJob", + "stoptrainingdocumentclassifier": "StopTrainingDocumentClassifier", + "stoptrainingentityrecognizer": "StopTrainingEntityRecognizer", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateendpoint": "UpdateEndpoint", + "updateflywheel": "UpdateFlywheel" + }, + "resources": { + "targeted-sentiment-detection-job": { + "resource": "targeted-sentiment-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:targeted-sentiment-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "document-classifier": { + "resource": "document-classifier", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:document-classifier/${DocumentClassifierName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "document-classifier-endpoint": { + "resource": "document-classifier-endpoint", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:document-classifier-endpoint/${DocumentClassifierEndpointName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "entity-recognizer": { + "resource": "entity-recognizer", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:entity-recognizer/${EntityRecognizerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "entity-recognizer-endpoint": { + "resource": "entity-recognizer-endpoint", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:entity-recognizer-endpoint/${EntityRecognizerEndpointName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dominant-language-detection-job": { + "resource": "dominant-language-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:dominant-language-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "entities-detection-job": { + "resource": "entities-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:entities-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "pii-entities-detection-job": { + "resource": "pii-entities-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:pii-entities-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "events-detection-job": { + "resource": "events-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:events-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "key-phrases-detection-job": { + "resource": "key-phrases-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:key-phrases-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "sentiment-detection-job": { + "resource": "sentiment-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:sentiment-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "topics-detection-job": { + "resource": "topics-detection-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:topics-detection-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "document-classification-job": { + "resource": "document-classification-job", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:document-classification-job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "flywheel": { + "resource": "flywheel", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:flywheel/${FlywheelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "flywheel-dataset": { + "resource": "flywheel-dataset", + "arn": "arn:${Partition}:comprehend:${Region}:${Account}:flywheel/${FlywheelName}/dataset/${DatasetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "targeted-sentiment-detection-job": "targeted-sentiment-detection-job", + "document-classifier": "document-classifier", + "document-classifier-endpoint": "document-classifier-endpoint", + "entity-recognizer": "entity-recognizer", + "entity-recognizer-endpoint": "entity-recognizer-endpoint", + "dominant-language-detection-job": "dominant-language-detection-job", + "entities-detection-job": "entities-detection-job", + "pii-entities-detection-job": "pii-entities-detection-job", + "events-detection-job": "events-detection-job", + "key-phrases-detection-job": "key-phrases-detection-job", + "sentiment-detection-job": "sentiment-detection-job", + "topics-detection-job": "topics-detection-job", + "document-classification-job": "document-classification-job", + "flywheel": "flywheel", + "flywheel-dataset": "flywheel-dataset" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by requiring tag values present in a resource creation request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by requiring tag value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by requiring the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "comprehend:DataLakeKmsKey": { + "condition": "comprehend:DataLakeKmsKey", + "description": "Filters access by the DataLake Kms Key associated with the flywheel resource in the request", + "type": "ARN" + }, + "comprehend:FlywheelIterationId": { + "condition": "comprehend:FlywheelIterationId", + "description": "Filters access by particular Iteration Id for a flywheel", + "type": "String" + }, + "comprehend:ModelKmsKey": { + "condition": "comprehend:ModelKmsKey", + "description": "Filters access by the model KMS key associated with the resource in the request", + "type": "ARN" + }, + "comprehend:OutputKmsKey": { + "condition": "comprehend:OutputKmsKey", + "description": "Filters access by the output KMS key associated with the resource in the request", + "type": "ARN" + }, + "comprehend:VolumeKmsKey": { + "condition": "comprehend:VolumeKmsKey", + "description": "Filters access by the volume KMS key associated with the resource in the request", + "type": "ARN" + }, + "comprehend:VpcSecurityGroupIds": { + "condition": "comprehend:VpcSecurityGroupIds", + "description": "Filters access by the list of all VPC security group ids associated with the resource in the request", + "type": "ArrayOfString" + }, + "comprehend:VpcSubnets": { + "condition": "comprehend:VpcSubnets", + "description": "Filters access by the list of all VPC subnets associated with the resource in the request", + "type": "ArrayOfString" + } + } + }, + "comprehendmedical": { + "service_name": "Amazon Comprehend Medical", + "prefix": "comprehendmedical", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncomprehendmedical.html", + "privileges": { + "DescribeEntitiesDetectionV2Job": { + "privilege": "DescribeEntitiesDetectionV2Job", + "description": "Grants permission to describe the properties of a medical entity detection job that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeEntitiesDetectionV2Job.html" + }, + "DescribeICD10CMInferenceJob": { + "privilege": "DescribeICD10CMInferenceJob", + "description": "Grants permission to describe the properties of an ICD-10-CM linking job that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeICD10CMInferenceJob.html" + }, + "DescribePHIDetectionJob": { + "privilege": "DescribePHIDetectionJob", + "description": "Grants permission to describe the properties of a PHI entity detection job that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribePHIDetectionJob.html" + }, + "DescribeRxNormInferenceJob": { + "privilege": "DescribeRxNormInferenceJob", + "description": "Grants permission to describe the properties of an RxNorm linking job that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeRxNormInferenceJob.html" + }, + "DescribeSNOMEDCTInferenceJob": { + "privilege": "DescribeSNOMEDCTInferenceJob", + "description": "Grants permission to describe the properties of a SNOMED-CT linking job that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DescribeSNOMEDCTInferenceJob.html" + }, + "DetectEntitiesV2": { + "privilege": "DetectEntitiesV2", + "description": "Grants permission to detect the named medical entities, and their relationships and traits within the given text document", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DetectEntitiesV2.html" + }, + "DetectPHI": { + "privilege": "DetectPHI", + "description": "Grants permission to detect the protected health information (PHI) entities within the given text document", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_DetectPHI.html" + }, + "InferICD10CM": { + "privilege": "InferICD10CM", + "description": "Grants permission to detect the medical condition entities within the given text document and link them to ICD-10-CM codes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_InferICD10CM.html" + }, + "InferRxNorm": { + "privilege": "InferRxNorm", + "description": "Grants permission to detect the medication entities within the given text document and link them to RxCUI concept identifiers from the National Library of Medicine RxNorm database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_InferRxNorm.html" + }, + "InferSNOMEDCT": { + "privilege": "InferSNOMEDCT", + "description": "Grants permission to detect the medical condition, anatomy, and test, treatment, and procedure entities within the given text document and link them to SNOMED-CT codes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_InferSNOMEDCT.html" + }, + "ListEntitiesDetectionV2Jobs": { + "privilege": "ListEntitiesDetectionV2Jobs", + "description": "Grants permission to list the medical entity detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListEntitiesDetectionV2Jobs.html" + }, + "ListICD10CMInferenceJobs": { + "privilege": "ListICD10CMInferenceJobs", + "description": "Grants permission to list the ICD-10-CM linking jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListICD10CMInferenceJobs.html" + }, + "ListPHIDetectionJobs": { + "privilege": "ListPHIDetectionJobs", + "description": "Grants permission to list the PHI entity detection jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListPHIDetectionJobs.html" + }, + "ListRxNormInferenceJobs": { + "privilege": "ListRxNormInferenceJobs", + "description": "Grants permission to list the RxNorm linking jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListRxNormInferenceJobs.html" + }, + "ListSNOMEDCTInferenceJobs": { + "privilege": "ListSNOMEDCTInferenceJobs", + "description": "Grants permission to list the SNOMED-CT linking jobs that you have submitted", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_ListSNOMEDCTInferenceJobs.html" + }, + "StartEntitiesDetectionV2Job": { + "privilege": "StartEntitiesDetectionV2Job", + "description": "Grants permission to start an asynchronous medical entity detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartEntitiesDetectionV2Job.html" + }, + "StartICD10CMInferenceJob": { + "privilege": "StartICD10CMInferenceJob", + "description": "Grants permission to start an asynchronous ICD-10-CM linking job for a collection of documents", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartICD10CMInferenceJob.html" + }, + "StartPHIDetectionJob": { + "privilege": "StartPHIDetectionJob", + "description": "Grants permission to start an asynchronous PHI entity detection job for a collection of documents", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartPHIDetectionJob.html" + }, + "StartRxNormInferenceJob": { + "privilege": "StartRxNormInferenceJob", + "description": "Grants permission to start an asynchronous RxNorm linking job for a collection of documents", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartRxNormInferenceJob.html" + }, + "StartSNOMEDCTInferenceJob": { + "privilege": "StartSNOMEDCTInferenceJob", + "description": "Grants permission to start an asynchronous SNOMED-CT linking job for a collection of documents", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StartSNOMEDCTInferenceJob.html" + }, + "StopEntitiesDetectionV2Job": { + "privilege": "StopEntitiesDetectionV2Job", + "description": "Grants permission to stop a medical entity detection job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopEntitiesDetectionV2Job.html" + }, + "StopICD10CMInferenceJob": { + "privilege": "StopICD10CMInferenceJob", + "description": "Grants permission to stop an ICD-10-CM linking job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopICD10CMInferenceJob.html" + }, + "StopPHIDetectionJob": { + "privilege": "StopPHIDetectionJob", + "description": "Grants permission to stop a PHI entity detection job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopPHIDetectionJob.html" + }, + "StopRxNormInferenceJob": { + "privilege": "StopRxNormInferenceJob", + "description": "Grants permission to stop an RxNorm linking job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopRxNormInferenceJob.html" + }, + "StopSNOMEDCTInferenceJob": { + "privilege": "StopSNOMEDCTInferenceJob", + "description": "Grants permission to stop a SNOMED-CT linking job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/comprehend-medical/latest/api/API_StopSNOMEDCTInferenceJob.html" + } + }, + "privileges_lower_name": { + "describeentitiesdetectionv2job": "DescribeEntitiesDetectionV2Job", + "describeicd10cminferencejob": "DescribeICD10CMInferenceJob", + "describephidetectionjob": "DescribePHIDetectionJob", + "describerxnorminferencejob": "DescribeRxNormInferenceJob", + "describesnomedctinferencejob": "DescribeSNOMEDCTInferenceJob", + "detectentitiesv2": "DetectEntitiesV2", + "detectphi": "DetectPHI", + "infericd10cm": "InferICD10CM", + "inferrxnorm": "InferRxNorm", + "infersnomedct": "InferSNOMEDCT", + "listentitiesdetectionv2jobs": "ListEntitiesDetectionV2Jobs", + "listicd10cminferencejobs": "ListICD10CMInferenceJobs", + "listphidetectionjobs": "ListPHIDetectionJobs", + "listrxnorminferencejobs": "ListRxNormInferenceJobs", + "listsnomedctinferencejobs": "ListSNOMEDCTInferenceJobs", + "startentitiesdetectionv2job": "StartEntitiesDetectionV2Job", + "starticd10cminferencejob": "StartICD10CMInferenceJob", + "startphidetectionjob": "StartPHIDetectionJob", + "startrxnorminferencejob": "StartRxNormInferenceJob", + "startsnomedctinferencejob": "StartSNOMEDCTInferenceJob", + "stopentitiesdetectionv2job": "StopEntitiesDetectionV2Job", + "stopicd10cminferencejob": "StopICD10CMInferenceJob", + "stopphidetectionjob": "StopPHIDetectionJob", + "stoprxnorminferencejob": "StopRxNormInferenceJob", + "stopsnomedctinferencejob": "StopSNOMEDCTInferenceJob" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": { + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "connect": { + "service_name": "Amazon Connect", + "prefix": "connect", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnect.html", + "privileges": { + "ActivateEvaluationForm": { + "privilege": "ActivateEvaluationForm", + "description": "Grants permission to activate an evaluation form in the specified Amazon Connect instance. After the evaluation form is activated, it is available to start new evaluations based on the form", + "access_level": "Write", + "resource_types": { + "evaluation-form": { + "resource_type": "evaluation-form", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation-form": "evaluation-form", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ActivateEvaluationForm.html" + }, + "AssociateApprovedOrigin": { + "privilege": "AssociateApprovedOrigin", + "description": "Grants permission to associate approved origin for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "AssociateBot": { + "privilege": "AssociateBot", + "description": "Grants permission to associate a Lex bot for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "lex:CreateResourcePolicy", + "lex:DescribeBotAlias", + "lex:GetBot", + "lex:UpdateResourcePolicy" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "AssociateCustomerProfilesDomain": { + "privilege": "AssociateCustomerProfilesDomain", + "description": "Grants permission to associate a Customer Profiles domain for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "profile:GetDomain" + ] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "AssociateDefaultVocabulary": { + "privilege": "AssociateDefaultVocabulary", + "description": "Grants permission to default vocabulary for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "API_AssociateDefaultVocabulary.html" + }, + "AssociateInstanceStorageConfig": { + "privilege": "AssociateInstanceStorageConfig", + "description": "Grants permission to associate instance storage for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories", + "firehose:DescribeDeliveryStream", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "kinesis:DescribeStream", + "kms:CreateGrant", + "kms:DescribeKey", + "s3:GetBucketAcl", + "s3:GetBucketLocation" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:StorageResourceType", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "AssociateLambdaFunction": { + "privilege": "AssociateLambdaFunction", + "description": "Grants permission to associate a Lambda function for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "lambda:AddPermission" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "AssociateLexBot": { + "privilege": "AssociateLexBot", + "description": "Grants permission to associate a Lex bot for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "lex:GetBot" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "AssociatePhoneNumberContactFlow": { + "privilege": "AssociatePhoneNumberContactFlow", + "description": "Grants permission to associate contact flow resources to phone number resources in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "phone-number": { + "resource_type": "phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "phone-number": "phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_AssociatePhoneNumberContactFlow.html" + }, + "AssociateQueueQuickConnects": { + "privilege": "AssociateQueueQuickConnects", + "description": "Grants permission to associate quick connects with a queue in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "quick-connect": { + "resource_type": "quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "quick-connect": "quick-connect", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_AssociateQueueQuickConnects.html" + }, + "AssociateRoutingProfileQueues": { + "privilege": "AssociateRoutingProfileQueues", + "description": "Grants permission to associate queues with a routing profile in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_AssociateRoutingProfileQueues.html" + }, + "AssociateSecurityKey": { + "privilege": "AssociateSecurityKey", + "description": "Grants permission to associate a security key for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "BatchAssociateAnalyticsDataSet": { + "privilege": "BatchAssociateAnalyticsDataSet", + "description": "Grants permission to grant access and to associate the datasets with the specified AWS account", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" + }, + "BatchDisassociateAnalyticsDataSet": { + "privilege": "BatchDisassociateAnalyticsDataSet", + "description": "Grants permission to revoke access and to disassociate the datasets with the specified AWS account", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" + }, + "ClaimPhoneNumber": { + "privilege": "ClaimPhoneNumber", + "description": "Grants permission to claim phone number resources in an Amazon Connect instance or traffic distribution group", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "wildcard-phone-number": { + "resource_type": "wildcard-phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "traffic-distribution-group": "traffic-distribution-group", + "wildcard-phone-number": "wildcard-phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ClaimPhoneNumber.html" + }, + "CreateAgentStatus": { + "privilege": "CreateAgentStatus", + "description": "Grants permission to create agent status in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "agent-status": { + "resource_type": "agent-status", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent-status": "agent-status", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateAgentStatus.html" + }, + "CreateContactFlow": { + "privilege": "CreateContactFlow", + "description": "Grants permission to create a contact flow in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateContactFlow.html" + }, + "CreateContactFlowModule": { + "privilege": "CreateContactFlowModule", + "description": "Grants permission to create a contact flow module in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow-module": "contact-flow-module", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateContactFlowModule.html" + }, + "CreateEvaluationForm": { + "privilege": "CreateEvaluationForm", + "description": "Grants permission to create an evaluation form in the specified Amazon Connect instance. The form can be used to define questions related to agent performance, and create sections to organize such questions. Question and section identifiers cannot be duplicated within the same evaluation form", + "access_level": "Write", + "resource_types": { + "evaluation-form": { + "resource_type": "evaluation-form", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation-form": "evaluation-form", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateEvaluationForm.html" + }, + "CreateHoursOfOperation": { + "privilege": "CreateHoursOfOperation", + "description": "Grants permission to create hours of operation in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hours-of-operation": "hours-of-operation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateHoursOfOperation.html" + }, + "CreateInstance": { + "privilege": "CreateInstance", + "description": "Grants permission to create a new Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ds:AuthorizeApplication", + "ds:CheckAlias", + "ds:CreateAlias", + "ds:CreateDirectory", + "ds:CreateIdentityPoolDirectory", + "ds:DeleteDirectory", + "ds:DescribeDirectories", + "ds:UnauthorizeApplication", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "CreateIntegrationAssociation": { + "privilege": "CreateIntegrationAssociation", + "description": "Grants permission to create an integration association with an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "app-integrations:CreateEventIntegrationAssociation", + "cases:GetDomain", + "connect:DescribeInstance", + "ds:DescribeDirectories", + "events:PutRule", + "events:PutTargets", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "mobiletargeting:GetApp", + "voiceid:DescribeDomain", + "wisdom:GetAssistant", + "wisdom:GetKnowledgeBase" + ] + }, + "integration-association": { + "resource_type": "integration-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "integration-association": "integration-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateIntegrationAssociation.html" + }, + "CreateParticipant": { + "privilege": "CreateParticipant", + "description": "Grants permission to add a participant to an ongoing contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateParticipant.html" + }, + "CreatePrompt": { + "privilege": "CreatePrompt", + "description": "Grants permission to create a prompt in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "prompt": { + "resource_type": "prompt", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:Decrypt", + "s3:GetObject", + "s3:GetObjectAcl" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prompt": "prompt", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreatePrompt.html" + }, + "CreateQueue": { + "privilege": "CreateQueue", + "description": "Grants permission to create a queue in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "phone-number": { + "resource_type": "phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "quick-connect": { + "resource_type": "quick-connect", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hours-of-operation": "hours-of-operation", + "queue": "queue", + "contact-flow": "contact-flow", + "phone-number": "phone-number", + "quick-connect": "quick-connect", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateQueue.html" + }, + "CreateQuickConnect": { + "privilege": "CreateQuickConnect", + "description": "Grants permission to create a quick connect in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "quick-connect": { + "resource_type": "quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quick-connect": "quick-connect", + "contact-flow": "contact-flow", + "queue": "queue", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateQuickConnect.html" + }, + "CreateRoutingProfile": { + "privilege": "CreateRoutingProfile", + "description": "Grants permission to create a routing profile in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateRoutingProfile.html" + }, + "CreateRule": { + "privilege": "CreateRule", + "description": "Grants permission to create a rule in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateRule.html" + }, + "CreateSecurityProfile": { + "privilege": "CreateSecurityProfile", + "description": "Grants permission to create a security profile for the specified Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "security-profile": { + "resource_type": "security-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-profile": "security-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateSecurityProfile.html" + }, + "CreateTaskTemplate": { + "privilege": "CreateTaskTemplate", + "description": "Grants permission to create a task template in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "task-template": { + "resource_type": "task-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-template": "task-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateTaskTemplate.html" + }, + "CreateTrafficDistributionGroup": { + "privilege": "CreateTrafficDistributionGroup", + "description": "Grants permission to create a traffic distribution group", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "traffic-distribution-group": "traffic-distribution-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateTrafficDistributionGroup.html" + }, + "CreateUseCase": { + "privilege": "CreateUseCase", + "description": "Grants permission to create a use case for an integration association", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeInstance", + "ds:DescribeDirectories" + ] + }, + "integration-association": { + "resource_type": "integration-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "use-case": { + "resource_type": "use-case", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "integration-association": "integration-association", + "use-case": "use-case", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateUseCase.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user for the specified Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "security-profile": { + "resource_type": "security-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "security-profile": "security-profile", + "user": "user", + "hierarchy-group": "hierarchy-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateUser.html" + }, + "CreateUserHierarchyGroup": { + "privilege": "CreateUserHierarchyGroup", + "description": "Grants permission to create a user hierarchy group in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hierarchy-group": "hierarchy-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateUserHierarchyGroup.html" + }, + "CreateVocabulary": { + "privilege": "CreateVocabulary", + "description": "Grants permission to create a vocabulary in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "vocabulary": { + "resource_type": "vocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabulary": "vocabulary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateVocabulary.html" + }, + "DeactivateEvaluationForm": { + "privilege": "DeactivateEvaluationForm", + "description": "Grants permission to deactivate an evaluation form in the specified Amazon Connect instance. After a form is deactivated, it is no longer available for users to start new evaluations based on the form", + "access_level": "Write", + "resource_types": { + "evaluation-form": { + "resource_type": "evaluation-form", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation-form": "evaluation-form", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeactivateEvaluationForm.html" + }, + "DeleteContactEvaluation": { + "privilege": "DeleteContactEvaluation", + "description": "Grants permission to delete a contact evaluation in the specified Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-evaluation": "contact-evaluation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteContactEvaluation.html" + }, + "DeleteContactFlow": { + "privilege": "DeleteContactFlow", + "description": "Grants permission to delete a contact flow in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteContactFlow.html" + }, + "DeleteContactFlowModule": { + "privilege": "DeleteContactFlowModule", + "description": "Grants permission to delete a contact flow module in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow-module": "contact-flow-module", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteContactFlowModule.html" + }, + "DeleteEvaluationForm": { + "privilege": "DeleteEvaluationForm", + "description": "Grants permission to delete an evaluation form in the specified Amazon Connect instance. If the version property is provided, only the specified version of the evaluation form is deleted", + "access_level": "Write", + "resource_types": { + "evaluation-form": { + "resource_type": "evaluation-form", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation-form": "evaluation-form", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteEvaluationForm.html" + }, + "DeleteHoursOfOperation": { + "privilege": "DeleteHoursOfOperation", + "description": "Grants permission to delete hours of operation in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hours-of-operation": "hours-of-operation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteHoursOfOperation.html" + }, + "DeleteInstance": { + "privilege": "DeleteInstance", + "description": "Grants permission to delete an Amazon Connect instance. When you remove an instance, the link to an existing AWS directory is also removed", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DeleteDirectory", + "ds:DescribeDirectories", + "ds:UnauthorizeApplication" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DeleteIntegrationAssociation": { + "privilege": "DeleteIntegrationAssociation", + "description": "Grants permission to delete an integration association from an Amazon Connect instance. The association must not have any use cases associated with it", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "app-integrations:DeleteEventIntegrationAssociation", + "connect:DescribeInstance", + "ds:DescribeDirectories", + "events:DeleteRule", + "events:ListTargetsByRule", + "events:RemoveTargets" + ] + }, + "integration-association": { + "resource_type": "integration-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "integration-association": "integration-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteIntegrationAssociation.html" + }, + "DeletePrompt": { + "privilege": "DeletePrompt", + "description": "Grants permission to delete a prompt in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "prompt": { + "resource_type": "prompt", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prompt": "prompt", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeletePrompt.html" + }, + "DeleteQueue": { + "privilege": "DeleteQueue", + "description": "Grants permission to delete a queue in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteQueue.html" + }, + "DeleteQuickConnect": { + "privilege": "DeleteQuickConnect", + "description": "Grants permission to delete a quick connect in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "quick-connect": { + "resource_type": "quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quick-connect": "quick-connect", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteQuickConnect.html" + }, + "DeleteRoutingProfile": { + "privilege": "DeleteRoutingProfile", + "description": "Grants permission to delete routing profiles in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteRoutingProfile.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete a rule in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteRule.html" + }, + "DeleteSecurityProfile": { + "privilege": "DeleteSecurityProfile", + "description": "Grants permission to delete a security profile in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "security-profile": { + "resource_type": "security-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-profile": "security-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteSecurityProfile.html" + }, + "DeleteTaskTemplate": { + "privilege": "DeleteTaskTemplate", + "description": "Grants permission to delete a task template in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "task-template": { + "resource_type": "task-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-template": "task-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteTaskTemplate.html" + }, + "DeleteTrafficDistributionGroup": { + "privilege": "DeleteTrafficDistributionGroup", + "description": "Grants permission to delete a traffic distribution group", + "access_level": "Write", + "resource_types": { + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-distribution-group": "traffic-distribution-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteTrafficDistributionGroup.html" + }, + "DeleteUseCase": { + "privilege": "DeleteUseCase", + "description": "Grants permission to delete a use case from an integration association", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeInstance", + "ds:DescribeDirectories" + ] + }, + "use-case": { + "resource_type": "use-case", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "use-case": "use-case", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteUseCase.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteUser.html" + }, + "DeleteUserHierarchyGroup": { + "privilege": "DeleteUserHierarchyGroup", + "description": "Grants permission to delete a user hierarchy group in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hierarchy-group": "hierarchy-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteUserHierarchyGroup.html" + }, + "DeleteVocabulary": { + "privilege": "DeleteVocabulary", + "description": "Grants permission to delete a vocabulary in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "vocabulary": { + "resource_type": "vocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabulary": "vocabulary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteVocabulary.html" + }, + "DescribeAgentStatus": { + "privilege": "DescribeAgentStatus", + "description": "Grants permission to describe agent status in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "agent-status": { + "resource_type": "agent-status", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent-status": "agent-status", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeAgentStatus.html" + }, + "DescribeContact": { + "privilege": "DescribeContact", + "description": "Grants permission to describe a contact in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContact.html" + }, + "DescribeContactEvaluation": { + "privilege": "DescribeContactEvaluation", + "description": "Grants permission to describe a contact evaluation in the specified Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-evaluation": "contact-evaluation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContactEvaluation.html" + }, + "DescribeContactFlow": { + "privilege": "DescribeContactFlow", + "description": "Grants permission to describe a contact flow in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContactFlow.html" + }, + "DescribeContactFlowModule": { + "privilege": "DescribeContactFlowModule", + "description": "Grants permission to describe a contact flow module in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow-module": "contact-flow-module", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeContactFlowModule.html" + }, + "DescribeEvaluationForm": { + "privilege": "DescribeEvaluationForm", + "description": "Grants permission to describe an evaluation form in the specified Amazon Connect instance. If the version property is not provided, the latest version of the evaluation form is described", + "access_level": "Read", + "resource_types": { + "evaluation-form": { + "resource_type": "evaluation-form", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation-form": "evaluation-form", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeEvaluationForm.html" + }, + "DescribeForecastingPlanningSchedulingIntegration": { + "privilege": "DescribeForecastingPlanningSchedulingIntegration", + "description": "Grants permission to describe the status of forecasting, planning, and scheduling integration on an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" + }, + "DescribeHoursOfOperation": { + "privilege": "DescribeHoursOfOperation", + "description": "Grants permission to describe hours of operation in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hours-of-operation": "hours-of-operation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeHoursOfOperation.html" + }, + "DescribeInstance": { + "privilege": "DescribeInstance", + "description": "Grants permission to view details of an Amazon Connect instance and is also required to create an instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DescribeInstanceAttribute": { + "privilege": "DescribeInstanceAttribute", + "description": "Grants permission to view the attribute details of an existing Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:AttributeType", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DescribeInstanceStorageConfig": { + "privilege": "DescribeInstanceStorageConfig", + "description": "Grants permission to view the instance storage configuration for an existing Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:StorageResourceType", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DescribePhoneNumber": { + "privilege": "DescribePhoneNumber", + "description": "Grants permission to describe phone number resources in an Amazon Connect instance or traffic distribution group", + "access_level": "Read", + "resource_types": { + "phone-number": { + "resource_type": "phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phone-number": "phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribePhoneNumber.html" + }, + "DescribePrompt": { + "privilege": "DescribePrompt", + "description": "Grants permission to describe a prompt in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "prompt": { + "resource_type": "prompt", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prompt": "prompt", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribePrompt.html" + }, + "DescribeQueue": { + "privilege": "DescribeQueue", + "description": "Grants permission to describe a queue in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeQueue.html" + }, + "DescribeQuickConnect": { + "privilege": "DescribeQuickConnect", + "description": "Grants permission to describe a quick connect in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "quick-connect": { + "resource_type": "quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quick-connect": "quick-connect", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeQuickConnect.html" + }, + "DescribeRoutingProfile": { + "privilege": "DescribeRoutingProfile", + "description": "Grants permission to describe a routing profile in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html" + }, + "DescribeRule": { + "privilege": "DescribeRule", + "description": "Grants permission to describe a rule in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRule.html" + }, + "DescribeSecurityProfile": { + "privilege": "DescribeSecurityProfile", + "description": "Grants permission to describe a security profile in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "security-profile": { + "resource_type": "security-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-profile": "security-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeSecurityProfile.html" + }, + "DescribeTrafficDistributionGroup": { + "privilege": "DescribeTrafficDistributionGroup", + "description": "Grants permission to describe a traffic distribution group", + "access_level": "Read", + "resource_types": { + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-distribution-group": "traffic-distribution-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeTrafficDistributionGroup.html" + }, + "DescribeUser": { + "privilege": "DescribeUser", + "description": "Grants permission to describe a user in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeUser.html" + }, + "DescribeUserHierarchyGroup": { + "privilege": "DescribeUserHierarchyGroup", + "description": "Grants permission to describe a hierarchy group for an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hierarchy-group": "hierarchy-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeUserHierarchyGroup.html" + }, + "DescribeUserHierarchyStructure": { + "privilege": "DescribeUserHierarchyStructure", + "description": "Grants permission to describe the hierarchy structure for an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeUserHierarchyStructure.html" + }, + "DescribeVocabulary": { + "privilege": "DescribeVocabulary", + "description": "Grants permission to describe a vocabulary in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "vocabulary": { + "resource_type": "vocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabulary": "vocabulary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeVocabulary.html" + }, + "DisassociateApprovedOrigin": { + "privilege": "DisassociateApprovedOrigin", + "description": "Grants permission to disassociate approved origin for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DisassociateBot": { + "privilege": "DisassociateBot", + "description": "Grants permission to disassociate a Lex bot for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "lex:DeleteResourcePolicy", + "lex:UpdateResourcePolicy" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DisassociateCustomerProfilesDomain": { + "privilege": "DisassociateCustomerProfilesDomain", + "description": "Grants permission to disassociate a Customer Profiles domain for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:DeleteRolePolicy", + "iam:DetachRolePolicy", + "iam:GetPolicy", + "iam:GetPolicyVersion", + "iam:GetRolePolicy" + ] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DisassociateInstanceStorageConfig": { + "privilege": "DisassociateInstanceStorageConfig", + "description": "Grants permission to disassociate instance storage for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:StorageResourceType", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DisassociateLambdaFunction": { + "privilege": "DisassociateLambdaFunction", + "description": "Grants permission to disassociate a Lambda function for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "lambda:RemovePermission" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DisassociateLexBot": { + "privilege": "DisassociateLexBot", + "description": "Grants permission to disassociate a Lex bot for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DisassociatePhoneNumberContactFlow": { + "privilege": "DisassociatePhoneNumberContactFlow", + "description": "Grants permission to disassociate contact flow resources from phone number resources in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "phone-number": { + "resource_type": "phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phone-number": "phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DisassociatePhoneNumberContactFlow.html" + }, + "DisassociateQueueQuickConnects": { + "privilege": "DisassociateQueueQuickConnects", + "description": "Grants permission to disassociate quick connects from a queue in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "quick-connect": { + "resource_type": "quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "quick-connect": "quick-connect", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DisassociateQueueQuickConnects.html" + }, + "DisassociateRoutingProfileQueues": { + "privilege": "DisassociateRoutingProfileQueues", + "description": "Grants permission to disassociate queues from a routing profile in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DisassociateRoutingProfileQueues.html" + }, + "DisassociateSecurityKey": { + "privilege": "DisassociateSecurityKey", + "description": "Grants permission to disassociate the security key for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "DismissUserContact": { + "privilege": "DismissUserContact", + "description": "Grants permission to dismiss terminated Contact from Agent CCP", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DismissUserContact.html" + }, + "GetContactAttributes": { + "privilege": "GetContactAttributes", + "description": "Grants permission to retrieve the contact attributes for the specified contact", + "access_level": "Read", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetContactAttributes.html" + }, + "GetCurrentMetricData": { + "privilege": "GetCurrentMetricData", + "description": "Grants permission to retrieve current metric data for queues and routing profiles in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetCurrentMetricData.html" + }, + "GetCurrentUserData": { + "privilege": "GetCurrentUserData", + "description": "Grants permission to retrieve current user data in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hierarchy-group": "hierarchy-group", + "queue": "queue", + "routing-profile": "routing-profile", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetCurrentUserData.html" + }, + "GetFederationToken": { + "privilege": "GetFederationToken", + "description": "Grants permission to federate into an Amazon Connect instance when using SAML-based authentication for identity management", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetFederationToken.html" + }, + "GetFederationTokens": { + "privilege": "GetFederationTokens", + "description": "Grants permission to federate into an Amazon Connect instance (Log in for emergency access functionality in the Amazon Connect console)", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeInstance", + "connect:ListInstances", + "ds:DescribeDirectories" + ] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/emergency-admin-login.html" + }, + "GetMetricData": { + "privilege": "GetMetricData", + "description": "Grants permission to retrieve historical metric data for queues in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetMetricData.html" + }, + "GetMetricDataV2": { + "privilege": "GetMetricDataV2", + "description": "Grants permission to retrieve metric data in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hierarchy-group": "hierarchy-group", + "queue": "queue", + "routing-profile": "routing-profile", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetMetricDataV2.html" + }, + "GetPromptFile": { + "privilege": "GetPromptFile", + "description": "Grants permission to get details about a prompt's presigned Amazon S3 URL in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "prompt": { + "resource_type": "prompt", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prompt": "prompt", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetPromptFile.html" + }, + "GetTaskTemplate": { + "privilege": "GetTaskTemplate", + "description": "Grants permission to get details about specified task template in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "task-template": { + "resource_type": "task-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-template": "task-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetTaskTemplate.html" + }, + "GetTrafficDistribution": { + "privilege": "GetTrafficDistribution", + "description": "Grants permission to read traffic distribution for a traffic distribution group", + "access_level": "List", + "resource_types": { + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-distribution-group": "traffic-distribution-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetTrafficDistribution.html" + }, + "ListAgentStatuses": { + "privilege": "ListAgentStatuses", + "description": "Grants permission to list agent statuses in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "wildcard-agent-status": { + "resource_type": "wildcard-agent-status", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wildcard-agent-status": "wildcard-agent-status" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListAgentStatuses.html" + }, + "ListApprovedOrigins": { + "privilege": "ListApprovedOrigins", + "description": "Grants permission to view approved origins of an existing Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListBots": { + "privilege": "ListBots", + "description": "Grants permission to view the Lex bots of an existing Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListContactEvaluations": { + "privilege": "ListContactEvaluations", + "description": "Grants permission to list contact evaluations in the specified Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactEvaluations.html" + }, + "ListContactFlowModules": { + "privilege": "ListContactFlowModules", + "description": "Grants permission to list contact flow module resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactFlowModules.html" + }, + "ListContactFlows": { + "privilege": "ListContactFlows", + "description": "Grants permission to list contact flow resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "wildcard-contact-flow": { + "resource_type": "wildcard-contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wildcard-contact-flow": "wildcard-contact-flow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactFlows.html" + }, + "ListContactReferences": { + "privilege": "ListContactReferences", + "description": "Grants permission to list references associated with a contact in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListContactReferences.html" + }, + "ListDefaultVocabularies": { + "privilege": "ListDefaultVocabularies", + "description": "Grants permission to list default vocabularies associated with a Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListDefaultVocabularies.html" + }, + "ListEvaluationFormVersions": { + "privilege": "ListEvaluationFormVersions", + "description": "Grants permission to list versions of an evaluation form in the specified Amazon Connect instance", + "access_level": "List", + "resource_types": { + "evaluation-form": { + "resource_type": "evaluation-form", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation-form": "evaluation-form", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListEvaluationFormVersions.html" + }, + "ListEvaluationForms": { + "privilege": "ListEvaluationForms", + "description": "Grants permission to list evaluation forms in the specified Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListEvaluationForms.html" + }, + "ListHoursOfOperations": { + "privilege": "ListHoursOfOperations", + "description": "Grants permission to list hours of operation resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListHoursOfOperations.html" + }, + "ListInstanceAttributes": { + "privilege": "ListInstanceAttributes", + "description": "Grants permission to view the attributes of an existing Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListInstanceStorageConfigs": { + "privilege": "ListInstanceStorageConfigs", + "description": "Grants permission to view storage configurations of an existing Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListInstances": { + "privilege": "ListInstances", + "description": "Grants permission to view the Amazon Connect instances associated with an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListIntegrationAssociations": { + "privilege": "ListIntegrationAssociations", + "description": "Grants permission to list summary information about the integration associations for the specified Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeInstance", + "ds:DescribeDirectories" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListIntegrationAssociations.html" + }, + "ListLambdaFunctions": { + "privilege": "ListLambdaFunctions", + "description": "Grants permission to view the Lambda functions of an existing Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListLexBots": { + "privilege": "ListLexBots", + "description": "Grants permission to view the Lex bots of an existing Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListPhoneNumbers": { + "privilege": "ListPhoneNumbers", + "description": "Grants permission to list phone number resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "wildcard-legacy-phone-number": { + "resource_type": "wildcard-legacy-phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wildcard-legacy-phone-number": "wildcard-legacy-phone-number" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbers.html" + }, + "ListPhoneNumbersV2": { + "privilege": "ListPhoneNumbersV2", + "description": "Grants permission to list phone number resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "wildcard-phone-number": { + "resource_type": "wildcard-phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wildcard-phone-number": "wildcard-phone-number" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html" + }, + "ListPrompts": { + "privilege": "ListPrompts", + "description": "Grants permission to list prompt resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPrompts.html" + }, + "ListQueueQuickConnects": { + "privilege": "ListQueueQuickConnects", + "description": "Grants permission to list quick connect resources in a queue in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListQueueQuickConnects.html" + }, + "ListQueues": { + "privilege": "ListQueues", + "description": "Grants permission to list queue resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "wildcard-queue": { + "resource_type": "wildcard-queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wildcard-queue": "wildcard-queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListQueues.html" + }, + "ListQuickConnects": { + "privilege": "ListQuickConnects", + "description": "Grants permission to list quick connect resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "wildcard-quick-connect": { + "resource_type": "wildcard-quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wildcard-quick-connect": "wildcard-quick-connect" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListQuickConnects.html" + }, + "ListRealtimeContactAnalysisSegments": { + "privilege": "ListRealtimeContactAnalysisSegments", + "description": "Grants permission to list the analysis segments for a real-time analysis session", + "access_level": "Read", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/contact-lens/latest/APIReference/API_ListRealtimeContactAnalysisSegments.html" + }, + "ListRoutingProfileQueues": { + "privilege": "ListRoutingProfileQueues", + "description": "Grants permission to list queue resources in a routing profile in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListRoutingProfileQueues.html" + }, + "ListRoutingProfiles": { + "privilege": "ListRoutingProfiles", + "description": "Grants permission to list routing profile resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListRoutingProfiles.html" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to list rules associated with a Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListRules.html" + }, + "ListSecurityKeys": { + "privilege": "ListSecurityKeys", + "description": "Grants permission to view the security keys of an existing Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ListSecurityProfilePermissions": { + "privilege": "ListSecurityProfilePermissions", + "description": "Grants permission to list permissions associated with security profile in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "security-profile": { + "resource_type": "security-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-profile": "security-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListSecurityProfilePermissions.html" + }, + "ListSecurityProfiles": { + "privilege": "ListSecurityProfiles", + "description": "Grants permission to list security profile resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListSecurityProfiles.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an Amazon Connect resource", + "access_level": "Read", + "resource_types": { + "agent-status": { + "resource_type": "agent-status", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation-form": { + "resource_type": "evaluation-form", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "integration-association": { + "resource_type": "integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "phone-number": { + "resource_type": "phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "prompt": { + "resource_type": "prompt", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "quick-connect": { + "resource_type": "quick-connect", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "security-profile": { + "resource_type": "security-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "use-case": { + "resource_type": "use-case", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "wildcard-phone-number": { + "resource_type": "wildcard-phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent-status": "agent-status", + "contact-evaluation": "contact-evaluation", + "contact-flow": "contact-flow", + "contact-flow-module": "contact-flow-module", + "evaluation-form": "evaluation-form", + "hierarchy-group": "hierarchy-group", + "hours-of-operation": "hours-of-operation", + "integration-association": "integration-association", + "phone-number": "phone-number", + "prompt": "prompt", + "queue": "queue", + "quick-connect": "quick-connect", + "routing-profile": "routing-profile", + "rule": "rule", + "security-profile": "security-profile", + "traffic-distribution-group": "traffic-distribution-group", + "use-case": "use-case", + "user": "user", + "wildcard-phone-number": "wildcard-phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTaskTemplates": { + "privilege": "ListTaskTemplates", + "description": "Grants permission to list task template resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListTaskTemplates.html" + }, + "ListTrafficDistributionGroups": { + "privilege": "ListTrafficDistributionGroups", + "description": "Grants permission to list traffic distribution groups", + "access_level": "List", + "resource_types": { + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-distribution-group": "traffic-distribution-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListTrafficDistributionGroups.html" + }, + "ListUseCases": { + "privilege": "ListUseCases", + "description": "Grants permission to list the use cases of an integration association", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeInstance", + "ds:DescribeDirectories" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListUseCases.html" + }, + "ListUserHierarchyGroups": { + "privilege": "ListUserHierarchyGroups", + "description": "Grants permission to list the hierarchy group resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListUserHierarchyGroups.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list user resources in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListUsers.html" + }, + "MonitorContact": { + "privilege": "MonitorContact", + "description": "Grants permission to monitor an ongoing contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:MonitorCapabilities", + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "instance": "instance", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_MonitorContact.html" + }, + "PutUserStatus": { + "privilege": "PutUserStatus", + "description": "Grants permission to switch User Status in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "agent-status": { + "resource_type": "agent-status", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent-status": "agent-status", + "instance": "instance", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_PutUserStatus.html" + }, + "ReleasePhoneNumber": { + "privilege": "ReleasePhoneNumber", + "description": "Grants permission to release phone number resources in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "phone-number": { + "resource_type": "phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phone-number": "phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ReleasePhoneNumber.html" + }, + "ReplicateInstance": { + "privilege": "ReplicateInstance", + "description": "Grants permission to create a replica of an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ds:AuthorizeApplication", + "ds:CheckAlias", + "ds:CreateAlias", + "ds:CreateDirectory", + "ds:CreateIdentityPoolDirectory", + "ds:DeleteDirectory", + "ds:DescribeDirectories", + "ds:UnauthorizeApplication", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "ResumeContactRecording": { + "privilege": "ResumeContactRecording", + "description": "Grants permission to resume recording for the specified contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ResumeContactRecording.html" + }, + "SearchAvailablePhoneNumbers": { + "privilege": "SearchAvailablePhoneNumbers", + "description": "Grants permission to search phone number resources in an Amazon Connect instance or traffic distribution group", + "access_level": "List", + "resource_types": { + "wildcard-phone-number": { + "resource_type": "wildcard-phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wildcard-phone-number": "wildcard-phone-number" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchAvailablePhoneNumbers.html" + }, + "SearchHoursOfOperations": { + "privilege": "SearchHoursOfOperations", + "description": "Grants permission to search hours of operation resources in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeHoursOfOperation" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "connect:SearchTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchHoursOfOperations.html" + }, + "SearchPrompts": { + "privilege": "SearchPrompts", + "description": "Grants permission to search prompt resources in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribePrompt" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "connect:SearchTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchPrompts.html" + }, + "SearchQueues": { + "privilege": "SearchQueues", + "description": "Grants permission to search queue resources in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeQueue" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "connect:SearchTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchQueues.html" + }, + "SearchQuickConnects": { + "privilege": "SearchQuickConnects", + "description": "Grants permission to search quick connect resources in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeQuickConnect" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "connect:SearchTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchQuickConnects.html" + }, + "SearchResourceTags": { + "privilege": "SearchResourceTags", + "description": "Grants permission to search tags used in an Amazon Connect instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchResourceTags.html" + }, + "SearchRoutingProfiles": { + "privilege": "SearchRoutingProfiles", + "description": "Grants permission to search routing profile resources in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeRoutingProfile" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "connect:SearchTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html" + }, + "SearchSecurityProfiles": { + "privilege": "SearchSecurityProfiles", + "description": "Grants permission to search security profile resources in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeSecurityProfile" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "connect:SearchTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchSecurityProfiles.html" + }, + "SearchUsers": { + "privilege": "SearchUsers", + "description": "Grants permission to search user resources in an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "connect:DescribeUser" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId", + "connect:SearchTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchUsers.html" + }, + "SearchVocabularies": { + "privilege": "SearchVocabularies", + "description": "Grants permission to search vocabularies in a Amazon Connect instance", + "access_level": "List", + "resource_types": { + "vocabulary": { + "resource_type": "vocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabulary": "vocabulary", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchVocabularies.html" + }, + "StartChatContact": { + "privilege": "StartChatContact", + "description": "Grants permission to initiate a chat using the Amazon Connect API", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact": { + "resource_type": "contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartChatContact.html" + }, + "StartContactEvaluation": { + "privilege": "StartContactEvaluation", + "description": "Grants permission to start an empty evaluation in the specified Amazon Connect instance, using the given evaluation form for the particular contact. The evaluation form version used for the contact evaluation corresponds to the currently activated version. If no version is activated for the evaluation form, the contact evaluation cannot be started", + "access_level": "Write", + "resource_types": { + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-evaluation": "contact-evaluation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartContactEvaluation.html" + }, + "StartContactRecording": { + "privilege": "StartContactRecording", + "description": "Grants permission to start recording for the specified contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartContactRecording.html" + }, + "StartContactStreaming": { + "privilege": "StartContactStreaming", + "description": "Grants permission to start chat streaming using the Amazon Connect API", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartContactStreaming.html" + }, + "StartForecastingPlanningSchedulingIntegration": { + "privilege": "StartForecastingPlanningSchedulingIntegration", + "description": "Grants permission to enable forecasting, planning, and scheduling integration on an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" + }, + "StartOutboundVoiceContact": { + "privilege": "StartOutboundVoiceContact", + "description": "Grants permission to initiate outbound calls using the Amazon Connect API", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartOutboundVoiceContact.html" + }, + "StartTaskContact": { + "privilege": "StartTaskContact", + "description": "Grants permission to initiate a task using the Amazon Connect API", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact": { + "resource_type": "contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "quick-connect": { + "resource_type": "quick-connect", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-template": { + "resource_type": "task-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "contact": "contact", + "quick-connect": "quick-connect", + "task-template": "task-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartTaskContact.html" + }, + "StopContact": { + "privilege": "StopContact", + "description": "Grants permission to stop contacts that were initiated using the Amazon Connect API. If you use this operation on an active contact the contact ends, even if the agent is active on a call with a customer", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StopContact.html" + }, + "StopContactRecording": { + "privilege": "StopContactRecording", + "description": "Grants permission to stop recording for the specified contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StopContactRecording.html" + }, + "StopContactStreaming": { + "privilege": "StopContactStreaming", + "description": "Grants permission to stop chat streaming using the Amazon Connect API", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StopContactStreaming.html" + }, + "StopForecastingPlanningSchedulingIntegration": { + "privilege": "StopForecastingPlanningSchedulingIntegration", + "description": "Grants permission to disable forecasting, planning, and scheduling integration on an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/optimization-apis.html" + }, + "SubmitContactEvaluation": { + "privilege": "SubmitContactEvaluation", + "description": "Grants permission to submit a contact evaluation in the specified Amazon Connect instance. Answers included in the request are merged with existing answers for the given evaluation. If no answers or notes are passed, the evaluation is submitted with the existing answers and notes. You can delete an answer or note by passing an empty object ( { }) to the question identifier", + "access_level": "Write", + "resource_types": { + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-evaluation": "contact-evaluation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SubmitContactEvaluation.html" + }, + "SuspendContactRecording": { + "privilege": "SuspendContactRecording", + "description": "Grants permission to suspend recording for the specified contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SuspendContactRecording.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon Connect resource", + "access_level": "Tagging", + "resource_types": { + "agent-status": { + "resource_type": "agent-status", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation-form": { + "resource_type": "evaluation-form", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "integration-association": { + "resource_type": "integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "phone-number": { + "resource_type": "phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "prompt": { + "resource_type": "prompt", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "quick-connect": { + "resource_type": "quick-connect", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "security-profile": { + "resource_type": "security-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-template": { + "resource_type": "task-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "use-case": { + "resource_type": "use-case", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vocabulary": { + "resource_type": "vocabulary", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "wildcard-phone-number": { + "resource_type": "wildcard-phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent-status": "agent-status", + "contact-evaluation": "contact-evaluation", + "contact-flow": "contact-flow", + "contact-flow-module": "contact-flow-module", + "evaluation-form": "evaluation-form", + "hierarchy-group": "hierarchy-group", + "hours-of-operation": "hours-of-operation", + "instance": "instance", + "integration-association": "integration-association", + "phone-number": "phone-number", + "prompt": "prompt", + "queue": "queue", + "quick-connect": "quick-connect", + "routing-profile": "routing-profile", + "rule": "rule", + "security-profile": "security-profile", + "task-template": "task-template", + "traffic-distribution-group": "traffic-distribution-group", + "use-case": "use-case", + "user": "user", + "vocabulary": "vocabulary", + "wildcard-phone-number": "wildcard-phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_TagResource.html" + }, + "TransferContact": { + "privilege": "TransferContact", + "description": "Grants permission to transfer the contact to another queue or agent", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "contact-flow": "contact-flow", + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_TransferContact.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Amazon Connect resource", + "access_level": "Tagging", + "resource_types": { + "agent-status": { + "resource_type": "agent-status", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation-form": { + "resource_type": "evaluation-form", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "integration-association": { + "resource_type": "integration-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "phone-number": { + "resource_type": "phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "prompt": { + "resource_type": "prompt", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "quick-connect": { + "resource_type": "quick-connect", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "security-profile": { + "resource_type": "security-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-template": { + "resource_type": "task-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "use-case": { + "resource_type": "use-case", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vocabulary": { + "resource_type": "vocabulary", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "wildcard-phone-number": { + "resource_type": "wildcard-phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent-status": "agent-status", + "contact-evaluation": "contact-evaluation", + "contact-flow": "contact-flow", + "contact-flow-module": "contact-flow-module", + "evaluation-form": "evaluation-form", + "hierarchy-group": "hierarchy-group", + "hours-of-operation": "hours-of-operation", + "instance": "instance", + "integration-association": "integration-association", + "phone-number": "phone-number", + "prompt": "prompt", + "queue": "queue", + "quick-connect": "quick-connect", + "routing-profile": "routing-profile", + "rule": "rule", + "security-profile": "security-profile", + "task-template": "task-template", + "traffic-distribution-group": "traffic-distribution-group", + "use-case": "use-case", + "user": "user", + "vocabulary": "vocabulary", + "wildcard-phone-number": "wildcard-phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UntagResource.html" + }, + "UpdateAgentStatus": { + "privilege": "UpdateAgentStatus", + "description": "Grants permission to update agent status in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "agent-status": { + "resource_type": "agent-status", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent-status": "agent-status", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateAgentStatus.html" + }, + "UpdateContact": { + "privilege": "UpdateContact", + "description": "Grants permission to update a contact in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContact.html" + }, + "UpdateContactAttributes": { + "privilege": "UpdateContactAttributes", + "description": "Grants permission to create or update the contact attributes associated with the specified contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactAttributes.html" + }, + "UpdateContactEvaluation": { + "privilege": "UpdateContactEvaluation", + "description": "Grants permission to update details about a contact evaluation in the specified Amazon Connect instance. A contact evaluation must be in the draft state. Answers included in the request are merged with existing answers for the given evaluation. An answer or note can be deleted by passing an empty object ( { }) to the question identifier", + "access_level": "Write", + "resource_types": { + "contact-evaluation": { + "resource_type": "contact-evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-evaluation": "contact-evaluation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactEvaluation.html" + }, + "UpdateContactFlowContent": { + "privilege": "UpdateContactFlowContent", + "description": "Grants permission to update contact flow content in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowContent.html" + }, + "UpdateContactFlowMetadata": { + "privilege": "UpdateContactFlowMetadata", + "description": "Grants permission to update the metadata of a contact flow in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowMetadata.html" + }, + "UpdateContactFlowModuleContent": { + "privilege": "UpdateContactFlowModuleContent", + "description": "Grants permission to update contact flow module content in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow-module": "contact-flow-module", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowModuleContent.html" + }, + "UpdateContactFlowModuleMetadata": { + "privilege": "UpdateContactFlowModuleMetadata", + "description": "Grants permission to update the metadata of a contact flow module in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow-module": { + "resource_type": "contact-flow-module", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow-module": "contact-flow-module", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowModuleMetadata.html" + }, + "UpdateContactFlowName": { + "privilege": "UpdateContactFlowName", + "description": "Grants permission to update the name and description of a contact flow in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact-flow": { + "resource_type": "contact-flow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-flow": "contact-flow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactFlowName.html" + }, + "UpdateContactSchedule": { + "privilege": "UpdateContactSchedule", + "description": "Grants permission to update the schedule of a contact that is already scheduled in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateContactSchedule.html" + }, + "UpdateEvaluationForm": { + "privilege": "UpdateEvaluationForm", + "description": "Grants permission to update details about a specific evaluation form version in the specified Amazon Connect instance. Question and section identifiers cannot be duplicated within the same evaluation form", + "access_level": "Write", + "resource_types": { + "evaluation-form": { + "resource_type": "evaluation-form", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation-form": "evaluation-form", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateEvaluationForm.html" + }, + "UpdateHoursOfOperation": { + "privilege": "UpdateHoursOfOperation", + "description": "Grants permission to update hours of operation in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hours-of-operation": "hours-of-operation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateHoursOfOperation.html" + }, + "UpdateInstanceAttribute": { + "privilege": "UpdateInstanceAttribute", + "description": "Grants permission to update the attribute for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "logs:CreateLogGroup" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:AttributeType", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "UpdateInstanceStorageConfig": { + "privilege": "UpdateInstanceStorageConfig", + "description": "Grants permission to update the storage configuration for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories", + "firehose:DescribeDeliveryStream", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "kinesis:DescribeStream", + "kms:CreateGrant", + "kms:DescribeKey", + "s3:GetBucketAcl", + "s3:GetBucketLocation" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:StorageResourceType", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions" + }, + "UpdateParticipantRoleConfig": { + "privilege": "UpdateParticipantRoleConfig", + "description": "Grants permission to update participant role configurations associated with a contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateParticipantRoleConfig.html" + }, + "UpdatePhoneNumber": { + "privilege": "UpdatePhoneNumber", + "description": "Grants permission to update phone number resources in an Amazon Connect instance or traffic distribution group", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "phone-number": { + "resource_type": "phone-number", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "phone-number": "phone-number", + "traffic-distribution-group": "traffic-distribution-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdatePhoneNumber.html" + }, + "UpdatePrompt": { + "privilege": "UpdatePrompt", + "description": "Grants permission to update a prompt's name, description, and Amazon S3 URI in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "prompt": { + "resource_type": "prompt", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:Decrypt", + "s3:GetObject", + "s3:GetObjectAcl" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prompt": "prompt", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdatePrompt.html" + }, + "UpdateQueueHoursOfOperation": { + "privilege": "UpdateQueueHoursOfOperation", + "description": "Grants permission to update queue hours of operation in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hours-of-operation": { + "resource_type": "hours-of-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hours-of-operation": "hours-of-operation", + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueHoursOfOperation.html" + }, + "UpdateQueueMaxContacts": { + "privilege": "UpdateQueueMaxContacts", + "description": "Grants permission to update queue capacity in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueMaxContacts.html" + }, + "UpdateQueueName": { + "privilege": "UpdateQueueName", + "description": "Grants permission to update a queue name and description in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueName.html" + }, + "UpdateQueueOutboundCallerConfig": { + "privilege": "UpdateQueueOutboundCallerConfig", + "description": "Grants permission to update queue outbound caller config in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "phone-number": { + "resource_type": "phone-number", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "contact-flow": "contact-flow", + "phone-number": "phone-number", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueOutboundCallerConfig.html" + }, + "UpdateQueueStatus": { + "privilege": "UpdateQueueStatus", + "description": "Grants permission to update queue status in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQueueStatus.html" + }, + "UpdateQuickConnectConfig": { + "privilege": "UpdateQuickConnectConfig", + "description": "Grants permission to update the configuration of a quick connect in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "quick-connect": { + "resource_type": "quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-flow": { + "resource_type": "contact-flow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "queue": { + "resource_type": "queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quick-connect": "quick-connect", + "contact-flow": "contact-flow", + "queue": "queue", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQuickConnectConfig.html" + }, + "UpdateQuickConnectName": { + "privilege": "UpdateQuickConnectName", + "description": "Grants permission to update a quick connect name and description in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "quick-connect": { + "resource_type": "quick-connect", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quick-connect": "quick-connect", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateQuickConnectName.html" + }, + "UpdateRoutingProfileConcurrency": { + "privilege": "UpdateRoutingProfileConcurrency", + "description": "Grants permission to update the concurrency in a routing profile in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileConcurrency.html" + }, + "UpdateRoutingProfileDefaultOutboundQueue": { + "privilege": "UpdateRoutingProfileDefaultOutboundQueue", + "description": "Grants permission to update the outbound queue in a routing profile in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileDefaultOutboundQueue.html" + }, + "UpdateRoutingProfileName": { + "privilege": "UpdateRoutingProfileName", + "description": "Grants permission to update a routing profile name and description in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileName.html" + }, + "UpdateRoutingProfileQueues": { + "privilege": "UpdateRoutingProfileQueues", + "description": "Grants permission to update the queues in routing profile in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRoutingProfileQueues.html" + }, + "UpdateRule": { + "privilege": "UpdateRule", + "description": "Grants permission to update a rule for an existing Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateRule.html" + }, + "UpdateSecurityProfile": { + "privilege": "UpdateSecurityProfile", + "description": "Grants permission to update a security profile group for a user in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "security-profile": { + "resource_type": "security-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-profile": "security-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateSecurityProfile.html" + }, + "UpdateTaskTemplate": { + "privilege": "UpdateTaskTemplate", + "description": "Grants permission to update task template belonging to a Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "task-template": { + "resource_type": "task-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-template": "task-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateTaskTemplate.html" + }, + "UpdateTrafficDistribution": { + "privilege": "UpdateTrafficDistribution", + "description": "Grants permission to update traffic distribution for a traffic distribution group", + "access_level": "Write", + "resource_types": { + "traffic-distribution-group": { + "resource_type": "traffic-distribution-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-distribution-group": "traffic-distribution-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateTrafficDistribution.html" + }, + "UpdateUserHierarchy": { + "privilege": "UpdateUserHierarchy", + "description": "Grants permission to update a hierarchy group for a user in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "hierarchy-group": "hierarchy-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserHierarchy.html" + }, + "UpdateUserHierarchyGroupName": { + "privilege": "UpdateUserHierarchyGroupName", + "description": "Grants permission to update a user hierarchy group name in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "hierarchy-group": { + "resource_type": "hierarchy-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hierarchy-group": "hierarchy-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserHierarchyGroupName.html" + }, + "UpdateUserHierarchyStructure": { + "privilege": "UpdateUserHierarchyStructure", + "description": "Grants permission to update user hierarchy structure in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserHierarchyStructure.html" + }, + "UpdateUserIdentityInfo": { + "privilege": "UpdateUserIdentityInfo", + "description": "Grants permission to update identity information for a user in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserIdentityInfo.html" + }, + "UpdateUserPhoneConfig": { + "privilege": "UpdateUserPhoneConfig", + "description": "Grants permission to update phone configuration settings for a user in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserPhoneConfig.html" + }, + "UpdateUserRoutingProfile": { + "privilege": "UpdateUserRoutingProfile", + "description": "Grants permission to update a routing profile for a user in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "routing-profile": { + "resource_type": "routing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routing-profile": "routing-profile", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserRoutingProfile.html" + }, + "UpdateUserSecurityProfiles": { + "privilege": "UpdateUserSecurityProfiles", + "description": "Grants permission to update security profiles for a user in an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "security-profile": { + "resource_type": "security-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "connect:InstanceId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-profile": "security-profile", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserSecurityProfiles.html" + } + }, + "privileges_lower_name": { + "activateevaluationform": "ActivateEvaluationForm", + "associateapprovedorigin": "AssociateApprovedOrigin", + "associatebot": "AssociateBot", + "associatecustomerprofilesdomain": "AssociateCustomerProfilesDomain", + "associatedefaultvocabulary": "AssociateDefaultVocabulary", + "associateinstancestorageconfig": "AssociateInstanceStorageConfig", + "associatelambdafunction": "AssociateLambdaFunction", + "associatelexbot": "AssociateLexBot", + "associatephonenumbercontactflow": "AssociatePhoneNumberContactFlow", + "associatequeuequickconnects": "AssociateQueueQuickConnects", + "associateroutingprofilequeues": "AssociateRoutingProfileQueues", + "associatesecuritykey": "AssociateSecurityKey", + "batchassociateanalyticsdataset": "BatchAssociateAnalyticsDataSet", + "batchdisassociateanalyticsdataset": "BatchDisassociateAnalyticsDataSet", + "claimphonenumber": "ClaimPhoneNumber", + "createagentstatus": "CreateAgentStatus", + "createcontactflow": "CreateContactFlow", + "createcontactflowmodule": "CreateContactFlowModule", + "createevaluationform": "CreateEvaluationForm", + "createhoursofoperation": "CreateHoursOfOperation", + "createinstance": "CreateInstance", + "createintegrationassociation": "CreateIntegrationAssociation", + "createparticipant": "CreateParticipant", + "createprompt": "CreatePrompt", + "createqueue": "CreateQueue", + "createquickconnect": "CreateQuickConnect", + "createroutingprofile": "CreateRoutingProfile", + "createrule": "CreateRule", + "createsecurityprofile": "CreateSecurityProfile", + "createtasktemplate": "CreateTaskTemplate", + "createtrafficdistributiongroup": "CreateTrafficDistributionGroup", + "createusecase": "CreateUseCase", + "createuser": "CreateUser", + "createuserhierarchygroup": "CreateUserHierarchyGroup", + "createvocabulary": "CreateVocabulary", + "deactivateevaluationform": "DeactivateEvaluationForm", + "deletecontactevaluation": "DeleteContactEvaluation", + "deletecontactflow": "DeleteContactFlow", + "deletecontactflowmodule": "DeleteContactFlowModule", + "deleteevaluationform": "DeleteEvaluationForm", + "deletehoursofoperation": "DeleteHoursOfOperation", + "deleteinstance": "DeleteInstance", + "deleteintegrationassociation": "DeleteIntegrationAssociation", + "deleteprompt": "DeletePrompt", + "deletequeue": "DeleteQueue", + "deletequickconnect": "DeleteQuickConnect", + "deleteroutingprofile": "DeleteRoutingProfile", + "deleterule": "DeleteRule", + "deletesecurityprofile": "DeleteSecurityProfile", + "deletetasktemplate": "DeleteTaskTemplate", + "deletetrafficdistributiongroup": "DeleteTrafficDistributionGroup", + "deleteusecase": "DeleteUseCase", + "deleteuser": "DeleteUser", + "deleteuserhierarchygroup": "DeleteUserHierarchyGroup", + "deletevocabulary": "DeleteVocabulary", + "describeagentstatus": "DescribeAgentStatus", + "describecontact": "DescribeContact", + "describecontactevaluation": "DescribeContactEvaluation", + "describecontactflow": "DescribeContactFlow", + "describecontactflowmodule": "DescribeContactFlowModule", + "describeevaluationform": "DescribeEvaluationForm", + "describeforecastingplanningschedulingintegration": "DescribeForecastingPlanningSchedulingIntegration", + "describehoursofoperation": "DescribeHoursOfOperation", + "describeinstance": "DescribeInstance", + "describeinstanceattribute": "DescribeInstanceAttribute", + "describeinstancestorageconfig": "DescribeInstanceStorageConfig", + "describephonenumber": "DescribePhoneNumber", + "describeprompt": "DescribePrompt", + "describequeue": "DescribeQueue", + "describequickconnect": "DescribeQuickConnect", + "describeroutingprofile": "DescribeRoutingProfile", + "describerule": "DescribeRule", + "describesecurityprofile": "DescribeSecurityProfile", + "describetrafficdistributiongroup": "DescribeTrafficDistributionGroup", + "describeuser": "DescribeUser", + "describeuserhierarchygroup": "DescribeUserHierarchyGroup", + "describeuserhierarchystructure": "DescribeUserHierarchyStructure", + "describevocabulary": "DescribeVocabulary", + "disassociateapprovedorigin": "DisassociateApprovedOrigin", + "disassociatebot": "DisassociateBot", + "disassociatecustomerprofilesdomain": "DisassociateCustomerProfilesDomain", + "disassociateinstancestorageconfig": "DisassociateInstanceStorageConfig", + "disassociatelambdafunction": "DisassociateLambdaFunction", + "disassociatelexbot": "DisassociateLexBot", + "disassociatephonenumbercontactflow": "DisassociatePhoneNumberContactFlow", + "disassociatequeuequickconnects": "DisassociateQueueQuickConnects", + "disassociateroutingprofilequeues": "DisassociateRoutingProfileQueues", + "disassociatesecuritykey": "DisassociateSecurityKey", + "dismissusercontact": "DismissUserContact", + "getcontactattributes": "GetContactAttributes", + "getcurrentmetricdata": "GetCurrentMetricData", + "getcurrentuserdata": "GetCurrentUserData", + "getfederationtoken": "GetFederationToken", + "getfederationtokens": "GetFederationTokens", + "getmetricdata": "GetMetricData", + "getmetricdatav2": "GetMetricDataV2", + "getpromptfile": "GetPromptFile", + "gettasktemplate": "GetTaskTemplate", + "gettrafficdistribution": "GetTrafficDistribution", + "listagentstatuses": "ListAgentStatuses", + "listapprovedorigins": "ListApprovedOrigins", + "listbots": "ListBots", + "listcontactevaluations": "ListContactEvaluations", + "listcontactflowmodules": "ListContactFlowModules", + "listcontactflows": "ListContactFlows", + "listcontactreferences": "ListContactReferences", + "listdefaultvocabularies": "ListDefaultVocabularies", + "listevaluationformversions": "ListEvaluationFormVersions", + "listevaluationforms": "ListEvaluationForms", + "listhoursofoperations": "ListHoursOfOperations", + "listinstanceattributes": "ListInstanceAttributes", + "listinstancestorageconfigs": "ListInstanceStorageConfigs", + "listinstances": "ListInstances", + "listintegrationassociations": "ListIntegrationAssociations", + "listlambdafunctions": "ListLambdaFunctions", + "listlexbots": "ListLexBots", + "listphonenumbers": "ListPhoneNumbers", + "listphonenumbersv2": "ListPhoneNumbersV2", + "listprompts": "ListPrompts", + "listqueuequickconnects": "ListQueueQuickConnects", + "listqueues": "ListQueues", + "listquickconnects": "ListQuickConnects", + "listrealtimecontactanalysissegments": "ListRealtimeContactAnalysisSegments", + "listroutingprofilequeues": "ListRoutingProfileQueues", + "listroutingprofiles": "ListRoutingProfiles", + "listrules": "ListRules", + "listsecuritykeys": "ListSecurityKeys", + "listsecurityprofilepermissions": "ListSecurityProfilePermissions", + "listsecurityprofiles": "ListSecurityProfiles", + "listtagsforresource": "ListTagsForResource", + "listtasktemplates": "ListTaskTemplates", + "listtrafficdistributiongroups": "ListTrafficDistributionGroups", + "listusecases": "ListUseCases", + "listuserhierarchygroups": "ListUserHierarchyGroups", + "listusers": "ListUsers", + "monitorcontact": "MonitorContact", + "putuserstatus": "PutUserStatus", + "releasephonenumber": "ReleasePhoneNumber", + "replicateinstance": "ReplicateInstance", + "resumecontactrecording": "ResumeContactRecording", + "searchavailablephonenumbers": "SearchAvailablePhoneNumbers", + "searchhoursofoperations": "SearchHoursOfOperations", + "searchprompts": "SearchPrompts", + "searchqueues": "SearchQueues", + "searchquickconnects": "SearchQuickConnects", + "searchresourcetags": "SearchResourceTags", + "searchroutingprofiles": "SearchRoutingProfiles", + "searchsecurityprofiles": "SearchSecurityProfiles", + "searchusers": "SearchUsers", + "searchvocabularies": "SearchVocabularies", + "startchatcontact": "StartChatContact", + "startcontactevaluation": "StartContactEvaluation", + "startcontactrecording": "StartContactRecording", + "startcontactstreaming": "StartContactStreaming", + "startforecastingplanningschedulingintegration": "StartForecastingPlanningSchedulingIntegration", + "startoutboundvoicecontact": "StartOutboundVoiceContact", + "starttaskcontact": "StartTaskContact", + "stopcontact": "StopContact", + "stopcontactrecording": "StopContactRecording", + "stopcontactstreaming": "StopContactStreaming", + "stopforecastingplanningschedulingintegration": "StopForecastingPlanningSchedulingIntegration", + "submitcontactevaluation": "SubmitContactEvaluation", + "suspendcontactrecording": "SuspendContactRecording", + "tagresource": "TagResource", + "transfercontact": "TransferContact", + "untagresource": "UntagResource", + "updateagentstatus": "UpdateAgentStatus", + "updatecontact": "UpdateContact", + "updatecontactattributes": "UpdateContactAttributes", + "updatecontactevaluation": "UpdateContactEvaluation", + "updatecontactflowcontent": "UpdateContactFlowContent", + "updatecontactflowmetadata": "UpdateContactFlowMetadata", + "updatecontactflowmodulecontent": "UpdateContactFlowModuleContent", + "updatecontactflowmodulemetadata": "UpdateContactFlowModuleMetadata", + "updatecontactflowname": "UpdateContactFlowName", + "updatecontactschedule": "UpdateContactSchedule", + "updateevaluationform": "UpdateEvaluationForm", + "updatehoursofoperation": "UpdateHoursOfOperation", + "updateinstanceattribute": "UpdateInstanceAttribute", + "updateinstancestorageconfig": "UpdateInstanceStorageConfig", + "updateparticipantroleconfig": "UpdateParticipantRoleConfig", + "updatephonenumber": "UpdatePhoneNumber", + "updateprompt": "UpdatePrompt", + "updatequeuehoursofoperation": "UpdateQueueHoursOfOperation", + "updatequeuemaxcontacts": "UpdateQueueMaxContacts", + "updatequeuename": "UpdateQueueName", + "updatequeueoutboundcallerconfig": "UpdateQueueOutboundCallerConfig", + "updatequeuestatus": "UpdateQueueStatus", + "updatequickconnectconfig": "UpdateQuickConnectConfig", + "updatequickconnectname": "UpdateQuickConnectName", + "updateroutingprofileconcurrency": "UpdateRoutingProfileConcurrency", + "updateroutingprofiledefaultoutboundqueue": "UpdateRoutingProfileDefaultOutboundQueue", + "updateroutingprofilename": "UpdateRoutingProfileName", + "updateroutingprofilequeues": "UpdateRoutingProfileQueues", + "updaterule": "UpdateRule", + "updatesecurityprofile": "UpdateSecurityProfile", + "updatetasktemplate": "UpdateTaskTemplate", + "updatetrafficdistribution": "UpdateTrafficDistribution", + "updateuserhierarchy": "UpdateUserHierarchy", + "updateuserhierarchygroupname": "UpdateUserHierarchyGroupName", + "updateuserhierarchystructure": "UpdateUserHierarchyStructure", + "updateuseridentityinfo": "UpdateUserIdentityInfo", + "updateuserphoneconfig": "UpdateUserPhoneConfig", + "updateuserroutingprofile": "UpdateUserRoutingProfile", + "updateusersecurityprofiles": "UpdateUserSecurityProfiles" + }, + "resources": { + "instance": { + "resource": "instance", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "contact": { + "resource": "contact", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact/${ContactId}", + "condition_keys": [] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent/${UserId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "routing-profile": { + "resource": "routing-profile", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/routing-profile/${RoutingProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "security-profile": { + "resource": "security-profile", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/security-profile/${SecurityProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "hierarchy-group": { + "resource": "hierarchy-group", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent-group/${HierarchyGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "queue": { + "resource": "queue", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/queue/${QueueId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "wildcard-queue": { + "resource": "wildcard-queue", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/queue/*", + "condition_keys": [] + }, + "quick-connect": { + "resource": "quick-connect", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/transfer-destination/${QuickConnectId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "wildcard-quick-connect": { + "resource": "wildcard-quick-connect", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/transfer-destination/*", + "condition_keys": [] + }, + "contact-flow": { + "resource": "contact-flow", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact-flow/${ContactFlowId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "task-template": { + "resource": "task-template", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/task-template/${TaskTemplateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "contact-flow-module": { + "resource": "contact-flow-module", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/flow-module/${ContactFlowModuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "wildcard-contact-flow": { + "resource": "wildcard-contact-flow", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact-flow/*", + "condition_keys": [] + }, + "hours-of-operation": { + "resource": "hours-of-operation", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/operating-hours/${HoursOfOperationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "agent-status": { + "resource": "agent-status", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent-state/${AgentStatusId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "wildcard-agent-status": { + "resource": "wildcard-agent-status", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/agent-state/*", + "condition_keys": [] + }, + "legacy-phone-number": { + "resource": "legacy-phone-number", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/phone-number/${PhoneNumberId}", + "condition_keys": [] + }, + "wildcard-legacy-phone-number": { + "resource": "wildcard-legacy-phone-number", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/phone-number/*", + "condition_keys": [] + }, + "phone-number": { + "resource": "phone-number", + "arn": "arn:${Partition}:connect:${Region}:${Account}:phone-number/${PhoneNumberId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "wildcard-phone-number": { + "resource": "wildcard-phone-number", + "arn": "arn:${Partition}:connect:${Region}:${Account}:phone-number/*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "integration-association": { + "resource": "integration-association", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/integration-association/${IntegrationAssociationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "use-case": { + "resource": "use-case", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/use-case/${UseCaseId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vocabulary": { + "resource": "vocabulary", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/vocabulary/${VocabularyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "traffic-distribution-group": { + "resource": "traffic-distribution-group", + "arn": "arn:${Partition}:connect:${Region}:${Account}:traffic-distribution-group/${TrafficDistributionGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "rule": { + "resource": "rule", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/rule/${RuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "evaluation-form": { + "resource": "evaluation-form", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/evaluation-form/${FormId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "contact-evaluation": { + "resource": "contact-evaluation", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/contact-evaluation/${EvaluationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "prompt": { + "resource": "prompt", + "arn": "arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}/prompt/${PromptId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "instance": "instance", + "contact": "contact", + "user": "user", + "routing-profile": "routing-profile", + "security-profile": "security-profile", + "hierarchy-group": "hierarchy-group", + "queue": "queue", + "wildcard-queue": "wildcard-queue", + "quick-connect": "quick-connect", + "wildcard-quick-connect": "wildcard-quick-connect", + "contact-flow": "contact-flow", + "task-template": "task-template", + "contact-flow-module": "contact-flow-module", + "wildcard-contact-flow": "wildcard-contact-flow", + "hours-of-operation": "hours-of-operation", + "agent-status": "agent-status", + "wildcard-agent-status": "wildcard-agent-status", + "legacy-phone-number": "legacy-phone-number", + "wildcard-legacy-phone-number": "wildcard-legacy-phone-number", + "phone-number": "phone-number", + "wildcard-phone-number": "wildcard-phone-number", + "integration-association": "integration-association", + "use-case": "use-case", + "vocabulary": "vocabulary", + "traffic-distribution-group": "traffic-distribution-group", + "rule": "rule", + "evaluation-form": "evaluation-form", + "contact-evaluation": "contact-evaluation", + "prompt": "prompt" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by using tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by using tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by using tag keys in the request", + "type": "ArrayOfString" + }, + "connect:AttributeType": { + "condition": "connect:AttributeType", + "description": "Filters access by the attribute type of the Amazon Connect instance", + "type": "String" + }, + "connect:InstanceId": { + "condition": "connect:InstanceId", + "description": "Filters access by restricting federation into specified Amazon Connect instances", + "type": "String" + }, + "connect:MonitorCapabilities": { + "condition": "connect:MonitorCapabilities", + "description": "Filters access by restricting the monitor capabilities of the user in the request", + "type": "ArrayOfString" + }, + "connect:SearchTag/${TagKey}": { + "condition": "connect:SearchTag/${TagKey}", + "description": "Filters access by TagFilter condition passed in the search request", + "type": "String" + }, + "connect:StorageResourceType": { + "condition": "connect:StorageResourceType", + "description": "Filters access by restricting the storage resource type of the Amazon Connect instance storage configuration", + "type": "String" + } + } + }, + "cases": { + "service_name": "Amazon Connect Cases", + "prefix": "cases", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectcases.html", + "privileges": { + "BatchGetField": { + "privilege": "BatchGetField", + "description": "Grants permission to retrieve information about the fields in the case domain", + "access_level": "Read", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "field": "Field" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_BatchGetField.html" + }, + "BatchPutFieldOptions": { + "privilege": "BatchPutFieldOptions", + "description": "Grants permission to update the field options in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "field": "Field" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_BatchPutFieldOptions.html" + }, + "CreateCase": { + "privilege": "CreateCase", + "description": "Grants permission to create a case in the case domain", + "access_level": "Write", + "resource_types": { + "Case": { + "resource_type": "Case", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Template": { + "resource_type": "Template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "case": "Case", + "domain": "Domain", + "field": "Field", + "template": "Template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateCase.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Grants permission to create a new case domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateDomain.html" + }, + "CreateField": { + "privilege": "CreateField", + "description": "Grants permission to create a field in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "field": "Field" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateField.html" + }, + "CreateLayout": { + "privilege": "CreateLayout", + "description": "Grants permission to create a layout in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Layout": { + "resource_type": "Layout", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "layout": "Layout" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateLayout.html" + }, + "CreateRelatedItem": { + "privilege": "CreateRelatedItem", + "description": "Grants permission to create a related item associated to a case in the case domain", + "access_level": "Write", + "resource_types": { + "Case": { + "resource_type": "Case", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "RelatedItem": { + "resource_type": "RelatedItem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "case": "Case", + "domain": "Domain", + "relateditem": "RelatedItem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateRelatedItem.html" + }, + "CreateTemplate": { + "privilege": "CreateTemplate", + "description": "Grants permission to create a template in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Layout": { + "resource_type": "Layout", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Template": { + "resource_type": "Template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "layout": "Layout", + "template": "Template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_CreateTemplate.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete the domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_DeleteDomain.html" + }, + "GetCase": { + "privilege": "GetCase", + "description": "Grants permission to retrieve information about a case in the case domain", + "access_level": "Read", + "resource_types": { + "Case": { + "resource_type": "Case", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "case": "Case", + "domain": "Domain", + "field": "Field" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetCase.html" + }, + "GetCaseEventConfiguration": { + "privilege": "GetCaseEventConfiguration", + "description": "Grants permission to retrieve information about the case event configuraton in the case domain", + "access_level": "Read", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetCaseEventConfiguration.html" + }, + "GetDomain": { + "privilege": "GetDomain", + "description": "Grants permission to retrieve information about the case domain", + "access_level": "Read", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetDomain.html" + }, + "GetLayout": { + "privilege": "GetLayout", + "description": "Grants permission to retrieve information about the layout in the case domain", + "access_level": "Read", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Layout": { + "resource_type": "Layout", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "layout": "Layout" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetLayout.html" + }, + "GetTemplate": { + "privilege": "GetTemplate", + "description": "Grants permission to retrieve information about the template in the case domain", + "access_level": "Read", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Template": { + "resource_type": "Template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "template": "Template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_GetTemplate.html" + }, + "ListCasesForContact": { + "privilege": "ListCasesForContact", + "description": "Grants permission to list cases for a specific contact in the case domain", + "access_level": "List", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListCasesForContact.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list all domains in the aws account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListDomains.html" + }, + "ListFieldOptions": { + "privilege": "ListFieldOptions", + "description": "Grants permission to list field options for a single select field in the case domain", + "access_level": "List", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "field": "Field" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListFieldOptions.html" + }, + "ListFields": { + "privilege": "ListFields", + "description": "Grants permission to list fields in the case domain", + "access_level": "List", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListFields.html" + }, + "ListLayouts": { + "privilege": "ListLayouts", + "description": "Grants permission to list layouts in the case domain", + "access_level": "List", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListLayouts.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for the specified resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTemplates": { + "privilege": "ListTemplates", + "description": "Grants permission to list templates in the case domain", + "access_level": "List", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_ListTemplates.html" + }, + "PutCaseEventConfiguration": { + "privilege": "PutCaseEventConfiguration", + "description": "Grants permission to insert or update the case event configuration in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_PutCaseEventConfiguration.html" + }, + "SearchCases": { + "privilege": "SearchCases", + "description": "Grants permission to search for cases in the case domain", + "access_level": "Read", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_SearchCases.html" + }, + "SearchRelatedItems": { + "privilege": "SearchRelatedItems", + "description": "Grants permission to search for related items associated to the case in the case domain", + "access_level": "Read", + "resource_types": { + "Case": { + "resource_type": "Case", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "case": "Case", + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_SearchRelatedItems.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add the specified tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "Case": { + "resource_type": "Case", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Layout": { + "resource_type": "Layout", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RelatedItem": { + "resource_type": "RelatedItem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Template": { + "resource_type": "Template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "case": "Case", + "domain": "Domain", + "field": "Field", + "layout": "Layout", + "relateditem": "RelatedItem", + "template": "Template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the specified tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "Case": { + "resource_type": "Case", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Layout": { + "resource_type": "Layout", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RelatedItem": { + "resource_type": "RelatedItem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Template": { + "resource_type": "Template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "case": "Case", + "domain": "Domain", + "field": "Field", + "layout": "Layout", + "relateditem": "RelatedItem", + "template": "Template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UntagResource.html" + }, + "UpdateCase": { + "privilege": "UpdateCase", + "description": "Grants permission to update the field values on the case in the case domain", + "access_level": "Write", + "resource_types": { + "Case": { + "resource_type": "Case", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "case": "Case", + "domain": "Domain", + "field": "Field" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateCase.html" + }, + "UpdateField": { + "privilege": "UpdateField", + "description": "Grants permission to update the field in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Field": { + "resource_type": "Field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "field": "Field" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateField.html" + }, + "UpdateLayout": { + "privilege": "UpdateLayout", + "description": "Grants permission to update the layout in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Layout": { + "resource_type": "Layout", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "layout": "Layout" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateLayout.html" + }, + "UpdateTemplate": { + "privilege": "UpdateTemplate", + "description": "Grants permission to update the template in the case domain", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Template": { + "resource_type": "Template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain", + "template": "Template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cases/latest/APIReference/API_UpdateTemplate.html" + } + }, + "privileges_lower_name": { + "batchgetfield": "BatchGetField", + "batchputfieldoptions": "BatchPutFieldOptions", + "createcase": "CreateCase", + "createdomain": "CreateDomain", + "createfield": "CreateField", + "createlayout": "CreateLayout", + "createrelateditem": "CreateRelatedItem", + "createtemplate": "CreateTemplate", + "deletedomain": "DeleteDomain", + "getcase": "GetCase", + "getcaseeventconfiguration": "GetCaseEventConfiguration", + "getdomain": "GetDomain", + "getlayout": "GetLayout", + "gettemplate": "GetTemplate", + "listcasesforcontact": "ListCasesForContact", + "listdomains": "ListDomains", + "listfieldoptions": "ListFieldOptions", + "listfields": "ListFields", + "listlayouts": "ListLayouts", + "listtagsforresource": "ListTagsForResource", + "listtemplates": "ListTemplates", + "putcaseeventconfiguration": "PutCaseEventConfiguration", + "searchcases": "SearchCases", + "searchrelateditems": "SearchRelatedItems", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecase": "UpdateCase", + "updatefield": "UpdateField", + "updatelayout": "UpdateLayout", + "updatetemplate": "UpdateTemplate" + }, + "resources": { + "Case": { + "resource": "Case", + "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/case/${CaseId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Domain": { + "resource": "Domain", + "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Field": { + "resource": "Field", + "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/field/${FieldId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Layout": { + "resource": "Layout", + "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/layout/${LayoutId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "RelatedItem": { + "resource": "RelatedItem", + "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/case/${CaseId}/related-item/${RelatedItemId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Template": { + "resource": "Template", + "arn": "arn:${Partition}:cases:${Region}:${Account}:domain/${DomainId}/template/${TemplateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "case": "Case", + "domain": "Domain", + "field": "Field", + "layout": "Layout", + "relateditem": "RelatedItem", + "template": "Template" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "profile": { + "service_name": "Amazon Connect Customer Profiles", + "prefix": "profile", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectcustomerprofiles.html", + "privileges": { + "AddProfileKey": { + "privilege": "AddProfileKey", + "description": "Grants permission to add a profile key", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_AddProfileKey.html" + }, + "CreateCalculatedAttributeDefinition": { + "privilege": "CreateCalculatedAttributeDefinition", + "description": "Grants permission to create a calculated attribute definition in the domain", + "access_level": "Write", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateCalculatedAttributeDefinition.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Grants permission to create a Domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateDomain.html" + }, + "CreateEventStream": { + "privilege": "CreateEventStream", + "description": "Grants permission to put an event stream in a domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PutRolePolicy", + "kinesis:DescribeStreamSummary" + ] + }, + "event-streams": { + "resource_type": "event-streams", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "event-streams": "event-streams", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateEventStream.html" + }, + "CreateIntegrationWorkflow": { + "privilege": "CreateIntegrationWorkflow", + "description": "Grants permission to create an integration workflow in a domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateIntegrationWorkflow.html" + }, + "CreateProfile": { + "privilege": "CreateProfile", + "description": "Grants permission to create a profile in the domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateProfile.html" + }, + "DeleteCalculatedAttributeDefinition": { + "privilege": "DeleteCalculatedAttributeDefinition", + "description": "Grants permission to delete a calculated attribute definition in the domain", + "access_level": "Write", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteCalculatedAttributeDefinition.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete a Domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteDomain.html" + }, + "DeleteEventStream": { + "privilege": "DeleteEventStream", + "description": "Grants permission to delete an event stream in a domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:DeleteRolePolicy" + ] + }, + "event-streams": { + "resource_type": "event-streams", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "event-streams": "event-streams" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteEventStream.html" + }, + "DeleteIntegration": { + "privilege": "DeleteIntegration", + "description": "Grants permission to delete a integration in a domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "integrations": { + "resource_type": "integrations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "integrations": "integrations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteIntegration.html" + }, + "DeleteProfile": { + "privilege": "DeleteProfile", + "description": "Grants permission to delete a profile", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfile.html" + }, + "DeleteProfileKey": { + "privilege": "DeleteProfileKey", + "description": "Grants permission to delete a profile key", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfileKey.html" + }, + "DeleteProfileObject": { + "privilege": "DeleteProfileObject", + "description": "Grants permission to delete a profile object", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "object-types": "object-types" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfileObject.html" + }, + "DeleteProfileObjectType": { + "privilege": "DeleteProfileObjectType", + "description": "Grants permission to delete a specific profile object type in the domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "object-types": "object-types" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteProfileObjectType.html" + }, + "DeleteWorkflow": { + "privilege": "DeleteWorkflow", + "description": "Grants permission to delete a workflow in a domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_DeleteWorkflow.html" + }, + "GetAutoMergingPreview": { + "privilege": "GetAutoMergingPreview", + "description": "Grants permission to get a preview of auto merging in a domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetAutoMergingPreview.html" + }, + "GetCalculatedAttributeDefinition": { + "privilege": "GetCalculatedAttributeDefinition", + "description": "Grants permission to get a calculated attribute definition in the domain", + "access_level": "Read", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetCalculatedAttributeDefinition.html" + }, + "GetCalculatedAttributeForProfile": { + "privilege": "GetCalculatedAttributeForProfile", + "description": "Grants permission to retrieve a calculated attribute for a specific profile in the domain", + "access_level": "Read", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetCalculatedAttributeForProfile.html" + }, + "GetDomain": { + "privilege": "GetDomain", + "description": "Grants permission to get a specific domain in an account", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetDomain.html" + }, + "GetEventStream": { + "privilege": "GetEventStream", + "description": "Grants permission to get a specific event stream in a domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kinesis:DescribeStreamSummary" + ] + }, + "event-streams": { + "resource_type": "event-streams", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "event-streams": "event-streams" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetEventStream.html" + }, + "GetIdentityResolutionJob": { + "privilege": "GetIdentityResolutionJob", + "description": "Grants permission to get an identity resolution job in a domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetIdentityResolutionJob.html" + }, + "GetIntegration": { + "privilege": "GetIntegration", + "description": "Grants permission to get a specific integrations in a domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "integrations": { + "resource_type": "integrations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "integrations": "integrations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetIntegration.html" + }, + "GetMatches": { + "privilege": "GetMatches", + "description": "Grants permission to get profile matches in a domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetMatches.html" + }, + "GetProfileObjectType": { + "privilege": "GetProfileObjectType", + "description": "Grants permission to get a specific profile object type in the domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "object-types": "object-types" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetProfileObjectType.html" + }, + "GetProfileObjectTypeTemplate": { + "privilege": "GetProfileObjectTypeTemplate", + "description": "Grants permission to get a specific object type template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetProfileObjectTypeTemplate.html" + }, + "GetSimilarProfiles": { + "privilege": "GetSimilarProfiles", + "description": "Grants permission to get all the similar profiles in the domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetSimilarProfiles.html" + }, + "GetWorkflow": { + "privilege": "GetWorkflow", + "description": "Grants permission to get workflow details in a domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetWorkflow.html" + }, + "GetWorkflowSteps": { + "privilege": "GetWorkflowSteps", + "description": "Grants permission to get workflow step details in a domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_GetWorkflowSteps.html" + }, + "ListAccountIntegrations": { + "privilege": "ListAccountIntegrations", + "description": "Grants permission to list all the integrations in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListAccountIntegrations.html" + }, + "ListCalculatedAttributeDefinitions": { + "privilege": "ListCalculatedAttributeDefinitions", + "description": "Grants permission to list all the calculated attribute definitions in the domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListCalculatedAttributeDefinitions.html" + }, + "ListCalculatedAttributesForProfile": { + "privilege": "ListCalculatedAttributesForProfile", + "description": "Grants permission to list all calculated attributes for a specific profile in the domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListCalculatedAttributesForProfile.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list all the domains in an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListDomains.html" + }, + "ListEventStreams": { + "privilege": "ListEventStreams", + "description": "Grants permission to list all the event streams in a specific domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListEventStreams.html" + }, + "ListIdentityResolutionJobs": { + "privilege": "ListIdentityResolutionJobs", + "description": "Grants permission to list identity resolution jobs in a domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListIdentityResolutionJobs.html" + }, + "ListIntegrations": { + "privilege": "ListIntegrations", + "description": "Grants permission to list all the integrations in a specific domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListIntegrations.html" + }, + "ListProfileObjectTypeTemplates": { + "privilege": "ListProfileObjectTypeTemplates", + "description": "Grants permission to list all the profile object type templates in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListProfileObjectTypeTemplates.html" + }, + "ListProfileObjectTypes": { + "privilege": "ListProfileObjectTypes", + "description": "Grants permission to list all the profile object types in the domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListProfileObjectTypes.html" + }, + "ListProfileObjects": { + "privilege": "ListProfileObjects", + "description": "Grants permission to list all the profile objects for a profile", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "object-types": "object-types" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListProfileObjects.html" + }, + "ListRuleBasedMatches": { + "privilege": "ListRuleBasedMatches", + "description": "Grants permission to list all the rule-based matching result in the domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListRuleBasedMatches.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-streams": { + "resource_type": "event-streams", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "integrations": { + "resource_type": "integrations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains", + "event-streams": "event-streams", + "integrations": "integrations", + "object-types": "object-types" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListTagsForResource.html" + }, + "ListWorkflows": { + "privilege": "ListWorkflows", + "description": "Grants permission to list all the workflows in a specific domain", + "access_level": "List", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_ListWorkflows.html" + }, + "MergeProfiles": { + "privilege": "MergeProfiles", + "description": "Grants permission to merge profiles in a domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_MergeProfiles.html" + }, + "PutIntegration": { + "privilege": "PutIntegration", + "description": "Grants permission to put a integration in a domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "integrations": { + "resource_type": "integrations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "integrations": "integrations", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_PutIntegration.html" + }, + "PutProfileObject": { + "privilege": "PutProfileObject", + "description": "Grants permission to put an object for a profile", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "object-types": "object-types" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_PutProfileObject.html" + }, + "PutProfileObjectType": { + "privilege": "PutProfileObjectType", + "description": "Grants permission to put a specific profile object type in the domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains", + "object-types": "object-types", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_PutProfileObjectType.html" + }, + "SearchProfiles": { + "privilege": "SearchProfiles", + "description": "Grants permission to search for profiles in a domain", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_SearchProfiles.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to adds tags to a resource", + "access_level": "Tagging", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-streams": { + "resource_type": "event-streams", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "integrations": { + "resource_type": "integrations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains", + "event-streams": "event-streams", + "integrations": "integrations", + "object-types": "object-types", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-streams": { + "resource_type": "event-streams", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "integrations": { + "resource_type": "integrations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "object-types": { + "resource_type": "object-types", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains", + "event-streams": "event-streams", + "integrations": "integrations", + "object-types": "object-types", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UntagResource.html" + }, + "UpdateCalculatedAttributeDefinition": { + "privilege": "UpdateCalculatedAttributeDefinition", + "description": "Grants permission to update a calculated attribute definition in the domain", + "access_level": "Write", + "resource_types": { + "calculated-attributes": { + "resource_type": "calculated-attributes", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "calculated-attributes": "calculated-attributes", + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UpdateCalculatedAttributeDefinition.html" + }, + "UpdateDomain": { + "privilege": "UpdateDomain", + "description": "Grants permission to update a Domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UpdateDomain.html" + }, + "UpdateProfile": { + "privilege": "UpdateProfile", + "description": "Grants permission to update a profile in the domain", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_UpdateProfile.html" + } + }, + "privileges_lower_name": { + "addprofilekey": "AddProfileKey", + "createcalculatedattributedefinition": "CreateCalculatedAttributeDefinition", + "createdomain": "CreateDomain", + "createeventstream": "CreateEventStream", + "createintegrationworkflow": "CreateIntegrationWorkflow", + "createprofile": "CreateProfile", + "deletecalculatedattributedefinition": "DeleteCalculatedAttributeDefinition", + "deletedomain": "DeleteDomain", + "deleteeventstream": "DeleteEventStream", + "deleteintegration": "DeleteIntegration", + "deleteprofile": "DeleteProfile", + "deleteprofilekey": "DeleteProfileKey", + "deleteprofileobject": "DeleteProfileObject", + "deleteprofileobjecttype": "DeleteProfileObjectType", + "deleteworkflow": "DeleteWorkflow", + "getautomergingpreview": "GetAutoMergingPreview", + "getcalculatedattributedefinition": "GetCalculatedAttributeDefinition", + "getcalculatedattributeforprofile": "GetCalculatedAttributeForProfile", + "getdomain": "GetDomain", + "geteventstream": "GetEventStream", + "getidentityresolutionjob": "GetIdentityResolutionJob", + "getintegration": "GetIntegration", + "getmatches": "GetMatches", + "getprofileobjecttype": "GetProfileObjectType", + "getprofileobjecttypetemplate": "GetProfileObjectTypeTemplate", + "getsimilarprofiles": "GetSimilarProfiles", + "getworkflow": "GetWorkflow", + "getworkflowsteps": "GetWorkflowSteps", + "listaccountintegrations": "ListAccountIntegrations", + "listcalculatedattributedefinitions": "ListCalculatedAttributeDefinitions", + "listcalculatedattributesforprofile": "ListCalculatedAttributesForProfile", + "listdomains": "ListDomains", + "listeventstreams": "ListEventStreams", + "listidentityresolutionjobs": "ListIdentityResolutionJobs", + "listintegrations": "ListIntegrations", + "listprofileobjecttypetemplates": "ListProfileObjectTypeTemplates", + "listprofileobjecttypes": "ListProfileObjectTypes", + "listprofileobjects": "ListProfileObjects", + "listrulebasedmatches": "ListRuleBasedMatches", + "listtagsforresource": "ListTagsForResource", + "listworkflows": "ListWorkflows", + "mergeprofiles": "MergeProfiles", + "putintegration": "PutIntegration", + "putprofileobject": "PutProfileObject", + "putprofileobjecttype": "PutProfileObjectType", + "searchprofiles": "SearchProfiles", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecalculatedattributedefinition": "UpdateCalculatedAttributeDefinition", + "updatedomain": "UpdateDomain", + "updateprofile": "UpdateProfile" + }, + "resources": { + "domains": { + "resource": "domains", + "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "object-types": { + "resource": "object-types", + "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/object-types/${ObjectTypeName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "integrations": { + "resource": "integrations", + "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/integrations/${Uri}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "event-streams": { + "resource": "event-streams", + "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/event-streams/${EventStreamName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "calculated-attributes": { + "resource": "calculated-attributes", + "arn": "arn:${Partition}:profile:${Region}:${Account}:domains/${DomainName}/calculated-attributes/${CalculatedAttributeName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "domains": "domains", + "object-types": "object-types", + "integrations": "integrations", + "event-streams": "event-streams", + "calculated-attributes": "calculated-attributes" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a key that is present in the request the user makes to the customer profile service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names present in the request the user makes to the customer profile service", + "type": "ArrayOfString" + } + } + }, + "voiceid": { + "service_name": "Amazon Connect Voice ID", + "prefix": "voiceid", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectvoiceid.html", + "privileges": { + "AssociateFraudster": { + "privilege": "AssociateFraudster", + "description": "Grants permission to associate a fraudster with a watchlist", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_AssociateFraudster.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Grants permission to create a domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_CreateDomain.html" + }, + "CreateWatchlist": { + "privilege": "CreateWatchlist", + "description": "Grants permission to create a watchlist", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_CreateWatchlist.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteDomain.html" + }, + "DeleteFraudster": { + "privilege": "DeleteFraudster", + "description": "Grants permission to delete a fraudster", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteFraudster.html" + }, + "DeleteSpeaker": { + "privilege": "DeleteSpeaker", + "description": "Grants permission to delete a speaker", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteSpeaker.html" + }, + "DeleteWatchlist": { + "privilege": "DeleteWatchlist", + "description": "Grants permission to delete a watchlist", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DeleteWatchlist.html" + }, + "DescribeComplianceConsent": { + "privilege": "DescribeComplianceConsent", + "description": "Grants permission to describe compliance consent", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-voiceid.html#enable-voiceid-step1" + }, + "DescribeDomain": { + "privilege": "DescribeDomain", + "description": "Grants permission to describe a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeDomain.html" + }, + "DescribeFraudster": { + "privilege": "DescribeFraudster", + "description": "Grants permission to describe a fraudster", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeFraudster.html" + }, + "DescribeFraudsterRegistrationJob": { + "privilege": "DescribeFraudsterRegistrationJob", + "description": "Grants permission to describe a fraudster registration job", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeFraudsterRegistrationJob.html" + }, + "DescribeSpeaker": { + "privilege": "DescribeSpeaker", + "description": "Grants permission to describe a speaker", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeSpeaker.html" + }, + "DescribeSpeakerEnrollmentJob": { + "privilege": "DescribeSpeakerEnrollmentJob", + "description": "Grants permission to describe a speaker enrollment job", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeSpeakerEnrollmentJob.html" + }, + "DescribeWatchlist": { + "privilege": "DescribeWatchlist", + "description": "Grants permission to describe a watchlist", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DescribeWatchlist.html" + }, + "DisassociateFraudster": { + "privilege": "DisassociateFraudster", + "description": "Grants permission to disassociate a fraudster from a watchlist", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_DisassociateFraudster.html" + }, + "EvaluateSession": { + "privilege": "EvaluateSession", + "description": "Grants permission to evaluate a session", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_EvaluateSession.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list domains for an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListDomains.html" + }, + "ListFraudsterRegistrationJobs": { + "privilege": "ListFraudsterRegistrationJobs", + "description": "Grants permission to list fraudster registration jobs for a domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListFraudsterRegistrationJobs.html" + }, + "ListFraudsters": { + "privilege": "ListFraudsters", + "description": "Grants permission to list fraudsters for a domain or watchlist", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListFraudsters.html" + }, + "ListSpeakerEnrollmentJobs": { + "privilege": "ListSpeakerEnrollmentJobs", + "description": "Grants permission to list speaker enrollment jobs for a domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListSpeakerEnrollmentJobs.html" + }, + "ListSpeakers": { + "privilege": "ListSpeakers", + "description": "Grants permission to list speakers for a domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListSpeakers.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a Voice ID resource", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListTagsForResource.html" + }, + "ListWatchlists": { + "privilege": "ListWatchlists", + "description": "Grants permission to list watchlists for a domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_ListWatchlists.html" + }, + "OptOutSpeaker": { + "privilege": "OptOutSpeaker", + "description": "Grants permission to opt out a speaker", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_OptOutSpeaker.html" + }, + "RegisterComplianceConsent": { + "privilege": "RegisterComplianceConsent", + "description": "Grants permission to register compliance consent", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-voiceid.html#enable-voiceid-step1" + }, + "StartFraudsterRegistrationJob": { + "privilege": "StartFraudsterRegistrationJob", + "description": "Grants permission to start a fraudster registration job", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_StartFraudsterRegistrationJob.html" + }, + "StartSpeakerEnrollmentJob": { + "privilege": "StartSpeakerEnrollmentJob", + "description": "Grants permission to start a speaker enrollment job", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_StartSpeakerEnrollmentJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a Voice ID resource", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a Voice ID resource", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_UntagResource.html" + }, + "UpdateDomain": { + "privilege": "UpdateDomain", + "description": "Grants permission to update a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_UpdateDomain.html" + }, + "UpdateWatchlist": { + "privilege": "UpdateWatchlist", + "description": "Grants permission to update a watchlist", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/voiceid/latest/APIReference/API_UpdateWatchlist.html" + } + }, + "privileges_lower_name": { + "associatefraudster": "AssociateFraudster", + "createdomain": "CreateDomain", + "createwatchlist": "CreateWatchlist", + "deletedomain": "DeleteDomain", + "deletefraudster": "DeleteFraudster", + "deletespeaker": "DeleteSpeaker", + "deletewatchlist": "DeleteWatchlist", + "describecomplianceconsent": "DescribeComplianceConsent", + "describedomain": "DescribeDomain", + "describefraudster": "DescribeFraudster", + "describefraudsterregistrationjob": "DescribeFraudsterRegistrationJob", + "describespeaker": "DescribeSpeaker", + "describespeakerenrollmentjob": "DescribeSpeakerEnrollmentJob", + "describewatchlist": "DescribeWatchlist", + "disassociatefraudster": "DisassociateFraudster", + "evaluatesession": "EvaluateSession", + "listdomains": "ListDomains", + "listfraudsterregistrationjobs": "ListFraudsterRegistrationJobs", + "listfraudsters": "ListFraudsters", + "listspeakerenrollmentjobs": "ListSpeakerEnrollmentJobs", + "listspeakers": "ListSpeakers", + "listtagsforresource": "ListTagsForResource", + "listwatchlists": "ListWatchlists", + "optoutspeaker": "OptOutSpeaker", + "registercomplianceconsent": "RegisterComplianceConsent", + "startfraudsterregistrationjob": "StartFraudsterRegistrationJob", + "startspeakerenrollmentjob": "StartSpeakerEnrollmentJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedomain": "UpdateDomain", + "updatewatchlist": "UpdateWatchlist" + }, + "resources": { + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:voiceid:${Region}:${Account}:domain/${DomainId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "domain": "domain" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "wisdom": { + "service_name": "Amazon Connect Wisdom", + "prefix": "wisdom", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnectwisdom.html", + "privileges": { + "CreateAssistant": { + "privilege": "CreateAssistant", + "description": "Grants permission to create an assistant", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateAssistant.html" + }, + "CreateAssistantAssociation": { + "privilege": "CreateAssistantAssociation", + "description": "Grants permission to create an association between an assistant and another resource", + "access_level": "Write", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateAssistantAssociation.html" + }, + "CreateContent": { + "privilege": "CreateContent", + "description": "Grants permission to create content", + "access_level": "Write", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateContent.html" + }, + "CreateKnowledgeBase": { + "privilege": "CreateKnowledgeBase", + "description": "Grants permission to create a knowledge base", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateKnowledgeBase.html" + }, + "CreateSession": { + "privilege": "CreateSession", + "description": "Grants permission to create a session", + "access_level": "Write", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_CreateSession.html" + }, + "DeleteAssistant": { + "privilege": "DeleteAssistant", + "description": "Grants permission to delete an assistant", + "access_level": "Write", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteAssistant.html" + }, + "DeleteAssistantAssociation": { + "privilege": "DeleteAssistantAssociation", + "description": "Grants permission to delete an assistant association", + "access_level": "Write", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "AssistantAssociation": { + "resource_type": "AssistantAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant", + "assistantassociation": "AssistantAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteAssistantAssociation.html" + }, + "DeleteContent": { + "privilege": "DeleteContent", + "description": "Grants permission to delete content", + "access_level": "Write", + "resource_types": { + "Content": { + "resource_type": "Content", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "content": "Content", + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteContent.html" + }, + "DeleteKnowledgeBase": { + "privilege": "DeleteKnowledgeBase", + "description": "Grants permission to delete a knowledge base", + "access_level": "Write", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_DeleteKnowledgeBase.html" + }, + "GetAssistant": { + "privilege": "GetAssistant", + "description": "Grants permission to retrieve information about an assistant", + "access_level": "Read", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetAssistant.html" + }, + "GetAssistantAssociation": { + "privilege": "GetAssistantAssociation", + "description": "Grants permission to retrieve information about an assistant association", + "access_level": "Read", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "AssistantAssociation": { + "resource_type": "AssistantAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant", + "assistantassociation": "AssistantAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetAssistantAssociation.html" + }, + "GetContent": { + "privilege": "GetContent", + "description": "Grants permission to retrieve content, including a pre-signed URL to download the content", + "access_level": "Read", + "resource_types": { + "Content": { + "resource_type": "Content", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "content": "Content", + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetContent.html" + }, + "GetContentSummary": { + "privilege": "GetContentSummary", + "description": "Grants permission to retrieve summary information about the content", + "access_level": "Read", + "resource_types": { + "Content": { + "resource_type": "Content", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "content": "Content", + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetContentSummary.html" + }, + "GetKnowledgeBase": { + "privilege": "GetKnowledgeBase", + "description": "Grants permission to retrieve information about the knowledge base", + "access_level": "Read", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetKnowledgeBase.html" + }, + "GetRecommendations": { + "privilege": "GetRecommendations", + "description": "Grants permission to retrieve recommendations for the specified session", + "access_level": "Read", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetRecommendations.html" + }, + "GetSession": { + "privilege": "GetSession", + "description": "Grants permission to retrieve information for a specified session", + "access_level": "Read", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Session": { + "resource_type": "Session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant", + "session": "Session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetSession.html" + }, + "ListAssistantAssociations": { + "privilege": "ListAssistantAssociations", + "description": "Grants permission to list information about assistant associations", + "access_level": "List", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListAssistantAssociations.html" + }, + "ListAssistants": { + "privilege": "ListAssistants", + "description": "Grants permission to list information about assistants", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListAssistants.html" + }, + "ListContents": { + "privilege": "ListContents", + "description": "Grants permission to list the content with a knowledge base", + "access_level": "List", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListContents.html" + }, + "ListKnowledgeBases": { + "privilege": "ListKnowledgeBases", + "description": "Grants permission to list information about knowledge bases", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListKnowledgeBases.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for the specified resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_ListTagsForResource.html" + }, + "NotifyRecommendationsReceived": { + "privilege": "NotifyRecommendationsReceived", + "description": "Grants permission to remove the specified recommendations from the specified assistant's queue of newly available recommendations", + "access_level": "Write", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_NotifyRecommendationsReceived.html" + }, + "QueryAssistant": { + "privilege": "QueryAssistant", + "description": "Grants permission to perform a manual search against the specified assistant", + "access_level": "Read", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_QueryAssistant.html" + }, + "RemoveKnowledgeBaseTemplateUri": { + "privilege": "RemoveKnowledgeBaseTemplateUri", + "description": "Grants permission to remove a URI template from a knowledge base", + "access_level": "Write", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_RemoveKnowledgeBaseTemplateUri.html" + }, + "SearchContent": { + "privilege": "SearchContent", + "description": "Grants permission to search for content referencing a specified knowledge base. Can be used to get a specific content resource by its name", + "access_level": "Read", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_SearchContent.html" + }, + "SearchSessions": { + "privilege": "SearchSessions", + "description": "Grants permission to search for sessions referencing a specified assistant. Can be used to et a specific session resource by its name", + "access_level": "Read", + "resource_types": { + "Assistant": { + "resource_type": "Assistant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assistant": "Assistant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_SearchSessions.html" + }, + "StartContentUpload": { + "privilege": "StartContentUpload", + "description": "Grants permission to get a URL to upload content to a knowledge base", + "access_level": "Write", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_StartContentUpload.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add the specified tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the specified tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_UntagResource.html" + }, + "UpdateContent": { + "privilege": "UpdateContent", + "description": "Grants permission to update information about the content", + "access_level": "Write", + "resource_types": { + "Content": { + "resource_type": "Content", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "content": "Content", + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_UpdateContent.html" + }, + "UpdateKnowledgeBaseTemplateUri": { + "privilege": "UpdateKnowledgeBaseTemplateUri", + "description": "Grants permission to update the template URI of a knowledge base", + "access_level": "Write", + "resource_types": { + "KnowledgeBase": { + "resource_type": "KnowledgeBase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "knowledgebase": "KnowledgeBase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wisdom/latest/APIReference/API_UpdateKnowledgeBaseTemplateUri.html" + } + }, + "privileges_lower_name": { + "createassistant": "CreateAssistant", + "createassistantassociation": "CreateAssistantAssociation", + "createcontent": "CreateContent", + "createknowledgebase": "CreateKnowledgeBase", + "createsession": "CreateSession", + "deleteassistant": "DeleteAssistant", + "deleteassistantassociation": "DeleteAssistantAssociation", + "deletecontent": "DeleteContent", + "deleteknowledgebase": "DeleteKnowledgeBase", + "getassistant": "GetAssistant", + "getassistantassociation": "GetAssistantAssociation", + "getcontent": "GetContent", + "getcontentsummary": "GetContentSummary", + "getknowledgebase": "GetKnowledgeBase", + "getrecommendations": "GetRecommendations", + "getsession": "GetSession", + "listassistantassociations": "ListAssistantAssociations", + "listassistants": "ListAssistants", + "listcontents": "ListContents", + "listknowledgebases": "ListKnowledgeBases", + "listtagsforresource": "ListTagsForResource", + "notifyrecommendationsreceived": "NotifyRecommendationsReceived", + "queryassistant": "QueryAssistant", + "removeknowledgebasetemplateuri": "RemoveKnowledgeBaseTemplateUri", + "searchcontent": "SearchContent", + "searchsessions": "SearchSessions", + "startcontentupload": "StartContentUpload", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecontent": "UpdateContent", + "updateknowledgebasetemplateuri": "UpdateKnowledgeBaseTemplateUri" + }, + "resources": { + "Assistant": { + "resource": "Assistant", + "arn": "arn:${Partition}:wisdom:${Region}:${Account}:assistant/${AssistantId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "AssistantAssociation": { + "resource": "AssistantAssociation", + "arn": "arn:${Partition}:wisdom:${Region}:${Account}:association/${AssistantId}/${AssistantAssociationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Content": { + "resource": "Content", + "arn": "arn:${Partition}:wisdom:${Region}:${Account}:content/${KnowledgeBaseId}/${ContentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "KnowledgeBase": { + "resource": "KnowledgeBase", + "arn": "arn:${Partition}:wisdom:${Region}:${Account}:knowledge-base/${KnowledgeBaseId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Session": { + "resource": "Session", + "arn": "arn:${Partition}:wisdom:${Region}:${Account}:session/${AssistantId}/${SessionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "assistant": "Assistant", + "assistantassociation": "AssistantAssociation", + "content": "Content", + "knowledgebase": "KnowledgeBase", + "session": "Session" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "String" + } + } + }, + "dlm": { + "service_name": "Amazon Data Lifecycle Manager", + "prefix": "dlm", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondatalifecyclemanager.html", + "privileges": { + "CreateLifecyclePolicy": { + "privilege": "CreateLifecyclePolicy", + "description": "Grants permission to create a data lifecycle policy to manage the scheduled creation and retention of Amazon EBS snapshots. You may have up to 100 policies", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_CreateLifecyclePolicy.html" + }, + "DeleteLifecyclePolicy": { + "privilege": "DeleteLifecyclePolicy", + "description": "Grants permission to delete an existing data lifecycle policy. In addition, this action halts the creation and deletion of snapshots that the policy specified. Existing snapshots are not affected", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_DeleteLifecyclePolicy.html" + }, + "GetLifecyclePolicies": { + "privilege": "GetLifecyclePolicies", + "description": "Grants permission to returns a list of summary descriptions of data lifecycle policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_GetLifecyclePolicies.html" + }, + "GetLifecyclePolicy": { + "privilege": "GetLifecyclePolicy", + "description": "Grants permission to return a complete description of a single data lifecycle policy", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_GetLifecyclePolicy.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags associated with a resource", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update tags of a resource", + "access_level": "Tagging", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags associated with a resource", + "access_level": "Tagging", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_UntagResource.html" + }, + "UpdateLifecyclePolicy": { + "privilege": "UpdateLifecyclePolicy", + "description": "Grants permission to update an existing data lifecycle policy", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dlm/latest/APIReference/API_UpdateLifecyclePolicy.html" + } + }, + "privileges_lower_name": { + "createlifecyclepolicy": "CreateLifecyclePolicy", + "deletelifecyclepolicy": "DeleteLifecyclePolicy", + "getlifecyclepolicies": "GetLifecyclePolicies", + "getlifecyclepolicy": "GetLifecyclePolicy", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatelifecyclepolicy": "UpdateLifecyclePolicy" + }, + "resources": { + "policy": { + "resource": "policy", + "arn": "arn:${Partition}:dlm:${Region}:${Account}:policy/${ResourceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "policy": "policy" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "datazone": { + "service_name": "Amazon DataZone", + "prefix": "datazone", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondatazone.html", + "privileges": { + "GetProject": { + "privilege": "GetProject", + "description": "Grants permission to retrieve information about an Amazon DataZone project", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetProjectConfiguration": { + "privilege": "GetProjectConfiguration", + "description": "Grants permission to retrieve configuration information for an Amazon DataZone project", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetProjectCredentials": { + "privilege": "GetProjectCredentials", + "description": "Grants permission to retrieve credentials for an Amazon DataZone project", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to retrieve all Amazon DataZone projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListUserProjects": { + "privilege": "ListUserProjects", + "description": "Grants permission to retrieve all Amazon DataZone projects for a user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + } + }, + "privileges_lower_name": { + "getproject": "GetProject", + "getprojectconfiguration": "GetProjectConfiguration", + "getprojectcredentials": "GetProjectCredentials", + "listprojects": "ListProjects", + "listuserprojects": "ListUserProjects" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "datazonecontrol": { + "service_name": "Amazon DataZone Control", + "prefix": "datazonecontrol", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondatazonecontrol.html", + "privileges": { + "CreateAccountAssociationInvitation": { + "privilege": "CreateAccountAssociationInvitation", + "description": "Grants permission to request association of an account with a given domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "CreateDataSource": { + "privilege": "CreateDataSource", + "description": "Grants permission to create Amazon DataZone data sources used for publishing and subscribing to data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to provision a root-domain which is a top level entity that contains other Amazon DataZone resources", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "DeleteDataSource": { + "privilege": "DeleteDataSource", + "description": "Grants permission to delete a data source", + "access_level": "Write", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete a provisioned root-domain", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "DissociateAccount": { + "privilege": "DissociateAccount", + "description": "Grants permission to disassociate an account with a given domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetAssociatedDomain": { + "privilege": "GetAssociatedDomain", + "description": "Grants permission to retrieve information about any associated domain in the associated account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetDataSourceByEnvironment": { + "privilege": "GetDataSourceByEnvironment", + "description": "Grants permission to retrieve any data source under any domain for a given root-domain", + "access_level": "Read", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetDomain": { + "privilege": "GetDomain", + "description": "Grants permission to retrieve information about any domain in the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetEnvironment": { + "privilege": "GetEnvironment", + "description": "Grants permission to retrieve information about a root-domain", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetMetadataCollector": { + "privilege": "GetMetadataCollector", + "description": "Grants permission to retrieve a publishing job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "GetUserPortalLoginAuthCode": { + "privilege": "GetUserPortalLoginAuthCode", + "description": "Grants permission to retrieve credentials to log into Amazon DataZone data portal from AWS management console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListAccountAssociationInvitations": { + "privilege": "ListAccountAssociationInvitations", + "description": "Grants permission to retrieve all account-association invitations for a given associated account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListAllAssociatedAccountsForEnvironment": { + "privilege": "ListAllAssociatedAccountsForEnvironment", + "description": "Grants permission to list all associated accounts under the given root-domain, including accounts associated to its sub-domains", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListAssociatedEnvironments": { + "privilege": "ListAssociatedEnvironments", + "description": "Grants permission to lists all the associated domains for a given associated account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListDataSources": { + "privilege": "ListDataSources", + "description": "Grants permission to retrieve all data sources under any domain in the associated account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListDataSourcesByEnvironment": { + "privilege": "ListDataSourcesByEnvironment", + "description": "Grants permission to retrieve all data sources under any domain for a given root-domain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list all the sub-domains for a given domain or a root-domain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListEnvironment": { + "privilege": "ListEnvironment", + "description": "Grants permission to retrieve all root-domains", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListMetadataCollectorRuns": { + "privilege": "ListMetadataCollectorRuns", + "description": "Grants permission to list all runs for a given publishing job through Amazon DataZone console for a data source", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListMetadataCollectors": { + "privilege": "ListMetadataCollectors", + "description": "Grants permission to retrieve all publishing jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to retrieve all Amazon DataZone projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve all tags associated with a resource", + "access_level": "Read", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "ReviewAccountAssociationInvitation": { + "privilege": "ReviewAccountAssociationInvitation", + "description": "Grants permission to accept or reject the pending association requests for the given account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update tags to a resource", + "access_level": "Tagging", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags associated with a resource", + "access_level": "Tagging", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "UpdateAccountAssociationDescription": { + "privilege": "UpdateAccountAssociationDescription", + "description": "Grants permission to update the description of the account association of the given associated account and given domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "UpdateDataSource": { + "privilege": "UpdateDataSource", + "description": "Grants permission to update a data source", + "access_level": "Write", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to update information for a root-domain", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datazone/latest/userguide/what-is-datazone.html#accessing-datazone" + } + }, + "privileges_lower_name": { + "createaccountassociationinvitation": "CreateAccountAssociationInvitation", + "createdatasource": "CreateDataSource", + "createenvironment": "CreateEnvironment", + "deletedatasource": "DeleteDataSource", + "deleteenvironment": "DeleteEnvironment", + "dissociateaccount": "DissociateAccount", + "getassociateddomain": "GetAssociatedDomain", + "getdatasourcebyenvironment": "GetDataSourceByEnvironment", + "getdomain": "GetDomain", + "getenvironment": "GetEnvironment", + "getmetadatacollector": "GetMetadataCollector", + "getuserportalloginauthcode": "GetUserPortalLoginAuthCode", + "listaccountassociationinvitations": "ListAccountAssociationInvitations", + "listallassociatedaccountsforenvironment": "ListAllAssociatedAccountsForEnvironment", + "listassociatedenvironments": "ListAssociatedEnvironments", + "listdatasources": "ListDataSources", + "listdatasourcesbyenvironment": "ListDataSourcesByEnvironment", + "listdomains": "ListDomains", + "listenvironment": "ListEnvironment", + "listmetadatacollectorruns": "ListMetadataCollectorRuns", + "listmetadatacollectors": "ListMetadataCollectors", + "listprojects": "ListProjects", + "listtagsforresource": "ListTagsForResource", + "reviewaccountassociationinvitation": "ReviewAccountAssociationInvitation", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccountassociationdescription": "UpdateAccountAssociationDescription", + "updatedatasource": "UpdateDataSource", + "updateenvironment": "UpdateEnvironment" + }, + "resources": { + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:datazonecontrol:${Region}:${Account}:domain/${DomainId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "data-source": { + "resource": "data-source", + "arn": "arn:${Partition}:datazonecontrol:${Region}:${Account}:data-source/${DomainId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "environment": "environment", + "data-source": "data-source" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "detective": { + "service_name": "Amazon Detective", + "prefix": "detective", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondetective.html", + "privileges": { + "AcceptInvitation": { + "privilege": "AcceptInvitation", + "description": "Grants permission to accept an invitation to become a member of a behavior graph", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_AcceptInvitation.html" + }, + "BatchGetGraphMemberDatasources": { + "privilege": "BatchGetGraphMemberDatasources", + "description": "Grants permission to retrieve the datasource package history for the specified member accounts in a behavior graph managed by this account", + "access_level": "Read", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_BatchGetGraphMemberDatasources.html" + }, + "BatchGetMembershipDatasources": { + "privilege": "BatchGetMembershipDatasources", + "description": "Grants permission to retrieve the datasource package history of the caller account for the specified graphs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_BatchGetMembershipDatasources.html" + }, + "CreateGraph": { + "privilege": "CreateGraph", + "description": "Grants permission to create a behavior graph and begin to aggregate security information", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_CreateGraph.html" + }, + "CreateMembers": { + "privilege": "CreateMembers", + "description": "Grants permission to request the membership of one or more accounts in a behavior graph managed by this account", + "access_level": "Write", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_CreateMembers.html" + }, + "DeleteGraph": { + "privilege": "DeleteGraph", + "description": "Grants permission to delete a behavior graph and stop aggregating security information", + "access_level": "Write", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DeleteGraph.html" + }, + "DeleteMembers": { + "privilege": "DeleteMembers", + "description": "Grants permission to remove member accounts from a behavior graph managed by this account", + "access_level": "Write", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DeleteMembers.html" + }, + "DescribeOrganizationConfiguration": { + "privilege": "DescribeOrganizationConfiguration", + "description": "Grants permission to view the current configuration related to the Amazon Detective integration with AWS Organizations", + "access_level": "Read", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization" + ] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DescribeOrganizationConfiguration.html" + }, + "DisableOrganizationAdminAccount": { + "privilege": "DisableOrganizationAdminAccount", + "description": "Grants permission to remove the Amazon Detective delegated administrator account for an organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DisableOrganizationAdminAccount.html" + }, + "DisassociateMembership": { + "privilege": "DisassociateMembership", + "description": "Grants permission to remove the association of this account with a behavior graph", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_DisassociateMembership.html" + }, + "EnableOrganizationAdminAccount": { + "privilege": "EnableOrganizationAdminAccount", + "description": "Grants permission to designate the Amazon Detective delegated administrator account for an organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "organizations:DescribeOrganization", + "organizations:EnableAWSServiceAccess", + "organizations:RegisterDelegatedAdministrator" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_EnableOrganizationAdminAccount.html" + }, + "GetFreeTrialEligibility": { + "privilege": "GetFreeTrialEligibility", + "description": "Grants permission to retrieve a behavior graph's eligibility for a free trial period", + "access_level": "Read", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/free-trial-overview.html" + }, + "GetGraphIngestState": { + "privilege": "GetGraphIngestState", + "description": "Grants permission to retrieve the data ingestion state of a behavior graph", + "access_level": "Read", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/detective-source-data-about.html" + }, + "GetMembers": { + "privilege": "GetMembers", + "description": "Grants permission to retrieve details on specified members of a behavior graph", + "access_level": "Read", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_GetMembers.html" + }, + "GetPricingInformation": { + "privilege": "GetPricingInformation", + "description": "Grants permission to retrieve information about Amazon Detective's pricing", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/usage-projected-cost-calculation.html" + }, + "GetUsageInformation": { + "privilege": "GetUsageInformation", + "description": "Grants permission to list usage information of a behavior graph", + "access_level": "Read", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/adminguide/tracking-usage-logging.html" + }, + "ListDatasourcePackages": { + "privilege": "ListDatasourcePackages", + "description": "Grants permission to list a graph's datasource package ingest states and timestamps for the most recent state changes in a behavior graph managed by this account", + "access_level": "List", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListDatasourcePackages.html" + }, + "ListGraphs": { + "privilege": "ListGraphs", + "description": "Grants permission to list behavior graphs managed by this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListGraphs.html" + }, + "ListHighDegreeEntities": { + "privilege": "ListHighDegreeEntities", + "description": "Grants permission to retrieve high volume entities whose relationships cannot be stored by Detective", + "access_level": "List", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/userguide/high-volume-entities.html" + }, + "ListInvitations": { + "privilege": "ListInvitations", + "description": "Grants permission to retrieve details on the behavior graphs to which this account has been invited to join", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListInvitations.html" + }, + "ListMembers": { + "privilege": "ListMembers", + "description": "Grants permission to retrieve details on all members of a behavior graph", + "access_level": "List", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListMembers.html" + }, + "ListOrganizationAdminAccount": { + "privilege": "ListOrganizationAdminAccount", + "description": "Grants permission to view the current Amazon Detective delegated administrator account for an organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListOrganizationAdminAccounts.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tag values that are assigned to a behavior graph", + "access_level": "List", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_ListTagsForResource.html" + }, + "RejectInvitation": { + "privilege": "RejectInvitation", + "description": "Grants permission to reject an invitation to become a member of a behavior graph", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_RejectInvitation.html" + }, + "SearchGraph": { + "privilege": "SearchGraph", + "description": "Grants permission to search the data stored in a behavior graph", + "access_level": "Read", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/userguide/detective-search.html" + }, + "StartMonitoringMember": { + "privilege": "StartMonitoringMember", + "description": "Grants permission to start data ingest for a member account that has a status of ACCEPTED_BUT_DISABLED", + "access_level": "Write", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_StartMonitoringMember.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign tag values to a behavior graph", + "access_level": "Tagging", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tag values from a behavior graph", + "access_level": "Tagging", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_UntagResource.html" + }, + "UpdateDatasourcePackages": { + "privilege": "UpdateDatasourcePackages", + "description": "Grants permission to enable or disable datasource package(s) in a behavior graph managed by this account", + "access_level": "Write", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_UpdateDatasourcePackages.html" + }, + "UpdateOrganizationConfiguration": { + "privilege": "UpdateOrganizationConfiguration", + "description": "Grants permission to update the current configuration related to the Amazon Detective integration with AWS Organizations", + "access_level": "Write", + "resource_types": { + "Graph": { + "resource_type": "Graph", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization" + ] + } + }, + "resource_types_lower_name": { + "graph": "Graph" + }, + "api_documentation_link": "https://docs.aws.amazon.com/detective/latest/APIReference/API_UpdateOrganizationConfiguration.html" + } + }, + "privileges_lower_name": { + "acceptinvitation": "AcceptInvitation", + "batchgetgraphmemberdatasources": "BatchGetGraphMemberDatasources", + "batchgetmembershipdatasources": "BatchGetMembershipDatasources", + "creategraph": "CreateGraph", + "createmembers": "CreateMembers", + "deletegraph": "DeleteGraph", + "deletemembers": "DeleteMembers", + "describeorganizationconfiguration": "DescribeOrganizationConfiguration", + "disableorganizationadminaccount": "DisableOrganizationAdminAccount", + "disassociatemembership": "DisassociateMembership", + "enableorganizationadminaccount": "EnableOrganizationAdminAccount", + "getfreetrialeligibility": "GetFreeTrialEligibility", + "getgraphingeststate": "GetGraphIngestState", + "getmembers": "GetMembers", + "getpricinginformation": "GetPricingInformation", + "getusageinformation": "GetUsageInformation", + "listdatasourcepackages": "ListDatasourcePackages", + "listgraphs": "ListGraphs", + "listhighdegreeentities": "ListHighDegreeEntities", + "listinvitations": "ListInvitations", + "listmembers": "ListMembers", + "listorganizationadminaccount": "ListOrganizationAdminAccount", + "listtagsforresource": "ListTagsForResource", + "rejectinvitation": "RejectInvitation", + "searchgraph": "SearchGraph", + "startmonitoringmember": "StartMonitoringMember", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedatasourcepackages": "UpdateDatasourcePackages", + "updateorganizationconfiguration": "UpdateOrganizationConfiguration" + }, + "resources": { + "Graph": { + "resource": "Graph", + "arn": "arn:${Partition}:detective:${Region}:${Account}:graph:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "graph": "Graph" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by specifying the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by specifying the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by specifying the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "devops-guru": { + "service_name": "Amazon DevOps Guru", + "prefix": "devops-guru", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondevopsguru.html", + "privileges": { + "AddNotificationChannel": { + "privilege": "AddNotificationChannel", + "description": "Grants permission to add a notification channel to DevOps Guru", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sns:GetTopicAttributes", + "sns:SetTopicAttributes" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_AddNotificationChannel.html" + }, + "DeleteInsight": { + "privilege": "DeleteInsight", + "description": "Grants permission to delete specified insight in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DeleteInsight.html" + }, + "DescribeAccountHealth": { + "privilege": "DescribeAccountHealth", + "description": "Grants permission to view the health of operations in your AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeAccountHealth.html" + }, + "DescribeAccountOverview": { + "privilege": "DescribeAccountOverview", + "description": "Grants permission to view the health of operations within a time range in your AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeAccountOverview.html" + }, + "DescribeAnomaly": { + "privilege": "DescribeAnomaly", + "description": "Grants permission to list the details of a specified anomaly", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeAnomaly.html" + }, + "DescribeEventSourcesConfig": { + "privilege": "DescribeEventSourcesConfig", + "description": "Grants permission to retrieve details about event sources for DevOps Guru", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeEventSourcesConfig.html" + }, + "DescribeFeedback": { + "privilege": "DescribeFeedback", + "description": "Grants permission to view the feedback details of a specified insight", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeFeedback.html" + }, + "DescribeInsight": { + "privilege": "DescribeInsight", + "description": "Grants permission to list the details of a specified insight", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeInsight.html" + }, + "DescribeOrganizationHealth": { + "privilege": "DescribeOrganizationHealth", + "description": "Grants permission to view the health of operations in your organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeOrganizationHealth.html" + }, + "DescribeOrganizationOverview": { + "privilege": "DescribeOrganizationOverview", + "description": "Grants permission to view the health of operations within a time range in your organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeOrganizationOverview.html" + }, + "DescribeOrganizationResourceCollectionHealth": { + "privilege": "DescribeOrganizationResourceCollectionHealth", + "description": "Grants permission to view the health of operations for each AWS CloudFormation stack or AWS Services or accounts specified in DevOps Guru in your organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeOrganizationResourceCollectionHealth.html" + }, + "DescribeResourceCollectionHealth": { + "privilege": "DescribeResourceCollectionHealth", + "description": "Grants permission to view the health of operations for each AWS CloudFormation stack specified in DevOps Guru", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeResourceCollectionHealth.html" + }, + "DescribeServiceIntegration": { + "privilege": "DescribeServiceIntegration", + "description": "Grants permission to view the integration status of services that can be integrated with DevOps Guru", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_DescribeServiceIntegration.html" + }, + "GetCostEstimation": { + "privilege": "GetCostEstimation", + "description": "Grants permission to list service resource cost estimates", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_GetCostEstimation.html" + }, + "GetResourceCollection": { + "privilege": "GetResourceCollection", + "description": "Grants permission to list AWS CloudFormation stacks that DevOps Guru is configured to use", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_GetResourceCollection.html" + }, + "ListAnomaliesForInsight": { + "privilege": "ListAnomaliesForInsight", + "description": "Grants permission to list anomalies of a given insight in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "devops-guru:ServiceNames" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListAnomaliesForInsight.html" + }, + "ListAnomalousLogGroups": { + "privilege": "ListAnomalousLogGroups", + "description": "Grants permission to list log anomalies of a given insight in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListAnomalousLogGroups.html" + }, + "ListEvents": { + "privilege": "ListEvents", + "description": "Grants permission to list resource events that are evaluated by DevOps Guru", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListEvents.html" + }, + "ListInsights": { + "privilege": "ListInsights", + "description": "Grants permission to list insights in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListInsights.html" + }, + "ListMonitoredResources": { + "privilege": "ListMonitoredResources", + "description": "Grants permission to list resource monitored by DevOps Guru in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListMonitoredResources.html" + }, + "ListNotificationChannels": { + "privilege": "ListNotificationChannels", + "description": "Grants permission to list notification channels configured for DevOps Guru in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListNotificationChannels.html" + }, + "ListOrganizationInsights": { + "privilege": "ListOrganizationInsights", + "description": "Grants permission to list insights in your organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListOrganizationInsights.html" + }, + "ListRecommendations": { + "privilege": "ListRecommendations", + "description": "Grants permission to list a specified insight's recommendations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_ListRecommendations.html" + }, + "PutFeedback": { + "privilege": "PutFeedback", + "description": "Grants permission to submit a feedback to DevOps Guru", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_PutFeedback.html" + }, + "RemoveNotificationChannel": { + "privilege": "RemoveNotificationChannel", + "description": "Grants permission to remove a notification channel from DevOps Guru", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sns:GetTopicAttributes", + "sns:SetTopicAttributes" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_RemoveNotificationChannel.html" + }, + "SearchInsights": { + "privilege": "SearchInsights", + "description": "Grants permission to search insights in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "devops-guru:ServiceNames" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_SearchInsights.html" + }, + "SearchOrganizationInsights": { + "privilege": "SearchOrganizationInsights", + "description": "Grants permission to search insights in your organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_SearchOrganizationInsights.html" + }, + "StartCostEstimation": { + "privilege": "StartCostEstimation", + "description": "Grants permission to start the creation of an estimate of the monthly cost", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_StartCostEstimation.html" + }, + "UpdateEventSourcesConfig": { + "privilege": "UpdateEventSourcesConfig", + "description": "Grants permission to update an event source for DevOps Guru", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_UpdateEventSourcesConfig.html" + }, + "UpdateResourceCollection": { + "privilege": "UpdateResourceCollection", + "description": "Grants permission to update the list of AWS CloudFormation stacks that are used to specify which AWS resources in your account are analyzed by DevOps Guru", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_UpdateResourceCollection.html" + }, + "UpdateServiceIntegration": { + "privilege": "UpdateServiceIntegration", + "description": "Grants permission to enable or disable a service that integrates with DevOps Guru", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devops-guru/latest/APIReference/API_UpdateServiceIntegration.html" + } + }, + "privileges_lower_name": { + "addnotificationchannel": "AddNotificationChannel", + "deleteinsight": "DeleteInsight", + "describeaccounthealth": "DescribeAccountHealth", + "describeaccountoverview": "DescribeAccountOverview", + "describeanomaly": "DescribeAnomaly", + "describeeventsourcesconfig": "DescribeEventSourcesConfig", + "describefeedback": "DescribeFeedback", + "describeinsight": "DescribeInsight", + "describeorganizationhealth": "DescribeOrganizationHealth", + "describeorganizationoverview": "DescribeOrganizationOverview", + "describeorganizationresourcecollectionhealth": "DescribeOrganizationResourceCollectionHealth", + "describeresourcecollectionhealth": "DescribeResourceCollectionHealth", + "describeserviceintegration": "DescribeServiceIntegration", + "getcostestimation": "GetCostEstimation", + "getresourcecollection": "GetResourceCollection", + "listanomaliesforinsight": "ListAnomaliesForInsight", + "listanomalousloggroups": "ListAnomalousLogGroups", + "listevents": "ListEvents", + "listinsights": "ListInsights", + "listmonitoredresources": "ListMonitoredResources", + "listnotificationchannels": "ListNotificationChannels", + "listorganizationinsights": "ListOrganizationInsights", + "listrecommendations": "ListRecommendations", + "putfeedback": "PutFeedback", + "removenotificationchannel": "RemoveNotificationChannel", + "searchinsights": "SearchInsights", + "searchorganizationinsights": "SearchOrganizationInsights", + "startcostestimation": "StartCostEstimation", + "updateeventsourcesconfig": "UpdateEventSourcesConfig", + "updateresourcecollection": "UpdateResourceCollection", + "updateserviceintegration": "UpdateServiceIntegration" + }, + "resources": { + "topic": { + "resource": "topic", + "arn": "arn:${Partition}:sns:${Region}:${Account}:${TopicName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "topic": "topic" + }, + "conditions": { + "devops-guru:ServiceNames": { + "condition": "devops-guru:ServiceNames", + "description": "Filters access by API to restrict access to given AWS service names", + "type": "ArrayOfString" + } + } + }, + "docdb-elastic": { + "service_name": "Amazon DocumentDB Elastic Clusters", + "prefix": "docdb-elastic", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondocumentdbelasticclusters.html", + "privileges": { + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create a new Amazon DocDB-Elastic cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:CreateVpcEndpoint", + "ec2:DeleteVpcEndpoints", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "ec2:ModifyVpcEndpoint", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "secretsmanager:DescribeSecret", + "secretsmanager:GetResourcePolicy", + "secretsmanager:GetSecretValue", + "secretsmanager:ListSecretVersionIds", + "secretsmanager:ListSecrets" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_CreateCluster.html" + }, + "CreateClusterSnapshot": { + "privilege": "CreateClusterSnapshot", + "description": "Grants permission to create a new Amazon DocDB-Elastic cluster snapshot", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateVpcEndpoint", + "ec2:DeleteVpcEndpoints", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "ec2:ModifyVpcEndpoint", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "secretsmanager:DescribeSecret", + "secretsmanager:GetResourcePolicy", + "secretsmanager:GetSecretValue", + "secretsmanager:ListSecretVersionIds", + "secretsmanager:ListSecrets" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_CreateClusterSnapshot.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permission to delete a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteVpcEndpoints", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "ec2:ModifyVpcEndpoint" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_DeleteCluster.html" + }, + "DeleteClusterSnapshot": { + "privilege": "DeleteClusterSnapshot", + "description": "Grants permission to delete a cluster snapshot", + "access_level": "Write", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteVpcEndpoints", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "ec2:ModifyVpcEndpoint" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_DeleteClusterSnapshot.html" + }, + "GetCluster": { + "privilege": "GetCluster", + "description": "Grants permission to view details about a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_GetCluster.html" + }, + "GetClusterSnapshot": { + "privilege": "GetClusterSnapshot", + "description": "Grants permission to view details about a cluster snapshot", + "access_level": "Read", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_GetClusterSnapshot.html" + }, + "ListClusterSnapshots": { + "privilege": "ListClusterSnapshots", + "description": "Grants permission to list the cluster snapshots in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_ListClusterSnapshots.html" + }, + "ListClusters": { + "privilege": "ListClusters", + "description": "Grants permission to list the clusters in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_ListClusters.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tag for an DocumentDB Elastic resource", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_ListTagsForResource.html" + }, + "RestoreClusterFromSnapshot": { + "privilege": "RestoreClusterFromSnapshot", + "description": "Grants permission to restore cluster from a Amazon DocDB-Elastic cluster snapshot", + "access_level": "Write", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateVpcEndpoint", + "ec2:DeleteVpcEndpoints", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "ec2:ModifyVpcEndpoint", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "secretsmanager:DescribeSecret", + "secretsmanager:GetResourcePolicy", + "secretsmanager:GetSecretValue", + "secretsmanager:ListSecretVersionIds", + "secretsmanager:ListSecrets" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_RestoreClusterFromSnapshot.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an DocumentDB Elastic resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a DocumentDB Elastic resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_UntagResource.html" + }, + "UpdateCluster": { + "privilege": "UpdateCluster", + "description": "Grants permission to modify a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateVpcEndpoint", + "ec2:DeleteVpcEndpoints", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "ec2:ModifyVpcEndpoint", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "secretsmanager:DescribeSecret", + "secretsmanager:GetResourcePolicy", + "secretsmanager:GetSecretValue", + "secretsmanager:ListSecretVersionIds", + "secretsmanager:ListSecrets" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/documentdb/latest/developerguide/API_elastic_UpdateCluster.html" + } + }, + "privileges_lower_name": { + "createcluster": "CreateCluster", + "createclustersnapshot": "CreateClusterSnapshot", + "deletecluster": "DeleteCluster", + "deleteclustersnapshot": "DeleteClusterSnapshot", + "getcluster": "GetCluster", + "getclustersnapshot": "GetClusterSnapshot", + "listclustersnapshots": "ListClusterSnapshots", + "listclusters": "ListClusters", + "listtagsforresource": "ListTagsForResource", + "restoreclusterfromsnapshot": "RestoreClusterFromSnapshot", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecluster": "UpdateCluster" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:docdb-elastic:${Region}:${Account}:cluster/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "cluster-snapshot": { + "resource": "cluster-snapshot", + "arn": "arn:${Partition}:docdb-elastic:${Region}:${Account}:cluster-snapshot/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "cluster-snapshot": "cluster-snapshot" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the set of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the set of tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the set of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "dynamodb": { + "service_name": "Amazon DynamoDB", + "prefix": "dynamodb", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondynamodb.html", + "privileges": { + "BatchGetItem": { + "privilege": "BatchGetItem", + "description": "Grants permission to return the attributes of one or more items from one or more tables", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:Select" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchGetItem.html" + }, + "BatchWriteItem": { + "privilege": "BatchWriteItem", + "description": "Grants permission to put or delete multiple items in one or more tables", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchWriteItem.html" + }, + "ConditionCheckItem": { + "privilege": "ConditionCheckItem", + "description": "Grants permission to the ConditionCheckItem operation checks the existence of a set of attributes for the item with the given primary key", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:ReturnValues" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ConditionCheck.html" + }, + "CreateBackup": { + "privilege": "CreateBackup", + "description": "Grants permission to create a backup for an existing table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateBackup.html" + }, + "CreateGlobalTable": { + "privilege": "CreateGlobalTable", + "description": "Grants permission to create a global table from an existing table", + "access_level": "Write", + "resource_types": { + "global-table": { + "resource_type": "global-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-table": "global-table", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateGlobalTable.html" + }, + "CreateTable": { + "privilege": "CreateTable", + "description": "Grants permission to the CreateTable operation adds a new table to your account", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html" + }, + "CreateTableReplica": { + "privilege": "CreateTableReplica", + "description": "Grants permission to add a new replica table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/V2gt_IAM.html" + }, + "DeleteBackup": { + "privilege": "DeleteBackup", + "description": "Grants permission to delete an existing backup of a table", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteBackup.html" + }, + "DeleteItem": { + "privilege": "DeleteItem", + "description": "Grants permission to deletes a single item in a table by primary key", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:ReturnValues" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteItem.html" + }, + "DeleteTable": { + "privilege": "DeleteTable", + "description": "Grants permission to the DeleteTable operation which deletes a table and all of its items", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteTable.html" + }, + "DeleteTableReplica": { + "privilege": "DeleteTableReplica", + "description": "Grants permission to delete a replica table and all of its items", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/V2gt_IAM.html" + }, + "DescribeBackup": { + "privilege": "DescribeBackup", + "description": "Grants permission to describe an existing backup of a table", + "access_level": "Read", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeBackup.html" + }, + "DescribeContinuousBackups": { + "privilege": "DescribeContinuousBackups", + "description": "Grants permission to check the status of the backup restore settings on the specified table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeContinuousBackups.html" + }, + "DescribeContributorInsights": { + "privilege": "DescribeContributorInsights", + "description": "Grants permission to describe the contributor insights status and related details for a given table or global secondary index", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeContributorInsights.html" + }, + "DescribeEndpoints": { + "privilege": "DescribeEndpoints", + "description": "Grants permission to return the regional endpoint information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeEndpoints.html" + }, + "DescribeExport": { + "privilege": "DescribeExport", + "description": "Grants permission to describe an existing Export of a table", + "access_level": "Read", + "resource_types": { + "export": { + "resource_type": "export", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "export": "export" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeExport.html" + }, + "DescribeGlobalTable": { + "privilege": "DescribeGlobalTable", + "description": "Grants permission to return information about the specified global table", + "access_level": "Read", + "resource_types": { + "global-table": { + "resource_type": "global-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-table": "global-table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeGlobalTable.html" + }, + "DescribeGlobalTableSettings": { + "privilege": "DescribeGlobalTableSettings", + "description": "Grants permission to return settings information about the specified global table", + "access_level": "Read", + "resource_types": { + "global-table": { + "resource_type": "global-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-table": "global-table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeGlobalTableSettings.html" + }, + "DescribeImport": { + "privilege": "DescribeImport", + "description": "Grants permission to describe an existing import", + "access_level": "Read", + "resource_types": { + "import": { + "resource_type": "import", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "import": "import" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeImport.html" + }, + "DescribeKinesisStreamingDestination": { + "privilege": "DescribeKinesisStreamingDestination", + "description": "Grants permission to grant permission to describe the status of Kinesis streaming and related details for a given table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeKinesisStreamingDestination.html" + }, + "DescribeLimits": { + "privilege": "DescribeLimits", + "description": "Grants permission to return the current provisioned-capacity limits for your AWS account in a region, both for the region as a whole and for any one DynamoDB table that you create there", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeLimits.html" + }, + "DescribeReservedCapacity": { + "privilege": "DescribeReservedCapacity", + "description": "Grants permission to describe one or more of the Reserved Capacity purchased", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/iam-policy-prevent-purchase-reserved-capacity.html" + }, + "DescribeReservedCapacityOfferings": { + "privilege": "DescribeReservedCapacityOfferings", + "description": "Grants permission to describe Reserved Capacity offerings that are available for purchase", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/iam-policy-prevent-purchase-reserved-capacity.html" + }, + "DescribeStream": { + "privilege": "DescribeStream", + "description": "Grants permission to return information about a stream, including the current status of the stream, its Amazon Resource Name (ARN), the composition of its shards, and its corresponding DynamoDB table", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_DescribeStream.html" + }, + "DescribeTable": { + "privilege": "DescribeTable", + "description": "Grants permission to return information about the table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTable.html" + }, + "DescribeTableReplicaAutoScaling": { + "privilege": "DescribeTableReplicaAutoScaling", + "description": "Grants permission to describe the auto scaling settings across all replicas of the global table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTableReplicaAutoScaling.html" + }, + "DescribeTimeToLive": { + "privilege": "DescribeTimeToLive", + "description": "Grants permission to give a description of the Time to Live (TTL) status on the specified table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTimeToLive.html" + }, + "DisableKinesisStreamingDestination": { + "privilege": "DisableKinesisStreamingDestination", + "description": "Grants permission to grant permission to stop replication from the DynamoDB table to the Kinesis data stream", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DisableKinesisStreamingDestination.html" + }, + "EnableKinesisStreamingDestination": { + "privilege": "EnableKinesisStreamingDestination", + "description": "Grants permission to grant permission to start table data replication to the specified Kinesis data stream at a timestamp chosen during the enable workflow", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_EnableKinesisStreamingDestination.html" + }, + "ExportTableToPointInTime": { + "privilege": "ExportTableToPointInTime", + "description": "Grants permission to initiate an Export of a DynamoDB table to S3", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExportTableToPointInTime.html" + }, + "GetItem": { + "privilege": "GetItem", + "description": "Grants permission to the GetItem operation that returns a set of attributes for the item with the given primary key", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:Select" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_GetItem.html" + }, + "GetRecords": { + "privilege": "GetRecords", + "description": "Grants permission to retrieve the stream records from a given shard", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetRecords.html" + }, + "GetShardIterator": { + "privilege": "GetShardIterator", + "description": "Grants permission to return a shard iterator", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_GetShardIterator.html" + }, + "ImportTable": { + "privilege": "ImportTable", + "description": "Grants permission to initiate an import from S3 to a DynamoDB table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ImportTable.html" + }, + "ListBackups": { + "privilege": "ListBackups", + "description": "Grants permission to list backups associated with the account and endpoint", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListBackups.html" + }, + "ListContributorInsights": { + "privilege": "ListContributorInsights", + "description": "Grants permission to list the ContributorInsightsSummary for all tables and global secondary indexes associated with the current account and endpoint", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListContributorInsights.html" + }, + "ListExports": { + "privilege": "ListExports", + "description": "Grants permission to list exports associated with the account and endpoint", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListExports.html" + }, + "ListGlobalTables": { + "privilege": "ListGlobalTables", + "description": "Grants permission to list all global tables that have a replica in the specified region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListGlobalTables.html" + }, + "ListImports": { + "privilege": "ListImports", + "description": "Grants permission to list imports associated with the account and endpoint", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListImports.html" + }, + "ListStreams": { + "privilege": "ListStreams", + "description": "Grants permission to return an array of stream ARNs associated with the current account and endpoint", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_streams_ListStreams.html" + }, + "ListTables": { + "privilege": "ListTables", + "description": "Grants permission to return an array of table names associated with the current account and endpoint", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListTables.html" + }, + "ListTagsOfResource": { + "privilege": "ListTagsOfResource", + "description": "Grants permission to list all tags on an Amazon DynamoDB resource", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ListTagsOfResource.html" + }, + "PartiQLDelete": { + "privilege": "PartiQLDelete", + "description": "Grants permission to delete a single item in a table by primary key", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:LeadingKeys", + "dynamodb:ReturnValues" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" + }, + "PartiQLInsert": { + "privilege": "PartiQLInsert", + "description": "Grants permission to create a new item, if an item with same primary key does not exist in the table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:LeadingKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" + }, + "PartiQLSelect": { + "privilege": "PartiQLSelect", + "description": "Grants permission to read a set of attributes for items from a table or index", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:FullTableScan", + "dynamodb:LeadingKeys", + "dynamodb:Select" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" + }, + "PartiQLUpdate": { + "privilege": "PartiQLUpdate", + "description": "Grants permission to edit an existing item's attributes", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:LeadingKeys", + "dynamodb:ReturnValues" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ExecuteStatement.html" + }, + "PurchaseReservedCapacityOfferings": { + "privilege": "PurchaseReservedCapacityOfferings", + "description": "Grants permission to purchases reserved capacity for use with your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/iam-policy-prevent-purchase-reserved-capacity.html" + }, + "PutItem": { + "privilege": "PutItem", + "description": "Grants permission to create a new item, or replace an old item with a new item", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:ReturnValues" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutItem.html" + }, + "Query": { + "privilege": "Query", + "description": "Grants permission to use the primary key of a table or a secondary index to directly access items from that table or index", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:ReturnValues", + "dynamodb:Select" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Query.html" + }, + "RestoreTableFromAwsBackup": { + "privilege": "RestoreTableFromAwsBackup", + "description": "Grants permission to create a new table from recovery point on AWS Backup", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/UsageNotesAWS.html" + }, + "RestoreTableFromBackup": { + "privilege": "RestoreTableFromBackup", + "description": "Grants permission to create a new table from an existing backup", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dynamodb:BatchWriteItem", + "dynamodb:DeleteItem", + "dynamodb:GetItem", + "dynamodb:PutItem", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem" + ] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_RestoreTableFromBackup.html" + }, + "RestoreTableToPointInTime": { + "privilege": "RestoreTableToPointInTime", + "description": "Grants permission to restore a table to a point in time", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dynamodb:BatchWriteItem", + "dynamodb:DeleteItem", + "dynamodb:GetItem", + "dynamodb:PutItem", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_RestoreTableToPointInTime.html" + }, + "Scan": { + "privilege": "Scan", + "description": "Grants permission to return one or more items and item attributes by accessing every item in a table or a secondary index", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:ReturnValues", + "dynamodb:Select" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Scan.html" + }, + "StartAwsBackupJob": { + "privilege": "StartAwsBackupJob", + "description": "Grants permission to create a backup on AWS Backup with advanced features enabled", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/UsageNotesAWS.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate a set of tags with an Amazon DynamoDB resource", + "access_level": "Tagging", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the association of tags from an Amazon DynamoDB resource", + "access_level": "Tagging", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UntagResource.html" + }, + "UpdateContinuousBackups": { + "privilege": "UpdateContinuousBackups", + "description": "Grants permission to enable or disable continuous backups", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateContinuousBackups.html" + }, + "UpdateContributorInsights": { + "privilege": "UpdateContributorInsights", + "description": "Grants permission to update the status for contributor insights for a specific table or global secondary index", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateContributorInsights.html" + }, + "UpdateGlobalTable": { + "privilege": "UpdateGlobalTable", + "description": "Grants permission to add or remove replicas in the specified global table", + "access_level": "Write", + "resource_types": { + "global-table": { + "resource_type": "global-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-table": "global-table", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateGlobalTable.html" + }, + "UpdateGlobalTableSettings": { + "privilege": "UpdateGlobalTableSettings", + "description": "Grants permission to update settings of the specified global table", + "access_level": "Write", + "resource_types": { + "global-table": { + "resource_type": "global-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-table": "global-table", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateGlobalTableSettings.html" + }, + "UpdateGlobalTableVersion": { + "privilege": "UpdateGlobalTableVersion", + "description": "Grants permission to update version of the specified global table", + "access_level": "Write", + "resource_types": { + "global-table": { + "resource_type": "global-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-table": "global-table", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/V2globaltables_upgrade.html" + }, + "UpdateItem": { + "privilege": "UpdateItem", + "description": "Grants permission to edit an existing item's attributes, or adds a new item to the table if it does not already exist", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dynamodb:Attributes", + "dynamodb:EnclosingOperation", + "dynamodb:LeadingKeys", + "dynamodb:ReturnConsumedCapacity", + "dynamodb:ReturnValues" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateItem.html" + }, + "UpdateTable": { + "privilege": "UpdateTable", + "description": "Grants permission to modify the provisioned throughput settings, global secondary indexes, or DynamoDB Streams settings for a given table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateTable.html" + }, + "UpdateTableReplicaAutoScaling": { + "privilege": "UpdateTableReplicaAutoScaling", + "description": "Grants permission to update auto scaling settings on your replica table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateTableReplicaAutoScaling.html" + }, + "UpdateTimeToLive": { + "privilege": "UpdateTimeToLive", + "description": "Grants permission to enable or disable TTL for the specified table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateTimeToLive.html" + } + }, + "privileges_lower_name": { + "batchgetitem": "BatchGetItem", + "batchwriteitem": "BatchWriteItem", + "conditioncheckitem": "ConditionCheckItem", + "createbackup": "CreateBackup", + "createglobaltable": "CreateGlobalTable", + "createtable": "CreateTable", + "createtablereplica": "CreateTableReplica", + "deletebackup": "DeleteBackup", + "deleteitem": "DeleteItem", + "deletetable": "DeleteTable", + "deletetablereplica": "DeleteTableReplica", + "describebackup": "DescribeBackup", + "describecontinuousbackups": "DescribeContinuousBackups", + "describecontributorinsights": "DescribeContributorInsights", + "describeendpoints": "DescribeEndpoints", + "describeexport": "DescribeExport", + "describeglobaltable": "DescribeGlobalTable", + "describeglobaltablesettings": "DescribeGlobalTableSettings", + "describeimport": "DescribeImport", + "describekinesisstreamingdestination": "DescribeKinesisStreamingDestination", + "describelimits": "DescribeLimits", + "describereservedcapacity": "DescribeReservedCapacity", + "describereservedcapacityofferings": "DescribeReservedCapacityOfferings", + "describestream": "DescribeStream", + "describetable": "DescribeTable", + "describetablereplicaautoscaling": "DescribeTableReplicaAutoScaling", + "describetimetolive": "DescribeTimeToLive", + "disablekinesisstreamingdestination": "DisableKinesisStreamingDestination", + "enablekinesisstreamingdestination": "EnableKinesisStreamingDestination", + "exporttabletopointintime": "ExportTableToPointInTime", + "getitem": "GetItem", + "getrecords": "GetRecords", + "getsharditerator": "GetShardIterator", + "importtable": "ImportTable", + "listbackups": "ListBackups", + "listcontributorinsights": "ListContributorInsights", + "listexports": "ListExports", + "listglobaltables": "ListGlobalTables", + "listimports": "ListImports", + "liststreams": "ListStreams", + "listtables": "ListTables", + "listtagsofresource": "ListTagsOfResource", + "partiqldelete": "PartiQLDelete", + "partiqlinsert": "PartiQLInsert", + "partiqlselect": "PartiQLSelect", + "partiqlupdate": "PartiQLUpdate", + "purchasereservedcapacityofferings": "PurchaseReservedCapacityOfferings", + "putitem": "PutItem", + "query": "Query", + "restoretablefromawsbackup": "RestoreTableFromAwsBackup", + "restoretablefrombackup": "RestoreTableFromBackup", + "restoretabletopointintime": "RestoreTableToPointInTime", + "scan": "Scan", + "startawsbackupjob": "StartAwsBackupJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecontinuousbackups": "UpdateContinuousBackups", + "updatecontributorinsights": "UpdateContributorInsights", + "updateglobaltable": "UpdateGlobalTable", + "updateglobaltablesettings": "UpdateGlobalTableSettings", + "updateglobaltableversion": "UpdateGlobalTableVersion", + "updateitem": "UpdateItem", + "updatetable": "UpdateTable", + "updatetablereplicaautoscaling": "UpdateTableReplicaAutoScaling", + "updatetimetolive": "UpdateTimeToLive" + }, + "resources": { + "index": { + "resource": "index", + "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/index/${IndexName}", + "condition_keys": [] + }, + "stream": { + "resource": "stream", + "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/stream/${StreamLabel}", + "condition_keys": [] + }, + "table": { + "resource": "table", + "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}", + "condition_keys": [] + }, + "backup": { + "resource": "backup", + "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/backup/${BackupName}", + "condition_keys": [] + }, + "export": { + "resource": "export", + "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/export/${ExportName}", + "condition_keys": [] + }, + "global-table": { + "resource": "global-table", + "arn": "arn:${Partition}:dynamodb::${Account}:global-table/${GlobalTableName}", + "condition_keys": [] + }, + "import": { + "resource": "import", + "arn": "arn:${Partition}:dynamodb:${Region}:${Account}:table/${TableName}/import/${ImportName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "index": "index", + "stream": "stream", + "table": "table", + "backup": "backup", + "export": "export", + "global-table": "global-table", + "import": "import" + }, + "conditions": { + "dynamodb:Attributes": { + "condition": "dynamodb:Attributes", + "description": "Filters access by attribute (field or column) names of the table", + "type": "ArrayOfString" + }, + "dynamodb:EnclosingOperation": { + "condition": "dynamodb:EnclosingOperation", + "description": "Filters access by blocking Transactions APIs calls and allow the non-Transaction APIs calls and vice-versa", + "type": "String" + }, + "dynamodb:FullTableScan": { + "condition": "dynamodb:FullTableScan", + "description": "Filters access by blocking full table scan", + "type": "Bool" + }, + "dynamodb:LeadingKeys": { + "condition": "dynamodb:LeadingKeys", + "description": "Filters access by the partition key of the table", + "type": "ArrayOfString" + }, + "dynamodb:ReturnConsumedCapacity": { + "condition": "dynamodb:ReturnConsumedCapacity", + "description": "Filters access by the ReturnConsumedCapacity parameter of a request. Contains either \"TOTAL\" or \"NONE\"", + "type": "String" + }, + "dynamodb:ReturnValues": { + "condition": "dynamodb:ReturnValues", + "description": "Filters access by the ReturnValues parameter of request. Contains one of the following: \"ALL_OLD\", \"UPDATED_OLD\",\"ALL_NEW\",\"UPDATED_NEW\", or \"NONE\"", + "type": "String" + }, + "dynamodb:Select": { + "condition": "dynamodb:Select", + "description": "Filters access by the Select parameter of a Query or Scan request", + "type": "String" + } + } + }, + "dax": { + "service_name": "Amazon DynamoDB Accelerator (DAX)", + "prefix": "dax", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondynamodbacceleratordax.html", + "privileges": { + "BatchGetItem": { + "privilege": "BatchGetItem", + "description": "Grants permission to return the attributes of one or more items from one or more tables", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchGetItem.html" + }, + "BatchWriteItem": { + "privilege": "BatchWriteItem", + "description": "Grants permission to put or delete multiple items in one or more tables", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchWriteItem.html" + }, + "ConditionCheckItem": { + "privilege": "ConditionCheckItem", + "description": "Grants permission to the ConditionCheckItem operation that checks the existence of a set of attributes for the item with the given primary key", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ConditionCheckItem.html" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create a DAX cluster", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dax:CreateParameterGroup", + "dax:CreateSubnetGroup", + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "iam:GetRole", + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateCluster.html" + }, + "CreateParameterGroup": { + "privilege": "CreateParameterGroup", + "description": "Grants permission to create a parameter group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateParameterGroup.html" + }, + "CreateSubnetGroup": { + "privilege": "CreateSubnetGroup", + "description": "Grants permission to create a subnet group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_CreateSubnetGroup.html" + }, + "DecreaseReplicationFactor": { + "privilege": "DecreaseReplicationFactor", + "description": "Grants permission to remove one or more nodes from a DAX cluster", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DecreaseReplicationFactor.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permission to delete a previously provisioned DAX cluster", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteCluster.html" + }, + "DeleteItem": { + "privilege": "DeleteItem", + "description": "Grants permission to delete a single item in a table by primary key", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dax:EnclosingOperation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DeleteItem.html" + }, + "DeleteParameterGroup": { + "privilege": "DeleteParameterGroup", + "description": "Grants permission to delete the specified parameter group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteParameterGroup.html" + }, + "DeleteSubnetGroup": { + "privilege": "DeleteSubnetGroup", + "description": "Grants permission to delete a subnet group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DeleteSubnetGroup.html" + }, + "DescribeClusters": { + "privilege": "DescribeClusters", + "description": "Grants permission to return information about all provisioned DAX clusters", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeClusters.html" + }, + "DescribeDefaultParameters": { + "privilege": "DescribeDefaultParameters", + "description": "Grants permission to return the default system parameter information for DAX", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeDefaultParameters.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to return events related to DAX clusters and parameter groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeEvents.html" + }, + "DescribeParameterGroups": { + "privilege": "DescribeParameterGroups", + "description": "Grants permission to return a list of parameter group descriptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeParameterGroups.html" + }, + "DescribeParameters": { + "privilege": "DescribeParameters", + "description": "Grants permission to return the detailed parameter list for a particular parameter group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeParameters.html" + }, + "DescribeSubnetGroups": { + "privilege": "DescribeSubnetGroups", + "description": "Grants permission to return a list of subnet group descriptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_DescribeSubnetGroups.html" + }, + "GetItem": { + "privilege": "GetItem", + "description": "Grants permission to the GetItem operation that returns a set of attributes for the item with the given primary key", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dax:EnclosingOperation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_GetItem.html" + }, + "IncreaseReplicationFactor": { + "privilege": "IncreaseReplicationFactor", + "description": "Grants permission to add one or more nodes to a DAX cluster", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_IncreaseReplicationFactor.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to return a list all of the tags for a DAX cluster", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_ListTags.html" + }, + "PutItem": { + "privilege": "PutItem", + "description": "Grants permission to create a new item, or replace an old item with a new item", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dax:EnclosingOperation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutItem.html" + }, + "Query": { + "privilege": "Query", + "description": "Grants permission to use the primary key of a table or a secondary index to directly access items from that table or index", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Query.html" + }, + "RebootNode": { + "privilege": "RebootNode", + "description": "Grants permission to reboot a single node of a DAX cluster", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_RebootNode.html" + }, + "Scan": { + "privilege": "Scan", + "description": "Grants permission to return one or more items and item attributes by accessing every item in a table or a secondary index", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_Scan.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate a set of tags with a DAX resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the association of tags from a DAX resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UntagResource.html" + }, + "UpdateCluster": { + "privilege": "UpdateCluster", + "description": "Grants permission to modify the settings for a DAX cluster", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateCluster.html" + }, + "UpdateItem": { + "privilege": "UpdateItem", + "description": "Grants permission to edit an existing item's attributes, or adds a new item to the table if it does not already exist", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "dax:EnclosingOperation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_UpdateItem.html" + }, + "UpdateParameterGroup": { + "privilege": "UpdateParameterGroup", + "description": "Grants permission to modify the parameters of a parameter group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateParameterGroup.html" + }, + "UpdateSubnetGroup": { + "privilege": "UpdateSubnetGroup", + "description": "Grants permission to modify an existing subnet group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_dax_UpdateSubnetGroup.html" + } + }, + "privileges_lower_name": { + "batchgetitem": "BatchGetItem", + "batchwriteitem": "BatchWriteItem", + "conditioncheckitem": "ConditionCheckItem", + "createcluster": "CreateCluster", + "createparametergroup": "CreateParameterGroup", + "createsubnetgroup": "CreateSubnetGroup", + "decreasereplicationfactor": "DecreaseReplicationFactor", + "deletecluster": "DeleteCluster", + "deleteitem": "DeleteItem", + "deleteparametergroup": "DeleteParameterGroup", + "deletesubnetgroup": "DeleteSubnetGroup", + "describeclusters": "DescribeClusters", + "describedefaultparameters": "DescribeDefaultParameters", + "describeevents": "DescribeEvents", + "describeparametergroups": "DescribeParameterGroups", + "describeparameters": "DescribeParameters", + "describesubnetgroups": "DescribeSubnetGroups", + "getitem": "GetItem", + "increasereplicationfactor": "IncreaseReplicationFactor", + "listtags": "ListTags", + "putitem": "PutItem", + "query": "Query", + "rebootnode": "RebootNode", + "scan": "Scan", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecluster": "UpdateCluster", + "updateitem": "UpdateItem", + "updateparametergroup": "UpdateParameterGroup", + "updatesubnetgroup": "UpdateSubnetGroup" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:dax:${Region}:${Account}:cache/${ClusterName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "application": "application" + }, + "conditions": { + "dax:EnclosingOperation": { + "condition": "dax:EnclosingOperation", + "description": "Used to block Transactions APIs calls and allow the non-Transaction APIs calls and vice-versa", + "type": "String" + } + } + }, + "ec2": { + "service_name": "Amazon EC2", + "prefix": "ec2", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html", + "privileges": { + "AcceptAddressTransfer": { + "privilege": "AcceptAddressTransfer", + "description": "Grants permission to accept an Elastic IP address transfer", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [ + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptAddressTransfer.html" + }, + "AcceptReservedInstancesExchangeQuote": { + "privilege": "AcceptReservedInstancesExchangeQuote", + "description": "Grants permission to accept a Convertible Reserved Instance exchange quote", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptReservedInstancesExchangeQuote.html" + }, + "AcceptTransitGatewayMulticastDomainAssociations": { + "privilege": "AcceptTransitGatewayMulticastDomainAssociations", + "description": "Grants permission to accept a request to associate subnets with a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayMulticastDomainAssociations.html" + }, + "AcceptTransitGatewayPeeringAttachment": { + "privilege": "AcceptTransitGatewayPeeringAttachment", + "description": "Grants permission to accept a transit gateway peering attachment request", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayPeeringAttachment.html" + }, + "AcceptTransitGatewayVpcAttachment": { + "privilege": "AcceptTransitGatewayVpcAttachment", + "description": "Grants permission to accept a request to attach a VPC to a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptTransitGatewayVpcAttachment.html" + }, + "AcceptVpcEndpointConnections": { + "privilege": "AcceptVpcEndpointConnections", + "description": "Grants permission to accept one or more interface VPC endpoint connections to your VPC endpoint service", + "access_level": "Write", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptVpcEndpointConnections.html" + }, + "AcceptVpcPeeringConnection": { + "privilege": "AcceptVpcPeeringConnection", + "description": "Grants permission to accept a VPC peering connection request", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AccepterVpc", + "ec2:RequesterVpc", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcPeeringConnectionID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "vpc-peering-connection": "vpc-peering-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AcceptVpcPeeringConnection.html" + }, + "AdvertiseByoipCidr": { + "privilege": "AdvertiseByoipCidr", + "description": "Grants permission to advertise an IP address range that is provisioned for use in AWS through bring your own IP addresses (BYOIP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AdvertiseByoipCidr.html" + }, + "AllocateAddress": { + "privilege": "AllocateAddress", + "description": "Grants permission to allocate an Elastic IP address (EIP) to your account", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "ipv4pool-ec2": "ipv4pool-ec2", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateAddress.html" + }, + "AllocateHosts": { + "privilege": "AllocateHosts", + "description": "Grants permission to allocate a Dedicated Host to your account", + "access_level": "Write", + "resource_types": { + "dedicated-host": { + "resource_type": "dedicated-host", + "required": true, + "condition_keys": [ + "ec2:AutoPlacement", + "ec2:AvailabilityZone", + "ec2:HostRecovery", + "ec2:InstanceType", + "ec2:Quantity" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-host": "dedicated-host", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateHosts.html" + }, + "AllocateIpamPoolCidr": { + "privilege": "AllocateIpamPoolCidr", + "description": "Grants permission to allocate a CIDR from an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateIpamPoolCidr.html" + }, + "ApplySecurityGroupsToClientVpnTargetNetwork": { + "privilege": "ApplySecurityGroupsToClientVpnTargetNetwork", + "description": "Grants permission to apply a security group to the association between a Client VPN endpoint and a target network", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "security-group": "security-group", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ApplySecurityGroupsToClientVpnTargetNetwork.html" + }, + "AssignIpv6Addresses": { + "privilege": "AssignIpv6Addresses", + "description": "Grants permission to assign one or more IPv6 addresses to a network interface", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignIpv6Addresses.html" + }, + "AssignPrivateIpAddresses": { + "privilege": "AssignPrivateIpAddresses", + "description": "Grants permission to assign one or more secondary private IP addresses to a network interface", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignPrivateIpAddresses.html" + }, + "AssignPrivateNatGatewayAddress": { + "privilege": "AssignPrivateNatGatewayAddress", + "description": "Grants permission to assign one or more secondary private IP addresses to a private NAT gateway", + "access_level": "Write", + "resource_types": { + "natgateway": { + "resource_type": "natgateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "natgateway": "natgateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssignPrivateNatGatewayAddress.html" + }, + "AssociateAddress": { + "privilege": "AssociateAddress", + "description": "Grants permission to associate an Elastic IP address (EIP) with an instance or a network interface", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "instance": "instance", + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateAddress.html" + }, + "AssociateClientVpnTargetNetwork": { + "privilege": "AssociateClientVpnTargetNetwork", + "description": "Grants permission to associate a target network with a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateClientVpnTargetNetwork.html" + }, + "AssociateDhcpOptions": { + "privilege": "AssociateDhcpOptions", + "description": "Grants permission to associate or disassociate a set of DHCP options with a VPC", + "access_level": "Write", + "resource_types": { + "dhcp-options": { + "resource_type": "dhcp-options", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:DhcpOptionsID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dhcp-options": "dhcp-options", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateDhcpOptions.html" + }, + "AssociateEnclaveCertificateIamRole": { + "privilege": "AssociateEnclaveCertificateIamRole", + "description": "Grants permission to associate an ACM certificate with an IAM role to be used in an EC2 Enclave", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate", + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateEnclaveCertificateIamRole.html" + }, + "AssociateIamInstanceProfile": { + "privilege": "AssociateIamInstanceProfile", + "description": "Grants permission to associate an IAM instance profile with a running or stopped instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:NewInstanceProfile", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html" + }, + "AssociateInstanceEventWindow": { + "privilege": "AssociateInstanceEventWindow", + "description": "Grants permission to associate one or more targets with an event window", + "access_level": "Write", + "resource_types": { + "instance-event-window": { + "resource_type": "instance-event-window", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-event-window": "instance-event-window", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateInstanceEventWindow.html" + }, + "AssociateIpamResourceDiscovery": { + "privilege": "AssociateIpamResourceDiscovery", + "description": "Grants permission to associate an IPAM resource discovery with an Amazon VPC IPAM", + "access_level": "Write", + "resource_types": { + "ipam": { + "resource_type": "ipam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-resource-discovery-association": { + "resource_type": "ipam-resource-discovery-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam": "ipam", + "ipam-resource-discovery": "ipam-resource-discovery", + "ipam-resource-discovery-association": "ipam-resource-discovery-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIpamResourceDiscovery.html" + }, + "AssociateNatGatewayAddress": { + "privilege": "AssociateNatGatewayAddress", + "description": "Grants permission to associate an Elastic IP address and private IP address with a public Nat gateway", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "natgateway": { + "resource_type": "natgateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "natgateway": "natgateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateNatGatewayAddress.html" + }, + "AssociateRouteTable": { + "privilege": "AssociateRouteTable", + "description": "Grants permission to associate a subnet or gateway with a route table", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "internet-gateway": { + "resource_type": "internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "internet-gateway": "internet-gateway", + "subnet": "subnet", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateRouteTable.html" + }, + "AssociateSubnetCidrBlock": { + "privilege": "AssociateSubnetCidrBlock", + "description": "Grants permission to associate a CIDR block with a subnet", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateSubnetCidrBlock.html" + }, + "AssociateTransitGatewayMulticastDomain": { + "privilege": "AssociateTransitGatewayMulticastDomain", + "description": "Grants permission to associate an attachment and list of subnets with a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayMulticastDomain.html" + }, + "AssociateTransitGatewayPolicyTable": { + "privilege": "AssociateTransitGatewayPolicyTable", + "description": "Grants permission to associate a policy table with a transit gateway attachment", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-policy-table": "transit-gateway-policy-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayPolicyTable.html" + }, + "AssociateTransitGatewayRouteTable": { + "privilege": "AssociateTransitGatewayRouteTable", + "description": "Grants permission to associate an attachment with a transit gateway route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTransitGatewayRouteTable.html" + }, + "AssociateTrunkInterface": { + "privilege": "AssociateTrunkInterface", + "description": "Grants permission to associate a branch network interface with a trunk network interface", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateTrunkInterface.html" + }, + "AssociateVerifiedAccessInstanceWebAcl": { + "privilege": "AssociateVerifiedAccessInstanceWebAcl", + "description": "Grants permission to associate an AWS Web Application Firewall (WAF) web access control list (ACL) with a Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" + }, + "AssociateVpcCidrBlock": { + "privilege": "AssociateVpcCidrBlock", + "description": "Grants permission to associate a CIDR block with a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Ipv4IpamPoolId", + "ec2:Ipv6IpamPoolId", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv6pool-ec2": { + "resource_type": "ipv6pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "ipam-pool": "ipam-pool", + "ipv6pool-ec2": "ipv6pool-ec2", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateVpcCidrBlock.html" + }, + "AttachClassicLinkVpc": { + "privilege": "AttachClassicLinkVpc", + "description": "Grants permission to link an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's security groups", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "security-group": "security-group", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachClassicLinkVpc.html" + }, + "AttachInternetGateway": { + "privilege": "AttachInternetGateway", + "description": "Grants permission to attach an internet gateway to a VPC", + "access_level": "Write", + "resource_types": { + "internet-gateway": { + "resource_type": "internet-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "internet-gateway": "internet-gateway", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachInternetGateway.html" + }, + "AttachNetworkInterface": { + "privilege": "AttachNetworkInterface", + "description": "Grants permission to attach a network interface to an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachNetworkInterface.html" + }, + "AttachVerifiedAccessTrustProvider": { + "privilege": "AttachVerifiedAccessTrustProvider", + "description": "Grants permission to attach a trust provider to a Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-trust-provider": { + "resource_type": "verified-access-trust-provider", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "verified-access-trust-provider": "verified-access-trust-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVerifiedAccessTrustProvider.html" + }, + "AttachVolume": { + "privilege": "AttachVolume", + "description": "Grants permission to attach an EBS volume to a running or stopped instance and expose it to the instance with the specified device name", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVolume.html" + }, + "AttachVpnGateway": { + "privilege": "AttachVpnGateway", + "description": "Grants permission to attach a virtual private gateway to a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVpnGateway.html" + }, + "AuthorizeClientVpnIngress": { + "privilege": "AuthorizeClientVpnIngress", + "description": "Grants permission to add an inbound authorization rule to a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeClientVpnIngress.html" + }, + "AuthorizeSecurityGroupEgress": { + "privilege": "AuthorizeSecurityGroupEgress", + "description": "Grants permission to add one or more outbound rules to a VPC security group. Policies using the security-group-rule resource-level permission are only enforced when the API request includes TagSpecifications", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "security-group-rule": { + "resource_type": "security-group-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "security-group-rule": "security-group-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeSecurityGroupEgress.html" + }, + "AuthorizeSecurityGroupIngress": { + "privilege": "AuthorizeSecurityGroupIngress", + "description": "Grants permission to add one or more inbound rules to a VPC security group. Policies using the security-group-rule resource-level permission are only enforced when the API request includes TagSpecifications", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "security-group-rule": { + "resource_type": "security-group-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "security-group-rule": "security-group-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeSecurityGroupIngress.html" + }, + "BundleInstance": { + "privilege": "BundleInstance", + "description": "Grants permission to bundle an instance store-backed Windows instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BundleInstance.html" + }, + "CancelBundleTask": { + "privilege": "CancelBundleTask", + "description": "Grants permission to cancel a bundling operation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelBundleTask.html" + }, + "CancelCapacityReservation": { + "privilege": "CancelCapacityReservation", + "description": "Grants permission to cancel a Capacity Reservation and release the reserved capacity", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:CapacityReservationFleet", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelCapacityReservation.html" + }, + "CancelCapacityReservationFleets": { + "privilege": "CancelCapacityReservationFleets", + "description": "Grants permission to cancel one or more Capacity Reservation Fleets", + "access_level": "Write", + "resource_types": { + "capacity-reservation-fleet": { + "resource_type": "capacity-reservation-fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation-fleet": "capacity-reservation-fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelCapacityReservationFleets.html" + }, + "CancelConversionTask": { + "privilege": "CancelConversionTask", + "description": "Grants permission to cancel an active conversion task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelConversionTask.html" + }, + "CancelExportTask": { + "privilege": "CancelExportTask", + "description": "Grants permission to cancel an active export task", + "access_level": "Write", + "resource_types": { + "export-image-task": { + "resource_type": "export-image-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "export-instance-task": { + "resource_type": "export-instance-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "export-image-task": "export-image-task", + "export-instance-task": "export-instance-task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelExportTask.html" + }, + "CancelImageLaunchPermission": { + "privilege": "CancelImageLaunchPermission", + "description": "Grants permission to remove your AWS account from the launch permissions for the specified AMI", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelImageLaunchPermission.html" + }, + "CancelImportTask": { + "privilege": "CancelImportTask", + "description": "Grants permission to cancel an in-process import virtual machine or import snapshot task", + "access_level": "Write", + "resource_types": { + "import-image-task": { + "resource_type": "import-image-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "import-snapshot-task": { + "resource_type": "import-snapshot-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "import-image-task": "import-image-task", + "import-snapshot-task": "import-snapshot-task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelImportTask.html" + }, + "CancelReservedInstancesListing": { + "privilege": "CancelReservedInstancesListing", + "description": "Grants permission to cancel a Reserved Instance listing on the Reserved Instance Marketplace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelReservedInstancesListing.html" + }, + "CancelSpotFleetRequests": { + "privilege": "CancelSpotFleetRequests", + "description": "Grants permission to cancel one or more Spot Fleet requests", + "access_level": "Write", + "resource_types": { + "spot-fleet-request": { + "resource_type": "spot-fleet-request", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "spot-fleet-request": "spot-fleet-request", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotFleetRequests.html" + }, + "CancelSpotInstanceRequests": { + "privilege": "CancelSpotInstanceRequests", + "description": "Grants permission to cancel one or more Spot Instance requests", + "access_level": "Write", + "resource_types": { + "spot-instances-request": { + "resource_type": "spot-instances-request", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "spot-instances-request": "spot-instances-request", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotInstanceRequests.html" + }, + "ConfirmProductInstance": { + "privilege": "ConfirmProductInstance", + "description": "Grants permission to determine whether an owned product code is associated with an instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ConfirmProductInstance.html" + }, + "CopyFpgaImage": { + "privilege": "CopyFpgaImage", + "description": "Grants permission to copy a source Amazon FPGA image (AFI) to the current Region. Resource-level permissions specified for this action apply to the new AFI only. They do not apply to the source AFI", + "access_level": "Write", + "resource_types": { + "fpga-image": { + "resource_type": "fpga-image", + "required": true, + "condition_keys": [ + "ec2:Owner" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fpga-image": "fpga-image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopyFpgaImage.html" + }, + "CopyImage": { + "privilege": "CopyImage", + "description": "Grants permission to copy an Amazon Machine Image (AMI) from a source Region to the current Region. Resource-level permissions specified for this action apply to the new AMI only. They do not apply to the source AMI", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "ec2:ImageID", + "ec2:Owner" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopyImage.html" + }, + "CopySnapshot": { + "privilege": "CopySnapshot", + "description": "Grants permission to copy a point-in-time snapshot of an EBS volume and store it in Amazon S3. Resource-level permissions specified for this action apply to the new snapshot only. They do not apply to the source snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "ec2:OutpostArn", + "ec2:SnapshotID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopySnapshot.html" + }, + "CreateCapacityReservation": { + "privilege": "CreateCapacityReservation", + "description": "Grants permission to create a Capacity Reservation", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [ + "ec2:CapacityReservationFleet" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCapacityReservation.html" + }, + "CreateCapacityReservationFleet": { + "privilege": "CreateCapacityReservationFleet", + "description": "Grants permission to create a Capacity Reservation Fleet", + "access_level": "Write", + "resource_types": { + "capacity-reservation-fleet": { + "resource_type": "capacity-reservation-fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation-fleet": "capacity-reservation-fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCapacityReservationFleet.html" + }, + "CreateCarrierGateway": { + "privilege": "CreateCarrierGateway", + "description": "Grants permission to create a carrier gateway and provides CSP connectivity to VPC customers", + "access_level": "Write", + "resource_types": { + "carrier-gateway": { + "resource_type": "carrier-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "carrier-gateway": "carrier-gateway", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCarrierGateway.html" + }, + "CreateClientVpnEndpoint": { + "privilege": "CreateClientVpnEndpoint", + "description": "Grants permission to create a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "security-group": "security-group", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateClientVpnEndpoint.html" + }, + "CreateClientVpnRoute": { + "privilege": "CreateClientVpnRoute", + "description": "Grants permission to add a network route to a Client VPN endpoint's route table", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateClientVpnRoute.html" + }, + "CreateCoipCidr": { + "privilege": "CreateCoipCidr", + "description": "Grants permission to create a range of customer-owned IP (CoIP) addresses", + "access_level": "Write", + "resource_types": { + "coip-pool": { + "resource_type": "coip-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coip-pool": "coip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCoipCidr.html" + }, + "CreateCoipPool": { + "privilege": "CreateCoipPool", + "description": "Grants permission to create a pool of customer-owned IP (CoIP) addresses", + "access_level": "Write", + "resource_types": { + "coip-pool": { + "resource_type": "coip-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coip-pool": "coip-pool", + "local-gateway-route-table": "local-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCoipPool.html" + }, + "CreateCoipPoolPermission": { + "privilege": "CreateCoipPoolPermission", + "description": "Grants permission to allow a service to access a customer-owned IP (CoIP) pool", + "access_level": "Write", + "resource_types": { + "coip-pool": { + "resource_type": "coip-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coip-pool": "coip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" + }, + "CreateCustomerGateway": { + "privilege": "CreateCustomerGateway", + "description": "Grants permission to create a customer gateway, which provides information to AWS about your customer gateway device", + "access_level": "Write", + "resource_types": { + "customer-gateway": { + "resource_type": "customer-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-gateway": "customer-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateCustomerGateway.html" + }, + "CreateDefaultSubnet": { + "privilege": "CreateDefaultSubnet", + "description": "Grants permission to create a default subnet in a specified Availability Zone in a default VPC", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateDefaultSubnet.html" + }, + "CreateDefaultVpc": { + "privilege": "CreateDefaultVpc", + "description": "Grants permission to create a default VPC with a default subnet in each Availability Zone", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateDefaultVpc.html" + }, + "CreateDhcpOptions": { + "privilege": "CreateDhcpOptions", + "description": "Grants permission to create a set of DHCP options for a VPC", + "access_level": "Write", + "resource_types": { + "dhcp-options": { + "resource_type": "dhcp-options", + "required": true, + "condition_keys": [ + "ec2:DhcpOptionsID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dhcp-options": "dhcp-options", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateDhcpOptions.html" + }, + "CreateEgressOnlyInternetGateway": { + "privilege": "CreateEgressOnlyInternetGateway", + "description": "Grants permission to create an egress-only internet gateway for a VPC", + "access_level": "Write", + "resource_types": { + "egress-only-internet-gateway": { + "resource_type": "egress-only-internet-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "egress-only-internet-gateway": "egress-only-internet-gateway", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateEgressOnlyInternetGateway.html" + }, + "CreateFleet": { + "privilege": "CreateFleet", + "description": "Grants permission to launch an EC2 Fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:PlacementGroup", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:KeyPairName", + "ec2:KeyPairType", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [ + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:KmsKeyId", + "ec2:ParentSnapshot", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "instance": "instance", + "image": "image", + "key-pair": "key-pair", + "launch-template": "launch-template", + "network-interface": "network-interface", + "placement-group": "placement-group", + "security-group": "security-group", + "snapshot": "snapshot", + "subnet": "subnet", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html" + }, + "CreateFlowLogs": { + "privilege": "CreateFlowLogs", + "description": "Grants permission to create one or more flow logs to capture IP traffic for a network interface", + "access_level": "Write", + "resource_types": { + "vpc-flow-log": { + "resource_type": "vpc-flow-log", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags", + "iam:PassRole" + ] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-flow-log": "vpc-flow-log", + "network-interface": "network-interface", + "subnet": "subnet", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFlowLogs.html" + }, + "CreateFpgaImage": { + "privilege": "CreateFpgaImage", + "description": "Grants permission to create an Amazon FPGA Image (AFI) from a design checkpoint (DCP)", + "access_level": "Write", + "resource_types": { + "fpga-image": { + "resource_type": "fpga-image", + "required": true, + "condition_keys": [ + "ec2:Owner", + "ec2:Public" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fpga-image": "fpga-image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFpgaImage.html" + }, + "CreateImage": { + "privilege": "CreateImage", + "description": "Grants permission to create an Amazon EBS-backed AMI from a stopped or running Amazon EBS-backed instance", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "ec2:ImageID", + "ec2:Owner" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "ec2:OutpostArn", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "instance": "instance", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html" + }, + "CreateInstanceConnectEndpoint": { + "privilege": "CreateInstanceConnectEndpoint", + "description": "Grants permission to create an EC2 Instance Connect Endpoint that allows you to connect to an instance without a public IPv4 address", + "access_level": "Write", + "resource_types": { + "instance-connect-endpoint": { + "resource_type": "instance-connect-endpoint", + "required": true, + "condition_keys": [ + "ec2:SubnetID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-connect-endpoint": "instance-connect-endpoint", + "subnet": "subnet", + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInstanceConnectEndpoint.html" + }, + "CreateInstanceEventWindow": { + "privilege": "CreateInstanceEventWindow", + "description": "Grants permission to create an event window in which scheduled events for the associated Amazon EC2 instances can run", + "access_level": "Write", + "resource_types": { + "instance-event-window": { + "resource_type": "instance-event-window", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-event-window": "instance-event-window", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInstanceEventWindow.html" + }, + "CreateInstanceExportTask": { + "privilege": "CreateInstanceExportTask", + "description": "Grants permission to export a running or stopped instance to an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "export-instance-task": { + "resource_type": "export-instance-task", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "export-instance-task": "export-instance-task", + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInstanceExportTask.html" + }, + "CreateInternetGateway": { + "privilege": "CreateInternetGateway", + "description": "Grants permission to create an internet gateway for a VPC", + "access_level": "Write", + "resource_types": { + "internet-gateway": { + "resource_type": "internet-gateway", + "required": true, + "condition_keys": [ + "ec2:InternetGatewayID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "internet-gateway": "internet-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInternetGateway.html" + }, + "CreateIpam": { + "privilege": "CreateIpam", + "description": "Grants permission to create an Amazon VPC IP Address Manager (IPAM)", + "access_level": "Write", + "resource_types": { + "ipam": { + "resource_type": "ipam", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags", + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam": "ipam", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpam.html" + }, + "CreateIpamPool": { + "privilege": "CreateIpamPool", + "description": "Grants permission to create an IP address pool for Amazon VPC IP Address Manager (IPAM), which is a collection of contiguous IP address CIDRs", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "ipam-scope": { + "resource_type": "ipam-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "ipam-scope": "ipam-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpamPool.html" + }, + "CreateIpamResourceDiscovery": { + "privilege": "CreateIpamResourceDiscovery", + "description": "Grants permission to create an IPAM resource discovery", + "access_level": "Write", + "resource_types": { + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags", + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-resource-discovery": "ipam-resource-discovery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpamResourceDiscovery.html" + }, + "CreateIpamScope": { + "privilege": "CreateIpamScope", + "description": "Grants permission to create an Amazon VPC IP Address Manager (IPAM) scope, which is the highest-level container within IPAM", + "access_level": "Write", + "resource_types": { + "ipam": { + "resource_type": "ipam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "ipam-scope": { + "resource_type": "ipam-scope", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam": "ipam", + "ipam-scope": "ipam-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateIpamScope.html" + }, + "CreateKeyPair": { + "privilege": "CreateKeyPair", + "description": "Grants permission to create a 2048-bit RSA key pair", + "access_level": "Write", + "resource_types": { + "key-pair": { + "resource_type": "key-pair", + "required": true, + "condition_keys": [ + "ec2:KeyPairType" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key-pair": "key-pair", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html" + }, + "CreateLaunchTemplate": { + "privilege": "CreateLaunchTemplate", + "description": "Grants permission to create a launch template", + "access_level": "Write", + "resource_types": { + "launch-template": { + "resource_type": "launch-template", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-template": "launch-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplate.html" + }, + "CreateLaunchTemplateVersion": { + "privilege": "CreateLaunchTemplateVersion", + "description": "Grants permission to create a new version of a launch template", + "access_level": "Write", + "resource_types": { + "launch-template": { + "resource_type": "launch-template", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-template": "launch-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplateVersion.html" + }, + "CreateLocalGatewayRoute": { + "privilege": "CreateLocalGatewayRoute", + "description": "Grants permission to create a static route for a local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-virtual-interface-group": { + "resource_type": "local-gateway-virtual-interface-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "prefix-list": { + "resource_type": "prefix-list", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "local-gateway-virtual-interface-group": "local-gateway-virtual-interface-group", + "network-interface": "network-interface", + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRoute.html" + }, + "CreateLocalGatewayRouteTable": { + "privilege": "CreateLocalGatewayRouteTable", + "description": "Grants permission to create a local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway": { + "resource_type": "local-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway": "local-gateway", + "local-gateway-route-table": "local-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRouteTable.html" + }, + "CreateLocalGatewayRouteTablePermission": { + "privilege": "CreateLocalGatewayRouteTablePermission", + "description": "Grants permission to allow a service to access a local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" + }, + "CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "privilege": "CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", + "description": "Grants permission to create a local gateway route table virtual interface group association", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "local-gateway-route-table-virtual-interface-group-association": { + "resource_type": "local-gateway-route-table-virtual-interface-group-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "local-gateway-virtual-interface-group": { + "resource_type": "local-gateway-virtual-interface-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "local-gateway-route-table-virtual-interface-group-association": "local-gateway-route-table-virtual-interface-group-association", + "local-gateway-virtual-interface-group": "local-gateway-virtual-interface-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation.html" + }, + "CreateLocalGatewayRouteTableVpcAssociation": { + "privilege": "CreateLocalGatewayRouteTableVpcAssociation", + "description": "Grants permission to associate a VPC with a local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "local-gateway-route-table-vpc-association": { + "resource_type": "local-gateway-route-table-vpc-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "local-gateway-route-table-vpc-association": "local-gateway-route-table-vpc-association", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLocalGatewayRouteTableVpcAssociation.html" + }, + "CreateManagedPrefixList": { + "privilege": "CreateManagedPrefixList", + "description": "Grants permission to create a managed prefix list", + "access_level": "Write", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateManagedPrefixList.html" + }, + "CreateNatGateway": { + "privilege": "CreateNatGateway", + "description": "Grants permission to create a NAT gateway in a subnet", + "access_level": "Write", + "resource_types": { + "natgateway": { + "resource_type": "natgateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "elastic-ip": { + "resource_type": "elastic-ip", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "natgateway": "natgateway", + "subnet": "subnet", + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNatGateway.html" + }, + "CreateNetworkAcl": { + "privilege": "CreateNetworkAcl", + "description": "Grants permission to create a network ACL in a VPC", + "access_level": "Write", + "resource_types": { + "network-acl": { + "resource_type": "network-acl", + "required": true, + "condition_keys": [ + "ec2:NetworkAclID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-acl": "network-acl", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkAcl.html" + }, + "CreateNetworkAclEntry": { + "privilege": "CreateNetworkAclEntry", + "description": "Grants permission to create a numbered entry (a rule) in a network ACL", + "access_level": "Write", + "resource_types": { + "network-acl": { + "resource_type": "network-acl", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkAclID", + "ec2:ResourceTag/${TagKey}", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-acl": "network-acl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkAclEntry.html" + }, + "CreateNetworkInsightsAccessScope": { + "privilege": "CreateNetworkInsightsAccessScope", + "description": "Grants permission to create a Network Access Scope", + "access_level": "Write", + "resource_types": { + "network-insights-access-scope": { + "resource_type": "network-insights-access-scope", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-access-scope": "network-insights-access-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInsightsAccessScope.html" + }, + "CreateNetworkInsightsPath": { + "privilege": "CreateNetworkInsightsPath", + "description": "Grants permission to create a path to analyze for reachability", + "access_level": "Write", + "resource_types": { + "network-insights-path": { + "resource_type": "network-insights-path", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:PlacementGroup", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "internet-gateway": { + "resource_type": "internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "transit-gateway": { + "resource_type": "transit-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AccepterVpc", + "ec2:RequesterVpc", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcPeeringConnectionID" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-path": "network-insights-path", + "instance": "instance", + "internet-gateway": "internet-gateway", + "network-interface": "network-interface", + "transit-gateway": "transit-gateway", + "vpc-endpoint": "vpc-endpoint", + "vpc-endpoint-service": "vpc-endpoint-service", + "vpc-peering-connection": "vpc-peering-connection", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInsightsPath.html" + }, + "CreateNetworkInterface": { + "privilege": "CreateNetworkInterface", + "description": "Grants permission to create a network interface in a subnet", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "ec2:NetworkInterfaceID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "subnet": "subnet", + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html" + }, + "CreateNetworkInterfacePermission": { + "privilege": "CreateNetworkInterfacePermission", + "description": "Grants permission to create a permission for an AWS-authorized user to perform certain operations on a network interface", + "access_level": "Permissions management", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AuthorizedService", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterfacePermission.html" + }, + "CreatePlacementGroup": { + "privilege": "CreatePlacementGroup", + "description": "Grants permission to create a placement group", + "access_level": "Write", + "resource_types": { + "placement-group": { + "resource_type": "placement-group", + "required": true, + "condition_keys": [ + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "placement-group": "placement-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreatePlacementGroup.html" + }, + "CreatePublicIpv4Pool": { + "privilege": "CreatePublicIpv4Pool", + "description": "Grants permission to create a public IPv4 address pool for public IPv4 CIDRs that you own and bring to Amazon to manage with Amazon VPC IP Address Manager (IPAM)", + "access_level": "Write", + "resource_types": { + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipv4pool-ec2": "ipv4pool-ec2", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreatePublicIpv4Pool.html" + }, + "CreateReplaceRootVolumeTask": { + "privilege": "CreateReplaceRootVolumeTask", + "description": "Grants permission to create a root volume replacement task", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "replace-root-volume-task": { + "resource_type": "replace-root-volume-task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "ec2:VolumeID" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "replace-root-volume-task": "replace-root-volume-task", + "volume": "volume", + "image": "image", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateReplaceRootVolumeTask.html" + }, + "CreateReservedInstancesListing": { + "privilege": "CreateReservedInstancesListing", + "description": "Grants permission to create a listing for Standard Reserved Instances to be sold in the Reserved Instance Marketplace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateReservedInstancesListing.html" + }, + "CreateRestoreImageTask": { + "privilege": "CreateRestoreImageTask", + "description": "Grants permission to start a task that restores an AMI from an S3 object previously created by using CreateStoreImageTask", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "ec2:ImageID", + "ec2:Owner" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateRestoreImageTask.html" + }, + "CreateRoute": { + "privilege": "CreateRoute", + "description": "Grants permission to create a route in a VPC route table", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateRoute.html" + }, + "CreateRouteTable": { + "privilege": "CreateRouteTable", + "description": "Grants permission to create a route table for a VPC", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "ec2:RouteTableID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateRouteTable.html" + }, + "CreateSecurityGroup": { + "privilege": "CreateSecurityGroup", + "description": "Grants permission to create a security group", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "ec2:SecurityGroupID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to create a snapshot of an EBS volume and store it in Amazon S3", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "ec2:OutpostArn", + "ec2:ParentVolume", + "ec2:SnapshotID", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Encrypted", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSnapshot.html" + }, + "CreateSnapshots": { + "privilege": "CreateSnapshots", + "description": "Grants permission to create crash-consistent snapshots of multiple EBS volumes and store them in Amazon S3", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:PlacementGroup", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "ec2:OutpostArn", + "ec2:ParentVolume", + "ec2:SnapshotID", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Encrypted", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "snapshot": "snapshot", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSnapshots.html" + }, + "CreateSpotDatafeedSubscription": { + "privilege": "CreateSpotDatafeedSubscription", + "description": "Grants permission to create a data feed for Spot Instances to view Spot Instance usage logs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSpotDatafeedSubscription.html" + }, + "CreateStoreImageTask": { + "privilege": "CreateStoreImageTask", + "description": "Grants permission to store an AMI as a single object in an S3 bucket", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html" + }, + "CreateSubnet": { + "privilege": "CreateSubnet", + "description": "Grants permission to create a subnet in a VPC", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "ec2:SubnetID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSubnet.html" + }, + "CreateSubnetCidrReservation": { + "privilege": "CreateSubnetCidrReservation", + "description": "Grants permission to create a subnet CIDR reservation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSubnetCidrReservation.html" + }, + "CreateTags": { + "privilege": "CreateTags", + "description": "Grants permission to add or overwrite one or more tags for Amazon EC2 resources", + "access_level": "Tagging", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "capacity-reservation-fleet": { + "resource_type": "capacity-reservation-fleet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "carrier-gateway": { + "resource_type": "carrier-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "coip-pool": { + "resource_type": "coip-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "customer-gateway": { + "resource_type": "customer-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "dedicated-host": { + "resource_type": "dedicated-host", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AutoPlacement", + "ec2:AvailabilityZone", + "ec2:HostRecovery", + "ec2:InstanceType", + "ec2:Quantity", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "dhcp-options": { + "resource_type": "dhcp-options", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:DhcpOptionsID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "egress-only-internet-gateway": { + "resource_type": "egress-only-internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "elastic-gpu": { + "resource_type": "elastic-gpu", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ElasticGpuType", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "elastic-ip": { + "resource_type": "elastic-ip", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "export-image-task": { + "resource_type": "export-image-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "export-instance-task": { + "resource_type": "export-instance-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "fpga-image": { + "resource_type": "fpga-image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "host-reservation": { + "resource_type": "host-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "import-image-task": { + "resource_type": "import-image-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "import-snapshot-task": { + "resource_type": "import-snapshot-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "instance-connect-endpoint": { + "resource_type": "instance-connect-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ], + "dependent_actions": [] + }, + "instance-event-window": { + "resource_type": "instance-event-window", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "internet-gateway": { + "resource_type": "internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam": { + "resource_type": "ipam", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-resource-discovery-association": { + "resource_type": "ipam-resource-discovery-association", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-scope": { + "resource_type": "ipam-scope", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv6pool-ec2": { + "resource_type": "ipv6pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:KeyPairName", + "ec2:KeyPairType", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway": { + "resource_type": "local-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-route-table-virtual-interface-group-association": { + "resource_type": "local-gateway-route-table-virtual-interface-group-association", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-route-table-vpc-association": { + "resource_type": "local-gateway-route-table-vpc-association", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-virtual-interface": { + "resource_type": "local-gateway-virtual-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-virtual-interface-group": { + "resource_type": "local-gateway-virtual-interface-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "natgateway": { + "resource_type": "natgateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-acl": { + "resource_type": "network-acl", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkAclID", + "ec2:ResourceTag/${TagKey}", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "network-insights-access-scope": { + "resource_type": "network-insights-access-scope", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-insights-access-scope-analysis": { + "resource_type": "network-insights-access-scope-analysis", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-insights-analysis": { + "resource_type": "network-insights-analysis", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-insights-path": { + "resource_type": "network-insights-path", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "prefix-list": { + "resource_type": "prefix-list", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "replace-root-volume-task": { + "resource_type": "replace-root-volume-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "reserved-instances": { + "resource_type": "reserved-instances", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:InstanceType", + "ec2:ReservedInstancesOfferingType", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "route-table": { + "resource_type": "route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group-rule": { + "resource_type": "security-group-rule", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Encrypted", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "spot-fleet-request": { + "resource_type": "spot-fleet-request", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "spot-instances-request": { + "resource_type": "spot-instances-request", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "subnet-cidr-reservation": { + "resource_type": "subnet-cidr-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-session": { + "resource_type": "traffic-mirror-session", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-target": { + "resource_type": "traffic-mirror-target", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway": { + "resource_type": "transit-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-connect-peer": { + "resource_type": "transit-gateway-connect-peer", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table-announcement": { + "resource_type": "transit-gateway-route-table-announcement", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-endpoint": { + "resource_type": "verified-access-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-group": { + "resource_type": "verified-access-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-policy": { + "resource_type": "verified-access-policy", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-trust-provider": { + "resource_type": "verified-access-trust-provider", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-connection": { + "resource_type": "vpc-endpoint-connection", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service-permission": { + "resource_type": "vpc-endpoint-service-permission", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-flow-log": { + "resource_type": "vpc-flow-log", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AccepterVpc", + "ec2:RequesterVpc", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcPeeringConnectionID" + ], + "dependent_actions": [] + }, + "vpn-connection": { + "resource_type": "vpn-connection", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AuthenticationType", + "ec2:DPDTimeoutSeconds", + "ec2:GatewayType", + "ec2:IKEVersions", + "ec2:InsideTunnelCidr", + "ec2:InsideTunnelIpv6Cidr", + "ec2:Phase1DHGroup", + "ec2:Phase1EncryptionAlgorithms", + "ec2:Phase1IntegrityAlgorithms", + "ec2:Phase1LifetimeSeconds", + "ec2:Phase2DHGroup", + "ec2:Phase2EncryptionAlgorithms", + "ec2:Phase2IntegrityAlgorithms", + "ec2:Phase2LifetimeSeconds", + "ec2:PreSharedKeys", + "ec2:RekeyFuzzPercentage", + "ec2:RekeyMarginTimeSeconds", + "ec2:ReplayWindowSizePackets", + "ec2:ResourceTag/${TagKey}", + "ec2:RoutingType" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:CreateAction", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "capacity-reservation-fleet": "capacity-reservation-fleet", + "carrier-gateway": "carrier-gateway", + "client-vpn-endpoint": "client-vpn-endpoint", + "coip-pool": "coip-pool", + "customer-gateway": "customer-gateway", + "dedicated-host": "dedicated-host", + "dhcp-options": "dhcp-options", + "egress-only-internet-gateway": "egress-only-internet-gateway", + "elastic-gpu": "elastic-gpu", + "elastic-ip": "elastic-ip", + "export-image-task": "export-image-task", + "export-instance-task": "export-instance-task", + "fleet": "fleet", + "fpga-image": "fpga-image", + "host-reservation": "host-reservation", + "image": "image", + "import-image-task": "import-image-task", + "import-snapshot-task": "import-snapshot-task", + "instance": "instance", + "instance-connect-endpoint": "instance-connect-endpoint", + "instance-event-window": "instance-event-window", + "internet-gateway": "internet-gateway", + "ipam": "ipam", + "ipam-pool": "ipam-pool", + "ipam-resource-discovery": "ipam-resource-discovery", + "ipam-resource-discovery-association": "ipam-resource-discovery-association", + "ipam-scope": "ipam-scope", + "ipv4pool-ec2": "ipv4pool-ec2", + "ipv6pool-ec2": "ipv6pool-ec2", + "key-pair": "key-pair", + "launch-template": "launch-template", + "local-gateway": "local-gateway", + "local-gateway-route-table": "local-gateway-route-table", + "local-gateway-route-table-virtual-interface-group-association": "local-gateway-route-table-virtual-interface-group-association", + "local-gateway-route-table-vpc-association": "local-gateway-route-table-vpc-association", + "local-gateway-virtual-interface": "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group": "local-gateway-virtual-interface-group", + "natgateway": "natgateway", + "network-acl": "network-acl", + "network-insights-access-scope": "network-insights-access-scope", + "network-insights-access-scope-analysis": "network-insights-access-scope-analysis", + "network-insights-analysis": "network-insights-analysis", + "network-insights-path": "network-insights-path", + "network-interface": "network-interface", + "placement-group": "placement-group", + "prefix-list": "prefix-list", + "replace-root-volume-task": "replace-root-volume-task", + "reserved-instances": "reserved-instances", + "route-table": "route-table", + "security-group": "security-group", + "security-group-rule": "security-group-rule", + "snapshot": "snapshot", + "spot-fleet-request": "spot-fleet-request", + "spot-instances-request": "spot-instances-request", + "subnet": "subnet", + "subnet-cidr-reservation": "subnet-cidr-reservation", + "traffic-mirror-filter": "traffic-mirror-filter", + "traffic-mirror-session": "traffic-mirror-session", + "traffic-mirror-target": "traffic-mirror-target", + "transit-gateway": "transit-gateway", + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-connect-peer": "transit-gateway-connect-peer", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "transit-gateway-policy-table": "transit-gateway-policy-table", + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-route-table-announcement": "transit-gateway-route-table-announcement", + "verified-access-endpoint": "verified-access-endpoint", + "verified-access-group": "verified-access-group", + "verified-access-instance": "verified-access-instance", + "verified-access-policy": "verified-access-policy", + "verified-access-trust-provider": "verified-access-trust-provider", + "volume": "volume", + "vpc": "vpc", + "vpc-endpoint": "vpc-endpoint", + "vpc-endpoint-connection": "vpc-endpoint-connection", + "vpc-endpoint-service": "vpc-endpoint-service", + "vpc-endpoint-service-permission": "vpc-endpoint-service-permission", + "vpc-flow-log": "vpc-flow-log", + "vpc-peering-connection": "vpc-peering-connection", + "vpn-connection": "vpn-connection", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html" + }, + "CreateTrafficMirrorFilter": { + "privilege": "CreateTrafficMirrorFilter", + "description": "Grants permission to create a traffic mirror filter", + "access_level": "Write", + "resource_types": { + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-filter": "traffic-mirror-filter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilter.html" + }, + "CreateTrafficMirrorFilterRule": { + "privilege": "CreateTrafficMirrorFilterRule", + "description": "Grants permission to create a traffic mirror filter rule", + "access_level": "Write", + "resource_types": { + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-filter": "traffic-mirror-filter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilterRule.html" + }, + "CreateTrafficMirrorSession": { + "privilege": "CreateTrafficMirrorSession", + "description": "Grants permission to create a traffic mirror session", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-session": { + "resource_type": "traffic-mirror-session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "traffic-mirror-target": { + "resource_type": "traffic-mirror-target", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "traffic-mirror-filter": "traffic-mirror-filter", + "traffic-mirror-session": "traffic-mirror-session", + "traffic-mirror-target": "traffic-mirror-target", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorSession.html" + }, + "CreateTrafficMirrorTarget": { + "privilege": "CreateTrafficMirrorTarget", + "description": "Grants permission to create a traffic mirror target", + "access_level": "Write", + "resource_types": { + "traffic-mirror-target": { + "resource_type": "traffic-mirror-target", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:VpceServiceName", + "ec2:VpceServiceOwner" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-target": "traffic-mirror-target", + "network-interface": "network-interface", + "vpc-endpoint": "vpc-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorTarget.html" + }, + "CreateTransitGateway": { + "privilege": "CreateTransitGateway", + "description": "Grants permission to create a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway": "transit-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGateway.html" + }, + "CreateTransitGatewayConnect": { + "privilege": "CreateTransitGatewayConnect", + "description": "Grants permission to create a Connect attachment from a specified transit gateway attachment", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayConnect.html" + }, + "CreateTransitGatewayConnectPeer": { + "privilege": "CreateTransitGatewayConnectPeer", + "description": "Grants permission to create a Connect peer between a transit gateway and an appliance", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "transit-gateway-connect-peer": { + "resource_type": "transit-gateway-connect-peer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-connect-peer": "transit-gateway-connect-peer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayConnectPeer.html" + }, + "CreateTransitGatewayMulticastDomain": { + "privilege": "CreateTransitGatewayMulticastDomain", + "description": "Grants permission to create a multicast domain for a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway": "transit-gateway", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayMulticastDomain.html" + }, + "CreateTransitGatewayPeeringAttachment": { + "privilege": "CreateTransitGatewayPeeringAttachment", + "description": "Grants permission to request a transit gateway peering attachment between a requester and accepter transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway": "transit-gateway", + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayPeeringAttachment.html" + }, + "CreateTransitGatewayPolicyTable": { + "privilege": "CreateTransitGatewayPolicyTable", + "description": "Grants permission to create a transit gateway policy table", + "access_level": "Write", + "resource_types": { + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway": "transit-gateway", + "transit-gateway-policy-table": "transit-gateway-policy-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayPolicyTable.html" + }, + "CreateTransitGatewayPrefixListReference": { + "privilege": "CreateTransitGatewayPrefixListReference", + "description": "Grants permission to create a transit gateway prefix list reference", + "access_level": "Write", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayPrefixListReference.html" + }, + "CreateTransitGatewayRoute": { + "privilege": "CreateTransitGatewayRoute", + "description": "Grants permission to create a static route for a transit gateway route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayRoute.html" + }, + "CreateTransitGatewayRouteTable": { + "privilege": "CreateTransitGatewayRouteTable", + "description": "Grants permission to create a route table for a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway": "transit-gateway", + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayRouteTable.html" + }, + "CreateTransitGatewayRouteTableAnnouncement": { + "privilege": "CreateTransitGatewayRouteTableAnnouncement", + "description": "Grants permission to create an announcement for a transit gateway route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table-announcement": { + "resource_type": "transit-gateway-route-table-announcement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-route-table-announcement": "transit-gateway-route-table-announcement", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayRouteTableAnnouncement.html" + }, + "CreateTransitGatewayVpcAttachment": { + "privilege": "CreateTransitGatewayVpcAttachment", + "description": "Grants permission to attach a VPC to a transit gateway", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "transit-gateway": "transit-gateway", + "transit-gateway-attachment": "transit-gateway-attachment", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTransitGatewayVpcAttachment.html" + }, + "CreateVerifiedAccessEndpoint": { + "privilege": "CreateVerifiedAccessEndpoint", + "description": "Grants permission to create a Verified Access endpoint", + "access_level": "Write", + "resource_types": { + "verified-access-endpoint": { + "resource_type": "verified-access-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "verified-access-group": { + "resource_type": "verified-access-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-endpoint": "verified-access-endpoint", + "verified-access-group": "verified-access-group", + "network-interface": "network-interface", + "security-group": "security-group", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessEndpoint.html" + }, + "CreateVerifiedAccessGroup": { + "privilege": "CreateVerifiedAccessGroup", + "description": "Grants permission to create a Verified Access group", + "access_level": "Write", + "resource_types": { + "verified-access-group": { + "resource_type": "verified-access-group", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-group": "verified-access-group", + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessGroup.html" + }, + "CreateVerifiedAccessInstance": { + "privilege": "CreateVerifiedAccessInstance", + "description": "Grants permission to create a Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessInstance.html" + }, + "CreateVerifiedAccessTrustProvider": { + "privilege": "CreateVerifiedAccessTrustProvider", + "description": "Grants permission to create a verified trust provider", + "access_level": "Write", + "resource_types": { + "verified-access-trust-provider": { + "resource_type": "verified-access-trust-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-trust-provider": "verified-access-trust-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessTrustProvider.html" + }, + "CreateVolume": { + "privilege": "CreateVolume", + "description": "Grants permission to create an EBS volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:KmsKeyId", + "ec2:ParentSnapshot", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html" + }, + "CreateVpc": { + "privilege": "CreateVpc", + "description": "Grants permission to create a VPC with a specified CIDR block", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "ec2:Ipv4IpamPoolId", + "ec2:Ipv6IpamPoolId", + "ec2:VpcID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv6pool-ec2": { + "resource_type": "ipv6pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "ipam-pool": "ipam-pool", + "ipv6pool-ec2": "ipv6pool-ec2", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpc.html" + }, + "CreateVpcEndpoint": { + "privilege": "CreateVpcEndpoint", + "description": "Grants permission to create a VPC endpoint for an AWS service", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcID" + ], + "dependent_actions": [ + "ec2:CreateTags", + "route53:AssociateVPCWithHostedZone" + ] + }, + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": true, + "condition_keys": [ + "ec2:VpceServiceName", + "ec2:VpceServiceOwner" + ], + "dependent_actions": [] + }, + "route-table": { + "resource_type": "route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "vpc-endpoint": "vpc-endpoint", + "route-table": "route-table", + "security-group": "security-group", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpoint.html" + }, + "CreateVpcEndpointConnectionNotification": { + "privilege": "CreateVpcEndpointConnectionNotification", + "description": "Grants permission to create a connection notification for a VPC endpoint or VPC endpoint service", + "access_level": "Write", + "resource_types": { + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint": "vpc-endpoint", + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointConnectionNotification.html" + }, + "CreateVpcEndpointServiceConfiguration": { + "privilege": "CreateVpcEndpointServiceConfiguration", + "description": "Grants permission to create a VPC endpoint service configuration to which service consumers (AWS accounts, IAM users, and IAM roles) can connect", + "access_level": "Write", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "ec2:VpceServicePrivateDnsName" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpointServiceConfiguration.html" + }, + "CreateVpcPeeringConnection": { + "privilege": "CreateVpcPeeringConnection", + "description": "Grants permission to request a VPC peering connection between two VPCs", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": true, + "condition_keys": [ + "ec2:AccepterVpc", + "ec2:RequesterVpc", + "ec2:VpcPeeringConnectionID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "vpc-peering-connection": "vpc-peering-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcPeeringConnection.html" + }, + "CreateVpnConnection": { + "privilege": "CreateVpnConnection", + "description": "Grants permission to create a VPN connection between a virtual private gateway or transit gateway and a customer gateway", + "access_level": "Write", + "resource_types": { + "customer-gateway": { + "resource_type": "customer-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "ec2:AuthenticationType", + "ec2:DPDTimeoutSeconds", + "ec2:GatewayType", + "ec2:IKEVersions", + "ec2:InsideTunnelCidr", + "ec2:InsideTunnelIpv6Cidr", + "ec2:Phase1DHGroup", + "ec2:Phase1EncryptionAlgorithms", + "ec2:Phase1IntegrityAlgorithms", + "ec2:Phase1LifetimeSeconds", + "ec2:Phase2DHGroup", + "ec2:Phase2EncryptionAlgorithms", + "ec2:Phase2IntegrityAlgorithms", + "ec2:Phase2LifetimeSeconds", + "ec2:PreSharedKeys", + "ec2:RekeyFuzzPercentage", + "ec2:RekeyMarginTimeSeconds", + "ec2:ReplayWindowSizePackets", + "ec2:RoutingType" + ], + "dependent_actions": [] + }, + "transit-gateway": { + "resource_type": "transit-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-gateway": "customer-gateway", + "vpn-connection": "vpn-connection", + "transit-gateway": "transit-gateway", + "transit-gateway-attachment": "transit-gateway-attachment", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpnConnection.html" + }, + "CreateVpnConnectionRoute": { + "privilege": "CreateVpnConnectionRoute", + "description": "Grants permission to create a static route for a VPN connection between a virtual private gateway and a customer gateway", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpnConnectionRoute.html" + }, + "CreateVpnGateway": { + "privilege": "CreateVpnGateway", + "description": "Grants permission to create a virtual private gateway", + "access_level": "Write", + "resource_types": { + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpnGateway.html" + }, + "DeleteCarrierGateway": { + "privilege": "DeleteCarrierGateway", + "description": "Grants permission to delete a carrier gateway", + "access_level": "Write", + "resource_types": { + "carrier-gateway": { + "resource_type": "carrier-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "carrier-gateway": "carrier-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCarrierGateway.html" + }, + "DeleteClientVpnEndpoint": { + "privilege": "DeleteClientVpnEndpoint", + "description": "Grants permission to delete a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteClientVpnEndpoint.html" + }, + "DeleteClientVpnRoute": { + "privilege": "DeleteClientVpnRoute", + "description": "Grants permission to delete a route from a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteClientVpnRoute.html" + }, + "DeleteCoipCidr": { + "privilege": "DeleteCoipCidr", + "description": "Grants permission to delete a range of customer-owned IP (CoIP) addresses", + "access_level": "Write", + "resource_types": { + "coip-pool": { + "resource_type": "coip-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coip-pool": "coip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCoipCidr.html" + }, + "DeleteCoipPool": { + "privilege": "DeleteCoipPool", + "description": "Grants permission to delete a pool of customer-owned IP (CoIP) addresses", + "access_level": "Write", + "resource_types": { + "coip-pool": { + "resource_type": "coip-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coip-pool": "coip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCoipPool.html" + }, + "DeleteCoipPoolPermission": { + "privilege": "DeleteCoipPoolPermission", + "description": "Grants permission to deny a service from accessing a customer-owned IP (CoIP) pool", + "access_level": "Write", + "resource_types": { + "coip-pool": { + "resource_type": "coip-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coip-pool": "coip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" + }, + "DeleteCustomerGateway": { + "privilege": "DeleteCustomerGateway", + "description": "Grants permission to delete a customer gateway", + "access_level": "Write", + "resource_types": { + "customer-gateway": { + "resource_type": "customer-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-gateway": "customer-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteCustomerGateway.html" + }, + "DeleteDhcpOptions": { + "privilege": "DeleteDhcpOptions", + "description": "Grants permission to delete a set of DHCP options", + "access_level": "Write", + "resource_types": { + "dhcp-options": { + "resource_type": "dhcp-options", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:DhcpOptionsID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dhcp-options": "dhcp-options", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteDhcpOptions.html" + }, + "DeleteEgressOnlyInternetGateway": { + "privilege": "DeleteEgressOnlyInternetGateway", + "description": "Grants permission to delete an egress-only internet gateway", + "access_level": "Write", + "resource_types": { + "egress-only-internet-gateway": { + "resource_type": "egress-only-internet-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "egress-only-internet-gateway": "egress-only-internet-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteEgressOnlyInternetGateway.html" + }, + "DeleteFleets": { + "privilege": "DeleteFleets", + "description": "Grants permission to delete one or more EC2 Fleets", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteFleets.html" + }, + "DeleteFlowLogs": { + "privilege": "DeleteFlowLogs", + "description": "Grants permission to delete one or more flow logs", + "access_level": "Write", + "resource_types": { + "vpc-flow-log": { + "resource_type": "vpc-flow-log", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-flow-log": "vpc-flow-log", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteFlowLogs.html" + }, + "DeleteFpgaImage": { + "privilege": "DeleteFpgaImage", + "description": "Grants permission to delete an Amazon FPGA Image (AFI)", + "access_level": "Write", + "resource_types": { + "fpga-image": { + "resource_type": "fpga-image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fpga-image": "fpga-image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteFpgaImage.html" + }, + "DeleteInstanceConnectEndpoint": { + "privilege": "DeleteInstanceConnectEndpoint", + "description": "Grants permission to delete an EC2 Instance Connect Endpoint", + "access_level": "Write", + "resource_types": { + "instance-connect-endpoint": { + "resource_type": "instance-connect-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-connect-endpoint": "instance-connect-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteInstanceConnectEndpoint.html" + }, + "DeleteInstanceEventWindow": { + "privilege": "DeleteInstanceEventWindow", + "description": "Grants permission to delete the specified event window", + "access_level": "Write", + "resource_types": { + "instance-event-window": { + "resource_type": "instance-event-window", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-event-window": "instance-event-window", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteInstanceEventWindow.html" + }, + "DeleteInternetGateway": { + "privilege": "DeleteInternetGateway", + "description": "Grants permission to delete an internet gateway", + "access_level": "Write", + "resource_types": { + "internet-gateway": { + "resource_type": "internet-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "internet-gateway": "internet-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteInternetGateway.html" + }, + "DeleteIpam": { + "privilege": "DeleteIpam", + "description": "Grants permission to delete an Amazon VPC IP Address Manager (IPAM) and remove all monitored data associated with the IPAM including the historical data for CIDRs", + "access_level": "Write", + "resource_types": { + "ipam": { + "resource_type": "ipam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam": "ipam", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpam.html" + }, + "DeleteIpamPool": { + "privilege": "DeleteIpamPool", + "description": "Grants permission to delete an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpamPool.html" + }, + "DeleteIpamResourceDiscovery": { + "privilege": "DeleteIpamResourceDiscovery", + "description": "Grants permission to delete an IPAM resource discovery", + "access_level": "Write", + "resource_types": { + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-resource-discovery": "ipam-resource-discovery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpamResourceDiscovery.html" + }, + "DeleteIpamScope": { + "privilege": "DeleteIpamScope", + "description": "Grants permission to delete the scope for an Amazon VPC IP Address Manager (IPAM)", + "access_level": "Write", + "resource_types": { + "ipam-scope": { + "resource_type": "ipam-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-scope": "ipam-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteIpamScope.html" + }, + "DeleteKeyPair": { + "privilege": "DeleteKeyPair", + "description": "Grants permission to delete a key pair by removing the public key from Amazon EC2", + "access_level": "Write", + "resource_types": { + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:KeyPairName", + "ec2:KeyPairType", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key-pair": "key-pair", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteKeyPair.html" + }, + "DeleteLaunchTemplate": { + "privilege": "DeleteLaunchTemplate", + "description": "Grants permission to delete a launch template and its associated versions", + "access_level": "Write", + "resource_types": { + "launch-template": { + "resource_type": "launch-template", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-template": "launch-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLaunchTemplate.html" + }, + "DeleteLaunchTemplateVersions": { + "privilege": "DeleteLaunchTemplateVersions", + "description": "Grants permission to delete one or more versions of a launch template", + "access_level": "Write", + "resource_types": { + "launch-template": { + "resource_type": "launch-template", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-template": "launch-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLaunchTemplateVersions.html" + }, + "DeleteLocalGatewayRoute": { + "privilege": "DeleteLocalGatewayRoute", + "description": "Grants permission to delete a route from a local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "prefix-list": { + "resource_type": "prefix-list", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRoute.html" + }, + "DeleteLocalGatewayRouteTable": { + "privilege": "DeleteLocalGatewayRouteTable", + "description": "Grants permission to delete a local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRouteTable.html" + }, + "DeleteLocalGatewayRouteTablePermission": { + "privilege": "DeleteLocalGatewayRouteTablePermission", + "description": "Grants permission to deny a service from accessing a local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" + }, + "DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "privilege": "DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", + "description": "Grants permission to delete a local gateway route table virtual interface group association", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table-virtual-interface-group-association": { + "resource_type": "local-gateway-route-table-virtual-interface-group-association", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table-virtual-interface-group-association": "local-gateway-route-table-virtual-interface-group-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation.html" + }, + "DeleteLocalGatewayRouteTableVpcAssociation": { + "privilege": "DeleteLocalGatewayRouteTableVpcAssociation", + "description": "Grants permission to delete an association between a VPC and local gateway route table", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table-vpc-association": { + "resource_type": "local-gateway-route-table-vpc-association", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table-vpc-association": "local-gateway-route-table-vpc-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteLocalGatewayRouteTableVpcAssociation.html" + }, + "DeleteManagedPrefixList": { + "privilege": "DeleteManagedPrefixList", + "description": "Grants permission to delete a managed prefix list", + "access_level": "Write", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteManagedPrefixList.html" + }, + "DeleteNatGateway": { + "privilege": "DeleteNatGateway", + "description": "Grants permission to delete a NAT gateway", + "access_level": "Write", + "resource_types": { + "natgateway": { + "resource_type": "natgateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "natgateway": "natgateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNatGateway.html" + }, + "DeleteNetworkAcl": { + "privilege": "DeleteNetworkAcl", + "description": "Grants permission to delete a network ACL", + "access_level": "Write", + "resource_types": { + "network-acl": { + "resource_type": "network-acl", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkAclID", + "ec2:ResourceTag/${TagKey}", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-acl": "network-acl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkAcl.html" + }, + "DeleteNetworkAclEntry": { + "privilege": "DeleteNetworkAclEntry", + "description": "Grants permission to delete an inbound or outbound entry (rule) from a network ACL", + "access_level": "Write", + "resource_types": { + "network-acl": { + "resource_type": "network-acl", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkAclID", + "ec2:ResourceTag/${TagKey}", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-acl": "network-acl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkAclEntry.html" + }, + "DeleteNetworkInsightsAccessScope": { + "privilege": "DeleteNetworkInsightsAccessScope", + "description": "Grants permission to delete a Network Access Scope", + "access_level": "Write", + "resource_types": { + "network-insights-access-scope": { + "resource_type": "network-insights-access-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-access-scope": "network-insights-access-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsAccessScope.html" + }, + "DeleteNetworkInsightsAccessScopeAnalysis": { + "privilege": "DeleteNetworkInsightsAccessScopeAnalysis", + "description": "Grants permission to delete a Network Access Scope analysis", + "access_level": "Write", + "resource_types": { + "network-insights-access-scope-analysis": { + "resource_type": "network-insights-access-scope-analysis", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-access-scope-analysis": "network-insights-access-scope-analysis", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsAccessScopeAnalysis.html" + }, + "DeleteNetworkInsightsAnalysis": { + "privilege": "DeleteNetworkInsightsAnalysis", + "description": "Grants permission to delete a network insights analysis", + "access_level": "Write", + "resource_types": { + "network-insights-analysis": { + "resource_type": "network-insights-analysis", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-analysis": "network-insights-analysis", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsAnalysis.html" + }, + "DeleteNetworkInsightsPath": { + "privilege": "DeleteNetworkInsightsPath", + "description": "Grants permission to delete a network insights path", + "access_level": "Write", + "resource_types": { + "network-insights-path": { + "resource_type": "network-insights-path", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-path": "network-insights-path", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInsightsPath.html" + }, + "DeleteNetworkInterface": { + "privilege": "DeleteNetworkInterface", + "description": "Grants permission to delete a detached network interface", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInterface.html" + }, + "DeleteNetworkInterfacePermission": { + "privilege": "DeleteNetworkInterfacePermission", + "description": "Grants permission to delete a permission that is associated with a network interface", + "access_level": "Permissions management", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteNetworkInterfacePermission.html" + }, + "DeletePlacementGroup": { + "privilege": "DeletePlacementGroup", + "description": "Grants permission to delete a placement group", + "access_level": "Write", + "resource_types": { + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "placement-group": "placement-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeletePlacementGroup.html" + }, + "DeletePublicIpv4Pool": { + "privilege": "DeletePublicIpv4Pool", + "description": "Grants permission to delete a public IPv4 address pool for public IPv4 CIDRs that you own and brought to Amazon to manage with Amazon VPC IP Address Manager (IPAM)", + "access_level": "Write", + "resource_types": { + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipv4pool-ec2": "ipv4pool-ec2", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeletePublicIpv4Pool.html" + }, + "DeleteQueuedReservedInstances": { + "privilege": "DeleteQueuedReservedInstances", + "description": "Grants permission to delete the queued purchases for the specified Reserved Instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteQueuedReservedInstances.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to remove an IAM policy that enables cross-account sharing from a resource", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-group": { + "resource_type": "verified-access-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "placement-group": "placement-group", + "verified-access-group": "verified-access-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/share-pool-ipam.html" + }, + "DeleteRoute": { + "privilege": "DeleteRoute", + "description": "Grants permission to delete a route from a route table", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteRoute.html" + }, + "DeleteRouteTable": { + "privilege": "DeleteRouteTable", + "description": "Grants permission to delete a route table", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteRouteTable.html" + }, + "DeleteSecurityGroup": { + "privilege": "DeleteSecurityGroup", + "description": "Grants permission to delete a security group", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSecurityGroup.html" + }, + "DeleteSnapshot": { + "privilege": "DeleteSnapshot", + "description": "Grants permission to delete a snapshot of an EBS volume", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:OutpostArn", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSnapshot.html" + }, + "DeleteSpotDatafeedSubscription": { + "privilege": "DeleteSpotDatafeedSubscription", + "description": "Grants permission to delete a data feed for Spot Instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSpotDatafeedSubscription.html" + }, + "DeleteSubnet": { + "privilege": "DeleteSubnet", + "description": "Grants permission to delete a subnet", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSubnet.html" + }, + "DeleteSubnetCidrReservation": { + "privilege": "DeleteSubnetCidrReservation", + "description": "Grants permission to delete a subnet CIDR reservation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSubnetCidrReservation.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete one or more tags from Amazon EC2 resources", + "access_level": "Tagging", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "capacity-reservation-fleet": { + "resource_type": "capacity-reservation-fleet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "carrier-gateway": { + "resource_type": "carrier-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "coip-pool": { + "resource_type": "coip-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "customer-gateway": { + "resource_type": "customer-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "dedicated-host": { + "resource_type": "dedicated-host", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "dhcp-options": { + "resource_type": "dhcp-options", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "egress-only-internet-gateway": { + "resource_type": "egress-only-internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "elastic-gpu": { + "resource_type": "elastic-gpu", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "elastic-ip": { + "resource_type": "elastic-ip", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "export-image-task": { + "resource_type": "export-image-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "export-instance-task": { + "resource_type": "export-instance-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "fpga-image": { + "resource_type": "fpga-image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "host-reservation": { + "resource_type": "host-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "import-image-task": { + "resource_type": "import-image-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "import-snapshot-task": { + "resource_type": "import-snapshot-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "instance-connect-endpoint": { + "resource_type": "instance-connect-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "instance-event-window": { + "resource_type": "instance-event-window", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "internet-gateway": { + "resource_type": "internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam": { + "resource_type": "ipam", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-resource-discovery-association": { + "resource_type": "ipam-resource-discovery-association", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-scope": { + "resource_type": "ipam-scope", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv6pool-ec2": { + "resource_type": "ipv6pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway": { + "resource_type": "local-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-route-table-virtual-interface-group-association": { + "resource_type": "local-gateway-route-table-virtual-interface-group-association", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-route-table-vpc-association": { + "resource_type": "local-gateway-route-table-vpc-association", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-virtual-interface": { + "resource_type": "local-gateway-virtual-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-virtual-interface-group": { + "resource_type": "local-gateway-virtual-interface-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "natgateway": { + "resource_type": "natgateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-acl": { + "resource_type": "network-acl", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-insights-access-scope": { + "resource_type": "network-insights-access-scope", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-insights-access-scope-analysis": { + "resource_type": "network-insights-access-scope-analysis", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-insights-analysis": { + "resource_type": "network-insights-analysis", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-insights-path": { + "resource_type": "network-insights-path", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "prefix-list": { + "resource_type": "prefix-list", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "replace-root-volume-task": { + "resource_type": "replace-root-volume-task", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "reserved-instances": { + "resource_type": "reserved-instances", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "route-table": { + "resource_type": "route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "security-group-rule": { + "resource_type": "security-group-rule", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "spot-fleet-request": { + "resource_type": "spot-fleet-request", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "spot-instances-request": { + "resource_type": "spot-instances-request", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet-cidr-reservation": { + "resource_type": "subnet-cidr-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-session": { + "resource_type": "traffic-mirror-session", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-target": { + "resource_type": "traffic-mirror-target", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway": { + "resource_type": "transit-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-connect-peer": { + "resource_type": "transit-gateway-connect-peer", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table-announcement": { + "resource_type": "transit-gateway-route-table-announcement", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-endpoint": { + "resource_type": "verified-access-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-group": { + "resource_type": "verified-access-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-policy": { + "resource_type": "verified-access-policy", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-trust-provider": { + "resource_type": "verified-access-trust-provider", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-connection": { + "resource_type": "vpc-endpoint-connection", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service-permission": { + "resource_type": "vpc-endpoint-service-permission", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-flow-log": { + "resource_type": "vpc-flow-log", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpn-connection": { + "resource_type": "vpn-connection", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "capacity-reservation-fleet": "capacity-reservation-fleet", + "carrier-gateway": "carrier-gateway", + "client-vpn-endpoint": "client-vpn-endpoint", + "coip-pool": "coip-pool", + "customer-gateway": "customer-gateway", + "dedicated-host": "dedicated-host", + "dhcp-options": "dhcp-options", + "egress-only-internet-gateway": "egress-only-internet-gateway", + "elastic-gpu": "elastic-gpu", + "elastic-ip": "elastic-ip", + "export-image-task": "export-image-task", + "export-instance-task": "export-instance-task", + "fleet": "fleet", + "fpga-image": "fpga-image", + "host-reservation": "host-reservation", + "image": "image", + "import-image-task": "import-image-task", + "import-snapshot-task": "import-snapshot-task", + "instance": "instance", + "instance-connect-endpoint": "instance-connect-endpoint", + "instance-event-window": "instance-event-window", + "internet-gateway": "internet-gateway", + "ipam": "ipam", + "ipam-pool": "ipam-pool", + "ipam-resource-discovery": "ipam-resource-discovery", + "ipam-resource-discovery-association": "ipam-resource-discovery-association", + "ipam-scope": "ipam-scope", + "ipv4pool-ec2": "ipv4pool-ec2", + "ipv6pool-ec2": "ipv6pool-ec2", + "key-pair": "key-pair", + "launch-template": "launch-template", + "local-gateway": "local-gateway", + "local-gateway-route-table": "local-gateway-route-table", + "local-gateway-route-table-virtual-interface-group-association": "local-gateway-route-table-virtual-interface-group-association", + "local-gateway-route-table-vpc-association": "local-gateway-route-table-vpc-association", + "local-gateway-virtual-interface": "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group": "local-gateway-virtual-interface-group", + "natgateway": "natgateway", + "network-acl": "network-acl", + "network-insights-access-scope": "network-insights-access-scope", + "network-insights-access-scope-analysis": "network-insights-access-scope-analysis", + "network-insights-analysis": "network-insights-analysis", + "network-insights-path": "network-insights-path", + "network-interface": "network-interface", + "placement-group": "placement-group", + "prefix-list": "prefix-list", + "replace-root-volume-task": "replace-root-volume-task", + "reserved-instances": "reserved-instances", + "route-table": "route-table", + "security-group": "security-group", + "security-group-rule": "security-group-rule", + "snapshot": "snapshot", + "spot-fleet-request": "spot-fleet-request", + "spot-instances-request": "spot-instances-request", + "subnet": "subnet", + "subnet-cidr-reservation": "subnet-cidr-reservation", + "traffic-mirror-filter": "traffic-mirror-filter", + "traffic-mirror-session": "traffic-mirror-session", + "traffic-mirror-target": "traffic-mirror-target", + "transit-gateway": "transit-gateway", + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-connect-peer": "transit-gateway-connect-peer", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "transit-gateway-policy-table": "transit-gateway-policy-table", + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-route-table-announcement": "transit-gateway-route-table-announcement", + "verified-access-endpoint": "verified-access-endpoint", + "verified-access-group": "verified-access-group", + "verified-access-instance": "verified-access-instance", + "verified-access-policy": "verified-access-policy", + "verified-access-trust-provider": "verified-access-trust-provider", + "volume": "volume", + "vpc": "vpc", + "vpc-endpoint": "vpc-endpoint", + "vpc-endpoint-connection": "vpc-endpoint-connection", + "vpc-endpoint-service": "vpc-endpoint-service", + "vpc-endpoint-service-permission": "vpc-endpoint-service-permission", + "vpc-flow-log": "vpc-flow-log", + "vpc-peering-connection": "vpc-peering-connection", + "vpn-connection": "vpn-connection", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTags.html" + }, + "DeleteTrafficMirrorFilter": { + "privilege": "DeleteTrafficMirrorFilter", + "description": "Grants permission to delete a traffic mirror filter", + "access_level": "Write", + "resource_types": { + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-filter": "traffic-mirror-filter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorFilter.html" + }, + "DeleteTrafficMirrorFilterRule": { + "privilege": "DeleteTrafficMirrorFilterRule", + "description": "Grants permission to delete a traffic mirror filter rule", + "access_level": "Write", + "resource_types": { + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-filter-rule": { + "resource_type": "traffic-mirror-filter-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-filter": "traffic-mirror-filter", + "traffic-mirror-filter-rule": "traffic-mirror-filter-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorFilterRule.html" + }, + "DeleteTrafficMirrorSession": { + "privilege": "DeleteTrafficMirrorSession", + "description": "Grants permission to delete a traffic mirror session", + "access_level": "Write", + "resource_types": { + "traffic-mirror-session": { + "resource_type": "traffic-mirror-session", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-session": "traffic-mirror-session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorSession.html" + }, + "DeleteTrafficMirrorTarget": { + "privilege": "DeleteTrafficMirrorTarget", + "description": "Grants permission to delete a traffic mirror target", + "access_level": "Write", + "resource_types": { + "traffic-mirror-target": { + "resource_type": "traffic-mirror-target", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-target": "traffic-mirror-target", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTrafficMirrorTarget.html" + }, + "DeleteTransitGateway": { + "privilege": "DeleteTransitGateway", + "description": "Grants permission to delete a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway": "transit-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGateway.html" + }, + "DeleteTransitGatewayConnect": { + "privilege": "DeleteTransitGatewayConnect", + "description": "Grants permission to delete a transit gateway connect attachment", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayConnect.html" + }, + "DeleteTransitGatewayConnectPeer": { + "privilege": "DeleteTransitGatewayConnectPeer", + "description": "Grants permission to delete a transit gateway connect peer", + "access_level": "Write", + "resource_types": { + "transit-gateway-connect-peer": { + "resource_type": "transit-gateway-connect-peer", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-connect-peer": "transit-gateway-connect-peer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayConnectPeer.html" + }, + "DeleteTransitGatewayMulticastDomain": { + "privilege": "DeleteTransitGatewayMulticastDomain", + "description": "Grants permission to delete a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayMulticastDomain.html" + }, + "DeleteTransitGatewayPeeringAttachment": { + "privilege": "DeleteTransitGatewayPeeringAttachment", + "description": "Grants permission to delete a peering attachment from a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayPeeringAttachment.html" + }, + "DeleteTransitGatewayPolicyTable": { + "privilege": "DeleteTransitGatewayPolicyTable", + "description": "Grants permission to delete a transit gateway policy table", + "access_level": "Write", + "resource_types": { + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-policy-table": "transit-gateway-policy-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayPolicyTable.html" + }, + "DeleteTransitGatewayPrefixListReference": { + "privilege": "DeleteTransitGatewayPrefixListReference", + "description": "Grants permission to delete a transit gateway prefix list reference", + "access_level": "Write", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayPrefixListReference.html" + }, + "DeleteTransitGatewayRoute": { + "privilege": "DeleteTransitGatewayRoute", + "description": "Grants permission to delete a route from a transit gateway route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayRoute.html" + }, + "DeleteTransitGatewayRouteTable": { + "privilege": "DeleteTransitGatewayRouteTable", + "description": "Grants permission to delete a transit gateway route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayRouteTable.html" + }, + "DeleteTransitGatewayRouteTableAnnouncement": { + "privilege": "DeleteTransitGatewayRouteTableAnnouncement", + "description": "Grants permission to delete a transit gateway route table announcement", + "access_level": "Write", + "resource_types": { + "transit-gateway-route-table-announcement": { + "resource_type": "transit-gateway-route-table-announcement", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table-announcement": "transit-gateway-route-table-announcement", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayRouteTableAnnouncement.html" + }, + "DeleteTransitGatewayVpcAttachment": { + "privilege": "DeleteTransitGatewayVpcAttachment", + "description": "Grants permission to delete a VPC attachment from a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteTransitGatewayVpcAttachment.html" + }, + "DeleteVerifiedAccessEndpoint": { + "privilege": "DeleteVerifiedAccessEndpoint", + "description": "Grants permission to delete a Verified Access endpoint", + "access_level": "Write", + "resource_types": { + "verified-access-endpoint": { + "resource_type": "verified-access-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-endpoint": "verified-access-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessEndpoint.html" + }, + "DeleteVerifiedAccessGroup": { + "privilege": "DeleteVerifiedAccessGroup", + "description": "Grants permission to delete a Verified Access group", + "access_level": "Write", + "resource_types": { + "verified-access-group": { + "resource_type": "verified-access-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-group": "verified-access-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessGroup.html" + }, + "DeleteVerifiedAccessInstance": { + "privilege": "DeleteVerifiedAccessInstance", + "description": "Grants permission to delete a Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessInstance.html" + }, + "DeleteVerifiedAccessTrustProvider": { + "privilege": "DeleteVerifiedAccessTrustProvider", + "description": "Grants permission to delete a verified trust provider", + "access_level": "Write", + "resource_types": { + "verified-access-trust-provider": { + "resource_type": "verified-access-trust-provider", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-trust-provider": "verified-access-trust-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessTrustProvider.html" + }, + "DeleteVolume": { + "privilege": "DeleteVolume", + "description": "Grants permission to delete an EBS volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVolume.html" + }, + "DeleteVpc": { + "privilege": "DeleteVpc", + "description": "Grants permission to delete a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpc.html" + }, + "DeleteVpcEndpointConnectionNotifications": { + "privilege": "DeleteVpcEndpointConnectionNotifications", + "description": "Grants permission to delete one or more VPC endpoint connection notifications", + "access_level": "Write", + "resource_types": { + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint": "vpc-endpoint", + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcEndpointConnectionNotifications.html" + }, + "DeleteVpcEndpointServiceConfigurations": { + "privilege": "DeleteVpcEndpointServiceConfigurations", + "description": "Grants permission to delete one or more VPC endpoint service configurations", + "access_level": "Write", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcEndpointServiceConfigurations.html" + }, + "DeleteVpcEndpoints": { + "privilege": "DeleteVpcEndpoints", + "description": "Grants permission to delete one or more VPC endpoints", + "access_level": "Write", + "resource_types": { + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:VpceServiceName" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint": "vpc-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcEndpoints.html" + }, + "DeleteVpcPeeringConnection": { + "privilege": "DeleteVpcPeeringConnection", + "description": "Grants permission to delete a VPC peering connection", + "access_level": "Write", + "resource_types": { + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AccepterVpc", + "ec2:RequesterVpc", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcPeeringConnectionID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-peering-connection": "vpc-peering-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpcPeeringConnection.html" + }, + "DeleteVpnConnection": { + "privilege": "DeleteVpnConnection", + "description": "Grants permission to delete a VPN connection", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpnConnection.html" + }, + "DeleteVpnConnectionRoute": { + "privilege": "DeleteVpnConnectionRoute", + "description": "Grants permission to delete a static route for a VPN connection between a virtual private gateway and a customer gateway", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpnConnectionRoute.html" + }, + "DeleteVpnGateway": { + "privilege": "DeleteVpnGateway", + "description": "Grants permission to delete a virtual private gateway", + "access_level": "Write", + "resource_types": { + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVpnGateway.html" + }, + "DeprovisionByoipCidr": { + "privilege": "DeprovisionByoipCidr", + "description": "Grants permission to release an IP address range that was provisioned through bring your own IP addresses (BYOIP), and to delete the corresponding address pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeprovisionByoipCidr.html" + }, + "DeprovisionIpamPoolCidr": { + "privilege": "DeprovisionIpamPoolCidr", + "description": "Grants permission to deprovision a CIDR provisioned from an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeprovisionIpamPoolCidr.html" + }, + "DeprovisionPublicIpv4PoolCidr": { + "privilege": "DeprovisionPublicIpv4PoolCidr", + "description": "Grants permission to deprovision a CIDR from a public IPv4 pool", + "access_level": "Write", + "resource_types": { + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipv4pool-ec2": "ipv4pool-ec2", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeprovisionPublicIpv4PoolCidr.html" + }, + "DeregisterImage": { + "privilege": "DeregisterImage", + "description": "Grants permission to deregister an Amazon Machine Image (AMI)", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterImage.html" + }, + "DeregisterInstanceEventNotificationAttributes": { + "privilege": "DeregisterInstanceEventNotificationAttributes", + "description": "Grants permission to remove tags from the set of tags to include in notifications about scheduled events for your instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterInstanceEventNotificationAttributes.html" + }, + "DeregisterTransitGatewayMulticastGroupMembers": { + "privilege": "DeregisterTransitGatewayMulticastGroupMembers", + "description": "Grants permission to deregister one or more network interface members from a group IP address in a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterTransitGatewayMulticastGroupMembers.html" + }, + "DeregisterTransitGatewayMulticastGroupSources": { + "privilege": "DeregisterTransitGatewayMulticastGroupSources", + "description": "Grants permission to deregister one or more network interface sources from a group IP address in a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeregisterTransitGatewayMulticastGroupSources.html" + }, + "DescribeAccountAttributes": { + "privilege": "DescribeAccountAttributes", + "description": "Grants permission to describe the attributes of the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAccountAttributes.html" + }, + "DescribeAddressTransfers": { + "privilege": "DescribeAddressTransfers", + "description": "Grants permission to describe an Elastic IP address transfer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddressTransfers.html" + }, + "DescribeAddresses": { + "privilege": "DescribeAddresses", + "description": "Grants permission to describe one or more Elastic IP addresses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html" + }, + "DescribeAddressesAttribute": { + "privilege": "DescribeAddressesAttribute", + "description": "Grants permission to describe the attributes of the specified Elastic IP addresses", + "access_level": "List", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddressesAttribute.html" + }, + "DescribeAggregateIdFormat": { + "privilege": "DescribeAggregateIdFormat", + "description": "Grants permission to describe the longer ID format settings for all resource types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAggregateIdFormat.html" + }, + "DescribeAvailabilityZones": { + "privilege": "DescribeAvailabilityZones", + "description": "Grants permission to describe one or more of the Availability Zones that are available to you", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html" + }, + "DescribeAwsNetworkPerformanceMetricSubscriptions": { + "privilege": "DescribeAwsNetworkPerformanceMetricSubscriptions", + "description": "Grants permission to describe the current infrastructure performance metric subscriptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAwsNetworkPerformanceMetricSubscriptions.html" + }, + "DescribeBundleTasks": { + "privilege": "DescribeBundleTasks", + "description": "Grants permission to describe one or more bundling tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeBundleTasks.html" + }, + "DescribeByoipCidrs": { + "privilege": "DescribeByoipCidrs", + "description": "Grants permission to describe the IP address ranges that were provisioned through bring your own IP addresses (BYOIP)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeByoipCidrs.html" + }, + "DescribeCapacityReservationFleets": { + "privilege": "DescribeCapacityReservationFleets", + "description": "Grants permission to describe one or more Capacity Reservation Fleets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCapacityReservationFleets.html" + }, + "DescribeCapacityReservations": { + "privilege": "DescribeCapacityReservations", + "description": "Grants permission to describe one or more Capacity Reservations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCapacityReservations.html" + }, + "DescribeCarrierGateways": { + "privilege": "DescribeCarrierGateways", + "description": "Grants permission to describe one or more Carrier Gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCarrierGateways.html" + }, + "DescribeClassicLinkInstances": { + "privilege": "DescribeClassicLinkInstances", + "description": "Grants permission to describe one or more linked EC2-Classic instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClassicLinkInstances.html" + }, + "DescribeClientVpnAuthorizationRules": { + "privilege": "DescribeClientVpnAuthorizationRules", + "description": "Grants permission to describe the authorization rules for a Client VPN endpoint", + "access_level": "List", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnAuthorizationRules.html" + }, + "DescribeClientVpnConnections": { + "privilege": "DescribeClientVpnConnections", + "description": "Grants permission to describe active client connections and connections that have been terminated within the last 60 minutes for a Client VPN endpoint", + "access_level": "List", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnConnections.html" + }, + "DescribeClientVpnEndpoints": { + "privilege": "DescribeClientVpnEndpoints", + "description": "Grants permission to describe one or more Client VPN endpoints", + "access_level": "List", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnEndpoints.html" + }, + "DescribeClientVpnRoutes": { + "privilege": "DescribeClientVpnRoutes", + "description": "Grants permission to describe the routes for a Client VPN endpoint", + "access_level": "List", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnRoutes.html" + }, + "DescribeClientVpnTargetNetworks": { + "privilege": "DescribeClientVpnTargetNetworks", + "description": "Grants permission to describe the target networks that are associated with a Client VPN endpoint", + "access_level": "List", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeClientVpnTargetNetworks.html" + }, + "DescribeCoipPools": { + "privilege": "DescribeCoipPools", + "description": "Grants permission to describe the specified customer-owned address pools or all of your customer-owned address pools", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html" + }, + "DescribeConversionTasks": { + "privilege": "DescribeConversionTasks", + "description": "Grants permission to describe one or more conversion tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeConversionTasks.html" + }, + "DescribeCustomerGateways": { + "privilege": "DescribeCustomerGateways", + "description": "Grants permission to describe one or more customer gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html" + }, + "DescribeDhcpOptions": { + "privilege": "DescribeDhcpOptions", + "description": "Grants permission to describe one or more DHCP options sets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeDhcpOptions.html" + }, + "DescribeEgressOnlyInternetGateways": { + "privilege": "DescribeEgressOnlyInternetGateways", + "description": "Grants permission to describe one or more egress-only internet gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeEgressOnlyInternetGateways.html" + }, + "DescribeElasticGpus": { + "privilege": "DescribeElasticGpus", + "description": "Grants permission to describe an Elastic Graphics accelerator that is associated with an instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeElasticGpus.html" + }, + "DescribeExportImageTasks": { + "privilege": "DescribeExportImageTasks", + "description": "Grants permission to describe one or more export image tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeExportImageTasks.html" + }, + "DescribeExportTasks": { + "privilege": "DescribeExportTasks", + "description": "Grants permission to describe one or more export instance tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeExportTasks.html" + }, + "DescribeFastLaunchImages": { + "privilege": "DescribeFastLaunchImages", + "description": "Grants permission to describe fast-launch enabled Windows AMIs", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFastLaunchImages.html" + }, + "DescribeFastSnapshotRestores": { + "privilege": "DescribeFastSnapshotRestores", + "description": "Grants permission to describe the state of fast snapshot restores for snapshots", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFastSnapshotRestores.html" + }, + "DescribeFleetHistory": { + "privilege": "DescribeFleetHistory", + "description": "Grants permission to describe the events for an EC2 Fleet during a specified time", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFleetHistory.html" + }, + "DescribeFleetInstances": { + "privilege": "DescribeFleetInstances", + "description": "Grants permission to describe the running instances for an EC2 Fleet", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFleetInstances.html" + }, + "DescribeFleets": { + "privilege": "DescribeFleets", + "description": "Grants permission to describe one or more EC2 Fleets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFleets.html" + }, + "DescribeFlowLogs": { + "privilege": "DescribeFlowLogs", + "description": "Grants permission to describe one or more flow logs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFlowLogs.html" + }, + "DescribeFpgaImageAttribute": { + "privilege": "DescribeFpgaImageAttribute", + "description": "Grants permission to describe the attributes of an Amazon FPGA Image (AFI)", + "access_level": "List", + "resource_types": { + "fpga-image": { + "resource_type": "fpga-image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Owner", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fpga-image": "fpga-image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFpgaImageAttribute.html" + }, + "DescribeFpgaImages": { + "privilege": "DescribeFpgaImages", + "description": "Grants permission to describe one or more Amazon FPGA Images (AFIs)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeFpgaImages.html" + }, + "DescribeHostReservationOfferings": { + "privilege": "DescribeHostReservationOfferings", + "description": "Grants permission to describe the Dedicated Host Reservations that are available to purchase", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHostReservationOfferings.html" + }, + "DescribeHostReservations": { + "privilege": "DescribeHostReservations", + "description": "Grants permission to describe the Dedicated Host Reservations that are associated with Dedicated Hosts in the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHostReservations.html" + }, + "DescribeHosts": { + "privilege": "DescribeHosts", + "description": "Grants permission to describe one or more Dedicated Hosts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHosts.html" + }, + "DescribeIamInstanceProfileAssociations": { + "privilege": "DescribeIamInstanceProfileAssociations", + "description": "Grants permission to describe the IAM instance profile associations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIamInstanceProfileAssociations.html" + }, + "DescribeIdFormat": { + "privilege": "DescribeIdFormat", + "description": "Grants permission to describe the ID format settings for resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIdFormat.html" + }, + "DescribeIdentityIdFormat": { + "privilege": "DescribeIdentityIdFormat", + "description": "Grants permission to describe the ID format settings for resources for an IAM user, IAM role, or root user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIdentityIdFormat.html" + }, + "DescribeImageAttribute": { + "privilege": "DescribeImageAttribute", + "description": "Grants permission to describe an attribute of an Amazon Machine Image (AMI)", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html" + }, + "DescribeImages": { + "privilege": "DescribeImages", + "description": "Grants permission to describe one or more images (AMIs, AKIs, and ARIs)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html" + }, + "DescribeImportImageTasks": { + "privilege": "DescribeImportImageTasks", + "description": "Grants permission to describe import virtual machine or import snapshot tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImportImageTasks.html" + }, + "DescribeImportSnapshotTasks": { + "privilege": "DescribeImportSnapshotTasks", + "description": "Grants permission to describe import snapshot tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImportSnapshotTasks.html" + }, + "DescribeInstanceAttribute": { + "privilege": "DescribeInstanceAttribute", + "description": "Grants permission to describe the attributes of an instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceAttribute.html" + }, + "DescribeInstanceConnectEndpoints": { + "privilege": "DescribeInstanceConnectEndpoints", + "description": "Grants permission to describe EC2 Instance Connect Endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceConnectEndpoints.html" + }, + "DescribeInstanceCreditSpecifications": { + "privilege": "DescribeInstanceCreditSpecifications", + "description": "Grants permission to describe the credit option for CPU usage of one or more burstable performance instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceCreditSpecifications.html" + }, + "DescribeInstanceEventNotificationAttributes": { + "privilege": "DescribeInstanceEventNotificationAttributes", + "description": "Grants permission to describe the set of tags to include in notifications about scheduled events for your instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceEventNotificationAttributes.html" + }, + "DescribeInstanceEventWindows": { + "privilege": "DescribeInstanceEventWindows", + "description": "Grants permission to describe the specified event windows or all event windows", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceEventWindows.html" + }, + "DescribeInstanceStatus": { + "privilege": "DescribeInstanceStatus", + "description": "Grants permission to describe the status of one or more instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceStatus.html" + }, + "DescribeInstanceTypeOfferings": { + "privilege": "DescribeInstanceTypeOfferings", + "description": "Grants permission to describe the set of instance types that are offered in a location", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypeOfferings.html" + }, + "DescribeInstanceTypes": { + "privilege": "DescribeInstanceTypes", + "description": "Grants permission to describe the details of instance types that are offered in a location", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceTypes.html" + }, + "DescribeInstances": { + "privilege": "DescribeInstances", + "description": "Grants permission to describe one or more instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html" + }, + "DescribeInternetGateways": { + "privilege": "DescribeInternetGateways", + "description": "Grants permission to describe one or more internet gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html" + }, + "DescribeIpamPools": { + "privilege": "DescribeIpamPools", + "description": "Grants permission to describe Amazon VPC IP Address Manager (IPAM) pools", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamPools.html" + }, + "DescribeIpamResourceDiscoveries": { + "privilege": "DescribeIpamResourceDiscoveries", + "description": "Grants permission to describe IPAM resource discoveries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamResourceDiscoveries.html" + }, + "DescribeIpamResourceDiscoveryAssociations": { + "privilege": "DescribeIpamResourceDiscoveryAssociations", + "description": "Grants permission to describe resource discovery associations with an Amazon VPC IPAM", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamResourceDiscoveryAssociations.html" + }, + "DescribeIpamScopes": { + "privilege": "DescribeIpamScopes", + "description": "Grants permission to describe Amazon VPC IP Address Manager (IPAM) scopes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpamScopes.html" + }, + "DescribeIpams": { + "privilege": "DescribeIpams", + "description": "Grants permission to describe an Amazon VPC IP Address Manager (IPAM)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpams.html" + }, + "DescribeIpv6Pools": { + "privilege": "DescribeIpv6Pools", + "description": "Grants permission to describe one or more IPv6 address pools", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeIpv6Pools.html" + }, + "DescribeKeyPairs": { + "privilege": "DescribeKeyPairs", + "description": "Grants permission to describe one or more key pairs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeKeyPairs.html" + }, + "DescribeLaunchTemplateVersions": { + "privilege": "DescribeLaunchTemplateVersions", + "description": "Grants permission to describe one or more launch template versions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplateVersions.html" + }, + "DescribeLaunchTemplates": { + "privilege": "DescribeLaunchTemplates", + "description": "Grants permission to describe one or more launch templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html" + }, + "DescribeLocalGatewayRouteTablePermissions": { + "privilege": "DescribeLocalGatewayRouteTablePermissions", + "description": "Grants permission to allow a service to describe local gateway route table permissions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/identity-access-management.html" + }, + "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations": { + "privilege": "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", + "description": "Grants permission to describe the associations between virtual interface groups and local gateway route tables", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations.html" + }, + "DescribeLocalGatewayRouteTableVpcAssociations": { + "privilege": "DescribeLocalGatewayRouteTableVpcAssociations", + "description": "Grants permission to describe an association between VPCs and local gateway route tables", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTableVpcAssociations.html" + }, + "DescribeLocalGatewayRouteTables": { + "privilege": "DescribeLocalGatewayRouteTables", + "description": "Grants permission to describe one or more local gateway route tables", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html" + }, + "DescribeLocalGatewayVirtualInterfaceGroups": { + "privilege": "DescribeLocalGatewayVirtualInterfaceGroups", + "description": "Grants permission to describe local gateway virtual interface groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaceGroups.html" + }, + "DescribeLocalGatewayVirtualInterfaces": { + "privilege": "DescribeLocalGatewayVirtualInterfaces", + "description": "Grants permission to describe local gateway virtual interfaces", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayVirtualInterfaces.html" + }, + "DescribeLocalGateways": { + "privilege": "DescribeLocalGateways", + "description": "Grants permission to describe one or more local gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html" + }, + "DescribeManagedPrefixLists": { + "privilege": "DescribeManagedPrefixLists", + "description": "Grants permission to describe your managed prefix lists and any AWS-managed prefix lists", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html" + }, + "DescribeMovingAddresses": { + "privilege": "DescribeMovingAddresses", + "description": "Grants permission to describe Elastic IP addresses that are being moved to the EC2-VPC platform", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeMovingAddresses.html" + }, + "DescribeNatGateways": { + "privilege": "DescribeNatGateways", + "description": "Grants permission to describe one or more NAT gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html" + }, + "DescribeNetworkAcls": { + "privilege": "DescribeNetworkAcls", + "description": "Grants permission to describe one or more network ACLs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html" + }, + "DescribeNetworkInsightsAccessScopeAnalyses": { + "privilege": "DescribeNetworkInsightsAccessScopeAnalyses", + "description": "Grants permission to describe one or more Network Access Scope analyses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAccessScopeAnalyses.html" + }, + "DescribeNetworkInsightsAccessScopes": { + "privilege": "DescribeNetworkInsightsAccessScopes", + "description": "Grants permission to describe the Network Access Scopes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAccessScopes.html" + }, + "DescribeNetworkInsightsAnalyses": { + "privilege": "DescribeNetworkInsightsAnalyses", + "description": "Grants permission to describe one or more network insights analyses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html" + }, + "DescribeNetworkInsightsPaths": { + "privilege": "DescribeNetworkInsightsPaths", + "description": "Grants permission to describe one or more network insights paths", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsPaths.html" + }, + "DescribeNetworkInterfaceAttribute": { + "privilege": "DescribeNetworkInterfaceAttribute", + "description": "Grants permission to describe a network interface attribute", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaceAttribute.html" + }, + "DescribeNetworkInterfacePermissions": { + "privilege": "DescribeNetworkInterfacePermissions", + "description": "Grants permission to describe the permissions that are associated with a network interface", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfacePermissions.html" + }, + "DescribeNetworkInterfaces": { + "privilege": "DescribeNetworkInterfaces", + "description": "Grants permission to describe one or more network interfaces", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html" + }, + "DescribePlacementGroups": { + "privilege": "DescribePlacementGroups", + "description": "Grants permission to describe one or more placement groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePlacementGroups.html" + }, + "DescribePrefixLists": { + "privilege": "DescribePrefixLists", + "description": "Grants permission to describe available AWS services in a prefix list format", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html" + }, + "DescribePrincipalIdFormat": { + "privilege": "DescribePrincipalIdFormat", + "description": "Grants permission to describe the ID format settings for the root user and all IAM roles and IAM users that have explicitly specified a longer ID (17-character ID) preference", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrincipalIdFormat.html" + }, + "DescribePublicIpv4Pools": { + "privilege": "DescribePublicIpv4Pools", + "description": "Grants permission to describe one or more IPv4 address pools", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePublicIpv4Pools.html" + }, + "DescribeRegions": { + "privilege": "DescribeRegions", + "description": "Grants permission to describe one or more AWS Regions that are currently available in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html" + }, + "DescribeReplaceRootVolumeTasks": { + "privilege": "DescribeReplaceRootVolumeTasks", + "description": "Grants permission to describe a root volume replacement task", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReplaceRootVolumeTasks.html" + }, + "DescribeReservedInstances": { + "privilege": "DescribeReservedInstances", + "description": "Grants permission to describe one or more purchased Reserved Instances in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstances.html" + }, + "DescribeReservedInstancesListings": { + "privilege": "DescribeReservedInstancesListings", + "description": "Grants permission to describe your account's Reserved Instance listings in the Reserved Instance Marketplace", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstancesListings.html" + }, + "DescribeReservedInstancesModifications": { + "privilege": "DescribeReservedInstancesModifications", + "description": "Grants permission to describe the modifications made to one or more Reserved Instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstancesModifications.html" + }, + "DescribeReservedInstancesOfferings": { + "privilege": "DescribeReservedInstancesOfferings", + "description": "Grants permission to describe the Reserved Instance offerings that are available for purchase", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeReservedInstancesOfferings.html" + }, + "DescribeRouteTables": { + "privilege": "DescribeRouteTables", + "description": "Grants permission to describe one or more route tables", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html" + }, + "DescribeScheduledInstanceAvailability": { + "privilege": "DescribeScheduledInstanceAvailability", + "description": "Grants permission to find available schedules for Scheduled Instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeScheduledInstanceAvailability.html" + }, + "DescribeScheduledInstances": { + "privilege": "DescribeScheduledInstances", + "description": "Grants permission to describe one or more Scheduled Instances in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeScheduledInstances.html" + }, + "DescribeSecurityGroupReferences": { + "privilege": "DescribeSecurityGroupReferences", + "description": "Grants permission to describe the VPCs on the other side of a VPC peering connection that are referencing specified VPC security groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroupReferences.html" + }, + "DescribeSecurityGroupRules": { + "privilege": "DescribeSecurityGroupRules", + "description": "Grants permission to describe one or more of your security group rules", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroupRules.html" + }, + "DescribeSecurityGroups": { + "privilege": "DescribeSecurityGroups", + "description": "Grants permission to describe one or more security groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html" + }, + "DescribeSnapshotAttribute": { + "privilege": "DescribeSnapshotAttribute", + "description": "Grants permission to describe an attribute of a snapshot", + "access_level": "List", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Encrypted", + "ec2:OutpostArn", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSnapshotAttribute.html" + }, + "DescribeSnapshotTierStatus": { + "privilege": "DescribeSnapshotTierStatus", + "description": "Grants permission to describe the storage tier status for Amazon EBS snapshots", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSnapshotTierStatus.html" + }, + "DescribeSnapshots": { + "privilege": "DescribeSnapshots", + "description": "Grants permission to describe one or more EBS snapshots", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSnapshots.html" + }, + "DescribeSpotDatafeedSubscription": { + "privilege": "DescribeSpotDatafeedSubscription", + "description": "Grants permission to describe the data feed for Spot Instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotDatafeedSubscription.html" + }, + "DescribeSpotFleetInstances": { + "privilege": "DescribeSpotFleetInstances", + "description": "Grants permission to describe the running instances for a Spot Fleet", + "access_level": "List", + "resource_types": { + "spot-fleet-request": { + "resource_type": "spot-fleet-request", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "spot-fleet-request": "spot-fleet-request", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotFleetInstances.html" + }, + "DescribeSpotFleetRequestHistory": { + "privilege": "DescribeSpotFleetRequestHistory", + "description": "Grants permission to describe the events for a Spot Fleet request during a specified time", + "access_level": "List", + "resource_types": { + "spot-fleet-request": { + "resource_type": "spot-fleet-request", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "spot-fleet-request": "spot-fleet-request", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotFleetRequestHistory.html" + }, + "DescribeSpotFleetRequests": { + "privilege": "DescribeSpotFleetRequests", + "description": "Grants permission to describe one or more Spot Fleet requests", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotFleetRequests.html" + }, + "DescribeSpotInstanceRequests": { + "privilege": "DescribeSpotInstanceRequests", + "description": "Grants permission to describe one or more Spot Instance requests", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotInstanceRequests.html" + }, + "DescribeSpotPriceHistory": { + "privilege": "DescribeSpotPriceHistory", + "description": "Grants permission to describe the Spot Instance price history", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSpotPriceHistory.html" + }, + "DescribeStaleSecurityGroups": { + "privilege": "DescribeStaleSecurityGroups", + "description": "Grants permission to describe the stale security group rules for security groups in a specified VPC", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeStaleSecurityGroups.html" + }, + "DescribeStoreImageTasks": { + "privilege": "DescribeStoreImageTasks", + "description": "Grants permission to describe the progress of the AMI store tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeStoreImageTasks.html" + }, + "DescribeSubnets": { + "privilege": "DescribeSubnets", + "description": "Grants permission to describe one or more subnets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to describe one or more tags for an Amazon EC2 resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTags.html" + }, + "DescribeTrafficMirrorFilters": { + "privilege": "DescribeTrafficMirrorFilters", + "description": "Grants permission to describe one or more traffic mirror filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrafficMirrorFilters.html" + }, + "DescribeTrafficMirrorSessions": { + "privilege": "DescribeTrafficMirrorSessions", + "description": "Grants permission to describe one or more traffic mirror sessions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrafficMirrorSessions.html" + }, + "DescribeTrafficMirrorTargets": { + "privilege": "DescribeTrafficMirrorTargets", + "description": "Grants permission to describe one or more traffic mirror targets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrafficMirrorTargets.html" + }, + "DescribeTransitGatewayAttachments": { + "privilege": "DescribeTransitGatewayAttachments", + "description": "Grants permission to describe one or more attachments between resources and transit gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html" + }, + "DescribeTransitGatewayConnectPeers": { + "privilege": "DescribeTransitGatewayConnectPeers", + "description": "Grants permission to describe one or more transit gateway connect peers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayConnectPeers.html" + }, + "DescribeTransitGatewayConnects": { + "privilege": "DescribeTransitGatewayConnects", + "description": "Grants permission to describe one or more transit gateway connect attachments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayConnects.html" + }, + "DescribeTransitGatewayMulticastDomains": { + "privilege": "DescribeTransitGatewayMulticastDomains", + "description": "Grants permission to describe one or more transit gateway multicast domains", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayMulticastDomains.html" + }, + "DescribeTransitGatewayPeeringAttachments": { + "privilege": "DescribeTransitGatewayPeeringAttachments", + "description": "Grants permission to describe one or more transit gateway peering attachments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPeeringAttachments.html" + }, + "DescribeTransitGatewayPolicyTables": { + "privilege": "DescribeTransitGatewayPolicyTables", + "description": "Grants permission to describe a transit gateway policy table", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayPolicyTables.html" + }, + "DescribeTransitGatewayRouteTableAnnouncements": { + "privilege": "DescribeTransitGatewayRouteTableAnnouncements", + "description": "Grants permission to describe a transit gateway route table announcement", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTableAnnouncements.html" + }, + "DescribeTransitGatewayRouteTables": { + "privilege": "DescribeTransitGatewayRouteTables", + "description": "Grants permission to describe one or more transit gateway route tables", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTables.html" + }, + "DescribeTransitGatewayVpcAttachments": { + "privilege": "DescribeTransitGatewayVpcAttachments", + "description": "Grants permission to describe one or more VPC attachments on a transit gateway", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayVpcAttachments.html" + }, + "DescribeTransitGateways": { + "privilege": "DescribeTransitGateways", + "description": "Grants permission to describe one or more transit gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html" + }, + "DescribeTrunkInterfaceAssociations": { + "privilege": "DescribeTrunkInterfaceAssociations", + "description": "Grants permission to describe one or more network interface trunk associations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTrunkInterfaceAssociations.html" + }, + "DescribeVerifiedAccessEndpoints": { + "privilege": "DescribeVerifiedAccessEndpoints", + "description": "Grants permission to describe the specified Verified Access endpoints or all Verified Access endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessEndpoints.html" + }, + "DescribeVerifiedAccessGroups": { + "privilege": "DescribeVerifiedAccessGroups", + "description": "Grants permission to describe the specified Verified Access groups or all Verified Access groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessGroups.html" + }, + "DescribeVerifiedAccessInstanceLoggingConfigurations": { + "privilege": "DescribeVerifiedAccessInstanceLoggingConfigurations", + "description": "Grants permission to describe the current logging configuration for the Verified Access instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessInstanceLoggingConfigurations.html" + }, + "DescribeVerifiedAccessInstanceWebAclAssociations": { + "privilege": "DescribeVerifiedAccessInstanceWebAclAssociations", + "description": "Grants permission to describe the AWS Web Application Firewall (WAF) web access control list (ACL) associations for a Verified Access instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" + }, + "DescribeVerifiedAccessInstances": { + "privilege": "DescribeVerifiedAccessInstances", + "description": "Grants permission to describe the specified Verified Access instances or all Verified Access instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessInstances.html" + }, + "DescribeVerifiedAccessTrustProviders": { + "privilege": "DescribeVerifiedAccessTrustProviders", + "description": "Grants permission to describe details of existing Verified Access trust providers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessTrustProviders.html" + }, + "DescribeVolumeAttribute": { + "privilege": "DescribeVolumeAttribute", + "description": "Grants permission to describe an attribute of an EBS volume", + "access_level": "List", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumeAttribute.html" + }, + "DescribeVolumeStatus": { + "privilege": "DescribeVolumeStatus", + "description": "Grants permission to describe the status of one or more EBS volumes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumeStatus.html" + }, + "DescribeVolumes": { + "privilege": "DescribeVolumes", + "description": "Grants permission to describe one or more EBS volumes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html" + }, + "DescribeVolumesModifications": { + "privilege": "DescribeVolumesModifications", + "description": "Grants permission to describe the current modification status of one or more EBS volumes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumesModifications.html" + }, + "DescribeVpcAttribute": { + "privilege": "DescribeVpcAttribute", + "description": "Grants permission to describe an attribute of a VPC", + "access_level": "List", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcAttribute.html" + }, + "DescribeVpcClassicLink": { + "privilege": "DescribeVpcClassicLink", + "description": "Grants permission to describe the ClassicLink status of one or more VPCs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcClassicLink.html" + }, + "DescribeVpcClassicLinkDnsSupport": { + "privilege": "DescribeVpcClassicLinkDnsSupport", + "description": "Grants permission to describe the ClassicLink DNS support status of one or more VPCs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcClassicLinkDnsSupport.html" + }, + "DescribeVpcEndpointConnectionNotifications": { + "privilege": "DescribeVpcEndpointConnectionNotifications", + "description": "Grants permission to describe the connection notifications for VPC endpoints and VPC endpoint services", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointConnectionNotifications.html" + }, + "DescribeVpcEndpointConnections": { + "privilege": "DescribeVpcEndpointConnections", + "description": "Grants permission to describe the VPC endpoint connections to your VPC endpoint services", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointConnections.html" + }, + "DescribeVpcEndpointServiceConfigurations": { + "privilege": "DescribeVpcEndpointServiceConfigurations", + "description": "Grants permission to describe VPC endpoint service configurations (your services)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServiceConfigurations.html" + }, + "DescribeVpcEndpointServicePermissions": { + "privilege": "DescribeVpcEndpointServicePermissions", + "description": "Grants permission to describe the principals (service consumers) that are permitted to discover your VPC endpoint service", + "access_level": "List", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServicePermissions.html" + }, + "DescribeVpcEndpointServices": { + "privilege": "DescribeVpcEndpointServices", + "description": "Grants permission to describe all supported AWS services that can be specified when creating a VPC endpoint", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html" + }, + "DescribeVpcEndpoints": { + "privilege": "DescribeVpcEndpoints", + "description": "Grants permission to describe one or more VPC endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html" + }, + "DescribeVpcPeeringConnections": { + "privilege": "DescribeVpcPeeringConnections", + "description": "Grants permission to describe one or more VPC peering connections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html" + }, + "DescribeVpcs": { + "privilege": "DescribeVpcs", + "description": "Grants permission to describe one or more VPCs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html" + }, + "DescribeVpnConnections": { + "privilege": "DescribeVpnConnections", + "description": "Grants permission to describe one or more VPN connections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html" + }, + "DescribeVpnGateways": { + "privilege": "DescribeVpnGateways", + "description": "Grants permission to describe one or more virtual private gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html" + }, + "DetachClassicLinkVpc": { + "privilege": "DetachClassicLinkVpc", + "description": "Grants permission to unlink (detach) a linked EC2-Classic instance from a VPC", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachClassicLinkVpc.html" + }, + "DetachInternetGateway": { + "privilege": "DetachInternetGateway", + "description": "Grants permission to detach an internet gateway from a VPC", + "access_level": "Write", + "resource_types": { + "internet-gateway": { + "resource_type": "internet-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "internet-gateway": "internet-gateway", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachInternetGateway.html" + }, + "DetachNetworkInterface": { + "privilege": "DetachNetworkInterface", + "description": "Grants permission to detach a network interface from an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachNetworkInterface.html" + }, + "DetachVerifiedAccessTrustProvider": { + "privilege": "DetachVerifiedAccessTrustProvider", + "description": "Grants permission to detach a trust provider from a Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-trust-provider": { + "resource_type": "verified-access-trust-provider", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "verified-access-trust-provider": "verified-access-trust-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVerifiedAccessTrustProvider.html" + }, + "DetachVolume": { + "privilege": "DetachVolume", + "description": "Grants permission to detach an EBS volume from an instance", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVolume.html" + }, + "DetachVpnGateway": { + "privilege": "DetachVpnGateway", + "description": "Grants permission to detach a virtual private gateway from a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVpnGateway.html" + }, + "DisableAddressTransfer": { + "privilege": "DisableAddressTransfer", + "description": "Grants permission to disable Elastic IP address transfer", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableAddressTransfer.html" + }, + "DisableAwsNetworkPerformanceMetricSubscription": { + "privilege": "DisableAwsNetworkPerformanceMetricSubscription", + "description": "Grants permission to disable infrastructure performance metric subscriptions", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableAwsNetworkPerformanceMetricSubscription.html" + }, + "DisableEbsEncryptionByDefault": { + "privilege": "DisableEbsEncryptionByDefault", + "description": "Grants permission to disable EBS encryption by default for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableEbsEncryptionByDefault.html" + }, + "DisableFastLaunch": { + "privilege": "DisableFastLaunch", + "description": "Grants permission to disable faster launching for Windows AMIs", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableFastLaunch.html" + }, + "DisableFastSnapshotRestores": { + "privilege": "DisableFastSnapshotRestores", + "description": "Grants permission to disable fast snapshot restores for one or more snapshots in specified Availability Zones", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableFastSnapshotRestores.html" + }, + "DisableImageDeprecation": { + "privilege": "DisableImageDeprecation", + "description": "Grants permission to cancel the deprecation of the specified AMI", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableImageDeprecation.html" + }, + "DisableIpamOrganizationAdminAccount": { + "privilege": "DisableIpamOrganizationAdminAccount", + "description": "Grants permission to disable an AWS Organizations member account as an Amazon VPC IP Address Manager (IPAM) admin account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [ + "organizations:DeregisterDelegatedAdministrator" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableIpamOrganizationAdminAccount.html" + }, + "DisableSerialConsoleAccess": { + "privilege": "DisableSerialConsoleAccess", + "description": "Grants permission to disable access to the EC2 serial console of all instances for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableSerialConsoleAccess.html" + }, + "DisableTransitGatewayRouteTablePropagation": { + "privilege": "DisableTransitGatewayRouteTablePropagation", + "description": "Grants permission to disable a resource attachment from propagating routes to the specified propagation route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table-announcement": { + "resource_type": "transit-gateway-route-table-announcement", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-route-table-announcement": "transit-gateway-route-table-announcement", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableTransitGatewayRouteTablePropagation.html" + }, + "DisableVgwRoutePropagation": { + "privilege": "DisableVgwRoutePropagation", + "description": "Grants permission to disable a virtual private gateway from propagating routes to a specified route table of a VPC", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableVgwRoutePropagation.html" + }, + "DisableVpcClassicLink": { + "privilege": "DisableVpcClassicLink", + "description": "Grants permission to disable ClassicLink for a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableVpcClassicLink.html" + }, + "DisableVpcClassicLinkDnsSupport": { + "privilege": "DisableVpcClassicLinkDnsSupport", + "description": "Grants permission to disable ClassicLink DNS support for a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableVpcClassicLinkDnsSupport.html" + }, + "DisassociateAddress": { + "privilege": "DisassociateAddress", + "description": "Grants permission to disassociate an Elastic IP address from an instance or network interface", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateAddress.html" + }, + "DisassociateClientVpnTargetNetwork": { + "privilege": "DisassociateClientVpnTargetNetwork", + "description": "Grants permission to disassociate a target network from a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateClientVpnTargetNetwork.html" + }, + "DisassociateEnclaveCertificateIamRole": { + "privilege": "DisassociateEnclaveCertificateIamRole", + "description": "Grants permission to disassociate an ACM certificate from a IAM role", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate", + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateEnclaveCertificateIamRole.html" + }, + "DisassociateIamInstanceProfile": { + "privilege": "DisassociateIamInstanceProfile", + "description": "Grants permission to disassociate an IAM instance profile from a running or stopped instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html" + }, + "DisassociateInstanceEventWindow": { + "privilege": "DisassociateInstanceEventWindow", + "description": "Grants permission to disassociate one or more targets from an event window", + "access_level": "Write", + "resource_types": { + "instance-event-window": { + "resource_type": "instance-event-window", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-event-window": "instance-event-window", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateInstanceEventWindow.html" + }, + "DisassociateIpamResourceDiscovery": { + "privilege": "DisassociateIpamResourceDiscovery", + "description": "Grants permission to disassociate a resource discovery from an Amazon VPC IPAM", + "access_level": "Write", + "resource_types": { + "ipam-resource-discovery-association": { + "resource_type": "ipam-resource-discovery-association", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-resource-discovery-association": "ipam-resource-discovery-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIpamResourceDiscovery.html" + }, + "DisassociateNatGatewayAddress": { + "privilege": "DisassociateNatGatewayAddress", + "description": "Grants permission to disassociate a secondary Elastic IP address from a public NAT gateway", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "natgateway": { + "resource_type": "natgateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "natgateway": "natgateway", + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateNatGatewayAddress.html" + }, + "DisassociateRouteTable": { + "privilege": "DisassociateRouteTable", + "description": "Grants permission to disassociate a subnet from a route table", + "access_level": "Write", + "resource_types": { + "internet-gateway": { + "resource_type": "internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv6pool-ec2": { + "resource_type": "ipv6pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "route-table": { + "resource_type": "route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "internet-gateway": "internet-gateway", + "ipv4pool-ec2": "ipv4pool-ec2", + "ipv6pool-ec2": "ipv6pool-ec2", + "route-table": "route-table", + "subnet": "subnet", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateRouteTable.html" + }, + "DisassociateSubnetCidrBlock": { + "privilege": "DisassociateSubnetCidrBlock", + "description": "Grants permission to disassociate a CIDR block from a subnet", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateSubnetCidrBlock.html" + }, + "DisassociateTransitGatewayMulticastDomain": { + "privilege": "DisassociateTransitGatewayMulticastDomain", + "description": "Grants permission to disassociate one or more subnets from a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTransitGatewayMulticastDomain.html" + }, + "DisassociateTransitGatewayPolicyTable": { + "privilege": "DisassociateTransitGatewayPolicyTable", + "description": "Grants permission to disassociate a policy table from a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-policy-table": "transit-gateway-policy-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTransitGatewayPolicyTable.html" + }, + "DisassociateTransitGatewayRouteTable": { + "privilege": "DisassociateTransitGatewayRouteTable", + "description": "Grants permission to disassociate a resource attachment from a transit gateway route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTransitGatewayRouteTable.html" + }, + "DisassociateTrunkInterface": { + "privilege": "DisassociateTrunkInterface", + "description": "Grants permission to disassociate a branch network interface to a trunk network interface", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateTrunkInterface.html" + }, + "DisassociateVerifiedAccessInstanceWebAcl": { + "privilege": "DisassociateVerifiedAccessInstanceWebAcl", + "description": "Grants permission to disassociate an AWS Web Application Firewall (WAF) web access control list (ACL) from a Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" + }, + "DisassociateVpcCidrBlock": { + "privilege": "DisassociateVpcCidrBlock", + "description": "Grants permission to disassociate a CIDR block from a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateVpcCidrBlock.html" + }, + "EnableAddressTransfer": { + "privilege": "EnableAddressTransfer", + "description": "Grants permission to enable Elastic IP address transfer", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableAddressTransfer.html" + }, + "EnableAwsNetworkPerformanceMetricSubscription": { + "privilege": "EnableAwsNetworkPerformanceMetricSubscription", + "description": "Grants permission to enable infrastructure performance subscriptions", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableAwsNetworkPerformanceMetricSubscription.html" + }, + "EnableEbsEncryptionByDefault": { + "privilege": "EnableEbsEncryptionByDefault", + "description": "Grants permission to enable EBS encryption by default for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableEbsEncryptionByDefault.html" + }, + "EnableFastLaunch": { + "privilege": "EnableFastLaunch", + "description": "Grants permission to enable faster launching for Windows AMIs", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "launch-template": "launch-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableFastLaunch.html" + }, + "EnableFastSnapshotRestores": { + "privilege": "EnableFastSnapshotRestores", + "description": "Grants permission to enable fast snapshot restores for one or more snapshots in specified Availability Zones", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableFastSnapshotRestores.html" + }, + "EnableImageDeprecation": { + "privilege": "EnableImageDeprecation", + "description": "Grants permission to enable deprecation of the specified AMI at the specified date and time", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableImageDeprecation.html" + }, + "EnableIpamOrganizationAdminAccount": { + "privilege": "EnableIpamOrganizationAdminAccount", + "description": "Grants permission to enable an AWS Organizations member account as an Amazon VPC IP Address Manager (IPAM) admin account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "organizations:EnableAWSServiceAccess", + "organizations:RegisterDelegatedAdministrator" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableIpamOrganizationAdminAccount.html" + }, + "EnableReachabilityAnalyzerOrganizationSharing": { + "privilege": "EnableReachabilityAnalyzerOrganizationSharing", + "description": "Grants permission to enable organization sharing of reachability analyzer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "organizations:EnableAWSServiceAccess" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableReachabilityAnalyzerOrganizationSharing.html" + }, + "EnableSerialConsoleAccess": { + "privilege": "EnableSerialConsoleAccess", + "description": "Grants permission to enable access to the EC2 serial console of all instances for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableSerialConsoleAccess.html" + }, + "EnableTransitGatewayRouteTablePropagation": { + "privilege": "EnableTransitGatewayRouteTablePropagation", + "description": "Grants permission to enable an attachment to propagate routes to a propagation route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table-announcement": { + "resource_type": "transit-gateway-route-table-announcement", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-route-table-announcement": "transit-gateway-route-table-announcement", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableTransitGatewayRouteTablePropagation.html" + }, + "EnableVgwRoutePropagation": { + "privilege": "EnableVgwRoutePropagation", + "description": "Grants permission to enable a virtual private gateway to propagate routes to a VPC route table", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "vpn-gateway": { + "resource_type": "vpn-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "vpn-gateway": "vpn-gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVgwRoutePropagation.html" + }, + "EnableVolumeIO": { + "privilege": "EnableVolumeIO", + "description": "Grants permission to enable I/O operations for a volume that had I/O operations disabled", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVolumeIO.html" + }, + "EnableVpcClassicLink": { + "privilege": "EnableVpcClassicLink", + "description": "Grants permission to enable a VPC for ClassicLink", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVpcClassicLink.html" + }, + "EnableVpcClassicLinkDnsSupport": { + "privilege": "EnableVpcClassicLinkDnsSupport", + "description": "Grants permission to enable a VPC to support DNS hostname resolution for ClassicLink", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableVpcClassicLinkDnsSupport.html" + }, + "ExportClientVpnClientCertificateRevocationList": { + "privilege": "ExportClientVpnClientCertificateRevocationList", + "description": "Grants permission to download the client certificate revocation list for a Client VPN endpoint", + "access_level": "Read", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportClientVpnClientCertificateRevocationList.html" + }, + "ExportClientVpnClientConfiguration": { + "privilege": "ExportClientVpnClientConfiguration", + "description": "Grants permission to download the contents of the Client VPN endpoint configuration file for a Client VPN endpoint", + "access_level": "Read", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportClientVpnClientConfiguration.html" + }, + "ExportImage": { + "privilege": "ExportImage", + "description": "Grants permission to export an Amazon Machine Image (AMI) to a VM file", + "access_level": "Write", + "resource_types": { + "export-image-task": { + "resource_type": "export-image-task", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "export-image-task": "export-image-task", + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportImage.html" + }, + "ExportTransitGatewayRoutes": { + "privilege": "ExportTransitGatewayRoutes", + "description": "Grants permission to export routes from a transit gateway route table to an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ExportTransitGatewayRoutes.html" + }, + "GetAssociatedEnclaveCertificateIamRoles": { + "privilege": "GetAssociatedEnclaveCertificateIamRoles", + "description": "Grants permission to get the list of roles associated with an ACM certificate", + "access_level": "Read", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetAssociatedEnclaveCertificateIamRoles.html" + }, + "GetAssociatedIpv6PoolCidrs": { + "privilege": "GetAssociatedIpv6PoolCidrs", + "description": "Grants permission to get information about the IPv6 CIDR block associations for a specified IPv6 address pool", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetAssociatedIpv6PoolCidrs.html" + }, + "GetAwsNetworkPerformanceData": { + "privilege": "GetAwsNetworkPerformanceData", + "description": "Grants permission to get network performance data", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetAwsNetworkPerformanceData.html" + }, + "GetCapacityReservationUsage": { + "privilege": "GetCapacityReservationUsage", + "description": "Grants permission to get usage information about a Capacity Reservation", + "access_level": "Read", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:CapacityReservationFleet", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetCapacityReservationUsage.html" + }, + "GetCoipPoolUsage": { + "privilege": "GetCoipPoolUsage", + "description": "Grants permission to describe the allocations from the specified customer-owned address pool", + "access_level": "Read", + "resource_types": { + "coip-pool": { + "resource_type": "coip-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coip-pool": "coip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetCoipPoolUsage.html" + }, + "GetConsoleOutput": { + "privilege": "GetConsoleOutput", + "description": "Grants permission to get the console output for an instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetConsoleOutput.html" + }, + "GetConsoleScreenshot": { + "privilege": "GetConsoleScreenshot", + "description": "Grants permission to retrieve a JPG-format screenshot of a running instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:NewInstanceProfile", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetConsoleScreenshot.html" + }, + "GetDefaultCreditSpecification": { + "privilege": "GetDefaultCreditSpecification", + "description": "Grants permission to get the default credit option for CPU usage of a burstable performance instance family", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetDefaultCreditSpecification.html" + }, + "GetEbsDefaultKmsKeyId": { + "privilege": "GetEbsDefaultKmsKeyId", + "description": "Grants permission to get the ID of the default customer master key (CMK) for EBS encryption by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsDefaultKmsKeyId.html" + }, + "GetEbsEncryptionByDefault": { + "privilege": "GetEbsEncryptionByDefault", + "description": "Grants permission to describe whether EBS encryption by default is enabled for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetEbsEncryptionByDefault.html" + }, + "GetFlowLogsIntegrationTemplate": { + "privilege": "GetFlowLogsIntegrationTemplate", + "description": "Grants permission to generate a CloudFormation template to streamline the integration of VPC flow logs with Amazon Athena", + "access_level": "Read", + "resource_types": { + "vpc-flow-log": { + "resource_type": "vpc-flow-log", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-flow-log": "vpc-flow-log", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetFlowLogsIntegrationTemplate.html" + }, + "GetGroupsForCapacityReservation": { + "privilege": "GetGroupsForCapacityReservation", + "description": "Grants permission to list the resource groups to which a Capacity Reservation has been added", + "access_level": "List", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:CapacityReservationFleet", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetGroupsForCapacityReservation.html" + }, + "GetHostReservationPurchasePreview": { + "privilege": "GetHostReservationPurchasePreview", + "description": "Grants permission to preview a reservation purchase with configurations that match those of a Dedicated Host", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetHostReservationPurchasePreview.html" + }, + "GetInstanceTypesFromInstanceRequirements": { + "privilege": "GetInstanceTypesFromInstanceRequirements", + "description": "Grants permission to view a list of instance types with specified instance attributes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html" + }, + "GetInstanceUefiData": { + "privilege": "GetInstanceUefiData", + "description": "Grants permission to retrieve the binary representation of the UEFI variable store", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:NewInstanceProfile", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceUefiData.html" + }, + "GetIpamAddressHistory": { + "privilege": "GetIpamAddressHistory", + "description": "Grants permission to retrieve historical information about a CIDR within an Amazon VPC IP Address Manager (IPAM) scope", + "access_level": "Read", + "resource_types": { + "ipam-scope": { + "resource_type": "ipam-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-scope": "ipam-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamAddressHistory.html" + }, + "GetIpamDiscoveredAccounts": { + "privilege": "GetIpamDiscoveredAccounts", + "description": "Grants permission to retrieve IPAM discovered accounts", + "access_level": "Read", + "resource_types": { + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-resource-discovery": "ipam-resource-discovery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamDiscoveredAccounts.html" + }, + "GetIpamDiscoveredResourceCidrs": { + "privilege": "GetIpamDiscoveredResourceCidrs", + "description": "Grants permission to retrieve the resource CIDRs that are monitored as part of a resource discovery", + "access_level": "Read", + "resource_types": { + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-resource-discovery": "ipam-resource-discovery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamDiscoveredResourceCidrs.html" + }, + "GetIpamPoolAllocations": { + "privilege": "GetIpamPoolAllocations", + "description": "Grants permission to get a list of all the CIDR allocations in an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "List", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamPoolAllocations.html" + }, + "GetIpamPoolCidrs": { + "privilege": "GetIpamPoolCidrs", + "description": "Grants permission to get the CIDRs provisioned to an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "Read", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamPoolCidrs.html" + }, + "GetIpamResourceCidrs": { + "privilege": "GetIpamResourceCidrs", + "description": "Grants permission to get information about the resources in an Amazon VPC IP Address Manager (IPAM) scope", + "access_level": "Read", + "resource_types": { + "ipam-scope": { + "resource_type": "ipam-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-scope": "ipam-scope", + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetIpamResourceCidrs.html" + }, + "GetLaunchTemplateData": { + "privilege": "GetLaunchTemplateData", + "description": "Grants permission to get the configuration data of the specified instance for use with a new launch template or launch template version", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetLaunchTemplateData.html" + }, + "GetManagedPrefixListAssociations": { + "privilege": "GetManagedPrefixListAssociations", + "description": "Grants permission to get information about the resources that are associated with the specified managed prefix list", + "access_level": "Read", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetManagedPrefixListAssociations.html" + }, + "GetManagedPrefixListEntries": { + "privilege": "GetManagedPrefixListEntries", + "description": "Grants permission to get information about the entries for a specified managed prefix list", + "access_level": "Read", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetManagedPrefixListEntries.html" + }, + "GetNetworkInsightsAccessScopeAnalysisFindings": { + "privilege": "GetNetworkInsightsAccessScopeAnalysisFindings", + "description": "Grants permission to get the findings for one or more Network Access Scope analyses", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetNetworkInsightsAccessScopeAnalysisFindings.html" + }, + "GetNetworkInsightsAccessScopeContent": { + "privilege": "GetNetworkInsightsAccessScopeContent", + "description": "Grants permission to get the content for a specified Network Access Scope", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetNetworkInsightsAccessScopeContent.html" + }, + "GetPasswordData": { + "privilege": "GetPasswordData", + "description": "Grants permission to retrieve the encrypted administrator password for a running Windows instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html" + }, + "GetReservedInstancesExchangeQuote": { + "privilege": "GetReservedInstancesExchangeQuote", + "description": "Grants permission to return a quote and exchange information for exchanging one or more Convertible Reserved Instances for a new Convertible Reserved Instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetReservedInstancesExchangeQuote.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to describe an IAM policy that enables cross-account sharing", + "access_level": "Read", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-group": { + "resource_type": "verified-access-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "placement-group": "placement-group", + "verified-access-group": "verified-access-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/share-pool-ipam.html" + }, + "GetSerialConsoleAccessStatus": { + "privilege": "GetSerialConsoleAccessStatus", + "description": "Grants permission to retrieve the access status of your account to the EC2 serial console of all instances", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSerialConsoleAccessStatus.html" + }, + "GetSpotPlacementScores": { + "privilege": "GetSpotPlacementScores", + "description": "Grants permission to calculate the Spot placement score for a Region or Availability Zone based on the specified target capacity and compute requirements", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html" + }, + "GetSubnetCidrReservations": { + "privilege": "GetSubnetCidrReservations", + "description": "Grants permission to retrieve information about the subnet CIDR reservations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSubnetCidrReservations.html" + }, + "GetTransitGatewayAttachmentPropagations": { + "privilege": "GetTransitGatewayAttachmentPropagations", + "description": "Grants permission to list the route tables to which a resource attachment propagates routes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayAttachmentPropagations.html" + }, + "GetTransitGatewayMulticastDomainAssociations": { + "privilege": "GetTransitGatewayMulticastDomainAssociations", + "description": "Grants permission to get information about the associations for a transit gateway multicast domain", + "access_level": "List", + "resource_types": { + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayMulticastDomainAssociations.html" + }, + "GetTransitGatewayPolicyTableAssociations": { + "privilege": "GetTransitGatewayPolicyTableAssociations", + "description": "Grants permission to get information about associations for a transit gateway policy table", + "access_level": "List", + "resource_types": { + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-policy-table": "transit-gateway-policy-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayPolicyTableAssociations.html" + }, + "GetTransitGatewayPolicyTableEntries": { + "privilege": "GetTransitGatewayPolicyTableEntries", + "description": "Grants permission to get information about associations for a transit gateway policy table entry", + "access_level": "List", + "resource_types": { + "transit-gateway-policy-table": { + "resource_type": "transit-gateway-policy-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-policy-table": "transit-gateway-policy-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayPolicyTableEntries.html" + }, + "GetTransitGatewayPrefixListReferences": { + "privilege": "GetTransitGatewayPrefixListReferences", + "description": "Grants permission to get information about prefix list references for a transit gateway route table", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayPrefixListReferences.html" + }, + "GetTransitGatewayRouteTableAssociations": { + "privilege": "GetTransitGatewayRouteTableAssociations", + "description": "Grants permission to get information about associations for a transit gateway route table", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTableAssociations.html" + }, + "GetTransitGatewayRouteTablePropagations": { + "privilege": "GetTransitGatewayRouteTablePropagations", + "description": "Grants permission to get information about the route table propagations for a transit gateway route table", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayRouteTablePropagations.html" + }, + "GetVerifiedAccessEndpointPolicy": { + "privilege": "GetVerifiedAccessEndpointPolicy", + "description": "Grants permission to show the Verified Access policy associated with the endpoint", + "access_level": "List", + "resource_types": { + "verified-access-endpoint": { + "resource_type": "verified-access-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-endpoint": "verified-access-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVerifiedAccessEndpointPolicy.html" + }, + "GetVerifiedAccessGroupPolicy": { + "privilege": "GetVerifiedAccessGroupPolicy", + "description": "Grants permission to show the contents of the Verified Access policy associated with the group", + "access_level": "List", + "resource_types": { + "verified-access-group": { + "resource_type": "verified-access-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-group": "verified-access-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVerifiedAccessGroupPolicy.html" + }, + "GetVerifiedAccessInstanceWebAcl": { + "privilege": "GetVerifiedAccessInstanceWebAcl", + "description": "Grants permission to show the AWS Web Application Firewall (WAF) web access control list (ACL) for a Verified Access instance", + "access_level": "List", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/waf-integration.html" + }, + "GetVpnConnectionDeviceSampleConfiguration": { + "privilege": "GetVpnConnectionDeviceSampleConfiguration", + "description": "Grants permission to download an AWS-provided sample configuration file to be used with the customer gateway device", + "access_level": "List", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpn-connection-device-type": { + "resource_type": "vpn-connection-device-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "vpn-connection-device-type": "vpn-connection-device-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVpnConnectionDeviceSampleConfiguration.html" + }, + "GetVpnConnectionDeviceTypes": { + "privilege": "GetVpnConnectionDeviceTypes", + "description": "Grants permission to obtain a list of customer gateway devices for which sample configuration files can be provided", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVpnConnectionDeviceTypes.html" + }, + "GetVpnTunnelReplacementStatus": { + "privilege": "GetVpnTunnelReplacementStatus", + "description": "Grants permission to view available tunnel endpoint maintenance events", + "access_level": "List", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVpnTunnelReplacementStatus.html" + }, + "ImportByoipCidrToIpam": { + "privilege": "ImportByoipCidrToIpam", + "description": "Grants permission to transfer existing BYOIP IPv4 CIDRs to IPAM", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoip-ipam-transfer-ipv4.html" + }, + "ImportClientVpnClientCertificateRevocationList": { + "privilege": "ImportClientVpnClientCertificateRevocationList", + "description": "Grants permission to upload a client certificate revocation list to a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportClientVpnClientCertificateRevocationList.html" + }, + "ImportImage": { + "privilege": "ImportImage", + "description": "Grants permission to import single or multi-volume disk images or EBS snapshots into an Amazon Machine Image (AMI)", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:RootDeviceType" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "import-image-task": { + "resource_type": "import-image-task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "import-image-task": "import-image-task", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportImage.html" + }, + "ImportInstance": { + "privilege": "ImportInstance", + "description": "Grants permission to create an import instance task using metadata from a disk image", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:InstanceID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "volume": "volume", + "security-group": "security-group", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html" + }, + "ImportKeyPair": { + "privilege": "ImportKeyPair", + "description": "Grants permission to import a public key from an RSA key pair that was created with a third-party tool", + "access_level": "Write", + "resource_types": { + "key-pair": { + "resource_type": "key-pair", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key-pair": "key-pair", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html" + }, + "ImportSnapshot": { + "privilege": "ImportSnapshot", + "description": "Grants permission to import a disk into an EBS snapshot", + "access_level": "Write", + "resource_types": { + "import-snapshot-task": { + "resource_type": "import-snapshot-task", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "ec2:Owner", + "ec2:ParentVolume", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "import-snapshot-task": "import-snapshot-task", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportSnapshot.html" + }, + "ImportVolume": { + "privilege": "ImportVolume", + "description": "Grants permission to create an import volume task using metadata from a disk image", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportVolume.html" + }, + "ListImagesInRecycleBin": { + "privilege": "ListImagesInRecycleBin", + "description": "Grants permission to list Amazon Machine Images (AMIs) that are currently in the Recycle Bin", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ListImagesInRecycleBin.html" + }, + "ListSnapshotsInRecycleBin": { + "privilege": "ListSnapshotsInRecycleBin", + "description": "Grants permission to list the Amazon EBS snapshots that are currently in the Recycle Bin", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ListSnapshotsInRecycleBin.html" + }, + "ModifyAddressAttribute": { + "privilege": "ModifyAddressAttribute", + "description": "Grants permission to modify an attribute of the specified Elastic IP address", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyAddressAttribute.html" + }, + "ModifyAvailabilityZoneGroup": { + "privilege": "ModifyAvailabilityZoneGroup", + "description": "Grants permission to modify the opt-in status of the Local Zone and Wavelength Zone group for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyAvailabilityZoneGroup.html" + }, + "ModifyCapacityReservation": { + "privilege": "ModifyCapacityReservation", + "description": "Grants permission to modify a Capacity Reservation's capacity and the conditions under which it is to be released", + "access_level": "Write", + "resource_types": { + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:CapacityReservationFleet", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation": "capacity-reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyCapacityReservation.html" + }, + "ModifyCapacityReservationFleet": { + "privilege": "ModifyCapacityReservationFleet", + "description": "Grants permission to modify a Capacity Reservation Fleet", + "access_level": "Write", + "resource_types": { + "capacity-reservation-fleet": { + "resource_type": "capacity-reservation-fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-reservation-fleet": "capacity-reservation-fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyCapacityReservationFleet.html" + }, + "ModifyClientVpnEndpoint": { + "privilege": "ModifyClientVpnEndpoint", + "description": "Grants permission to modify a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID" + ], + "dependent_actions": [] + }, + "vpc": { + "resource_type": "vpc", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "security-group": "security-group", + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyClientVpnEndpoint.html" + }, + "ModifyDefaultCreditSpecification": { + "privilege": "ModifyDefaultCreditSpecification", + "description": "Grants permission to change the account level default credit option for CPU usage of burstable performance instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyDefaultCreditSpecification.html" + }, + "ModifyEbsDefaultKmsKeyId": { + "privilege": "ModifyEbsDefaultKmsKeyId", + "description": "Grants permission to change the default customer master key (CMK) for EBS encryption by default for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyEbsDefaultKmsKeyId.html" + }, + "ModifyFleet": { + "privilege": "ModifyFleet", + "description": "Grants permission to modify an EC2 Fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:KeyPairName", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "image": "image", + "key-pair": "key-pair", + "launch-template": "launch-template", + "network-interface": "network-interface", + "security-group": "security-group", + "snapshot": "snapshot", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html" + }, + "ModifyFpgaImageAttribute": { + "privilege": "ModifyFpgaImageAttribute", + "description": "Grants permission to modify an attribute of an Amazon FPGA Image (AFI)", + "access_level": "Write", + "resource_types": { + "fpga-image": { + "resource_type": "fpga-image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fpga-image": "fpga-image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFpgaImageAttribute.html" + }, + "ModifyHosts": { + "privilege": "ModifyHosts", + "description": "Grants permission to modify a Dedicated Host", + "access_level": "Write", + "resource_types": { + "dedicated-host": { + "resource_type": "dedicated-host", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-host": "dedicated-host", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyHosts.html" + }, + "ModifyIdFormat": { + "privilege": "ModifyIdFormat", + "description": "Grants permission to modify the ID format for a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIdFormat.html" + }, + "ModifyIdentityIdFormat": { + "privilege": "ModifyIdentityIdFormat", + "description": "Grants permission to modify the ID format of a resource for a specific principal in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIdentityIdFormat.html" + }, + "ModifyImageAttribute": { + "privilege": "ModifyImageAttribute", + "description": "Grants permission to modify an attribute of an Amazon Machine Image (AMI)", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyImageAttribute.html" + }, + "ModifyInstanceAttribute": { + "privilege": "ModifyInstanceAttribute", + "description": "Grants permission to modify an attribute of an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "security-group": "security-group", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html" + }, + "ModifyInstanceCapacityReservationAttributes": { + "privilege": "ModifyInstanceCapacityReservationAttributes", + "description": "Grants permission to modify the Capacity Reservation settings for a stopped instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "capacity-reservation": "capacity-reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCapacityReservationAttributes.html" + }, + "ModifyInstanceCreditSpecification": { + "privilege": "ModifyInstanceCreditSpecification", + "description": "Grants permission to modify the credit option for CPU usage on an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html" + }, + "ModifyInstanceEventStartTime": { + "privilege": "ModifyInstanceEventStartTime", + "description": "Grants permission to modify the start time for a scheduled EC2 instance event", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute/${AttributeName}", + "ec2:InstanceID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceEventStartTime.html" + }, + "ModifyInstanceEventWindow": { + "privilege": "ModifyInstanceEventWindow", + "description": "Grants permission to modify the specified event window", + "access_level": "Write", + "resource_types": { + "instance-event-window": { + "resource_type": "instance-event-window", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-event-window": "instance-event-window", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceEventWindow.html" + }, + "ModifyInstanceMaintenanceOptions": { + "privilege": "ModifyInstanceMaintenanceOptions", + "description": "Grants permission to modify the recovery behaviour for an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceMaintenanceOptions.html" + }, + "ModifyInstanceMetadataOptions": { + "privilege": "ModifyInstanceMetadataOptions", + "description": "Grants permission to modify the metadata options for an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceMetadataOptions.html" + }, + "ModifyInstancePlacement": { + "privilege": "ModifyInstancePlacement", + "description": "Grants permission to modify the placement attributes for an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "dedicated-host": { + "resource_type": "dedicated-host", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "dedicated-host": "dedicated-host", + "placement-group": "placement-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstancePlacement.html" + }, + "ModifyIpam": { + "privilege": "ModifyIpam", + "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM)", + "access_level": "Write", + "resource_types": { + "ipam": { + "resource_type": "ipam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam": "ipam", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpam.html" + }, + "ModifyIpamPool": { + "privilege": "ModifyIpamPool", + "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamPool.html" + }, + "ModifyIpamResourceCidr": { + "privilege": "ModifyIpamResourceCidr", + "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM) resource CIDR", + "access_level": "Write", + "resource_types": { + "ipam-scope": { + "resource_type": "ipam-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-scope": "ipam-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamResourceCidr.html" + }, + "ModifyIpamResourceDiscovery": { + "privilege": "ModifyIpamResourceDiscovery", + "description": "Grants permission to modify a resource discovery", + "access_level": "Write", + "resource_types": { + "ipam-resource-discovery": { + "resource_type": "ipam-resource-discovery", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-resource-discovery": "ipam-resource-discovery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamResourceDiscovery.html" + }, + "ModifyIpamScope": { + "privilege": "ModifyIpamScope", + "description": "Grants permission to modify the configurations of an Amazon VPC IP Address Manager (IPAM) scope", + "access_level": "Write", + "resource_types": { + "ipam-scope": { + "resource_type": "ipam-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-scope": "ipam-scope", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamScope.html" + }, + "ModifyLaunchTemplate": { + "privilege": "ModifyLaunchTemplate", + "description": "Grants permission to modify a launch template", + "access_level": "Write", + "resource_types": { + "launch-template": { + "resource_type": "launch-template", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-template": "launch-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyLaunchTemplate.html" + }, + "ModifyLocalGatewayRoute": { + "privilege": "ModifyLocalGatewayRoute", + "description": "Grants permission to modify a local gateway route", + "access_level": "Write", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "local-gateway-virtual-interface-group": { + "resource_type": "local-gateway-virtual-interface-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "prefix-list": { + "resource_type": "prefix-list", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "local-gateway-virtual-interface-group": "local-gateway-virtual-interface-group", + "network-interface": "network-interface", + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyLocalGatewayRoute.html" + }, + "ModifyManagedPrefixList": { + "privilege": "ModifyManagedPrefixList", + "description": "Grants permission to modify a managed prefix list", + "access_level": "Write", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyManagedPrefixList.html" + }, + "ModifyNetworkInterfaceAttribute": { + "privilege": "ModifyNetworkInterfaceAttribute", + "description": "Grants permission to modify an attribute of a network interface", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "instance": "instance", + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyNetworkInterfaceAttribute.html" + }, + "ModifyPrivateDnsNameOptions": { + "privilege": "ModifyPrivateDnsNameOptions", + "description": "Grants permission to modify the options for instance hostnames for the specified instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:NewInstanceProfile", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyPrivateDnsNameOptions.html" + }, + "ModifyReservedInstances": { + "privilege": "ModifyReservedInstances", + "description": "Grants permission to modify attributes of one or more Reserved Instances", + "access_level": "Write", + "resource_types": { + "reserved-instances": { + "resource_type": "reserved-instances", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:InstanceType", + "ec2:ReservedInstancesOfferingType", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reserved-instances": "reserved-instances", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyReservedInstances.html" + }, + "ModifySecurityGroupRules": { + "privilege": "ModifySecurityGroupRules", + "description": "Grants permission to modify the rules of a security group", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group-rule": { + "resource_type": "security-group-rule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "prefix-list": { + "resource_type": "prefix-list", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "security-group-rule": "security-group-rule", + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySecurityGroupRules.html" + }, + "ModifySnapshotAttribute": { + "privilege": "ModifySnapshotAttribute", + "description": "Grants permission to add or remove permission settings for a snapshot", + "access_level": "Permissions management", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Add/group", + "ec2:Add/userId", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:Remove/group", + "ec2:Remove/userId", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html" + }, + "ModifySnapshotTier": { + "privilege": "ModifySnapshotTier", + "description": "Grants permission to archive Amazon EBS snapshots", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Encrypted", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotTier.html" + }, + "ModifySpotFleetRequest": { + "privilege": "ModifySpotFleetRequest", + "description": "Grants permission to modify a Spot Fleet request", + "access_level": "Write", + "resource_types": { + "spot-fleet-request": { + "resource_type": "spot-fleet-request", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "spot-fleet-request": "spot-fleet-request", + "launch-template": "launch-template", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html" + }, + "ModifySubnetAttribute": { + "privilege": "ModifySubnetAttribute", + "description": "Grants permission to modify an attribute of a subnet", + "access_level": "Write", + "resource_types": { + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySubnetAttribute.html" + }, + "ModifyTrafficMirrorFilterNetworkServices": { + "privilege": "ModifyTrafficMirrorFilterNetworkServices", + "description": "Grants permission to allow or restrict mirroring network services", + "access_level": "Write", + "resource_types": { + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-filter": "traffic-mirror-filter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorFilterNetworkServices.html" + }, + "ModifyTrafficMirrorFilterRule": { + "privilege": "ModifyTrafficMirrorFilterRule", + "description": "Grants permission to modify a traffic mirror rule", + "access_level": "Write", + "resource_types": { + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-filter-rule": { + "resource_type": "traffic-mirror-filter-rule", + "required": true, + "condition_keys": [ + "ec2:Attribute", + "ec2:Attribute/${AttributeName}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-filter": "traffic-mirror-filter", + "traffic-mirror-filter-rule": "traffic-mirror-filter-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorFilterRule.html" + }, + "ModifyTrafficMirrorSession": { + "privilege": "ModifyTrafficMirrorSession", + "description": "Grants permission to modify a traffic mirror session", + "access_level": "Write", + "resource_types": { + "traffic-mirror-session": { + "resource_type": "traffic-mirror-session", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-filter": { + "resource_type": "traffic-mirror-filter", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "traffic-mirror-target": { + "resource_type": "traffic-mirror-target", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "traffic-mirror-session": "traffic-mirror-session", + "traffic-mirror-filter": "traffic-mirror-filter", + "traffic-mirror-target": "traffic-mirror-target", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorSession.html" + }, + "ModifyTransitGateway": { + "privilege": "ModifyTransitGateway", + "description": "Grants permission to modify a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway": { + "resource_type": "transit-gateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway": "transit-gateway", + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGateway.html" + }, + "ModifyTransitGatewayPrefixListReference": { + "privilege": "ModifyTransitGatewayPrefixListReference", + "description": "Grants permission to modify a transit gateway prefix list reference", + "access_level": "Write", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGatewayPrefixListReference.html" + }, + "ModifyTransitGatewayVpcAttachment": { + "privilege": "ModifyTransitGatewayVpcAttachment", + "description": "Grants permission to modify a VPC attachment on a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTransitGatewayVpcAttachment.html" + }, + "ModifyVerifiedAccessEndpoint": { + "privilege": "ModifyVerifiedAccessEndpoint", + "description": "Grants permission to modify the configuration of a Verified Access endpoint", + "access_level": "Write", + "resource_types": { + "verified-access-endpoint": { + "resource_type": "verified-access-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "verified-access-group": { + "resource_type": "verified-access-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-endpoint": "verified-access-endpoint", + "subnet": "subnet", + "verified-access-group": "verified-access-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessEndpoint.html" + }, + "ModifyVerifiedAccessEndpointPolicy": { + "privilege": "ModifyVerifiedAccessEndpointPolicy", + "description": "Grants permission to modify the specified Verified Access endpoint policy", + "access_level": "Write", + "resource_types": { + "verified-access-endpoint": { + "resource_type": "verified-access-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-endpoint": "verified-access-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessEndpointPolicy.html" + }, + "ModifyVerifiedAccessGroup": { + "privilege": "ModifyVerifiedAccessGroup", + "description": "Grants permission to modify the specified Verified Access Group configuration", + "access_level": "Write", + "resource_types": { + "verified-access-group": { + "resource_type": "verified-access-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-group": "verified-access-group", + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessGroup.html" + }, + "ModifyVerifiedAccessGroupPolicy": { + "privilege": "ModifyVerifiedAccessGroupPolicy", + "description": "Grants permission to modify the specified Verified Access group policy", + "access_level": "Write", + "resource_types": { + "verified-access-group": { + "resource_type": "verified-access-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-group": "verified-access-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessGroupPolicy.html" + }, + "ModifyVerifiedAccessInstance": { + "privilege": "ModifyVerifiedAccessInstance", + "description": "Grants permission to modify the configuration of the specified Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessInstance.html" + }, + "ModifyVerifiedAccessInstanceLoggingConfiguration": { + "privilege": "ModifyVerifiedAccessInstanceLoggingConfiguration", + "description": "Grants permission to modify the logging configuration for the specified Verified Access instance", + "access_level": "Write", + "resource_types": { + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-instance": "verified-access-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessInstanceLoggingConfiguration.html" + }, + "ModifyVerifiedAccessTrustProvider": { + "privilege": "ModifyVerifiedAccessTrustProvider", + "description": "Grants permission to modify the configuration of the specified Verified Access trust provider", + "access_level": "Write", + "resource_types": { + "verified-access-trust-provider": { + "resource_type": "verified-access-trust-provider", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verified-access-trust-provider": "verified-access-trust-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessTrustProvider.html" + }, + "ModifyVolume": { + "privilege": "ModifyVolume", + "description": "Grants permission to modify the parameters of an EBS volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVolume.html" + }, + "ModifyVolumeAttribute": { + "privilege": "ModifyVolumeAttribute", + "description": "Grants permission to modify an attribute of a volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVolumeAttribute.html" + }, + "ModifyVpcAttribute": { + "privilege": "ModifyVpcAttribute", + "description": "Grants permission to modify an attribute of a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcAttribute.html" + }, + "ModifyVpcEndpoint": { + "privilege": "ModifyVpcEndpoint", + "description": "Grants permission to modify an attribute of a VPC endpoint", + "access_level": "Write", + "resource_types": { + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "route-table": { + "resource_type": "route-table", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint": "vpc-endpoint", + "route-table": "route-table", + "security-group": "security-group", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html" + }, + "ModifyVpcEndpointConnectionNotification": { + "privilege": "ModifyVpcEndpointConnectionNotification", + "description": "Grants permission to modify a connection notification for a VPC endpoint or VPC endpoint service", + "access_level": "Write", + "resource_types": { + "vpc-endpoint": { + "resource_type": "vpc-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint": "vpc-endpoint", + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointConnectionNotification.html" + }, + "ModifyVpcEndpointServiceConfiguration": { + "privilege": "ModifyVpcEndpointServiceConfiguration", + "description": "Grants permission to modify the attributes of a VPC endpoint service configuration", + "access_level": "Write", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}", + "ec2:VpceServicePrivateDnsName" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointServiceConfiguration.html" + }, + "ModifyVpcEndpointServicePayerResponsibility": { + "privilege": "ModifyVpcEndpointServicePayerResponsibility", + "description": "Grants permission to modify the payer responsibility for a VPC endpoint service", + "access_level": "Write", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointServicePayerResponsibility.html" + }, + "ModifyVpcEndpointServicePermissions": { + "privilege": "ModifyVpcEndpointServicePermissions", + "description": "Grants permission to modify the permissions for a VPC endpoint service", + "access_level": "Permissions management", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpointServicePermissions.html" + }, + "ModifyVpcPeeringConnectionOptions": { + "privilege": "ModifyVpcPeeringConnectionOptions", + "description": "Grants permission to modify the VPC peering connection options on one side of a VPC peering connection", + "access_level": "Write", + "resource_types": { + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AccepterVpc", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:RequesterVpc", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcPeeringConnectionID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-peering-connection": "vpc-peering-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcPeeringConnectionOptions.html" + }, + "ModifyVpcTenancy": { + "privilege": "ModifyVpcTenancy", + "description": "Grants permission to modify the instance tenancy attribute of a VPC", + "access_level": "Write", + "resource_types": { + "vpc": { + "resource_type": "vpc", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc": "vpc", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcTenancy.html" + }, + "ModifyVpnConnection": { + "privilege": "ModifyVpnConnection", + "description": "Grants permission to modify the target gateway of a Site-to-Site VPN connection", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AuthenticationType", + "ec2:DPDTimeoutSeconds", + "ec2:GatewayType", + "ec2:IKEVersions", + "ec2:InsideTunnelCidr", + "ec2:InsideTunnelIpv6Cidr", + "ec2:Phase1DHGroup", + "ec2:Phase1EncryptionAlgorithms", + "ec2:Phase1IntegrityAlgorithms", + "ec2:Phase1LifetimeSeconds", + "ec2:Phase2DHGroup", + "ec2:Phase2EncryptionAlgorithms", + "ec2:Phase2IntegrityAlgorithms", + "ec2:Phase2LifetimeSeconds", + "ec2:PreSharedKeys", + "ec2:RekeyFuzzPercentage", + "ec2:RekeyMarginTimeSeconds", + "ec2:ReplayWindowSizePackets", + "ec2:ResourceTag/${TagKey}", + "ec2:RoutingType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnConnection.html" + }, + "ModifyVpnConnectionOptions": { + "privilege": "ModifyVpnConnectionOptions", + "description": "Grants permission to modify the connection options for your Site-to-Site VPN connection", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnConnectionOptions.html" + }, + "ModifyVpnTunnelCertificate": { + "privilege": "ModifyVpnTunnelCertificate", + "description": "Grants permission to modify the certificate for a Site-to-Site VPN connection", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnTunnelCertificate.html" + }, + "ModifyVpnTunnelOptions": { + "privilege": "ModifyVpnTunnelOptions", + "description": "Grants permission to modify the options for a Site-to-Site VPN connection", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AuthenticationType", + "ec2:DPDTimeoutSeconds", + "ec2:GatewayType", + "ec2:IKEVersions", + "ec2:InsideTunnelCidr", + "ec2:InsideTunnelIpv6Cidr", + "ec2:Phase1DHGroup", + "ec2:Phase1EncryptionAlgorithms", + "ec2:Phase1IntegrityAlgorithms", + "ec2:Phase1LifetimeSeconds", + "ec2:Phase2DHGroup", + "ec2:Phase2EncryptionAlgorithms", + "ec2:Phase2IntegrityAlgorithms", + "ec2:Phase2LifetimeSeconds", + "ec2:PreSharedKeys", + "ec2:RekeyFuzzPercentage", + "ec2:RekeyMarginTimeSeconds", + "ec2:ReplayWindowSizePackets", + "ec2:ResourceTag/${TagKey}", + "ec2:RoutingType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpnTunnelOptions.html" + }, + "MonitorInstances": { + "privilege": "MonitorInstances", + "description": "Grants permission to enable detailed monitoring for a running instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_MonitorInstances.html" + }, + "MoveAddressToVpc": { + "privilege": "MoveAddressToVpc", + "description": "Grants permission to move an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_MoveAddressToVpc.html" + }, + "MoveByoipCidrToIpam": { + "privilege": "MoveByoipCidrToIpam", + "description": "Grants permission to move a BYOIP IPv4 CIDR to Amazon VPC IP Address Manager (IPAM) from a public IPv4 pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_MoveByoipCidrToIpam.html" + }, + "PauseVolumeIO": { + "privilege": "PauseVolumeIO", + "description": "Grants permission to temporarily pause I/O operations for a target Amazon EBS volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:ParentSnapshot", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#ebs-actions-reference" + }, + "ProvisionByoipCidr": { + "privilege": "ProvisionByoipCidr", + "description": "Grants permission to provision an address range for use in AWS through bring your own IP addresses (BYOIP), and to create a corresponding address pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ProvisionByoipCidr.html" + }, + "ProvisionIpamPoolCidr": { + "privilege": "ProvisionIpamPoolCidr", + "description": "Grants permission to provision a CIDR to an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ProvisionIpamPoolCidr.html" + }, + "ProvisionPublicIpv4PoolCidr": { + "privilege": "ProvisionPublicIpv4PoolCidr", + "description": "Grants permission to provision a CIDR to a public IPv4 pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "ipv4pool-ec2": "ipv4pool-ec2", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ProvisionPublicIpv4PoolCidr.html" + }, + "PurchaseHostReservation": { + "privilege": "PurchaseHostReservation", + "description": "Grants permission to purchase a reservation with configurations that match those of a Dedicated Host", + "access_level": "Write", + "resource_types": { + "dedicated-host": { + "resource_type": "dedicated-host", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-host": "dedicated-host", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PurchaseHostReservation.html" + }, + "PurchaseReservedInstancesOffering": { + "privilege": "PurchaseReservedInstancesOffering", + "description": "Grants permission to purchase a Reserved Instance offering", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PurchaseReservedInstancesOffering.html" + }, + "PurchaseScheduledInstances": { + "privilege": "PurchaseScheduledInstances", + "description": "Grants permission to purchase one or more Scheduled Instances with a specified schedule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_PurchaseScheduledInstances.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to attach an IAM policy that enables cross-account sharing to a resource", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "verified-access-group": { + "resource_type": "verified-access-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "placement-group": "placement-group", + "verified-access-group": "verified-access-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/ipam/share-pool-ipam.html" + }, + "RebootInstances": { + "privilege": "RebootInstances", + "description": "Grants permission to request a reboot of one or more instances", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RebootInstances.html" + }, + "RegisterImage": { + "privilege": "RegisterImage", + "description": "Grants permission to register an Amazon Machine Image (AMI)", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:Owner", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:OutpostArn", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterImage.html" + }, + "RegisterInstanceEventNotificationAttributes": { + "privilege": "RegisterInstanceEventNotificationAttributes", + "description": "Grants permission to add tags to the set of tags to include in notifications about scheduled events for your instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterInstanceEventNotificationAttributes.html" + }, + "RegisterTransitGatewayMulticastGroupMembers": { + "privilege": "RegisterTransitGatewayMulticastGroupMembers", + "description": "Grants permission to register one or more network interfaces as a member of a group IP address in a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterTransitGatewayMulticastGroupMembers.html" + }, + "RegisterTransitGatewayMulticastGroupSources": { + "privilege": "RegisterTransitGatewayMulticastGroupSources", + "description": "Grants permission to register one or more network interfaces as a source of a group IP address in a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RegisterTransitGatewayMulticastGroupSources.html" + }, + "RejectTransitGatewayMulticastDomainAssociations": { + "privilege": "RejectTransitGatewayMulticastDomainAssociations", + "description": "Grants permission to reject requests to associate cross-account subnets with a transit gateway multicast domain", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectTransitGatewayMulticastDomainAssociations.html" + }, + "RejectTransitGatewayPeeringAttachment": { + "privilege": "RejectTransitGatewayPeeringAttachment", + "description": "Grants permission to reject a transit gateway peering attachment request", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectTransitGatewayPeeringAttachment.html" + }, + "RejectTransitGatewayVpcAttachment": { + "privilege": "RejectTransitGatewayVpcAttachment", + "description": "Grants permission to reject a request to attach a VPC to a transit gateway", + "access_level": "Write", + "resource_types": { + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectTransitGatewayVpcAttachment.html" + }, + "RejectVpcEndpointConnections": { + "privilege": "RejectVpcEndpointConnections", + "description": "Grants permission to reject one or more VPC endpoint connection requests to a VPC endpoint service", + "access_level": "Write", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectVpcEndpointConnections.html" + }, + "RejectVpcPeeringConnection": { + "privilege": "RejectVpcPeeringConnection", + "description": "Grants permission to reject a VPC peering connection request", + "access_level": "Write", + "resource_types": { + "vpc-peering-connection": { + "resource_type": "vpc-peering-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AccepterVpc", + "ec2:RequesterVpc", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcPeeringConnectionID" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-peering-connection": "vpc-peering-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RejectVpcPeeringConnection.html" + }, + "ReleaseAddress": { + "privilege": "ReleaseAddress", + "description": "Grants permission to release an Elastic IP address", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseAddress.html" + }, + "ReleaseHosts": { + "privilege": "ReleaseHosts", + "description": "Grants permission to release one or more On-Demand Dedicated Hosts", + "access_level": "Write", + "resource_types": { + "dedicated-host": { + "resource_type": "dedicated-host", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-host": "dedicated-host", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseHosts.html" + }, + "ReleaseIpamPoolAllocation": { + "privilege": "ReleaseIpamPoolAllocation", + "description": "Grants permission to release an allocation within an Amazon VPC IP Address Manager (IPAM) pool", + "access_level": "Write", + "resource_types": { + "ipam-pool": { + "resource_type": "ipam-pool", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipam-pool": "ipam-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseIpamPoolAllocation.html" + }, + "ReplaceIamInstanceProfileAssociation": { + "privilege": "ReplaceIamInstanceProfileAssociation", + "description": "Grants permission to replace an IAM instance profile for an instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:NewInstanceProfile", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceIamInstanceProfileAssociation.html" + }, + "ReplaceNetworkAclAssociation": { + "privilege": "ReplaceNetworkAclAssociation", + "description": "Grants permission to change which network ACL a subnet is associated with", + "access_level": "Write", + "resource_types": { + "network-acl": { + "resource_type": "network-acl", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkAclID", + "ec2:ResourceTag/${TagKey}", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-acl": "network-acl", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceNetworkAclAssociation.html" + }, + "ReplaceNetworkAclEntry": { + "privilege": "ReplaceNetworkAclEntry", + "description": "Grants permission to replace an entry (rule) in a network ACL", + "access_level": "Write", + "resource_types": { + "network-acl": { + "resource_type": "network-acl", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:NetworkAclID", + "ec2:ResourceTag/${TagKey}", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-acl": "network-acl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceNetworkAclEntry.html" + }, + "ReplaceRoute": { + "privilege": "ReplaceRoute", + "description": "Grants permission to replace a route within a route table in a VPC", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceRoute.html" + }, + "ReplaceRouteTableAssociation": { + "privilege": "ReplaceRouteTableAssociation", + "description": "Grants permission to change the route table that is associated with a subnet", + "access_level": "Write", + "resource_types": { + "route-table": { + "resource_type": "route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "internet-gateway": { + "resource_type": "internet-gateway", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:InternetGatewayID", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv4pool-ec2": { + "resource_type": "ipv4pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "ipv6pool-ec2": { + "resource_type": "ipv6pool-ec2", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-table": "route-table", + "internet-gateway": "internet-gateway", + "ipv4pool-ec2": "ipv4pool-ec2", + "ipv6pool-ec2": "ipv6pool-ec2", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceRouteTableAssociation.html" + }, + "ReplaceTransitGatewayRoute": { + "privilege": "ReplaceTransitGatewayRoute", + "description": "Grants permission to replace a route in a transit gateway route table", + "access_level": "Write", + "resource_types": { + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transit-gateway-attachment": { + "resource_type": "transit-gateway-attachment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table": "transit-gateway-route-table", + "transit-gateway-attachment": "transit-gateway-attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceTransitGatewayRoute.html" + }, + "ReplaceVpnTunnel": { + "privilege": "ReplaceVpnTunnel", + "description": "Grants permission to replace a VPN tunnel", + "access_level": "Write", + "resource_types": { + "vpn-connection": { + "resource_type": "vpn-connection", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpn-connection": "vpn-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReplaceVpnTunnel.html" + }, + "ReportInstanceStatus": { + "privilege": "ReportInstanceStatus", + "description": "Grants permission to submit feedback about the status of an instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReportInstanceStatus.html" + }, + "RequestSpotFleet": { + "privilege": "RequestSpotFleet", + "description": "Grants permission to create a Spot Fleet request", + "access_level": "Write", + "resource_types": { + "spot-fleet-request": { + "resource_type": "spot-fleet-request", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:KeyPairName", + "ec2:KeyPairType", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:OutpostArn", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "spot-fleet-request": "spot-fleet-request", + "image": "image", + "key-pair": "key-pair", + "launch-template": "launch-template", + "placement-group": "placement-group", + "security-group": "security-group", + "snapshot": "snapshot", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html" + }, + "RequestSpotInstances": { + "privilege": "RequestSpotInstances", + "description": "Grants permission to create a Spot Instance request", + "access_level": "Write", + "resource_types": { + "spot-instances-request": { + "resource_type": "spot-instances-request", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:KeyPairName", + "ec2:KeyPairType", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:OutpostArn", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "spot-instances-request": "spot-instances-request", + "image": "image", + "key-pair": "key-pair", + "network-interface": "network-interface", + "placement-group": "placement-group", + "security-group": "security-group", + "snapshot": "snapshot", + "subnet": "subnet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html" + }, + "ResetAddressAttribute": { + "privilege": "ResetAddressAttribute", + "description": "Grants permission to reset the attribute of the specified IP address", + "access_level": "Write", + "resource_types": { + "elastic-ip": { + "resource_type": "elastic-ip", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AllocationId", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "elastic-ip": "elastic-ip", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetAddressAttribute.html" + }, + "ResetEbsDefaultKmsKeyId": { + "privilege": "ResetEbsDefaultKmsKeyId", + "description": "Grants permission to reset the default customer master key (CMK) for EBS encryption for your account to use the AWS-managed CMK for EBS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetEbsDefaultKmsKeyId.html" + }, + "ResetFpgaImageAttribute": { + "privilege": "ResetFpgaImageAttribute", + "description": "Grants permission to reset an attribute of an Amazon FPGA Image (AFI) to its default value", + "access_level": "Write", + "resource_types": { + "fpga-image": { + "resource_type": "fpga-image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fpga-image": "fpga-image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetFpgaImageAttribute.html" + }, + "ResetImageAttribute": { + "privilege": "ResetImageAttribute", + "description": "Grants permission to reset an attribute of an Amazon Machine Image (AMI) to its default value", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetImageAttribute.html" + }, + "ResetInstanceAttribute": { + "privilege": "ResetInstanceAttribute", + "description": "Grants permission to reset an attribute of an instance to its default value", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetInstanceAttribute.html" + }, + "ResetNetworkInterfaceAttribute": { + "privilege": "ResetNetworkInterfaceAttribute", + "description": "Grants permission to reset an attribute of a network interface", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetNetworkInterfaceAttribute.html" + }, + "ResetSnapshotAttribute": { + "privilege": "ResetSnapshotAttribute", + "description": "Grants permission to reset permission settings for a snapshot", + "access_level": "Permissions management", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ResetSnapshotAttribute.html" + }, + "RestoreAddressToClassic": { + "privilege": "RestoreAddressToClassic", + "description": "Grants permission to restore an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreAddressToClassic.html" + }, + "RestoreImageFromRecycleBin": { + "privilege": "RestoreImageFromRecycleBin", + "description": "Grants permission to restore an Amazon Machine Image (AMI) from the Recycle Bin", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreImageFromRecycleBin.html" + }, + "RestoreManagedPrefixListVersion": { + "privilege": "RestoreManagedPrefixListVersion", + "description": "Grants permission to restore the entries from a previous version of a managed prefix list to a new version of the prefix list", + "access_level": "Write", + "resource_types": { + "prefix-list": { + "resource_type": "prefix-list", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "prefix-list": "prefix-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreManagedPrefixListVersion.html" + }, + "RestoreSnapshotFromRecycleBin": { + "privilege": "RestoreSnapshotFromRecycleBin", + "description": "Grants permission to restore an Amazon EBS snapshot from the Recycle Bin", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Encrypted", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreSnapshotFromRecycleBin.html" + }, + "RestoreSnapshotTier": { + "privilege": "RestoreSnapshotTier", + "description": "Grants permission to restore an archived Amazon EBS snapshot for use temporarily or permanently, or modify the restore period or restore type for a snapshot that was previously temporarily restored", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:Encrypted", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RestoreSnapshotTier.html" + }, + "RevokeClientVpnIngress": { + "privilege": "RevokeClientVpnIngress", + "description": "Grants permission to remove an inbound authorization rule from a Client VPN endpoint", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RevokeClientVpnIngress.html" + }, + "RevokeSecurityGroupEgress": { + "privilege": "RevokeSecurityGroupEgress", + "description": "Grants permission to remove one or more outbound rules from a VPC security group", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RevokeSecurityGroupEgress.html" + }, + "RevokeSecurityGroupIngress": { + "privilege": "RevokeSecurityGroupIngress", + "description": "Grants permission to remove one or more inbound rules from a security group", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RevokeSecurityGroupIngress.html" + }, + "RunInstances": { + "privilege": "RunInstances", + "description": "Grants permission to launch one or more instances", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Owner", + "ec2:Public", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "ec2:AssociatePublicIpAddress", + "ec2:AuthorizedService", + "ec2:AvailabilityZone", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:NetworkInterfaceID", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "subnet": { + "resource_type": "subnet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [ + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:ParentSnapshot", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ], + "dependent_actions": [] + }, + "capacity-reservation": { + "resource_type": "capacity-reservation", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "elastic-gpu": { + "resource_type": "elastic-gpu", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ElasticGpuType", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "elastic-inference": { + "resource_type": "elastic-inference", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "key-pair": { + "resource_type": "key-pair", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:IsLaunchTemplateResource", + "ec2:KeyPairName", + "ec2:KeyPairType", + "ec2:LaunchTemplate", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "launch-template": { + "resource_type": "launch-template", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "license-configuration": { + "resource_type": "license-configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "placement-group": { + "resource_type": "placement-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:VolumeSize" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "instance": "instance", + "network-interface": "network-interface", + "security-group": "security-group", + "subnet": "subnet", + "volume": "volume", + "capacity-reservation": "capacity-reservation", + "elastic-gpu": "elastic-gpu", + "elastic-inference": "elastic-inference", + "group": "group", + "key-pair": "key-pair", + "launch-template": "launch-template", + "license-configuration": "license-configuration", + "placement-group": "placement-group", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html" + }, + "RunScheduledInstances": { + "privilege": "RunScheduledInstances", + "description": "Grants permission to launch one or more Scheduled Instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunScheduledInstances.html" + }, + "SearchLocalGatewayRoutes": { + "privilege": "SearchLocalGatewayRoutes", + "description": "Grants permission to search for routes in a local gateway route table", + "access_level": "List", + "resource_types": { + "local-gateway-route-table": { + "resource_type": "local-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "local-gateway-route-table": "local-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchLocalGatewayRoutes.html" + }, + "SearchTransitGatewayMulticastGroups": { + "privilege": "SearchTransitGatewayMulticastGroups", + "description": "Grants permission to search for groups, sources, and members in a transit gateway multicast domain", + "access_level": "List", + "resource_types": { + "transit-gateway-multicast-domain": { + "resource_type": "transit-gateway-multicast-domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayMulticastGroups.html" + }, + "SearchTransitGatewayRoutes": { + "privilege": "SearchTransitGatewayRoutes", + "description": "Grants permission to search for routes in a transit gateway route table", + "access_level": "List", + "resource_types": { + "transit-gateway-route-table": { + "resource_type": "transit-gateway-route-table", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transit-gateway-route-table": "transit-gateway-route-table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayRoutes.html" + }, + "SendDiagnosticInterrupt": { + "privilege": "SendDiagnosticInterrupt", + "description": "Grants permission to send a diagnostic interrupt to an Amazon EC2 instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SendDiagnosticInterrupt.html" + }, + "SendSpotInstanceInterruptions": { + "privilege": "SendSpotInstanceInterruptions", + "description": "Grants permission to interrupt a Spot Instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#send-spot-instance-interruptions" + }, + "StartInstances": { + "privilege": "StartInstances", + "description": "Grants permission to start a stopped instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:PlacementGroup", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "license-configuration": { + "resource_type": "license-configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "license-configuration": "license-configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartInstances.html" + }, + "StartNetworkInsightsAccessScopeAnalysis": { + "privilege": "StartNetworkInsightsAccessScopeAnalysis", + "description": "Grants permission to start a Network Access Scope analysis", + "access_level": "Write", + "resource_types": { + "network-insights-access-scope": { + "resource_type": "network-insights-access-scope", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "network-insights-access-scope-analysis": { + "resource_type": "network-insights-access-scope-analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-access-scope": "network-insights-access-scope", + "network-insights-access-scope-analysis": "network-insights-access-scope-analysis", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartNetworkInsightsAccessScopeAnalysis.html" + }, + "StartNetworkInsightsAnalysis": { + "privilege": "StartNetworkInsightsAnalysis", + "description": "Grants permission to start analyzing a specified path", + "access_level": "Write", + "resource_types": { + "network-insights-analysis": { + "resource_type": "network-insights-analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "network-insights-path": { + "resource_type": "network-insights-path", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-insights-analysis": "network-insights-analysis", + "network-insights-path": "network-insights-path", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartNetworkInsightsAnalysis.html" + }, + "StartVpcEndpointServicePrivateDnsVerification": { + "privilege": "StartVpcEndpointServicePrivateDnsVerification", + "description": "Grants permission to start the private DNS verification process for a VPC endpoint service", + "access_level": "Write", + "resource_types": { + "vpc-endpoint-service": { + "resource_type": "vpc-endpoint-service", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-endpoint-service": "vpc-endpoint-service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartVpcEndpointServicePrivateDnsVerification.html" + }, + "StopInstances": { + "privilege": "StopInstances", + "description": "Grants permission to stop an Amazon EBS-backed instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:PlacementGroup", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StopInstances.html" + }, + "TerminateClientVpnConnections": { + "privilege": "TerminateClientVpnConnections", + "description": "Grants permission to terminate active Client VPN endpoint connections", + "access_level": "Write", + "resource_types": { + "client-vpn-endpoint": { + "resource_type": "client-vpn-endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client-vpn-endpoint": "client-vpn-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TerminateClientVpnConnections.html" + }, + "TerminateInstances": { + "privilege": "TerminateInstances", + "description": "Grants permission to shut down one or more instances", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TerminateInstances.html" + }, + "UnassignIpv6Addresses": { + "privilege": "UnassignIpv6Addresses", + "description": "Grants permission to unassign one or more IPv6 addresses from a network interface", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnassignIpv6Addresses.html" + }, + "UnassignPrivateIpAddresses": { + "privilege": "UnassignPrivateIpAddresses", + "description": "Grants permission to unassign one or more secondary private IP addresses from a network interface", + "access_level": "Write", + "resource_types": { + "network-interface": { + "resource_type": "network-interface", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-interface": "network-interface", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnassignPrivateIpAddresses.html" + }, + "UnassignPrivateNatGatewayAddress": { + "privilege": "UnassignPrivateNatGatewayAddress", + "description": "Grants permission to unassign secondary private IPv4 addresses from a private NAT gateway", + "access_level": "Write", + "resource_types": { + "natgateway": { + "resource_type": "natgateway", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "natgateway": "natgateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnassignPrivateNatGatewayAddress.html" + }, + "UnmonitorInstances": { + "privilege": "UnmonitorInstances", + "description": "Grants permission to disable detailed monitoring for a running instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UnmonitorInstances.html" + }, + "UpdateSecurityGroupRuleDescriptionsEgress": { + "privilege": "UpdateSecurityGroupRuleDescriptionsEgress", + "description": "Grants permission to update descriptions for one or more outbound rules in a VPC security group", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UpdateSecurityGroupRuleDescriptionsEgress.html" + }, + "UpdateSecurityGroupRuleDescriptionsIngress": { + "privilege": "UpdateSecurityGroupRuleDescriptionsIngress", + "description": "Grants permission to update descriptions for one or more inbound rules in a security group", + "access_level": "Write", + "resource_types": { + "security-group": { + "resource_type": "security-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "security-group": "security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_UpdateSecurityGroupRuleDescriptionsIngress.html" + }, + "WithdrawByoipCidr": { + "privilege": "WithdrawByoipCidr", + "description": "Grants permission to stop advertising an address range that was provisioned for use in AWS through bring your own IP addresses (BYOIP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:Region" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_WithdrawByoipCidr.html" + } + }, + "privileges_lower_name": { + "acceptaddresstransfer": "AcceptAddressTransfer", + "acceptreservedinstancesexchangequote": "AcceptReservedInstancesExchangeQuote", + "accepttransitgatewaymulticastdomainassociations": "AcceptTransitGatewayMulticastDomainAssociations", + "accepttransitgatewaypeeringattachment": "AcceptTransitGatewayPeeringAttachment", + "accepttransitgatewayvpcattachment": "AcceptTransitGatewayVpcAttachment", + "acceptvpcendpointconnections": "AcceptVpcEndpointConnections", + "acceptvpcpeeringconnection": "AcceptVpcPeeringConnection", + "advertisebyoipcidr": "AdvertiseByoipCidr", + "allocateaddress": "AllocateAddress", + "allocatehosts": "AllocateHosts", + "allocateipampoolcidr": "AllocateIpamPoolCidr", + "applysecuritygroupstoclientvpntargetnetwork": "ApplySecurityGroupsToClientVpnTargetNetwork", + "assignipv6addresses": "AssignIpv6Addresses", + "assignprivateipaddresses": "AssignPrivateIpAddresses", + "assignprivatenatgatewayaddress": "AssignPrivateNatGatewayAddress", + "associateaddress": "AssociateAddress", + "associateclientvpntargetnetwork": "AssociateClientVpnTargetNetwork", + "associatedhcpoptions": "AssociateDhcpOptions", + "associateenclavecertificateiamrole": "AssociateEnclaveCertificateIamRole", + "associateiaminstanceprofile": "AssociateIamInstanceProfile", + "associateinstanceeventwindow": "AssociateInstanceEventWindow", + "associateipamresourcediscovery": "AssociateIpamResourceDiscovery", + "associatenatgatewayaddress": "AssociateNatGatewayAddress", + "associateroutetable": "AssociateRouteTable", + "associatesubnetcidrblock": "AssociateSubnetCidrBlock", + "associatetransitgatewaymulticastdomain": "AssociateTransitGatewayMulticastDomain", + "associatetransitgatewaypolicytable": "AssociateTransitGatewayPolicyTable", + "associatetransitgatewayroutetable": "AssociateTransitGatewayRouteTable", + "associatetrunkinterface": "AssociateTrunkInterface", + "associateverifiedaccessinstancewebacl": "AssociateVerifiedAccessInstanceWebAcl", + "associatevpccidrblock": "AssociateVpcCidrBlock", + "attachclassiclinkvpc": "AttachClassicLinkVpc", + "attachinternetgateway": "AttachInternetGateway", + "attachnetworkinterface": "AttachNetworkInterface", + "attachverifiedaccesstrustprovider": "AttachVerifiedAccessTrustProvider", + "attachvolume": "AttachVolume", + "attachvpngateway": "AttachVpnGateway", + "authorizeclientvpningress": "AuthorizeClientVpnIngress", + "authorizesecuritygroupegress": "AuthorizeSecurityGroupEgress", + "authorizesecuritygroupingress": "AuthorizeSecurityGroupIngress", + "bundleinstance": "BundleInstance", + "cancelbundletask": "CancelBundleTask", + "cancelcapacityreservation": "CancelCapacityReservation", + "cancelcapacityreservationfleets": "CancelCapacityReservationFleets", + "cancelconversiontask": "CancelConversionTask", + "cancelexporttask": "CancelExportTask", + "cancelimagelaunchpermission": "CancelImageLaunchPermission", + "cancelimporttask": "CancelImportTask", + "cancelreservedinstanceslisting": "CancelReservedInstancesListing", + "cancelspotfleetrequests": "CancelSpotFleetRequests", + "cancelspotinstancerequests": "CancelSpotInstanceRequests", + "confirmproductinstance": "ConfirmProductInstance", + "copyfpgaimage": "CopyFpgaImage", + "copyimage": "CopyImage", + "copysnapshot": "CopySnapshot", + "createcapacityreservation": "CreateCapacityReservation", + "createcapacityreservationfleet": "CreateCapacityReservationFleet", + "createcarriergateway": "CreateCarrierGateway", + "createclientvpnendpoint": "CreateClientVpnEndpoint", + "createclientvpnroute": "CreateClientVpnRoute", + "createcoipcidr": "CreateCoipCidr", + "createcoippool": "CreateCoipPool", + "createcoippoolpermission": "CreateCoipPoolPermission", + "createcustomergateway": "CreateCustomerGateway", + "createdefaultsubnet": "CreateDefaultSubnet", + "createdefaultvpc": "CreateDefaultVpc", + "createdhcpoptions": "CreateDhcpOptions", + "createegressonlyinternetgateway": "CreateEgressOnlyInternetGateway", + "createfleet": "CreateFleet", + "createflowlogs": "CreateFlowLogs", + "createfpgaimage": "CreateFpgaImage", + "createimage": "CreateImage", + "createinstanceconnectendpoint": "CreateInstanceConnectEndpoint", + "createinstanceeventwindow": "CreateInstanceEventWindow", + "createinstanceexporttask": "CreateInstanceExportTask", + "createinternetgateway": "CreateInternetGateway", + "createipam": "CreateIpam", + "createipampool": "CreateIpamPool", + "createipamresourcediscovery": "CreateIpamResourceDiscovery", + "createipamscope": "CreateIpamScope", + "createkeypair": "CreateKeyPair", + "createlaunchtemplate": "CreateLaunchTemplate", + "createlaunchtemplateversion": "CreateLaunchTemplateVersion", + "createlocalgatewayroute": "CreateLocalGatewayRoute", + "createlocalgatewayroutetable": "CreateLocalGatewayRouteTable", + "createlocalgatewayroutetablepermission": "CreateLocalGatewayRouteTablePermission", + "createlocalgatewayroutetablevirtualinterfacegroupassociation": "CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", + "createlocalgatewayroutetablevpcassociation": "CreateLocalGatewayRouteTableVpcAssociation", + "createmanagedprefixlist": "CreateManagedPrefixList", + "createnatgateway": "CreateNatGateway", + "createnetworkacl": "CreateNetworkAcl", + "createnetworkaclentry": "CreateNetworkAclEntry", + "createnetworkinsightsaccessscope": "CreateNetworkInsightsAccessScope", + "createnetworkinsightspath": "CreateNetworkInsightsPath", + "createnetworkinterface": "CreateNetworkInterface", + "createnetworkinterfacepermission": "CreateNetworkInterfacePermission", + "createplacementgroup": "CreatePlacementGroup", + "createpublicipv4pool": "CreatePublicIpv4Pool", + "createreplacerootvolumetask": "CreateReplaceRootVolumeTask", + "createreservedinstanceslisting": "CreateReservedInstancesListing", + "createrestoreimagetask": "CreateRestoreImageTask", + "createroute": "CreateRoute", + "createroutetable": "CreateRouteTable", + "createsecuritygroup": "CreateSecurityGroup", + "createsnapshot": "CreateSnapshot", + "createsnapshots": "CreateSnapshots", + "createspotdatafeedsubscription": "CreateSpotDatafeedSubscription", + "createstoreimagetask": "CreateStoreImageTask", + "createsubnet": "CreateSubnet", + "createsubnetcidrreservation": "CreateSubnetCidrReservation", + "createtags": "CreateTags", + "createtrafficmirrorfilter": "CreateTrafficMirrorFilter", + "createtrafficmirrorfilterrule": "CreateTrafficMirrorFilterRule", + "createtrafficmirrorsession": "CreateTrafficMirrorSession", + "createtrafficmirrortarget": "CreateTrafficMirrorTarget", + "createtransitgateway": "CreateTransitGateway", + "createtransitgatewayconnect": "CreateTransitGatewayConnect", + "createtransitgatewayconnectpeer": "CreateTransitGatewayConnectPeer", + "createtransitgatewaymulticastdomain": "CreateTransitGatewayMulticastDomain", + "createtransitgatewaypeeringattachment": "CreateTransitGatewayPeeringAttachment", + "createtransitgatewaypolicytable": "CreateTransitGatewayPolicyTable", + "createtransitgatewayprefixlistreference": "CreateTransitGatewayPrefixListReference", + "createtransitgatewayroute": "CreateTransitGatewayRoute", + "createtransitgatewayroutetable": "CreateTransitGatewayRouteTable", + "createtransitgatewayroutetableannouncement": "CreateTransitGatewayRouteTableAnnouncement", + "createtransitgatewayvpcattachment": "CreateTransitGatewayVpcAttachment", + "createverifiedaccessendpoint": "CreateVerifiedAccessEndpoint", + "createverifiedaccessgroup": "CreateVerifiedAccessGroup", + "createverifiedaccessinstance": "CreateVerifiedAccessInstance", + "createverifiedaccesstrustprovider": "CreateVerifiedAccessTrustProvider", + "createvolume": "CreateVolume", + "createvpc": "CreateVpc", + "createvpcendpoint": "CreateVpcEndpoint", + "createvpcendpointconnectionnotification": "CreateVpcEndpointConnectionNotification", + "createvpcendpointserviceconfiguration": "CreateVpcEndpointServiceConfiguration", + "createvpcpeeringconnection": "CreateVpcPeeringConnection", + "createvpnconnection": "CreateVpnConnection", + "createvpnconnectionroute": "CreateVpnConnectionRoute", + "createvpngateway": "CreateVpnGateway", + "deletecarriergateway": "DeleteCarrierGateway", + "deleteclientvpnendpoint": "DeleteClientVpnEndpoint", + "deleteclientvpnroute": "DeleteClientVpnRoute", + "deletecoipcidr": "DeleteCoipCidr", + "deletecoippool": "DeleteCoipPool", + "deletecoippoolpermission": "DeleteCoipPoolPermission", + "deletecustomergateway": "DeleteCustomerGateway", + "deletedhcpoptions": "DeleteDhcpOptions", + "deleteegressonlyinternetgateway": "DeleteEgressOnlyInternetGateway", + "deletefleets": "DeleteFleets", + "deleteflowlogs": "DeleteFlowLogs", + "deletefpgaimage": "DeleteFpgaImage", + "deleteinstanceconnectendpoint": "DeleteInstanceConnectEndpoint", + "deleteinstanceeventwindow": "DeleteInstanceEventWindow", + "deleteinternetgateway": "DeleteInternetGateway", + "deleteipam": "DeleteIpam", + "deleteipampool": "DeleteIpamPool", + "deleteipamresourcediscovery": "DeleteIpamResourceDiscovery", + "deleteipamscope": "DeleteIpamScope", + "deletekeypair": "DeleteKeyPair", + "deletelaunchtemplate": "DeleteLaunchTemplate", + "deletelaunchtemplateversions": "DeleteLaunchTemplateVersions", + "deletelocalgatewayroute": "DeleteLocalGatewayRoute", + "deletelocalgatewayroutetable": "DeleteLocalGatewayRouteTable", + "deletelocalgatewayroutetablepermission": "DeleteLocalGatewayRouteTablePermission", + "deletelocalgatewayroutetablevirtualinterfacegroupassociation": "DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", + "deletelocalgatewayroutetablevpcassociation": "DeleteLocalGatewayRouteTableVpcAssociation", + "deletemanagedprefixlist": "DeleteManagedPrefixList", + "deletenatgateway": "DeleteNatGateway", + "deletenetworkacl": "DeleteNetworkAcl", + "deletenetworkaclentry": "DeleteNetworkAclEntry", + "deletenetworkinsightsaccessscope": "DeleteNetworkInsightsAccessScope", + "deletenetworkinsightsaccessscopeanalysis": "DeleteNetworkInsightsAccessScopeAnalysis", + "deletenetworkinsightsanalysis": "DeleteNetworkInsightsAnalysis", + "deletenetworkinsightspath": "DeleteNetworkInsightsPath", + "deletenetworkinterface": "DeleteNetworkInterface", + "deletenetworkinterfacepermission": "DeleteNetworkInterfacePermission", + "deleteplacementgroup": "DeletePlacementGroup", + "deletepublicipv4pool": "DeletePublicIpv4Pool", + "deletequeuedreservedinstances": "DeleteQueuedReservedInstances", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteroute": "DeleteRoute", + "deleteroutetable": "DeleteRouteTable", + "deletesecuritygroup": "DeleteSecurityGroup", + "deletesnapshot": "DeleteSnapshot", + "deletespotdatafeedsubscription": "DeleteSpotDatafeedSubscription", + "deletesubnet": "DeleteSubnet", + "deletesubnetcidrreservation": "DeleteSubnetCidrReservation", + "deletetags": "DeleteTags", + "deletetrafficmirrorfilter": "DeleteTrafficMirrorFilter", + "deletetrafficmirrorfilterrule": "DeleteTrafficMirrorFilterRule", + "deletetrafficmirrorsession": "DeleteTrafficMirrorSession", + "deletetrafficmirrortarget": "DeleteTrafficMirrorTarget", + "deletetransitgateway": "DeleteTransitGateway", + "deletetransitgatewayconnect": "DeleteTransitGatewayConnect", + "deletetransitgatewayconnectpeer": "DeleteTransitGatewayConnectPeer", + "deletetransitgatewaymulticastdomain": "DeleteTransitGatewayMulticastDomain", + "deletetransitgatewaypeeringattachment": "DeleteTransitGatewayPeeringAttachment", + "deletetransitgatewaypolicytable": "DeleteTransitGatewayPolicyTable", + "deletetransitgatewayprefixlistreference": "DeleteTransitGatewayPrefixListReference", + "deletetransitgatewayroute": "DeleteTransitGatewayRoute", + "deletetransitgatewayroutetable": "DeleteTransitGatewayRouteTable", + "deletetransitgatewayroutetableannouncement": "DeleteTransitGatewayRouteTableAnnouncement", + "deletetransitgatewayvpcattachment": "DeleteTransitGatewayVpcAttachment", + "deleteverifiedaccessendpoint": "DeleteVerifiedAccessEndpoint", + "deleteverifiedaccessgroup": "DeleteVerifiedAccessGroup", + "deleteverifiedaccessinstance": "DeleteVerifiedAccessInstance", + "deleteverifiedaccesstrustprovider": "DeleteVerifiedAccessTrustProvider", + "deletevolume": "DeleteVolume", + "deletevpc": "DeleteVpc", + "deletevpcendpointconnectionnotifications": "DeleteVpcEndpointConnectionNotifications", + "deletevpcendpointserviceconfigurations": "DeleteVpcEndpointServiceConfigurations", + "deletevpcendpoints": "DeleteVpcEndpoints", + "deletevpcpeeringconnection": "DeleteVpcPeeringConnection", + "deletevpnconnection": "DeleteVpnConnection", + "deletevpnconnectionroute": "DeleteVpnConnectionRoute", + "deletevpngateway": "DeleteVpnGateway", + "deprovisionbyoipcidr": "DeprovisionByoipCidr", + "deprovisionipampoolcidr": "DeprovisionIpamPoolCidr", + "deprovisionpublicipv4poolcidr": "DeprovisionPublicIpv4PoolCidr", + "deregisterimage": "DeregisterImage", + "deregisterinstanceeventnotificationattributes": "DeregisterInstanceEventNotificationAttributes", + "deregistertransitgatewaymulticastgroupmembers": "DeregisterTransitGatewayMulticastGroupMembers", + "deregistertransitgatewaymulticastgroupsources": "DeregisterTransitGatewayMulticastGroupSources", + "describeaccountattributes": "DescribeAccountAttributes", + "describeaddresstransfers": "DescribeAddressTransfers", + "describeaddresses": "DescribeAddresses", + "describeaddressesattribute": "DescribeAddressesAttribute", + "describeaggregateidformat": "DescribeAggregateIdFormat", + "describeavailabilityzones": "DescribeAvailabilityZones", + "describeawsnetworkperformancemetricsubscriptions": "DescribeAwsNetworkPerformanceMetricSubscriptions", + "describebundletasks": "DescribeBundleTasks", + "describebyoipcidrs": "DescribeByoipCidrs", + "describecapacityreservationfleets": "DescribeCapacityReservationFleets", + "describecapacityreservations": "DescribeCapacityReservations", + "describecarriergateways": "DescribeCarrierGateways", + "describeclassiclinkinstances": "DescribeClassicLinkInstances", + "describeclientvpnauthorizationrules": "DescribeClientVpnAuthorizationRules", + "describeclientvpnconnections": "DescribeClientVpnConnections", + "describeclientvpnendpoints": "DescribeClientVpnEndpoints", + "describeclientvpnroutes": "DescribeClientVpnRoutes", + "describeclientvpntargetnetworks": "DescribeClientVpnTargetNetworks", + "describecoippools": "DescribeCoipPools", + "describeconversiontasks": "DescribeConversionTasks", + "describecustomergateways": "DescribeCustomerGateways", + "describedhcpoptions": "DescribeDhcpOptions", + "describeegressonlyinternetgateways": "DescribeEgressOnlyInternetGateways", + "describeelasticgpus": "DescribeElasticGpus", + "describeexportimagetasks": "DescribeExportImageTasks", + "describeexporttasks": "DescribeExportTasks", + "describefastlaunchimages": "DescribeFastLaunchImages", + "describefastsnapshotrestores": "DescribeFastSnapshotRestores", + "describefleethistory": "DescribeFleetHistory", + "describefleetinstances": "DescribeFleetInstances", + "describefleets": "DescribeFleets", + "describeflowlogs": "DescribeFlowLogs", + "describefpgaimageattribute": "DescribeFpgaImageAttribute", + "describefpgaimages": "DescribeFpgaImages", + "describehostreservationofferings": "DescribeHostReservationOfferings", + "describehostreservations": "DescribeHostReservations", + "describehosts": "DescribeHosts", + "describeiaminstanceprofileassociations": "DescribeIamInstanceProfileAssociations", + "describeidformat": "DescribeIdFormat", + "describeidentityidformat": "DescribeIdentityIdFormat", + "describeimageattribute": "DescribeImageAttribute", + "describeimages": "DescribeImages", + "describeimportimagetasks": "DescribeImportImageTasks", + "describeimportsnapshottasks": "DescribeImportSnapshotTasks", + "describeinstanceattribute": "DescribeInstanceAttribute", + "describeinstanceconnectendpoints": "DescribeInstanceConnectEndpoints", + "describeinstancecreditspecifications": "DescribeInstanceCreditSpecifications", + "describeinstanceeventnotificationattributes": "DescribeInstanceEventNotificationAttributes", + "describeinstanceeventwindows": "DescribeInstanceEventWindows", + "describeinstancestatus": "DescribeInstanceStatus", + "describeinstancetypeofferings": "DescribeInstanceTypeOfferings", + "describeinstancetypes": "DescribeInstanceTypes", + "describeinstances": "DescribeInstances", + "describeinternetgateways": "DescribeInternetGateways", + "describeipampools": "DescribeIpamPools", + "describeipamresourcediscoveries": "DescribeIpamResourceDiscoveries", + "describeipamresourcediscoveryassociations": "DescribeIpamResourceDiscoveryAssociations", + "describeipamscopes": "DescribeIpamScopes", + "describeipams": "DescribeIpams", + "describeipv6pools": "DescribeIpv6Pools", + "describekeypairs": "DescribeKeyPairs", + "describelaunchtemplateversions": "DescribeLaunchTemplateVersions", + "describelaunchtemplates": "DescribeLaunchTemplates", + "describelocalgatewayroutetablepermissions": "DescribeLocalGatewayRouteTablePermissions", + "describelocalgatewayroutetablevirtualinterfacegroupassociations": "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", + "describelocalgatewayroutetablevpcassociations": "DescribeLocalGatewayRouteTableVpcAssociations", + "describelocalgatewayroutetables": "DescribeLocalGatewayRouteTables", + "describelocalgatewayvirtualinterfacegroups": "DescribeLocalGatewayVirtualInterfaceGroups", + "describelocalgatewayvirtualinterfaces": "DescribeLocalGatewayVirtualInterfaces", + "describelocalgateways": "DescribeLocalGateways", + "describemanagedprefixlists": "DescribeManagedPrefixLists", + "describemovingaddresses": "DescribeMovingAddresses", + "describenatgateways": "DescribeNatGateways", + "describenetworkacls": "DescribeNetworkAcls", + "describenetworkinsightsaccessscopeanalyses": "DescribeNetworkInsightsAccessScopeAnalyses", + "describenetworkinsightsaccessscopes": "DescribeNetworkInsightsAccessScopes", + "describenetworkinsightsanalyses": "DescribeNetworkInsightsAnalyses", + "describenetworkinsightspaths": "DescribeNetworkInsightsPaths", + "describenetworkinterfaceattribute": "DescribeNetworkInterfaceAttribute", + "describenetworkinterfacepermissions": "DescribeNetworkInterfacePermissions", + "describenetworkinterfaces": "DescribeNetworkInterfaces", + "describeplacementgroups": "DescribePlacementGroups", + "describeprefixlists": "DescribePrefixLists", + "describeprincipalidformat": "DescribePrincipalIdFormat", + "describepublicipv4pools": "DescribePublicIpv4Pools", + "describeregions": "DescribeRegions", + "describereplacerootvolumetasks": "DescribeReplaceRootVolumeTasks", + "describereservedinstances": "DescribeReservedInstances", + "describereservedinstanceslistings": "DescribeReservedInstancesListings", + "describereservedinstancesmodifications": "DescribeReservedInstancesModifications", + "describereservedinstancesofferings": "DescribeReservedInstancesOfferings", + "describeroutetables": "DescribeRouteTables", + "describescheduledinstanceavailability": "DescribeScheduledInstanceAvailability", + "describescheduledinstances": "DescribeScheduledInstances", + "describesecuritygroupreferences": "DescribeSecurityGroupReferences", + "describesecuritygrouprules": "DescribeSecurityGroupRules", + "describesecuritygroups": "DescribeSecurityGroups", + "describesnapshotattribute": "DescribeSnapshotAttribute", + "describesnapshottierstatus": "DescribeSnapshotTierStatus", + "describesnapshots": "DescribeSnapshots", + "describespotdatafeedsubscription": "DescribeSpotDatafeedSubscription", + "describespotfleetinstances": "DescribeSpotFleetInstances", + "describespotfleetrequesthistory": "DescribeSpotFleetRequestHistory", + "describespotfleetrequests": "DescribeSpotFleetRequests", + "describespotinstancerequests": "DescribeSpotInstanceRequests", + "describespotpricehistory": "DescribeSpotPriceHistory", + "describestalesecuritygroups": "DescribeStaleSecurityGroups", + "describestoreimagetasks": "DescribeStoreImageTasks", + "describesubnets": "DescribeSubnets", + "describetags": "DescribeTags", + "describetrafficmirrorfilters": "DescribeTrafficMirrorFilters", + "describetrafficmirrorsessions": "DescribeTrafficMirrorSessions", + "describetrafficmirrortargets": "DescribeTrafficMirrorTargets", + "describetransitgatewayattachments": "DescribeTransitGatewayAttachments", + "describetransitgatewayconnectpeers": "DescribeTransitGatewayConnectPeers", + "describetransitgatewayconnects": "DescribeTransitGatewayConnects", + "describetransitgatewaymulticastdomains": "DescribeTransitGatewayMulticastDomains", + "describetransitgatewaypeeringattachments": "DescribeTransitGatewayPeeringAttachments", + "describetransitgatewaypolicytables": "DescribeTransitGatewayPolicyTables", + "describetransitgatewayroutetableannouncements": "DescribeTransitGatewayRouteTableAnnouncements", + "describetransitgatewayroutetables": "DescribeTransitGatewayRouteTables", + "describetransitgatewayvpcattachments": "DescribeTransitGatewayVpcAttachments", + "describetransitgateways": "DescribeTransitGateways", + "describetrunkinterfaceassociations": "DescribeTrunkInterfaceAssociations", + "describeverifiedaccessendpoints": "DescribeVerifiedAccessEndpoints", + "describeverifiedaccessgroups": "DescribeVerifiedAccessGroups", + "describeverifiedaccessinstanceloggingconfigurations": "DescribeVerifiedAccessInstanceLoggingConfigurations", + "describeverifiedaccessinstancewebaclassociations": "DescribeVerifiedAccessInstanceWebAclAssociations", + "describeverifiedaccessinstances": "DescribeVerifiedAccessInstances", + "describeverifiedaccesstrustproviders": "DescribeVerifiedAccessTrustProviders", + "describevolumeattribute": "DescribeVolumeAttribute", + "describevolumestatus": "DescribeVolumeStatus", + "describevolumes": "DescribeVolumes", + "describevolumesmodifications": "DescribeVolumesModifications", + "describevpcattribute": "DescribeVpcAttribute", + "describevpcclassiclink": "DescribeVpcClassicLink", + "describevpcclassiclinkdnssupport": "DescribeVpcClassicLinkDnsSupport", + "describevpcendpointconnectionnotifications": "DescribeVpcEndpointConnectionNotifications", + "describevpcendpointconnections": "DescribeVpcEndpointConnections", + "describevpcendpointserviceconfigurations": "DescribeVpcEndpointServiceConfigurations", + "describevpcendpointservicepermissions": "DescribeVpcEndpointServicePermissions", + "describevpcendpointservices": "DescribeVpcEndpointServices", + "describevpcendpoints": "DescribeVpcEndpoints", + "describevpcpeeringconnections": "DescribeVpcPeeringConnections", + "describevpcs": "DescribeVpcs", + "describevpnconnections": "DescribeVpnConnections", + "describevpngateways": "DescribeVpnGateways", + "detachclassiclinkvpc": "DetachClassicLinkVpc", + "detachinternetgateway": "DetachInternetGateway", + "detachnetworkinterface": "DetachNetworkInterface", + "detachverifiedaccesstrustprovider": "DetachVerifiedAccessTrustProvider", + "detachvolume": "DetachVolume", + "detachvpngateway": "DetachVpnGateway", + "disableaddresstransfer": "DisableAddressTransfer", + "disableawsnetworkperformancemetricsubscription": "DisableAwsNetworkPerformanceMetricSubscription", + "disableebsencryptionbydefault": "DisableEbsEncryptionByDefault", + "disablefastlaunch": "DisableFastLaunch", + "disablefastsnapshotrestores": "DisableFastSnapshotRestores", + "disableimagedeprecation": "DisableImageDeprecation", + "disableipamorganizationadminaccount": "DisableIpamOrganizationAdminAccount", + "disableserialconsoleaccess": "DisableSerialConsoleAccess", + "disabletransitgatewayroutetablepropagation": "DisableTransitGatewayRouteTablePropagation", + "disablevgwroutepropagation": "DisableVgwRoutePropagation", + "disablevpcclassiclink": "DisableVpcClassicLink", + "disablevpcclassiclinkdnssupport": "DisableVpcClassicLinkDnsSupport", + "disassociateaddress": "DisassociateAddress", + "disassociateclientvpntargetnetwork": "DisassociateClientVpnTargetNetwork", + "disassociateenclavecertificateiamrole": "DisassociateEnclaveCertificateIamRole", + "disassociateiaminstanceprofile": "DisassociateIamInstanceProfile", + "disassociateinstanceeventwindow": "DisassociateInstanceEventWindow", + "disassociateipamresourcediscovery": "DisassociateIpamResourceDiscovery", + "disassociatenatgatewayaddress": "DisassociateNatGatewayAddress", + "disassociateroutetable": "DisassociateRouteTable", + "disassociatesubnetcidrblock": "DisassociateSubnetCidrBlock", + "disassociatetransitgatewaymulticastdomain": "DisassociateTransitGatewayMulticastDomain", + "disassociatetransitgatewaypolicytable": "DisassociateTransitGatewayPolicyTable", + "disassociatetransitgatewayroutetable": "DisassociateTransitGatewayRouteTable", + "disassociatetrunkinterface": "DisassociateTrunkInterface", + "disassociateverifiedaccessinstancewebacl": "DisassociateVerifiedAccessInstanceWebAcl", + "disassociatevpccidrblock": "DisassociateVpcCidrBlock", + "enableaddresstransfer": "EnableAddressTransfer", + "enableawsnetworkperformancemetricsubscription": "EnableAwsNetworkPerformanceMetricSubscription", + "enableebsencryptionbydefault": "EnableEbsEncryptionByDefault", + "enablefastlaunch": "EnableFastLaunch", + "enablefastsnapshotrestores": "EnableFastSnapshotRestores", + "enableimagedeprecation": "EnableImageDeprecation", + "enableipamorganizationadminaccount": "EnableIpamOrganizationAdminAccount", + "enablereachabilityanalyzerorganizationsharing": "EnableReachabilityAnalyzerOrganizationSharing", + "enableserialconsoleaccess": "EnableSerialConsoleAccess", + "enabletransitgatewayroutetablepropagation": "EnableTransitGatewayRouteTablePropagation", + "enablevgwroutepropagation": "EnableVgwRoutePropagation", + "enablevolumeio": "EnableVolumeIO", + "enablevpcclassiclink": "EnableVpcClassicLink", + "enablevpcclassiclinkdnssupport": "EnableVpcClassicLinkDnsSupport", + "exportclientvpnclientcertificaterevocationlist": "ExportClientVpnClientCertificateRevocationList", + "exportclientvpnclientconfiguration": "ExportClientVpnClientConfiguration", + "exportimage": "ExportImage", + "exporttransitgatewayroutes": "ExportTransitGatewayRoutes", + "getassociatedenclavecertificateiamroles": "GetAssociatedEnclaveCertificateIamRoles", + "getassociatedipv6poolcidrs": "GetAssociatedIpv6PoolCidrs", + "getawsnetworkperformancedata": "GetAwsNetworkPerformanceData", + "getcapacityreservationusage": "GetCapacityReservationUsage", + "getcoippoolusage": "GetCoipPoolUsage", + "getconsoleoutput": "GetConsoleOutput", + "getconsolescreenshot": "GetConsoleScreenshot", + "getdefaultcreditspecification": "GetDefaultCreditSpecification", + "getebsdefaultkmskeyid": "GetEbsDefaultKmsKeyId", + "getebsencryptionbydefault": "GetEbsEncryptionByDefault", + "getflowlogsintegrationtemplate": "GetFlowLogsIntegrationTemplate", + "getgroupsforcapacityreservation": "GetGroupsForCapacityReservation", + "gethostreservationpurchasepreview": "GetHostReservationPurchasePreview", + "getinstancetypesfrominstancerequirements": "GetInstanceTypesFromInstanceRequirements", + "getinstanceuefidata": "GetInstanceUefiData", + "getipamaddresshistory": "GetIpamAddressHistory", + "getipamdiscoveredaccounts": "GetIpamDiscoveredAccounts", + "getipamdiscoveredresourcecidrs": "GetIpamDiscoveredResourceCidrs", + "getipampoolallocations": "GetIpamPoolAllocations", + "getipampoolcidrs": "GetIpamPoolCidrs", + "getipamresourcecidrs": "GetIpamResourceCidrs", + "getlaunchtemplatedata": "GetLaunchTemplateData", + "getmanagedprefixlistassociations": "GetManagedPrefixListAssociations", + "getmanagedprefixlistentries": "GetManagedPrefixListEntries", + "getnetworkinsightsaccessscopeanalysisfindings": "GetNetworkInsightsAccessScopeAnalysisFindings", + "getnetworkinsightsaccessscopecontent": "GetNetworkInsightsAccessScopeContent", + "getpassworddata": "GetPasswordData", + "getreservedinstancesexchangequote": "GetReservedInstancesExchangeQuote", + "getresourcepolicy": "GetResourcePolicy", + "getserialconsoleaccessstatus": "GetSerialConsoleAccessStatus", + "getspotplacementscores": "GetSpotPlacementScores", + "getsubnetcidrreservations": "GetSubnetCidrReservations", + "gettransitgatewayattachmentpropagations": "GetTransitGatewayAttachmentPropagations", + "gettransitgatewaymulticastdomainassociations": "GetTransitGatewayMulticastDomainAssociations", + "gettransitgatewaypolicytableassociations": "GetTransitGatewayPolicyTableAssociations", + "gettransitgatewaypolicytableentries": "GetTransitGatewayPolicyTableEntries", + "gettransitgatewayprefixlistreferences": "GetTransitGatewayPrefixListReferences", + "gettransitgatewayroutetableassociations": "GetTransitGatewayRouteTableAssociations", + "gettransitgatewayroutetablepropagations": "GetTransitGatewayRouteTablePropagations", + "getverifiedaccessendpointpolicy": "GetVerifiedAccessEndpointPolicy", + "getverifiedaccessgrouppolicy": "GetVerifiedAccessGroupPolicy", + "getverifiedaccessinstancewebacl": "GetVerifiedAccessInstanceWebAcl", + "getvpnconnectiondevicesampleconfiguration": "GetVpnConnectionDeviceSampleConfiguration", + "getvpnconnectiondevicetypes": "GetVpnConnectionDeviceTypes", + "getvpntunnelreplacementstatus": "GetVpnTunnelReplacementStatus", + "importbyoipcidrtoipam": "ImportByoipCidrToIpam", + "importclientvpnclientcertificaterevocationlist": "ImportClientVpnClientCertificateRevocationList", + "importimage": "ImportImage", + "importinstance": "ImportInstance", + "importkeypair": "ImportKeyPair", + "importsnapshot": "ImportSnapshot", + "importvolume": "ImportVolume", + "listimagesinrecyclebin": "ListImagesInRecycleBin", + "listsnapshotsinrecyclebin": "ListSnapshotsInRecycleBin", + "modifyaddressattribute": "ModifyAddressAttribute", + "modifyavailabilityzonegroup": "ModifyAvailabilityZoneGroup", + "modifycapacityreservation": "ModifyCapacityReservation", + "modifycapacityreservationfleet": "ModifyCapacityReservationFleet", + "modifyclientvpnendpoint": "ModifyClientVpnEndpoint", + "modifydefaultcreditspecification": "ModifyDefaultCreditSpecification", + "modifyebsdefaultkmskeyid": "ModifyEbsDefaultKmsKeyId", + "modifyfleet": "ModifyFleet", + "modifyfpgaimageattribute": "ModifyFpgaImageAttribute", + "modifyhosts": "ModifyHosts", + "modifyidformat": "ModifyIdFormat", + "modifyidentityidformat": "ModifyIdentityIdFormat", + "modifyimageattribute": "ModifyImageAttribute", + "modifyinstanceattribute": "ModifyInstanceAttribute", + "modifyinstancecapacityreservationattributes": "ModifyInstanceCapacityReservationAttributes", + "modifyinstancecreditspecification": "ModifyInstanceCreditSpecification", + "modifyinstanceeventstarttime": "ModifyInstanceEventStartTime", + "modifyinstanceeventwindow": "ModifyInstanceEventWindow", + "modifyinstancemaintenanceoptions": "ModifyInstanceMaintenanceOptions", + "modifyinstancemetadataoptions": "ModifyInstanceMetadataOptions", + "modifyinstanceplacement": "ModifyInstancePlacement", + "modifyipam": "ModifyIpam", + "modifyipampool": "ModifyIpamPool", + "modifyipamresourcecidr": "ModifyIpamResourceCidr", + "modifyipamresourcediscovery": "ModifyIpamResourceDiscovery", + "modifyipamscope": "ModifyIpamScope", + "modifylaunchtemplate": "ModifyLaunchTemplate", + "modifylocalgatewayroute": "ModifyLocalGatewayRoute", + "modifymanagedprefixlist": "ModifyManagedPrefixList", + "modifynetworkinterfaceattribute": "ModifyNetworkInterfaceAttribute", + "modifyprivatednsnameoptions": "ModifyPrivateDnsNameOptions", + "modifyreservedinstances": "ModifyReservedInstances", + "modifysecuritygrouprules": "ModifySecurityGroupRules", + "modifysnapshotattribute": "ModifySnapshotAttribute", + "modifysnapshottier": "ModifySnapshotTier", + "modifyspotfleetrequest": "ModifySpotFleetRequest", + "modifysubnetattribute": "ModifySubnetAttribute", + "modifytrafficmirrorfilternetworkservices": "ModifyTrafficMirrorFilterNetworkServices", + "modifytrafficmirrorfilterrule": "ModifyTrafficMirrorFilterRule", + "modifytrafficmirrorsession": "ModifyTrafficMirrorSession", + "modifytransitgateway": "ModifyTransitGateway", + "modifytransitgatewayprefixlistreference": "ModifyTransitGatewayPrefixListReference", + "modifytransitgatewayvpcattachment": "ModifyTransitGatewayVpcAttachment", + "modifyverifiedaccessendpoint": "ModifyVerifiedAccessEndpoint", + "modifyverifiedaccessendpointpolicy": "ModifyVerifiedAccessEndpointPolicy", + "modifyverifiedaccessgroup": "ModifyVerifiedAccessGroup", + "modifyverifiedaccessgrouppolicy": "ModifyVerifiedAccessGroupPolicy", + "modifyverifiedaccessinstance": "ModifyVerifiedAccessInstance", + "modifyverifiedaccessinstanceloggingconfiguration": "ModifyVerifiedAccessInstanceLoggingConfiguration", + "modifyverifiedaccesstrustprovider": "ModifyVerifiedAccessTrustProvider", + "modifyvolume": "ModifyVolume", + "modifyvolumeattribute": "ModifyVolumeAttribute", + "modifyvpcattribute": "ModifyVpcAttribute", + "modifyvpcendpoint": "ModifyVpcEndpoint", + "modifyvpcendpointconnectionnotification": "ModifyVpcEndpointConnectionNotification", + "modifyvpcendpointserviceconfiguration": "ModifyVpcEndpointServiceConfiguration", + "modifyvpcendpointservicepayerresponsibility": "ModifyVpcEndpointServicePayerResponsibility", + "modifyvpcendpointservicepermissions": "ModifyVpcEndpointServicePermissions", + "modifyvpcpeeringconnectionoptions": "ModifyVpcPeeringConnectionOptions", + "modifyvpctenancy": "ModifyVpcTenancy", + "modifyvpnconnection": "ModifyVpnConnection", + "modifyvpnconnectionoptions": "ModifyVpnConnectionOptions", + "modifyvpntunnelcertificate": "ModifyVpnTunnelCertificate", + "modifyvpntunneloptions": "ModifyVpnTunnelOptions", + "monitorinstances": "MonitorInstances", + "moveaddresstovpc": "MoveAddressToVpc", + "movebyoipcidrtoipam": "MoveByoipCidrToIpam", + "pausevolumeio": "PauseVolumeIO", + "provisionbyoipcidr": "ProvisionByoipCidr", + "provisionipampoolcidr": "ProvisionIpamPoolCidr", + "provisionpublicipv4poolcidr": "ProvisionPublicIpv4PoolCidr", + "purchasehostreservation": "PurchaseHostReservation", + "purchasereservedinstancesoffering": "PurchaseReservedInstancesOffering", + "purchasescheduledinstances": "PurchaseScheduledInstances", + "putresourcepolicy": "PutResourcePolicy", + "rebootinstances": "RebootInstances", + "registerimage": "RegisterImage", + "registerinstanceeventnotificationattributes": "RegisterInstanceEventNotificationAttributes", + "registertransitgatewaymulticastgroupmembers": "RegisterTransitGatewayMulticastGroupMembers", + "registertransitgatewaymulticastgroupsources": "RegisterTransitGatewayMulticastGroupSources", + "rejecttransitgatewaymulticastdomainassociations": "RejectTransitGatewayMulticastDomainAssociations", + "rejecttransitgatewaypeeringattachment": "RejectTransitGatewayPeeringAttachment", + "rejecttransitgatewayvpcattachment": "RejectTransitGatewayVpcAttachment", + "rejectvpcendpointconnections": "RejectVpcEndpointConnections", + "rejectvpcpeeringconnection": "RejectVpcPeeringConnection", + "releaseaddress": "ReleaseAddress", + "releasehosts": "ReleaseHosts", + "releaseipampoolallocation": "ReleaseIpamPoolAllocation", + "replaceiaminstanceprofileassociation": "ReplaceIamInstanceProfileAssociation", + "replacenetworkaclassociation": "ReplaceNetworkAclAssociation", + "replacenetworkaclentry": "ReplaceNetworkAclEntry", + "replaceroute": "ReplaceRoute", + "replaceroutetableassociation": "ReplaceRouteTableAssociation", + "replacetransitgatewayroute": "ReplaceTransitGatewayRoute", + "replacevpntunnel": "ReplaceVpnTunnel", + "reportinstancestatus": "ReportInstanceStatus", + "requestspotfleet": "RequestSpotFleet", + "requestspotinstances": "RequestSpotInstances", + "resetaddressattribute": "ResetAddressAttribute", + "resetebsdefaultkmskeyid": "ResetEbsDefaultKmsKeyId", + "resetfpgaimageattribute": "ResetFpgaImageAttribute", + "resetimageattribute": "ResetImageAttribute", + "resetinstanceattribute": "ResetInstanceAttribute", + "resetnetworkinterfaceattribute": "ResetNetworkInterfaceAttribute", + "resetsnapshotattribute": "ResetSnapshotAttribute", + "restoreaddresstoclassic": "RestoreAddressToClassic", + "restoreimagefromrecyclebin": "RestoreImageFromRecycleBin", + "restoremanagedprefixlistversion": "RestoreManagedPrefixListVersion", + "restoresnapshotfromrecyclebin": "RestoreSnapshotFromRecycleBin", + "restoresnapshottier": "RestoreSnapshotTier", + "revokeclientvpningress": "RevokeClientVpnIngress", + "revokesecuritygroupegress": "RevokeSecurityGroupEgress", + "revokesecuritygroupingress": "RevokeSecurityGroupIngress", + "runinstances": "RunInstances", + "runscheduledinstances": "RunScheduledInstances", + "searchlocalgatewayroutes": "SearchLocalGatewayRoutes", + "searchtransitgatewaymulticastgroups": "SearchTransitGatewayMulticastGroups", + "searchtransitgatewayroutes": "SearchTransitGatewayRoutes", + "senddiagnosticinterrupt": "SendDiagnosticInterrupt", + "sendspotinstanceinterruptions": "SendSpotInstanceInterruptions", + "startinstances": "StartInstances", + "startnetworkinsightsaccessscopeanalysis": "StartNetworkInsightsAccessScopeAnalysis", + "startnetworkinsightsanalysis": "StartNetworkInsightsAnalysis", + "startvpcendpointserviceprivatednsverification": "StartVpcEndpointServicePrivateDnsVerification", + "stopinstances": "StopInstances", + "terminateclientvpnconnections": "TerminateClientVpnConnections", + "terminateinstances": "TerminateInstances", + "unassignipv6addresses": "UnassignIpv6Addresses", + "unassignprivateipaddresses": "UnassignPrivateIpAddresses", + "unassignprivatenatgatewayaddress": "UnassignPrivateNatGatewayAddress", + "unmonitorinstances": "UnmonitorInstances", + "updatesecuritygroupruledescriptionsegress": "UpdateSecurityGroupRuleDescriptionsEgress", + "updatesecuritygroupruledescriptionsingress": "UpdateSecurityGroupRuleDescriptionsIngress", + "withdrawbyoipcidr": "WithdrawByoipCidr" + }, + "resources": { + "elastic-ip": { + "resource": "elastic-ip", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:elastic-ip/${AllocationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:AllocationId", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Domain", + "ec2:PublicIpAddress", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "capacity-reservation-fleet": { + "resource": "capacity-reservation-fleet", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:capacity-reservation-fleet/${CapacityReservationFleetId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "capacity-reservation": { + "resource": "capacity-reservation", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:capacity-reservation/${CapacityReservationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:CapacityReservationFleet", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "carrier-gateway": { + "resource": "carrier-gateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:carrier-gateway/${CarrierGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:Vpc" + ] + }, + "certificate": { + "resource": "certificate", + "arn": "arn:${Partition}:acm:${Region}:${Account}:certificate/${CertificateId}", + "condition_keys": [] + }, + "client-vpn-endpoint": { + "resource": "client-vpn-endpoint", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:client-vpn-endpoint/${ClientVpnEndpointId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ClientRootCertificateChainArn", + "ec2:CloudwatchLogGroupArn", + "ec2:CloudwatchLogStreamArn", + "ec2:DirectoryArn", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:SamlProviderArn", + "ec2:ServerCertificateArn" + ] + }, + "customer-gateway": { + "resource": "customer-gateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:customer-gateway/${CustomerGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "dedicated-host": { + "resource": "dedicated-host", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:dedicated-host/${DedicatedHostId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AutoPlacement", + "ec2:AvailabilityZone", + "ec2:HostRecovery", + "ec2:InstanceType", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Quantity", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "dhcp-options": { + "resource": "dhcp-options", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:dhcp-options/${DhcpOptionsId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:DhcpOptionsID", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "egress-only-internet-gateway": { + "resource": "egress-only-internet-gateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:egress-only-internet-gateway/${EgressOnlyInternetGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "elastic-gpu": { + "resource": "elastic-gpu", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:elastic-gpu/${ElasticGpuId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:ElasticGpuType", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "elastic-inference": { + "resource": "elastic-inference", + "arn": "arn:${Partition}:elastic-inference:${Region}:${Account}:elastic-inference-accelerator/${AcceleratorId}", + "condition_keys": [] + }, + "export-image-task": { + "resource": "export-image-task", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:export-image-task/${ExportImageTaskId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "export-instance-task": { + "resource": "export-instance-task", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:export-instance-task/${ExportTaskId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "fleet": { + "resource": "fleet", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:fleet/${FleetId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "fpga-image": { + "resource": "fpga-image", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:fpga-image/${FpgaImageId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Owner", + "ec2:Public", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "host-reservation": { + "resource": "host-reservation", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:host-reservation/${HostReservationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "image": { + "resource": "image", + "arn": "arn:${Partition}:ec2:${Region}::image/${ImageId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:ImageID", + "ec2:ImageType", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Owner", + "ec2:Public", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType" + ] + }, + "import-image-task": { + "resource": "import-image-task", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:import-image-task/${ImportImageTaskId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "import-snapshot-task": { + "resource": "import-snapshot-task", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:import-snapshot-task/${ImportSnapshotTaskId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "instance-connect-endpoint": { + "resource": "instance-connect-endpoint", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance-connect-endpoint/${InstanceConnectEndpointId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID" + ] + }, + "instance-event-window": { + "resource": "instance-event-window", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance-event-window/${InstanceEventWindowId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "instance": { + "resource": "instance", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance/${InstanceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:EbsOptimized", + "ec2:InstanceAutoRecovery", + "ec2:InstanceID", + "ec2:InstanceMarketType", + "ec2:InstanceMetadataTags", + "ec2:InstanceProfile", + "ec2:InstanceType", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:MetadataHttpEndpoint", + "ec2:MetadataHttpPutResponseHopLimit", + "ec2:MetadataHttpTokens", + "ec2:NewInstanceProfile", + "ec2:PlacementGroup", + "ec2:ProductCode", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:RootDeviceType", + "ec2:Tenancy" + ] + }, + "internet-gateway": { + "resource": "internet-gateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:internet-gateway/${InternetGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:InternetGatewayID", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "ipam": { + "resource": "ipam", + "arn": "arn:${Partition}:ec2::${Account}:ipam/${IpamId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "ipam-pool": { + "resource": "ipam-pool", + "arn": "arn:${Partition}:ec2::${Account}:ipam-pool/${IpamPoolId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "ipam-resource-discovery-association": { + "resource": "ipam-resource-discovery-association", + "arn": "arn:${Partition}:ec2::${Account}:ipam-resource-discovery-association/${IpamResourceDiscoveryAssociationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "ipam-resource-discovery": { + "resource": "ipam-resource-discovery", + "arn": "arn:${Partition}:ec2::${Account}:ipam-resource-discovery/${IpamResourceDiscoveryId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "ipam-scope": { + "resource": "ipam-scope", + "arn": "arn:${Partition}:ec2::${Account}:ipam-scope/${IpamScopeId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "coip-pool": { + "resource": "coip-pool", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:coip-pool/${Ipv4PoolCoipId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "ipv4pool-ec2": { + "resource": "ipv4pool-ec2", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:ipv4pool-ec2/${Ipv4PoolEc2Id}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "ipv6pool-ec2": { + "resource": "ipv6pool-ec2", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:ipv6pool-ec2/${Ipv6PoolEc2Id}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "key-pair": { + "resource": "key-pair", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:key-pair/${KeyPairName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:IsLaunchTemplateResource", + "ec2:KeyPairName", + "ec2:KeyPairType", + "ec2:LaunchTemplate", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "launch-template": { + "resource": "launch-template", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:launch-template/${LaunchTemplateId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "license-configuration": { + "resource": "license-configuration", + "arn": "arn:${Partition}:license-manager:${Region}:${Account}:license-configuration:${LicenseConfigurationId}", + "condition_keys": [] + }, + "local-gateway": { + "resource": "local-gateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway/${LocalGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "local-gateway-route-table-virtual-interface-group-association": { + "resource": "local-gateway-route-table-virtual-interface-group-association", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-route-table-virtual-interface-group-association/${LocalGatewayRouteTableVirtualInterfaceGroupAssociationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "local-gateway-route-table-vpc-association": { + "resource": "local-gateway-route-table-vpc-association", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-route-table-vpc-association/${LocalGatewayRouteTableVpcAssociationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "local-gateway-route-table": { + "resource": "local-gateway-route-table", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-route-table/${LocalGatewayRoutetableId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "local-gateway-virtual-interface-group": { + "resource": "local-gateway-virtual-interface-group", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-virtual-interface-group/${LocalGatewayVirtualInterfaceGroupId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "local-gateway-virtual-interface": { + "resource": "local-gateway-virtual-interface", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:local-gateway-virtual-interface/${LocalGatewayVirtualInterfaceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "natgateway": { + "resource": "natgateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:natgateway/${NatGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "network-acl": { + "resource": "network-acl", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-acl/${NaclId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:NetworkAclID", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:Vpc" + ] + }, + "network-insights-access-scope-analysis": { + "resource": "network-insights-access-scope-analysis", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-access-scope-analysis/${NetworkInsightsAccessScopeAnalysisId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "network-insights-access-scope": { + "resource": "network-insights-access-scope", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-access-scope/${NetworkInsightsAccessScopeId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "network-insights-analysis": { + "resource": "network-insights-analysis", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-analysis/${NetworkInsightsAnalysisId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "network-insights-path": { + "resource": "network-insights-path", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-insights-path/${NetworkInsightsPathId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "network-interface": { + "resource": "network-interface", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:network-interface/${NetworkInterfaceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:AssociatePublicIpAddress", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AuthorizedService", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc" + ] + }, + "placement-group": { + "resource": "placement-group", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:placement-group/${PlacementGroupName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:PlacementGroupName", + "ec2:PlacementGroupStrategy", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "prefix-list": { + "resource": "prefix-list", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:prefix-list/${PrefixListId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "replace-root-volume-task": { + "resource": "replace-root-volume-task", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:replace-root-volume-task/${ReplaceRootVolumeTaskId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "reserved-instances": { + "resource": "reserved-instances", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:reserved-instances/${ReservationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:InstanceType", + "ec2:Region", + "ec2:ReservedInstancesOfferingType", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy" + ] + }, + "group": { + "resource": "group", + "arn": "arn:${Partition}:resource-groups:${Region}:${Account}:group/${GroupName}", + "condition_keys": [] + }, + "role": { + "resource": "role", + "arn": "arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}", + "condition_keys": [] + }, + "route-table": { + "resource": "route-table", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:route-table/${RouteTableId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:RouteTableID", + "ec2:Vpc" + ] + }, + "security-group": { + "resource": "security-group", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:security-group/${SecurityGroupId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc" + ] + }, + "security-group-rule": { + "resource": "security-group-rule", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:security-group-rule/${SecurityGroupRuleId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:ec2:${Region}::snapshot/${SnapshotId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Add/group", + "ec2:Add/userId", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:OutpostArn", + "ec2:Owner", + "ec2:ParentVolume", + "ec2:Region", + "ec2:Remove/group", + "ec2:Remove/userId", + "ec2:ResourceTag/${TagKey}", + "ec2:SnapshotID", + "ec2:SnapshotTime", + "ec2:SourceOutpostArn", + "ec2:VolumeSize" + ] + }, + "spot-fleet-request": { + "resource": "spot-fleet-request", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:spot-fleet-request/${SpotFleetRequestId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "spot-instances-request": { + "resource": "spot-instances-request", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:spot-instances-request/${SpotInstanceRequestId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "subnet-cidr-reservation": { + "resource": "subnet-cidr-reservation", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:subnet-cidr-reservation/${SubnetCidrReservationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "subnet": { + "resource": "subnet", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:subnet/${SubnetId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:IsLaunchTemplateResource", + "ec2:LaunchTemplate", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc" + ] + }, + "traffic-mirror-filter": { + "resource": "traffic-mirror-filter", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-filter/${TrafficMirrorFilterId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "traffic-mirror-filter-rule": { + "resource": "traffic-mirror-filter-rule", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-filter-rule/${TrafficMirrorFilterRuleId}", + "condition_keys": [ + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region" + ] + }, + "traffic-mirror-session": { + "resource": "traffic-mirror-session", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-session/${TrafficMirrorSessionId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "traffic-mirror-target": { + "resource": "traffic-mirror-target", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:traffic-mirror-target/${TrafficMirrorTargetId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "transit-gateway-attachment": { + "resource": "transit-gateway-attachment", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-attachment/${TransitGatewayAttachmentId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "transit-gateway-connect-peer": { + "resource": "transit-gateway-connect-peer", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-connect-peer/${TransitGatewayConnectPeerId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "transit-gateway": { + "resource": "transit-gateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway/${TransitGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "transit-gateway-multicast-domain": { + "resource": "transit-gateway-multicast-domain", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-multicast-domain/${TransitGatewayMulticastDomainId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "transit-gateway-policy-table": { + "resource": "transit-gateway-policy-table", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-policy-table/${TransitGatewayPolicyTableId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "transit-gateway-route-table-announcement": { + "resource": "transit-gateway-route-table-announcement", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-route-table-announcement/${TransitGatewayRouteTableAnnouncementId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "transit-gateway-route-table": { + "resource": "transit-gateway-route-table", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-route-table/${TransitGatewayRouteTableId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "verified-access-endpoint": { + "resource": "verified-access-endpoint", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-endpoint/${VerifiedAccessEndpointId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "verified-access-group": { + "resource": "verified-access-group", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-group/${VerifiedAccessGroupId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "verified-access-instance": { + "resource": "verified-access-instance", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-instance/${VerifiedAccessInstanceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "verified-access-policy": { + "resource": "verified-access-policy", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-policy/${VerifiedAccessPolicyId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "verified-access-trust-provider": { + "resource": "verified-access-trust-provider", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-trust-provider/${VerifiedAccessTrustProviderId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "volume": { + "resource": "volume", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:volume/${VolumeId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AvailabilityZone", + "ec2:Encrypted", + "ec2:IsLaunchTemplateResource", + "ec2:KmsKeyId", + "ec2:LaunchTemplate", + "ec2:ParentSnapshot", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:VolumeID", + "ec2:VolumeIops", + "ec2:VolumeSize", + "ec2:VolumeThroughput", + "ec2:VolumeType" + ] + }, + "vpc-endpoint-connection": { + "resource": "vpc-endpoint-connection", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-connection/${VpcEndpointConnectionId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "vpc-endpoint": { + "resource": "vpc-endpoint", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint/${VpcEndpointId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:VpceServiceName", + "ec2:VpceServiceOwner" + ] + }, + "vpc-endpoint-service": { + "resource": "vpc-endpoint-service", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-service/${VpcEndpointServiceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:VpceServicePrivateDnsName" + ] + }, + "vpc-endpoint-service-permission": { + "resource": "vpc-endpoint-service-permission", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-endpoint-service-permission/${VpcEndpointServicePermissionId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "vpc-flow-log": { + "resource": "vpc-flow-log", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-flow-log/${VpcFlowLogId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + }, + "vpc": { + "resource": "vpc", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc/${VpcId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Ipv4IpamPoolId", + "ec2:Ipv6IpamPoolId", + "ec2:Region", + "ec2:ResourceTag/${TagKey}", + "ec2:Tenancy", + "ec2:VpcID" + ] + }, + "vpc-peering-connection": { + "resource": "vpc-peering-connection", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc-peering-connection/${VpcPeeringConnectionId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:AccepterVpc", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:Region", + "ec2:RequesterVpc", + "ec2:ResourceTag/${TagKey}", + "ec2:VpcPeeringConnectionID" + ] + }, + "vpn-connection-device-type": { + "resource": "vpn-connection-device-type", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpn-connection-device-type/${VpnConnectionDeviceTypeId}", + "condition_keys": [ + "ec2:Region" + ] + }, + "vpn-connection": { + "resource": "vpn-connection", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpn-connection/${VpnConnectionId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Attribute", + "ec2:Attribute/${AttributeName}", + "ec2:AuthenticationType", + "ec2:DPDTimeoutSeconds", + "ec2:GatewayType", + "ec2:IKEVersions", + "ec2:InsideTunnelCidr", + "ec2:InsideTunnelIpv6Cidr", + "ec2:Phase1DHGroup", + "ec2:Phase1EncryptionAlgorithms", + "ec2:Phase1IntegrityAlgorithms", + "ec2:Phase1LifetimeSeconds", + "ec2:Phase2DHGroup", + "ec2:Phase2EncryptionAlgorithms", + "ec2:Phase2IntegrityAlgorithms", + "ec2:Phase2LifetimeSeconds", + "ec2:PreSharedKeys", + "ec2:Region", + "ec2:RekeyFuzzPercentage", + "ec2:RekeyMarginTimeSeconds", + "ec2:ReplayWindowSizePackets", + "ec2:ResourceTag/${TagKey}", + "ec2:RoutingType" + ] + }, + "vpn-gateway": { + "resource": "vpn-gateway", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpn-gateway/${VpnGatewayId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ec2:Region", + "ec2:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "elastic-ip": "elastic-ip", + "capacity-reservation-fleet": "capacity-reservation-fleet", + "capacity-reservation": "capacity-reservation", + "carrier-gateway": "carrier-gateway", + "certificate": "certificate", + "client-vpn-endpoint": "client-vpn-endpoint", + "customer-gateway": "customer-gateway", + "dedicated-host": "dedicated-host", + "dhcp-options": "dhcp-options", + "egress-only-internet-gateway": "egress-only-internet-gateway", + "elastic-gpu": "elastic-gpu", + "elastic-inference": "elastic-inference", + "export-image-task": "export-image-task", + "export-instance-task": "export-instance-task", + "fleet": "fleet", + "fpga-image": "fpga-image", + "host-reservation": "host-reservation", + "image": "image", + "import-image-task": "import-image-task", + "import-snapshot-task": "import-snapshot-task", + "instance-connect-endpoint": "instance-connect-endpoint", + "instance-event-window": "instance-event-window", + "instance": "instance", + "internet-gateway": "internet-gateway", + "ipam": "ipam", + "ipam-pool": "ipam-pool", + "ipam-resource-discovery-association": "ipam-resource-discovery-association", + "ipam-resource-discovery": "ipam-resource-discovery", + "ipam-scope": "ipam-scope", + "coip-pool": "coip-pool", + "ipv4pool-ec2": "ipv4pool-ec2", + "ipv6pool-ec2": "ipv6pool-ec2", + "key-pair": "key-pair", + "launch-template": "launch-template", + "license-configuration": "license-configuration", + "local-gateway": "local-gateway", + "local-gateway-route-table-virtual-interface-group-association": "local-gateway-route-table-virtual-interface-group-association", + "local-gateway-route-table-vpc-association": "local-gateway-route-table-vpc-association", + "local-gateway-route-table": "local-gateway-route-table", + "local-gateway-virtual-interface-group": "local-gateway-virtual-interface-group", + "local-gateway-virtual-interface": "local-gateway-virtual-interface", + "natgateway": "natgateway", + "network-acl": "network-acl", + "network-insights-access-scope-analysis": "network-insights-access-scope-analysis", + "network-insights-access-scope": "network-insights-access-scope", + "network-insights-analysis": "network-insights-analysis", + "network-insights-path": "network-insights-path", + "network-interface": "network-interface", + "placement-group": "placement-group", + "prefix-list": "prefix-list", + "replace-root-volume-task": "replace-root-volume-task", + "reserved-instances": "reserved-instances", + "group": "group", + "role": "role", + "route-table": "route-table", + "security-group": "security-group", + "security-group-rule": "security-group-rule", + "snapshot": "snapshot", + "spot-fleet-request": "spot-fleet-request", + "spot-instances-request": "spot-instances-request", + "subnet-cidr-reservation": "subnet-cidr-reservation", + "subnet": "subnet", + "traffic-mirror-filter": "traffic-mirror-filter", + "traffic-mirror-filter-rule": "traffic-mirror-filter-rule", + "traffic-mirror-session": "traffic-mirror-session", + "traffic-mirror-target": "traffic-mirror-target", + "transit-gateway-attachment": "transit-gateway-attachment", + "transit-gateway-connect-peer": "transit-gateway-connect-peer", + "transit-gateway": "transit-gateway", + "transit-gateway-multicast-domain": "transit-gateway-multicast-domain", + "transit-gateway-policy-table": "transit-gateway-policy-table", + "transit-gateway-route-table-announcement": "transit-gateway-route-table-announcement", + "transit-gateway-route-table": "transit-gateway-route-table", + "verified-access-endpoint": "verified-access-endpoint", + "verified-access-group": "verified-access-group", + "verified-access-instance": "verified-access-instance", + "verified-access-policy": "verified-access-policy", + "verified-access-trust-provider": "verified-access-trust-provider", + "volume": "volume", + "vpc-endpoint-connection": "vpc-endpoint-connection", + "vpc-endpoint": "vpc-endpoint", + "vpc-endpoint-service": "vpc-endpoint-service", + "vpc-endpoint-service-permission": "vpc-endpoint-service-permission", + "vpc-flow-log": "vpc-flow-log", + "vpc": "vpc", + "vpc-peering-connection": "vpc-peering-connection", + "vpn-connection-device-type": "vpn-connection-device-type", + "vpn-connection": "vpn-connection", + "vpn-gateway": "vpn-gateway" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + }, + "ec2:AccepterVpc": { + "condition": "ec2:AccepterVpc", + "description": "Filters access by the ARN of an accepter VPC in a VPC peering connection", + "type": "ARN" + }, + "ec2:Add/group": { + "condition": "ec2:Add/group", + "description": "Filters access by the group being added to a snapshot", + "type": "String" + }, + "ec2:Add/userId": { + "condition": "ec2:Add/userId", + "description": "Filters access by the account id being added to a snapshot", + "type": "String" + }, + "ec2:AllocationId": { + "condition": "ec2:AllocationId", + "description": "Filters access by the allocation ID of the Elastic IP address", + "type": "String" + }, + "ec2:AssociatePublicIpAddress": { + "condition": "ec2:AssociatePublicIpAddress", + "description": "Filters access by whether the user wants to associate a public IP address with the instance", + "type": "Bool" + }, + "ec2:Attribute": { + "condition": "ec2:Attribute", + "description": "Filters access by an attribute of a resource", + "type": "String" + }, + "ec2:Attribute/${AttributeName}": { + "condition": "ec2:Attribute/${AttributeName}", + "description": "Filters access by an attribute being set on a resource", + "type": "String" + }, + "ec2:AuthenticationType": { + "condition": "ec2:AuthenticationType", + "description": "Filters access by the authentication type for the VPN tunnel endpoints", + "type": "String" + }, + "ec2:AuthorizedService": { + "condition": "ec2:AuthorizedService", + "description": "Filters access by the AWS service that has permission to use a resource", + "type": "String" + }, + "ec2:AuthorizedUser": { + "condition": "ec2:AuthorizedUser", + "description": "Filters access by an IAM principal that has permission to use a resource", + "type": "String" + }, + "ec2:AutoPlacement": { + "condition": "ec2:AutoPlacement", + "description": "Filters access by the Auto Placement properties of a Dedicated Host", + "type": "String" + }, + "ec2:AvailabilityZone": { + "condition": "ec2:AvailabilityZone", + "description": "Filters access by the name of an Availability Zone in an AWS Region", + "type": "String" + }, + "ec2:CapacityReservationFleet": { + "condition": "ec2:CapacityReservationFleet", + "description": "Filters access by the ARN of the Capacity Reservation Fleet", + "type": "ARN" + }, + "ec2:ClientRootCertificateChainArn": { + "condition": "ec2:ClientRootCertificateChainArn", + "description": "Filters access by the ARN of the client root certificate chain", + "type": "ARN" + }, + "ec2:CloudwatchLogGroupArn": { + "condition": "ec2:CloudwatchLogGroupArn", + "description": "Filters access by the ARN of the CloudWatch Logs log group", + "type": "ARN" + }, + "ec2:CloudwatchLogStreamArn": { + "condition": "ec2:CloudwatchLogStreamArn", + "description": "Filters access by the ARN of the CloudWatch Logs log stream", + "type": "ARN" + }, + "ec2:CreateAction": { + "condition": "ec2:CreateAction", + "description": "Filters access by the name of a resource-creating API action", + "type": "String" + }, + "ec2:DPDTimeoutSeconds": { + "condition": "ec2:DPDTimeoutSeconds", + "description": "Filters access by the duration after which DPD timeout occurs on a VPN tunnel", + "type": "Numeric" + }, + "ec2:DhcpOptionsID": { + "condition": "ec2:DhcpOptionsID", + "description": "Filters access by the ID of a dynamic host configuration protocol (DHCP) options set", + "type": "String" + }, + "ec2:DirectoryArn": { + "condition": "ec2:DirectoryArn", + "description": "Filters access by the ARN of the directory", + "type": "ARN" + }, + "ec2:Domain": { + "condition": "ec2:Domain", + "description": "Filters access by the domain of the Elastic IP address", + "type": "String" + }, + "ec2:EbsOptimized": { + "condition": "ec2:EbsOptimized", + "description": "Filters access by whether the instance is enabled for EBS optimization", + "type": "Bool" + }, + "ec2:ElasticGpuType": { + "condition": "ec2:ElasticGpuType", + "description": "Filters access by the type of Elastic Graphics accelerator", + "type": "String" + }, + "ec2:Encrypted": { + "condition": "ec2:Encrypted", + "description": "Filters access by whether the EBS volume is encrypted", + "type": "Bool" + }, + "ec2:GatewayType": { + "condition": "ec2:GatewayType", + "description": "Filters access by the gateway type for a VPN endpoint on the AWS side of a VPN connection", + "type": "String" + }, + "ec2:HostRecovery": { + "condition": "ec2:HostRecovery", + "description": "Filters access by whether host recovery is enabled for a Dedicated Host", + "type": "String" + }, + "ec2:IKEVersions": { + "condition": "ec2:IKEVersions", + "description": "Filters access by the internet key exchange (IKE) versions that are permitted for a VPN tunnel", + "type": "ArrayOfString" + }, + "ec2:ImageID": { + "condition": "ec2:ImageID", + "description": "Filters access by the ID of an image", + "type": "String" + }, + "ec2:ImageType": { + "condition": "ec2:ImageType", + "description": "Filters access by the type of image (machine, aki, or ari)", + "type": "String" + }, + "ec2:InsideTunnelCidr": { + "condition": "ec2:InsideTunnelCidr", + "description": "Filters access by the range of inside IP addresses for a VPN tunnel", + "type": "String" + }, + "ec2:InsideTunnelIpv6Cidr": { + "condition": "ec2:InsideTunnelIpv6Cidr", + "description": "Filters access by a range of inside IPv6 addresses for a VPN tunnel", + "type": "String" + }, + "ec2:InstanceAutoRecovery": { + "condition": "ec2:InstanceAutoRecovery", + "description": "Filters access by whether the instance type supports auto recovery", + "type": "String" + }, + "ec2:InstanceID": { + "condition": "ec2:InstanceID", + "description": "Filters access by the ID of an instance", + "type": "String" + }, + "ec2:InstanceMarketType": { + "condition": "ec2:InstanceMarketType", + "description": "Filters access by the market or purchasing option of an instance (on-demand or spot)", + "type": "String" + }, + "ec2:InstanceMetadataTags": { + "condition": "ec2:InstanceMetadataTags", + "description": "Filters access by whether the instance allows access to instance tags from the instance metadata", + "type": "String" + }, + "ec2:InstanceProfile": { + "condition": "ec2:InstanceProfile", + "description": "Filters access by the ARN of an instance profile", + "type": "ARN" + }, + "ec2:InstanceType": { + "condition": "ec2:InstanceType", + "description": "Filters access by the type of instance", + "type": "String" + }, + "ec2:InternetGatewayID": { + "condition": "ec2:InternetGatewayID", + "description": "Filters access by the ID of an internet gateway", + "type": "String" + }, + "ec2:Ipv4IpamPoolId": { + "condition": "ec2:Ipv4IpamPoolId", + "description": "Filters access by the ID of an IPAM pool provided for IPv4 CIDR block allocation", + "type": "String" + }, + "ec2:Ipv6IpamPoolId": { + "condition": "ec2:Ipv6IpamPoolId", + "description": "Filters access by the ID of an IPAM pool provided for IPv6 CIDR block allocation", + "type": "String" + }, + "ec2:IsLaunchTemplateResource": { + "condition": "ec2:IsLaunchTemplateResource", + "description": "Filters access by whether users are able to override resources that are specified in the launch template", + "type": "Bool" + }, + "ec2:KeyPairName": { + "condition": "ec2:KeyPairName", + "description": "Filters access by the name of a key pair", + "type": "String" + }, + "ec2:KeyPairType": { + "condition": "ec2:KeyPairType", + "description": "Filters access by the type of a key pair", + "type": "String" + }, + "ec2:KmsKeyId": { + "condition": "ec2:KmsKeyId", + "description": "Filters access by the ID of an AWS KMS key", + "type": "String" + }, + "ec2:LaunchTemplate": { + "condition": "ec2:LaunchTemplate", + "description": "Filters access by the ARN of a launch template", + "type": "ARN" + }, + "ec2:MetadataHttpEndpoint": { + "condition": "ec2:MetadataHttpEndpoint", + "description": "Filters access by whether the HTTP endpoint is enabled for the instance metadata service", + "type": "String" + }, + "ec2:MetadataHttpPutResponseHopLimit": { + "condition": "ec2:MetadataHttpPutResponseHopLimit", + "description": "Filters access by the allowed number of hops when calling the instance metadata service", + "type": "Numeric" + }, + "ec2:MetadataHttpTokens": { + "condition": "ec2:MetadataHttpTokens", + "description": "Filters access by whether tokens are required when calling the instance metadata service (optional or required)", + "type": "String" + }, + "ec2:NetworkAclID": { + "condition": "ec2:NetworkAclID", + "description": "Filters access by the ID of a network access control list (ACL)", + "type": "String" + }, + "ec2:NetworkInterfaceID": { + "condition": "ec2:NetworkInterfaceID", + "description": "Filters access by the ID of an elastic network interface", + "type": "String" + }, + "ec2:NewInstanceProfile": { + "condition": "ec2:NewInstanceProfile", + "description": "Filters access by the ARN of the instance profile being attached", + "type": "ARN" + }, + "ec2:OutpostArn": { + "condition": "ec2:OutpostArn", + "description": "Filters access by the ARN of the Outpost", + "type": "ARN" + }, + "ec2:Owner": { + "condition": "ec2:Owner", + "description": "Filters access by the owner of the resource (amazon, aws-marketplace, or an AWS account ID)", + "type": "String" + }, + "ec2:ParentSnapshot": { + "condition": "ec2:ParentSnapshot", + "description": "Filters access by the ARN of the parent snapshot", + "type": "ARN" + }, + "ec2:ParentVolume": { + "condition": "ec2:ParentVolume", + "description": "Filters access by the ARN of the parent volume from which the snapshot was created", + "type": "ARN" + }, + "ec2:Permission": { + "condition": "ec2:Permission", + "description": "Filters access by the type of permission for a resource (INSTANCE-ATTACH or EIP-ASSOCIATE)", + "type": "String" + }, + "ec2:Phase1DHGroup": { + "condition": "ec2:Phase1DHGroup", + "description": "Filters access by the Diffie-Hellman group numbers that are permitted for a VPN tunnel for the phase 1 IKE negotiations", + "type": "ArrayOfString" + }, + "ec2:Phase1EncryptionAlgorithms": { + "condition": "ec2:Phase1EncryptionAlgorithms", + "description": "Filters access by the encryption algorithms that are permitted for a VPN tunnel for the phase 1 IKE negotiations", + "type": "ArrayOfString" + }, + "ec2:Phase1IntegrityAlgorithms": { + "condition": "ec2:Phase1IntegrityAlgorithms", + "description": "Filters access by the integrity algorithms that are permitted for a VPN tunnel for the phase 1 IKE negotiations", + "type": "ArrayOfString" + }, + "ec2:Phase1LifetimeSeconds": { + "condition": "ec2:Phase1LifetimeSeconds", + "description": "Filters access by the lifetime in seconds for phase 1 of the IKE negotiations for a VPN tunnel", + "type": "Numeric" + }, + "ec2:Phase2DHGroup": { + "condition": "ec2:Phase2DHGroup", + "description": "Filters access by the Diffie-Hellman group numbers that are permitted for a VPN tunnel for the phase 2 IKE negotiations", + "type": "ArrayOfString" + }, + "ec2:Phase2EncryptionAlgorithms": { + "condition": "ec2:Phase2EncryptionAlgorithms", + "description": "Filters access by the encryption algorithms that are permitted for a VPN tunnel for the phase 2 IKE negotiations", + "type": "ArrayOfString" + }, + "ec2:Phase2IntegrityAlgorithms": { + "condition": "ec2:Phase2IntegrityAlgorithms", + "description": "Filters access by the integrity algorithms that are permitted for a VPN tunnel for the phase 2 IKE negotiations", + "type": "ArrayOfString" + }, + "ec2:Phase2LifetimeSeconds": { + "condition": "ec2:Phase2LifetimeSeconds", + "description": "Filters access by the lifetime in seconds for phase 2 of the IKE negotiations for a VPN tunnel", + "type": "Numeric" + }, + "ec2:PlacementGroup": { + "condition": "ec2:PlacementGroup", + "description": "Filters access by the ARN of the placement group", + "type": "ARN" + }, + "ec2:PlacementGroupName": { + "condition": "ec2:PlacementGroupName", + "description": "Filters access by the name of a placement group", + "type": "String" + }, + "ec2:PlacementGroupStrategy": { + "condition": "ec2:PlacementGroupStrategy", + "description": "Filters access by the instance placement strategy used by the placement group (cluster, spread, or partition)", + "type": "String" + }, + "ec2:PreSharedKeys": { + "condition": "ec2:PreSharedKeys", + "description": "Filters access by the pre-shared key (PSK) used to establish the initial IKE security association between a virtual private gateway and a customer gateway", + "type": "String" + }, + "ec2:ProductCode": { + "condition": "ec2:ProductCode", + "description": "Filters access by the product code that is associated with the AMI", + "type": "String" + }, + "ec2:Public": { + "condition": "ec2:Public", + "description": "Filters access by whether the image has public launch permissions", + "type": "Bool" + }, + "ec2:PublicIpAddress": { + "condition": "ec2:PublicIpAddress", + "description": "Filters access by a public IP address", + "type": "String" + }, + "ec2:Quantity": { + "condition": "ec2:Quantity", + "description": "Filters access by the number of Dedicated Hosts in a request", + "type": "Numeric" + }, + "ec2:Region": { + "condition": "ec2:Region", + "description": "Filters access by the name of the AWS Region", + "type": "String" + }, + "ec2:RekeyFuzzPercentage": { + "condition": "ec2:RekeyFuzzPercentage", + "description": "Filters access by the percentage of increase of the rekey window (determined by the rekey margin time) within which the rekey time is randomly selected for a VPN tunnel", + "type": "Numeric" + }, + "ec2:RekeyMarginTimeSeconds": { + "condition": "ec2:RekeyMarginTimeSeconds", + "description": "Filters access by the margin time before the phase 2 lifetime expires for a VPN tunnel", + "type": "Numeric" + }, + "ec2:Remove/group": { + "condition": "ec2:Remove/group", + "description": "Filters access by the group being removed from a snapshot", + "type": "String" + }, + "ec2:Remove/userId": { + "condition": "ec2:Remove/userId", + "description": "Filters access by the account id being removed from a snapshot", + "type": "String" + }, + "ec2:ReplayWindowSizePackets": { + "condition": "ec2:ReplayWindowSizePackets", + "description": "Filters access by the number of packets in an IKE replay window", + "type": "String" + }, + "ec2:RequesterVpc": { + "condition": "ec2:RequesterVpc", + "description": "Filters access by the ARN of a requester VPC in a VPC peering connection", + "type": "ARN" + }, + "ec2:ReservedInstancesOfferingType": { + "condition": "ec2:ReservedInstancesOfferingType", + "description": "Filters access by the payment option of the Reserved Instance offering (No Upfront, Partial Upfront, or All Upfront)", + "type": "String" + }, + "ec2:ResourceTag/${TagKey}": { + "condition": "ec2:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "ec2:RoleDelivery": { + "condition": "ec2:RoleDelivery", + "description": "Filters access by the version of the instance metadata service for retrieving IAM role credentials for EC2", + "type": "Numeric" + }, + "ec2:RootDeviceType": { + "condition": "ec2:RootDeviceType", + "description": "Filters access by the root device type of the instance (ebs or instance-store)", + "type": "String" + }, + "ec2:RouteTableID": { + "condition": "ec2:RouteTableID", + "description": "Filters access by the ID of a route table", + "type": "String" + }, + "ec2:RoutingType": { + "condition": "ec2:RoutingType", + "description": "Filters access by the routing type for the VPN connection", + "type": "String" + }, + "ec2:SamlProviderArn": { + "condition": "ec2:SamlProviderArn", + "description": "Filters access by the ARN of the IAM SAML identity provider", + "type": "ARN" + }, + "ec2:SecurityGroupID": { + "condition": "ec2:SecurityGroupID", + "description": "Filters access by the ID of a security group", + "type": "String" + }, + "ec2:ServerCertificateArn": { + "condition": "ec2:ServerCertificateArn", + "description": "Filters access by the ARN of the server certificate", + "type": "ARN" + }, + "ec2:SnapshotID": { + "condition": "ec2:SnapshotID", + "description": "Filters access by the ID of a snapshot", + "type": "String" + }, + "ec2:SnapshotTime": { + "condition": "ec2:SnapshotTime", + "description": "Filters access by the initiation time of a snapshot", + "type": "String" + }, + "ec2:SourceInstanceARN": { + "condition": "ec2:SourceInstanceARN", + "description": "Filters access by the ARN of the instance from which the request originated", + "type": "ARN" + }, + "ec2:SourceOutpostArn": { + "condition": "ec2:SourceOutpostArn", + "description": "Filters access by the ARN of the Outpost from which the request originated", + "type": "ARN" + }, + "ec2:Subnet": { + "condition": "ec2:Subnet", + "description": "Filters access by the ARN of the subnet", + "type": "ARN" + }, + "ec2:SubnetID": { + "condition": "ec2:SubnetID", + "description": "Filters access by the ID of a subnet", + "type": "String" + }, + "ec2:Tenancy": { + "condition": "ec2:Tenancy", + "description": "Filters access by the tenancy of the VPC or instance (default, dedicated, or host)", + "type": "String" + }, + "ec2:VolumeID": { + "condition": "ec2:VolumeID", + "description": "Filters access by the ID of a volume", + "type": "String" + }, + "ec2:VolumeIops": { + "condition": "ec2:VolumeIops", + "description": "Filters access by the the number of input/output operations per second (IOPS) provisioned for the volume", + "type": "Numeric" + }, + "ec2:VolumeSize": { + "condition": "ec2:VolumeSize", + "description": "Filters access by the size of the volume, in GiB", + "type": "Numeric" + }, + "ec2:VolumeThroughput": { + "condition": "ec2:VolumeThroughput", + "description": "Filters access by the throughput of the volume, in MiBps", + "type": "Numeric" + }, + "ec2:VolumeType": { + "condition": "ec2:VolumeType", + "description": "Filters access by the type of volume (gp2, gp3, io1, io2, st1, sc1, or standard)", + "type": "String" + }, + "ec2:Vpc": { + "condition": "ec2:Vpc", + "description": "Filters access by the ARN of the VPC", + "type": "ARN" + }, + "ec2:VpcID": { + "condition": "ec2:VpcID", + "description": "Filters access by the ID of a virtual private cloud (VPC)", + "type": "String" + }, + "ec2:VpcPeeringConnectionID": { + "condition": "ec2:VpcPeeringConnectionID", + "description": "Filters access by the ID of a VPC peering connection", + "type": "String" + }, + "ec2:VpceServiceName": { + "condition": "ec2:VpceServiceName", + "description": "Filters access by the name of the VPC endpoint service", + "type": "String" + }, + "ec2:VpceServiceOwner": { + "condition": "ec2:VpceServiceOwner", + "description": "Filters access by the service owner of the VPC endpoint service (amazon, aws-marketplace, or an AWS account ID)", + "type": "String" + }, + "ec2:VpceServicePrivateDnsName": { + "condition": "ec2:VpceServicePrivateDnsName", + "description": "Filters access by the private DNS name of the VPC endpoint service", + "type": "String" + } + } + }, + "autoscaling": { + "service_name": "Amazon EC2 Auto Scaling", + "prefix": "autoscaling", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2autoscaling.html", + "privileges": { + "AttachInstances": { + "privilege": "AttachInstances", + "description": "Grants permission to attach one or more EC2 instances to the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachInstances.html" + }, + "AttachLoadBalancerTargetGroups": { + "privilege": "AttachLoadBalancerTargetGroups", + "description": "Grants permission to attach one or more target groups to the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:TargetGroupARNs" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachLoadBalancerTargetGroups.html" + }, + "AttachLoadBalancers": { + "privilege": "AttachLoadBalancers", + "description": "Grants permission to attach one or more load balancers to the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:LoadBalancerNames" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachLoadBalancers.html" + }, + "AttachTrafficSources": { + "privilege": "AttachTrafficSources", + "description": "Grants permission to attach one or more traffic sources to an Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:TrafficSourceIdentifiers" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_AttachTrafficSources.html" + }, + "BatchDeleteScheduledAction": { + "privilege": "BatchDeleteScheduledAction", + "description": "Grants permission to delete the specified scheduled actions", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_BatchDeleteScheduledAction.html" + }, + "BatchPutScheduledUpdateGroupAction": { + "privilege": "BatchPutScheduledUpdateGroupAction", + "description": "Grants permission to create or update multiple scheduled scaling actions for an Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_BatchPutScheduledUpdateGroupAction.html" + }, + "CancelInstanceRefresh": { + "privilege": "CancelInstanceRefresh", + "description": "Grants permission to cancel an instance refresh operation in progress", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CancelInstanceRefresh.html" + }, + "CompleteLifecycleAction": { + "privilege": "CompleteLifecycleAction", + "description": "Grants permission to complete the lifecycle action for the specified token or instance with the specified result", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CompleteLifecycleAction.html" + }, + "CreateAutoScalingGroup": { + "privilege": "CreateAutoScalingGroup", + "description": "Grants permission to create an Auto Scaling group with the specified name and attributes", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:InstanceTypes", + "autoscaling:LaunchConfigurationName", + "autoscaling:LaunchTemplateVersionSpecified", + "autoscaling:LoadBalancerNames", + "autoscaling:MaxSize", + "autoscaling:MinSize", + "autoscaling:TargetGroupARNs", + "autoscaling:TrafficSourceIdentifiers", + "autoscaling:VPCZoneIdentifiers", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateAutoScalingGroup.html" + }, + "CreateLaunchConfiguration": { + "privilege": "CreateLaunchConfiguration", + "description": "Grants permission to create a launch configuration", + "access_level": "Write", + "resource_types": { + "launchConfiguration": { + "resource_type": "launchConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:ImageId", + "autoscaling:InstanceType", + "autoscaling:SpotPrice", + "autoscaling:MetadataHttpTokens", + "autoscaling:MetadataHttpPutResponseHopLimit", + "autoscaling:MetadataHttpEndpoint" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfiguration": "launchConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateLaunchConfiguration.html" + }, + "CreateOrUpdateTags": { + "privilege": "CreateOrUpdateTags", + "description": "Grants permission to create or update tags for the specified Auto Scaling group", + "access_level": "Tagging", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_CreateOrUpdateTags.html" + }, + "DeleteAutoScalingGroup": { + "privilege": "DeleteAutoScalingGroup", + "description": "Grants permission to delete the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteAutoScalingGroup.html" + }, + "DeleteLaunchConfiguration": { + "privilege": "DeleteLaunchConfiguration", + "description": "Grants permission to delete the specified launch configuration", + "access_level": "Write", + "resource_types": { + "launchConfiguration": { + "resource_type": "launchConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfiguration": "launchConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteLaunchConfiguration.html" + }, + "DeleteLifecycleHook": { + "privilege": "DeleteLifecycleHook", + "description": "Grants permission to deletes the specified lifecycle hook", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteLifecycleHook.html" + }, + "DeleteNotificationConfiguration": { + "privilege": "DeleteNotificationConfiguration", + "description": "Grants permission to delete the specified notification", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteNotificationConfiguration.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to delete the specified Auto Scaling policy", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeletePolicy.html" + }, + "DeleteScheduledAction": { + "privilege": "DeleteScheduledAction", + "description": "Grants permission to delete the specified scheduled action", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteScheduledAction.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete the specified tags", + "access_level": "Tagging", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteTags.html" + }, + "DeleteWarmPool": { + "privilege": "DeleteWarmPool", + "description": "Grants permission to delete the warm pool associated with the Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DeleteWarmPool.html" + }, + "DescribeAccountLimits": { + "privilege": "DescribeAccountLimits", + "description": "Grants permission to describe the current Auto Scaling resource limits for your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAccountLimits.html" + }, + "DescribeAdjustmentTypes": { + "privilege": "DescribeAdjustmentTypes", + "description": "Grants permission to describe the policy adjustment types for use with PutScalingPolicy", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAdjustmentTypes.html" + }, + "DescribeAutoScalingGroups": { + "privilege": "DescribeAutoScalingGroups", + "description": "Grants permission to describe one or more Auto Scaling groups. If a list of names is not provided, the call describes all Auto Scaling groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAutoScalingGroups.html" + }, + "DescribeAutoScalingInstances": { + "privilege": "DescribeAutoScalingInstances", + "description": "Grants permission to describe one or more Auto Scaling instances. If a list is not provided, the call describes all instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAutoScalingInstances.html" + }, + "DescribeAutoScalingNotificationTypes": { + "privilege": "DescribeAutoScalingNotificationTypes", + "description": "Grants permission to describe the notification types that are supported by Auto Scaling", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeAutoScalingNotificationTypes.html" + }, + "DescribeInstanceRefreshes": { + "privilege": "DescribeInstanceRefreshes", + "description": "Grants permission to describe one or more instance refreshes for an Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeInstanceRefreshes.html" + }, + "DescribeLaunchConfigurations": { + "privilege": "DescribeLaunchConfigurations", + "description": "Grants permission to describe one or more launch configurations. If you omit the list of names, then the call describes all launch configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLaunchConfigurations.html" + }, + "DescribeLifecycleHookTypes": { + "privilege": "DescribeLifecycleHookTypes", + "description": "Grants permission to describe the available types of lifecycle hooks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLifecycleHookTypes.html" + }, + "DescribeLifecycleHooks": { + "privilege": "DescribeLifecycleHooks", + "description": "Grants permission to describe the lifecycle hooks for the specified Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLifecycleHooks.html" + }, + "DescribeLoadBalancerTargetGroups": { + "privilege": "DescribeLoadBalancerTargetGroups", + "description": "Grants permission to describe the target groups for the specified Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLoadBalancerTargetGroups.html" + }, + "DescribeLoadBalancers": { + "privilege": "DescribeLoadBalancers", + "description": "Grants permission to describe the load balancers for the specified Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeLoadBalancers.html" + }, + "DescribeMetricCollectionTypes": { + "privilege": "DescribeMetricCollectionTypes", + "description": "Grants permission to describe the available CloudWatch metrics for Auto Scaling", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeMetricCollectionTypes.html" + }, + "DescribeNotificationConfigurations": { + "privilege": "DescribeNotificationConfigurations", + "description": "Grants permission to describe the notification actions associated with the specified Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeNotificationConfigurations.html" + }, + "DescribePolicies": { + "privilege": "DescribePolicies", + "description": "Grants permission to describe the policies for the specified Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribePolicies.html" + }, + "DescribeScalingActivities": { + "privilege": "DescribeScalingActivities", + "description": "Grants permission to describe one or more scaling activities for the specified Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeScalingActivities.html" + }, + "DescribeScalingProcessTypes": { + "privilege": "DescribeScalingProcessTypes", + "description": "Grants permission to describe the scaling process types for use with ResumeProcesses and SuspendProcesses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeScalingProcessTypes.html" + }, + "DescribeScheduledActions": { + "privilege": "DescribeScheduledActions", + "description": "Grants permission to describe the actions scheduled for your Auto Scaling group that haven't run", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeScheduledActions.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to describe the specified tags", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeTags.html" + }, + "DescribeTerminationPolicyTypes": { + "privilege": "DescribeTerminationPolicyTypes", + "description": "Grants permission to describe the termination policies supported by Auto Scaling", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeTerminationPolicyTypes.html" + }, + "DescribeTrafficSources": { + "privilege": "DescribeTrafficSources", + "description": "Grants permission to describe the target groups for the specified Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeTrafficSources.html" + }, + "DescribeWarmPool": { + "privilege": "DescribeWarmPool", + "description": "Grants permission to describe the warm pool associated with the Auto Scaling group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeWarmPool.html" + }, + "DetachInstances": { + "privilege": "DetachInstances", + "description": "Grants permission to remove one or more instances from the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachInstances.html" + }, + "DetachLoadBalancerTargetGroups": { + "privilege": "DetachLoadBalancerTargetGroups", + "description": "Grants permission to detach one or more target groups from the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:TargetGroupARNs" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachLoadBalancerTargetGroups.html" + }, + "DetachLoadBalancers": { + "privilege": "DetachLoadBalancers", + "description": "Grants permission to remove one or more load balancers from the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:LoadBalancerNames" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachLoadBalancers.html" + }, + "DetachTrafficSources": { + "privilege": "DetachTrafficSources", + "description": "Grants permission to detach one or more traffic sources from an Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:TrafficSourceIdentifiers" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DetachTrafficSources.html" + }, + "DisableMetricsCollection": { + "privilege": "DisableMetricsCollection", + "description": "Grants permission to disable monitoring of the specified metrics for the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DisableMetricsCollection.html" + }, + "EnableMetricsCollection": { + "privilege": "EnableMetricsCollection", + "description": "Grants permission to enable monitoring of the specified metrics for the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_EnableMetricsCollection.html" + }, + "EnterStandby": { + "privilege": "EnterStandby", + "description": "Grants permission to move the specified instances into Standby mode", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_EnterStandby.html" + }, + "ExecutePolicy": { + "privilege": "ExecutePolicy", + "description": "Grants permission to execute the specified policy", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_ExecutePolicy.html" + }, + "ExitStandby": { + "privilege": "ExitStandby", + "description": "Grants permission to move the specified instances out of Standby mode", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_ExitStandby.html" + }, + "GetPredictiveScalingForecast": { + "privilege": "GetPredictiveScalingForecast", + "description": "Grants permission to retrieve the forecast data for a predictive scaling policy", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_GetPredictiveScalingForecast.html" + }, + "PutLifecycleHook": { + "privilege": "PutLifecycleHook", + "description": "Grants permission to create or update a lifecycle hook for the specified Auto Scaling Group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutLifecycleHook.html" + }, + "PutNotificationConfiguration": { + "privilege": "PutNotificationConfiguration", + "description": "Grants permission to configure an Auto Scaling group to send notifications when specified events take place", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutNotificationConfiguration.html" + }, + "PutScalingPolicy": { + "privilege": "PutScalingPolicy", + "description": "Grants permission to create or update a policy for an Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutScalingPolicy.html" + }, + "PutScheduledUpdateGroupAction": { + "privilege": "PutScheduledUpdateGroupAction", + "description": "Grants permission to create or update a scheduled scaling action for an Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:MaxSize", + "autoscaling:MinSize" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutScheduledUpdateGroupAction.html" + }, + "PutWarmPool": { + "privilege": "PutWarmPool", + "description": "Grants permission to create or update the warm pool associated with the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_PutWarmPool.html" + }, + "RecordLifecycleActionHeartbeat": { + "privilege": "RecordLifecycleActionHeartbeat", + "description": "Grants permission to record a heartbeat for the lifecycle action associated with the specified token or instance", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_RecordLifecycleActionHeartbeat.html" + }, + "ResumeProcesses": { + "privilege": "ResumeProcesses", + "description": "Grants permission to resume the specified suspended Auto Scaling processes, or all suspended process, for the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_ResumeProcesses.html" + }, + "RollbackInstanceRefresh": { + "privilege": "RollbackInstanceRefresh", + "description": "Grants permission to rollback an instance refresh operation in progress", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_RollbackInstanceRefresh.html" + }, + "SetDesiredCapacity": { + "privilege": "SetDesiredCapacity", + "description": "Grants permission to set the size of the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SetDesiredCapacity.html" + }, + "SetInstanceHealth": { + "privilege": "SetInstanceHealth", + "description": "Grants permission to set the health status of the specified instance", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SetInstanceHealth.html" + }, + "SetInstanceProtection": { + "privilege": "SetInstanceProtection", + "description": "Grants permission to update the instance protection settings of the specified instances", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SetInstanceProtection.html" + }, + "StartInstanceRefresh": { + "privilege": "StartInstanceRefresh", + "description": "Grants permission to start a new instance refresh operation", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_StartInstanceRefresh.html" + }, + "SuspendProcesses": { + "privilege": "SuspendProcesses", + "description": "Grants permission to suspend the specified Auto Scaling processes, or all processes, for the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_SuspendProcesses.html" + }, + "TerminateInstanceInAutoScalingGroup": { + "privilege": "TerminateInstanceInAutoScalingGroup", + "description": "Grants permission to terminate the specified instance and optionally adjust the desired group size", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_TerminateInstanceInAutoScalingGroup.html" + }, + "UpdateAutoScalingGroup": { + "privilege": "UpdateAutoScalingGroup", + "description": "Grants permission to update the configuration for the specified Auto Scaling group", + "access_level": "Write", + "resource_types": { + "autoScalingGroup": { + "resource_type": "autoScalingGroup", + "required": true, + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "autoscaling:InstanceTypes", + "autoscaling:LaunchConfigurationName", + "autoscaling:LaunchTemplateVersionSpecified", + "autoscaling:MaxSize", + "autoscaling:MinSize", + "autoscaling:VPCZoneIdentifiers" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_UpdateAutoScalingGroup.html" + } + }, + "privileges_lower_name": { + "attachinstances": "AttachInstances", + "attachloadbalancertargetgroups": "AttachLoadBalancerTargetGroups", + "attachloadbalancers": "AttachLoadBalancers", + "attachtrafficsources": "AttachTrafficSources", + "batchdeletescheduledaction": "BatchDeleteScheduledAction", + "batchputscheduledupdategroupaction": "BatchPutScheduledUpdateGroupAction", + "cancelinstancerefresh": "CancelInstanceRefresh", + "completelifecycleaction": "CompleteLifecycleAction", + "createautoscalinggroup": "CreateAutoScalingGroup", + "createlaunchconfiguration": "CreateLaunchConfiguration", + "createorupdatetags": "CreateOrUpdateTags", + "deleteautoscalinggroup": "DeleteAutoScalingGroup", + "deletelaunchconfiguration": "DeleteLaunchConfiguration", + "deletelifecyclehook": "DeleteLifecycleHook", + "deletenotificationconfiguration": "DeleteNotificationConfiguration", + "deletepolicy": "DeletePolicy", + "deletescheduledaction": "DeleteScheduledAction", + "deletetags": "DeleteTags", + "deletewarmpool": "DeleteWarmPool", + "describeaccountlimits": "DescribeAccountLimits", + "describeadjustmenttypes": "DescribeAdjustmentTypes", + "describeautoscalinggroups": "DescribeAutoScalingGroups", + "describeautoscalinginstances": "DescribeAutoScalingInstances", + "describeautoscalingnotificationtypes": "DescribeAutoScalingNotificationTypes", + "describeinstancerefreshes": "DescribeInstanceRefreshes", + "describelaunchconfigurations": "DescribeLaunchConfigurations", + "describelifecyclehooktypes": "DescribeLifecycleHookTypes", + "describelifecyclehooks": "DescribeLifecycleHooks", + "describeloadbalancertargetgroups": "DescribeLoadBalancerTargetGroups", + "describeloadbalancers": "DescribeLoadBalancers", + "describemetriccollectiontypes": "DescribeMetricCollectionTypes", + "describenotificationconfigurations": "DescribeNotificationConfigurations", + "describepolicies": "DescribePolicies", + "describescalingactivities": "DescribeScalingActivities", + "describescalingprocesstypes": "DescribeScalingProcessTypes", + "describescheduledactions": "DescribeScheduledActions", + "describetags": "DescribeTags", + "describeterminationpolicytypes": "DescribeTerminationPolicyTypes", + "describetrafficsources": "DescribeTrafficSources", + "describewarmpool": "DescribeWarmPool", + "detachinstances": "DetachInstances", + "detachloadbalancertargetgroups": "DetachLoadBalancerTargetGroups", + "detachloadbalancers": "DetachLoadBalancers", + "detachtrafficsources": "DetachTrafficSources", + "disablemetricscollection": "DisableMetricsCollection", + "enablemetricscollection": "EnableMetricsCollection", + "enterstandby": "EnterStandby", + "executepolicy": "ExecutePolicy", + "exitstandby": "ExitStandby", + "getpredictivescalingforecast": "GetPredictiveScalingForecast", + "putlifecyclehook": "PutLifecycleHook", + "putnotificationconfiguration": "PutNotificationConfiguration", + "putscalingpolicy": "PutScalingPolicy", + "putscheduledupdategroupaction": "PutScheduledUpdateGroupAction", + "putwarmpool": "PutWarmPool", + "recordlifecycleactionheartbeat": "RecordLifecycleActionHeartbeat", + "resumeprocesses": "ResumeProcesses", + "rollbackinstancerefresh": "RollbackInstanceRefresh", + "setdesiredcapacity": "SetDesiredCapacity", + "setinstancehealth": "SetInstanceHealth", + "setinstanceprotection": "SetInstanceProtection", + "startinstancerefresh": "StartInstanceRefresh", + "suspendprocesses": "SuspendProcesses", + "terminateinstanceinautoscalinggroup": "TerminateInstanceInAutoScalingGroup", + "updateautoscalinggroup": "UpdateAutoScalingGroup" + }, + "resources": { + "autoScalingGroup": { + "resource": "autoScalingGroup", + "arn": "arn:${Partition}:autoscaling:${Region}:${Account}:autoScalingGroup:${GroupId}:autoScalingGroupName/${GroupFriendlyName}", + "condition_keys": [ + "autoscaling:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ] + }, + "launchConfiguration": { + "resource": "launchConfiguration", + "arn": "arn:${Partition}:autoscaling:${Region}:${Account}:launchConfiguration:${Id}:launchConfigurationName/${LaunchConfigurationName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "autoscalinggroup": "autoScalingGroup", + "launchconfiguration": "launchConfiguration" + }, + "conditions": { + "autoscaling:ImageId": { + "condition": "autoscaling:ImageId", + "description": "Filters access based on the AMI ID for the launch configuration", + "type": "String" + }, + "autoscaling:InstanceType": { + "condition": "autoscaling:InstanceType", + "description": "Filters access based on the instance type for the launch configuration", + "type": "String" + }, + "autoscaling:InstanceTypes": { + "condition": "autoscaling:InstanceTypes", + "description": "Filters access based on the instance types present as overrides to a launch template for a mixed instances policy. Use it to qualify which instance types can be explicitly defined in the policy", + "type": "String" + }, + "autoscaling:LaunchConfigurationName": { + "condition": "autoscaling:LaunchConfigurationName", + "description": "Filters access based on the name of a launch configuration", + "type": "String" + }, + "autoscaling:LaunchTemplateVersionSpecified": { + "condition": "autoscaling:LaunchTemplateVersionSpecified", + "description": "Filters access based on whether users can specify any version of a launch template or only the Latest or Default version", + "type": "Bool" + }, + "autoscaling:LoadBalancerNames": { + "condition": "autoscaling:LoadBalancerNames", + "description": "Filters access based on the name of the load balancer", + "type": "ArrayOfString" + }, + "autoscaling:MaxSize": { + "condition": "autoscaling:MaxSize", + "description": "Filters access based on the maximum scaling size in the request", + "type": "Numeric" + }, + "autoscaling:MetadataHttpEndpoint": { + "condition": "autoscaling:MetadataHttpEndpoint", + "description": "Filters access based on whether the HTTP endpoint is enabled for the instance metadata service", + "type": "String" + }, + "autoscaling:MetadataHttpPutResponseHopLimit": { + "condition": "autoscaling:MetadataHttpPutResponseHopLimit", + "description": "Filters access based on the allowed number of hops when calling the instance metadata service", + "type": "Numeric" + }, + "autoscaling:MetadataHttpTokens": { + "condition": "autoscaling:MetadataHttpTokens", + "description": "Filters access based on whether tokens are required when calling the instance metadata service (optional or required)", + "type": "String" + }, + "autoscaling:MinSize": { + "condition": "autoscaling:MinSize", + "description": "Filters access based on the minimum scaling size in the request", + "type": "Numeric" + }, + "autoscaling:ResourceTag/${TagKey}": { + "condition": "autoscaling:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "autoscaling:SpotPrice": { + "condition": "autoscaling:SpotPrice", + "description": "Filters access based on the price for Spot Instances for the launch configuration", + "type": "Numeric" + }, + "autoscaling:TargetGroupARNs": { + "condition": "autoscaling:TargetGroupARNs", + "description": "Filters access based on the ARN of a target group", + "type": "ArrayOfARN" + }, + "autoscaling:TrafficSourceIdentifiers": { + "condition": "autoscaling:TrafficSourceIdentifiers", + "description": "Filters access based on the identifiers of the traffic sources", + "type": "ArrayOfString" + }, + "autoscaling:VPCZoneIdentifiers": { + "condition": "autoscaling:VPCZoneIdentifiers", + "description": "Filters access based on the identifier of a VPC zone", + "type": "ArrayOfString" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "imagebuilder": { + "service_name": "Amazon EC2 Image Builder", + "prefix": "imagebuilder", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2imagebuilder.html", + "privileges": { + "CancelImageCreation": { + "privilege": "CancelImageCreation", + "description": "Grants permission to cancel an image creation", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CancelImageCreation.html" + }, + "CreateComponent": { + "privilege": "CreateComponent", + "description": "Grants permission to create a new component", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "imagebuilder:TagResource", + "kms:Encrypt", + "kms:GenerateDataKey", + "kms:GenerateDataKeyWithoutPlaintext" + ] + }, + "kmsKey": { + "resource_type": "kmsKey", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "kmskey": "kmsKey", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html" + }, + "CreateContainerRecipe": { + "privilege": "CreateContainerRecipe", + "description": "Grants permission to create a new Container Recipe", + "access_level": "Write", + "resource_types": { + "containerRecipe": { + "resource_type": "containerRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ecr:DescribeImages", + "ecr:DescribeRepositories", + "iam:CreateServiceLinkedRole", + "imagebuilder:GetComponent", + "imagebuilder:GetImage", + "imagebuilder:TagResource", + "kms:Encrypt", + "kms:GenerateDataKey", + "kms:GenerateDataKeyWithoutPlaintext" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerrecipe": "containerRecipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateContainerRecipe.html" + }, + "CreateDistributionConfiguration": { + "privilege": "CreateDistributionConfiguration", + "description": "Grants permission to create a new distribution configuration", + "access_level": "Write", + "resource_types": { + "distributionConfiguration": { + "resource_type": "distributionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "imagebuilder:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distributionconfiguration": "distributionConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateDistributionConfiguration.html" + }, + "CreateImage": { + "privilege": "CreateImage", + "description": "Grants permission to create a new image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "imagebuilder:GetContainerRecipe", + "imagebuilder:GetDistributionConfiguration", + "imagebuilder:GetImageRecipe", + "imagebuilder:GetInfrastructureConfiguration", + "imagebuilder:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImage.html" + }, + "CreateImagePipeline": { + "privilege": "CreateImagePipeline", + "description": "Grants permission to create a new image pipeline", + "access_level": "Write", + "resource_types": { + "imagePipeline": { + "resource_type": "imagePipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "imagebuilder:GetContainerRecipe", + "imagebuilder:GetImageRecipe", + "imagebuilder:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagepipeline": "imagePipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImagePipeline.html" + }, + "CreateImageRecipe": { + "privilege": "CreateImageRecipe", + "description": "Grants permission to create a new Image Recipe", + "access_level": "Write", + "resource_types": { + "imageRecipe": { + "resource_type": "imageRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeImages", + "iam:CreateServiceLinkedRole", + "imagebuilder:GetComponent", + "imagebuilder:GetImage", + "imagebuilder:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagerecipe": "imageRecipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateImageRecipe.html" + }, + "CreateInfrastructureConfiguration": { + "privilege": "CreateInfrastructureConfiguration", + "description": "Grants permission to create a new infrastructure configuration", + "access_level": "Write", + "resource_types": { + "infrastructureConfiguration": { + "resource_type": "infrastructureConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "imagebuilder:TagResource", + "sns:Publish" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "imagebuilder:CreatedResourceTagKeys", + "imagebuilder:CreatedResourceTag/", + "imagebuilder:Ec2MetadataHttpTokens", + "imagebuilder:StatusTopicArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "infrastructureconfiguration": "infrastructureConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateInfrastructureConfiguration.html" + }, + "DeleteComponent": { + "privilege": "DeleteComponent", + "description": "Grants permission to delete a component", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteComponent.html" + }, + "DeleteContainerRecipe": { + "privilege": "DeleteContainerRecipe", + "description": "Grants permission to delete a container recipe", + "access_level": "Write", + "resource_types": { + "containerRecipe": { + "resource_type": "containerRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerrecipe": "containerRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteContainerRecipe.html" + }, + "DeleteDistributionConfiguration": { + "privilege": "DeleteDistributionConfiguration", + "description": "Grants permission to delete a distribution configuration", + "access_level": "Write", + "resource_types": { + "distributionConfiguration": { + "resource_type": "distributionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distributionconfiguration": "distributionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteDistributionConfiguration.html" + }, + "DeleteImage": { + "privilege": "DeleteImage", + "description": "Grants permission to delete an image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImage.html" + }, + "DeleteImagePipeline": { + "privilege": "DeleteImagePipeline", + "description": "Grants permission to delete an image pipeline", + "access_level": "Write", + "resource_types": { + "imagePipeline": { + "resource_type": "imagePipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagepipeline": "imagePipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImagePipeline.html" + }, + "DeleteImageRecipe": { + "privilege": "DeleteImageRecipe", + "description": "Grants permission to delete an image recipe", + "access_level": "Write", + "resource_types": { + "imageRecipe": { + "resource_type": "imageRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagerecipe": "imageRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteImageRecipe.html" + }, + "DeleteInfrastructureConfiguration": { + "privilege": "DeleteInfrastructureConfiguration", + "description": "Grants permission to delete an infrastructure configuration", + "access_level": "Write", + "resource_types": { + "infrastructureConfiguration": { + "resource_type": "infrastructureConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "infrastructureconfiguration": "infrastructureConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_DeleteInfrastructureConfiguration.html" + }, + "GetComponent": { + "privilege": "GetComponent", + "description": "Grants permission to view details about a component", + "access_level": "Read", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:Decrypt" + ] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetComponent.html" + }, + "GetComponentPolicy": { + "privilege": "GetComponentPolicy", + "description": "Grants permission to view the resource policy associated with a component", + "access_level": "Read", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetComponentPolicy.html" + }, + "GetContainerRecipe": { + "privilege": "GetContainerRecipe", + "description": "Grants permission to view details about a container recipe", + "access_level": "Read", + "resource_types": { + "containerRecipe": { + "resource_type": "containerRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerrecipe": "containerRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetContainerRecipe.html" + }, + "GetContainerRecipePolicy": { + "privilege": "GetContainerRecipePolicy", + "description": "Grants permission to view the resource policy associated with a container recipe", + "access_level": "Read", + "resource_types": { + "containerRecipe": { + "resource_type": "containerRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerrecipe": "containerRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetContainerRecipePolicy.html" + }, + "GetDistributionConfiguration": { + "privilege": "GetDistributionConfiguration", + "description": "Grants permission to view details about a distribution configuration", + "access_level": "Read", + "resource_types": { + "distributionConfiguration": { + "resource_type": "distributionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distributionconfiguration": "distributionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetDistributionConfiguration.html" + }, + "GetImage": { + "privilege": "GetImage", + "description": "Grants permission to view details about an image", + "access_level": "Read", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImage.html" + }, + "GetImagePipeline": { + "privilege": "GetImagePipeline", + "description": "Grants permission to view details about an image pipeline", + "access_level": "Read", + "resource_types": { + "imagePipeline": { + "resource_type": "imagePipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagepipeline": "imagePipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImagePipeline.html" + }, + "GetImagePolicy": { + "privilege": "GetImagePolicy", + "description": "Grants permission to view the resource policy associated with an image", + "access_level": "Read", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImagePolicy.html" + }, + "GetImageRecipe": { + "privilege": "GetImageRecipe", + "description": "Grants permission to view details about an image recipe", + "access_level": "Read", + "resource_types": { + "imageRecipe": { + "resource_type": "imageRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagerecipe": "imageRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImageRecipe.html" + }, + "GetImageRecipePolicy": { + "privilege": "GetImageRecipePolicy", + "description": "Grants permission to view the resource policy associated with an image recipe", + "access_level": "Read", + "resource_types": { + "imageRecipe": { + "resource_type": "imageRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagerecipe": "imageRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetImageRecipePolicy.html" + }, + "GetInfrastructureConfiguration": { + "privilege": "GetInfrastructureConfiguration", + "description": "Grants permission to view details about an infrastructure configuration", + "access_level": "Read", + "resource_types": { + "infrastructureConfiguration": { + "resource_type": "infrastructureConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "infrastructureconfiguration": "infrastructureConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetInfrastructureConfiguration.html" + }, + "GetWorkflowExecution": { + "privilege": "GetWorkflowExecution", + "description": "Grants permission to view details about a workflow execution", + "access_level": "Read", + "resource_types": { + "workflowExecution": { + "resource_type": "workflowExecution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflowexecution": "workflowExecution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetWorkflowExecution.html" + }, + "GetWorkflowStepExecution": { + "privilege": "GetWorkflowStepExecution", + "description": "Grants permission to view details about a workflow step execution", + "access_level": "Read", + "resource_types": { + "workflowStepExecution": { + "resource_type": "workflowStepExecution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflowstepexecution": "workflowStepExecution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_GetWorkflowStepExecution.html" + }, + "ImportComponent": { + "privilege": "ImportComponent", + "description": "Grants permission to import a new component", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "imagebuilder:TagResource", + "kms:Encrypt", + "kms:GenerateDataKey", + "kms:GenerateDataKeyWithoutPlaintext" + ] + }, + "kmsKey": { + "resource_type": "kmsKey", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "kmskey": "kmsKey", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImportComponent.html" + }, + "ImportVmImage": { + "privilege": "ImportVmImage", + "description": "Grants permission to import an image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeImportImageTasks", + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ImportVmImage.html" + }, + "ListComponentBuildVersions": { + "privilege": "ListComponentBuildVersions", + "description": "Grants permission to list the component build versions in your account", + "access_level": "List", + "resource_types": { + "componentVersion": { + "resource_type": "componentVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componentversion": "componentVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListComponentBuildVersions.html" + }, + "ListComponents": { + "privilege": "ListComponents", + "description": "Grants permission to list the component versions owned by or shared with your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListComponents.html" + }, + "ListContainerRecipes": { + "privilege": "ListContainerRecipes", + "description": "Grants permission to list the container recipes owned by or shared with your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListContainerRecipes.html" + }, + "ListDistributionConfigurations": { + "privilege": "ListDistributionConfigurations", + "description": "Grants permission to list the distribution configurations in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListDistributionConfigurations.html" + }, + "ListImageBuildVersions": { + "privilege": "ListImageBuildVersions", + "description": "Grants permission to list the image build versions in your account", + "access_level": "List", + "resource_types": { + "imageVersion": { + "resource_type": "imageVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imageversion": "imageVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageBuildVersions.html" + }, + "ListImagePackages": { + "privilege": "ListImagePackages", + "description": "Grants permission to return a list of packages installed on the specified image", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePackages.html" + }, + "ListImagePipelineImages": { + "privilege": "ListImagePipelineImages", + "description": "Grants permission to return a list of images created by the specified pipeline", + "access_level": "List", + "resource_types": { + "imagePipeline": { + "resource_type": "imagePipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagepipeline": "imagePipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelineImages.html" + }, + "ListImagePipelines": { + "privilege": "ListImagePipelines", + "description": "Grants permission to list the image pipelines in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelines.html" + }, + "ListImageRecipes": { + "privilege": "ListImageRecipes", + "description": "Grants permission to list the image recipes owned by or shared with your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageRecipes.html" + }, + "ListImageScanFindingAggregations": { + "privilege": "ListImageScanFindingAggregations", + "description": "Grants permission to list aggregations on the image scan findings in your account", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imagePipeline": { + "resource_type": "imagePipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "imagepipeline": "imagePipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageScanFindingAggregations.html" + }, + "ListImageScanFindings": { + "privilege": "ListImageScanFindings", + "description": "Grants permission to list the image scan findings for the images in your account", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "inspector2:ListFindings" + ] + }, + "imagePipeline": { + "resource_type": "imagePipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "imagepipeline": "imagePipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImageScanFindings.html" + }, + "ListImages": { + "privilege": "ListImages", + "description": "Grants permission to list the image versions owned by or shared with your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImages.html" + }, + "ListInfrastructureConfigurations": { + "privilege": "ListInfrastructureConfigurations", + "description": "Grants permission to list the infrastructure configurations in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListInfrastructureConfigurations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an Image Builder resource", + "access_level": "Read", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "containerRecipe": { + "resource_type": "containerRecipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "distributionConfiguration": { + "resource_type": "distributionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imagePipeline": { + "resource_type": "imagePipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imageRecipe": { + "resource_type": "imageRecipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "infrastructureConfiguration": { + "resource_type": "infrastructureConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "containerrecipe": "containerRecipe", + "distributionconfiguration": "distributionConfiguration", + "image": "image", + "imagepipeline": "imagePipeline", + "imagerecipe": "imageRecipe", + "infrastructureconfiguration": "infrastructureConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListTagsForResource.html" + }, + "ListWorkflowExecutions": { + "privilege": "ListWorkflowExecutions", + "description": "Grants permission to list workflow executions for the specified image", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflowExecutions.html" + }, + "ListWorkflowStepExecutions": { + "privilege": "ListWorkflowStepExecutions", + "description": "Grants permission to list workflow step executions for the specified workflow", + "access_level": "List", + "resource_types": { + "workflowExecution": { + "resource_type": "workflowExecution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflowexecution": "workflowExecution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListWorkflowStepExecutions.html" + }, + "PutComponentPolicy": { + "privilege": "PutComponentPolicy", + "description": "Grants permission to set the resource policy associated with a component", + "access_level": "Permissions management", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutComponentPolicy.html" + }, + "PutContainerRecipePolicy": { + "privilege": "PutContainerRecipePolicy", + "description": "Grants permission to set the resource policy associated with a container recipe", + "access_level": "Permissions management", + "resource_types": { + "containerRecipe": { + "resource_type": "containerRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerrecipe": "containerRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutContainerRecipePolicy.html" + }, + "PutImagePolicy": { + "privilege": "PutImagePolicy", + "description": "Grants permission to set the resource policy associated with an image", + "access_level": "Permissions management", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutImagePolicy.html" + }, + "PutImageRecipePolicy": { + "privilege": "PutImageRecipePolicy", + "description": "Grants permission to set the resource policy associated with an image recipe", + "access_level": "Permissions management", + "resource_types": { + "imageRecipe": { + "resource_type": "imageRecipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagerecipe": "imageRecipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_PutImageRecipePolicy.html" + }, + "StartImagePipelineExecution": { + "privilege": "StartImagePipelineExecution", + "description": "Grants permission to create a new image from a pipeline", + "access_level": "Write", + "resource_types": { + "imagePipeline": { + "resource_type": "imagePipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "imagebuilder:GetImagePipeline" + ] + } + }, + "resource_types_lower_name": { + "imagepipeline": "imagePipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_StartImagePipelineExecution.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Image Builder resource", + "access_level": "Tagging", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "containerRecipe": { + "resource_type": "containerRecipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "distributionConfiguration": { + "resource_type": "distributionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imagePipeline": { + "resource_type": "imagePipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imageRecipe": { + "resource_type": "imageRecipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "infrastructureConfiguration": { + "resource_type": "infrastructureConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "containerrecipe": "containerRecipe", + "distributionconfiguration": "distributionConfiguration", + "image": "image", + "imagepipeline": "imagePipeline", + "imagerecipe": "imageRecipe", + "infrastructureconfiguration": "infrastructureConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Image Builder resource", + "access_level": "Tagging", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "containerRecipe": { + "resource_type": "containerRecipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "distributionConfiguration": { + "resource_type": "distributionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imagePipeline": { + "resource_type": "imagePipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imageRecipe": { + "resource_type": "imageRecipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "infrastructureConfiguration": { + "resource_type": "infrastructureConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "containerrecipe": "containerRecipe", + "distributionconfiguration": "distributionConfiguration", + "image": "image", + "imagepipeline": "imagePipeline", + "imagerecipe": "imageRecipe", + "infrastructureconfiguration": "infrastructureConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UntagResource.html" + }, + "UpdateDistributionConfiguration": { + "privilege": "UpdateDistributionConfiguration", + "description": "Grants permission to update an existing distribution configuration", + "access_level": "Write", + "resource_types": { + "distributionConfiguration": { + "resource_type": "distributionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distributionconfiguration": "distributionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateDistributionConfiguration.html" + }, + "UpdateImagePipeline": { + "privilege": "UpdateImagePipeline", + "description": "Grants permission to update an existing image pipeline", + "access_level": "Write", + "resource_types": { + "imagePipeline": { + "resource_type": "imagePipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "imagepipeline": "imagePipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateImagePipeline.html" + }, + "UpdateInfrastructureConfiguration": { + "privilege": "UpdateInfrastructureConfiguration", + "description": "Grants permission to update an existing infrastructure configuration", + "access_level": "Write", + "resource_types": { + "infrastructureConfiguration": { + "resource_type": "infrastructureConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "sns:Publish" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "imagebuilder:CreatedResourceTagKeys", + "imagebuilder:CreatedResourceTag/", + "imagebuilder:Ec2MetadataHttpTokens", + "imagebuilder:StatusTopicArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "infrastructureconfiguration": "infrastructureConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_UpdateInfrastructureConfiguration.html" + } + }, + "privileges_lower_name": { + "cancelimagecreation": "CancelImageCreation", + "createcomponent": "CreateComponent", + "createcontainerrecipe": "CreateContainerRecipe", + "createdistributionconfiguration": "CreateDistributionConfiguration", + "createimage": "CreateImage", + "createimagepipeline": "CreateImagePipeline", + "createimagerecipe": "CreateImageRecipe", + "createinfrastructureconfiguration": "CreateInfrastructureConfiguration", + "deletecomponent": "DeleteComponent", + "deletecontainerrecipe": "DeleteContainerRecipe", + "deletedistributionconfiguration": "DeleteDistributionConfiguration", + "deleteimage": "DeleteImage", + "deleteimagepipeline": "DeleteImagePipeline", + "deleteimagerecipe": "DeleteImageRecipe", + "deleteinfrastructureconfiguration": "DeleteInfrastructureConfiguration", + "getcomponent": "GetComponent", + "getcomponentpolicy": "GetComponentPolicy", + "getcontainerrecipe": "GetContainerRecipe", + "getcontainerrecipepolicy": "GetContainerRecipePolicy", + "getdistributionconfiguration": "GetDistributionConfiguration", + "getimage": "GetImage", + "getimagepipeline": "GetImagePipeline", + "getimagepolicy": "GetImagePolicy", + "getimagerecipe": "GetImageRecipe", + "getimagerecipepolicy": "GetImageRecipePolicy", + "getinfrastructureconfiguration": "GetInfrastructureConfiguration", + "getworkflowexecution": "GetWorkflowExecution", + "getworkflowstepexecution": "GetWorkflowStepExecution", + "importcomponent": "ImportComponent", + "importvmimage": "ImportVmImage", + "listcomponentbuildversions": "ListComponentBuildVersions", + "listcomponents": "ListComponents", + "listcontainerrecipes": "ListContainerRecipes", + "listdistributionconfigurations": "ListDistributionConfigurations", + "listimagebuildversions": "ListImageBuildVersions", + "listimagepackages": "ListImagePackages", + "listimagepipelineimages": "ListImagePipelineImages", + "listimagepipelines": "ListImagePipelines", + "listimagerecipes": "ListImageRecipes", + "listimagescanfindingaggregations": "ListImageScanFindingAggregations", + "listimagescanfindings": "ListImageScanFindings", + "listimages": "ListImages", + "listinfrastructureconfigurations": "ListInfrastructureConfigurations", + "listtagsforresource": "ListTagsForResource", + "listworkflowexecutions": "ListWorkflowExecutions", + "listworkflowstepexecutions": "ListWorkflowStepExecutions", + "putcomponentpolicy": "PutComponentPolicy", + "putcontainerrecipepolicy": "PutContainerRecipePolicy", + "putimagepolicy": "PutImagePolicy", + "putimagerecipepolicy": "PutImageRecipePolicy", + "startimagepipelineexecution": "StartImagePipelineExecution", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedistributionconfiguration": "UpdateDistributionConfiguration", + "updateimagepipeline": "UpdateImagePipeline", + "updateinfrastructureconfiguration": "UpdateInfrastructureConfiguration" + }, + "resources": { + "component": { + "resource": "component", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:component/${ComponentName}/${ComponentVersion}/${ComponentBuildVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "componentVersion": { + "resource": "componentVersion", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:component/${ComponentName}/${ComponentVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "distributionConfiguration": { + "resource": "distributionConfiguration", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:distribution-configuration/${DistributionConfigurationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "image": { + "resource": "image", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image/${ImageName}/${ImageVersion}/${ImageBuildVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "imageVersion": { + "resource": "imageVersion", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image/${ImageName}/${ImageVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "imageRecipe": { + "resource": "imageRecipe", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image-recipe/${ImageRecipeName}/${ImageRecipeVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "containerRecipe": { + "resource": "containerRecipe", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:container-recipe/${ContainerRecipeName}/${ContainerRecipeVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "imagePipeline": { + "resource": "imagePipeline", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:image-pipeline/${ImagePipelineName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "infrastructureConfiguration": { + "resource": "infrastructureConfiguration", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:infrastructure-configuration/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "kmsKey": { + "resource": "kmsKey", + "arn": "arn:${Partition}:kms:${Region}:${Account}:key/${KeyId}", + "condition_keys": [] + }, + "workflowExecution": { + "resource": "workflowExecution", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:workflow-execution/${WorkflowExecutionId}", + "condition_keys": [] + }, + "workflowStepExecution": { + "resource": "workflowStepExecution", + "arn": "arn:${Partition}:imagebuilder:${Region}:${Account}:workflow-step-execution/${WorkflowStepExecutionId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "component": "component", + "componentversion": "componentVersion", + "distributionconfiguration": "distributionConfiguration", + "image": "image", + "imageversion": "imageVersion", + "imagerecipe": "imageRecipe", + "containerrecipe": "containerRecipe", + "imagepipeline": "imagePipeline", + "infrastructureconfiguration": "infrastructureConfiguration", + "kmskey": "kmsKey", + "workflowexecution": "workflowExecution", + "workflowstepexecution": "workflowStepExecution" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "imagebuilder:CreatedResourceTag/": { + "condition": "imagebuilder:CreatedResourceTag/", + "description": "Filters access by the tag key-value pairs attached to the resource created by Image Builder", + "type": "String" + }, + "imagebuilder:CreatedResourceTagKeys": { + "condition": "imagebuilder:CreatedResourceTagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "imagebuilder:Ec2MetadataHttpTokens": { + "condition": "imagebuilder:Ec2MetadataHttpTokens", + "description": "Filters access by the EC2 Instance Metadata HTTP Token Requirement specified in the request", + "type": "String" + }, + "imagebuilder:StatusTopicArn": { + "condition": "imagebuilder:StatusTopicArn", + "description": "Filters access by the SNS Topic Arn in the request to which terminal state notifications will be published", + "type": "String" + } + } + }, + "ec2-instance-connect": { + "service_name": "Amazon EC2 Instance Connect", + "prefix": "ec2-instance-connect", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2instanceconnect.html", + "privileges": { + "OpenTunnel": { + "privilege": "OpenTunnel", + "description": "Grants permission to establish SSH connection to an EC2 instance using EC2 Instance Connect Endpoint", + "access_level": "Write", + "resource_types": { + "instance-connect-endpoint": { + "resource_type": "instance-connect-endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2-instance-connect:remotePort", + "ec2-instance-connect:privateIpAddress", + "ec2-instance-connect:MaxTunnelDuration" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-connect-endpoint": "instance-connect-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_OpenTunnel.html" + }, + "SendSSHPublicKey": { + "privilege": "SendSSHPublicKey", + "description": "Grants permission to push an SSH public key to the specified EC2 instance to be used for standard SSH", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ec2:osuser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_SendSSHPublicKey.html" + }, + "SendSerialConsoleSSHPublicKey": { + "privilege": "SendSerialConsoleSSHPublicKey", + "description": "Grants permission to push an SSH public key to the specified EC2 instance to be used for serial console SSH", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_SendSerialConsoleSSHPublicKey.html" + } + }, + "privileges_lower_name": { + "opentunnel": "OpenTunnel", + "sendsshpublickey": "SendSSHPublicKey", + "sendserialconsolesshpublickey": "SendSerialConsoleSSHPublicKey" + }, + "resources": { + "instance": { + "resource": "instance", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance/${InstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ] + }, + "instance-connect-endpoint": { + "resource": "instance-connect-endpoint", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance-connect-endpoint/${InstanceConnectEndpointId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "instance": "instance", + "instance-connect-endpoint": "instance-connect-endpoint" + }, + "conditions": { + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "ec2-instance-connect:maxTunnelDuration": { + "condition": "ec2-instance-connect:maxTunnelDuration", + "description": "Filters access by maximum session duration associated with the instance", + "type": "Numeric" + }, + "ec2-instance-connect:privateIpAddress": { + "condition": "ec2-instance-connect:privateIpAddress", + "description": "Filters access by private IP Address associated with the instance", + "type": "IPAddress" + }, + "ec2-instance-connect:remotePort": { + "condition": "ec2-instance-connect:remotePort", + "description": "Filters access by port number associated with the instance", + "type": "Numeric" + }, + "ec2:ResourceTag/${TagKey}": { + "condition": "ec2:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "ec2:osuser": { + "condition": "ec2:osuser", + "description": "Filters access by specifying the default user name for the AMI that you used to launch your instance", + "type": "String" + } + } + }, + "elasticache": { + "service_name": "Amazon ElastiCache", + "prefix": "elasticache", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticache.html", + "privileges": { + "AddTagsToResource": { + "privilege": "AddTagsToResource", + "description": "Grants permission to add tags to an ElastiCache resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reserved-instance": { + "resource_type": "reserved-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usergroup": { + "resource_type": "usergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "parametergroup": "parametergroup", + "replicationgroup": "replicationgroup", + "reserved-instance": "reserved-instance", + "securitygroup": "securitygroup", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "user": "user", + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_AddTagsToResource.html" + }, + "AuthorizeCacheSecurityGroupIngress": { + "privilege": "AuthorizeCacheSecurityGroupIngress", + "description": "Grants permission to authorize an EC2 security group on a ElastiCache security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:AuthorizeSecurityGroupIngress" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_AuthorizeCacheSecurityGroupIngress.html" + }, + "BatchApplyUpdateAction": { + "privilege": "BatchApplyUpdateAction", + "description": "Grants permission to apply ElastiCache service updates to sets of clusters and replication groups", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "s3:GetObject" + ] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_BatchApplyUpdateAction.html" + }, + "BatchStopUpdateAction": { + "privilege": "BatchStopUpdateAction", + "description": "Grants permission to stop ElastiCache service updates from being executed on a set of clusters", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_BatchStopUpdateAction.html" + }, + "CompleteMigration": { + "privilege": "CompleteMigration", + "description": "Grants permission to complete an online migration of data from hosted Redis on Amazon EC2 to ElastiCache", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CompleteMigration.html" + }, + "Connect": { + "privilege": "Connect", + "description": "Allows an IAM user or role to connect as a specified ElastiCache user to a node in a replication group", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth-iam.html" + }, + "CopySnapshot": { + "privilege": "CopySnapshot", + "description": "Grants permission to make a copy of an existing snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticache:AddTagsToResource", + "s3:DeleteObject", + "s3:GetBucketAcl", + "s3:PutObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticache:KmsKeyId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CopySnapshot.html" + }, + "CreateCacheCluster": { + "privilege": "CreateCacheCluster", + "description": "Grants permission to create a cache cluster", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "elasticache:AddTagsToResource", + "s3:GetObject" + ] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticache:CacheNodeType", + "elasticache:EngineVersion", + "elasticache:EngineType", + "elasticache:MultiAZEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:SnapshotRetentionLimit", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [ + "elasticache:CacheNodeType", + "elasticache:EngineVersion", + "elasticache:EngineType", + "elasticache:MultiAZEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:SnapshotRetentionLimit", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "cluster": "cluster", + "replicationgroup": "replicationgroup", + "securitygroup": "securitygroup", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheCluster.html" + }, + "CreateCacheParameterGroup": { + "privilege": "CreateCacheParameterGroup", + "description": "Grants permission to create a parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticache:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheParameterGroup.html" + }, + "CreateCacheSecurityGroup": { + "privilege": "CreateCacheSecurityGroup", + "description": "Grants permission to create a cache security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticache:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheSecurityGroup.html" + }, + "CreateCacheSubnetGroup": { + "privilege": "CreateCacheSubnetGroup", + "description": "Grants permission to create a cache subnet group", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticache:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateCacheSubnetGroup.html" + }, + "CreateGlobalReplicationGroup": { + "privilege": "CreateGlobalReplicationGroup", + "description": "Grants permission to create a global replication group", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup", + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateGlobalReplicationGroup.html" + }, + "CreateReplicationGroup": { + "privilege": "CreateReplicationGroup", + "description": "Grants permission to create a replication group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "elasticache:AddTagsToResource", + "s3:GetObject" + ] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": false, + "condition_keys": [ + "elasticache:NumNodeGroups", + "elasticache:CacheNodeType", + "elasticache:ReplicasPerNodeGroup", + "elasticache:EngineVersion", + "elasticache:EngineType", + "elasticache:AtRestEncryptionEnabled", + "elasticache:TransitEncryptionEnabled", + "elasticache:AutomaticFailoverEnabled", + "elasticache:MultiAZEnabled", + "elasticache:ClusterModeEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:SnapshotRetentionLimit", + "elasticache:KmsKeyId", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticache:NumNodeGroups", + "elasticache:CacheNodeType", + "elasticache:ReplicasPerNodeGroup", + "elasticache:EngineVersion", + "elasticache:EngineType", + "elasticache:AtRestEncryptionEnabled", + "elasticache:TransitEncryptionEnabled", + "elasticache:AutomaticFailoverEnabled", + "elasticache:MultiAZEnabled", + "elasticache:ClusterModeEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:SnapshotRetentionLimit", + "elasticache:KmsKeyId", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usergroup": { + "resource_type": "usergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "cluster": "cluster", + "globalreplicationgroup": "globalreplicationgroup", + "replicationgroup": "replicationgroup", + "securitygroup": "securitygroup", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to create a copy of an entire Redis cluster at a specific moment in time", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticache:KmsKeyId" + ], + "dependent_actions": [ + "elasticache:AddTagsToResource", + "s3:DeleteObject", + "s3:GetBucketAcl", + "s3:PutObject" + ] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "cluster": "cluster", + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateSnapshot.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user for Redis. Users are supported from Redis 6.0 onwards", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticache:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticache:UserAuthenticationMode" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateUser.html" + }, + "CreateUserGroup": { + "privilege": "CreateUserGroup", + "description": "Grants permission to create a user group for Redis. Groups are supported from Redis 6.0 onwards", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticache:AddTagsToResource" + ] + }, + "usergroup": { + "resource_type": "usergroup", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateUserGroup.html" + }, + "DecreaseNodeGroupsInGlobalReplicationGroup": { + "privilege": "DecreaseNodeGroupsInGlobalReplicationGroup", + "description": "Grants permission to decrease the number of node groups in global replication groups", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticache:NumNodeGroups" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DecreaseNodeGroupsInGlobalReplicationGroup.html" + }, + "DecreaseReplicaCount": { + "privilege": "DecreaseReplicaCount", + "description": "Grants permission to decrease the number of replicas in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticache:ReplicasPerNodeGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DecreaseReplicaCount.html" + }, + "DeleteCacheCluster": { + "privilege": "DeleteCacheCluster", + "description": "Grants permission to delete a previously provisioned cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheCluster.html" + }, + "DeleteCacheParameterGroup": { + "privilege": "DeleteCacheParameterGroup", + "description": "Grants permission to delete the specified cache parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheParameterGroup.html" + }, + "DeleteCacheSecurityGroup": { + "privilege": "DeleteCacheSecurityGroup", + "description": "Grants permission to delete a cache security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheSecurityGroup.html" + }, + "DeleteCacheSubnetGroup": { + "privilege": "DeleteCacheSubnetGroup", + "description": "Grants permission to delete a cache subnet group", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteCacheSubnetGroup.html" + }, + "DeleteGlobalReplicationGroup": { + "privilege": "DeleteGlobalReplicationGroup", + "description": "Grants permission to delete an existing global replication group", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteGlobalReplicationGroup.html" + }, + "DeleteReplicationGroup": { + "privilege": "DeleteReplicationGroup", + "description": "Grants permission to delete an existing replication group", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteReplicationGroup.html" + }, + "DeleteSnapshot": { + "privilege": "DeleteSnapshot", + "description": "Grants permission to delete an existing snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteSnapshot.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete an existing user and thus remove it from all user groups and replication groups where it was assigned", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteUser.html" + }, + "DeleteUserGroup": { + "privilege": "DeleteUserGroup", + "description": "Grants permission to delete an existing user group", + "access_level": "Write", + "resource_types": { + "usergroup": { + "resource_type": "usergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DeleteUserGroup.html" + }, + "DescribeCacheClusters": { + "privilege": "DescribeCacheClusters", + "description": "Grants permission to list information about provisioned cache clusters", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheClusters.html" + }, + "DescribeCacheEngineVersions": { + "privilege": "DescribeCacheEngineVersions", + "description": "Grants permission to list available cache engines and their versions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheEngineVersions.html" + }, + "DescribeCacheParameterGroups": { + "privilege": "DescribeCacheParameterGroups", + "description": "Grants permission to list cache parameter group descriptions", + "access_level": "List", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheParameterGroups.html" + }, + "DescribeCacheParameters": { + "privilege": "DescribeCacheParameters", + "description": "Grants permission to retrieve the detailed parameter list for a particular cache parameter group", + "access_level": "List", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheParameters.html" + }, + "DescribeCacheSecurityGroups": { + "privilege": "DescribeCacheSecurityGroups", + "description": "Grants permission to list cache security group descriptions", + "access_level": "List", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheSecurityGroups.html" + }, + "DescribeCacheSubnetGroups": { + "privilege": "DescribeCacheSubnetGroups", + "description": "Grants permission to list cache subnet group descriptions", + "access_level": "List", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeCacheSubnetGroups.html" + }, + "DescribeEngineDefaultParameters": { + "privilege": "DescribeEngineDefaultParameters", + "description": "Grants permission to retrieve the default engine and system parameter information for the specified cache engine", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeEngineDefaultParameters.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to list events related to clusters, cache security groups, and cache parameter groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeEvents.html" + }, + "DescribeGlobalReplicationGroups": { + "privilege": "DescribeGlobalReplicationGroups", + "description": "Grants permission to list information about global replication groups", + "access_level": "List", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeGlobalReplicationGroups.html" + }, + "DescribeReplicationGroups": { + "privilege": "DescribeReplicationGroups", + "description": "Grants permission to list information about provisioned replication groups", + "access_level": "List", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReplicationGroups.html" + }, + "DescribeReservedCacheNodes": { + "privilege": "DescribeReservedCacheNodes", + "description": "Grants permission to list information about purchased reserved cache nodes", + "access_level": "List", + "resource_types": { + "reserved-instance": { + "resource_type": "reserved-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reserved-instance": "reserved-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReservedCacheNodes.html" + }, + "DescribeReservedCacheNodesOfferings": { + "privilege": "DescribeReservedCacheNodesOfferings", + "description": "Grants permission to list available reserved cache node offerings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeReservedCacheNodesOfferings.html" + }, + "DescribeServiceUpdates": { + "privilege": "DescribeServiceUpdates", + "description": "Grants permission to list details of the service updates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeServiceUpdates.html" + }, + "DescribeSnapshots": { + "privilege": "DescribeSnapshots", + "description": "Grants permission to list information about cluster or replication group snapshots", + "access_level": "List", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeSnapshots.html" + }, + "DescribeUpdateActions": { + "privilege": "DescribeUpdateActions", + "description": "Grants permission to list details of the update actions for a set of clusters or replication groups", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUpdateActions.html" + }, + "DescribeUserGroups": { + "privilege": "DescribeUserGroups", + "description": "Grants permission to list information about Redis user groups", + "access_level": "List", + "resource_types": { + "usergroup": { + "resource_type": "usergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUserGroups.html" + }, + "DescribeUsers": { + "privilege": "DescribeUsers", + "description": "Grants permission to list information about Redis users", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DescribeUsers.html" + }, + "DisassociateGlobalReplicationGroup": { + "privilege": "DisassociateGlobalReplicationGroup", + "description": "Grants permission to remove a secondary replication group from the global replication group", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_DisassociateGlobalReplicationGroup.html" + }, + "FailoverGlobalReplicationGroup": { + "privilege": "FailoverGlobalReplicationGroup", + "description": "Grants permission to failover the primary region to a selected secondary region of a global replication group", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_FailoverGlobalReplicationGroup.html" + }, + "IncreaseNodeGroupsInGlobalReplicationGroup": { + "privilege": "IncreaseNodeGroupsInGlobalReplicationGroup", + "description": "Grants permission to increase the number of node groups in a global replication group", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticache:NumNodeGroups" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_IncreaseNodeGroupsInGlobalReplicationGroup.html" + }, + "IncreaseReplicaCount": { + "privilege": "IncreaseReplicaCount", + "description": "Grants permission to increase the number of replicas in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticache:ReplicasPerNodeGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_IncreaseReplicaCount.html" + }, + "ListAllowedNodeTypeModifications": { + "privilege": "ListAllowedNodeTypeModifications", + "description": "Grants permission to list available node type that can be used to scale a particular Redis cluster or replication group", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ListAllowedNodeTypeModifications.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an ElastiCache resource", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reserved-instance": { + "resource_type": "reserved-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usergroup": { + "resource_type": "usergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "parametergroup": "parametergroup", + "replicationgroup": "replicationgroup", + "reserved-instance": "reserved-instance", + "securitygroup": "securitygroup", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "user": "user", + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ListTagsForResource.html" + }, + "ModifyCacheCluster": { + "privilege": "ModifyCacheCluster", + "description": "Grants permission to modify settings for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [ + "elasticache:CacheNodeType", + "elasticache:EngineVersion", + "elasticache:MultiAZEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:SnapshotRetentionLimit", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "parametergroup": "parametergroup", + "securitygroup": "securitygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheCluster.html" + }, + "ModifyCacheParameterGroup": { + "privilege": "ModifyCacheParameterGroup", + "description": "Grants permission to modify parameters of a cache parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheParameterGroup.html" + }, + "ModifyCacheSubnetGroup": { + "privilege": "ModifyCacheSubnetGroup", + "description": "Grants permission to modify an existing cache subnet group", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyCacheSubnetGroup.html" + }, + "ModifyGlobalReplicationGroup": { + "privilege": "ModifyGlobalReplicationGroup", + "description": "Grants permission to modify settings for a global replication group", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticache:CacheNodeType", + "elasticache:EngineVersion", + "elasticache:AutomaticFailoverEnabled" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyGlobalReplicationGroup.html" + }, + "ModifyReplicationGroup": { + "privilege": "ModifyReplicationGroup", + "description": "Grants permission to modify the settings for a replication group", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [ + "elasticache:CacheNodeType", + "elasticache:EngineVersion", + "elasticache:AutomaticFailoverEnabled", + "elasticache:MultiAZEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:SnapshotRetentionLimit", + "elasticache:CacheParameterGroupName", + "elasticache:TransitEncryptionEnabled", + "elasticache:ClusterModeEnabled" + ], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usergroup": { + "resource_type": "usergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "parametergroup": "parametergroup", + "securitygroup": "securitygroup", + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyReplicationGroup.html" + }, + "ModifyReplicationGroupShardConfiguration": { + "privilege": "ModifyReplicationGroupShardConfiguration", + "description": "Grants permission to add shards, remove shards, or rebalance the keyspaces among existing shards of a replication group", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticache:NumNodeGroups" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyReplicationGroupShardConfiguration.html" + }, + "ModifyUser": { + "privilege": "ModifyUser", + "description": "Grants permission to change Redis user password(s) and/or access string", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticache:UserAuthenticationMode" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyUser.html" + }, + "ModifyUserGroup": { + "privilege": "ModifyUserGroup", + "description": "Grants permission to change list of users that belong to the user group", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "usergroup": { + "resource_type": "usergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ModifyUserGroup.html" + }, + "PurchaseReservedCacheNodesOffering": { + "privilege": "PurchaseReservedCacheNodesOffering", + "description": "Grants permission to purchase a reserved cache node offering", + "access_level": "Write", + "resource_types": { + "reserved-instance": { + "resource_type": "reserved-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticache:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reserved-instance": "reserved-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_PurchaseReservedCacheNodesOffering.html" + }, + "RebalanceSlotsInGlobalReplicationGroup": { + "privilege": "RebalanceSlotsInGlobalReplicationGroup", + "description": "Grants permission to perform a key space rebalance operation to redistribute slots and ensure uniform key distribution across existing shards in a global replication group", + "access_level": "Write", + "resource_types": { + "globalreplicationgroup": { + "resource_type": "globalreplicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "globalreplicationgroup": "globalreplicationgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RebalanceSlotsInGlobalReplicationGroup.html" + }, + "RebootCacheCluster": { + "privilege": "RebootCacheCluster", + "description": "Grants permission to reboot some, or all, of the cache nodes within a provisioned cache cluster or replication group (cluster mode disabled)", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RebootCacheCluster.html" + }, + "RemoveTagsFromResource": { + "privilege": "RemoveTagsFromResource", + "description": "Grants permission to remove tags from a ElastiCache resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replicationgroup": { + "resource_type": "replicationgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reserved-instance": { + "resource_type": "reserved-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usergroup": { + "resource_type": "usergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "parametergroup": "parametergroup", + "replicationgroup": "replicationgroup", + "reserved-instance": "reserved-instance", + "securitygroup": "securitygroup", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "user": "user", + "usergroup": "usergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RemoveTagsFromResource.html" + }, + "ResetCacheParameterGroup": { + "privilege": "ResetCacheParameterGroup", + "description": "Grants permission to modify parameters of a cache parameter group back to their default values", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticache:CacheParameterGroupName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_ResetCacheParameterGroup.html" + }, + "RevokeCacheSecurityGroupIngress": { + "privilege": "RevokeCacheSecurityGroupIngress", + "description": "Grants permission to remove an EC2 security group ingress from a ElastiCache security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_RevokeCacheSecurityGroupIngress.html" + }, + "StartMigration": { + "privilege": "StartMigration", + "description": "Grants permission to start a migration of data from hosted Redis on Amazon EC2 to ElastiCache for Redis", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_StartMigration.html" + }, + "TestFailover": { + "privilege": "TestFailover", + "description": "Grants permission to test automatic failover on a specified node group in a replication group", + "access_level": "Write", + "resource_types": { + "replicationgroup": { + "resource_type": "replicationgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationgroup": "replicationgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_TestFailover.html" + } + }, + "privileges_lower_name": { + "addtagstoresource": "AddTagsToResource", + "authorizecachesecuritygroupingress": "AuthorizeCacheSecurityGroupIngress", + "batchapplyupdateaction": "BatchApplyUpdateAction", + "batchstopupdateaction": "BatchStopUpdateAction", + "completemigration": "CompleteMigration", + "connect": "Connect", + "copysnapshot": "CopySnapshot", + "createcachecluster": "CreateCacheCluster", + "createcacheparametergroup": "CreateCacheParameterGroup", + "createcachesecuritygroup": "CreateCacheSecurityGroup", + "createcachesubnetgroup": "CreateCacheSubnetGroup", + "createglobalreplicationgroup": "CreateGlobalReplicationGroup", + "createreplicationgroup": "CreateReplicationGroup", + "createsnapshot": "CreateSnapshot", + "createuser": "CreateUser", + "createusergroup": "CreateUserGroup", + "decreasenodegroupsinglobalreplicationgroup": "DecreaseNodeGroupsInGlobalReplicationGroup", + "decreasereplicacount": "DecreaseReplicaCount", + "deletecachecluster": "DeleteCacheCluster", + "deletecacheparametergroup": "DeleteCacheParameterGroup", + "deletecachesecuritygroup": "DeleteCacheSecurityGroup", + "deletecachesubnetgroup": "DeleteCacheSubnetGroup", + "deleteglobalreplicationgroup": "DeleteGlobalReplicationGroup", + "deletereplicationgroup": "DeleteReplicationGroup", + "deletesnapshot": "DeleteSnapshot", + "deleteuser": "DeleteUser", + "deleteusergroup": "DeleteUserGroup", + "describecacheclusters": "DescribeCacheClusters", + "describecacheengineversions": "DescribeCacheEngineVersions", + "describecacheparametergroups": "DescribeCacheParameterGroups", + "describecacheparameters": "DescribeCacheParameters", + "describecachesecuritygroups": "DescribeCacheSecurityGroups", + "describecachesubnetgroups": "DescribeCacheSubnetGroups", + "describeenginedefaultparameters": "DescribeEngineDefaultParameters", + "describeevents": "DescribeEvents", + "describeglobalreplicationgroups": "DescribeGlobalReplicationGroups", + "describereplicationgroups": "DescribeReplicationGroups", + "describereservedcachenodes": "DescribeReservedCacheNodes", + "describereservedcachenodesofferings": "DescribeReservedCacheNodesOfferings", + "describeserviceupdates": "DescribeServiceUpdates", + "describesnapshots": "DescribeSnapshots", + "describeupdateactions": "DescribeUpdateActions", + "describeusergroups": "DescribeUserGroups", + "describeusers": "DescribeUsers", + "disassociateglobalreplicationgroup": "DisassociateGlobalReplicationGroup", + "failoverglobalreplicationgroup": "FailoverGlobalReplicationGroup", + "increasenodegroupsinglobalreplicationgroup": "IncreaseNodeGroupsInGlobalReplicationGroup", + "increasereplicacount": "IncreaseReplicaCount", + "listallowednodetypemodifications": "ListAllowedNodeTypeModifications", + "listtagsforresource": "ListTagsForResource", + "modifycachecluster": "ModifyCacheCluster", + "modifycacheparametergroup": "ModifyCacheParameterGroup", + "modifycachesubnetgroup": "ModifyCacheSubnetGroup", + "modifyglobalreplicationgroup": "ModifyGlobalReplicationGroup", + "modifyreplicationgroup": "ModifyReplicationGroup", + "modifyreplicationgroupshardconfiguration": "ModifyReplicationGroupShardConfiguration", + "modifyuser": "ModifyUser", + "modifyusergroup": "ModifyUserGroup", + "purchasereservedcachenodesoffering": "PurchaseReservedCacheNodesOffering", + "rebalanceslotsinglobalreplicationgroup": "RebalanceSlotsInGlobalReplicationGroup", + "rebootcachecluster": "RebootCacheCluster", + "removetagsfromresource": "RemoveTagsFromResource", + "resetcacheparametergroup": "ResetCacheParameterGroup", + "revokecachesecuritygroupingress": "RevokeCacheSecurityGroupIngress", + "startmigration": "StartMigration", + "testfailover": "TestFailover" + }, + "resources": { + "parametergroup": { + "resource": "parametergroup", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:parametergroup:${CacheParameterGroupName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "elasticache:CacheParameterGroupName" + ] + }, + "securitygroup": { + "resource": "securitygroup", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:securitygroup:${CacheSecurityGroupName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + }, + "subnetgroup": { + "resource": "subnetgroup", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:subnetgroup:${CacheSubnetGroupName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + }, + "replicationgroup": { + "resource": "replicationgroup", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:replicationgroup:${ReplicationGroupId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "elasticache:AtRestEncryptionEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:AutomaticFailoverEnabled", + "elasticache:CacheNodeType", + "elasticache:CacheParameterGroupName", + "elasticache:ClusterModeEnabled", + "elasticache:EngineType", + "elasticache:EngineVersion", + "elasticache:KmsKeyId", + "elasticache:MultiAZEnabled", + "elasticache:NumNodeGroups", + "elasticache:ReplicasPerNodeGroup", + "elasticache:SnapshotRetentionLimit", + "elasticache:TransitEncryptionEnabled" + ] + }, + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:cluster:${CacheClusterId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "elasticache:AuthTokenEnabled", + "elasticache:CacheNodeType", + "elasticache:CacheParameterGroupName", + "elasticache:EngineType", + "elasticache:EngineVersion", + "elasticache:MultiAZEnabled", + "elasticache:SnapshotRetentionLimit" + ] + }, + "reserved-instance": { + "resource": "reserved-instance", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:reserved-instance:${ReservedCacheNodeId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + }, + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:snapshot:${SnapshotName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "elasticache:KmsKeyId" + ] + }, + "globalreplicationgroup": { + "resource": "globalreplicationgroup", + "arn": "arn:${Partition}:elasticache::${Account}:globalreplicationgroup:${GlobalReplicationGroupId}", + "condition_keys": [ + "elasticache:AtRestEncryptionEnabled", + "elasticache:AuthTokenEnabled", + "elasticache:AutomaticFailoverEnabled", + "elasticache:CacheNodeType", + "elasticache:CacheParameterGroupName", + "elasticache:ClusterModeEnabled", + "elasticache:EngineType", + "elasticache:EngineVersion", + "elasticache:KmsKeyId", + "elasticache:MultiAZEnabled", + "elasticache:NumNodeGroups", + "elasticache:ReplicasPerNodeGroup", + "elasticache:SnapshotRetentionLimit", + "elasticache:TransitEncryptionEnabled" + ] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:user:${UserId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "elasticache:UserAuthenticationMode" + ] + }, + "usergroup": { + "resource": "usergroup", + "arn": "arn:${Partition}:elasticache:${Region}:${Account}:usergroup:${UserGroupId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + } + }, + "resources_lower_name": { + "parametergroup": "parametergroup", + "securitygroup": "securitygroup", + "subnetgroup": "subnetgroup", + "replicationgroup": "replicationgroup", + "cluster": "cluster", + "reserved-instance": "reserved-instance", + "snapshot": "snapshot", + "globalreplicationgroup": "globalreplicationgroup", + "user": "user", + "usergroup": "usergroup" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "elasticache:AtRestEncryptionEnabled": { + "condition": "elasticache:AtRestEncryptionEnabled", + "description": "Filters access by the AtRestEncryptionEnabled parameter present in the request or default false value if parameter is not present", + "type": "Bool" + }, + "elasticache:AuthTokenEnabled": { + "condition": "elasticache:AuthTokenEnabled", + "description": "Filters access by the presence of non empty AuthToken parameter in the request", + "type": "Bool" + }, + "elasticache:AutomaticFailoverEnabled": { + "condition": "elasticache:AutomaticFailoverEnabled", + "description": "Filters access by the AutomaticFailoverEnabled parameter in the request", + "type": "Bool" + }, + "elasticache:CacheNodeType": { + "condition": "elasticache:CacheNodeType", + "description": "Filters access by the cacheNodeType parameter present in the request. This key can be used to restrict which cache node types can be used on cluster creation or scaling operations", + "type": "String" + }, + "elasticache:CacheParameterGroupName": { + "condition": "elasticache:CacheParameterGroupName", + "description": "Filters access by the CacheParameterGroupName parameter in the request", + "type": "String" + }, + "elasticache:ClusterModeEnabled": { + "condition": "elasticache:ClusterModeEnabled", + "description": "Filters access by the cluster mode parameter present in the request. Default value for single node group (shard) creations is false", + "type": "Bool" + }, + "elasticache:EngineType": { + "condition": "elasticache:EngineType", + "description": "Filters access by the engine type present in creation requests. For replication group creations, default engine 'redis' is used as key if parameter is not present", + "type": "String" + }, + "elasticache:EngineVersion": { + "condition": "elasticache:EngineVersion", + "description": "Filters access by the engineVersion parameter present in creation or cluster modification requests", + "type": "String" + }, + "elasticache:KmsKeyId": { + "condition": "elasticache:KmsKeyId", + "description": "Filters access by the KmsKeyId parameter in the request", + "type": "String" + }, + "elasticache:MultiAZEnabled": { + "condition": "elasticache:MultiAZEnabled", + "description": "Filters access by the AZMode parameter, MultiAZEnabled parameter or the number of availability zones that the cluster or replication group can be placed in", + "type": "Bool" + }, + "elasticache:NumNodeGroups": { + "condition": "elasticache:NumNodeGroups", + "description": "Filters access by the NumNodeGroups or NodeGroupCount parameter specified in the request. This key can be used to restrict the number of node groups (shards) clusters can have after creation or scaling operations", + "type": "Numeric" + }, + "elasticache:ReplicasPerNodeGroup": { + "condition": "elasticache:ReplicasPerNodeGroup", + "description": "Filters access by the number of replicas per node group (shards) specified in creations or scaling requests", + "type": "Numeric" + }, + "elasticache:SnapshotRetentionLimit": { + "condition": "elasticache:SnapshotRetentionLimit", + "description": "Filters access by the SnapshotRetentionLimit parameter in the request", + "type": "Numeric" + }, + "elasticache:TransitEncryptionEnabled": { + "condition": "elasticache:TransitEncryptionEnabled", + "description": "Filters access by the TransitEncryptionEnabled parameter present in the request. For replication group creations, default value 'false' is used as key if parameter is not present", + "type": "Bool" + }, + "elasticache:UserAuthenticationMode": { + "condition": "elasticache:UserAuthenticationMode", + "description": "Filters access by the UserAuthenticationMode parameter in the request", + "type": "String" + } + } + }, + "ebs": { + "service_name": "Amazon Elastic Block Store", + "prefix": "ebs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticblockstore.html", + "privileges": { + "CompleteSnapshot": { + "privilege": "CompleteSnapshot", + "description": "Grants permission to seal and complete the snapshot after all of the required blocks of data have been written to it", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_CompleteSnapshot.html" + }, + "GetSnapshotBlock": { + "privilege": "GetSnapshotBlock", + "description": "Grants permission to return the data of a block in an Amazon Elastic Block Store (EBS) snapshot", + "access_level": "Read", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_GetSnapshotBlock.html" + }, + "ListChangedBlocks": { + "privilege": "ListChangedBlocks", + "description": "Grants permission to list the blocks that are different between two Amazon Elastic Block Store (EBS) snapshots of the same volume/snapshot lineage", + "access_level": "Read", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_ListChangedBlocks.html" + }, + "ListSnapshotBlocks": { + "privilege": "ListSnapshotBlocks", + "description": "Grants permission to list the blocks in an Amazon Elastic Block Store (EBS) snapshot", + "access_level": "Read", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_ListSnapshotBlocks.html" + }, + "PutSnapshotBlock": { + "privilege": "PutSnapshotBlock", + "description": "Grants permission to write a block of data to a snapshot created by the StartSnapshot operation", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_PutSnapshotBlock.html" + }, + "StartSnapshot": { + "privilege": "StartSnapshot", + "description": "Grants permission to create a new EBS snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ebs:Description", + "ebs:ParentSnapshot", + "ebs:VolumeSize" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ebs/latest/APIReference/API_StartSnapshot.html" + } + }, + "privileges_lower_name": { + "completesnapshot": "CompleteSnapshot", + "getsnapshotblock": "GetSnapshotBlock", + "listchangedblocks": "ListChangedBlocks", + "listsnapshotblocks": "ListSnapshotBlocks", + "putsnapshotblock": "PutSnapshotBlock", + "startsnapshot": "StartSnapshot" + }, + "resources": { + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:ec2:${Region}::snapshot/${SnapshotId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "ebs:Description", + "ebs:ParentSnapshot", + "ebs:VolumeSize" + ] + } + }, + "resources_lower_name": { + "snapshot": "snapshot" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + }, + "ebs:Description": { + "condition": "ebs:Description", + "description": "Filters access by the description of the snapshot being created", + "type": "String" + }, + "ebs:ParentSnapshot": { + "condition": "ebs:ParentSnapshot", + "description": "Filters access by the ID of the parent snapshot", + "type": "String" + }, + "ebs:VolumeSize": { + "condition": "ebs:VolumeSize", + "description": "Filters access by the size of the volume for the snapshot being created, in GiB", + "type": "Numeric" + } + } + }, + "ecr": { + "service_name": "Amazon Elastic Container Registry", + "prefix": "ecr", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerregistry.html", + "privileges": { + "BatchCheckLayerAvailability": { + "privilege": "BatchCheckLayerAvailability", + "description": "Grants permission to check the availability of multiple image layers in a specified registry and repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchCheckLayerAvailability.html" + }, + "BatchDeleteImage": { + "privilege": "BatchDeleteImage", + "description": "Grants permission to delete a list of specified images within a specified repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchDeleteImage.html" + }, + "BatchGetImage": { + "privilege": "BatchGetImage", + "description": "Grants permission to get detailed information for specified images within a specified repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchGetImage.html" + }, + "BatchGetRepositoryScanningConfiguration": { + "privilege": "BatchGetRepositoryScanningConfiguration", + "description": "Grants permission to retrieve repository scanning configuration for a list of repositories", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchGetRepositoryScanningConfiguration.html" + }, + "BatchImportUpstreamImage": { + "privilege": "BatchImportUpstreamImage", + "description": "Grants permission to retrieve the image from the upstream registry and import it to your private registry", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_BatchImportUpstreamImage.html" + }, + "CompleteLayerUpload": { + "privilege": "CompleteLayerUpload", + "description": "Grants permission to inform Amazon ECR that the image layer upload for a specified registry, repository name, and upload ID, has completed", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CompleteLayerUpload.html" + }, + "CreatePullThroughCacheRule": { + "privilege": "CreatePullThroughCacheRule", + "description": "Grants permission to create new pull-through cache rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CreatePullThroughCacheRule.html" + }, + "CreateRepository": { + "privilege": "CreateRepository", + "description": "Grants permission to create an image repository", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ecr:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_CreateRepository.html" + }, + "DeleteLifecyclePolicy": { + "privilege": "DeleteLifecyclePolicy", + "description": "Grants permission to delete the specified lifecycle policy", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteLifecyclePolicy.html" + }, + "DeletePullThroughCacheRule": { + "privilege": "DeletePullThroughCacheRule", + "description": "Grants permission to delete the pull-through cache rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeletePullThroughCacheRule.html" + }, + "DeleteRegistryPolicy": { + "privilege": "DeleteRegistryPolicy", + "description": "Grants permission to delete the registry policy", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteRegistryPolicy.html" + }, + "DeleteRepository": { + "privilege": "DeleteRepository", + "description": "Grants permission to delete an existing image repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteRepository.html" + }, + "DeleteRepositoryPolicy": { + "privilege": "DeleteRepositoryPolicy", + "description": "Grants permission to delete the repository policy from a specified repository", + "access_level": "Permissions management", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DeleteRepositoryPolicy.html" + }, + "DescribeImageReplicationStatus": { + "privilege": "DescribeImageReplicationStatus", + "description": "Grants permission to retrieve replication status about an image in a registry, including failure reason if replication fails", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeImageReplicationStatus.html" + }, + "DescribeImageScanFindings": { + "privilege": "DescribeImageScanFindings", + "description": "Grants permission to describe the image scan findings for the specified image", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeImageScanFindings.html" + }, + "DescribeImages": { + "privilege": "DescribeImages", + "description": "Grants permission to get metadata about the images in a repository, including image size, image tags, and creation date", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeImages.html" + }, + "DescribePullThroughCacheRules": { + "privilege": "DescribePullThroughCacheRules", + "description": "Grants permission to describe the pull-through cache rules", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribePullThroughCacheRules.html" + }, + "DescribeRegistry": { + "privilege": "DescribeRegistry", + "description": "Grants permission to describe the registry settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeRegistry.html" + }, + "DescribeRepositories": { + "privilege": "DescribeRepositories", + "description": "Grants permission to describe image repositories in a registry", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeRepositories.html" + }, + "GetAuthorizationToken": { + "privilege": "GetAuthorizationToken", + "description": "Grants permission to retrieve a token that is valid for a specified registry for 12 hours", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetAuthorizationToken.html" + }, + "GetDownloadUrlForLayer": { + "privilege": "GetDownloadUrlForLayer", + "description": "Grants permission to retrieve the download URL corresponding to an image layer", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetDownloadUrlForLayer.html" + }, + "GetLifecyclePolicy": { + "privilege": "GetLifecyclePolicy", + "description": "Grants permission to retrieve the specified lifecycle policy", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetLifecyclePolicy.html" + }, + "GetLifecyclePolicyPreview": { + "privilege": "GetLifecyclePolicyPreview", + "description": "Grants permission to retrieve the results of the specified lifecycle policy preview request", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetLifecyclePolicyPreview.html" + }, + "GetRegistryPolicy": { + "privilege": "GetRegistryPolicy", + "description": "Grants permission to retrieve the registry policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetRegistryPolicy.html" + }, + "GetRegistryScanningConfiguration": { + "privilege": "GetRegistryScanningConfiguration", + "description": "Grants permission to retrieve registry scanning configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetRegistryScanningConfiguration.html" + }, + "GetRepositoryPolicy": { + "privilege": "GetRepositoryPolicy", + "description": "Grants permission to retrieve the repository policy for a specified repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_GetRepositoryPolicy.html" + }, + "InitiateLayerUpload": { + "privilege": "InitiateLayerUpload", + "description": "Grants permission to notify Amazon ECR that you intend to upload an image layer", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_InitiateLayerUpload.html" + }, + "ListImages": { + "privilege": "ListImages", + "description": "Grants permission to list all the image IDs for a given repository", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_ListImages.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for an Amazon ECR resource", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_ListTagsForResource.html" + }, + "PutImage": { + "privilege": "PutImage", + "description": "Grants permission to create or update the image manifest associated with an image", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutImage.html" + }, + "PutImageScanningConfiguration": { + "privilege": "PutImageScanningConfiguration", + "description": "Grants permission to update the image scanning configuration for a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutImageScanningConfiguration.html" + }, + "PutImageTagMutability": { + "privilege": "PutImageTagMutability", + "description": "Grants permission to update the image tag mutability settings for a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutImageTagMutability.html" + }, + "PutLifecyclePolicy": { + "privilege": "PutLifecyclePolicy", + "description": "Grants permission to create or update a lifecycle policy", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutLifecyclePolicy.html" + }, + "PutRegistryPolicy": { + "privilege": "PutRegistryPolicy", + "description": "Grants permission to update the registry policy", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutRegistryPolicy.html" + }, + "PutRegistryScanningConfiguration": { + "privilege": "PutRegistryScanningConfiguration", + "description": "Grants permission to update registry scanning configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutRegistryScanningConfiguration.html" + }, + "PutReplicationConfiguration": { + "privilege": "PutReplicationConfiguration", + "description": "Grants permission to update the replication configuration for the registry", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutReplicationConfiguration.html" + }, + "ReplicateImage": { + "privilege": "ReplicateImage", + "description": "Grants permission to replicate images to the destination registry", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html" + }, + "SetRepositoryPolicy": { + "privilege": "SetRepositoryPolicy", + "description": "Grants permission to apply a repository policy on a specified repository to control access permissions", + "access_level": "Permissions management", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_SetRepositoryPolicy.html" + }, + "StartImageScan": { + "privilege": "StartImageScan", + "description": "Grants permission to start an image scan", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_StartImageScan.html" + }, + "StartLifecyclePolicyPreview": { + "privilege": "StartLifecyclePolicyPreview", + "description": "Grants permission to start a preview of the specified lifecycle policy", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_StartLifecyclePolicyPreview.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon ECR resource", + "access_level": "Tagging", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Amazon ECR resource", + "access_level": "Tagging", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_UntagResource.html" + }, + "UploadLayerPart": { + "privilege": "UploadLayerPart", + "description": "Grants permission to upload an image layer part to Amazon ECR", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_UploadLayerPart.html" + } + }, + "privileges_lower_name": { + "batchchecklayeravailability": "BatchCheckLayerAvailability", + "batchdeleteimage": "BatchDeleteImage", + "batchgetimage": "BatchGetImage", + "batchgetrepositoryscanningconfiguration": "BatchGetRepositoryScanningConfiguration", + "batchimportupstreamimage": "BatchImportUpstreamImage", + "completelayerupload": "CompleteLayerUpload", + "createpullthroughcacherule": "CreatePullThroughCacheRule", + "createrepository": "CreateRepository", + "deletelifecyclepolicy": "DeleteLifecyclePolicy", + "deletepullthroughcacherule": "DeletePullThroughCacheRule", + "deleteregistrypolicy": "DeleteRegistryPolicy", + "deleterepository": "DeleteRepository", + "deleterepositorypolicy": "DeleteRepositoryPolicy", + "describeimagereplicationstatus": "DescribeImageReplicationStatus", + "describeimagescanfindings": "DescribeImageScanFindings", + "describeimages": "DescribeImages", + "describepullthroughcacherules": "DescribePullThroughCacheRules", + "describeregistry": "DescribeRegistry", + "describerepositories": "DescribeRepositories", + "getauthorizationtoken": "GetAuthorizationToken", + "getdownloadurlforlayer": "GetDownloadUrlForLayer", + "getlifecyclepolicy": "GetLifecyclePolicy", + "getlifecyclepolicypreview": "GetLifecyclePolicyPreview", + "getregistrypolicy": "GetRegistryPolicy", + "getregistryscanningconfiguration": "GetRegistryScanningConfiguration", + "getrepositorypolicy": "GetRepositoryPolicy", + "initiatelayerupload": "InitiateLayerUpload", + "listimages": "ListImages", + "listtagsforresource": "ListTagsForResource", + "putimage": "PutImage", + "putimagescanningconfiguration": "PutImageScanningConfiguration", + "putimagetagmutability": "PutImageTagMutability", + "putlifecyclepolicy": "PutLifecyclePolicy", + "putregistrypolicy": "PutRegistryPolicy", + "putregistryscanningconfiguration": "PutRegistryScanningConfiguration", + "putreplicationconfiguration": "PutReplicationConfiguration", + "replicateimage": "ReplicateImage", + "setrepositorypolicy": "SetRepositoryPolicy", + "startimagescan": "StartImageScan", + "startlifecyclepolicypreview": "StartLifecyclePolicyPreview", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "uploadlayerpart": "UploadLayerPart" + }, + "resources": { + "repository": { + "resource": "repository", + "arn": "arn:${Partition}:ecr:${Region}:${Account}:repository/${RepositoryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecr:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "repository": "repository" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "ecr:ResourceTag/${TagKey}": { + "condition": "ecr:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + } + } + }, + "ecr-public": { + "service_name": "Amazon Elastic Container Registry Public", + "prefix": "ecr-public", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerregistrypublic.html", + "privileges": { + "BatchCheckLayerAvailability": { + "privilege": "BatchCheckLayerAvailability", + "description": "Grants permission to check the availability of multiple image layers in a specified registry and repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_BatchCheckLayerAvailability.html" + }, + "BatchDeleteImage": { + "privilege": "BatchDeleteImage", + "description": "Grants permission to delete a list of specified images within a specified repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_BatchDeleteImage.html" + }, + "CompleteLayerUpload": { + "privilege": "CompleteLayerUpload", + "description": "Grants permission to inform Amazon ECR that the image layer upload for a specified registry, repository name, and upload ID, has completed", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_CompleteLayerUpload.html" + }, + "CreateRepository": { + "privilege": "CreateRepository", + "description": "Grants permission to create an image repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_CreateRepository.html" + }, + "DeleteRepository": { + "privilege": "DeleteRepository", + "description": "Grants permission to delete an existing image repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DeleteRepository.html" + }, + "DeleteRepositoryPolicy": { + "privilege": "DeleteRepositoryPolicy", + "description": "Grants permission to delete the repository policy from a specified repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DeleteRepositoryPolicy.html" + }, + "DescribeImageTags": { + "privilege": "DescribeImageTags", + "description": "Grants permission to describe all the image tags for a given repository", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeImageTags.html" + }, + "DescribeImages": { + "privilege": "DescribeImages", + "description": "Grants permission to get metadata about the images in a repository, including image size, image tags, and creation date", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeImages.html" + }, + "DescribeRegistries": { + "privilege": "DescribeRegistries", + "description": "Grants permission to retrieve the catalog data associated with a registry", + "access_level": "List", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeRegistries.html" + }, + "DescribeRepositories": { + "privilege": "DescribeRepositories", + "description": "Grants permission to describe image repositories in a registry", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_DescribeRepositories.html" + }, + "GetAuthorizationToken": { + "privilege": "GetAuthorizationToken", + "description": "Grants permission to retrieve a token that is valid for a specified registry for 12 hours", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetAuthorizationToken.html" + }, + "GetRegistryCatalogData": { + "privilege": "GetRegistryCatalogData", + "description": "Grants permission to retrieve the catalog data associated with a registry", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetRegistryCatalogData.html" + }, + "GetRepositoryCatalogData": { + "privilege": "GetRepositoryCatalogData", + "description": "Grants permission to retrieve the catalog data associated with a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetRepositoryCatalogData.html" + }, + "GetRepositoryPolicy": { + "privilege": "GetRepositoryPolicy", + "description": "Grants permission to retrieve the repository policy for a specified repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_GetRepositoryPolicy.html" + }, + "InitiateLayerUpload": { + "privilege": "InitiateLayerUpload", + "description": "Grants permission to notify Amazon ECR that you intend to upload an image layer", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_InitiateLayerUpload.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for an Amazon ECR resource", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_ListTagsForResource.html" + }, + "PutImage": { + "privilege": "PutImage", + "description": "Grants permission to create or update the image manifest associated with an image", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_PutImage.html" + }, + "PutRegistryCatalogData": { + "privilege": "PutRegistryCatalogData", + "description": "Grants permission to create and update the catalog data associated with a registry", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_PutRegistryCatalogData.html" + }, + "PutRepositoryCatalogData": { + "privilege": "PutRepositoryCatalogData", + "description": "Grants permission to update the catalog data associated with a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_PutRepositoryCatalogData.html" + }, + "SetRepositoryPolicy": { + "privilege": "SetRepositoryPolicy", + "description": "Grants permission to apply a repository policy on a specified repository to control access permissions", + "access_level": "Permissions management", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_SetRepositoryPolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon ECR resource", + "access_level": "Tagging", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Amazon ECR resource", + "access_level": "Tagging", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_UntagResource.html" + }, + "UploadLayerPart": { + "privilege": "UploadLayerPart", + "description": "Grants permission to upload an image layer part to Amazon ECR Public", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECRPublic/latest/APIReference/API_UploadLayerPart.html" + } + }, + "privileges_lower_name": { + "batchchecklayeravailability": "BatchCheckLayerAvailability", + "batchdeleteimage": "BatchDeleteImage", + "completelayerupload": "CompleteLayerUpload", + "createrepository": "CreateRepository", + "deleterepository": "DeleteRepository", + "deleterepositorypolicy": "DeleteRepositoryPolicy", + "describeimagetags": "DescribeImageTags", + "describeimages": "DescribeImages", + "describeregistries": "DescribeRegistries", + "describerepositories": "DescribeRepositories", + "getauthorizationtoken": "GetAuthorizationToken", + "getregistrycatalogdata": "GetRegistryCatalogData", + "getrepositorycatalogdata": "GetRepositoryCatalogData", + "getrepositorypolicy": "GetRepositoryPolicy", + "initiatelayerupload": "InitiateLayerUpload", + "listtagsforresource": "ListTagsForResource", + "putimage": "PutImage", + "putregistrycatalogdata": "PutRegistryCatalogData", + "putrepositorycatalogdata": "PutRepositoryCatalogData", + "setrepositorypolicy": "SetRepositoryPolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "uploadlayerpart": "UploadLayerPart" + }, + "resources": { + "repository": { + "resource": "repository", + "arn": "arn:${Partition}:ecr-public::${Account}:repository/${RepositoryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecr-public:ResourceTag/${TagKey}" + ] + }, + "registry": { + "resource": "registry", + "arn": "arn:${Partition}:ecr-public::${Account}:registry/${RegistryId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "repository": "repository", + "registry": "registry" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters create requests based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters create requests based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "ecr-public:ResourceTag/${TagKey}": { + "condition": "ecr-public:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value associated with the resource", + "type": "String" + } + } + }, + "ecs": { + "service_name": "Amazon Elastic Container Service", + "prefix": "ecs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerservice.html", + "privileges": { + "CreateCapacityProvider": { + "privilege": "CreateCapacityProvider", + "description": "Grants permission to create a new capacity provider. Capacity providers are associated with an Amazon ECS cluster and are used in capacity provider strategies to facilitate cluster auto scaling", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create a new Amazon ECS cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:capacity-provider", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCluster.html" + }, + "CreateService": { + "privilege": "CreateService", + "description": "Grants permission to run and maintain a desired number of tasks from a specified task definition via service creation", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:capacity-provider", + "ecs:task-definition", + "ecs:enable-execute-command", + "ecs:enable-service-connect", + "ecs:namespace", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html" + }, + "CreateTaskSet": { + "privilege": "CreateTaskSet", + "description": "Grants permission to create a new Amazon ECS task set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:capacity-provider", + "ecs:service", + "ecs:task-definition", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateTaskSet.html" + }, + "DeleteAccountSetting": { + "privilege": "DeleteAccountSetting", + "description": "Grants permission to modify the ARN and resource ID format of a resource for a specified IAM user, IAM role, or the root user for an account. You can specify whether the new ARN and resource ID format are disabled for new resources that are created", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteAccountSetting.html" + }, + "DeleteAttributes": { + "privilege": "DeleteAttributes", + "description": "Grants permission to delete one or more custom attributes from an Amazon ECS resource", + "access_level": "Write", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteAttributes.html" + }, + "DeleteCapacityProvider": { + "privilege": "DeleteCapacityProvider", + "description": "Grants permission to delete the specified capacity provider", + "access_level": "Write", + "resource_types": { + "capacity-provider": { + "resource_type": "capacity-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-provider": "capacity-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteCapacityProvider.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permission to delete the specified cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteCluster.html" + }, + "DeleteService": { + "privilege": "DeleteService", + "description": "Grants permission to delete a specified service within a cluster", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteService.html" + }, + "DeleteTaskDefinitions": { + "privilege": "DeleteTaskDefinitions", + "description": "Grants permission to delete the specified task definitions by family and revision", + "access_level": "Write", + "resource_types": { + "task-definition": { + "resource_type": "task-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-definition": "task-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskDefinitions.html" + }, + "DeleteTaskSet": { + "privilege": "DeleteTaskSet", + "description": "Grants permission to delete the specified task set", + "access_level": "Write", + "resource_types": { + "task-set": { + "resource_type": "task-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:service" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-set": "task-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html" + }, + "DeregisterContainerInstance": { + "privilege": "DeregisterContainerInstance", + "description": "Grants permission to deregister an Amazon ECS container instance from the specified cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeregisterContainerInstance.html" + }, + "DeregisterTaskDefinition": { + "privilege": "DeregisterTaskDefinition", + "description": "Grants permission to deregister the specified task definition by family and revision", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeregisterTaskDefinition.html" + }, + "DescribeCapacityProviders": { + "privilege": "DescribeCapacityProviders", + "description": "Grants permission to describe one or more Amazon ECS capacity providers", + "access_level": "Read", + "resource_types": { + "capacity-provider": { + "resource_type": "capacity-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-provider": "capacity-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeCapacityProviders.html" + }, + "DescribeClusters": { + "privilege": "DescribeClusters", + "description": "Grants permission to describes one or more of your clusters", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeClusters.html" + }, + "DescribeContainerInstances": { + "privilege": "DescribeContainerInstances", + "description": "Grants permission to describes Amazon ECS container instances", + "access_level": "Read", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html" + }, + "DescribeServices": { + "privilege": "DescribeServices", + "description": "Grants permission to describe the specified services running in your cluster", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeServices.html" + }, + "DescribeTaskDefinition": { + "privilege": "DescribeTaskDefinition", + "description": "Grants permission to describe a task definition. You can specify a family and revision to find information about a specific task definition, or you can simply specify the family to find the latest ACTIVE revision in that family", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTaskDefinition.html" + }, + "DescribeTaskSets": { + "privilege": "DescribeTaskSets", + "description": "Grants permission to describe Amazon ECS task sets", + "access_level": "Read", + "resource_types": { + "task-set": { + "resource_type": "task-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:service" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-set": "task-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTaskSets.html" + }, + "DescribeTasks": { + "privilege": "DescribeTasks", + "description": "Grants permission to describe a specified task or tasks", + "access_level": "Read", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html" + }, + "DiscoverPollEndpoint": { + "privilege": "DiscoverPollEndpoint", + "description": "Grants permission to get an endpoint for the Amazon ECS agent to poll for updates", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DiscoverPollEndpoint.html" + }, + "ExecuteCommand": { + "privilege": "ExecuteCommand", + "description": "Grants permission to run a command remotely on an Amazon ECS container", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:container-name", + "ecs:task" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ExecuteCommand.html" + }, + "GetTaskProtection": { + "privilege": "GetTaskProtection", + "description": "Grants permission to retrieve the protection status of tasks in an Amazon ECS service", + "access_level": "Read", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_GetTaskProtection.html" + }, + "ListAccountSettings": { + "privilege": "ListAccountSettings", + "description": "Grants permission to list the account settings for an Amazon ECS resource for a specified principal", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListAccountSettings.html" + }, + "ListAttributes": { + "privilege": "ListAttributes", + "description": "Grants permission to lists the attributes for Amazon ECS resources within a specified target type and cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListAttributes.html" + }, + "ListClusters": { + "privilege": "ListClusters", + "description": "Grants permission to get a list of existing clusters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListClusters.html" + }, + "ListContainerInstances": { + "privilege": "ListContainerInstances", + "description": "Grants permission to get a list of container instances in a specified cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListContainerInstances.html" + }, + "ListServices": { + "privilege": "ListServices", + "description": "Grants permission to get a list of services that are running in a specified cluster", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListServices.html" + }, + "ListServicesByNamespace": { + "privilege": "ListServicesByNamespace", + "description": "Grants permission to get a list of services that are running in a specified AWS Cloud Map Namespace", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:namespace" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListServicesByNamespace.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get a list of tags for the specified resource", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "container-instance": { + "resource_type": "container-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-definition": { + "resource_type": "task-definition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "container-instance": "container-instance", + "task": "task", + "task-definition": "task-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTaskDefinitionFamilies": { + "privilege": "ListTaskDefinitionFamilies", + "description": "Grants permission to get a list of task definition families that are registered to your account (which may include task definition families that no longer have any ACTIVE task definitions)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListServices.html" + }, + "ListTaskDefinitions": { + "privilege": "ListTaskDefinitions", + "description": "Grants permission to get a list of task definitions that are registered to your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListTaskDefinitions.html" + }, + "ListTasks": { + "privilege": "ListTasks", + "description": "Grants permission to get a list of tasks for a specified cluster", + "access_level": "List", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListTasks.html" + }, + "Poll": { + "privilege": "Poll", + "description": "Grants permission to an agent to connect with the Amazon ECS service to report status and get commands", + "access_level": "Write", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html" + }, + "PutAccountSetting": { + "privilege": "PutAccountSetting", + "description": "Grants permission to modify the ARN and resource ID format of a resource for a specified IAM user, IAM role, or the root user for an account. You can specify whether the new ARN and resource ID format are enabled for new resources that are created. Enabling this setting is required to use new Amazon ECS features such as resource tagging", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html" + }, + "PutAccountSettingDefault": { + "privilege": "PutAccountSettingDefault", + "description": "Grants permission to modify the ARN and resource ID format of a resource type for all IAM users on an account for which no individual account setting has been set. Enabling this setting is required to use new Amazon ECS features such as resource tagging", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html" + }, + "PutAttributes": { + "privilege": "PutAttributes", + "description": "Grants permission to create or update an attribute on an Amazon ECS resource", + "access_level": "Write", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAttributes.html" + }, + "PutClusterCapacityProviders": { + "privilege": "PutClusterCapacityProviders", + "description": "Grants permission to modify the available capacity providers and the default capacity provider strategy for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:capacity-provider" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutClusterCapacityProviders.html" + }, + "RegisterContainerInstance": { + "privilege": "RegisterContainerInstance", + "description": "Grants permission to register an EC2 instance into the specified cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RegisterContainerInstance.html" + }, + "RegisterTaskDefinition": { + "privilege": "RegisterTaskDefinition", + "description": "Grants permission to register a new task definition from the supplied family and containerDefinitions", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RegisterTaskDefinition.html" + }, + "RunTask": { + "privilege": "RunTask", + "description": "Grants permission to start a task using random placement and the default Amazon ECS scheduler", + "access_level": "Write", + "resource_types": { + "task-definition": { + "resource_type": "task-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:capacity-provider", + "ecs:enable-execute-command", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-definition": "task-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html" + }, + "StartTask": { + "privilege": "StartTask", + "description": "Grants permission to start a new task from the specified task definition on the specified container instance or instances", + "access_level": "Write", + "resource_types": { + "task-definition": { + "resource_type": "task-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:container-instances", + "ecs:enable-execute-command", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-definition": "task-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_StartTask.html" + }, + "StartTelemetrySession": { + "privilege": "StartTelemetrySession", + "description": "Grants permission to start a telemetry session", + "access_level": "Write", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-metrics.html#enable_cloudwatch" + }, + "StopTask": { + "privilege": "StopTask", + "description": "Grants permission to stop a running task", + "access_level": "Write", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_StopTask.html" + }, + "SubmitAttachmentStateChanges": { + "privilege": "SubmitAttachmentStateChanges", + "description": "Grants permission to send an acknowledgement that attachments changed states", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_SubmitAttachmentStateChanges.html" + }, + "SubmitContainerStateChange": { + "privilege": "SubmitContainerStateChange", + "description": "Grants permission to send an acknowledgement that a container changed states", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_SubmitContainerStateChange.html" + }, + "SubmitTaskStateChange": { + "privilege": "SubmitTaskStateChange", + "description": "Grants permission to send an acknowledgement that a task changed states", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_SubmitTaskStateChange.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag the specified resource", + "access_level": "Tagging", + "resource_types": { + "capacity-provider": { + "resource_type": "capacity-provider", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "container-instance": { + "resource_type": "container-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-definition": { + "resource_type": "task-definition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-set": { + "resource_type": "task-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "ecs:CreateAction" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-provider": "capacity-provider", + "cluster": "cluster", + "container-instance": "container-instance", + "service": "service", + "task": "task", + "task-definition": "task-definition", + "task-set": "task-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified resource", + "access_level": "Tagging", + "resource_types": { + "capacity-provider": { + "resource_type": "capacity-provider", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "container-instance": { + "resource_type": "container-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-definition": { + "resource_type": "task-definition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task-set": { + "resource_type": "task-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-provider": "capacity-provider", + "cluster": "cluster", + "container-instance": "container-instance", + "service": "service", + "task": "task", + "task-definition": "task-definition", + "task-set": "task-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UntagResource.html" + }, + "UpdateCapacityProvider": { + "privilege": "UpdateCapacityProvider", + "description": "Grants permission to update the specified capacity provider", + "access_level": "Write", + "resource_types": { + "capacity-provider": { + "resource_type": "capacity-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "capacity-provider": "capacity-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateCapacityProvider.html" + }, + "UpdateCluster": { + "privilege": "UpdateCluster", + "description": "Grants permission to modify the configuration or settings to use for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateCluster.html" + }, + "UpdateClusterSettings": { + "privilege": "UpdateClusterSettings", + "description": "Grants permission to modify the settings to use for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateClusterSettings.html" + }, + "UpdateContainerAgent": { + "privilege": "UpdateContainerAgent", + "description": "Grants permission to update the Amazon ECS container agent on a specified container instance", + "access_level": "Write", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateContainerAgent.html" + }, + "UpdateContainerInstancesState": { + "privilege": "UpdateContainerInstancesState", + "description": "Grants permission to the user to modify the status of an Amazon ECS container instance", + "access_level": "Write", + "resource_types": { + "container-instance": { + "resource_type": "container-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container-instance": "container-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateContainerInstancesState.html" + }, + "UpdateService": { + "privilege": "UpdateService", + "description": "Grants permission to modify the parameters of a service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:capacity-provider", + "ecs:enable-execute-command", + "ecs:enable-service-connect", + "ecs:namespace", + "ecs:task-definition" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateService.html" + }, + "UpdateServicePrimaryTaskSet": { + "privilege": "UpdateServicePrimaryTaskSet", + "description": "Grants permission to modify the primary task set used in a service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateServicePrimaryTaskSet.html" + }, + "UpdateTaskProtection": { + "privilege": "UpdateTaskProtection", + "description": "Grants permission to modify the protection status of a task", + "access_level": "Write", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateTaskProtection.html" + }, + "UpdateTaskSet": { + "privilege": "UpdateTaskSet", + "description": "Grants permission to update the specified task set", + "access_level": "Write", + "resource_types": { + "task-set": { + "resource_type": "task-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ecs:cluster", + "ecs:service" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task-set": "task-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateTaskSet.html" + } + }, + "privileges_lower_name": { + "createcapacityprovider": "CreateCapacityProvider", + "createcluster": "CreateCluster", + "createservice": "CreateService", + "createtaskset": "CreateTaskSet", + "deleteaccountsetting": "DeleteAccountSetting", + "deleteattributes": "DeleteAttributes", + "deletecapacityprovider": "DeleteCapacityProvider", + "deletecluster": "DeleteCluster", + "deleteservice": "DeleteService", + "deletetaskdefinitions": "DeleteTaskDefinitions", + "deletetaskset": "DeleteTaskSet", + "deregistercontainerinstance": "DeregisterContainerInstance", + "deregistertaskdefinition": "DeregisterTaskDefinition", + "describecapacityproviders": "DescribeCapacityProviders", + "describeclusters": "DescribeClusters", + "describecontainerinstances": "DescribeContainerInstances", + "describeservices": "DescribeServices", + "describetaskdefinition": "DescribeTaskDefinition", + "describetasksets": "DescribeTaskSets", + "describetasks": "DescribeTasks", + "discoverpollendpoint": "DiscoverPollEndpoint", + "executecommand": "ExecuteCommand", + "gettaskprotection": "GetTaskProtection", + "listaccountsettings": "ListAccountSettings", + "listattributes": "ListAttributes", + "listclusters": "ListClusters", + "listcontainerinstances": "ListContainerInstances", + "listservices": "ListServices", + "listservicesbynamespace": "ListServicesByNamespace", + "listtagsforresource": "ListTagsForResource", + "listtaskdefinitionfamilies": "ListTaskDefinitionFamilies", + "listtaskdefinitions": "ListTaskDefinitions", + "listtasks": "ListTasks", + "poll": "Poll", + "putaccountsetting": "PutAccountSetting", + "putaccountsettingdefault": "PutAccountSettingDefault", + "putattributes": "PutAttributes", + "putclustercapacityproviders": "PutClusterCapacityProviders", + "registercontainerinstance": "RegisterContainerInstance", + "registertaskdefinition": "RegisterTaskDefinition", + "runtask": "RunTask", + "starttask": "StartTask", + "starttelemetrysession": "StartTelemetrySession", + "stoptask": "StopTask", + "submitattachmentstatechanges": "SubmitAttachmentStateChanges", + "submitcontainerstatechange": "SubmitContainerStateChange", + "submittaskstatechange": "SubmitTaskStateChange", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecapacityprovider": "UpdateCapacityProvider", + "updatecluster": "UpdateCluster", + "updateclustersettings": "UpdateClusterSettings", + "updatecontaineragent": "UpdateContainerAgent", + "updatecontainerinstancesstate": "UpdateContainerInstancesState", + "updateservice": "UpdateService", + "updateserviceprimarytaskset": "UpdateServicePrimaryTaskSet", + "updatetaskprotection": "UpdateTaskProtection", + "updatetaskset": "UpdateTaskSet" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:cluster/${ClusterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecs:ResourceTag/${TagKey}" + ] + }, + "container-instance": { + "resource": "container-instance", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:container-instance/${ClusterName}/${ContainerInstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecs:ResourceTag/${TagKey}" + ] + }, + "service": { + "resource": "service", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:service/${ClusterName}/${ServiceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecs:ResourceTag/${TagKey}" + ] + }, + "task": { + "resource": "task", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:task/${ClusterName}/${TaskId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecs:ResourceTag/${TagKey}" + ] + }, + "task-definition": { + "resource": "task-definition", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:task-definition/${TaskDefinitionFamilyName}:${TaskDefinitionRevisionNumber}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecs:ResourceTag/${TagKey}" + ] + }, + "capacity-provider": { + "resource": "capacity-provider", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:capacity-provider/${CapacityProviderName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecs:ResourceTag/${TagKey}" + ] + }, + "task-set": { + "resource": "task-set", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:task-set/${ClusterName}/${ServiceName}/${TaskSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ecs:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "container-instance": "container-instance", + "service": "service", + "task": "task", + "task-definition": "task-definition", + "capacity-provider": "capacity-provider", + "task-set": "task-set" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "ecs:ResourceTag/${TagKey}": { + "condition": "ecs:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "ecs:capacity-provider": { + "condition": "ecs:capacity-provider", + "description": "Filters access by the ARN of an Amazon ECS capacity provider", + "type": "ARN" + }, + "ecs:cluster": { + "condition": "ecs:cluster", + "description": "Filters access by the ARN of an Amazon ECS cluster", + "type": "ARN" + }, + "ecs:container-instances": { + "condition": "ecs:container-instances", + "description": "Filters access by the ARN of an Amazon ECS container instance", + "type": "ARN" + }, + "ecs:container-name": { + "condition": "ecs:container-name", + "description": "Filters access by the name of an Amazon ECS container which is defined in the ECS task definition", + "type": "String" + }, + "ecs:enable-execute-command": { + "condition": "ecs:enable-execute-command", + "description": "Filters access by the execute-command capability of your Amazon ECS task or Amazon ECS service", + "type": "String" + }, + "ecs:enable-service-connect": { + "condition": "ecs:enable-service-connect", + "description": "Filters access by the enable field value in the Service Connect configuration", + "type": "String" + }, + "ecs:namespace": { + "condition": "ecs:namespace", + "description": "Filters access by the ARN of AWS Cloud Map namespace which is defined in the Service Connect Configuration", + "type": "ARN" + }, + "ecs:service": { + "condition": "ecs:service", + "description": "Filters access by the ARN of an Amazon ECS service", + "type": "ARN" + }, + "ecs:task": { + "condition": "ecs:task", + "description": "Filters access by the ARN of an Amazon ECS task", + "type": "ARN" + }, + "ecs:task-definition": { + "condition": "ecs:task-definition", + "description": "Filters access by the ARN of an Amazon ECS task definition", + "type": "ARN" + } + } + }, + "elasticfilesystem": { + "service_name": "Amazon Elastic File System", + "prefix": "elasticfilesystem", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticfilesystem.html", + "privileges": { + "Backup": { + "privilege": "Backup", + "description": "Grants permission to start a backup job for an existing file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-backup-solutions.html" + }, + "ClientMount": { + "privilege": "ClientMount", + "description": "Grants permission to allow an NFS client read-access to a file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticfilesystem:AccessPointArn", + "elasticfilesystem:AccessedViaMountTarget" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-client-authorization.html" + }, + "ClientRootAccess": { + "privilege": "ClientRootAccess", + "description": "Grants permission to allow an NFS client root-access to a file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticfilesystem:AccessPointArn", + "elasticfilesystem:AccessedViaMountTarget" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-client-authorization.html" + }, + "ClientWrite": { + "privilege": "ClientWrite", + "description": "Grants permission to allow an NFS client write-access to a file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticfilesystem:AccessPointArn", + "elasticfilesystem:AccessedViaMountTarget" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-client-authorization.html" + }, + "CreateAccessPoint": { + "privilege": "CreateAccessPoint", + "description": "Grants permission to create an access point for the specified file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateAccessPoint.html" + }, + "CreateFileSystem": { + "privilege": "CreateFileSystem", + "description": "Grants permission to create a new, empty file system", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticfilesystem:Encrypted" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateFileSystem.html" + }, + "CreateMountTarget": { + "privilege": "CreateMountTarget", + "description": "Grants permission to create a mount target for a file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateMountTarget.html" + }, + "CreateReplicationConfiguration": { + "privilege": "CreateReplicationConfiguration", + "description": "Grants permission to create a new replication configuration", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateReplicationConfiguration.html" + }, + "CreateTags": { + "privilege": "CreateTags", + "description": "Grants permission to create or overwrite tags associated with a file system; deprecated, see TagResource", + "access_level": "Tagging", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_CreateTags.html" + }, + "DeleteAccessPoint": { + "privilege": "DeleteAccessPoint", + "description": "Grants permission to delete the specified access point", + "access_level": "Write", + "resource_types": { + "access-point": { + "resource_type": "access-point", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-point": "access-point" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteAccessPoint.html" + }, + "DeleteFileSystem": { + "privilege": "DeleteFileSystem", + "description": "Grants permission to delete a file system, permanently severing access to its contents", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteFileSystem.html" + }, + "DeleteFileSystemPolicy": { + "privilege": "DeleteFileSystemPolicy", + "description": "Grants permission to delete the resource-level policy for a file system", + "access_level": "Permissions management", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteFileSystemPolicy.html" + }, + "DeleteMountTarget": { + "privilege": "DeleteMountTarget", + "description": "Grants permission to delete the specified mount target", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteMountTarget.html" + }, + "DeleteReplicationConfiguration": { + "privilege": "DeleteReplicationConfiguration", + "description": "Grants permission to delete a replication configuration", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteReplicationConfiguration.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete the specified tags from a file system; deprecated, see UntagResource", + "access_level": "Tagging", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DeleteTags.html" + }, + "DescribeAccessPoints": { + "privilege": "DescribeAccessPoints", + "description": "Grants permission to view the descriptions of Amazon EFS access points", + "access_level": "List", + "resource_types": { + "access-point": { + "resource_type": "access-point", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-point": "access-point", + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeAccessPoints.html" + }, + "DescribeAccountPreferences": { + "privilege": "DescribeAccountPreferences", + "description": "Grants permission to view the account preferences in effect for an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeAccountPreferences.html" + }, + "DescribeBackupPolicy": { + "privilege": "DescribeBackupPolicy", + "description": "Grants permission to view the BackupPolicy object for an Amazon EFS file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeBackupPolicy.html" + }, + "DescribeFileSystemPolicy": { + "privilege": "DescribeFileSystemPolicy", + "description": "Grants permission to view the resource-level policy for an Amazon EFS file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeFileSystemPolicy.html" + }, + "DescribeFileSystems": { + "privilege": "DescribeFileSystems", + "description": "Grants permission to view the description of an Amazon EFS file system specified by file system CreationToken or FileSystemId; or to view the description of all file systems owned by the caller's AWS account in the AWS region of the endpoint that is being called", + "access_level": "List", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeFileSystems.html" + }, + "DescribeLifecycleConfiguration": { + "privilege": "DescribeLifecycleConfiguration", + "description": "Grants permission to view the LifecycleConfiguration object for an Amazon EFS file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeLifecycleConfiguration.html" + }, + "DescribeMountTargetSecurityGroups": { + "privilege": "DescribeMountTargetSecurityGroups", + "description": "Grants permission to view the security groups in effect for a mount target", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeMountTargetSecurityGroups.html" + }, + "DescribeMountTargets": { + "privilege": "DescribeMountTargets", + "description": "Grants permission to view the descriptions of all mount targets, or a specific mount target, for a file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "access-point": { + "resource_type": "access-point", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "access-point": "access-point" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeMountTargets.html" + }, + "DescribeReplicationConfigurations": { + "privilege": "DescribeReplicationConfigurations", + "description": "Grants permission to view the description of an Amazon EFS replication configuration specified by FileSystemId; or to view the description of all replication configurations owned by the caller's AWS account in the AWS region of the endpoint that is being called", + "access_level": "List", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeReplicationConfigurations.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to view the tags associated with a file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_DescribeTags.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to view the tags associated with the specified Amazon EFS resource", + "access_level": "Read", + "resource_types": { + "access-point": { + "resource_type": "access-point", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-point": "access-point", + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_ListTagsForResource.html" + }, + "ModifyMountTargetSecurityGroups": { + "privilege": "ModifyMountTargetSecurityGroups", + "description": "Grants permission to modify the set of security groups in effect for a mount target", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_ModifyMountTargetSecurityGroups.html" + }, + "PutAccountPreferences": { + "privilege": "PutAccountPreferences", + "description": "Grants permission to set the account preferences of an account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutAccountPreferences.html" + }, + "PutBackupPolicy": { + "privilege": "PutBackupPolicy", + "description": "Grants permission to enable or disable automatic backups with AWS Backup by creating a new BackupPolicy object", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutBackupPolicy.html" + }, + "PutFileSystemPolicy": { + "privilege": "PutFileSystemPolicy", + "description": "Grants permission to apply a resource-level policy that defines the actions allowed or denied from given actors for the specified file system", + "access_level": "Permissions management", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutFileSystemPolicy.html" + }, + "PutLifecycleConfiguration": { + "privilege": "PutLifecycleConfiguration", + "description": "Grants permission to enable lifecycle management by creating a new LifecycleConfiguration object", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_PutLifecycleConfiguration.html" + }, + "Restore": { + "privilege": "Restore", + "description": "Grants permission to start a restore job for a backup of a file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/efs-backup-solutions.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to create or overwrite tags associated with the specified Amazon EFS resource", + "access_level": "Tagging", + "resource_types": { + "access-point": { + "resource_type": "access-point", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticfilesystem:CreateAction" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-point": "access-point", + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to delete the specified tags from an Amazon EFS resource", + "access_level": "Tagging", + "resource_types": { + "access-point": { + "resource_type": "access-point", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-point": "access-point", + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_UntagResource.html" + }, + "UpdateFileSystem": { + "privilege": "UpdateFileSystem", + "description": "Grants permission to update the throughput mode or the amount of provisioned throughput of an existing file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/efs/latest/ug/API_UpdateFileSystem.html" + } + }, + "privileges_lower_name": { + "backup": "Backup", + "clientmount": "ClientMount", + "clientrootaccess": "ClientRootAccess", + "clientwrite": "ClientWrite", + "createaccesspoint": "CreateAccessPoint", + "createfilesystem": "CreateFileSystem", + "createmounttarget": "CreateMountTarget", + "createreplicationconfiguration": "CreateReplicationConfiguration", + "createtags": "CreateTags", + "deleteaccesspoint": "DeleteAccessPoint", + "deletefilesystem": "DeleteFileSystem", + "deletefilesystempolicy": "DeleteFileSystemPolicy", + "deletemounttarget": "DeleteMountTarget", + "deletereplicationconfiguration": "DeleteReplicationConfiguration", + "deletetags": "DeleteTags", + "describeaccesspoints": "DescribeAccessPoints", + "describeaccountpreferences": "DescribeAccountPreferences", + "describebackuppolicy": "DescribeBackupPolicy", + "describefilesystempolicy": "DescribeFileSystemPolicy", + "describefilesystems": "DescribeFileSystems", + "describelifecycleconfiguration": "DescribeLifecycleConfiguration", + "describemounttargetsecuritygroups": "DescribeMountTargetSecurityGroups", + "describemounttargets": "DescribeMountTargets", + "describereplicationconfigurations": "DescribeReplicationConfigurations", + "describetags": "DescribeTags", + "listtagsforresource": "ListTagsForResource", + "modifymounttargetsecuritygroups": "ModifyMountTargetSecurityGroups", + "putaccountpreferences": "PutAccountPreferences", + "putbackuppolicy": "PutBackupPolicy", + "putfilesystempolicy": "PutFileSystemPolicy", + "putlifecycleconfiguration": "PutLifecycleConfiguration", + "restore": "Restore", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatefilesystem": "UpdateFileSystem" + }, + "resources": { + "file-system": { + "resource": "file-system", + "arn": "arn:${Partition}:elasticfilesystem:${Region}:${Account}:file-system/${FileSystemId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "access-point": { + "resource": "access-point", + "arn": "arn:${Partition}:elasticfilesystem:${Region}:${Account}:access-point/${AccessPointId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "file-system": "file-system", + "access-point": "access-point" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + }, + "elasticfilesystem:AccessPointArn": { + "condition": "elasticfilesystem:AccessPointArn", + "description": "Filters access by the ARN of the access point used to mount the file system", + "type": "String" + }, + "elasticfilesystem:AccessedViaMountTarget": { + "condition": "elasticfilesystem:AccessedViaMountTarget", + "description": "Filters access by whether the file system is accessed via mount targets", + "type": "Bool" + }, + "elasticfilesystem:CreateAction": { + "condition": "elasticfilesystem:CreateAction", + "description": "Filters access by the name of a resource-creating API action", + "type": "String" + }, + "elasticfilesystem:Encrypted": { + "condition": "elasticfilesystem:Encrypted", + "description": "Filters access by whether users can create only encrypted or unencrypted file systems", + "type": "Bool" + } + } + }, + "elastic-inference": { + "service_name": "Amazon Elastic Inference", + "prefix": "elastic-inference", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticinference.html", + "privileges": { + "Connect": { + "privilege": "Connect", + "description": "Grants permission to customer for connecting to Elastic Inference accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": null + }, + "DescribeAcceleratorOfferings": { + "privilege": "DescribeAcceleratorOfferings", + "description": "Grants permission to describe the locations in which a given accelerator type or set of types is present in a given region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "DescribeAcceleratorTypes": { + "privilege": "DescribeAcceleratorTypes", + "description": "Grants permission to describe the accelerator types available in a given region, as well as their characteristics, such as memory and throughput", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "DescribeAccelerators": { + "privilege": "DescribeAccelerators", + "description": "Grants permission to describe information over a provided set of accelerators belonging to an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags on an Amazon RDS resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign one or more tags (key-value pairs) to the specified QuickSight resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag or tags from a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + } + }, + "privileges_lower_name": { + "connect": "Connect", + "describeacceleratorofferings": "DescribeAcceleratorOfferings", + "describeacceleratortypes": "DescribeAcceleratorTypes", + "describeaccelerators": "DescribeAccelerators", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "accelerator": { + "resource": "accelerator", + "arn": "arn:${Partition}:elastic-inference:${Region}:${Account}:elastic-inference-accelerator/${AcceleratorId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "accelerator": "accelerator" + }, + "conditions": {} + }, + "eks": { + "service_name": "Amazon Elastic Kubernetes Service", + "prefix": "eks", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelastickubernetesservice.html", + "privileges": { + "AccessKubernetesApi": { + "privilege": "AccessKubernetesApi", + "description": "Grants permission to view Kubernetes objects via AWS EKS console", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/userguide/view-workloads.html" + }, + "AssociateEncryptionConfig": { + "privilege": "AssociateEncryptionConfig", + "description": "Grants permission to associate encryption configuration to a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_AssociateEncryptionConfig.html" + }, + "AssociateIdentityProviderConfig": { + "privilege": "AssociateIdentityProviderConfig", + "description": "Grants permission to associate an identity provider configuration to a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "eks:clientId", + "eks:issuerUrl" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_AssociateIdentityProviderConfig.html" + }, + "CreateAddon": { + "privilege": "CreateAddon", + "description": "Grants permission to create an Amazon EKS add-on", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateAddon.html" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create an Amazon EKS cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateCluster.html" + }, + "CreateFargateProfile": { + "privilege": "CreateFargateProfile", + "description": "Grants permission to create an AWS Fargate profile", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateFargateProfile.html" + }, + "CreateNodegroup": { + "privilege": "CreateNodegroup", + "description": "Grants permission to create an Amazon EKS Nodegroup", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateNodegroup.html" + }, + "DeleteAddon": { + "privilege": "DeleteAddon", + "description": "Grants permission to delete an Amazon EKS add-on", + "access_level": "Write", + "resource_types": { + "addon": { + "resource_type": "addon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addon": "addon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteAddon.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permission to delete an Amazon EKS cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteCluster.html" + }, + "DeleteFargateProfile": { + "privilege": "DeleteFargateProfile", + "description": "Grants permission to delete an AWS Fargate profile", + "access_level": "Write", + "resource_types": { + "fargateprofile": { + "resource_type": "fargateprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fargateprofile": "fargateprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteFargateProfile.html" + }, + "DeleteNodegroup": { + "privilege": "DeleteNodegroup", + "description": "Grants permission to delete an Amazon EKS Nodegroup", + "access_level": "Write", + "resource_types": { + "nodegroup": { + "resource_type": "nodegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "nodegroup": "nodegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteNodegroup.html" + }, + "DeregisterCluster": { + "privilege": "DeregisterCluster", + "description": "Grants permission to deregister an External cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeregisterCluster.html" + }, + "DescribeAddon": { + "privilege": "DescribeAddon", + "description": "Grants permission to retrieve descriptive information about an Amazon EKS add-on", + "access_level": "Read", + "resource_types": { + "addon": { + "resource_type": "addon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addon": "addon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddon.html" + }, + "DescribeAddonConfiguration": { + "privilege": "DescribeAddonConfiguration", + "description": "Grants permission to list configuration options about an Amazon EKS add-on", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonConfiguration.html" + }, + "DescribeAddonVersions": { + "privilege": "DescribeAddonVersions", + "description": "Grants permission to retrieve descriptive version information about the add-ons that Amazon EKS Add-ons supports", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html" + }, + "DescribeCluster": { + "privilege": "DescribeCluster", + "description": "Grants permission to retrieve descriptive information about an Amazon EKS cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeCluster.html" + }, + "DescribeFargateProfile": { + "privilege": "DescribeFargateProfile", + "description": "Grants permission to retrieve descriptive information about an AWS Fargate profile associated with a cluster", + "access_level": "Read", + "resource_types": { + "fargateprofile": { + "resource_type": "fargateprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fargateprofile": "fargateprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeFargateProfile.html" + }, + "DescribeIdentityProviderConfig": { + "privilege": "DescribeIdentityProviderConfig", + "description": "Grants permission to retrieve descriptive information about an Idp config associated with a cluster", + "access_level": "Read", + "resource_types": { + "identityproviderconfig": { + "resource_type": "identityproviderconfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identityproviderconfig": "identityproviderconfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeIdentityProviderConfig.html" + }, + "DescribeNodegroup": { + "privilege": "DescribeNodegroup", + "description": "Grants permission to retrieve descriptive information about an Amazon EKS nodegroup", + "access_level": "Read", + "resource_types": { + "nodegroup": { + "resource_type": "nodegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "nodegroup": "nodegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeNodegroup.html" + }, + "DescribeUpdate": { + "privilege": "DescribeUpdate", + "description": "Grants permission to retrieve a given update for a given Amazon EKS cluster/nodegroup/add-on (in the specified or default region)", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "addon": { + "resource_type": "addon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "nodegroup": { + "resource_type": "nodegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "addon": "addon", + "nodegroup": "nodegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeUpdate.html" + }, + "DisassociateIdentityProviderConfig": { + "privilege": "DisassociateIdentityProviderConfig", + "description": "Grants permission to delete an asssociated Idp config", + "access_level": "Write", + "resource_types": { + "identityproviderconfig": { + "resource_type": "identityproviderconfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identityproviderconfig": "identityproviderconfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DisassociateIdentityProviderConfig.html" + }, + "ListAddons": { + "privilege": "ListAddons", + "description": "Grants permission to list the Amazon EKS add-ons in your AWS account (in the specified or default region) for a given cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html" + }, + "ListClusters": { + "privilege": "ListClusters", + "description": "Grants permission to list the Amazon EKS clusters in your AWS account (in the specified or default region)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListClusters.html" + }, + "ListFargateProfiles": { + "privilege": "ListFargateProfiles", + "description": "Grants permission to list the AWS Fargate profiles in your AWS account (in the specified or default region) associated with a given cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListFargateProfiles.html" + }, + "ListIdentityProviderConfigs": { + "privilege": "ListIdentityProviderConfigs", + "description": "Grants permission to list the Idp configs in your AWS account (in the specified or default region) associated with a given cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListIdentityProviderConfigs.html" + }, + "ListNodegroups": { + "privilege": "ListNodegroups", + "description": "Grants permission to list the Amazon EKS nodegroups in your AWS account (in the specified or default region) attached to given cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListNodegroups.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for the specified resource", + "access_level": "Read", + "resource_types": { + "addon": { + "resource_type": "addon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fargateprofile": { + "resource_type": "fargateprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "identityproviderconfig": { + "resource_type": "identityproviderconfig", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "nodegroup": { + "resource_type": "nodegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addon": "addon", + "cluster": "cluster", + "fargateprofile": "fargateprofile", + "identityproviderconfig": "identityproviderconfig", + "nodegroup": "nodegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListTagsForResource.html" + }, + "ListUpdates": { + "privilege": "ListUpdates", + "description": "Grants permission to list the updates for a given Amazon EKS cluster/nodegroup/add-on (in the specified or default region)", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "addon": { + "resource_type": "addon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "nodegroup": { + "resource_type": "nodegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "addon": "addon", + "nodegroup": "nodegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListUpdates.html" + }, + "RegisterCluster": { + "privilege": "RegisterCluster", + "description": "Grants permission to register an External cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_RegisterCluster.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag the specified resource", + "access_level": "Tagging", + "resource_types": { + "addon": { + "resource_type": "addon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fargateprofile": { + "resource_type": "fargateprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "identityproviderconfig": { + "resource_type": "identityproviderconfig", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "nodegroup": { + "resource_type": "nodegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addon": "addon", + "cluster": "cluster", + "fargateprofile": "fargateprofile", + "identityproviderconfig": "identityproviderconfig", + "nodegroup": "nodegroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified resource", + "access_level": "Tagging", + "resource_types": { + "addon": { + "resource_type": "addon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fargateprofile": { + "resource_type": "fargateprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "identityproviderconfig": { + "resource_type": "identityproviderconfig", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "nodegroup": { + "resource_type": "nodegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addon": "addon", + "cluster": "cluster", + "fargateprofile": "fargateprofile", + "identityproviderconfig": "identityproviderconfig", + "nodegroup": "nodegroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UntagResource.html" + }, + "UpdateAddon": { + "privilege": "UpdateAddon", + "description": "Grants permission to update Amazon EKS add-on configurations, such as the VPC-CNI version", + "access_level": "Write", + "resource_types": { + "addon": { + "resource_type": "addon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "addon": "addon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html" + }, + "UpdateClusterConfig": { + "privilege": "UpdateClusterConfig", + "description": "Grants permission to update Amazon EKS cluster configurations (eg: API server endpoint access)", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateClusterConfig.html" + }, + "UpdateClusterVersion": { + "privilege": "UpdateClusterVersion", + "description": "Grants permission to update the Kubernetes version of an Amazon EKS cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateClusterVersion.html" + }, + "UpdateNodegroupConfig": { + "privilege": "UpdateNodegroupConfig", + "description": "Grants permission to update Amazon EKS nodegroup configurations (eg: min/max/desired capacity or labels)", + "access_level": "Write", + "resource_types": { + "nodegroup": { + "resource_type": "nodegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "nodegroup": "nodegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupConfig.html" + }, + "UpdateNodegroupVersion": { + "privilege": "UpdateNodegroupVersion", + "description": "Grants permission to update the Kubernetes version of an Amazon EKS nodegroup", + "access_level": "Write", + "resource_types": { + "nodegroup": { + "resource_type": "nodegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "nodegroup": "nodegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupVersion.html" + } + }, + "privileges_lower_name": { + "accesskubernetesapi": "AccessKubernetesApi", + "associateencryptionconfig": "AssociateEncryptionConfig", + "associateidentityproviderconfig": "AssociateIdentityProviderConfig", + "createaddon": "CreateAddon", + "createcluster": "CreateCluster", + "createfargateprofile": "CreateFargateProfile", + "createnodegroup": "CreateNodegroup", + "deleteaddon": "DeleteAddon", + "deletecluster": "DeleteCluster", + "deletefargateprofile": "DeleteFargateProfile", + "deletenodegroup": "DeleteNodegroup", + "deregistercluster": "DeregisterCluster", + "describeaddon": "DescribeAddon", + "describeaddonconfiguration": "DescribeAddonConfiguration", + "describeaddonversions": "DescribeAddonVersions", + "describecluster": "DescribeCluster", + "describefargateprofile": "DescribeFargateProfile", + "describeidentityproviderconfig": "DescribeIdentityProviderConfig", + "describenodegroup": "DescribeNodegroup", + "describeupdate": "DescribeUpdate", + "disassociateidentityproviderconfig": "DisassociateIdentityProviderConfig", + "listaddons": "ListAddons", + "listclusters": "ListClusters", + "listfargateprofiles": "ListFargateProfiles", + "listidentityproviderconfigs": "ListIdentityProviderConfigs", + "listnodegroups": "ListNodegroups", + "listtagsforresource": "ListTagsForResource", + "listupdates": "ListUpdates", + "registercluster": "RegisterCluster", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaddon": "UpdateAddon", + "updateclusterconfig": "UpdateClusterConfig", + "updateclusterversion": "UpdateClusterVersion", + "updatenodegroupconfig": "UpdateNodegroupConfig", + "updatenodegroupversion": "UpdateNodegroupVersion" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:eks:${Region}:${Account}:cluster/${ClusterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "nodegroup": { + "resource": "nodegroup", + "arn": "arn:${Partition}:eks:${Region}:${Account}:nodegroup/${ClusterName}/${NodegroupName}/${UUID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "addon": { + "resource": "addon", + "arn": "arn:${Partition}:eks:${Region}:${Account}:addon/${ClusterName}/${AddonName}/${UUID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "fargateprofile": { + "resource": "fargateprofile", + "arn": "arn:${Partition}:eks:${Region}:${Account}:fargateprofile/${ClusterName}/${FargateProfileName}/${UUID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "identityproviderconfig": { + "resource": "identityproviderconfig", + "arn": "arn:${Partition}:eks:${Region}:${Account}:identityproviderconfig/${ClusterName}/${IdentityProviderType}/${IdentityProviderConfigName}/${UUID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "nodegroup": "nodegroup", + "addon": "addon", + "fargateprofile": "fargateprofile", + "identityproviderconfig": "identityproviderconfig" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a key that is present in the request the user makes to the EKS service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names present in the request the user makes to the EKS service", + "type": "ArrayOfString" + }, + "eks:clientId": { + "condition": "eks:clientId", + "description": "Filters access by the clientId present in the associateIdentityProviderConfig request the user makes to the EKS service", + "type": "String" + }, + "eks:issuerUrl": { + "condition": "eks:issuerUrl", + "description": "Filters access by the issuerUrl present in the associateIdentityProviderConfig request the user makes to the EKS service", + "type": "String" + } + } + }, + "elasticmapreduce": { + "service_name": "Amazon Elastic MapReduce", + "prefix": "elasticmapreduce", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticmapreduce.html", + "privileges": { + "AddInstanceFleet": { + "privilege": "AddInstanceFleet", + "description": "Grants permission to add an instance fleet to a running cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddInstanceFleet.html" + }, + "AddInstanceGroups": { + "privilege": "AddInstanceGroups", + "description": "Grants permission to add instance groups to a running cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddInstanceGroups.html" + }, + "AddJobFlowSteps": { + "privilege": "AddJobFlowSteps", + "description": "Grants permission to add new steps to a running cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticmapreduce:ExecutionRoleArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddJobFlowSteps.html" + }, + "AddTags": { + "privilege": "AddTags", + "description": "Grants permission to add tags to an Amazon EMR resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "editor": { + "resource_type": "editor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "notebook-execution": { + "resource_type": "notebook-execution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio": { + "resource_type": "studio", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticmapreduce:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "editor": "editor", + "notebook-execution": "notebook-execution", + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_AddTags.html" + }, + "AttachEditor": { + "privilege": "AttachEditor", + "description": "Grants permission to attach an EMR notebook to a compute engine", + "access_level": "Write", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "CancelSteps": { + "privilege": "CancelSteps", + "description": "Grants permission to cancel a pending step or steps in a running cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_CancelSteps.html" + }, + "CreateEditor": { + "privilege": "CreateEditor", + "description": "Grants permission to create an EMR notebook", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticmapreduce:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-create.html" + }, + "CreatePersistentAppUI": { + "privilege": "CreatePersistentAppUI", + "description": "Grants permission to create a persistent application history server", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" + }, + "CreateRepository": { + "privilege": "CreateRepository", + "description": "Grants permission to create an EMR notebook repository", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "CreateSecurityConfiguration": { + "privilege": "CreateSecurityConfiguration", + "description": "Grants permission to create a security configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_CreateSecurityConfiguration.html" + }, + "CreateStudio": { + "privilege": "CreateStudio", + "description": "Grants permission to create an EMR Studio", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticmapreduce:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "CreateStudioPresignedUrl": { + "privilege": "CreateStudioPresignedUrl", + "description": "Grants permission to launch an EMR Studio using IAM authentication mode", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "CreateStudioSessionMapping": { + "privilege": "CreateStudioSessionMapping", + "description": "Grants permission to create an EMR Studio session mapping", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "DeleteEditor": { + "privilege": "DeleteEditor", + "description": "Grants permission to delete an EMR notebook", + "access_level": "Write", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-deleting" + }, + "DeleteRepository": { + "privilege": "DeleteRepository", + "description": "Grants permission to delete an EMR notebook repository", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "DeleteSecurityConfiguration": { + "privilege": "DeleteSecurityConfiguration", + "description": "Grants permission to delete a security configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DeleteSecurityConfiguration.html" + }, + "DeleteStudio": { + "privilege": "DeleteStudio", + "description": "Grants permission to delete an EMR Studio", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "DeleteStudioSessionMapping": { + "privilege": "DeleteStudioSessionMapping", + "description": "Grants permission to delete an EMR Studio session mapping", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "DeleteWorkspaceAccess": { + "privilege": "DeleteWorkspaceAccess", + "description": "Grants permission to block an identity from opening a collaborative workspace", + "access_level": "Permissions management", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "DescribeCluster": { + "privilege": "DescribeCluster", + "description": "Grants permission to get details about a cluster, including status, hardware and software configuration, VPC settings, and so on", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeCluster.html" + }, + "DescribeEditor": { + "privilege": "DescribeEditor", + "description": "Grants permission to view information about a notebook, including status, user, role, tags, location, and more", + "access_level": "Read", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "DescribeJobFlows": { + "privilege": "DescribeJobFlows", + "description": "Grants permission to describe details of clusters (job flows). This API is deprecated and will eventually be removed. We recommend you use ListClusters, DescribeCluster, ListSteps, ListInstanceGroups and ListBootstrapActions instead", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeJobFlows.html" + }, + "DescribeNotebookExecution": { + "privilege": "DescribeNotebookExecution", + "description": "Grants permission to view information about a notebook execution", + "access_level": "Read", + "resource_types": { + "notebook-execution": { + "resource_type": "notebook-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-execution": "notebook-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" + }, + "DescribePersistentAppUI": { + "privilege": "DescribePersistentAppUI", + "description": "Grants permission to describe a persistent application history server", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" + }, + "DescribeReleaseLabel": { + "privilege": "DescribeReleaseLabel", + "description": "Grants permission to view information about an EMR release, such as which applications are supported", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeReleaseLabel.html" + }, + "DescribeRepository": { + "privilege": "DescribeRepository", + "description": "Grants permission to describe an EMR notebook repository", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "DescribeSecurityConfiguration": { + "privilege": "DescribeSecurityConfiguration", + "description": "Grants permission to get details of a security configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeSecurityConfiguration.html" + }, + "DescribeStep": { + "privilege": "DescribeStep", + "description": "Grants permission to get details about a cluster step", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_DescribeStep.html" + }, + "DescribeStudio": { + "privilege": "DescribeStudio", + "description": "Grants permission to view information about an EMR Studio", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "DetachEditor": { + "privilege": "DetachEditor", + "description": "Grants permission to detach an EMR notebook from a compute engine", + "access_level": "Write", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "GetAutoTerminationPolicy": { + "privilege": "GetAutoTerminationPolicy", + "description": "Grants permission to retrieve the auto-termination policy associated with a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_GetAutoTerminationPolicy.html" + }, + "GetBlockPublicAccessConfiguration": { + "privilege": "GetBlockPublicAccessConfiguration", + "description": "Grants permission to retrieve the EMR block public access configuration for the AWS account in the Region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_GetBlockPublicAccessConfiguration.html" + }, + "GetClusterSessionCredentials": { + "privilege": "GetClusterSessionCredentials", + "description": "Grants permission to retrieve HTTP basic credentials associated with a given execution IAM Role for a fine-grained access control enabled EMR Cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticmapreduce:ExecutionRoleArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-steps-runtime-roles.html" + }, + "GetManagedScalingPolicy": { + "privilege": "GetManagedScalingPolicy", + "description": "Grants permission to retrieve the managed scaling policy associated with a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_GetManagedScalingPolicy.html" + }, + "GetOnClusterAppUIPresignedURL": { + "privilege": "GetOnClusterAppUIPresignedURL", + "description": "Grants permission to get a presigned URL for an application history server running on the cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" + }, + "GetPersistentAppUIPresignedURL": { + "privilege": "GetPersistentAppUIPresignedURL", + "description": "Grants permission to get a presigned URL for a persistent application history server", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-debug.html" + }, + "GetStudioSessionMapping": { + "privilege": "GetStudioSessionMapping", + "description": "Grants permission to view information about an EMR Studio session mapping", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "LinkRepository": { + "privilege": "LinkRepository", + "description": "Grants permission to link an EMR notebook repository to EMR notebooks", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "ListBootstrapActions": { + "privilege": "ListBootstrapActions", + "description": "Grants permission to get details about the bootstrap actions associated with a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListBootstrapActions.html" + }, + "ListClusters": { + "privilege": "ListClusters", + "description": "Grants permission to get the status of accessible clusters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListClusters.html" + }, + "ListEditors": { + "privilege": "ListEditors", + "description": "Grants permission to list summary information for accessible EMR notebooks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "ListInstanceFleets": { + "privilege": "ListInstanceFleets", + "description": "Grants permission to get details of instance fleets in a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListInstanceFleets.html" + }, + "ListInstanceGroups": { + "privilege": "ListInstanceGroups", + "description": "Grants permission to get details of instance groups in a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListInstanceGroups.html" + }, + "ListInstances": { + "privilege": "ListInstances", + "description": "Grants permission to get details about the Amazon EC2 instances in a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListInstances.html" + }, + "ListNotebookExecutions": { + "privilege": "ListNotebookExecutions", + "description": "Grants permission to list summary information for notebook executions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" + }, + "ListReleaseLabels": { + "privilege": "ListReleaseLabels", + "description": "Grants permission to list and filter the available EMR releases in the current region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListReleaseLabels.html" + }, + "ListRepositories": { + "privilege": "ListRepositories", + "description": "Grants permission to list existing EMR notebook repositories", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "ListSecurityConfigurations": { + "privilege": "ListSecurityConfigurations", + "description": "Grants permission to list available security configurations in this account by name, along with creation dates and times", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListSecurityConfigurations.html" + }, + "ListSteps": { + "privilege": "ListSteps", + "description": "Grants permission to list steps associated with a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListSteps.html" + }, + "ListStudioSessionMappings": { + "privilege": "ListStudioSessionMappings", + "description": "Grants permission to list summary information about EMR Studio session mappings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "ListStudios": { + "privilege": "ListStudios", + "description": "Grants permission to list summary information about EMR Studios", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "ListSupportedInstanceTypes": { + "privilege": "ListSupportedInstanceTypes", + "description": "Grants permission to list the Amazon EC2 instance types that an Amazon EMR release supports", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ListSupportedInstanceTypes.html" + }, + "ListWorkspaceAccessIdentities": { + "privilege": "ListWorkspaceAccessIdentities", + "description": "Grants permission to list identities that are granted access to a workspace", + "access_level": "List", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "ModifyCluster": { + "privilege": "ModifyCluster", + "description": "Grants permission to change cluster settings such as number of steps that can be executed concurrently for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ModifyCluster.html" + }, + "ModifyInstanceFleet": { + "privilege": "ModifyInstanceFleet", + "description": "Grants permission to change the target On-Demand and target Spot capacities for a instance fleet", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ModifyInstanceFleet.html" + }, + "ModifyInstanceGroups": { + "privilege": "ModifyInstanceGroups", + "description": "Grants permission to change the number and configuration of EC2 instances for an instance group", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_ModifyInstanceGroups.html" + }, + "OpenEditorInConsole": { + "privilege": "OpenEditorInConsole", + "description": "Grants permission to launch the Jupyter notebook editor for an EMR notebook from within the console", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "PutAutoScalingPolicy": { + "privilege": "PutAutoScalingPolicy", + "description": "Grants permission to create or update an automatic scaling policy for a core instance group or task instance group", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutAutoScalingPolicy.html" + }, + "PutAutoTerminationPolicy": { + "privilege": "PutAutoTerminationPolicy", + "description": "Grants permission to create or update the auto-termination policy associated with a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutAutoTerminationPolicy.html" + }, + "PutBlockPublicAccessConfiguration": { + "privilege": "PutBlockPublicAccessConfiguration", + "description": "Grants permission to create or update the EMR block public access configuration for the AWS account in the Region", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutBlockPublicAccessConfiguration.html" + }, + "PutManagedScalingPolicy": { + "privilege": "PutManagedScalingPolicy", + "description": "Grants permission to create or update the managed scaling policy associated with a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_PutManagedScalingPolicy.html" + }, + "PutWorkspaceAccess": { + "privilege": "PutWorkspaceAccess", + "description": "Grants permission to allow an identity to open a collaborative workspace", + "access_level": "Permissions management", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "RemoveAutoScalingPolicy": { + "privilege": "RemoveAutoScalingPolicy", + "description": "Grants permission to remove an automatic scaling policy from an instance group", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveAutoScalingPolicy.html" + }, + "RemoveAutoTerminationPolicy": { + "privilege": "RemoveAutoTerminationPolicy", + "description": "Grants permission to remove the auto-termination policy associated with a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveAutoTerminationPolicy.html" + }, + "RemoveManagedScalingPolicy": { + "privilege": "RemoveManagedScalingPolicy", + "description": "Grants permission to remove the managed scaling policy associated with a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveManagedScalingPolicy.html" + }, + "RemoveTags": { + "privilege": "RemoveTags", + "description": "Grants permission to remove tags from an Amazon EMR resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "editor": { + "resource_type": "editor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "notebook-execution": { + "resource_type": "notebook-execution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio": { + "resource_type": "studio", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "editor": "editor", + "notebook-execution": "notebook-execution", + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RemoveTags.html" + }, + "RunJobFlow": { + "privilege": "RunJobFlow", + "description": "Grants permission to create and launch a cluster (job flow)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticmapreduce:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_RunJobFlow.html" + }, + "SetTerminationProtection": { + "privilege": "SetTerminationProtection", + "description": "Grants permission to add and remove termination protection for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_SetTerminationProtection.html" + }, + "SetVisibleToAllUsers": { + "privilege": "SetVisibleToAllUsers", + "description": "Grants permission to set whether all AWS Identity and Access Management (IAM) users in the AWS account can view a cluster. This API is deprecated and your cluster may be visible to all users in your account. To restrict cluster access using an IAM policy, see AWS Identity and Access Management for Amazon EMR (https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-access-iam.html)", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_SetVisibleToAllUsers.html" + }, + "StartEditor": { + "privilege": "StartEditor", + "description": "Grants permission to start an EMR notebook", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "StartNotebookExecution": { + "privilege": "StartNotebookExecution", + "description": "Grants permission to start an EMR notebook execution", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "elasticmapreduce:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "editor": "editor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" + }, + "StopEditor": { + "privilege": "StopEditor", + "description": "Grants permission to shut down an EMR notebook", + "access_level": "Write", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html" + }, + "StopNotebookExecution": { + "privilege": "StopNotebookExecution", + "description": "Grants permission to stop notebook execution", + "access_level": "Write", + "resource_types": { + "notebook-execution": { + "resource_type": "notebook-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-execution": "notebook-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-headless.html" + }, + "TerminateJobFlows": { + "privilege": "TerminateJobFlows", + "description": "Grants permission to terminate a cluster (job flow)", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/APIReference/API_TerminateJobFlows.html" + }, + "UnlinkRepository": { + "privilege": "UnlinkRepository", + "description": "Grants permission to unlink an EMR notebook repository from EMR notebooks", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "UpdateEditor": { + "privilege": "UpdateEditor", + "description": "Grants permission to update an EMR notebook", + "access_level": "Write", + "resource_types": { + "editor": { + "resource_type": "editor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "editor": "editor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks-working-with.html" + }, + "UpdateRepository": { + "privilege": "UpdateRepository", + "description": "Grants permission to update an EMR notebook repository", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html#emr-managed-notebooks-editor" + }, + "UpdateStudio": { + "privilege": "UpdateStudio", + "description": "Grants permission to update information about an EMR Studio", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "UpdateStudioSessionMapping": { + "privilege": "UpdateStudioSessionMapping", + "description": "Grants permission to update an EMR Studio session mapping", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio.html" + }, + "ViewEventsFromAllClustersInConsole": { + "privilege": "ViewEventsFromAllClustersInConsole", + "description": "Grants permission to use the EMR console to view events from all clusters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticmapreduce.html" + } + }, + "privileges_lower_name": { + "addinstancefleet": "AddInstanceFleet", + "addinstancegroups": "AddInstanceGroups", + "addjobflowsteps": "AddJobFlowSteps", + "addtags": "AddTags", + "attacheditor": "AttachEditor", + "cancelsteps": "CancelSteps", + "createeditor": "CreateEditor", + "createpersistentappui": "CreatePersistentAppUI", + "createrepository": "CreateRepository", + "createsecurityconfiguration": "CreateSecurityConfiguration", + "createstudio": "CreateStudio", + "createstudiopresignedurl": "CreateStudioPresignedUrl", + "createstudiosessionmapping": "CreateStudioSessionMapping", + "deleteeditor": "DeleteEditor", + "deleterepository": "DeleteRepository", + "deletesecurityconfiguration": "DeleteSecurityConfiguration", + "deletestudio": "DeleteStudio", + "deletestudiosessionmapping": "DeleteStudioSessionMapping", + "deleteworkspaceaccess": "DeleteWorkspaceAccess", + "describecluster": "DescribeCluster", + "describeeditor": "DescribeEditor", + "describejobflows": "DescribeJobFlows", + "describenotebookexecution": "DescribeNotebookExecution", + "describepersistentappui": "DescribePersistentAppUI", + "describereleaselabel": "DescribeReleaseLabel", + "describerepository": "DescribeRepository", + "describesecurityconfiguration": "DescribeSecurityConfiguration", + "describestep": "DescribeStep", + "describestudio": "DescribeStudio", + "detacheditor": "DetachEditor", + "getautoterminationpolicy": "GetAutoTerminationPolicy", + "getblockpublicaccessconfiguration": "GetBlockPublicAccessConfiguration", + "getclustersessioncredentials": "GetClusterSessionCredentials", + "getmanagedscalingpolicy": "GetManagedScalingPolicy", + "getonclusterappuipresignedurl": "GetOnClusterAppUIPresignedURL", + "getpersistentappuipresignedurl": "GetPersistentAppUIPresignedURL", + "getstudiosessionmapping": "GetStudioSessionMapping", + "linkrepository": "LinkRepository", + "listbootstrapactions": "ListBootstrapActions", + "listclusters": "ListClusters", + "listeditors": "ListEditors", + "listinstancefleets": "ListInstanceFleets", + "listinstancegroups": "ListInstanceGroups", + "listinstances": "ListInstances", + "listnotebookexecutions": "ListNotebookExecutions", + "listreleaselabels": "ListReleaseLabels", + "listrepositories": "ListRepositories", + "listsecurityconfigurations": "ListSecurityConfigurations", + "liststeps": "ListSteps", + "liststudiosessionmappings": "ListStudioSessionMappings", + "liststudios": "ListStudios", + "listsupportedinstancetypes": "ListSupportedInstanceTypes", + "listworkspaceaccessidentities": "ListWorkspaceAccessIdentities", + "modifycluster": "ModifyCluster", + "modifyinstancefleet": "ModifyInstanceFleet", + "modifyinstancegroups": "ModifyInstanceGroups", + "openeditorinconsole": "OpenEditorInConsole", + "putautoscalingpolicy": "PutAutoScalingPolicy", + "putautoterminationpolicy": "PutAutoTerminationPolicy", + "putblockpublicaccessconfiguration": "PutBlockPublicAccessConfiguration", + "putmanagedscalingpolicy": "PutManagedScalingPolicy", + "putworkspaceaccess": "PutWorkspaceAccess", + "removeautoscalingpolicy": "RemoveAutoScalingPolicy", + "removeautoterminationpolicy": "RemoveAutoTerminationPolicy", + "removemanagedscalingpolicy": "RemoveManagedScalingPolicy", + "removetags": "RemoveTags", + "runjobflow": "RunJobFlow", + "setterminationprotection": "SetTerminationProtection", + "setvisibletoallusers": "SetVisibleToAllUsers", + "starteditor": "StartEditor", + "startnotebookexecution": "StartNotebookExecution", + "stopeditor": "StopEditor", + "stopnotebookexecution": "StopNotebookExecution", + "terminatejobflows": "TerminateJobFlows", + "unlinkrepository": "UnlinkRepository", + "updateeditor": "UpdateEditor", + "updaterepository": "UpdateRepository", + "updatestudio": "UpdateStudio", + "updatestudiosessionmapping": "UpdateStudioSessionMapping", + "vieweventsfromallclustersinconsole": "ViewEventsFromAllClustersInConsole" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:cluster/${ClusterId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticmapreduce:ResourceTag/${TagKey}" + ] + }, + "editor": { + "resource": "editor", + "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:editor/${EditorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticmapreduce:ResourceTag/${TagKey}" + ] + }, + "notebook-execution": { + "resource": "notebook-execution", + "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:notebook-execution/${NotebookExecutionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticmapreduce:ResourceTag/${TagKey}" + ] + }, + "studio": { + "resource": "studio", + "arn": "arn:${Partition}:elasticmapreduce:${Region}:${Account}:studio/${StudioId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticmapreduce:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "editor": "editor", + "notebook-execution": "notebook-execution", + "studio": "studio" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by whether the tag and value pair is provided with the action", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag and value pair associated with an Amazon EMR resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by whether the tag keys are provided with the action regardless of tag value", + "type": "ArrayOfString" + }, + "elasticmapreduce:ExecutionRoleArn": { + "condition": "elasticmapreduce:ExecutionRoleArn", + "description": "Filters access by whether the execution role ARN is provided with the action", + "type": "String" + }, + "elasticmapreduce:RequestTag/${TagKey}": { + "condition": "elasticmapreduce:RequestTag/${TagKey}", + "description": "Filters access by whether the tag and value pair is provided with the action", + "type": "String" + }, + "elasticmapreduce:ResourceTag/${TagKey}": { + "condition": "elasticmapreduce:ResourceTag/${TagKey}", + "description": "Filters access by the tag and value pair associated with an Amazon EMR resource", + "type": "String" + } + } + }, + "elastictranscoder": { + "service_name": "Amazon Elastic Transcoder", + "prefix": "elastictranscoder", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelastictranscoder.html", + "privileges": { + "CancelJob": { + "privilege": "CancelJob", + "description": "Cancel a job that Elastic Transcoder has not begun to process", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/cancel-job.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Create a job", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "preset": { + "resource_type": "preset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline", + "preset": "preset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/create-job.html" + }, + "CreatePipeline": { + "privilege": "CreatePipeline", + "description": "Create a pipeline", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/create-pipeline.html" + }, + "CreatePreset": { + "privilege": "CreatePreset", + "description": "Create a preset", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/create-preset.html" + }, + "DeletePipeline": { + "privilege": "DeletePipeline", + "description": "Delete a pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/delete-pipeline.html" + }, + "DeletePreset": { + "privilege": "DeletePreset", + "description": "Delete a preset", + "access_level": "Write", + "resource_types": { + "preset": { + "resource_type": "preset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "preset": "preset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/delete-preset.html" + }, + "ListJobsByPipeline": { + "privilege": "ListJobsByPipeline", + "description": "Get a list of the jobs that you assigned to a pipeline", + "access_level": "List", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-jobs-by-pipeline.html" + }, + "ListJobsByStatus": { + "privilege": "ListJobsByStatus", + "description": "Get information about all of the jobs associated with the current AWS account that have a specified status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-jobs-by-status.html" + }, + "ListPipelines": { + "privilege": "ListPipelines", + "description": "Get a list of the pipelines associated with the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-pipelines.html" + }, + "ListPresets": { + "privilege": "ListPresets", + "description": "Get a list of all presets associated with the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/list-presets.html" + }, + "ReadJob": { + "privilege": "ReadJob", + "description": "Get detailed information about a job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/get-job.html" + }, + "ReadPipeline": { + "privilege": "ReadPipeline", + "description": "Get detailed information about a pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/get-pipeline.html" + }, + "ReadPreset": { + "privilege": "ReadPreset", + "description": "Get detailed information about a preset", + "access_level": "Read", + "resource_types": { + "preset": { + "resource_type": "preset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "preset": "preset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/get-preset.html" + }, + "TestRole": { + "privilege": "TestRole", + "description": "Test the settings for a pipeline to ensure that Elastic Transcoder can create and process jobs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/test-pipeline-role.html" + }, + "UpdatePipeline": { + "privilege": "UpdatePipeline", + "description": "Update settings for a pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/update-pipeline.html" + }, + "UpdatePipelineNotifications": { + "privilege": "UpdatePipelineNotifications", + "description": "Update only Amazon Simple Notification Service (Amazon SNS) notifications for a pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/update-pipeline-notifications.html" + }, + "UpdatePipelineStatus": { + "privilege": "UpdatePipelineStatus", + "description": "Pause or reactivate a pipeline, so the pipeline stops or restarts processing jobs, update the status for the pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elastictranscoder/latest/developerguide/update-pipeline-status.html" + } + }, + "privileges_lower_name": { + "canceljob": "CancelJob", + "createjob": "CreateJob", + "createpipeline": "CreatePipeline", + "createpreset": "CreatePreset", + "deletepipeline": "DeletePipeline", + "deletepreset": "DeletePreset", + "listjobsbypipeline": "ListJobsByPipeline", + "listjobsbystatus": "ListJobsByStatus", + "listpipelines": "ListPipelines", + "listpresets": "ListPresets", + "readjob": "ReadJob", + "readpipeline": "ReadPipeline", + "readpreset": "ReadPreset", + "testrole": "TestRole", + "updatepipeline": "UpdatePipeline", + "updatepipelinenotifications": "UpdatePipelineNotifications", + "updatepipelinestatus": "UpdatePipelineStatus" + }, + "resources": { + "job": { + "resource": "job", + "arn": "arn:${Partition}:elastictranscoder:${Region}:${Account}:job/${JobId}", + "condition_keys": [] + }, + "pipeline": { + "resource": "pipeline", + "arn": "arn:${Partition}:elastictranscoder:${Region}:${Account}:pipeline/${PipelineId}", + "condition_keys": [] + }, + "preset": { + "resource": "preset", + "arn": "arn:${Partition}:elastictranscoder:${Region}:${Account}:preset/${PresetId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "job": "job", + "pipeline": "pipeline", + "preset": "preset" + }, + "conditions": {} + }, + "emr-containers": { + "service_name": "Amazon EMR on EKS (EMR Containers)", + "prefix": "emr-containers", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemroneksemrcontainers.html", + "privileges": { + "CancelJobRun": { + "privilege": "CancelJobRun", + "description": "Grants permission to cancel a job run", + "access_level": "Write", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CancelJobRun.html" + }, + "CreateJobTemplate": { + "privilege": "CreateJobTemplate", + "description": "Grants permission to create a job template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CreateJobTemplate.html" + }, + "CreateManagedEndpoint": { + "privilege": "CreateManagedEndpoint", + "description": "Grants permission to create a managed endpoint", + "access_level": "Write", + "resource_types": { + "virtualCluster": { + "resource_type": "virtualCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "emr-containers:ExecutionRoleArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualcluster": "virtualCluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CreateManagedEndpoint.html" + }, + "CreateVirtualCluster": { + "privilege": "CreateVirtualCluster", + "description": "Grants permission to create a virtual cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_CreateVirtualCluster.html" + }, + "DeleteJobTemplate": { + "privilege": "DeleteJobTemplate", + "description": "Grants permission to delete a job template", + "access_level": "Write", + "resource_types": { + "jobTemplate": { + "resource_type": "jobTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "jobTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DeleteJobTemplate.html" + }, + "DeleteManagedEndpoint": { + "privilege": "DeleteManagedEndpoint", + "description": "Grants permission to delete a managed endpoint", + "access_level": "Write", + "resource_types": { + "managedEndpoint": { + "resource_type": "managedEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managedendpoint": "managedEndpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DeleteManagedEndpoint.html" + }, + "DeleteVirtualCluster": { + "privilege": "DeleteVirtualCluster", + "description": "Grants permission to delete a virtual cluster", + "access_level": "Write", + "resource_types": { + "virtualCluster": { + "resource_type": "virtualCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualcluster": "virtualCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DeleteVirtualCluster.html" + }, + "DescribeJobRun": { + "privilege": "DescribeJobRun", + "description": "Grants permission to describe a job run", + "access_level": "Read", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeJobRun.html" + }, + "DescribeJobTemplate": { + "privilege": "DescribeJobTemplate", + "description": "Grants permission to describe a job template", + "access_level": "Read", + "resource_types": { + "jobTemplate": { + "resource_type": "jobTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "jobTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeJobTemplate.html" + }, + "DescribeManagedEndpoint": { + "privilege": "DescribeManagedEndpoint", + "description": "Grants permission to describe a managed endpoint", + "access_level": "Read", + "resource_types": { + "managedEndpoint": { + "resource_type": "managedEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managedendpoint": "managedEndpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeManagedEndpoint.html" + }, + "DescribeVirtualCluster": { + "privilege": "DescribeVirtualCluster", + "description": "Grants permission to describe a virtual cluster", + "access_level": "Read", + "resource_types": { + "virtualCluster": { + "resource_type": "virtualCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualcluster": "virtualCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_DescribeVirtualCluster.html" + }, + "GetManagedEndpointSessionCredentials": { + "privilege": "GetManagedEndpointSessionCredentials", + "description": "Grants permission to generate a session token used to connect to a managed endpoint", + "access_level": "Write", + "resource_types": { + "managedEndpoint": { + "resource_type": "managedEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managedendpoint": "managedEndpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_GetManagedEndpointSessionCredentials.html" + }, + "ListJobRuns": { + "privilege": "ListJobRuns", + "description": "Grants permission to list job runs associated with a virtual cluster", + "access_level": "List", + "resource_types": { + "virtualCluster": { + "resource_type": "virtualCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualcluster": "virtualCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListJobRuns.html" + }, + "ListJobTemplates": { + "privilege": "ListJobTemplates", + "description": "Grants permission to list job templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListJobTemplates.html" + }, + "ListManagedEndpoints": { + "privilege": "ListManagedEndpoints", + "description": "Grants permission to list managed endpoints associated with a virtual cluster", + "access_level": "List", + "resource_types": { + "virtualCluster": { + "resource_type": "virtualCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualcluster": "virtualCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListManagedEndpoints.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for the specified resource", + "access_level": "List", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobTemplate": { + "resource_type": "jobTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managedEndpoint": { + "resource_type": "managedEndpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualCluster": { + "resource_type": "virtualCluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun", + "jobtemplate": "jobTemplate", + "managedendpoint": "managedEndpoint", + "virtualcluster": "virtualCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListTagsForResource.html" + }, + "ListVirtualClusters": { + "privilege": "ListVirtualClusters", + "description": "Grants permission to list virtual clusters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_ListVirtualClusters.html" + }, + "StartJobRun": { + "privilege": "StartJobRun", + "description": "Grants permission to start a job run", + "access_level": "Write", + "resource_types": { + "virtualCluster": { + "resource_type": "virtualCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "emr-containers:ExecutionRoleArn", + "emr-containers:JobTemplateArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualcluster": "virtualCluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_StartJobRun.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag the specified resource", + "access_level": "Tagging", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobTemplate": { + "resource_type": "jobTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managedEndpoint": { + "resource_type": "managedEndpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualCluster": { + "resource_type": "virtualCluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun", + "jobtemplate": "jobTemplate", + "managedendpoint": "managedEndpoint", + "virtualcluster": "virtualCluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified resource", + "access_level": "Tagging", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobTemplate": { + "resource_type": "jobTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managedEndpoint": { + "resource_type": "managedEndpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualCluster": { + "resource_type": "virtualCluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun", + "jobtemplate": "jobTemplate", + "managedendpoint": "managedEndpoint", + "virtualcluster": "virtualCluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-on-eks/latest/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "canceljobrun": "CancelJobRun", + "createjobtemplate": "CreateJobTemplate", + "createmanagedendpoint": "CreateManagedEndpoint", + "createvirtualcluster": "CreateVirtualCluster", + "deletejobtemplate": "DeleteJobTemplate", + "deletemanagedendpoint": "DeleteManagedEndpoint", + "deletevirtualcluster": "DeleteVirtualCluster", + "describejobrun": "DescribeJobRun", + "describejobtemplate": "DescribeJobTemplate", + "describemanagedendpoint": "DescribeManagedEndpoint", + "describevirtualcluster": "DescribeVirtualCluster", + "getmanagedendpointsessioncredentials": "GetManagedEndpointSessionCredentials", + "listjobruns": "ListJobRuns", + "listjobtemplates": "ListJobTemplates", + "listmanagedendpoints": "ListManagedEndpoints", + "listtagsforresource": "ListTagsForResource", + "listvirtualclusters": "ListVirtualClusters", + "startjobrun": "StartJobRun", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "virtualCluster": { + "resource": "virtualCluster", + "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/virtualclusters/${VirtualClusterId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "jobRun": { + "resource": "jobRun", + "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/virtualclusters/${VirtualClusterId}/jobruns/${JobRunId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "jobTemplate": { + "resource": "jobTemplate", + "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/jobtemplates/${JobTemplateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "managedEndpoint": { + "resource": "managedEndpoint", + "arn": "arn:${Partition}:emr-containers:${Region}:${Account}:/virtualclusters/${VirtualClusterId}/endpoints/${EndpointId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "virtualcluster": "virtualCluster", + "jobrun": "jobRun", + "jobtemplate": "jobTemplate", + "managedendpoint": "managedEndpoint" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs present in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys present in the request", + "type": "ArrayOfString" + }, + "emr-containers:ExecutionRoleArn": { + "condition": "emr-containers:ExecutionRoleArn", + "description": "Filters access by the execution role arn present in the request", + "type": "String" + }, + "emr-containers:JobTemplateArn": { + "condition": "emr-containers:JobTemplateArn", + "description": "Filters access by the job template arn present in the request", + "type": "String" + } + } + }, + "emr-serverless": { + "service_name": "Amazon EMR Serverless", + "prefix": "emr-serverless", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonemrserverless.html", + "privileges": { + "CancelJobRun": { + "privilege": "CancelJobRun", + "description": "Grants permission to cancel a job run", + "access_level": "Write", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_CancelJobRun.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an Application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_CreateApplication.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_DeleteApplication.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to get application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html" + }, + "GetDashboardForJobRun": { + "privilege": "GetDashboardForJobRun", + "description": "Grants permission to get job run dashboard", + "access_level": "Read", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetDashboardForJobRun.html" + }, + "GetJobRun": { + "privilege": "GetJobRun", + "description": "Grants permission to get a job run", + "access_level": "Read", + "resource_types": { + "jobRun": { + "resource_type": "jobRun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobrun": "jobRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetJobRun.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_ListApplications.html" + }, + "ListJobRuns": { + "privilege": "ListJobRuns", + "description": "Grants permission to list job runs associated with an application", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_ListJobRuns.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for the specified resource", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobRun": { + "resource_type": "jobRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "jobrun": "jobRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_ListTagsForResource.html" + }, + "StartApplication": { + "privilege": "StartApplication", + "description": "Grants permission to Start an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_StartApplication.html" + }, + "StartJobRun": { + "privilege": "StartJobRun", + "description": "Grants permission to start a job run", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_StartJobRun.html" + }, + "StopApplication": { + "privilege": "StopApplication", + "description": "Grants permission to Stop an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_StopApplication.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag the specified resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobRun": { + "resource_type": "jobRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "jobrun": "jobRun", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobRun": { + "resource_type": "jobRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "jobrun": "jobRun", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to Update an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_UpdateApplication.html" + } + }, + "privileges_lower_name": { + "canceljobrun": "CancelJobRun", + "createapplication": "CreateApplication", + "deleteapplication": "DeleteApplication", + "getapplication": "GetApplication", + "getdashboardforjobrun": "GetDashboardForJobRun", + "getjobrun": "GetJobRun", + "listapplications": "ListApplications", + "listjobruns": "ListJobRuns", + "listtagsforresource": "ListTagsForResource", + "startapplication": "StartApplication", + "startjobrun": "StartJobRun", + "stopapplication": "StopApplication", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:emr-serverless:${Region}:${Account}:/applications/${ApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "jobRun": { + "resource": "jobRun", + "arn": "arn:${Partition}:emr-serverless:${Region}:${Account}:/applications/${ApplicationId}/jobruns/${JobRunId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "application": "application", + "jobrun": "jobRun" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "events": { + "service_name": "Amazon EventBridge", + "prefix": "events", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridge.html", + "privileges": { + "ActivateEventSource": { + "privilege": "ActivateEventSource", + "description": "Grants permission to activate partner event sources", + "access_level": "Write", + "resource_types": { + "event-source": { + "resource_type": "event-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-source": "event-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ActivateEventSource.html" + }, + "CancelReplay": { + "privilege": "CancelReplay", + "description": "Grants permission to cancel a replay", + "access_level": "Write", + "resource_types": { + "replay": { + "resource_type": "replay", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replay": "replay" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CancelReplay.html" + }, + "CreateApiDestination": { + "privilege": "CreateApiDestination", + "description": "Grants permission to create a new api destination", + "access_level": "Write", + "resource_types": { + "api-destination": { + "resource_type": "api-destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-destination": "api-destination", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateApiDestination.html" + }, + "CreateArchive": { + "privilege": "CreateArchive", + "description": "Grants permission to create a new archive", + "access_level": "Write", + "resource_types": { + "archive": { + "resource_type": "archive", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "event-bus": { + "resource_type": "event-bus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archive": "archive", + "event-bus": "event-bus" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html" + }, + "CreateConnection": { + "privilege": "CreateConnection", + "description": "Grants permission to create a new connection", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateConnection.html" + }, + "CreateEndpoint": { + "privilege": "CreateEndpoint", + "description": "Grants permission to create an endpoint", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:EventBusArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEndpoint.html" + }, + "CreateEventBus": { + "privilege": "CreateEventBus", + "description": "Grants permission to create event buses", + "access_level": "Write", + "resource_types": { + "event-bus": { + "resource_type": "event-bus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-bus": "event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateEventBus.html" + }, + "CreatePartnerEventSource": { + "privilege": "CreatePartnerEventSource", + "description": "Grants permission to create partner event sources", + "access_level": "Write", + "resource_types": { + "event-source": { + "resource_type": "event-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-source": "event-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreatePartnerEventSource.html" + }, + "DeactivateEventSource": { + "privilege": "DeactivateEventSource", + "description": "Grants permission to deactivate event sources", + "access_level": "Write", + "resource_types": { + "event-source": { + "resource_type": "event-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-source": "event-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeactivateEventSource.html" + }, + "DeauthorizeConnection": { + "privilege": "DeauthorizeConnection", + "description": "Grants permission to deauthorize a connection, deleting its stored authorization secrets", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeauthorizeConnection.html" + }, + "DeleteApiDestination": { + "privilege": "DeleteApiDestination", + "description": "Grants permission to delete an api destination", + "access_level": "Write", + "resource_types": { + "api-destination": { + "resource_type": "api-destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-destination": "api-destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteApiDestination.html" + }, + "DeleteArchive": { + "privilege": "DeleteArchive", + "description": "Grants permission to delete an archive", + "access_level": "Write", + "resource_types": { + "archive": { + "resource_type": "archive", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archive": "archive" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteArchive.html" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete a connection", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteConnection.html" + }, + "DeleteEndpoint": { + "privilege": "DeleteEndpoint", + "description": "Grants permission to delete an endpoint", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteEndpoint.html" + }, + "DeleteEventBus": { + "privilege": "DeleteEventBus", + "description": "Grants permission to delete event buses", + "access_level": "Write", + "resource_types": { + "event-bus": { + "resource_type": "event-bus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-bus": "event-bus" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteEventBus.html" + }, + "DeletePartnerEventSource": { + "privilege": "DeletePartnerEventSource", + "description": "Grants permission to delete partner event sources", + "access_level": "Write", + "resource_types": { + "event-source": { + "resource_type": "event-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-source": "event-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeletePartnerEventSource.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete rules", + "access_level": "Write", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:creatorAccount", + "events:ManagedBy" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DeleteRule.html" + }, + "DescribeApiDestination": { + "privilege": "DescribeApiDestination", + "description": "Grants permission to retrieve details about an api destination", + "access_level": "Read", + "resource_types": { + "api-destination": { + "resource_type": "api-destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-destination": "api-destination", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeApiDestination.html" + }, + "DescribeArchive": { + "privilege": "DescribeArchive", + "description": "Grants permission to retrieve details about an archive", + "access_level": "Read", + "resource_types": { + "archive": { + "resource_type": "archive", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archive": "archive" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeArchive.html" + }, + "DescribeConnection": { + "privilege": "DescribeConnection", + "description": "Grants permission to retrieve details about a conection", + "access_level": "Read", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeConnection.html" + }, + "DescribeEndpoint": { + "privilege": "DescribeEndpoint", + "description": "Grants permission to retrieve details about an endpoint", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEndpoint.html" + }, + "DescribeEventBus": { + "privilege": "DescribeEventBus", + "description": "Grants permission to retrieve details about event buses", + "access_level": "Read", + "resource_types": { + "event-bus": { + "resource_type": "event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-bus": "event-bus" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEventBus.html" + }, + "DescribeEventSource": { + "privilege": "DescribeEventSource", + "description": "Grants permission to retrieve details about event sources", + "access_level": "Read", + "resource_types": { + "event-source": { + "resource_type": "event-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-source": "event-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeEventSource.html" + }, + "DescribePartnerEventSource": { + "privilege": "DescribePartnerEventSource", + "description": "Grants permission to retrieve details about partner event sources", + "access_level": "Read", + "resource_types": { + "event-source": { + "resource_type": "event-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-source": "event-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribePartnerEventSource.html" + }, + "DescribeReplay": { + "privilege": "DescribeReplay", + "description": "Grants permission to retrieve the details of a replay", + "access_level": "Read", + "resource_types": { + "replay": { + "resource_type": "replay", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replay": "replay" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeReplay.html" + }, + "DescribeRule": { + "privilege": "DescribeRule", + "description": "Grants permission to retrieve details about rules", + "access_level": "Read", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:creatorAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DescribeRule.html" + }, + "DisableRule": { + "privilege": "DisableRule", + "description": "Grants permission to disable rules", + "access_level": "Write", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:creatorAccount", + "events:ManagedBy" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_DisableRule.html" + }, + "EnableRule": { + "privilege": "EnableRule", + "description": "Grants permission to enable rules", + "access_level": "Write", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:creatorAccount", + "events:ManagedBy" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_EnableRule.html" + }, + "InvokeApiDestination": { + "privilege": "InvokeApiDestination", + "description": "Grants permission to invoke an api destination", + "access_level": "Write", + "resource_types": { + "api-destination": { + "resource_type": "api-destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-destination": "api-destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/userguide/iam-identity-based-access-control-eventbridge.html" + }, + "ListApiDestinations": { + "privilege": "ListApiDestinations", + "description": "Grants permission to retrieve a list of api destinations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListApiDestinations.html" + }, + "ListArchives": { + "privilege": "ListArchives", + "description": "Grants permission to retrieve a list of archives", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListArchives.html" + }, + "ListConnections": { + "privilege": "ListConnections", + "description": "Grants permission to retrieve a list of connections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListConnections.html" + }, + "ListEndpoints": { + "privilege": "ListEndpoints", + "description": "Grants permission to retrieve a list of endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEndpoints.html" + }, + "ListEventBuses": { + "privilege": "ListEventBuses", + "description": "Grants permission to retrieve a list of the event buses in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEventBuses.html" + }, + "ListEventSources": { + "privilege": "ListEventSources", + "description": "Grants permission to to retrieve a list of event sources shared with this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListEventSources.html" + }, + "ListPartnerEventSourceAccounts": { + "privilege": "ListPartnerEventSourceAccounts", + "description": "Grants permission to retrieve a list of AWS account IDs associated with an event source", + "access_level": "List", + "resource_types": { + "event-source": { + "resource_type": "event-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-source": "event-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListPartnerEventSourceAccounts.html" + }, + "ListPartnerEventSources": { + "privilege": "ListPartnerEventSources", + "description": "Grants permission to retrieve a list partner event sources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListPartnerEventSources.html" + }, + "ListReplays": { + "privilege": "ListReplays", + "description": "Grants permission to retrieve a list of replays", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListReplays.html" + }, + "ListRuleNamesByTarget": { + "privilege": "ListRuleNamesByTarget", + "description": "Grants permission to retrieve a list of the names of the rules associated with a target", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListRuleNamesByTarget.html" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to retrieve a list of the Amazon EventBridge rules in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListRules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of tags associated with an Amazon EventBridge resource", + "access_level": "List", + "resource_types": { + "event-bus": { + "resource_type": "event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:creatorAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-bus": "event-bus", + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTargetsByRule": { + "privilege": "ListTargetsByRule", + "description": "Grants permission to retrieve a list of targets defined for a rule", + "access_level": "List", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:creatorAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_ListTargetsByRule.html" + }, + "PutEvents": { + "privilege": "PutEvents", + "description": "Grants permission to send custom events to Amazon EventBridge", + "access_level": "Write", + "resource_types": { + "event-bus": { + "resource_type": "event-bus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:detail-type", + "events:source", + "events:eventBusInvocation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-bus": "event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html" + }, + "PutPartnerEvents": { + "privilege": "PutPartnerEvents", + "description": "Grants permission to sends custom events to Amazon EventBridge", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPartnerEvents.html" + }, + "PutPermission": { + "privilege": "PutPermission", + "description": "Grants permission to use the PutPermission action to grants permission to another AWS account to put events to your default event bus", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html" + }, + "PutRule": { + "privilege": "PutRule", + "description": "Grants permission to create or updates rules", + "access_level": "Write", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:detail.userIdentity.principalId", + "events:detail-type", + "events:source", + "events:detail.service", + "events:detail.eventTypeCode", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "events:creatorAccount", + "events:ManagedBy" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutRule.html" + }, + "PutTargets": { + "privilege": "PutTargets", + "description": "Grants permission to add targets to a rule", + "access_level": "Write", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:TargetArn", + "events:creatorAccount", + "events:ManagedBy" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutTargets.html" + }, + "RemovePermission": { + "privilege": "RemovePermission", + "description": "Grants permission to revoke the permission of another AWS account to put events to your default event bus", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html" + }, + "RemoveTargets": { + "privilege": "RemoveTargets", + "description": "Grants permission to removes targets from a rule", + "access_level": "Write", + "resource_types": { + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:creatorAccount", + "events:ManagedBy" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemoveTargets.html" + }, + "StartReplay": { + "privilege": "StartReplay", + "description": "Grants permission to start a replay of an archive", + "access_level": "Write", + "resource_types": { + "archive": { + "resource_type": "archive", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "event-bus": { + "resource_type": "event-bus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "replay": { + "resource_type": "replay", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archive": "archive", + "event-bus": "event-bus", + "replay": "replay" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_StartReplay.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a tag to an Amazon EventBridge resource", + "access_level": "Tagging", + "resource_types": { + "event-bus": { + "resource_type": "event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "events:creatorAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-bus": "event-bus", + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_TagResource.html" + }, + "TestEventPattern": { + "privilege": "TestEventPattern", + "description": "Grants permission to test whether an event pattern matches the provided event", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_TestEventPattern.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an Amazon EventBridge resource", + "access_level": "Tagging", + "resource_types": { + "event-bus": { + "resource_type": "event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-custom-event-bus": { + "resource_type": "rule-on-custom-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule-on-default-event-bus": { + "resource_type": "rule-on-default-event-bus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "events:creatorAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-bus": "event-bus", + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UntagResource.html" + }, + "UpdateApiDestination": { + "privilege": "UpdateApiDestination", + "description": "Grants permission to update an api destination", + "access_level": "Write", + "resource_types": { + "api-destination": { + "resource_type": "api-destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-destination": "api-destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateApiDestination.html" + }, + "UpdateArchive": { + "privilege": "UpdateArchive", + "description": "Grants permission to update an archive", + "access_level": "Write", + "resource_types": { + "archive": { + "resource_type": "archive", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archive": "archive" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateArchive.html" + }, + "UpdateConnection": { + "privilege": "UpdateConnection", + "description": "Grants permission to update a connection", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateConnection.html" + }, + "UpdateEndpoint": { + "privilege": "UpdateEndpoint", + "description": "Grants permission to update an endpoint", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "events:EventBusArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdateEndpoint.html" + } + }, + "privileges_lower_name": { + "activateeventsource": "ActivateEventSource", + "cancelreplay": "CancelReplay", + "createapidestination": "CreateApiDestination", + "createarchive": "CreateArchive", + "createconnection": "CreateConnection", + "createendpoint": "CreateEndpoint", + "createeventbus": "CreateEventBus", + "createpartnereventsource": "CreatePartnerEventSource", + "deactivateeventsource": "DeactivateEventSource", + "deauthorizeconnection": "DeauthorizeConnection", + "deleteapidestination": "DeleteApiDestination", + "deletearchive": "DeleteArchive", + "deleteconnection": "DeleteConnection", + "deleteendpoint": "DeleteEndpoint", + "deleteeventbus": "DeleteEventBus", + "deletepartnereventsource": "DeletePartnerEventSource", + "deleterule": "DeleteRule", + "describeapidestination": "DescribeApiDestination", + "describearchive": "DescribeArchive", + "describeconnection": "DescribeConnection", + "describeendpoint": "DescribeEndpoint", + "describeeventbus": "DescribeEventBus", + "describeeventsource": "DescribeEventSource", + "describepartnereventsource": "DescribePartnerEventSource", + "describereplay": "DescribeReplay", + "describerule": "DescribeRule", + "disablerule": "DisableRule", + "enablerule": "EnableRule", + "invokeapidestination": "InvokeApiDestination", + "listapidestinations": "ListApiDestinations", + "listarchives": "ListArchives", + "listconnections": "ListConnections", + "listendpoints": "ListEndpoints", + "listeventbuses": "ListEventBuses", + "listeventsources": "ListEventSources", + "listpartnereventsourceaccounts": "ListPartnerEventSourceAccounts", + "listpartnereventsources": "ListPartnerEventSources", + "listreplays": "ListReplays", + "listrulenamesbytarget": "ListRuleNamesByTarget", + "listrules": "ListRules", + "listtagsforresource": "ListTagsForResource", + "listtargetsbyrule": "ListTargetsByRule", + "putevents": "PutEvents", + "putpartnerevents": "PutPartnerEvents", + "putpermission": "PutPermission", + "putrule": "PutRule", + "puttargets": "PutTargets", + "removepermission": "RemovePermission", + "removetargets": "RemoveTargets", + "startreplay": "StartReplay", + "tagresource": "TagResource", + "testeventpattern": "TestEventPattern", + "untagresource": "UntagResource", + "updateapidestination": "UpdateApiDestination", + "updatearchive": "UpdateArchive", + "updateconnection": "UpdateConnection", + "updateendpoint": "UpdateEndpoint" + }, + "resources": { + "event-source": { + "resource": "event-source", + "arn": "arn:${Partition}:events:${Region}::event-source/${EventSourceName}", + "condition_keys": [] + }, + "event-bus": { + "resource": "event-bus", + "arn": "arn:${Partition}:events:${Region}:${Account}:event-bus/${EventBusName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "rule-on-default-event-bus": { + "resource": "rule-on-default-event-bus", + "arn": "arn:${Partition}:events:${Region}:${Account}:rule/${RuleName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "rule-on-custom-event-bus": { + "resource": "rule-on-custom-event-bus", + "arn": "arn:${Partition}:events:${Region}:${Account}:rule/${EventBusName}/${RuleName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "archive": { + "resource": "archive", + "arn": "arn:${Partition}:events:${Region}:${Account}:archive/${ArchiveName}", + "condition_keys": [] + }, + "replay": { + "resource": "replay", + "arn": "arn:${Partition}:events:${Region}:${Account}:replay/${ReplayName}", + "condition_keys": [] + }, + "connection": { + "resource": "connection", + "arn": "arn:${Partition}:events:${Region}:${Account}:connection/${ConnectionName}", + "condition_keys": [] + }, + "api-destination": { + "resource": "api-destination", + "arn": "arn:${Partition}:events:${Region}:${Account}:api-destination/${ApiDestinationName}", + "condition_keys": [] + }, + "endpoint": { + "resource": "endpoint", + "arn": "arn:${Partition}:events:${Region}:${Account}:endpoint/${EndpointName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "event-source": "event-source", + "event-bus": "event-bus", + "rule-on-default-event-bus": "rule-on-default-event-bus", + "rule-on-custom-event-bus": "rule-on-custom-event-bus", + "archive": "archive", + "replay": "replay", + "connection": "connection", + "api-destination": "api-destination", + "endpoint": "endpoint" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the tags to event bus and rule actions", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource to event bus and rule actions", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tags in the request to event bus and rule actions", + "type": "ArrayOfString" + }, + "events:EventBusArn": { + "condition": "events:EventBusArn", + "description": "Filters access by the ARN of the event buses that can be associated with an endpoint to CreateEndpoint and UpdateEndpoint actions", + "type": "ArrayOfARN" + }, + "events:ManagedBy": { + "condition": "events:ManagedBy", + "description": "Filters access by AWS services. If a rule is created by an AWS service on your behalf, the value is the principal name of the service that created the rule", + "type": "String" + }, + "events:TargetArn": { + "condition": "events:TargetArn", + "description": "Filters access by the ARN of a target that can be put to a rule to PutTargets actions", + "type": "ArrayOfARN" + }, + "events:creatorAccount": { + "condition": "events:creatorAccount", + "description": "Filters access by the account the rule was created in to rule actions", + "type": "String" + }, + "events:detail-type": { + "condition": "events:detail-type", + "description": "Filters access by the literal string of the detail-type of the event to PutEvents and PutRule actions", + "type": "String" + }, + "events:detail.eventTypeCode": { + "condition": "events:detail.eventTypeCode", + "description": "Filters access by the literal string for the detail.eventTypeCode field of the event to PutRule actions", + "type": "String" + }, + "events:detail.service": { + "condition": "events:detail.service", + "description": "Filters access by the literal string for the detail.service field of the event to PutRule actions", + "type": "String" + }, + "events:detail.userIdentity.principalId": { + "condition": "events:detail.userIdentity.principalId", + "description": "Filters access by the literal string for the detail.useridentity.principalid field of the event to PutRule actions", + "type": "String" + }, + "events:eventBusInvocation": { + "condition": "events:eventBusInvocation", + "description": "Filters access by whether the event was generated via API or cross-account bus invocation to PutEvents actions", + "type": "String" + }, + "events:source": { + "condition": "events:source", + "description": "Filters access by the AWS service or AWS partner event source that generated the event to PutEvents and PutRule actions. Matches the literal string of the source field of the event", + "type": "ArrayOfString" + } + } + }, + "pipes": { + "service_name": "Amazon EventBridge Pipes", + "prefix": "pipes", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridgepipes.html", + "privileges": { + "CreatePipe": { + "privilege": "CreatePipe", + "description": "Grants permission to create a pipe", + "access_level": "Write", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_CreatePipe.html" + }, + "DeletePipe": { + "privilege": "DeletePipe", + "description": "Grants permission to delete a pipe", + "access_level": "Write", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_DeletePipe.html" + }, + "DescribePipe": { + "privilege": "DescribePipe", + "description": "Grants permission to describe a pipe", + "access_level": "Read", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_DescribePipe.html" + }, + "ListPipes": { + "privilege": "ListPipes", + "description": "Grants permission to list all pipes in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_ListPipes.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_ListTagsForResource.html" + }, + "StartPipe": { + "privilege": "StartPipe", + "description": "Grants permission to start a pipe", + "access_level": "Write", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_StartPipe.html" + }, + "StopPipe": { + "privilege": "StopPipe", + "description": "Grants permission to stop a pipe", + "access_level": "Write", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_StopPipe.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_UntagResource.html" + }, + "UpdatePipe": { + "privilege": "UpdatePipe", + "description": "Grants permission to update a pipe", + "access_level": "Write", + "resource_types": { + "pipe": { + "resource_type": "pipe", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipe": "pipe", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/pipes-reference/API_UpdatePipe.html" + } + }, + "privileges_lower_name": { + "createpipe": "CreatePipe", + "deletepipe": "DeletePipe", + "describepipe": "DescribePipe", + "listpipes": "ListPipes", + "listtagsforresource": "ListTagsForResource", + "startpipe": "StartPipe", + "stoppipe": "StopPipe", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatepipe": "UpdatePipe" + }, + "resources": { + "pipe": { + "resource": "pipe", + "arn": "arn:${Partition}:pipes:${Region}:${Account}:pipe/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "pipe": "pipe" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "scheduler": { + "service_name": "Amazon EventBridge Scheduler", + "prefix": "scheduler", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridgescheduler.html", + "privileges": { + "CreateSchedule": { + "privilege": "CreateSchedule", + "description": "Grants permission to create an Amazon EventBridge Scheduler schedule", + "access_level": "Write", + "resource_types": { + "schedule": { + "resource_type": "schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_CreateSchedule.html" + }, + "CreateScheduleGroup": { + "privilege": "CreateScheduleGroup", + "description": "Grants permission to create an Amazon EventBridge Scheduler schedule group", + "access_level": "Write", + "resource_types": { + "schedule-group": { + "resource_type": "schedule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule-group": "schedule-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_CreateScheduleGroup.html" + }, + "DeleteSchedule": { + "privilege": "DeleteSchedule", + "description": "Grants permission to delete an Amazon EventBridge Scheduler schedule", + "access_level": "Write", + "resource_types": { + "schedule": { + "resource_type": "schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_DeleteSchedule.html" + }, + "DeleteScheduleGroup": { + "privilege": "DeleteScheduleGroup", + "description": "Grants permission to delete an Amazon EventBridge Scheduler schedule group", + "access_level": "Write", + "resource_types": { + "schedule-group": { + "resource_type": "schedule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "scheduler:DeleteSchedule" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule-group": "schedule-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_DeleteScheduleGroup.html" + }, + "GetSchedule": { + "privilege": "GetSchedule", + "description": "Grants permission to view details about an Amazon EventBridge Scheduler schedule", + "access_level": "Read", + "resource_types": { + "schedule": { + "resource_type": "schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_GetSchedule.html" + }, + "GetScheduleGroup": { + "privilege": "GetScheduleGroup", + "description": "Grants permission to view details about an Amazon EventBridge Scheduler schedule group", + "access_level": "Read", + "resource_types": { + "schedule-group": { + "resource_type": "schedule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule-group": "schedule-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_GetScheduleGroup.html" + }, + "ListScheduleGroups": { + "privilege": "ListScheduleGroups", + "description": "Grants permission to list the Amazon EventBridge Scheduler schedule groups in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_ListScheduleGroups.html" + }, + "ListSchedules": { + "privilege": "ListSchedules", + "description": "Grants permission to list the Amazon EventBridge Scheduler schedules in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_ListSchedules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tag for an Amazon EventBridge Scheduler resource", + "access_level": "Read", + "resource_types": { + "schedule-group": { + "resource_type": "schedule-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule-group": "schedule-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon EventBridge Scheduler resource", + "access_level": "Tagging", + "resource_types": { + "schedule-group": { + "resource_type": "schedule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule-group": "schedule-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Amazon EventBridge Scheduler resource", + "access_level": "Tagging", + "resource_types": { + "schedule-group": { + "resource_type": "schedule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule-group": "schedule-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_UntagResource.html" + }, + "UpdateSchedule": { + "privilege": "UpdateSchedule", + "description": "Grants permission to modify an Amazon EventBridge Scheduler schedule", + "access_level": "Write", + "resource_types": { + "schedule": { + "resource_type": "schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/scheduler/latest/APIReference/API_UpdateSchedule.html" + } + }, + "privileges_lower_name": { + "createschedule": "CreateSchedule", + "createschedulegroup": "CreateScheduleGroup", + "deleteschedule": "DeleteSchedule", + "deleteschedulegroup": "DeleteScheduleGroup", + "getschedule": "GetSchedule", + "getschedulegroup": "GetScheduleGroup", + "listschedulegroups": "ListScheduleGroups", + "listschedules": "ListSchedules", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateschedule": "UpdateSchedule" + }, + "resources": { + "schedule-group": { + "resource": "schedule-group", + "arn": "arn:${Partition}:scheduler:${Region}:${Account}:schedule-group/${GroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "schedule": { + "resource": "schedule", + "arn": "arn:${Partition}:scheduler:${Region}:${Account}:schedule/${GroupName}/${ScheduleName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "schedule-group": "schedule-group", + "schedule": "schedule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "schemas": { + "service_name": "Amazon EventBridge Schemas", + "prefix": "schemas", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoneventbridgeschemas.html", + "privileges": { + "CreateDiscoverer": { + "privilege": "CreateDiscoverer", + "description": "Grants permission to create an event schema discoverer. Once created, your events will be automatically map into corresponding schema documents", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#CreateDiscoverer" + }, + "CreateRegistry": { + "privilege": "CreateRegistry", + "description": "Grants permission to create a new schema registry in your account", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#CreateRegistry" + }, + "CreateSchema": { + "privilege": "CreateSchema", + "description": "Grants permission to create a new schema in your account", + "access_level": "Write", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#CreateSchema" + }, + "DeleteDiscoverer": { + "privilege": "DeleteDiscoverer", + "description": "Grants permission to delete discoverer in your account", + "access_level": "Write", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#DeleteDiscoverer" + }, + "DeleteRegistry": { + "privilege": "DeleteRegistry", + "description": "Grants permission to delete an existing registry in your account", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#DeleteRegistry" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete the resource-based policy attached to a given registry", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#DeleteResourcePolicy" + }, + "DeleteSchema": { + "privilege": "DeleteSchema", + "description": "Grants permission to delete an existing schema in your account", + "access_level": "Write", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DeleteSchema" + }, + "DeleteSchemaVersion": { + "privilege": "DeleteSchemaVersion", + "description": "Grants permission to delete a specific version of schema in your account", + "access_level": "Write", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-version-schemaversion.html#DeleteSchemaVersion" + }, + "DescribeCodeBinding": { + "privilege": "DescribeCodeBinding", + "description": "Grants permission to retrieve metadata for generated code for specific schema in your account", + "access_level": "Read", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-language-language.html#DescribeCodeBinding" + }, + "DescribeDiscoverer": { + "privilege": "DescribeDiscoverer", + "description": "Grants permission to retrieve discoverer metadata in your account", + "access_level": "Read", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#DescribeDiscoverer" + }, + "DescribeRegistry": { + "privilege": "DescribeRegistry", + "description": "Grants permission to describe an existing registry metadata in your account", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#DescribeRegistry" + }, + "DescribeSchema": { + "privilege": "DescribeSchema", + "description": "Grants permission to retrieve an existing schema in your account", + "access_level": "Read", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DescribeSchema" + }, + "ExportSchema": { + "privilege": "ExportSchema", + "description": "Grants permission to export the AWS registry or discovered schemas in OpenAPI 3 format to JSONSchema format", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#ExportSchema" + }, + "GetCodeBindingSource": { + "privilege": "GetCodeBindingSource", + "description": "Grants permission to retrieve metadata for generated code for specific schema in your account", + "access_level": "Read", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-language-language-source.html#GetCodeBindingSource" + }, + "GetDiscoveredSchema": { + "privilege": "GetDiscoveredSchema", + "description": "Grants permission to retrieve a schema for the provided list of sample events", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discover.html#GetDiscoveredSchema" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to retrieve the resource-based policy attached to a given registry", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#GetResourcePolicy" + }, + "ListDiscoverers": { + "privilege": "ListDiscoverers", + "description": "Grants permission to list all discoverers in your account", + "access_level": "List", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#ListDiscoverers" + }, + "ListRegistries": { + "privilege": "ListRegistries", + "description": "Grants permission to list all registries in your account", + "access_level": "List", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries.html#ListRegistries" + }, + "ListSchemaVersions": { + "privilege": "ListSchemaVersions", + "description": "Grants permission to list all versions of a schema", + "access_level": "List", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-versions.html#ListSchemaVersions" + }, + "ListSchemas": { + "privilege": "ListSchemas", + "description": "Grants permission to list all schemas", + "access_level": "List", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas.html#ListSchemas" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tags for a resource", + "access_level": "Read", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer", + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/tags-resource-arn.html#ListTagsForResource" + }, + "PutCodeBinding": { + "privilege": "PutCodeBinding", + "description": "Grants permission to generate code for specific schema in your account", + "access_level": "Write", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-language-language.html#PutCodeBinding" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to attach a resource-based policy to a given registry", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-policy.html#PutResourcePolicy" + }, + "SearchSchemas": { + "privilege": "SearchSchemas", + "description": "Grants permission to search schemas based on specified keywords in your account", + "access_level": "List", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-search.html#SearchSchemas" + }, + "StartDiscoverer": { + "privilege": "StartDiscoverer", + "description": "Grants permission to start the specified discoverer. Once started the discoverer will automatically register schemas for published events to configured source in your account", + "access_level": "Write", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#StartDiscoverer" + }, + "StopDiscoverer": { + "privilege": "StopDiscoverer", + "description": "Grants permission to stop the specified discoverer. Once stopped the discoverer will no longer register schemas for published events to configured source in your account", + "access_level": "Write", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#StopDiscoverer" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer", + "registry": "registry", + "schema": "schema", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/tags-resource-arn.html#TagResource" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a resource", + "access_level": "Tagging", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer", + "registry": "registry", + "schema": "schema", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/tags-resource-arn.html#UntagResource" + }, + "UpdateDiscoverer": { + "privilege": "UpdateDiscoverer", + "description": "Grants permission to update an existing discoverer in your account", + "access_level": "Write", + "resource_types": { + "discoverer": { + "resource_type": "discoverer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoverer": "discoverer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers-id-discovererid.html#UpdateDiscoverer" + }, + "UpdateRegistry": { + "privilege": "UpdateRegistry", + "description": "Grants permission to update an existing registry metadata in your account", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#UpdateRegistry" + }, + "UpdateSchema": { + "privilege": "UpdateSchema", + "description": "Grants permission to update an existing schema in your account", + "access_level": "Write", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#UpdateSchema" + } + }, + "privileges_lower_name": { + "creatediscoverer": "CreateDiscoverer", + "createregistry": "CreateRegistry", + "createschema": "CreateSchema", + "deletediscoverer": "DeleteDiscoverer", + "deleteregistry": "DeleteRegistry", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteschema": "DeleteSchema", + "deleteschemaversion": "DeleteSchemaVersion", + "describecodebinding": "DescribeCodeBinding", + "describediscoverer": "DescribeDiscoverer", + "describeregistry": "DescribeRegistry", + "describeschema": "DescribeSchema", + "exportschema": "ExportSchema", + "getcodebindingsource": "GetCodeBindingSource", + "getdiscoveredschema": "GetDiscoveredSchema", + "getresourcepolicy": "GetResourcePolicy", + "listdiscoverers": "ListDiscoverers", + "listregistries": "ListRegistries", + "listschemaversions": "ListSchemaVersions", + "listschemas": "ListSchemas", + "listtagsforresource": "ListTagsForResource", + "putcodebinding": "PutCodeBinding", + "putresourcepolicy": "PutResourcePolicy", + "searchschemas": "SearchSchemas", + "startdiscoverer": "StartDiscoverer", + "stopdiscoverer": "StopDiscoverer", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatediscoverer": "UpdateDiscoverer", + "updateregistry": "UpdateRegistry", + "updateschema": "UpdateSchema" + }, + "resources": { + "discoverer": { + "resource": "discoverer", + "arn": "arn:${Partition}:schemas:${Region}:${Account}:discoverer/${DiscovererId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "registry": { + "resource": "registry", + "arn": "arn:${Partition}:schemas:${Region}:${Account}:registry/${RegistryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "schema": { + "resource": "schema", + "arn": "arn:${Partition}:schemas:${Region}:${Account}:schema/${RegistryName}/${SchemaName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "discoverer": "discoverer", + "registry": "registry", + "schema": "schema" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "finspace": { + "service_name": "Amazon FinSpace", + "prefix": "finspace", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfinspace.html", + "privileges": { + "ConnectKxCluster": { + "privilege": "ConnectKxCluster", + "description": "Grants permission to connect to a kdb cluster", + "access_level": "Write", + "resource_types": { + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxcluster": "kxCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/interacting-with-kdb-clusters.html" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to create a FinSpace environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateEnvironment.html" + }, + "CreateKxChangeset": { + "privilege": "CreateKxChangeset", + "description": "Grants permission to create a changeset for a kdb database", + "access_level": "Write", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxChangeset.html" + }, + "CreateKxCluster": { + "privilege": "CreateKxCluster", + "description": "Grants permission to create a cluster in a managed kdb environment", + "access_level": "Write", + "resource_types": { + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeSubnets", + "finspace:MountKxDatabase" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxcluster": "kxCluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxCluster.html" + }, + "CreateKxDatabase": { + "privilege": "CreateKxDatabase", + "description": "Grants permission to create a kdb database in a managed kdb environment", + "access_level": "Write", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxDatabase.html" + }, + "CreateKxEnvironment": { + "privilege": "CreateKxEnvironment", + "description": "Grants permission to create a managed kdb environment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxEnvironment.html" + }, + "CreateKxUser": { + "privilege": "CreateKxUser", + "description": "Grants permission to create a user in a managed kdb environment", + "access_level": "Write", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_CreateKxUser.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a FinSpace user", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete a FinSpace environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteEnvironment.html" + }, + "DeleteKxCluster": { + "privilege": "DeleteKxCluster", + "description": "Grants permission to delete a kdb cluster", + "access_level": "Write", + "resource_types": { + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxcluster": "kxCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxCluster.html" + }, + "DeleteKxDatabase": { + "privilege": "DeleteKxDatabase", + "description": "Grants permission to delete a kdb database", + "access_level": "Write", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxDatabase.html" + }, + "DeleteKxEnvironment": { + "privilege": "DeleteKxEnvironment", + "description": "Grants permission to delete a managed kdb environment", + "access_level": "Write", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxEnvironment.html" + }, + "DeleteKxUser": { + "privilege": "DeleteKxUser", + "description": "Grants permission to delete a kdb user", + "access_level": "Write", + "resource_types": { + "kxUser": { + "resource_type": "kxUser", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxuser": "kxUser" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_DeleteKxUser.html" + }, + "GetEnvironment": { + "privilege": "GetEnvironment", + "description": "Grants permission to describe a FinSpace environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetEnvironment.html" + }, + "GetKxChangeset": { + "privilege": "GetKxChangeset", + "description": "Grants permission to describe a changeset for a kdb database", + "access_level": "Read", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxChangeset.html" + }, + "GetKxCluster": { + "privilege": "GetKxCluster", + "description": "Grants permission to describe a cluster in a managed kdb environment", + "access_level": "Read", + "resource_types": { + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxcluster": "kxCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxCluster.html" + }, + "GetKxConnectionString": { + "privilege": "GetKxConnectionString", + "description": "Grants permission to retrieve a connection string for kdb clusters", + "access_level": "Read", + "resource_types": { + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "finspace:ConnectKxCluster" + ] + } + }, + "resource_types_lower_name": { + "kxcluster": "kxCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxConnectionString.html" + }, + "GetKxDatabase": { + "privilege": "GetKxDatabase", + "description": "Grants permission to describe a kdb database", + "access_level": "Read", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxDatabase.html" + }, + "GetKxEnvironment": { + "privilege": "GetKxEnvironment", + "description": "Grants permission to describe a managed kdb environment", + "access_level": "Read", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxEnvironment.html" + }, + "GetKxUser": { + "privilege": "GetKxUser", + "description": "Grants permission to describe a kdb user", + "access_level": "Read", + "resource_types": { + "kxUser": { + "resource_type": "kxUser", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxuser": "kxUser" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_GetKxUser.html" + }, + "GetLoadSampleDataSetGroupIntoEnvironmentStatus": { + "privilege": "GetLoadSampleDataSetGroupIntoEnvironmentStatus", + "description": "Grants permission to request status of the loading of sample data bundle", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" + }, + "GetUser": { + "privilege": "GetUser", + "description": "Grants permission to describe a FinSpace user", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" + }, + "ListEnvironments": { + "privilege": "ListEnvironments", + "description": "Grants permission to list FinSpace environments in the AWS account", + "access_level": "List", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListEnvironments.html" + }, + "ListKxChangesets": { + "privilege": "ListKxChangesets", + "description": "Grants permission to list changesets for a kdb database", + "access_level": "List", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxChangesets.html" + }, + "ListKxClusterNodes": { + "privilege": "ListKxClusterNodes", + "description": "Grants permission to list cluster nodes in a managed kdb environment", + "access_level": "List", + "resource_types": { + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxcluster": "kxCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxClusterNodes.html" + }, + "ListKxClusters": { + "privilege": "ListKxClusters", + "description": "Grants permission to list clusters in a managed kdb environment", + "access_level": "List", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxClusters.html" + }, + "ListKxDatabases": { + "privilege": "ListKxDatabases", + "description": "Grants permission to list kdb databases in a managed kdb environment", + "access_level": "List", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxDatabases.html" + }, + "ListKxEnvironments": { + "privilege": "ListKxEnvironments", + "description": "Grants permission to list managed kdb environments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxEnvironments.html" + }, + "ListKxUsers": { + "privilege": "ListKxUsers", + "description": "Grants permission to list users in a managed kdb environment", + "access_level": "List", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListKxUsers.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return a list of tags for a resource", + "access_level": "List", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "kxUser": { + "resource_type": "kxUser", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "kxcluster": "kxCluster", + "kxdatabase": "kxDatabase", + "kxenvironment": "kxEnvironment", + "kxuser": "kxUser" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_ListTagsForResource.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list FinSpace users in an environment", + "access_level": "List", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" + }, + "LoadSampleDataSetGroupIntoEnvironment": { + "privilege": "LoadSampleDataSetGroupIntoEnvironment", + "description": "Grants permission to load sample data bundle into your FinSpace environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" + }, + "MountKxDatabase": { + "privilege": "MountKxDatabase", + "description": "Grants permission to mount a database to a kdb cluster", + "access_level": "Write", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-managed-kdb-db.html" + }, + "ResetUserPassword": { + "privilege": "ResetUserPassword", + "description": "Grants permission to reset the password for a FinSpace user", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxCluster": { + "resource_type": "kxCluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxDatabase": { + "resource_type": "kxDatabase", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxUser": { + "resource_type": "kxUser", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "kxcluster": "kxCluster", + "kxdatabase": "kxDatabase", + "kxenvironment": "kxEnvironment", + "kxuser": "kxUser", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxCluster": { + "resource_type": "kxCluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxDatabase": { + "resource_type": "kxDatabase", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "kxUser": { + "resource_type": "kxUser", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "kxcluster": "kxCluster", + "kxdatabase": "kxDatabase", + "kxenvironment": "kxEnvironment", + "kxuser": "kxUser", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UntagResource.html" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to update a FinSpace environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateEnvironment.html" + }, + "UpdateKxClusterDatabases": { + "privilege": "UpdateKxClusterDatabases", + "description": "Grants permission to update databases for a cluster in a managed kdb environment", + "access_level": "Write", + "resource_types": { + "kxCluster": { + "resource_type": "kxCluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxcluster": "kxCluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxClusterDatabases.html" + }, + "UpdateKxDatabase": { + "privilege": "UpdateKxDatabase", + "description": "Grants permission to update a kdb database", + "access_level": "Write", + "resource_types": { + "kxDatabase": { + "resource_type": "kxDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxdatabase": "kxDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxDatabase.html" + }, + "UpdateKxEnvironment": { + "privilege": "UpdateKxEnvironment", + "description": "Grants permission to update a managed kdb environment", + "access_level": "Write", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxEnvironment.html" + }, + "UpdateKxEnvironmentNetwork": { + "privilege": "UpdateKxEnvironmentNetwork", + "description": "Grants permission to update the network for a managed kdb environment", + "access_level": "Write", + "resource_types": { + "kxEnvironment": { + "resource_type": "kxEnvironment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxenvironment": "kxEnvironment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxEnvironmentNetwork.html" + }, + "UpdateKxUser": { + "privilege": "UpdateKxUser", + "description": "Grants permission to update a kdb user", + "access_level": "Write", + "resource_types": { + "kxUser": { + "resource_type": "kxUser", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kxuser": "kxUser" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/management-api/API_UpdateKxUser.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update a FinSpace user", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/userguide/finspace-what-is.html" + } + }, + "privileges_lower_name": { + "connectkxcluster": "ConnectKxCluster", + "createenvironment": "CreateEnvironment", + "createkxchangeset": "CreateKxChangeset", + "createkxcluster": "CreateKxCluster", + "createkxdatabase": "CreateKxDatabase", + "createkxenvironment": "CreateKxEnvironment", + "createkxuser": "CreateKxUser", + "createuser": "CreateUser", + "deleteenvironment": "DeleteEnvironment", + "deletekxcluster": "DeleteKxCluster", + "deletekxdatabase": "DeleteKxDatabase", + "deletekxenvironment": "DeleteKxEnvironment", + "deletekxuser": "DeleteKxUser", + "getenvironment": "GetEnvironment", + "getkxchangeset": "GetKxChangeset", + "getkxcluster": "GetKxCluster", + "getkxconnectionstring": "GetKxConnectionString", + "getkxdatabase": "GetKxDatabase", + "getkxenvironment": "GetKxEnvironment", + "getkxuser": "GetKxUser", + "getloadsampledatasetgroupintoenvironmentstatus": "GetLoadSampleDataSetGroupIntoEnvironmentStatus", + "getuser": "GetUser", + "listenvironments": "ListEnvironments", + "listkxchangesets": "ListKxChangesets", + "listkxclusternodes": "ListKxClusterNodes", + "listkxclusters": "ListKxClusters", + "listkxdatabases": "ListKxDatabases", + "listkxenvironments": "ListKxEnvironments", + "listkxusers": "ListKxUsers", + "listtagsforresource": "ListTagsForResource", + "listusers": "ListUsers", + "loadsampledatasetgroupintoenvironment": "LoadSampleDataSetGroupIntoEnvironment", + "mountkxdatabase": "MountKxDatabase", + "resetuserpassword": "ResetUserPassword", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateenvironment": "UpdateEnvironment", + "updatekxclusterdatabases": "UpdateKxClusterDatabases", + "updatekxdatabase": "UpdateKxDatabase", + "updatekxenvironment": "UpdateKxEnvironment", + "updatekxenvironmentnetwork": "UpdateKxEnvironmentNetwork", + "updatekxuser": "UpdateKxUser", + "updateuser": "UpdateUser" + }, + "resources": { + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:finspace:${Region}:${Account}:environment/${EnvironmentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:finspace:${Region}:${Account}:user/${UserId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "kxEnvironment": { + "resource": "kxEnvironment", + "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "kxUser": { + "resource": "kxUser", + "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}/kxUser/${UserName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "kxCluster": { + "resource": "kxCluster", + "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}/kxCluster/${KxCluster}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "kxDatabase": { + "resource": "kxDatabase", + "arn": "arn:${Partition}:finspace:${Region}:${Account}:kxEnvironment/${EnvironmentId}/kxDatabase/${KxDatabase}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "environment": "environment", + "user": "user", + "kxenvironment": "kxEnvironment", + "kxuser": "kxUser", + "kxcluster": "kxCluster", + "kxdatabase": "kxDatabase" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "finspace-api": { + "service_name": "Amazon FinSpace API", + "prefix": "finspace-api", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfinspaceapi.html", + "privileges": { + "GetProgrammaticAccessCredentials": { + "privilege": "GetProgrammaticAccessCredentials", + "description": "Grants permission to retrieve FinSpace programmatic access credentials", + "access_level": "Read", + "resource_types": { + "credential": { + "resource_type": "credential", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "credential": "credential" + }, + "api_documentation_link": "https://docs.aws.amazon.com/finspace/latest/data-api/API_GetProgrammaticAccessCredentials.html" + } + }, + "privileges_lower_name": { + "getprogrammaticaccesscredentials": "GetProgrammaticAccessCredentials" + }, + "resources": { + "credential": { + "resource": "credential", + "arn": "arn:${Partition}:finspace-api:${Region}:${Account}:/credentials/programmatic", + "condition_keys": [] + } + }, + "resources_lower_name": { + "credential": "credential" + }, + "conditions": {} + }, + "forecast": { + "service_name": "Amazon Forecast", + "prefix": "forecast", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonforecast.html", + "privileges": { + "CreateAutoPredictor": { + "privilege": "CreateAutoPredictor", + "description": "Grants permission to create an auto predictor", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateAutoPredictor.html" + }, + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Grants permission to create a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html" + }, + "CreateDatasetGroup": { + "privilege": "CreateDatasetGroup", + "description": "Grants permission to create a dataset group", + "access_level": "Write", + "resource_types": { + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetgroup": "datasetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDatasetGroup.html" + }, + "CreateDatasetImportJob": { + "privilege": "CreateDatasetImportJob", + "description": "Grants permission to create a dataset import job", + "access_level": "Write", + "resource_types": { + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetimportjob": "datasetImportJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDatasetImportJob.html" + }, + "CreateExplainability": { + "privilege": "CreateExplainability", + "description": "Grants permission to create an explainability", + "access_level": "Write", + "resource_types": { + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecast": "forecast", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateExplainability.html" + }, + "CreateExplainabilityExport": { + "privilege": "CreateExplainabilityExport", + "description": "Grants permission to create an explainability export using an explainability resource", + "access_level": "Write", + "resource_types": { + "explainability": { + "resource_type": "explainability", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "explainability": "explainability", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateExplainabilityExport.html" + }, + "CreateForecast": { + "privilege": "CreateForecast", + "description": "Grants permission to create a forecast", + "access_level": "Write", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateForecast.html" + }, + "CreateForecastEndpoint": { + "privilege": "CreateForecastEndpoint", + "description": "Grants permission to create an endpoint using a Predictor resource", + "access_level": "Write", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" + }, + "CreateForecastExportJob": { + "privilege": "CreateForecastExportJob", + "description": "Grants permission to create a forecast export job using a forecast resource", + "access_level": "Write", + "resource_types": { + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecast": "forecast", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateForecastExportJob.html" + }, + "CreateMonitor": { + "privilege": "CreateMonitor", + "description": "Grants permission to create an monitor using a Predictor resource", + "access_level": "Write", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateMonitor.html" + }, + "CreatePredictor": { + "privilege": "CreatePredictor", + "description": "Grants permission to create a predictor", + "access_level": "Write", + "resource_types": { + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetgroup": "datasetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreatePredictor.html" + }, + "CreatePredictorBacktestExportJob": { + "privilege": "CreatePredictorBacktestExportJob", + "description": "Grants permission to create a predictor backtest export job using a predictor", + "access_level": "Write", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreatePredictorBacktestExportJob.html" + }, + "CreateWhatIfAnalysis": { + "privilege": "CreateWhatIfAnalysis", + "description": "Grants permission to create a what-if analysis", + "access_level": "Write", + "resource_types": { + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecast": "forecast", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateWhatIfAnalysis.html" + }, + "CreateWhatIfForecast": { + "privilege": "CreateWhatIfForecast", + "description": "Grants permission to create a what-if forecast", + "access_level": "Write", + "resource_types": { + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifanalysis": "whatIfAnalysis", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateWhatIfForecast.html" + }, + "CreateWhatIfForecastExport": { + "privilege": "CreateWhatIfForecastExport", + "description": "Grants permission to create a what-if forecast export using what-if forecast resources", + "access_level": "Write", + "resource_types": { + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifforecast": "whatIfForecast", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_CreateWhatIfForecastExport.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Grants permission to delete a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteDataset.html" + }, + "DeleteDatasetGroup": { + "privilege": "DeleteDatasetGroup", + "description": "Grants permission to delete a dataset group", + "access_level": "Write", + "resource_types": { + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetgroup": "datasetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteDatasetGroup.html" + }, + "DeleteDatasetImportJob": { + "privilege": "DeleteDatasetImportJob", + "description": "Grants permission to delete a dataset import job", + "access_level": "Write", + "resource_types": { + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetimportjob": "datasetImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteDatasetImportJob.html" + }, + "DeleteExplainability": { + "privilege": "DeleteExplainability", + "description": "Grants permission to delete an explainability", + "access_level": "Write", + "resource_types": { + "explainability": { + "resource_type": "explainability", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "explainability": "explainability" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteExplainability.html" + }, + "DeleteExplainabilityExport": { + "privilege": "DeleteExplainabilityExport", + "description": "Grants permission to delete an explainability export", + "access_level": "Write", + "resource_types": { + "explainabilityExport": { + "resource_type": "explainabilityExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "explainabilityexport": "explainabilityExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteExplainabilityExport.html" + }, + "DeleteForecast": { + "privilege": "DeleteForecast", + "description": "Grants permission to delete a forecast", + "access_level": "Write", + "resource_types": { + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecast": "forecast" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteForecast.html" + }, + "DeleteForecastEndpoint": { + "privilege": "DeleteForecastEndpoint", + "description": "Grants permission to delete an endpoint resource", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" + }, + "DeleteForecastExportJob": { + "privilege": "DeleteForecastExportJob", + "description": "Grants permission to delete a forecast export job", + "access_level": "Write", + "resource_types": { + "forecastExport": { + "resource_type": "forecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecastexport": "forecastExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteForecastExportJob.html" + }, + "DeleteMonitor": { + "privilege": "DeleteMonitor", + "description": "Grants permission to delete a monitor resource", + "access_level": "Write", + "resource_types": { + "monitor": { + "resource_type": "monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteMonitor.html" + }, + "DeletePredictor": { + "privilege": "DeletePredictor", + "description": "Grants permission to delete a predictor", + "access_level": "Write", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeletePredictor.html" + }, + "DeletePredictorBacktestExportJob": { + "privilege": "DeletePredictorBacktestExportJob", + "description": "Grants permission to delete a predictor backtest export job", + "access_level": "Write", + "resource_types": { + "predictorBacktestExportJob": { + "resource_type": "predictorBacktestExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictorbacktestexportjob": "predictorBacktestExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeletePredictorBacktestExportJob.html" + }, + "DeleteResourceTree": { + "privilege": "DeleteResourceTree", + "description": "Grants permission to delete a resource and its child resources", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "explainability": { + "resource_type": "explainability", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "explainabilityExport": { + "resource_type": "explainabilityExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "forecastExport": { + "resource_type": "forecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "monitor": { + "resource_type": "monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "predictorBacktestExportJob": { + "resource_type": "predictorBacktestExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecastExport": { + "resource_type": "whatIfForecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "datasetgroup": "datasetGroup", + "datasetimportjob": "datasetImportJob", + "endpoint": "endpoint", + "explainability": "explainability", + "explainabilityexport": "explainabilityExport", + "forecast": "forecast", + "forecastexport": "forecastExport", + "monitor": "monitor", + "predictor": "predictor", + "predictorbacktestexportjob": "predictorBacktestExportJob", + "whatifanalysis": "whatIfAnalysis", + "whatifforecast": "whatIfForecast", + "whatifforecastexport": "whatIfForecastExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteResourceTree.html" + }, + "DeleteWhatIfAnalysis": { + "privilege": "DeleteWhatIfAnalysis", + "description": "Grants permission to delete a what-if analysis", + "access_level": "Write", + "resource_types": { + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifanalysis": "whatIfAnalysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteWhatIfAnalysis.html" + }, + "DeleteWhatIfForecast": { + "privilege": "DeleteWhatIfForecast", + "description": "Grants permission to delete a what-if forecast", + "access_level": "Write", + "resource_types": { + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifforecast": "whatIfForecast" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteWhatIfForecast.html" + }, + "DeleteWhatIfForecastExport": { + "privilege": "DeleteWhatIfForecastExport", + "description": "Grants permission to delete a what-if forecast export", + "access_level": "Write", + "resource_types": { + "whatIfForecastExport": { + "resource_type": "whatIfForecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifforecastexport": "whatIfForecastExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DeleteWhatIfForecastExport.html" + }, + "DescribeAutoPredictor": { + "privilege": "DescribeAutoPredictor", + "description": "Grants permission to describe an auto predictor", + "access_level": "Read", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeAutoPredictor.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to describe a dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeDataset.html" + }, + "DescribeDatasetGroup": { + "privilege": "DescribeDatasetGroup", + "description": "Grants permission to describe a dataset group", + "access_level": "Read", + "resource_types": { + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetgroup": "datasetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeDatasetGroup.html" + }, + "DescribeDatasetImportJob": { + "privilege": "DescribeDatasetImportJob", + "description": "Grants permission to describe a dataset import job", + "access_level": "Read", + "resource_types": { + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetimportjob": "datasetImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeDatasetImportJob.html" + }, + "DescribeExplainability": { + "privilege": "DescribeExplainability", + "description": "Grants permission to describe an explainability", + "access_level": "Read", + "resource_types": { + "explainability": { + "resource_type": "explainability", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "explainability": "explainability" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeExplainability.html" + }, + "DescribeExplainabilityExport": { + "privilege": "DescribeExplainabilityExport", + "description": "Grants permission to describe an explainability export", + "access_level": "Read", + "resource_types": { + "explainabilityExport": { + "resource_type": "explainabilityExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "explainabilityexport": "explainabilityExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeExplainabilityExport.html" + }, + "DescribeForecast": { + "privilege": "DescribeForecast", + "description": "Grants permission to describe a forecast", + "access_level": "Read", + "resource_types": { + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecast": "forecast" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeForecast.html" + }, + "DescribeForecastEndpoint": { + "privilege": "DescribeForecastEndpoint", + "description": "Grants permission to describe an endpoint resource", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" + }, + "DescribeForecastExportJob": { + "privilege": "DescribeForecastExportJob", + "description": "Grants permission to describe a forecast export job", + "access_level": "Read", + "resource_types": { + "forecastExport": { + "resource_type": "forecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecastexport": "forecastExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeForecastExportJob.html" + }, + "DescribeMonitor": { + "privilege": "DescribeMonitor", + "description": "Grants permission to describe an monitor resource", + "access_level": "Read", + "resource_types": { + "monitor": { + "resource_type": "monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeMonitor.html" + }, + "DescribePredictor": { + "privilege": "DescribePredictor", + "description": "Grants permission to describe a predictor", + "access_level": "Read", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribePredictor.html" + }, + "DescribePredictorBacktestExportJob": { + "privilege": "DescribePredictorBacktestExportJob", + "description": "Grants permission to describe a predictor backtest export job", + "access_level": "Read", + "resource_types": { + "predictorBacktestExportJob": { + "resource_type": "predictorBacktestExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictorbacktestexportjob": "predictorBacktestExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribePredictorBacktestExportJob.html" + }, + "DescribeWhatIfAnalysis": { + "privilege": "DescribeWhatIfAnalysis", + "description": "Grants permission to describe a what-if analysis", + "access_level": "Read", + "resource_types": { + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifanalysis": "whatIfAnalysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeWhatIfAnalysis.html" + }, + "DescribeWhatIfForecast": { + "privilege": "DescribeWhatIfForecast", + "description": "Grants permission to describe a what-if forecast", + "access_level": "Read", + "resource_types": { + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifforecast": "whatIfForecast" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeWhatIfForecast.html" + }, + "DescribeWhatIfForecastExport": { + "privilege": "DescribeWhatIfForecastExport", + "description": "Grants permission to describe a what-if forecast export", + "access_level": "Read", + "resource_types": { + "whatIfForecastExport": { + "resource_type": "whatIfForecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifforecastexport": "whatIfForecastExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_DescribeWhatIfForecastExport.html" + }, + "GetAccuracyMetrics": { + "privilege": "GetAccuracyMetrics", + "description": "Grants permission to get the Accuracy Metrics for a predictor", + "access_level": "Read", + "resource_types": { + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "predictor": "predictor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_GetAccuracyMetrics.html" + }, + "GetRecentForecastContext": { + "privilege": "GetRecentForecastContext", + "description": "Grants permission to get the forecast context of a timeseries for an endpoint", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" + }, + "InvokeForecastEndpoint": { + "privilege": "InvokeForecastEndpoint", + "description": "Grants permission to invoke the endpoint to get forecast for a timeseries", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/what-is-forecast.html" + }, + "ListDatasetGroups": { + "privilege": "ListDatasetGroups", + "description": "Grants permission to list all the dataset groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListDatasetGroups.html" + }, + "ListDatasetImportJobs": { + "privilege": "ListDatasetImportJobs", + "description": "Grants permission to list all the dataset import jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListDatasetImportJobs.html" + }, + "ListDatasets": { + "privilege": "ListDatasets", + "description": "Grants permission to list all the datasets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListDatasets.html" + }, + "ListExplainabilities": { + "privilege": "ListExplainabilities", + "description": "Grants permission to list all the explainabilities", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListExplainabilities.html" + }, + "ListExplainabilityExports": { + "privilege": "ListExplainabilityExports", + "description": "Grants permission to list all the explainability exports", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListExplainabilityExports.html" + }, + "ListForecastExportJobs": { + "privilege": "ListForecastExportJobs", + "description": "Grants permission to list all the forecast export jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListForecastExportJobs.html" + }, + "ListForecasts": { + "privilege": "ListForecasts", + "description": "Grants permission to list all the forecasts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListForecasts.html" + }, + "ListMonitorEvaluations": { + "privilege": "ListMonitorEvaluations", + "description": "Grants permission to list all the monitor evaluation result for a monitor", + "access_level": "Read", + "resource_types": { + "monitor": { + "resource_type": "monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "monitor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListMonitorEvaluations.html" + }, + "ListMonitors": { + "privilege": "ListMonitors", + "description": "Grants permission to list all the monitor resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListMonitors.html" + }, + "ListPredictorBacktestExportJobs": { + "privilege": "ListPredictorBacktestExportJobs", + "description": "Grants permission to list all the predictor backtest export jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListPredictorBacktestExportJobs.html" + }, + "ListPredictors": { + "privilege": "ListPredictors", + "description": "Grants permission to list all the predictors", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListPredictors.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for an Amazon Forecast resource", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetGroup": { + "resource_type": "datasetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "explainability": { + "resource_type": "explainability", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "explainabilityExport": { + "resource_type": "explainabilityExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "forecast": { + "resource_type": "forecast", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "forecastExport": { + "resource_type": "forecastExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "monitor": { + "resource_type": "monitor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "predictor": { + "resource_type": "predictor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "predictorBacktestExportJob": { + "resource_type": "predictorBacktestExportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecastExport": { + "resource_type": "whatIfForecastExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "datasetgroup": "datasetGroup", + "datasetimportjob": "datasetImportJob", + "endpoint": "endpoint", + "explainability": "explainability", + "explainabilityexport": "explainabilityExport", + "forecast": "forecast", + "forecastexport": "forecastExport", + "monitor": "monitor", + "predictor": "predictor", + "predictorbacktestexportjob": "predictorBacktestExportJob", + "whatifanalysis": "whatIfAnalysis", + "whatifforecast": "whatIfForecast", + "whatifforecastexport": "whatIfForecastExport" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListTagsForResource.html" + }, + "ListWhatIfAnalyses": { + "privilege": "ListWhatIfAnalyses", + "description": "Grants permission to list all the what-if analyses", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListWhatIfAnalyses.html" + }, + "ListWhatIfForecastExports": { + "privilege": "ListWhatIfForecastExports", + "description": "Grants permission to list all the what-if forecast exports", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListWhatIfForecastExports.html" + }, + "ListWhatIfForecasts": { + "privilege": "ListWhatIfForecasts", + "description": "Grants permission to list all the what-if forecasts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ListWhatIfForecasts.html" + }, + "QueryForecast": { + "privilege": "QueryForecast", + "description": "Grants permission to retrieve a forecast for a single item", + "access_level": "Read", + "resource_types": { + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "forecast": "forecast" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_forecastquery_QueryForecast.html" + }, + "QueryWhatIfForecast": { + "privilege": "QueryWhatIfForecast", + "description": "Grants permission to retrieve a what-if forecast for a single item", + "access_level": "Read", + "resource_types": { + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "whatifforecast": "whatIfForecast" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_forecastquery_QueryWhatIfForecast.html" + }, + "ResumeResource": { + "privilege": "ResumeResource", + "description": "Grants permission to resume Amazon Forecast resource jobs", + "access_level": "Write", + "resource_types": { + "monitor": { + "resource_type": "monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitor": "monitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_ResumeResource.html" + }, + "StopResource": { + "privilege": "StopResource", + "description": "Grants permission to stop Amazon Forecast resource jobs", + "access_level": "Write", + "resource_types": { + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "explainability": { + "resource_type": "explainability", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "explainabilityExport": { + "resource_type": "explainabilityExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "forecast": { + "resource_type": "forecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "forecastExport": { + "resource_type": "forecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "monitor": { + "resource_type": "monitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "predictor": { + "resource_type": "predictor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "predictorBacktestExportJob": { + "resource_type": "predictorBacktestExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecastExport": { + "resource_type": "whatIfForecastExport", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetimportjob": "datasetImportJob", + "endpoint": "endpoint", + "explainability": "explainability", + "explainabilityexport": "explainabilityExport", + "forecast": "forecast", + "forecastexport": "forecastExport", + "monitor": "monitor", + "predictor": "predictor", + "predictorbacktestexportjob": "predictorBacktestExportJob", + "whatifanalysis": "whatIfAnalysis", + "whatifforecast": "whatIfForecast", + "whatifforecastexport": "whatIfForecastExport", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_StopResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate the specified tags to a resource", + "access_level": "Tagging", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetGroup": { + "resource_type": "datasetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "explainability": { + "resource_type": "explainability", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "explainabilityExport": { + "resource_type": "explainabilityExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "forecast": { + "resource_type": "forecast", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "forecastExport": { + "resource_type": "forecastExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "monitor": { + "resource_type": "monitor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "predictor": { + "resource_type": "predictor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "predictorBacktestExportJob": { + "resource_type": "predictorBacktestExportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecastExport": { + "resource_type": "whatIfForecastExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "datasetgroup": "datasetGroup", + "datasetimportjob": "datasetImportJob", + "endpoint": "endpoint", + "explainability": "explainability", + "explainabilityexport": "explainabilityExport", + "forecast": "forecast", + "forecastexport": "forecastExport", + "monitor": "monitor", + "predictor": "predictor", + "predictorbacktestexportjob": "predictorBacktestExportJob", + "whatifanalysis": "whatIfAnalysis", + "whatifforecast": "whatIfForecast", + "whatifforecastexport": "whatIfForecastExport", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to delete the specified tags for a resource", + "access_level": "Tagging", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetGroup": { + "resource_type": "datasetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "explainability": { + "resource_type": "explainability", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "explainabilityExport": { + "resource_type": "explainabilityExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "forecast": { + "resource_type": "forecast", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "forecastExport": { + "resource_type": "forecastExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "monitor": { + "resource_type": "monitor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "predictor": { + "resource_type": "predictor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "predictorBacktestExportJob": { + "resource_type": "predictorBacktestExportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfAnalysis": { + "resource_type": "whatIfAnalysis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecast": { + "resource_type": "whatIfForecast", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "whatIfForecastExport": { + "resource_type": "whatIfForecastExport", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "datasetgroup": "datasetGroup", + "datasetimportjob": "datasetImportJob", + "endpoint": "endpoint", + "explainability": "explainability", + "explainabilityexport": "explainabilityExport", + "forecast": "forecast", + "forecastexport": "forecastExport", + "monitor": "monitor", + "predictor": "predictor", + "predictorbacktestexportjob": "predictorBacktestExportJob", + "whatifanalysis": "whatIfAnalysis", + "whatifforecast": "whatIfForecast", + "whatifforecastexport": "whatIfForecastExport", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_UntagResource.html" + }, + "UpdateDatasetGroup": { + "privilege": "UpdateDatasetGroup", + "description": "Grants permission to update a dataset group", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "datasetgroup": "datasetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/forecast/latest/dg/API_UpdateDatasetGroup.html" + } + }, + "privileges_lower_name": { + "createautopredictor": "CreateAutoPredictor", + "createdataset": "CreateDataset", + "createdatasetgroup": "CreateDatasetGroup", + "createdatasetimportjob": "CreateDatasetImportJob", + "createexplainability": "CreateExplainability", + "createexplainabilityexport": "CreateExplainabilityExport", + "createforecast": "CreateForecast", + "createforecastendpoint": "CreateForecastEndpoint", + "createforecastexportjob": "CreateForecastExportJob", + "createmonitor": "CreateMonitor", + "createpredictor": "CreatePredictor", + "createpredictorbacktestexportjob": "CreatePredictorBacktestExportJob", + "createwhatifanalysis": "CreateWhatIfAnalysis", + "createwhatifforecast": "CreateWhatIfForecast", + "createwhatifforecastexport": "CreateWhatIfForecastExport", + "deletedataset": "DeleteDataset", + "deletedatasetgroup": "DeleteDatasetGroup", + "deletedatasetimportjob": "DeleteDatasetImportJob", + "deleteexplainability": "DeleteExplainability", + "deleteexplainabilityexport": "DeleteExplainabilityExport", + "deleteforecast": "DeleteForecast", + "deleteforecastendpoint": "DeleteForecastEndpoint", + "deleteforecastexportjob": "DeleteForecastExportJob", + "deletemonitor": "DeleteMonitor", + "deletepredictor": "DeletePredictor", + "deletepredictorbacktestexportjob": "DeletePredictorBacktestExportJob", + "deleteresourcetree": "DeleteResourceTree", + "deletewhatifanalysis": "DeleteWhatIfAnalysis", + "deletewhatifforecast": "DeleteWhatIfForecast", + "deletewhatifforecastexport": "DeleteWhatIfForecastExport", + "describeautopredictor": "DescribeAutoPredictor", + "describedataset": "DescribeDataset", + "describedatasetgroup": "DescribeDatasetGroup", + "describedatasetimportjob": "DescribeDatasetImportJob", + "describeexplainability": "DescribeExplainability", + "describeexplainabilityexport": "DescribeExplainabilityExport", + "describeforecast": "DescribeForecast", + "describeforecastendpoint": "DescribeForecastEndpoint", + "describeforecastexportjob": "DescribeForecastExportJob", + "describemonitor": "DescribeMonitor", + "describepredictor": "DescribePredictor", + "describepredictorbacktestexportjob": "DescribePredictorBacktestExportJob", + "describewhatifanalysis": "DescribeWhatIfAnalysis", + "describewhatifforecast": "DescribeWhatIfForecast", + "describewhatifforecastexport": "DescribeWhatIfForecastExport", + "getaccuracymetrics": "GetAccuracyMetrics", + "getrecentforecastcontext": "GetRecentForecastContext", + "invokeforecastendpoint": "InvokeForecastEndpoint", + "listdatasetgroups": "ListDatasetGroups", + "listdatasetimportjobs": "ListDatasetImportJobs", + "listdatasets": "ListDatasets", + "listexplainabilities": "ListExplainabilities", + "listexplainabilityexports": "ListExplainabilityExports", + "listforecastexportjobs": "ListForecastExportJobs", + "listforecasts": "ListForecasts", + "listmonitorevaluations": "ListMonitorEvaluations", + "listmonitors": "ListMonitors", + "listpredictorbacktestexportjobs": "ListPredictorBacktestExportJobs", + "listpredictors": "ListPredictors", + "listtagsforresource": "ListTagsForResource", + "listwhatifanalyses": "ListWhatIfAnalyses", + "listwhatifforecastexports": "ListWhatIfForecastExports", + "listwhatifforecasts": "ListWhatIfForecasts", + "queryforecast": "QueryForecast", + "querywhatifforecast": "QueryWhatIfForecast", + "resumeresource": "ResumeResource", + "stopresource": "StopResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedatasetgroup": "UpdateDatasetGroup" + }, + "resources": { + "dataset": { + "resource": "dataset", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:dataset/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "datasetGroup": { + "resource": "datasetGroup", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:dataset-group/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "datasetImportJob": { + "resource": "datasetImportJob", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:dataset-import-job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "algorithm": { + "resource": "algorithm", + "arn": "arn:${Partition}:forecast:::algorithm/${ResourceId}", + "condition_keys": [] + }, + "predictor": { + "resource": "predictor", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:predictor/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "predictorBacktestExportJob": { + "resource": "predictorBacktestExportJob", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:predictor-backtest-export-job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "forecast": { + "resource": "forecast", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:forecast/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "forecastExport": { + "resource": "forecastExport", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:forecast-export-job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "explainability": { + "resource": "explainability", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:explainability/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "explainabilityExport": { + "resource": "explainabilityExport", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:explainability-export/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "monitor": { + "resource": "monitor", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:monitor/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "whatIfAnalysis": { + "resource": "whatIfAnalysis", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:what-if-analysis/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "whatIfForecast": { + "resource": "whatIfForecast", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:what-if-forecast/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "whatIfForecastExport": { + "resource": "whatIfForecastExport", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:what-if-forecast-export/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "endpoint": { + "resource": "endpoint", + "arn": "arn:${Partition}:forecast:${Region}:${Account}:forecast-endpoint/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "dataset": "dataset", + "datasetgroup": "datasetGroup", + "datasetimportjob": "datasetImportJob", + "algorithm": "algorithm", + "predictor": "predictor", + "predictorbacktestexportjob": "predictorBacktestExportJob", + "forecast": "forecast", + "forecastexport": "forecastExport", + "explainability": "explainability", + "explainabilityexport": "explainabilityExport", + "monitor": "monitor", + "whatifanalysis": "whatIfAnalysis", + "whatifforecast": "whatIfForecast", + "whatifforecastexport": "whatIfForecastExport", + "endpoint": "endpoint" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "frauddetector": { + "service_name": "Amazon Fraud Detector", + "prefix": "frauddetector", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfrauddetector.html", + "privileges": { + "BatchCreateVariable": { + "privilege": "BatchCreateVariable", + "description": "Grants permission to create a batch of variables", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_BatchCreateVariable.html" + }, + "BatchGetVariable": { + "privilege": "BatchGetVariable", + "description": "Grants permission to get a batch of variables", + "access_level": "List", + "resource_types": { + "variable": { + "resource_type": "variable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variable": "variable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_BatchGetVariable.html" + }, + "CancelBatchImportJob": { + "privilege": "CancelBatchImportJob", + "description": "Grants permission to cancel the specified batch import job", + "access_level": "Write", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CancelBatchImportJob.html" + }, + "CancelBatchPredictionJob": { + "privilege": "CancelBatchPredictionJob", + "description": "Grants permission to cancel the specified batch prediction job", + "access_level": "Write", + "resource_types": { + "batch-prediction": { + "resource_type": "batch-prediction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-prediction": "batch-prediction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CancelBatchPredictionJob.html" + }, + "CreateBatchImportJob": { + "privilege": "CreateBatchImportJob", + "description": "Grants permission to create a batch import job", + "access_level": "Write", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import", + "event-type": "event-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateBatchImportJob.html" + }, + "CreateBatchPredictionJob": { + "privilege": "CreateBatchPredictionJob", + "description": "Grants permission to create a batch prediction job", + "access_level": "Write", + "resource_types": { + "batch-prediction": { + "resource_type": "batch-prediction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "detector-version": { + "resource_type": "detector-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-prediction": "batch-prediction", + "detector": "detector", + "detector-version": "detector-version", + "event-type": "event-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateBatchPredictionJob.html" + }, + "CreateDetectorVersion": { + "privilege": "CreateDetectorVersion", + "description": "Grants permission to create a detector version. The detector version starts in a DRAFT status", + "access_level": "Write", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "external-model": { + "resource_type": "external-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model-version": { + "resource_type": "model-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "external-model": "external-model", + "model-version": "model-version", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateDetectorVersion.html" + }, + "CreateList": { + "privilege": "CreateList", + "description": "Grants permission to create a list", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateList.html" + }, + "CreateModel": { + "privilege": "CreateModel", + "description": "Grants permission to create a model using the specified model type", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateModel.html" + }, + "CreateModelVersion": { + "privilege": "CreateModelVersion", + "description": "Grants permission to create a version of the model using the specified model type and model id", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateModelVersion.html" + }, + "CreateRule": { + "privilege": "CreateRule", + "description": "Grants permission to create a rule for use with the specified detector", + "access_level": "Write", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateRule.html" + }, + "CreateVariable": { + "privilege": "CreateVariable", + "description": "Grants permission to create a variable", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_CreateVariable.html" + }, + "DeleteBatchImportJob": { + "privilege": "DeleteBatchImportJob", + "description": "Grants permission to delete a batch import job", + "access_level": "Write", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteBatchImportJob.html" + }, + "DeleteBatchPredictionJob": { + "privilege": "DeleteBatchPredictionJob", + "description": "Grants permission to delete a batch prediction job", + "access_level": "Write", + "resource_types": { + "batch-prediction": { + "resource_type": "batch-prediction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-prediction": "batch-prediction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteBatchPredictionJob.html" + }, + "DeleteDetector": { + "privilege": "DeleteDetector", + "description": "Grants permission to delete the detector. Before deleting a detector, you must first delete all detector versions and rule versions associated with the detector", + "access_level": "Write", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteDetector.html" + }, + "DeleteDetectorVersion": { + "privilege": "DeleteDetectorVersion", + "description": "Grants permission to delete the detector version. You cannot delete detector versions that are in ACTIVE status", + "access_level": "Write", + "resource_types": { + "detector-version": { + "resource_type": "detector-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector-version": "detector-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteDetectorVersion.html" + }, + "DeleteEntityType": { + "privilege": "DeleteEntityType", + "description": "Grants permission to delete an entity type. You cannot delete an entity type that is included in an event type", + "access_level": "Write", + "resource_types": { + "entity-type": { + "resource_type": "entity-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-type": "entity-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEntityType.html" + }, + "DeleteEvent": { + "privilege": "DeleteEvent", + "description": "Grants permission to deletes the specified event", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEvent.html" + }, + "DeleteEventType": { + "privilege": "DeleteEventType", + "description": "Grants permission to delete an event type. You cannot delete an event type that is used in a detector or a model", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEventType.html" + }, + "DeleteEventsByEventType": { + "privilege": "DeleteEventsByEventType", + "description": "Grants permission to delete events for the specified event type", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteEventsByEventType.html" + }, + "DeleteExternalModel": { + "privilege": "DeleteExternalModel", + "description": "Grants permission to remove a SageMaker model from Amazon Fraud Detector. You can remove an Amazon SageMaker model if it is not associated with a detector version", + "access_level": "Write", + "resource_types": { + "external-model": { + "resource_type": "external-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "external-model": "external-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteExternalModel.html" + }, + "DeleteLabel": { + "privilege": "DeleteLabel", + "description": "Grants permission to delete a label. You cannot delete labels that are included in an event type in Amazon Fraud Detector. You cannot delete a label assigned to an event ID. You must first delete the relevant event ID", + "access_level": "Write", + "resource_types": { + "label": { + "resource_type": "label", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label": "label" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteLabel.html" + }, + "DeleteList": { + "privilege": "DeleteList", + "description": "Grants permission to delete a list", + "access_level": "Write", + "resource_types": { + "list": { + "resource_type": "list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "list": "list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteList.html" + }, + "DeleteModel": { + "privilege": "DeleteModel", + "description": "Grants permission to delete a model. You can delete models and model versions in Amazon Fraud Detector, provided that they are not associated with a detector version", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteModel.html" + }, + "DeleteModelVersion": { + "privilege": "DeleteModelVersion", + "description": "Grants permission to delete a model version. You can delete models and model versions in Amazon Fraud Detector, provided that they are not associated with a detector version", + "access_level": "Write", + "resource_types": { + "model-version": { + "resource_type": "model-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-version": "model-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteModelVersion.html" + }, + "DeleteOutcome": { + "privilege": "DeleteOutcome", + "description": "Grants permission to delete an outcome. You cannot delete an outcome that is used in a rule version", + "access_level": "Write", + "resource_types": { + "outcome": { + "resource_type": "outcome", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outcome": "outcome" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteOutcome.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete the rule. You cannot delete a rule if it is used by an ACTIVE or INACTIVE detector version", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteRule.html" + }, + "DeleteVariable": { + "privilege": "DeleteVariable", + "description": "Grants permission to delete a variable. You cannot delete variables that are included in an event type in Amazon Fraud Detector", + "access_level": "Write", + "resource_types": { + "variable": { + "resource_type": "variable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variable": "variable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DeleteVariable.html" + }, + "DescribeDetector": { + "privilege": "DescribeDetector", + "description": "Grants permission to get all versions for a specified detector", + "access_level": "Read", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DescribeDetector.html" + }, + "DescribeModelVersions": { + "privilege": "DescribeModelVersions", + "description": "Grants permission to get all of the model versions for the specified model type or for the specified model type and model ID. You can also get details for a single, specified model version", + "access_level": "Read", + "resource_types": { + "model-version": { + "resource_type": "model-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-version": "model-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_DescribeModelVersions.html" + }, + "GetBatchImportJobValidationReport": { + "privilege": "GetBatchImportJobValidationReport", + "description": "Grants permission to get the data validation report of a specific batch import job", + "access_level": "Read", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/ug/prepare-storage-event-data.html#smart-data-validation" + }, + "GetBatchImportJobs": { + "privilege": "GetBatchImportJobs", + "description": "Grants permission to get all batch import jobs or a specific job if you specify a job ID", + "access_level": "List", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetBatchImportJobs.html" + }, + "GetBatchPredictionJobs": { + "privilege": "GetBatchPredictionJobs", + "description": "Grants permission to get all batch prediction jobs or a specific job if you specify a job ID. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 50 records per page. If you provide a maxResults, the value must be between 1 and 50. To get the next page results, provide the pagination token from the GetBatchPredictionJobsResponse as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "batch-prediction": { + "resource_type": "batch-prediction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-prediction": "batch-prediction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetBatchPredictionJobs.html" + }, + "GetDeleteEventsByEventTypeStatus": { + "privilege": "GetDeleteEventsByEventTypeStatus", + "description": "Grants permission to get a specific event type DeleteEventsByEventType API execution status", + "access_level": "Read", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetDeleteEventsByEventTypeStatus.html" + }, + "GetDetectorVersion": { + "privilege": "GetDetectorVersion", + "description": "Grants permission to get a particular detector version", + "access_level": "Read", + "resource_types": { + "detector-version": { + "resource_type": "detector-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector-version": "detector-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetDetectorVersion.html" + }, + "GetDetectors": { + "privilege": "GetDetectors", + "description": "Grants permission to get all detectors or a single detector if a detectorId is specified. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetDetectorsResponse as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetDetectors.html" + }, + "GetEntityTypes": { + "privilege": "GetEntityTypes", + "description": "Grants permission to get all entity types or a specific entity type if a name is specified. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetEntityTypesResponse as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "entity-type": { + "resource_type": "entity-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-type": "entity-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEntityTypes.html" + }, + "GetEvent": { + "privilege": "GetEvent", + "description": "Grants permission to get the details of the specified event", + "access_level": "Read", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEvent.html" + }, + "GetEventPrediction": { + "privilege": "GetEventPrediction", + "description": "Grants permission to evaluate an event against a detector version. If a version ID is not provided, the detector\u2019s (ACTIVE) version is used", + "access_level": "Read", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "detector-version": { + "resource_type": "detector-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "detector-version": "detector-version", + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEventPrediction.html" + }, + "GetEventPredictionMetadata": { + "privilege": "GetEventPredictionMetadata", + "description": "Grants permission to get more details of a particular prediction", + "access_level": "Read", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "detector-version": { + "resource_type": "detector-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "detector-version": "detector-version", + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEventPredictionMetadata.html" + }, + "GetEventTypes": { + "privilege": "GetEventTypes", + "description": "Grants permission to get all event types or a specific event type if name is provided. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetEventTypesResponse as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetEventTypes.html" + }, + "GetExternalModels": { + "privilege": "GetExternalModels", + "description": "Grants permission to get the details for one or more Amazon SageMaker models that have been imported into the service. This is a paginated API. If you provide a null maxResults, this actions retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetExternalModelsResult as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "external-model": { + "resource_type": "external-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "external-model": "external-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetExternalModels.html" + }, + "GetKMSEncryptionKey": { + "privilege": "GetKMSEncryptionKey", + "description": "Grants permission to get the encryption key if a Key Management Service (KMS) customer master key (CMK) has been specified to be used to encrypt content in Amazon Fraud Detector", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetKMSEncryptionKey.html" + }, + "GetLabels": { + "privilege": "GetLabels", + "description": "Grants permission to get all labels or a specific label if name is provided. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 50 records per page. If you provide a maxResults, the value must be between 10 and 50. To get the next page results, provide the pagination token from the GetGetLabelsResponse as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "label": { + "resource_type": "label", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label": "label" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetLabels.html" + }, + "GetListElements": { + "privilege": "GetListElements", + "description": "Grants permission to get elements of a list", + "access_level": "Read", + "resource_types": { + "list": { + "resource_type": "list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "list": "list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetListElements.html" + }, + "GetListsMetadata": { + "privilege": "GetListsMetadata", + "description": "Grants permission to get metadata about lists", + "access_level": "List", + "resource_types": { + "list": { + "resource_type": "list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "list": "list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetListsMetadata.html" + }, + "GetModelVersion": { + "privilege": "GetModelVersion", + "description": "Grants permission to get the details of the specified model version", + "access_level": "Read", + "resource_types": { + "model-version": { + "resource_type": "model-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-version": "model-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetModelVersion.html" + }, + "GetModels": { + "privilege": "GetModels", + "description": "Grants permission to get one or more models. Gets all models for the AWS account if no model type and no model id provided. Gets all models for the AWS account and model type, if the model type is specified but model id is not provided. Gets a specific model if (model type, model id) tuple is specified", + "access_level": "List", + "resource_types": { + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetModels.html" + }, + "GetOutcomes": { + "privilege": "GetOutcomes", + "description": "Grants permission to get one or more outcomes. This is a paginated API. If you provide a null maxResults, this actions retrieves a maximum of 100 records per page. If you provide a maxResults, the value must be between 50 and 100. To get the next page results, provide the pagination token from the GetOutcomesResult as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "outcome": { + "resource_type": "outcome", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outcome": "outcome" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetOutcomes.html" + }, + "GetRules": { + "privilege": "GetRules", + "description": "Grants permission to get all rules for a detector (paginated) if ruleId and ruleVersion are not specified. Gets all rules for the detector and the ruleId if present (paginated). Gets a specific rule if both the ruleId and the ruleVersion are specified", + "access_level": "List", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetRules.html" + }, + "GetVariables": { + "privilege": "GetVariables", + "description": "Grants permission to get all of the variables or the specific variable. This is a paginated API. Providing null maxSizePerPage results in retrieving maximum of 100 records per page. If you provide maxSizePerPage the value must be between 50 and 100. To get the next page result, a provide a pagination token from GetVariablesResult as part of your request. Null pagination token fetches the records from the beginning", + "access_level": "List", + "resource_types": { + "variable": { + "resource_type": "variable", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variable": "variable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_GetVariables.html" + }, + "ListEventPredictions": { + "privilege": "ListEventPredictions", + "description": "Grants permission to get a list of past predictions", + "access_level": "List", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detector-version": { + "resource_type": "detector-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "detector-version": "detector-version", + "event-type": "event-type" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_ListEventPredictions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags associated with the resource. This is a paginated API. To get the next page results, provide the pagination token from the response as part of your request. A null pagination token fetches the records from the beginning", + "access_level": "Read", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "batch-prediction": { + "resource_type": "batch-prediction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detector-version": { + "resource_type": "detector-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-type": { + "resource_type": "entity-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "external-model": { + "resource_type": "external-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "label": { + "resource_type": "label", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "list": { + "resource_type": "list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model-version": { + "resource_type": "model-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "outcome": { + "resource_type": "outcome", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "variable": { + "resource_type": "variable", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import", + "batch-prediction": "batch-prediction", + "detector": "detector", + "detector-version": "detector-version", + "entity-type": "entity-type", + "event-type": "event-type", + "external-model": "external-model", + "label": "label", + "list": "list", + "model": "model", + "model-version": "model-version", + "outcome": "outcome", + "rule": "rule", + "variable": "variable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_ListTagsForResource.html" + }, + "PutDetector": { + "privilege": "PutDetector", + "description": "Grants permission to create or update a detector", + "access_level": "Write", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "event-type": "event-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutDetector.html" + }, + "PutEntityType": { + "privilege": "PutEntityType", + "description": "Grants permission to create or update an entity type. An entity represents who is performing the event. As part of a fraud prediction, you pass the entity ID to indicate the specific entity who performed the event. An entity type classifies the entity. Example classifications include customer, merchant, or account", + "access_level": "Write", + "resource_types": { + "entity-type": { + "resource_type": "entity-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity-type": "entity-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutEntityType.html" + }, + "PutEventType": { + "privilege": "PutEventType", + "description": "Grants permission to create or update an event type. An event is a business activity that is evaluated for fraud risk. With Amazon Fraud Detector, you generate fraud predictions for events. An event type defines the structure for an event sent to Amazon Fraud Detector. This includes the variables sent as part of the event, the entity performing the event (such as a customer), and the labels that classify the event. Example event types include online payment transactions, account registrations, and authentications", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutEventType.html" + }, + "PutExternalModel": { + "privilege": "PutExternalModel", + "description": "Grants permission to create or update an Amazon SageMaker model endpoint. You can also use this action to update the configuration of the model endpoint, including the IAM role and/or the mapped variables", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "external-model": { + "resource_type": "external-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type", + "external-model": "external-model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutExternalModel.html" + }, + "PutKMSEncryptionKey": { + "privilege": "PutKMSEncryptionKey", + "description": "Grants permission to specify the Key Management Service (KMS) customer master key (CMK) to be used to encrypt content in Amazon Fraud Detector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutKMSEncryptionKey.html" + }, + "PutLabel": { + "privilege": "PutLabel", + "description": "Grants permission to create or update label. A label classifies an event as fraudulent or legitimate. Labels are associated with event types and used to train supervised machine learning models in Amazon Fraud Detector", + "access_level": "Write", + "resource_types": { + "label": { + "resource_type": "label", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label": "label", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutLabel.html" + }, + "PutOutcome": { + "privilege": "PutOutcome", + "description": "Grants permission to create or update an outcome", + "access_level": "Write", + "resource_types": { + "outcome": { + "resource_type": "outcome", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outcome": "outcome", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_PutOutcome.html" + }, + "SendEvent": { + "privilege": "SendEvent", + "description": "Grants permission to send event", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_SendEvent.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign tags to a resource", + "access_level": "Tagging", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "batch-prediction": { + "resource_type": "batch-prediction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detector-version": { + "resource_type": "detector-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-type": { + "resource_type": "entity-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "external-model": { + "resource_type": "external-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "label": { + "resource_type": "label", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "list": { + "resource_type": "list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model-version": { + "resource_type": "model-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "outcome": { + "resource_type": "outcome", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "variable": { + "resource_type": "variable", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import", + "batch-prediction": "batch-prediction", + "detector": "detector", + "detector-version": "detector-version", + "entity-type": "entity-type", + "event-type": "event-type", + "external-model": "external-model", + "label": "label", + "list": "list", + "model": "model", + "model-version": "model-version", + "outcome": "outcome", + "rule": "rule", + "variable": "variable", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "batch-import": { + "resource_type": "batch-import", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "batch-prediction": { + "resource_type": "batch-prediction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detector-version": { + "resource_type": "detector-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity-type": { + "resource_type": "entity-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "event-type": { + "resource_type": "event-type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "external-model": { + "resource_type": "external-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "label": { + "resource_type": "label", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "list": { + "resource_type": "list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model-version": { + "resource_type": "model-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "outcome": { + "resource_type": "outcome", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "variable": { + "resource_type": "variable", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batch-import": "batch-import", + "batch-prediction": "batch-prediction", + "detector": "detector", + "detector-version": "detector-version", + "entity-type": "entity-type", + "event-type": "event-type", + "external-model": "external-model", + "label": "label", + "list": "list", + "model": "model", + "model-version": "model-version", + "outcome": "outcome", + "rule": "rule", + "variable": "variable", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UntagResource.html" + }, + "UpdateDetectorVersion": { + "privilege": "UpdateDetectorVersion", + "description": "Grants permission to update a detector version. The detector version attributes that you can update include models, external model endpoints, rules, rule execution mode, and description. You can only update a DRAFT detector version", + "access_level": "Write", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "external-model": { + "resource_type": "external-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model-version": { + "resource_type": "model-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "external-model": "external-model", + "model-version": "model-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateDetectorVersion.html" + }, + "UpdateDetectorVersionMetadata": { + "privilege": "UpdateDetectorVersionMetadata", + "description": "Grants permission to update the detector version's description. You can update the metadata for any detector version (DRAFT, ACTIVE, or INACTIVE)", + "access_level": "Write", + "resource_types": { + "detector-version": { + "resource_type": "detector-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector-version": "detector-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateDetectorVersionMetadata.html" + }, + "UpdateDetectorVersionStatus": { + "privilege": "UpdateDetectorVersionStatus", + "description": "Grants permission to update the detector version\u2019s status. You can perform the following promotions or demotions using UpdateDetectorVersionStatus: DRAFT to ACTIVE, ACTIVE to INACTIVE, and INACTIVE to ACTIVE", + "access_level": "Write", + "resource_types": { + "detector-version": { + "resource_type": "detector-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector-version": "detector-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateDetectorVersionStatus.html" + }, + "UpdateEventLabel": { + "privilege": "UpdateEventLabel", + "description": "Grants permission to update an existing event record's label value", + "access_level": "Write", + "resource_types": { + "event-type": { + "resource_type": "event-type", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-type": "event-type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateEventLabel.html" + }, + "UpdateList": { + "privilege": "UpdateList", + "description": "Grants permission to update a list", + "access_level": "Write", + "resource_types": { + "list": { + "resource_type": "list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "list": "list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateList.html" + }, + "UpdateModel": { + "privilege": "UpdateModel", + "description": "Grants permission to update a model. You can update the description attribute using this action", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateModel.html" + }, + "UpdateModelVersion": { + "privilege": "UpdateModelVersion", + "description": "Grants permission to update a model version. Updating a model version retrains an existing model version using updated training data and produces a new minor version of the model. You can update the training data set location and data access role attributes using this action. This action creates and trains a new minor version of the model, for example version 1.01, 1.02, 1.03", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateModelVersion.html" + }, + "UpdateModelVersionStatus": { + "privilege": "UpdateModelVersionStatus", + "description": "Grants permission to update the status of a model version", + "access_level": "Write", + "resource_types": { + "model-version": { + "resource_type": "model-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-version": "model-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateModelVersionStatus.html" + }, + "UpdateRuleMetadata": { + "privilege": "UpdateRuleMetadata", + "description": "Grants permission to update a rule's metadata. The description attribute can be updated", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateRuleMetadata.html" + }, + "UpdateRuleVersion": { + "privilege": "UpdateRuleVersion", + "description": "Grants permission to update a rule version resulting in a new rule version. Updates a rule version resulting in a new rule version (version 1, 2, 3 ...)", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateRuleVersion.html" + }, + "UpdateVariable": { + "privilege": "UpdateVariable", + "description": "Grants permission to update a variable", + "access_level": "Write", + "resource_types": { + "variable": { + "resource_type": "variable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variable": "variable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/frauddetector/latest/api/API_UpdateVariable.html" + } + }, + "privileges_lower_name": { + "batchcreatevariable": "BatchCreateVariable", + "batchgetvariable": "BatchGetVariable", + "cancelbatchimportjob": "CancelBatchImportJob", + "cancelbatchpredictionjob": "CancelBatchPredictionJob", + "createbatchimportjob": "CreateBatchImportJob", + "createbatchpredictionjob": "CreateBatchPredictionJob", + "createdetectorversion": "CreateDetectorVersion", + "createlist": "CreateList", + "createmodel": "CreateModel", + "createmodelversion": "CreateModelVersion", + "createrule": "CreateRule", + "createvariable": "CreateVariable", + "deletebatchimportjob": "DeleteBatchImportJob", + "deletebatchpredictionjob": "DeleteBatchPredictionJob", + "deletedetector": "DeleteDetector", + "deletedetectorversion": "DeleteDetectorVersion", + "deleteentitytype": "DeleteEntityType", + "deleteevent": "DeleteEvent", + "deleteeventtype": "DeleteEventType", + "deleteeventsbyeventtype": "DeleteEventsByEventType", + "deleteexternalmodel": "DeleteExternalModel", + "deletelabel": "DeleteLabel", + "deletelist": "DeleteList", + "deletemodel": "DeleteModel", + "deletemodelversion": "DeleteModelVersion", + "deleteoutcome": "DeleteOutcome", + "deleterule": "DeleteRule", + "deletevariable": "DeleteVariable", + "describedetector": "DescribeDetector", + "describemodelversions": "DescribeModelVersions", + "getbatchimportjobvalidationreport": "GetBatchImportJobValidationReport", + "getbatchimportjobs": "GetBatchImportJobs", + "getbatchpredictionjobs": "GetBatchPredictionJobs", + "getdeleteeventsbyeventtypestatus": "GetDeleteEventsByEventTypeStatus", + "getdetectorversion": "GetDetectorVersion", + "getdetectors": "GetDetectors", + "getentitytypes": "GetEntityTypes", + "getevent": "GetEvent", + "geteventprediction": "GetEventPrediction", + "geteventpredictionmetadata": "GetEventPredictionMetadata", + "geteventtypes": "GetEventTypes", + "getexternalmodels": "GetExternalModels", + "getkmsencryptionkey": "GetKMSEncryptionKey", + "getlabels": "GetLabels", + "getlistelements": "GetListElements", + "getlistsmetadata": "GetListsMetadata", + "getmodelversion": "GetModelVersion", + "getmodels": "GetModels", + "getoutcomes": "GetOutcomes", + "getrules": "GetRules", + "getvariables": "GetVariables", + "listeventpredictions": "ListEventPredictions", + "listtagsforresource": "ListTagsForResource", + "putdetector": "PutDetector", + "putentitytype": "PutEntityType", + "puteventtype": "PutEventType", + "putexternalmodel": "PutExternalModel", + "putkmsencryptionkey": "PutKMSEncryptionKey", + "putlabel": "PutLabel", + "putoutcome": "PutOutcome", + "sendevent": "SendEvent", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedetectorversion": "UpdateDetectorVersion", + "updatedetectorversionmetadata": "UpdateDetectorVersionMetadata", + "updatedetectorversionstatus": "UpdateDetectorVersionStatus", + "updateeventlabel": "UpdateEventLabel", + "updatelist": "UpdateList", + "updatemodel": "UpdateModel", + "updatemodelversion": "UpdateModelVersion", + "updatemodelversionstatus": "UpdateModelVersionStatus", + "updaterulemetadata": "UpdateRuleMetadata", + "updateruleversion": "UpdateRuleVersion", + "updatevariable": "UpdateVariable" + }, + "resources": { + "batch-prediction": { + "resource": "batch-prediction", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:batch-prediction/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "detector": { + "resource": "detector", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:detector/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "detector-version": { + "resource": "detector-version", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:detector-version/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "entity-type": { + "resource": "entity-type", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:entity-type/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "external-model": { + "resource": "external-model", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:external-model/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "event-type": { + "resource": "event-type", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:event-type/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "label": { + "resource": "label", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:label/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "model": { + "resource": "model", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:model/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "model-version": { + "resource": "model-version", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:model-version/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "outcome": { + "resource": "outcome", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:outcome/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "rule": { + "resource": "rule", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:rule/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "variable": { + "resource": "variable", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:variable/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "batch-import": { + "resource": "batch-import", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:batch-import/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "list": { + "resource": "list", + "arn": "arn:${Partition}:frauddetector:${Region}:${Account}:list/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "batch-prediction": "batch-prediction", + "detector": "detector", + "detector-version": "detector-version", + "entity-type": "entity-type", + "external-model": "external-model", + "event-type": "event-type", + "label": "label", + "model": "model", + "model-version": "model-version", + "outcome": "outcome", + "rule": "rule", + "variable": "variable", + "batch-import": "batch-import", + "list": "list" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "freertos": { + "service_name": "Amazon FreeRTOS", + "prefix": "freertos", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfreertos.html", + "privileges": { + "CreateSoftwareConfiguration": { + "privilege": "CreateSoftwareConfiguration", + "description": "Grants permission to create a software configuration", + "access_level": "Write", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "CreateSubscription": { + "privilege": "CreateSubscription", + "description": "Grants permission to create a subscription for FreeRTOS extended maintenance plan (EMP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "DeleteSoftwareConfiguration": { + "privilege": "DeleteSoftwareConfiguration", + "description": "Grants permission to delete the software configuration", + "access_level": "Write", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "DescribeHardwarePlatform": { + "privilege": "DescribeHardwarePlatform", + "description": "Grants permission to describe the hardware platform", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "DescribeSoftwareConfiguration": { + "privilege": "DescribeSoftwareConfiguration", + "description": "Grants permission to describe the software configuration", + "access_level": "Read", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "DescribeSubscription": { + "privilege": "DescribeSubscription", + "description": "Grants permission to describes the subscription for FreeRTOS extended maintenance plan (EMP)", + "access_level": "Read", + "resource_types": { + "subscription": { + "resource_type": "subscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscription": "subscription" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "GetEmpPatchUrl": { + "privilege": "GetEmpPatchUrl", + "description": "Grants permission to get URL for sotware patch-release, patch-diff and release notes under FreeRTOS extended maintenance plan (EMP)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "GetSoftwareURL": { + "privilege": "GetSoftwareURL", + "description": "Grants permission to get the URL for Amazon FreeRTOS software download", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "GetSoftwareURLForConfiguration": { + "privilege": "GetSoftwareURLForConfiguration", + "description": "Grants permission to get the URL for Amazon FreeRTOS software download based on the configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "GetSubscriptionBillingAmount": { + "privilege": "GetSubscriptionBillingAmount", + "description": "Grants permission to fetch the subscription billing amount for FreeRTOS extended maintenance plan (EMP)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "ListFreeRTOSVersions": { + "privilege": "ListFreeRTOSVersions", + "description": "Grants permission to lists versions of AmazonFreeRTOS", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "ListHardwarePlatforms": { + "privilege": "ListHardwarePlatforms", + "description": "Grants permission to list the hardware platforms", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "ListHardwareVendors": { + "privilege": "ListHardwareVendors", + "description": "Grants permission to list the hardware vendors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "ListSoftwareConfigurations": { + "privilege": "ListSoftwareConfigurations", + "description": "Grants permission to lists the software configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "ListSoftwarePatches": { + "privilege": "ListSoftwarePatches", + "description": "Grants permission to list software patches of subscription for FreeRTOS extended maintenance plan (EMP)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "ListSubscriptionEmails": { + "privilege": "ListSubscriptionEmails", + "description": "Grants permission to list the subscription emails for FreeRTOS extended maintenance plan (EMP)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "ListSubscriptions": { + "privilege": "ListSubscriptions", + "description": "Grants permission to list the subscriptions for FreeRTOS extended maintenance plan (EMP)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "UpdateEmailRecipients": { + "privilege": "UpdateEmailRecipients", + "description": "Grants permission to update list of subscription email address for FreeRTOS extended maintenance plan (EMP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + }, + "UpdateSoftwareConfiguration": { + "privilege": "UpdateSoftwareConfiguration", + "description": "Grants permission to update the software configuration", + "access_level": "Write", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ocw.html" + }, + "VerifyEmail": { + "privilege": "VerifyEmail", + "description": "Grants permission to verify the email for FreeRTOS extended maintenance plan (EMP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/freertos-getting-started-emp.html" + } + }, + "privileges_lower_name": { + "createsoftwareconfiguration": "CreateSoftwareConfiguration", + "createsubscription": "CreateSubscription", + "deletesoftwareconfiguration": "DeleteSoftwareConfiguration", + "describehardwareplatform": "DescribeHardwarePlatform", + "describesoftwareconfiguration": "DescribeSoftwareConfiguration", + "describesubscription": "DescribeSubscription", + "getemppatchurl": "GetEmpPatchUrl", + "getsoftwareurl": "GetSoftwareURL", + "getsoftwareurlforconfiguration": "GetSoftwareURLForConfiguration", + "getsubscriptionbillingamount": "GetSubscriptionBillingAmount", + "listfreertosversions": "ListFreeRTOSVersions", + "listhardwareplatforms": "ListHardwarePlatforms", + "listhardwarevendors": "ListHardwareVendors", + "listsoftwareconfigurations": "ListSoftwareConfigurations", + "listsoftwarepatches": "ListSoftwarePatches", + "listsubscriptionemails": "ListSubscriptionEmails", + "listsubscriptions": "ListSubscriptions", + "updateemailrecipients": "UpdateEmailRecipients", + "updatesoftwareconfiguration": "UpdateSoftwareConfiguration", + "verifyemail": "VerifyEmail" + }, + "resources": { + "configuration": { + "resource": "configuration", + "arn": "arn:${Partition}:freertos:${Region}:${Account}:configuration/${ConfigurationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "subscription": { + "resource": "subscription", + "arn": "arn:${Partition}:freertos:${Region}:${Account}:subscription/${SubscriptionID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "configuration": "configuration", + "subscription": "subscription" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "A tag key that is present in the request that the user makes to Amazon FreeRTOS", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "The tag key component of a tag attached to an Amazon FreeRTOS resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "The list of all the tag key names associated with the resource in the request", + "type": "ArrayOfString" + } + } + }, + "fsx": { + "service_name": "Amazon FSx", + "prefix": "fsx", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonfsx.html", + "privileges": { + "AssociateFileGateway": { + "privilege": "AssociateFileGateway", + "description": "Grants permission to associate a File Gateway instance with an Amazon FSx for Windows File Server file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/filegateway/latest/filefsxw/what-is-file-fsxw.html" + }, + "AssociateFileSystemAliases": { + "privilege": "AssociateFileSystemAliases", + "description": "Grants permission to associate DNS aliases with an Amazon FSx for Windows File Server file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_AssociateFileSystemAliases.html" + }, + "BypassSnaplockEnterpriseRetention": { + "privilege": "BypassSnaplockEnterpriseRetention", + "description": "Grants permission to allow deletion of an FSx for ONTAP SnapLock Enterprise volume that contains WORM (write once, read many) files with active retention periods", + "access_level": "Permissions management", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#bypass-enterprise" + }, + "CancelDataRepositoryTask": { + "privilege": "CancelDataRepositoryTask", + "description": "Grants permission to cancel a data repository task", + "access_level": "Write", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CancelDataRepositoryTask.html" + }, + "CopyBackup": { + "privilege": "CopyBackup", + "description": "Grants permission to copy a backup", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopyBackup.html" + }, + "CreateBackup": { + "privilege": "CreateBackup", + "description": "Grants permission to create a new backup of an Amazon FSx file system or an Amazon FSx volume", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "file-system": "file-system", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateBackup.html" + }, + "CreateDataRepositoryAssociation": { + "privilege": "CreateDataRepositoryAssociation", + "description": "Grants permission to create a new data respository association for an Amazon FSx for Lustre file system", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateDataRepositoryAssociation.html" + }, + "CreateDataRepositoryTask": { + "privilege": "CreateDataRepositoryTask", + "description": "Grants permission to create a new data respository task for an Amazon FSx for Lustre file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateDataRepositoryTask.html" + }, + "CreateFileCache": { + "privilege": "CreateFileCache", + "description": "Grants permission to create a new, empty, Amazon file cache", + "access_level": "Write", + "resource_types": { + "file-cache": { + "resource_type": "file-cache", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "fsx:CreateDataRepositoryAssociation", + "fsx:TagResource", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:PutLogEvents", + "s3:ListBucket" + ] + }, + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [ + "fsx:NfsDataRepositoryEncryptionInTransitEnabled", + "fsx:NfsDataRepositoryAuthenticationEnabled" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-cache": "file-cache", + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileCache.html" + }, + "CreateFileSystem": { + "privilege": "CreateFileSystem", + "description": "Grants permission to create a new, empty, Amazon FSx file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html" + }, + "CreateFileSystemFromBackup": { + "privilege": "CreateFileSystemFromBackup", + "description": "Grants permission to create a new Amazon FSx file system from an existing backup", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "file-system": "file-system", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to create a new snapshot on a volume", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateSnapshot.html" + }, + "CreateStorageVirtualMachine": { + "privilege": "CreateStorageVirtualMachine", + "description": "Grants permission to create a new storage virtual machine in an Amazon FSx for Ontap file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "storage-virtual-machine": { + "resource_type": "storage-virtual-machine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "storage-virtual-machine": "storage-virtual-machine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateStorageVirtualMachine.html" + }, + "CreateVolume": { + "privilege": "CreateVolume", + "description": "Grants permission to create a new volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "fsx:StorageVirtualMachineId", + "fsx:ParentVolumeId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateVolume.html" + }, + "CreateVolumeFromBackup": { + "privilege": "CreateVolumeFromBackup", + "description": "Grants permission to create a new volume from backup", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "storage-virtual-machine": { + "resource_type": "storage-virtual-machine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "fsx:StorageVirtualMachineId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "storage-virtual-machine": "storage-virtual-machine", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateVolumeFromBackup.html" + }, + "DeleteBackup": { + "privilege": "DeleteBackup", + "description": "Grants permission to delete a backup, deleting its contents. After deletion, the backup no longer exists, and its data is no longer available", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteBackup.html" + }, + "DeleteDataRepositoryAssociation": { + "privilege": "DeleteDataRepositoryAssociation", + "description": "Grants permission to delete a data repository association", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteDataRepositoryAssociation.html" + }, + "DeleteFileCache": { + "privilege": "DeleteFileCache", + "description": "Grants permission to delete a file cache, deleting its contents", + "access_level": "Write", + "resource_types": { + "file-cache": { + "resource_type": "file-cache", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:DeleteDataRepositoryAssociation" + ] + }, + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-cache": "file-cache", + "association": "association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteFileCache.html" + }, + "DeleteFileSystem": { + "privilege": "DeleteFileSystem", + "description": "Grants permission to delete a file system, deleting its contents and any existing automatic backups of the file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:CreateBackup", + "fsx:TagResource" + ] + }, + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system", + "backup": "backup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteFileSystem.html" + }, + "DeleteSnapshot": { + "privilege": "DeleteSnapshot", + "description": "Grants permission to delete a snapshot on a volume", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteSnapshot.html" + }, + "DeleteStorageVirtualMachine": { + "privilege": "DeleteStorageVirtualMachine", + "description": "Grants permission to delete a storage virtual machine, deleting its contents", + "access_level": "Write", + "resource_types": { + "storage-virtual-machine": { + "resource_type": "storage-virtual-machine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storage-virtual-machine": "storage-virtual-machine" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteStorageVirtualMachine.html" + }, + "DeleteVolume": { + "privilege": "DeleteVolume", + "description": "Grants permission to delete a volume, deleting its contents and any existing automatic backups of the volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "fsx:TagResource" + ] + }, + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "fsx:StorageVirtualMachineId", + "fsx:ParentVolumeId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "backup": "backup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DeleteVolume.html" + }, + "DescribeAssociatedFileGateways": { + "privilege": "DescribeAssociatedFileGateways", + "description": "Grants permission to describe the File Gateway instances associated with an Amazon FSx for Windows File Server file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/filegateway/latest/filefsxw/what-is-file-fsxw.html" + }, + "DescribeBackups": { + "privilege": "DescribeBackups", + "description": "Grants permission to return the descriptions of all backups owned by your AWS account in the AWS Region of the endpoint that you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeBackups.html" + }, + "DescribeDataRepositoryAssociations": { + "privilege": "DescribeDataRepositoryAssociations", + "description": "Grants permission to return the descriptions of all data repository associations owned by your AWS account in the AWS Region of the endpoint that you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeDataRepositoryAssociations.html" + }, + "DescribeDataRepositoryTasks": { + "privilege": "DescribeDataRepositoryTasks", + "description": "Grants permission to return the descriptions of all data repository tasks owned by your AWS account in the AWS Region of the endpoint that you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeDataRepositoryTasks.html" + }, + "DescribeFileCaches": { + "privilege": "DescribeFileCaches", + "description": "Grants permission to return the descriptions of all file caches owned by your AWS account in the AWS Region of the endpoint that you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileCaches.html" + }, + "DescribeFileSystemAliases": { + "privilege": "DescribeFileSystemAliases", + "description": "Grants permission to return the description of all DNS aliases owned by your Amazon FSx for Windows File Server file system", + "access_level": "Read", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileSystemAliases.html" + }, + "DescribeFileSystems": { + "privilege": "DescribeFileSystems", + "description": "Grants permission to return the descriptions of all file systems owned by your AWS account in the AWS Region of the endpoint that you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileSystems.html" + }, + "DescribeSnapshots": { + "privilege": "DescribeSnapshots", + "description": "Grants permission to return the descriptions of all snapshots owned by your AWS account in the AWS Region of the endpoint you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeSnapshots.html" + }, + "DescribeStorageVirtualMachines": { + "privilege": "DescribeStorageVirtualMachines", + "description": "Grants permission to return the descriptions of all storage virtual machines owned by your AWS account in the AWS Region of the endpoint that you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeStorageVirtualMachines.html" + }, + "DescribeVolumes": { + "privilege": "DescribeVolumes", + "description": "Grants permission to return the descriptions of all volumes owned by your AWS account in the AWS Region of the endpoint that you're calling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeVolumes.html" + }, + "DisassociateFileGateway": { + "privilege": "DisassociateFileGateway", + "description": "Grants permission to disassociate a File Gateway instance from an Amazon FSx for Windows File Server file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/filegateway/latest/filefsxw/what-is-file-fsxw.html" + }, + "DisassociateFileSystemAliases": { + "privilege": "DisassociateFileSystemAliases", + "description": "Grants permission to disassociate file system aliases with an Amazon FSx for Windows File Server file system", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_DisassociateFileSystemAliases.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an Amazon FSx resource", + "access_level": "Read", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-cache": { + "resource_type": "file-cache", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "storage-virtual-machine": { + "resource_type": "storage-virtual-machine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "backup": "backup", + "file-cache": "file-cache", + "file-system": "file-system", + "snapshot": "snapshot", + "storage-virtual-machine": "storage-virtual-machine", + "task": "task", + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_ListTagsForResource.html" + }, + "ManageBackupPrincipalAssociations": { + "privilege": "ManageBackupPrincipalAssociations", + "description": "Grants permission to manage backup principal associations through AWS Backup", + "access_level": "Permissions management", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopyBackup.html" + }, + "ReleaseFileSystemNfsV3Locks": { + "privilege": "ReleaseFileSystemNfsV3Locks", + "description": "Grants permission to release file system NFS V3 locks", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_ReleaseFileSystemNfsV3Locks.html" + }, + "RestoreVolumeFromSnapshot": { + "privilege": "RestoreVolumeFromSnapshot", + "description": "Grants permission to restore volume state from a snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_RestoreVolumeFromSnapshot.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon FSx resource", + "access_level": "Tagging", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-cache": { + "resource_type": "file-cache", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "storage-virtual-machine": { + "resource_type": "storage-virtual-machine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "backup": "backup", + "file-cache": "file-cache", + "file-system": "file-system", + "snapshot": "snapshot", + "storage-virtual-machine": "storage-virtual-machine", + "task": "task", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an Amazon FSx resource", + "access_level": "Tagging", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-cache": { + "resource_type": "file-cache", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "file-system": { + "resource_type": "file-system", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "storage-virtual-machine": { + "resource_type": "storage-virtual-machine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "backup": "backup", + "file-cache": "file-cache", + "file-system": "file-system", + "snapshot": "snapshot", + "storage-virtual-machine": "storage-virtual-machine", + "task": "task", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UntagResource.html" + }, + "UpdateDataRepositoryAssociation": { + "privilege": "UpdateDataRepositoryAssociation", + "description": "Grants permission to update data repository association configuration", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateDataRepositoryAssociation.html" + }, + "UpdateFileCache": { + "privilege": "UpdateFileCache", + "description": "Grants permission to update file cache configuration", + "access_level": "Write", + "resource_types": { + "file-cache": { + "resource_type": "file-cache", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-cache": "file-cache" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileCache.html" + }, + "UpdateFileSystem": { + "privilege": "UpdateFileSystem", + "description": "Grants permission to update file system configuration", + "access_level": "Write", + "resource_types": { + "file-system": { + "resource_type": "file-system", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "file-system": "file-system" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html" + }, + "UpdateSnapshot": { + "privilege": "UpdateSnapshot", + "description": "Grants permission to update snapshot configuration", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateSnapshot.html" + }, + "UpdateStorageVirtualMachine": { + "privilege": "UpdateStorageVirtualMachine", + "description": "Grants permission to update storage virtual machine configuration", + "access_level": "Write", + "resource_types": { + "storage-virtual-machine": { + "resource_type": "storage-virtual-machine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storage-virtual-machine": "storage-virtual-machine" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateStorageVirtualMachine.html" + }, + "UpdateVolume": { + "privilege": "UpdateVolume", + "description": "Grants permission to update volume configuration", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "fsx:StorageVirtualMachineId", + "fsx:ParentVolumeId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateVolume.html" + } + }, + "privileges_lower_name": { + "associatefilegateway": "AssociateFileGateway", + "associatefilesystemaliases": "AssociateFileSystemAliases", + "bypasssnaplockenterpriseretention": "BypassSnaplockEnterpriseRetention", + "canceldatarepositorytask": "CancelDataRepositoryTask", + "copybackup": "CopyBackup", + "createbackup": "CreateBackup", + "createdatarepositoryassociation": "CreateDataRepositoryAssociation", + "createdatarepositorytask": "CreateDataRepositoryTask", + "createfilecache": "CreateFileCache", + "createfilesystem": "CreateFileSystem", + "createfilesystemfrombackup": "CreateFileSystemFromBackup", + "createsnapshot": "CreateSnapshot", + "createstoragevirtualmachine": "CreateStorageVirtualMachine", + "createvolume": "CreateVolume", + "createvolumefrombackup": "CreateVolumeFromBackup", + "deletebackup": "DeleteBackup", + "deletedatarepositoryassociation": "DeleteDataRepositoryAssociation", + "deletefilecache": "DeleteFileCache", + "deletefilesystem": "DeleteFileSystem", + "deletesnapshot": "DeleteSnapshot", + "deletestoragevirtualmachine": "DeleteStorageVirtualMachine", + "deletevolume": "DeleteVolume", + "describeassociatedfilegateways": "DescribeAssociatedFileGateways", + "describebackups": "DescribeBackups", + "describedatarepositoryassociations": "DescribeDataRepositoryAssociations", + "describedatarepositorytasks": "DescribeDataRepositoryTasks", + "describefilecaches": "DescribeFileCaches", + "describefilesystemaliases": "DescribeFileSystemAliases", + "describefilesystems": "DescribeFileSystems", + "describesnapshots": "DescribeSnapshots", + "describestoragevirtualmachines": "DescribeStorageVirtualMachines", + "describevolumes": "DescribeVolumes", + "disassociatefilegateway": "DisassociateFileGateway", + "disassociatefilesystemaliases": "DisassociateFileSystemAliases", + "listtagsforresource": "ListTagsForResource", + "managebackupprincipalassociations": "ManageBackupPrincipalAssociations", + "releasefilesystemnfsv3locks": "ReleaseFileSystemNfsV3Locks", + "restorevolumefromsnapshot": "RestoreVolumeFromSnapshot", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedatarepositoryassociation": "UpdateDataRepositoryAssociation", + "updatefilecache": "UpdateFileCache", + "updatefilesystem": "UpdateFileSystem", + "updatesnapshot": "UpdateSnapshot", + "updatestoragevirtualmachine": "UpdateStorageVirtualMachine", + "updatevolume": "UpdateVolume" + }, + "resources": { + "file-system": { + "resource": "file-system", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:file-system/${FileSystemId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "file-cache": { + "resource": "file-cache", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:file-cache/${FileCacheId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "backup": { + "resource": "backup", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:backup/${BackupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "storage-virtual-machine": { + "resource": "storage-virtual-machine", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:storage-virtual-machine/${FileSystemId}/${StorageVirtualMachineId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "task": { + "resource": "task", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:task/${TaskId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "association": { + "resource": "association", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:association/${FileSystemIdOrFileCacheId}/${DataRepositoryAssociationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "volume": { + "resource": "volume", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:volume/${FileSystemId}/${VolumeId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:fsx:${Region}:${Account}:snapshot/${VolumeId}/${SnapshotId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "file-system": "file-system", + "file-cache": "file-cache", + "backup": "backup", + "storage-virtual-machine": "storage-virtual-machine", + "task": "task", + "association": "association", + "volume": "volume", + "snapshot": "snapshot" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "fsx:IsBackupCopyDestination": { + "condition": "fsx:IsBackupCopyDestination", + "description": "Filters access by whether the backup is a destination backup for a CopyBackup operation", + "type": "Bool" + }, + "fsx:IsBackupCopySource": { + "condition": "fsx:IsBackupCopySource", + "description": "Filters access by whether the backup is a source backup for a CopyBackup operation", + "type": "Bool" + }, + "fsx:NfsDataRepositoryAuthenticationEnabled": { + "condition": "fsx:NfsDataRepositoryAuthenticationEnabled", + "description": "Filters access by NFS data repositories which support authentication", + "type": "Bool" + }, + "fsx:NfsDataRepositoryEncryptionInTransitEnabled": { + "condition": "fsx:NfsDataRepositoryEncryptionInTransitEnabled", + "description": "Filters access by NFS data repositories which support encryption-in-transit", + "type": "Bool" + }, + "fsx:ParentVolumeId": { + "condition": "fsx:ParentVolumeId", + "description": "Filters access by the containing parent volume for mutating volume operations", + "type": "String" + }, + "fsx:StorageVirtualMachineId": { + "condition": "fsx:StorageVirtualMachineId", + "description": "Filters access by the containing storage virtual machine for a volume for mutating volume operations", + "type": "String" + } + } + }, + "gamelift": { + "service_name": "Amazon GameLift", + "prefix": "gamelift", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazongamelift.html", + "privileges": { + "AcceptMatch": { + "privilege": "AcceptMatch", + "description": "Grants permission to register player acceptance or rejection of a proposed FlexMatch match", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_AcceptMatch.html" + }, + "ClaimGameServer": { + "privilege": "ClaimGameServer", + "description": "Grants permission to locate and reserve a game server to host a new game session", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ClaimGameServer.html" + }, + "CreateAlias": { + "privilege": "CreateAlias", + "description": "Grants permission to define a new alias for a fleet", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateAlias.html" + }, + "CreateBuild": { + "privilege": "CreateBuild", + "description": "Grants permission to create a new game build using files stored in an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateBuild.html" + }, + "CreateFleet": { + "privilege": "CreateFleet", + "description": "Grants permission to create a new fleet of computing resources to run your game servers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateFleet.html" + }, + "CreateFleetLocations": { + "privilege": "CreateFleetLocations", + "description": "Grants permission to specify additional locations for a fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateFleetLocations.html" + }, + "CreateGameServerGroup": { + "privilege": "CreateGameServerGroup", + "description": "Grants permission to create a new game server group, set up a corresponding Auto Scaling group, and launche instances to host game servers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateGameServerGroup.html" + }, + "CreateGameSession": { + "privilege": "CreateGameSession", + "description": "Grants permission to start a new game session on a specified fleet", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateGameSession.html" + }, + "CreateGameSessionQueue": { + "privilege": "CreateGameSessionQueue", + "description": "Grants permission to set up a new queue for processing game session placement requests", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateGameSessionQueue.html" + }, + "CreateLocation": { + "privilege": "CreateLocation", + "description": "Grants permission to define a new location for a fleet", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateLocation.html" + }, + "CreateMatchmakingConfiguration": { + "privilege": "CreateMatchmakingConfiguration", + "description": "Grants permission to create a new FlexMatch matchmaker", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateMatchmakingConfiguration.html" + }, + "CreateMatchmakingRuleSet": { + "privilege": "CreateMatchmakingRuleSet", + "description": "Grants permission to create a new matchmaking rule set for FlexMatch", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateMatchmakingRuleSet.html" + }, + "CreatePlayerSession": { + "privilege": "CreatePlayerSession", + "description": "Grants permission to reserve an available game session slot for a player", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreatePlayerSession.html" + }, + "CreatePlayerSessions": { + "privilege": "CreatePlayerSessions", + "description": "Grants permission to reserve available game session slots for multiple players", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreatePlayerSessions.html" + }, + "CreateScript": { + "privilege": "CreateScript", + "description": "Grants permission to create a new Realtime Servers script", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateScript.html" + }, + "CreateVpcPeeringAuthorization": { + "privilege": "CreateVpcPeeringAuthorization", + "description": "Grants permission to allow GameLift to create or delete a peering connection between a GameLift fleet VPC and a VPC on another AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateVpcPeeringAuthorization.html" + }, + "CreateVpcPeeringConnection": { + "privilege": "CreateVpcPeeringConnection", + "description": "Grants permission to establish a peering connection between your GameLift fleet VPC and a VPC on another account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateVpcPeeringConnection.html" + }, + "DeleteAlias": { + "privilege": "DeleteAlias", + "description": "Grants permission to delete an alias", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteAlias.html" + }, + "DeleteBuild": { + "privilege": "DeleteBuild", + "description": "Grants permission to delete a game build", + "access_level": "Write", + "resource_types": { + "build": { + "resource_type": "build", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "build": "build" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteBuild.html" + }, + "DeleteFleet": { + "privilege": "DeleteFleet", + "description": "Grants permission to delete an empty fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteFleet.html" + }, + "DeleteFleetLocations": { + "privilege": "DeleteFleetLocations", + "description": "Grants permission to delete locations for a fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteFleetLocations.html" + }, + "DeleteGameServerGroup": { + "privilege": "DeleteGameServerGroup", + "description": "Grants permission to permanently delete a game server group and terminate FleetIQ activity for the corresponding Auto Scaling group", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteGameServerGroup.html" + }, + "DeleteGameSessionQueue": { + "privilege": "DeleteGameSessionQueue", + "description": "Grants permission to delete an existing game session queue", + "access_level": "Write", + "resource_types": { + "gameSessionQueue": { + "resource_type": "gameSessionQueue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gamesessionqueue": "gameSessionQueue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteGameSessionQueue.html" + }, + "DeleteLocation": { + "privilege": "DeleteLocation", + "description": "Grants permission to delete a location", + "access_level": "Write", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteLocation.html" + }, + "DeleteMatchmakingConfiguration": { + "privilege": "DeleteMatchmakingConfiguration", + "description": "Grants permission to delete an existing FlexMatch matchmaker", + "access_level": "Write", + "resource_types": { + "matchmakingConfiguration": { + "resource_type": "matchmakingConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchmakingconfiguration": "matchmakingConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteMatchmakingConfiguration.html" + }, + "DeleteMatchmakingRuleSet": { + "privilege": "DeleteMatchmakingRuleSet", + "description": "Grants permission to delete an existing FlexMatch matchmaking rule set", + "access_level": "Write", + "resource_types": { + "matchmakingRuleSet": { + "resource_type": "matchmakingRuleSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchmakingruleset": "matchmakingRuleSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteMatchmakingRuleSet.html" + }, + "DeleteScalingPolicy": { + "privilege": "DeleteScalingPolicy", + "description": "Grants permission to delete a set of auto-scaling rules", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteScalingPolicy.html" + }, + "DeleteScript": { + "privilege": "DeleteScript", + "description": "Grants permission to delete a Realtime Servers script", + "access_level": "Write", + "resource_types": { + "script": { + "resource_type": "script", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "script": "script" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteScript.html" + }, + "DeleteVpcPeeringAuthorization": { + "privilege": "DeleteVpcPeeringAuthorization", + "description": "Grants permission to cancel a VPC peering authorization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteVpcPeeringAuthorization.html" + }, + "DeleteVpcPeeringConnection": { + "privilege": "DeleteVpcPeeringConnection", + "description": "Grants permission to remove a peering connection between VPCs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeleteVpcPeeringConnection.html" + }, + "DeregisterCompute": { + "privilege": "DeregisterCompute", + "description": "Grants permission to deregister a compute against a fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeregisterCompute.html" + }, + "DeregisterGameServer": { + "privilege": "DeregisterGameServer", + "description": "Grants permission to remove a game server from a game server group", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DeregisterGameServer.html" + }, + "DescribeAlias": { + "privilege": "DescribeAlias", + "description": "Grants permission to retrieve properties for an alias", + "access_level": "Read", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeAlias.html" + }, + "DescribeBuild": { + "privilege": "DescribeBuild", + "description": "Grants permission to retrieve properties for a game build", + "access_level": "Read", + "resource_types": { + "build": { + "resource_type": "build", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "build": "build" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeBuild.html" + }, + "DescribeCompute": { + "privilege": "DescribeCompute", + "description": "Grants permission to retrieve general properties of the compute such as ARN, fleet details, SDK endpoints, and location", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeCompute.html" + }, + "DescribeEC2InstanceLimits": { + "privilege": "DescribeEC2InstanceLimits", + "description": "Grants permission to retrieve the maximum allowed and current usage for EC2 instance types", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeEC2InstanceLimits.html" + }, + "DescribeFleetAttributes": { + "privilege": "DescribeFleetAttributes", + "description": "Grants permission to retrieve general properties, including status, for fleets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetAttributes.html" + }, + "DescribeFleetCapacity": { + "privilege": "DescribeFleetCapacity", + "description": "Grants permission to retrieve the current capacity setting for fleets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html" + }, + "DescribeFleetEvents": { + "privilege": "DescribeFleetEvents", + "description": "Grants permission to retrieve entries from a fleet's event log", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetEvents.html" + }, + "DescribeFleetLocationAttributes": { + "privilege": "DescribeFleetLocationAttributes", + "description": "Grants permission to retrieve general properties, including statuses, for a fleet's locations", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationAttributes.html" + }, + "DescribeFleetLocationCapacity": { + "privilege": "DescribeFleetLocationCapacity", + "description": "Grants permission to retrieve the current capacity setting for a fleet's location", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html" + }, + "DescribeFleetLocationUtilization": { + "privilege": "DescribeFleetLocationUtilization", + "description": "Grants permission to retrieve utilization statistics for fleet's location", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationUtilization.html" + }, + "DescribeFleetPortSettings": { + "privilege": "DescribeFleetPortSettings", + "description": "Grants permission to retrieve the inbound connection permissions for a fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetPortSettings.html" + }, + "DescribeFleetUtilization": { + "privilege": "DescribeFleetUtilization", + "description": "Grants permission to retrieve utilization statistics for fleets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetUtilization.html" + }, + "DescribeGameServer": { + "privilege": "DescribeGameServer", + "description": "Grants permission to retrieve properties for a game server", + "access_level": "Read", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameServer.html" + }, + "DescribeGameServerGroup": { + "privilege": "DescribeGameServerGroup", + "description": "Grants permission to retrieve properties for a game server group", + "access_level": "Read", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameServerGroup.html" + }, + "DescribeGameServerInstances": { + "privilege": "DescribeGameServerInstances", + "description": "Grants permission to retrieve the status of EC2 instances in a game server group", + "access_level": "Read", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameServerInstances.html" + }, + "DescribeGameSessionDetails": { + "privilege": "DescribeGameSessionDetails", + "description": "Grants permission to retrieve properties for game sessions in a fleet, including the protection policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessionDetails.html" + }, + "DescribeGameSessionPlacement": { + "privilege": "DescribeGameSessionPlacement", + "description": "Grants permission to retrieve details of a game session placement request", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessionPlacement.html" + }, + "DescribeGameSessionQueues": { + "privilege": "DescribeGameSessionQueues", + "description": "Grants permission to retrieve properties for game session queues", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessionQueues.html" + }, + "DescribeGameSessions": { + "privilege": "DescribeGameSessions", + "description": "Grants permission to retrieve properties for game sessions in a fleet", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeGameSessions.html" + }, + "DescribeInstances": { + "privilege": "DescribeInstances", + "description": "Grants permission to retrieve information about instances in a fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeInstances.html" + }, + "DescribeMatchmaking": { + "privilege": "DescribeMatchmaking", + "description": "Grants permission to retrieve details of matchmaking tickets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeMatchmaking.html" + }, + "DescribeMatchmakingConfigurations": { + "privilege": "DescribeMatchmakingConfigurations", + "description": "Grants permission to retrieve properties for FlexMatch matchmakers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeMatchmakingConfigurations.html" + }, + "DescribeMatchmakingRuleSets": { + "privilege": "DescribeMatchmakingRuleSets", + "description": "Grants permission to retrieve properties for FlexMatch matchmaking rule sets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeMatchmakingRuleSets.html" + }, + "DescribePlayerSessions": { + "privilege": "DescribePlayerSessions", + "description": "Grants permission to retrieve properties for player sessions in a game session", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribePlayerSessions.html" + }, + "DescribeRuntimeConfiguration": { + "privilege": "DescribeRuntimeConfiguration", + "description": "Grants permission to retrieve the current runtime configuration for a fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeRuntimeConfiguration.html" + }, + "DescribeScalingPolicies": { + "privilege": "DescribeScalingPolicies", + "description": "Grants permission to retrieve all scaling policies that are applied to a fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeScalingPolicies.html" + }, + "DescribeScript": { + "privilege": "DescribeScript", + "description": "Grants permission to retrieve properties for a Realtime Servers script", + "access_level": "Read", + "resource_types": { + "script": { + "resource_type": "script", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "script": "script" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeScript.html" + }, + "DescribeVpcPeeringAuthorizations": { + "privilege": "DescribeVpcPeeringAuthorizations", + "description": "Grants permission to retrieve valid VPC peering authorizations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeVpcPeeringAuthorizations.html" + }, + "DescribeVpcPeeringConnections": { + "privilege": "DescribeVpcPeeringConnections", + "description": "Grants permission to retrieve details on active or pending VPC peering connections", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeVpcPeeringConnections.html" + }, + "GetComputeAccess": { + "privilege": "GetComputeAccess", + "description": "Grants permission to retrieve access credentials of the compute", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetComputeAccess.html" + }, + "GetComputeAuthToken": { + "privilege": "GetComputeAuthToken", + "description": "Grants permission to retrieve an authorization token for a compute and fleet to use in game server processes", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetComputeAuthToken.html" + }, + "GetGameSessionLogUrl": { + "privilege": "GetGameSessionLogUrl", + "description": "Grants permission to retrieve the location of stored logs for a game session", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetGameSessionLogUrl.html" + }, + "GetInstanceAccess": { + "privilege": "GetInstanceAccess", + "description": "Grants permission to request remote access to a specified fleet instance", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetInstanceAccess.html" + }, + "ListAliases": { + "privilege": "ListAliases", + "description": "Grants permission to retrieve all aliases that are defined in the current Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListAliases.html" + }, + "ListBuilds": { + "privilege": "ListBuilds", + "description": "Grants permission to retrieve all game build in the current Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListBuilds.html" + }, + "ListCompute": { + "privilege": "ListCompute", + "description": "Grants permission to retrieve all compute resources in the current Region", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListCompute.html" + }, + "ListFleets": { + "privilege": "ListFleets", + "description": "Grants permission to retrieve a list of fleet IDs for all fleets in the current Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListFleets.html" + }, + "ListGameServerGroups": { + "privilege": "ListGameServerGroups", + "description": "Grants permission to retrieve all game server groups that are defined in the current Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListGameServerGroups.html" + }, + "ListGameServers": { + "privilege": "ListGameServers", + "description": "Grants permission to retrieve all game servers that are currently running in a game server group", + "access_level": "List", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListGameServers.html" + }, + "ListLocations": { + "privilege": "ListLocations", + "description": "Grants permission to retrieve all locations in this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListLocations.html" + }, + "ListScripts": { + "privilege": "ListScripts", + "description": "Grants permission to retrieve properties for all Realtime Servers scripts in the current region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListScripts.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve tags for GameLift resources", + "access_level": "Read", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "build": { + "resource_type": "build", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gameSessionQueue": { + "resource_type": "gameSessionQueue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "location": { + "resource_type": "location", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "matchmakingConfiguration": { + "resource_type": "matchmakingConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "matchmakingRuleSet": { + "resource_type": "matchmakingRuleSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "script": { + "resource_type": "script", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "build": "build", + "fleet": "fleet", + "gameservergroup": "gameServerGroup", + "gamesessionqueue": "gameSessionQueue", + "location": "location", + "matchmakingconfiguration": "matchmakingConfiguration", + "matchmakingruleset": "matchmakingRuleSet", + "script": "script" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListTagsForResource.html" + }, + "PutScalingPolicy": { + "privilege": "PutScalingPolicy", + "description": "Grants permission to create or update a fleet auto-scaling policy", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_PutScalingPolicy.html" + }, + "RegisterCompute": { + "privilege": "RegisterCompute", + "description": "Grants permission to register a compute against a fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_RegisterCompute.html" + }, + "RegisterGameServer": { + "privilege": "RegisterGameServer", + "description": "Grants permission to notify GameLift FleetIQ when a new game server is ready to host gameplay", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_RegisterGameServer.html" + }, + "RequestUploadCredentials": { + "privilege": "RequestUploadCredentials", + "description": "Grants permission to retrieve fresh upload credentials to use when uploading a new game build", + "access_level": "Read", + "resource_types": { + "build": { + "resource_type": "build", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "build": "build" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_RequestUploadCredentials.html" + }, + "ResolveAlias": { + "privilege": "ResolveAlias", + "description": "Grants permission to retrieve the fleet ID associated with an alias", + "access_level": "Read", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ResolveAlias.html" + }, + "ResumeGameServerGroup": { + "privilege": "ResumeGameServerGroup", + "description": "Grants permission to reinstate suspended FleetIQ activity for a game server group", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ResumeGameServerGroup.html" + }, + "SearchGameSessions": { + "privilege": "SearchGameSessions", + "description": "Grants permission to retrieve game sessions that match a set of search criteria", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_SearchGameSessions.html" + }, + "StartFleetActions": { + "privilege": "StartFleetActions", + "description": "Grants permission to resume auto-scaling activity on a fleet after it was suspended with StopFleetActions()", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartFleetActions.html" + }, + "StartGameSessionPlacement": { + "privilege": "StartGameSessionPlacement", + "description": "Grants permission to send a game session placement request to a game session queue", + "access_level": "Write", + "resource_types": { + "gameSessionQueue": { + "resource_type": "gameSessionQueue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gamesessionqueue": "gameSessionQueue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartGameSessionPlacement.html" + }, + "StartMatchBackfill": { + "privilege": "StartMatchBackfill", + "description": "Grants permission to request FlexMatch matchmaking to fill available player slots in an existing game session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartMatchBackfill.html" + }, + "StartMatchmaking": { + "privilege": "StartMatchmaking", + "description": "Grants permission to request FlexMatch matchmaking for one or a group of players and initiate game session placement", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StartMatchmaking.html" + }, + "StopFleetActions": { + "privilege": "StopFleetActions", + "description": "Grants permission to suspend auto-scaling activity on a fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StopFleetActions.html" + }, + "StopGameSessionPlacement": { + "privilege": "StopGameSessionPlacement", + "description": "Grants permission to cancel a game session placement request that is in progress", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StopGameSessionPlacement.html" + }, + "StopMatchmaking": { + "privilege": "StopMatchmaking", + "description": "Grants permission to cancel a matchmaking or match backfill request that is in progress", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_StopMatchmaking.html" + }, + "SuspendGameServerGroup": { + "privilege": "SuspendGameServerGroup", + "description": "Grants permission to temporarily stop FleetIQ activity for a game server group", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_SuspendGameServerGroup.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag GameLift resources", + "access_level": "Tagging", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "build": { + "resource_type": "build", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gameSessionQueue": { + "resource_type": "gameSessionQueue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "location": { + "resource_type": "location", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "matchmakingConfiguration": { + "resource_type": "matchmakingConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "matchmakingRuleSet": { + "resource_type": "matchmakingRuleSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "script": { + "resource_type": "script", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "build": "build", + "fleet": "fleet", + "gameservergroup": "gameServerGroup", + "gamesessionqueue": "gameSessionQueue", + "location": "location", + "matchmakingconfiguration": "matchmakingConfiguration", + "matchmakingruleset": "matchmakingRuleSet", + "script": "script", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag GameLift resources", + "access_level": "Tagging", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "build": { + "resource_type": "build", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gameSessionQueue": { + "resource_type": "gameSessionQueue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "location": { + "resource_type": "location", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "matchmakingConfiguration": { + "resource_type": "matchmakingConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "matchmakingRuleSet": { + "resource_type": "matchmakingRuleSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "script": { + "resource_type": "script", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "build": "build", + "fleet": "fleet", + "gameservergroup": "gameServerGroup", + "gamesessionqueue": "gameSessionQueue", + "location": "location", + "matchmakingconfiguration": "matchmakingConfiguration", + "matchmakingruleset": "matchmakingRuleSet", + "script": "script", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UntagResource.html" + }, + "UpdateAlias": { + "privilege": "UpdateAlias", + "description": "Grants permission to update the properties of an existing alias", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateAlias.html" + }, + "UpdateBuild": { + "privilege": "UpdateBuild", + "description": "Grants permission to update an existing build's metadata", + "access_level": "Write", + "resource_types": { + "build": { + "resource_type": "build", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "build": "build" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateBuild.html" + }, + "UpdateFleetAttributes": { + "privilege": "UpdateFleetAttributes", + "description": "Grants permission to update the general properties of an existing fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetAttributes.html" + }, + "UpdateFleetCapacity": { + "privilege": "UpdateFleetCapacity", + "description": "Grants permission to adjust a fleet's capacity settings", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html" + }, + "UpdateFleetPortSettings": { + "privilege": "UpdateFleetPortSettings", + "description": "Grants permission to adjust a fleet's port settings", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings.html" + }, + "UpdateGameServer": { + "privilege": "UpdateGameServer", + "description": "Grants permission to change game server properties, health status, or utilization status", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameServer.html" + }, + "UpdateGameServerGroup": { + "privilege": "UpdateGameServerGroup", + "description": "Grants permission to update properties for game server group, including allowed instance types", + "access_level": "Write", + "resource_types": { + "gameServerGroup": { + "resource_type": "gameServerGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gameservergroup": "gameServerGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameServerGroup.html" + }, + "UpdateGameSession": { + "privilege": "UpdateGameSession", + "description": "Grants permission to update the properties of an existing game session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSession.html" + }, + "UpdateGameSessionQueue": { + "privilege": "UpdateGameSessionQueue", + "description": "Grants permission to update properties of an existing game session queue", + "access_level": "Write", + "resource_types": { + "gameSessionQueue": { + "resource_type": "gameSessionQueue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gamesessionqueue": "gameSessionQueue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSessionQueue.html" + }, + "UpdateMatchmakingConfiguration": { + "privilege": "UpdateMatchmakingConfiguration", + "description": "Grants permission to update properties of an existing FlexMatch matchmaking configuration", + "access_level": "Write", + "resource_types": { + "matchmakingConfiguration": { + "resource_type": "matchmakingConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchmakingconfiguration": "matchmakingConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateMatchmakingConfiguration.html" + }, + "UpdateRuntimeConfiguration": { + "privilege": "UpdateRuntimeConfiguration", + "description": "Grants permission to update how server processes are configured on instances in an existing fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateRuntimeConfiguration.html" + }, + "UpdateScript": { + "privilege": "UpdateScript", + "description": "Grants permission to update the metadata and content of an existing Realtime Servers script", + "access_level": "Write", + "resource_types": { + "script": { + "resource_type": "script", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "script": "script" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateScript.html" + }, + "ValidateMatchmakingRuleSet": { + "privilege": "ValidateMatchmakingRuleSet", + "description": "Grants permission to validate the syntax of a FlexMatch matchmaking rule set", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamelift/latest/apireference/API_ValidateMatchmakingRuleSet.html" + } + }, + "privileges_lower_name": { + "acceptmatch": "AcceptMatch", + "claimgameserver": "ClaimGameServer", + "createalias": "CreateAlias", + "createbuild": "CreateBuild", + "createfleet": "CreateFleet", + "createfleetlocations": "CreateFleetLocations", + "creategameservergroup": "CreateGameServerGroup", + "creategamesession": "CreateGameSession", + "creategamesessionqueue": "CreateGameSessionQueue", + "createlocation": "CreateLocation", + "creatematchmakingconfiguration": "CreateMatchmakingConfiguration", + "creatematchmakingruleset": "CreateMatchmakingRuleSet", + "createplayersession": "CreatePlayerSession", + "createplayersessions": "CreatePlayerSessions", + "createscript": "CreateScript", + "createvpcpeeringauthorization": "CreateVpcPeeringAuthorization", + "createvpcpeeringconnection": "CreateVpcPeeringConnection", + "deletealias": "DeleteAlias", + "deletebuild": "DeleteBuild", + "deletefleet": "DeleteFleet", + "deletefleetlocations": "DeleteFleetLocations", + "deletegameservergroup": "DeleteGameServerGroup", + "deletegamesessionqueue": "DeleteGameSessionQueue", + "deletelocation": "DeleteLocation", + "deletematchmakingconfiguration": "DeleteMatchmakingConfiguration", + "deletematchmakingruleset": "DeleteMatchmakingRuleSet", + "deletescalingpolicy": "DeleteScalingPolicy", + "deletescript": "DeleteScript", + "deletevpcpeeringauthorization": "DeleteVpcPeeringAuthorization", + "deletevpcpeeringconnection": "DeleteVpcPeeringConnection", + "deregistercompute": "DeregisterCompute", + "deregistergameserver": "DeregisterGameServer", + "describealias": "DescribeAlias", + "describebuild": "DescribeBuild", + "describecompute": "DescribeCompute", + "describeec2instancelimits": "DescribeEC2InstanceLimits", + "describefleetattributes": "DescribeFleetAttributes", + "describefleetcapacity": "DescribeFleetCapacity", + "describefleetevents": "DescribeFleetEvents", + "describefleetlocationattributes": "DescribeFleetLocationAttributes", + "describefleetlocationcapacity": "DescribeFleetLocationCapacity", + "describefleetlocationutilization": "DescribeFleetLocationUtilization", + "describefleetportsettings": "DescribeFleetPortSettings", + "describefleetutilization": "DescribeFleetUtilization", + "describegameserver": "DescribeGameServer", + "describegameservergroup": "DescribeGameServerGroup", + "describegameserverinstances": "DescribeGameServerInstances", + "describegamesessiondetails": "DescribeGameSessionDetails", + "describegamesessionplacement": "DescribeGameSessionPlacement", + "describegamesessionqueues": "DescribeGameSessionQueues", + "describegamesessions": "DescribeGameSessions", + "describeinstances": "DescribeInstances", + "describematchmaking": "DescribeMatchmaking", + "describematchmakingconfigurations": "DescribeMatchmakingConfigurations", + "describematchmakingrulesets": "DescribeMatchmakingRuleSets", + "describeplayersessions": "DescribePlayerSessions", + "describeruntimeconfiguration": "DescribeRuntimeConfiguration", + "describescalingpolicies": "DescribeScalingPolicies", + "describescript": "DescribeScript", + "describevpcpeeringauthorizations": "DescribeVpcPeeringAuthorizations", + "describevpcpeeringconnections": "DescribeVpcPeeringConnections", + "getcomputeaccess": "GetComputeAccess", + "getcomputeauthtoken": "GetComputeAuthToken", + "getgamesessionlogurl": "GetGameSessionLogUrl", + "getinstanceaccess": "GetInstanceAccess", + "listaliases": "ListAliases", + "listbuilds": "ListBuilds", + "listcompute": "ListCompute", + "listfleets": "ListFleets", + "listgameservergroups": "ListGameServerGroups", + "listgameservers": "ListGameServers", + "listlocations": "ListLocations", + "listscripts": "ListScripts", + "listtagsforresource": "ListTagsForResource", + "putscalingpolicy": "PutScalingPolicy", + "registercompute": "RegisterCompute", + "registergameserver": "RegisterGameServer", + "requestuploadcredentials": "RequestUploadCredentials", + "resolvealias": "ResolveAlias", + "resumegameservergroup": "ResumeGameServerGroup", + "searchgamesessions": "SearchGameSessions", + "startfleetactions": "StartFleetActions", + "startgamesessionplacement": "StartGameSessionPlacement", + "startmatchbackfill": "StartMatchBackfill", + "startmatchmaking": "StartMatchmaking", + "stopfleetactions": "StopFleetActions", + "stopgamesessionplacement": "StopGameSessionPlacement", + "stopmatchmaking": "StopMatchmaking", + "suspendgameservergroup": "SuspendGameServerGroup", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatealias": "UpdateAlias", + "updatebuild": "UpdateBuild", + "updatefleetattributes": "UpdateFleetAttributes", + "updatefleetcapacity": "UpdateFleetCapacity", + "updatefleetportsettings": "UpdateFleetPortSettings", + "updategameserver": "UpdateGameServer", + "updategameservergroup": "UpdateGameServerGroup", + "updategamesession": "UpdateGameSession", + "updategamesessionqueue": "UpdateGameSessionQueue", + "updatematchmakingconfiguration": "UpdateMatchmakingConfiguration", + "updateruntimeconfiguration": "UpdateRuntimeConfiguration", + "updatescript": "UpdateScript", + "validatematchmakingruleset": "ValidateMatchmakingRuleSet" + }, + "resources": { + "alias": { + "resource": "alias", + "arn": "arn:${Partition}:gamelift:${Region}::alias/${AliasId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "build": { + "resource": "build", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:build/${BuildId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "fleet": { + "resource": "fleet", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:fleet/${FleetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "gameServerGroup": { + "resource": "gameServerGroup", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:gameservergroup/${GameServerGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "gameSessionQueue": { + "resource": "gameSessionQueue", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:gamesessionqueue/${GameSessionQueueName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "location": { + "resource": "location", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:location/${LocationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "matchmakingConfiguration": { + "resource": "matchmakingConfiguration", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:matchmakingconfiguration/${MatchmakingConfigurationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "matchmakingRuleSet": { + "resource": "matchmakingRuleSet", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:matchmakingruleset/${MatchmakingRuleSetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "script": { + "resource": "script", + "arn": "arn:${Partition}:gamelift:${Region}:${Account}:script/${ScriptId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "alias": "alias", + "build": "build", + "fleet": "fleet", + "gameservergroup": "gameServerGroup", + "gamesessionqueue": "gameSessionQueue", + "location": "location", + "matchmakingconfiguration": "matchmakingConfiguration", + "matchmakingruleset": "matchmakingRuleSet", + "script": "script" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "gamesparks": { + "service_name": "Amazon GameSparks", + "prefix": "gamesparks", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazongamesparks.html", + "privileges": { + "CreateGame": { + "privilege": "CreateGame", + "description": "Grants permission to create a game", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_CreateGame.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to create a snapshot of a game", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_CreateSnapshot.html" + }, + "CreateStage": { + "privilege": "CreateStage", + "description": "Grants permission to create a stage in a game", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_CreateStage.html" + }, + "DeleteGame": { + "privilege": "DeleteGame", + "description": "Grants permission to delete a game", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_DeleteGame.html" + }, + "DeleteStage": { + "privilege": "DeleteStage", + "description": "Grants permission to delete a stage from a game", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_DeleteStage.html" + }, + "DisconnectPlayer": { + "privilege": "DisconnectPlayer", + "description": "Grants permission to disconnect a player from the game runtime", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_DisconnectPlayer.html" + }, + "ExportSnapshot": { + "privilege": "ExportSnapshot", + "description": "Grants permission to export a snapshot of the game configuration", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ExportSnapshot.html" + }, + "GetExtension": { + "privilege": "GetExtension", + "description": "Grants permission to get details about an extension", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetExtension.html" + }, + "GetExtensionVersion": { + "privilege": "GetExtensionVersion", + "description": "Grants permission to get details about an extension version", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetExtensionVersion.html" + }, + "GetGame": { + "privilege": "GetGame", + "description": "Grants permission to get details about a game", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetGame.html" + }, + "GetGameConfiguration": { + "privilege": "GetGameConfiguration", + "description": "Grants permission to get the configuration for the game", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetGameConfiguration.html" + }, + "GetGeneratedCodeJob": { + "privilege": "GetGeneratedCodeJob", + "description": "Grants permission to get details about a job that is generating code for a snapshot", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetGeneratedCodeJob.html" + }, + "GetPlayerConnectionStatus": { + "privilege": "GetPlayerConnectionStatus", + "description": "Grants permission to get the status of a player connection", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetPlayerConnectionStatus.html" + }, + "GetSnapshot": { + "privilege": "GetSnapshot", + "description": "Grants permission to get a snapshot of the game", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetSnapshot.html" + }, + "GetStage": { + "privilege": "GetStage", + "description": "Grants permission to gets information about a stage", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetStage.html" + }, + "GetStageDeployment": { + "privilege": "GetStageDeployment", + "description": "Grants permission to get information about a stage deployment", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_GetStageDeployment.html" + }, + "ImportGameConfiguration": { + "privilege": "ImportGameConfiguration", + "description": "Grants permission to import a snapshot of a game configuration", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ImportGameConfiguration.html" + }, + "InvokeBackend": { + "privilege": "InvokeBackend", + "description": "Grants permission to invoke backend services for a specific game", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/dg/security-iam-stage-roles.html" + }, + "ListExtensionVersions": { + "privilege": "ListExtensionVersions", + "description": "Grants permission to list the extension versions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListExtensionVersions.html" + }, + "ListExtensions": { + "privilege": "ListExtensions", + "description": "Grants permission to list the extensions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListExtensions.html" + }, + "ListGames": { + "privilege": "ListGames", + "description": "Grants permission to list the games", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListGames.html" + }, + "ListGeneratedCodeJobs": { + "privilege": "ListGeneratedCodeJobs", + "description": "Grants permission to get a list of code generation jobs for a snapshot", + "access_level": "List", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListGeneratedCodeJobs.html" + }, + "ListSnapshots": { + "privilege": "ListSnapshots", + "description": "Grants permission to get a list of snapshot summaries for a game", + "access_level": "List", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListSnapshots.html" + }, + "ListStageDeployments": { + "privilege": "ListStageDeployments", + "description": "Grants permission to get a list of stage deployment summaries for a game", + "access_level": "List", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListStageDeployments.html" + }, + "ListStages": { + "privilege": "ListStages", + "description": "Grants permission to get a list of stage summaries for a game", + "access_level": "List", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListStages.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags associated with a resource", + "access_level": "Read", + "resource_types": { + "game": { + "resource_type": "game", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_ListTagsForResource.html" + }, + "StartGeneratedCodeJob": { + "privilege": "StartGeneratedCodeJob", + "description": "Grants permission to start an asynchronous process that generates client code for system-defined and custom messages", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_StartGeneratedCodeJob.html" + }, + "StartStageDeployment": { + "privilege": "StartStageDeployment", + "description": "Grants permission to deploy a snapshot to a stage and creates a new game runtime", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_StartStageDeployment.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to adds tags to a resource", + "access_level": "Tagging", + "resource_types": { + "game": { + "resource_type": "game", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "game": { + "resource_type": "game", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UntagResource.html" + }, + "UpdateGame": { + "privilege": "UpdateGame", + "description": "Grants permission to change the metadata of a game", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateGame.html" + }, + "UpdateGameConfiguration": { + "privilege": "UpdateGameConfiguration", + "description": "Grants permission to change the working copy of the game configuration", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateGameConfiguration.html" + }, + "UpdateSnapshot": { + "privilege": "UpdateSnapshot", + "description": "Grants permission to update the metadata of a snapshot", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateSnapshot.html" + }, + "UpdateStage": { + "privilege": "UpdateStage", + "description": "Grants permission to update the metadata of a stage", + "access_level": "Write", + "resource_types": { + "game": { + "resource_type": "game", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "game": "game", + "stage": "stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/gamesparks/latest/api/svc/API_UpdateStage.html" + } + }, + "privileges_lower_name": { + "creategame": "CreateGame", + "createsnapshot": "CreateSnapshot", + "createstage": "CreateStage", + "deletegame": "DeleteGame", + "deletestage": "DeleteStage", + "disconnectplayer": "DisconnectPlayer", + "exportsnapshot": "ExportSnapshot", + "getextension": "GetExtension", + "getextensionversion": "GetExtensionVersion", + "getgame": "GetGame", + "getgameconfiguration": "GetGameConfiguration", + "getgeneratedcodejob": "GetGeneratedCodeJob", + "getplayerconnectionstatus": "GetPlayerConnectionStatus", + "getsnapshot": "GetSnapshot", + "getstage": "GetStage", + "getstagedeployment": "GetStageDeployment", + "importgameconfiguration": "ImportGameConfiguration", + "invokebackend": "InvokeBackend", + "listextensionversions": "ListExtensionVersions", + "listextensions": "ListExtensions", + "listgames": "ListGames", + "listgeneratedcodejobs": "ListGeneratedCodeJobs", + "listsnapshots": "ListSnapshots", + "liststagedeployments": "ListStageDeployments", + "liststages": "ListStages", + "listtagsforresource": "ListTagsForResource", + "startgeneratedcodejob": "StartGeneratedCodeJob", + "startstagedeployment": "StartStageDeployment", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updategame": "UpdateGame", + "updategameconfiguration": "UpdateGameConfiguration", + "updatesnapshot": "UpdateSnapshot", + "updatestage": "UpdateStage" + }, + "resources": { + "game": { + "resource": "game", + "arn": "arn:${Partition}:gamesparks:${Region}:${Account}:game/${GameId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stage": { + "resource": "stage", + "arn": "arn:${Partition}:gamesparks:${Region}:${Account}:game/${GameId}/stage/${StageName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "game": "game", + "stage": "stage" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "glacier": { + "service_name": "Amazon Glacier", + "prefix": "glacier", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonglacier.html", + "privileges": { + "AbortMultipartUpload": { + "privilege": "AbortMultipartUpload", + "description": "Grants permission to abort a multipart upload identified by the upload ID", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-abort-upload.html" + }, + "AbortVaultLock": { + "privilege": "AbortVaultLock", + "description": "Grants permission to abort the vault locking process if the vault lock is not in the Locked state", + "access_level": "Permissions management", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-AbortVaultLock.html" + }, + "AddTagsToVault": { + "privilege": "AddTagsToVault", + "description": "Grants permission to add the specified tags to a vault", + "access_level": "Tagging", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-AddTagsToVault.html" + }, + "CompleteMultipartUpload": { + "privilege": "CompleteMultipartUpload", + "description": "Grants permission to complete a multipart upload process", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-complete-upload.html" + }, + "CompleteVaultLock": { + "privilege": "CompleteVaultLock", + "description": "Grants permission to complete the vault locking process", + "access_level": "Permissions management", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-CompleteVaultLock.html" + }, + "CreateVault": { + "privilege": "CreateVault", + "description": "Grants permission to create a new vault with the specified name", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-put.html" + }, + "DeleteArchive": { + "privilege": "DeleteArchive", + "description": "Grants permission to delete an archive from a vault", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "glacier:ArchiveAgeInDays" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-archive-delete.html" + }, + "DeleteVault": { + "privilege": "DeleteVault", + "description": "Grants permission to delete a vault", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-delete.html" + }, + "DeleteVaultAccessPolicy": { + "privilege": "DeleteVaultAccessPolicy", + "description": "Grants permission to delete the access policy associated with the specified vault", + "access_level": "Permissions management", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-DeleteVaultAccessPolicy.html" + }, + "DeleteVaultNotifications": { + "privilege": "DeleteVaultNotifications", + "description": "Grants permission to delete the notification configuration set for a vault", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-notifications-delete.html" + }, + "DescribeJob": { + "privilege": "DescribeJob", + "description": "Grants permission to get information about a job previously initiated", + "access_level": "Read", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-describe-job-get.html" + }, + "DescribeVault": { + "privilege": "DescribeVault", + "description": "Grants permission to get information about a vault", + "access_level": "Read", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-get.html" + }, + "GetDataRetrievalPolicy": { + "privilege": "GetDataRetrievalPolicy", + "description": "Grants permission to get the data retrieval policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-GetDataRetrievalPolicy.html" + }, + "GetJobOutput": { + "privilege": "GetJobOutput", + "description": "Grants permission to download the output of the job specified", + "access_level": "Read", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-job-output-get.html" + }, + "GetVaultAccessPolicy": { + "privilege": "GetVaultAccessPolicy", + "description": "Grants permission to retrieve the access-policy subresource set on the vault", + "access_level": "Read", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-GetVaultAccessPolicy.html" + }, + "GetVaultLock": { + "privilege": "GetVaultLock", + "description": "Grants permission to retrieve attributes from the lock-policy subresource set on the specified vault", + "access_level": "Read", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-GetVaultLock.html" + }, + "GetVaultNotifications": { + "privilege": "GetVaultNotifications", + "description": "Grants permission to retrieve the notification-configuration subresource set on the vault", + "access_level": "Read", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-notifications-get.html" + }, + "InitiateJob": { + "privilege": "InitiateJob", + "description": "Grants permission to initiate a job of the specified type", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "glacier:ArchiveAgeInDays" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-initiate-job-post.html" + }, + "InitiateMultipartUpload": { + "privilege": "InitiateMultipartUpload", + "description": "Grants permission to initiate a multipart upload", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-initiate-upload.html" + }, + "InitiateVaultLock": { + "privilege": "InitiateVaultLock", + "description": "Grants permission to initiate the vault locking process", + "access_level": "Permissions management", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-InitiateVaultLock.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list jobs for a vault that are in-progress and jobs that have recently finished", + "access_level": "List", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-jobs-get.html" + }, + "ListMultipartUploads": { + "privilege": "ListMultipartUploads", + "description": "Grants permission to list in-progress multipart uploads for the specified vault", + "access_level": "List", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-list-uploads.html" + }, + "ListParts": { + "privilege": "ListParts", + "description": "Grants permission to list the parts of an archive that have been uploaded in a specific multipart upload", + "access_level": "List", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-multipart-list-parts.html" + }, + "ListProvisionedCapacity": { + "privilege": "ListProvisionedCapacity", + "description": "Grants permission to list the provisioned capacity for the specified AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-ListProvisionedCapacity.html" + }, + "ListTagsForVault": { + "privilege": "ListTagsForVault", + "description": "Grants permission to list all the tags attached to a vault", + "access_level": "List", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-ListTagsForVault.html" + }, + "ListVaults": { + "privilege": "ListVaults", + "description": "Grants permission to list all vaults", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vaults-get.html" + }, + "PurchaseProvisionedCapacity": { + "privilege": "PurchaseProvisionedCapacity", + "description": "Grants permission to purchases a provisioned capacity unit for an AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-PurchaseProvisionedCapacity.html" + }, + "RemoveTagsFromVault": { + "privilege": "RemoveTagsFromVault", + "description": "Grants permission to remove one or more tags from the set of tags attached to a vault", + "access_level": "Tagging", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-RemoveTagsFromVault.html" + }, + "SetDataRetrievalPolicy": { + "privilege": "SetDataRetrievalPolicy", + "description": "Grants permission to set and then enacts a data retrieval policy in the region specified in the PUT request", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-SetDataRetrievalPolicy.html" + }, + "SetVaultAccessPolicy": { + "privilege": "SetVaultAccessPolicy", + "description": "Grants permission to configure an access policy for a vault; will overwrite an existing policy", + "access_level": "Permissions management", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-SetVaultAccessPolicy.html" + }, + "SetVaultNotifications": { + "privilege": "SetVaultNotifications", + "description": "Grants permission to configure vault notifications", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-vault-notifications-put.html" + }, + "UploadArchive": { + "privilege": "UploadArchive", + "description": "Grants permission to upload an archive to a vault", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-archive-post.html" + }, + "UploadMultipartPart": { + "privilege": "UploadMultipartPart", + "description": "Grants permission to upload a part of an archive", + "access_level": "Write", + "resource_types": { + "vault": { + "resource_type": "vault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vault": "vault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonglacier/latest/dev/api-upload-part.html" + } + }, + "privileges_lower_name": { + "abortmultipartupload": "AbortMultipartUpload", + "abortvaultlock": "AbortVaultLock", + "addtagstovault": "AddTagsToVault", + "completemultipartupload": "CompleteMultipartUpload", + "completevaultlock": "CompleteVaultLock", + "createvault": "CreateVault", + "deletearchive": "DeleteArchive", + "deletevault": "DeleteVault", + "deletevaultaccesspolicy": "DeleteVaultAccessPolicy", + "deletevaultnotifications": "DeleteVaultNotifications", + "describejob": "DescribeJob", + "describevault": "DescribeVault", + "getdataretrievalpolicy": "GetDataRetrievalPolicy", + "getjoboutput": "GetJobOutput", + "getvaultaccesspolicy": "GetVaultAccessPolicy", + "getvaultlock": "GetVaultLock", + "getvaultnotifications": "GetVaultNotifications", + "initiatejob": "InitiateJob", + "initiatemultipartupload": "InitiateMultipartUpload", + "initiatevaultlock": "InitiateVaultLock", + "listjobs": "ListJobs", + "listmultipartuploads": "ListMultipartUploads", + "listparts": "ListParts", + "listprovisionedcapacity": "ListProvisionedCapacity", + "listtagsforvault": "ListTagsForVault", + "listvaults": "ListVaults", + "purchaseprovisionedcapacity": "PurchaseProvisionedCapacity", + "removetagsfromvault": "RemoveTagsFromVault", + "setdataretrievalpolicy": "SetDataRetrievalPolicy", + "setvaultaccesspolicy": "SetVaultAccessPolicy", + "setvaultnotifications": "SetVaultNotifications", + "uploadarchive": "UploadArchive", + "uploadmultipartpart": "UploadMultipartPart" + }, + "resources": { + "vault": { + "resource": "vault", + "arn": "arn:${Partition}:glacier:${Region}:${Account}:vaults/${VaultName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "vault": "vault" + }, + "conditions": { + "glacier:ArchiveAgeInDays": { + "condition": "glacier:ArchiveAgeInDays", + "description": "Filters access by how long an archive has been stored in the vault, in days", + "type": "String" + }, + "glacier:ResourceTag/": { + "condition": "glacier:ResourceTag/", + "description": "Filters access by a customer-defined tag", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "groundtruthlabeling": { + "service_name": "Amazon GroundTruth Labeling", + "prefix": "groundtruthlabeling", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazongroundtruthlabeling.html", + "privileges": { + "AssociatePatchToManifestJob": { + "privilege": "AssociatePatchToManifestJob", + "description": "Grants permission to associate a patch file with the manifest file to update the manifest file", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" + }, + "DescribeConsoleJob": { + "privilege": "DescribeConsoleJob", + "description": "Grants permission to get status of GroundTruthLabeling Jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" + }, + "ListDatasetObjects": { + "privilege": "ListDatasetObjects", + "description": "Grants permission to list dataset objects in a manifest file", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" + }, + "RunFilterOrSampleDatasetJob": { + "privilege": "RunFilterOrSampleDatasetJob", + "description": "Grants permission to filter records from a manifest file using S3 select. Get sample entries based on random sampling", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-data-filtering" + }, + "RunGenerateManifestByCrawlingJob": { + "privilege": "RunGenerateManifestByCrawlingJob", + "description": "Grants permission to list a S3 prefix and create manifest files from objects in that location", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/sms-data-input.html#sms-console-create-manifest-file" + } + }, + "privileges_lower_name": { + "associatepatchtomanifestjob": "AssociatePatchToManifestJob", + "describeconsolejob": "DescribeConsoleJob", + "listdatasetobjects": "ListDatasetObjects", + "runfilterorsampledatasetjob": "RunFilterOrSampleDatasetJob", + "rungeneratemanifestbycrawlingjob": "RunGenerateManifestByCrawlingJob" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "guardduty": { + "service_name": "Amazon GuardDuty", + "prefix": "guardduty", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonguardduty.html", + "privileges": { + "AcceptAdministratorInvitation": { + "privilege": "AcceptAdministratorInvitation", + "description": "Grants permission to accept invitations to become a GuardDuty member account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptAdministratorInvitation.html" + }, + "AcceptInvitation": { + "privilege": "AcceptInvitation", + "description": "Grants permission to accept invitations to become a GuardDuty member account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_AcceptInvitation.html" + }, + "ArchiveFindings": { + "privilege": "ArchiveFindings", + "description": "Grants permission to archive GuardDuty findings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ArchiveFindings.html" + }, + "CreateDetector": { + "privilege": "CreateDetector", + "description": "Grants permission to create a detector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateDetector.html" + }, + "CreateFilter": { + "privilege": "CreateFilter", + "description": "Grants permission to create GuardDuty filters. A filters defines finding attributes and conditions used to filter findings", + "access_level": "Write", + "resource_types": { + "filter": { + "resource_type": "filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "filter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateFilter.html" + }, + "CreateIPSet": { + "privilege": "CreateIPSet", + "description": "Grants permission to create an IPSet", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:DeleteRolePolicy", + "iam:PutRolePolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateIPSet.html" + }, + "CreateMembers": { + "privilege": "CreateMembers", + "description": "Grants permission to create GuardDuty member accounts, where the account used to create a member becomes the GuardDuty administrator account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html" + }, + "CreatePublishingDestination": { + "privilege": "CreatePublishingDestination", + "description": "Grants permission to create a publishing destination", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreatePublishingDestination.html" + }, + "CreateSampleFindings": { + "privilege": "CreateSampleFindings", + "description": "Grants permission to create sample findings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateSampleFindings.html" + }, + "CreateThreatIntelSet": { + "privilege": "CreateThreatIntelSet", + "description": "Grants permission to create GuardDuty ThreatIntelSets, where a ThreatIntelSet consists of known malicious IP addresses used by GuardDuty to generate findings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateThreatIntelSet.html" + }, + "DeclineInvitations": { + "privilege": "DeclineInvitations", + "description": "Grants permission to decline invitations to become a GuardDuty member account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeclineInvitations.html" + }, + "DeleteDetector": { + "privilege": "DeleteDetector", + "description": "Grants permission to delete GuardDuty detectors", + "access_level": "Write", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteDetector.html" + }, + "DeleteFilter": { + "privilege": "DeleteFilter", + "description": "Grants permission to delete GuardDuty filters", + "access_level": "Write", + "resource_types": { + "filter": { + "resource_type": "filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "filter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteFilter.html" + }, + "DeleteIPSet": { + "privilege": "DeleteIPSet", + "description": "Grants permission to delete GuardDuty IPSets", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteIPSet.html" + }, + "DeleteInvitations": { + "privilege": "DeleteInvitations", + "description": "Grants permission to delete invitations to become a GuardDuty member account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteInvitations.html" + }, + "DeleteMembers": { + "privilege": "DeleteMembers", + "description": "Grants permission to delete GuardDuty member accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html" + }, + "DeletePublishingDestination": { + "privilege": "DeletePublishingDestination", + "description": "Grants permission to delete a publishing destination", + "access_level": "Write", + "resource_types": { + "publishingDestination": { + "resource_type": "publishingDestination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "publishingdestination": "publishingDestination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeletePublishingDestination.html" + }, + "DeleteThreatIntelSet": { + "privilege": "DeleteThreatIntelSet", + "description": "Grants permission to delete GuardDuty ThreatIntelSets", + "access_level": "Write", + "resource_types": { + "threatintelset": { + "resource_type": "threatintelset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "threatintelset": "threatintelset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteThreatIntelSet.html" + }, + "DescribeMalwareScans": { + "privilege": "DescribeMalwareScans", + "description": "Grants permission to retrieve details about malware scans", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeMalwareScans.html" + }, + "DescribeOrganizationConfiguration": { + "privilege": "DescribeOrganizationConfiguration", + "description": "Grants permission to retrieve details about the delegated administrator associated with a GuardDuty detector", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeOrganizationConfiguration.html" + }, + "DescribePublishingDestination": { + "privilege": "DescribePublishingDestination", + "description": "Grants permission to retrieve details about a publishing destination", + "access_level": "Read", + "resource_types": { + "publishingDestination": { + "resource_type": "publishingDestination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "publishingdestination": "publishingDestination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribePublishingDestination.html" + }, + "DisableOrganizationAdminAccount": { + "privilege": "DisableOrganizationAdminAccount", + "description": "Grants permission to disable the organization delegated administrator for GuardDuty", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisableOrganizationAdminAccount.html" + }, + "DisassociateFromAdministratorAccount": { + "privilege": "DisassociateFromAdministratorAccount", + "description": "Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromAdministratorAccount.html" + }, + "DisassociateFromMasterAccount": { + "privilege": "DisassociateFromMasterAccount", + "description": "Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateFromMasterAccount.html" + }, + "DisassociateMembers": { + "privilege": "DisassociateMembers", + "description": "Grants permission to disassociate GuardDuty member accounts from their administrator GuardDuty account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateMembers.html" + }, + "EnableOrganizationAdminAccount": { + "privilege": "EnableOrganizationAdminAccount", + "description": "Grants permission to enable an organization delegated administrator for GuardDuty", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_EnableOrganizationAdminAccount.html" + }, + "GetAdministratorAccount": { + "privilege": "GetAdministratorAccount", + "description": "Grants permission to retrieve details of the GuardDuty administrator account associated with a member account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetAdministratorAccount.html" + }, + "GetCoverageStatistics": { + "privilege": "GetCoverageStatistics", + "description": "Grants permission to list Amazon GuardDuty coverage statistics for the specified GuardDuty account in a Region", + "access_level": "Read", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetCoverageStatistics.html" + }, + "GetDetector": { + "privilege": "GetDetector", + "description": "Grants permission to retrieve GuardDuty detectors", + "access_level": "Read", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetDetector.html" + }, + "GetFilter": { + "privilege": "GetFilter", + "description": "Grants permission to retrieve GuardDuty filters", + "access_level": "Read", + "resource_types": { + "filter": { + "resource_type": "filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "filter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFilter.html" + }, + "GetFindings": { + "privilege": "GetFindings", + "description": "Grants permission to retrieve GuardDuty findings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindings.html" + }, + "GetFindingsStatistics": { + "privilege": "GetFindingsStatistics", + "description": "Grants permission to retrieve a list of GuardDuty finding statistics", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindingsStatistics.html" + }, + "GetIPSet": { + "privilege": "GetIPSet", + "description": "Grants permission to retrieve GuardDuty IPSets", + "access_level": "Read", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetIPSet.html" + }, + "GetInvitationsCount": { + "privilege": "GetInvitationsCount", + "description": "Grants permission to retrieve the count of all GuardDuty invitations sent to a specified account, which does not include the accepted invitation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetInvitationsCount.html" + }, + "GetMalwareScanSettings": { + "privilege": "GetMalwareScanSettings", + "description": "Grants permission to retrieve the malware scan settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScanSettings.html" + }, + "GetMasterAccount": { + "privilege": "GetMasterAccount", + "description": "Grants permission to retrieve details of the GuardDuty administrator account associated with a member account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMasterAccount.html" + }, + "GetMemberDetectors": { + "privilege": "GetMemberDetectors", + "description": "Grants permission to describe which data sources are enabled for member accounts detectors", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMemberDetectors.html" + }, + "GetMembers": { + "privilege": "GetMembers", + "description": "Grants permission to retrieve the member accounts associated with an administrator account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMembers.html" + }, + "GetRemainingFreeTrialDays": { + "privilege": "GetRemainingFreeTrialDays", + "description": "Grants permission to provide the number of days left for each data source used in the free trial period", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetRemainingFreeTrialDays.html" + }, + "GetThreatIntelSet": { + "privilege": "GetThreatIntelSet", + "description": "Grants permission to retrieve GuardDuty ThreatIntelSets", + "access_level": "Read", + "resource_types": { + "threatintelset": { + "resource_type": "threatintelset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "threatintelset": "threatintelset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetThreatIntelSet.html" + }, + "GetUsageStatistics": { + "privilege": "GetUsageStatistics", + "description": "Grants permission to list Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetUsageStatistics.html" + }, + "InviteMembers": { + "privilege": "InviteMembers", + "description": "Grants permission to invite other AWS accounts to enable GuardDuty and become GuardDuty member accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html" + }, + "ListCoverage": { + "privilege": "ListCoverage", + "description": "Grants permission to list all the resource details for a given account in a Region", + "access_level": "List", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListCoverage.html" + }, + "ListDetectors": { + "privilege": "ListDetectors", + "description": "Grants permission to retrieve a list of GuardDuty detectors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html" + }, + "ListFilters": { + "privilege": "ListFilters", + "description": "Grants permission to retrieve a list of GuardDuty filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFilters.html" + }, + "ListFindings": { + "privilege": "ListFindings", + "description": "Grants permission to retrieve a list of GuardDuty findings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFindings.html" + }, + "ListIPSets": { + "privilege": "ListIPSets", + "description": "Grants permission to retrieve a list of GuardDuty IPSets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListIPSets.html" + }, + "ListInvitations": { + "privilege": "ListInvitations", + "description": "Grants permission to retrieve a list of all of the GuardDuty membership invitations that were sent to an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html" + }, + "ListMembers": { + "privilege": "ListMembers", + "description": "Grants permission to retrieve a list of GuardDuty member accounts associated with an administrator account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMembers.html" + }, + "ListOrganizationAdminAccounts": { + "privilege": "ListOrganizationAdminAccounts", + "description": "Grants permission to list details about the organization delegated administrator for GuardDuty", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListOrganizationAdminAccounts.html" + }, + "ListPublishingDestinations": { + "privilege": "ListPublishingDestinations", + "description": "Grants permission to retrieve a list of publishing destinations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListPublishingDestinations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of tags associated with a GuardDuty resource", + "access_level": "Read", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "filter": { + "resource_type": "filter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "threatintelset": { + "resource_type": "threatintelset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "filter": "filter", + "ipset": "ipset", + "threatintelset": "threatintelset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListTagsForResource.html" + }, + "ListThreatIntelSets": { + "privilege": "ListThreatIntelSets", + "description": "Grants permission to retrieve a list of GuardDuty ThreatIntelSets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListThreatIntelSets.html" + }, + "SendSecurityTelemetry": { + "privilege": "SendSecurityTelemetry", + "description": "Grants permission to send security telemetry for a specific GuardDuty account in a Region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SendSecurityTelemetry.html" + }, + "StartMalwareScan": { + "privilege": "StartMalwareScan", + "description": "Grants permission to initiate a new malware scan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMalwareScan.html" + }, + "StartMonitoringMembers": { + "privilege": "StartMonitoringMembers", + "description": "Grants permission to a GuardDuty administrator account to monitor findings from GuardDuty member accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StartMonitoringMembers.html" + }, + "StopMonitoringMembers": { + "privilege": "StopMonitoringMembers", + "description": "Grants permission to disable monitoring findings from member accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a GuardDuty resource", + "access_level": "Tagging", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "filter": { + "resource_type": "filter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "threatintelset": { + "resource_type": "threatintelset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "filter": "filter", + "ipset": "ipset", + "threatintelset": "threatintelset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_TagResource.html" + }, + "UnarchiveFindings": { + "privilege": "UnarchiveFindings", + "description": "Grants permission to unarchive GuardDuty findings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UnarchiveFindings.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a GuardDuty resource", + "access_level": "Tagging", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "filter": { + "resource_type": "filter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "threatintelset": { + "resource_type": "threatintelset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector", + "filter": "filter", + "ipset": "ipset", + "threatintelset": "threatintelset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UntagResource.html" + }, + "UpdateDetector": { + "privilege": "UpdateDetector", + "description": "Grants permission to update GuardDuty detectors", + "access_level": "Write", + "resource_types": { + "detector": { + "resource_type": "detector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detector": "detector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateDetector.html" + }, + "UpdateFilter": { + "privilege": "UpdateFilter", + "description": "Grants permission to updates GuardDuty filters", + "access_level": "Write", + "resource_types": { + "filter": { + "resource_type": "filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "filter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFilter.html" + }, + "UpdateFindingsFeedback": { + "privilege": "UpdateFindingsFeedback", + "description": "Grants permission to update findings feedback to mark GuardDuty findings as useful or not useful", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateFindingsFeedback.html" + }, + "UpdateIPSet": { + "privilege": "UpdateIPSet", + "description": "Grants permission to update GuardDuty IPSets", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:DeleteRolePolicy", + "iam:PutRolePolicy" + ] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateIPSet.html" + }, + "UpdateMalwareScanSettings": { + "privilege": "UpdateMalwareScanSettings", + "description": "Grants permission to update the malware scan settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareScanSettings.html" + }, + "UpdateMemberDetectors": { + "privilege": "UpdateMemberDetectors", + "description": "Grants permission to update which data sources are enabled for member accounts detectors", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMemberDetectors.html" + }, + "UpdateOrganizationConfiguration": { + "privilege": "UpdateOrganizationConfiguration", + "description": "Grants permission to update the delegated administrator configuration associated with a GuardDuty detector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateOrganizationConfiguration.html" + }, + "UpdatePublishingDestination": { + "privilege": "UpdatePublishingDestination", + "description": "Grants permission to update a publishing destination", + "access_level": "Write", + "resource_types": { + "publishingDestination": { + "resource_type": "publishingDestination", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "publishingdestination": "publishingDestination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdatePublishingDestination.html" + }, + "UpdateThreatIntelSet": { + "privilege": "UpdateThreatIntelSet", + "description": "Grants permission to updates the GuardDuty ThreatIntelSets", + "access_level": "Write", + "resource_types": { + "threatintelset": { + "resource_type": "threatintelset", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:DeleteRolePolicy", + "iam:PutRolePolicy" + ] + } + }, + "resource_types_lower_name": { + "threatintelset": "threatintelset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateThreatIntelSet.html" + } + }, + "privileges_lower_name": { + "acceptadministratorinvitation": "AcceptAdministratorInvitation", + "acceptinvitation": "AcceptInvitation", + "archivefindings": "ArchiveFindings", + "createdetector": "CreateDetector", + "createfilter": "CreateFilter", + "createipset": "CreateIPSet", + "createmembers": "CreateMembers", + "createpublishingdestination": "CreatePublishingDestination", + "createsamplefindings": "CreateSampleFindings", + "createthreatintelset": "CreateThreatIntelSet", + "declineinvitations": "DeclineInvitations", + "deletedetector": "DeleteDetector", + "deletefilter": "DeleteFilter", + "deleteipset": "DeleteIPSet", + "deleteinvitations": "DeleteInvitations", + "deletemembers": "DeleteMembers", + "deletepublishingdestination": "DeletePublishingDestination", + "deletethreatintelset": "DeleteThreatIntelSet", + "describemalwarescans": "DescribeMalwareScans", + "describeorganizationconfiguration": "DescribeOrganizationConfiguration", + "describepublishingdestination": "DescribePublishingDestination", + "disableorganizationadminaccount": "DisableOrganizationAdminAccount", + "disassociatefromadministratoraccount": "DisassociateFromAdministratorAccount", + "disassociatefrommasteraccount": "DisassociateFromMasterAccount", + "disassociatemembers": "DisassociateMembers", + "enableorganizationadminaccount": "EnableOrganizationAdminAccount", + "getadministratoraccount": "GetAdministratorAccount", + "getcoveragestatistics": "GetCoverageStatistics", + "getdetector": "GetDetector", + "getfilter": "GetFilter", + "getfindings": "GetFindings", + "getfindingsstatistics": "GetFindingsStatistics", + "getipset": "GetIPSet", + "getinvitationscount": "GetInvitationsCount", + "getmalwarescansettings": "GetMalwareScanSettings", + "getmasteraccount": "GetMasterAccount", + "getmemberdetectors": "GetMemberDetectors", + "getmembers": "GetMembers", + "getremainingfreetrialdays": "GetRemainingFreeTrialDays", + "getthreatintelset": "GetThreatIntelSet", + "getusagestatistics": "GetUsageStatistics", + "invitemembers": "InviteMembers", + "listcoverage": "ListCoverage", + "listdetectors": "ListDetectors", + "listfilters": "ListFilters", + "listfindings": "ListFindings", + "listipsets": "ListIPSets", + "listinvitations": "ListInvitations", + "listmembers": "ListMembers", + "listorganizationadminaccounts": "ListOrganizationAdminAccounts", + "listpublishingdestinations": "ListPublishingDestinations", + "listtagsforresource": "ListTagsForResource", + "listthreatintelsets": "ListThreatIntelSets", + "sendsecuritytelemetry": "SendSecurityTelemetry", + "startmalwarescan": "StartMalwareScan", + "startmonitoringmembers": "StartMonitoringMembers", + "stopmonitoringmembers": "StopMonitoringMembers", + "tagresource": "TagResource", + "unarchivefindings": "UnarchiveFindings", + "untagresource": "UntagResource", + "updatedetector": "UpdateDetector", + "updatefilter": "UpdateFilter", + "updatefindingsfeedback": "UpdateFindingsFeedback", + "updateipset": "UpdateIPSet", + "updatemalwarescansettings": "UpdateMalwareScanSettings", + "updatememberdetectors": "UpdateMemberDetectors", + "updateorganizationconfiguration": "UpdateOrganizationConfiguration", + "updatepublishingdestination": "UpdatePublishingDestination", + "updatethreatintelset": "UpdateThreatIntelSet" + }, + "resources": { + "detector": { + "resource": "detector", + "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "filter": { + "resource": "filter", + "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/filter/${FilterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ipset": { + "resource": "ipset", + "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/ipset/${IPSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "threatintelset": { + "resource": "threatintelset", + "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/threatintelset/${ThreatIntelSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "publishingDestination": { + "resource": "publishingDestination", + "arn": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/publishingDestination/${PublishingDestinationId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "detector": "detector", + "filter": "filter", + "ipset": "ipset", + "threatintelset": "threatintelset", + "publishingdestination": "publishingDestination" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "healthlake": { + "service_name": "Amazon HealthLake", + "prefix": "healthlake", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonhealthlake.html", + "privileges": { + "CreateFHIRDatastore": { + "privilege": "CreateFHIRDatastore", + "description": "Grants permission to create a datastore that can ingest and export FHIR data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_CreateFHIRDatastore.html" + }, + "CreateResource": { + "privilege": "CreateResource", + "description": "Grants permission to create resource", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" + }, + "DeleteFHIRDatastore": { + "privilege": "DeleteFHIRDatastore", + "description": "Grants permission to delete a datastore", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DeleteFHIRDatastore.html" + }, + "DeleteResource": { + "privilege": "DeleteResource", + "description": "Grants permission to delete resource", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" + }, + "DescribeFHIRDatastore": { + "privilege": "DescribeFHIRDatastore", + "description": "Grants permission to get the properties associated with the FHIR datastore, including the datastore ID, datastore ARN, datastore name, datastore status, created at, datastore type version, and datastore endpoint", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DescribeFHIRDatastore.html" + }, + "DescribeFHIRExportJob": { + "privilege": "DescribeFHIRExportJob", + "description": "Grants permission to display the properties of a FHIR export job, including the ID, ARN, name, and the status of the datastore", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DescribeFHIRExportJob.html" + }, + "DescribeFHIRImportJob": { + "privilege": "DescribeFHIRImportJob", + "description": "Grants permission to display the properties of a FHIR import job, including the ID, ARN, name, and the status of the datastore", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_DescribeFHIRImportJob.html" + }, + "GetCapabilities": { + "privilege": "GetCapabilities", + "description": "Grants permission to get the capabilities of a FHIR datastore", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" + }, + "ListFHIRDatastores": { + "privilege": "ListFHIRDatastores", + "description": "Grants permission to list all FHIR datastores that are in the user\u2019s account, regardless of datastore status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListFHIRDatastores.html" + }, + "ListFHIRExportJobs": { + "privilege": "ListFHIRExportJobs", + "description": "Grants permission to get a list of export jobs for the specified datastore", + "access_level": "List", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListFHIRExportJobs.html" + }, + "ListFHIRImportJobs": { + "privilege": "ListFHIRImportJobs", + "description": "Grants permission to get a list of import jobs for the specified datastore", + "access_level": "List", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListFHIRImportJobs.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get a list of tags for the specified datastore", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_ListTagsForResource.html" + }, + "ReadResource": { + "privilege": "ReadResource", + "description": "Grants permission to read resource", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" + }, + "SearchWithGet": { + "privilege": "SearchWithGet", + "description": "Grants permission to search resources with GET method", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/search-healthlake.html" + }, + "SearchWithPost": { + "privilege": "SearchWithPost", + "description": "Grants permission to search resources with POST method", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/search-healthlake.html" + }, + "StartFHIRExportJob": { + "privilege": "StartFHIRExportJob", + "description": "Grants permission to begin a FHIR Export job", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_StartFHIRExportJob.html" + }, + "StartFHIRImportJob": { + "privilege": "StartFHIRImportJob", + "description": "Grants permission to begin a FHIR Import job", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_StartFHIRImportJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a datastore", + "access_level": "Tagging", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags associated with a datastore", + "access_level": "Tagging", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/APIReference/API_UntagResource.html" + }, + "UpdateResource": { + "privilege": "UpdateResource", + "description": "Grants permission to update resource", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthlake/latest/devguide/crud-healthlake.html" + } + }, + "privileges_lower_name": { + "createfhirdatastore": "CreateFHIRDatastore", + "createresource": "CreateResource", + "deletefhirdatastore": "DeleteFHIRDatastore", + "deleteresource": "DeleteResource", + "describefhirdatastore": "DescribeFHIRDatastore", + "describefhirexportjob": "DescribeFHIRExportJob", + "describefhirimportjob": "DescribeFHIRImportJob", + "getcapabilities": "GetCapabilities", + "listfhirdatastores": "ListFHIRDatastores", + "listfhirexportjobs": "ListFHIRExportJobs", + "listfhirimportjobs": "ListFHIRImportJobs", + "listtagsforresource": "ListTagsForResource", + "readresource": "ReadResource", + "searchwithget": "SearchWithGet", + "searchwithpost": "SearchWithPost", + "startfhirexportjob": "StartFHIRExportJob", + "startfhirimportjob": "StartFHIRImportJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateresource": "UpdateResource" + }, + "resources": { + "datastore": { + "resource": "datastore", + "arn": "arn:${Partition}:healthlake:${Region}:${Account}:datastore/fhir/${DatastoreId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "datastore": "datastore" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "honeycode": { + "service_name": "Amazon Honeycode", + "prefix": "honeycode", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonhoneycode.html", + "privileges": { + "ApproveTeamAssociation": { + "privilege": "ApproveTeamAssociation", + "description": "Grants permission to approve a team association request for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team-association.html#approve-team-association" + }, + "BatchCreateTableRows": { + "privilege": "BatchCreateTableRows", + "description": "Grants permission to create new rows in a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchCreateTableRows.html" + }, + "BatchDeleteTableRows": { + "privilege": "BatchDeleteTableRows", + "description": "Grants permission to delete rows from a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchDeleteTableRows.html" + }, + "BatchUpdateTableRows": { + "privilege": "BatchUpdateTableRows", + "description": "Grants permission to update rows in a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchUpdateTableRows.html" + }, + "BatchUpsertTableRows": { + "privilege": "BatchUpsertTableRows", + "description": "Grants permission to upsert rows in a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_BatchUpsertTableRows.html" + }, + "CreateTeam": { + "privilege": "CreateTeam", + "description": "Grants permission to create a new Amazon Honeycode team for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team.html#create-team" + }, + "CreateTenant": { + "privilege": "CreateTenant", + "description": "Grants permission to create a new tenant within Amazon Honeycode for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/tenant.html#create-tenant" + }, + "DeleteDomains": { + "privilege": "DeleteDomains", + "description": "Grants permission to delete Amazon Honeycode domains for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#delete-domains" + }, + "DeregisterGroups": { + "privilege": "DeregisterGroups", + "description": "Grants permission to remove groups from an Amazon Honeycode team for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/group.html#deregister-groups" + }, + "DescribeTableDataImportJob": { + "privilege": "DescribeTableDataImportJob", + "description": "Grants permission to get details about a table data import job", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_DescribeTableDataImportJob.html" + }, + "DescribeTeam": { + "privilege": "DescribeTeam", + "description": "Grants permission to get details about Amazon Honeycode teams for your AWS Account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team.html#describe-team" + }, + "GetScreenData": { + "privilege": "GetScreenData", + "description": "Grants permission to load the data from a screen", + "access_level": "Read", + "resource_types": { + "screen": { + "resource_type": "screen", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "screen": "screen" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_GetScreenData.html" + }, + "InvokeScreenAutomation": { + "privilege": "InvokeScreenAutomation", + "description": "Grants permission to invoke a screen automation", + "access_level": "Write", + "resource_types": { + "screen-automation": { + "resource_type": "screen-automation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "screen-automation": "screen-automation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_InvokeScreenAutomation.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list all Amazon Honeycode domains and their verification status for your AWS Account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#list-domains" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list all groups in an Amazon Honeycode team for your AWS Account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/group.html#list-groups" + }, + "ListTableColumns": { + "privilege": "ListTableColumns", + "description": "Grants permission to list the columns in a table", + "access_level": "List", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTableColumns.html" + }, + "ListTableRows": { + "privilege": "ListTableRows", + "description": "Grants permission to list the rows in a table", + "access_level": "List", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTableRows.html" + }, + "ListTables": { + "privilege": "ListTables", + "description": "Grants permission to list the tables in a workbook", + "access_level": "List", + "resource_types": { + "workbook": { + "resource_type": "workbook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workbook": "workbook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTables.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_ListTagsForResource.html" + }, + "ListTeamAssociations": { + "privilege": "ListTeamAssociations", + "description": "Grants permission to list all pending and approved team associations with your AWS Account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team-association.html#list-team-associations" + }, + "ListTenants": { + "privilege": "ListTenants", + "description": "Grants permission to list all tenants of Amazon Honeycode for your AWS Account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/tenant.html#list-tenants" + }, + "QueryTableRows": { + "privilege": "QueryTableRows", + "description": "Grants permission to query the rows of a table using a filter", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_QueryTableRows.html" + }, + "RegisterDomainForVerification": { + "privilege": "RegisterDomainForVerification", + "description": "Grants permission to request verification of the Amazon Honeycode domains for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#register-domain-for-verification" + }, + "RegisterGroups": { + "privilege": "RegisterGroups", + "description": "Grants permission to add groups to an Amazon Honeycode team for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/group.html#register-groups" + }, + "RejectTeamAssociation": { + "privilege": "RejectTeamAssociation", + "description": "Grants permission to reject a team association request for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team-association.html#reject-team-association" + }, + "RestartDomainVerification": { + "privilege": "RestartDomainVerification", + "description": "Grants permission to restart verification of the Amazon Honeycode domains for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/domain.html#restart-domain-verification" + }, + "StartTableDataImportJob": { + "privilege": "StartTableDataImportJob", + "description": "Grants permission to start a table data import job", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_StartTableDataImportJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/API_UntagResource.html" + }, + "UpdateTeam": { + "privilege": "UpdateTeam", + "description": "Grants permission to update an Amazon Honeycode team for your AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/honeycode/latest/UserGuide/team.html#update-team" + } + }, + "privileges_lower_name": { + "approveteamassociation": "ApproveTeamAssociation", + "batchcreatetablerows": "BatchCreateTableRows", + "batchdeletetablerows": "BatchDeleteTableRows", + "batchupdatetablerows": "BatchUpdateTableRows", + "batchupserttablerows": "BatchUpsertTableRows", + "createteam": "CreateTeam", + "createtenant": "CreateTenant", + "deletedomains": "DeleteDomains", + "deregistergroups": "DeregisterGroups", + "describetabledataimportjob": "DescribeTableDataImportJob", + "describeteam": "DescribeTeam", + "getscreendata": "GetScreenData", + "invokescreenautomation": "InvokeScreenAutomation", + "listdomains": "ListDomains", + "listgroups": "ListGroups", + "listtablecolumns": "ListTableColumns", + "listtablerows": "ListTableRows", + "listtables": "ListTables", + "listtagsforresource": "ListTagsForResource", + "listteamassociations": "ListTeamAssociations", + "listtenants": "ListTenants", + "querytablerows": "QueryTableRows", + "registerdomainforverification": "RegisterDomainForVerification", + "registergroups": "RegisterGroups", + "rejectteamassociation": "RejectTeamAssociation", + "restartdomainverification": "RestartDomainVerification", + "starttabledataimportjob": "StartTableDataImportJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateteam": "UpdateTeam" + }, + "resources": { + "workbook": { + "resource": "workbook", + "arn": "arn:${Partition}:honeycode:${Region}:${Account}:workbook:workbook/${WorkbookId}", + "condition_keys": [] + }, + "table": { + "resource": "table", + "arn": "arn:${Partition}:honeycode:${Region}:${Account}:table:workbook/${WorkbookId}/table/${TableId}", + "condition_keys": [] + }, + "screen": { + "resource": "screen", + "arn": "arn:${Partition}:honeycode:${Region}:${Account}:screen:workbook/${WorkbookId}/app/${AppId}/screen/${ScreenId}", + "condition_keys": [] + }, + "screen-automation": { + "resource": "screen-automation", + "arn": "arn:${Partition}:honeycode:${Region}:${Account}:screen-automation:workbook/${WorkbookId}/app/${AppId}/screen/${ScreenId}/automation/${AutomationId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "workbook": "workbook", + "table": "table", + "screen": "screen", + "screen-automation": "screen-automation" + }, + "conditions": {} + }, + "inspector": { + "service_name": "Amazon Inspector", + "prefix": "inspector", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninspector.html", + "privileges": { + "AddAttributesToFindings": { + "privilege": "AddAttributesToFindings", + "description": "Grants permission to assign attributes (key and value pairs) to the findings that are specified by the ARNs of the findings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_AddAttributesToFindings.html" + }, + "CreateAssessmentTarget": { + "privilege": "CreateAssessmentTarget", + "description": "Grants permission to create a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateAssessmentTarget.html" + }, + "CreateAssessmentTemplate": { + "privilege": "CreateAssessmentTemplate", + "description": "Grants permission to create an assessment template for the assessment target that is specified by the ARN of the assessment target", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateAssessmentTemplate.html" + }, + "CreateExclusionsPreview": { + "privilege": "CreateExclusionsPreview", + "description": "Grants permission to start the generation of an exclusions preview for the specified assessment template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateExclusionsPreview.html" + }, + "CreateResourceGroup": { + "privilege": "CreateResourceGroup", + "description": "Grants permission to create a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_CreateResourceGroup.html" + }, + "DeleteAssessmentRun": { + "privilege": "DeleteAssessmentRun", + "description": "Grants permission to delete the assessment run that is specified by the ARN of the assessment run", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DeleteAssessmentRun.html" + }, + "DeleteAssessmentTarget": { + "privilege": "DeleteAssessmentTarget", + "description": "Grants permission to delete the assessment target that is specified by the ARN of the assessment target", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DeleteAssessmentTarget.html" + }, + "DeleteAssessmentTemplate": { + "privilege": "DeleteAssessmentTemplate", + "description": "Grants permission to delete the assessment template that is specified by the ARN of the assessment template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DeleteAssessmentTemplate.html" + }, + "DescribeAssessmentRuns": { + "privilege": "DescribeAssessmentRuns", + "description": "Grants permission to describe the assessment runs that are specified by the ARNs of the assessment runs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeAssessmentRuns.html" + }, + "DescribeAssessmentTargets": { + "privilege": "DescribeAssessmentTargets", + "description": "Grants permission to describe the assessment targets that are specified by the ARNs of the assessment targets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeAssessmentTargets.html" + }, + "DescribeAssessmentTemplates": { + "privilege": "DescribeAssessmentTemplates", + "description": "Grants permission to describe the assessment templates that are specified by the ARNs of the assessment templates", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeAssessmentTemplates.html" + }, + "DescribeCrossAccountAccessRole": { + "privilege": "DescribeCrossAccountAccessRole", + "description": "Grants permission to describe the IAM role that enables Amazon Inspector to access your AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeCrossAccountAccessRole.html" + }, + "DescribeExclusions": { + "privilege": "DescribeExclusions", + "description": "Grants permission to describe the exclusions that are specified by the exclusions' ARNs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeExclusions.html" + }, + "DescribeFindings": { + "privilege": "DescribeFindings", + "description": "Grants permission to describe the findings that are specified by the ARNs of the findings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeFindings.html" + }, + "DescribeResourceGroups": { + "privilege": "DescribeResourceGroups", + "description": "Grants permission to describe the resource groups that are specified by the ARNs of the resource groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeResourceGroups.html" + }, + "DescribeRulesPackages": { + "privilege": "DescribeRulesPackages", + "description": "Grants permission to describe the rules packages that are specified by the ARNs of the rules packages", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_DescribeRulesPackages.html" + }, + "GetAssessmentReport": { + "privilege": "GetAssessmentReport", + "description": "Grants permission to produce an assessment report that includes detailed and comprehensive results of a specified assessment run", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_GetAssessmentReport.html" + }, + "GetExclusionsPreview": { + "privilege": "GetExclusionsPreview", + "description": "Grants permission to retrieve the exclusions preview (a list of ExclusionPreview objects) specified by the preview token", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_GetExclusionsPreview.html" + }, + "GetTelemetryMetadata": { + "privilege": "GetTelemetryMetadata", + "description": "Grants permission to get information about the data that is collected for the specified assessment run", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_GetTelemetryMetadata.html" + }, + "ListAssessmentRunAgents": { + "privilege": "ListAssessmentRunAgents", + "description": "Grants permission to list the agents of the assessment runs that are specified by the ARNs of the assessment runs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentRunAgents.html" + }, + "ListAssessmentRuns": { + "privilege": "ListAssessmentRuns", + "description": "Grants permission to list the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentRuns.html" + }, + "ListAssessmentTargets": { + "privilege": "ListAssessmentTargets", + "description": "Grants permission to list the ARNs of the assessment targets within this AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentTargets.html" + }, + "ListAssessmentTemplates": { + "privilege": "ListAssessmentTemplates", + "description": "Grants permission to list the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListAssessmentTemplates.html" + }, + "ListEventSubscriptions": { + "privilege": "ListEventSubscriptions", + "description": "Grants permission to list all the event subscriptions for the assessment template that is specified by the ARN of the assessment template", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListEventSubscriptions.html" + }, + "ListExclusions": { + "privilege": "ListExclusions", + "description": "Grants permission to list exclusions that are generated by the assessment run", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListExclusions.html" + }, + "ListFindings": { + "privilege": "ListFindings", + "description": "Grants permission to list findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListFindings.html" + }, + "ListRulesPackages": { + "privilege": "ListRulesPackages", + "description": "Grants permission to list all available Amazon Inspector rules packages", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListRulesPackages.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags associated with an assessment template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_ListTagsForResource.html" + }, + "PreviewAgents": { + "privilege": "PreviewAgents", + "description": "Grants permission to preview the agents installed on the EC2 instances that are part of the specified assessment target", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_PreviewAgents.html" + }, + "RegisterCrossAccountAccessRole": { + "privilege": "RegisterCrossAccountAccessRole", + "description": "Grants permission to register the IAM role that Amazon Inspector uses to list your EC2 instances at the start of the assessment run or when you call the PreviewAgents action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_RegisterCrossAccountAccessRole.html" + }, + "RemoveAttributesFromFindings": { + "privilege": "RemoveAttributesFromFindings", + "description": "Grants permission to remove entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_RemoveAttributesFromFindings.html" + }, + "SetTagsForResource": { + "privilege": "SetTagsForResource", + "description": "Grants permission to set tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_SetTagsForResource.html" + }, + "StartAssessmentRun": { + "privilege": "StartAssessmentRun", + "description": "Grants permission to start the assessment run specified by the ARN of the assessment template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_StartAssessmentRun.html" + }, + "StopAssessmentRun": { + "privilege": "StopAssessmentRun", + "description": "Grants permission to stop the assessment run that is specified by the ARN of the assessment run", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_StopAssessmentRun.html" + }, + "SubscribeToEvent": { + "privilege": "SubscribeToEvent", + "description": "Grants permission to enable the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_SubscribeToEvent.html" + }, + "UnsubscribeFromEvent": { + "privilege": "UnsubscribeFromEvent", + "description": "Grants permission to disable the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_UnsubscribeFromEvent.html" + }, + "UpdateAssessmentTarget": { + "privilege": "UpdateAssessmentTarget", + "description": "Grants permission to update the assessment target that is specified by the ARN of the assessment target", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/latest/APIReference/API_UpdateAssessmentTarget.html" + } + }, + "privileges_lower_name": { + "addattributestofindings": "AddAttributesToFindings", + "createassessmenttarget": "CreateAssessmentTarget", + "createassessmenttemplate": "CreateAssessmentTemplate", + "createexclusionspreview": "CreateExclusionsPreview", + "createresourcegroup": "CreateResourceGroup", + "deleteassessmentrun": "DeleteAssessmentRun", + "deleteassessmenttarget": "DeleteAssessmentTarget", + "deleteassessmenttemplate": "DeleteAssessmentTemplate", + "describeassessmentruns": "DescribeAssessmentRuns", + "describeassessmenttargets": "DescribeAssessmentTargets", + "describeassessmenttemplates": "DescribeAssessmentTemplates", + "describecrossaccountaccessrole": "DescribeCrossAccountAccessRole", + "describeexclusions": "DescribeExclusions", + "describefindings": "DescribeFindings", + "describeresourcegroups": "DescribeResourceGroups", + "describerulespackages": "DescribeRulesPackages", + "getassessmentreport": "GetAssessmentReport", + "getexclusionspreview": "GetExclusionsPreview", + "gettelemetrymetadata": "GetTelemetryMetadata", + "listassessmentrunagents": "ListAssessmentRunAgents", + "listassessmentruns": "ListAssessmentRuns", + "listassessmenttargets": "ListAssessmentTargets", + "listassessmenttemplates": "ListAssessmentTemplates", + "listeventsubscriptions": "ListEventSubscriptions", + "listexclusions": "ListExclusions", + "listfindings": "ListFindings", + "listrulespackages": "ListRulesPackages", + "listtagsforresource": "ListTagsForResource", + "previewagents": "PreviewAgents", + "registercrossaccountaccessrole": "RegisterCrossAccountAccessRole", + "removeattributesfromfindings": "RemoveAttributesFromFindings", + "settagsforresource": "SetTagsForResource", + "startassessmentrun": "StartAssessmentRun", + "stopassessmentrun": "StopAssessmentRun", + "subscribetoevent": "SubscribeToEvent", + "unsubscribefromevent": "UnsubscribeFromEvent", + "updateassessmenttarget": "UpdateAssessmentTarget" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "inspector2": { + "service_name": "Amazon Inspector2", + "prefix": "inspector2", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninspector2.html", + "privileges": { + "AssociateMember": { + "privilege": "AssociateMember", + "description": "Grants permission to associate an account with an Amazon Inspector administrator account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_AssociateMember.html" + }, + "BatchGetAccountStatus": { + "privilege": "BatchGetAccountStatus", + "description": "Grants permission to retrieve information about Amazon Inspector accounts for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetAccountStatus.html" + }, + "BatchGetCodeSnippet": { + "privilege": "BatchGetCodeSnippet", + "description": "Grants permission to retrieve code snippet information about one or more code vulnerability findings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetCodeSnippet.html" + }, + "BatchGetFreeTrialInfo": { + "privilege": "BatchGetFreeTrialInfo", + "description": "Grants permission to retrieve free trial period eligibility about Amazon Inspector accounts for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetFreeTrialInfo.html" + }, + "BatchGetMemberEc2DeepInspectionStatus": { + "privilege": "BatchGetMemberEc2DeepInspectionStatus", + "description": "Grants permission to delegated administrator to retrieve ec2 deep inspection status of member accounts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetMemberEc2DeepInspectionStatus.html" + }, + "BatchUpdateMemberEc2DeepInspectionStatus": { + "privilege": "BatchUpdateMemberEc2DeepInspectionStatus", + "description": "Grants permission to update ec2 deep inspection status by delegated administrator for its associated member accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchUpdateMemberEc2DeepInspectionStatus.html" + }, + "CancelFindingsReport": { + "privilege": "CancelFindingsReport", + "description": "Grants permission to cancel the generation of a findings report", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CancelFindingsReport.html" + }, + "CancelSbomExport": { + "privilege": "CancelSbomExport", + "description": "Grants permission to cancel the generation of an SBOM report", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CancelSbomExport.html" + }, + "CreateFilter": { + "privilege": "CreateFilter", + "description": "Grants permission to create and define the settings for a findings filter", + "access_level": "Write", + "resource_types": { + "Filter": { + "resource_type": "Filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "Filter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CreateFilter.html" + }, + "CreateFindingsReport": { + "privilege": "CreateFindingsReport", + "description": "Grants permission to request the generation of a findings report", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CreateFindingsReport.html" + }, + "CreateSbomExport": { + "privilege": "CreateSbomExport", + "description": "Grants permission to request the generation of an SBOM report", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_CreateSbomExport.html" + }, + "DeleteFilter": { + "privilege": "DeleteFilter", + "description": "Grants permission to delete a findings filter", + "access_level": "Write", + "resource_types": { + "Filter": { + "resource_type": "Filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "Filter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DeleteFilter.html" + }, + "DescribeOrganizationConfiguration": { + "privilege": "DescribeOrganizationConfiguration", + "description": "Grants permission to retrieve information about the Amazon Inspector configuration settings for an AWS organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DescribeOrganizationConfiguration.html" + }, + "Disable": { + "privilege": "Disable", + "description": "Grants permission to disable an Amazon Inspector account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_Disable.html" + }, + "DisableDelegatedAdminAccount": { + "privilege": "DisableDelegatedAdminAccount", + "description": "Grants permission to disable an account as the delegated Amazon Inspector administrator account for an AWS organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DisableDelegatedAdminAccount.html" + }, + "DisassociateMember": { + "privilege": "DisassociateMember", + "description": "Grants permission to an Amazon Inspector administrator account to disassociate from an Inspector member account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_DisassociateMember.html" + }, + "Enable": { + "privilege": "Enable", + "description": "Grants permission to enable and specify the configuration settings for a new Amazon Inspector account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_Enable.html" + }, + "EnableDelegatedAdminAccount": { + "privilege": "EnableDelegatedAdminAccount", + "description": "Grants permission to enable an account as the delegated Amazon Inspector administrator account for an AWS organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_EnableDelegatedAdminAccount.html" + }, + "GetConfiguration": { + "privilege": "GetConfiguration", + "description": "Grants permission to retrieve information about the Amazon Inspector configuration settings for an AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetConfiguration.html" + }, + "GetDelegatedAdminAccount": { + "privilege": "GetDelegatedAdminAccount", + "description": "Grants permission to retrieve information about the Amazon Inspector administrator account for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetDelegatedAdminAccount.html" + }, + "GetEc2DeepInspectionConfiguration": { + "privilege": "GetEc2DeepInspectionConfiguration", + "description": "Grants permission to retrieve ec2 deep inspection configuration for standalone accounts, delegated administrator and member account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetEc2DeepInspectionConfiguration.html" + }, + "GetEncryptionKey": { + "privilege": "GetEncryptionKey", + "description": "Grants permission to retrieve information about the KMS key used to encrypt code snippets with", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetEncryptionKey.html" + }, + "GetFindingsReportStatus": { + "privilege": "GetFindingsReportStatus", + "description": "Grants permission to retrieve status for a requested findings report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetFindingsReportStatus.html" + }, + "GetMember": { + "privilege": "GetMember", + "description": "Grants permission to retrieve information about an account that's associated with an Amazon Inspector administrator account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetMember.html" + }, + "GetSbomExport": { + "privilege": "GetSbomExport", + "description": "Grants permission to retrieve a requested SBOM report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_GetSbomExport.html" + }, + "ListAccountPermissions": { + "privilege": "ListAccountPermissions", + "description": "Grants permission to retrieve feature configuration permissions associated with an Amazon Inspector account within an organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListAccountPermissions.html" + }, + "ListCoverage": { + "privilege": "ListCoverage", + "description": "Grants permission to retrieve the types of statistics Amazon Inspector can generate for resources Inspector monitors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListCoverage.html" + }, + "ListCoverageStatistics": { + "privilege": "ListCoverageStatistics", + "description": "Grants permission to retrieve statistical data and other information about the resources Amazon Inspector monitors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListCoverageStatistics.html" + }, + "ListDelegatedAdminAccounts": { + "privilege": "ListDelegatedAdminAccounts", + "description": "Grants permission to retrieve information about the delegated Amazon Inspector administrator account for an AWS organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListDelegatedAdminAccounts.html" + }, + "ListFilters": { + "privilege": "ListFilters", + "description": "Grants permission to retrieve information about all findings filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListFilters.html" + }, + "ListFindingAggregations": { + "privilege": "ListFindingAggregations", + "description": "Grants permission to retrieve statistical data and other information about Amazon Inspector findings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListFindingAggregations.html" + }, + "ListFindings": { + "privilege": "ListFindings", + "description": "Grants permission to retrieve a subset of information about one or more findings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListFindings.html" + }, + "ListMembers": { + "privilege": "ListMembers", + "description": "Grants permission to retrieve information about the Amazon Inspector member accounts that are associated with an Inspector administrator account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListMembers.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve the tags for an Amazon Inspector resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListTagsForResource.html" + }, + "ListUsageTotals": { + "privilege": "ListUsageTotals", + "description": "Grants permission to retrieve aggregated usage data for an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListUsageTotals.html" + }, + "ResetEncryptionKey": { + "privilege": "ResetEncryptionKey", + "description": "Grants permission to let a customer reset to use an Amazon-owned KMS key to encrypt code snippets with", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_ResetEncryptionKey.html" + }, + "SearchVulnerabilities": { + "privilege": "SearchVulnerabilities", + "description": "Grants permission to list Amazon Inspector coverage details for a specific vulnerability", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_SearchVulnerabilities.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update the tags for an Amazon Inspector resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from an Amazon Inspector resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UntagResource.html" + }, + "UpdateConfiguration": { + "privilege": "UpdateConfiguration", + "description": "Grants permission to update information about the Amazon Inspector configuration settings for an AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateConfiguration.html" + }, + "UpdateEc2DeepInspectionConfiguration": { + "privilege": "UpdateEc2DeepInspectionConfiguration", + "description": "Grants permission to update ec2 deep inspection configuration by delegated administrator, member and standalone account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateEc2DeepInspectionConfiguration.html" + }, + "UpdateEncryptionKey": { + "privilege": "UpdateEncryptionKey", + "description": "Grants permission to let a customer use a KMS key to encrypt code snippets with", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateEncryptionKey.html" + }, + "UpdateFilter": { + "privilege": "UpdateFilter", + "description": "Grants permission to update the settings for a findings filter", + "access_level": "Write", + "resource_types": { + "Filter": { + "resource_type": "Filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "Filter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateFilter.html" + }, + "UpdateOrgEc2DeepInspectionConfiguration": { + "privilege": "UpdateOrgEc2DeepInspectionConfiguration", + "description": "Grants permission to update ec2 deep inspection configuration by delegated administrator for its associated member accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateOrgEc2DeepInspectionConfiguration.html" + }, + "UpdateOrganizationConfiguration": { + "privilege": "UpdateOrganizationConfiguration", + "description": "Grants permission to update Amazon Inspector configuration settings for an AWS organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/inspector/v2/APIReference/API_UpdateOrganizationConfiguration.html" + } + }, + "privileges_lower_name": { + "associatemember": "AssociateMember", + "batchgetaccountstatus": "BatchGetAccountStatus", + "batchgetcodesnippet": "BatchGetCodeSnippet", + "batchgetfreetrialinfo": "BatchGetFreeTrialInfo", + "batchgetmemberec2deepinspectionstatus": "BatchGetMemberEc2DeepInspectionStatus", + "batchupdatememberec2deepinspectionstatus": "BatchUpdateMemberEc2DeepInspectionStatus", + "cancelfindingsreport": "CancelFindingsReport", + "cancelsbomexport": "CancelSbomExport", + "createfilter": "CreateFilter", + "createfindingsreport": "CreateFindingsReport", + "createsbomexport": "CreateSbomExport", + "deletefilter": "DeleteFilter", + "describeorganizationconfiguration": "DescribeOrganizationConfiguration", + "disable": "Disable", + "disabledelegatedadminaccount": "DisableDelegatedAdminAccount", + "disassociatemember": "DisassociateMember", + "enable": "Enable", + "enabledelegatedadminaccount": "EnableDelegatedAdminAccount", + "getconfiguration": "GetConfiguration", + "getdelegatedadminaccount": "GetDelegatedAdminAccount", + "getec2deepinspectionconfiguration": "GetEc2DeepInspectionConfiguration", + "getencryptionkey": "GetEncryptionKey", + "getfindingsreportstatus": "GetFindingsReportStatus", + "getmember": "GetMember", + "getsbomexport": "GetSbomExport", + "listaccountpermissions": "ListAccountPermissions", + "listcoverage": "ListCoverage", + "listcoveragestatistics": "ListCoverageStatistics", + "listdelegatedadminaccounts": "ListDelegatedAdminAccounts", + "listfilters": "ListFilters", + "listfindingaggregations": "ListFindingAggregations", + "listfindings": "ListFindings", + "listmembers": "ListMembers", + "listtagsforresource": "ListTagsForResource", + "listusagetotals": "ListUsageTotals", + "resetencryptionkey": "ResetEncryptionKey", + "searchvulnerabilities": "SearchVulnerabilities", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateconfiguration": "UpdateConfiguration", + "updateec2deepinspectionconfiguration": "UpdateEc2DeepInspectionConfiguration", + "updateencryptionkey": "UpdateEncryptionKey", + "updatefilter": "UpdateFilter", + "updateorgec2deepinspectionconfiguration": "UpdateOrgEc2DeepInspectionConfiguration", + "updateorganizationconfiguration": "UpdateOrganizationConfiguration" + }, + "resources": { + "Filter": { + "resource": "Filter", + "arn": "arn:${Partition}:inspector2:${Region}:${Account}:owner/${OwnerId}/filter/${FilterId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Finding": { + "resource": "Finding", + "arn": "arn:${Partition}:inspector2:${Region}:${Account}:finding/${FindingId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "filter": "Filter", + "finding": "Finding" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "ivs": { + "service_name": "Amazon Interactive Video Service", + "prefix": "ivs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninteractivevideoservice.html", + "privileges": { + "BatchGetChannel": { + "privilege": "BatchGetChannel", + "description": "Grants permission to get multiple channels simultaneously by channel ARN", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_BatchGetChannel.html" + }, + "BatchGetStreamKey": { + "privilege": "BatchGetStreamKey", + "description": "Grants permission to get multiple stream keys simultaneously by stream key ARN", + "access_level": "Read", + "resource_types": { + "Stream-Key": { + "resource_type": "Stream-Key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream-key": "Stream-Key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_BatchGetStreamKey.html" + }, + "BatchStartViewerSessionRevocation": { + "privilege": "BatchStartViewerSessionRevocation", + "description": "Grants permission to perform StartViewerSessionRevocation on multiple channel ARN and viewer ID pairs simultaneously", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_BatchStartViewerSessionRevocation.html" + }, + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Grants permission to create a new channel and an associated stream key", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Stream-Key": { + "resource_type": "Stream-Key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "stream-key": "Stream-Key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_CreateChannel.html" + }, + "CreateParticipantToken": { + "privilege": "CreateParticipantToken", + "description": "Grants permission to create a participant token", + "access_level": "Write", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_CreateParticipantToken.html" + }, + "CreateRecordingConfiguration": { + "privilege": "CreateRecordingConfiguration", + "description": "Grants permission to create a a new recording configuration", + "access_level": "Write", + "resource_types": { + "Recording-Configuration": { + "resource_type": "Recording-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recording-configuration": "Recording-Configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_CreateRecordingConfiguration.html" + }, + "CreateStage": { + "privilege": "CreateStage", + "description": "Grants permission to create a stage", + "access_level": "Write", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_CreateStage.html" + }, + "CreateStreamKey": { + "privilege": "CreateStreamKey", + "description": "Grants permission to create a stream key", + "access_level": "Write", + "resource_types": { + "Stream-Key": { + "resource_type": "Stream-Key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream-key": "Stream-Key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_CreateStreamKey.html" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Grants permission to delete a channel and channel's stream keys", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Stream-Key": { + "resource_type": "Stream-Key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "stream-key": "Stream-Key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeleteChannel.html" + }, + "DeletePlaybackKeyPair": { + "privilege": "DeletePlaybackKeyPair", + "description": "Grants permission to delete the playback key pair for a specified ARN", + "access_level": "Write", + "resource_types": { + "Playback-Key-Pair": { + "resource_type": "Playback-Key-Pair", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playback-key-pair": "Playback-Key-Pair" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeletePlaybackKeyPair.html" + }, + "DeleteRecordingConfiguration": { + "privilege": "DeleteRecordingConfiguration", + "description": "Grants permission to delete a recording configuration for the specified ARN", + "access_level": "Write", + "resource_types": { + "Recording-Configuration": { + "resource_type": "Recording-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recording-configuration": "Recording-Configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeleteRecordingConfiguration.html" + }, + "DeleteStage": { + "privilege": "DeleteStage", + "description": "Grants permission to delete the stage for a specified ARN", + "access_level": "Write", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_DeleteStage.html" + }, + "DeleteStreamKey": { + "privilege": "DeleteStreamKey", + "description": "Grants permission to delete the stream key for a specified ARN", + "access_level": "Write", + "resource_types": { + "Stream-Key": { + "resource_type": "Stream-Key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream-key": "Stream-Key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_DeleteStreamKey.html" + }, + "DisconnectParticipant": { + "privilege": "DisconnectParticipant", + "description": "Grants permission to disconnect a participant from for the specified stage ARN", + "access_level": "Write", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_DisconnectParticipant.html" + }, + "GetChannel": { + "privilege": "GetChannel", + "description": "Grants permission to get the channel configuration for a specified channel ARN", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetChannel.html" + }, + "GetParticipant": { + "privilege": "GetParticipant", + "description": "Grants permission to get participant information for a specified stage ARN, session, and participant", + "access_level": "Read", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_GetParticipant.html" + }, + "GetPlaybackKeyPair": { + "privilege": "GetPlaybackKeyPair", + "description": "Grants permission to get the playback keypair information for a specified ARN", + "access_level": "Read", + "resource_types": { + "Playback-Key-Pair": { + "resource_type": "Playback-Key-Pair", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playback-key-pair": "Playback-Key-Pair" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetPlaybackKeyPair.html" + }, + "GetRecordingConfiguration": { + "privilege": "GetRecordingConfiguration", + "description": "Grants permission to get the recording configuration for the specified ARN", + "access_level": "Read", + "resource_types": { + "Recording-Configuration": { + "resource_type": "Recording-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recording-configuration": "Recording-Configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetRecordingConfiguration.html" + }, + "GetStage": { + "privilege": "GetStage", + "description": "Grants permission to get stage information for a specified ARN", + "access_level": "Read", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_GetStage.html" + }, + "GetStageSession": { + "privilege": "GetStageSession", + "description": "Grants permission to get stage session information for a specified stage ARN and session", + "access_level": "Read", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_GetStageSession.html" + }, + "GetStream": { + "privilege": "GetStream", + "description": "Grants permission to get information about the active (live) stream on a specified channel", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetStream.html" + }, + "GetStreamKey": { + "privilege": "GetStreamKey", + "description": "Grants permission to get stream-key information for a specified ARN", + "access_level": "Read", + "resource_types": { + "Stream-Key": { + "resource_type": "Stream-Key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream-key": "Stream-Key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetStreamKey.html" + }, + "GetStreamSession": { + "privilege": "GetStreamSession", + "description": "Grants permission to get information about the stream session on a specified channel", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_GetStreamSession.html" + }, + "ImportPlaybackKeyPair": { + "privilege": "ImportPlaybackKeyPair", + "description": "Grants permission to import the public key", + "access_level": "Write", + "resource_types": { + "Playback-Key-Pair": { + "resource_type": "Playback-Key-Pair", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playback-key-pair": "Playback-Key-Pair", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ImportPlaybackKeyPair.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to get summary information about channels", + "access_level": "List", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListChannels.html" + }, + "ListParticipantEvents": { + "privilege": "ListParticipantEvents", + "description": "Grants permission to list participant events for a specified stage ARN, session, and participant", + "access_level": "List", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListParticipantEvents.html" + }, + "ListParticipants": { + "privilege": "ListParticipants", + "description": "Grants permission to list participants for a specified stage ARN and session", + "access_level": "List", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListParticipants.html" + }, + "ListPlaybackKeyPairs": { + "privilege": "ListPlaybackKeyPairs", + "description": "Grants permission to get summary information about playback key pairs", + "access_level": "List", + "resource_types": { + "Playback-Key-Pair": { + "resource_type": "Playback-Key-Pair", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playback-key-pair": "Playback-Key-Pair" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListPlaybackKeyPairs.html" + }, + "ListRecordingConfigurations": { + "privilege": "ListRecordingConfigurations", + "description": "Grants permission to get summary information about recording configurations", + "access_level": "List", + "resource_types": { + "Recording-Configuration": { + "resource_type": "Recording-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recording-configuration": "Recording-Configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListRecordingConfigurations.html" + }, + "ListStageSessions": { + "privilege": "ListStageSessions", + "description": "Grants permission to list stage sessions for a specified stage ARN", + "access_level": "List", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListStageSessions.html" + }, + "ListStages": { + "privilege": "ListStages", + "description": "Grants permission to get summary information about stages", + "access_level": "List", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_ListStages.html" + }, + "ListStreamKeys": { + "privilege": "ListStreamKeys", + "description": "Grants permission to get summary information about stream keys", + "access_level": "List", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Stream-Key": { + "resource_type": "Stream-Key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "stream-key": "Stream-Key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListStreamKeys.html" + }, + "ListStreamSessions": { + "privilege": "ListStreamSessions", + "description": "Grants permission to get summary information about streams sessions on a specified channel", + "access_level": "List", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListStreamSessions.html" + }, + "ListStreams": { + "privilege": "ListStreams", + "description": "Grants permission to get summary information about live streams", + "access_level": "List", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListStreams.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get information about the tags for a specified ARN", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Playback-Key-Pair": { + "resource_type": "Playback-Key-Pair", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Recording-Configuration": { + "resource_type": "Recording-Configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stage": { + "resource_type": "Stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stream-Key": { + "resource_type": "Stream-Key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "playback-key-pair": "Playback-Key-Pair", + "recording-configuration": "Recording-Configuration", + "stage": "Stage", + "stream-key": "Stream-Key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_ListTagsForResource.html" + }, + "PutMetadata": { + "privilege": "PutMetadata", + "description": "Grants permission to insert metadata into an RTMP stream for a specified channel", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_PutMetadata.html" + }, + "StartViewerSessionRevocation": { + "privilege": "StartViewerSessionRevocation", + "description": "Grants permission to start the process of revoking the viewer session associated with a specified channel ARN and viewer ID", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_StartViewerSessionRevocation.html" + }, + "StopStream": { + "privilege": "StopStream", + "description": "Grants permission to disconnect a streamer on a specified channel", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_StopStream.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update tags for a resource with a specified ARN", + "access_level": "Tagging", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Playback-Key-Pair": { + "resource_type": "Playback-Key-Pair", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Recording-Configuration": { + "resource_type": "Recording-Configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stage": { + "resource_type": "Stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stream-Key": { + "resource_type": "Stream-Key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "playback-key-pair": "Playback-Key-Pair", + "recording-configuration": "Recording-Configuration", + "stage": "Stage", + "stream-key": "Stream-Key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags for a resource with a specified ARN", + "access_level": "Tagging", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Playback-Key-Pair": { + "resource_type": "Playback-Key-Pair", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Recording-Configuration": { + "resource_type": "Recording-Configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stage": { + "resource_type": "Stage", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Stream-Key": { + "resource_type": "Stream-Key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "playback-key-pair": "Playback-Key-Pair", + "recording-configuration": "Recording-Configuration", + "stage": "Stage", + "stream-key": "Stream-Key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_UntagResource.html" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Grants permission to update a channel's configuration", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/APIReference/API_UpdateChannel.html" + }, + "UpdateStage": { + "privilege": "UpdateStage", + "description": "Grants permission to update a stage's configuration", + "access_level": "Write", + "resource_types": { + "Stage": { + "resource_type": "Stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "Stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/RealTimeAPIReference/API_UpdateStage.html" + } + }, + "privileges_lower_name": { + "batchgetchannel": "BatchGetChannel", + "batchgetstreamkey": "BatchGetStreamKey", + "batchstartviewersessionrevocation": "BatchStartViewerSessionRevocation", + "createchannel": "CreateChannel", + "createparticipanttoken": "CreateParticipantToken", + "createrecordingconfiguration": "CreateRecordingConfiguration", + "createstage": "CreateStage", + "createstreamkey": "CreateStreamKey", + "deletechannel": "DeleteChannel", + "deleteplaybackkeypair": "DeletePlaybackKeyPair", + "deleterecordingconfiguration": "DeleteRecordingConfiguration", + "deletestage": "DeleteStage", + "deletestreamkey": "DeleteStreamKey", + "disconnectparticipant": "DisconnectParticipant", + "getchannel": "GetChannel", + "getparticipant": "GetParticipant", + "getplaybackkeypair": "GetPlaybackKeyPair", + "getrecordingconfiguration": "GetRecordingConfiguration", + "getstage": "GetStage", + "getstagesession": "GetStageSession", + "getstream": "GetStream", + "getstreamkey": "GetStreamKey", + "getstreamsession": "GetStreamSession", + "importplaybackkeypair": "ImportPlaybackKeyPair", + "listchannels": "ListChannels", + "listparticipantevents": "ListParticipantEvents", + "listparticipants": "ListParticipants", + "listplaybackkeypairs": "ListPlaybackKeyPairs", + "listrecordingconfigurations": "ListRecordingConfigurations", + "liststagesessions": "ListStageSessions", + "liststages": "ListStages", + "liststreamkeys": "ListStreamKeys", + "liststreamsessions": "ListStreamSessions", + "liststreams": "ListStreams", + "listtagsforresource": "ListTagsForResource", + "putmetadata": "PutMetadata", + "startviewersessionrevocation": "StartViewerSessionRevocation", + "stopstream": "StopStream", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatechannel": "UpdateChannel", + "updatestage": "UpdateStage" + }, + "resources": { + "Channel": { + "resource": "Channel", + "arn": "arn:${Partition}:ivs:${Region}:${Account}:channel/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Stream-Key": { + "resource": "Stream-Key", + "arn": "arn:${Partition}:ivs:${Region}:${Account}:stream-key/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Playback-Key-Pair": { + "resource": "Playback-Key-Pair", + "arn": "arn:${Partition}:ivs:${Region}:${Account}:playback-key/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Recording-Configuration": { + "resource": "Recording-Configuration", + "arn": "arn:${Partition}:ivs:${Region}:${Account}:recording-configuration/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Stage": { + "resource": "Stage", + "arn": "arn:${Partition}:ivs:${Region}:${Account}:stage/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "channel": "Channel", + "stream-key": "Stream-Key", + "playback-key-pair": "Playback-Key-Pair", + "recording-configuration": "Recording-Configuration", + "stage": "Stage" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags associated with the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "ivschat": { + "service_name": "Amazon Interactive Video Service Chat", + "prefix": "ivschat", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoninteractivevideoservicechat.html", + "privileges": { + "CreateChatToken": { + "privilege": "CreateChatToken", + "description": "Grants permission to create an encrypted token that is used to establish an individual WebSocket connection to a room", + "access_level": "Write", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateChatToken.html" + }, + "CreateLoggingConfiguration": { + "privilege": "CreateLoggingConfiguration", + "description": "Grants permission to create a logging configuration that allows clients to record room messages", + "access_level": "Write", + "resource_types": { + "Logging-Configuration": { + "resource_type": "Logging-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "logging-configuration": "Logging-Configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateLoggingConfiguration.html" + }, + "CreateRoom": { + "privilege": "CreateRoom", + "description": "Grants permission to create a room that allows clients to connect and pass messages", + "access_level": "Write", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_CreateRoom.html" + }, + "DeleteLoggingConfiguration": { + "privilege": "DeleteLoggingConfiguration", + "description": "Grants permission to delete the logging configuration for a specified logging configuration ARN", + "access_level": "Write", + "resource_types": { + "Logging-Configuration": { + "resource_type": "Logging-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "logging-configuration": "Logging-Configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DeleteLoggingConfiguration.html" + }, + "DeleteMessage": { + "privilege": "DeleteMessage", + "description": "Grants permission to send an event to a specific room which directs clients to delete a specific message", + "access_level": "Write", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DeleteMessage.html" + }, + "DeleteRoom": { + "privilege": "DeleteRoom", + "description": "Grants permission to delete the room for a specified room ARN", + "access_level": "Write", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DeleteRoom.html" + }, + "DisconnectUser": { + "privilege": "DisconnectUser", + "description": "Grants permission to disconnect all connections using a specified user ID from a room", + "access_level": "Write", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_DisconnectUser.html" + }, + "GetLoggingConfiguration": { + "privilege": "GetLoggingConfiguration", + "description": "Grants permission to get the logging configuration for a specified logging configuration ARN", + "access_level": "Read", + "resource_types": { + "Logging-Configuration": { + "resource_type": "Logging-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "logging-configuration": "Logging-Configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_GetLoggingConfiguration.html" + }, + "GetRoom": { + "privilege": "GetRoom", + "description": "Grants permission to get the room configuration for a specified room ARN", + "access_level": "Read", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_GetRoom.html" + }, + "ListLoggingConfigurations": { + "privilege": "ListLoggingConfigurations", + "description": "Grants permission to get summary information about logging configurations", + "access_level": "List", + "resource_types": { + "Logging-Configuration": { + "resource_type": "Logging-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "logging-configuration": "Logging-Configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_ListLoggingConfigurations.html" + }, + "ListRooms": { + "privilege": "ListRooms", + "description": "Grants permission to get summary information about rooms", + "access_level": "List", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_ListRooms.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get information about the tags for a specified ARN", + "access_level": "Read", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_ListTagsForResource.html" + }, + "SendEvent": { + "privilege": "SendEvent", + "description": "Grants permission to send an event to a room", + "access_level": "Write", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_SendEvent.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update tags for a resource with a specified ARN", + "access_level": "Tagging", + "resource_types": { + "Logging-Configuration": { + "resource_type": "Logging-Configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Room": { + "resource_type": "Room", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "logging-configuration": "Logging-Configuration", + "room": "Room", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags for a resource with a specified ARN", + "access_level": "Tagging", + "resource_types": { + "Logging-Configuration": { + "resource_type": "Logging-Configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Room": { + "resource_type": "Room", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "logging-configuration": "Logging-Configuration", + "room": "Room", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_UntagResource.html" + }, + "UpdateLoggingConfiguration": { + "privilege": "UpdateLoggingConfiguration", + "description": "Grants permission to update the logging configuration for a specified logging configuration ARN", + "access_level": "Write", + "resource_types": { + "Logging-Configuration": { + "resource_type": "Logging-Configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "logging-configuration": "Logging-Configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_UpdateLoggingConfiguration.html" + }, + "UpdateRoom": { + "privilege": "UpdateRoom", + "description": "Grants permission to update the room configuration for a specified room ARN", + "access_level": "Write", + "resource_types": { + "Room": { + "resource_type": "Room", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "room": "Room" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ivs/latest/ChatAPIReference/API_UpdateRoom.html" + } + }, + "privileges_lower_name": { + "createchattoken": "CreateChatToken", + "createloggingconfiguration": "CreateLoggingConfiguration", + "createroom": "CreateRoom", + "deleteloggingconfiguration": "DeleteLoggingConfiguration", + "deletemessage": "DeleteMessage", + "deleteroom": "DeleteRoom", + "disconnectuser": "DisconnectUser", + "getloggingconfiguration": "GetLoggingConfiguration", + "getroom": "GetRoom", + "listloggingconfigurations": "ListLoggingConfigurations", + "listrooms": "ListRooms", + "listtagsforresource": "ListTagsForResource", + "sendevent": "SendEvent", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateloggingconfiguration": "UpdateLoggingConfiguration", + "updateroom": "UpdateRoom" + }, + "resources": { + "Room": { + "resource": "Room", + "arn": "arn:${Partition}:ivschat:${Region}:${Account}:room/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Logging-Configuration": { + "resource": "Logging-Configuration", + "arn": "arn:${Partition}:ivschat:${Region}:${Account}:logging-configuration/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "room": "Room", + "logging-configuration": "Logging-Configuration" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags associated with the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "kendra": { + "service_name": "Amazon Kendra", + "prefix": "kendra", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkendra.html", + "privileges": { + "AssociateEntitiesToExperience": { + "privilege": "AssociateEntitiesToExperience", + "description": "Grants permission to put principal mapping in index", + "access_level": "Write", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_PutPrincipalMapping.html" + }, + "AssociatePersonasToEntities": { + "privilege": "AssociatePersonasToEntities", + "description": "Defines the specific permissions of users or groups in your AWS SSO identity source with access to your Amazon Kendra experience", + "access_level": "Write", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_AssociatePersonasToEntities.html" + }, + "BatchDeleteDocument": { + "privilege": "BatchDeleteDocument", + "description": "Grants permission to batch delete document", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_BatchDeleteDocument.html" + }, + "BatchDeleteFeaturedResultsSet": { + "privilege": "BatchDeleteFeaturedResultsSet", + "description": "Grants permission to delete a featured results set", + "access_level": "Write", + "resource_types": { + "featured-results-set": { + "resource_type": "featured-results-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "featured-results-set": "featured-results-set", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteFeaturedResults.html" + }, + "BatchGetDocumentStatus": { + "privilege": "BatchGetDocumentStatus", + "description": "Grants permission to do batch get document status", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_BatchGetDocumentStatus.html" + }, + "BatchPutDocument": { + "privilege": "BatchPutDocument", + "description": "Grants permission to batch put document", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_BatchPutDocument.html" + }, + "ClearQuerySuggestions": { + "privilege": "ClearQuerySuggestions", + "description": "Grants permission to clear out the suggestions for a given index, generated so far", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ClearQuerySuggestions.html" + }, + "CreateAccessControlConfiguration": { + "privilege": "CreateAccessControlConfiguration", + "description": "Grants permission to create an access control configuration", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateAccessControlConfiguration.html" + }, + "CreateDataSource": { + "privilege": "CreateDataSource", + "description": "Grants permission to create a data source", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateDataSource.html" + }, + "CreateExperience": { + "privilege": "CreateExperience", + "description": "Creates an Amazon Kendra experience such as a search application", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateExperience.html" + }, + "CreateFaq": { + "privilege": "CreateFaq", + "description": "Grants permission to create an Faq", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateFaq.html" + }, + "CreateFeaturedResultsSet": { + "privilege": "CreateFeaturedResultsSet", + "description": "Grants permission to create a featured results set", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateFeaturedResults.html" + }, + "CreateIndex": { + "privilege": "CreateIndex", + "description": "Grants permission to create an Index", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateIndex.html" + }, + "CreateQuerySuggestionsBlockList": { + "privilege": "CreateQuerySuggestionsBlockList", + "description": "Grants permission to create a QuerySuggestions BlockList", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateQuerySuggestionsBlockList.html" + }, + "CreateThesaurus": { + "privilege": "CreateThesaurus", + "description": "Grants permission to create a Thesaurus", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_CreateThesaurus.html" + }, + "DeleteAccessControlConfiguration": { + "privilege": "DeleteAccessControlConfiguration", + "description": "Grants permission to delete an access control configuration", + "access_level": "Write", + "resource_types": { + "access-control-configuration": { + "resource_type": "access-control-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-control-configuration": "access-control-configuration", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteAccessControlConfiguration.html" + }, + "DeleteDataSource": { + "privilege": "DeleteDataSource", + "description": "Grants permission to delete a data source", + "access_level": "Write", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteDataSource.html" + }, + "DeleteExperience": { + "privilege": "DeleteExperience", + "description": "Deletes your Amazon Kendra experience such as a search application", + "access_level": "Write", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteExperience.html" + }, + "DeleteFaq": { + "privilege": "DeleteFaq", + "description": "Grants permission to delete an Faq", + "access_level": "Write", + "resource_types": { + "faq": { + "resource_type": "faq", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "faq": "faq", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteFaq.html" + }, + "DeleteIndex": { + "privilege": "DeleteIndex", + "description": "Grants permission to delete an Index", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteIndex.html" + }, + "DeletePrincipalMapping": { + "privilege": "DeletePrincipalMapping", + "description": "Grants permission to delete principal mapping from index", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "data-source": "data-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeletePrincipalMapping.html" + }, + "DeleteQuerySuggestionsBlockList": { + "privilege": "DeleteQuerySuggestionsBlockList", + "description": "Grants permission to delete a QuerySuggestions BlockList", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "query-suggestions-block-list": { + "resource_type": "query-suggestions-block-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "query-suggestions-block-list": "query-suggestions-block-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteQuerySuggestionsBlockList.html" + }, + "DeleteThesaurus": { + "privilege": "DeleteThesaurus", + "description": "Grants permission to delete a Thesaurus", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thesaurus": { + "resource_type": "thesaurus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "thesaurus": "thesaurus" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DeleteThesaurus.html" + }, + "DescribeAccessControlConfiguration": { + "privilege": "DescribeAccessControlConfiguration", + "description": "Grants permission to describe an access control configuration", + "access_level": "Read", + "resource_types": { + "access-control-configuration": { + "resource_type": "access-control-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-control-configuration": "access-control-configuration", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeAccessControlConfiguration.html" + }, + "DescribeDataSource": { + "privilege": "DescribeDataSource", + "description": "Grants permission to describe a data source", + "access_level": "Read", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeDataSource.html" + }, + "DescribeExperience": { + "privilege": "DescribeExperience", + "description": "Gets information about your Amazon Kendra experience such as a search application", + "access_level": "Read", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeExperience.html" + }, + "DescribeFaq": { + "privilege": "DescribeFaq", + "description": "Grants permission to describe an Faq", + "access_level": "Read", + "resource_types": { + "faq": { + "resource_type": "faq", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "faq": "faq", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeFaq.html" + }, + "DescribeFeaturedResultsSet": { + "privilege": "DescribeFeaturedResultsSet", + "description": "Grants permission to describe a featured results set", + "access_level": "Read", + "resource_types": { + "featured-results-set": { + "resource_type": "featured-results-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "featured-results-set": "featured-results-set", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeThesaurus.html" + }, + "DescribeIndex": { + "privilege": "DescribeIndex", + "description": "Grants permission to describe an Index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeIndex.html" + }, + "DescribePrincipalMapping": { + "privilege": "DescribePrincipalMapping", + "description": "Grants permission to describe principal mapping from index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "data-source": "data-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribePrincipalMapping.html" + }, + "DescribeQuerySuggestionsBlockList": { + "privilege": "DescribeQuerySuggestionsBlockList", + "description": "Grants permission to describe a QuerySuggestions BlockList", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "query-suggestions-block-list": { + "resource_type": "query-suggestions-block-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "query-suggestions-block-list": "query-suggestions-block-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeQuerySuggestionsBlockList.html" + }, + "DescribeQuerySuggestionsConfig": { + "privilege": "DescribeQuerySuggestionsConfig", + "description": "Grants permission to describe the query suggestions configuration for an index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeQuerySuggestionsConfig.html" + }, + "DescribeThesaurus": { + "privilege": "DescribeThesaurus", + "description": "Grants permission to describe a Thesaurus", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thesaurus": { + "resource_type": "thesaurus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "thesaurus": "thesaurus" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DescribeThesaurus.html" + }, + "DisassociateEntitiesFromExperience": { + "privilege": "DisassociateEntitiesFromExperience", + "description": "Prevents users or groups in your AWS SSO identity source from accessing your Amazon Kendra experience", + "access_level": "Write", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DisassociateEntitiesFromExperience.html" + }, + "DisassociatePersonasFromEntities": { + "privilege": "DisassociatePersonasFromEntities", + "description": "Removes the specific permissions of users or groups in your AWS SSO identity source with access to your Amazon Kendra experience", + "access_level": "Write", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_DisassociatePersonasFromEntities.html" + }, + "GetQuerySuggestions": { + "privilege": "GetQuerySuggestions", + "description": "Grants permission to get suggestions for a query prefix", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html" + }, + "GetSnapshots": { + "privilege": "GetSnapshots", + "description": "Retrieves search metrics data", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_GetSnapshots.html" + }, + "ListAccessControlConfigurations": { + "privilege": "ListAccessControlConfigurations", + "description": "Grants permission to list the access control configurations", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListAccessControlConfigurations.html" + }, + "ListDataSourceSyncJobs": { + "privilege": "ListDataSourceSyncJobs", + "description": "Grants permission to get Data Source sync job history", + "access_level": "List", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListDataSourceSyncJobs.html" + }, + "ListDataSources": { + "privilege": "ListDataSources", + "description": "Grants permission to list the data sources", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListDataSources.html" + }, + "ListEntityPersonas": { + "privilege": "ListEntityPersonas", + "description": "Lists specific permissions of users and groups with access to your Amazon Kendra experience", + "access_level": "List", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListEntityPersonas.html" + }, + "ListExperienceEntities": { + "privilege": "ListExperienceEntities", + "description": "Lists users or groups in your AWS SSO identity source that are granted access to your Amazon Kendra experience", + "access_level": "List", + "resource_types": { + "experience": { + "resource_type": "experience", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experience": "experience", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListExperienceEntities.html" + }, + "ListExperiences": { + "privilege": "ListExperiences", + "description": "Lists one or more Amazon Kendra experiences. You can create an Amazon Kendra experience such as a search application", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListExperiences.html" + }, + "ListFaqs": { + "privilege": "ListFaqs", + "description": "Grants permission to list the Faqs", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListFaqs.html" + }, + "ListFeaturedResultsSets": { + "privilege": "ListFeaturedResultsSets", + "description": "Grants permission to list the featured results sets", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListFeaturedResults.html" + }, + "ListGroupsOlderThanOrderingId": { + "privilege": "ListGroupsOlderThanOrderingId", + "description": "Grants permission to list groups that are older than an ordering id", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "data-source": "data-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListGroupsOlderThanOrderingId.html" + }, + "ListIndices": { + "privilege": "ListIndices", + "description": "Grants permission to list the indexes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListIndices.html" + }, + "ListQuerySuggestionsBlockLists": { + "privilege": "ListQuerySuggestionsBlockLists", + "description": "Grants permission to list the QuerySuggestions BlockLists", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListQuerySuggestionsBlockLists.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "faq": { + "resource_type": "faq", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "featured-results-set": { + "resource_type": "featured-results-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "query-suggestions-block-list": { + "resource_type": "query-suggestions-block-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thesaurus": { + "resource_type": "thesaurus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "faq": "faq", + "featured-results-set": "featured-results-set", + "index": "index", + "query-suggestions-block-list": "query-suggestions-block-list", + "thesaurus": "thesaurus" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListTagsForResource.html" + }, + "ListThesauri": { + "privilege": "ListThesauri", + "description": "Grants permission to list the Thesauri", + "access_level": "List", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_ListThesauri.html" + }, + "PutPrincipalMapping": { + "privilege": "PutPrincipalMapping", + "description": "Grants permission to put principal mapping in index", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "data-source": "data-source" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_PutPrincipalMapping.html" + }, + "Query": { + "privilege": "Query", + "description": "Grants permission to query documents and faqs", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html" + }, + "Retrieve": { + "privilege": "Retrieve", + "description": "Grants permission to retrieve relevant content from an index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Retrieve.html" + }, + "StartDataSourceSyncJob": { + "privilege": "StartDataSourceSyncJob", + "description": "Grants permission to start Data Source sync job", + "access_level": "Write", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_StartDataSourceSyncJob.html" + }, + "StopDataSourceSyncJob": { + "privilege": "StopDataSourceSyncJob", + "description": "Grants permission to stop Data Source sync job", + "access_level": "Write", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_StopDataSourceSyncJob.html" + }, + "SubmitFeedback": { + "privilege": "SubmitFeedback", + "description": "Grants permission to send feedback about a query results", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_SubmitFeedback.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource with given key value pairs", + "access_level": "Tagging", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "faq": { + "resource_type": "faq", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "featured-results-set": { + "resource_type": "featured-results-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "query-suggestions-block-list": { + "resource_type": "query-suggestions-block-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thesaurus": { + "resource_type": "thesaurus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "faq": "faq", + "featured-results-set": "featured-results-set", + "index": "index", + "query-suggestions-block-list": "query-suggestions-block-list", + "thesaurus": "thesaurus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the tag with the given key from a resource", + "access_level": "Tagging", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "faq": { + "resource_type": "faq", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "featured-results-set": { + "resource_type": "featured-results-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "query-suggestions-block-list": { + "resource_type": "query-suggestions-block-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thesaurus": { + "resource_type": "thesaurus", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "faq": "faq", + "featured-results-set": "featured-results-set", + "index": "index", + "query-suggestions-block-list": "query-suggestions-block-list", + "thesaurus": "thesaurus", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UntagResource.html" + }, + "UpdateAccessControlConfiguration": { + "privilege": "UpdateAccessControlConfiguration", + "description": "Grants permission to update an access control configuration", + "access_level": "Write", + "resource_types": { + "access-control-configuration": { + "resource_type": "access-control-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-control-configuration": "access-control-configuration", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateAccessControlConfiguration.html" + }, + "UpdateDataSource": { + "privilege": "UpdateDataSource", + "description": "Grants permission to update a data source", + "access_level": "Write", + "resource_types": { + "data-source": { + "resource_type": "data-source", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-source": "data-source", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateDataSource.html" + }, + "UpdateExperience": { + "privilege": "UpdateExperience", + "description": "Updates your Amazon Kendra experience such as a search application", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateExperience.html" + }, + "UpdateFeaturedResultsSet": { + "privilege": "UpdateFeaturedResultsSet", + "description": "Grants permission to update a featured results set", + "access_level": "Write", + "resource_types": { + "featured-results-set": { + "resource_type": "featured-results-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "featured-results-set": "featured-results-set", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateFeaturedResults.html" + }, + "UpdateIndex": { + "privilege": "UpdateIndex", + "description": "Grants permission to update an Index", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html" + }, + "UpdateQuerySuggestionsBlockList": { + "privilege": "UpdateQuerySuggestionsBlockList", + "description": "Grants permission to update a QuerySuggestions BlockList", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "query-suggestions-block-list": { + "resource_type": "query-suggestions-block-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "query-suggestions-block-list": "query-suggestions-block-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateQuerySuggestionsBlockList.html" + }, + "UpdateQuerySuggestionsConfig": { + "privilege": "UpdateQuerySuggestionsConfig", + "description": "Grants permission to update the query suggestions configuration for an index", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateQuerySuggestionsConfig.html" + }, + "UpdateThesaurus": { + "privilege": "UpdateThesaurus", + "description": "Grants permission to update a thesaurus", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thesaurus": { + "resource_type": "thesaurus", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "thesaurus": "thesaurus" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateThesaurus.html" + } + }, + "privileges_lower_name": { + "associateentitiestoexperience": "AssociateEntitiesToExperience", + "associatepersonastoentities": "AssociatePersonasToEntities", + "batchdeletedocument": "BatchDeleteDocument", + "batchdeletefeaturedresultsset": "BatchDeleteFeaturedResultsSet", + "batchgetdocumentstatus": "BatchGetDocumentStatus", + "batchputdocument": "BatchPutDocument", + "clearquerysuggestions": "ClearQuerySuggestions", + "createaccesscontrolconfiguration": "CreateAccessControlConfiguration", + "createdatasource": "CreateDataSource", + "createexperience": "CreateExperience", + "createfaq": "CreateFaq", + "createfeaturedresultsset": "CreateFeaturedResultsSet", + "createindex": "CreateIndex", + "createquerysuggestionsblocklist": "CreateQuerySuggestionsBlockList", + "createthesaurus": "CreateThesaurus", + "deleteaccesscontrolconfiguration": "DeleteAccessControlConfiguration", + "deletedatasource": "DeleteDataSource", + "deleteexperience": "DeleteExperience", + "deletefaq": "DeleteFaq", + "deleteindex": "DeleteIndex", + "deleteprincipalmapping": "DeletePrincipalMapping", + "deletequerysuggestionsblocklist": "DeleteQuerySuggestionsBlockList", + "deletethesaurus": "DeleteThesaurus", + "describeaccesscontrolconfiguration": "DescribeAccessControlConfiguration", + "describedatasource": "DescribeDataSource", + "describeexperience": "DescribeExperience", + "describefaq": "DescribeFaq", + "describefeaturedresultsset": "DescribeFeaturedResultsSet", + "describeindex": "DescribeIndex", + "describeprincipalmapping": "DescribePrincipalMapping", + "describequerysuggestionsblocklist": "DescribeQuerySuggestionsBlockList", + "describequerysuggestionsconfig": "DescribeQuerySuggestionsConfig", + "describethesaurus": "DescribeThesaurus", + "disassociateentitiesfromexperience": "DisassociateEntitiesFromExperience", + "disassociatepersonasfromentities": "DisassociatePersonasFromEntities", + "getquerysuggestions": "GetQuerySuggestions", + "getsnapshots": "GetSnapshots", + "listaccesscontrolconfigurations": "ListAccessControlConfigurations", + "listdatasourcesyncjobs": "ListDataSourceSyncJobs", + "listdatasources": "ListDataSources", + "listentitypersonas": "ListEntityPersonas", + "listexperienceentities": "ListExperienceEntities", + "listexperiences": "ListExperiences", + "listfaqs": "ListFaqs", + "listfeaturedresultssets": "ListFeaturedResultsSets", + "listgroupsolderthanorderingid": "ListGroupsOlderThanOrderingId", + "listindices": "ListIndices", + "listquerysuggestionsblocklists": "ListQuerySuggestionsBlockLists", + "listtagsforresource": "ListTagsForResource", + "listthesauri": "ListThesauri", + "putprincipalmapping": "PutPrincipalMapping", + "query": "Query", + "retrieve": "Retrieve", + "startdatasourcesyncjob": "StartDataSourceSyncJob", + "stopdatasourcesyncjob": "StopDataSourceSyncJob", + "submitfeedback": "SubmitFeedback", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccesscontrolconfiguration": "UpdateAccessControlConfiguration", + "updatedatasource": "UpdateDataSource", + "updateexperience": "UpdateExperience", + "updatefeaturedresultsset": "UpdateFeaturedResultsSet", + "updateindex": "UpdateIndex", + "updatequerysuggestionsblocklist": "UpdateQuerySuggestionsBlockList", + "updatequerysuggestionsconfig": "UpdateQuerySuggestionsConfig", + "updatethesaurus": "UpdateThesaurus" + }, + "resources": { + "index": { + "resource": "index", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "data-source": { + "resource": "data-source", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/data-source/${DataSourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "faq": { + "resource": "faq", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/faq/${FaqId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "experience": { + "resource": "experience", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/experience/${ExperienceId}", + "condition_keys": [] + }, + "thesaurus": { + "resource": "thesaurus", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/thesaurus/${ThesaurusId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "query-suggestions-block-list": { + "resource": "query-suggestions-block-list", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/query-suggestions-block-list/${QuerySuggestionsBlockListId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "featured-results-set": { + "resource": "featured-results-set", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/featured-results-set/${FeaturedResultsSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "access-control-configuration": { + "resource": "access-control-configuration", + "arn": "arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/access-control-configuration/${AccessControlConfigurationId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "index": "index", + "data-source": "data-source", + "faq": "faq", + "experience": "experience", + "thesaurus": "thesaurus", + "query-suggestions-block-list": "query-suggestions-block-list", + "featured-results-set": "featured-results-set", + "access-control-configuration": "access-control-configuration" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "kendra-ranking": { + "service_name": "Amazon Kendra Intelligent Ranking", + "prefix": "kendra-ranking", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkendraintelligentranking.html", + "privileges": { + "CreateRescoreExecutionPlan": { + "privilege": "CreateRescoreExecutionPlan", + "description": "Grants permission to create a RescoreExecutionPlan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_CreateRescoreExecutionPlan.html" + }, + "DeleteRescoreExecutionPlan": { + "privilege": "DeleteRescoreExecutionPlan", + "description": "Grants permission to delete a RescoreExecutionPlan", + "access_level": "Write", + "resource_types": { + "rescore-execution-plan": { + "resource_type": "rescore-execution-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rescore-execution-plan": "rescore-execution-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_DeleteRescoreExecutionPlan.html" + }, + "DescribeRescoreExecutionPlan": { + "privilege": "DescribeRescoreExecutionPlan", + "description": "Grants permission to describe a RescoreExecutionPlan", + "access_level": "Read", + "resource_types": { + "rescore-execution-plan": { + "resource_type": "rescore-execution-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rescore-execution-plan": "rescore-execution-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_DescribeRescoreExecutionPlan.html" + }, + "ListRescoreExecutionPlans": { + "privilege": "ListRescoreExecutionPlans", + "description": "Grants permission to list all RescoreExecutionPlans", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_ListRescoreExecutionPlans.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "rescore-execution-plan": { + "resource_type": "rescore-execution-plan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rescore-execution-plan": "rescore-execution-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_ListTagsForResource.html" + }, + "Rescore": { + "privilege": "Rescore", + "description": "Grants permission to Rescore documents with Kendra Intelligent Ranking", + "access_level": "Read", + "resource_types": { + "rescore-execution-plan": { + "resource_type": "rescore-execution-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rescore-execution-plan": "rescore-execution-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_Rescore.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource with given key value pairs", + "access_level": "Tagging", + "resource_types": { + "rescore-execution-plan": { + "resource_type": "rescore-execution-plan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rescore-execution-plan": "rescore-execution-plan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the tag with the given key from a resource", + "access_level": "Tagging", + "resource_types": { + "rescore-execution-plan": { + "resource_type": "rescore-execution-plan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rescore-execution-plan": "rescore-execution-plan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_UntagResource.html" + }, + "UpdateRescoreExecutionPlan": { + "privilege": "UpdateRescoreExecutionPlan", + "description": "Grants permission to update a RescoreExecutionPlan", + "access_level": "Write", + "resource_types": { + "rescore-execution-plan": { + "resource_type": "rescore-execution-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rescore-execution-plan": "rescore-execution-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kendra/latest/dg/API_Ranking_UpdateRescoreExecutionPlan.html" + } + }, + "privileges_lower_name": { + "createrescoreexecutionplan": "CreateRescoreExecutionPlan", + "deleterescoreexecutionplan": "DeleteRescoreExecutionPlan", + "describerescoreexecutionplan": "DescribeRescoreExecutionPlan", + "listrescoreexecutionplans": "ListRescoreExecutionPlans", + "listtagsforresource": "ListTagsForResource", + "rescore": "Rescore", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updaterescoreexecutionplan": "UpdateRescoreExecutionPlan" + }, + "resources": { + "rescore-execution-plan": { + "resource": "rescore-execution-plan", + "arn": "arn:${Partition}:kendra-ranking:${Region}:${Account}:rescore-execution-plan/${RescoreExecutionPlanId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "rescore-execution-plan": "rescore-execution-plan" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "cassandra": { + "service_name": "Amazon Keyspaces (for Apache Cassandra)", + "prefix": "cassandra", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkeyspacesforapachecassandra.html", + "privileges": { + "Alter": { + "privilege": "Alter", + "description": "Grants permission to alter a keyspace or table", + "access_level": "Write", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "AlterMultiRegionResource": { + "privilege": "AlterMultiRegionResource", + "description": "Grants permission to alter a multiregion keyspace or table", + "access_level": "Write", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "Create": { + "privilege": "Create", + "description": "Grants permission to create a keyspace or table", + "access_level": "Write", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "CreateMultiRegionResource": { + "privilege": "CreateMultiRegionResource", + "description": "Grants permission to create a multiregion keyspace or table", + "access_level": "Write", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "Drop": { + "privilege": "Drop", + "description": "Grants permission to drop a keyspace or table", + "access_level": "Write", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "DropMultiRegionResource": { + "privilege": "DropMultiRegionResource", + "description": "Grants permission to drop a multiregion keyspace or table", + "access_level": "Write", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "Modify": { + "privilege": "Modify", + "description": "Grants permission to INSERT, UPDATE or DELETE data in a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "ModifyMultiRegionResource": { + "privilege": "ModifyMultiRegionResource", + "description": "Grants permission to INSERT, UPDATE or DELETE data in a multiregion table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "Restore": { + "privilege": "Restore", + "description": "Grants permission to restore table from a backup", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "RestoreMultiRegionTable": { + "privilege": "RestoreMultiRegionTable", + "description": "Grants permission to restore multiregion table from a backup", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "Select": { + "privilege": "Select", + "description": "Grants permission to SELECT data from a table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "SelectMultiRegionResource": { + "privilege": "SelectMultiRegionResource", + "description": "Grants permission to SELECT data from a multiregion table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "TagMultiRegionResource": { + "privilege": "TagMultiRegionResource", + "description": "Grants permission to tag a multiregion keyspace or table", + "access_level": "Tagging", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a keyspace or table", + "access_level": "Tagging", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "UnTagMultiRegionResource": { + "privilege": "UnTagMultiRegionResource", + "description": "Grants permission to untag a multiregion keyspace or table", + "access_level": "Tagging", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a keyspace or table", + "access_level": "Tagging", + "resource_types": { + "keyspace": { + "resource_type": "keyspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keyspace": "keyspace", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + }, + "UpdatePartitioner": { + "privilege": "UpdatePartitioner", + "description": "Grants permission to UPDATE the partitioner in a system table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/keyspaces/latest/devguide/" + } + }, + "privileges_lower_name": { + "alter": "Alter", + "altermultiregionresource": "AlterMultiRegionResource", + "create": "Create", + "createmultiregionresource": "CreateMultiRegionResource", + "drop": "Drop", + "dropmultiregionresource": "DropMultiRegionResource", + "modify": "Modify", + "modifymultiregionresource": "ModifyMultiRegionResource", + "restore": "Restore", + "restoremultiregiontable": "RestoreMultiRegionTable", + "select": "Select", + "selectmultiregionresource": "SelectMultiRegionResource", + "tagmultiregionresource": "TagMultiRegionResource", + "tagresource": "TagResource", + "untagmultiregionresource": "UnTagMultiRegionResource", + "untagresource": "UntagResource", + "updatepartitioner": "UpdatePartitioner" + }, + "resources": { + "keyspace": { + "resource": "keyspace", + "arn": "arn:${Partition}:cassandra:${Region}:${Account}:/keyspace/${KeyspaceName}/", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "table": { + "resource": "table", + "arn": "arn:${Partition}:cassandra:${Region}:${Account}:/keyspace/${KeyspaceName}/table/${TableName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "keyspace": "keyspace", + "table": "table" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "kinesis": { + "service_name": "Amazon Kinesis", + "prefix": "kinesis", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesis.html", + "privileges": { + "AddTagsToStream": { + "privilege": "AddTagsToStream", + "description": "Grants permission to add or update tags for the specified Amazon Kinesis stream. Each stream can have up to 10 tags", + "access_level": "Tagging", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_AddTagsToStream.html" + }, + "CreateStream": { + "privilege": "CreateStream", + "description": "Grants permission to create a Amazon Kinesis stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_CreateStream.html" + }, + "DecreaseStreamRetentionPeriod": { + "privilege": "DecreaseStreamRetentionPeriod", + "description": "Grants permission to decrease the stream's retention period, which is the length of time data records are accessible after they are added to the stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DecreaseStreamRetentionPeriod.html" + }, + "DeleteStream": { + "privilege": "DeleteStream", + "description": "Grants permission to delete a stream and all its shards and data", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DeleteStream.html" + }, + "DeregisterStreamConsumer": { + "privilege": "DeregisterStreamConsumer", + "description": "Grants permission to deregister a stream consumer with a Kinesis data stream", + "access_level": "Write", + "resource_types": { + "consumer": { + "resource_type": "consumer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "consumer": "consumer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DeregisterStreamConsumer.html" + }, + "DescribeLimits": { + "privilege": "DescribeLimits", + "description": "Grants permission to describe the shard limits and usage for the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeLimits.html" + }, + "DescribeStream": { + "privilege": "DescribeStream", + "description": "Grants permission to describe the specified stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeStream.html" + }, + "DescribeStreamConsumer": { + "privilege": "DescribeStreamConsumer", + "description": "Grants permission to get the description of a registered stream consumer", + "access_level": "Read", + "resource_types": { + "consumer": { + "resource_type": "consumer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "consumer": "consumer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeStreamConsumer.html" + }, + "DescribeStreamSummary": { + "privilege": "DescribeStreamSummary", + "description": "Grants permission to provide a summarized description of the specified Kinesis data stream without the shard list", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DescribeStreamSummary.html" + }, + "DisableEnhancedMonitoring": { + "privilege": "DisableEnhancedMonitoring", + "description": "Grants permission to disables enhanced monitoring", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_DisableEnhancedMonitoring.html" + }, + "EnableEnhancedMonitoring": { + "privilege": "EnableEnhancedMonitoring", + "description": "Grants permission to enable enhanced Kinesis data stream monitoring for shard-level metrics", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_EnableEnhancedMonitoring.html" + }, + "GetRecords": { + "privilege": "GetRecords", + "description": "Grants permission to get data records from a shard", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetRecords.html" + }, + "GetShardIterator": { + "privilege": "GetShardIterator", + "description": "Grants permission to get a shard iterator. A shard iterator expires five minutes after it is returned to the requester", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html" + }, + "IncreaseStreamRetentionPeriod": { + "privilege": "IncreaseStreamRetentionPeriod", + "description": "Grants permission to increase the stream's retention period, which is the length of time data records are accessible after they are added to the stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_IncreaseStreamRetentionPeriod.html" + }, + "ListShards": { + "privilege": "ListShards", + "description": "Grants permission to list the shards in a stream and provides information about each shard", + "access_level": "List", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html" + }, + "ListStreamConsumers": { + "privilege": "ListStreamConsumers", + "description": "Grants permission to list the stream consumers registered to receive data from a Kinesis stream using enhanced fan-out, and provides information about each consumer", + "access_level": "List", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListStreamConsumers.html" + }, + "ListStreams": { + "privilege": "ListStreams", + "description": "Grants permission to list your streams", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListStreams.html" + }, + "ListTagsForStream": { + "privilege": "ListTagsForStream", + "description": "Grants permission to list the tags for the specified Amazon Kinesis stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListTagsForStream.html" + }, + "MergeShards": { + "privilege": "MergeShards", + "description": "Grants permission to merge two adjacent shards in a stream and combines them into a single shard to reduce the stream's capacity to ingest and transport data", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_MergeShards.html" + }, + "PutRecord": { + "privilege": "PutRecord", + "description": "Grants permission to write a single data record from a producer into an Amazon Kinesis stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html" + }, + "PutRecords": { + "privilege": "PutRecords", + "description": "Grants permission to write multiple data records from a producer into an Amazon Kinesis stream in a single call (also referred to as a PutRecords request)", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecords.html" + }, + "RegisterStreamConsumer": { + "privilege": "RegisterStreamConsumer", + "description": "Grants permission to register a stream consumer with a Kinesis data stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_RegisterStreamConsumer.html" + }, + "RemoveTagsFromStream": { + "privilege": "RemoveTagsFromStream", + "description": "Grants permission to remove tags from the specified Kinesis data stream. Removed tags are deleted and cannot be recovered after this operation successfully completes", + "access_level": "Tagging", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_RemoveTagsFromStream.html" + }, + "SplitShard": { + "privilege": "SplitShard", + "description": "Grants permission to split a shard into two new shards in the Kinesis data stream, to increase the stream's capacity to ingest and transport data", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_SplitShard.html" + }, + "StartStreamEncryption": { + "privilege": "StartStreamEncryption", + "description": "Grants permission to enable or update server-side encryption using an AWS KMS key for a specified stream", + "access_level": "Write", + "resource_types": { + "kmsKey": { + "resource_type": "kmsKey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kmskey": "kmsKey", + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_StartStreamEncryption.html" + }, + "StopStreamEncryption": { + "privilege": "StopStreamEncryption", + "description": "Grants permission to disable server-side encryption for a specified stream", + "access_level": "Write", + "resource_types": { + "kmsKey": { + "resource_type": "kmsKey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "kmskey": "kmsKey", + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_StopStreamEncryption.html" + }, + "SubscribeToShard": { + "privilege": "SubscribeToShard", + "description": "Grants permission to listen to a specific shard with enhanced fan-out", + "access_level": "Read", + "resource_types": { + "consumer": { + "resource_type": "consumer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "consumer": "consumer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_SubscribeToShard.html" + }, + "UpdateShardCount": { + "privilege": "UpdateShardCount", + "description": "Grants permission to update the shard count of the specified stream to the specified number of shards", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_UpdateShardCount.html" + }, + "UpdateStreamMode": { + "privilege": "UpdateStreamMode", + "description": "Grants permission to update the capacity mode of the data stream", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesis/latest/APIReference/API_UpdateStreamMode.html" + } + }, + "privileges_lower_name": { + "addtagstostream": "AddTagsToStream", + "createstream": "CreateStream", + "decreasestreamretentionperiod": "DecreaseStreamRetentionPeriod", + "deletestream": "DeleteStream", + "deregisterstreamconsumer": "DeregisterStreamConsumer", + "describelimits": "DescribeLimits", + "describestream": "DescribeStream", + "describestreamconsumer": "DescribeStreamConsumer", + "describestreamsummary": "DescribeStreamSummary", + "disableenhancedmonitoring": "DisableEnhancedMonitoring", + "enableenhancedmonitoring": "EnableEnhancedMonitoring", + "getrecords": "GetRecords", + "getsharditerator": "GetShardIterator", + "increasestreamretentionperiod": "IncreaseStreamRetentionPeriod", + "listshards": "ListShards", + "liststreamconsumers": "ListStreamConsumers", + "liststreams": "ListStreams", + "listtagsforstream": "ListTagsForStream", + "mergeshards": "MergeShards", + "putrecord": "PutRecord", + "putrecords": "PutRecords", + "registerstreamconsumer": "RegisterStreamConsumer", + "removetagsfromstream": "RemoveTagsFromStream", + "splitshard": "SplitShard", + "startstreamencryption": "StartStreamEncryption", + "stopstreamencryption": "StopStreamEncryption", + "subscribetoshard": "SubscribeToShard", + "updateshardcount": "UpdateShardCount", + "updatestreammode": "UpdateStreamMode" + }, + "resources": { + "stream": { + "resource": "stream", + "arn": "arn:${Partition}:kinesis:${Region}:${Account}:stream/${StreamName}", + "condition_keys": [] + }, + "consumer": { + "resource": "consumer", + "arn": "arn:${Partition}:kinesis:${Region}:${Account}:${StreamType}/${StreamName}/consumer/${ConsumerName}:${ConsumerCreationTimpstamp}", + "condition_keys": [] + }, + "kmsKey": { + "resource": "kmsKey", + "arn": "arn:${Partition}:kms:${Region}:${Account}:key/${KeyId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "stream": "stream", + "consumer": "consumer", + "kmskey": "kmsKey" + }, + "conditions": {} + }, + "kinesisanalytics": { + "service_name": "Amazon Kinesis Analytics", + "prefix": "kinesisanalytics", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisanalytics.html", + "privileges": { + "AddApplicationInput": { + "privilege": "AddApplicationInput", + "description": "Grants permission to add input to the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationInput.html" + }, + "AddApplicationOutput": { + "privilege": "AddApplicationOutput", + "description": "Grants permission to add output to the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationOutput.html" + }, + "AddApplicationReferenceDataSource": { + "privilege": "AddApplicationReferenceDataSource", + "description": "Grants permission to add reference data source to the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationReferenceDataSource.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_CreateApplication.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplication.html" + }, + "DeleteApplicationOutput": { + "privilege": "DeleteApplicationOutput", + "description": "Grants permission to delete the specified output of the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationOutput.html" + }, + "DeleteApplicationReferenceDataSource": { + "privilege": "DeleteApplicationReferenceDataSource", + "description": "Grants permission to delete the specified reference data source of the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationReferenceDataSource.html" + }, + "DescribeApplication": { + "privilege": "DescribeApplication", + "description": "Grants permission to describe the specified application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DescribeApplication.html" + }, + "DiscoverInputSchema": { + "privilege": "DiscoverInputSchema", + "description": "Grants permission to discover the input schema for the application", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DiscoverInputSchema.html" + }, + "GetApplicationState": { + "privilege": "GetApplicationState", + "description": "Grants permission to Kinesis Data Analytics console to display stream results for Kinesis Data Analytics SQL runtime applications", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/dev/api-permissions-reference.html#api-permissions-reference-gas" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list applications for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListApplications.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to fetch the tags associated with the application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListTagsForResource.html" + }, + "StartApplication": { + "privilege": "StartApplication", + "description": "Grants permission to start the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_StartApplication.html" + }, + "StopApplication": { + "privilege": "StopApplication", + "description": "Grants permission to stop the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_StopApplication.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to the application", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the specified tags from the application", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_UpdateApplication.html" + }, + "AddApplicationCloudWatchLoggingOption": { + "privilege": "AddApplicationCloudWatchLoggingOption", + "description": "Grants permission to add cloudwatch logging option to the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationCloudWatchLoggingOption.html" + }, + "AddApplicationInputProcessingConfiguration": { + "privilege": "AddApplicationInputProcessingConfiguration", + "description": "Grants permission to add input processing configuration to the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationInputProcessingConfiguration.html" + }, + "AddApplicationVpcConfiguration": { + "privilege": "AddApplicationVpcConfiguration", + "description": "Grants permission to add VPC configuration to the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_AddApplicationVpcConfiguration.html" + }, + "CreateApplicationPresignedUrl": { + "privilege": "CreateApplicationPresignedUrl", + "description": "Grants permission to create and return a URL that you can use to connect to an application's extension", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_CreateApplicationPresignedUrl.html" + }, + "CreateApplicationSnapshot": { + "privilege": "CreateApplicationSnapshot", + "description": "Grants permission to create a snapshot for an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_CreateApplicationSnapshot.html" + }, + "DeleteApplicationCloudWatchLoggingOption": { + "privilege": "DeleteApplicationCloudWatchLoggingOption", + "description": "Grants permission to delete the specified cloudwatch logging option of the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationCloudWatchLoggingOption.html" + }, + "DeleteApplicationInputProcessingConfiguration": { + "privilege": "DeleteApplicationInputProcessingConfiguration", + "description": "Grants permission to delete the specified input processing configuration of the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationInputProcessingConfiguration.html" + }, + "DeleteApplicationSnapshot": { + "privilege": "DeleteApplicationSnapshot", + "description": "Grants permission to delete a snapshot for an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationSnapshot.html" + }, + "DeleteApplicationVpcConfiguration": { + "privilege": "DeleteApplicationVpcConfiguration", + "description": "Grants permission to delete the specified VPC configuration of the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DeleteApplicationVpcConfiguration.html" + }, + "DescribeApplicationSnapshot": { + "privilege": "DescribeApplicationSnapshot", + "description": "Grants permission to describe an application snapshot", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DescribeApplicationSnapshot.html" + }, + "DescribeApplicationVersion": { + "privilege": "DescribeApplicationVersion", + "description": "Grants permission to describe the application version of an application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_DescribeApplicationVersion.html" + }, + "ListApplicationSnapshots": { + "privilege": "ListApplicationSnapshots", + "description": "Grants permission to list the snapshots for an application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListApplicationSnapshots.html" + }, + "ListApplicationVersions": { + "privilege": "ListApplicationVersions", + "description": "Grants permission to list application versions of an application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_ListApplicationVersions.html" + }, + "RollbackApplication": { + "privilege": "RollbackApplication", + "description": "Grants permission to perform rollback operation on an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_RollbackApplication.html" + }, + "UpdateApplicationMaintenanceConfiguration": { + "privilege": "UpdateApplicationMaintenanceConfiguration", + "description": "Grants permission to update the maintenance configuration of an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisanalytics/latest/apiv2/API_UpdateApplicationMaintenanceConfiguration.html" + } + }, + "privileges_lower_name": { + "addapplicationinput": "AddApplicationInput", + "addapplicationoutput": "AddApplicationOutput", + "addapplicationreferencedatasource": "AddApplicationReferenceDataSource", + "createapplication": "CreateApplication", + "deleteapplication": "DeleteApplication", + "deleteapplicationoutput": "DeleteApplicationOutput", + "deleteapplicationreferencedatasource": "DeleteApplicationReferenceDataSource", + "describeapplication": "DescribeApplication", + "discoverinputschema": "DiscoverInputSchema", + "getapplicationstate": "GetApplicationState", + "listapplications": "ListApplications", + "listtagsforresource": "ListTagsForResource", + "startapplication": "StartApplication", + "stopapplication": "StopApplication", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication", + "addapplicationcloudwatchloggingoption": "AddApplicationCloudWatchLoggingOption", + "addapplicationinputprocessingconfiguration": "AddApplicationInputProcessingConfiguration", + "addapplicationvpcconfiguration": "AddApplicationVpcConfiguration", + "createapplicationpresignedurl": "CreateApplicationPresignedUrl", + "createapplicationsnapshot": "CreateApplicationSnapshot", + "deleteapplicationcloudwatchloggingoption": "DeleteApplicationCloudWatchLoggingOption", + "deleteapplicationinputprocessingconfiguration": "DeleteApplicationInputProcessingConfiguration", + "deleteapplicationsnapshot": "DeleteApplicationSnapshot", + "deleteapplicationvpcconfiguration": "DeleteApplicationVpcConfiguration", + "describeapplicationsnapshot": "DescribeApplicationSnapshot", + "describeapplicationversion": "DescribeApplicationVersion", + "listapplicationsnapshots": "ListApplicationSnapshots", + "listapplicationversions": "ListApplicationVersions", + "rollbackapplication": "RollbackApplication", + "updateapplicationmaintenanceconfiguration": "UpdateApplicationMaintenanceConfiguration" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:kinesisanalytics:${Region}:${Account}:application/${ApplicationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "application": "application" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value assoicated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "firehose": { + "service_name": "Amazon Kinesis Firehose", + "prefix": "firehose", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisfirehose.html", + "privileges": { + "CreateDeliveryStream": { + "privilege": "CreateDeliveryStream", + "description": "Grants permission to create a delivery stream", + "access_level": "Write", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html" + }, + "DeleteDeliveryStream": { + "privilege": "DeleteDeliveryStream", + "description": "Grants permission to delete a delivery stream and its data", + "access_level": "Write", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_DeleteDeliveryStream.html" + }, + "DescribeDeliveryStream": { + "privilege": "DescribeDeliveryStream", + "description": "Grants permission to describe the specified delivery stream and gets the status", + "access_level": "Read", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_DescribeDeliveryStream.html" + }, + "ListDeliveryStreams": { + "privilege": "ListDeliveryStreams", + "description": "Grants permission to list your delivery streams", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_ListDeliveryStreams.html" + }, + "ListTagsForDeliveryStream": { + "privilege": "ListTagsForDeliveryStream", + "description": "Grants permission to list the tags for the specified delivery stream", + "access_level": "List", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_ListTagsForDeliveryStream.html" + }, + "PutRecord": { + "privilege": "PutRecord", + "description": "Grants permission to write a single data record into an Amazon Kinesis Firehose delivery stream", + "access_level": "Write", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecord.html" + }, + "PutRecordBatch": { + "privilege": "PutRecordBatch", + "description": "Grants permission to write multiple data records into a delivery stream in a single call, which can achieve higher throughput per producer than when writing single records", + "access_level": "Write", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html" + }, + "StartDeliveryStreamEncryption": { + "privilege": "StartDeliveryStreamEncryption", + "description": "Grants permission to enable server-side encryption (SSE) for the delivery stream", + "access_level": "Write", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_StartDeliveryStreamEncryption.html" + }, + "StopDeliveryStreamEncryption": { + "privilege": "StopDeliveryStreamEncryption", + "description": "Grants permission to disable the specified destination of the specified delivery stream", + "access_level": "Write", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_StopDeliveryStreamEncryption.html" + }, + "TagDeliveryStream": { + "privilege": "TagDeliveryStream", + "description": "Grants permission to add or update tags for the specified delivery stream", + "access_level": "Tagging", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_TagDeliveryStream.html" + }, + "UntagDeliveryStream": { + "privilege": "UntagDeliveryStream", + "description": "Grants permission to remove tags from the specified delivery stream", + "access_level": "Tagging", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_UntagDeliveryStream.html" + }, + "UpdateDestination": { + "privilege": "UpdateDestination", + "description": "Grants permission to update the specified destination of the specified delivery stream", + "access_level": "Write", + "resource_types": { + "deliverystream": { + "resource_type": "deliverystream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverystream": "deliverystream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/firehose/latest/APIReference/API_UpdateDestination.html" + } + }, + "privileges_lower_name": { + "createdeliverystream": "CreateDeliveryStream", + "deletedeliverystream": "DeleteDeliveryStream", + "describedeliverystream": "DescribeDeliveryStream", + "listdeliverystreams": "ListDeliveryStreams", + "listtagsfordeliverystream": "ListTagsForDeliveryStream", + "putrecord": "PutRecord", + "putrecordbatch": "PutRecordBatch", + "startdeliverystreamencryption": "StartDeliveryStreamEncryption", + "stopdeliverystreamencryption": "StopDeliveryStreamEncryption", + "tagdeliverystream": "TagDeliveryStream", + "untagdeliverystream": "UntagDeliveryStream", + "updatedestination": "UpdateDestination" + }, + "resources": { + "deliverystream": { + "resource": "deliverystream", + "arn": "arn:${Partition}:firehose:${Region}:${Account}:deliverystream/${DeliveryStreamName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "deliverystream": "deliverystream" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "kinesisvideo": { + "service_name": "Amazon Kinesis Video Streams", + "prefix": "kinesisvideo", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonkinesisvideostreams.html", + "privileges": { + "ConnectAsMaster": { + "privilege": "ConnectAsMaster", + "description": "Grants permission to connect as a master to the signaling channel specified by the endpoint", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ConnectAsMaster.html" + }, + "ConnectAsViewer": { + "privilege": "ConnectAsViewer", + "description": "Grants permission to connect as a viewer to the signaling channel specified by the endpoint", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ConnectAsViewer.html" + }, + "CreateSignalingChannel": { + "privilege": "CreateSignalingChannel", + "description": "Grants permission to create a signaling channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_CreateSignalingChannel.html" + }, + "CreateStream": { + "privilege": "CreateStream", + "description": "Grants permission to create a Kinesis video stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_CreateStream.html" + }, + "DeleteEdgeConfiguration": { + "privilege": "DeleteEdgeConfiguration", + "description": "Grants permission to delete the edge configuration of your Kinesis Video Stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteEdgeConfiguration.html" + }, + "DeleteSignalingChannel": { + "privilege": "DeleteSignalingChannel", + "description": "Grants permission to delete an existing signaling channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteSignalingChannel.html" + }, + "DeleteStream": { + "privilege": "DeleteStream", + "description": "Grants permission to delete an existing Kinesis video stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DeleteStream.html" + }, + "DescribeEdgeConfiguration": { + "privilege": "DescribeEdgeConfiguration", + "description": "Grants permission to describe the edge configuration of your Kinesis Video Stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeEdgeConfiguration.html" + }, + "DescribeImageGenerationConfiguration": { + "privilege": "DescribeImageGenerationConfiguration", + "description": "Grants permission to describe the image generation configuration of your Kinesis video stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeImageGenerationConfiguration.html" + }, + "DescribeMappedResourceConfiguration": { + "privilege": "DescribeMappedResourceConfiguration", + "description": "Grants permission to describe the resource mapped to the Kinesis video stream", + "access_level": "List", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeMappedResourceConfiguration.html" + }, + "DescribeMediaStorageConfiguration": { + "privilege": "DescribeMediaStorageConfiguration", + "description": "Grants permission to describe the media storage configuration of a signaling channel", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeMediaStorageConfiguration.html" + }, + "DescribeNotificationConfiguration": { + "privilege": "DescribeNotificationConfiguration", + "description": "Grants permission to describe the notification configuration of your Kinesis video stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeNotificationConfiguration.html" + }, + "DescribeSignalingChannel": { + "privilege": "DescribeSignalingChannel", + "description": "Grants permission to describe the specified signaling channel", + "access_level": "List", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeSignalingChannel.html" + }, + "DescribeStream": { + "privilege": "DescribeStream", + "description": "Grants permission to describe the specified Kinesis video stream", + "access_level": "List", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_DescribeStream.html" + }, + "GetClip": { + "privilege": "GetClip", + "description": "Grants permission to get a media clip from a video stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetClip.html" + }, + "GetDASHStreamingSessionURL": { + "privilege": "GetDASHStreamingSessionURL", + "description": "Grants permission to create a URL for MPEG-DASH video streaming", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetDASHStreamingSessionURL.html" + }, + "GetDataEndpoint": { + "privilege": "GetDataEndpoint", + "description": "Grants permission to get an endpoint for a specified stream for either reading or writing media data to Kinesis Video Streams", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_GetDataEndpoint.html" + }, + "GetHLSStreamingSessionURL": { + "privilege": "GetHLSStreamingSessionURL", + "description": "Grants permission to create a URL for HLS video streaming", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetHLSStreamingSessionURL.html" + }, + "GetIceServerConfig": { + "privilege": "GetIceServerConfig", + "description": "Grants permission to get the ICE server configuration", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_AWSAcuitySignalingService_GetIceServerConfig.html" + }, + "GetImages": { + "privilege": "GetImages", + "description": "Grants permission to get generated images from your Kinesis video stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetImages.html" + }, + "GetMedia": { + "privilege": "GetMedia", + "description": "Grants permission to return media content of a Kinesis video stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_dataplane_GetMedia.html" + }, + "GetMediaForFragmentList": { + "privilege": "GetMediaForFragmentList", + "description": "Grants permission to read and return media data only from persisted storage", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_GetMediaForFragmentList.html" + }, + "GetSignalingChannelEndpoint": { + "privilege": "GetSignalingChannelEndpoint", + "description": "Grants permission to get endpoints for a specified combination of protocol and role for a signaling channel", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_GetSignalingChannelEndpoint.html" + }, + "JoinStorageSession": { + "privilege": "JoinStorageSession", + "description": "Grants permission to join a storage session for a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_AWSAcuityRoutingServiceLambda_JoinStorageSession.html" + }, + "ListEdgeAgentConfigurations": { + "privilege": "ListEdgeAgentConfigurations", + "description": "Grants permission to list an edge agent configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListEdgeAgentConfigurations.html" + }, + "ListFragments": { + "privilege": "ListFragments", + "description": "Grants permission to list the fragments from archival storage based on the pagination token or selector type with range specified", + "access_level": "List", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_reader_ListFragments.html" + }, + "ListSignalingChannels": { + "privilege": "ListSignalingChannels", + "description": "Grants permission to list your signaling channels", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListSignalingChannels.html" + }, + "ListStreams": { + "privilege": "ListStreams", + "description": "Grants permission to list your Kinesis video streams", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListStreams.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to fetch the tags associated with your resource", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListTagsForResource.html" + }, + "ListTagsForStream": { + "privilege": "ListTagsForStream", + "description": "Grants permission to fetch the tags associated with Kinesis video stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_ListTagsForStream.html" + }, + "PutMedia": { + "privilege": "PutMedia", + "description": "Grants permission to send media data to a Kinesis video stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_dataplane_PutMedia.html" + }, + "SendAlexaOfferToMaster": { + "privilege": "SendAlexaOfferToMaster", + "description": "Grants permission to send the Alexa SDP offer to the master", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_AWSAcuitySignalingService_SendAlexaOfferToMaster.html" + }, + "StartEdgeConfigurationUpdate": { + "privilege": "StartEdgeConfigurationUpdate", + "description": "Grants permission to start edge configuration update of your Kinesis Video Stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_StartEdgeConfigurationUpdate.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to attach set of tags to your resource", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "stream": "stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_TagResource.html" + }, + "TagStream": { + "privilege": "TagStream", + "description": "Grants permission to attach set of tags to your Kinesis video streams", + "access_level": "Tagging", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_TagStream.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from your resource", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "stream": "stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UntagResource.html" + }, + "UntagStream": { + "privilege": "UntagStream", + "description": "Grants permission to remove one or more tags from your Kinesis video streams", + "access_level": "Tagging", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UntagStream.html" + }, + "UpdateDataRetention": { + "privilege": "UpdateDataRetention", + "description": "Grants permission to update the data retention period of your Kinesis video stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateDataRetention.html" + }, + "UpdateImageGenerationConfiguration": { + "privilege": "UpdateImageGenerationConfiguration", + "description": "Grants permission to update the image generation configuration of your Kinesis video stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateImageGenerationConfiguration.html" + }, + "UpdateMediaStorageConfiguration": { + "privilege": "UpdateMediaStorageConfiguration", + "description": "Grants permission to create or update an mapping between a signaling channel and stream", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateMediaStorageConfiguration.html" + }, + "UpdateNotificationConfiguration": { + "privilege": "UpdateNotificationConfiguration", + "description": "Grants permission to update the notification configuration of your Kinesis video stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateNotificationConfiguration.html" + }, + "UpdateSignalingChannel": { + "privilege": "UpdateSignalingChannel", + "description": "Grants permission to update an existing signaling channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateSignalingChannel.html" + }, + "UpdateStream": { + "privilege": "UpdateStream", + "description": "Grants permission to update an existing Kinesis video stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/API_UpdateStream.html" + } + }, + "privileges_lower_name": { + "connectasmaster": "ConnectAsMaster", + "connectasviewer": "ConnectAsViewer", + "createsignalingchannel": "CreateSignalingChannel", + "createstream": "CreateStream", + "deleteedgeconfiguration": "DeleteEdgeConfiguration", + "deletesignalingchannel": "DeleteSignalingChannel", + "deletestream": "DeleteStream", + "describeedgeconfiguration": "DescribeEdgeConfiguration", + "describeimagegenerationconfiguration": "DescribeImageGenerationConfiguration", + "describemappedresourceconfiguration": "DescribeMappedResourceConfiguration", + "describemediastorageconfiguration": "DescribeMediaStorageConfiguration", + "describenotificationconfiguration": "DescribeNotificationConfiguration", + "describesignalingchannel": "DescribeSignalingChannel", + "describestream": "DescribeStream", + "getclip": "GetClip", + "getdashstreamingsessionurl": "GetDASHStreamingSessionURL", + "getdataendpoint": "GetDataEndpoint", + "gethlsstreamingsessionurl": "GetHLSStreamingSessionURL", + "geticeserverconfig": "GetIceServerConfig", + "getimages": "GetImages", + "getmedia": "GetMedia", + "getmediaforfragmentlist": "GetMediaForFragmentList", + "getsignalingchannelendpoint": "GetSignalingChannelEndpoint", + "joinstoragesession": "JoinStorageSession", + "listedgeagentconfigurations": "ListEdgeAgentConfigurations", + "listfragments": "ListFragments", + "listsignalingchannels": "ListSignalingChannels", + "liststreams": "ListStreams", + "listtagsforresource": "ListTagsForResource", + "listtagsforstream": "ListTagsForStream", + "putmedia": "PutMedia", + "sendalexaoffertomaster": "SendAlexaOfferToMaster", + "startedgeconfigurationupdate": "StartEdgeConfigurationUpdate", + "tagresource": "TagResource", + "tagstream": "TagStream", + "untagresource": "UntagResource", + "untagstream": "UntagStream", + "updatedataretention": "UpdateDataRetention", + "updateimagegenerationconfiguration": "UpdateImageGenerationConfiguration", + "updatemediastorageconfiguration": "UpdateMediaStorageConfiguration", + "updatenotificationconfiguration": "UpdateNotificationConfiguration", + "updatesignalingchannel": "UpdateSignalingChannel", + "updatestream": "UpdateStream" + }, + "resources": { + "stream": { + "resource": "stream", + "arn": "arn:${Partition}:kinesisvideo:${Region}:${Account}:stream/${StreamName}/${CreationTime}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:kinesisvideo:${Region}:${Account}:channel/${ChannelName}/${CreationTime}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "stream": "stream", + "channel": "channel" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters requests based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value assoicated with the stream", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters requests based on the presence of mandatory tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "lex": { + "service_name": "Amazon Lex", + "prefix": "lex", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlex.html", + "privileges": { + "CreateBotVersion": { + "privilege": "CreateBotVersion", + "description": "Grants permission to create a new version of an existing bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBotVersion.html" + }, + "CreateIntentVersion": { + "privilege": "CreateIntentVersion", + "description": "Creates a new version based on the $LATEST version of the specified intent", + "access_level": "Write", + "resource_types": { + "intent version": { + "resource_type": "intent version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "intent version": "intent version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_CreateIntentVersion.html" + }, + "CreateSlotTypeVersion": { + "privilege": "CreateSlotTypeVersion", + "description": "Creates a new version based on the $LATEST version of the specified slot type", + "access_level": "Write", + "resource_types": { + "slottype version": { + "resource_type": "slottype version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "slottype version": "slottype version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_CreateSlotTypeVersion.html" + }, + "DeleteBot": { + "privilege": "DeleteBot", + "description": "Grants permission to delete an existing bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "lex:DeleteBotAlias", + "lex:DeleteBotChannel", + "lex:DeleteBotLocale", + "lex:DeleteBotVersion", + "lex:DeleteIntent", + "lex:DeleteSlot", + "lex:DeleteSlotType" + ] + }, + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBot.html" + }, + "DeleteBotAlias": { + "privilege": "DeleteBotAlias", + "description": "Grants permission to delete an existing bot alias in a bot", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBotAlias.html" + }, + "DeleteBotChannelAssociation": { + "privilege": "DeleteBotChannelAssociation", + "description": "Deletes the association between a Amazon Lex bot alias and a messaging platform", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_DeleteBotChannelAssociation.html" + }, + "DeleteBotVersion": { + "privilege": "DeleteBotVersion", + "description": "Grants permission to delete an existing bot version", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBotVersion.html" + }, + "DeleteIntent": { + "privilege": "DeleteIntent", + "description": "Grants permission to delete an existing intent in a bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteIntent.html" + }, + "DeleteIntentVersion": { + "privilege": "DeleteIntentVersion", + "description": "Deletes a specific version of an intent", + "access_level": "Write", + "resource_types": { + "intent version": { + "resource_type": "intent version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "intent version": "intent version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_DeleteIntentVersion.html" + }, + "DeleteSession": { + "privilege": "DeleteSession", + "description": "Grants permission to delete session information for a bot alias and user ID", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_DeleteSession.html" + }, + "DeleteSlotType": { + "privilege": "DeleteSlotType", + "description": "Grants permission to delete an existing slot type in a bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteSlotType.html" + }, + "DeleteSlotTypeVersion": { + "privilege": "DeleteSlotTypeVersion", + "description": "Deletes a specific version of a slot type", + "access_level": "Write", + "resource_types": { + "slottype version": { + "resource_type": "slottype version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "slottype version": "slottype version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_DeleteSlotTypeVersion.html" + }, + "DeleteUtterances": { + "privilege": "DeleteUtterances", + "description": "Grants permission to delete utterance data for a bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteUtterances.html" + }, + "GetBot": { + "privilege": "GetBot", + "description": "Returns information for a specific bot. In addition to the bot name, the bot version or alias is required", + "access_level": "Read", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot version": { + "resource_type": "bot version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias", + "bot version": "bot version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBot.html" + }, + "GetBotAlias": { + "privilege": "GetBotAlias", + "description": "Returns information about a Amazon Lex bot alias", + "access_level": "Read", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotAlias.html" + }, + "GetBotAliases": { + "privilege": "GetBotAliases", + "description": "Returns a list of aliases for a given Amazon Lex bot", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotAliases.html" + }, + "GetBotChannelAssociation": { + "privilege": "GetBotChannelAssociation", + "description": "Returns information about the association between a Amazon Lex bot and a messaging platform", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotChannelAssociation.html" + }, + "GetBotChannelAssociations": { + "privilege": "GetBotChannelAssociations", + "description": "Returns a list of all of the channels associated with a single bot", + "access_level": "List", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotChannelAssociations.html" + }, + "GetBotVersions": { + "privilege": "GetBotVersions", + "description": "Returns information for all versions of a specific bot", + "access_level": "List", + "resource_types": { + "bot version": { + "resource_type": "bot version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot version": "bot version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBotVersions.html" + }, + "GetBots": { + "privilege": "GetBots", + "description": "Returns information for the $LATEST version of all bots, subject to filters provided by the client", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBots.html" + }, + "GetBuiltinIntent": { + "privilege": "GetBuiltinIntent", + "description": "Returns information about a built-in intent", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBuiltinIntent.html" + }, + "GetBuiltinIntents": { + "privilege": "GetBuiltinIntents", + "description": "Gets a list of built-in intents that meet the specified criteria", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBuiltinIntents.html" + }, + "GetBuiltinSlotTypes": { + "privilege": "GetBuiltinSlotTypes", + "description": "Gets a list of built-in slot types that meet the specified criteria", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetBuiltinSlotTypes.html" + }, + "GetExport": { + "privilege": "GetExport", + "description": "Exports Amazon Lex Resource in a requested format", + "access_level": "Read", + "resource_types": { + "bot version": { + "resource_type": "bot version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot version": "bot version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetExport.html" + }, + "GetImport": { + "privilege": "GetImport", + "description": "Gets information about an import job started with StartImport", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetImport.html" + }, + "GetIntent": { + "privilege": "GetIntent", + "description": "Returns information for a specific intent. In addition to the intent name, you must also specify the intent version", + "access_level": "Read", + "resource_types": { + "intent version": { + "resource_type": "intent version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "intent version": "intent version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetIntent.html" + }, + "GetIntentVersions": { + "privilege": "GetIntentVersions", + "description": "Returns information for all versions of a specific intent", + "access_level": "List", + "resource_types": { + "intent version": { + "resource_type": "intent version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "intent version": "intent version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetIntentVersions.html" + }, + "GetIntents": { + "privilege": "GetIntents", + "description": "Returns information for the $LATEST version of all intents, subject to filters provided by the client", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetIntents.html" + }, + "GetMigration": { + "privilege": "GetMigration", + "description": "Grants permission to view an ongoing or completed migration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetMigration.html" + }, + "GetMigrations": { + "privilege": "GetMigrations", + "description": "Grants permission to view list of migrations from Amazon Lex v1 to Amazon Lex v2", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetMigrations.html" + }, + "GetSession": { + "privilege": "GetSession", + "description": "Grants permission to retrieve session information for a bot alias and user ID", + "access_level": "Read", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_GetSession.html" + }, + "GetSlotType": { + "privilege": "GetSlotType", + "description": "Returns information about a specific version of a slot type. In addition to specifying the slot type name, you must also specify the slot type version", + "access_level": "Read", + "resource_types": { + "slottype version": { + "resource_type": "slottype version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "slottype version": "slottype version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetSlotType.html" + }, + "GetSlotTypeVersions": { + "privilege": "GetSlotTypeVersions", + "description": "Returns information for all versions of a specific slot type", + "access_level": "List", + "resource_types": { + "slottype version": { + "resource_type": "slottype version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "slottype version": "slottype version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetSlotTypeVersions.html" + }, + "GetSlotTypes": { + "privilege": "GetSlotTypes", + "description": "Returns information for the $LATEST version of all slot types, subject to filters provided by the client", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetSlotTypes.html" + }, + "GetUtterancesView": { + "privilege": "GetUtterancesView", + "description": "Returns a view of aggregate utterance data for versions of a bot for a recent time period", + "access_level": "List", + "resource_types": { + "bot version": { + "resource_type": "bot version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot version": "bot version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_GetUtterancesView.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tags for a Lex resource", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias", + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTagsForResource.html" + }, + "PostContent": { + "privilege": "PostContent", + "description": "Sends user input (text or speech) to Amazon Lex", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot version": { + "resource_type": "bot version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias", + "bot version": "bot version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_runtime_PostContent.html" + }, + "PostText": { + "privilege": "PostText", + "description": "Sends user input (text-only) to Amazon Lex", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot version": { + "resource_type": "bot version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias", + "bot version": "bot version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_runtime_PostText.html" + }, + "PutBot": { + "privilege": "PutBot", + "description": "Creates or updates the $LATEST version of a Amazon Lex conversational bot", + "access_level": "Write", + "resource_types": { + "bot version": { + "resource_type": "bot version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot version": "bot version", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutBot.html" + }, + "PutBotAlias": { + "privilege": "PutBotAlias", + "description": "Creates or updates an alias for the specific bot", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutBotAlias.html" + }, + "PutIntent": { + "privilege": "PutIntent", + "description": "Creates or updates the $LATEST version of an intent", + "access_level": "Write", + "resource_types": { + "intent version": { + "resource_type": "intent version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "intent version": "intent version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutIntent.html" + }, + "PutSession": { + "privilege": "PutSession", + "description": "Grants permission to create a new session or modify an existing session for a bot alias and user ID", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_PutSession.html" + }, + "PutSlotType": { + "privilege": "PutSlotType", + "description": "Creates or updates the $LATEST version of a slot type", + "access_level": "Write", + "resource_types": { + "slottype version": { + "resource_type": "slottype version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "slottype version": "slottype version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_PutSlotType.html" + }, + "StartImport": { + "privilege": "StartImport", + "description": "Grants permission to start a new import with the uploaded import file", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "lex:CreateBot", + "lex:CreateBotLocale", + "lex:CreateCustomVocabulary", + "lex:CreateIntent", + "lex:CreateSlot", + "lex:CreateSlotType", + "lex:CreateTestSet", + "lex:DeleteBotLocale", + "lex:DeleteCustomVocabulary", + "lex:DeleteIntent", + "lex:DeleteSlot", + "lex:DeleteSlotType", + "lex:UpdateBot", + "lex:UpdateBotLocale", + "lex:UpdateCustomVocabulary", + "lex:UpdateIntent", + "lex:UpdateSlot", + "lex:UpdateSlotType", + "lex:UpdateTestSet" + ] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias", + "test set": "test set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartImport.html" + }, + "StartMigration": { + "privilege": "StartMigration", + "description": "Grants permission to migrate a bot from Amazon Lex v1 to Amazon Lex v2", + "access_level": "Write", + "resource_types": { + "bot version": { + "resource_type": "bot version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot version": "bot version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lex/latest/dg/API_StartMigration.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or overwrite tags of a Lex resource", + "access_level": "Tagging", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias", + "test set": "test set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a Lex resource", + "access_level": "Tagging", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias", + "test set": "test set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UntagResource.html" + }, + "BatchCreateCustomVocabularyItem": { + "privilege": "BatchCreateCustomVocabularyItem", + "description": "Grants permission to create new items in an existing custom vocabulary", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BatchCreateCustomVocabularyItem.html" + }, + "BatchDeleteCustomVocabularyItem": { + "privilege": "BatchDeleteCustomVocabularyItem", + "description": "Grants permission to delete existing items in an existing custom vocabulary", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BatchDeleteCustomVocabularyItem.html" + }, + "BatchUpdateCustomVocabularyItem": { + "privilege": "BatchUpdateCustomVocabularyItem", + "description": "Grants permission to update existing items in an existing custom vocabulary", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BatchUpdateCustomVocabularyItem.html" + }, + "BuildBotLocale": { + "privilege": "BuildBotLocale", + "description": "Grants permission to build an existing bot locale in a bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_BuildBotLocale.html" + }, + "CreateBot": { + "privilege": "CreateBot", + "description": "Grants permission to create a new bot and a test bot alias pointing to the DRAFT bot version", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBot.html" + }, + "CreateBotAlias": { + "privilege": "CreateBotAlias", + "description": "Grants permission to create a new bot alias in a bot", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBotAlias.html" + }, + "CreateBotChannel": { + "privilege": "CreateBotChannel", + "description": "Grants permission to create a bot channel in an existing bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" + }, + "CreateBotLocale": { + "privilege": "CreateBotLocale", + "description": "Grants permission to create a new bot locale in an existing bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateBotLocale.html" + }, + "CreateCustomVocabulary": { + "privilege": "CreateCustomVocabulary", + "description": "Grants permission to create a new custom vocabulary in an existing bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/vocab.html" + }, + "CreateExport": { + "privilege": "CreateExport", + "description": "Grants permission to create an export for an existing resource", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateExport.html" + }, + "CreateIntent": { + "privilege": "CreateIntent", + "description": "Grants permission to create a new intent in an existing bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateIntent.html" + }, + "CreateResourcePolicy": { + "privilege": "CreateResourcePolicy", + "description": "Grants permission to create a new resource policy for a Lex resource", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateResourcePolicy.html" + }, + "CreateSlot": { + "privilege": "CreateSlot", + "description": "Grants permission to create a new slot in an intent", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateSlot.html" + }, + "CreateSlotType": { + "privilege": "CreateSlotType", + "description": "Grants permission to create a new slot type in an existing bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateSlotType.html" + }, + "CreateTestSet": { + "privilege": "CreateTestSet", + "description": "Grants permission to import a new test-set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/create-test-set-from-CSV.html" + }, + "CreateTestSetDiscrepancyReport": { + "privilege": "CreateTestSetDiscrepancyReport", + "description": "Grants permission to create a test set discrepancy report", + "access_level": "Write", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateTestSetDiscrepancyReport.html" + }, + "CreateUploadUrl": { + "privilege": "CreateUploadUrl", + "description": "Grants permission to create an upload url for import file", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_CreateUploadUrl.html" + }, + "DeleteBotChannel": { + "privilege": "DeleteBotChannel", + "description": "Grants permission to delete an existing bot channel", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" + }, + "DeleteBotLocale": { + "privilege": "DeleteBotLocale", + "description": "Grants permission to delete an existing bot locale in a bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "lex:DeleteIntent", + "lex:DeleteSlot", + "lex:DeleteSlotType" + ] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteBotLocale.html" + }, + "DeleteCustomVocabulary": { + "privilege": "DeleteCustomVocabulary", + "description": "Grants permission to delete an existing custom vocabulary in a bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteCustomVocabulary.html" + }, + "DeleteExport": { + "privilege": "DeleteExport", + "description": "Grants permission to delete an existing export", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteExport.html" + }, + "DeleteImport": { + "privilege": "DeleteImport", + "description": "Grants permission to delete an existing import", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteImport.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete an existing resource policy for a Lex resource", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteSlot": { + "privilege": "DeleteSlot", + "description": "Grants permission to delete an existing slot in an intent", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteSlot.html" + }, + "DeleteTestSet": { + "privilege": "DeleteTestSet", + "description": "Grants permission to delete an existing test set", + "access_level": "Write", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DeleteTestSet.html" + }, + "DescribeBot": { + "privilege": "DescribeBot", + "description": "Grants permission to retrieve an existing bot", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBot.html" + }, + "DescribeBotAlias": { + "privilege": "DescribeBotAlias", + "description": "Grants permission to retrieve an existing bot alias", + "access_level": "Read", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotAlias.html" + }, + "DescribeBotChannel": { + "privilege": "DescribeBotChannel", + "description": "Grants permission to retrieve an existing bot channel", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" + }, + "DescribeBotLocale": { + "privilege": "DescribeBotLocale", + "description": "Grants permission to retrieve an existing bot locale", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotLocale.html" + }, + "DescribeBotRecommendation": { + "privilege": "DescribeBotRecommendation", + "description": "Grants permission to retrieve metadata information about a bot recommendation", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotRecommendation.html" + }, + "DescribeBotVersion": { + "privilege": "DescribeBotVersion", + "description": "Grants permission to retrieve an existing bot version", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeBotVersion.html" + }, + "DescribeCustomVocabulary": { + "privilege": "DescribeCustomVocabulary", + "description": "Grants permission to retrieve an existing custom vocabulary", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/vocab.html" + }, + "DescribeCustomVocabularyMetadata": { + "privilege": "DescribeCustomVocabularyMetadata", + "description": "Grants permission to retrieve metadata of an existing custom vocabulary", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeCustomVocabularyMetadata.html" + }, + "DescribeExport": { + "privilege": "DescribeExport", + "description": "Grants permission to retrieve an existing export", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "lex:DescribeBot", + "lex:DescribeBotLocale", + "lex:DescribeIntent", + "lex:DescribeSlot", + "lex:DescribeSlotType", + "lex:ListBotLocales", + "lex:ListIntents", + "lex:ListSlotTypes", + "lex:ListSlots" + ] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeExport.html" + }, + "DescribeImport": { + "privilege": "DescribeImport", + "description": "Grants permission to retrieve an existing import", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeImport.html" + }, + "DescribeIntent": { + "privilege": "DescribeIntent", + "description": "Grants permission to retrieve an existing intent", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeIntent.html" + }, + "DescribeResourcePolicy": { + "privilege": "DescribeResourcePolicy", + "description": "Grants permission to retrieve an existing resource policy for a Lex resource", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeResourcePolicy.html" + }, + "DescribeSlot": { + "privilege": "DescribeSlot", + "description": "Grants permission to retrieve an existing slot", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeSlot.html" + }, + "DescribeSlotType": { + "privilege": "DescribeSlotType", + "description": "Grants permission to retrieve an existing slot type", + "access_level": "Read", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeSlotType.html" + }, + "DescribeTestExecution": { + "privilege": "DescribeTestExecution", + "description": "Grants permission to retrieve test execution metadata", + "access_level": "Read", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestExecution.html" + }, + "DescribeTestSet": { + "privilege": "DescribeTestSet", + "description": "Grants permission to retrieve an existing test set", + "access_level": "Read", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestSet.html" + }, + "DescribeTestSetDiscrepancyReport": { + "privilege": "DescribeTestSetDiscrepancyReport", + "description": "Grants permission to retrieve test set discrepancy report metadata", + "access_level": "Read", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestSetDiscrepancyReport.html" + }, + "DescribeTestSetGeneration": { + "privilege": "DescribeTestSetGeneration", + "description": "Grants permission to retrieve test set generation metadata", + "access_level": "Read", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_DescribeTestSetGeneration.html" + }, + "GetTestExecutionArtifactsUrl": { + "privilege": "GetTestExecutionArtifactsUrl", + "description": "Grants permission to retrieve artifacts URL for a test execution", + "access_level": "Read", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_GetTestExecutionArtifactsUrl.html" + }, + "ListAggregatedUtterances": { + "privilege": "ListAggregatedUtterances", + "description": "Grants permission to list utterances and statistics for a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListAggregatedUtterances.html" + }, + "ListBotAliases": { + "privilege": "ListBotAliases", + "description": "Grants permission to list bot aliases in an bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotAliases.html" + }, + "ListBotChannels": { + "privilege": "ListBotChannels", + "description": "Grants permission to list bot channels", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/deploying-messaging-platform.html" + }, + "ListBotLocales": { + "privilege": "ListBotLocales", + "description": "Grants permission to list bot locales in a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotLocales.html" + }, + "ListBotRecommendations": { + "privilege": "ListBotRecommendations", + "description": "Grants permission to get a list of bot recommendations that meet the specified criteria", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotRecommendations.html" + }, + "ListBotVersions": { + "privilege": "ListBotVersions", + "description": "Grants permission to list existing bot versions", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBotVersions.html" + }, + "ListBots": { + "privilege": "ListBots", + "description": "Grants permission to list existing bots", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBots.html" + }, + "ListBuiltInIntents": { + "privilege": "ListBuiltInIntents", + "description": "Grants permission to list built-in intents", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBuiltInIntents.html" + }, + "ListBuiltInSlotTypes": { + "privilege": "ListBuiltInSlotTypes", + "description": "Grants permission to list built-in slot types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListBuiltInSlotTypes.html" + }, + "ListCustomVocabularyItems": { + "privilege": "ListCustomVocabularyItems", + "description": "Grants permission to list items of an existing custom vocabulary", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListCustomVocabularyItems.html" + }, + "ListExports": { + "privilege": "ListExports", + "description": "Grants permission to list existing exports", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListExports.html" + }, + "ListImports": { + "privilege": "ListImports", + "description": "Grants permission to list existing imports", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListImports.html" + }, + "ListIntentMetrics": { + "privilege": "ListIntentMetrics", + "description": "Grants permission to list intent analytics metrics for a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListIntentMetrics.html" + }, + "ListIntentPaths": { + "privilege": "ListIntentPaths", + "description": "Grants permission to list intent path analytics for a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListIntentPaths.html" + }, + "ListIntentStageMetrics": { + "privilege": "ListIntentStageMetrics", + "description": "Grants permission to list intentStage analytics metrics for a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListIntentStageMetrics.html" + }, + "ListIntents": { + "privilege": "ListIntents", + "description": "Grants permission to list intents in a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListIntents.html" + }, + "ListRecommendedIntents": { + "privilege": "ListRecommendedIntents", + "description": "Grants permission to get a list of recommended intents provided by the bot recommendation", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListRecommendedIntents.html" + }, + "ListSessionAnalyticsData": { + "privilege": "ListSessionAnalyticsData", + "description": "Grants permission to list session analytics data for a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListSessionAnalyticsData.html" + }, + "ListSessionMetrics": { + "privilege": "ListSessionMetrics", + "description": "Grants permission to list session analytics metrics for a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListSessionMetrics.html" + }, + "ListSlotTypes": { + "privilege": "ListSlotTypes", + "description": "Grants permission to list slot types in a bot", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListSlotTypes.html" + }, + "ListSlots": { + "privilege": "ListSlots", + "description": "Grants permission to list slots in an intent", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListSlots.html" + }, + "ListTestExecutionResultItems": { + "privilege": "ListTestExecutionResultItems", + "description": "Grants permission to retrieve test results data for a test execution", + "access_level": "Read", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "lex:ListTestSetRecords" + ] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestExecutionResultItems.html" + }, + "ListTestExecutions": { + "privilege": "ListTestExecutions", + "description": "Grants permission to list test executions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestExecutions.html" + }, + "ListTestSetRecords": { + "privilege": "ListTestSetRecords", + "description": "Grants permission to retrieve records inside an existing test set", + "access_level": "Read", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestSetRecords.html" + }, + "ListTestSets": { + "privilege": "ListTestSets", + "description": "Grants permission to list test sets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_ListTestSets.html" + }, + "RecognizeText": { + "privilege": "RecognizeText", + "description": "Grants permission to send user input (text-only) to an bot alias", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_RecognizeText.html" + }, + "RecognizeUtterance": { + "privilege": "RecognizeUtterance", + "description": "Grants permission to send user input (text or speech) to an bot alias", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_RecognizeUtterance.html" + }, + "SearchAssociatedTranscripts": { + "privilege": "SearchAssociatedTranscripts", + "description": "Grants permission to search for associated transcripts that meet the specified criteria", + "access_level": "List", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_SearchAssociatedTranscripts.html" + }, + "StartBotRecommendation": { + "privilege": "StartBotRecommendation", + "description": "Grants permission to start a bot recommendation for an existing bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartBotRecommendation.html" + }, + "StartConversation": { + "privilege": "StartConversation", + "description": "Grants permission to stream user input (speech/text/DTMF) to a bot alias", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_runtime_StartConversation.html" + }, + "StartTestExecution": { + "privilege": "StartTestExecution", + "description": "Grants permission to start a test execution using a test set", + "access_level": "Write", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartTestExecution.html" + }, + "StartTestSetGeneration": { + "privilege": "StartTestSetGeneration", + "description": "Grants permission to generate a test set", + "access_level": "Write", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StartTestSetGeneration.html" + }, + "StopBotRecommendation": { + "privilege": "StopBotRecommendation", + "description": "Grants permission to stop a bot recommendation for an existing bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_StopBotRecommendation.html" + }, + "UpdateBot": { + "privilege": "UpdateBot", + "description": "Grants permission to update an existing bot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBot.html" + }, + "UpdateBotAlias": { + "privilege": "UpdateBotAlias", + "description": "Grants permission to update an existing bot alias", + "access_level": "Write", + "resource_types": { + "bot alias": { + "resource_type": "bot alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBotAlias.html" + }, + "UpdateBotLocale": { + "privilege": "UpdateBotLocale", + "description": "Grants permission to update an existing bot locale", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBotLocale.html" + }, + "UpdateBotRecommendation": { + "privilege": "UpdateBotRecommendation", + "description": "Grants permission to update an existing bot recommendation request", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateBotRecommendation.html" + }, + "UpdateCustomVocabulary": { + "privilege": "UpdateCustomVocabulary", + "description": "Grants permission to update an existing custom vocabulary", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/dg/vocab.html" + }, + "UpdateExport": { + "privilege": "UpdateExport", + "description": "Grants permission to update an existing export", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateExport.html" + }, + "UpdateIntent": { + "privilege": "UpdateIntent", + "description": "Grants permission to update an existing intent", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateIntent.html" + }, + "UpdateResourcePolicy": { + "privilege": "UpdateResourcePolicy", + "description": "Grants permission to update an existing resource policy for a Lex resource", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "bot alias": { + "resource_type": "bot alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot", + "bot alias": "bot alias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateResourcePolicy.html" + }, + "UpdateSlot": { + "privilege": "UpdateSlot", + "description": "Grants permission to update an existing slot", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateSlot.html" + }, + "UpdateSlotType": { + "privilege": "UpdateSlotType", + "description": "Grants permission to update an existing slot type", + "access_level": "Write", + "resource_types": { + "bot": { + "resource_type": "bot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bot": "bot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateSlotType.html" + }, + "UpdateTestSet": { + "privilege": "UpdateTestSet", + "description": "Grants permission to update an existing test set", + "access_level": "Write", + "resource_types": { + "test set": { + "resource_type": "test set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test set": "test set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lexv2/latest/APIReference/API_UpdateTestSet.html" + } + }, + "privileges_lower_name": { + "createbotversion": "CreateBotVersion", + "createintentversion": "CreateIntentVersion", + "createslottypeversion": "CreateSlotTypeVersion", + "deletebot": "DeleteBot", + "deletebotalias": "DeleteBotAlias", + "deletebotchannelassociation": "DeleteBotChannelAssociation", + "deletebotversion": "DeleteBotVersion", + "deleteintent": "DeleteIntent", + "deleteintentversion": "DeleteIntentVersion", + "deletesession": "DeleteSession", + "deleteslottype": "DeleteSlotType", + "deleteslottypeversion": "DeleteSlotTypeVersion", + "deleteutterances": "DeleteUtterances", + "getbot": "GetBot", + "getbotalias": "GetBotAlias", + "getbotaliases": "GetBotAliases", + "getbotchannelassociation": "GetBotChannelAssociation", + "getbotchannelassociations": "GetBotChannelAssociations", + "getbotversions": "GetBotVersions", + "getbots": "GetBots", + "getbuiltinintent": "GetBuiltinIntent", + "getbuiltinintents": "GetBuiltinIntents", + "getbuiltinslottypes": "GetBuiltinSlotTypes", + "getexport": "GetExport", + "getimport": "GetImport", + "getintent": "GetIntent", + "getintentversions": "GetIntentVersions", + "getintents": "GetIntents", + "getmigration": "GetMigration", + "getmigrations": "GetMigrations", + "getsession": "GetSession", + "getslottype": "GetSlotType", + "getslottypeversions": "GetSlotTypeVersions", + "getslottypes": "GetSlotTypes", + "getutterancesview": "GetUtterancesView", + "listtagsforresource": "ListTagsForResource", + "postcontent": "PostContent", + "posttext": "PostText", + "putbot": "PutBot", + "putbotalias": "PutBotAlias", + "putintent": "PutIntent", + "putsession": "PutSession", + "putslottype": "PutSlotType", + "startimport": "StartImport", + "startmigration": "StartMigration", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "batchcreatecustomvocabularyitem": "BatchCreateCustomVocabularyItem", + "batchdeletecustomvocabularyitem": "BatchDeleteCustomVocabularyItem", + "batchupdatecustomvocabularyitem": "BatchUpdateCustomVocabularyItem", + "buildbotlocale": "BuildBotLocale", + "createbot": "CreateBot", + "createbotalias": "CreateBotAlias", + "createbotchannel": "CreateBotChannel", + "createbotlocale": "CreateBotLocale", + "createcustomvocabulary": "CreateCustomVocabulary", + "createexport": "CreateExport", + "createintent": "CreateIntent", + "createresourcepolicy": "CreateResourcePolicy", + "createslot": "CreateSlot", + "createslottype": "CreateSlotType", + "createtestset": "CreateTestSet", + "createtestsetdiscrepancyreport": "CreateTestSetDiscrepancyReport", + "createuploadurl": "CreateUploadUrl", + "deletebotchannel": "DeleteBotChannel", + "deletebotlocale": "DeleteBotLocale", + "deletecustomvocabulary": "DeleteCustomVocabulary", + "deleteexport": "DeleteExport", + "deleteimport": "DeleteImport", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteslot": "DeleteSlot", + "deletetestset": "DeleteTestSet", + "describebot": "DescribeBot", + "describebotalias": "DescribeBotAlias", + "describebotchannel": "DescribeBotChannel", + "describebotlocale": "DescribeBotLocale", + "describebotrecommendation": "DescribeBotRecommendation", + "describebotversion": "DescribeBotVersion", + "describecustomvocabulary": "DescribeCustomVocabulary", + "describecustomvocabularymetadata": "DescribeCustomVocabularyMetadata", + "describeexport": "DescribeExport", + "describeimport": "DescribeImport", + "describeintent": "DescribeIntent", + "describeresourcepolicy": "DescribeResourcePolicy", + "describeslot": "DescribeSlot", + "describeslottype": "DescribeSlotType", + "describetestexecution": "DescribeTestExecution", + "describetestset": "DescribeTestSet", + "describetestsetdiscrepancyreport": "DescribeTestSetDiscrepancyReport", + "describetestsetgeneration": "DescribeTestSetGeneration", + "gettestexecutionartifactsurl": "GetTestExecutionArtifactsUrl", + "listaggregatedutterances": "ListAggregatedUtterances", + "listbotaliases": "ListBotAliases", + "listbotchannels": "ListBotChannels", + "listbotlocales": "ListBotLocales", + "listbotrecommendations": "ListBotRecommendations", + "listbotversions": "ListBotVersions", + "listbots": "ListBots", + "listbuiltinintents": "ListBuiltInIntents", + "listbuiltinslottypes": "ListBuiltInSlotTypes", + "listcustomvocabularyitems": "ListCustomVocabularyItems", + "listexports": "ListExports", + "listimports": "ListImports", + "listintentmetrics": "ListIntentMetrics", + "listintentpaths": "ListIntentPaths", + "listintentstagemetrics": "ListIntentStageMetrics", + "listintents": "ListIntents", + "listrecommendedintents": "ListRecommendedIntents", + "listsessionanalyticsdata": "ListSessionAnalyticsData", + "listsessionmetrics": "ListSessionMetrics", + "listslottypes": "ListSlotTypes", + "listslots": "ListSlots", + "listtestexecutionresultitems": "ListTestExecutionResultItems", + "listtestexecutions": "ListTestExecutions", + "listtestsetrecords": "ListTestSetRecords", + "listtestsets": "ListTestSets", + "recognizetext": "RecognizeText", + "recognizeutterance": "RecognizeUtterance", + "searchassociatedtranscripts": "SearchAssociatedTranscripts", + "startbotrecommendation": "StartBotRecommendation", + "startconversation": "StartConversation", + "starttestexecution": "StartTestExecution", + "starttestsetgeneration": "StartTestSetGeneration", + "stopbotrecommendation": "StopBotRecommendation", + "updatebot": "UpdateBot", + "updatebotalias": "UpdateBotAlias", + "updatebotlocale": "UpdateBotLocale", + "updatebotrecommendation": "UpdateBotRecommendation", + "updatecustomvocabulary": "UpdateCustomVocabulary", + "updateexport": "UpdateExport", + "updateintent": "UpdateIntent", + "updateresourcepolicy": "UpdateResourcePolicy", + "updateslot": "UpdateSlot", + "updateslottype": "UpdateSlotType", + "updatetestset": "UpdateTestSet" + }, + "resources": { + "bot": { + "resource": "bot", + "arn": "arn:${Partition}:lex:${Region}:${Account}:bot/${BotId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "bot version": { + "resource": "bot version", + "arn": "arn:${Partition}:lex:${Region}:${Account}:bot:${BotName}:${BotVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "bot alias": { + "resource": "bot alias", + "arn": "arn:${Partition}:lex:${Region}:${Account}:bot-alias/${BotId}/${BotAliasId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:lex:${Region}:${Account}:bot-channel:${BotName}:${BotAlias}:${ChannelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "intent version": { + "resource": "intent version", + "arn": "arn:${Partition}:lex:${Region}:${Account}:intent:${IntentName}:${IntentVersion}", + "condition_keys": [] + }, + "slottype version": { + "resource": "slottype version", + "arn": "arn:${Partition}:lex:${Region}:${Account}:slottype:${SlotName}:${SlotVersion}", + "condition_keys": [] + }, + "test set": { + "resource": "test set", + "arn": "arn:${Partition}:lex:${Region}:${Account}:test-set/${TestSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "bot": "bot", + "bot version": "bot version", + "bot alias": "bot alias", + "channel": "channel", + "intent version": "intent version", + "slottype version": "slottype version", + "test set": "test set" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags attached to a Lex resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the set of tag keys in the request", + "type": "ArrayOfString" + }, + "lex:associatedIntents": { + "condition": "lex:associatedIntents", + "description": "Enables you to control access based on the intents included in the request", + "type": "ArrayOfString" + }, + "lex:associatedSlotTypes": { + "condition": "lex:associatedSlotTypes", + "description": "Enables you to control access based on the slot types included in the request", + "type": "ArrayOfString" + }, + "lex:channelType": { + "condition": "lex:channelType", + "description": "Enables you to control access based on the channel type included in the request", + "type": "String" + } + } + }, + "lightsail": { + "service_name": "Amazon Lightsail", + "prefix": "lightsail", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlightsail.html", + "privileges": { + "AllocateStaticIp": { + "privilege": "AllocateStaticIp", + "description": "Grants permission to create a static IP address that can be attached to an instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AllocateStaticIp.html" + }, + "AttachCertificateToDistribution": { + "privilege": "AttachCertificateToDistribution", + "description": "Grants permission to attach an SSL/TLS certificate to your Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Write", + "resource_types": { + "Certificate": { + "resource_type": "Certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Distribution": { + "resource_type": "Distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "Certificate", + "distribution": "Distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachCertificateToDistribution.html" + }, + "AttachDisk": { + "privilege": "AttachDisk", + "description": "Grants permission to attach a disk to an instance", + "access_level": "Write", + "resource_types": { + "Disk": { + "resource_type": "Disk", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disk": "Disk" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachDisk.html" + }, + "AttachInstancesToLoadBalancer": { + "privilege": "AttachInstancesToLoadBalancer", + "description": "Grants permission to attach one or more instances to a load balancer", + "access_level": "Write", + "resource_types": { + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachInstancesToLoadBalancer.html" + }, + "AttachLoadBalancerTlsCertificate": { + "privilege": "AttachLoadBalancerTlsCertificate", + "description": "Grants permission to attach a TLS certificate to a load balancer", + "access_level": "Write", + "resource_types": { + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachLoadBalancerTlsCertificate.html" + }, + "AttachStaticIp": { + "privilege": "AttachStaticIp", + "description": "Grants permission to attach a static IP address to an instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "StaticIp": { + "resource_type": "StaticIp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "staticip": "StaticIp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_AttachStaticIp.html" + }, + "CloseInstancePublicPorts": { + "privilege": "CloseInstancePublicPorts", + "description": "Grants permission to close a public port of an instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CloseInstancePublicPorts.html" + }, + "CopySnapshot": { + "privilege": "CopySnapshot", + "description": "Grants permission to copy a snapshot from one AWS Region to another in Amazon Lightsail", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CopySnapshot.html" + }, + "CreateBucket": { + "privilege": "CreateBucket", + "description": "Grants permission to create an Amazon Lightsail bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateBucket.html" + }, + "CreateBucketAccessKey": { + "privilege": "CreateBucketAccessKey", + "description": "Grants permission to create a new access key for the specified bucket", + "access_level": "Write", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateBucketAccessKey.html" + }, + "CreateCertificate": { + "privilege": "CreateCertificate", + "description": "Grants permission to create an SSL/TLS certificate", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "lightsail:CreateDomainEntry", + "lightsail:GetDomains" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateCertificate.html" + }, + "CreateCloudFormationStack": { + "privilege": "CreateCloudFormationStack", + "description": "Grants permission to create a new Amazon EC2 instance from an exported Amazon Lightsail snapshot", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateCloudFormationStack.html" + }, + "CreateContactMethod": { + "privilege": "CreateContactMethod", + "description": "Grants permission to create an email or SMS text message contact method", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContactMethod.html" + }, + "CreateContainerService": { + "privilege": "CreateContainerService", + "description": "Grants permission to create an Amazon Lightsail container service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContainerService.html" + }, + "CreateContainerServiceDeployment": { + "privilege": "CreateContainerServiceDeployment", + "description": "Grants permission to create a deployment for your Amazon Lightsail container service", + "access_level": "Write", + "resource_types": { + "ContainerService": { + "resource_type": "ContainerService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerservice": "ContainerService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContainerServiceDeployment.html" + }, + "CreateContainerServiceRegistryLogin": { + "privilege": "CreateContainerServiceRegistryLogin", + "description": "Grants permission to create a temporary set of log in credentials that you can use to log in to the Docker process on your local machine", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateContainerServiceRegistryLogin.html" + }, + "CreateDisk": { + "privilege": "CreateDisk", + "description": "Grants permission to create a disk", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDisk.html" + }, + "CreateDiskFromSnapshot": { + "privilege": "CreateDiskFromSnapshot", + "description": "Grants permission to create a disk from snapshot", + "access_level": "Write", + "resource_types": { + "DiskSnapshot": { + "resource_type": "DiskSnapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disksnapshot": "DiskSnapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDiskFromSnapshot.html" + }, + "CreateDiskSnapshot": { + "privilege": "CreateDiskSnapshot", + "description": "Grants permission to create a disk snapshot", + "access_level": "Write", + "resource_types": { + "Disk": { + "resource_type": "Disk", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disk": "Disk", + "instance": "Instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDiskSnapshot.html" + }, + "CreateDistribution": { + "privilege": "CreateDistribution", + "description": "Grants permission to create an Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDistribution.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Grants permission to create a domain resource for the specified domain name", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "route53:DeleteHostedZone", + "route53:GetHostedZone", + "route53:ListHostedZonesByName", + "route53domains:GetDomainDetail", + "route53domains:GetOperationDetail", + "route53domains:ListDomains", + "route53domains:ListOperations", + "route53domains:UpdateDomainNameservers" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDomain.html" + }, + "CreateDomainEntry": { + "privilege": "CreateDomainEntry", + "description": "Grants permission to create one or more DNS record entries for a domain resource: Address (A), canonical name (CNAME), mail exchanger (MX), name server (NS), start of authority (SOA), service locator (SRV), or text (TXT)", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateDomainEntry.html" + }, + "CreateGUISessionAccessDetails": { + "privilege": "CreateGUISessionAccessDetails", + "description": "Grants permission to create URLs that are used to access an instance's graphical user interface (GUI) session", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateGUISessionAccessDetails.html" + }, + "CreateInstanceSnapshot": { + "privilege": "CreateInstanceSnapshot", + "description": "Grants permission to create an instance snapshot", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateInstanceSnapshot.html" + }, + "CreateInstances": { + "privilege": "CreateInstances", + "description": "Grants permission to create one or more instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateInstances.html" + }, + "CreateInstancesFromSnapshot": { + "privilege": "CreateInstancesFromSnapshot", + "description": "Grants permission to create one or more instances based on an instance snapshot", + "access_level": "Write", + "resource_types": { + "InstanceSnapshot": { + "resource_type": "InstanceSnapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instancesnapshot": "InstanceSnapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateInstancesFromSnapshot.html" + }, + "CreateKeyPair": { + "privilege": "CreateKeyPair", + "description": "Grants permission to create a key pair used to authenticate and connect to an instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateKeyPair.html" + }, + "CreateLoadBalancer": { + "privilege": "CreateLoadBalancer", + "description": "Grants permission to create a load balancer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "lightsail:CreateDomainEntry", + "lightsail:GetDomains" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateLoadBalancer.html" + }, + "CreateLoadBalancerTlsCertificate": { + "privilege": "CreateLoadBalancerTlsCertificate", + "description": "Grants permission to create a load balancer TLS certificate", + "access_level": "Write", + "resource_types": { + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "lightsail:CreateDomainEntry", + "lightsail:GetDomains" + ] + } + }, + "resource_types_lower_name": { + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateLoadBalancerTlsCertificate.html" + }, + "CreateRelationalDatabase": { + "privilege": "CreateRelationalDatabase", + "description": "Grants permission to create a new relational database", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateRelationalDatabase.html" + }, + "CreateRelationalDatabaseFromSnapshot": { + "privilege": "CreateRelationalDatabaseFromSnapshot", + "description": "Grants permission to create a new relational database from a snapshot", + "access_level": "Write", + "resource_types": { + "RelationalDatabaseSnapshot": { + "resource_type": "RelationalDatabaseSnapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabasesnapshot": "RelationalDatabaseSnapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateRelationalDatabaseFromSnapshot.html" + }, + "CreateRelationalDatabaseSnapshot": { + "privilege": "CreateRelationalDatabaseSnapshot", + "description": "Grants permission to create a relational database snapshot", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_CreateRelationalDatabaseSnapshot.html" + }, + "DeleteAlarm": { + "privilege": "DeleteAlarm", + "description": "Grants permission to delete an alarm", + "access_level": "Write", + "resource_types": { + "Alarm": { + "resource_type": "Alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "Alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteAlarm.html" + }, + "DeleteAutoSnapshot": { + "privilege": "DeleteAutoSnapshot", + "description": "Grants permission to delete an automatic snapshot of an instance or disk", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteAutoSnapshot.html" + }, + "DeleteBucket": { + "privilege": "DeleteBucket", + "description": "Grants permission to delete an Amazon Lightsail bucket", + "access_level": "Write", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteBucket.html" + }, + "DeleteBucketAccessKey": { + "privilege": "DeleteBucketAccessKey", + "description": "Grants permission to delete an access key for the specified Amazon Lightsail bucket", + "access_level": "Write", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteBucketAccessKey.html" + }, + "DeleteCertificate": { + "privilege": "DeleteCertificate", + "description": "Grants permission to delete an SSL/TLS certificate", + "access_level": "Write", + "resource_types": { + "Certificate": { + "resource_type": "Certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "Certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteCertificate.html" + }, + "DeleteContactMethod": { + "privilege": "DeleteContactMethod", + "description": "Grants permission to delete a contact method", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteContactMethod.html" + }, + "DeleteContainerImage": { + "privilege": "DeleteContainerImage", + "description": "Grants permission to delete a container image that is registered to your Amazon Lightsail container service", + "access_level": "Write", + "resource_types": { + "ContainerService": { + "resource_type": "ContainerService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerservice": "ContainerService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteContainerImage.html" + }, + "DeleteContainerService": { + "privilege": "DeleteContainerService", + "description": "Grants permission to delete your Amazon Lightsail container service", + "access_level": "Write", + "resource_types": { + "ContainerService": { + "resource_type": "ContainerService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerservice": "ContainerService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteContainerService.html" + }, + "DeleteDisk": { + "privilege": "DeleteDisk", + "description": "Grants permission to delete a disk", + "access_level": "Write", + "resource_types": { + "Disk": { + "resource_type": "Disk", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disk": "Disk" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDisk.html" + }, + "DeleteDiskSnapshot": { + "privilege": "DeleteDiskSnapshot", + "description": "Grants permission to delete a disk snapshot", + "access_level": "Write", + "resource_types": { + "DiskSnapshot": { + "resource_type": "DiskSnapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disksnapshot": "DiskSnapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDiskSnapshot.html" + }, + "DeleteDistribution": { + "privilege": "DeleteDistribution", + "description": "Grants permission to delete your Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Write", + "resource_types": { + "Distribution": { + "resource_type": "Distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "Distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDistribution.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete a domain resource and all of its DNS records", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDomain.html" + }, + "DeleteDomainEntry": { + "privilege": "DeleteDomainEntry", + "description": "Grants permission to delete a DNS record entry for a domain resource", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteDomainEntry.html" + }, + "DeleteInstance": { + "privilege": "DeleteInstance", + "description": "Grants permission to delete an instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteInstance.html" + }, + "DeleteInstanceSnapshot": { + "privilege": "DeleteInstanceSnapshot", + "description": "Grants permission to delete an instance snapshot", + "access_level": "Write", + "resource_types": { + "InstanceSnapshot": { + "resource_type": "InstanceSnapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instancesnapshot": "InstanceSnapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteInstanceSnapshot.html" + }, + "DeleteKeyPair": { + "privilege": "DeleteKeyPair", + "description": "Grants permission to delete a key pair used to authenticate and connect to an instance", + "access_level": "Write", + "resource_types": { + "KeyPair": { + "resource_type": "KeyPair", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "keypair": "KeyPair" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteKeyPair.html" + }, + "DeleteKnownHostKeys": { + "privilege": "DeleteKnownHostKeys", + "description": "Grants permission to delete the known host key or certificate used by the Amazon Lightsail browser-based SSH or RDP clients to authenticate an instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteKnownHostKeys.html" + }, + "DeleteLoadBalancer": { + "privilege": "DeleteLoadBalancer", + "description": "Grants permission to delete a load balancer", + "access_level": "Write", + "resource_types": { + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteLoadBalancer.html" + }, + "DeleteLoadBalancerTlsCertificate": { + "privilege": "DeleteLoadBalancerTlsCertificate", + "description": "Grants permission to delete a load balancer TLS certificate", + "access_level": "Write", + "resource_types": { + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteLoadBalancerTlsCertificate.html" + }, + "DeleteRelationalDatabase": { + "privilege": "DeleteRelationalDatabase", + "description": "Grants permission to delete a relational database", + "access_level": "Write", + "resource_types": { + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabase": "RelationalDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteRelationalDatabase.html" + }, + "DeleteRelationalDatabaseSnapshot": { + "privilege": "DeleteRelationalDatabaseSnapshot", + "description": "Grants permission to delete a relational database snapshot", + "access_level": "Write", + "resource_types": { + "RelationalDatabaseSnapshot": { + "resource_type": "RelationalDatabaseSnapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabasesnapshot": "RelationalDatabaseSnapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DeleteRelationalDatabaseSnapshot.html" + }, + "DetachCertificateFromDistribution": { + "privilege": "DetachCertificateFromDistribution", + "description": "Grants permission to detach an SSL/TLS certificate from your Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Write", + "resource_types": { + "Distribution": { + "resource_type": "Distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "Distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachCertificateFromDistribution.html" + }, + "DetachDisk": { + "privilege": "DetachDisk", + "description": "Grants permission to detach a disk from an instance", + "access_level": "Write", + "resource_types": { + "Disk": { + "resource_type": "Disk", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disk": "Disk" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachDisk.html" + }, + "DetachInstancesFromLoadBalancer": { + "privilege": "DetachInstancesFromLoadBalancer", + "description": "Grants permission to detach one or more instances from a load balancer", + "access_level": "Write", + "resource_types": { + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachInstancesFromLoadBalancer.html" + }, + "DetachStaticIp": { + "privilege": "DetachStaticIp", + "description": "Grants permission to detach a static IP from an instance to which it is attached", + "access_level": "Write", + "resource_types": { + "StaticIp": { + "resource_type": "StaticIp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "staticip": "StaticIp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachStaticIp.html" + }, + "DisableAddOn": { + "privilege": "DisableAddOn", + "description": "Grants permission to disable an add-on for an Amazon Lightsail resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DisableAddOn.html" + }, + "DownloadDefaultKeyPair": { + "privilege": "DownloadDefaultKeyPair", + "description": "Grants permission to download the default key pair used to authenticate and connect to instances in a specific AWS Region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DownloadDefaultKeyPair.html" + }, + "EnableAddOn": { + "privilege": "EnableAddOn", + "description": "Grants permission to enable or modify an add-on for an Amazon Lightsail resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_EnableAddOn.html" + }, + "ExportSnapshot": { + "privilege": "ExportSnapshot", + "description": "Grants permission to export an Amazon Lightsail snapshot to Amazon EC2", + "access_level": "Write", + "resource_types": { + "DiskSnapshot": { + "resource_type": "DiskSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy" + ] + }, + "InstanceSnapshot": { + "resource_type": "InstanceSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disksnapshot": "DiskSnapshot", + "instancesnapshot": "InstanceSnapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ExportSnapshot.html" + }, + "GetActiveNames": { + "privilege": "GetActiveNames", + "description": "Grants permission to get the names of all active (not deleted) resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetActiveNames.html" + }, + "GetAlarms": { + "privilege": "GetAlarms", + "description": "Grants permission to view information about the configured alarms", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetAlarms.html" + }, + "GetAutoSnapshots": { + "privilege": "GetAutoSnapshots", + "description": "Grants permission to view the available automatic snapshots for an instance or disk", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetAutoSnapshots.html" + }, + "GetBlueprints": { + "privilege": "GetBlueprints", + "description": "Grants permission to get a list of instance images, or blueprints. You can use a blueprint to create a new instance already running a specific operating system, as well as a pre-installed application or development stack. The software that runs on your instance depends on the blueprint you define when creating the instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBlueprints.html" + }, + "GetBucketAccessKeys": { + "privilege": "GetBucketAccessKeys", + "description": "Grants permission to get the existing access key IDs for the specified Amazon Lightsail bucket", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBucketAccessKeys.html" + }, + "GetBucketBundles": { + "privilege": "GetBucketBundles", + "description": "Grants permission to get the bundles that can be applied to an Amazon Lightsail bucket", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBucketBundles.html" + }, + "GetBucketMetricData": { + "privilege": "GetBucketMetricData", + "description": "Grants permission to get the data points of a specific metric for an Amazon Lightsail bucket", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBucketMetricData.html" + }, + "GetBuckets": { + "privilege": "GetBuckets", + "description": "Grants permission to get information about one or more Amazon Lightsail buckets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBuckets.html" + }, + "GetBundles": { + "privilege": "GetBundles", + "description": "Grants permission to get a list of instance bundles. You can use a bundle to create a new instance with a set of performance specifications, such as CPU count, disk size, RAM size, and network transfer allowance. The cost of your instance depends on the bundle you define when creating the instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetBundles.html" + }, + "GetCertificates": { + "privilege": "GetCertificates", + "description": "Grants permission to view information about one or more Amazon Lightsail SSL/TLS certificates", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetCertificates.html" + }, + "GetCloudFormationStackRecords": { + "privilege": "GetCloudFormationStackRecords", + "description": "Grants permission to get information about all CloudFormation stacks used to create Amazon EC2 resources from exported Amazon Lightsail snapshots", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetCloudFormationStackRecords.html" + }, + "GetContactMethods": { + "privilege": "GetContactMethods", + "description": "Grants permission to view information about the configured contact methods", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContactMethods.html" + }, + "GetContainerAPIMetadata": { + "privilege": "GetContainerAPIMetadata", + "description": "Grants permission to view information about Amazon Lightsail containers, such as the current version of the Lightsail Control (lightsailctl) plugin", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerAPIMetadata.html" + }, + "GetContainerImages": { + "privilege": "GetContainerImages", + "description": "Grants permission to view the container images that are registered to your Amazon Lightsail container service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerImages.html" + }, + "GetContainerLog": { + "privilege": "GetContainerLog", + "description": "Grants permission to view the log events of a container of your Amazon Lightsail container service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerLog.html" + }, + "GetContainerServiceDeployments": { + "privilege": "GetContainerServiceDeployments", + "description": "Grants permission to view the deployments for your Amazon Lightsail container service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServiceDeployments.html" + }, + "GetContainerServiceMetricData": { + "privilege": "GetContainerServiceMetricData", + "description": "Grants permission to view the data points of a specific metric of your Amazon Lightsail container service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServiceMetricData.html" + }, + "GetContainerServicePowers": { + "privilege": "GetContainerServicePowers", + "description": "Grants permission to view the list of powers that can be specified for your Amazon Lightsail container services", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServicePowers.html" + }, + "GetContainerServices": { + "privilege": "GetContainerServices", + "description": "Grants permission to view information about one or more of your Amazon Lightsail container services", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetContainerServices.html" + }, + "GetCostEstimate": { + "privilege": "GetCostEstimate", + "description": "Grants permission to get the information about the cost estimate for a specified resource", + "access_level": "Read", + "resource_types": { + "Disk": { + "resource_type": "Disk", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "disk": "Disk", + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetCostEstimate.html" + }, + "GetDisk": { + "privilege": "GetDisk", + "description": "Grants permission to get information about a disk", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDisk.html" + }, + "GetDiskSnapshot": { + "privilege": "GetDiskSnapshot", + "description": "Grants permission to get information about a disk snapshot", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDiskSnapshot.html" + }, + "GetDiskSnapshots": { + "privilege": "GetDiskSnapshots", + "description": "Grants permission to get information about all disk snapshots", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDiskSnapshots.html" + }, + "GetDisks": { + "privilege": "GetDisks", + "description": "Grants permission to get information about all disks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDisks.html" + }, + "GetDistributionBundles": { + "privilege": "GetDistributionBundles", + "description": "Grants permission to view the list of bundles that can be applied to you Amazon Lightsail content delivery network (CDN) distributions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributionBundles.html" + }, + "GetDistributionLatestCacheReset": { + "privilege": "GetDistributionLatestCacheReset", + "description": "Grants permission to view the timestamp and status of the last cache reset of a specific Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributionLatestCacheReset.html" + }, + "GetDistributionMetricData": { + "privilege": "GetDistributionMetricData", + "description": "Grants permission to view the data points of a specific metric for an Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributionMetricData.html" + }, + "GetDistributions": { + "privilege": "GetDistributions", + "description": "Grants permission to view information about one or more of your Amazon Lightsail content delivery network (CDN) distributions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDistributions.html" + }, + "GetDomain": { + "privilege": "GetDomain", + "description": "Grants permission to get DNS records for a domain resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDomain.html" + }, + "GetDomains": { + "privilege": "GetDomains", + "description": "Grants permission to get DNS records for all domain resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetDomains.html" + }, + "GetExportSnapshotRecords": { + "privilege": "GetExportSnapshotRecords", + "description": "Grants permission to get information about all records of exported Amazon Lightsail snapshots to Amazon EC2", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetExportSnapshotRecords.html" + }, + "GetInstance": { + "privilege": "GetInstance", + "description": "Grants permission to get information about an instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstance.html" + }, + "GetInstanceAccessDetails": { + "privilege": "GetInstanceAccessDetails", + "description": "Grants permission to get temporary keys you can use to authenticate and connect to an instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceAccessDetails.html" + }, + "GetInstanceMetricData": { + "privilege": "GetInstanceMetricData", + "description": "Grants permission to get the data points for the specified metric of an instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceMetricData.html" + }, + "GetInstancePortStates": { + "privilege": "GetInstancePortStates", + "description": "Grants permission to get the port states of an instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstancePortStates.html" + }, + "GetInstanceSnapshot": { + "privilege": "GetInstanceSnapshot", + "description": "Grants permission to get information about an instance snapshot", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceSnapshot.html" + }, + "GetInstanceSnapshots": { + "privilege": "GetInstanceSnapshots", + "description": "Grants permission to get information about all instance snapshots", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceSnapshots.html" + }, + "GetInstanceState": { + "privilege": "GetInstanceState", + "description": "Grants permission to get the state of an instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstanceState.html" + }, + "GetInstances": { + "privilege": "GetInstances", + "description": "Grants permission to get information about all instances", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetInstances.html" + }, + "GetKeyPair": { + "privilege": "GetKeyPair", + "description": "Grants permission to get information about a key pair", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetKeyPair.html" + }, + "GetKeyPairs": { + "privilege": "GetKeyPairs", + "description": "Grants permission to get information about all key pairs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetKeyPairs.html" + }, + "GetLoadBalancer": { + "privilege": "GetLoadBalancer", + "description": "Grants permission to get information about a load balancer", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancer.html" + }, + "GetLoadBalancerMetricData": { + "privilege": "GetLoadBalancerMetricData", + "description": "Grants permission to get the data points for the specified metric of a load balancer", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancerMetricData.html" + }, + "GetLoadBalancerTlsCertificates": { + "privilege": "GetLoadBalancerTlsCertificates", + "description": "Grants permission to get information about a load balancer's TLS certificates", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancerTlsCertificates.html" + }, + "GetLoadBalancerTlsPolicies": { + "privilege": "GetLoadBalancerTlsPolicies", + "description": "Grants permission to get a list of TLS security policies that you can apply to Lightsail load balancers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancerTlsPolicies.html" + }, + "GetLoadBalancers": { + "privilege": "GetLoadBalancers", + "description": "Grants permission to get information about load balancers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetLoadBalancers.html" + }, + "GetOperation": { + "privilege": "GetOperation", + "description": "Grants permission to get information about an operation. Operations include events such as when you create an instance, allocate a static IP, attach a static IP, and so on", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetOperation.html" + }, + "GetOperations": { + "privilege": "GetOperations", + "description": "Grants permission to get information about all operations. Operations include events such as when you create an instance, allocate a static IP, attach a static IP, and so on", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetOperations.html" + }, + "GetOperationsForResource": { + "privilege": "GetOperationsForResource", + "description": "Grants permission to get operations for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetOperationsForResource.html" + }, + "GetRegions": { + "privilege": "GetRegions", + "description": "Grants permission to get a list of all valid AWS Regions for Amazon Lightsail", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRegions.html" + }, + "GetRelationalDatabase": { + "privilege": "GetRelationalDatabase", + "description": "Grants permission to get information about a relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabase.html" + }, + "GetRelationalDatabaseBlueprints": { + "privilege": "GetRelationalDatabaseBlueprints", + "description": "Grants permission to get a list of relational database images, or blueprints. You can use a blueprint to create a new database running a specific database engine. The database engine that runs on your database depends on the blueprint you define when creating the relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseBlueprints.html" + }, + "GetRelationalDatabaseBundles": { + "privilege": "GetRelationalDatabaseBundles", + "description": "Grants permission to get a list of relational database bundles. You can use a bundle to create a new database with a set of performance specifications, such as CPU count, disk size, RAM size, network transfer allowance, and standard of high availability. The cost of your database depends on the bundle you define when creating the relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseBundles.html" + }, + "GetRelationalDatabaseEvents": { + "privilege": "GetRelationalDatabaseEvents", + "description": "Grants permission to get events for a relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseEvents.html" + }, + "GetRelationalDatabaseLogEvents": { + "privilege": "GetRelationalDatabaseLogEvents", + "description": "Grants permission to get events for the specified log stream of a relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseLogEvents.html" + }, + "GetRelationalDatabaseLogStreams": { + "privilege": "GetRelationalDatabaseLogStreams", + "description": "Grants permission to get the log streams available for a relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseLogStreams.html" + }, + "GetRelationalDatabaseMasterUserPassword": { + "privilege": "GetRelationalDatabaseMasterUserPassword", + "description": "Grants permission to get the master user password of a relational database", + "access_level": "Permissions management", + "resource_types": { + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabase": "RelationalDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseMasterUserPassword.html" + }, + "GetRelationalDatabaseMetricData": { + "privilege": "GetRelationalDatabaseMetricData", + "description": "Grants permission to get the data points for the specified metric of a relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseMetricData.html" + }, + "GetRelationalDatabaseParameters": { + "privilege": "GetRelationalDatabaseParameters", + "description": "Grants permission to get the parameters of a relational database", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseParameters.html" + }, + "GetRelationalDatabaseSnapshot": { + "privilege": "GetRelationalDatabaseSnapshot", + "description": "Grants permission to get information about a relational database snapshot", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseSnapshot.html" + }, + "GetRelationalDatabaseSnapshots": { + "privilege": "GetRelationalDatabaseSnapshots", + "description": "Grants permission to get information about all relational database snapshots", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabaseSnapshots.html" + }, + "GetRelationalDatabases": { + "privilege": "GetRelationalDatabases", + "description": "Grants permission to get information about all relational databases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetRelationalDatabases.html" + }, + "GetStaticIp": { + "privilege": "GetStaticIp", + "description": "Grants permission to get information about a static IP", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetStaticIp.html" + }, + "GetStaticIps": { + "privilege": "GetStaticIps", + "description": "Grants permission to get information about all static IPs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_GetStaticIps.html" + }, + "ImportKeyPair": { + "privilege": "ImportKeyPair", + "description": "Grants permission to import a public key from a key pair", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ImportKeyPair.html" + }, + "IsVpcPeered": { + "privilege": "IsVpcPeered", + "description": "Grants permission to get a boolean value indicating whether the Amazon Lightsail virtual private cloud (VPC) is peered", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_IsVpcPeered.html" + }, + "OpenInstancePublicPorts": { + "privilege": "OpenInstancePublicPorts", + "description": "Grants permission to add, or open a public port of an instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_OpenInstancePublicPorts.html" + }, + "PeerVpc": { + "privilege": "PeerVpc", + "description": "Grants permission to try to peer the Amazon Lightsail virtual private cloud (VPC) with the default VPC", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PeerVpc.html" + }, + "PutAlarm": { + "privilege": "PutAlarm", + "description": "Grants permission to creates or update an alarm, and associate it with the specified metric", + "access_level": "Write", + "resource_types": { + "Alarm": { + "resource_type": "Alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "Alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PutAlarm.html" + }, + "PutInstancePublicPorts": { + "privilege": "PutInstancePublicPorts", + "description": "Grants permission to set the specified open ports for an instance, and closes all ports for every protocol not included in the request", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PutInstancePublicPorts.html" + }, + "RebootInstance": { + "privilege": "RebootInstance", + "description": "Grants permission to reboot an instance that is in a running state", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_RebootInstance.html" + }, + "RebootRelationalDatabase": { + "privilege": "RebootRelationalDatabase", + "description": "Grants permission to reboot a relational database that is in a running state", + "access_level": "Write", + "resource_types": { + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabase": "RelationalDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_RebootRelationalDatabase.html" + }, + "RegisterContainerImage": { + "privilege": "RegisterContainerImage", + "description": "Grants permission to register a container image to your Amazon Lightsail container service", + "access_level": "Write", + "resource_types": { + "ContainerService": { + "resource_type": "ContainerService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerservice": "ContainerService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_RegisterContainerImage.html" + }, + "ReleaseStaticIp": { + "privilege": "ReleaseStaticIp", + "description": "Grants permission to delete a static IP", + "access_level": "Write", + "resource_types": { + "StaticIp": { + "resource_type": "StaticIp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "staticip": "StaticIp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ReleaseStaticIp.html" + }, + "ResetDistributionCache": { + "privilege": "ResetDistributionCache", + "description": "Grants permission to delete currently cached content from your Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Write", + "resource_types": { + "Distribution": { + "resource_type": "Distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "Distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_ResetDistributionCache.html" + }, + "SendContactMethodVerification": { + "privilege": "SendContactMethodVerification", + "description": "Grants permission to send a verification request to an email contact method to ensure it's owned by the requester", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_SendContactMethodVerification.html" + }, + "SetIpAddressType": { + "privilege": "SetIpAddressType", + "description": "Grants permission to set the IP address type for a Amazon Lightsail resource", + "access_level": "Write", + "resource_types": { + "Distribution": { + "resource_type": "Distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "Distribution", + "instance": "Instance", + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_SetIpAddressType.html" + }, + "SetResourceAccessForBucket": { + "privilege": "SetResourceAccessForBucket", + "description": "Grants permission to set the Amazon Lightsail resources that can access the specified Amazon Lightsail bucket", + "access_level": "Write", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket", + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_SetResourceAccessForBucket.html" + }, + "StartGUISession": { + "privilege": "StartGUISession", + "description": "Grants permission to initiate a graphical user interface (GUI) session used to access an instance's operating system or application", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StartGUISession.html" + }, + "StartInstance": { + "privilege": "StartInstance", + "description": "Grants permission to start an instance that is in a stopped state", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StartInstance.html" + }, + "StartRelationalDatabase": { + "privilege": "StartRelationalDatabase", + "description": "Grants permission to start a relational database that is in a stopped state", + "access_level": "Write", + "resource_types": { + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabase": "RelationalDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StartRelationalDatabase.html" + }, + "StopGUISession": { + "privilege": "StopGUISession", + "description": "Grants permission to terminate a graphical user interface (GUI) session used to access an instance's operating system or application", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StopGUISession.html" + }, + "StopInstance": { + "privilege": "StopInstance", + "description": "Grants permission to stop an instance that is in a running state", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StopInstance.html" + }, + "StopRelationalDatabase": { + "privilege": "StopRelationalDatabase", + "description": "Grants permission to stop a relational database that is in a running state", + "access_level": "Write", + "resource_types": { + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabase": "RelationalDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_StopRelationalDatabase.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Certificate": { + "resource_type": "Certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ContainerService": { + "resource_type": "ContainerService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Disk": { + "resource_type": "Disk", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DiskSnapshot": { + "resource_type": "DiskSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Distribution": { + "resource_type": "Distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "InstanceSnapshot": { + "resource_type": "InstanceSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "KeyPair": { + "resource_type": "KeyPair", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RelationalDatabaseSnapshot": { + "resource_type": "RelationalDatabaseSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StaticIp": { + "resource_type": "StaticIp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket", + "certificate": "Certificate", + "containerservice": "ContainerService", + "disk": "Disk", + "disksnapshot": "DiskSnapshot", + "distribution": "Distribution", + "domain": "Domain", + "instance": "Instance", + "instancesnapshot": "InstanceSnapshot", + "keypair": "KeyPair", + "loadbalancer": "LoadBalancer", + "relationaldatabase": "RelationalDatabase", + "relationaldatabasesnapshot": "RelationalDatabaseSnapshot", + "staticip": "StaticIp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_TagResource.html" + }, + "TestAlarm": { + "privilege": "TestAlarm", + "description": "Grants permission to test an alarm by displaying a banner on the Amazon Lightsail console or if a notification trigger is configured for the specified alarm, by sending a notification to the notification protocol", + "access_level": "Write", + "resource_types": { + "Alarm": { + "resource_type": "Alarm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarm": "Alarm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_TestAlarm.html" + }, + "UnpeerVpc": { + "privilege": "UnpeerVpc", + "description": "Grants permission to try to unpeer the Amazon Lightsail virtual private cloud (VPC) from the default VPC", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UnpeerVpc.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Certificate": { + "resource_type": "Certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ContainerService": { + "resource_type": "ContainerService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Disk": { + "resource_type": "Disk", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DiskSnapshot": { + "resource_type": "DiskSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Distribution": { + "resource_type": "Distribution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Domain": { + "resource_type": "Domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "InstanceSnapshot": { + "resource_type": "InstanceSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "KeyPair": { + "resource_type": "KeyPair", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RelationalDatabaseSnapshot": { + "resource_type": "RelationalDatabaseSnapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StaticIp": { + "resource_type": "StaticIp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket", + "certificate": "Certificate", + "containerservice": "ContainerService", + "disk": "Disk", + "disksnapshot": "DiskSnapshot", + "distribution": "Distribution", + "domain": "Domain", + "instance": "Instance", + "instancesnapshot": "InstanceSnapshot", + "keypair": "KeyPair", + "loadbalancer": "LoadBalancer", + "relationaldatabase": "RelationalDatabase", + "relationaldatabasesnapshot": "RelationalDatabaseSnapshot", + "staticip": "StaticIp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UntagResource.html" + }, + "UpdateBucket": { + "privilege": "UpdateBucket", + "description": "Grants permission to update an existing Amazon Lightsail bucket", + "access_level": "Write", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateBucket.html" + }, + "UpdateBucketBundle": { + "privilege": "UpdateBucketBundle", + "description": "Grants permission to update the bundle, or storage plan, of an existing Amazon Lightsail bucket", + "access_level": "Write", + "resource_types": { + "Bucket": { + "resource_type": "Bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "Bucket" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateBucketBundle.html" + }, + "UpdateContainerService": { + "privilege": "UpdateContainerService", + "description": "Grants permission to update the configuration of your Amazon Lightsail container service, such as its power, scale, and public domain names", + "access_level": "Write", + "resource_types": { + "ContainerService": { + "resource_type": "ContainerService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "containerservice": "ContainerService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateContainerService.html" + }, + "UpdateDistribution": { + "privilege": "UpdateDistribution", + "description": "Grants permission to update an existing Amazon Lightsail content delivery network (CDN) distribution or its configuration", + "access_level": "Write", + "resource_types": { + "Distribution": { + "resource_type": "Distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "Distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateDistribution.html" + }, + "UpdateDistributionBundle": { + "privilege": "UpdateDistributionBundle", + "description": "Grants permission to update the bundle of your Amazon Lightsail content delivery network (CDN) distribution", + "access_level": "Write", + "resource_types": { + "Distribution": { + "resource_type": "Distribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "distribution": "Distribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateDistributionBundle.html" + }, + "UpdateDomainEntry": { + "privilege": "UpdateDomainEntry", + "description": "Grants permission to update a domain recordset after it is created", + "access_level": "Write", + "resource_types": { + "Domain": { + "resource_type": "Domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "Domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateDomainEntry.html" + }, + "UpdateInstanceMetadataOptions": { + "privilege": "UpdateInstanceMetadataOptions", + "description": "Grants permission to update metadata options for an instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateInstanceMetadataOptions.html" + }, + "UpdateLoadBalancerAttribute": { + "privilege": "UpdateLoadBalancerAttribute", + "description": "Grants permission to update a load balancer attribute, such as the health check path and session stickiness", + "access_level": "Write", + "resource_types": { + "LoadBalancer": { + "resource_type": "LoadBalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "LoadBalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_DetachInstancesFromLoadBalancer.html" + }, + "UpdateRelationalDatabase": { + "privilege": "UpdateRelationalDatabase", + "description": "Grants permission to update a relational database", + "access_level": "Write", + "resource_types": { + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabase": "RelationalDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateRelationalDatabase.html" + }, + "UpdateRelationalDatabaseParameters": { + "privilege": "UpdateRelationalDatabaseParameters", + "description": "Grants permission to update the parameters of a relational database", + "access_level": "Write", + "resource_types": { + "RelationalDatabase": { + "resource_type": "RelationalDatabase", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "relationaldatabase": "RelationalDatabase" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_UpdateRelationalDatabaseParameters.html" + } + }, + "privileges_lower_name": { + "allocatestaticip": "AllocateStaticIp", + "attachcertificatetodistribution": "AttachCertificateToDistribution", + "attachdisk": "AttachDisk", + "attachinstancestoloadbalancer": "AttachInstancesToLoadBalancer", + "attachloadbalancertlscertificate": "AttachLoadBalancerTlsCertificate", + "attachstaticip": "AttachStaticIp", + "closeinstancepublicports": "CloseInstancePublicPorts", + "copysnapshot": "CopySnapshot", + "createbucket": "CreateBucket", + "createbucketaccesskey": "CreateBucketAccessKey", + "createcertificate": "CreateCertificate", + "createcloudformationstack": "CreateCloudFormationStack", + "createcontactmethod": "CreateContactMethod", + "createcontainerservice": "CreateContainerService", + "createcontainerservicedeployment": "CreateContainerServiceDeployment", + "createcontainerserviceregistrylogin": "CreateContainerServiceRegistryLogin", + "createdisk": "CreateDisk", + "creatediskfromsnapshot": "CreateDiskFromSnapshot", + "createdisksnapshot": "CreateDiskSnapshot", + "createdistribution": "CreateDistribution", + "createdomain": "CreateDomain", + "createdomainentry": "CreateDomainEntry", + "createguisessionaccessdetails": "CreateGUISessionAccessDetails", + "createinstancesnapshot": "CreateInstanceSnapshot", + "createinstances": "CreateInstances", + "createinstancesfromsnapshot": "CreateInstancesFromSnapshot", + "createkeypair": "CreateKeyPair", + "createloadbalancer": "CreateLoadBalancer", + "createloadbalancertlscertificate": "CreateLoadBalancerTlsCertificate", + "createrelationaldatabase": "CreateRelationalDatabase", + "createrelationaldatabasefromsnapshot": "CreateRelationalDatabaseFromSnapshot", + "createrelationaldatabasesnapshot": "CreateRelationalDatabaseSnapshot", + "deletealarm": "DeleteAlarm", + "deleteautosnapshot": "DeleteAutoSnapshot", + "deletebucket": "DeleteBucket", + "deletebucketaccesskey": "DeleteBucketAccessKey", + "deletecertificate": "DeleteCertificate", + "deletecontactmethod": "DeleteContactMethod", + "deletecontainerimage": "DeleteContainerImage", + "deletecontainerservice": "DeleteContainerService", + "deletedisk": "DeleteDisk", + "deletedisksnapshot": "DeleteDiskSnapshot", + "deletedistribution": "DeleteDistribution", + "deletedomain": "DeleteDomain", + "deletedomainentry": "DeleteDomainEntry", + "deleteinstance": "DeleteInstance", + "deleteinstancesnapshot": "DeleteInstanceSnapshot", + "deletekeypair": "DeleteKeyPair", + "deleteknownhostkeys": "DeleteKnownHostKeys", + "deleteloadbalancer": "DeleteLoadBalancer", + "deleteloadbalancertlscertificate": "DeleteLoadBalancerTlsCertificate", + "deleterelationaldatabase": "DeleteRelationalDatabase", + "deleterelationaldatabasesnapshot": "DeleteRelationalDatabaseSnapshot", + "detachcertificatefromdistribution": "DetachCertificateFromDistribution", + "detachdisk": "DetachDisk", + "detachinstancesfromloadbalancer": "DetachInstancesFromLoadBalancer", + "detachstaticip": "DetachStaticIp", + "disableaddon": "DisableAddOn", + "downloaddefaultkeypair": "DownloadDefaultKeyPair", + "enableaddon": "EnableAddOn", + "exportsnapshot": "ExportSnapshot", + "getactivenames": "GetActiveNames", + "getalarms": "GetAlarms", + "getautosnapshots": "GetAutoSnapshots", + "getblueprints": "GetBlueprints", + "getbucketaccesskeys": "GetBucketAccessKeys", + "getbucketbundles": "GetBucketBundles", + "getbucketmetricdata": "GetBucketMetricData", + "getbuckets": "GetBuckets", + "getbundles": "GetBundles", + "getcertificates": "GetCertificates", + "getcloudformationstackrecords": "GetCloudFormationStackRecords", + "getcontactmethods": "GetContactMethods", + "getcontainerapimetadata": "GetContainerAPIMetadata", + "getcontainerimages": "GetContainerImages", + "getcontainerlog": "GetContainerLog", + "getcontainerservicedeployments": "GetContainerServiceDeployments", + "getcontainerservicemetricdata": "GetContainerServiceMetricData", + "getcontainerservicepowers": "GetContainerServicePowers", + "getcontainerservices": "GetContainerServices", + "getcostestimate": "GetCostEstimate", + "getdisk": "GetDisk", + "getdisksnapshot": "GetDiskSnapshot", + "getdisksnapshots": "GetDiskSnapshots", + "getdisks": "GetDisks", + "getdistributionbundles": "GetDistributionBundles", + "getdistributionlatestcachereset": "GetDistributionLatestCacheReset", + "getdistributionmetricdata": "GetDistributionMetricData", + "getdistributions": "GetDistributions", + "getdomain": "GetDomain", + "getdomains": "GetDomains", + "getexportsnapshotrecords": "GetExportSnapshotRecords", + "getinstance": "GetInstance", + "getinstanceaccessdetails": "GetInstanceAccessDetails", + "getinstancemetricdata": "GetInstanceMetricData", + "getinstanceportstates": "GetInstancePortStates", + "getinstancesnapshot": "GetInstanceSnapshot", + "getinstancesnapshots": "GetInstanceSnapshots", + "getinstancestate": "GetInstanceState", + "getinstances": "GetInstances", + "getkeypair": "GetKeyPair", + "getkeypairs": "GetKeyPairs", + "getloadbalancer": "GetLoadBalancer", + "getloadbalancermetricdata": "GetLoadBalancerMetricData", + "getloadbalancertlscertificates": "GetLoadBalancerTlsCertificates", + "getloadbalancertlspolicies": "GetLoadBalancerTlsPolicies", + "getloadbalancers": "GetLoadBalancers", + "getoperation": "GetOperation", + "getoperations": "GetOperations", + "getoperationsforresource": "GetOperationsForResource", + "getregions": "GetRegions", + "getrelationaldatabase": "GetRelationalDatabase", + "getrelationaldatabaseblueprints": "GetRelationalDatabaseBlueprints", + "getrelationaldatabasebundles": "GetRelationalDatabaseBundles", + "getrelationaldatabaseevents": "GetRelationalDatabaseEvents", + "getrelationaldatabaselogevents": "GetRelationalDatabaseLogEvents", + "getrelationaldatabaselogstreams": "GetRelationalDatabaseLogStreams", + "getrelationaldatabasemasteruserpassword": "GetRelationalDatabaseMasterUserPassword", + "getrelationaldatabasemetricdata": "GetRelationalDatabaseMetricData", + "getrelationaldatabaseparameters": "GetRelationalDatabaseParameters", + "getrelationaldatabasesnapshot": "GetRelationalDatabaseSnapshot", + "getrelationaldatabasesnapshots": "GetRelationalDatabaseSnapshots", + "getrelationaldatabases": "GetRelationalDatabases", + "getstaticip": "GetStaticIp", + "getstaticips": "GetStaticIps", + "importkeypair": "ImportKeyPair", + "isvpcpeered": "IsVpcPeered", + "openinstancepublicports": "OpenInstancePublicPorts", + "peervpc": "PeerVpc", + "putalarm": "PutAlarm", + "putinstancepublicports": "PutInstancePublicPorts", + "rebootinstance": "RebootInstance", + "rebootrelationaldatabase": "RebootRelationalDatabase", + "registercontainerimage": "RegisterContainerImage", + "releasestaticip": "ReleaseStaticIp", + "resetdistributioncache": "ResetDistributionCache", + "sendcontactmethodverification": "SendContactMethodVerification", + "setipaddresstype": "SetIpAddressType", + "setresourceaccessforbucket": "SetResourceAccessForBucket", + "startguisession": "StartGUISession", + "startinstance": "StartInstance", + "startrelationaldatabase": "StartRelationalDatabase", + "stopguisession": "StopGUISession", + "stopinstance": "StopInstance", + "stoprelationaldatabase": "StopRelationalDatabase", + "tagresource": "TagResource", + "testalarm": "TestAlarm", + "unpeervpc": "UnpeerVpc", + "untagresource": "UntagResource", + "updatebucket": "UpdateBucket", + "updatebucketbundle": "UpdateBucketBundle", + "updatecontainerservice": "UpdateContainerService", + "updatedistribution": "UpdateDistribution", + "updatedistributionbundle": "UpdateDistributionBundle", + "updatedomainentry": "UpdateDomainEntry", + "updateinstancemetadataoptions": "UpdateInstanceMetadataOptions", + "updateloadbalancerattribute": "UpdateLoadBalancerAttribute", + "updaterelationaldatabase": "UpdateRelationalDatabase", + "updaterelationaldatabaseparameters": "UpdateRelationalDatabaseParameters" + }, + "resources": { + "Domain": { + "resource": "Domain", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Domain/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Instance": { + "resource": "Instance", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Instance/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "InstanceSnapshot": { + "resource": "InstanceSnapshot", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:InstanceSnapshot/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "KeyPair": { + "resource": "KeyPair", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:KeyPair/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "StaticIp": { + "resource": "StaticIp", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:StaticIp/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Disk": { + "resource": "Disk", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Disk/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "DiskSnapshot": { + "resource": "DiskSnapshot", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:DiskSnapshot/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "LoadBalancer": { + "resource": "LoadBalancer", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:LoadBalancer/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "LoadBalancerTlsCertificate": { + "resource": "LoadBalancerTlsCertificate", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:LoadBalancerTlsCertificate/${Id}", + "condition_keys": [] + }, + "ExportSnapshotRecord": { + "resource": "ExportSnapshotRecord", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:ExportSnapshotRecord/${Id}", + "condition_keys": [] + }, + "CloudFormationStackRecord": { + "resource": "CloudFormationStackRecord", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:CloudFormationStackRecord/${Id}", + "condition_keys": [] + }, + "RelationalDatabase": { + "resource": "RelationalDatabase", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:RelationalDatabase/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "RelationalDatabaseSnapshot": { + "resource": "RelationalDatabaseSnapshot", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:RelationalDatabaseSnapshot/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Alarm": { + "resource": "Alarm", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Alarm/${Id}", + "condition_keys": [] + }, + "Certificate": { + "resource": "Certificate", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Certificate/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ContactMethod": { + "resource": "ContactMethod", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:ContactMethod/${Id}", + "condition_keys": [] + }, + "ContainerService": { + "resource": "ContainerService", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:ContainerService/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Distribution": { + "resource": "Distribution", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Distribution/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Bucket": { + "resource": "Bucket", + "arn": "arn:${Partition}:lightsail:${Region}:${Account}:Bucket/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "domain": "Domain", + "instance": "Instance", + "instancesnapshot": "InstanceSnapshot", + "keypair": "KeyPair", + "staticip": "StaticIp", + "disk": "Disk", + "disksnapshot": "DiskSnapshot", + "loadbalancer": "LoadBalancer", + "loadbalancertlscertificate": "LoadBalancerTlsCertificate", + "exportsnapshotrecord": "ExportSnapshotRecord", + "cloudformationstackrecord": "CloudFormationStackRecord", + "relationaldatabase": "RelationalDatabase", + "relationaldatabasesnapshot": "RelationalDatabaseSnapshot", + "alarm": "Alarm", + "certificate": "Certificate", + "contactmethod": "ContactMethod", + "containerservice": "ContainerService", + "distribution": "Distribution", + "bucket": "Bucket" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + } + } + }, + "geo": { + "service_name": "Amazon Location", + "prefix": "geo", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlocation.html", + "privileges": { + "AssociateTrackerConsumer": { + "privilege": "AssociateTrackerConsumer", + "description": "Grants permission to create an association between a geofence-collection and a tracker resource", + "access_level": "Write", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_AssociateTrackerConsumer.html" + }, + "BatchDeleteDevicePositionHistory": { + "privilege": "BatchDeleteDevicePositionHistory", + "description": "Grants permission to delete a batch of device position histories from a tracker resource", + "access_level": "Write", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:DeviceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchDeleteDevicePositionHistory.html" + }, + "BatchDeleteGeofence": { + "privilege": "BatchDeleteGeofence", + "description": "Grants permission to delete a batch of geofences from a geofence collection", + "access_level": "Write", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:GeofenceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchDeleteGeofence.html" + }, + "BatchEvaluateGeofences": { + "privilege": "BatchEvaluateGeofences", + "description": "Grants permission to evaluate device positions against the position of geofences in a given geofence collection", + "access_level": "Write", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchEvaluateGeofences.html" + }, + "BatchGetDevicePosition": { + "privilege": "BatchGetDevicePosition", + "description": "Grants permission to send a batch request to retrieve device positions", + "access_level": "Read", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:DeviceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchGetDevicePosition.html" + }, + "BatchPutGeofence": { + "privilege": "BatchPutGeofence", + "description": "Grants permission to send a batch request for adding geofences into a given geofence collection", + "access_level": "Write", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:GeofenceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchPutGeofence.html" + }, + "BatchUpdateDevicePosition": { + "privilege": "BatchUpdateDevicePosition", + "description": "Grants permission to upload a position update for one or more devices to a tracker resource", + "access_level": "Write", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:DeviceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_BatchUpdateDevicePosition.html" + }, + "CalculateRoute": { + "privilege": "CalculateRoute", + "description": "Grants permission to calculate routes using a given route calculator resource", + "access_level": "Read", + "resource_types": { + "route-calculator": { + "resource_type": "route-calculator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-calculator": "route-calculator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CalculateRoute.html" + }, + "CalculateRouteMatrix": { + "privilege": "CalculateRouteMatrix", + "description": "Grants permission to calculate a route matrix using a given route calculator resource", + "access_level": "Read", + "resource_types": { + "route-calculator": { + "resource_type": "route-calculator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-calculator": "route-calculator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CalculateRouteMatrix.html" + }, + "CreateGeofenceCollection": { + "privilege": "CreateGeofenceCollection", + "description": "Grants permission to create a geofence-collection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateGeofenceCollection.html" + }, + "CreateKey": { + "privilege": "CreateKey", + "description": "Grants permission to create an API key resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateKey.html" + }, + "CreateMap": { + "privilege": "CreateMap", + "description": "Grants permission to create a map resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateMap.html" + }, + "CreatePlaceIndex": { + "privilege": "CreatePlaceIndex", + "description": "Grants permission to create a place index resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreatePlaceIndex.html" + }, + "CreateRouteCalculator": { + "privilege": "CreateRouteCalculator", + "description": "Grants permission to create a route calculator resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateRouteCalculator.html" + }, + "CreateTracker": { + "privilege": "CreateTracker", + "description": "Grants permission to create a tracker resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_CreateTracker.html" + }, + "DeleteGeofenceCollection": { + "privilege": "DeleteGeofenceCollection", + "description": "Grants permission to delete a geofence-collection", + "access_level": "Write", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteGeofenceCollection.html" + }, + "DeleteKey": { + "privilege": "DeleteKey", + "description": "Grants permission to delete an API key resource", + "access_level": "Write", + "resource_types": { + "api-key": { + "resource_type": "api-key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-key": "api-key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteKey.html" + }, + "DeleteMap": { + "privilege": "DeleteMap", + "description": "Grants permission to delete a map resource", + "access_level": "Write", + "resource_types": { + "map": { + "resource_type": "map", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "map": "map" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteMap.html" + }, + "DeletePlaceIndex": { + "privilege": "DeletePlaceIndex", + "description": "Grants permission to delete a place index resource", + "access_level": "Write", + "resource_types": { + "place-index": { + "resource_type": "place-index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "place-index": "place-index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeletePlaceIndex.html" + }, + "DeleteRouteCalculator": { + "privilege": "DeleteRouteCalculator", + "description": "Grants permission to delete a route calculator resource", + "access_level": "Write", + "resource_types": { + "route-calculator": { + "resource_type": "route-calculator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-calculator": "route-calculator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteRouteCalculator.html" + }, + "DeleteTracker": { + "privilege": "DeleteTracker", + "description": "Grants permission to delete a tracker resource", + "access_level": "Write", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DeleteTracker.html" + }, + "DescribeGeofenceCollection": { + "privilege": "DescribeGeofenceCollection", + "description": "Grants permission to retrieve geofence collection details", + "access_level": "Read", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeGeofenceCollection.html" + }, + "DescribeKey": { + "privilege": "DescribeKey", + "description": "Grants permission to retrieve API key resource details and secret", + "access_level": "Read", + "resource_types": { + "api-key": { + "resource_type": "api-key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-key": "api-key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeKey.html" + }, + "DescribeMap": { + "privilege": "DescribeMap", + "description": "Grants permission to retrieve map resource details", + "access_level": "Read", + "resource_types": { + "map": { + "resource_type": "map", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "map": "map" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeMap.html" + }, + "DescribePlaceIndex": { + "privilege": "DescribePlaceIndex", + "description": "Grants permission to retrieve place-index resource details", + "access_level": "Read", + "resource_types": { + "place-index": { + "resource_type": "place-index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "place-index": "place-index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribePlaceIndex.html" + }, + "DescribeRouteCalculator": { + "privilege": "DescribeRouteCalculator", + "description": "Grants permission to retrieve route calculator resource details", + "access_level": "Read", + "resource_types": { + "route-calculator": { + "resource_type": "route-calculator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-calculator": "route-calculator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeRouteCalculator.html" + }, + "DescribeTracker": { + "privilege": "DescribeTracker", + "description": "Grants permission to retrieve a tracker resource details", + "access_level": "Read", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DescribeTracker.html" + }, + "DisassociateTrackerConsumer": { + "privilege": "DisassociateTrackerConsumer", + "description": "Grants permission to remove the association between a tracker resource and a geofence-collection", + "access_level": "Write", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_DisassociateTrackerConsumer.html" + }, + "GetDevicePosition": { + "privilege": "GetDevicePosition", + "description": "Grants permission to retrieve the latest device position", + "access_level": "Read", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:DeviceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetDevicePosition.html" + }, + "GetDevicePositionHistory": { + "privilege": "GetDevicePositionHistory", + "description": "Grants permission to retrieve the device position history", + "access_level": "Read", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:DeviceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetDevicePositionHistory.html" + }, + "GetGeofence": { + "privilege": "GetGeofence", + "description": "Grants permission to retrieve the geofence details from a geofence-collection", + "access_level": "Read", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:GeofenceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetGeofence.html" + }, + "GetMapGlyphs": { + "privilege": "GetMapGlyphs", + "description": "Grants permission to retrieve the glyph file for a map resource", + "access_level": "Read", + "resource_types": { + "map": { + "resource_type": "map", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "map": "map" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapGlyphs.html" + }, + "GetMapSprites": { + "privilege": "GetMapSprites", + "description": "Grants permission to retrieve the sprite file for a map resource", + "access_level": "Read", + "resource_types": { + "map": { + "resource_type": "map", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "map": "map" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapSprites.html" + }, + "GetMapStyleDescriptor": { + "privilege": "GetMapStyleDescriptor", + "description": "Grants permission to retrieve the map style descriptor from a map resource", + "access_level": "Read", + "resource_types": { + "map": { + "resource_type": "map", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "map": "map" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapStyleDescriptor.html" + }, + "GetMapTile": { + "privilege": "GetMapTile", + "description": "Grants permission to retrieve the map tile from the map resource", + "access_level": "Read", + "resource_types": { + "map": { + "resource_type": "map", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "map": "map" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetMapTile.html" + }, + "GetPlace": { + "privilege": "GetPlace", + "description": "Grants permission to find a place by its unique ID", + "access_level": "Read", + "resource_types": { + "place-index": { + "resource_type": "place-index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "place-index": "place-index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_GetPlace.html" + }, + "ListDevicePositions": { + "privilege": "ListDevicePositions", + "description": "Grants permission to retrieve a list of devices and their latest positions from the given tracker resource", + "access_level": "Read", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListDevicePositions.html" + }, + "ListGeofenceCollections": { + "privilege": "ListGeofenceCollections", + "description": "Grants permission to lists geofence-collections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListGeofenceCollections.html" + }, + "ListGeofences": { + "privilege": "ListGeofences", + "description": "Grants permission to list geofences stored in a given geofence collection", + "access_level": "Read", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListGeofences.html" + }, + "ListKeys": { + "privilege": "ListKeys", + "description": "Grants permission to list API key resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListKeys.html" + }, + "ListMaps": { + "privilege": "ListMaps", + "description": "Grants permission to list map resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListMaps.html" + }, + "ListPlaceIndexes": { + "privilege": "ListPlaceIndexes", + "description": "Grants permission to return a list of place index resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListPlaceIndexes.html" + }, + "ListRouteCalculators": { + "privilege": "ListRouteCalculators", + "description": "Grants permission to return a list of route calculator resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListRouteCalculators.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags (metadata) which you have assigned to the resource", + "access_level": "Read", + "resource_types": { + "api-key": { + "resource_type": "api-key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "geofence-collection": { + "resource_type": "geofence-collection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "map": { + "resource_type": "map", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "place-index": { + "resource_type": "place-index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route-calculator": { + "resource_type": "route-calculator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "tracker": { + "resource_type": "tracker", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-key": "api-key", + "geofence-collection": "geofence-collection", + "map": "map", + "place-index": "place-index", + "route-calculator": "route-calculator", + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTrackerConsumers": { + "privilege": "ListTrackerConsumers", + "description": "Grants permission to retrieve a list of geofence collections currently associated to the given tracker resource", + "access_level": "Read", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListTrackerConsumers.html" + }, + "ListTrackers": { + "privilege": "ListTrackers", + "description": "Grants permission to return a list of tracker resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_ListTrackers.html" + }, + "PutGeofence": { + "privilege": "PutGeofence", + "description": "Grants permission to add a new geofence or update an existing geofence to a given geofence-collection", + "access_level": "Write", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "geo:GeofenceIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_PutGeofence.html" + }, + "SearchPlaceIndexForPosition": { + "privilege": "SearchPlaceIndexForPosition", + "description": "Grants permission to reverse geocodes a given coordinate", + "access_level": "Read", + "resource_types": { + "place-index": { + "resource_type": "place-index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "place-index": "place-index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_SearchPlaceIndexForPosition.html" + }, + "SearchPlaceIndexForSuggestions": { + "privilege": "SearchPlaceIndexForSuggestions", + "description": "Grants permission to generate suggestions for addresses and points of interest based on partial or misspelled free-form text", + "access_level": "Read", + "resource_types": { + "place-index": { + "resource_type": "place-index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "place-index": "place-index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_SearchPlaceIndexForSuggestions.html" + }, + "SearchPlaceIndexForText": { + "privilege": "SearchPlaceIndexForText", + "description": "Grants permission to geocode free-form text, such as an address, name, city or region", + "access_level": "Read", + "resource_types": { + "place-index": { + "resource_type": "place-index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "place-index": "place-index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_SearchPlaceIndexForText.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to adds to or modifies the tags of the given resource. Tags are metadata which can be used to manage a resource", + "access_level": "Tagging", + "resource_types": { + "api-key": { + "resource_type": "api-key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "geofence-collection": { + "resource_type": "geofence-collection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "map": { + "resource_type": "map", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "place-index": { + "resource_type": "place-index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route-calculator": { + "resource_type": "route-calculator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "tracker": { + "resource_type": "tracker", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-key": "api-key", + "geofence-collection": "geofence-collection", + "map": "map", + "place-index": "place-index", + "route-calculator": "route-calculator", + "tracker": "tracker", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the given tags (metadata) from the resource", + "access_level": "Tagging", + "resource_types": { + "api-key": { + "resource_type": "api-key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "geofence-collection": { + "resource_type": "geofence-collection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "map": { + "resource_type": "map", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "place-index": { + "resource_type": "place-index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route-calculator": { + "resource_type": "route-calculator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "tracker": { + "resource_type": "tracker", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-key": "api-key", + "geofence-collection": "geofence-collection", + "map": "map", + "place-index": "place-index", + "route-calculator": "route-calculator", + "tracker": "tracker", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UntagResource.html" + }, + "UpdateGeofenceCollection": { + "privilege": "UpdateGeofenceCollection", + "description": "Grants permission to update a geofence collection", + "access_level": "Write", + "resource_types": { + "geofence-collection": { + "resource_type": "geofence-collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geofence-collection": "geofence-collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateGeofenceCollection.html" + }, + "UpdateKey": { + "privilege": "UpdateKey", + "description": "Grants permission to update an API key resource", + "access_level": "Write", + "resource_types": { + "api-key": { + "resource_type": "api-key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api-key": "api-key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateKey.html" + }, + "UpdateMap": { + "privilege": "UpdateMap", + "description": "Grants permission to update a map resource", + "access_level": "Write", + "resource_types": { + "map": { + "resource_type": "map", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "map": "map" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateMap.html" + }, + "UpdatePlaceIndex": { + "privilege": "UpdatePlaceIndex", + "description": "Grants permission to update a place index resource", + "access_level": "Write", + "resource_types": { + "place-index": { + "resource_type": "place-index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "place-index": "place-index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdatePlaceIndex.html" + }, + "UpdateRouteCalculator": { + "privilege": "UpdateRouteCalculator", + "description": "Grants permission to update a route calculator resource", + "access_level": "Write", + "resource_types": { + "route-calculator": { + "resource_type": "route-calculator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route-calculator": "route-calculator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateRouteCalculator.html" + }, + "UpdateTracker": { + "privilege": "UpdateTracker", + "description": "Grants permission to update a tracker resource", + "access_level": "Write", + "resource_types": { + "tracker": { + "resource_type": "tracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tracker": "tracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/location/latest/APIReference/API_UpdateTracker.html" + } + }, + "privileges_lower_name": { + "associatetrackerconsumer": "AssociateTrackerConsumer", + "batchdeletedevicepositionhistory": "BatchDeleteDevicePositionHistory", + "batchdeletegeofence": "BatchDeleteGeofence", + "batchevaluategeofences": "BatchEvaluateGeofences", + "batchgetdeviceposition": "BatchGetDevicePosition", + "batchputgeofence": "BatchPutGeofence", + "batchupdatedeviceposition": "BatchUpdateDevicePosition", + "calculateroute": "CalculateRoute", + "calculateroutematrix": "CalculateRouteMatrix", + "creategeofencecollection": "CreateGeofenceCollection", + "createkey": "CreateKey", + "createmap": "CreateMap", + "createplaceindex": "CreatePlaceIndex", + "createroutecalculator": "CreateRouteCalculator", + "createtracker": "CreateTracker", + "deletegeofencecollection": "DeleteGeofenceCollection", + "deletekey": "DeleteKey", + "deletemap": "DeleteMap", + "deleteplaceindex": "DeletePlaceIndex", + "deleteroutecalculator": "DeleteRouteCalculator", + "deletetracker": "DeleteTracker", + "describegeofencecollection": "DescribeGeofenceCollection", + "describekey": "DescribeKey", + "describemap": "DescribeMap", + "describeplaceindex": "DescribePlaceIndex", + "describeroutecalculator": "DescribeRouteCalculator", + "describetracker": "DescribeTracker", + "disassociatetrackerconsumer": "DisassociateTrackerConsumer", + "getdeviceposition": "GetDevicePosition", + "getdevicepositionhistory": "GetDevicePositionHistory", + "getgeofence": "GetGeofence", + "getmapglyphs": "GetMapGlyphs", + "getmapsprites": "GetMapSprites", + "getmapstyledescriptor": "GetMapStyleDescriptor", + "getmaptile": "GetMapTile", + "getplace": "GetPlace", + "listdevicepositions": "ListDevicePositions", + "listgeofencecollections": "ListGeofenceCollections", + "listgeofences": "ListGeofences", + "listkeys": "ListKeys", + "listmaps": "ListMaps", + "listplaceindexes": "ListPlaceIndexes", + "listroutecalculators": "ListRouteCalculators", + "listtagsforresource": "ListTagsForResource", + "listtrackerconsumers": "ListTrackerConsumers", + "listtrackers": "ListTrackers", + "putgeofence": "PutGeofence", + "searchplaceindexforposition": "SearchPlaceIndexForPosition", + "searchplaceindexforsuggestions": "SearchPlaceIndexForSuggestions", + "searchplaceindexfortext": "SearchPlaceIndexForText", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updategeofencecollection": "UpdateGeofenceCollection", + "updatekey": "UpdateKey", + "updatemap": "UpdateMap", + "updateplaceindex": "UpdatePlaceIndex", + "updateroutecalculator": "UpdateRouteCalculator", + "updatetracker": "UpdateTracker" + }, + "resources": { + "api-key": { + "resource": "api-key", + "arn": "arn:${Partition}:geo:${Region}:${Account}:api-key/${KeyName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "geofence-collection": { + "resource": "geofence-collection", + "arn": "arn:${Partition}:geo:${Region}:${Account}:geofence-collection/${GeofenceCollectionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "geo:GeofenceIds" + ] + }, + "map": { + "resource": "map", + "arn": "arn:${Partition}:geo:${Region}:${Account}:map/${MapName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "place-index": { + "resource": "place-index", + "arn": "arn:${Partition}:geo:${Region}:${Account}:place-index/${IndexName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "route-calculator": { + "resource": "route-calculator", + "arn": "arn:${Partition}:geo:${Region}:${Account}:route-calculator/${CalculatorName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "tracker": { + "resource": "tracker", + "arn": "arn:${Partition}:geo:${Region}:${Account}:tracker/${TrackerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "geo:DeviceIds" + ] + } + }, + "resources_lower_name": { + "api-key": "api-key", + "geofence-collection": "geofence-collection", + "map": "map", + "place-index": "place-index", + "route-calculator": "route-calculator", + "tracker": "tracker" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + }, + "geo:DeviceIds": { + "condition": "geo:DeviceIds", + "description": "Filters access by the presence of device ids in the request", + "type": "ArrayOfString" + }, + "geo:GeofenceIds": { + "condition": "geo:GeofenceIds", + "description": "Filters access by the presence of geofence ids in the request", + "type": "ArrayOfString" + } + } + }, + "lookoutequipment": { + "service_name": "Amazon Lookout for Equipment", + "prefix": "lookoutequipment", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlookoutforequipment.html", + "privileges": { + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Grants permission to create a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateDataset.html" + }, + "CreateInferenceScheduler": { + "privilege": "CreateInferenceScheduler", + "description": "Grants permission to create an inference scheduler for a trained model", + "access_level": "Write", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateInferenceScheduler.html" + }, + "CreateLabel": { + "privilege": "CreateLabel", + "description": "Grants permission to create a label", + "access_level": "Write", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateLabel.html" + }, + "CreateLabelGroup": { + "privilege": "CreateLabelGroup", + "description": "Grants permission to create a label group", + "access_level": "Write", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateLabelGroup.html" + }, + "CreateModel": { + "privilege": "CreateModel", + "description": "Grants permission to create a model that is trained on a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_CreateModel.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Grants permission to delete a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteDataset.html" + }, + "DeleteInferenceScheduler": { + "privilege": "DeleteInferenceScheduler", + "description": "Grants permission to delete an inference scheduler", + "access_level": "Write", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteInferenceScheduler.html" + }, + "DeleteLabel": { + "privilege": "DeleteLabel", + "description": "Grants permission to delete a label", + "access_level": "Write", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteLabel.html" + }, + "DeleteLabelGroup": { + "privilege": "DeleteLabelGroup", + "description": "Grants permission to delete a label group", + "access_level": "Write", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteLabelGroup.html" + }, + "DeleteModel": { + "privilege": "DeleteModel", + "description": "Grants permission to delete a model", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DeleteModel.html" + }, + "DescribeDataIngestionJob": { + "privilege": "DescribeDataIngestionJob", + "description": "Grants permission to describe a data ingestion job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeDataIngestionJob" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to describe a dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeDataset.html" + }, + "DescribeInferenceScheduler": { + "privilege": "DescribeInferenceScheduler", + "description": "Grants permission to describe an inference scheduler", + "access_level": "Read", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeInferenceScheduler.html" + }, + "DescribeLabelGroup": { + "privilege": "DescribeLabelGroup", + "description": "Grants permission to describe a label group", + "access_level": "Read", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeLabelGroup.html" + }, + "DescribeModel": { + "privilege": "DescribeModel", + "description": "Grants permission to describe a model", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeModel.html" + }, + "Describelabel": { + "privilege": "Describelabel", + "description": "Grants permission to describe a label", + "access_level": "Read", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_DescribeLabel.html" + }, + "ListDataIngestionJobs": { + "privilege": "ListDataIngestionJobs", + "description": "Grants permission to list the data ingestion jobs in your account or for a particular dataset", + "access_level": "List", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListDataIngestionJobs.html" + }, + "ListDatasets": { + "privilege": "ListDatasets", + "description": "Grants permission to list the datasets in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListDatasets.html" + }, + "ListInferenceEvents": { + "privilege": "ListInferenceEvents", + "description": "Grants permission to list the inference events for an inference scheduler", + "access_level": "Read", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListInferenceEvents.html" + }, + "ListInferenceExecutions": { + "privilege": "ListInferenceExecutions", + "description": "Grants permission to list the inference executions for an inference scheduler", + "access_level": "Read", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListInferenceExecutions.html" + }, + "ListInferenceSchedulers": { + "privilege": "ListInferenceSchedulers", + "description": "Grants permission to list the inference schedulers in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListInferenceSchedulers.html" + }, + "ListLabelGroups": { + "privilege": "ListLabelGroups", + "description": "Grants permission to list the label groups in your account", + "access_level": "List", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListLabelGroups.html" + }, + "ListLabels": { + "privilege": "ListLabels", + "description": "Grants permission to list the labels in your account", + "access_level": "List", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListLabels.html" + }, + "ListModels": { + "privilege": "ListModels", + "description": "Grants permission to list the models in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListModels.html" + }, + "ListSensorStatistics": { + "privilege": "ListSensorStatistics", + "description": "Grants permission to list the sensor statistics for a particular dataset or an ingestion job", + "access_level": "List", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListSensorStatistics.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "label-group": { + "resource_type": "label-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "inference-scheduler": "inference-scheduler", + "label-group": "label-group", + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_ListTagsForResource.html" + }, + "StartDataIngestionJob": { + "privilege": "StartDataIngestionJob", + "description": "Grants permission to start a data ingestion job for a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_StartDataIngestionJob.html" + }, + "StartInferenceScheduler": { + "privilege": "StartInferenceScheduler", + "description": "Grants permission to start an inference scheduler", + "access_level": "Write", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_StartInferenceScheduler.html" + }, + "StopInferenceScheduler": { + "privilege": "StopInferenceScheduler", + "description": "Grants permission to stop an inference scheduler", + "access_level": "Write", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_StopInferenceScheduler.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "label-group": { + "resource_type": "label-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "inference-scheduler": "inference-scheduler", + "label-group": "label-group", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "label-group": { + "resource_type": "label-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "inference-scheduler": "inference-scheduler", + "label-group": "label-group", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_UntagResource.html" + }, + "UpdateInferenceScheduler": { + "privilege": "UpdateInferenceScheduler", + "description": "Grants permission to update an inference scheduler", + "access_level": "Write", + "resource_types": { + "inference-scheduler": { + "resource_type": "inference-scheduler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-scheduler": "inference-scheduler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_UpdateInferenceScheduler.html" + }, + "UpdateLabelGroup": { + "privilege": "UpdateLabelGroup", + "description": "Grants permission to update a label group", + "access_level": "Write", + "resource_types": { + "label-group": { + "resource_type": "label-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "label-group": "label-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-equipment/latest/ug/API_UpdateLabelGroup.html" + } + }, + "privileges_lower_name": { + "createdataset": "CreateDataset", + "createinferencescheduler": "CreateInferenceScheduler", + "createlabel": "CreateLabel", + "createlabelgroup": "CreateLabelGroup", + "createmodel": "CreateModel", + "deletedataset": "DeleteDataset", + "deleteinferencescheduler": "DeleteInferenceScheduler", + "deletelabel": "DeleteLabel", + "deletelabelgroup": "DeleteLabelGroup", + "deletemodel": "DeleteModel", + "describedataingestionjob": "DescribeDataIngestionJob", + "describedataset": "DescribeDataset", + "describeinferencescheduler": "DescribeInferenceScheduler", + "describelabelgroup": "DescribeLabelGroup", + "describemodel": "DescribeModel", + "describelabel": "Describelabel", + "listdataingestionjobs": "ListDataIngestionJobs", + "listdatasets": "ListDatasets", + "listinferenceevents": "ListInferenceEvents", + "listinferenceexecutions": "ListInferenceExecutions", + "listinferenceschedulers": "ListInferenceSchedulers", + "listlabelgroups": "ListLabelGroups", + "listlabels": "ListLabels", + "listmodels": "ListModels", + "listsensorstatistics": "ListSensorStatistics", + "listtagsforresource": "ListTagsForResource", + "startdataingestionjob": "StartDataIngestionJob", + "startinferencescheduler": "StartInferenceScheduler", + "stopinferencescheduler": "StopInferenceScheduler", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateinferencescheduler": "UpdateInferenceScheduler", + "updatelabelgroup": "UpdateLabelGroup" + }, + "resources": { + "dataset": { + "resource": "dataset", + "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:dataset/${DatasetName}/${DatasetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "model": { + "resource": "model", + "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:model/${ModelName}/${ModelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "inference-scheduler": { + "resource": "inference-scheduler", + "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:inference-scheduler/${InferenceSchedulerName}/${InferenceSchedulerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "label-group": { + "resource": "label-group", + "arn": "arn:${Partition}:lookoutequipment:${Region}:${Account}:label-group/${LabelGroupName}/${LabelGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "dataset": "dataset", + "model": "model", + "inference-scheduler": "inference-scheduler", + "label-group": "label-group" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "lookoutmetrics": { + "service_name": "Amazon Lookout for Metrics", + "prefix": "lookoutmetrics", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlookoutformetrics.html", + "privileges": { + "ActivateAnomalyDetector": { + "privilege": "ActivateAnomalyDetector", + "description": "Grants permission to activate an anomaly detector", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ActivateAnomalyDetector.html" + }, + "BackTestAnomalyDetector": { + "privilege": "BackTestAnomalyDetector", + "description": "Grants permission to run a backtest with an anomaly detector", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_BackTestAnomalyDetector.html" + }, + "CreateAlert": { + "privilege": "CreateAlert", + "description": "Grants permission to create an alert for an anomaly detector", + "access_level": "Write", + "resource_types": { + "Alert": { + "resource_type": "Alert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alert": "Alert", + "anomalydetector": "AnomalyDetector", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_CreateAlert.html" + }, + "CreateAnomalyDetector": { + "privilege": "CreateAnomalyDetector", + "description": "Grants permission to create an anomaly detector", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_CreateAnomalyDetector.html" + }, + "CreateMetricSet": { + "privilege": "CreateMetricSet", + "description": "Grants permission to create a dataset", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "MetricSet": { + "resource_type": "MetricSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector", + "metricset": "MetricSet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_CreateMetricSet.html" + }, + "DeactivateAnomalyDetector": { + "privilege": "DeactivateAnomalyDetector", + "description": "Grants permission to deactivate an anomaly detector", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DeactivateAnomalyDetector.html" + }, + "DeleteAlert": { + "privilege": "DeleteAlert", + "description": "Grants permission to delete an alert", + "access_level": "Write", + "resource_types": { + "Alert": { + "resource_type": "Alert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alert": "Alert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DeleteAlert.html" + }, + "DeleteAnomalyDetector": { + "privilege": "DeleteAnomalyDetector", + "description": "Grants permission to delete an anomaly detector", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DeleteAnomalyDetector.html" + }, + "DescribeAlert": { + "privilege": "DescribeAlert", + "description": "Grants permission to get details about an alert", + "access_level": "Read", + "resource_types": { + "Alert": { + "resource_type": "Alert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alert": "Alert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeAlert.html" + }, + "DescribeAnomalyDetectionExecutions": { + "privilege": "DescribeAnomalyDetectionExecutions", + "description": "Grants permission to get information about an anomaly detection job", + "access_level": "Read", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeAnomalyDetectionExecutions.html" + }, + "DescribeAnomalyDetector": { + "privilege": "DescribeAnomalyDetector", + "description": "Grants permission to get details about an anomaly detector", + "access_level": "Read", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeAnomalyDetector.html" + }, + "DescribeMetricSet": { + "privilege": "DescribeMetricSet", + "description": "Grants permission to get details about a dataset", + "access_level": "Read", + "resource_types": { + "MetricSet": { + "resource_type": "MetricSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metricset": "MetricSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DescribeMetricSet.html" + }, + "DetectMetricSetConfig": { + "privilege": "DetectMetricSetConfig", + "description": "Grants permission to detect metric set config from data source", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_DetectMetricSetConfig.html" + }, + "GetAnomalyGroup": { + "privilege": "GetAnomalyGroup", + "description": "Grants permission to get details about a group of affected metrics", + "access_level": "Read", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetAnomalyGroup.html" + }, + "GetDataQualityMetrics": { + "privilege": "GetDataQualityMetrics", + "description": "Grants permission to get data quality metrics for an anomaly detector", + "access_level": "Read", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetDataQualityMetrics.html" + }, + "GetFeedback": { + "privilege": "GetFeedback", + "description": "Grants permission to get feedback on affected metrics for an anomaly group", + "access_level": "Read", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetFeedback.html" + }, + "GetSampleData": { + "privilege": "GetSampleData", + "description": "Grants permission to get a selection of sample records from an Amazon S3 datasource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_GetSampleData.html" + }, + "ListAlerts": { + "privilege": "ListAlerts", + "description": "Grants permission to get a list of alerts for a detector", + "access_level": "List", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAlerts.html" + }, + "ListAnomalyDetectors": { + "privilege": "ListAnomalyDetectors", + "description": "Grants permission to get a list of anomaly detectors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyDetectors.html" + }, + "ListAnomalyGroupRelatedMetrics": { + "privilege": "ListAnomalyGroupRelatedMetrics", + "description": "Grants permission to get a list of related measures in an anomaly group", + "access_level": "List", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyGroupRelatedMetrics.html" + }, + "ListAnomalyGroupSummaries": { + "privilege": "ListAnomalyGroupSummaries", + "description": "Grants permission to get a list of anomaly groups", + "access_level": "List", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyGroupSummaries.html" + }, + "ListAnomalyGroupTimeSeries": { + "privilege": "ListAnomalyGroupTimeSeries", + "description": "Grants permission to get a list of affected metrics for a measure in an anomaly group", + "access_level": "List", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListAnomalyGroupTimeSeries.html" + }, + "ListMetricSets": { + "privilege": "ListMetricSets", + "description": "Grants permission to get a list of datasets", + "access_level": "List", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListMetricSets.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get a list of tags for a detector, dataset, or alert", + "access_level": "Read", + "resource_types": { + "Alert": { + "resource_type": "Alert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MetricSet": { + "resource_type": "MetricSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alert": "Alert", + "anomalydetector": "AnomalyDetector", + "metricset": "MetricSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_ListTagsForResource.html" + }, + "PutFeedback": { + "privilege": "PutFeedback", + "description": "Grants permission to add feedback for an affected metric in an anomaly group", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_PutFeedback.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a detector, dataset, or alert", + "access_level": "Tagging", + "resource_types": { + "Alert": { + "resource_type": "Alert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MetricSet": { + "resource_type": "MetricSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alert": "Alert", + "anomalydetector": "AnomalyDetector", + "metricset": "MetricSet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a detector, dataset, or alert", + "access_level": "Tagging", + "resource_types": { + "Alert": { + "resource_type": "Alert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MetricSet": { + "resource_type": "MetricSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alert": "Alert", + "anomalydetector": "AnomalyDetector", + "metricset": "MetricSet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UntagResource.html" + }, + "UpdateAlert": { + "privilege": "UpdateAlert", + "description": "Grants permission to update an alert for an anomaly detector", + "access_level": "Write", + "resource_types": { + "Alert": { + "resource_type": "Alert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alert": "Alert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UpdateAlert.html" + }, + "UpdateAnomalyDetector": { + "privilege": "UpdateAnomalyDetector", + "description": "Grants permission to update an anomaly detector", + "access_level": "Write", + "resource_types": { + "AnomalyDetector": { + "resource_type": "AnomalyDetector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalydetector": "AnomalyDetector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UpdateAnomalyDetector.html" + }, + "UpdateMetricSet": { + "privilege": "UpdateMetricSet", + "description": "Grants permission to update a dataset", + "access_level": "Write", + "resource_types": { + "MetricSet": { + "resource_type": "MetricSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metricset": "MetricSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookoutmetrics/latest/api/API_UpdateMetricSet.html" + } + }, + "privileges_lower_name": { + "activateanomalydetector": "ActivateAnomalyDetector", + "backtestanomalydetector": "BackTestAnomalyDetector", + "createalert": "CreateAlert", + "createanomalydetector": "CreateAnomalyDetector", + "createmetricset": "CreateMetricSet", + "deactivateanomalydetector": "DeactivateAnomalyDetector", + "deletealert": "DeleteAlert", + "deleteanomalydetector": "DeleteAnomalyDetector", + "describealert": "DescribeAlert", + "describeanomalydetectionexecutions": "DescribeAnomalyDetectionExecutions", + "describeanomalydetector": "DescribeAnomalyDetector", + "describemetricset": "DescribeMetricSet", + "detectmetricsetconfig": "DetectMetricSetConfig", + "getanomalygroup": "GetAnomalyGroup", + "getdataqualitymetrics": "GetDataQualityMetrics", + "getfeedback": "GetFeedback", + "getsampledata": "GetSampleData", + "listalerts": "ListAlerts", + "listanomalydetectors": "ListAnomalyDetectors", + "listanomalygrouprelatedmetrics": "ListAnomalyGroupRelatedMetrics", + "listanomalygroupsummaries": "ListAnomalyGroupSummaries", + "listanomalygrouptimeseries": "ListAnomalyGroupTimeSeries", + "listmetricsets": "ListMetricSets", + "listtagsforresource": "ListTagsForResource", + "putfeedback": "PutFeedback", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatealert": "UpdateAlert", + "updateanomalydetector": "UpdateAnomalyDetector", + "updatemetricset": "UpdateMetricSet" + }, + "resources": { + "AnomalyDetector": { + "resource": "AnomalyDetector", + "arn": "arn:${Partition}:lookoutmetrics:${Region}:${Account}:AnomalyDetector:${AnomalyDetectorName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "MetricSet": { + "resource": "MetricSet", + "arn": "arn:${Partition}:lookoutmetrics:${Region}:${Account}:MetricSet/${AnomalyDetectorName}/${MetricSetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Alert": { + "resource": "Alert", + "arn": "arn:${Partition}:lookoutmetrics:${Region}:${Account}:Alert:${AlertName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "anomalydetector": "AnomalyDetector", + "metricset": "MetricSet", + "alert": "Alert" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "lookoutvision": { + "service_name": "Amazon Lookout for Vision", + "prefix": "lookoutvision", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlookoutforvision.html", + "privileges": { + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Grants permission to create a dataset manifest", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_CreateDataset.html" + }, + "CreateModel": { + "privilege": "CreateModel", + "description": "Grants permission to create a new anomaly detection model", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_CreateModel.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a new project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_CreateProject.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Grants permission to delete a dataset", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DeleteDataset.html" + }, + "DeleteModel": { + "privilege": "DeleteModel", + "description": "Grants permission to delete a model and all associated assets", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DeleteModel.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to permanently remove a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DeleteProject.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to show detailed information about dataset manifest", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeDataset.html" + }, + "DescribeModel": { + "privilege": "DescribeModel", + "description": "Grants permission to show detailed information about a model", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeModel.html" + }, + "DescribeModelPackagingJob": { + "privilege": "DescribeModelPackagingJob", + "description": "Grants permission to show detailed information about a model packaging job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeModelPackagingJob.html" + }, + "DescribeProject": { + "privilege": "DescribeProject", + "description": "Grants permission to show detailed information about a project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DescribeProject.html" + }, + "DescribeTrialDetection": { + "privilege": "DescribeTrialDetection", + "description": "Grants permission to provides state information about a running anomaly detection job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/developer-guide/trial-detection.html" + }, + "DetectAnomalies": { + "privilege": "DetectAnomalies", + "description": "Grants permission to invoke detection of anomalies", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_DetectAnomalies.html" + }, + "ListDatasetEntries": { + "privilege": "ListDatasetEntries", + "description": "Grants permission to list the contents of dataset manifest", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListDatasetEntries.html" + }, + "ListModelPackagingJobs": { + "privilege": "ListModelPackagingJobs", + "description": "Grants permission to list all model packaging jobs associated with a project", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListModelPackagingJobs.html" + }, + "ListModels": { + "privilege": "ListModels", + "description": "Grants permission to list all models associated with a project", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListModels.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list all projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListProjects.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTrialDetections": { + "privilege": "ListTrialDetections", + "description": "Grants permission to list all anomaly detection jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/developer-guide/trial-detection.html" + }, + "StartModel": { + "privilege": "StartModel", + "description": "Grants permission to start anomaly detection model", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_StartModel.html" + }, + "StartModelPackagingJob": { + "privilege": "StartModelPackagingJob", + "description": "Grants permission to start a model packaging job", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_StartModelPackagingJob.html" + }, + "StartTrialDetection": { + "privilege": "StartTrialDetection", + "description": "Grants permission to start bulk detection of anomalies for a set of images stored in an S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/developer-guide/trial-detection.html" + }, + "StopModel": { + "privilege": "StopModel", + "description": "Grants permission to stop anomaly detection model", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_StopModel.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource with given key value pairs", + "access_level": "Tagging", + "resource_types": { + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the tag with the given key from a resource", + "access_level": "Tagging", + "resource_types": { + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_UntagResource.html" + }, + "UpdateDatasetEntries": { + "privilege": "UpdateDatasetEntries", + "description": "Grants permission to update a training or test dataset manifest", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lookout-for-vision/latest/APIReference/API_UpdateDatasetEntries.html" + } + }, + "privileges_lower_name": { + "createdataset": "CreateDataset", + "createmodel": "CreateModel", + "createproject": "CreateProject", + "deletedataset": "DeleteDataset", + "deletemodel": "DeleteModel", + "deleteproject": "DeleteProject", + "describedataset": "DescribeDataset", + "describemodel": "DescribeModel", + "describemodelpackagingjob": "DescribeModelPackagingJob", + "describeproject": "DescribeProject", + "describetrialdetection": "DescribeTrialDetection", + "detectanomalies": "DetectAnomalies", + "listdatasetentries": "ListDatasetEntries", + "listmodelpackagingjobs": "ListModelPackagingJobs", + "listmodels": "ListModels", + "listprojects": "ListProjects", + "listtagsforresource": "ListTagsForResource", + "listtrialdetections": "ListTrialDetections", + "startmodel": "StartModel", + "startmodelpackagingjob": "StartModelPackagingJob", + "starttrialdetection": "StartTrialDetection", + "stopmodel": "StopModel", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedatasetentries": "UpdateDatasetEntries" + }, + "resources": { + "model": { + "resource": "model", + "arn": "arn:${Partition}:lookoutvision:${Region}:${Account}:model/${ProjectName}/${ModelVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "project": { + "resource": "project", + "arn": "arn:${Partition}:lookoutvision:${Region}:${Account}:project/${ProjectName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "model": "model", + "project": "project" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "machinelearning": { + "service_name": "Amazon Machine Learning", + "prefix": "machinelearning", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmachinelearning.html", + "privileges": { + "AddTags": { + "privilege": "AddTags", + "description": "Adds one or more tags to an object, up to a limit of 10. Each tag consists of a key and an optional value", + "access_level": "Tagging", + "resource_types": { + "batchprediction": { + "resource_type": "batchprediction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasource": { + "resource_type": "datasource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation": { + "resource_type": "evaluation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mlmodel": { + "resource_type": "mlmodel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchprediction": "batchprediction", + "datasource": "datasource", + "evaluation": "evaluation", + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_AddTags.html" + }, + "CreateBatchPrediction": { + "privilege": "CreateBatchPrediction", + "description": "Generates predictions for a group of observations", + "access_level": "Write", + "resource_types": { + "batchprediction": { + "resource_type": "batchprediction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchprediction": "batchprediction", + "datasource": "datasource", + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateBatchPrediction.html" + }, + "CreateDataSourceFromRDS": { + "privilege": "CreateDataSourceFromRDS", + "description": "Creates a DataSource object from an Amazon RDS", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateDataSourceFromRDS.html" + }, + "CreateDataSourceFromRedshift": { + "privilege": "CreateDataSourceFromRedshift", + "description": "Creates a DataSource from a database hosted on an Amazon Redshift cluster", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateDataSourceFromRedshift.html" + }, + "CreateDataSourceFromS3": { + "privilege": "CreateDataSourceFromS3", + "description": "Creates a DataSource object from S3", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateDataSourceFromS3.html" + }, + "CreateEvaluation": { + "privilege": "CreateEvaluation", + "description": "Creates a new Evaluation of an MLModel", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation": { + "resource_type": "evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "evaluation": "evaluation", + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateEvaluation.html" + }, + "CreateMLModel": { + "privilege": "CreateMLModel", + "description": "Creates a new MLModel", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateMLModel.html" + }, + "CreateRealtimeEndpoint": { + "privilege": "CreateRealtimeEndpoint", + "description": "Creates a real-time endpoint for the MLModel", + "access_level": "Write", + "resource_types": { + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_CreateRealtimeEndpoint.html" + }, + "DeleteBatchPrediction": { + "privilege": "DeleteBatchPrediction", + "description": "Assigns the DELETED status to a BatchPrediction, rendering it unusable", + "access_level": "Write", + "resource_types": { + "batchprediction": { + "resource_type": "batchprediction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchprediction": "batchprediction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteBatchPrediction.html" + }, + "DeleteDataSource": { + "privilege": "DeleteDataSource", + "description": "Assigns the DELETED status to a DataSource, rendering it unusable", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteDataSource.html" + }, + "DeleteEvaluation": { + "privilege": "DeleteEvaluation", + "description": "Assigns the DELETED status to an Evaluation, rendering it unusable", + "access_level": "Write", + "resource_types": { + "evaluation": { + "resource_type": "evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation": "evaluation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteEvaluation.html" + }, + "DeleteMLModel": { + "privilege": "DeleteMLModel", + "description": "Assigns the DELETED status to an MLModel, rendering it unusable", + "access_level": "Write", + "resource_types": { + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteMLModel.html" + }, + "DeleteRealtimeEndpoint": { + "privilege": "DeleteRealtimeEndpoint", + "description": "Deletes a real time endpoint of an MLModel", + "access_level": "Write", + "resource_types": { + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteRealtimeEndpoint.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Deletes the specified tags associated with an ML object. After this operation is complete, you can't recover deleted tags", + "access_level": "Tagging", + "resource_types": { + "batchprediction": { + "resource_type": "batchprediction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasource": { + "resource_type": "datasource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation": { + "resource_type": "evaluation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mlmodel": { + "resource_type": "mlmodel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchprediction": "batchprediction", + "datasource": "datasource", + "evaluation": "evaluation", + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DeleteTags.html" + }, + "DescribeBatchPredictions": { + "privilege": "DescribeBatchPredictions", + "description": "Returns a list of BatchPrediction operations that match the search criteria in the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeBatchPredictions.html" + }, + "DescribeDataSources": { + "privilege": "DescribeDataSources", + "description": "Returns a list of DataSource that match the search criteria in the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeDataSources.html" + }, + "DescribeEvaluations": { + "privilege": "DescribeEvaluations", + "description": "Returns a list of DescribeEvaluations that match the search criteria in the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeEvaluations.html" + }, + "DescribeMLModels": { + "privilege": "DescribeMLModels", + "description": "Returns a list of MLModel that match the search criteria in the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeMLModels.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Describes one or more of the tags for your Amazon ML object", + "access_level": "List", + "resource_types": { + "batchprediction": { + "resource_type": "batchprediction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasource": { + "resource_type": "datasource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation": { + "resource_type": "evaluation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mlmodel": { + "resource_type": "mlmodel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchprediction": "batchprediction", + "datasource": "datasource", + "evaluation": "evaluation", + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_DescribeTags.html" + }, + "GetBatchPrediction": { + "privilege": "GetBatchPrediction", + "description": "Returns a BatchPrediction that includes detailed metadata, status, and data file information", + "access_level": "Read", + "resource_types": { + "batchprediction": { + "resource_type": "batchprediction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchprediction": "batchprediction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetBatchPrediction.html" + }, + "GetDataSource": { + "privilege": "GetDataSource", + "description": "Returns a DataSource that includes metadata and data file information, as well as the current status of the DataSource", + "access_level": "Read", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetDataSource.html" + }, + "GetEvaluation": { + "privilege": "GetEvaluation", + "description": "Returns an Evaluation that includes metadata as well as the current status of the Evaluation", + "access_level": "Read", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetEvaluation.html" + }, + "GetMLModel": { + "privilege": "GetMLModel", + "description": "Returns an MLModel that includes detailed metadata, and data source information as well as the current status of the MLModel", + "access_level": "Read", + "resource_types": { + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_GetMLModel.html" + }, + "Predict": { + "privilege": "Predict", + "description": "Generates a prediction for the observation using the specified ML Model", + "access_level": "Write", + "resource_types": { + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_Predict.html" + }, + "UpdateBatchPrediction": { + "privilege": "UpdateBatchPrediction", + "description": "Updates the BatchPredictionName of a BatchPrediction", + "access_level": "Write", + "resource_types": { + "batchprediction": { + "resource_type": "batchprediction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchprediction": "batchprediction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateBatchPrediction.html" + }, + "UpdateDataSource": { + "privilege": "UpdateDataSource", + "description": "Updates the DataSourceName of a DataSource", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateDataSource.html" + }, + "UpdateEvaluation": { + "privilege": "UpdateEvaluation", + "description": "Updates the EvaluationName of an Evaluation", + "access_level": "Write", + "resource_types": { + "evaluation": { + "resource_type": "evaluation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation": "evaluation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateEvaluation.html" + }, + "UpdateMLModel": { + "privilege": "UpdateMLModel", + "description": "Updates the MLModelName and the ScoreThreshold of an MLModel", + "access_level": "Write", + "resource_types": { + "mlmodel": { + "resource_type": "mlmodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mlmodel": "mlmodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/machine-learning/latest/APIReference/API_UpdateMLModel.html" + } + }, + "privileges_lower_name": { + "addtags": "AddTags", + "createbatchprediction": "CreateBatchPrediction", + "createdatasourcefromrds": "CreateDataSourceFromRDS", + "createdatasourcefromredshift": "CreateDataSourceFromRedshift", + "createdatasourcefroms3": "CreateDataSourceFromS3", + "createevaluation": "CreateEvaluation", + "createmlmodel": "CreateMLModel", + "createrealtimeendpoint": "CreateRealtimeEndpoint", + "deletebatchprediction": "DeleteBatchPrediction", + "deletedatasource": "DeleteDataSource", + "deleteevaluation": "DeleteEvaluation", + "deletemlmodel": "DeleteMLModel", + "deleterealtimeendpoint": "DeleteRealtimeEndpoint", + "deletetags": "DeleteTags", + "describebatchpredictions": "DescribeBatchPredictions", + "describedatasources": "DescribeDataSources", + "describeevaluations": "DescribeEvaluations", + "describemlmodels": "DescribeMLModels", + "describetags": "DescribeTags", + "getbatchprediction": "GetBatchPrediction", + "getdatasource": "GetDataSource", + "getevaluation": "GetEvaluation", + "getmlmodel": "GetMLModel", + "predict": "Predict", + "updatebatchprediction": "UpdateBatchPrediction", + "updatedatasource": "UpdateDataSource", + "updateevaluation": "UpdateEvaluation", + "updatemlmodel": "UpdateMLModel" + }, + "resources": { + "batchprediction": { + "resource": "batchprediction", + "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:batchprediction/${BatchPredictionId}", + "condition_keys": [] + }, + "datasource": { + "resource": "datasource", + "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:datasource/${DatasourceId}", + "condition_keys": [] + }, + "evaluation": { + "resource": "evaluation", + "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:evaluation/${EvaluationId}", + "condition_keys": [] + }, + "mlmodel": { + "resource": "mlmodel", + "arn": "arn:${Partition}:machinelearning:${Region}:${Account}:mlmodel/${MlModelId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "batchprediction": "batchprediction", + "datasource": "datasource", + "evaluation": "evaluation", + "mlmodel": "mlmodel" + }, + "conditions": {} + }, + "macie2": { + "service_name": "Amazon Macie", + "prefix": "macie2", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacie.html", + "privileges": { + "AcceptInvitation": { + "privilege": "AcceptInvitation", + "description": "Grants permission to accept an Amazon Macie membership invitation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-accept.html" + }, + "BatchGetCustomDataIdentifiers": { + "privilege": "BatchGetCustomDataIdentifiers", + "description": "Grants permission to retrieve information about one or more custom data identifiers", + "access_level": "Read", + "resource_types": { + "CustomDataIdentifier": { + "resource_type": "CustomDataIdentifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customdataidentifier": "CustomDataIdentifier" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-get.html" + }, + "CreateAllowList": { + "privilege": "CreateAllowList", + "description": "Grants permission to create and define the settings for an allow list", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html" + }, + "CreateClassificationJob": { + "privilege": "CreateClassificationJob", + "description": "Grants permission to create and define the settings for a sensitive data discovery job", + "access_level": "Write", + "resource_types": { + "ClassificationJob": { + "resource_type": "ClassificationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "classificationjob": "ClassificationJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html" + }, + "CreateCustomDataIdentifier": { + "privilege": "CreateCustomDataIdentifier", + "description": "Grants permission to create and define the settings for a custom data identifier", + "access_level": "Write", + "resource_types": { + "CustomDataIdentifier": { + "resource_type": "CustomDataIdentifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customdataidentifier": "CustomDataIdentifier", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers.html" + }, + "CreateFindingsFilter": { + "privilege": "CreateFindingsFilter", + "description": "Grants permission to create and define the settings for a findings filter", + "access_level": "Write", + "resource_types": { + "FindingsFilter": { + "resource_type": "FindingsFilter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "findingsfilter": "FindingsFilter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html" + }, + "CreateInvitations": { + "privilege": "CreateInvitations", + "description": "Grants permission to send an Amazon Macie membership invitation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html" + }, + "CreateMember": { + "privilege": "CreateMember", + "description": "Grants permission to associate an account with an Amazon Macie administrator account", + "access_level": "Write", + "resource_types": { + "Member": { + "resource_type": "Member", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "Member", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members.html" + }, + "CreateSampleFindings": { + "privilege": "CreateSampleFindings", + "description": "Grants permission to create sample findings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-sample.html" + }, + "DeclineInvitations": { + "privilege": "DeclineInvitations", + "description": "Grants permission to decline Amazon Macie membership invitations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-decline.html" + }, + "DeleteAllowList": { + "privilege": "DeleteAllowList", + "description": "Grants permission to delete an allow list", + "access_level": "Write", + "resource_types": { + "AllowList": { + "resource_type": "AllowList", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allowlist": "AllowList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html" + }, + "DeleteCustomDataIdentifier": { + "privilege": "DeleteCustomDataIdentifier", + "description": "Grants permission to delete a custom data identifier", + "access_level": "Write", + "resource_types": { + "CustomDataIdentifier": { + "resource_type": "CustomDataIdentifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customdataidentifier": "CustomDataIdentifier" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html" + }, + "DeleteFindingsFilter": { + "privilege": "DeleteFindingsFilter", + "description": "Grants permission to delete a findings filter", + "access_level": "Write", + "resource_types": { + "FindingsFilter": { + "resource_type": "FindingsFilter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "findingsfilter": "FindingsFilter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html" + }, + "DeleteInvitations": { + "privilege": "DeleteInvitations", + "description": "Grants permission to delete Amazon Macie membership invitations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-delete.html" + }, + "DeleteMember": { + "privilege": "DeleteMember", + "description": "Grants permission to delete the association between an Amazon Macie administrator account and an account", + "access_level": "Write", + "resource_types": { + "Member": { + "resource_type": "Member", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "Member" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html" + }, + "DescribeBuckets": { + "privilege": "DescribeBuckets", + "description": "Grants permission to retrieve statistical data and other information about S3 buckets that Amazon Macie monitors and analyzes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3.html" + }, + "DescribeClassificationJob": { + "privilege": "DescribeClassificationJob", + "description": "Grants permission to retrieve information about the status and settings for a sensitive data discovery job", + "access_level": "Read", + "resource_types": { + "ClassificationJob": { + "resource_type": "ClassificationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "classificationjob": "ClassificationJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html" + }, + "DescribeOrganizationConfiguration": { + "privilege": "DescribeOrganizationConfiguration", + "description": "Grants permission to retrieve information about the Amazon Macie configuration settings for an AWS organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html" + }, + "DisableMacie": { + "privilege": "DisableMacie", + "description": "Grants permission to disable an Amazon Macie account, which also deletes Macie resources for the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" + }, + "DisableOrganizationAdminAccount": { + "privilege": "DisableOrganizationAdminAccount", + "description": "Grants permission to disable an account as the delegated Amazon Macie administrator account for an AWS organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin.html" + }, + "DisassociateFromAdministratorAccount": { + "privilege": "DisassociateFromAdministratorAccount", + "description": "Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/administrator-disassociate.html" + }, + "DisassociateFromMasterAccount": { + "privilege": "DisassociateFromMasterAccount", + "description": "Grants permission to an Amazon Macie member account to disassociate from its Macie administrator account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/master-disassociate.html" + }, + "DisassociateMember": { + "privilege": "DisassociateMember", + "description": "Grants permission to an Amazon Macie administrator account to disassociate from a Macie member account", + "access_level": "Write", + "resource_types": { + "Member": { + "resource_type": "Member", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "Member" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members-disassociate-id.html" + }, + "EnableMacie": { + "privilege": "EnableMacie", + "description": "Grants permission to enable and specify the configuration settings for a new Amazon Macie account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" + }, + "EnableOrganizationAdminAccount": { + "privilege": "EnableOrganizationAdminAccount", + "description": "Grants permission to enable an account as the delegated Amazon Macie administrator account for an AWS organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin.html" + }, + "GetAdministratorAccount": { + "privilege": "GetAdministratorAccount", + "description": "Grants permission to retrieve information about the Amazon Macie administrator account for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/administrator.html" + }, + "GetAllowList": { + "privilege": "GetAllowList", + "description": "Grants permission to retrieve the settings and status of an allow list", + "access_level": "Read", + "resource_types": { + "AllowList": { + "resource_type": "AllowList", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allowlist": "AllowList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html" + }, + "GetAutomatedDiscoveryConfiguration": { + "privilege": "GetAutomatedDiscoveryConfiguration", + "description": "Grants permission to retrieve the configuration settings and status of automated sensitive data discovery for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html" + }, + "GetBucketStatistics": { + "privilege": "GetBucketStatistics", + "description": "Grants permission to retrieve aggregated statistical data for all the S3 buckets that Amazon Macie monitors and analyzes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/datasources-s3-statistics.html" + }, + "GetClassificationExportConfiguration": { + "privilege": "GetClassificationExportConfiguration", + "description": "Grants permission to retrieve the settings for exporting sensitive data discovery results", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html" + }, + "GetClassificationScope": { + "privilege": "GetClassificationScope", + "description": "Grants permission to retrieve the classification scope settings for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html" + }, + "GetCustomDataIdentifier": { + "privilege": "GetCustomDataIdentifier", + "description": "Grants permission to retrieve information about the settings for a custom data identifier", + "access_level": "Read", + "resource_types": { + "CustomDataIdentifier": { + "resource_type": "CustomDataIdentifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customdataidentifier": "CustomDataIdentifier" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html" + }, + "GetFindingStatistics": { + "privilege": "GetFindingStatistics", + "description": "Grants permission to retrieve aggregated statistical data about findings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-statistics.html" + }, + "GetFindings": { + "privilege": "GetFindings", + "description": "Grants permission to retrieve the details of one or more findings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-describe.html" + }, + "GetFindingsFilter": { + "privilege": "GetFindingsFilter", + "description": "Grants permission to retrieve information about the settings for a findings filter", + "access_level": "Read", + "resource_types": { + "FindingsFilter": { + "resource_type": "FindingsFilter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "findingsfilter": "FindingsFilter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html" + }, + "GetFindingsPublicationConfiguration": { + "privilege": "GetFindingsPublicationConfiguration", + "description": "Grants permission to retrieve the configuration settings for publishing findings to AWS Security Hub", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html" + }, + "GetInvitationsCount": { + "privilege": "GetInvitationsCount", + "description": "Grants permission to retrieve the count of Amazon Macie membership invitations that were received by an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations-count.html" + }, + "GetMacieSession": { + "privilege": "GetMacieSession", + "description": "Grants permission to retrieve information about the status and configuration settings for an Amazon Macie account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" + }, + "GetMasterAccount": { + "privilege": "GetMasterAccount", + "description": "Grants permission to retrieve information about the Amazon Macie administrator account for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/master.html" + }, + "GetMember": { + "privilege": "GetMember", + "description": "Grants permission to retrieve information about an account that's associated with an Amazon Macie administrator account", + "access_level": "Read", + "resource_types": { + "Member": { + "resource_type": "Member", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "Member" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html" + }, + "GetResourceProfile": { + "privilege": "GetResourceProfile", + "description": "Grants permission to retrieve sensitive data discovery statistics and the sensitivity score for an S3 bucket", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html" + }, + "GetRevealConfiguration": { + "privilege": "GetRevealConfiguration", + "description": "Grants permission to retrieve the status and configuration settings for retrieving occurrences of sensitive data reported by findings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html" + }, + "GetSensitiveDataOccurrences": { + "privilege": "GetSensitiveDataOccurrences", + "description": "Grants permission to retrieve occurrences of sensitive data reported by a finding", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal.html" + }, + "GetSensitiveDataOccurrencesAvailability": { + "privilege": "GetSensitiveDataOccurrencesAvailability", + "description": "Grants permission to check whether occurrences of sensitive data can be retrieved for a finding", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-findingid-reveal-availability.html" + }, + "GetSensitivityInspectionTemplate": { + "privilege": "GetSensitivityInspectionTemplate", + "description": "Grants permission to retrieve the sensitivity inspection template settings for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html" + }, + "GetUsageStatistics": { + "privilege": "GetUsageStatistics", + "description": "Grants permission to retrieve quotas and aggregated usage data for one or more accounts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/usage-statistics.html" + }, + "GetUsageTotals": { + "privilege": "GetUsageTotals", + "description": "Grants permission to retrieve aggregated usage data for an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/usage.html" + }, + "ListAllowLists": { + "privilege": "ListAllowLists", + "description": "Grants permission to retrieve a subset of information about all the allow lists for an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists.html" + }, + "ListClassificationJobs": { + "privilege": "ListClassificationJobs", + "description": "Grants permission to retrieve a subset of information about the status and settings for one or more sensitive data discovery jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs-list.html" + }, + "ListClassificationScopes": { + "privilege": "ListClassificationScopes", + "description": "Grants permission to retrieve a subset of information about the classification scope for an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes.html" + }, + "ListCustomDataIdentifiers": { + "privilege": "ListCustomDataIdentifiers", + "description": "Grants permission to retrieve information about all custom data identifiers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-list.html" + }, + "ListFindings": { + "privilege": "ListFindings", + "description": "Grants permission to retrieve a subset of information about one or more findings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings.html" + }, + "ListFindingsFilters": { + "privilege": "ListFindingsFilters", + "description": "Grants permission to retrieve information about all findings filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters.html" + }, + "ListInvitations": { + "privilege": "ListInvitations", + "description": "Grants permission to retrieve information about all the Amazon Macie membership invitations that were received by an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/invitations.html" + }, + "ListManagedDataIdentifiers": { + "privilege": "ListManagedDataIdentifiers", + "description": "Grants permission to retrieve information about managed data identifiers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/managed-data-identifiers-list.html" + }, + "ListMembers": { + "privilege": "ListMembers", + "description": "Grants permission to retrieve information about the Amazon Macie member accounts that are associated with a Macie administrator account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/members.html" + }, + "ListOrganizationAdminAccounts": { + "privilege": "ListOrganizationAdminAccounts", + "description": "Grants permission to retrieve information about the delegated, Amazon Macie administrator account for an AWS organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin.html" + }, + "ListResourceProfileArtifacts": { + "privilege": "ListResourceProfileArtifacts", + "description": "Grants permission to retrieve information about objects that were selected from an S3 bucket for automated sensitive data discovery", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-artifacts.html" + }, + "ListResourceProfileDetections": { + "privilege": "ListResourceProfileDetections", + "description": "Grants permission to retrieve information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html" + }, + "ListSensitivityInspectionTemplates": { + "privilege": "ListSensitivityInspectionTemplates", + "description": "Grants permission to retrieve a subset of information about the sensitivity inspection template for an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve the tags for an Amazon Macie resource", + "access_level": "Read", + "resource_types": { + "AllowList": { + "resource_type": "AllowList", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ClassificationJob": { + "resource_type": "ClassificationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "CustomDataIdentifier": { + "resource_type": "CustomDataIdentifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FindingsFilter": { + "resource_type": "FindingsFilter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Member": { + "resource_type": "Member", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allowlist": "AllowList", + "classificationjob": "ClassificationJob", + "customdataidentifier": "CustomDataIdentifier", + "findingsfilter": "FindingsFilter", + "member": "Member" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html" + }, + "PutClassificationExportConfiguration": { + "privilege": "PutClassificationExportConfiguration", + "description": "Grants permission to create or update the settings for storing sensitive data discovery results", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html" + }, + "PutFindingsPublicationConfiguration": { + "privilege": "PutFindingsPublicationConfiguration", + "description": "Grants permission to update the configuration settings for publishing findings to AWS Security Hub", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findings-publication-configuration.html" + }, + "SearchResources": { + "privilege": "SearchResources", + "description": "Grants permission to retrieve statistical data and other information about AWS resources that Amazon Macie monitors and analyzes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/datasources-search-resources.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update the tags for an Amazon Macie resource", + "access_level": "Tagging", + "resource_types": { + "AllowList": { + "resource_type": "AllowList", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ClassificationJob": { + "resource_type": "ClassificationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "CustomDataIdentifier": { + "resource_type": "CustomDataIdentifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FindingsFilter": { + "resource_type": "FindingsFilter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Member": { + "resource_type": "Member", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allowlist": "AllowList", + "classificationjob": "ClassificationJob", + "customdataidentifier": "CustomDataIdentifier", + "findingsfilter": "FindingsFilter", + "member": "Member", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html" + }, + "TestCustomDataIdentifier": { + "privilege": "TestCustomDataIdentifier", + "description": "Grants permission to test a custom data identifier", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-test.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from an Amazon Macie resource", + "access_level": "Tagging", + "resource_types": { + "AllowList": { + "resource_type": "AllowList", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ClassificationJob": { + "resource_type": "ClassificationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "CustomDataIdentifier": { + "resource_type": "CustomDataIdentifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FindingsFilter": { + "resource_type": "FindingsFilter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Member": { + "resource_type": "Member", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allowlist": "AllowList", + "classificationjob": "ClassificationJob", + "customdataidentifier": "CustomDataIdentifier", + "findingsfilter": "FindingsFilter", + "member": "Member", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/tags-resourcearn.html" + }, + "UpdateAllowList": { + "privilege": "UpdateAllowList", + "description": "Grants permission to update the settings for an allow list", + "access_level": "Write", + "resource_types": { + "AllowList": { + "resource_type": "AllowList", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allowlist": "AllowList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/allow-lists-id.html" + }, + "UpdateAutomatedDiscoveryConfiguration": { + "privilege": "UpdateAutomatedDiscoveryConfiguration", + "description": "Grants permission to enable or disable automated sensitive data discovery for an account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/automated-discovery-configuration.html" + }, + "UpdateClassificationJob": { + "privilege": "UpdateClassificationJob", + "description": "Grants permission to change the status of a sensitive data discovery job", + "access_level": "Write", + "resource_types": { + "ClassificationJob": { + "resource_type": "ClassificationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "classificationjob": "ClassificationJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/jobs-jobid.html" + }, + "UpdateClassificationScope": { + "privilege": "UpdateClassificationScope", + "description": "Grants permission to update the classification scope settings for an account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/classification-scopes-id.html" + }, + "UpdateFindingsFilter": { + "privilege": "UpdateFindingsFilter", + "description": "Grants permission to update the settings for a findings filter", + "access_level": "Write", + "resource_types": { + "FindingsFilter": { + "resource_type": "FindingsFilter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "findingsfilter": "FindingsFilter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html" + }, + "UpdateMacieSession": { + "privilege": "UpdateMacieSession", + "description": "Grants permission to suspend or re-enable an Amazon Macie account, or update the configuration settings for a Macie account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie.html" + }, + "UpdateMemberSession": { + "privilege": "UpdateMemberSession", + "description": "Grants permission to an Amazon Macie administrator account to suspend or re-enable a Macie member account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/macie-members-id.html" + }, + "UpdateOrganizationConfiguration": { + "privilege": "UpdateOrganizationConfiguration", + "description": "Grants permission to update Amazon Macie configuration settings for an AWS organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/admin-configuration.html" + }, + "UpdateResourceProfile": { + "privilege": "UpdateResourceProfile", + "description": "Grants permission to update the sensitivity score for an S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles.html" + }, + "UpdateResourceProfileDetections": { + "privilege": "UpdateResourceProfileDetections", + "description": "Grants permission to update the sensitivity scoring settings for an S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/resource-profiles-detections.html" + }, + "UpdateRevealConfiguration": { + "privilege": "UpdateRevealConfiguration", + "description": "Grants permission to update the status and configuration settings for retrieving occurrences of sensitive data reported by findings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/reveal-configuration.html" + }, + "UpdateSensitivityInspectionTemplate": { + "privilege": "UpdateSensitivityInspectionTemplate", + "description": "Grants permission to update the sensitivity inspection template settings for an account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/latest/APIReference/templates-sensitivity-inspections-id.html" + } + }, + "privileges_lower_name": { + "acceptinvitation": "AcceptInvitation", + "batchgetcustomdataidentifiers": "BatchGetCustomDataIdentifiers", + "createallowlist": "CreateAllowList", + "createclassificationjob": "CreateClassificationJob", + "createcustomdataidentifier": "CreateCustomDataIdentifier", + "createfindingsfilter": "CreateFindingsFilter", + "createinvitations": "CreateInvitations", + "createmember": "CreateMember", + "createsamplefindings": "CreateSampleFindings", + "declineinvitations": "DeclineInvitations", + "deleteallowlist": "DeleteAllowList", + "deletecustomdataidentifier": "DeleteCustomDataIdentifier", + "deletefindingsfilter": "DeleteFindingsFilter", + "deleteinvitations": "DeleteInvitations", + "deletemember": "DeleteMember", + "describebuckets": "DescribeBuckets", + "describeclassificationjob": "DescribeClassificationJob", + "describeorganizationconfiguration": "DescribeOrganizationConfiguration", + "disablemacie": "DisableMacie", + "disableorganizationadminaccount": "DisableOrganizationAdminAccount", + "disassociatefromadministratoraccount": "DisassociateFromAdministratorAccount", + "disassociatefrommasteraccount": "DisassociateFromMasterAccount", + "disassociatemember": "DisassociateMember", + "enablemacie": "EnableMacie", + "enableorganizationadminaccount": "EnableOrganizationAdminAccount", + "getadministratoraccount": "GetAdministratorAccount", + "getallowlist": "GetAllowList", + "getautomateddiscoveryconfiguration": "GetAutomatedDiscoveryConfiguration", + "getbucketstatistics": "GetBucketStatistics", + "getclassificationexportconfiguration": "GetClassificationExportConfiguration", + "getclassificationscope": "GetClassificationScope", + "getcustomdataidentifier": "GetCustomDataIdentifier", + "getfindingstatistics": "GetFindingStatistics", + "getfindings": "GetFindings", + "getfindingsfilter": "GetFindingsFilter", + "getfindingspublicationconfiguration": "GetFindingsPublicationConfiguration", + "getinvitationscount": "GetInvitationsCount", + "getmaciesession": "GetMacieSession", + "getmasteraccount": "GetMasterAccount", + "getmember": "GetMember", + "getresourceprofile": "GetResourceProfile", + "getrevealconfiguration": "GetRevealConfiguration", + "getsensitivedataoccurrences": "GetSensitiveDataOccurrences", + "getsensitivedataoccurrencesavailability": "GetSensitiveDataOccurrencesAvailability", + "getsensitivityinspectiontemplate": "GetSensitivityInspectionTemplate", + "getusagestatistics": "GetUsageStatistics", + "getusagetotals": "GetUsageTotals", + "listallowlists": "ListAllowLists", + "listclassificationjobs": "ListClassificationJobs", + "listclassificationscopes": "ListClassificationScopes", + "listcustomdataidentifiers": "ListCustomDataIdentifiers", + "listfindings": "ListFindings", + "listfindingsfilters": "ListFindingsFilters", + "listinvitations": "ListInvitations", + "listmanageddataidentifiers": "ListManagedDataIdentifiers", + "listmembers": "ListMembers", + "listorganizationadminaccounts": "ListOrganizationAdminAccounts", + "listresourceprofileartifacts": "ListResourceProfileArtifacts", + "listresourceprofiledetections": "ListResourceProfileDetections", + "listsensitivityinspectiontemplates": "ListSensitivityInspectionTemplates", + "listtagsforresource": "ListTagsForResource", + "putclassificationexportconfiguration": "PutClassificationExportConfiguration", + "putfindingspublicationconfiguration": "PutFindingsPublicationConfiguration", + "searchresources": "SearchResources", + "tagresource": "TagResource", + "testcustomdataidentifier": "TestCustomDataIdentifier", + "untagresource": "UntagResource", + "updateallowlist": "UpdateAllowList", + "updateautomateddiscoveryconfiguration": "UpdateAutomatedDiscoveryConfiguration", + "updateclassificationjob": "UpdateClassificationJob", + "updateclassificationscope": "UpdateClassificationScope", + "updatefindingsfilter": "UpdateFindingsFilter", + "updatemaciesession": "UpdateMacieSession", + "updatemembersession": "UpdateMemberSession", + "updateorganizationconfiguration": "UpdateOrganizationConfiguration", + "updateresourceprofile": "UpdateResourceProfile", + "updateresourceprofiledetections": "UpdateResourceProfileDetections", + "updaterevealconfiguration": "UpdateRevealConfiguration", + "updatesensitivityinspectiontemplate": "UpdateSensitivityInspectionTemplate" + }, + "resources": { + "AllowList": { + "resource": "AllowList", + "arn": "arn:${Partition}:macie2:${Region}:${Account}:allow-list/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ClassificationJob": { + "resource": "ClassificationJob", + "arn": "arn:${Partition}:macie2:${Region}:${Account}:classification-job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "CustomDataIdentifier": { + "resource": "CustomDataIdentifier", + "arn": "arn:${Partition}:macie2:${Region}:${Account}:custom-data-identifier/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "FindingsFilter": { + "resource": "FindingsFilter", + "arn": "arn:${Partition}:macie2:${Region}:${Account}:findings-filter/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Member": { + "resource": "Member", + "arn": "arn:${Partition}:macie2:${Region}:${Account}:member/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "allowlist": "AllowList", + "classificationjob": "ClassificationJob", + "customdataidentifier": "CustomDataIdentifier", + "findingsfilter": "FindingsFilter", + "member": "Member" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "macie": { + "service_name": "Amazon Macie Classic", + "prefix": "macie", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmacieclassic.html", + "privileges": { + "AssociateMemberAccount": { + "privilege": "AssociateMemberAccount", + "description": "Enables the user to associate a specified AWS account with Amazon Macie as a member account.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_AssociateMemberAccount.html" + }, + "AssociateS3Resources": { + "privilege": "AssociateS3Resources", + "description": "Enables the user to associate specified S3 resources with Amazon Macie for monitoring and data classification.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:SourceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_AssociateS3Resources.html" + }, + "DisassociateMemberAccount": { + "privilege": "DisassociateMemberAccount", + "description": "Enables the user to remove the specified member account from Amazon Macie.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_DisassociateMemberAccount.html" + }, + "DisassociateS3Resources": { + "privilege": "DisassociateS3Resources", + "description": "Enables the user to remove specified S3 resources from being monitored by Amazon Macie.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:SourceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_DisassociateS3Resources.html" + }, + "ListMemberAccounts": { + "privilege": "ListMemberAccounts", + "description": "Enables the user to list all Amazon Macie member accounts for the current Macie master account.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_ListMemberAccounts.html" + }, + "ListS3Resources": { + "privilege": "ListS3Resources", + "description": "Enables the user to list all the S3 resources associated with Amazon Macie.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_ListS3Resources.html" + }, + "UpdateS3Resources": { + "privilege": "UpdateS3Resources", + "description": "Enables the user to update the classification types for the specified S3 resources.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:SourceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/macie/1.0/APIReference/API_UpdateS3Resources.html" + } + }, + "privileges_lower_name": { + "associatememberaccount": "AssociateMemberAccount", + "associates3resources": "AssociateS3Resources", + "disassociatememberaccount": "DisassociateMemberAccount", + "disassociates3resources": "DisassociateS3Resources", + "listmemberaccounts": "ListMemberAccounts", + "lists3resources": "ListS3Resources", + "updates3resources": "UpdateS3Resources" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": { + "aws:SourceArn": { + "condition": "aws:SourceArn", + "description": "Allow access to the specified actions only when the request operates on the specified aws resource", + "type": "Arn" + } + } + }, + "managedblockchain": { + "service_name": "Amazon Managed Blockchain", + "prefix": "managedblockchain", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedblockchain.html", + "privileges": { + "CreateAccessor": { + "privilege": "CreateAccessor", + "description": "Grants permission to create an Amazon Managed Blockchain accessor", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateAccessor.html" + }, + "CreateMember": { + "privilege": "CreateMember", + "description": "Grants permission to create a member of an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateMember.html" + }, + "CreateNetwork": { + "privilege": "CreateNetwork", + "description": "Grants permission to create an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateNetwork.html" + }, + "CreateNode": { + "privilege": "CreateNode", + "description": "Grants permission to create a node within a member of an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "member": { + "resource_type": "member", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "network": { + "resource_type": "network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "member", + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateNode.html" + }, + "CreateProposal": { + "privilege": "CreateProposal", + "description": "Grants permission to create a proposal that other blockchain network members can vote on to add or remove a member in an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_CreateProposal.html" + }, + "DeleteAccessor": { + "privilege": "DeleteAccessor", + "description": "Grants permission to delete an Amazon Managed Blockchain accessor", + "access_level": "Write", + "resource_types": { + "accessor": { + "resource_type": "accessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accessor": "accessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_DeleteAccessor.html" + }, + "DeleteMember": { + "privilege": "DeleteMember", + "description": "Grants permission to delete a member and all associated resources from an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "member": { + "resource_type": "member", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "member" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_DeleteMember.html" + }, + "DeleteNode": { + "privilege": "DeleteNode", + "description": "Grants permission to delete a node from a member of an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "node": { + "resource_type": "node", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "node": "node" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_DeleteNode.html" + }, + "GET": { + "privilege": "GET", + "description": "Grants permission to send HTTP GET requests to an Ethereum node", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/security_iam_id-based-policy-examples.html" + }, + "GetAccessor": { + "privilege": "GetAccessor", + "description": "Grants permission to return detailed information about an Amazon Managed Blockchain accessor", + "access_level": "Read", + "resource_types": { + "accessor": { + "resource_type": "accessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accessor": "accessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetAccessor.html" + }, + "GetMember": { + "privilege": "GetMember", + "description": "Grants permission to return detailed information about a member of an Amazon Managed Blockchain network", + "access_level": "Read", + "resource_types": { + "member": { + "resource_type": "member", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "member" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetMember.html" + }, + "GetNetwork": { + "privilege": "GetNetwork", + "description": "Grants permission to return detailed information about an Amazon Managed Blockchain network", + "access_level": "Read", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetNetwork.html" + }, + "GetNode": { + "privilege": "GetNode", + "description": "Grants permission to return detailed information about a node within a member of an Amazon Managed Blockchain network", + "access_level": "Read", + "resource_types": { + "node": { + "resource_type": "node", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "node": "node" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetNode.html" + }, + "GetProposal": { + "privilege": "GetProposal", + "description": "Grants permission to return detailed information about a proposal of an Amazon Managed Blockchain network", + "access_level": "Read", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_GetProposal.html" + }, + "Invoke": { + "privilege": "Invoke", + "description": "Grants permission to create WebSocket connections to an Ethereum node", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/security_iam_id-based-policy-examples.html" + }, + "InvokeRpcBitcoinMainnet": { + "privilege": "InvokeRpcBitcoinMainnet", + "description": "Grants permission to invoke the Bitcoin Mainnet RPCs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ambbtc-dg/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-access-bitcoin-networks" + }, + "InvokeRpcBitcoinTestnet": { + "privilege": "InvokeRpcBitcoinTestnet", + "description": "Grants permission to invoke the Bitcoin Testnet RPCs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ambbtc-dg/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-access-bitcoin-networks" + }, + "ListAccessors": { + "privilege": "ListAccessors", + "description": "Grants permission to list the Amazon Managed Blockchain accessors owned by the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListAccessors.html" + }, + "ListInvitations": { + "privilege": "ListInvitations", + "description": "Grants permission to list the invitations extended to the active AWS account from any Managed Blockchain network", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListInvitations.html" + }, + "ListMembers": { + "privilege": "ListMembers", + "description": "Grants permission to list the members of an Amazon Managed Blockchain network and the properties of their memberships", + "access_level": "List", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListMembers.html" + }, + "ListNetworks": { + "privilege": "ListNetworks", + "description": "Grants permission to list the Amazon Managed Blockchain networks in which the current AWS account participates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListNetworks.html" + }, + "ListNodes": { + "privilege": "ListNodes", + "description": "Grants permission to list the nodes within a member of an Amazon Managed Blockchain network", + "access_level": "List", + "resource_types": { + "member": { + "resource_type": "member", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network": { + "resource_type": "network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "member": "member", + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListNodes.html" + }, + "ListProposalVotes": { + "privilege": "ListProposalVotes", + "description": "Grants permission to list all votes for a proposal, including the value of the vote and the unique identifier of the member that cast the vote for the given Amazon Managed Blockchain network", + "access_level": "Read", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListProposalVotes.html" + }, + "ListProposals": { + "privilege": "ListProposals", + "description": "Grants permission to list proposals for the given Amazon Managed Blockchain network", + "access_level": "List", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListProposals.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to view tags associated with an Amazon Managed Blockchain resource", + "access_level": "Read", + "resource_types": { + "accessor": { + "resource_type": "accessor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "invitation": { + "resource_type": "invitation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "member": { + "resource_type": "member", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network": { + "resource_type": "network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "node": { + "resource_type": "node", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proposal": { + "resource_type": "proposal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accessor": "accessor", + "invitation": "invitation", + "member": "member", + "network": "network", + "node": "node", + "proposal": "proposal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_ListTagsForResource.html" + }, + "POST": { + "privilege": "POST", + "description": "Grants permission to send HTTP POST requests to an Ethereum node", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/security_iam_id-based-policy-examples.html" + }, + "RejectInvitation": { + "privilege": "RejectInvitation", + "description": "Grants permission to reject the invitation to join the blockchain network", + "access_level": "Write", + "resource_types": { + "invitation": { + "resource_type": "invitation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "invitation": "invitation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_RejectInvitation.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to an Amazon Managed Blockchain resource", + "access_level": "Tagging", + "resource_types": { + "accessor": { + "resource_type": "accessor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "invitation": { + "resource_type": "invitation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "member": { + "resource_type": "member", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network": { + "resource_type": "network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "node": { + "resource_type": "node", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proposal": { + "resource_type": "proposal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accessor": "accessor", + "invitation": "invitation", + "member": "member", + "network": "network", + "node": "node", + "proposal": "proposal", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from an Amazon Managed Blockchain resource", + "access_level": "Tagging", + "resource_types": { + "accessor": { + "resource_type": "accessor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "invitation": { + "resource_type": "invitation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "member": { + "resource_type": "member", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network": { + "resource_type": "network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "node": { + "resource_type": "node", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proposal": { + "resource_type": "proposal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accessor": "accessor", + "invitation": "invitation", + "member": "member", + "network": "network", + "node": "node", + "proposal": "proposal", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_UntagResource.html" + }, + "UpdateMember": { + "privilege": "UpdateMember", + "description": "Grants permission to update a member of an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "member": { + "resource_type": "member", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "member": "member" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_UpdateMember.html" + }, + "UpdateNode": { + "privilege": "UpdateNode", + "description": "Grants permission to update a node from a member of an Amazon Managed Blockchain network", + "access_level": "Write", + "resource_types": { + "node": { + "resource_type": "node", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "node": "node" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_UpdateNode.html" + }, + "VoteOnProposal": { + "privilege": "VoteOnProposal", + "description": "Grants permission to cast a vote for a proposal on behalf of the blockchain network member specified", + "access_level": "Write", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/managed-blockchain/latest/APIReference/API_VoteOnProposal.html" + } + }, + "privileges_lower_name": { + "createaccessor": "CreateAccessor", + "createmember": "CreateMember", + "createnetwork": "CreateNetwork", + "createnode": "CreateNode", + "createproposal": "CreateProposal", + "deleteaccessor": "DeleteAccessor", + "deletemember": "DeleteMember", + "deletenode": "DeleteNode", + "get": "GET", + "getaccessor": "GetAccessor", + "getmember": "GetMember", + "getnetwork": "GetNetwork", + "getnode": "GetNode", + "getproposal": "GetProposal", + "invoke": "Invoke", + "invokerpcbitcoinmainnet": "InvokeRpcBitcoinMainnet", + "invokerpcbitcointestnet": "InvokeRpcBitcoinTestnet", + "listaccessors": "ListAccessors", + "listinvitations": "ListInvitations", + "listmembers": "ListMembers", + "listnetworks": "ListNetworks", + "listnodes": "ListNodes", + "listproposalvotes": "ListProposalVotes", + "listproposals": "ListProposals", + "listtagsforresource": "ListTagsForResource", + "post": "POST", + "rejectinvitation": "RejectInvitation", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatemember": "UpdateMember", + "updatenode": "UpdateNode", + "voteonproposal": "VoteOnProposal" + }, + "resources": { + "network": { + "resource": "network", + "arn": "arn:${Partition}:managedblockchain:${Region}::networks/${NetworkId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "member": { + "resource": "member", + "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:members/${MemberId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "node": { + "resource": "node", + "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:nodes/${NodeId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "proposal": { + "resource": "proposal", + "arn": "arn:${Partition}:managedblockchain:${Region}::proposals/${ProposalId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "invitation": { + "resource": "invitation", + "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:invitations/${InvitationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "accessor": { + "resource": "accessor", + "arn": "arn:${Partition}:managedblockchain:${Region}:${Account}:accessors/${AccessorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "network": "network", + "member": "member", + "node": "node", + "proposal": "proposal", + "invitation": "invitation", + "accessor": "accessor" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with an Amazon Managed Blockchain resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "managedblockchain-query": { + "service_name": "Amazon Managed Blockchain Query", + "prefix": "managedblockchain-query", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedblockchainquery.html", + "privileges": { + "BatchGetTokenBalance": { + "privilege": "BatchGetTokenBalance", + "description": "Grants permission to batch calls for GetTokenBalance API", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}API_BatchGetTokenBalance.html" + }, + "GetTokenBalance": { + "privilege": "GetTokenBalance", + "description": "Grants permission to retrieve balance of a token for an address on the blockchain", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}API_GetTokenBalance.html" + }, + "GetTransaction": { + "privilege": "GetTransaction", + "description": "Grants permission to retrieve a transaction on the blockchain", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}API_GetTransaction.html" + }, + "ListTokenBalances": { + "privilege": "ListTokenBalances", + "description": "Grants permission to retrieve multiple balances on the blockchain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}API_ListTokenBalances.html" + }, + "ListTransactionEvents": { + "privilege": "ListTransactionEvents", + "description": "Grants permission to retrieve events in a transaction on the blockchain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}API_ListTransactionEvents.html" + }, + "ListTransactions": { + "privilege": "ListTransactions", + "description": "Grants permission to retrieve a multiple transactions on a blockchain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}API_ListTransactions.html" + } + }, + "privileges_lower_name": { + "batchgettokenbalance": "BatchGetTokenBalance", + "gettokenbalance": "GetTokenBalance", + "gettransaction": "GetTransaction", + "listtokenbalances": "ListTokenBalances", + "listtransactionevents": "ListTransactionEvents", + "listtransactions": "ListTransactions" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "grafana": { + "service_name": "Amazon Managed Grafana", + "prefix": "grafana", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedgrafana.html", + "privileges": { + "AssociateLicense": { + "privilege": "AssociateLicense", + "description": "Grants permission to upgrade a workspace with a license", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "aws-marketplace:ViewSubscriptions" + ] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "CreateWorkspace": { + "privilege": "CreateWorkspace", + "description": "Grants permission to create a workspace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetManagedPrefixListEntries", + "iam:CreateServiceLinkedRole", + "organizations:DescribeOrganization", + "sso:CreateManagedApplicationInstance", + "sso:DescribeRegisteredRegions", + "sso:GetSharedSsoConfiguration" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "CreateWorkspaceApiKey": { + "privilege": "CreateWorkspaceApiKey", + "description": "Grants permission to create API keys for a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "DeleteWorkspace": { + "privilege": "DeleteWorkspace", + "description": "Grants permission to delete a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso:DeleteManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "DeleteWorkspaceApiKey": { + "privilege": "DeleteWorkspaceApiKey", + "description": "Grants permission to delete API keys from a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "DescribeWorkspace": { + "privilege": "DescribeWorkspace", + "description": "Grants permission to describe a workspace", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "DescribeWorkspaceAuthentication": { + "privilege": "DescribeWorkspaceAuthentication", + "description": "Grants permission to describe authentication providers on a workspace", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "DescribeWorkspaceConfiguration": { + "privilege": "DescribeWorkspaceConfiguration", + "description": "Grants permission to describe the current configuration string for the given workspace", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_DescribeWorkspaceConfiguration.html" + }, + "DisassociateLicense": { + "privilege": "DisassociateLicense", + "description": "Grants permission to remove a license from a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "ListPermissions": { + "privilege": "ListPermissions", + "description": "Grants permission to list the permissions on a wokspace", + "access_level": "List", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags associated with a workspace", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListTagsForResource.html" + }, + "ListVersions": { + "privilege": "ListVersions", + "description": "Grants permission to list all available supported Grafana versions. Optionally, include a workspace to list the versions to which it can be upgraded", + "access_level": "List", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html" + }, + "ListWorkspaces": { + "privilege": "ListWorkspaces", + "description": "Grants permission to list workspaces", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to, or update tag values of, a workspace", + "access_level": "Tagging", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a workspace", + "access_level": "Tagging", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_UntagResource.html" + }, + "UpdatePermissions": { + "privilege": "UpdatePermissions", + "description": "Grants permission to modify the permissions on a workspace", + "access_level": "Permissions management", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "UpdateWorkspace": { + "privilege": "UpdateWorkspace", + "description": "Grants permission to modify a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetManagedPrefixListEntries", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "UpdateWorkspaceAuthentication": { + "privilege": "UpdateWorkspaceAuthentication", + "description": "Grants permission to modify authentication providers on a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/userguide/AMG-and-IAM.html" + }, + "UpdateWorkspaceConfiguration": { + "privilege": "UpdateWorkspaceConfiguration", + "description": "Grants permission to update the configuration string for the given workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateWorkspaceConfiguration.html" + } + }, + "privileges_lower_name": { + "associatelicense": "AssociateLicense", + "createworkspace": "CreateWorkspace", + "createworkspaceapikey": "CreateWorkspaceApiKey", + "deleteworkspace": "DeleteWorkspace", + "deleteworkspaceapikey": "DeleteWorkspaceApiKey", + "describeworkspace": "DescribeWorkspace", + "describeworkspaceauthentication": "DescribeWorkspaceAuthentication", + "describeworkspaceconfiguration": "DescribeWorkspaceConfiguration", + "disassociatelicense": "DisassociateLicense", + "listpermissions": "ListPermissions", + "listtagsforresource": "ListTagsForResource", + "listversions": "ListVersions", + "listworkspaces": "ListWorkspaces", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatepermissions": "UpdatePermissions", + "updateworkspace": "UpdateWorkspace", + "updateworkspaceauthentication": "UpdateWorkspaceAuthentication", + "updateworkspaceconfiguration": "UpdateWorkspaceConfiguration" + }, + "resources": { + "workspace": { + "resource": "workspace", + "arn": "arn:${Partition}:grafana:${Region}:${Account}:/workspaces/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "workspace": "workspace" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "aps": { + "service_name": "Amazon Managed Service for Prometheus", + "prefix": "aps", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedserviceforprometheus.html", + "privileges": { + "CreateAlertManagerAlerts": { + "privilege": "CreateAlertManagerAlerts", + "description": "Grants permission to create alerts", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateAlertManagerAlerts" + }, + "CreateAlertManagerDefinition": { + "privilege": "CreateAlertManagerDefinition", + "description": "Grants permission to create an alert manager definition", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateAlertManagerDefinition" + }, + "CreateLoggingConfiguration": { + "privilege": "CreateLoggingConfiguration", + "description": "Grants permission to create a logging configuration", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateLoggingConfiguration" + }, + "CreateRuleGroupsNamespace": { + "privilege": "CreateRuleGroupsNamespace", + "description": "Grants permission to create a rule groups namespace", + "access_level": "Write", + "resource_types": { + "rulegroupsnamespace": { + "resource_type": "rulegroupsnamespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroupsnamespace": "rulegroupsnamespace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateRuleGroupsNamespace" + }, + "CreateWorkspace": { + "privilege": "CreateWorkspace", + "description": "Grants permission to create a workspace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-CreateWorkspace" + }, + "DeleteAlertManagerDefinition": { + "privilege": "DeleteAlertManagerDefinition", + "description": "Grants permission to delete an alert manager definition", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteAlertManagerDefinition" + }, + "DeleteAlertManagerSilence": { + "privilege": "DeleteAlertManagerSilence", + "description": "Grants permission to delete a silence", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteAlertManagerSilence" + }, + "DeleteLoggingConfiguration": { + "privilege": "DeleteLoggingConfiguration", + "description": "Grants permission to delete a logging configuration", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteLoggingConfiguration" + }, + "DeleteRuleGroupsNamespace": { + "privilege": "DeleteRuleGroupsNamespace", + "description": "Grants permission to delete a rule groups namespace", + "access_level": "Write", + "resource_types": { + "rulegroupsnamespace": { + "resource_type": "rulegroupsnamespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroupsnamespace": "rulegroupsnamespace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteRuleGroupsNamespace" + }, + "DeleteWorkspace": { + "privilege": "DeleteWorkspace", + "description": "Grants permission to delete a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DeleteWorkspace" + }, + "DescribeAlertManagerDefinition": { + "privilege": "DescribeAlertManagerDefinition", + "description": "Grants permission to describe an alert manager definition", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeAlertManagerDefinition" + }, + "DescribeLoggingConfiguration": { + "privilege": "DescribeLoggingConfiguration", + "description": "Grants permission to describe a logging configuration", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeLoggingConfiguration" + }, + "DescribeRuleGroupsNamespace": { + "privilege": "DescribeRuleGroupsNamespace", + "description": "Grants permission to describe a rule groups namespace", + "access_level": "Read", + "resource_types": { + "rulegroupsnamespace": { + "resource_type": "rulegroupsnamespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroupsnamespace": "rulegroupsnamespace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeRuleGroupsNamespace" + }, + "DescribeWorkspace": { + "privilege": "DescribeWorkspace", + "description": "Grants permission to describe a workspace", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-DescribeWorkspace" + }, + "GetAlertManagerSilence": { + "privilege": "GetAlertManagerSilence", + "description": "Grants permission to get a silence", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetAlertManagerSilence" + }, + "GetAlertManagerStatus": { + "privilege": "GetAlertManagerStatus", + "description": "Grants permission to get current status of an alertmanager", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetAlertManagerStatus" + }, + "GetLabels": { + "privilege": "GetLabels", + "description": "Grants permission to retrieve AMP workspace labels", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetLabels" + }, + "GetMetricMetadata": { + "privilege": "GetMetricMetadata", + "description": "Grants permission to retrieve the metadata for AMP workspace metrics", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetMetricMetadata" + }, + "GetSeries": { + "privilege": "GetSeries", + "description": "Grants permission to retrieve AMP workspace time series data", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-GetSeries" + }, + "ListAlertManagerAlertGroups": { + "privilege": "ListAlertManagerAlertGroups", + "description": "Grants permission to list groups", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerAlertGroups" + }, + "ListAlertManagerAlerts": { + "privilege": "ListAlertManagerAlerts", + "description": "Grants permission to list alerts", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerAlerts" + }, + "ListAlertManagerReceivers": { + "privilege": "ListAlertManagerReceivers", + "description": "Grants permission to list receivers", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerReceivers" + }, + "ListAlertManagerSilences": { + "privilege": "ListAlertManagerSilences", + "description": "Grants permission to list silences", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlertManagerSilences" + }, + "ListAlerts": { + "privilege": "ListAlerts", + "description": "Grants permission to list active alerts", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListAlerts" + }, + "ListRuleGroupsNamespaces": { + "privilege": "ListRuleGroupsNamespaces", + "description": "Grants permission to list rule groups namespaces", + "access_level": "List", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListRuleGroupsNamespaces" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to list alerting and recording rules", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListRules" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags on an AMP resource", + "access_level": "Read", + "resource_types": { + "rulegroupsnamespace": { + "resource_type": "rulegroupsnamespace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroupsnamespace": "rulegroupsnamespace", + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListTagsForResource" + }, + "ListWorkspaces": { + "privilege": "ListWorkspaces", + "description": "Grants permission to list workspaces", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-ListWorkspaces" + }, + "PutAlertManagerDefinition": { + "privilege": "PutAlertManagerDefinition", + "description": "Grants permission to update an alert manager definition", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-PutAlertManagerDefinition" + }, + "PutAlertManagerSilences": { + "privilege": "PutAlertManagerSilences", + "description": "Grants permission to create or update a silence", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-PutAlertManagerSilences" + }, + "PutRuleGroupsNamespace": { + "privilege": "PutRuleGroupsNamespace", + "description": "Grants permission to update a rule groups namespace", + "access_level": "Write", + "resource_types": { + "rulegroupsnamespace": { + "resource_type": "rulegroupsnamespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroupsnamespace": "rulegroupsnamespace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-PutRuleGroupsNamespace" + }, + "QueryMetrics": { + "privilege": "QueryMetrics", + "description": "Grants permission to run a query on AMP workspace metrics", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-QueryMetrics" + }, + "RemoteWrite": { + "privilege": "RemoteWrite", + "description": "Grants permission to perform a remote write operation to initiate the streaming of metrics to AMP workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-RemoteWrite" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AMP resource", + "access_level": "Tagging", + "resource_types": { + "rulegroupsnamespace": { + "resource_type": "rulegroupsnamespace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroupsnamespace": "rulegroupsnamespace", + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-TagResource" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an AMP resource", + "access_level": "Tagging", + "resource_types": { + "rulegroupsnamespace": { + "resource_type": "rulegroupsnamespace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroupsnamespace": "rulegroupsnamespace", + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-UntagResource" + }, + "UpdateLoggingConfiguration": { + "privilege": "UpdateLoggingConfiguration", + "description": "Grants permission to update a logging configuration", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-UpdateLoggingConfiguration" + }, + "UpdateWorkspaceAlias": { + "privilege": "UpdateWorkspaceAlias", + "description": "Grants permission to modify the alias of existing AMP workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-APIReference.html#AMP-APIReference-UpdateWorkspaceAlias" + } + }, + "privileges_lower_name": { + "createalertmanageralerts": "CreateAlertManagerAlerts", + "createalertmanagerdefinition": "CreateAlertManagerDefinition", + "createloggingconfiguration": "CreateLoggingConfiguration", + "createrulegroupsnamespace": "CreateRuleGroupsNamespace", + "createworkspace": "CreateWorkspace", + "deletealertmanagerdefinition": "DeleteAlertManagerDefinition", + "deletealertmanagersilence": "DeleteAlertManagerSilence", + "deleteloggingconfiguration": "DeleteLoggingConfiguration", + "deleterulegroupsnamespace": "DeleteRuleGroupsNamespace", + "deleteworkspace": "DeleteWorkspace", + "describealertmanagerdefinition": "DescribeAlertManagerDefinition", + "describeloggingconfiguration": "DescribeLoggingConfiguration", + "describerulegroupsnamespace": "DescribeRuleGroupsNamespace", + "describeworkspace": "DescribeWorkspace", + "getalertmanagersilence": "GetAlertManagerSilence", + "getalertmanagerstatus": "GetAlertManagerStatus", + "getlabels": "GetLabels", + "getmetricmetadata": "GetMetricMetadata", + "getseries": "GetSeries", + "listalertmanageralertgroups": "ListAlertManagerAlertGroups", + "listalertmanageralerts": "ListAlertManagerAlerts", + "listalertmanagerreceivers": "ListAlertManagerReceivers", + "listalertmanagersilences": "ListAlertManagerSilences", + "listalerts": "ListAlerts", + "listrulegroupsnamespaces": "ListRuleGroupsNamespaces", + "listrules": "ListRules", + "listtagsforresource": "ListTagsForResource", + "listworkspaces": "ListWorkspaces", + "putalertmanagerdefinition": "PutAlertManagerDefinition", + "putalertmanagersilences": "PutAlertManagerSilences", + "putrulegroupsnamespace": "PutRuleGroupsNamespace", + "querymetrics": "QueryMetrics", + "remotewrite": "RemoteWrite", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateloggingconfiguration": "UpdateLoggingConfiguration", + "updateworkspacealias": "UpdateWorkspaceAlias" + }, + "resources": { + "workspace": { + "resource": "workspace", + "arn": "arn:${Partition}:aps:${Region}:${Account}:workspace/${WorkspaceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + }, + "rulegroupsnamespace": { + "resource": "rulegroupsnamespace", + "arn": "arn:${Partition}:aps:${Region}:${Account}:rulegroupsnamespace/${WorkspaceId}/${Namespace}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + } + }, + "resources_lower_name": { + "workspace": "workspace", + "rulegroupsnamespace": "rulegroupsnamespace" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "kafka": { + "service_name": "Amazon Managed Streaming for Apache Kafka", + "prefix": "kafka", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedstreamingforapachekafka.html", + "privileges": { + "BatchAssociateScramSecret": { + "privilege": "BatchAssociateScramSecret", + "description": "Grants permission to associate one or more Scram Secrets with an Amazon MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:CreateGrant", + "kms:RetireGrant" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-scram-secrets.html#BatchAssociateScramSecret" + }, + "BatchDisassociateScramSecret": { + "privilege": "BatchDisassociateScramSecret", + "description": "Grants permission to disassociate one or more Scram Secrets from an Amazon MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:RetireGrant" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-scram-secrets.html#BatchDisassociateScramSecret" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create an MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "kms:CreateGrant", + "kms:DescribeKey" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#CreateCluster" + }, + "CreateClusterV2": { + "privilege": "CreateClusterV2", + "description": "Grants permission to create an MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags", + "ec2:CreateVpcEndpoint", + "ec2:DeleteVpcEndpoints", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy", + "kms:CreateGrant", + "kms:DescribeKey" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSK/2.0/APIReference/v2-clusters.html#CreateClusterV2" + }, + "CreateConfiguration": { + "privilege": "CreateConfiguration", + "description": "Grants permission to create an MSK configuration", + "access_level": "Write", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations.html#CreateConfiguration" + }, + "CreateVpcConnection": { + "privilege": "CreateVpcConnection", + "description": "Grants permission to create a MSK VPC connection", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags", + "ec2:CreateVpcEndpoint", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PutRolePolicy" + ] + }, + "vpc-connection": { + "resource_type": "vpc-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "vpc-connection": "vpc-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#CreateVpcConnection" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permission to delete an MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteVpcEndpoints", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcEndpoints" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn.html#DeleteCluster" + }, + "DeleteClusterPolicy": { + "privilege": "DeleteClusterPolicy", + "description": "Grants permission to delete a cluster resource-based policy", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-policy.html#DeleteClusterPolicy" + }, + "DeleteConfiguration": { + "privilege": "DeleteConfiguration", + "description": "Grants permission to delete the specified MSK configuration", + "access_level": "Write", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn.html#DeleteConfiguration" + }, + "DeleteVpcConnection": { + "privilege": "DeleteVpcConnection", + "description": "Grants permission to delete a MSK VPC connection", + "access_level": "Write", + "resource_types": { + "vpc-connection": { + "resource_type": "vpc-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteVpcEndpoints", + "ec2:DescribeVpcEndpoints" + ] + } + }, + "resource_types_lower_name": { + "vpc-connection": "vpc-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#DeleteVpcConnection" + }, + "DescribeCluster": { + "privilege": "DescribeCluster", + "description": "Grants permission to describe an MSK cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn.html#DescribeCluster" + }, + "DescribeClusterOperation": { + "privilege": "DescribeClusterOperation", + "description": "Grants permission to describe the cluster operation that is specified by the given ARN", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/operations-clusteroperationarn.html#DescribeClusterOperation" + }, + "DescribeClusterOperationV2": { + "privilege": "DescribeClusterOperationV2", + "description": "Grants permission to describe the cluster operation that is specified by the given ARN", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/operations-clusteroperationarn.html#DescribeClusterOperationV2" + }, + "DescribeClusterV2": { + "privilege": "DescribeClusterV2", + "description": "Grants permission to describe an MSK cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSK/2.0/APIReference/v2-clusters-clusterarn.html#DescribeClusterV2" + }, + "DescribeConfiguration": { + "privilege": "DescribeConfiguration", + "description": "Grants permission to describe an MSK configuration", + "access_level": "Read", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn.html#DescribeConfiguration" + }, + "DescribeConfigurationRevision": { + "privilege": "DescribeConfigurationRevision", + "description": "Grants permission to describe an MSK configuration revision", + "access_level": "Read", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn-revisions-revision.html#DescribeConfigurationRevision" + }, + "DescribeVpcConnection": { + "privilege": "DescribeVpcConnection", + "description": "Grants permission to describe a MSK VPC connection", + "access_level": "Read", + "resource_types": { + "vpc-connection": { + "resource_type": "vpc-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpc-connection": "vpc-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#DescribeVpcConnection" + }, + "GetBootstrapBrokers": { + "privilege": "GetBootstrapBrokers", + "description": "Grants permission to get connection details for the brokers in an MSK cluster", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-bootstrap-brokers.html#GetBootstrapBrokers" + }, + "GetClusterPolicy": { + "privilege": "GetClusterPolicy", + "description": "Grants permission to describe a cluster resource-based policy", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-policy.html#GetClusterPolicy" + }, + "GetCompatibleKafkaVersions": { + "privilege": "GetCompatibleKafkaVersions", + "description": "Grants permission to get a list of the Apache Kafka versions to which you can update an MSK cluster", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/compatible-kafka-versions.html#GetCompatibleKafkaVersions" + }, + "ListClientVpcConnections": { + "privilege": "ListClientVpcConnections", + "description": "Grants permission to list all MSK VPC connections created for a cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#ListClientVpcConnections" + }, + "ListClusterOperations": { + "privilege": "ListClusterOperations", + "description": "Grants permission to return a list of all the operations that have been performed on the specified MSK cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-operations.html#ListClusterOperations" + }, + "ListClusterOperationsV2": { + "privilege": "ListClusterOperationsV2", + "description": "Grants permission to return a list of all the operations that have been performed on the specified MSK cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-operations.html#ListClusterOperationsV2" + }, + "ListClusters": { + "privilege": "ListClusters", + "description": "Grants permission to list all MSK clusters in this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#ListClusters" + }, + "ListClustersV2": { + "privilege": "ListClustersV2", + "description": "Grants permission to list all MSK clusters in this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSK/2.0/APIReference/v2-clusters.html#ListClustersV2" + }, + "ListConfigurationRevisions": { + "privilege": "ListConfigurationRevisions", + "description": "Grants permission to list all revisions for an MSK configuration in this account", + "access_level": "List", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn-revisions.html#ListConfigurationRevisions" + }, + "ListConfigurations": { + "privilege": "ListConfigurations", + "description": "Grants permission to list all MSK configurations in this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations.html#ListConfigurations" + }, + "ListKafkaVersions": { + "privilege": "ListKafkaVersions", + "description": "Grants permission to list all Apache Kafka versions supported by Amazon MSK", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/kafka-versions.html#ListKafkaVersions" + }, + "ListNodes": { + "privilege": "ListNodes", + "description": "Grants permission to list brokers in an MSK cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes.html#ListNodes" + }, + "ListScramSecrets": { + "privilege": "ListScramSecrets", + "description": "Grants permission to list the Scram Secrets associated with an Amazon MSK cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-scram-secrets.html#ListScramSecrets" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags of an MSK resource", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/tags-resourcearn.html#ListTagsForResource" + }, + "ListVpcConnections": { + "privilege": "ListVpcConnections", + "description": "Grants permission to list all MSK VPC connections that this account uses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#ListVpcConnections" + }, + "PutClusterPolicy": { + "privilege": "PutClusterPolicy", + "description": "Grants permission to create or update the resource-based policy for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-policy.html#PutClusterPolicy" + }, + "RebootBroker": { + "privilege": "RebootBroker", + "description": "Grants permission to reboot broker", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-reboot-broker.html#RebootBroker" + }, + "RejectClientVpcConnection": { + "privilege": "RejectClientVpcConnection", + "description": "Grants permission to reject a MSK VPC connection", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "vpc-connection": { + "resource_type": "vpc-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "vpc-connection": "vpc-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/vpc-connections.html#RejectClientVpcConnection" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an MSK resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpc-connection": { + "resource_type": "vpc-connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "vpc-connection": "vpc-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/tags-resourcearn.html#TagResource" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from an MSK resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpc-connection": { + "resource_type": "vpc-connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "vpc-connection": "vpc-connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/tags-resourcearn.html#UntagResource" + }, + "UpdateBrokerCount": { + "privilege": "UpdateBrokerCount", + "description": "Grants permission to update the number of brokers of the MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes-count.html#UpdateBrokerCount" + }, + "UpdateBrokerStorage": { + "privilege": "UpdateBrokerStorage", + "description": "Grants permission to update the storage size of the brokers of the MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes-storage.html#UpdateBrokerStorage" + }, + "UpdateBrokerType": { + "privilege": "UpdateBrokerType", + "description": "Grants permission to update the broker type of an Amazon MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-nodes-type.html#UpdateBrokerType" + }, + "UpdateClusterConfiguration": { + "privilege": "UpdateClusterConfiguration", + "description": "Grants permission to update the configuration of the MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-configuration.html#UpdateClusterConfiguration" + }, + "UpdateClusterKafkaVersion": { + "privilege": "UpdateClusterKafkaVersion", + "description": "Grants permission to update the MSK cluster to the specified Apache Kafka version", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-version.html#UpdateClusterKafkaVersion" + }, + "UpdateConfiguration": { + "privilege": "UpdateConfiguration", + "description": "Grants permission to create a new revision of the MSK configuration", + "access_level": "Write", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/configurations-arn.html#UpdateConfiguration" + }, + "UpdateConnectivity": { + "privilege": "UpdateConnectivity", + "description": "Grants permission to update the connectivity settings for the MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeRouteTables", + "ec2:DescribeSubnets" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kafka:publicAccessEnabled" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-connectivity.html#UpdateConnectivity" + }, + "UpdateMonitoring": { + "privilege": "UpdateMonitoring", + "description": "Grants permission to update the monitoring settings for the MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-monitoring.html#UpdateMonitoring" + }, + "UpdateSecurity": { + "privilege": "UpdateSecurity", + "description": "Grants permission to update the security settings for the MSK cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:RetireGrant" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-security.html#UpdateSecurity" + }, + "UpdateStorage": { + "privilege": "UpdateStorage", + "description": "Grants permission to update the EBS storage (size or provisioned throughput) associated with MSK brokers or set cluster storage mode to TIERED", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-storage.html#UpdateStorage" + } + }, + "privileges_lower_name": { + "batchassociatescramsecret": "BatchAssociateScramSecret", + "batchdisassociatescramsecret": "BatchDisassociateScramSecret", + "createcluster": "CreateCluster", + "createclusterv2": "CreateClusterV2", + "createconfiguration": "CreateConfiguration", + "createvpcconnection": "CreateVpcConnection", + "deletecluster": "DeleteCluster", + "deleteclusterpolicy": "DeleteClusterPolicy", + "deleteconfiguration": "DeleteConfiguration", + "deletevpcconnection": "DeleteVpcConnection", + "describecluster": "DescribeCluster", + "describeclusteroperation": "DescribeClusterOperation", + "describeclusteroperationv2": "DescribeClusterOperationV2", + "describeclusterv2": "DescribeClusterV2", + "describeconfiguration": "DescribeConfiguration", + "describeconfigurationrevision": "DescribeConfigurationRevision", + "describevpcconnection": "DescribeVpcConnection", + "getbootstrapbrokers": "GetBootstrapBrokers", + "getclusterpolicy": "GetClusterPolicy", + "getcompatiblekafkaversions": "GetCompatibleKafkaVersions", + "listclientvpcconnections": "ListClientVpcConnections", + "listclusteroperations": "ListClusterOperations", + "listclusteroperationsv2": "ListClusterOperationsV2", + "listclusters": "ListClusters", + "listclustersv2": "ListClustersV2", + "listconfigurationrevisions": "ListConfigurationRevisions", + "listconfigurations": "ListConfigurations", + "listkafkaversions": "ListKafkaVersions", + "listnodes": "ListNodes", + "listscramsecrets": "ListScramSecrets", + "listtagsforresource": "ListTagsForResource", + "listvpcconnections": "ListVpcConnections", + "putclusterpolicy": "PutClusterPolicy", + "rebootbroker": "RebootBroker", + "rejectclientvpcconnection": "RejectClientVpcConnection", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatebrokercount": "UpdateBrokerCount", + "updatebrokerstorage": "UpdateBrokerStorage", + "updatebrokertype": "UpdateBrokerType", + "updateclusterconfiguration": "UpdateClusterConfiguration", + "updateclusterkafkaversion": "UpdateClusterKafkaVersion", + "updateconfiguration": "UpdateConfiguration", + "updateconnectivity": "UpdateConnectivity", + "updatemonitoring": "UpdateMonitoring", + "updatesecurity": "UpdateSecurity", + "updatestorage": "UpdateStorage" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:cluster/${ClusterName}/${Uuid}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "configuration": { + "resource": "configuration", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:configuration/${ConfigurationName}/${Uuid}", + "condition_keys": [] + }, + "vpc-connection": { + "resource": "vpc-connection", + "arn": "arn:${Partition}:kafka:${Region}:${VpcOwnerAccount}:vpc-connection/${ClusterOwnerAccount}/${ClusterName}/${Uuid}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "topic": { + "resource": "topic", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:topic/${ClusterName}/${ClusterUuid}/${TopicName}", + "condition_keys": [] + }, + "group": { + "resource": "group", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:group/${ClusterName}/${ClusterUuid}/${GroupName}", + "condition_keys": [] + }, + "transactional-id": { + "resource": "transactional-id", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:transactional-id/${ClusterName}/${ClusterUuid}/${TransactionalId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "configuration": "configuration", + "vpc-connection": "vpc-connection", + "topic": "topic", + "group": "group", + "transactional-id": "transactional-id" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "kafka:publicAccessEnabled": { + "condition": "kafka:publicAccessEnabled", + "description": "Filters access by the presence of public access enabled in the request", + "type": "Bool" + } + } + }, + "kafkaconnect": { + "service_name": "Amazon Managed Streaming for Kafka Connect", + "prefix": "kafkaconnect", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedstreamingforkafkaconnect.html", + "privileges": { + "CreateConnector": { + "privilege": "CreateConnector", + "description": "Grants permission to create an MSK Connect connector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "firehose:TagDeliveryStream", + "iam:AttachRolePolicy", + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "iam:PutRolePolicy", + "logs:CreateLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutResourcePolicy", + "s3:GetBucketPolicy", + "s3:PutBucketPolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_CreateConnector.html" + }, + "CreateCustomPlugin": { + "privilege": "CreateCustomPlugin", + "description": "Grants permission to create an MSK Connect custom plugin", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_CreateCustomPlugin.html" + }, + "CreateWorkerConfiguration": { + "privilege": "CreateWorkerConfiguration", + "description": "Grants permission to create an MSK Connect worker configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_CreateWorkerConfiguration.html" + }, + "DeleteConnector": { + "privilege": "DeleteConnector", + "description": "Grants permission to delete an MSK Connect connector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "logs:DeleteLogDelivery", + "logs:ListLogDeliveries" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DeleteConnector.html" + }, + "DeleteCustomPlugin": { + "privilege": "DeleteCustomPlugin", + "description": "Grants permission to delete an MSK Connect custom plugin", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DeleteCustomPlugin.html" + }, + "DescribeConnector": { + "privilege": "DescribeConnector", + "description": "Grants permission to describe an MSK Connect connector", + "access_level": "Read", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DescribeConnector.html" + }, + "DescribeCustomPlugin": { + "privilege": "DescribeCustomPlugin", + "description": "Grants permission to describe an MSK Connect custom plugin", + "access_level": "Read", + "resource_types": { + "custom plugin": { + "resource_type": "custom plugin", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom plugin": "custom plugin" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DescribeCustomPlugin.html" + }, + "DescribeWorkerConfiguration": { + "privilege": "DescribeWorkerConfiguration", + "description": "Grants permission to describe an MSK Connect worker configuration", + "access_level": "Read", + "resource_types": { + "worker configuration": { + "resource_type": "worker configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worker configuration": "worker configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_DescribeWorkerConfiguration.html" + }, + "ListConnectors": { + "privilege": "ListConnectors", + "description": "Grants permission to list all MSK Connect connectors in this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_ListConnectors.html" + }, + "ListCustomPlugins": { + "privilege": "ListCustomPlugins", + "description": "Grants permission to list all MSK Connect custom plugins in this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_ListCustomPlugins.html" + }, + "ListWorkerConfigurations": { + "privilege": "ListWorkerConfigurations", + "description": "Grants permission to list all MSK Connect worker configurations in this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_ListWorkerConfigurations.html" + }, + "UpdateConnector": { + "privilege": "UpdateConnector", + "description": "Grants permission to update an MSK Connect connector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/MSKC/latest/mskc/API_UpdateConnector.html" + } + }, + "privileges_lower_name": { + "createconnector": "CreateConnector", + "createcustomplugin": "CreateCustomPlugin", + "createworkerconfiguration": "CreateWorkerConfiguration", + "deleteconnector": "DeleteConnector", + "deletecustomplugin": "DeleteCustomPlugin", + "describeconnector": "DescribeConnector", + "describecustomplugin": "DescribeCustomPlugin", + "describeworkerconfiguration": "DescribeWorkerConfiguration", + "listconnectors": "ListConnectors", + "listcustomplugins": "ListCustomPlugins", + "listworkerconfigurations": "ListWorkerConfigurations", + "updateconnector": "UpdateConnector" + }, + "resources": { + "connector": { + "resource": "connector", + "arn": "arn:${Partition}:kafkaconnect:${Region}:${Account}:connector/${ConnectorName}/${UUID}", + "condition_keys": [] + }, + "custom plugin": { + "resource": "custom plugin", + "arn": "arn:${Partition}:kafkaconnect:${Region}:${Account}:custom-plugin/${CustomPluginName}/${UUID}", + "condition_keys": [] + }, + "worker configuration": { + "resource": "worker configuration", + "arn": "arn:${Partition}:kafkaconnect:${Region}:${Account}:worker-configuration/${WorkerConfigurationName}/${UUID}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "connector": "connector", + "custom plugin": "custom plugin", + "worker configuration": "worker configuration" + }, + "conditions": {} + }, + "airflow": { + "service_name": "Amazon Managed Workflows for Apache Airflow", + "prefix": "airflow", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmanagedworkflowsforapacheairflow.html", + "privileges": { + "CreateCliToken": { + "privilege": "CreateCliToken", + "description": "Grants permission to create a short-lived token that allows a user to invoke Airflow CLI via an endpoint on the Apache Airflow Webserver", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_CreateCliToken.html" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to create an Amazon MWAA environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_CreateEnvironment.html" + }, + "CreateWebLoginToken": { + "privilege": "CreateWebLoginToken", + "description": "Grants permission to create a short-lived token that allows a user to log into Apache Airflow web UI", + "access_level": "Write", + "resource_types": { + "rbac-role": { + "resource_type": "rbac-role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rbac-role": "rbac-role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_CreateWebLoginToken.html" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete an Amazon MWAA environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_DeleteEnvironment.html" + }, + "GetEnvironment": { + "privilege": "GetEnvironment", + "description": "Grants permission to view details about an Amazon MWAA environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_GetEnvironment.html" + }, + "ListEnvironments": { + "privilege": "ListEnvironments", + "description": "Grants permission to list the Amazon MWAA environments in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_ListEnvironments.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tag for an Amazon MWAA environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_ListTagsForResource.html" + }, + "PublishMetrics": { + "privilege": "PublishMetrics", + "description": "Grants permission to publish metrics for an Amazon MWAA environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_PublishMetrics.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an Amazon MWAA environment", + "access_level": "Tagging", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an Amazon MWAA environment", + "access_level": "Tagging", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_UntagResource.html" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to modify an Amazon MWAA environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mwaa/latest/API/API_UpdateEnvironment.html" + } + }, + "privileges_lower_name": { + "createclitoken": "CreateCliToken", + "createenvironment": "CreateEnvironment", + "createweblogintoken": "CreateWebLoginToken", + "deleteenvironment": "DeleteEnvironment", + "getenvironment": "GetEnvironment", + "listenvironments": "ListEnvironments", + "listtagsforresource": "ListTagsForResource", + "publishmetrics": "PublishMetrics", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateenvironment": "UpdateEnvironment" + }, + "resources": { + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:airflow:${Region}:${Account}:environment/${EnvironmentName}", + "condition_keys": [] + }, + "rbac-role": { + "resource": "rbac-role", + "arn": "arn:${Partition}:airflow:${Region}:${Account}:role/${EnvironmentName}/${RoleName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "environment": "environment", + "rbac-role": "rbac-role" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "mechanicalturk": { + "service_name": "Amazon Mechanical Turk", + "prefix": "mechanicalturk", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmechanicalturk.html", + "privileges": { + "AcceptQualificationRequest": { + "privilege": "AcceptQualificationRequest", + "description": "The AcceptQualificationRequest operation grants a Worker's request for a Qualification", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_AcceptQualificationRequestOperation.html" + }, + "ApproveAssignment": { + "privilege": "ApproveAssignment", + "description": "The ApproveAssignment operation approves the results of a completed assignment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ApproveAssignmentOperation.html" + }, + "AssociateQualificationWithWorker": { + "privilege": "AssociateQualificationWithWorker", + "description": "The AssociateQualificationWithWorker operation gives a Worker a Qualification", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_AssociateQualificationWithWorkerOperation.html" + }, + "CreateAdditionalAssignmentsForHIT": { + "privilege": "CreateAdditionalAssignmentsForHIT", + "description": "The CreateAdditionalAssignmentsForHIT operation increases the maximum number of assignments of an existing HIT", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateAdditionalAssignmentsForHITOperation.html" + }, + "CreateHIT": { + "privilege": "CreateHIT", + "description": "The CreateHIT operation creates a new HIT (Human Intelligence Task)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateHITOperation.html" + }, + "CreateHITType": { + "privilege": "CreateHITType", + "description": "The CreateHITType operation creates a new HIT type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateHITTypeOperation.html" + }, + "CreateHITWithHITType": { + "privilege": "CreateHITWithHITType", + "description": "The CreateHITWithHITType operation creates a new Human Intelligence Task (HIT) using an existing HITTypeID generated by the CreateHITType operation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateHITWithHITTypeOperation.html" + }, + "CreateQualificationType": { + "privilege": "CreateQualificationType", + "description": "The CreateQualificationType operation creates a new Qualification type, which is represented by a QualificationType data structure", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateQualificationTypeOperation.html" + }, + "CreateWorkerBlock": { + "privilege": "CreateWorkerBlock", + "description": "The CreateWorkerBlock operation allows you to prevent a Worker from working on your HITs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_CreateWorkerBlockOperation.html" + }, + "DeleteHIT": { + "privilege": "DeleteHIT", + "description": "The DeleteHIT operation disposes of a HIT that is no longer needed", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DeleteHITOperation.html" + }, + "DeleteQualificationType": { + "privilege": "DeleteQualificationType", + "description": "The DeleteQualificationType disposes a Qualification type and disposes any HIT types that are associated with the Qualification type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DeleteQualificationTypeOperation.html" + }, + "DeleteWorkerBlock": { + "privilege": "DeleteWorkerBlock", + "description": "The DeleteWorkerBlock operation allows you to reinstate a blocked Worker to work on your HITs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DeleteWorkerBlockOperation.html" + }, + "DisassociateQualificationFromWorker": { + "privilege": "DisassociateQualificationFromWorker", + "description": "The DisassociateQualificationFromWorker revokes a previously granted Qualification from a user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_DisassociateQualificationFromWorkerOperation.html" + }, + "GetAccountBalance": { + "privilege": "GetAccountBalance", + "description": "The GetAccountBalance operation retrieves the amount of money in your Amazon Mechanical Turk account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetAccountBalanceOperation.html" + }, + "GetAssignment": { + "privilege": "GetAssignment", + "description": "The GetAssignment retrieves an assignment with an AssignmentStatus value of Submitted, Approved, or Rejected, using the assignment's ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetAssignmentOperation.html" + }, + "GetFileUploadURL": { + "privilege": "GetFileUploadURL", + "description": "The GetFileUploadURL operation generates and returns a temporary URL", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetFileUploadURLOperation.html" + }, + "GetHIT": { + "privilege": "GetHIT", + "description": "The GetHIT operation retrieves the details of the specified HIT", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetHITOperation.html" + }, + "GetQualificationScore": { + "privilege": "GetQualificationScore", + "description": "The GetQualificationScore operation returns the value of a Worker's Qualification for a given Qualification type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetQualificationScoreOperation.html" + }, + "GetQualificationType": { + "privilege": "GetQualificationType", + "description": "The GetQualificationType operation retrieves information about a Qualification type using its ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_GetQualificationTypeOperation.html" + }, + "ListAssignmentsForHIT": { + "privilege": "ListAssignmentsForHIT", + "description": "The ListAssignmentsForHIT operation retrieves completed assignments for a HIT", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListAssignmentsForHITOperation.html" + }, + "ListBonusPayments": { + "privilege": "ListBonusPayments", + "description": "The ListBonusPayments operation retrieves the amounts of bonuses you have paid to Workers for a given HIT or assignment", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListBonusPaymentsOperation.html" + }, + "ListHITs": { + "privilege": "ListHITs", + "description": "The ListHITs operation returns all of a Requester's HITs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListHITsOperation.html" + }, + "ListHITsForQualificationType": { + "privilege": "ListHITsForQualificationType", + "description": "The ListHITsForQualificationType operation returns the HITs that use the given QualififcationType for a QualificationRequirement", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListHITsForQualificationTypeOperation.html" + }, + "ListQualificationRequests": { + "privilege": "ListQualificationRequests", + "description": "The ListQualificationRequests operation retrieves requests for Qualifications of a particular Qualification type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListQualificationRequestsOperation.html" + }, + "ListQualificationTypes": { + "privilege": "ListQualificationTypes", + "description": "The ListQualificationTypes operation searches for Qualification types using the specified search query, and returns a list of Qualification types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListQualificationTypesOperation.html" + }, + "ListReviewPolicyResultsForHIT": { + "privilege": "ListReviewPolicyResultsForHIT", + "description": "The ListReviewPolicyResultsForHIT operation retrieves the computed results and the actions taken in the course of executing your Review Policies during a CreateHIT operation", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListReviewPolicyResultsForHITOperation.html" + }, + "ListReviewableHITs": { + "privilege": "ListReviewableHITs", + "description": "The ListReviewableHITs operation returns all of a Requester's HITs that have not been approved or rejected", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListReviewableHITsOperation.html" + }, + "ListWorkerBlocks": { + "privilege": "ListWorkerBlocks", + "description": "The ListWorkersBlocks operation retrieves a list of Workers who are blocked from working on your HITs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListWorkerBlocksOperation.html" + }, + "ListWorkersWithQualificationType": { + "privilege": "ListWorkersWithQualificationType", + "description": "The ListWorkersWithQualificationType operation returns all of the Workers with a given Qualification type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_ListWorkersWithQualificationTypeOperation.html" + }, + "NotifyWorkers": { + "privilege": "NotifyWorkers", + "description": "The NotifyWorkers operation sends an email to one or more Workers that you specify with the Worker ID", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_NotifyWorkersOperation.html" + }, + "RejectAssignment": { + "privilege": "RejectAssignment", + "description": "The RejectAssignment operation rejects the results of a completed assignment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_RejectAssignmentOperation.html" + }, + "RejectQualificationRequest": { + "privilege": "RejectQualificationRequest", + "description": "The RejectQualificationRequest operation rejects a user's request for a Qualification", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_RejectQualificationRequestOperation.html" + }, + "SendBonus": { + "privilege": "SendBonus", + "description": "The SendBonus operation issues a payment of money from your account to a Worker", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_SendBonusOperation.html" + }, + "SendTestEventNotification": { + "privilege": "SendTestEventNotification", + "description": "The SendTestEventNotification operation causes Amazon Mechanical Turk to send a notification message as if a HIT event occurred, according to the provided notification specification", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_SendTestEventNotificationOperation.html" + }, + "UpdateExpirationForHIT": { + "privilege": "UpdateExpirationForHIT", + "description": "The UpdateExpirationForHIT operation allows you extend the expiration time of a HIT beyond is current expiration or expire a HIT immediately", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateExpirationForHITOperation.html" + }, + "UpdateHITReviewStatus": { + "privilege": "UpdateHITReviewStatus", + "description": "The UpdateHITReviewStatus operation toggles the status of a HIT", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateHITReviewStatusOperation.html" + }, + "UpdateHITTypeOfHIT": { + "privilege": "UpdateHITTypeOfHIT", + "description": "The UpdateHITTypeOfHIT operation allows you to change the HITType properties of a HIT", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateHITTypeOfHITOperation.html" + }, + "UpdateNotificationSettings": { + "privilege": "UpdateNotificationSettings", + "description": "The UpdateNotificationSettings operation creates, updates, disables or re-enables notifications for a HIT type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateNotificationSettingsOperation.html" + }, + "UpdateQualificationType": { + "privilege": "UpdateQualificationType", + "description": "The UpdateQualificationType operation modifies the attributes of an existing Qualification type, which is represented by a QualificationType data structure", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSMechTurk/latest/AWSMturkAPI/ApiReference_UpdateQualificationTypeOperation.html" + } + }, + "privileges_lower_name": { + "acceptqualificationrequest": "AcceptQualificationRequest", + "approveassignment": "ApproveAssignment", + "associatequalificationwithworker": "AssociateQualificationWithWorker", + "createadditionalassignmentsforhit": "CreateAdditionalAssignmentsForHIT", + "createhit": "CreateHIT", + "createhittype": "CreateHITType", + "createhitwithhittype": "CreateHITWithHITType", + "createqualificationtype": "CreateQualificationType", + "createworkerblock": "CreateWorkerBlock", + "deletehit": "DeleteHIT", + "deletequalificationtype": "DeleteQualificationType", + "deleteworkerblock": "DeleteWorkerBlock", + "disassociatequalificationfromworker": "DisassociateQualificationFromWorker", + "getaccountbalance": "GetAccountBalance", + "getassignment": "GetAssignment", + "getfileuploadurl": "GetFileUploadURL", + "gethit": "GetHIT", + "getqualificationscore": "GetQualificationScore", + "getqualificationtype": "GetQualificationType", + "listassignmentsforhit": "ListAssignmentsForHIT", + "listbonuspayments": "ListBonusPayments", + "listhits": "ListHITs", + "listhitsforqualificationtype": "ListHITsForQualificationType", + "listqualificationrequests": "ListQualificationRequests", + "listqualificationtypes": "ListQualificationTypes", + "listreviewpolicyresultsforhit": "ListReviewPolicyResultsForHIT", + "listreviewablehits": "ListReviewableHITs", + "listworkerblocks": "ListWorkerBlocks", + "listworkerswithqualificationtype": "ListWorkersWithQualificationType", + "notifyworkers": "NotifyWorkers", + "rejectassignment": "RejectAssignment", + "rejectqualificationrequest": "RejectQualificationRequest", + "sendbonus": "SendBonus", + "sendtesteventnotification": "SendTestEventNotification", + "updateexpirationforhit": "UpdateExpirationForHIT", + "updatehitreviewstatus": "UpdateHITReviewStatus", + "updatehittypeofhit": "UpdateHITTypeOfHIT", + "updatenotificationsettings": "UpdateNotificationSettings", + "updatequalificationtype": "UpdateQualificationType" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "mediaimport": { + "service_name": "AmazonMediaImport", + "prefix": "mediaimport", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmediaimport.html", + "privileges": { + "CreateDatabaseBinarySnapshot": { + "privilege": "CreateDatabaseBinarySnapshot", + "description": "Grants permission to create a database binary snapshot on the customer's aws account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html" + } + }, + "privileges_lower_name": { + "createdatabasebinarysnapshot": "CreateDatabaseBinarySnapshot" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "memorydb": { + "service_name": "Amazon MemoryDB", + "prefix": "memorydb", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmemorydb.html", + "privileges": { + "BatchUpdateCluster": { + "privilege": "BatchUpdateCluster", + "description": "Grants permissions to apply service updates", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "s3:GetObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_BatchUpdateCluster.html" + }, + "Connect": { + "privilege": "Connect", + "description": "Allows an IAM user or role to connect as a specified MemoryDB user to a node in a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/devguide/auth-iam.html" + }, + "CopySnapshot": { + "privilege": "CopySnapshot", + "description": "Grants permissions to make a copy of an existing snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "memorydb:TagResource", + "s3:DeleteObject", + "s3:GetBucketAcl", + "s3:PutObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CopySnapshot.html" + }, + "CreateAcl": { + "privilege": "CreateAcl", + "description": "Grants permissions to create a new access control list", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "memorydb:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateAcl.html" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permissions to create a cluster", + "access_level": "Write", + "resource_types": { + "acl": { + "resource_type": "acl", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "memorydb:TagResource", + "s3:GetObject" + ] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "acl": "acl", + "parametergroup": "parametergroup", + "subnetgroup": "subnetgroup", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateCluster.html" + }, + "CreateParameterGroup": { + "privilege": "CreateParameterGroup", + "description": "Grants permissions to create a new parameter group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "memorydb:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateParameterGroup.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permissions to create a backup of a cluster at the current point in time", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "memorydb:TagResource", + "s3:DeleteObject", + "s3:GetBucketAcl", + "s3:PutObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateSnapshot.html" + }, + "CreateSubnetGroup": { + "privilege": "CreateSubnetGroup", + "description": "Grants permissions to create a new subnet group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "memorydb:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateSubnetGroup.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permissions to create a new user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "memorydb:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_CreateUser.html" + }, + "DeleteAcl": { + "privilege": "DeleteAcl", + "description": "Grants permissions to delete an access control list", + "access_level": "Write", + "resource_types": { + "acl": { + "resource_type": "acl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "acl": "acl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteAcl.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permissions to delete a previously provisioned cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteCluster.html" + }, + "DeleteParameterGroup": { + "privilege": "DeleteParameterGroup", + "description": "Grants permissions to delete a parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteParameterGroup.html" + }, + "DeleteSnapshot": { + "privilege": "DeleteSnapshot", + "description": "Grants permissions to delete a snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteSnapshot.html" + }, + "DeleteSubnetGroup": { + "privilege": "DeleteSubnetGroup", + "description": "Grants permissions to delete a subnet group", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteSubnetGroup.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permissions to delete a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DeleteUser.html" + }, + "DescribeAcls": { + "privilege": "DescribeAcls", + "description": "Grants permissions to retrieve information about access control lists", + "access_level": "Read", + "resource_types": { + "acl": { + "resource_type": "acl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "acl": "acl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeAcls.html" + }, + "DescribeClusters": { + "privilege": "DescribeClusters", + "description": "Grants permissions to retrieve information about all provisioned clusters if no cluster identifier is specified, or about a specific cluster if a cluster identifier is supplied", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeClusters.html" + }, + "DescribeEngineVersions": { + "privilege": "DescribeEngineVersions", + "description": "Grants permissions to list of the available engines and their versions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeEngineVersions.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permissions to retrieve events related to clusters, subnet groups, and parameter groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeEvents.html" + }, + "DescribeParameterGroups": { + "privilege": "DescribeParameterGroups", + "description": "Grants permissions to retrieve information about parameter groups", + "access_level": "Read", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeParameterGroups.html" + }, + "DescribeParameters": { + "privilege": "DescribeParameters", + "description": "Grants permissions to retrieve a detailed parameter list for a particular parameter group", + "access_level": "Read", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeParameters.html" + }, + "DescribeReservedNodes": { + "privilege": "DescribeReservedNodes", + "description": "Grants permissions to retrieve reserved nodes", + "access_level": "Read", + "resource_types": { + "reservednode": { + "resource_type": "reservednode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reservednode": "reservednode", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeReservedNodes.html" + }, + "DescribeReservedNodesOfferings": { + "privilege": "DescribeReservedNodesOfferings", + "description": "Grants permissions to retrieve reserved nodes offerings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeReservedNodesOfferings.html" + }, + "DescribeServiceUpdates": { + "privilege": "DescribeServiceUpdates", + "description": "Grants permissions to retrieve details of the service updates", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeServiceUpdates.html" + }, + "DescribeSnapshots": { + "privilege": "DescribeSnapshots", + "description": "Grants permissions to retrieve information about cluster snapshots", + "access_level": "Read", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeSnapshots.html" + }, + "DescribeSubnetGroups": { + "privilege": "DescribeSubnetGroups", + "description": "Grants permissions to retrieve a list of subnet group", + "access_level": "Read", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeSubnetGroups.html" + }, + "DescribeUsers": { + "privilege": "DescribeUsers", + "description": "Grants permissions to retrieve information about users", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_DescribeUsers.html" + }, + "FailoverShard": { + "privilege": "FailoverShard", + "description": "Grants permissions to test automatic failover on a specified shard in a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_FailoverShard.html" + }, + "ListAllowedNodeTypeUpdates": { + "privilege": "ListAllowedNodeTypeUpdates", + "description": "Grants permissions to list available node type updates", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_ListAllowedNodeTypeUpdates.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permissions to list cost allocation tags", + "access_level": "Read", + "resource_types": { + "acl": { + "resource_type": "acl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "acl": "acl", + "cluster": "cluster", + "parametergroup": "parametergroup", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_ListTags.html" + }, + "PurchaseReservedNodesOffering": { + "privilege": "PurchaseReservedNodesOffering", + "description": "Grants permissions to purchase a new reserved node", + "access_level": "Write", + "resource_types": { + "reservednode": { + "resource_type": "reservednode", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "memorydb:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reservednode": "reservednode", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_PurchaseReservedNodesOffering.html" + }, + "ResetParameterGroup": { + "privilege": "ResetParameterGroup", + "description": "Grants permissions to modify the parameters of a parameter group to the engine or system default value", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_ResetParameterGroup.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permissions to add up to 10 cost allocation tags to the named resource", + "access_level": "Tagging", + "resource_types": { + "acl": { + "resource_type": "acl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reservednode": { + "resource_type": "reservednode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "acl": "acl", + "cluster": "cluster", + "parametergroup": "parametergroup", + "reservednode": "reservednode", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permissions to remove the tags identified by the TagKeys list from a resource", + "access_level": "Tagging", + "resource_types": { + "acl": { + "resource_type": "acl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "acl": "acl", + "cluster": "cluster", + "parametergroup": "parametergroup", + "snapshot": "snapshot", + "subnetgroup": "subnetgroup", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UntagResource.html" + }, + "UpdateAcl": { + "privilege": "UpdateAcl", + "description": "Grants permissions to update an access control list", + "access_level": "Write", + "resource_types": { + "acl": { + "resource_type": "acl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "acl": "acl", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateAcl.html" + }, + "UpdateCluster": { + "privilege": "UpdateCluster", + "description": "Grants permissions to update the settings for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "acl": { + "resource_type": "acl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "acl": "acl", + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateCluster.html" + }, + "UpdateParameterGroup": { + "privilege": "UpdateParameterGroup", + "description": "Grants permissions to update parameters in a parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateParameterGroup.html" + }, + "UpdateSubnetGroup": { + "privilege": "UpdateSubnetGroup", + "description": "Grants permissions to update a subnet group", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateSubnetGroup.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permissions to update a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/memorydb/latest/APIReference/API_UpdateUser.html" + } + }, + "privileges_lower_name": { + "batchupdatecluster": "BatchUpdateCluster", + "connect": "Connect", + "copysnapshot": "CopySnapshot", + "createacl": "CreateAcl", + "createcluster": "CreateCluster", + "createparametergroup": "CreateParameterGroup", + "createsnapshot": "CreateSnapshot", + "createsubnetgroup": "CreateSubnetGroup", + "createuser": "CreateUser", + "deleteacl": "DeleteAcl", + "deletecluster": "DeleteCluster", + "deleteparametergroup": "DeleteParameterGroup", + "deletesnapshot": "DeleteSnapshot", + "deletesubnetgroup": "DeleteSubnetGroup", + "deleteuser": "DeleteUser", + "describeacls": "DescribeAcls", + "describeclusters": "DescribeClusters", + "describeengineversions": "DescribeEngineVersions", + "describeevents": "DescribeEvents", + "describeparametergroups": "DescribeParameterGroups", + "describeparameters": "DescribeParameters", + "describereservednodes": "DescribeReservedNodes", + "describereservednodesofferings": "DescribeReservedNodesOfferings", + "describeserviceupdates": "DescribeServiceUpdates", + "describesnapshots": "DescribeSnapshots", + "describesubnetgroups": "DescribeSubnetGroups", + "describeusers": "DescribeUsers", + "failovershard": "FailoverShard", + "listallowednodetypeupdates": "ListAllowedNodeTypeUpdates", + "listtags": "ListTags", + "purchasereservednodesoffering": "PurchaseReservedNodesOffering", + "resetparametergroup": "ResetParameterGroup", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateacl": "UpdateAcl", + "updatecluster": "UpdateCluster", + "updateparametergroup": "UpdateParameterGroup", + "updatesubnetgroup": "UpdateSubnetGroup", + "updateuser": "UpdateUser" + }, + "resources": { + "parametergroup": { + "resource": "parametergroup", + "arn": "arn:${Partition}:memorydb:${Region}:${Account}:parametergroup/${ParameterGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "subnetgroup": { + "resource": "subnetgroup", + "arn": "arn:${Partition}:memorydb:${Region}:${Account}:subnetgroup/${SubnetGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:memorydb:${Region}:${Account}:cluster/${ClusterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:memorydb:${Region}:${Account}:snapshot/${SnapshotName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:memorydb:${Region}:${Account}:user/${UserName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "acl": { + "resource": "acl", + "arn": "arn:${Partition}:memorydb:${Region}:${Account}:acl/${AclName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "reservednode": { + "resource": "reservednode", + "arn": "arn:${Partition}:memorydb:${Region}:${Account}:reservednode/${ReservationID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "parametergroup": "parametergroup", + "subnetgroup": "subnetgroup", + "cluster": "cluster", + "snapshot": "snapshot", + "user": "user", + "acl": "acl", + "reservednode": "reservednode" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "ec2messages": { + "service_name": "Amazon Message Delivery Service", + "prefix": "ec2messages", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmessagedeliveryservice.html", + "privileges": { + "AcknowledgeMessage": { + "privilege": "AcknowledgeMessage", + "description": "Grants permission to acknowledge a message, ensuring it will not be delivered again", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "DeleteMessage": { + "privilege": "DeleteMessage", + "description": "Grants permission to delete a message", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "FailMessage": { + "privilege": "FailMessage", + "description": "Grants permission to fail a message, signifying the message could not be processed successfully, ensuring it cannot be replied to or delivered again", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "GetEndpoint": { + "privilege": "GetEndpoint", + "description": "Grants permission to route traffic to the correct endpoint based on the given destination for the messages", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "GetMessages": { + "privilege": "GetMessages", + "description": "Grants permission to deliver messages to clients/instances using long polling", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SourceInstanceARN" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "SendReply": { + "privilege": "SendReply", + "description": "Grants permission to send replies from clients/instances to upstream service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SourceInstanceARN" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + } + }, + "privileges_lower_name": { + "acknowledgemessage": "AcknowledgeMessage", + "deletemessage": "DeleteMessage", + "failmessage": "FailMessage", + "getendpoint": "GetEndpoint", + "getmessages": "GetMessages", + "sendreply": "SendReply" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": { + "ssm:SourceInstanceARN": { + "condition": "ssm:SourceInstanceARN", + "description": "Filters access by verifying the Amazon Resource Name (ARN) of the AWS Systems Manager's managed instance from which the request is made. This key is not present when the request comes from the managed instance authenticated with an IAM role associated with EC2 instance profile", + "type": "String" + } + } + }, + "mobileanalytics": { + "service_name": "Amazon Mobile Analytics", + "prefix": "mobileanalytics", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmobileanalytics.html", + "privileges": { + "GetFinancialReports": { + "privilege": "GetFinancialReports", + "description": "Grant access to financial metrics for an app", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "GetReports": { + "privilege": "GetReports", + "description": "Grant access to standard metrics for an app", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "PutEvents": { + "privilege": "PutEvents", + "description": "The PutEvents operation records one or more events", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobileanalytics/latest/ug/PutEvents.html" + } + }, + "privileges_lower_name": { + "getfinancialreports": "GetFinancialReports", + "getreports": "GetReports", + "putevents": "PutEvents" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "monitron": { + "service_name": "Amazon Monitron", + "prefix": "monitron", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmonitron.html", + "privileges": { + "AssociateProjectAdminUser": { + "privilege": "AssociateProjectAdminUser", + "description": "Grants permission to associate a user with the project as an administrator", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso-directory:DescribeUsers", + "sso:AssociateProfile", + "sso:GetManagedApplicationInstance", + "sso:GetProfile", + "sso:ListDirectoryAssociations", + "sso:ListProfileAssociations", + "sso:ListProfiles" + ] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/user-management-chapter.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a project", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "sso:CreateManagedApplicationInstance", + "sso:DeleteManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-creating-project.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso:DeleteManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-delete-project.html" + }, + "DisassociateProjectAdminUser": { + "privilege": "DisassociateProjectAdminUser", + "description": "Grants permission to disassociate an administrator from the project", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso-directory:DescribeUsers", + "sso:DisassociateProfile", + "sso:GetManagedApplicationInstance", + "sso:GetProfile", + "sso:ListDirectoryAssociations", + "sso:ListProfiles" + ] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mu-remove-project-admin.html" + }, + "GetProject": { + "privilege": "GetProject", + "description": "Grants permission to get information about a project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-project-tasks.html" + }, + "GetProjectAdminUser": { + "privilege": "GetProjectAdminUser", + "description": "Grants permission to describe an administrator who is associated with the project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso-directory:DescribeUsers", + "sso:GetManagedApplicationInstance", + "sso:ListProfileAssociations" + ] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-project-tasks.html" + }, + "ListProjectAdminUsers": { + "privilege": "ListProjectAdminUsers", + "description": "Grants permission to list all administrators associated with the project", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso-directory:DescribeUsers", + "sso:GetManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/user-management-chapter.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list all projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-project-tasks.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for a resource", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/tagging.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/tagging.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/tagging.html#modify-tag-1" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to update a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Monitron/latest/admin-guide/mp-updating-project.html" + } + }, + "privileges_lower_name": { + "associateprojectadminuser": "AssociateProjectAdminUser", + "createproject": "CreateProject", + "deleteproject": "DeleteProject", + "disassociateprojectadminuser": "DisassociateProjectAdminUser", + "getproject": "GetProject", + "getprojectadminuser": "GetProjectAdminUser", + "listprojectadminusers": "ListProjectAdminUsers", + "listprojects": "ListProjects", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateproject": "UpdateProject" + }, + "resources": { + "project": { + "resource": "project", + "arn": "arn:${Partition}:monitron:${Region}:${Account}:project/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "project": "project" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions by the tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "mq": { + "service_name": "Amazon MQ", + "prefix": "mq", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonmq.html", + "privileges": { + "CreateBroker": { + "privilege": "CreateBroker", + "description": "Grants permission to create a broker", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:CreateSecurityGroup", + "ec2:CreateVpcEndpoint", + "ec2:DescribeInternetGateways", + "ec2:DescribeNetworkInterfacePermissions", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcEndpoints", + "ec2:DescribeVpcs", + "ec2:ModifyNetworkInterfaceAttribute", + "iam:CreateServiceLinkedRole", + "route53:AssociateVPCWithHostedZone" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-brokers.html#rest-api-brokers-methods-post" + }, + "CreateConfiguration": { + "privilege": "CreateConfiguration", + "description": "Grants permission to create a new configuration for the specified configuration name. Amazon MQ uses the default configuration (the engine type and engine version)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configurations.html#rest-api-configurations-methods-post" + }, + "CreateReplicaBroker": { + "privilege": "CreateReplicaBroker", + "description": "Grants permission to create a replica broker", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-brokers.html#rest-api-brokers-methods-post" + }, + "CreateTags": { + "privilege": "CreateTags", + "description": "Grants permission to create tags", + "access_level": "Tagging", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurations": { + "resource_type": "configurations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers", + "configurations": "configurations", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-tags.html#rest-api-tags-methods-post" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create an ActiveMQ user", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-post" + }, + "DeleteBroker": { + "privilege": "DeleteBroker", + "description": "Grants permission to delete a broker", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteNetworkInterface", + "ec2:DeleteNetworkInterfacePermission", + "ec2:DeleteVpcEndpoints", + "ec2:DetachNetworkInterface" + ] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-broker.html#rest-api-broker-methods-delete" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete tags", + "access_level": "Tagging", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurations": { + "resource_type": "configurations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers", + "configurations": "configurations", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-tags.html#rest-api-tags-methods-delete" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete an ActiveMQ user", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-delete" + }, + "DescribeBroker": { + "privilege": "DescribeBroker", + "description": "Grants permission to return information about the specified broker", + "access_level": "Read", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-broker.html#rest-api-broker-methods-get" + }, + "DescribeBrokerEngineTypes": { + "privilege": "DescribeBrokerEngineTypes", + "description": "Grants permission to return information about broker engines", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/broker-engine-types.html#broker-engine-types-http-methods" + }, + "DescribeBrokerInstanceOptions": { + "privilege": "DescribeBrokerInstanceOptions", + "description": "Grants permission to return information about the broker instance options", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/broker-instance-options.html#broker-engine-types-http-methods" + }, + "DescribeConfiguration": { + "privilege": "DescribeConfiguration", + "description": "Grants permission to return information about the specified configuration", + "access_level": "Read", + "resource_types": { + "configurations": { + "resource_type": "configurations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurations": "configurations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configuration.html#rest-api-configuration-methods-get" + }, + "DescribeConfigurationRevision": { + "privilege": "DescribeConfigurationRevision", + "description": "Grants permission to return the specified configuration revision for the specified configuration", + "access_level": "Read", + "resource_types": { + "configurations": { + "resource_type": "configurations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurations": "configurations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configuration-revision.html#rest-api-configuration-revision-methods-get" + }, + "DescribeUser": { + "privilege": "DescribeUser", + "description": "Grants permission to return information about an ActiveMQ user", + "access_level": "Read", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-get" + }, + "ListBrokers": { + "privilege": "ListBrokers", + "description": "Grants permission to return a list of all brokers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-brokers.html#rest-api-brokers-methods-get" + }, + "ListConfigurationRevisions": { + "privilege": "ListConfigurationRevisions", + "description": "Grants permission to return a list of all existing revisions for the specified configuration", + "access_level": "List", + "resource_types": { + "configurations": { + "resource_type": "configurations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurations": "configurations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-revisions.html#rest-api-revisions-methods-get" + }, + "ListConfigurations": { + "privilege": "ListConfigurations", + "description": "Grants permission to return a list of all configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configurations.html#rest-api-configurations-methods-get" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to return a list of tags", + "access_level": "List", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurations": { + "resource_type": "configurations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers", + "configurations": "configurations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-tags.html#rest-api-tags-methods-get" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to return a list of all ActiveMQ users", + "access_level": "List", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-users.html#rest-api-users-methods-get" + }, + "Promote": { + "privilege": "Promote", + "description": "Grants permission to promote a broker", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-promote.html#rest-api-promote-methods-post" + }, + "RebootBroker": { + "privilege": "RebootBroker", + "description": "Grants permission to reboot a broker", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-restart.html#rest-api-reboot-methods-post" + }, + "UpdateBroker": { + "privilege": "UpdateBroker", + "description": "Grants permission to add a pending configuration change to a broker", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-broker.html#rest-api-broker-methods-get" + }, + "UpdateConfiguration": { + "privilege": "UpdateConfiguration", + "description": "Grants permission to update the specified configuration", + "access_level": "Write", + "resource_types": { + "configurations": { + "resource_type": "configurations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurations": "configurations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-configuration.html#rest-api-configuration-methods-put" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update the information for an ActiveMQ user", + "access_level": "Write", + "resource_types": { + "brokers": { + "resource_type": "brokers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "brokers": "brokers" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazon-mq/latest/api-reference/rest-api-username.html#rest-api-username-methods-put" + } + }, + "privileges_lower_name": { + "createbroker": "CreateBroker", + "createconfiguration": "CreateConfiguration", + "createreplicabroker": "CreateReplicaBroker", + "createtags": "CreateTags", + "createuser": "CreateUser", + "deletebroker": "DeleteBroker", + "deletetags": "DeleteTags", + "deleteuser": "DeleteUser", + "describebroker": "DescribeBroker", + "describebrokerenginetypes": "DescribeBrokerEngineTypes", + "describebrokerinstanceoptions": "DescribeBrokerInstanceOptions", + "describeconfiguration": "DescribeConfiguration", + "describeconfigurationrevision": "DescribeConfigurationRevision", + "describeuser": "DescribeUser", + "listbrokers": "ListBrokers", + "listconfigurationrevisions": "ListConfigurationRevisions", + "listconfigurations": "ListConfigurations", + "listtags": "ListTags", + "listusers": "ListUsers", + "promote": "Promote", + "rebootbroker": "RebootBroker", + "updatebroker": "UpdateBroker", + "updateconfiguration": "UpdateConfiguration", + "updateuser": "UpdateUser" + }, + "resources": { + "brokers": { + "resource": "brokers", + "arn": "arn:${Partition}:mq:${Region}:${Account}:broker:${BrokerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "configurations": { + "resource": "configurations", + "arn": "arn:${Partition}:mq:${Region}:${Account}:configuration:${ConfigurationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "brokers": "brokers", + "configurations": "configurations" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "neptune-db": { + "service_name": "Amazon Neptune", + "prefix": "neptune-db", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonneptune.html", + "privileges": { + "CancelLoaderJob": { + "privilege": "CancelLoaderJob", + "description": "Grants permission to cancel a loader job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelloaderjob" + }, + "CancelMLDataProcessingJob": { + "privilege": "CancelMLDataProcessingJob", + "description": "Grants permission to cancel an ML data processing job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelmldataprocessingjob" + }, + "CancelMLModelTrainingJob": { + "privilege": "CancelMLModelTrainingJob", + "description": "Grants permission to cancel an ML model training job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelmlmodeltrainingjob" + }, + "CancelMLModelTransformJob": { + "privilege": "CancelMLModelTransformJob", + "description": "Grants permission to cancel an ML model transform job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelmlmodeltransformjob" + }, + "CancelQuery": { + "privilege": "CancelQuery", + "description": "Grants permission to cancel a query", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#cancelquery" + }, + "CreateMLEndpoint": { + "privilege": "CreateMLEndpoint", + "description": "Grants permission to create an ML endpoint", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#createmlendpoint" + }, + "DeleteDataViaQuery": { + "privilege": "DeleteDataViaQuery", + "description": "Grants permission to run delete data via query APIs on database", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "neptune-db:QueryLanguage" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#deletedataviaquery" + }, + "DeleteMLEndpoint": { + "privilege": "DeleteMLEndpoint", + "description": "Grants permission to delete an ML endpoint", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#deletemlendpoint" + }, + "DeleteStatistics": { + "privilege": "DeleteStatistics", + "description": "Grants permission to delete all the statistics in the database", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#deletestatistics" + }, + "GetEngineStatus": { + "privilege": "GetEngineStatus", + "description": "Grants permission to check the status of the Neptune engine", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getenginestatus" + }, + "GetGraphSummary": { + "privilege": "GetGraphSummary", + "description": "Grants permission to get the graph summary from the database", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getgraphsummary" + }, + "GetLoaderJobStatus": { + "privilege": "GetLoaderJobStatus", + "description": "Grants permission to check the status of a loader job", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getloaderjobstatus" + }, + "GetMLDataProcessingJobStatus": { + "privilege": "GetMLDataProcessingJobStatus", + "description": "Grants permission to check the status of an ML data processing job", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmldataprocessingjobstatus" + }, + "GetMLEndpointStatus": { + "privilege": "GetMLEndpointStatus", + "description": "Grants permission to check the status of an ML endpoint", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmlendpointstatus" + }, + "GetMLModelTrainingJobStatus": { + "privilege": "GetMLModelTrainingJobStatus", + "description": "Grants permission to check the status of an ML model training job", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmlmodeltrainingjobstatus" + }, + "GetMLModelTransformJobStatus": { + "privilege": "GetMLModelTransformJobStatus", + "description": "Grants permission to check the status of an ML model transform job", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getmlmodeltransformjobstatus" + }, + "GetQueryStatus": { + "privilege": "GetQueryStatus", + "description": "Grants permission to check the status of all active queries", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "neptune-db:QueryLanguage" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getquerystatus" + }, + "GetStatisticsStatus": { + "privilege": "GetStatisticsStatus", + "description": "Grants permission to check the status of statistics of the database", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getstatisticsstatus" + }, + "GetStreamRecords": { + "privilege": "GetStreamRecords", + "description": "Grants permission to fetch stream records from Neptune", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "neptune-db:QueryLanguage" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#getstreamrecords" + }, + "ListLoaderJobs": { + "privilege": "ListLoaderJobs", + "description": "Grants permission to list all the loader jobs", + "access_level": "List", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listloaderjobs" + }, + "ListMLDataProcessingJobs": { + "privilege": "ListMLDataProcessingJobs", + "description": "Grants permission to list all the ML data processing jobs", + "access_level": "List", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmldataprocessingjobs" + }, + "ListMLEndpoints": { + "privilege": "ListMLEndpoints", + "description": "Grants permission to list all the ML endpoints", + "access_level": "List", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmlendpoints" + }, + "ListMLModelTrainingJobs": { + "privilege": "ListMLModelTrainingJobs", + "description": "Grants permission to list all the ML model training jobs", + "access_level": "List", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmlmodeltrainingjobs" + }, + "ListMLModelTransformJobs": { + "privilege": "ListMLModelTransformJobs", + "description": "Grants permission to list all the ML model transform jobs", + "access_level": "List", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#listmlmodeltransformjobs" + }, + "ManageStatistics": { + "privilege": "ManageStatistics", + "description": "Grants permission to manage statistics in the database", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#managestatistics" + }, + "ReadDataViaQuery": { + "privilege": "ReadDataViaQuery", + "description": "Grants permission to run read data via query APIs on database", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "neptune-db:QueryLanguage" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#readdataviaquery" + }, + "ResetDatabase": { + "privilege": "ResetDatabase", + "description": "Grants permission to get the token needed for reset and resets the Neptune database", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#resetdatabase" + }, + "StartLoaderJob": { + "privilege": "StartLoaderJob", + "description": "Grants permission to start a loader job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startloaderjob" + }, + "StartMLDataProcessingJob": { + "privilege": "StartMLDataProcessingJob", + "description": "Grants permission to start an ML data processing job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startmldataprocessingjob" + }, + "StartMLModelTrainingJob": { + "privilege": "StartMLModelTrainingJob", + "description": "Grants permission to start an ML model training job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startmlmodeltrainingjob" + }, + "StartMLModelTransformJob": { + "privilege": "StartMLModelTransformJob", + "description": "Grants permission to start an ML model transform job", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#startmlmodeltransformjob" + }, + "WriteDataViaQuery": { + "privilege": "WriteDataViaQuery", + "description": "Grants permission to run write data via query APIs on database", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "neptune-db:QueryLanguage" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html#writedataviaquery" + }, + "connect": { + "privilege": "connect", + "description": "Grants permission to all data-access actions in engine versions prior to 1.2.0.0", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/neptune/latest/userguide/iam-dp-actions.html" + } + }, + "privileges_lower_name": { + "cancelloaderjob": "CancelLoaderJob", + "cancelmldataprocessingjob": "CancelMLDataProcessingJob", + "cancelmlmodeltrainingjob": "CancelMLModelTrainingJob", + "cancelmlmodeltransformjob": "CancelMLModelTransformJob", + "cancelquery": "CancelQuery", + "createmlendpoint": "CreateMLEndpoint", + "deletedataviaquery": "DeleteDataViaQuery", + "deletemlendpoint": "DeleteMLEndpoint", + "deletestatistics": "DeleteStatistics", + "getenginestatus": "GetEngineStatus", + "getgraphsummary": "GetGraphSummary", + "getloaderjobstatus": "GetLoaderJobStatus", + "getmldataprocessingjobstatus": "GetMLDataProcessingJobStatus", + "getmlendpointstatus": "GetMLEndpointStatus", + "getmlmodeltrainingjobstatus": "GetMLModelTrainingJobStatus", + "getmlmodeltransformjobstatus": "GetMLModelTransformJobStatus", + "getquerystatus": "GetQueryStatus", + "getstatisticsstatus": "GetStatisticsStatus", + "getstreamrecords": "GetStreamRecords", + "listloaderjobs": "ListLoaderJobs", + "listmldataprocessingjobs": "ListMLDataProcessingJobs", + "listmlendpoints": "ListMLEndpoints", + "listmlmodeltrainingjobs": "ListMLModelTrainingJobs", + "listmlmodeltransformjobs": "ListMLModelTransformJobs", + "managestatistics": "ManageStatistics", + "readdataviaquery": "ReadDataViaQuery", + "resetdatabase": "ResetDatabase", + "startloaderjob": "StartLoaderJob", + "startmldataprocessingjob": "StartMLDataProcessingJob", + "startmlmodeltrainingjob": "StartMLModelTrainingJob", + "startmlmodeltransformjob": "StartMLModelTransformJob", + "writedataviaquery": "WriteDataViaQuery", + "connect": "connect" + }, + "resources": { + "database": { + "resource": "database", + "arn": "arn:${Partition}:neptune-db:${Region}:${Account}:${RelativeId}/database", + "condition_keys": [] + } + }, + "resources_lower_name": { + "database": "database" + }, + "conditions": { + "neptune-db:QueryLanguage": { + "condition": "neptune-db:QueryLanguage", + "description": "Filters access by graph model", + "type": "String" + } + } + }, + "nimble": { + "service_name": "Amazon Nimble Studio", + "prefix": "nimble", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonnimblestudio.html", + "privileges": { + "AcceptEulas": { + "privilege": "AcceptEulas", + "description": "Grants permission to accept EULAs", + "access_level": "Write", + "resource_types": { + "eula": { + "resource_type": "eula", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eula": "eula" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_AcceptEulas.html" + }, + "CreateLaunchProfile": { + "privilege": "CreateLaunchProfile", + "description": "Grants permission to create a launch profile", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeNatGateways", + "ec2:DescribeNetworkAcls", + "ec2:DescribeRouteTables", + "ec2:DescribeSubnets", + "ec2:DescribeVpcEndpoints", + "ec2:RunInstances" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateLaunchProfile.html" + }, + "CreateStreamingImage": { + "privilege": "CreateStreamingImage", + "description": "Grants permission to create a streaming image", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeImages", + "ec2:DescribeSnapshots", + "ec2:ModifyInstanceAttribute", + "ec2:ModifySnapshotAttribute", + "ec2:RegisterImage" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStreamingImage.html" + }, + "CreateStreamingSession": { + "privilege": "CreateStreamingSession", + "description": "Grants permission to create a streaming session", + "access_level": "Write", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "nimble:GetLaunchProfile", + "nimble:GetLaunchProfileInitialization", + "nimble:ListEulaAcceptances" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStreamingSession.html" + }, + "CreateStreamingSessionStream": { + "privilege": "CreateStreamingSessionStream", + "description": "Grants permission to create a StreamingSessionStream", + "access_level": "Write", + "resource_types": { + "streaming-session": { + "resource_type": "streaming-session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-session": "streaming-session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStreamingSessionStream.html" + }, + "CreateStudio": { + "privilege": "CreateStudio", + "description": "Grants permission to create a studio", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "sso:CreateManagedApplicationInstance" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStudio.html" + }, + "CreateStudioComponent": { + "privilege": "CreateStudioComponent", + "description": "Grants permission to create a studio component. A studio component designates a network resource to which a launch profile will provide access", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:AuthorizeApplication", + "ds:DescribeDirectories", + "ec2:DescribeSecurityGroups", + "fsx:DescribeFileSystems", + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_CreateStudioComponent.html" + }, + "DeleteLaunchProfile": { + "privilege": "DeleteLaunchProfile", + "description": "Grants permission to delete a launch profile", + "access_level": "Write", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteLaunchProfile.html" + }, + "DeleteLaunchProfileMember": { + "privilege": "DeleteLaunchProfileMember", + "description": "Grants permission to delete a launch profile member", + "access_level": "Write", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteLaunchProfileMember.html" + }, + "DeleteStreamingImage": { + "privilege": "DeleteStreamingImage", + "description": "Grants permission to delete a streaming image", + "access_level": "Write", + "resource_types": { + "streaming-image": { + "resource_type": "streaming-image", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteSnapshot", + "ec2:DeregisterImage", + "ec2:ModifyInstanceAttribute", + "ec2:ModifySnapshotAttribute" + ] + } + }, + "resource_types_lower_name": { + "streaming-image": "streaming-image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStreamingImage.html" + }, + "DeleteStreamingSession": { + "privilege": "DeleteStreamingSession", + "description": "Grants permission to delete a streaming session", + "access_level": "Write", + "resource_types": { + "streaming-session": { + "resource_type": "streaming-session", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteNetworkInterface" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-session": "streaming-session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStreamingSession.html" + }, + "DeleteStudio": { + "privilege": "DeleteStudio", + "description": "Grants permission to delete a studio", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso:DeleteManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStudio.html" + }, + "DeleteStudioComponent": { + "privilege": "DeleteStudioComponent", + "description": "Grants permission to delete a studio component", + "access_level": "Write", + "resource_types": { + "studio-component": { + "resource_type": "studio-component", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:UnauthorizeApplication" + ] + } + }, + "resource_types_lower_name": { + "studio-component": "studio-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStudioComponent.html" + }, + "DeleteStudioMember": { + "privilege": "DeleteStudioMember", + "description": "Grants permission to delete a studio member", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_DeleteStudioMember.html" + }, + "GetEula": { + "privilege": "GetEula", + "description": "Grants permission to get a EULA", + "access_level": "Read", + "resource_types": { + "eula": { + "resource_type": "eula", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eula": "eula" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetEula.html" + }, + "GetFeatureMap": { + "privilege": "GetFeatureMap", + "description": "Grants permission to allow Nimble Studio portal to show the appropriate features for this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/userguide/security-iam-service-with-iam.html" + }, + "GetLaunchProfile": { + "privilege": "GetLaunchProfile", + "description": "Grants permission to get a launch profile", + "access_level": "Read", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfile.html" + }, + "GetLaunchProfileDetails": { + "privilege": "GetLaunchProfileDetails", + "description": "Grants permission to get a launch profile's details, which includes the summary of studio components and streaming images used by the launch profile", + "access_level": "Read", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfileDetails.html" + }, + "GetLaunchProfileInitialization": { + "privilege": "GetLaunchProfileInitialization", + "description": "Grants permission to get a launch profile initialization. A launch profile initialization is a dereferenced version of a launch profile, including attached studio component connection information", + "access_level": "Read", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories", + "ec2:DescribeSecurityGroups", + "fsx:DescribeFileSystems" + ] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfileInitialization.html" + }, + "GetLaunchProfileMember": { + "privilege": "GetLaunchProfileMember", + "description": "Grants permission to get a launch profile member", + "access_level": "Read", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetLaunchProfileMember.html" + }, + "GetStreamingImage": { + "privilege": "GetStreamingImage", + "description": "Grants permission to get a streaming image", + "access_level": "Read", + "resource_types": { + "streaming-image": { + "resource_type": "streaming-image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-image": "streaming-image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingImage.html" + }, + "GetStreamingSession": { + "privilege": "GetStreamingSession", + "description": "Grants permission to get a streaming session", + "access_level": "Read", + "resource_types": { + "streaming-session": { + "resource_type": "streaming-session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-session": "streaming-session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingSession.html" + }, + "GetStreamingSessionBackup": { + "privilege": "GetStreamingSessionBackup", + "description": "Grants permission to get a streaming session backup", + "access_level": "Read", + "resource_types": { + "streaming-session-backup": { + "resource_type": "streaming-session-backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-session-backup": "streaming-session-backup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingSessionBackup.html" + }, + "GetStreamingSessionStream": { + "privilege": "GetStreamingSessionStream", + "description": "Grants permission to get a streaming session stream", + "access_level": "Read", + "resource_types": { + "streaming-session": { + "resource_type": "streaming-session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-session": "streaming-session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStreamingSessionStream.html" + }, + "GetStudio": { + "privilege": "GetStudio", + "description": "Grants permission to get a studio", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStudio.html" + }, + "GetStudioComponent": { + "privilege": "GetStudioComponent", + "description": "Grants permission to get a studio component", + "access_level": "Read", + "resource_types": { + "studio-component": { + "resource_type": "studio-component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio-component": "studio-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStudioComponent.html" + }, + "GetStudioMember": { + "privilege": "GetStudioMember", + "description": "Grants permission to get a studio member", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_GetStudioMember.html" + }, + "ListEulaAcceptances": { + "privilege": "ListEulaAcceptances", + "description": "Grants permission to list EULA acceptances", + "access_level": "Read", + "resource_types": { + "eula-acceptance": { + "resource_type": "eula-acceptance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eula-acceptance": "eula-acceptance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListEulaAcceptances.html" + }, + "ListEulas": { + "privilege": "ListEulas", + "description": "Grants permission to list EULAs", + "access_level": "Read", + "resource_types": { + "eula": { + "resource_type": "eula", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eula": "eula" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListEulas.html" + }, + "ListLaunchProfileMembers": { + "privilege": "ListLaunchProfileMembers", + "description": "Grants permission to list launch profile members", + "access_level": "Read", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListLaunchProfileMembers.html" + }, + "ListLaunchProfiles": { + "privilege": "ListLaunchProfiles", + "description": "Grants permission to list launch profiles", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:principalId", + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListLaunchProfiles.html" + }, + "ListStreamingImages": { + "privilege": "ListStreamingImages", + "description": "Grants permission to list streaming images", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStreamingImages.html" + }, + "ListStreamingSessionBackups": { + "privilege": "ListStreamingSessionBackups", + "description": "Grants permission to list streaming session backups", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStreamingSessionBackups.html" + }, + "ListStreamingSessions": { + "privilege": "ListStreamingSessions", + "description": "Grants permission to list streaming sessions", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:createdBy", + "nimble:ownedBy", + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStreamingSessions.html" + }, + "ListStudioComponents": { + "privilege": "ListStudioComponents", + "description": "Grants permission to list studio components", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStudioComponents.html" + }, + "ListStudioMembers": { + "privilege": "ListStudioMembers", + "description": "Grants permission to list studio members", + "access_level": "Read", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStudioMembers.html" + }, + "ListStudios": { + "privilege": "ListStudios", + "description": "Grants permission to list all studios", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListStudios.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags on a Nimble Studio resource", + "access_level": "Read", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-image": { + "resource_type": "streaming-image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-session": { + "resource_type": "streaming-session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-session-backup": { + "resource_type": "streaming-session-backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio": { + "resource_type": "studio", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio-component": { + "resource_type": "studio-component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile", + "streaming-image": "streaming-image", + "streaming-session": "streaming-session", + "streaming-session-backup": "streaming-session-backup", + "studio": "studio", + "studio-component": "studio-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_ListTagsForResource.html" + }, + "PutLaunchProfileMembers": { + "privilege": "PutLaunchProfileMembers", + "description": "Grants permission to add/update launch profile members", + "access_level": "Write", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso-directory:DescribeUsers" + ] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_PutLaunchProfileMembers.html" + }, + "PutStudioLogEvents": { + "privilege": "PutStudioLogEvents", + "description": "Grants permission to report metrics and logs for the Nimble Studio portal to monitor application health", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/userguide/security-iam-service-with-iam.html" + }, + "PutStudioMembers": { + "privilege": "PutStudioMembers", + "description": "Grants permission to add/update studio members", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso-directory:DescribeUsers" + ] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_PutStudioMembers.html" + }, + "StartStreamingSession": { + "privilege": "StartStreamingSession", + "description": "Grants permission to start a streaming session", + "access_level": "Write", + "resource_types": { + "streaming-session": { + "resource_type": "streaming-session", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "nimble:GetLaunchProfile", + "nimble:GetLaunchProfileMember" + ] + }, + "streaming-session-backup": { + "resource_type": "streaming-session-backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-session": "streaming-session", + "streaming-session-backup": "streaming-session-backup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_StartStreamingSession.html" + }, + "StartStudioSSOConfigurationRepair": { + "privilege": "StartStudioSSOConfigurationRepair", + "description": "Grants permission to repair the studio's AWS IAM Identity Center configuration", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso:CreateManagedApplicationInstance", + "sso:GetManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_StartStudioSSOConfigurationRepair.html" + }, + "StopStreamingSession": { + "privilege": "StopStreamingSession", + "description": "Grants permission to stop a streaming session", + "access_level": "Write", + "resource_types": { + "streaming-session": { + "resource_type": "streaming-session", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "nimble:GetLaunchProfile" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "nimble:requesterPrincipalId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-session": "streaming-session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_StopStreamingSession.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or overwrite one or more tags for the specified Nimble Studio resource", + "access_level": "Tagging", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-image": { + "resource_type": "streaming-image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-session": { + "resource_type": "streaming-session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-session-backup": { + "resource_type": "streaming-session-backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio": { + "resource_type": "studio", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio-component": { + "resource_type": "studio-component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile", + "streaming-image": "streaming-image", + "streaming-session": "streaming-session", + "streaming-session-backup": "streaming-session-backup", + "studio": "studio", + "studio-component": "studio-component", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to disassociate one or more tags from the specified Nimble Studio resource", + "access_level": "Tagging", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-image": { + "resource_type": "streaming-image", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-session": { + "resource_type": "streaming-session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streaming-session-backup": { + "resource_type": "streaming-session-backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio": { + "resource_type": "studio", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "studio-component": { + "resource_type": "studio-component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile", + "streaming-image": "streaming-image", + "streaming-session": "streaming-session", + "streaming-session-backup": "streaming-session-backup", + "studio": "studio", + "studio-component": "studio-component", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UntagResource.html" + }, + "UpdateLaunchProfile": { + "privilege": "UpdateLaunchProfile", + "description": "Grants permission to update a launch profile", + "access_level": "Write", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeNatGateways", + "ec2:DescribeNetworkAcls", + "ec2:DescribeRouteTables", + "ec2:DescribeSubnets", + "ec2:DescribeVpcEndpoints" + ] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateLaunchProfile.html" + }, + "UpdateLaunchProfileMember": { + "privilege": "UpdateLaunchProfileMember", + "description": "Grants permission to update a launch profile member", + "access_level": "Write", + "resource_types": { + "launch-profile": { + "resource_type": "launch-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launch-profile": "launch-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateLaunchProfileMember.html" + }, + "UpdateStreamingImage": { + "privilege": "UpdateStreamingImage", + "description": "Grants permission to update a streaming image", + "access_level": "Write", + "resource_types": { + "streaming-image": { + "resource_type": "streaming-image", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streaming-image": "streaming-image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateStreamingImage.html" + }, + "UpdateStudio": { + "privilege": "UpdateStudio", + "description": "Grants permission to update a studio", + "access_level": "Write", + "resource_types": { + "studio": { + "resource_type": "studio", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "studio": "studio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateStudio.html" + }, + "UpdateStudioComponent": { + "privilege": "UpdateStudioComponent", + "description": "Grants permission to update a studio component", + "access_level": "Write", + "resource_types": { + "studio-component": { + "resource_type": "studio-component", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:AuthorizeApplication", + "ds:DescribeDirectories", + "ec2:DescribeSecurityGroups", + "fsx:DescribeFileSystems", + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "studio-component": "studio-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/nimble-studio/latest/APIReference/API_UpdateStudioComponent.html" + } + }, + "privileges_lower_name": { + "accepteulas": "AcceptEulas", + "createlaunchprofile": "CreateLaunchProfile", + "createstreamingimage": "CreateStreamingImage", + "createstreamingsession": "CreateStreamingSession", + "createstreamingsessionstream": "CreateStreamingSessionStream", + "createstudio": "CreateStudio", + "createstudiocomponent": "CreateStudioComponent", + "deletelaunchprofile": "DeleteLaunchProfile", + "deletelaunchprofilemember": "DeleteLaunchProfileMember", + "deletestreamingimage": "DeleteStreamingImage", + "deletestreamingsession": "DeleteStreamingSession", + "deletestudio": "DeleteStudio", + "deletestudiocomponent": "DeleteStudioComponent", + "deletestudiomember": "DeleteStudioMember", + "geteula": "GetEula", + "getfeaturemap": "GetFeatureMap", + "getlaunchprofile": "GetLaunchProfile", + "getlaunchprofiledetails": "GetLaunchProfileDetails", + "getlaunchprofileinitialization": "GetLaunchProfileInitialization", + "getlaunchprofilemember": "GetLaunchProfileMember", + "getstreamingimage": "GetStreamingImage", + "getstreamingsession": "GetStreamingSession", + "getstreamingsessionbackup": "GetStreamingSessionBackup", + "getstreamingsessionstream": "GetStreamingSessionStream", + "getstudio": "GetStudio", + "getstudiocomponent": "GetStudioComponent", + "getstudiomember": "GetStudioMember", + "listeulaacceptances": "ListEulaAcceptances", + "listeulas": "ListEulas", + "listlaunchprofilemembers": "ListLaunchProfileMembers", + "listlaunchprofiles": "ListLaunchProfiles", + "liststreamingimages": "ListStreamingImages", + "liststreamingsessionbackups": "ListStreamingSessionBackups", + "liststreamingsessions": "ListStreamingSessions", + "liststudiocomponents": "ListStudioComponents", + "liststudiomembers": "ListStudioMembers", + "liststudios": "ListStudios", + "listtagsforresource": "ListTagsForResource", + "putlaunchprofilemembers": "PutLaunchProfileMembers", + "putstudiologevents": "PutStudioLogEvents", + "putstudiomembers": "PutStudioMembers", + "startstreamingsession": "StartStreamingSession", + "startstudiossoconfigurationrepair": "StartStudioSSOConfigurationRepair", + "stopstreamingsession": "StopStreamingSession", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatelaunchprofile": "UpdateLaunchProfile", + "updatelaunchprofilemember": "UpdateLaunchProfileMember", + "updatestreamingimage": "UpdateStreamingImage", + "updatestudio": "UpdateStudio", + "updatestudiocomponent": "UpdateStudioComponent" + }, + "resources": { + "studio": { + "resource": "studio", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:studio/${StudioId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "nimble:studioId" + ] + }, + "streaming-image": { + "resource": "streaming-image", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:streaming-image/${StreamingImageId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "nimble:studioId" + ] + }, + "studio-component": { + "resource": "studio-component", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:studio-component/${StudioComponentId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "nimble:studioId" + ] + }, + "launch-profile": { + "resource": "launch-profile", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:launch-profile/${LaunchProfileId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "nimble:studioId" + ] + }, + "streaming-session": { + "resource": "streaming-session", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:streaming-session/${StreamingSessionId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "nimble:createdBy", + "nimble:ownedBy" + ] + }, + "streaming-session-backup": { + "resource": "streaming-session-backup", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:streaming-session-backup/${StreamingSessionBackupId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "nimble:ownedBy" + ] + }, + "eula": { + "resource": "eula", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:eula/${EulaId}", + "condition_keys": [] + }, + "eula-acceptance": { + "resource": "eula-acceptance", + "arn": "arn:${Partition}:nimble:${Region}:${Account}:eula-acceptance/${EulaAcceptanceId}", + "condition_keys": [ + "nimble:studioId" + ] + } + }, + "resources_lower_name": { + "studio": "studio", + "streaming-image": "streaming-image", + "studio-component": "studio-component", + "launch-profile": "launch-profile", + "streaming-session": "streaming-session", + "streaming-session-backup": "streaming-session-backup", + "eula": "eula", + "eula-acceptance": "eula-acceptance" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + }, + "nimble:createdBy": { + "condition": "nimble:createdBy", + "description": "Filters access by the createdBy request parameter or the ID of the creator of the resource", + "type": "String" + }, + "nimble:ownedBy": { + "condition": "nimble:ownedBy", + "description": "Filters access by the ownedBy request parameter or the ID of the owner of the resource", + "type": "String" + }, + "nimble:principalId": { + "condition": "nimble:principalId", + "description": "Filters access by the principalId request parameter", + "type": "String" + }, + "nimble:requesterPrincipalId": { + "condition": "nimble:requesterPrincipalId", + "description": "Filters access by the ID of the logged in user", + "type": "String" + }, + "nimble:studioId": { + "condition": "nimble:studioId", + "description": "Filters access by a specific studio", + "type": "ARN" + } + } + }, + "omics": { + "service_name": "Amazon Omics", + "prefix": "omics", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonomics.html", + "privileges": { + "AbortMultipartReadSetUpload": { + "privilege": "AbortMultipartReadSetUpload", + "description": "Grants permission to abort multipart read set uploads", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_AbortMultipartReadSetUpload.html" + }, + "BatchDeleteReadSet": { + "privilege": "BatchDeleteReadSet", + "description": "Grants permission to batch delete Read Sets in the given Sequence Store", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_BatchDeleteReadSet.html" + }, + "CancelAnnotationImportJob": { + "privilege": "CancelAnnotationImportJob", + "description": "Grants permission to cancel an Annotation Import Job", + "access_level": "Write", + "resource_types": { + "AnnotationImportJob": { + "resource_type": "AnnotationImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "annotationimportjob": "AnnotationImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CancelAnnotationImportJob.html" + }, + "CancelRun": { + "privilege": "CancelRun", + "description": "Grants permission to cancel a workflow run and stop all workflow tasks", + "access_level": "Write", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CancelRun.html" + }, + "CancelVariantImportJob": { + "privilege": "CancelVariantImportJob", + "description": "Grants permission to cancel a Variant Import Job", + "access_level": "Write", + "resource_types": { + "VariantImportJob": { + "resource_type": "VariantImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variantimportjob": "VariantImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CancelVariantImportJob.html" + }, + "CompleteMultipartReadSetUpload": { + "privilege": "CompleteMultipartReadSetUpload", + "description": "Grants permission to complete a multipart read set upload", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CompleteMultipartReadSetUpload.html" + }, + "CreateAnnotationStore": { + "privilege": "CreateAnnotationStore", + "description": "Grants permission to create an Annotation Store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateAnnotationStore.html" + }, + "CreateMultipartReadSetUpload": { + "privilege": "CreateMultipartReadSetUpload", + "description": "Grants permission to create a multipart read set upload", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateMultipartReadSetUpload.html" + }, + "CreateReferenceStore": { + "privilege": "CreateReferenceStore", + "description": "Grants permission to create a Reference Store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateReferenceStore.html" + }, + "CreateRunGroup": { + "privilege": "CreateRunGroup", + "description": "Grants permission to create a new workflow run group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateRunGroup.html" + }, + "CreateSequenceStore": { + "privilege": "CreateSequenceStore", + "description": "Grants permission to create a Sequence Store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateSequenceStore.html" + }, + "CreateVariantStore": { + "privilege": "CreateVariantStore", + "description": "Grants permission to create a Variant Store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateVariantStore.html" + }, + "CreateWorkflow": { + "privilege": "CreateWorkflow", + "description": "Grants permission to create a new workflow with a workflow definition and template of workflow parameters", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_CreateWorkflow.html" + }, + "DeleteAnnotationStore": { + "privilege": "DeleteAnnotationStore", + "description": "Grants permission to delete an Annotation Store", + "access_level": "Write", + "resource_types": { + "AnnotationStore": { + "resource_type": "AnnotationStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "annotationstore": "AnnotationStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteAnnotationStore.html" + }, + "DeleteReference": { + "privilege": "DeleteReference", + "description": "Grants permission to delete a Reference in the given Reference Store", + "access_level": "Write", + "resource_types": { + "reference": { + "resource_type": "reference", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reference": "reference", + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteReference.html" + }, + "DeleteReferenceStore": { + "privilege": "DeleteReferenceStore", + "description": "Grants permission to delete a Reference Store", + "access_level": "Write", + "resource_types": { + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteReferenceStore.html" + }, + "DeleteRun": { + "privilege": "DeleteRun", + "description": "Grants permission to delete a workflow run", + "access_level": "Write", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteRun.html" + }, + "DeleteRunGroup": { + "privilege": "DeleteRunGroup", + "description": "Grants permission to delete a workflow run group", + "access_level": "Write", + "resource_types": { + "runGroup": { + "resource_type": "runGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rungroup": "runGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteRunGroup.html" + }, + "DeleteSequenceStore": { + "privilege": "DeleteSequenceStore", + "description": "Grants permission to delete a Sequence Store", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteSequenceStore.html" + }, + "DeleteVariantStore": { + "privilege": "DeleteVariantStore", + "description": "Grants permission to delete a Variant Store", + "access_level": "Write", + "resource_types": { + "VariantStore": { + "resource_type": "VariantStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variantstore": "VariantStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteVariantStore.html" + }, + "DeleteWorkflow": { + "privilege": "DeleteWorkflow", + "description": "Grants permission to delete a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteWorkflow.html" + }, + "GetAnnotationImportJob": { + "privilege": "GetAnnotationImportJob", + "description": "Grants permission to get the status of an Annotation Import Job", + "access_level": "Read", + "resource_types": { + "AnnotationImportJob": { + "resource_type": "AnnotationImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "annotationimportjob": "AnnotationImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetAnnotationImportJob.html" + }, + "GetAnnotationStore": { + "privilege": "GetAnnotationStore", + "description": "Grants permission to get detailed information about an Annotation Store", + "access_level": "Read", + "resource_types": { + "AnnotationStore": { + "resource_type": "AnnotationStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "annotationstore": "AnnotationStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetAnnotationStore.html" + }, + "GetReadSet": { + "privilege": "GetReadSet", + "description": "Grants permission to get a Read Set in the given Sequence Store", + "access_level": "Read", + "resource_types": { + "readSet": { + "resource_type": "readSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readset": "readSet", + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSet.html" + }, + "GetReadSetActivationJob": { + "privilege": "GetReadSetActivationJob", + "description": "Grants permission to get details about a Read Set activation job for the given Sequence Store", + "access_level": "Read", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetActivationJob.html" + }, + "GetReadSetExportJob": { + "privilege": "GetReadSetExportJob", + "description": "Grants permission to get details about a Read Set export job for the given Sequence Store", + "access_level": "Read", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetExportJob.html" + }, + "GetReadSetImportJob": { + "privilege": "GetReadSetImportJob", + "description": "Grants permission to get details about a Read Set import job for the given Sequence Store", + "access_level": "Read", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetImportJob.html" + }, + "GetReadSetMetadata": { + "privilege": "GetReadSetMetadata", + "description": "Grants permission to get details about a Read Set in the given Sequence Store", + "access_level": "Read", + "resource_types": { + "readSet": { + "resource_type": "readSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readset": "readSet", + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetMetadata.html" + }, + "GetReference": { + "privilege": "GetReference", + "description": "Grants permission to get a Reference in the given Reference Store", + "access_level": "Read", + "resource_types": { + "reference": { + "resource_type": "reference", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reference": "reference", + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReference.html" + }, + "GetReferenceImportJob": { + "privilege": "GetReferenceImportJob", + "description": "Grants permission to get details about a Reference import job for the given Reference Store", + "access_level": "Read", + "resource_types": { + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceImportJob.html" + }, + "GetReferenceMetadata": { + "privilege": "GetReferenceMetadata", + "description": "Grants permission to get details about a Reference in the given Reference Store", + "access_level": "Read", + "resource_types": { + "reference": { + "resource_type": "reference", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reference": "reference", + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceMetadata.html" + }, + "GetReferenceStore": { + "privilege": "GetReferenceStore", + "description": "Grants permission to get details about a Reference Store", + "access_level": "Read", + "resource_types": { + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceStore.html" + }, + "GetRun": { + "privilege": "GetRun", + "description": "Grants permission to retrieve workflow run details", + "access_level": "Read", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetRun.html" + }, + "GetRunGroup": { + "privilege": "GetRunGroup", + "description": "Grants permission to retrieve workflow run group details", + "access_level": "Read", + "resource_types": { + "runGroup": { + "resource_type": "runGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rungroup": "runGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetRunGroup.html" + }, + "GetRunTask": { + "privilege": "GetRunTask", + "description": "Grants permission to retrieve workflow task details", + "access_level": "Read", + "resource_types": { + "TaskResource": { + "resource_type": "TaskResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "taskresource": "TaskResource", + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetRunTask.html" + }, + "GetSequenceStore": { + "privilege": "GetSequenceStore", + "description": "Grants permission to get details about a Sequence Store", + "access_level": "Read", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetSequenceStore.html" + }, + "GetVariantImportJob": { + "privilege": "GetVariantImportJob", + "description": "Grants permission to get the status of a Variant Import Job", + "access_level": "Read", + "resource_types": { + "VariantImportJob": { + "resource_type": "VariantImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variantimportjob": "VariantImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetVariantImportJob.html" + }, + "GetVariantStore": { + "privilege": "GetVariantStore", + "description": "Grants permission to get detailed information about a Variant Store", + "access_level": "Read", + "resource_types": { + "VariantStore": { + "resource_type": "VariantStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variantstore": "VariantStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetVariantStore.html" + }, + "GetWorkflow": { + "privilege": "GetWorkflow", + "description": "Grants permission to retrieve workflow details", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_GetWorkflow.html" + }, + "ListAnnotationImportJobs": { + "privilege": "ListAnnotationImportJobs", + "description": "Grants permission to get a list of Annotation Import Jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListAnnotationImportJobs.html" + }, + "ListAnnotationStores": { + "privilege": "ListAnnotationStores", + "description": "Grants permission to retrieve a list of information about Annotation Stores", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListAnnotationStores.html" + }, + "ListMultipartReadSetUploads": { + "privilege": "ListMultipartReadSetUploads", + "description": "Grants permission to list multipart read set uploads", + "access_level": "List", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListMultipartReadSetUploads.html" + }, + "ListReadSetActivationJobs": { + "privilege": "ListReadSetActivationJobs", + "description": "Grants permission to list Read Set activation jobs for the given Sequence Store", + "access_level": "List", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetActivationJobs.html" + }, + "ListReadSetExportJobs": { + "privilege": "ListReadSetExportJobs", + "description": "Grants permission to list Read Set export jobs for the given Sequence Store", + "access_level": "List", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetExportJobs.html" + }, + "ListReadSetImportJobs": { + "privilege": "ListReadSetImportJobs", + "description": "Grants permission to list Read Set import jobs for the given Sequence Store", + "access_level": "List", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetImportJobs.html" + }, + "ListReadSetUploadParts": { + "privilege": "ListReadSetUploadParts", + "description": "Grants permission to list read set upload parts", + "access_level": "List", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetUploadParts.html" + }, + "ListReadSets": { + "privilege": "ListReadSets", + "description": "Grants permission to list Read Sets in the given Sequence Store", + "access_level": "List", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSets.html" + }, + "ListReferenceImportJobs": { + "privilege": "ListReferenceImportJobs", + "description": "Grants permission to list Reference import jobs for the given Reference Store", + "access_level": "List", + "resource_types": { + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferenceImportJobs.html" + }, + "ListReferenceStores": { + "privilege": "ListReferenceStores", + "description": "Grants permission to list Reference Stores", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferenceStores.html" + }, + "ListReferences": { + "privilege": "ListReferences", + "description": "Grants permission to list References in the given Reference Store", + "access_level": "List", + "resource_types": { + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferences.html" + }, + "ListRunGroups": { + "privilege": "ListRunGroups", + "description": "Grants permission to retrieve a list of workflow run groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListRunGroups.html" + }, + "ListRunTasks": { + "privilege": "ListRunTasks", + "description": "Grants permission to retrieve a list of tasks for a workflow run", + "access_level": "List", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListRunTasks.html" + }, + "ListRuns": { + "privilege": "ListRuns", + "description": "Grants permission to retrieve a list of workflow runs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListRuns.html" + }, + "ListSequenceStores": { + "privilege": "ListSequenceStores", + "description": "Grants permission to list Sequence Stores", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListSequenceStores.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of resource AWS tags", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListTagsForResource.html" + }, + "ListVariantImportJobs": { + "privilege": "ListVariantImportJobs", + "description": "Grants permission to get a list of Variant Import Jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListVariantImportJobs.html" + }, + "ListVariantStores": { + "privilege": "ListVariantStores", + "description": "Grants permission to retrieve a list of metadata for Variant Stores", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListVariantStores.html" + }, + "ListWorkflows": { + "privilege": "ListWorkflows", + "description": "Grants permission to retrieve a list of available workflows", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_ListWorkflows.html" + }, + "StartAnnotationImportJob": { + "privilege": "StartAnnotationImportJob", + "description": "Grants permission to import a list of Annotation files to an Annotation Store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartAnnotationImportJob.html" + }, + "StartReadSetActivationJob": { + "privilege": "StartReadSetActivationJob", + "description": "Grants permission to start a Read Set activation job from the given Sequence Store", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetActivationJob.html" + }, + "StartReadSetExportJob": { + "privilege": "StartReadSetExportJob", + "description": "Grants permission to start a Read Set export job from the given Sequence Store", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetExportJob.html" + }, + "StartReadSetImportJob": { + "privilege": "StartReadSetImportJob", + "description": "Grants permission to start a Read Set import job into the given Sequence Store", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetImportJob.html" + }, + "StartReferenceImportJob": { + "privilege": "StartReferenceImportJob", + "description": "Grants permission to start a Reference import job into the given Reference Store", + "access_level": "Write", + "resource_types": { + "referenceStore": { + "resource_type": "referenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "referencestore": "referenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartReferenceImportJob.html" + }, + "StartRun": { + "privilege": "StartRun", + "description": "Grants permission to start a workflow run", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartRun.html" + }, + "StartVariantImportJob": { + "privilege": "StartVariantImportJob", + "description": "Grants permission to import a list of variant files to an Variant Store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_StartVariantImportJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add AWS tags to a resource", + "access_level": "Tagging", + "resource_types": { + "readSet": { + "resource_type": "readSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reference": { + "resource_type": "reference", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "referenceStore": { + "resource_type": "referenceStore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "run": { + "resource_type": "run", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "runGroup": { + "resource_type": "runGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sequenceStore": { + "resource_type": "sequenceStore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readset": "readSet", + "reference": "reference", + "referencestore": "referenceStore", + "run": "run", + "rungroup": "runGroup", + "sequencestore": "sequenceStore", + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove resource AWS tags", + "access_level": "Tagging", + "resource_types": { + "readSet": { + "resource_type": "readSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reference": { + "resource_type": "reference", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "referenceStore": { + "resource_type": "referenceStore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "run": { + "resource_type": "run", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "runGroup": { + "resource_type": "runGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sequenceStore": { + "resource_type": "sequenceStore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readset": "readSet", + "reference": "reference", + "referencestore": "referenceStore", + "run": "run", + "rungroup": "runGroup", + "sequencestore": "sequenceStore", + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UntagResource.html" + }, + "UpdateAnnotationStore": { + "privilege": "UpdateAnnotationStore", + "description": "Grants permission to update information about the Annotation Store", + "access_level": "Write", + "resource_types": { + "AnnotationStore": { + "resource_type": "AnnotationStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "annotationstore": "AnnotationStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateAnnotationStore.html" + }, + "UpdateRunGroup": { + "privilege": "UpdateRunGroup", + "description": "Grants permission to update a workflow run group", + "access_level": "Write", + "resource_types": { + "runGroup": { + "resource_type": "runGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rungroup": "runGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateRunGroup.html" + }, + "UpdateVariantStore": { + "privilege": "UpdateVariantStore", + "description": "Grants permission to update metadata about the Variant Store", + "access_level": "Write", + "resource_types": { + "VariantStore": { + "resource_type": "VariantStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "variantstore": "VariantStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateVariantStore.html" + }, + "UpdateWorkflow": { + "privilege": "UpdateWorkflow", + "description": "Grants permission to update workflow details", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateWorkflow.html" + }, + "UploadReadSetPart": { + "privilege": "UploadReadSetPart", + "description": "Grants permission to upload read set parts", + "access_level": "Write", + "resource_types": { + "sequenceStore": { + "resource_type": "sequenceStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sequencestore": "sequenceStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/omics/latest/api/API_UploadReadSetPart.html" + } + }, + "privileges_lower_name": { + "abortmultipartreadsetupload": "AbortMultipartReadSetUpload", + "batchdeletereadset": "BatchDeleteReadSet", + "cancelannotationimportjob": "CancelAnnotationImportJob", + "cancelrun": "CancelRun", + "cancelvariantimportjob": "CancelVariantImportJob", + "completemultipartreadsetupload": "CompleteMultipartReadSetUpload", + "createannotationstore": "CreateAnnotationStore", + "createmultipartreadsetupload": "CreateMultipartReadSetUpload", + "createreferencestore": "CreateReferenceStore", + "createrungroup": "CreateRunGroup", + "createsequencestore": "CreateSequenceStore", + "createvariantstore": "CreateVariantStore", + "createworkflow": "CreateWorkflow", + "deleteannotationstore": "DeleteAnnotationStore", + "deletereference": "DeleteReference", + "deletereferencestore": "DeleteReferenceStore", + "deleterun": "DeleteRun", + "deleterungroup": "DeleteRunGroup", + "deletesequencestore": "DeleteSequenceStore", + "deletevariantstore": "DeleteVariantStore", + "deleteworkflow": "DeleteWorkflow", + "getannotationimportjob": "GetAnnotationImportJob", + "getannotationstore": "GetAnnotationStore", + "getreadset": "GetReadSet", + "getreadsetactivationjob": "GetReadSetActivationJob", + "getreadsetexportjob": "GetReadSetExportJob", + "getreadsetimportjob": "GetReadSetImportJob", + "getreadsetmetadata": "GetReadSetMetadata", + "getreference": "GetReference", + "getreferenceimportjob": "GetReferenceImportJob", + "getreferencemetadata": "GetReferenceMetadata", + "getreferencestore": "GetReferenceStore", + "getrun": "GetRun", + "getrungroup": "GetRunGroup", + "getruntask": "GetRunTask", + "getsequencestore": "GetSequenceStore", + "getvariantimportjob": "GetVariantImportJob", + "getvariantstore": "GetVariantStore", + "getworkflow": "GetWorkflow", + "listannotationimportjobs": "ListAnnotationImportJobs", + "listannotationstores": "ListAnnotationStores", + "listmultipartreadsetuploads": "ListMultipartReadSetUploads", + "listreadsetactivationjobs": "ListReadSetActivationJobs", + "listreadsetexportjobs": "ListReadSetExportJobs", + "listreadsetimportjobs": "ListReadSetImportJobs", + "listreadsetuploadparts": "ListReadSetUploadParts", + "listreadsets": "ListReadSets", + "listreferenceimportjobs": "ListReferenceImportJobs", + "listreferencestores": "ListReferenceStores", + "listreferences": "ListReferences", + "listrungroups": "ListRunGroups", + "listruntasks": "ListRunTasks", + "listruns": "ListRuns", + "listsequencestores": "ListSequenceStores", + "listtagsforresource": "ListTagsForResource", + "listvariantimportjobs": "ListVariantImportJobs", + "listvariantstores": "ListVariantStores", + "listworkflows": "ListWorkflows", + "startannotationimportjob": "StartAnnotationImportJob", + "startreadsetactivationjob": "StartReadSetActivationJob", + "startreadsetexportjob": "StartReadSetExportJob", + "startreadsetimportjob": "StartReadSetImportJob", + "startreferenceimportjob": "StartReferenceImportJob", + "startrun": "StartRun", + "startvariantimportjob": "StartVariantImportJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateannotationstore": "UpdateAnnotationStore", + "updaterungroup": "UpdateRunGroup", + "updatevariantstore": "UpdateVariantStore", + "updateworkflow": "UpdateWorkflow", + "uploadreadsetpart": "UploadReadSetPart" + }, + "resources": { + "AnnotationImportJob": { + "resource": "AnnotationImportJob", + "arn": "arn:${Partition}:omics:${Region}:${Account}:annotationImportJob/${AnnotationImportJobId}", + "condition_keys": [ + "omics:AnnotationImportJobJobId" + ] + }, + "AnnotationStore": { + "resource": "AnnotationStore", + "arn": "arn:${Partition}:omics:${Region}:${Account}:annotationStore/${AnnotationStoreId}", + "condition_keys": [ + "omics:AnnotationStoreName" + ] + }, + "readSet": { + "resource": "readSet", + "arn": "arn:${Partition}:omics:${Region}:${Account}:sequenceStore/${SequenceStoreId}/readSet/${ReadSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "reference": { + "resource": "reference", + "arn": "arn:${Partition}:omics:${Region}:${Account}:referenceStore/${ReferenceStoreId}/reference/${ReferenceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "referenceStore": { + "resource": "referenceStore", + "arn": "arn:${Partition}:omics:${Region}:${Account}:referenceStore/${ReferenceStoreId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "run": { + "resource": "run", + "arn": "arn:${Partition}:omics:${Region}:${Account}:run/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "runGroup": { + "resource": "runGroup", + "arn": "arn:${Partition}:omics:${Region}:${Account}:runGroup/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "sequenceStore": { + "resource": "sequenceStore", + "arn": "arn:${Partition}:omics:${Region}:${Account}:sequenceStore/${SequenceStoreId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "TaggingResource": { + "resource": "TaggingResource", + "arn": "arn:${Partition}:omics:${Region}:${Account}:tag/${TagKey}", + "condition_keys": [] + }, + "TaskResource": { + "resource": "TaskResource", + "arn": "arn:${Partition}:omics:${Region}:${Account}:task/${Id}", + "condition_keys": [] + }, + "VariantImportJob": { + "resource": "VariantImportJob", + "arn": "arn:${Partition}:omics:${Region}:${Account}:variantImportJob/${VariantImportJobId}", + "condition_keys": [ + "omics:VariantImportJobJobId" + ] + }, + "VariantStore": { + "resource": "VariantStore", + "arn": "arn:${Partition}:omics:${Region}:${Account}:variantStore/${VariantStoreId}", + "condition_keys": [ + "omics:VariantStoreName" + ] + }, + "workflow": { + "resource": "workflow", + "arn": "arn:${Partition}:omics:${Region}:${Account}:workflow/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "annotationimportjob": "AnnotationImportJob", + "annotationstore": "AnnotationStore", + "readset": "readSet", + "reference": "reference", + "referencestore": "referenceStore", + "run": "run", + "rungroup": "runGroup", + "sequencestore": "sequenceStore", + "taggingresource": "TaggingResource", + "taskresource": "TaskResource", + "variantimportjob": "VariantImportJob", + "variantstore": "VariantStore", + "workflow": "workflow" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "omics:AnnotationImportJobJobId": { + "condition": "omics:AnnotationImportJobJobId", + "description": "Filters access by a unique resource identifier", + "type": "String" + }, + "omics:AnnotationStoreName": { + "condition": "omics:AnnotationStoreName", + "description": "Filters access by the name of the store", + "type": "String" + }, + "omics:VariantImportJobJobId": { + "condition": "omics:VariantImportJobJobId", + "description": "Filters access by a unique resource identifier", + "type": "String" + }, + "omics:VariantStoreName": { + "condition": "omics:VariantStoreName", + "description": "Filters access by the name of the store", + "type": "String" + } + } + }, + "osis": { + "service_name": "Amazon OpenSearch Ingestion", + "prefix": "osis", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonopensearchingestion.html", + "privileges": { + "CreatePipeline": { + "privilege": "CreatePipeline", + "description": "Grants permission to create an OpenSearch Ingestion pipeline", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreatePipeline.html" + }, + "DeletePipeline": { + "privilege": "DeletePipeline", + "description": "Grants permission to delete an OpenSearch Ingestion pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DeletePipeline.html" + }, + "GetPipeline": { + "privilege": "GetPipeline", + "description": "Grants permission to retrieve configuration information for an OpenSearch Ingestion pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_GetPipeline.html" + }, + "GetPipelineBlueprint": { + "privilege": "GetPipelineBlueprint", + "description": "Grants permission to get the contents of an OpenSearch Ingestion pipeline blueprint", + "access_level": "Read", + "resource_types": { + "pipeline-blueprint": { + "resource_type": "pipeline-blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-blueprint": "pipeline-blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_GetPipelineBlueprint.html" + }, + "GetPipelineChangeProgress": { + "privilege": "GetPipelineChangeProgress", + "description": "Grants permission to get granular information about the status of an OpenSearch Ingestion pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_GetPipelineChangeProgress.html" + }, + "Ingest": { + "privilege": "Ingest", + "description": "Grants permission to ingest data through an OpenSearch Ingestion pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configure-client.html" + }, + "ListPipelineBlueprints": { + "privilege": "ListPipelineBlueprints", + "description": "Grants permission to list the names of available blueprints for an OpenSearch Ingestion pipeline configuration", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListPipelineBlueprints.html" + }, + "ListPipelines": { + "privilege": "ListPipelines", + "description": "Grants permission to list basic configuration for each OpenSearch Ingestion pipeline in the current account and Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListPipelines.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all resource tags associated with an OpenSearch Ingestion pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListTagsForResource.html" + }, + "StartPipeline": { + "privilege": "StartPipeline", + "description": "Grants permission to start an OpenSearch Ingestion pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_StartPipeline.html" + }, + "StopPipeline": { + "privilege": "StopPipeline", + "description": "Grants permission to stop an OpenSearch Ingestion pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_StopPipeline.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to attach resource tags to an OpenSearch Ingestion pipeline", + "access_level": "Tagging", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove resource tags from an OpenSearch Ingestion Service pipeline", + "access_level": "Tagging", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UntagResource.html" + }, + "UpdatePipeline": { + "privilege": "UpdatePipeline", + "description": "Grants permission to modify the configuration of an OpenSearch Ingestion pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UpdatePipeline.html" + }, + "ValidatePipeline": { + "privilege": "ValidatePipeline", + "description": "Grants permission to validate the configuration of an OpenSearch Ingestion pipeline", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ValidatePipeline.html" + } + }, + "privileges_lower_name": { + "createpipeline": "CreatePipeline", + "deletepipeline": "DeletePipeline", + "getpipeline": "GetPipeline", + "getpipelineblueprint": "GetPipelineBlueprint", + "getpipelinechangeprogress": "GetPipelineChangeProgress", + "ingest": "Ingest", + "listpipelineblueprints": "ListPipelineBlueprints", + "listpipelines": "ListPipelines", + "listtagsforresource": "ListTagsForResource", + "startpipeline": "StartPipeline", + "stoppipeline": "StopPipeline", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatepipeline": "UpdatePipeline", + "validatepipeline": "ValidatePipeline" + }, + "resources": { + "pipeline": { + "resource": "pipeline", + "arn": "arn:${Partition}:osis:${Region}:${Account}:pipeline/${PipelineName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "pipeline-blueprint": { + "resource": "pipeline-blueprint", + "arn": "arn:${Partition}:osis:${Region}:${Account}:blueprint/${BlueprintName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "pipeline": "pipeline", + "pipeline-blueprint": "pipeline-blueprint" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "aoss": { + "service_name": "Amazon OpenSearch Serverless", + "prefix": "aoss", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonopensearchserverless.html", + "privileges": { + "APIAccessAll": { + "privilege": "APIAccessAll", + "description": "Grant permission to all the supported Opensearch APIs", + "access_level": "Write", + "resource_types": { + "Collection": { + "resource_type": "Collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "Collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_APIAccessAll.html" + }, + "BatchGetCollection": { + "privilege": "BatchGetCollection", + "description": "Grants permission to get attributes for one or more collections", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_BatchGetCollection.html" + }, + "BatchGetVpcEndpoint": { + "privilege": "BatchGetVpcEndpoint", + "description": "Grants permission to get attributes for one or more VPC endpoints", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_BatchGetVpcEndpoint.html" + }, + "CreateAccessPolicy": { + "privilege": "CreateAccessPolicy", + "description": "Grants permission to create a data access policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateAccessPolicy.html" + }, + "CreateCollection": { + "privilege": "CreateCollection", + "description": "Grants permission to create a serverless collection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateCollection.html" + }, + "CreateSecurityConfig": { + "privilege": "CreateSecurityConfig", + "description": "Grants permission to create a serverless security configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateSecurityConfig.html" + }, + "CreateSecurityPolicy": { + "privilege": "CreateSecurityPolicy", + "description": "Grants permission to create a network or encryption policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateSecurityPolicy.html" + }, + "CreateVpcEndpoint": { + "privilege": "CreateVpcEndpoint", + "description": "Grants permission to create an OpenSearch-Serverless-managed interface VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_CreateVpcEndpoint.html" + }, + "DashboardsAccessAll": { + "privilege": "DashboardsAccessAll", + "description": "Grants permission to Opensearch Serverless Dashboards", + "access_level": "Write", + "resource_types": { + "Dashboards": { + "resource_type": "Dashboards", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboards": "Dashboards" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DashboardsAccessAll.html" + }, + "DeleteAccessPolicy": { + "privilege": "DeleteAccessPolicy", + "description": "Grants permission to delete a data access policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteAccessPolicy.html" + }, + "DeleteCollection": { + "privilege": "DeleteCollection", + "description": "Grants permission to delete a serverless collection", + "access_level": "Write", + "resource_types": { + "Collection": { + "resource_type": "Collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "Collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteCollection.html" + }, + "DeleteSecurityConfig": { + "privilege": "DeleteSecurityConfig", + "description": "Grants permission to delete a security configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteSecurityConfig.html" + }, + "DeleteSecurityPolicy": { + "privilege": "DeleteSecurityPolicy", + "description": "Grants permission to delete a security policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteSecurityPolicy.html" + }, + "DeleteVpcEndpoint": { + "privilege": "DeleteVpcEndpoint", + "description": "Grants permission to delete an OpenSearch Serverless-managed interface VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_DeleteVpcEndpoint.html" + }, + "GetAccessPolicy": { + "privilege": "GetAccessPolicy", + "description": "Grants permission to get information about a data access policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetAccessPolicy.html" + }, + "GetAccountSettings": { + "privilege": "GetAccountSettings", + "description": "Grants permission to get account settings, including capacity settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetAccountSettings.html" + }, + "GetPoliciesStats": { + "privilege": "GetPoliciesStats", + "description": "Grants permission to get statistis about the security policies in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetPoliciesStats.html" + }, + "GetSecurityConfig": { + "privilege": "GetSecurityConfig", + "description": "Grants permission to get information about a serverless security configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetSecurityConfig.html" + }, + "GetSecurityPolicy": { + "privilege": "GetSecurityPolicy", + "description": "Grants permission to get information about a security policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetSecurityPolicy.html" + }, + "ListAccessPolicies": { + "privilege": "ListAccessPolicies", + "description": "Grants permission to list data access policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListAccessPolicies.html" + }, + "ListCollections": { + "privilege": "ListCollections", + "description": "Grants permission to list collections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListCollections.html" + }, + "ListSecurityConfigs": { + "privilege": "ListSecurityConfigs", + "description": "Grants permission to list security configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListSecurityConfigs.html" + }, + "ListSecurityPolicies": { + "privilege": "ListSecurityPolicies", + "description": "Grants permission to list security policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListSecurityPolicies.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a collection", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListTagsForResource.html" + }, + "ListVpcEndpoints": { + "privilege": "ListVpcEndpoints", + "description": "Grants permission to list OpenSearch Serverless-managed VPC endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_ListVpcEndpoints.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a serverless collection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a collection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UntagResource.html" + }, + "UpdateAccessPolicy": { + "privilege": "UpdateAccessPolicy", + "description": "Grants permission to update a data access policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateAccessPolicy.html" + }, + "UpdateAccountSettings": { + "privilege": "UpdateAccountSettings", + "description": "Grants permission to update account settings, including capacity settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateAccountSettings.html" + }, + "UpdateCollection": { + "privilege": "UpdateCollection", + "description": "Grants permission to update a collection", + "access_level": "Write", + "resource_types": { + "Collection": { + "resource_type": "Collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "Collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateCollection.html" + }, + "UpdateSecurityConfig": { + "privilege": "UpdateSecurityConfig", + "description": "Grants permission to update a security configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateSecurityConfig.html" + }, + "UpdateSecurityPolicy": { + "privilege": "UpdateSecurityPolicy", + "description": "Grants permission to update a security policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateSecurityPolicy.html" + }, + "UpdateVpcEndpoint": { + "privilege": "UpdateVpcEndpoint", + "description": "Grants permission to update an OpenSearch Serverless-managed VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_UpdateVpcEndpoint.html" + } + }, + "privileges_lower_name": { + "apiaccessall": "APIAccessAll", + "batchgetcollection": "BatchGetCollection", + "batchgetvpcendpoint": "BatchGetVpcEndpoint", + "createaccesspolicy": "CreateAccessPolicy", + "createcollection": "CreateCollection", + "createsecurityconfig": "CreateSecurityConfig", + "createsecuritypolicy": "CreateSecurityPolicy", + "createvpcendpoint": "CreateVpcEndpoint", + "dashboardsaccessall": "DashboardsAccessAll", + "deleteaccesspolicy": "DeleteAccessPolicy", + "deletecollection": "DeleteCollection", + "deletesecurityconfig": "DeleteSecurityConfig", + "deletesecuritypolicy": "DeleteSecurityPolicy", + "deletevpcendpoint": "DeleteVpcEndpoint", + "getaccesspolicy": "GetAccessPolicy", + "getaccountsettings": "GetAccountSettings", + "getpoliciesstats": "GetPoliciesStats", + "getsecurityconfig": "GetSecurityConfig", + "getsecuritypolicy": "GetSecurityPolicy", + "listaccesspolicies": "ListAccessPolicies", + "listcollections": "ListCollections", + "listsecurityconfigs": "ListSecurityConfigs", + "listsecuritypolicies": "ListSecurityPolicies", + "listtagsforresource": "ListTagsForResource", + "listvpcendpoints": "ListVpcEndpoints", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccesspolicy": "UpdateAccessPolicy", + "updateaccountsettings": "UpdateAccountSettings", + "updatecollection": "UpdateCollection", + "updatesecurityconfig": "UpdateSecurityConfig", + "updatesecuritypolicy": "UpdateSecurityPolicy", + "updatevpcendpoint": "UpdateVpcEndpoint" + }, + "resources": { + "Collection": { + "resource": "Collection", + "arn": "arn:${Partition}:aoss:${Region}:${Account}:collection/${CollectionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Dashboards": { + "resource": "Dashboards", + "arn": "arn:${Partition}:aoss:${Region}:${Account}:dashboards/default", + "condition_keys": [] + } + }, + "resources_lower_name": { + "collection": "Collection", + "dashboards": "Dashboards" + }, + "conditions": { + "aoss:CollectionId": { + "condition": "aoss:CollectionId", + "description": "Filters access by the identifier of the collection", + "type": "String" + }, + "aoss:collection": { + "condition": "aoss:collection", + "description": "Filters access by the collection name", + "type": "String" + }, + "aoss:index": { + "condition": "aoss:index", + "description": "Filters access by the index", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "es": { + "service_name": "Amazon OpenSearch Service", + "prefix": "es", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonopensearchservice.html", + "privileges": { + "AcceptInboundConnection": { + "privilege": "AcceptInboundConnection", + "description": "Grants permission to the destination domain owner to accept an inbound cross-cluster search connection request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-accept-inbound-cross-cluster-search-connection" + }, + "AcceptInboundCrossClusterSearchConnection": { + "privilege": "AcceptInboundCrossClusterSearchConnection", + "description": "Grants permission to the destination domain owner to accept an inbound cross-cluster search connection request. This permission is deprecated. Use AcceptInboundConnection instead", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-accept-inbound-cross-cluster-search-connection" + }, + "AddTags": { + "privilege": "AddTags", + "description": "Grants permission to attach resource tags to an OpenSearch Service domain", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-addtags" + }, + "AssociatePackage": { + "privilege": "AssociatePackage", + "description": "Grants permission to associate a package with an OpenSearch Service domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-associatepackage" + }, + "AuthorizeVpcEndpointAccess": { + "privilege": "AuthorizeVpcEndpointAccess", + "description": "Grants permission to provide access to an Amazon OpenSearch Service domain through the use of an interface VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_AuthorizeVpcEndpointAccess.html" + }, + "CancelElasticsearchServiceSoftwareUpdate": { + "privilege": "CancelElasticsearchServiceSoftwareUpdate", + "description": "Grants permission to cancel a service software update of a domain. This permission is deprecated. Use CancelServiceSoftwareUpdate instead", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-stopupdate" + }, + "CancelServiceSoftwareUpdate": { + "privilege": "CancelServiceSoftwareUpdate", + "description": "Grants permission to cancel a service software update of a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-stopupdate" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Grants permission to create an Amazon OpenSearch Service domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createdomain" + }, + "CreateElasticsearchDomain": { + "privilege": "CreateElasticsearchDomain", + "description": "Grants permission to create an OpenSearch Service domain. This permission is deprecated. Use CreateDomain instead", + "access_level": "Permissions management", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createdomain" + }, + "CreateElasticsearchServiceRole": { + "privilege": "CreateElasticsearchServiceRole", + "description": "Grants permission to create the service-linked role required for OpenSearch Service domains that use VPC access. This permission is deprecated. OpenSearch Service creates the service-linked role for you", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createservicerole" + }, + "CreateOutboundConnection": { + "privilege": "CreateOutboundConnection", + "description": "Grants permission to create a new cross-cluster search connection from a source domain to a destination domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-create-outbound-cross-cluster-search-connection" + }, + "CreateOutboundCrossClusterSearchConnection": { + "privilege": "CreateOutboundCrossClusterSearchConnection", + "description": "Grants permission to create a new cross-cluster search connection from a source domain to a destination domain. This permission is deprecated. Use CreateOutboundConnection instead", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-create-outbound-cross-cluster-search-connection" + }, + "CreatePackage": { + "privilege": "CreatePackage", + "description": "Grants permission to add a package for use with OpenSearch Service domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createpackage" + }, + "CreateServiceRole": { + "privilege": "CreateServiceRole", + "description": "Grants permission to create the service-linked role required for Amazon OpenSearch Service domains that use VPC access", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-createservicerole" + }, + "CreateVpcEndpoint": { + "privilege": "CreateVpcEndpoint", + "description": "Grants permission to create an Amazon OpenSearch Service-managed VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateVpcEndpoint.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete an Amazon OpenSearch Service domain and all of its data", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deletedomain" + }, + "DeleteElasticsearchDomain": { + "privilege": "DeleteElasticsearchDomain", + "description": "Grants permission to delete an OpenSearch Service domain and all of its data. This permission is deprecated. Use DeleteDomain instead", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deletedomain" + }, + "DeleteElasticsearchServiceRole": { + "privilege": "DeleteElasticsearchServiceRole", + "description": "Grants permission to delete the service-linked role required for OpenSearch Service domains that use VPC access. This permission is deprecated. Use the IAM API to delete service-linked roles", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deleteservicerole" + }, + "DeleteInboundConnection": { + "privilege": "DeleteInboundConnection", + "description": "Grants permission to the destination domain owner to delete an existing inbound cross-cluster search connection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-inbound-cross-cluster-search-connection" + }, + "DeleteInboundCrossClusterSearchConnection": { + "privilege": "DeleteInboundCrossClusterSearchConnection", + "description": "Grants permission to the destination domain owner to delete an existing inbound cross-cluster search connection. This permission is deprecated. Use DeleteInboundConnection instead", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-inbound-cross-cluster-search-connection" + }, + "DeleteOutboundConnection": { + "privilege": "DeleteOutboundConnection", + "description": "Grants permission to the source domain owner to delete an existing outbound cross-cluster search connection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-outbound-cross-cluster-search-connection" + }, + "DeleteOutboundCrossClusterSearchConnection": { + "privilege": "DeleteOutboundCrossClusterSearchConnection", + "description": "Grants permission to the source domain owner to delete an existing outbound cross-cluster search connection. This permission is deprecated. Use DeleteOutboundConnection instead", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-delete-outbound-cross-cluster-search-connection" + }, + "DeletePackage": { + "privilege": "DeletePackage", + "description": "Grants permission to delete a package from OpenSearch Service. The package cannot be associated with any domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-deletepackage" + }, + "DeleteVpcEndpoint": { + "privilege": "DeleteVpcEndpoint", + "description": "Grants permission to delete an Amazon OpenSearch Service-managed interface VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DeleteVpcEndpoint.html" + }, + "DescribeDomain": { + "privilege": "DescribeDomain", + "description": "Grants permission to view a description of the domain configuration for the specified OpenSearch Service domain, including the domain ID, service endpoint, and ARN", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomain" + }, + "DescribeDomainAutoTunes": { + "privilege": "DescribeDomainAutoTunes", + "description": "Grants permission to view the Auto-Tune configuration of the domain for the specified OpenSearch Service domain, including the Auto-Tune state and maintenance schedules", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describeautotune" + }, + "DescribeDomainChangeProgress": { + "privilege": "DescribeDomainChangeProgress", + "description": "Grants permission to view detail stage progress of an OpenSearch Service domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomainchangeprogress" + }, + "DescribeDomainConfig": { + "privilege": "DescribeDomainConfig", + "description": "Grants permission to view a description of the configuration options and status of an OpenSearch Service domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomainconfig" + }, + "DescribeDomainHealth": { + "privilege": "DescribeDomainHealth", + "description": "Grants permission to view information about domain and node health, the standby Availability Zone, number of nodes per Availability Zone, and shard count per node", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeDomainHealth.html" + }, + "DescribeDomainNodes": { + "privilege": "DescribeDomainNodes", + "description": "Grants permission to view information about nodes configured for the domain and their configurations- the node id, type of node, status of node, Availability Zone, instance type and storage", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeDomainNodes.html" + }, + "DescribeDomains": { + "privilege": "DescribeDomains", + "description": "Grants permission to view a description of the domain configuration for up to five specified OpenSearch Service domains", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomains" + }, + "DescribeDryRunProgress": { + "privilege": "DescribeDryRunProgress", + "description": "Grants permission to describe the status of a pre-update validation check on an OpenSearch Service domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeDryRunProgress.html" + }, + "DescribeElasticsearchDomain": { + "privilege": "DescribeElasticsearchDomain", + "description": "Grants permission to view a description of the domain configuration for the specified OpenSearch Service domain, including the domain ID, service endpoint, and ARN. This permission is deprecated. Use DescribeDomain instead", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomain" + }, + "DescribeElasticsearchDomainConfig": { + "privilege": "DescribeElasticsearchDomainConfig", + "description": "Grants permission to view a description of the configuration and status of an OpenSearch Service domain. This permission is deprecated. Use DescribeDomainConfig instead", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomainconfig" + }, + "DescribeElasticsearchDomains": { + "privilege": "DescribeElasticsearchDomains", + "description": "Grants permission to view a description of the domain configuration for up to five specified Amazon OpenSearch domains. This permission is deprecated. Use DescribeDomains instead", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describedomains" + }, + "DescribeElasticsearchInstanceTypeLimits": { + "privilege": "DescribeElasticsearchInstanceTypeLimits", + "description": "Grants permission to view the instance count, storage, and master node limits for a given OpenSearch version and instance type. This permission is deprecated. Use DescribeInstanceTypeLimits instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describeinstancetypelimits" + }, + "DescribeInboundConnections": { + "privilege": "DescribeInboundConnections", + "description": "Grants permission to list all the inbound cross-cluster search connections for a destination domain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-inbound-cross-cluster-search-connections" + }, + "DescribeInboundCrossClusterSearchConnections": { + "privilege": "DescribeInboundCrossClusterSearchConnections", + "description": "Grants permission to list all the inbound cross-cluster search connections for a destination domain. This permission is deprecated. Use DescribeInboundConnections instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-inbound-cross-cluster-search-connections" + }, + "DescribeInstanceTypeLimits": { + "privilege": "DescribeInstanceTypeLimits", + "description": "Grants permission to view the instance count, storage, and master node limits for a given engine version and instance type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describeinstancetypelimits" + }, + "DescribeOutboundConnections": { + "privilege": "DescribeOutboundConnections", + "description": "Grants permission to list all the outbound cross-cluster search connections for a source domain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-outbound-cross-cluster-search-connections" + }, + "DescribeOutboundCrossClusterSearchConnections": { + "privilege": "DescribeOutboundCrossClusterSearchConnections", + "description": "Grants permission to list all the outbound cross-cluster search connections for a source domain. This permission is deprecated. Use DescribeOutboundConnections instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describe-outbound-cross-cluster-search-connections" + }, + "DescribePackages": { + "privilege": "DescribePackages", + "description": "Grants permission to describe all packages available to OpenSearch Service domains", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describepackages" + }, + "DescribeReservedElasticsearchInstanceOfferings": { + "privilege": "DescribeReservedElasticsearchInstanceOfferings", + "description": "Grants permission to fetch Reserved Instance offerings for Amazon OpenSearch Service. This permission is deprecated. Use DescribeReservedInstanceOfferings instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstanceofferings" + }, + "DescribeReservedElasticsearchInstances": { + "privilege": "DescribeReservedElasticsearchInstances", + "description": "Grants permission to fetch OpenSearch Service Reserved Instances that have already been purchased. This permission is deprecated. Use DescribeReservedInstances instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstances" + }, + "DescribeReservedInstanceOfferings": { + "privilege": "DescribeReservedInstanceOfferings", + "description": "Grants permission to fetch Reserved Instance offerings for OpenSearch Service", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstanceofferings" + }, + "DescribeReservedInstances": { + "privilege": "DescribeReservedInstances", + "description": "Grants permission to fetch OpenSearch Service Reserved Instances that have already been purchased", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-describereservedinstances" + }, + "DescribeVpcEndpoints": { + "privilege": "DescribeVpcEndpoints", + "description": "Grants permission to describe one or more Amazon OpenSearch Service-managed VPC endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_DescribeVpcEndpoints.html" + }, + "DissociatePackage": { + "privilege": "DissociatePackage", + "description": "Grants permission to disassociate a package from the specified OpenSearch Service domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-dissociatepackage" + }, + "ESCrossClusterGet": { + "privilege": "ESCrossClusterGet", + "description": "Grants permission to send cross-cluster requests to a destination domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" + }, + "ESHttpDelete": { + "privilege": "ESHttpDelete", + "description": "Grants permission to send HTTP DELETE requests to the OpenSearch APIs", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" + }, + "ESHttpGet": { + "privilege": "ESHttpGet", + "description": "Grants permission to send HTTP GET requests to the OpenSearch APIs", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" + }, + "ESHttpHead": { + "privilege": "ESHttpHead", + "description": "Grants permission to send HTTP HEAD requests to the OpenSearch APIs", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" + }, + "ESHttpPatch": { + "privilege": "ESHttpPatch", + "description": "Grants permission to send HTTP PATCH requests to the OpenSearch APIs", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" + }, + "ESHttpPost": { + "privilege": "ESHttpPost", + "description": "Grants permission to send HTTP POST requests to the OpenSearch APIs", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" + }, + "ESHttpPut": { + "privilege": "ESHttpPut", + "description": "Grants permission to send HTTP PUT requests to the OpenSearch APIs", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-reference" + }, + "GetCompatibleElasticsearchVersions": { + "privilege": "GetCompatibleElasticsearchVersions", + "description": "Grants permission to fetch a list of compatible OpenSearch and Elasticsearch versions to which an OpenSearch Service domain can be upgraded. This permission is deprecated. Use GetCompatibleVersions instead", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-compat-vers" + }, + "GetCompatibleVersions": { + "privilege": "GetCompatibleVersions", + "description": "Grants permission to fetch list of compatible engine versions to which an OpenSearch Service domain can be upgraded", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-compat-vers" + }, + "GetPackageVersionHistory": { + "privilege": "GetPackageVersionHistory", + "description": "Grants permission to fetch the version history for a package", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-pac-ver-hist" + }, + "GetUpgradeHistory": { + "privilege": "GetUpgradeHistory", + "description": "Grants permission to fetch the upgrade history of a given OpenSearch Service domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-upgrade-hist" + }, + "GetUpgradeStatus": { + "privilege": "GetUpgradeStatus", + "description": "Grants permission to fetch the upgrade status of a given OpenSearch Service domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-get-upgrade-stat" + }, + "ListDomainNames": { + "privilege": "ListDomainNames", + "description": "Grants permission to display the names of all OpenSearch Service domains that the current user owns", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listdomainnames" + }, + "ListDomainsForPackage": { + "privilege": "ListDomainsForPackage", + "description": "Grants permission to list all OpenSearch Service domains that a package is associated with", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listdomainsforpackage" + }, + "ListElasticsearchInstanceTypeDetails": { + "privilege": "ListElasticsearchInstanceTypeDetails", + "description": "Grants permission to list all instance types and available features for a given OpenSearch version. This permission is deprecated. Use ListInstanceTypeDetails instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listinstancetypedetails" + }, + "ListElasticsearchInstanceTypes": { + "privilege": "ListElasticsearchInstanceTypes", + "description": "Grants permission to list all EC2 instance types that are supported for a given OpenSearch version", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html" + }, + "ListElasticsearchVersions": { + "privilege": "ListElasticsearchVersions", + "description": "Grants permission to list all supported OpenSearch versions on Amazon OpenSearch Service. This permission is deprecated. Use ListVersions instead", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listversions" + }, + "ListInstanceTypeDetails": { + "privilege": "ListInstanceTypeDetails", + "description": "Grants permission to list all instance types and available features for a given OpenSearch or Elasticsearch version", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listinstancetypedetails" + }, + "ListPackagesForDomain": { + "privilege": "ListPackagesForDomain", + "description": "Grants permission to list all packages associated with the OpenSearch Service domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listpackagesfordomain" + }, + "ListScheduledActions": { + "privilege": "ListScheduledActions", + "description": "Grants permission to retrieve a list of configuration changes that are scheduled for a OpenSearch Service domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListScheduledActions.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to display all resource tags for an OpenSearch Service domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listtags" + }, + "ListVersions": { + "privilege": "ListVersions", + "description": "Grants permission to list all supported OpenSearch and Elasticsearch versions in Amazon OpenSearch Service", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-listversions" + }, + "ListVpcEndpointAccess": { + "privilege": "ListVpcEndpointAccess", + "description": "Grants permission to retrieve information about each AWS principal that is allowed to access a given Amazon OpenSearch Service domain through the use of an interface VPC endpoint", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListVpcEndpointAccess.html" + }, + "ListVpcEndpoints": { + "privilege": "ListVpcEndpoints", + "description": "Grants permission to retrieve all Amazon OpenSearch Service-managed VPC endpoints in the current AWS account and Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListVpcEndpoints.html" + }, + "ListVpcEndpointsForDomain": { + "privilege": "ListVpcEndpointsForDomain", + "description": "Grants permission to retrieve all Amazon OpenSearch Service-managed VPC endpoints associated with a particular domain", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_ListVpcEndpointsForDomain.html" + }, + "PurchaseReservedElasticsearchInstanceOffering": { + "privilege": "PurchaseReservedElasticsearchInstanceOffering", + "description": "Grants permission to purchase OpenSearch Service Reserved Instances. This permission is deprecated. Use PurchaseReservedInstanceOffering instead", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-purchasereservedinstance" + }, + "PurchaseReservedInstanceOffering": { + "privilege": "PurchaseReservedInstanceOffering", + "description": "Grants permission to purchase OpenSearch reserved instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-purchasereservedinstance" + }, + "RejectInboundConnection": { + "privilege": "RejectInboundConnection", + "description": "Grants permission to the destination domain owner to reject an inbound cross-cluster search connection request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-reject-inbound-cross-cluster-search-connection" + }, + "RejectInboundCrossClusterSearchConnection": { + "privilege": "RejectInboundCrossClusterSearchConnection", + "description": "Grants permission to the destination domain owner to reject an inbound cross-cluster search connection request. This permission is deprecated. Use RejectInboundConnection instead", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-reject-inbound-cross-cluster-search-connection" + }, + "RemoveTags": { + "privilege": "RemoveTags", + "description": "Grants permission to remove resource tags from an OpenSearch Service domain", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-removetags" + }, + "RevokeVpcEndpointAccess": { + "privilege": "RevokeVpcEndpointAccess", + "description": "Grants permission to revoke access to an Amazon OpenSearch Service domain that was provided through an interface VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_RevokeVpcEndpointAccess.html" + }, + "StartElasticsearchServiceSoftwareUpdate": { + "privilege": "StartElasticsearchServiceSoftwareUpdate", + "description": "Grants permission to start a service software update of a domain. This permission is deprecated. Use StartServiceSoftwareUpdate instead", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-startupdate" + }, + "StartServiceSoftwareUpdate": { + "privilege": "StartServiceSoftwareUpdate", + "description": "Grants permission to start a service software update of a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-startupdate" + }, + "UpdateDomainConfig": { + "privilege": "UpdateDomainConfig", + "description": "Grants permission to modify the configuration of an OpenSearch Service domain, such as the instance type or number of instances", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-updatedomainconfig" + }, + "UpdateElasticsearchDomainConfig": { + "privilege": "UpdateElasticsearchDomainConfig", + "description": "Grants permission to modify the configuration of an OpenSearch Service domain, such as the instance type or number of instances. This permission is deprecated. Use UpdateDomainConfig instead", + "access_level": "Permissions management", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-updatedomainconfig" + }, + "UpdatePackage": { + "privilege": "UpdatePackage", + "description": "Grants permission to update a package for use with OpenSearch Service domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-updatepackage" + }, + "UpdateScheduledAction": { + "privilege": "UpdateScheduledAction", + "description": "Grants permission to reschedule a planned OpenSearch Service domain configuration change for a later time", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UpdateScheduledAction.html" + }, + "UpdateVpcEndpoint": { + "privilege": "UpdateVpcEndpoint", + "description": "Grants permission to modify an Amazon OpenSearch Service-managed interface VPC endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_UpdateVpcEndpoint.html" + }, + "UpgradeDomain": { + "privilege": "UpgradeDomain", + "description": "Grants permission to initiate upgrade of an OpenSearch Service domain to a given version", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-upgrade-domain" + }, + "UpgradeElasticsearchDomain": { + "privilege": "UpgradeElasticsearchDomain", + "description": "Grants permission to initiate upgrade of an OpenSearch Service domain to a specified version. This permission is deprecated. Use UpgradeDomain instead", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-actions-upgrade-domain" + } + }, + "privileges_lower_name": { + "acceptinboundconnection": "AcceptInboundConnection", + "acceptinboundcrossclustersearchconnection": "AcceptInboundCrossClusterSearchConnection", + "addtags": "AddTags", + "associatepackage": "AssociatePackage", + "authorizevpcendpointaccess": "AuthorizeVpcEndpointAccess", + "cancelelasticsearchservicesoftwareupdate": "CancelElasticsearchServiceSoftwareUpdate", + "cancelservicesoftwareupdate": "CancelServiceSoftwareUpdate", + "createdomain": "CreateDomain", + "createelasticsearchdomain": "CreateElasticsearchDomain", + "createelasticsearchservicerole": "CreateElasticsearchServiceRole", + "createoutboundconnection": "CreateOutboundConnection", + "createoutboundcrossclustersearchconnection": "CreateOutboundCrossClusterSearchConnection", + "createpackage": "CreatePackage", + "createservicerole": "CreateServiceRole", + "createvpcendpoint": "CreateVpcEndpoint", + "deletedomain": "DeleteDomain", + "deleteelasticsearchdomain": "DeleteElasticsearchDomain", + "deleteelasticsearchservicerole": "DeleteElasticsearchServiceRole", + "deleteinboundconnection": "DeleteInboundConnection", + "deleteinboundcrossclustersearchconnection": "DeleteInboundCrossClusterSearchConnection", + "deleteoutboundconnection": "DeleteOutboundConnection", + "deleteoutboundcrossclustersearchconnection": "DeleteOutboundCrossClusterSearchConnection", + "deletepackage": "DeletePackage", + "deletevpcendpoint": "DeleteVpcEndpoint", + "describedomain": "DescribeDomain", + "describedomainautotunes": "DescribeDomainAutoTunes", + "describedomainchangeprogress": "DescribeDomainChangeProgress", + "describedomainconfig": "DescribeDomainConfig", + "describedomainhealth": "DescribeDomainHealth", + "describedomainnodes": "DescribeDomainNodes", + "describedomains": "DescribeDomains", + "describedryrunprogress": "DescribeDryRunProgress", + "describeelasticsearchdomain": "DescribeElasticsearchDomain", + "describeelasticsearchdomainconfig": "DescribeElasticsearchDomainConfig", + "describeelasticsearchdomains": "DescribeElasticsearchDomains", + "describeelasticsearchinstancetypelimits": "DescribeElasticsearchInstanceTypeLimits", + "describeinboundconnections": "DescribeInboundConnections", + "describeinboundcrossclustersearchconnections": "DescribeInboundCrossClusterSearchConnections", + "describeinstancetypelimits": "DescribeInstanceTypeLimits", + "describeoutboundconnections": "DescribeOutboundConnections", + "describeoutboundcrossclustersearchconnections": "DescribeOutboundCrossClusterSearchConnections", + "describepackages": "DescribePackages", + "describereservedelasticsearchinstanceofferings": "DescribeReservedElasticsearchInstanceOfferings", + "describereservedelasticsearchinstances": "DescribeReservedElasticsearchInstances", + "describereservedinstanceofferings": "DescribeReservedInstanceOfferings", + "describereservedinstances": "DescribeReservedInstances", + "describevpcendpoints": "DescribeVpcEndpoints", + "dissociatepackage": "DissociatePackage", + "escrossclusterget": "ESCrossClusterGet", + "eshttpdelete": "ESHttpDelete", + "eshttpget": "ESHttpGet", + "eshttphead": "ESHttpHead", + "eshttppatch": "ESHttpPatch", + "eshttppost": "ESHttpPost", + "eshttpput": "ESHttpPut", + "getcompatibleelasticsearchversions": "GetCompatibleElasticsearchVersions", + "getcompatibleversions": "GetCompatibleVersions", + "getpackageversionhistory": "GetPackageVersionHistory", + "getupgradehistory": "GetUpgradeHistory", + "getupgradestatus": "GetUpgradeStatus", + "listdomainnames": "ListDomainNames", + "listdomainsforpackage": "ListDomainsForPackage", + "listelasticsearchinstancetypedetails": "ListElasticsearchInstanceTypeDetails", + "listelasticsearchinstancetypes": "ListElasticsearchInstanceTypes", + "listelasticsearchversions": "ListElasticsearchVersions", + "listinstancetypedetails": "ListInstanceTypeDetails", + "listpackagesfordomain": "ListPackagesForDomain", + "listscheduledactions": "ListScheduledActions", + "listtags": "ListTags", + "listversions": "ListVersions", + "listvpcendpointaccess": "ListVpcEndpointAccess", + "listvpcendpoints": "ListVpcEndpoints", + "listvpcendpointsfordomain": "ListVpcEndpointsForDomain", + "purchasereservedelasticsearchinstanceoffering": "PurchaseReservedElasticsearchInstanceOffering", + "purchasereservedinstanceoffering": "PurchaseReservedInstanceOffering", + "rejectinboundconnection": "RejectInboundConnection", + "rejectinboundcrossclustersearchconnection": "RejectInboundCrossClusterSearchConnection", + "removetags": "RemoveTags", + "revokevpcendpointaccess": "RevokeVpcEndpointAccess", + "startelasticsearchservicesoftwareupdate": "StartElasticsearchServiceSoftwareUpdate", + "startservicesoftwareupdate": "StartServiceSoftwareUpdate", + "updatedomainconfig": "UpdateDomainConfig", + "updateelasticsearchdomainconfig": "UpdateElasticsearchDomainConfig", + "updatepackage": "UpdatePackage", + "updatescheduledaction": "UpdateScheduledAction", + "updatevpcendpoint": "UpdateVpcEndpoint", + "upgradedomain": "UpgradeDomain", + "upgradeelasticsearchdomain": "UpgradeElasticsearchDomain" + }, + "resources": { + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:es:${Region}:${Account}:domain/${DomainName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "es_role": { + "resource": "es_role", + "arn": "arn:${Partition}:iam::${Account}:role/aws-service-role/es.amazonaws.com/AWSServiceRoleForAmazonOpenSearchService", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "opensearchservice_role": { + "resource": "opensearchservice_role", + "arn": "arn:${Partition}:iam::${Account}:role/aws-service-role/opensearchservice.amazonaws.com/AWSServiceRoleForAmazonOpenSearchService", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "domain": "domain", + "es_role": "es_role", + "opensearchservice_role": "opensearchservice_role" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "String" + } + } + }, + "personalize": { + "service_name": "Amazon Personalize", + "prefix": "personalize", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpersonalize.html", + "privileges": { + "CreateBatchInferenceJob": { + "privilege": "CreateBatchInferenceJob", + "description": "Grants permission to create a batch inference job", + "access_level": "Write", + "resource_types": { + "batchInferenceJob": { + "resource_type": "batchInferenceJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchinferencejob": "batchInferenceJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateBatchInferenceJob.html" + }, + "CreateBatchSegmentJob": { + "privilege": "CreateBatchSegmentJob", + "description": "Grants permission to create a batch segment job", + "access_level": "Write", + "resource_types": { + "batchSegmentJob": { + "resource_type": "batchSegmentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchsegmentjob": "batchSegmentJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateBatchSegmentJob.html" + }, + "CreateCampaign": { + "privilege": "CreateCampaign", + "description": "Grants permission to create a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateCampaign.html" + }, + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Grants permission to create a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDataset.html" + }, + "CreateDatasetExportJob": { + "privilege": "CreateDatasetExportJob", + "description": "Grants permission to create a dataset export job", + "access_level": "Write", + "resource_types": { + "datasetExportJob": { + "resource_type": "datasetExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetexportjob": "datasetExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDatasetExportJob.html" + }, + "CreateDatasetGroup": { + "privilege": "CreateDatasetGroup", + "description": "Grants permission to create a dataset group", + "access_level": "Write", + "resource_types": { + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetgroup": "datasetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDatasetGroup.html" + }, + "CreateDatasetImportJob": { + "privilege": "CreateDatasetImportJob", + "description": "Grants permission to create a dataset import job", + "access_level": "Write", + "resource_types": { + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetimportjob": "datasetImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateDatasetImportJob.html" + }, + "CreateEventTracker": { + "privilege": "CreateEventTracker", + "description": "Grants permission to create an event tracker", + "access_level": "Write", + "resource_types": { + "eventTracker": { + "resource_type": "eventTracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventtracker": "eventTracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateEventTracker.html" + }, + "CreateFilter": { + "privilege": "CreateFilter", + "description": "Grants permission to create a filter", + "access_level": "Write", + "resource_types": { + "filter": { + "resource_type": "filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "filter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateFilter.html" + }, + "CreateMetricAttribution": { + "privilege": "CreateMetricAttribution", + "description": "Grants permission to create a metric attribution", + "access_level": "Write", + "resource_types": { + "metricAttribution": { + "resource_type": "metricAttribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metricattribution": "metricAttribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateMetricAttribution.html" + }, + "CreateRecommender": { + "privilege": "CreateRecommender", + "description": "Grants permission to create a recommender", + "access_level": "Write", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateRecommender.html" + }, + "CreateSchema": { + "privilege": "CreateSchema", + "description": "Grants permission to create a schema", + "access_level": "Write", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateSchema.html" + }, + "CreateSolution": { + "privilege": "CreateSolution", + "description": "Grants permission to create a solution", + "access_level": "Write", + "resource_types": { + "solution": { + "resource_type": "solution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solution": "solution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateSolution.html" + }, + "CreateSolutionVersion": { + "privilege": "CreateSolutionVersion", + "description": "Grants permission to create a solution version", + "access_level": "Write", + "resource_types": { + "solution": { + "resource_type": "solution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solution": "solution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_CreateSolutionVersion.html" + }, + "DeleteCampaign": { + "privilege": "DeleteCampaign", + "description": "Grants permission to delete a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteCampaign.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Grants permission to delete a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteDataset.html" + }, + "DeleteDatasetGroup": { + "privilege": "DeleteDatasetGroup", + "description": "Grants permission to delete a dataset group", + "access_level": "Write", + "resource_types": { + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetgroup": "datasetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteDatasetGroup.html" + }, + "DeleteEventTracker": { + "privilege": "DeleteEventTracker", + "description": "Grants permission to delete an event tracker", + "access_level": "Write", + "resource_types": { + "eventTracker": { + "resource_type": "eventTracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventtracker": "eventTracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteEventTracker.html" + }, + "DeleteFilter": { + "privilege": "DeleteFilter", + "description": "Grants permission to delete a filter", + "access_level": "Write", + "resource_types": { + "filter": { + "resource_type": "filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "filter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteFilter.html" + }, + "DeleteMetricAttribution": { + "privilege": "DeleteMetricAttribution", + "description": "Grants permission to delete a metric attribution", + "access_level": "Write", + "resource_types": { + "metricAttribution": { + "resource_type": "metricAttribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metricattribution": "metricAttribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteMetricAttribution.html" + }, + "DeleteRecommender": { + "privilege": "DeleteRecommender", + "description": "Grants permission to delete a recommender", + "access_level": "Write", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteRecommender.html" + }, + "DeleteSchema": { + "privilege": "DeleteSchema", + "description": "Grants permission to delete a schema", + "access_level": "Write", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteSchema.html" + }, + "DeleteSolution": { + "privilege": "DeleteSolution", + "description": "Grants permission to delete a solution including all versions of the solution", + "access_level": "Write", + "resource_types": { + "solution": { + "resource_type": "solution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solution": "solution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DeleteSolution.html" + }, + "DescribeAlgorithm": { + "privilege": "DescribeAlgorithm", + "description": "Grants permission to describe an algorithm", + "access_level": "Read", + "resource_types": { + "algorithm": { + "resource_type": "algorithm", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "algorithm": "algorithm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeAlgorithm.html" + }, + "DescribeBatchInferenceJob": { + "privilege": "DescribeBatchInferenceJob", + "description": "Grants permission to describe a batch inference job", + "access_level": "Read", + "resource_types": { + "batchInferenceJob": { + "resource_type": "batchInferenceJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchinferencejob": "batchInferenceJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeBatchInferenceJob.html" + }, + "DescribeBatchSegmentJob": { + "privilege": "DescribeBatchSegmentJob", + "description": "Grants permission to describe a batch segment job", + "access_level": "Read", + "resource_types": { + "batchSegmentJob": { + "resource_type": "batchSegmentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "batchsegmentjob": "batchSegmentJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeBatchSegmentJob.html" + }, + "DescribeCampaign": { + "privilege": "DescribeCampaign", + "description": "Grants permission to describe a campaign", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeCampaign.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to describe a dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDataset.html" + }, + "DescribeDatasetExportJob": { + "privilege": "DescribeDatasetExportJob", + "description": "Grants permission to describe a dataset export job", + "access_level": "Read", + "resource_types": { + "datasetExportJob": { + "resource_type": "datasetExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetexportjob": "datasetExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDatasetExportJob.html" + }, + "DescribeDatasetGroup": { + "privilege": "DescribeDatasetGroup", + "description": "Grants permission to describe a dataset group", + "access_level": "Read", + "resource_types": { + "datasetGroup": { + "resource_type": "datasetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetgroup": "datasetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDatasetGroup.html" + }, + "DescribeDatasetImportJob": { + "privilege": "DescribeDatasetImportJob", + "description": "Grants permission to describe a dataset import job", + "access_level": "Read", + "resource_types": { + "datasetImportJob": { + "resource_type": "datasetImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasetimportjob": "datasetImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeDatasetImportJob.html" + }, + "DescribeEventTracker": { + "privilege": "DescribeEventTracker", + "description": "Grants permission to describe an event tracker", + "access_level": "Read", + "resource_types": { + "eventTracker": { + "resource_type": "eventTracker", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventtracker": "eventTracker" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeEventTracker.html" + }, + "DescribeFeatureTransformation": { + "privilege": "DescribeFeatureTransformation", + "description": "Grants permission to describe a feature transformation", + "access_level": "Read", + "resource_types": { + "featureTransformation": { + "resource_type": "featureTransformation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "featuretransformation": "featureTransformation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeFeatureTransformation.html" + }, + "DescribeFilter": { + "privilege": "DescribeFilter", + "description": "Grants permission to describe a filter", + "access_level": "Read", + "resource_types": { + "filter": { + "resource_type": "filter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "filter": "filter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeFilter.html" + }, + "DescribeMetricAttribution": { + "privilege": "DescribeMetricAttribution", + "description": "Grants permission to describe a metric attribution", + "access_level": "Read", + "resource_types": { + "metricAttribution": { + "resource_type": "metricAttribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metricattribution": "metricAttribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeMetricAttribution.html" + }, + "DescribeRecipe": { + "privilege": "DescribeRecipe", + "description": "Grants permission to describe a recipe", + "access_level": "Read", + "resource_types": { + "recipe": { + "resource_type": "recipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recipe": "recipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeRecipe.html" + }, + "DescribeRecommender": { + "privilege": "DescribeRecommender", + "description": "Grants permission to describe a recommender", + "access_level": "Read", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeRecommender.html" + }, + "DescribeSchema": { + "privilege": "DescribeSchema", + "description": "Grants permission to describe a schema", + "access_level": "Read", + "resource_types": { + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeSchema.html" + }, + "DescribeSolution": { + "privilege": "DescribeSolution", + "description": "Grants permission to describe a solution", + "access_level": "Read", + "resource_types": { + "solution": { + "resource_type": "solution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solution": "solution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeSolution.html" + }, + "DescribeSolutionVersion": { + "privilege": "DescribeSolutionVersion", + "description": "Grants permission to describe a version of a solution", + "access_level": "Read", + "resource_types": { + "solution": { + "resource_type": "solution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solution": "solution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_DescribeSolutionVersion.html" + }, + "GetPersonalizedRanking": { + "privilege": "GetPersonalizedRanking", + "description": "Grants permission to get a re-ranked list of recommendations", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_RS_GetPersonalizedRanking.html" + }, + "GetRecommendations": { + "privilege": "GetRecommendations", + "description": "Grants permission to get a list of recommendations from a campaign", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_RS_GetRecommendations.html" + }, + "GetSolutionMetrics": { + "privilege": "GetSolutionMetrics", + "description": "Grants permission to get metrics for a solution version", + "access_level": "Read", + "resource_types": { + "solution": { + "resource_type": "solution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solution": "solution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_GetSolutionMetrics.html" + }, + "ListBatchInferenceJobs": { + "privilege": "ListBatchInferenceJobs", + "description": "Grants permission to list batch inference jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListBatchInferenceJobs.html" + }, + "ListBatchSegmentJobs": { + "privilege": "ListBatchSegmentJobs", + "description": "Grants permission to list batch segment jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListBatchSegmentJobs.html" + }, + "ListCampaigns": { + "privilege": "ListCampaigns", + "description": "Grants permission to list campaigns", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListCampaigns.html" + }, + "ListDatasetExportJobs": { + "privilege": "ListDatasetExportJobs", + "description": "Grants permission to list dataset export jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasetExportJobs.html" + }, + "ListDatasetGroups": { + "privilege": "ListDatasetGroups", + "description": "Grants permission to list dataset groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasetGroups.html" + }, + "ListDatasetImportJobs": { + "privilege": "ListDatasetImportJobs", + "description": "Grants permission to list dataset import jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasetImportJobs.html" + }, + "ListDatasets": { + "privilege": "ListDatasets", + "description": "Grants permission to list datasets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListDatasets.html" + }, + "ListEventTrackers": { + "privilege": "ListEventTrackers", + "description": "Grants permission to list event trackers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListEventTrackers.html" + }, + "ListFilters": { + "privilege": "ListFilters", + "description": "Grants permission to list filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListFilters.html" + }, + "ListMetricAttributionMetrics": { + "privilege": "ListMetricAttributionMetrics", + "description": "Grants permission to list metric attribution metrics", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListMetricAttributionMetrics.html" + }, + "ListMetricAttributions": { + "privilege": "ListMetricAttributions", + "description": "Grants permission to list metric attributions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListMetricAttributions.html" + }, + "ListRecipes": { + "privilege": "ListRecipes", + "description": "Grants permission to list recipes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListRecipes.html" + }, + "ListRecommenders": { + "privilege": "ListRecommenders", + "description": "Grants permission to list recommenders", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListRecommenders.html" + }, + "ListSchemas": { + "privilege": "ListSchemas", + "description": "Grants permission to list schemas", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListSchemas.html" + }, + "ListSolutionVersions": { + "privilege": "ListSolutionVersions", + "description": "Grants permission to list versions of a solution", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListSolutionVersions.html" + }, + "ListSolutions": { + "privilege": "ListSolutions", + "description": "Grants permission to list solutions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListSolutions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_ListTagsForResource.html" + }, + "PutEvents": { + "privilege": "PutEvents", + "description": "Grants permission to put real time event data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UBS_PutEvents.html" + }, + "PutItems": { + "privilege": "PutItems", + "description": "Grants permission to ingest Items data", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UBS_PutItems.html" + }, + "PutUsers": { + "privilege": "PutUsers", + "description": "Grants permission to ingest Users data", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UBS_PutUsers.html" + }, + "StartRecommender": { + "privilege": "StartRecommender", + "description": "Grants permission to start a recommender", + "access_level": "Write", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_StartRecommender.html" + }, + "StopRecommender": { + "privilege": "StopRecommender", + "description": "Grants permission to stop a recommender", + "access_level": "Write", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_StopRecommender.html" + }, + "StopSolutionVersionCreation": { + "privilege": "StopSolutionVersionCreation", + "description": "Grants permission to stop a solution version creation", + "access_level": "Write", + "resource_types": { + "solution": { + "resource_type": "solution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solution": "solution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_StopSolutionVersionCreation.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UntagResource.html" + }, + "UpdateCampaign": { + "privilege": "UpdateCampaign", + "description": "Grants permission to update a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateCampaign.html" + }, + "UpdateDataset": { + "privilege": "UpdateDataset", + "description": "Grants permission to update a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateDataset.html" + }, + "UpdateMetricAttribution": { + "privilege": "UpdateMetricAttribution", + "description": "Grants permission to update a metric attribution", + "access_level": "Write", + "resource_types": { + "metricAttribution": { + "resource_type": "metricAttribution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metricattribution": "metricAttribution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateMetricAttribution.html" + }, + "UpdateRecommender": { + "privilege": "UpdateRecommender", + "description": "Grants permission to update a recommender", + "access_level": "Write", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateRecommender.html" + } + }, + "privileges_lower_name": { + "createbatchinferencejob": "CreateBatchInferenceJob", + "createbatchsegmentjob": "CreateBatchSegmentJob", + "createcampaign": "CreateCampaign", + "createdataset": "CreateDataset", + "createdatasetexportjob": "CreateDatasetExportJob", + "createdatasetgroup": "CreateDatasetGroup", + "createdatasetimportjob": "CreateDatasetImportJob", + "createeventtracker": "CreateEventTracker", + "createfilter": "CreateFilter", + "createmetricattribution": "CreateMetricAttribution", + "createrecommender": "CreateRecommender", + "createschema": "CreateSchema", + "createsolution": "CreateSolution", + "createsolutionversion": "CreateSolutionVersion", + "deletecampaign": "DeleteCampaign", + "deletedataset": "DeleteDataset", + "deletedatasetgroup": "DeleteDatasetGroup", + "deleteeventtracker": "DeleteEventTracker", + "deletefilter": "DeleteFilter", + "deletemetricattribution": "DeleteMetricAttribution", + "deleterecommender": "DeleteRecommender", + "deleteschema": "DeleteSchema", + "deletesolution": "DeleteSolution", + "describealgorithm": "DescribeAlgorithm", + "describebatchinferencejob": "DescribeBatchInferenceJob", + "describebatchsegmentjob": "DescribeBatchSegmentJob", + "describecampaign": "DescribeCampaign", + "describedataset": "DescribeDataset", + "describedatasetexportjob": "DescribeDatasetExportJob", + "describedatasetgroup": "DescribeDatasetGroup", + "describedatasetimportjob": "DescribeDatasetImportJob", + "describeeventtracker": "DescribeEventTracker", + "describefeaturetransformation": "DescribeFeatureTransformation", + "describefilter": "DescribeFilter", + "describemetricattribution": "DescribeMetricAttribution", + "describerecipe": "DescribeRecipe", + "describerecommender": "DescribeRecommender", + "describeschema": "DescribeSchema", + "describesolution": "DescribeSolution", + "describesolutionversion": "DescribeSolutionVersion", + "getpersonalizedranking": "GetPersonalizedRanking", + "getrecommendations": "GetRecommendations", + "getsolutionmetrics": "GetSolutionMetrics", + "listbatchinferencejobs": "ListBatchInferenceJobs", + "listbatchsegmentjobs": "ListBatchSegmentJobs", + "listcampaigns": "ListCampaigns", + "listdatasetexportjobs": "ListDatasetExportJobs", + "listdatasetgroups": "ListDatasetGroups", + "listdatasetimportjobs": "ListDatasetImportJobs", + "listdatasets": "ListDatasets", + "listeventtrackers": "ListEventTrackers", + "listfilters": "ListFilters", + "listmetricattributionmetrics": "ListMetricAttributionMetrics", + "listmetricattributions": "ListMetricAttributions", + "listrecipes": "ListRecipes", + "listrecommenders": "ListRecommenders", + "listschemas": "ListSchemas", + "listsolutionversions": "ListSolutionVersions", + "listsolutions": "ListSolutions", + "listtagsforresource": "ListTagsForResource", + "putevents": "PutEvents", + "putitems": "PutItems", + "putusers": "PutUsers", + "startrecommender": "StartRecommender", + "stoprecommender": "StopRecommender", + "stopsolutionversioncreation": "StopSolutionVersionCreation", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecampaign": "UpdateCampaign", + "updatedataset": "UpdateDataset", + "updatemetricattribution": "UpdateMetricAttribution", + "updaterecommender": "UpdateRecommender" + }, + "resources": { + "schema": { + "resource": "schema", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:schema/${ResourceId}", + "condition_keys": [] + }, + "featureTransformation": { + "resource": "featureTransformation", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:feature-transformation/${ResourceId}", + "condition_keys": [] + }, + "dataset": { + "resource": "dataset", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset/${ResourceId}", + "condition_keys": [] + }, + "datasetGroup": { + "resource": "datasetGroup", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset-group/${ResourceId}", + "condition_keys": [] + }, + "datasetImportJob": { + "resource": "datasetImportJob", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset-import-job/${ResourceId}", + "condition_keys": [] + }, + "datasetExportJob": { + "resource": "datasetExportJob", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:dataset-export-job/${ResourceId}", + "condition_keys": [] + }, + "solution": { + "resource": "solution", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:solution/${ResourceId}", + "condition_keys": [] + }, + "campaign": { + "resource": "campaign", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:campaign/${ResourceId}", + "condition_keys": [] + }, + "eventTracker": { + "resource": "eventTracker", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:event-tracker/${ResourceId}", + "condition_keys": [] + }, + "recipe": { + "resource": "recipe", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:recipe/${ResourceId}", + "condition_keys": [] + }, + "algorithm": { + "resource": "algorithm", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:algorithm/${ResourceId}", + "condition_keys": [] + }, + "batchInferenceJob": { + "resource": "batchInferenceJob", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:batch-inference-job/${ResourceId}", + "condition_keys": [] + }, + "filter": { + "resource": "filter", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:filter/${ResourceId}", + "condition_keys": [] + }, + "recommender": { + "resource": "recommender", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:recommender/${ResourceId}", + "condition_keys": [] + }, + "batchSegmentJob": { + "resource": "batchSegmentJob", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:batch-segment-job/${ResourceId}", + "condition_keys": [] + }, + "metricAttribution": { + "resource": "metricAttribution", + "arn": "arn:${Partition}:personalize:${Region}:${Account}:metric-attribution/${ResourceId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "schema": "schema", + "featuretransformation": "featureTransformation", + "dataset": "dataset", + "datasetgroup": "datasetGroup", + "datasetimportjob": "datasetImportJob", + "datasetexportjob": "datasetExportJob", + "solution": "solution", + "campaign": "campaign", + "eventtracker": "eventTracker", + "recipe": "recipe", + "algorithm": "algorithm", + "batchinferencejob": "batchInferenceJob", + "filter": "filter", + "recommender": "recommender", + "batchsegmentjob": "batchSegmentJob", + "metricattribution": "metricAttribution" + }, + "conditions": {} + }, + "mobiletargeting": { + "service_name": "Amazon Pinpoint", + "prefix": "mobiletargeting", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpinpoint.html", + "privileges": { + "CreateApp": { + "privilege": "CreateApp", + "description": "Grants permission to create an app", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps.html#CreateApp" + }, + "CreateCampaign": { + "privilege": "CreateCampaign", + "description": "Grants permission to create a campaign for an app", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns.html#CreateCampaign" + }, + "CreateEmailTemplate": { + "privilege": "CreateEmailTemplate", + "description": "Grants permission to create an email template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#CreateEmailTemplate" + }, + "CreateExportJob": { + "privilege": "CreateExportJob", + "description": "Grants permission to create an export job that exports endpoint definitions to Amazon S3", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-export.html#CreateExportJob" + }, + "CreateImportJob": { + "privilege": "CreateImportJob", + "description": "Grants permission to import endpoint definitions from to create a segment", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-import.html#CreateImportJob" + }, + "CreateInAppTemplate": { + "privilege": "CreateInAppTemplate", + "description": "Grants permission to create an in-app message template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#CreateInAppTemplate" + }, + "CreateJourney": { + "privilege": "CreateJourney", + "description": "Grants permission to create a Journey for an app", + "access_level": "Write", + "resource_types": { + "journeys": { + "resource_type": "journeys", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journeys": "journeys", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys.html#CreateJourney" + }, + "CreatePushTemplate": { + "privilege": "CreatePushTemplate", + "description": "Grants permission to create a push notification template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#CreatePushTemplate" + }, + "CreateRecommenderConfiguration": { + "privilege": "CreateRecommenderConfiguration", + "description": "Grants permission to create an Amazon Pinpoint configuration for a recommender model", + "access_level": "Write", + "resource_types": { + "recommenders": { + "resource_type": "recommenders", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommenders": "recommenders" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders.html#CreateRecommenderConfiguration" + }, + "CreateSegment": { + "privilege": "CreateSegment", + "description": "Grants permission to create a segment that is based on endpoint data reported to Pinpoint by your app. To allow a user to create a segment by importing endpoint data from outside of Pinpoint, allow the mobiletargeting:CreateImportJob action", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#CreateSegment" + }, + "CreateSmsTemplate": { + "privilege": "CreateSmsTemplate", + "description": "Grants permission to create an sms message template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#CreateSmsTemplate" + }, + "CreateVoiceTemplate": { + "privilege": "CreateVoiceTemplate", + "description": "Grants permission to create a voice message template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#CreateVoiceTemplate" + }, + "DeleteAdmChannel": { + "privilege": "DeleteAdmChannel", + "description": "Grants permission to delete the ADM channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-adm.html#DeleteAdmChannel" + }, + "DeleteApnsChannel": { + "privilege": "DeleteApnsChannel", + "description": "Grants permission to delete the APNs channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns.html#DeleteApnsChannel" + }, + "DeleteApnsSandboxChannel": { + "privilege": "DeleteApnsSandboxChannel", + "description": "Grants permission to delete the APNs sandbox channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_sandbox.html#DeleteApnsSandboxChannel" + }, + "DeleteApnsVoipChannel": { + "privilege": "DeleteApnsVoipChannel", + "description": "Grants permission to delete the APNs VoIP channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip.html#DeleteApnsVoipChannel" + }, + "DeleteApnsVoipSandboxChannel": { + "privilege": "DeleteApnsVoipSandboxChannel", + "description": "Grants permission to delete the APNs VoIP sandbox channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip_sandbox.html#DeleteApnsVoipSandboxChannel" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Grants permission to delete a specific campaign", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id.html#DeleteApp" + }, + "DeleteBaiduChannel": { + "privilege": "DeleteBaiduChannel", + "description": "Grants permission to delete the Baidu channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-baidu.html#DeleteBaiduChannel" + }, + "DeleteCampaign": { + "privilege": "DeleteCampaign", + "description": "Grants permission to delete a specific campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id.html#DeleteCampaign" + }, + "DeleteEmailChannel": { + "privilege": "DeleteEmailChannel", + "description": "Grants permission to delete the email channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-email.html#DeleteEmailChannel" + }, + "DeleteEmailTemplate": { + "privilege": "DeleteEmailTemplate", + "description": "Grants permission to delete an email template or an email template version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#DeleteEmailTemplate" + }, + "DeleteEndpoint": { + "privilege": "DeleteEndpoint", + "description": "Grants permission to delete an endpoint", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id.html#DeleteEndpoint" + }, + "DeleteEventStream": { + "privilege": "DeleteEventStream", + "description": "Grants permission to delete the event stream for an app", + "access_level": "Write", + "resource_types": { + "event-stream": { + "resource_type": "event-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-stream": "event-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-eventstream.html#DeleteEventStream" + }, + "DeleteGcmChannel": { + "privilege": "DeleteGcmChannel", + "description": "Grants permission to delete the GCM channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-gcm.html#DeleteGcmChannel" + }, + "DeleteInAppTemplate": { + "privilege": "DeleteInAppTemplate", + "description": "Grants permission to delete an in-app message template or an in-app message template version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#DeleteInAppTemplate" + }, + "DeleteJourney": { + "privilege": "DeleteJourney", + "description": "Grants permission to delete a specific journey", + "access_level": "Write", + "resource_types": { + "journey": { + "resource_type": "journey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey": "journey" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id.html#DeleteJourney" + }, + "DeletePushTemplate": { + "privilege": "DeletePushTemplate", + "description": "Grants permission to delete a push notification template or a push notification template version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#DeletePushTemplate" + }, + "DeleteRecommenderConfiguration": { + "privilege": "DeleteRecommenderConfiguration", + "description": "Grants permission to delete an Amazon Pinpoint configuration for a recommender model", + "access_level": "Write", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders-recommender-id.html#DeleteRecommenderConfiguration" + }, + "DeleteSegment": { + "privilege": "DeleteSegment", + "description": "Grants permission to delete a specific segment", + "access_level": "Write", + "resource_types": { + "segment": { + "resource_type": "segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id.html#DeleteSegment" + }, + "DeleteSmsChannel": { + "privilege": "DeleteSmsChannel", + "description": "Grants permission to delete the SMS channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-sms.html#DeleteSmsChannel" + }, + "DeleteSmsTemplate": { + "privilege": "DeleteSmsTemplate", + "description": "Grants permission to delete an sms message template or an sms message template version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#DeleteSmsTemplate" + }, + "DeleteUserEndpoints": { + "privilege": "DeleteUserEndpoints", + "description": "Grants permission to delete all of the endpoints that are associated with a user ID", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-users-user-id.html#DeleteUserEndpoints" + }, + "DeleteVoiceChannel": { + "privilege": "DeleteVoiceChannel", + "description": "Grants permission to delete the Voice channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-voice.html#DeleteVoiceChannel" + }, + "DeleteVoiceTemplate": { + "privilege": "DeleteVoiceTemplate", + "description": "Grants permission to delete a voice message template or a voice message template version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#DeleteVoiceTemplate" + }, + "GetAdmChannel": { + "privilege": "GetAdmChannel", + "description": "Grants permission to retrieve information about the Amazon Device Messaging (ADM) channel for an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-adm.html#GetAdmChannel" + }, + "GetApnsChannel": { + "privilege": "GetApnsChannel", + "description": "Grants permission to retrieve information about the APNs channel for an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns.html#GetApnsChannel" + }, + "GetApnsSandboxChannel": { + "privilege": "GetApnsSandboxChannel", + "description": "Grants permission to retrieve information about the APNs sandbox channel for an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_sandbox.html#GetApnsSandboxChannel" + }, + "GetApnsVoipChannel": { + "privilege": "GetApnsVoipChannel", + "description": "Grants permission to retrieve information about the APNs VoIP channel for an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip.html#GetApnsVoipChannel" + }, + "GetApnsVoipSandboxChannel": { + "privilege": "GetApnsVoipSandboxChannel", + "description": "Grants permission to retrieve information about the APNs VoIP sandbox channel for an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip_sandbox.html#GetApnsVoipSandboxChannel" + }, + "GetApp": { + "privilege": "GetApp", + "description": "Grants permission to retrieve information about a specific app in your Amazon Pinpoint account", + "access_level": "Read", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id.html#GetApp" + }, + "GetApplicationDateRangeKpi": { + "privilege": "GetApplicationDateRangeKpi", + "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard metric that applies to an application", + "access_level": "Read", + "resource_types": { + "application-metrics": { + "resource_type": "application-metrics", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application-metrics": "application-metrics" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-kpis-daterange-kpi-name.html#GetApplicationDateRangeKpi" + }, + "GetApplicationSettings": { + "privilege": "GetApplicationSettings", + "description": "Grants permission to retrieve the default settings for an app", + "access_level": "List", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-settings.html#GetApplicationSettings" + }, + "GetApps": { + "privilege": "GetApps", + "description": "Grants permission to retrieve a list of apps in your Amazon Pinpoint account", + "access_level": "Read", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps.html#GetApps" + }, + "GetBaiduChannel": { + "privilege": "GetBaiduChannel", + "description": "Grants permission to retrieve information about the Baidu channel for an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-baidu.html#GetBaiduChannel" + }, + "GetCampaign": { + "privilege": "GetCampaign", + "description": "Grants permission to retrieve information about a specific campaign", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id.html#GetCampaign" + }, + "GetCampaignActivities": { + "privilege": "GetCampaignActivities", + "description": "Grants permission to retrieve information about the activities performed by a campaign", + "access_level": "List", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-activities.html#GetCampaignActivities" + }, + "GetCampaignDateRangeKpi": { + "privilege": "GetCampaignDateRangeKpi", + "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard metric that applies to a campaign", + "access_level": "Read", + "resource_types": { + "campaign-metrics": { + "resource_type": "campaign-metrics", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign-metrics": "campaign-metrics" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-kpis-daterange-kpi-name.html#GetCampaignDateRangeKpi" + }, + "GetCampaignVersion": { + "privilege": "GetCampaignVersion", + "description": "Grants permission to retrieve information about a specific campaign version", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-versions-version.html#GetCampaignVersion" + }, + "GetCampaignVersions": { + "privilege": "GetCampaignVersions", + "description": "Grants permission to retrieve information about the current and prior versions of a campaign", + "access_level": "List", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id-versions.html#GetCampaignVersions" + }, + "GetCampaigns": { + "privilege": "GetCampaigns", + "description": "Grants permission to retrieve information about all campaigns for an app", + "access_level": "List", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns.html#GetCampaigns" + }, + "GetChannels": { + "privilege": "GetChannels", + "description": "Grants permission to get all channels information for your app", + "access_level": "List", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels.html#GetChannels" + }, + "GetEmailChannel": { + "privilege": "GetEmailChannel", + "description": "Grants permission to obtain information about the email channel in an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-email.html#GetEmailChannel" + }, + "GetEmailTemplate": { + "privilege": "GetEmailTemplate", + "description": "Grants permission to retrieve information about a specific or the active version of an email template", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#GetEmailTemplate" + }, + "GetEndpoint": { + "privilege": "GetEndpoint", + "description": "Grants permission to retrieve information about a specific endpoint", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id.html#GetEndpoint" + }, + "GetEventStream": { + "privilege": "GetEventStream", + "description": "Grants permission to retrieve information about the event stream for an app", + "access_level": "Read", + "resource_types": { + "event-stream": { + "resource_type": "event-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-stream": "event-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-eventstream.html#GetEventStream" + }, + "GetExportJob": { + "privilege": "GetExportJob", + "description": "Grants permission to obtain information about a specific export job", + "access_level": "Read", + "resource_types": { + "export-job": { + "resource_type": "export-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "export-job": "export-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-export-job-id.html#GetExportJob" + }, + "GetExportJobs": { + "privilege": "GetExportJobs", + "description": "Grants permission to retrieve a list of all of the export jobs for an app", + "access_level": "List", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-export.html#GetExportJobs" + }, + "GetGcmChannel": { + "privilege": "GetGcmChannel", + "description": "Grants permission to retrieve information about the GCM channel for an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-gcm.html#GetGcmChannel" + }, + "GetImportJob": { + "privilege": "GetImportJob", + "description": "Grants permission to retrieve information about a specific import job", + "access_level": "Read", + "resource_types": { + "import-job": { + "resource_type": "import-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "import-job": "import-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-import-job-id.html#GetImportJob" + }, + "GetImportJobs": { + "privilege": "GetImportJobs", + "description": "Grants permission to retrieve information about all import jobs for an app", + "access_level": "List", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-jobs-import.html#GetImportJobs" + }, + "GetInAppMessages": { + "privilege": "GetInAppMessages", + "description": "Grants permission to retrive in-app messages for the given endpoint id", + "access_level": "Read", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id-inappmessages.html#GetInAppMessages" + }, + "GetInAppTemplate": { + "privilege": "GetInAppTemplate", + "description": "Grants permission to retrieve information about a specific or the active version of an in-app message template", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#GetInAppTemplate" + }, + "GetJourney": { + "privilege": "GetJourney", + "description": "Grants permission to retrieve information about a specific journey", + "access_level": "Read", + "resource_types": { + "journey": { + "resource_type": "journey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey": "journey" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id.html#GetJourney" + }, + "GetJourneyDateRangeKpi": { + "privilege": "GetJourneyDateRangeKpi", + "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard engagement metric that applies to a journey", + "access_level": "Read", + "resource_types": { + "journey-metrics": { + "resource_type": "journey-metrics", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey-metrics": "journey-metrics" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-kpis-daterange-kpi-name.html#GetJourneyDateRangeKpi" + }, + "GetJourneyExecutionActivityMetrics": { + "privilege": "GetJourneyExecutionActivityMetrics", + "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey activity", + "access_level": "Read", + "resource_types": { + "journey-execution-activity-metrics": { + "resource_type": "journey-execution-activity-metrics", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey-execution-activity-metrics": "journey-execution-activity-metrics" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-activities-journey-activity-id-execution-metrics.html#GetJourneyExecutionActivityMetrics" + }, + "GetJourneyExecutionMetrics": { + "privilege": "GetJourneyExecutionMetrics", + "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey", + "access_level": "Read", + "resource_types": { + "journey-execution-metrics": { + "resource_type": "journey-execution-metrics", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey-execution-metrics": "journey-execution-metrics" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-execution-metrics.html#GetJourneyExecutionMetrics" + }, + "GetJourneyRunExecutionActivityMetrics": { + "privilege": "GetJourneyRunExecutionActivityMetrics", + "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey activity for a single journey run", + "access_level": "Read", + "resource_types": { + "journey": { + "resource_type": "journey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey": "journey" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-runs-run-id-activities-journey-activity-id-execution-metrics.html#GetJourneyRunExecutionActivityMetrics" + }, + "GetJourneyRunExecutionMetrics": { + "privilege": "GetJourneyRunExecutionMetrics", + "description": "Grants permission to retrieve (queries) pre-aggregated data for a standard execution metric that applies to a journey for a single journey run", + "access_level": "Read", + "resource_types": { + "journey": { + "resource_type": "journey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey": "journey" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-runs-run-id-execution-metrics.html#GetJourneyRunExecutionMetrics" + }, + "GetJourneyRuns": { + "privilege": "GetJourneyRuns", + "description": "Grants permission to retrieve information about all journey runs for a journey", + "access_level": "List", + "resource_types": { + "journey": { + "resource_type": "journey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey": "journey" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-runs.html" + }, + "GetPushTemplate": { + "privilege": "GetPushTemplate", + "description": "Grants permission to retrieve information about a specific or the active version of an push notification template", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#GetPushTemplate" + }, + "GetRecommenderConfiguration": { + "privilege": "GetRecommenderConfiguration", + "description": "Grants permission to retrieve information about an Amazon Pinpoint configuration for a recommender model", + "access_level": "Read", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders-recommender-id.html#GetRecommenderConfiguration" + }, + "GetRecommenderConfigurations": { + "privilege": "GetRecommenderConfigurations", + "description": "Grants permission to retrieve information about all the recommender model configurations that are associated with an Amazon Pinpoint account", + "access_level": "List", + "resource_types": { + "recommenders": { + "resource_type": "recommenders", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommenders": "recommenders" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders.html#GetRecommenderConfigurations" + }, + "GetReports": { + "privilege": "GetReports", + "description": "Grants permission to mobiletargeting:GetReports", + "access_level": "Read", + "resource_types": { + "reports": { + "resource_type": "reports", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reports": "reports" + }, + "api_documentation_link": "${UserGuideDocPage}/permissions-actions.html" + }, + "GetSegment": { + "privilege": "GetSegment", + "description": "Grants permission to retrieve information about a specific segment", + "access_level": "Read", + "resource_types": { + "segment": { + "resource_type": "segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id.html#GetSegment" + }, + "GetSegmentExportJobs": { + "privilege": "GetSegmentExportJobs", + "description": "Grants permission to retrieve information about jobs that export endpoint definitions from segments to Amazon S3", + "access_level": "List", + "resource_types": { + "segment": { + "resource_type": "segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-jobs-export.html#GetSegmentExportJobs" + }, + "GetSegmentImportJobs": { + "privilege": "GetSegmentImportJobs", + "description": "Grants permission to retrieve information about jobs that create segments by importing endpoint definitions from", + "access_level": "List", + "resource_types": { + "segment": { + "resource_type": "segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-jobs-import.html#GetSegmentImportJobs" + }, + "GetSegmentVersion": { + "privilege": "GetSegmentVersion", + "description": "Grants permission to retrieve information about a specific segment version", + "access_level": "Read", + "resource_types": { + "segment": { + "resource_type": "segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-versions-version.html#GetSegmentVersion" + }, + "GetSegmentVersions": { + "privilege": "GetSegmentVersions", + "description": "Grants permission to retrieve information about the current and prior versions of a segment", + "access_level": "List", + "resource_types": { + "segment": { + "resource_type": "segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "segment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id-versions.html#GetSegmentVersions" + }, + "GetSegments": { + "privilege": "GetSegments", + "description": "Grants permission to retrieve information about the segments for an app", + "access_level": "List", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#GetSegments" + }, + "GetSmsChannel": { + "privilege": "GetSmsChannel", + "description": "Grants permission to obtain information about the SMS channel in an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-sms.html#GetSmsChannel" + }, + "GetSmsTemplate": { + "privilege": "GetSmsTemplate", + "description": "Grants permission to retrieve information about a specific or the active version of an sms message template", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#GetSmsTemplate" + }, + "GetUserEndpoints": { + "privilege": "GetUserEndpoints", + "description": "Grants permission to retrieve information about the endpoints that are associated with a user ID", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-users-user-id.html#GetUserEndpoints" + }, + "GetVoiceChannel": { + "privilege": "GetVoiceChannel", + "description": "Grants permission to obtain information about the Voice channel in an app", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-voice.html#GetVoiceChannel" + }, + "GetVoiceTemplate": { + "privilege": "GetVoiceTemplate", + "description": "Grants permission to retrieve information about a specific or the active version of a voice message template", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#GetVoiceTemplate" + }, + "ListJourneys": { + "privilege": "ListJourneys", + "description": "Grants permission to retrieve information about all journeys for an app", + "access_level": "List", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys.html#ListJourneys" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "app": { + "resource_type": "app", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "journey": { + "resource_type": "journey", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "segment": { + "resource_type": "segment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app", + "campaign": "campaign", + "journey": "journey", + "segment": "segment", + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/tags-resource-arn.html#ListTagsForResource" + }, + "ListTemplateVersions": { + "privilege": "ListTemplateVersions", + "description": "Grants permission to retrieve all versions about a specific template", + "access_level": "List", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html#ListTemplateVersions" + }, + "ListTemplates": { + "privilege": "ListTemplates", + "description": "Grants permission to retrieve metadata about the queried templates", + "access_level": "List", + "resource_types": { + "templates": { + "resource_type": "templates", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "templates": "templates" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates.html#ListTemplates" + }, + "PhoneNumberValidate": { + "privilege": "PhoneNumberValidate", + "description": "Grants permission to obtain metadata for a phone number, such as the number type (mobile, landline, or VoIP), location, and provider", + "access_level": "Read", + "resource_types": { + "phone-number-validate": { + "resource_type": "phone-number-validate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phone-number-validate": "phone-number-validate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/phone-number-validate.html#PhoneNumberValidate" + }, + "PutEventStream": { + "privilege": "PutEventStream", + "description": "Grants permission to create or update an event stream for an app", + "access_level": "Write", + "resource_types": { + "event-stream": { + "resource_type": "event-stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-stream": "event-stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-eventstream.html#PutEventStream" + }, + "PutEvents": { + "privilege": "PutEvents", + "description": "Grants permission to create or update events for an app", + "access_level": "Write", + "resource_types": { + "events": { + "resource_type": "events", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "events": "events" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-events.html#PutEvents" + }, + "RemoveAttributes": { + "privilege": "RemoveAttributes", + "description": "Grants permission to remove the attributes for an app", + "access_level": "Write", + "resource_types": { + "attribute": { + "resource_type": "attribute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attribute": "attribute" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-attributes-attribute-type.html#RemoveAttributes" + }, + "SendMessages": { + "privilege": "SendMessages", + "description": "Grants permission to send an SMS message or push notification to specific endpoints", + "access_level": "Write", + "resource_types": { + "messages": { + "resource_type": "messages", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "messages": "messages" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-messages.html#SendMessages" + }, + "SendOTPMessage": { + "privilege": "SendOTPMessage", + "description": "Grants permission to send an OTP code to a user of your application", + "access_level": "Write", + "resource_types": { + "otp": { + "resource_type": "otp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "otp": "otp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-otp.html#SendOTPMessage" + }, + "SendUsersMessages": { + "privilege": "SendUsersMessages", + "description": "Grants permission to send an SMS message or push notification to all endpoints that are associated with a specific user ID", + "access_level": "Write", + "resource_types": { + "messages": { + "resource_type": "messages", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "messages": "messages" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-users-messages.html#SendUsersMessages" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "app": { + "resource_type": "app", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "journey": { + "resource_type": "journey", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "segment": { + "resource_type": "segment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app", + "campaign": "campaign", + "journey": "journey", + "segment": "segment", + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/tags-resource-arn.html#TagResource" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "app": { + "resource_type": "app", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "journey": { + "resource_type": "journey", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "segment": { + "resource_type": "segment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app", + "campaign": "campaign", + "journey": "journey", + "segment": "segment", + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/tags-resource-arn.html#UntagResource" + }, + "UpdateAdmChannel": { + "privilege": "UpdateAdmChannel", + "description": "Grants permission to update the Amazon Device Messaging (ADM) channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-adm.html#UpdateAdmChannel" + }, + "UpdateApnsChannel": { + "privilege": "UpdateApnsChannel", + "description": "Grants permission to update the Apple Push Notification service (APNs) channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns.html#UpdateApnsChannel" + }, + "UpdateApnsSandboxChannel": { + "privilege": "UpdateApnsSandboxChannel", + "description": "Grants permission to update the Apple Push Notification service (APNs) sandbox channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_sandbox.html#UpdateApnsSandboxChannel" + }, + "UpdateApnsVoipChannel": { + "privilege": "UpdateApnsVoipChannel", + "description": "Grants permission to update the Apple Push Notification service (APNs) VoIP channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip.html#UpdateApnsVoipChannel" + }, + "UpdateApnsVoipSandboxChannel": { + "privilege": "UpdateApnsVoipSandboxChannel", + "description": "Grants permission to update the Apple Push Notification service (APNs) VoIP sandbox channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-apns_voip_sandbox.html#UpdateApnsVoipSandboxChannel" + }, + "UpdateApplicationSettings": { + "privilege": "UpdateApplicationSettings", + "description": "Grants permission to update the default settings for an app", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-settings.html#UpdateApplicationSettings" + }, + "UpdateBaiduChannel": { + "privilege": "UpdateBaiduChannel", + "description": "Grants permission to update the Baidu channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-baidu.html#UpdateBaiduChannel" + }, + "UpdateCampaign": { + "privilege": "UpdateCampaign", + "description": "Grants permission to update a specific campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-campaigns-campaign-id.html#UpdateCampaign" + }, + "UpdateEmailChannel": { + "privilege": "UpdateEmailChannel", + "description": "Grants permission to update the email channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-email.html#UpdateEmailChannel" + }, + "UpdateEmailTemplate": { + "privilege": "UpdateEmailTemplate", + "description": "Grants permission to update a specific email template under the same version or generate a new version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-email.html#UpdateEmailTemplate" + }, + "UpdateEndpoint": { + "privilege": "UpdateEndpoint", + "description": "Grants permission to create an endpoint or update the information for an endpoint", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints-endpoint-id.html#UpdateEndpoint" + }, + "UpdateEndpointsBatch": { + "privilege": "UpdateEndpointsBatch", + "description": "Grants permission to create or update endpoints as a batch operation", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-endpoints.html#UpdateEndpointsBatch" + }, + "UpdateGcmChannel": { + "privilege": "UpdateGcmChannel", + "description": "Grants permission to update the Firebase Cloud Messaging (FCM) or Google Cloud Messaging (GCM) API key that allows to send push notifications to your Android app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-gcm.html#UpdateGcmChannel" + }, + "UpdateInAppTemplate": { + "privilege": "UpdateInAppTemplate", + "description": "Grants permission to update a specific in-app message template under the same version or generate a new version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-inapp.html#UpdateInAppTemplate" + }, + "UpdateJourney": { + "privilege": "UpdateJourney", + "description": "Grants permission to update a specific journey", + "access_level": "Write", + "resource_types": { + "journey": { + "resource_type": "journey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey": "journey", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id.html#UpdateJourney" + }, + "UpdateJourneyState": { + "privilege": "UpdateJourneyState", + "description": "Grants permission to update a specific journey state", + "access_level": "Write", + "resource_types": { + "journey": { + "resource_type": "journey", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "journey": "journey", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-journeys-journey-id-state.html#UpdateJourneyState" + }, + "UpdatePushTemplate": { + "privilege": "UpdatePushTemplate", + "description": "Grants permission to update a specific push notification template under the same version or generate a new version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-push.html#UpdatePushTemplate" + }, + "UpdateRecommenderConfiguration": { + "privilege": "UpdateRecommenderConfiguration", + "description": "Grants permission to update an Amazon Pinpoint configuration for a recommender model", + "access_level": "Write", + "resource_types": { + "recommender": { + "resource_type": "recommender", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recommender": "recommender" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/recommenders-recommender-id.html#UpdateRecommenderConfiguration" + }, + "UpdateSegment": { + "privilege": "UpdateSegment", + "description": "Grants permission to update a specific segment", + "access_level": "Write", + "resource_types": { + "segment": { + "resource_type": "segment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "segment": "segment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments-segment-id.html#UpdateSegment" + }, + "UpdateSmsChannel": { + "privilege": "UpdateSmsChannel", + "description": "Grants permission to update the SMS channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-sms.html#UpdateSmsChannel" + }, + "UpdateSmsTemplate": { + "privilege": "UpdateSmsTemplate", + "description": "Grants permission to update a specific sms message template under the same version or generate a new version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-sms.html#UpdateSmsTemplate" + }, + "UpdateTemplateActiveVersion": { + "privilege": "UpdateTemplateActiveVersion", + "description": "Grants permission to update the active version parameter of a specific template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-active-version.html#UpdateTemplateActiveVersion" + }, + "UpdateVoiceChannel": { + "privilege": "UpdateVoiceChannel", + "description": "Grants permission to update the Voice channel for an app", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-channels-voice.html#UpdateVoiceChannel" + }, + "UpdateVoiceTemplate": { + "privilege": "UpdateVoiceTemplate", + "description": "Grants permission to update a specific voice message template under the same version or generate a new version", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-voice.html#UpdateVoiceTemplate" + }, + "VerifyOTPMessage": { + "privilege": "VerifyOTPMessage", + "description": "Grants permission to check the validity of One-Time Passwords (OTPs)", + "access_level": "Write", + "resource_types": { + "verify-otp": { + "resource_type": "verify-otp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "verify-otp": "verify-otp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-verify-otp.html#VerifyOTPMessage" + } + }, + "privileges_lower_name": { + "createapp": "CreateApp", + "createcampaign": "CreateCampaign", + "createemailtemplate": "CreateEmailTemplate", + "createexportjob": "CreateExportJob", + "createimportjob": "CreateImportJob", + "createinapptemplate": "CreateInAppTemplate", + "createjourney": "CreateJourney", + "createpushtemplate": "CreatePushTemplate", + "createrecommenderconfiguration": "CreateRecommenderConfiguration", + "createsegment": "CreateSegment", + "createsmstemplate": "CreateSmsTemplate", + "createvoicetemplate": "CreateVoiceTemplate", + "deleteadmchannel": "DeleteAdmChannel", + "deleteapnschannel": "DeleteApnsChannel", + "deleteapnssandboxchannel": "DeleteApnsSandboxChannel", + "deleteapnsvoipchannel": "DeleteApnsVoipChannel", + "deleteapnsvoipsandboxchannel": "DeleteApnsVoipSandboxChannel", + "deleteapp": "DeleteApp", + "deletebaiduchannel": "DeleteBaiduChannel", + "deletecampaign": "DeleteCampaign", + "deleteemailchannel": "DeleteEmailChannel", + "deleteemailtemplate": "DeleteEmailTemplate", + "deleteendpoint": "DeleteEndpoint", + "deleteeventstream": "DeleteEventStream", + "deletegcmchannel": "DeleteGcmChannel", + "deleteinapptemplate": "DeleteInAppTemplate", + "deletejourney": "DeleteJourney", + "deletepushtemplate": "DeletePushTemplate", + "deleterecommenderconfiguration": "DeleteRecommenderConfiguration", + "deletesegment": "DeleteSegment", + "deletesmschannel": "DeleteSmsChannel", + "deletesmstemplate": "DeleteSmsTemplate", + "deleteuserendpoints": "DeleteUserEndpoints", + "deletevoicechannel": "DeleteVoiceChannel", + "deletevoicetemplate": "DeleteVoiceTemplate", + "getadmchannel": "GetAdmChannel", + "getapnschannel": "GetApnsChannel", + "getapnssandboxchannel": "GetApnsSandboxChannel", + "getapnsvoipchannel": "GetApnsVoipChannel", + "getapnsvoipsandboxchannel": "GetApnsVoipSandboxChannel", + "getapp": "GetApp", + "getapplicationdaterangekpi": "GetApplicationDateRangeKpi", + "getapplicationsettings": "GetApplicationSettings", + "getapps": "GetApps", + "getbaiduchannel": "GetBaiduChannel", + "getcampaign": "GetCampaign", + "getcampaignactivities": "GetCampaignActivities", + "getcampaigndaterangekpi": "GetCampaignDateRangeKpi", + "getcampaignversion": "GetCampaignVersion", + "getcampaignversions": "GetCampaignVersions", + "getcampaigns": "GetCampaigns", + "getchannels": "GetChannels", + "getemailchannel": "GetEmailChannel", + "getemailtemplate": "GetEmailTemplate", + "getendpoint": "GetEndpoint", + "geteventstream": "GetEventStream", + "getexportjob": "GetExportJob", + "getexportjobs": "GetExportJobs", + "getgcmchannel": "GetGcmChannel", + "getimportjob": "GetImportJob", + "getimportjobs": "GetImportJobs", + "getinappmessages": "GetInAppMessages", + "getinapptemplate": "GetInAppTemplate", + "getjourney": "GetJourney", + "getjourneydaterangekpi": "GetJourneyDateRangeKpi", + "getjourneyexecutionactivitymetrics": "GetJourneyExecutionActivityMetrics", + "getjourneyexecutionmetrics": "GetJourneyExecutionMetrics", + "getjourneyrunexecutionactivitymetrics": "GetJourneyRunExecutionActivityMetrics", + "getjourneyrunexecutionmetrics": "GetJourneyRunExecutionMetrics", + "getjourneyruns": "GetJourneyRuns", + "getpushtemplate": "GetPushTemplate", + "getrecommenderconfiguration": "GetRecommenderConfiguration", + "getrecommenderconfigurations": "GetRecommenderConfigurations", + "getreports": "GetReports", + "getsegment": "GetSegment", + "getsegmentexportjobs": "GetSegmentExportJobs", + "getsegmentimportjobs": "GetSegmentImportJobs", + "getsegmentversion": "GetSegmentVersion", + "getsegmentversions": "GetSegmentVersions", + "getsegments": "GetSegments", + "getsmschannel": "GetSmsChannel", + "getsmstemplate": "GetSmsTemplate", + "getuserendpoints": "GetUserEndpoints", + "getvoicechannel": "GetVoiceChannel", + "getvoicetemplate": "GetVoiceTemplate", + "listjourneys": "ListJourneys", + "listtagsforresource": "ListTagsForResource", + "listtemplateversions": "ListTemplateVersions", + "listtemplates": "ListTemplates", + "phonenumbervalidate": "PhoneNumberValidate", + "puteventstream": "PutEventStream", + "putevents": "PutEvents", + "removeattributes": "RemoveAttributes", + "sendmessages": "SendMessages", + "sendotpmessage": "SendOTPMessage", + "sendusersmessages": "SendUsersMessages", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateadmchannel": "UpdateAdmChannel", + "updateapnschannel": "UpdateApnsChannel", + "updateapnssandboxchannel": "UpdateApnsSandboxChannel", + "updateapnsvoipchannel": "UpdateApnsVoipChannel", + "updateapnsvoipsandboxchannel": "UpdateApnsVoipSandboxChannel", + "updateapplicationsettings": "UpdateApplicationSettings", + "updatebaiduchannel": "UpdateBaiduChannel", + "updatecampaign": "UpdateCampaign", + "updateemailchannel": "UpdateEmailChannel", + "updateemailtemplate": "UpdateEmailTemplate", + "updateendpoint": "UpdateEndpoint", + "updateendpointsbatch": "UpdateEndpointsBatch", + "updategcmchannel": "UpdateGcmChannel", + "updateinapptemplate": "UpdateInAppTemplate", + "updatejourney": "UpdateJourney", + "updatejourneystate": "UpdateJourneyState", + "updatepushtemplate": "UpdatePushTemplate", + "updaterecommenderconfiguration": "UpdateRecommenderConfiguration", + "updatesegment": "UpdateSegment", + "updatesmschannel": "UpdateSmsChannel", + "updatesmstemplate": "UpdateSmsTemplate", + "updatetemplateactiveversion": "UpdateTemplateActiveVersion", + "updatevoicechannel": "UpdateVoiceChannel", + "updatevoicetemplate": "UpdateVoiceTemplate", + "verifyotpmessage": "VerifyOTPMessage" + }, + "resources": { + "app": { + "resource": "app", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "apps": { + "resource": "apps", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/*", + "condition_keys": [] + }, + "campaign": { + "resource": "campaign", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/campaigns/${CampaignId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "journey": { + "resource": "journey", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "journeys": { + "resource": "journeys", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys", + "condition_keys": [] + }, + "segment": { + "resource": "segment", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/segments/${SegmentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "template": { + "resource": "template", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:templates/${TemplateName}/${TemplateType}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "templates": { + "resource": "templates", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:templates", + "condition_keys": [] + }, + "recommender": { + "resource": "recommender", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:recommenders/${RecommenderId}", + "condition_keys": [] + }, + "recommenders": { + "resource": "recommenders", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:recommenders/*", + "condition_keys": [] + }, + "phone-number-validate": { + "resource": "phone-number-validate", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:phone/number/validate", + "condition_keys": [] + }, + "channels": { + "resource": "channels", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/channels", + "condition_keys": [] + }, + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/channels/${ChannelType}", + "condition_keys": [] + }, + "event-stream": { + "resource": "event-stream", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/eventstream", + "condition_keys": [] + }, + "events": { + "resource": "events", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/events", + "condition_keys": [] + }, + "messages": { + "resource": "messages", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/messages", + "condition_keys": [] + }, + "verify-otp": { + "resource": "verify-otp", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/verify-otp", + "condition_keys": [] + }, + "otp": { + "resource": "otp", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/otp", + "condition_keys": [] + }, + "attribute": { + "resource": "attribute", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/attributes/${AttributeType}", + "condition_keys": [] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/users/${UserId}", + "condition_keys": [] + }, + "endpoint": { + "resource": "endpoint", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/endpoints/${EndpointId}", + "condition_keys": [] + }, + "import-job": { + "resource": "import-job", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/jobs/import/${JobId}", + "condition_keys": [] + }, + "export-job": { + "resource": "export-job", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/jobs/export/${JobId}", + "condition_keys": [] + }, + "application-metrics": { + "resource": "application-metrics", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/kpis/daterange/${KpiName}", + "condition_keys": [] + }, + "campaign-metrics": { + "resource": "campaign-metrics", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/campaigns/${CampaignId}/kpis/daterange/${KpiName}", + "condition_keys": [] + }, + "journey-metrics": { + "resource": "journey-metrics", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}/kpis/daterange/${KpiName}", + "condition_keys": [] + }, + "journey-execution-metrics": { + "resource": "journey-execution-metrics", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}/execution-metrics", + "condition_keys": [] + }, + "journey-execution-activity-metrics": { + "resource": "journey-execution-activity-metrics", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:apps/${AppId}/journeys/${JourneyId}/activities/${JourneyActivityId}/execution-metrics", + "condition_keys": [] + }, + "reports": { + "resource": "reports", + "arn": "arn:${Partition}:mobiletargeting:${Region}:${Account}:reports", + "condition_keys": [] + } + }, + "resources_lower_name": { + "app": "app", + "apps": "apps", + "campaign": "campaign", + "journey": "journey", + "journeys": "journeys", + "segment": "segment", + "template": "template", + "templates": "templates", + "recommender": "recommender", + "recommenders": "recommenders", + "phone-number-validate": "phone-number-validate", + "channels": "channels", + "channel": "channel", + "event-stream": "event-stream", + "events": "events", + "messages": "messages", + "verify-otp": "verify-otp", + "otp": "otp", + "attribute": "attribute", + "user": "user", + "endpoint": "endpoint", + "import-job": "import-job", + "export-job": "export-job", + "application-metrics": "application-metrics", + "campaign-metrics": "campaign-metrics", + "journey-metrics": "journey-metrics", + "journey-execution-metrics": "journey-execution-metrics", + "journey-execution-activity-metrics": "journey-execution-activity-metrics", + "reports": "reports" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a key that is present in the request the user makes to the pinpoint service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names present in the request the user makes to the pinpoint service", + "type": "ArrayOfString" + } + } + }, + "ses": { + "service_name": "Amazon Pinpoint Email Service", + "prefix": "ses", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpinpointemailservice.html", + "privileges": { + "CreateConfigurationSet": { + "privilege": "CreateConfigurationSet", + "description": "Grants permission to create a new configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateConfigurationSet.html" + }, + "CreateConfigurationSetEventDestination": { + "privilege": "CreateConfigurationSetEventDestination", + "description": "Grants permission to create a configuration set event destination", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateConfigurationSetEventDestination.html" + }, + "CreateDedicatedIpPool": { + "privilege": "CreateDedicatedIpPool", + "description": "Grants permission to create a new pool of dedicated IP addresses", + "access_level": "Write", + "resource_types": { + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-ip-pool": "dedicated-ip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateDedicatedIpPool.html" + }, + "CreateDeliverabilityTestReport": { + "privilege": "CreateDeliverabilityTestReport", + "description": "Grants permission to create a new predictive inbox placement test", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateDeliverabilityTestReport.html" + }, + "CreateEmailIdentity": { + "privilege": "CreateEmailIdentity", + "description": "Grants permission to start the process of verifying an email identity", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateEmailIdentity.html" + }, + "DeleteConfigurationSet": { + "privilege": "DeleteConfigurationSet", + "description": "Grants permission to delete an existing configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteConfigurationSet.html" + }, + "DeleteConfigurationSetEventDestination": { + "privilege": "DeleteConfigurationSetEventDestination", + "description": "Grants permission to delete an event destination", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteConfigurationSetEventDestination.html" + }, + "DeleteDedicatedIpPool": { + "privilege": "DeleteDedicatedIpPool", + "description": "Grants permission to delete a dedicated IP pool", + "access_level": "Write", + "resource_types": { + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-ip-pool": "dedicated-ip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteDedicatedIpPool.html" + }, + "DeleteEmailIdentity": { + "privilege": "DeleteEmailIdentity", + "description": "Grants permission to delete an email identity", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteEmailIdentity.html" + }, + "GetAccount": { + "privilege": "GetAccount", + "description": "Grants permission to get information about the email-sending status and capabilities for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetAccount.html" + }, + "GetBlacklistReports": { + "privilege": "GetBlacklistReports", + "description": "Grants permission to retrieve a list of the deny lists on which your dedicated IP addresses or tracked domains appear", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetBlacklistReports.html" + }, + "GetConfigurationSet": { + "privilege": "GetConfigurationSet", + "description": "Grants permission to get information about an existing configuration set", + "access_level": "Read", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetConfigurationSet.html" + }, + "GetConfigurationSetEventDestinations": { + "privilege": "GetConfigurationSetEventDestinations", + "description": "Grants permission to retrieve a list of event destinations that are associated with a configuration set", + "access_level": "Read", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetConfigurationSetEventDestinations.html" + }, + "GetDedicatedIp": { + "privilege": "GetDedicatedIp", + "description": "Grants permission to get information about a dedicated IP address", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDedicatedIp.html" + }, + "GetDedicatedIps": { + "privilege": "GetDedicatedIps", + "description": "Grants permission to list the dedicated IP addresses a dedicated IP pool", + "access_level": "Read", + "resource_types": { + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-ip-pool": "dedicated-ip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDedicatedIps.html" + }, + "GetDeliverabilityDashboardOptions": { + "privilege": "GetDeliverabilityDashboardOptions", + "description": "Grants permission to get the status of the Deliverability dashboard", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDeliverabilityDashboardOptions.html" + }, + "GetDeliverabilityTestReport": { + "privilege": "GetDeliverabilityTestReport", + "description": "Grants permission to retrieve the results of a predictive inbox placement test", + "access_level": "Read", + "resource_types": { + "deliverability-test-report": { + "resource_type": "deliverability-test-report", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deliverability-test-report": "deliverability-test-report", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDeliverabilityTestReport.html" + }, + "GetDomainDeliverabilityCampaign": { + "privilege": "GetDomainDeliverabilityCampaign", + "description": "Grants permission to retrieve all the deliverability data for a specific campaign", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDomainDeliverabilityCampaign.html" + }, + "GetDomainStatisticsReport": { + "privilege": "GetDomainStatisticsReport", + "description": "Grants permission to retrieve inbox placement and engagement rates for the domains that you use to send email", + "access_level": "Read", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDomainStatisticsReport.html" + }, + "GetEmailIdentity": { + "privilege": "GetEmailIdentity", + "description": "Grants permission to get information about a specific identity", + "access_level": "Read", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetEmailIdentity.html" + }, + "ListConfigurationSets": { + "privilege": "ListConfigurationSets", + "description": "Grants permission to list all of the configuration sets for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListConfigurationSets.html" + }, + "ListDedicatedIpPools": { + "privilege": "ListDedicatedIpPools", + "description": "Grants permission to list all of the dedicated IP pools for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListDedicatedIpPools.html" + }, + "ListDeliverabilityTestReports": { + "privilege": "ListDeliverabilityTestReports", + "description": "Grants permission to retrieve the list of the predictive inbox placement tests that you've performed, regardless of their statuses, for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListDeliverabilityTestReports.html" + }, + "ListDomainDeliverabilityCampaigns": { + "privilege": "ListDomainDeliverabilityCampaigns", + "description": "Grants permission to list deliverability data for campaigns that used a specific domain to send email during a specified time range", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListDomainDeliverabilityCampaigns.html" + }, + "ListEmailIdentities": { + "privilege": "ListEmailIdentities", + "description": "Grants permission to list the email identities for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListEmailIdentities.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of the tags (keys and values) that are associated with a specific resource for your account", + "access_level": "Read", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-list": { + "resource_type": "contact-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deliverability-test-report": { + "resource_type": "deliverability-test-report", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "identity": { + "resource_type": "identity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "contact-list": "contact-list", + "dedicated-ip-pool": "dedicated-ip-pool", + "deliverability-test-report": "deliverability-test-report", + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListTagsForResource.html" + }, + "PutAccountDedicatedIpWarmupAttributes": { + "privilege": "PutAccountDedicatedIpWarmupAttributes", + "description": "Grants permission to enable or disable the automatic warm-up feature for dedicated IP addresses", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountDedicatedIpWarmupAttributes.html" + }, + "PutAccountSendingAttributes": { + "privilege": "PutAccountSendingAttributes", + "description": "Grants permission to enable or disable the ability to send email for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountSendingAttributes.html" + }, + "PutConfigurationSetDeliveryOptions": { + "privilege": "PutConfigurationSetDeliveryOptions", + "description": "Grants permission to associate a configuration set with a dedicated IP pool", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetDeliveryOptions.html" + }, + "PutConfigurationSetReputationOptions": { + "privilege": "PutConfigurationSetReputationOptions", + "description": "Grants permission to enable or disable collection of reputation metrics for emails that you send using a particular configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetReputationOptions.html" + }, + "PutConfigurationSetSendingOptions": { + "privilege": "PutConfigurationSetSendingOptions", + "description": "Grants permission to enable or disable email sending for messages that use a particular configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetSendingOptions.html" + }, + "PutConfigurationSetTrackingOptions": { + "privilege": "PutConfigurationSetTrackingOptions", + "description": "Grants permission to specify a custom domain to use for open and click tracking elements in email that you send for a particular configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetTrackingOptions.html" + }, + "PutDedicatedIpInPool": { + "privilege": "PutDedicatedIpInPool", + "description": "Grants permission to move a dedicated IP address to an existing dedicated IP pool", + "access_level": "Write", + "resource_types": { + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-ip-pool": "dedicated-ip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDedicatedIpInPool.html" + }, + "PutDedicatedIpWarmupAttributes": { + "privilege": "PutDedicatedIpWarmupAttributes", + "description": "Grants permission to put Dedicated IP warm up attributes", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDedicatedIpWarmupAttributes.html" + }, + "PutDeliverabilityDashboardOption": { + "privilege": "PutDeliverabilityDashboardOption", + "description": "Grants permission to enable or disable the Deliverability dashboard", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDeliverabilityDashboardOption.html" + }, + "PutEmailIdentityDkimAttributes": { + "privilege": "PutEmailIdentityDkimAttributes", + "description": "Grants permission to enable or disable DKIM authentication for an email identity", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityDkimAttributes.html" + }, + "PutEmailIdentityFeedbackAttributes": { + "privilege": "PutEmailIdentityFeedbackAttributes", + "description": "Grants permission to enable or disable feedback forwarding for an email identity", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityFeedbackAttributes.html" + }, + "PutEmailIdentityMailFromAttributes": { + "privilege": "PutEmailIdentityMailFromAttributes", + "description": "Grants permission to enable or disable the custom MAIL FROM domain configuration for an email identity", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityMailFromAttributes.html" + }, + "SendEmail": { + "privilege": "SendEmail", + "description": "Grants permission to send an email message", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "ses:FeedbackAddress", + "ses:FromAddress", + "ses:FromDisplayName", + "ses:Recipients" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "configuration-set": "configuration-set", + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags (keys and values) to a specified resource", + "access_level": "Tagging", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-list": { + "resource_type": "contact-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deliverability-test-report": { + "resource_type": "deliverability-test-report", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "identity": { + "resource_type": "identity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "contact-list": "contact-list", + "dedicated-ip-pool": "dedicated-ip-pool", + "deliverability-test-report": "deliverability-test-report", + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags (keys and values) from a specified resource", + "access_level": "Tagging", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "contact-list": { + "resource_type": "contact-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deliverability-test-report": { + "resource_type": "deliverability-test-report", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "identity": { + "resource_type": "identity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "contact-list": "contact-list", + "dedicated-ip-pool": "dedicated-ip-pool", + "deliverability-test-report": "deliverability-test-report", + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UntagResource.html" + }, + "UpdateConfigurationSetEventDestination": { + "privilege": "UpdateConfigurationSetEventDestination", + "description": "Grants permission to update the configuration of an event destination for a configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateConfigurationSetEventDestination.html" + }, + "CloneReceiptRuleSet": { + "privilege": "CloneReceiptRuleSet", + "description": "Grants permission to create a receipt rule set by cloning an existing one", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CloneReceiptRuleSet.html" + }, + "CreateConfigurationSetTrackingOptions": { + "privilege": "CreateConfigurationSetTrackingOptions", + "description": "Grants permission to creates an association between a configuration set and a custom domain for open and click event tracking", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateConfigurationSetTrackingOptions.html" + }, + "CreateCustomVerificationEmailTemplate": { + "privilege": "CreateCustomVerificationEmailTemplate", + "description": "Grants permission to create a new custom verification email template", + "access_level": "Write", + "resource_types": { + "custom-verification-email-template": { + "resource_type": "custom-verification-email-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-verification-email-template": "custom-verification-email-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateCustomVerificationEmailTemplate.html" + }, + "CreateReceiptFilter": { + "privilege": "CreateReceiptFilter", + "description": "Grants permission to create a new IP address filter", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateReceiptFilter.html" + }, + "CreateReceiptRule": { + "privilege": "CreateReceiptRule", + "description": "Grants permission to create a receipt rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateReceiptRule.html" + }, + "CreateReceiptRuleSet": { + "privilege": "CreateReceiptRuleSet", + "description": "Grants permission to create an empty receipt rule set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateReceiptRuleSet.html" + }, + "CreateTemplate": { + "privilege": "CreateTemplate", + "description": "Grants permission to creates an email template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateTemplate.html" + }, + "DeleteConfigurationSetTrackingOptions": { + "privilege": "DeleteConfigurationSetTrackingOptions", + "description": "Grants permission to delete an association between a configuration set and a custom domain for open and click event tracking", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteConfigurationSetTrackingOptions.html" + }, + "DeleteCustomVerificationEmailTemplate": { + "privilege": "DeleteCustomVerificationEmailTemplate", + "description": "Grants permission to delete an existing custom verification email template", + "access_level": "Write", + "resource_types": { + "custom-verification-email-template": { + "resource_type": "custom-verification-email-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-verification-email-template": "custom-verification-email-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteCustomVerificationEmailTemplate.html" + }, + "DeleteIdentity": { + "privilege": "DeleteIdentity", + "description": "Grants permission to delete the specified identity", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteIdentity.html" + }, + "DeleteIdentityPolicy": { + "privilege": "DeleteIdentityPolicy", + "description": "Grants permission to delete the specified sending authorization policy for the given identity (an email address or a domain)", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteIdentityPolicy.html" + }, + "DeleteReceiptFilter": { + "privilege": "DeleteReceiptFilter", + "description": "Grants permission to delete the specified IP address filter", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteReceiptFilter.html" + }, + "DeleteReceiptRule": { + "privilege": "DeleteReceiptRule", + "description": "Grants permission to delete the specified receipt rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteReceiptRule.html" + }, + "DeleteReceiptRuleSet": { + "privilege": "DeleteReceiptRuleSet", + "description": "Grants permission to delete the specified receipt rule set and all of the receipt rules it contains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteReceiptRuleSet.html" + }, + "DeleteTemplate": { + "privilege": "DeleteTemplate", + "description": "Grants permission to delete an email template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteTemplate.html" + }, + "DeleteVerifiedEmailAddress": { + "privilege": "DeleteVerifiedEmailAddress", + "description": "Grants permission to delete the specified email address from the list of verified addresses", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DeleteVerifiedEmailAddress.html" + }, + "DescribeActiveReceiptRuleSet": { + "privilege": "DescribeActiveReceiptRuleSet", + "description": "Grants permission to return the metadata and receipt rules for the receipt rule set that is currently active", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeActiveReceiptRuleSet.html" + }, + "DescribeConfigurationSet": { + "privilege": "DescribeConfigurationSet", + "description": "Grants permission to return the details of the specified configuration set", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeConfigurationSet.html" + }, + "DescribeReceiptRule": { + "privilege": "DescribeReceiptRule", + "description": "Grants permission to return the details of the specified receipt rule", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeReceiptRule.html" + }, + "DescribeReceiptRuleSet": { + "privilege": "DescribeReceiptRuleSet", + "description": "Grants permission to return the details of the specified receipt rule set", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_DescribeReceiptRuleSet.html" + }, + "GetAccountSendingEnabled": { + "privilege": "GetAccountSendingEnabled", + "description": "Grants permission to return the email sending status of your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetAccountSendingEnabled.html" + }, + "GetCustomVerificationEmailTemplate": { + "privilege": "GetCustomVerificationEmailTemplate", + "description": "Grants permission to return the custom email verification template for the template name you specify", + "access_level": "Read", + "resource_types": { + "custom-verification-email-template": { + "resource_type": "custom-verification-email-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-verification-email-template": "custom-verification-email-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetCustomVerificationEmailTemplate.html" + }, + "GetIdentityDkimAttributes": { + "privilege": "GetIdentityDkimAttributes", + "description": "Grants permission to return the current status of Easy DKIM signing for an entity", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityDkimAttributes.html" + }, + "GetIdentityMailFromDomainAttributes": { + "privilege": "GetIdentityMailFromDomainAttributes", + "description": "Grants permission to return the custom MAIL FROM attributes for a list of identities (email addresses and/or domains)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityMailFromDomainAttributes.html" + }, + "GetIdentityNotificationAttributes": { + "privilege": "GetIdentityNotificationAttributes", + "description": "Grants permission to return a structure describing identity notification attributes for a list of verified identities (email addresses and/or domains),", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityNotificationAttributes.html" + }, + "GetIdentityPolicies": { + "privilege": "GetIdentityPolicies", + "description": "Grants permission to return the requested sending authorization policies for the given identity (an email address or a domain)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityPolicies.html" + }, + "GetIdentityVerificationAttributes": { + "privilege": "GetIdentityVerificationAttributes", + "description": "Grants permission to return the verification status and (for domain identities) the verification token for a list of identities", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityVerificationAttributes.html" + }, + "GetSendQuota": { + "privilege": "GetSendQuota", + "description": "Grants permission to return the user's current sending limits", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetSendQuota.html" + }, + "GetSendStatistics": { + "privilege": "GetSendStatistics", + "description": "Grants permission to returns the user's sending statistics", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetSendStatistics.html" + }, + "GetTemplate": { + "privilege": "GetTemplate", + "description": "Grants permission to return the template object, which includes the subject line, HTML par, and text part for the template you specify", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_GetTemplate.html" + }, + "ListCustomVerificationEmailTemplates": { + "privilege": "ListCustomVerificationEmailTemplates", + "description": "Grants permission to list all of the existing custom verification email templates for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListCustomVerificationEmailTemplates.html" + }, + "ListIdentities": { + "privilege": "ListIdentities", + "description": "Grants permission to list the email identities for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListIdentities.html" + }, + "ListIdentityPolicies": { + "privilege": "ListIdentityPolicies", + "description": "Grants permission to list all of the email templates for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListIdentityPolicies.html" + }, + "ListReceiptFilters": { + "privilege": "ListReceiptFilters", + "description": "Grants permission to list the IP address filters associated with your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListReceiptFilters.html" + }, + "ListReceiptRuleSets": { + "privilege": "ListReceiptRuleSets", + "description": "Grants permission to list the receipt rule sets that exist under your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListReceiptRuleSets.html" + }, + "ListTemplates": { + "privilege": "ListTemplates", + "description": "Grants permission to list the email templates present in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListTemplates.html" + }, + "ListVerifiedEmailAddresses": { + "privilege": "ListVerifiedEmailAddresses", + "description": "Grants permission to list all of the email addresses that have been verified in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ListVerifiedEmailAddresses.html" + }, + "PutIdentityPolicy": { + "privilege": "PutIdentityPolicy", + "description": "Grants permission to add or update a sending authorization policy for the specified identity (an email address or a domain)", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_PutIdentityPolicy.html" + }, + "ReorderReceiptRuleSet": { + "privilege": "ReorderReceiptRuleSet", + "description": "Grants permission to reorder the receipt rules within a receipt rule set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_ReorderReceiptRuleSet.html" + }, + "SendBounce": { + "privilege": "SendBounce", + "description": "Grants permission to generate and send a bounce message to the sender of an email you received through Amazon SES", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "ses:FromAddress" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendBounce.html" + }, + "SendBulkTemplatedEmail": { + "privilege": "SendBulkTemplatedEmail", + "description": "Grants permission to compose an email message to multiple destinations", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "ses:FeedbackAddress", + "ses:FromAddress", + "ses:FromDisplayName", + "ses:Recipients" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "template": "template", + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendBulkTemplatedEmail.html" + }, + "SendCustomVerificationEmail": { + "privilege": "SendCustomVerificationEmail", + "description": "Grants permission to add an email address to the list of identities and attempts to verify it", + "access_level": "Write", + "resource_types": { + "custom-verification-email-template": { + "resource_type": "custom-verification-email-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-verification-email-template": "custom-verification-email-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendCustomVerificationEmail.html" + }, + "SendRawEmail": { + "privilege": "SendRawEmail", + "description": "Grants permission to send an email message, with header and content specified by the client", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "ses:FeedbackAddress", + "ses:FromAddress", + "ses:FromDisplayName", + "ses:Recipients" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendRawEmail.html" + }, + "SendTemplatedEmail": { + "privilege": "SendTemplatedEmail", + "description": "Grants permission to compose an email message using an email template", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "ses:FeedbackAddress", + "ses:FromAddress", + "ses:FromDisplayName", + "ses:Recipients" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "template": "template", + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SendTemplatedEmail.html" + }, + "SetActiveReceiptRuleSet": { + "privilege": "SetActiveReceiptRuleSet", + "description": "Grants permission to set the specified receipt rule set as the active receipt rule set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetActiveReceiptRuleSet.html" + }, + "SetIdentityDkimEnabled": { + "privilege": "SetIdentityDkimEnabled", + "description": "Grants permission to enable or disable Easy DKIM signing of email sent from an identity", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityDkimEnabled.html" + }, + "SetIdentityFeedbackForwardingEnabled": { + "privilege": "SetIdentityFeedbackForwardingEnabled", + "description": "Grants permission to enable or disable whether Amazon SES forwards bounce and complaint notifications for an identity (an email address or a domain)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityFeedbackForwardingEnabled.html" + }, + "SetIdentityHeadersInNotificationsEnabled": { + "privilege": "SetIdentityHeadersInNotificationsEnabled", + "description": "Grants permission to set whether Amazon SES includes the original email headers in the Amazon Simple Notification Service (Amazon SNS) notifications of a specified type for a given identity (an email address or a domain)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityHeadersInNotificationsEnabled.html" + }, + "SetIdentityMailFromDomain": { + "privilege": "SetIdentityMailFromDomain", + "description": "Grants permission to enable or disable the custom MAIL FROM domain setup for a verified identity", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityMailFromDomain.html" + }, + "SetIdentityNotificationTopic": { + "privilege": "SetIdentityNotificationTopic", + "description": "Grants permission to set an Amazon Simple Notification Service (Amazon SNS) topic to use when delivering notifications for a verified identity", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetIdentityNotificationTopic.html" + }, + "SetReceiptRulePosition": { + "privilege": "SetReceiptRulePosition", + "description": "Grants permission to set the position of the specified receipt rule in the receipt rule set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_SetReceiptRulePosition.html" + }, + "TestRenderTemplate": { + "privilege": "TestRenderTemplate", + "description": "Grants permission to create a preview of the MIME content of an email when provided with a template and a set of replacement data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_TestRenderTemplate.html" + }, + "UpdateAccountSendingEnabled": { + "privilege": "UpdateAccountSendingEnabled", + "description": "Grants permission to enable or disable email sending for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateAccountSendingEnabled.html" + }, + "UpdateConfigurationSetReputationMetricsEnabled": { + "privilege": "UpdateConfigurationSetReputationMetricsEnabled", + "description": "Grants permission to enable or disable the publishing of reputation metrics for emails sent using a specific configuration set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateConfigurationSetReputationMetricsEnabled.html" + }, + "UpdateConfigurationSetSendingEnabled": { + "privilege": "UpdateConfigurationSetSendingEnabled", + "description": "Grants permission to enable or disable email sending for messages sent using a specific configuration set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateConfigurationSetSendingEnabled.html" + }, + "UpdateConfigurationSetTrackingOptions": { + "privilege": "UpdateConfigurationSetTrackingOptions", + "description": "Grants permission to modify an association between a configuration set and a custom domain for open and click event tracking", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateConfigurationSetTrackingOptions.html" + }, + "UpdateCustomVerificationEmailTemplate": { + "privilege": "UpdateCustomVerificationEmailTemplate", + "description": "Grants permission to update an existing custom verification email template", + "access_level": "Write", + "resource_types": { + "custom-verification-email-template": { + "resource_type": "custom-verification-email-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custom-verification-email-template": "custom-verification-email-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateCustomVerificationEmailTemplate.html" + }, + "UpdateReceiptRule": { + "privilege": "UpdateReceiptRule", + "description": "Grants permission to update a receipt rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateReceiptRule.html" + }, + "UpdateTemplate": { + "privilege": "UpdateTemplate", + "description": "Grants permission to update an email template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_UpdateTemplate.html" + }, + "VerifyDomainDkim": { + "privilege": "VerifyDomainDkim", + "description": "Grants permission to return a set of DKIM tokens for a domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyDomainDkim.html" + }, + "VerifyDomainIdentity": { + "privilege": "VerifyDomainIdentity", + "description": "Grants permission to verify a domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyDomainIdentity.html" + }, + "VerifyEmailAddress": { + "privilege": "VerifyEmailAddress", + "description": "Grants permission to verify an email address", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyEmailAddress.html" + }, + "VerifyEmailIdentity": { + "privilege": "VerifyEmailIdentity", + "description": "Grants permission to verify an email identity", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference/API_VerifyEmailIdentity.html" + }, + "BatchGetMetricData": { + "privilege": "BatchGetMetricData", + "description": "Grants permission to get metric data on your activity", + "access_level": "Read", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "identity": { + "resource_type": "identity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_BatchGetMetricData.html" + }, + "CreateContact": { + "privilege": "CreateContact", + "description": "Grants permission to create a contact", + "access_level": "Write", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateContact.html" + }, + "CreateContactList": { + "privilege": "CreateContactList", + "description": "Grants permission to create a contact list", + "access_level": "Write", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateContactList.html" + }, + "CreateEmailIdentityPolicy": { + "privilege": "CreateEmailIdentityPolicy", + "description": "Grants permission to create the specified sending authorization policy for the given identity", + "access_level": "Permissions management", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateEmailIdentityPolicy.html" + }, + "CreateEmailTemplate": { + "privilege": "CreateEmailTemplate", + "description": "Grants permission to create an email template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateEmailTemplate.html" + }, + "CreateImportJob": { + "privilege": "CreateImportJob", + "description": "Grants permission to creates an import job for a data destination", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_CreateImportJob.html" + }, + "DeleteContact": { + "privilege": "DeleteContact", + "description": "Grants permission to delete a contact from a contact list", + "access_level": "Write", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteContact.html" + }, + "DeleteContactList": { + "privilege": "DeleteContactList", + "description": "Grants permission to delete a contact list with all of its contacts", + "access_level": "Write", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteContactList.html" + }, + "DeleteEmailIdentityPolicy": { + "privilege": "DeleteEmailIdentityPolicy", + "description": "Grants permission to delete the specified sending authorization policy for the given identity (an email address or a domain)", + "access_level": "Permissions management", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteEmailIdentityPolicy.html" + }, + "DeleteEmailTemplate": { + "privilege": "DeleteEmailTemplate", + "description": "Grants permission to delete an email template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteEmailTemplate.html" + }, + "DeleteSuppressedDestination": { + "privilege": "DeleteSuppressedDestination", + "description": "Grants permission to remove an email address from the suppression list for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_DeleteSuppressedDestination.html" + }, + "GetContact": { + "privilege": "GetContact", + "description": "Grants permission to return a contact from a contact list", + "access_level": "Read", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetContact.html" + }, + "GetContactList": { + "privilege": "GetContactList", + "description": "Grants permission to return contact list metadata", + "access_level": "Read", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetContactList.html" + }, + "GetDedicatedIpPool": { + "privilege": "GetDedicatedIpPool", + "description": "Grants permission to get information about a dedicated IP pool", + "access_level": "Read", + "resource_types": { + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-ip-pool": "dedicated-ip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetDedicatedIpPool.html" + }, + "GetEmailIdentityPolicies": { + "privilege": "GetEmailIdentityPolicies", + "description": "Grants permission to return the requested sending authorization policies for the given identity (an email address or a domain)", + "access_level": "Read", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetEmailIdentityPolicies.html" + }, + "GetEmailTemplate": { + "privilege": "GetEmailTemplate", + "description": "Grants permission to return the template object, which includes the subject line, HTML part, and text part for the template you specify", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetEmailTemplate.html" + }, + "GetImportJob": { + "privilege": "GetImportJob", + "description": "Grants permission to provide information about an import job", + "access_level": "Read", + "resource_types": { + "import-job": { + "resource_type": "import-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "import-job": "import-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetImportJob.html" + }, + "GetSuppressedDestination": { + "privilege": "GetSuppressedDestination", + "description": "Grants permission to retrieve information about a specific email address that's on the suppression list for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_GetSuppressedDestination.html" + }, + "ListContactLists": { + "privilege": "ListContactLists", + "description": "Grants permission to list all of the contact lists available for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListContactLists.html" + }, + "ListContacts": { + "privilege": "ListContacts", + "description": "Grants permission to list the contacts present in a specific contact list", + "access_level": "List", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListContacts.html" + }, + "ListEmailTemplates": { + "privilege": "ListEmailTemplates", + "description": "Grants permission to list all of the email templates for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListEmailTemplates.html" + }, + "ListImportJobs": { + "privilege": "ListImportJobs", + "description": "Grants permission to list all of the import jobs for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListImportJobs.html" + }, + "ListRecommendations": { + "privilege": "ListRecommendations", + "description": "Grants permission to list recommendations for your account", + "access_level": "Read", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListRecommendations.html" + }, + "ListSuppressedDestinations": { + "privilege": "ListSuppressedDestinations", + "description": "Grants permission to list email addresses that are on the suppression list for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_ListSuppressedDestinations.html" + }, + "PutAccountDetails": { + "privilege": "PutAccountDetails", + "description": "Grants permission to update your account details", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountDetails.html" + }, + "PutAccountSuppressionAttributes": { + "privilege": "PutAccountSuppressionAttributes", + "description": "Grants permission to change the settings for the account-level suppression list", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountSuppressionAttributes.html" + }, + "PutAccountVdmAttributes": { + "privilege": "PutAccountVdmAttributes", + "description": "Grants permission to change the settings for VDM for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutAccountVdmAttributes.html" + }, + "PutConfigurationSetSuppressionOptions": { + "privilege": "PutConfigurationSetSuppressionOptions", + "description": "Grants permission to specify the account suppression list preferences for a particular configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetSuppressionOptions.html" + }, + "PutConfigurationSetVdmOptions": { + "privilege": "PutConfigurationSetVdmOptions", + "description": "Grants permission to override account-level VDM settings for a particular configuration set", + "access_level": "Write", + "resource_types": { + "configuration-set": { + "resource_type": "configuration-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutConfigurationSetVdmOptions.html" + }, + "PutDedicatedIpPoolScalingAttributes": { + "privilege": "PutDedicatedIpPoolScalingAttributes", + "description": "Grants permission to transition a dedicated IP pool from Standard to Managed", + "access_level": "Write", + "resource_types": { + "dedicated-ip-pool": { + "resource_type": "dedicated-ip-pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dedicated-ip-pool": "dedicated-ip-pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutDedicatedIpPoolScalingAttributes.html" + }, + "PutEmailIdentityConfigurationSetAttributes": { + "privilege": "PutEmailIdentityConfigurationSetAttributes", + "description": "Grants permission to associate a configuration set with an email identity", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityConfigurationSetAttributes.html" + }, + "PutEmailIdentityDkimSigningAttributes": { + "privilege": "PutEmailIdentityDkimSigningAttributes", + "description": "Grants permission to configure or change the DKIM authentication settings for an email domain identity", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutEmailIdentityDkimSigningAttributes.html" + }, + "PutSuppressedDestination": { + "privilege": "PutSuppressedDestination", + "description": "Grants permission to add an email address to the suppression list", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_PutSuppressedDestination.html" + }, + "SendBulkEmail": { + "privilege": "SendBulkEmail", + "description": "Grants permission to compose an email message to multiple destinations", + "access_level": "Write", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration-set": { + "resource_type": "configuration-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "template": "template", + "configuration-set": "configuration-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html" + }, + "TestRenderEmailTemplate": { + "privilege": "TestRenderEmailTemplate", + "description": "Grants permission to create a preview of the MIME content of an email when provided with a template and a set of replacement data", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_TestRenderEmailTemplate.html" + }, + "UpdateContact": { + "privilege": "UpdateContact", + "description": "Grants permission to update a contact's preferences for a list", + "access_level": "Write", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateContact.html" + }, + "UpdateContactList": { + "privilege": "UpdateContactList", + "description": "Grants permission to update contact list metadata", + "access_level": "Write", + "resource_types": { + "contact-list": { + "resource_type": "contact-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact-list": "contact-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateContactList.html" + }, + "UpdateEmailIdentityPolicy": { + "privilege": "UpdateEmailIdentityPolicy", + "description": "Grants permission to update the specified sending authorization policy for the given identity (an email address or a domain)", + "access_level": "Permissions management", + "resource_types": { + "identity": { + "resource_type": "identity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identity": "identity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateEmailIdentityPolicy.html" + }, + "UpdateEmailTemplate": { + "privilege": "UpdateEmailTemplate", + "description": "Grants permission to update an email template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ses:ApiVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_UpdateEmailTemplate.html" + } + }, + "privileges_lower_name": { + "createconfigurationset": "CreateConfigurationSet", + "createconfigurationseteventdestination": "CreateConfigurationSetEventDestination", + "creatededicatedippool": "CreateDedicatedIpPool", + "createdeliverabilitytestreport": "CreateDeliverabilityTestReport", + "createemailidentity": "CreateEmailIdentity", + "deleteconfigurationset": "DeleteConfigurationSet", + "deleteconfigurationseteventdestination": "DeleteConfigurationSetEventDestination", + "deletededicatedippool": "DeleteDedicatedIpPool", + "deleteemailidentity": "DeleteEmailIdentity", + "getaccount": "GetAccount", + "getblacklistreports": "GetBlacklistReports", + "getconfigurationset": "GetConfigurationSet", + "getconfigurationseteventdestinations": "GetConfigurationSetEventDestinations", + "getdedicatedip": "GetDedicatedIp", + "getdedicatedips": "GetDedicatedIps", + "getdeliverabilitydashboardoptions": "GetDeliverabilityDashboardOptions", + "getdeliverabilitytestreport": "GetDeliverabilityTestReport", + "getdomaindeliverabilitycampaign": "GetDomainDeliverabilityCampaign", + "getdomainstatisticsreport": "GetDomainStatisticsReport", + "getemailidentity": "GetEmailIdentity", + "listconfigurationsets": "ListConfigurationSets", + "listdedicatedippools": "ListDedicatedIpPools", + "listdeliverabilitytestreports": "ListDeliverabilityTestReports", + "listdomaindeliverabilitycampaigns": "ListDomainDeliverabilityCampaigns", + "listemailidentities": "ListEmailIdentities", + "listtagsforresource": "ListTagsForResource", + "putaccountdedicatedipwarmupattributes": "PutAccountDedicatedIpWarmupAttributes", + "putaccountsendingattributes": "PutAccountSendingAttributes", + "putconfigurationsetdeliveryoptions": "PutConfigurationSetDeliveryOptions", + "putconfigurationsetreputationoptions": "PutConfigurationSetReputationOptions", + "putconfigurationsetsendingoptions": "PutConfigurationSetSendingOptions", + "putconfigurationsettrackingoptions": "PutConfigurationSetTrackingOptions", + "putdedicatedipinpool": "PutDedicatedIpInPool", + "putdedicatedipwarmupattributes": "PutDedicatedIpWarmupAttributes", + "putdeliverabilitydashboardoption": "PutDeliverabilityDashboardOption", + "putemailidentitydkimattributes": "PutEmailIdentityDkimAttributes", + "putemailidentityfeedbackattributes": "PutEmailIdentityFeedbackAttributes", + "putemailidentitymailfromattributes": "PutEmailIdentityMailFromAttributes", + "sendemail": "SendEmail", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateconfigurationseteventdestination": "UpdateConfigurationSetEventDestination", + "clonereceiptruleset": "CloneReceiptRuleSet", + "createconfigurationsettrackingoptions": "CreateConfigurationSetTrackingOptions", + "createcustomverificationemailtemplate": "CreateCustomVerificationEmailTemplate", + "createreceiptfilter": "CreateReceiptFilter", + "createreceiptrule": "CreateReceiptRule", + "createreceiptruleset": "CreateReceiptRuleSet", + "createtemplate": "CreateTemplate", + "deleteconfigurationsettrackingoptions": "DeleteConfigurationSetTrackingOptions", + "deletecustomverificationemailtemplate": "DeleteCustomVerificationEmailTemplate", + "deleteidentity": "DeleteIdentity", + "deleteidentitypolicy": "DeleteIdentityPolicy", + "deletereceiptfilter": "DeleteReceiptFilter", + "deletereceiptrule": "DeleteReceiptRule", + "deletereceiptruleset": "DeleteReceiptRuleSet", + "deletetemplate": "DeleteTemplate", + "deleteverifiedemailaddress": "DeleteVerifiedEmailAddress", + "describeactivereceiptruleset": "DescribeActiveReceiptRuleSet", + "describeconfigurationset": "DescribeConfigurationSet", + "describereceiptrule": "DescribeReceiptRule", + "describereceiptruleset": "DescribeReceiptRuleSet", + "getaccountsendingenabled": "GetAccountSendingEnabled", + "getcustomverificationemailtemplate": "GetCustomVerificationEmailTemplate", + "getidentitydkimattributes": "GetIdentityDkimAttributes", + "getidentitymailfromdomainattributes": "GetIdentityMailFromDomainAttributes", + "getidentitynotificationattributes": "GetIdentityNotificationAttributes", + "getidentitypolicies": "GetIdentityPolicies", + "getidentityverificationattributes": "GetIdentityVerificationAttributes", + "getsendquota": "GetSendQuota", + "getsendstatistics": "GetSendStatistics", + "gettemplate": "GetTemplate", + "listcustomverificationemailtemplates": "ListCustomVerificationEmailTemplates", + "listidentities": "ListIdentities", + "listidentitypolicies": "ListIdentityPolicies", + "listreceiptfilters": "ListReceiptFilters", + "listreceiptrulesets": "ListReceiptRuleSets", + "listtemplates": "ListTemplates", + "listverifiedemailaddresses": "ListVerifiedEmailAddresses", + "putidentitypolicy": "PutIdentityPolicy", + "reorderreceiptruleset": "ReorderReceiptRuleSet", + "sendbounce": "SendBounce", + "sendbulktemplatedemail": "SendBulkTemplatedEmail", + "sendcustomverificationemail": "SendCustomVerificationEmail", + "sendrawemail": "SendRawEmail", + "sendtemplatedemail": "SendTemplatedEmail", + "setactivereceiptruleset": "SetActiveReceiptRuleSet", + "setidentitydkimenabled": "SetIdentityDkimEnabled", + "setidentityfeedbackforwardingenabled": "SetIdentityFeedbackForwardingEnabled", + "setidentityheadersinnotificationsenabled": "SetIdentityHeadersInNotificationsEnabled", + "setidentitymailfromdomain": "SetIdentityMailFromDomain", + "setidentitynotificationtopic": "SetIdentityNotificationTopic", + "setreceiptruleposition": "SetReceiptRulePosition", + "testrendertemplate": "TestRenderTemplate", + "updateaccountsendingenabled": "UpdateAccountSendingEnabled", + "updateconfigurationsetreputationmetricsenabled": "UpdateConfigurationSetReputationMetricsEnabled", + "updateconfigurationsetsendingenabled": "UpdateConfigurationSetSendingEnabled", + "updateconfigurationsettrackingoptions": "UpdateConfigurationSetTrackingOptions", + "updatecustomverificationemailtemplate": "UpdateCustomVerificationEmailTemplate", + "updatereceiptrule": "UpdateReceiptRule", + "updatetemplate": "UpdateTemplate", + "verifydomaindkim": "VerifyDomainDkim", + "verifydomainidentity": "VerifyDomainIdentity", + "verifyemailaddress": "VerifyEmailAddress", + "verifyemailidentity": "VerifyEmailIdentity", + "batchgetmetricdata": "BatchGetMetricData", + "createcontact": "CreateContact", + "createcontactlist": "CreateContactList", + "createemailidentitypolicy": "CreateEmailIdentityPolicy", + "createemailtemplate": "CreateEmailTemplate", + "createimportjob": "CreateImportJob", + "deletecontact": "DeleteContact", + "deletecontactlist": "DeleteContactList", + "deleteemailidentitypolicy": "DeleteEmailIdentityPolicy", + "deleteemailtemplate": "DeleteEmailTemplate", + "deletesuppresseddestination": "DeleteSuppressedDestination", + "getcontact": "GetContact", + "getcontactlist": "GetContactList", + "getdedicatedippool": "GetDedicatedIpPool", + "getemailidentitypolicies": "GetEmailIdentityPolicies", + "getemailtemplate": "GetEmailTemplate", + "getimportjob": "GetImportJob", + "getsuppresseddestination": "GetSuppressedDestination", + "listcontactlists": "ListContactLists", + "listcontacts": "ListContacts", + "listemailtemplates": "ListEmailTemplates", + "listimportjobs": "ListImportJobs", + "listrecommendations": "ListRecommendations", + "listsuppresseddestinations": "ListSuppressedDestinations", + "putaccountdetails": "PutAccountDetails", + "putaccountsuppressionattributes": "PutAccountSuppressionAttributes", + "putaccountvdmattributes": "PutAccountVdmAttributes", + "putconfigurationsetsuppressionoptions": "PutConfigurationSetSuppressionOptions", + "putconfigurationsetvdmoptions": "PutConfigurationSetVdmOptions", + "putdedicatedippoolscalingattributes": "PutDedicatedIpPoolScalingAttributes", + "putemailidentityconfigurationsetattributes": "PutEmailIdentityConfigurationSetAttributes", + "putemailidentitydkimsigningattributes": "PutEmailIdentityDkimSigningAttributes", + "putsuppresseddestination": "PutSuppressedDestination", + "sendbulkemail": "SendBulkEmail", + "testrenderemailtemplate": "TestRenderEmailTemplate", + "updatecontact": "UpdateContact", + "updatecontactlist": "UpdateContactList", + "updateemailidentitypolicy": "UpdateEmailIdentityPolicy", + "updateemailtemplate": "UpdateEmailTemplate" + }, + "resources": { + "configuration-set": { + "resource": "configuration-set", + "arn": "arn:${Partition}:ses:${Region}:${Account}:configuration-set/${ConfigurationSetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dedicated-ip-pool": { + "resource": "dedicated-ip-pool", + "arn": "arn:${Partition}:ses:${Region}:${Account}:dedicated-ip-pool/${DedicatedIPPool}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deliverability-test-report": { + "resource": "deliverability-test-report", + "arn": "arn:${Partition}:ses:${Region}:${Account}:deliverability-test-report/${ReportId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "identity": { + "resource": "identity", + "arn": "arn:${Partition}:ses:${Region}:${Account}:identity/${IdentityName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "custom-verification-email-template": { + "resource": "custom-verification-email-template", + "arn": "arn:${Partition}:ses:${Region}:${Account}:custom-verification-email-template/${TemplateName}", + "condition_keys": [] + }, + "template": { + "resource": "template", + "arn": "arn:${Partition}:ses:${Region}:${Account}:template/${TemplateName}", + "condition_keys": [] + }, + "contact-list": { + "resource": "contact-list", + "arn": "arn:${Partition}:ses:${Region}:${Account}:contact-list/${ContactListName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "import-job": { + "resource": "import-job", + "arn": "arn:${Partition}:ses:${Region}:${Account}:import-job/${ImportJobId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "configuration-set": "configuration-set", + "dedicated-ip-pool": "dedicated-ip-pool", + "deliverability-test-report": "deliverability-test-report", + "identity": "identity", + "custom-verification-email-template": "custom-verification-email-template", + "template": "template", + "contact-list": "contact-list", + "import-job": "import-job" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "ses:ApiVersion": { + "condition": "ses:ApiVersion", + "description": "Filters actions based on the SES API version", + "type": "String" + }, + "ses:FeedbackAddress": { + "condition": "ses:FeedbackAddress", + "description": "Filters actions based on the \"Return-Path\" address, which specifies where bounces and complaints are sent by email feedback forwarding", + "type": "String" + }, + "ses:FromAddress": { + "condition": "ses:FromAddress", + "description": "Filters actions based on the \"From\" address of a message", + "type": "String" + }, + "ses:FromDisplayName": { + "condition": "ses:FromDisplayName", + "description": "Filters actions based on the \"From\" address that is used as the display name of a message", + "type": "String" + }, + "ses:Recipients": { + "condition": "ses:Recipients", + "description": "Filters actions based on the recipient addresses of a message, which include the \"To\", \"CC\", and \"BCC\" addresses", + "type": "ArrayOfString" + } + } + }, + "sms-voice": { + "service_name": "Amazon Pinpoint SMS and Voice Service", + "prefix": "sms-voice", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpinpointsmsandvoiceservice.html", + "privileges": { + "CreateConfigurationSet": { + "privilege": "CreateConfigurationSet", + "description": "Grants permission to create a configuration set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "sms-voice:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreateConfigurationSet.html" + }, + "CreateConfigurationSetEventDestination": { + "privilege": "CreateConfigurationSetEventDestination", + "description": "Create a new event destination in a configuration set.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations.html" + }, + "DeleteConfigurationSet": { + "privilege": "DeleteConfigurationSet", + "description": "Grants permission to delete a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteConfigurationSet.html" + }, + "DeleteConfigurationSetEventDestination": { + "privilege": "DeleteConfigurationSetEventDestination", + "description": "Deletes an event destination in a configuration set.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations-eventdestinationname.html" + }, + "GetConfigurationSetEventDestinations": { + "privilege": "GetConfigurationSetEventDestinations", + "description": "Obtain information about an event destination, including the types of events it reports, the Amazon Resource Name (ARN) of the destination, and the name of the event destination.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations.html" + }, + "ListConfigurationSets": { + "privilege": "ListConfigurationSets", + "description": "Return a list of configuration sets. This operation only returns the configuration sets that are associated with your account in the current AWS Region.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets.html" + }, + "SendVoiceMessage": { + "privilege": "SendVoiceMessage", + "description": "Grants permission to send a voice message to a destination phone number", + "access_level": "Write", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber", + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SendVoiceMessage.html" + }, + "UpdateConfigurationSetEventDestination": { + "privilege": "UpdateConfigurationSetEventDestination", + "description": "Update an event destination in a configuration set. An event destination is a location that you publish information about your voice calls to. For example, you can log an event to an Amazon CloudWatch destination when a call fails.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint-sms-voice/latest/APIReference/v1-sms-voice-configuration-sets-configurationsetname-event-destinations-eventdestinationname.html" + }, + "AssociateOriginationIdentity": { + "privilege": "AssociateOriginationIdentity", + "description": "Grants permission to associate an origination phone number or sender ID to a pool", + "access_level": "Write", + "resource_types": { + "Pool": { + "resource_type": "Pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pool": "Pool", + "phonenumber": "PhoneNumber", + "senderid": "SenderId" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_AssociateOriginationIdentity.html" + }, + "CreateEventDestination": { + "privilege": "CreateEventDestination", + "description": "Grants permission to create an event destination within a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreateEventDestination.html" + }, + "CreateOptOutList": { + "privilege": "CreateOptOutList", + "description": "Grants permission to create an opt-out list", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "sms-voice:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreateOptOutList.html" + }, + "CreatePool": { + "privilege": "CreatePool", + "description": "Grants permission to create a pool", + "access_level": "Write", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "sms-voice:TagResource" + ] + }, + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber", + "senderid": "SenderId", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_CreatePool.html" + }, + "DeleteDefaultMessageType": { + "privilege": "DeleteDefaultMessageType", + "description": "Grants permission to delete the default message type for a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteDefaultMessageType.html" + }, + "DeleteDefaultSenderId": { + "privilege": "DeleteDefaultSenderId", + "description": "Grants permission to delete the default sender ID for a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteDefaultSenderId.html" + }, + "DeleteEventDestination": { + "privilege": "DeleteEventDestination", + "description": "Grants permission to delete an event destination within a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteEventDestination.html" + }, + "DeleteKeyword": { + "privilege": "DeleteKeyword", + "description": "Grants permission to delete a keyword for a pool or origination phone number", + "access_level": "Write", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber", + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteKeyword.html" + }, + "DeleteOptOutList": { + "privilege": "DeleteOptOutList", + "description": "Grants permission to delete an opt-out list", + "access_level": "Write", + "resource_types": { + "OptOutList": { + "resource_type": "OptOutList", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "optoutlist": "OptOutList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteOptOutList.html" + }, + "DeleteOptedOutNumber": { + "privilege": "DeleteOptedOutNumber", + "description": "Grants permission to delete a destination phone number from an opt-out list", + "access_level": "Write", + "resource_types": { + "OptOutList": { + "resource_type": "OptOutList", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "optoutlist": "OptOutList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteOptedOutNumber.html" + }, + "DeletePool": { + "privilege": "DeletePool", + "description": "Grants permission to delete a pool", + "access_level": "Write", + "resource_types": { + "Pool": { + "resource_type": "Pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeletePool.html" + }, + "DeleteTextMessageSpendLimitOverride": { + "privilege": "DeleteTextMessageSpendLimitOverride", + "description": "Grants permission to delete an override for your account's text messaging monthly spend limit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteTextMessageSpendLimitOverride.html" + }, + "DeleteVoiceMessageSpendLimitOverride": { + "privilege": "DeleteVoiceMessageSpendLimitOverride", + "description": "Grants permission to delete an override for your account's voice messaging monthly spend limit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DeleteVoiceMessageSpendLimitOverride.html" + }, + "DescribeAccountAttributes": { + "privilege": "DescribeAccountAttributes", + "description": "Grants permission to describe the attributes of your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeAccountAttributes.html" + }, + "DescribeAccountLimits": { + "privilege": "DescribeAccountLimits", + "description": "Grants permission to describe the service quotas for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeAccountLimits.html" + }, + "DescribeConfigurationSets": { + "privilege": "DescribeConfigurationSets", + "description": "Grants permission to describe the configuration sets in your account", + "access_level": "Read", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeConfigurationSets.html" + }, + "DescribeKeywords": { + "privilege": "DescribeKeywords", + "description": "Grants permission to describe the keywords for a pool or origination phone number", + "access_level": "Read", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber", + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeKeywords.html" + }, + "DescribeOptOutLists": { + "privilege": "DescribeOptOutLists", + "description": "Grants permission to describe the opt-out lists in your account", + "access_level": "Read", + "resource_types": { + "OptOutList": { + "resource_type": "OptOutList", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "optoutlist": "OptOutList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeOptOutLists.html" + }, + "DescribeOptedOutNumbers": { + "privilege": "DescribeOptedOutNumbers", + "description": "Grants permission to describe the destination phone numbers in an opt-out list", + "access_level": "Read", + "resource_types": { + "OptOutList": { + "resource_type": "OptOutList", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "optoutlist": "OptOutList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeOptedOutNumbers.html" + }, + "DescribePhoneNumbers": { + "privilege": "DescribePhoneNumbers", + "description": "Grants permission to describe the origination phone numbers in your account", + "access_level": "Read", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribePhoneNumbers.html" + }, + "DescribePools": { + "privilege": "DescribePools", + "description": "Grants permission to describe the pools in your account", + "access_level": "Read", + "resource_types": { + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribePools.html" + }, + "DescribeSenderIds": { + "privilege": "DescribeSenderIds", + "description": "Grants permission to describe the sender IDs in your account", + "access_level": "Read", + "resource_types": { + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "senderid": "SenderId" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeSenderIds.html" + }, + "DescribeSpendLimits": { + "privilege": "DescribeSpendLimits", + "description": "Grants permission to describe the monthly spend limits for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DescribeSpendLimits.html" + }, + "DisassociateOriginationIdentity": { + "privilege": "DisassociateOriginationIdentity", + "description": "Grants permission to disassociate an origination phone number or sender ID from a pool", + "access_level": "Write", + "resource_types": { + "Pool": { + "resource_type": "Pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pool": "Pool", + "phonenumber": "PhoneNumber", + "senderid": "SenderId" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_DisassociateOriginationIdentity.html" + }, + "ListPoolOriginationIdentities": { + "privilege": "ListPoolOriginationIdentities", + "description": "Grants permission to list all origination phone numbers and sender IDs associated to a pool", + "access_level": "Read", + "resource_types": { + "Pool": { + "resource_type": "Pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_ListPoolOriginationIdentities.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OptOutList": { + "resource_type": "OptOutList", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet", + "optoutlist": "OptOutList", + "phonenumber": "PhoneNumber", + "pool": "Pool", + "senderid": "SenderId" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_ListTagsForResource.html" + }, + "PutKeyword": { + "privilege": "PutKeyword", + "description": "Grants permission to create or update a keyword for a pool or origination phone number", + "access_level": "Write", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber", + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_PutKeyword.html" + }, + "PutOptedOutNumber": { + "privilege": "PutOptedOutNumber", + "description": "Grants permission to put a destination phone number into an opt-out list", + "access_level": "Write", + "resource_types": { + "OptOutList": { + "resource_type": "OptOutList", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "optoutlist": "OptOutList" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_PutOptedOutNumber.html" + }, + "ReleasePhoneNumber": { + "privilege": "ReleasePhoneNumber", + "description": "Grants permission to release an origination phone number", + "access_level": "Write", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_ReleasePhoneNumber.html" + }, + "RequestPhoneNumber": { + "privilege": "RequestPhoneNumber", + "description": "Grants permission to request an origination phone number", + "access_level": "Write", + "resource_types": { + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "sms-voice:AssociateOriginationIdentity", + "sms-voice:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pool": "Pool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_RequestPhoneNumber.html" + }, + "SendTextMessage": { + "privilege": "SendTextMessage", + "description": "Grants permission to send a text message to a destination phone number", + "access_level": "Write", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber", + "pool": "Pool", + "senderid": "SenderId" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SendTextMessage.html" + }, + "SetDefaultMessageType": { + "privilege": "SetDefaultMessageType", + "description": "Grants permission to set the default message type for a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetDefaultMessageType.html" + }, + "SetDefaultSenderId": { + "privilege": "SetDefaultSenderId", + "description": "Grants permission to set the default sender ID for a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetDefaultSenderId.html" + }, + "SetTextMessageSpendLimitOverride": { + "privilege": "SetTextMessageSpendLimitOverride", + "description": "Grants permission to set an override for your account's text messaging monthly spend limit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetTextMessageSpendLimitOverride.html" + }, + "SetVoiceMessageSpendLimitOverride": { + "privilege": "SetVoiceMessageSpendLimitOverride", + "description": "Grants permission to set an override for your account's voice messaging monthly spend limit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_SetVoiceMessageSpendLimitOverride.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OptOutList": { + "resource_type": "OptOutList", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet", + "optoutlist": "OptOutList", + "phonenumber": "PhoneNumber", + "pool": "Pool", + "senderid": "SenderId", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OptOutList": { + "resource_type": "OptOutList", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Pool": { + "resource_type": "Pool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SenderId": { + "resource_type": "SenderId", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet", + "optoutlist": "OptOutList", + "phonenumber": "PhoneNumber", + "pool": "Pool", + "senderid": "SenderId", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UntagResource.html" + }, + "UpdateEventDestination": { + "privilege": "UpdateEventDestination", + "description": "Grants permission to update an event destination within a configuration set", + "access_level": "Write", + "resource_types": { + "ConfigurationSet": { + "resource_type": "ConfigurationSet", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "configurationset": "ConfigurationSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UpdateEventDestination.html" + }, + "UpdatePhoneNumber": { + "privilege": "UpdatePhoneNumber", + "description": "Grants permission to update an origination phone number's configuration", + "access_level": "Write", + "resource_types": { + "PhoneNumber": { + "resource_type": "PhoneNumber", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "phonenumber": "PhoneNumber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UpdatePhoneNumber.html" + }, + "UpdatePool": { + "privilege": "UpdatePool", + "description": "Grants permission to update a pool's configuration", + "access_level": "Write", + "resource_types": { + "Pool": { + "resource_type": "Pool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pool": "Pool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/pinpoint/latest/apireference_smsvoicev2/API_UpdatePool.html" + } + }, + "privileges_lower_name": { + "createconfigurationset": "CreateConfigurationSet", + "createconfigurationseteventdestination": "CreateConfigurationSetEventDestination", + "deleteconfigurationset": "DeleteConfigurationSet", + "deleteconfigurationseteventdestination": "DeleteConfigurationSetEventDestination", + "getconfigurationseteventdestinations": "GetConfigurationSetEventDestinations", + "listconfigurationsets": "ListConfigurationSets", + "sendvoicemessage": "SendVoiceMessage", + "updateconfigurationseteventdestination": "UpdateConfigurationSetEventDestination", + "associateoriginationidentity": "AssociateOriginationIdentity", + "createeventdestination": "CreateEventDestination", + "createoptoutlist": "CreateOptOutList", + "createpool": "CreatePool", + "deletedefaultmessagetype": "DeleteDefaultMessageType", + "deletedefaultsenderid": "DeleteDefaultSenderId", + "deleteeventdestination": "DeleteEventDestination", + "deletekeyword": "DeleteKeyword", + "deleteoptoutlist": "DeleteOptOutList", + "deleteoptedoutnumber": "DeleteOptedOutNumber", + "deletepool": "DeletePool", + "deletetextmessagespendlimitoverride": "DeleteTextMessageSpendLimitOverride", + "deletevoicemessagespendlimitoverride": "DeleteVoiceMessageSpendLimitOverride", + "describeaccountattributes": "DescribeAccountAttributes", + "describeaccountlimits": "DescribeAccountLimits", + "describeconfigurationsets": "DescribeConfigurationSets", + "describekeywords": "DescribeKeywords", + "describeoptoutlists": "DescribeOptOutLists", + "describeoptedoutnumbers": "DescribeOptedOutNumbers", + "describephonenumbers": "DescribePhoneNumbers", + "describepools": "DescribePools", + "describesenderids": "DescribeSenderIds", + "describespendlimits": "DescribeSpendLimits", + "disassociateoriginationidentity": "DisassociateOriginationIdentity", + "listpooloriginationidentities": "ListPoolOriginationIdentities", + "listtagsforresource": "ListTagsForResource", + "putkeyword": "PutKeyword", + "putoptedoutnumber": "PutOptedOutNumber", + "releasephonenumber": "ReleasePhoneNumber", + "requestphonenumber": "RequestPhoneNumber", + "sendtextmessage": "SendTextMessage", + "setdefaultmessagetype": "SetDefaultMessageType", + "setdefaultsenderid": "SetDefaultSenderId", + "settextmessagespendlimitoverride": "SetTextMessageSpendLimitOverride", + "setvoicemessagespendlimitoverride": "SetVoiceMessageSpendLimitOverride", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateeventdestination": "UpdateEventDestination", + "updatephonenumber": "UpdatePhoneNumber", + "updatepool": "UpdatePool" + }, + "resources": { + "ConfigurationSet": { + "resource": "ConfigurationSet", + "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:configuration-set/${ConfigurationSetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "OptOutList": { + "resource": "OptOutList", + "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:opt-out-list/${OptOutListName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "PhoneNumber": { + "resource": "PhoneNumber", + "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:phone-number/${PhoneNumberId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Pool": { + "resource": "Pool", + "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:pool/${PoolId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "SenderId": { + "resource": "SenderId", + "arn": "arn:${Partition}:sms-voice:${Region}:${Account}:sender-id/${SenderId}/${IsoCountryCode}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "configurationset": "ConfigurationSet", + "optoutlist": "OptOutList", + "phonenumber": "PhoneNumber", + "pool": "Pool", + "senderid": "SenderId" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "polly": { + "service_name": "Amazon Polly", + "prefix": "polly", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonpolly.html", + "privileges": { + "DeleteLexicon": { + "privilege": "DeleteLexicon", + "description": "Grants permission to delete the specified pronunciation lexicon stored in an AWS Region", + "access_level": "Write", + "resource_types": { + "lexicon": { + "resource_type": "lexicon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lexicon": "lexicon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_DeleteLexicon.html" + }, + "DescribeVoices": { + "privilege": "DescribeVoices", + "description": "Grants permission to describe the list of voices that are available for use when requesting speech synthesis", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_DescribeVoices.html" + }, + "GetLexicon": { + "privilege": "GetLexicon", + "description": "Grants permission to retrieve the content of the specified pronunciation lexicon stored in an AWS Region", + "access_level": "Read", + "resource_types": { + "lexicon": { + "resource_type": "lexicon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lexicon": "lexicon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_GetLexicon.html" + }, + "GetSpeechSynthesisTask": { + "privilege": "GetSpeechSynthesisTask", + "description": "Grants permission to get information about specific speech synthesis task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_GetSpeechSynthesisTask.html" + }, + "ListLexicons": { + "privilege": "ListLexicons", + "description": "Grants permission to list the pronunciation lexicons stored in an AWS Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_ListLexicons.html" + }, + "ListSpeechSynthesisTasks": { + "privilege": "ListSpeechSynthesisTasks", + "description": "Grants permission to list requested speech synthesis tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_ListSpeechSynthesisTasks.html" + }, + "PutLexicon": { + "privilege": "PutLexicon", + "description": "Grants permission to store a pronunciation lexicon in an AWS Region", + "access_level": "Write", + "resource_types": { + "lexicon": { + "resource_type": "lexicon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lexicon": "lexicon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_PutLexicon.html" + }, + "StartSpeechSynthesisTask": { + "privilege": "StartSpeechSynthesisTask", + "description": "Grants permission to synthesize long inputs to the provided S3 location", + "access_level": "Write", + "resource_types": { + "lexicon": { + "resource_type": "lexicon", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "lexicon": "lexicon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_StartSpeechSynthesisTask.html" + }, + "SynthesizeSpeech": { + "privilege": "SynthesizeSpeech", + "description": "Grants permission to synthesize speech", + "access_level": "Read", + "resource_types": { + "lexicon": { + "resource_type": "lexicon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lexicon": "lexicon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html" + } + }, + "privileges_lower_name": { + "deletelexicon": "DeleteLexicon", + "describevoices": "DescribeVoices", + "getlexicon": "GetLexicon", + "getspeechsynthesistask": "GetSpeechSynthesisTask", + "listlexicons": "ListLexicons", + "listspeechsynthesistasks": "ListSpeechSynthesisTasks", + "putlexicon": "PutLexicon", + "startspeechsynthesistask": "StartSpeechSynthesisTask", + "synthesizespeech": "SynthesizeSpeech" + }, + "resources": { + "lexicon": { + "resource": "lexicon", + "arn": "arn:${Partition}:polly:${Region}:${Account}:lexicon/${LexiconName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "lexicon": "lexicon" + }, + "conditions": {} + }, + "qldb": { + "service_name": "Amazon QLDB", + "prefix": "qldb", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonqldb.html", + "privileges": { + "CancelJournalKinesisStream": { + "privilege": "CancelJournalKinesisStream", + "description": "Grants permission to cancel a journal kinesis stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_CancelJournalKinesisStream.html" + }, + "CreateLedger": { + "privilege": "CreateLedger", + "description": "Grants permission to create a ledger", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_CreateLedger.html" + }, + "DeleteLedger": { + "privilege": "DeleteLedger", + "description": "Grants permission to delete a ledger", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DeleteLedger.html" + }, + "DescribeJournalKinesisStream": { + "privilege": "DescribeJournalKinesisStream", + "description": "Grants permission to describe information about a journal kinesis stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DescribeJournalKinesisStream.html" + }, + "DescribeJournalS3Export": { + "privilege": "DescribeJournalS3Export", + "description": "Grants permission to describe information about a journal export job", + "access_level": "Read", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DescribeJournalS3Export.html" + }, + "DescribeLedger": { + "privilege": "DescribeLedger", + "description": "Grants permission to describe a ledger", + "access_level": "Read", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_DescribeLedger.html" + }, + "ExecuteStatement": { + "privilege": "ExecuteStatement", + "description": "Grants permission to send commands to a ledger via the console", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/console_QLDB.html" + }, + "ExportJournalToS3": { + "privilege": "ExportJournalToS3", + "description": "Grants permission to export journal contents to an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ExportJournalToS3.html" + }, + "GetBlock": { + "privilege": "GetBlock", + "description": "Grants permission to retrieve a block from a ledger for a given BlockAddress", + "access_level": "Read", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_GetBlock.html" + }, + "GetDigest": { + "privilege": "GetDigest", + "description": "Grants permission to retrieve a digest from a ledger for a given BlockAddress", + "access_level": "Read", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_GetDigest.html" + }, + "GetRevision": { + "privilege": "GetRevision", + "description": "Grants permission to retrieve a revision for a given document ID and a given BlockAddress", + "access_level": "Read", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_GetRevision.html" + }, + "InsertSampleData": { + "privilege": "InsertSampleData", + "description": "Grants permission to insert sample application data via the console", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/console_QLDB.html" + }, + "ListJournalKinesisStreamsForLedger": { + "privilege": "ListJournalKinesisStreamsForLedger", + "description": "Grants permission to list journal kinesis streams for a specified ledger", + "access_level": "List", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListJournalKinesisStreamsForLedger.html" + }, + "ListJournalS3Exports": { + "privilege": "ListJournalS3Exports", + "description": "Grants permission to list journal export jobs for all ledgers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListJournalS3Exports.html" + }, + "ListJournalS3ExportsForLedger": { + "privilege": "ListJournalS3ExportsForLedger", + "description": "Grants permission to list journal export jobs for a specified ledger", + "access_level": "List", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListJournalS3ExportsForLedger.html" + }, + "ListLedgers": { + "privilege": "ListLedgers", + "description": "Grants permission to list existing ledgers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListLedgers.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ledger": { + "resource_type": "ledger", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "ledger": "ledger", + "stream": "stream", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_ListTagsForResource.html" + }, + "PartiQLCreateIndex": { + "privilege": "PartiQLCreateIndex", + "description": "Grants permission to create an index on a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.create-index.html" + }, + "PartiQLCreateTable": { + "privilege": "PartiQLCreateTable", + "description": "Grants permission to create a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.create-table.html" + }, + "PartiQLDelete": { + "privilege": "PartiQLDelete", + "description": "Grants permission to delete documents from a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.delete.html" + }, + "PartiQLDropIndex": { + "privilege": "PartiQLDropIndex", + "description": "Grants permission to drop an index from a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "qldb:Purge" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.drop-index.html" + }, + "PartiQLDropTable": { + "privilege": "PartiQLDropTable", + "description": "Grants permission to drop a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "qldb:Purge" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.drop-table.html" + }, + "PartiQLHistoryFunction": { + "privilege": "PartiQLHistoryFunction", + "description": "Grants permission to use the history function on a table", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/working.history.html" + }, + "PartiQLInsert": { + "privilege": "PartiQLInsert", + "description": "Grants permission to insert documents into a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.insert.html" + }, + "PartiQLRedact": { + "privilege": "PartiQLRedact", + "description": "Grants permission to redact historic revisions", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-stored-procedures.redact_revision.html" + }, + "PartiQLSelect": { + "privilege": "PartiQLSelect", + "description": "Grants permission to select documents from a table", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.select.html" + }, + "PartiQLUndropTable": { + "privilege": "PartiQLUndropTable", + "description": "Grants permission to undrop a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.undrop-table.html" + }, + "PartiQLUpdate": { + "privilege": "PartiQLUpdate", + "description": "Grants permission to update existing documents in a table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/ql-reference.update.html" + }, + "SendCommand": { + "privilege": "SendCommand", + "description": "Grants permission to send commands to a ledger", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_QLDB-Session_SendCommand.html" + }, + "ShowCatalog": { + "privilege": "ShowCatalog", + "description": "Grants permission to view a ledger's catalog via the console", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/console_QLDB.html" + }, + "StreamJournalToKinesis": { + "privilege": "StreamJournalToKinesis", + "description": "Grants permission to stream journal contents to a Kinesis Data Stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_StreamJournalToKinesis.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a resource", + "access_level": "Tagging", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ledger": { + "resource_type": "ledger", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "ledger": "ledger", + "stream": "stream", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a resource", + "access_level": "Tagging", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ledger": { + "resource_type": "ledger", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "ledger": "ledger", + "stream": "stream", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_UntagResource.html" + }, + "UpdateLedger": { + "privilege": "UpdateLedger", + "description": "Grants permission to update properties on a ledger", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_UpdateLedger.html" + }, + "UpdateLedgerPermissionsMode": { + "privilege": "UpdateLedgerPermissionsMode", + "description": "Grants permission to update the permissions mode on a ledger", + "access_level": "Write", + "resource_types": { + "ledger": { + "resource_type": "ledger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ledger": "ledger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/API_UpdateLedgerPermissionsMode.html" + } + }, + "privileges_lower_name": { + "canceljournalkinesisstream": "CancelJournalKinesisStream", + "createledger": "CreateLedger", + "deleteledger": "DeleteLedger", + "describejournalkinesisstream": "DescribeJournalKinesisStream", + "describejournals3export": "DescribeJournalS3Export", + "describeledger": "DescribeLedger", + "executestatement": "ExecuteStatement", + "exportjournaltos3": "ExportJournalToS3", + "getblock": "GetBlock", + "getdigest": "GetDigest", + "getrevision": "GetRevision", + "insertsampledata": "InsertSampleData", + "listjournalkinesisstreamsforledger": "ListJournalKinesisStreamsForLedger", + "listjournals3exports": "ListJournalS3Exports", + "listjournals3exportsforledger": "ListJournalS3ExportsForLedger", + "listledgers": "ListLedgers", + "listtagsforresource": "ListTagsForResource", + "partiqlcreateindex": "PartiQLCreateIndex", + "partiqlcreatetable": "PartiQLCreateTable", + "partiqldelete": "PartiQLDelete", + "partiqldropindex": "PartiQLDropIndex", + "partiqldroptable": "PartiQLDropTable", + "partiqlhistoryfunction": "PartiQLHistoryFunction", + "partiqlinsert": "PartiQLInsert", + "partiqlredact": "PartiQLRedact", + "partiqlselect": "PartiQLSelect", + "partiqlundroptable": "PartiQLUndropTable", + "partiqlupdate": "PartiQLUpdate", + "sendcommand": "SendCommand", + "showcatalog": "ShowCatalog", + "streamjournaltokinesis": "StreamJournalToKinesis", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateledger": "UpdateLedger", + "updateledgerpermissionsmode": "UpdateLedgerPermissionsMode" + }, + "resources": { + "ledger": { + "resource": "ledger", + "arn": "arn:${Partition}:qldb:${Region}:${Account}:ledger/${LedgerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stream": { + "resource": "stream", + "arn": "arn:${Partition}:qldb:${Region}:${Account}:stream/${LedgerName}/${StreamId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "table": { + "resource": "table", + "arn": "arn:${Partition}:qldb:${Region}:${Account}:ledger/${LedgerName}/table/${TableId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "catalog": { + "resource": "catalog", + "arn": "arn:${Partition}:qldb:${Region}:${Account}:ledger/${LedgerName}/information_schema/user_tables", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "ledger": "ledger", + "stream": "stream", + "table": "table", + "catalog": "catalog" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + }, + "qldb:Purge": { + "condition": "qldb:Purge", + "description": "Filters access by the value of purge that is specified in a PartiQL DROP statement", + "type": "String" + } + } + }, + "quicksight": { + "service_name": "Amazon QuickSight", + "prefix": "quicksight", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonquicksight.html", + "privileges": { + "AccountConfigurations": { + "privilege": "AccountConfigurations", + "description": "Grants permission to enable setting default access to AWS resources", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/accessing-data-sources.html" + }, + "CancelIngestion": { + "privilege": "CancelIngestion", + "description": "Grants permission to cancel a SPICE ingestions on a dataset", + "access_level": "Write", + "resource_types": { + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ingestion": "ingestion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CancelIngestion.html" + }, + "CreateAccountCustomization": { + "privilege": "CreateAccountCustomization", + "description": "Grants permission to create an account customization for QuickSight account or namespace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateAccountCustomization.html" + }, + "CreateAccountSubscription": { + "privilege": "CreateAccountSubscription", + "description": "Grants permission to subscribe to QuickSight", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateAccountSubscription.html" + }, + "CreateAdmin": { + "privilege": "CreateAdmin", + "description": "Grants permission to provision Amazon QuickSight administrators, authors, and readers", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "CreateAnalysis": { + "privilege": "CreateAnalysis", + "description": "Grants permission to create an analysis from a template", + "access_level": "Write", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateAnalysis.html" + }, + "CreateCustomPermissions": { + "privilege": "CreateCustomPermissions", + "description": "Grants permission to create a custom permissions resource for restricting user access", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "CreateDashboard": { + "privilege": "CreateDashboard", + "description": "Grants permission to create a QuickSight Dashboard", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDashboard.html" + }, + "CreateDataSet": { + "privilege": "CreateDataSet", + "description": "Grants permission to create a dataset", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "quicksight:PassDataSource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDataSet.html" + }, + "CreateDataSource": { + "privilege": "CreateDataSource", + "description": "Grants permission to create a data source", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateDataSource.html" + }, + "CreateEmailCustomizationTemplate": { + "privilege": "CreateEmailCustomizationTemplate", + "description": "Grants permission to create a QuickSight email customization template", + "access_level": "Write", + "resource_types": { + "emailCustomizationTemplate": { + "resource_type": "emailCustomizationTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcustomizationtemplate": "emailCustomizationTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" + }, + "CreateFolder": { + "privilege": "CreateFolder", + "description": "Grants permission to create a QuickSight folder", + "access_level": "Write", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateFolder.html" + }, + "CreateFolderMembership": { + "privilege": "CreateFolderMembership", + "description": "Grants permission to add a QuickSight Dashboard, Analysis or Dataset to a QuickSight Folder", + "access_level": "Write", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "analysis": { + "resource_type": "analysis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder", + "analysis": "analysis", + "dashboard": "dashboard", + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateFolderMembership.html" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a QuickSight group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateGroup.html" + }, + "CreateGroupMembership": { + "privilege": "CreateGroupMembership", + "description": "Grants permission to add a QuickSight user to a QuickSight group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [ + "quicksight:UserName" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateGroupMembership.html" + }, + "CreateIAMPolicyAssignment": { + "privilege": "CreateIAMPolicyAssignment", + "description": "Grants permission to create an assignment with one specified IAM Policy ARN that will be assigned to specified groups or users of QuickSight", + "access_level": "Permissions management", + "resource_types": { + "assignment": { + "resource_type": "assignment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assignment": "assignment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateIAMPolicyAssignment.html" + }, + "CreateIngestion": { + "privilege": "CreateIngestion", + "description": "Grants permission to start a SPICE ingestion on a dataset", + "access_level": "Write", + "resource_types": { + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ingestion": "ingestion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateIngestion.html" + }, + "CreateNamespace": { + "privilege": "CreateNamespace", + "description": "Grants permission to create an QuickSight namespace", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:CreateIdentityPoolDirectory" + ] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateNamespace.html" + }, + "CreateReader": { + "privilege": "CreateReader", + "description": "Grants permission to provision Amazon QuickSight readers", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "CreateRefreshSchedule": { + "privilege": "CreateRefreshSchedule", + "description": "Grants permission to create a refresh schedule for a dataset", + "access_level": "Write", + "resource_types": { + "refreshschedule": { + "resource_type": "refreshschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "refreshschedule": "refreshschedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateRefreshSchedule.html" + }, + "CreateTemplate": { + "privilege": "CreateTemplate", + "description": "Grants permission to create a template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTemplate.html" + }, + "CreateTemplateAlias": { + "privilege": "CreateTemplateAlias", + "description": "Grants permission to create a template alias", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTemplateAlias.html" + }, + "CreateTheme": { + "privilege": "CreateTheme", + "description": "Grants permission to create a theme", + "access_level": "Write", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTheme.html" + }, + "CreateThemeAlias": { + "privilege": "CreateThemeAlias", + "description": "Grants permission to create an alias for a theme version", + "access_level": "Write", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateThemeAlias.html" + }, + "CreateTopic": { + "privilege": "CreateTopic", + "description": "Grants permission to create a topic", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "quicksight:PassDataSet" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTopic.html" + }, + "CreateTopicRefreshSchedule": { + "privilege": "CreateTopicRefreshSchedule", + "description": "Grants permission to create a refresh schedule for a topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateTopicRefreshSchedule.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to provision Amazon QuickSight authors and readers", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "CreateVPCConnection": { + "privilege": "CreateVPCConnection", + "description": "Grants permission to create a vpc connection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CreateVPCConnection.html" + }, + "DeleteAccountCustomization": { + "privilege": "DeleteAccountCustomization", + "description": "Grants permission to delete an account customization for QuickSight account or namespace", + "access_level": "Write", + "resource_types": { + "customization": { + "resource_type": "customization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customization": "customization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteAccountCustomization.html" + }, + "DeleteAccountSubscription": { + "privilege": "DeleteAccountSubscription", + "description": "Grants permission to delete a QuickSight account", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteAccountSubscription.html" + }, + "DeleteAnalysis": { + "privilege": "DeleteAnalysis", + "description": "Grants permission to delete an analysis", + "access_level": "Write", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteAnalysis.html" + }, + "DeleteCustomPermissions": { + "privilege": "DeleteCustomPermissions", + "description": "Grants permission to delete a custom permissions resource", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "DeleteDashboard": { + "privilege": "DeleteDashboard", + "description": "Grants permission to delete a QuickSight Dashboard", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDashboard.html" + }, + "DeleteDataSet": { + "privilege": "DeleteDataSet", + "description": "Grants permission to delete a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDataSet.html" + }, + "DeleteDataSetRefreshProperties": { + "privilege": "DeleteDataSetRefreshProperties", + "description": "Grants permission to delete dataset refresh properties for a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDataSetRefreshProperties.html" + }, + "DeleteDataSource": { + "privilege": "DeleteDataSource", + "description": "Grants permission to delete a data source", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteDataSource.html" + }, + "DeleteEmailCustomizationTemplate": { + "privilege": "DeleteEmailCustomizationTemplate", + "description": "Grants permission to delete a QuickSight email customization template", + "access_level": "Write", + "resource_types": { + "emailCustomizationTemplate": { + "resource_type": "emailCustomizationTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcustomizationtemplate": "emailCustomizationTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" + }, + "DeleteFolder": { + "privilege": "DeleteFolder", + "description": "Grants permission to delete a QuickSight Folder", + "access_level": "Write", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteFolder.html" + }, + "DeleteFolderMembership": { + "privilege": "DeleteFolderMembership", + "description": "Grants permission to remove a QuickSight Dashboard, Analysis or Dataset from a QuickSight Folder", + "access_level": "Write", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "analysis": { + "resource_type": "analysis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder", + "analysis": "analysis", + "dashboard": "dashboard", + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteFolderMembership.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to remove a user group from QuickSight", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteGroup.html" + }, + "DeleteGroupMembership": { + "privilege": "DeleteGroupMembership", + "description": "Grants permission to remove a user from a group so that he/she is no longer a member of the group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [ + "quicksight:UserName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteGroupMembership.html" + }, + "DeleteIAMPolicyAssignment": { + "privilege": "DeleteIAMPolicyAssignment", + "description": "Grants permission to update an existing assignment", + "access_level": "Permissions management", + "resource_types": { + "assignment": { + "resource_type": "assignment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assignment": "assignment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteIAMPolicyAssignment.html" + }, + "DeleteNamespace": { + "privilege": "DeleteNamespace", + "description": "Grants permission to delete a QuickSight namespace", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DeleteDirectory" + ] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteNamespace.html" + }, + "DeleteRefreshSchedule": { + "privilege": "DeleteRefreshSchedule", + "description": "Grants permission to delete a refresh schedule for a dataset", + "access_level": "Write", + "resource_types": { + "refreshschedule": { + "resource_type": "refreshschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "refreshschedule": "refreshschedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteRefreshSchedule.html" + }, + "DeleteTemplate": { + "privilege": "DeleteTemplate", + "description": "Grants permission to delete a template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTemplate.html" + }, + "DeleteTemplateAlias": { + "privilege": "DeleteTemplateAlias", + "description": "Grants permission to delete a template alias", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTemplateAlias.html" + }, + "DeleteTheme": { + "privilege": "DeleteTheme", + "description": "Grants permission to delete a theme", + "access_level": "Write", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTheme.html" + }, + "DeleteThemeAlias": { + "privilege": "DeleteThemeAlias", + "description": "Grants permission to delete the alias of a theme", + "access_level": "Write", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteThemeAlias.html" + }, + "DeleteTopic": { + "privilege": "DeleteTopic", + "description": "Grants permission to delete a topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTopic.html" + }, + "DeleteTopicRefreshSchedule": { + "privilege": "DeleteTopicRefreshSchedule", + "description": "Grants permission to delete a refresh schedule for a topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteTopicRefreshSchedule.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a QuickSight user, given the user name", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteUser.html" + }, + "DeleteUserByPrincipalId": { + "privilege": "DeleteUserByPrincipalId", + "description": "Grants permission to deletes a user identified by its principal ID", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteUserByPrincipalId.html" + }, + "DeleteVPCConnection": { + "privilege": "DeleteVPCConnection", + "description": "Grants permission to delete a vpc connection", + "access_level": "Write", + "resource_types": { + "vpcconnection": { + "resource_type": "vpcconnection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcconnection": "vpcconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DeleteVPCConnection.html" + }, + "DescribeAccountCustomization": { + "privilege": "DescribeAccountCustomization", + "description": "Grants permission to describe an account customization for QuickSight account or namespace", + "access_level": "Read", + "resource_types": { + "customization": { + "resource_type": "customization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customization": "customization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAccountCustomization.html" + }, + "DescribeAccountSettings": { + "privilege": "DescribeAccountSettings", + "description": "Grants permission to describe the administrative account settings for QuickSight account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAccountSettings.html" + }, + "DescribeAccountSubscription": { + "privilege": "DescribeAccountSubscription", + "description": "Grants permission to describe a QuickSight account", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAccountSubscription.html" + }, + "DescribeAnalysis": { + "privilege": "DescribeAnalysis", + "description": "Grants permission to describe an analysis", + "access_level": "Read", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAnalysis.html" + }, + "DescribeAnalysisPermissions": { + "privilege": "DescribeAnalysisPermissions", + "description": "Grants permission to describe permissions for an analysis", + "access_level": "Read", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAnalysisPermissions.html" + }, + "DescribeAssetBundleExportJob": { + "privilege": "DescribeAssetBundleExportJob", + "description": "Grants permission to describe an asset bundle export job", + "access_level": "Read", + "resource_types": { + "assetBundleExportJob": { + "resource_type": "assetBundleExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assetbundleexportjob": "assetBundleExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAssetBundleExportJob.html" + }, + "DescribeAssetBundleImportJob": { + "privilege": "DescribeAssetBundleImportJob", + "description": "Grants permission to describe an asset bundle import job", + "access_level": "Read", + "resource_types": { + "assetBundleImportJob": { + "resource_type": "assetBundleImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assetbundleimportjob": "assetBundleImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeAssetBundleImportJob.html" + }, + "DescribeCustomPermissions": { + "privilege": "DescribeCustomPermissions", + "description": "Grants permission to describe a custom permissions resource in a QuickSight account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "DescribeDashboard": { + "privilege": "DescribeDashboard", + "description": "Grants permission to describe a QuickSight Dashboard", + "access_level": "Read", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDashboard.html" + }, + "DescribeDashboardPermissions": { + "privilege": "DescribeDashboardPermissions", + "description": "Grants permission to describe permissions for a QuickSight Dashboard", + "access_level": "Read", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDashboardPermissions.html" + }, + "DescribeDashboardSnapshotJob": { + "privilege": "DescribeDashboardSnapshotJob", + "description": "Grants permission to describe a dashboard snapshot job", + "access_level": "Read", + "resource_types": { + "dashboardSnapshotJob": { + "resource_type": "dashboardSnapshotJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboardsnapshotjob": "dashboardSnapshotJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDashboardSnapshotJob.html" + }, + "DescribeDashboardSnapshotJobResult": { + "privilege": "DescribeDashboardSnapshotJobResult", + "description": "Grants permission to describe result of a dashboard snapshot job", + "access_level": "Read", + "resource_types": { + "dashboardSnapshotJob": { + "resource_type": "dashboardSnapshotJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboardsnapshotjob": "dashboardSnapshotJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDashboardSnapshotJobResult.html" + }, + "DescribeDataSet": { + "privilege": "DescribeDataSet", + "description": "Grants permission to describe a dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSet.html" + }, + "DescribeDataSetPermissions": { + "privilege": "DescribeDataSetPermissions", + "description": "Grants permission to describe the resource policy of a dataset", + "access_level": "Permissions management", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSetPermissions.html" + }, + "DescribeDataSetRefreshProperties": { + "privilege": "DescribeDataSetRefreshProperties", + "description": "Grants permission to describe refresh properties for a dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSetRefreshProperties.html" + }, + "DescribeDataSource": { + "privilege": "DescribeDataSource", + "description": "Grants permission to describe a data source", + "access_level": "Read", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSource.html" + }, + "DescribeDataSourcePermissions": { + "privilege": "DescribeDataSourcePermissions", + "description": "Grants permission to describe the resource policy of a data source", + "access_level": "Permissions management", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeDataSourcePermissions.html" + }, + "DescribeEmailCustomizationTemplate": { + "privilege": "DescribeEmailCustomizationTemplate", + "description": "Grants permission to describe a QuickSight email customization template", + "access_level": "Read", + "resource_types": { + "emailCustomizationTemplate": { + "resource_type": "emailCustomizationTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcustomizationtemplate": "emailCustomizationTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" + }, + "DescribeFolder": { + "privilege": "DescribeFolder", + "description": "Grants permission to describe a QuickSight Folder", + "access_level": "Read", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeFolder.html" + }, + "DescribeFolderPermissions": { + "privilege": "DescribeFolderPermissions", + "description": "Grants permission to describe permissions for a QuickSight Folder", + "access_level": "Read", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeFolderPermissions.html" + }, + "DescribeFolderResolvedPermissions": { + "privilege": "DescribeFolderResolvedPermissions", + "description": "Grants permission to describe resolved permissions for a QuickSight Folder", + "access_level": "Read", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeFolderResolvedPermissions.html" + }, + "DescribeGroup": { + "privilege": "DescribeGroup", + "description": "Grants permission to describe a QuickSight group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeGroup.html" + }, + "DescribeGroupMembership": { + "privilege": "DescribeGroupMembership", + "description": "Grants permission to describe a QuickSight group member", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [ + "quicksight:UserName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeGroupMembership.html" + }, + "DescribeIAMPolicyAssignment": { + "privilege": "DescribeIAMPolicyAssignment", + "description": "Grants permission to describe an existing assignment", + "access_level": "Read", + "resource_types": { + "assignment": { + "resource_type": "assignment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assignment": "assignment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeIAMPolicyAssignment.html" + }, + "DescribeIngestion": { + "privilege": "DescribeIngestion", + "description": "Grants permission to describe a SPICE ingestion on a dataset", + "access_level": "Read", + "resource_types": { + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ingestion": "ingestion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeIngestion.html" + }, + "DescribeIpRestriction": { + "privilege": "DescribeIpRestriction", + "description": "Grants permission to describe the IP restrictions for QuickSight account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeIpRestriction.html" + }, + "DescribeNamespace": { + "privilege": "DescribeNamespace", + "description": "Grants permission to describe a QuickSight namespace", + "access_level": "Read", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeNamespace.html" + }, + "DescribeRefreshSchedule": { + "privilege": "DescribeRefreshSchedule", + "description": "Grants permission to describe a refresh schedule for a dataset", + "access_level": "Read", + "resource_types": { + "refreshschedule": { + "resource_type": "refreshschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "refreshschedule": "refreshschedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeRefreshSchedule.html" + }, + "DescribeTemplate": { + "privilege": "DescribeTemplate", + "description": "Grants permission to describe a template", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTemplate.html" + }, + "DescribeTemplateAlias": { + "privilege": "DescribeTemplateAlias", + "description": "Grants permission to describe a template alias", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTemplateAlias.html" + }, + "DescribeTemplatePermissions": { + "privilege": "DescribeTemplatePermissions", + "description": "Grants permission to describe permissions for a template", + "access_level": "Read", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTemplatePermissions.html" + }, + "DescribeTheme": { + "privilege": "DescribeTheme", + "description": "Grants permission to describe a theme", + "access_level": "Read", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTheme.html" + }, + "DescribeThemeAlias": { + "privilege": "DescribeThemeAlias", + "description": "Grants permission to describe a theme alias", + "access_level": "Read", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeThemeAlias.html" + }, + "DescribeThemePermissions": { + "privilege": "DescribeThemePermissions", + "description": "Grants permission to describe permissions for a theme", + "access_level": "Read", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeThemePermissions.html" + }, + "DescribeTopic": { + "privilege": "DescribeTopic", + "description": "Grants permission to describe a topic", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopic.html" + }, + "DescribeTopicPermissions": { + "privilege": "DescribeTopicPermissions", + "description": "Grants permission to describe the resource policy of a topic", + "access_level": "Permissions management", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopicPermissions.html" + }, + "DescribeTopicRefresh": { + "privilege": "DescribeTopicRefresh", + "description": "Grants permission to describe the refresh status of a topic", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopicRefresh.html" + }, + "DescribeTopicRefreshSchedule": { + "privilege": "DescribeTopicRefreshSchedule", + "description": "Grants permission to describe a refresh schedule for a topic", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeTopicRefreshSchedule.html" + }, + "DescribeUser": { + "privilege": "DescribeUser", + "description": "Grants permission to describe a QuickSight user given the user name", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeUser.html" + }, + "DescribeVPCConnection": { + "privilege": "DescribeVPCConnection", + "description": "Grants permission to describe a vpc connection", + "access_level": "Read", + "resource_types": { + "vpcconnection": { + "resource_type": "vpcconnection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcconnection": "vpcconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DescribeVPCConnection.html" + }, + "GenerateEmbedUrlForAnonymousUser": { + "privilege": "GenerateEmbedUrlForAnonymousUser", + "description": "Grants permission to generate a URL used to embed a QuickSight Dashboard or Q Topic for a user not registered with QuickSight", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "topic": { + "resource_type": "topic", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "quicksight:AllowedEmbeddingDomains" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace", + "dashboard": "dashboard", + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GenerateEmbedUrlForAnonymousUser.html" + }, + "GenerateEmbedUrlForRegisteredUser": { + "privilege": "GenerateEmbedUrlForRegisteredUser", + "description": "Grants permission to generate a URL used to embed a QuickSight Dashboard for a user registered with QuickSight", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "quicksight:AllowedEmbeddingDomains" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GenerateEmbedUrlForRegisteredUser.html" + }, + "GetAnonymousUserEmbedUrl": { + "privilege": "GetAnonymousUserEmbedUrl", + "description": "Grants permission to get a URL used to embed a QuickSight Dashboard for a user not registered with QuickSight", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "GetAuthCode": { + "privilege": "GetAuthCode", + "description": "Grants permission to get an auth code representing a QuickSight user", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "GetDashboardEmbedUrl": { + "privilege": "GetDashboardEmbedUrl", + "description": "Grants permission to get a URL used to embed a QuickSight Dashboard", + "access_level": "Read", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GetDashboardEmbedUrl.html" + }, + "GetGroupMapping": { + "privilege": "GetGroupMapping", + "description": "Grants permission to use Amazon QuickSight, in Enterprise edition, to identify and display the Microsoft Active Directory (Microsoft Active Directory) directory groups that are mapped to roles in Amazon QuickSight", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "GetSessionEmbedUrl": { + "privilege": "GetSessionEmbedUrl", + "description": "Grants permission to get a URL to embed QuickSight console experience", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GetSessionEmbedUrl.html" + }, + "ListAnalyses": { + "privilege": "ListAnalyses", + "description": "Grants permission to list all analyses in an account", + "access_level": "List", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListAnalyses.html" + }, + "ListAssetBundleExportJobs": { + "privilege": "ListAssetBundleExportJobs", + "description": "Grants permission to list all asset bundle export jobs", + "access_level": "List", + "resource_types": { + "assetBundleExportJob": { + "resource_type": "assetBundleExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assetbundleexportjob": "assetBundleExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListAssetBundleExportJobs.html" + }, + "ListAssetBundleImportJobs": { + "privilege": "ListAssetBundleImportJobs", + "description": "Grants permission to list all asset bundle import jobs", + "access_level": "List", + "resource_types": { + "assetBundleImportJob": { + "resource_type": "assetBundleImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assetbundleimportjob": "assetBundleImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListAssetBundleImportJobs.html" + }, + "ListCustomPermissions": { + "privilege": "ListCustomPermissions", + "description": "Grants permission to list custom permissions resources in QuickSight account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "ListCustomerManagedKeys": { + "privilege": "ListCustomerManagedKeys", + "description": "Grants permission to list all registered customer managed keys", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" + }, + "ListDashboardVersions": { + "privilege": "ListDashboardVersions", + "description": "Grants permission to list all versions of a QuickSight Dashboard", + "access_level": "List", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDashboardVersions.html" + }, + "ListDashboards": { + "privilege": "ListDashboards", + "description": "Grants permission to list all Dashboards in a QuickSight Account", + "access_level": "List", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDashboards.html" + }, + "ListDataSets": { + "privilege": "ListDataSets", + "description": "Grants permission to list all datasets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDataSets.html" + }, + "ListDataSources": { + "privilege": "ListDataSources", + "description": "Grants permission to list all data sources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListDataSources.html" + }, + "ListFolderMembers": { + "privilege": "ListFolderMembers", + "description": "Grants permission to list all members in a folder", + "access_level": "Read", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListFolderMembers.html" + }, + "ListFolders": { + "privilege": "ListFolders", + "description": "Grants permission to list all Folders in a QuickSight Account", + "access_level": "List", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListFolders.html" + }, + "ListGroupMemberships": { + "privilege": "ListGroupMemberships", + "description": "Grants permission to list member users in a group", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListGroupMemberships.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list all user groups in QuickSight", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListGroups.html" + }, + "ListIAMPolicyAssignments": { + "privilege": "ListIAMPolicyAssignments", + "description": "Grants permission to list all assignments in the current Amazon QuickSight account", + "access_level": "List", + "resource_types": { + "assignment": { + "resource_type": "assignment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assignment": "assignment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListIAMPolicyAssignments.html" + }, + "ListIAMPolicyAssignmentsForUser": { + "privilege": "ListIAMPolicyAssignmentsForUser", + "description": "Grants permission to list all assignments assigned to a user and the groups it belongs", + "access_level": "List", + "resource_types": { + "assignment": { + "resource_type": "assignment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assignment": "assignment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListIAMPolicyAssignmentsForUser.html" + }, + "ListIngestions": { + "privilege": "ListIngestions", + "description": "Grants permission to list all SPICE ingestions on a dataset", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListIngestions.html" + }, + "ListKMSKeysForUser": { + "privilege": "ListKMSKeysForUser", + "description": "Grants permission to list a user's KMS keys", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" + }, + "ListNamespaces": { + "privilege": "ListNamespaces", + "description": "Grants permission to lists all namespaces in a QuickSight account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListNamespaces.html" + }, + "ListRefreshSchedules": { + "privilege": "ListRefreshSchedules", + "description": "Grants permission to list all refresh schedules on a dataset", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListRefreshSchedules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags of a QuickSight resource", + "access_level": "Read", + "resource_types": { + "customization": { + "resource_type": "customization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "folder": { + "resource_type": "folder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "theme": { + "resource_type": "theme", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "topic": { + "resource_type": "topic", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customization": "customization", + "dashboard": "dashboard", + "folder": "folder", + "template": "template", + "theme": "theme", + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTemplateAliases": { + "privilege": "ListTemplateAliases", + "description": "Grants permission to list all aliases for a template", + "access_level": "List", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTemplateAliases.html" + }, + "ListTemplateVersions": { + "privilege": "ListTemplateVersions", + "description": "Grants permission to list all versions of a template", + "access_level": "List", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTemplateVersions.html" + }, + "ListTemplates": { + "privilege": "ListTemplates", + "description": "Grants permission to list all templates in a QuickSight account", + "access_level": "List", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTemplates.html" + }, + "ListThemeAliases": { + "privilege": "ListThemeAliases", + "description": "Grants permission to list all aliases of a theme", + "access_level": "List", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListThemeAliases.html" + }, + "ListThemeVersions": { + "privilege": "ListThemeVersions", + "description": "Grants permission to list all versions of a theme", + "access_level": "List", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListThemeVersions.html" + }, + "ListThemes": { + "privilege": "ListThemes", + "description": "Grants permission to list all themes in an account", + "access_level": "List", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListThemes.html" + }, + "ListTopicRefreshSchedules": { + "privilege": "ListTopicRefreshSchedules", + "description": "Grants permission to list all refresh schedules on a topic", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTopicRefreshSchedules.html" + }, + "ListTopics": { + "privilege": "ListTopics", + "description": "Grants permission to list all topics", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListTopics.html" + }, + "ListUserGroups": { + "privilege": "ListUserGroups", + "description": "Grants permission to list groups that a given user is a member of", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListUserGroups.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list all of the QuickSight users belonging to this account", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListUsers.html" + }, + "ListVPCConnections": { + "privilege": "ListVPCConnections", + "description": "Grants permission to list all vpc connections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ListVPCConnections.html" + }, + "PassDataSet": { + "privilege": "PassDataSet", + "description": "Grants permission to use a dataset for a template", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/qs-api-overview.html" + }, + "PassDataSource": { + "privilege": "PassDataSource", + "description": "Grants permission to use a data source for a data set", + "access_level": "Read", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/qs-api-overview.html" + }, + "PutDataSetRefreshProperties": { + "privilege": "PutDataSetRefreshProperties", + "description": "Grants permission to put dataset refresh properties for a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_PutDataSetRefreshProperties.html" + }, + "RegisterCustomerManagedKey": { + "privilege": "RegisterCustomerManagedKey", + "description": "Grants permission to register a customer managed key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" + }, + "RegisterUser": { + "privilege": "RegisterUser", + "description": "Grants permission to create a QuickSight user, whose identity is associated with the IAM identity/role specified in the request", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [ + "quicksight:IamArn", + "quicksight:SessionName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RegisterUser.html" + }, + "RemoveCustomerManagedKey": { + "privilege": "RemoveCustomerManagedKey", + "description": "Grants permission to remove a customer managed key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/key-management.html" + }, + "RestoreAnalysis": { + "privilege": "RestoreAnalysis", + "description": "Grants permission to restore a deleted analysis", + "access_level": "Write", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_RestoreAnalysis.html" + }, + "ScopeDownPolicy": { + "privilege": "ScopeDownPolicy", + "description": "Grants permission to manage scoping policies for permissions to AWS resources", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/accessing-data-sources.html" + }, + "SearchAnalyses": { + "privilege": "SearchAnalyses", + "description": "Grants permission to search for a sub-set of analyses", + "access_level": "List", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchAnalyses.html" + }, + "SearchDashboards": { + "privilege": "SearchDashboards", + "description": "Grants permission to search for a sub-set of QuickSight Dashboards", + "access_level": "List", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchDashboards.html" + }, + "SearchDataSets": { + "privilege": "SearchDataSets", + "description": "Grants permission to search for a sub-set of QuickSight DatSets", + "access_level": "List", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchDataSets.html" + }, + "SearchDataSources": { + "privilege": "SearchDataSources", + "description": "Grants permission to search for a sub-set of QuickSight Data Sources", + "access_level": "List", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchDataSources.html" + }, + "SearchDirectoryGroups": { + "privilege": "SearchDirectoryGroups", + "description": "Grants permission to use Amazon QuickSight, in Enterprise edition, to display your Microsoft Active Directory directory groups so that you can choose which ones to map to roles in Amazon QuickSight", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "SearchFolders": { + "privilege": "SearchFolders", + "description": "Grants permission to search for a sub-set of QuickSight Folders", + "access_level": "Read", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchFolders.html" + }, + "SearchGroups": { + "privilege": "SearchGroups", + "description": "Grants permission to search for a sub-set of QuickSight groups", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_SearchGroups.html" + }, + "SearchUsers": { + "privilege": "SearchUsers", + "description": "Grants permission to search the QuickSight users belonging to this account", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "SetGroupMapping": { + "privilege": "SetGroupMapping", + "description": "Grants permission to use Amazon QuickSight, in Enterprise edition, to display your Microsoft Active Directory directory groups so that you can choose which ones to map to roles in Amazon QuickSight", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "StartAssetBundleExportJob": { + "privilege": "StartAssetBundleExportJob", + "description": "Grants permission to start an asset bundle export job", + "access_level": "Write", + "resource_types": { + "assetBundleExportJob": { + "resource_type": "assetBundleExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assetbundleexportjob": "assetBundleExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_StartAssetBundleExportJob.html" + }, + "StartAssetBundleImportJob": { + "privilege": "StartAssetBundleImportJob", + "description": "Grants permission to start an asset bundle import job", + "access_level": "Write", + "resource_types": { + "assetBundleImportJob": { + "resource_type": "assetBundleImportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assetbundleimportjob": "assetBundleImportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_StartAssetBundleImportJob.html" + }, + "StartDashboardSnapshotJob": { + "privilege": "StartDashboardSnapshotJob", + "description": "Grants permission to start a dashboard snapshot job", + "access_level": "Write", + "resource_types": { + "dashboardSnapshotJob": { + "resource_type": "dashboardSnapshotJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboardsnapshotjob": "dashboardSnapshotJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_StartDashboardSnapshotJob.html" + }, + "Subscribe": { + "privilege": "Subscribe", + "description": "Grants permission to subscribe to Amazon QuickSight, and also to allow the user to upgrade the subscription to Enterprise edition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "quicksight:Edition", + "quicksight:DirectoryType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a QuickSight resource", + "access_level": "Tagging", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customization": { + "resource_type": "customization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasource": { + "resource_type": "datasource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "folder": { + "resource_type": "folder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "theme": { + "resource_type": "theme", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "topic": { + "resource_type": "topic", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcconnection": { + "resource_type": "vpcconnection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis", + "customization": "customization", + "dashboard": "dashboard", + "dataset": "dataset", + "datasource": "datasource", + "folder": "folder", + "ingestion": "ingestion", + "template": "template", + "theme": "theme", + "topic": "topic", + "vpcconnection": "vpcconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_TagResource.html" + }, + "Unsubscribe": { + "privilege": "Unsubscribe", + "description": "Grants permission to unsubscribe from Amazon QuickSight, which permanently deletes all users and their resources from Amazon QuickSight", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a QuickSight resource", + "access_level": "Tagging", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customization": { + "resource_type": "customization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datasource": { + "resource_type": "datasource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "folder": { + "resource_type": "folder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "template": { + "resource_type": "template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "theme": { + "resource_type": "theme", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "topic": { + "resource_type": "topic", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcconnection": { + "resource_type": "vpcconnection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis", + "customization": "customization", + "dashboard": "dashboard", + "dataset": "dataset", + "datasource": "datasource", + "folder": "folder", + "ingestion": "ingestion", + "template": "template", + "theme": "theme", + "topic": "topic", + "vpcconnection": "vpcconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UntagResource.html" + }, + "UpdateAccountCustomization": { + "privilege": "UpdateAccountCustomization", + "description": "Grants permission to update an account customization for QuickSight account or namespace", + "access_level": "Write", + "resource_types": { + "customization": { + "resource_type": "customization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customization": "customization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAccountCustomization.html" + }, + "UpdateAccountSettings": { + "privilege": "UpdateAccountSettings", + "description": "Grants permission to update the administrative account settings for QuickSight account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAccountSettings.html" + }, + "UpdateAnalysis": { + "privilege": "UpdateAnalysis", + "description": "Grants permission to update an analysis", + "access_level": "Write", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAnalysis.html" + }, + "UpdateAnalysisPermissions": { + "privilege": "UpdateAnalysisPermissions", + "description": "Grants permission to update permissions for an analysis", + "access_level": "Permissions management", + "resource_types": { + "analysis": { + "resource_type": "analysis", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analysis": "analysis" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateAnalysisPermissions.html" + }, + "UpdateCustomPermissions": { + "privilege": "UpdateCustomPermissions", + "description": "Grants permission to update a custom permissions resource", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/iam-actions.html" + }, + "UpdateDashboard": { + "privilege": "UpdateDashboard", + "description": "Grants permission to update a QuickSight Dashboard", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDashboard.html" + }, + "UpdateDashboardPermissions": { + "privilege": "UpdateDashboardPermissions", + "description": "Grants permission to update permissions for a QuickSight Dashboard", + "access_level": "Permissions management", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDashboardPermissions.html" + }, + "UpdateDashboardPublishedVersion": { + "privilege": "UpdateDashboardPublishedVersion", + "description": "Grants permission to update a QuickSight Dashboard\u2019s Published Version", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDashboardPublishedVersion.html" + }, + "UpdateDataSet": { + "privilege": "UpdateDataSet", + "description": "Grants permission to update a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "quicksight:PassDataSource" + ] + }, + "datasource": { + "resource_type": "datasource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSet.html" + }, + "UpdateDataSetPermissions": { + "privilege": "UpdateDataSetPermissions", + "description": "Grants permission to update the resource policy of a dataset", + "access_level": "Permissions management", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSetPermissions.html" + }, + "UpdateDataSource": { + "privilege": "UpdateDataSource", + "description": "Grants permission to update a data source", + "access_level": "Write", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSource.html" + }, + "UpdateDataSourcePermissions": { + "privilege": "UpdateDataSourcePermissions", + "description": "Grants permission to update the resource policy of a data source", + "access_level": "Permissions management", + "resource_types": { + "datasource": { + "resource_type": "datasource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "datasource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateDataSourcePermissions.html" + }, + "UpdateEmailCustomizationTemplate": { + "privilege": "UpdateEmailCustomizationTemplate", + "description": "Grants permission to update a QuickSight email customization template", + "access_level": "Write", + "resource_types": { + "emailCustomizationTemplate": { + "resource_type": "emailCustomizationTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcustomizationtemplate": "emailCustomizationTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/customizing-quicksight-email-templates.html" + }, + "UpdateFolder": { + "privilege": "UpdateFolder", + "description": "Grants permission to update a QuickSight Folder", + "access_level": "Write", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateFolder.html" + }, + "UpdateFolderPermissions": { + "privilege": "UpdateFolderPermissions", + "description": "Grants permission to update permissions for a QuickSight Folder", + "access_level": "Permissions management", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateFolderPermissions.html" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to change group description", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateGroup.html" + }, + "UpdateIAMPolicyAssignment": { + "privilege": "UpdateIAMPolicyAssignment", + "description": "Grants permission to update an existing assignment", + "access_level": "Permissions management", + "resource_types": { + "assignment": { + "resource_type": "assignment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assignment": "assignment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateIAMPolicyAssignment.html" + }, + "UpdateIpRestriction": { + "privilege": "UpdateIpRestriction", + "description": "Grants permission to update the IP restrictions for QuickSight account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateIpRestriction.html" + }, + "UpdatePublicSharingSettings": { + "privilege": "UpdatePublicSharingSettings", + "description": "Grants permission to enable or disable public sharing on an account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdatePublicSharingSettings.html" + }, + "UpdateRefreshSchedule": { + "privilege": "UpdateRefreshSchedule", + "description": "Grants permission to update a refresh schedule for a dataset", + "access_level": "Write", + "resource_types": { + "refreshschedule": { + "resource_type": "refreshschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "refreshschedule": "refreshschedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateRefreshSchedule.html" + }, + "UpdateResourcePermissions": { + "privilege": "UpdateResourcePermissions", + "description": "Grants permission to update resource-level permissions in QuickSight", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/user/security_iam_service-with-iam.html" + }, + "UpdateTemplate": { + "privilege": "UpdateTemplate", + "description": "Grants permission to update a template", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTemplate.html" + }, + "UpdateTemplateAlias": { + "privilege": "UpdateTemplateAlias", + "description": "Grants permission to update a template alias", + "access_level": "Write", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTemplateAlias.html" + }, + "UpdateTemplatePermissions": { + "privilege": "UpdateTemplatePermissions", + "description": "Grants permission to update permissions for a template", + "access_level": "Permissions management", + "resource_types": { + "template": { + "resource_type": "template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "template": "template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTemplatePermissions.html" + }, + "UpdateTheme": { + "privilege": "UpdateTheme", + "description": "Grants permission to update a theme", + "access_level": "Write", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTheme.html" + }, + "UpdateThemeAlias": { + "privilege": "UpdateThemeAlias", + "description": "Grants permission to update the alias of a theme", + "access_level": "Write", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateThemeAlias.html" + }, + "UpdateThemePermissions": { + "privilege": "UpdateThemePermissions", + "description": "Grants permission to update permissions for a theme", + "access_level": "Permissions management", + "resource_types": { + "theme": { + "resource_type": "theme", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "theme": "theme" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateThemePermissions.html" + }, + "UpdateTopic": { + "privilege": "UpdateTopic", + "description": "Grants permission to update a topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "quicksight:PassDataSet" + ] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTopic.html" + }, + "UpdateTopicPermissions": { + "privilege": "UpdateTopicPermissions", + "description": "Grants permission to update the resource policy of a topic", + "access_level": "Permissions management", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTopicPermissions.html" + }, + "UpdateTopicRefreshSchedule": { + "privilege": "UpdateTopicRefreshSchedule", + "description": "Grants permission to update a refresh schedule for a topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateTopicRefreshSchedule.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update an Amazon QuickSight user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateUser.html" + }, + "UpdateVPCConnection": { + "privilege": "UpdateVPCConnection", + "description": "Grants permission to update a vpc connection", + "access_level": "Write", + "resource_types": { + "vpcconnection": { + "resource_type": "vpcconnection", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcconnection": "vpcconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/quicksight/latest/APIReference/API_UpdateVPCConnection.html" + } + }, + "privileges_lower_name": { + "accountconfigurations": "AccountConfigurations", + "cancelingestion": "CancelIngestion", + "createaccountcustomization": "CreateAccountCustomization", + "createaccountsubscription": "CreateAccountSubscription", + "createadmin": "CreateAdmin", + "createanalysis": "CreateAnalysis", + "createcustompermissions": "CreateCustomPermissions", + "createdashboard": "CreateDashboard", + "createdataset": "CreateDataSet", + "createdatasource": "CreateDataSource", + "createemailcustomizationtemplate": "CreateEmailCustomizationTemplate", + "createfolder": "CreateFolder", + "createfoldermembership": "CreateFolderMembership", + "creategroup": "CreateGroup", + "creategroupmembership": "CreateGroupMembership", + "createiampolicyassignment": "CreateIAMPolicyAssignment", + "createingestion": "CreateIngestion", + "createnamespace": "CreateNamespace", + "createreader": "CreateReader", + "createrefreshschedule": "CreateRefreshSchedule", + "createtemplate": "CreateTemplate", + "createtemplatealias": "CreateTemplateAlias", + "createtheme": "CreateTheme", + "createthemealias": "CreateThemeAlias", + "createtopic": "CreateTopic", + "createtopicrefreshschedule": "CreateTopicRefreshSchedule", + "createuser": "CreateUser", + "createvpcconnection": "CreateVPCConnection", + "deleteaccountcustomization": "DeleteAccountCustomization", + "deleteaccountsubscription": "DeleteAccountSubscription", + "deleteanalysis": "DeleteAnalysis", + "deletecustompermissions": "DeleteCustomPermissions", + "deletedashboard": "DeleteDashboard", + "deletedataset": "DeleteDataSet", + "deletedatasetrefreshproperties": "DeleteDataSetRefreshProperties", + "deletedatasource": "DeleteDataSource", + "deleteemailcustomizationtemplate": "DeleteEmailCustomizationTemplate", + "deletefolder": "DeleteFolder", + "deletefoldermembership": "DeleteFolderMembership", + "deletegroup": "DeleteGroup", + "deletegroupmembership": "DeleteGroupMembership", + "deleteiampolicyassignment": "DeleteIAMPolicyAssignment", + "deletenamespace": "DeleteNamespace", + "deleterefreshschedule": "DeleteRefreshSchedule", + "deletetemplate": "DeleteTemplate", + "deletetemplatealias": "DeleteTemplateAlias", + "deletetheme": "DeleteTheme", + "deletethemealias": "DeleteThemeAlias", + "deletetopic": "DeleteTopic", + "deletetopicrefreshschedule": "DeleteTopicRefreshSchedule", + "deleteuser": "DeleteUser", + "deleteuserbyprincipalid": "DeleteUserByPrincipalId", + "deletevpcconnection": "DeleteVPCConnection", + "describeaccountcustomization": "DescribeAccountCustomization", + "describeaccountsettings": "DescribeAccountSettings", + "describeaccountsubscription": "DescribeAccountSubscription", + "describeanalysis": "DescribeAnalysis", + "describeanalysispermissions": "DescribeAnalysisPermissions", + "describeassetbundleexportjob": "DescribeAssetBundleExportJob", + "describeassetbundleimportjob": "DescribeAssetBundleImportJob", + "describecustompermissions": "DescribeCustomPermissions", + "describedashboard": "DescribeDashboard", + "describedashboardpermissions": "DescribeDashboardPermissions", + "describedashboardsnapshotjob": "DescribeDashboardSnapshotJob", + "describedashboardsnapshotjobresult": "DescribeDashboardSnapshotJobResult", + "describedataset": "DescribeDataSet", + "describedatasetpermissions": "DescribeDataSetPermissions", + "describedatasetrefreshproperties": "DescribeDataSetRefreshProperties", + "describedatasource": "DescribeDataSource", + "describedatasourcepermissions": "DescribeDataSourcePermissions", + "describeemailcustomizationtemplate": "DescribeEmailCustomizationTemplate", + "describefolder": "DescribeFolder", + "describefolderpermissions": "DescribeFolderPermissions", + "describefolderresolvedpermissions": "DescribeFolderResolvedPermissions", + "describegroup": "DescribeGroup", + "describegroupmembership": "DescribeGroupMembership", + "describeiampolicyassignment": "DescribeIAMPolicyAssignment", + "describeingestion": "DescribeIngestion", + "describeiprestriction": "DescribeIpRestriction", + "describenamespace": "DescribeNamespace", + "describerefreshschedule": "DescribeRefreshSchedule", + "describetemplate": "DescribeTemplate", + "describetemplatealias": "DescribeTemplateAlias", + "describetemplatepermissions": "DescribeTemplatePermissions", + "describetheme": "DescribeTheme", + "describethemealias": "DescribeThemeAlias", + "describethemepermissions": "DescribeThemePermissions", + "describetopic": "DescribeTopic", + "describetopicpermissions": "DescribeTopicPermissions", + "describetopicrefresh": "DescribeTopicRefresh", + "describetopicrefreshschedule": "DescribeTopicRefreshSchedule", + "describeuser": "DescribeUser", + "describevpcconnection": "DescribeVPCConnection", + "generateembedurlforanonymoususer": "GenerateEmbedUrlForAnonymousUser", + "generateembedurlforregistereduser": "GenerateEmbedUrlForRegisteredUser", + "getanonymoususerembedurl": "GetAnonymousUserEmbedUrl", + "getauthcode": "GetAuthCode", + "getdashboardembedurl": "GetDashboardEmbedUrl", + "getgroupmapping": "GetGroupMapping", + "getsessionembedurl": "GetSessionEmbedUrl", + "listanalyses": "ListAnalyses", + "listassetbundleexportjobs": "ListAssetBundleExportJobs", + "listassetbundleimportjobs": "ListAssetBundleImportJobs", + "listcustompermissions": "ListCustomPermissions", + "listcustomermanagedkeys": "ListCustomerManagedKeys", + "listdashboardversions": "ListDashboardVersions", + "listdashboards": "ListDashboards", + "listdatasets": "ListDataSets", + "listdatasources": "ListDataSources", + "listfoldermembers": "ListFolderMembers", + "listfolders": "ListFolders", + "listgroupmemberships": "ListGroupMemberships", + "listgroups": "ListGroups", + "listiampolicyassignments": "ListIAMPolicyAssignments", + "listiampolicyassignmentsforuser": "ListIAMPolicyAssignmentsForUser", + "listingestions": "ListIngestions", + "listkmskeysforuser": "ListKMSKeysForUser", + "listnamespaces": "ListNamespaces", + "listrefreshschedules": "ListRefreshSchedules", + "listtagsforresource": "ListTagsForResource", + "listtemplatealiases": "ListTemplateAliases", + "listtemplateversions": "ListTemplateVersions", + "listtemplates": "ListTemplates", + "listthemealiases": "ListThemeAliases", + "listthemeversions": "ListThemeVersions", + "listthemes": "ListThemes", + "listtopicrefreshschedules": "ListTopicRefreshSchedules", + "listtopics": "ListTopics", + "listusergroups": "ListUserGroups", + "listusers": "ListUsers", + "listvpcconnections": "ListVPCConnections", + "passdataset": "PassDataSet", + "passdatasource": "PassDataSource", + "putdatasetrefreshproperties": "PutDataSetRefreshProperties", + "registercustomermanagedkey": "RegisterCustomerManagedKey", + "registeruser": "RegisterUser", + "removecustomermanagedkey": "RemoveCustomerManagedKey", + "restoreanalysis": "RestoreAnalysis", + "scopedownpolicy": "ScopeDownPolicy", + "searchanalyses": "SearchAnalyses", + "searchdashboards": "SearchDashboards", + "searchdatasets": "SearchDataSets", + "searchdatasources": "SearchDataSources", + "searchdirectorygroups": "SearchDirectoryGroups", + "searchfolders": "SearchFolders", + "searchgroups": "SearchGroups", + "searchusers": "SearchUsers", + "setgroupmapping": "SetGroupMapping", + "startassetbundleexportjob": "StartAssetBundleExportJob", + "startassetbundleimportjob": "StartAssetBundleImportJob", + "startdashboardsnapshotjob": "StartDashboardSnapshotJob", + "subscribe": "Subscribe", + "tagresource": "TagResource", + "unsubscribe": "Unsubscribe", + "untagresource": "UntagResource", + "updateaccountcustomization": "UpdateAccountCustomization", + "updateaccountsettings": "UpdateAccountSettings", + "updateanalysis": "UpdateAnalysis", + "updateanalysispermissions": "UpdateAnalysisPermissions", + "updatecustompermissions": "UpdateCustomPermissions", + "updatedashboard": "UpdateDashboard", + "updatedashboardpermissions": "UpdateDashboardPermissions", + "updatedashboardpublishedversion": "UpdateDashboardPublishedVersion", + "updatedataset": "UpdateDataSet", + "updatedatasetpermissions": "UpdateDataSetPermissions", + "updatedatasource": "UpdateDataSource", + "updatedatasourcepermissions": "UpdateDataSourcePermissions", + "updateemailcustomizationtemplate": "UpdateEmailCustomizationTemplate", + "updatefolder": "UpdateFolder", + "updatefolderpermissions": "UpdateFolderPermissions", + "updategroup": "UpdateGroup", + "updateiampolicyassignment": "UpdateIAMPolicyAssignment", + "updateiprestriction": "UpdateIpRestriction", + "updatepublicsharingsettings": "UpdatePublicSharingSettings", + "updaterefreshschedule": "UpdateRefreshSchedule", + "updateresourcepermissions": "UpdateResourcePermissions", + "updatetemplate": "UpdateTemplate", + "updatetemplatealias": "UpdateTemplateAlias", + "updatetemplatepermissions": "UpdateTemplatePermissions", + "updatetheme": "UpdateTheme", + "updatethemealias": "UpdateThemeAlias", + "updatethemepermissions": "UpdateThemePermissions", + "updatetopic": "UpdateTopic", + "updatetopicpermissions": "UpdateTopicPermissions", + "updatetopicrefreshschedule": "UpdateTopicRefreshSchedule", + "updateuser": "UpdateUser", + "updatevpcconnection": "UpdateVPCConnection" + }, + "resources": { + "account": { + "resource": "account", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:account/${ResourceId}", + "condition_keys": [] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:user/${ResourceId}", + "condition_keys": [] + }, + "group": { + "resource": "group", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:group/${ResourceId}", + "condition_keys": [] + }, + "analysis": { + "resource": "analysis", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:analysis/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dashboard": { + "resource": "dashboard", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dashboard/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "template": { + "resource": "template", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:template/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vpcconnection": { + "resource": "vpcconnection", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:vpcConnection/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "assetBundleExportJob": { + "resource": "assetBundleExportJob", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:asset-bundle-export-job/${ResourceId}", + "condition_keys": [] + }, + "assetBundleImportJob": { + "resource": "assetBundleImportJob", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:asset-bundle-import-job/${ResourceId}", + "condition_keys": [] + }, + "datasource": { + "resource": "datasource", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:datasource/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dataset": { + "resource": "dataset", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dataset/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ingestion": { + "resource": "ingestion", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dataset/${DatasetId}/ingestion/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "refreshschedule": { + "resource": "refreshschedule", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dataset/${DatasetId}/refresh-schedule/${ResourceId}", + "condition_keys": [] + }, + "theme": { + "resource": "theme", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:theme/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "assignment": { + "resource": "assignment", + "arn": "arn:${Partition}:quicksight::${Account}:assignment/${ResourceId}", + "condition_keys": [] + }, + "customization": { + "resource": "customization", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:customization/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "namespace": { + "resource": "namespace", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:namespace/${ResourceId}", + "condition_keys": [] + }, + "folder": { + "resource": "folder", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:folder/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "emailCustomizationTemplate": { + "resource": "emailCustomizationTemplate", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:email-customization-template/${ResourceId}", + "condition_keys": [] + }, + "topic": { + "resource": "topic", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:topic/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dashboardSnapshotJob": { + "resource": "dashboardSnapshotJob", + "arn": "arn:${Partition}:quicksight:${Region}:${Account}:dashboard/${DashboardId}/snapshot-job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "account": "account", + "user": "user", + "group": "group", + "analysis": "analysis", + "dashboard": "dashboard", + "template": "template", + "vpcconnection": "vpcconnection", + "assetbundleexportjob": "assetBundleExportJob", + "assetbundleimportjob": "assetBundleImportJob", + "datasource": "datasource", + "dataset": "dataset", + "ingestion": "ingestion", + "refreshschedule": "refreshschedule", + "theme": "theme", + "assignment": "assignment", + "customization": "customization", + "namespace": "namespace", + "folder": "folder", + "emailcustomizationtemplate": "emailCustomizationTemplate", + "topic": "topic", + "dashboardsnapshotjob": "dashboardSnapshotJob" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys", + "type": "ArrayOfString" + }, + "quicksight:AllowedEmbeddingDomains": { + "condition": "quicksight:AllowedEmbeddingDomains", + "description": "Filters access by the allowed embedding domains", + "type": "ArrayOfString" + }, + "quicksight:DirectoryType": { + "condition": "quicksight:DirectoryType", + "description": "Filters access by the user management options", + "type": "String" + }, + "quicksight:Edition": { + "condition": "quicksight:Edition", + "description": "Filters access by the edition of QuickSight", + "type": "String" + }, + "quicksight:IamArn": { + "condition": "quicksight:IamArn", + "description": "Filters access by IAM user or role ARN", + "type": "String" + }, + "quicksight:SessionName": { + "condition": "quicksight:SessionName", + "description": "Filters access by session name", + "type": "String" + }, + "quicksight:UserName": { + "condition": "quicksight:UserName", + "description": "Filters access by user name", + "type": "String" + } + } + }, + "rds": { + "service_name": "Amazon RDS", + "prefix": "rds", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrds.html", + "privileges": { + "AddRoleToDBCluster": { + "privilege": "AddRoleToDBCluster", + "description": "Grants permission to associate an Identity and Access Management (IAM) role from an Aurora DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBCluster.html" + }, + "AddRoleToDBInstance": { + "privilege": "AddRoleToDBInstance", + "description": "Grants permission to associate an AWS Identity and Access Management (IAM) role with a DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddRoleToDBInstance.html" + }, + "AddSourceIdentifierToSubscription": { + "privilege": "AddSourceIdentifierToSubscription", + "description": "Grants permission to add a source identifier to an existing RDS event notification subscription", + "access_level": "Write", + "resource_types": { + "es": { + "resource_type": "es", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "es": "es" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddSourceIdentifierToSubscription.html" + }, + "AddTagsToResource": { + "privilege": "AddTagsToResource", + "description": "Grants permission to add metadata tags to an Amazon RDS resource", + "access_level": "Tagging", + "resource_types": { + "cev": { + "resource_type": "cev", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-endpoint": { + "resource_type": "cluster-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "es": { + "resource_type": "es", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy": { + "resource_type": "proxy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy-endpoint": { + "resource_type": "proxy-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ri": { + "resource_type": "ri", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "secgrp": { + "resource_type": "secgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "target-group": { + "resource_type": "target-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cev": "cev", + "cluster": "cluster", + "cluster-endpoint": "cluster-endpoint", + "cluster-pg": "cluster-pg", + "cluster-snapshot": "cluster-snapshot", + "db": "db", + "deployment": "deployment", + "es": "es", + "og": "og", + "pg": "pg", + "proxy": "proxy", + "proxy-endpoint": "proxy-endpoint", + "ri": "ri", + "secgrp": "secgrp", + "snapshot": "snapshot", + "subgrp": "subgrp", + "target-group": "target-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AddTagsToResource.html" + }, + "ApplyPendingMaintenanceAction": { + "privilege": "ApplyPendingMaintenanceAction", + "description": "Grants permission to apply a pending maintenance action to a resource", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ApplyPendingMaintenanceAction.html" + }, + "AuthorizeDBSecurityGroupIngress": { + "privilege": "AuthorizeDBSecurityGroupIngress", + "description": "Grants permission to enable ingress to a DBSecurityGroup using one of two forms of authorization", + "access_level": "Permissions management", + "resource_types": { + "secgrp": { + "resource_type": "secgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secgrp": "secgrp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_AuthorizeDBSecurityGroupIngress.html" + }, + "BacktrackDBCluster": { + "privilege": "BacktrackDBCluster", + "description": "Grants permission to backtrack a DB cluster to a specific time, without creating a new DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_BacktrackDBCluster.html" + }, + "CancelExportTask": { + "privilege": "CancelExportTask", + "description": "Grants permission to cancel an export task in progress", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CancelExportTask.html" + }, + "CopyDBClusterParameterGroup": { + "privilege": "CopyDBClusterParameterGroup", + "description": "Grants permission to copy the specified DB cluster parameter group", + "access_level": "Write", + "resource_types": { + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-pg": "cluster-pg", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterParameterGroup.html" + }, + "CopyDBClusterSnapshot": { + "privilege": "CopyDBClusterSnapshot", + "description": "Grants permission to create a snapshot of a DB cluster", + "access_level": "Write", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBClusterSnapshot.html" + }, + "CopyDBParameterGroup": { + "privilege": "CopyDBParameterGroup", + "description": "Grants permission to copy the specified DB parameter group", + "access_level": "Write", + "resource_types": { + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pg": "pg", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBParameterGroup.html" + }, + "CopyDBSnapshot": { + "privilege": "CopyDBSnapshot", + "description": "Grants permission to copy the specified DB snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:CopyOptionGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyDBSnapshot.html" + }, + "CopyOptionGroup": { + "privilege": "CopyOptionGroup", + "description": "Grants permission to copy the specified option group", + "access_level": "Write", + "resource_types": { + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "og": "og", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CopyOptionGroup.html" + }, + "CreateBlueGreenDeployment": { + "privilege": "CreateBlueGreenDeployment", + "description": "Grants permission to create a blue-green deployment for a given source cluster or instance", + "access_level": "Write", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBClusterEndpoint", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica" + ] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "rds:cluster-tag/${TagKey}", + "rds:cluster-pg-tag/${TagKey}", + "rds:db-tag/${TagKey}", + "rds:pg-tag/${TagKey}", + "rds:req-tag/${TagKey}", + "rds:DatabaseEngine", + "rds:DatabaseName", + "rds:StorageEncrypted", + "rds:DatabaseClass", + "rds:StorageSize", + "rds:MultiAz", + "rds:Piops", + "rds:Vpc" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deployment": "deployment", + "cluster": "cluster", + "cluster-pg": "cluster-pg", + "db": "db", + "pg": "pg", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateBlueGreenDeployment.html" + }, + "CreateCustomDBEngineVersion": { + "privilege": "CreateCustomDBEngineVersion", + "description": "Grants permission to create a custom engine version", + "access_level": "Write", + "resource_types": { + "cev": { + "resource_type": "cev", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "mediaimport:CreateDatabaseBinarySnapshot", + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cev": "cev", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateCustomDBEngineVersion.html" + }, + "CreateDBCluster": { + "privilege": "CreateDBCluster", + "description": "Grants permission to create a new Amazon Aurora DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "global-cluster": { + "resource_type": "global-cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}", + "rds:DatabaseEngine", + "rds:DatabaseName", + "rds:StorageEncrypted", + "rds:DatabaseClass", + "rds:StorageSize", + "rds:Piops", + "rds:ManageMasterUserPassword" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-pg": "cluster-pg", + "og": "og", + "subgrp": "subgrp", + "db": "db", + "global-cluster": "global-cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBCluster.html" + }, + "CreateDBClusterEndpoint": { + "privilege": "CreateDBClusterEndpoint", + "description": "Grants permission to create a new custom endpoint and associates it with an Amazon Aurora DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "cluster-endpoint": { + "resource_type": "cluster-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "rds:EndpointType", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-endpoint": "cluster-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterEndpoint.html" + }, + "CreateDBClusterParameterGroup": { + "privilege": "CreateDBClusterParameterGroup", + "description": "Grants permission to create a new DB cluster parameter group", + "access_level": "Write", + "resource_types": { + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-pg": "cluster-pg", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html" + }, + "CreateDBClusterSnapshot": { + "privilege": "CreateDBClusterSnapshot", + "description": "Grants permission to create a snapshot of a DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-snapshot": "cluster-snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBClusterSnapshot.html" + }, + "CreateDBInstance": { + "privilege": "CreateDBInstance", + "description": "Grants permission to create a new DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "rds:AddTagsToResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "secgrp": { + "resource_type": "secgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "rds:BackupTarget", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}", + "rds:ManageMasterUserPassword" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db", + "cluster": "cluster", + "og": "og", + "pg": "pg", + "secgrp": "secgrp", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html" + }, + "CreateDBInstanceReadReplica": { + "privilege": "CreateDBInstanceReadReplica", + "description": "Grants permission to create a DB instance that acts as a Read Replica of a source DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "rds:AddTagsToResource" + ] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db", + "og": "og", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html" + }, + "CreateDBParameterGroup": { + "privilege": "CreateDBParameterGroup", + "description": "Grants permission to create a new DB parameter group", + "access_level": "Write", + "resource_types": { + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pg": "pg", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html" + }, + "CreateDBProxy": { + "privilege": "CreateDBProxy", + "description": "Grants permission to create a database proxy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxy.html" + }, + "CreateDBProxyEndpoint": { + "privilege": "CreateDBProxyEndpoint", + "description": "Grants permission to create a database proxy endpoint", + "access_level": "Write", + "resource_types": { + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy-endpoint": { + "resource_type": "proxy-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proxy": "proxy", + "proxy-endpoint": "proxy-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBProxyEndpoint.html" + }, + "CreateDBSecurityGroup": { + "privilege": "CreateDBSecurityGroup", + "description": "Grants permission to create a new DB security group. DB security groups control access to a DB instance", + "access_level": "Write", + "resource_types": { + "secgrp": { + "resource_type": "secgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secgrp": "secgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSecurityGroup.html" + }, + "CreateDBSnapshot": { + "privilege": "CreateDBSnapshot", + "description": "Grants permission to create a DBSnapshot", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "rds:BackupTarget", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSnapshot.html" + }, + "CreateDBSubnetGroup": { + "privilege": "CreateDBSubnetGroup", + "description": "Grants permission to create a new DB subnet group", + "access_level": "Write", + "resource_types": { + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBSubnetGroup.html" + }, + "CreateEventSubscription": { + "privilege": "CreateEventSubscription", + "description": "Grants permission to create an RDS event notification subscription", + "access_level": "Write", + "resource_types": { + "es": { + "resource_type": "es", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "es": "es", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateEventSubscription.html" + }, + "CreateGlobalCluster": { + "privilege": "CreateGlobalCluster", + "description": "Grants permission to create an Aurora global database spread across multiple regions", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-cluster": { + "resource_type": "global-cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "global-cluster": "global-cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateGlobalCluster.html" + }, + "CreateOptionGroup": { + "privilege": "CreateOptionGroup", + "description": "Grants permission to create a new option group", + "access_level": "Write", + "resource_types": { + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:AddTagsToResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "og": "og", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateOptionGroup.html" + }, + "CrossRegionCommunication": { + "privilege": "CrossRegionCommunication", + "description": "Grants permission to access a resource in the remote Region when executing cross-Region operations, such as cross-Region snapshot copy or cross-Region read replica creation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions" + }, + "DeleteBlueGreenDeployment": { + "privilege": "DeleteBlueGreenDeployment", + "description": "Grants permission to delete blue green deployments", + "access_level": "Write", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:DeleteDBCluster", + "rds:DeleteDBClusterEndpoint", + "rds:DeleteDBInstance" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deployment": "deployment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteBlueGreenDeployment.html" + }, + "DeleteCustomDBEngineVersion": { + "privilege": "DeleteCustomDBEngineVersion", + "description": "Grants permission to delete an existing custom engine version", + "access_level": "Write", + "resource_types": { + "cev": { + "resource_type": "cev", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cev": "cev" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteCustomDBEngineVersion.html" + }, + "DeleteDBCluster": { + "privilege": "DeleteDBCluster", + "description": "Grants permission to delete a previously provisioned DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:DeleteDBInstance" + ] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-snapshot": "cluster-snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBCluster.html" + }, + "DeleteDBClusterEndpoint": { + "privilege": "DeleteDBClusterEndpoint", + "description": "Grants permission to delete a custom endpoint and removes it from an Amazon Aurora DB cluster", + "access_level": "Write", + "resource_types": { + "cluster-endpoint": { + "resource_type": "cluster-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-endpoint": "cluster-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterEndpoint.html" + }, + "DeleteDBClusterParameterGroup": { + "privilege": "DeleteDBClusterParameterGroup", + "description": "Grants permission to delete a specified DB cluster parameter group", + "access_level": "Write", + "resource_types": { + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-pg": "cluster-pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterParameterGroup.html" + }, + "DeleteDBClusterSnapshot": { + "privilege": "DeleteDBClusterSnapshot", + "description": "Grants permission to delete a DB cluster snapshot", + "access_level": "Write", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBClusterSnapshot.html" + }, + "DeleteDBInstance": { + "privilege": "DeleteDBInstance", + "description": "Grants permission to delete a previously provisioned DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstance.html" + }, + "DeleteDBInstanceAutomatedBackup": { + "privilege": "DeleteDBInstanceAutomatedBackup", + "description": "Grants permission to deletes automated backups based on the source instance's DbiResourceId value or the restorable instance's resource ID", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBInstanceAutomatedBackup.html" + }, + "DeleteDBParameterGroup": { + "privilege": "DeleteDBParameterGroup", + "description": "Grants permission to delete a specified DBParameterGroup", + "access_level": "Write", + "resource_types": { + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pg": "pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBParameterGroup.html" + }, + "DeleteDBProxy": { + "privilege": "DeleteDBProxy", + "description": "Grants permission to delete a database proxy", + "access_level": "Write", + "resource_types": { + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proxy": "proxy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxy.html" + }, + "DeleteDBProxyEndpoint": { + "privilege": "DeleteDBProxyEndpoint", + "description": "Grants permission to delete a database proxy endpoint", + "access_level": "Write", + "resource_types": { + "proxy-endpoint": { + "resource_type": "proxy-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proxy-endpoint": "proxy-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBProxyEndpoint.html" + }, + "DeleteDBSecurityGroup": { + "privilege": "DeleteDBSecurityGroup", + "description": "Grants permission to delete a DB security group", + "access_level": "Write", + "resource_types": { + "secgrp": { + "resource_type": "secgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secgrp": "secgrp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSecurityGroup.html" + }, + "DeleteDBSnapshot": { + "privilege": "DeleteDBSnapshot", + "description": "Grants permission to delete a DBSnapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSnapshot.html" + }, + "DeleteDBSubnetGroup": { + "privilege": "DeleteDBSubnetGroup", + "description": "Grants permission to delete a DB subnet group", + "access_level": "Write", + "resource_types": { + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subgrp": "subgrp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteDBSubnetGroup.html" + }, + "DeleteEventSubscription": { + "privilege": "DeleteEventSubscription", + "description": "Grants permission to delete an RDS event notification subscription", + "access_level": "Write", + "resource_types": { + "es": { + "resource_type": "es", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "es": "es" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteEventSubscription.html" + }, + "DeleteGlobalCluster": { + "privilege": "DeleteGlobalCluster", + "description": "Grants permission to delete a global database cluster", + "access_level": "Write", + "resource_types": { + "global-cluster": { + "resource_type": "global-cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-cluster": "global-cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteGlobalCluster.html" + }, + "DeleteOptionGroup": { + "privilege": "DeleteOptionGroup", + "description": "Grants permission to delete an existing option group", + "access_level": "Write", + "resource_types": { + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "og": "og" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteOptionGroup.html" + }, + "DeregisterDBProxyTargets": { + "privilege": "DeregisterDBProxyTargets", + "description": "Grants permission to remove targets from a database proxy target group", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "target-group": { + "resource_type": "target-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "db": "db", + "proxy": "proxy", + "target-group": "target-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeregisterDBProxyTargets.html" + }, + "DescribeAccountAttributes": { + "privilege": "DescribeAccountAttributes", + "description": "Grants permission to list all of the attributes for a customer account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeAccountAttributes.html" + }, + "DescribeBlueGreenDeployments": { + "privilege": "DescribeBlueGreenDeployments", + "description": "Grants permission to describe blue green deployments", + "access_level": "List", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeBlueGreenDeployments.html" + }, + "DescribeCertificates": { + "privilege": "DescribeCertificates", + "description": "Grants permission to list the set of CA certificates provided by Amazon RDS for this AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeCertificates.html" + }, + "DescribeDBClusterBacktracks": { + "privilege": "DescribeDBClusterBacktracks", + "description": "Grants permission to return information about backtracks for a DB cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterBacktracks.html" + }, + "DescribeDBClusterEndpoints": { + "privilege": "DescribeDBClusterEndpoints", + "description": "Grants permission to return information about endpoints for an Amazon Aurora DB cluster", + "access_level": "List", + "resource_types": { + "cluster-endpoint": { + "resource_type": "cluster-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-endpoint": "cluster-endpoint", + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterEndpoints.html" + }, + "DescribeDBClusterParameterGroups": { + "privilege": "DescribeDBClusterParameterGroups", + "description": "Grants permission to return a list of DBClusterParameterGroup descriptions", + "access_level": "List", + "resource_types": { + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-pg": "cluster-pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameterGroups.html" + }, + "DescribeDBClusterParameters": { + "privilege": "DescribeDBClusterParameters", + "description": "Grants permission to return the detailed parameter list for a particular DB cluster parameter group", + "access_level": "List", + "resource_types": { + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-pg": "cluster-pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterParameters.html" + }, + "DescribeDBClusterSnapshotAttributes": { + "privilege": "DescribeDBClusterSnapshotAttributes", + "description": "Grants permission to return a list of DB cluster snapshot attribute names and values for a manual DB cluster snapshot", + "access_level": "List", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshotAttributes.html" + }, + "DescribeDBClusterSnapshots": { + "privilege": "DescribeDBClusterSnapshots", + "description": "Grants permission to return information about DB cluster snapshots", + "access_level": "List", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusterSnapshots.html" + }, + "DescribeDBClusters": { + "privilege": "DescribeDBClusters", + "description": "Grants permission to return information about provisioned Aurora DB clusters", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html" + }, + "DescribeDBEngineVersions": { + "privilege": "DescribeDBEngineVersions", + "description": "Grants permission to return a list of the available DB engines", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBEngineVersions.html" + }, + "DescribeDBInstanceAutomatedBackups": { + "privilege": "DescribeDBInstanceAutomatedBackups", + "description": "Grants permission to return a list of automated backups for both current and deleted instances", + "access_level": "List", + "resource_types": { + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstanceAutomatedBackups.html" + }, + "DescribeDBInstances": { + "privilege": "DescribeDBInstances", + "description": "Grants permission to return information about provisioned RDS instances", + "access_level": "List", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html" + }, + "DescribeDBLogFiles": { + "privilege": "DescribeDBLogFiles", + "description": "Grants permission to return a list of DB log files for the DB instance", + "access_level": "List", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBLogFiles.html" + }, + "DescribeDBParameterGroups": { + "privilege": "DescribeDBParameterGroups", + "description": "Grants permission to return a list of DBParameterGroup descriptions", + "access_level": "List", + "resource_types": { + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pg": "pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameterGroups.html" + }, + "DescribeDBParameters": { + "privilege": "DescribeDBParameters", + "description": "Grants permission to return the detailed parameter list for a particular DB parameter group", + "access_level": "List", + "resource_types": { + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pg": "pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBParameters.html" + }, + "DescribeDBProxies": { + "privilege": "DescribeDBProxies", + "description": "Grants permission to view proxies", + "access_level": "List", + "resource_types": { + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proxy": "proxy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxies.html" + }, + "DescribeDBProxyEndpoints": { + "privilege": "DescribeDBProxyEndpoints", + "description": "Grants permission to view proxy endpoints", + "access_level": "List", + "resource_types": { + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy-endpoint": { + "resource_type": "proxy-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proxy": "proxy", + "proxy-endpoint": "proxy-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyEndpoints.html" + }, + "DescribeDBProxyTargetGroups": { + "privilege": "DescribeDBProxyTargetGroups", + "description": "Grants permission to view database proxy target group details", + "access_level": "List", + "resource_types": { + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proxy": "proxy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargetGroups.html" + }, + "DescribeDBProxyTargets": { + "privilege": "DescribeDBProxyTargets", + "description": "Grants permission to view database proxy target details", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "target-group": { + "resource_type": "target-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "db": "db", + "proxy": "proxy", + "target-group": "target-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBProxyTargets.html" + }, + "DescribeDBSecurityGroups": { + "privilege": "DescribeDBSecurityGroups", + "description": "Grants permission to return a list of DBSecurityGroup descriptions", + "access_level": "List", + "resource_types": { + "secgrp": { + "resource_type": "secgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secgrp": "secgrp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSecurityGroups.html" + }, + "DescribeDBSnapshotAttributes": { + "privilege": "DescribeDBSnapshotAttributes", + "description": "Grants permission to return a list of DB snapshot attribute names and values for a manual DB snapshot", + "access_level": "List", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshotAttributes.html" + }, + "DescribeDBSnapshots": { + "privilege": "DescribeDBSnapshots", + "description": "Grants permission to return information about DB snapshots", + "access_level": "List", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshots.html" + }, + "DescribeDBSubnetGroups": { + "privilege": "DescribeDBSubnetGroups", + "description": "Grants permission to return a list of DBSubnetGroup descriptions", + "access_level": "List", + "resource_types": { + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subgrp": "subgrp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSubnetGroups.html" + }, + "DescribeEngineDefaultClusterParameters": { + "privilege": "DescribeEngineDefaultClusterParameters", + "description": "Grants permission to return the default engine and system parameter information for the cluster database engine", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultClusterParameters.html" + }, + "DescribeEngineDefaultParameters": { + "privilege": "DescribeEngineDefaultParameters", + "description": "Grants permission to return the default engine and system parameter information for the specified database engine", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultParameters.html" + }, + "DescribeEventCategories": { + "privilege": "DescribeEventCategories", + "description": "Grants permission to display a list of categories for all event source types, or, if specified, for a specified source type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventCategories.html" + }, + "DescribeEventSubscriptions": { + "privilege": "DescribeEventSubscriptions", + "description": "Grants permission to list all the subscription descriptions for a customer account", + "access_level": "List", + "resource_types": { + "es": { + "resource_type": "es", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "es": "es" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventSubscriptions.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to return events related to DB instances, DB security groups, DB snapshots, and DB parameter groups for the past 14 days", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEvents.html" + }, + "DescribeExportTasks": { + "privilege": "DescribeExportTasks", + "description": "Grants permission to return information about the export tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeExportTasks.html" + }, + "DescribeGlobalClusters": { + "privilege": "DescribeGlobalClusters", + "description": "Grants permission to return information about Aurora global database clusters", + "access_level": "List", + "resource_types": { + "global-cluster": { + "resource_type": "global-cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-cluster": "global-cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeGlobalClusters.html" + }, + "DescribeOptionGroupOptions": { + "privilege": "DescribeOptionGroupOptions", + "description": "Grants permission to describe all available options", + "access_level": "List", + "resource_types": { + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "og": "og" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroupOptions.html" + }, + "DescribeOptionGroups": { + "privilege": "DescribeOptionGroups", + "description": "Grants permission to describe the available option groups", + "access_level": "List", + "resource_types": { + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "og": "og" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroups.html" + }, + "DescribeOrderableDBInstanceOptions": { + "privilege": "DescribeOrderableDBInstanceOptions", + "description": "Grants permission to return a list of orderable DB instance options for the specified engine", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOrderableDBInstanceOptions.html" + }, + "DescribePendingMaintenanceActions": { + "privilege": "DescribePendingMaintenanceActions", + "description": "Grants permission to return a list of resources (for example, DB instances) that have at least one pending maintenance action", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribePendingMaintenanceActions.html" + }, + "DescribeRecommendationGroups": { + "privilege": "DescribeRecommendationGroups", + "description": "Grants permission to return information about recommendation groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html" + }, + "DescribeRecommendations": { + "privilege": "DescribeRecommendations", + "description": "Grants permission to return information about recommendations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html" + }, + "DescribeReservedDBInstances": { + "privilege": "DescribeReservedDBInstances", + "description": "Grants permission to return information about reserved DB instances for this account, or about a specified reserved DB instance", + "access_level": "List", + "resource_types": { + "ri": { + "resource_type": "ri", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ri": "ri" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstances.html" + }, + "DescribeReservedDBInstancesOfferings": { + "privilege": "DescribeReservedDBInstancesOfferings", + "description": "Grants permission to list available reserved DB instance offerings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeReservedDBInstancesOfferings.html" + }, + "DescribeSourceRegions": { + "privilege": "DescribeSourceRegions", + "description": "Grants permission to return a list of the source AWS Regions where the current AWS Region can create a Read Replica or copy a DB snapshot from", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeSourceRegions.html" + }, + "DescribeValidDBInstanceModifications": { + "privilege": "DescribeValidDBInstanceModifications", + "description": "Grants permission to list available modifications you can make to your DB instance", + "access_level": "List", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeValidDBInstanceModifications.html" + }, + "DownloadCompleteDBLogFile": { + "privilege": "DownloadCompleteDBLogFile", + "description": "Grants permission to download specified log file", + "access_level": "Read", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_LogAccess.html" + }, + "DownloadDBLogFilePortion": { + "privilege": "DownloadDBLogFilePortion", + "description": "Grants permission to download all or a portion of the specified log file, up to 1 MB in size", + "access_level": "Read", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DownloadDBLogFilePortion.html" + }, + "FailoverDBCluster": { + "privilege": "FailoverDBCluster", + "description": "Grants permission to force a failover for a DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_FailoverDBCluster.html" + }, + "FailoverGlobalCluster": { + "privilege": "FailoverGlobalCluster", + "description": "Grants permission to failover a global cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-cluster": { + "resource_type": "global-cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "global-cluster": "global-cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_FailoverGlobalCluster.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags on an Amazon RDS resource", + "access_level": "Read", + "resource_types": { + "cev": { + "resource_type": "cev", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-endpoint": { + "resource_type": "cluster-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "es": { + "resource_type": "es", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy": { + "resource_type": "proxy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy-endpoint": { + "resource_type": "proxy-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ri": { + "resource_type": "ri", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "secgrp": { + "resource_type": "secgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "target-group": { + "resource_type": "target-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cev": "cev", + "cluster": "cluster", + "cluster-endpoint": "cluster-endpoint", + "cluster-pg": "cluster-pg", + "cluster-snapshot": "cluster-snapshot", + "db": "db", + "es": "es", + "og": "og", + "pg": "pg", + "proxy": "proxy", + "proxy-endpoint": "proxy-endpoint", + "ri": "ri", + "secgrp": "secgrp", + "snapshot": "snapshot", + "subgrp": "subgrp", + "target-group": "target-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ListTagsForResource.html" + }, + "ModifyActivityStream": { + "privilege": "ModifyActivityStream", + "description": "Grants permission to modify a database activity stream", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyActivityStream.html" + }, + "ModifyCertificates": { + "privilege": "ModifyCertificates", + "description": "Grants permission to modify the system-default Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate for Amazon RDS for new DB instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCertificates.html" + }, + "ModifyCurrentDBClusterCapacity": { + "privilege": "ModifyCurrentDBClusterCapacity", + "description": "Grants permission to modify current cluster capacity for an Amazon Aurora Severless DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCurrentDBClusterCapacity.html" + }, + "ModifyCustomDBEngineVersion": { + "privilege": "ModifyCustomDBEngineVersion", + "description": "Grants permission to modify an existing custom engine version", + "access_level": "Write", + "resource_types": { + "cev": { + "resource_type": "cev", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cev": "cev" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyCustomDBEngineVersion.html" + }, + "ModifyDBCluster": { + "privilege": "ModifyDBCluster", + "description": "Grants permission to modify a setting for an Amazon Aurora DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "rds:ModifyDBInstance", + "secretsmanager:CreateSecret", + "secretsmanager:RotateSecret", + "secretsmanager:TagResource" + ] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "rds:DatabaseClass", + "rds:StorageSize", + "rds:Piops", + "rds:ManageMasterUserPassword" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-pg": "cluster-pg", + "og": "og", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBCluster.html" + }, + "ModifyDBClusterEndpoint": { + "privilege": "ModifyDBClusterEndpoint", + "description": "Grants permission to modify the properties of an endpoint in an Amazon Aurora DB cluster", + "access_level": "Write", + "resource_types": { + "cluster-endpoint": { + "resource_type": "cluster-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-endpoint": "cluster-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterEndpoint.html" + }, + "ModifyDBClusterParameterGroup": { + "privilege": "ModifyDBClusterParameterGroup", + "description": "Grants permission to modify the parameters of a DB cluster parameter group", + "access_level": "Write", + "resource_types": { + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-pg": "cluster-pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterParameterGroup.html" + }, + "ModifyDBClusterSnapshotAttribute": { + "privilege": "ModifyDBClusterSnapshotAttribute", + "description": "Grants permission to add an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot", + "access_level": "Permissions management", + "resource_types": { + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-snapshot": "cluster-snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html" + }, + "ModifyDBInstance": { + "privilege": "ModifyDBInstance", + "description": "Grants permission to modify settings for a DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "secretsmanager:CreateSecret", + "secretsmanager:RotateSecret", + "secretsmanager:TagResource" + ] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "secgrp": { + "resource_type": "secgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "rds:ManageMasterUserPassword" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db", + "og": "og", + "pg": "pg", + "secgrp": "secgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBInstance.html" + }, + "ModifyDBParameterGroup": { + "privilege": "ModifyDBParameterGroup", + "description": "Grants permission to modify the parameters of a DB parameter group", + "access_level": "Write", + "resource_types": { + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pg": "pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBParameterGroup.html" + }, + "ModifyDBProxy": { + "privilege": "ModifyDBProxy", + "description": "Grants permission to modify database proxy", + "access_level": "Write", + "resource_types": { + "proxy": { + "resource_type": "proxy", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "proxy": "proxy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxy.html" + }, + "ModifyDBProxyEndpoint": { + "privilege": "ModifyDBProxyEndpoint", + "description": "Grants permission to modify database proxy endpoint", + "access_level": "Write", + "resource_types": { + "proxy-endpoint": { + "resource_type": "proxy-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proxy-endpoint": "proxy-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxyEndpoint.html" + }, + "ModifyDBProxyTargetGroup": { + "privilege": "ModifyDBProxyTargetGroup", + "description": "Grants permission to modify target group for a database proxy", + "access_level": "Write", + "resource_types": { + "target-group": { + "resource_type": "target-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "target-group": "target-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBProxyTargetGroup.html" + }, + "ModifyDBSnapshot": { + "privilege": "ModifyDBSnapshot", + "description": "Grants permission to update a manual DB snapshot, which can be encrypted or not encrypted, with a new engine version", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "og": "og" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshot.html" + }, + "ModifyDBSnapshotAttribute": { + "privilege": "ModifyDBSnapshotAttribute", + "description": "Grants permission to add an attribute and values to, or removes an attribute and values from, a manual DB snapshot", + "access_level": "Permissions management", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html" + }, + "ModifyDBSubnetGroup": { + "privilege": "ModifyDBSubnetGroup", + "description": "Grants permission to modify an existing DB subnet group", + "access_level": "Write", + "resource_types": { + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subgrp": "subgrp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSubnetGroup.html" + }, + "ModifyEventSubscription": { + "privilege": "ModifyEventSubscription", + "description": "Grants permission to modify an existing RDS event notification subscription", + "access_level": "Write", + "resource_types": { + "es": { + "resource_type": "es", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "es": "es" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyEventSubscription.html" + }, + "ModifyGlobalCluster": { + "privilege": "ModifyGlobalCluster", + "description": "Grants permission to modify a setting for an Amazon Aurora global cluster", + "access_level": "Write", + "resource_types": { + "global-cluster": { + "resource_type": "global-cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-cluster": "global-cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyGlobalCluster.html" + }, + "ModifyOptionGroup": { + "privilege": "ModifyOptionGroup", + "description": "Grants permission to modify an existing option group", + "access_level": "Write", + "resource_types": { + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "og": "og" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyOptionGroup.html" + }, + "ModifyRecommendation": { + "privilege": "ModifyRecommendation", + "description": "Grants permission to modify recommendation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/USER_Recommendations.html" + }, + "PromoteReadReplica": { + "privilege": "PromoteReadReplica", + "description": "Grants permission to promote a Read Replica DB instance to a standalone DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PromoteReadReplica.html" + }, + "PromoteReadReplicaDBCluster": { + "privilege": "PromoteReadReplicaDBCluster", + "description": "Grants permission to promote a Read Replica DB cluster to a standalone DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PromoteReadReplicaDBCluster.html" + }, + "PurchaseReservedDBInstancesOffering": { + "privilege": "PurchaseReservedDBInstancesOffering", + "description": "Grants permission to purchase a reserved DB instance offering", + "access_level": "Write", + "resource_types": { + "ri": { + "resource_type": "ri", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ri": "ri", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PurchaseReservedDBInstancesOffering.html" + }, + "RebootDBCluster": { + "privilege": "RebootDBCluster", + "description": "Grants permission to reboot a previously provisioned DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:RebootDBInstance" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RebootDBCluster.html" + }, + "RebootDBInstance": { + "privilege": "RebootDBInstance", + "description": "Grants permission to restart the database engine service", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RebootDBInstance.html" + }, + "RegisterDBProxyTargets": { + "privilege": "RegisterDBProxyTargets", + "description": "Grants permission to add targets to a database proxy target group", + "access_level": "Write", + "resource_types": { + "target-group": { + "resource_type": "target-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "target-group": "target-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RegisterDBProxyTargets.html" + }, + "RemoveFromGlobalCluster": { + "privilege": "RemoveFromGlobalCluster", + "description": "Grants permission to detach an Aurora secondary cluster from an Aurora global database cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-cluster": { + "resource_type": "global-cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "global-cluster": "global-cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveFromGlobalCluster.html" + }, + "RemoveRoleFromDBCluster": { + "privilege": "RemoveRoleFromDBCluster", + "description": "Grants permission to disassociate an AWS Identity and Access Management (IAM) role from an Amazon Aurora DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveRoleFromDBCluster.html" + }, + "RemoveRoleFromDBInstance": { + "privilege": "RemoveRoleFromDBInstance", + "description": "Grants permission to disassociate an AWS Identity and Access Management (IAM) role from a DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveRoleFromDBInstance.html" + }, + "RemoveSourceIdentifierFromSubscription": { + "privilege": "RemoveSourceIdentifierFromSubscription", + "description": "Grants permission to remove a source identifier from an existing RDS event notification subscription", + "access_level": "Write", + "resource_types": { + "es": { + "resource_type": "es", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "es": "es" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveSourceIdentifierFromSubscription.html" + }, + "RemoveTagsFromResource": { + "privilege": "RemoveTagsFromResource", + "description": "Grants permission to remove metadata tags from an Amazon RDS resource", + "access_level": "Tagging", + "resource_types": { + "cev": { + "resource_type": "cev", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-endpoint": { + "resource_type": "cluster-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "es": { + "resource_type": "es", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy": { + "resource_type": "proxy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "proxy-endpoint": { + "resource_type": "proxy-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ri": { + "resource_type": "ri", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "secgrp": { + "resource_type": "secgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "target-group": { + "resource_type": "target-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cev": "cev", + "cluster": "cluster", + "cluster-endpoint": "cluster-endpoint", + "cluster-pg": "cluster-pg", + "cluster-snapshot": "cluster-snapshot", + "db": "db", + "deployment": "deployment", + "es": "es", + "og": "og", + "pg": "pg", + "proxy": "proxy", + "proxy-endpoint": "proxy-endpoint", + "ri": "ri", + "secgrp": "secgrp", + "snapshot": "snapshot", + "subgrp": "subgrp", + "target-group": "target-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RemoveTagsFromResource.html" + }, + "ResetDBClusterParameterGroup": { + "privilege": "ResetDBClusterParameterGroup", + "description": "Grants permission to modify the parameters of a DB cluster parameter group to the default value", + "access_level": "Write", + "resource_types": { + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster-pg": "cluster-pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBClusterParameterGroup.html" + }, + "ResetDBParameterGroup": { + "privilege": "ResetDBParameterGroup", + "description": "Grants permission to modify the parameters of a DB parameter group to the engine/system default value", + "access_level": "Write", + "resource_types": { + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pg": "pg" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ResetDBParameterGroup.html" + }, + "RestoreDBClusterFromS3": { + "privilege": "RestoreDBClusterFromS3", + "description": "Grants permission to create an Amazon Aurora DB cluster from data stored in an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "rds:AddTagsToResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}", + "rds:DatabaseEngine", + "rds:DatabaseName", + "rds:StorageEncrypted", + "rds:ManageMasterUserPassword" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-pg": "cluster-pg", + "og": "og", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBClusterFromS3.html" + }, + "RestoreDBClusterFromSnapshot": { + "privilege": "RestoreDBClusterFromSnapshot", + "description": "Grants permission to create a new DB cluster from a DB cluster snapshot", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "rds:AddTagsToResource", + "rds:CreateDBInstance" + ] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster-snapshot": { + "resource_type": "cluster-snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}", + "rds:DatabaseClass", + "rds:StorageSize", + "rds:Piops" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-pg": "cluster-pg", + "cluster-snapshot": "cluster-snapshot", + "og": "og", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBClusterFromSnapshot.html" + }, + "RestoreDBClusterToPointInTime": { + "privilege": "RestoreDBClusterToPointInTime", + "description": "Grants permission to restore a DB cluster to an arbitrary point in time", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "rds:AddTagsToResource", + "rds:CreateDBInstance" + ] + }, + "cluster-pg": { + "resource_type": "cluster-pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}", + "rds:DatabaseClass", + "rds:StorageSize", + "rds:Piops" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "cluster-pg": "cluster-pg", + "og": "og", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBClusterToPointInTime.html" + }, + "RestoreDBInstanceFromDBSnapshot": { + "privilege": "RestoreDBInstanceFromDBSnapshot", + "description": "Grants permission to create a new DB instance from a DB snapshot", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "rds:AddTagsToResource" + ] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "rds:BackupTarget", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db", + "og": "og", + "pg": "pg", + "snapshot": "snapshot", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html" + }, + "RestoreDBInstanceFromS3": { + "privilege": "RestoreDBInstanceFromS3", + "description": "Grants permission to create a new DB instance from an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey", + "rds:AddTagsToResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}", + "rds:ManageMasterUserPassword" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db", + "og": "og", + "pg": "pg", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromS3.html" + }, + "RestoreDBInstanceToPointInTime": { + "privilege": "RestoreDBInstanceToPointInTime", + "description": "Grants permission to restore a DB instance to an arbitrary point in time", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "rds:AddTagsToResource" + ] + }, + "og": { + "resource_type": "og", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pg": { + "resource_type": "pg", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subgrp": { + "resource_type": "subgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "rds:BackupTarget", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db", + "og": "og", + "pg": "pg", + "subgrp": "subgrp", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceToPointInTime.html" + }, + "RevokeDBSecurityGroupIngress": { + "privilege": "RevokeDBSecurityGroupIngress", + "description": "Grants permission to revoke ingress from a DBSecurityGroup for previously authorized IP ranges or EC2 or VPC Security Groups", + "access_level": "Write", + "resource_types": { + "secgrp": { + "resource_type": "secgrp", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secgrp": "secgrp" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RevokeDBSecurityGroupIngress.html" + }, + "StartActivityStream": { + "privilege": "StartActivityStream", + "description": "Grants permission to start Activity Stream", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartActivityStream.html" + }, + "StartDBCluster": { + "privilege": "StartDBCluster", + "description": "Grants permission to start the DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBCluster.html" + }, + "StartDBInstance": { + "privilege": "StartDBInstance", + "description": "Grants permission to start the DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBInstance.html" + }, + "StartDBInstanceAutomatedBackupsReplication": { + "privilege": "StartDBInstanceAutomatedBackupsReplication", + "description": "Grants permission to start replication of automated backups to a different AWS Region", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartDBInstanceAutomatedBackupsReplication.html" + }, + "StartExportTask": { + "privilege": "StartExportTask", + "description": "Grants permission to start a new Export task for a DB snapshot", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StartExportTask.html" + }, + "StopActivityStream": { + "privilege": "StopActivityStream", + "description": "Grants permission to stop Activity Stream", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "db": { + "resource_type": "db", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopActivityStream.html" + }, + "StopDBCluster": { + "privilege": "StopDBCluster", + "description": "Grants permission to stop the DB cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopDBCluster.html" + }, + "StopDBInstance": { + "privilege": "StopDBInstance", + "description": "Grants permission to stop the DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopDBInstance.html" + }, + "StopDBInstanceAutomatedBackupsReplication": { + "privilege": "StopDBInstanceAutomatedBackupsReplication", + "description": "Grants permission to stop automated backup replication for a DB instance", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_StopDBInstanceAutomatedBackupsReplication.html" + }, + "SwitchoverBlueGreenDeployment": { + "privilege": "SwitchoverBlueGreenDeployment", + "description": "Grants permission to switch a blue-green deployment from source instance or cluster to target", + "access_level": "Write", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:PromoteReadReplicaDBCluster" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "rds:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deployment": "deployment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_SwitchoverBlueGreenDeployment.html" + }, + "SwitchoverReadReplica": { + "privilege": "SwitchoverReadReplica", + "description": "Grants permission to switch over a read replica, making it the new primary database", + "access_level": "Write", + "resource_types": { + "db": { + "resource_type": "db", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db": "db" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_SwitchoverReadReplica.html" + } + }, + "privileges_lower_name": { + "addroletodbcluster": "AddRoleToDBCluster", + "addroletodbinstance": "AddRoleToDBInstance", + "addsourceidentifiertosubscription": "AddSourceIdentifierToSubscription", + "addtagstoresource": "AddTagsToResource", + "applypendingmaintenanceaction": "ApplyPendingMaintenanceAction", + "authorizedbsecuritygroupingress": "AuthorizeDBSecurityGroupIngress", + "backtrackdbcluster": "BacktrackDBCluster", + "cancelexporttask": "CancelExportTask", + "copydbclusterparametergroup": "CopyDBClusterParameterGroup", + "copydbclustersnapshot": "CopyDBClusterSnapshot", + "copydbparametergroup": "CopyDBParameterGroup", + "copydbsnapshot": "CopyDBSnapshot", + "copyoptiongroup": "CopyOptionGroup", + "createbluegreendeployment": "CreateBlueGreenDeployment", + "createcustomdbengineversion": "CreateCustomDBEngineVersion", + "createdbcluster": "CreateDBCluster", + "createdbclusterendpoint": "CreateDBClusterEndpoint", + "createdbclusterparametergroup": "CreateDBClusterParameterGroup", + "createdbclustersnapshot": "CreateDBClusterSnapshot", + "createdbinstance": "CreateDBInstance", + "createdbinstancereadreplica": "CreateDBInstanceReadReplica", + "createdbparametergroup": "CreateDBParameterGroup", + "createdbproxy": "CreateDBProxy", + "createdbproxyendpoint": "CreateDBProxyEndpoint", + "createdbsecuritygroup": "CreateDBSecurityGroup", + "createdbsnapshot": "CreateDBSnapshot", + "createdbsubnetgroup": "CreateDBSubnetGroup", + "createeventsubscription": "CreateEventSubscription", + "createglobalcluster": "CreateGlobalCluster", + "createoptiongroup": "CreateOptionGroup", + "crossregioncommunication": "CrossRegionCommunication", + "deletebluegreendeployment": "DeleteBlueGreenDeployment", + "deletecustomdbengineversion": "DeleteCustomDBEngineVersion", + "deletedbcluster": "DeleteDBCluster", + "deletedbclusterendpoint": "DeleteDBClusterEndpoint", + "deletedbclusterparametergroup": "DeleteDBClusterParameterGroup", + "deletedbclustersnapshot": "DeleteDBClusterSnapshot", + "deletedbinstance": "DeleteDBInstance", + "deletedbinstanceautomatedbackup": "DeleteDBInstanceAutomatedBackup", + "deletedbparametergroup": "DeleteDBParameterGroup", + "deletedbproxy": "DeleteDBProxy", + "deletedbproxyendpoint": "DeleteDBProxyEndpoint", + "deletedbsecuritygroup": "DeleteDBSecurityGroup", + "deletedbsnapshot": "DeleteDBSnapshot", + "deletedbsubnetgroup": "DeleteDBSubnetGroup", + "deleteeventsubscription": "DeleteEventSubscription", + "deleteglobalcluster": "DeleteGlobalCluster", + "deleteoptiongroup": "DeleteOptionGroup", + "deregisterdbproxytargets": "DeregisterDBProxyTargets", + "describeaccountattributes": "DescribeAccountAttributes", + "describebluegreendeployments": "DescribeBlueGreenDeployments", + "describecertificates": "DescribeCertificates", + "describedbclusterbacktracks": "DescribeDBClusterBacktracks", + "describedbclusterendpoints": "DescribeDBClusterEndpoints", + "describedbclusterparametergroups": "DescribeDBClusterParameterGroups", + "describedbclusterparameters": "DescribeDBClusterParameters", + "describedbclustersnapshotattributes": "DescribeDBClusterSnapshotAttributes", + "describedbclustersnapshots": "DescribeDBClusterSnapshots", + "describedbclusters": "DescribeDBClusters", + "describedbengineversions": "DescribeDBEngineVersions", + "describedbinstanceautomatedbackups": "DescribeDBInstanceAutomatedBackups", + "describedbinstances": "DescribeDBInstances", + "describedblogfiles": "DescribeDBLogFiles", + "describedbparametergroups": "DescribeDBParameterGroups", + "describedbparameters": "DescribeDBParameters", + "describedbproxies": "DescribeDBProxies", + "describedbproxyendpoints": "DescribeDBProxyEndpoints", + "describedbproxytargetgroups": "DescribeDBProxyTargetGroups", + "describedbproxytargets": "DescribeDBProxyTargets", + "describedbsecuritygroups": "DescribeDBSecurityGroups", + "describedbsnapshotattributes": "DescribeDBSnapshotAttributes", + "describedbsnapshots": "DescribeDBSnapshots", + "describedbsubnetgroups": "DescribeDBSubnetGroups", + "describeenginedefaultclusterparameters": "DescribeEngineDefaultClusterParameters", + "describeenginedefaultparameters": "DescribeEngineDefaultParameters", + "describeeventcategories": "DescribeEventCategories", + "describeeventsubscriptions": "DescribeEventSubscriptions", + "describeevents": "DescribeEvents", + "describeexporttasks": "DescribeExportTasks", + "describeglobalclusters": "DescribeGlobalClusters", + "describeoptiongroupoptions": "DescribeOptionGroupOptions", + "describeoptiongroups": "DescribeOptionGroups", + "describeorderabledbinstanceoptions": "DescribeOrderableDBInstanceOptions", + "describependingmaintenanceactions": "DescribePendingMaintenanceActions", + "describerecommendationgroups": "DescribeRecommendationGroups", + "describerecommendations": "DescribeRecommendations", + "describereserveddbinstances": "DescribeReservedDBInstances", + "describereserveddbinstancesofferings": "DescribeReservedDBInstancesOfferings", + "describesourceregions": "DescribeSourceRegions", + "describevaliddbinstancemodifications": "DescribeValidDBInstanceModifications", + "downloadcompletedblogfile": "DownloadCompleteDBLogFile", + "downloaddblogfileportion": "DownloadDBLogFilePortion", + "failoverdbcluster": "FailoverDBCluster", + "failoverglobalcluster": "FailoverGlobalCluster", + "listtagsforresource": "ListTagsForResource", + "modifyactivitystream": "ModifyActivityStream", + "modifycertificates": "ModifyCertificates", + "modifycurrentdbclustercapacity": "ModifyCurrentDBClusterCapacity", + "modifycustomdbengineversion": "ModifyCustomDBEngineVersion", + "modifydbcluster": "ModifyDBCluster", + "modifydbclusterendpoint": "ModifyDBClusterEndpoint", + "modifydbclusterparametergroup": "ModifyDBClusterParameterGroup", + "modifydbclustersnapshotattribute": "ModifyDBClusterSnapshotAttribute", + "modifydbinstance": "ModifyDBInstance", + "modifydbparametergroup": "ModifyDBParameterGroup", + "modifydbproxy": "ModifyDBProxy", + "modifydbproxyendpoint": "ModifyDBProxyEndpoint", + "modifydbproxytargetgroup": "ModifyDBProxyTargetGroup", + "modifydbsnapshot": "ModifyDBSnapshot", + "modifydbsnapshotattribute": "ModifyDBSnapshotAttribute", + "modifydbsubnetgroup": "ModifyDBSubnetGroup", + "modifyeventsubscription": "ModifyEventSubscription", + "modifyglobalcluster": "ModifyGlobalCluster", + "modifyoptiongroup": "ModifyOptionGroup", + "modifyrecommendation": "ModifyRecommendation", + "promotereadreplica": "PromoteReadReplica", + "promotereadreplicadbcluster": "PromoteReadReplicaDBCluster", + "purchasereserveddbinstancesoffering": "PurchaseReservedDBInstancesOffering", + "rebootdbcluster": "RebootDBCluster", + "rebootdbinstance": "RebootDBInstance", + "registerdbproxytargets": "RegisterDBProxyTargets", + "removefromglobalcluster": "RemoveFromGlobalCluster", + "removerolefromdbcluster": "RemoveRoleFromDBCluster", + "removerolefromdbinstance": "RemoveRoleFromDBInstance", + "removesourceidentifierfromsubscription": "RemoveSourceIdentifierFromSubscription", + "removetagsfromresource": "RemoveTagsFromResource", + "resetdbclusterparametergroup": "ResetDBClusterParameterGroup", + "resetdbparametergroup": "ResetDBParameterGroup", + "restoredbclusterfroms3": "RestoreDBClusterFromS3", + "restoredbclusterfromsnapshot": "RestoreDBClusterFromSnapshot", + "restoredbclustertopointintime": "RestoreDBClusterToPointInTime", + "restoredbinstancefromdbsnapshot": "RestoreDBInstanceFromDBSnapshot", + "restoredbinstancefroms3": "RestoreDBInstanceFromS3", + "restoredbinstancetopointintime": "RestoreDBInstanceToPointInTime", + "revokedbsecuritygroupingress": "RevokeDBSecurityGroupIngress", + "startactivitystream": "StartActivityStream", + "startdbcluster": "StartDBCluster", + "startdbinstance": "StartDBInstance", + "startdbinstanceautomatedbackupsreplication": "StartDBInstanceAutomatedBackupsReplication", + "startexporttask": "StartExportTask", + "stopactivitystream": "StopActivityStream", + "stopdbcluster": "StopDBCluster", + "stopdbinstance": "StopDBInstance", + "stopdbinstanceautomatedbackupsreplication": "StopDBInstanceAutomatedBackupsReplication", + "switchoverbluegreendeployment": "SwitchoverBlueGreenDeployment", + "switchoverreadreplica": "SwitchoverReadReplica" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster:${DbClusterInstanceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:cluster-tag/${TagKey}" + ] + }, + "cluster-endpoint": { + "resource": "cluster-endpoint", + "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster-endpoint:${DbClusterEndpoint}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "cluster-pg": { + "resource": "cluster-pg", + "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster-pg:${ClusterParameterGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:cluster-pg-tag/${TagKey}" + ] + }, + "cluster-snapshot": { + "resource": "cluster-snapshot", + "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster-snapshot:${ClusterSnapshotName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:cluster-snapshot-tag/${TagKey}" + ] + }, + "db": { + "resource": "db", + "arn": "arn:${Partition}:rds:${Region}:${Account}:db:${DbInstanceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:DatabaseClass", + "rds:DatabaseEngine", + "rds:DatabaseName", + "rds:MultiAz", + "rds:Piops", + "rds:StorageEncrypted", + "rds:StorageSize", + "rds:Vpc", + "rds:db-tag/${TagKey}" + ] + }, + "es": { + "resource": "es", + "arn": "arn:${Partition}:rds:${Region}:${Account}:es:${SubscriptionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:es-tag/${TagKey}" + ] + }, + "global-cluster": { + "resource": "global-cluster", + "arn": "arn:${Partition}:rds::${Account}:global-cluster:${GlobalCluster}", + "condition_keys": [] + }, + "og": { + "resource": "og", + "arn": "arn:${Partition}:rds:${Region}:${Account}:og:${OptionGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:og-tag/${TagKey}" + ] + }, + "pg": { + "resource": "pg", + "arn": "arn:${Partition}:rds:${Region}:${Account}:pg:${ParameterGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:pg-tag/${TagKey}" + ] + }, + "proxy": { + "resource": "proxy", + "arn": "arn:${Partition}:rds:${Region}:${Account}:db-proxy:${DbProxyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "proxy-endpoint": { + "resource": "proxy-endpoint", + "arn": "arn:${Partition}:rds:${Region}:${Account}:db-proxy-endpoint:${DbProxyEndpointId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ri": { + "resource": "ri", + "arn": "arn:${Partition}:rds:${Region}:${Account}:ri:${ReservedDbInstanceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:ri-tag/${TagKey}" + ] + }, + "secgrp": { + "resource": "secgrp", + "arn": "arn:${Partition}:rds:${Region}:${Account}:secgrp:${SecurityGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:secgrp-tag/${TagKey}" + ] + }, + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:rds:${Region}:${Account}:snapshot:${SnapshotName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:snapshot-tag/${TagKey}" + ] + }, + "subgrp": { + "resource": "subgrp", + "arn": "arn:${Partition}:rds:${Region}:${Account}:subgrp:${SubnetGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rds:subgrp-tag/${TagKey}" + ] + }, + "target": { + "resource": "target", + "arn": "arn:${Partition}:rds:${Region}:${Account}:target:${TargetId}", + "condition_keys": [] + }, + "target-group": { + "resource": "target-group", + "arn": "arn:${Partition}:rds:${Region}:${Account}:target-group:${TargetGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "cev": { + "resource": "cev", + "arn": "arn:${Partition}:rds:${Region}:${Account}:cev:${Engine}/${EngineVersion}/${CustomDbEngineVersionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deployment": { + "resource": "deployment", + "arn": "arn:${Partition}:rds:${Region}:${Account}:deployment:${BlueGreenDeploymentIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "cluster-endpoint": "cluster-endpoint", + "cluster-pg": "cluster-pg", + "cluster-snapshot": "cluster-snapshot", + "db": "db", + "es": "es", + "global-cluster": "global-cluster", + "og": "og", + "pg": "pg", + "proxy": "proxy", + "proxy-endpoint": "proxy-endpoint", + "ri": "ri", + "secgrp": "secgrp", + "snapshot": "snapshot", + "subgrp": "subgrp", + "target": "target", + "target-group": "target-group", + "cev": "cev", + "deployment": "deployment" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the set of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the set of tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the set of tag keys in the request", + "type": "ArrayOfString" + }, + "rds:BackupTarget": { + "condition": "rds:BackupTarget", + "description": "Filters access by the type of backup target. One of: REGION, OUTPOSTS", + "type": "String" + }, + "rds:CopyOptionGroup": { + "condition": "rds:CopyOptionGroup", + "description": "Filters access by the value that specifies whether the CopyDBSnapshot action requires copying the DB option group", + "type": "Bool" + }, + "rds:DatabaseClass": { + "condition": "rds:DatabaseClass", + "description": "Filters access by the type of DB instance class", + "type": "String" + }, + "rds:DatabaseEngine": { + "condition": "rds:DatabaseEngine", + "description": "Filters access by the database engine. For possible values refer to the engine parameter in CreateDBInstance API", + "type": "String" + }, + "rds:DatabaseName": { + "condition": "rds:DatabaseName", + "description": "Filters access by the user-defined name of the database on the DB instance", + "type": "String" + }, + "rds:EndpointType": { + "condition": "rds:EndpointType", + "description": "Filters access by the type of the endpoint. One of: READER, WRITER, CUSTOM", + "type": "String" + }, + "rds:ManageMasterUserPassword": { + "condition": "rds:ManageMasterUserPassword", + "description": "Filters access by the value that specifies whether RDS manages master user password in AWS Secrets Manager for the DB instance or cluster", + "type": "Bool" + }, + "rds:MultiAz": { + "condition": "rds:MultiAz", + "description": "Filters access by the value that specifies whether the DB instance runs in multiple Availability Zones. To indicate that the DB instance is using Multi-AZ, specify true", + "type": "Bool" + }, + "rds:Piops": { + "condition": "rds:Piops", + "description": "Filters access by the value that contains the number of Provisioned IOPS (PIOPS) that the instance supports. To indicate a DB instance that does not have PIOPS enabled, specify 0", + "type": "Numeric" + }, + "rds:StorageEncrypted": { + "condition": "rds:StorageEncrypted", + "description": "Filters access by the value that specifies whether the DB instance storage should be encrypted. To enforce storage encryption, specify true", + "type": "Bool" + }, + "rds:StorageSize": { + "condition": "rds:StorageSize", + "description": "Filters access by the storage volume size (in GB)", + "type": "Numeric" + }, + "rds:Vpc": { + "condition": "rds:Vpc", + "description": "Filters access by the value that specifies whether the DB instance runs in an Amazon Virtual Private Cloud (Amazon VPC). To indicate that the DB instance runs in an Amazon VPC, specify true", + "type": "Bool" + }, + "rds:cluster-pg-tag/${TagKey}": { + "condition": "rds:cluster-pg-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB cluster parameter group", + "type": "String" + }, + "rds:cluster-snapshot-tag/${TagKey}": { + "condition": "rds:cluster-snapshot-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB cluster snapshot", + "type": "String" + }, + "rds:cluster-tag/${TagKey}": { + "condition": "rds:cluster-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB cluster", + "type": "String" + }, + "rds:db-tag/${TagKey}": { + "condition": "rds:db-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB instance", + "type": "String" + }, + "rds:es-tag/${TagKey}": { + "condition": "rds:es-tag/${TagKey}", + "description": "Filters access by the tag attached to an event subscription", + "type": "String" + }, + "rds:og-tag/${TagKey}": { + "condition": "rds:og-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB option group", + "type": "String" + }, + "rds:pg-tag/${TagKey}": { + "condition": "rds:pg-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB parameter group", + "type": "String" + }, + "rds:req-tag/${TagKey}": { + "condition": "rds:req-tag/${TagKey}", + "description": "Filters access by the set of tag keys and values that can be used to tag a resource", + "type": "String" + }, + "rds:ri-tag/${TagKey}": { + "condition": "rds:ri-tag/${TagKey}", + "description": "Filters access by the tag attached to a reserved DB instance", + "type": "String" + }, + "rds:secgrp-tag/${TagKey}": { + "condition": "rds:secgrp-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB security group", + "type": "String" + }, + "rds:snapshot-tag/${TagKey}": { + "condition": "rds:snapshot-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB snapshot", + "type": "String" + }, + "rds:subgrp-tag/${TagKey}": { + "condition": "rds:subgrp-tag/${TagKey}", + "description": "Filters access by the tag attached to a DB subnet group", + "type": "String" + } + } + }, + "rds-data": { + "service_name": "Amazon RDS Data API", + "prefix": "rds-data", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrdsdataapi.html", + "privileges": { + "BatchExecuteStatement": { + "privilege": "BatchExecuteStatement", + "description": "Grants permission to run a batch SQL statement over an array of data", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_BatchExecuteStatement.html" + }, + "BeginTransaction": { + "privilege": "BeginTransaction", + "description": "Grants permission to start a SQL transaction", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_BeginTransaction.html" + }, + "CommitTransaction": { + "privilege": "CommitTransaction", + "description": "Grants permission to end a SQL transaction started with the BeginTransaction operation and commits the changes", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds-data:BeginTransaction" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_CommitTransaction.html" + }, + "ExecuteSql": { + "privilege": "ExecuteSql", + "description": "Grants permission to run one or more SQL statements. This operation is deprecated. Use the BatchExecuteStatement or ExecuteStatement operation", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_ExecuteSql.html" + }, + "ExecuteStatement": { + "privilege": "ExecuteStatement", + "description": "Grants permission to run a SQL statement against a database", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_ExecuteStatement.html" + }, + "RollbackTransaction": { + "privilege": "RollbackTransaction", + "description": "Grants permission to perform a rollback of a transaction. Rolling back a transaction cancels its changes", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "rds-data:BeginTransaction" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rdsdataservice/latest/APIReference/API_RollbackTransaction.html" + } + }, + "privileges_lower_name": { + "batchexecutestatement": "BatchExecuteStatement", + "begintransaction": "BeginTransaction", + "committransaction": "CommitTransaction", + "executesql": "ExecuteSql", + "executestatement": "ExecuteStatement", + "rollbacktransaction": "RollbackTransaction" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:rds:${Region}:${Account}:cluster:${DbClusterInstanceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster" + }, + "conditions": { + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys associated with the resource", + "type": "ArrayOfString" + } + } + }, + "rds-db": { + "service_name": "Amazon RDS IAM Authentication", + "prefix": "rds-db", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrdsiamauthentication.html", + "privileges": { + "connect": { + "privilege": "connect", + "description": "Allows IAM role or user to connect to RDS database", + "access_level": "Permissions management", + "resource_types": { + "db-user": { + "resource_type": "db-user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "db-user": "db-user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.IAMPolicy.html" + } + }, + "privileges_lower_name": { + "connect": "connect" + }, + "resources": { + "db-user": { + "resource": "db-user", + "arn": "arn:${Partition}:rds-db:${Region}:${Account}:dbuser:${DbiResourceId}/${DbUserName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "db-user": "db-user" + }, + "conditions": {} + }, + "redshift": { + "service_name": "Amazon Redshift", + "prefix": "redshift", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonredshift.html", + "privileges": { + "AcceptReservedNodeExchange": { + "privilege": "AcceptReservedNodeExchange", + "description": "Grants permission to exchange a DC1 reserved node for a DC2 reserved node with no changes to the configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AcceptReservedNodeExchange.html" + }, + "AddPartner": { + "privilege": "AddPartner", + "description": "Grants permission to add a partner integration to a cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AddPartner.html" + }, + "AssociateDataShareConsumer": { + "privilege": "AssociateDataShareConsumer", + "description": "Grants permission to associate a consumer to a datashare", + "access_level": "Write", + "resource_types": { + "datashare": { + "resource_type": "datashare", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift:ConsumerArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datashare": "datashare", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AssociateDataShareConsumer.html" + }, + "AuthorizeClusterSecurityGroupIngress": { + "privilege": "AuthorizeClusterSecurityGroupIngress", + "description": "Grants permission to add an inbound (ingress) rule to an Amazon Redshift security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-ec2securitygroup": { + "resource_type": "securitygroupingress-ec2securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "securitygroupingress-ec2securitygroup": "securitygroupingress-ec2securitygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeClusterSecurityGroupIngress.html" + }, + "AuthorizeDataShare": { + "privilege": "AuthorizeDataShare", + "description": "Grants permission to authorize the specified datashare consumer to consume a datashare", + "access_level": "Permissions management", + "resource_types": { + "datashare": { + "resource_type": "datashare", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift:ConsumerIdentifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datashare": "datashare", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeDataShare.html" + }, + "AuthorizeEndpointAccess": { + "privilege": "AuthorizeEndpointAccess", + "description": "Grants permission to authorize endpoint related activities for redshift-managed vpc endpoint", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeEndpointAccess.html" + }, + "AuthorizeSnapshotAccess": { + "privilege": "AuthorizeSnapshotAccess", + "description": "Grants permission to the specified AWS account to restore a snapshot", + "access_level": "Permissions management", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_AuthorizeSnapshotAccess.html" + }, + "BatchDeleteClusterSnapshots": { + "privilege": "BatchDeleteClusterSnapshots", + "description": "Grants permission to delete snapshots in a batch of size upto 100", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_BatchDeleteClusterSnapshots.html" + }, + "BatchModifyClusterSnapshots": { + "privilege": "BatchModifyClusterSnapshots", + "description": "Grants permission to modify settings for a list of snapshots", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_BatchModifyClusterSnapshots.html" + }, + "CancelQuery": { + "privilege": "CancelQuery", + "description": "Grants permission to cancel a query through the Amazon Redshift console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CancelQuerySession": { + "privilege": "CancelQuerySession", + "description": "Grants permission to see queries in the Amazon Redshift console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CancelResize": { + "privilege": "CancelResize", + "description": "Grants permission to cancel a resize operation", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CancelResize.html" + }, + "CopyClusterSnapshot": { + "privilege": "CopyClusterSnapshot", + "description": "Grants permission to copy a cluster snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CopyClusterSnapshot.html" + }, + "CreateAuthenticationProfile": { + "privilege": "CreateAuthenticationProfile", + "description": "Grants permission to create an Amazon Redshift authentication profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateAuthenticationProfile.html" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateCluster.html" + }, + "CreateClusterParameterGroup": { + "privilege": "CreateClusterParameterGroup", + "description": "Grants permission to create an Amazon Redshift parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterParameterGroup.html" + }, + "CreateClusterSecurityGroup": { + "privilege": "CreateClusterSecurityGroup", + "description": "Grants permission to create an Amazon Redshift security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSecurityGroup.html" + }, + "CreateClusterSnapshot": { + "privilege": "CreateClusterSnapshot", + "description": "Grants permission to create a manual snapshot of the specified cluster", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html" + }, + "CreateClusterSubnetGroup": { + "privilege": "CreateClusterSubnetGroup", + "description": "Grants permission to create an Amazon Redshift subnet group", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSubnetGroup.html" + }, + "CreateClusterUser": { + "privilege": "CreateClusterUser", + "description": "Grants permission to automatically create the specified Amazon Redshift user if it does not exist", + "access_level": "Permissions management", + "resource_types": { + "dbuser": { + "resource_type": "dbuser", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift:DbUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dbuser": "dbuser", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/generating-iam-credentials-role-permissions.html" + }, + "CreateCustomDomainAssociation": { + "privilege": "CreateCustomDomainAssociation", + "description": "Grants permission to create a custom domain name for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "acm:DescribeCertificate" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateCustomDomainAssociation.html" + }, + "CreateEndpointAccess": { + "privilege": "CreateEndpointAccess", + "description": "Grants permission to create a redshift-managed vpc endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateEndpointAccess.html" + }, + "CreateEventSubscription": { + "privilege": "CreateEventSubscription", + "description": "Grants permission to create an Amazon Redshift event notification subscription", + "access_level": "Write", + "resource_types": { + "eventsubscription": { + "resource_type": "eventsubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventsubscription": "eventsubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateEventSubscription.html" + }, + "CreateHsmClientCertificate": { + "privilege": "CreateHsmClientCertificate", + "description": "Grants permission to create an HSM client certificate that a cluster uses to connect to an HSM", + "access_level": "Write", + "resource_types": { + "hsmclientcertificate": { + "resource_type": "hsmclientcertificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hsmclientcertificate": "hsmclientcertificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateHsmClientCertificate.html" + }, + "CreateHsmConfiguration": { + "privilege": "CreateHsmConfiguration", + "description": "Grants permission to create an HSM configuration that contains information required by a cluster to store and use database encryption keys in a hardware security module (HSM)", + "access_level": "Write", + "resource_types": { + "hsmconfiguration": { + "resource_type": "hsmconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hsmconfiguration": "hsmconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateHsmConfiguration.html" + }, + "CreateSavedQuery": { + "privilege": "CreateSavedQuery", + "description": "Grants permission to create saved SQL queries through the Amazon Redshift console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateScheduledAction": { + "privilege": "CreateScheduledAction", + "description": "Grants permission to create an Amazon Redshift scheduled action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateScheduledAction.html" + }, + "CreateSnapshotCopyGrant": { + "privilege": "CreateSnapshotCopyGrant", + "description": "Grants permission to create a snapshot copy grant and encrypt copied snapshots in a destination AWS Region", + "access_level": "Permissions management", + "resource_types": { + "snapshotcopygrant": { + "resource_type": "snapshotcopygrant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshotcopygrant": "snapshotcopygrant", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateSnapshotCopyGrant.html" + }, + "CreateSnapshotSchedule": { + "privilege": "CreateSnapshotSchedule", + "description": "Grants permission to create a snapshot schedule", + "access_level": "Write", + "resource_types": { + "snapshotschedule": { + "resource_type": "snapshotschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshotschedule": "snapshotschedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateSnapshotSchedule.html" + }, + "CreateTags": { + "privilege": "CreateTags", + "description": "Grants permission to add one or more tags to a specified resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbgroup": { + "resource_type": "dbgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbname": { + "resource_type": "dbname", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbuser": { + "resource_type": "dbuser", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "eventsubscription": { + "resource_type": "eventsubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hsmclientcertificate": { + "resource_type": "hsmclientcertificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hsmconfiguration": { + "resource_type": "hsmconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-cidr": { + "resource_type": "securitygroupingress-cidr", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-ec2securitygroup": { + "resource_type": "securitygroupingress-ec2securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshotcopygrant": { + "resource_type": "snapshotcopygrant", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshotschedule": { + "resource_type": "snapshotschedule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usagelimit": { + "resource_type": "usagelimit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "dbgroup": "dbgroup", + "dbname": "dbname", + "dbuser": "dbuser", + "eventsubscription": "eventsubscription", + "hsmclientcertificate": "hsmclientcertificate", + "hsmconfiguration": "hsmconfiguration", + "parametergroup": "parametergroup", + "securitygroup": "securitygroup", + "securitygroupingress-cidr": "securitygroupingress-cidr", + "securitygroupingress-ec2securitygroup": "securitygroupingress-ec2securitygroup", + "snapshot": "snapshot", + "snapshotcopygrant": "snapshotcopygrant", + "snapshotschedule": "snapshotschedule", + "subnetgroup": "subnetgroup", + "usagelimit": "usagelimit", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateTags.html" + }, + "CreateUsageLimit": { + "privilege": "CreateUsageLimit", + "description": "Grants permission to create a usage limit", + "access_level": "Write", + "resource_types": { + "usagelimit": { + "resource_type": "usagelimit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usagelimit": "usagelimit", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateUsageLimit.html" + }, + "DeauthorizeDataShare": { + "privilege": "DeauthorizeDataShare", + "description": "Grants permission to remove permission from the specified datashare consumer to consume a datashare", + "access_level": "Permissions management", + "resource_types": { + "datashare": { + "resource_type": "datashare", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift:ConsumerIdentifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datashare": "datashare", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeauthorizeDataShare.html" + }, + "DeleteAuthenticationProfile": { + "privilege": "DeleteAuthenticationProfile", + "description": "Grants permission to delete an Amazon Redshift authentication profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "API_DeleteAuthenticationProfile.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permission to delete a previously provisioned cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteCluster.html" + }, + "DeleteClusterParameterGroup": { + "privilege": "DeleteClusterParameterGroup", + "description": "Grants permission to delete an Amazon Redshift parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterParameterGroup.html" + }, + "DeleteClusterSecurityGroup": { + "privilege": "DeleteClusterSecurityGroup", + "description": "Grants permission to delete an Amazon Redshift security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterSecurityGroup.html" + }, + "DeleteClusterSnapshot": { + "privilege": "DeleteClusterSnapshot", + "description": "Grants permission to delete a manual snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterSnapshot.html" + }, + "DeleteClusterSubnetGroup": { + "privilege": "DeleteClusterSubnetGroup", + "description": "Grants permission to delete a cluster subnet group", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteClusterSubnetGroup.html" + }, + "DeleteCustomDomainAssociation": { + "privilege": "DeleteCustomDomainAssociation", + "description": "Grants permission to delete a custom domain name for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteCustomDomainAssociation.html" + }, + "DeleteEndpointAccess": { + "privilege": "DeleteEndpointAccess", + "description": "Grants permission to delete a redshift-managed vpc endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteEndpointAccess.html" + }, + "DeleteEventSubscription": { + "privilege": "DeleteEventSubscription", + "description": "Grants permission to delete an Amazon Redshift event notification subscription", + "access_level": "Write", + "resource_types": { + "eventsubscription": { + "resource_type": "eventsubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventsubscription": "eventsubscription" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteEventSubscription.html" + }, + "DeleteHsmClientCertificate": { + "privilege": "DeleteHsmClientCertificate", + "description": "Grants permission to delete an HSM client certificate", + "access_level": "Write", + "resource_types": { + "hsmclientcertificate": { + "resource_type": "hsmclientcertificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hsmclientcertificate": "hsmclientcertificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteHsmClientCertificate.html" + }, + "DeleteHsmConfiguration": { + "privilege": "DeleteHsmConfiguration", + "description": "Grants permission to delete an Amazon Redshift HSM configuration", + "access_level": "Write", + "resource_types": { + "hsmconfiguration": { + "resource_type": "hsmconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hsmconfiguration": "hsmconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteHsmConfiguration.html" + }, + "DeletePartner": { + "privilege": "DeletePartner", + "description": "Grants permission to delete a partner integration from a cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeletePartner.html" + }, + "DeleteSavedQueries": { + "privilege": "DeleteSavedQueries", + "description": "Grants permission to delete saved SQL queries through the Amazon Redshift console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteScheduledAction": { + "privilege": "DeleteScheduledAction", + "description": "Grants permission to delete an Amazon Redshift scheduled action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "API_DeleteScheduledAction.html" + }, + "DeleteSnapshotCopyGrant": { + "privilege": "DeleteSnapshotCopyGrant", + "description": "Grants permission to delete a snapshot copy grant", + "access_level": "Write", + "resource_types": { + "snapshotcopygrant": { + "resource_type": "snapshotcopygrant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshotcopygrant": "snapshotcopygrant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteSnapshotCopyGrant.html" + }, + "DeleteSnapshotSchedule": { + "privilege": "DeleteSnapshotSchedule", + "description": "Grants permission to delete a snapshot schedule", + "access_level": "Write", + "resource_types": { + "snapshotschedule": { + "resource_type": "snapshotschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshotschedule": "snapshotschedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteSnapshotSchedule.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete a tag or tags from a resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbgroup": { + "resource_type": "dbgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbname": { + "resource_type": "dbname", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbuser": { + "resource_type": "dbuser", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "eventsubscription": { + "resource_type": "eventsubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hsmclientcertificate": { + "resource_type": "hsmclientcertificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hsmconfiguration": { + "resource_type": "hsmconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-cidr": { + "resource_type": "securitygroupingress-cidr", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-ec2securitygroup": { + "resource_type": "securitygroupingress-ec2securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshotcopygrant": { + "resource_type": "snapshotcopygrant", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshotschedule": { + "resource_type": "snapshotschedule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usagelimit": { + "resource_type": "usagelimit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "dbgroup": "dbgroup", + "dbname": "dbname", + "dbuser": "dbuser", + "eventsubscription": "eventsubscription", + "hsmclientcertificate": "hsmclientcertificate", + "hsmconfiguration": "hsmconfiguration", + "parametergroup": "parametergroup", + "securitygroup": "securitygroup", + "securitygroupingress-cidr": "securitygroupingress-cidr", + "securitygroupingress-ec2securitygroup": "securitygroupingress-ec2securitygroup", + "snapshot": "snapshot", + "snapshotcopygrant": "snapshotcopygrant", + "snapshotschedule": "snapshotschedule", + "subnetgroup": "subnetgroup", + "usagelimit": "usagelimit", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteTags.html" + }, + "DeleteUsageLimit": { + "privilege": "DeleteUsageLimit", + "description": "Grants permission to delete a usage limit", + "access_level": "Write", + "resource_types": { + "usagelimit": { + "resource_type": "usagelimit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usagelimit": "usagelimit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DeleteUsageLimit.html" + }, + "DescribeAccountAttributes": { + "privilege": "DescribeAccountAttributes", + "description": "Grants permission to describe attributes attached to the specified AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeAccountAttributes.html" + }, + "DescribeAuthenticationProfiles": { + "privilege": "DescribeAuthenticationProfiles", + "description": "Grants permission to describe created Amazon Redshift authentication profiles", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "API_DescribeAuthenticationProfiles.html" + }, + "DescribeClusterDbRevisions": { + "privilege": "DescribeClusterDbRevisions", + "description": "Grants permission to describe database revisions for a cluster", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterDbRevisions.html" + }, + "DescribeClusterParameterGroups": { + "privilege": "DescribeClusterParameterGroups", + "description": "Grants permission to describe Amazon Redshift parameter groups, including parameter groups you created and the default parameter group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterParameterGroups.html" + }, + "DescribeClusterParameters": { + "privilege": "DescribeClusterParameters", + "description": "Grants permission to describe parameters contained within an Amazon Redshift parameter group", + "access_level": "Read", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterParameters.html" + }, + "DescribeClusterSecurityGroups": { + "privilege": "DescribeClusterSecurityGroups", + "description": "Grants permission to describe Amazon Redshift security groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterSecurityGroups.html" + }, + "DescribeClusterSnapshots": { + "privilege": "DescribeClusterSnapshots", + "description": "Grants permission to describe one or more snapshot objects, which contain metadata about your cluster snapshots", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterSnapshots.html" + }, + "DescribeClusterSubnetGroups": { + "privilege": "DescribeClusterSubnetGroups", + "description": "Grants permission to describe one or more cluster subnet group objects, which contain metadata about your cluster subnet groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterSubnetGroups.html" + }, + "DescribeClusterTracks": { + "privilege": "DescribeClusterTracks", + "description": "Grants permission to describe available maintenance tracks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterTracks.html" + }, + "DescribeClusterVersions": { + "privilege": "DescribeClusterVersions", + "description": "Grants permission to describe available Amazon Redshift cluster versions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusterVersions.html" + }, + "DescribeClusters": { + "privilege": "DescribeClusters", + "description": "Grants permission to describe properties of provisioned clusters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeClusters.html" + }, + "DescribeCustomDomainAssociations": { + "privilege": "DescribeCustomDomainAssociations", + "description": "Grants permission to describe custom domain names for a cluster", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeCustomDomainAssociations.html" + }, + "DescribeDataShares": { + "privilege": "DescribeDataShares", + "description": "Grants permission to describe datashares created and consumed by your clusters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDataShares.html" + }, + "DescribeDataSharesForConsumer": { + "privilege": "DescribeDataSharesForConsumer", + "description": "Grants permission to describe only datashares consumed by your clusters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDataSharesForConsumer.html" + }, + "DescribeDataSharesForProducer": { + "privilege": "DescribeDataSharesForProducer", + "description": "Grants permission to describe only datashares created by your clusters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDataSharesForProducer.html" + }, + "DescribeDefaultClusterParameters": { + "privilege": "DescribeDefaultClusterParameters", + "description": "Grants permission to describe parameter settings for a parameter group family", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeDefaultClusterParameters.html" + }, + "DescribeEndpointAccess": { + "privilege": "DescribeEndpointAccess", + "description": "Grants permission to describe redshift-managed vpc endpoints", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEndpointAccess.html" + }, + "DescribeEndpointAuthorization": { + "privilege": "DescribeEndpointAuthorization", + "description": "Grants permission to authorize describe activity for redshift-managed vpc endpoint", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEndpointAuthorization.html" + }, + "DescribeEventCategories": { + "privilege": "DescribeEventCategories", + "description": "Grants permission to describe event categories for all event source types, or for a specified source type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEventCategories.html" + }, + "DescribeEventSubscriptions": { + "privilege": "DescribeEventSubscriptions", + "description": "Grants permission to describe Amazon Redshift event notification subscriptions for the specified AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEventSubscriptions.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to describe events related to clusters, security groups, snapshots, and parameter groups for the past 14 days", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeEvents.html" + }, + "DescribeHsmClientCertificates": { + "privilege": "DescribeHsmClientCertificates", + "description": "Grants permission to describe HSM client certificates", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeHsmClientCertificates.html" + }, + "DescribeHsmConfigurations": { + "privilege": "DescribeHsmConfigurations", + "description": "Grants permission to describe Amazon Redshift HSM configurations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeHsmConfigurations.html" + }, + "DescribeLoggingStatus": { + "privilege": "DescribeLoggingStatus", + "description": "Grants permission to describe whether information, such as queries and connection attempts, is being logged for a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeLoggingStatus.html" + }, + "DescribeNodeConfigurationOptions": { + "privilege": "DescribeNodeConfigurationOptions", + "description": "Grants permission to describe properties of possible node configurations such as node type, number of nodes, and disk usage for the specified action type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeNodeConfigurationOptions.html" + }, + "DescribeOrderableClusterOptions": { + "privilege": "DescribeOrderableClusterOptions", + "description": "Grants permission to describe orderable cluster options", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeOrderableClusterOptions.html" + }, + "DescribePartners": { + "privilege": "DescribePartners", + "description": "Grants permission to retrieve information about the partner integrations defined for a cluster", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribePartners.html" + }, + "DescribeQuery": { + "privilege": "DescribeQuery", + "description": "Grants permission to describe a query through the Amazon Redshift console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DescribeReservedNodeExchangeStatus": { + "privilege": "DescribeReservedNodeExchangeStatus", + "description": "Grants permission to describe exchange status details and associated metadata for a reserved-node exchange. Statuses include such values as in progress and requested", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeReservedNodeExchangeStatus.html" + }, + "DescribeReservedNodeOfferings": { + "privilege": "DescribeReservedNodeOfferings", + "description": "Grants permission to describe available reserved node offerings by Amazon Redshift", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeReservedNodeOfferings.html" + }, + "DescribeReservedNodes": { + "privilege": "DescribeReservedNodes", + "description": "Grants permission to describe the reserved nodes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeReservedNodes.html" + }, + "DescribeResize": { + "privilege": "DescribeResize", + "description": "Grants permission to describe the last resize operation for a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeResize.html" + }, + "DescribeSavedQueries": { + "privilege": "DescribeSavedQueries", + "description": "Grants permission to describe saved queries through the Amazon Redshift console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DescribeScheduledActions": { + "privilege": "DescribeScheduledActions", + "description": "Grants permission to describe created Amazon Redshift scheduled actions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "API_DescribeScheduledActions.html" + }, + "DescribeSnapshotCopyGrants": { + "privilege": "DescribeSnapshotCopyGrants", + "description": "Grants permission to describe snapshot copy grants owned by the specified AWS account in the destination AWS Region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeSnapshotCopyGrants.html" + }, + "DescribeSnapshotSchedules": { + "privilege": "DescribeSnapshotSchedules", + "description": "Grants permission to describe snapshot schedules", + "access_level": "Read", + "resource_types": { + "snapshotschedule": { + "resource_type": "snapshotschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshotschedule": "snapshotschedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeSnapshotSchedules.html" + }, + "DescribeStorage": { + "privilege": "DescribeStorage", + "description": "Grants permission to describe account level backups storage size and provisional storage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeStorage.html" + }, + "DescribeTable": { + "privilege": "DescribeTable", + "description": "Grants permission to describe a table through the Amazon Redshift console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DescribeTableRestoreStatus": { + "privilege": "DescribeTableRestoreStatus", + "description": "Grants permission to describe status of one or more table restore requests made using the RestoreTableFromClusterSnapshot API action", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeTableRestoreStatus.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to describe tags", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbgroup": { + "resource_type": "dbgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbname": { + "resource_type": "dbname", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbuser": { + "resource_type": "dbuser", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "eventsubscription": { + "resource_type": "eventsubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hsmclientcertificate": { + "resource_type": "hsmclientcertificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hsmconfiguration": { + "resource_type": "hsmconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parametergroup": { + "resource_type": "parametergroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroup": { + "resource_type": "securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-cidr": { + "resource_type": "securitygroupingress-cidr", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-ec2securitygroup": { + "resource_type": "securitygroupingress-ec2securitygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshotcopygrant": { + "resource_type": "snapshotcopygrant", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshotschedule": { + "resource_type": "snapshotschedule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subnetgroup": { + "resource_type": "subnetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "usagelimit": { + "resource_type": "usagelimit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "dbgroup": "dbgroup", + "dbname": "dbname", + "dbuser": "dbuser", + "eventsubscription": "eventsubscription", + "hsmclientcertificate": "hsmclientcertificate", + "hsmconfiguration": "hsmconfiguration", + "parametergroup": "parametergroup", + "securitygroup": "securitygroup", + "securitygroupingress-cidr": "securitygroupingress-cidr", + "securitygroupingress-ec2securitygroup": "securitygroupingress-ec2securitygroup", + "snapshot": "snapshot", + "snapshotcopygrant": "snapshotcopygrant", + "snapshotschedule": "snapshotschedule", + "subnetgroup": "subnetgroup", + "usagelimit": "usagelimit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeTags.html" + }, + "DescribeUsageLimits": { + "privilege": "DescribeUsageLimits", + "description": "Grants permission to describe usage limits", + "access_level": "Read", + "resource_types": { + "usagelimit": { + "resource_type": "usagelimit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usagelimit": "usagelimit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DescribeUsageLimits.html" + }, + "DisableLogging": { + "privilege": "DisableLogging", + "description": "Grants permission to disable logging information, such as queries and connection attempts, for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DisableLogging.html" + }, + "DisableSnapshotCopy": { + "privilege": "DisableSnapshotCopy", + "description": "Grants permission to disable the automatic copy of snapshots for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DisableSnapshotCopy.html" + }, + "DisassociateDataShareConsumer": { + "privilege": "DisassociateDataShareConsumer", + "description": "Grants permission to disassociate a consumer from a datashare", + "access_level": "Write", + "resource_types": { + "datashare": { + "resource_type": "datashare", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift:ConsumerArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datashare": "datashare", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_DisassociateDataShareConsumer.html" + }, + "EnableLogging": { + "privilege": "EnableLogging", + "description": "Grants permission to enable logging information, such as queries and connection attempts, for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_EnableLogging.html" + }, + "EnableSnapshotCopy": { + "privilege": "EnableSnapshotCopy", + "description": "Grants permission to enable the automatic copy of snapshots for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_EnableSnapshotCopy.html" + }, + "ExecuteQuery": { + "privilege": "ExecuteQuery", + "description": "Grants permission to execute a query through the Amazon Redshift console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "FetchResults": { + "privilege": "FetchResults", + "description": "Grants permission to fetch query results through the Amazon Redshift console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetClusterCredentials": { + "privilege": "GetClusterCredentials", + "description": "Grants permission to get temporary credentials to access an Amazon Redshift database by the specified AWS account", + "access_level": "Write", + "resource_types": { + "dbuser": { + "resource_type": "dbuser", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "dbgroup": { + "resource_type": "dbgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dbname": { + "resource_type": "dbname", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift:DbName", + "redshift:DbUser", + "redshift:DurationSeconds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dbuser": "dbuser", + "dbgroup": "dbgroup", + "dbname": "dbname", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetClusterCredentials.html" + }, + "GetClusterCredentialsWithIAM": { + "privilege": "GetClusterCredentialsWithIAM", + "description": "Grants permission to get enhanced temporary credentials to access an Amazon Redshift database by the specified AWS account", + "access_level": "Write", + "resource_types": { + "dbname": { + "resource_type": "dbname", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift:DbName", + "redshift:DurationSeconds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dbname": "dbname", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetClusterCredentialsWithIAM.html" + }, + "GetReservedNodeExchangeConfigurationOptions": { + "privilege": "GetReservedNodeExchangeConfigurationOptions", + "description": "Grants permission to get the configuration options for the reserved-node exchange", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetReservedNodeExchangeConfigurationOptions.html" + }, + "GetReservedNodeExchangeOfferings": { + "privilege": "GetReservedNodeExchangeOfferings", + "description": "Grants permission to get an array of DC2 ReservedNodeOfferings that matches the payment type, term, and usage price of the given DC1 reserved node", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetReservedNodeExchangeOfferings.html" + }, + "JoinGroup": { + "privilege": "JoinGroup", + "description": "Grants permission to join the specified Amazon Redshift group", + "access_level": "Permissions management", + "resource_types": { + "dbgroup": { + "resource_type": "dbgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dbgroup": "dbgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_GetClusterCredentials.html" + }, + "ListDatabases": { + "privilege": "ListDatabases", + "description": "Grants permission to list databases through the Amazon Redshift console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListSavedQueries": { + "privilege": "ListSavedQueries", + "description": "Grants permission to list saved queries through the Amazon Redshift console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListSchemas": { + "privilege": "ListSchemas", + "description": "Grants permission to list schemas through the Amazon Redshift console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListTables": { + "privilege": "ListTables", + "description": "Grants permission to list tables through the Amazon Redshift console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ModifyAquaConfiguration": { + "privilege": "ModifyAquaConfiguration", + "description": "Grants permission to modify the AQUA configuration of a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyAquaConfiguration.html" + }, + "ModifyAuthenticationProfile": { + "privilege": "ModifyAuthenticationProfile", + "description": "Grants permission to modify an existing Amazon Redshift authentication profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyAuthenticationProfile.html" + }, + "ModifyCluster": { + "privilege": "ModifyCluster", + "description": "Grants permission to modify the settings of a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "acm:DescribeCertificate" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyCluster.html" + }, + "ModifyClusterDbRevision": { + "privilege": "ModifyClusterDbRevision", + "description": "Grants permission to modify the database revision of a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterDbRevision.html" + }, + "ModifyClusterIamRoles": { + "privilege": "ModifyClusterIamRoles", + "description": "Grants permission to modify the list of AWS Identity and Access Management (IAM) roles that can be used by a cluster to access other AWS services", + "access_level": "Permissions management", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterIamRoles.html" + }, + "ModifyClusterMaintenance": { + "privilege": "ModifyClusterMaintenance", + "description": "Grants permission to modify the maintenance settings of a cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterMaintenance.html" + }, + "ModifyClusterParameterGroup": { + "privilege": "ModifyClusterParameterGroup", + "description": "Grants permission to modify the parameters of a parameter group", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterParameterGroup.html" + }, + "ModifyClusterSnapshot": { + "privilege": "ModifyClusterSnapshot", + "description": "Grants permission to modify the settings of a snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterSnapshot.html" + }, + "ModifyClusterSnapshotSchedule": { + "privilege": "ModifyClusterSnapshotSchedule", + "description": "Grants permission to modify a snapshot schedule for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterSnapshotSchedule.html" + }, + "ModifyClusterSubnetGroup": { + "privilege": "ModifyClusterSubnetGroup", + "description": "Grants permission to modify a cluster subnet group to include the specified list of VPC subnets", + "access_level": "Write", + "resource_types": { + "subnetgroup": { + "resource_type": "subnetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subnetgroup": "subnetgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyClusterSubnetGroup.html" + }, + "ModifyCustomDomainAssociation": { + "privilege": "ModifyCustomDomainAssociation", + "description": "Grants permission to modify a custom domain name for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "acm:DescribeCertificate" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyCustomDomainAssociation.html" + }, + "ModifyEndpointAccess": { + "privilege": "ModifyEndpointAccess", + "description": "Grants permission to modify a redshift-managed vpc endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyEndpointAccess.html" + }, + "ModifyEventSubscription": { + "privilege": "ModifyEventSubscription", + "description": "Grants permission to modify an existing Amazon Redshift event notification subscription", + "access_level": "Write", + "resource_types": { + "eventsubscription": { + "resource_type": "eventsubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventsubscription": "eventsubscription" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyEventSubscription.html" + }, + "ModifySavedQuery": { + "privilege": "ModifySavedQuery", + "description": "Grants permission to modify an existing saved query through the Amazon Redshift console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ModifyScheduledAction": { + "privilege": "ModifyScheduledAction", + "description": "Grants permission to modify an existing Amazon Redshift scheduled action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyScheduledAction.html" + }, + "ModifySnapshotCopyRetentionPeriod": { + "privilege": "ModifySnapshotCopyRetentionPeriod", + "description": "Grants permission to modify the number of days to retain snapshots in the destination AWS Region after they are copied from the source AWS Region", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifySnapshotCopyRetentionPeriod.html" + }, + "ModifySnapshotSchedule": { + "privilege": "ModifySnapshotSchedule", + "description": "Grants permission to modify a snapshot schedule", + "access_level": "Write", + "resource_types": { + "snapshotschedule": { + "resource_type": "snapshotschedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshotschedule": "snapshotschedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifySnapshotSchedule.html" + }, + "ModifyUsageLimit": { + "privilege": "ModifyUsageLimit", + "description": "Grants permission to modify a usage limit", + "access_level": "Write", + "resource_types": { + "usagelimit": { + "resource_type": "usagelimit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usagelimit": "usagelimit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ModifyUsageLimit.html" + }, + "PauseCluster": { + "privilege": "PauseCluster", + "description": "Grants permission to pause a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_PauseCluster.html" + }, + "PurchaseReservedNodeOffering": { + "privilege": "PurchaseReservedNodeOffering", + "description": "Grants permission to purchase a reserved node", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_PurchaseReservedNodeOffering.html" + }, + "RebootCluster": { + "privilege": "RebootCluster", + "description": "Grants permission to reboot a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RebootCluster.html" + }, + "RejectDataShare": { + "privilege": "RejectDataShare", + "description": "Grants permission to decline a datashare shared from another account", + "access_level": "Permissions management", + "resource_types": { + "datashare": { + "resource_type": "datashare", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datashare": "datashare" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RejectDataShare.html" + }, + "ResetClusterParameterGroup": { + "privilege": "ResetClusterParameterGroup", + "description": "Grants permission to set one or more parameters of a parameter group to their default values and set the source values of the parameters to \"engine-default\"", + "access_level": "Write", + "resource_types": { + "parametergroup": { + "resource_type": "parametergroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parametergroup": "parametergroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ResetClusterParameterGroup.html" + }, + "ResizeCluster": { + "privilege": "ResizeCluster", + "description": "Grants permission to change the size of a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ResizeCluster.html" + }, + "RestoreFromClusterSnapshot": { + "privilege": "RestoreFromClusterSnapshot", + "description": "Grants permission to create a cluster from a snapshot", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "snapshot": "snapshot", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RestoreFromClusterSnapshot.html" + }, + "RestoreTableFromClusterSnapshot": { + "privilege": "RestoreTableFromClusterSnapshot", + "description": "Grants permission to create a table from a table in an Amazon Redshift cluster snapshot", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RestoreTableFromClusterSnapshot.html" + }, + "ResumeCluster": { + "privilege": "ResumeCluster", + "description": "Grants permission to resume a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_ResumeCluster.html" + }, + "RevokeClusterSecurityGroupIngress": { + "privilege": "RevokeClusterSecurityGroupIngress", + "description": "Grants permission to revoke an ingress rule in an Amazon Redshift security group for a previously authorized IP range or Amazon EC2 security group", + "access_level": "Write", + "resource_types": { + "securitygroup": { + "resource_type": "securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "securitygroupingress-ec2securitygroup": { + "resource_type": "securitygroupingress-ec2securitygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securitygroup": "securitygroup", + "securitygroupingress-ec2securitygroup": "securitygroupingress-ec2securitygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RevokeClusterSecurityGroupIngress.html" + }, + "RevokeEndpointAccess": { + "privilege": "RevokeEndpointAccess", + "description": "Grants permission to revoke access for endpoint related activities for redshift-managed vpc endpoint", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RevokeEndpointAccess.html" + }, + "RevokeSnapshotAccess": { + "privilege": "RevokeSnapshotAccess", + "description": "Grants permission to revoke access from the specified AWS account to restore a snapshot", + "access_level": "Permissions management", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RevokeSnapshotAccess.html" + }, + "RotateEncryptionKey": { + "privilege": "RotateEncryptionKey", + "description": "Grants permission to rotate an encryption key for a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_RotateEncryptionKey.html" + }, + "UpdatePartnerStatus": { + "privilege": "UpdatePartnerStatus", + "description": "Grants permission to update the status of a partner integration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/APIReference/API_UpdatePartnerStatus.html" + }, + "ViewQueriesFromConsole": { + "privilege": "ViewQueriesFromConsole", + "description": "Grants permission to view query results through the Amazon Redshift console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ViewQueriesInConsole": { + "privilege": "ViewQueriesInConsole", + "description": "Grants permission to terminate running queries and loads through the Amazon Redshift console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + } + }, + "privileges_lower_name": { + "acceptreservednodeexchange": "AcceptReservedNodeExchange", + "addpartner": "AddPartner", + "associatedatashareconsumer": "AssociateDataShareConsumer", + "authorizeclustersecuritygroupingress": "AuthorizeClusterSecurityGroupIngress", + "authorizedatashare": "AuthorizeDataShare", + "authorizeendpointaccess": "AuthorizeEndpointAccess", + "authorizesnapshotaccess": "AuthorizeSnapshotAccess", + "batchdeleteclustersnapshots": "BatchDeleteClusterSnapshots", + "batchmodifyclustersnapshots": "BatchModifyClusterSnapshots", + "cancelquery": "CancelQuery", + "cancelquerysession": "CancelQuerySession", + "cancelresize": "CancelResize", + "copyclustersnapshot": "CopyClusterSnapshot", + "createauthenticationprofile": "CreateAuthenticationProfile", + "createcluster": "CreateCluster", + "createclusterparametergroup": "CreateClusterParameterGroup", + "createclustersecuritygroup": "CreateClusterSecurityGroup", + "createclustersnapshot": "CreateClusterSnapshot", + "createclustersubnetgroup": "CreateClusterSubnetGroup", + "createclusteruser": "CreateClusterUser", + "createcustomdomainassociation": "CreateCustomDomainAssociation", + "createendpointaccess": "CreateEndpointAccess", + "createeventsubscription": "CreateEventSubscription", + "createhsmclientcertificate": "CreateHsmClientCertificate", + "createhsmconfiguration": "CreateHsmConfiguration", + "createsavedquery": "CreateSavedQuery", + "createscheduledaction": "CreateScheduledAction", + "createsnapshotcopygrant": "CreateSnapshotCopyGrant", + "createsnapshotschedule": "CreateSnapshotSchedule", + "createtags": "CreateTags", + "createusagelimit": "CreateUsageLimit", + "deauthorizedatashare": "DeauthorizeDataShare", + "deleteauthenticationprofile": "DeleteAuthenticationProfile", + "deletecluster": "DeleteCluster", + "deleteclusterparametergroup": "DeleteClusterParameterGroup", + "deleteclustersecuritygroup": "DeleteClusterSecurityGroup", + "deleteclustersnapshot": "DeleteClusterSnapshot", + "deleteclustersubnetgroup": "DeleteClusterSubnetGroup", + "deletecustomdomainassociation": "DeleteCustomDomainAssociation", + "deleteendpointaccess": "DeleteEndpointAccess", + "deleteeventsubscription": "DeleteEventSubscription", + "deletehsmclientcertificate": "DeleteHsmClientCertificate", + "deletehsmconfiguration": "DeleteHsmConfiguration", + "deletepartner": "DeletePartner", + "deletesavedqueries": "DeleteSavedQueries", + "deletescheduledaction": "DeleteScheduledAction", + "deletesnapshotcopygrant": "DeleteSnapshotCopyGrant", + "deletesnapshotschedule": "DeleteSnapshotSchedule", + "deletetags": "DeleteTags", + "deleteusagelimit": "DeleteUsageLimit", + "describeaccountattributes": "DescribeAccountAttributes", + "describeauthenticationprofiles": "DescribeAuthenticationProfiles", + "describeclusterdbrevisions": "DescribeClusterDbRevisions", + "describeclusterparametergroups": "DescribeClusterParameterGroups", + "describeclusterparameters": "DescribeClusterParameters", + "describeclustersecuritygroups": "DescribeClusterSecurityGroups", + "describeclustersnapshots": "DescribeClusterSnapshots", + "describeclustersubnetgroups": "DescribeClusterSubnetGroups", + "describeclustertracks": "DescribeClusterTracks", + "describeclusterversions": "DescribeClusterVersions", + "describeclusters": "DescribeClusters", + "describecustomdomainassociations": "DescribeCustomDomainAssociations", + "describedatashares": "DescribeDataShares", + "describedatasharesforconsumer": "DescribeDataSharesForConsumer", + "describedatasharesforproducer": "DescribeDataSharesForProducer", + "describedefaultclusterparameters": "DescribeDefaultClusterParameters", + "describeendpointaccess": "DescribeEndpointAccess", + "describeendpointauthorization": "DescribeEndpointAuthorization", + "describeeventcategories": "DescribeEventCategories", + "describeeventsubscriptions": "DescribeEventSubscriptions", + "describeevents": "DescribeEvents", + "describehsmclientcertificates": "DescribeHsmClientCertificates", + "describehsmconfigurations": "DescribeHsmConfigurations", + "describeloggingstatus": "DescribeLoggingStatus", + "describenodeconfigurationoptions": "DescribeNodeConfigurationOptions", + "describeorderableclusteroptions": "DescribeOrderableClusterOptions", + "describepartners": "DescribePartners", + "describequery": "DescribeQuery", + "describereservednodeexchangestatus": "DescribeReservedNodeExchangeStatus", + "describereservednodeofferings": "DescribeReservedNodeOfferings", + "describereservednodes": "DescribeReservedNodes", + "describeresize": "DescribeResize", + "describesavedqueries": "DescribeSavedQueries", + "describescheduledactions": "DescribeScheduledActions", + "describesnapshotcopygrants": "DescribeSnapshotCopyGrants", + "describesnapshotschedules": "DescribeSnapshotSchedules", + "describestorage": "DescribeStorage", + "describetable": "DescribeTable", + "describetablerestorestatus": "DescribeTableRestoreStatus", + "describetags": "DescribeTags", + "describeusagelimits": "DescribeUsageLimits", + "disablelogging": "DisableLogging", + "disablesnapshotcopy": "DisableSnapshotCopy", + "disassociatedatashareconsumer": "DisassociateDataShareConsumer", + "enablelogging": "EnableLogging", + "enablesnapshotcopy": "EnableSnapshotCopy", + "executequery": "ExecuteQuery", + "fetchresults": "FetchResults", + "getclustercredentials": "GetClusterCredentials", + "getclustercredentialswithiam": "GetClusterCredentialsWithIAM", + "getreservednodeexchangeconfigurationoptions": "GetReservedNodeExchangeConfigurationOptions", + "getreservednodeexchangeofferings": "GetReservedNodeExchangeOfferings", + "joingroup": "JoinGroup", + "listdatabases": "ListDatabases", + "listsavedqueries": "ListSavedQueries", + "listschemas": "ListSchemas", + "listtables": "ListTables", + "modifyaquaconfiguration": "ModifyAquaConfiguration", + "modifyauthenticationprofile": "ModifyAuthenticationProfile", + "modifycluster": "ModifyCluster", + "modifyclusterdbrevision": "ModifyClusterDbRevision", + "modifyclusteriamroles": "ModifyClusterIamRoles", + "modifyclustermaintenance": "ModifyClusterMaintenance", + "modifyclusterparametergroup": "ModifyClusterParameterGroup", + "modifyclustersnapshot": "ModifyClusterSnapshot", + "modifyclustersnapshotschedule": "ModifyClusterSnapshotSchedule", + "modifyclustersubnetgroup": "ModifyClusterSubnetGroup", + "modifycustomdomainassociation": "ModifyCustomDomainAssociation", + "modifyendpointaccess": "ModifyEndpointAccess", + "modifyeventsubscription": "ModifyEventSubscription", + "modifysavedquery": "ModifySavedQuery", + "modifyscheduledaction": "ModifyScheduledAction", + "modifysnapshotcopyretentionperiod": "ModifySnapshotCopyRetentionPeriod", + "modifysnapshotschedule": "ModifySnapshotSchedule", + "modifyusagelimit": "ModifyUsageLimit", + "pausecluster": "PauseCluster", + "purchasereservednodeoffering": "PurchaseReservedNodeOffering", + "rebootcluster": "RebootCluster", + "rejectdatashare": "RejectDataShare", + "resetclusterparametergroup": "ResetClusterParameterGroup", + "resizecluster": "ResizeCluster", + "restorefromclustersnapshot": "RestoreFromClusterSnapshot", + "restoretablefromclustersnapshot": "RestoreTableFromClusterSnapshot", + "resumecluster": "ResumeCluster", + "revokeclustersecuritygroupingress": "RevokeClusterSecurityGroupIngress", + "revokeendpointaccess": "RevokeEndpointAccess", + "revokesnapshotaccess": "RevokeSnapshotAccess", + "rotateencryptionkey": "RotateEncryptionKey", + "updatepartnerstatus": "UpdatePartnerStatus", + "viewqueriesfromconsole": "ViewQueriesFromConsole", + "viewqueriesinconsole": "ViewQueriesInConsole" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:cluster:${ClusterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "datashare": { + "resource": "datashare", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:datashare:${ProducerClusterNamespace}/${DataShareName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dbgroup": { + "resource": "dbgroup", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:dbgroup:${ClusterName}/${DbGroup}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dbname": { + "resource": "dbname", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:dbname:${ClusterName}/${DbName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dbuser": { + "resource": "dbuser", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:dbuser:${ClusterName}/${DbUser}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "eventsubscription": { + "resource": "eventsubscription", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:eventsubscription:${EventSubscriptionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "hsmclientcertificate": { + "resource": "hsmclientcertificate", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:hsmclientcertificate:${HSMClientCertificateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "hsmconfiguration": { + "resource": "hsmconfiguration", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:hsmconfiguration:${HSMConfigurationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "namespace": { + "resource": "namespace", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:namespace:${ProducerClusterNamespace}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "parametergroup": { + "resource": "parametergroup", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:parametergroup:${ParameterGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "securitygroup": { + "resource": "securitygroup", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:securitygroup:${SecurityGroupName}/ec2securitygroup/${Owner}/${Ec2SecurityGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "securitygroupingress-cidr": { + "resource": "securitygroupingress-cidr", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:securitygroupingress:${SecurityGroupName}/cidrip/${IpRange}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "securitygroupingress-ec2securitygroup": { + "resource": "securitygroupingress-ec2securitygroup", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:securitygroupingress:${SecurityGroupName}/ec2securitygroup/${Owner}/${Ece2SecuritygroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:snapshot:${ClusterName}/${SnapshotName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "snapshotcopygrant": { + "resource": "snapshotcopygrant", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:snapshotcopygrant:${SnapshotCopyGrantName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "snapshotschedule": { + "resource": "snapshotschedule", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:snapshotschedule:${ParameterGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "subnetgroup": { + "resource": "subnetgroup", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:subnetgroup:${SubnetGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "usagelimit": { + "resource": "usagelimit", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:usagelimit:${UsageLimitId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "datashare": "datashare", + "dbgroup": "dbgroup", + "dbname": "dbname", + "dbuser": "dbuser", + "eventsubscription": "eventsubscription", + "hsmclientcertificate": "hsmclientcertificate", + "hsmconfiguration": "hsmconfiguration", + "namespace": "namespace", + "parametergroup": "parametergroup", + "securitygroup": "securitygroup", + "securitygroupingress-cidr": "securitygroupingress-cidr", + "securitygroupingress-ec2securitygroup": "securitygroupingress-ec2securitygroup", + "snapshot": "snapshot", + "snapshotcopygrant": "snapshotcopygrant", + "snapshotschedule": "snapshotschedule", + "subnetgroup": "subnetgroup", + "usagelimit": "usagelimit" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by actions based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by actions based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "redshift:ConsumerArn": { + "condition": "redshift:ConsumerArn", + "description": "Filters access by the datashare consumer arn", + "type": "String" + }, + "redshift:ConsumerIdentifier": { + "condition": "redshift:ConsumerIdentifier", + "description": "Filters access by the datashare consumer", + "type": "String" + }, + "redshift:DbName": { + "condition": "redshift:DbName", + "description": "Filters access by the database name", + "type": "String" + }, + "redshift:DbUser": { + "condition": "redshift:DbUser", + "description": "Filters access by the database user name", + "type": "String" + }, + "redshift:DurationSeconds": { + "condition": "redshift:DurationSeconds", + "description": "Filters access by the number of seconds until a temporary credential set expires", + "type": "String" + } + } + }, + "redshift-data": { + "service_name": "Amazon Redshift Data API", + "prefix": "redshift-data", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonredshiftdataapi.html", + "privileges": { + "BatchExecuteStatement": { + "privilege": "BatchExecuteStatement", + "description": "Grants permission to execute multiple queries under a single connection", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_BatchExecuteStatement.html" + }, + "CancelStatement": { + "privilege": "CancelStatement", + "description": "Grants permission to cancel a running query", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift-data:statement-owner-iam-userid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_CancelStatement.html" + }, + "DescribeStatement": { + "privilege": "DescribeStatement", + "description": "Grants permission to retrieve detailed information about a statement execution", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift-data:statement-owner-iam-userid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_DescribeStatement.html" + }, + "DescribeTable": { + "privilege": "DescribeTable", + "description": "Grants permission to retrieve metadata about a particular table", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_DescribeTable.html" + }, + "ExecuteStatement": { + "privilege": "ExecuteStatement", + "description": "Grants permission to execute a query", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ExecuteStatement.html" + }, + "GetStatementResult": { + "privilege": "GetStatementResult", + "description": "Grants permission to fetch the result of a query", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift-data:statement-owner-iam-userid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_GetStatementResult.html" + }, + "ListDatabases": { + "privilege": "ListDatabases", + "description": "Grants permission to list databases for a given cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListDatabases.html" + }, + "ListSchemas": { + "privilege": "ListSchemas", + "description": "Grants permission to list schemas for a given cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListSchemas.html" + }, + "ListStatements": { + "privilege": "ListStatements", + "description": "Grants permission to list queries for a given principal", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "redshift-data:statement-owner-iam-userid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListStatements.html" + }, + "ListTables": { + "privilege": "ListTables", + "description": "Grants permission to list tables for a given cluster", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-data/latest/APIReference/API_ListTables.html" + } + }, + "privileges_lower_name": { + "batchexecutestatement": "BatchExecuteStatement", + "cancelstatement": "CancelStatement", + "describestatement": "DescribeStatement", + "describetable": "DescribeTable", + "executestatement": "ExecuteStatement", + "getstatementresult": "GetStatementResult", + "listdatabases": "ListDatabases", + "listschemas": "ListSchemas", + "liststatements": "ListStatements", + "listtables": "ListTables" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:redshift:${Region}:${Account}:cluster:${ClusterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workgroup": { + "resource": "workgroup", + "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:workgroup/${WorkgroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "workgroup": "workgroup" + }, + "conditions": { + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "redshift-data:statement-owner-iam-userid": { + "condition": "redshift-data:statement-owner-iam-userid", + "description": "Filters access by statement owner iam userid", + "type": "String" + } + } + }, + "redshift-serverless": { + "service_name": "Amazon Redshift Serverless", + "prefix": "redshift-serverless", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonredshiftserverless.html", + "privileges": { + "ConvertRecoveryPointToSnapshot": { + "privilege": "ConvertRecoveryPointToSnapshot", + "description": "Grants permission to convert a recovery point to a snapshot", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint", + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ConvertRecoveryPointToSnapshot.html" + }, + "CreateEndpointAccess": { + "privilege": "CreateEndpointAccess", + "description": "Grants permission to create an Amazon Redshift Serverless managed VPC endpoint", + "access_level": "Write", + "resource_types": { + "endpointAccess": { + "resource_type": "endpointAccess", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointaccess": "endpointAccess" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateEndpointAccess.html" + }, + "CreateNamespace": { + "privilege": "CreateNamespace", + "description": "Grants permission to create an Amazon Redshift Serverless namespace", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateNamespace.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to create a snapshot of all databases in a namespace", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateSnapshot.html" + }, + "CreateUsageLimit": { + "privilege": "CreateUsageLimit", + "description": "Grants permission to create a usage limit for a specified Amazon Redshift Serverless usage type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateUsageLimit.html" + }, + "CreateWorkgroup": { + "privilege": "CreateWorkgroup", + "description": "Grants permission to create a workgroup in Amazon Redshift Serverless", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_CreateWorkgroup.html" + }, + "DeleteEndpointAccess": { + "privilege": "DeleteEndpointAccess", + "description": "Grants permission to delete an Amazon Redshift Serverless managed VPC endpoint", + "access_level": "Write", + "resource_types": { + "endpointAccess": { + "resource_type": "endpointAccess", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointaccess": "endpointAccess" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteEndpointAccess.html" + }, + "DeleteNamespace": { + "privilege": "DeleteNamespace", + "description": "Grants permission to delete a namespace from Amazon Redshift Serverless", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteNamespace.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete the specified resource policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteSnapshot": { + "privilege": "DeleteSnapshot", + "description": "Grants permission to delete a snapshot from Amazon Redshift Serverless", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteSnapshot.html" + }, + "DeleteUsageLimit": { + "privilege": "DeleteUsageLimit", + "description": "Grants permission to delete a usage limit from Amazon Redshift Serverless", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteUsageLimit.html" + }, + "DeleteWorkgroup": { + "privilege": "DeleteWorkgroup", + "description": "Grants permission to delete a workgroup", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_DeleteWorkgroup.html" + }, + "GetCredentials": { + "privilege": "GetCredentials", + "description": "Grants permission to get a database user name and temporary password with temporary authorization to log on to Amazon Redshift Serverless", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetCredentials.html" + }, + "GetEndpointAccess": { + "privilege": "GetEndpointAccess", + "description": "Grants permission to create an Amazon Redshift Serverless managed VPC endpoint", + "access_level": "Read", + "resource_types": { + "endpointAccess": { + "resource_type": "endpointAccess", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointaccess": "endpointAccess" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetEndpointAccess.html" + }, + "GetNamespace": { + "privilege": "GetNamespace", + "description": "Grants permission to get information about a namespace in Amazon Redshift Serverless", + "access_level": "Read", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetNamespace.html" + }, + "GetRecoveryPoint": { + "privilege": "GetRecoveryPoint", + "description": "Grants permission to get information about a recovery point", + "access_level": "Read", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetRecoveryPoint.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to get a resource policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetResourcePolicy.html" + }, + "GetSnapshot": { + "privilege": "GetSnapshot", + "description": "Grants permission to get information about a specific snapshot", + "access_level": "Read", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetSnapshot.html" + }, + "GetTableRestoreStatus": { + "privilege": "GetTableRestoreStatus", + "description": "Grants permission to get table restore status about a specific snapshot", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetTableRestoreStatus.html" + }, + "GetUsageLimit": { + "privilege": "GetUsageLimit", + "description": "Grants permission to get information about a usage limit in Amazon Redshift Serverless", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetUsageLimit.html" + }, + "GetWorkgroup": { + "privilege": "GetWorkgroup", + "description": "Grants permission to get information about a specific workgroup", + "access_level": "Read", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_GetWorkgroup.html" + }, + "ListEndpointAccess": { + "privilege": "ListEndpointAccess", + "description": "Grants permission to list EndpointAccess objects and relevant information", + "access_level": "List", + "resource_types": { + "endpointAccess": { + "resource_type": "endpointAccess", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointaccess": "endpointAccess" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListEndpointAccess.html" + }, + "ListNamespaces": { + "privilege": "ListNamespaces", + "description": "Grants permission to list namespaces in Amazon Redshift Serverless", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListNamespaces.html" + }, + "ListRecoveryPoints": { + "privilege": "ListRecoveryPoints", + "description": "Grants permission to list an array of recovery points", + "access_level": "List", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListRecoveryPoints.html" + }, + "ListSnapshots": { + "privilege": "ListSnapshots", + "description": "Grants permission to list snapshots", + "access_level": "List", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListSnapshots.html" + }, + "ListTableRestoreStatus": { + "privilege": "ListTableRestoreStatus", + "description": "Grants permission to list table restore status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListTableRestoreStatus.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags assigned to a resource", + "access_level": "List", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace", + "workgroup": "workgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListTagsForResource.html" + }, + "ListUsageLimits": { + "privilege": "ListUsageLimits", + "description": "Grants permission to list all usage limits within Amazon Redshift Serverless", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListUsageLimits.html" + }, + "ListWorkgroups": { + "privilege": "ListWorkgroups", + "description": "Grants permission to list workgroups in Amazon Redshift Serverless", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_ListWorkgroups.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create or update a resource policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_PutResourcePolicy.html" + }, + "RestoreFromRecoveryPoint": { + "privilege": "RestoreFromRecoveryPoint", + "description": "Grants permission to restore the data from a recovery point", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_RestoreFromRecoveryPoint.html" + }, + "RestoreFromSnapshot": { + "privilege": "RestoreFromSnapshot", + "description": "Grants permission to restore a namespace from a snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_RestoreFromSnapshot.html" + }, + "RestoreTableFromSnapshot": { + "privilege": "RestoreTableFromSnapshot", + "description": "Grants permission to restore a table from a snapshot", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace", + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_RestoreTableFromSnapshot.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign one or more tags to a resource", + "access_level": "Tagging", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace", + "workgroup": "workgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag or set of tags from a resource", + "access_level": "Tagging", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workgroup": { + "resource_type": "workgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace", + "workgroup": "workgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UntagResource.html" + }, + "UpdateEndpointAccess": { + "privilege": "UpdateEndpointAccess", + "description": "Grants permission to update an Amazon Redshift Serverless managed VPC endpoint", + "access_level": "Write", + "resource_types": { + "endpointAccess": { + "resource_type": "endpointAccess", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointaccess": "endpointAccess" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateEndpointAccess.html" + }, + "UpdateNamespace": { + "privilege": "UpdateNamespace", + "description": "Grants permission to update a namespace with the specified configuration settings", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateNamespace.html" + }, + "UpdateSnapshot": { + "privilege": "UpdateSnapshot", + "description": "Grants permission to update a snapshot", + "access_level": "Write", + "resource_types": { + "snapshot": { + "resource_type": "snapshot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "snapshot": "snapshot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateSnapshot.html" + }, + "UpdateUsageLimit": { + "privilege": "UpdateUsageLimit", + "description": "Grants permission to update a usage limit in Amazon Redshift Serverless", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateUsageLimit.html" + }, + "UpdateWorkgroup": { + "privilege": "UpdateWorkgroup", + "description": "Grants permission to update an Amazon Redshift Serverless workgroup with the specified configuration settings", + "access_level": "Write", + "resource_types": { + "workgroup": { + "resource_type": "workgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workgroup": "workgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_UpdateWorkgroup.html" + } + }, + "privileges_lower_name": { + "convertrecoverypointtosnapshot": "ConvertRecoveryPointToSnapshot", + "createendpointaccess": "CreateEndpointAccess", + "createnamespace": "CreateNamespace", + "createsnapshot": "CreateSnapshot", + "createusagelimit": "CreateUsageLimit", + "createworkgroup": "CreateWorkgroup", + "deleteendpointaccess": "DeleteEndpointAccess", + "deletenamespace": "DeleteNamespace", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deletesnapshot": "DeleteSnapshot", + "deleteusagelimit": "DeleteUsageLimit", + "deleteworkgroup": "DeleteWorkgroup", + "getcredentials": "GetCredentials", + "getendpointaccess": "GetEndpointAccess", + "getnamespace": "GetNamespace", + "getrecoverypoint": "GetRecoveryPoint", + "getresourcepolicy": "GetResourcePolicy", + "getsnapshot": "GetSnapshot", + "gettablerestorestatus": "GetTableRestoreStatus", + "getusagelimit": "GetUsageLimit", + "getworkgroup": "GetWorkgroup", + "listendpointaccess": "ListEndpointAccess", + "listnamespaces": "ListNamespaces", + "listrecoverypoints": "ListRecoveryPoints", + "listsnapshots": "ListSnapshots", + "listtablerestorestatus": "ListTableRestoreStatus", + "listtagsforresource": "ListTagsForResource", + "listusagelimits": "ListUsageLimits", + "listworkgroups": "ListWorkgroups", + "putresourcepolicy": "PutResourcePolicy", + "restorefromrecoverypoint": "RestoreFromRecoveryPoint", + "restorefromsnapshot": "RestoreFromSnapshot", + "restoretablefromsnapshot": "RestoreTableFromSnapshot", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateendpointaccess": "UpdateEndpointAccess", + "updatenamespace": "UpdateNamespace", + "updatesnapshot": "UpdateSnapshot", + "updateusagelimit": "UpdateUsageLimit", + "updateworkgroup": "UpdateWorkgroup" + }, + "resources": { + "namespace": { + "resource": "namespace", + "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:namespace/${NamespaceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "snapshot": { + "resource": "snapshot", + "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:snapshot/${SnapshotId}", + "condition_keys": [] + }, + "workgroup": { + "resource": "workgroup", + "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:workgroup/${WorkgroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "recoveryPoint": { + "resource": "recoveryPoint", + "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:recoverypoint/${RecoveryPointId}", + "condition_keys": [] + }, + "endpointAccess": { + "resource": "endpointAccess", + "arn": "arn:${Partition}:redshift-serverless:${Region}:${Account}:managedvpcendpoint/${EndpointAccessId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "namespace": "namespace", + "snapshot": "snapshot", + "workgroup": "workgroup", + "recoverypoint": "recoveryPoint", + "endpointaccess": "endpointAccess" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "redshift-serverless:endpointAccessId": { + "condition": "redshift-serverless:endpointAccessId", + "description": "Filters access by the endpoint access identifier", + "type": "String" + }, + "redshift-serverless:namespaceId": { + "condition": "redshift-serverless:namespaceId", + "description": "Filters access by the namespace identifier", + "type": "String" + }, + "redshift-serverless:recoveryPointId": { + "condition": "redshift-serverless:recoveryPointId", + "description": "Filters access by the recovery point identifier", + "type": "String" + }, + "redshift-serverless:snapshotId": { + "condition": "redshift-serverless:snapshotId", + "description": "Filters access by the snapshot identifier", + "type": "String" + }, + "redshift-serverless:tableRestoreRequestId": { + "condition": "redshift-serverless:tableRestoreRequestId", + "description": "Filters access by the table restore request identifier", + "type": "String" + }, + "redshift-serverless:workgroupId": { + "condition": "redshift-serverless:workgroupId", + "description": "Filters access by the workgroup identifier", + "type": "String" + } + } + }, + "rekognition": { + "service_name": "Amazon Rekognition", + "prefix": "rekognition", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrekognition.html", + "privileges": { + "AssociateFaces": { + "privilege": "AssociateFaces", + "description": "Grants permission to associate multiple individual faces with a single user", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_AssociateFaces.html" + }, + "CompareFaces": { + "privilege": "CompareFaces", + "description": "Grants permission to compare faces in the source input image with each face detected in the target input image", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CompareFaces.html" + }, + "CopyProjectVersion": { + "privilege": "CopyProjectVersion", + "description": "Grants permission to copy an existing model version to a new model version", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "projectversion": { + "resource_type": "projectversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "projectversion": "projectversion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CopyProjectVersion.html" + }, + "CreateCollection": { + "privilege": "CreateCollection", + "description": "Grants permission to create a collection in an AWS Region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateCollection.html" + }, + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Grants permission to create a new Amazon Rekognition Custom Labels dataset", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateDataset.html" + }, + "CreateFaceLivenessSession": { + "privilege": "CreateFaceLivenessSession", + "description": "Grants permission to create a face liveness session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateFaceLivenessSession.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create an Amazon Rekognition Custom Labels project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateProject.html" + }, + "CreateProjectVersion": { + "privilege": "CreateProjectVersion", + "description": "Grants permission to begin training a new version of a model", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateProjectVersion.html" + }, + "CreateStreamProcessor": { + "privilege": "CreateStreamProcessor", + "description": "Grants permission to create an Amazon Rekognition stream processor", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a new user in a collection using a unique user ID you provide", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateUser.html" + }, + "DeleteCollection": { + "privilege": "DeleteCollection", + "description": "Grants permission to delete the specified collection", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteCollection.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Grants permission to delete an existing Amazon Rekognition Custom Labels dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteDataset.html" + }, + "DeleteFaces": { + "privilege": "DeleteFaces", + "description": "Grants permission to delete faces from a collection", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteFaces.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteProject.html" + }, + "DeleteProjectPolicy": { + "privilege": "DeleteProjectPolicy", + "description": "Grants permission to delete a resource policy attached to a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteProjectPolicy.html" + }, + "DeleteProjectVersion": { + "privilege": "DeleteProjectVersion", + "description": "Grants permission to delete a model", + "access_level": "Write", + "resource_types": { + "projectversion": { + "resource_type": "projectversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "projectversion": "projectversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteProjectVersion.html" + }, + "DeleteStreamProcessor": { + "privilege": "DeleteStreamProcessor", + "description": "Grants permission to delete the specified stream processor", + "access_level": "Write", + "resource_types": { + "streamprocessor": { + "resource_type": "streamprocessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streamprocessor": "streamprocessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteStreamProcessor.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user from a collection based on the provided user ID", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DeleteUser.html" + }, + "DescribeCollection": { + "privilege": "DescribeCollection", + "description": "Grants permission to read details about a collection", + "access_level": "Read", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeCollection.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to describe an Amazon Rekognition Custom Labels dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeDataset.html" + }, + "DescribeProjectVersions": { + "privilege": "DescribeProjectVersions", + "description": "Grants permission to list the versions of a model in an Amazon Rekognition Custom Labels project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeProjectVersions.html" + }, + "DescribeProjects": { + "privilege": "DescribeProjects", + "description": "Grants permission to list Amazon Rekognition Custom Labels projects", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeProjects.html" + }, + "DescribeStreamProcessor": { + "privilege": "DescribeStreamProcessor", + "description": "Grants permission to get information about the specified stream processor", + "access_level": "Read", + "resource_types": { + "streamprocessor": { + "resource_type": "streamprocessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streamprocessor": "streamprocessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DescribeStreamProcessor.html" + }, + "DetectCustomLabels": { + "privilege": "DetectCustomLabels", + "description": "Grants permission to detect custom labels in a supplied image", + "access_level": "Read", + "resource_types": { + "projectversion": { + "resource_type": "projectversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "projectversion": "projectversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectCustomLabels.html" + }, + "DetectFaces": { + "privilege": "DetectFaces", + "description": "Grants permission to detect human faces within an image provided as input", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectFaces.html" + }, + "DetectLabels": { + "privilege": "DetectLabels", + "description": "Grants permission to detect instances of real-world labels within an image provided as input", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectLabels.html" + }, + "DetectModerationLabels": { + "privilege": "DetectModerationLabels", + "description": "Grants permission to detect moderation labels within the input image", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectModerationLabels.html" + }, + "DetectProtectiveEquipment": { + "privilege": "DetectProtectiveEquipment", + "description": "Grants permission to detect Personal Protective Equipment in the input image", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectProtectiveEquipment.html" + }, + "DetectText": { + "privilege": "DetectText", + "description": "Grants permission to detect text in the input image and convert it into machine-readable text", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectText.html" + }, + "DisassociateFaces": { + "privilege": "DisassociateFaces", + "description": "Grants permission to remove the association between a user ID and a face ID", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DisassociateFaces.html" + }, + "DistributeDatasetEntries": { + "privilege": "DistributeDatasetEntries", + "description": "Grants permission to distribute the entries in a training dataset across the training dataset and the test dataset for a project", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DistributeDatasetEntries.html" + }, + "GetCelebrityInfo": { + "privilege": "GetCelebrityInfo", + "description": "Grants permission to read the name, and additional information, of a celebrity", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetCelebrityInfo.html" + }, + "GetCelebrityRecognition": { + "privilege": "GetCelebrityRecognition", + "description": "Grants permission to read the celebrity recognition results found in a stored video by an asynchronous celebrity recognition job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetCelebrityRecognition.html" + }, + "GetContentModeration": { + "privilege": "GetContentModeration", + "description": "Grants permission to read the content moderation analysis results found in a stored video by an asynchronous content moderation job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetContentModeration.html" + }, + "GetFaceDetection": { + "privilege": "GetFaceDetection", + "description": "Grants permission to read the faces detection results found in a stored video by an asynchronous face detection job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetFaceDetection.html" + }, + "GetFaceLivenessSessionResults": { + "privilege": "GetFaceLivenessSessionResults", + "description": "Grants permission to get results of a face liveness session", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetFaceLivenessSessionResults.html" + }, + "GetFaceSearch": { + "privilege": "GetFaceSearch", + "description": "Grants permission to read the matching collection faces found in a stored video by an asynchronous face search job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetFaceSearch.html" + }, + "GetLabelDetection": { + "privilege": "GetLabelDetection", + "description": "Grants permission to read the label detected resuls found in a stored video by an asynchronous label detection job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetLabelDetection.html" + }, + "GetPersonTracking": { + "privilege": "GetPersonTracking", + "description": "Grants permission to read the list of persons detected in a stored video by an asynchronous person tracking job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetPersonTracking.html" + }, + "GetSegmentDetection": { + "privilege": "GetSegmentDetection", + "description": "Grants permission to get the vdeo segments found in a stored video by an asynchronous segment detection job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetSegmentDetection.html" + }, + "GetTextDetection": { + "privilege": "GetTextDetection", + "description": "Grants permission to get the text found in a stored video by an asynchronous text detection job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetTextDetection.html" + }, + "IndexFaces": { + "privilege": "IndexFaces", + "description": "Grants permission to update an existing collection with faces detected in the input image", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_IndexFaces.html" + }, + "ListCollections": { + "privilege": "ListCollections", + "description": "Grants permission to read the collection Id's in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListCollections.html" + }, + "ListDatasetEntries": { + "privilege": "ListDatasetEntries", + "description": "Grants permission to list the dataset entries in an existing Amazon Rekognition Custom Labels dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListDatasetEntries.html" + }, + "ListDatasetLabels": { + "privilege": "ListDatasetLabels", + "description": "Grants permission to list the labels in a dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListDatasetLabels.html" + }, + "ListFaces": { + "privilege": "ListFaces", + "description": "Grants permission to read metadata for faces in the specificed collection", + "access_level": "Read", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListFaces.html" + }, + "ListProjectPolicies": { + "privilege": "ListProjectPolicies", + "description": "Grants permission to list the resource policies attached to a project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListProjectPolicies.html" + }, + "ListStreamProcessors": { + "privilege": "ListStreamProcessors", + "description": "Grants permission to get a list of your stream processors", + "access_level": "List", + "resource_types": { + "streamprocessor": { + "resource_type": "streamprocessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streamprocessor": "streamprocessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListStreamProcessors.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return a list of tags associated with a resource", + "access_level": "Read", + "resource_types": { + "projectversion": { + "resource_type": "projectversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "projectversion": "projectversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListTagsForResource.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list UserIds and the UserStatus", + "access_level": "Read", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListUsers.html" + }, + "PutProjectPolicy": { + "privilege": "PutProjectPolicy", + "description": "Grants permission to attach a resource policy to a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_PutProjectPolicy.html" + }, + "RecognizeCelebrities": { + "privilege": "RecognizeCelebrities", + "description": "Grants permission to detect celebrities in the input image", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RecognizeCelebrities.html" + }, + "SearchFaces": { + "privilege": "SearchFaces", + "description": "Grants permission to search the specificed collection for the supplied face ID", + "access_level": "Read", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchFaces.html" + }, + "SearchFacesByImage": { + "privilege": "SearchFacesByImage", + "description": "Grants permission to search the specificed collection for the largest face in the input image", + "access_level": "Read", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchFacesByImage.html" + }, + "SearchUsers": { + "privilege": "SearchUsers", + "description": "Grants permission to search the specificed collection for user match result with given either face ID or user ID", + "access_level": "Read", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchUsers.html" + }, + "SearchUsersByImage": { + "privilege": "SearchUsersByImage", + "description": "Grants permission to search the specificed collection for user match result by using the largest face in the input image", + "access_level": "Read", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchUsersByImage.html" + }, + "StartCelebrityRecognition": { + "privilege": "StartCelebrityRecognition", + "description": "Grants permission to start the asynchronous recognition of celebrities in a stored video", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartCelebrityRecognition.html" + }, + "StartContentModeration": { + "privilege": "StartContentModeration", + "description": "Grants permission to start asynchronous detection of explicit or suggestive adult content in a stored video", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartContentModeration.html" + }, + "StartFaceDetection": { + "privilege": "StartFaceDetection", + "description": "Grants permission to start asynchronous detection of faces in a stored video", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartFaceDetection.html" + }, + "StartFaceLivenessSession": { + "privilege": "StartFaceLivenessSession", + "description": "Grants permission to start streaming video for a face liveness session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_rekognitionstreaming_StartFaceLivenessSession.html" + }, + "StartFaceSearch": { + "privilege": "StartFaceSearch", + "description": "Grants permission to start an asynchronous search for faces in a collection that match the faces of persons detected in a stored video", + "access_level": "Write", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartFaceSearch.html" + }, + "StartLabelDetection": { + "privilege": "StartLabelDetection", + "description": "Grants permission to start asynchronous detection of labels in a stored video", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartLabelDetection.html" + }, + "StartPersonTracking": { + "privilege": "StartPersonTracking", + "description": "Grants permission to start the asynchronous tracking of persons in a stored video", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartPersonTracking.html" + }, + "StartProjectVersion": { + "privilege": "StartProjectVersion", + "description": "Grants permission to start running a model version", + "access_level": "Write", + "resource_types": { + "projectversion": { + "resource_type": "projectversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "projectversion": "projectversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartProjectVersion.html" + }, + "StartSegmentDetection": { + "privilege": "StartSegmentDetection", + "description": "Grants permission to start the asynchronous detection of segments in a stored video", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartSegmentDetection.html" + }, + "StartStreamProcessor": { + "privilege": "StartStreamProcessor", + "description": "Grants permission to start running a stream processor", + "access_level": "Write", + "resource_types": { + "streamprocessor": { + "resource_type": "streamprocessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streamprocessor": "streamprocessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartStreamProcessor.html" + }, + "StartTextDetection": { + "privilege": "StartTextDetection", + "description": "Grants permission to start the asynchronous detection of text in a stored video", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartTextDetection.html" + }, + "StopProjectVersion": { + "privilege": "StopProjectVersion", + "description": "Grants permission to stop a running model version", + "access_level": "Write", + "resource_types": { + "projectversion": { + "resource_type": "projectversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "projectversion": "projectversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StopProjectVersion.html" + }, + "StopStreamProcessor": { + "privilege": "StopStreamProcessor", + "description": "Grants permission to stop a running stream processor", + "access_level": "Write", + "resource_types": { + "streamprocessor": { + "resource_type": "streamprocessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streamprocessor": "streamprocessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StopStreamProcessor.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a resource", + "access_level": "Tagging", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "projectversion": { + "resource_type": "projectversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streamprocessor": { + "resource_type": "streamprocessor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection", + "projectversion": "projectversion", + "streamprocessor": "streamprocessor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a resource", + "access_level": "Tagging", + "resource_types": { + "collection": { + "resource_type": "collection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "projectversion": { + "resource_type": "projectversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "streamprocessor": { + "resource_type": "streamprocessor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collection": "collection", + "projectversion": "projectversion", + "streamprocessor": "streamprocessor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_UntagResource.html" + }, + "UpdateDatasetEntries": { + "privilege": "UpdateDatasetEntries", + "description": "Grants permission to add or update one or more JSON Lines (entries) in a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_UpdateDatasetEntries.html" + }, + "UpdateStreamProcessor": { + "privilege": "UpdateStreamProcessor", + "description": "Grants permission to modify properties for a stream processor", + "access_level": "Write", + "resource_types": { + "streamprocessor": { + "resource_type": "streamprocessor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "streamprocessor": "streamprocessor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rekognition/latest/APIReference/API_UpdateStreamProcessor.html" + } + }, + "privileges_lower_name": { + "associatefaces": "AssociateFaces", + "comparefaces": "CompareFaces", + "copyprojectversion": "CopyProjectVersion", + "createcollection": "CreateCollection", + "createdataset": "CreateDataset", + "createfacelivenesssession": "CreateFaceLivenessSession", + "createproject": "CreateProject", + "createprojectversion": "CreateProjectVersion", + "createstreamprocessor": "CreateStreamProcessor", + "createuser": "CreateUser", + "deletecollection": "DeleteCollection", + "deletedataset": "DeleteDataset", + "deletefaces": "DeleteFaces", + "deleteproject": "DeleteProject", + "deleteprojectpolicy": "DeleteProjectPolicy", + "deleteprojectversion": "DeleteProjectVersion", + "deletestreamprocessor": "DeleteStreamProcessor", + "deleteuser": "DeleteUser", + "describecollection": "DescribeCollection", + "describedataset": "DescribeDataset", + "describeprojectversions": "DescribeProjectVersions", + "describeprojects": "DescribeProjects", + "describestreamprocessor": "DescribeStreamProcessor", + "detectcustomlabels": "DetectCustomLabels", + "detectfaces": "DetectFaces", + "detectlabels": "DetectLabels", + "detectmoderationlabels": "DetectModerationLabels", + "detectprotectiveequipment": "DetectProtectiveEquipment", + "detecttext": "DetectText", + "disassociatefaces": "DisassociateFaces", + "distributedatasetentries": "DistributeDatasetEntries", + "getcelebrityinfo": "GetCelebrityInfo", + "getcelebrityrecognition": "GetCelebrityRecognition", + "getcontentmoderation": "GetContentModeration", + "getfacedetection": "GetFaceDetection", + "getfacelivenesssessionresults": "GetFaceLivenessSessionResults", + "getfacesearch": "GetFaceSearch", + "getlabeldetection": "GetLabelDetection", + "getpersontracking": "GetPersonTracking", + "getsegmentdetection": "GetSegmentDetection", + "gettextdetection": "GetTextDetection", + "indexfaces": "IndexFaces", + "listcollections": "ListCollections", + "listdatasetentries": "ListDatasetEntries", + "listdatasetlabels": "ListDatasetLabels", + "listfaces": "ListFaces", + "listprojectpolicies": "ListProjectPolicies", + "liststreamprocessors": "ListStreamProcessors", + "listtagsforresource": "ListTagsForResource", + "listusers": "ListUsers", + "putprojectpolicy": "PutProjectPolicy", + "recognizecelebrities": "RecognizeCelebrities", + "searchfaces": "SearchFaces", + "searchfacesbyimage": "SearchFacesByImage", + "searchusers": "SearchUsers", + "searchusersbyimage": "SearchUsersByImage", + "startcelebrityrecognition": "StartCelebrityRecognition", + "startcontentmoderation": "StartContentModeration", + "startfacedetection": "StartFaceDetection", + "startfacelivenesssession": "StartFaceLivenessSession", + "startfacesearch": "StartFaceSearch", + "startlabeldetection": "StartLabelDetection", + "startpersontracking": "StartPersonTracking", + "startprojectversion": "StartProjectVersion", + "startsegmentdetection": "StartSegmentDetection", + "startstreamprocessor": "StartStreamProcessor", + "starttextdetection": "StartTextDetection", + "stopprojectversion": "StopProjectVersion", + "stopstreamprocessor": "StopStreamProcessor", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedatasetentries": "UpdateDatasetEntries", + "updatestreamprocessor": "UpdateStreamProcessor" + }, + "resources": { + "collection": { + "resource": "collection", + "arn": "arn:${Partition}:rekognition:${Region}:${Account}:collection/${CollectionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "streamprocessor": { + "resource": "streamprocessor", + "arn": "arn:${Partition}:rekognition:${Region}:${Account}:streamprocessor/${StreamprocessorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "project": { + "resource": "project", + "arn": "arn:${Partition}:rekognition:${Region}:${Account}:project/${ProjectName}/${CreationTimestamp}", + "condition_keys": [] + }, + "projectversion": { + "resource": "projectversion", + "arn": "arn:${Partition}:rekognition:${Region}:${Account}:project/${ProjectName}/version/${VersionName}/${CreationTimestamp}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dataset": { + "resource": "dataset", + "arn": "arn:${Partition}:rekognition:${Region}:${Account}:project/${ProjectName}/dataset/${DatasetType}/${CreationTimestamp}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "collection": "collection", + "streamprocessor": "streamprocessor", + "project": "project", + "projectversion": "projectversion", + "dataset": "dataset" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "tag": { + "service_name": "Amazon Resource Group Tagging API", + "prefix": "tag", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonresourcegrouptaggingapi.html", + "privileges": { + "DescribeReportCreation": { + "privilege": "DescribeReportCreation", + "description": "Grants permission to describe the status of the StartReportCreation operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_DescribeReportCreation.html" + }, + "GetComplianceSummary": { + "privilege": "GetComplianceSummary", + "description": "Grants permission to retrieve a summary of how many resources are noncompliant with their effective tag policies", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetComplianceSummary.html" + }, + "GetResources": { + "privilege": "GetResources", + "description": "Grants permission to return tagged or previously tagged resources in the specified AWS Region for the calling account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetResources.html" + }, + "GetTagKeys": { + "privilege": "GetTagKeys", + "description": "Grants permission to returns tag keys currently in use in the specified AWS Region for the calling account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetTagKeys.html" + }, + "GetTagValues": { + "privilege": "GetTagValues", + "description": "Grants permission to return tag values for the specified key that are used in the specified AWS Region for the calling account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetTagValues.html" + }, + "StartReportCreation": { + "privilege": "StartReportCreation", + "description": "Grants permission to start generating a report listing all tagged resources in accounts across your organization, and whether each resource is compliant with the effective tag policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_StartReportCreation.html" + }, + "TagResources": { + "privilege": "TagResources", + "description": "Grants permission to apply one or more tags to the specified resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_TagResources.html" + }, + "UntagResources": { + "privilege": "UntagResources", + "description": "Grants permission to remove the specified tags from the specified resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_UntagResources.html" + } + }, + "privileges_lower_name": { + "describereportcreation": "DescribeReportCreation", + "getcompliancesummary": "GetComplianceSummary", + "getresources": "GetResources", + "gettagkeys": "GetTagKeys", + "gettagvalues": "GetTagValues", + "startreportcreation": "StartReportCreation", + "tagresources": "TagResources", + "untagresources": "UntagResources" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "rhelkb": { + "service_name": "Amazon RHEL Knowledgebase Portal", + "prefix": "rhelkb", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonrhelknowledgebaseportal.html", + "privileges": { + "GetRhelURL": { + "privilege": "GetRhelURL", + "description": "Grants permission to access the Red Hat Knowledgebase portal", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rhel.html" + } + }, + "privileges_lower_name": { + "getrhelurl": "GetRhelURL" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "route53": { + "service_name": "Amazon Route 53", + "prefix": "route53", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53.html", + "privileges": { + "ActivateKeySigningKey": { + "privilege": "ActivateKeySigningKey", + "description": "Grants permission to activate a key-signing key so that it can be used for signing by DNSSEC", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ActivateKeySigningKey.html" + }, + "AssociateVPCWithHostedZone": { + "privilege": "AssociateVPCWithHostedZone", + "description": "Grants permission to associate an additional Amazon VPC with a private hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_AssociateVPCWithHostedZone.html" + }, + "ChangeCidrCollection": { + "privilege": "ChangeCidrCollection", + "description": "Grants permission to create or delete CIDR blocks within a CIDR collection", + "access_level": "Write", + "resource_types": { + "cidrcollection": { + "resource_type": "cidrcollection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cidrcollection": "cidrcollection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeCidrCollection.html" + }, + "ChangeResourceRecordSets": { + "privilege": "ChangeResourceRecordSets", + "description": "Grants permission to create, update, or delete a record, which contains authoritative DNS information for a specified domain or subdomain name", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "route53:ChangeResourceRecordSetsNormalizedRecordNames", + "route53:ChangeResourceRecordSetsRecordTypes", + "route53:ChangeResourceRecordSetsActions" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeResourceRecordSets.html" + }, + "ChangeTagsForResource": { + "privilege": "ChangeTagsForResource", + "description": "Grants permission to add, edit, or delete tags for a health check or a hosted zone", + "access_level": "Tagging", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck", + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeTagsForResource.html" + }, + "CreateCidrCollection": { + "privilege": "CreateCidrCollection", + "description": "Grants permission to create a new CIDR collection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateCidrCollection.html" + }, + "CreateHealthCheck": { + "privilege": "CreateHealthCheck", + "description": "Grants permission to create a new health check, which monitors the health and performance of your web applications, web servers, and other resources", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateHealthCheck.html" + }, + "CreateHostedZone": { + "privilege": "CreateHostedZone", + "description": "Grants permission to create a public hosted zone, which you use to specify how the Domain Name System (DNS) routes traffic on the Internet for a domain, such as example.com, and its subdomains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateHostedZone.html" + }, + "CreateKeySigningKey": { + "privilege": "CreateKeySigningKey", + "description": "Grants permission to create a new key-signing key associated with a hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateKeySigningKey.html" + }, + "CreateQueryLoggingConfig": { + "privilege": "CreateQueryLoggingConfig", + "description": "Grants permission to create a configuration for DNS query logging", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateQueryLoggingConfig.html" + }, + "CreateReusableDelegationSet": { + "privilege": "CreateReusableDelegationSet", + "description": "Grants permission to create a delegation set (a group of four name servers) that can be reused by multiple hosted zones", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html" + }, + "CreateTrafficPolicy": { + "privilege": "CreateTrafficPolicy", + "description": "Grants permission to create a traffic policy, which you use to create multiple DNS records for one domain name (such as example.com) or one subdomain name (such as www.example.com)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicy.html" + }, + "CreateTrafficPolicyInstance": { + "privilege": "CreateTrafficPolicyInstance", + "description": "Grants permission to create records in a specified hosted zone based on the settings in a specified traffic policy version", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "trafficpolicy": { + "resource_type": "trafficpolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone", + "trafficpolicy": "trafficpolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicyInstance.html" + }, + "CreateTrafficPolicyVersion": { + "privilege": "CreateTrafficPolicyVersion", + "description": "Grants permission to create a new version of an existing traffic policy", + "access_level": "Write", + "resource_types": { + "trafficpolicy": { + "resource_type": "trafficpolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicy": "trafficpolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicyVersion.html" + }, + "CreateVPCAssociationAuthorization": { + "privilege": "CreateVPCAssociationAuthorization", + "description": "Grants permission to authorize the AWS account that created a specified VPC to submit an AssociateVPCWithHostedZone request, which associates the VPC with a specified hosted zone that was created by a different account", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateVPCAssociationAuthorization.html" + }, + "DeactivateKeySigningKey": { + "privilege": "DeactivateKeySigningKey", + "description": "Grants permission to deactivate a key-signing key so that it will not be used for signing by DNSSEC", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeactivateKeySigningKey.html" + }, + "DeleteCidrCollection": { + "privilege": "DeleteCidrCollection", + "description": "Grants permission to delete a CIDR collection", + "access_level": "Write", + "resource_types": { + "cidrcollection": { + "resource_type": "cidrcollection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cidrcollection": "cidrcollection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteCidrCollection.html" + }, + "DeleteHealthCheck": { + "privilege": "DeleteHealthCheck", + "description": "Grants permission to delete a health check", + "access_level": "Write", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteHealthCheck.html" + }, + "DeleteHostedZone": { + "privilege": "DeleteHostedZone", + "description": "Grants permission to delete a hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteHostedZone.html" + }, + "DeleteKeySigningKey": { + "privilege": "DeleteKeySigningKey", + "description": "Grants permission to delete a key-signing key", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteKeySigningKey.html" + }, + "DeleteQueryLoggingConfig": { + "privilege": "DeleteQueryLoggingConfig", + "description": "Grants permission to delete a configuration for DNS query logging", + "access_level": "Write", + "resource_types": { + "queryloggingconfig": { + "resource_type": "queryloggingconfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queryloggingconfig": "queryloggingconfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html" + }, + "DeleteReusableDelegationSet": { + "privilege": "DeleteReusableDelegationSet", + "description": "Grants permission to delete a reusable delegation set", + "access_level": "Write", + "resource_types": { + "delegationset": { + "resource_type": "delegationset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "delegationset": "delegationset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteReusableDelegationSet.html" + }, + "DeleteTrafficPolicy": { + "privilege": "DeleteTrafficPolicy", + "description": "Grants permission to delete a traffic policy", + "access_level": "Write", + "resource_types": { + "trafficpolicy": { + "resource_type": "trafficpolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicy": "trafficpolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html" + }, + "DeleteTrafficPolicyInstance": { + "privilege": "DeleteTrafficPolicyInstance", + "description": "Grants permission to delete a traffic policy instance and all the records that Route 53 created when you created the instance", + "access_level": "Write", + "resource_types": { + "trafficpolicyinstance": { + "resource_type": "trafficpolicyinstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicyinstance": "trafficpolicyinstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicyInstance.html" + }, + "DeleteVPCAssociationAuthorization": { + "privilege": "DeleteVPCAssociationAuthorization", + "description": "Grants permission to remove authorization for associating an Amazon Virtual Private Cloud with a Route 53 private hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteVPCAssociationAuthorization.html" + }, + "DisableHostedZoneDNSSEC": { + "privilege": "DisableHostedZoneDNSSEC", + "description": "Grants permission to disable DNSSEC signing in a specific hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DisableHostedZoneDNSSEC.html" + }, + "DisassociateVPCFromHostedZone": { + "privilege": "DisassociateVPCFromHostedZone", + "description": "Grants permission to disassociate an Amazon Virtual Private Cloud from a Route 53 private hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_DisassociateVPCFromHostedZone.html" + }, + "EnableHostedZoneDNSSEC": { + "privilege": "EnableHostedZoneDNSSEC", + "description": "Grants permission to enable DNSSEC signing in a specific hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_EnableHostedZoneDNSSEC.html" + }, + "GetAccountLimit": { + "privilege": "GetAccountLimit", + "description": "Grants permission to get the specified limit for the current account, for example, the maximum number of health checks that you can create using the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html" + }, + "GetChange": { + "privilege": "GetChange", + "description": "Grants permission to get the current status of a request to create, update, or delete one or more records", + "access_level": "List", + "resource_types": { + "change": { + "resource_type": "change", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "change": "change" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetChange.html" + }, + "GetCheckerIpRanges": { + "privilege": "GetCheckerIpRanges", + "description": "Grants permission to get a list of the IP ranges that are used by Route 53 health checkers to check the health of your resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetCheckerIpRanges.html" + }, + "GetDNSSEC": { + "privilege": "GetDNSSEC", + "description": "Grants permission to get information about DNSSEC for a specific hosted zone, including the key-signing keys in the hosted zone", + "access_level": "Read", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetDNSSEC.html" + }, + "GetGeoLocation": { + "privilege": "GetGeoLocation", + "description": "Grants permission to get information about whether a specified geographic location is supported for Route 53 geolocation records", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetGeoLocation.html" + }, + "GetHealthCheck": { + "privilege": "GetHealthCheck", + "description": "Grants permission to get information about a specified health check", + "access_level": "Read", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheck.html" + }, + "GetHealthCheckCount": { + "privilege": "GetHealthCheckCount", + "description": "Grants permission to get the number of health checks that are associated with the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheckCount.html" + }, + "GetHealthCheckLastFailureReason": { + "privilege": "GetHealthCheckLastFailureReason", + "description": "Grants permission to get the reason that a specified health check failed most recently", + "access_level": "List", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheckLastFailureReason.html" + }, + "GetHealthCheckStatus": { + "privilege": "GetHealthCheckStatus", + "description": "Grants permission to get the status of a specified health check", + "access_level": "List", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHealthCheckStatus.html" + }, + "GetHostedZone": { + "privilege": "GetHostedZone", + "description": "Grants permission to get information about a specified hosted zone including the four name servers that Route 53 assigned to the hosted zone", + "access_level": "List", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHostedZone.html" + }, + "GetHostedZoneCount": { + "privilege": "GetHostedZoneCount", + "description": "Grants permission to get the number of hosted zones that are associated with the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHostedZoneCount.html" + }, + "GetHostedZoneLimit": { + "privilege": "GetHostedZoneLimit", + "description": "Grants permission to get the specified limit for a specified hosted zone", + "access_level": "Read", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHostedZoneLimit.html" + }, + "GetQueryLoggingConfig": { + "privilege": "GetQueryLoggingConfig", + "description": "Grants permission to get information about a specified configuration for DNS query logging", + "access_level": "Read", + "resource_types": { + "queryloggingconfig": { + "resource_type": "queryloggingconfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queryloggingconfig": "queryloggingconfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetQueryLoggingConfig.html" + }, + "GetReusableDelegationSet": { + "privilege": "GetReusableDelegationSet", + "description": "Grants permission to get information about a specified reusable delegation set, including the four name servers that are assigned to the delegation set", + "access_level": "List", + "resource_types": { + "delegationset": { + "resource_type": "delegationset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "delegationset": "delegationset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetReusableDelegationSet.html" + }, + "GetReusableDelegationSetLimit": { + "privilege": "GetReusableDelegationSetLimit", + "description": "Grants permission to get the maximum number of hosted zones that you can associate with the specified reusable delegation set", + "access_level": "Read", + "resource_types": { + "delegationset": { + "resource_type": "delegationset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "delegationset": "delegationset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetReusableDelegationSetLimit.html" + }, + "GetTrafficPolicy": { + "privilege": "GetTrafficPolicy", + "description": "Grants permission to get information about a specified traffic policy version", + "access_level": "Read", + "resource_types": { + "trafficpolicy": { + "resource_type": "trafficpolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicy": "trafficpolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicy.html" + }, + "GetTrafficPolicyInstance": { + "privilege": "GetTrafficPolicyInstance", + "description": "Grants permission to get information about a specified traffic policy instance", + "access_level": "Read", + "resource_types": { + "trafficpolicyinstance": { + "resource_type": "trafficpolicyinstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicyinstance": "trafficpolicyinstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicyInstance.html" + }, + "GetTrafficPolicyInstanceCount": { + "privilege": "GetTrafficPolicyInstanceCount", + "description": "Grants permission to get the number of traffic policy instances that are associated with the current AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicyInstanceCount.html" + }, + "ListCidrBlocks": { + "privilege": "ListCidrBlocks", + "description": "Grants permission to get a list of the CIDR blocks within a specified CIDR collection", + "access_level": "List", + "resource_types": { + "cidrcollection": { + "resource_type": "cidrcollection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cidrcollection": "cidrcollection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListCidrBlocks.html" + }, + "ListCidrCollections": { + "privilege": "ListCidrCollections", + "description": "Grants permission to get a list of the CIDR collections that are associated with the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListCidrCollections.html" + }, + "ListCidrLocations": { + "privilege": "ListCidrLocations", + "description": "Grants permission to get a list of the CIDR locations that belong to a specified CIDR collection", + "access_level": "List", + "resource_types": { + "cidrcollection": { + "resource_type": "cidrcollection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cidrcollection": "cidrcollection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListCidrLocations.html" + }, + "ListGeoLocations": { + "privilege": "ListGeoLocations", + "description": "Grants permission to get a list of geographic locations that Route 53 supports for geolocation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListGeoLocations.html" + }, + "ListHealthChecks": { + "privilege": "ListHealthChecks", + "description": "Grants permission to get a list of the health checks that are associated with the current AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHealthChecks.html" + }, + "ListHostedZones": { + "privilege": "ListHostedZones", + "description": "Grants permission to get a list of the public and private hosted zones that are associated with the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHostedZones.html" + }, + "ListHostedZonesByName": { + "privilege": "ListHostedZonesByName", + "description": "Grants permission to get a list of your hosted zones in lexicographic order. Hosted zones are sorted by name with the labels reversed, for example, com.example.www", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHostedZonesByName.html" + }, + "ListHostedZonesByVPC": { + "privilege": "ListHostedZonesByVPC", + "description": "Grants permission to get a list of all the private hosted zones that a specified VPC is associated with", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHostedZonesByVPC.html" + }, + "ListQueryLoggingConfigs": { + "privilege": "ListQueryLoggingConfigs", + "description": "Grants permission to list the configurations for DNS query logging that are associated with the current AWS account or the configuration that is associated with a specified hosted zone", + "access_level": "List", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListQueryLoggingConfigs.html" + }, + "ListResourceRecordSets": { + "privilege": "ListResourceRecordSets", + "description": "Grants permission to list the records in a specified hosted zone", + "access_level": "List", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListResourceRecordSets.html" + }, + "ListReusableDelegationSets": { + "privilege": "ListReusableDelegationSets", + "description": "Grants permission to list the reusable delegation sets that are associated with the current AWS account.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListReusableDelegationSets.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for one health check or hosted zone", + "access_level": "Read", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hostedzone": { + "resource_type": "hostedzone", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck", + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTagsForResources": { + "privilege": "ListTagsForResources", + "description": "Grants permission to list tags for up to 10 health checks or hosted zones", + "access_level": "Read", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hostedzone": { + "resource_type": "hostedzone", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck", + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTagsForResources.html" + }, + "ListTrafficPolicies": { + "privilege": "ListTrafficPolicies", + "description": "Grants permission to get information about the latest version for every traffic policy that is associated with the current AWS account. Policies are listed in the order in which they were created", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicies.html" + }, + "ListTrafficPolicyInstances": { + "privilege": "ListTrafficPolicyInstances", + "description": "Grants permission to get information about the traffic policy instances that you created by using the current AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyInstances.html" + }, + "ListTrafficPolicyInstancesByHostedZone": { + "privilege": "ListTrafficPolicyInstancesByHostedZone", + "description": "Grants permission to get information about the traffic policy instances that you created in a specified hosted zone", + "access_level": "List", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyInstancesByHostedZone.html" + }, + "ListTrafficPolicyInstancesByPolicy": { + "privilege": "ListTrafficPolicyInstancesByPolicy", + "description": "Grants permission to get information about the traffic policy instances that you created using a specified traffic policy version", + "access_level": "List", + "resource_types": { + "trafficpolicy": { + "resource_type": "trafficpolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicy": "trafficpolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyInstancesByPolicy.html" + }, + "ListTrafficPolicyVersions": { + "privilege": "ListTrafficPolicyVersions", + "description": "Grants permission to get information about all the versions for a specified traffic policy", + "access_level": "List", + "resource_types": { + "trafficpolicy": { + "resource_type": "trafficpolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicy": "trafficpolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicyVersions.html" + }, + "ListVPCAssociationAuthorizations": { + "privilege": "ListVPCAssociationAuthorizations", + "description": "Grants permission to get a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone", + "access_level": "List", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListVPCAssociationAuthorizations.html" + }, + "TestDNSAnswer": { + "privilege": "TestDNSAnswer", + "description": "Grants permission to get the value that Route 53 returns in response to a DNS query for a specified record name and type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_TestDNSAnswer.html" + }, + "UpdateHealthCheck": { + "privilege": "UpdateHealthCheck", + "description": "Grants permission to update an existing health check", + "access_level": "Write", + "resource_types": { + "healthcheck": { + "resource_type": "healthcheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "healthcheck": "healthcheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html" + }, + "UpdateHostedZoneComment": { + "privilege": "UpdateHostedZoneComment", + "description": "Grants permission to update the comment for a specified hosted zone", + "access_level": "Write", + "resource_types": { + "hostedzone": { + "resource_type": "hostedzone", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hostedzone": "hostedzone" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHostedZoneComment.html" + }, + "UpdateTrafficPolicyComment": { + "privilege": "UpdateTrafficPolicyComment", + "description": "Grants permission to update the comment for a specified traffic policy version", + "access_level": "Write", + "resource_types": { + "trafficpolicy": { + "resource_type": "trafficpolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicy": "trafficpolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateTrafficPolicyComment.html" + }, + "UpdateTrafficPolicyInstance": { + "privilege": "UpdateTrafficPolicyInstance", + "description": "Grants permission to update the records in a specified hosted zone that were created based on the settings in a specified traffic policy version", + "access_level": "Write", + "resource_types": { + "trafficpolicyinstance": { + "resource_type": "trafficpolicyinstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trafficpolicyinstance": "trafficpolicyinstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateTrafficPolicyInstance.html" + } + }, + "privileges_lower_name": { + "activatekeysigningkey": "ActivateKeySigningKey", + "associatevpcwithhostedzone": "AssociateVPCWithHostedZone", + "changecidrcollection": "ChangeCidrCollection", + "changeresourcerecordsets": "ChangeResourceRecordSets", + "changetagsforresource": "ChangeTagsForResource", + "createcidrcollection": "CreateCidrCollection", + "createhealthcheck": "CreateHealthCheck", + "createhostedzone": "CreateHostedZone", + "createkeysigningkey": "CreateKeySigningKey", + "createqueryloggingconfig": "CreateQueryLoggingConfig", + "createreusabledelegationset": "CreateReusableDelegationSet", + "createtrafficpolicy": "CreateTrafficPolicy", + "createtrafficpolicyinstance": "CreateTrafficPolicyInstance", + "createtrafficpolicyversion": "CreateTrafficPolicyVersion", + "createvpcassociationauthorization": "CreateVPCAssociationAuthorization", + "deactivatekeysigningkey": "DeactivateKeySigningKey", + "deletecidrcollection": "DeleteCidrCollection", + "deletehealthcheck": "DeleteHealthCheck", + "deletehostedzone": "DeleteHostedZone", + "deletekeysigningkey": "DeleteKeySigningKey", + "deletequeryloggingconfig": "DeleteQueryLoggingConfig", + "deletereusabledelegationset": "DeleteReusableDelegationSet", + "deletetrafficpolicy": "DeleteTrafficPolicy", + "deletetrafficpolicyinstance": "DeleteTrafficPolicyInstance", + "deletevpcassociationauthorization": "DeleteVPCAssociationAuthorization", + "disablehostedzonednssec": "DisableHostedZoneDNSSEC", + "disassociatevpcfromhostedzone": "DisassociateVPCFromHostedZone", + "enablehostedzonednssec": "EnableHostedZoneDNSSEC", + "getaccountlimit": "GetAccountLimit", + "getchange": "GetChange", + "getcheckeripranges": "GetCheckerIpRanges", + "getdnssec": "GetDNSSEC", + "getgeolocation": "GetGeoLocation", + "gethealthcheck": "GetHealthCheck", + "gethealthcheckcount": "GetHealthCheckCount", + "gethealthchecklastfailurereason": "GetHealthCheckLastFailureReason", + "gethealthcheckstatus": "GetHealthCheckStatus", + "gethostedzone": "GetHostedZone", + "gethostedzonecount": "GetHostedZoneCount", + "gethostedzonelimit": "GetHostedZoneLimit", + "getqueryloggingconfig": "GetQueryLoggingConfig", + "getreusabledelegationset": "GetReusableDelegationSet", + "getreusabledelegationsetlimit": "GetReusableDelegationSetLimit", + "gettrafficpolicy": "GetTrafficPolicy", + "gettrafficpolicyinstance": "GetTrafficPolicyInstance", + "gettrafficpolicyinstancecount": "GetTrafficPolicyInstanceCount", + "listcidrblocks": "ListCidrBlocks", + "listcidrcollections": "ListCidrCollections", + "listcidrlocations": "ListCidrLocations", + "listgeolocations": "ListGeoLocations", + "listhealthchecks": "ListHealthChecks", + "listhostedzones": "ListHostedZones", + "listhostedzonesbyname": "ListHostedZonesByName", + "listhostedzonesbyvpc": "ListHostedZonesByVPC", + "listqueryloggingconfigs": "ListQueryLoggingConfigs", + "listresourcerecordsets": "ListResourceRecordSets", + "listreusabledelegationsets": "ListReusableDelegationSets", + "listtagsforresource": "ListTagsForResource", + "listtagsforresources": "ListTagsForResources", + "listtrafficpolicies": "ListTrafficPolicies", + "listtrafficpolicyinstances": "ListTrafficPolicyInstances", + "listtrafficpolicyinstancesbyhostedzone": "ListTrafficPolicyInstancesByHostedZone", + "listtrafficpolicyinstancesbypolicy": "ListTrafficPolicyInstancesByPolicy", + "listtrafficpolicyversions": "ListTrafficPolicyVersions", + "listvpcassociationauthorizations": "ListVPCAssociationAuthorizations", + "testdnsanswer": "TestDNSAnswer", + "updatehealthcheck": "UpdateHealthCheck", + "updatehostedzonecomment": "UpdateHostedZoneComment", + "updatetrafficpolicycomment": "UpdateTrafficPolicyComment", + "updatetrafficpolicyinstance": "UpdateTrafficPolicyInstance" + }, + "resources": { + "cidrcollection": { + "resource": "cidrcollection", + "arn": "arn:${Partition}:route53:::cidrcollection/${Id}", + "condition_keys": [] + }, + "change": { + "resource": "change", + "arn": "arn:${Partition}:route53:::change/${Id}", + "condition_keys": [] + }, + "delegationset": { + "resource": "delegationset", + "arn": "arn:${Partition}:route53:::delegationset/${Id}", + "condition_keys": [] + }, + "healthcheck": { + "resource": "healthcheck", + "arn": "arn:${Partition}:route53:::healthcheck/${Id}", + "condition_keys": [] + }, + "hostedzone": { + "resource": "hostedzone", + "arn": "arn:${Partition}:route53:::hostedzone/${Id}", + "condition_keys": [] + }, + "trafficpolicy": { + "resource": "trafficpolicy", + "arn": "arn:${Partition}:route53:::trafficpolicy/${Id}", + "condition_keys": [] + }, + "trafficpolicyinstance": { + "resource": "trafficpolicyinstance", + "arn": "arn:${Partition}:route53:::trafficpolicyinstance/${Id}", + "condition_keys": [] + }, + "queryloggingconfig": { + "resource": "queryloggingconfig", + "arn": "arn:${Partition}:route53:::queryloggingconfig/${Id}", + "condition_keys": [] + }, + "vpc": { + "resource": "vpc", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:vpc/${VpcId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "cidrcollection": "cidrcollection", + "change": "change", + "delegationset": "delegationset", + "healthcheck": "healthcheck", + "hostedzone": "hostedzone", + "trafficpolicy": "trafficpolicy", + "trafficpolicyinstance": "trafficpolicyinstance", + "queryloggingconfig": "queryloggingconfig", + "vpc": "vpc" + }, + "conditions": { + "route53:ChangeResourceRecordSetsActions": { + "condition": "route53:ChangeResourceRecordSetsActions", + "description": "Filters access by the change actions, CREATE, UPSERT, or DELETE, in a ChangeResourceRecordSets request", + "type": "ArrayOfString" + }, + "route53:ChangeResourceRecordSetsNormalizedRecordNames": { + "condition": "route53:ChangeResourceRecordSetsNormalizedRecordNames", + "description": "Filters access by the normalized DNS record names in a ChangeResourceRecordSets request", + "type": "ArrayOfString" + }, + "route53:ChangeResourceRecordSetsRecordTypes": { + "condition": "route53:ChangeResourceRecordSetsRecordTypes", + "description": "Filters access by the DNS record types in a ChangeResourceRecordSets request", + "type": "ArrayOfString" + } + } + }, + "arc-zonal-shift": { + "service_name": "Amazon Route 53 Application Recovery Controller - Zonal Shift", + "prefix": "arc-zonal-shift", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53applicationrecoverycontroller-zonalshift.html", + "privileges": { + "CancelZonalShift": { + "privilege": "CancelZonalShift", + "description": "Grants permission to cancel an active zonal shift", + "access_level": "Write", + "resource_types": { + "ALB": { + "resource_type": "ALB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "NLB": { + "resource_type": "NLB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alb": "ALB", + "nlb": "NLB", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_CancelZonalShift.html" + }, + "GetManagedResource": { + "privilege": "GetManagedResource", + "description": "Grants permission to get information about a managed resource", + "access_level": "Read", + "resource_types": { + "ALB": { + "resource_type": "ALB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "NLB": { + "resource_type": "NLB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alb": "ALB", + "nlb": "NLB", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_GetManagedResource.html" + }, + "ListManagedResources": { + "privilege": "ListManagedResources", + "description": "Grants permission to list managed resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_ListManagedResources.html" + }, + "ListZonalShifts": { + "privilege": "ListZonalShifts", + "description": "Grants permission to list zonal shifts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_ListZonalShifts.html" + }, + "StartZonalShift": { + "privilege": "StartZonalShift", + "description": "Grants permission to start a zonal shift", + "access_level": "Write", + "resource_types": { + "ALB": { + "resource_type": "ALB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "NLB": { + "resource_type": "NLB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alb": "ALB", + "nlb": "NLB", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_StartZonalShift.html" + }, + "UpdateZonalShift": { + "privilege": "UpdateZonalShift", + "description": "Grants permission to update an existing zonal shift", + "access_level": "Write", + "resource_types": { + "ALB": { + "resource_type": "ALB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "NLB": { + "resource_type": "NLB", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alb": "ALB", + "nlb": "NLB", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/arc-zonal-shift/latest/api/API_UpdateZonalShift.html" + } + }, + "privileges_lower_name": { + "cancelzonalshift": "CancelZonalShift", + "getmanagedresource": "GetManagedResource", + "listmanagedresources": "ListManagedResources", + "listzonalshifts": "ListZonalShifts", + "startzonalshift": "StartZonalShift", + "updatezonalshift": "UpdateZonalShift" + }, + "resources": { + "ALB": { + "resource": "ALB", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "NLB": { + "resource": "NLB", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/net/${LoadBalancerName}/${LoadBalancerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "alb": "ALB", + "nlb": "NLB" + }, + "conditions": { + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the managed resource", + "type": "String" + }, + "elasticloadbalancing:ResourceTag/${TagKey}": { + "condition": "elasticloadbalancing:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the managed resource", + "type": "String" + } + } + }, + "route53domains": { + "service_name": "Amazon Route 53 Domains", + "prefix": "route53domains", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53domains.html", + "privileges": { + "AcceptDomainTransferFromAnotherAwsAccount": { + "privilege": "AcceptDomainTransferFromAnotherAwsAccount", + "description": "Grants permission to accept the transfer of a domain from another AWS account to the current AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AcceptDomainTransferFromAnotherAwsAccount.html" + }, + "AssociateDelegationSignerToDomain": { + "privilege": "AssociateDelegationSignerToDomain", + "description": "Grants permission to associate a new delegation signer to a domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AssociateDelegationSignerToDomain.html" + }, + "CancelDomainTransferToAnotherAwsAccount": { + "privilege": "CancelDomainTransferToAnotherAwsAccount", + "description": "Grants permission to cancel the transfer of a domain from the current AWS account to another AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_CancelDomainTransferToAnotherAwsAccount.html" + }, + "CheckDomainAvailability": { + "privilege": "CheckDomainAvailability", + "description": "Grants permission to check the availability of one domain name", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_CheckDomainAvailability.html" + }, + "CheckDomainTransferability": { + "privilege": "CheckDomainTransferability", + "description": "Grants permission to check whether a domain name can be transferred to Amazon Route 53", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_CheckDomainTransferability.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DeleteDomain.html" + }, + "DeleteTagsForDomain": { + "privilege": "DeleteTagsForDomain", + "description": "Grants permission to delete the specified tags for a domain", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DeleteTagsForDomain.html" + }, + "DisableDomainAutoRenew": { + "privilege": "DisableDomainAutoRenew", + "description": "Grants permission to configure Amazon Route 53 to automatically renew the specified domain before the domain registration expires", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisableDomainAutoRenew.html" + }, + "DisableDomainTransferLock": { + "privilege": "DisableDomainTransferLock", + "description": "Grants permission to remove the transfer lock on the domain (specifically the clientTransferProhibited status) to allow domain transfers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisableDomainTransferLock.html" + }, + "DisassociateDelegationSignerFromDomain": { + "privilege": "DisassociateDelegationSignerFromDomain", + "description": "Grants permission to disassociate an existing delegation signer from a domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisassociateDelegationSignerFromDomain.html" + }, + "EnableDomainAutoRenew": { + "privilege": "EnableDomainAutoRenew", + "description": "Grants permission to configure Amazon Route 53 to automatically renew the specified domain before the domain registration expires", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_DisableDomainAutoRenew.html" + }, + "EnableDomainTransferLock": { + "privilege": "EnableDomainTransferLock", + "description": "Grants permission to set the transfer lock on the domain (specifically the clientTransferProhibited status) to prevent domain transfers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_EnableDomainTransferLock.html" + }, + "GetContactReachabilityStatus": { + "privilege": "GetContactReachabilityStatus", + "description": "Grants permission to get information about whether the registrant contact has responded for operations that require confirmation that the email address for the registrant contact is valid, such as registering a new domain", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetContactReachabilityStatus.html" + }, + "GetDomainDetail": { + "privilege": "GetDomainDetail", + "description": "Grants permission to get detailed information about a domain", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetDomainDetail.html" + }, + "GetDomainSuggestions": { + "privilege": "GetDomainSuggestions", + "description": "Grants permission to get a list of suggested domain names given a string, which can either be a domain name or simply a word or phrase (without spaces)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetDomainSuggestions.html" + }, + "GetOperationDetail": { + "privilege": "GetOperationDetail", + "description": "Grants permission to get the current status of an operation that is not completed", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_GetOperationDetail.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list all the domain names registered with Amazon Route 53 for the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListDomains.html" + }, + "ListOperations": { + "privilege": "ListOperations", + "description": "Grants permission to list the operation IDs of operations that are not yet complete", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListOperations.html" + }, + "ListPrices": { + "privilege": "ListPrices", + "description": "Grants permission to list the prices of operations for TLDs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListPrices.html" + }, + "ListTagsForDomain": { + "privilege": "ListTagsForDomain", + "description": "Grants permission to list all the tags that are associated with the specified domain", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ListTagsForDomain.html" + }, + "PushDomain": { + "privilege": "PushDomain", + "description": "Grants permission to change the IPS tag of .uk domain to initiate a transfer process from Route 53 to another registrar", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_PushDomain.html" + }, + "RegisterDomain": { + "privilege": "RegisterDomain", + "description": "Grants permission to register domains", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RegisterDomain.html" + }, + "RejectDomainTransferFromAnotherAwsAccount": { + "privilege": "RejectDomainTransferFromAnotherAwsAccount", + "description": "Grants permission to reject the transfer of a domain from another AWS account to the current AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RejectDomainTransferFromAnotherAwsAccount.html" + }, + "RenewDomain": { + "privilege": "RenewDomain", + "description": "Grants permission to renew domains for the specified number of years", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RenewDomain.html" + }, + "ResendContactReachabilityEmail": { + "privilege": "ResendContactReachabilityEmail", + "description": "Grants permission to resend the confirmation email to the current email address for the registrant contact for operations that require confirmation that the email address for the registrant contact is valid, such as registering a new domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ResendContactReachabilityEmail.html" + }, + "ResendOperationAuthorization": { + "privilege": "ResendOperationAuthorization", + "description": "Grants permission to resend the operation authorization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ResendOperationAuthorization.html" + }, + "RetrieveDomainAuthCode": { + "privilege": "RetrieveDomainAuthCode", + "description": "Grants permission to get the AuthCode for the domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_RetrieveDomainAuthCode.html" + }, + "TransferDomain": { + "privilege": "TransferDomain", + "description": "Grants permission to transfer a domain from another registrar to Amazon Route 53", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_TransferDomain.html" + }, + "TransferDomainToAnotherAwsAccount": { + "privilege": "TransferDomainToAnotherAwsAccount", + "description": "Grants permission to transfer a domain from the current AWS account to another AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_TransferDomainToAnotherAwsAccount.html" + }, + "UpdateDomainContact": { + "privilege": "UpdateDomainContact", + "description": "Grants permission to update the contact information for domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateDomainContact.html" + }, + "UpdateDomainContactPrivacy": { + "privilege": "UpdateDomainContactPrivacy", + "description": "Grants permission to update the domain contact privacy setting", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateDomainContactPrivacy.html" + }, + "UpdateDomainNameservers": { + "privilege": "UpdateDomainNameservers", + "description": "Grants permission to replace the current set of name servers for a domain with the specified set of name servers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateDomainNameservers.html" + }, + "UpdateTagsForDomain": { + "privilege": "UpdateTagsForDomain", + "description": "Grants permission to add or update tags for a specified domain", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateTagsForDomain.html" + }, + "ViewBilling": { + "privilege": "ViewBilling", + "description": "Grants permission to get all the domain-related billing records for the current AWS account for a specified period", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_ViewBilling.html" + } + }, + "privileges_lower_name": { + "acceptdomaintransferfromanotherawsaccount": "AcceptDomainTransferFromAnotherAwsAccount", + "associatedelegationsignertodomain": "AssociateDelegationSignerToDomain", + "canceldomaintransfertoanotherawsaccount": "CancelDomainTransferToAnotherAwsAccount", + "checkdomainavailability": "CheckDomainAvailability", + "checkdomaintransferability": "CheckDomainTransferability", + "deletedomain": "DeleteDomain", + "deletetagsfordomain": "DeleteTagsForDomain", + "disabledomainautorenew": "DisableDomainAutoRenew", + "disabledomaintransferlock": "DisableDomainTransferLock", + "disassociatedelegationsignerfromdomain": "DisassociateDelegationSignerFromDomain", + "enabledomainautorenew": "EnableDomainAutoRenew", + "enabledomaintransferlock": "EnableDomainTransferLock", + "getcontactreachabilitystatus": "GetContactReachabilityStatus", + "getdomaindetail": "GetDomainDetail", + "getdomainsuggestions": "GetDomainSuggestions", + "getoperationdetail": "GetOperationDetail", + "listdomains": "ListDomains", + "listoperations": "ListOperations", + "listprices": "ListPrices", + "listtagsfordomain": "ListTagsForDomain", + "pushdomain": "PushDomain", + "registerdomain": "RegisterDomain", + "rejectdomaintransferfromanotherawsaccount": "RejectDomainTransferFromAnotherAwsAccount", + "renewdomain": "RenewDomain", + "resendcontactreachabilityemail": "ResendContactReachabilityEmail", + "resendoperationauthorization": "ResendOperationAuthorization", + "retrievedomainauthcode": "RetrieveDomainAuthCode", + "transferdomain": "TransferDomain", + "transferdomaintoanotherawsaccount": "TransferDomainToAnotherAwsAccount", + "updatedomaincontact": "UpdateDomainContact", + "updatedomaincontactprivacy": "UpdateDomainContactPrivacy", + "updatedomainnameservers": "UpdateDomainNameservers", + "updatetagsfordomain": "UpdateTagsForDomain", + "viewbilling": "ViewBilling" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "route53-recovery-cluster": { + "service_name": "Amazon Route 53 Recovery Cluster", + "prefix": "route53-recovery-cluster", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53recoverycluster.html", + "privileges": { + "GetRoutingControlState": { + "privilege": "GetRoutingControlState", + "description": "Grants permission to get a routing control state", + "access_level": "Read", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol" + }, + "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_GetRoutingControlState.html" + }, + "ListRoutingControls": { + "privilege": "ListRoutingControls", + "description": "Grants permission to list routing controls", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_ListRoutingControls.html" + }, + "UpdateRoutingControlState": { + "privilege": "UpdateRoutingControlState", + "description": "Grants permission to update a routing control state", + "access_level": "Write", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "route53-recovery-cluster:AllowSafetyRulesOverrides" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_UpdateRoutingControlState.html" + }, + "UpdateRoutingControlStates": { + "privilege": "UpdateRoutingControlStates", + "description": "Grants permission to update a batch of routing control states", + "access_level": "Write", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "route53-recovery-cluster:AllowSafetyRulesOverrides" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/routing-control/latest/APIReference/API_UpdateRoutingControlStates.html" + } + }, + "privileges_lower_name": { + "getroutingcontrolstate": "GetRoutingControlState", + "listroutingcontrols": "ListRoutingControls", + "updateroutingcontrolstate": "UpdateRoutingControlState", + "updateroutingcontrolstates": "UpdateRoutingControlStates" + }, + "resources": { + "routingcontrol": { + "resource": "routingcontrol", + "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}/routingcontrol/${RoutingControlId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "routingcontrol": "routingcontrol" + }, + "conditions": { + "route53-recovery-cluster:AllowSafetyRulesOverrides": { + "condition": "route53-recovery-cluster:AllowSafetyRulesOverrides", + "description": "Override safety rules to allow routing control state updates", + "type": "Bool" + } + } + }, + "route53-recovery-control-config": { + "service_name": "Amazon Route 53 Recovery Controls", + "prefix": "route53-recovery-control-config", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53recoverycontrols.html", + "privileges": { + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster.html" + }, + "CreateControlPanel": { + "privilege": "CreateControlPanel", + "description": "Grants permission to create a control panel", + "access_level": "Write", + "resource_types": { + "controlpanel": { + "resource_type": "controlpanel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "controlpanel": "controlpanel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel.html" + }, + "CreateRoutingControl": { + "privilege": "CreateRoutingControl", + "description": "Grants permission to create a routing control", + "access_level": "Write", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol.html" + }, + "CreateSafetyRule": { + "privilege": "CreateSafetyRule", + "description": "Grants permission to create a safety rule", + "access_level": "Write", + "resource_types": { + "safetyrule": { + "resource_type": "safetyrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "safetyrule": "safetyrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Grants permission to delete a cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster-clusterarn.html" + }, + "DeleteControlPanel": { + "privilege": "DeleteControlPanel", + "description": "Grants permission to delete a control panel", + "access_level": "Write", + "resource_types": { + "controlpanel": { + "resource_type": "controlpanel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "controlpanel": "controlpanel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn.html" + }, + "DeleteRoutingControl": { + "privilege": "DeleteRoutingControl", + "description": "Grants permission to delete a routing control", + "access_level": "Write", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn.html" + }, + "DeleteSafetyRule": { + "privilege": "DeleteSafetyRule", + "description": "Grants permission to delete a safety rule", + "access_level": "Write", + "resource_types": { + "safetyrule": { + "resource_type": "safetyrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "safetyrule": "safetyrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule-safetyrulearn.html" + }, + "DescribeCluster": { + "privilege": "DescribeCluster", + "description": "Grants permission to describe a cluster", + "access_level": "Read", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster-clusterarn.html" + }, + "DescribeControlPanel": { + "privilege": "DescribeControlPanel", + "description": "Grants permission to describe a control panel", + "access_level": "Read", + "resource_types": { + "controlpanel": { + "resource_type": "controlpanel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "controlpanel": "controlpanel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn.html" + }, + "DescribeRoutingControl": { + "privilege": "DescribeRoutingControl", + "description": "Grants permission to describe a routing control", + "access_level": "Read", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn.html" + }, + "DescribeRoutingControlByName": { + "privilege": "DescribeRoutingControlByName", + "description": "Grants permission to describe a routing control", + "access_level": "Read", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn.html" + }, + "DescribeSafetyRule": { + "privilege": "DescribeSafetyRule", + "description": "Grants permission to describe a safety rule", + "access_level": "Read", + "resource_types": { + "safetyrule": { + "resource_type": "safetyrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "safetyrule": "safetyrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule-safetyrulearn.html" + }, + "ListAssociatedRoute53HealthChecks": { + "privilege": "ListAssociatedRoute53HealthChecks", + "description": "Grants permission to list associated Route 53 health checks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/routingcontrol-routingcontrolarn-associatedroute53healthchecks.html" + }, + "ListClusters": { + "privilege": "ListClusters", + "description": "Grants permission to list clusters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/cluster.html" + }, + "ListControlPanels": { + "privilege": "ListControlPanels", + "description": "Grants permission to list control panels", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanels.html" + }, + "ListRoutingControls": { + "privilege": "ListRoutingControls", + "description": "Grants permission to list routing controls", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn-routingcontrols.html" + }, + "ListSafetyRules": { + "privilege": "ListSafetyRules", + "description": "Grants permission to list safety rules", + "access_level": "Read", + "resource_types": { + "controlpanel": { + "resource_type": "controlpanel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "controlpanel": "controlpanel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn-safetyrules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/tags-resource-arn.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "controlpanel": { + "resource_type": "controlpanel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "safetyrule": { + "resource_type": "safetyrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "controlpanel": "controlpanel", + "safetyrule": "safetyrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/tags-resource-arn.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "controlpanel": { + "resource_type": "controlpanel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "safetyrule": { + "resource_type": "safetyrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster", + "controlpanel": "controlpanel", + "safetyrule": "safetyrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/tags-resource-arn.html" + }, + "UpdateControlPanel": { + "privilege": "UpdateControlPanel", + "description": "Grants permission to update a cluster", + "access_level": "Write", + "resource_types": { + "controlpanel": { + "resource_type": "controlpanel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "controlpanel": "controlpanel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel.html" + }, + "UpdateRoutingControl": { + "privilege": "UpdateRoutingControl", + "description": "Grants permission to update a routing control", + "access_level": "Write", + "resource_types": { + "routingcontrol": { + "resource_type": "routingcontrol", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "routingcontrol": "routingcontrol" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/controlpanel-controlpanelarn-routingcontrols.html" + }, + "UpdateSafetyRule": { + "privilege": "UpdateSafetyRule", + "description": "Grants permission to update a safety rule", + "access_level": "Write", + "resource_types": { + "safetyrule": { + "resource_type": "safetyrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "safetyrule": "safetyrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-cluster/latest/api/safetyrule.html" + } + }, + "privileges_lower_name": { + "createcluster": "CreateCluster", + "createcontrolpanel": "CreateControlPanel", + "createroutingcontrol": "CreateRoutingControl", + "createsafetyrule": "CreateSafetyRule", + "deletecluster": "DeleteCluster", + "deletecontrolpanel": "DeleteControlPanel", + "deleteroutingcontrol": "DeleteRoutingControl", + "deletesafetyrule": "DeleteSafetyRule", + "describecluster": "DescribeCluster", + "describecontrolpanel": "DescribeControlPanel", + "describeroutingcontrol": "DescribeRoutingControl", + "describeroutingcontrolbyname": "DescribeRoutingControlByName", + "describesafetyrule": "DescribeSafetyRule", + "listassociatedroute53healthchecks": "ListAssociatedRoute53HealthChecks", + "listclusters": "ListClusters", + "listcontrolpanels": "ListControlPanels", + "listroutingcontrols": "ListRoutingControls", + "listsafetyrules": "ListSafetyRules", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecontrolpanel": "UpdateControlPanel", + "updateroutingcontrol": "UpdateRoutingControl", + "updatesafetyrule": "UpdateSafetyRule" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:route53-recovery-control::${Account}:cluster/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "controlpanel": { + "resource": "controlpanel", + "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "routingcontrol": { + "resource": "routingcontrol", + "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}/routingcontrol/${RoutingControlId}", + "condition_keys": [] + }, + "safetyrule": { + "resource": "safetyrule", + "arn": "arn:${Partition}:route53-recovery-control::${Account}:controlpanel/${ControlPanelId}/safetyrule/${SafetyRuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "controlpanel": "controlpanel", + "routingcontrol": "routingcontrol", + "safetyrule": "safetyrule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the presence of tag keys in the request", + "type": "String" + } + } + }, + "route53-recovery-readiness": { + "service_name": "Amazon Route 53 Recovery Readiness", + "prefix": "route53-recovery-readiness", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53recoveryreadiness.html", + "privileges": { + "CreateCell": { + "privilege": "CreateCell", + "description": "Grants permission to create a new cell", + "access_level": "Write", + "resource_types": { + "cell": { + "resource_type": "cell", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cell": "cell", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells.html" + }, + "CreateCrossAccountAuthorization": { + "privilege": "CreateCrossAccountAuthorization", + "description": "Grants permission to create a cross account authorization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/crossaccountauthorizations.html" + }, + "CreateReadinessCheck": { + "privilege": "CreateReadinessCheck", + "description": "Grants permission to create a readiness check", + "access_level": "Write", + "resource_types": { + "readinesscheck": { + "resource_type": "readinesscheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readinesscheck": "readinesscheck", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks.html" + }, + "CreateRecoveryGroup": { + "privilege": "CreateRecoveryGroup", + "description": "Grants permission to create a recovery group", + "access_level": "Write", + "resource_types": { + "recoverygroup": { + "resource_type": "recoverygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverygroup": "recoverygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups.html" + }, + "CreateResourceSet": { + "privilege": "CreateResourceSet", + "description": "Grants permission to create a resource set", + "access_level": "Write", + "resource_types": { + "resourceset": { + "resource_type": "resourceset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourceset": "resourceset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets.html" + }, + "DeleteCell": { + "privilege": "DeleteCell", + "description": "Grants permission to delete a cell", + "access_level": "Write", + "resource_types": { + "cell": { + "resource_type": "cell", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cell": "cell" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells-cellname.html" + }, + "DeleteCrossAccountAuthorization": { + "privilege": "DeleteCrossAccountAuthorization", + "description": "Grants permission to delete a cross account authorization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/crossaccountauthorizations-crossaccountauthorization.html" + }, + "DeleteReadinessCheck": { + "privilege": "DeleteReadinessCheck", + "description": "Grants permission to delete a readiness check", + "access_level": "Write", + "resource_types": { + "readinesscheck": { + "resource_type": "readinesscheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readinesscheck": "readinesscheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname.html" + }, + "DeleteRecoveryGroup": { + "privilege": "DeleteRecoveryGroup", + "description": "Grants permission to delete a recovery group", + "access_level": "Write", + "resource_types": { + "recoverygroup": { + "resource_type": "recoverygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverygroup": "recoverygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname.html" + }, + "DeleteResourceSet": { + "privilege": "DeleteResourceSet", + "description": "Grants permission to delete a resource set", + "access_level": "Write", + "resource_types": { + "resourceset": { + "resource_type": "resourceset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourceset": "resourceset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets-resourcesetname.html" + }, + "GetArchitectureRecommendations": { + "privilege": "GetArchitectureRecommendations", + "description": "Grants permission to get architecture recommendations for a recovery group", + "access_level": "Read", + "resource_types": { + "recoverygroup": { + "resource_type": "recoverygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverygroup": "recoverygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname-architecturerecommendations.html" + }, + "GetCell": { + "privilege": "GetCell", + "description": "Grants permission to get information about a cell", + "access_level": "Read", + "resource_types": { + "cell": { + "resource_type": "cell", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cell": "cell" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells-cellname.html" + }, + "GetCellReadinessSummary": { + "privilege": "GetCellReadinessSummary", + "description": "Grants permission to get a readiness summary for a cell", + "access_level": "Read", + "resource_types": { + "cell": { + "resource_type": "cell", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cell": "cell" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cellreadiness-cellname.html" + }, + "GetReadinessCheck": { + "privilege": "GetReadinessCheck", + "description": "Grants permission to get information about a readiness check", + "access_level": "Read", + "resource_types": { + "readinesscheck": { + "resource_type": "readinesscheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readinesscheck": "readinesscheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname.html" + }, + "GetReadinessCheckResourceStatus": { + "privilege": "GetReadinessCheckResourceStatus", + "description": "Grants permission to get the readiness status for an individual resource", + "access_level": "Read", + "resource_types": { + "readinesscheck": { + "resource_type": "readinesscheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readinesscheck": "readinesscheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname-resource-resourceidentifier-status.html" + }, + "GetReadinessCheckStatus": { + "privilege": "GetReadinessCheckStatus", + "description": "Grants permission to get the status of a readiness check (for a resource set)", + "access_level": "Read", + "resource_types": { + "readinesscheck": { + "resource_type": "readinesscheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readinesscheck": "readinesscheck" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname-status.html" + }, + "GetRecoveryGroup": { + "privilege": "GetRecoveryGroup", + "description": "Grants permission to get information about a recovery group", + "access_level": "Read", + "resource_types": { + "recoverygroup": { + "resource_type": "recoverygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverygroup": "recoverygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname.html" + }, + "GetRecoveryGroupReadinessSummary": { + "privilege": "GetRecoveryGroupReadinessSummary", + "description": "Grants permission to get a readiness summary for a recovery group", + "access_level": "Read", + "resource_types": { + "recoverygroup": { + "resource_type": "recoverygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverygroup": "recoverygroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroupreadiness-recoverygroupname.html" + }, + "GetResourceSet": { + "privilege": "GetResourceSet", + "description": "Grants permission to get information about a resource set", + "access_level": "Read", + "resource_types": { + "resourceset": { + "resource_type": "resourceset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourceset": "resourceset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets-resourcesetname.html" + }, + "ListCells": { + "privilege": "ListCells", + "description": "Grants permission to list cells", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells.html" + }, + "ListCrossAccountAuthorizations": { + "privilege": "ListCrossAccountAuthorizations", + "description": "Grants permission to list cross account authorizations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/crossaccountauthorizations.html" + }, + "ListReadinessChecks": { + "privilege": "ListReadinessChecks", + "description": "Grants permission to list readiness checks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks.html" + }, + "ListRecoveryGroups": { + "privilege": "ListRecoveryGroups", + "description": "Grants permission to list recovery groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups.html" + }, + "ListResourceSets": { + "privilege": "ListResourceSets", + "description": "Grants permission to list resource sets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets.html" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to list readiness rules", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/rules.html" + }, + "ListTagsForResources": { + "privilege": "ListTagsForResources", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/tags-resource-arn.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a tag to a resource", + "access_level": "Tagging", + "resource_types": { + "cell": { + "resource_type": "cell", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "readinesscheck": { + "resource_type": "readinesscheck", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "recoverygroup": { + "resource_type": "recoverygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resourceset": { + "resource_type": "resourceset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cell": "cell", + "readinesscheck": "readinesscheck", + "recoverygroup": "recoverygroup", + "resourceset": "resourceset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/tags-resource-arn.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a resource", + "access_level": "Tagging", + "resource_types": { + "cell": { + "resource_type": "cell", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "readinesscheck": { + "resource_type": "readinesscheck", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "recoverygroup": { + "resource_type": "recoverygroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resourceset": { + "resource_type": "resourceset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cell": "cell", + "readinesscheck": "readinesscheck", + "recoverygroup": "recoverygroup", + "resourceset": "resourceset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/tags-resource-arn.html" + }, + "UpdateCell": { + "privilege": "UpdateCell", + "description": "Grants permission to update a cell", + "access_level": "Write", + "resource_types": { + "cell": { + "resource_type": "cell", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cell": "cell", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/cells-cellname.html" + }, + "UpdateReadinessCheck": { + "privilege": "UpdateReadinessCheck", + "description": "Grants permission to update a readiness check", + "access_level": "Write", + "resource_types": { + "readinesscheck": { + "resource_type": "readinesscheck", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "readinesscheck": "readinesscheck", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/readinesschecks-readinesscheckname.html" + }, + "UpdateRecoveryGroup": { + "privilege": "UpdateRecoveryGroup", + "description": "Grants permission to update a recovery group", + "access_level": "Write", + "resource_types": { + "recoverygroup": { + "resource_type": "recoverygroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverygroup": "recoverygroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/recoverygroups-recoverygroupname.html" + }, + "UpdateResourceSet": { + "privilege": "UpdateResourceSet", + "description": "Grants permission to update a resource set", + "access_level": "Write", + "resource_types": { + "resourceset": { + "resource_type": "resourceset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourceset": "resourceset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recovery-readiness/latest/api/resourcesets-resourcesetname.html" + } + }, + "privileges_lower_name": { + "createcell": "CreateCell", + "createcrossaccountauthorization": "CreateCrossAccountAuthorization", + "createreadinesscheck": "CreateReadinessCheck", + "createrecoverygroup": "CreateRecoveryGroup", + "createresourceset": "CreateResourceSet", + "deletecell": "DeleteCell", + "deletecrossaccountauthorization": "DeleteCrossAccountAuthorization", + "deletereadinesscheck": "DeleteReadinessCheck", + "deleterecoverygroup": "DeleteRecoveryGroup", + "deleteresourceset": "DeleteResourceSet", + "getarchitecturerecommendations": "GetArchitectureRecommendations", + "getcell": "GetCell", + "getcellreadinesssummary": "GetCellReadinessSummary", + "getreadinesscheck": "GetReadinessCheck", + "getreadinesscheckresourcestatus": "GetReadinessCheckResourceStatus", + "getreadinesscheckstatus": "GetReadinessCheckStatus", + "getrecoverygroup": "GetRecoveryGroup", + "getrecoverygroupreadinesssummary": "GetRecoveryGroupReadinessSummary", + "getresourceset": "GetResourceSet", + "listcells": "ListCells", + "listcrossaccountauthorizations": "ListCrossAccountAuthorizations", + "listreadinesschecks": "ListReadinessChecks", + "listrecoverygroups": "ListRecoveryGroups", + "listresourcesets": "ListResourceSets", + "listrules": "ListRules", + "listtagsforresources": "ListTagsForResources", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecell": "UpdateCell", + "updatereadinesscheck": "UpdateReadinessCheck", + "updaterecoverygroup": "UpdateRecoveryGroup", + "updateresourceset": "UpdateResourceSet" + }, + "resources": { + "readinesscheck": { + "resource": "readinesscheck", + "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:readiness-check/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resourceset": { + "resource": "resourceset", + "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:resource-set/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "cell": { + "resource": "cell", + "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:cell/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "recoverygroup": { + "resource": "recoverygroup", + "arn": "arn:${Partition}:route53-recovery-readiness::${Account}:recovery-group/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "readinesscheck": "readinesscheck", + "resourceset": "resourceset", + "cell": "cell", + "recoverygroup": "recoverygroup" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "route53resolver": { + "service_name": "Amazon Route 53 Resolver", + "prefix": "route53resolver", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53resolver.html", + "privileges": { + "AssociateFirewallRuleGroup": { + "privilege": "AssociateFirewallRuleGroup", + "description": "Grants permission to associate an Amazon VPC with a specified firewall rule group", + "access_level": "Write", + "resource_types": { + "firewall-rule-group-association": { + "resource_type": "firewall-rule-group-association", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group-association": "firewall-rule-group-association", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateFirewallRuleGroup.html" + }, + "AssociateResolverEndpointIpAddress": { + "privilege": "AssociateResolverEndpointIpAddress", + "description": "Grants permission to associate a specified IP address with a Resolver endpoint. This is an IP address that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound)", + "access_level": "Write", + "resource_types": { + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets" + ] + } + }, + "resource_types_lower_name": { + "resolver-endpoint": "resolver-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverEndpointIpAddress.html" + }, + "AssociateResolverQueryLogConfig": { + "privilege": "AssociateResolverQueryLogConfig", + "description": "Grants permission to associate an Amazon VPC with a specified query logging configuration", + "access_level": "Write", + "resource_types": { + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "resolver-query-log-config": "resolver-query-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverQueryLogConfig.html" + }, + "AssociateResolverRule": { + "privilege": "AssociateResolverRule", + "description": "Grants permission to associate a specified Resolver rule with a specified VPC", + "access_level": "Write", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverRule.html" + }, + "CreateFirewallDomainList": { + "privilege": "CreateFirewallDomainList", + "description": "Grants permission to create a Firewall domain list", + "access_level": "Write", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallDomainList.html" + }, + "CreateFirewallRule": { + "privilege": "CreateFirewallRule", + "description": "Grants permission to create a Firewall rule within a Firewall rule group", + "access_level": "Write", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list", + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallRule.html" + }, + "CreateFirewallRuleGroup": { + "privilege": "CreateFirewallRuleGroup", + "description": "Grants permission to create a Firewall rule group", + "access_level": "Write", + "resource_types": { + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group": "firewall-rule-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateFirewallRuleGroup.html" + }, + "CreateOutpostResolver": { + "privilege": "CreateOutpostResolver", + "description": "Grants permission to create a Route 53 Resolver on Outposts", + "access_level": "Write", + "resource_types": { + "outpost-resolver": { + "resource_type": "outpost-resolver", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "outposts:GetOutpost" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost-resolver": "outpost-resolver", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateOutpostResolver.html" + }, + "CreateResolverEndpoint": { + "privilege": "CreateResolverEndpoint", + "description": "Grants permission to create a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound", + "access_level": "Write", + "resource_types": { + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-endpoint": "resolver-endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html" + }, + "CreateResolverQueryLogConfig": { + "privilege": "CreateResolverQueryLogConfig", + "description": "Grants permission to create a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverQueryLogConfig.html" + }, + "CreateResolverRule": { + "privilege": "CreateResolverRule", + "description": "Grants permission to define how to route queries originating from your VPC out of the VPC", + "access_level": "Write", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html" + }, + "DeleteFirewallDomainList": { + "privilege": "DeleteFirewallDomainList", + "description": "Grants permission to delete a Firewall domain list", + "access_level": "Write", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallDomainList.html" + }, + "DeleteFirewallRule": { + "privilege": "DeleteFirewallRule", + "description": "Grants permission to delete a Firewall rule within a Firewall rule group", + "access_level": "Write", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list", + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallRule.html" + }, + "DeleteFirewallRuleGroup": { + "privilege": "DeleteFirewallRuleGroup", + "description": "Grants permission to delete a Firewall rule group", + "access_level": "Write", + "resource_types": { + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteFirewallRuleGroup.html" + }, + "DeleteOutpostResolver": { + "privilege": "DeleteOutpostResolver", + "description": "Grants permission to delete a Route 53 Resolver on Outposts", + "access_level": "Write", + "resource_types": { + "outpost-resolver": { + "resource_type": "outpost-resolver", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost-resolver": "outpost-resolver" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteOutpostResolver.html" + }, + "DeleteResolverEndpoint": { + "privilege": "DeleteResolverEndpoint", + "description": "Grants permission to delete a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound endpoint", + "access_level": "Write", + "resource_types": { + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces" + ] + } + }, + "resource_types_lower_name": { + "resolver-endpoint": "resolver-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverEndpoint.html" + }, + "DeleteResolverQueryLogConfig": { + "privilege": "DeleteResolverQueryLogConfig", + "description": "Grants permission to delete a Resolver query logging configuration", + "access_level": "Write", + "resource_types": { + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-query-log-config": "resolver-query-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverQueryLogConfig.html" + }, + "DeleteResolverRule": { + "privilege": "DeleteResolverRule", + "description": "Grants permission to delete a Resolver rule", + "access_level": "Write", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverRule.html" + }, + "DisassociateFirewallRuleGroup": { + "privilege": "DisassociateFirewallRuleGroup", + "description": "Grants permission to remove the association between a specified Firewall rule group and a specified VPC", + "access_level": "Write", + "resource_types": { + "firewall-rule-group-association": { + "resource_type": "firewall-rule-group-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group-association": "firewall-rule-group-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateFirewallRuleGroup.html" + }, + "DisassociateResolverEndpointIpAddress": { + "privilege": "DisassociateResolverEndpointIpAddress", + "description": "Grants permission to remove a specified IP address from a Resolver endpoint. This is an IP address that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound)", + "access_level": "Write", + "resource_types": { + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces" + ] + } + }, + "resource_types_lower_name": { + "resolver-endpoint": "resolver-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverEndpointIpAddress.html" + }, + "DisassociateResolverQueryLogConfig": { + "privilege": "DisassociateResolverQueryLogConfig", + "description": "Grants permission to remove the association between a specified Resolver query logging configuration and a specified VPC", + "access_level": "Write", + "resource_types": { + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-query-log-config": "resolver-query-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverQueryLogConfig.html" + }, + "DisassociateResolverRule": { + "privilege": "DisassociateResolverRule", + "description": "Grants permission to remove the association between a specified Resolver rule and a specified VPC", + "access_level": "Write", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverRule.html" + }, + "GetFirewallConfig": { + "privilege": "GetFirewallConfig", + "description": "Grants permission to get information about a specified Firewall config", + "access_level": "Read", + "resource_types": { + "firewall-config": { + "resource_type": "firewall-config", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "firewall-config": "firewall-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallConfig.html" + }, + "GetFirewallDomainList": { + "privilege": "GetFirewallDomainList", + "description": "Grants permission to get information about a specified Firewall domain list", + "access_level": "Read", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallDomainList.html" + }, + "GetFirewallRuleGroup": { + "privilege": "GetFirewallRuleGroup", + "description": "Grants permission to get information about a specified Firewall rule group", + "access_level": "Read", + "resource_types": { + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroup.html" + }, + "GetFirewallRuleGroupAssociation": { + "privilege": "GetFirewallRuleGroupAssociation", + "description": "Grants permission to get information about an association between a specified Firewall rule group and a VPC", + "access_level": "Read", + "resource_types": { + "firewall-rule-group-association": { + "resource_type": "firewall-rule-group-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group-association": "firewall-rule-group-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroupAssociation.html" + }, + "GetFirewallRuleGroupPolicy": { + "privilege": "GetFirewallRuleGroupPolicy", + "description": "Grants permission to get information about a specified Firewall rule group policy, which specifies the Firewall rule group operations and resources that you want to allow another AWS account to use", + "access_level": "Read", + "resource_types": { + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallRuleGroupPolicy.html" + }, + "GetOutpostResolver": { + "privilege": "GetOutpostResolver", + "description": "Grants permission to get information about a specified Route 53 Resolver on Outposts", + "access_level": "Read", + "resource_types": { + "outpost-resolver": { + "resource_type": "outpost-resolver", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost-resolver": "outpost-resolver" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetOutpostResolver.html" + }, + "GetResolverConfig": { + "privilege": "GetResolverConfig", + "description": "Grants permission to get the Resolver Config status within the specified resource", + "access_level": "Read", + "resource_types": { + "resolver-config": { + "resource_type": "resolver-config", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "resolver-config": "resolver-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverConfig.html" + }, + "GetResolverDnssecConfig": { + "privilege": "GetResolverDnssecConfig", + "description": "Grants permission to get the DNSSEC validation support status for DNS queries within the specified resource", + "access_level": "Read", + "resource_types": { + "resolver-dnssec-config": { + "resource_type": "resolver-dnssec-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-dnssec-config": "resolver-dnssec-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverDnssecConfig.html" + }, + "GetResolverEndpoint": { + "privilege": "GetResolverEndpoint", + "description": "Grants permission to get information about a specified Resolver endpoint, such as whether it's an inbound or an outbound endpoint, and the IP addresses in your VPC that DNS queries are forwarded to on the way into or out of your VPC", + "access_level": "Read", + "resource_types": { + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-endpoint": "resolver-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html" + }, + "GetResolverQueryLogConfig": { + "privilege": "GetResolverQueryLogConfig", + "description": "Grants permission to get information about a specified Resolver query logging configuration, such as the number of VPCs that the configuration is logging queries for and the location that logs are sent to", + "access_level": "Read", + "resource_types": { + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "resolver-query-log-config": "resolver-query-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfig.html" + }, + "GetResolverQueryLogConfigAssociation": { + "privilege": "GetResolverQueryLogConfigAssociation", + "description": "Grants permission to get information about a specified association between a Resolver query logging configuration and an Amazon VPC. When you associate a VPC with a query logging configuration, Resolver logs DNS queries that originate in that VPC", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfigAssociation.html" + }, + "GetResolverQueryLogConfigPolicy": { + "privilege": "GetResolverQueryLogConfigPolicy", + "description": "Grants permission to get information about a specified Resolver query logging policy, which specifies the Resolver query logging operations and resources that you want to allow another AWS account to use", + "access_level": "Read", + "resource_types": { + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-query-log-config": "resolver-query-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfigPolicy.html" + }, + "GetResolverRule": { + "privilege": "GetResolverRule", + "description": "Grants permission to get information about a specified Resolver rule, such as the domain name that the rule forwards DNS queries for and the IP address that queries are forwarded to", + "access_level": "Read", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRule.html" + }, + "GetResolverRuleAssociation": { + "privilege": "GetResolverRuleAssociation", + "description": "Grants permission to get information about an association between a specified Resolver rule and a VPC", + "access_level": "Read", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRuleAssociation.html" + }, + "GetResolverRulePolicy": { + "privilege": "GetResolverRulePolicy", + "description": "Grants permission to get information about a Resolver rule policy, which specifies the Resolver operations and resources that you want to allow another AWS account to use", + "access_level": "Read", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRulePolicy.html" + }, + "ImportFirewallDomains": { + "privilege": "ImportFirewallDomains", + "description": "Grants permission to add, remove or replace Firewall domains in a Firewall domain list", + "access_level": "Write", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ImportFirewallDomains.html" + }, + "ListFirewallConfigs": { + "privilege": "ListFirewallConfigs", + "description": "Grants permission to list all the Firewall config that current AWS account is able to check", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallConfigs.html" + }, + "ListFirewallDomainLists": { + "privilege": "ListFirewallDomainLists", + "description": "Grants permission to list all the Firewall domain list that current AWS account is able to use", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomainLists.html" + }, + "ListFirewallDomains": { + "privilege": "ListFirewallDomains", + "description": "Grants permission to list all the Firewall domain under a speicfied Firewall domain list", + "access_level": "List", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomains.html" + }, + "ListFirewallRuleGroupAssociations": { + "privilege": "ListFirewallRuleGroupAssociations", + "description": "Grants permission to list information about associations between Amazon VPCs and Firewall rule group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRuleGroupAssociations.html" + }, + "ListFirewallRuleGroups": { + "privilege": "ListFirewallRuleGroups", + "description": "Grants permission to list all the Firewall rule group that current AWS account is able to use", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRuleGroups.html" + }, + "ListFirewallRules": { + "privilege": "ListFirewallRules", + "description": "Grants permission to list all the Firewall rule under a speicfied Firewall rule group", + "access_level": "List", + "resource_types": { + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRules.html" + }, + "ListOutpostResolvers": { + "privilege": "ListOutpostResolvers", + "description": "Grants permission to list all instances of Route 53 Resolver on Outposts that were created using the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListOutpostResolvers.html" + }, + "ListResolverConfigs": { + "privilege": "ListResolverConfigs", + "description": "Grants permission to list Resolver Config statuses", + "access_level": "List", + "resource_types": { + "resolver-config": { + "resource_type": "resolver-config", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "resolver-config": "resolver-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverConfigs.html" + }, + "ListResolverDnssecConfigs": { + "privilege": "ListResolverDnssecConfigs", + "description": "Grants permission to list the DNSSEC validation support status for DNS queries", + "access_level": "List", + "resource_types": { + "resolver-dnssec-config": { + "resource_type": "resolver-dnssec-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-dnssec-config": "resolver-dnssec-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverDnssecConfigs.html" + }, + "ListResolverEndpointIpAddresses": { + "privilege": "ListResolverEndpointIpAddresses", + "description": "Grants permission to list the IP addresses that DNS queries pass through on the way to your network (outbound) or your VPCs (inbound) for a specified Resolver endpoint", + "access_level": "List", + "resource_types": { + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-endpoint": "resolver-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpointIpAddresses.html" + }, + "ListResolverEndpoints": { + "privilege": "ListResolverEndpoints", + "description": "Grants permission to list all the Resolver endpoints that were created using the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpoints.html" + }, + "ListResolverQueryLogConfigAssociations": { + "privilege": "ListResolverQueryLogConfigAssociations", + "description": "Grants permission to list information about associations between Amazon VPCs and query logging configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigAssociations.html" + }, + "ListResolverQueryLogConfigs": { + "privilege": "ListResolverQueryLogConfigs", + "description": "Grants permission to list information about the specified query logging configurations, which define where you want Resolver to save DNS query logs and specify the VPCs that you want to log queries for", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigs.html" + }, + "ListResolverRuleAssociations": { + "privilege": "ListResolverRuleAssociations", + "description": "Grants permission to list the associations that were created between Resolver rules and VPCs using the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRuleAssociations.html" + }, + "ListResolverRules": { + "privilege": "ListResolverRules", + "description": "Grants permission to list the Resolver rules that were created using the current AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags that you associated with the specified resource", + "access_level": "Read", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group-association": { + "resource_type": "firewall-rule-group-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "outpost-resolver": { + "resource_type": "outpost-resolver", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-rule": { + "resource_type": "resolver-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list", + "firewall-rule-group": "firewall-rule-group", + "firewall-rule-group-association": "firewall-rule-group-association", + "outpost-resolver": "outpost-resolver", + "resolver-endpoint": "resolver-endpoint", + "resolver-query-log-config": "resolver-query-log-config", + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListTagsForResource.html" + }, + "PutFirewallRuleGroupPolicy": { + "privilege": "PutFirewallRuleGroupPolicy", + "description": "Grants permission to specify an AWS account that you want to share a Firewall rule group with, the Firewall rule group that you want to share, and the operations that you want the account to be able to perform on the configuration", + "access_level": "Permissions management", + "resource_types": { + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutFirewallRuleGroupPolicy.html" + }, + "PutResolverQueryLogConfigPolicy": { + "privilege": "PutResolverQueryLogConfigPolicy", + "description": "Grants permission to specify an AWS account that you want to share a query logging configuration with, the query logging configuration that you want to share, and the operations that you want the account to be able to perform on the configuration", + "access_level": "Permissions management", + "resource_types": { + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-query-log-config": "resolver-query-log-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutResolverQueryLogConfigPolicy.html" + }, + "PutResolverRulePolicy": { + "privilege": "PutResolverRulePolicy", + "description": "Grants permission to specify an AWS account that you want to share rules with, the Resolver rules that you want to share, and the operations that you want the account to be able to perform on those rules", + "access_level": "Permissions management", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_PutResolverRulePolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a specified resource", + "access_level": "Tagging", + "resource_types": { + "firewall-config": { + "resource_type": "firewall-config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group-association": { + "resource_type": "firewall-rule-group-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "outpost-resolver": { + "resource_type": "outpost-resolver", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-dnssec-config": { + "resource_type": "resolver-dnssec-config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-rule": { + "resource_type": "resolver-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-config": "firewall-config", + "firewall-domain-list": "firewall-domain-list", + "firewall-rule-group": "firewall-rule-group", + "firewall-rule-group-association": "firewall-rule-group-association", + "outpost-resolver": "outpost-resolver", + "resolver-dnssec-config": "resolver-dnssec-config", + "resolver-endpoint": "resolver-endpoint", + "resolver-query-log-config": "resolver-query-log-config", + "resolver-rule": "resolver-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a specified resource", + "access_level": "Tagging", + "resource_types": { + "firewall-config": { + "resource_type": "firewall-config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group-association": { + "resource_type": "firewall-rule-group-association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "outpost-resolver": { + "resource_type": "outpost-resolver", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-dnssec-config": { + "resource_type": "resolver-dnssec-config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-query-log-config": { + "resource_type": "resolver-query-log-config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resolver-rule": { + "resource_type": "resolver-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-config": "firewall-config", + "firewall-domain-list": "firewall-domain-list", + "firewall-rule-group": "firewall-rule-group", + "firewall-rule-group-association": "firewall-rule-group-association", + "outpost-resolver": "outpost-resolver", + "resolver-dnssec-config": "resolver-dnssec-config", + "resolver-endpoint": "resolver-endpoint", + "resolver-query-log-config": "resolver-query-log-config", + "resolver-rule": "resolver-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UntagResource.html" + }, + "UpdateFirewallConfig": { + "privilege": "UpdateFirewallConfig", + "description": "Grants permission to update selected settings for an Firewall config", + "access_level": "Write", + "resource_types": { + "firewall-config": { + "resource_type": "firewall-config", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "firewall-config": "firewall-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallConfig.html" + }, + "UpdateFirewallDomains": { + "privilege": "UpdateFirewallDomains", + "description": "Grants permission to add, remove or replace Firewall domains in a Firewall domain list", + "access_level": "Write", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallDomains.html" + }, + "UpdateFirewallRule": { + "privilege": "UpdateFirewallRule", + "description": "Grants permission to update selected settings for an Firewall rule in a Firewall rule group", + "access_level": "Write", + "resource_types": { + "firewall-domain-list": { + "resource_type": "firewall-domain-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "firewall-rule-group": { + "resource_type": "firewall-rule-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-domain-list": "firewall-domain-list", + "firewall-rule-group": "firewall-rule-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallRule.html" + }, + "UpdateFirewallRuleGroupAssociation": { + "privilege": "UpdateFirewallRuleGroupAssociation", + "description": "Grants permission to update selected settings for an Firewall rule group association", + "access_level": "Write", + "resource_types": { + "firewall-rule-group-association": { + "resource_type": "firewall-rule-group-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall-rule-group-association": "firewall-rule-group-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateFirewallRuleGroupAssociation.html" + }, + "UpdateOutpostResolver": { + "privilege": "UpdateOutpostResolver", + "description": "Grants permission to update seletected settings for a specified Route 53 Resolver on Outposts", + "access_level": "Write", + "resource_types": { + "outpost-resolver": { + "resource_type": "outpost-resolver", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost-resolver": "outpost-resolver" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateOutpostResolver.html" + }, + "UpdateResolverConfig": { + "privilege": "UpdateResolverConfig", + "description": "Grants permission to update the Resolver Config status within the specified resource", + "access_level": "Write", + "resource_types": { + "resolver-config": { + "resource_type": "resolver-config", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "resolver-config": "resolver-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverConfig.html" + }, + "UpdateResolverDnssecConfig": { + "privilege": "UpdateResolverDnssecConfig", + "description": "Grants permission to update the DNSSEC validation support status for DNS queries within the specified resource", + "access_level": "Write", + "resource_types": { + "resolver-dnssec-config": { + "resource_type": "resolver-dnssec-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-dnssec-config": "resolver-dnssec-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverDnssecConfig.html" + }, + "UpdateResolverEndpoint": { + "privilege": "UpdateResolverEndpoint", + "description": "Grants permission to update selected settings for an inbound or an outbound Resolver endpoint", + "access_level": "Write", + "resource_types": { + "resolver-endpoint": { + "resource_type": "resolver-endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:AssignIpv6Addresses", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:ModifyNetworkInterfaceAttribute", + "ec2:UnassignIpv6Addresses" + ] + } + }, + "resource_types_lower_name": { + "resolver-endpoint": "resolver-endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverEndpoint.html" + }, + "UpdateResolverRule": { + "privilege": "UpdateResolverRule", + "description": "Grants permission to update settings for a specified Resolver rule", + "access_level": "Write", + "resource_types": { + "resolver-rule": { + "resource_type": "resolver-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resolver-rule": "resolver-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverRule.html" + } + }, + "privileges_lower_name": { + "associatefirewallrulegroup": "AssociateFirewallRuleGroup", + "associateresolverendpointipaddress": "AssociateResolverEndpointIpAddress", + "associateresolverquerylogconfig": "AssociateResolverQueryLogConfig", + "associateresolverrule": "AssociateResolverRule", + "createfirewalldomainlist": "CreateFirewallDomainList", + "createfirewallrule": "CreateFirewallRule", + "createfirewallrulegroup": "CreateFirewallRuleGroup", + "createoutpostresolver": "CreateOutpostResolver", + "createresolverendpoint": "CreateResolverEndpoint", + "createresolverquerylogconfig": "CreateResolverQueryLogConfig", + "createresolverrule": "CreateResolverRule", + "deletefirewalldomainlist": "DeleteFirewallDomainList", + "deletefirewallrule": "DeleteFirewallRule", + "deletefirewallrulegroup": "DeleteFirewallRuleGroup", + "deleteoutpostresolver": "DeleteOutpostResolver", + "deleteresolverendpoint": "DeleteResolverEndpoint", + "deleteresolverquerylogconfig": "DeleteResolverQueryLogConfig", + "deleteresolverrule": "DeleteResolverRule", + "disassociatefirewallrulegroup": "DisassociateFirewallRuleGroup", + "disassociateresolverendpointipaddress": "DisassociateResolverEndpointIpAddress", + "disassociateresolverquerylogconfig": "DisassociateResolverQueryLogConfig", + "disassociateresolverrule": "DisassociateResolverRule", + "getfirewallconfig": "GetFirewallConfig", + "getfirewalldomainlist": "GetFirewallDomainList", + "getfirewallrulegroup": "GetFirewallRuleGroup", + "getfirewallrulegroupassociation": "GetFirewallRuleGroupAssociation", + "getfirewallrulegrouppolicy": "GetFirewallRuleGroupPolicy", + "getoutpostresolver": "GetOutpostResolver", + "getresolverconfig": "GetResolverConfig", + "getresolverdnssecconfig": "GetResolverDnssecConfig", + "getresolverendpoint": "GetResolverEndpoint", + "getresolverquerylogconfig": "GetResolverQueryLogConfig", + "getresolverquerylogconfigassociation": "GetResolverQueryLogConfigAssociation", + "getresolverquerylogconfigpolicy": "GetResolverQueryLogConfigPolicy", + "getresolverrule": "GetResolverRule", + "getresolverruleassociation": "GetResolverRuleAssociation", + "getresolverrulepolicy": "GetResolverRulePolicy", + "importfirewalldomains": "ImportFirewallDomains", + "listfirewallconfigs": "ListFirewallConfigs", + "listfirewalldomainlists": "ListFirewallDomainLists", + "listfirewalldomains": "ListFirewallDomains", + "listfirewallrulegroupassociations": "ListFirewallRuleGroupAssociations", + "listfirewallrulegroups": "ListFirewallRuleGroups", + "listfirewallrules": "ListFirewallRules", + "listoutpostresolvers": "ListOutpostResolvers", + "listresolverconfigs": "ListResolverConfigs", + "listresolverdnssecconfigs": "ListResolverDnssecConfigs", + "listresolverendpointipaddresses": "ListResolverEndpointIpAddresses", + "listresolverendpoints": "ListResolverEndpoints", + "listresolverquerylogconfigassociations": "ListResolverQueryLogConfigAssociations", + "listresolverquerylogconfigs": "ListResolverQueryLogConfigs", + "listresolverruleassociations": "ListResolverRuleAssociations", + "listresolverrules": "ListResolverRules", + "listtagsforresource": "ListTagsForResource", + "putfirewallrulegrouppolicy": "PutFirewallRuleGroupPolicy", + "putresolverquerylogconfigpolicy": "PutResolverQueryLogConfigPolicy", + "putresolverrulepolicy": "PutResolverRulePolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatefirewallconfig": "UpdateFirewallConfig", + "updatefirewalldomains": "UpdateFirewallDomains", + "updatefirewallrule": "UpdateFirewallRule", + "updatefirewallrulegroupassociation": "UpdateFirewallRuleGroupAssociation", + "updateoutpostresolver": "UpdateOutpostResolver", + "updateresolverconfig": "UpdateResolverConfig", + "updateresolverdnssecconfig": "UpdateResolverDnssecConfig", + "updateresolverendpoint": "UpdateResolverEndpoint", + "updateresolverrule": "UpdateResolverRule" + }, + "resources": { + "resolver-dnssec-config": { + "resource": "resolver-dnssec-config", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-dnssec-config/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resolver-query-log-config": { + "resource": "resolver-query-log-config", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-query-log-config/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resolver-rule": { + "resource": "resolver-rule", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-rule/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resolver-endpoint": { + "resource": "resolver-endpoint", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-endpoint/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "firewall-rule-group": { + "resource": "firewall-rule-group", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-rule-group/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "firewall-rule-group-association": { + "resource": "firewall-rule-group-association", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-rule-group-association/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "firewall-domain-list": { + "resource": "firewall-domain-list", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-domain-list/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "firewall-config": { + "resource": "firewall-config", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:firewall-config/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resolver-config": { + "resource": "resolver-config", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:resolver-config/${ResourceId}", + "condition_keys": [] + }, + "outpost-resolver": { + "resource": "outpost-resolver", + "arn": "arn:${Partition}:route53resolver:${Region}:${Account}:outpost-resolver/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "resolver-dnssec-config": "resolver-dnssec-config", + "resolver-query-log-config": "resolver-query-log-config", + "resolver-rule": "resolver-rule", + "resolver-endpoint": "resolver-endpoint", + "firewall-rule-group": "firewall-rule-group", + "firewall-rule-group-association": "firewall-rule-group-association", + "firewall-domain-list": "firewall-domain-list", + "firewall-config": "firewall-config", + "resolver-config": "resolver-config", + "outpost-resolver": "outpost-resolver" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "s3": { + "service_name": "Amazon S3", + "prefix": "s3", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3.html", + "privileges": { + "AbortMultipartUpload": { + "privilege": "AbortMultipartUpload", + "description": "Grants permission to abort a multipart upload", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointArn", + "s3:DataAccessPointAccount", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html" + }, + "BypassGovernanceRetention": { + "privilege": "BypassGovernanceRetention", + "description": "Grants permission to allow circumvention of governance-mode object retention settings", + "access_level": "Permissions management", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:RequestObjectTag/", + "s3:RequestObjectTagKeys", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-acl", + "s3:x-amz-content-sha256", + "s3:x-amz-copy-source", + "s3:x-amz-grant-full-control", + "s3:x-amz-grant-read", + "s3:x-amz-grant-read-acp", + "s3:x-amz-grant-write", + "s3:x-amz-grant-write-acp", + "s3:x-amz-metadata-directive", + "s3:x-amz-server-side-encryption", + "s3:x-amz-server-side-encryption-aws-kms-key-id", + "s3:x-amz-server-side-encryption-customer-algorithm", + "s3:x-amz-storage-class", + "s3:x-amz-website-redirect-location", + "s3:object-lock-mode", + "s3:object-lock-retain-until-date", + "s3:object-lock-remaining-retention-days", + "s3:object-lock-legal-hold" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-managing-bypass" + }, + "CreateAccessPoint": { + "privilege": "CreateAccessPoint", + "description": "Grants permission to create a new access point", + "access_level": "Write", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:locationconstraint", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-acl", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html" + }, + "CreateAccessPointForObjectLambda": { + "privilege": "CreateAccessPointForObjectLambda", + "description": "Grants permission to create an object lambda enabled accesspoint", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPointForObjectLambda.html" + }, + "CreateBucket": { + "privilege": "CreateBucket", + "description": "Grants permission to create a new bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:locationconstraint", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-acl", + "s3:x-amz-content-sha256", + "s3:x-amz-grant-full-control", + "s3:x-amz-grant-read", + "s3:x-amz-grant-read-acp", + "s3:x-amz-grant-write", + "s3:x-amz-grant-write-acp", + "s3:x-amz-object-ownership" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Grants permission to create a new Amazon S3 Batch Operations job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:RequestJobPriority", + "s3:RequestJobOperation", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateJob.html" + }, + "CreateMultiRegionAccessPoint": { + "privilege": "CreateMultiRegionAccessPoint", + "description": "Grants permission to create a new Multi-Region Access Point", + "access_level": "Write", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateMultiRegionAccessPoint.html" + }, + "DeleteAccessPoint": { + "privilege": "DeleteAccessPoint", + "description": "Grants permission to delete the access point named in the URI", + "access_level": "Write", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointArn", + "s3:DataAccessPointAccount", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html" + }, + "DeleteAccessPointForObjectLambda": { + "privilege": "DeleteAccessPointForObjectLambda", + "description": "Grants permission to delete the object lambda enabled access point named in the URI", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointArn", + "s3:DataAccessPointAccount", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointForObjectLambda.html" + }, + "DeleteAccessPointPolicy": { + "privilege": "DeleteAccessPointPolicy", + "description": "Grants permission to delete the policy on a specified access point", + "access_level": "Permissions management", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointArn", + "s3:DataAccessPointAccount", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html" + }, + "DeleteAccessPointPolicyForObjectLambda": { + "privilege": "DeleteAccessPointPolicyForObjectLambda", + "description": "Grants permission to delete the policy on a specified object lambda enabled access point", + "access_level": "Permissions management", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointArn", + "s3:DataAccessPointAccount", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicyForObjectLambda.html" + }, + "DeleteBucket": { + "privilege": "DeleteBucket", + "description": "Grants permission to delete the bucket named in the URI", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html" + }, + "DeleteBucketPolicy": { + "privilege": "DeleteBucketPolicy", + "description": "Grants permission to delete the policy on a specified bucket", + "access_level": "Permissions management", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketPolicy.html" + }, + "DeleteBucketWebsite": { + "privilege": "DeleteBucketWebsite", + "description": "Grants permission to remove the website configuration for a bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html" + }, + "DeleteJobTagging": { + "privilege": "DeleteJobTagging", + "description": "Grants permission to remove tags from an existing Amazon S3 Batch Operations job", + "access_level": "Tagging", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:ExistingJobPriority", + "s3:ExistingJobOperation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteJobTagging.html" + }, + "DeleteMultiRegionAccessPoint": { + "privilege": "DeleteMultiRegionAccessPoint", + "description": "Grants permission to delete the Multi-Region Access Point named in the URI", + "access_level": "Write", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteMultiRegionAccessPoint.html" + }, + "DeleteObject": { + "privilege": "DeleteObject", + "description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" + }, + "DeleteObjectTagging": { + "privilege": "DeleteObjectTagging", + "description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" + }, + "DeleteObjectVersion": { + "privilege": "DeleteObjectVersion", + "description": "Grants permission to remove a specific version of an object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" + }, + "DeleteObjectVersionTagging": { + "privilege": "DeleteObjectVersionTagging", + "description": "Grants permission to remove the entire tag set for a specific version of the object", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" + }, + "DeleteStorageLensConfiguration": { + "privilege": "DeleteStorageLensConfiguration", + "description": "Grants permission to delete an existing Amazon S3 Storage Lens configuration", + "access_level": "Write", + "resource_types": { + "storagelensconfiguration": { + "resource_type": "storagelensconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagelensconfiguration": "storagelensconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteStorageLensConfiguration.html" + }, + "DeleteStorageLensConfigurationTagging": { + "privilege": "DeleteStorageLensConfigurationTagging", + "description": "Grants permission to remove tags from an existing Amazon S3 Storage Lens configuration", + "access_level": "Tagging", + "resource_types": { + "storagelensconfiguration": { + "resource_type": "storagelensconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagelensconfiguration": "storagelensconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteStorageLensConfigurationTagging.html" + }, + "DescribeJob": { + "privilege": "DescribeJob", + "description": "Grants permission to retrieve the configuration parameters and status for a batch operations job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeJob.html" + }, + "DescribeMultiRegionAccessPointOperation": { + "privilege": "DescribeMultiRegionAccessPointOperation", + "description": "Grants permission to retrieve the configurations for a Multi-Region Access Point", + "access_level": "Read", + "resource_types": { + "multiregionaccesspointrequestarn": { + "resource_type": "multiregionaccesspointrequestarn", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspointrequestarn": "multiregionaccesspointrequestarn", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DescribeMultiRegionAccessPointOperation.html" + }, + "GetAccelerateConfiguration": { + "privilege": "GetAccelerateConfiguration", + "description": "Grants permission to uses the accelerate subresource to return the Transfer Acceleration state of a bucket, which is either Enabled or Suspended", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html" + }, + "GetAccessPoint": { + "privilege": "GetAccessPoint", + "description": "Grants permission to return configuration information about the specified access point", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html" + }, + "GetAccessPointConfigurationForObjectLambda": { + "privilege": "GetAccessPointConfigurationForObjectLambda", + "description": "Grants permission to retrieve the configuration of the object lambda enabled access point", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointArn", + "s3:DataAccessPointAccount", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointConfigurationForObjectLambda.html" + }, + "GetAccessPointForObjectLambda": { + "privilege": "GetAccessPointForObjectLambda", + "description": "Grants permission to create an object lambda enabled accesspoint", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointForObjectLambda.html" + }, + "GetAccessPointPolicy": { + "privilege": "GetAccessPointPolicy", + "description": "Grants permission to returns the access point policy associated with the specified access point", + "access_level": "Read", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html" + }, + "GetAccessPointPolicyForObjectLambda": { + "privilege": "GetAccessPointPolicyForObjectLambda", + "description": "Grants permission to returns the access point policy associated with the specified object lambda enabled access point", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyForObjectLambda.html" + }, + "GetAccessPointPolicyStatus": { + "privilege": "GetAccessPointPolicyStatus", + "description": "Grants permission to return the policy status for a specific access point policy", + "access_level": "Read", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyStatus.html" + }, + "GetAccessPointPolicyStatusForObjectLambda": { + "privilege": "GetAccessPointPolicyStatusForObjectLambda", + "description": "Grants permission to return the policy status for a specific object lambda access point policy", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicyStatusForObjectLambda.html" + }, + "GetAccountPublicAccessBlock": { + "privilege": "GetAccountPublicAccessBlock", + "description": "Grants permission to retrieve the PublicAccessBlock configuration for an AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetPublicAccessBlock.html" + }, + "GetAnalyticsConfiguration": { + "privilege": "GetAnalyticsConfiguration", + "description": "Grants permission to get an analytics configuration from an Amazon S3 bucket, identified by the analytics configuration ID", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html" + }, + "GetBucketAcl": { + "privilege": "GetBucketAcl", + "description": "Grants permission to use the acl subresource to return the access control list (ACL) of an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAcl.html" + }, + "GetBucketCORS": { + "privilege": "GetBucketCORS", + "description": "Grants permission to return the CORS configuration information set for an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html" + }, + "GetBucketLocation": { + "privilege": "GetBucketLocation", + "description": "Grants permission to return the Region that an Amazon S3 bucket resides in", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLocation.html" + }, + "GetBucketLogging": { + "privilege": "GetBucketLogging", + "description": "Grants permission to return the logging status of an Amazon S3 bucket and the permissions users have to view or modify that status", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html" + }, + "GetBucketNotification": { + "privilege": "GetBucketNotification", + "description": "Grants permission to get the notification configuration of an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotification.html" + }, + "GetBucketObjectLockConfiguration": { + "privilege": "GetBucketObjectLockConfiguration", + "description": "Grants permission to get the Object Lock configuration of an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:signatureversion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLockConfiguration.html" + }, + "GetBucketOwnershipControls": { + "privilege": "GetBucketOwnershipControls", + "description": "Grants permission to retrieve ownership controls on a bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketOwnershipControls.html" + }, + "GetBucketPolicy": { + "privilege": "GetBucketPolicy", + "description": "Grants permission to return the policy of the specified bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicy.html" + }, + "GetBucketPolicyStatus": { + "privilege": "GetBucketPolicyStatus", + "description": "Grants permission to retrieve the policy status for a specific Amazon S3 bucket, which indicates whether the bucket is public", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html" + }, + "GetBucketPublicAccessBlock": { + "privilege": "GetBucketPublicAccessBlock", + "description": "Grants permission to retrieve the PublicAccessBlock configuration for an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html" + }, + "GetBucketRequestPayment": { + "privilege": "GetBucketRequestPayment", + "description": "Grants permission to return the request payment configuration for an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html" + }, + "GetBucketTagging": { + "privilege": "GetBucketTagging", + "description": "Grants permission to return the tag set associated with an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html" + }, + "GetBucketVersioning": { + "privilege": "GetBucketVersioning", + "description": "Grants permission to return the versioning state of an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html" + }, + "GetBucketWebsite": { + "privilege": "GetBucketWebsite", + "description": "Grants permission to return the website configuration for an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html" + }, + "GetEncryptionConfiguration": { + "privilege": "GetEncryptionConfiguration", + "description": "Grants permission to return the default encryption configuration an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html" + }, + "GetIntelligentTieringConfiguration": { + "privilege": "GetIntelligentTieringConfiguration", + "description": "Grants permission to get an or list all Amazon S3 Intelligent Tiering configuration in a S3 Bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html" + }, + "GetInventoryConfiguration": { + "privilege": "GetInventoryConfiguration", + "description": "Grants permission to return an inventory configuration from an Amazon S3 bucket, identified by the inventory configuration ID", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html" + }, + "GetJobTagging": { + "privilege": "GetJobTagging", + "description": "Grants permission to return the tag set of an existing Amazon S3 Batch Operations job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetJobTagging.html" + }, + "GetLifecycleConfiguration": { + "privilege": "GetLifecycleConfiguration", + "description": "Grants permission to return the lifecycle configuration information set on an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html" + }, + "GetMetricsConfiguration": { + "privilege": "GetMetricsConfiguration", + "description": "Grants permission to get a metrics configuration from an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html" + }, + "GetMultiRegionAccessPoint": { + "privilege": "GetMultiRegionAccessPoint", + "description": "Grants permission to return configuration information about the specified Multi-Region Access Point", + "access_level": "Read", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPoint.html" + }, + "GetMultiRegionAccessPointPolicy": { + "privilege": "GetMultiRegionAccessPointPolicy", + "description": "Grants permission to returns the access point policy associated with the specified Multi-Region Access Point", + "access_level": "Read", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicy.html" + }, + "GetMultiRegionAccessPointPolicyStatus": { + "privilege": "GetMultiRegionAccessPointPolicyStatus", + "description": "Grants permission to return the policy status for a specific Multi-Region Access Point policy", + "access_level": "Read", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointPolicyStatus.html" + }, + "GetMultiRegionAccessPointRoutes": { + "privilege": "GetMultiRegionAccessPointRoutes", + "description": "Grants permission to return the route configuration for a Multi-Region Access Point", + "access_level": "Read", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetMultiRegionAccessPointRoutes.html" + }, + "GetObject": { + "privilege": "GetObject", + "description": "Grants permission to retrieve objects from Amazon S3", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetObjectAcl": { + "privilege": "GetObjectAcl", + "description": "Grants permission to return the access control list (ACL) of an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" + }, + "GetObjectAttributes": { + "privilege": "GetObjectAttributes", + "description": "Grants permission to retrieve attributes related to a specific object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html" + }, + "GetObjectLegalHold": { + "privilege": "GetObjectLegalHold", + "description": "Grants permission to get an object's current Legal Hold status", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html" + }, + "GetObjectRetention": { + "privilege": "GetObjectRetention", + "description": "Grants permission to retrieve the retention settings for an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html" + }, + "GetObjectTagging": { + "privilege": "GetObjectTagging", + "description": "Grants permission to return the tag set of an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html" + }, + "GetObjectTorrent": { + "privilege": "GetObjectTorrent", + "description": "Grants permission to return torrent files from an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTorrent.html" + }, + "GetObjectVersion": { + "privilege": "GetObjectVersion", + "description": "Grants permission to retrieve a specific version of an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetObjectVersionAcl": { + "privilege": "GetObjectVersionAcl", + "description": "Grants permission to return the access control list (ACL) of a specific object version", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" + }, + "GetObjectVersionAttributes": { + "privilege": "GetObjectVersionAttributes", + "description": "Grants permission to retrieve attributes related to a specific version of an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html" + }, + "GetObjectVersionForReplication": { + "privilege": "GetObjectVersionForReplication", + "description": "Grants permission to replicate both unencrypted objects and objects encrypted with SSE-S3 or SSE-KMS", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-config-for-kms-objects.html" + }, + "GetObjectVersionTagging": { + "privilege": "GetObjectVersionTagging", + "description": "Grants permission to return the tag set for a specific version of the object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" + }, + "GetObjectVersionTorrent": { + "privilege": "GetObjectVersionTorrent", + "description": "Grants permission to get Torrent files about a different version using the versionId subresource", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTorrent.html" + }, + "GetReplicationConfiguration": { + "privilege": "GetReplicationConfiguration", + "description": "Grants permission to get the replication configuration information set on an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html" + }, + "GetStorageLensConfiguration": { + "privilege": "GetStorageLensConfiguration", + "description": "Grants permission to get an Amazon S3 Storage Lens configuration", + "access_level": "Read", + "resource_types": { + "storagelensconfiguration": { + "resource_type": "storagelensconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagelensconfiguration": "storagelensconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetStorageLensConfiguration.html" + }, + "GetStorageLensConfigurationTagging": { + "privilege": "GetStorageLensConfigurationTagging", + "description": "Grants permission to get the tag set of an existing Amazon S3 Storage Lens configuration", + "access_level": "Read", + "resource_types": { + "storagelensconfiguration": { + "resource_type": "storagelensconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagelensconfiguration": "storagelensconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetStorageLensConfigurationTagging.html" + }, + "GetStorageLensDashboard": { + "privilege": "GetStorageLensDashboard", + "description": "Grants permission to get an Amazon S3 Storage Lens dashboard", + "access_level": "Read", + "resource_types": { + "storagelensconfiguration": { + "resource_type": "storagelensconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagelensconfiguration": "storagelensconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage_lens_dashboard.html" + }, + "InitiateReplication": { + "privilege": "InitiateReplication", + "description": "Grants permission to initiate the replication process by setting replication status of an object to pending", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:ResourceAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" + }, + "ListAccessPoints": { + "privilege": "ListAccessPoints", + "description": "Grants permission to list access points", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html" + }, + "ListAccessPointsForObjectLambda": { + "privilege": "ListAccessPointsForObjectLambda", + "description": "Grants permission to list object lambda enabled accesspoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPointsForObjectLambda.html" + }, + "ListAllMyBuckets": { + "privilege": "ListAllMyBuckets", + "description": "Grants permission to list all buckets owned by the authenticated sender of the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html" + }, + "ListBucket": { + "privilege": "ListBucket", + "description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)", + "access_level": "List", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:delimiter", + "s3:max-keys", + "s3:prefix", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html" + }, + "ListBucketMultipartUploads": { + "privilege": "ListBucketMultipartUploads", + "description": "Grants permission to list in-progress multipart uploads", + "access_level": "List", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html" + }, + "ListBucketVersions": { + "privilege": "ListBucketVersions", + "description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket", + "access_level": "List", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:delimiter", + "s3:max-keys", + "s3:prefix", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectVersions.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list current jobs and jobs that have ended recently", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListJobs.html" + }, + "ListMultiRegionAccessPoints": { + "privilege": "ListMultiRegionAccessPoints", + "description": "Grants permission to list Multi-Region Access Points", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListMultiRegionAccessPoints.html" + }, + "ListMultipartUploadParts": { + "privilege": "ListMultipartUploadParts", + "description": "Grants permission to list the parts that have been uploaded for a specific multipart upload", + "access_level": "List", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html" + }, + "ListStorageLensConfigurations": { + "privilege": "ListStorageLensConfigurations", + "description": "Grants permission to list Amazon S3 Storage Lens configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListStorageLensConfigurations.html" + }, + "ObjectOwnerOverrideToBucketOwner": { + "privilege": "ObjectOwnerOverrideToBucketOwner", + "description": "Grants permission to change replica ownership", + "access_level": "Permissions management", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-change-owner.html#repl-ownership-add-role-permission" + }, + "PutAccelerateConfiguration": { + "privilege": "PutAccelerateConfiguration", + "description": "Grants permission to use the accelerate subresource to set the Transfer Acceleration state of an existing S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html" + }, + "PutAccessPointConfigurationForObjectLambda": { + "privilege": "PutAccessPointConfigurationForObjectLambda", + "description": "Grants permission to set the configuration of the object lambda enabled access point", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointArn", + "s3:DataAccessPointAccount", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointConfigurationForObjectLambda.html" + }, + "PutAccessPointPolicy": { + "privilege": "PutAccessPointPolicy", + "description": "Grants permission to associate an access policy with a specified access point", + "access_level": "Permissions management", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html" + }, + "PutAccessPointPolicyForObjectLambda": { + "privilege": "PutAccessPointPolicyForObjectLambda", + "description": "Grants permission to associate an access policy with a specified object lambda enabled access point", + "access_level": "Permissions management", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicyForObjectLambda.html" + }, + "PutAccessPointPublicAccessBlock": { + "privilege": "PutAccessPointPublicAccessBlock", + "description": "Grants permission to associate public access block configurations with a specified access point, while creating a access point", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html#access-control-block-public-access-examples-access-point" + }, + "PutAccountPublicAccessBlock": { + "privilege": "PutAccountPublicAccessBlock", + "description": "Grants permission to create or modify the PublicAccessBlock configuration for an AWS account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutPublicAccessBlock.html" + }, + "PutAnalyticsConfiguration": { + "privilege": "PutAnalyticsConfiguration", + "description": "Grants permission to set an analytics configuration for the bucket, specified by the analytics configuration ID", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html" + }, + "PutBucketAcl": { + "privilege": "PutBucketAcl", + "description": "Grants permission to set the permissions on an existing bucket using access control lists (ACLs)", + "access_level": "Permissions management", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-acl", + "s3:x-amz-content-sha256", + "s3:x-amz-grant-full-control", + "s3:x-amz-grant-read", + "s3:x-amz-grant-read-acp", + "s3:x-amz-grant-write", + "s3:x-amz-grant-write-acp" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAcl.html" + }, + "PutBucketCORS": { + "privilege": "PutBucketCORS", + "description": "Grants permission to set the CORS configuration for an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html" + }, + "PutBucketLogging": { + "privilege": "PutBucketLogging", + "description": "Grants permission to set the logging parameters for an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLogging.html" + }, + "PutBucketNotification": { + "privilege": "PutBucketNotification", + "description": "Grants permission to receive notifications when certain events happen in an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotification.html" + }, + "PutBucketObjectLockConfiguration": { + "privilege": "PutBucketObjectLockConfiguration", + "description": "Grants permission to put Object Lock configuration on a specific bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:TlsVersion", + "s3:signatureversion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLockConfiguration.html" + }, + "PutBucketOwnershipControls": { + "privilege": "PutBucketOwnershipControls", + "description": "Grants permission to add, replace or delete ownership controls on a bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketOwnershipControls.html" + }, + "PutBucketPolicy": { + "privilege": "PutBucketPolicy", + "description": "Grants permission to add or replace a bucket policy on a bucket", + "access_level": "Permissions management", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketPolicy.html" + }, + "PutBucketPublicAccessBlock": { + "privilege": "PutBucketPublicAccessBlock", + "description": "Grants permission to create or modify the PublicAccessBlock configuration for a specific Amazon S3 bucket", + "access_level": "Permissions management", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html" + }, + "PutBucketRequestPayment": { + "privilege": "PutBucketRequestPayment", + "description": "Grants permission to set the request payment configuration of a bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketRequestPayment.html" + }, + "PutBucketTagging": { + "privilege": "PutBucketTagging", + "description": "Grants permission to add a set of tags to an existing Amazon S3 bucket", + "access_level": "Tagging", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html" + }, + "PutBucketVersioning": { + "privilege": "PutBucketVersioning", + "description": "Grants permission to set the versioning state of an existing Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html" + }, + "PutBucketWebsite": { + "privilege": "PutBucketWebsite", + "description": "Grants permission to set the configuration of the website that is specified in the website subresource", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html" + }, + "PutEncryptionConfiguration": { + "privilege": "PutEncryptionConfiguration", + "description": "Grants permission to set the encryption configuration for an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html" + }, + "PutIntelligentTieringConfiguration": { + "privilege": "PutIntelligentTieringConfiguration", + "description": "Grants permission to create new or update or delete an existing Amazon S3 Intelligent Tiering configuration", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html" + }, + "PutInventoryConfiguration": { + "privilege": "PutInventoryConfiguration", + "description": "Grants permission to add an inventory configuration to the bucket, identified by the inventory ID", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html" + }, + "PutJobTagging": { + "privilege": "PutJobTagging", + "description": "Grants permission to replace tags on an existing Amazon S3 Batch Operations job", + "access_level": "Tagging", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:ExistingJobPriority", + "s3:ExistingJobOperation", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutJobTagging.html" + }, + "PutLifecycleConfiguration": { + "privilege": "PutLifecycleConfiguration", + "description": "Grants permission to create a new lifecycle configuration for the bucket or replace an existing lifecycle configuration", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html" + }, + "PutMetricsConfiguration": { + "privilege": "PutMetricsConfiguration", + "description": "Grants permission to set or update a metrics configuration for the CloudWatch request metrics from an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html" + }, + "PutMultiRegionAccessPointPolicy": { + "privilege": "PutMultiRegionAccessPointPolicy", + "description": "Grants permission to associate an access policy with a specified Multi-Region Access Point", + "access_level": "Permissions management", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutMultiRegionAccessPointPolicy.html" + }, + "PutObject": { + "privilege": "PutObject", + "description": "Grants permission to add an object to a bucket", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:RequestObjectTag/", + "s3:RequestObjectTagKeys", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-acl", + "s3:x-amz-content-sha256", + "s3:x-amz-copy-source", + "s3:x-amz-grant-full-control", + "s3:x-amz-grant-read", + "s3:x-amz-grant-read-acp", + "s3:x-amz-grant-write", + "s3:x-amz-grant-write-acp", + "s3:x-amz-metadata-directive", + "s3:x-amz-server-side-encryption", + "s3:x-amz-server-side-encryption-aws-kms-key-id", + "s3:x-amz-server-side-encryption-customer-algorithm", + "s3:x-amz-storage-class", + "s3:x-amz-website-redirect-location", + "s3:object-lock-mode", + "s3:object-lock-retain-until-date", + "s3:object-lock-remaining-retention-days", + "s3:object-lock-legal-hold" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" + }, + "PutObjectAcl": { + "privilege": "PutObjectAcl", + "description": "Grants permission to set the access control list (ACL) permissions for new or existing objects in an S3 bucket", + "access_level": "Permissions management", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-acl", + "s3:x-amz-content-sha256", + "s3:x-amz-grant-full-control", + "s3:x-amz-grant-read", + "s3:x-amz-grant-read-acp", + "s3:x-amz-grant-write", + "s3:x-amz-grant-write-acp", + "s3:x-amz-storage-class" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" + }, + "PutObjectLegalHold": { + "privilege": "PutObjectLegalHold", + "description": "Grants permission to apply a Legal Hold configuration to the specified object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:object-lock-legal-hold" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLegalHold.html" + }, + "PutObjectRetention": { + "privilege": "PutObjectRetention", + "description": "Grants permission to place an Object Retention configuration on an object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:object-lock-mode", + "s3:object-lock-retain-until-date", + "s3:object-lock-remaining-retention-days" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectRetention.html" + }, + "PutObjectTagging": { + "privilege": "PutObjectTagging", + "description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:RequestObjectTag/", + "s3:RequestObjectTagKeys", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" + }, + "PutObjectVersionAcl": { + "privilege": "PutObjectVersionAcl", + "description": "Grants permission to use the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket", + "access_level": "Permissions management", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-acl", + "s3:x-amz-content-sha256", + "s3:x-amz-grant-full-control", + "s3:x-amz-grant-read", + "s3:x-amz-grant-read-acp", + "s3:x-amz-grant-write", + "s3:x-amz-grant-write-acp", + "s3:x-amz-storage-class" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" + }, + "PutObjectVersionTagging": { + "privilege": "PutObjectVersionTagging", + "description": "Grants permission to set the supplied tag-set for a specific version of an object", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:ExistingObjectTag/", + "s3:RequestObjectTag/", + "s3:RequestObjectTagKeys", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:versionid", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" + }, + "PutReplicationConfiguration": { + "privilege": "PutReplicationConfiguration", + "description": "Grants permission to create a new replication configuration or replace an existing one", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html" + }, + "PutStorageLensConfiguration": { + "privilege": "PutStorageLensConfiguration", + "description": "Grants permission to create or update an Amazon S3 Storage Lens configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutStorageLensConfiguration.html" + }, + "PutStorageLensConfigurationTagging": { + "privilege": "PutStorageLensConfigurationTagging", + "description": "Grants permission to put or replace tags on an existing Amazon S3 Storage Lens configuration", + "access_level": "Tagging", + "resource_types": { + "storagelensconfiguration": { + "resource_type": "storagelensconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagelensconfiguration": "storagelensconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutStorageLensConfigurationTagging.html" + }, + "ReplicateDelete": { + "privilege": "ReplicateDelete", + "description": "Grants permission to replicate delete markers to the destination bucket", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" + }, + "ReplicateObject": { + "privilege": "ReplicateObject", + "description": "Grants permission to replicate objects and object tags to the destination bucket", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:x-amz-server-side-encryption", + "s3:x-amz-server-side-encryption-aws-kms-key-id", + "s3:x-amz-server-side-encryption-customer-algorithm" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" + }, + "ReplicateTags": { + "privilege": "ReplicateTags", + "description": "Grants permission to replicate object tags to the destination bucket", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html" + }, + "RestoreObject": { + "privilege": "RestoreObject", + "description": "Grants permission to restore an archived copy of an object back into Amazon S3", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html" + }, + "SubmitMultiRegionAccessPointRoutes": { + "privilege": "SubmitMultiRegionAccessPointRoutes", + "description": "Grants permission to submit a route configuration update for a Multi-Region Access Point", + "access_level": "Write", + "resource_types": { + "multiregionaccesspoint": { + "resource_type": "multiregionaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:DataAccessPointAccount", + "s3:DataAccessPointArn", + "s3:AccessPointNetworkOrigin", + "s3:authType", + "s3:ResourceAccount", + "s3:signatureversion", + "s3:signatureAge", + "s3:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiregionaccesspoint": "multiregionaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_SubmitMultiRegionAccessPointRoutes.html" + }, + "UpdateJobPriority": { + "privilege": "UpdateJobPriority", + "description": "Grants permission to update the priority of an existing job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:RequestJobPriority", + "s3:ExistingJobPriority", + "s3:ExistingJobOperation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobPriority.html" + }, + "UpdateJobStatus": { + "privilege": "UpdateJobStatus", + "description": "Grants permission to update the status for the specified job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3:authType", + "s3:ResourceAccount", + "s3:signatureAge", + "s3:signatureversion", + "s3:TlsVersion", + "s3:x-amz-content-sha256", + "s3:ExistingJobPriority", + "s3:ExistingJobOperation", + "s3:JobSuspendedCause" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UpdateJobStatus.html" + } + }, + "privileges_lower_name": { + "abortmultipartupload": "AbortMultipartUpload", + "bypassgovernanceretention": "BypassGovernanceRetention", + "createaccesspoint": "CreateAccessPoint", + "createaccesspointforobjectlambda": "CreateAccessPointForObjectLambda", + "createbucket": "CreateBucket", + "createjob": "CreateJob", + "createmultiregionaccesspoint": "CreateMultiRegionAccessPoint", + "deleteaccesspoint": "DeleteAccessPoint", + "deleteaccesspointforobjectlambda": "DeleteAccessPointForObjectLambda", + "deleteaccesspointpolicy": "DeleteAccessPointPolicy", + "deleteaccesspointpolicyforobjectlambda": "DeleteAccessPointPolicyForObjectLambda", + "deletebucket": "DeleteBucket", + "deletebucketpolicy": "DeleteBucketPolicy", + "deletebucketwebsite": "DeleteBucketWebsite", + "deletejobtagging": "DeleteJobTagging", + "deletemultiregionaccesspoint": "DeleteMultiRegionAccessPoint", + "deleteobject": "DeleteObject", + "deleteobjecttagging": "DeleteObjectTagging", + "deleteobjectversion": "DeleteObjectVersion", + "deleteobjectversiontagging": "DeleteObjectVersionTagging", + "deletestoragelensconfiguration": "DeleteStorageLensConfiguration", + "deletestoragelensconfigurationtagging": "DeleteStorageLensConfigurationTagging", + "describejob": "DescribeJob", + "describemultiregionaccesspointoperation": "DescribeMultiRegionAccessPointOperation", + "getaccelerateconfiguration": "GetAccelerateConfiguration", + "getaccesspoint": "GetAccessPoint", + "getaccesspointconfigurationforobjectlambda": "GetAccessPointConfigurationForObjectLambda", + "getaccesspointforobjectlambda": "GetAccessPointForObjectLambda", + "getaccesspointpolicy": "GetAccessPointPolicy", + "getaccesspointpolicyforobjectlambda": "GetAccessPointPolicyForObjectLambda", + "getaccesspointpolicystatus": "GetAccessPointPolicyStatus", + "getaccesspointpolicystatusforobjectlambda": "GetAccessPointPolicyStatusForObjectLambda", + "getaccountpublicaccessblock": "GetAccountPublicAccessBlock", + "getanalyticsconfiguration": "GetAnalyticsConfiguration", + "getbucketacl": "GetBucketAcl", + "getbucketcors": "GetBucketCORS", + "getbucketlocation": "GetBucketLocation", + "getbucketlogging": "GetBucketLogging", + "getbucketnotification": "GetBucketNotification", + "getbucketobjectlockconfiguration": "GetBucketObjectLockConfiguration", + "getbucketownershipcontrols": "GetBucketOwnershipControls", + "getbucketpolicy": "GetBucketPolicy", + "getbucketpolicystatus": "GetBucketPolicyStatus", + "getbucketpublicaccessblock": "GetBucketPublicAccessBlock", + "getbucketrequestpayment": "GetBucketRequestPayment", + "getbuckettagging": "GetBucketTagging", + "getbucketversioning": "GetBucketVersioning", + "getbucketwebsite": "GetBucketWebsite", + "getencryptionconfiguration": "GetEncryptionConfiguration", + "getintelligenttieringconfiguration": "GetIntelligentTieringConfiguration", + "getinventoryconfiguration": "GetInventoryConfiguration", + "getjobtagging": "GetJobTagging", + "getlifecycleconfiguration": "GetLifecycleConfiguration", + "getmetricsconfiguration": "GetMetricsConfiguration", + "getmultiregionaccesspoint": "GetMultiRegionAccessPoint", + "getmultiregionaccesspointpolicy": "GetMultiRegionAccessPointPolicy", + "getmultiregionaccesspointpolicystatus": "GetMultiRegionAccessPointPolicyStatus", + "getmultiregionaccesspointroutes": "GetMultiRegionAccessPointRoutes", + "getobject": "GetObject", + "getobjectacl": "GetObjectAcl", + "getobjectattributes": "GetObjectAttributes", + "getobjectlegalhold": "GetObjectLegalHold", + "getobjectretention": "GetObjectRetention", + "getobjecttagging": "GetObjectTagging", + "getobjecttorrent": "GetObjectTorrent", + "getobjectversion": "GetObjectVersion", + "getobjectversionacl": "GetObjectVersionAcl", + "getobjectversionattributes": "GetObjectVersionAttributes", + "getobjectversionforreplication": "GetObjectVersionForReplication", + "getobjectversiontagging": "GetObjectVersionTagging", + "getobjectversiontorrent": "GetObjectVersionTorrent", + "getreplicationconfiguration": "GetReplicationConfiguration", + "getstoragelensconfiguration": "GetStorageLensConfiguration", + "getstoragelensconfigurationtagging": "GetStorageLensConfigurationTagging", + "getstoragelensdashboard": "GetStorageLensDashboard", + "initiatereplication": "InitiateReplication", + "listaccesspoints": "ListAccessPoints", + "listaccesspointsforobjectlambda": "ListAccessPointsForObjectLambda", + "listallmybuckets": "ListAllMyBuckets", + "listbucket": "ListBucket", + "listbucketmultipartuploads": "ListBucketMultipartUploads", + "listbucketversions": "ListBucketVersions", + "listjobs": "ListJobs", + "listmultiregionaccesspoints": "ListMultiRegionAccessPoints", + "listmultipartuploadparts": "ListMultipartUploadParts", + "liststoragelensconfigurations": "ListStorageLensConfigurations", + "objectowneroverridetobucketowner": "ObjectOwnerOverrideToBucketOwner", + "putaccelerateconfiguration": "PutAccelerateConfiguration", + "putaccesspointconfigurationforobjectlambda": "PutAccessPointConfigurationForObjectLambda", + "putaccesspointpolicy": "PutAccessPointPolicy", + "putaccesspointpolicyforobjectlambda": "PutAccessPointPolicyForObjectLambda", + "putaccesspointpublicaccessblock": "PutAccessPointPublicAccessBlock", + "putaccountpublicaccessblock": "PutAccountPublicAccessBlock", + "putanalyticsconfiguration": "PutAnalyticsConfiguration", + "putbucketacl": "PutBucketAcl", + "putbucketcors": "PutBucketCORS", + "putbucketlogging": "PutBucketLogging", + "putbucketnotification": "PutBucketNotification", + "putbucketobjectlockconfiguration": "PutBucketObjectLockConfiguration", + "putbucketownershipcontrols": "PutBucketOwnershipControls", + "putbucketpolicy": "PutBucketPolicy", + "putbucketpublicaccessblock": "PutBucketPublicAccessBlock", + "putbucketrequestpayment": "PutBucketRequestPayment", + "putbuckettagging": "PutBucketTagging", + "putbucketversioning": "PutBucketVersioning", + "putbucketwebsite": "PutBucketWebsite", + "putencryptionconfiguration": "PutEncryptionConfiguration", + "putintelligenttieringconfiguration": "PutIntelligentTieringConfiguration", + "putinventoryconfiguration": "PutInventoryConfiguration", + "putjobtagging": "PutJobTagging", + "putlifecycleconfiguration": "PutLifecycleConfiguration", + "putmetricsconfiguration": "PutMetricsConfiguration", + "putmultiregionaccesspointpolicy": "PutMultiRegionAccessPointPolicy", + "putobject": "PutObject", + "putobjectacl": "PutObjectAcl", + "putobjectlegalhold": "PutObjectLegalHold", + "putobjectretention": "PutObjectRetention", + "putobjecttagging": "PutObjectTagging", + "putobjectversionacl": "PutObjectVersionAcl", + "putobjectversiontagging": "PutObjectVersionTagging", + "putreplicationconfiguration": "PutReplicationConfiguration", + "putstoragelensconfiguration": "PutStorageLensConfiguration", + "putstoragelensconfigurationtagging": "PutStorageLensConfigurationTagging", + "replicatedelete": "ReplicateDelete", + "replicateobject": "ReplicateObject", + "replicatetags": "ReplicateTags", + "restoreobject": "RestoreObject", + "submitmultiregionaccesspointroutes": "SubmitMultiRegionAccessPointRoutes", + "updatejobpriority": "UpdateJobPriority", + "updatejobstatus": "UpdateJobStatus" + }, + "resources": { + "accesspoint": { + "resource": "accesspoint", + "arn": "arn:${Partition}:s3:${Region}:${Account}:accesspoint/${AccessPointName}", + "condition_keys": [] + }, + "bucket": { + "resource": "bucket", + "arn": "arn:${Partition}:s3:::${BucketName}", + "condition_keys": [] + }, + "object": { + "resource": "object", + "arn": "arn:${Partition}:s3:::${BucketName}/${ObjectName}", + "condition_keys": [] + }, + "job": { + "resource": "job", + "arn": "arn:${Partition}:s3:${Region}:${Account}:job/${JobId}", + "condition_keys": [] + }, + "storagelensconfiguration": { + "resource": "storagelensconfiguration", + "arn": "arn:${Partition}:s3:${Region}:${Account}:storage-lens/${ConfigId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "objectlambdaaccesspoint": { + "resource": "objectlambdaaccesspoint", + "arn": "arn:${Partition}:s3-object-lambda:${Region}:${Account}:accesspoint/${AccessPointName}", + "condition_keys": [] + }, + "multiregionaccesspoint": { + "resource": "multiregionaccesspoint", + "arn": "arn:${Partition}:s3::${Account}:accesspoint/${AccessPointAlias}", + "condition_keys": [] + }, + "multiregionaccesspointrequestarn": { + "resource": "multiregionaccesspointrequestarn", + "arn": "arn:${Partition}:s3:us-west-2:${Account}:async-request/mrap/${Operation}/${Token}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "accesspoint": "accesspoint", + "bucket": "bucket", + "object": "object", + "job": "job", + "storagelensconfiguration": "storagelensconfiguration", + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "multiregionaccesspoint": "multiregionaccesspoint", + "multiregionaccesspointrequestarn": "multiregionaccesspointrequestarn" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "s3:AccessPointNetworkOrigin": { + "condition": "s3:AccessPointNetworkOrigin", + "description": "Filters access by the network origin (Internet or VPC)", + "type": "String" + }, + "s3:DataAccessPointAccount": { + "condition": "s3:DataAccessPointAccount", + "description": "Filters access by the AWS Account ID that owns the access point", + "type": "String" + }, + "s3:DataAccessPointArn": { + "condition": "s3:DataAccessPointArn", + "description": "Filters access by an access point Amazon Resource Name (ARN)", + "type": "ARN" + }, + "s3:ExistingJobOperation": { + "condition": "s3:ExistingJobOperation", + "description": "Filters access by operation to updating the job priority", + "type": "String" + }, + "s3:ExistingJobPriority": { + "condition": "s3:ExistingJobPriority", + "description": "Filters access by priority range to cancelling existing jobs", + "type": "Numeric" + }, + "s3:ExistingObjectTag/": { + "condition": "s3:ExistingObjectTag/", + "description": "Filters access by existing object tag key and value", + "type": "String" + }, + "s3:JobSuspendedCause": { + "condition": "s3:JobSuspendedCause", + "description": "Filters access by a specific job suspended cause (for example, AWAITING_CONFIRMATION) to cancelling suspended jobs", + "type": "String" + }, + "s3:RequestJobOperation": { + "condition": "s3:RequestJobOperation", + "description": "Filters access by operation to creating jobs", + "type": "String" + }, + "s3:RequestJobPriority": { + "condition": "s3:RequestJobPriority", + "description": "Filters access by priority range to creating new jobs", + "type": "Numeric" + }, + "s3:RequestObjectTag/": { + "condition": "s3:RequestObjectTag/", + "description": "Filters access by the tag keys and values to be added to objects", + "type": "String" + }, + "s3:RequestObjectTagKeys": { + "condition": "s3:RequestObjectTagKeys", + "description": "Filters access by the tag keys to be added to objects", + "type": "ArrayOfString" + }, + "s3:ResourceAccount": { + "condition": "s3:ResourceAccount", + "description": "Filters access by the resource owner AWS account ID", + "type": "String" + }, + "s3:TlsVersion": { + "condition": "s3:TlsVersion", + "description": "Filters access by the TLS version used by the client", + "type": "Numeric" + }, + "s3:authType": { + "condition": "s3:authType", + "description": "Filters access by authentication method", + "type": "String" + }, + "s3:delimiter": { + "condition": "s3:delimiter", + "description": "Filters access by delimiter parameter", + "type": "String" + }, + "s3:locationconstraint": { + "condition": "s3:locationconstraint", + "description": "Filters access by a specific Region", + "type": "String" + }, + "s3:max-keys": { + "condition": "s3:max-keys", + "description": "Filters access by maximum number of keys returned in a ListBucket request", + "type": "Numeric" + }, + "s3:object-lock-legal-hold": { + "condition": "s3:object-lock-legal-hold", + "description": "Filters access by object legal hold status", + "type": "String" + }, + "s3:object-lock-mode": { + "condition": "s3:object-lock-mode", + "description": "Filters access by object retention mode (COMPLIANCE or GOVERNANCE)", + "type": "String" + }, + "s3:object-lock-remaining-retention-days": { + "condition": "s3:object-lock-remaining-retention-days", + "description": "Filters access by remaining object retention days", + "type": "Numeric" + }, + "s3:object-lock-retain-until-date": { + "condition": "s3:object-lock-retain-until-date", + "description": "Filters access by object retain-until date", + "type": "Date" + }, + "s3:prefix": { + "condition": "s3:prefix", + "description": "Filters access by key name prefix", + "type": "String" + }, + "s3:signatureAge": { + "condition": "s3:signatureAge", + "description": "Filters access by the age in milliseconds of the request signature", + "type": "Numeric" + }, + "s3:signatureversion": { + "condition": "s3:signatureversion", + "description": "Filters access by the version of AWS Signature used on the request", + "type": "String" + }, + "s3:versionid": { + "condition": "s3:versionid", + "description": "Filters access by a specific object version", + "type": "String" + }, + "s3:x-amz-acl": { + "condition": "s3:x-amz-acl", + "description": "Filters access by canned ACL in the request's x-amz-acl header", + "type": "String" + }, + "s3:x-amz-content-sha256": { + "condition": "s3:x-amz-content-sha256", + "description": "Filters access by unsigned content in your bucket", + "type": "String" + }, + "s3:x-amz-copy-source": { + "condition": "s3:x-amz-copy-source", + "description": "Filters access by copy source bucket, prefix, or object in the copy object requests", + "type": "String" + }, + "s3:x-amz-grant-full-control": { + "condition": "s3:x-amz-grant-full-control", + "description": "Filters access by x-amz-grant-full-control (full control) header", + "type": "String" + }, + "s3:x-amz-grant-read": { + "condition": "s3:x-amz-grant-read", + "description": "Filters access by x-amz-grant-read (read access) header", + "type": "String" + }, + "s3:x-amz-grant-read-acp": { + "condition": "s3:x-amz-grant-read-acp", + "description": "Filters access by the x-amz-grant-read-acp (read permissions for the ACL) header", + "type": "String" + }, + "s3:x-amz-grant-write": { + "condition": "s3:x-amz-grant-write", + "description": "Filters access by the x-amz-grant-write (write access) header", + "type": "String" + }, + "s3:x-amz-grant-write-acp": { + "condition": "s3:x-amz-grant-write-acp", + "description": "Filters access by the x-amz-grant-write-acp (write permissions for the ACL) header", + "type": "String" + }, + "s3:x-amz-metadata-directive": { + "condition": "s3:x-amz-metadata-directive", + "description": "Filters access by object metadata behavior (COPY or REPLACE) when objects are copied", + "type": "String" + }, + "s3:x-amz-object-ownership": { + "condition": "s3:x-amz-object-ownership", + "description": "Filters access by Object Ownership", + "type": "String" + }, + "s3:x-amz-server-side-encryption": { + "condition": "s3:x-amz-server-side-encryption", + "description": "Filters access by server-side encryption", + "type": "String" + }, + "s3:x-amz-server-side-encryption-aws-kms-key-id": { + "condition": "s3:x-amz-server-side-encryption-aws-kms-key-id", + "description": "Filters access by AWS KMS customer managed CMK for server-side encryption", + "type": "String" + }, + "s3:x-amz-server-side-encryption-customer-algorithm": { + "condition": "s3:x-amz-server-side-encryption-customer-algorithm", + "description": "Filters access by customer specified algorithm for server-side encryption", + "type": "String" + }, + "s3:x-amz-storage-class": { + "condition": "s3:x-amz-storage-class", + "description": "Filters access by storage class", + "type": "String" + }, + "s3:x-amz-website-redirect-location": { + "condition": "s3:x-amz-website-redirect-location", + "description": "Filters access by a specific website redirect location for buckets that are configured as static websites", + "type": "String" + } + } + }, + "s3-object-lambda": { + "service_name": "Amazon S3 Object Lambda", + "prefix": "s3-object-lambda", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3objectlambda.html", + "privileges": { + "AbortMultipartUpload": { + "privilege": "AbortMultipartUpload", + "description": "Grants permission to abort a multipart upload", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html" + }, + "DeleteObject": { + "privilege": "DeleteObject", + "description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" + }, + "DeleteObjectTagging": { + "privilege": "DeleteObjectTagging", + "description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object", + "access_level": "Tagging", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" + }, + "DeleteObjectVersion": { + "privilege": "DeleteObjectVersion", + "description": "Grants permission to remove a specific version of an object", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion", + "s3-object-lambda:versionid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" + }, + "DeleteObjectVersionTagging": { + "privilege": "DeleteObjectVersionTagging", + "description": "Grants permission to remove the entire tag set for a specific version of the object", + "access_level": "Tagging", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion", + "s3-object-lambda:versionid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" + }, + "GetObject": { + "privilege": "GetObject", + "description": "Grants permission to retrieve objects from Amazon S3", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetObjectAcl": { + "privilege": "GetObjectAcl", + "description": "Grants permission to return the access control list (ACL) of an object", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" + }, + "GetObjectLegalHold": { + "privilege": "GetObjectLegalHold", + "description": "Grants permission to get an object's current Legal Hold status", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html" + }, + "GetObjectRetention": { + "privilege": "GetObjectRetention", + "description": "Grants permission to retrieve the retention settings for an object", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html" + }, + "GetObjectTagging": { + "privilege": "GetObjectTagging", + "description": "Grants permission to return the tag set of an object", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html" + }, + "GetObjectVersion": { + "privilege": "GetObjectVersion", + "description": "Grants permission to retrieve a specific version of an object", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion", + "s3-object-lambda:versionid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetObjectVersionAcl": { + "privilege": "GetObjectVersionAcl", + "description": "Grants permission to return the access control list (ACL) of a specific object version", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion", + "s3-object-lambda:versionid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html" + }, + "GetObjectVersionTagging": { + "privilege": "GetObjectVersionTagging", + "description": "Grants permission to return the tag set for a specific version of the object", + "access_level": "Read", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion", + "s3-object-lambda:versionid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/dev/setting-repl-config-perm-overview.html" + }, + "ListBucket": { + "privilege": "ListBucket", + "description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)", + "access_level": "List", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html" + }, + "ListBucketMultipartUploads": { + "privilege": "ListBucketMultipartUploads", + "description": "Grants permission to list in-progress multipart uploads", + "access_level": "List", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html" + }, + "ListBucketVersions": { + "privilege": "ListBucketVersions", + "description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket", + "access_level": "List", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectVersions.html" + }, + "ListMultipartUploadParts": { + "privilege": "ListMultipartUploadParts", + "description": "Grants permission to list the parts that have been uploaded for a specific multipart upload", + "access_level": "List", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html" + }, + "PutObject": { + "privilege": "PutObject", + "description": "Grants permission to add an object to a bucket", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" + }, + "PutObjectAcl": { + "privilege": "PutObjectAcl", + "description": "Grants permission to set the access control list (ACL) permissions for new or existing objects in an S3 bucket.", + "access_level": "Permissions management", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" + }, + "PutObjectLegalHold": { + "privilege": "PutObjectLegalHold", + "description": "Grants permission to apply a Legal Hold configuration to the specified object", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectLegalHold.html" + }, + "PutObjectRetention": { + "privilege": "PutObjectRetention", + "description": "Grants permission to place an Object Retention configuration on an object", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectRetention.html" + }, + "PutObjectTagging": { + "privilege": "PutObjectTagging", + "description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket", + "access_level": "Tagging", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" + }, + "PutObjectVersionAcl": { + "privilege": "PutObjectVersionAcl", + "description": "Grants permission to use the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket", + "access_level": "Permissions management", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion", + "s3-object-lambda:versionid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" + }, + "PutObjectVersionTagging": { + "privilege": "PutObjectVersionTagging", + "description": "Grants permission to set the supplied tag-set for a specific version of an object", + "access_level": "Tagging", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion", + "s3-object-lambda:versionid" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" + }, + "RestoreObject": { + "privilege": "RestoreObject", + "description": "Grants permission to restore an archived copy of an object back into Amazon S3", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html" + }, + "WriteGetObjectResponse": { + "privilege": "WriteGetObjectResponse", + "description": "Grants permission to provide data for GetObject requests send to S3 Object Lambda", + "access_level": "Write", + "resource_types": { + "objectlambdaaccesspoint": { + "resource_type": "objectlambdaaccesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-object-lambda:authType", + "s3-object-lambda:signatureAge", + "s3-object-lambda:TlsVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_WriteGetObjectResponse.html" + } + }, + "privileges_lower_name": { + "abortmultipartupload": "AbortMultipartUpload", + "deleteobject": "DeleteObject", + "deleteobjecttagging": "DeleteObjectTagging", + "deleteobjectversion": "DeleteObjectVersion", + "deleteobjectversiontagging": "DeleteObjectVersionTagging", + "getobject": "GetObject", + "getobjectacl": "GetObjectAcl", + "getobjectlegalhold": "GetObjectLegalHold", + "getobjectretention": "GetObjectRetention", + "getobjecttagging": "GetObjectTagging", + "getobjectversion": "GetObjectVersion", + "getobjectversionacl": "GetObjectVersionAcl", + "getobjectversiontagging": "GetObjectVersionTagging", + "listbucket": "ListBucket", + "listbucketmultipartuploads": "ListBucketMultipartUploads", + "listbucketversions": "ListBucketVersions", + "listmultipartuploadparts": "ListMultipartUploadParts", + "putobject": "PutObject", + "putobjectacl": "PutObjectAcl", + "putobjectlegalhold": "PutObjectLegalHold", + "putobjectretention": "PutObjectRetention", + "putobjecttagging": "PutObjectTagging", + "putobjectversionacl": "PutObjectVersionAcl", + "putobjectversiontagging": "PutObjectVersionTagging", + "restoreobject": "RestoreObject", + "writegetobjectresponse": "WriteGetObjectResponse" + }, + "resources": { + "objectlambdaaccesspoint": { + "resource": "objectlambdaaccesspoint", + "arn": "arn:${Partition}:s3-object-lambda:${Region}:${Account}:accesspoint/${AccessPointName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "objectlambdaaccesspoint": "objectlambdaaccesspoint" + }, + "conditions": { + "s3-object-lambda:TlsVersion": { + "condition": "s3-object-lambda:TlsVersion", + "description": "Filters access by the TLS version used by the client", + "type": "Numeric" + }, + "s3-object-lambda:authType": { + "condition": "s3-object-lambda:authType", + "description": "Filters access by authentication method", + "type": "String" + }, + "s3-object-lambda:signatureAge": { + "condition": "s3-object-lambda:signatureAge", + "description": "Filters access by the age in milliseconds of the request signature", + "type": "Numeric" + }, + "s3-object-lambda:versionid": { + "condition": "s3-object-lambda:versionid", + "description": "Filters access by a specific object version", + "type": "String" + } + } + }, + "s3-outposts": { + "service_name": "Amazon S3 on Outposts", + "prefix": "s3-outposts", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3onoutposts.html", + "privileges": { + "AbortMultipartUpload": { + "privilege": "AbortMultipartUpload", + "description": "Grants permission to abort a multipart upload", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointArn", + "s3-outposts:DataAccessPointAccount", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html" + }, + "CreateAccessPoint": { + "privilege": "CreateAccessPoint", + "description": "Grants permission to create a new access point", + "access_level": "Write", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessPoint.html" + }, + "CreateBucket": { + "privilege": "CreateBucket", + "description": "Grants permission to create a new bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html" + }, + "CreateEndpoint": { + "privilege": "CreateEndpoint", + "description": "Grants permission to create a new endpoint", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_CreateEndpoint.html" + }, + "DeleteAccessPoint": { + "privilege": "DeleteAccessPoint", + "description": "Grants permission to delete the access point named in the URI", + "access_level": "Write", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointArn", + "s3-outposts:DataAccessPointAccount", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPoint.html" + }, + "DeleteAccessPointPolicy": { + "privilege": "DeleteAccessPointPolicy", + "description": "Grants permission to delete the policy on a specified access point", + "access_level": "Permissions management", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointArn", + "s3-outposts:DataAccessPointAccount", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html" + }, + "DeleteBucket": { + "privilege": "DeleteBucket", + "description": "Grants permission to delete the bucket named in the URI", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucket.html" + }, + "DeleteBucketPolicy": { + "privilege": "DeleteBucketPolicy", + "description": "Grants permission to delete the policy on a specified bucket", + "access_level": "Permissions management", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html" + }, + "DeleteEndpoint": { + "privilege": "DeleteEndpoint", + "description": "Grants permission to delete the endpoint named in the URI", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_DeleteEndpoint.html" + }, + "DeleteObject": { + "privilege": "DeleteObject", + "description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" + }, + "DeleteObjectTagging": { + "privilege": "DeleteObjectTagging", + "description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" + }, + "DeleteObjectVersion": { + "privilege": "DeleteObjectVersion", + "description": "Grants permission to remove a specific version of an object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:versionid", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" + }, + "DeleteObjectVersionTagging": { + "privilege": "DeleteObjectVersionTagging", + "description": "Grants permission to remove the entire tag set for a specific version of the object", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:versionid", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html" + }, + "GetAccessPoint": { + "privilege": "GetAccessPoint", + "description": "Grants permission to return configuration information about the specified access point", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPoint.html" + }, + "GetAccessPointPolicy": { + "privilege": "GetAccessPointPolicy", + "description": "Grants permission to returns the access point policy associated with the specified access point", + "access_level": "Read", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html" + }, + "GetBucket": { + "privilege": "GetBucket", + "description": "Grants permission to return the bucket configuration associated with an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucket.html" + }, + "GetBucketPolicy": { + "privilege": "GetBucketPolicy", + "description": "Grants permission to return the policy of the specified bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketPolicy.html" + }, + "GetBucketTagging": { + "privilege": "GetBucketTagging", + "description": "Grants permission to return the tag set associated with an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketTagging.html" + }, + "GetBucketVersioning": { + "privilege": "GetBucketVersioning", + "description": "Grants permission to return the versioning state of an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html" + }, + "GetLifecycleConfiguration": { + "privilege": "GetLifecycleConfiguration", + "description": "Grants permission to return the lifecycle configuration information set on an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketLifecycleConfiguration.html" + }, + "GetObject": { + "privilege": "GetObject", + "description": "Grants permission to retrieve objects from Amazon S3", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetObjectTagging": { + "privilege": "GetObjectTagging", + "description": "Grants permission to return the tag set of an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html" + }, + "GetObjectVersion": { + "privilege": "GetObjectVersion", + "description": "Grants permission to retrieve a specific version of an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:versionid", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetObjectVersionForReplication": { + "privilege": "GetObjectVersionForReplication", + "description": "Grants permission to replicate both unencrypted objects and objects encrypted with SSE-KMS", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetObjectVersionTagging": { + "privilege": "GetObjectVersionTagging", + "description": "Grants permission to return the tag set for a specific version of the object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:versionid", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html" + }, + "GetReplicationConfiguration": { + "privilege": "GetReplicationConfiguration", + "description": "Grants permission to get the replication configuration information set on an Amazon S3 bucket", + "access_level": "Read", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketReplication.html" + }, + "ListAccessPoints": { + "privilege": "ListAccessPoints", + "description": "Grants permission to list access points", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListAccessPoints.html" + }, + "ListBucket": { + "privilege": "ListBucket", + "description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)", + "access_level": "List", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:delimiter", + "s3-outposts:max-keys", + "s3-outposts:prefix", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html" + }, + "ListBucketMultipartUploads": { + "privilege": "ListBucketMultipartUploads", + "description": "Grants permission to list in-progress multipart uploads", + "access_level": "List", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html" + }, + "ListBucketVersions": { + "privilege": "ListBucketVersions", + "description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket", + "access_level": "List", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:delimiter", + "s3-outposts:max-keys", + "s3-outposts:prefix", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectVersions.html" + }, + "ListEndpoints": { + "privilege": "ListEndpoints", + "description": "Grants permission to list endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListEndpoints.html" + }, + "ListMultipartUploadParts": { + "privilege": "ListMultipartUploadParts", + "description": "Grants permission to list the parts that have been uploaded for a specific multipart upload", + "access_level": "List", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html" + }, + "ListOutpostsWithS3": { + "privilege": "ListOutpostsWithS3", + "description": "Grants permission to list outposts with S3 capacity", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListOutpostsWithS3.html" + }, + "ListRegionalBuckets": { + "privilege": "ListRegionalBuckets", + "description": "Grants permission to list all buckets owned by the authenticated sender of the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListRegionalBuckets.html" + }, + "ListSharedEndpoints": { + "privilege": "ListSharedEndpoints", + "description": "Grants permission to list shared endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3outposts_ListSharedEndpoints.html" + }, + "PutAccessPointPolicy": { + "privilege": "PutAccessPointPolicy", + "description": "Grants permission to associate an access policy with a specified access point", + "access_level": "Permissions management", + "resource_types": { + "accesspoint": { + "resource_type": "accesspoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesspoint": "accesspoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html" + }, + "PutBucketPolicy": { + "privilege": "PutBucketPolicy", + "description": "Grants permission to add or replace a bucket policy on a bucket", + "access_level": "Permissions management", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketPolicy.html" + }, + "PutBucketTagging": { + "privilege": "PutBucketTagging", + "description": "Grants permission to add a set of tags to an existing Amazon S3 bucket", + "access_level": "Tagging", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketTagging.html" + }, + "PutBucketVersioning": { + "privilege": "PutBucketVersioning", + "description": "Grants permission to set the versioning state of an existing Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html" + }, + "PutLifecycleConfiguration": { + "privilege": "PutLifecycleConfiguration", + "description": "Grants permission to create a new lifecycle configuration for the bucket or replace an existing lifecycle configuration", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketLifecycleConfiguration.html" + }, + "PutObject": { + "privilege": "PutObject", + "description": "Grants permission to add an object to a bucket", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:RequestObjectTag/", + "s3-outposts:RequestObjectTagKeys", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-acl", + "s3-outposts:x-amz-content-sha256", + "s3-outposts:x-amz-copy-source", + "s3-outposts:x-amz-metadata-directive", + "s3-outposts:x-amz-server-side-encryption", + "s3-outposts:x-amz-storage-class" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" + }, + "PutObjectAcl": { + "privilege": "PutObjectAcl", + "description": "Grants permission to set the access control list (ACL) permissions for an object that already exists in a bucket", + "access_level": "Permissions management", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-acl", + "s3-outposts:x-amz-content-sha256", + "s3-outposts:x-amz-storage-class" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html" + }, + "PutObjectTagging": { + "privilege": "PutObjectTagging", + "description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:RequestObjectTag/", + "s3-outposts:RequestObjectTagKeys", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" + }, + "PutObjectVersionTagging": { + "privilege": "PutObjectVersionTagging", + "description": "Grants permission to set the supplied tag-set for a specific version of an object", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:DataAccessPointAccount", + "s3-outposts:DataAccessPointArn", + "s3-outposts:AccessPointNetworkOrigin", + "s3-outposts:ExistingObjectTag/", + "s3-outposts:RequestObjectTag/", + "s3-outposts:RequestObjectTagKeys", + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:versionid", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" + }, + "PutReplicationConfiguration": { + "privilege": "PutReplicationConfiguration", + "description": "Grants permission to create a new replication configuration or replace an existing one", + "access_level": "Write", + "resource_types": { + "bucket": { + "resource_type": "bucket", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bucket": "bucket", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketReplication.html" + }, + "ReplicateDelete": { + "privilege": "ReplicateDelete", + "description": "Grants permission to replicate delete markers to the destination bucket", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html" + }, + "ReplicateObject": { + "privilege": "ReplicateObject", + "description": "Grants permission to replicate objects and object tags to the destination bucket", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256", + "s3-outposts:x-amz-server-side-encryption" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html" + }, + "ReplicateTags": { + "privilege": "ReplicateTags", + "description": "Grants permission to replicate object tags to the destination bucket", + "access_level": "Tagging", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "s3-outposts:authType", + "s3-outposts:signatureAge", + "s3-outposts:signatureversion", + "s3-outposts:x-amz-content-sha256" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html" + } + }, + "privileges_lower_name": { + "abortmultipartupload": "AbortMultipartUpload", + "createaccesspoint": "CreateAccessPoint", + "createbucket": "CreateBucket", + "createendpoint": "CreateEndpoint", + "deleteaccesspoint": "DeleteAccessPoint", + "deleteaccesspointpolicy": "DeleteAccessPointPolicy", + "deletebucket": "DeleteBucket", + "deletebucketpolicy": "DeleteBucketPolicy", + "deleteendpoint": "DeleteEndpoint", + "deleteobject": "DeleteObject", + "deleteobjecttagging": "DeleteObjectTagging", + "deleteobjectversion": "DeleteObjectVersion", + "deleteobjectversiontagging": "DeleteObjectVersionTagging", + "getaccesspoint": "GetAccessPoint", + "getaccesspointpolicy": "GetAccessPointPolicy", + "getbucket": "GetBucket", + "getbucketpolicy": "GetBucketPolicy", + "getbuckettagging": "GetBucketTagging", + "getbucketversioning": "GetBucketVersioning", + "getlifecycleconfiguration": "GetLifecycleConfiguration", + "getobject": "GetObject", + "getobjecttagging": "GetObjectTagging", + "getobjectversion": "GetObjectVersion", + "getobjectversionforreplication": "GetObjectVersionForReplication", + "getobjectversiontagging": "GetObjectVersionTagging", + "getreplicationconfiguration": "GetReplicationConfiguration", + "listaccesspoints": "ListAccessPoints", + "listbucket": "ListBucket", + "listbucketmultipartuploads": "ListBucketMultipartUploads", + "listbucketversions": "ListBucketVersions", + "listendpoints": "ListEndpoints", + "listmultipartuploadparts": "ListMultipartUploadParts", + "listoutpostswiths3": "ListOutpostsWithS3", + "listregionalbuckets": "ListRegionalBuckets", + "listsharedendpoints": "ListSharedEndpoints", + "putaccesspointpolicy": "PutAccessPointPolicy", + "putbucketpolicy": "PutBucketPolicy", + "putbuckettagging": "PutBucketTagging", + "putbucketversioning": "PutBucketVersioning", + "putlifecycleconfiguration": "PutLifecycleConfiguration", + "putobject": "PutObject", + "putobjectacl": "PutObjectAcl", + "putobjecttagging": "PutObjectTagging", + "putobjectversiontagging": "PutObjectVersionTagging", + "putreplicationconfiguration": "PutReplicationConfiguration", + "replicatedelete": "ReplicateDelete", + "replicateobject": "ReplicateObject", + "replicatetags": "ReplicateTags" + }, + "resources": { + "accesspoint": { + "resource": "accesspoint", + "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/accesspoint/${AccessPointName}", + "condition_keys": [] + }, + "bucket": { + "resource": "bucket", + "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/bucket/${BucketName}", + "condition_keys": [] + }, + "endpoint": { + "resource": "endpoint", + "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/endpoint/${EndpointId}", + "condition_keys": [] + }, + "object": { + "resource": "object", + "arn": "arn:${Partition}:s3-outposts:${Region}:${Account}:outpost/${OutpostId}/bucket/${BucketName}/object/${ObjectName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "accesspoint": "accesspoint", + "bucket": "bucket", + "endpoint": "endpoint", + "object": "object" + }, + "conditions": { + "s3-outposts:AccessPointNetworkOrigin": { + "condition": "s3-outposts:AccessPointNetworkOrigin", + "description": "Filters access by the network origin (Internet or VPC)", + "type": "String" + }, + "s3-outposts:DataAccessPointAccount": { + "condition": "s3-outposts:DataAccessPointAccount", + "description": "Filters access by the AWS Account ID that owns the access point", + "type": "String" + }, + "s3-outposts:DataAccessPointArn": { + "condition": "s3-outposts:DataAccessPointArn", + "description": "Filters access by an access point Amazon Resource Name (ARN)", + "type": "String" + }, + "s3-outposts:ExistingObjectTag/": { + "condition": "s3-outposts:ExistingObjectTag/", + "description": "Filters access by requiring that an existing object tag has a specific tag key and value", + "type": "String" + }, + "s3-outposts:RequestObjectTag/": { + "condition": "s3-outposts:RequestObjectTag/", + "description": "Filters access by restricting the tag keys and values allowed on objects", + "type": "String" + }, + "s3-outposts:RequestObjectTagKeys": { + "condition": "s3-outposts:RequestObjectTagKeys", + "description": "Filters access by restricting the tag keys allowed on objects", + "type": "String" + }, + "s3-outposts:authType": { + "condition": "s3-outposts:authType", + "description": "Filters access by restricting incoming requests to a specific authentication method", + "type": "String" + }, + "s3-outposts:delimiter": { + "condition": "s3-outposts:delimiter", + "description": "Filters access by requiring the delimiter parameter", + "type": "String" + }, + "s3-outposts:max-keys": { + "condition": "s3-outposts:max-keys", + "description": "Filters access by limiting the maximum number of keys returned in a ListBucket request", + "type": "Numeric" + }, + "s3-outposts:prefix": { + "condition": "s3-outposts:prefix", + "description": "Filters access by key name prefix", + "type": "String" + }, + "s3-outposts:signatureAge": { + "condition": "s3-outposts:signatureAge", + "description": "Filters access by identifying the length of time, in milliseconds, that a signature is valid in an authenticated request", + "type": "Numeric" + }, + "s3-outposts:signatureversion": { + "condition": "s3-outposts:signatureversion", + "description": "Filters access by identifying the version of AWS Signature that is supported for authenticated requests", + "type": "String" + }, + "s3-outposts:versionid": { + "condition": "s3-outposts:versionid", + "description": "Filters access by a specific object version", + "type": "String" + }, + "s3-outposts:x-amz-acl": { + "condition": "s3-outposts:x-amz-acl", + "description": "Filters access by requiring the x-amz-acl header with a specific canned ACL in a request", + "type": "String" + }, + "s3-outposts:x-amz-content-sha256": { + "condition": "s3-outposts:x-amz-content-sha256", + "description": "Filters access by disallowing unsigned content in your bucket", + "type": "String" + }, + "s3-outposts:x-amz-copy-source": { + "condition": "s3-outposts:x-amz-copy-source", + "description": "Filters access by restricting the copy source to a specific bucket, prefix, or object", + "type": "String" + }, + "s3-outposts:x-amz-metadata-directive": { + "condition": "s3-outposts:x-amz-metadata-directive", + "description": "Filters access by enabling enforcement of object metadata behavior (COPY or REPLACE) when objects are copied", + "type": "String" + }, + "s3-outposts:x-amz-server-side-encryption": { + "condition": "s3-outposts:x-amz-server-side-encryption", + "description": "Filters access by requiring server-side encryption", + "type": "String" + }, + "s3-outposts:x-amz-storage-class": { + "condition": "s3-outposts:x-amz-storage-class", + "description": "Filters access by storage class", + "type": "String" + } + } + }, + "sagemaker": { + "service_name": "Amazon SageMaker", + "prefix": "sagemaker", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemaker.html", + "privileges": { + "AddAssociation": { + "privilege": "AddAssociation", + "description": "Grants permission to associate a lineage entity (artifact, context, action, experiment, experiment-trial-component) to each other", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "artifact": { + "resource_type": "artifact", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "context": { + "resource_type": "context", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "artifact": "artifact", + "context": "context", + "experiment": "experiment", + "experiment-trial-component": "experiment-trial-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddAssociation.html" + }, + "AddTags": { + "privilege": "AddTags", + "description": "Grants permission to add or overwrite one or more tags for the specified Amazon SageMaker resource", + "access_level": "Tagging", + "resource_types": { + "action": { + "resource_type": "action", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "algorithm": { + "resource_type": "algorithm", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "app": { + "resource_type": "app", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "app-image-config": { + "resource_type": "app-image-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "artifact": { + "resource_type": "artifact", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "automl-job": { + "resource_type": "automl-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "code-repository": { + "resource_type": "code-repository", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "compilation-job": { + "resource_type": "compilation-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "context": { + "resource_type": "context", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "data-quality-job-definition": { + "resource_type": "data-quality-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "device-fleet": { + "resource_type": "device-fleet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "edge-packaging-job": { + "resource_type": "edge-packaging-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "endpoint-config": { + "resource_type": "endpoint-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial": { + "resource_type": "experiment-trial", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "feature-group": { + "resource_type": "feature-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "flow-definition": { + "resource_type": "flow-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "human-task-ui": { + "resource_type": "human-task-ui", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "hyper-parameter-tuning-job": { + "resource_type": "hyper-parameter-tuning-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "inference-recommendations-job": { + "resource_type": "inference-recommendations-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "labeling-job": { + "resource_type": "labeling-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-bias-job-definition": { + "resource_type": "model-bias-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-card": { + "resource_type": "model-card", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-explainability-job-definition": { + "resource_type": "model-explainability-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-package": { + "resource_type": "model-package", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-package-group": { + "resource_type": "model-package-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-quality-job-definition": { + "resource_type": "model-quality-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "notebook-instance": { + "resource_type": "notebook-instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "processing-job": { + "resource_type": "processing-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "studio-lifecycle-config": { + "resource_type": "studio-lifecycle-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "training-job": { + "resource_type": "training-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transform-job": { + "resource_type": "transform-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "user-profile": { + "resource_type": "user-profile", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "workteam": { + "resource_type": "workteam", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:TaggingAction" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "algorithm": "algorithm", + "app": "app", + "app-image-config": "app-image-config", + "artifact": "artifact", + "automl-job": "automl-job", + "code-repository": "code-repository", + "compilation-job": "compilation-job", + "context": "context", + "data-quality-job-definition": "data-quality-job-definition", + "device": "device", + "device-fleet": "device-fleet", + "domain": "domain", + "edge-deployment-plan": "edge-deployment-plan", + "edge-packaging-job": "edge-packaging-job", + "endpoint": "endpoint", + "endpoint-config": "endpoint-config", + "experiment": "experiment", + "experiment-trial": "experiment-trial", + "experiment-trial-component": "experiment-trial-component", + "feature-group": "feature-group", + "flow-definition": "flow-definition", + "human-task-ui": "human-task-ui", + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job", + "image": "image", + "inference-recommendations-job": "inference-recommendations-job", + "labeling-job": "labeling-job", + "model": "model", + "model-bias-job-definition": "model-bias-job-definition", + "model-card": "model-card", + "model-explainability-job-definition": "model-explainability-job-definition", + "model-package": "model-package", + "model-package-group": "model-package-group", + "model-quality-job-definition": "model-quality-job-definition", + "monitoring-schedule": "monitoring-schedule", + "notebook-instance": "notebook-instance", + "pipeline": "pipeline", + "processing-job": "processing-job", + "project": "project", + "studio-lifecycle-config": "studio-lifecycle-config", + "training-job": "training-job", + "transform-job": "transform-job", + "user-profile": "user-profile", + "workteam": "workteam", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html" + }, + "AssociateTrialComponent": { + "privilege": "AssociateTrialComponent", + "description": "Grants permission to associate a trial component with a trial", + "access_level": "Write", + "resource_types": { + "experiment-trial": { + "resource_type": "experiment-trial", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial": "experiment-trial", + "experiment-trial-component": "experiment-trial-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AssociateTrialComponent.html" + }, + "BatchDescribeModelPackage": { + "privilege": "BatchDescribeModelPackage", + "description": "Grants permission to describe one or more ModelPackages", + "access_level": "Read", + "resource_types": { + "model-package": { + "resource_type": "model-package", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package": "model-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_BatchDescribeModelPackage.html" + }, + "BatchGetMetrics": { + "privilege": "BatchGetMetrics", + "description": "Grants permission to retrieve metrics associated with SageMaker Resources such as Training Jobs or Trial Components. This API is not publicly exposed at this point, however admins can control this action", + "access_level": "Read", + "resource_types": { + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "training-job": { + "resource_type": "training-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial-component": "experiment-trial-component", + "training-job": "training-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/" + }, + "BatchGetRecord": { + "privilege": "BatchGetRecord", + "description": "Grants permission to get a batch of records from one or more feature groups", + "access_level": "Read", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_BatchGetRecord.html" + }, + "BatchPutMetrics": { + "privilege": "BatchPutMetrics", + "description": "Grants permission to publish metrics associated with a SageMaker Resource such as a Training Job or Trial Component", + "access_level": "Write", + "resource_types": { + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "training-job": { + "resource_type": "training-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial-component": "experiment-trial-component", + "training-job": "training-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/" + }, + "CreateAction": { + "privilege": "CreateAction", + "description": "Grants permission to create an action", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAction.html" + }, + "CreateAlgorithm": { + "privilege": "CreateAlgorithm", + "description": "Grants permission to create an algorithm", + "access_level": "Write", + "resource_types": { + "algorithm": { + "resource_type": "algorithm", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "algorithm": "algorithm", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAlgorithm.html" + }, + "CreateApp": { + "privilege": "CreateApp", + "description": "Grants permission to create an App for a SageMaker UserProfile or Space", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:ImageArns", + "sagemaker:ImageVersionArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateApp.html" + }, + "CreateAppImageConfig": { + "privilege": "CreateAppImageConfig", + "description": "Grants permission to create an AppImageConfig", + "access_level": "Write", + "resource_types": { + "app-image-config": { + "resource_type": "app-image-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-image-config": "app-image-config", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAppImageConfig.html" + }, + "CreateArtifact": { + "privilege": "CreateArtifact", + "description": "Grants permission to create an artifact", + "access_level": "Write", + "resource_types": { + "artifact": { + "resource_type": "artifact", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "artifact": "artifact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateArtifact.html" + }, + "CreateAutoMLJob": { + "privilege": "CreateAutoMLJob", + "description": "Grants permission to create an AutoML job", + "access_level": "Write", + "resource_types": { + "automl-job": { + "resource_type": "automl-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automl-job": "automl-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJob.html" + }, + "CreateAutoMLJobV2": { + "privilege": "CreateAutoMLJobV2", + "description": "Grants permission to create a V2 AutoML job", + "access_level": "Write", + "resource_types": { + "automl-job": { + "resource_type": "automl-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automl-job": "automl-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateAutoMLJobV2.html" + }, + "CreateCodeRepository": { + "privilege": "CreateCodeRepository", + "description": "Grants permission to create a CodeRepository", + "access_level": "Write", + "resource_types": { + "code-repository": { + "resource_type": "code-repository", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code-repository": "code-repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateCodeRepository.html" + }, + "CreateCompilationJob": { + "privilege": "CreateCompilationJob", + "description": "Grants permission to create a compilation job", + "access_level": "Write", + "resource_types": { + "compilation-job": { + "resource_type": "compilation-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compilation-job": "compilation-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateCompilationJob.html" + }, + "CreateContext": { + "privilege": "CreateContext", + "description": "Grants permission to create a context", + "access_level": "Write", + "resource_types": { + "context": { + "resource_type": "context", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "context": "context", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateContext.html" + }, + "CreateDataQualityJobDefinition": { + "privilege": "CreateDataQualityJobDefinition", + "description": "Grants permission to create a data quality job definition", + "access_level": "Write", + "resource_types": { + "data-quality-job-definition": { + "resource_type": "data-quality-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-quality-job-definition": "data-quality-job-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDataQualityJobDefinition.html" + }, + "CreateDeviceFleet": { + "privilege": "CreateDeviceFleet", + "description": "Grants permission to create a device fleet", + "access_level": "Write", + "resource_types": { + "device-fleet": { + "resource_type": "device-fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-fleet": "device-fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDeviceFleet.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Grants permission to create a Domain for SageMaker Studio", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:AppNetworkAccessType", + "sagemaker:InstanceTypes", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets", + "sagemaker:DomainSharingOutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:ImageArns", + "sagemaker:ImageVersionArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateDomain.html" + }, + "CreateEdgeDeploymentPlan": { + "privilege": "CreateEdgeDeploymentPlan", + "description": "Grants permission to create an edge deployment plan", + "access_level": "Write", + "resource_types": { + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-deployment-plan": "edge-deployment-plan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEdgeDeploymentPlan.html" + }, + "CreateEdgeDeploymentStage": { + "privilege": "CreateEdgeDeploymentStage", + "description": "Grants permission to create an edge deployment stage", + "access_level": "Write", + "resource_types": { + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-deployment-plan": "edge-deployment-plan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEdgeDeploymentStage.html" + }, + "CreateEdgePackagingJob": { + "privilege": "CreateEdgePackagingJob", + "description": "Grants permission to create an edge packaging job", + "access_level": "Write", + "resource_types": { + "edge-packaging-job": { + "resource_type": "edge-packaging-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-packaging-job": "edge-packaging-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEdgePackagingJob.html" + }, + "CreateEndpoint": { + "privilege": "CreateEndpoint", + "description": "Grants permission to create an endpoint using the endpoint configuration specified in the request", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "endpoint-config": { + "resource_type": "endpoint-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint", + "endpoint-config": "endpoint-config", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpoint.html" + }, + "CreateEndpointConfig": { + "privilege": "CreateEndpointConfig", + "description": "Grants permission to create an endpoint configuration that can be deployed using Amazon SageMaker hosting services", + "access_level": "Write", + "resource_types": { + "endpoint-config": { + "resource_type": "endpoint-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:AcceleratorTypes", + "sagemaker:InstanceTypes", + "sagemaker:ModelArn", + "sagemaker:VolumeKmsKey", + "sagemaker:ServerlessMaxConcurrency", + "sagemaker:ServerlessMemorySize" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint-config": "endpoint-config", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpointConfig.html" + }, + "CreateExperiment": { + "privilege": "CreateExperiment", + "description": "Grants permission to create an experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateExperiment.html" + }, + "CreateFeatureGroup": { + "privilege": "CreateFeatureGroup", + "description": "Grants permission to create a feature group", + "access_level": "Write", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:FeatureGroupOnlineStoreKmsKey", + "sagemaker:FeatureGroupOfflineStoreKmsKey", + "sagemaker:FeatureGroupOfflineStoreS3Uri", + "sagemaker:FeatureGroupEnableOnlineStore", + "sagemaker:FeatureGroupOfflineStoreConfig", + "sagemaker:FeatureGroupDisableGlueTableCreation" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFeatureGroup.html" + }, + "CreateFlowDefinition": { + "privilege": "CreateFlowDefinition", + "description": "Grants permission to create a flow definition, which defines settings for a human workflow", + "access_level": "Write", + "resource_types": { + "flow-definition": { + "resource_type": "flow-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:WorkteamArn", + "sagemaker:WorkteamType", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow-definition": "flow-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateFlowDefinition.html" + }, + "CreateHub": { + "privilege": "CreateHub", + "description": "Grants permission to create a hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHub.html" + }, + "CreateHumanTaskUi": { + "privilege": "CreateHumanTaskUi", + "description": "Grants permission to define the settings you will use for the human review workflow user interface", + "access_level": "Write", + "resource_types": { + "human-task-ui": { + "resource_type": "human-task-ui", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "human-task-ui": "human-task-ui", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHumanTaskUi.html" + }, + "CreateHyperParameterTuningJob": { + "privilege": "CreateHyperParameterTuningJob", + "description": "Grants permission to create a hyper parameter tuning job that can be deployed using Amazon SageMaker", + "access_level": "Write", + "resource_types": { + "hyper-parameter-tuning-job": { + "resource_type": "hyper-parameter-tuning-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:FileSystemAccessMode", + "sagemaker:FileSystemDirectoryPath", + "sagemaker:FileSystemId", + "sagemaker:FileSystemType", + "sagemaker:InstanceTypes", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateHyperParameterTuningJob.html" + }, + "CreateImage": { + "privilege": "CreateImage", + "description": "Grants permission to create a SageMaker Image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImage.html" + }, + "CreateImageVersion": { + "privilege": "CreateImageVersion", + "description": "Grants permission to create a SageMaker ImageVersion", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateImageVersion.html" + }, + "CreateInferenceExperiment": { + "privilege": "CreateInferenceExperiment", + "description": "Grants permission to create an inference experiment", + "access_level": "Write", + "resource_types": { + "inference-experiment": { + "resource_type": "inference-experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-experiment": "inference-experiment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceExperiment.html" + }, + "CreateInferenceRecommendationsJob": { + "privilege": "CreateInferenceRecommendationsJob", + "description": "Grants permission to create an inference recommendations job", + "access_level": "Write", + "resource_types": { + "inference-recommendations-job": { + "resource_type": "inference-recommendations-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-recommendations-job": "inference-recommendations-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html" + }, + "CreateLabelingJob": { + "privilege": "CreateLabelingJob", + "description": "Grants permission to start a labeling job. A labeling job takes unlabeled data in and produces labeled data as output, which can be used for training SageMaker models", + "access_level": "Write", + "resource_types": { + "labeling-job": { + "resource_type": "labeling-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:WorkteamArn", + "sagemaker:WorkteamType", + "sagemaker:VolumeKmsKey", + "sagemaker:OutputKmsKey", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "labeling-job": "labeling-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateLabelingJob.html" + }, + "CreateLineageGroupPolicy": { + "privilege": "CreateLineageGroupPolicy", + "description": "Grants permission to create a lineage group policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/Welcome.html" + }, + "CreateModel": { + "privilege": "CreateModel", + "description": "Grants permission to create a model in Amazon SageMaker. In the request, you specify a name for the model and describe one or more containers", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:NetworkIsolation", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html" + }, + "CreateModelBiasJobDefinition": { + "privilege": "CreateModelBiasJobDefinition", + "description": "Grants permission to create a model bias job definition", + "access_level": "Write", + "resource_types": { + "model-bias-job-definition": { + "resource_type": "model-bias-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-bias-job-definition": "model-bias-job-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelBiasJobDefinition.html" + }, + "CreateModelCard": { + "privilege": "CreateModelCard", + "description": "Grants permission to create a model card", + "access_level": "Write", + "resource_types": { + "model-card": { + "resource_type": "model-card", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card": "model-card", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelCard.html" + }, + "CreateModelCardExportJob": { + "privilege": "CreateModelCardExportJob", + "description": "Grants permission to create an export job for a model card", + "access_level": "Write", + "resource_types": { + "model-card": { + "resource_type": "model-card", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card": "model-card" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelCardExportJob.html" + }, + "CreateModelExplainabilityJobDefinition": { + "privilege": "CreateModelExplainabilityJobDefinition", + "description": "Grants permission to create a model explainability job definition", + "access_level": "Write", + "resource_types": { + "model-explainability-job-definition": { + "resource_type": "model-explainability-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-explainability-job-definition": "model-explainability-job-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelExplainabilityJobDefinition.html" + }, + "CreateModelPackage": { + "privilege": "CreateModelPackage", + "description": "Grants permission to create a ModelPackage", + "access_level": "Write", + "resource_types": { + "model-package": { + "resource_type": "model-package", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "model-package-group": { + "resource_type": "model-package-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:ModelApprovalStatus", + "sagemaker:CustomerMetadataProperties/${MetadataKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package": "model-package", + "model-package-group": "model-package-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackage.html" + }, + "CreateModelPackageGroup": { + "privilege": "CreateModelPackageGroup", + "description": "Grants permission to create a ModelPackageGroup", + "access_level": "Write", + "resource_types": { + "model-package-group": { + "resource_type": "model-package-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package-group": "model-package-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelPackageGroup.html" + }, + "CreateModelQualityJobDefinition": { + "privilege": "CreateModelQualityJobDefinition", + "description": "Grants permission to create a model quality job definition", + "access_level": "Write", + "resource_types": { + "model-quality-job-definition": { + "resource_type": "model-quality-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-quality-job-definition": "model-quality-job-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModelQualityJobDefinition.html" + }, + "CreateMonitoringSchedule": { + "privilege": "CreateMonitoringSchedule", + "description": "Grants permission to create a monitoring schedule", + "access_level": "Write", + "resource_types": { + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitoring-schedule": "monitoring-schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateMonitoringSchedule.html" + }, + "CreateNotebookInstance": { + "privilege": "CreateNotebookInstance", + "description": "Grants permission to create an Amazon SageMaker notebook instance. A notebook instance is an Amazon EC2 instance running on a Jupyter Notebook", + "access_level": "Write", + "resource_types": { + "notebook-instance": { + "resource_type": "notebook-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:AcceleratorTypes", + "sagemaker:DirectInternetAccess", + "sagemaker:InstanceTypes", + "sagemaker:MinimumInstanceMetadataServiceVersion", + "sagemaker:RootAccess", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance": "notebook-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstance.html" + }, + "CreateNotebookInstanceLifecycleConfig": { + "privilege": "CreateNotebookInstanceLifecycleConfig", + "description": "Grants permission to create a notebook instance lifecycle configuration that can be deployed using Amazon SageMaker", + "access_level": "Write", + "resource_types": { + "notebook-instance-lifecycle-config": { + "resource_type": "notebook-instance-lifecycle-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance-lifecycle-config": "notebook-instance-lifecycle-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateNotebookInstanceLifecycleConfig.html" + }, + "CreatePipeline": { + "privilege": "CreatePipeline", + "description": "Grants permission to create a pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePipeline.html" + }, + "CreatePresignedDomainUrl": { + "privilege": "CreatePresignedDomainUrl", + "description": "Grants permission to return a URL that you can use from your browser to connect to the Domain as a specified UserProfile when AuthMode is 'IAM'", + "access_level": "Write", + "resource_types": { + "user-profile": { + "resource_type": "user-profile", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user-profile": "user-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedDomainUrl.html" + }, + "CreatePresignedNotebookInstanceUrl": { + "privilege": "CreatePresignedNotebookInstanceUrl", + "description": "Grants permission to create a URL that you can use from your browser to connect to the Notebook Instance", + "access_level": "Write", + "resource_types": { + "notebook-instance": { + "resource_type": "notebook-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance": "notebook-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreatePresignedNotebookInstanceUrl.html" + }, + "CreateProcessingJob": { + "privilege": "CreateProcessingJob", + "description": "Grants permission to start a processing job. After processing completes, Amazon SageMaker saves the resulting artifacts and other optional output to an Amazon S3 location that you specify", + "access_level": "Write", + "resource_types": { + "processing-job": { + "resource_type": "processing-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets", + "sagemaker:InterContainerTrafficEncryption" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "processing-job": "processing-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a Project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProject.html" + }, + "CreateSharedModel": { + "privilege": "CreateSharedModel", + "description": "Grants permission to create a shared model in a SageMaker Studio application", + "access_level": "Write", + "resource_types": { + "shared-model": { + "resource_type": "shared-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "shared-model": "shared-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" + }, + "CreateSpace": { + "privilege": "CreateSpace", + "description": "Grants permission to create a Space for a SageMaker Domain", + "access_level": "Write", + "resource_types": { + "space": { + "resource_type": "space", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:ImageArns", + "sagemaker:ImageVersionArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "space": "space", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateSpace.html" + }, + "CreateStudioLifecycleConfig": { + "privilege": "CreateStudioLifecycleConfig", + "description": "Grants permission to create a Studio Lifecycle Configuration that can be deployed using Amazon SageMaker", + "access_level": "Write", + "resource_types": { + "studio-lifecycle-config": { + "resource_type": "studio-lifecycle-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio-lifecycle-config": "studio-lifecycle-config", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateStudioLifecycleConfig.html" + }, + "CreateTrainingJob": { + "privilege": "CreateTrainingJob", + "description": "Grants permission to start a model training job. After training completes, Amazon SageMaker saves the resulting model artifacts and other optional output to an Amazon S3 location that you specify", + "access_level": "Write", + "resource_types": { + "training-job": { + "resource_type": "training-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:FileSystemAccessMode", + "sagemaker:FileSystemDirectoryPath", + "sagemaker:FileSystemId", + "sagemaker:FileSystemType", + "sagemaker:InstanceTypes", + "sagemaker:InterContainerTrafficEncryption", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets", + "sagemaker:KeepAlivePeriod" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "training-job": "training-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html" + }, + "CreateTransformJob": { + "privilege": "CreateTransformJob", + "description": "Grants permission to start a transform job. After the results are obtained, Amazon SageMaker saves them to an Amazon S3 location that you specify", + "access_level": "Write", + "resource_types": { + "transform-job": { + "resource_type": "transform-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:ModelArn", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transform-job": "transform-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html" + }, + "CreateTrial": { + "privilege": "CreateTrial", + "description": "Grants permission to create a trial", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "experiment-trial": { + "resource_type": "experiment-trial", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment", + "experiment-trial": "experiment-trial", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrial.html" + }, + "CreateTrialComponent": { + "privilege": "CreateTrialComponent", + "description": "Grants permission to create a trial component", + "access_level": "Write", + "resource_types": { + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial-component": "experiment-trial-component", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrialComponent.html" + }, + "CreateUserProfile": { + "privilege": "CreateUserProfile", + "description": "Grants permission to create a UserProfile for a SageMaker Domain", + "access_level": "Write", + "resource_types": { + "user-profile": { + "resource_type": "user-profile", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:InstanceTypes", + "sagemaker:DomainSharingOutputKmsKey", + "sagemaker:ImageArns", + "sagemaker:ImageVersionArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user-profile": "user-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateUserProfile.html" + }, + "CreateWorkforce": { + "privilege": "CreateWorkforce", + "description": "Grants permission to create a workforce", + "access_level": "Write", + "resource_types": { + "workforce": { + "resource_type": "workforce", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workforce": "workforce", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkforce.html" + }, + "CreateWorkteam": { + "privilege": "CreateWorkteam", + "description": "Grants permission to create a workteam", + "access_level": "Write", + "resource_types": { + "workteam": { + "resource_type": "workteam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workteam": "workteam", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateWorkteam.html" + }, + "DeleteAction": { + "privilege": "DeleteAction", + "description": "Grants permission to delete an action", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAction.html" + }, + "DeleteAlgorithm": { + "privilege": "DeleteAlgorithm", + "description": "Grants permission to delete an algorithm", + "access_level": "Write", + "resource_types": { + "algorithm": { + "resource_type": "algorithm", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "algorithm": "algorithm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAlgorithm.html" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Grants permission to delete an App", + "access_level": "Write", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteApp.html" + }, + "DeleteAppImageConfig": { + "privilege": "DeleteAppImageConfig", + "description": "Grants permission to delete an AppImageConfig", + "access_level": "Write", + "resource_types": { + "app-image-config": { + "resource_type": "app-image-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-image-config": "app-image-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAppImageConfig.html" + }, + "DeleteArtifact": { + "privilege": "DeleteArtifact", + "description": "Grants permission to delete an artifact", + "access_level": "Write", + "resource_types": { + "artifact": { + "resource_type": "artifact", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "artifact": "artifact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteArtifact.html" + }, + "DeleteAssociation": { + "privilege": "DeleteAssociation", + "description": "Grants permission to delete the association from a lineage entity (artifact, context, action, experiment, experiment-trial-component) to another", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "artifact": { + "resource_type": "artifact", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "context": { + "resource_type": "context", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "artifact": "artifact", + "context": "context", + "experiment": "experiment", + "experiment-trial-component": "experiment-trial-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteAssociation.html" + }, + "DeleteCodeRepository": { + "privilege": "DeleteCodeRepository", + "description": "Grants permission to delete a CodeRepository", + "access_level": "Write", + "resource_types": { + "code-repository": { + "resource_type": "code-repository", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code-repository": "code-repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteCodeRepository.html" + }, + "DeleteContext": { + "privilege": "DeleteContext", + "description": "Grants permission to delete a context", + "access_level": "Write", + "resource_types": { + "context": { + "resource_type": "context", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "context": "context" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteContext.html" + }, + "DeleteDataQualityJobDefinition": { + "privilege": "DeleteDataQualityJobDefinition", + "description": "Grants permission to delete the data quality job definition created using the CreateDataQualityJobDefinition API", + "access_level": "Write", + "resource_types": { + "data-quality-job-definition": { + "resource_type": "data-quality-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-quality-job-definition": "data-quality-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDataQualityJobDefinition.html" + }, + "DeleteDeviceFleet": { + "privilege": "DeleteDeviceFleet", + "description": "Grants permission to delete a device fleet", + "access_level": "Write", + "resource_types": { + "device-fleet": { + "resource_type": "device-fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-fleet": "device-fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDeviceFleet.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete a Domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteDomain.html" + }, + "DeleteEdgeDeploymentPlan": { + "privilege": "DeleteEdgeDeploymentPlan", + "description": "Grants permission to delete an edge deployment plan", + "access_level": "Write", + "resource_types": { + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-deployment-plan": "edge-deployment-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEdgeDeploymentPlan.html" + }, + "DeleteEdgeDeploymentStage": { + "privilege": "DeleteEdgeDeploymentStage", + "description": "Grants permission to delete an edge deployment stage", + "access_level": "Write", + "resource_types": { + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-deployment-plan": "edge-deployment-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEdgeDeploymentStage.html" + }, + "DeleteEndpoint": { + "privilege": "DeleteEndpoint", + "description": "Grants permission to delete an endpoint. Amazon SageMaker frees up all the resources that were deployed when the endpoint was created", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html" + }, + "DeleteEndpointConfig": { + "privilege": "DeleteEndpointConfig", + "description": "Grants permission to delete the endpoint configuration created using the CreateEndpointConfig API. The DeleteEndpointConfig API deletes only the specified configuration. It does not delete any endpoints created using the configuration", + "access_level": "Write", + "resource_types": { + "endpoint-config": { + "resource_type": "endpoint-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint-config": "endpoint-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpointConfig.html" + }, + "DeleteExperiment": { + "privilege": "DeleteExperiment", + "description": "Grants permission to delete an experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteExperiment.html" + }, + "DeleteFeatureGroup": { + "privilege": "DeleteFeatureGroup", + "description": "Grants permission to delete a feature group", + "access_level": "Write", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteFeatureGroup.html" + }, + "DeleteFlowDefinition": { + "privilege": "DeleteFlowDefinition", + "description": "Grants permission to delete the specified flow definition", + "access_level": "Write", + "resource_types": { + "flow-definition": { + "resource_type": "flow-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow-definition": "flow-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteFlowDefinition.html" + }, + "DeleteHub": { + "privilege": "DeleteHub", + "description": "Grants permission to delete hubs", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHub.html" + }, + "DeleteHubContent": { + "privilege": "DeleteHubContent", + "description": "Grants permission to delete hub content", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "hub-content": { + "resource_type": "hub-content", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub", + "hub-content": "hub-content" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHubContent.html" + }, + "DeleteHumanLoop": { + "privilege": "DeleteHumanLoop", + "description": "Grants permission to delete a specified human loop", + "access_level": "Write", + "resource_types": { + "human-loop": { + "resource_type": "human-loop", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "human-loop": "human-loop" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHumanLoop.html" + }, + "DeleteHumanTaskUi": { + "privilege": "DeleteHumanTaskUi", + "description": "Grants permission to delete the specified human task user interface (worker task template)", + "access_level": "Write", + "resource_types": { + "human-task-ui": { + "resource_type": "human-task-ui", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "human-task-ui": "human-task-ui" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteHumanTaskUi.html" + }, + "DeleteImage": { + "privilege": "DeleteImage", + "description": "Grants permission to delete a SageMaker Image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImage.html" + }, + "DeleteImageVersion": { + "privilege": "DeleteImageVersion", + "description": "Grants permission to delete a SageMaker ImageVersion", + "access_level": "Write", + "resource_types": { + "image-version": { + "resource_type": "image-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-version": "image-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteImageVersion.html" + }, + "DeleteInferenceExperiment": { + "privilege": "DeleteInferenceExperiment", + "description": "Grants permission to delete an inference experiment", + "access_level": "Write", + "resource_types": { + "inference-experiment": { + "resource_type": "inference-experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-experiment": "inference-experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteInferenceExperiment.html" + }, + "DeleteLineageGroupPolicy": { + "privilege": "DeleteLineageGroupPolicy", + "description": "Grants permission to delete a lineage group policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/Welcome.html" + }, + "DeleteModel": { + "privilege": "DeleteModel", + "description": "Grants permission to delete a model created using the CreateModel API. The DeleteModel API deletes only the model entry in Amazon SageMaker that you created by calling the CreateModel API. It does not delete model artifacts, inference code, or the IAM role that you specified when creating the model", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModel.html" + }, + "DeleteModelBiasJobDefinition": { + "privilege": "DeleteModelBiasJobDefinition", + "description": "Grants permission to delete the model bias job definition created using the CreateModelBiasJobDefinition API", + "access_level": "Write", + "resource_types": { + "model-bias-job-definition": { + "resource_type": "model-bias-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-bias-job-definition": "model-bias-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelBiasJobDefinition.html" + }, + "DeleteModelCard": { + "privilege": "DeleteModelCard", + "description": "Grants permission to delete a model card", + "access_level": "Write", + "resource_types": { + "model-card": { + "resource_type": "model-card", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card": "model-card" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelCard.html" + }, + "DeleteModelExplainabilityJobDefinition": { + "privilege": "DeleteModelExplainabilityJobDefinition", + "description": "Grants permission to delete the model explainability job definition created using the CreateModelExplainabilityJobDefinition API", + "access_level": "Write", + "resource_types": { + "model-explainability-job-definition": { + "resource_type": "model-explainability-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-explainability-job-definition": "model-explainability-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelExplainabilityJobDefinition.html" + }, + "DeleteModelPackage": { + "privilege": "DeleteModelPackage", + "description": "Grants permission to delete a ModelPackage", + "access_level": "Write", + "resource_types": { + "model-package": { + "resource_type": "model-package", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package": "model-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackage.html" + }, + "DeleteModelPackageGroup": { + "privilege": "DeleteModelPackageGroup", + "description": "Grants permission to delete a ModelPackageGroup", + "access_level": "Write", + "resource_types": { + "model-package-group": { + "resource_type": "model-package-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package-group": "model-package-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroup.html" + }, + "DeleteModelPackageGroupPolicy": { + "privilege": "DeleteModelPackageGroupPolicy", + "description": "Grants permission to delete a ModelPackageGroup policy", + "access_level": "Write", + "resource_types": { + "model-package-group": { + "resource_type": "model-package-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package-group": "model-package-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelPackageGroupPolicy.html" + }, + "DeleteModelQualityJobDefinition": { + "privilege": "DeleteModelQualityJobDefinition", + "description": "Grants permission to delete the model quality job definition created using the CreateModelQualityJobDefinition API", + "access_level": "Write", + "resource_types": { + "model-quality-job-definition": { + "resource_type": "model-quality-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-quality-job-definition": "model-quality-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteModelQualityJobDefinition.html" + }, + "DeleteMonitoringSchedule": { + "privilege": "DeleteMonitoringSchedule", + "description": "Grants permission to delete a monitoring schedule", + "access_level": "Write", + "resource_types": { + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitoring-schedule": "monitoring-schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteMonitoringSchedule.html" + }, + "DeleteNotebookInstance": { + "privilege": "DeleteNotebookInstance", + "description": "Grants permission to delete a Amazon SageMaker notebook instance. Before you can delete a notebook instance, you must call the StopNotebookInstance API", + "access_level": "Write", + "resource_types": { + "notebook-instance": { + "resource_type": "notebook-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance": "notebook-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteNotebookInstance.html" + }, + "DeleteNotebookInstanceLifecycleConfig": { + "privilege": "DeleteNotebookInstanceLifecycleConfig", + "description": "Grants permission to delete a notebook instance lifecycle configuration", + "access_level": "Write", + "resource_types": { + "notebook-instance-lifecycle-config": { + "resource_type": "notebook-instance-lifecycle-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance-lifecycle-config": "notebook-instance-lifecycle-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteNotebookInstanceLifecycleConfig.html" + }, + "DeletePipeline": { + "privilege": "DeletePipeline", + "description": "Grants permission to delete a pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeletePipeline.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteProject.html" + }, + "DeleteRecord": { + "privilege": "DeleteRecord", + "description": "Grants permission to delete a record from a feature group", + "access_level": "Write", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html" + }, + "DeleteSpace": { + "privilege": "DeleteSpace", + "description": "Grants permission to delete a Space", + "access_level": "Write", + "resource_types": { + "space": { + "resource_type": "space", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "space": "space" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteSpace.html" + }, + "DeleteStudioLifecycleConfig": { + "privilege": "DeleteStudioLifecycleConfig", + "description": "Grants permission to delete a Studio Lifecycle Configuration", + "access_level": "Write", + "resource_types": { + "studio-lifecycle-config": { + "resource_type": "studio-lifecycle-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio-lifecycle-config": "studio-lifecycle-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteStudioLifecycleConfig.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete the specified set of tags from an Amazon SageMaker resource", + "access_level": "Tagging", + "resource_types": { + "action": { + "resource_type": "action", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "algorithm": { + "resource_type": "algorithm", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "app": { + "resource_type": "app", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "app-image-config": { + "resource_type": "app-image-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "artifact": { + "resource_type": "artifact", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "automl-job": { + "resource_type": "automl-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "code-repository": { + "resource_type": "code-repository", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "compilation-job": { + "resource_type": "compilation-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "context": { + "resource_type": "context", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "data-quality-job-definition": { + "resource_type": "data-quality-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "device-fleet": { + "resource_type": "device-fleet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "edge-packaging-job": { + "resource_type": "edge-packaging-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "endpoint-config": { + "resource_type": "endpoint-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial": { + "resource_type": "experiment-trial", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "feature-group": { + "resource_type": "feature-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "flow-definition": { + "resource_type": "flow-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "human-task-ui": { + "resource_type": "human-task-ui", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "hyper-parameter-tuning-job": { + "resource_type": "hyper-parameter-tuning-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "inference-recommendations-job": { + "resource_type": "inference-recommendations-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "labeling-job": { + "resource_type": "labeling-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-bias-job-definition": { + "resource_type": "model-bias-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-card": { + "resource_type": "model-card", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-explainability-job-definition": { + "resource_type": "model-explainability-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-package": { + "resource_type": "model-package", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-package-group": { + "resource_type": "model-package-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-quality-job-definition": { + "resource_type": "model-quality-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "notebook-instance": { + "resource_type": "notebook-instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "processing-job": { + "resource_type": "processing-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "studio-lifecycle-config": { + "resource_type": "studio-lifecycle-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "training-job": { + "resource_type": "training-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transform-job": { + "resource_type": "transform-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "user-profile": { + "resource_type": "user-profile", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "workteam": { + "resource_type": "workteam", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "algorithm": "algorithm", + "app": "app", + "app-image-config": "app-image-config", + "artifact": "artifact", + "automl-job": "automl-job", + "code-repository": "code-repository", + "compilation-job": "compilation-job", + "context": "context", + "data-quality-job-definition": "data-quality-job-definition", + "device": "device", + "device-fleet": "device-fleet", + "domain": "domain", + "edge-deployment-plan": "edge-deployment-plan", + "edge-packaging-job": "edge-packaging-job", + "endpoint": "endpoint", + "endpoint-config": "endpoint-config", + "experiment": "experiment", + "experiment-trial": "experiment-trial", + "experiment-trial-component": "experiment-trial-component", + "feature-group": "feature-group", + "flow-definition": "flow-definition", + "human-task-ui": "human-task-ui", + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job", + "image": "image", + "inference-recommendations-job": "inference-recommendations-job", + "labeling-job": "labeling-job", + "model": "model", + "model-bias-job-definition": "model-bias-job-definition", + "model-card": "model-card", + "model-explainability-job-definition": "model-explainability-job-definition", + "model-package": "model-package", + "model-package-group": "model-package-group", + "model-quality-job-definition": "model-quality-job-definition", + "monitoring-schedule": "monitoring-schedule", + "notebook-instance": "notebook-instance", + "pipeline": "pipeline", + "processing-job": "processing-job", + "project": "project", + "studio-lifecycle-config": "studio-lifecycle-config", + "training-job": "training-job", + "transform-job": "transform-job", + "user-profile": "user-profile", + "workteam": "workteam", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTags.html" + }, + "DeleteTrial": { + "privilege": "DeleteTrial", + "description": "Grants permission to delete a trial", + "access_level": "Write", + "resource_types": { + "experiment-trial": { + "resource_type": "experiment-trial", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial": "experiment-trial" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTrial.html" + }, + "DeleteTrialComponent": { + "privilege": "DeleteTrialComponent", + "description": "Grants permission to delete a trial component", + "access_level": "Write", + "resource_types": { + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial-component": "experiment-trial-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteTrialComponent.html" + }, + "DeleteUserProfile": { + "privilege": "DeleteUserProfile", + "description": "Grants permission to delete a UserProfile", + "access_level": "Write", + "resource_types": { + "user-profile": { + "resource_type": "user-profile", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user-profile": "user-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteUserProfile.html" + }, + "DeleteWorkforce": { + "privilege": "DeleteWorkforce", + "description": "Grants permission to delete a workforce", + "access_level": "Write", + "resource_types": { + "workforce": { + "resource_type": "workforce", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workforce": "workforce" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkforce.html" + }, + "DeleteWorkteam": { + "privilege": "DeleteWorkteam", + "description": "Grants permission to delete a workteam", + "access_level": "Write", + "resource_types": { + "workteam": { + "resource_type": "workteam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workteam": "workteam" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteWorkteam.html" + }, + "DeregisterDevices": { + "privilege": "DeregisterDevices", + "description": "Grants permission to deregister a set of devices", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeregisterDevices.html" + }, + "DescribeAction": { + "privilege": "DescribeAction", + "description": "Grants permission to get information about an action", + "access_level": "Read", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAction.html" + }, + "DescribeAlgorithm": { + "privilege": "DescribeAlgorithm", + "description": "Grants permission to describe an algorithm", + "access_level": "Read", + "resource_types": { + "algorithm": { + "resource_type": "algorithm", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "algorithm": "algorithm" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAlgorithm.html" + }, + "DescribeApp": { + "privilege": "DescribeApp", + "description": "Grants permission to describe an App", + "access_level": "Read", + "resource_types": { + "app": { + "resource_type": "app", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app": "app" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeApp.html" + }, + "DescribeAppImageConfig": { + "privilege": "DescribeAppImageConfig", + "description": "Grants permission to describe an AppImageConfig", + "access_level": "Read", + "resource_types": { + "app-image-config": { + "resource_type": "app-image-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-image-config": "app-image-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAppImageConfig.html" + }, + "DescribeArtifact": { + "privilege": "DescribeArtifact", + "description": "Grants permission to get information about an artifact", + "access_level": "Read", + "resource_types": { + "artifact": { + "resource_type": "artifact", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "artifact": "artifact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeArtifact.html" + }, + "DescribeAutoMLJob": { + "privilege": "DescribeAutoMLJob", + "description": "Grants permission to describe an AutoML job that was created via the CreateAutoMLJob API", + "access_level": "Read", + "resource_types": { + "automl-job": { + "resource_type": "automl-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automl-job": "automl-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJob.html" + }, + "DescribeAutoMLJobV2": { + "privilege": "DescribeAutoMLJobV2", + "description": "Grants permission to describe an AutoML job that was created via the CreateAutoMLJobV2 API", + "access_level": "Read", + "resource_types": { + "automl-job": { + "resource_type": "automl-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automl-job": "automl-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeAutoMLJobV2.html" + }, + "DescribeCodeRepository": { + "privilege": "DescribeCodeRepository", + "description": "Grants permission to describe a CodeRepository", + "access_level": "Read", + "resource_types": { + "code-repository": { + "resource_type": "code-repository", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code-repository": "code-repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeCodeRepository.html" + }, + "DescribeCompilationJob": { + "privilege": "DescribeCompilationJob", + "description": "Grants permission to return information about a compilation job", + "access_level": "Read", + "resource_types": { + "compilation-job": { + "resource_type": "compilation-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compilation-job": "compilation-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeCompilationJob.html" + }, + "DescribeContext": { + "privilege": "DescribeContext", + "description": "Grants permission to get information about a context", + "access_level": "Read", + "resource_types": { + "context": { + "resource_type": "context", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "context": "context" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeContext.html" + }, + "DescribeDataQualityJobDefinition": { + "privilege": "DescribeDataQualityJobDefinition", + "description": "Grants permission to return information about a data quality job definition", + "access_level": "Read", + "resource_types": { + "data-quality-job-definition": { + "resource_type": "data-quality-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-quality-job-definition": "data-quality-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDataQualityJobDefinition.html" + }, + "DescribeDevice": { + "privilege": "DescribeDevice", + "description": "Grants permission to access information about a device", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDevice.html" + }, + "DescribeDeviceFleet": { + "privilege": "DescribeDeviceFleet", + "description": "Grants permission to access information about a device fleet", + "access_level": "Read", + "resource_types": { + "device-fleet": { + "resource_type": "device-fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-fleet": "device-fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDeviceFleet.html" + }, + "DescribeDomain": { + "privilege": "DescribeDomain", + "description": "Grants permission to describe a Domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeDomain.html" + }, + "DescribeEdgeDeploymentPlan": { + "privilege": "DescribeEdgeDeploymentPlan", + "description": "Grants permission to access information about an edge deployment plan", + "access_level": "Read", + "resource_types": { + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-deployment-plan": "edge-deployment-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEdgeDeploymentPlan.html" + }, + "DescribeEdgePackagingJob": { + "privilege": "DescribeEdgePackagingJob", + "description": "Grants permission to access information about an edge packaging job", + "access_level": "Read", + "resource_types": { + "edge-packaging-job": { + "resource_type": "edge-packaging-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-packaging-job": "edge-packaging-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEdgePackagingJob.html" + }, + "DescribeEndpoint": { + "privilege": "DescribeEndpoint", + "description": "Grants permission to return the description of an endpoint", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpoint.html" + }, + "DescribeEndpointConfig": { + "privilege": "DescribeEndpointConfig", + "description": "Grants permission to return the description of an endpoint configuration, which was created using the CreateEndpointConfig API", + "access_level": "Read", + "resource_types": { + "endpoint-config": { + "resource_type": "endpoint-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint-config": "endpoint-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpointConfig.html" + }, + "DescribeExperiment": { + "privilege": "DescribeExperiment", + "description": "Grants permission to return information about an experiment", + "access_level": "Read", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeExperiment.html" + }, + "DescribeFeatureGroup": { + "privilege": "DescribeFeatureGroup", + "description": "Grants permission to return information about a feature group", + "access_level": "Read", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFeatureGroup.html" + }, + "DescribeFeatureMetadata": { + "privilege": "DescribeFeatureMetadata", + "description": "Grants permission to return information about a feature metadata", + "access_level": "Read", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFeatureMetadata.html" + }, + "DescribeFlowDefinition": { + "privilege": "DescribeFlowDefinition", + "description": "Grants permission to return information about the specified flow definition", + "access_level": "Read", + "resource_types": { + "flow-definition": { + "resource_type": "flow-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow-definition": "flow-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeFlowDefinition.html" + }, + "DescribeHub": { + "privilege": "DescribeHub", + "description": "Grants permission to describe hubs", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHub.html" + }, + "DescribeHubContent": { + "privilege": "DescribeHubContent", + "description": "Grants permission to describe hub content", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "hub-content": { + "resource_type": "hub-content", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub", + "hub-content": "hub-content" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHubContent.html" + }, + "DescribeHumanLoop": { + "privilege": "DescribeHumanLoop", + "description": "Grants permission to return information about the specified human loop", + "access_level": "Read", + "resource_types": { + "human-loop": { + "resource_type": "human-loop", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "human-loop": "human-loop" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHumanLoop.html" + }, + "DescribeHumanTaskUi": { + "privilege": "DescribeHumanTaskUi", + "description": "Grants permission to return detailed information about the specified human review workflow user interface", + "access_level": "Read", + "resource_types": { + "human-task-ui": { + "resource_type": "human-task-ui", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "human-task-ui": "human-task-ui" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHumanTaskUi.html" + }, + "DescribeHyperParameterTuningJob": { + "privilege": "DescribeHyperParameterTuningJob", + "description": "Grants permission to describe a hyper parameter tuning job that was created via the CreateHyperParameterTuningJob API", + "access_level": "Read", + "resource_types": { + "hyper-parameter-tuning-job": { + "resource_type": "hyper-parameter-tuning-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeHyperParameterTuningJob.html" + }, + "DescribeImage": { + "privilege": "DescribeImage", + "description": "Grants permission to return information about a SageMaker Image", + "access_level": "Read", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImage.html" + }, + "DescribeImageVersion": { + "privilege": "DescribeImageVersion", + "description": "Grants permission to return information about a SageMaker ImageVersion", + "access_level": "Read", + "resource_types": { + "image-version": { + "resource_type": "image-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-version": "image-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeImageVersion.html" + }, + "DescribeInferenceExperiment": { + "privilege": "DescribeInferenceExperiment", + "description": "Grants permission to get information about an inference experiment", + "access_level": "Read", + "resource_types": { + "inference-experiment": { + "resource_type": "inference-experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-experiment": "inference-experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeInferenceExperiment.html" + }, + "DescribeInferenceRecommendationsJob": { + "privilege": "DescribeInferenceRecommendationsJob", + "description": "Grants permission to get information about an inference recommendations job", + "access_level": "Read", + "resource_types": { + "inference-recommendations-job": { + "resource_type": "inference-recommendations-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-recommendations-job": "inference-recommendations-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeInferenceRecommendationsJob.html" + }, + "DescribeLabelingJob": { + "privilege": "DescribeLabelingJob", + "description": "Grants permission to return information about a labeling job", + "access_level": "Read", + "resource_types": { + "labeling-job": { + "resource_type": "labeling-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "labeling-job": "labeling-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeLabelingJob.html" + }, + "DescribeLineageGroup": { + "privilege": "DescribeLineageGroup", + "description": "Grants permission to describe a lineage group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeLineageGroup.html" + }, + "DescribeModel": { + "privilege": "DescribeModel", + "description": "Grants permission to describe a model that you created using the CreateModel API", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModel.html" + }, + "DescribeModelBiasJobDefinition": { + "privilege": "DescribeModelBiasJobDefinition", + "description": "Grants permission to return information about a model bias job definition", + "access_level": "Read", + "resource_types": { + "model-bias-job-definition": { + "resource_type": "model-bias-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-bias-job-definition": "model-bias-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelBiasJobDefinition.html" + }, + "DescribeModelCard": { + "privilege": "DescribeModelCard", + "description": "Grants permission to get information about a model card", + "access_level": "Read", + "resource_types": { + "model-card": { + "resource_type": "model-card", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card": "model-card" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelCard.html" + }, + "DescribeModelCardExportJob": { + "privilege": "DescribeModelCardExportJob", + "description": "Grants permission to get information about a model card export job", + "access_level": "Read", + "resource_types": { + "model-card-export-job": { + "resource_type": "model-card-export-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card-export-job": "model-card-export-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelCardExportJob.html" + }, + "DescribeModelExplainabilityJobDefinition": { + "privilege": "DescribeModelExplainabilityJobDefinition", + "description": "Grants permission to return information about a model explainability job definition", + "access_level": "Read", + "resource_types": { + "model-explainability-job-definition": { + "resource_type": "model-explainability-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-explainability-job-definition": "model-explainability-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelExplainabilityJobDefinition.html" + }, + "DescribeModelPackage": { + "privilege": "DescribeModelPackage", + "description": "Grants permission to describe a ModelPackage", + "access_level": "Read", + "resource_types": { + "model-package": { + "resource_type": "model-package", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package": "model-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackage.html" + }, + "DescribeModelPackageGroup": { + "privilege": "DescribeModelPackageGroup", + "description": "Grants permission to describe a ModelPackageGroup", + "access_level": "Read", + "resource_types": { + "model-package-group": { + "resource_type": "model-package-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package-group": "model-package-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelPackageGroup.html" + }, + "DescribeModelQualityJobDefinition": { + "privilege": "DescribeModelQualityJobDefinition", + "description": "Grants permission to return information about a model quality job definition", + "access_level": "Read", + "resource_types": { + "model-quality-job-definition": { + "resource_type": "model-quality-job-definition", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-quality-job-definition": "model-quality-job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeModelQualityJobDefinition.html" + }, + "DescribeMonitoringSchedule": { + "privilege": "DescribeMonitoringSchedule", + "description": "Grants permission to return information about a monitoring schedule", + "access_level": "Read", + "resource_types": { + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitoring-schedule": "monitoring-schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeMonitoringSchedule.html" + }, + "DescribeNotebookInstance": { + "privilege": "DescribeNotebookInstance", + "description": "Grants permission to return information about a notebook instance", + "access_level": "Read", + "resource_types": { + "notebook-instance": { + "resource_type": "notebook-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance": "notebook-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeNotebookInstance.html" + }, + "DescribeNotebookInstanceLifecycleConfig": { + "privilege": "DescribeNotebookInstanceLifecycleConfig", + "description": "Grants permission to describe a notebook instance lifecycle configuration that was created via the CreateNotebookInstanceLifecycleConfig API", + "access_level": "Read", + "resource_types": { + "notebook-instance-lifecycle-config": { + "resource_type": "notebook-instance-lifecycle-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance-lifecycle-config": "notebook-instance-lifecycle-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeNotebookInstanceLifecycleConfig.html" + }, + "DescribePipeline": { + "privilege": "DescribePipeline", + "description": "Grants permission to get information about a pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipeline.html" + }, + "DescribePipelineDefinitionForExecution": { + "privilege": "DescribePipelineDefinitionForExecution", + "description": "Grants permission to get the pipeline definition for a pipeline execution", + "access_level": "Read", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineDefinitionForExecution.html" + }, + "DescribePipelineExecution": { + "privilege": "DescribePipelineExecution", + "description": "Grants permission to get information about a pipeline execution", + "access_level": "Read", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribePipelineExecution.html" + }, + "DescribeProcessingJob": { + "privilege": "DescribeProcessingJob", + "description": "Grants permission to return information about a processing job", + "access_level": "Read", + "resource_types": { + "processing-job": { + "resource_type": "processing-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "processing-job": "processing-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeProcessingJob.html" + }, + "DescribeProject": { + "privilege": "DescribeProject", + "description": "Grants permission to describe a project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeProject.html" + }, + "DescribeSharedModel": { + "privilege": "DescribeSharedModel", + "description": "Grants permission to describe a shared model in a SageMaker Studio application", + "access_level": "Read", + "resource_types": { + "shared-model": { + "resource_type": "shared-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "shared-model": "shared-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" + }, + "DescribeSpace": { + "privilege": "DescribeSpace", + "description": "Grants permission to describe a Space", + "access_level": "Read", + "resource_types": { + "space": { + "resource_type": "space", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "space": "space" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeSpace.html" + }, + "DescribeStudioLifecycleConfig": { + "privilege": "DescribeStudioLifecycleConfig", + "description": "Grants permission to describe a Studio Lifecycle Configuration", + "access_level": "Read", + "resource_types": { + "studio-lifecycle-config": { + "resource_type": "studio-lifecycle-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "studio-lifecycle-config": "studio-lifecycle-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeStudioLifecycleConfig.html" + }, + "DescribeSubscribedWorkteam": { + "privilege": "DescribeSubscribedWorkteam", + "description": "Grants permission to return information about a subscribed workteam", + "access_level": "Read", + "resource_types": { + "workteam": { + "resource_type": "workteam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workteam": "workteam" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeSubscribedWorkteam.html" + }, + "DescribeTrainingJob": { + "privilege": "DescribeTrainingJob", + "description": "Grants permission to return information about a training job", + "access_level": "Read", + "resource_types": { + "training-job": { + "resource_type": "training-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "training-job": "training-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrainingJob.html" + }, + "DescribeTransformJob": { + "privilege": "DescribeTransformJob", + "description": "Grants permission to return information about a transform job", + "access_level": "Read", + "resource_types": { + "transform-job": { + "resource_type": "transform-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transform-job": "transform-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTransformJob.html" + }, + "DescribeTrial": { + "privilege": "DescribeTrial", + "description": "Grants permission to return information about a trial", + "access_level": "Read", + "resource_types": { + "experiment-trial": { + "resource_type": "experiment-trial", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial": "experiment-trial" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrial.html" + }, + "DescribeTrialComponent": { + "privilege": "DescribeTrialComponent", + "description": "Grants permission to return information about a trial component", + "access_level": "Read", + "resource_types": { + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial-component": "experiment-trial-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrialComponent.html" + }, + "DescribeUserProfile": { + "privilege": "DescribeUserProfile", + "description": "Grants permission to describe a UserProfile", + "access_level": "Read", + "resource_types": { + "user-profile": { + "resource_type": "user-profile", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user-profile": "user-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeUserProfile.html" + }, + "DescribeWorkforce": { + "privilege": "DescribeWorkforce", + "description": "Grants permission to return information about a workforce", + "access_level": "Read", + "resource_types": { + "workforce": { + "resource_type": "workforce", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workforce": "workforce" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkforce.html" + }, + "DescribeWorkteam": { + "privilege": "DescribeWorkteam", + "description": "Grants permission to return information about a workteam", + "access_level": "Read", + "resource_types": { + "workteam": { + "resource_type": "workteam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workteam": "workteam" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeWorkteam.html" + }, + "DisableSagemakerServicecatalogPortfolio": { + "privilege": "DisableSagemakerServicecatalogPortfolio", + "description": "Grants permission to disable a SageMaker Service Catalog Portfolio", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DisableSagemakerServicecatalogPortfolio.html" + }, + "DisassociateTrialComponent": { + "privilege": "DisassociateTrialComponent", + "description": "Grants permission to disassociate a trial component from a trial", + "access_level": "Write", + "resource_types": { + "experiment-trial": { + "resource_type": "experiment-trial", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "processing-job": { + "resource_type": "processing-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial": "experiment-trial", + "experiment-trial-component": "experiment-trial-component", + "processing-job": "processing-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DisassociateTrialComponent.html" + }, + "EnableSagemakerServicecatalogPortfolio": { + "privilege": "EnableSagemakerServicecatalogPortfolio", + "description": "Grants permission to enable a SageMaker Service Catalog Portfolio", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_EnableSagemakerServicecatalogPortfolio.html" + }, + "GetDeployments": { + "privilege": "GetDeployments", + "description": "Grants permission to get deployment plan for device", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_edge_GetDeployments.html" + }, + "GetDeviceFleetReport": { + "privilege": "GetDeviceFleetReport", + "description": "Grants permission to access a summary of the devices in a device fleet", + "access_level": "Read", + "resource_types": { + "device-fleet": { + "resource_type": "device-fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-fleet": "device-fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetDeviceFleetReport.html" + }, + "GetDeviceRegistration": { + "privilege": "GetDeviceRegistration", + "description": "Grants permission to get device registration. After you deploy a model onto edge devices this api is used to get current device registration", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_edge_GetDeviceRegistration.html" + }, + "GetLineageGroupPolicy": { + "privilege": "GetLineageGroupPolicy", + "description": "Grants permission to retreive a lineage group policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetLineageGroupPolicy.html" + }, + "GetModelPackageGroupPolicy": { + "privilege": "GetModelPackageGroupPolicy", + "description": "Grants permission to get a ModelPackageGroup policy", + "access_level": "Read", + "resource_types": { + "model-package-group": { + "resource_type": "model-package-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package-group": "model-package-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetModelPackageGroupPolicy.html" + }, + "GetRecord": { + "privilege": "GetRecord", + "description": "Grants permission to get a record from a feature group", + "access_level": "Read", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_GetRecord.html" + }, + "GetSagemakerServicecatalogPortfolioStatus": { + "privilege": "GetSagemakerServicecatalogPortfolioStatus", + "description": "Grants permission to get a SageMaker Service Catalog Portfolio", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetSagemakerServicecatalogPortfolioStatus.html" + }, + "GetScalingPolicyConfigurationRecommendation": { + "privilege": "GetScalingPolicyConfigurationRecommendation", + "description": "Grants permission to get a scaling policy configuration recommendation", + "access_level": "Read", + "resource_types": { + "inference-recommendations-job": { + "resource_type": "inference-recommendations-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-recommendations-job": "inference-recommendations-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetScalingPolicyConfigurationRecommendation.html" + }, + "GetSearchSuggestions": { + "privilege": "GetSearchSuggestions", + "description": "Grants permission to get search suggestions when provided with a keyword", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_GetSearchSuggestions.html" + }, + "ImportHubContent": { + "privilege": "ImportHubContent", + "description": "Grants permission to import hub content", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "sagemaker:AddTags" + ] + }, + "hub-content": { + "resource_type": "hub-content", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub", + "hub-content": "hub-content", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ImportHubContent.html" + }, + "InvokeEndpoint": { + "privilege": "InvokeEndpoint", + "description": "Grants permission to invoke an endpoint. After you deploy a model into production using Amazon SageMaker hosting services, your client applications use this API to get inferences from the model hosted at the specified endpoint", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:TargetModel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html" + }, + "InvokeEndpointAsync": { + "privilege": "InvokeEndpointAsync", + "description": "Grants permission to get inferences from the hosted model at the specified endpoint in an asynchronous manner", + "access_level": "Read", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpointAsync.html" + }, + "ListActions": { + "privilege": "ListActions", + "description": "Grants permission to list actions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListActions.html" + }, + "ListAlgorithms": { + "privilege": "ListAlgorithms", + "description": "Grants permission to list Algorithms", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAlgorithms.html" + }, + "ListAliases": { + "privilege": "ListAliases", + "description": "Grants permission to list Aliases that belong to a SageMaker Image or Sagemaker ImageVersion", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image-version": { + "resource_type": "image-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image", + "image-version": "image-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAliases.html" + }, + "ListAppImageConfigs": { + "privilege": "ListAppImageConfigs", + "description": "Grants permission to list the AppImageConfigs in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAppImageConfigs.html" + }, + "ListApps": { + "privilege": "ListApps", + "description": "Grants permission to list the Apps in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListApps.html" + }, + "ListArtifacts": { + "privilege": "ListArtifacts", + "description": "Grants permission to list artifacts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListArtifacts.html" + }, + "ListAssociations": { + "privilege": "ListAssociations", + "description": "Grants permission to list associations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAssociations.html" + }, + "ListAutoMLJobs": { + "privilege": "ListAutoMLJobs", + "description": "Grants permission to list AutoML jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListAutoMLJobs.html" + }, + "ListCandidatesForAutoMLJob": { + "privilege": "ListCandidatesForAutoMLJob", + "description": "Grants permission to lists candidates for an AutoML job", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListCandidatesForAutoMLJob.html" + }, + "ListCodeRepositories": { + "privilege": "ListCodeRepositories", + "description": "Grants permission to list code repositories", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListCodeRepositories.html" + }, + "ListCompilationJobs": { + "privilege": "ListCompilationJobs", + "description": "Grants permission to list compilation jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListCompilationJobs.html" + }, + "ListContexts": { + "privilege": "ListContexts", + "description": "Grants permission to list contexts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListContexts.html" + }, + "ListDataQualityJobDefinitions": { + "privilege": "ListDataQualityJobDefinitions", + "description": "Grants permission to list data quality job definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDataQualityJobDefinitions.html" + }, + "ListDeviceFleets": { + "privilege": "ListDeviceFleets", + "description": "Grants permission to list device fleets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDeviceFleets.html" + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Grants permission to list devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDevices.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list the Domains in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListDomains.html" + }, + "ListEdgeDeploymentPlans": { + "privilege": "ListEdgeDeploymentPlans", + "description": "Grants permission to list edge deployment plans", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEdgeDeploymentPlans.html" + }, + "ListEdgePackagingJobs": { + "privilege": "ListEdgePackagingJobs", + "description": "Grants permission to list edge packaging jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEdgePackagingJobs.html" + }, + "ListEndpointConfigs": { + "privilege": "ListEndpointConfigs", + "description": "Grants permission to list endpoint configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpointConfigs.html" + }, + "ListEndpoints": { + "privilege": "ListEndpoints", + "description": "Grants permission to list endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListEndpoints.html" + }, + "ListExperiments": { + "privilege": "ListExperiments", + "description": "Grants permission to list experiments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListExperiments.html" + }, + "ListFeatureGroups": { + "privilege": "ListFeatureGroups", + "description": "Grants permission to list feature groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListFeatureGroups.html" + }, + "ListFlowDefinitions": { + "privilege": "ListFlowDefinitions", + "description": "Grants permission to return summary information about flow definitions, given the specified parameters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListFlowDefinitions.html" + }, + "ListHubContentVersions": { + "privilege": "ListHubContentVersions", + "description": "Grants permission to list all versions of hub content", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "hub-content": { + "resource_type": "hub-content", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub", + "hub-content": "hub-content" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHubContentVersions.html" + }, + "ListHubContents": { + "privilege": "ListHubContents", + "description": "Grants permission to list newest versions of hub content", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHubContents.html" + }, + "ListHubs": { + "privilege": "ListHubs", + "description": "Grants permission to list hubs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHubs.html" + }, + "ListHumanLoops": { + "privilege": "ListHumanLoops", + "description": "Grants permission to return summary information about human loops, given the specified parameters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHumanLoops.html" + }, + "ListHumanTaskUis": { + "privilege": "ListHumanTaskUis", + "description": "Grants permission to return summary information about human review workflow user interfaces, given the specified parameters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHumanTaskUis.html" + }, + "ListHyperParameterTuningJobs": { + "privilege": "ListHyperParameterTuningJobs", + "description": "Grants permission to list hyper parameter tuning jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListHyperParameterTuningJobs.html" + }, + "ListImageVersions": { + "privilege": "ListImageVersions", + "description": "Grants permission to list ImageVersions that belong to a SageMaker Image", + "access_level": "List", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImageVersions.html" + }, + "ListImages": { + "privilege": "ListImages", + "description": "Grants permission to list SageMaker Images in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListImages.html" + }, + "ListInferenceExperiments": { + "privilege": "ListInferenceExperiments", + "description": "Grants permission to list inference experiments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceExperiments.html" + }, + "ListInferenceRecommendationsJobSteps": { + "privilege": "ListInferenceRecommendationsJobSteps", + "description": "Grants permission to list inference recommendations job steps", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceRecommendationsJobSteps.html" + }, + "ListInferenceRecommendationsJobs": { + "privilege": "ListInferenceRecommendationsJobs", + "description": "Grants permission to list inference recommendations jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceRecommendationsJobs.html" + }, + "ListLabelingJobs": { + "privilege": "ListLabelingJobs", + "description": "Grants permission to list labeling jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobs.html" + }, + "ListLabelingJobsForWorkteam": { + "privilege": "ListLabelingJobsForWorkteam", + "description": "Grants permission to list labeling jobs for workteam", + "access_level": "List", + "resource_types": { + "workteam": { + "resource_type": "workteam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workteam": "workteam" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLabelingJobs.html" + }, + "ListLineageGroups": { + "privilege": "ListLineageGroups", + "description": "Grants permission to list lineage groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListLineageGroups.html" + }, + "ListModelBiasJobDefinitions": { + "privilege": "ListModelBiasJobDefinitions", + "description": "Grants permission to list model bias job definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelBiasJobDefinitions.html" + }, + "ListModelCardExportJobs": { + "privilege": "ListModelCardExportJobs", + "description": "Grants permission to list export jobs for a model card", + "access_level": "List", + "resource_types": { + "model-card": { + "resource_type": "model-card", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card": "model-card" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelCardExportJobs.html" + }, + "ListModelCardVersions": { + "privilege": "ListModelCardVersions", + "description": "Grants permission to list versions of a model card", + "access_level": "List", + "resource_types": { + "model-card": { + "resource_type": "model-card", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card": "model-card" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelCardVersions.html" + }, + "ListModelCards": { + "privilege": "ListModelCards", + "description": "Grants permission to list model cards", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelCards.html" + }, + "ListModelExplainabilityJobDefinitions": { + "privilege": "ListModelExplainabilityJobDefinitions", + "description": "Grants permission to list model explainability job definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelExplainabilityJobDefinitions.html" + }, + "ListModelMetadata": { + "privilege": "ListModelMetadata", + "description": "Grants permission to list model metadata for inference recommendations jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelMetadata.html" + }, + "ListModelPackageGroups": { + "privilege": "ListModelPackageGroups", + "description": "Grants permission to list ModelPackageGroups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelPackageGroups.html" + }, + "ListModelPackages": { + "privilege": "ListModelPackages", + "description": "Grants permission to list ModelPackages", + "access_level": "List", + "resource_types": { + "model-package-group": { + "resource_type": "model-package-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package-group": "model-package-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelPackages.html" + }, + "ListModelQualityJobDefinitions": { + "privilege": "ListModelQualityJobDefinitions", + "description": "Grants permission to list model quality job definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModelQualityJobDefinitions.html" + }, + "ListModels": { + "privilege": "ListModels", + "description": "Grants permission to list the models created with the CreateModel API", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListModels.html" + }, + "ListMonitoringAlertHistory": { + "privilege": "ListMonitoringAlertHistory", + "description": "Grants permission to list the history of a monitoring alert", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringHistory.html" + }, + "ListMonitoringAlerts": { + "privilege": "ListMonitoringAlerts", + "description": "Grants permission to list monitoring alerts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringAlerts.html" + }, + "ListMonitoringExecutions": { + "privilege": "ListMonitoringExecutions", + "description": "Grants permission to list monitoring executions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringExecutions.html" + }, + "ListMonitoringSchedules": { + "privilege": "ListMonitoringSchedules", + "description": "Grants permission to list monitoring schedules", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListMonitoringSchedules.html" + }, + "ListNotebookInstanceLifecycleConfigs": { + "privilege": "ListNotebookInstanceLifecycleConfigs", + "description": "Grants permission to list the notebook instance lifecycle configurations that can be deployed using Amazon SageMaker", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListNotebookInstanceLifecycleConfigs.html" + }, + "ListNotebookInstances": { + "privilege": "ListNotebookInstances", + "description": "Grants permission to list the Amazon SageMaker notebook instances in the requester's account in an AWS Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListNotebookInstances.html" + }, + "ListPipelineExecutionSteps": { + "privilege": "ListPipelineExecutionSteps", + "description": "Grants permission to list steps for a pipeline execution", + "access_level": "List", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutionSteps.html" + }, + "ListPipelineExecutions": { + "privilege": "ListPipelineExecutions", + "description": "Grants permission to list executions for a pipeline", + "access_level": "List", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineExecutions.html" + }, + "ListPipelineParametersForExecution": { + "privilege": "ListPipelineParametersForExecution", + "description": "Grants permission to list parameters for a pipeline execution", + "access_level": "List", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelineParametersForExecution.html" + }, + "ListPipelines": { + "privilege": "ListPipelines", + "description": "Grants permission to list pipelines", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListPipelines.html" + }, + "ListProcessingJobs": { + "privilege": "ListProcessingJobs", + "description": "Grants permission to list processing jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListProcessingJobs.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list Projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListProjects.html" + }, + "ListSharedModelEvents": { + "privilege": "ListSharedModelEvents", + "description": "Grants permission to list shared model events", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" + }, + "ListSharedModelVersions": { + "privilege": "ListSharedModelVersions", + "description": "Grants permission to list shared model versions", + "access_level": "List", + "resource_types": { + "shared-model": { + "resource_type": "shared-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "shared-model": "shared-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" + }, + "ListSharedModels": { + "privilege": "ListSharedModels", + "description": "Grants permission to list shared models", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" + }, + "ListSpaces": { + "privilege": "ListSpaces", + "description": "Grants permission to list the Spaces in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListSpaces.html" + }, + "ListStageDevices": { + "privilege": "ListStageDevices", + "description": "Grants permission to list stage devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListStageDevices.html" + }, + "ListStudioLifecycleConfigs": { + "privilege": "ListStudioLifecycleConfigs", + "description": "Grants permission to list the Studio Lifecycle Configurations that can be deployed using Amazon SageMaker", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListStudioLifecycleConfigs.html" + }, + "ListSubscribedWorkteams": { + "privilege": "ListSubscribedWorkteams", + "description": "Grants permission to list subscribed workteams", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListSubscribedWorkteams.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to list the tag set associated with the specified resource", + "access_level": "List", + "resource_types": { + "action": { + "resource_type": "action", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "algorithm": { + "resource_type": "algorithm", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "app": { + "resource_type": "app", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "app-image-config": { + "resource_type": "app-image-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "artifact": { + "resource_type": "artifact", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "automl-job": { + "resource_type": "automl-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "code-repository": { + "resource_type": "code-repository", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "compilation-job": { + "resource_type": "compilation-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "context": { + "resource_type": "context", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "data-quality-job-definition": { + "resource_type": "data-quality-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "device-fleet": { + "resource_type": "device-fleet", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "edge-packaging-job": { + "resource_type": "edge-packaging-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "endpoint": { + "resource_type": "endpoint", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "endpoint-config": { + "resource_type": "endpoint-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial": { + "resource_type": "experiment-trial", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "feature-group": { + "resource_type": "feature-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "flow-definition": { + "resource_type": "flow-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "human-task-ui": { + "resource_type": "human-task-ui", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "hyper-parameter-tuning-job": { + "resource_type": "hyper-parameter-tuning-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "image": { + "resource_type": "image", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "inference-recommendations-job": { + "resource_type": "inference-recommendations-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "labeling-job": { + "resource_type": "labeling-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-bias-job-definition": { + "resource_type": "model-bias-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-card": { + "resource_type": "model-card", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-explainability-job-definition": { + "resource_type": "model-explainability-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-package": { + "resource_type": "model-package", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-package-group": { + "resource_type": "model-package-group", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "model-quality-job-definition": { + "resource_type": "model-quality-job-definition", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "notebook-instance": { + "resource_type": "notebook-instance", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "processing-job": { + "resource_type": "processing-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "studio-lifecycle-config": { + "resource_type": "studio-lifecycle-config", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "training-job": { + "resource_type": "training-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "transform-job": { + "resource_type": "transform-job", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "user-profile": { + "resource_type": "user-profile", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "workteam": { + "resource_type": "workteam", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "algorithm": "algorithm", + "app": "app", + "app-image-config": "app-image-config", + "artifact": "artifact", + "automl-job": "automl-job", + "code-repository": "code-repository", + "compilation-job": "compilation-job", + "context": "context", + "data-quality-job-definition": "data-quality-job-definition", + "device": "device", + "device-fleet": "device-fleet", + "domain": "domain", + "edge-deployment-plan": "edge-deployment-plan", + "edge-packaging-job": "edge-packaging-job", + "endpoint": "endpoint", + "endpoint-config": "endpoint-config", + "experiment": "experiment", + "experiment-trial": "experiment-trial", + "experiment-trial-component": "experiment-trial-component", + "feature-group": "feature-group", + "flow-definition": "flow-definition", + "human-task-ui": "human-task-ui", + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job", + "image": "image", + "inference-recommendations-job": "inference-recommendations-job", + "labeling-job": "labeling-job", + "model": "model", + "model-bias-job-definition": "model-bias-job-definition", + "model-card": "model-card", + "model-explainability-job-definition": "model-explainability-job-definition", + "model-package": "model-package", + "model-package-group": "model-package-group", + "model-quality-job-definition": "model-quality-job-definition", + "monitoring-schedule": "monitoring-schedule", + "notebook-instance": "notebook-instance", + "pipeline": "pipeline", + "processing-job": "processing-job", + "project": "project", + "studio-lifecycle-config": "studio-lifecycle-config", + "training-job": "training-job", + "transform-job": "transform-job", + "user-profile": "user-profile", + "workteam": "workteam" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTags.html" + }, + "ListTrainingJobs": { + "privilege": "ListTrainingJobs", + "description": "Grants permission to list training jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrainingJobs.html" + }, + "ListTrainingJobsForHyperParameterTuningJob": { + "privilege": "ListTrainingJobsForHyperParameterTuningJob", + "description": "Grants permission to list training jobs for a hyper parameter tuning job", + "access_level": "List", + "resource_types": { + "hyper-parameter-tuning-job": { + "resource_type": "hyper-parameter-tuning-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrainingJobsForHyperParameterTuningJob.html" + }, + "ListTransformJobs": { + "privilege": "ListTransformJobs", + "description": "Grants permission to list transform jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTransformJobs.html" + }, + "ListTrialComponents": { + "privilege": "ListTrialComponents", + "description": "Grants permission to list trial components", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrialComponents.html" + }, + "ListTrials": { + "privilege": "ListTrials", + "description": "Grants permission to list trials", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListTrials.html" + }, + "ListUserProfiles": { + "privilege": "ListUserProfiles", + "description": "Grants permission to list the UserProfiles in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListUserProfiles.html" + }, + "ListWorkforces": { + "privilege": "ListWorkforces", + "description": "Grants permission to list workforces", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkforces.html" + }, + "ListWorkteams": { + "privilege": "ListWorkteams", + "description": "Grants permission to list workteams", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListWorkteams.html" + }, + "PutLineageGroupPolicy": { + "privilege": "PutLineageGroupPolicy", + "description": "Grants permission to put a lineage group policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/Welcome.html" + }, + "PutModelPackageGroupPolicy": { + "privilege": "PutModelPackageGroupPolicy", + "description": "Grants permission to put a ModelPackageGroup policy", + "access_level": "Write", + "resource_types": { + "model-package-group": { + "resource_type": "model-package-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package-group": "model-package-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_PutModelPackageGroupPolicy.html" + }, + "PutRecord": { + "privilege": "PutRecord", + "description": "Grants permission to put a record to a feature group", + "access_level": "Write", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_PutRecord.html" + }, + "QueryLineage": { + "privilege": "QueryLineage", + "description": "Grants permission to explore the lineage graph", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_QueryLineage.html" + }, + "RegisterDevices": { + "privilege": "RegisterDevices", + "description": "Grants permission to register a set of devices", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RegisterDevices.html" + }, + "RenderUiTemplate": { + "privilege": "RenderUiTemplate", + "description": "Grants permission to render a UI template used for a human annotation task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RenderUiTemplate.html" + }, + "RetryPipelineExecution": { + "privilege": "RetryPipelineExecution", + "description": "Grants permission to retry a pipeline execution", + "access_level": "Write", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_RetryPipelineExecution.html" + }, + "Search": { + "privilege": "Search", + "description": "Grants permission to search for SageMaker objects", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html" + }, + "SendHeartbeat": { + "privilege": "SendHeartbeat", + "description": "Grants permission to publish heartbeat data from devices. After you deploy a model onto edge devices this api is used to report device status", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_edge_SendHeartbeat.html" + }, + "SendPipelineExecutionStepFailure": { + "privilege": "SendPipelineExecutionStepFailure", + "description": "Grants permission to fail a pending callback step", + "access_level": "Write", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepFailure.html" + }, + "SendPipelineExecutionStepSuccess": { + "privilege": "SendPipelineExecutionStepSuccess", + "description": "Grants permission to succeed a pending callback step", + "access_level": "Write", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SendPipelineExecutionStepSuccess.html" + }, + "SendSharedModelEvent": { + "privilege": "SendSharedModelEvent", + "description": "Grants permission to send a shared model event", + "access_level": "Write", + "resource_types": { + "shared-model-event": { + "resource_type": "shared-model-event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "shared-model-event": "shared-model-event" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" + }, + "StartEdgeDeploymentStage": { + "privilege": "StartEdgeDeploymentStage", + "description": "Grants permission to start an edge deployment stage", + "access_level": "Write", + "resource_types": { + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-deployment-plan": "edge-deployment-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartEdgeDeploymentStage.html" + }, + "StartHumanLoop": { + "privilege": "StartHumanLoop", + "description": "Grants permission to start a human loop", + "access_level": "Write", + "resource_types": { + "flow-definition": { + "resource_type": "flow-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "flow-definition": "flow-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartHumanLoop.html" + }, + "StartInferenceExperiment": { + "privilege": "StartInferenceExperiment", + "description": "Grants permission to start an inference experiment", + "access_level": "Write", + "resource_types": { + "inference-experiment": { + "resource_type": "inference-experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-experiment": "inference-experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartInferenceExperiment.html" + }, + "StartMonitoringSchedule": { + "privilege": "StartMonitoringSchedule", + "description": "Grants permission to start a monitoring schedule", + "access_level": "Write", + "resource_types": { + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitoring-schedule": "monitoring-schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartMonitoringSchedule.html" + }, + "StartNotebookInstance": { + "privilege": "StartNotebookInstance", + "description": "Grants permission to start a notebook instance. This launches an EC2 instance with the latest version of the libraries and attaches your EBS volume", + "access_level": "Write", + "resource_types": { + "notebook-instance": { + "resource_type": "notebook-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance": "notebook-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartNotebookInstance.html" + }, + "StartPipelineExecution": { + "privilege": "StartPipelineExecution", + "description": "Grants permission to start a pipeline execution", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html" + }, + "StopAutoMLJob": { + "privilege": "StopAutoMLJob", + "description": "Grants permission to stop a running AutoML job", + "access_level": "Write", + "resource_types": { + "automl-job": { + "resource_type": "automl-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automl-job": "automl-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopAutoMLJob.html" + }, + "StopCompilationJob": { + "privilege": "StopCompilationJob", + "description": "Grants permission to stop a compilation job", + "access_level": "Write", + "resource_types": { + "compilation-job": { + "resource_type": "compilation-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compilation-job": "compilation-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopCompilationJob.html" + }, + "StopEdgeDeploymentStage": { + "privilege": "StopEdgeDeploymentStage", + "description": "Grants permission to stop an edge deployment stage", + "access_level": "Write", + "resource_types": { + "edge-deployment-plan": { + "resource_type": "edge-deployment-plan", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-deployment-plan": "edge-deployment-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopEdgeDeploymentStage.html" + }, + "StopEdgePackagingJob": { + "privilege": "StopEdgePackagingJob", + "description": "Grants permission to stop an edge packaging job", + "access_level": "Write", + "resource_types": { + "edge-packaging-job": { + "resource_type": "edge-packaging-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "edge-packaging-job": "edge-packaging-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopEdgePackagingJob.html" + }, + "StopHumanLoop": { + "privilege": "StopHumanLoop", + "description": "Grants permission to stop a specified human loop", + "access_level": "Write", + "resource_types": { + "human-loop": { + "resource_type": "human-loop", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "human-loop": "human-loop" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopHumanLoop.html" + }, + "StopHyperParameterTuningJob": { + "privilege": "StopHyperParameterTuningJob", + "description": "Grants permission to stop a running hyper parameter tuning job create via the CreateHyperParameterTuningJob", + "access_level": "Write", + "resource_types": { + "hyper-parameter-tuning-job": { + "resource_type": "hyper-parameter-tuning-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopHyperParameterTuningJob.html" + }, + "StopInferenceExperiment": { + "privilege": "StopInferenceExperiment", + "description": "Grants permission to stop an inference experiment", + "access_level": "Write", + "resource_types": { + "inference-experiment": { + "resource_type": "inference-experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-experiment": "inference-experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopInferenceExperiment.html" + }, + "StopInferenceRecommendationsJob": { + "privilege": "StopInferenceRecommendationsJob", + "description": "Grants permission to stop an inference recommendations job", + "access_level": "Write", + "resource_types": { + "inference-recommendations-job": { + "resource_type": "inference-recommendations-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-recommendations-job": "inference-recommendations-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopInferenceRecommendationsJob.html" + }, + "StopLabelingJob": { + "privilege": "StopLabelingJob", + "description": "Grants permission to stop a labeling job. Any labels already generated will be exported before stopping", + "access_level": "Write", + "resource_types": { + "labeling-job": { + "resource_type": "labeling-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "labeling-job": "labeling-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopLabelingJob.html" + }, + "StopMonitoringSchedule": { + "privilege": "StopMonitoringSchedule", + "description": "Grants permission to stop a monitoring schedule", + "access_level": "Write", + "resource_types": { + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitoring-schedule": "monitoring-schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopMonitoringSchedule.html" + }, + "StopNotebookInstance": { + "privilege": "StopNotebookInstance", + "description": "Grants permission to stop a notebook instance. This terminates the EC2 instance. Before terminating the instance, Amazon SageMaker disconnects the EBS volume from it. Amazon SageMaker preserves the EBS volume", + "access_level": "Write", + "resource_types": { + "notebook-instance": { + "resource_type": "notebook-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance": "notebook-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopNotebookInstance.html" + }, + "StopPipelineExecution": { + "privilege": "StopPipelineExecution", + "description": "Grants permission to stop a pipeline execution", + "access_level": "Write", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopPipelineExecution.html" + }, + "StopProcessingJob": { + "privilege": "StopProcessingJob", + "description": "Grants permission to stop a processing job. To stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds", + "access_level": "Write", + "resource_types": { + "processing-job": { + "resource_type": "processing-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "processing-job": "processing-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopProcessingJob.html" + }, + "StopTrainingJob": { + "privilege": "StopTrainingJob", + "description": "Grants permission to stop a training job. To stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds", + "access_level": "Write", + "resource_types": { + "training-job": { + "resource_type": "training-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "training-job": "training-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTrainingJob.html" + }, + "StopTransformJob": { + "privilege": "StopTransformJob", + "description": "Grants permission to stop a transform job. When Amazon SageMaker receives a StopTransformJob request, the status of the job changes to Stopping. After Amazon SageMaker stops the job, the status is set to Stopped", + "access_level": "Write", + "resource_types": { + "transform-job": { + "resource_type": "transform-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transform-job": "transform-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StopTransformJob.html" + }, + "UpdateAction": { + "privilege": "UpdateAction", + "description": "Grants permission to update an action", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateAction.html" + }, + "UpdateAppImageConfig": { + "privilege": "UpdateAppImageConfig", + "description": "Grants permission to update an AppImageConfig", + "access_level": "Write", + "resource_types": { + "app-image-config": { + "resource_type": "app-image-config", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-image-config": "app-image-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateAppImageConfig.html" + }, + "UpdateArtifact": { + "privilege": "UpdateArtifact", + "description": "Grants permission to update an artifact", + "access_level": "Write", + "resource_types": { + "artifact": { + "resource_type": "artifact", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "artifact": "artifact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateArtifact.html" + }, + "UpdateCodeRepository": { + "privilege": "UpdateCodeRepository", + "description": "Grants permission to update a CodeRepository", + "access_level": "Write", + "resource_types": { + "code-repository": { + "resource_type": "code-repository", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code-repository": "code-repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateCodeRepository.html" + }, + "UpdateContext": { + "privilege": "UpdateContext", + "description": "Grants permission to update a context", + "access_level": "Write", + "resource_types": { + "context": { + "resource_type": "context", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "context": "context" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateContext.html" + }, + "UpdateDeviceFleet": { + "privilege": "UpdateDeviceFleet", + "description": "Grants permission to update a device fleet", + "access_level": "Write", + "resource_types": { + "device-fleet": { + "resource_type": "device-fleet", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-fleet": "device-fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDeviceFleet.html" + }, + "UpdateDevices": { + "privilege": "UpdateDevices", + "description": "Grants permission to update a set of devices", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDevices.html" + }, + "UpdateDomain": { + "privilege": "UpdateDomain", + "description": "Grants permission to update a Domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:VpcSecurityGroupIds", + "sagemaker:InstanceTypes", + "sagemaker:DomainSharingOutputKmsKey", + "sagemaker:ImageArns", + "sagemaker:ImageVersionArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateDomain.html" + }, + "UpdateEndpoint": { + "privilege": "UpdateEndpoint", + "description": "Grants permission to update an endpoint to use the endpoint configuration specified in the request", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpoint.html" + }, + "UpdateEndpointWeightsAndCapacities": { + "privilege": "UpdateEndpointWeightsAndCapacities", + "description": "Grants permission to update variant weight, capacity, or both of one or more variants associated with an endpoint", + "access_level": "Write", + "resource_types": { + "endpoint": { + "resource_type": "endpoint", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html" + }, + "UpdateExperiment": { + "privilege": "UpdateExperiment", + "description": "Grants permission to update an experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateExperiment.html" + }, + "UpdateFeatureGroup": { + "privilege": "UpdateFeatureGroup", + "description": "Grants permission to update a feature group", + "access_level": "Write", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateFeatureGroup.html" + }, + "UpdateFeatureMetadata": { + "privilege": "UpdateFeatureMetadata", + "description": "Grants permission to update a feature metadata", + "access_level": "Write", + "resource_types": { + "feature-group": { + "resource_type": "feature-group", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "feature-group": "feature-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateFeatureMetadata.html" + }, + "UpdateHub": { + "privilege": "UpdateHub", + "description": "Grants permission to update hubs", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateHub.html" + }, + "UpdateImage": { + "privilege": "UpdateImage", + "description": "Grants permission to update the properties of a SageMaker Image", + "access_level": "Write", + "resource_types": { + "image": { + "resource_type": "image", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "image": "image" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImage.html" + }, + "UpdateImageVersion": { + "privilege": "UpdateImageVersion", + "description": "Grants permission to update the properties of a SageMaker ImageVersion", + "access_level": "Write", + "resource_types": { + "image-version": { + "resource_type": "image-version", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "image-version": "image-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateImageVersion.html" + }, + "UpdateInferenceExperiment": { + "privilege": "UpdateInferenceExperiment", + "description": "Grants permission to update an inference experiment", + "access_level": "Write", + "resource_types": { + "inference-experiment": { + "resource_type": "inference-experiment", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "inference-experiment": "inference-experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateInferenceExperiment.html" + }, + "UpdateModelCard": { + "privilege": "UpdateModelCard", + "description": "Grants permission to update a model card", + "access_level": "Write", + "resource_types": { + "model-card": { + "resource_type": "model-card", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-card": "model-card" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateModelCard.html" + }, + "UpdateModelPackage": { + "privilege": "UpdateModelPackage", + "description": "Grants permission to update a ModelPackage", + "access_level": "Write", + "resource_types": { + "model-package": { + "resource_type": "model-package", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:ModelApprovalStatus", + "sagemaker:CustomerMetadataProperties/${MetadataKey}", + "sagemaker:CustomerMetadataPropertiesToRemove" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model-package": "model-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateModelPackage.html" + }, + "UpdateMonitoringAlert": { + "privilege": "UpdateMonitoringAlert", + "description": "Grants permission to update a monitoring alert", + "access_level": "Write", + "resource_types": { + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "monitoring-schedule-alert": { + "resource_type": "monitoring-schedule-alert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitoring-schedule": "monitoring-schedule", + "monitoring-schedule-alert": "monitoring-schedule-alert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateMonitoringAlert.html" + }, + "UpdateMonitoringSchedule": { + "privilege": "UpdateMonitoringSchedule", + "description": "Grants permission to update a monitoring schedule", + "access_level": "Write", + "resource_types": { + "monitoring-schedule": { + "resource_type": "monitoring-schedule", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "sagemaker:InstanceTypes", + "sagemaker:MaxRuntimeInSeconds", + "sagemaker:NetworkIsolation", + "sagemaker:OutputKmsKey", + "sagemaker:VolumeKmsKey", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:VpcSubnets", + "sagemaker:InterContainerTrafficEncryption" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "monitoring-schedule": "monitoring-schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateMonitoringSchedule.html" + }, + "UpdateNotebookInstance": { + "privilege": "UpdateNotebookInstance", + "description": "Grants permission to update a notebook instance. Notebook instance updates include upgrading or downgrading the EC2 instance used for your notebook instance to accommodate changes in your workload requirements", + "access_level": "Write", + "resource_types": { + "notebook-instance": { + "resource_type": "notebook-instance", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:AcceleratorTypes", + "sagemaker:InstanceTypes", + "sagemaker:MinimumInstanceMetadataServiceVersion", + "sagemaker:RootAccess" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance": "notebook-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstance.html" + }, + "UpdateNotebookInstanceLifecycleConfig": { + "privilege": "UpdateNotebookInstanceLifecycleConfig", + "description": "Grants permission to updates a notebook instance lifecycle configuration created with the CreateNotebookInstanceLifecycleConfig API", + "access_level": "Write", + "resource_types": { + "notebook-instance-lifecycle-config": { + "resource_type": "notebook-instance-lifecycle-config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook-instance-lifecycle-config": "notebook-instance-lifecycle-config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateNotebookInstanceLifecycleConfig.html" + }, + "UpdatePipeline": { + "privilege": "UpdatePipeline", + "description": "Grants permission to update a pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipeline.html" + }, + "UpdatePipelineExecution": { + "privilege": "UpdatePipelineExecution", + "description": "Grants permission to update a pipeline execution", + "access_level": "Write", + "resource_types": { + "pipeline-execution": { + "resource_type": "pipeline-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline-execution": "pipeline-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdatePipelineExecution.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to update a Project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateProject.html" + }, + "UpdateSharedModel": { + "privilege": "UpdateSharedModel", + "description": "Grants permission to update a shared model", + "access_level": "Write", + "resource_types": { + "shared-model": { + "resource_type": "shared-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "shared-model": "shared-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/dg/canvas-collaborate-permissions.html" + }, + "UpdateSpace": { + "privilege": "UpdateSpace", + "description": "Grants permission to update a Space", + "access_level": "Write", + "resource_types": { + "space": { + "resource_type": "space", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:InstanceTypes", + "sagemaker:ImageArns", + "sagemaker:ImageVersionArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "space": "space", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html" + }, + "UpdateTrainingJob": { + "privilege": "UpdateTrainingJob", + "description": "Grants permission to update a training job", + "access_level": "Write", + "resource_types": { + "training-job": { + "resource_type": "training-job", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:InstanceTypes", + "sagemaker:KeepAlivePeriod" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "training-job": "training-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateTrainingJob.html" + }, + "UpdateTrial": { + "privilege": "UpdateTrial", + "description": "Grants permission to update a trial", + "access_level": "Write", + "resource_types": { + "experiment-trial": { + "resource_type": "experiment-trial", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial": "experiment-trial" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateTrial.html" + }, + "UpdateTrialComponent": { + "privilege": "UpdateTrialComponent", + "description": "Grants permission to update a trial component", + "access_level": "Write", + "resource_types": { + "experiment-trial-component": { + "resource_type": "experiment-trial-component", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-trial-component": "experiment-trial-component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateTrialComponent.html" + }, + "UpdateUserProfile": { + "privilege": "UpdateUserProfile", + "description": "Grants permission to update a UserProfile", + "access_level": "Write", + "resource_types": { + "user-profile": { + "resource_type": "user-profile", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sagemaker:InstanceTypes", + "sagemaker:VpcSecurityGroupIds", + "sagemaker:InstanceTypes", + "sagemaker:DomainSharingOutputKmsKey", + "sagemaker:ImageArns", + "sagemaker:ImageVersionArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user-profile": "user-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateUserProfile.html" + }, + "UpdateWorkforce": { + "privilege": "UpdateWorkforce", + "description": "Grants permission to update a workforce", + "access_level": "Write", + "resource_types": { + "workforce": { + "resource_type": "workforce", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workforce": "workforce" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkforce.html" + }, + "UpdateWorkteam": { + "privilege": "UpdateWorkteam", + "description": "Grants permission to update a workteam", + "access_level": "Write", + "resource_types": { + "workteam": { + "resource_type": "workteam", + "required": true, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workteam": "workteam" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateWorkteam.html" + } + }, + "privileges_lower_name": { + "addassociation": "AddAssociation", + "addtags": "AddTags", + "associatetrialcomponent": "AssociateTrialComponent", + "batchdescribemodelpackage": "BatchDescribeModelPackage", + "batchgetmetrics": "BatchGetMetrics", + "batchgetrecord": "BatchGetRecord", + "batchputmetrics": "BatchPutMetrics", + "createaction": "CreateAction", + "createalgorithm": "CreateAlgorithm", + "createapp": "CreateApp", + "createappimageconfig": "CreateAppImageConfig", + "createartifact": "CreateArtifact", + "createautomljob": "CreateAutoMLJob", + "createautomljobv2": "CreateAutoMLJobV2", + "createcoderepository": "CreateCodeRepository", + "createcompilationjob": "CreateCompilationJob", + "createcontext": "CreateContext", + "createdataqualityjobdefinition": "CreateDataQualityJobDefinition", + "createdevicefleet": "CreateDeviceFleet", + "createdomain": "CreateDomain", + "createedgedeploymentplan": "CreateEdgeDeploymentPlan", + "createedgedeploymentstage": "CreateEdgeDeploymentStage", + "createedgepackagingjob": "CreateEdgePackagingJob", + "createendpoint": "CreateEndpoint", + "createendpointconfig": "CreateEndpointConfig", + "createexperiment": "CreateExperiment", + "createfeaturegroup": "CreateFeatureGroup", + "createflowdefinition": "CreateFlowDefinition", + "createhub": "CreateHub", + "createhumantaskui": "CreateHumanTaskUi", + "createhyperparametertuningjob": "CreateHyperParameterTuningJob", + "createimage": "CreateImage", + "createimageversion": "CreateImageVersion", + "createinferenceexperiment": "CreateInferenceExperiment", + "createinferencerecommendationsjob": "CreateInferenceRecommendationsJob", + "createlabelingjob": "CreateLabelingJob", + "createlineagegrouppolicy": "CreateLineageGroupPolicy", + "createmodel": "CreateModel", + "createmodelbiasjobdefinition": "CreateModelBiasJobDefinition", + "createmodelcard": "CreateModelCard", + "createmodelcardexportjob": "CreateModelCardExportJob", + "createmodelexplainabilityjobdefinition": "CreateModelExplainabilityJobDefinition", + "createmodelpackage": "CreateModelPackage", + "createmodelpackagegroup": "CreateModelPackageGroup", + "createmodelqualityjobdefinition": "CreateModelQualityJobDefinition", + "createmonitoringschedule": "CreateMonitoringSchedule", + "createnotebookinstance": "CreateNotebookInstance", + "createnotebookinstancelifecycleconfig": "CreateNotebookInstanceLifecycleConfig", + "createpipeline": "CreatePipeline", + "createpresigneddomainurl": "CreatePresignedDomainUrl", + "createpresignednotebookinstanceurl": "CreatePresignedNotebookInstanceUrl", + "createprocessingjob": "CreateProcessingJob", + "createproject": "CreateProject", + "createsharedmodel": "CreateSharedModel", + "createspace": "CreateSpace", + "createstudiolifecycleconfig": "CreateStudioLifecycleConfig", + "createtrainingjob": "CreateTrainingJob", + "createtransformjob": "CreateTransformJob", + "createtrial": "CreateTrial", + "createtrialcomponent": "CreateTrialComponent", + "createuserprofile": "CreateUserProfile", + "createworkforce": "CreateWorkforce", + "createworkteam": "CreateWorkteam", + "deleteaction": "DeleteAction", + "deletealgorithm": "DeleteAlgorithm", + "deleteapp": "DeleteApp", + "deleteappimageconfig": "DeleteAppImageConfig", + "deleteartifact": "DeleteArtifact", + "deleteassociation": "DeleteAssociation", + "deletecoderepository": "DeleteCodeRepository", + "deletecontext": "DeleteContext", + "deletedataqualityjobdefinition": "DeleteDataQualityJobDefinition", + "deletedevicefleet": "DeleteDeviceFleet", + "deletedomain": "DeleteDomain", + "deleteedgedeploymentplan": "DeleteEdgeDeploymentPlan", + "deleteedgedeploymentstage": "DeleteEdgeDeploymentStage", + "deleteendpoint": "DeleteEndpoint", + "deleteendpointconfig": "DeleteEndpointConfig", + "deleteexperiment": "DeleteExperiment", + "deletefeaturegroup": "DeleteFeatureGroup", + "deleteflowdefinition": "DeleteFlowDefinition", + "deletehub": "DeleteHub", + "deletehubcontent": "DeleteHubContent", + "deletehumanloop": "DeleteHumanLoop", + "deletehumantaskui": "DeleteHumanTaskUi", + "deleteimage": "DeleteImage", + "deleteimageversion": "DeleteImageVersion", + "deleteinferenceexperiment": "DeleteInferenceExperiment", + "deletelineagegrouppolicy": "DeleteLineageGroupPolicy", + "deletemodel": "DeleteModel", + "deletemodelbiasjobdefinition": "DeleteModelBiasJobDefinition", + "deletemodelcard": "DeleteModelCard", + "deletemodelexplainabilityjobdefinition": "DeleteModelExplainabilityJobDefinition", + "deletemodelpackage": "DeleteModelPackage", + "deletemodelpackagegroup": "DeleteModelPackageGroup", + "deletemodelpackagegrouppolicy": "DeleteModelPackageGroupPolicy", + "deletemodelqualityjobdefinition": "DeleteModelQualityJobDefinition", + "deletemonitoringschedule": "DeleteMonitoringSchedule", + "deletenotebookinstance": "DeleteNotebookInstance", + "deletenotebookinstancelifecycleconfig": "DeleteNotebookInstanceLifecycleConfig", + "deletepipeline": "DeletePipeline", + "deleteproject": "DeleteProject", + "deleterecord": "DeleteRecord", + "deletespace": "DeleteSpace", + "deletestudiolifecycleconfig": "DeleteStudioLifecycleConfig", + "deletetags": "DeleteTags", + "deletetrial": "DeleteTrial", + "deletetrialcomponent": "DeleteTrialComponent", + "deleteuserprofile": "DeleteUserProfile", + "deleteworkforce": "DeleteWorkforce", + "deleteworkteam": "DeleteWorkteam", + "deregisterdevices": "DeregisterDevices", + "describeaction": "DescribeAction", + "describealgorithm": "DescribeAlgorithm", + "describeapp": "DescribeApp", + "describeappimageconfig": "DescribeAppImageConfig", + "describeartifact": "DescribeArtifact", + "describeautomljob": "DescribeAutoMLJob", + "describeautomljobv2": "DescribeAutoMLJobV2", + "describecoderepository": "DescribeCodeRepository", + "describecompilationjob": "DescribeCompilationJob", + "describecontext": "DescribeContext", + "describedataqualityjobdefinition": "DescribeDataQualityJobDefinition", + "describedevice": "DescribeDevice", + "describedevicefleet": "DescribeDeviceFleet", + "describedomain": "DescribeDomain", + "describeedgedeploymentplan": "DescribeEdgeDeploymentPlan", + "describeedgepackagingjob": "DescribeEdgePackagingJob", + "describeendpoint": "DescribeEndpoint", + "describeendpointconfig": "DescribeEndpointConfig", + "describeexperiment": "DescribeExperiment", + "describefeaturegroup": "DescribeFeatureGroup", + "describefeaturemetadata": "DescribeFeatureMetadata", + "describeflowdefinition": "DescribeFlowDefinition", + "describehub": "DescribeHub", + "describehubcontent": "DescribeHubContent", + "describehumanloop": "DescribeHumanLoop", + "describehumantaskui": "DescribeHumanTaskUi", + "describehyperparametertuningjob": "DescribeHyperParameterTuningJob", + "describeimage": "DescribeImage", + "describeimageversion": "DescribeImageVersion", + "describeinferenceexperiment": "DescribeInferenceExperiment", + "describeinferencerecommendationsjob": "DescribeInferenceRecommendationsJob", + "describelabelingjob": "DescribeLabelingJob", + "describelineagegroup": "DescribeLineageGroup", + "describemodel": "DescribeModel", + "describemodelbiasjobdefinition": "DescribeModelBiasJobDefinition", + "describemodelcard": "DescribeModelCard", + "describemodelcardexportjob": "DescribeModelCardExportJob", + "describemodelexplainabilityjobdefinition": "DescribeModelExplainabilityJobDefinition", + "describemodelpackage": "DescribeModelPackage", + "describemodelpackagegroup": "DescribeModelPackageGroup", + "describemodelqualityjobdefinition": "DescribeModelQualityJobDefinition", + "describemonitoringschedule": "DescribeMonitoringSchedule", + "describenotebookinstance": "DescribeNotebookInstance", + "describenotebookinstancelifecycleconfig": "DescribeNotebookInstanceLifecycleConfig", + "describepipeline": "DescribePipeline", + "describepipelinedefinitionforexecution": "DescribePipelineDefinitionForExecution", + "describepipelineexecution": "DescribePipelineExecution", + "describeprocessingjob": "DescribeProcessingJob", + "describeproject": "DescribeProject", + "describesharedmodel": "DescribeSharedModel", + "describespace": "DescribeSpace", + "describestudiolifecycleconfig": "DescribeStudioLifecycleConfig", + "describesubscribedworkteam": "DescribeSubscribedWorkteam", + "describetrainingjob": "DescribeTrainingJob", + "describetransformjob": "DescribeTransformJob", + "describetrial": "DescribeTrial", + "describetrialcomponent": "DescribeTrialComponent", + "describeuserprofile": "DescribeUserProfile", + "describeworkforce": "DescribeWorkforce", + "describeworkteam": "DescribeWorkteam", + "disablesagemakerservicecatalogportfolio": "DisableSagemakerServicecatalogPortfolio", + "disassociatetrialcomponent": "DisassociateTrialComponent", + "enablesagemakerservicecatalogportfolio": "EnableSagemakerServicecatalogPortfolio", + "getdeployments": "GetDeployments", + "getdevicefleetreport": "GetDeviceFleetReport", + "getdeviceregistration": "GetDeviceRegistration", + "getlineagegrouppolicy": "GetLineageGroupPolicy", + "getmodelpackagegrouppolicy": "GetModelPackageGroupPolicy", + "getrecord": "GetRecord", + "getsagemakerservicecatalogportfoliostatus": "GetSagemakerServicecatalogPortfolioStatus", + "getscalingpolicyconfigurationrecommendation": "GetScalingPolicyConfigurationRecommendation", + "getsearchsuggestions": "GetSearchSuggestions", + "importhubcontent": "ImportHubContent", + "invokeendpoint": "InvokeEndpoint", + "invokeendpointasync": "InvokeEndpointAsync", + "listactions": "ListActions", + "listalgorithms": "ListAlgorithms", + "listaliases": "ListAliases", + "listappimageconfigs": "ListAppImageConfigs", + "listapps": "ListApps", + "listartifacts": "ListArtifacts", + "listassociations": "ListAssociations", + "listautomljobs": "ListAutoMLJobs", + "listcandidatesforautomljob": "ListCandidatesForAutoMLJob", + "listcoderepositories": "ListCodeRepositories", + "listcompilationjobs": "ListCompilationJobs", + "listcontexts": "ListContexts", + "listdataqualityjobdefinitions": "ListDataQualityJobDefinitions", + "listdevicefleets": "ListDeviceFleets", + "listdevices": "ListDevices", + "listdomains": "ListDomains", + "listedgedeploymentplans": "ListEdgeDeploymentPlans", + "listedgepackagingjobs": "ListEdgePackagingJobs", + "listendpointconfigs": "ListEndpointConfigs", + "listendpoints": "ListEndpoints", + "listexperiments": "ListExperiments", + "listfeaturegroups": "ListFeatureGroups", + "listflowdefinitions": "ListFlowDefinitions", + "listhubcontentversions": "ListHubContentVersions", + "listhubcontents": "ListHubContents", + "listhubs": "ListHubs", + "listhumanloops": "ListHumanLoops", + "listhumantaskuis": "ListHumanTaskUis", + "listhyperparametertuningjobs": "ListHyperParameterTuningJobs", + "listimageversions": "ListImageVersions", + "listimages": "ListImages", + "listinferenceexperiments": "ListInferenceExperiments", + "listinferencerecommendationsjobsteps": "ListInferenceRecommendationsJobSteps", + "listinferencerecommendationsjobs": "ListInferenceRecommendationsJobs", + "listlabelingjobs": "ListLabelingJobs", + "listlabelingjobsforworkteam": "ListLabelingJobsForWorkteam", + "listlineagegroups": "ListLineageGroups", + "listmodelbiasjobdefinitions": "ListModelBiasJobDefinitions", + "listmodelcardexportjobs": "ListModelCardExportJobs", + "listmodelcardversions": "ListModelCardVersions", + "listmodelcards": "ListModelCards", + "listmodelexplainabilityjobdefinitions": "ListModelExplainabilityJobDefinitions", + "listmodelmetadata": "ListModelMetadata", + "listmodelpackagegroups": "ListModelPackageGroups", + "listmodelpackages": "ListModelPackages", + "listmodelqualityjobdefinitions": "ListModelQualityJobDefinitions", + "listmodels": "ListModels", + "listmonitoringalerthistory": "ListMonitoringAlertHistory", + "listmonitoringalerts": "ListMonitoringAlerts", + "listmonitoringexecutions": "ListMonitoringExecutions", + "listmonitoringschedules": "ListMonitoringSchedules", + "listnotebookinstancelifecycleconfigs": "ListNotebookInstanceLifecycleConfigs", + "listnotebookinstances": "ListNotebookInstances", + "listpipelineexecutionsteps": "ListPipelineExecutionSteps", + "listpipelineexecutions": "ListPipelineExecutions", + "listpipelineparametersforexecution": "ListPipelineParametersForExecution", + "listpipelines": "ListPipelines", + "listprocessingjobs": "ListProcessingJobs", + "listprojects": "ListProjects", + "listsharedmodelevents": "ListSharedModelEvents", + "listsharedmodelversions": "ListSharedModelVersions", + "listsharedmodels": "ListSharedModels", + "listspaces": "ListSpaces", + "liststagedevices": "ListStageDevices", + "liststudiolifecycleconfigs": "ListStudioLifecycleConfigs", + "listsubscribedworkteams": "ListSubscribedWorkteams", + "listtags": "ListTags", + "listtrainingjobs": "ListTrainingJobs", + "listtrainingjobsforhyperparametertuningjob": "ListTrainingJobsForHyperParameterTuningJob", + "listtransformjobs": "ListTransformJobs", + "listtrialcomponents": "ListTrialComponents", + "listtrials": "ListTrials", + "listuserprofiles": "ListUserProfiles", + "listworkforces": "ListWorkforces", + "listworkteams": "ListWorkteams", + "putlineagegrouppolicy": "PutLineageGroupPolicy", + "putmodelpackagegrouppolicy": "PutModelPackageGroupPolicy", + "putrecord": "PutRecord", + "querylineage": "QueryLineage", + "registerdevices": "RegisterDevices", + "renderuitemplate": "RenderUiTemplate", + "retrypipelineexecution": "RetryPipelineExecution", + "search": "Search", + "sendheartbeat": "SendHeartbeat", + "sendpipelineexecutionstepfailure": "SendPipelineExecutionStepFailure", + "sendpipelineexecutionstepsuccess": "SendPipelineExecutionStepSuccess", + "sendsharedmodelevent": "SendSharedModelEvent", + "startedgedeploymentstage": "StartEdgeDeploymentStage", + "starthumanloop": "StartHumanLoop", + "startinferenceexperiment": "StartInferenceExperiment", + "startmonitoringschedule": "StartMonitoringSchedule", + "startnotebookinstance": "StartNotebookInstance", + "startpipelineexecution": "StartPipelineExecution", + "stopautomljob": "StopAutoMLJob", + "stopcompilationjob": "StopCompilationJob", + "stopedgedeploymentstage": "StopEdgeDeploymentStage", + "stopedgepackagingjob": "StopEdgePackagingJob", + "stophumanloop": "StopHumanLoop", + "stophyperparametertuningjob": "StopHyperParameterTuningJob", + "stopinferenceexperiment": "StopInferenceExperiment", + "stopinferencerecommendationsjob": "StopInferenceRecommendationsJob", + "stoplabelingjob": "StopLabelingJob", + "stopmonitoringschedule": "StopMonitoringSchedule", + "stopnotebookinstance": "StopNotebookInstance", + "stoppipelineexecution": "StopPipelineExecution", + "stopprocessingjob": "StopProcessingJob", + "stoptrainingjob": "StopTrainingJob", + "stoptransformjob": "StopTransformJob", + "updateaction": "UpdateAction", + "updateappimageconfig": "UpdateAppImageConfig", + "updateartifact": "UpdateArtifact", + "updatecoderepository": "UpdateCodeRepository", + "updatecontext": "UpdateContext", + "updatedevicefleet": "UpdateDeviceFleet", + "updatedevices": "UpdateDevices", + "updatedomain": "UpdateDomain", + "updateendpoint": "UpdateEndpoint", + "updateendpointweightsandcapacities": "UpdateEndpointWeightsAndCapacities", + "updateexperiment": "UpdateExperiment", + "updatefeaturegroup": "UpdateFeatureGroup", + "updatefeaturemetadata": "UpdateFeatureMetadata", + "updatehub": "UpdateHub", + "updateimage": "UpdateImage", + "updateimageversion": "UpdateImageVersion", + "updateinferenceexperiment": "UpdateInferenceExperiment", + "updatemodelcard": "UpdateModelCard", + "updatemodelpackage": "UpdateModelPackage", + "updatemonitoringalert": "UpdateMonitoringAlert", + "updatemonitoringschedule": "UpdateMonitoringSchedule", + "updatenotebookinstance": "UpdateNotebookInstance", + "updatenotebookinstancelifecycleconfig": "UpdateNotebookInstanceLifecycleConfig", + "updatepipeline": "UpdatePipeline", + "updatepipelineexecution": "UpdatePipelineExecution", + "updateproject": "UpdateProject", + "updatesharedmodel": "UpdateSharedModel", + "updatespace": "UpdateSpace", + "updatetrainingjob": "UpdateTrainingJob", + "updatetrial": "UpdateTrial", + "updatetrialcomponent": "UpdateTrialComponent", + "updateuserprofile": "UpdateUserProfile", + "updateworkforce": "UpdateWorkforce", + "updateworkteam": "UpdateWorkteam" + }, + "resources": { + "device": { + "resource": "device", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:device-fleet/${DeviceFleetName}/device/${DeviceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "device-fleet": { + "resource": "device-fleet", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:device-fleet/${DeviceFleetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "edge-packaging-job": { + "resource": "edge-packaging-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:edge-packaging-job/${EdgePackagingJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "edge-deployment-plan": { + "resource": "edge-deployment-plan", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:edge-deployment/${EdgeDeploymentPlanName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "human-loop": { + "resource": "human-loop", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:human-loop/${HumanLoopName}", + "condition_keys": [] + }, + "flow-definition": { + "resource": "flow-definition", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:flow-definition/${FlowDefinitionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "human-task-ui": { + "resource": "human-task-ui", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:human-task-ui/${HumanTaskUiName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "hub": { + "resource": "hub", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:hub/${HubName}", + "condition_keys": [] + }, + "hub-content": { + "resource": "hub-content", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:hub-content/${HubName}/${HubContentType}/${HubContentName}", + "condition_keys": [] + }, + "inference-recommendations-job": { + "resource": "inference-recommendations-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:inference-recommendations-job/${InferenceRecommendationsJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "inference-experiment": { + "resource": "inference-experiment", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:inference-experiment/${InferenceExperimentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "labeling-job": { + "resource": "labeling-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:labeling-job/${LabelingJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "workteam": { + "resource": "workteam", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:workteam/${WorkteamName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "workforce": { + "resource": "workforce", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:workforce/${WorkforceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:domain/${DomainId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "user-profile": { + "resource": "user-profile", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:user-profile/${DomainId}/${UserProfileName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "space": { + "resource": "space", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:space/${DomainId}/${SpaceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "app": { + "resource": "app", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:app/${DomainId}/${UserProfileName}/${AppType}/${AppName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "app-image-config": { + "resource": "app-image-config", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:app-image-config/${AppImageConfigName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "studio-lifecycle-config": { + "resource": "studio-lifecycle-config", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:studio-lifecycle-config/${StudioLifecycleConfigName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "notebook-instance": { + "resource": "notebook-instance", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:notebook-instance/${NotebookInstanceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "notebook-instance-lifecycle-config": { + "resource": "notebook-instance-lifecycle-config", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:notebook-instance-lifecycle-config/${NotebookInstanceLifecycleConfigName}", + "condition_keys": [] + }, + "code-repository": { + "resource": "code-repository", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:code-repository/${CodeRepositoryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "image": { + "resource": "image", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:image/${ImageName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "image-version": { + "resource": "image-version", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:image-version/${ImageName}/${Version}", + "condition_keys": [] + }, + "algorithm": { + "resource": "algorithm", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:algorithm/${AlgorithmName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "training-job": { + "resource": "training-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:training-job/${TrainingJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "processing-job": { + "resource": "processing-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:processing-job/${ProcessingJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "hyper-parameter-tuning-job": { + "resource": "hyper-parameter-tuning-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:hyper-parameter-tuning-job/${HyperParameterTuningJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "project": { + "resource": "project", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:project/${ProjectName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model-package": { + "resource": "model-package", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-package/${ModelPackageName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model-package-group": { + "resource": "model-package-group", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-package-group/${ModelPackageGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model": { + "resource": "model", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model/${ModelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "endpoint-config": { + "resource": "endpoint-config", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:endpoint-config/${EndpointConfigName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "endpoint": { + "resource": "endpoint", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:endpoint/${EndpointName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "transform-job": { + "resource": "transform-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:transform-job/${TransformJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "compilation-job": { + "resource": "compilation-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:compilation-job/${CompilationJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "automl-job": { + "resource": "automl-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:automl-job/${AutoMLJobJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "monitoring-schedule": { + "resource": "monitoring-schedule", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:monitoring-schedule/${MonitoringScheduleName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "monitoring-schedule-alert": { + "resource": "monitoring-schedule-alert", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:monitoring-schedule/${MonitoringScheduleName}/alert/${MonitoringScheduleAlertName}", + "condition_keys": [] + }, + "data-quality-job-definition": { + "resource": "data-quality-job-definition", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:data-quality-job-definition/${DataQualityJobDefinitionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model-quality-job-definition": { + "resource": "model-quality-job-definition", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-quality-job-definition/${ModelQualityJobDefinitionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model-bias-job-definition": { + "resource": "model-bias-job-definition", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-bias-job-definition/${ModelBiasJobDefinitionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model-explainability-job-definition": { + "resource": "model-explainability-job-definition", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-explainability-job-definition/${ModelExplainabilityJobDefinitionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "experiment": { + "resource": "experiment", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:experiment/${ExperimentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "experiment-trial": { + "resource": "experiment-trial", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:experiment-trial/${TrialName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "experiment-trial-component": { + "resource": "experiment-trial-component", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:experiment-trial-component/${TrialComponentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "feature-group": { + "resource": "feature-group", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:feature-group/${FeatureGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "pipeline": { + "resource": "pipeline", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:pipeline/${PipelineName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "pipeline-execution": { + "resource": "pipeline-execution", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:pipeline/${PipelineName}/execution/${RandomString}", + "condition_keys": [] + }, + "artifact": { + "resource": "artifact", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:artifact/${HashOfArtifactSource}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "context": { + "resource": "context", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:context/${ContextName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "action": { + "resource": "action", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:action/${ActionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "lineage-group": { + "resource": "lineage-group", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:lineage-group/${LineageGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model-card": { + "resource": "model-card", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-card/${ModelCardName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "model-card-export-job": { + "resource": "model-card-export-job", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:model-card/${ModelCardName}/export-job/${ExportJobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "sagemaker:ResourceTag/${TagKey}" + ] + }, + "shared-model": { + "resource": "shared-model", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:shared-model/${SharedModelId}", + "condition_keys": [] + }, + "shared-model-event": { + "resource": "shared-model-event", + "arn": "arn:${Partition}:sagemaker:${Region}:${Account}:shared-model-event/${EventId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "device": "device", + "device-fleet": "device-fleet", + "edge-packaging-job": "edge-packaging-job", + "edge-deployment-plan": "edge-deployment-plan", + "human-loop": "human-loop", + "flow-definition": "flow-definition", + "human-task-ui": "human-task-ui", + "hub": "hub", + "hub-content": "hub-content", + "inference-recommendations-job": "inference-recommendations-job", + "inference-experiment": "inference-experiment", + "labeling-job": "labeling-job", + "workteam": "workteam", + "workforce": "workforce", + "domain": "domain", + "user-profile": "user-profile", + "space": "space", + "app": "app", + "app-image-config": "app-image-config", + "studio-lifecycle-config": "studio-lifecycle-config", + "notebook-instance": "notebook-instance", + "notebook-instance-lifecycle-config": "notebook-instance-lifecycle-config", + "code-repository": "code-repository", + "image": "image", + "image-version": "image-version", + "algorithm": "algorithm", + "training-job": "training-job", + "processing-job": "processing-job", + "hyper-parameter-tuning-job": "hyper-parameter-tuning-job", + "project": "project", + "model-package": "model-package", + "model-package-group": "model-package-group", + "model": "model", + "endpoint-config": "endpoint-config", + "endpoint": "endpoint", + "transform-job": "transform-job", + "compilation-job": "compilation-job", + "automl-job": "automl-job", + "monitoring-schedule": "monitoring-schedule", + "monitoring-schedule-alert": "monitoring-schedule-alert", + "data-quality-job-definition": "data-quality-job-definition", + "model-quality-job-definition": "model-quality-job-definition", + "model-bias-job-definition": "model-bias-job-definition", + "model-explainability-job-definition": "model-explainability-job-definition", + "experiment": "experiment", + "experiment-trial": "experiment-trial", + "experiment-trial-component": "experiment-trial-component", + "feature-group": "feature-group", + "pipeline": "pipeline", + "pipeline-execution": "pipeline-execution", + "artifact": "artifact", + "context": "context", + "action": "action", + "lineage-group": "lineage-group", + "model-card": "model-card", + "model-card-export-job": "model-card-export-job", + "shared-model": "shared-model", + "shared-model-event": "shared-model-event" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a key that is present in the request the user makes to the SageMaker service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names associated with the resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:AcceleratorTypes": { + "condition": "sagemaker:AcceleratorTypes", + "description": "Filters access by the list of all accelerator types associated with the resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:AppNetworkAccessType": { + "condition": "sagemaker:AppNetworkAccessType", + "description": "Filters access by the app network access type associated with the resource in the request", + "type": "String" + }, + "sagemaker:CustomerMetadataProperties/${MetadataKey}": { + "condition": "sagemaker:CustomerMetadataProperties/${MetadataKey}", + "description": "Filters access by a metadata key and value pair", + "type": "String" + }, + "sagemaker:CustomerMetadataPropertiesToRemove": { + "condition": "sagemaker:CustomerMetadataPropertiesToRemove", + "description": "Filters access by the list of metadata properties associated with the model-package resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:DirectInternetAccess": { + "condition": "sagemaker:DirectInternetAccess", + "description": "Filters access by the direct internet access associated with the resource in the request", + "type": "String" + }, + "sagemaker:DomainSharingOutputKmsKey": { + "condition": "sagemaker:DomainSharingOutputKmsKey", + "description": "Filters access by the Domain sharing output KMS key associated with the resource in the request", + "type": "ARN" + }, + "sagemaker:FeatureGroupDisableGlueTableCreation": { + "condition": "sagemaker:FeatureGroupDisableGlueTableCreation", + "description": "Filters access by the DisableGlueTableCreation flag associated with the feature group resource in the request", + "type": "Bool" + }, + "sagemaker:FeatureGroupEnableOnlineStore": { + "condition": "sagemaker:FeatureGroupEnableOnlineStore", + "description": "Filters access by the EnableOnlineStore flag associated with feature group in the request", + "type": "Bool" + }, + "sagemaker:FeatureGroupOfflineStoreConfig": { + "condition": "sagemaker:FeatureGroupOfflineStoreConfig", + "description": "Filters access by the presence of an OfflineStoreConfig in the feature group resource in the request. This access filter only supports the null-conditional operator", + "type": "Bool" + }, + "sagemaker:FeatureGroupOfflineStoreKmsKey": { + "condition": "sagemaker:FeatureGroupOfflineStoreKmsKey", + "description": "Filters access by the offline store kms key associated with the feature group resource in the request", + "type": "ARN" + }, + "sagemaker:FeatureGroupOfflineStoreS3Uri": { + "condition": "sagemaker:FeatureGroupOfflineStoreS3Uri", + "description": "Filters access by the offline store s3 uri associated with the feature group resource in the request", + "type": "String" + }, + "sagemaker:FeatureGroupOnlineStoreKmsKey": { + "condition": "sagemaker:FeatureGroupOnlineStoreKmsKey", + "description": "Filters access by the online store kms key associated with the feature group resource in the request", + "type": "ARN" + }, + "sagemaker:FileSystemAccessMode": { + "condition": "sagemaker:FileSystemAccessMode", + "description": "Filters access by a file system access mode associated with the resource in the request", + "type": "String" + }, + "sagemaker:FileSystemDirectoryPath": { + "condition": "sagemaker:FileSystemDirectoryPath", + "description": "Filters access by a file system directory path associated with the resource in the request", + "type": "String" + }, + "sagemaker:FileSystemId": { + "condition": "sagemaker:FileSystemId", + "description": "Filters access by a file system ID associated with the resource in the request", + "type": "String" + }, + "sagemaker:FileSystemType": { + "condition": "sagemaker:FileSystemType", + "description": "Filters access by a file system type associated with the resource in the request", + "type": "String" + }, + "sagemaker:HomeEfsFileSystemKmsKey": { + "condition": "sagemaker:HomeEfsFileSystemKmsKey", + "description": "Filters access by a key that is present in the request the user makes to the SageMaker service. This key is deprecated. It has been replaced by sagemaker:VolumeKmsKey", + "type": "ARN" + }, + "sagemaker:ImageArns": { + "condition": "sagemaker:ImageArns", + "description": "Filters access by the list of all image arns associated with the resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:ImageVersionArns": { + "condition": "sagemaker:ImageVersionArns", + "description": "Filters access by the list of all image version arns associated with the resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:InstanceTypes": { + "condition": "sagemaker:InstanceTypes", + "description": "Filters access by the list of all instance types associated with the resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:InterContainerTrafficEncryption": { + "condition": "sagemaker:InterContainerTrafficEncryption", + "description": "Filters access by the inter container traffic encryption associated with the resource in the request", + "type": "Bool" + }, + "sagemaker:KeepAlivePeriod": { + "condition": "sagemaker:KeepAlivePeriod", + "description": "Filters access by the keep-alive period associated with the resource in the request", + "type": "Numeric" + }, + "sagemaker:MaxRuntimeInSeconds": { + "condition": "sagemaker:MaxRuntimeInSeconds", + "description": "Filters access by the max runtime in seconds associated with the resource in the request", + "type": "Numeric" + }, + "sagemaker:MinimumInstanceMetadataServiceVersion": { + "condition": "sagemaker:MinimumInstanceMetadataServiceVersion", + "description": "Filters access by the minimum instance metadata service version used by the resource in the request", + "type": "String" + }, + "sagemaker:ModelApprovalStatus": { + "condition": "sagemaker:ModelApprovalStatus", + "description": "Filters access by the model approval status with the model-package in the request", + "type": "String" + }, + "sagemaker:ModelArn": { + "condition": "sagemaker:ModelArn", + "description": "Filters access by the model arn associated with the resource in the request", + "type": "ARN" + }, + "sagemaker:NetworkIsolation": { + "condition": "sagemaker:NetworkIsolation", + "description": "Filters access by the network isolation associated with the resource in the request", + "type": "Bool" + }, + "sagemaker:OutputKmsKey": { + "condition": "sagemaker:OutputKmsKey", + "description": "Filters access by the output kms key associated with the resource in the request", + "type": "ARN" + }, + "sagemaker:ResourceTag/": { + "condition": "sagemaker:ResourceTag/", + "description": "Filters access by the preface string for a tag key and value pair attached to a resource", + "type": "String" + }, + "sagemaker:ResourceTag/${TagKey}": { + "condition": "sagemaker:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "sagemaker:RootAccess": { + "condition": "sagemaker:RootAccess", + "description": "Filters access by the root access associated with the resource in the request", + "type": "String" + }, + "sagemaker:ServerlessMaxConcurrency": { + "condition": "sagemaker:ServerlessMaxConcurrency", + "description": "Filters access by limiting maximum concurrency used for Serverless inference in the request", + "type": "Numeric" + }, + "sagemaker:ServerlessMemorySize": { + "condition": "sagemaker:ServerlessMemorySize", + "description": "Filters access by limiting memory size used for Serverless inference in the request", + "type": "Numeric" + }, + "sagemaker:TaggingAction": { + "condition": "sagemaker:TaggingAction", + "description": "Filters access by the API actions to which a user can apply tags. Uses the name of the API operation that creates a taggable resource to filter access", + "type": "String" + }, + "sagemaker:TargetModel": { + "condition": "sagemaker:TargetModel", + "description": "Filters access by the target model associated with the Multi-Model Endpoint in the request", + "type": "String" + }, + "sagemaker:VolumeKmsKey": { + "condition": "sagemaker:VolumeKmsKey", + "description": "Filters access by the volume kms key associated with the resource in the request", + "type": "ARN" + }, + "sagemaker:VpcSecurityGroupIds": { + "condition": "sagemaker:VpcSecurityGroupIds", + "description": "Filters access by the list of all VPC security group ids associated with the resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:VpcSubnets": { + "condition": "sagemaker:VpcSubnets", + "description": "Filters access by the list of all VPC subnets associated with the resource in the request", + "type": "ArrayOfString" + }, + "sagemaker:WorkteamArn": { + "condition": "sagemaker:WorkteamArn", + "description": "Filters access by the workteam arn associated to the request", + "type": "ARN" + }, + "sagemaker:WorkteamType": { + "condition": "sagemaker:WorkteamType", + "description": "Filters access by the workteam type associated to the request. This can be public-crowd, private-crowd or vendor-crowd", + "type": "String" + } + } + }, + "sagemaker-geospatial": { + "service_name": "Amazon SageMaker geospatial capabilities", + "prefix": "sagemaker-geospatial", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemakergeospatialcapabilities.html", + "privileges": { + "DeleteEarthObservationJob": { + "privilege": "DeleteEarthObservationJob", + "description": "Grants permission to the DeleteEarthObservationJob operation which deletes an existing earth observation job", + "access_level": "Write", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_DeleteEarthObservationJob.html" + }, + "DeleteVectorEnrichmentJob": { + "privilege": "DeleteVectorEnrichmentJob", + "description": "Grants permission to the DeleteVectorEnrichmentJob operation which deletes an existing vector enrichment job", + "access_level": "Write", + "resource_types": { + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_DeleteVectorEnrichmentJob.html" + }, + "ExportEarthObservationJob": { + "privilege": "ExportEarthObservationJob", + "description": "Grants permission to copy results of an earth observation job to an S3 location", + "access_level": "Write", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ExportEarthObservationJob.html" + }, + "ExportVectorEnrichmentJob": { + "privilege": "ExportVectorEnrichmentJob", + "description": "Grants permission to copy results of an VectorEnrichmentJob to an S3 location", + "access_level": "Write", + "resource_types": { + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ExportVectorEnrichmentJob.html" + }, + "GetEarthObservationJob": { + "privilege": "GetEarthObservationJob", + "description": "Grants permission to return details about the earth observation job", + "access_level": "Read", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetEarthObservationJob.html" + }, + "GetRasterDataCollection": { + "privilege": "GetRasterDataCollection", + "description": "Grants permission to return details about the raster data collection", + "access_level": "Read", + "resource_types": { + "RasterDataCollection": { + "resource_type": "RasterDataCollection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rasterdatacollection": "RasterDataCollection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetRasterDataCollection.html" + }, + "GetTile": { + "privilege": "GetTile", + "description": "Grants permission to get the tile of an earth observation job", + "access_level": "Read", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetTile.html" + }, + "GetVectorEnrichmentJob": { + "privilege": "GetVectorEnrichmentJob", + "description": "Grants permission to return details about the vector enrichment job", + "access_level": "Read", + "resource_types": { + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_GetVectorEnrichmentJob.html" + }, + "ListEarthObservationJobs": { + "privilege": "ListEarthObservationJobs", + "description": "Grants permission to return an array of earth observation jobs associated with the current account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListEarthObservationJobs.html" + }, + "ListRasterDataCollections": { + "privilege": "ListRasterDataCollections", + "description": "Grants permission to return an array of aster data collections associated with the given model name", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListRasterDataCollections.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tag for an SageMaker Geospatial resource", + "access_level": "List", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RasterDataCollection": { + "resource_type": "RasterDataCollection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "rasterdatacollection": "RasterDataCollection", + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListTagsForResource.html" + }, + "ListVectorEnrichmentJobs": { + "privilege": "ListVectorEnrichmentJobs", + "description": "Grants permission to return an array of vector enrichment jobs associated with the current account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_ListVectorEnrichmentJobs.html" + }, + "SearchRasterDataCollection": { + "privilege": "SearchRasterDataCollection", + "description": "Grants permission to query raster data collections", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_SearchRasterDataCollection.html" + }, + "StartEarthObservationJob": { + "privilege": "StartEarthObservationJob", + "description": "Grants permission to the StartEarthObservationJob operation which starts a new earth observation job to your account", + "access_level": "Write", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StartEarthObservationJob.html" + }, + "StartVectorEnrichmentJob": { + "privilege": "StartVectorEnrichmentJob", + "description": "Grants permission to the StartVectorEnrichmentJob operation which starts a new vector enrichment job to your account", + "access_level": "Write", + "resource_types": { + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StartVectorEnrichmentJob.html" + }, + "StopEarthObservationJob": { + "privilege": "StopEarthObservationJob", + "description": "Grants permission to the StopEarthObservationJob operation which stops an existing earth observation job", + "access_level": "Write", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StopEarthObservationJob.html" + }, + "StopVectorEnrichmentJob": { + "privilege": "StopVectorEnrichmentJob", + "description": "Grants permission to the StopVectorEnrichmentJob operation which stops an existing vector enrichment job", + "access_level": "Write", + "resource_types": { + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_StopVectorEnrichmentJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an SageMaker Geospatial resource", + "access_level": "Tagging", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RasterDataCollection": { + "resource_type": "RasterDataCollection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "rasterdatacollection": "RasterDataCollection", + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an SageMaker Geospatial resource", + "access_level": "Tagging", + "resource_types": { + "EarthObservationJob": { + "resource_type": "EarthObservationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RasterDataCollection": { + "resource_type": "RasterDataCollection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VectorEnrichmentJob": { + "resource_type": "VectorEnrichmentJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "earthobservationjob": "EarthObservationJob", + "rasterdatacollection": "RasterDataCollection", + "vectorenrichmentjob": "VectorEnrichmentJob", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_geospatial_UntagResource.html" + } + }, + "privileges_lower_name": { + "deleteearthobservationjob": "DeleteEarthObservationJob", + "deletevectorenrichmentjob": "DeleteVectorEnrichmentJob", + "exportearthobservationjob": "ExportEarthObservationJob", + "exportvectorenrichmentjob": "ExportVectorEnrichmentJob", + "getearthobservationjob": "GetEarthObservationJob", + "getrasterdatacollection": "GetRasterDataCollection", + "gettile": "GetTile", + "getvectorenrichmentjob": "GetVectorEnrichmentJob", + "listearthobservationjobs": "ListEarthObservationJobs", + "listrasterdatacollections": "ListRasterDataCollections", + "listtagsforresource": "ListTagsForResource", + "listvectorenrichmentjobs": "ListVectorEnrichmentJobs", + "searchrasterdatacollection": "SearchRasterDataCollection", + "startearthobservationjob": "StartEarthObservationJob", + "startvectorenrichmentjob": "StartVectorEnrichmentJob", + "stopearthobservationjob": "StopEarthObservationJob", + "stopvectorenrichmentjob": "StopVectorEnrichmentJob", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "EarthObservationJob": { + "resource": "EarthObservationJob", + "arn": "arn:${Partition}:sagemaker-geospatial:${Region}:${Account}:earth-observation-job/${JobID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "RasterDataCollection": { + "resource": "RasterDataCollection", + "arn": "arn:${Partition}:sagemaker-geospatial:${Region}:${Account}:raster-data-collection/${CollectionID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "VectorEnrichmentJob": { + "resource": "VectorEnrichmentJob", + "arn": "arn:${Partition}:sagemaker-geospatial:${Region}:${Account}:vector-enrichment-job/${JobID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "earthobservationjob": "EarthObservationJob", + "rasterdatacollection": "RasterDataCollection", + "vectorenrichmentjob": "VectorEnrichmentJob" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "sagemaker-groundtruth-synthetic": { + "service_name": "Amazon SageMaker Ground Truth Synthetic", + "prefix": "sagemaker-groundtruth-synthetic", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsagemakergroundtruthsynthetic.html", + "privileges": { + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a project", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "GetAccountDetails": { + "privilege": "GetAccountDetails", + "description": "Grants permission to get account details", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "GetBatch": { + "privilege": "GetBatch", + "description": "Grants permission to get a batch", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "GetProject": { + "privilege": "GetProject", + "description": "Grants permission to get a project", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "ListBatchDataTransfers": { + "privilege": "ListBatchDataTransfers", + "description": "Grants permission to list batch data transfers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "ListBatchSummaries": { + "privilege": "ListBatchSummaries", + "description": "Grants permission to list batch summaries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "ListProjectDataTransfers": { + "privilege": "ListProjectDataTransfers", + "description": "Grants permission to list project data transfers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "ListProjectSummaries": { + "privilege": "ListProjectSummaries", + "description": "Grants permission to list project summaries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "StartBatchDataTransfer": { + "privilege": "StartBatchDataTransfer", + "description": "Grants permission to start a batch data transfer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "StartProjectDataTransfer": { + "privilege": "StartProjectDataTransfer", + "description": "Grants permission to start a project data transfer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + }, + "UpdateBatch": { + "privilege": "UpdateBatch", + "description": "Grants permission to update a batch", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "${APIReferenceDocPage}" + } + }, + "privileges_lower_name": { + "createproject": "CreateProject", + "deleteproject": "DeleteProject", + "getaccountdetails": "GetAccountDetails", + "getbatch": "GetBatch", + "getproject": "GetProject", + "listbatchdatatransfers": "ListBatchDataTransfers", + "listbatchsummaries": "ListBatchSummaries", + "listprojectdatatransfers": "ListProjectDataTransfers", + "listprojectsummaries": "ListProjectSummaries", + "startbatchdatatransfer": "StartBatchDataTransfer", + "startprojectdatatransfer": "StartProjectDataTransfer", + "updatebatch": "UpdateBatch" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "securitylake": { + "service_name": "Amazon Security Lake", + "prefix": "securitylake", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsecuritylake.html", + "privileges": { + "CreateAwsLogSource": { + "privilege": "CreateAwsLogSource", + "description": "Grants permission to enable any source type in any region for accounts that are either part of a trusted organization or standalone account", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "glue:CreateDatabase", + "glue:CreateTable", + "glue:GetDatabase", + "glue:GetTable", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey" + ] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateAwsLogSource.html" + }, + "CreateCustomLogSource": { + "privilege": "CreateCustomLogSource", + "description": "Grants permission to add a custom source", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "glue:CreateCrawler", + "glue:CreateDatabase", + "glue:CreateTable", + "glue:StartCrawlerSchedule", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:PassRole", + "iam:PutRolePolicy", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:GenerateDataKey", + "lakeformation:GrantPermissions", + "lakeformation:RegisterResource", + "s3:ListBucket", + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateCustomLogSource.html" + }, + "CreateDataLake": { + "privilege": "CreateDataLake", + "description": "Grants permission to create a new security data lake", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:PutRule", + "events:PutTargets", + "iam:CreateServiceLinkedRole", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:PassRole", + "iam:PutRolePolicy", + "kms:CreateGrant", + "kms:DescribeKey", + "lakeformation:GetDataLakeSettings", + "lakeformation:PutDataLakeSettings", + "lambda:CreateEventSourceMapping", + "lambda:CreateFunction", + "organizations:DescribeOrganization", + "organizations:ListAccounts", + "organizations:ListDelegatedServicesForAccount", + "s3:CreateBucket", + "s3:ListBucket", + "s3:PutBucketPolicy", + "s3:PutBucketPublicAccessBlock", + "s3:PutBucketVersioning", + "sqs:CreateQueue", + "sqs:GetQueueAttributes", + "sqs:SetQueueAttributes" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLake.html" + }, + "CreateDataLakeExceptionSubscription": { + "privilege": "CreateDataLakeExceptionSubscription", + "description": "Grants permission to get instant notifications about exceptions. Subscribes to the SNS topics for exception notifications", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLakeExceptionSubscription.html" + }, + "CreateDataLakeOrganizationConfiguration": { + "privilege": "CreateDataLakeOrganizationConfiguration", + "description": "Grants permission to automatically enable Amazon Security Lake for new member accounts in your organization", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLakeOrganizationConfiguration.html" + }, + "CreateSubscriber": { + "privilege": "CreateSubscriber", + "description": "Grants permission to create a subscriber", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:CreateRole", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:PutRolePolicy", + "lakeformation:GrantPermissions", + "lakeformation:ListPermissions", + "lakeformation:RegisterResource", + "lakeformation:RevokePermissions", + "ram:GetResourceShareAssociations", + "ram:GetResourceShares", + "ram:UpdateResourceShare", + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateSubscriber.html" + }, + "CreateSubscriberNotification": { + "privilege": "CreateSubscriberNotification", + "description": "Grants permission to create a webhook invocation to notify a client when there is new data in the data lake", + "access_level": "Write", + "resource_types": { + "subscriber": { + "resource_type": "subscriber", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:CreateApiDestination", + "events:CreateConnection", + "events:DescribeRule", + "events:ListApiDestinations", + "events:ListConnections", + "events:PutRule", + "events:PutTargets", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:PassRole", + "s3:GetBucketNotification", + "s3:PutBucketNotification", + "sqs:CreateQueue", + "sqs:DeleteQueue", + "sqs:GetQueueAttributes", + "sqs:GetQueueUrl", + "sqs:SetQueueAttributes" + ] + } + }, + "resource_types_lower_name": { + "subscriber": "subscriber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateSubscriberNotification.html" + }, + "DeleteAwsLogSource": { + "privilege": "DeleteAwsLogSource", + "description": "Grants permission to disable any source type in any region for accounts that are part of a trusted organization or standalone accounts", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteAwsLogSource.html" + }, + "DeleteCustomLogSource": { + "privilege": "DeleteCustomLogSource", + "description": "Grants permission to remove a custom source", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "glue:StopCrawlerSchedule" + ] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteCustomLogSource.html" + }, + "DeleteDataLake": { + "privilege": "DeleteDataLake", + "description": "Grants permission to delete security data lake", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization", + "organizations:ListDelegatedAdministrators", + "organizations:ListDelegatedServicesForAccount" + ] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLake.html" + }, + "DeleteDataLakeExceptionSubscription": { + "privilege": "DeleteDataLakeExceptionSubscription", + "description": "Grants permission to unsubscribe from SNS topics for exception notifications. Removes exception notifications for the SNS topic", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLakeExceptionSubscription.html" + }, + "DeleteDataLakeOrganizationConfiguration": { + "privilege": "DeleteDataLakeOrganizationConfiguration", + "description": "Grants permission to remove the automatic enablement of Amazon Security Lake access for new organization accounts", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLakeOrganizationConfiguration.html" + }, + "DeleteSubscriber": { + "privilege": "DeleteSubscriber", + "description": "Grants permission to delete the specified subscriber", + "access_level": "Write", + "resource_types": { + "subscriber": { + "resource_type": "subscriber", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:DeleteApiDestination", + "events:DeleteConnection", + "events:DeleteRule", + "events:DescribeRule", + "events:ListApiDestinations", + "events:ListTargetsByRule", + "events:RemoveTargets", + "iam:DeleteRole", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:ListRolePolicies", + "lakeformation:ListPermissions", + "lakeformation:RevokePermissions", + "sqs:DeleteQueue", + "sqs:GetQueueUrl" + ] + } + }, + "resource_types_lower_name": { + "subscriber": "subscriber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteSubscriber.html" + }, + "DeleteSubscriberNotification": { + "privilege": "DeleteSubscriberNotification", + "description": "Grants permission to remove a webhook invocation to notify a client when there is new data in the data lake", + "access_level": "Write", + "resource_types": { + "subscriber": { + "resource_type": "subscriber", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:DeleteApiDestination", + "events:DeleteConnection", + "events:DeleteRule", + "events:DescribeRule", + "events:ListApiDestinations", + "events:ListTargetsByRule", + "events:RemoveTargets", + "iam:DeleteRole", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:ListRolePolicies", + "lakeformation:RevokePermissions", + "sqs:DeleteQueue", + "sqs:GetQueueUrl" + ] + } + }, + "resource_types_lower_name": { + "subscriber": "subscriber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteSubscriberNotification.html" + }, + "DeregisterDataLakeDelegatedAdministrator": { + "privilege": "DeregisterDataLakeDelegatedAdministrator", + "description": "Grants permission to remove the Delegated Administrator account and disable Amazon Security Lake as a service for this organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DeregisterDelegatedAdministrator", + "organizations:DescribeOrganization", + "organizations:ListDelegatedServicesForAccount" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeregisterDataLakeDelegatedAdministrator.html" + }, + "GetDataLakeExceptionSubscription": { + "privilege": "GetDataLakeExceptionSubscription", + "description": "Grants permission to query the protocol and endpoint that were provided when subscribing to SNS topics for exception notifications", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeExceptionSubscription.html" + }, + "GetDataLakeOrganizationConfiguration": { + "privilege": "GetDataLakeOrganizationConfiguration", + "description": "Grants permission to get an organization\u2019s configuration setting for automatically enabling Amazon Security Lake access for new organization accounts", + "access_level": "Read", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization" + ] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeOrganizationConfiguration.html" + }, + "GetDataLakeSources": { + "privilege": "GetDataLakeSources", + "description": "Grants permission to get a static snapshot of the security data lake in the current region. The snapshot includes enabled accounts and log sources", + "access_level": "Read", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeSources.html" + }, + "GetSubscriber": { + "privilege": "GetSubscriber", + "description": "Grants permission to get information about subscriber that is already created", + "access_level": "Read", + "resource_types": { + "subscriber": { + "resource_type": "subscriber", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscriber": "subscriber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetSubscriber.html" + }, + "ListDataLakeExceptions": { + "privilege": "ListDataLakeExceptions", + "description": "Grants permission to get the list of all non-retryable failures", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListDataLakeExceptions.html" + }, + "ListDataLakes": { + "privilege": "ListDataLakes", + "description": "Grants permission to list information about the security data lakes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListDataLakes.html" + }, + "ListLogSources": { + "privilege": "ListLogSources", + "description": "Grants permission to view the enabled accounts. You can view the enabled sources in the enabled regions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListLogSources.html" + }, + "ListSubscribers": { + "privilege": "ListSubscribers", + "description": "Grants permission to list all subscribers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListSubscribers.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for the resource", + "access_level": "List", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subscriber": { + "resource_type": "subscriber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake", + "subscriber": "subscriber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListTagsForResource.html" + }, + "RegisterDataLakeDelegatedAdministrator": { + "privilege": "RegisterDataLakeDelegatedAdministrator", + "description": "Grants permission to designate an account as the Amazon Security Lake administrator account for the organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "organizations:DescribeOrganization", + "organizations:EnableAWSServiceAccess", + "organizations:ListDelegatedAdministrators", + "organizations:ListDelegatedServicesForAccount", + "organizations:RegisterDelegatedAdministrator" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_RegisterDataLakeDelegatedAdministrator.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to the resource", + "access_level": "Tagging", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subscriber": { + "resource_type": "subscriber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake", + "subscriber": "subscriber", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from the resource", + "access_level": "Tagging", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subscriber": { + "resource_type": "subscriber", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake", + "subscriber": "subscriber", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UntagResource.html" + }, + "UpdateDataLake": { + "privilege": "UpdateDataLake", + "description": "Grants permission to update a security data lake", + "access_level": "Write", + "resource_types": { + "data-lake": { + "resource_type": "data-lake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:PutRule", + "events:PutTargets", + "iam:CreateServiceLinkedRole", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:PutRolePolicy", + "kms:CreateGrant", + "kms:DescribeKey", + "lakeformation:GetDataLakeSettings", + "lakeformation:PutDataLakeSettings", + "lambda:CreateEventSourceMapping", + "lambda:CreateFunction", + "organizations:DescribeOrganization", + "organizations:ListDelegatedServicesForAccount", + "s3:CreateBucket", + "s3:ListBucket", + "s3:PutBucketPolicy", + "s3:PutBucketPublicAccessBlock", + "s3:PutBucketVersioning", + "sqs:CreateQueue", + "sqs:GetQueueAttributes", + "sqs:SetQueueAttributes" + ] + } + }, + "resource_types_lower_name": { + "data-lake": "data-lake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDataLake.html" + }, + "UpdateDataLakeExceptionSubscription": { + "privilege": "UpdateDataLakeExceptionSubscription", + "description": "Grants permission to update subscriptions to the SNS topics for exception notifications", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDataLakeExceptionSubscription.html" + }, + "UpdateSubscriber": { + "privilege": "UpdateSubscriber", + "description": "Grants permission to update subscriber", + "access_level": "Write", + "resource_types": { + "subscriber": { + "resource_type": "subscriber", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:CreateApiDestination", + "events:CreateConnection", + "events:DescribeRule", + "events:ListApiDestinations", + "events:ListConnections", + "events:PutRule", + "events:PutTargets", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:PutRolePolicy" + ] + } + }, + "resource_types_lower_name": { + "subscriber": "subscriber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateSubscriber.html" + }, + "UpdateSubscriberNotification": { + "privilege": "UpdateSubscriberNotification", + "description": "Grants permission to update a webhook invocation to notify a client when there is new data in the data lake", + "access_level": "Write", + "resource_types": { + "subscriber": { + "resource_type": "subscriber", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "events:CreateApiDestination", + "events:CreateConnection", + "events:DescribeRule", + "events:ListApiDestinations", + "events:ListConnections", + "events:PutRule", + "events:PutTargets", + "iam:CreateServiceLinkedRole", + "iam:DeleteRolePolicy", + "iam:GetRole", + "iam:PassRole", + "iam:PutRolePolicy", + "s3:CreateBucket", + "s3:GetBucketNotification", + "s3:ListBucket", + "s3:PutBucketNotification", + "s3:PutBucketPolicy", + "s3:PutBucketPublicAccessBlock", + "s3:PutBucketVersioning", + "s3:PutLifecycleConfiguration", + "sqs:CreateQueue", + "sqs:DeleteQueue", + "sqs:GetQueueAttributes", + "sqs:GetQueueUrl", + "sqs:SetQueueAttributes" + ] + } + }, + "resource_types_lower_name": { + "subscriber": "subscriber" + }, + "api_documentation_link": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateSubscriberNotification.html" + } + }, + "privileges_lower_name": { + "createawslogsource": "CreateAwsLogSource", + "createcustomlogsource": "CreateCustomLogSource", + "createdatalake": "CreateDataLake", + "createdatalakeexceptionsubscription": "CreateDataLakeExceptionSubscription", + "createdatalakeorganizationconfiguration": "CreateDataLakeOrganizationConfiguration", + "createsubscriber": "CreateSubscriber", + "createsubscribernotification": "CreateSubscriberNotification", + "deleteawslogsource": "DeleteAwsLogSource", + "deletecustomlogsource": "DeleteCustomLogSource", + "deletedatalake": "DeleteDataLake", + "deletedatalakeexceptionsubscription": "DeleteDataLakeExceptionSubscription", + "deletedatalakeorganizationconfiguration": "DeleteDataLakeOrganizationConfiguration", + "deletesubscriber": "DeleteSubscriber", + "deletesubscribernotification": "DeleteSubscriberNotification", + "deregisterdatalakedelegatedadministrator": "DeregisterDataLakeDelegatedAdministrator", + "getdatalakeexceptionsubscription": "GetDataLakeExceptionSubscription", + "getdatalakeorganizationconfiguration": "GetDataLakeOrganizationConfiguration", + "getdatalakesources": "GetDataLakeSources", + "getsubscriber": "GetSubscriber", + "listdatalakeexceptions": "ListDataLakeExceptions", + "listdatalakes": "ListDataLakes", + "listlogsources": "ListLogSources", + "listsubscribers": "ListSubscribers", + "listtagsforresource": "ListTagsForResource", + "registerdatalakedelegatedadministrator": "RegisterDataLakeDelegatedAdministrator", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedatalake": "UpdateDataLake", + "updatedatalakeexceptionsubscription": "UpdateDataLakeExceptionSubscription", + "updatesubscriber": "UpdateSubscriber", + "updatesubscribernotification": "UpdateSubscriberNotification" + }, + "resources": { + "data-lake": { + "resource": "data-lake", + "arn": "arn:${Partition}:securitylake:${Region}:${Account}:data-lake/default", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ] + }, + "subscriber": { + "resource": "subscriber", + "arn": "arn:${Partition}:securitylake:${Region}:${Account}:subscriber/${SubscriberId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "data-lake": "data-lake", + "subscriber": "subscriber" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "ssmmessages": { + "service_name": "Amazon Session Manager Message Gateway Service", + "prefix": "ssmmessages", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsessionmanagermessagegatewayservice.html", + "privileges": { + "CreateControlChannel": { + "privilege": "CreateControlChannel", + "description": "Grants permission to register a control channel for an instance to send control messages to Systems Manager service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SourceInstanceARN" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" + }, + "CreateDataChannel": { + "privilege": "CreateDataChannel", + "description": "Grants permission to register a data channel for an instance to send data messages to Systems Manager service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" + }, + "OpenControlChannel": { + "privilege": "OpenControlChannel", + "description": "Grants permission to open a websocket connection for a registered control channel stream from an instance to Systems Manager service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" + }, + "OpenDataChannel": { + "privilege": "OpenDataChannel", + "description": "Grants permission to open a websocket connection for a registered data channel stream from an instance to Systems Manager service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html" + } + }, + "privileges_lower_name": { + "createcontrolchannel": "CreateControlChannel", + "createdatachannel": "CreateDataChannel", + "opencontrolchannel": "OpenControlChannel", + "opendatachannel": "OpenDataChannel" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": { + "ssm:SourceInstanceARN": { + "condition": "ssm:SourceInstanceARN", + "description": "Filters access by verifying the Amazon Resource Name (ARN) of the AWS Systems Manager's managed instance from which the request is made. This key is not present when the request comes from the managed instance authenticated with an IAM role associated with EC2 instance profile", + "type": "String" + } + } + }, + "sdb": { + "service_name": "Amazon SimpleDB", + "prefix": "sdb", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsimpledb.html", + "privileges": { + "BatchDeleteAttributes": { + "privilege": "BatchDeleteAttributes", + "description": "Performs multiple DeleteAttributes operations in a single call, which reduces round trips and latencies", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_BatchDeleteAttributes.html" + }, + "BatchPutAttributes": { + "privilege": "BatchPutAttributes", + "description": "With the BatchPutAttributes operation, you can perform multiple PutAttribute operations in a single call. With the BatchPutAttributes operation, you can perform multiple PutAttribute operations in a single call", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_BatchPutAttributes.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "The CreateDomain operation creates a new domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_CreateDomain.html" + }, + "DeleteAttributes": { + "privilege": "DeleteAttributes", + "description": "Deletes one or more attributes associated with the item", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_DeleteAttributes.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "The DeleteDomain operation deletes a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_DeleteDomain.html" + }, + "DomainMetadata": { + "privilege": "DomainMetadata", + "description": "Returns information about the domain, including when the domain was created, the number of items and attributes, and the size of attribute names and values", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_DomainMetadata.html" + }, + "GetAttributes": { + "privilege": "GetAttributes", + "description": "Returns all of the attributes associated with the item", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_GetAttributes.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Description for ListDomains", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_ListDomains.html" + }, + "PutAttributes": { + "privilege": "PutAttributes", + "description": "The PutAttributes operation creates or replaces attributes in an item", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_PutAttributes.html" + }, + "Select": { + "privilege": "Select", + "description": "Description for Select", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API_Select.html" + } + }, + "privileges_lower_name": { + "batchdeleteattributes": "BatchDeleteAttributes", + "batchputattributes": "BatchPutAttributes", + "createdomain": "CreateDomain", + "deleteattributes": "DeleteAttributes", + "deletedomain": "DeleteDomain", + "domainmetadata": "DomainMetadata", + "getattributes": "GetAttributes", + "listdomains": "ListDomains", + "putattributes": "PutAttributes", + "select": "Select" + }, + "resources": { + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:sdb:${Region}:${Account}:domain/${DomainName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "domain": "domain" + }, + "conditions": {} + }, + "swf": { + "service_name": "Amazon Simple Workflow Service", + "prefix": "swf", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsimpleworkflowservice.html", + "privileges": { + "CancelTimer": { + "privilege": "CancelTimer", + "description": "Grants permission to cancel a previously started timer and record a TimerCanceled event in the history", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "CancelWorkflowExecution": { + "privilege": "CancelWorkflowExecution", + "description": "Grants permission to close the workflow execution and record a WorkflowExecutionCanceled event in the history", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "CompleteWorkflowExecution": { + "privilege": "CompleteWorkflowExecution", + "description": "Grants permission to close the workflow execution and record a WorkflowExecutionCompleted event in the history", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "ContinueAsNewWorkflowExecution": { + "privilege": "ContinueAsNewWorkflowExecution", + "description": "Grants permission to close the workflow execution and start a new workflow execution of the same type using the same workflow ID and a unique run Id", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "CountClosedWorkflowExecutions": { + "privilege": "CountClosedWorkflowExecutions", + "description": "Grants permission to return the number of closed workflow executions within the given domain that meet the specified filtering criteria", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:tagFilter.tag", + "swf:typeFilter.name", + "swf:typeFilter.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountClosedWorkflowExecutions.html" + }, + "CountOpenWorkflowExecutions": { + "privilege": "CountOpenWorkflowExecutions", + "description": "Grants permission to return the number of open workflow executions within the given domain that meet the specified filtering criteria", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:tagFilter.tag", + "swf:typeFilter.name", + "swf:typeFilter.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountOpenWorkflowExecutions.html" + }, + "CountPendingActivityTasks": { + "privilege": "CountPendingActivityTasks", + "description": "Grants permission to return the estimated number of activity tasks in the specified task list", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:taskList.name" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountPendingActivityTasks.html" + }, + "CountPendingDecisionTasks": { + "privilege": "CountPendingDecisionTasks", + "description": "Grants permission to return the estimated number of decision tasks in the specified task list", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:taskList.name" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_CountPendingDecisionTasks.html" + }, + "DeprecateActivityType": { + "privilege": "DeprecateActivityType", + "description": "Grants permission to deprecate the specified activity type", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:activityType.name", + "swf:activityType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DeprecateActivityType.html" + }, + "DeprecateDomain": { + "privilege": "DeprecateDomain", + "description": "Grants permission to deprecate the specified domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DeprecateDomain.html" + }, + "DeprecateWorkflowType": { + "privilege": "DeprecateWorkflowType", + "description": "Grants permission to deprecate the specified workflow type", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:workflowType.name", + "swf:workflowType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DeprecateWorkflowType.html" + }, + "DescribeActivityType": { + "privilege": "DescribeActivityType", + "description": "Grants permission to return information about the specified activity type", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:activityType.name", + "swf:activityType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeActivityType.html" + }, + "DescribeDomain": { + "privilege": "DescribeDomain", + "description": "Grants permission to return information about the specified domain, including its description and status", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeDomain.html" + }, + "DescribeWorkflowExecution": { + "privilege": "DescribeWorkflowExecution", + "description": "Grants permission to return information about the specified workflow execution including its type and some statistics", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeWorkflowExecution.html" + }, + "DescribeWorkflowType": { + "privilege": "DescribeWorkflowType", + "description": "Grants permission to return information about the specified workflow type", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:workflowType.name", + "swf:workflowType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_DescribeWorkflowType.html" + }, + "FailWorkflowExecution": { + "privilege": "FailWorkflowExecution", + "description": "Grants permission to close the workflow execution and record a WorkflowExecutionFailed event in the history", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "GetWorkflowExecutionHistory": { + "privilege": "GetWorkflowExecutionHistory", + "description": "Grants permission to return the history of the specified workflow execution", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_GetWorkflowExecutionHistory.html" + }, + "ListActivityTypes": { + "privilege": "ListActivityTypes", + "description": "Grants permission to return information about all activities registered in the specified domain that match the specified name and registration status", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListActivityTypes.html" + }, + "ListClosedWorkflowExecutions": { + "privilege": "ListClosedWorkflowExecutions", + "description": "Grants permission to return a list of closed workflow executions in the specified domain that meet the filtering criteria", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:tagFilter.tag", + "swf:typeFilter.name", + "swf:typeFilter.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListClosedWorkflowExecutions.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to return the list of domains registered in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListDomains.html" + }, + "ListOpenWorkflowExecutions": { + "privilege": "ListOpenWorkflowExecutions", + "description": "Grants permission to return a list of open workflow executions in the specified domain that meet the filtering criteria", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:tagFilter.tag", + "swf:typeFilter.name", + "swf:typeFilter.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListOpenWorkflowExecutions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS SWF resource", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListTagsForResource.html" + }, + "ListWorkflowTypes": { + "privilege": "ListWorkflowTypes", + "description": "Grants permission to return information about workflow types in the specified domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_ListWorkflowTypes.html" + }, + "PollForActivityTask": { + "privilege": "PollForActivityTask", + "description": "Grants permission to workers to get an ActivityTask from the specified activity taskList", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:taskList.name" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_PollForActivityTask.html" + }, + "PollForDecisionTask": { + "privilege": "PollForDecisionTask", + "description": "Grants permission to deciders to get a DecisionTask from the specified decision taskList", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:taskList.name" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_PollForDecisionTask.html" + }, + "RecordActivityTaskHeartbeat": { + "privilege": "RecordActivityTaskHeartbeat", + "description": "Grants permission to workers to report to the service that the ActivityTask represented by the specified taskToken is still making progress", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RecordActivityTaskHeartbeat.html" + }, + "RecordMarker": { + "privilege": "RecordMarker", + "description": "Grants permission to record a MarkerRecorded event in the history", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "RegisterActivityType": { + "privilege": "RegisterActivityType", + "description": "Grants permission to register a new activity type along with its configuration settings in the specified domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:defaultTaskList.name", + "swf:name", + "swf:version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RegisterActivityType.html" + }, + "RegisterDomain": { + "privilege": "RegisterDomain", + "description": "Grants permission to register a new domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RegisterDomain.html" + }, + "RegisterWorkflowType": { + "privilege": "RegisterWorkflowType", + "description": "Grants permission to register a new workflow type and its configuration settings in the specified domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:defaultTaskList.name", + "swf:name", + "swf:version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RegisterWorkflowType.html" + }, + "RequestCancelActivityTask": { + "privilege": "RequestCancelActivityTask", + "description": "Grants permission to attempt to cancel a previously scheduled activity task", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "RequestCancelExternalWorkflowExecution": { + "privilege": "RequestCancelExternalWorkflowExecution", + "description": "Grants permission to request that a request be made to cancel the specified external workflow execution", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "RequestCancelWorkflowExecution": { + "privilege": "RequestCancelWorkflowExecution", + "description": "Grants permission to record a WorkflowExecutionCancelRequested event in the currently running workflow execution identified by the given domain, workflowId, and runId", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RequestCancelWorkflowExecution.html" + }, + "RespondActivityTaskCanceled": { + "privilege": "RespondActivityTaskCanceled", + "description": "Grants permission to workers to tell the service that the ActivityTask identified by the taskToken was successfully canceled", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondActivityTaskCanceled.html" + }, + "RespondActivityTaskCompleted": { + "privilege": "RespondActivityTaskCompleted", + "description": "Grants permission to workers to tell the service that the ActivityTask identified by the taskToken completed successfully with a result (if provided)", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:activityType.name", + "swf:activityType.version", + "swf:tagList.member.0", + "swf:tagList.member.1", + "swf:tagList.member.2", + "swf:tagList.member.3", + "swf:tagList.member.4", + "swf:taskList.name", + "swf:workflowType.name", + "swf:workflowType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondActivityTaskCompleted.html" + }, + "RespondActivityTaskFailed": { + "privilege": "RespondActivityTaskFailed", + "description": "Grants permission to workers to tell the service that the ActivityTask identified by the taskToken has failed with reason (if specified)", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondActivityTaskFailed.html" + }, + "RespondDecisionTaskCompleted": { + "privilege": "RespondDecisionTaskCompleted", + "description": "Grants permission to deciders to tell the service that the DecisionTask identified by the taskToken has successfully completed", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_RespondDecisionTaskCompleted.html" + }, + "ScheduleActivityTask": { + "privilege": "ScheduleActivityTask", + "description": "Grants permission to schedule an activity task", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "SignalExternalWorkflowExecution": { + "privilege": "SignalExternalWorkflowExecution", + "description": "Grants permission to request a signal to be delivered to the specified external workflow execution and records", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "SignalWorkflowExecution": { + "privilege": "SignalWorkflowExecution", + "description": "Grants permission to record a WorkflowExecutionSignaled event in the workflow execution history and create a decision task for the workflow execution identified by the given domain, workflowId and runId", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_SignalWorkflowExecution.html" + }, + "StartChildWorkflowExecution": { + "privilege": "StartChildWorkflowExecution", + "description": "Grants permission to request that a child workflow execution be started", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "StartTimer": { + "privilege": "StartTimer", + "description": "Grants permission to start a timer for a workflow execution", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_Decision.html" + }, + "StartWorkflowExecution": { + "privilege": "StartWorkflowExecution", + "description": "Grants permission to start an execution of the workflow type in the specified domain using the provided workflowId and input data", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:tagList.member.0", + "swf:tagList.member.1", + "swf:tagList.member.2", + "swf:tagList.member.3", + "swf:tagList.member.4", + "swf:taskList.name", + "swf:workflowType.name", + "swf:workflowType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_StartWorkflowExecution.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS SWF resource", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_TagResource.html" + }, + "TerminateWorkflowExecution": { + "privilege": "TerminateWorkflowExecution", + "description": "Grants permission to record a WorkflowExecutionTerminated event and force closure of the workflow execution identified by the given domain, runId, and workflowId", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_TerminateWorkflowExecution.html" + }, + "UndeprecateActivityType": { + "privilege": "UndeprecateActivityType", + "description": "Grants permission to undeprecate a previously deprecated activity type", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:activityType.name", + "swf:activityType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UndeprecateActivityType.html" + }, + "UndeprecateDomain": { + "privilege": "UndeprecateDomain", + "description": "Grants permission to undeprecate a previously deprecated domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UndeprecateDomain.html" + }, + "UndeprecateWorkflowType": { + "privilege": "UndeprecateWorkflowType", + "description": "Grants permission to undeprecate a previously deprecated workflow type", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "swf:workflowType.name", + "swf:workflowType.version" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UndeprecateWorkflowType.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an AWS SWF resource", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amazonswf/latest/apireference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "canceltimer": "CancelTimer", + "cancelworkflowexecution": "CancelWorkflowExecution", + "completeworkflowexecution": "CompleteWorkflowExecution", + "continueasnewworkflowexecution": "ContinueAsNewWorkflowExecution", + "countclosedworkflowexecutions": "CountClosedWorkflowExecutions", + "countopenworkflowexecutions": "CountOpenWorkflowExecutions", + "countpendingactivitytasks": "CountPendingActivityTasks", + "countpendingdecisiontasks": "CountPendingDecisionTasks", + "deprecateactivitytype": "DeprecateActivityType", + "deprecatedomain": "DeprecateDomain", + "deprecateworkflowtype": "DeprecateWorkflowType", + "describeactivitytype": "DescribeActivityType", + "describedomain": "DescribeDomain", + "describeworkflowexecution": "DescribeWorkflowExecution", + "describeworkflowtype": "DescribeWorkflowType", + "failworkflowexecution": "FailWorkflowExecution", + "getworkflowexecutionhistory": "GetWorkflowExecutionHistory", + "listactivitytypes": "ListActivityTypes", + "listclosedworkflowexecutions": "ListClosedWorkflowExecutions", + "listdomains": "ListDomains", + "listopenworkflowexecutions": "ListOpenWorkflowExecutions", + "listtagsforresource": "ListTagsForResource", + "listworkflowtypes": "ListWorkflowTypes", + "pollforactivitytask": "PollForActivityTask", + "pollfordecisiontask": "PollForDecisionTask", + "recordactivitytaskheartbeat": "RecordActivityTaskHeartbeat", + "recordmarker": "RecordMarker", + "registeractivitytype": "RegisterActivityType", + "registerdomain": "RegisterDomain", + "registerworkflowtype": "RegisterWorkflowType", + "requestcancelactivitytask": "RequestCancelActivityTask", + "requestcancelexternalworkflowexecution": "RequestCancelExternalWorkflowExecution", + "requestcancelworkflowexecution": "RequestCancelWorkflowExecution", + "respondactivitytaskcanceled": "RespondActivityTaskCanceled", + "respondactivitytaskcompleted": "RespondActivityTaskCompleted", + "respondactivitytaskfailed": "RespondActivityTaskFailed", + "responddecisiontaskcompleted": "RespondDecisionTaskCompleted", + "scheduleactivitytask": "ScheduleActivityTask", + "signalexternalworkflowexecution": "SignalExternalWorkflowExecution", + "signalworkflowexecution": "SignalWorkflowExecution", + "startchildworkflowexecution": "StartChildWorkflowExecution", + "starttimer": "StartTimer", + "startworkflowexecution": "StartWorkflowExecution", + "tagresource": "TagResource", + "terminateworkflowexecution": "TerminateWorkflowExecution", + "undeprecateactivitytype": "UndeprecateActivityType", + "undeprecatedomain": "UndeprecateDomain", + "undeprecateworkflowtype": "UndeprecateWorkflowType", + "untagresource": "UntagResource" + }, + "resources": { + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:swf::${Account}:/domain/${DomainName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "domain": "domain" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tag of the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag of the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag of the key", + "type": "ArrayOfString" + }, + "swf:activityType.name": { + "condition": "swf:activityType.name", + "description": "Filters access by the name of the activity type", + "type": "String" + }, + "swf:activityType.version": { + "condition": "swf:activityType.version", + "description": "Filters access by the version of the activity type", + "type": "String" + }, + "swf:defaultTaskList.name": { + "condition": "swf:defaultTaskList.name", + "description": "Filters access by the name of the default task list", + "type": "String" + }, + "swf:name": { + "condition": "swf:name", + "description": "Filters access by the name of activities or workflows", + "type": "String" + }, + "swf:tagFilter.tag": { + "condition": "swf:tagFilter.tag", + "description": "Filters access by the value of tagFilter.tag", + "type": "String" + }, + "swf:tagList.member.0": { + "condition": "swf:tagList.member.0", + "description": "Filters access by the specified tag", + "type": "String" + }, + "swf:tagList.member.1": { + "condition": "swf:tagList.member.1", + "description": "Filters access by the specified tag", + "type": "String" + }, + "swf:tagList.member.2": { + "condition": "swf:tagList.member.2", + "description": "Filters access by the specified tag", + "type": "String" + }, + "swf:tagList.member.3": { + "condition": "swf:tagList.member.3", + "description": "Filters access by the specified tag", + "type": "String" + }, + "swf:tagList.member.4": { + "condition": "swf:tagList.member.4", + "description": "Filters access by the specified tag", + "type": "String" + }, + "swf:taskList.name": { + "condition": "swf:taskList.name", + "description": "Filters access by the name of the tasklist", + "type": "String" + }, + "swf:typeFilter.name": { + "condition": "swf:typeFilter.name", + "description": "Filters access by the name of the type filter", + "type": "String" + }, + "swf:typeFilter.version": { + "condition": "swf:typeFilter.version", + "description": "Filters access by the version of the type filter", + "type": "String" + }, + "swf:version": { + "condition": "swf:version", + "description": "Filters access by the version of activities or workflows", + "type": "String" + }, + "swf:workflowType.name": { + "condition": "swf:workflowType.name", + "description": "Filters access by the name of the workflow type", + "type": "String" + }, + "swf:workflowType.version": { + "condition": "swf:workflowType.version", + "description": "Filters access by the version of the workflow type", + "type": "String" + } + } + }, + "sns": { + "service_name": "Amazon SNS", + "prefix": "sns", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsns.html", + "privileges": { + "AddPermission": { + "privilege": "AddPermission", + "description": "Grants permission to add a statement to a topic's access control policy, granting access for the specified AWS accounts to the specified actions", + "access_level": "Permissions management", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_AddPermission.html" + }, + "CheckIfPhoneNumberIsOptedOut": { + "privilege": "CheckIfPhoneNumberIsOptedOut", + "description": "Grants permission to accept a phone number and indicate whether the phone holder has opted out of receiving SMS messages from your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CheckIfPhoneNumberIsOptedOut.html" + }, + "ConfirmSubscription": { + "privilege": "ConfirmSubscription", + "description": "Grants permission to verify an endpoint owner's intent to receive messages by validating the token sent to the endpoint by an earlier Subscribe action", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ConfirmSubscription.html" + }, + "CreatePlatformApplication": { + "privilege": "CreatePlatformApplication", + "description": "Grants permission to create a platform application object for one of the supported push notification services, such as APNS and GCM, to which devices and mobile apps may register", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformApplication.html" + }, + "CreatePlatformEndpoint": { + "privilege": "CreatePlatformEndpoint", + "description": "Grants permission to create an endpoint for a device and mobile app on one of the supported push notification services, such as GCM and APNS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreatePlatformEndpoint.html" + }, + "CreateSMSSandboxPhoneNumber": { + "privilege": "CreateSMSSandboxPhoneNumber", + "description": "Grants permission to add a destination phone number and send a one-time password (OTP) to that phone number for an AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreateSMSSandboxPhoneNumber.html" + }, + "CreateTopic": { + "privilege": "CreateTopic", + "description": "Grants permission to create a topic to which notifications can be published", + "access_level": "Permissions management", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_CreateTopic.html" + }, + "DeleteEndpoint": { + "privilege": "DeleteEndpoint", + "description": "Grants permission to delete the endpoint for a device and mobile app from Amazon SNS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeleteEndpoint.html" + }, + "DeletePlatformApplication": { + "privilege": "DeletePlatformApplication", + "description": "Grants permission to delete a platform application object for one of the supported push notification services, such as APNS and GCM", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeletePlatformApplication.html" + }, + "DeleteSMSSandboxPhoneNumber": { + "privilege": "DeleteSMSSandboxPhoneNumber", + "description": "Grants permission to delete an AWS account's verified or pending phone number", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeleteSMSSandboxPhoneNumber.html" + }, + "DeleteTopic": { + "privilege": "DeleteTopic", + "description": "Grants permission to delete a topic and all its subscriptions", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_DeleteTopic.html" + }, + "GetDataProtectionPolicy": { + "privilege": "GetDataProtectionPolicy", + "description": "Grants permission to return the data protection policy of the topic", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetDataProtectionPolicy.html" + }, + "GetEndpointAttributes": { + "privilege": "GetEndpointAttributes", + "description": "Grants permission to retrieve the endpoint attributes for a device on one of the supported push notification services, such as GCM and APNS", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetEndpointAttributes.html" + }, + "GetPlatformApplicationAttributes": { + "privilege": "GetPlatformApplicationAttributes", + "description": "Grants permission to retrieve the attributes of the platform application object for the supported push notification services, such as APNS and GCM", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetPlatformApplicationAttributes.html" + }, + "GetSMSAttributes": { + "privilege": "GetSMSAttributes", + "description": "Grants permission to return the settings for sending SMS messages from your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetSMSAttributes.html" + }, + "GetSMSSandboxAccountStatus": { + "privilege": "GetSMSSandboxAccountStatus", + "description": "Grants permission to retrieve the sandbox status for the calling account in the target region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetSMSSandboxAccountStatus.html" + }, + "GetSubscriptionAttributes": { + "privilege": "GetSubscriptionAttributes", + "description": "Grants permission to return all of the properties of a subscription", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html" + }, + "GetTopicAttributes": { + "privilege": "GetTopicAttributes", + "description": "Grants permission to return all of the properties of a topic", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html" + }, + "ListEndpointsByPlatformApplication": { + "privilege": "ListEndpointsByPlatformApplication", + "description": "Grants permission to list the endpoints and endpoint attributes for devices in a supported push notification service, such as GCM and APNS", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListEndpointsByPlatformApplication.html" + }, + "ListOriginationNumbers": { + "privilege": "ListOriginationNumbers", + "description": "Grants permission to list all origination numbers, and their metadata", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListOriginationNumbers.html" + }, + "ListPhoneNumbersOptedOut": { + "privilege": "ListPhoneNumbersOptedOut", + "description": "Grants permission to return a list of phone numbers that are opted out, meaning you cannot send SMS messages to them", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListPhoneNumbersOptedOut.html" + }, + "ListPlatformApplications": { + "privilege": "ListPlatformApplications", + "description": "Grants permission to list the platform application objects for the supported push notification services, such as APNS and GCM", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListPlatformApplications.html" + }, + "ListSMSSandboxPhoneNumbers": { + "privilege": "ListSMSSandboxPhoneNumbers", + "description": "Grants permission to list the calling account's current pending and verified destination phone numbers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListSMSSandboxPhoneNumbers.html" + }, + "ListSubscriptions": { + "privilege": "ListSubscriptions", + "description": "Grants permission to return a list of the requester's subscriptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListSubscriptions.html" + }, + "ListSubscriptionsByTopic": { + "privilege": "ListSubscriptionsByTopic", + "description": "Grants permission to return a list of the subscriptions to a specific topic", + "access_level": "List", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListSubscriptionsByTopic.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags added to the specified Amazon SNS topic", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListTagsForResource.html" + }, + "ListTopics": { + "privilege": "ListTopics", + "description": "Grants permission to return a list of the requester's topics", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html" + }, + "OptInPhoneNumber": { + "privilege": "OptInPhoneNumber", + "description": "Grants permission to opt in a phone number that is currently opted out, which enables you to resume sending SMS messages to the number", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_OptInPhoneNumber.html" + }, + "Publish": { + "privilege": "Publish", + "description": "Grants permission to send a message to all of a topic's subscribed endpoints", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_Publish.html" + }, + "PutDataProtectionPolicy": { + "privilege": "PutDataProtectionPolicy", + "description": "Grants permission to allow a topic owner to set the data protection policy", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_PutDataProtectionPolicy.html" + }, + "RemovePermission": { + "privilege": "RemovePermission", + "description": "Grants permission to remove a statement from a topic's access control policy", + "access_level": "Permissions management", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_RemovePermission.html" + }, + "SetEndpointAttributes": { + "privilege": "SetEndpointAttributes", + "description": "Grants permission to set the attributes for an endpoint for a device on one of the supported push notification services, such as GCM and APNS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetEndpointAttributes.html" + }, + "SetPlatformApplicationAttributes": { + "privilege": "SetPlatformApplicationAttributes", + "description": "Grants permission to set the attributes of the platform application object for the supported push notification services, such as APNS and GCM", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetPlatformApplicationAttributes.html" + }, + "SetSMSAttributes": { + "privilege": "SetSMSAttributes", + "description": "Grants permission to set the default settings for sending SMS messages and receiving daily SMS usage reports", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetSMSAttributes.html" + }, + "SetSubscriptionAttributes": { + "privilege": "SetSubscriptionAttributes", + "description": "Grants permission to allow a subscription owner to set an attribute of the topic to a new value", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetSubscriptionAttributes.html" + }, + "SetTopicAttributes": { + "privilege": "SetTopicAttributes", + "description": "Grants permission to allow a topic owner to set an attribute of the topic to a new value", + "access_level": "Permissions management", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_SetTopicAttributes.html" + }, + "Subscribe": { + "privilege": "Subscribe", + "description": "Grants permission to prepare to subscribe an endpoint by sending the endpoint a confirmation message", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sns:Endpoint", + "sns:Protocol" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to the specified Amazon SNS topic", + "access_level": "Tagging", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_TagResource.html" + }, + "Unsubscribe": { + "privilege": "Unsubscribe", + "description": "Grants permission to delete a subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_Unsubscribe.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from the specified Amazon SNS topic", + "access_level": "Tagging", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_UntagResource.html" + }, + "VerifySMSSandboxPhoneNumber": { + "privilege": "VerifySMSSandboxPhoneNumber", + "description": "Grants permission to verify a destination phone number with a one-time password (OTP) for an AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sns/latest/api/API_VerifySMSSandboxPhoneNumber.html" + } + }, + "privileges_lower_name": { + "addpermission": "AddPermission", + "checkifphonenumberisoptedout": "CheckIfPhoneNumberIsOptedOut", + "confirmsubscription": "ConfirmSubscription", + "createplatformapplication": "CreatePlatformApplication", + "createplatformendpoint": "CreatePlatformEndpoint", + "createsmssandboxphonenumber": "CreateSMSSandboxPhoneNumber", + "createtopic": "CreateTopic", + "deleteendpoint": "DeleteEndpoint", + "deleteplatformapplication": "DeletePlatformApplication", + "deletesmssandboxphonenumber": "DeleteSMSSandboxPhoneNumber", + "deletetopic": "DeleteTopic", + "getdataprotectionpolicy": "GetDataProtectionPolicy", + "getendpointattributes": "GetEndpointAttributes", + "getplatformapplicationattributes": "GetPlatformApplicationAttributes", + "getsmsattributes": "GetSMSAttributes", + "getsmssandboxaccountstatus": "GetSMSSandboxAccountStatus", + "getsubscriptionattributes": "GetSubscriptionAttributes", + "gettopicattributes": "GetTopicAttributes", + "listendpointsbyplatformapplication": "ListEndpointsByPlatformApplication", + "listoriginationnumbers": "ListOriginationNumbers", + "listphonenumbersoptedout": "ListPhoneNumbersOptedOut", + "listplatformapplications": "ListPlatformApplications", + "listsmssandboxphonenumbers": "ListSMSSandboxPhoneNumbers", + "listsubscriptions": "ListSubscriptions", + "listsubscriptionsbytopic": "ListSubscriptionsByTopic", + "listtagsforresource": "ListTagsForResource", + "listtopics": "ListTopics", + "optinphonenumber": "OptInPhoneNumber", + "publish": "Publish", + "putdataprotectionpolicy": "PutDataProtectionPolicy", + "removepermission": "RemovePermission", + "setendpointattributes": "SetEndpointAttributes", + "setplatformapplicationattributes": "SetPlatformApplicationAttributes", + "setsmsattributes": "SetSMSAttributes", + "setsubscriptionattributes": "SetSubscriptionAttributes", + "settopicattributes": "SetTopicAttributes", + "subscribe": "Subscribe", + "tagresource": "TagResource", + "unsubscribe": "Unsubscribe", + "untagresource": "UntagResource", + "verifysmssandboxphonenumber": "VerifySMSSandboxPhoneNumber" + }, + "resources": { + "topic": { + "resource": "topic", + "arn": "arn:${Partition}:sns:${Region}:${Account}:${TopicName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "topic": "topic" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags from request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys from request", + "type": "ArrayOfString" + }, + "sns:Endpoint": { + "condition": "sns:Endpoint", + "description": "Filters access by the URL, email address, or ARN from a Subscribe request or a previously confirmed subscription", + "type": "String" + }, + "sns:Protocol": { + "condition": "sns:Protocol", + "description": "Filters access by the protocol value from a Subscribe request or a previously confirmed subscription", + "type": "String" + } + } + }, + "sqs": { + "service_name": "Amazon SQS", + "prefix": "sqs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsqs.html", + "privileges": { + "AddPermission": { + "privilege": "AddPermission", + "description": "Grants permission to a queue for a specific principal", + "access_level": "Permissions management", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_AddPermission.html" + }, + "CancelMessageMoveTask": { + "privilege": "CancelMessageMoveTask", + "description": "Grants permission to cancel an in progress message move task", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CancelMessageMoveTask.html" + }, + "ChangeMessageVisibility": { + "privilege": "ChangeMessageVisibility", + "description": "Grants permission to change the visibility timeout of a specified message in a queue to a new value", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ChangeMessageVisibility.html" + }, + "CreateQueue": { + "privilege": "CreateQueue", + "description": "Grants permission to create a new queue, or returns the URL of an existing one", + "access_level": "Permissions management", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html" + }, + "DeleteMessage": { + "privilege": "DeleteMessage", + "description": "Grants permission to delete the specified message from the specified queue", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_DeleteMessage.html" + }, + "DeleteQueue": { + "privilege": "DeleteQueue", + "description": "Grants permission to delete the queue specified by the queue URL, regardless of whether the queue is empty", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_DeleteQueue.html" + }, + "GetQueueAttributes": { + "privilege": "GetQueueAttributes", + "description": "Grants permission to get attributes for the specified queue", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_GetQueueAttributes.html" + }, + "GetQueueUrl": { + "privilege": "GetQueueUrl", + "description": "Grants permission to return the URL of an existing queue", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_GetQueueUrl.html" + }, + "ListDeadLetterSourceQueues": { + "privilege": "ListDeadLetterSourceQueues", + "description": "Grants permission to return a list of your queues that have the RedrivePolicy queue attribute configured with a dead letter queue", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListDeadLetterSourceQueues.html" + }, + "ListMessageMoveTasks": { + "privilege": "ListMessageMoveTasks", + "description": "Grants permission to list message move tasks", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListMessageMoveTasks.html" + }, + "ListQueueTags": { + "privilege": "ListQueueTags", + "description": "Grants permission to list tags added to an SQS queue", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListQueueTags.html" + }, + "ListQueues": { + "privilege": "ListQueues", + "description": "Grants permission to return a list of your queues", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ListQueues.html" + }, + "PurgeQueue": { + "privilege": "PurgeQueue", + "description": "Grants permission to delete the messages in a queue specified by the queue URL", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_PurgeQueue.html" + }, + "ReceiveMessage": { + "privilege": "ReceiveMessage", + "description": "Grants permission to retrieve one or more messages, with a maximum limit of 10 messages, from the specified queue", + "access_level": "Read", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ReceiveMessage.html" + }, + "RemovePermission": { + "privilege": "RemovePermission", + "description": "Grants permission to revoke any permissions in the queue policy that matches the specified Label parameter", + "access_level": "Permissions management", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_RemovePermission.html" + }, + "SendMessage": { + "privilege": "SendMessage", + "description": "Grants permission to deliver a message to the specified queue", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html" + }, + "SetQueueAttributes": { + "privilege": "SetQueueAttributes", + "description": "Grants permission to set the value of one or more queue attributes", + "access_level": "Permissions management", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SetQueueAttributes.html" + }, + "StartMessageMoveTask": { + "privilege": "StartMessageMoveTask", + "description": "Grants permission to start a message move task", + "access_level": "Write", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_StartMessageMoveTask.html" + }, + "TagQueue": { + "privilege": "TagQueue", + "description": "Grants permission to add tags to the specified SQS queue", + "access_level": "Tagging", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_TagQueue.html" + }, + "UntagQueue": { + "privilege": "UntagQueue", + "description": "Grants permission to remove tags from the specified SQS queue", + "access_level": "Tagging", + "resource_types": { + "queue": { + "resource_type": "queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_UntagQueue.html" + } + }, + "privileges_lower_name": { + "addpermission": "AddPermission", + "cancelmessagemovetask": "CancelMessageMoveTask", + "changemessagevisibility": "ChangeMessageVisibility", + "createqueue": "CreateQueue", + "deletemessage": "DeleteMessage", + "deletequeue": "DeleteQueue", + "getqueueattributes": "GetQueueAttributes", + "getqueueurl": "GetQueueUrl", + "listdeadlettersourcequeues": "ListDeadLetterSourceQueues", + "listmessagemovetasks": "ListMessageMoveTasks", + "listqueuetags": "ListQueueTags", + "listqueues": "ListQueues", + "purgequeue": "PurgeQueue", + "receivemessage": "ReceiveMessage", + "removepermission": "RemovePermission", + "sendmessage": "SendMessage", + "setqueueattributes": "SetQueueAttributes", + "startmessagemovetask": "StartMessageMoveTask", + "tagqueue": "TagQueue", + "untagqueue": "UntagQueue" + }, + "resources": { + "queue": { + "resource": "queue", + "arn": "arn:${Partition}:sqs:${Region}:${Account}:${QueueName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "queue": "queue" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "storagegateway": { + "service_name": "Amazon Storage Gateway", + "prefix": "storagegateway", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonstoragegateway.html", + "privileges": { + "ActivateGateway": { + "privilege": "ActivateGateway", + "description": "Grants permission to activate the gateway you previously deployed on your host", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ActivateGateway.html" + }, + "AddCache": { + "privilege": "AddCache", + "description": "Grants permission to configure one or more gateway local disks as cache for a cached-volume gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddCache.html" + }, + "AddTagsToResource": { + "privilege": "AddTagsToResource", + "description": "Grants permission to add one or more tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "share": { + "resource_type": "share", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "share": "share", + "tape": "tape", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddTagsToResource.html" + }, + "AddUploadBuffer": { + "privilege": "AddUploadBuffer", + "description": "Grants permission to configure one or more gateway local disks as upload buffer for a specified gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddUploadBuffer.html" + }, + "AddWorkingStorage": { + "privilege": "AddWorkingStorage", + "description": "Grants permission to configure one or more gateway local disks as working storage for a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AddWorkingStorage.html" + }, + "AssignTapePool": { + "privilege": "AssignTapePool", + "description": "Grants permission to move a tape to the target pool specified", + "access_level": "Write", + "resource_types": { + "tape": { + "resource_type": "tape", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tapepool": { + "resource_type": "tapepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tape": "tape", + "tapepool": "tapepool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AssignTapePool.html" + }, + "AssociateFileSystem": { + "privilege": "AssociateFileSystem", + "description": "Grants permission to associate an Amazon FSx file system with the Amazon FSx file gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories", + "ec2:DescribeNetworkInterfaces", + "fsx:DescribeFileSystems", + "iam:CreateServiceLinkedRole", + "logs:CreateLogDelivery", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:UpdateLogDelivery" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AssociateFileSystem.html" + }, + "AttachVolume": { + "privilege": "AttachVolume", + "description": "Grants permission to connect a volume to an iSCSI connection and then attaches the volume to the specified gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_AttachVolume.html" + }, + "BypassGovernanceRetention": { + "privilege": "BypassGovernanceRetention", + "description": "Grants permission to allow the governance retention lock on a pool to be bypassed", + "access_level": "Write", + "resource_types": { + "tapepool": { + "resource_type": "tapepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tapepool": "tapepool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/userguide/CreatingCustomTapePool.html#TapeRetentionLock" + }, + "CancelArchival": { + "privilege": "CancelArchival", + "description": "Grants permission to cancel archiving of a virtual tape to the virtual tape shelf (VTS) after the archiving process is initiated", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tape": "tape" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CancelArchival.html" + }, + "CancelRetrieval": { + "privilege": "CancelRetrieval", + "description": "Grants permission to cancel retrieval of a virtual tape from the virtual tape shelf (VTS) to a gateway after the retrieval process is initiated", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tape": "tape" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CancelRetrieval.html" + }, + "CreateCachediSCSIVolume": { + "privilege": "CreateCachediSCSIVolume", + "description": "Grants permission to create a cached volume on a specified cached gateway. This operation is supported only for the gateway-cached volume architecture", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateCachediSCSIVolume.html" + }, + "CreateNFSFileShare": { + "privilege": "CreateNFSFileShare", + "description": "Grants permission to create a NFS file share on an existing file gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateNFSFileShare.html" + }, + "CreateSMBFileShare": { + "privilege": "CreateSMBFileShare", + "description": "Grants permission to create a SMB file share on an existing file gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSMBFileShare.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to initiate a snapshot of a volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSnapshot.html" + }, + "CreateSnapshotFromVolumeRecoveryPoint": { + "privilege": "CreateSnapshotFromVolumeRecoveryPoint", + "description": "Grants permission to initiate a snapshot of a gateway from a volume recovery point", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSnapshotFromVolumeRecoveryPoint.html" + }, + "CreateStorediSCSIVolume": { + "privilege": "CreateStorediSCSIVolume", + "description": "Grants permission to create a volume on a specified gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateStorediSCSIVolume.html" + }, + "CreateTapePool": { + "privilege": "CreateTapePool", + "description": "Grants permission to create a tape pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapePool.html" + }, + "CreateTapeWithBarcode": { + "privilege": "CreateTapeWithBarcode", + "description": "Grants permission to create a virtual tape by using your own barcode", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tapepool": { + "resource_type": "tapepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tapepool": "tapepool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapeWithBarcode.html" + }, + "CreateTapes": { + "privilege": "CreateTapes", + "description": "Grants permission to create one or more virtual tapes. You write data to the virtual tapes and then archive the tapes", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tapepool": { + "resource_type": "tapepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tapepool": "tapepool", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateTapes.html" + }, + "DeleteAutomaticTapeCreationPolicy": { + "privilege": "DeleteAutomaticTapeCreationPolicy", + "description": "Grants permission to delete the automatic tape creation policy configured on a gateway-VTL", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteAutomaticTapeCreationPolicy.html" + }, + "DeleteBandwidthRateLimit": { + "privilege": "DeleteBandwidthRateLimit", + "description": "Grants permission to delete the bandwidth rate limits of a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteBandwidthRateLimit.html" + }, + "DeleteChapCredentials": { + "privilege": "DeleteChapCredentials", + "description": "Grants permission to delete Challenge-Handshake Authentication Protocol (CHAP) credentials for a specified iSCSI target and initiator pair", + "access_level": "Permissions management", + "resource_types": { + "target": { + "resource_type": "target", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "target": "target" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteChapCredentials.html" + }, + "DeleteFileShare": { + "privilege": "DeleteFileShare", + "description": "Grants permission to delete a file share from a file gateway", + "access_level": "Write", + "resource_types": { + "share": { + "resource_type": "share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "share": "share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteFileShare.html" + }, + "DeleteGateway": { + "privilege": "DeleteGateway", + "description": "Grants permission to delete a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteGateway.html" + }, + "DeleteSnapshotSchedule": { + "privilege": "DeleteSnapshotSchedule", + "description": "Grants permission to delete a snapshot of a volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteSnapshotSchedule.html" + }, + "DeleteTape": { + "privilege": "DeleteTape", + "description": "Grants permission to delete the specified virtual tape", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tape": "tape" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTape.html" + }, + "DeleteTapeArchive": { + "privilege": "DeleteTapeArchive", + "description": "Grants permission to delete the specified virtual tape from the virtual tape shelf (VTS)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTapeArchive.html" + }, + "DeleteTapePool": { + "privilege": "DeleteTapePool", + "description": "Grants permission to delete the specified tape pool", + "access_level": "Write", + "resource_types": { + "tapepool": { + "resource_type": "tapepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tapepool": "tapepool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteTapePool.html" + }, + "DeleteVolume": { + "privilege": "DeleteVolume", + "description": "Grants permission to delete the specified gateway volume that you previously created using the CreateCachediSCSIVolume or CreateStorediSCSIVolume API", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DeleteVolume.html" + }, + "DescribeAvailabilityMonitorTest": { + "privilege": "DescribeAvailabilityMonitorTest", + "description": "Grants permission to get the information about the most recent high availability monitoring test that was performed on the gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeAvailabilityMonitorTest.html" + }, + "DescribeBandwidthRateLimit": { + "privilege": "DescribeBandwidthRateLimit", + "description": "Grants permission to get the bandwidth rate limits of a gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeBandwidthRateLimit.html" + }, + "DescribeBandwidthRateLimitSchedule": { + "privilege": "DescribeBandwidthRateLimitSchedule", + "description": "Grants permission to get the bandwidth rate limit schedule of a gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeBandwidthRateLimitSchedule.html" + }, + "DescribeCache": { + "privilege": "DescribeCache", + "description": "Grants permission to get information about the cache of a gateway. This operation is supported only for the gateway-cached volume architecture", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeCache.html" + }, + "DescribeCachediSCSIVolumes": { + "privilege": "DescribeCachediSCSIVolumes", + "description": "Grants permission to get a description of the gateway volumes specified in the request. This operation is supported only for the gateway-cached volume architecture", + "access_level": "Read", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeCachediSCSIVolumes.html" + }, + "DescribeChapCredentials": { + "privilege": "DescribeChapCredentials", + "description": "Grants permission to get an array of Challenge-Handshake Authentication Protocol (CHAP) credentials information for a specified iSCSI target, one for each target-initiator pair", + "access_level": "Read", + "resource_types": { + "target": { + "resource_type": "target", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "target": "target" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeChapCredentials.html" + }, + "DescribeFileSystemAssociations": { + "privilege": "DescribeFileSystemAssociations", + "description": "Grants permission to get a description for one or more file system associations", + "access_level": "Read", + "resource_types": { + "fs-association": { + "resource_type": "fs-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fs-association": "fs-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeFileSystemAssociations.html" + }, + "DescribeGatewayInformation": { + "privilege": "DescribeGatewayInformation", + "description": "Grants permission to get metadata about a gateway such as its name, network interfaces, configured time zone, and the state (whether the gateway is running or not)", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeGatewayInformation.html" + }, + "DescribeMaintenanceStartTime": { + "privilege": "DescribeMaintenanceStartTime", + "description": "Grants permission to get your gateway's weekly maintenance start time including the day and time of the week", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeMaintenanceStartTime.html" + }, + "DescribeNFSFileShares": { + "privilege": "DescribeNFSFileShares", + "description": "Grants permission to get a description for one or more file shares from a file gateway", + "access_level": "Read", + "resource_types": { + "share": { + "resource_type": "share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "share": "share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeNFSFileShares.html" + }, + "DescribeSMBFileShares": { + "privilege": "DescribeSMBFileShares", + "description": "Grants permission to get a description for one or more file shares from a file gateway", + "access_level": "Read", + "resource_types": { + "share": { + "resource_type": "share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "share": "share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSMBFileShares.html" + }, + "DescribeSMBSettings": { + "privilege": "DescribeSMBSettings", + "description": "Grants permission to get a description of a Server Message Block (SMB) file share settings from a file gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSMBSettings.html" + }, + "DescribeSnapshotSchedule": { + "privilege": "DescribeSnapshotSchedule", + "description": "Grants permission to describe the snapshot schedule for the specified gateway volume", + "access_level": "Read", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeSnapshotSchedule.html" + }, + "DescribeStorediSCSIVolumes": { + "privilege": "DescribeStorediSCSIVolumes", + "description": "Grants permission to get the description of the gateway volumes specified in the request", + "access_level": "Read", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeStorediSCSIVolumes.html" + }, + "DescribeTapeArchives": { + "privilege": "DescribeTapeArchives", + "description": "Grants permission to get a description of specified virtual tapes in the virtual tape shelf (VTS)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapeArchives.html" + }, + "DescribeTapeRecoveryPoints": { + "privilege": "DescribeTapeRecoveryPoints", + "description": "Grants permission to get a list of virtual tape recovery points that are available for the specified gateway-VTL", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapeRecoveryPoints.html" + }, + "DescribeTapes": { + "privilege": "DescribeTapes", + "description": "Grants permission to get a description of the specified Amazon Resource Name (ARN) of virtual tapes", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeTapes.html" + }, + "DescribeUploadBuffer": { + "privilege": "DescribeUploadBuffer", + "description": "Grants permission to get information about the upload buffer of a gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeUploadBuffer.html" + }, + "DescribeVTLDevices": { + "privilege": "DescribeVTLDevices", + "description": "Grants permission to get a description of virtual tape library (VTL) devices for the specified gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeVTLDevices.html" + }, + "DescribeWorkingStorage": { + "privilege": "DescribeWorkingStorage", + "description": "Grants permission to get information about the working storage of a gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DescribeWorkingStorage.html" + }, + "DetachVolume": { + "privilege": "DetachVolume", + "description": "Grants permission to disconnect a volume from an iSCSI connection and then detaches the volume from the specified gateway", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DetachVolume.html" + }, + "DisableGateway": { + "privilege": "DisableGateway", + "description": "Grants permission to disable a gateway when the gateway is no longer functioning", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DisableGateway.html" + }, + "DisassociateFileSystem": { + "privilege": "DisassociateFileSystem", + "description": "Grants permission to disassociate an Amazon FSx file system from an Amazon FSx file gateway", + "access_level": "Write", + "resource_types": { + "fs-association": { + "resource_type": "fs-association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fs-association": "fs-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_DisassociateFileSystem.html" + }, + "JoinDomain": { + "privilege": "JoinDomain", + "description": "Grants permission to enable you to join an Active Directory Domain", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_JoinDomain.html" + }, + "ListAutomaticTapeCreationPolicies": { + "privilege": "ListAutomaticTapeCreationPolicies", + "description": "Grants permission to list the automatic tape creation policies configured on the specified gateway-VTL or all gateway-VTLs owned by your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListAutomaticTapeCreationPolicies.html" + }, + "ListFileShares": { + "privilege": "ListFileShares", + "description": "Grants permission to get a list of the file shares for a specific file gateway, or the list of file shares owned by your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListFileShares.html" + }, + "ListFileSystemAssociations": { + "privilege": "ListFileSystemAssociations", + "description": "Grants permission to get a list of the file system associations for the specified gateway", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListFileSystemAssociations.html" + }, + "ListGateways": { + "privilege": "ListGateways", + "description": "Grants permission to list gateways owned by an AWS account in a region specified in the request. The returned list is ordered by gateway Amazon Resource Name (ARN)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListGateways.html" + }, + "ListLocalDisks": { + "privilege": "ListLocalDisks", + "description": "Grants permission to get a list of the gateway's local disks", + "access_level": "List", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListLocalDisks.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get the tags that have been added to the specified resource", + "access_level": "List", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "share": { + "resource_type": "share", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "share": "share", + "tape": "tape", + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTapePools": { + "privilege": "ListTapePools", + "description": "Grants permission to list tape pools owned by your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTapePools.html" + }, + "ListTapes": { + "privilege": "ListTapes", + "description": "Grants permission to list virtual tapes in your virtual tape library (VTL) and your virtual tape shelf (VTS)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListTapes.html" + }, + "ListVolumeInitiators": { + "privilege": "ListVolumeInitiators", + "description": "Grants permission to list iSCSI initiators that are connected to a volume", + "access_level": "List", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumeInitiators.html" + }, + "ListVolumeRecoveryPoints": { + "privilege": "ListVolumeRecoveryPoints", + "description": "Grants permission to list the recovery points for a specified gateway", + "access_level": "List", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumeRecoveryPoints.html" + }, + "ListVolumes": { + "privilege": "ListVolumes", + "description": "Grants permission to list the iSCSI stored volumes of a gateway", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ListVolumes.html" + }, + "NotifyWhenUploaded": { + "privilege": "NotifyWhenUploaded", + "description": "Grants permission to send you a notification through CloudWatch Events when all files written to your NFS file share have been uploaded to Amazon S3", + "access_level": "Write", + "resource_types": { + "share": { + "resource_type": "share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "share": "share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_NotifyWhenUploaded.html" + }, + "RefreshCache": { + "privilege": "RefreshCache", + "description": "Grants permission to refresh the cache for the specified file share", + "access_level": "Write", + "resource_types": { + "share": { + "resource_type": "share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "share": "share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RefreshCache.html" + }, + "RemoveTagsFromResource": { + "privilege": "RemoveTagsFromResource", + "description": "Grants permission to remove one or more tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "share": { + "resource_type": "share", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "volume": { + "resource_type": "volume", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "share": "share", + "tape": "tape", + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RemoveTagsFromResource.html" + }, + "ResetCache": { + "privilege": "ResetCache", + "description": "Grants permission to reset all cache disks that have encountered a error and makes the disks available for reconfiguration as cache storage", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ResetCache.html" + }, + "RetrieveTapeArchive": { + "privilege": "RetrieveTapeArchive", + "description": "Grants permission to retrieve an archived virtual tape from the virtual tape shelf (VTS) to a gateway-VTL", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tape": "tape" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RetrieveTapeArchive.html" + }, + "RetrieveTapeRecoveryPoint": { + "privilege": "RetrieveTapeRecoveryPoint", + "description": "Grants permission to retrieve the recovery point for the specified virtual tape", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tape": { + "resource_type": "tape", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tape": "tape" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_RetrieveTapeRecoveryPoint.html" + }, + "SetLocalConsolePassword": { + "privilege": "SetLocalConsolePassword", + "description": "Grants permission to set the password for your VM local console", + "access_level": "Permissions management", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_SetLocalConsolePassword.html" + }, + "SetSMBGuestPassword": { + "privilege": "SetSMBGuestPassword", + "description": "Grants permission to set the password for SMB Guest user", + "access_level": "Permissions management", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_SetSMBGuestPassword.html" + }, + "ShutdownGateway": { + "privilege": "ShutdownGateway", + "description": "Grants permission to shut down a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_ShutdownGateway.html" + }, + "StartAvailabilityMonitorTest": { + "privilege": "StartAvailabilityMonitorTest", + "description": "Grants permission to start a test that verifies that the specified gateway is configured for High Availability monitoring in your host environment", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_StartAvailabilityMonitorTest.html" + }, + "StartGateway": { + "privilege": "StartGateway", + "description": "Grants permission to start a gateway that you previously shut down", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_StartGateway.html" + }, + "UpdateAutomaticTapeCreationPolicy": { + "privilege": "UpdateAutomaticTapeCreationPolicy", + "description": "Grants permission to update the automatic tape creation policy configured on a gateway-VTL", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "tapepool": { + "resource_type": "tapepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "tapepool": "tapepool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateAutomaticTapeCreationPolicy.html" + }, + "UpdateBandwidthRateLimit": { + "privilege": "UpdateBandwidthRateLimit", + "description": "Grants permission to update the bandwidth rate limits of a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateBandwidthRateLimit.html" + }, + "UpdateBandwidthRateLimitSchedule": { + "privilege": "UpdateBandwidthRateLimitSchedule", + "description": "Grants permission to update the bandwidth rate limit schedule of a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateBandwidthRateLimitSchedule.html" + }, + "UpdateChapCredentials": { + "privilege": "UpdateChapCredentials", + "description": "Grants permission to update the Challenge-Handshake Authentication Protocol (CHAP) credentials for a specified iSCSI target", + "access_level": "Permissions management", + "resource_types": { + "target": { + "resource_type": "target", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "target": "target" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateChapCredentials.html" + }, + "UpdateFileSystemAssociation": { + "privilege": "UpdateFileSystemAssociation", + "description": "Grants permission to update a file system association", + "access_level": "Write", + "resource_types": { + "fs-association": { + "resource_type": "fs-association", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:CreateLogDelivery", + "logs:DeleteLogDelivery", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:UpdateLogDelivery" + ] + } + }, + "resource_types_lower_name": { + "fs-association": "fs-association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateFileSystemAssociation.html" + }, + "UpdateGatewayInformation": { + "privilege": "UpdateGatewayInformation", + "description": "Grants permission to update a gateway's metadata, which includes the gateway's name and time zone", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateGatewayInformation.html" + }, + "UpdateGatewaySoftwareNow": { + "privilege": "UpdateGatewaySoftwareNow", + "description": "Grants permission to update the gateway virtual machine (VM) software", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateGatewaySoftwareNow.html" + }, + "UpdateMaintenanceStartTime": { + "privilege": "UpdateMaintenanceStartTime", + "description": "Grants permission to update a gateway's weekly maintenance start time information, including day and time of the week. The maintenance time is the time in your gateway's time zone", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateMaintenanceStartTime.html" + }, + "UpdateNFSFileShare": { + "privilege": "UpdateNFSFileShare", + "description": "Grants permission to update a NFS file share", + "access_level": "Write", + "resource_types": { + "share": { + "resource_type": "share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "share": "share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateNFSFileShare.html" + }, + "UpdateSMBFileShare": { + "privilege": "UpdateSMBFileShare", + "description": "Grants permission to update a SMB file share", + "access_level": "Write", + "resource_types": { + "share": { + "resource_type": "share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "share": "share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBFileShare.html" + }, + "UpdateSMBFileShareVisibility": { + "privilege": "UpdateSMBFileShareVisibility", + "description": "Grants permission to update whether the shares on a gateway are visible in a net view or browse list", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBFileShareVisibility.html" + }, + "UpdateSMBLocalGroups": { + "privilege": "UpdateSMBLocalGroups", + "description": "Grants permission to update the list of Active Directory users and groups that have special permissions for SMB file shares on the gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBLocalGroups.html" + }, + "UpdateSMBSecurityStrategy": { + "privilege": "UpdateSMBSecurityStrategy", + "description": "Grants permission to update the SMB security strategy on a file gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSMBSecurityStrategy.html" + }, + "UpdateSnapshotSchedule": { + "privilege": "UpdateSnapshotSchedule", + "description": "Grants permission to update a snapshot schedule configured for a gateway volume", + "access_level": "Write", + "resource_types": { + "volume": { + "resource_type": "volume", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "volume": "volume", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateSnapshotSchedule.html" + }, + "UpdateVTLDeviceType": { + "privilege": "UpdateVTLDeviceType", + "description": "Grants permission to update the type of medium changer in a gateway-VTL", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_UpdateVTLDeviceType.html" + } + }, + "privileges_lower_name": { + "activategateway": "ActivateGateway", + "addcache": "AddCache", + "addtagstoresource": "AddTagsToResource", + "adduploadbuffer": "AddUploadBuffer", + "addworkingstorage": "AddWorkingStorage", + "assigntapepool": "AssignTapePool", + "associatefilesystem": "AssociateFileSystem", + "attachvolume": "AttachVolume", + "bypassgovernanceretention": "BypassGovernanceRetention", + "cancelarchival": "CancelArchival", + "cancelretrieval": "CancelRetrieval", + "createcachediscsivolume": "CreateCachediSCSIVolume", + "createnfsfileshare": "CreateNFSFileShare", + "createsmbfileshare": "CreateSMBFileShare", + "createsnapshot": "CreateSnapshot", + "createsnapshotfromvolumerecoverypoint": "CreateSnapshotFromVolumeRecoveryPoint", + "createstorediscsivolume": "CreateStorediSCSIVolume", + "createtapepool": "CreateTapePool", + "createtapewithbarcode": "CreateTapeWithBarcode", + "createtapes": "CreateTapes", + "deleteautomatictapecreationpolicy": "DeleteAutomaticTapeCreationPolicy", + "deletebandwidthratelimit": "DeleteBandwidthRateLimit", + "deletechapcredentials": "DeleteChapCredentials", + "deletefileshare": "DeleteFileShare", + "deletegateway": "DeleteGateway", + "deletesnapshotschedule": "DeleteSnapshotSchedule", + "deletetape": "DeleteTape", + "deletetapearchive": "DeleteTapeArchive", + "deletetapepool": "DeleteTapePool", + "deletevolume": "DeleteVolume", + "describeavailabilitymonitortest": "DescribeAvailabilityMonitorTest", + "describebandwidthratelimit": "DescribeBandwidthRateLimit", + "describebandwidthratelimitschedule": "DescribeBandwidthRateLimitSchedule", + "describecache": "DescribeCache", + "describecachediscsivolumes": "DescribeCachediSCSIVolumes", + "describechapcredentials": "DescribeChapCredentials", + "describefilesystemassociations": "DescribeFileSystemAssociations", + "describegatewayinformation": "DescribeGatewayInformation", + "describemaintenancestarttime": "DescribeMaintenanceStartTime", + "describenfsfileshares": "DescribeNFSFileShares", + "describesmbfileshares": "DescribeSMBFileShares", + "describesmbsettings": "DescribeSMBSettings", + "describesnapshotschedule": "DescribeSnapshotSchedule", + "describestorediscsivolumes": "DescribeStorediSCSIVolumes", + "describetapearchives": "DescribeTapeArchives", + "describetaperecoverypoints": "DescribeTapeRecoveryPoints", + "describetapes": "DescribeTapes", + "describeuploadbuffer": "DescribeUploadBuffer", + "describevtldevices": "DescribeVTLDevices", + "describeworkingstorage": "DescribeWorkingStorage", + "detachvolume": "DetachVolume", + "disablegateway": "DisableGateway", + "disassociatefilesystem": "DisassociateFileSystem", + "joindomain": "JoinDomain", + "listautomatictapecreationpolicies": "ListAutomaticTapeCreationPolicies", + "listfileshares": "ListFileShares", + "listfilesystemassociations": "ListFileSystemAssociations", + "listgateways": "ListGateways", + "listlocaldisks": "ListLocalDisks", + "listtagsforresource": "ListTagsForResource", + "listtapepools": "ListTapePools", + "listtapes": "ListTapes", + "listvolumeinitiators": "ListVolumeInitiators", + "listvolumerecoverypoints": "ListVolumeRecoveryPoints", + "listvolumes": "ListVolumes", + "notifywhenuploaded": "NotifyWhenUploaded", + "refreshcache": "RefreshCache", + "removetagsfromresource": "RemoveTagsFromResource", + "resetcache": "ResetCache", + "retrievetapearchive": "RetrieveTapeArchive", + "retrievetaperecoverypoint": "RetrieveTapeRecoveryPoint", + "setlocalconsolepassword": "SetLocalConsolePassword", + "setsmbguestpassword": "SetSMBGuestPassword", + "shutdowngateway": "ShutdownGateway", + "startavailabilitymonitortest": "StartAvailabilityMonitorTest", + "startgateway": "StartGateway", + "updateautomatictapecreationpolicy": "UpdateAutomaticTapeCreationPolicy", + "updatebandwidthratelimit": "UpdateBandwidthRateLimit", + "updatebandwidthratelimitschedule": "UpdateBandwidthRateLimitSchedule", + "updatechapcredentials": "UpdateChapCredentials", + "updatefilesystemassociation": "UpdateFileSystemAssociation", + "updategatewayinformation": "UpdateGatewayInformation", + "updategatewaysoftwarenow": "UpdateGatewaySoftwareNow", + "updatemaintenancestarttime": "UpdateMaintenanceStartTime", + "updatenfsfileshare": "UpdateNFSFileShare", + "updatesmbfileshare": "UpdateSMBFileShare", + "updatesmbfilesharevisibility": "UpdateSMBFileShareVisibility", + "updatesmblocalgroups": "UpdateSMBLocalGroups", + "updatesmbsecuritystrategy": "UpdateSMBSecurityStrategy", + "updatesnapshotschedule": "UpdateSnapshotSchedule", + "updatevtldevicetype": "UpdateVTLDeviceType" + }, + "resources": { + "device": { + "resource": "device", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}/device/${Vtldevice}", + "condition_keys": [] + }, + "fs-association": { + "resource": "fs-association", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:fs-association/${FsaId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "gateway": { + "resource": "gateway", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "share": { + "resource": "share", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:share/${ShareId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "tape": { + "resource": "tape", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:tape/${TapeBarcode}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "tapepool": { + "resource": "tapepool", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:tapepool/${PoolId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "target": { + "resource": "target", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}/target/${IscsiTarget}", + "condition_keys": [] + }, + "volume": { + "resource": "volume", + "arn": "arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}/volume/${VolumeId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "device": "device", + "fs-association": "fs-association", + "gateway": "gateway", + "share": "share", + "tape": "tape", + "tapepool": "tapepool", + "target": "target", + "volume": "volume" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "sumerian": { + "service_name": "Amazon Sumerian", + "prefix": "sumerian", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsumerian.html", + "privileges": { + "Login": { + "privilege": "Login", + "description": "Grants permission to log into the Sumerian console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sumerian/latest/userguide/sumerian-permissions.html" + }, + "ViewRelease": { + "privilege": "ViewRelease", + "description": "Grants permission to view a project release", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/sumerian/latest/userguide/sumerian-permissions.html" + } + }, + "privileges_lower_name": { + "login": "Login", + "viewrelease": "ViewRelease" + }, + "resources": { + "project": { + "resource": "project", + "arn": "arn:${Partition}:sumerian:${Region}:${Account}:project:${ProjectName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "project": "project" + }, + "conditions": {} + }, + "textract": { + "service_name": "Amazon Textract", + "prefix": "textract", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontextract.html", + "privileges": { + "AnalyzeDocument": { + "privilege": "AnalyzeDocument", + "description": "Grants permission to detect instances of real-world document entities within an image provided as input", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_AnalyzeDocument.html" + }, + "AnalyzeExpense": { + "privilege": "AnalyzeExpense", + "description": "Grants permission to detect instances of real-world document entities within an image provided as input", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_AnalyzeExpense.html" + }, + "AnalyzeID": { + "privilege": "AnalyzeID", + "description": "Grants permission to detect relevant information from identity documents provided as input", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_AnalyzeID.html" + }, + "DetectDocumentText": { + "privilege": "DetectDocumentText", + "description": "Grants permission to detect text in document images", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_DetectDocumentText.html" + }, + "GetDocumentAnalysis": { + "privilege": "GetDocumentAnalysis", + "description": "Grants permission to return information about a document analysis job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetDocumentAnalysis.html" + }, + "GetDocumentTextDetection": { + "privilege": "GetDocumentTextDetection", + "description": "Grants permission to return information about a document text detection job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetDocumentTextDetection.html" + }, + "GetExpenseAnalysis": { + "privilege": "GetExpenseAnalysis", + "description": "Grants permission to return information about an expense analysis job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetExpenseAnalysis.html" + }, + "GetLendingAnalysis": { + "privilege": "GetLendingAnalysis", + "description": "Grants permission to retrieve page-level information regarding a lending analysis job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetLendingAnalysis.html" + }, + "GetLendingAnalysisSummary": { + "privilege": "GetLendingAnalysisSummary", + "description": "Grants permission to retrieve summarized information regarding a lending analysis job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_GetLendingAnalysisSummary.html" + }, + "StartDocumentAnalysis": { + "privilege": "StartDocumentAnalysis", + "description": "Grants permission to start an asynchronous job to detect instances of real-world document entities within an image or pdf provided as input", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartDocumentAnalysis.html" + }, + "StartDocumentTextDetection": { + "privilege": "StartDocumentTextDetection", + "description": "Grants permission to start an asynchronous job to detect text in document images or pdfs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartDocumentTextDetection.html" + }, + "StartExpenseAnalysis": { + "privilege": "StartExpenseAnalysis", + "description": "Grants permission to start an asynchronous job to detect instances of invoices or receipts within an image or pdf provided as input", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartExpenseAnalysis.html" + }, + "StartLendingAnalysis": { + "privilege": "StartLendingAnalysis", + "description": "Grants permission to start an asynchronous job for detection of entities in a lending document, takes a provided image or PDF as input", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/textract/latest/dg/API_StartLendingAnalysis.html" + } + }, + "privileges_lower_name": { + "analyzedocument": "AnalyzeDocument", + "analyzeexpense": "AnalyzeExpense", + "analyzeid": "AnalyzeID", + "detectdocumenttext": "DetectDocumentText", + "getdocumentanalysis": "GetDocumentAnalysis", + "getdocumenttextdetection": "GetDocumentTextDetection", + "getexpenseanalysis": "GetExpenseAnalysis", + "getlendinganalysis": "GetLendingAnalysis", + "getlendinganalysissummary": "GetLendingAnalysisSummary", + "startdocumentanalysis": "StartDocumentAnalysis", + "startdocumenttextdetection": "StartDocumentTextDetection", + "startexpenseanalysis": "StartExpenseAnalysis", + "startlendinganalysis": "StartLendingAnalysis" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "timestream": { + "service_name": "Amazon Timestream", + "prefix": "timestream", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontimestream.html", + "privileges": { + "CancelQuery": { + "privilege": "CancelQuery", + "description": "Grants permission to cancel queries in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_CancelQuery.html" + }, + "CreateBatchLoadTask": { + "privilege": "CreateBatchLoadTask", + "description": "Grants permission to create a batch load task in your account", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints", + "timestream:WriteRecords" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateBatchLoadTask.html" + }, + "CreateDatabase": { + "privilege": "CreateDatabase", + "description": "Grants permission to create a database in your account", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateDatabase.html" + }, + "CreateScheduledQuery": { + "privilege": "CreateScheduledQuery", + "description": "Grants permission to create a scheduled query in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:PassRole", + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateScheduledQuery.html" + }, + "CreateTable": { + "privilege": "CreateTable", + "description": "Grants permission to create a table in your account", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateTable.html" + }, + "DeleteDatabase": { + "privilege": "DeleteDatabase", + "description": "Grants permission to delete a database in your account", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DeleteDatabase.html" + }, + "DeleteScheduledQuery": { + "privilege": "DeleteScheduledQuery", + "description": "Grants permission to delete a scheduled query in your account", + "access_level": "Write", + "resource_types": { + "scheduled-query": { + "resource_type": "scheduled-query", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "scheduled-query": "scheduled-query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DeleteScheduledQuery.html" + }, + "DeleteTable": { + "privilege": "DeleteTable", + "description": "Grants permission to delete a table in your account", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DeleteTable.html" + }, + "DescribeBatchLoadTask": { + "privilege": "DescribeBatchLoadTask", + "description": "Grants permission to describe a batch load task in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeBatchLoadTask.html" + }, + "DescribeDatabase": { + "privilege": "DescribeDatabase", + "description": "Grants permission to describe a database in your account", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeDatabase.html" + }, + "DescribeEndpoints": { + "privilege": "DescribeEndpoints", + "description": "Grants permission to describe timestream endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeEndpoints.html" + }, + "DescribeScheduledQuery": { + "privilege": "DescribeScheduledQuery", + "description": "Grants permission to describe a scheduled query in your account", + "access_level": "Read", + "resource_types": { + "scheduled-query": { + "resource_type": "scheduled-query", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "scheduled-query": "scheduled-query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeScheduledQuery.html" + }, + "DescribeTable": { + "privilege": "DescribeTable", + "description": "Grants permission to describe a table in your account", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_DescribeTable.html" + }, + "ExecuteScheduledQuery": { + "privilege": "ExecuteScheduledQuery", + "description": "Grants permission to execute a scheduled query in your account", + "access_level": "Write", + "resource_types": { + "scheduled-query": { + "resource_type": "scheduled-query", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "scheduled-query": "scheduled-query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ExecuteScheduledQuery.html" + }, + "GetAwsBackupStatus": { + "privilege": "GetAwsBackupStatus", + "description": "Grants permission to get Status of a Timestream Table Backup", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" + }, + "GetAwsRestoreStatus": { + "privilege": "GetAwsRestoreStatus", + "description": "Grants permission to get Status of a Timestream Table Restore", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" + }, + "ListBatchLoadTasks": { + "privilege": "ListBatchLoadTasks", + "description": "Grants permission to list batch load tasks in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListBatchLoadTasks.html" + }, + "ListDatabases": { + "privilege": "ListDatabases", + "description": "Grants permission to list databases in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListDatabases.html" + }, + "ListMeasures": { + "privilege": "ListMeasures", + "description": "Grants permission to list measures of a table in your account", + "access_level": "List", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" + }, + "ListScheduledQueries": { + "privilege": "ListScheduledQueries", + "description": "Grants permission to list scheduled queries in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListScheduledQueries.html" + }, + "ListTables": { + "privilege": "ListTables", + "description": "Grants permission to list tables in your account", + "access_level": "List", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListTables.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags of a resource in your account", + "access_level": "Read", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + }, + "scheduled-query": { + "resource_type": "scheduled-query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "scheduled-query": "scheduled-query", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ListTagsForResource.html" + }, + "PrepareQuery": { + "privilege": "PrepareQuery", + "description": "Grants permission to issue prepare queries", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints", + "timestream:Select" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_PrepareQuery.html" + }, + "ResumeBatchLoadTask": { + "privilege": "ResumeBatchLoadTask", + "description": "Grants permission to resume a batch load task in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints", + "timestream:WriteRecords" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_ResumeBatchLoadTask.html" + }, + "Select": { + "privilege": "Select", + "description": "Grants permission to issue 'select from table' queries", + "access_level": "Read", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" + }, + "SelectValues": { + "privilege": "SelectValues", + "description": "Grants permission to issue 'select 1' queries", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" + }, + "StartAwsBackupJob": { + "privilege": "StartAwsBackupJob", + "description": "Grants permission to start a Backup Job for a Timestream Table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" + }, + "StartAwsRestoreJob": { + "privilege": "StartAwsRestoreJob", + "description": "Grants permission to start Restore Job for a Backup of Timestream Table", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/backups.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + }, + "scheduled-query": { + "resource_type": "scheduled-query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "scheduled-query": "scheduled-query", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_TagResource.html" + }, + "Unload": { + "privilege": "Unload", + "description": "Grants permission to issue Unload queries", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:AbortMultipartUpload", + "s3:GetObject", + "s3:PutObject", + "timestream:DescribeEndpoints", + "timestream:Select" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_query_Query.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a resource", + "access_level": "Tagging", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + }, + "scheduled-query": { + "resource_type": "scheduled-query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "database": "database", + "scheduled-query": "scheduled-query", + "table": "table", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UntagResource.html" + }, + "UpdateDatabase": { + "privilege": "UpdateDatabase", + "description": "Grants permission to update a database in your account", + "access_level": "Write", + "resource_types": { + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UpdateDatabase.html" + }, + "UpdateScheduledQuery": { + "privilege": "UpdateScheduledQuery", + "description": "Grants permission to update a scheduled query in your account", + "access_level": "Write", + "resource_types": { + "scheduled-query": { + "resource_type": "scheduled-query", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "scheduled-query": "scheduled-query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UpdateScheduledQuery.html" + }, + "UpdateTable": { + "privilege": "UpdateTable", + "description": "Grants permission to update a table in your account", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_UpdateTable.html" + }, + "WriteRecords": { + "privilege": "WriteRecords", + "description": "Grants permission to ingest data to a table in your account", + "access_level": "Write", + "resource_types": { + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "timestream:DescribeEndpoints" + ] + } + }, + "resource_types_lower_name": { + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/timestream/latest/developerguide/API_WriteRecords.html" + } + }, + "privileges_lower_name": { + "cancelquery": "CancelQuery", + "createbatchloadtask": "CreateBatchLoadTask", + "createdatabase": "CreateDatabase", + "createscheduledquery": "CreateScheduledQuery", + "createtable": "CreateTable", + "deletedatabase": "DeleteDatabase", + "deletescheduledquery": "DeleteScheduledQuery", + "deletetable": "DeleteTable", + "describebatchloadtask": "DescribeBatchLoadTask", + "describedatabase": "DescribeDatabase", + "describeendpoints": "DescribeEndpoints", + "describescheduledquery": "DescribeScheduledQuery", + "describetable": "DescribeTable", + "executescheduledquery": "ExecuteScheduledQuery", + "getawsbackupstatus": "GetAwsBackupStatus", + "getawsrestorestatus": "GetAwsRestoreStatus", + "listbatchloadtasks": "ListBatchLoadTasks", + "listdatabases": "ListDatabases", + "listmeasures": "ListMeasures", + "listscheduledqueries": "ListScheduledQueries", + "listtables": "ListTables", + "listtagsforresource": "ListTagsForResource", + "preparequery": "PrepareQuery", + "resumebatchloadtask": "ResumeBatchLoadTask", + "select": "Select", + "selectvalues": "SelectValues", + "startawsbackupjob": "StartAwsBackupJob", + "startawsrestorejob": "StartAwsRestoreJob", + "tagresource": "TagResource", + "unload": "Unload", + "untagresource": "UntagResource", + "updatedatabase": "UpdateDatabase", + "updatescheduledquery": "UpdateScheduledQuery", + "updatetable": "UpdateTable", + "writerecords": "WriteRecords" + }, + "resources": { + "database": { + "resource": "database", + "arn": "arn:${Partition}:timestream:${Region}:${Account}:database/${DatabaseName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "table": { + "resource": "table", + "arn": "arn:${Partition}:timestream:${Region}:${Account}:database/${DatabaseName}/table/${TableName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "scheduled-query": { + "resource": "scheduled-query", + "arn": "arn:${Partition}:timestream:${Region}:${Account}:scheduled-query/${ScheduledQueryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "database": "database", + "table": "table", + "scheduled-query": "scheduled-query" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "transcribe": { + "service_name": "Amazon Transcribe", + "prefix": "transcribe", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontranscribe.html", + "privileges": { + "CreateCallAnalyticsCategory": { + "privilege": "CreateCallAnalyticsCategory", + "description": "Grants permission to create an analytics category. Amazon Transcribe applies the conditions specified by your analytics categories to your call analytics jobs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateCallAnalyticsCategory.html" + }, + "CreateLanguageModel": { + "privilege": "CreateLanguageModel", + "description": "Grants permission to create a new custom language model", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "s3:GetObject", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateLanguageModel.html" + }, + "CreateMedicalVocabulary": { + "privilege": "CreateMedicalVocabulary", + "description": "Grants permission to create a new custom vocabulary that you can use to change the way Amazon Transcribe Medical handles transcription of an audio file", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateMedicalVocabulary.html" + }, + "CreateVocabulary": { + "privilege": "CreateVocabulary", + "description": "Grants permission to create a new custom vocabulary that you can use to change the way Amazon Transcribe handles transcription of an audio file", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateVocabulary.html" + }, + "CreateVocabularyFilter": { + "privilege": "CreateVocabularyFilter", + "description": "Grants permission to create a new vocabulary filter that you can use to filter out words from the transcription of an audio file generated by Amazon Transcribe", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_CreateVocabularyFilter.html" + }, + "DeleteCallAnalyticsCategory": { + "privilege": "DeleteCallAnalyticsCategory", + "description": "Grants permission to delete a call analytics category using its name from Amazon Transcribe", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteCallAnalyticsCategory.html" + }, + "DeleteCallAnalyticsJob": { + "privilege": "DeleteCallAnalyticsJob", + "description": "Grants permission to delete a previously submitted call analytics job along with any other generated results such as the transcription, models, and so on", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteCallAnalyticsJob.html" + }, + "DeleteLanguageModel": { + "privilege": "DeleteLanguageModel", + "description": "Grants permission to delete a previously created custom language model", + "access_level": "Write", + "resource_types": { + "languagemodel": { + "resource_type": "languagemodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "languagemodel": "languagemodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteLanguageModel.html" + }, + "DeleteMedicalTranscriptionJob": { + "privilege": "DeleteMedicalTranscriptionJob", + "description": "Grants permission to delete a previously submitted medical transcription job", + "access_level": "Write", + "resource_types": { + "medicaltranscriptionjob": { + "resource_type": "medicaltranscriptionjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "medicaltranscriptionjob": "medicaltranscriptionjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteMedicalTranscriptionJob.html" + }, + "DeleteMedicalVocabulary": { + "privilege": "DeleteMedicalVocabulary", + "description": "Grants permission to delete a medical vocabulary from Amazon Transcribe", + "access_level": "Write", + "resource_types": { + "medicalvocabulary": { + "resource_type": "medicalvocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "medicalvocabulary": "medicalvocabulary" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteMedicalVocabulary.html" + }, + "DeleteTranscriptionJob": { + "privilege": "DeleteTranscriptionJob", + "description": "Grants permission to delete a previously submitted transcription job along with any other generated results such as the transcription, models, and so on", + "access_level": "Write", + "resource_types": { + "transcriptionjob": { + "resource_type": "transcriptionjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transcriptionjob": "transcriptionjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteTranscriptionJob.html" + }, + "DeleteVocabulary": { + "privilege": "DeleteVocabulary", + "description": "Grants permission to delete a vocabulary from Amazon Transcribe", + "access_level": "Write", + "resource_types": { + "vocabulary": { + "resource_type": "vocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabulary": "vocabulary" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteVocabulary.html" + }, + "DeleteVocabularyFilter": { + "privilege": "DeleteVocabularyFilter", + "description": "Grants permission to delete a vocabulary filter from Amazon Transcribe", + "access_level": "Write", + "resource_types": { + "vocabularyfilter": { + "resource_type": "vocabularyfilter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabularyfilter": "vocabularyfilter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DeleteVocabularyFilter.html" + }, + "DescribeLanguageModel": { + "privilege": "DescribeLanguageModel", + "description": "Grants permission to return information about a custom language model", + "access_level": "Read", + "resource_types": { + "languagemodel": { + "resource_type": "languagemodel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "languagemodel": "languagemodel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_DescribeLanguageModel.html" + }, + "GetCallAnalyticsCategory": { + "privilege": "GetCallAnalyticsCategory", + "description": "Grants permission to retrieve information about a call analytics category", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetCallAnalyticsCategory.html" + }, + "GetCallAnalyticsJob": { + "privilege": "GetCallAnalyticsJob", + "description": "Grants permission to return information about a call analytics job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetCallAnalyticsJob.html" + }, + "GetMedicalTranscriptionJob": { + "privilege": "GetMedicalTranscriptionJob", + "description": "Grants permission to return information about a medical transcription job", + "access_level": "Read", + "resource_types": { + "medicaltranscriptionjob": { + "resource_type": "medicaltranscriptionjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "medicaltranscriptionjob": "medicaltranscriptionjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetMedicalTranscriptionJob.html" + }, + "GetMedicalVocabulary": { + "privilege": "GetMedicalVocabulary", + "description": "Grants permission to get information about a medical vocabulary", + "access_level": "Read", + "resource_types": { + "medicalvocabulary": { + "resource_type": "medicalvocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "medicalvocabulary": "medicalvocabulary" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetMedicalVocabulary.html" + }, + "GetTranscriptionJob": { + "privilege": "GetTranscriptionJob", + "description": "Grants permission to return information about a transcription job", + "access_level": "Read", + "resource_types": { + "transcriptionjob": { + "resource_type": "transcriptionjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "transcriptionjob": "transcriptionjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetTranscriptionJob.html" + }, + "GetVocabulary": { + "privilege": "GetVocabulary", + "description": "Grants permission to to get information about a vocabulary", + "access_level": "Read", + "resource_types": { + "vocabulary": { + "resource_type": "vocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabulary": "vocabulary" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetVocabulary.html" + }, + "GetVocabularyFilter": { + "privilege": "GetVocabularyFilter", + "description": "Grants permission to get information about a vocabulary filter", + "access_level": "Read", + "resource_types": { + "vocabularyfilter": { + "resource_type": "vocabularyfilter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vocabularyfilter": "vocabularyfilter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_GetVocabularyFilter.html" + }, + "ListCallAnalyticsCategories": { + "privilege": "ListCallAnalyticsCategories", + "description": "Grants permission to list call analytics categories that has been created", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListCallAnalyticsCategories.html" + }, + "ListCallAnalyticsJobs": { + "privilege": "ListCallAnalyticsJobs", + "description": "Grants permission to list call analytics jobs with the specified status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListCallAnalyticsJobs.html" + }, + "ListLanguageModels": { + "privilege": "ListLanguageModels", + "description": "Grants permission to list custom language models", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListLanguageModels.html" + }, + "ListMedicalTranscriptionJobs": { + "privilege": "ListMedicalTranscriptionJobs", + "description": "Grants permission to list medical transcription jobs with the specified status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListMedicalTranscriptionJobs.html" + }, + "ListMedicalVocabularies": { + "privilege": "ListMedicalVocabularies", + "description": "Grants permission to return a list of medical vocabularies that match the specified criteria. If no criteria are specified, returns the entire list of vocabularies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListMedicalVocabularies.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListTagsForResource.html" + }, + "ListTranscriptionJobs": { + "privilege": "ListTranscriptionJobs", + "description": "Grants permission to list transcription jobs with the specified status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListTranscriptionJobs.html" + }, + "ListVocabularies": { + "privilege": "ListVocabularies", + "description": "Grants permission to return a list of vocabularies that match the specified criteria. If no criteria are specified, returns the entire list of vocabularies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListVocabularies.html" + }, + "ListVocabularyFilters": { + "privilege": "ListVocabularyFilters", + "description": "Grants permission to return a list of vocabulary filters that match the specified criteria. If no criteria are specified, returns the at most 5 vocabulary filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_ListVocabularyFilters.html" + }, + "StartCallAnalyticsJob": { + "privilege": "StartCallAnalyticsJob", + "description": "Grants permission to start an asynchronous analytics job that not only transcribes the audio recording of a caller and agent, but also returns additional insights", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "transcribe:OutputEncryptionKMSKeyId", + "transcribe:OutputLocation" + ], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_StartCallAnalyticsJob.html" + }, + "StartCallAnalyticsStreamTranscription": { + "privilege": "StartCallAnalyticsStreamTranscription", + "description": "Grants permission to start a protocol where audio is streamed to Transcribe Call Analytics and the transcription results are streamed to your application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartCallAnalyticsStreamTranscription.html" + }, + "StartCallAnalyticsStreamTranscriptionWebSocket": { + "privilege": "StartCallAnalyticsStreamTranscriptionWebSocket", + "description": "Grants permission to start a WebSocket where audio is streamed to Transcribe Call Analytics and the transcription results are streamed to your application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartCallAnalyticsStreamTranscriptionWebSocket.html" + }, + "StartMedicalStreamTranscription": { + "privilege": "StartMedicalStreamTranscription", + "description": "Grants permission to start a protocol where audio is streamed to Transcribe Medical and the transcription results are streamed to your application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartMedicalStreamTranscription.html" + }, + "StartMedicalStreamTranscriptionWebSocket": { + "privilege": "StartMedicalStreamTranscriptionWebSocket", + "description": "Grants permission to start a WebSocket where audio is streamed to Transcribe Medical and the transcription results are streamed to your application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartMedicalStreamTranscriptionWebSocket.html" + }, + "StartMedicalTranscriptionJob": { + "privilege": "StartMedicalTranscriptionJob", + "description": "Grants permission to start an asynchronous job to transcribe medical speech to text", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "transcribe:OutputBucketName", + "transcribe:OutputEncryptionKMSKeyId", + "transcribe:OutputKey", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_StartMedicalTranscriptionJob.html" + }, + "StartStreamTranscription": { + "privilege": "StartStreamTranscription", + "description": "Grants permission to start a bidirectional HTTP2 stream to transcribe speech to text in real time", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartStreamTranscription.html" + }, + "StartStreamTranscriptionWebSocket": { + "privilege": "StartStreamTranscriptionWebSocket", + "description": "Grants permission to start a websocket stream to transcribe speech to text in real time", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_streaming_StartStreamTranscriptionWebSocket.html" + }, + "StartTranscriptionJob": { + "privilege": "StartTranscriptionJob", + "description": "Grants permission to start an asynchronous job to transcribe speech to text", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "transcribe:OutputBucketName", + "transcribe:OutputEncryptionKMSKeyId", + "transcribe:OutputKey", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_StartTranscriptionJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource with given key value pairs", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource with given key", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UntagResource.html" + }, + "UpdateCallAnalyticsCategory": { + "privilege": "UpdateCallAnalyticsCategory", + "description": "Grants permission to update the call analytics category with new values. The UpdateCallAnalyticsCategory operation overwrites all of the existing information with the values that you provide in the request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateCallAnalyticsCategory.html" + }, + "UpdateMedicalVocabulary": { + "privilege": "UpdateMedicalVocabulary", + "description": "Grants permission to update an existing medical vocabulary with new values. The UpdateMedicalVocabulary operation overwrites all of the existing information with the values that you provide in the request", + "access_level": "Write", + "resource_types": { + "medicalvocabulary": { + "resource_type": "medicalvocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "medicalvocabulary": "medicalvocabulary" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateMedicalVocabulary.html" + }, + "UpdateVocabulary": { + "privilege": "UpdateVocabulary", + "description": "Grants permission to update an existing vocabulary with new values. The UpdateVocabulary operation overwrites all of the existing information with the values that you provide in the request", + "access_level": "Write", + "resource_types": { + "vocabulary": { + "resource_type": "vocabulary", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "vocabulary": "vocabulary" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateVocabulary.html" + }, + "UpdateVocabularyFilter": { + "privilege": "UpdateVocabularyFilter", + "description": "Grants permission to update an existing vocabulary filter with new values. The UpdateVocabularyFilter operation overwrites all of the existing information with the values that you provide in the request", + "access_level": "Write", + "resource_types": { + "vocabularyfilter": { + "resource_type": "vocabularyfilter", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "vocabularyfilter": "vocabularyfilter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transcribe/latest/dg/API_UpdateVocabularyFilter.html" + } + }, + "privileges_lower_name": { + "createcallanalyticscategory": "CreateCallAnalyticsCategory", + "createlanguagemodel": "CreateLanguageModel", + "createmedicalvocabulary": "CreateMedicalVocabulary", + "createvocabulary": "CreateVocabulary", + "createvocabularyfilter": "CreateVocabularyFilter", + "deletecallanalyticscategory": "DeleteCallAnalyticsCategory", + "deletecallanalyticsjob": "DeleteCallAnalyticsJob", + "deletelanguagemodel": "DeleteLanguageModel", + "deletemedicaltranscriptionjob": "DeleteMedicalTranscriptionJob", + "deletemedicalvocabulary": "DeleteMedicalVocabulary", + "deletetranscriptionjob": "DeleteTranscriptionJob", + "deletevocabulary": "DeleteVocabulary", + "deletevocabularyfilter": "DeleteVocabularyFilter", + "describelanguagemodel": "DescribeLanguageModel", + "getcallanalyticscategory": "GetCallAnalyticsCategory", + "getcallanalyticsjob": "GetCallAnalyticsJob", + "getmedicaltranscriptionjob": "GetMedicalTranscriptionJob", + "getmedicalvocabulary": "GetMedicalVocabulary", + "gettranscriptionjob": "GetTranscriptionJob", + "getvocabulary": "GetVocabulary", + "getvocabularyfilter": "GetVocabularyFilter", + "listcallanalyticscategories": "ListCallAnalyticsCategories", + "listcallanalyticsjobs": "ListCallAnalyticsJobs", + "listlanguagemodels": "ListLanguageModels", + "listmedicaltranscriptionjobs": "ListMedicalTranscriptionJobs", + "listmedicalvocabularies": "ListMedicalVocabularies", + "listtagsforresource": "ListTagsForResource", + "listtranscriptionjobs": "ListTranscriptionJobs", + "listvocabularies": "ListVocabularies", + "listvocabularyfilters": "ListVocabularyFilters", + "startcallanalyticsjob": "StartCallAnalyticsJob", + "startcallanalyticsstreamtranscription": "StartCallAnalyticsStreamTranscription", + "startcallanalyticsstreamtranscriptionwebsocket": "StartCallAnalyticsStreamTranscriptionWebSocket", + "startmedicalstreamtranscription": "StartMedicalStreamTranscription", + "startmedicalstreamtranscriptionwebsocket": "StartMedicalStreamTranscriptionWebSocket", + "startmedicaltranscriptionjob": "StartMedicalTranscriptionJob", + "startstreamtranscription": "StartStreamTranscription", + "startstreamtranscriptionwebsocket": "StartStreamTranscriptionWebSocket", + "starttranscriptionjob": "StartTranscriptionJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecallanalyticscategory": "UpdateCallAnalyticsCategory", + "updatemedicalvocabulary": "UpdateMedicalVocabulary", + "updatevocabulary": "UpdateVocabulary", + "updatevocabularyfilter": "UpdateVocabularyFilter" + }, + "resources": { + "transcriptionjob": { + "resource": "transcriptionjob", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:transcription-job/${JobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vocabulary": { + "resource": "vocabulary", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:vocabulary/${VocabularyName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vocabularyfilter": { + "resource": "vocabularyfilter", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:vocabulary-filter/${VocabularyFilterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "languagemodel": { + "resource": "languagemodel", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:language-model/${ModelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "medicaltranscriptionjob": { + "resource": "medicaltranscriptionjob", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:medical-transcription-job/${JobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "medicalvocabulary": { + "resource": "medicalvocabulary", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:medical-vocabulary/${VocabularyName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "callanalyticsjob": { + "resource": "callanalyticsjob", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:analytics-job/${JobName}", + "condition_keys": [] + }, + "callanalyticscategory": { + "resource": "callanalyticscategory", + "arn": "arn:${Partition}:transcribe:${Region}:${Account}:analytics-category/${CategoryName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "transcriptionjob": "transcriptionjob", + "vocabulary": "vocabulary", + "vocabularyfilter": "vocabularyfilter", + "languagemodel": "languagemodel", + "medicaltranscriptionjob": "medicaltranscriptionjob", + "medicalvocabulary": "medicalvocabulary", + "callanalyticsjob": "callanalyticsjob", + "callanalyticscategory": "callanalyticscategory" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by requiring tag values present in a resource creation request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by requiring tag value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by requiring the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "transcribe:OutputBucketName": { + "condition": "transcribe:OutputBucketName", + "description": "Filters access based on the output bucket name included in the request", + "type": "String" + }, + "transcribe:OutputEncryptionKMSKeyId": { + "condition": "transcribe:OutputEncryptionKMSKeyId", + "description": "Filters access based on the KMS key id included in the request", + "type": "String" + }, + "transcribe:OutputKey": { + "condition": "transcribe:OutputKey", + "description": "Filters access based on the output key included in the request", + "type": "String" + }, + "transcribe:OutputLocation": { + "condition": "transcribe:OutputLocation", + "description": "Filters access based on the output location included in the request", + "type": "String" + } + } + }, + "translate": { + "service_name": "Amazon Translate", + "prefix": "translate", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazontranslate.html", + "privileges": { + "CreateParallelData": { + "privilege": "CreateParallelData", + "description": "Grants permission to create a Parallel Data", + "access_level": "Write", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_CreateParallelData.html" + }, + "DeleteParallelData": { + "privilege": "DeleteParallelData", + "description": "Grants permission to delete a Parallel Data", + "access_level": "Write", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_DeleteParallelData.html" + }, + "DeleteTerminology": { + "privilege": "DeleteTerminology", + "description": "Grants permission to delete a terminology", + "access_level": "Write", + "resource_types": { + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "terminology": "terminology" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_DeleteTerminology.html" + }, + "DescribeTextTranslationJob": { + "privilege": "DescribeTextTranslationJob", + "description": "Grants permission to get the properties associated with an asynchronous batch translation job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_DescribeTextTranslationJob.html" + }, + "GetParallelData": { + "privilege": "GetParallelData", + "description": "Grants permission to get a Parallel Data", + "access_level": "Read", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_GetParallelData.html" + }, + "GetTerminology": { + "privilege": "GetTerminology", + "description": "Grants permission to retrieve a terminology", + "access_level": "Read", + "resource_types": { + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "terminology": "terminology" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_GetTerminology.html" + }, + "ImportTerminology": { + "privilege": "ImportTerminology", + "description": "Grants permission to create or update a terminology, depending on whether or not one already exists for the given terminology name", + "access_level": "Write", + "resource_types": { + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "terminology": "terminology", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ImportTerminology.html" + }, + "ListLanguages": { + "privilege": "ListLanguages", + "description": "Grants permission to list supported languages", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListLanguages.html" + }, + "ListParallelData": { + "privilege": "ListParallelData", + "description": "Grants permission to list Parallel Data associated with your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListParallelData.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data", + "terminology": "terminology" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTerminologies": { + "privilege": "ListTerminologies", + "description": "Grants permission to list terminologies associated with your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListTerminologies.html" + }, + "ListTextTranslationJobs": { + "privilege": "ListTextTranslationJobs", + "description": "Grants permission to list batch translation jobs that you have submitted", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_ListTextTranslationJobs.html" + }, + "StartTextTranslationJob": { + "privilege": "StartTextTranslationJob", + "description": "Grants permission to start an asynchronous batch translation job. Batch translation jobs can be used to translate large volumes of text across multiple documents at once", + "access_level": "Write", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data", + "terminology": "terminology" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_StartTextTranslationJob.html" + }, + "StopTextTranslationJob": { + "privilege": "StopTextTranslationJob", + "description": "Grants permission to stop an asynchronous batch translation job that is in progress", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_StopTextTranslationJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource with given key value pairs", + "access_level": "Tagging", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data", + "terminology": "terminology", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_TagResource.html" + }, + "TranslateDocument": { + "privilege": "TranslateDocument", + "description": "Grants permission to translate a document from a source language to a target language", + "access_level": "Read", + "resource_types": { + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "terminology": "terminology" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_TranslateDocument.html" + }, + "TranslateText": { + "privilege": "TranslateText", + "description": "Grants permission to translate text from a source language to a target language", + "access_level": "Read", + "resource_types": { + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "terminology": "terminology" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_TranslateText.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource with given key", + "access_level": "Tagging", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "terminology": { + "resource_type": "terminology", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data", + "terminology": "terminology", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_UntagResource.html" + }, + "UpdateParallelData": { + "privilege": "UpdateParallelData", + "description": "Grants permission to update an existing Parallel Data", + "access_level": "Write", + "resource_types": { + "parallel-data": { + "resource_type": "parallel-data", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parallel-data": "parallel-data" + }, + "api_documentation_link": "https://docs.aws.amazon.com/translate/latest/APIReference/API_UpdateParallelData.html" + } + }, + "privileges_lower_name": { + "createparalleldata": "CreateParallelData", + "deleteparalleldata": "DeleteParallelData", + "deleteterminology": "DeleteTerminology", + "describetexttranslationjob": "DescribeTextTranslationJob", + "getparalleldata": "GetParallelData", + "getterminology": "GetTerminology", + "importterminology": "ImportTerminology", + "listlanguages": "ListLanguages", + "listparalleldata": "ListParallelData", + "listtagsforresource": "ListTagsForResource", + "listterminologies": "ListTerminologies", + "listtexttranslationjobs": "ListTextTranslationJobs", + "starttexttranslationjob": "StartTextTranslationJob", + "stoptexttranslationjob": "StopTextTranslationJob", + "tagresource": "TagResource", + "translatedocument": "TranslateDocument", + "translatetext": "TranslateText", + "untagresource": "UntagResource", + "updateparalleldata": "UpdateParallelData" + }, + "resources": { + "terminology": { + "resource": "terminology", + "arn": "arn:${Partition}:translate:${Region}:${Account}:terminology/${ResourceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "parallel-data": { + "resource": "parallel-data", + "arn": "arn:${Partition}:translate:${Region}:${Account}:parallel-data/${ResourceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "terminology": "terminology", + "parallel-data": "parallel-data" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by requiring tag values present in a resource creation request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by requiring tag value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by requiring the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "verifiedpermissions": { + "service_name": "Amazon Verified Permissions", + "prefix": "verifiedpermissions", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonverifiedpermissions.html", + "privileges": { + "CreateIdentitySource": { + "privilege": "CreateIdentitySource", + "description": "Grants permission to create a reference to an external identity provider (IdP) that is compatible with OpenID Connect (OIDC) authentication protocol, such as Amazon Cognito", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html" + }, + "CreatePolicy": { + "privilege": "CreatePolicy", + "description": "Grants permission to create a Cedar policy and save it in the specified policy store", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html" + }, + "CreatePolicyStore": { + "privilege": "CreatePolicyStore", + "description": "Grants permission to create a Cedar policy and save it in the specified policy store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html" + }, + "CreatePolicyTemplate": { + "privilege": "CreatePolicyTemplate", + "description": "Grants permission to create a policy template", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyTemplate.html" + }, + "DeleteIdentitySource": { + "privilege": "DeleteIdentitySource", + "description": "Grants permission to delete an identity source that references an identity provider (IdP) such as Amazon Cognito", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeleteIdentitySource.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to delete the specified policy from the policy store", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeletePolicy.html" + }, + "DeletePolicyStore": { + "privilege": "DeletePolicyStore", + "description": "Grants permission to delete the specified policy store", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeletePolicyStore.html" + }, + "DeletePolicyTemplate": { + "privilege": "DeletePolicyTemplate", + "description": "Grants permission to delete the specified policy template from the policy store", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_DeletePolicyTemplate.html" + }, + "GetIdentitySource": { + "privilege": "GetIdentitySource", + "description": "Grants permission to retrieve the details about the specified identity source", + "access_level": "Read", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to retrieve information about the specified policy", + "access_level": "Read", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html" + }, + "GetPolicyStore": { + "privilege": "GetPolicyStore", + "description": "Grants permission to retrieve details about a policy store", + "access_level": "Read", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicyStore.html" + }, + "GetPolicyTemplate": { + "privilege": "GetPolicyTemplate", + "description": "Grants permission to retrieve the details for the specified policy template in the specified policy store", + "access_level": "Read", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicyTemplate.html" + }, + "GetSchema": { + "privilege": "GetSchema", + "description": "Grants permission to retrieve the details for the specified schema in the specified policy store", + "access_level": "Read", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetSchema.html" + }, + "IsAuthorized": { + "privilege": "IsAuthorized", + "description": "Grants permission to make an authorization decision about a service request described in the parameters", + "access_level": "Read", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html" + }, + "IsAuthorizedWithToken": { + "privilege": "IsAuthorizedWithToken", + "description": "Grants permission to make an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source", + "access_level": "Read", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html" + }, + "ListIdentitySources": { + "privilege": "ListIdentitySources", + "description": "Grants permission to return a paginated list of all of the identity sources defined in the specified policy store", + "access_level": "List", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html" + }, + "ListPolicies": { + "privilege": "ListPolicies", + "description": "Grants permission to return a paginated list of all policies stored in the specified policy store", + "access_level": "List", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html" + }, + "ListPolicyStores": { + "privilege": "ListPolicyStores", + "description": "Grants permission to return a paginated list of all policy stores in the calling Amazon Web Services account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html" + }, + "ListPolicyTemplates": { + "privilege": "ListPolicyTemplates", + "description": "Grants permission to return a paginated list of all policy templates in the specified policy store", + "access_level": "List", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html" + }, + "PutSchema": { + "privilege": "PutSchema", + "description": "Grants permission to create or update the policy schema in the specified policy store", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PutSchema.html" + }, + "UpdateIdentitySource": { + "privilege": "UpdateIdentitySource", + "description": "Grants permission to update the specified identity source to use a new identity provider (IdP) source, or to change the mapping of identities from the IdP to a different principal entity type", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateIdentitySource.html" + }, + "UpdatePolicy": { + "privilege": "UpdatePolicy", + "description": "Grants permission to modify the specified Cedar static policy in the specified policy store", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html" + }, + "UpdatePolicyStore": { + "privilege": "UpdatePolicyStore", + "description": "Grants permission to modify the validation setting for a policy store", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html" + }, + "UpdatePolicyTemplate": { + "privilege": "UpdatePolicyTemplate", + "description": "Grants permission to update the specified policy template", + "access_level": "Write", + "resource_types": { + "policy-store": { + "resource_type": "policy-store", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy-store": "policy-store" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html" + } + }, + "privileges_lower_name": { + "createidentitysource": "CreateIdentitySource", + "createpolicy": "CreatePolicy", + "createpolicystore": "CreatePolicyStore", + "createpolicytemplate": "CreatePolicyTemplate", + "deleteidentitysource": "DeleteIdentitySource", + "deletepolicy": "DeletePolicy", + "deletepolicystore": "DeletePolicyStore", + "deletepolicytemplate": "DeletePolicyTemplate", + "getidentitysource": "GetIdentitySource", + "getpolicy": "GetPolicy", + "getpolicystore": "GetPolicyStore", + "getpolicytemplate": "GetPolicyTemplate", + "getschema": "GetSchema", + "isauthorized": "IsAuthorized", + "isauthorizedwithtoken": "IsAuthorizedWithToken", + "listidentitysources": "ListIdentitySources", + "listpolicies": "ListPolicies", + "listpolicystores": "ListPolicyStores", + "listpolicytemplates": "ListPolicyTemplates", + "putschema": "PutSchema", + "updateidentitysource": "UpdateIdentitySource", + "updatepolicy": "UpdatePolicy", + "updatepolicystore": "UpdatePolicyStore", + "updatepolicytemplate": "UpdatePolicyTemplate" + }, + "resources": { + "policy-store": { + "resource": "policy-store", + "arn": "arn:${Partition}:verifiedpermissions::${Account}:policy-store/${PolicyStoreId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "policy-store": "policy-store" + }, + "conditions": {} + }, + "vpc-lattice": { + "service_name": "Amazon VPC Lattice", + "prefix": "vpc-lattice", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonvpclattice.html", + "privileges": { + "CreateAccessLogSubscription": { + "privilege": "CreateAccessLogSubscription", + "description": "Grants permission to create an access log subscription", + "access_level": "Write", + "resource_types": { + "AccessLogSubscription": { + "resource_type": "AccessLogSubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:CreateLogDelivery", + "logs:GetLogDelivery" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsubscription": "AccessLogSubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateAccessLogSubscription.html" + }, + "CreateListener": { + "privilege": "CreateListener", + "description": "Grants permission to create a listener", + "access_level": "Write", + "resource_types": { + "Listener": { + "resource_type": "Listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:Protocol", + "vpc-lattice:TargetGroupArns", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "Listener", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateListener.html" + }, + "CreateRule": { + "privilege": "CreateRule", + "description": "Grants permission to create a rule", + "access_level": "Write", + "resource_types": { + "Rule": { + "resource_type": "Rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:TargetGroupArns", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "Rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateRule.html" + }, + "CreateService": { + "privilege": "CreateService", + "description": "Grants permission to create a service", + "access_level": "Write", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:AuthType", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateService.html" + }, + "CreateServiceNetwork": { + "privilege": "CreateServiceNetwork", + "description": "Grants permission to create a service network", + "access_level": "Write", + "resource_types": { + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:AuthType", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetwork": "ServiceNetwork", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetwork.html" + }, + "CreateServiceNetworkServiceAssociation": { + "privilege": "CreateServiceNetworkServiceAssociation", + "description": "Grants permission to create a service network and service association", + "access_level": "Write", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetworkServiceAssociation": { + "resource_type": "ServiceNetworkServiceAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:ServiceNetworkArn", + "vpc-lattice:ServiceArn", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "servicenetwork": "ServiceNetwork", + "servicenetworkserviceassociation": "ServiceNetworkServiceAssociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetworkServiceAssociation.html" + }, + "CreateServiceNetworkVpcAssociation": { + "privilege": "CreateServiceNetworkVpcAssociation", + "description": "Grants permission to create a service network and VPC association", + "access_level": "Write", + "resource_types": { + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVpcs" + ] + }, + "ServiceNetworkVpcAssociation": { + "resource_type": "ServiceNetworkVpcAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:VpcId", + "vpc-lattice:ServiceNetworkArn", + "vpc-lattice:SecurityGroupIds", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetwork": "ServiceNetwork", + "servicenetworkvpcassociation": "ServiceNetworkVpcAssociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateServiceNetworkVpcAssociation.html" + }, + "CreateTargetGroup": { + "privilege": "CreateTargetGroup", + "description": "Grants permission to create a target group", + "access_level": "Write", + "resource_types": { + "TargetGroup": { + "resource_type": "TargetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:VpcId", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "TargetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_CreateTargetGroup.html" + }, + "DeleteAccessLogSubscription": { + "privilege": "DeleteAccessLogSubscription", + "description": "Grants permission to delete an access log subscription", + "access_level": "Write", + "resource_types": { + "AccessLogSubscription": { + "resource_type": "AccessLogSubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:DeleteLogDelivery", + "logs:GetLogDelivery" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsubscription": "AccessLogSubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteAccessLogSubscription.html" + }, + "DeleteAuthPolicy": { + "privilege": "DeleteAuthPolicy", + "description": "Grants permission to delete an auth policy", + "access_level": "Permissions management", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "servicenetwork": "ServiceNetwork" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteAuthPolicy.html" + }, + "DeleteListener": { + "privilege": "DeleteListener", + "description": "Grants permission to delete a listener", + "access_level": "Write", + "resource_types": { + "Listener": { + "resource_type": "Listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "Listener", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteListener.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy", + "access_level": "Write", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "servicenetwork": "ServiceNetwork" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete a rule", + "access_level": "Write", + "resource_types": { + "Rule": { + "resource_type": "Rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "Rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteRule.html" + }, + "DeleteService": { + "privilege": "DeleteService", + "description": "Grants permission to delete a service", + "access_level": "Write", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteService.html" + }, + "DeleteServiceNetwork": { + "privilege": "DeleteServiceNetwork", + "description": "Grants permission to delete a service network", + "access_level": "Write", + "resource_types": { + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetwork": "ServiceNetwork", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetwork.html" + }, + "DeleteServiceNetworkServiceAssociation": { + "privilege": "DeleteServiceNetworkServiceAssociation", + "description": "Grants permission to delete a service network service association", + "access_level": "Write", + "resource_types": { + "ServiceNetworkServiceAssociation": { + "resource_type": "ServiceNetworkServiceAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:ServiceNetworkArn", + "vpc-lattice:ServiceArn", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetworkserviceassociation": "ServiceNetworkServiceAssociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetworkServiceAssociation.html" + }, + "DeleteServiceNetworkVpcAssociation": { + "privilege": "DeleteServiceNetworkVpcAssociation", + "description": "Grants permission to delete a service network and VPC association", + "access_level": "Write", + "resource_types": { + "ServiceNetworkVpcAssociation": { + "resource_type": "ServiceNetworkVpcAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:VpcId", + "vpc-lattice:ServiceNetworkArn", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetworkvpcassociation": "ServiceNetworkVpcAssociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteServiceNetworkVpcAssociation.html" + }, + "DeleteTargetGroup": { + "privilege": "DeleteTargetGroup", + "description": "Grants permission to delete a target group", + "access_level": "Write", + "resource_types": { + "TargetGroup": { + "resource_type": "TargetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "TargetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeleteTargetGroup.html" + }, + "DeregisterTargets": { + "privilege": "DeregisterTargets", + "description": "Grants permission to deregister targets from a target group", + "access_level": "Write", + "resource_types": { + "TargetGroup": { + "resource_type": "TargetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "TargetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_DeregisterTargets.html" + }, + "GetAccessLogSubscription": { + "privilege": "GetAccessLogSubscription", + "description": "Grants permission to get information about an access log subscription", + "access_level": "Read", + "resource_types": { + "AccessLogSubscription": { + "resource_type": "AccessLogSubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:GetLogDelivery" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsubscription": "AccessLogSubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetAccessLogSubscription.html" + }, + "GetAuthPolicy": { + "privilege": "GetAuthPolicy", + "description": "Grants permission to get information about an auth policy", + "access_level": "Read", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "servicenetwork": "ServiceNetwork" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetAuthPolicy.html" + }, + "GetListener": { + "privilege": "GetListener", + "description": "Grants permission to get information about a listener", + "access_level": "Read", + "resource_types": { + "Listener": { + "resource_type": "Listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "Listener", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetListener.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to get information about a resource policy", + "access_level": "Read", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "servicenetwork": "ServiceNetwork" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetResourcePolicy.html" + }, + "GetRule": { + "privilege": "GetRule", + "description": "Grants permission to get information about a rule", + "access_level": "Read", + "resource_types": { + "Rule": { + "resource_type": "Rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "Rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetRule.html" + }, + "GetService": { + "privilege": "GetService", + "description": "Grants permission to get information about a service", + "access_level": "Read", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetService.html" + }, + "GetServiceNetwork": { + "privilege": "GetServiceNetwork", + "description": "Grants permission to get information about a service network", + "access_level": "Read", + "resource_types": { + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetwork": "ServiceNetwork", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetwork.html" + }, + "GetServiceNetworkServiceAssociation": { + "privilege": "GetServiceNetworkServiceAssociation", + "description": "Grants permission to get information about a service network and service association", + "access_level": "Read", + "resource_types": { + "ServiceNetworkServiceAssociation": { + "resource_type": "ServiceNetworkServiceAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:ServiceNetworkArn", + "vpc-lattice:ServiceArn", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetworkserviceassociation": "ServiceNetworkServiceAssociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetworkServiceAssociation.html" + }, + "GetServiceNetworkVpcAssociation": { + "privilege": "GetServiceNetworkVpcAssociation", + "description": "Grants permission to get information about a service network and VPC association", + "access_level": "Read", + "resource_types": { + "ServiceNetworkVpcAssociation": { + "resource_type": "ServiceNetworkVpcAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:VpcId", + "vpc-lattice:ServiceNetworkArn", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetworkvpcassociation": "ServiceNetworkVpcAssociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetServiceNetworkVpcAssociation.html" + }, + "GetTargetGroup": { + "privilege": "GetTargetGroup", + "description": "Grants permission to get information about a target group", + "access_level": "Read", + "resource_types": { + "TargetGroup": { + "resource_type": "TargetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "TargetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html" + }, + "ListAccessLogSubscriptions": { + "privilege": "ListAccessLogSubscriptions", + "description": "Grants permission to list some or all access log subscriptions about a service network or a service", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListAccessLogSubscriptions.html" + }, + "ListListeners": { + "privilege": "ListListeners", + "description": "Grants permission to list some or all listeners", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListListeners.html" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to list some or all rules", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListRules.html" + }, + "ListServiceNetworkServiceAssociations": { + "privilege": "ListServiceNetworkServiceAssociations", + "description": "Grants permission to list some or all service network and service associations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:ServiceNetworkArn", + "vpc-lattice:ServiceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkServiceAssociations.html" + }, + "ListServiceNetworkVpcAssociations": { + "privilege": "ListServiceNetworkVpcAssociations", + "description": "Grants permission to list some or all service network and VPC associations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:VpcId", + "vpc-lattice:ServiceNetworkArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworkVpcAssociations.html" + }, + "ListServiceNetworks": { + "privilege": "ListServiceNetworks", + "description": "Grants permission to list the service networks owned by a caller account or shared with the caller account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServiceNetworks.html" + }, + "ListServices": { + "privilege": "ListServices", + "description": "Grants permission to list the services owned by a caller account or shared with the caller account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListServices.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a vpc-lattice resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTargetGroups": { + "privilege": "ListTargetGroups", + "description": "Grants permission to list some or all target groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTargetGroups.html" + }, + "ListTargets": { + "privilege": "ListTargets", + "description": "Grants permission to list some or all targets in a target group", + "access_level": "List", + "resource_types": { + "TargetGroup": { + "resource_type": "TargetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "TargetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_ListTargets.html" + }, + "PutAuthPolicy": { + "privilege": "PutAuthPolicy", + "description": "Grants permission to create or update the auth policy for a service network or a service", + "access_level": "Permissions management", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "servicenetwork": "ServiceNetwork" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_PutAuthPolicy.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create a resource policy for a service network or a service", + "access_level": "Write", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "servicenetwork": "ServiceNetwork" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_PutResourcePolicy.html" + }, + "RegisterTargets": { + "privilege": "RegisterTargets", + "description": "Grants permission to register targets to a target group", + "access_level": "Write", + "resource_types": { + "TargetGroup": { + "resource_type": "TargetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "TargetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_RegisterTargets.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a vpc-lattice resource", + "access_level": "Tagging", + "resource_types": { + "AccessLogSubscription": { + "resource_type": "AccessLogSubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Listener": { + "resource_type": "Listener", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Rule": { + "resource_type": "Rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetworkServiceAssociation": { + "resource_type": "ServiceNetworkServiceAssociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetworkVpcAssociation": { + "resource_type": "ServiceNetworkVpcAssociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TargetGroup": { + "resource_type": "TargetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsubscription": "AccessLogSubscription", + "listener": "Listener", + "rule": "Rule", + "service": "Service", + "servicenetwork": "ServiceNetwork", + "servicenetworkserviceassociation": "ServiceNetworkServiceAssociation", + "servicenetworkvpcassociation": "ServiceNetworkVpcAssociation", + "targetgroup": "TargetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a vpc-lattice resource", + "access_level": "Tagging", + "resource_types": { + "AccessLogSubscription": { + "resource_type": "AccessLogSubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Listener": { + "resource_type": "Listener", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Rule": { + "resource_type": "Rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Service": { + "resource_type": "Service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetworkServiceAssociation": { + "resource_type": "ServiceNetworkServiceAssociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceNetworkVpcAssociation": { + "resource_type": "ServiceNetworkVpcAssociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TargetGroup": { + "resource_type": "TargetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsubscription": "AccessLogSubscription", + "listener": "Listener", + "rule": "Rule", + "service": "Service", + "servicenetwork": "ServiceNetwork", + "servicenetworkserviceassociation": "ServiceNetworkServiceAssociation", + "servicenetworkvpcassociation": "ServiceNetworkVpcAssociation", + "targetgroup": "TargetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UntagResource.html" + }, + "UpdateAccessLogSubscription": { + "privilege": "UpdateAccessLogSubscription", + "description": "Grants permission to update an access log subscription", + "access_level": "Write", + "resource_types": { + "AccessLogSubscription": { + "resource_type": "AccessLogSubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:GetLogDelivery", + "logs:UpdateLogDelivery" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accesslogsubscription": "AccessLogSubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateAccessLogSubscription.html" + }, + "UpdateListener": { + "privilege": "UpdateListener", + "description": "Grants permission to update a listener", + "access_level": "Write", + "resource_types": { + "Listener": { + "resource_type": "Listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:TargetGroupArns", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "Listener", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateListener.html" + }, + "UpdateRule": { + "privilege": "UpdateRule", + "description": "Grants permission to update a rule", + "access_level": "Write", + "resource_types": { + "Rule": { + "resource_type": "Rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:TargetGroupArns", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "Rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateRule.html" + }, + "UpdateService": { + "privilege": "UpdateService", + "description": "Grants permission to update a service", + "access_level": "Write", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:AuthType", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateService.html" + }, + "UpdateServiceNetwork": { + "privilege": "UpdateServiceNetwork", + "description": "Grants permission to update a service network", + "access_level": "Write", + "resource_types": { + "ServiceNetwork": { + "resource_type": "ServiceNetwork", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:AuthType", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetwork": "ServiceNetwork", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateServiceNetwork.html" + }, + "UpdateServiceNetworkVpcAssociation": { + "privilege": "UpdateServiceNetworkVpcAssociation", + "description": "Grants permission to update a service network and VPC association", + "access_level": "Write", + "resource_types": { + "ServiceNetworkVpcAssociation": { + "resource_type": "ServiceNetworkVpcAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeSecurityGroups", + "ec2:DescribeVpcs" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice:VpcId", + "vpc-lattice:ServiceNetworkArn", + "vpc-lattice:SecurityGroupIds", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicenetworkvpcassociation": "ServiceNetworkVpcAssociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateServiceNetworkVpcAssociation.html" + }, + "UpdateTargetGroup": { + "privilege": "UpdateTargetGroup", + "description": "Grants permission to update a target group", + "access_level": "Write", + "resource_types": { + "TargetGroup": { + "resource_type": "TargetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "TargetGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_UpdateTargetGroup.html" + } + }, + "privileges_lower_name": { + "createaccesslogsubscription": "CreateAccessLogSubscription", + "createlistener": "CreateListener", + "createrule": "CreateRule", + "createservice": "CreateService", + "createservicenetwork": "CreateServiceNetwork", + "createservicenetworkserviceassociation": "CreateServiceNetworkServiceAssociation", + "createservicenetworkvpcassociation": "CreateServiceNetworkVpcAssociation", + "createtargetgroup": "CreateTargetGroup", + "deleteaccesslogsubscription": "DeleteAccessLogSubscription", + "deleteauthpolicy": "DeleteAuthPolicy", + "deletelistener": "DeleteListener", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleterule": "DeleteRule", + "deleteservice": "DeleteService", + "deleteservicenetwork": "DeleteServiceNetwork", + "deleteservicenetworkserviceassociation": "DeleteServiceNetworkServiceAssociation", + "deleteservicenetworkvpcassociation": "DeleteServiceNetworkVpcAssociation", + "deletetargetgroup": "DeleteTargetGroup", + "deregistertargets": "DeregisterTargets", + "getaccesslogsubscription": "GetAccessLogSubscription", + "getauthpolicy": "GetAuthPolicy", + "getlistener": "GetListener", + "getresourcepolicy": "GetResourcePolicy", + "getrule": "GetRule", + "getservice": "GetService", + "getservicenetwork": "GetServiceNetwork", + "getservicenetworkserviceassociation": "GetServiceNetworkServiceAssociation", + "getservicenetworkvpcassociation": "GetServiceNetworkVpcAssociation", + "gettargetgroup": "GetTargetGroup", + "listaccesslogsubscriptions": "ListAccessLogSubscriptions", + "listlisteners": "ListListeners", + "listrules": "ListRules", + "listservicenetworkserviceassociations": "ListServiceNetworkServiceAssociations", + "listservicenetworkvpcassociations": "ListServiceNetworkVpcAssociations", + "listservicenetworks": "ListServiceNetworks", + "listservices": "ListServices", + "listtagsforresource": "ListTagsForResource", + "listtargetgroups": "ListTargetGroups", + "listtargets": "ListTargets", + "putauthpolicy": "PutAuthPolicy", + "putresourcepolicy": "PutResourcePolicy", + "registertargets": "RegisterTargets", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccesslogsubscription": "UpdateAccessLogSubscription", + "updatelistener": "UpdateListener", + "updaterule": "UpdateRule", + "updateservice": "UpdateService", + "updateservicenetwork": "UpdateServiceNetwork", + "updateservicenetworkvpcassociation": "UpdateServiceNetworkVpcAssociation", + "updatetargetgroup": "UpdateTargetGroup" + }, + "resources": { + "ServiceNetwork": { + "resource": "ServiceNetwork", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetwork/${ServiceNetworkId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "vpc-lattice:AuthType" + ] + }, + "Service": { + "resource": "Service", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "vpc-lattice:AuthType" + ] + }, + "ServiceNetworkVpcAssociation": { + "resource": "ServiceNetworkVpcAssociation", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetworkvpcassociation/${ServiceNetworkVpcAssociationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "vpc-lattice:SecurityGroupIds", + "vpc-lattice:ServiceNetworkArn", + "vpc-lattice:VpcId" + ] + }, + "ServiceNetworkServiceAssociation": { + "resource": "ServiceNetworkServiceAssociation", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:servicenetworkserviceassociation/${ServiceNetworkServiceAssociationId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "vpc-lattice:ServiceArn", + "vpc-lattice:ServiceNetworkArn" + ] + }, + "TargetGroup": { + "resource": "TargetGroup", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:targetgroup/${TargetGroupId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "vpc-lattice:VpcId" + ] + }, + "Listener": { + "resource": "Listener", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/listener/${ListenerId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "vpc-lattice:Protocol", + "vpc-lattice:TargetGroupArns" + ] + }, + "Rule": { + "resource": "Rule", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/listener/${ListenerId}/rule/${RuleId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "vpc-lattice:TargetGroupArns" + ] + }, + "AccessLogSubscription": { + "resource": "AccessLogSubscription", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:accesslogsubscription/${AccessLogSubscriptionId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + } + }, + "resources_lower_name": { + "servicenetwork": "ServiceNetwork", + "service": "Service", + "servicenetworkvpcassociation": "ServiceNetworkVpcAssociation", + "servicenetworkserviceassociation": "ServiceNetworkServiceAssociation", + "targetgroup": "TargetGroup", + "listener": "Listener", + "rule": "Rule", + "accesslogsubscription": "AccessLogSubscription" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "vpc-lattice:AuthType": { + "condition": "vpc-lattice:AuthType", + "description": "Filters access by the auth type specified in the request", + "type": "String" + }, + "vpc-lattice:Protocol": { + "condition": "vpc-lattice:Protocol", + "description": "Filters access by the protocol specified in the request", + "type": "String" + }, + "vpc-lattice:SecurityGroupIds": { + "condition": "vpc-lattice:SecurityGroupIds", + "description": "Filters access by the IDs of security groups", + "type": "ArrayOfString" + }, + "vpc-lattice:ServiceArn": { + "condition": "vpc-lattice:ServiceArn", + "description": "Filters access by the ARN of a service", + "type": "ARN" + }, + "vpc-lattice:ServiceNetworkArn": { + "condition": "vpc-lattice:ServiceNetworkArn", + "description": "Filters access by the ARN of a service network", + "type": "ARN" + }, + "vpc-lattice:TargetGroupArns": { + "condition": "vpc-lattice:TargetGroupArns", + "description": "Filters access by the ARNs of target groups", + "type": "ArrayOfARN" + }, + "vpc-lattice:VpcId": { + "condition": "vpc-lattice:VpcId", + "description": "Filters access by the ID of a virtual private cloud (VPC)", + "type": "String" + } + } + }, + "vpc-lattice-svcs": { + "service_name": "Amazon VPC Lattice Services", + "prefix": "vpc-lattice-svcs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonvpclatticeservices.html", + "privileges": { + "Invoke": { + "privilege": "Invoke", + "description": "Grants permission to invoke a VPC Lattice service", + "access_level": "Write", + "resource_types": { + "Service": { + "resource_type": "Service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "vpc-lattice-svcs:Port", + "vpc-lattice-svcs:ServiceNetworkArn", + "vpc-lattice-svcs:ServiceArn", + "vpc-lattice-svcs:SourceVpc", + "vpc-lattice-svcs:SourceVpcOwnerAccount", + "vpc-lattice-svcs:RequestHeader/${HeaderName}", + "vpc-lattice-svcs:RequestQueryString/${QueryStringKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "Service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc-lattice/latest/ug/sigv4-authenticated-requests.html" + } + }, + "privileges_lower_name": { + "invoke": "Invoke" + }, + "resources": { + "Service": { + "resource": "Service", + "arn": "arn:${Partition}:vpc-lattice:${Region}:${Account}:service/${ServiceId}/${RequestPath}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "service": "Service" + }, + "conditions": { + "vpc-lattice-svcs:Port": { + "condition": "vpc-lattice-svcs:Port", + "description": "Filters access by the destination port the request is made to", + "type": "Numeric" + }, + "vpc-lattice-svcs:RequestHeader/${HeaderName}": { + "condition": "vpc-lattice-svcs:RequestHeader/${HeaderName}", + "description": "Filters access by a header name-value pair in the request headers", + "type": "String" + }, + "vpc-lattice-svcs:RequestMethod": { + "condition": "vpc-lattice-svcs:RequestMethod", + "description": "Filters access by the method of the request", + "type": "String" + }, + "vpc-lattice-svcs:RequestQueryString/${QueryStringKey}": { + "condition": "vpc-lattice-svcs:RequestQueryString/${QueryStringKey}", + "description": "Filters access by the query string key-value pairs in the request URL", + "type": "ArrayOfString" + }, + "vpc-lattice-svcs:ServiceArn": { + "condition": "vpc-lattice-svcs:ServiceArn", + "description": "Filters access by the ARN of the service receiving the request", + "type": "ARN" + }, + "vpc-lattice-svcs:ServiceNetworkArn": { + "condition": "vpc-lattice-svcs:ServiceNetworkArn", + "description": "Filters access by the ARN of the service network receiving the request", + "type": "ARN" + }, + "vpc-lattice-svcs:SourceVpc": { + "condition": "vpc-lattice-svcs:SourceVpc", + "description": "Filters access by the VPC the request is made from", + "type": "String" + }, + "vpc-lattice-svcs:SourceVpcOwnerAccount": { + "condition": "vpc-lattice-svcs:SourceVpcOwnerAccount", + "description": "Filters access by the owning account of the VPC the request is made from", + "type": "String" + } + } + }, + "workdocs": { + "service_name": "Amazon WorkDocs", + "prefix": "workdocs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkdocs.html", + "privileges": { + "AbortDocumentVersionUpload": { + "privilege": "AbortDocumentVersionUpload", + "description": "Grants permission to abort the upload of the specified document version that was previously initiated by InitiateDocumentVersionUpload", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_AbortDocumentVersionUpload.html" + }, + "ActivateUser": { + "privilege": "ActivateUser", + "description": "Grants permission to activate the specified user. Only active users can access Amazon WorkDocs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_ActivateUser.html" + }, + "AddNotificationPermissions": { + "privilege": "AddNotificationPermissions", + "description": "Grants permission to add principals that are allowed to call notification subscription APIs for a given WorkDocs site", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-notifications.html" + }, + "AddResourcePermissions": { + "privilege": "AddResourcePermissions", + "description": "Grants permission to create a set of permissions for the specified folder or document", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_AddResourcePermissions.html" + }, + "AddUserToGroup": { + "privilege": "AddUserToGroup", + "description": "Grants permission to add a user to a group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage_set_admin.html" + }, + "CheckAlias": { + "privilege": "CheckAlias", + "description": "Grants permission to check an alias", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/cloud_quick_start.html" + }, + "CreateComment": { + "privilege": "CreateComment", + "description": "Grants permission to add a new comment to the specified document version", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateComment.html" + }, + "CreateCustomMetadata": { + "privilege": "CreateCustomMetadata", + "description": "Grants permission to add one or more custom properties to the specified resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateCustomMetadata.html" + }, + "CreateFolder": { + "privilege": "CreateFolder", + "description": "Grants permission to create a folder with the specified name and parent folder", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateFolder.html" + }, + "CreateInstance": { + "privilege": "CreateInstance", + "description": "Grants permission to create an instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" + }, + "CreateLabels": { + "privilege": "CreateLabels", + "description": "Grants permission to add labels to the given resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateLabels.html" + }, + "CreateNotificationSubscription": { + "privilege": "CreateNotificationSubscription", + "description": "Grants permission to configure WorkDocs to use Amazon SNS notifications", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateNotificationSubscription.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user in a Simple AD or Microsoft AD directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_CreateUser.html" + }, + "DeactivateUser": { + "privilege": "DeactivateUser", + "description": "Grants permission to deactivate the specified user, which revokes the user's access to Amazon WorkDocs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeactivateUser.html" + }, + "DeleteComment": { + "privilege": "DeleteComment", + "description": "Grants permission to delete the specified comment from the document version", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteComment.html" + }, + "DeleteCustomMetadata": { + "privilege": "DeleteCustomMetadata", + "description": "Grants permission to delete custom metadata from the specified resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteCustomMetadata.html" + }, + "DeleteDocument": { + "privilege": "DeleteDocument", + "description": "Grants permission to permanently delete the specified document and its associated metadata", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteDocument.html" + }, + "DeleteDocumentVersion": { + "privilege": "DeleteDocumentVersion", + "description": "Grants permission to delete versions of a specified document", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteDocumentVersion.html" + }, + "DeleteFolder": { + "privilege": "DeleteFolder", + "description": "Grants permission to permanently delete the specified folder and its contents", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteFolder.html" + }, + "DeleteFolderContents": { + "privilege": "DeleteFolderContents", + "description": "Grants permission to delete the contents of the specified folder", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteFolderContents.html" + }, + "DeleteInstance": { + "privilege": "DeleteInstance", + "description": "Grants permission to delete an instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-sites.html#delete_site" + }, + "DeleteLabels": { + "privilege": "DeleteLabels", + "description": "Grants permission to delete one or more labels from a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteLabels.html" + }, + "DeleteNotificationPermissions": { + "privilege": "DeleteNotificationPermissions", + "description": "Grants permission to delete principals that are allowed to call notification subscription APIs for a given WorkDocs site", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-notifications.html" + }, + "DeleteNotificationSubscription": { + "privilege": "DeleteNotificationSubscription", + "description": "Grants permission to delete the specified subscription from the specified organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteNotificationSubscription.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete the specified user from a Simple AD or Microsoft AD directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DeleteUser.html" + }, + "DeregisterDirectory": { + "privilege": "DeregisterDirectory", + "description": "Grants permission to deregister a directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-sites.html#delete_site" + }, + "DescribeActivities": { + "privilege": "DescribeActivities", + "description": "Grants permission to fetch user activities in a specified time period", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeActivities.html" + }, + "DescribeAvailableDirectories": { + "privilege": "DescribeAvailableDirectories", + "description": "Grants permission to describe available directories", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" + }, + "DescribeComments": { + "privilege": "DescribeComments", + "description": "Grants permission to list all the comments for the specified document version", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeComments.html" + }, + "DescribeDocumentVersions": { + "privilege": "DescribeDocumentVersions", + "description": "Grants permission to retrieve the document versions for the specified document", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeDocumentVersions.html" + }, + "DescribeFolderContents": { + "privilege": "DescribeFolderContents", + "description": "Grants permission to describe the contents of the specified folder, including its documents and sub-folders", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeFolderContents.html" + }, + "DescribeGroups": { + "privilege": "DescribeGroups", + "description": "Grants permission to describe the user groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeGroups.html" + }, + "DescribeInstances": { + "privilege": "DescribeInstances", + "description": "Grants permission to describe instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" + }, + "DescribeNotificationPermissions": { + "privilege": "DescribeNotificationPermissions", + "description": "Grants permission to describe principals that are allowed to call notification subscription APIs for a given WorkDocs site", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/manage-notifications.html" + }, + "DescribeNotificationSubscriptions": { + "privilege": "DescribeNotificationSubscriptions", + "description": "Grants permission to list the specified notification subscriptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeNotificationSubscriptions.html" + }, + "DescribeResourcePermissions": { + "privilege": "DescribeResourcePermissions", + "description": "Grants permission to view a description of a specified resource's permissions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeResourcePermissions.html" + }, + "DescribeRootFolders": { + "privilege": "DescribeRootFolders", + "description": "Grants permission to describe the root folders", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeRootFolders.html" + }, + "DescribeUsers": { + "privilege": "DescribeUsers", + "description": "Grants permission to view a description of the specified users. You can describe all users or filter the results (for example, by status or organization)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_DescribeUsers.html" + }, + "DownloadDocumentVersion": { + "privilege": "DownloadDocumentVersion", + "description": "Grants permission to download a specified document version", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocumentVersion.html" + }, + "GetCurrentUser": { + "privilege": "GetCurrentUser", + "description": "Grants permission to retrieve the details of the current user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetCurrentUser.html" + }, + "GetDocument": { + "privilege": "GetDocument", + "description": "Grants permission to retrieve the specified document object", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocument.html" + }, + "GetDocumentPath": { + "privilege": "GetDocumentPath", + "description": "Grants permission to retrieve the path information (the hierarchy from the root folder) for the requested document", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocumentPath.html" + }, + "GetDocumentVersion": { + "privilege": "GetDocumentVersion", + "description": "Grants permission to retrieve version metadata for the specified document", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetDocumentVersion.html" + }, + "GetFolder": { + "privilege": "GetFolder", + "description": "Grants permission to retrieve the metadata of the specified folder", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetFolder.html" + }, + "GetFolderPath": { + "privilege": "GetFolderPath", + "description": "Grants permission to retrieve the path information (the hierarchy from the root folder) for the specified folder", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetFolderPath.html" + }, + "GetGroup": { + "privilege": "GetGroup", + "description": "Grants permission to retrieve details for the specified group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_Operations.html" + }, + "GetResources": { + "privilege": "GetResources", + "description": "Grants permission to get a collection of resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_GetResources.html" + }, + "InitiateDocumentVersionUpload": { + "privilege": "InitiateDocumentVersionUpload", + "description": "Grants permission to create a new document object and version object", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_InitiateDocumentVersionUpload.html" + }, + "RegisterDirectory": { + "privilege": "RegisterDirectory", + "description": "Grants permission to register a directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/existing-dir-setup.html" + }, + "RemoveAllResourcePermissions": { + "privilege": "RemoveAllResourcePermissions", + "description": "Grants permission to remove all the permissions from the specified resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_RemoveAllResourcePermissions.html" + }, + "RemoveResourcePermission": { + "privilege": "RemoveResourcePermission", + "description": "Grants permission to remove the permission for the specified principal from the specified resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_RemoveResourcePermission.html" + }, + "RestoreDocumentVersions": { + "privilege": "RestoreDocumentVersions", + "description": "Grants permission to restore versions of a specified document", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_RestoreDocumentVersions.html" + }, + "SearchResources": { + "privilege": "SearchResources", + "description": "Grants permission to search metadata and the content of resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_SearchResources.html" + }, + "UpdateDocument": { + "privilege": "UpdateDocument", + "description": "Grants permission to update the specified attributes of the specified document", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateDocument.html" + }, + "UpdateDocumentVersion": { + "privilege": "UpdateDocumentVersion", + "description": "Grants permission to change the status of the document version to ACTIVE", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateDocumentVersion.html" + }, + "UpdateFolder": { + "privilege": "UpdateFolder", + "description": "Grants permission to update the specified attributes of the specified folder", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateFolder.html" + }, + "UpdateInstanceAlias": { + "privilege": "UpdateInstanceAlias", + "description": "Grants permission to update an instance alias", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/adminguide/getting_started.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update the specified attributes of the specified user, and grants or revokes administrative privileges to the Amazon WorkDocs site", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workdocs/latest/APIReference/API_UpdateUser.html" + } + }, + "privileges_lower_name": { + "abortdocumentversionupload": "AbortDocumentVersionUpload", + "activateuser": "ActivateUser", + "addnotificationpermissions": "AddNotificationPermissions", + "addresourcepermissions": "AddResourcePermissions", + "addusertogroup": "AddUserToGroup", + "checkalias": "CheckAlias", + "createcomment": "CreateComment", + "createcustommetadata": "CreateCustomMetadata", + "createfolder": "CreateFolder", + "createinstance": "CreateInstance", + "createlabels": "CreateLabels", + "createnotificationsubscription": "CreateNotificationSubscription", + "createuser": "CreateUser", + "deactivateuser": "DeactivateUser", + "deletecomment": "DeleteComment", + "deletecustommetadata": "DeleteCustomMetadata", + "deletedocument": "DeleteDocument", + "deletedocumentversion": "DeleteDocumentVersion", + "deletefolder": "DeleteFolder", + "deletefoldercontents": "DeleteFolderContents", + "deleteinstance": "DeleteInstance", + "deletelabels": "DeleteLabels", + "deletenotificationpermissions": "DeleteNotificationPermissions", + "deletenotificationsubscription": "DeleteNotificationSubscription", + "deleteuser": "DeleteUser", + "deregisterdirectory": "DeregisterDirectory", + "describeactivities": "DescribeActivities", + "describeavailabledirectories": "DescribeAvailableDirectories", + "describecomments": "DescribeComments", + "describedocumentversions": "DescribeDocumentVersions", + "describefoldercontents": "DescribeFolderContents", + "describegroups": "DescribeGroups", + "describeinstances": "DescribeInstances", + "describenotificationpermissions": "DescribeNotificationPermissions", + "describenotificationsubscriptions": "DescribeNotificationSubscriptions", + "describeresourcepermissions": "DescribeResourcePermissions", + "describerootfolders": "DescribeRootFolders", + "describeusers": "DescribeUsers", + "downloaddocumentversion": "DownloadDocumentVersion", + "getcurrentuser": "GetCurrentUser", + "getdocument": "GetDocument", + "getdocumentpath": "GetDocumentPath", + "getdocumentversion": "GetDocumentVersion", + "getfolder": "GetFolder", + "getfolderpath": "GetFolderPath", + "getgroup": "GetGroup", + "getresources": "GetResources", + "initiatedocumentversionupload": "InitiateDocumentVersionUpload", + "registerdirectory": "RegisterDirectory", + "removeallresourcepermissions": "RemoveAllResourcePermissions", + "removeresourcepermission": "RemoveResourcePermission", + "restoredocumentversions": "RestoreDocumentVersions", + "searchresources": "SearchResources", + "updatedocument": "UpdateDocument", + "updatedocumentversion": "UpdateDocumentVersion", + "updatefolder": "UpdateFolder", + "updateinstancealias": "UpdateInstanceAlias", + "updateuser": "UpdateUser" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "worklink": { + "service_name": "Amazon WorkLink", + "prefix": "worklink", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworklink.html", + "privileges": { + "AssociateDomain": { + "privilege": "AssociateDomain", + "description": "Grants permission to associate a domain with an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_AssociateDomain.html" + }, + "AssociateWebsiteAuthorizationProvider": { + "privilege": "AssociateWebsiteAuthorizationProvider", + "description": "Grants permission to associate a website authorization provider with an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_AssociateWebsiteAuthorizationProvider.html" + }, + "AssociateWebsiteCertificateAuthority": { + "privilege": "AssociateWebsiteCertificateAuthority", + "description": "Grants permission to associate a website certificate authority with an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_AssociateWebsiteCertificateAuthority.html" + }, + "CreateFleet": { + "privilege": "CreateFleet", + "description": "Grants permission to create an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_CreateFleet.html" + }, + "DeleteFleet": { + "privilege": "DeleteFleet", + "description": "Grants permission to delete an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DeleteFleet.html" + }, + "DescribeAuditStreamConfiguration": { + "privilege": "DescribeAuditStreamConfiguration", + "description": "Grants permission to describe the audit stream configuration for an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeAuditStreamConfiguration.html" + }, + "DescribeCompanyNetworkConfiguration": { + "privilege": "DescribeCompanyNetworkConfiguration", + "description": "Grants permission to describe the company network configuration for an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeCompanyNetworkConfiguration.html" + }, + "DescribeDevice": { + "privilege": "DescribeDevice", + "description": "Grants permission to describe details of a device associated with an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDevice.html" + }, + "DescribeDevicePolicyConfiguration": { + "privilege": "DescribeDevicePolicyConfiguration", + "description": "Grants permission to describe the device policy configuration for an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDevicePolicyConfiguration.html" + }, + "DescribeDomain": { + "privilege": "DescribeDomain", + "description": "Grants permission to describe details about a domain associated with an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeDomain.html" + }, + "DescribeFleetMetadata": { + "privilege": "DescribeFleetMetadata", + "description": "Grants permission to describe metadata of an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeFleetMetadata.html" + }, + "DescribeIdentityProviderConfiguration": { + "privilege": "DescribeIdentityProviderConfiguration", + "description": "Grants permission to describe the identity provider configuration for an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeIdentityProviderConfiguration.html" + }, + "DescribeWebsiteCertificateAuthority": { + "privilege": "DescribeWebsiteCertificateAuthority", + "description": "Grants permission to describe a website certificate authority associated with an Amazon WorkLink fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DescribeWebsiteCertificateAuthority.html" + }, + "DisassociateDomain": { + "privilege": "DisassociateDomain", + "description": "Grants permission to disassociate a domain from an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateDomain.html" + }, + "DisassociateWebsiteAuthorizationProvider": { + "privilege": "DisassociateWebsiteAuthorizationProvider", + "description": "Grants permission to disassociate a website authorization provider from an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateWebsiteAuthorizationProvider.html" + }, + "DisassociateWebsiteCertificateAuthority": { + "privilege": "DisassociateWebsiteCertificateAuthority", + "description": "Grants permission to disassociate a website certificate authority from an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_DisassociateWebsiteCertificateAuthority.html" + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Grants permission to list the devices associated with an Amazon WorkLink fleet", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListDevices.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list the associated domains for an Amazon WorkLink fleet", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListDomains.html" + }, + "ListFleets": { + "privilege": "ListFleets", + "description": "Grants permission to list the Amazon WorkLink fleets associated with the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListFleets.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListTagsForResource.html" + }, + "ListWebsiteAuthorizationProviders": { + "privilege": "ListWebsiteAuthorizationProviders", + "description": "Grants permission to list the website authorization providers for an Amazon WorkLink fleet", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListWebsiteAuthorizationProviders.html" + }, + "ListWebsiteCertificateAuthorities": { + "privilege": "ListWebsiteCertificateAuthorities", + "description": "Grants permission to list the website certificate authorities associated with an Amazon WorkLink fleet", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_ListWebsiteCertificateAuthorities.html" + }, + "RestoreDomainAccess": { + "privilege": "RestoreDomainAccess", + "description": "Grants permission to restore access to a domain associated with an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_RestoreDomainAccess.html" + }, + "RevokeDomainAccess": { + "privilege": "RevokeDomainAccess", + "description": "Grants permission to revoke access to a domain associated with an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_RevokeDomainAccess.html" + }, + "SearchEntity": { + "privilege": "SearchEntity", + "description": "Grants permission to list devices for an Amazon WorkLink fleet", + "access_level": "List", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/ag/manage-devices.html" + }, + "SignOutUser": { + "privilege": "SignOutUser", + "description": "Grants permission to sign out a user from an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_SignOutUser.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a resource", + "access_level": "Tagging", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a resource", + "access_level": "Tagging", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UntagResource.html" + }, + "UpdateAuditStreamConfiguration": { + "privilege": "UpdateAuditStreamConfiguration", + "description": "Grants permission to update the audit stream configuration for an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateAuditStreamConfiguration.html" + }, + "UpdateCompanyNetworkConfiguration": { + "privilege": "UpdateCompanyNetworkConfiguration", + "description": "Grants permission to update the company network configuration for an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateCompanyNetworkConfiguration.html" + }, + "UpdateDevicePolicyConfiguration": { + "privilege": "UpdateDevicePolicyConfiguration", + "description": "Grants permission to update the device policy configuration for an Amazon WorkLink fleet", + "access_level": "Permissions management", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateDevicePolicyConfiguration.html" + }, + "UpdateDomainMetadata": { + "privilege": "UpdateDomainMetadata", + "description": "Grants permission to update the metadata for a domain associated with an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateDomainMetadata.html" + }, + "UpdateFleetMetadata": { + "privilege": "UpdateFleetMetadata", + "description": "Grants permission to update the metadata of an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateFleetMetadata.html" + }, + "UpdateIdentityProviderConfiguration": { + "privilege": "UpdateIdentityProviderConfiguration", + "description": "Grants permission to update the identity provider configuration for an Amazon WorkLink fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/worklink/latest/api/API_UpdateIdentityProviderConfiguration.html" + } + }, + "privileges_lower_name": { + "associatedomain": "AssociateDomain", + "associatewebsiteauthorizationprovider": "AssociateWebsiteAuthorizationProvider", + "associatewebsitecertificateauthority": "AssociateWebsiteCertificateAuthority", + "createfleet": "CreateFleet", + "deletefleet": "DeleteFleet", + "describeauditstreamconfiguration": "DescribeAuditStreamConfiguration", + "describecompanynetworkconfiguration": "DescribeCompanyNetworkConfiguration", + "describedevice": "DescribeDevice", + "describedevicepolicyconfiguration": "DescribeDevicePolicyConfiguration", + "describedomain": "DescribeDomain", + "describefleetmetadata": "DescribeFleetMetadata", + "describeidentityproviderconfiguration": "DescribeIdentityProviderConfiguration", + "describewebsitecertificateauthority": "DescribeWebsiteCertificateAuthority", + "disassociatedomain": "DisassociateDomain", + "disassociatewebsiteauthorizationprovider": "DisassociateWebsiteAuthorizationProvider", + "disassociatewebsitecertificateauthority": "DisassociateWebsiteCertificateAuthority", + "listdevices": "ListDevices", + "listdomains": "ListDomains", + "listfleets": "ListFleets", + "listtagsforresource": "ListTagsForResource", + "listwebsiteauthorizationproviders": "ListWebsiteAuthorizationProviders", + "listwebsitecertificateauthorities": "ListWebsiteCertificateAuthorities", + "restoredomainaccess": "RestoreDomainAccess", + "revokedomainaccess": "RevokeDomainAccess", + "searchentity": "SearchEntity", + "signoutuser": "SignOutUser", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateauditstreamconfiguration": "UpdateAuditStreamConfiguration", + "updatecompanynetworkconfiguration": "UpdateCompanyNetworkConfiguration", + "updatedevicepolicyconfiguration": "UpdateDevicePolicyConfiguration", + "updatedomainmetadata": "UpdateDomainMetadata", + "updatefleetmetadata": "UpdateFleetMetadata", + "updateidentityproviderconfiguration": "UpdateIdentityProviderConfiguration" + }, + "resources": { + "fleet": { + "resource": "fleet", + "arn": "arn:${Partition}:worklink::${Account}:fleet/${FleetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "fleet": "fleet" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "workmail": { + "service_name": "Amazon WorkMail", + "prefix": "workmail", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkmail.html", + "privileges": { + "AddMembersToGroup": { + "privilege": "AddMembersToGroup", + "description": "Grants permission to add a list of members (users or groups) to a group", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" + }, + "AssociateDelegateToResource": { + "privilege": "AssociateDelegateToResource", + "description": "Grants permission to add a member (user or group) to the resource's set of delegates", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_AssociateDelegateToResource.html" + }, + "AssociateMemberToGroup": { + "privilege": "AssociateMemberToGroup", + "description": "Grants permission to add a member (user or group) to the group's set", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_AssociateMemberToGroup.html" + }, + "AssumeImpersonationRole": { + "privilege": "AssumeImpersonationRole", + "description": "Grants permission to assume an impersonation role for the given Amazon WorkMail organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_AssumeImpersonationRole.html" + }, + "CancelMailboxExportJob": { + "privilege": "CancelMailboxExportJob", + "description": "Grants permission to cancel a currently running mailbox export job", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CancelMailboxExportJob.html" + }, + "CreateAlias": { + "privilege": "CreateAlias", + "description": "Grants permission to add an alias to the set of a given member (user or group) of WorkMail", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateAlias.html" + }, + "CreateAvailabilityConfiguration": { + "privilege": "CreateAvailabilityConfiguration", + "description": "Grants permission to create an AvailabilityConfiguration for the given Amazon WorkMail organization and domain", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateAvailabilityConfiguration.html" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a group that can be used in WorkMail by calling the RegisterToWorkMail operation", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateGroup.html" + }, + "CreateImpersonationRole": { + "privilege": "CreateImpersonationRole", + "description": "Grants permission to create an impersonation role for the given Amazon WorkMail organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateImpersonationRole.html" + }, + "CreateInboundMailFlowRule": { + "privilege": "CreateInboundMailFlowRule", + "description": "Grants permission to create an inbound email flow rule which will apply to all email sent to an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/create-email-rules.html" + }, + "CreateMailDomain": { + "privilege": "CreateMailDomain", + "description": "Grants permission to create a mail domain", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_domain.html" + }, + "CreateMailUser": { + "privilege": "CreateMailUser", + "description": "Grants permission to create a user in the directory", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html" + }, + "CreateMobileDeviceAccessRule": { + "privilege": "CreateMobileDeviceAccessRule", + "description": "Grants permission to create a new mobile device access rule", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateMobileDeviceAccessRule.html" + }, + "CreateOrganization": { + "privilege": "CreateOrganization", + "description": "Grants permission to create a new Amazon WorkMail organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateOrganization.html" + }, + "CreateOutboundMailFlowRule": { + "privilege": "CreateOutboundMailFlowRule", + "description": "Grants permission to create an outbound email flow rule which will apply to all email sent from an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/create-email-rules.html" + }, + "CreateResource": { + "privilege": "CreateResource", + "description": "Grants permission to create a new WorkMail resource", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateResource.html" + }, + "CreateSmtpGateway": { + "privilege": "CreateSmtpGateway", + "description": "Grants permission to register an SMTP gateway to a WorkMail organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user, which can be enabled afterwards by calling the RegisterToWorkMail operation", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_CreateUser.html" + }, + "DeleteAccessControlRule": { + "privilege": "DeleteAccessControlRule", + "description": "Grants permission to delete an access control rule", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteAccessControlRule.html" + }, + "DeleteAlias": { + "privilege": "DeleteAlias", + "description": "Grants permission to remove one or more specified aliases from a set of aliases for a given user", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteAlias.html" + }, + "DeleteAvailabilityConfiguration": { + "privilege": "DeleteAvailabilityConfiguration", + "description": "Grants permission to delete the AvailabilityConfiguration for the given Amazon WorkMail organization and domain", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteAvailabilityConfiguration.html" + }, + "DeleteEmailMonitoringConfiguration": { + "privilege": "DeleteEmailMonitoringConfiguration", + "description": "Grants permission to delete the email monitoring configuration for an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteEmailMonitoringConfiguration.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete a group from WorkMail", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteGroup.html" + }, + "DeleteImpersonationRole": { + "privilege": "DeleteImpersonationRole", + "description": "Grants permission to delete an impersonation role for the given Amazon WorkMail organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteImpersonationRole.html" + }, + "DeleteInboundMailFlowRule": { + "privilege": "DeleteInboundMailFlowRule", + "description": "Grants permission to remove an inbound email flow rule to no longer apply to emails sent to an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove-email-flow-rule.html" + }, + "DeleteMailDomain": { + "privilege": "DeleteMailDomain", + "description": "Grants permission to remove an unused mail domain from an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove_domain.html" + }, + "DeleteMailboxPermissions": { + "privilege": "DeleteMailboxPermissions", + "description": "Grants permission to delete permissions granted to a member (user or group)", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteMailboxPermissions.html" + }, + "DeleteMobileDevice": { + "privilege": "DeleteMobileDevice", + "description": "Grants permission to remove a mobile device from a user", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html#remove_mobile_device" + }, + "DeleteMobileDeviceAccessOverride": { + "privilege": "DeleteMobileDeviceAccessOverride", + "description": "Grants permission to delete a mobile device access override", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteMobileDeviceAccessOverride.html" + }, + "DeleteMobileDeviceAccessRule": { + "privilege": "DeleteMobileDeviceAccessRule", + "description": "Grants permission to delete a mobile device access rule", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteMobileDeviceAccessRule.html" + }, + "DeleteOrganization": { + "privilege": "DeleteOrganization", + "description": "Grants permission to delete an Amazon WorkMail organization and all underlying AWS resources managed by Amazon WorkMail as part of the organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteOrganization.html" + }, + "DeleteOutboundMailFlowRule": { + "privilege": "DeleteOutboundMailFlowRule", + "description": "Grants permission to remove an outbound email flow rule so that it no longer applies to emails sent from an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove-email-flow-rule.html" + }, + "DeleteResource": { + "privilege": "DeleteResource", + "description": "Grants permission to delete the specified resource", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteResource.html" + }, + "DeleteRetentionPolicy": { + "privilege": "DeleteRetentionPolicy", + "description": "Grants permission to delete the retention policy based on the supplied organization and policy identifiers", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteRetentionPolicy.html" + }, + "DeleteSmtpGateway": { + "privilege": "DeleteSmtpGateway", + "description": "Grants permission to remove an SMTP gateway from an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user from WorkMail and all subsequent systems", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeleteUser.html" + }, + "DeregisterFromWorkMail": { + "privilege": "DeregisterFromWorkMail", + "description": "Grants permission to mark a user, group, or resource as no longer used in WorkMail", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeregisterFromWorkMail.html" + }, + "DeregisterMailDomain": { + "privilege": "DeregisterMailDomain", + "description": "Grants permission to deregister a mail domain from an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DeregisterMailDomain.html" + }, + "DescribeDirectories": { + "privilege": "DescribeDirectories", + "description": "Grants permission to show a list of directories available for use in creating an organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_new_organization.html" + }, + "DescribeEmailMonitoringConfiguration": { + "privilege": "DescribeEmailMonitoringConfiguration", + "description": "Grants permission to retrieve the email monitoring configuration for an organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeEmailMonitoringConfiguration.html" + }, + "DescribeGroup": { + "privilege": "DescribeGroup", + "description": "Grants permission to read the details for a group", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeGroup.html" + }, + "DescribeInboundDmarcSettings": { + "privilege": "DescribeInboundDmarcSettings", + "description": "Grants permission to read the settings in a DMARC policy for a specified organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeInboundDmarcSettings.html" + }, + "DescribeInboundMailFlowRule": { + "privilege": "DescribeInboundMailFlowRule", + "description": "Grants permission to read the details of an inbound mail flow rule configured for an organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-actions" + }, + "DescribeKmsKeys": { + "privilege": "DescribeKmsKeys", + "description": "Grants permission to show a list of KMS Keys available for use in creating an organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_new_organization.html" + }, + "DescribeMailDomains": { + "privilege": "DescribeMailDomains", + "description": "Grants permission to show the details of all mail domains associated with the organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/domains_overview.html" + }, + "DescribeMailGroups": { + "privilege": "DescribeMailGroups", + "description": "Grants permission to show the details of all groups associated with the organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" + }, + "DescribeMailUsers": { + "privilege": "DescribeMailUsers", + "description": "Grants permission to show the details of all users associated with the organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/users_overview.html" + }, + "DescribeMailboxExportJob": { + "privilege": "DescribeMailboxExportJob", + "description": "Grants permission to retrieve details of a mailbox export job", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeMailboxExportJob.html" + }, + "DescribeOrganization": { + "privilege": "DescribeOrganization", + "description": "Grants permission to read details of an organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeOrganization.html" + }, + "DescribeOrganizations": { + "privilege": "DescribeOrganizations", + "description": "Grants permission to show a summary of all organizations associated with the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html" + }, + "DescribeOutboundMailFlowRule": { + "privilege": "DescribeOutboundMailFlowRule", + "description": "Grants permission to read the details of an outbound mail flow rule configured for an organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-outbound" + }, + "DescribeResource": { + "privilege": "DescribeResource", + "description": "Grants permission to read the details for a resource", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeResource.html" + }, + "DescribeSmtpGateway": { + "privilege": "DescribeSmtpGateway", + "description": "Grants permission to read the details of an SMTP gateway registered to an organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" + }, + "DescribeUser": { + "privilege": "DescribeUser", + "description": "Grants permission to read details for a user", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DescribeUser.html" + }, + "DisableMailGroups": { + "privilege": "DisableMailGroups", + "description": "Grants permission to disable a mail group when it is not being used, in order to allow it to be deleted", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/remove_group.html" + }, + "DisableMailUsers": { + "privilege": "DisableMailUsers", + "description": "Grants permission to disable a user mailbox when it is no longer being used, in order to allow it to be deleted", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-mailboxes.html#delete_user_mailbox" + }, + "DisassociateDelegateFromResource": { + "privilege": "DisassociateDelegateFromResource", + "description": "Grants permission to remove a member from the resource's set of delegates", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DisassociateDelegateFromResource.html" + }, + "DisassociateMemberFromGroup": { + "privilege": "DisassociateMemberFromGroup", + "description": "Grants permission to remove a member from a group", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_DisassociateMemberFromGroup.html" + }, + "EnableMailDomain": { + "privilege": "EnableMailDomain", + "description": "Grants permission to enable a mail domain in the organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_domain.html" + }, + "EnableMailGroups": { + "privilege": "EnableMailGroups", + "description": "Grants permission to enable a mail group after it has been created to allow it to receive mail", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/enable_existing_group.html" + }, + "EnableMailUsers": { + "privilege": "EnableMailUsers", + "description": "Grants permission to enable a user's mailbox after it has been created to allow it to receive mail", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html#enable_existing_user" + }, + "GetAccessControlEffect": { + "privilege": "GetAccessControlEffect", + "description": "Grants permission to get the effects of access control rules as they apply to a specified IPv4 address, access protocol action, or user ID", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetAccessControlEffect.html" + }, + "GetDefaultRetentionPolicy": { + "privilege": "GetDefaultRetentionPolicy", + "description": "Grants permission to retrieve the retention policy associated at an organizational level", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetDefaultRetentionPolicy.html" + }, + "GetImpersonationRole": { + "privilege": "GetImpersonationRole", + "description": "Grants permission to retrieve an impersonation role for the given Amazon WorkMail organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetImpersonationRole.html" + }, + "GetImpersonationRoleEffect": { + "privilege": "GetImpersonationRoleEffect", + "description": "Grants permission to get the effect of the rules associated to an impersonation role for a specific user", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetImpersonationRoleEffect.html" + }, + "GetJournalingRules": { + "privilege": "GetJournalingRules", + "description": "Grants permission to read the configured journaling and fallback email addresses for email journaling", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/journaling_overview.html" + }, + "GetMailDomain": { + "privilege": "GetMailDomain", + "description": "Grants permission to retrieve details of a given mail domain in an organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMailDomain.html" + }, + "GetMailDomainDetails": { + "privilege": "GetMailDomainDetails", + "description": "Grants permission to get the details of the mail domain", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/domains_overview.html" + }, + "GetMailGroupDetails": { + "privilege": "GetMailGroupDetails", + "description": "Grants permission to get the details of the mail group", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" + }, + "GetMailUserDetails": { + "privilege": "GetMailUserDetails", + "description": "Grants permission to get the details of the user's mailbox and account", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/users_overview.html" + }, + "GetMailboxDetails": { + "privilege": "GetMailboxDetails", + "description": "Grants permission to read the details of the user's mailbox", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMailboxDetails.html" + }, + "GetMobileDeviceAccessEffect": { + "privilege": "GetMobileDeviceAccessEffect", + "description": "Grants permission to simulate the effect of the mobile device access rules for the given attributes of a sample access event", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMobileDeviceAccessEffect.html" + }, + "GetMobileDeviceAccessOverride": { + "privilege": "GetMobileDeviceAccessOverride", + "description": "Grants permission to retrieve a mobile device access override", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_GetMobileDeviceAccessOverride.html" + }, + "GetMobileDeviceDetails": { + "privilege": "GetMobileDeviceDetails", + "description": "Grants permission to get the details of the mobile device", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html" + }, + "GetMobileDevicesForUser": { + "privilege": "GetMobileDevicesForUser", + "description": "Grants permission to get a list of the mobile devices associated with the user", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html" + }, + "GetMobilePolicyDetails": { + "privilege": "GetMobilePolicyDetails", + "description": "Grants permission to get the details of the mobile device policy associated with the organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/edit_organization_mobile_policy.html" + }, + "ListAccessControlRules": { + "privilege": "ListAccessControlRules", + "description": "Grants permission to list the access control rules", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListAccessControlRules.html" + }, + "ListAliases": { + "privilege": "ListAliases", + "description": "Grants permission to list the aliases associated with a given entity", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListAliases.html" + }, + "ListAvailabilityConfigurations": { + "privilege": "ListAvailabilityConfigurations", + "description": "Grants permission to list all the AvailabilityConfiguration's for the given Amazon WorkMail organization", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListAvailabilityConfigurations.html" + }, + "ListGroupMembers": { + "privilege": "ListGroupMembers", + "description": "Grants permission to read an overview of the members of a group. Users and groups can be members of a group", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListGroupMembers.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list summaries of the organization's groups", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListGroups.html" + }, + "ListImpersonationRoles": { + "privilege": "ListImpersonationRoles", + "description": "Grants permission to list the impersonation roles for the given Amazon WorkMail organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListImpersonationRoles.html" + }, + "ListInboundMailFlowRules": { + "privilege": "ListInboundMailFlowRules", + "description": "Grants permission to list inbound mail flow rules configured for an organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-actions" + }, + "ListMailDomains": { + "privilege": "ListMailDomains", + "description": "Grants permission to list the mail domains for a given organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMailDomains.html" + }, + "ListMailboxExportJobs": { + "privilege": "ListMailboxExportJobs", + "description": "Grants permission to list mailbox export jobs", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMailboxExportJobs.html" + }, + "ListMailboxPermissions": { + "privilege": "ListMailboxPermissions", + "description": "Grants permission to list the mailbox permissions associated with a user, group, or resource mailbox", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMailboxPermissions.html" + }, + "ListMembersInMailGroup": { + "privilege": "ListMembersInMailGroup", + "description": "Grants permission to get a list of all the members in a mail group", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" + }, + "ListMobileDeviceAccessOverrides": { + "privilege": "ListMobileDeviceAccessOverrides", + "description": "Grants permission to list the mobile device access overrides", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMobileDeviceAccessOverrides.html" + }, + "ListMobileDeviceAccessRules": { + "privilege": "ListMobileDeviceAccessRules", + "description": "Grants permission to list the mobile device access rules", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListMobileDeviceAccessRules.html" + }, + "ListOrganizations": { + "privilege": "ListOrganizations", + "description": "Grants permission to list the non-deleted organizations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html" + }, + "ListOutboundMailFlowRules": { + "privilege": "ListOutboundMailFlowRules", + "description": "Grants permission to list outbound mail flow rules configured for an organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-outbound" + }, + "ListResourceDelegates": { + "privilege": "ListResourceDelegates", + "description": "Grants permission to list the delegates associated with a resource", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListResourceDelegates.html" + }, + "ListResources": { + "privilege": "ListResources", + "description": "Grants permission to list the organization's resources", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListResources.html" + }, + "ListSmtpGateways": { + "privilege": "ListSmtpGateways", + "description": "Grants permission to list SMTP gateways registered to the organization", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags applied to an Amazon WorkMail organization resource", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListTagsForResource.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list the organization's users", + "access_level": "List", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListUsers.html" + }, + "PutAccessControlRule": { + "privilege": "PutAccessControlRule", + "description": "Grants permission to add a new access control rule", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutAccessControlRule.html" + }, + "PutEmailMonitoringConfiguration": { + "privilege": "PutEmailMonitoringConfiguration", + "description": "Grants permission to add or update the email monitoring configuration for an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutEmailMonitoringConfiguration.html" + }, + "PutInboundDmarcSettings": { + "privilege": "PutInboundDmarcSettings", + "description": "Grants permission to enable or disable a DMARC policy for a given organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutInboundDmarcSettings.html" + }, + "PutMailboxPermissions": { + "privilege": "PutMailboxPermissions", + "description": "Grants permission to set permissions for a user, group, or resource, replacing any existing permissions", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutMailboxPermissions.html" + }, + "PutMobileDeviceAccessOverride": { + "privilege": "PutMobileDeviceAccessOverride", + "description": "Grants permission to add or update a mobile device access override", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutMobileDeviceAccessOverride.html" + }, + "PutRetentionPolicy": { + "privilege": "PutRetentionPolicy", + "description": "Grants permission to add or update the retention policy", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_PutRetentionPolicy.html" + }, + "RegisterMailDomain": { + "privilege": "RegisterMailDomain", + "description": "Grants permission to register a new mail domain in an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_RegisterMailDomain.html" + }, + "RegisterToWorkMail": { + "privilege": "RegisterToWorkMail", + "description": "Grants permission to register an existing and disabled user, group, or resource for use by associating a mailbox and calendaring capabilities", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_RegisterToWorkMail.html" + }, + "RemoveMembersFromGroup": { + "privilege": "RemoveMembersFromGroup", + "description": "Grants permission to remove members from a mail group", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" + }, + "ResetPassword": { + "privilege": "ResetPassword", + "description": "Grants permission to allow the administrator to reset the password for a user", + "access_level": "Permissions management", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_ResetPassword.html" + }, + "ResetUserPassword": { + "privilege": "ResetUserPassword", + "description": "Grants permission to reset the password for a user's account", + "access_level": "Permissions management", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html#reset_user_password" + }, + "SearchMembers": { + "privilege": "SearchMembers", + "description": "Grants permission to perform a prefix search to find a specific user in a mail group", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/groups_overview.html" + }, + "SetAdmin": { + "privilege": "SetAdmin", + "description": "Grants permission to mark a user as being an administrator", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/users_overview.html" + }, + "SetDefaultMailDomain": { + "privilege": "SetDefaultMailDomain", + "description": "Grants permission to set the default mail domain for the organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/default_domain.html" + }, + "SetJournalingRules": { + "privilege": "SetJournalingRules", + "description": "Grants permission to set journaling and fallback email addresses for email journaling", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/journaling_overview.html" + }, + "SetMailGroupDetails": { + "privilege": "SetMailGroupDetails", + "description": "Grants permission to set the details of the mail group which has just been created", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/add_new_group.html" + }, + "SetMailUserDetails": { + "privilege": "SetMailUserDetails", + "description": "Grants permission to set the details for the user account which has just been created", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-users.html" + }, + "SetMobilePolicyDetails": { + "privilege": "SetMobilePolicyDetails", + "description": "Grants permission to set the details of a mobile policy associated with the organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/edit_organization_mobile_policy.html" + }, + "StartMailboxExportJob": { + "privilege": "StartMailboxExportJob", + "description": "Grants permission to start a new mailbox export job", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_StartMailboxExportJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag the specified Amazon WorkMail organization resource", + "access_level": "Tagging", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_TagResource.html" + }, + "TestAvailabilityConfiguration": { + "privilege": "TestAvailabilityConfiguration", + "description": "Grants permission to performs a test on an availability provider to ensure that access is allowed", + "access_level": "Read", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_TestAvailabilityConfiguration.html" + }, + "TestInboundMailFlowRules": { + "privilege": "TestInboundMailFlowRules", + "description": "Grants permission to test what inbound rules will apply to an email with a given sender and recipient", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/test-email-flow-rule.html" + }, + "TestOutboundMailFlowRules": { + "privilege": "TestOutboundMailFlowRules", + "description": "Grants permission to test what outbound rules will apply to an email with a given sender and recipient", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/test-email-flow-rule.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified Amazon WorkMail organization resource", + "access_level": "Tagging", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UntagResource.html" + }, + "UpdateAvailabilityConfiguration": { + "privilege": "UpdateAvailabilityConfiguration", + "description": "Grants permission to update an existing AvailabilityConfiguration for the given Amazon WorkMail organization and domain", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateAvailabilityConfiguration.html" + }, + "UpdateDefaultMailDomain": { + "privilege": "UpdateDefaultMailDomain", + "description": "Grants permission to update which domain is the default domain for an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateDefaultMailDomain.html" + }, + "UpdateImpersonationRole": { + "privilege": "UpdateImpersonationRole", + "description": "Grants permission to update an existing impersonation role for the given Amazon WorkMail organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateImpersonationRole.html" + }, + "UpdateInboundMailFlowRule": { + "privilege": "UpdateInboundMailFlowRule", + "description": "Grants permission to update the details of an inbound email flow rule which will apply to all email sent to an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/modify-email-flow-rule.html" + }, + "UpdateMailboxQuota": { + "privilege": "UpdateMailboxQuota", + "description": "Grants permission to update the maximum size (in MB) of the user's mailbox", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateMailboxQuota.html" + }, + "UpdateMobileDeviceAccessRule": { + "privilege": "UpdateMobileDeviceAccessRule", + "description": "Grants permission to update a mobile device access rule", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateMobileDeviceAccessRule.html" + }, + "UpdateOutboundMailFlowRule": { + "privilege": "UpdateOutboundMailFlowRule", + "description": "Grants permission to update the details of an outbound email flow rule which will apply to all email sent from an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/modify-email-flow-rule.html" + }, + "UpdatePrimaryEmailAddress": { + "privilege": "UpdatePrimaryEmailAddress", + "description": "Grants permission to update the primary email for a user, group, or resource", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdatePrimaryEmailAddress.html" + }, + "UpdateResource": { + "privilege": "UpdateResource", + "description": "Grants permission to update details for the resource", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_UpdateResource.html" + }, + "UpdateSmtpGateway": { + "privilege": "UpdateSmtpGateway", + "description": "Grants permission to update the details of an existing SMTP gateway registered to an organization", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/smtp-gateway.html" + }, + "WipeMobileDevice": { + "privilege": "WipeMobileDevice", + "description": "Grants permission to remotely wipe the mobile device associated with a user's account", + "access_level": "Write", + "resource_types": { + "organization": { + "resource_type": "organization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organization": "organization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/adminguide/manage-devices.html#remote_wipe_device" + } + }, + "privileges_lower_name": { + "addmemberstogroup": "AddMembersToGroup", + "associatedelegatetoresource": "AssociateDelegateToResource", + "associatemembertogroup": "AssociateMemberToGroup", + "assumeimpersonationrole": "AssumeImpersonationRole", + "cancelmailboxexportjob": "CancelMailboxExportJob", + "createalias": "CreateAlias", + "createavailabilityconfiguration": "CreateAvailabilityConfiguration", + "creategroup": "CreateGroup", + "createimpersonationrole": "CreateImpersonationRole", + "createinboundmailflowrule": "CreateInboundMailFlowRule", + "createmaildomain": "CreateMailDomain", + "createmailuser": "CreateMailUser", + "createmobiledeviceaccessrule": "CreateMobileDeviceAccessRule", + "createorganization": "CreateOrganization", + "createoutboundmailflowrule": "CreateOutboundMailFlowRule", + "createresource": "CreateResource", + "createsmtpgateway": "CreateSmtpGateway", + "createuser": "CreateUser", + "deleteaccesscontrolrule": "DeleteAccessControlRule", + "deletealias": "DeleteAlias", + "deleteavailabilityconfiguration": "DeleteAvailabilityConfiguration", + "deleteemailmonitoringconfiguration": "DeleteEmailMonitoringConfiguration", + "deletegroup": "DeleteGroup", + "deleteimpersonationrole": "DeleteImpersonationRole", + "deleteinboundmailflowrule": "DeleteInboundMailFlowRule", + "deletemaildomain": "DeleteMailDomain", + "deletemailboxpermissions": "DeleteMailboxPermissions", + "deletemobiledevice": "DeleteMobileDevice", + "deletemobiledeviceaccessoverride": "DeleteMobileDeviceAccessOverride", + "deletemobiledeviceaccessrule": "DeleteMobileDeviceAccessRule", + "deleteorganization": "DeleteOrganization", + "deleteoutboundmailflowrule": "DeleteOutboundMailFlowRule", + "deleteresource": "DeleteResource", + "deleteretentionpolicy": "DeleteRetentionPolicy", + "deletesmtpgateway": "DeleteSmtpGateway", + "deleteuser": "DeleteUser", + "deregisterfromworkmail": "DeregisterFromWorkMail", + "deregistermaildomain": "DeregisterMailDomain", + "describedirectories": "DescribeDirectories", + "describeemailmonitoringconfiguration": "DescribeEmailMonitoringConfiguration", + "describegroup": "DescribeGroup", + "describeinbounddmarcsettings": "DescribeInboundDmarcSettings", + "describeinboundmailflowrule": "DescribeInboundMailFlowRule", + "describekmskeys": "DescribeKmsKeys", + "describemaildomains": "DescribeMailDomains", + "describemailgroups": "DescribeMailGroups", + "describemailusers": "DescribeMailUsers", + "describemailboxexportjob": "DescribeMailboxExportJob", + "describeorganization": "DescribeOrganization", + "describeorganizations": "DescribeOrganizations", + "describeoutboundmailflowrule": "DescribeOutboundMailFlowRule", + "describeresource": "DescribeResource", + "describesmtpgateway": "DescribeSmtpGateway", + "describeuser": "DescribeUser", + "disablemailgroups": "DisableMailGroups", + "disablemailusers": "DisableMailUsers", + "disassociatedelegatefromresource": "DisassociateDelegateFromResource", + "disassociatememberfromgroup": "DisassociateMemberFromGroup", + "enablemaildomain": "EnableMailDomain", + "enablemailgroups": "EnableMailGroups", + "enablemailusers": "EnableMailUsers", + "getaccesscontroleffect": "GetAccessControlEffect", + "getdefaultretentionpolicy": "GetDefaultRetentionPolicy", + "getimpersonationrole": "GetImpersonationRole", + "getimpersonationroleeffect": "GetImpersonationRoleEffect", + "getjournalingrules": "GetJournalingRules", + "getmaildomain": "GetMailDomain", + "getmaildomaindetails": "GetMailDomainDetails", + "getmailgroupdetails": "GetMailGroupDetails", + "getmailuserdetails": "GetMailUserDetails", + "getmailboxdetails": "GetMailboxDetails", + "getmobiledeviceaccesseffect": "GetMobileDeviceAccessEffect", + "getmobiledeviceaccessoverride": "GetMobileDeviceAccessOverride", + "getmobiledevicedetails": "GetMobileDeviceDetails", + "getmobiledevicesforuser": "GetMobileDevicesForUser", + "getmobilepolicydetails": "GetMobilePolicyDetails", + "listaccesscontrolrules": "ListAccessControlRules", + "listaliases": "ListAliases", + "listavailabilityconfigurations": "ListAvailabilityConfigurations", + "listgroupmembers": "ListGroupMembers", + "listgroups": "ListGroups", + "listimpersonationroles": "ListImpersonationRoles", + "listinboundmailflowrules": "ListInboundMailFlowRules", + "listmaildomains": "ListMailDomains", + "listmailboxexportjobs": "ListMailboxExportJobs", + "listmailboxpermissions": "ListMailboxPermissions", + "listmembersinmailgroup": "ListMembersInMailGroup", + "listmobiledeviceaccessoverrides": "ListMobileDeviceAccessOverrides", + "listmobiledeviceaccessrules": "ListMobileDeviceAccessRules", + "listorganizations": "ListOrganizations", + "listoutboundmailflowrules": "ListOutboundMailFlowRules", + "listresourcedelegates": "ListResourceDelegates", + "listresources": "ListResources", + "listsmtpgateways": "ListSmtpGateways", + "listtagsforresource": "ListTagsForResource", + "listusers": "ListUsers", + "putaccesscontrolrule": "PutAccessControlRule", + "putemailmonitoringconfiguration": "PutEmailMonitoringConfiguration", + "putinbounddmarcsettings": "PutInboundDmarcSettings", + "putmailboxpermissions": "PutMailboxPermissions", + "putmobiledeviceaccessoverride": "PutMobileDeviceAccessOverride", + "putretentionpolicy": "PutRetentionPolicy", + "registermaildomain": "RegisterMailDomain", + "registertoworkmail": "RegisterToWorkMail", + "removemembersfromgroup": "RemoveMembersFromGroup", + "resetpassword": "ResetPassword", + "resetuserpassword": "ResetUserPassword", + "searchmembers": "SearchMembers", + "setadmin": "SetAdmin", + "setdefaultmaildomain": "SetDefaultMailDomain", + "setjournalingrules": "SetJournalingRules", + "setmailgroupdetails": "SetMailGroupDetails", + "setmailuserdetails": "SetMailUserDetails", + "setmobilepolicydetails": "SetMobilePolicyDetails", + "startmailboxexportjob": "StartMailboxExportJob", + "tagresource": "TagResource", + "testavailabilityconfiguration": "TestAvailabilityConfiguration", + "testinboundmailflowrules": "TestInboundMailFlowRules", + "testoutboundmailflowrules": "TestOutboundMailFlowRules", + "untagresource": "UntagResource", + "updateavailabilityconfiguration": "UpdateAvailabilityConfiguration", + "updatedefaultmaildomain": "UpdateDefaultMailDomain", + "updateimpersonationrole": "UpdateImpersonationRole", + "updateinboundmailflowrule": "UpdateInboundMailFlowRule", + "updatemailboxquota": "UpdateMailboxQuota", + "updatemobiledeviceaccessrule": "UpdateMobileDeviceAccessRule", + "updateoutboundmailflowrule": "UpdateOutboundMailFlowRule", + "updateprimaryemailaddress": "UpdatePrimaryEmailAddress", + "updateresource": "UpdateResource", + "updatesmtpgateway": "UpdateSmtpGateway", + "wipemobiledevice": "WipeMobileDevice" + }, + "resources": { + "organization": { + "resource": "organization", + "arn": "arn:${Partition}:workmail:${Region}:${Account}:organization/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "organization": "organization" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "workmailmessageflow": { + "service_name": "Amazon WorkMail Message Flow", + "prefix": "workmailmessageflow", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkmailmessageflow.html", + "privileges": { + "GetRawMessageContent": { + "privilege": "GetRawMessageContent", + "description": "Grants permission to read the content of email messages with the specified message ID", + "access_level": "Read", + "resource_types": { + "RawMessage": { + "resource_type": "RawMessage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rawmessage": "RawMessage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_messageflow_GetRawMessageContent.html" + }, + "PutRawMessageContent": { + "privilege": "PutRawMessageContent", + "description": "Grants permission to update the content of email messages with the specified message ID", + "access_level": "Write", + "resource_types": { + "RawMessage": { + "resource_type": "RawMessage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rawmessage": "RawMessage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workmail/latest/APIReference/API_messageflow_PutRawMessageContent.html" + } + }, + "privileges_lower_name": { + "getrawmessagecontent": "GetRawMessageContent", + "putrawmessagecontent": "PutRawMessageContent" + }, + "resources": { + "RawMessage": { + "resource": "RawMessage", + "arn": "arn:${Partition}:workmailmessageflow:${Region}:${Account}:message/${OrganizationId}/${Context}/${MessageId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "rawmessage": "RawMessage" + }, + "conditions": {} + }, + "workspaces": { + "service_name": "Amazon WorkSpaces", + "prefix": "workspaces", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspaces.html", + "privileges": { + "AssociateConnectionAlias": { + "privilege": "AssociateConnectionAlias", + "description": "Grants permission to associate connection aliases with directories", + "access_level": "Write", + "resource_types": { + "connectionalias": { + "resource_type": "connectionalias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectionalias": "connectionalias", + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_AssociateConnectionAlias.html" + }, + "AssociateIpGroups": { + "privilege": "AssociateIpGroups", + "description": "Grants permission to associate IP access control groups with directories", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspaceipgroup": { + "resource_type": "workspaceipgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid", + "workspaceipgroup": "workspaceipgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_AssociateIpGroups.html" + }, + "AuthorizeIpRules": { + "privilege": "AuthorizeIpRules", + "description": "Grants permission to add rules to IP access control groups", + "access_level": "Write", + "resource_types": { + "workspaceipgroup": { + "resource_type": "workspaceipgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceipgroup": "workspaceipgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_AuthorizeIpRules.html" + }, + "CopyWorkspaceImage": { + "privilege": "CopyWorkspaceImage", + "description": "Grants permission to copy a WorkSpace image", + "access_level": "Write", + "resource_types": { + "workspaceimage": { + "resource_type": "workspaceimage", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "workspaces:DescribeWorkspaceImages" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceimage": "workspaceimage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CopyWorkspaceImage.html" + }, + "CreateConnectClientAddIn": { + "privilege": "CreateConnectClientAddIn", + "description": "Grants permission to create an Amazon Connect client add-in within a directory", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateConnectClientAddIn.html" + }, + "CreateConnectionAlias": { + "privilege": "CreateConnectionAlias", + "description": "Grants permission to create connection aliases for use with cross-Region redirection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateConnectionAlias.html" + }, + "CreateIpGroup": { + "privilege": "CreateIpGroup", + "description": "Grants permission to create IP access control groups", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateIpGroup.html" + }, + "CreateStandbyWorkspaces": { + "privilege": "CreateStandbyWorkspaces", + "description": "Grants permission to create one or more Standby WorkSpaces", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid", + "workspaceid": "workspaceid", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateStandbyWorkspaces.html" + }, + "CreateTags": { + "privilege": "CreateTags", + "description": "Grants permission to create tags for WorkSpaces resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateTags.html" + }, + "CreateUpdatedWorkspaceImage": { + "privilege": "CreateUpdatedWorkspaceImage", + "description": "Grants permission to create an updated WorkSpace image", + "access_level": "Write", + "resource_types": { + "workspaceimage": { + "resource_type": "workspaceimage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceimage": "workspaceimage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateUpdatedWorkspaceImage.html" + }, + "CreateWorkspaceBundle": { + "privilege": "CreateWorkspaceBundle", + "description": "Grants permission to create a WorkSpace bundle", + "access_level": "Write", + "resource_types": { + "workspacebundle": { + "resource_type": "workspacebundle", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "workspaces:CreateTags" + ] + }, + "workspaceimage": { + "resource_type": "workspaceimage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspacebundle": "workspacebundle", + "workspaceimage": "workspaceimage", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateWorkspaceBundle.html" + }, + "CreateWorkspaceImage": { + "privilege": "CreateWorkspaceImage", + "description": "Grants permission to create a new WorkSpace image", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateWorkspaceImage.html" + }, + "CreateWorkspaces": { + "privilege": "CreateWorkspaces", + "description": "Grants permission to create one or more WorkSpaces", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspacebundle": { + "resource_type": "workspacebundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid", + "workspacebundle": "workspacebundle", + "workspaceid": "workspaceid", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateWorkspaces.html" + }, + "DeleteClientBranding": { + "privilege": "DeleteClientBranding", + "description": "Grants permission to delete AWS WorkSpaces Client branding data within a directory", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteClientBranding.html" + }, + "DeleteConnectClientAddIn": { + "privilege": "DeleteConnectClientAddIn", + "description": "Grants permission to delete an Amazon Connect client add-in that is configured within a directory", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteConnectClientAddIn.html" + }, + "DeleteConnectionAlias": { + "privilege": "DeleteConnectionAlias", + "description": "Grants permission to delete connection aliases", + "access_level": "Write", + "resource_types": { + "connectionalias": { + "resource_type": "connectionalias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectionalias": "connectionalias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteConnectionAlias.html" + }, + "DeleteIpGroup": { + "privilege": "DeleteIpGroup", + "description": "Grants permission to delete IP access control groups", + "access_level": "Write", + "resource_types": { + "workspaceipgroup": { + "resource_type": "workspaceipgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceipgroup": "workspaceipgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteIpGroup.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete tags from WorkSpaces resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteTags.html" + }, + "DeleteWorkspaceBundle": { + "privilege": "DeleteWorkspaceBundle", + "description": "Grants permission to delete WorkSpace bundles", + "access_level": "Write", + "resource_types": { + "workspacebundle": { + "resource_type": "workspacebundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspacebundle": "workspacebundle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteWorkspaceBundle.html" + }, + "DeleteWorkspaceImage": { + "privilege": "DeleteWorkspaceImage", + "description": "Grants permission to delete WorkSpace images", + "access_level": "Write", + "resource_types": { + "workspaceimage": { + "resource_type": "workspaceimage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceimage": "workspaceimage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeleteWorkspaceImage.html" + }, + "DeregisterWorkspaceDirectory": { + "privilege": "DeregisterWorkspaceDirectory", + "description": "Grants permission to deregister directories from use with Amazon WorkSpaces", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DeregisterWorkspaceDirectory.html" + }, + "DescribeAccount": { + "privilege": "DescribeAccount", + "description": "Grants permission to retrieve the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeAccount.html" + }, + "DescribeAccountModifications": { + "privilege": "DescribeAccountModifications", + "description": "Grants permission to retrieve modifications to the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeAccountModifications.html" + }, + "DescribeClientBranding": { + "privilege": "DescribeClientBranding", + "description": "Grants permission to retrieve AWS WorkSpaces Client branding data within a directory", + "access_level": "Read", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeClientBranding.html" + }, + "DescribeClientProperties": { + "privilege": "DescribeClientProperties", + "description": "Grants permission to retrieve information about WorkSpaces clients", + "access_level": "List", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeClientProperties.html" + }, + "DescribeConnectClientAddIns": { + "privilege": "DescribeConnectClientAddIns", + "description": "Grants permission to retrieve a list of Amazon Connect client add-ins that have been created", + "access_level": "List", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeConnectClientAddIns.html" + }, + "DescribeConnectionAliasPermissions": { + "privilege": "DescribeConnectionAliasPermissions", + "description": "Grants permission to retrieve the permissions that the owners of connection aliases have granted to other AWS accounts for connection aliases", + "access_level": "Read", + "resource_types": { + "connectionalias": { + "resource_type": "connectionalias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectionalias": "connectionalias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeConnectionAliasPermissions.html" + }, + "DescribeConnectionAliases": { + "privilege": "DescribeConnectionAliases", + "description": "Grants permission to retrieve a list that describes the connection aliases used for cross-Region redirection", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeConnectionAliases.html" + }, + "DescribeIpGroups": { + "privilege": "DescribeIpGroups", + "description": "Grants permission to retrieve information about IP access control groups", + "access_level": "Read", + "resource_types": { + "workspaceipgroup": { + "resource_type": "workspaceipgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceipgroup": "workspaceipgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeIpGroups.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to describe the tags for WorkSpaces resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeTags.html" + }, + "DescribeWorkspaceBundles": { + "privilege": "DescribeWorkspaceBundles", + "description": "Grants permission to obtain information about WorkSpace bundles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceBundles.html" + }, + "DescribeWorkspaceDirectories": { + "privilege": "DescribeWorkspaceDirectories", + "description": "Grants permission to retrieve information about directories that are registered with WorkSpaces", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceDirectories.html" + }, + "DescribeWorkspaceImagePermissions": { + "privilege": "DescribeWorkspaceImagePermissions", + "description": "Grants permission to retrieve information about WorkSpace image permissions", + "access_level": "Read", + "resource_types": { + "workspaceimage": { + "resource_type": "workspaceimage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceimage": "workspaceimage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceImagePermissions.html" + }, + "DescribeWorkspaceImages": { + "privilege": "DescribeWorkspaceImages", + "description": "Grants permission to retrieve information about WorkSpace images", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceImages.html" + }, + "DescribeWorkspaceSnapshots": { + "privilege": "DescribeWorkspaceSnapshots", + "description": "Grants permission to retrieve information about WorkSpace snapshots", + "access_level": "List", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaceSnapshots.html" + }, + "DescribeWorkspaces": { + "privilege": "DescribeWorkspaces", + "description": "Grants permission to obtain information about WorkSpaces", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspaces.html" + }, + "DescribeWorkspacesConnectionStatus": { + "privilege": "DescribeWorkspacesConnectionStatus", + "description": "Grants permission to obtain the connection status of WorkSpaces", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DescribeWorkspacesConnectionStatus.html" + }, + "DisassociateConnectionAlias": { + "privilege": "DisassociateConnectionAlias", + "description": "Grants permission to disassociate connection aliases from directories", + "access_level": "Write", + "resource_types": { + "connectionalias": { + "resource_type": "connectionalias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectionalias": "connectionalias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DisassociateConnectionAlias.html" + }, + "DisassociateIpGroups": { + "privilege": "DisassociateIpGroups", + "description": "Grants permission to disassociate IP access control groups from directories", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspaceipgroup": { + "resource_type": "workspaceipgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid", + "workspaceipgroup": "workspaceipgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_DisassociateIpGroups.html" + }, + "ImportClientBranding": { + "privilege": "ImportClientBranding", + "description": "Grants permission to import AWS WorkSpaces Client branding data within a directory", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ImportClientBranding.html" + }, + "ImportWorkspaceImage": { + "privilege": "ImportWorkspaceImage", + "description": "Grants permission to import Bring Your Own License (BYOL) images into Amazon WorkSpaces", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeImages", + "ec2:ModifyImageAttribute" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ImportWorkspaceImage.html" + }, + "ListAvailableManagementCidrRanges": { + "privilege": "ListAvailableManagementCidrRanges", + "description": "Grants permission to list the available CIDR ranges for enabling Bring Your Own License (BYOL) for WorkSpaces accounts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ListAvailableManagementCidrRanges.html" + }, + "MigrateWorkspace": { + "privilege": "MigrateWorkspace", + "description": "Grants permission to migrate WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspacebundle": { + "resource_type": "workspacebundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspacebundle": "workspacebundle", + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_MigrateWorkspace.html" + }, + "ModifyAccount": { + "privilege": "ModifyAccount", + "description": "Grants permission to modify the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyAccount.html" + }, + "ModifyCertificateBasedAuthProperties": { + "privilege": "ModifyCertificateBasedAuthProperties", + "description": "Grants permission to modify the certificate-based authorization properties of a directory", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyCertificateBasedAuthProperties.html" + }, + "ModifyClientProperties": { + "privilege": "ModifyClientProperties", + "description": "Grants permission to modify the properties of WorkSpaces clients", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyClientProperties.html" + }, + "ModifySamlProperties": { + "privilege": "ModifySamlProperties", + "description": "Grants permission to modify the SAML properties of a directory", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifySamlProperties.html" + }, + "ModifySelfservicePermissions": { + "privilege": "ModifySelfservicePermissions", + "description": "Grants permission to modify the self-service WorkSpace management capabilities for your users", + "access_level": "Permissions management", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifySelfservicePermissions.html" + }, + "ModifyWorkspaceAccessProperties": { + "privilege": "ModifyWorkspaceAccessProperties", + "description": "Grants permission to specify which devices and operating systems users can use to access their WorkSpaces", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceAccessProperties.html" + }, + "ModifyWorkspaceCreationProperties": { + "privilege": "ModifyWorkspaceCreationProperties", + "description": "Grants permission to modify the default properties used to create WorkSpaces", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceCreationProperties.html" + }, + "ModifyWorkspaceProperties": { + "privilege": "ModifyWorkspaceProperties", + "description": "Grants permission to modify WorkSpace properties, including the running mode and the AutoStop period", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceProperties.html" + }, + "ModifyWorkspaceState": { + "privilege": "ModifyWorkspaceState", + "description": "Grants permission to modify the state of WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyWorkspaceState.html" + }, + "RebootWorkspaces": { + "privilege": "RebootWorkspaces", + "description": "Grants permission to reboot WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RebootWorkspaces.html" + }, + "RebuildWorkspaces": { + "privilege": "RebuildWorkspaces", + "description": "Grants permission to rebuild WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RebuildWorkspaces.html" + }, + "RegisterWorkspaceDirectory": { + "privilege": "RegisterWorkspaceDirectory", + "description": "Grants permission to register directories for use with Amazon WorkSpaces", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RegisterWorkspaceDirectory.html" + }, + "RestoreWorkspace": { + "privilege": "RestoreWorkspace", + "description": "Grants permission to restore WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RestoreWorkspace.html" + }, + "RevokeIpRules": { + "privilege": "RevokeIpRules", + "description": "Grants permission to remove rules from IP access control groups", + "access_level": "Write", + "resource_types": { + "workspaceipgroup": { + "resource_type": "workspaceipgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceipgroup": "workspaceipgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_RevokeIpRules.html" + }, + "StartWorkspaces": { + "privilege": "StartWorkspaces", + "description": "Grants permission to start AutoStop WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_StartWorkspaces.html" + }, + "StopWorkspaces": { + "privilege": "StopWorkspaces", + "description": "Grants permission to stop AutoStop WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_StopWorkspaces.html" + }, + "Stream": { + "privilege": "Stream", + "description": "Grants permission to federated users to sign in by using their existing credentials and stream their workspace", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "workspaces:userId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_Stream.html" + }, + "TerminateWorkspaces": { + "privilege": "TerminateWorkspaces", + "description": "Grants permission to terminate WorkSpaces", + "access_level": "Write", + "resource_types": { + "workspaceid": { + "resource_type": "workspaceid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceid": "workspaceid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_TerminateWorkspaces.html" + }, + "UpdateConnectClientAddIn": { + "privilege": "UpdateConnectClientAddIn", + "description": "Grants permission to update an Amazon Connect client add-in. Use this action to update the name and endpoint URL of an Amazon Connect client add-in", + "access_level": "Write", + "resource_types": { + "directoryid": { + "resource_type": "directoryid", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directoryid": "directoryid" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateConnectClientAddIn.html" + }, + "UpdateConnectionAliasPermission": { + "privilege": "UpdateConnectionAliasPermission", + "description": "Grants permission to share or unshare connection aliases with other accounts", + "access_level": "Permissions management", + "resource_types": { + "connectionalias": { + "resource_type": "connectionalias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectionalias": "connectionalias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateConnectionAliasPermission.html" + }, + "UpdateRulesOfIpGroup": { + "privilege": "UpdateRulesOfIpGroup", + "description": "Grants permission to replace rules for IP access control groups", + "access_level": "Write", + "resource_types": { + "workspaceipgroup": { + "resource_type": "workspaceipgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceipgroup": "workspaceipgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateRulesOfIpGroup.html" + }, + "UpdateWorkspaceBundle": { + "privilege": "UpdateWorkspaceBundle", + "description": "Grants permission to update the WorkSpace images used in WorkSpace bundles", + "access_level": "Write", + "resource_types": { + "workspacebundle": { + "resource_type": "workspacebundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspaceimage": { + "resource_type": "workspaceimage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspacebundle": "workspacebundle", + "workspaceimage": "workspaceimage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateWorkspaceBundle.html" + }, + "UpdateWorkspaceImagePermission": { + "privilege": "UpdateWorkspaceImagePermission", + "description": "Grants permission to share or unshare WorkSpace images with other accounts by specifying whether other accounts have permission to copy the image", + "access_level": "Permissions management", + "resource_types": { + "workspaceimage": { + "resource_type": "workspaceimage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspaceimage": "workspaceimage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces/latest/api/API_UpdateWorkspaceImagePermission.html" + } + }, + "privileges_lower_name": { + "associateconnectionalias": "AssociateConnectionAlias", + "associateipgroups": "AssociateIpGroups", + "authorizeiprules": "AuthorizeIpRules", + "copyworkspaceimage": "CopyWorkspaceImage", + "createconnectclientaddin": "CreateConnectClientAddIn", + "createconnectionalias": "CreateConnectionAlias", + "createipgroup": "CreateIpGroup", + "createstandbyworkspaces": "CreateStandbyWorkspaces", + "createtags": "CreateTags", + "createupdatedworkspaceimage": "CreateUpdatedWorkspaceImage", + "createworkspacebundle": "CreateWorkspaceBundle", + "createworkspaceimage": "CreateWorkspaceImage", + "createworkspaces": "CreateWorkspaces", + "deleteclientbranding": "DeleteClientBranding", + "deleteconnectclientaddin": "DeleteConnectClientAddIn", + "deleteconnectionalias": "DeleteConnectionAlias", + "deleteipgroup": "DeleteIpGroup", + "deletetags": "DeleteTags", + "deleteworkspacebundle": "DeleteWorkspaceBundle", + "deleteworkspaceimage": "DeleteWorkspaceImage", + "deregisterworkspacedirectory": "DeregisterWorkspaceDirectory", + "describeaccount": "DescribeAccount", + "describeaccountmodifications": "DescribeAccountModifications", + "describeclientbranding": "DescribeClientBranding", + "describeclientproperties": "DescribeClientProperties", + "describeconnectclientaddins": "DescribeConnectClientAddIns", + "describeconnectionaliaspermissions": "DescribeConnectionAliasPermissions", + "describeconnectionaliases": "DescribeConnectionAliases", + "describeipgroups": "DescribeIpGroups", + "describetags": "DescribeTags", + "describeworkspacebundles": "DescribeWorkspaceBundles", + "describeworkspacedirectories": "DescribeWorkspaceDirectories", + "describeworkspaceimagepermissions": "DescribeWorkspaceImagePermissions", + "describeworkspaceimages": "DescribeWorkspaceImages", + "describeworkspacesnapshots": "DescribeWorkspaceSnapshots", + "describeworkspaces": "DescribeWorkspaces", + "describeworkspacesconnectionstatus": "DescribeWorkspacesConnectionStatus", + "disassociateconnectionalias": "DisassociateConnectionAlias", + "disassociateipgroups": "DisassociateIpGroups", + "importclientbranding": "ImportClientBranding", + "importworkspaceimage": "ImportWorkspaceImage", + "listavailablemanagementcidrranges": "ListAvailableManagementCidrRanges", + "migrateworkspace": "MigrateWorkspace", + "modifyaccount": "ModifyAccount", + "modifycertificatebasedauthproperties": "ModifyCertificateBasedAuthProperties", + "modifyclientproperties": "ModifyClientProperties", + "modifysamlproperties": "ModifySamlProperties", + "modifyselfservicepermissions": "ModifySelfservicePermissions", + "modifyworkspaceaccessproperties": "ModifyWorkspaceAccessProperties", + "modifyworkspacecreationproperties": "ModifyWorkspaceCreationProperties", + "modifyworkspaceproperties": "ModifyWorkspaceProperties", + "modifyworkspacestate": "ModifyWorkspaceState", + "rebootworkspaces": "RebootWorkspaces", + "rebuildworkspaces": "RebuildWorkspaces", + "registerworkspacedirectory": "RegisterWorkspaceDirectory", + "restoreworkspace": "RestoreWorkspace", + "revokeiprules": "RevokeIpRules", + "startworkspaces": "StartWorkspaces", + "stopworkspaces": "StopWorkspaces", + "stream": "Stream", + "terminateworkspaces": "TerminateWorkspaces", + "updateconnectclientaddin": "UpdateConnectClientAddIn", + "updateconnectionaliaspermission": "UpdateConnectionAliasPermission", + "updaterulesofipgroup": "UpdateRulesOfIpGroup", + "updateworkspacebundle": "UpdateWorkspaceBundle", + "updateworkspaceimagepermission": "UpdateWorkspaceImagePermission" + }, + "resources": { + "directoryid": { + "resource": "directoryid", + "arn": "arn:${Partition}:workspaces:${Region}:${Account}:directory/${DirectoryId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workspacebundle": { + "resource": "workspacebundle", + "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspacebundle/${BundleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workspaceid": { + "resource": "workspaceid", + "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspace/${WorkspaceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workspaceimage": { + "resource": "workspaceimage", + "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspaceimage/${ImageId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workspaceipgroup": { + "resource": "workspaceipgroup", + "arn": "arn:${Partition}:workspaces:${Region}:${Account}:workspaceipgroup/${GroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "connectionalias": { + "resource": "connectionalias", + "arn": "arn:${Partition}:workspaces:${Region}:${Account}:connectionalias/${ConnectionAliasId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "directoryid": "directoryid", + "workspacebundle": "workspacebundle", + "workspaceid": "workspaceid", + "workspaceimage": "workspaceimage", + "workspaceipgroup": "workspaceipgroup", + "connectionalias": "connectionalias" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "workspaces:userId": { + "condition": "workspaces:userId", + "description": "Filters access by the ID of the Workspaces user", + "type": "String" + } + } + }, + "wam": { + "service_name": "Amazon WorkSpaces Application Manager", + "prefix": "wam", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspacesapplicationmanager.html", + "privileges": { + "AuthenticatePackager": { + "privilege": "AuthenticatePackager", + "description": "Allows the Amazon WAM packaging instance to access your application package catalog.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wam/latest/adminguide/iam.html" + } + }, + "privileges_lower_name": { + "authenticatepackager": "AuthenticatePackager" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "workspaces-web": { + "service_name": "Amazon WorkSpaces Web", + "prefix": "workspaces-web", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspacesweb.html", + "privileges": { + "AssociateBrowserSettings": { + "privilege": "AssociateBrowserSettings", + "description": "Grants permission to associate browser settings to web portals", + "access_level": "Write", + "resource_types": { + "browserSettings": { + "resource_type": "browserSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "browsersettings": "browserSettings", + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateBrowserSettings.html" + }, + "AssociateIpAccessSettings": { + "privilege": "AssociateIpAccessSettings", + "description": "Grants permission to associate ip access settings with web portals", + "access_level": "Write", + "resource_types": { + "ipAccessSettings": { + "resource_type": "ipAccessSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipaccesssettings": "ipAccessSettings", + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateIpAccessSettings.html" + }, + "AssociateNetworkSettings": { + "privilege": "AssociateNetworkSettings", + "description": "Grants permission to associate network settings to web portals", + "access_level": "Write", + "resource_types": { + "networkSettings": { + "resource_type": "networkSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:CreateTags", + "ec2:DeleteNetworkInterface", + "ec2:DeleteNetworkInterfacePermission", + "ec2:ModifyNetworkInterfaceAttribute" + ] + }, + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networksettings": "networkSettings", + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateNetworkSettings.html" + }, + "AssociateTrustStore": { + "privilege": "AssociateTrustStore", + "description": "Grants permission to associate trust stores with web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "trustStore": { + "resource_type": "trustStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal", + "truststore": "trustStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateTrustStore.html" + }, + "AssociateUserAccessLoggingSettings": { + "privilege": "AssociateUserAccessLoggingSettings", + "description": "Grants permission to associate user access logging settings with web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kinesis:PutRecord", + "kinesis:PutRecords" + ] + }, + "userAccessLoggingSettings": { + "resource_type": "userAccessLoggingSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal", + "useraccessloggingsettings": "userAccessLoggingSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateUserAccessLoggingSettings.html" + }, + "AssociateUserSettings": { + "privilege": "AssociateUserSettings", + "description": "Grants permission to associate user settings with web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "userSettings": { + "resource_type": "userSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal", + "usersettings": "userSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_AssociateUserSettings.html" + }, + "CreateBrowserSettings": { + "privilege": "CreateBrowserSettings", + "description": "Grants permission to create browser settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateBrowserSettings.html" + }, + "CreateIdentityProvider": { + "privilege": "CreateIdentityProvider", + "description": "Grants permission to create identity providers", + "access_level": "Write", + "resource_types": { + "identityProvider": { + "resource_type": "identityProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identityprovider": "identityProvider", + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateIdentityProvider.html" + }, + "CreateIpAccessSettings": { + "privilege": "CreateIpAccessSettings", + "description": "Grants permission to create ip access settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateIpAccessSettings.html" + }, + "CreateNetworkSettings": { + "privilege": "CreateNetworkSettings", + "description": "Grants permission to create network settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateNetworkSettings.html" + }, + "CreatePortal": { + "privilege": "CreatePortal", + "description": "Grants permission to create web portals", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:GenerateDataKey" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreatePortal.html" + }, + "CreateTrustStore": { + "privilege": "CreateTrustStore", + "description": "Grants permission to create trust stores", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateTrustStore.html" + }, + "CreateUserAccessLoggingSettings": { + "privilege": "CreateUserAccessLoggingSettings", + "description": "Grants permission to create user access logging settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateUserAccessLoggingSettings.html" + }, + "CreateUserSettings": { + "privilege": "CreateUserSettings", + "description": "Grants permission to create user settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_CreateUserSettings.html" + }, + "DeleteBrowserSettings": { + "privilege": "DeleteBrowserSettings", + "description": "Grants permission to delete browser settings", + "access_level": "Write", + "resource_types": { + "browserSettings": { + "resource_type": "browserSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "browsersettings": "browserSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteBrowserSettings.html" + }, + "DeleteIdentityProvider": { + "privilege": "DeleteIdentityProvider", + "description": "Grants permission to delete identity providers", + "access_level": "Write", + "resource_types": { + "identityProvider": { + "resource_type": "identityProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identityprovider": "identityProvider", + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteIdentityProvider.html" + }, + "DeleteIpAccessSettings": { + "privilege": "DeleteIpAccessSettings", + "description": "Grants permission to delete ip access settings", + "access_level": "Write", + "resource_types": { + "ipAccessSettings": { + "resource_type": "ipAccessSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipaccesssettings": "ipAccessSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteIpAccessSettings.html" + }, + "DeleteNetworkSettings": { + "privilege": "DeleteNetworkSettings", + "description": "Grants permission to delete network settings", + "access_level": "Write", + "resource_types": { + "networkSettings": { + "resource_type": "networkSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networksettings": "networkSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteNetworkSettings.html" + }, + "DeletePortal": { + "privilege": "DeletePortal", + "description": "Grants permission to delete web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeletePortal.html" + }, + "DeleteTrustStore": { + "privilege": "DeleteTrustStore", + "description": "Grants permission to delete trust stores", + "access_level": "Write", + "resource_types": { + "trustStore": { + "resource_type": "trustStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "truststore": "trustStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteTrustStore.html" + }, + "DeleteUserAccessLoggingSettings": { + "privilege": "DeleteUserAccessLoggingSettings", + "description": "Grants permission to delete user access logging settings", + "access_level": "Write", + "resource_types": { + "userAccessLoggingSettings": { + "resource_type": "userAccessLoggingSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "useraccessloggingsettings": "userAccessLoggingSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteUserAccessLoggingSettings.html" + }, + "DeleteUserSettings": { + "privilege": "DeleteUserSettings", + "description": "Grants permission to delete user settings", + "access_level": "Write", + "resource_types": { + "userSettings": { + "resource_type": "userSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usersettings": "userSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DeleteUserSettings.html" + }, + "DisassociateBrowserSettings": { + "privilege": "DisassociateBrowserSettings", + "description": "Grants permission to disassociate browser settings from web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateBrowserSettings.html" + }, + "DisassociateIpAccessSettings": { + "privilege": "DisassociateIpAccessSettings", + "description": "Grants permission to disassociate ip access logging from web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateIpAccessSettings.html" + }, + "DisassociateNetworkSettings": { + "privilege": "DisassociateNetworkSettings", + "description": "Grants permission to disassociate network settings from web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateNetworkSettings.html" + }, + "DisassociateTrustStore": { + "privilege": "DisassociateTrustStore", + "description": "Grants permission to disassociate trust stores from web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateTrustStore.html" + }, + "DisassociateUserAccessLoggingSettings": { + "privilege": "DisassociateUserAccessLoggingSettings", + "description": "Grants permission to disassociate user access logging settings from web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateUserAccessLoggingSettings.html" + }, + "DisassociateUserSettings": { + "privilege": "DisassociateUserSettings", + "description": "Grants permission to disassociate user settings from web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_DisassociateUserSettings.html" + }, + "GetBrowserSettings": { + "privilege": "GetBrowserSettings", + "description": "Grants permission to get details on browser settings", + "access_level": "Read", + "resource_types": { + "browserSettings": { + "resource_type": "browserSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "browsersettings": "browserSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetBrowserSettings.html" + }, + "GetIdentityProvider": { + "privilege": "GetIdentityProvider", + "description": "Grants permission to get details on identity providers", + "access_level": "Read", + "resource_types": { + "identityProvider": { + "resource_type": "identityProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identityprovider": "identityProvider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetIdentityProvider.html" + }, + "GetIpAccessSettings": { + "privilege": "GetIpAccessSettings", + "description": "Grants permission to get details on ip access settings", + "access_level": "Read", + "resource_types": { + "ipAccessSettings": { + "resource_type": "ipAccessSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipaccesssettings": "ipAccessSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetIpAccessSettings.html" + }, + "GetNetworkSettings": { + "privilege": "GetNetworkSettings", + "description": "Grants permission to get details on network settings", + "access_level": "Read", + "resource_types": { + "networkSettings": { + "resource_type": "networkSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networksettings": "networkSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetNetworkSettings.html" + }, + "GetPortal": { + "privilege": "GetPortal", + "description": "Grants permission to get details on web portals", + "access_level": "Read", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetPortal.html" + }, + "GetPortalServiceProviderMetadata": { + "privilege": "GetPortalServiceProviderMetadata", + "description": "Grants permission to get service provider metadata information for web portals", + "access_level": "Read", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetPortalServiceProviderMetadata.html" + }, + "GetTrustStore": { + "privilege": "GetTrustStore", + "description": "Grants permission to get details on trust stores", + "access_level": "Read", + "resource_types": { + "trustStore": { + "resource_type": "trustStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "truststore": "trustStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetTrustStore.html" + }, + "GetTrustStoreCertificate": { + "privilege": "GetTrustStoreCertificate", + "description": "Grants permission to get certificates from trust stores", + "access_level": "Read", + "resource_types": { + "trustStore": { + "resource_type": "trustStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "truststore": "trustStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetTrustStoreCertificate.html" + }, + "GetUserAccessLoggingSettings": { + "privilege": "GetUserAccessLoggingSettings", + "description": "Grants permission to get details on user access logging settings", + "access_level": "Read", + "resource_types": { + "userAccessLoggingSettings": { + "resource_type": "userAccessLoggingSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "useraccessloggingsettings": "userAccessLoggingSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetUserAccessLoggingSettings.html" + }, + "GetUserSettings": { + "privilege": "GetUserSettings", + "description": "Grants permission to get details on user settings", + "access_level": "Read", + "resource_types": { + "userSettings": { + "resource_type": "userSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usersettings": "userSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_GetUserSettings.html" + }, + "ListBrowserSettings": { + "privilege": "ListBrowserSettings", + "description": "Grants permission to list browser settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListBrowserSettings.html" + }, + "ListIdentityProviders": { + "privilege": "ListIdentityProviders", + "description": "Grants permission to list identity providers", + "access_level": "Read", + "resource_types": { + "identityProvider": { + "resource_type": "identityProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identityprovider": "identityProvider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListIdentityProviders.html" + }, + "ListIpAccessSettings": { + "privilege": "ListIpAccessSettings", + "description": "Grants permission to list ip access settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListIpAccessSettings.html" + }, + "ListNetworkSettings": { + "privilege": "ListNetworkSettings", + "description": "Grants permission to list network settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListNetworkSettings.html" + }, + "ListPortals": { + "privilege": "ListPortals", + "description": "Grants permission to list web portals", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListPortals.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTrustStoreCertificates": { + "privilege": "ListTrustStoreCertificates", + "description": "Grants permission to list certificates in a trust store", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListTrustStoreCertificates.html" + }, + "ListTrustStores": { + "privilege": "ListTrustStores", + "description": "Grants permission to list trust stores", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListTrustStores.html" + }, + "ListUserAccessLoggingSettings": { + "privilege": "ListUserAccessLoggingSettings", + "description": "Grants permission to list user access logging settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListUserAccessLoggingSettings.html" + }, + "ListUserSettings": { + "privilege": "ListUserSettings", + "description": "Grants permission to list user settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_ListUserSettings.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a resource", + "access_level": "Tagging", + "resource_types": { + "browserSettings": { + "resource_type": "browserSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ipAccessSettings": { + "resource_type": "ipAccessSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "networkSettings": { + "resource_type": "networkSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trustStore": { + "resource_type": "trustStore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "userAccessLoggingSettings": { + "resource_type": "userAccessLoggingSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "userSettings": { + "resource_type": "userSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "browsersettings": "browserSettings", + "ipaccesssettings": "ipAccessSettings", + "networksettings": "networkSettings", + "portal": "portal", + "truststore": "trustStore", + "useraccessloggingsettings": "userAccessLoggingSettings", + "usersettings": "userSettings", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a resource", + "access_level": "Tagging", + "resource_types": { + "browserSettings": { + "resource_type": "browserSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ipAccessSettings": { + "resource_type": "ipAccessSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "networkSettings": { + "resource_type": "networkSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trustStore": { + "resource_type": "trustStore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "userAccessLoggingSettings": { + "resource_type": "userAccessLoggingSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "userSettings": { + "resource_type": "userSettings", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "browsersettings": "browserSettings", + "ipaccesssettings": "ipAccessSettings", + "networksettings": "networkSettings", + "portal": "portal", + "truststore": "trustStore", + "useraccessloggingsettings": "userAccessLoggingSettings", + "usersettings": "userSettings", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UntagResource.html" + }, + "UpdateBrowserSettings": { + "privilege": "UpdateBrowserSettings", + "description": "Grants permission to update browser settings", + "access_level": "Write", + "resource_types": { + "browserSettings": { + "resource_type": "browserSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "browsersettings": "browserSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateBrowserSettings.html" + }, + "UpdateIdentityProvider": { + "privilege": "UpdateIdentityProvider", + "description": "Grants permission to update identity provider", + "access_level": "Write", + "resource_types": { + "identityProvider": { + "resource_type": "identityProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identityprovider": "identityProvider", + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateIdentityProvider.html" + }, + "UpdateIpAccessSettings": { + "privilege": "UpdateIpAccessSettings", + "description": "Grants permission to update ip access settings", + "access_level": "Write", + "resource_types": { + "ipAccessSettings": { + "resource_type": "ipAccessSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipaccesssettings": "ipAccessSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateIpAccessSettings.html" + }, + "UpdateNetworkSettings": { + "privilege": "UpdateNetworkSettings", + "description": "Grants permission to update network settings", + "access_level": "Write", + "resource_types": { + "networkSettings": { + "resource_type": "networkSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:CreateTags", + "ec2:DeleteNetworkInterface", + "ec2:DeleteNetworkInterfacePermission", + "ec2:ModifyNetworkInterfaceAttribute" + ] + } + }, + "resource_types_lower_name": { + "networksettings": "networkSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateNetworkSettings.html" + }, + "UpdatePortal": { + "privilege": "UpdatePortal", + "description": "Grants permission to update web portals", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdatePortal.html" + }, + "UpdateTrustStore": { + "privilege": "UpdateTrustStore", + "description": "Grants permission to update trust stores", + "access_level": "Write", + "resource_types": { + "trustStore": { + "resource_type": "trustStore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "truststore": "trustStore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateTrustStore.html" + }, + "UpdateUserAccessLoggingSettings": { + "privilege": "UpdateUserAccessLoggingSettings", + "description": "Grants permission to update user access logging settings", + "access_level": "Write", + "resource_types": { + "userAccessLoggingSettings": { + "resource_type": "userAccessLoggingSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kinesis:PutRecord", + "kinesis:PutRecords" + ] + } + }, + "resource_types_lower_name": { + "useraccessloggingsettings": "userAccessLoggingSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateUserAccessLoggingSettings.html" + }, + "UpdateUserSettings": { + "privilege": "UpdateUserSettings", + "description": "Grants permission to update user settings", + "access_level": "Write", + "resource_types": { + "userSettings": { + "resource_type": "userSettings", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "usersettings": "userSettings" + }, + "api_documentation_link": "https://docs.aws.amazon.com/workspaces-web/latest/APIReference/API_UpdateUserSettings.html" + } + }, + "privileges_lower_name": { + "associatebrowsersettings": "AssociateBrowserSettings", + "associateipaccesssettings": "AssociateIpAccessSettings", + "associatenetworksettings": "AssociateNetworkSettings", + "associatetruststore": "AssociateTrustStore", + "associateuseraccessloggingsettings": "AssociateUserAccessLoggingSettings", + "associateusersettings": "AssociateUserSettings", + "createbrowsersettings": "CreateBrowserSettings", + "createidentityprovider": "CreateIdentityProvider", + "createipaccesssettings": "CreateIpAccessSettings", + "createnetworksettings": "CreateNetworkSettings", + "createportal": "CreatePortal", + "createtruststore": "CreateTrustStore", + "createuseraccessloggingsettings": "CreateUserAccessLoggingSettings", + "createusersettings": "CreateUserSettings", + "deletebrowsersettings": "DeleteBrowserSettings", + "deleteidentityprovider": "DeleteIdentityProvider", + "deleteipaccesssettings": "DeleteIpAccessSettings", + "deletenetworksettings": "DeleteNetworkSettings", + "deleteportal": "DeletePortal", + "deletetruststore": "DeleteTrustStore", + "deleteuseraccessloggingsettings": "DeleteUserAccessLoggingSettings", + "deleteusersettings": "DeleteUserSettings", + "disassociatebrowsersettings": "DisassociateBrowserSettings", + "disassociateipaccesssettings": "DisassociateIpAccessSettings", + "disassociatenetworksettings": "DisassociateNetworkSettings", + "disassociatetruststore": "DisassociateTrustStore", + "disassociateuseraccessloggingsettings": "DisassociateUserAccessLoggingSettings", + "disassociateusersettings": "DisassociateUserSettings", + "getbrowsersettings": "GetBrowserSettings", + "getidentityprovider": "GetIdentityProvider", + "getipaccesssettings": "GetIpAccessSettings", + "getnetworksettings": "GetNetworkSettings", + "getportal": "GetPortal", + "getportalserviceprovidermetadata": "GetPortalServiceProviderMetadata", + "gettruststore": "GetTrustStore", + "gettruststorecertificate": "GetTrustStoreCertificate", + "getuseraccessloggingsettings": "GetUserAccessLoggingSettings", + "getusersettings": "GetUserSettings", + "listbrowsersettings": "ListBrowserSettings", + "listidentityproviders": "ListIdentityProviders", + "listipaccesssettings": "ListIpAccessSettings", + "listnetworksettings": "ListNetworkSettings", + "listportals": "ListPortals", + "listtagsforresource": "ListTagsForResource", + "listtruststorecertificates": "ListTrustStoreCertificates", + "listtruststores": "ListTrustStores", + "listuseraccessloggingsettings": "ListUserAccessLoggingSettings", + "listusersettings": "ListUserSettings", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatebrowsersettings": "UpdateBrowserSettings", + "updateidentityprovider": "UpdateIdentityProvider", + "updateipaccesssettings": "UpdateIpAccessSettings", + "updatenetworksettings": "UpdateNetworkSettings", + "updateportal": "UpdatePortal", + "updatetruststore": "UpdateTrustStore", + "updateuseraccessloggingsettings": "UpdateUserAccessLoggingSettings", + "updateusersettings": "UpdateUserSettings" + }, + "resources": { + "browserSettings": { + "resource": "browserSettings", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:browserSettings/${BrowserSettingsId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "identityProvider": { + "resource": "identityProvider", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:identityProvider/${PortalId}/${IdentityProviderId}", + "condition_keys": [] + }, + "networkSettings": { + "resource": "networkSettings", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:networkSettings/${NetworkSettingsId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "portal": { + "resource": "portal", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:portal/${PortalId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "trustStore": { + "resource": "trustStore", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:trustStore/${TrustStoreId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "userSettings": { + "resource": "userSettings", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:userSettings/${UserSettingsId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "userAccessLoggingSettings": { + "resource": "userAccessLoggingSettings", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:userAccessLoggingSettings/${UserAccessLoggingSettingsId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ipAccessSettings": { + "resource": "ipAccessSettings", + "arn": "arn:${Partition}:workspaces-web:${Region}:${Account}:ipAccessSettings/${IpAccessSettingsId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "browsersettings": "browserSettings", + "identityprovider": "identityProvider", + "networksettings": "networkSettings", + "portal": "portal", + "truststore": "trustStore", + "usersettings": "userSettings", + "useraccessloggingsettings": "userAccessLoggingSettings", + "ipaccesssettings": "ipAccessSettings" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "kafka-cluster": { + "service_name": "Apache Kafka APIs for Amazon MSK clusters", + "prefix": "kafka-cluster", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_apachekafkaapisforamazonmskclusters.html", + "privileges": { + "AlterCluster": { + "privilege": "AlterCluster", + "description": "Grants permission to alter various aspects of the cluster, equivalent to Apache Kafka's ALTER CLUSTER ACL", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeCluster" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "AlterClusterDynamicConfiguration": { + "privilege": "AlterClusterDynamicConfiguration", + "description": "Grants permission to alter the dynamic configuration of a cluster, equivalent to Apache Kafka's ALTER_CONFIGS CLUSTER ACL", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeClusterDynamicConfiguration" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "AlterGroup": { + "privilege": "AlterGroup", + "description": "Grants permission to join groups on a cluster, equivalent to Apache Kafka's READ GROUP ACL", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeGroup" + ] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "AlterTopic": { + "privilege": "AlterTopic", + "description": "Grants permission to alter topics on a cluster, equivalent to Apache Kafka's ALTER TOPIC ACL", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeTopic" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "AlterTopicDynamicConfiguration": { + "privilege": "AlterTopicDynamicConfiguration", + "description": "Grants permission to alter the dynamic configuration of topics on a cluster, equivalent to Apache Kafka's ALTER_CONFIGS TOPIC ACL", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeTopicDynamicConfiguration" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "AlterTransactionalId": { + "privilege": "AlterTransactionalId", + "description": "Grants permission to alter transactional IDs on a cluster, equivalent to Apache Kafka's WRITE TRANSACTIONAL_ID ACL", + "access_level": "Write", + "resource_types": { + "transactional-id": { + "resource_type": "transactional-id", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeTransactionalId", + "kafka-cluster:WriteData" + ] + } + }, + "resource_types_lower_name": { + "transactional-id": "transactional-id" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "Connect": { + "privilege": "Connect", + "description": "Grants permission to connect and authenticate to the cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "CreateTopic": { + "privilege": "CreateTopic", + "description": "Grants permission to create topics on a cluster, equivalent to Apache Kafka's CREATE CLUSTER/TOPIC ACL", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete groups on a cluster, equivalent to Apache Kafka's DELETE GROUP ACL", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeGroup" + ] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DeleteTopic": { + "privilege": "DeleteTopic", + "description": "Grants permission to delete topics on a cluster, equivalent to Apache Kafka's DELETE TOPIC ACL", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeTopic" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DescribeCluster": { + "privilege": "DescribeCluster", + "description": "Grants permission to describe various aspects of the cluster, equivalent to Apache Kafka's DESCRIBE CLUSTER ACL", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DescribeClusterDynamicConfiguration": { + "privilege": "DescribeClusterDynamicConfiguration", + "description": "Grants permission to describe the dynamic configuration of a cluster, equivalent to Apache Kafka's DESCRIBE_CONFIGS CLUSTER ACL", + "access_level": "List", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DescribeGroup": { + "privilege": "DescribeGroup", + "description": "Grants permission to describe groups on a cluster, equivalent to Apache Kafka's DESCRIBE GROUP ACL", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect" + ] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DescribeTopic": { + "privilege": "DescribeTopic", + "description": "Grants permission to describe topics on a cluster, equivalent to Apache Kafka's DESCRIBE TOPIC ACL", + "access_level": "List", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DescribeTopicDynamicConfiguration": { + "privilege": "DescribeTopicDynamicConfiguration", + "description": "Grants permission to describe the dynamic configuration of topics on a cluster, equivalent to Apache Kafka's DESCRIBE_CONFIGS TOPIC ACL", + "access_level": "List", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "DescribeTransactionalId": { + "privilege": "DescribeTransactionalId", + "description": "Grants permission to describe transactional IDs on a cluster, equivalent to Apache Kafka's DESCRIBE TRANSACTIONAL_ID ACL", + "access_level": "List", + "resource_types": { + "transactional-id": { + "resource_type": "transactional-id", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect" + ] + } + }, + "resource_types_lower_name": { + "transactional-id": "transactional-id" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "ReadData": { + "privilege": "ReadData", + "description": "Grants permission to read data from topics on a cluster, equivalent to Apache Kafka's READ TOPIC ACL", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:AlterGroup", + "kafka-cluster:Connect", + "kafka-cluster:DescribeTopic" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "WriteData": { + "privilege": "WriteData", + "description": "Grants permission to write data to topics on a cluster, equivalent to Apache Kafka's WRITE TOPIC ACL", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:DescribeTopic" + ] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + }, + "WriteDataIdempotently": { + "privilege": "WriteDataIdempotently", + "description": "Grants permission to write data idempotently on a cluster, equivalent to Apache Kafka's IDEMPOTENT_WRITE CLUSTER ACL", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kafka-cluster:Connect", + "kafka-cluster:WriteData" + ] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html#actions" + } + }, + "privileges_lower_name": { + "altercluster": "AlterCluster", + "alterclusterdynamicconfiguration": "AlterClusterDynamicConfiguration", + "altergroup": "AlterGroup", + "altertopic": "AlterTopic", + "altertopicdynamicconfiguration": "AlterTopicDynamicConfiguration", + "altertransactionalid": "AlterTransactionalId", + "connect": "Connect", + "createtopic": "CreateTopic", + "deletegroup": "DeleteGroup", + "deletetopic": "DeleteTopic", + "describecluster": "DescribeCluster", + "describeclusterdynamicconfiguration": "DescribeClusterDynamicConfiguration", + "describegroup": "DescribeGroup", + "describetopic": "DescribeTopic", + "describetopicdynamicconfiguration": "DescribeTopicDynamicConfiguration", + "describetransactionalid": "DescribeTransactionalId", + "readdata": "ReadData", + "writedata": "WriteData", + "writedataidempotently": "WriteDataIdempotently" + }, + "resources": { + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:cluster/${ClusterName}/${ClusterUuid}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "topic": { + "resource": "topic", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:topic/${ClusterName}/${ClusterUuid}/${TopicName}", + "condition_keys": [] + }, + "group": { + "resource": "group", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:group/${ClusterName}/${ClusterUuid}/${GroupName}", + "condition_keys": [] + }, + "transactional-id": { + "resource": "transactional-id", + "arn": "arn:${Partition}:kafka:${Region}:${Account}:transactional-id/${ClusterName}/${ClusterUuid}/${TransactionalId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "cluster": "cluster", + "topic": "topic", + "group": "group", + "transactional-id": "transactional-id" + }, + "conditions": { + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource. The resource tag context key will only apply to the cluster resource, not topics, groups and transactional IDs", + "type": "String" + } + } + }, + "discovery": { + "service_name": "Application Discovery", + "prefix": "discovery", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_applicationdiscovery.html", + "privileges": { + "AssociateConfigurationItemsToApplication": { + "privilege": "AssociateConfigurationItemsToApplication", + "description": "Grants permission to AssociateConfigurationItemsToApplication API. AssociateConfigurationItemsToApplication associates one or more configuration items with an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_AssociateConfigurationItemsToApplication.html" + }, + "BatchDeleteImportData": { + "privilege": "BatchDeleteImportData", + "description": "Grants permission to BatchDeleteImportData API. BatchDeleteImportData deletes one or more Migration Hub import tasks, each identified by their import ID. Each import task has a number of records, which can identify servers or applications", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_BatchDeleteImportData.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to CreateApplication API. CreateApplication creates an application with the given name and description", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_CreateApplication.html" + }, + "CreateTags": { + "privilege": "CreateTags", + "description": "Grants permission to CreateTags API. CreateTags creates one or more tags for configuration items. Tags are metadata that help you categorize IT assets. This API accepts a list of multiple configuration items", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_CreateTags.html" + }, + "DeleteApplications": { + "privilege": "DeleteApplications", + "description": "Grants permission to DeleteApplications API. DeleteApplications deletes a list of applications and their associations with configuration items", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DeleteApplications.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to DeleteTags API. DeleteTags deletes the association between configuration items and one or more tags. This API accepts a list of multiple configuration items", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DeleteTags.html" + }, + "DescribeAgents": { + "privilege": "DescribeAgents", + "description": "Grants permission to DescribeAgents API. DescribeAgents lists agents or the Connector by ID or lists all agents/Connectors associated with your user if you did not specify an ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeAgents.html" + }, + "DescribeConfigurations": { + "privilege": "DescribeConfigurations", + "description": "Grants permission to DescribeConfigurations API. DescribeConfigurations retrieves attributes for a list of configuration item IDs. All of the supplied IDs must be for the same asset type (server, application, process, or connection). Output fields are specific to the asset type selected. For example, the output for a server configuration item includes a list of attributes about the server, such as host name, operating system, and number of network cards", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeConfigurations.html" + }, + "DescribeContinuousExports": { + "privilege": "DescribeContinuousExports", + "description": "Grants permission to DescribeContinuousExports API. DescribeContinuousExports lists exports as specified by ID. All continuous exports associated with your user can be listed if you call DescribeContinuousExports as is without passing any parameters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeContinuousExports.html" + }, + "DescribeExportConfigurations": { + "privilege": "DescribeExportConfigurations", + "description": "Grants permission to DescribeExportConfigurations API. DescribeExportConfigurations retrieves the status of a given export process. You can retrieve status from a maximum of 100 processes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeExportConfigurations.html" + }, + "DescribeExportTasks": { + "privilege": "DescribeExportTasks", + "description": "Grants permission to DescribeExportTasks API. DescribeExportTasks retrieve status of one or more export tasks. You can retrieve the status of up to 100 export tasks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeExportTasks.html" + }, + "DescribeImportTasks": { + "privilege": "DescribeImportTasks", + "description": "Grants permission to DescribeImportTasks API. DescribeImportTasks returns an array of import tasks for your user, including status information, times, IDs, the Amazon S3 Object URL for the import file, and more", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeImportTasks.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to DescribeTags API. DescribeTags retrieves a list of configuration items that are tagged with a specific tag. Or retrieves a list of all tags assigned to a specific configuration item", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DescribeTags.html" + }, + "DisassociateConfigurationItemsFromApplication": { + "privilege": "DisassociateConfigurationItemsFromApplication", + "description": "Grants permission to DisassociateConfigurationItemsFromApplication API. DisassociateConfigurationItemsFromApplication disassociates one or more configuration items from an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_DisassociateConfigurationItemsFromApplication.html" + }, + "ExportConfigurations": { + "privilege": "ExportConfigurations", + "description": "Grants permission to ExportConfigurations API. ExportConfigurations exports all discovered configuration data to an Amazon S3 bucket or an application that enables you to view and evaluate the data. Data includes tags and tag associations, processes, connections, servers, and system performance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_ExportConfigurations.html" + }, + "GetDiscoverySummary": { + "privilege": "GetDiscoverySummary", + "description": "Grants permission to GetDiscoverySummary API. GetDiscoverySummary retrieves a short summary of discovered assets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_GetDiscoverySummary.html" + }, + "ListConfigurations": { + "privilege": "ListConfigurations", + "description": "Grants permission to ListConfigurations API. ListConfigurations retrieves a list of configuration items according to criteria you specify in a filter. The filter criteria identify relationship requirements", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_ListConfigurations.html" + }, + "ListServerNeighbors": { + "privilege": "ListServerNeighbors", + "description": "Grants permission to ListServerNeighbors API. ListServerNeighbors retrieves a list of servers which are one network hop away from a specified server", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_ListServerNeighbors.html" + }, + "StartContinuousExport": { + "privilege": "StartContinuousExport", + "description": "Grants permission to StartContinuousExport API. StartContinuousExport start the continuous flow of agent's discovered data into Amazon Athena", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:AttachRolePolicy", + "iam:CreatePolicy", + "iam:CreateRole", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartContinuousExport.html" + }, + "StartDataCollectionByAgentIds": { + "privilege": "StartDataCollectionByAgentIds", + "description": "Grants permission to StartDataCollectionByAgentIds API. StartDataCollectionByAgentIds instructs the specified agents or Connectors to start collecting data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartDataCollectionByAgentIds.html" + }, + "StartExportTask": { + "privilege": "StartExportTask", + "description": "Grants permission to StartExportTask API. StartExportTask export the configuration data about discovered configuration items and relationships to an S3 bucket in a specified format", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartExportTask.html" + }, + "StartImportTask": { + "privilege": "StartImportTask", + "description": "Grants permission to StartImportTask API. StartImportTask starts an import task. The Migration Hub import feature allows you to import details of your on-premises environment directly into AWS without having to use the Application Discovery Service (ADS) tools such as the Discovery Connector or Discovery Agent. This gives you the option to perform migration assessment and planning directly from your imported data including the ability to group your devices as applications and track their migration status", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "discovery:AssociateConfigurationItemsToApplication", + "discovery:CreateApplication", + "discovery:CreateTags", + "discovery:GetDiscoverySummary", + "discovery:ListConfigurations", + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StartImportTask.html" + }, + "StopContinuousExport": { + "privilege": "StopContinuousExport", + "description": "Grants permission to StopContinuousExport API. StopContinuousExport stops the continuous flow of agent's discovered data into Amazon Athena", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StopContinuousExport.html" + }, + "StopDataCollectionByAgentIds": { + "privilege": "StopDataCollectionByAgentIds", + "description": "Grants permission to StopDataCollectionByAgentIds API. StopDataCollectionByAgentIds instructs the specified agents or Connectors to stop collecting data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_StopDataCollectionByAgentIds.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to UpdateApplication API. UpdateApplication updates metadata about an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_UpdateApplication.html" + }, + "GetNetworkConnectionGraph": { + "privilege": "GetNetworkConnectionGraph", + "description": "Grants permission to GetNetworkConnectionGraph API. GetNetworkConnectionGraph accepts input list of one of - Ip Addresses, server ids or node ids. Returns a list of nodes and edges which help customer visualize network connection graph. This API is used for visualize network graph functionality in MigrationHub console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/APIReference/API_GetNetworkConnectionGraph.html" + } + }, + "privileges_lower_name": { + "associateconfigurationitemstoapplication": "AssociateConfigurationItemsToApplication", + "batchdeleteimportdata": "BatchDeleteImportData", + "createapplication": "CreateApplication", + "createtags": "CreateTags", + "deleteapplications": "DeleteApplications", + "deletetags": "DeleteTags", + "describeagents": "DescribeAgents", + "describeconfigurations": "DescribeConfigurations", + "describecontinuousexports": "DescribeContinuousExports", + "describeexportconfigurations": "DescribeExportConfigurations", + "describeexporttasks": "DescribeExportTasks", + "describeimporttasks": "DescribeImportTasks", + "describetags": "DescribeTags", + "disassociateconfigurationitemsfromapplication": "DisassociateConfigurationItemsFromApplication", + "exportconfigurations": "ExportConfigurations", + "getdiscoverysummary": "GetDiscoverySummary", + "listconfigurations": "ListConfigurations", + "listserverneighbors": "ListServerNeighbors", + "startcontinuousexport": "StartContinuousExport", + "startdatacollectionbyagentids": "StartDataCollectionByAgentIds", + "startexporttask": "StartExportTask", + "startimporttask": "StartImportTask", + "stopcontinuousexport": "StopContinuousExport", + "stopdatacollectionbyagentids": "StopDataCollectionByAgentIds", + "updateapplication": "UpdateApplication", + "getnetworkconnectiongraph": "GetNetworkConnectionGraph" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": { + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "arsenal": { + "service_name": "Application Discovery Arsenal", + "prefix": "arsenal", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_applicationdiscoveryarsenal.html", + "privileges": { + "RegisterOnPremisesAgent": { + "privilege": "RegisterOnPremisesAgent", + "description": "Grants permission to register AWS provided data collectors to the Application Discovery Service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-discovery/latest/userguide/setting-up.html" + } + }, + "privileges_lower_name": { + "registeronpremisesagent": "RegisterOnPremisesAgent" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "account": { + "service_name": "AWS Account Management", + "prefix": "account", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsaccountmanagement.html", + "privileges": { + "CloseAccount": { + "privilege": "CloseAccount", + "description": "Grants permission to close an account", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" + }, + "DeleteAlternateContact": { + "privilege": "DeleteAlternateContact", + "description": "Grants permission to delete the alternate contacts for an account", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "account:AlternateContactTypes" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_DeleteAlternateContact.html" + }, + "DisableRegion": { + "privilege": "DisableRegion", + "description": "Grants permission to disable use of a Region", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "account:TargetRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_DisableRegion.html" + }, + "EnableRegion": { + "privilege": "EnableRegion", + "description": "Grants permission to enable use of a Region", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "account:TargetRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_EnableRegion.html" + }, + "GetAccountInformation": { + "privilege": "GetAccountInformation", + "description": "Grants permission to retrieve the account information for an account", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" + }, + "GetAlternateContact": { + "privilege": "GetAlternateContact", + "description": "Grants permission to retrieve the alternate contacts for an account", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "account:AlternateContactTypes" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_GetAlternateContact.html" + }, + "GetChallengeQuestions": { + "privilege": "GetChallengeQuestions", + "description": "Grants permission to retrieve the challenge questions for an account", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" + }, + "GetContactInformation": { + "privilege": "GetContactInformation", + "description": "Grants permission to retrieve the primary contact information for an account", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_GetContactInformation.html" + }, + "GetRegionOptStatus": { + "privilege": "GetRegionOptStatus", + "description": "Grants permission to get the opt-in status of a Region", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "account:TargetRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_GetRegionOptStatus.html" + }, + "ListRegions": { + "privilege": "ListRegions", + "description": "Grants permission to list the available Regions", + "access_level": "List", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_ListRegions.html" + }, + "PutAlternateContact": { + "privilege": "PutAlternateContact", + "description": "Grants permission to modify the alternate contacts for an account", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "account:AlternateContactTypes" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_PutAlternateContact.html" + }, + "PutChallengeQuestions": { + "privilege": "PutChallengeQuestions", + "description": "Grants permission to modify the challenge questions for an account", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/security_account-permissions-ref.html" + }, + "PutContactInformation": { + "privilege": "PutContactInformation", + "description": "Grants permission to update the primary contact information for an account", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "accountInOrganization": { + "resource_type": "accountInOrganization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/API_PutContactInformation.html" + } + }, + "privileges_lower_name": { + "closeaccount": "CloseAccount", + "deletealternatecontact": "DeleteAlternateContact", + "disableregion": "DisableRegion", + "enableregion": "EnableRegion", + "getaccountinformation": "GetAccountInformation", + "getalternatecontact": "GetAlternateContact", + "getchallengequestions": "GetChallengeQuestions", + "getcontactinformation": "GetContactInformation", + "getregionoptstatus": "GetRegionOptStatus", + "listregions": "ListRegions", + "putalternatecontact": "PutAlternateContact", + "putchallengequestions": "PutChallengeQuestions", + "putcontactinformation": "PutContactInformation" + }, + "resources": { + "account": { + "resource": "account", + "arn": "arn:${Partition}:account::${Account}:account", + "condition_keys": [] + }, + "accountInOrganization": { + "resource": "accountInOrganization", + "arn": "arn:${Partition}:account::${ManagementAccountId}:account/o-${OrganizationId}/${MemberAccountId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "account": "account", + "accountinorganization": "accountInOrganization" + }, + "conditions": { + "account:AccountResourceOrgPaths": { + "condition": "account:AccountResourceOrgPaths", + "description": "Filters access by the resource path for an account in an organization", + "type": "ArrayOfString" + }, + "account:AccountResourceOrgTags/${TagKey}": { + "condition": "account:AccountResourceOrgTags/${TagKey}", + "description": "Filters access by resource tags for an account in an organization", + "type": "ArrayOfString" + }, + "account:AlternateContactTypes": { + "condition": "account:AlternateContactTypes", + "description": "Filters access by alternate contact types", + "type": "ArrayOfString" + }, + "account:TargetRegion": { + "condition": "account:TargetRegion", + "description": "Filters access by a list of Regions. Enables or disables all the Regions specified here", + "type": "String" + } + } + }, + "activate": { + "service_name": "AWS Activate", + "prefix": "activate", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsactivate.html", + "privileges": { + "CreateForm": { + "privilege": "CreateForm", + "description": "Grants permission to submit an Activate application form", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + }, + "GetAccountContact": { + "privilege": "GetAccountContact", + "description": "Grants permission to get the AWS account contact information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + }, + "GetContentInfo": { + "privilege": "GetContentInfo", + "description": "Grants permission to get Activate tech posts and offer information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + }, + "GetCosts": { + "privilege": "GetCosts", + "description": "Grants permission to get the AWS cost information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + }, + "GetCredits": { + "privilege": "GetCredits", + "description": "Grants permission to get the AWS credit information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + }, + "GetMemberInfo": { + "privilege": "GetMemberInfo", + "description": "Grants permission to get the Activate member information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + }, + "GetProgram": { + "privilege": "GetProgram", + "description": "Grants permission to get an Activate program", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + }, + "PutMemberInfo": { + "privilege": "PutMemberInfo", + "description": "Grants permission to create or update the Activate member information", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/" + } + }, + "privileges_lower_name": { + "createform": "CreateForm", + "getaccountcontact": "GetAccountContact", + "getcontentinfo": "GetContentInfo", + "getcosts": "GetCosts", + "getcredits": "GetCredits", + "getmemberinfo": "GetMemberInfo", + "getprogram": "GetProgram", + "putmemberinfo": "PutMemberInfo" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "amplify": { + "service_name": "AWS Amplify", + "prefix": "amplify", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsamplify.html", + "privileges": { + "CreateApp": { + "privilege": "CreateApp", + "description": "Grants permission to create a new Amplify App", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "CreateBackendEnvironment": { + "privilege": "CreateBackendEnvironment", + "description": "Grants permission to create a new backend environment for an Amplify App", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "CreateBranch": { + "privilege": "CreateBranch", + "description": "Grants permission to create a new Branch for an Amplify App", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "CreateDeployment": { + "privilege": "CreateDeployment", + "description": "Grants permission to create a deployment for manual deploy apps. (Apps are not connected to repository)", + "access_level": "Write", + "resource_types": { + "branches": { + "resource_type": "branches", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "branches": "branches" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "CreateDomainAssociation": { + "privilege": "CreateDomainAssociation", + "description": "Grants permission to create a new DomainAssociation on an App", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "CreateWebHook": { + "privilege": "CreateWebHook", + "description": "Grants permission to create a new webhook on an App", + "access_level": "Write", + "resource_types": { + "branches": { + "resource_type": "branches", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "branches": "branches" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Grants permission to delete an existing Amplify App by appId", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "DeleteBackendEnvironment": { + "privilege": "DeleteBackendEnvironment", + "description": "Grants permission to delete a branch for an Amplify App", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "DeleteBranch": { + "privilege": "DeleteBranch", + "description": "Grants permission to delete a branch for an Amplify App", + "access_level": "Write", + "resource_types": { + "branches": { + "resource_type": "branches", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "branches": "branches" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "DeleteDomainAssociation": { + "privilege": "DeleteDomainAssociation", + "description": "Grants permission to delete a DomainAssociation", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "DeleteJob": { + "privilege": "DeleteJob", + "description": "Grants permission to delete a job, for an Amplify branch, part of Amplify App", + "access_level": "Write", + "resource_types": { + "jobs": { + "resource_type": "jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "DeleteWebHook": { + "privilege": "DeleteWebHook", + "description": "Grants permission to delete a webhook by id", + "access_level": "Write", + "resource_types": { + "webhooks": { + "resource_type": "webhooks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webhooks": "webhooks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GenerateAccessLogs": { + "privilege": "GenerateAccessLogs", + "description": "Grants permission to generate website access logs for a specific time range via a pre-signed URL", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GetApp": { + "privilege": "GetApp", + "description": "Grants permission to retrieve an existing Amplify App by appId", + "access_level": "Read", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GetArtifactUrl": { + "privilege": "GetArtifactUrl", + "description": "Grants permission to retrieve artifact info that corresponds to a artifactId", + "access_level": "Read", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GetBackendEnvironment": { + "privilege": "GetBackendEnvironment", + "description": "Grants permission to retrieve a backend environment for an Amplify App", + "access_level": "Read", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GetBranch": { + "privilege": "GetBranch", + "description": "Grants permission to retrieve a branch for an Amplify App", + "access_level": "Read", + "resource_types": { + "branches": { + "resource_type": "branches", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "branches": "branches" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GetDomainAssociation": { + "privilege": "GetDomainAssociation", + "description": "Grants permission to retrieve domain info that corresponds to an appId and domainName", + "access_level": "Read", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GetJob": { + "privilege": "GetJob", + "description": "Grants permission to get a job for a branch, part of an Amplify App", + "access_level": "Read", + "resource_types": { + "jobs": { + "resource_type": "jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "GetWebHook": { + "privilege": "GetWebHook", + "description": "Grants permission to retrieve webhook info that corresponds to a webhookId", + "access_level": "Read", + "resource_types": { + "webhooks": { + "resource_type": "webhooks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webhooks": "webhooks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListApps": { + "privilege": "ListApps", + "description": "Grants permission to list existing Amplify Apps", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListArtifacts": { + "privilege": "ListArtifacts", + "description": "Grants permission to list artifacts with an app, a branch, a job and an artifact type", + "access_level": "List", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListBackendEnvironments": { + "privilege": "ListBackendEnvironments", + "description": "Grants permission to list backend environments for an Amplify App", + "access_level": "List", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListBranches": { + "privilege": "ListBranches", + "description": "Grants permission to list branches for an Amplify App", + "access_level": "List", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListDomainAssociations": { + "privilege": "ListDomainAssociations", + "description": "Grants permission to list domains with an app", + "access_level": "List", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list Jobs for a branch, part of an Amplify App", + "access_level": "List", + "resource_types": { + "branches": { + "resource_type": "branches", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "branches": "branches" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS Amplify Console resource", + "access_level": "Read", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "branches": { + "resource_type": "branches", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobs": { + "resource_type": "jobs", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps", + "branches": "branches", + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "ListWebHooks": { + "privilege": "ListWebHooks", + "description": "Grants permission to list webhooks on an App", + "access_level": "List", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "StartDeployment": { + "privilege": "StartDeployment", + "description": "Grants permission to start a deployment for manual deploy apps. (Apps are not connected to repository)", + "access_level": "Write", + "resource_types": { + "branches": { + "resource_type": "branches", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "branches": "branches" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "StartJob": { + "privilege": "StartJob", + "description": "Grants permission to start a new job for a branch, part of an Amplify App", + "access_level": "Write", + "resource_types": { + "jobs": { + "resource_type": "jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "StopJob": { + "privilege": "StopJob", + "description": "Grants permission to stop a job that is in progress, for an Amplify branch, part of Amplify App", + "access_level": "Write", + "resource_types": { + "jobs": { + "resource_type": "jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS Amplify Console resource", + "access_level": "Tagging", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "branches": { + "resource_type": "branches", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobs": { + "resource_type": "jobs", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps", + "branches": "branches", + "jobs": "jobs", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an AWS Amplify Console resource", + "access_level": "Tagging", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "branches": { + "resource_type": "branches", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobs": { + "resource_type": "jobs", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps", + "branches": "branches", + "jobs": "jobs", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "UpdateApp": { + "privilege": "UpdateApp", + "description": "Grants permission to update an existing Amplify App", + "access_level": "Write", + "resource_types": { + "apps": { + "resource_type": "apps", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apps": "apps" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "UpdateBranch": { + "privilege": "UpdateBranch", + "description": "Grants permission to update a branch for an Amplify App", + "access_level": "Write", + "resource_types": { + "branches": { + "resource_type": "branches", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "branches": "branches" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "UpdateDomainAssociation": { + "privilege": "UpdateDomainAssociation", + "description": "Grants permission to update a DomainAssociation on an App", + "access_level": "Write", + "resource_types": { + "domains": { + "resource_type": "domains", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domains": "domains" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + }, + "UpdateWebHook": { + "privilege": "UpdateWebHook", + "description": "Grants permission to update a webhook", + "access_level": "Write", + "resource_types": { + "webhooks": { + "resource_type": "webhooks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webhooks": "webhooks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify/latest/userguide/welcome.html" + } + }, + "privileges_lower_name": { + "createapp": "CreateApp", + "createbackendenvironment": "CreateBackendEnvironment", + "createbranch": "CreateBranch", + "createdeployment": "CreateDeployment", + "createdomainassociation": "CreateDomainAssociation", + "createwebhook": "CreateWebHook", + "deleteapp": "DeleteApp", + "deletebackendenvironment": "DeleteBackendEnvironment", + "deletebranch": "DeleteBranch", + "deletedomainassociation": "DeleteDomainAssociation", + "deletejob": "DeleteJob", + "deletewebhook": "DeleteWebHook", + "generateaccesslogs": "GenerateAccessLogs", + "getapp": "GetApp", + "getartifacturl": "GetArtifactUrl", + "getbackendenvironment": "GetBackendEnvironment", + "getbranch": "GetBranch", + "getdomainassociation": "GetDomainAssociation", + "getjob": "GetJob", + "getwebhook": "GetWebHook", + "listapps": "ListApps", + "listartifacts": "ListArtifacts", + "listbackendenvironments": "ListBackendEnvironments", + "listbranches": "ListBranches", + "listdomainassociations": "ListDomainAssociations", + "listjobs": "ListJobs", + "listtagsforresource": "ListTagsForResource", + "listwebhooks": "ListWebHooks", + "startdeployment": "StartDeployment", + "startjob": "StartJob", + "stopjob": "StopJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapp": "UpdateApp", + "updatebranch": "UpdateBranch", + "updatedomainassociation": "UpdateDomainAssociation", + "updatewebhook": "UpdateWebHook" + }, + "resources": { + "apps": { + "resource": "apps", + "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "branches": { + "resource": "branches", + "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}/branches/${BranchName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "jobs": { + "resource": "jobs", + "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}/branches/${BranchName}/jobs/${JobId}", + "condition_keys": [] + }, + "domains": { + "resource": "domains", + "arn": "arn:${Partition}:amplify:${Region}:${Account}:apps/${AppId}/domains/${DomainName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "webhooks": { + "resource": "webhooks", + "arn": "arn:${Partition}:amplify:${Region}:${Account}:webhooks/${WebhookId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "apps": "apps", + "branches": "branches", + "jobs": "jobs", + "domains": "domains", + "webhooks": "webhooks" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag's key associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + } + } + }, + "amplifybackend": { + "service_name": "AWS Amplify Admin", + "prefix": "amplifybackend", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsamplifyadmin.html", + "privileges": { + "CloneBackend": { + "privilege": "CloneBackend", + "description": "Grants permission to clone an existing Amplify Admin backend environment into a new Amplify Admin backend enviroment", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-environments-backendenvironmentname-clone.html#CloneBackend" + }, + "CreateBackend": { + "privilege": "CreateBackend", + "description": "Grants permission to create a new Amplify Admin backend environment by Amplify appId", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend.html#CreateBackend" + }, + "CreateBackendAPI": { + "privilege": "CreateBackendAPI", + "description": "Grants permission to create an API for an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "api": { + "resource_type": "api", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "api", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api.html#CreateBackendAPI" + }, + "CreateBackendAuth": { + "privilege": "CreateBackendAuth", + "description": "Grants permission to create an auth resource for an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "auth": { + "resource_type": "auth", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "auth": "auth", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth.html#CreateBackendAuth" + }, + "CreateBackendConfig": { + "privilege": "CreateBackendConfig", + "description": "Grants permission to create a new Amplify Admin backend config by Amplify appId", + "access_level": "Write", + "resource_types": { + "config": { + "resource_type": "config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-config.html#CreateBackendConfig" + }, + "CreateBackendStorage": { + "privilege": "CreateBackendStorage", + "description": "Grants permission to create a backend storage resource", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#CreateBackendStorage" + }, + "CreateToken": { + "privilege": "CreateToken", + "description": "Grants permission to create an Amplify Admin challenge token by appId", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-challenge.html#CreateToken" + }, + "DeleteBackend": { + "privilege": "DeleteBackend", + "description": "Grants permission to delete an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-environments-backendenvironmentname-remove.html#DeleteBackend" + }, + "DeleteBackendAPI": { + "privilege": "DeleteBackendAPI", + "description": "Grants permission to delete an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "api": { + "resource_type": "api", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "api", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-remove.html#DeleteBackendAPI" + }, + "DeleteBackendAuth": { + "privilege": "DeleteBackendAuth", + "description": "Grants permission to delete an auth resource of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "auth": { + "resource_type": "auth", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "auth": "auth", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname-remove.html#DeleteBackendAuth" + }, + "DeleteBackendStorage": { + "privilege": "DeleteBackendStorage", + "description": "Grants permission to delete a backend storage resource", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "storage": { + "resource_type": "storage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment", + "storage": "storage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#DeleteBackendStorage" + }, + "DeleteToken": { + "privilege": "DeleteToken", + "description": "Grants permission to delete an Amplify Admin challenge token by appId", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-challenge-sessionid-remove.html#DeleteToken" + }, + "GenerateBackendAPIModels": { + "privilege": "GenerateBackendAPIModels", + "description": "Grants permission to generate models for an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "api": { + "resource_type": "api", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "api", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-generatemodels.html#GenerateBackendAPIModels" + }, + "GetBackend": { + "privilege": "GetBackend", + "description": "Grants permission to retrieve an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Read", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-details.html#GetBackend" + }, + "GetBackendAPI": { + "privilege": "GetBackendAPI", + "description": "Grants permission to retrieve an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Read", + "resource_types": { + "api": { + "resource_type": "api", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "api", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-details.html#GetBackendAPI" + }, + "GetBackendAPIModels": { + "privilege": "GetBackendAPIModels", + "description": "Grants permission to retrieve models for an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Read", + "resource_types": { + "api": { + "resource_type": "api", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "api", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname-getmodels.html#GetBackendAPIModels" + }, + "GetBackendAuth": { + "privilege": "GetBackendAuth", + "description": "Grants permission to retrieve an auth resource of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Read", + "resource_types": { + "auth": { + "resource_type": "auth", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "auth": "auth", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname-details.html#GetBackendAuth" + }, + "GetBackendJob": { + "privilege": "GetBackendJob", + "description": "Grants permission to retrieve a job of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Read", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-job-backendenvironmentname-jobid.html#GetBackendJob" + }, + "GetBackendStorage": { + "privilege": "GetBackendStorage", + "description": "Grants permission to retrieve an existing backend storage resource", + "access_level": "Read", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#GetBackendStorage" + }, + "GetToken": { + "privilege": "GetToken", + "description": "Grants permission to retrieve an Amplify Admin challenge token by appId", + "access_level": "Read", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-challenge-sessionid.html#GetToken" + }, + "ImportBackendAuth": { + "privilege": "ImportBackendAuth", + "description": "Grants permission to import an existing auth resource of an Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "auth": { + "resource_type": "auth", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "auth": "auth", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname.html#ImportBackendAuth" + }, + "ImportBackendStorage": { + "privilege": "ImportBackendStorage", + "description": "Grants permission to import an existing backend storage resource", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "storage": { + "resource_type": "storage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment", + "storage": "storage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#ImportBackendStorage" + }, + "ListBackendJobs": { + "privilege": "ListBackendJobs", + "description": "Grants permission to retrieve the jobs of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "List", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-job-backendenvironmentname.html#ListBackendJobs" + }, + "ListS3Buckets": { + "privilege": "ListS3Buckets", + "description": "Grants permission to retrieve s3 buckets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#ListS3Buckets" + }, + "RemoveAllBackends": { + "privilege": "RemoveAllBackends", + "description": "Grants permission to delete all existing Amplify Admin backend environments by appId", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-remove.html#RemoveAllBackends" + }, + "RemoveBackendConfig": { + "privilege": "RemoveBackendConfig", + "description": "Grants permission to delete an Amplify Admin backend config by Amplify appId", + "access_level": "Write", + "resource_types": { + "config": { + "resource_type": "config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-config-remove.html#RemoveBackendConfig" + }, + "UpdateBackendAPI": { + "privilege": "UpdateBackendAPI", + "description": "Grants permission to update an API of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "api": { + "resource_type": "api", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "api": "api", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-api-backendenvironmentname.html#UpdateBackendAPI" + }, + "UpdateBackendAuth": { + "privilege": "UpdateBackendAuth", + "description": "Grants permission to update an auth resource of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "auth": { + "resource_type": "auth", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "auth": "auth", + "backend": "backend", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-auth-backendenvironmentname.html#UpdateBackendAuth" + }, + "UpdateBackendConfig": { + "privilege": "UpdateBackendConfig", + "description": "Grants permission to update an Amplify Admin backend config by Amplify appId", + "access_level": "Write", + "resource_types": { + "config": { + "resource_type": "config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-config-update.html#UpdateBackendConfig" + }, + "UpdateBackendJob": { + "privilege": "UpdateBackendJob", + "description": "Grants permission to update a job of an existing Amplify Admin backend environment by appId and backendEnvironmentName", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-job-backendenvironmentname-jobid.html#UpdateBackendJob" + }, + "UpdateBackendStorage": { + "privilege": "UpdateBackendStorage", + "description": "Grants permission to update a backend storage resource", + "access_level": "Write", + "resource_types": { + "backend": { + "resource_type": "backend", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "storage": { + "resource_type": "storage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backend": "backend", + "environment": "environment", + "storage": "storage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplify-admin-ui/latest/APIReference/backend-appid-storage.html#UpdateBackendStorage" + } + }, + "privileges_lower_name": { + "clonebackend": "CloneBackend", + "createbackend": "CreateBackend", + "createbackendapi": "CreateBackendAPI", + "createbackendauth": "CreateBackendAuth", + "createbackendconfig": "CreateBackendConfig", + "createbackendstorage": "CreateBackendStorage", + "createtoken": "CreateToken", + "deletebackend": "DeleteBackend", + "deletebackendapi": "DeleteBackendAPI", + "deletebackendauth": "DeleteBackendAuth", + "deletebackendstorage": "DeleteBackendStorage", + "deletetoken": "DeleteToken", + "generatebackendapimodels": "GenerateBackendAPIModels", + "getbackend": "GetBackend", + "getbackendapi": "GetBackendAPI", + "getbackendapimodels": "GetBackendAPIModels", + "getbackendauth": "GetBackendAuth", + "getbackendjob": "GetBackendJob", + "getbackendstorage": "GetBackendStorage", + "gettoken": "GetToken", + "importbackendauth": "ImportBackendAuth", + "importbackendstorage": "ImportBackendStorage", + "listbackendjobs": "ListBackendJobs", + "lists3buckets": "ListS3Buckets", + "removeallbackends": "RemoveAllBackends", + "removebackendconfig": "RemoveBackendConfig", + "updatebackendapi": "UpdateBackendAPI", + "updatebackendauth": "UpdateBackendAuth", + "updatebackendconfig": "UpdateBackendConfig", + "updatebackendjob": "UpdateBackendJob", + "updatebackendstorage": "UpdateBackendStorage" + }, + "resources": { + "backend": { + "resource": "backend", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}", + "condition_keys": [] + }, + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/environments", + "condition_keys": [] + }, + "api": { + "resource": "api", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/api", + "condition_keys": [] + }, + "auth": { + "resource": "auth", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/auth", + "condition_keys": [] + }, + "job": { + "resource": "job", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/job", + "condition_keys": [] + }, + "config": { + "resource": "config", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/config/*", + "condition_keys": [] + }, + "token": { + "resource": "token", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/token", + "condition_keys": [] + }, + "storage": { + "resource": "storage", + "arn": "arn:${Partition}:amplifybackend:${Region}:${Account}:backend/${AppId}/storage", + "condition_keys": [] + } + }, + "resources_lower_name": { + "backend": "backend", + "environment": "environment", + "api": "api", + "auth": "auth", + "job": "job", + "config": "config", + "token": "token", + "storage": "storage" + }, + "conditions": {} + }, + "amplifyuibuilder": { + "service_name": "AWS Amplify UI Builder", + "prefix": "amplifyuibuilder", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsamplifyuibuilder.html", + "privileges": { + "CreateComponent": { + "privilege": "CreateComponent", + "description": "Grants permission to create a component", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_CreateComponent.html" + }, + "CreateForm": { + "privilege": "CreateForm", + "description": "Grants permission to create a form", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_CreateForm.html" + }, + "CreateTheme": { + "privilege": "CreateTheme", + "description": "Grants permission to create a theme", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_CreateTheme.html" + }, + "DeleteComponent": { + "privilege": "DeleteComponent", + "description": "Grants permission to delete a component", + "access_level": "Write", + "resource_types": { + "ComponentResource": { + "resource_type": "ComponentResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "componentresource": "ComponentResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_DeleteComponent.html" + }, + "DeleteForm": { + "privilege": "DeleteForm", + "description": "Grants permission to delete a form", + "access_level": "Write", + "resource_types": { + "FormResource": { + "resource_type": "FormResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "formresource": "FormResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_DeleteForm.html" + }, + "DeleteTheme": { + "privilege": "DeleteTheme", + "description": "Grants permission to delete a theme", + "access_level": "Write", + "resource_types": { + "ThemeResource": { + "resource_type": "ThemeResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "themeresource": "ThemeResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_DeleteTheme.html" + }, + "ExportComponents": { + "privilege": "ExportComponents", + "description": "Grants permission to export components", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportComponents.html" + }, + "ExportForms": { + "privilege": "ExportForms", + "description": "Grants permission to export forms", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportForms.html" + }, + "ExportThemes": { + "privilege": "ExportThemes", + "description": "Grants permission to export themes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportThemes.html" + }, + "GetComponent": { + "privilege": "GetComponent", + "description": "Grants permission to get an existing component", + "access_level": "Read", + "resource_types": { + "ComponentResource": { + "resource_type": "ComponentResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "componentresource": "ComponentResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetComponent.html" + }, + "GetForm": { + "privilege": "GetForm", + "description": "Grants permission to get an existing form", + "access_level": "Read", + "resource_types": { + "FormResource": { + "resource_type": "FormResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "formresource": "FormResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetForm.html" + }, + "GetMetadata": { + "privilege": "GetMetadata", + "description": "Grants permission to get an existing metadata", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetMetadata.html" + }, + "GetTheme": { + "privilege": "GetTheme", + "description": "Grants permission to get an existing theme", + "access_level": "Read", + "resource_types": { + "ThemeResource": { + "resource_type": "ThemeResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "themeresource": "ThemeResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetTheme.html" + }, + "ListComponents": { + "privilege": "ListComponents", + "description": "Grants permission to list components", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListComponents.html" + }, + "ListForms": { + "privilege": "ListForms", + "description": "Grants permission to list forms", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListForms.html" + }, + "ListThemes": { + "privilege": "ListThemes", + "description": "Grants permission to list themes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListThemes.html" + }, + "PutMetadataFlag": { + "privilege": "PutMetadataFlag", + "description": "Grants permission to put an existing metadata", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_PutMetadataFlag.html" + }, + "ResetMetadataFlag": { + "privilege": "ResetMetadataFlag", + "description": "Grants permission to reset an existing metadata", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ResetMetadataFlag.html" + }, + "UpdateComponent": { + "privilege": "UpdateComponent", + "description": "Grants permission to update a component", + "access_level": "Write", + "resource_types": { + "ComponentResource": { + "resource_type": "ComponentResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "componentresource": "ComponentResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_UpdateComponent.html" + }, + "UpdateForm": { + "privilege": "UpdateForm", + "description": "Grants permission to update a form", + "access_level": "Write", + "resource_types": { + "FormResource": { + "resource_type": "FormResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "formresource": "FormResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_UpdateForm.html" + }, + "UpdateTheme": { + "privilege": "UpdateTheme", + "description": "Grants permission to update a theme", + "access_level": "Write", + "resource_types": { + "ThemeResource": { + "resource_type": "ThemeResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "amplify:GetApp" + ] + } + }, + "resource_types_lower_name": { + "themeresource": "ThemeResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_UpdateTheme.html" + } + }, + "privileges_lower_name": { + "createcomponent": "CreateComponent", + "createform": "CreateForm", + "createtheme": "CreateTheme", + "deletecomponent": "DeleteComponent", + "deleteform": "DeleteForm", + "deletetheme": "DeleteTheme", + "exportcomponents": "ExportComponents", + "exportforms": "ExportForms", + "exportthemes": "ExportThemes", + "getcomponent": "GetComponent", + "getform": "GetForm", + "getmetadata": "GetMetadata", + "gettheme": "GetTheme", + "listcomponents": "ListComponents", + "listforms": "ListForms", + "listthemes": "ListThemes", + "putmetadataflag": "PutMetadataFlag", + "resetmetadataflag": "ResetMetadataFlag", + "updatecomponent": "UpdateComponent", + "updateform": "UpdateForm", + "updatetheme": "UpdateTheme" + }, + "resources": { + "ComponentResource": { + "resource": "ComponentResource", + "arn": "arn:${Partition}:amplifyuibuilder:${Region}:${Account}:app/${AppId}/environment/${EnvironmentName}/components/${Id}", + "condition_keys": [ + "amplifyuibuilder:ComponentResourceAppId", + "amplifyuibuilder:ComponentResourceEnvironmentName", + "amplifyuibuilder:ComponentResourceId", + "aws:ResourceTag/${TagKey}" + ] + }, + "FormResource": { + "resource": "FormResource", + "arn": "arn:${Partition}:amplifyuibuilder:${Region}:${Account}:app/${AppId}/environment/${EnvironmentName}/forms/${Id}", + "condition_keys": [ + "amplifyuibuilder:FormResourceAppId", + "amplifyuibuilder:FormResourceEnvironmentName", + "amplifyuibuilder:FormResourceId", + "aws:ResourceTag/${TagKey}" + ] + }, + "ThemeResource": { + "resource": "ThemeResource", + "arn": "arn:${Partition}:amplifyuibuilder:${Region}:${Account}:app/${AppId}/environment/${EnvironmentName}/themes/${Id}", + "condition_keys": [ + "amplifyuibuilder:ThemeResourceAppId", + "amplifyuibuilder:ThemeResourceEnvironmentName", + "amplifyuibuilder:ThemeResourceId", + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "componentresource": "ComponentResource", + "formresource": "FormResource", + "themeresource": "ThemeResource" + }, + "conditions": { + "amplifyuibuilder:ComponentResourceAppId": { + "condition": "amplifyuibuilder:ComponentResourceAppId", + "description": "Filters access by the app ID", + "type": "String" + }, + "amplifyuibuilder:ComponentResourceEnvironmentName": { + "condition": "amplifyuibuilder:ComponentResourceEnvironmentName", + "description": "Filters access by the backend environment name", + "type": "String" + }, + "amplifyuibuilder:ComponentResourceId": { + "condition": "amplifyuibuilder:ComponentResourceId", + "description": "Filters access by the component ID", + "type": "String" + }, + "amplifyuibuilder:FormResourceAppId": { + "condition": "amplifyuibuilder:FormResourceAppId", + "description": "Filters access by the app ID", + "type": "String" + }, + "amplifyuibuilder:FormResourceEnvironmentName": { + "condition": "amplifyuibuilder:FormResourceEnvironmentName", + "description": "Filters access by the backend environment name", + "type": "String" + }, + "amplifyuibuilder:FormResourceId": { + "condition": "amplifyuibuilder:FormResourceId", + "description": "Filters access by the form ID", + "type": "String" + }, + "amplifyuibuilder:ThemeResourceAppId": { + "condition": "amplifyuibuilder:ThemeResourceAppId", + "description": "Filters access by the app ID", + "type": "String" + }, + "amplifyuibuilder:ThemeResourceEnvironmentName": { + "condition": "amplifyuibuilder:ThemeResourceEnvironmentName", + "description": "Filters access by the backend environment name", + "type": "String" + }, + "amplifyuibuilder:ThemeResourceId": { + "condition": "amplifyuibuilder:ThemeResourceId", + "description": "Filters access by the theme ID", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "a2c": { + "service_name": "AWS App2Container", + "prefix": "a2c", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapp2container.html", + "privileges": { + "GetContainerizationJobDetails": { + "privilege": "GetContainerizationJobDetails", + "description": "Grants permission to get the details of all Containerization jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" + }, + "GetDeploymentJobDetails": { + "privilege": "GetDeploymentJobDetails", + "description": "Grants permission to get the details of all Deployment jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" + }, + "StartContainerizationJob": { + "privilege": "StartContainerizationJob", + "description": "Grants permission to start a Containerization job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" + }, + "StartDeploymentJob": { + "privilege": "StartDeploymentJob", + "description": "Grants permission to start a Deploymnet job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tk-dotnet-refactoring/latest/userguide/what-is-tk-dotnet-refactoring.html" + } + }, + "privileges_lower_name": { + "getcontainerizationjobdetails": "GetContainerizationJobDetails", + "getdeploymentjobdetails": "GetDeploymentJobDetails", + "startcontainerizationjob": "StartContainerizationJob", + "startdeploymentjob": "StartDeploymentJob" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "appconfig": { + "service_name": "AWS AppConfig", + "prefix": "appconfig", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappconfig.html", + "privileges": { + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateApplication.html" + }, + "CreateConfigurationProfile": { + "privilege": "CreateConfigurationProfile", + "description": "Grants permission to create a configuration profile", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateConfigurationProfile.html" + }, + "CreateDeploymentStrategy": { + "privilege": "CreateDeploymentStrategy", + "description": "Grants permission to create a deployment strategy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateDeploymentStrategy.html" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to create an environment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateEnvironment.html" + }, + "CreateExtension": { + "privilege": "CreateExtension", + "description": "Grants permission to create an extension", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateExtension.html" + }, + "CreateExtensionAssociation": { + "privilege": "CreateExtensionAssociation", + "description": "Grants permission to create an extension association", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateExtensionAssociation.html" + }, + "CreateHostedConfigurationVersion": { + "privilege": "CreateHostedConfigurationVersion", + "description": "Grants permission to create a hosted configuration version", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_CreateHostedConfigurationVersion.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteApplication.html" + }, + "DeleteConfigurationProfile": { + "privilege": "DeleteConfigurationProfile", + "description": "Grants permission to delete a configuration profile", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteConfigurationProfile.html" + }, + "DeleteDeploymentStrategy": { + "privilege": "DeleteDeploymentStrategy", + "description": "Grants permission to delete a deployment strategy", + "access_level": "Write", + "resource_types": { + "deploymentstrategy": { + "resource_type": "deploymentstrategy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentstrategy": "deploymentstrategy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteDeploymentStrategy.html" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete an environment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteEnvironment.html" + }, + "DeleteExtension": { + "privilege": "DeleteExtension", + "description": "Grants permission to delete an extension", + "access_level": "Write", + "resource_types": { + "extension": { + "resource_type": "extension", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "extension": "extension" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteExtension.html" + }, + "DeleteExtensionAssociation": { + "privilege": "DeleteExtensionAssociation", + "description": "Grants permission to delete an extension association", + "access_level": "Write", + "resource_types": { + "extensionassociation": { + "resource_type": "extensionassociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "extensionassociation": "extensionassociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteExtensionAssociation.html" + }, + "DeleteHostedConfigurationVersion": { + "privilege": "DeleteHostedConfigurationVersion", + "description": "Grants permission to delete a hosted configuration version", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "hostedconfigurationversion": { + "resource_type": "hostedconfigurationversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile", + "hostedconfigurationversion": "hostedconfigurationversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_DeleteHostedConfigurationVersion.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to view details about an application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetApplication.html" + }, + "GetConfiguration": { + "privilege": "GetConfiguration", + "description": "Grants permission to view details about a configuration", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile", + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html" + }, + "GetConfigurationProfile": { + "privilege": "GetConfigurationProfile", + "description": "Grants permission to view details about a configuration profile", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfigurationProfile.html" + }, + "GetDeployment": { + "privilege": "GetDeployment", + "description": "Grants permission to view details about a deployment", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "deployment": "deployment", + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetDeployment.html" + }, + "GetDeploymentStrategy": { + "privilege": "GetDeploymentStrategy", + "description": "Grants permission to view details about a deployment strategy", + "access_level": "Read", + "resource_types": { + "deploymentstrategy": { + "resource_type": "deploymentstrategy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentstrategy": "deploymentstrategy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetDeploymentStrategy.html" + }, + "GetEnvironment": { + "privilege": "GetEnvironment", + "description": "Grants permission to view details about an environment", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetEnvironment.html" + }, + "GetExtension": { + "privilege": "GetExtension", + "description": "Grants permission to view details about an extension", + "access_level": "Read", + "resource_types": { + "extension": { + "resource_type": "extension", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "extension": "extension", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetExtension.html" + }, + "GetExtensionAssociation": { + "privilege": "GetExtensionAssociation", + "description": "Grants permission to view details about an extension association", + "access_level": "Read", + "resource_types": { + "extensionassociation": { + "resource_type": "extensionassociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "extensionassociation": "extensionassociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetExtensionAssociation.html" + }, + "GetHostedConfigurationVersion": { + "privilege": "GetHostedConfigurationVersion", + "description": "Grants permission to view details about a hosted configuration version", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "hostedconfigurationversion": { + "resource_type": "hostedconfigurationversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile", + "hostedconfigurationversion": "hostedconfigurationversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetHostedConfigurationVersion.html" + }, + "GetLatestConfiguration": { + "privilege": "GetLatestConfiguration", + "description": "Grants permission to retrieve a deployed configuration", + "access_level": "Read", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list the applications in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListApplications.html" + }, + "ListConfigurationProfiles": { + "privilege": "ListConfigurationProfiles", + "description": "Grants permission to list the configuration profiles for an application", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListConfigurationProfiles.html" + }, + "ListDeploymentStrategies": { + "privilege": "ListDeploymentStrategies", + "description": "Grants permission to list the deployment strategies for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListDeploymentStrategies.html" + }, + "ListDeployments": { + "privilege": "ListDeployments", + "description": "Grants permission to list the deployments for an environment", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListDeployments.html" + }, + "ListEnvironments": { + "privilege": "ListEnvironments", + "description": "Grants permission to list the environments for an application", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListEnvironments.html" + }, + "ListExtensionAssociations": { + "privilege": "ListExtensionAssociations", + "description": "Grants permission to list the extension associations in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListExtensionAssociations.html" + }, + "ListExtensions": { + "privilege": "ListExtensions", + "description": "Grants permission to list the extensions in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListExtensions.html" + }, + "ListHostedConfigurationVersions": { + "privilege": "ListHostedConfigurationVersions", + "description": "Grants permission to list the hosted configuration versions for a configuration profile", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListHostedConfigurationVersions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to view a list of resource tags for a specified resource", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentstrategy": { + "resource_type": "deploymentstrategy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "extension": { + "resource_type": "extension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "extensionassociation": { + "resource_type": "extensionassociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile", + "deployment": "deployment", + "deploymentstrategy": "deploymentstrategy", + "environment": "environment", + "extension": "extension", + "extensionassociation": "extensionassociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ListTagsForResource.html" + }, + "StartConfigurationSession": { + "privilege": "StartConfigurationSession", + "description": "Grants permission to start a configuration session", + "access_level": "Write", + "resource_types": { + "configuration": { + "resource_type": "configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuration": "configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_StartConfigurationSession.html" + }, + "StartDeployment": { + "privilege": "StartDeployment", + "description": "Grants permission to initiate a deployment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentstrategy": { + "resource_type": "deploymentstrategy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile", + "deploymentstrategy": "deploymentstrategy", + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_StartDeployment.html" + }, + "StopDeployment": { + "privilege": "StopDeployment", + "description": "Grants permission to stop a deployment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "deployment": "deployment", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_StopDeployment.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an appconfig resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration": { + "resource_type": "configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentstrategy": { + "resource_type": "deploymentstrategy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "extension": { + "resource_type": "extension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "extensionassociation": { + "resource_type": "extensionassociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configuration": "configuration", + "configurationprofile": "configurationprofile", + "deployment": "deployment", + "deploymentstrategy": "deploymentstrategy", + "environment": "environment", + "extension": "extension", + "extensionassociation": "extensionassociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an appconfig resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configuration": { + "resource_type": "configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentstrategy": { + "resource_type": "deploymentstrategy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "extension": { + "resource_type": "extension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "extensionassociation": { + "resource_type": "extensionassociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configuration": "configuration", + "configurationprofile": "configurationprofile", + "deployment": "deployment", + "deploymentstrategy": "deploymentstrategy", + "environment": "environment", + "extension": "extension", + "extensionassociation": "extensionassociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to modify an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateApplication.html" + }, + "UpdateConfigurationProfile": { + "privilege": "UpdateConfigurationProfile", + "description": "Grants permission to modify a configuration profile", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateConfigurationProfile.html" + }, + "UpdateDeploymentStrategy": { + "privilege": "UpdateDeploymentStrategy", + "description": "Grants permission to modify a deployment strategy", + "access_level": "Write", + "resource_types": { + "deploymentstrategy": { + "resource_type": "deploymentstrategy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentstrategy": "deploymentstrategy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateDeploymentStrategy.html" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to modify an environment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateEnvironment.html" + }, + "UpdateExtension": { + "privilege": "UpdateExtension", + "description": "Grants permission to modify an extension", + "access_level": "Write", + "resource_types": { + "extension": { + "resource_type": "extension", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "extension": "extension", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateExtension.html" + }, + "UpdateExtensionAssociation": { + "privilege": "UpdateExtensionAssociation", + "description": "Grants permission to modify an extension association", + "access_level": "Write", + "resource_types": { + "extensionassociation": { + "resource_type": "extensionassociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "extensionassociation": "extensionassociation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_UpdateExtensionAssociation.html" + }, + "ValidateConfiguration": { + "privilege": "ValidateConfiguration", + "description": "Grants permission to validate a configuration", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationprofile": { + "resource_type": "configurationprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "configurationprofile": "configurationprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_ValidateConfiguration.html" + } + }, + "privileges_lower_name": { + "createapplication": "CreateApplication", + "createconfigurationprofile": "CreateConfigurationProfile", + "createdeploymentstrategy": "CreateDeploymentStrategy", + "createenvironment": "CreateEnvironment", + "createextension": "CreateExtension", + "createextensionassociation": "CreateExtensionAssociation", + "createhostedconfigurationversion": "CreateHostedConfigurationVersion", + "deleteapplication": "DeleteApplication", + "deleteconfigurationprofile": "DeleteConfigurationProfile", + "deletedeploymentstrategy": "DeleteDeploymentStrategy", + "deleteenvironment": "DeleteEnvironment", + "deleteextension": "DeleteExtension", + "deleteextensionassociation": "DeleteExtensionAssociation", + "deletehostedconfigurationversion": "DeleteHostedConfigurationVersion", + "getapplication": "GetApplication", + "getconfiguration": "GetConfiguration", + "getconfigurationprofile": "GetConfigurationProfile", + "getdeployment": "GetDeployment", + "getdeploymentstrategy": "GetDeploymentStrategy", + "getenvironment": "GetEnvironment", + "getextension": "GetExtension", + "getextensionassociation": "GetExtensionAssociation", + "gethostedconfigurationversion": "GetHostedConfigurationVersion", + "getlatestconfiguration": "GetLatestConfiguration", + "listapplications": "ListApplications", + "listconfigurationprofiles": "ListConfigurationProfiles", + "listdeploymentstrategies": "ListDeploymentStrategies", + "listdeployments": "ListDeployments", + "listenvironments": "ListEnvironments", + "listextensionassociations": "ListExtensionAssociations", + "listextensions": "ListExtensions", + "listhostedconfigurationversions": "ListHostedConfigurationVersions", + "listtagsforresource": "ListTagsForResource", + "startconfigurationsession": "StartConfigurationSession", + "startdeployment": "StartDeployment", + "stopdeployment": "StopDeployment", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication", + "updateconfigurationprofile": "UpdateConfigurationProfile", + "updatedeploymentstrategy": "UpdateDeploymentStrategy", + "updateenvironment": "UpdateEnvironment", + "updateextension": "UpdateExtension", + "updateextensionassociation": "UpdateExtensionAssociation", + "validateconfiguration": "ValidateConfiguration" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/environment/${EnvironmentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "configurationprofile": { + "resource": "configurationprofile", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/configurationprofile/${ConfigurationProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deploymentstrategy": { + "resource": "deploymentstrategy", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:deploymentstrategy/${DeploymentStrategyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deployment": { + "resource": "deployment", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/environment/${EnvironmentId}/deployment/${DeploymentNumber}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "hostedconfigurationversion": { + "resource": "hostedconfigurationversion", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/configurationprofile/${ConfigurationProfileId}/hostedconfigurationversion/${VersionNumber}", + "condition_keys": [] + }, + "configuration": { + "resource": "configuration", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:application/${ApplicationId}/environment/${EnvironmentId}/configuration/${ConfigurationProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "extension": { + "resource": "extension", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:extension/${ExtensionId}/${ExtensionVersionNumber}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "extensionassociation": { + "resource": "extensionassociation", + "arn": "arn:${Partition}:appconfig:${Region}:${Account}:extensionassociation/${ExtensionAssociationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "application": "application", + "environment": "environment", + "configurationprofile": "configurationprofile", + "deploymentstrategy": "deploymentstrategy", + "deployment": "deployment", + "hostedconfigurationversion": "hostedconfigurationversion", + "configuration": "configuration", + "extension": "extension", + "extensionassociation": "extensionassociation" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for a specified tag", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key-value pair assigned to the AWS resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + } + } + }, + "appfabric": { + "service_name": "AWS AppFabric", + "prefix": "appfabric", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappfabric.html", + "privileges": { + "BatchGetUserAccessTasks": { + "privilege": "BatchGetUserAccessTasks", + "description": "Grants permission to start user access tasks for multiple users", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_BatchGetUserAccessTasks.html" + }, + "ConnectAppAuthorization": { + "privilege": "ConnectAppAuthorization", + "description": "Grants permission to connect app authorizations", + "access_level": "Write", + "resource_types": { + "appauthorization": { + "resource_type": "appauthorization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appauthorization": "appauthorization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ConnectAppAuthorization.html" + }, + "CreateAppAuthorization": { + "privilege": "CreateAppAuthorization", + "description": "Grants permission to create app authorizations for app bundles", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateAppAuthorization.html" + }, + "CreateAppBundle": { + "privilege": "CreateAppBundle", + "description": "Grants permission to create app bundles in your account", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateAppBundle.html" + }, + "CreateIngestion": { + "privilege": "CreateIngestion", + "description": "Grants permission to create ingestions for app bundles", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateIngestion.html" + }, + "CreateIngestionDestination": { + "privilege": "CreateIngestionDestination", + "description": "Grants permission to create ingestion destinations for app bundles", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "ingestion": "ingestion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_CreateIngestionDestination.html" + }, + "DeleteAppAuthorization": { + "privilege": "DeleteAppAuthorization", + "description": "Grants permission to delete app authorizations within an app bundle", + "access_level": "Write", + "resource_types": { + "appauthorization": { + "resource_type": "appauthorization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appauthorization": "appauthorization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteAppAuthorization.html" + }, + "DeleteAppBundle": { + "privilege": "DeleteAppBundle", + "description": "Grants permission to delete app bundles in your account", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteAppBundle.html" + }, + "DeleteIngestion": { + "privilege": "DeleteIngestion", + "description": "Grants permission to delete ingestions within an app bundle", + "access_level": "Write", + "resource_types": { + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ingestion": "ingestion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteIngestion.html" + }, + "DeleteIngestionDestination": { + "privilege": "DeleteIngestionDestination", + "description": "Grants permission to delete destinations within an ingestion", + "access_level": "Write", + "resource_types": { + "ingestiondestination": { + "resource_type": "ingestiondestination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ingestiondestination": "ingestiondestination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_DeleteIngestionDestination.html" + }, + "GetAppAuthorization": { + "privilege": "GetAppAuthorization", + "description": "Grants permission to view details about app authorizations", + "access_level": "Read", + "resource_types": { + "appauthorization": { + "resource_type": "appauthorization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appauthorization": "appauthorization", + "appbundle": "appbundle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetAppAuthorization.html" + }, + "GetAppBundle": { + "privilege": "GetAppBundle", + "description": "Grants permission to view details about app bundles", + "access_level": "Read", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetAppBundle.html" + }, + "GetIngestion": { + "privilege": "GetIngestion", + "description": "Grants permission to view details about ingestions", + "access_level": "Read", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "ingestion": "ingestion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetIngestion.html" + }, + "GetIngestionDestination": { + "privilege": "GetIngestionDestination", + "description": "Grants permission to view details about ingestion destinations", + "access_level": "Read", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestiondestination": { + "resource_type": "ingestiondestination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "ingestion": "ingestion", + "ingestiondestination": "ingestiondestination", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_GetIngestionDestination.html" + }, + "ListAppAuthorizations": { + "privilege": "ListAppAuthorizations", + "description": "Grants permission to retrieve a list of app authorizations within an app bundle", + "access_level": "List", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListAppAuthorizations.html" + }, + "ListAppBundles": { + "privilege": "ListAppBundles", + "description": "Grants permission to retrieve a list of app bundles in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListAppBundles.html" + }, + "ListIngestionDestinations": { + "privilege": "ListIngestionDestinations", + "description": "Grants permission to retrieve a list of destinations within an ingestion", + "access_level": "List", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "ingestion": "ingestion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListIngestionDestinations.html" + }, + "ListIngestions": { + "privilege": "ListIngestions", + "description": "Grants permission to retrieve a list of ingestions within an app bundle", + "access_level": "List", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListIngestions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for AppFabric resources", + "access_level": "Read", + "resource_types": { + "appauthorization": { + "resource_type": "appauthorization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "appbundle": { + "resource_type": "appbundle", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestiondestination": { + "resource_type": "ingestiondestination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appauthorization": "appauthorization", + "appbundle": "appbundle", + "ingestion": "ingestion", + "ingestiondestination": "ingestiondestination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_ListTagsForResource.html" + }, + "StartIngestion": { + "privilege": "StartIngestion", + "description": "Grants permission to start ingestions", + "access_level": "Write", + "resource_types": { + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ingestion": "ingestion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_StartIngestion.html" + }, + "StartUserAccessTasks": { + "privilege": "StartUserAccessTasks", + "description": "Grants permission to start user access tasks", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_StartUserAccessTasks.html" + }, + "StopIngestion": { + "privilege": "StopIngestion", + "description": "Grants permission to stop ingestions", + "access_level": "Write", + "resource_types": { + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ingestion": "ingestion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_StopIngestion.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag AppFabric resources", + "access_level": "Tagging", + "resource_types": { + "appauthorization": { + "resource_type": "appauthorization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "appbundle": { + "resource_type": "appbundle", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestiondestination": { + "resource_type": "ingestiondestination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appauthorization": "appauthorization", + "appbundle": "appbundle", + "ingestion": "ingestion", + "ingestiondestination": "ingestiondestination", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag AppFabric resources", + "access_level": "Tagging", + "resource_types": { + "appauthorization": { + "resource_type": "appauthorization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "appbundle": { + "resource_type": "appbundle", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestiondestination": { + "resource_type": "ingestiondestination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appauthorization": "appauthorization", + "appbundle": "appbundle", + "ingestion": "ingestion", + "ingestiondestination": "ingestiondestination", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_UntagResource.html" + }, + "UpdateAppAuthorization": { + "privilege": "UpdateAppAuthorization", + "description": "Grants permission to update app authorizations within app bundles", + "access_level": "Write", + "resource_types": { + "appauthorization": { + "resource_type": "appauthorization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appauthorization": "appauthorization", + "appbundle": "appbundle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_UpdateAppAuthorization.html" + }, + "UpdateIngestionDestination": { + "privilege": "UpdateIngestionDestination", + "description": "Grants permission to update destinations within ingestions", + "access_level": "Write", + "resource_types": { + "appbundle": { + "resource_type": "appbundle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestion": { + "resource_type": "ingestion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ingestiondestination": { + "resource_type": "ingestiondestination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appbundle": "appbundle", + "ingestion": "ingestion", + "ingestiondestination": "ingestiondestination", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appfabric/latest/api/API_UpdateIngestionDestination.html" + } + }, + "privileges_lower_name": { + "batchgetuseraccesstasks": "BatchGetUserAccessTasks", + "connectappauthorization": "ConnectAppAuthorization", + "createappauthorization": "CreateAppAuthorization", + "createappbundle": "CreateAppBundle", + "createingestion": "CreateIngestion", + "createingestiondestination": "CreateIngestionDestination", + "deleteappauthorization": "DeleteAppAuthorization", + "deleteappbundle": "DeleteAppBundle", + "deleteingestion": "DeleteIngestion", + "deleteingestiondestination": "DeleteIngestionDestination", + "getappauthorization": "GetAppAuthorization", + "getappbundle": "GetAppBundle", + "getingestion": "GetIngestion", + "getingestiondestination": "GetIngestionDestination", + "listappauthorizations": "ListAppAuthorizations", + "listappbundles": "ListAppBundles", + "listingestiondestinations": "ListIngestionDestinations", + "listingestions": "ListIngestions", + "listtagsforresource": "ListTagsForResource", + "startingestion": "StartIngestion", + "startuseraccesstasks": "StartUserAccessTasks", + "stopingestion": "StopIngestion", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateappauthorization": "UpdateAppAuthorization", + "updateingestiondestination": "UpdateIngestionDestination" + }, + "resources": { + "appbundle": { + "resource": "appbundle", + "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppBundleIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "appauthorization": { + "resource": "appauthorization", + "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppbundleId}/appauthorization/${AppAuthorizationIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ingestion": { + "resource": "ingestion", + "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppbundleId}/ingestion/${IngestionIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ingestiondestination": { + "resource": "ingestiondestination", + "arn": "arn:${Partition}:appfabric:${Region}:${Account}:appbundle/${AppbundleId}/ingestion/${IngestionIdentifier}/ingestiondestination/${IngestionDestinationIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "appbundle": "appbundle", + "appauthorization": "appauthorization", + "ingestion": "ingestion", + "ingestiondestination": "ingestiondestination" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "application-autoscaling": { + "service_name": "AWS Application Auto Scaling", + "prefix": "application-autoscaling", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapplicationautoscaling.html", + "privileges": { + "DeleteScalingPolicy": { + "privilege": "DeleteScalingPolicy", + "description": "Grants permission to delete a scaling policy", + "access_level": "Write", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "application-autoscaling:service-namespace", + "application-autoscaling:scalable-dimension" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DeleteScalingPolicy.html" + }, + "DeleteScheduledAction": { + "privilege": "DeleteScheduledAction", + "description": "Grants permission to delete a scheduled action", + "access_level": "Write", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "application-autoscaling:service-namespace", + "application-autoscaling:scalable-dimension" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DeleteScheduledAction.html" + }, + "DeregisterScalableTarget": { + "privilege": "DeregisterScalableTarget", + "description": "Grants permission to deregister a scalable target", + "access_level": "Write", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "application-autoscaling:service-namespace", + "application-autoscaling:scalable-dimension" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DeregisterScalableTarget.html" + }, + "DescribeScalableTargets": { + "privilege": "DescribeScalableTargets", + "description": "Grants permission to describe one or more scalable targets in the specified namespace", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScalableTargets.html" + }, + "DescribeScalingActivities": { + "privilege": "DescribeScalingActivities", + "description": "Grants permission to describe a set of scaling activities or all scaling activities in the specified namespace", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScalingActivities.html" + }, + "DescribeScalingPolicies": { + "privilege": "DescribeScalingPolicies", + "description": "Grants permission to describe a set of scaling policies or all scaling policies in the specified namespace", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScalingPolicies.html" + }, + "DescribeScheduledActions": { + "privilege": "DescribeScheduledActions", + "description": "Grants permission to describe a set of scheduled actions or all scheduled actions in the specified namespace", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_DescribeScheduledActions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a scalable target", + "access_level": "Tagging", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_ListTagsForResource.html" + }, + "PutScalingPolicy": { + "privilege": "PutScalingPolicy", + "description": "Grants permission to create and update a scaling policy for a scalable target", + "access_level": "Write", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "application-autoscaling:service-namespace", + "application-autoscaling:scalable-dimension" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScalingPolicy.html" + }, + "PutScheduledAction": { + "privilege": "PutScheduledAction", + "description": "Grants permission to create and update a scheduled action for a scalable target", + "access_level": "Write", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "application-autoscaling:service-namespace", + "application-autoscaling:scalable-dimension" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html" + }, + "RegisterScalableTarget": { + "privilege": "RegisterScalableTarget", + "description": "Grants permission to register AWS or custom resources as scalable targets with Application Auto Scaling and to update configuration parameters used to manage a scalable target", + "access_level": "Write", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "application-autoscaling:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "application-autoscaling:service-namespace", + "application-autoscaling:scalable-dimension" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_RegisterScalableTarget.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a scalable target", + "access_level": "Tagging", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a scalable target", + "access_level": "Tagging", + "resource_types": { + "ScalableTarget": { + "resource_type": "ScalableTarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scalabletarget": "ScalableTarget", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/application/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "deletescalingpolicy": "DeleteScalingPolicy", + "deletescheduledaction": "DeleteScheduledAction", + "deregisterscalabletarget": "DeregisterScalableTarget", + "describescalabletargets": "DescribeScalableTargets", + "describescalingactivities": "DescribeScalingActivities", + "describescalingpolicies": "DescribeScalingPolicies", + "describescheduledactions": "DescribeScheduledActions", + "listtagsforresource": "ListTagsForResource", + "putscalingpolicy": "PutScalingPolicy", + "putscheduledaction": "PutScheduledAction", + "registerscalabletarget": "RegisterScalableTarget", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "ScalableTarget": { + "resource": "ScalableTarget", + "arn": "arn:${Partition}:application-autoscaling:${Region}:${Account}:scalable-target/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "scalabletarget": "ScalableTarget" + }, + "conditions": { + "application-autoscaling:scalable-dimension": { + "condition": "application-autoscaling:scalable-dimension", + "description": "Filters access by the scalable dimension that is passed in the request", + "type": "String" + }, + "application-autoscaling:service-namespace": { + "condition": "application-autoscaling:service-namespace", + "description": "Filters access by the service namespace that is passed in the request", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "application-cost-profiler": { + "service_name": "AWS Application Cost Profiler Service", + "prefix": "application-cost-profiler", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapplicationcostprofilerservice.html", + "privileges": { + "DeleteReportDefinition": { + "privilege": "DeleteReportDefinition", + "description": "Grants permission to delete the configuration with specific Application Cost Profiler Report thereby effectively disabling report generation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_DeleteReportDefinition.html" + }, + "GetReportDefinition": { + "privilege": "GetReportDefinition", + "description": "Grants permission to fetch the configuration with specific Application Cost Profiler Report request", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_GetReportDefinition.html" + }, + "ImportApplicationUsage": { + "privilege": "ImportApplicationUsage", + "description": "Grants permission to import the application usage from S3", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_ImportApplicationUsage.html" + }, + "ListReportDefinitions": { + "privilege": "ListReportDefinitions", + "description": "Grants permission to get a list of the different Application Cost Profiler Report configurations they have created", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_ListReportDefinitions.html" + }, + "PutReportDefinition": { + "privilege": "PutReportDefinition", + "description": "Grants permission to create Application Cost Profiler Report configurations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_PutReportDefinition.html" + }, + "UpdateReportDefinition": { + "privilege": "UpdateReportDefinition", + "description": "Grants permission to update an existing Application Cost Profiler Report configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/application-cost-profiler/latest/APIReference/API_UpdateReportDefinition.html" + } + }, + "privileges_lower_name": { + "deletereportdefinition": "DeleteReportDefinition", + "getreportdefinition": "GetReportDefinition", + "importapplicationusage": "ImportApplicationUsage", + "listreportdefinitions": "ListReportDefinitions", + "putreportdefinition": "PutReportDefinition", + "updatereportdefinition": "UpdateReportDefinition" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "mgn": { + "service_name": "AWS Application Migration Service", + "prefix": "mgn", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapplicationmigrationservice.html", + "privileges": { + "ArchiveApplication": { + "privilege": "ArchiveApplication", + "description": "Grants permission to archive an application", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ArchiveApplication.html" + }, + "ArchiveWave": { + "privilege": "ArchiveWave", + "description": "Grants permission to archive a wave", + "access_level": "Write", + "resource_types": { + "WaveResource": { + "resource_type": "WaveResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "waveresource": "WaveResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ArchiveWave.html" + }, + "AssociateApplications": { + "privilege": "AssociateApplications", + "description": "Grants permission to associate applications to a wave", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WaveResource": { + "resource_type": "WaveResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource", + "waveresource": "WaveResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_AssociateApplications.html" + }, + "AssociateSourceServers": { + "privilege": "AssociateSourceServers", + "description": "Grants permission to associate source servers to an application", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_AssociateSourceServers.html" + }, + "BatchCreateVolumeSnapshotGroupForMgn": { + "privilege": "BatchCreateVolumeSnapshotGroupForMgn", + "description": "Grants permission to create volume snapshot group", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "BatchDeleteSnapshotRequestForMgn": { + "privilege": "BatchDeleteSnapshotRequestForMgn", + "description": "Grants permission to batch delete snapshot request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "ChangeServerLifeCycleState": { + "privilege": "ChangeServerLifeCycleState", + "description": "Grants permission to change source server life cycle state", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ChangeServerLifeCycleState.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateApplication.html" + }, + "CreateLaunchConfigurationTemplate": { + "privilege": "CreateLaunchConfigurationTemplate", + "description": "Grants permission to create launch configuration template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateLaunchConfigurationTemplate.html" + }, + "CreateReplicationConfigurationTemplate": { + "privilege": "CreateReplicationConfigurationTemplate", + "description": "Grants permission to create replication configuration template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateReplicationConfigurationTemplate.html" + }, + "CreateVcenterClientForMgn": { + "privilege": "CreateVcenterClientForMgn", + "description": "Grants permission to create vcenter client", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "CreateWave": { + "privilege": "CreateWave", + "description": "Grants permission to create a wave", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_CreateWave.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteApplication.html" + }, + "DeleteJob": { + "privilege": "DeleteJob", + "description": "Grants permission to delete job", + "access_level": "Write", + "resource_types": { + "JobResource": { + "resource_type": "JobResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobresource": "JobResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteJob.html" + }, + "DeleteLaunchConfigurationTemplate": { + "privilege": "DeleteLaunchConfigurationTemplate", + "description": "Grants permission to delete launch configuration template", + "access_level": "Write", + "resource_types": { + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteLaunchConfigurationTemplate.html" + }, + "DeleteReplicationConfigurationTemplate": { + "privilege": "DeleteReplicationConfigurationTemplate", + "description": "Grants permission to delete replication configuration template", + "access_level": "Write", + "resource_types": { + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteReplicationConfigurationTemplate.html" + }, + "DeleteSourceServer": { + "privilege": "DeleteSourceServer", + "description": "Grants permission to delete source server", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteSourceServer.html" + }, + "DeleteVcenterClient": { + "privilege": "DeleteVcenterClient", + "description": "Grants permission to delete vcenter client", + "access_level": "Write", + "resource_types": { + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vcenterclientresource": "VcenterClientResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteVcenterClient.html" + }, + "DeleteWave": { + "privilege": "DeleteWave", + "description": "Grants permission to delete a wave", + "access_level": "Write", + "resource_types": { + "WaveResource": { + "resource_type": "WaveResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "waveresource": "WaveResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DeleteWave.html" + }, + "DescribeJobLogItems": { + "privilege": "DescribeJobLogItems", + "description": "Grants permission to describe job log items", + "access_level": "Read", + "resource_types": { + "JobResource": { + "resource_type": "JobResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobresource": "JobResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeJobLogItems.html" + }, + "DescribeJobs": { + "privilege": "DescribeJobs", + "description": "Grants permission to describe jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeJobs.html" + }, + "DescribeLaunchConfigurationTemplates": { + "privilege": "DescribeLaunchConfigurationTemplates", + "description": "Grants permission to describe launch configuration template", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeLaunchConfigurationTemplates.html" + }, + "DescribeReplicationConfigurationTemplates": { + "privilege": "DescribeReplicationConfigurationTemplates", + "description": "Grants permission to describe replication configuration template", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeReplicationConfigurationTemplates.html" + }, + "DescribeReplicationServerAssociationsForMgn": { + "privilege": "DescribeReplicationServerAssociationsForMgn", + "description": "Grants permission to describe replication server associations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "DescribeSnapshotRequestsForMgn": { + "privilege": "DescribeSnapshotRequestsForMgn", + "description": "Grants permission to describe snapshots requests", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "DescribeSourceServers": { + "privilege": "DescribeSourceServers", + "description": "Grants permission to describe source servers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeSourceServers.html" + }, + "DescribeVcenterClients": { + "privilege": "DescribeVcenterClients", + "description": "Grants permission to describe vcenter clients", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DescribeVcenterClients.html" + }, + "DisassociateApplications": { + "privilege": "DisassociateApplications", + "description": "Grants permission to disassociate applications from a wave", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WaveResource": { + "resource_type": "WaveResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource", + "waveresource": "WaveResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DisassociateApplications.html" + }, + "DisassociateSourceServers": { + "privilege": "DisassociateSourceServers", + "description": "Grants permission to disassociate source servers from an application", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DisassociateSourceServers.html" + }, + "DisconnectFromService": { + "privilege": "DisconnectFromService", + "description": "Grants permission to disconnect source server from service", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_DisconnectFromService.html" + }, + "FinalizeCutover": { + "privilege": "FinalizeCutover", + "description": "Grants permission to finalize cutover", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_FinalizeCutover.html" + }, + "GetAgentCommandForMgn": { + "privilege": "GetAgentCommandForMgn", + "description": "Grants permission to get agent command", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "GetAgentConfirmedResumeInfoForMgn": { + "privilege": "GetAgentConfirmedResumeInfoForMgn", + "description": "Grants permission to get agent confirmed resume info", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "GetAgentInstallationAssetsForMgn": { + "privilege": "GetAgentInstallationAssetsForMgn", + "description": "Grants permission to get agent installation assets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "GetAgentReplicationInfoForMgn": { + "privilege": "GetAgentReplicationInfoForMgn", + "description": "Grants permission to get agent replication info", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "GetAgentRuntimeConfigurationForMgn": { + "privilege": "GetAgentRuntimeConfigurationForMgn", + "description": "Grants permission to get agent runtime configuration", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "GetAgentSnapshotCreditsForMgn": { + "privilege": "GetAgentSnapshotCreditsForMgn", + "description": "Grants permission to get agent snapshots credits", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "GetChannelCommandsForMgn": { + "privilege": "GetChannelCommandsForMgn", + "description": "Grants permission to get channel commands", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "GetLaunchConfiguration": { + "privilege": "GetLaunchConfiguration", + "description": "Grants permission to get launch configuration", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_GetLaunchConfiguration.html" + }, + "GetReplicationConfiguration": { + "privilege": "GetReplicationConfiguration", + "description": "Grants permission to get replication configuration", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_GetReplicationConfiguration.html" + }, + "GetVcenterClientCommandsForMgn": { + "privilege": "GetVcenterClientCommandsForMgn", + "description": "Grants permission to get vcenter client commands", + "access_level": "Read", + "resource_types": { + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vcenterclientresource": "VcenterClientResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "InitializeService": { + "privilege": "InitializeService", + "description": "Grants permission to initialize service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:AddRoleToInstanceProfile", + "iam:CreateInstanceProfile", + "iam:CreateServiceLinkedRole", + "iam:GetInstanceProfile" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_InitializeService.html" + }, + "IssueClientCertificateForMgn": { + "privilege": "IssueClientCertificateForMgn", + "description": "Grants permission to issue a client certificate", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list application summaries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListApplications.html" + }, + "ListExportErrors": { + "privilege": "ListExportErrors", + "description": "Grants permission to list the errors of an export task", + "access_level": "List", + "resource_types": { + "ExportResource": { + "resource_type": "ExportResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "exportresource": "ExportResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListExportErrors.html" + }, + "ListExports": { + "privilege": "ListExports", + "description": "Grants permission to list export tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListExports.html" + }, + "ListImportErrors": { + "privilege": "ListImportErrors", + "description": "Grants permission to list the errors of an import task", + "access_level": "List", + "resource_types": { + "ImportResource": { + "resource_type": "ImportResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "importresource": "ImportResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListImportErrors.html" + }, + "ListImports": { + "privilege": "ListImports", + "description": "Grants permission to list the import tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListImports.html" + }, + "ListManagedAccounts": { + "privilege": "ListManagedAccounts", + "description": "Grants permission to list managed accounts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListManagedAccounts.html" + }, + "ListSourceServerActions": { + "privilege": "ListSourceServerActions", + "description": "Grants permission to list source server action documents", + "access_level": "List", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListSourceServerActions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTemplateActions": { + "privilege": "ListTemplateActions", + "description": "Grants permission to list launch configuration template action documents", + "access_level": "List", + "resource_types": { + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListTemplateActions.html" + }, + "ListWaves": { + "privilege": "ListWaves", + "description": "Grants permission to list wave summaries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ListWaves.html" + }, + "MarkAsArchived": { + "privilege": "MarkAsArchived", + "description": "Grants permission to mark source server as archived", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_MarkAsArchived.html" + }, + "NotifyAgentAuthenticationForMgn": { + "privilege": "NotifyAgentAuthenticationForMgn", + "description": "Grants permission to notify agent authentication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "NotifyAgentConnectedForMgn": { + "privilege": "NotifyAgentConnectedForMgn", + "description": "Grants permission to notify agent is connected", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "NotifyAgentDisconnectedForMgn": { + "privilege": "NotifyAgentDisconnectedForMgn", + "description": "Grants permission to notify agent is disconnected", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "NotifyAgentReplicationProgressForMgn": { + "privilege": "NotifyAgentReplicationProgressForMgn", + "description": "Grants permission to notify agent replication progress", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "NotifyVcenterClientStartedForMgn": { + "privilege": "NotifyVcenterClientStartedForMgn", + "description": "Grants permission to notify vcenter client started", + "access_level": "Write", + "resource_types": { + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vcenterclientresource": "VcenterClientResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "PauseReplication": { + "privilege": "PauseReplication", + "description": "Grants permission to pause replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_PauseReplication.html" + }, + "PutSourceServerAction": { + "privilege": "PutSourceServerAction", + "description": "Grants permission to put source server action document", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_PutSourceServerAction.html" + }, + "PutTemplateAction": { + "privilege": "PutTemplateAction", + "description": "Grants permission to put launch configuration template action document", + "access_level": "Write", + "resource_types": { + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_PutTemplateAction.html" + }, + "RegisterAgentForMgn": { + "privilege": "RegisterAgentForMgn", + "description": "Grants permission to register agent", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "RemoveSourceServerAction": { + "privilege": "RemoveSourceServerAction", + "description": "Grants permission to remove source server action document", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_RemoveSourceServerAction.html" + }, + "RemoveTemplateAction": { + "privilege": "RemoveTemplateAction", + "description": "Grants permission to remove launch configuration template action document", + "access_level": "Write", + "resource_types": { + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_RemoveTemplateAction.html" + }, + "ResumeReplication": { + "privilege": "ResumeReplication", + "description": "Grants permission to resume replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_ResumeReplication.html" + }, + "RetryDataReplication": { + "privilege": "RetryDataReplication", + "description": "Grants permission to retry replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_RetryDataReplication.html" + }, + "SendAgentLogsForMgn": { + "privilege": "SendAgentLogsForMgn", + "description": "Grants permission to send agent logs", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "SendAgentMetricsForMgn": { + "privilege": "SendAgentMetricsForMgn", + "description": "Grants permission to send agent metrics", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "SendChannelCommandResultForMgn": { + "privilege": "SendChannelCommandResultForMgn", + "description": "Grants permission to send channel command result", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "SendClientLogsForMgn": { + "privilege": "SendClientLogsForMgn", + "description": "Grants permission to send client logs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "SendClientMetricsForMgn": { + "privilege": "SendClientMetricsForMgn", + "description": "Grants permission to send client metrics", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "SendVcenterClientCommandResultForMgn": { + "privilege": "SendVcenterClientCommandResultForMgn", + "description": "Grants permission to send vcenter client command result", + "access_level": "Write", + "resource_types": { + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vcenterclientresource": "VcenterClientResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "SendVcenterClientLogsForMgn": { + "privilege": "SendVcenterClientLogsForMgn", + "description": "Grants permission to send vcenter client logs", + "access_level": "Write", + "resource_types": { + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vcenterclientresource": "VcenterClientResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "SendVcenterClientMetricsForMgn": { + "privilege": "SendVcenterClientMetricsForMgn", + "description": "Grants permission to send vcenter client metrics", + "access_level": "Write", + "resource_types": { + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vcenterclientresource": "VcenterClientResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "StartCutover": { + "privilege": "StartCutover", + "description": "Grants permission to start cutover", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:AttachVolume", + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateLaunchTemplate", + "ec2:CreateLaunchTemplateVersion", + "ec2:CreateSecurityGroup", + "ec2:CreateSnapshot", + "ec2:CreateTags", + "ec2:CreateVolume", + "ec2:DeleteLaunchTemplateVersions", + "ec2:DeleteSnapshot", + "ec2:DeleteVolume", + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstanceTypes", + "ec2:DescribeInstances", + "ec2:DescribeLaunchTemplateVersions", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSnapshots", + "ec2:DescribeSubnets", + "ec2:DescribeVolumes", + "ec2:DetachVolume", + "ec2:ModifyInstanceAttribute", + "ec2:ModifyLaunchTemplate", + "ec2:ReportInstanceStatus", + "ec2:RevokeSecurityGroupEgress", + "ec2:RunInstances", + "ec2:StartInstances", + "ec2:StopInstances", + "ec2:TerminateInstances", + "iam:PassRole", + "mgn:ListTagsForResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartCutover.html" + }, + "StartExport": { + "privilege": "StartExport", + "description": "Grants permission to start an export task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeLaunchTemplateVersions", + "mgn:DescribeSourceServers", + "mgn:GetLaunchConfiguration", + "mgn:ListApplications", + "mgn:ListWaves", + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartExport.html" + }, + "StartImport": { + "privilege": "StartImport", + "description": "Grants permission to create an import task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateLaunchTemplateVersion", + "ec2:DescribeLaunchTemplateVersions", + "ec2:ModifyLaunchTemplate", + "mgn:DescribeSourceServers", + "mgn:GetLaunchConfiguration", + "mgn:ListApplications", + "mgn:ListWaves", + "mgn:TagResource", + "mgn:UpdateLaunchConfiguration", + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartImport.html" + }, + "StartReplication": { + "privilege": "StartReplication", + "description": "Grants permission to start replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartReplication.html" + }, + "StartTest": { + "privilege": "StartTest", + "description": "Grants permission to start test", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:AttachVolume", + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateLaunchTemplate", + "ec2:CreateLaunchTemplateVersion", + "ec2:CreateSecurityGroup", + "ec2:CreateSnapshot", + "ec2:CreateTags", + "ec2:CreateVolume", + "ec2:DeleteLaunchTemplateVersions", + "ec2:DeleteSnapshot", + "ec2:DeleteVolume", + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstanceTypes", + "ec2:DescribeInstances", + "ec2:DescribeLaunchTemplateVersions", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSnapshots", + "ec2:DescribeSubnets", + "ec2:DescribeVolumes", + "ec2:DetachVolume", + "ec2:ModifyInstanceAttribute", + "ec2:ModifyLaunchTemplate", + "ec2:ReportInstanceStatus", + "ec2:RevokeSecurityGroupEgress", + "ec2:RunInstances", + "ec2:StartInstances", + "ec2:StopInstances", + "ec2:TerminateInstances", + "iam:PassRole", + "mgn:ListTagsForResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StartTest.html" + }, + "StopReplication": { + "privilege": "StopReplication", + "description": "Grants permission to stop replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_StopReplication.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign a resource tag", + "access_level": "Tagging", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "JobResource": { + "resource_type": "JobResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WaveResource": { + "resource_type": "WaveResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "mgn:CreateAction", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource", + "jobresource": "JobResource", + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource", + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource", + "sourceserverresource": "SourceServerResource", + "vcenterclientresource": "VcenterClientResource", + "waveresource": "WaveResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_TagResource.html" + }, + "TerminateTargetInstances": { + "privilege": "TerminateTargetInstances", + "description": "Grants permission to terminate target instances", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteVolume", + "ec2:DescribeInstances", + "ec2:DescribeVolumes", + "ec2:TerminateInstances" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_TerminateTargetInstances.html" + }, + "UnarchiveApplication": { + "privilege": "UnarchiveApplication", + "description": "Grants permission to unarchive an application", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UnarchiveApplication.html" + }, + "UnarchiveWave": { + "privilege": "UnarchiveWave", + "description": "Grants permission to unarchive a wave", + "access_level": "Write", + "resource_types": { + "WaveResource": { + "resource_type": "WaveResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "waveresource": "WaveResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UnarchiveWave.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "JobResource": { + "resource_type": "JobResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "VcenterClientResource": { + "resource_type": "VcenterClientResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WaveResource": { + "resource_type": "WaveResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource", + "jobresource": "JobResource", + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource", + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource", + "sourceserverresource": "SourceServerResource", + "vcenterclientresource": "VcenterClientResource", + "waveresource": "WaveResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UntagResource.html" + }, + "UpdateAgentBacklogForMgn": { + "privilege": "UpdateAgentBacklogForMgn", + "description": "Grants permission to update agent backlog", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "UpdateAgentConversionInfoForMgn": { + "privilege": "UpdateAgentConversionInfoForMgn", + "description": "Grants permission to update agent conversion info", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "UpdateAgentReplicationInfoForMgn": { + "privilege": "UpdateAgentReplicationInfoForMgn", + "description": "Grants permission to update agent replication info", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "UpdateAgentReplicationProcessStateForMgn": { + "privilege": "UpdateAgentReplicationProcessStateForMgn", + "description": "Grants permission to update agent replication process state", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "UpdateAgentSourcePropertiesForMgn": { + "privilege": "UpdateAgentSourcePropertiesForMgn", + "description": "Grants permission to update agent source properties", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update an application", + "access_level": "Write", + "resource_types": { + "ApplicationResource": { + "resource_type": "ApplicationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationresource": "ApplicationResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateApplication.html" + }, + "UpdateLaunchConfiguration": { + "privilege": "UpdateLaunchConfiguration", + "description": "Grants permission to update launch configuration", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateLaunchConfiguration.html" + }, + "UpdateLaunchConfigurationTemplate": { + "privilege": "UpdateLaunchConfigurationTemplate", + "description": "Grants permission to update launch configuration", + "access_level": "Write", + "resource_types": { + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateLaunchConfigurationTemplate.html" + }, + "UpdateReplicationConfiguration": { + "privilege": "UpdateReplicationConfiguration", + "description": "Grants permission to update replication configuration", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateReplicationConfiguration.html" + }, + "UpdateReplicationConfigurationTemplate": { + "privilege": "UpdateReplicationConfigurationTemplate", + "description": "Grants permission to update replication configuration template", + "access_level": "Write", + "resource_types": { + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateReplicationConfigurationTemplate.html" + }, + "UpdateSourceServerReplicationType": { + "privilege": "UpdateSourceServerReplicationType", + "description": "Grants permission to update source server replication type", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateSourceServerReplicationType.html" + }, + "UpdateWave": { + "privilege": "UpdateWave", + "description": "Grants permission to update a wave", + "access_level": "Write", + "resource_types": { + "WaveResource": { + "resource_type": "WaveResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "waveresource": "WaveResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/APIReference/API_UpdateWave.html" + }, + "VerifyClientRoleForMgn": { + "privilege": "VerifyClientRoleForMgn", + "description": "Grants permission to verify client role", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mgn/latest/ug/mgn-apis.html" + } + }, + "privileges_lower_name": { + "archiveapplication": "ArchiveApplication", + "archivewave": "ArchiveWave", + "associateapplications": "AssociateApplications", + "associatesourceservers": "AssociateSourceServers", + "batchcreatevolumesnapshotgroupformgn": "BatchCreateVolumeSnapshotGroupForMgn", + "batchdeletesnapshotrequestformgn": "BatchDeleteSnapshotRequestForMgn", + "changeserverlifecyclestate": "ChangeServerLifeCycleState", + "createapplication": "CreateApplication", + "createlaunchconfigurationtemplate": "CreateLaunchConfigurationTemplate", + "createreplicationconfigurationtemplate": "CreateReplicationConfigurationTemplate", + "createvcenterclientformgn": "CreateVcenterClientForMgn", + "createwave": "CreateWave", + "deleteapplication": "DeleteApplication", + "deletejob": "DeleteJob", + "deletelaunchconfigurationtemplate": "DeleteLaunchConfigurationTemplate", + "deletereplicationconfigurationtemplate": "DeleteReplicationConfigurationTemplate", + "deletesourceserver": "DeleteSourceServer", + "deletevcenterclient": "DeleteVcenterClient", + "deletewave": "DeleteWave", + "describejoblogitems": "DescribeJobLogItems", + "describejobs": "DescribeJobs", + "describelaunchconfigurationtemplates": "DescribeLaunchConfigurationTemplates", + "describereplicationconfigurationtemplates": "DescribeReplicationConfigurationTemplates", + "describereplicationserverassociationsformgn": "DescribeReplicationServerAssociationsForMgn", + "describesnapshotrequestsformgn": "DescribeSnapshotRequestsForMgn", + "describesourceservers": "DescribeSourceServers", + "describevcenterclients": "DescribeVcenterClients", + "disassociateapplications": "DisassociateApplications", + "disassociatesourceservers": "DisassociateSourceServers", + "disconnectfromservice": "DisconnectFromService", + "finalizecutover": "FinalizeCutover", + "getagentcommandformgn": "GetAgentCommandForMgn", + "getagentconfirmedresumeinfoformgn": "GetAgentConfirmedResumeInfoForMgn", + "getagentinstallationassetsformgn": "GetAgentInstallationAssetsForMgn", + "getagentreplicationinfoformgn": "GetAgentReplicationInfoForMgn", + "getagentruntimeconfigurationformgn": "GetAgentRuntimeConfigurationForMgn", + "getagentsnapshotcreditsformgn": "GetAgentSnapshotCreditsForMgn", + "getchannelcommandsformgn": "GetChannelCommandsForMgn", + "getlaunchconfiguration": "GetLaunchConfiguration", + "getreplicationconfiguration": "GetReplicationConfiguration", + "getvcenterclientcommandsformgn": "GetVcenterClientCommandsForMgn", + "initializeservice": "InitializeService", + "issueclientcertificateformgn": "IssueClientCertificateForMgn", + "listapplications": "ListApplications", + "listexporterrors": "ListExportErrors", + "listexports": "ListExports", + "listimporterrors": "ListImportErrors", + "listimports": "ListImports", + "listmanagedaccounts": "ListManagedAccounts", + "listsourceserveractions": "ListSourceServerActions", + "listtagsforresource": "ListTagsForResource", + "listtemplateactions": "ListTemplateActions", + "listwaves": "ListWaves", + "markasarchived": "MarkAsArchived", + "notifyagentauthenticationformgn": "NotifyAgentAuthenticationForMgn", + "notifyagentconnectedformgn": "NotifyAgentConnectedForMgn", + "notifyagentdisconnectedformgn": "NotifyAgentDisconnectedForMgn", + "notifyagentreplicationprogressformgn": "NotifyAgentReplicationProgressForMgn", + "notifyvcenterclientstartedformgn": "NotifyVcenterClientStartedForMgn", + "pausereplication": "PauseReplication", + "putsourceserveraction": "PutSourceServerAction", + "puttemplateaction": "PutTemplateAction", + "registeragentformgn": "RegisterAgentForMgn", + "removesourceserveraction": "RemoveSourceServerAction", + "removetemplateaction": "RemoveTemplateAction", + "resumereplication": "ResumeReplication", + "retrydatareplication": "RetryDataReplication", + "sendagentlogsformgn": "SendAgentLogsForMgn", + "sendagentmetricsformgn": "SendAgentMetricsForMgn", + "sendchannelcommandresultformgn": "SendChannelCommandResultForMgn", + "sendclientlogsformgn": "SendClientLogsForMgn", + "sendclientmetricsformgn": "SendClientMetricsForMgn", + "sendvcenterclientcommandresultformgn": "SendVcenterClientCommandResultForMgn", + "sendvcenterclientlogsformgn": "SendVcenterClientLogsForMgn", + "sendvcenterclientmetricsformgn": "SendVcenterClientMetricsForMgn", + "startcutover": "StartCutover", + "startexport": "StartExport", + "startimport": "StartImport", + "startreplication": "StartReplication", + "starttest": "StartTest", + "stopreplication": "StopReplication", + "tagresource": "TagResource", + "terminatetargetinstances": "TerminateTargetInstances", + "unarchiveapplication": "UnarchiveApplication", + "unarchivewave": "UnarchiveWave", + "untagresource": "UntagResource", + "updateagentbacklogformgn": "UpdateAgentBacklogForMgn", + "updateagentconversioninfoformgn": "UpdateAgentConversionInfoForMgn", + "updateagentreplicationinfoformgn": "UpdateAgentReplicationInfoForMgn", + "updateagentreplicationprocessstateformgn": "UpdateAgentReplicationProcessStateForMgn", + "updateagentsourcepropertiesformgn": "UpdateAgentSourcePropertiesForMgn", + "updateapplication": "UpdateApplication", + "updatelaunchconfiguration": "UpdateLaunchConfiguration", + "updatelaunchconfigurationtemplate": "UpdateLaunchConfigurationTemplate", + "updatereplicationconfiguration": "UpdateReplicationConfiguration", + "updatereplicationconfigurationtemplate": "UpdateReplicationConfigurationTemplate", + "updatesourceserverreplicationtype": "UpdateSourceServerReplicationType", + "updatewave": "UpdateWave", + "verifyclientroleformgn": "VerifyClientRoleForMgn" + }, + "resources": { + "JobResource": { + "resource": "JobResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:job/${JobID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ReplicationConfigurationTemplateResource": { + "resource": "ReplicationConfigurationTemplateResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:replication-configuration-template/${ReplicationConfigurationTemplateID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "LaunchConfigurationTemplateResource": { + "resource": "LaunchConfigurationTemplateResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:launch-configuration-template/${LaunchConfigurationTemplateID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "VcenterClientResource": { + "resource": "VcenterClientResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:vcenter-client/${VcenterClientID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "SourceServerResource": { + "resource": "SourceServerResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:source-server/${SourceServerID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ApplicationResource": { + "resource": "ApplicationResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:application/${ApplicationID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "WaveResource": { + "resource": "WaveResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:wave/${WaveID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ImportResource": { + "resource": "ImportResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:import/${ImportID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ExportResource": { + "resource": "ExportResource", + "arn": "arn:${Partition}:mgn:${Region}:${Account}:export/${ExportID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "jobresource": "JobResource", + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource", + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource", + "vcenterclientresource": "VcenterClientResource", + "sourceserverresource": "SourceServerResource", + "applicationresource": "ApplicationResource", + "waveresource": "WaveResource", + "importresource": "ImportResource", + "exportresource": "ExportResource" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by presence of tag keys in the request", + "type": "ArrayOfString" + }, + "mgn:CreateAction": { + "condition": "mgn:CreateAction", + "description": "Filters access by the name of a resource-creating API action", + "type": "String" + } + } + }, + "appmesh": { + "service_name": "AWS App Mesh", + "prefix": "appmesh", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappmesh.html", + "privileges": { + "CreateGatewayRoute": { + "privilege": "CreateGatewayRoute", + "description": "Grants permission to create a gateway route that is associated with a virtual gateway", + "access_level": "Write", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute", + "virtualservice": "virtualService", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateGatewayRoute.html" + }, + "CreateMesh": { + "privilege": "CreateMesh", + "description": "Grants permission to create a service mesh", + "access_level": "Write", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateMesh.html" + }, + "CreateRoute": { + "privilege": "CreateRoute", + "description": "Grants permission to create a route that is associated with a virtual router", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route", + "virtualnode": "virtualNode", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateRoute.html" + }, + "CreateVirtualGateway": { + "privilege": "CreateVirtualGateway", + "description": "Grants permission to create a virtual gateway within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualGateway.html" + }, + "CreateVirtualNode": { + "privilege": "CreateVirtualNode", + "description": "Grants permission to create a virtual node within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode", + "virtualservice": "virtualService", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualNode.html" + }, + "CreateVirtualRouter": { + "privilege": "CreateVirtualRouter", + "description": "Grants permission to create a virtual router within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualRouter.html" + }, + "CreateVirtualService": { + "privilege": "CreateVirtualService", + "description": "Grants permission to create a virtual service within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualRouter": { + "resource_type": "virtualRouter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualService.html" + }, + "DeleteGatewayRoute": { + "privilege": "DeleteGatewayRoute", + "description": "Grants permission to delete an existing gateway route", + "access_level": "Write", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteGatewayRoute.html" + }, + "DeleteMesh": { + "privilege": "DeleteMesh", + "description": "Grants permission to delete an existing service mesh", + "access_level": "Write", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteMesh.html" + }, + "DeleteRoute": { + "privilege": "DeleteRoute", + "description": "Grants permission to delete an existing route", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteRoute.html" + }, + "DeleteVirtualGateway": { + "privilege": "DeleteVirtualGateway", + "description": "Grants permission to delete an existing virtual gateway", + "access_level": "Write", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualGateway.html" + }, + "DeleteVirtualNode": { + "privilege": "DeleteVirtualNode", + "description": "Grants permission to delete an existing virtual node", + "access_level": "Write", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualNode.html" + }, + "DeleteVirtualRouter": { + "privilege": "DeleteVirtualRouter", + "description": "Grants permission to delete an existing virtual router", + "access_level": "Write", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualRouter.html" + }, + "DeleteVirtualService": { + "privilege": "DeleteVirtualService", + "description": "Grants permission to delete an existing virtual service", + "access_level": "Write", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualService.html" + }, + "DescribeGatewayRoute": { + "privilege": "DescribeGatewayRoute", + "description": "Grants permission to describe an existing gateway route", + "access_level": "Read", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeGatewayRoute.html" + }, + "DescribeMesh": { + "privilege": "DescribeMesh", + "description": "Grants permission to describe an existing service mesh", + "access_level": "Read", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeMesh.html" + }, + "DescribeRoute": { + "privilege": "DescribeRoute", + "description": "Grants permission to describe an existing route", + "access_level": "Read", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeRoute.html" + }, + "DescribeVirtualGateway": { + "privilege": "DescribeVirtualGateway", + "description": "Grants permission to describe an existing virtual gateway", + "access_level": "Read", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualGateway.html" + }, + "DescribeVirtualNode": { + "privilege": "DescribeVirtualNode", + "description": "Grants permission to describe an existing virtual node", + "access_level": "Read", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualNode.html" + }, + "DescribeVirtualRouter": { + "privilege": "DescribeVirtualRouter", + "description": "Grants permission to describe an existing virtual router", + "access_level": "Read", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualRouter.html" + }, + "DescribeVirtualService": { + "privilege": "DescribeVirtualService", + "description": "Grants permission to describe an existing virtual service", + "access_level": "Read", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualService.html" + }, + "ListGatewayRoutes": { + "privilege": "ListGatewayRoutes", + "description": "Grants permission to list existing gateway routes in a service mesh", + "access_level": "List", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListGatewayRoutes.html" + }, + "ListMeshes": { + "privilege": "ListMeshes", + "description": "Grants permission to list existing service meshes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListMeshes.html" + }, + "ListRoutes": { + "privilege": "ListRoutes", + "description": "Grants permission to list existing routes in a service mesh", + "access_level": "List", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListRoutes.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for an App Mesh resource", + "access_level": "List", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mesh": { + "resource_type": "mesh", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route": { + "resource_type": "route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualGateway": { + "resource_type": "virtualGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualRouter": { + "resource_type": "virtualRouter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute", + "mesh": "mesh", + "route": "route", + "virtualgateway": "virtualGateway", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter", + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListTagsForResource.html" + }, + "ListVirtualGateways": { + "privilege": "ListVirtualGateways", + "description": "Grants permission to list existing virtual gateways in a service mesh", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualGateways.html" + }, + "ListVirtualNodes": { + "privilege": "ListVirtualNodes", + "description": "Grants permission to list existing virtual nodes", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualNodes.html" + }, + "ListVirtualRouters": { + "privilege": "ListVirtualRouters", + "description": "Grants permission to list existing virtual routers in a service mesh", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualRouters.html" + }, + "ListVirtualServices": { + "privilege": "ListVirtualServices", + "description": "Grants permission to list existing virtual services in a service mesh", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualServices.html" + }, + "StreamAggregatedResources": { + "privilege": "StreamAggregatedResources", + "description": "Grants permission to receive streamed resources for an App Mesh endpoint (VirtualNode/VirtualGateway)", + "access_level": "Read", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway", + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource with a specified resourceArn", + "access_level": "Tagging", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mesh": { + "resource_type": "mesh", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route": { + "resource_type": "route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualGateway": { + "resource_type": "virtualGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualRouter": { + "resource_type": "virtualRouter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute", + "mesh": "mesh", + "route": "route", + "virtualgateway": "virtualGateway", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter", + "virtualservice": "virtualService", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to delete a tag from a resource", + "access_level": "Tagging", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mesh": { + "resource_type": "mesh", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route": { + "resource_type": "route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualGateway": { + "resource_type": "virtualGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualRouter": { + "resource_type": "virtualRouter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute", + "mesh": "mesh", + "route": "route", + "virtualgateway": "virtualGateway", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter", + "virtualservice": "virtualService", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UntagResource.html" + }, + "UpdateGatewayRoute": { + "privilege": "UpdateGatewayRoute", + "description": "Grants permission to update an existing gateway route for a specified service mesh and virtual gateway", + "access_level": "Write", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute", + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateGatewayRoute.html" + }, + "UpdateMesh": { + "privilege": "UpdateMesh", + "description": "Grants permission to update an existing service mesh", + "access_level": "Write", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateMesh.html" + }, + "UpdateRoute": { + "privilege": "UpdateRoute", + "description": "Grants permission to update an existing route for a specified service mesh and virtual router", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route", + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateRoute.html" + }, + "UpdateVirtualGateway": { + "privilege": "UpdateVirtualGateway", + "description": "Grants permission to update an existing virtual gateway in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualGateway.html" + }, + "UpdateVirtualNode": { + "privilege": "UpdateVirtualNode", + "description": "Grants permission to update an existing virtual node in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualNode.html" + }, + "UpdateVirtualRouter": { + "privilege": "UpdateVirtualRouter", + "description": "Grants permission to update an existing virtual router in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualRouter.html" + }, + "UpdateVirtualService": { + "privilege": "UpdateVirtualService", + "description": "Grants permission to update an existing virtual service in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualRouter": { + "resource_type": "virtualRouter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualService.html" + } + }, + "privileges_lower_name": { + "creategatewayroute": "CreateGatewayRoute", + "createmesh": "CreateMesh", + "createroute": "CreateRoute", + "createvirtualgateway": "CreateVirtualGateway", + "createvirtualnode": "CreateVirtualNode", + "createvirtualrouter": "CreateVirtualRouter", + "createvirtualservice": "CreateVirtualService", + "deletegatewayroute": "DeleteGatewayRoute", + "deletemesh": "DeleteMesh", + "deleteroute": "DeleteRoute", + "deletevirtualgateway": "DeleteVirtualGateway", + "deletevirtualnode": "DeleteVirtualNode", + "deletevirtualrouter": "DeleteVirtualRouter", + "deletevirtualservice": "DeleteVirtualService", + "describegatewayroute": "DescribeGatewayRoute", + "describemesh": "DescribeMesh", + "describeroute": "DescribeRoute", + "describevirtualgateway": "DescribeVirtualGateway", + "describevirtualnode": "DescribeVirtualNode", + "describevirtualrouter": "DescribeVirtualRouter", + "describevirtualservice": "DescribeVirtualService", + "listgatewayroutes": "ListGatewayRoutes", + "listmeshes": "ListMeshes", + "listroutes": "ListRoutes", + "listtagsforresource": "ListTagsForResource", + "listvirtualgateways": "ListVirtualGateways", + "listvirtualnodes": "ListVirtualNodes", + "listvirtualrouters": "ListVirtualRouters", + "listvirtualservices": "ListVirtualServices", + "streamaggregatedresources": "StreamAggregatedResources", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updategatewayroute": "UpdateGatewayRoute", + "updatemesh": "UpdateMesh", + "updateroute": "UpdateRoute", + "updatevirtualgateway": "UpdateVirtualGateway", + "updatevirtualnode": "UpdateVirtualNode", + "updatevirtualrouter": "UpdateVirtualRouter", + "updatevirtualservice": "UpdateVirtualService" + }, + "resources": { + "mesh": { + "resource": "mesh", + "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "virtualService": { + "resource": "virtualService", + "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualService/${VirtualServiceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "virtualNode": { + "resource": "virtualNode", + "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualNode/${VirtualNodeName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "virtualRouter": { + "resource": "virtualRouter", + "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "route": { + "resource": "route", + "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}/route/${RouteName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "virtualGateway": { + "resource": "virtualGateway", + "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "gatewayRoute": { + "resource": "gatewayRoute", + "arn": "arn:${Partition}:appmesh:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}/gatewayRoute/${GatewayRouteName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "mesh": "mesh", + "virtualservice": "virtualService", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter", + "route": "route", + "virtualgateway": "virtualGateway", + "gatewayroute": "gatewayRoute" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "appmesh-preview": { + "service_name": "AWS App Mesh Preview", + "prefix": "appmesh-preview", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappmeshpreview.html", + "privileges": { + "CreateGatewayRoute": { + "privilege": "CreateGatewayRoute", + "description": "Grants permission to create a gateway route that is associated with a virtual gateway", + "access_level": "Write", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute", + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateGatewayRoute.html" + }, + "CreateMesh": { + "privilege": "CreateMesh", + "description": "Grants permission to create a service mesh", + "access_level": "Write", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateMesh.html" + }, + "CreateRoute": { + "privilege": "CreateRoute", + "description": "Grants permission to create a route that is associated with a virtual router", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route", + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateRoute.html" + }, + "CreateVirtualGateway": { + "privilege": "CreateVirtualGateway", + "description": "Grants permission to create a virtual gateway within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualGateway.html" + }, + "CreateVirtualNode": { + "privilege": "CreateVirtualNode", + "description": "Grants permission to create a virtual node within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode", + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualNode.html" + }, + "CreateVirtualRouter": { + "privilege": "CreateVirtualRouter", + "description": "Grants permission to create a virtual router within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualRouter.html" + }, + "CreateVirtualService": { + "privilege": "CreateVirtualService", + "description": "Grants permission to create a virtual service within a service mesh", + "access_level": "Write", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualRouter": { + "resource_type": "virtualRouter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualService.html" + }, + "DeleteGatewayRoute": { + "privilege": "DeleteGatewayRoute", + "description": "Grants permission to delete an existing gateway route", + "access_level": "Write", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteGatewayRoute.html" + }, + "DeleteMesh": { + "privilege": "DeleteMesh", + "description": "Grants permission to delete an existing service mesh", + "access_level": "Write", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteMesh.html" + }, + "DeleteRoute": { + "privilege": "DeleteRoute", + "description": "Grants permission to delete an existing route", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteRoute.html" + }, + "DeleteVirtualGateway": { + "privilege": "DeleteVirtualGateway", + "description": "Grants permission to delete an existing virtual gateway", + "access_level": "Write", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualGateway.html" + }, + "DeleteVirtualNode": { + "privilege": "DeleteVirtualNode", + "description": "Grants permission to delete an existing virtual node", + "access_level": "Write", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualNode.html" + }, + "DeleteVirtualRouter": { + "privilege": "DeleteVirtualRouter", + "description": "Grants permission to delete an existing virtual router", + "access_level": "Write", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualRouter.html" + }, + "DeleteVirtualService": { + "privilege": "DeleteVirtualService", + "description": "Grants permission to delete an existing virtual service", + "access_level": "Write", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DeleteVirtualService.html" + }, + "DescribeGatewayRoute": { + "privilege": "DescribeGatewayRoute", + "description": "Grants permission to describe an existing gateway route", + "access_level": "Read", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeGatewayRoute.html" + }, + "DescribeMesh": { + "privilege": "DescribeMesh", + "description": "Grants permission to describe an existing service mesh", + "access_level": "Read", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeMesh.html" + }, + "DescribeRoute": { + "privilege": "DescribeRoute", + "description": "Grants permission to describe an existing route", + "access_level": "Read", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeRoute.html" + }, + "DescribeVirtualGateway": { + "privilege": "DescribeVirtualGateway", + "description": "Grants permission to describe an existing virtual gateway", + "access_level": "Read", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualGateway.html" + }, + "DescribeVirtualNode": { + "privilege": "DescribeVirtualNode", + "description": "Grants permission to describe an existing virtual node", + "access_level": "Read", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualNode.html" + }, + "DescribeVirtualRouter": { + "privilege": "DescribeVirtualRouter", + "description": "Grants permission to describe an existing virtual router", + "access_level": "Read", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualRouter.html" + }, + "DescribeVirtualService": { + "privilege": "DescribeVirtualService", + "description": "Grants permission to describe an existing virtual service", + "access_level": "Read", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DescribeVirtualService.html" + }, + "ListGatewayRoutes": { + "privilege": "ListGatewayRoutes", + "description": "Grants permission to list existing gateway routes in a service mesh", + "access_level": "List", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListGatewayRoutes.html" + }, + "ListMeshes": { + "privilege": "ListMeshes", + "description": "Grants permission to list existing service meshes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListMeshes.html" + }, + "ListRoutes": { + "privilege": "ListRoutes", + "description": "Grants permission to list existing routes in a service mesh", + "access_level": "List", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListRoutes.html" + }, + "ListVirtualGateways": { + "privilege": "ListVirtualGateways", + "description": "Grants permission to list existing virtual gateways in a service mesh", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualGateways.html" + }, + "ListVirtualNodes": { + "privilege": "ListVirtualNodes", + "description": "Grants permission to list existing virtual nodes", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualNodes.html" + }, + "ListVirtualRouters": { + "privilege": "ListVirtualRouters", + "description": "Grants permission to list existing virtual routers in a service mesh", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualRouters.html" + }, + "ListVirtualServices": { + "privilege": "ListVirtualServices", + "description": "Grants permission to list existing virtual services in a service mesh", + "access_level": "List", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListVirtualServices.html" + }, + "StreamAggregatedResources": { + "privilege": "StreamAggregatedResources", + "description": "Grants permission to receive streamed resources for an App Mesh endpoint (VirtualNode/VirtualGateway)", + "access_level": "Read", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway", + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html" + }, + "UpdateGatewayRoute": { + "privilege": "UpdateGatewayRoute", + "description": "Grants permission to update an existing gateway route for a specified service mesh and virtual gateway", + "access_level": "Write", + "resource_types": { + "gatewayRoute": { + "resource_type": "gatewayRoute", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualService": { + "resource_type": "virtualService", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayroute": "gatewayRoute", + "virtualservice": "virtualService" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateGatewayRoute.html" + }, + "UpdateMesh": { + "privilege": "UpdateMesh", + "description": "Grants permission to update an existing service mesh", + "access_level": "Write", + "resource_types": { + "mesh": { + "resource_type": "mesh", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mesh": "mesh" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateMesh.html" + }, + "UpdateRoute": { + "privilege": "UpdateRoute", + "description": "Grants permission to update an existing route for a specified service mesh and virtual router", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route", + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateRoute.html" + }, + "UpdateVirtualGateway": { + "privilege": "UpdateVirtualGateway", + "description": "Grants permission to update an existing virtual gateway in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualGateway": { + "resource_type": "virtualGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualgateway": "virtualGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualGateway.html" + }, + "UpdateVirtualNode": { + "privilege": "UpdateVirtualNode", + "description": "Grants permission to update an existing virtual node in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualNode": { + "resource_type": "virtualNode", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualnode": "virtualNode" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualNode.html" + }, + "UpdateVirtualRouter": { + "privilege": "UpdateVirtualRouter", + "description": "Grants permission to update an existing virtual router in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualRouter": { + "resource_type": "virtualRouter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualRouter.html" + }, + "UpdateVirtualService": { + "privilege": "UpdateVirtualService", + "description": "Grants permission to update an existing virtual service in a specified service mesh", + "access_level": "Write", + "resource_types": { + "virtualService": { + "resource_type": "virtualService", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualNode": { + "resource_type": "virtualNode", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualRouter": { + "resource_type": "virtualRouter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualservice": "virtualService", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_UpdateVirtualService.html" + } + }, + "privileges_lower_name": { + "creategatewayroute": "CreateGatewayRoute", + "createmesh": "CreateMesh", + "createroute": "CreateRoute", + "createvirtualgateway": "CreateVirtualGateway", + "createvirtualnode": "CreateVirtualNode", + "createvirtualrouter": "CreateVirtualRouter", + "createvirtualservice": "CreateVirtualService", + "deletegatewayroute": "DeleteGatewayRoute", + "deletemesh": "DeleteMesh", + "deleteroute": "DeleteRoute", + "deletevirtualgateway": "DeleteVirtualGateway", + "deletevirtualnode": "DeleteVirtualNode", + "deletevirtualrouter": "DeleteVirtualRouter", + "deletevirtualservice": "DeleteVirtualService", + "describegatewayroute": "DescribeGatewayRoute", + "describemesh": "DescribeMesh", + "describeroute": "DescribeRoute", + "describevirtualgateway": "DescribeVirtualGateway", + "describevirtualnode": "DescribeVirtualNode", + "describevirtualrouter": "DescribeVirtualRouter", + "describevirtualservice": "DescribeVirtualService", + "listgatewayroutes": "ListGatewayRoutes", + "listmeshes": "ListMeshes", + "listroutes": "ListRoutes", + "listvirtualgateways": "ListVirtualGateways", + "listvirtualnodes": "ListVirtualNodes", + "listvirtualrouters": "ListVirtualRouters", + "listvirtualservices": "ListVirtualServices", + "streamaggregatedresources": "StreamAggregatedResources", + "updategatewayroute": "UpdateGatewayRoute", + "updatemesh": "UpdateMesh", + "updateroute": "UpdateRoute", + "updatevirtualgateway": "UpdateVirtualGateway", + "updatevirtualnode": "UpdateVirtualNode", + "updatevirtualrouter": "UpdateVirtualRouter", + "updatevirtualservice": "UpdateVirtualService" + }, + "resources": { + "mesh": { + "resource": "mesh", + "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}", + "condition_keys": [] + }, + "virtualService": { + "resource": "virtualService", + "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualService/${VirtualServiceName}", + "condition_keys": [] + }, + "virtualNode": { + "resource": "virtualNode", + "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualNode/${VirtualNodeName}", + "condition_keys": [] + }, + "virtualRouter": { + "resource": "virtualRouter", + "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}", + "condition_keys": [] + }, + "route": { + "resource": "route", + "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualRouter/${VirtualRouterName}/route/${RouteName}", + "condition_keys": [] + }, + "virtualGateway": { + "resource": "virtualGateway", + "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}", + "condition_keys": [] + }, + "gatewayRoute": { + "resource": "gatewayRoute", + "arn": "arn:${Partition}:appmesh-preview:${Region}:${Account}:mesh/${MeshName}/virtualGateway/${VirtualGatewayName}/gatewayRoute/${GatewayRouteName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "mesh": "mesh", + "virtualservice": "virtualService", + "virtualnode": "virtualNode", + "virtualrouter": "virtualRouter", + "route": "route", + "virtualgateway": "virtualGateway", + "gatewayroute": "gatewayRoute" + }, + "conditions": {} + }, + "apprunner": { + "service_name": "AWS App Runner", + "prefix": "apprunner", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsapprunner.html", + "privileges": { + "AssociateCustomDomain": { + "privilege": "AssociateCustomDomain", + "description": "Grants permission to associate your own domain name with the AWS App Runner subdomain URL of your App Runner service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_AssociateCustomDomain.html" + }, + "AssociateWebAcl": { + "privilege": "AssociateWebAcl", + "description": "Grants permission to associate the service with an AWS WAF web ACL", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "webacl": "webacl" + }, + "api_documentation_link": "${UserGuideDocPage}waf-manage.html" + }, + "CreateAutoScalingConfiguration": { + "privilege": "CreateAutoScalingConfiguration", + "description": "Grants permission to create an AWS App Runner automatic scaling configuration resource", + "access_level": "Write", + "resource_types": { + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalingconfiguration": "autoscalingconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateAutoScalingConfiguration.html" + }, + "CreateConnection": { + "privilege": "CreateConnection", + "description": "Grants permission to create an AWS App Runner connection resource", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateConnection.html" + }, + "CreateObservabilityConfiguration": { + "privilege": "CreateObservabilityConfiguration", + "description": "Grants permission to create an AWS App Runner observability configuration resource", + "access_level": "Write", + "resource_types": { + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "observabilityconfiguration": "observabilityconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateObservabilityConfiguration.html" + }, + "CreateService": { + "privilege": "CreateService", + "description": "Grants permission to create an AWS App Runner service resource", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcconnector": { + "resource_type": "vpcconnector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "apprunner:ConnectionArn", + "apprunner:AutoScalingConfigurationArn", + "apprunner:ObservabilityConfigurationArn", + "apprunner:VpcConnectorArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "autoscalingconfiguration": "autoscalingconfiguration", + "connection": "connection", + "observabilityconfiguration": "observabilityconfiguration", + "vpcconnector": "vpcconnector", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateService.html" + }, + "CreateVpcConnector": { + "privilege": "CreateVpcConnector", + "description": "Grants permission to create an AWS App Runner VPC connector resource", + "access_level": "Write", + "resource_types": { + "vpcconnector": { + "resource_type": "vpcconnector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcconnector": "vpcconnector", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateVpcConnector.html" + }, + "CreateVpcIngressConnection": { + "privilege": "CreateVpcIngressConnection", + "description": "Grants permission to create an AWS App Runner VpcIngressConnection resource", + "access_level": "Write", + "resource_types": { + "vpcingressconnection": { + "resource_type": "vpcingressconnection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "apprunner:ServiceArn", + "apprunner:VpcId", + "apprunner:VpcEndpointId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcingressconnection": "vpcingressconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_CreateVpcIngressConnection.html" + }, + "DeleteAutoScalingConfiguration": { + "privilege": "DeleteAutoScalingConfiguration", + "description": "Grants permission to delete an AWS App Runner automatic scaling configuration resource", + "access_level": "Write", + "resource_types": { + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalingconfiguration": "autoscalingconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteAutoScalingConfiguration.html" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete an AWS App Runner connection resource", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteConnection.html" + }, + "DeleteObservabilityConfiguration": { + "privilege": "DeleteObservabilityConfiguration", + "description": "Grants permission to delete an AWS App Runner observability configuration resource", + "access_level": "Write", + "resource_types": { + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "observabilityconfiguration": "observabilityconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteObservabilityConfiguration.html" + }, + "DeleteService": { + "privilege": "DeleteService", + "description": "Grants permission to delete an AWS App Runner service resource", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteService.html" + }, + "DeleteVpcConnector": { + "privilege": "DeleteVpcConnector", + "description": "Grants permission to delete an AWS App Runner VPC connector resource", + "access_level": "Write", + "resource_types": { + "vpcconnector": { + "resource_type": "vpcconnector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcconnector": "vpcconnector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteVpcConnector.html" + }, + "DeleteVpcIngressConnection": { + "privilege": "DeleteVpcIngressConnection", + "description": "Grants permission to delete an AWS App Runner VpcIngressConnection resource", + "access_level": "Write", + "resource_types": { + "vpcingressconnection": { + "resource_type": "vpcingressconnection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcingressconnection": "vpcingressconnection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DeleteVpcIngressConnection.html" + }, + "DescribeAutoScalingConfiguration": { + "privilege": "DescribeAutoScalingConfiguration", + "description": "Grants permission to retrieve the description of an AWS App Runner automatic scaling configuration resource", + "access_level": "Read", + "resource_types": { + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalingconfiguration": "autoscalingconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeAutoScalingConfiguration.html" + }, + "DescribeCustomDomains": { + "privilege": "DescribeCustomDomains", + "description": "Grants permission to retrieve descriptions of custom domain names associated with an AWS App Runner service", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeCustomDomains.html" + }, + "DescribeObservabilityConfiguration": { + "privilege": "DescribeObservabilityConfiguration", + "description": "Grants permission to retrieve the description of an AWS App Runner observability configuration resource", + "access_level": "Read", + "resource_types": { + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "observabilityconfiguration": "observabilityconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeObservabilityConfiguration.html" + }, + "DescribeOperation": { + "privilege": "DescribeOperation", + "description": "Grants permission to retrieve the description of an operation that occurred on an AWS App Runner service", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeOperation.html" + }, + "DescribeService": { + "privilege": "DescribeService", + "description": "Grants permission to retrieve the description of an AWS App Runner service resource", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeService.html" + }, + "DescribeVpcConnector": { + "privilege": "DescribeVpcConnector", + "description": "Grants permission to retrieve the description of an AWS App Runner VPC connector resource", + "access_level": "Read", + "resource_types": { + "vpcconnector": { + "resource_type": "vpcconnector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcconnector": "vpcconnector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeVpcConnector.html" + }, + "DescribeVpcIngressConnection": { + "privilege": "DescribeVpcIngressConnection", + "description": "Grants permission to retrieve the description of an AWS App Runner VpcIngressConnection resource", + "access_level": "Read", + "resource_types": { + "vpcingressconnection": { + "resource_type": "vpcingressconnection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcingressconnection": "vpcingressconnection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DescribeVpcIngressConnection.html" + }, + "DescribeWebAclForService": { + "privilege": "DescribeWebAclForService", + "description": "Grants permission to get the AWS WAF web ACL that is associated with an AWS App Runner service", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "${UserGuideDocPage}waf-manage.html" + }, + "DisassociateCustomDomain": { + "privilege": "DisassociateCustomDomain", + "description": "Grants permission to disassociate a custom domain name from an AWS App Runner service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_DisassociateCustomDomain.html" + }, + "DisassociateWebAcl": { + "privilege": "DisassociateWebAcl", + "description": "Grants permission to disassociate the service with an AWS WAF web ACL", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "${UserGuideDocPage}waf-manage.html" + }, + "ListAssociatedServicesForWebAcl": { + "privilege": "ListAssociatedServicesForWebAcl", + "description": "Grants permission to list the services that are associated with an AWS WAF web ACL", + "access_level": "List", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "${UserGuideDocPage}waf-manage.html" + }, + "ListAutoScalingConfigurations": { + "privilege": "ListAutoScalingConfigurations", + "description": "Grants permission to retrieve a list of AWS App Runner automatic scaling configurations in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListAutoScalingConfigurations.html" + }, + "ListConnections": { + "privilege": "ListConnections", + "description": "Grants permission to retrieve a list of AWS App Runner connections in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListConnections.html" + }, + "ListObservabilityConfigurations": { + "privilege": "ListObservabilityConfigurations", + "description": "Grants permission to retrieve a list of AWS App Runner observability configurations in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListObservabilityConfigurations.html" + }, + "ListOperations": { + "privilege": "ListOperations", + "description": "Grants permission to retrieve a list of operations that occurred on an AWS App Runner service resource", + "access_level": "List", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListOperations.html" + }, + "ListServices": { + "privilege": "ListServices", + "description": "Grants permission to retrieve a list of running AWS App Runner services in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListServices.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags associated with an AWS App Runner resource", + "access_level": "Read", + "resource_types": { + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcconnector": { + "resource_type": "vpcconnector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalingconfiguration": "autoscalingconfiguration", + "connection": "connection", + "observabilityconfiguration": "observabilityconfiguration", + "service": "service", + "vpcconnector": "vpcconnector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListTagsForResource.html" + }, + "ListVpcConnectors": { + "privilege": "ListVpcConnectors", + "description": "Grants permission to retrieve a list of AWS App Runner VPC connectors in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListVpcConnectors.html" + }, + "ListVpcIngressConnections": { + "privilege": "ListVpcIngressConnections", + "description": "Grants permission to retrieve a list of AWS App Runner VpcIngressConnections in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ListVpcConnections.html" + }, + "PauseService": { + "privilege": "PauseService", + "description": "Grants permission to pause an active AWS App Runner service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_PauseService.html" + }, + "ResumeService": { + "privilege": "ResumeService", + "description": "Grants permission to resume an active AWS App Runner service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_ResumeService.html" + }, + "StartDeployment": { + "privilege": "StartDeployment", + "description": "Grants permission to initiate a manual deployemnt to an AWS App Runner service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_StartDeployment.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to, or update tag values of, an AWS App Runner resource", + "access_level": "Tagging", + "resource_types": { + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcconnector": { + "resource_type": "vpcconnector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcingressconnection": { + "resource_type": "vpcingressconnection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalingconfiguration": "autoscalingconfiguration", + "connection": "connection", + "observabilityconfiguration": "observabilityconfiguration", + "service": "service", + "vpcconnector": "vpcconnector", + "vpcingressconnection": "vpcingressconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from an AWS App Runner resource", + "access_level": "Tagging", + "resource_types": { + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcconnector": { + "resource_type": "vpcconnector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcingressconnection": { + "resource_type": "vpcingressconnection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "autoscalingconfiguration": "autoscalingconfiguration", + "connection": "connection", + "observabilityconfiguration": "observabilityconfiguration", + "service": "service", + "vpcconnector": "vpcconnector", + "vpcingressconnection": "vpcingressconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_UntagResource.html" + }, + "UpdateService": { + "privilege": "UpdateService", + "description": "Grants permission to update an AWS App Runner service resource", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "autoscalingconfiguration": { + "resource_type": "autoscalingconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "observabilityconfiguration": { + "resource_type": "observabilityconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpcconnector": { + "resource_type": "vpcconnector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "apprunner:ConnectionArn", + "apprunner:AutoScalingConfigurationArn", + "apprunner:ObservabilityConfigurationArn", + "apprunner:VpcConnectorArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "autoscalingconfiguration": "autoscalingconfiguration", + "connection": "connection", + "observabilityconfiguration": "observabilityconfiguration", + "vpcconnector": "vpcconnector", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_UpdateService.html" + }, + "UpdateVpcIngressConnection": { + "privilege": "UpdateVpcIngressConnection", + "description": "Grants permission to update an AWS App Runner VpcIngressConnection resource", + "access_level": "Write", + "resource_types": { + "vpcingressconnection": { + "resource_type": "vpcingressconnection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "apprunner:VpcId", + "apprunner:VpcEndpointId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpcingressconnection": "vpcingressconnection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/apprunner/latest/api/API_UpdateVpcIngressConnection.html" + } + }, + "privileges_lower_name": { + "associatecustomdomain": "AssociateCustomDomain", + "associatewebacl": "AssociateWebAcl", + "createautoscalingconfiguration": "CreateAutoScalingConfiguration", + "createconnection": "CreateConnection", + "createobservabilityconfiguration": "CreateObservabilityConfiguration", + "createservice": "CreateService", + "createvpcconnector": "CreateVpcConnector", + "createvpcingressconnection": "CreateVpcIngressConnection", + "deleteautoscalingconfiguration": "DeleteAutoScalingConfiguration", + "deleteconnection": "DeleteConnection", + "deleteobservabilityconfiguration": "DeleteObservabilityConfiguration", + "deleteservice": "DeleteService", + "deletevpcconnector": "DeleteVpcConnector", + "deletevpcingressconnection": "DeleteVpcIngressConnection", + "describeautoscalingconfiguration": "DescribeAutoScalingConfiguration", + "describecustomdomains": "DescribeCustomDomains", + "describeobservabilityconfiguration": "DescribeObservabilityConfiguration", + "describeoperation": "DescribeOperation", + "describeservice": "DescribeService", + "describevpcconnector": "DescribeVpcConnector", + "describevpcingressconnection": "DescribeVpcIngressConnection", + "describewebaclforservice": "DescribeWebAclForService", + "disassociatecustomdomain": "DisassociateCustomDomain", + "disassociatewebacl": "DisassociateWebAcl", + "listassociatedservicesforwebacl": "ListAssociatedServicesForWebAcl", + "listautoscalingconfigurations": "ListAutoScalingConfigurations", + "listconnections": "ListConnections", + "listobservabilityconfigurations": "ListObservabilityConfigurations", + "listoperations": "ListOperations", + "listservices": "ListServices", + "listtagsforresource": "ListTagsForResource", + "listvpcconnectors": "ListVpcConnectors", + "listvpcingressconnections": "ListVpcIngressConnections", + "pauseservice": "PauseService", + "resumeservice": "ResumeService", + "startdeployment": "StartDeployment", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateservice": "UpdateService", + "updatevpcingressconnection": "UpdateVpcIngressConnection" + }, + "resources": { + "service": { + "resource": "service", + "arn": "arn:${Partition}:apprunner:${Region}:${Account}:service/${ServiceName}/${ServiceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "connection": { + "resource": "connection", + "arn": "arn:${Partition}:apprunner:${Region}:${Account}:connection/${ConnectionName}/${ConnectionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "autoscalingconfiguration": { + "resource": "autoscalingconfiguration", + "arn": "arn:${Partition}:apprunner:${Region}:${Account}:autoscalingconfiguration/${AutoscalingConfigurationName}/${AutoscalingConfigurationVersion}/${AutoscalingConfigurationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "observabilityconfiguration": { + "resource": "observabilityconfiguration", + "arn": "arn:${Partition}:apprunner:${Region}:${Account}:observabilityconfiguration/${ObservabilityConfigurationName}/${ObservabilityConfigurationVersion}/${ObservabilityConfigurationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vpcconnector": { + "resource": "vpcconnector", + "arn": "arn:${Partition}:apprunner:${Region}:${Account}:vpcconnector/${VpcConnectorName}/${VpcConnectorVersion}/${VpcConnectorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vpcingressconnection": { + "resource": "vpcingressconnection", + "arn": "arn:${Partition}:apprunner:${Region}:${Account}:vpcingressconnection/${VpcIngressConnectionName}/${VpcIngressConnectionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "webacl": { + "resource": "webacl", + "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/webacl/${Name}/${Id}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "service": "service", + "connection": "connection", + "autoscalingconfiguration": "autoscalingconfiguration", + "observabilityconfiguration": "observabilityconfiguration", + "vpcconnector": "vpcconnector", + "vpcingressconnection": "vpcingressconnection", + "webacl": "webacl" + }, + "conditions": { + "apprunner:AutoScalingConfigurationArn": { + "condition": "apprunner:AutoScalingConfigurationArn", + "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated AutoScalingConfiguration resource", + "type": "ARN" + }, + "apprunner:ConnectionArn": { + "condition": "apprunner:ConnectionArn", + "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated Connection resource", + "type": "ARN" + }, + "apprunner:ObservabilityConfigurationArn": { + "condition": "apprunner:ObservabilityConfigurationArn", + "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated ObservabilityConfiguration resource", + "type": "ARN" + }, + "apprunner:ServiceArn": { + "condition": "apprunner:ServiceArn", + "description": "Filters access by the CreateVpcIngressConnection action based on the ARN of an associated Service resource", + "type": "ARN" + }, + "apprunner:VpcConnectorArn": { + "condition": "apprunner:VpcConnectorArn", + "description": "Filters access by the CreateService and UpdateService actions based on the ARN of an associated VpcConnector resource", + "type": "ARN" + }, + "apprunner:VpcEndpointId": { + "condition": "apprunner:VpcEndpointId", + "description": "Filters access by the CreateVpcIngressConnection and UpdateVpcIngressConnection actions based on the VPC Endpoint in the request", + "type": "String" + }, + "apprunner:VpcId": { + "condition": "apprunner:VpcId", + "description": "Filters access by the CreateVpcIngressConnection and UpdateVpcIngressConnection actions based on the VPC in the request", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "appsync": { + "service_name": "AWS AppSync", + "prefix": "appsync", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappsync.html", + "privileges": { + "AssociateApi": { + "privilege": "AssociateApi", + "description": "Grants permission to attach a GraphQL API to a custom domain name in AppSync", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_AssociateApi.html" + }, + "AssociateMergedGraphqlApi": { + "privilege": "AssociateMergedGraphqlApi", + "description": "Grants permission to associate a merged API to a source API", + "access_level": "Write", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_AssociateMergedGraphqlApi.html" + }, + "AssociateSourceGraphqlApi": { + "privilege": "AssociateSourceGraphqlApi", + "description": "Grants permission to associate a source API to a merged API", + "access_level": "Write", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_AssociateSourceGraphqlApi.html" + }, + "CreateApiCache": { + "privilege": "CreateApiCache", + "description": "Grants permission to create an API cache in AppSync", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateApiCache.html" + }, + "CreateApiKey": { + "privilege": "CreateApiKey", + "description": "Grants permission to create a unique key that you can distribute to clients who are executing your API", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateApiKey.html" + }, + "CreateDataSource": { + "privilege": "CreateDataSource", + "description": "Grants permission to create a data source", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateDataSource.html" + }, + "CreateDomainName": { + "privilege": "CreateDomainName", + "description": "Grants permission to create a custom domain name in AppSync", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateDomainName.html" + }, + "CreateFunction": { + "privilege": "CreateFunction", + "description": "Grants permission to create a new function", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateFunction.html" + }, + "CreateGraphqlApi": { + "privilege": "CreateGraphqlApi", + "description": "Grants permission to create a GraphQL API, which is the top level AppSync resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "appsync:Visibility" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateGraphqlApi.html" + }, + "CreateResolver": { + "privilege": "CreateResolver", + "description": "Grants permission to create a resolver. A resolver converts incoming requests into a format that a data source can understand, and converts the data source's responses into GraphQL", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateResolver.html" + }, + "CreateType": { + "privilege": "CreateType", + "description": "Grants permission to create a type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_CreateType.html" + }, + "DeleteApiCache": { + "privilege": "DeleteApiCache", + "description": "Grants permission to delete an API cache in AppSync", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteApiCache.html" + }, + "DeleteApiKey": { + "privilege": "DeleteApiKey", + "description": "Grants permission to delete an API key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteApiKey.html" + }, + "DeleteDataSource": { + "privilege": "DeleteDataSource", + "description": "Grants permission to delete a data source", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteDataSource.html" + }, + "DeleteDomainName": { + "privilege": "DeleteDomainName", + "description": "Grants permission to delete a custom domain name in AppSync", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteDomainName.html" + }, + "DeleteFunction": { + "privilege": "DeleteFunction", + "description": "Grants permission to delete a function", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteFunction.html" + }, + "DeleteGraphqlApi": { + "privilege": "DeleteGraphqlApi", + "description": "Grants permission to delete a GraphQL Api. This will also clean up every AppSync resource below that API", + "access_level": "Write", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteGraphqlApi.html" + }, + "DeleteResolver": { + "privilege": "DeleteResolver", + "description": "Grants permission to delete a resolver", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteResolver.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to remove a resource policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/merge-api.html" + }, + "DeleteType": { + "privilege": "DeleteType", + "description": "Grants permission to delete a type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DeleteType.html" + }, + "DisassociateApi": { + "privilege": "DisassociateApi", + "description": "Grants permission to detach a GraphQL API to a custom domain name in AppSync", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DisassociateApi.html" + }, + "DisassociateMergedGraphqlApi": { + "privilege": "DisassociateMergedGraphqlApi", + "description": "Grants permission to remove an associated source API from a merged API identified by the source API", + "access_level": "Write", + "resource_types": { + "mergedApiAssociation": { + "resource_type": "mergedApiAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mergedapiassociation": "mergedApiAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DisassociateMergedGraphqlApi.html" + }, + "DisassociateSourceGraphqlApi": { + "privilege": "DisassociateSourceGraphqlApi", + "description": "Grants permission to remove an associated source API from a merged API identified by the merged API", + "access_level": "Write", + "resource_types": { + "sourceApiAssociation": { + "resource_type": "sourceApiAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceapiassociation": "sourceApiAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_DisassociateSourceGraphqlApi.html" + }, + "EvaluateCode": { + "privilege": "EvaluateCode", + "description": "Grants permission to evaluate code with a runtime and context", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_EvaluateCode.html" + }, + "EvaluateMappingTemplate": { + "privilege": "EvaluateMappingTemplate", + "description": "Grants permission to evaluate template mapping", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_EvaluateMappingTemplate.html" + }, + "FlushApiCache": { + "privilege": "FlushApiCache", + "description": "Grants permission to flush an API cache in AppSync", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_FlushApiCache.html" + }, + "GetApiAssociation": { + "privilege": "GetApiAssociation", + "description": "Grants permission to read custom domain name - GraphQL API association details in AppSync", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetApiAssociation.html" + }, + "GetApiCache": { + "privilege": "GetApiCache", + "description": "Grants permission to read information about an API cache in AppSync", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetApiCache.html" + }, + "GetDataSource": { + "privilege": "GetDataSource", + "description": "Grants permission to retrieve a data source", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetDataSource.html" + }, + "GetDomainName": { + "privilege": "GetDomainName", + "description": "Grants permission to read information about a custom domain name in AppSync", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetDomainName.html" + }, + "GetFunction": { + "privilege": "GetFunction", + "description": "Grants permission to retrieve a function", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetFunction.html" + }, + "GetGraphqlApi": { + "privilege": "GetGraphqlApi", + "description": "Grants permission to retrieve a GraphQL API", + "access_level": "Read", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetGraphqlApi.html" + }, + "GetIntrospectionSchema": { + "privilege": "GetIntrospectionSchema", + "description": "Grants permission to retrieve the introspection schema for a GraphQL API", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetIntrospectionSchema.html" + }, + "GetResolver": { + "privilege": "GetResolver", + "description": "Grants permission to retrieve a resolver", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetResolver.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to read a resource policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/merge-api.html" + }, + "GetSchemaCreationStatus": { + "privilege": "GetSchemaCreationStatus", + "description": "Grants permission to retrieve the current status of a schema creation operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetSchemaCreationStatus.html" + }, + "GetSourceApiAssociation": { + "privilege": "GetSourceApiAssociation", + "description": "Grants permission to read information about a merged API associated source API", + "access_level": "Read", + "resource_types": { + "sourceApiAssociation": { + "resource_type": "sourceApiAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceapiassociation": "sourceApiAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetSourceApiAssociation.html" + }, + "GetType": { + "privilege": "GetType", + "description": "Grants permission to retrieve a type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_GetType.html" + }, + "GraphQL": { + "privilege": "GraphQL", + "description": "Grants permission to send a GraphQL query to a GraphQL API", + "access_level": "Write", + "resource_types": { + "field": { + "resource_type": "field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "graphqlapi": { + "resource_type": "graphqlapi", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field": "field", + "graphqlapi": "graphqlapi" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/using-your-api.html" + }, + "ListApiKeys": { + "privilege": "ListApiKeys", + "description": "Grants permission to list the API keys for a given API", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListApiKeys.html" + }, + "ListDataSources": { + "privilege": "ListDataSources", + "description": "Grants permission to list the data sources for a given API", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListDataSources.html" + }, + "ListDomainNames": { + "privilege": "ListDomainNames", + "description": "Grants permission to enumerate custom domain names in AppSync", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListDomainNames.html" + }, + "ListFunctions": { + "privilege": "ListFunctions", + "description": "Grants permission to list the functions for a given API", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListFunctions.html" + }, + "ListGraphqlApis": { + "privilege": "ListGraphqlApis", + "description": "Grants permission to list GraphQL APIs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListGraphqlApis.html" + }, + "ListResolvers": { + "privilege": "ListResolvers", + "description": "Grants permission to list the resolvers for a given API and type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListResolvers.html" + }, + "ListResolversByFunction": { + "privilege": "ListResolversByFunction", + "description": "Grants permission to list the resolvers that are associated with a specific function", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListResolversByFunction.html" + }, + "ListSourceApiAssociations": { + "privilege": "ListSourceApiAssociations", + "description": "Grants permission to list source APIs associated to a given merged API", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListSourceApiAssociations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTypes": { + "privilege": "ListTypes", + "description": "Grants permission to list the types for a given API", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListTypes.html" + }, + "ListTypesByAssociation": { + "privilege": "ListTypesByAssociation", + "description": "Grants permission to list the types for a given merged API and source API association", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_ListTypesByAssociation.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to set a resource policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/merge-api.html" + }, + "SetWebACL": { + "privilege": "SetWebACL", + "description": "Grants permission to set a web ACL", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_SetWebACL.html" + }, + "SourceGraphQL": { + "privilege": "SourceGraphQL", + "description": "Grants permission to send a GraphQL query to a source API of a merged API", + "access_level": "Write", + "resource_types": { + "field": { + "resource_type": "field", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "graphqlapi": { + "resource_type": "graphqlapi", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "field": "field", + "graphqlapi": "graphqlapi" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/devguide/using-your-api.html" + }, + "StartSchemaCreation": { + "privilege": "StartSchemaCreation", + "description": "Grants permission to add a new schema to your GraphQL API. This operation is asynchronous - GetSchemaCreationStatus can show when it has completed", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_StartSchemaCreation.html" + }, + "StartSchemaMerge": { + "privilege": "StartSchemaMerge", + "description": "Grants permission to initiate a schema merge for a given merged API and associated source API", + "access_level": "Write", + "resource_types": { + "sourceApiAssociation": { + "resource_type": "sourceApiAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceapiassociation": "sourceApiAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_StartSchemaMerge.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UntagResource.html" + }, + "UpdateApiCache": { + "privilege": "UpdateApiCache", + "description": "Grants permission to update an API cache in AppSync", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateApiCache.html" + }, + "UpdateApiKey": { + "privilege": "UpdateApiKey", + "description": "Grants permission to update an API key for a given API", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateApiKey.html" + }, + "UpdateDataSource": { + "privilege": "UpdateDataSource", + "description": "Grants permission to update a data source", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateDataSource.html" + }, + "UpdateDomainName": { + "privilege": "UpdateDomainName", + "description": "Grants permission to update a custom domain name in AppSync", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateDomainName.html" + }, + "UpdateFunction": { + "privilege": "UpdateFunction", + "description": "Grants permission to update an existing function", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateFunction.html" + }, + "UpdateGraphqlApi": { + "privilege": "UpdateGraphqlApi", + "description": "Grants permission to update a GraphQL API", + "access_level": "Write", + "resource_types": { + "graphqlapi": { + "resource_type": "graphqlapi", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "graphqlapi": "graphqlapi", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateGraphqlApi.html" + }, + "UpdateResolver": { + "privilege": "UpdateResolver", + "description": "Grants permission to update a resolver", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateResolver.html" + }, + "UpdateSourceApiAssociation": { + "privilege": "UpdateSourceApiAssociation", + "description": "Grants permission to update a merged API source API association", + "access_level": "Write", + "resource_types": { + "sourceApiAssociation": { + "resource_type": "sourceApiAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceapiassociation": "sourceApiAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateSourceApiAssociation.html" + }, + "UpdateType": { + "privilege": "UpdateType", + "description": "Grants permission to update a type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/appsync/latest/APIReference/API_UpdateType.html" + } + }, + "privileges_lower_name": { + "associateapi": "AssociateApi", + "associatemergedgraphqlapi": "AssociateMergedGraphqlApi", + "associatesourcegraphqlapi": "AssociateSourceGraphqlApi", + "createapicache": "CreateApiCache", + "createapikey": "CreateApiKey", + "createdatasource": "CreateDataSource", + "createdomainname": "CreateDomainName", + "createfunction": "CreateFunction", + "creategraphqlapi": "CreateGraphqlApi", + "createresolver": "CreateResolver", + "createtype": "CreateType", + "deleteapicache": "DeleteApiCache", + "deleteapikey": "DeleteApiKey", + "deletedatasource": "DeleteDataSource", + "deletedomainname": "DeleteDomainName", + "deletefunction": "DeleteFunction", + "deletegraphqlapi": "DeleteGraphqlApi", + "deleteresolver": "DeleteResolver", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deletetype": "DeleteType", + "disassociateapi": "DisassociateApi", + "disassociatemergedgraphqlapi": "DisassociateMergedGraphqlApi", + "disassociatesourcegraphqlapi": "DisassociateSourceGraphqlApi", + "evaluatecode": "EvaluateCode", + "evaluatemappingtemplate": "EvaluateMappingTemplate", + "flushapicache": "FlushApiCache", + "getapiassociation": "GetApiAssociation", + "getapicache": "GetApiCache", + "getdatasource": "GetDataSource", + "getdomainname": "GetDomainName", + "getfunction": "GetFunction", + "getgraphqlapi": "GetGraphqlApi", + "getintrospectionschema": "GetIntrospectionSchema", + "getresolver": "GetResolver", + "getresourcepolicy": "GetResourcePolicy", + "getschemacreationstatus": "GetSchemaCreationStatus", + "getsourceapiassociation": "GetSourceApiAssociation", + "gettype": "GetType", + "graphql": "GraphQL", + "listapikeys": "ListApiKeys", + "listdatasources": "ListDataSources", + "listdomainnames": "ListDomainNames", + "listfunctions": "ListFunctions", + "listgraphqlapis": "ListGraphqlApis", + "listresolvers": "ListResolvers", + "listresolversbyfunction": "ListResolversByFunction", + "listsourceapiassociations": "ListSourceApiAssociations", + "listtagsforresource": "ListTagsForResource", + "listtypes": "ListTypes", + "listtypesbyassociation": "ListTypesByAssociation", + "putresourcepolicy": "PutResourcePolicy", + "setwebacl": "SetWebACL", + "sourcegraphql": "SourceGraphQL", + "startschemacreation": "StartSchemaCreation", + "startschemamerge": "StartSchemaMerge", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapicache": "UpdateApiCache", + "updateapikey": "UpdateApiKey", + "updatedatasource": "UpdateDataSource", + "updatedomainname": "UpdateDomainName", + "updatefunction": "UpdateFunction", + "updategraphqlapi": "UpdateGraphqlApi", + "updateresolver": "UpdateResolver", + "updatesourceapiassociation": "UpdateSourceApiAssociation", + "updatetype": "UpdateType" + }, + "resources": { + "datasource": { + "resource": "datasource", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/datasources/${DatasourceName}", + "condition_keys": [] + }, + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:domainnames/${DomainName}", + "condition_keys": [] + }, + "graphqlapi": { + "resource": "graphqlapi", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "field": { + "resource": "field", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/types/${TypeName}/fields/${FieldName}", + "condition_keys": [] + }, + "type": { + "resource": "type", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/types/${TypeName}", + "condition_keys": [] + }, + "function": { + "resource": "function", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}/functions/${FunctionId}", + "condition_keys": [] + }, + "sourceApiAssociation": { + "resource": "sourceApiAssociation", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${MergedGraphQLAPIId}/sourceApiAssociations/${Associationid}", + "condition_keys": [] + }, + "mergedApiAssociation": { + "resource": "mergedApiAssociation", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${SourceGraphQLAPIId}/mergedApiAssociations/${Associationid}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "datasource": "datasource", + "domain": "domain", + "graphqlapi": "graphqlapi", + "field": "field", + "type": "type", + "function": "function", + "sourceapiassociation": "sourceApiAssociation", + "mergedapiassociation": "mergedApiAssociation" + }, + "conditions": { + "appsync:Visibility": { + "condition": "appsync:Visibility", + "description": "Filters access by the visibility of an API", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "artifact": { + "service_name": "AWS Artifact", + "prefix": "artifact", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsartifact.html", + "privileges": { + "AcceptAgreement": { + "privilege": "AcceptAgreement", + "description": "Grants permission to accept an AWS agreement that has not yet been accepted by the customer account", + "access_level": "Write", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agreement": "agreement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/managing-agreements.html" + }, + "DownloadAgreement": { + "privilege": "DownloadAgreement", + "description": "Grants permission to download an AWS agreement that has not yet been accepted or a customer agreement that has been accepted by the customer account", + "access_level": "Read", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customer-agreement": { + "resource_type": "customer-agreement", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agreement": "agreement", + "customer-agreement": "customer-agreement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/managing-agreements.html" + }, + "Get": { + "privilege": "Get", + "description": "Grants permission to download an AWS compliance report package", + "access_level": "Read", + "resource_types": { + "report-package": { + "resource_type": "report-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-package": "report-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" + }, + "GetReport": { + "privilege": "GetReport", + "description": "Grants permission to download a report", + "access_level": "Read", + "resource_types": { + "report": { + "resource_type": "report", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report": "report" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" + }, + "GetReportMetadata": { + "privilege": "GetReportMetadata", + "description": "Grants permission to download metadata associated with a report", + "access_level": "Read", + "resource_types": { + "report": { + "resource_type": "report", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report": "report" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" + }, + "GetTermForReport": { + "privilege": "GetTermForReport", + "description": "Grants permission to download a term associated with a report", + "access_level": "Read", + "resource_types": { + "report": { + "resource_type": "report", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report": "report" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" + }, + "ListReports": { + "privilege": "ListReports", + "description": "Grants permission to list reports in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/getting-started.html" + }, + "TerminateAgreement": { + "privilege": "TerminateAgreement", + "description": "Grants permission to terminate a customer agreement that was previously accepted by the customer account", + "access_level": "Write", + "resource_types": { + "customer-agreement": { + "resource_type": "customer-agreement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-agreement": "customer-agreement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/artifact/latest/ug/managing-agreements.html" + } + }, + "privileges_lower_name": { + "acceptagreement": "AcceptAgreement", + "downloadagreement": "DownloadAgreement", + "get": "Get", + "getreport": "GetReport", + "getreportmetadata": "GetReportMetadata", + "gettermforreport": "GetTermForReport", + "listreports": "ListReports", + "terminateagreement": "TerminateAgreement" + }, + "resources": { + "report-package": { + "resource": "report-package", + "arn": "arn:${Partition}:artifact:::report-package/*", + "condition_keys": [] + }, + "customer-agreement": { + "resource": "customer-agreement", + "arn": "arn:${Partition}:artifact::${Account}:customer-agreement/*", + "condition_keys": [] + }, + "agreement": { + "resource": "agreement", + "arn": "arn:${Partition}:artifact:::agreement/*", + "condition_keys": [] + }, + "report": { + "resource": "report", + "arn": "arn:${Partition}:artifact:${Region}::report/*", + "condition_keys": [] + } + }, + "resources_lower_name": { + "report-package": "report-package", + "customer-agreement": "customer-agreement", + "agreement": "agreement", + "report": "report" + }, + "conditions": {} + }, + "auditmanager": { + "service_name": "AWS Audit Manager", + "prefix": "auditmanager", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsauditmanager.html", + "privileges": { + "AssociateAssessmentReportEvidenceFolder": { + "privilege": "AssociateAssessmentReportEvidenceFolder", + "description": "Grants permission to associate an evidence folder with an assessment report in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_AssociateAssessmentReportEvidenceFolder.html" + }, + "BatchAssociateAssessmentReportEvidence": { + "privilege": "BatchAssociateAssessmentReportEvidence", + "description": "Grants permission to associate a list of evidence to an assessment report in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchAssociateAssessmentReportEvidence.html" + }, + "BatchCreateDelegationByAssessment": { + "privilege": "BatchCreateDelegationByAssessment", + "description": "Grants permission to create delegations for an assessment in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchCreateDelegationByAssessment.html" + }, + "BatchDeleteDelegationByAssessment": { + "privilege": "BatchDeleteDelegationByAssessment", + "description": "Grants permission to delete delegations for an assessment in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchDeleteDelegationByAssessment.html" + }, + "BatchDisassociateAssessmentReportEvidence": { + "privilege": "BatchDisassociateAssessmentReportEvidence", + "description": "Grants permission to disassociate a list of evidence from an assessment report in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchDisassociateAssessmentReportEvidence.html" + }, + "BatchImportEvidenceToAssessmentControl": { + "privilege": "BatchImportEvidenceToAssessmentControl", + "description": "Grants permission to import a list of evidence to an assessment control in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessmentControlSet": { + "resource_type": "assessmentControlSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentcontrolset": "assessmentControlSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchImportEvidenceToAssessmentControl.html" + }, + "CreateAssessment": { + "privilege": "CreateAssessment", + "description": "Grants permission to create an assessment to be used with AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessment.html" + }, + "CreateAssessmentFramework": { + "privilege": "CreateAssessmentFramework", + "description": "Grants permission to create a framework for use in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessmentFramework.html" + }, + "CreateAssessmentReport": { + "privilege": "CreateAssessmentReport", + "description": "Grants permission to create an assessment report in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessmentReport.html" + }, + "CreateControl": { + "privilege": "CreateControl", + "description": "Grants permission to create a control to be used in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateControl.html" + }, + "DeleteAssessment": { + "privilege": "DeleteAssessment", + "description": "Grants permission to delete an assessment in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html" + }, + "DeleteAssessmentFramework": { + "privilege": "DeleteAssessmentFramework", + "description": "Grants permission to delete an assessment framework in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessmentFramework": { + "resource_type": "assessmentFramework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentframework": "assessmentFramework", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html" + }, + "DeleteAssessmentFrameworkShare": { + "privilege": "DeleteAssessmentFrameworkShare", + "description": "Grants permission to delete a share request for a custom framework in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html" + }, + "DeleteAssessmentReport": { + "privilege": "DeleteAssessmentReport", + "description": "Grants permission to delete an assessment report in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html" + }, + "DeleteControl": { + "privilege": "DeleteControl", + "description": "Grants permission to delete a control in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "control": { + "resource_type": "control", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "control": "control", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html" + }, + "DeregisterAccount": { + "privilege": "DeregisterAccount", + "description": "Grants permission to deregister an account in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ DeregisterAccount.html" + }, + "DeregisterOrganizationAdminAccount": { + "privilege": "DeregisterOrganizationAdminAccount", + "description": "Grants permission to deregister the delegated administrator account for AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterOrganizationAdminAccount.html" + }, + "DisassociateAssessmentReportEvidenceFolder": { + "privilege": "DisassociateAssessmentReportEvidenceFolder", + "description": "Grants permission to disassociate an evidence folder from an assessment report in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DisassociateAssessmentReportEvidenceFolder.html" + }, + "GetAccountStatus": { + "privilege": "GetAccountStatus", + "description": "Grants permission to get the status of an account in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAccountStatus.html" + }, + "GetAssessment": { + "privilege": "GetAssessment", + "description": "Grants permission to get an assessment created in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAssessment.html" + }, + "GetAssessmentFramework": { + "privilege": "GetAssessmentFramework", + "description": "Grants permission to get an assessment framework in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessmentFramework": { + "resource_type": "assessmentFramework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentframework": "assessmentFramework" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAssessmentFramework.html" + }, + "GetAssessmentReportUrl": { + "privilege": "GetAssessmentReportUrl", + "description": "Grants permission to get the URL for an assessment report in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetAssessmentReportUrl.html" + }, + "GetChangeLogs": { + "privilege": "GetChangeLogs", + "description": "Grants permission to get changelogs for an assessment in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetChangeLogs.html" + }, + "GetControl": { + "privilege": "GetControl", + "description": "Grants permission to get a control in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "control": { + "resource_type": "control", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "control": "control" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetControl.html" + }, + "GetDelegations": { + "privilege": "GetDelegations", + "description": "Grants permission to get all delegations in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetDelegations.html" + }, + "GetEvidence": { + "privilege": "GetEvidence", + "description": "Grants permission to get evidence from AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessmentControlSet": { + "resource_type": "assessmentControlSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentcontrolset": "assessmentControlSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidence.html" + }, + "GetEvidenceByEvidenceFolder": { + "privilege": "GetEvidenceByEvidenceFolder", + "description": "Grants permission to get all the evidence from an evidence folder in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessmentControlSet": { + "resource_type": "assessmentControlSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentcontrolset": "assessmentControlSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceByEvidenceFolder.html" + }, + "GetEvidenceFileUploadUrl": { + "privilege": "GetEvidenceFileUploadUrl", + "description": "Grants permission to get a presigned Amazon S3 URL that can be used to upload a file as manual evidence", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFileUploadUrl.html" + }, + "GetEvidenceFolder": { + "privilege": "GetEvidenceFolder", + "description": "Grants permission to get the evidence folder from AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessmentControlSet": { + "resource_type": "assessmentControlSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentcontrolset": "assessmentControlSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFolder.html" + }, + "GetEvidenceFoldersByAssessment": { + "privilege": "GetEvidenceFoldersByAssessment", + "description": "Grants permission to get the evidence folders from an assessment in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFoldersByAssessment.html" + }, + "GetEvidenceFoldersByAssessmentControl": { + "privilege": "GetEvidenceFoldersByAssessmentControl", + "description": "Grants permission to get the evidence folders from an assessment control in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "assessmentControlSet": { + "resource_type": "assessmentControlSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentcontrolset": "assessmentControlSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetEvidenceFoldersByAssessmentControl.html" + }, + "GetInsights": { + "privilege": "GetInsights", + "description": "Grants permission to get analytics data for all active assessments", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetInsights.html" + }, + "GetInsightsByAssessment": { + "privilege": "GetInsightsByAssessment", + "description": "Grants permission to get analytics data for a specific active assessment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetInsightsByAssessment.html" + }, + "GetOrganizationAdminAccount": { + "privilege": "GetOrganizationAdminAccount", + "description": "Grants permission to get the delegated administrator account in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetOrganizationAdminAccount.html" + }, + "GetServicesInScope": { + "privilege": "GetServicesInScope", + "description": "Grants permission to get the services in scope for an assessment in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetServicesInScope.html" + }, + "GetSettings": { + "privilege": "GetSettings", + "description": "Grants permission to get all settings configured in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetSettings.html" + }, + "ListAssessmentControlInsightsByControlDomain": { + "privilege": "ListAssessmentControlInsightsByControlDomain", + "description": "Grants permission to list analytics data for controls in a specific control domain and active assessment", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentControlInsightsByControlDomain.html" + }, + "ListAssessmentFrameworkShareRequests": { + "privilege": "ListAssessmentFrameworkShareRequests", + "description": "Grants permission to list all sent or received share requests for custom frameworks in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentFrameworkShareRequests.html" + }, + "ListAssessmentFrameworks": { + "privilege": "ListAssessmentFrameworks", + "description": "Grants permission to list all assessment frameworks in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentFrameworks.html" + }, + "ListAssessmentReports": { + "privilege": "ListAssessmentReports", + "description": "Grants permission to list all assessment reports in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessmentReports.html" + }, + "ListAssessments": { + "privilege": "ListAssessments", + "description": "Grants permission to list all assessments in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListAssessments.html" + }, + "ListControlDomainInsights": { + "privilege": "ListControlDomainInsights", + "description": "Grants permission to list analytics data for control domains across all active assessments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControlDomainInsights.html" + }, + "ListControlDomainInsightsByAssessment": { + "privilege": "ListControlDomainInsightsByAssessment", + "description": "Grants permission to list analytics data for control domains in a specific active assessment", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControlDomainInsightsByAssessment.html" + }, + "ListControlInsightsByControlDomain": { + "privilege": "ListControlInsightsByControlDomain", + "description": "Grants permission to list analytics data for controls in a specific control domain across all active assessments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControlInsightsByControlDomain.html" + }, + "ListControls": { + "privilege": "ListControls", + "description": "Grants permission to list all controls in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListControls.html" + }, + "ListKeywordsForDataSource": { + "privilege": "ListKeywordsForDataSource", + "description": "Grants permission to list all the data source keywords in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListKeywordsForDataSource.html" + }, + "ListNotifications": { + "privilege": "ListNotifications", + "description": "Grants permission to list all notifications in AWS Audit Manager", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListNotifications.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS Audit Manager resource", + "access_level": "Read", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "control": { + "resource_type": "control", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment", + "control": "control" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ListTagsForResource.html" + }, + "RegisterAccount": { + "privilege": "RegisterAccount", + "description": "Grants permission to register an account in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html" + }, + "RegisterOrganizationAdminAccount": { + "privilege": "RegisterOrganizationAdminAccount", + "description": "Grants permission to register an account within the organization as the delegated administrator for AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterOrganizationAdminAccount.html" + }, + "StartAssessmentFrameworkShare": { + "privilege": "StartAssessmentFrameworkShare", + "description": "Grants permission to create a share request for a custom framework in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessmentFramework": { + "resource_type": "assessmentFramework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentframework": "assessmentFramework" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_StartAssessmentFrameworkShare.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS Audit Manager resource", + "access_level": "Tagging", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "control": { + "resource_type": "control", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment", + "control": "control", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an AWS Audit Manager resource", + "access_level": "Tagging", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "control": { + "resource_type": "control", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment", + "control": "control", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UntagResource.html" + }, + "UpdateAssessment": { + "privilege": "UpdateAssessment", + "description": "Grants permission to update an assessment in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessment.html" + }, + "UpdateAssessmentControl": { + "privilege": "UpdateAssessmentControl", + "description": "Grants permission to update an assessment control in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessmentControlSet": { + "resource_type": "assessmentControlSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentcontrolset": "assessmentControlSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentControl.html" + }, + "UpdateAssessmentControlSetStatus": { + "privilege": "UpdateAssessmentControlSetStatus", + "description": "Grants permission to update the status of an assessment control set in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessmentControlSet": { + "resource_type": "assessmentControlSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentcontrolset": "assessmentControlSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentControlSetStatus.html" + }, + "UpdateAssessmentFramework": { + "privilege": "UpdateAssessmentFramework", + "description": "Grants permission to update an assessment framework in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessmentFramework": { + "resource_type": "assessmentFramework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessmentframework": "assessmentFramework" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentFramework.html" + }, + "UpdateAssessmentFrameworkShare": { + "privilege": "UpdateAssessmentFrameworkShare", + "description": "Grants permission to update a share request for a custom framework in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentFrameworkShare.html" + }, + "UpdateAssessmentStatus": { + "privilege": "UpdateAssessmentStatus", + "description": "Grants permission to update the status of an assessment in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "assessment": { + "resource_type": "assessment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assessment": "assessment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateAssessmentStatus.html" + }, + "UpdateControl": { + "privilege": "UpdateControl", + "description": "Grants permission to update a control in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "control": { + "resource_type": "control", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "control": "control" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateControl.html" + }, + "UpdateSettings": { + "privilege": "UpdateSettings", + "description": "Grants permission to update settings in AWS Audit Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateSettings.html" + }, + "ValidateAssessmentReportIntegrity": { + "privilege": "ValidateAssessmentReportIntegrity", + "description": "Grants permission to validate the integrity of an assessment report in AWS Audit Manager", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_ValidateAssessmentReportIntegrity.html" + } + }, + "privileges_lower_name": { + "associateassessmentreportevidencefolder": "AssociateAssessmentReportEvidenceFolder", + "batchassociateassessmentreportevidence": "BatchAssociateAssessmentReportEvidence", + "batchcreatedelegationbyassessment": "BatchCreateDelegationByAssessment", + "batchdeletedelegationbyassessment": "BatchDeleteDelegationByAssessment", + "batchdisassociateassessmentreportevidence": "BatchDisassociateAssessmentReportEvidence", + "batchimportevidencetoassessmentcontrol": "BatchImportEvidenceToAssessmentControl", + "createassessment": "CreateAssessment", + "createassessmentframework": "CreateAssessmentFramework", + "createassessmentreport": "CreateAssessmentReport", + "createcontrol": "CreateControl", + "deleteassessment": "DeleteAssessment", + "deleteassessmentframework": "DeleteAssessmentFramework", + "deleteassessmentframeworkshare": "DeleteAssessmentFrameworkShare", + "deleteassessmentreport": "DeleteAssessmentReport", + "deletecontrol": "DeleteControl", + "deregisteraccount": "DeregisterAccount", + "deregisterorganizationadminaccount": "DeregisterOrganizationAdminAccount", + "disassociateassessmentreportevidencefolder": "DisassociateAssessmentReportEvidenceFolder", + "getaccountstatus": "GetAccountStatus", + "getassessment": "GetAssessment", + "getassessmentframework": "GetAssessmentFramework", + "getassessmentreporturl": "GetAssessmentReportUrl", + "getchangelogs": "GetChangeLogs", + "getcontrol": "GetControl", + "getdelegations": "GetDelegations", + "getevidence": "GetEvidence", + "getevidencebyevidencefolder": "GetEvidenceByEvidenceFolder", + "getevidencefileuploadurl": "GetEvidenceFileUploadUrl", + "getevidencefolder": "GetEvidenceFolder", + "getevidencefoldersbyassessment": "GetEvidenceFoldersByAssessment", + "getevidencefoldersbyassessmentcontrol": "GetEvidenceFoldersByAssessmentControl", + "getinsights": "GetInsights", + "getinsightsbyassessment": "GetInsightsByAssessment", + "getorganizationadminaccount": "GetOrganizationAdminAccount", + "getservicesinscope": "GetServicesInScope", + "getsettings": "GetSettings", + "listassessmentcontrolinsightsbycontroldomain": "ListAssessmentControlInsightsByControlDomain", + "listassessmentframeworksharerequests": "ListAssessmentFrameworkShareRequests", + "listassessmentframeworks": "ListAssessmentFrameworks", + "listassessmentreports": "ListAssessmentReports", + "listassessments": "ListAssessments", + "listcontroldomaininsights": "ListControlDomainInsights", + "listcontroldomaininsightsbyassessment": "ListControlDomainInsightsByAssessment", + "listcontrolinsightsbycontroldomain": "ListControlInsightsByControlDomain", + "listcontrols": "ListControls", + "listkeywordsfordatasource": "ListKeywordsForDataSource", + "listnotifications": "ListNotifications", + "listtagsforresource": "ListTagsForResource", + "registeraccount": "RegisterAccount", + "registerorganizationadminaccount": "RegisterOrganizationAdminAccount", + "startassessmentframeworkshare": "StartAssessmentFrameworkShare", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateassessment": "UpdateAssessment", + "updateassessmentcontrol": "UpdateAssessmentControl", + "updateassessmentcontrolsetstatus": "UpdateAssessmentControlSetStatus", + "updateassessmentframework": "UpdateAssessmentFramework", + "updateassessmentframeworkshare": "UpdateAssessmentFrameworkShare", + "updateassessmentstatus": "UpdateAssessmentStatus", + "updatecontrol": "UpdateControl", + "updatesettings": "UpdateSettings", + "validateassessmentreportintegrity": "ValidateAssessmentReportIntegrity" + }, + "resources": { + "assessment": { + "resource": "assessment", + "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:assessment/${AssessmentId}", + "condition_keys": [] + }, + "assessmentFramework": { + "resource": "assessmentFramework", + "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:assessmentFramework/${AssessmentFrameworkId}", + "condition_keys": [] + }, + "assessmentControlSet": { + "resource": "assessmentControlSet", + "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:assessment/${AssessmentId}/controlSet/${ControlSetId}", + "condition_keys": [] + }, + "control": { + "resource": "control", + "arn": "arn:${Partition}:auditmanager:${Region}:${Account}:control/${ControlId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "assessment": "assessment", + "assessmentframework": "assessmentFramework", + "assessmentcontrolset": "assessmentControlSet", + "control": "control" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "autoscaling-plans": { + "service_name": "AWS Auto Scaling", + "prefix": "autoscaling-plans", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsautoscaling.html", + "privileges": { + "CreateScalingPlan": { + "privilege": "CreateScalingPlan", + "description": "Creates a scaling plan.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CreateScalingPlan.html" + }, + "DeleteScalingPlan": { + "privilege": "DeleteScalingPlan", + "description": "Deletes the specified scaling plan.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_DeleteScalingPlan.html" + }, + "DescribeScalingPlanResources": { + "privilege": "DescribeScalingPlanResources", + "description": "Describes the scalable resources in the specified scaling plan.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_DescribeScalingPlanResources.html" + }, + "DescribeScalingPlans": { + "privilege": "DescribeScalingPlans", + "description": "Describes the specified scaling plans or all of your scaling plans.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_DescribeScalingPlans.html" + }, + "GetScalingPlanResourceForecastData": { + "privilege": "GetScalingPlanResourceForecastData", + "description": "Retrieves the forecast data for a scalable resource.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_GetScalingPlanResourceForecastData.html" + }, + "UpdateScalingPlan": { + "privilege": "UpdateScalingPlan", + "description": "Updates a scaling plan.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_UpdateScalingPlan.html" + } + }, + "privileges_lower_name": { + "createscalingplan": "CreateScalingPlan", + "deletescalingplan": "DeleteScalingPlan", + "describescalingplanresources": "DescribeScalingPlanResources", + "describescalingplans": "DescribeScalingPlans", + "getscalingplanresourceforecastdata": "GetScalingPlanResourceForecastData", + "updatescalingplan": "UpdateScalingPlan" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "backup": { + "service_name": "AWS Backup", + "prefix": "backup", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackup.html", + "privileges": { + "CancelLegalHold": { + "privilege": "CancelLegalHold", + "description": "Grants permission to cancel a legal hold", + "access_level": "Write", + "resource_types": { + "legalHold": { + "resource_type": "legalHold", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "legalhold": "legalHold" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CancelLegalHold.html" + }, + "CopyFromBackupVault": { + "privilege": "CopyFromBackupVault", + "description": "Grants permission to copy from a backup vault", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "backup:CopyTargets", + "backup:CopyTargetOrgPaths" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartCopyJob.html" + }, + "CopyIntoBackupVault": { + "privilege": "CopyIntoBackupVault", + "description": "Grants permission to copy into a backup vault", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartCopyJob.html" + }, + "CreateBackupPlan": { + "privilege": "CreateBackupPlan", + "description": "Grants permission to create a new backup plan", + "access_level": "Write", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupPlan.html" + }, + "CreateBackupSelection": { + "privilege": "CreateBackupSelection", + "description": "Grants permission to create a new resource assignment in a backup plan", + "access_level": "Write", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupSelection.html" + }, + "CreateBackupVault": { + "privilege": "CreateBackupVault", + "description": "Grants permission to create a new backup vault", + "access_level": "Write", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupVault.html" + }, + "CreateFramework": { + "privilege": "CreateFramework", + "description": "Grants permission to create a new framework", + "access_level": "Write", + "resource_types": { + "framework": { + "resource_type": "framework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "framework": "framework", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateFramework.html" + }, + "CreateLegalHold": { + "privilege": "CreateLegalHold", + "description": "Grants permission to create a new legal hold", + "access_level": "Write", + "resource_types": { + "legalHold": { + "resource_type": "legalHold", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "legalhold": "legalHold", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateLegalHold.html" + }, + "CreateReportPlan": { + "privilege": "CreateReportPlan", + "description": "Grants permission to create a new report plan", + "access_level": "Write", + "resource_types": { + "reportPlan": { + "resource_type": "reportPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "backup:FrameworkArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reportplan": "reportPlan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateReportPlan.html" + }, + "DeleteBackupPlan": { + "privilege": "DeleteBackupPlan", + "description": "Grants permission to delete a backup plan", + "access_level": "Write", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupPlan.html" + }, + "DeleteBackupSelection": { + "privilege": "DeleteBackupSelection", + "description": "Grants permission to delete a resource assignment from a backup plan", + "access_level": "Write", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupSelection.html" + }, + "DeleteBackupVault": { + "privilege": "DeleteBackupVault", + "description": "Grants permission to delete a backup vault", + "access_level": "Write", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVault.html" + }, + "DeleteBackupVaultAccessPolicy": { + "privilege": "DeleteBackupVaultAccessPolicy", + "description": "Grants permission to delete backup vault access policy", + "access_level": "Permissions management", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVaultAccessPolicy.html" + }, + "DeleteBackupVaultLockConfiguration": { + "privilege": "DeleteBackupVaultLockConfiguration", + "description": "Grants permission to remove the lock configuration from a backup vault", + "access_level": "Write", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVaultLockConfiguration.html" + }, + "DeleteBackupVaultNotifications": { + "privilege": "DeleteBackupVaultNotifications", + "description": "Grants permission to remove the notifications from a backup vault", + "access_level": "Write", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteBackupVaultNotifications.html" + }, + "DeleteFramework": { + "privilege": "DeleteFramework", + "description": "Grants permission to delete a framework", + "access_level": "Write", + "resource_types": { + "framework": { + "resource_type": "framework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "framework": "framework" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteFramework.html" + }, + "DeleteRecoveryPoint": { + "privilege": "DeleteRecoveryPoint", + "description": "Grants permission to delete a recovery point from a backup vault", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteRecoveryPoint.html" + }, + "DeleteReportPlan": { + "privilege": "DeleteReportPlan", + "description": "Grants permission to delete a report plan", + "access_level": "Write", + "resource_types": { + "reportPlan": { + "resource_type": "reportPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reportplan": "reportPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DeleteReportPlan.html" + }, + "DescribeBackupJob": { + "privilege": "DescribeBackupJob", + "description": "Grants permission to describe a backup job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeBackupJob.html" + }, + "DescribeBackupVault": { + "privilege": "DescribeBackupVault", + "description": "Grants permission to describe a new backup vault with the specified name", + "access_level": "Read", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeBackupVault.html" + }, + "DescribeCopyJob": { + "privilege": "DescribeCopyJob", + "description": "Grants permission to describe a copy job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeCopyJob.html" + }, + "DescribeFramework": { + "privilege": "DescribeFramework", + "description": "Grants permission to describe a framework with the specified name", + "access_level": "Read", + "resource_types": { + "framework": { + "resource_type": "framework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "framework": "framework" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeFramework.html" + }, + "DescribeGlobalSettings": { + "privilege": "DescribeGlobalSettings", + "description": "Grants permission to describe global settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeGlobalSettings.html" + }, + "DescribeProtectedResource": { + "privilege": "DescribeProtectedResource", + "description": "Grants permission to describe a protected resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeProtectedResource.html" + }, + "DescribeRecoveryPoint": { + "privilege": "DescribeRecoveryPoint", + "description": "Grants permission to describe a recovery point", + "access_level": "Read", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeRecoveryPoint.html" + }, + "DescribeRegionSettings": { + "privilege": "DescribeRegionSettings", + "description": "Grants permission to describe region settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeRegionSettings.html" + }, + "DescribeReportJob": { + "privilege": "DescribeReportJob", + "description": "Grants permission to describe a report job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeReportJob.html" + }, + "DescribeReportPlan": { + "privilege": "DescribeReportPlan", + "description": "Grants permission to describe a report plan with the specified name", + "access_level": "Read", + "resource_types": { + "reportPlan": { + "resource_type": "reportPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reportplan": "reportPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeReportPlan.html" + }, + "DescribeRestoreJob": { + "privilege": "DescribeRestoreJob", + "description": "Grants permission to describe a restore job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DescribeRestoreJob.html" + }, + "DisassociateRecoveryPoint": { + "privilege": "DisassociateRecoveryPoint", + "description": "Grants permission to disassociate a recovery point from a backup vault", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DisassociateRecoveryPoint.html" + }, + "DisassociateRecoveryPointFromParent": { + "privilege": "DisassociateRecoveryPointFromParent", + "description": "Grants permission to disassociate a recovery point from its parent", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_DisassociateRecoveryPointFromParent.html" + }, + "ExportBackupPlanTemplate": { + "privilege": "ExportBackupPlanTemplate", + "description": "Grants permission to export a backup plan as a JSON", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ExportBackupPlanTemplate.html" + }, + "GetBackupPlan": { + "privilege": "GetBackupPlan", + "description": "Grants permission to get a backup plan", + "access_level": "Read", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupPlan.html" + }, + "GetBackupPlanFromJSON": { + "privilege": "GetBackupPlanFromJSON", + "description": "Grants permission to transform a JSON to a backup plan", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupPlanFromJSON.html" + }, + "GetBackupPlanFromTemplate": { + "privilege": "GetBackupPlanFromTemplate", + "description": "Grants permission to transform a template to a backup plan", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupPlanFromTemplate.html" + }, + "GetBackupSelection": { + "privilege": "GetBackupSelection", + "description": "Grants permission to get a backup plan resource assignment", + "access_level": "Read", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupSelection.html" + }, + "GetBackupVaultAccessPolicy": { + "privilege": "GetBackupVaultAccessPolicy", + "description": "Grants permission to get backup vault access policy", + "access_level": "Read", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupVaultAccessPolicy.html" + }, + "GetBackupVaultNotifications": { + "privilege": "GetBackupVaultNotifications", + "description": "Grants permission to get backup vault notifications", + "access_level": "Read", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetBackupVaultNotifications.html" + }, + "GetLegalHold": { + "privilege": "GetLegalHold", + "description": "Grants permission to get a legal hold", + "access_level": "Read", + "resource_types": { + "legalHold": { + "resource_type": "legalHold", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "legalhold": "legalHold" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetLegalHold.html" + }, + "GetRecoveryPointRestoreMetadata": { + "privilege": "GetRecoveryPointRestoreMetadata", + "description": "Grants permission to get recovery point restore metadata", + "access_level": "Read", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetRecoveryPointRestoreMetadata.html" + }, + "GetSupportedResourceTypes": { + "privilege": "GetSupportedResourceTypes", + "description": "Grants permission to get supported resource types", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_GetSupportedResourceTypes.html" + }, + "ListBackupJobs": { + "privilege": "ListBackupJobs", + "description": "Grants permission to list backup jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupJobs.html" + }, + "ListBackupPlanTemplates": { + "privilege": "ListBackupPlanTemplates", + "description": "Grants permission to list backup plan templates provided by AWS Backup", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupPlanTemplates.html" + }, + "ListBackupPlanVersions": { + "privilege": "ListBackupPlanVersions", + "description": "Grants permission to list backup plan versions", + "access_level": "List", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupPlanVersions.html" + }, + "ListBackupPlans": { + "privilege": "ListBackupPlans", + "description": "Grants permission to list backup plans", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupPlans.html" + }, + "ListBackupSelections": { + "privilege": "ListBackupSelections", + "description": "Grants permission to list resource assignments for a specific backup plan", + "access_level": "List", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupSelections.html" + }, + "ListBackupVaults": { + "privilege": "ListBackupVaults", + "description": "Grants permission to list backup vaults", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListBackupVaults.html" + }, + "ListCopyJobs": { + "privilege": "ListCopyJobs", + "description": "Grants permission to list copy jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListCopyJobs.html" + }, + "ListFrameworks": { + "privilege": "ListFrameworks", + "description": "Grants permission to list frameworks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListFrameworks.html" + }, + "ListLegalHolds": { + "privilege": "ListLegalHolds", + "description": "Grants permission to list legal holds", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListLegalHolds.html" + }, + "ListProtectedResources": { + "privilege": "ListProtectedResources", + "description": "Grants permission to list protected resources by AWS Backup", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListProtectedResources.html" + }, + "ListRecoveryPointsByBackupVault": { + "privilege": "ListRecoveryPointsByBackupVault", + "description": "Grants permission to list recovery points inside a backup vault", + "access_level": "List", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRecoveryPointsByBackupVault.html" + }, + "ListRecoveryPointsByLegalHold": { + "privilege": "ListRecoveryPointsByLegalHold", + "description": "Grants permission to list recovery points by legal hold", + "access_level": "List", + "resource_types": { + "legalHold": { + "resource_type": "legalHold", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "legalhold": "legalHold" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRecoveryPointsByLegalHold.html" + }, + "ListRecoveryPointsByResource": { + "privilege": "ListRecoveryPointsByResource", + "description": "Grants permission to list recovery points for a resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRecoveryPointsByResource.html" + }, + "ListReportJobs": { + "privilege": "ListReportJobs", + "description": "Grants permission to list report jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListReportJobs.html" + }, + "ListReportPlans": { + "privilege": "ListReportPlans", + "description": "Grants permission to list report plans", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListReportPlans.html" + }, + "ListRestoreJobs": { + "privilege": "ListRestoreJobs", + "description": "Grants permission to lists restore jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListRestoreJobs.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "backupVault": { + "resource_type": "backupVault", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "framework": { + "resource_type": "framework", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "legalHold": { + "resource_type": "legalHold", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reportPlan": { + "resource_type": "reportPlan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan", + "backupvault": "backupVault", + "framework": "framework", + "legalhold": "legalHold", + "recoverypoint": "recoveryPoint", + "reportplan": "reportPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ListTags.html" + }, + "PutBackupVaultAccessPolicy": { + "privilege": "PutBackupVaultAccessPolicy", + "description": "Grants permission to add an access policy to the backup vault", + "access_level": "Permissions management", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultAccessPolicy.html" + }, + "PutBackupVaultLockConfiguration": { + "privilege": "PutBackupVaultLockConfiguration", + "description": "Grants permission to add a lock configuration to the backup vault", + "access_level": "Write", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "backup:ChangeableForDays" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultLockConfiguration.html" + }, + "PutBackupVaultNotifications": { + "privilege": "PutBackupVaultNotifications", + "description": "Grants permission to add an SNS topic to the backup vault", + "access_level": "Write", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html" + }, + "StartBackupJob": { + "privilege": "StartBackupJob", + "description": "Grants permission to start a new backup job", + "access_level": "Write", + "resource_types": { + "backupVault": { + "resource_type": "backupVault", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "backupvault": "backupVault" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartBackupJob.html" + }, + "StartCopyJob": { + "privilege": "StartCopyJob", + "description": "Grants permission to copy a backup from a source backup vault to a destination backup vault", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartCopyJob.html" + }, + "StartReportJob": { + "privilege": "StartReportJob", + "description": "Grants permission to start a new report job", + "access_level": "Write", + "resource_types": { + "reportPlan": { + "resource_type": "reportPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reportplan": "reportPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartReportJob.html" + }, + "StartRestoreJob": { + "privilege": "StartRestoreJob", + "description": "Grants permission to start a new restore job", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartRestoreJob.html" + }, + "StopBackupJob": { + "privilege": "StopBackupJob", + "description": "Grants permission to stop a backup job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StopBackupJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "backupVault": { + "resource_type": "backupVault", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "framework": { + "resource_type": "framework", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "legalHold": { + "resource_type": "legalHold", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reportPlan": { + "resource_type": "reportPlan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan", + "backupvault": "backupVault", + "framework": "framework", + "legalhold": "legalHold", + "recoverypoint": "recoveryPoint", + "reportplan": "reportPlan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "backupVault": { + "resource_type": "backupVault", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "framework": { + "resource_type": "framework", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "legalHold": { + "resource_type": "legalHold", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reportPlan": { + "resource_type": "reportPlan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan", + "backupvault": "backupVault", + "framework": "framework", + "legalhold": "legalHold", + "recoverypoint": "recoveryPoint", + "reportplan": "reportPlan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UntagResource.html" + }, + "UpdateBackupPlan": { + "privilege": "UpdateBackupPlan", + "description": "Grants permission to update a backup plan", + "access_level": "Write", + "resource_types": { + "backupPlan": { + "resource_type": "backupPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backupplan": "backupPlan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateBackupPlan.html" + }, + "UpdateFramework": { + "privilege": "UpdateFramework", + "description": "Grants permission to update a framework", + "access_level": "Write", + "resource_types": { + "framework": { + "resource_type": "framework", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "framework": "framework" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateFramework.html" + }, + "UpdateGlobalSettings": { + "privilege": "UpdateGlobalSettings", + "description": "Grants permission to update the current global settings for the AWS Account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateGlobalSettings.html" + }, + "UpdateRecoveryPointLifecycle": { + "privilege": "UpdateRecoveryPointLifecycle", + "description": "Grants permission to update the lifecycle of the recovery point", + "access_level": "Write", + "resource_types": { + "recoveryPoint": { + "resource_type": "recoveryPoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoverypoint": "recoveryPoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateRecoveryPointLifecycle.html" + }, + "UpdateRegionSettings": { + "privilege": "UpdateRegionSettings", + "description": "Grants permission to update the current service opt-in settings for the Region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateRegionSettings.html" + }, + "UpdateReportPlan": { + "privilege": "UpdateReportPlan", + "description": "Grants permission to update a report plan", + "access_level": "Write", + "resource_types": { + "reportPlan": { + "resource_type": "reportPlan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "backup:FrameworkArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reportplan": "reportPlan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_UpdateReportPlan.html" + } + }, + "privileges_lower_name": { + "cancellegalhold": "CancelLegalHold", + "copyfrombackupvault": "CopyFromBackupVault", + "copyintobackupvault": "CopyIntoBackupVault", + "createbackupplan": "CreateBackupPlan", + "createbackupselection": "CreateBackupSelection", + "createbackupvault": "CreateBackupVault", + "createframework": "CreateFramework", + "createlegalhold": "CreateLegalHold", + "createreportplan": "CreateReportPlan", + "deletebackupplan": "DeleteBackupPlan", + "deletebackupselection": "DeleteBackupSelection", + "deletebackupvault": "DeleteBackupVault", + "deletebackupvaultaccesspolicy": "DeleteBackupVaultAccessPolicy", + "deletebackupvaultlockconfiguration": "DeleteBackupVaultLockConfiguration", + "deletebackupvaultnotifications": "DeleteBackupVaultNotifications", + "deleteframework": "DeleteFramework", + "deleterecoverypoint": "DeleteRecoveryPoint", + "deletereportplan": "DeleteReportPlan", + "describebackupjob": "DescribeBackupJob", + "describebackupvault": "DescribeBackupVault", + "describecopyjob": "DescribeCopyJob", + "describeframework": "DescribeFramework", + "describeglobalsettings": "DescribeGlobalSettings", + "describeprotectedresource": "DescribeProtectedResource", + "describerecoverypoint": "DescribeRecoveryPoint", + "describeregionsettings": "DescribeRegionSettings", + "describereportjob": "DescribeReportJob", + "describereportplan": "DescribeReportPlan", + "describerestorejob": "DescribeRestoreJob", + "disassociaterecoverypoint": "DisassociateRecoveryPoint", + "disassociaterecoverypointfromparent": "DisassociateRecoveryPointFromParent", + "exportbackupplantemplate": "ExportBackupPlanTemplate", + "getbackupplan": "GetBackupPlan", + "getbackupplanfromjson": "GetBackupPlanFromJSON", + "getbackupplanfromtemplate": "GetBackupPlanFromTemplate", + "getbackupselection": "GetBackupSelection", + "getbackupvaultaccesspolicy": "GetBackupVaultAccessPolicy", + "getbackupvaultnotifications": "GetBackupVaultNotifications", + "getlegalhold": "GetLegalHold", + "getrecoverypointrestoremetadata": "GetRecoveryPointRestoreMetadata", + "getsupportedresourcetypes": "GetSupportedResourceTypes", + "listbackupjobs": "ListBackupJobs", + "listbackupplantemplates": "ListBackupPlanTemplates", + "listbackupplanversions": "ListBackupPlanVersions", + "listbackupplans": "ListBackupPlans", + "listbackupselections": "ListBackupSelections", + "listbackupvaults": "ListBackupVaults", + "listcopyjobs": "ListCopyJobs", + "listframeworks": "ListFrameworks", + "listlegalholds": "ListLegalHolds", + "listprotectedresources": "ListProtectedResources", + "listrecoverypointsbybackupvault": "ListRecoveryPointsByBackupVault", + "listrecoverypointsbylegalhold": "ListRecoveryPointsByLegalHold", + "listrecoverypointsbyresource": "ListRecoveryPointsByResource", + "listreportjobs": "ListReportJobs", + "listreportplans": "ListReportPlans", + "listrestorejobs": "ListRestoreJobs", + "listtags": "ListTags", + "putbackupvaultaccesspolicy": "PutBackupVaultAccessPolicy", + "putbackupvaultlockconfiguration": "PutBackupVaultLockConfiguration", + "putbackupvaultnotifications": "PutBackupVaultNotifications", + "startbackupjob": "StartBackupJob", + "startcopyjob": "StartCopyJob", + "startreportjob": "StartReportJob", + "startrestorejob": "StartRestoreJob", + "stopbackupjob": "StopBackupJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatebackupplan": "UpdateBackupPlan", + "updateframework": "UpdateFramework", + "updateglobalsettings": "UpdateGlobalSettings", + "updaterecoverypointlifecycle": "UpdateRecoveryPointLifecycle", + "updateregionsettings": "UpdateRegionSettings", + "updatereportplan": "UpdateReportPlan" + }, + "resources": { + "backupVault": { + "resource": "backupVault", + "arn": "arn:${Partition}:backup:${Region}:${Account}:backup-vault:${BackupVaultName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "backupPlan": { + "resource": "backupPlan", + "arn": "arn:${Partition}:backup:${Region}:${Account}:backup-plan:${BackupPlanId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "recoveryPoint": { + "resource": "recoveryPoint", + "arn": "arn:${Partition}:${Vendor}:${Region}:*:${ResourceType}:${RecoveryPointId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "framework": { + "resource": "framework", + "arn": "arn:${Partition}:backup:${Region}:${Account}:framework:${FrameworkName}-${FrameworkId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "reportPlan": { + "resource": "reportPlan", + "arn": "arn:${Partition}:backup:${Region}:${Account}:report-plan:${ReportPlanName}-${ReportPlanId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "legalHold": { + "resource": "legalHold", + "arn": "arn:${Partition}:backup:${Region}:${Account}:legal-hold:${LegalHoldId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "backupvault": "backupVault", + "backupplan": "backupPlan", + "recoverypoint": "recoveryPoint", + "framework": "framework", + "reportplan": "reportPlan", + "legalhold": "legalHold" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "backup:ChangeableForDays": { + "condition": "backup:ChangeableForDays", + "description": "Filters access by the value of the ChangeableForDays parameter", + "type": "Numeric" + }, + "backup:CopyTargetOrgPaths": { + "condition": "backup:CopyTargetOrgPaths", + "description": "Filters access by the organization unit", + "type": "ArrayOfString" + }, + "backup:CopyTargets": { + "condition": "backup:CopyTargets", + "description": "Filters access by the ARN of an backup vault", + "type": "ArrayOfARN" + }, + "backup:FrameworkArns": { + "condition": "backup:FrameworkArns", + "description": "Filters access by the Framework ARNs", + "type": "ArrayOfARN" + } + } + }, + "backup-gateway": { + "service_name": "AWS Backup Gateway", + "prefix": "backup-gateway", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackupgateway.html", + "privileges": { + "AssociateGatewayToServer": { + "privilege": "AssociateGatewayToServer", + "description": "Grants permission to AssociateGatewayToServer", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "hypervisor": { + "resource_type": "hypervisor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "hypervisor": "hypervisor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_AssociateGatewayToServer.html" + }, + "Backup": { + "privilege": "Backup", + "description": "Grants permission to Backup", + "access_level": "Write", + "resource_types": { + "virtualmachine": { + "resource_type": "virtualmachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualmachine": "virtualmachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartBackupJob.html" + }, + "CreateGateway": { + "privilege": "CreateGateway", + "description": "Grants permission to to CreateGateway", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_CreateGateway.html" + }, + "DeleteGateway": { + "privilege": "DeleteGateway", + "description": "Grants permission to DeleteGateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_DeleteGateway.html" + }, + "DeleteHypervisor": { + "privilege": "DeleteHypervisor", + "description": "Grants permission to DeleteHypervisor", + "access_level": "Write", + "resource_types": { + "hypervisor": { + "resource_type": "hypervisor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hypervisor": "hypervisor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_DeleteHypervisor.html" + }, + "DisassociateGatewayFromServer": { + "privilege": "DisassociateGatewayFromServer", + "description": "Grants permission to DisassociateGatewayFromServer", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_DisassociateGatewayFromServer.html" + }, + "GetBandwidthRateLimitSchedule": { + "privilege": "GetBandwidthRateLimitSchedule", + "description": "Grants permission to GetBandwidthRateLimitSchedule", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetBandwidthRateLimitSchedule.html" + }, + "GetGateway": { + "privilege": "GetGateway", + "description": "Grants permission to GetGateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetGateway.html" + }, + "GetHypervisor": { + "privilege": "GetHypervisor", + "description": "Grants permission to GetHypervisor", + "access_level": "Read", + "resource_types": { + "hypervisor": { + "resource_type": "hypervisor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hypervisor": "hypervisor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetHypervisor.html" + }, + "GetHypervisorPropertyMappings": { + "privilege": "GetHypervisorPropertyMappings", + "description": "Grants permission to GetHypervisorPropertyMappings", + "access_level": "Read", + "resource_types": { + "hypervisor": { + "resource_type": "hypervisor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hypervisor": "hypervisor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetHypervisorPropertyMappings.html" + }, + "GetVirtualMachine": { + "privilege": "GetVirtualMachine", + "description": "Grants permission to GetVirtualMachine", + "access_level": "Read", + "resource_types": { + "virtualmachine": { + "resource_type": "virtualmachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "virtualmachine": "virtualmachine" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_GetVirtualMachine.html" + }, + "ImportHypervisorConfiguration": { + "privilege": "ImportHypervisorConfiguration", + "description": "Grants permission to ImportHypervisorConfiguration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ImportHypervisorConfiguration.html" + }, + "ListGateways": { + "privilege": "ListGateways", + "description": "Grants permission to ListGateways", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListGateways.html" + }, + "ListHypervisors": { + "privilege": "ListHypervisors", + "description": "Grants permission to ListHypervisors", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListHypervisors.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to ListTagsForResource", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hypervisor": { + "resource_type": "hypervisor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualmachine": { + "resource_type": "virtualmachine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "hypervisor": "hypervisor", + "virtualmachine": "virtualmachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListTagsForResource.html" + }, + "ListVirtualMachines": { + "privilege": "ListVirtualMachines", + "description": "Grants permission to ListVirtualMachines", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_ListVirtualMachines.html" + }, + "PutBandwidthRateLimitSchedule": { + "privilege": "PutBandwidthRateLimitSchedule", + "description": "Grants permission to PutBandwidthRateLimitSchedule", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_PutBandwidthRateLimitSchedule.html" + }, + "PutHypervisorPropertyMappings": { + "privilege": "PutHypervisorPropertyMappings", + "description": "Grants permission to PutHypervisorPropertyMappings", + "access_level": "Write", + "resource_types": { + "hypervisor": { + "resource_type": "hypervisor", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "hypervisor": "hypervisor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_PutHypervisorPropertyMappings.html" + }, + "PutMaintenanceStartTime": { + "privilege": "PutMaintenanceStartTime", + "description": "Grants permission to PutMaintenanceStartTime", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_PutMaintenanceStartTime.html" + }, + "Restore": { + "privilege": "Restore", + "description": "Grants permission to Restore", + "access_level": "Write", + "resource_types": { + "hypervisor": { + "resource_type": "hypervisor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hypervisor": "hypervisor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_StartRestoreJob.html" + }, + "StartVirtualMachinesMetadataSync": { + "privilege": "StartVirtualMachinesMetadataSync", + "description": "Grants permission to StartVirtualMachinesMetadataSync", + "access_level": "Write", + "resource_types": { + "hypervisor": { + "resource_type": "hypervisor", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "hypervisor": "hypervisor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_StartVirtualMachinesMetadataSync.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to TagResource", + "access_level": "Tagging", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hypervisor": { + "resource_type": "hypervisor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualmachine": { + "resource_type": "virtualmachine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "hypervisor": "hypervisor", + "virtualmachine": "virtualmachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_TagResource.html" + }, + "TestHypervisorConfiguration": { + "privilege": "TestHypervisorConfiguration", + "description": "Grants permission to TestHypervisorConfiguration", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_TestHypervisorConfiguration.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to UntagResource", + "access_level": "Tagging", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hypervisor": { + "resource_type": "hypervisor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "virtualmachine": { + "resource_type": "virtualmachine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway", + "hypervisor": "hypervisor", + "virtualmachine": "virtualmachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UntagResource.html" + }, + "UpdateGatewayInformation": { + "privilege": "UpdateGatewayInformation", + "description": "Grants permission to UpdateGatewayInformation", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UpdateGatewayInformation.html" + }, + "UpdateGatewaySoftwareNow": { + "privilege": "UpdateGatewaySoftwareNow", + "description": "Grants permission to UpdateGatewaySoftwareNow", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UpdateGatewaySoftwareNow.html" + }, + "UpdateHypervisor": { + "privilege": "UpdateHypervisor", + "description": "Grants permission to UpdateHypervisor", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_BGW_UpdateHypervisor.html" + } + }, + "privileges_lower_name": { + "associategatewaytoserver": "AssociateGatewayToServer", + "backup": "Backup", + "creategateway": "CreateGateway", + "deletegateway": "DeleteGateway", + "deletehypervisor": "DeleteHypervisor", + "disassociategatewayfromserver": "DisassociateGatewayFromServer", + "getbandwidthratelimitschedule": "GetBandwidthRateLimitSchedule", + "getgateway": "GetGateway", + "gethypervisor": "GetHypervisor", + "gethypervisorpropertymappings": "GetHypervisorPropertyMappings", + "getvirtualmachine": "GetVirtualMachine", + "importhypervisorconfiguration": "ImportHypervisorConfiguration", + "listgateways": "ListGateways", + "listhypervisors": "ListHypervisors", + "listtagsforresource": "ListTagsForResource", + "listvirtualmachines": "ListVirtualMachines", + "putbandwidthratelimitschedule": "PutBandwidthRateLimitSchedule", + "puthypervisorpropertymappings": "PutHypervisorPropertyMappings", + "putmaintenancestarttime": "PutMaintenanceStartTime", + "restore": "Restore", + "startvirtualmachinesmetadatasync": "StartVirtualMachinesMetadataSync", + "tagresource": "TagResource", + "testhypervisorconfiguration": "TestHypervisorConfiguration", + "untagresource": "UntagResource", + "updategatewayinformation": "UpdateGatewayInformation", + "updategatewaysoftwarenow": "UpdateGatewaySoftwareNow", + "updatehypervisor": "UpdateHypervisor" + }, + "resources": { + "gateway": { + "resource": "gateway", + "arn": "arn:${Partition}:backup-gateway::${Account}:gateway/${GatewayId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "hypervisor": { + "resource": "hypervisor", + "arn": "arn:${Partition}:backup-gateway::${Account}:hypervisor/${HypervisorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "virtualmachine": { + "resource": "virtualmachine", + "arn": "arn:${Partition}:backup-gateway::${Account}:vm/${VirtualmachineId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "gateway": "gateway", + "hypervisor": "hypervisor", + "virtualmachine": "virtualmachine" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "backup-storage": { + "service_name": "AWS Backup storage", + "prefix": "backup-storage", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackupstorage.html", + "privileges": { + "CommitBackupJob": { + "privilege": "CommitBackupJob", + "description": "Grants permission to commit backup job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "DeleteObjects": { + "privilege": "DeleteObjects", + "description": "Grants permission to delete objects", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "DescribeBackupJob": { + "privilege": "DescribeBackupJob", + "description": "Grants permission to describe backup job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "GetBaseBackup": { + "privilege": "GetBaseBackup", + "description": "Grants permission to get base backup", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "GetChunk": { + "privilege": "GetChunk", + "description": "Grants permission to get data from a recovery point for a restore job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "GetIncrementalBaseBackup": { + "privilege": "GetIncrementalBaseBackup", + "description": "Grants permission to get incremental base backup", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "GetObjectMetadata": { + "privilege": "GetObjectMetadata", + "description": "Grants permission to get metadata from a recovery point for a restore job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "ListChunks": { + "privilege": "ListChunks", + "description": "Grants permission to list data from a recovery point for a restore job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "ListObjects": { + "privilege": "ListObjects", + "description": "Grants permission to list data from a recovery point for a restore job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "MountCapsule": { + "privilege": "MountCapsule", + "description": "Associates a KMS key to a backup vault", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/API_CreateBackupVault.html" + }, + "NotifyObjectComplete": { + "privilege": "NotifyObjectComplete", + "description": "Grants permission to mark an uploaded data as completed for a backup job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "PutChunk": { + "privilege": "PutChunk", + "description": "Grants permission to upload data to an AWS Backup-managed recovery point for a backup job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "PutObject": { + "privilege": "PutObject", + "description": "Grants permission to put object", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "StartObject": { + "privilege": "StartObject", + "description": "Grants permission to upload data to an AWS Backup-managed recovery point for a backup job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + }, + "UpdateObjectComplete": { + "privilege": "UpdateObjectComplete", + "description": "Grants permission to update object complete", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-data-transfer.html" + } + }, + "privileges_lower_name": { + "commitbackupjob": "CommitBackupJob", + "deleteobjects": "DeleteObjects", + "describebackupjob": "DescribeBackupJob", + "getbasebackup": "GetBaseBackup", + "getchunk": "GetChunk", + "getincrementalbasebackup": "GetIncrementalBaseBackup", + "getobjectmetadata": "GetObjectMetadata", + "listchunks": "ListChunks", + "listobjects": "ListObjects", + "mountcapsule": "MountCapsule", + "notifyobjectcomplete": "NotifyObjectComplete", + "putchunk": "PutChunk", + "putobject": "PutObject", + "startobject": "StartObject", + "updateobjectcomplete": "UpdateObjectComplete" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "batch": { + "service_name": "AWS Batch", + "prefix": "batch", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbatch.html", + "privileges": { + "CancelJob": { + "privilege": "CancelJob", + "description": "Grants permission to cancel a job in an AWS Batch job queue in your account", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CancelJob.html" + }, + "CreateComputeEnvironment": { + "privilege": "CreateComputeEnvironment", + "description": "Grants permission to create an AWS Batch compute environment in your account", + "access_level": "Write", + "resource_types": { + "compute-environment": { + "resource_type": "compute-environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compute-environment": "compute-environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateComputeEnvironment.html" + }, + "CreateJobQueue": { + "privilege": "CreateJobQueue", + "description": "Grants permission to create an AWS Batch job queue in your account", + "access_level": "Write", + "resource_types": { + "compute-environment": { + "resource_type": "compute-environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "job-queue": { + "resource_type": "job-queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compute-environment": "compute-environment", + "job-queue": "job-queue", + "scheduling-policy": "scheduling-policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateJobQueue.html" + }, + "CreateSchedulingPolicy": { + "privilege": "CreateSchedulingPolicy", + "description": "Grants permission to create an AWS Batch scheduling policy in your account", + "access_level": "Write", + "resource_types": { + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scheduling-policy": "scheduling-policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateSchedulingPolicy.html" + }, + "DeleteComputeEnvironment": { + "privilege": "DeleteComputeEnvironment", + "description": "Grants permission to delete an AWS Batch compute environment in your account", + "access_level": "Write", + "resource_types": { + "compute-environment": { + "resource_type": "compute-environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compute-environment": "compute-environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeleteComputeEnvironment.html" + }, + "DeleteJobQueue": { + "privilege": "DeleteJobQueue", + "description": "Grants permission to delete an AWS Batch job queue in your account", + "access_level": "Write", + "resource_types": { + "job-queue": { + "resource_type": "job-queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job-queue": "job-queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeleteJobQueue.html" + }, + "DeleteSchedulingPolicy": { + "privilege": "DeleteSchedulingPolicy", + "description": "Grants permission to delete an AWS Batch scheduling policy in your account", + "access_level": "Write", + "resource_types": { + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scheduling-policy": "scheduling-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeleteSchedulingPolicy.html" + }, + "DeregisterJobDefinition": { + "privilege": "DeregisterJobDefinition", + "description": "Grants permission to deregister an AWS Batch job definition in your account", + "access_level": "Write", + "resource_types": { + "job-definition": { + "resource_type": "job-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job-definition": "job-definition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DeregisterJobDefinition.html" + }, + "DescribeComputeEnvironments": { + "privilege": "DescribeComputeEnvironments", + "description": "Grants permission to describe one or more AWS Batch compute environments in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeComputeEnvironments.html" + }, + "DescribeJobDefinitions": { + "privilege": "DescribeJobDefinitions", + "description": "Grants permission to describe one or more AWS Batch job definitions in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeJobDefinitions.html" + }, + "DescribeJobQueues": { + "privilege": "DescribeJobQueues", + "description": "Grants permission to describe one or more AWS Batch job queues in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeJobQueues.html" + }, + "DescribeJobs": { + "privilege": "DescribeJobs", + "description": "Grants permission to describe a list of AWS Batch jobs in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeJobs.html" + }, + "DescribeSchedulingPolicies": { + "privilege": "DescribeSchedulingPolicies", + "description": "Grants permission to describe one or more AWS Batch scheduling policies in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_DescribeSchedulingPolicies.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list jobs for a specified AWS Batch job queue in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_ListJobs.html" + }, + "ListSchedulingPolicies": { + "privilege": "ListSchedulingPolicies", + "description": "Grants permission to list AWS Batch scheduling policies in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_ListSchedulingPolicies.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS Batch resource in your account", + "access_level": "Read", + "resource_types": { + "compute-environment": { + "resource_type": "compute-environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job-definition": { + "resource_type": "job-definition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job-queue": { + "resource_type": "job-queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compute-environment": "compute-environment", + "job": "job", + "job-definition": "job-definition", + "job-queue": "job-queue", + "scheduling-policy": "scheduling-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_ListTagsForResource.html" + }, + "RegisterJobDefinition": { + "privilege": "RegisterJobDefinition", + "description": "Grants permission to register an AWS Batch job definition in your account", + "access_level": "Write", + "resource_types": { + "job-definition": { + "resource_type": "job-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "batch:User", + "batch:Privileged", + "batch:Image", + "batch:LogDriver", + "batch:AWSLogsGroup", + "batch:AWSLogsRegion", + "batch:AWSLogsStreamPrefix", + "batch:AWSLogsCreateGroup", + "batch:EKSServiceAccountName", + "batch:EKSImage", + "batch:EKSRunAsUser", + "batch:EKSRunAsGroup", + "batch:EKSPrivileged", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job-definition": "job-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_RegisterJobDefinition.html" + }, + "SubmitJob": { + "privilege": "SubmitJob", + "description": "Grants permission to submit an AWS Batch job from a job definition in your account", + "access_level": "Write", + "resource_types": { + "job-definition": { + "resource_type": "job-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "job-queue": { + "resource_type": "job-queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "batch:ShareIdentifier", + "batch:EKSImage" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job-definition": "job-definition", + "job-queue": "job-queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_SubmitJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS Batch resource in your account", + "access_level": "Tagging", + "resource_types": { + "compute-environment": { + "resource_type": "compute-environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job-definition": { + "resource_type": "job-definition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job-queue": { + "resource_type": "job-queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compute-environment": "compute-environment", + "job": "job", + "job-definition": "job-definition", + "job-queue": "job-queue", + "scheduling-policy": "scheduling-policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_TagResource.html" + }, + "TerminateJob": { + "privilege": "TerminateJob", + "description": "Grants permission to terminate a job in an AWS Batch job queue in your account", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_TerminateJob.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an AWS Batch resource in your account", + "access_level": "Tagging", + "resource_types": { + "compute-environment": { + "resource_type": "compute-environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job-definition": { + "resource_type": "job-definition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job-queue": { + "resource_type": "job-queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compute-environment": "compute-environment", + "job": "job", + "job-definition": "job-definition", + "job-queue": "job-queue", + "scheduling-policy": "scheduling-policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UntagResource.html" + }, + "UpdateComputeEnvironment": { + "privilege": "UpdateComputeEnvironment", + "description": "Grants permission to update an AWS Batch compute environment in your account", + "access_level": "Write", + "resource_types": { + "compute-environment": { + "resource_type": "compute-environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "compute-environment": "compute-environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html" + }, + "UpdateJobQueue": { + "privilege": "UpdateJobQueue", + "description": "Grants permission to update an AWS Batch job queue in your account", + "access_level": "Write", + "resource_types": { + "job-queue": { + "resource_type": "job-queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "compute-environment": { + "resource_type": "compute-environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job-queue": "job-queue", + "compute-environment": "compute-environment", + "scheduling-policy": "scheduling-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateJobQueue.html" + }, + "UpdateSchedulingPolicy": { + "privilege": "UpdateSchedulingPolicy", + "description": "Grants permission to update an AWS Batch scheduling policy in your account", + "access_level": "Write", + "resource_types": { + "scheduling-policy": { + "resource_type": "scheduling-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scheduling-policy": "scheduling-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateSchedulingPolicy.html" + } + }, + "privileges_lower_name": { + "canceljob": "CancelJob", + "createcomputeenvironment": "CreateComputeEnvironment", + "createjobqueue": "CreateJobQueue", + "createschedulingpolicy": "CreateSchedulingPolicy", + "deletecomputeenvironment": "DeleteComputeEnvironment", + "deletejobqueue": "DeleteJobQueue", + "deleteschedulingpolicy": "DeleteSchedulingPolicy", + "deregisterjobdefinition": "DeregisterJobDefinition", + "describecomputeenvironments": "DescribeComputeEnvironments", + "describejobdefinitions": "DescribeJobDefinitions", + "describejobqueues": "DescribeJobQueues", + "describejobs": "DescribeJobs", + "describeschedulingpolicies": "DescribeSchedulingPolicies", + "listjobs": "ListJobs", + "listschedulingpolicies": "ListSchedulingPolicies", + "listtagsforresource": "ListTagsForResource", + "registerjobdefinition": "RegisterJobDefinition", + "submitjob": "SubmitJob", + "tagresource": "TagResource", + "terminatejob": "TerminateJob", + "untagresource": "UntagResource", + "updatecomputeenvironment": "UpdateComputeEnvironment", + "updatejobqueue": "UpdateJobQueue", + "updateschedulingpolicy": "UpdateSchedulingPolicy" + }, + "resources": { + "compute-environment": { + "resource": "compute-environment", + "arn": "arn:${Partition}:batch:${Region}:${Account}:compute-environment/${ComputeEnvironmentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "job-queue": { + "resource": "job-queue", + "arn": "arn:${Partition}:batch:${Region}:${Account}:job-queue/${JobQueueName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "job-definition": { + "resource": "job-definition", + "arn": "arn:${Partition}:batch:${Region}:${Account}:job-definition/${JobDefinitionName}:${Revision}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "job": { + "resource": "job", + "arn": "arn:${Partition}:batch:${Region}:${Account}:job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "scheduling-policy": { + "resource": "scheduling-policy", + "arn": "arn:${Partition}:batch:${Region}:${Account}:scheduling-policy/${SchedulingPolicyName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "compute-environment": "compute-environment", + "job-queue": "job-queue", + "job-definition": "job-definition", + "job": "job", + "scheduling-policy": "scheduling-policy" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "batch:AWSLogsCreateGroup": { + "condition": "batch:AWSLogsCreateGroup", + "description": "Filters access by the specified logging driver to determine whether awslogs group will be created for the logs", + "type": "Bool" + }, + "batch:AWSLogsGroup": { + "condition": "batch:AWSLogsGroup", + "description": "Filters access by the awslogs group where the logs are located", + "type": "String" + }, + "batch:AWSLogsRegion": { + "condition": "batch:AWSLogsRegion", + "description": "Filters access by the region where the logs are sent to", + "type": "String" + }, + "batch:AWSLogsStreamPrefix": { + "condition": "batch:AWSLogsStreamPrefix", + "description": "Filters access by the awslogs log stream prefix", + "type": "String" + }, + "batch:EKSImage": { + "condition": "batch:EKSImage", + "description": "Filters access by the image used to start a container for an Amazon EKS job", + "type": "String" + }, + "batch:EKSPrivileged": { + "condition": "batch:EKSPrivileged", + "description": "Filters access by the specified privileged parameter value that determines whether the container is given elevated privileges on the host container instance (similar to the root user) for an Amazon EKS job", + "type": "Bool" + }, + "batch:EKSRunAsGroup": { + "condition": "batch:EKSRunAsGroup", + "description": "Filters access by the specified group numeric ID (gid) used to start a container in an Amazon EKS job", + "type": "Numeric" + }, + "batch:EKSRunAsUser": { + "condition": "batch:EKSRunAsUser", + "description": "Filters access by the specified user numeric ID (uid) used to start a a container in an Amazon EKS job", + "type": "Numeric" + }, + "batch:EKSServiceAccountName": { + "condition": "batch:EKSServiceAccountName", + "description": "Filters access by the name of the service account used to run the pod for an Amazon EKS job", + "type": "String" + }, + "batch:Image": { + "condition": "batch:Image", + "description": "Filters access by the image used to start a container", + "type": "String" + }, + "batch:LogDriver": { + "condition": "batch:LogDriver", + "description": "Filters access by the log driver used for the container", + "type": "String" + }, + "batch:Privileged": { + "condition": "batch:Privileged", + "description": "Filters access by the specified privileged parameter value that determines whether the container is given elevated privileges on the host container instance (similar to the root user)", + "type": "Bool" + }, + "batch:ShareIdentifier": { + "condition": "batch:ShareIdentifier", + "description": "Filters access by the shareIdentifier used inside submit job", + "type": "String" + }, + "batch:User": { + "condition": "batch:User", + "description": "Filters access by user name or numeric uid used inside the container", + "type": "String" + } + } + }, + "aws-portal": { + "service_name": "AWS Billing and Cost Management", + "prefix": "aws-portal", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbilling.html", + "privileges": { + "ModifyAccount": { + "privilege": "ModifyAccount", + "description": "Allow or deny IAM users permission to modify Account Settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ModifyBilling": { + "privilege": "ModifyBilling", + "description": "Allow or deny IAM users permission to modify billing settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ModifyPaymentMethods": { + "privilege": "ModifyPaymentMethods", + "description": "Allow or deny IAM users permission to modify payment methods", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ViewAccount": { + "privilege": "ViewAccount", + "description": "Allow or deny IAM users permission to view account settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ViewBilling": { + "privilege": "ViewBilling", + "description": "Allow or deny IAM users permission to view billing pages in the console", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ViewPaymentMethods": { + "privilege": "ViewPaymentMethods", + "description": "Allow or deny IAM users permission to view payment methods", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ViewUsage": { + "privilege": "ViewUsage", + "description": "Allow or deny IAM users permission to view AWS usage reports", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetConsoleActionSetEnforced": { + "privilege": "GetConsoleActionSetEnforced", + "description": "Grants permission to view whether existing or fine-grained IAM actions are being used to control authorization to Billing, Cost Management, and Account consoles", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdateConsoleActionSetEnforced": { + "privilege": "UpdateConsoleActionSetEnforced", + "description": "Grants permission to change whether existing or fine-grained IAM actions will be used to control authorization to Billing, Cost Management, and Account consoles", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + } + }, + "privileges_lower_name": { + "modifyaccount": "ModifyAccount", + "modifybilling": "ModifyBilling", + "modifypaymentmethods": "ModifyPaymentMethods", + "viewaccount": "ViewAccount", + "viewbilling": "ViewBilling", + "viewpaymentmethods": "ViewPaymentMethods", + "viewusage": "ViewUsage", + "getconsoleactionsetenforced": "GetConsoleActionSetEnforced", + "updateconsoleactionsetenforced": "UpdateConsoleActionSetEnforced" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "billing": { + "service_name": "AWS Billing and Cost Management", + "prefix": "billing", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbilling_.html", + "privileges": { + "GetBillingData": { + "privilege": "GetBillingData", + "description": "Grants permission to perform queries on billing information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetBillingDetails": { + "privilege": "GetBillingDetails", + "description": "Grants permission to view detailed line item billing information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetBillingNotifications": { + "privilege": "GetBillingNotifications", + "description": "Grants permission to view notifications sent by AWS related to your accounts billing information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetBillingPreferences": { + "privilege": "GetBillingPreferences", + "description": "Grants permission to view billing preferences such as reserved instance, savings plans and credits sharing", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetContractInformation": { + "privilege": "GetContractInformation", + "description": "Grants permission to view the account's contract information including the contract number, end-user organization names, PO numbers and if the account is used to service public-sector customers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetCredits": { + "privilege": "GetCredits", + "description": "Grants permission to view credits that have been redeemed", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetIAMAccessPreference": { + "privilege": "GetIAMAccessPreference", + "description": "Grants permission to retrieve the state of the Allow IAM Access billing preference", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetSellerOfRecord": { + "privilege": "GetSellerOfRecord", + "description": "Grants permission to retrieve the account's default Seller of Record", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ListBillingViews": { + "privilege": "ListBillingViews", + "description": "Grants permission to get billing information for your proforma billing groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "PutContractInformation": { + "privilege": "PutContractInformation", + "description": "Grants permission to set the account's contract information end-user organization names and if the account is used to service public-sector customers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "RedeemCredits": { + "privilege": "RedeemCredits", + "description": "Grants permission to redeem an AWS credit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdateBillingPreferences": { + "privilege": "UpdateBillingPreferences", + "description": "Grants permission to update billing preferences such as reserved instance, savings plans and credits sharing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdateIAMAccessPreference": { + "privilege": "UpdateIAMAccessPreference", + "description": "Grants permission to update the Allow IAM Access billing preference", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + } + }, + "privileges_lower_name": { + "getbillingdata": "GetBillingData", + "getbillingdetails": "GetBillingDetails", + "getbillingnotifications": "GetBillingNotifications", + "getbillingpreferences": "GetBillingPreferences", + "getcontractinformation": "GetContractInformation", + "getcredits": "GetCredits", + "getiamaccesspreference": "GetIAMAccessPreference", + "getsellerofrecord": "GetSellerOfRecord", + "listbillingviews": "ListBillingViews", + "putcontractinformation": "PutContractInformation", + "redeemcredits": "RedeemCredits", + "updatebillingpreferences": "UpdateBillingPreferences", + "updateiamaccesspreference": "UpdateIAMAccessPreference" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "billingconductor": { + "service_name": "AWS Billing Conductor", + "prefix": "billingconductor", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbillingconductor.html", + "privileges": { + "AssociateAccounts": { + "privilege": "AssociateAccounts", + "description": "Grants permission to associate between one and 30 accounts to a billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_AssociateAccounts.html" + }, + "AssociatePricingRules": { + "privilege": "AssociatePricingRules", + "description": "Grants permission to associate pricing rules", + "access_level": "Write", + "resource_types": { + "pricingplan": { + "resource_type": "pricingplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingrule": { + "resource_type": "pricingrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingplan": "pricingplan", + "pricingrule": "pricingrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_AssociatePricingRules.html" + }, + "BatchAssociateResourcesToCustomLineItem": { + "privilege": "BatchAssociateResourcesToCustomLineItem", + "description": "Grants permission to batch associate resources to a percentage custom line item", + "access_level": "Write", + "resource_types": { + "customlineitem": { + "resource_type": "customlineitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customlineitem": "customlineitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_BatchAssociateResourcesToCustomLineItem.html" + }, + "BatchDisassociateResourcesFromCustomLineItem": { + "privilege": "BatchDisassociateResourcesFromCustomLineItem", + "description": "Grants permission to batch disassociate resources from a percentage custom line item", + "access_level": "Write", + "resource_types": { + "customlineitem": { + "resource_type": "customlineitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customlineitem": "customlineitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_BatchDisassociateResourcesFromCustomLineItem.html" + }, + "CreateBillingGroup": { + "privilege": "CreateBillingGroup", + "description": "Grants permission to create a billing group", + "access_level": "Write", + "resource_types": { + "pricingplan": { + "resource_type": "pricingplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingplan": "pricingplan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreateBillingGroup.html" + }, + "CreateCustomLineItem": { + "privilege": "CreateCustomLineItem", + "description": "Grants permission to create a custom line item", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreateCustomLineItem.html" + }, + "CreatePricingPlan": { + "privilege": "CreatePricingPlan", + "description": "Grants permission to create a pricing plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreatePricingPlan.html" + }, + "CreatePricingRule": { + "privilege": "CreatePricingRule", + "description": "Grants permission to create a pricing rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_CreatePricingRule.html" + }, + "DeleteBillingGroup": { + "privilege": "DeleteBillingGroup", + "description": "Grants permission to delete a billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeleteBillingGroup.html" + }, + "DeleteCustomLineItem": { + "privilege": "DeleteCustomLineItem", + "description": "Grants permission to delete a custom line item", + "access_level": "Write", + "resource_types": { + "customlineitem": { + "resource_type": "customlineitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customlineitem": "customlineitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeleteCustomLineItem.html" + }, + "DeletePricingPlan": { + "privilege": "DeletePricingPlan", + "description": "Grants permission to delete a pricing plan", + "access_level": "Write", + "resource_types": { + "pricingplan": { + "resource_type": "pricingplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingplan": "pricingplan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeletePricingPlan.html" + }, + "DeletePricingRule": { + "privilege": "DeletePricingRule", + "description": "Grants permission to delete a pricing rule", + "access_level": "Write", + "resource_types": { + "pricingrule": { + "resource_type": "pricingrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingrule": "pricingrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DeletePricingRule.html" + }, + "DisassociateAccounts": { + "privilege": "DisassociateAccounts", + "description": "Grants permission to detach between one and 30 accounts from a billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DisassociateAccounts.html" + }, + "DisassociatePricingRules": { + "privilege": "DisassociatePricingRules", + "description": "Grants permission to disassociate pricing rules", + "access_level": "Write", + "resource_types": { + "pricingplan": { + "resource_type": "pricingplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingrule": { + "resource_type": "pricingrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingplan": "pricingplan", + "pricingrule": "pricingrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_DisassociatePricingRules.html" + }, + "ListAccountAssociations": { + "privilege": "ListAccountAssociations", + "description": "Grants permission to list the linked accounts of the payer account for the given billing period while also providing the billing group the linked accounts belong to", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListAccountAssociations.html" + }, + "ListBillingGroupCostReports": { + "privilege": "ListBillingGroupCostReports", + "description": "Grants permission to view the billing group cost report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListBillingGroupCostReports.html" + }, + "ListBillingGroups": { + "privilege": "ListBillingGroups", + "description": "Grants permission to view the details of billing groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListBillingGroups.html" + }, + "ListCustomLineItemVersions": { + "privilege": "ListCustomLineItemVersions", + "description": "Grants permission to view custom line item versions", + "access_level": "Read", + "resource_types": { + "customlineitem": { + "resource_type": "customlineitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customlineitem": "customlineitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListCustomLineItemVersions.html" + }, + "ListCustomLineItems": { + "privilege": "ListCustomLineItems", + "description": "Grants permission to view custom line item details", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListCustomLineItems.html" + }, + "ListPricingPlans": { + "privilege": "ListPricingPlans", + "description": "Grants permission to view the pricing plans details", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingPlans.html" + }, + "ListPricingPlansAssociatedWithPricingRule": { + "privilege": "ListPricingPlansAssociatedWithPricingRule", + "description": "Grants permission to list pricing plans associated with a pricing rule", + "access_level": "List", + "resource_types": { + "pricingplan": { + "resource_type": "pricingplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingrule": { + "resource_type": "pricingrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingplan": "pricingplan", + "pricingrule": "pricingrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingPlansAssociatedWithPricingRule.html" + }, + "ListPricingRules": { + "privilege": "ListPricingRules", + "description": "Grants permission to view pricing rules details", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingRules.html" + }, + "ListPricingRulesAssociatedToPricingPlan": { + "privilege": "ListPricingRulesAssociatedToPricingPlan", + "description": "Grants permission to list pricing rules associated to a pricing plan", + "access_level": "List", + "resource_types": { + "pricingplan": { + "resource_type": "pricingplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingrule": { + "resource_type": "pricingrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingplan": "pricingplan", + "pricingrule": "pricingrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListPricingRulesAssociatedToPricingPlan.html" + }, + "ListResourcesAssociatedToCustomLineItem": { + "privilege": "ListResourcesAssociatedToCustomLineItem", + "description": "Grants permission to list resources associated to a percentage custom line item", + "access_level": "List", + "resource_types": { + "customlineitem": { + "resource_type": "customlineitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customlineitem": "customlineitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListResourcesAssociatedToCustomLineItem.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags of a resource", + "access_level": "Read", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customlineitem": { + "resource_type": "customlineitem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingplan": { + "resource_type": "pricingplan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingrule": { + "resource_type": "pricingrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup", + "customlineitem": "customlineitem", + "pricingplan": "pricingplan", + "pricingrule": "pricingrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customlineitem": { + "resource_type": "customlineitem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingplan": { + "resource_type": "pricingplan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingrule": { + "resource_type": "pricingrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup", + "customlineitem": "customlineitem", + "pricingplan": "pricingplan", + "pricingrule": "pricingrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customlineitem": { + "resource_type": "customlineitem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingplan": { + "resource_type": "pricingplan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pricingrule": { + "resource_type": "pricingrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup", + "customlineitem": "customlineitem", + "pricingplan": "pricingplan", + "pricingrule": "pricingrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UntagResource.html" + }, + "UpdateBillingGroup": { + "privilege": "UpdateBillingGroup", + "description": "Grants permission to update a billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdateBillingGroup.html" + }, + "UpdateCustomLineItem": { + "privilege": "UpdateCustomLineItem", + "description": "Grants permission to update a custom line item", + "access_level": "Write", + "resource_types": { + "customlineitem": { + "resource_type": "customlineitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customlineitem": "customlineitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdateCustomLineItem.html" + }, + "UpdatePricingPlan": { + "privilege": "UpdatePricingPlan", + "description": "Grants permission to update a pricing plan", + "access_level": "Write", + "resource_types": { + "pricingplan": { + "resource_type": "pricingplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingplan": "pricingplan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdatePricingPlan.html" + }, + "UpdatePricingRule": { + "privilege": "UpdatePricingRule", + "description": "Grants permission to update a pricing rule", + "access_level": "Write", + "resource_types": { + "pricingrule": { + "resource_type": "pricingrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pricingrule": "pricingrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/billingconductor/latest/APIReference/API_UpdatePricingRule.html" + } + }, + "privileges_lower_name": { + "associateaccounts": "AssociateAccounts", + "associatepricingrules": "AssociatePricingRules", + "batchassociateresourcestocustomlineitem": "BatchAssociateResourcesToCustomLineItem", + "batchdisassociateresourcesfromcustomlineitem": "BatchDisassociateResourcesFromCustomLineItem", + "createbillinggroup": "CreateBillingGroup", + "createcustomlineitem": "CreateCustomLineItem", + "createpricingplan": "CreatePricingPlan", + "createpricingrule": "CreatePricingRule", + "deletebillinggroup": "DeleteBillingGroup", + "deletecustomlineitem": "DeleteCustomLineItem", + "deletepricingplan": "DeletePricingPlan", + "deletepricingrule": "DeletePricingRule", + "disassociateaccounts": "DisassociateAccounts", + "disassociatepricingrules": "DisassociatePricingRules", + "listaccountassociations": "ListAccountAssociations", + "listbillinggroupcostreports": "ListBillingGroupCostReports", + "listbillinggroups": "ListBillingGroups", + "listcustomlineitemversions": "ListCustomLineItemVersions", + "listcustomlineitems": "ListCustomLineItems", + "listpricingplans": "ListPricingPlans", + "listpricingplansassociatedwithpricingrule": "ListPricingPlansAssociatedWithPricingRule", + "listpricingrules": "ListPricingRules", + "listpricingrulesassociatedtopricingplan": "ListPricingRulesAssociatedToPricingPlan", + "listresourcesassociatedtocustomlineitem": "ListResourcesAssociatedToCustomLineItem", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatebillinggroup": "UpdateBillingGroup", + "updatecustomlineitem": "UpdateCustomLineItem", + "updatepricingplan": "UpdatePricingPlan", + "updatepricingrule": "UpdatePricingRule" + }, + "resources": { + "billinggroup": { + "resource": "billinggroup", + "arn": "arn:${Partition}:billingconductor::${Account}:billinggroup/${BillingGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "pricingplan": { + "resource": "pricingplan", + "arn": "arn:${Partition}:billingconductor::${Account}:pricingplan/${PricingPlanId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "pricingrule": { + "resource": "pricingrule", + "arn": "arn:${Partition}:billingconductor::${Account}:pricingrule/${PricingRuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "customlineitem": { + "resource": "customlineitem", + "arn": "arn:${Partition}:billingconductor::${Account}:customlineitem/${CustomLineItemId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "billinggroup": "billinggroup", + "pricingplan": "pricingplan", + "pricingrule": "pricingrule", + "customlineitem": "customlineitem" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "budgets": { + "service_name": "AWS Budget Service", + "prefix": "budgets", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbudgetservice.html", + "privileges": { + "CreateBudgetAction": { + "privilege": "CreateBudgetAction", + "description": "Grants permission to create and define a response that you can configure to execute once your budget has exceeded a specific budget threshold", + "access_level": "Write", + "resource_types": { + "budgetAction": { + "resource_type": "budgetAction", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "budgetaction": "budgetAction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "DeleteBudgetAction": { + "privilege": "DeleteBudgetAction", + "description": "Grants permission to delete an action that is associated with a specific budget", + "access_level": "Write", + "resource_types": { + "budgetAction": { + "resource_type": "budgetAction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "budgetaction": "budgetAction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "DescribeBudgetAction": { + "privilege": "DescribeBudgetAction", + "description": "Grants permission to retrieve the details of a specific budget action associated with a budget", + "access_level": "Read", + "resource_types": { + "budgetAction": { + "resource_type": "budgetAction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "budgetaction": "budgetAction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "DescribeBudgetActionHistories": { + "privilege": "DescribeBudgetActionHistories", + "description": "Grants permission to retrieve a historical view of the budget actions statuses associated with a particular budget action. These status include statues such as 'Standby', 'Pending' and 'Executed'", + "access_level": "Read", + "resource_types": { + "budgetAction": { + "resource_type": "budgetAction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "budgetaction": "budgetAction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "DescribeBudgetActionsForAccount": { + "privilege": "DescribeBudgetActionsForAccount", + "description": "Grants permission to retrieve the details of all of the budget actions associated with your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "DescribeBudgetActionsForBudget": { + "privilege": "DescribeBudgetActionsForBudget", + "description": "Grants permission to retrieve the details of all of the budget actions associated with a budget", + "access_level": "Read", + "resource_types": { + "budget": { + "resource_type": "budget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "budget": "budget" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ExecuteBudgetAction": { + "privilege": "ExecuteBudgetAction", + "description": "Grants permission to initiate a pending budget action as well as reverse a previously executed budget action", + "access_level": "Write", + "resource_types": { + "budgetAction": { + "resource_type": "budgetAction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "budgetaction": "budgetAction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ModifyBudget": { + "privilege": "ModifyBudget", + "description": "Grants permission to modify budgets and budget details", + "access_level": "Write", + "resource_types": { + "budget": { + "resource_type": "budget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "budget": "budget" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdateBudgetAction": { + "privilege": "UpdateBudgetAction", + "description": "Grants permission to update the details of a specific budget action associated with a budget", + "access_level": "Write", + "resource_types": { + "budgetAction": { + "resource_type": "budgetAction", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "budgetaction": "budgetAction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ViewBudget": { + "privilege": "ViewBudget", + "description": "Grants permission to view budgets and budget details", + "access_level": "Read", + "resource_types": { + "budget": { + "resource_type": "budget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "budget": "budget" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + } + }, + "privileges_lower_name": { + "createbudgetaction": "CreateBudgetAction", + "deletebudgetaction": "DeleteBudgetAction", + "describebudgetaction": "DescribeBudgetAction", + "describebudgetactionhistories": "DescribeBudgetActionHistories", + "describebudgetactionsforaccount": "DescribeBudgetActionsForAccount", + "describebudgetactionsforbudget": "DescribeBudgetActionsForBudget", + "executebudgetaction": "ExecuteBudgetAction", + "modifybudget": "ModifyBudget", + "updatebudgetaction": "UpdateBudgetAction", + "viewbudget": "ViewBudget" + }, + "resources": { + "budget": { + "resource": "budget", + "arn": "arn:${Partition}:budgets::${Account}:budget/${BudgetName}", + "condition_keys": [] + }, + "budgetAction": { + "resource": "budgetAction", + "arn": "arn:${Partition}:budgets::${Account}:budget/${BudgetName}/action/${ActionId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "budget": "budget", + "budgetaction": "budgetAction" + }, + "conditions": {} + }, + "bugbust": { + "service_name": "AWS BugBust", + "prefix": "bugbust", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbugbust.html", + "privileges": { + "CreateEvent": { + "privilege": "CreateEvent", + "description": "Grants permission to create a BugBust event", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "EvaluateProfilingGroups": { + "privilege": "EvaluateProfilingGroups", + "description": "Grants permission to evaluate checked-in profiling groups", + "access_level": "Write", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "GetEvent": { + "privilege": "GetEvent", + "description": "Grants permission to view customer details about an event", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "GetJoinEventStatus": { + "privilege": "GetJoinEventStatus", + "description": "Grants permission to view the status of a BugBust player's attempt to join a BugBust event", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "JoinEvent": { + "privilege": "JoinEvent", + "description": "Grants permission to join an event", + "access_level": "Write", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "ListBugs": { + "privilege": "ListBugs", + "description": "Grants permission to view the bugs that were imported into an event for players to work on", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "codeguru-reviewer:DescribeCodeReview", + "codeguru-reviewer:ListRecommendations" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "ListEventParticipants": { + "privilege": "ListEventParticipants", + "description": "Grants permission to view the participants of an event", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "ListEventScores": { + "privilege": "ListEventScores", + "description": "Grants permission to view the scores of an event's players", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "ListEvents": { + "privilege": "ListEvents", + "description": "Grants permission to List BugBust events", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "ListProfilingGroups": { + "privilege": "ListProfilingGroups", + "description": "Grants permission to view the profiling groups that were imported into an event for players to work on", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "ListPullRequests": { + "privilege": "ListPullRequests", + "description": "Grants permission to view the pull requests used by players to submit fixes to their claimed bugs in an event", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tag for a Bugbust resource", + "access_level": "Read", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a Bugbust resource", + "access_level": "Tagging", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a Bugbust resource", + "access_level": "Tagging", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "UpdateEvent": { + "privilege": "UpdateEvent", + "description": "Grants permission to update a BugBust event", + "access_level": "Write", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "codeguru-profiler:DescribeProfilingGroup", + "codeguru-profiler:ListProfilingGroups", + "codeguru-reviewer:DescribeCodeReview", + "codeguru-reviewer:ListCodeReviews", + "codeguru-reviewer:ListRecommendations", + "codeguru-reviewer:TagResource", + "codeguru-reviewer:UnTagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "UpdateWorkItem": { + "privilege": "UpdateWorkItem", + "description": "Grants permission to update a work item as claimed or unclaimed (bug or profiling group)", + "access_level": "Write", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "codeguru-reviewer:ListRecommendations" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + }, + "UpdateWorkItemAdmin": { + "privilege": "UpdateWorkItemAdmin", + "description": "Grants permission to update an event's work item (bug or profiling group)", + "access_level": "Write", + "resource_types": { + "Event": { + "resource_type": "Event", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "codeguru-reviewer:ListRecommendations" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "Event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeguru/latest/bugbust-ug/auth-and-access-control-permissions-reference.html" + } + }, + "privileges_lower_name": { + "createevent": "CreateEvent", + "evaluateprofilinggroups": "EvaluateProfilingGroups", + "getevent": "GetEvent", + "getjoineventstatus": "GetJoinEventStatus", + "joinevent": "JoinEvent", + "listbugs": "ListBugs", + "listeventparticipants": "ListEventParticipants", + "listeventscores": "ListEventScores", + "listevents": "ListEvents", + "listprofilinggroups": "ListProfilingGroups", + "listpullrequests": "ListPullRequests", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateevent": "UpdateEvent", + "updateworkitem": "UpdateWorkItem", + "updateworkitemadmin": "UpdateWorkItemAdmin" + }, + "resources": { + "Event": { + "resource": "Event", + "arn": "arn:${Partition}:bugbust:${Region}:${Account}:events/${EventId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "event": "Event" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "acm": { + "service_name": "AWS Certificate Manager", + "prefix": "acm", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscertificatemanager.html", + "privileges": { + "AddTagsToCertificate": { + "privilege": "AddTagsToCertificate", + "description": "Grants permission to add one or more tags to a certificate", + "access_level": "Tagging", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_AddTagsToCertificate.html" + }, + "DeleteCertificate": { + "privilege": "DeleteCertificate", + "description": "Grants permission to delete a certificate and its associated private key", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_DeleteCertificate.html" + }, + "DescribeCertificate": { + "privilege": "DescribeCertificate", + "description": "Grants permission to retreive a certificates and its metadata", + "access_level": "Read", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_DescribeCertificate.html" + }, + "ExportCertificate": { + "privilege": "ExportCertificate", + "description": "Grants permission to export a private certificate issued by a private certificate authority (CA) for use anywhere", + "access_level": "Read", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ExportCertificate.html" + }, + "GetAccountConfiguration": { + "privilege": "GetAccountConfiguration", + "description": "Grants permission to retrieve account level configuration from AWS Certificate Manager", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_GetAccountConfiguration.html" + }, + "GetCertificate": { + "privilege": "GetCertificate", + "description": "Grants permission to retrieve a certificate and certificate chain for a certificate ARN", + "access_level": "Read", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_GetCertificate.html" + }, + "ImportCertificate": { + "privilege": "ImportCertificate", + "description": "Grants permission to import a 3rd party certificate into AWS Certificate Manager (ACM)", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ImportCertificate.html" + }, + "ListCertificates": { + "privilege": "ListCertificates", + "description": "Grants permission to retrieve a list of the certificate ARNs and the domain name for each ARN", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ListCertificates.html" + }, + "ListTagsForCertificate": { + "privilege": "ListTagsForCertificate", + "description": "Grants permission to lists the tags that have been associated with a certificate", + "access_level": "Read", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ListTagsForCertificate.html" + }, + "PutAccountConfiguration": { + "privilege": "PutAccountConfiguration", + "description": "Grants permission to update account level configuration in AWS Certificate Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_PutAccountConfiguration.html" + }, + "RemoveTagsFromCertificate": { + "privilege": "RemoveTagsFromCertificate", + "description": "Grants permission to remove one or more tags from a certificate", + "access_level": "Tagging", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_RemoveTagsFromCertificate.html" + }, + "RenewCertificate": { + "privilege": "RenewCertificate", + "description": "Grants permission to renew an eligible private certificate", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_RenewCertificate.html" + }, + "RequestCertificate": { + "privilege": "RequestCertificate", + "description": "Grants permission to requests a public or private certificate", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_RequestCertificate.html" + }, + "ResendValidationEmail": { + "privilege": "ResendValidationEmail", + "description": "Grants permission to resend an email to request domain ownership validation", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_ResendValidationEmail.html" + }, + "UpdateCertificateOptions": { + "privilege": "UpdateCertificateOptions", + "description": "Grants permission to update a certificate configuration. Use this to specify whether to opt in to or out of certificate transparency logging", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/acm/latest/APIReference/API_UpdateCertificateOptions.html" + } + }, + "privileges_lower_name": { + "addtagstocertificate": "AddTagsToCertificate", + "deletecertificate": "DeleteCertificate", + "describecertificate": "DescribeCertificate", + "exportcertificate": "ExportCertificate", + "getaccountconfiguration": "GetAccountConfiguration", + "getcertificate": "GetCertificate", + "importcertificate": "ImportCertificate", + "listcertificates": "ListCertificates", + "listtagsforcertificate": "ListTagsForCertificate", + "putaccountconfiguration": "PutAccountConfiguration", + "removetagsfromcertificate": "RemoveTagsFromCertificate", + "renewcertificate": "RenewCertificate", + "requestcertificate": "RequestCertificate", + "resendvalidationemail": "ResendValidationEmail", + "updatecertificateoptions": "UpdateCertificateOptions" + }, + "resources": { + "certificate": { + "resource": "certificate", + "arn": "arn:${Partition}:acm:${Region}:${Account}:certificate/${CertificateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "certificate": "certificate" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filter access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filter access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "acm-pca": { + "service_name": "AWS Certificate Manager Private Certificate Authority", + "prefix": "acm-pca", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscertificatemanagerprivatecertificateauthority.html", + "privileges": { + "CreateCertificateAuthority": { + "privilege": "CreateCertificateAuthority", + "description": "Grants permission to create an AWS Private CA and its associated private key and configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html" + }, + "CreateCertificateAuthorityAuditReport": { + "privilege": "CreateCertificateAuthorityAuditReport", + "description": "Grants permission to create an audit report for an AWS Private CA", + "access_level": "Write", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html" + }, + "CreatePermission": { + "privilege": "CreatePermission", + "description": "Grants permission to create a permission for an AWS Private CA", + "access_level": "Permissions management", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreatePermission.html" + }, + "DeleteCertificateAuthority": { + "privilege": "DeleteCertificateAuthority", + "description": "Grants permission to delete an AWS Private CA and its associated private key and configuration", + "access_level": "Write", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeleteCertificateAuthority.html" + }, + "DeletePermission": { + "privilege": "DeletePermission", + "description": "Grants permission to delete a permission for an AWS Private CA", + "access_level": "Permissions management", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeletePermission.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to delete the policy for an AWS Private CA", + "access_level": "Permissions management", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeletePolicy.html" + }, + "DescribeCertificateAuthority": { + "privilege": "DescribeCertificateAuthority", + "description": "Grants permission to return a list of the configuration and status fields contained in the specified AWS Private CA", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DescribeCertificateAuthority.html" + }, + "DescribeCertificateAuthorityAuditReport": { + "privilege": "DescribeCertificateAuthorityAuditReport", + "description": "Grants permission to return the status and information about an AWS Private CA audit report", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_DescribeCertificateAuthorityAuditReport.html" + }, + "GetCertificate": { + "privilege": "GetCertificate", + "description": "Grants permission to retrieve an AWS Private CA certificate and certificate chain for the certificate authority specified by an ARN", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetCertificate.html" + }, + "GetCertificateAuthorityCertificate": { + "privilege": "GetCertificateAuthorityCertificate", + "description": "Grants permission to retrieve an AWS Private CA certificate and certificate chain for the certificate authority specified by an ARN", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetCertificateAuthorityCertificate.html" + }, + "GetCertificateAuthorityCsr": { + "privilege": "GetCertificateAuthorityCsr", + "description": "Grants permission to retrieve an AWS Private CA certificate signing request (CSR) for the certificate-authority specified by an ARN", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetCertificateAuthorityCsr.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to retrieve the policy on an AWS Private CA", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetPolicy.html" + }, + "ImportCertificateAuthorityCertificate": { + "privilege": "ImportCertificateAuthorityCertificate", + "description": "Grants permission to import an SSL/TLS certificate into AWS Private CA for use as the CA certificate of an AWS Private CA", + "access_level": "Write", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html" + }, + "IssueCertificate": { + "privilege": "IssueCertificate", + "description": "Grants permission to issue an AWS Private CA certificate", + "access_level": "Write", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "acm-pca:TemplateArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_IssueCertificate.html" + }, + "ListCertificateAuthorities": { + "privilege": "ListCertificateAuthorities", + "description": "Grants permission to retrieve a list of the AWS Private CA certificate authority ARNs, and a summary of the status of each CA in the calling account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListCertificateAuthorities.html" + }, + "ListPermissions": { + "privilege": "ListPermissions", + "description": "Grants permission to list the permissions that have been applied to the AWS Private CA certificate authority", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListPermissions.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to list the tags that have been applied to the AWS Private CA certificate authority", + "access_level": "Read", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListTags.html" + }, + "PutPolicy": { + "privilege": "PutPolicy", + "description": "Grants permission to put a policy on an AWS Private CA", + "access_level": "Permissions management", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_PutPolicy.html" + }, + "RestoreCertificateAuthority": { + "privilege": "RestoreCertificateAuthority", + "description": "Grants permission to restore an AWS Private CA from the deleted state to the state it was in when deleted", + "access_level": "Write", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_RestoreCertificateAuthority.html" + }, + "RevokeCertificate": { + "privilege": "RevokeCertificate", + "description": "Grants permission to revoke a certificate issued by an AWS Private CA", + "access_level": "Write", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html" + }, + "TagCertificateAuthority": { + "privilege": "TagCertificateAuthority", + "description": "Grants permission to add one or more tags to an AWS Private CA", + "access_level": "Tagging", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_TagCertificateAuthority.html" + }, + "UntagCertificateAuthority": { + "privilege": "UntagCertificateAuthority", + "description": "Grants permission to remove one or more tags from an AWS Private CA", + "access_level": "Tagging", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_UntagCertificateAuthority.html" + }, + "UpdateCertificateAuthority": { + "privilege": "UpdateCertificateAuthority", + "description": "Grants permission to update the configuration of an AWS Private CA", + "access_level": "Write", + "resource_types": { + "certificate-authority": { + "resource_type": "certificate-authority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate-authority": "certificate-authority" + }, + "api_documentation_link": "https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html" + } + }, + "privileges_lower_name": { + "createcertificateauthority": "CreateCertificateAuthority", + "createcertificateauthorityauditreport": "CreateCertificateAuthorityAuditReport", + "createpermission": "CreatePermission", + "deletecertificateauthority": "DeleteCertificateAuthority", + "deletepermission": "DeletePermission", + "deletepolicy": "DeletePolicy", + "describecertificateauthority": "DescribeCertificateAuthority", + "describecertificateauthorityauditreport": "DescribeCertificateAuthorityAuditReport", + "getcertificate": "GetCertificate", + "getcertificateauthoritycertificate": "GetCertificateAuthorityCertificate", + "getcertificateauthoritycsr": "GetCertificateAuthorityCsr", + "getpolicy": "GetPolicy", + "importcertificateauthoritycertificate": "ImportCertificateAuthorityCertificate", + "issuecertificate": "IssueCertificate", + "listcertificateauthorities": "ListCertificateAuthorities", + "listpermissions": "ListPermissions", + "listtags": "ListTags", + "putpolicy": "PutPolicy", + "restorecertificateauthority": "RestoreCertificateAuthority", + "revokecertificate": "RevokeCertificate", + "tagcertificateauthority": "TagCertificateAuthority", + "untagcertificateauthority": "UntagCertificateAuthority", + "updatecertificateauthority": "UpdateCertificateAuthority" + }, + "resources": { + "certificate-authority": { + "resource": "certificate-authority", + "arn": "arn:${Partition}:acm-pca:${Region}:${Account}:certificate-authority/${CertificateAuthorityId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "certificate-authority": "certificate-authority" + }, + "conditions": { + "acm-pca:TemplateArn": { + "condition": "acm-pca:TemplateArn", + "description": "Filters issue certificate requests based on the presence of TemplateArn in the request", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters create requests based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters create requests based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "chatbot": { + "service_name": "AWS Chatbot", + "prefix": "chatbot", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html", + "privileges": { + "CreateChimeWebhookConfiguration": { + "privilege": "CreateChimeWebhookConfiguration", + "description": "Grants permission to create an AWS Chatbot Chime Webhook Configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "CreateMicrosoftTeamsChannelConfiguration": { + "privilege": "CreateMicrosoftTeamsChannelConfiguration", + "description": "Grants permission to create an AWS Chatbot Microsoft Teams Channel Configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "CreateSlackChannelConfiguration": { + "privilege": "CreateSlackChannelConfiguration", + "description": "Grants permission to create an AWS Chatbot Slack Channel Configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DeleteChimeWebhookConfiguration": { + "privilege": "DeleteChimeWebhookConfiguration", + "description": "Grants permission to delete an AWS Chatbot Chime Webhook Configuration", + "access_level": "Write", + "resource_types": { + "ChatbotConfiguration": { + "resource_type": "ChatbotConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chatbotconfiguration": "ChatbotConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DeleteMicrosoftTeamsChannelConfiguration": { + "privilege": "DeleteMicrosoftTeamsChannelConfiguration", + "description": "Grants permission to delete an AWS Chatbot Microsoft Teams Channel Configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DeleteMicrosoftTeamsConfiguredTeam": { + "privilege": "DeleteMicrosoftTeamsConfiguredTeam", + "description": "Grants permission to delete the Microsoft Teams configured with AWS Chatbot in an AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DeleteMicrosoftTeamsUserIdentity": { + "privilege": "DeleteMicrosoftTeamsUserIdentity", + "description": "Grants permission to delete an AWS Chatbot Microsoft Teams User Identity", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DeleteSlackChannelConfiguration": { + "privilege": "DeleteSlackChannelConfiguration", + "description": "Grants permission to delete an AWS Chatbot Slack Channel Configuration", + "access_level": "Write", + "resource_types": { + "ChatbotConfiguration": { + "resource_type": "ChatbotConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chatbotconfiguration": "ChatbotConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DeleteSlackUserIdentity": { + "privilege": "DeleteSlackUserIdentity", + "description": "Grants permission to delete an AWS Chatbot Slack User Identity", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DeleteSlackWorkspaceAuthorization": { + "privilege": "DeleteSlackWorkspaceAuthorization", + "description": "Grants permission to delete the Slack workspace authorization with AWS Chatbot, associated with an AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DescribeChimeWebhookConfigurations": { + "privilege": "DescribeChimeWebhookConfigurations", + "description": "Grants permission to list all AWS Chatbot Chime Webhook Configurations in an AWS Account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DescribeSlackChannelConfigurations": { + "privilege": "DescribeSlackChannelConfigurations", + "description": "Grants permission to list all AWS Chatbot Slack Channel Configurations in an AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DescribeSlackChannels": { + "privilege": "DescribeSlackChannels", + "description": "Grants permission to list all public Slack channels in the Slack workspace connected to the AWS Account onboarded with AWS Chatbot service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DescribeSlackUserIdentities": { + "privilege": "DescribeSlackUserIdentities", + "description": "Grants permission to describe AWS Chatbot Slack User Identities", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "DescribeSlackWorkspaces": { + "privilege": "DescribeSlackWorkspaces", + "description": "Grants permission to list all authorized Slack workspaces connected to the AWS Account onboarded with AWS Chatbot service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "GetAccountPreferences": { + "privilege": "GetAccountPreferences", + "description": "Grants permission to retrieve AWS Chatbot account preferences", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "GetMicrosoftTeamsChannelConfiguration": { + "privilege": "GetMicrosoftTeamsChannelConfiguration", + "description": "Grants permission to get a single AWS Chatbot Microsoft Teams Channel Configurations in an AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "GetMicrosoftTeamsOauthParameters": { + "privilege": "GetMicrosoftTeamsOauthParameters", + "description": "Grants permission to generate OAuth parameters to request Microsoft Teams OAuth code to be used by the AWS Chatbot service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "GetSlackOauthParameters": { + "privilege": "GetSlackOauthParameters", + "description": "Grants permission to generate OAuth parameters to request Slack OAuth code to be used by the AWS Chatbot service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "ListMicrosoftTeamsChannelConfigurations": { + "privilege": "ListMicrosoftTeamsChannelConfigurations", + "description": "Grants permission to list all AWS Chatbot Microsoft Teams Channel Configurations in an AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "ListMicrosoftTeamsConfiguredTeams": { + "privilege": "ListMicrosoftTeamsConfiguredTeams", + "description": "Grants permission to list all Microsoft Teams connected to the AWS Account onboarded with AWS Chatbot service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "ListMicrosoftTeamsUserIdentities": { + "privilege": "ListMicrosoftTeamsUserIdentities", + "description": "Grants permission to describe AWS Chatbot Microsoft Teams User Identities", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "RedeemMicrosoftTeamsOauthCode": { + "privilege": "RedeemMicrosoftTeamsOauthCode", + "description": "Grants permission to redeem previously generated parameters with Microsoft APIs, to acquire OAuth tokens to be used by the AWS Chatbot service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "RedeemSlackOauthCode": { + "privilege": "RedeemSlackOauthCode", + "description": "Grants permission to redeem previously generated parameters with Slack API, to acquire OAuth tokens to be used by the AWS Chatbot service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "UpdateAccountPreferences": { + "privilege": "UpdateAccountPreferences", + "description": "Grants permission to update AWS Chatbot account preferences", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "UpdateChimeWebhookConfiguration": { + "privilege": "UpdateChimeWebhookConfiguration", + "description": "Grants permission to update an AWS Chatbot Chime Webhook Configuration", + "access_level": "Write", + "resource_types": { + "ChatbotConfiguration": { + "resource_type": "ChatbotConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chatbotconfiguration": "ChatbotConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "UpdateMicrosoftTeamsChannelConfiguration": { + "privilege": "UpdateMicrosoftTeamsChannelConfiguration", + "description": "Grants permission to update an AWS Chatbot Microsoft Teams Channel Configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + }, + "UpdateSlackChannelConfiguration": { + "privilege": "UpdateSlackChannelConfiguration", + "description": "Grants permission to update an AWS Chatbot Slack Channel Configuration", + "access_level": "Write", + "resource_types": { + "ChatbotConfiguration": { + "resource_type": "ChatbotConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chatbotconfiguration": "ChatbotConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/chatbot/latest/adminguide/what-is.html" + } + }, + "privileges_lower_name": { + "createchimewebhookconfiguration": "CreateChimeWebhookConfiguration", + "createmicrosoftteamschannelconfiguration": "CreateMicrosoftTeamsChannelConfiguration", + "createslackchannelconfiguration": "CreateSlackChannelConfiguration", + "deletechimewebhookconfiguration": "DeleteChimeWebhookConfiguration", + "deletemicrosoftteamschannelconfiguration": "DeleteMicrosoftTeamsChannelConfiguration", + "deletemicrosoftteamsconfiguredteam": "DeleteMicrosoftTeamsConfiguredTeam", + "deletemicrosoftteamsuseridentity": "DeleteMicrosoftTeamsUserIdentity", + "deleteslackchannelconfiguration": "DeleteSlackChannelConfiguration", + "deleteslackuseridentity": "DeleteSlackUserIdentity", + "deleteslackworkspaceauthorization": "DeleteSlackWorkspaceAuthorization", + "describechimewebhookconfigurations": "DescribeChimeWebhookConfigurations", + "describeslackchannelconfigurations": "DescribeSlackChannelConfigurations", + "describeslackchannels": "DescribeSlackChannels", + "describeslackuseridentities": "DescribeSlackUserIdentities", + "describeslackworkspaces": "DescribeSlackWorkspaces", + "getaccountpreferences": "GetAccountPreferences", + "getmicrosoftteamschannelconfiguration": "GetMicrosoftTeamsChannelConfiguration", + "getmicrosoftteamsoauthparameters": "GetMicrosoftTeamsOauthParameters", + "getslackoauthparameters": "GetSlackOauthParameters", + "listmicrosoftteamschannelconfigurations": "ListMicrosoftTeamsChannelConfigurations", + "listmicrosoftteamsconfiguredteams": "ListMicrosoftTeamsConfiguredTeams", + "listmicrosoftteamsuseridentities": "ListMicrosoftTeamsUserIdentities", + "redeemmicrosoftteamsoauthcode": "RedeemMicrosoftTeamsOauthCode", + "redeemslackoauthcode": "RedeemSlackOauthCode", + "updateaccountpreferences": "UpdateAccountPreferences", + "updatechimewebhookconfiguration": "UpdateChimeWebhookConfiguration", + "updatemicrosoftteamschannelconfiguration": "UpdateMicrosoftTeamsChannelConfiguration", + "updateslackchannelconfiguration": "UpdateSlackChannelConfiguration" + }, + "resources": { + "ChatbotConfiguration": { + "resource": "ChatbotConfiguration", + "arn": "arn:${Partition}:chatbot::${Account}:chat-configuration/${ConfigurationType}/${ChatbotConfigurationName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "chatbotconfiguration": "ChatbotConfiguration" + }, + "conditions": {} + }, + "cleanrooms": { + "service_name": "AWS Clean Rooms", + "prefix": "cleanrooms", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscleanrooms.html", + "privileges": { + "BatchGetSchema": { + "privilege": "BatchGetSchema", + "description": "Grants permission to view details for schemas", + "access_level": "Read", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cleanrooms:GetSchema" + ] + }, + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration", + "configuredtableassociation": "ConfiguredTableAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_BatchGetSchema.html" + }, + "CreateCollaboration": { + "privilege": "CreateCollaboration", + "description": "Grants permission to create a new collaboration, a shared data collaboration environment", + "access_level": "Write", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateCollaboration.html" + }, + "CreateConfiguredTable": { + "privilege": "CreateConfiguredTable", + "description": "Grants permission to create a new configured table", + "access_level": "Write", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "glue:BatchGetPartition", + "glue:GetDatabase", + "glue:GetDatabases", + "glue:GetPartition", + "glue:GetPartitions", + "glue:GetSchemaVersion", + "glue:GetTable", + "glue:GetTables" + ] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateConfiguredTable.html" + }, + "CreateConfiguredTableAnalysisRule": { + "privilege": "CreateConfiguredTableAnalysisRule", + "description": "Grants permission to create a analysis rule for a configured table", + "access_level": "Write", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateConfiguredTableAnalysisRule.html" + }, + "CreateConfiguredTableAssociation": { + "privilege": "CreateConfiguredTableAssociation", + "description": "Grants permission to link a configured table with a collaboration by creating a new association", + "access_level": "Write", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + }, + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable", + "configuredtableassociation": "ConfiguredTableAssociation", + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateConfiguredTableAssociation.html" + }, + "CreateMembership": { + "privilege": "CreateMembership", + "description": "Grants permission to join collaborations by creating a membership", + "access_level": "Write", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "logs:CreateLogDelivery", + "logs:CreateLogGroup", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutResourcePolicy", + "logs:UpdateLogDelivery" + ] + }, + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration", + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_CreateMembership.html" + }, + "DeleteCollaboration": { + "privilege": "DeleteCollaboration", + "description": "Grants permission to delete an existing collaboration", + "access_level": "Write", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteCollaboration.html" + }, + "DeleteConfiguredTable": { + "privilege": "DeleteConfiguredTable", + "description": "Grants permission to delete a configured table", + "access_level": "Write", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteConfiguredTable.html" + }, + "DeleteConfiguredTableAnalysisRule": { + "privilege": "DeleteConfiguredTableAnalysisRule", + "description": "Grants permission to delete an existing analysis rule", + "access_level": "Write", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteConfiguredTableAnalysisRule.html" + }, + "DeleteConfiguredTableAssociation": { + "privilege": "DeleteConfiguredTableAssociation", + "description": "Grants permission to remove a configured table association from a collaboration", + "access_level": "Write", + "resource_types": { + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtableassociation": "ConfiguredTableAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteConfiguredTableAssociation.html" + }, + "DeleteMember": { + "privilege": "DeleteMember", + "description": "Grants permission to delete members from a collaboration", + "access_level": "Write", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteMember.html" + }, + "DeleteMembership": { + "privilege": "DeleteMembership", + "description": "Grants permission to leave collaborations by deleting a membership", + "access_level": "Write", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_DeleteMembership.html" + }, + "GetCollaboration": { + "privilege": "GetCollaboration", + "description": "Grants permission to view details for a collaboration", + "access_level": "Read", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetCollaboration.html" + }, + "GetConfiguredTable": { + "privilege": "GetConfiguredTable", + "description": "Grants permission to view details for a configured table", + "access_level": "Read", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetConfiguredTable.html" + }, + "GetConfiguredTableAnalysisRule": { + "privilege": "GetConfiguredTableAnalysisRule", + "description": "Grants permission to view analysis rules for a configured table", + "access_level": "Read", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetConfiguredTableAnalysisRule.html" + }, + "GetConfiguredTableAssociation": { + "privilege": "GetConfiguredTableAssociation", + "description": "Grants permission to view details for a configured table association", + "access_level": "Read", + "resource_types": { + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtableassociation": "ConfiguredTableAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetConfiguredTableAssociation.html" + }, + "GetMembership": { + "privilege": "GetMembership", + "description": "Grants permission to view details about a membership", + "access_level": "Read", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetMembership.html" + }, + "GetProtectedQuery": { + "privilege": "GetProtectedQuery", + "description": "Grants permission to view a protected query", + "access_level": "Read", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetProtectedQuery.html" + }, + "GetSchema": { + "privilege": "GetSchema", + "description": "Grants permission to view details for a schema", + "access_level": "Read", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration", + "configuredtableassociation": "ConfiguredTableAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetSchema.html" + }, + "GetSchemaAnalysisRule": { + "privilege": "GetSchemaAnalysisRule", + "description": "Grants permission to view analysis rules associated with a schema", + "access_level": "Read", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cleanrooms:GetSchema" + ] + }, + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration", + "configuredtableassociation": "ConfiguredTableAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_GetSchemaAnalysisRule.html" + }, + "ListCollaborations": { + "privilege": "ListCollaborations", + "description": "Grants permission to list available collaborations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListCollaborations.html" + }, + "ListConfiguredTableAssociations": { + "privilege": "ListConfiguredTableAssociations", + "description": "Grants permission to list available configured table associations for a membership", + "access_level": "List", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListConfiguredTableAssociations.html" + }, + "ListConfiguredTables": { + "privilege": "ListConfiguredTables", + "description": "Grants permission to list available configured tables", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListConfiguredTables.html" + }, + "ListMembers": { + "privilege": "ListMembers", + "description": "Grants permission to list the members of a collaboration", + "access_level": "List", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListMembers.html" + }, + "ListMemberships": { + "privilege": "ListMemberships", + "description": "Grants permission to list available memberships", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListMemberships.html" + }, + "ListProtectedQueries": { + "privilege": "ListProtectedQueries", + "description": "Grants permission to list protected queries", + "access_level": "List", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListProtectedQueries.html" + }, + "ListSchemas": { + "privilege": "ListSchemas", + "description": "Grants permission to view available schemas for a collaboration", + "access_level": "List", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListSchemas.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "List", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Membership": { + "resource_type": "Membership", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration", + "configuredtable": "ConfiguredTable", + "configuredtableassociation": "ConfiguredTableAssociation", + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_ListTagsForResource.html" + }, + "StartProtectedQuery": { + "privilege": "StartProtectedQuery", + "description": "Grants permission to start protected queries", + "access_level": "Write", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cleanrooms:GetSchema", + "s3:GetBucketLocation", + "s3:ListBucket", + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_StartProtectedQuery.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Membership": { + "resource_type": "Membership", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration", + "configuredtable": "ConfiguredTable", + "configuredtableassociation": "ConfiguredTableAssociation", + "membership": "Membership", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Membership": { + "resource_type": "Membership", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration", + "configuredtable": "ConfiguredTable", + "configuredtableassociation": "ConfiguredTableAssociation", + "membership": "Membership", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UntagResource.html" + }, + "UpdateCollaboration": { + "privilege": "UpdateCollaboration", + "description": "Grants permission to update details of the collaboration", + "access_level": "Write", + "resource_types": { + "Collaboration": { + "resource_type": "Collaboration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "collaboration": "Collaboration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateCollaboration.html" + }, + "UpdateConfiguredTable": { + "privilege": "UpdateConfiguredTable", + "description": "Grants permission to update an existing configured table", + "access_level": "Write", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateConfiguredTable.html" + }, + "UpdateConfiguredTableAnalysisRule": { + "privilege": "UpdateConfiguredTableAnalysisRule", + "description": "Grants permission to update analysis rules for a configured table", + "access_level": "Write", + "resource_types": { + "ConfiguredTable": { + "resource_type": "ConfiguredTable", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configuredtable": "ConfiguredTable" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateConfiguredTableAnalysisRule.html" + }, + "UpdateConfiguredTableAssociation": { + "privilege": "UpdateConfiguredTableAssociation", + "description": "Grants permission to update a configured table association", + "access_level": "Write", + "resource_types": { + "ConfiguredTableAssociation": { + "resource_type": "ConfiguredTableAssociation", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "configuredtableassociation": "ConfiguredTableAssociation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateConfiguredTableAssociation.html" + }, + "UpdateMembership": { + "privilege": "UpdateMembership", + "description": "Grants permission to update details of a membership", + "access_level": "Write", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "logs:CreateLogDelivery", + "logs:CreateLogGroup", + "logs:DeleteLogDelivery", + "logs:DescribeLogGroups", + "logs:DescribeResourcePolicies", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutResourcePolicy", + "logs:UpdateLogDelivery" + ] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateMembership.html" + }, + "UpdateProtectedQuery": { + "privilege": "UpdateProtectedQuery", + "description": "Grants permission to update protected queries", + "access_level": "Write", + "resource_types": { + "Membership": { + "resource_type": "Membership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "membership": "Membership" + }, + "api_documentation_link": "https://docs.aws.amazon.com/clean-rooms/latest/apireference/API_UpdateProtectedQuery.html" + } + }, + "privileges_lower_name": { + "batchgetschema": "BatchGetSchema", + "createcollaboration": "CreateCollaboration", + "createconfiguredtable": "CreateConfiguredTable", + "createconfiguredtableanalysisrule": "CreateConfiguredTableAnalysisRule", + "createconfiguredtableassociation": "CreateConfiguredTableAssociation", + "createmembership": "CreateMembership", + "deletecollaboration": "DeleteCollaboration", + "deleteconfiguredtable": "DeleteConfiguredTable", + "deleteconfiguredtableanalysisrule": "DeleteConfiguredTableAnalysisRule", + "deleteconfiguredtableassociation": "DeleteConfiguredTableAssociation", + "deletemember": "DeleteMember", + "deletemembership": "DeleteMembership", + "getcollaboration": "GetCollaboration", + "getconfiguredtable": "GetConfiguredTable", + "getconfiguredtableanalysisrule": "GetConfiguredTableAnalysisRule", + "getconfiguredtableassociation": "GetConfiguredTableAssociation", + "getmembership": "GetMembership", + "getprotectedquery": "GetProtectedQuery", + "getschema": "GetSchema", + "getschemaanalysisrule": "GetSchemaAnalysisRule", + "listcollaborations": "ListCollaborations", + "listconfiguredtableassociations": "ListConfiguredTableAssociations", + "listconfiguredtables": "ListConfiguredTables", + "listmembers": "ListMembers", + "listmemberships": "ListMemberships", + "listprotectedqueries": "ListProtectedQueries", + "listschemas": "ListSchemas", + "listtagsforresource": "ListTagsForResource", + "startprotectedquery": "StartProtectedQuery", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecollaboration": "UpdateCollaboration", + "updateconfiguredtable": "UpdateConfiguredTable", + "updateconfiguredtableanalysisrule": "UpdateConfiguredTableAnalysisRule", + "updateconfiguredtableassociation": "UpdateConfiguredTableAssociation", + "updatemembership": "UpdateMembership", + "updateprotectedquery": "UpdateProtectedQuery" + }, + "resources": { + "Collaboration": { + "resource": "Collaboration", + "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:collaboration/${CollaborationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ConfiguredTable": { + "resource": "ConfiguredTable", + "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:configuredtable/${ConfiguredTableId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ConfiguredTableAssociation": { + "resource": "ConfiguredTableAssociation", + "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:membership/${MembershipId}/configuredtableassociation/${ConfiguredTableAssociationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Membership": { + "resource": "Membership", + "arn": "arn:${Partition}:cleanrooms:${Region}:${Account}:membership/${MembershipId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "collaboration": "Collaboration", + "configuredtable": "ConfiguredTable", + "configuredtableassociation": "ConfiguredTableAssociation", + "membership": "Membership" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "cloud9": { + "service_name": "AWS Cloud9", + "prefix": "cloud9", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloud9.html", + "privileges": { + "ActivateEC2Remote": { + "privilege": "ActivateEC2Remote", + "description": "Grants permission to start the Amazon EC2 instance that your AWS Cloud9 IDE connects to", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "CreateEnvironmentEC2": { + "privilege": "CreateEnvironmentEC2", + "description": "Grants permission to create an AWS Cloud9 development environment, launches an Amazon Elastic Compute Cloud (Amazon EC2) instance, and then hosts the environment on the instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloud9:EnvironmentName", + "cloud9:InstanceType", + "cloud9:SubnetId", + "cloud9:UserArn", + "cloud9:OwnerArn", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_CreateEnvironmentEC2.html" + }, + "CreateEnvironmentMembership": { + "privilege": "CreateEnvironmentMembership", + "description": "Grants permission to add an environment member to an AWS Cloud9 development environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloud9:UserArn", + "cloud9:EnvironmentId", + "cloud9:Permissions" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_CreateEnvironmentMembership.html" + }, + "CreateEnvironmentSSH": { + "privilege": "CreateEnvironmentSSH", + "description": "Grants permission to create an AWS Cloud9 SSH development environment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloud9:EnvironmentName", + "cloud9:OwnerArn", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "CreateEnvironmentToken": { + "privilege": "CreateEnvironmentToken", + "description": "Grants permission to create an authentication token that allows a connection between the AWS Cloud9 IDE and the user's environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete an AWS Cloud9 development environment. If the environment is hosted on an Amazon Elastic Compute Cloud (Amazon EC2) instance, also terminates the instance", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DeleteEnvironment.html" + }, + "DeleteEnvironmentMembership": { + "privilege": "DeleteEnvironmentMembership", + "description": "Grants permission to delete an environment member from an AWS Cloud9 development environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DeleteEnvironmentMembership.html" + }, + "DescribeEC2Remote": { + "privilege": "DescribeEC2Remote", + "description": "Grants permission to get details about the connection to the EC2 development environment, including host, user, and port", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "DescribeEnvironmentMemberships": { + "privilege": "DescribeEnvironmentMemberships", + "description": "Grants permission to get information about environment members for an AWS Cloud9 development environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloud9:UserArn", + "cloud9:EnvironmentId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DescribeEnvironmentMemberships.html" + }, + "DescribeEnvironmentStatus": { + "privilege": "DescribeEnvironmentStatus", + "description": "Grants permission to get status information for an AWS Cloud9 development environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DescribeEnvironmentStatus.html" + }, + "DescribeEnvironments": { + "privilege": "DescribeEnvironments", + "description": "Grants permission to get information about AWS Cloud9 development environments", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_DescribeEnvironments.html" + }, + "DescribeSSHRemote": { + "privilege": "DescribeSSHRemote", + "description": "Grants permission to get details about the connection to the SSH development environment, including host, user, and port", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "GetEnvironmentConfig": { + "privilege": "GetEnvironmentConfig", + "description": "Grants permission to get configuration information that's used to initialize the AWS Cloud9 IDE", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "GetEnvironmentSettings": { + "privilege": "GetEnvironmentSettings", + "description": "Grants permission to get the AWS Cloud9 IDE settings for a specified development environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "GetMembershipSettings": { + "privilege": "GetMembershipSettings", + "description": "Grants permission to get the AWS Cloud9 IDE settings for a specified environment member", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "GetMigrationExperiences": { + "privilege": "GetMigrationExperiences", + "description": "Grants permission to get the migration experience for a cloud9 user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "GetUserPublicKey": { + "privilege": "GetUserPublicKey", + "description": "Grants permission to get the user's public SSH key, which is used by AWS Cloud9 to connect to SSH development environments", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloud9:UserArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "GetUserSettings": { + "privilege": "GetUserSettings", + "description": "Grants permission to get the AWS Cloud9 IDE settings for a specified user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "ListEnvironments": { + "privilege": "ListEnvironments", + "description": "Grants permission to get a list of AWS Cloud9 development environment identifiers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_ListEnvironments.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a cloud9 environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_ListTagsForResource.html" + }, + "ModifyTemporaryCredentialsOnEnvironmentEC2": { + "privilege": "ModifyTemporaryCredentialsOnEnvironmentEC2", + "description": "Grants permission to set AWS managed temporary credentials on the Amazon EC2 instance that's used by the AWS Cloud9 integrated development environment (IDE)", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a cloud9 environment", + "access_level": "Tagging", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a cloud9 environment", + "access_level": "Tagging", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_UntagResource.html" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to change the settings of an existing AWS Cloud9 development environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_UpdateEnvironment.html" + }, + "UpdateEnvironmentMembership": { + "privilege": "UpdateEnvironmentMembership", + "description": "Grants permission to change the settings of an existing environment member for an AWS Cloud9 development environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloud9:UserArn", + "cloud9:EnvironmentId", + "cloud9:Permissions" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/APIReference/API_UpdateEnvironmentMembership.html" + }, + "UpdateEnvironmentSettings": { + "privilege": "UpdateEnvironmentSettings", + "description": "Grants permission to update the AWS Cloud9 IDE settings for a specified development environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "UpdateMembershipSettings": { + "privilege": "UpdateMembershipSettings", + "description": "Grants permission to update the AWS Cloud9 IDE settings for a specified environment member", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "UpdateSSHRemote": { + "privilege": "UpdateSSHRemote", + "description": "Grants permission to update details about the connection to the SSH development environment, including host, user, and port", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "UpdateUserSettings": { + "privilege": "UpdateUserSettings", + "description": "Grants permission to update IDE-specific settings of an AWS Cloud9 user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + }, + "ValidateEnvironmentName": { + "privilege": "ValidateEnvironmentName", + "description": "Grants permission to validate the environment name during the process of creating an AWS Cloud9 development environment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud9/latest/user-guide/security-iam.html#auth-and-access-control-ref-matrix" + } + }, + "privileges_lower_name": { + "activateec2remote": "ActivateEC2Remote", + "createenvironmentec2": "CreateEnvironmentEC2", + "createenvironmentmembership": "CreateEnvironmentMembership", + "createenvironmentssh": "CreateEnvironmentSSH", + "createenvironmenttoken": "CreateEnvironmentToken", + "deleteenvironment": "DeleteEnvironment", + "deleteenvironmentmembership": "DeleteEnvironmentMembership", + "describeec2remote": "DescribeEC2Remote", + "describeenvironmentmemberships": "DescribeEnvironmentMemberships", + "describeenvironmentstatus": "DescribeEnvironmentStatus", + "describeenvironments": "DescribeEnvironments", + "describesshremote": "DescribeSSHRemote", + "getenvironmentconfig": "GetEnvironmentConfig", + "getenvironmentsettings": "GetEnvironmentSettings", + "getmembershipsettings": "GetMembershipSettings", + "getmigrationexperiences": "GetMigrationExperiences", + "getuserpublickey": "GetUserPublicKey", + "getusersettings": "GetUserSettings", + "listenvironments": "ListEnvironments", + "listtagsforresource": "ListTagsForResource", + "modifytemporarycredentialsonenvironmentec2": "ModifyTemporaryCredentialsOnEnvironmentEC2", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateenvironment": "UpdateEnvironment", + "updateenvironmentmembership": "UpdateEnvironmentMembership", + "updateenvironmentsettings": "UpdateEnvironmentSettings", + "updatemembershipsettings": "UpdateMembershipSettings", + "updatesshremote": "UpdateSSHRemote", + "updateusersettings": "UpdateUserSettings", + "validateenvironmentname": "ValidateEnvironmentName" + }, + "resources": { + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:cloud9:${Region}:${Account}:environment:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "environment": "environment" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "cloud9:EnvironmentId": { + "condition": "cloud9:EnvironmentId", + "description": "Filters access by the AWS Cloud9 environment ID", + "type": "String" + }, + "cloud9:EnvironmentName": { + "condition": "cloud9:EnvironmentName", + "description": "Filters access by the AWS Cloud9 environment name", + "type": "String" + }, + "cloud9:InstanceType": { + "condition": "cloud9:InstanceType", + "description": "Filters access by the instance type of the AWS Cloud9 environment's Amazon EC2 instance", + "type": "String" + }, + "cloud9:OwnerArn": { + "condition": "cloud9:OwnerArn", + "description": "Filters access by the owner ARN specified", + "type": "ARN" + }, + "cloud9:Permissions": { + "condition": "cloud9:Permissions", + "description": "Filters access by the type of AWS Cloud9 permissions", + "type": "String" + }, + "cloud9:SubnetId": { + "condition": "cloud9:SubnetId", + "description": "Filters access by the subnet ID that the AWS Cloud9 environment will be created in", + "type": "String" + }, + "cloud9:UserArn": { + "condition": "cloud9:UserArn", + "description": "Filters access by the user ARN specified", + "type": "ARN" + } + } + }, + "cloudformation": { + "service_name": "AWS Cloud Control API", + "prefix": "cloudformation", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudcontrolapi.html", + "privileges": { + "CancelResourceRequest": { + "privilege": "CancelResourceRequest", + "description": "Grants permission to cancel resource requests in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_CancelResourceRequest.html" + }, + "CreateResource": { + "privilege": "CreateResource", + "description": "Grants permission to create resources in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_CreateResource.html" + }, + "DeleteResource": { + "privilege": "DeleteResource", + "description": "Grants permission to delete resources in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_DeleteResource.html" + }, + "GetResource": { + "privilege": "GetResource", + "description": "Grants permission to get resources in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_GetResource.html" + }, + "GetResourceRequestStatus": { + "privilege": "GetResourceRequestStatus", + "description": "Grants permission to get resource requests in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_GetResourceRequestStatus.html" + }, + "ListResourceRequests": { + "privilege": "ListResourceRequests", + "description": "Grants permission to list resource requests in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_ListResourceRequests.html" + }, + "ListResources": { + "privilege": "ListResources", + "description": "Grants permission to list resources in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_ListResources.html" + }, + "UpdateResource": { + "privilege": "UpdateResource", + "description": "Grants permission to update resources in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudcontrolapi/latest/APIReference/API_UpdateResource.html" + }, + "ActivateOrganizationsAccess": { + "privilege": "ActivateOrganizationsAccess", + "description": "Grants permission to activate trusted access between StackSets and Organizations. With trusted access between StackSets and Organizations activated, the management account has permissions to create and manage StackSets for your organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ActivateOrganizationsAccess.html" + }, + "ActivateType": { + "privilege": "ActivateType", + "description": "Grants permission to activate a public third-party extension, making it available for use in stack templates", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ActivateType.html" + }, + "BatchDescribeTypeConfigurations": { + "privilege": "BatchDescribeTypeConfigurations", + "description": "Grants permission to return configuration data for the specified CloudFormation extensions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_BatchDescribeTypeConfigurations.html" + }, + "CancelUpdateStack": { + "privilege": "CancelUpdateStack", + "description": "Grants permission to cancel an update on the specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CancelUpdateStack.html" + }, + "ContinueUpdateRollback": { + "privilege": "ContinueUpdateRollback", + "description": "Grants permission to continue rolling back a stack that is in the UPDATE_ROLLBACK_FAILED state to the UPDATE_ROLLBACK_COMPLETE state", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:RoleArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ContinueUpdateRollback.html" + }, + "CreateChangeSet": { + "privilege": "CreateChangeSet", + "description": "Grants permission to create a list of changes for a stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:ChangeSetName", + "cloudformation:ResourceTypes", + "cloudformation:ImportResourceTypes", + "cloudformation:RoleArn", + "cloudformation:StackPolicyUrl", + "cloudformation:TemplateUrl", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateChangeSet.html" + }, + "CreateStack": { + "privilege": "CreateStack", + "description": "Grants permission to create a stack as specified in the template", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:ResourceTypes", + "cloudformation:RoleArn", + "cloudformation:StackPolicyUrl", + "cloudformation:TemplateUrl", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStack.html" + }, + "CreateStackInstances": { + "privilege": "CreateStackInstances", + "description": "Grants permission to create stack instances for the specified accounts, within the specified regions", + "access_level": "Write", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stackset-target": { + "resource_type": "stackset-target", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "type": { + "resource_type": "type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "cloudformation:TargetRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset", + "stackset-target": "stackset-target", + "type": "type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStackInstances.html" + }, + "CreateStackSet": { + "privilege": "CreateStackSet", + "description": "Grants permission to create a stackset as specified in the template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:RoleArn", + "cloudformation:TemplateUrl", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStackSet.html" + }, + "CreateUploadBucket": { + "privilege": "CreateUploadBucket", + "description": "Grants permission to upload templates to Amazon S3 buckets. Used only by the AWS CloudFormation console and is not documented in the API reference", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html" + }, + "DeactivateOrganizationsAccess": { + "privilege": "DeactivateOrganizationsAccess", + "description": "Grants permission to deactivate trusted access between StackSets and Organizations. If trusted access is deactivated, the management account does not have permissions to create and manage service-managed StackSets for your organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeactivateOrganizationsAccess.html" + }, + "DeactivateType": { + "privilege": "DeactivateType", + "description": "Grants permission to deactivate a public extension that was previously activated in this account and region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeactivateType.html" + }, + "DeleteChangeSet": { + "privilege": "DeleteChangeSet", + "description": "Grants permission to delete the specified change set. Deleting change sets ensures that no one executes the wrong change set", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:ChangeSetName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteChangeSet.html" + }, + "DeleteStack": { + "privilege": "DeleteStack", + "description": "Grants permission to delete a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:RoleArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteStack.html" + }, + "DeleteStackInstances": { + "privilege": "DeleteStackInstances", + "description": "Grants permission to delete stack instances for the specified accounts, in the specified regions", + "access_level": "Write", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stackset-target": { + "resource_type": "stackset-target", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "type": { + "resource_type": "type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:TargetRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset", + "stackset-target": "stackset-target", + "type": "type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteStackInstances.html" + }, + "DeleteStackSet": { + "privilege": "DeleteStackSet", + "description": "Grants permission to delete a specified stackset", + "access_level": "Write", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeleteStackSet.html" + }, + "DeregisterType": { + "privilege": "DeregisterType", + "description": "Grants permission to deregister an existing CloudFormation type or type version", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DeregisterType.html" + }, + "DescribeAccountLimits": { + "privilege": "DescribeAccountLimits", + "description": "Grants permission to retrieve your account's AWS CloudFormation limits", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeAccountLimits.html" + }, + "DescribeChangeSet": { + "privilege": "DescribeChangeSet", + "description": "Grants permission to return the description for the specified change set", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:ChangeSetName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeChangeSet.html" + }, + "DescribeChangeSetHooks": { + "privilege": "DescribeChangeSetHooks", + "description": "Grants permission to return the Hook invocation information for the specified change set", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:ChangeSetName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeChangeSetHooks.html" + }, + "DescribeOrganizationsAccess": { + "privilege": "DescribeOrganizationsAccess", + "description": "Grants permission to return information about the account's OrganizationAccess status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeOrganizationsAccess.html" + }, + "DescribePublisher": { + "privilege": "DescribePublisher", + "description": "Grants permission to return information about a CloudFormation extension publisher", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribePublisher.html" + }, + "DescribeStackDriftDetectionStatus": { + "privilege": "DescribeStackDriftDetectionStatus", + "description": "Grants permission to return information about a stack drift detection operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackDriftDetectionStatus.html" + }, + "DescribeStackEvents": { + "privilege": "DescribeStackEvents", + "description": "Grants permission to return all stack related events for a specified stack", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackEvents.html" + }, + "DescribeStackInstance": { + "privilege": "DescribeStackInstance", + "description": "Grants permission to return the stack instance that's associated with the specified stack set, AWS account, and region", + "access_level": "Read", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackInstance.html" + }, + "DescribeStackResource": { + "privilege": "DescribeStackResource", + "description": "Grants permission to return a description of the specified resource in the specified stack", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackResource.html" + }, + "DescribeStackResourceDrifts": { + "privilege": "DescribeStackResourceDrifts", + "description": "Grants permission to return drift information for the resources that have been checked for drift in the specified stack", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackResourceDrifts.html" + }, + "DescribeStackResources": { + "privilege": "DescribeStackResources", + "description": "Grants permission to return AWS resource descriptions for running and deleted stacks", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackResources.html" + }, + "DescribeStackSet": { + "privilege": "DescribeStackSet", + "description": "Grants permission to return the description of the specified stack set", + "access_level": "Read", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackSet.html" + }, + "DescribeStackSetOperation": { + "privilege": "DescribeStackSetOperation", + "description": "Grants permission to return the description of the specified stack set operation", + "access_level": "Read", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStackSetOperation.html" + }, + "DescribeStacks": { + "privilege": "DescribeStacks", + "description": "Grants permission to return the description for the specified stack, and to all stacks when used in combination with the ListStacks action", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:ListStacks" + ] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeStacks.html" + }, + "DescribeType": { + "privilege": "DescribeType", + "description": "Grants permission to return information about the CloudFormation type requested", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeType.html" + }, + "DescribeTypeRegistration": { + "privilege": "DescribeTypeRegistration", + "description": "Grants permission to return information about the registration process for a CloudFormation type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeTypeRegistration.html" + }, + "DetectStackDrift": { + "privilege": "DetectStackDrift", + "description": "Grants permission to detects whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DetectStackDrift.html" + }, + "DetectStackResourceDrift": { + "privilege": "DetectStackResourceDrift", + "description": "Grants permission to return information about whether a resource's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DetectStackResourceDrift.html" + }, + "DetectStackSetDrift": { + "privilege": "DetectStackSetDrift", + "description": "Grants permission to enable users to detect drift on a stack set and the stack instances that belong to that stack set", + "access_level": "Read", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DetectStackSetDrift.html" + }, + "EstimateTemplateCost": { + "privilege": "EstimateTemplateCost", + "description": "Grants permission to return the estimated monthly cost of a template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:TemplateUrl" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_EstimateTemplateCost.html" + }, + "ExecuteChangeSet": { + "privilege": "ExecuteChangeSet", + "description": "Grants permission to update a stack using the input information that was provided when the specified change set was created", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:ChangeSetName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ExecuteChangeSet.html" + }, + "GetStackPolicy": { + "privilege": "GetStackPolicy", + "description": "Grants permission to return the stack policy for a specified stack", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_GetStackPolicy.html" + }, + "GetTemplate": { + "privilege": "GetTemplate", + "description": "Grants permission to return the template body for a specified stack", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_GetTemplate.html" + }, + "GetTemplateSummary": { + "privilege": "GetTemplateSummary", + "description": "Grants permission to return information about a new or existing template", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stackset": { + "resource_type": "stackset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:TemplateUrl" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "stackset": "stackset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_GetTemplateSummary.html" + }, + "ImportStacksToStackSet": { + "privilege": "ImportStacksToStackSet", + "description": "Grants permission to enable users to import existing stacks to a new or existing stackset", + "access_level": "Write", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ImportStacksToStackSet.html" + }, + "ListChangeSets": { + "privilege": "ListChangeSets", + "description": "Grants permission to return the ID and status of each active change set for a stack. For example, AWS CloudFormation lists change sets that are in the CREATE_IN_PROGRESS or CREATE_PENDING state", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListChangeSets.html" + }, + "ListExports": { + "privilege": "ListExports", + "description": "Grants permission to list all exported output values in the account and region in which you call this action", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListExports.html" + }, + "ListImports": { + "privilege": "ListImports", + "description": "Grants permission to list all stacks that are importing an exported output value", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListImports.html" + }, + "ListStackInstanceResourceDrifts": { + "privilege": "ListStackInstanceResourceDrifts", + "description": "Grants permission to return drift information for the resources that have been checked for drift in the specified stack instance", + "access_level": "List", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackInstanceResourceDrifts.html" + }, + "ListStackInstances": { + "privilege": "ListStackInstances", + "description": "Grants permission to return summary information about stack instances that are associated with the specified stack set", + "access_level": "List", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSets.html" + }, + "ListStackResources": { + "privilege": "ListStackResources", + "description": "Grants permission to return descriptions of all resources of the specified stack", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackResources.html" + }, + "ListStackSetOperationResults": { + "privilege": "ListStackSetOperationResults", + "description": "Grants permission to return summary information about the results of a stack set operation", + "access_level": "List", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSetOperationResults.html" + }, + "ListStackSetOperations": { + "privilege": "ListStackSetOperations", + "description": "Grants permission to return summary information about operations performed on a stack set", + "access_level": "List", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSetOperations.html" + }, + "ListStackSets": { + "privilege": "ListStackSets", + "description": "Grants permission to return summary information about stack sets that are associated with the user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStackSets.html" + }, + "ListStacks": { + "privilege": "ListStacks", + "description": "Grants permission to return the summary information for stacks whose status matches the specified StackStatusFilter. In combination with the DescribeStacks action, grants permission to list descriptions for stacks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListStacks.html" + }, + "ListTypeRegistrations": { + "privilege": "ListTypeRegistrations", + "description": "Grants permission to list CloudFormation type registration attempts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListTypeRegistrations.html" + }, + "ListTypeVersions": { + "privilege": "ListTypeVersions", + "description": "Grants permission to list versions of a particular CloudFormation type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListTypeVersions.html" + }, + "ListTypes": { + "privilege": "ListTypes", + "description": "Grants permission to list available CloudFormation types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ListTypes.html" + }, + "PublishType": { + "privilege": "PublishType", + "description": "Grants permission to publish the specified extension to the CloudFormation registry as a public extension in this region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_PublishType.html" + }, + "RecordHandlerProgress": { + "privilege": "RecordHandlerProgress", + "description": "Grants permission to record the handler progress", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RecordHandlerProgress.html" + }, + "RegisterPublisher": { + "privilege": "RegisterPublisher", + "description": "Grants permission to register account as a publisher of public extensions in the CloudFormation registry", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterPublisher.html" + }, + "RegisterType": { + "privilege": "RegisterType", + "description": "Grants permission to register a new CloudFormation type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterType.html" + }, + "RollbackStack": { + "privilege": "RollbackStack", + "description": "Grants permission to rollback the stack to the last stable state", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:RoleArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RollbackStack.html" + }, + "SetStackPolicy": { + "privilege": "SetStackPolicy", + "description": "Grants permission to set a stack policy for a specified stack", + "access_level": "Permissions management", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:StackPolicyUrl" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetStackPolicy.html" + }, + "SetTypeConfiguration": { + "privilege": "SetTypeConfiguration", + "description": "Grants permission to set the configuration data for a registered CloudFormation extension, in the given account and region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetTypeConfiguration.html" + }, + "SetTypeDefaultVersion": { + "privilege": "SetTypeDefaultVersion", + "description": "Grants permission to set which version of a CloudFormation type applies to CloudFormation operations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetTypeDefaultVersion.html" + }, + "SignalResource": { + "privilege": "SignalResource", + "description": "Grants permission to send a signal to the specified resource with a success or failure status", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SignalResource.html" + }, + "StopStackSetOperation": { + "privilege": "StopStackSetOperation", + "description": "Grants permission to stop an in-progress operation on a stack set and its associated stack instances", + "access_level": "Write", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_StopStackSetOperation.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag cloudformation resources", + "access_level": "Tagging", + "resource_types": { + "changeset": { + "resource_type": "changeset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stackset": { + "resource_type": "stackset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "changeset": "changeset", + "stack": "stack", + "stackset": "stackset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_TagResource.html" + }, + "TestType": { + "privilege": "TestType", + "description": "Grants permission to test a registered extension to make sure it meets all necessary requirements for being published in the CloudFormation registry", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_TestType.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag cloudformation resources", + "access_level": "Tagging", + "resource_types": { + "changeset": { + "resource_type": "changeset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stackset": { + "resource_type": "stackset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "changeset": "changeset", + "stack": "stack", + "stackset": "stackset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UntagResource.html" + }, + "UpdateStack": { + "privilege": "UpdateStack", + "description": "Grants permission to update a stack as specified in the template", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:ResourceTypes", + "cloudformation:RoleArn", + "cloudformation:StackPolicyUrl", + "cloudformation:TemplateUrl", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStack.html" + }, + "UpdateStackInstances": { + "privilege": "UpdateStackInstances", + "description": "Grants permission to update the parameter values for stack instances for the specified accounts, within the specified regions", + "access_level": "Write", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stackset-target": { + "resource_type": "stackset-target", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "type": { + "resource_type": "type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:TargetRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset", + "stackset-target": "stackset-target", + "type": "type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStackInstances.html" + }, + "UpdateStackSet": { + "privilege": "UpdateStackSet", + "description": "Grants permission to update a stackset as specified in the template", + "access_level": "Write", + "resource_types": { + "stackset": { + "resource_type": "stackset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "stackset-target": { + "resource_type": "stackset-target", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "type": { + "resource_type": "type", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:RoleArn", + "cloudformation:TemplateUrl", + "cloudformation:TargetRegion", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stackset": "stackset", + "stackset-target": "stackset-target", + "type": "type", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStackSet.html" + }, + "UpdateTerminationProtection": { + "privilege": "UpdateTerminationProtection", + "description": "Grants permission to update termination protection for the specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateTerminationProtection.html" + }, + "ValidateTemplate": { + "privilege": "ValidateTemplate", + "description": "Grants permission to validate a specified template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cloudformation:TemplateUrl" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ValidateTemplate.html" + } + }, + "privileges_lower_name": { + "cancelresourcerequest": "CancelResourceRequest", + "createresource": "CreateResource", + "deleteresource": "DeleteResource", + "getresource": "GetResource", + "getresourcerequeststatus": "GetResourceRequestStatus", + "listresourcerequests": "ListResourceRequests", + "listresources": "ListResources", + "updateresource": "UpdateResource", + "activateorganizationsaccess": "ActivateOrganizationsAccess", + "activatetype": "ActivateType", + "batchdescribetypeconfigurations": "BatchDescribeTypeConfigurations", + "cancelupdatestack": "CancelUpdateStack", + "continueupdaterollback": "ContinueUpdateRollback", + "createchangeset": "CreateChangeSet", + "createstack": "CreateStack", + "createstackinstances": "CreateStackInstances", + "createstackset": "CreateStackSet", + "createuploadbucket": "CreateUploadBucket", + "deactivateorganizationsaccess": "DeactivateOrganizationsAccess", + "deactivatetype": "DeactivateType", + "deletechangeset": "DeleteChangeSet", + "deletestack": "DeleteStack", + "deletestackinstances": "DeleteStackInstances", + "deletestackset": "DeleteStackSet", + "deregistertype": "DeregisterType", + "describeaccountlimits": "DescribeAccountLimits", + "describechangeset": "DescribeChangeSet", + "describechangesethooks": "DescribeChangeSetHooks", + "describeorganizationsaccess": "DescribeOrganizationsAccess", + "describepublisher": "DescribePublisher", + "describestackdriftdetectionstatus": "DescribeStackDriftDetectionStatus", + "describestackevents": "DescribeStackEvents", + "describestackinstance": "DescribeStackInstance", + "describestackresource": "DescribeStackResource", + "describestackresourcedrifts": "DescribeStackResourceDrifts", + "describestackresources": "DescribeStackResources", + "describestackset": "DescribeStackSet", + "describestacksetoperation": "DescribeStackSetOperation", + "describestacks": "DescribeStacks", + "describetype": "DescribeType", + "describetyperegistration": "DescribeTypeRegistration", + "detectstackdrift": "DetectStackDrift", + "detectstackresourcedrift": "DetectStackResourceDrift", + "detectstacksetdrift": "DetectStackSetDrift", + "estimatetemplatecost": "EstimateTemplateCost", + "executechangeset": "ExecuteChangeSet", + "getstackpolicy": "GetStackPolicy", + "gettemplate": "GetTemplate", + "gettemplatesummary": "GetTemplateSummary", + "importstackstostackset": "ImportStacksToStackSet", + "listchangesets": "ListChangeSets", + "listexports": "ListExports", + "listimports": "ListImports", + "liststackinstanceresourcedrifts": "ListStackInstanceResourceDrifts", + "liststackinstances": "ListStackInstances", + "liststackresources": "ListStackResources", + "liststacksetoperationresults": "ListStackSetOperationResults", + "liststacksetoperations": "ListStackSetOperations", + "liststacksets": "ListStackSets", + "liststacks": "ListStacks", + "listtyperegistrations": "ListTypeRegistrations", + "listtypeversions": "ListTypeVersions", + "listtypes": "ListTypes", + "publishtype": "PublishType", + "recordhandlerprogress": "RecordHandlerProgress", + "registerpublisher": "RegisterPublisher", + "registertype": "RegisterType", + "rollbackstack": "RollbackStack", + "setstackpolicy": "SetStackPolicy", + "settypeconfiguration": "SetTypeConfiguration", + "settypedefaultversion": "SetTypeDefaultVersion", + "signalresource": "SignalResource", + "stopstacksetoperation": "StopStackSetOperation", + "tagresource": "TagResource", + "testtype": "TestType", + "untagresource": "UntagResource", + "updatestack": "UpdateStack", + "updatestackinstances": "UpdateStackInstances", + "updatestackset": "UpdateStackSet", + "updateterminationprotection": "UpdateTerminationProtection", + "validatetemplate": "ValidateTemplate" + }, + "resources": { + "changeset": { + "resource": "changeset", + "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:changeSet/${ChangeSetName}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stack": { + "resource": "stack", + "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:stack/${StackName}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stackset": { + "resource": "stackset", + "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:stackset/${StackSetName}:${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stackset-target": { + "resource": "stackset-target", + "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:stackset-target/${StackSetTarget}", + "condition_keys": [] + }, + "type": { + "resource": "type", + "arn": "arn:${Partition}:cloudformation:${Region}:${Account}:type/resource/${Type}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "changeset": "changeset", + "stack": "stack", + "stackset": "stackset", + "stackset-target": "stackset-target", + "type": "type" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "cloudformation:ChangeSetName": { + "condition": "cloudformation:ChangeSetName", + "description": "Filters access by an AWS CloudFormation change set name. Use to control which change sets IAM users can execute or delete", + "type": "String" + }, + "cloudformation:ImportResourceTypes": { + "condition": "cloudformation:ImportResourceTypes", + "description": "Filters access by the template resource types, such as AWS::EC2::Instance. Use to control which resource types IAM users can work with when they want to import a resource into a stack", + "type": "String" + }, + "cloudformation:ResourceTypes": { + "condition": "cloudformation:ResourceTypes", + "description": "Filters access by the template resource types, such as AWS::EC2::Instance. Use to control which resource types IAM users can work with when they create or update a stack", + "type": "ArrayOfString" + }, + "cloudformation:RoleArn": { + "condition": "cloudformation:RoleArn", + "description": "Filters access by the ARN of an IAM service role. Use to control which service role IAM users can use to work with stacks or change sets", + "type": "ARN" + }, + "cloudformation:StackPolicyUrl": { + "condition": "cloudformation:StackPolicyUrl", + "description": "Filters access by an Amazon S3 stack policy URL. Use to control which stack policies IAM users can associate with a stack during a create or update stack action", + "type": "String" + }, + "cloudformation:TargetRegion": { + "condition": "cloudformation:TargetRegion", + "description": "Filters access by stack set target region. Use to control which regions IAM users can use when they create or update stack sets", + "type": "ArrayOfString" + }, + "cloudformation:TemplateUrl": { + "condition": "cloudformation:TemplateUrl", + "description": "Filters access by an Amazon S3 template URL. Use to control which templates IAM users can use when they create or update stacks", + "type": "String" + } + } + }, + "cloudhsm": { + "service_name": "AWS CloudHSM", + "prefix": "cloudhsm", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudhsm.html", + "privileges": { + "AddTagsToResource": { + "privilege": "AddTagsToResource", + "description": "Adds or overwrites one or more tags for the specified AWS CloudHSM resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_AddTagsToResource.html" + }, + "CopyBackupToRegion": { + "privilege": "CopyBackupToRegion", + "description": "Creates a copy of a backup in the specified region", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CopyBackupToRegion.html" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Creates a new AWS CloudHSM cluster", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateCluster.html" + }, + "CreateHapg": { + "privilege": "CreateHapg", + "description": "Creates a high-availability partition group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_CreateHapg.html" + }, + "CreateHsm": { + "privilege": "CreateHsm", + "description": "Creates a new hardware security module (HSM) in the specified AWS CloudHSM cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html" + }, + "CreateLunaClient": { + "privilege": "CreateLunaClient", + "description": "Creates an HSM client", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_CreateLunaClient.html" + }, + "DeleteBackup": { + "privilege": "DeleteBackup", + "description": "Deletes the specified CloudHSM backup", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DeleteBackup.html" + }, + "DeleteCluster": { + "privilege": "DeleteCluster", + "description": "Deletes the specified AWS CloudHSM cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DeleteCluster.html" + }, + "DeleteHapg": { + "privilege": "DeleteHapg", + "description": "Deletes a high-availability partition group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DeleteHapg.html" + }, + "DeleteHsm": { + "privilege": "DeleteHsm", + "description": "Deletes the specified HSM", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DeleteHsm.html" + }, + "DeleteLunaClient": { + "privilege": "DeleteLunaClient", + "description": "Deletes a client", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DeleteLunaClient.html" + }, + "DescribeBackups": { + "privilege": "DescribeBackups", + "description": "Gets information about backups of AWS CloudHSM clusters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeBackups.html" + }, + "DescribeClusters": { + "privilege": "DescribeClusters", + "description": "Gets information about AWS CloudHSM clusters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html" + }, + "DescribeHapg": { + "privilege": "DescribeHapg", + "description": "Retrieves information about a high-availability partition group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DescribeHapg.html" + }, + "DescribeHsm": { + "privilege": "DescribeHsm", + "description": "Retrieves information about an HSM. You can identify the HSM by its ARN or its serial number", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DescribeHsm.html" + }, + "DescribeLunaClient": { + "privilege": "DescribeLunaClient", + "description": "Retrieves information about an HSM client", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_DescribeLunaClient.html" + }, + "GetConfig": { + "privilege": "GetConfig", + "description": "Gets the configuration files necessary to connect to all high availability partition groups the client is associated with", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_GetConfig.html" + }, + "InitializeCluster": { + "privilege": "InitializeCluster", + "description": "Claims an AWS CloudHSM cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_InitializeCluster.html" + }, + "ListAvailableZones": { + "privilege": "ListAvailableZones", + "description": "Lists the Availability Zones that have available AWS CloudHSM capacity", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListAvailableZones.html" + }, + "ListHapgs": { + "privilege": "ListHapgs", + "description": "Lists the high-availability partition groups for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListHapgs.html" + }, + "ListHsms": { + "privilege": "ListHsms", + "description": "Retrieves the identifiers of all of the HSMs provisioned for the current customer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListHsms.html" + }, + "ListLunaClients": { + "privilege": "ListLunaClients", + "description": "Lists all of the clients", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListLunaClients.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Gets a list of tags for the specified AWS CloudHSM cluster", + "access_level": "Read", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_ListTags.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Returns a list of all tags for the specified AWS CloudHSM resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ListTagsForResource.html" + }, + "ModifyBackupAttributes": { + "privilege": "ModifyBackupAttributes", + "description": "Modifies attributes for AWS CloudHSM backup", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_ModifyBackupAttributes.html" + }, + "ModifyCluster": { + "privilege": "ModifyCluster", + "description": "Modifies AWS CloudHSM cluster", + "access_level": "Write", + "resource_types": { + "cluster": { + "resource_type": "cluster", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cluster": "cluster" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_ModifyCluster.html" + }, + "ModifyHapg": { + "privilege": "ModifyHapg", + "description": "Modifies an existing high-availability partition group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ModifyHapg.html" + }, + "ModifyHsm": { + "privilege": "ModifyHsm", + "description": "Modifies an HSM", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ModifyHsm.html" + }, + "ModifyLunaClient": { + "privilege": "ModifyLunaClient", + "description": "Modifies the certificate used by the client", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_ModifyLunaClient.html" + }, + "RemoveTagsFromResource": { + "privilege": "RemoveTagsFromResource", + "description": "Removes one or more tags from the specified AWS CloudHSM resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/classic/APIReference/API_RemoveTagsFromResource.html" + }, + "RestoreBackup": { + "privilege": "RestoreBackup", + "description": "Restores the specified CloudHSM backup", + "access_level": "Write", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_RestoreBackup.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Adds or overwrites one or more tags for the specified AWS CloudHSM cluster", + "access_level": "Tagging", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Removes the specified tag or tags from the specified AWS CloudHSM cluster", + "access_level": "Tagging", + "resource_types": { + "backup": { + "resource_type": "backup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cluster": { + "resource_type": "cluster", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "backup": "backup", + "cluster": "cluster", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "addtagstoresource": "AddTagsToResource", + "copybackuptoregion": "CopyBackupToRegion", + "createcluster": "CreateCluster", + "createhapg": "CreateHapg", + "createhsm": "CreateHsm", + "createlunaclient": "CreateLunaClient", + "deletebackup": "DeleteBackup", + "deletecluster": "DeleteCluster", + "deletehapg": "DeleteHapg", + "deletehsm": "DeleteHsm", + "deletelunaclient": "DeleteLunaClient", + "describebackups": "DescribeBackups", + "describeclusters": "DescribeClusters", + "describehapg": "DescribeHapg", + "describehsm": "DescribeHsm", + "describelunaclient": "DescribeLunaClient", + "getconfig": "GetConfig", + "initializecluster": "InitializeCluster", + "listavailablezones": "ListAvailableZones", + "listhapgs": "ListHapgs", + "listhsms": "ListHsms", + "listlunaclients": "ListLunaClients", + "listtags": "ListTags", + "listtagsforresource": "ListTagsForResource", + "modifybackupattributes": "ModifyBackupAttributes", + "modifycluster": "ModifyCluster", + "modifyhapg": "ModifyHapg", + "modifyhsm": "ModifyHsm", + "modifylunaclient": "ModifyLunaClient", + "removetagsfromresource": "RemoveTagsFromResource", + "restorebackup": "RestoreBackup", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "backup": { + "resource": "backup", + "arn": "arn:${Partition}:cloudhsm:${Region}:${Account}:backup/${CloudHsmBackupInstanceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "cluster": { + "resource": "cluster", + "arn": "arn:${Partition}:cloudhsm:${Region}:${Account}:cluster/${CloudHsmClusterInstanceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "backup": "backup", + "cluster": "cluster" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "servicediscovery": { + "service_name": "AWS Cloud Map", + "prefix": "servicediscovery", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudmap.html", + "privileges": { + "CreateHttpNamespace": { + "privilege": "CreateHttpNamespace", + "description": "Grants permission to create an HTTP namespace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateHttpNamespace.html" + }, + "CreatePrivateDnsNamespace": { + "privilege": "CreatePrivateDnsNamespace", + "description": "Grants permission to create a private namespace based on DNS, which will be visible only inside a specified Amazon VPC", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreatePrivateDnsNamespace.html" + }, + "CreatePublicDnsNamespace": { + "privilege": "CreatePublicDnsNamespace", + "description": "Grants permission to create a public namespace based on DNS, which will be visible on the internet", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreatePublicDnsNamespace.html" + }, + "CreateService": { + "privilege": "CreateService", + "description": "Grants permission to create a service", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:NamespaceArn", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html" + }, + "DeleteNamespace": { + "privilege": "DeleteNamespace", + "description": "Grants permission to delete a specified namespace", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DeleteNamespace.html" + }, + "DeleteService": { + "privilege": "DeleteService", + "description": "Grants permission to delete a specified service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DeleteService.html" + }, + "DeregisterInstance": { + "privilege": "DeregisterInstance", + "description": "Grants permission to delete the records and the health check, if any, that Amazon Route 53 created for the specified instance", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:ServiceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DeregisterInstance.html" + }, + "DiscoverInstances": { + "privilege": "DiscoverInstances", + "description": "Grants permission to discover registered instances for a specified namespace and service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:NamespaceName", + "servicediscovery:ServiceName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html" + }, + "GetInstance": { + "privilege": "GetInstance", + "description": "Grants permission to get information about a specified instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:ServiceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetInstance.html" + }, + "GetInstancesHealthStatus": { + "privilege": "GetInstancesHealthStatus", + "description": "Grants permission to get the current health status (Healthy, Unhealthy, or Unknown) of one or more instances", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:ServiceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetInstancesHealthStatus.html" + }, + "GetNamespace": { + "privilege": "GetNamespace", + "description": "Grants permission to get information about a namespace", + "access_level": "Read", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetNamespace.html" + }, + "GetOperation": { + "privilege": "GetOperation", + "description": "Grants permission to get information about a specific operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetOperation.html" + }, + "GetService": { + "privilege": "GetService", + "description": "Grants permission to get the settings for a specified service", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_GetService.html" + }, + "ListInstances": { + "privilege": "ListInstances", + "description": "Grants permission to get summary information about the instances that were registered with a specified service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:ServiceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListInstances.html" + }, + "ListNamespaces": { + "privilege": "ListNamespaces", + "description": "Grants permission to get information about the namespaces", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListNamespaces.html" + }, + "ListOperations": { + "privilege": "ListOperations", + "description": "Grants permission to list operations that match the criteria that you specify", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListOperations.html" + }, + "ListServices": { + "privilege": "ListServices", + "description": "Grants permission to get settings for all the services that match specified filters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListServices.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tags for the specified resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_ListTagsForResource.html" + }, + "RegisterInstance": { + "privilege": "RegisterInstance", + "description": "Grants permission to register an instance based on the settings in a specified service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:ServiceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UntagResource.html" + }, + "UpdateHttpNamespace": { + "privilege": "UpdateHttpNamespace", + "description": "Grants permission to update the settings for a HTTP namespace", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateHttpNamespace.html" + }, + "UpdateInstanceCustomHealthStatus": { + "privilege": "UpdateInstanceCustomHealthStatus", + "description": "Grants permission to update the current health status for an instance that has a custom health check", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicediscovery:ServiceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateInstanceCustomHealthStatus.html" + }, + "UpdatePrivateDnsNamespace": { + "privilege": "UpdatePrivateDnsNamespace", + "description": "Grants permission to update the settings for a private DNS namespace", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdatePrivateDnsNamespace.html" + }, + "UpdatePublicDnsNamespace": { + "privilege": "UpdatePublicDnsNamespace", + "description": "Grants permission to update the settings for a public DNS namespace", + "access_level": "Write", + "resource_types": { + "namespace": { + "resource_type": "namespace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "namespace": "namespace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdatePublicDnsNamespace.html" + }, + "UpdateService": { + "privilege": "UpdateService", + "description": "Grants permission to update the settings in a specified service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloud-map/latest/api/API_UpdateService.html" + } + }, + "privileges_lower_name": { + "createhttpnamespace": "CreateHttpNamespace", + "createprivatednsnamespace": "CreatePrivateDnsNamespace", + "createpublicdnsnamespace": "CreatePublicDnsNamespace", + "createservice": "CreateService", + "deletenamespace": "DeleteNamespace", + "deleteservice": "DeleteService", + "deregisterinstance": "DeregisterInstance", + "discoverinstances": "DiscoverInstances", + "getinstance": "GetInstance", + "getinstanceshealthstatus": "GetInstancesHealthStatus", + "getnamespace": "GetNamespace", + "getoperation": "GetOperation", + "getservice": "GetService", + "listinstances": "ListInstances", + "listnamespaces": "ListNamespaces", + "listoperations": "ListOperations", + "listservices": "ListServices", + "listtagsforresource": "ListTagsForResource", + "registerinstance": "RegisterInstance", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatehttpnamespace": "UpdateHttpNamespace", + "updateinstancecustomhealthstatus": "UpdateInstanceCustomHealthStatus", + "updateprivatednsnamespace": "UpdatePrivateDnsNamespace", + "updatepublicdnsnamespace": "UpdatePublicDnsNamespace", + "updateservice": "UpdateService" + }, + "resources": { + "namespace": { + "resource": "namespace", + "arn": "arn:${Partition}:servicediscovery:${Region}:${Account}:namespace/${NamespaceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "service": { + "resource": "service", + "arn": "arn:${Partition}:servicediscovery:${Region}:${Account}:service/${ServiceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "namespace": "namespace", + "service": "service" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "servicediscovery:NamespaceArn": { + "condition": "servicediscovery:NamespaceArn", + "description": "Filters access by specifying the Amazon Resource Name (ARN) for the related namespace", + "type": "String" + }, + "servicediscovery:NamespaceName": { + "condition": "servicediscovery:NamespaceName", + "description": "Filters access by specifying the name of the related namespace", + "type": "String" + }, + "servicediscovery:ServiceArn": { + "condition": "servicediscovery:ServiceArn", + "description": "Filters access by specifying the Amazon Resource Name (ARN) for the related service", + "type": "String" + }, + "servicediscovery:ServiceName": { + "condition": "servicediscovery:ServiceName", + "description": "Filters access by specifying the name of the related service", + "type": "String" + } + } + }, + "cloudshell": { + "service_name": "AWS CloudShell", + "prefix": "cloudshell", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudshell.html", + "privileges": { + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permissions to create a CloudShell environment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#CreateEnvironment" + }, + "CreateSession": { + "privilege": "CreateSession", + "description": "Grants permissions to connect to a CloudShell environment from the AWS Management Console", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#CreateSession" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete a CloudShell environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#DeleteEnvironment" + }, + "GetEnvironmentStatus": { + "privilege": "GetEnvironmentStatus", + "description": "Grants permission to read a CloudShell environment status", + "access_level": "Read", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#GetEnvironmentStatus" + }, + "GetFileDownloadUrls": { + "privilege": "GetFileDownloadUrls", + "description": "Grants permissions to download files from a CloudShell environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#GetFileDownloadUrls" + }, + "GetFileUploadUrls": { + "privilege": "GetFileUploadUrls", + "description": "Grants permissions to upload files to a CloudShell environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#GetFileUploadUrls" + }, + "PutCredentials": { + "privilege": "PutCredentials", + "description": "Grants permissions to forward console credentials to the environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#PutCredentials" + }, + "StartEnvironment": { + "privilege": "StartEnvironment", + "description": "Grants permission to start a stopped CloudShell environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#StartEnvironment" + }, + "StopEnvironment": { + "privilege": "StopEnvironment", + "description": "Grants permission to stop a running CloudShell environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html#StopEnvironment" + } + }, + "privileges_lower_name": { + "createenvironment": "CreateEnvironment", + "createsession": "CreateSession", + "deleteenvironment": "DeleteEnvironment", + "getenvironmentstatus": "GetEnvironmentStatus", + "getfiledownloadurls": "GetFileDownloadUrls", + "getfileuploadurls": "GetFileUploadUrls", + "putcredentials": "PutCredentials", + "startenvironment": "StartEnvironment", + "stopenvironment": "StopEnvironment" + }, + "resources": { + "Environment": { + "resource": "Environment", + "arn": "arn:${Partition}:cloudshell:${Region}:${Account}:environment/${EnvironmentId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "environment": "Environment" + }, + "conditions": {} + }, + "cloudtrail": { + "service_name": "AWS CloudTrail", + "prefix": "cloudtrail", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudtrail.html", + "privileges": { + "AddTags": { + "privilege": "AddTags", + "description": "Grants permission to add one or more tags to a trail, event data store, or channel, up to a limit of 50", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "eventdatastore": { + "resource_type": "eventdatastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trail": { + "resource_type": "trail", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "eventdatastore": "eventdatastore", + "trail": "trail", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AddTags.html" + }, + "CancelQuery": { + "privilege": "CancelQuery", + "description": "Grants permission to cancel a running query", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CancelQuery.html" + }, + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Grants permission to create a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudtrail:AddTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CreateChannel.html" + }, + "CreateEventDataStore": { + "privilege": "CreateEventDataStore", + "description": "Grants permission to create an event data store", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudtrail:AddTags", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "kms:Decrypt", + "kms:GenerateDataKey", + "organizations:ListAWSServiceAccessForOrganization" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CreateEventDataStore.html" + }, + "CreateServiceLinkedChannel": { + "privilege": "CreateServiceLinkedChannel", + "description": "Grants permission to create a service-linked channel that specifies the settings for delivery of log data to an AWS service", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "API_CreateServiceLinkedChannel.html" + }, + "CreateTrail": { + "privilege": "CreateTrail", + "description": "Grants permission to create a trail that specifies the settings for delivery of log data to an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudtrail:AddTags", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "organizations:ListAWSServiceAccessForOrganization" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_CreateTrail.html" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Grants permission to delete a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteChannel.html" + }, + "DeleteEventDataStore": { + "privilege": "DeleteEventDataStore", + "description": "Grants permission to delete an event data store", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteEventDataStore.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy from the provided resource", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteServiceLinkedChannel": { + "privilege": "DeleteServiceLinkedChannel", + "description": "Grants permission to delete a service-linked channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "API_DeleteServiceLinkedChannel.html" + }, + "DeleteTrail": { + "privilege": "DeleteTrail", + "description": "Grants permission to delete a trail", + "access_level": "Write", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeleteTrail.html" + }, + "DeregisterOrganizationDelegatedAdmin": { + "privilege": "DeregisterOrganizationDelegatedAdmin", + "description": "Grants permission to deregister an AWS Organizations member account as a delegated administrator", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DeregisterDelegatedAdministrator", + "organizations:ListAWSServiceAccessForOrganization" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DeregisterOrganizationDelegatedAdmin.html" + }, + "DescribeQuery": { + "privilege": "DescribeQuery", + "description": "Grants permission to list details for the query", + "access_level": "Read", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DescribeQuery.html" + }, + "DescribeTrails": { + "privilege": "DescribeTrails", + "description": "Grants permission to list settings for the trails associated with the current region for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DescribeTrails.html" + }, + "GetChannel": { + "privilege": "GetChannel", + "description": "Grants permission to return information about a specific channel", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetChannel.html" + }, + "GetEventDataStore": { + "privilege": "GetEventDataStore", + "description": "Grants permission to list settings for the event data store", + "access_level": "Read", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetEventDataStore.html" + }, + "GetEventSelectors": { + "privilege": "GetEventSelectors", + "description": "Grants permission to list settings for event selectors configured for a trail", + "access_level": "Read", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetEventSelectors.html" + }, + "GetImport": { + "privilege": "GetImport", + "description": "Grants permission to return information about a specific import", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetImport.html" + }, + "GetInsightSelectors": { + "privilege": "GetInsightSelectors", + "description": "Grants permission to list CloudTrail Insights selectors that are configured for a trail", + "access_level": "Read", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetInsightSelectors.html" + }, + "GetQueryResults": { + "privilege": "GetQueryResults", + "description": "Grants permission to fetch results of a complete query", + "access_level": "Read", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:Decrypt", + "kms:GenerateDataKey" + ] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetQueryResults.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to get the resource policy attached to the provided resource", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetResourcePolicy.html" + }, + "GetServiceLinkedChannel": { + "privilege": "GetServiceLinkedChannel", + "description": "Grants permission to list settings for the service-linked channel", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "API_GetServiceLinkedChannel.html" + }, + "GetTrail": { + "privilege": "GetTrail", + "description": "Grants permission to list settings for the trail", + "access_level": "Read", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetTrail.html" + }, + "GetTrailStatus": { + "privilege": "GetTrailStatus", + "description": "Grants permission to retrieve a JSON-formatted list of information about the specified trail", + "access_level": "Read", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetTrailStatus.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to list the channels in the current account, and their source names", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListChannels.html" + }, + "ListEventDataStores": { + "privilege": "ListEventDataStores", + "description": "Grants permission to list event data stores associated with the current region for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListEventDataStores.html" + }, + "ListImportFailures": { + "privilege": "ListImportFailures", + "description": "Grants permission to return a list of failures for the specified import", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListImportFailures.html" + }, + "ListImports": { + "privilege": "ListImports", + "description": "Grants permission to return information on all imports, or a select set of imports by ImportStatus or Destination", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListImports.html" + }, + "ListPublicKeys": { + "privilege": "ListPublicKeys", + "description": "Grants permission to list the public keys whose private keys were used to sign trail digest files within a specified time range", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListPublicKeys.html" + }, + "ListQueries": { + "privilege": "ListQueries", + "description": "Grants permission to list queries associated with an event data store", + "access_level": "List", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListQueries.html" + }, + "ListServiceLinkedChannels": { + "privilege": "ListServiceLinkedChannels", + "description": "Grants permission to list service-linked channels associated with the current region for a specified account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "API_ListServiceLinkedChannels.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to list the tags for trails, event data stores, or channels in the current region", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "eventdatastore": { + "resource_type": "eventdatastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trail": { + "resource_type": "trail", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "eventdatastore": "eventdatastore", + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListTags.html" + }, + "ListTrails": { + "privilege": "ListTrails", + "description": "Grants permission to list trails associated with the current region for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_ListTrails.html" + }, + "LookupEvents": { + "privilege": "LookupEvents", + "description": "Grants permission to look up API activity events captured by CloudTrail that create, update, or delete resources in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_LookupEvents.html" + }, + "PutEventSelectors": { + "privilege": "PutEventSelectors", + "description": "Grants permission to create and update event selectors for a trail", + "access_level": "Write", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_PutEventSelectors.html" + }, + "PutInsightSelectors": { + "privilege": "PutInsightSelectors", + "description": "Grants permission to create and update CloudTrail Insights selectors for a trail", + "access_level": "Write", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_PutInsightSelectors.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to attach a resource policy to the provided resource", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_PutResourcePolicy.html" + }, + "RegisterOrganizationDelegatedAdmin": { + "privilege": "RegisterOrganizationDelegatedAdmin", + "description": "Grants permission to register an AWS Organizations member account as a delegated administrator", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "organizations:ListAWSServiceAccessForOrganization", + "organizations:RegisterDelegatedAdministrator" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_RegisterOrganizationDelegatedAdmin.html" + }, + "RemoveTags": { + "privilege": "RemoveTags", + "description": "Grants permission to remove tags from a trail, event data store, or channel", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "eventdatastore": { + "resource_type": "eventdatastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trail": { + "resource_type": "trail", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "eventdatastore": "eventdatastore", + "trail": "trail", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_RemoveTags.html" + }, + "RestoreEventDataStore": { + "privilege": "RestoreEventDataStore", + "description": "Grants permission to restore an event data store", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_RestoreEventDataStore.html" + }, + "StartEventDataStoreIngestion": { + "privilege": "StartEventDataStoreIngestion", + "description": "Grants permission to start ingestion on an event data store", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartEventDataStoreIngestion.html" + }, + "StartImport": { + "privilege": "StartImport", + "description": "Grants permission to start an import of logged trail events from a source S3 bucket to a destination event data store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartImport.html" + }, + "StartLogging": { + "privilege": "StartLogging", + "description": "Grants permission to start the recording of AWS API calls and log file delivery for a trail", + "access_level": "Write", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartLogging.html" + }, + "StartQuery": { + "privilege": "StartQuery", + "description": "Grants permission to start a new query on a specified event data store", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "kms:Decrypt", + "kms:GenerateDataKey" + ] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StartQuery.html" + }, + "StopEventDataStoreIngestion": { + "privilege": "StopEventDataStoreIngestion", + "description": "Grants permission to stop ingestion on an event data store", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StopEventDataStoreIngestion.html" + }, + "StopImport": { + "privilege": "StopImport", + "description": "Grants permission to stop a specified import", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StopImport.html" + }, + "StopLogging": { + "privilege": "StopLogging", + "description": "Grants permission to stop the recording of AWS API calls and log file delivery for a trail", + "access_level": "Write", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_StopLogging.html" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Grants permission to update a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateChannel.html" + }, + "UpdateEventDataStore": { + "privilege": "UpdateEventDataStore", + "description": "Grants permission to update an event data store", + "access_level": "Write", + "resource_types": { + "eventdatastore": { + "resource_type": "eventdatastore", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "kms:Decrypt", + "kms:GenerateDataKey", + "organizations:ListAWSServiceAccessForOrganization" + ] + } + }, + "resource_types_lower_name": { + "eventdatastore": "eventdatastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateEventDataStore.html" + }, + "UpdateServiceLinkedChannel": { + "privilege": "UpdateServiceLinkedChannel", + "description": "Grants permission to update the settings that specify delivery of log files", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "API_UpdateServiceLinkedChannel.html" + }, + "UpdateTrail": { + "privilege": "UpdateTrail", + "description": "Grants permission to update the settings that specify delivery of log files", + "access_level": "Write", + "resource_types": { + "trail": { + "resource_type": "trail", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "organizations:ListAWSServiceAccessForOrganization" + ] + } + }, + "resource_types_lower_name": { + "trail": "trail" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateTrail.html" + } + }, + "privileges_lower_name": { + "addtags": "AddTags", + "cancelquery": "CancelQuery", + "createchannel": "CreateChannel", + "createeventdatastore": "CreateEventDataStore", + "createservicelinkedchannel": "CreateServiceLinkedChannel", + "createtrail": "CreateTrail", + "deletechannel": "DeleteChannel", + "deleteeventdatastore": "DeleteEventDataStore", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteservicelinkedchannel": "DeleteServiceLinkedChannel", + "deletetrail": "DeleteTrail", + "deregisterorganizationdelegatedadmin": "DeregisterOrganizationDelegatedAdmin", + "describequery": "DescribeQuery", + "describetrails": "DescribeTrails", + "getchannel": "GetChannel", + "geteventdatastore": "GetEventDataStore", + "geteventselectors": "GetEventSelectors", + "getimport": "GetImport", + "getinsightselectors": "GetInsightSelectors", + "getqueryresults": "GetQueryResults", + "getresourcepolicy": "GetResourcePolicy", + "getservicelinkedchannel": "GetServiceLinkedChannel", + "gettrail": "GetTrail", + "gettrailstatus": "GetTrailStatus", + "listchannels": "ListChannels", + "listeventdatastores": "ListEventDataStores", + "listimportfailures": "ListImportFailures", + "listimports": "ListImports", + "listpublickeys": "ListPublicKeys", + "listqueries": "ListQueries", + "listservicelinkedchannels": "ListServiceLinkedChannels", + "listtags": "ListTags", + "listtrails": "ListTrails", + "lookupevents": "LookupEvents", + "puteventselectors": "PutEventSelectors", + "putinsightselectors": "PutInsightSelectors", + "putresourcepolicy": "PutResourcePolicy", + "registerorganizationdelegatedadmin": "RegisterOrganizationDelegatedAdmin", + "removetags": "RemoveTags", + "restoreeventdatastore": "RestoreEventDataStore", + "starteventdatastoreingestion": "StartEventDataStoreIngestion", + "startimport": "StartImport", + "startlogging": "StartLogging", + "startquery": "StartQuery", + "stopeventdatastoreingestion": "StopEventDataStoreIngestion", + "stopimport": "StopImport", + "stoplogging": "StopLogging", + "updatechannel": "UpdateChannel", + "updateeventdatastore": "UpdateEventDataStore", + "updateservicelinkedchannel": "UpdateServiceLinkedChannel", + "updatetrail": "UpdateTrail" + }, + "resources": { + "trail": { + "resource": "trail", + "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:trail/${TrailName}", + "condition_keys": [] + }, + "eventdatastore": { + "resource": "eventdatastore", + "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:eventdatastore/${EventDataStoreId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:channel/${ChannelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "trail": "trail", + "eventdatastore": "eventdatastore", + "channel": "channel" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + } + } + }, + "cloudtrail-data": { + "service_name": "AWS CloudTrail Data", + "prefix": "cloudtrail-data", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudtraildata.html", + "privileges": { + "PutAuditEvents": { + "privilege": "PutAuditEvents", + "description": "Grants permission to ingest your application events into CloudTrail Lake", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awscloudtraildata/latest/APIReference/API_PutAuditEvents.html" + } + }, + "privileges_lower_name": { + "putauditevents": "PutAuditEvents" + }, + "resources": { + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:cloudtrail:${Region}:${Account}:channel/${ChannelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "channel": "channel" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + } + } + }, + "rum": { + "service_name": "AWS CloudWatch RUM", + "prefix": "rum", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloudwatchrum.html", + "privileges": { + "BatchCreateRumMetricDefinitions": { + "privilege": "BatchCreateRumMetricDefinitions", + "description": "Grants permission to create rum metric definitions", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_BatchCreateRumMetricDefinitions.html" + }, + "BatchDeleteRumMetricDefinitions": { + "privilege": "BatchDeleteRumMetricDefinitions", + "description": "Grants permission to remove rum metric definitions", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_BatchDeleteRumMetricDefinitions.html" + }, + "BatchGetRumMetricDefinitions": { + "privilege": "BatchGetRumMetricDefinitions", + "description": "Grants permission to get rum metric definitions", + "access_level": "Read", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_BatchGetRumMetricDefinitions.html" + }, + "CreateAppMonitor": { + "privilege": "CreateAppMonitor", + "description": "Grants permission to create appMonitor metadata", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:GetRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_CreateAppMonitor.html" + }, + "DeleteAppMonitor": { + "privilege": "DeleteAppMonitor", + "description": "Grants permission to delete appMonitor metadata", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_DeleteAppMonitor.html" + }, + "DeleteRumMetricsDestination": { + "privilege": "DeleteRumMetricsDestination", + "description": "Grants permission to delete rum metrics destinations", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_DeleteRumMetricsDestination.html" + }, + "GetAppMonitor": { + "privilege": "GetAppMonitor", + "description": "Grants permission to get appMonitor metadata", + "access_level": "Read", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_GetAppMonitor.html" + }, + "GetAppMonitorData": { + "privilege": "GetAppMonitorData", + "description": "Grants permission to get appMonitor data", + "access_level": "Read", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_GetAppMonitorData.html" + }, + "ListAppMonitors": { + "privilege": "ListAppMonitors", + "description": "Grants permission to list appMonitors metadata", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_ListAppMonitors.html" + }, + "ListRumMetricsDestinations": { + "privilege": "ListRumMetricsDestinations", + "description": "Grants permission to list rum metrics destinations", + "access_level": "Read", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_ListRumMetricsDestinations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_ListTagsForResource.html" + }, + "PutRumEvents": { + "privilege": "PutRumEvents", + "description": "Grants permission to put RUM events for appmonitor", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_PutRumEvents.html" + }, + "PutRumMetricsDestination": { + "privilege": "PutRumMetricsDestination", + "description": "Grants permission to put rum metrics destinations", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_PutRumMetricsDestination.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag resources", + "access_level": "Tagging", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag resources", + "access_level": "Tagging", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_UntagResource.html" + }, + "UpdateAppMonitor": { + "privilege": "UpdateAppMonitor", + "description": "Grants permission to update appmonitor metadata", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:GetRole" + ] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_UpdateAppMonitor.html" + }, + "UpdateRumMetricDefinition": { + "privilege": "UpdateRumMetricDefinition", + "description": "Grants permission to update rum metric definition", + "access_level": "Write", + "resource_types": { + "AppMonitorResource": { + "resource_type": "AppMonitorResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cloudwatchrum/latest/APIReference/API_UpdateRumMetricDefinition.html" + } + }, + "privileges_lower_name": { + "batchcreaterummetricdefinitions": "BatchCreateRumMetricDefinitions", + "batchdeleterummetricdefinitions": "BatchDeleteRumMetricDefinitions", + "batchgetrummetricdefinitions": "BatchGetRumMetricDefinitions", + "createappmonitor": "CreateAppMonitor", + "deleteappmonitor": "DeleteAppMonitor", + "deleterummetricsdestination": "DeleteRumMetricsDestination", + "getappmonitor": "GetAppMonitor", + "getappmonitordata": "GetAppMonitorData", + "listappmonitors": "ListAppMonitors", + "listrummetricsdestinations": "ListRumMetricsDestinations", + "listtagsforresource": "ListTagsForResource", + "putrumevents": "PutRumEvents", + "putrummetricsdestination": "PutRumMetricsDestination", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateappmonitor": "UpdateAppMonitor", + "updaterummetricdefinition": "UpdateRumMetricDefinition" + }, + "resources": { + "AppMonitorResource": { + "resource": "AppMonitorResource", + "arn": "arn:${Partition}:rum:${Region}:${Account}:appmonitor/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "appmonitorresource": "AppMonitorResource" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed the request on behalf of the IAM principal", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource that make the request on behalf of the IAM principal", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request on behalf of the IAM principal", + "type": "ArrayOfString" + } + } + }, + "codeartifact": { + "service_name": "AWS CodeArtifact", + "prefix": "codeartifact", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodeartifact.html", + "privileges": { + "AssociateExternalConnection": { + "privilege": "AssociateExternalConnection", + "description": "Grants permission to add an external connection to a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_AssociateExternalConnection.html" + }, + "AssociateWithDownstreamRepository": { + "privilege": "AssociateWithDownstreamRepository", + "description": "Grants permission to associate an existing repository as an upstream repository to another repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html" + }, + "CopyPackageVersions": { + "privilege": "CopyPackageVersions", + "description": "Grants permission to copy package versions from one repository to another repository in the same domain", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package", + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_CopyPackageVersions.html" + }, + "CreateDomain": { + "privilege": "CreateDomain", + "description": "Grants permission to create a new domain", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_CreateDomain.html" + }, + "CreateRepository": { + "privilege": "CreateRepository", + "description": "Grants permission to create a new repository", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_CreateRepository.html" + }, + "DeleteDomain": { + "privilege": "DeleteDomain", + "description": "Grants permission to delete a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteDomain.html" + }, + "DeleteDomainPermissionsPolicy": { + "privilege": "DeleteDomainPermissionsPolicy", + "description": "Grants permission to delete the resource policy set on a domain", + "access_level": "Permissions management", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteDomainPermissionsPolicy.html" + }, + "DeletePackage": { + "privilege": "DeletePackage", + "description": "Grants permission to delete a package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeletePackage.html" + }, + "DeletePackageVersions": { + "privilege": "DeletePackageVersions", + "description": "Grants permission to delete package versions", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeletePackageVersions.html" + }, + "DeleteRepository": { + "privilege": "DeleteRepository", + "description": "Grants permission to delete a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteRepository.html" + }, + "DeleteRepositoryPermissionsPolicy": { + "privilege": "DeleteRepositoryPermissionsPolicy", + "description": "Grants permission to delete the resource policy set on a repository", + "access_level": "Permissions management", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DeleteRepositoryPermissionsPolicy.html" + }, + "DescribeDomain": { + "privilege": "DescribeDomain", + "description": "Grants permission to return information about a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribeDomain.html" + }, + "DescribePackage": { + "privilege": "DescribePackage", + "description": "Grants permission to retrieve information about a package", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribePackage.html" + }, + "DescribePackageVersion": { + "privilege": "DescribePackageVersion", + "description": "Grants permission to return information about a package version", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribePackageVersion.html" + }, + "DescribeRepository": { + "privilege": "DescribeRepository", + "description": "Grants permission to return detailed information about a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DescribeRepository.html" + }, + "DisassociateExternalConnection": { + "privilege": "DisassociateExternalConnection", + "description": "Grants permission to disassociate an external connection from a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DisassociateExternalConnection.html" + }, + "DisposePackageVersions": { + "privilege": "DisposePackageVersions", + "description": "Grants permission to set the status of package versions to Disposed and delete their assets", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_DisposePackageVersions.html" + }, + "GetAuthorizationToken": { + "privilege": "GetAuthorizationToken", + "description": "Grants permission to generate a temporary authentication token for accessing repositories in a domain", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetAuthorizationToken.html" + }, + "GetDomainPermissionsPolicy": { + "privilege": "GetDomainPermissionsPolicy", + "description": "Grants permission to return a domain's resource policy", + "access_level": "Read", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetDomainPermissionsPolicy.html" + }, + "GetPackageVersionAsset": { + "privilege": "GetPackageVersionAsset", + "description": "Grants permission to return an asset (or file) that is part of a package version", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetPackageVersionAsset.html" + }, + "GetPackageVersionReadme": { + "privilege": "GetPackageVersionReadme", + "description": "Grants permission to return a package version's readme file", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetPackageVersionReadme.html" + }, + "GetRepositoryEndpoint": { + "privilege": "GetRepositoryEndpoint", + "description": "Grants permission to return an endpoint for a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetRepositoryEndpoint.html" + }, + "GetRepositoryPermissionsPolicy": { + "privilege": "GetRepositoryPermissionsPolicy", + "description": "Grants permission to return a repository's resource policy", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_GetRepositoryPermissionsPolicy.html" + }, + "ListDomains": { + "privilege": "ListDomains", + "description": "Grants permission to list the domains in the current user's AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListDomains.html" + }, + "ListPackageVersionAssets": { + "privilege": "ListPackageVersionAssets", + "description": "Grants permission to list a package version's assets", + "access_level": "List", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackageVersionAssets.html" + }, + "ListPackageVersionDependencies": { + "privilege": "ListPackageVersionDependencies", + "description": "Grants permission to list the direct dependencies of a package version", + "access_level": "List", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackageVersionDependencies.html" + }, + "ListPackageVersions": { + "privilege": "ListPackageVersions", + "description": "Grants permission to list a package's versions", + "access_level": "List", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackageVersions.html" + }, + "ListPackages": { + "privilege": "ListPackages", + "description": "Grants permission to list the packages in a repository", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListPackages.html" + }, + "ListRepositories": { + "privilege": "ListRepositories", + "description": "Grants permission to list the repositories administered by the calling account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListRepositories.html" + }, + "ListRepositoriesInDomain": { + "privilege": "ListRepositoriesInDomain", + "description": "Grants permission to list the repositories in a domain", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListRepositoriesInDomain.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a CodeArtifact resource", + "access_level": "List", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_ListTagsForResource.html" + }, + "PublishPackageVersion": { + "privilege": "PublishPackageVersion", + "description": "Grants permission to publish assets and metadata to a repository endpoint", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repo-policies.html" + }, + "PutDomainPermissionsPolicy": { + "privilege": "PutDomainPermissionsPolicy", + "description": "Grants permission to attach a resource policy to a domain", + "access_level": "Write", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_PutDomainPermissionsPolicy.html" + }, + "PutPackageMetadata": { + "privilege": "PutPackageMetadata", + "description": "Grants permission to add, modify or remove package metadata using a repository endpoint", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repo-policies.html" + }, + "PutPackageOriginConfiguration": { + "privilege": "PutPackageOriginConfiguration", + "description": "Grants permission to set origin configuration for a package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_PutPackageOriginConfiguration.html" + }, + "PutRepositoryPermissionsPolicy": { + "privilege": "PutRepositoryPermissionsPolicy", + "description": "Grants permission to attach a resource policy to a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_PutRepositoryPermissionsPolicy.html" + }, + "ReadFromRepository": { + "privilege": "ReadFromRepository", + "description": "Grants permission to return package assets and metadata from a repository endpoint", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/ug/repo-policies.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a CodeArtifact resource", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a CodeArtifact resource", + "access_level": "Tagging", + "resource_types": { + "domain": { + "resource_type": "domain", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domain": "domain", + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_UntagResource.html" + }, + "UpdatePackageVersionsStatus": { + "privilege": "UpdatePackageVersionsStatus", + "description": "Grants permission to modify the status of one or more versions of a package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_UpdatePackageVersionsStatus.html" + }, + "UpdateRepository": { + "privilege": "UpdateRepository", + "description": "Grants permission to modify the properties of a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codeartifact/latest/APIReference/API_UpdateRepository.html" + } + }, + "privileges_lower_name": { + "associateexternalconnection": "AssociateExternalConnection", + "associatewithdownstreamrepository": "AssociateWithDownstreamRepository", + "copypackageversions": "CopyPackageVersions", + "createdomain": "CreateDomain", + "createrepository": "CreateRepository", + "deletedomain": "DeleteDomain", + "deletedomainpermissionspolicy": "DeleteDomainPermissionsPolicy", + "deletepackage": "DeletePackage", + "deletepackageversions": "DeletePackageVersions", + "deleterepository": "DeleteRepository", + "deleterepositorypermissionspolicy": "DeleteRepositoryPermissionsPolicy", + "describedomain": "DescribeDomain", + "describepackage": "DescribePackage", + "describepackageversion": "DescribePackageVersion", + "describerepository": "DescribeRepository", + "disassociateexternalconnection": "DisassociateExternalConnection", + "disposepackageversions": "DisposePackageVersions", + "getauthorizationtoken": "GetAuthorizationToken", + "getdomainpermissionspolicy": "GetDomainPermissionsPolicy", + "getpackageversionasset": "GetPackageVersionAsset", + "getpackageversionreadme": "GetPackageVersionReadme", + "getrepositoryendpoint": "GetRepositoryEndpoint", + "getrepositorypermissionspolicy": "GetRepositoryPermissionsPolicy", + "listdomains": "ListDomains", + "listpackageversionassets": "ListPackageVersionAssets", + "listpackageversiondependencies": "ListPackageVersionDependencies", + "listpackageversions": "ListPackageVersions", + "listpackages": "ListPackages", + "listrepositories": "ListRepositories", + "listrepositoriesindomain": "ListRepositoriesInDomain", + "listtagsforresource": "ListTagsForResource", + "publishpackageversion": "PublishPackageVersion", + "putdomainpermissionspolicy": "PutDomainPermissionsPolicy", + "putpackagemetadata": "PutPackageMetadata", + "putpackageoriginconfiguration": "PutPackageOriginConfiguration", + "putrepositorypermissionspolicy": "PutRepositoryPermissionsPolicy", + "readfromrepository": "ReadFromRepository", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatepackageversionsstatus": "UpdatePackageVersionsStatus", + "updaterepository": "UpdateRepository" + }, + "resources": { + "domain": { + "resource": "domain", + "arn": "arn:${Partition}:codeartifact:${Region}:${Account}:domain/${DomainName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "repository": { + "resource": "repository", + "arn": "arn:${Partition}:codeartifact:${Region}:${Account}:repository/${DomainName}/${RepositoryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "package": { + "resource": "package", + "arn": "arn:${Partition}:codeartifact:${Region}:${Account}:package/${DomainName}/${RepositoryName}/${PackageFormat}/${PackageNamespace}/${PackageName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "domain": "domain", + "repository": "repository", + "package": "package" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "codebuild": { + "service_name": "AWS CodeBuild", + "prefix": "codebuild", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodebuild.html", + "privileges": { + "BatchDeleteBuilds": { + "privilege": "BatchDeleteBuilds", + "description": "Grants permission to delete one or more builds", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchDeleteBuilds.html" + }, + "BatchGetBuildBatches": { + "privilege": "BatchGetBuildBatches", + "description": "Grants permission to get information about one or more build batches", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetBuildBatches.html" + }, + "BatchGetBuilds": { + "privilege": "BatchGetBuilds", + "description": "Grants permission to get information about one or more builds", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetBuilds.html" + }, + "BatchGetProjects": { + "privilege": "BatchGetProjects", + "description": "Grants permission to get information about one or more build projects", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetProjects.html" + }, + "BatchGetReportGroups": { + "privilege": "BatchGetReportGroups", + "description": "Grants permission to return an array of ReportGroup objects that are specified by the input reportGroupArns parameter", + "access_level": "Read", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetReportGroups.html" + }, + "BatchGetReports": { + "privilege": "BatchGetReports", + "description": "Grants permission to return an array of the Report objects specified by the input reportArns parameter", + "access_level": "Read", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BatchGetReports.html" + }, + "BatchPutCodeCoverages": { + "privilege": "BatchPutCodeCoverages", + "description": "Grants permission to add or update information about a report", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "BatchPutTestCases": { + "privilege": "BatchPutTestCases", + "description": "Grants permission to add or update information about a report", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a build project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_CreateProject.html" + }, + "CreateReport": { + "privilege": "CreateReport", + "description": "Grants permission to create a report. A report is created when tests specified in the buildspec file for a report groups run during the build of a project", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "CreateReportGroup": { + "privilege": "CreateReportGroup", + "description": "Grants permission to create a report group", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_CreateReportGroup.html" + }, + "CreateWebhook": { + "privilege": "CreateWebhook", + "description": "Grants permission to create webhook. For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables AWS CodeBuild to start rebuilding the source code every time a code change is pushed to the repository", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_CreateWebhook.html" + }, + "DeleteBuildBatch": { + "privilege": "DeleteBuildBatch", + "description": "Grants permission to delete a build batch", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteBuildBatch.html" + }, + "DeleteOAuthToken": { + "privilege": "DeleteOAuthToken", + "description": "Grants permission to delete an OAuth token from a connected third-party OAuth provider. Only used in the AWS CodeBuild console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a build project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteProject.html" + }, + "DeleteReport": { + "privilege": "DeleteReport", + "description": "Grants permission to delete a report", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteReport.html" + }, + "DeleteReportGroup": { + "privilege": "DeleteReportGroup", + "description": "Grants permission to delete a report group", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteReportGroup.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy for the associated project or report group", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "report-group": { + "resource_type": "report-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteSourceCredentials": { + "privilege": "DeleteSourceCredentials", + "description": "Grants permission to delete a set of GitHub, GitHub Enterprise, or Bitbucket source credentials", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteSourceCredentials.html" + }, + "DeleteWebhook": { + "privilege": "DeleteWebhook", + "description": "Grants permission to delete webhook. For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops AWS CodeBuild from rebuilding the source code every time a code change is pushed to the repository", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DeleteWebhook.html" + }, + "DescribeCodeCoverages": { + "privilege": "DescribeCodeCoverages", + "description": "Grants permission to return an array of CodeCoverage objects", + "access_level": "Read", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DescribeCodeCoverages.html" + }, + "DescribeTestCases": { + "privilege": "DescribeTestCases", + "description": "Grants permission to return an array of TestCase objects", + "access_level": "Read", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_DescribeTestCases.html" + }, + "GetReportGroupTrend": { + "privilege": "GetReportGroupTrend", + "description": "Grants permission to analyze and accumulate test report values for the test reports in the specified report group", + "access_level": "Read", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_GetReportGroupTrend.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to return a resource policy for the specified project or report group", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "report-group": { + "resource_type": "report-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_GetResourcePolicy.html" + }, + "ImportSourceCredentials": { + "privilege": "ImportSourceCredentials", + "description": "Grants permission to import the source repository credentials for an AWS CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, or Bitbucket repository", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ImportSourceCredentials.html" + }, + "InvalidateProjectCache": { + "privilege": "InvalidateProjectCache", + "description": "Grants permission to reset the cache for a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_InvalidateProjectCache.html" + }, + "ListBuildBatches": { + "privilege": "ListBuildBatches", + "description": "Grants permission to get a list of build batch IDs, with each build batch ID representing a single build batch", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuildBatches.html" + }, + "ListBuildBatchesForProject": { + "privilege": "ListBuildBatchesForProject", + "description": "Grants permission to get a list of build batch IDs for the specified build project, with each build batch ID representing a single build batch", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuildBatchesForProject.html" + }, + "ListBuilds": { + "privilege": "ListBuilds", + "description": "Grants permission to get a list of build IDs, with each build ID representing a single build", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuilds.html" + }, + "ListBuildsForProject": { + "privilege": "ListBuildsForProject", + "description": "Grants permission to get a list of build IDs for the specified build project, with each build ID representing a single build", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListBuildsForProject.html" + }, + "ListConnectedOAuthAccounts": { + "privilege": "ListConnectedOAuthAccounts", + "description": "Grants permission to list connected third-party OAuth providers. Only used in the AWS CodeBuild console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "ListCuratedEnvironmentImages": { + "privilege": "ListCuratedEnvironmentImages", + "description": "Grants permission to get information about Docker images that are managed by AWS CodeBuild", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListCuratedEnvironmentImages.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to get a list of build project names, with each build project name representing a single build project", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListProjects.html" + }, + "ListReportGroups": { + "privilege": "ListReportGroups", + "description": "Grants permission to return a list of report group ARNs. Each report group ARN represents one report group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListReportGroups.html" + }, + "ListReports": { + "privilege": "ListReports", + "description": "Grants permission to return a list of report ARNs. Each report ARN representing one report", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListReports.html" + }, + "ListReportsForReportGroup": { + "privilege": "ListReportsForReportGroup", + "description": "Grants permission to return a list of report ARNs that belong to the specified report group. Each report ARN represents one report", + "access_level": "List", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListReportsForReportGroup.html" + }, + "ListRepositories": { + "privilege": "ListRepositories", + "description": "Grants permission to list source code repositories from a connected third-party OAuth provider. Only used in the AWS CodeBuild console", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "ListSharedProjects": { + "privilege": "ListSharedProjects", + "description": "Grants permission to return a list of project ARNs that have been shared with the requester. Each project ARN represents one project", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListSharedProjects.html" + }, + "ListSharedReportGroups": { + "privilege": "ListSharedReportGroups", + "description": "Grants permission to return a list of report group ARNs that have been shared with the requester. Each report group ARN represents one report group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListSharedReportGroups.html" + }, + "ListSourceCredentials": { + "privilege": "ListSourceCredentials", + "description": "Grants permission to return a list of SourceCredentialsInfo objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListSourceCredentials.html" + }, + "PersistOAuthToken": { + "privilege": "PersistOAuthToken", + "description": "Grants permission to save an OAuth token from a connected third-party OAuth provider. Only used in the AWS CodeBuild console", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create a resource policy for the associated project or report group", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "report-group": { + "resource_type": "report-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_PutResourcePolicy.html" + }, + "RetryBuild": { + "privilege": "RetryBuild", + "description": "Grants permission to retry a build", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_RetryBuild.html" + }, + "RetryBuildBatch": { + "privilege": "RetryBuildBatch", + "description": "Grants permission to retry a build batch", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_RetryBuildBatch.html" + }, + "StartBuild": { + "privilege": "StartBuild", + "description": "Grants permission to start running a build", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StartBuild.html" + }, + "StartBuildBatch": { + "privilege": "StartBuildBatch", + "description": "Grants permission to start running a build batch", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StartBuildBatch.html" + }, + "StopBuild": { + "privilege": "StopBuild", + "description": "Grants permission to attempt to stop running a build", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StopBuild.html" + }, + "StopBuildBatch": { + "privilege": "StopBuildBatch", + "description": "Grants permission to attempt to stop running a build batch", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_StopBuildBatch.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to change the settings of an existing build project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateProject.html" + }, + "UpdateProjectVisibility": { + "privilege": "UpdateProjectVisibility", + "description": "Grants permission to change the public visibility of a project and its builds", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateProjectVisibility.html" + }, + "UpdateReport": { + "privilege": "UpdateReport", + "description": "Grants permission to update information about a report", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#console-policies" + }, + "UpdateReportGroup": { + "privilege": "UpdateReportGroup", + "description": "Grants permission to change the settings of an existing report group", + "access_level": "Write", + "resource_types": { + "report-group": { + "resource_type": "report-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-group": "report-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateReportGroup.html" + }, + "UpdateWebhook": { + "privilege": "UpdateWebhook", + "description": "Grants permission to update the webhook associated with an AWS CodeBuild build project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codebuild/latest/APIReference/API_UpdateWebhook.html" + } + }, + "privileges_lower_name": { + "batchdeletebuilds": "BatchDeleteBuilds", + "batchgetbuildbatches": "BatchGetBuildBatches", + "batchgetbuilds": "BatchGetBuilds", + "batchgetprojects": "BatchGetProjects", + "batchgetreportgroups": "BatchGetReportGroups", + "batchgetreports": "BatchGetReports", + "batchputcodecoverages": "BatchPutCodeCoverages", + "batchputtestcases": "BatchPutTestCases", + "createproject": "CreateProject", + "createreport": "CreateReport", + "createreportgroup": "CreateReportGroup", + "createwebhook": "CreateWebhook", + "deletebuildbatch": "DeleteBuildBatch", + "deleteoauthtoken": "DeleteOAuthToken", + "deleteproject": "DeleteProject", + "deletereport": "DeleteReport", + "deletereportgroup": "DeleteReportGroup", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deletesourcecredentials": "DeleteSourceCredentials", + "deletewebhook": "DeleteWebhook", + "describecodecoverages": "DescribeCodeCoverages", + "describetestcases": "DescribeTestCases", + "getreportgrouptrend": "GetReportGroupTrend", + "getresourcepolicy": "GetResourcePolicy", + "importsourcecredentials": "ImportSourceCredentials", + "invalidateprojectcache": "InvalidateProjectCache", + "listbuildbatches": "ListBuildBatches", + "listbuildbatchesforproject": "ListBuildBatchesForProject", + "listbuilds": "ListBuilds", + "listbuildsforproject": "ListBuildsForProject", + "listconnectedoauthaccounts": "ListConnectedOAuthAccounts", + "listcuratedenvironmentimages": "ListCuratedEnvironmentImages", + "listprojects": "ListProjects", + "listreportgroups": "ListReportGroups", + "listreports": "ListReports", + "listreportsforreportgroup": "ListReportsForReportGroup", + "listrepositories": "ListRepositories", + "listsharedprojects": "ListSharedProjects", + "listsharedreportgroups": "ListSharedReportGroups", + "listsourcecredentials": "ListSourceCredentials", + "persistoauthtoken": "PersistOAuthToken", + "putresourcepolicy": "PutResourcePolicy", + "retrybuild": "RetryBuild", + "retrybuildbatch": "RetryBuildBatch", + "startbuild": "StartBuild", + "startbuildbatch": "StartBuildBatch", + "stopbuild": "StopBuild", + "stopbuildbatch": "StopBuildBatch", + "updateproject": "UpdateProject", + "updateprojectvisibility": "UpdateProjectVisibility", + "updatereport": "UpdateReport", + "updatereportgroup": "UpdateReportGroup", + "updatewebhook": "UpdateWebhook" + }, + "resources": { + "build": { + "resource": "build", + "arn": "arn:${Partition}:codebuild:${Region}:${Account}:build/${BuildId}", + "condition_keys": [] + }, + "build-batch": { + "resource": "build-batch", + "arn": "arn:${Partition}:codebuild:${Region}:${Account}:build-batch/${BuildBatchId}", + "condition_keys": [] + }, + "project": { + "resource": "project", + "arn": "arn:${Partition}:codebuild:${Region}:${Account}:project/${ProjectName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "report-group": { + "resource": "report-group", + "arn": "arn:${Partition}:codebuild:${Region}:${Account}:report-group/${ReportGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "report": { + "resource": "report", + "arn": "arn:${Partition}:codebuild:${Region}:${Account}:report/${ReportGroupName}:${ReportId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "build": "build", + "build-batch": "build-batch", + "project": "project", + "report-group": "report-group", + "report": "report" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "codecommit": { + "service_name": "AWS CodeCommit", + "prefix": "codecommit", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodecommit.html", + "privileges": { + "AssociateApprovalRuleTemplateWithRepository": { + "privilege": "AssociateApprovalRuleTemplateWithRepository", + "description": "Grants permission to associate an approval rule template with a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_AssociateApprovalRuleTemplateWithRepository.html" + }, + "BatchAssociateApprovalRuleTemplateWithRepositories": { + "privilege": "BatchAssociateApprovalRuleTemplateWithRepositories", + "description": "Grants permission to associate an approval rule template with multiple repositories in a single operation", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchAssociateApprovalRuleTemplateWithRepositories.html" + }, + "BatchDescribeMergeConflicts": { + "privilege": "BatchDescribeMergeConflicts", + "description": "Grants permission to get information about multiple merge conflicts when attempting to merge two commits using either the three-way merge or the squash merge option", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchDescribeMergeConflicts.html" + }, + "BatchDisassociateApprovalRuleTemplateFromRepositories": { + "privilege": "BatchDisassociateApprovalRuleTemplateFromRepositories", + "description": "Grants permission to remove the association between an approval rule template and multiple repositories in a single operation", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchDisassociateApprovalRuleTemplateFromRepositories.html" + }, + "BatchGetCommits": { + "privilege": "BatchGetCommits", + "description": "Grants permission to get return information about one or more commits in an AWS CodeCommit repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchGetCommits.html" + }, + "BatchGetPullRequests": { + "privilege": "BatchGetPullRequests", + "description": "Grants permission to return information about one or more pull requests in an AWS CodeCommit repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-pr" + }, + "BatchGetRepositories": { + "privilege": "BatchGetRepositories", + "description": "Grants permission to get information about multiple repositories", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_BatchGetRepositories.html" + }, + "CancelUploadArchive": { + "privilege": "CancelUploadArchive", + "description": "Grants permission to cancel the uploading of an archive to a pipeline in AWS CodePipeline", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-acp" + }, + "CreateApprovalRuleTemplate": { + "privilege": "CreateApprovalRuleTemplate", + "description": "Grants permission to create an approval rule template that will automatically create approval rules in pull requests that match the conditions defined in the template; does not grant permission to create approval rules for individual pull requests", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateApprovalRuleTemplate.html" + }, + "CreateBranch": { + "privilege": "CreateBranch", + "description": "Grants permission to create a branch in an AWS CodeCommit repository with this API; does not control Git create branch actions", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateBranch.html" + }, + "CreateCommit": { + "privilege": "CreateCommit", + "description": "Grants permission to add, copy, move or update single or multiple files in a branch in an AWS CodeCommit repository, and generate a commit for the changes in the specified branch", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateCommit.html" + }, + "CreatePullRequest": { + "privilege": "CreatePullRequest", + "description": "Grants permission to create a pull request in the specified repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreatePullRequest.html" + }, + "CreatePullRequestApprovalRule": { + "privilege": "CreatePullRequestApprovalRule", + "description": "Grants permission to create an approval rule specific to an individual pull request; does not grant permission to create approval rule templates", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreatePullRequestApprovalRule.html" + }, + "CreateRepository": { + "privilege": "CreateRepository", + "description": "Grants permission to create an AWS CodeCommit repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateRepository.html" + }, + "CreateUnreferencedMergeCommit": { + "privilege": "CreateUnreferencedMergeCommit", + "description": "Grants permission to create an unreferenced commit that contains the result of merging two commits using either the three-way or the squash merge option; does not control Git merge actions", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreateUnreferencedMergeCommit.html" + }, + "DeleteApprovalRuleTemplate": { + "privilege": "DeleteApprovalRuleTemplate", + "description": "Grants permission to delete an approval rule template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteApprovalRuleTemplate.html" + }, + "DeleteBranch": { + "privilege": "DeleteBranch", + "description": "Grants permission to delete a branch in an AWS CodeCommit repository with this API; does not control Git delete branch actions", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteBranch.html" + }, + "DeleteCommentContent": { + "privilege": "DeleteCommentContent", + "description": "Grants permission to delete the content of a comment made on a change, file, or commit in a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteCommentContent.html" + }, + "DeleteFile": { + "privilege": "DeleteFile", + "description": "Grants permission to delete a specified file from a specified branch", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteFile.html" + }, + "DeletePullRequestApprovalRule": { + "privilege": "DeletePullRequestApprovalRule", + "description": "Grants permission to delete approval rule created for a pull request if the rule was not created by an approval rule template", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeletePullRequestApprovalRule.html" + }, + "DeleteRepository": { + "privilege": "DeleteRepository", + "description": "Grants permission to delete an AWS CodeCommit repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteRepository.html" + }, + "DescribeMergeConflicts": { + "privilege": "DescribeMergeConflicts", + "description": "Grants permission to get information about specific merge conflicts when attempting to merge two commits using either the three-way or the squash merge option", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DescribeMergeConflicts.html" + }, + "DescribePullRequestEvents": { + "privilege": "DescribePullRequestEvents", + "description": "Grants permission to return information about one or more pull request events", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DescribePullRequestEvents.html" + }, + "DisassociateApprovalRuleTemplateFromRepository": { + "privilege": "DisassociateApprovalRuleTemplateFromRepository", + "description": "Grants permission to remove the association between an approval rule template and a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DisassociateApprovalRuleTemplateFromRepository.html" + }, + "EvaluatePullRequestApprovalRules": { + "privilege": "EvaluatePullRequestApprovalRules", + "description": "Grants permission to evaluate whether a pull request is mergable based on its current approval state and approval rule requirements", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_EvaluatePullRequestApprovalRules.html" + }, + "GetApprovalRuleTemplate": { + "privilege": "GetApprovalRuleTemplate", + "description": "Grants permission to return information about an approval rule template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetApprovalRuleTemplate.html" + }, + "GetBlob": { + "privilege": "GetBlob", + "description": "Grants permission to view the encoded content of an individual file in an AWS CodeCommit repository from the AWS CodeCommit console", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetBlob.html" + }, + "GetBranch": { + "privilege": "GetBranch", + "description": "Grants permission to get details about a branch in an AWS CodeCommit repository with this API; does not control Git branch actions", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetBranch.html" + }, + "GetComment": { + "privilege": "GetComment", + "description": "Grants permission to get the content of a comment made on a change, file, or commit in a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetComment.html" + }, + "GetCommentReactions": { + "privilege": "GetCommentReactions", + "description": "Grants permission to get the reactions on a comment", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommentReactions.html" + }, + "GetCommentsForComparedCommit": { + "privilege": "GetCommentsForComparedCommit", + "description": "Grants permission to get information about comments made on the comparison between two commits", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommentsForComparedCommit.html" + }, + "GetCommentsForPullRequest": { + "privilege": "GetCommentsForPullRequest", + "description": "Grants permission to get comments made on a pull request", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommentsForPullRequest.html" + }, + "GetCommit": { + "privilege": "GetCommit", + "description": "Grants permission to return information about a commit, including commit message and committer information, with this API; does not control Git log actions", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommit.html" + }, + "GetCommitHistory": { + "privilege": "GetCommitHistory", + "description": "Grants permission to get information about the history of commits in a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" + }, + "GetCommitsFromMergeBase": { + "privilege": "GetCommitsFromMergeBase", + "description": "Grants permission to get information about the difference between commits in the context of a potential merge", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-pr" + }, + "GetDifferences": { + "privilege": "GetDifferences", + "description": "Grants permission to view information about the differences between valid commit specifiers such as a branch, tag, HEAD, commit ID, or other fully qualified reference", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetDifferences.html" + }, + "GetFile": { + "privilege": "GetFile", + "description": "Grants permission to return the base-64 encoded contents of a specified file and its metadata", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFile.html" + }, + "GetFolder": { + "privilege": "GetFolder", + "description": "Grants permission to return the contents of a specified folder in a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFolder.html" + }, + "GetMergeCommit": { + "privilege": "GetMergeCommit", + "description": "Grants permission to get information about a merge commit created by one of the merge options for pull requests that creates merge commits. Not all merge options create merge commits. This permission does not control Git merge actions", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetMergeCommit.html" + }, + "GetMergeConflicts": { + "privilege": "GetMergeConflicts", + "description": "Grants permission to get information about merge conflicts between the before and after commit IDs for a pull request in a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetMergeConflicts.html" + }, + "GetMergeOptions": { + "privilege": "GetMergeOptions", + "description": "Grants permission to get information about merge options for pull requests that can be used to merge two commits; does not control Git merge actions", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetMergeOptions.html" + }, + "GetObjectIdentifier": { + "privilege": "GetObjectIdentifier", + "description": "Grants permission to resolve blobs, trees, and commits to their identifier", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" + }, + "GetPullRequest": { + "privilege": "GetPullRequest", + "description": "Grants permission to get information about a pull request in a specified repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequest.html" + }, + "GetPullRequestApprovalStates": { + "privilege": "GetPullRequestApprovalStates", + "description": "Grants permission to retrieve the current approvals on an inputted pull request", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequestApprovalStates.html" + }, + "GetPullRequestOverrideState": { + "privilege": "GetPullRequestOverrideState", + "description": "Grants permission to retrieve the current override state of a given pull request", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequestOverrideState.html" + }, + "GetReferences": { + "privilege": "GetReferences", + "description": "Grants permission to get details about references in an AWS CodeCommit repository; does not control Git reference actions", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" + }, + "GetRepository": { + "privilege": "GetRepository", + "description": "Grants permission to get information about an AWS CodeCommit repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetRepository.html" + }, + "GetRepositoryTriggers": { + "privilege": "GetRepositoryTriggers", + "description": "Grants permission to get information about triggers configured for a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetRepositoryTriggers.html" + }, + "GetTree": { + "privilege": "GetTree", + "description": "Grants permission to view the contents of a specified tree in an AWS CodeCommit repository from the AWS CodeCommit console", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-code" + }, + "GetUploadArchiveStatus": { + "privilege": "GetUploadArchiveStatus", + "description": "Grants permission to get status information about an archive upload to a pipeline in AWS CodePipeline", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-acp" + }, + "GitPull": { + "privilege": "GitPull", + "description": "Grants permission to pull information from an AWS CodeCommit repository to a local repo", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-git" + }, + "GitPush": { + "privilege": "GitPush", + "description": "Grants permission to push information from a local repo to an AWS CodeCommit repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-git" + }, + "ListApprovalRuleTemplates": { + "privilege": "ListApprovalRuleTemplates", + "description": "Grants permission to list all approval rule templates in an AWS Region for the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListApprovalRuleTemplates.html" + }, + "ListAssociatedApprovalRuleTemplatesForRepository": { + "privilege": "ListAssociatedApprovalRuleTemplatesForRepository", + "description": "Grants permission to list approval rule templates that are associated with a repository", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListAssociatedApprovalRuleTemplatesForRepository.html" + }, + "ListBranches": { + "privilege": "ListBranches", + "description": "Grants permission to list branches for an AWS CodeCommit repository with this API; does not control Git branch actions", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListBranches.html" + }, + "ListPullRequests": { + "privilege": "ListPullRequests", + "description": "Grants permission to list pull requests for a specified repository", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListPullRequests.html" + }, + "ListRepositories": { + "privilege": "ListRepositories", + "description": "Grants permission to list information about AWS CodeCommit repositories in the current Region for your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListRepositories.html" + }, + "ListRepositoriesForApprovalRuleTemplate": { + "privilege": "ListRepositoriesForApprovalRuleTemplate", + "description": "Grants permission to list repositories that are associated with an approval rule template", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListRepositoriesForApprovalRuleTemplate.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the resource attached to a CodeCommit resource ARN", + "access_level": "List", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListTagsForResource.html" + }, + "MergeBranchesByFastForward": { + "privilege": "MergeBranchesByFastForward", + "description": "Grants permission to merge two commits into the specified destination branch using the fast-forward merge option", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergeBranchesByFastForward.html" + }, + "MergeBranchesBySquash": { + "privilege": "MergeBranchesBySquash", + "description": "Grants permission to merge two commits into the specified destination branch using the squash merge option", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergeBranchesBySquash.html" + }, + "MergeBranchesByThreeWay": { + "privilege": "MergeBranchesByThreeWay", + "description": "Grants permission to merge two commits into the specified destination branch using the three-way merge option", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergeBranchesByThreeWay.html" + }, + "MergePullRequestByFastForward": { + "privilege": "MergePullRequestByFastForward", + "description": "Grants permission to close a pull request and attempt to merge it into the specified destination branch for that pull request at the specified commit using the fast-forward merge option", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestByFastForward.html" + }, + "MergePullRequestBySquash": { + "privilege": "MergePullRequestBySquash", + "description": "Grants permission to close a pull request and attempt to merge it into the specified destination branch for that pull request at the specified commit using the squash merge option", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestBySquash.html" + }, + "MergePullRequestByThreeWay": { + "privilege": "MergePullRequestByThreeWay", + "description": "Grants permission to close a pull request and attempt to merge it into the specified destination branch for that pull request at the specified commit using the three-way merge option", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestByThreeWay.html" + }, + "OverridePullRequestApprovalRules": { + "privilege": "OverridePullRequestApprovalRules", + "description": "Grants permission to override all approval rules for a pull request, including approval rules created by a template", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_OverridePullRequestApprovalRules.html" + }, + "PostCommentForComparedCommit": { + "privilege": "PostCommentForComparedCommit", + "description": "Grants permission to post a comment on the comparison between two commits", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PostCommentForComparedCommit.html" + }, + "PostCommentForPullRequest": { + "privilege": "PostCommentForPullRequest", + "description": "Grants permission to post a comment on a pull request", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PostCommentForPullRequest.html" + }, + "PostCommentReply": { + "privilege": "PostCommentReply", + "description": "Grants permission to post a comment in reply to a comment on a comparison between commits or a pull request", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PostCommentReply.html" + }, + "PutCommentReaction": { + "privilege": "PutCommentReaction", + "description": "Grants permission to post a reaction on a comment", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PutCommentReaction.html" + }, + "PutFile": { + "privilege": "PutFile", + "description": "Grants permission to add or update a file in a branch in an AWS CodeCommit repository, and generate a commit for the addition in the specified branch", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codecommit:References" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PutFile.html" + }, + "PutRepositoryTriggers": { + "privilege": "PutRepositoryTriggers", + "description": "Grants permission to create, update, or delete triggers for a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_PutRepositoryTriggers.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to attach resource tags to a CodeCommit resource ARN", + "access_level": "Tagging", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_TagResource.html" + }, + "TestRepositoryTriggers": { + "privilege": "TestRepositoryTriggers", + "description": "Grants permission to test the functionality of repository triggers by sending information to the trigger target", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_TestRepositoryTriggers.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to disassociate resource tags from a CodeCommit resource ARN", + "access_level": "Tagging", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UntagResource.html" + }, + "UpdateApprovalRuleTemplateContent": { + "privilege": "UpdateApprovalRuleTemplateContent", + "description": "Grants permission to update the content of approval rule templates; does not grant permission to update content of approval rules created specifically for pull requests", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateApprovalRuleTemplateContent.html" + }, + "UpdateApprovalRuleTemplateDescription": { + "privilege": "UpdateApprovalRuleTemplateDescription", + "description": "Grants permission to update the description of approval rule templates", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateApprovalRuleTemplateDescription.html" + }, + "UpdateApprovalRuleTemplateName": { + "privilege": "UpdateApprovalRuleTemplateName", + "description": "Grants permission to update the name of approval rule templates", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateApprovalRuleTemplateName.html" + }, + "UpdateComment": { + "privilege": "UpdateComment", + "description": "Grants permission to update the contents of a comment if the identity matches the identity used to create the comment", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateComment.html" + }, + "UpdateDefaultBranch": { + "privilege": "UpdateDefaultBranch", + "description": "Grants permission to change the default branch in an AWS CodeCommit repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateDefaultBranch.html" + }, + "UpdatePullRequestApprovalRuleContent": { + "privilege": "UpdatePullRequestApprovalRuleContent", + "description": "Grants permission to update the content for approval rules created for a specific pull requests; does not grant permission to update approval rule content for rules created with an approval rule template", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestApprovalRuleContent.html" + }, + "UpdatePullRequestApprovalState": { + "privilege": "UpdatePullRequestApprovalState", + "description": "Grants permission to update the approval state for pull requests", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestApprovalState.html" + }, + "UpdatePullRequestDescription": { + "privilege": "UpdatePullRequestDescription", + "description": "Grants permission to update the description of a pull request", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestDescription.html" + }, + "UpdatePullRequestStatus": { + "privilege": "UpdatePullRequestStatus", + "description": "Grants permission to update the status of a pull request", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestStatus.html" + }, + "UpdatePullRequestTitle": { + "privilege": "UpdatePullRequestTitle", + "description": "Grants permission to update the title of a pull request", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestTitle.html" + }, + "UpdateRepositoryDescription": { + "privilege": "UpdateRepositoryDescription", + "description": "Grants permission to change the description of an AWS CodeCommit repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateRepositoryDescription.html" + }, + "UpdateRepositoryName": { + "privilege": "UpdateRepositoryName", + "description": "Grants permission to change the name of an AWS CodeCommit repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateRepositoryName.html" + }, + "UploadArchive": { + "privilege": "UploadArchive", + "description": "Grants permission to the service role for AWS CodePipeline to upload repository changes into a pipeline", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html#aa-acp" + } + }, + "privileges_lower_name": { + "associateapprovalruletemplatewithrepository": "AssociateApprovalRuleTemplateWithRepository", + "batchassociateapprovalruletemplatewithrepositories": "BatchAssociateApprovalRuleTemplateWithRepositories", + "batchdescribemergeconflicts": "BatchDescribeMergeConflicts", + "batchdisassociateapprovalruletemplatefromrepositories": "BatchDisassociateApprovalRuleTemplateFromRepositories", + "batchgetcommits": "BatchGetCommits", + "batchgetpullrequests": "BatchGetPullRequests", + "batchgetrepositories": "BatchGetRepositories", + "canceluploadarchive": "CancelUploadArchive", + "createapprovalruletemplate": "CreateApprovalRuleTemplate", + "createbranch": "CreateBranch", + "createcommit": "CreateCommit", + "createpullrequest": "CreatePullRequest", + "createpullrequestapprovalrule": "CreatePullRequestApprovalRule", + "createrepository": "CreateRepository", + "createunreferencedmergecommit": "CreateUnreferencedMergeCommit", + "deleteapprovalruletemplate": "DeleteApprovalRuleTemplate", + "deletebranch": "DeleteBranch", + "deletecommentcontent": "DeleteCommentContent", + "deletefile": "DeleteFile", + "deletepullrequestapprovalrule": "DeletePullRequestApprovalRule", + "deleterepository": "DeleteRepository", + "describemergeconflicts": "DescribeMergeConflicts", + "describepullrequestevents": "DescribePullRequestEvents", + "disassociateapprovalruletemplatefromrepository": "DisassociateApprovalRuleTemplateFromRepository", + "evaluatepullrequestapprovalrules": "EvaluatePullRequestApprovalRules", + "getapprovalruletemplate": "GetApprovalRuleTemplate", + "getblob": "GetBlob", + "getbranch": "GetBranch", + "getcomment": "GetComment", + "getcommentreactions": "GetCommentReactions", + "getcommentsforcomparedcommit": "GetCommentsForComparedCommit", + "getcommentsforpullrequest": "GetCommentsForPullRequest", + "getcommit": "GetCommit", + "getcommithistory": "GetCommitHistory", + "getcommitsfrommergebase": "GetCommitsFromMergeBase", + "getdifferences": "GetDifferences", + "getfile": "GetFile", + "getfolder": "GetFolder", + "getmergecommit": "GetMergeCommit", + "getmergeconflicts": "GetMergeConflicts", + "getmergeoptions": "GetMergeOptions", + "getobjectidentifier": "GetObjectIdentifier", + "getpullrequest": "GetPullRequest", + "getpullrequestapprovalstates": "GetPullRequestApprovalStates", + "getpullrequestoverridestate": "GetPullRequestOverrideState", + "getreferences": "GetReferences", + "getrepository": "GetRepository", + "getrepositorytriggers": "GetRepositoryTriggers", + "gettree": "GetTree", + "getuploadarchivestatus": "GetUploadArchiveStatus", + "gitpull": "GitPull", + "gitpush": "GitPush", + "listapprovalruletemplates": "ListApprovalRuleTemplates", + "listassociatedapprovalruletemplatesforrepository": "ListAssociatedApprovalRuleTemplatesForRepository", + "listbranches": "ListBranches", + "listpullrequests": "ListPullRequests", + "listrepositories": "ListRepositories", + "listrepositoriesforapprovalruletemplate": "ListRepositoriesForApprovalRuleTemplate", + "listtagsforresource": "ListTagsForResource", + "mergebranchesbyfastforward": "MergeBranchesByFastForward", + "mergebranchesbysquash": "MergeBranchesBySquash", + "mergebranchesbythreeway": "MergeBranchesByThreeWay", + "mergepullrequestbyfastforward": "MergePullRequestByFastForward", + "mergepullrequestbysquash": "MergePullRequestBySquash", + "mergepullrequestbythreeway": "MergePullRequestByThreeWay", + "overridepullrequestapprovalrules": "OverridePullRequestApprovalRules", + "postcommentforcomparedcommit": "PostCommentForComparedCommit", + "postcommentforpullrequest": "PostCommentForPullRequest", + "postcommentreply": "PostCommentReply", + "putcommentreaction": "PutCommentReaction", + "putfile": "PutFile", + "putrepositorytriggers": "PutRepositoryTriggers", + "tagresource": "TagResource", + "testrepositorytriggers": "TestRepositoryTriggers", + "untagresource": "UntagResource", + "updateapprovalruletemplatecontent": "UpdateApprovalRuleTemplateContent", + "updateapprovalruletemplatedescription": "UpdateApprovalRuleTemplateDescription", + "updateapprovalruletemplatename": "UpdateApprovalRuleTemplateName", + "updatecomment": "UpdateComment", + "updatedefaultbranch": "UpdateDefaultBranch", + "updatepullrequestapprovalrulecontent": "UpdatePullRequestApprovalRuleContent", + "updatepullrequestapprovalstate": "UpdatePullRequestApprovalState", + "updatepullrequestdescription": "UpdatePullRequestDescription", + "updatepullrequeststatus": "UpdatePullRequestStatus", + "updatepullrequesttitle": "UpdatePullRequestTitle", + "updaterepositorydescription": "UpdateRepositoryDescription", + "updaterepositoryname": "UpdateRepositoryName", + "uploadarchive": "UploadArchive" + }, + "resources": { + "repository": { + "resource": "repository", + "arn": "arn:${Partition}:codecommit:${Region}:${Account}:${RepositoryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "repository": "repository" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "codecommit:References": { + "condition": "codecommit:References", + "description": "Filters access by Git reference to specified AWS CodeCommit actions", + "type": "String" + } + } + }, + "codedeploy": { + "service_name": "AWS CodeDeploy", + "prefix": "codedeploy", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodedeploy.html", + "privileges": { + "AddTagsToOnPremisesInstances": { + "privilege": "AddTagsToOnPremisesInstances", + "description": "Grants permission to add tags to one or more on-premises instances", + "access_level": "Tagging", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_AddTagsToOnPremisesInstances.html" + }, + "BatchGetApplicationRevisions": { + "privilege": "BatchGetApplicationRevisions", + "description": "Grants permission to get information about one or more application revisions", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetApplicationRevisions.html" + }, + "BatchGetApplications": { + "privilege": "BatchGetApplications", + "description": "Grants permission to get information about multiple applications associated with the IAM user", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetApplications.html" + }, + "BatchGetDeploymentGroups": { + "privilege": "BatchGetDeploymentGroups", + "description": "Grants permission to get information about one or more deployment groups", + "access_level": "Read", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeploymentGroups.html" + }, + "BatchGetDeploymentInstances": { + "privilege": "BatchGetDeploymentInstances", + "description": "Grants permission to get information about one or more instance that are part of a deployment group", + "access_level": "Read", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeploymentInstances.html" + }, + "BatchGetDeploymentTargets": { + "privilege": "BatchGetDeploymentTargets", + "description": "Grants permission to return an array of one or more targets associated with a deployment. This method works with all compute types and should be used instead of the deprecated BatchGetDeploymentInstances. The maximum number of targets that can be returned is 25", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeploymentTargets.html" + }, + "BatchGetDeployments": { + "privilege": "BatchGetDeployments", + "description": "Grants permission to get information about multiple deployments associated with the IAM user", + "access_level": "Read", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetDeployments.html" + }, + "BatchGetOnPremisesInstances": { + "privilege": "BatchGetOnPremisesInstances", + "description": "Grants permission to get information about one or more on-premises instances", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_BatchGetOnPremisesInstances.html" + }, + "ContinueDeployment": { + "privilege": "ContinueDeployment", + "description": "Grants permission to start the process of rerouting traffic from instances in the original environment to instances in thereplacement environment without waiting for a specified wait time to elapse", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application associated with the IAM user", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateApplication.html" + }, + "CreateCloudFormationDeployment": { + "privilege": "CreateCloudFormationDeployment", + "description": "Grants permission to create CloudFormation deployment to cooperate ochestration for a CloudFormation stack update", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "CreateDeployment": { + "privilege": "CreateDeployment", + "description": "Grants permission to create a deployment for an application associated with the IAM user", + "access_level": "Write", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeployment.html" + }, + "CreateDeploymentConfig": { + "privilege": "CreateDeploymentConfig", + "description": "Grants permission to create a custom deployment configuration associated with the IAM user", + "access_level": "Write", + "resource_types": { + "deploymentconfig": { + "resource_type": "deploymentconfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentconfig": "deploymentconfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeploymentConfig.html" + }, + "CreateDeploymentGroup": { + "privilege": "CreateDeploymentGroup", + "description": "Grants permission to create a deployment group for an application associated with the IAM user", + "access_level": "Write", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeploymentGroup.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application associated with the IAM user", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteApplication.html" + }, + "DeleteDeploymentConfig": { + "privilege": "DeleteDeploymentConfig", + "description": "Grants permission to delete a custom deployment configuration associated with the IAM user", + "access_level": "Write", + "resource_types": { + "deploymentconfig": { + "resource_type": "deploymentconfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentconfig": "deploymentconfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteDeploymentConfig.html" + }, + "DeleteDeploymentGroup": { + "privilege": "DeleteDeploymentGroup", + "description": "Grants permission to delete a deployment group for an application associated with the IAM user", + "access_level": "Write", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteDeploymentGroup.html" + }, + "DeleteGitHubAccountToken": { + "privilege": "DeleteGitHubAccountToken", + "description": "Grants permission to delete a GitHub account connection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteGitHubAccountToken.html" + }, + "DeleteResourcesByExternalId": { + "privilege": "DeleteResourcesByExternalId", + "description": "Grants permission to delete resources associated with the given external Id", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeleteResourcesByExternalId.html" + }, + "DeregisterOnPremisesInstance": { + "privilege": "DeregisterOnPremisesInstance", + "description": "Grants permission to deregister an on-premises instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_DeregisterOnPremisesInstance.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to get information about a single application associated with the IAM user", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetApplication.html" + }, + "GetApplicationRevision": { + "privilege": "GetApplicationRevision", + "description": "Grants permission to get information about a single application revision for an application associated with the IAM user", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetApplicationRevision.html" + }, + "GetDeployment": { + "privilege": "GetDeployment", + "description": "Grants permission to get information about a single deployment to a deployment group for an application associated with the IAM user", + "access_level": "List", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeployment.html" + }, + "GetDeploymentConfig": { + "privilege": "GetDeploymentConfig", + "description": "Grants permission to get information about a single deployment configuration associated with the IAM user", + "access_level": "List", + "resource_types": { + "deploymentconfig": { + "resource_type": "deploymentconfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentconfig": "deploymentconfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentConfig.html" + }, + "GetDeploymentGroup": { + "privilege": "GetDeploymentGroup", + "description": "Grants permission to get information about a single deployment group for an application associated with the IAM user", + "access_level": "List", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentGroup.html" + }, + "GetDeploymentInstance": { + "privilege": "GetDeploymentInstance", + "description": "Grants permission to get information about a single instance in a deployment associated with the IAM user", + "access_level": "List", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentInstance.html" + }, + "GetDeploymentTarget": { + "privilege": "GetDeploymentTarget", + "description": "Grants permission to return information about a deployment target", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetDeploymentTarget.html" + }, + "GetOnPremisesInstance": { + "privilege": "GetOnPremisesInstance", + "description": "Grants permission to get information about a single on-premises instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_GetOnPremisesInstance.html" + }, + "ListApplicationRevisions": { + "privilege": "ListApplicationRevisions", + "description": "Grants permission to get information about all application revisions for an application associated with the IAM user", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListApplicationRevisions.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to get information about all applications associated with the IAM user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListApplications.html" + }, + "ListDeploymentConfigs": { + "privilege": "ListDeploymentConfigs", + "description": "Grants permission to get information about all deployment configurations associated with the IAM user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentConfigs.html" + }, + "ListDeploymentGroups": { + "privilege": "ListDeploymentGroups", + "description": "Grants permission to get information about all deployment groups for an application associated with the IAM user", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentGroups.html" + }, + "ListDeploymentInstances": { + "privilege": "ListDeploymentInstances", + "description": "Grants permission to get information about all instances in a deployment associated with the IAM user", + "access_level": "List", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentInstances.html" + }, + "ListDeploymentTargets": { + "privilege": "ListDeploymentTargets", + "description": "Grants permission to return an array of target IDs that are associated a deployment", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeploymentTargets.html" + }, + "ListDeployments": { + "privilege": "ListDeployments", + "description": "Grants permission to get information about all deployments to a deployment group associated with the IAM user, or to get all deployments associated with the IAM user", + "access_level": "List", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListDeployments.html" + }, + "ListGitHubAccountTokenNames": { + "privilege": "ListGitHubAccountTokenNames", + "description": "Grants permission to list the names of stored connections to GitHub accounts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListGitHubAccountTokenNames.html" + }, + "ListOnPremisesInstances": { + "privilege": "ListOnPremisesInstances", + "description": "Grants permission to get a list of one or more on-premises instance names", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListOnPremisesInstances.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return a list of tags for the resource identified by a specified ARN. Tags are used to organize and categorize your CodeDeploy resources", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ListTagsForResource.html" + }, + "PutLifecycleEventHookExecutionStatus": { + "privilege": "PutLifecycleEventHookExecutionStatus", + "description": "Grants permission to notify a lifecycle event hook execution status for associated deployment with the IAM user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_PutLifecycleEventHookExecutionStatus.html" + }, + "RegisterApplicationRevision": { + "privilege": "RegisterApplicationRevision", + "description": "Grants permission to register information about an application revision for an application associated with the IAM user", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_RegisterApplicationRevision.html" + }, + "RegisterOnPremisesInstance": { + "privilege": "RegisterOnPremisesInstance", + "description": "Grants permission to register an on-premises instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_RegisterOnPremisesInstance.html" + }, + "RemoveTagsFromOnPremisesInstances": { + "privilege": "RemoveTagsFromOnPremisesInstances", + "description": "Grants permission to remove tags from one or more on-premises instances", + "access_level": "Tagging", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_RemoveTagsFromOnPremisesInstances.html" + }, + "SkipWaitTimeForInstanceTermination": { + "privilege": "SkipWaitTimeForInstanceTermination", + "description": "Grants permission to override any specified wait time and starts terminating instances immediately after the traffic routing is complete. This action applies to blue-green deployments only", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_SkipWaitTimeForInstanceTermination.html" + }, + "StopDeployment": { + "privilege": "StopDeployment", + "description": "Grants permission to stop a deployment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_StopDeployment.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate the list of tags in the input Tags parameter with the resource identified by the ResourceArn input parameter", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "deploymentgroup": "deploymentgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to disassociate a resource from a list of tags. The resource is identified by the ResourceArn input parameter. The tags are identfied by the list of keys in the TagKeys input parameter", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "deploymentgroup": "deploymentgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_UpdateApplication.html" + }, + "UpdateDeploymentGroup": { + "privilege": "UpdateDeploymentGroup", + "description": "Grants permission to change information about a single deployment group for an application associated with the IAM user", + "access_level": "Write", + "resource_types": { + "deploymentgroup": { + "resource_type": "deploymentgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentgroup": "deploymentgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_UpdateDeploymentGroup.html" + } + }, + "privileges_lower_name": { + "addtagstoonpremisesinstances": "AddTagsToOnPremisesInstances", + "batchgetapplicationrevisions": "BatchGetApplicationRevisions", + "batchgetapplications": "BatchGetApplications", + "batchgetdeploymentgroups": "BatchGetDeploymentGroups", + "batchgetdeploymentinstances": "BatchGetDeploymentInstances", + "batchgetdeploymenttargets": "BatchGetDeploymentTargets", + "batchgetdeployments": "BatchGetDeployments", + "batchgetonpremisesinstances": "BatchGetOnPremisesInstances", + "continuedeployment": "ContinueDeployment", + "createapplication": "CreateApplication", + "createcloudformationdeployment": "CreateCloudFormationDeployment", + "createdeployment": "CreateDeployment", + "createdeploymentconfig": "CreateDeploymentConfig", + "createdeploymentgroup": "CreateDeploymentGroup", + "deleteapplication": "DeleteApplication", + "deletedeploymentconfig": "DeleteDeploymentConfig", + "deletedeploymentgroup": "DeleteDeploymentGroup", + "deletegithubaccounttoken": "DeleteGitHubAccountToken", + "deleteresourcesbyexternalid": "DeleteResourcesByExternalId", + "deregisteronpremisesinstance": "DeregisterOnPremisesInstance", + "getapplication": "GetApplication", + "getapplicationrevision": "GetApplicationRevision", + "getdeployment": "GetDeployment", + "getdeploymentconfig": "GetDeploymentConfig", + "getdeploymentgroup": "GetDeploymentGroup", + "getdeploymentinstance": "GetDeploymentInstance", + "getdeploymenttarget": "GetDeploymentTarget", + "getonpremisesinstance": "GetOnPremisesInstance", + "listapplicationrevisions": "ListApplicationRevisions", + "listapplications": "ListApplications", + "listdeploymentconfigs": "ListDeploymentConfigs", + "listdeploymentgroups": "ListDeploymentGroups", + "listdeploymentinstances": "ListDeploymentInstances", + "listdeploymenttargets": "ListDeploymentTargets", + "listdeployments": "ListDeployments", + "listgithubaccounttokennames": "ListGitHubAccountTokenNames", + "listonpremisesinstances": "ListOnPremisesInstances", + "listtagsforresource": "ListTagsForResource", + "putlifecycleeventhookexecutionstatus": "PutLifecycleEventHookExecutionStatus", + "registerapplicationrevision": "RegisterApplicationRevision", + "registeronpremisesinstance": "RegisterOnPremisesInstance", + "removetagsfromonpremisesinstances": "RemoveTagsFromOnPremisesInstances", + "skipwaittimeforinstancetermination": "SkipWaitTimeForInstanceTermination", + "stopdeployment": "StopDeployment", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication", + "updatedeploymentgroup": "UpdateDeploymentGroup" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:application:${ApplicationName}", + "condition_keys": [] + }, + "deploymentconfig": { + "resource": "deploymentconfig", + "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:deploymentconfig:${DeploymentConfigurationName}", + "condition_keys": [] + }, + "deploymentgroup": { + "resource": "deploymentgroup", + "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:deploymentgroup:${ApplicationName}/${DeploymentGroupName}", + "condition_keys": [] + }, + "instance": { + "resource": "instance", + "arn": "arn:${Partition}:codedeploy:${Region}:${Account}:instance:${InstanceName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "application": "application", + "deploymentconfig": "deploymentconfig", + "deploymentgroup": "deploymentgroup", + "instance": "instance" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "codedeploy-commands-secure": { + "service_name": "AWS CodeDeploy secure host commands service", + "prefix": "codedeploy-commands-secure", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodedeploysecurehostcommandsservice.html", + "privileges": { + "GetDeploymentSpecification": { + "privilege": "GetDeploymentSpecification", + "description": "Grants permission to get deployment specification", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" + }, + "PollHostCommand": { + "privilege": "PollHostCommand", + "description": "Grants permission to request host agent commands", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" + }, + "PutHostCommandAcknowledgement": { + "privilege": "PutHostCommandAcknowledgement", + "description": "Grants permission to mark host agent commands acknowledged", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" + }, + "PutHostCommandComplete": { + "privilege": "PutHostCommandComplete", + "description": "Grants permission to mark host agent commands completed", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codedeploy/latest/userguide/vpc-endpoints.html#vpc-codedeploy-agent-configuration" + } + }, + "privileges_lower_name": { + "getdeploymentspecification": "GetDeploymentSpecification", + "pollhostcommand": "PollHostCommand", + "puthostcommandacknowledgement": "PutHostCommandAcknowledgement", + "puthostcommandcomplete": "PutHostCommandComplete" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "codepipeline": { + "service_name": "AWS CodePipeline", + "prefix": "codepipeline", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodepipeline.html", + "privileges": { + "AcknowledgeJob": { + "privilege": "AcknowledgeJob", + "description": "Grants permission to view information about a specified job and whether that job has been received by the job worker", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_AcknowledgeJob.html" + }, + "AcknowledgeThirdPartyJob": { + "privilege": "AcknowledgeThirdPartyJob", + "description": "Grants permission to confirm that a job worker has received the specified job (partner actions only)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_AcknowledgeThirdPartyJob.html" + }, + "CreateCustomActionType": { + "privilege": "CreateCustomActionType", + "description": "Grants permission to create a custom action that you can use in the pipelines associated with your AWS account", + "access_level": "Write", + "resource_types": { + "actiontype": { + "resource_type": "actiontype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "actiontype": "actiontype", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_CreateCustomActionType.html" + }, + "CreatePipeline": { + "privilege": "CreatePipeline", + "description": "Grants permission to create a uniquely named pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_CreatePipeline.html" + }, + "DeleteCustomActionType": { + "privilege": "DeleteCustomActionType", + "description": "Grants permission to delete a custom action", + "access_level": "Write", + "resource_types": { + "actiontype": { + "resource_type": "actiontype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "actiontype": "actiontype" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeleteCustomActionType.html" + }, + "DeletePipeline": { + "privilege": "DeletePipeline", + "description": "Grants permission to delete a specified pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeletePipeline.html" + }, + "DeleteWebhook": { + "privilege": "DeleteWebhook", + "description": "Grants permission to delete a specified webhook", + "access_level": "Write", + "resource_types": { + "webhook": { + "resource_type": "webhook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webhook": "webhook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeleteWebhook.html" + }, + "DeregisterWebhookWithThirdParty": { + "privilege": "DeregisterWebhookWithThirdParty", + "description": "Grants permission to remove the registration of a webhook with the third party specified in its configuration", + "access_level": "Write", + "resource_types": { + "webhook": { + "resource_type": "webhook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webhook": "webhook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DeregisterWebhookWithThirdParty.html" + }, + "DisableStageTransition": { + "privilege": "DisableStageTransition", + "description": "Grants permission to prevent revisions from transitioning to the next stage in a pipeline", + "access_level": "Write", + "resource_types": { + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_DisableStageTransition.html" + }, + "EnableStageTransition": { + "privilege": "EnableStageTransition", + "description": "Grants permission to allow revisions to transition to the next stage in a pipeline", + "access_level": "Write", + "resource_types": { + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_EnableStageTransition.html" + }, + "GetActionType": { + "privilege": "GetActionType", + "description": "Grants permission to view information about an action type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetActionType.html" + }, + "GetJobDetails": { + "privilege": "GetJobDetails", + "description": "Grants permission to view information about a job (custom actions only)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetJobDetails.html" + }, + "GetPipeline": { + "privilege": "GetPipeline", + "description": "Grants permission to retrieve information about a pipeline structure", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetPipeline.html" + }, + "GetPipelineExecution": { + "privilege": "GetPipelineExecution", + "description": "Grants permission to view information about an execution of a pipeline, including details about artifacts, the pipeline execution ID, and the name, version, and status of the pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetPipelineExecution.html" + }, + "GetPipelineState": { + "privilege": "GetPipelineState", + "description": "Grants permission to view information about the current state of the stages and actions of a pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetPipelineState.html" + }, + "GetThirdPartyJobDetails": { + "privilege": "GetThirdPartyJobDetails", + "description": "Grants permission to view the details of a job for a third-party action (partner actions only)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_GetThirdPartyJobDetails.html" + }, + "ListActionExecutions": { + "privilege": "ListActionExecutions", + "description": "Grants permission to list the action executions that have occurred in a pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListActionExecutions.html" + }, + "ListActionTypes": { + "privilege": "ListActionTypes", + "description": "Grants permission to list a summary of all the action types available for pipelines in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListActionTypes.html" + }, + "ListPipelineExecutions": { + "privilege": "ListPipelineExecutions", + "description": "Grants permission to list a summary of the most recent executions for a pipeline", + "access_level": "List", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListPipelineExecutions.html" + }, + "ListPipelines": { + "privilege": "ListPipelines", + "description": "Grants permission to list a summary of all the pipelines associated with your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListPipelines.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a CodePipeline resource", + "access_level": "Read", + "resource_types": { + "actiontype": { + "resource_type": "actiontype", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webhook": { + "resource_type": "webhook", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "actiontype": "actiontype", + "pipeline": "pipeline", + "webhook": "webhook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListTagsForResource.html" + }, + "ListWebhooks": { + "privilege": "ListWebhooks", + "description": "Grants permission to list all of the webhooks associated with your AWS account", + "access_level": "List", + "resource_types": { + "webhook": { + "resource_type": "webhook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webhook": "webhook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ListWebhooks.html" + }, + "PollForJobs": { + "privilege": "PollForJobs", + "description": "Grants permission to view information about any jobs for CodePipeline to act on", + "access_level": "Write", + "resource_types": { + "actiontype": { + "resource_type": "actiontype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "actiontype": "actiontype" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PollForJobs.html" + }, + "PollForThirdPartyJobs": { + "privilege": "PollForThirdPartyJobs", + "description": "Grants permission to determine whether there are any third-party jobs for a job worker to act on (partner actions only)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PollForThirdPartyJobs.html" + }, + "PutActionRevision": { + "privilege": "PutActionRevision", + "description": "Grants permission to edit actions in a pipeline", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutActionRevision.html" + }, + "PutApprovalResult": { + "privilege": "PutApprovalResult", + "description": "Grants permission to provide a response (Approved or Rejected) to a manual approval request in CodePipeline", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutApprovalResult.html" + }, + "PutJobFailureResult": { + "privilege": "PutJobFailureResult", + "description": "Grants permission to represent the failure of a job as returned to the pipeline by a job worker (custom actions only)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutJobFailureResult.html" + }, + "PutJobSuccessResult": { + "privilege": "PutJobSuccessResult", + "description": "Grants permission to represent the success of a job as returned to the pipeline by a job worker (custom actions only)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutJobSuccessResult.html" + }, + "PutThirdPartyJobFailureResult": { + "privilege": "PutThirdPartyJobFailureResult", + "description": "Grants permission to represent the failure of a third-party job as returned to the pipeline by a job worker (partner actions only)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutThirdPartyJobFailureResult.html" + }, + "PutThirdPartyJobSuccessResult": { + "privilege": "PutThirdPartyJobSuccessResult", + "description": "Grants permission to represent the success of a third-party job as returned to the pipeline by a job worker (partner actions only)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutThirdPartyJobSuccessResult.html" + }, + "PutWebhook": { + "privilege": "PutWebhook", + "description": "Grants permission to create or update a webhook", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "webhook": { + "resource_type": "webhook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline", + "webhook": "webhook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_PutWebhook.html" + }, + "RegisterWebhookWithThirdParty": { + "privilege": "RegisterWebhookWithThirdParty", + "description": "Grants permission to register a webhook with the third party specified in its configuration", + "access_level": "Write", + "resource_types": { + "webhook": { + "resource_type": "webhook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webhook": "webhook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_RegisterWebhookWithThirdParty.html" + }, + "RetryStageExecution": { + "privilege": "RetryStageExecution", + "description": "Grants permission to resume the pipeline execution by retrying the last failed actions in a stage", + "access_level": "Write", + "resource_types": { + "stage": { + "resource_type": "stage", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stage": "stage" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_RetryStageExecution.html" + }, + "StartPipelineExecution": { + "privilege": "StartPipelineExecution", + "description": "Grants permission to run the most recent revision through the pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_StartPipelineExecution.html" + }, + "StopPipelineExecution": { + "privilege": "StopPipelineExecution", + "description": "Grants permission to stop an in-progress pipeline execution", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_StopPipelineExecution.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a CodePipeline resource", + "access_level": "Tagging", + "resource_types": { + "actiontype": { + "resource_type": "actiontype", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webhook": { + "resource_type": "webhook", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "actiontype": "actiontype", + "pipeline": "pipeline", + "webhook": "webhook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a CodePipeline resource", + "access_level": "Tagging", + "resource_types": { + "actiontype": { + "resource_type": "actiontype", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webhook": { + "resource_type": "webhook", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "actiontype": "actiontype", + "pipeline": "pipeline", + "webhook": "webhook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_UntagResource.html" + }, + "UpdateActionType": { + "privilege": "UpdateActionType", + "description": "Grants permission to update an action type", + "access_level": "Write", + "resource_types": { + "actiontype": { + "resource_type": "actiontype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "actiontype": "actiontype" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_UpdateActionType.html" + }, + "UpdatePipeline": { + "privilege": "UpdatePipeline", + "description": "Grants permission to update a pipeline with changes to the structure of the pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_UpdatePipeline.html" + } + }, + "privileges_lower_name": { + "acknowledgejob": "AcknowledgeJob", + "acknowledgethirdpartyjob": "AcknowledgeThirdPartyJob", + "createcustomactiontype": "CreateCustomActionType", + "createpipeline": "CreatePipeline", + "deletecustomactiontype": "DeleteCustomActionType", + "deletepipeline": "DeletePipeline", + "deletewebhook": "DeleteWebhook", + "deregisterwebhookwiththirdparty": "DeregisterWebhookWithThirdParty", + "disablestagetransition": "DisableStageTransition", + "enablestagetransition": "EnableStageTransition", + "getactiontype": "GetActionType", + "getjobdetails": "GetJobDetails", + "getpipeline": "GetPipeline", + "getpipelineexecution": "GetPipelineExecution", + "getpipelinestate": "GetPipelineState", + "getthirdpartyjobdetails": "GetThirdPartyJobDetails", + "listactionexecutions": "ListActionExecutions", + "listactiontypes": "ListActionTypes", + "listpipelineexecutions": "ListPipelineExecutions", + "listpipelines": "ListPipelines", + "listtagsforresource": "ListTagsForResource", + "listwebhooks": "ListWebhooks", + "pollforjobs": "PollForJobs", + "pollforthirdpartyjobs": "PollForThirdPartyJobs", + "putactionrevision": "PutActionRevision", + "putapprovalresult": "PutApprovalResult", + "putjobfailureresult": "PutJobFailureResult", + "putjobsuccessresult": "PutJobSuccessResult", + "putthirdpartyjobfailureresult": "PutThirdPartyJobFailureResult", + "putthirdpartyjobsuccessresult": "PutThirdPartyJobSuccessResult", + "putwebhook": "PutWebhook", + "registerwebhookwiththirdparty": "RegisterWebhookWithThirdParty", + "retrystageexecution": "RetryStageExecution", + "startpipelineexecution": "StartPipelineExecution", + "stoppipelineexecution": "StopPipelineExecution", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateactiontype": "UpdateActionType", + "updatepipeline": "UpdatePipeline" + }, + "resources": { + "action": { + "resource": "action", + "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:${PipelineName}/${StageName}/${ActionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "actiontype": { + "resource": "actiontype", + "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:actiontype:${Owner}/${Category}/${Provider}/${Version}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "pipeline": { + "resource": "pipeline", + "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:${PipelineName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stage": { + "resource": "stage", + "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:${PipelineName}/${StageName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "webhook": { + "resource": "webhook", + "arn": "arn:${Partition}:codepipeline:${Region}:${Account}:webhook:${WebhookName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "action": "action", + "actiontype": "actiontype", + "pipeline": "pipeline", + "stage": "stage", + "webhook": "webhook" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "codestar": { + "service_name": "AWS CodeStar", + "prefix": "codestar", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodestar.html", + "privileges": { + "AssociateTeamMember": { + "privilege": "AssociateTeamMember", + "description": "Grants permission to add a user to the team for an AWS CodeStar project", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_AssociateTeamMember.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a project with minimal structure, customer policies, and no resources", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_CreateProject.html" + }, + "CreateUserProfile": { + "privilege": "CreateUserProfile", + "description": "Grants permission to create a profile for a user that includes user preferences, display name, and email", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_CreateUserProfile.html" + }, + "DeleteExtendedAccess": { + "privilege": "DeleteExtendedAccess", + "description": "Grants permission to extended delete APIs", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": null + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project, including project resources. Does not delete users associated with the project, but does delete the IAM roles that allowed access to the project", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DeleteProject.html" + }, + "DeleteUserProfile": { + "privilege": "DeleteUserProfile", + "description": "Grants permission to delete a user profile in AWS CodeStar, including all personal preference data associated with that profile, such as display name and email address. It does not delete the history of that user, for example the history of commits made by that user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DeleteUserProfile.html" + }, + "DescribeProject": { + "privilege": "DescribeProject", + "description": "Grants permission to describe a project and its resources", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DescribeProject.html" + }, + "DescribeUserProfile": { + "privilege": "DescribeUserProfile", + "description": "Grants permission to describe a user in AWS CodeStar and the user attributes across all projects", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DescribeUserProfile.html" + }, + "DisassociateTeamMember": { + "privilege": "DisassociateTeamMember", + "description": "Grants permission to remove a user from a project. Removing a user from a project also removes the IAM policies from that user that allowed access to the project and its resources", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_DisassociateTeamMember.html" + }, + "GetExtendedAccess": { + "privilege": "GetExtendedAccess", + "description": "Grants permission to extended read APIs", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": null + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list all projects in CodeStar associated with your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListProjects.html" + }, + "ListResources": { + "privilege": "ListResources", + "description": "Grants permission to list all resources associated with a project in CodeStar", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListResources.html" + }, + "ListTagsForProject": { + "privilege": "ListTagsForProject", + "description": "Grants permission to list the tags associated with a project in CodeStar", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListTagsForProject.html" + }, + "ListTeamMembers": { + "privilege": "ListTeamMembers", + "description": "Grants permission to list all team members associated with a project", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListTeamMembers.html" + }, + "ListUserProfiles": { + "privilege": "ListUserProfiles", + "description": "Grants permission to list user profiles in AWS CodeStar", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_ListUserProfiles.html" + }, + "PutExtendedAccess": { + "privilege": "PutExtendedAccess", + "description": "Grants permission to extended write APIs", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": null + }, + "TagProject": { + "privilege": "TagProject", + "description": "Grants permission to add tags to a project in CodeStar", + "access_level": "Tagging", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_TagProject.html" + }, + "UntagProject": { + "privilege": "UntagProject", + "description": "Grants permission to remove tags from a project in CodeStar", + "access_level": "Tagging", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UntagProject.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to update a project in CodeStar", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UpdateProject.html" + }, + "UpdateTeamMember": { + "privilege": "UpdateTeamMember", + "description": "Grants permission to update team member attributes within a CodeStar project", + "access_level": "Permissions management", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UpdateTeamMember.html" + }, + "UpdateUserProfile": { + "privilege": "UpdateUserProfile", + "description": "Grants permission to update a profile for a user that includes user preferences, display name, and email", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar/latest/APIReference/API_UpdateUserProfile.html" + }, + "VerifyServiceRole": { + "privilege": "VerifyServiceRole", + "description": "Grants permission to verify whether the AWS CodeStar service role exists in the customer's account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + } + }, + "privileges_lower_name": { + "associateteammember": "AssociateTeamMember", + "createproject": "CreateProject", + "createuserprofile": "CreateUserProfile", + "deleteextendedaccess": "DeleteExtendedAccess", + "deleteproject": "DeleteProject", + "deleteuserprofile": "DeleteUserProfile", + "describeproject": "DescribeProject", + "describeuserprofile": "DescribeUserProfile", + "disassociateteammember": "DisassociateTeamMember", + "getextendedaccess": "GetExtendedAccess", + "listprojects": "ListProjects", + "listresources": "ListResources", + "listtagsforproject": "ListTagsForProject", + "listteammembers": "ListTeamMembers", + "listuserprofiles": "ListUserProfiles", + "putextendedaccess": "PutExtendedAccess", + "tagproject": "TagProject", + "untagproject": "UntagProject", + "updateproject": "UpdateProject", + "updateteammember": "UpdateTeamMember", + "updateuserprofile": "UpdateUserProfile", + "verifyservicerole": "VerifyServiceRole" + }, + "resources": { + "project": { + "resource": "project", + "arn": "arn:${Partition}:codestar:${Region}:${Account}:project/${ProjectId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:iam::${Account}:user/${AwsUserName}", + "condition_keys": [ + "iam:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "project": "project", + "user": "user" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by requests based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by requests based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "iam:ResourceTag/${TagKey}": { + "condition": "iam:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag-value associated with the resource", + "type": "String" + } + } + }, + "codestar-connections": { + "service_name": "AWS CodeStar Connections", + "prefix": "codestar-connections", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodestarconnections.html", + "privileges": { + "CreateConnection": { + "privilege": "CreateConnection", + "description": "Grants permission to create a Connection resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-connections:ProviderType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_CreateConnection.html" + }, + "CreateHost": { + "privilege": "CreateHost", + "description": "Grants permission to create a host resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-connections:ProviderType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_CreateHost.html" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete a Connection resource", + "access_level": "Write", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_DeleteConnection.html" + }, + "DeleteHost": { + "privilege": "DeleteHost", + "description": "Grants permission to delete a host resource", + "access_level": "Write", + "resource_types": { + "Host": { + "resource_type": "Host", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "host": "Host" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_DeleteHost.html" + }, + "GetConnection": { + "privilege": "GetConnection", + "description": "Grants permission to get details about a Connection resource", + "access_level": "Read", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_GetConnection.html" + }, + "GetHost": { + "privilege": "GetHost", + "description": "Grants permission to get details about a host resource", + "access_level": "Read", + "resource_types": { + "Host": { + "resource_type": "Host", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "host": "Host" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_GetHost.html" + }, + "GetIndividualAccessToken": { + "privilege": "GetIndividualAccessToken", + "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:ProviderType" + ], + "dependent_actions": [ + "codestar-connections:StartOAuthHandshake" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" + }, + "GetInstallationUrl": { + "privilege": "GetInstallationUrl", + "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:ProviderType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" + }, + "ListConnections": { + "privilege": "ListConnections", + "description": "Grants permission to list Connection resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:ProviderTypeFilter" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_ListConnections.html" + }, + "ListHosts": { + "privilege": "ListHosts", + "description": "Grants permission to list host resources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:ProviderTypeFilter" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_ListHosts.html" + }, + "ListInstallationTargets": { + "privilege": "ListInstallationTargets", + "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "codestar-connections:GetIndividualAccessToken", + "codestar-connections:StartOAuthHandshake" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Gets the set of key-value pairs that are used to manage the resource", + "access_level": "List", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_ListTagsForResource.html" + }, + "PassConnection": { + "privilege": "PassConnection", + "description": "Grants permission to pass a Connection resource to an AWS service that accepts a Connection ARN as input, such as codepipeline:CreatePipeline", + "access_level": "Read", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:PassedToService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-passconnection" + }, + "RegisterAppCode": { + "privilege": "RegisterAppCode", + "description": "Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:HostArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#connections-permissions-actions-host-registration" + }, + "StartAppRegistrationHandshake": { + "privilege": "StartAppRegistrationHandshake", + "description": "Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:HostArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#connections-permissions-actions-host-registration" + }, + "StartOAuthHandshake": { + "privilege": "StartOAuthHandshake", + "description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:ProviderType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Adds to or modifies the tags of the given resource", + "access_level": "Tagging", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Removes tags from an AWS resource", + "access_level": "Tagging", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_UntagResource.html" + }, + "UpdateConnectionInstallation": { + "privilege": "UpdateConnectionInstallation", + "description": "Grants permission to update a Connection resource with an installation of the CodeStar Connections App", + "access_level": "Write", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "codestar-connections:GetIndividualAccessToken", + "codestar-connections:GetInstallationUrl", + "codestar-connections:ListInstallationTargets", + "codestar-connections:StartOAuthHandshake" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:InstallationId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-handshake" + }, + "UpdateHost": { + "privilege": "UpdateHost", + "description": "Grants permission to update a host resource", + "access_level": "Write", + "resource_types": { + "Host": { + "resource_type": "Host", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "host": "Host" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_UpdateHost.html" + }, + "UseConnection": { + "privilege": "UseConnection", + "description": "Grants permission to use a Connection resource to call provider actions", + "access_level": "Read", + "resource_types": { + "Connection": { + "resource_type": "Connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "codestar-connections:FullRepositoryId", + "codestar-connections:ProviderAction", + "codestar-connections:ProviderPermissionsRequired" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "Connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dtconsole/latest/userguide/security-iam.html#permissions-reference-connections-use" + } + }, + "privileges_lower_name": { + "createconnection": "CreateConnection", + "createhost": "CreateHost", + "deleteconnection": "DeleteConnection", + "deletehost": "DeleteHost", + "getconnection": "GetConnection", + "gethost": "GetHost", + "getindividualaccesstoken": "GetIndividualAccessToken", + "getinstallationurl": "GetInstallationUrl", + "listconnections": "ListConnections", + "listhosts": "ListHosts", + "listinstallationtargets": "ListInstallationTargets", + "listtagsforresource": "ListTagsForResource", + "passconnection": "PassConnection", + "registerappcode": "RegisterAppCode", + "startappregistrationhandshake": "StartAppRegistrationHandshake", + "startoauthhandshake": "StartOAuthHandshake", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateconnectioninstallation": "UpdateConnectionInstallation", + "updatehost": "UpdateHost", + "useconnection": "UseConnection" + }, + "resources": { + "Connection": { + "resource": "Connection", + "arn": "arn:${Partition}:codestar-connections:${Region}:${Account}:connection/${ConnectionId}", + "condition_keys": [] + }, + "Host": { + "resource": "Host", + "arn": "arn:${Partition}:codestar-connections:${Region}:${Account}:host/${HostId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "connection": "Connection", + "host": "Host" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "codestar-connections:BranchName": { + "condition": "codestar-connections:BranchName", + "description": "Filters access by the branch name that is passed in the request. Applies only to UseConnection requests for access to a specific repository branch", + "type": "String" + }, + "codestar-connections:FullRepositoryId": { + "condition": "codestar-connections:FullRepositoryId", + "description": "Filters access by the repository that is passed in the request. Applies only to UseConnection requests for access to a specific repository", + "type": "String" + }, + "codestar-connections:HostArn": { + "condition": "codestar-connections:HostArn", + "description": "Filters access by the host resource associated with the connection used in the request", + "type": "String" + }, + "codestar-connections:InstallationId": { + "condition": "codestar-connections:InstallationId", + "description": "Filters access by the third-party ID (such as the Bitbucket App installation ID for CodeStar Connections) that is used to update a Connection. Allows you to restrict which third-party App installations can be used to make a Connection", + "type": "String" + }, + "codestar-connections:OwnerId": { + "condition": "codestar-connections:OwnerId", + "description": "Filters access by the owner of the third-party repository. Applies only to UseConnection requests for access to repositories owned by a specific user", + "type": "String" + }, + "codestar-connections:PassedToService": { + "condition": "codestar-connections:PassedToService", + "description": "Filters access by the service to which the principal is allowed to pass a Connection", + "type": "String" + }, + "codestar-connections:ProviderAction": { + "condition": "codestar-connections:ProviderAction", + "description": "Filters access by the provider action in a UseConnection request such as ListRepositories. See documentation for all valid values", + "type": "String" + }, + "codestar-connections:ProviderPermissionsRequired": { + "condition": "codestar-connections:ProviderPermissionsRequired", + "description": "Filters access by the write permissions of a provider action in a UseConnection request. Valid types include read_only and read_write", + "type": "String" + }, + "codestar-connections:ProviderType": { + "condition": "codestar-connections:ProviderType", + "description": "Filters access by the type of third-party provider passed in the request", + "type": "String" + }, + "codestar-connections:ProviderTypeFilter": { + "condition": "codestar-connections:ProviderTypeFilter", + "description": "Filters access by the type of third-party provider used to filter results", + "type": "String" + }, + "codestar-connections:RepositoryName": { + "condition": "codestar-connections:RepositoryName", + "description": "Filters access by the repository name that is passed in the request. Applies only to UseConnection requests for creating new repositories", + "type": "String" + } + } + }, + "codestar-notifications": { + "service_name": "AWS CodeStar Notifications", + "prefix": "codestar-notifications", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscodestarnotifications.html", + "privileges": { + "CreateNotificationRule": { + "privilege": "CreateNotificationRule", + "description": "Grants permission to create a notification rule for a resource", + "access_level": "Write", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-notifications:NotificationsForResource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_CreateNotificationRule.html" + }, + "DeleteNotificationRule": { + "privilege": "DeleteNotificationRule", + "description": "Grants permission to delete a notification rule for a resource", + "access_level": "Write", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-notifications:NotificationsForResource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_DeleteNotificationRule.html" + }, + "DeleteTarget": { + "privilege": "DeleteTarget", + "description": "Grants permission to delete a target for a notification rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_DeleteTarget.html" + }, + "DescribeNotificationRule": { + "privilege": "DescribeNotificationRule", + "description": "Grants permission to get information about a notification rule", + "access_level": "Read", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-notifications:NotificationsForResource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_DescribeNotificationRule.html" + }, + "ListEventTypes": { + "privilege": "ListEventTypes", + "description": "Grants permission to list notifications event types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListEventTypes.html" + }, + "ListNotificationRules": { + "privilege": "ListNotificationRules", + "description": "Grants permission to list notification rules in an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListNotificationRules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags attached to a notification rule resource ARN", + "access_level": "List", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTargets": { + "privilege": "ListTargets", + "description": "Grants permission to list the notification rule targets for an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_ListTargets.html" + }, + "Subscribe": { + "privilege": "Subscribe", + "description": "Grants permission to create an association between a notification rule and an Amazon SNS topic", + "access_level": "Write", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-notifications:NotificationsForResource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_Subscribe.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to attach resource tags to a notification rule resource ARN", + "access_level": "Tagging", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_TagResource.html" + }, + "Unsubscribe": { + "privilege": "Unsubscribe", + "description": "Grants permission to remove an association between a notification rule and an Amazon SNS topic", + "access_level": "Write", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-notifications:NotificationsForResource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_Unsubscribe.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to disassociate resource tags from a notification rule resource ARN", + "access_level": "Tagging", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_UntagResource.html" + }, + "UpdateNotificationRule": { + "privilege": "UpdateNotificationRule", + "description": "Grants permission to change a notification rule for a resource", + "access_level": "Write", + "resource_types": { + "notificationrule": { + "resource_type": "notificationrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "codestar-notifications:NotificationsForResource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationrule": "notificationrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/codestar-notifications/latest/APIReference/API_UpdateNotificationRule.html" + } + }, + "privileges_lower_name": { + "createnotificationrule": "CreateNotificationRule", + "deletenotificationrule": "DeleteNotificationRule", + "deletetarget": "DeleteTarget", + "describenotificationrule": "DescribeNotificationRule", + "listeventtypes": "ListEventTypes", + "listnotificationrules": "ListNotificationRules", + "listtagsforresource": "ListTagsForResource", + "listtargets": "ListTargets", + "subscribe": "Subscribe", + "tagresource": "TagResource", + "unsubscribe": "Unsubscribe", + "untagresource": "UntagResource", + "updatenotificationrule": "UpdateNotificationRule" + }, + "resources": { + "notificationrule": { + "resource": "notificationrule", + "arn": "arn:${Partition}:codestar-notifications:${Region}:${Account}:notificationrule/${NotificationRuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "notificationrule": "notificationrule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "codestar-notifications:NotificationsForResource": { + "condition": "codestar-notifications:NotificationsForResource", + "description": "Filters access based on the ARN of the resource for which notifications are configured", + "type": "ARN" + } + } + }, + "compute-optimizer": { + "service_name": "AWS Compute Optimizer", + "prefix": "compute-optimizer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscomputeoptimizer.html", + "privileges": { + "DeleteRecommendationPreferences": { + "privilege": "DeleteRecommendationPreferences", + "description": "Grants permission to delete recommendation preferences", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "compute-optimizer:ResourceType" + ], + "dependent_actions": [ + "autoscaling:DescribeAutoScalingGroups", + "ec2:DescribeInstances" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_DeleteRecommendationPreferences.html" + }, + "DescribeRecommendationExportJobs": { + "privilege": "DescribeRecommendationExportJobs", + "description": "Grants permission to view the status of recommendation export jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_DescribeRecommendationExportJobs.html" + }, + "ExportAutoScalingGroupRecommendations": { + "privilege": "ExportAutoScalingGroupRecommendations", + "description": "Grants permission to export AutoScaling group recommendations to S3 for the provided accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "autoscaling:DescribeAutoScalingGroups", + "compute-optimizer:GetAutoScalingGroupRecommendations" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportAutoScalingGroupRecommendations.html" + }, + "ExportEBSVolumeRecommendations": { + "privilege": "ExportEBSVolumeRecommendations", + "description": "Grants permission to export EBS volume recommendations to S3 for the provided accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "compute-optimizer:GetEBSVolumeRecommendations", + "ec2:DescribeVolumes" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportEBSVolumeRecommendations.html" + }, + "ExportEC2InstanceRecommendations": { + "privilege": "ExportEC2InstanceRecommendations", + "description": "Grants permission to export EC2 instance recommendations to S3 for the provided accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "compute-optimizer:GetEC2InstanceRecommendations", + "ec2:DescribeInstances" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportEC2InstanceRecommendations.html" + }, + "ExportECSServiceRecommendations": { + "privilege": "ExportECSServiceRecommendations", + "description": "Grants permission to export ECS service recommendations to S3 for the provided accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "compute-optimizer:GetECSServiceRecommendations", + "ecs:ListClusters", + "ecs:ListServices" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportECSServiceRecommendations.html" + }, + "ExportLambdaFunctionRecommendations": { + "privilege": "ExportLambdaFunctionRecommendations", + "description": "Grants permission to export Lambda function recommendations to S3 for the provided accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "compute-optimizer:GetLambdaFunctionRecommendations", + "lambda:ListFunctions", + "lambda:ListProvisionedConcurrencyConfigs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportLambdaFunctionRecommendations.html" + }, + "GetAutoScalingGroupRecommendations": { + "privilege": "GetAutoScalingGroupRecommendations", + "description": "Grants permission to get recommendations for the provided AutoScaling groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "autoscaling:DescribeAutoScalingGroups" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetAutoScalingGroupRecommendations.html" + }, + "GetEBSVolumeRecommendations": { + "privilege": "GetEBSVolumeRecommendations", + "description": "Grants permission to get recommendations for the provided EBS volumes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeVolumes" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEBSVolumeRecommendations.html" + }, + "GetEC2InstanceRecommendations": { + "privilege": "GetEC2InstanceRecommendations", + "description": "Grants permission to get recommendations for the provided EC2 instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeInstances" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEC2InstanceRecommendations.html" + }, + "GetEC2RecommendationProjectedMetrics": { + "privilege": "GetEC2RecommendationProjectedMetrics", + "description": "Grants permission to get the recommendation projected metrics of the specified instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:DescribeInstances" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEC2RecommendationProjectedMetrics.html" + }, + "GetECSServiceRecommendationProjectedMetrics": { + "privilege": "GetECSServiceRecommendationProjectedMetrics", + "description": "Grants permission to get the recommendation projected metrics of the specified ECS service", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetECSServiceRecommendationProjectedMetrics.html" + }, + "GetECSServiceRecommendations": { + "privilege": "GetECSServiceRecommendations", + "description": "Grants permission to get recommendations for the provided ECS services", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ecs:ListClusters", + "ecs:ListServices" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetECSServiceRecommendations.html" + }, + "GetEffectiveRecommendationPreferences": { + "privilege": "GetEffectiveRecommendationPreferences", + "description": "Grants permission to get recommendation preferences that are in effect", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "compute-optimizer:ResourceType" + ], + "dependent_actions": [ + "autoscaling:DescribeAutoScalingGroups", + "autoscaling:DescribeAutoScalingInstances", + "ec2:DescribeInstances" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEffectiveRecommendationPreferences.html" + }, + "GetEnrollmentStatus": { + "privilege": "GetEnrollmentStatus", + "description": "Grants permission to get the enrollment status for the specified account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEnrollmentStatus.html" + }, + "GetEnrollmentStatusesForOrganization": { + "privilege": "GetEnrollmentStatusesForOrganization", + "description": "Grants permission to get the enrollment statuses for member accounts of the organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetEnrollmentStatusesForOrganization.html" + }, + "GetLambdaFunctionRecommendations": { + "privilege": "GetLambdaFunctionRecommendations", + "description": "Grants permission to get recommendations for the provided Lambda functions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "lambda:ListFunctions", + "lambda:ListProvisionedConcurrencyConfigs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetLambdaFunctionRecommendations.html" + }, + "GetRecommendationPreferences": { + "privilege": "GetRecommendationPreferences", + "description": "Grants permission to get recommendation preferences", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "compute-optimizer:ResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetRecommendationPreferences.html" + }, + "GetRecommendationSummaries": { + "privilege": "GetRecommendationSummaries", + "description": "Grants permission to get the recommendation summaries for the specified account(s)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_GetRecommendationSummaries.html" + }, + "PutRecommendationPreferences": { + "privilege": "PutRecommendationPreferences", + "description": "Grants permission to put recommendation preferences", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "compute-optimizer:ResourceType" + ], + "dependent_actions": [ + "autoscaling:DescribeAutoScalingGroups", + "autoscaling:DescribeAutoScalingInstances", + "ec2:DescribeInstances" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_PutRecommendationPreferences.html" + }, + "UpdateEnrollmentStatus": { + "privilege": "UpdateEnrollmentStatus", + "description": "Grants permission to update the enrollment status", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_UpdateEnrollmentStatus.html" + } + }, + "privileges_lower_name": { + "deleterecommendationpreferences": "DeleteRecommendationPreferences", + "describerecommendationexportjobs": "DescribeRecommendationExportJobs", + "exportautoscalinggrouprecommendations": "ExportAutoScalingGroupRecommendations", + "exportebsvolumerecommendations": "ExportEBSVolumeRecommendations", + "exportec2instancerecommendations": "ExportEC2InstanceRecommendations", + "exportecsservicerecommendations": "ExportECSServiceRecommendations", + "exportlambdafunctionrecommendations": "ExportLambdaFunctionRecommendations", + "getautoscalinggrouprecommendations": "GetAutoScalingGroupRecommendations", + "getebsvolumerecommendations": "GetEBSVolumeRecommendations", + "getec2instancerecommendations": "GetEC2InstanceRecommendations", + "getec2recommendationprojectedmetrics": "GetEC2RecommendationProjectedMetrics", + "getecsservicerecommendationprojectedmetrics": "GetECSServiceRecommendationProjectedMetrics", + "getecsservicerecommendations": "GetECSServiceRecommendations", + "geteffectiverecommendationpreferences": "GetEffectiveRecommendationPreferences", + "getenrollmentstatus": "GetEnrollmentStatus", + "getenrollmentstatusesfororganization": "GetEnrollmentStatusesForOrganization", + "getlambdafunctionrecommendations": "GetLambdaFunctionRecommendations", + "getrecommendationpreferences": "GetRecommendationPreferences", + "getrecommendationsummaries": "GetRecommendationSummaries", + "putrecommendationpreferences": "PutRecommendationPreferences", + "updateenrollmentstatus": "UpdateEnrollmentStatus" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": { + "compute-optimizer:ResourceType": { + "condition": "compute-optimizer:ResourceType", + "description": "Filters access by the resource type", + "type": "String" + } + } + }, + "config": { + "service_name": "AWS Config", + "prefix": "config", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconfig.html", + "privileges": { + "BatchGetAggregateResourceConfig": { + "privilege": "BatchGetAggregateResourceConfig", + "description": "Grants permission to return the current configuration items for resources that are present in your AWS Config aggregator", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetAggregateResourceConfig.html" + }, + "BatchGetResourceConfig": { + "privilege": "BatchGetResourceConfig", + "description": "Grants permission to return the current configuration for one or more requested resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetResourceConfig.html" + }, + "DeleteAggregationAuthorization": { + "privilege": "DeleteAggregationAuthorization", + "description": "Grants permission to delete the authorization granted to the specified configuration aggregator account in a specified region", + "access_level": "Write", + "resource_types": { + "AggregationAuthorization": { + "resource_type": "AggregationAuthorization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "aggregationauthorization": "AggregationAuthorization" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteAggregationAuthorization.html" + }, + "DeleteConfigRule": { + "privilege": "DeleteConfigRule", + "description": "Grants permission to delete the specified AWS Config rule and all of its evaluation results", + "access_level": "Write", + "resource_types": { + "ConfigRule": { + "resource_type": "ConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configrule": "ConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigRule.html" + }, + "DeleteConfigurationAggregator": { + "privilege": "DeleteConfigurationAggregator", + "description": "Grants permission to delete the specified configuration aggregator and the aggregated data associated with the aggregator", + "access_level": "Write", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationAggregator.html" + }, + "DeleteConfigurationRecorder": { + "privilege": "DeleteConfigurationRecorder", + "description": "Grants permission to delete the configuration recorder", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationRecorder.html" + }, + "DeleteConformancePack": { + "privilege": "DeleteConformancePack", + "description": "Grants permission to delete the specified conformance pack and all the AWS Config rules and all evaluation results within that conformance pack", + "access_level": "Write", + "resource_types": { + "ConformancePack": { + "resource_type": "ConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conformancepack": "ConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConformancePack.html" + }, + "DeleteDeliveryChannel": { + "privilege": "DeleteDeliveryChannel", + "description": "Grants permission to delete the delivery channel", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteDeliveryChannel.html" + }, + "DeleteEvaluationResults": { + "privilege": "DeleteEvaluationResults", + "description": "Grants permission to delete the evaluation results for the specified Config rule", + "access_level": "Write", + "resource_types": { + "ConfigRule": { + "resource_type": "ConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configrule": "ConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteEvaluationResults.html" + }, + "DeleteOrganizationConfigRule": { + "privilege": "DeleteOrganizationConfigRule", + "description": "Grants permission to delete the specified organization config rule and all of its evaluation results from all member accounts in that organization", + "access_level": "Write", + "resource_types": { + "OrganizationConfigRule": { + "resource_type": "OrganizationConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationconfigrule": "OrganizationConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConfigRule.html" + }, + "DeleteOrganizationConformancePack": { + "privilege": "DeleteOrganizationConformancePack", + "description": "Grants permission to delete the specified organization conformance pack and all of its evaluation results from all member accounts in that organization", + "access_level": "Write", + "resource_types": { + "OrganizationConformancePack": { + "resource_type": "OrganizationConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationconformancepack": "OrganizationConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConformancePack.html" + }, + "DeletePendingAggregationRequest": { + "privilege": "DeletePendingAggregationRequest", + "description": "Grants permission to delete pending authorization requests for a specified aggregator account in a specified region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeletePendingAggregationRequest.html" + }, + "DeleteRemediationConfiguration": { + "privilege": "DeleteRemediationConfiguration", + "description": "Grants permission to delete the remediation configuration", + "access_level": "Write", + "resource_types": { + "RemediationConfiguration": { + "resource_type": "RemediationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "remediationconfiguration": "RemediationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationConfiguration.html" + }, + "DeleteRemediationExceptions": { + "privilege": "DeleteRemediationExceptions", + "description": "Grants permission to delete one or more remediation exceptions for specific resource keys for a specific AWS Config Rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationExceptions.html" + }, + "DeleteResourceConfig": { + "privilege": "DeleteResourceConfig", + "description": "Grants permission to record the configuration state for a custom resource that has been deleted", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteResourceConfig.html" + }, + "DeleteRetentionConfiguration": { + "privilege": "DeleteRetentionConfiguration", + "description": "Grants permission to delete the retention configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRetentionConfiguration.html" + }, + "DeleteStoredQuery": { + "privilege": "DeleteStoredQuery", + "description": "Grants permission to delete the stored query for an AWS account in an AWS Region", + "access_level": "Write", + "resource_types": { + "StoredQuery": { + "resource_type": "StoredQuery", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storedquery": "StoredQuery" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteStoredQuery.html" + }, + "DeliverConfigSnapshot": { + "privilege": "DeliverConfigSnapshot", + "description": "Grants permission to schedule delivery of a configuration snapshot to the Amazon S3 bucket in the specified delivery channel", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DeliverConfigSnapshot.html" + }, + "DescribeAggregateComplianceByConfigRules": { + "privilege": "DescribeAggregateComplianceByConfigRules", + "description": "Grants permission to return a list of compliant and noncompliant rules with the number of resources for compliant and noncompliant rules", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConfigRules.html" + }, + "DescribeAggregateComplianceByConformancePacks": { + "privilege": "DescribeAggregateComplianceByConformancePacks", + "description": "Grants permission to return a list of compliant and noncompliant conformance packs along with count of compliant, non-compliant and total rules within each conformance pack", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConformancePacks.html" + }, + "DescribeAggregationAuthorizations": { + "privilege": "DescribeAggregationAuthorizations", + "description": "Grants permission to return a list of authorizations granted to various aggregator accounts and regions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregationAuthorizations.html" + }, + "DescribeComplianceByConfigRule": { + "privilege": "DescribeComplianceByConfigRule", + "description": "Grants permission to indicate whether the specified AWS Config rules are compliant", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByConfigRule.html" + }, + "DescribeComplianceByResource": { + "privilege": "DescribeComplianceByResource", + "description": "Grants permission to indicate whether the specified AWS resources are compliant", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByResource.html" + }, + "DescribeConfigRuleEvaluationStatus": { + "privilege": "DescribeConfigRuleEvaluationStatus", + "description": "Grants permission to return status information for each of your AWS managed Config rules", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRuleEvaluationStatus.html" + }, + "DescribeConfigRules": { + "privilege": "DescribeConfigRules", + "description": "Grants permission to return details about your AWS Config rules", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRules.html" + }, + "DescribeConfigurationAggregatorSourcesStatus": { + "privilege": "DescribeConfigurationAggregatorSourcesStatus", + "description": "Grants permission to return status information for sources within an aggregator", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregatorSourcesStatus.html" + }, + "DescribeConfigurationAggregators": { + "privilege": "DescribeConfigurationAggregators", + "description": "Grants permission to return the details of one or more configuration aggregators", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregators.html" + }, + "DescribeConfigurationRecorderStatus": { + "privilege": "DescribeConfigurationRecorderStatus", + "description": "Grants permission to return the current status of the specified configuration recorder", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorderStatus.html" + }, + "DescribeConfigurationRecorders": { + "privilege": "DescribeConfigurationRecorders", + "description": "Grants permission to return the names of one or more specified configuration recorders", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorders.html" + }, + "DescribeConformancePackCompliance": { + "privilege": "DescribeConformancePackCompliance", + "description": "Grants permission to return compliance information for each rule in that conformance pack", + "access_level": "Read", + "resource_types": { + "ConformancePack": { + "resource_type": "ConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conformancepack": "ConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackCompliance.html" + }, + "DescribeConformancePackStatus": { + "privilege": "DescribeConformancePackStatus", + "description": "Grants permission to provide one or more conformance packs deployment status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackStatus.html" + }, + "DescribeConformancePacks": { + "privilege": "DescribeConformancePacks", + "description": "Grants permission to return a list of one or more conformance packs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePacks.html" + }, + "DescribeDeliveryChannelStatus": { + "privilege": "DescribeDeliveryChannelStatus", + "description": "Grants permission to return the current status of the specified delivery channel", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannelStatus.html" + }, + "DescribeDeliveryChannels": { + "privilege": "DescribeDeliveryChannels", + "description": "Grants permission to return details about the specified delivery channel", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannels.html" + }, + "DescribeOrganizationConfigRuleStatuses": { + "privilege": "DescribeOrganizationConfigRuleStatuses", + "description": "Grants permission to provide organization config rule deployment status for an organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRuleStatuses.html" + }, + "DescribeOrganizationConfigRules": { + "privilege": "DescribeOrganizationConfigRules", + "description": "Grants permission to return a list of organization config rules", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRules.html" + }, + "DescribeOrganizationConformancePackStatuses": { + "privilege": "DescribeOrganizationConformancePackStatuses", + "description": "Grants permission to provide organization conformance pack deployment status for an organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePackStatuses.html" + }, + "DescribeOrganizationConformancePacks": { + "privilege": "DescribeOrganizationConformancePacks", + "description": "Grants permission to return a list of organization conformance packs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePacks.html" + }, + "DescribePendingAggregationRequests": { + "privilege": "DescribePendingAggregationRequests", + "description": "Grants permission to return a list of all pending aggregation requests", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribePendingAggregationRequests.html" + }, + "DescribeRemediationConfigurations": { + "privilege": "DescribeRemediationConfigurations", + "description": "Grants permission to return the details of one or more remediation configurations", + "access_level": "List", + "resource_types": { + "RemediationConfiguration": { + "resource_type": "RemediationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "remediationconfiguration": "RemediationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationConfigurations.html" + }, + "DescribeRemediationExceptions": { + "privilege": "DescribeRemediationExceptions", + "description": "Grants permission to return the details of one or more remediation exceptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExceptions.html" + }, + "DescribeRemediationExecutionStatus": { + "privilege": "DescribeRemediationExecutionStatus", + "description": "Grants permission to provide a detailed view of a Remediation Execution for a set of resources including state, timestamps and any error messages for steps that have failed", + "access_level": "Read", + "resource_types": { + "RemediationConfiguration": { + "resource_type": "RemediationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "remediationconfiguration": "RemediationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExecutionStatus.html" + }, + "DescribeRetentionConfigurations": { + "privilege": "DescribeRetentionConfigurations", + "description": "Grants permission to return the details of one or more retention configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRetentionConfigurations.html" + }, + "GetAggregateComplianceDetailsByConfigRule": { + "privilege": "GetAggregateComplianceDetailsByConfigRule", + "description": "Grants permission to return the evaluation results for the specified AWS Config rule for a specific resource in a rule", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateComplianceDetailsByConfigRule.html" + }, + "GetAggregateConfigRuleComplianceSummary": { + "privilege": "GetAggregateConfigRuleComplianceSummary", + "description": "Grants permission to return the number of compliant and noncompliant rules for one or more accounts and regions in an aggregator", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConfigRuleComplianceSummary.html" + }, + "GetAggregateConformancePackComplianceSummary": { + "privilege": "GetAggregateConformancePackComplianceSummary", + "description": "Grants permission to return the number of compliant and noncompliant conformance packs for one or more accounts and regions in an aggregator", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConformancePackComplianceSummary.html" + }, + "GetAggregateDiscoveredResourceCounts": { + "privilege": "GetAggregateDiscoveredResourceCounts", + "description": "Grants permission to return the resource counts across accounts and regions that are present in your AWS Config aggregator", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateDiscoveredResourceCounts.html" + }, + "GetAggregateResourceConfig": { + "privilege": "GetAggregateResourceConfig", + "description": "Grants permission to return configuration item that is aggregated for your specific resource in a specific source account and region", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateResourceConfig.html" + }, + "GetComplianceDetailsByConfigRule": { + "privilege": "GetComplianceDetailsByConfigRule", + "description": "Grants permission to return the evaluation results for the specified AWS Config rule", + "access_level": "Read", + "resource_types": { + "ConfigRule": { + "resource_type": "ConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configrule": "ConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByConfigRule.html" + }, + "GetComplianceDetailsByResource": { + "privilege": "GetComplianceDetailsByResource", + "description": "Grants permission to return the evaluation results for the specified AWS resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByResource.html" + }, + "GetComplianceSummaryByConfigRule": { + "privilege": "GetComplianceSummaryByConfigRule", + "description": "Grants permission to return the number of AWS Config rules that are compliant and noncompliant, up to a maximum of 25 for each", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByConfigRule.html" + }, + "GetComplianceSummaryByResourceType": { + "privilege": "GetComplianceSummaryByResourceType", + "description": "Grants permission to return the number of resources that are compliant and the number that are noncompliant", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByResourceType.html" + }, + "GetConformancePackComplianceDetails": { + "privilege": "GetConformancePackComplianceDetails", + "description": "Grants permission to return compliance details of a conformance pack for all AWS resources that are monitered by conformance pack", + "access_level": "Read", + "resource_types": { + "ConformancePack": { + "resource_type": "ConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conformancepack": "ConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceDetails.html" + }, + "GetConformancePackComplianceSummary": { + "privilege": "GetConformancePackComplianceSummary", + "description": "Grants permission to provide compliance summary for one or more conformance packs", + "access_level": "Read", + "resource_types": { + "ConformancePack": { + "resource_type": "ConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conformancepack": "ConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceSummary.html" + }, + "GetCustomRulePolicy": { + "privilege": "GetCustomRulePolicy", + "description": "Grants permission to return the policy definition containing the logic for your AWS Config Custom Policy rule", + "access_level": "Read", + "resource_types": { + "ConfigRule": { + "resource_type": "ConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configrule": "ConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetCustomRulePolicy.html" + }, + "GetDiscoveredResourceCounts": { + "privilege": "GetDiscoveredResourceCounts", + "description": "Grants permission to return the resource types, the number of each resource type, and the total number of resources that AWS Config is recording in this region for your AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetDiscoveredResourceCounts.html" + }, + "GetOrganizationConfigRuleDetailedStatus": { + "privilege": "GetOrganizationConfigRuleDetailedStatus", + "description": "Grants permission to return detailed status for each member account within an organization for a given organization config rule", + "access_level": "Read", + "resource_types": { + "OrganizationConfigRule": { + "resource_type": "OrganizationConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationconfigrule": "OrganizationConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConfigRuleDetailedStatus.html" + }, + "GetOrganizationConformancePackDetailedStatus": { + "privilege": "GetOrganizationConformancePackDetailedStatus", + "description": "Grants permission to return detailed status for each member account within an organization for a given organization conformance pack", + "access_level": "Read", + "resource_types": { + "OrganizationConformancePack": { + "resource_type": "OrganizationConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationconformancepack": "OrganizationConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConformancePackDetailedStatus.html" + }, + "GetOrganizationCustomRulePolicy": { + "privilege": "GetOrganizationCustomRulePolicy", + "description": "Grants permission to return the policy definition containing the logic for your organization AWS Config Custom Policy rule", + "access_level": "Read", + "resource_types": { + "OrganizationConfigRule": { + "resource_type": "OrganizationConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationconfigrule": "OrganizationConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationCustomRulePolicy.html" + }, + "GetResourceConfigHistory": { + "privilege": "GetResourceConfigHistory", + "description": "Grants permission to return a list of configuration items for the specified resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceConfigHistory.html" + }, + "GetResourceEvaluationSummary": { + "privilege": "GetResourceEvaluationSummary", + "description": "Grants permission to return the summary of resource evaluations for a specific resource evaluation ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceEvaluationSummary.html" + }, + "GetStoredQuery": { + "privilege": "GetStoredQuery", + "description": "Grants permission to return the details of a specific stored query", + "access_level": "Read", + "resource_types": { + "StoredQuery": { + "resource_type": "StoredQuery", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storedquery": "StoredQuery" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_GetStoredQuery.html" + }, + "ListAggregateDiscoveredResources": { + "privilege": "ListAggregateDiscoveredResources", + "description": "Grants permission to accept a resource type and returns a list of resource identifiers that are aggregated for a specific resource type across accounts and regions", + "access_level": "List", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListAggregateDiscoveredResources.html" + }, + "ListConformancePackComplianceScores": { + "privilege": "ListConformancePackComplianceScores", + "description": "Grants permission to return the percentage of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListConformancePackComplianceScores.html" + }, + "ListDiscoveredResources": { + "privilege": "ListDiscoveredResources", + "description": "Grants permission to accept a resource type and returns a list of resource identifiers for the resources of that type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListDiscoveredResources.html" + }, + "ListResourceEvaluations": { + "privilege": "ListResourceEvaluations", + "description": "Grants permission to list the resource evaluation summaries for an AWS account in an AWS Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListResourceEvaluations.html" + }, + "ListStoredQueries": { + "privilege": "ListStoredQueries", + "description": "Grants permission to list the stored queries for an AWS account in an AWS Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListStoredQueries.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for AWS Config resource", + "access_level": "Read", + "resource_types": { + "AggregationAuthorization": { + "resource_type": "AggregationAuthorization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfigRule": { + "resource_type": "ConfigRule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConformancePack": { + "resource_type": "ConformancePack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OrganizationConfigRule": { + "resource_type": "OrganizationConfigRule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OrganizationConformancePack": { + "resource_type": "OrganizationConformancePack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StoredQuery": { + "resource_type": "StoredQuery", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "aggregationauthorization": "AggregationAuthorization", + "configrule": "ConfigRule", + "configurationaggregator": "ConfigurationAggregator", + "conformancepack": "ConformancePack", + "organizationconfigrule": "OrganizationConfigRule", + "organizationconformancepack": "OrganizationConformancePack", + "storedquery": "StoredQuery" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_ListTagsForResource.html" + }, + "PutAggregationAuthorization": { + "privilege": "PutAggregationAuthorization", + "description": "Grants permission to authorize the aggregator account and region to collect data from the source account and region", + "access_level": "Write", + "resource_types": { + "AggregationAuthorization": { + "resource_type": "AggregationAuthorization", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "aggregationauthorization": "AggregationAuthorization", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutAggregationAuthorization.html" + }, + "PutConfigRule": { + "privilege": "PutConfigRule", + "description": "Grants permission to add or update an AWS Config rule for evaluating whether your AWS resources comply with your desired configurations", + "access_level": "Write", + "resource_types": { + "ConfigRule": { + "resource_type": "ConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configrule": "ConfigRule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigRule.html" + }, + "PutConfigurationAggregator": { + "privilege": "PutConfigurationAggregator", + "description": "Grants permission to create and update the configuration aggregator with the selected source accounts and regions", + "access_level": "Write", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "organizations:EnableAWSServiceAccess", + "organizations:ListDelegatedAdministrators" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationAggregator.html" + }, + "PutConfigurationRecorder": { + "privilege": "PutConfigurationRecorder", + "description": "Grants permission to create a new configuration recorder to record the selected resource configurations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationRecorder.html" + }, + "PutConformancePack": { + "privilege": "PutConformancePack", + "description": "Grants permission to create or update a conformance pack", + "access_level": "Write", + "resource_types": { + "ConformancePack": { + "resource_type": "ConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "s3:GetObject", + "s3:ListBucket", + "ssm:GetDocument" + ] + } + }, + "resource_types_lower_name": { + "conformancepack": "ConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutConformancePack.html" + }, + "PutDeliveryChannel": { + "privilege": "PutDeliveryChannel", + "description": "Grants permission to create a delivery channel object to deliver configuration information to an Amazon S3 bucket and Amazon SNS topic", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutDeliveryChannel.html" + }, + "PutEvaluations": { + "privilege": "PutEvaluations", + "description": "Grants permission to be used by an AWS Lambda function to deliver evaluation results to AWS Config", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutEvaluations.html" + }, + "PutExternalEvaluation": { + "privilege": "PutExternalEvaluation", + "description": "Grants permission to deliver evaluation result to AWS Config", + "access_level": "Write", + "resource_types": { + "ConfigRule": { + "resource_type": "ConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configrule": "ConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutExternalEvaluation.html" + }, + "PutOrganizationConfigRule": { + "privilege": "PutOrganizationConfigRule", + "description": "Grants permission to add or update organization config rule for your entire organization evaluating whether your AWS resources comply with your desired configurations", + "access_level": "Write", + "resource_types": { + "OrganizationConfigRule": { + "resource_type": "OrganizationConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "organizations:EnableAWSServiceAccess", + "organizations:ListDelegatedAdministrators" + ] + } + }, + "resource_types_lower_name": { + "organizationconfigrule": "OrganizationConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConfigRule.html" + }, + "PutOrganizationConformancePack": { + "privilege": "PutOrganizationConformancePack", + "description": "Grants permission to add or update organization conformance pack for your entire organization evaluating whether your AWS resources comply with your desired configurations", + "access_level": "Write", + "resource_types": { + "OrganizationConformancePack": { + "resource_type": "OrganizationConformancePack", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "organizations:EnableAWSServiceAccess", + "organizations:ListDelegatedAdministrators", + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "organizationconformancepack": "OrganizationConformancePack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConformancePack.html" + }, + "PutRemediationConfigurations": { + "privilege": "PutRemediationConfigurations", + "description": "Grants permission to add or update the remediation configuration with a specific AWS Config rule with the selected target or action", + "access_level": "Write", + "resource_types": { + "RemediationConfiguration": { + "resource_type": "RemediationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "remediationconfiguration": "RemediationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationConfigurations.html" + }, + "PutRemediationExceptions": { + "privilege": "PutRemediationExceptions", + "description": "Grants permission to add or update remediation exceptions for specific resources for a specific AWS Config rule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationExceptions.html" + }, + "PutResourceConfig": { + "privilege": "PutResourceConfig", + "description": "Grants permission to record the configuration state for the resource provided in the request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutResourceConfig.html" + }, + "PutRetentionConfiguration": { + "privilege": "PutRetentionConfiguration", + "description": "Grants permission to create and update the retention configuration with details about retention period (number of days) that AWS Config stores your historical information", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutRetentionConfiguration.html" + }, + "PutStoredQuery": { + "privilege": "PutStoredQuery", + "description": "Grants permission to save a new query or updates an existing saved query", + "access_level": "Write", + "resource_types": { + "StoredQuery": { + "resource_type": "StoredQuery", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storedquery": "StoredQuery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_PutStoredQuery.html" + }, + "SelectAggregateResourceConfig": { + "privilege": "SelectAggregateResourceConfig", + "description": "Grants permission to accept a structured query language (SQL) SELECT command and an aggregator to query configuration state of AWS resources across multiple accounts and regions, performs the corresponding search, and returns resource configurations matching the properties", + "access_level": "Read", + "resource_types": { + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationaggregator": "ConfigurationAggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_SelectAggregateResourceConfig.html" + }, + "SelectResourceConfig": { + "privilege": "SelectResourceConfig", + "description": "Grants permission to accept a structured query language (SQL) SELECT command, performs the corresponding search, and returns resource configurations matching the properties", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_SelectResourceConfig.html" + }, + "StartConfigRulesEvaluation": { + "privilege": "StartConfigRulesEvaluation", + "description": "Grants permission to evaluate your resources against the specified Config rules", + "access_level": "Write", + "resource_types": { + "ConfigRule": { + "resource_type": "ConfigRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configrule": "ConfigRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigRulesEvaluation.html" + }, + "StartConfigurationRecorder": { + "privilege": "StartConfigurationRecorder", + "description": "Grants permission to start recording configurations of the AWS resources you have selected to record in your AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigurationRecorder.html" + }, + "StartRemediationExecution": { + "privilege": "StartRemediationExecution", + "description": "Grants permission to run an on-demand remediation for the specified AWS Config rules against the last known remediation configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartRemediationExecution.html" + }, + "StartResourceEvaluation": { + "privilege": "StartResourceEvaluation", + "description": "Grants permission to evaluate your resource details against the AWS Config rules in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeType" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StartResourceEvaluation.html" + }, + "StopConfigurationRecorder": { + "privilege": "StopConfigurationRecorder", + "description": "Grants permission to stop recording configurations of the AWS resources you have selected to record in your AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_StopConfigurationRecorder.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate the specified tags to a resource with the specified resourceArn", + "access_level": "Tagging", + "resource_types": { + "AggregationAuthorization": { + "resource_type": "AggregationAuthorization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfigRule": { + "resource_type": "ConfigRule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConformancePack": { + "resource_type": "ConformancePack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OrganizationConfigRule": { + "resource_type": "OrganizationConfigRule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OrganizationConformancePack": { + "resource_type": "OrganizationConformancePack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StoredQuery": { + "resource_type": "StoredQuery", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "aggregationauthorization": "AggregationAuthorization", + "configrule": "ConfigRule", + "configurationaggregator": "ConfigurationAggregator", + "conformancepack": "ConformancePack", + "organizationconfigrule": "OrganizationConfigRule", + "organizationconformancepack": "OrganizationConformancePack", + "storedquery": "StoredQuery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to delete specified tags from a resource", + "access_level": "Tagging", + "resource_types": { + "AggregationAuthorization": { + "resource_type": "AggregationAuthorization", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfigRule": { + "resource_type": "ConfigRule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConfigurationAggregator": { + "resource_type": "ConfigurationAggregator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ConformancePack": { + "resource_type": "ConformancePack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OrganizationConfigRule": { + "resource_type": "OrganizationConfigRule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OrganizationConformancePack": { + "resource_type": "OrganizationConformancePack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StoredQuery": { + "resource_type": "StoredQuery", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "aggregationauthorization": "AggregationAuthorization", + "configrule": "ConfigRule", + "configurationaggregator": "ConfigurationAggregator", + "conformancepack": "ConformancePack", + "organizationconfigrule": "OrganizationConfigRule", + "organizationconformancepack": "OrganizationConformancePack", + "storedquery": "StoredQuery", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/config/latest/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "batchgetaggregateresourceconfig": "BatchGetAggregateResourceConfig", + "batchgetresourceconfig": "BatchGetResourceConfig", + "deleteaggregationauthorization": "DeleteAggregationAuthorization", + "deleteconfigrule": "DeleteConfigRule", + "deleteconfigurationaggregator": "DeleteConfigurationAggregator", + "deleteconfigurationrecorder": "DeleteConfigurationRecorder", + "deleteconformancepack": "DeleteConformancePack", + "deletedeliverychannel": "DeleteDeliveryChannel", + "deleteevaluationresults": "DeleteEvaluationResults", + "deleteorganizationconfigrule": "DeleteOrganizationConfigRule", + "deleteorganizationconformancepack": "DeleteOrganizationConformancePack", + "deletependingaggregationrequest": "DeletePendingAggregationRequest", + "deleteremediationconfiguration": "DeleteRemediationConfiguration", + "deleteremediationexceptions": "DeleteRemediationExceptions", + "deleteresourceconfig": "DeleteResourceConfig", + "deleteretentionconfiguration": "DeleteRetentionConfiguration", + "deletestoredquery": "DeleteStoredQuery", + "deliverconfigsnapshot": "DeliverConfigSnapshot", + "describeaggregatecompliancebyconfigrules": "DescribeAggregateComplianceByConfigRules", + "describeaggregatecompliancebyconformancepacks": "DescribeAggregateComplianceByConformancePacks", + "describeaggregationauthorizations": "DescribeAggregationAuthorizations", + "describecompliancebyconfigrule": "DescribeComplianceByConfigRule", + "describecompliancebyresource": "DescribeComplianceByResource", + "describeconfigruleevaluationstatus": "DescribeConfigRuleEvaluationStatus", + "describeconfigrules": "DescribeConfigRules", + "describeconfigurationaggregatorsourcesstatus": "DescribeConfigurationAggregatorSourcesStatus", + "describeconfigurationaggregators": "DescribeConfigurationAggregators", + "describeconfigurationrecorderstatus": "DescribeConfigurationRecorderStatus", + "describeconfigurationrecorders": "DescribeConfigurationRecorders", + "describeconformancepackcompliance": "DescribeConformancePackCompliance", + "describeconformancepackstatus": "DescribeConformancePackStatus", + "describeconformancepacks": "DescribeConformancePacks", + "describedeliverychannelstatus": "DescribeDeliveryChannelStatus", + "describedeliverychannels": "DescribeDeliveryChannels", + "describeorganizationconfigrulestatuses": "DescribeOrganizationConfigRuleStatuses", + "describeorganizationconfigrules": "DescribeOrganizationConfigRules", + "describeorganizationconformancepackstatuses": "DescribeOrganizationConformancePackStatuses", + "describeorganizationconformancepacks": "DescribeOrganizationConformancePacks", + "describependingaggregationrequests": "DescribePendingAggregationRequests", + "describeremediationconfigurations": "DescribeRemediationConfigurations", + "describeremediationexceptions": "DescribeRemediationExceptions", + "describeremediationexecutionstatus": "DescribeRemediationExecutionStatus", + "describeretentionconfigurations": "DescribeRetentionConfigurations", + "getaggregatecompliancedetailsbyconfigrule": "GetAggregateComplianceDetailsByConfigRule", + "getaggregateconfigrulecompliancesummary": "GetAggregateConfigRuleComplianceSummary", + "getaggregateconformancepackcompliancesummary": "GetAggregateConformancePackComplianceSummary", + "getaggregatediscoveredresourcecounts": "GetAggregateDiscoveredResourceCounts", + "getaggregateresourceconfig": "GetAggregateResourceConfig", + "getcompliancedetailsbyconfigrule": "GetComplianceDetailsByConfigRule", + "getcompliancedetailsbyresource": "GetComplianceDetailsByResource", + "getcompliancesummarybyconfigrule": "GetComplianceSummaryByConfigRule", + "getcompliancesummarybyresourcetype": "GetComplianceSummaryByResourceType", + "getconformancepackcompliancedetails": "GetConformancePackComplianceDetails", + "getconformancepackcompliancesummary": "GetConformancePackComplianceSummary", + "getcustomrulepolicy": "GetCustomRulePolicy", + "getdiscoveredresourcecounts": "GetDiscoveredResourceCounts", + "getorganizationconfigruledetailedstatus": "GetOrganizationConfigRuleDetailedStatus", + "getorganizationconformancepackdetailedstatus": "GetOrganizationConformancePackDetailedStatus", + "getorganizationcustomrulepolicy": "GetOrganizationCustomRulePolicy", + "getresourceconfighistory": "GetResourceConfigHistory", + "getresourceevaluationsummary": "GetResourceEvaluationSummary", + "getstoredquery": "GetStoredQuery", + "listaggregatediscoveredresources": "ListAggregateDiscoveredResources", + "listconformancepackcompliancescores": "ListConformancePackComplianceScores", + "listdiscoveredresources": "ListDiscoveredResources", + "listresourceevaluations": "ListResourceEvaluations", + "liststoredqueries": "ListStoredQueries", + "listtagsforresource": "ListTagsForResource", + "putaggregationauthorization": "PutAggregationAuthorization", + "putconfigrule": "PutConfigRule", + "putconfigurationaggregator": "PutConfigurationAggregator", + "putconfigurationrecorder": "PutConfigurationRecorder", + "putconformancepack": "PutConformancePack", + "putdeliverychannel": "PutDeliveryChannel", + "putevaluations": "PutEvaluations", + "putexternalevaluation": "PutExternalEvaluation", + "putorganizationconfigrule": "PutOrganizationConfigRule", + "putorganizationconformancepack": "PutOrganizationConformancePack", + "putremediationconfigurations": "PutRemediationConfigurations", + "putremediationexceptions": "PutRemediationExceptions", + "putresourceconfig": "PutResourceConfig", + "putretentionconfiguration": "PutRetentionConfiguration", + "putstoredquery": "PutStoredQuery", + "selectaggregateresourceconfig": "SelectAggregateResourceConfig", + "selectresourceconfig": "SelectResourceConfig", + "startconfigrulesevaluation": "StartConfigRulesEvaluation", + "startconfigurationrecorder": "StartConfigurationRecorder", + "startremediationexecution": "StartRemediationExecution", + "startresourceevaluation": "StartResourceEvaluation", + "stopconfigurationrecorder": "StopConfigurationRecorder", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "AggregationAuthorization": { + "resource": "AggregationAuthorization", + "arn": "arn:${Partition}:config:${Region}:${Account}:aggregation-authorization/${AggregatorAccount}/${AggregatorRegion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ConfigurationAggregator": { + "resource": "ConfigurationAggregator", + "arn": "arn:${Partition}:config:${Region}:${Account}:config-aggregator/${AggregatorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ConfigRule": { + "resource": "ConfigRule", + "arn": "arn:${Partition}:config:${Region}:${Account}:config-rule/${ConfigRuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ConformancePack": { + "resource": "ConformancePack", + "arn": "arn:${Partition}:config:${Region}:${Account}:conformance-pack/${ConformancePackName}/${ConformancePackId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "OrganizationConfigRule": { + "resource": "OrganizationConfigRule", + "arn": "arn:${Partition}:config:${Region}:${Account}:organization-config-rule/${OrganizationConfigRuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "OrganizationConformancePack": { + "resource": "OrganizationConformancePack", + "arn": "arn:${Partition}:config:${Region}:${Account}:organization-conformance-pack/${OrganizationConformancePackId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "RemediationConfiguration": { + "resource": "RemediationConfiguration", + "arn": "arn:${Partition}:config:${Region}:${Account}:remediation-configuration/${RemediationConfigurationId}", + "condition_keys": [] + }, + "StoredQuery": { + "resource": "StoredQuery", + "arn": "arn:${Partition}:config:${Region}:${Account}:stored-query/${StoredQueryName}/${StoredQueryId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "aggregationauthorization": "AggregationAuthorization", + "configurationaggregator": "ConfigurationAggregator", + "configrule": "ConfigRule", + "conformancepack": "ConformancePack", + "organizationconfigrule": "OrganizationConfigRule", + "organizationconformancepack": "OrganizationConformancePack", + "remediationconfiguration": "RemediationConfiguration", + "storedquery": "StoredQuery" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "awsconnector": { + "service_name": "AWS Connector Service", + "prefix": "awsconnector", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconnectorservice.html", + "privileges": { + "GetConnectorHealth": { + "privilege": "GetConnectorHealth", + "description": "Retrieves all health metrics that were published from the Server Migration Connector.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/userguide/prereqs.html#connector-permissions" + }, + "RegisterConnector": { + "privilege": "RegisterConnector", + "description": "Registers AWS Connector with AWS Connector Service.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/userguide/prereqs.html#connector-permissions" + }, + "ValidateConnectorId": { + "privilege": "ValidateConnectorId", + "description": "Validates Server Migration Connector Id that was registered with AWS Connector Service.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/userguide/prereqs.html#connector-permissions" + } + }, + "privileges_lower_name": { + "getconnectorhealth": "GetConnectorHealth", + "registerconnector": "RegisterConnector", + "validateconnectorid": "ValidateConnectorId" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "consoleapp": { + "service_name": "AWS Management Console Mobile App", + "prefix": "consoleapp", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconsolemobileapp.html", + "privileges": { + "GetDeviceIdentity": { + "privilege": "GetDeviceIdentity", + "description": "Grants permission to retrieve the device identity for a Console Mobile App device", + "access_level": "Read", + "resource_types": { + "DeviceIdentity": { + "resource_type": "DeviceIdentity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deviceidentity": "DeviceIdentity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/consolemobileapp/latest/userguide/permissions-policies.html" + }, + "ListDeviceIdentities": { + "privilege": "ListDeviceIdentities", + "description": "Grants permission to retrieve a list of device identities", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/consolemobileapp/latest/userguide/permissions-policies.html" + } + }, + "privileges_lower_name": { + "getdeviceidentity": "GetDeviceIdentity", + "listdeviceidentities": "ListDeviceIdentities" + }, + "resources": { + "DeviceIdentity": { + "resource": "DeviceIdentity", + "arn": "arn:${Partition}:consoleapp::${Account}:device/${DeviceId}/identity/${IdentityId}", + "condition_keys": [ + "consoleapp:DeviceIdentityArn" + ] + } + }, + "resources_lower_name": { + "deviceidentity": "DeviceIdentity" + }, + "conditions": { + "consoleapp:DeviceIdentityArn": { + "condition": "consoleapp:DeviceIdentityArn", + "description": "A unique identifier for an identity on a device", + "type": "String" + } + } + }, + "consolidatedbilling": { + "service_name": "AWS Consolidated Billing", + "prefix": "consolidatedbilling", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsconsolidatedbilling.html", + "privileges": { + "GetAccountBillingRole": { + "privilege": "GetAccountBillingRole", + "description": "Grants permission to get account role (Payer, Linked, Regular)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "ListLinkedAccounts": { + "privilege": "ListLinkedAccounts", + "description": "Grants permission to get list of member/linked accounts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + } + }, + "privileges_lower_name": { + "getaccountbillingrole": "GetAccountBillingRole", + "listlinkedaccounts": "ListLinkedAccounts" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "controltower": { + "service_name": "AWS Control Tower", + "prefix": "controltower", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscontroltower.html", + "privileges": { + "CreateManagedAccount": { + "privilege": "CreateManagedAccount", + "description": "Grants permission to create an account managed by AWS Control Tower", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + }, + "DeleteLandingZone": { + "privilege": "DeleteLandingZone", + "description": "Grants permission to delete AWS Control Tower landing zone", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/decommission-landing-zone.html" + }, + "DeregisterManagedAccount": { + "privilege": "DeregisterManagedAccount", + "description": "Grants permission to deregister an account created through the account factory from AWS Control Tower", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + }, + "DeregisterOrganizationalUnit": { + "privilege": "DeregisterOrganizationalUnit", + "description": "Grants permission to deregister an organizational unit from AWS Control Tower management", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" + }, + "DescribeAccountFactoryConfig": { + "privilege": "DescribeAccountFactoryConfig", + "description": "Grants permission to describe the current account factory configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + }, + "DescribeCoreService": { + "privilege": "DescribeCoreService", + "description": "Grants permission to describe resources managed by core accounts in AWS Control Tower", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/how-control-tower-works.html#what-shared" + }, + "DescribeGuardrail": { + "privilege": "DescribeGuardrail", + "description": "Grants permission to describe a guardrail", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" + }, + "DescribeGuardrailForTarget": { + "privilege": "DescribeGuardrailForTarget", + "description": "Grants permission to describe a guardrail for a organizational unit", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" + }, + "DescribeLandingZoneConfiguration": { + "privilege": "DescribeLandingZoneConfiguration", + "description": "Grants permission to describe the current Landing Zone configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/step-two.html" + }, + "DescribeManagedAccount": { + "privilege": "DescribeManagedAccount", + "description": "Grants permission to describe an account created through account factory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + }, + "DescribeManagedOrganizationalUnit": { + "privilege": "DescribeManagedOrganizationalUnit", + "description": "Grants permission to describe an AWS Organizations organizational unit managed by AWS Control Tower", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" + }, + "DescribeRegisterOrganizationalUnitOperation": { + "privilege": "DescribeRegisterOrganizationalUnitOperation", + "description": "Grants permission to describe a Register Organizational Unit Operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/about-extending-governance.html" + }, + "DescribeSingleSignOn": { + "privilege": "DescribeSingleSignOn", + "description": "Grants permission to describe the current AWS Control Tower SSO configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/sso.html" + }, + "DisableControl": { + "privilege": "DisableControl", + "description": "Grants permission to remove a control from an organizational unit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_DisableControl.html" + }, + "DisableGuardrail": { + "privilege": "DisableGuardrail", + "description": "Grants permission to disable a guardrail from an organizational unit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls-on-ou.html" + }, + "EnableControl": { + "privilege": "EnableControl", + "description": "Grants permission to activate a control for an organizational unit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_EnableControl.html" + }, + "EnableGuardrail": { + "privilege": "EnableGuardrail", + "description": "Grants permission to enable a guardrail to an organizational unit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls-on-ou.html" + }, + "GetAccountInfo": { + "privilege": "GetAccountInfo", + "description": "Grants permission to describe an account email and validate that it exists", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/accounts.html" + }, + "GetAvailableUpdates": { + "privilege": "GetAvailableUpdates", + "description": "Grants permission to list available updates for the current AWS Control Tower deployment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/configuration-updates.html" + }, + "GetControlOperation": { + "privilege": "GetControlOperation", + "description": "Grants permission to get the current status of a particular EnabledControl or DisableControl operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_GetControlOperation.html" + }, + "GetGuardrailComplianceStatus": { + "privilege": "GetGuardrailComplianceStatus", + "description": "Grants permission to get the current compliance status of a guardrail", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" + }, + "GetHomeRegion": { + "privilege": "GetHomeRegion", + "description": "Grants permission to get the home region of the AWS Control Tower setup", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/how-control-tower-works.html#region-how" + }, + "GetLandingZoneDriftStatus": { + "privilege": "GetLandingZoneDriftStatus", + "description": "Grants permission to get the current landing zone drift status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/drift.html" + }, + "GetLandingZoneStatus": { + "privilege": "GetLandingZoneStatus", + "description": "Grants permission to get the current status of the landing zone setup", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html#step-two" + }, + "ListDirectoryGroups": { + "privilege": "ListDirectoryGroups", + "description": "Grants permission to list the current directory groups available through SSO", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/sso.html" + }, + "ListDriftDetails": { + "privilege": "ListDriftDetails", + "description": "Grants permission to list occurrences of drift in AWS Control Tower", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/drift.html" + }, + "ListEnabledControls": { + "privilege": "ListEnabledControls", + "description": "Grants permission to list all enabled controls in a specified organizational unit", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/APIReference/API_ListEnabledControls.html" + }, + "ListEnabledGuardrails": { + "privilege": "ListEnabledGuardrails", + "description": "Grants permission to list currently enabled guardrails", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" + }, + "ListExtendGovernancePrecheckDetails": { + "privilege": "ListExtendGovernancePrecheckDetails", + "description": "Grants permission to list Precheck details for an Organizational Unit", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/about-extending-governance.html" + }, + "ListExternalConfigRuleCompliance": { + "privilege": "ListExternalConfigRuleCompliance", + "description": "Grants permission to list the compliance of external AWS Config rules", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/review-compliance.html" + }, + "ListGuardrailViolations": { + "privilege": "ListGuardrailViolations", + "description": "Grants permission to list existing guardrail violations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" + }, + "ListGuardrails": { + "privilege": "ListGuardrails", + "description": "Grants permission to list all available guardrails", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" + }, + "ListGuardrailsForTarget": { + "privilege": "ListGuardrailsForTarget", + "description": "Grants permission to list guardrails and their current state for a organizational unit", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/controls.html" + }, + "ListManagedAccounts": { + "privilege": "ListManagedAccounts", + "description": "Grants permission to list accounts managed through AWS Control Tower", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + }, + "ListManagedAccountsForGuardrail": { + "privilege": "ListManagedAccountsForGuardrail", + "description": "Grants permission to list managed accounts with a specified guardrail applied", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + }, + "ListManagedAccountsForParent": { + "privilege": "ListManagedAccountsForParent", + "description": "Grants permission to list managed accounts under an organizational unit", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + }, + "ListManagedOrganizationalUnits": { + "privilege": "ListManagedOrganizationalUnits", + "description": "Grants permission to list organizational units managed by AWS Control Tower", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" + }, + "ListManagedOrganizationalUnitsForGuardrail": { + "privilege": "ListManagedOrganizationalUnitsForGuardrail", + "description": "Grants permission to list managed organizational units that have a specified guardrail applied", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" + }, + "ManageOrganizationalUnit": { + "privilege": "ManageOrganizationalUnit", + "description": "Grants permission to set up an organizational unit to be managed by AWS Control Tower", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/organizations.html" + }, + "PerformPreLaunchChecks": { + "privilege": "PerformPreLaunchChecks", + "description": "Grants permission to perform validations in an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-prereqs.html" + }, + "SetupLandingZone": { + "privilege": "SetupLandingZone", + "description": "Grants permission to set up or update AWS Control Tower landing zone", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html#step-two" + }, + "UpdateAccountFactoryConfig": { + "privilege": "UpdateAccountFactoryConfig", + "description": "Grants permission to update the account factory configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/controltower/latest/userguide/account-factory.html" + } + }, + "privileges_lower_name": { + "createmanagedaccount": "CreateManagedAccount", + "deletelandingzone": "DeleteLandingZone", + "deregistermanagedaccount": "DeregisterManagedAccount", + "deregisterorganizationalunit": "DeregisterOrganizationalUnit", + "describeaccountfactoryconfig": "DescribeAccountFactoryConfig", + "describecoreservice": "DescribeCoreService", + "describeguardrail": "DescribeGuardrail", + "describeguardrailfortarget": "DescribeGuardrailForTarget", + "describelandingzoneconfiguration": "DescribeLandingZoneConfiguration", + "describemanagedaccount": "DescribeManagedAccount", + "describemanagedorganizationalunit": "DescribeManagedOrganizationalUnit", + "describeregisterorganizationalunitoperation": "DescribeRegisterOrganizationalUnitOperation", + "describesinglesignon": "DescribeSingleSignOn", + "disablecontrol": "DisableControl", + "disableguardrail": "DisableGuardrail", + "enablecontrol": "EnableControl", + "enableguardrail": "EnableGuardrail", + "getaccountinfo": "GetAccountInfo", + "getavailableupdates": "GetAvailableUpdates", + "getcontroloperation": "GetControlOperation", + "getguardrailcompliancestatus": "GetGuardrailComplianceStatus", + "gethomeregion": "GetHomeRegion", + "getlandingzonedriftstatus": "GetLandingZoneDriftStatus", + "getlandingzonestatus": "GetLandingZoneStatus", + "listdirectorygroups": "ListDirectoryGroups", + "listdriftdetails": "ListDriftDetails", + "listenabledcontrols": "ListEnabledControls", + "listenabledguardrails": "ListEnabledGuardrails", + "listextendgovernanceprecheckdetails": "ListExtendGovernancePrecheckDetails", + "listexternalconfigrulecompliance": "ListExternalConfigRuleCompliance", + "listguardrailviolations": "ListGuardrailViolations", + "listguardrails": "ListGuardrails", + "listguardrailsfortarget": "ListGuardrailsForTarget", + "listmanagedaccounts": "ListManagedAccounts", + "listmanagedaccountsforguardrail": "ListManagedAccountsForGuardrail", + "listmanagedaccountsforparent": "ListManagedAccountsForParent", + "listmanagedorganizationalunits": "ListManagedOrganizationalUnits", + "listmanagedorganizationalunitsforguardrail": "ListManagedOrganizationalUnitsForGuardrail", + "manageorganizationalunit": "ManageOrganizationalUnit", + "performprelaunchchecks": "PerformPreLaunchChecks", + "setuplandingzone": "SetupLandingZone", + "updateaccountfactoryconfig": "UpdateAccountFactoryConfig" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "cur": { + "service_name": "AWS Cost and Usage Report", + "prefix": "cur", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscostandusagereport.html", + "privileges": { + "DeleteReportDefinition": { + "privilege": "DeleteReportDefinition", + "description": "Grants permission to delete Cost and Usage Report Definition", + "access_level": "Write", + "resource_types": { + "cur": { + "resource_type": "cur", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cur": "cur" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_DeleteReportDefinition.html" + }, + "DescribeReportDefinitions": { + "privilege": "DescribeReportDefinitions", + "description": "Grants permission to get Cost and Usage Report Definitions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_DescribeReportDefinitions.html" + }, + "GetClassicReport": { + "privilege": "GetClassicReport", + "description": "Grants permission to get Bills CSV report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" + }, + "GetClassicReportPreferences": { + "privilege": "GetClassicReportPreferences", + "description": "Grants permission to get the classic report enablement status for Usage Reports", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" + }, + "GetUsageReport": { + "privilege": "GetUsageReport", + "description": "Grants permission to get list of AWS services, usage type and operation for the Usage Report workflow. Allows or denies download of usage reports too", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" + }, + "ModifyReportDefinition": { + "privilege": "ModifyReportDefinition", + "description": "Grants permission to modify Cost and Usage Report Definition", + "access_level": "Write", + "resource_types": { + "cur": { + "resource_type": "cur", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cur": "cur" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_ModifyReportDefinition.html" + }, + "PutClassicReportPreferences": { + "privilege": "PutClassicReportPreferences", + "description": "Grants permission to enable classic reports", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" + }, + "PutReportDefinition": { + "privilege": "PutReportDefinition", + "description": "Grants permission to write Cost and Usage Report Definition", + "access_level": "Write", + "resource_types": { + "cur": { + "resource_type": "cur", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cur": "cur" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_cur_PutReportDefinition.html" + }, + "ValidateReportDestination": { + "privilege": "ValidateReportDestination", + "description": "Grants permission to validates if the s3 bucket exists with appropriate permissions for CUR delivery", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/cur/latest/userguide/security.html#user-permissions" + } + }, + "privileges_lower_name": { + "deletereportdefinition": "DeleteReportDefinition", + "describereportdefinitions": "DescribeReportDefinitions", + "getclassicreport": "GetClassicReport", + "getclassicreportpreferences": "GetClassicReportPreferences", + "getusagereport": "GetUsageReport", + "modifyreportdefinition": "ModifyReportDefinition", + "putclassicreportpreferences": "PutClassicReportPreferences", + "putreportdefinition": "PutReportDefinition", + "validatereportdestination": "ValidateReportDestination" + }, + "resources": { + "cur": { + "resource": "cur", + "arn": "arn:${Partition}:cur:${Region}:${Account}:definition/${ReportName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "cur": "cur" + }, + "conditions": {} + }, + "ce": { + "service_name": "AWS Cost Explorer Service", + "prefix": "ce", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscostexplorerservice.html", + "privileges": { + "CreateAnomalyMonitor": { + "privilege": "CreateAnomalyMonitor", + "description": "Grants permission to create a new Anomaly Monitor", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_CreateAnomalyMonitor.html" + }, + "CreateAnomalySubscription": { + "privilege": "CreateAnomalySubscription", + "description": "Grants permission to create a new Anomaly Subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_CreateAnomalySubscription.html" + }, + "CreateCostCategoryDefinition": { + "privilege": "CreateCostCategoryDefinition", + "description": "Grants permission to create a new Cost Category with the requested name and rules", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_CreateCostCategoryDefinition.html" + }, + "CreateNotificationSubscription": { + "privilege": "CreateNotificationSubscription", + "description": "Grants permission to create Reservation expiration alerts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "CreateReport": { + "privilege": "CreateReport", + "description": "Grants permission to create Cost Explorer Reports", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "DeleteAnomalyMonitor": { + "privilege": "DeleteAnomalyMonitor", + "description": "Grants permission to delete an Anomaly Monitor", + "access_level": "Write", + "resource_types": { + "anomalymonitor": { + "resource_type": "anomalymonitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalymonitor": "anomalymonitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DeleteAnomalyMonitor.html" + }, + "DeleteAnomalySubscription": { + "privilege": "DeleteAnomalySubscription", + "description": "Grants permission to delete an Anomaly Subscription", + "access_level": "Write", + "resource_types": { + "anomalysubscription": { + "resource_type": "anomalysubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalysubscription": "anomalysubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DeleteAnomalySubscription.html" + }, + "DeleteCostCategoryDefinition": { + "privilege": "DeleteCostCategoryDefinition", + "description": "Grants permission to delete a Cost Category", + "access_level": "Write", + "resource_types": { + "costcategory": { + "resource_type": "costcategory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "costcategory": "costcategory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DeleteCostCategoryDefinition.html" + }, + "DeleteNotificationSubscription": { + "privilege": "DeleteNotificationSubscription", + "description": "Grants permission to delete Reservation expiration alerts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "DeleteReport": { + "privilege": "DeleteReport", + "description": "Grants permission to delete Cost Explorer Reports", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "DescribeCostCategoryDefinition": { + "privilege": "DescribeCostCategoryDefinition", + "description": "Grants permission to retrieve descriptions such as the name, ARN, rules, definition, and effective dates of a Cost Category", + "access_level": "Read", + "resource_types": { + "costcategory": { + "resource_type": "costcategory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "costcategory": "costcategory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_DescribeCostCategoryDefinition.html" + }, + "DescribeNotificationSubscription": { + "privilege": "DescribeNotificationSubscription", + "description": "Grants permission to view Reservation expiration alerts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "DescribeReport": { + "privilege": "DescribeReport", + "description": "Grants permission to view Cost Explorer Reports page", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetAnomalies": { + "privilege": "GetAnomalies", + "description": "Grants permission to retrieve anomalies", + "access_level": "Read", + "resource_types": { + "anomalymonitor": { + "resource_type": "anomalymonitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalymonitor": "anomalymonitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetAnomalies.html" + }, + "GetAnomalyMonitors": { + "privilege": "GetAnomalyMonitors", + "description": "Grants permission to query Anomaly Monitors", + "access_level": "Read", + "resource_types": { + "anomalymonitor": { + "resource_type": "anomalymonitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalymonitor": "anomalymonitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetAnomalyMonitors.html" + }, + "GetAnomalySubscriptions": { + "privilege": "GetAnomalySubscriptions", + "description": "Grants permission to query Anomaly Subscriptions", + "access_level": "Read", + "resource_types": { + "anomalysubscription": { + "resource_type": "anomalysubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalysubscription": "anomalysubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetAnomalySubscriptions.html" + }, + "GetConsoleActionSetEnforced": { + "privilege": "GetConsoleActionSetEnforced", + "description": "Grants permission to view whether existing or fine-grained IAM actions are being used to control authorization to Billing, Cost Management, and Account consoles", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetCostAndUsage": { + "privilege": "GetCostAndUsage", + "description": "Grants permission to retrieve the cost and usage metrics for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostAndUsage.html" + }, + "GetCostAndUsageWithResources": { + "privilege": "GetCostAndUsageWithResources", + "description": "Grants permission to retrieve the cost and usage metrics with resources for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostAndUsageWithResources.html" + }, + "GetCostCategories": { + "privilege": "GetCostCategories", + "description": "Grants permission to query Cost Catagory names and values for a specified time period", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostCategories.html" + }, + "GetCostForecast": { + "privilege": "GetCostForecast", + "description": "Grants permission to retrieve a cost forecast for a forecast time period", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetCostForecast.html" + }, + "GetDimensionValues": { + "privilege": "GetDimensionValues", + "description": "Grants permission to retrieve all available filter values for a filter for a period of time", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetDimensionValues.html" + }, + "GetPreferences": { + "privilege": "GetPreferences", + "description": "Grants permission to view Cost Explorer Preferences page", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetReservationCoverage": { + "privilege": "GetReservationCoverage", + "description": "Grants permission to retrieve the reservation coverage for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetReservationCoverage.html" + }, + "GetReservationPurchaseRecommendation": { + "privilege": "GetReservationPurchaseRecommendation", + "description": "Grants permission to retrieve the reservation recommendations for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetReservationPurchaseRecommendation.html" + }, + "GetReservationUtilization": { + "privilege": "GetReservationUtilization", + "description": "Grants permission to retrieve the reservation utilization for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetReservationUtilization.html" + }, + "GetRightsizingRecommendation": { + "privilege": "GetRightsizingRecommendation", + "description": "Grants permission to retrieve the rightsizing recommendations for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetRightsizingRecommendation.html" + }, + "GetSavingsPlanPurchaseRecommendationDetails": { + "privilege": "GetSavingsPlanPurchaseRecommendationDetails", + "description": "Grants permission to retrieve the Savings Plan recommendation details for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlanPurchaseRecommendationDetails.html" + }, + "GetSavingsPlansCoverage": { + "privilege": "GetSavingsPlansCoverage", + "description": "Grants permission to retrieve the Savings Plans coverage for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansCoverage.html" + }, + "GetSavingsPlansPurchaseRecommendation": { + "privilege": "GetSavingsPlansPurchaseRecommendation", + "description": "Grants permission to retrieve the Savings Plans recommendations for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansPurchaseRecommendation.html" + }, + "GetSavingsPlansUtilization": { + "privilege": "GetSavingsPlansUtilization", + "description": "Grants permission to retrieve the Savings Plans utilization for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansUtilization.html" + }, + "GetSavingsPlansUtilizationDetails": { + "privilege": "GetSavingsPlansUtilizationDetails", + "description": "Grants permission to retrieve the Savings Plans utilization details for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetSavingsPlansUtilizationDetails.html" + }, + "GetTags": { + "privilege": "GetTags", + "description": "Grants permission to query tags for a specified time period", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetTags.html" + }, + "GetUsageForecast": { + "privilege": "GetUsageForecast", + "description": "Grants permission to retrieve a usage forecast for a forecast time period", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_GetUsageForecast.html" + }, + "ListCostAllocationTags": { + "privilege": "ListCostAllocationTags", + "description": "Grants permission to list Cost Allocation Tags", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListCostAllocationTags.html" + }, + "ListCostCategoryDefinitions": { + "privilege": "ListCostCategoryDefinitions", + "description": "Grants permission to retrieve names, ARN, and effective dates for all Cost Categories", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListCostCategoryDefinitions.html" + }, + "ListSavingsPlansPurchaseRecommendationGeneration": { + "privilege": "ListSavingsPlansPurchaseRecommendationGeneration", + "description": "Grants permission to retrieve a list of your historical recommendation generations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListSavingsPlansPurchaseRecommendationGeneration.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a Cost Explorer resource", + "access_level": "Read", + "resource_types": { + "anomalymonitor": { + "resource_type": "anomalymonitor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "anomalysubscription": { + "resource_type": "anomalysubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "costcategory": { + "resource_type": "costcategory", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalymonitor": "anomalymonitor", + "anomalysubscription": "anomalysubscription", + "costcategory": "costcategory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListTagsForResource.html" + }, + "ProvideAnomalyFeedback": { + "privilege": "ProvideAnomalyFeedback", + "description": "Grants permission to provide feedback on detected anomalies", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ProvideAnomalyFeedback.html" + }, + "StartSavingsPlansPurchaseRecommendationGeneration": { + "privilege": "StartSavingsPlansPurchaseRecommendationGeneration", + "description": "Grants permission to request a Savings Plans recommendation generation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_StartSavingsPlansPurchaseRecommendationGeneration.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a Cost Explorer resource", + "access_level": "Tagging", + "resource_types": { + "anomalymonitor": { + "resource_type": "anomalymonitor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "anomalysubscription": { + "resource_type": "anomalysubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "costcategory": { + "resource_type": "costcategory", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalymonitor": "anomalymonitor", + "anomalysubscription": "anomalysubscription", + "costcategory": "costcategory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a Cost Explorer resource", + "access_level": "Tagging", + "resource_types": { + "anomalymonitor": { + "resource_type": "anomalymonitor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "anomalysubscription": { + "resource_type": "anomalysubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "costcategory": { + "resource_type": "costcategory", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalymonitor": "anomalymonitor", + "anomalysubscription": "anomalysubscription", + "costcategory": "costcategory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UntagResource.html" + }, + "UpdateAnomalyMonitor": { + "privilege": "UpdateAnomalyMonitor", + "description": "Grants permission to update an existing Anomaly Monitor", + "access_level": "Write", + "resource_types": { + "anomalymonitor": { + "resource_type": "anomalymonitor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalymonitor": "anomalymonitor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateAnomalyMonitor.html" + }, + "UpdateAnomalySubscription": { + "privilege": "UpdateAnomalySubscription", + "description": "Grants permission to update an existing Anomaly Subscription", + "access_level": "Write", + "resource_types": { + "anomalysubscription": { + "resource_type": "anomalysubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "anomalysubscription": "anomalysubscription", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateAnomalySubscription.html" + }, + "UpdateConsoleActionSetEnforced": { + "privilege": "UpdateConsoleActionSetEnforced", + "description": "Grants permission to change whether existing or fine-grained IAM actions will be used to control authorization to Billing, Cost Management, and Account consoles", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "UpdateCostAllocationTagsStatus": { + "privilege": "UpdateCostAllocationTagsStatus", + "description": "Grants permission to update existing Cost Allocation Tags status", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateCostAllocationTagsStatus.html" + }, + "UpdateCostCategoryDefinition": { + "privilege": "UpdateCostCategoryDefinition", + "description": "Grants permission to update an existing Cost Category", + "access_level": "Write", + "resource_types": { + "costcategory": { + "resource_type": "costcategory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "costcategory": "costcategory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_UpdateCostCategoryDefinition.html" + }, + "UpdateNotificationSubscription": { + "privilege": "UpdateNotificationSubscription", + "description": "Grants permission to update Reservation expiration alerts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "UpdatePreferences": { + "privilege": "UpdatePreferences", + "description": "Grants permission to edit Cost Explorer Preferences page", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "UpdateReport": { + "privilege": "UpdateReport", + "description": "Grants permission to update Cost Explorer Reports", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + } + }, + "privileges_lower_name": { + "createanomalymonitor": "CreateAnomalyMonitor", + "createanomalysubscription": "CreateAnomalySubscription", + "createcostcategorydefinition": "CreateCostCategoryDefinition", + "createnotificationsubscription": "CreateNotificationSubscription", + "createreport": "CreateReport", + "deleteanomalymonitor": "DeleteAnomalyMonitor", + "deleteanomalysubscription": "DeleteAnomalySubscription", + "deletecostcategorydefinition": "DeleteCostCategoryDefinition", + "deletenotificationsubscription": "DeleteNotificationSubscription", + "deletereport": "DeleteReport", + "describecostcategorydefinition": "DescribeCostCategoryDefinition", + "describenotificationsubscription": "DescribeNotificationSubscription", + "describereport": "DescribeReport", + "getanomalies": "GetAnomalies", + "getanomalymonitors": "GetAnomalyMonitors", + "getanomalysubscriptions": "GetAnomalySubscriptions", + "getconsoleactionsetenforced": "GetConsoleActionSetEnforced", + "getcostandusage": "GetCostAndUsage", + "getcostandusagewithresources": "GetCostAndUsageWithResources", + "getcostcategories": "GetCostCategories", + "getcostforecast": "GetCostForecast", + "getdimensionvalues": "GetDimensionValues", + "getpreferences": "GetPreferences", + "getreservationcoverage": "GetReservationCoverage", + "getreservationpurchaserecommendation": "GetReservationPurchaseRecommendation", + "getreservationutilization": "GetReservationUtilization", + "getrightsizingrecommendation": "GetRightsizingRecommendation", + "getsavingsplanpurchaserecommendationdetails": "GetSavingsPlanPurchaseRecommendationDetails", + "getsavingsplanscoverage": "GetSavingsPlansCoverage", + "getsavingsplanspurchaserecommendation": "GetSavingsPlansPurchaseRecommendation", + "getsavingsplansutilization": "GetSavingsPlansUtilization", + "getsavingsplansutilizationdetails": "GetSavingsPlansUtilizationDetails", + "gettags": "GetTags", + "getusageforecast": "GetUsageForecast", + "listcostallocationtags": "ListCostAllocationTags", + "listcostcategorydefinitions": "ListCostCategoryDefinitions", + "listsavingsplanspurchaserecommendationgeneration": "ListSavingsPlansPurchaseRecommendationGeneration", + "listtagsforresource": "ListTagsForResource", + "provideanomalyfeedback": "ProvideAnomalyFeedback", + "startsavingsplanspurchaserecommendationgeneration": "StartSavingsPlansPurchaseRecommendationGeneration", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateanomalymonitor": "UpdateAnomalyMonitor", + "updateanomalysubscription": "UpdateAnomalySubscription", + "updateconsoleactionsetenforced": "UpdateConsoleActionSetEnforced", + "updatecostallocationtagsstatus": "UpdateCostAllocationTagsStatus", + "updatecostcategorydefinition": "UpdateCostCategoryDefinition", + "updatenotificationsubscription": "UpdateNotificationSubscription", + "updatepreferences": "UpdatePreferences", + "updatereport": "UpdateReport" + }, + "resources": { + "anomalysubscription": { + "resource": "anomalysubscription", + "arn": "arn:${Partition}:ce::${Account}:anomalysubscription/${Identifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "anomalymonitor": { + "resource": "anomalymonitor", + "arn": "arn:${Partition}:ce::${Account}:anomalymonitor/${Identifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "costcategory": { + "resource": "costcategory", + "arn": "arn:${Partition}:ce::${Account}:costcategory/${Identifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "anomalysubscription": "anomalysubscription", + "anomalymonitor": "anomalymonitor", + "costcategory": "costcategory" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "customer-verification": { + "service_name": "AWS Customer Verification Service", + "prefix": "customer-verification", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscustomerverificationservice.html", + "privileges": { + "CreateCustomerVerificationDetails": { + "privilege": "CreateCustomerVerificationDetails", + "description": "Grants permission to create customer verification data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetCustomerVerificationDetails": { + "privilege": "GetCustomerVerificationDetails", + "description": "Grants permission to get customer verification data", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetCustomerVerificationEligibility": { + "privilege": "GetCustomerVerificationEligibility", + "description": "Grants permission to get customer verification eligibility", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdateCustomerVerificationDetails": { + "privilege": "UpdateCustomerVerificationDetails", + "description": "Grants permission to update customer verification data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + } + }, + "privileges_lower_name": { + "createcustomerverificationdetails": "CreateCustomerVerificationDetails", + "getcustomerverificationdetails": "GetCustomerVerificationDetails", + "getcustomerverificationeligibility": "GetCustomerVerificationEligibility", + "updatecustomerverificationdetails": "UpdateCustomerVerificationDetails" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "dms": { + "service_name": "AWS Database Migration Service", + "prefix": "dms", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatabasemigrationservice.html", + "privileges": { + "AddTagsToResource": { + "privilege": "AddTagsToResource", + "description": "Grants permission to add metadata tags to DMS resources, including replication instances, endpoints, security groups, and migration tasks", + "access_level": "Tagging", + "resource_types": { + "Certificate": { + "resource_type": "Certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataMigration": { + "resource_type": "DataMigration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataProvider": { + "resource_type": "DataProvider", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Endpoint": { + "resource_type": "Endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "EventSubscription": { + "resource_type": "EventSubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationSubnetGroup": { + "resource_type": "ReplicationSubnetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "Certificate", + "datamigration": "DataMigration", + "dataprovider": "DataProvider", + "endpoint": "Endpoint", + "eventsubscription": "EventSubscription", + "instanceprofile": "InstanceProfile", + "migrationproject": "MigrationProject", + "replicationconfig": "ReplicationConfig", + "replicationinstance": "ReplicationInstance", + "replicationsubnetgroup": "ReplicationSubnetGroup", + "replicationtask": "ReplicationTask", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_AddTagsToResource.html" + }, + "ApplyPendingMaintenanceAction": { + "privilege": "ApplyPendingMaintenanceAction", + "description": "Grants permission to apply a pending maintenance action to a resource (for example, to a replication instance)", + "access_level": "Write", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ApplyPendingMaintenanceAction.html" + }, + "AssociateExtensionPack": { + "privilege": "AssociateExtensionPack", + "description": "Grants permission to associate a extension pack", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:StartExtensionPackAssociation" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "BatchStartRecommendations": { + "privilege": "BatchStartRecommendations", + "description": "Grants permission to start the analysis of up to 20 source databases to recommend target engines for each source database", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_BatchStartRecommendations.html" + }, + "CancelMetadataModelAssessment": { + "privilege": "CancelMetadataModelAssessment", + "description": "Grants permission to cancel a single metadata model assessment run", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CancelMetadataModelConversion": { + "privilege": "CancelMetadataModelConversion", + "description": "Grants permission to cancel a single metadata model conversion run", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CancelMetadataModelExport": { + "privilege": "CancelMetadataModelExport", + "description": "Grants permission to cancel a single metadata model export run", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CancelReplicationTaskAssessmentRun": { + "privilege": "CancelReplicationTaskAssessmentRun", + "description": "Grants permission to cancel a single premigration assessment run", + "access_level": "Write", + "resource_types": { + "ReplicationTaskAssessmentRun": { + "resource_type": "ReplicationTaskAssessmentRun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtaskassessmentrun": "ReplicationTaskAssessmentRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CancelReplicationTaskAssessmentRun.html" + }, + "CreateDataMigration": { + "privilege": "CreateDataMigration", + "description": "Grants permission to create a database migration using the provided settings", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CreateDataProvider": { + "privilege": "CreateDataProvider", + "description": "Grants permission to create an data provider using the provided settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CreateEndpoint": { + "privilege": "CreateEndpoint", + "description": "Grants permission to create an endpoint using the provided settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateEndpoint.html" + }, + "CreateEventSubscription": { + "privilege": "CreateEventSubscription", + "description": "Grants permission to create an AWS DMS event notification subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateEventSubscription.html" + }, + "CreateFleetAdvisorCollector": { + "privilege": "CreateFleetAdvisorCollector", + "description": "Grants permission to create a Fleet Advisor collector using the specified parameters", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateFleetAdvisorCollector.html" + }, + "CreateInstanceProfile": { + "privilege": "CreateInstanceProfile", + "description": "Grants permission to create an instance profile using the provided settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CreateMigrationProject": { + "privilege": "CreateMigrationProject", + "description": "Grants permission to create an migration project using the provided settings", + "access_level": "Write", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider", + "instanceprofile": "InstanceProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CreateReplicationConfig": { + "privilege": "CreateReplicationConfig", + "description": "Grants permission to create a replication config using the provided settings", + "access_level": "Write", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "CreateReplicationInstance": { + "privilege": "CreateReplicationInstance", + "description": "Grants permission to create a replication instance using the specified parameters", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationInstance.html" + }, + "CreateReplicationSubnetGroup": { + "privilege": "CreateReplicationSubnetGroup", + "description": "Grants permission to create a replication subnet group given a list of the subnet IDs in a VPC", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationSubnetGroup.html" + }, + "CreateReplicationTask": { + "privilege": "CreateReplicationTask", + "description": "Grants permission to create a replication task using the specified parameters", + "access_level": "Write", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "dms:req-tag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint", + "replicationinstance": "ReplicationInstance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html" + }, + "DeleteCertificate": { + "privilege": "DeleteCertificate", + "description": "Grants permission to delete the specified certificate", + "access_level": "Write", + "resource_types": { + "Certificate": { + "resource_type": "Certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "Certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteCertificate.html" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete the specified connection between a replication instance and an endpoint", + "access_level": "Write", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint", + "replicationinstance": "ReplicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteConnection.html" + }, + "DeleteDataMigration": { + "privilege": "DeleteDataMigration", + "description": "Grants permission to delete the specified database migration", + "access_level": "Write", + "resource_types": { + "DataMigration": { + "resource_type": "DataMigration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datamigration": "DataMigration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DeleteDataProvider": { + "privilege": "DeleteDataProvider", + "description": "Grants permission to delete the specified data provider", + "access_level": "Write", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DeleteEndpoint": { + "privilege": "DeleteEndpoint", + "description": "Grants permission to delete the specified endpoint", + "access_level": "Write", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteEndpoint.html" + }, + "DeleteEventSubscription": { + "privilege": "DeleteEventSubscription", + "description": "Grants permission to delete an AWS DMS event subscription", + "access_level": "Write", + "resource_types": { + "EventSubscription": { + "resource_type": "EventSubscription", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventsubscription": "EventSubscription" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteEventSubscription.html" + }, + "DeleteFleetAdvisorCollector": { + "privilege": "DeleteFleetAdvisorCollector", + "description": "Grants permission to delete the specified Fleet Advisor collector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteFleetAdvisorCollector.html" + }, + "DeleteFleetAdvisorDatabases": { + "privilege": "DeleteFleetAdvisorDatabases", + "description": "Grants permission to delete the specified Fleet Advisor databases", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteFleetAdvisorDatabases.html" + }, + "DeleteInstanceProfile": { + "privilege": "DeleteInstanceProfile", + "description": "Grants permission to delete the specified instance profile", + "access_level": "Write", + "resource_types": { + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instanceprofile": "InstanceProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DeleteMigrationProject": { + "privilege": "DeleteMigrationProject", + "description": "Grants permission to delete the specified migration project", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DeleteReplicationConfig": { + "privilege": "DeleteReplicationConfig", + "description": "Grants permission to delete the specified replication config", + "access_level": "Write", + "resource_types": { + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfig": "ReplicationConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DeleteReplicationInstance": { + "privilege": "DeleteReplicationInstance", + "description": "Grants permission to delete the specified replication instance", + "access_level": "Write", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationInstance.html" + }, + "DeleteReplicationSubnetGroup": { + "privilege": "DeleteReplicationSubnetGroup", + "description": "Grants permission to deletes a subnet group", + "access_level": "Write", + "resource_types": { + "ReplicationSubnetGroup": { + "resource_type": "ReplicationSubnetGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationsubnetgroup": "ReplicationSubnetGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationSubnetGroup.html" + }, + "DeleteReplicationTask": { + "privilege": "DeleteReplicationTask", + "description": "Grants permission to delete the specified replication task", + "access_level": "Write", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationTask.html" + }, + "DeleteReplicationTaskAssessmentRun": { + "privilege": "DeleteReplicationTaskAssessmentRun", + "description": "Grants permission to delete the record of a single premigration assessment run", + "access_level": "Write", + "resource_types": { + "ReplicationTaskAssessmentRun": { + "resource_type": "ReplicationTaskAssessmentRun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtaskassessmentrun": "ReplicationTaskAssessmentRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DeleteReplicationTaskAssessmentRun.html" + }, + "DescribeAccountAttributes": { + "privilege": "DescribeAccountAttributes", + "description": "Grants permission to list all of the AWS DMS attributes for a customer account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeAccountAttributes.html" + }, + "DescribeApplicableIndividualAssessments": { + "privilege": "DescribeApplicableIndividualAssessments", + "description": "Grants permission to list individual assessments that you can specify for a new premigration assessment run", + "access_level": "Read", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance", + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeApplicableIndividualAssessments.html" + }, + "DescribeCertificates": { + "privilege": "DescribeCertificates", + "description": "Grants permission to provide a description of the certificate", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeCertificates.html" + }, + "DescribeConnections": { + "privilege": "DescribeConnections", + "description": "Grants permission to describe the status of the connections that have been made between the replication instance and an endpoint", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeConnections.html" + }, + "DescribeConversionConfiguration": { + "privilege": "DescribeConversionConfiguration", + "description": "Grants permission to return information about DMS Schema Conversion project configuration", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DescribeDataMigrations": { + "privilege": "DescribeDataMigrations", + "description": "Grants permission to return information about database migrations for your account in the specified region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DescribeDataProviders": { + "privilege": "DescribeDataProviders", + "description": "Grants permission to list the AWS DMS attributes for a data providers. Note. This action should be added along with ListDataProviders, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:ListDataProviders" + ] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeEndpointSettings": { + "privilege": "DescribeEndpointSettings", + "description": "Grants permission to return the possible endpoint settings available when you create an endpoint for a specific database engine", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEndpointSettings.html" + }, + "DescribeEndpointTypes": { + "privilege": "DescribeEndpointTypes", + "description": "Grants permission to return information about the type of endpoints available", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEndpointTypes.html" + }, + "DescribeEndpoints": { + "privilege": "DescribeEndpoints", + "description": "Grants permission to return information about the endpoints for your account in the current region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEndpoints.html" + }, + "DescribeEventCategories": { + "privilege": "DescribeEventCategories", + "description": "Grants permission to list categories for all event source types, or, if specified, for a specified source type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEventCategories.html" + }, + "DescribeEventSubscriptions": { + "privilege": "DescribeEventSubscriptions", + "description": "Grants permission to list all the event subscriptions for a customer account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEventSubscriptions.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to list events for a given source identifier and source type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeEvents.html" + }, + "DescribeExtensionPackAssociations": { + "privilege": "DescribeExtensionPackAssociations", + "description": "Grants permission to list the AWS DMS attributes for extension packs. Note. This action should be added along with ListExtensionPacks, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ListExtensionPacks" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeFleetAdvisorCollectors": { + "privilege": "DescribeFleetAdvisorCollectors", + "description": "Grants permission to return a paginated list of Fleet Advisor collectors in your account based on filter settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorCollectors.html" + }, + "DescribeFleetAdvisorDatabases": { + "privilege": "DescribeFleetAdvisorDatabases", + "description": "Grants permission to return a paginated list of Fleet Advisor databases in your account based on filter settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorDatabases.html" + }, + "DescribeFleetAdvisorLsaAnalysis": { + "privilege": "DescribeFleetAdvisorLsaAnalysis", + "description": "Grants permission to return a paginated list of descriptions of large-scale assessment (LSA) analyses produced by your Fleet Advisor collectors", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorLsaAnalysis.html" + }, + "DescribeFleetAdvisorSchemaObjectSummary": { + "privilege": "DescribeFleetAdvisorSchemaObjectSummary", + "description": "Grants permission to return a paginated list of descriptions of schemas discovered by your Fleet Advisor collectors based on filter settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorSchemaObjectSummary.html" + }, + "DescribeFleetAdvisorSchemas": { + "privilege": "DescribeFleetAdvisorSchemas", + "description": "Grants permission to return a paginated list of schemas discovered by your Fleet Advisor collectors based on filter settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorSchemas.html" + }, + "DescribeInstanceProfiles": { + "privilege": "DescribeInstanceProfiles", + "description": "Grants permission to list the AWS DMS attributes for a instance profiles. Note. This action should be added along with ListInstanceProfiles, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:ListInstanceProfiles" + ] + } + }, + "resource_types_lower_name": { + "instanceprofile": "InstanceProfile" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeMetadataModelAssessments": { + "privilege": "DescribeMetadataModelAssessments", + "description": "Grants permission to list the AWS DMS attributes for metadata model assessments. Note. This action should be added along with ListMetadataModelAssessments, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ListMetadataModelAssessments" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeMetadataModelConversions": { + "privilege": "DescribeMetadataModelConversions", + "description": "Grants permission to list the AWS DMS attributes for a metadata model conversions. Note. This action should be added along with ListMetadataModelConversions, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ListMetadataModelConversions" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeMetadataModelExportsAsScript": { + "privilege": "DescribeMetadataModelExportsAsScript", + "description": "Grants permission to list the AWS DMS attributes for a metadata model exports. Note. This action should be added along with ListMetadataModelExports, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ListMetadataModelExports" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeMetadataModelExportsToTarget": { + "privilege": "DescribeMetadataModelExportsToTarget", + "description": "Grants permission to list the AWS DMS attributes for a metadata model exports. Note. This action should be added along with ListMetadataModelExports, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ListMetadataModelExports" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeMetadataModelImports": { + "privilege": "DescribeMetadataModelImports", + "description": "Grants permission to return information about start metadata model import operations for a migration project", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DescribeMigrationProjects": { + "privilege": "DescribeMigrationProjects", + "description": "Grants permission to list the AWS DMS attributes for a migration projects. Note. This action should be added along with ListMigrationProjects, but does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:ListMigrationProjects" + ] + }, + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider", + "instanceprofile": "InstanceProfile", + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "DescribeOrderableReplicationInstances": { + "privilege": "DescribeOrderableReplicationInstances", + "description": "Grants permission to return information about the replication instance types that can be created in the specified region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeOrderableReplicationInstances.html" + }, + "DescribePendingMaintenanceActions": { + "privilege": "DescribePendingMaintenanceActions", + "description": "Grants permission to return information about pending maintenance actions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribePendingMaintenanceActions.html" + }, + "DescribeRecommendationLimitations": { + "privilege": "DescribeRecommendationLimitations", + "description": "Grants permission to return a paginated list of descriptions of limitations for recommendations of target AWS engines", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeFleetAdvisorLsaAnalysis.html" + }, + "DescribeRecommendations": { + "privilege": "DescribeRecommendations", + "description": "Grants permission to return a paginated list of descriptions of target engine recommendations for your source databases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeRecommendations.html" + }, + "DescribeRefreshSchemasStatus": { + "privilege": "DescribeRefreshSchemasStatus", + "description": "Grants permission to returns the status of the RefreshSchemas operation", + "access_level": "Read", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeRefreshSchemasStatus.html" + }, + "DescribeReplicationConfigs": { + "privilege": "DescribeReplicationConfigs", + "description": "Grants permission to describe replication configs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DescribeReplicationInstanceTaskLogs": { + "privilege": "DescribeReplicationInstanceTaskLogs", + "description": "Grants permission to return information about the task logs for the specified task", + "access_level": "Read", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationInstanceTaskLogs.html" + }, + "DescribeReplicationInstances": { + "privilege": "DescribeReplicationInstances", + "description": "Grants permission to return information about replication instances for your account in the current region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationInstances.html" + }, + "DescribeReplicationSubnetGroups": { + "privilege": "DescribeReplicationSubnetGroups", + "description": "Grants permission to return information about the replication subnet groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationSubnetGroups.html" + }, + "DescribeReplicationTableStatistics": { + "privilege": "DescribeReplicationTableStatistics", + "description": "Grants permission to describe replication table statistics", + "access_level": "Read", + "resource_types": { + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfig": "ReplicationConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DescribeReplicationTaskAssessmentResults": { + "privilege": "DescribeReplicationTaskAssessmentResults", + "description": "Grants permission to return the latest task assessment results from Amazon S3", + "access_level": "Read", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTaskAssessmentResults.html" + }, + "DescribeReplicationTaskAssessmentRuns": { + "privilege": "DescribeReplicationTaskAssessmentRuns", + "description": "Grants permission to return a paginated list of premigration assessment runs based on filter settings", + "access_level": "Read", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTaskAssessmentRun": { + "resource_type": "ReplicationTaskAssessmentRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance", + "replicationtask": "ReplicationTask", + "replicationtaskassessmentrun": "ReplicationTaskAssessmentRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTaskAssessmentRuns.html" + }, + "DescribeReplicationTaskIndividualAssessments": { + "privilege": "DescribeReplicationTaskIndividualAssessments", + "description": "Grants permission to return a paginated list of individual assessments based on filter settings", + "access_level": "Read", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTaskAssessmentRun": { + "resource_type": "ReplicationTaskAssessmentRun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask", + "replicationtaskassessmentrun": "ReplicationTaskAssessmentRun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTaskIndividualAssessments.html" + }, + "DescribeReplicationTasks": { + "privilege": "DescribeReplicationTasks", + "description": "Grants permission to return information about replication tasks for your account in the current region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeReplicationTasks.html" + }, + "DescribeReplications": { + "privilege": "DescribeReplications", + "description": "Grants permission to describe replications", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "DescribeSchemas": { + "privilege": "DescribeSchemas", + "description": "Grants permission to return information about the schema for the specified endpoint", + "access_level": "Read", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeSchemas.html" + }, + "DescribeTableStatistics": { + "privilege": "DescribeTableStatistics", + "description": "Grants permission to return table statistics on the database migration task, including table name, rows inserted, rows updated, and rows deleted", + "access_level": "Read", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_DescribeTableStatistics.html" + }, + "DisassociateExtensionPack": { + "privilege": "DisassociateExtensionPack", + "description": "Grants permission to disassociate a extension pack", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ExportMetadataModelAssessment": { + "privilege": "ExportMetadataModelAssessment", + "description": "Grants permission to export the specified metadata model assessment", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "GetMetadataModel": { + "privilege": "GetMetadataModel", + "description": "Grants permission to list all of the AWS DMS attributes for a metadata model. Note. Despite this action requires StartMetadataModelImport, the latter does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:StartMetadataModelImport" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ImportCertificate": { + "privilege": "ImportCertificate", + "description": "Grants permission to upload the specified certificate", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ImportCertificate.html" + }, + "ListDataProviders": { + "privilege": "ListDataProviders", + "description": "Grants permission to list the AWS DMS attributes for a data providers", + "access_level": "Read", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:DescribeDataProviders" + ] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListExtensionPacks": { + "privilege": "ListExtensionPacks", + "description": "Grants permission to list the AWS DMS attributes for a extension packs", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:DescribeExtensionPackAssociations" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListInstanceProfiles": { + "privilege": "ListInstanceProfiles", + "description": "Grants permission to list the AWS DMS attributes for a instance profiles", + "access_level": "Read", + "resource_types": { + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:DescribeInstanceProfiles" + ] + } + }, + "resource_types_lower_name": { + "instanceprofile": "InstanceProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListMetadataModelAssessmentActionItems": { + "privilege": "ListMetadataModelAssessmentActionItems", + "description": "Grants permission to list the AWS DMS attributes for a metadata model assessment action items. Note. Despite this action requires StartMetadataModelImport, the latter does not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:StartMetadataModelImport" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListMetadataModelAssessments": { + "privilege": "ListMetadataModelAssessments", + "description": "Grants permission to list the AWS DMS attributes for a metadata model assessments", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:DescribeMetadataModelAssessments" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListMetadataModelConversions": { + "privilege": "ListMetadataModelConversions", + "description": "Grants permission to list the AWS DMS attributes for a metadata model conversions", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:DescribeMetadataModelConversions" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListMetadataModelExports": { + "privilege": "ListMetadataModelExports", + "description": "Grants permission to list the AWS DMS attributes for a metadata model exports", + "access_level": "Read", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:DescribeMetadataModelExportsAsScript", + "dms:DescribeMetadataModelExportsToTarget" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListMigrationProjects": { + "privilege": "ListMigrationProjects", + "description": "Grants permission to list the AWS DMS attributes for a migration projects. Note. Despite this action requires DescribeMigrationProjects and DescribeConversionConfiguration, both required actions do not currently authorize the described Schema Conversion operation", + "access_level": "Read", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "dms:DescribeConversionConfiguration", + "dms:DescribeMigrationProjects" + ] + }, + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider", + "instanceprofile": "InstanceProfile", + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for an AWS DMS resource", + "access_level": "Read", + "resource_types": { + "Certificate": { + "resource_type": "Certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataMigration": { + "resource_type": "DataMigration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataProvider": { + "resource_type": "DataProvider", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Endpoint": { + "resource_type": "Endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "EventSubscription": { + "resource_type": "EventSubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationSubnetGroup": { + "resource_type": "ReplicationSubnetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "Certificate", + "datamigration": "DataMigration", + "dataprovider": "DataProvider", + "endpoint": "Endpoint", + "eventsubscription": "EventSubscription", + "instanceprofile": "InstanceProfile", + "migrationproject": "MigrationProject", + "replicationconfig": "ReplicationConfig", + "replicationinstance": "ReplicationInstance", + "replicationsubnetgroup": "ReplicationSubnetGroup", + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ListTagsForResource.html" + }, + "ModifyConversionConfiguration": { + "privilege": "ModifyConversionConfiguration", + "description": "Grants permission to update a conversion configuration. Note. This action should be added along with UpdateConversionConfiguration, but does not currently authorize the described Schema Conversion operation", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:UpdateConversionConfiguration" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "ModifyDataMigration": { + "privilege": "ModifyDataMigration", + "description": "Grants permission to modify the specified database migration", + "access_level": "Write", + "resource_types": { + "DataMigration": { + "resource_type": "DataMigration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datamigration": "DataMigration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ModifyDataProvider": { + "privilege": "ModifyDataProvider", + "description": "Grants permission to modify the specified data provider. Note. This action should be added along with UpdateDataProvider, but does not currently authorize the described Schema Conversion operation", + "access_level": "Write", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:UpdateDataProvider" + ] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider" + }, + "api_documentation_link": "Welcome.html" + }, + "ModifyEndpoint": { + "privilege": "ModifyEndpoint", + "description": "Grants permission to modify the specified endpoint", + "access_level": "Write", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Certificate": { + "resource_type": "Certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint", + "certificate": "Certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyEndpoint.html" + }, + "ModifyEventSubscription": { + "privilege": "ModifyEventSubscription", + "description": "Grants permission to modify an existing AWS DMS event notification subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyEventSubscription.html" + }, + "ModifyFleetAdvisorCollector": { + "privilege": "ModifyFleetAdvisorCollector", + "description": "Grants permission to modify the name and description of the specified Fleet Advisor collector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ModifyFleetAdvisorCollectorStatuses": { + "privilege": "ModifyFleetAdvisorCollectorStatuses", + "description": "Grants permission to modify the status of the specified Fleet Advisor collector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ModifyInstanceProfile": { + "privilege": "ModifyInstanceProfile", + "description": "Grants permission to modify the specified instance profile. Note. This action should be added along with UpdateInstanceProfile, but does not currently authorize the described Schema Conversion operation", + "access_level": "Write", + "resource_types": { + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:UpdateInstanceProfile" + ] + } + }, + "resource_types_lower_name": { + "instanceprofile": "InstanceProfile" + }, + "api_documentation_link": "Welcome.html" + }, + "ModifyMigrationProject": { + "privilege": "ModifyMigrationProject", + "description": "Grants permission to modify the specified migration project. Note. This action should be added along with UpdateMigrationProject, but does not currently authorize the described Schema Conversion operation", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:UpdateMigrationProject" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "ModifyReplicationConfig": { + "privilege": "ModifyReplicationConfig", + "description": "Grants permission to modify the specified replication config", + "access_level": "Write", + "resource_types": { + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfig": "ReplicationConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ModifyReplicationInstance": { + "privilege": "ModifyReplicationInstance", + "description": "Grants permission to modify the replication instance to apply new settings", + "access_level": "Write", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationInstance.html" + }, + "ModifyReplicationSubnetGroup": { + "privilege": "ModifyReplicationSubnetGroup", + "description": "Grants permission to modify the settings for the specified replication subnet group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationSubnetGroup.html" + }, + "ModifyReplicationTask": { + "privilege": "ModifyReplicationTask", + "description": "Grants permission to modify the specified replication task", + "access_level": "Write", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html" + }, + "MoveReplicationTask": { + "privilege": "MoveReplicationTask", + "description": "Grants permission to move the specified replication task to a different replication instance", + "access_level": "Write", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance", + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_MoveReplicationTask.html" + }, + "RebootReplicationInstance": { + "privilege": "RebootReplicationInstance", + "description": "Grants permission to reboot a replication instance. Rebooting results in a momentary outage, until the replication instance becomes available again", + "access_level": "Write", + "resource_types": { + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationinstance": "ReplicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RebootReplicationInstance.html" + }, + "RefreshSchemas": { + "privilege": "RefreshSchemas", + "description": "Grants permission to populate the schema for the specified endpoint", + "access_level": "Write", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint", + "replicationinstance": "ReplicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RefreshSchemas.html" + }, + "ReloadReplicationTables": { + "privilege": "ReloadReplicationTables", + "description": "Grants permission to reload the target database table with the source for a replication", + "access_level": "Write", + "resource_types": { + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfig": "ReplicationConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "ReloadTables": { + "privilege": "ReloadTables", + "description": "Grants permission to reload the target database table with the source data", + "access_level": "Write", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_ReloadTables.html" + }, + "RemoveTagsFromResource": { + "privilege": "RemoveTagsFromResource", + "description": "Grants permission to remove metadata tags from a DMS resource", + "access_level": "Tagging", + "resource_types": { + "Certificate": { + "resource_type": "Certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataMigration": { + "resource_type": "DataMigration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataProvider": { + "resource_type": "DataProvider", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Endpoint": { + "resource_type": "Endpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "EventSubscription": { + "resource_type": "EventSubscription", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MigrationProject": { + "resource_type": "MigrationProject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationSubnetGroup": { + "resource_type": "ReplicationSubnetGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "Certificate", + "datamigration": "DataMigration", + "dataprovider": "DataProvider", + "endpoint": "Endpoint", + "eventsubscription": "EventSubscription", + "instanceprofile": "InstanceProfile", + "migrationproject": "MigrationProject", + "replicationconfig": "ReplicationConfig", + "replicationinstance": "ReplicationInstance", + "replicationsubnetgroup": "ReplicationSubnetGroup", + "replicationtask": "ReplicationTask", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RemoveTagsFromResource.html" + }, + "RunFleetAdvisorLsaAnalysis": { + "privilege": "RunFleetAdvisorLsaAnalysis", + "description": "Grants permission to run a large-scale assessment (LSA) analysis on every Fleet Advisor collector in your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_RunFleetAdvisorLsaAnalysis.html" + }, + "StartDataMigration": { + "privilege": "StartDataMigration", + "description": "Grants permission to start the database migration", + "access_level": "Write", + "resource_types": { + "DataMigration": { + "resource_type": "DataMigration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datamigration": "DataMigration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StartExtensionPackAssociation": { + "privilege": "StartExtensionPackAssociation", + "description": "Grants permission to associate an extension pack. Note. This action should be added along with AssociateExtensionPack, but does not currently authorize the described Schema Conversion operation", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:AssociateExtensionPack" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "StartMetadataModelAssessment": { + "privilege": "StartMetadataModelAssessment", + "description": "Grants permission to start a new assessment of metadata model", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StartMetadataModelConversion": { + "privilege": "StartMetadataModelConversion", + "description": "Grants permission to start a new conversion of metadata model", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StartMetadataModelExportAsScript": { + "privilege": "StartMetadataModelExportAsScript", + "description": "Grants permission to start a new export of metadata model as script. Note. This action should be added along with StartMetadataModelExportAsScripts, but does not currently authorize the described Schema Conversion operation", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:StartMetadataModelExportAsScripts" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "Welcome.html" + }, + "StartMetadataModelExportAsScripts": { + "privilege": "StartMetadataModelExportAsScripts", + "description": "Grants permission to start a new export of metadata model as script", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:StartMetadataModelExportAsScript" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StartMetadataModelExportToTarget": { + "privilege": "StartMetadataModelExportToTarget", + "description": "Grants permission to start a new export of metadata model to target", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StartMetadataModelImport": { + "privilege": "StartMetadataModelImport", + "description": "Grants permission to start a new import of metadata model", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StartRecommendations": { + "privilege": "StartRecommendations", + "description": "Grants permission to start the analysis of your source database to provide recommendations of target engines", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartRecommendations.html" + }, + "StartReplication": { + "privilege": "StartReplication", + "description": "Grants permission to start a replication", + "access_level": "Write", + "resource_types": { + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfig": "ReplicationConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StartReplicationTask": { + "privilege": "StartReplicationTask", + "description": "Grants permission to start the replication task", + "access_level": "Write", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html" + }, + "StartReplicationTaskAssessment": { + "privilege": "StartReplicationTaskAssessment", + "description": "Grants permission to start the replication task assessment for unsupported data types in the source database", + "access_level": "Write", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTaskAssessment.html" + }, + "StartReplicationTaskAssessmentRun": { + "privilege": "StartReplicationTaskAssessmentRun", + "description": "Grants permission to start a new premigration assessment run for one or more individual assessments of a migration task", + "access_level": "Write", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTaskAssessmentRun.html" + }, + "StopDataMigration": { + "privilege": "StopDataMigration", + "description": "Grants permission to stop the database migration", + "access_level": "Write", + "resource_types": { + "DataMigration": { + "resource_type": "DataMigration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datamigration": "DataMigration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StopReplication": { + "privilege": "StopReplication", + "description": "Grants permission to stop a replication", + "access_level": "Write", + "resource_types": { + "ReplicationConfig": { + "resource_type": "ReplicationConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfig": "ReplicationConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "StopReplicationTask": { + "privilege": "StopReplicationTask", + "description": "Grants permission to stop the replication task", + "access_level": "Write", + "resource_types": { + "ReplicationTask": { + "resource_type": "ReplicationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationtask": "ReplicationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_StopReplicationTask.html" + }, + "TestConnection": { + "privilege": "TestConnection", + "description": "Grants permission to test the connection between the replication instance and the endpoint", + "access_level": "Read", + "resource_types": { + "Endpoint": { + "resource_type": "Endpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationInstance": { + "resource_type": "ReplicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpoint": "Endpoint", + "replicationinstance": "ReplicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_TestConnection.html" + }, + "UpdateConversionConfiguration": { + "privilege": "UpdateConversionConfiguration", + "description": "Grants permission to update a conversion configuration", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ModifyConversionConfiguration" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "UpdateDataProvider": { + "privilege": "UpdateDataProvider", + "description": "Grants permission to update the specified data provider", + "access_level": "Write", + "resource_types": { + "DataProvider": { + "resource_type": "DataProvider", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ModifyDataProvider" + ] + } + }, + "resource_types_lower_name": { + "dataprovider": "DataProvider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "UpdateInstanceProfile": { + "privilege": "UpdateInstanceProfile", + "description": "Grants permission to update the specified instance profile", + "access_level": "Write", + "resource_types": { + "InstanceProfile": { + "resource_type": "InstanceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ModifyInstanceProfile" + ] + } + }, + "resource_types_lower_name": { + "instanceprofile": "InstanceProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "UpdateMigrationProject": { + "privilege": "UpdateMigrationProject", + "description": "Grants permission to update the specified migration project", + "access_level": "Write", + "resource_types": { + "MigrationProject": { + "resource_type": "MigrationProject", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dms:ModifyMigrationProject" + ] + } + }, + "resource_types_lower_name": { + "migrationproject": "MigrationProject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + }, + "UpdateSubscriptionsToEventBridge": { + "privilege": "UpdateSubscriptionsToEventBridge", + "description": "Grants permission to migrate DMS subcriptions to Eventbridge", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/API_UpdateSubscriptionsToEventBridge.html" + }, + "UploadFileMetadataList": { + "privilege": "UploadFileMetadataList", + "description": "Grants permission to upload files to your Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/dms/latest/APIReference/Welcome.html" + } + }, + "privileges_lower_name": { + "addtagstoresource": "AddTagsToResource", + "applypendingmaintenanceaction": "ApplyPendingMaintenanceAction", + "associateextensionpack": "AssociateExtensionPack", + "batchstartrecommendations": "BatchStartRecommendations", + "cancelmetadatamodelassessment": "CancelMetadataModelAssessment", + "cancelmetadatamodelconversion": "CancelMetadataModelConversion", + "cancelmetadatamodelexport": "CancelMetadataModelExport", + "cancelreplicationtaskassessmentrun": "CancelReplicationTaskAssessmentRun", + "createdatamigration": "CreateDataMigration", + "createdataprovider": "CreateDataProvider", + "createendpoint": "CreateEndpoint", + "createeventsubscription": "CreateEventSubscription", + "createfleetadvisorcollector": "CreateFleetAdvisorCollector", + "createinstanceprofile": "CreateInstanceProfile", + "createmigrationproject": "CreateMigrationProject", + "createreplicationconfig": "CreateReplicationConfig", + "createreplicationinstance": "CreateReplicationInstance", + "createreplicationsubnetgroup": "CreateReplicationSubnetGroup", + "createreplicationtask": "CreateReplicationTask", + "deletecertificate": "DeleteCertificate", + "deleteconnection": "DeleteConnection", + "deletedatamigration": "DeleteDataMigration", + "deletedataprovider": "DeleteDataProvider", + "deleteendpoint": "DeleteEndpoint", + "deleteeventsubscription": "DeleteEventSubscription", + "deletefleetadvisorcollector": "DeleteFleetAdvisorCollector", + "deletefleetadvisordatabases": "DeleteFleetAdvisorDatabases", + "deleteinstanceprofile": "DeleteInstanceProfile", + "deletemigrationproject": "DeleteMigrationProject", + "deletereplicationconfig": "DeleteReplicationConfig", + "deletereplicationinstance": "DeleteReplicationInstance", + "deletereplicationsubnetgroup": "DeleteReplicationSubnetGroup", + "deletereplicationtask": "DeleteReplicationTask", + "deletereplicationtaskassessmentrun": "DeleteReplicationTaskAssessmentRun", + "describeaccountattributes": "DescribeAccountAttributes", + "describeapplicableindividualassessments": "DescribeApplicableIndividualAssessments", + "describecertificates": "DescribeCertificates", + "describeconnections": "DescribeConnections", + "describeconversionconfiguration": "DescribeConversionConfiguration", + "describedatamigrations": "DescribeDataMigrations", + "describedataproviders": "DescribeDataProviders", + "describeendpointsettings": "DescribeEndpointSettings", + "describeendpointtypes": "DescribeEndpointTypes", + "describeendpoints": "DescribeEndpoints", + "describeeventcategories": "DescribeEventCategories", + "describeeventsubscriptions": "DescribeEventSubscriptions", + "describeevents": "DescribeEvents", + "describeextensionpackassociations": "DescribeExtensionPackAssociations", + "describefleetadvisorcollectors": "DescribeFleetAdvisorCollectors", + "describefleetadvisordatabases": "DescribeFleetAdvisorDatabases", + "describefleetadvisorlsaanalysis": "DescribeFleetAdvisorLsaAnalysis", + "describefleetadvisorschemaobjectsummary": "DescribeFleetAdvisorSchemaObjectSummary", + "describefleetadvisorschemas": "DescribeFleetAdvisorSchemas", + "describeinstanceprofiles": "DescribeInstanceProfiles", + "describemetadatamodelassessments": "DescribeMetadataModelAssessments", + "describemetadatamodelconversions": "DescribeMetadataModelConversions", + "describemetadatamodelexportsasscript": "DescribeMetadataModelExportsAsScript", + "describemetadatamodelexportstotarget": "DescribeMetadataModelExportsToTarget", + "describemetadatamodelimports": "DescribeMetadataModelImports", + "describemigrationprojects": "DescribeMigrationProjects", + "describeorderablereplicationinstances": "DescribeOrderableReplicationInstances", + "describependingmaintenanceactions": "DescribePendingMaintenanceActions", + "describerecommendationlimitations": "DescribeRecommendationLimitations", + "describerecommendations": "DescribeRecommendations", + "describerefreshschemasstatus": "DescribeRefreshSchemasStatus", + "describereplicationconfigs": "DescribeReplicationConfigs", + "describereplicationinstancetasklogs": "DescribeReplicationInstanceTaskLogs", + "describereplicationinstances": "DescribeReplicationInstances", + "describereplicationsubnetgroups": "DescribeReplicationSubnetGroups", + "describereplicationtablestatistics": "DescribeReplicationTableStatistics", + "describereplicationtaskassessmentresults": "DescribeReplicationTaskAssessmentResults", + "describereplicationtaskassessmentruns": "DescribeReplicationTaskAssessmentRuns", + "describereplicationtaskindividualassessments": "DescribeReplicationTaskIndividualAssessments", + "describereplicationtasks": "DescribeReplicationTasks", + "describereplications": "DescribeReplications", + "describeschemas": "DescribeSchemas", + "describetablestatistics": "DescribeTableStatistics", + "disassociateextensionpack": "DisassociateExtensionPack", + "exportmetadatamodelassessment": "ExportMetadataModelAssessment", + "getmetadatamodel": "GetMetadataModel", + "importcertificate": "ImportCertificate", + "listdataproviders": "ListDataProviders", + "listextensionpacks": "ListExtensionPacks", + "listinstanceprofiles": "ListInstanceProfiles", + "listmetadatamodelassessmentactionitems": "ListMetadataModelAssessmentActionItems", + "listmetadatamodelassessments": "ListMetadataModelAssessments", + "listmetadatamodelconversions": "ListMetadataModelConversions", + "listmetadatamodelexports": "ListMetadataModelExports", + "listmigrationprojects": "ListMigrationProjects", + "listtagsforresource": "ListTagsForResource", + "modifyconversionconfiguration": "ModifyConversionConfiguration", + "modifydatamigration": "ModifyDataMigration", + "modifydataprovider": "ModifyDataProvider", + "modifyendpoint": "ModifyEndpoint", + "modifyeventsubscription": "ModifyEventSubscription", + "modifyfleetadvisorcollector": "ModifyFleetAdvisorCollector", + "modifyfleetadvisorcollectorstatuses": "ModifyFleetAdvisorCollectorStatuses", + "modifyinstanceprofile": "ModifyInstanceProfile", + "modifymigrationproject": "ModifyMigrationProject", + "modifyreplicationconfig": "ModifyReplicationConfig", + "modifyreplicationinstance": "ModifyReplicationInstance", + "modifyreplicationsubnetgroup": "ModifyReplicationSubnetGroup", + "modifyreplicationtask": "ModifyReplicationTask", + "movereplicationtask": "MoveReplicationTask", + "rebootreplicationinstance": "RebootReplicationInstance", + "refreshschemas": "RefreshSchemas", + "reloadreplicationtables": "ReloadReplicationTables", + "reloadtables": "ReloadTables", + "removetagsfromresource": "RemoveTagsFromResource", + "runfleetadvisorlsaanalysis": "RunFleetAdvisorLsaAnalysis", + "startdatamigration": "StartDataMigration", + "startextensionpackassociation": "StartExtensionPackAssociation", + "startmetadatamodelassessment": "StartMetadataModelAssessment", + "startmetadatamodelconversion": "StartMetadataModelConversion", + "startmetadatamodelexportasscript": "StartMetadataModelExportAsScript", + "startmetadatamodelexportasscripts": "StartMetadataModelExportAsScripts", + "startmetadatamodelexporttotarget": "StartMetadataModelExportToTarget", + "startmetadatamodelimport": "StartMetadataModelImport", + "startrecommendations": "StartRecommendations", + "startreplication": "StartReplication", + "startreplicationtask": "StartReplicationTask", + "startreplicationtaskassessment": "StartReplicationTaskAssessment", + "startreplicationtaskassessmentrun": "StartReplicationTaskAssessmentRun", + "stopdatamigration": "StopDataMigration", + "stopreplication": "StopReplication", + "stopreplicationtask": "StopReplicationTask", + "testconnection": "TestConnection", + "updateconversionconfiguration": "UpdateConversionConfiguration", + "updatedataprovider": "UpdateDataProvider", + "updateinstanceprofile": "UpdateInstanceProfile", + "updatemigrationproject": "UpdateMigrationProject", + "updatesubscriptionstoeventbridge": "UpdateSubscriptionsToEventBridge", + "uploadfilemetadatalist": "UploadFileMetadataList" + }, + "resources": { + "Certificate": { + "resource": "Certificate", + "arn": "arn:${Partition}:dms:${Region}:${Account}:cert:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:cert-tag/${TagKey}" + ] + }, + "DataProvider": { + "resource": "DataProvider", + "arn": "arn:${Partition}:dms:${Region}:${Account}:data-provider:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:data-provider-tag/${TagKey}" + ] + }, + "DataMigration": { + "resource": "DataMigration", + "arn": "arn:${Partition}:dms:${Region}:${Account}:data-migration:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:data-migration-tag/${TagKey}" + ] + }, + "Endpoint": { + "resource": "Endpoint", + "arn": "arn:${Partition}:dms:${Region}:${Account}:endpoint:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:endpoint-tag/${TagKey}" + ] + }, + "EventSubscription": { + "resource": "EventSubscription", + "arn": "arn:${Partition}:dms:${Region}:${Account}:es:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:es-tag/${TagKey}" + ] + }, + "InstanceProfile": { + "resource": "InstanceProfile", + "arn": "arn:${Partition}:dms:${Region}:${Account}:instance-profile:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:instance-profile-tag/${TagKey}" + ] + }, + "MigrationProject": { + "resource": "MigrationProject", + "arn": "arn:${Partition}:dms:${Region}:${Account}:migration-project:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:migration-project-tag/${TagKey}" + ] + }, + "ReplicationConfig": { + "resource": "ReplicationConfig", + "arn": "arn:${Partition}:dms:${Region}:${Account}:replication-config:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:replication-config-tag/${TagKey}" + ] + }, + "ReplicationInstance": { + "resource": "ReplicationInstance", + "arn": "arn:${Partition}:dms:${Region}:${Account}:rep:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:rep-tag/${TagKey}" + ] + }, + "ReplicationSubnetGroup": { + "resource": "ReplicationSubnetGroup", + "arn": "arn:${Partition}:dms:${Region}:${Account}:subgrp:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:subgrp-tag/${TagKey}" + ] + }, + "ReplicationTask": { + "resource": "ReplicationTask", + "arn": "arn:${Partition}:dms:${Region}:${Account}:task:*", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "dms:task-tag/${TagKey}" + ] + }, + "ReplicationTaskAssessmentRun": { + "resource": "ReplicationTaskAssessmentRun", + "arn": "arn:${Partition}:dms:${Region}:${Account}:assessment-run:*", + "condition_keys": [] + }, + "ReplicationTaskIndividualAssessment": { + "resource": "ReplicationTaskIndividualAssessment", + "arn": "arn:${Partition}:dms:${Region}:${Account}:individual-assessment:*", + "condition_keys": [] + } + }, + "resources_lower_name": { + "certificate": "Certificate", + "dataprovider": "DataProvider", + "datamigration": "DataMigration", + "endpoint": "Endpoint", + "eventsubscription": "EventSubscription", + "instanceprofile": "InstanceProfile", + "migrationproject": "MigrationProject", + "replicationconfig": "ReplicationConfig", + "replicationinstance": "ReplicationInstance", + "replicationsubnetgroup": "ReplicationSubnetGroup", + "replicationtask": "ReplicationTask", + "replicationtaskassessmentrun": "ReplicationTaskAssessmentRun", + "replicationtaskindividualassessment": "ReplicationTaskIndividualAssessment" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "dms:cert-tag/${TagKey}": { + "condition": "dms:cert-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for Certificate", + "type": "String" + }, + "dms:data-migration-tag/${TagKey}": { + "condition": "dms:data-migration-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for DataMigration", + "type": "String" + }, + "dms:data-provider-tag/${TagKey}": { + "condition": "dms:data-provider-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for DataProvider", + "type": "String" + }, + "dms:endpoint-tag/${TagKey}": { + "condition": "dms:endpoint-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for Endpoint", + "type": "String" + }, + "dms:es-tag/${TagKey}": { + "condition": "dms:es-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for EventSubscription", + "type": "String" + }, + "dms:instance-profile-tag/${TagKey}": { + "condition": "dms:instance-profile-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for InstanceProfile", + "type": "String" + }, + "dms:migration-project-tag/${TagKey}": { + "condition": "dms:migration-project-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for MigrationProject", + "type": "String" + }, + "dms:rep-tag/${TagKey}": { + "condition": "dms:rep-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationInstance", + "type": "String" + }, + "dms:replication-config-tag/${TagKey}": { + "condition": "dms:replication-config-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationConfig", + "type": "String" + }, + "dms:req-tag/${TagKey}": { + "condition": "dms:req-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the given request", + "type": "String" + }, + "dms:subgrp-tag/${TagKey}": { + "condition": "dms:subgrp-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationSubnetGroup", + "type": "String" + }, + "dms:task-tag/${TagKey}": { + "condition": "dms:task-tag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request for ReplicationTask", + "type": "String" + } + } + }, + "dataexchange": { + "service_name": "AWS Data Exchange", + "prefix": "dataexchange", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdataexchange.html", + "privileges": { + "CancelJob": { + "privilege": "CancelJob", + "description": "Grants permission to cancel a job", + "access_level": "Write", + "resource_types": { + "jobs": { + "resource_type": "jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CancelJob.html" + }, + "CreateAsset": { + "privilege": "CreateAsset", + "description": "Grants permission to create an asset (for example, in a Job)", + "access_level": "Write", + "resource_types": { + "revisions": { + "resource_type": "revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "revisions": "revisions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/userguide/api-permissions-ref.html" + }, + "CreateDataSet": { + "privilege": "CreateDataSet", + "description": "Grants permission to create a data set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateDataSet.html" + }, + "CreateEventAction": { + "privilege": "CreateEventAction", + "description": "Grants permission to create an event action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateEventAction.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Grants permission to create a job to import or export assets", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateJob.html" + }, + "CreateRevision": { + "privilege": "CreateRevision", + "description": "Grants permission to create a revision", + "access_level": "Write", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_CreateRevision.html" + }, + "DeleteAsset": { + "privilege": "DeleteAsset", + "description": "Grants permission to delete an asset", + "access_level": "Write", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteAsset.html" + }, + "DeleteDataSet": { + "privilege": "DeleteDataSet", + "description": "Grants permission to delete a data set", + "access_level": "Write", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteDataSet.html" + }, + "DeleteEventAction": { + "privilege": "DeleteEventAction", + "description": "Grants permission to delete an event action", + "access_level": "Write", + "resource_types": { + "event-actions": { + "resource_type": "event-actions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-actions": "event-actions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteEventAction.html" + }, + "DeleteRevision": { + "privilege": "DeleteRevision", + "description": "Grants permission to delete a revision", + "access_level": "Write", + "resource_types": { + "revisions": { + "resource_type": "revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "revisions": "revisions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_DeleteRevision.html" + }, + "GetAsset": { + "privilege": "GetAsset", + "description": "Grants permission to get information about an asset and to export it (for example, in a Job)", + "access_level": "Read", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entitled-assets": { + "resource_type": "entitled-assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets", + "entitled-assets": "entitled-assets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetAsset.html" + }, + "GetDataSet": { + "privilege": "GetDataSet", + "description": "Grants permission to get information about a data set", + "access_level": "Read", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entitled-data-sets": { + "resource_type": "entitled-data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets", + "entitled-data-sets": "entitled-data-sets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetDataSet.html" + }, + "GetEventAction": { + "privilege": "GetEventAction", + "description": "Grants permission to get an event action", + "access_level": "Read", + "resource_types": { + "event-actions": { + "resource_type": "event-actions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-actions": "event-actions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetEventAction.html" + }, + "GetJob": { + "privilege": "GetJob", + "description": "Grants permission to get information about a job", + "access_level": "Read", + "resource_types": { + "jobs": { + "resource_type": "jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetJob.html" + }, + "GetRevision": { + "privilege": "GetRevision", + "description": "Grants permission to get information about a revision", + "access_level": "Read", + "resource_types": { + "entitled-revisions": { + "resource_type": "entitled-revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "revisions": { + "resource_type": "revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entitled-revisions": "entitled-revisions", + "revisions": "revisions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_GetRevision.html" + }, + "ListDataSetRevisions": { + "privilege": "ListDataSetRevisions", + "description": "Grants permission to list the revisions of a data set", + "access_level": "List", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entitled-data-sets": { + "resource_type": "entitled-data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets", + "entitled-data-sets": "entitled-data-sets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListDataSetRevisions.html" + }, + "ListDataSets": { + "privilege": "ListDataSets", + "description": "Grants permission to list data sets for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListDataSets.html" + }, + "ListEventActions": { + "privilege": "ListEventActions", + "description": "Grants permission to list event actions for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListEventActions.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list jobs for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListJobs.html" + }, + "ListRevisionAssets": { + "privilege": "ListRevisionAssets", + "description": "Grants permission to get list the assets of a revision", + "access_level": "List", + "resource_types": { + "entitled-revisions": { + "resource_type": "entitled-revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "revisions": { + "resource_type": "revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entitled-revisions": "entitled-revisions", + "revisions": "revisions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListRevisionAssets.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags that you associated with the specified resource", + "access_level": "List", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "revisions": { + "resource_type": "revisions", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets", + "revisions": "revisions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_ListTagsForResource.html" + }, + "PublishDataSet": { + "privilege": "PublishDataSet", + "description": "Grants permission to publish a data set", + "access_level": "Write", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/userguide/api-permissions-ref.html" + }, + "RevokeRevision": { + "privilege": "RevokeRevision", + "description": "Grants permission to revoke subscriber access to a revision", + "access_level": "Write", + "resource_types": { + "revisions": { + "resource_type": "revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "revisions": "revisions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_RevokeRevision.html" + }, + "SendApiAsset": { + "privilege": "SendApiAsset", + "description": "Grants permission to send a request to an API asset", + "access_level": "Write", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "entitled-assets": { + "resource_type": "entitled-assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets", + "entitled-assets": "entitled-assets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_SendApiAsset.html" + }, + "StartJob": { + "privilege": "StartJob", + "description": "Grants permission to start a job", + "access_level": "Write", + "resource_types": { + "jobs": { + "resource_type": "jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dataexchange:CreateAsset" + ] + } + }, + "resource_types_lower_name": { + "jobs": "jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_StartJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a specified resource", + "access_level": "Tagging", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "revisions": { + "resource_type": "revisions", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets", + "revisions": "revisions", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a specified resource", + "access_level": "Tagging", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "revisions": { + "resource_type": "revisions", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets", + "revisions": "revisions", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UntagResource.html" + }, + "UpdateAsset": { + "privilege": "UpdateAsset", + "description": "Grants permission to get update information about an asset", + "access_level": "Write", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateAsset.html" + }, + "UpdateDataSet": { + "privilege": "UpdateDataSet", + "description": "Grants permission to update information about a data set", + "access_level": "Write", + "resource_types": { + "data-sets": { + "resource_type": "data-sets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "data-sets": "data-sets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateDataSet.html" + }, + "UpdateEventAction": { + "privilege": "UpdateEventAction", + "description": "Grants permission to update information for an event action", + "access_level": "Write", + "resource_types": { + "event-actions": { + "resource_type": "event-actions", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event-actions": "event-actions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateEventAction.html" + }, + "UpdateRevision": { + "privilege": "UpdateRevision", + "description": "Grants permission to update information about a revision", + "access_level": "Write", + "resource_types": { + "revisions": { + "resource_type": "revisions", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "dataexchange:PublishDataSet" + ] + } + }, + "resource_types_lower_name": { + "revisions": "revisions" + }, + "api_documentation_link": "https://docs.aws.amazon.com/data-exchange/latest/apireference/API_UpdateRevision.html" + } + }, + "privileges_lower_name": { + "canceljob": "CancelJob", + "createasset": "CreateAsset", + "createdataset": "CreateDataSet", + "createeventaction": "CreateEventAction", + "createjob": "CreateJob", + "createrevision": "CreateRevision", + "deleteasset": "DeleteAsset", + "deletedataset": "DeleteDataSet", + "deleteeventaction": "DeleteEventAction", + "deleterevision": "DeleteRevision", + "getasset": "GetAsset", + "getdataset": "GetDataSet", + "geteventaction": "GetEventAction", + "getjob": "GetJob", + "getrevision": "GetRevision", + "listdatasetrevisions": "ListDataSetRevisions", + "listdatasets": "ListDataSets", + "listeventactions": "ListEventActions", + "listjobs": "ListJobs", + "listrevisionassets": "ListRevisionAssets", + "listtagsforresource": "ListTagsForResource", + "publishdataset": "PublishDataSet", + "revokerevision": "RevokeRevision", + "sendapiasset": "SendApiAsset", + "startjob": "StartJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateasset": "UpdateAsset", + "updatedataset": "UpdateDataSet", + "updateeventaction": "UpdateEventAction", + "updaterevision": "UpdateRevision" + }, + "resources": { + "jobs": { + "resource": "jobs", + "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:jobs/${JobId}", + "condition_keys": [ + "dataexchange:JobType" + ] + }, + "data-sets": { + "resource": "data-sets", + "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:data-sets/${DataSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "entitled-data-sets": { + "resource": "entitled-data-sets", + "arn": "arn:${Partition}:dataexchange:${Region}::data-sets/${DataSetId}", + "condition_keys": [] + }, + "revisions": { + "resource": "revisions", + "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:data-sets/${DataSetId}/revisions/${RevisionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "entitled-revisions": { + "resource": "entitled-revisions", + "arn": "arn:${Partition}:dataexchange:${Region}::data-sets/${DataSetId}/revisions/${RevisionId}", + "condition_keys": [] + }, + "assets": { + "resource": "assets", + "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:data-sets/${DataSetId}/revisions/${RevisionId}/assets/${AssetId}", + "condition_keys": [] + }, + "entitled-assets": { + "resource": "entitled-assets", + "arn": "arn:${Partition}:dataexchange:${Region}::data-sets/${DataSetId}/revisions/${RevisionId}/assets/${AssetId}", + "condition_keys": [] + }, + "event-actions": { + "resource": "event-actions", + "arn": "arn:${Partition}:dataexchange:${Region}:${Account}:event-actions/${EventActionId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "jobs": "jobs", + "data-sets": "data-sets", + "entitled-data-sets": "entitled-data-sets", + "revisions": "revisions", + "entitled-revisions": "entitled-revisions", + "assets": "assets", + "entitled-assets": "entitled-assets", + "event-actions": "event-actions" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the mandatory tags in the create request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the create request", + "type": "ArrayOfString" + }, + "dataexchange:JobType": { + "condition": "dataexchange:JobType", + "description": "Filters access by the specified job type", + "type": "String" + } + } + }, + "datapipeline": { + "service_name": "AWS Data Pipeline", + "prefix": "datapipeline", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatapipeline.html", + "privileges": { + "ActivatePipeline": { + "privilege": "ActivatePipeline", + "description": "Validates the specified pipeline and starts processing pipeline tasks. If the pipeline does not pass validation, activation fails.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag", + "datapipeline:workerGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ActivatePipeline.html" + }, + "AddTags": { + "privilege": "AddTags", + "description": "Adds or modifies tags for the specified pipeline.", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_AddTags.html" + }, + "CreatePipeline": { + "privilege": "CreatePipeline", + "description": "Creates a new, empty pipeline.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_CreatePipeline.html" + }, + "DeactivatePipeline": { + "privilege": "DeactivatePipeline", + "description": "Deactivates the specified running pipeline.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag", + "datapipeline:workerGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DeactivatePipeline.html" + }, + "DeletePipeline": { + "privilege": "DeletePipeline", + "description": "Deletes a pipeline, its pipeline definition, and its run history.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DeletePipeline.html" + }, + "DescribeObjects": { + "privilege": "DescribeObjects", + "description": "Gets the object definitions for a set of objects associated with the pipeline.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DescribeObjects.html" + }, + "DescribePipelines": { + "privilege": "DescribePipelines", + "description": "Retrieves metadata about one or more pipelines.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_DescribePipelines.html" + }, + "EvaluateExpression": { + "privilege": "EvaluateExpression", + "description": "Task runners call EvaluateExpression to evaluate a string in the context of the specified object.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_EvaluateExpression.html" + }, + "GetAccountLimits": { + "privilege": "GetAccountLimits", + "description": "Description for GetAccountLimits", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_GetAccountLimits.html" + }, + "GetPipelineDefinition": { + "privilege": "GetPipelineDefinition", + "description": "Gets the definition of the specified pipeline.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag", + "datapipeline:workerGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_GetPipelineDefinition.html" + }, + "ListPipelines": { + "privilege": "ListPipelines", + "description": "Lists the pipeline identifiers for all active pipelines that you have permission to access.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ListPipelines.html" + }, + "PollForTask": { + "privilege": "PollForTask", + "description": "Task runners call PollForTask to receive a task to perform from AWS Data Pipeline.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:workerGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PollForTask.html" + }, + "PutAccountLimits": { + "privilege": "PutAccountLimits", + "description": "Description for PutAccountLimits", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutAccountLimits.html" + }, + "PutPipelineDefinition": { + "privilege": "PutPipelineDefinition", + "description": "Adds tasks, schedules, and preconditions to the specified pipeline.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag", + "datapipeline:workerGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutPipelineDefinition.html" + }, + "QueryObjects": { + "privilege": "QueryObjects", + "description": "Queries the specified pipeline for the names of objects that match the specified set of conditions.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_QueryObjects.html" + }, + "RemoveTags": { + "privilege": "RemoveTags", + "description": "Removes existing tags from the specified pipeline.", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_RemoveTags.html" + }, + "ReportTaskProgress": { + "privilege": "ReportTaskProgress", + "description": "Task runners call ReportTaskProgress when assigned a task to acknowledge that it has the task.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ReportTaskProgress.html" + }, + "ReportTaskRunnerHeartbeat": { + "privilege": "ReportTaskRunnerHeartbeat", + "description": "Task runners call ReportTaskRunnerHeartbeat every 15 minutes to indicate that they are operational.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ReportTaskRunnerHeartbeat.html" + }, + "SetStatus": { + "privilege": "SetStatus", + "description": "Requests that the status of the specified physical or logical pipeline objects be updated in the specified pipeline.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_SetStatus.html" + }, + "SetTaskStatus": { + "privilege": "SetTaskStatus", + "description": "Task runners call SetTaskStatus to notify AWS Data Pipeline that a task is completed and provide information about the final status.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_SetTaskStatus.html" + }, + "ValidatePipelineDefinition": { + "privilege": "ValidatePipelineDefinition", + "description": "Validates the specified pipeline definition to ensure that it is well formed and can be run without error.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "datapipeline:PipelineCreator", + "datapipeline:Tag", + "datapipeline:workerGroup" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_ValidatePipelineDefinition.html" + } + }, + "privileges_lower_name": { + "activatepipeline": "ActivatePipeline", + "addtags": "AddTags", + "createpipeline": "CreatePipeline", + "deactivatepipeline": "DeactivatePipeline", + "deletepipeline": "DeletePipeline", + "describeobjects": "DescribeObjects", + "describepipelines": "DescribePipelines", + "evaluateexpression": "EvaluateExpression", + "getaccountlimits": "GetAccountLimits", + "getpipelinedefinition": "GetPipelineDefinition", + "listpipelines": "ListPipelines", + "pollfortask": "PollForTask", + "putaccountlimits": "PutAccountLimits", + "putpipelinedefinition": "PutPipelineDefinition", + "queryobjects": "QueryObjects", + "removetags": "RemoveTags", + "reporttaskprogress": "ReportTaskProgress", + "reporttaskrunnerheartbeat": "ReportTaskRunnerHeartbeat", + "setstatus": "SetStatus", + "settaskstatus": "SetTaskStatus", + "validatepipelinedefinition": "ValidatePipelineDefinition" + }, + "resources": { + "pipeline": { + "resource": "pipeline", + "arn": "arn:${Partition}:datapipeline:${Region}:${Account}:pipeline/${PipelineId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "pipeline": "pipeline" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "datapipeline:PipelineCreator": { + "condition": "datapipeline:PipelineCreator", + "description": "The IAM user that created the pipeline.", + "type": "ARN" + }, + "datapipeline:Tag": { + "condition": "datapipeline:Tag", + "description": "A customer-specified key/value pair that can be attached to a resource.", + "type": "ARN" + }, + "datapipeline:workerGroup": { + "condition": "datapipeline:workerGroup", + "description": "The name of a worker group for which a Task Runner retrieves work.", + "type": "ARN" + } + } + }, + "datasync": { + "service_name": "AWS DataSync", + "prefix": "datasync", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdatasync.html", + "privileges": { + "AddStorageSystem": { + "privilege": "AddStorageSystem", + "description": "Grants permission to create a storage system", + "access_level": "Write", + "resource_types": { + "agent": { + "resource_type": "agent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "agent", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_AddStorageSystem.html" + }, + "CancelTaskExecution": { + "privilege": "CancelTaskExecution", + "description": "Grants permission to cancel execution of a sync task", + "access_level": "Write", + "resource_types": { + "taskexecution": { + "resource_type": "taskexecution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "taskexecution": "taskexecution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CancelTaskExecution.html" + }, + "CreateAgent": { + "privilege": "CreateAgent", + "description": "Grants permission to activate an agent that you have deployed on your host", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateAgent.html" + }, + "CreateLocationEfs": { + "privilege": "CreateLocationEfs", + "description": "Grants permission to create an endpoint for an Amazon EFS file system", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationEfs.html" + }, + "CreateLocationFsxLustre": { + "privilege": "CreateLocationFsxLustre", + "description": "Grants permission to create an endpoint for an Amazon Fsx Lustre", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxLustre.html" + }, + "CreateLocationFsxOntap": { + "privilege": "CreateLocationFsxOntap", + "description": "Grants permission to create an endpoint for Amazon FSx for ONTAP", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html" + }, + "CreateLocationFsxOpenZfs": { + "privilege": "CreateLocationFsxOpenZfs", + "description": "Grants permission to create an endpoint for Amazon FSx for OpenZFS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOpenZfs.html" + }, + "CreateLocationFsxWindows": { + "privilege": "CreateLocationFsxWindows", + "description": "Grants permission to create an endpoint for an Amazon FSx Windows File Server file system", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxWindows.html" + }, + "CreateLocationHdfs": { + "privilege": "CreateLocationHdfs", + "description": "Grants permission to create an endpoint for an Amazon Hdfs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationHdfs.html" + }, + "CreateLocationNfs": { + "privilege": "CreateLocationNfs", + "description": "Grants permission to create an endpoint for a NFS file system", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationNfs.html" + }, + "CreateLocationObjectStorage": { + "privilege": "CreateLocationObjectStorage", + "description": "Grants permission to create an endpoint for a self-managed object storage bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationObjectStorage.html" + }, + "CreateLocationS3": { + "privilege": "CreateLocationS3", + "description": "Grants permission to create an endpoint for an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationS3.html" + }, + "CreateLocationSmb": { + "privilege": "CreateLocationSmb", + "description": "Grants permission to create an endpoint for an SMB file system", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationSmb.html" + }, + "CreateTask": { + "privilege": "CreateTask", + "description": "Grants permission to create a sync task", + "access_level": "Write", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "agent": { + "resource_type": "agent", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location", + "agent": "agent", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html" + }, + "DeleteAgent": { + "privilege": "DeleteAgent", + "description": "Grants permission to delete an agent", + "access_level": "Write", + "resource_types": { + "agent": { + "resource_type": "agent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "agent" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteAgent.html" + }, + "DeleteLocation": { + "privilege": "DeleteLocation", + "description": "Grants permission to delete a location used by AWS DataSync", + "access_level": "Write", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteLocation.html" + }, + "DeleteTask": { + "privilege": "DeleteTask", + "description": "Grants permission to delete a sync task", + "access_level": "Write", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DeleteTask.html" + }, + "DescribeAgent": { + "privilege": "DescribeAgent", + "description": "Grants permission to view metadata such as name, network interfaces, and the status (that is, whether the agent is running or not) about a sync agent", + "access_level": "Read", + "resource_types": { + "agent": { + "resource_type": "agent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "agent" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeAgent.html" + }, + "DescribeDiscoveryJob": { + "privilege": "DescribeDiscoveryJob", + "description": "Grants permission to describe metadata about a discovery job", + "access_level": "Read", + "resource_types": { + "discoveryjob": { + "resource_type": "discoveryjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoveryjob": "discoveryjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeDiscoveryJob.html" + }, + "DescribeLocationEfs": { + "privilege": "DescribeLocationEfs", + "description": "Grants permission to view metadata, such as the path information about an Amazon EFS sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationEfs.html" + }, + "DescribeLocationFsxLustre": { + "privilege": "DescribeLocationFsxLustre", + "description": "Grants permission to view metadata, such as the path information about an Amazon FSx Lustre sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxLustre.html" + }, + "DescribeLocationFsxOntap": { + "privilege": "DescribeLocationFsxOntap", + "description": "Grants permission to view metadata, such as the path information about an Amazon FSx for ONTAP sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxOntap.html" + }, + "DescribeLocationFsxOpenZfs": { + "privilege": "DescribeLocationFsxOpenZfs", + "description": "Grants permission to view metadata, such as the path information about an Amazon FSx OpenZFS sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxOpenZfs.html" + }, + "DescribeLocationFsxWindows": { + "privilege": "DescribeLocationFsxWindows", + "description": "Grants permission to view metadata, such as the path information about an Amazon FSx Windows sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationFsxWindows.html" + }, + "DescribeLocationHdfs": { + "privilege": "DescribeLocationHdfs", + "description": "Grants permission to view metadata, such as the path information about an Amazon HDFS sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationHdfs.html" + }, + "DescribeLocationNfs": { + "privilege": "DescribeLocationNfs", + "description": "Grants permission to view metadata, such as the path information, about a NFS sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationNfs.html" + }, + "DescribeLocationObjectStorage": { + "privilege": "DescribeLocationObjectStorage", + "description": "Grants permission to view metadata about a self-managed object storage server location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationObjectStorage.html" + }, + "DescribeLocationS3": { + "privilege": "DescribeLocationS3", + "description": "Grants permission to view metadata, such as bucket name, about an Amazon S3 bucket sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationS3.html" + }, + "DescribeLocationSmb": { + "privilege": "DescribeLocationSmb", + "description": "Grants permission to view metadata, such as the path information, about an SMB sync location", + "access_level": "Read", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeLocationSmb.html" + }, + "DescribeStorageSystem": { + "privilege": "DescribeStorageSystem", + "description": "Grants permission to view metadata about a storage system", + "access_level": "Read", + "resource_types": { + "storagesystem": { + "resource_type": "storagesystem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagesystem": "storagesystem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystem.html" + }, + "DescribeStorageSystemResourceMetrics": { + "privilege": "DescribeStorageSystemResourceMetrics", + "description": "Grants permission to describe resource metrics collected by a discovery job", + "access_level": "List", + "resource_types": { + "discoveryjob": { + "resource_type": "discoveryjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoveryjob": "discoveryjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystemResourceMetrics.html" + }, + "DescribeStorageSystemResources": { + "privilege": "DescribeStorageSystemResources", + "description": "Grants permission to describe resources identified by a discovery job", + "access_level": "List", + "resource_types": { + "discoveryjob": { + "resource_type": "discoveryjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoveryjob": "discoveryjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeStorageSystemResources.html" + }, + "DescribeTask": { + "privilege": "DescribeTask", + "description": "Grants permission to view metadata about a sync task", + "access_level": "Read", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeTask.html" + }, + "DescribeTaskExecution": { + "privilege": "DescribeTaskExecution", + "description": "Grants permission to view metadata about a sync task that is being executed", + "access_level": "Read", + "resource_types": { + "taskexecution": { + "resource_type": "taskexecution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "taskexecution": "taskexecution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_DescribeTaskExecution.html" + }, + "GenerateRecommendations": { + "privilege": "GenerateRecommendations", + "description": "Grants permission to generate recommendations for a resource identified by a discovery job", + "access_level": "Write", + "resource_types": { + "discoveryjob": { + "resource_type": "discoveryjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoveryjob": "discoveryjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_GenerateRecommendations.html" + }, + "ListAgents": { + "privilege": "ListAgents", + "description": "Grants permission to list agents owned by an AWS account in a region specified in the request", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListAgents.html" + }, + "ListDiscoveryJobs": { + "privilege": "ListDiscoveryJobs", + "description": "Grants permission to list discovery jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListDiscoveryJobs.html" + }, + "ListLocations": { + "privilege": "ListLocations", + "description": "Grants permission to list source and destination sync locations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListLocations.html" + }, + "ListStorageSystems": { + "privilege": "ListStorageSystems", + "description": "Grants permission to list storage systems", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListStorageSystems.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags that have been added to the specified resource", + "access_level": "Read", + "resource_types": { + "agent": { + "resource_type": "agent", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "discoveryjob": { + "resource_type": "discoveryjob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "location": { + "resource_type": "location", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "storagesystem": { + "resource_type": "storagesystem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "taskexecution": { + "resource_type": "taskexecution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "agent", + "discoveryjob": "discoveryjob", + "location": "location", + "storagesystem": "storagesystem", + "task": "task", + "taskexecution": "taskexecution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTagsForResource.html" + }, + "ListTaskExecutions": { + "privilege": "ListTaskExecutions", + "description": "Grants permission to list executed sync tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTaskExecutions.html" + }, + "ListTasks": { + "privilege": "ListTasks", + "description": "Grants permission to list of all the sync tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_ListTasks.html" + }, + "RemoveStorageSystem": { + "privilege": "RemoveStorageSystem", + "description": "Grants permission to delete a storage system", + "access_level": "Write", + "resource_types": { + "storagesystem": { + "resource_type": "storagesystem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagesystem": "storagesystem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_RemoveStorageSystem.html" + }, + "StartDiscoveryJob": { + "privilege": "StartDiscoveryJob", + "description": "Grants permission to start a discovery job for a storage system", + "access_level": "Write", + "resource_types": { + "storagesystem": { + "resource_type": "storagesystem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagesystem": "storagesystem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_StartDiscoveryJob.html" + }, + "StartTaskExecution": { + "privilege": "StartTaskExecution", + "description": "Grants permission to start a specific invocation of a sync task", + "access_level": "Write", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_StartTaskExecution.html" + }, + "StopDiscoveryJob": { + "privilege": "StopDiscoveryJob", + "description": "Grants permission to stop a discovery job", + "access_level": "Write", + "resource_types": { + "discoveryjob": { + "resource_type": "discoveryjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoveryjob": "discoveryjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_StopDiscoveryJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to apply a key-value pair to an AWS resource", + "access_level": "Tagging", + "resource_types": { + "agent": { + "resource_type": "agent", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "discoveryjob": { + "resource_type": "discoveryjob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "location": { + "resource_type": "location", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "storagesystem": { + "resource_type": "storagesystem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "taskexecution": { + "resource_type": "taskexecution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "agent", + "discoveryjob": "discoveryjob", + "location": "location", + "storagesystem": "storagesystem", + "task": "task", + "taskexecution": "taskexecution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "agent": { + "resource_type": "agent", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "discoveryjob": { + "resource_type": "discoveryjob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "location": { + "resource_type": "location", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "storagesystem": { + "resource_type": "storagesystem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "taskexecution": { + "resource_type": "taskexecution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "agent", + "discoveryjob": "discoveryjob", + "location": "location", + "storagesystem": "storagesystem", + "task": "task", + "taskexecution": "taskexecution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UntagResource.html" + }, + "UpdateAgent": { + "privilege": "UpdateAgent", + "description": "Grants permission to update the name of an agent", + "access_level": "Write", + "resource_types": { + "agent": { + "resource_type": "agent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "agent" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateAgent.html" + }, + "UpdateDiscoveryJob": { + "privilege": "UpdateDiscoveryJob", + "description": "Grants permission to update a discovery job", + "access_level": "Write", + "resource_types": { + "discoveryjob": { + "resource_type": "discoveryjob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "discoveryjob": "discoveryjob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateDiscoveryJob.html" + }, + "UpdateLocationHdfs": { + "privilege": "UpdateLocationHdfs", + "description": "Grants permission to update an HDFS sync Location", + "access_level": "Write", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationHdfs.html" + }, + "UpdateLocationNfs": { + "privilege": "UpdateLocationNfs", + "description": "Grants permission to update an NFS sync Location", + "access_level": "Write", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationNfs.html" + }, + "UpdateLocationObjectStorage": { + "privilege": "UpdateLocationObjectStorage", + "description": "Grants permission to update a self-managed object storage server location", + "access_level": "Write", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationObjectStorage.html" + }, + "UpdateLocationSmb": { + "privilege": "UpdateLocationSmb", + "description": "Grants permission to update a SMB sync location", + "access_level": "Write", + "resource_types": { + "location": { + "resource_type": "location", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "location": "location" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateLocationSmb.html" + }, + "UpdateStorageSystem": { + "privilege": "UpdateStorageSystem", + "description": "Grants permission to update a storage system", + "access_level": "Write", + "resource_types": { + "storagesystem": { + "resource_type": "storagesystem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "storagesystem": "storagesystem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateStorageSystem.html" + }, + "UpdateTask": { + "privilege": "UpdateTask", + "description": "Grants permission to update metadata associated with a sync task", + "access_level": "Write", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateTask.html" + }, + "UpdateTaskExecution": { + "privilege": "UpdateTaskExecution", + "description": "Grants permission to update execution of a sync task", + "access_level": "Write", + "resource_types": { + "taskexecution": { + "resource_type": "taskexecution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "taskexecution": "taskexecution", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/datasync/latest/userguide/API_UpdateTaskExecution.html" + } + }, + "privileges_lower_name": { + "addstoragesystem": "AddStorageSystem", + "canceltaskexecution": "CancelTaskExecution", + "createagent": "CreateAgent", + "createlocationefs": "CreateLocationEfs", + "createlocationfsxlustre": "CreateLocationFsxLustre", + "createlocationfsxontap": "CreateLocationFsxOntap", + "createlocationfsxopenzfs": "CreateLocationFsxOpenZfs", + "createlocationfsxwindows": "CreateLocationFsxWindows", + "createlocationhdfs": "CreateLocationHdfs", + "createlocationnfs": "CreateLocationNfs", + "createlocationobjectstorage": "CreateLocationObjectStorage", + "createlocations3": "CreateLocationS3", + "createlocationsmb": "CreateLocationSmb", + "createtask": "CreateTask", + "deleteagent": "DeleteAgent", + "deletelocation": "DeleteLocation", + "deletetask": "DeleteTask", + "describeagent": "DescribeAgent", + "describediscoveryjob": "DescribeDiscoveryJob", + "describelocationefs": "DescribeLocationEfs", + "describelocationfsxlustre": "DescribeLocationFsxLustre", + "describelocationfsxontap": "DescribeLocationFsxOntap", + "describelocationfsxopenzfs": "DescribeLocationFsxOpenZfs", + "describelocationfsxwindows": "DescribeLocationFsxWindows", + "describelocationhdfs": "DescribeLocationHdfs", + "describelocationnfs": "DescribeLocationNfs", + "describelocationobjectstorage": "DescribeLocationObjectStorage", + "describelocations3": "DescribeLocationS3", + "describelocationsmb": "DescribeLocationSmb", + "describestoragesystem": "DescribeStorageSystem", + "describestoragesystemresourcemetrics": "DescribeStorageSystemResourceMetrics", + "describestoragesystemresources": "DescribeStorageSystemResources", + "describetask": "DescribeTask", + "describetaskexecution": "DescribeTaskExecution", + "generaterecommendations": "GenerateRecommendations", + "listagents": "ListAgents", + "listdiscoveryjobs": "ListDiscoveryJobs", + "listlocations": "ListLocations", + "liststoragesystems": "ListStorageSystems", + "listtagsforresource": "ListTagsForResource", + "listtaskexecutions": "ListTaskExecutions", + "listtasks": "ListTasks", + "removestoragesystem": "RemoveStorageSystem", + "startdiscoveryjob": "StartDiscoveryJob", + "starttaskexecution": "StartTaskExecution", + "stopdiscoveryjob": "StopDiscoveryJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateagent": "UpdateAgent", + "updatediscoveryjob": "UpdateDiscoveryJob", + "updatelocationhdfs": "UpdateLocationHdfs", + "updatelocationnfs": "UpdateLocationNfs", + "updatelocationobjectstorage": "UpdateLocationObjectStorage", + "updatelocationsmb": "UpdateLocationSmb", + "updatestoragesystem": "UpdateStorageSystem", + "updatetask": "UpdateTask", + "updatetaskexecution": "UpdateTaskExecution" + }, + "resources": { + "agent": { + "resource": "agent", + "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:agent/${AgentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "location": { + "resource": "location", + "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:location/${LocationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "task": { + "resource": "task", + "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:task/${TaskId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "taskexecution": { + "resource": "taskexecution", + "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:task/${TaskId}/execution/${ExecutionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "storagesystem": { + "resource": "storagesystem", + "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:system/${StorageSystemId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "discoveryjob": { + "resource": "discoveryjob", + "arn": "arn:${Partition}:datasync:${Region}:${AccountId}:system/${StorageSystemId}/job/${DiscoveryJobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "agent": "agent", + "location": "location", + "task": "task", + "taskexecution": "taskexecution", + "storagesystem": "storagesystem", + "discoveryjob": "discoveryjob" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "deepcomposer": { + "service_name": "AWS DeepComposer", + "prefix": "deepcomposer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdeepcomposer.html", + "privileges": { + "AssociateCoupon": { + "privilege": "AssociateCoupon", + "description": "Grants permission to associate a DeepComposer coupon (or DSN) with the account associated with the sender of the request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/what-it-is-keyboard.html" + }, + "CreateAudio": { + "privilege": "CreateAudio", + "description": "Grants permission to create an audio file by converting the midi composition into a wav or mp3 file", + "access_level": "Write", + "resource_types": { + "audio": { + "resource_type": "audio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "audio": "audio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "CreateComposition": { + "privilege": "CreateComposition", + "description": "Grants permission to create a multi-track midi composition", + "access_level": "Write", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "CreateModel": { + "privilege": "CreateModel", + "description": "Grants permission to start creating/training a generative-model that is able to perform inference against the user-provided piano-melody to create a multi-track midi composition", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" + }, + "DeleteComposition": { + "privilege": "DeleteComposition", + "description": "Grants permission to delete the composition", + "access_level": "Write", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "DeleteModel": { + "privilege": "DeleteModel", + "description": "Grants permission to delete the model", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" + }, + "GetComposition": { + "privilege": "GetComposition", + "description": "Grants permission to get information about the composition", + "access_level": "Read", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "GetModel": { + "privilege": "GetModel", + "description": "Grants permission to get information about the model", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" + }, + "GetSampleModel": { + "privilege": "GetSampleModel", + "description": "Grants permission to get information about the sample/pre-trained DeepComposer model", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "ListCompositions": { + "privilege": "ListCompositions", + "description": "Grants permission to list all the compositions owned by the sender of the request", + "access_level": "List", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "ListModels": { + "privilege": "ListModels", + "description": "Grants permission to list all the models owned by the sender of the request", + "access_level": "List", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" + }, + "ListSampleModels": { + "privilege": "ListSampleModels", + "description": "Grants permission to list all the sample/pre-trained models provided by the DeepComposer service", + "access_level": "List", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "List", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/deepcomposer-tagging.html" + }, + "ListTrainingTopics": { + "privilege": "ListTrainingTopics", + "description": "Grants permission to list all the training options or topic for creating/training a model", + "access_level": "List", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/deepcomposer-tagging.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "model": { + "resource_type": "model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition", + "model": "model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/deepcomposer-tagging.html" + }, + "UpdateComposition": { + "privilege": "UpdateComposition", + "description": "Grants permission to modify the mutable properties associated with a composition", + "access_level": "Write", + "resource_types": { + "composition": { + "resource_type": "composition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "composition": "composition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-learn-from-pre-trained-models.html" + }, + "UpdateModel": { + "privilege": "UpdateModel", + "description": "Grants permission to to modify the mutable properties associated with a model", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepcomposer/latest/devguide/get-started-custom-model.html" + } + }, + "privileges_lower_name": { + "associatecoupon": "AssociateCoupon", + "createaudio": "CreateAudio", + "createcomposition": "CreateComposition", + "createmodel": "CreateModel", + "deletecomposition": "DeleteComposition", + "deletemodel": "DeleteModel", + "getcomposition": "GetComposition", + "getmodel": "GetModel", + "getsamplemodel": "GetSampleModel", + "listcompositions": "ListCompositions", + "listmodels": "ListModels", + "listsamplemodels": "ListSampleModels", + "listtagsforresource": "ListTagsForResource", + "listtrainingtopics": "ListTrainingTopics", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecomposition": "UpdateComposition", + "updatemodel": "UpdateModel" + }, + "resources": { + "model": { + "resource": "model", + "arn": "arn:${Partition}:deepcomposer:${Region}:${Account}:model/${ModelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "composition": { + "resource": "composition", + "arn": "arn:${Partition}:deepcomposer:${Region}:${Account}:composition/${CompositionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "audio": { + "resource": "audio", + "arn": "arn:${Partition}:deepcomposer:${Region}:${Account}:audio/${AudioId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "model": "model", + "composition": "composition", + "audio": "audio" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "deeplens": { + "service_name": "AWS DeepLens", + "prefix": "deeplens", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdeeplens.html", + "privileges": { + "AssociateServiceRoleToAccount": { + "privilege": "AssociateServiceRoleToAccount", + "description": "Associates the user's account with IAM roles controlling various permissions needed by AWS DeepLens for proper functionality.", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "BatchGetDevice": { + "privilege": "BatchGetDevice", + "description": "Retrieves a list of AWS DeepLens devices.", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": null + }, + "BatchGetModel": { + "privilege": "BatchGetModel", + "description": "Retrieves a list of AWS DeepLens Models.", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": null + }, + "BatchGetProject": { + "privilege": "BatchGetProject", + "description": "Retrieves a list of AWS DeepLens Projects.", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": null + }, + "CreateDeviceCertificates": { + "privilege": "CreateDeviceCertificates", + "description": "Creates a certificate package that is used to successfully authenticate and Register an AWS DeepLens device.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "CreateModel": { + "privilege": "CreateModel", + "description": "Creates a new AWS DeepLens Model.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Creates a new AWS DeepLens Project.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "DeleteModel": { + "privilege": "DeleteModel", + "description": "Deletes an AWS DeepLens Model.", + "access_level": "Write", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": null + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Deletes an AWS DeepLens Project.", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": null + }, + "DeployProject": { + "privilege": "DeployProject", + "description": "Deploys an AWS DeepLens project to a registered AWS DeepLens device.", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "project": "project" + }, + "api_documentation_link": null + }, + "DeregisterDevice": { + "privilege": "DeregisterDevice", + "description": "Begins a device de-registration workflow for a registered AWS DeepLens device.", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": null + }, + "GetAssociatedResources": { + "privilege": "GetAssociatedResources", + "description": "Retrieves the account level resources associated with the user's account.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "GetDeploymentStatus": { + "privilege": "GetDeploymentStatus", + "description": "Retrieves the the deployment status of a particular AWS DeepLens device, along with any associated metadata.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "GetDevice": { + "privilege": "GetDevice", + "description": "Retrieves information about an AWS DeepLens device.", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": null + }, + "GetModel": { + "privilege": "GetModel", + "description": "Retrieves an AWS DeepLens Model.", + "access_level": "Read", + "resource_types": { + "model": { + "resource_type": "model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "model": "model" + }, + "api_documentation_link": null + }, + "GetProject": { + "privilege": "GetProject", + "description": "Retrieves an AWS DeepLens Project.", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": null + }, + "ImportProjectFromTemplate": { + "privilege": "ImportProjectFromTemplate", + "description": "Creates a new AWS DeepLens project from a sample project template.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "ListDeployments": { + "privilege": "ListDeployments", + "description": "Retrieves a list of AWS DeepLens Deployment identifiers.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Retrieves a list of AWS DeepLens device identifiers.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "ListModels": { + "privilege": "ListModels", + "description": "Retrieves a list of AWS DeepLens Model identifiers.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Retrieves a list of AWS DeepLens Project identifiers.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "RegisterDevice": { + "privilege": "RegisterDevice", + "description": "Begins a device registration workflow for an AWS DeepLens device.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "RemoveProject": { + "privilege": "RemoveProject", + "description": "Removes a deployed AWS DeepLens project from an AWS DeepLens device.", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": null + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Updates an existing AWS DeepLens Project.", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": null + } + }, + "privileges_lower_name": { + "associateserviceroletoaccount": "AssociateServiceRoleToAccount", + "batchgetdevice": "BatchGetDevice", + "batchgetmodel": "BatchGetModel", + "batchgetproject": "BatchGetProject", + "createdevicecertificates": "CreateDeviceCertificates", + "createmodel": "CreateModel", + "createproject": "CreateProject", + "deletemodel": "DeleteModel", + "deleteproject": "DeleteProject", + "deployproject": "DeployProject", + "deregisterdevice": "DeregisterDevice", + "getassociatedresources": "GetAssociatedResources", + "getdeploymentstatus": "GetDeploymentStatus", + "getdevice": "GetDevice", + "getmodel": "GetModel", + "getproject": "GetProject", + "importprojectfromtemplate": "ImportProjectFromTemplate", + "listdeployments": "ListDeployments", + "listdevices": "ListDevices", + "listmodels": "ListModels", + "listprojects": "ListProjects", + "registerdevice": "RegisterDevice", + "removeproject": "RemoveProject", + "updateproject": "UpdateProject" + }, + "resources": { + "device": { + "resource": "device", + "arn": "arn:${Partition}:deeplens:${Region}:${Account}:device/${DeviceName}", + "condition_keys": [] + }, + "project": { + "resource": "project", + "arn": "arn:${Partition}:deeplens:${Region}:${Account}:project/${ProjectName}", + "condition_keys": [] + }, + "model": { + "resource": "model", + "arn": "arn:${Partition}:deeplens:${Region}:${Account}:model/${ModelName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "device": "device", + "project": "project", + "model": "model" + }, + "conditions": {} + }, + "deepracer": { + "service_name": "AWS DeepRacer", + "prefix": "deepracer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdeepracer.html", + "privileges": { + "AddLeaderboardAccessPermission": { + "privilege": "AddLeaderboardAccessPermission", + "description": "Grants permission to add access for a private leaderboard", + "access_level": "Write", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" + }, + "AdminGetAccountConfig": { + "privilege": "AdminGetAccountConfig", + "description": "Grants permission to get current admin multiuser configuration for this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-set-account-config.html" + }, + "AdminListAssociatedResources": { + "privilege": "AdminListAssociatedResources", + "description": "Grants permission to list all deepracer users with their associated resources created under this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-list-associated-resources.html" + }, + "AdminListAssociatedUsers": { + "privilege": "AdminListAssociatedUsers", + "description": "Grants permission to list user data for all users associated with this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-list-associated-users.html" + }, + "AdminManageUser": { + "privilege": "AdminManageUser", + "description": "Grants permission to manage a user associated with this account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-manage-user.html" + }, + "AdminSetAccountConfig": { + "privilege": "AdminSetAccountConfig", + "description": "Grants permission to set configuration options for this account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-set-account-config.html" + }, + "CloneReinforcementLearningModel": { + "privilege": "CloneReinforcementLearningModel", + "description": "Grants permission to clone an existing DeepRacer model", + "access_level": "Write", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "track": { + "resource_type": "track", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "track": "track", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html#deepracer-clone-trained-model" + }, + "CreateCar": { + "privilege": "CreateCar", + "description": "Grants permission to create a DeepRacer car in your garage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" + }, + "CreateLeaderboard": { + "privilege": "CreateLeaderboard", + "description": "Grants permission to create a leaderboard", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-create-community-race.html" + }, + "CreateLeaderboardAccessToken": { + "privilege": "CreateLeaderboardAccessToken", + "description": "Grants permission to create an access token for a private leaderboard", + "access_level": "Write", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" + }, + "CreateLeaderboardSubmission": { + "privilege": "CreateLeaderboardSubmission", + "description": "Grants permission to submit a DeepRacer model to be evaluated for leaderboards", + "access_level": "Write", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "reinforcement_learning_model": "reinforcement_learning_model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "CreateReinforcementLearningModel": { + "privilege": "CreateReinforcementLearningModel", + "description": "Grants permission to create ra einforcement learning model for DeepRacer", + "access_level": "Write", + "resource_types": { + "track": { + "resource_type": "track", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "track": "track", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" + }, + "DeleteLeaderboard": { + "privilege": "DeleteLeaderboard", + "description": "Grants permission to delete a leaderboard", + "access_level": "Write", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" + }, + "DeleteModel": { + "privilege": "DeleteModel", + "description": "Grants permission to delete a DeepRacer model", + "access_level": "Write", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" + }, + "EditLeaderboard": { + "privilege": "EditLeaderboard", + "description": "Grants permission to edit a leaderboard", + "access_level": "Write", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" + }, + "GetAccountConfig": { + "privilege": "GetAccountConfig", + "description": "Grants permission to get current multiuser configuration for this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-admin-set-account-config.html" + }, + "GetAlias": { + "privilege": "GetAlias", + "description": "Grants permission to retrieve the user's alias for submitting a DeepRacer model to leaderboards", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "GetAssetUrl": { + "privilege": "GetAssetUrl", + "description": "Grants permission to download artifacts for an existing DeepRacer model", + "access_level": "Read", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html" + }, + "GetCar": { + "privilege": "GetCar", + "description": "Grants permission to retrieve a specific DeepRacer car from your garage", + "access_level": "Read", + "resource_types": { + "car": { + "resource_type": "car", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "car": "car", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" + }, + "GetCars": { + "privilege": "GetCars", + "description": "Grants permission to view all the DeepRacer cars in your garage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" + }, + "GetEvaluation": { + "privilege": "GetEvaluation", + "description": "Grants permission to retrieve information about an existing DeepRacer model's evaluation jobs", + "access_level": "Read", + "resource_types": { + "evaluation_job": { + "resource_type": "evaluation_job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation_job": "evaluation_job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" + }, + "GetLatestUserSubmission": { + "privilege": "GetLatestUserSubmission", + "description": "Grants permission to retrieve information about how the latest submitted DeepRacer model for a user performed on a leaderboard", + "access_level": "Read", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "GetLeaderboard": { + "privilege": "GetLeaderboard", + "description": "Grants permission to retrieve information about leaderboards", + "access_level": "Read", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "GetModel": { + "privilege": "GetModel", + "description": "Grants permission to retrieve information about an existing DeepRacer model", + "access_level": "Read", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" + }, + "GetPrivateLeaderboard": { + "privilege": "GetPrivateLeaderboard", + "description": "Grants permission to retrieve information about private leaderboards", + "access_level": "Read", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" + }, + "GetRankedUserSubmission": { + "privilege": "GetRankedUserSubmission", + "description": "Grants permission to retrieve information about the performance of a user's DeepRacer model that got placed on a leaderboard", + "access_level": "Read", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "GetTrack": { + "privilege": "GetTrack", + "description": "Grants permission to retrieve information about DeepRacer tracks", + "access_level": "Read", + "resource_types": { + "track": { + "resource_type": "track", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "track": "track" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html" + }, + "GetTrainingJob": { + "privilege": "GetTrainingJob", + "description": "Grants permission to retrieve information about an existing DeepRacer model's training job", + "access_level": "Read", + "resource_types": { + "training_job": { + "resource_type": "training_job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "training_job": "training_job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" + }, + "ImportModel": { + "privilege": "ImportModel", + "description": "Grants permission to import a reinforcement learning model for DeepRacer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-troubleshooting-service-migration-errors.html" + }, + "ListEvaluations": { + "privilege": "ListEvaluations", + "description": "Grants permission to list a DeepRacer model's evaluation jobs", + "access_level": "Read", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" + }, + "ListLeaderboardSubmissions": { + "privilege": "ListLeaderboardSubmissions", + "description": "Grants permission to list all the DeepRacer model submissions of a user on a leaderboard", + "access_level": "Read", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "ListLeaderboards": { + "privilege": "ListLeaderboards", + "description": "Grants permission to list all the available leaderboards", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "ListModels": { + "privilege": "ListModels", + "description": "Grants permission to list all existing DeepRacer models", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" + }, + "ListPrivateLeaderboardParticipants": { + "privilege": "ListPrivateLeaderboardParticipants", + "description": "Grants permission to retrieve participant information about private leaderboards", + "access_level": "Read", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" + }, + "ListPrivateLeaderboards": { + "privilege": "ListPrivateLeaderboards", + "description": "Grants permission to list all the available private leaderboards", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" + }, + "ListSubscribedPrivateLeaderboards": { + "privilege": "ListSubscribedPrivateLeaderboards", + "description": "Grants permission to list all the subscribed private leaderboards", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-join-community-race.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tag for a resource", + "access_level": "Read", + "resource_types": { + "car": { + "resource_type": "car", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation_job": { + "resource_type": "evaluation_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "leaderboard": { + "resource_type": "leaderboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "leaderboard_evaluation_job": { + "resource_type": "leaderboard_evaluation_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "training_job": { + "resource_type": "training_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "car": "car", + "evaluation_job": "evaluation_job", + "leaderboard": "leaderboard", + "leaderboard_evaluation_job": "leaderboard_evaluation_job", + "reinforcement_learning_model": "reinforcement_learning_model", + "training_job": "training_job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-tagging.html" + }, + "ListTracks": { + "privilege": "ListTracks", + "description": "Grants permission to list all DeepRacer tracks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html" + }, + "ListTrainingJobs": { + "privilege": "ListTrainingJobs", + "description": "Grants permission to list a DeepRacer model's training jobs", + "access_level": "Read", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" + }, + "MigrateModels": { + "privilege": "MigrateModels", + "description": "Grants permission to migrate previous reinforcement learning models for DeepRacer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-troubleshooting-service-migration-errors.html" + }, + "PerformLeaderboardOperation": { + "privilege": "PerformLeaderboardOperation", + "description": "Grants permission to performs the leaderboard operation mentioned in the operation attribute", + "access_level": "Write", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-perform-leaderboard-operation.html" + }, + "RemoveLeaderboardAccessPermission": { + "privilege": "RemoveLeaderboardAccessPermission", + "description": "Grants permission to remove access for a private leaderboard", + "access_level": "Write", + "resource_types": { + "leaderboard": { + "resource_type": "leaderboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "leaderboard": "leaderboard", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-manage-community-races.html" + }, + "SetAlias": { + "privilege": "SetAlias", + "description": "Grants permission to set the user's alias for submitting a DeepRacer model to leaderboards", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-submit-model-to-leaderboard.html" + }, + "StartEvaluation": { + "privilege": "StartEvaluation", + "description": "Grants permission to evaluate a DeepRacer model in a simulated environment", + "access_level": "Write", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "track": { + "resource_type": "track", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "track": "track", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" + }, + "StopEvaluation": { + "privilege": "StopEvaluation", + "description": "Grants permission to stop DeepRacer model evaluations", + "access_level": "Write", + "resource_types": { + "evaluation_job": { + "resource_type": "evaluation_job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "evaluation_job": "evaluation_job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html" + }, + "StopTrainingReinforcementLearningModel": { + "privilege": "StopTrainingReinforcementLearningModel", + "description": "Grants permission to stop training a DeepRacer model", + "access_level": "Write", + "resource_types": { + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reinforcement_learning_model": "reinforcement_learning_model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-training-model.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "car": { + "resource_type": "car", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation_job": { + "resource_type": "evaluation_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "leaderboard": { + "resource_type": "leaderboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "leaderboard_evaluation_job": { + "resource_type": "leaderboard_evaluation_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "training_job": { + "resource_type": "training_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "car": "car", + "evaluation_job": "evaluation_job", + "leaderboard": "leaderboard", + "leaderboard_evaluation_job": "leaderboard_evaluation_job", + "reinforcement_learning_model": "reinforcement_learning_model", + "training_job": "training_job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-tagging.html" + }, + "TestRewardFunction": { + "privilege": "TestRewardFunction", + "description": "Grants permission to test reward functions for correctness", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-console-train-evaluate-models.html#deepracer-train-models-define-reward-function" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "car": { + "resource_type": "car", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "evaluation_job": { + "resource_type": "evaluation_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "leaderboard": { + "resource_type": "leaderboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "leaderboard_evaluation_job": { + "resource_type": "leaderboard_evaluation_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reinforcement_learning_model": { + "resource_type": "reinforcement_learning_model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "training_job": { + "resource_type": "training_job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "car": "car", + "evaluation_job": "evaluation_job", + "leaderboard": "leaderboard", + "leaderboard_evaluation_job": "leaderboard_evaluation_job", + "reinforcement_learning_model": "reinforcement_learning_model", + "training_job": "training_job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-tagging.html" + }, + "UpdateCar": { + "privilege": "UpdateCar", + "description": "Grants permission to update a DeepRacer car in your garage", + "access_level": "Write", + "resource_types": { + "car": { + "resource_type": "car", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "deepracer:UserToken", + "deepracer:MultiUser" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "car": "car", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-choose-race-type.html" + } + }, + "privileges_lower_name": { + "addleaderboardaccesspermission": "AddLeaderboardAccessPermission", + "admingetaccountconfig": "AdminGetAccountConfig", + "adminlistassociatedresources": "AdminListAssociatedResources", + "adminlistassociatedusers": "AdminListAssociatedUsers", + "adminmanageuser": "AdminManageUser", + "adminsetaccountconfig": "AdminSetAccountConfig", + "clonereinforcementlearningmodel": "CloneReinforcementLearningModel", + "createcar": "CreateCar", + "createleaderboard": "CreateLeaderboard", + "createleaderboardaccesstoken": "CreateLeaderboardAccessToken", + "createleaderboardsubmission": "CreateLeaderboardSubmission", + "createreinforcementlearningmodel": "CreateReinforcementLearningModel", + "deleteleaderboard": "DeleteLeaderboard", + "deletemodel": "DeleteModel", + "editleaderboard": "EditLeaderboard", + "getaccountconfig": "GetAccountConfig", + "getalias": "GetAlias", + "getasseturl": "GetAssetUrl", + "getcar": "GetCar", + "getcars": "GetCars", + "getevaluation": "GetEvaluation", + "getlatestusersubmission": "GetLatestUserSubmission", + "getleaderboard": "GetLeaderboard", + "getmodel": "GetModel", + "getprivateleaderboard": "GetPrivateLeaderboard", + "getrankedusersubmission": "GetRankedUserSubmission", + "gettrack": "GetTrack", + "gettrainingjob": "GetTrainingJob", + "importmodel": "ImportModel", + "listevaluations": "ListEvaluations", + "listleaderboardsubmissions": "ListLeaderboardSubmissions", + "listleaderboards": "ListLeaderboards", + "listmodels": "ListModels", + "listprivateleaderboardparticipants": "ListPrivateLeaderboardParticipants", + "listprivateleaderboards": "ListPrivateLeaderboards", + "listsubscribedprivateleaderboards": "ListSubscribedPrivateLeaderboards", + "listtagsforresource": "ListTagsForResource", + "listtracks": "ListTracks", + "listtrainingjobs": "ListTrainingJobs", + "migratemodels": "MigrateModels", + "performleaderboardoperation": "PerformLeaderboardOperation", + "removeleaderboardaccesspermission": "RemoveLeaderboardAccessPermission", + "setalias": "SetAlias", + "startevaluation": "StartEvaluation", + "stopevaluation": "StopEvaluation", + "stoptrainingreinforcementlearningmodel": "StopTrainingReinforcementLearningModel", + "tagresource": "TagResource", + "testrewardfunction": "TestRewardFunction", + "untagresource": "UntagResource", + "updatecar": "UpdateCar" + }, + "resources": { + "car": { + "resource": "car", + "arn": "arn:${Partition}:deepracer:${Region}:${Account}:car/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "evaluation_job": { + "resource": "evaluation_job", + "arn": "arn:${Partition}:deepracer:${Region}:${Account}:evaluation_job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "leaderboard": { + "resource": "leaderboard", + "arn": "arn:${Partition}:deepracer:${Region}::leaderboard/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "leaderboard_evaluation_job": { + "resource": "leaderboard_evaluation_job", + "arn": "arn:${Partition}:deepracer:${Region}:${Account}:leaderboard_evaluation_job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "reinforcement_learning_model": { + "resource": "reinforcement_learning_model", + "arn": "arn:${Partition}:deepracer:${Region}:${Account}:model/reinforcement_learning/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "track": { + "resource": "track", + "arn": "arn:${Partition}:deepracer:${Region}::track/${ResourceId}", + "condition_keys": [] + }, + "training_job": { + "resource": "training_job", + "arn": "arn:${Partition}:deepracer:${Region}:${Account}:training_job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "car": "car", + "evaluation_job": "evaluation_job", + "leaderboard": "leaderboard", + "leaderboard_evaluation_job": "leaderboard_evaluation_job", + "reinforcement_learning_model": "reinforcement_learning_model", + "track": "track", + "training_job": "training_job" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions by tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions by tag keys in the request", + "type": "ArrayOfString" + }, + "deepracer:MultiUser": { + "condition": "deepracer:MultiUser", + "description": "Filters access by multiuser flag", + "type": "Bool" + }, + "deepracer:UserToken": { + "condition": "deepracer:UserToken", + "description": "Filters access by user token in the request", + "type": "String" + } + } + }, + "devicefarm": { + "service_name": "AWS Device Farm", + "prefix": "devicefarm", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdevicefarm.html", + "privileges": { + "CreateDevicePool": { + "privilege": "CreateDevicePool", + "description": "Grants permission to create a device pool within a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateDevicePool.html" + }, + "CreateInstanceProfile": { + "privilege": "CreateInstanceProfile", + "description": "Grants permission to create a device instance profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateInstanceProfile.html" + }, + "CreateNetworkProfile": { + "privilege": "CreateNetworkProfile", + "description": "Grants permission to create a network profile within a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateNetworkProfile.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a project for mobile testing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateProject.html" + }, + "CreateRemoteAccessSession": { + "privilege": "CreateRemoteAccessSession", + "description": "Grants permission to start a remote access session to a device instance", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deviceinstance": { + "resource_type": "deviceinstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "upload": { + "resource_type": "upload", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "project": "project", + "deviceinstance": "deviceinstance", + "upload": "upload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateRemoteAccessSession.html" + }, + "CreateTestGridProject": { + "privilege": "CreateTestGridProject", + "description": "Grants permission to create a project for desktop testing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateTestGridProject.html" + }, + "CreateTestGridUrl": { + "privilege": "CreateTestGridUrl", + "description": "Grants permission to generate a new pre-signed url used to access our test grid service", + "access_level": "Write", + "resource_types": { + "testgrid-project": { + "resource_type": "testgrid-project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "testgrid-project": "testgrid-project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateTestGridUrl.html" + }, + "CreateUpload": { + "privilege": "CreateUpload", + "description": "Grants permission to upload a new file or app within a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateUpload.html" + }, + "CreateVPCEConfiguration": { + "privilege": "CreateVPCEConfiguration", + "description": "Grants permission to create an Amazon Virtual Private Cloud (VPC) endpoint configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_CreateVPCEConfiguration.html" + }, + "DeleteDevicePool": { + "privilege": "DeleteDevicePool", + "description": "Grants permission to delete a user-generated device pool", + "access_level": "Write", + "resource_types": { + "devicepool": { + "resource_type": "devicepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicepool": "devicepool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteDevicePool.html" + }, + "DeleteInstanceProfile": { + "privilege": "DeleteInstanceProfile", + "description": "Grants permission to delete a user-generated instance profile", + "access_level": "Write", + "resource_types": { + "instanceprofile": { + "resource_type": "instanceprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instanceprofile": "instanceprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteInstanceProfile.html" + }, + "DeleteNetworkProfile": { + "privilege": "DeleteNetworkProfile", + "description": "Grants permission to delete a user-generated network profile", + "access_level": "Write", + "resource_types": { + "networkprofile": { + "resource_type": "networkprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkprofile": "networkprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/DeleteNetworkProfile.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a mobile testing project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteProject.html" + }, + "DeleteRemoteAccessSession": { + "privilege": "DeleteRemoteAccessSession", + "description": "Grants permission to delete a completed remote access session and its results", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteRemoteAccessSession.html" + }, + "DeleteRun": { + "privilege": "DeleteRun", + "description": "Grants permission to delete a run", + "access_level": "Write", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteRun.html" + }, + "DeleteTestGridProject": { + "privilege": "DeleteTestGridProject", + "description": "Grants permission to delete a desktop testing project", + "access_level": "Write", + "resource_types": { + "testgrid-project": { + "resource_type": "testgrid-project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "testgrid-project": "testgrid-project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteTestGridProject.html" + }, + "DeleteUpload": { + "privilege": "DeleteUpload", + "description": "Grants permission to delete a user-uploaded file", + "access_level": "Write", + "resource_types": { + "upload": { + "resource_type": "upload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "upload": "upload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteUpload.html" + }, + "DeleteVPCEConfiguration": { + "privilege": "DeleteVPCEConfiguration", + "description": "Grants permission to delete an Amazon Virtual Private Cloud (VPC) endpoint configuration", + "access_level": "Write", + "resource_types": { + "vpceconfiguration": { + "resource_type": "vpceconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpceconfiguration": "vpceconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_DeleteVPCEConfiguration.html" + }, + "GetAccountSettings": { + "privilege": "GetAccountSettings", + "description": "Grants permission to retrieve the number of unmetered iOS and/or unmetered Android devices purchased by the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetAccountSettings.html" + }, + "GetDevice": { + "privilege": "GetDevice", + "description": "Grants permission to retrieve the information of a unique device type", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDevice.html" + }, + "GetDeviceInstance": { + "privilege": "GetDeviceInstance", + "description": "Grants permission to retireve the information of a device instance", + "access_level": "Read", + "resource_types": { + "deviceinstance": { + "resource_type": "deviceinstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deviceinstance": "deviceinstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDeviceInstance.html" + }, + "GetDevicePool": { + "privilege": "GetDevicePool", + "description": "Grants permission to retireve the information of a device pool", + "access_level": "Read", + "resource_types": { + "devicepool": { + "resource_type": "devicepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicepool": "devicepool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDevicePool.html" + }, + "GetDevicePoolCompatibility": { + "privilege": "GetDevicePoolCompatibility", + "description": "Grants permission to retrieve information about the compatibility of a test and/or app with a device pool", + "access_level": "Read", + "resource_types": { + "devicepool": { + "resource_type": "devicepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "upload": { + "resource_type": "upload", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicepool": "devicepool", + "upload": "upload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetDevicePoolCompatibility.html" + }, + "GetInstanceProfile": { + "privilege": "GetInstanceProfile", + "description": "Grants permission to retireve the information of an instance profile", + "access_level": "Read", + "resource_types": { + "instanceprofile": { + "resource_type": "instanceprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instanceprofile": "instanceprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetInstanceProfile.html" + }, + "GetJob": { + "privilege": "GetJob", + "description": "Grants permission to retireve the information of a job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetJob.html" + }, + "GetNetworkProfile": { + "privilege": "GetNetworkProfile", + "description": "Grants permission to retireve the information of a network profile", + "access_level": "Read", + "resource_types": { + "networkprofile": { + "resource_type": "networkprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkprofile": "networkprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetNetworkProfile.html" + }, + "GetOfferingStatus": { + "privilege": "GetOfferingStatus", + "description": "Grants permission to retrieve the current status and future status of all offerings purchased by an AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetOfferingStatus.html" + }, + "GetProject": { + "privilege": "GetProject", + "description": "Grants permission to retrieve information about a mobile testing project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetProject.html" + }, + "GetRemoteAccessSession": { + "privilege": "GetRemoteAccessSession", + "description": "Grants permission to retireve the link to a currently running remote access session", + "access_level": "Read", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetRemoteAccessSession.html" + }, + "GetRun": { + "privilege": "GetRun", + "description": "Grants permission to retireve the information of a run", + "access_level": "Read", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetRun.html" + }, + "GetSuite": { + "privilege": "GetSuite", + "description": "Grants permission to retireve the information of a testing suite", + "access_level": "Read", + "resource_types": { + "suite": { + "resource_type": "suite", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suite": "suite" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetSuite.html" + }, + "GetTest": { + "privilege": "GetTest", + "description": "Grants permission to retireve the information of a test case", + "access_level": "Read", + "resource_types": { + "test": { + "resource_type": "test", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "test": "test" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetTest.html" + }, + "GetTestGridProject": { + "privilege": "GetTestGridProject", + "description": "Grants permission to retrieve information about a desktop testing project", + "access_level": "Read", + "resource_types": { + "testgrid-project": { + "resource_type": "testgrid-project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "testgrid-project": "testgrid-project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetTestGridProject.html" + }, + "GetTestGridSession": { + "privilege": "GetTestGridSession", + "description": "Grants permission to retireve the information of a test grid session", + "access_level": "Read", + "resource_types": { + "testgrid-project": { + "resource_type": "testgrid-project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "testgrid-session": { + "resource_type": "testgrid-session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "testgrid-project": "testgrid-project", + "testgrid-session": "testgrid-session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetTestGridSession.html" + }, + "GetUpload": { + "privilege": "GetUpload", + "description": "Grants permission to retireve the information of an uploaded file", + "access_level": "Read", + "resource_types": { + "upload": { + "resource_type": "upload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "upload": "upload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetUpload.html" + }, + "GetVPCEConfiguration": { + "privilege": "GetVPCEConfiguration", + "description": "Grants permission to retireve the information of an Amazon Virtual Private Cloud (VPC) endpoint configuration", + "access_level": "Read", + "resource_types": { + "vpceconfiguration": { + "resource_type": "vpceconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpceconfiguration": "vpceconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_GetVPCEConfiguration.html" + }, + "InstallToRemoteAccessSession": { + "privilege": "InstallToRemoteAccessSession", + "description": "Grants permission to install an application to a device in a remote access session", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "upload": { + "resource_type": "upload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session", + "upload": "upload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_InstallToRemoteAccessSession.html" + }, + "ListArtifacts": { + "privilege": "ListArtifacts", + "description": "Grants permission to list the artifacts in a project", + "access_level": "List", + "resource_types": { + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "run": { + "resource_type": "run", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "suite": { + "resource_type": "suite", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "test": { + "resource_type": "test", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "run": "run", + "suite": "suite", + "test": "test" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListArtifacts.html" + }, + "ListDeviceInstances": { + "privilege": "ListDeviceInstances", + "description": "Grants permission to list the information of device instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListDeviceInstances.html" + }, + "ListDevicePools": { + "privilege": "ListDevicePools", + "description": "Grants permission to list the information of device pools", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListDevicePools.html" + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Grants permission to list the information of unique device types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListDevices.html" + }, + "ListInstanceProfiles": { + "privilege": "ListInstanceProfiles", + "description": "Grants permission to list the information of device instance profiles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListInstanceProfiles.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list the information of jobs within a run", + "access_level": "List", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListJobs.html" + }, + "ListNetworkProfiles": { + "privilege": "ListNetworkProfiles", + "description": "Grants permission to list the information of network profiles within a project", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListNetworkProfiles.html" + }, + "ListOfferingPromotions": { + "privilege": "ListOfferingPromotions", + "description": "Grants permission to list the offering promotions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListOfferingPromotions.html" + }, + "ListOfferingTransactions": { + "privilege": "ListOfferingTransactions", + "description": "Grants permission to list all of the historical purchases, renewals, and system renewal transactions for an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListOfferingTransactions.html" + }, + "ListOfferings": { + "privilege": "ListOfferings", + "description": "Grants permission to list the products or offerings that the user can manage through the API", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListOfferings.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list the information of mobile testing projects for an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListProjects.html" + }, + "ListRemoteAccessSessions": { + "privilege": "ListRemoteAccessSessions", + "description": "Grants permission to list the information of currently running remote access sessions", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListRemoteAccessSessions.html" + }, + "ListRuns": { + "privilege": "ListRuns", + "description": "Grants permission to list the information of runs within a project", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListRuns.html" + }, + "ListSamples": { + "privilege": "ListSamples", + "description": "Grants permission to list the information of samples within a project", + "access_level": "List", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListSamples.html" + }, + "ListSuites": { + "privilege": "ListSuites", + "description": "Grants permission to list the information of testing suites within a job", + "access_level": "List", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListSuites.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags of a resource", + "access_level": "List", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deviceinstance": { + "resource_type": "deviceinstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "devicepool": { + "resource_type": "devicepool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instanceprofile": { + "resource_type": "instanceprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "networkprofile": { + "resource_type": "networkprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "run": { + "resource_type": "run", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "session": { + "resource_type": "session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "testgrid-project": { + "resource_type": "testgrid-project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "testgrid-session": { + "resource_type": "testgrid-session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpceconfiguration": { + "resource_type": "vpceconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "deviceinstance": "deviceinstance", + "devicepool": "devicepool", + "instanceprofile": "instanceprofile", + "networkprofile": "networkprofile", + "project": "project", + "run": "run", + "session": "session", + "testgrid-project": "testgrid-project", + "testgrid-session": "testgrid-session", + "vpceconfiguration": "vpceconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTestGridProjects": { + "privilege": "ListTestGridProjects", + "description": "Grants permission to list the information of desktop testing projects for an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridProjects.html" + }, + "ListTestGridSessionActions": { + "privilege": "ListTestGridSessionActions", + "description": "Grants permission to list the session actions performed during a test grid session", + "access_level": "List", + "resource_types": { + "testgrid-session": { + "resource_type": "testgrid-session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "testgrid-session": "testgrid-session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridSessionActions.html" + }, + "ListTestGridSessionArtifacts": { + "privilege": "ListTestGridSessionArtifacts", + "description": "Grants permission to list the artifacts generated by a test grid session", + "access_level": "List", + "resource_types": { + "testgrid-session": { + "resource_type": "testgrid-session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "testgrid-session": "testgrid-session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridSessionArtifacts.html" + }, + "ListTestGridSessions": { + "privilege": "ListTestGridSessions", + "description": "Grants permission to list the sessions within a test grid project", + "access_level": "List", + "resource_types": { + "testgrid-project": { + "resource_type": "testgrid-project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "testgrid-project": "testgrid-project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTestGridSessions.html" + }, + "ListTests": { + "privilege": "ListTests", + "description": "Grants permission to list the information of tests within a testing suite", + "access_level": "List", + "resource_types": { + "suite": { + "resource_type": "suite", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suite": "suite" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListTests.html" + }, + "ListUniqueProblems": { + "privilege": "ListUniqueProblems", + "description": "Grants permission to list the information of unique problems within a run", + "access_level": "List", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListUniqueProblems.html" + }, + "ListUploads": { + "privilege": "ListUploads", + "description": "Grants permission to list the information of uploads within a project", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListUploads.html" + }, + "ListVPCEConfigurations": { + "privilege": "ListVPCEConfigurations", + "description": "Grants permission to list the information of Amazon Virtual Private Cloud (VPC) endpoint configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ListVPCEConfigurations.html" + }, + "PurchaseOffering": { + "privilege": "PurchaseOffering", + "description": "Grants permission to purchase offerings for an AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_PurchaseOffering.html" + }, + "RenewOffering": { + "privilege": "RenewOffering", + "description": "Grants permission to set the quantity of devices to renew for an offering", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_RenewOffering.html" + }, + "ScheduleRun": { + "privilege": "ScheduleRun", + "description": "Grants permission to schedule a run", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "devicepool": { + "resource_type": "devicepool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "upload": { + "resource_type": "upload", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "devicepool": "devicepool", + "upload": "upload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_ScheduleRun.html" + }, + "StopJob": { + "privilege": "StopJob", + "description": "Grants permission to terminate a running job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_StopJob.html" + }, + "StopRemoteAccessSession": { + "privilege": "StopRemoteAccessSession", + "description": "Grants permission to terminate a running remote access session", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_StopRemoteAccessSession.html" + }, + "StopRun": { + "privilege": "StopRun", + "description": "Grants permission to terminate a running test run", + "access_level": "Write", + "resource_types": { + "run": { + "resource_type": "run", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "run": "run" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_StopRun.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deviceinstance": { + "resource_type": "deviceinstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "devicepool": { + "resource_type": "devicepool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instanceprofile": { + "resource_type": "instanceprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "networkprofile": { + "resource_type": "networkprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "run": { + "resource_type": "run", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "session": { + "resource_type": "session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "testgrid-project": { + "resource_type": "testgrid-project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "testgrid-session": { + "resource_type": "testgrid-session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpceconfiguration": { + "resource_type": "vpceconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "deviceinstance": "deviceinstance", + "devicepool": "devicepool", + "instanceprofile": "instanceprofile", + "networkprofile": "networkprofile", + "project": "project", + "run": "run", + "session": "session", + "testgrid-project": "testgrid-project", + "testgrid-session": "testgrid-session", + "vpceconfiguration": "vpceconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deviceinstance": { + "resource_type": "deviceinstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "devicepool": { + "resource_type": "devicepool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instanceprofile": { + "resource_type": "instanceprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "networkprofile": { + "resource_type": "networkprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "run": { + "resource_type": "run", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "session": { + "resource_type": "session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "testgrid-project": { + "resource_type": "testgrid-project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "testgrid-session": { + "resource_type": "testgrid-session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vpceconfiguration": { + "resource_type": "vpceconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "deviceinstance": "deviceinstance", + "devicepool": "devicepool", + "instanceprofile": "instanceprofile", + "networkprofile": "networkprofile", + "project": "project", + "run": "run", + "session": "session", + "testgrid-project": "testgrid-project", + "testgrid-session": "testgrid-session", + "vpceconfiguration": "vpceconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UntagResource.html" + }, + "UpdateDeviceInstance": { + "privilege": "UpdateDeviceInstance", + "description": "Grants permission to modify an existing device instance", + "access_level": "Write", + "resource_types": { + "deviceinstance": { + "resource_type": "deviceinstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instanceprofile": { + "resource_type": "instanceprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deviceinstance": "deviceinstance", + "instanceprofile": "instanceprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateDeviceInstance.html" + }, + "UpdateDevicePool": { + "privilege": "UpdateDevicePool", + "description": "Grants permission to modify an existing device pool", + "access_level": "Write", + "resource_types": { + "devicepool": { + "resource_type": "devicepool", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicepool": "devicepool" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateDevicePool.html" + }, + "UpdateInstanceProfile": { + "privilege": "UpdateInstanceProfile", + "description": "Grants permission to modify an existing instance profile", + "access_level": "Write", + "resource_types": { + "instanceprofile": { + "resource_type": "instanceprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instanceprofile": "instanceprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateInstanceProfile.html" + }, + "UpdateNetworkProfile": { + "privilege": "UpdateNetworkProfile", + "description": "Grants permission to modify an existing network profile", + "access_level": "Write", + "resource_types": { + "networkprofile": { + "resource_type": "networkprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkprofile": "networkprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateNetworkProfile.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to modify an existing mobile testing project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateProject.html" + }, + "UpdateTestGridProject": { + "privilege": "UpdateTestGridProject", + "description": "Grants permission to modify an existing desktop testing project", + "access_level": "Write", + "resource_types": { + "testgrid-project": { + "resource_type": "testgrid-project", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "testgrid-project": "testgrid-project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateTestGridProject.html" + }, + "UpdateUpload": { + "privilege": "UpdateUpload", + "description": "Grants permission to modify an existing upload", + "access_level": "Write", + "resource_types": { + "upload": { + "resource_type": "upload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "upload": "upload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateUpload.html" + }, + "UpdateVPCEConfiguration": { + "privilege": "UpdateVPCEConfiguration", + "description": "Grants permission to modify an existing Amazon Virtual Private Cloud (VPC) endpoint configuration", + "access_level": "Write", + "resource_types": { + "vpceconfiguration": { + "resource_type": "vpceconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vpceconfiguration": "vpceconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/devicefarm/latest/APIReference/API_UpdateVPCEConfiguration.html" + } + }, + "privileges_lower_name": { + "createdevicepool": "CreateDevicePool", + "createinstanceprofile": "CreateInstanceProfile", + "createnetworkprofile": "CreateNetworkProfile", + "createproject": "CreateProject", + "createremoteaccesssession": "CreateRemoteAccessSession", + "createtestgridproject": "CreateTestGridProject", + "createtestgridurl": "CreateTestGridUrl", + "createupload": "CreateUpload", + "createvpceconfiguration": "CreateVPCEConfiguration", + "deletedevicepool": "DeleteDevicePool", + "deleteinstanceprofile": "DeleteInstanceProfile", + "deletenetworkprofile": "DeleteNetworkProfile", + "deleteproject": "DeleteProject", + "deleteremoteaccesssession": "DeleteRemoteAccessSession", + "deleterun": "DeleteRun", + "deletetestgridproject": "DeleteTestGridProject", + "deleteupload": "DeleteUpload", + "deletevpceconfiguration": "DeleteVPCEConfiguration", + "getaccountsettings": "GetAccountSettings", + "getdevice": "GetDevice", + "getdeviceinstance": "GetDeviceInstance", + "getdevicepool": "GetDevicePool", + "getdevicepoolcompatibility": "GetDevicePoolCompatibility", + "getinstanceprofile": "GetInstanceProfile", + "getjob": "GetJob", + "getnetworkprofile": "GetNetworkProfile", + "getofferingstatus": "GetOfferingStatus", + "getproject": "GetProject", + "getremoteaccesssession": "GetRemoteAccessSession", + "getrun": "GetRun", + "getsuite": "GetSuite", + "gettest": "GetTest", + "gettestgridproject": "GetTestGridProject", + "gettestgridsession": "GetTestGridSession", + "getupload": "GetUpload", + "getvpceconfiguration": "GetVPCEConfiguration", + "installtoremoteaccesssession": "InstallToRemoteAccessSession", + "listartifacts": "ListArtifacts", + "listdeviceinstances": "ListDeviceInstances", + "listdevicepools": "ListDevicePools", + "listdevices": "ListDevices", + "listinstanceprofiles": "ListInstanceProfiles", + "listjobs": "ListJobs", + "listnetworkprofiles": "ListNetworkProfiles", + "listofferingpromotions": "ListOfferingPromotions", + "listofferingtransactions": "ListOfferingTransactions", + "listofferings": "ListOfferings", + "listprojects": "ListProjects", + "listremoteaccesssessions": "ListRemoteAccessSessions", + "listruns": "ListRuns", + "listsamples": "ListSamples", + "listsuites": "ListSuites", + "listtagsforresource": "ListTagsForResource", + "listtestgridprojects": "ListTestGridProjects", + "listtestgridsessionactions": "ListTestGridSessionActions", + "listtestgridsessionartifacts": "ListTestGridSessionArtifacts", + "listtestgridsessions": "ListTestGridSessions", + "listtests": "ListTests", + "listuniqueproblems": "ListUniqueProblems", + "listuploads": "ListUploads", + "listvpceconfigurations": "ListVPCEConfigurations", + "purchaseoffering": "PurchaseOffering", + "renewoffering": "RenewOffering", + "schedulerun": "ScheduleRun", + "stopjob": "StopJob", + "stopremoteaccesssession": "StopRemoteAccessSession", + "stoprun": "StopRun", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedeviceinstance": "UpdateDeviceInstance", + "updatedevicepool": "UpdateDevicePool", + "updateinstanceprofile": "UpdateInstanceProfile", + "updatenetworkprofile": "UpdateNetworkProfile", + "updateproject": "UpdateProject", + "updatetestgridproject": "UpdateTestGridProject", + "updateupload": "UpdateUpload", + "updatevpceconfiguration": "UpdateVPCEConfiguration" + }, + "resources": { + "project": { + "resource": "project", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:project:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "run": { + "resource": "run", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:run:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "job": { + "resource": "job", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:job:${ResourceId}", + "condition_keys": [] + }, + "suite": { + "resource": "suite", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:suite:${ResourceId}", + "condition_keys": [] + }, + "test": { + "resource": "test", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:test:${ResourceId}", + "condition_keys": [] + }, + "upload": { + "resource": "upload", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:upload:${ResourceId}", + "condition_keys": [] + }, + "artifact": { + "resource": "artifact", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:artifact:${ResourceId}", + "condition_keys": [] + }, + "sample": { + "resource": "sample", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:sample:${ResourceId}", + "condition_keys": [] + }, + "networkprofile": { + "resource": "networkprofile", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:networkprofile:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deviceinstance": { + "resource": "deviceinstance", + "arn": "arn:${Partition}:devicefarm:${Region}::deviceinstance:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "session": { + "resource": "session", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:session:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "devicepool": { + "resource": "devicepool", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:devicepool:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "device": { + "resource": "device", + "arn": "arn:${Partition}:devicefarm:${Region}::device:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "instanceprofile": { + "resource": "instanceprofile", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:instanceprofile:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vpceconfiguration": { + "resource": "vpceconfiguration", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:vpceconfiguration:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "testgrid-project": { + "resource": "testgrid-project", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:testgrid-project:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "testgrid-session": { + "resource": "testgrid-session", + "arn": "arn:${Partition}:devicefarm:${Region}:${Account}:testgrid-session:${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "project": "project", + "run": "run", + "job": "job", + "suite": "suite", + "test": "test", + "upload": "upload", + "artifact": "artifact", + "sample": "sample", + "networkprofile": "networkprofile", + "deviceinstance": "deviceinstance", + "session": "session", + "devicepool": "devicepool", + "device": "device", + "instanceprofile": "instanceprofile", + "vpceconfiguration": "vpceconfiguration", + "testgrid-project": "testgrid-project", + "testgrid-session": "testgrid-session" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value assoicated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "directconnect": { + "service_name": "AWS Direct Connect", + "prefix": "directconnect", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdirectconnect.html", + "privileges": { + "AcceptDirectConnectGatewayAssociationProposal": { + "privilege": "AcceptDirectConnectGatewayAssociationProposal", + "description": "Grants permission to accept a proposal request to attach a virtual private gateway to a Direct Connect gateway", + "access_level": "Write", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AcceptDirectConnectGatewayAssociationProposal.html" + }, + "AllocateConnectionOnInterconnect": { + "privilege": "AllocateConnectionOnInterconnect", + "description": "Grants permission to create a hosted connection on an interconnect", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateConnectionOnInterconnect.html" + }, + "AllocateHostedConnection": { + "privilege": "AllocateHostedConnection", + "description": "Grants permission to create a new hosted connection between a AWS Direct Connect partner's network and a specific AWS Direct Connect location", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateHostedConnection.html" + }, + "AllocatePrivateVirtualInterface": { + "privilege": "AllocatePrivateVirtualInterface", + "description": "Grants permission to provision a private virtual interface to be owned by a different customer", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocatePrivateVirtualInterface.html" + }, + "AllocatePublicVirtualInterface": { + "privilege": "AllocatePublicVirtualInterface", + "description": "Grants permission to provision a public virtual interface to be owned by a different customer", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocatePublicVirtualInterface.html" + }, + "AllocateTransitVirtualInterface": { + "privilege": "AllocateTransitVirtualInterface", + "description": "Grants permission to provision a transit virtual interface to be owned by a different customer", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AllocateTransitVirtualInterface.html" + }, + "AssociateConnectionWithLag": { + "privilege": "AssociateConnectionWithLag", + "description": "Grants permission to associate a connection with a LAG", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateConnectionWithLag.html" + }, + "AssociateHostedConnection": { + "privilege": "AssociateHostedConnection", + "description": "Grants permission to associate a hosted connection and its virtual interfaces with a link aggregation group (LAG) or interconnect", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateHostedConnection.html" + }, + "AssociateMacSecKey": { + "privilege": "AssociateMacSecKey", + "description": "Grants permission to associate a MAC Security (MACsec) Connection Key Name (CKN)/ Connectivity Association Key (CAK) pair with an AWS Direct Connect dedicated connection", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateMacSecKey.html" + }, + "AssociateVirtualInterface": { + "privilege": "AssociateVirtualInterface", + "description": "Grants permission to associate a virtual interface with a specified link aggregation group (LAG) or connection", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif", + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_AssociateVirtualInterface.html" + }, + "ConfirmConnection": { + "privilege": "ConfirmConnection", + "description": "Grants permission to confirm the creation of a hosted connection on an interconnect", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmConnection.html" + }, + "ConfirmCustomerAgreement": { + "privilege": "ConfirmCustomerAgreement", + "description": "Grants permission to confirm the the terms of agreement when creating the connection or link aggregation group (LAG)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmCustomerAgreement.html" + }, + "ConfirmPrivateVirtualInterface": { + "privilege": "ConfirmPrivateVirtualInterface", + "description": "Grants permission to accept ownership of a private virtual interface created by another customer", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmPrivateVirtualInterface.html" + }, + "ConfirmPublicVirtualInterface": { + "privilege": "ConfirmPublicVirtualInterface", + "description": "Grants permission to accept ownership of a public virtual interface created by another customer", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmPublicVirtualInterface.html" + }, + "ConfirmTransitVirtualInterface": { + "privilege": "ConfirmTransitVirtualInterface", + "description": "Grants permission to accept ownership of a transit virtual interface created by another customer", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ConfirmTransitVirtualInterface.html" + }, + "CreateBGPPeer": { + "privilege": "CreateBGPPeer", + "description": "Grants permission to create a BGP peer on the specified virtual interface", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateBGPPeer.html" + }, + "CreateConnection": { + "privilege": "CreateConnection", + "description": "Grants permission to create a new connection between the customer network and a specific AWS Direct Connect location", + "access_level": "Write", + "resource_types": { + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateConnection.html" + }, + "CreateDirectConnectGateway": { + "privilege": "CreateDirectConnectGateway", + "description": "Grants permission to create a Direct Connect gateway, which is an intermediate object that enables you to connect a set of virtual interfaces and virtual private gateways", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateDirectConnectGateway.html" + }, + "CreateDirectConnectGatewayAssociation": { + "privilege": "CreateDirectConnectGatewayAssociation", + "description": "Grants permission to create an association between a Direct Connect gateway and a virtual private gateway", + "access_level": "Write", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateDirectConnectGatewayAssociation.html" + }, + "CreateDirectConnectGatewayAssociationProposal": { + "privilege": "CreateDirectConnectGatewayAssociationProposal", + "description": "Grants permission to create a proposal to associate the specified virtual private gateway with the specified Direct Connect gateway", + "access_level": "Write", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateDirectConnectGatewayAssociationProposal.html" + }, + "CreateInterconnect": { + "privilege": "CreateInterconnect", + "description": "Grants permission to create a new interconnect between a AWS Direct Connect partner's network and a specific AWS Direct Connect location", + "access_level": "Write", + "resource_types": { + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateInterconnect.html" + }, + "CreateLag": { + "privilege": "CreateLag", + "description": "Grants permission to create a link aggregation group (LAG) with the specified number of bundled physical connections between the customer network and a specific AWS Direct Connect location", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateLag.html" + }, + "CreatePrivateVirtualInterface": { + "privilege": "CreatePrivateVirtualInterface", + "description": "Grants permission to create a new private virtual interface", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreatePrivateVirtualInterface.html" + }, + "CreatePublicVirtualInterface": { + "privilege": "CreatePublicVirtualInterface", + "description": "Grants permission to create a new public virtual interface", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreatePublicVirtualInterface.html" + }, + "CreateTransitVirtualInterface": { + "privilege": "CreateTransitVirtualInterface", + "description": "Grants permission to create a new transit virtual interface", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_CreateTransitVirtualInterface.html" + }, + "DeleteBGPPeer": { + "privilege": "DeleteBGPPeer", + "description": "Grants permission to delete the specified BGP peer on the specified virtual interface with the specified customer address and ASN", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteBGPPeer.html" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete the connection", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteConnection.html" + }, + "DeleteDirectConnectGateway": { + "privilege": "DeleteDirectConnectGateway", + "description": "Grants permission to delete the specified Direct Connect gateway", + "access_level": "Write", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteDirectConnectGateway.html" + }, + "DeleteDirectConnectGatewayAssociation": { + "privilege": "DeleteDirectConnectGatewayAssociation", + "description": "Grants permission to delete the association between the specified Direct Connect gateway and virtual private gateway", + "access_level": "Write", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteDirectConnectGatewayAssociation.html" + }, + "DeleteDirectConnectGatewayAssociationProposal": { + "privilege": "DeleteDirectConnectGatewayAssociationProposal", + "description": "Grants permission to delete the association proposal request between the specified Direct Connect gateway and virtual private gateway", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteDirectConnectGatewayAssociationProposal.html" + }, + "DeleteInterconnect": { + "privilege": "DeleteInterconnect", + "description": "Grants permission to delete the specified interconnect", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteInterconnect.html" + }, + "DeleteLag": { + "privilege": "DeleteLag", + "description": "Grants permission to delete the specified link aggregation group (LAG)", + "access_level": "Write", + "resource_types": { + "dxlag": { + "resource_type": "dxlag", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteLag.html" + }, + "DeleteVirtualInterface": { + "privilege": "DeleteVirtualInterface", + "description": "Grants permission to delete a virtual interface", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DeleteVirtualInterface.html" + }, + "DescribeConnectionLoa": { + "privilege": "DescribeConnectionLoa", + "description": "Grants permission to describe the LOA-CFA for a Connection", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeConnectionLoa.html" + }, + "DescribeConnections": { + "privilege": "DescribeConnections", + "description": "Grants permission to describe all connections in this region", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeConnections.html" + }, + "DescribeConnectionsOnInterconnect": { + "privilege": "DescribeConnectionsOnInterconnect", + "description": "Grants permission to describe a list of connections that have been provisioned on the given interconnect", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeConnectionsOnInterconnect.html" + }, + "DescribeCustomerMetadata": { + "privilege": "DescribeCustomerMetadata", + "description": "Grants permission to view a list of customer agreements, along with their signed status and whether the customer is an NNIPartner, NNIPartnerV2, or a nonPartner", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeCustomerMetadata.html" + }, + "DescribeDirectConnectGatewayAssociationProposals": { + "privilege": "DescribeDirectConnectGatewayAssociationProposals", + "description": "Grants permission to describe one or more association proposals for connection between a virtual private gateway and a Direct Connect gateway", + "access_level": "Read", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGatewayAssociationProposals.html" + }, + "DescribeDirectConnectGatewayAssociations": { + "privilege": "DescribeDirectConnectGatewayAssociations", + "description": "Grants permission to describe the associations between your Direct Connect gateways and virtual private gateways", + "access_level": "Read", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGatewayAssociations.html" + }, + "DescribeDirectConnectGatewayAttachments": { + "privilege": "DescribeDirectConnectGatewayAttachments", + "description": "Grants permission to describe the attachments between your Direct Connect gateways and virtual interfaces", + "access_level": "Read", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGatewayAttachments.html" + }, + "DescribeDirectConnectGateways": { + "privilege": "DescribeDirectConnectGateways", + "description": "Grants permission to describe all your Direct Connect gateways or only the specified Direct Connect gateway", + "access_level": "Read", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeDirectConnectGateways.html" + }, + "DescribeHostedConnections": { + "privilege": "DescribeHostedConnections", + "description": "Grants permission to describe the hosted connections that have been provisioned on the specified interconnect or link aggregation group (LAG)", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeHostedConnections.html" + }, + "DescribeInterconnectLoa": { + "privilege": "DescribeInterconnectLoa", + "description": "Grants permission to describe the LOA-CFA for an Interconnect", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeInterconnectLoa.html" + }, + "DescribeInterconnects": { + "privilege": "DescribeInterconnects", + "description": "Grants permission to describe a list of interconnects owned by the AWS account", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeInterconnects.html" + }, + "DescribeLags": { + "privilege": "DescribeLags", + "description": "Grants permission to describe all your link aggregation groups (LAG) or the specified LAG", + "access_level": "Read", + "resource_types": { + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLags.html" + }, + "DescribeLoa": { + "privilege": "DescribeLoa", + "description": "Grants permission to describe the LOA-CFA for a connection, interconnect, or link aggregation group (LAG)", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLoa.html" + }, + "DescribeLocations": { + "privilege": "DescribeLocations", + "description": "Grants permission to describe the list of AWS Direct Connect locations in the current AWS region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeLocations.html" + }, + "DescribeRouterConfiguration": { + "privilege": "DescribeRouterConfiguration", + "description": "Grants permission to describe Details about the router for a virtual interface", + "access_level": "Read", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeRouterConfiguration.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to describe the tags associated with the specified AWS Direct Connect resources", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxvif": { + "resource_type": "dxvif", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeTags.html" + }, + "DescribeVirtualGateways": { + "privilege": "DescribeVirtualGateways", + "description": "Grants permission to describe a list of virtual private gateways owned by the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeVirtualGateways.html" + }, + "DescribeVirtualInterfaces": { + "privilege": "DescribeVirtualInterfaces", + "description": "Grants permission to describe all virtual interfaces for an AWS account", + "access_level": "Read", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxvif": { + "resource_type": "dxvif", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DescribeVirtualInterfaces.html" + }, + "DisassociateConnectionFromLag": { + "privilege": "DisassociateConnectionFromLag", + "description": "Grants permission to disassociate a connection from a link aggregation group (LAG)", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DisassociateConnectionFromLag.html" + }, + "DisassociateMacSecKey": { + "privilege": "DisassociateMacSecKey", + "description": "Grants permission to remove the association between a MAC Security (MACsec) security key and an AWS Direct Connect dedicated connection", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_DisassociateMacSecKey.html" + }, + "ListVirtualInterfaceTestHistory": { + "privilege": "ListVirtualInterfaceTestHistory", + "description": "Grants permission to list the virtual interface failover test history", + "access_level": "List", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_ListVirtualInterfaceTestHistory.html" + }, + "StartBgpFailoverTest": { + "privilege": "StartBgpFailoverTest", + "description": "Grants permission to start the virtual interface failover test that verifies your configuration meets your resiliency requirements by placing the BGP peering session in the DOWN state. You can then send traffic to verify that there are no outages", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_StartBgpFailoverTest.html" + }, + "StopBgpFailoverTest": { + "privilege": "StopBgpFailoverTest", + "description": "Grants permission to stop the virtual interface failover test", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_StopBgpFailoverTest.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add the specified tags to the specified AWS Direct Connect resource. Each resource can have a maximum of 50 tags", + "access_level": "Tagging", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxvif": { + "resource_type": "dxvif", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "dxvif": "dxvif", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from the specified AWS Direct Connect resource", + "access_level": "Tagging", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxlag": { + "resource_type": "dxlag", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dxvif": { + "resource_type": "dxvif", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "dxvif": "dxvif", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UntagResource.html" + }, + "UpdateConnection": { + "privilege": "UpdateConnection", + "description": "Grants permission to update the AWS Direct Connect dedicated connection configuration. You can update the following parameters for a connection: The connection name or The connection's MAC Security (MACsec) encryption mode", + "access_level": "Write", + "resource_types": { + "dxcon": { + "resource_type": "dxcon", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxcon": "dxcon" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateConnection.html" + }, + "UpdateDirectConnectGateway": { + "privilege": "UpdateDirectConnectGateway", + "description": "Grants permission to update the name of a Direct Connect gateway", + "access_level": "Write", + "resource_types": { + "dx-gateway": { + "resource_type": "dx-gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dx-gateway": "dx-gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateDirectConnectGateway.html" + }, + "UpdateDirectConnectGatewayAssociation": { + "privilege": "UpdateDirectConnectGatewayAssociation", + "description": "Grants permission to update the specified attributes of the Direct Connect gateway association", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateDirectConnectGatewayAssociation.html" + }, + "UpdateLag": { + "privilege": "UpdateLag", + "description": "Grants permission to update the attributes of the specified link aggregation group (LAG)", + "access_level": "Write", + "resource_types": { + "dxlag": { + "resource_type": "dxlag", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxlag": "dxlag" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateLag.html" + }, + "UpdateVirtualInterfaceAttributes": { + "privilege": "UpdateVirtualInterfaceAttributes", + "description": "Grants permission to update the specified attributes of the specified virtual private interface", + "access_level": "Write", + "resource_types": { + "dxvif": { + "resource_type": "dxvif", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dxvif": "dxvif" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directconnect/latest/APIReference/API_UpdateVirtualInterfaceAttributes.html" + } + }, + "privileges_lower_name": { + "acceptdirectconnectgatewayassociationproposal": "AcceptDirectConnectGatewayAssociationProposal", + "allocateconnectiononinterconnect": "AllocateConnectionOnInterconnect", + "allocatehostedconnection": "AllocateHostedConnection", + "allocateprivatevirtualinterface": "AllocatePrivateVirtualInterface", + "allocatepublicvirtualinterface": "AllocatePublicVirtualInterface", + "allocatetransitvirtualinterface": "AllocateTransitVirtualInterface", + "associateconnectionwithlag": "AssociateConnectionWithLag", + "associatehostedconnection": "AssociateHostedConnection", + "associatemacseckey": "AssociateMacSecKey", + "associatevirtualinterface": "AssociateVirtualInterface", + "confirmconnection": "ConfirmConnection", + "confirmcustomeragreement": "ConfirmCustomerAgreement", + "confirmprivatevirtualinterface": "ConfirmPrivateVirtualInterface", + "confirmpublicvirtualinterface": "ConfirmPublicVirtualInterface", + "confirmtransitvirtualinterface": "ConfirmTransitVirtualInterface", + "createbgppeer": "CreateBGPPeer", + "createconnection": "CreateConnection", + "createdirectconnectgateway": "CreateDirectConnectGateway", + "createdirectconnectgatewayassociation": "CreateDirectConnectGatewayAssociation", + "createdirectconnectgatewayassociationproposal": "CreateDirectConnectGatewayAssociationProposal", + "createinterconnect": "CreateInterconnect", + "createlag": "CreateLag", + "createprivatevirtualinterface": "CreatePrivateVirtualInterface", + "createpublicvirtualinterface": "CreatePublicVirtualInterface", + "createtransitvirtualinterface": "CreateTransitVirtualInterface", + "deletebgppeer": "DeleteBGPPeer", + "deleteconnection": "DeleteConnection", + "deletedirectconnectgateway": "DeleteDirectConnectGateway", + "deletedirectconnectgatewayassociation": "DeleteDirectConnectGatewayAssociation", + "deletedirectconnectgatewayassociationproposal": "DeleteDirectConnectGatewayAssociationProposal", + "deleteinterconnect": "DeleteInterconnect", + "deletelag": "DeleteLag", + "deletevirtualinterface": "DeleteVirtualInterface", + "describeconnectionloa": "DescribeConnectionLoa", + "describeconnections": "DescribeConnections", + "describeconnectionsoninterconnect": "DescribeConnectionsOnInterconnect", + "describecustomermetadata": "DescribeCustomerMetadata", + "describedirectconnectgatewayassociationproposals": "DescribeDirectConnectGatewayAssociationProposals", + "describedirectconnectgatewayassociations": "DescribeDirectConnectGatewayAssociations", + "describedirectconnectgatewayattachments": "DescribeDirectConnectGatewayAttachments", + "describedirectconnectgateways": "DescribeDirectConnectGateways", + "describehostedconnections": "DescribeHostedConnections", + "describeinterconnectloa": "DescribeInterconnectLoa", + "describeinterconnects": "DescribeInterconnects", + "describelags": "DescribeLags", + "describeloa": "DescribeLoa", + "describelocations": "DescribeLocations", + "describerouterconfiguration": "DescribeRouterConfiguration", + "describetags": "DescribeTags", + "describevirtualgateways": "DescribeVirtualGateways", + "describevirtualinterfaces": "DescribeVirtualInterfaces", + "disassociateconnectionfromlag": "DisassociateConnectionFromLag", + "disassociatemacseckey": "DisassociateMacSecKey", + "listvirtualinterfacetesthistory": "ListVirtualInterfaceTestHistory", + "startbgpfailovertest": "StartBgpFailoverTest", + "stopbgpfailovertest": "StopBgpFailoverTest", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateconnection": "UpdateConnection", + "updatedirectconnectgateway": "UpdateDirectConnectGateway", + "updatedirectconnectgatewayassociation": "UpdateDirectConnectGatewayAssociation", + "updatelag": "UpdateLag", + "updatevirtualinterfaceattributes": "UpdateVirtualInterfaceAttributes" + }, + "resources": { + "dxcon": { + "resource": "dxcon", + "arn": "arn:${Partition}:directconnect:${Region}:${Account}:dxcon/${ConnectionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dxlag": { + "resource": "dxlag", + "arn": "arn:${Partition}:directconnect:${Region}:${Account}:dxlag/${LagId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dxvif": { + "resource": "dxvif", + "arn": "arn:${Partition}:directconnect:${Region}:${Account}:dxvif/${VirtualInterfaceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dx-gateway": { + "resource": "dx-gateway", + "arn": "arn:${Partition}:directconnect::${Account}:dx-gateway/${DirectConnectGatewayId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "dxcon": "dxcon", + "dxlag": "dxlag", + "dxvif": "dxvif", + "dx-gateway": "dx-gateway" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by actions based on the presence of tag keys in the request", + "type": "String" + } + } + }, + "ds": { + "service_name": "AWS Directory Service", + "prefix": "ds", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdirectoryservice.html", + "privileges": { + "AcceptSharedDirectory": { + "privilege": "AcceptSharedDirectory", + "description": "Grants permission to accept a directory sharing request that was sent from the directory owner account", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AcceptSharedDirectory.html" + }, + "AddIpRoutes": { + "privilege": "AddIpRoutes", + "description": "Grants permission to add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:DescribeSecurityGroups" + ] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddIpRoutes.html" + }, + "AddRegion": { + "privilege": "AddRegion", + "description": "Grants permission to add two domain controllers in the specified Region for the specified directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateNetworkInterface", + "ec2:CreateSecurityGroup", + "ec2:CreateTags", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddRegion.html" + }, + "AddTagsToResource": { + "privilege": "AddTagsToResource", + "description": "Grants permission to add or overwrite one or more tags for the specified Amazon Directory Services directory", + "access_level": "Tagging", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_AddTagsToResource.html" + }, + "AuthorizeApplication": { + "privilege": "AuthorizeApplication", + "description": "Grants permission to authorize an application for your AWS Directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html" + }, + "CancelSchemaExtension": { + "privilege": "CancelSchemaExtension", + "description": "Grants permission to cancel an in-progress schema extension to a Microsoft AD directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CancelSchemaExtension.html" + }, + "CheckAlias": { + "privilege": "CheckAlias", + "description": "Grants permission to verify that the alias is available for use", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html" + }, + "ConnectDirectory": { + "privilege": "ConnectDirectory", + "description": "Grants permission to create an AD Connector to connect to an on-premises directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateNetworkInterface", + "ec2:CreateSecurityGroup", + "ec2:CreateTags", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ConnectDirectory.html" + }, + "CreateAlias": { + "privilege": "CreateAlias", + "description": "Grants permission to create an alias for a directory and assigns the alias to the directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateAlias.html" + }, + "CreateComputer": { + "privilege": "CreateComputer", + "description": "Grants permission to create a computer account in the specified directory, and joins the computer to the directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateComputer.html" + }, + "CreateConditionalForwarder": { + "privilege": "CreateConditionalForwarder", + "description": "Grants permission to create a conditional forwarder associated with your AWS directory", + "access_level": "Permissions management", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateConditionalForwarder.html" + }, + "CreateDirectory": { + "privilege": "CreateDirectory", + "description": "Grants permission to create a Simple AD directory", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateNetworkInterface", + "ec2:CreateSecurityGroup", + "ec2:CreateTags", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html" + }, + "CreateIdentityPoolDirectory": { + "privilege": "CreateIdentityPoolDirectory", + "description": "Grants permission to create an IdentityPool Directory in the AWS cloud", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html" + }, + "CreateLogSubscription": { + "privilege": "CreateLogSubscription", + "description": "Grants permission to create a subscription to forward real time Directory Service domain controller security logs to the specified CloudWatch log group in your AWS account", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateLogSubscription.html" + }, + "CreateMicrosoftAD": { + "privilege": "CreateMicrosoftAD", + "description": "Grants permission to create a Microsoft AD in the AWS cloud", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateNetworkInterface", + "ec2:CreateSecurityGroup", + "ec2:CreateTags", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateMicrosoftAD.html" + }, + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to create a snapshot of a Simple AD or Microsoft AD directory in the AWS cloud", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateSnapshot.html" + }, + "CreateTrust": { + "privilege": "CreateTrust", + "description": "Grants permission to initiate the creation of the AWS side of a trust relationship between a Microsoft AD in the AWS cloud and an external domain", + "access_level": "Permissions management", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateTrust.html" + }, + "DeleteConditionalForwarder": { + "privilege": "DeleteConditionalForwarder", + "description": "Grants permission to delete a conditional forwarder that has been set up for your AWS directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteConditionalForwarder.html" + }, + "DeleteDirectory": { + "privilege": "DeleteDirectory", + "description": "Grants permission to delete an AWS Directory Service directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteNetworkInterface", + "ec2:DeleteSecurityGroup", + "ec2:DescribeNetworkInterfaces", + "ec2:RevokeSecurityGroupEgress", + "ec2:RevokeSecurityGroupIngress" + ] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteDirectory.html" + }, + "DeleteLogSubscription": { + "privilege": "DeleteLogSubscription", + "description": "Grants permission to delete the specified log subscription", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteLogSubscription.html" + }, + "DeleteSnapshot": { + "privilege": "DeleteSnapshot", + "description": "Grants permission to delete a directory snapshot", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteSnapshot.html" + }, + "DeleteTrust": { + "privilege": "DeleteTrust", + "description": "Grants permission to delete an existing trust relationship between your Microsoft AD in the AWS cloud and an external domain", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeleteTrust.html" + }, + "DeregisterCertificate": { + "privilege": "DeregisterCertificate", + "description": "Grants permission to delete from the system the certificate that was registered for a secured LDAP connection", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeregisterCertificate.html" + }, + "DeregisterEventTopic": { + "privilege": "DeregisterEventTopic", + "description": "Grants permission to remove the specified directory as a publisher to the specified SNS topic", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DeregisterEventTopic.html" + }, + "DescribeCertificate": { + "privilege": "DescribeCertificate", + "description": "Grants permission to display information about the certificate registered for a secured LDAP connection", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeCertificate.html" + }, + "DescribeClientAuthenticationSettings": { + "privilege": "DescribeClientAuthenticationSettings", + "description": "Grants permission to retrieve information about the type of client authentication for the specified directory, if the type is specified. If no type is specified, information about all client authentication types that are supported for the specified directory is retrieved. Currently, only SmartCard is supported", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeClientAuthenticationSettings.html" + }, + "DescribeConditionalForwarders": { + "privilege": "DescribeConditionalForwarders", + "description": "Grants permission to obtain information about the conditional forwarders for this account", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeConditionalForwarders.html" + }, + "DescribeDirectories": { + "privilege": "DescribeDirectories", + "description": "Grants permission to obtain information about the directories that belong to this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDirectories.html" + }, + "DescribeDomainControllers": { + "privilege": "DescribeDomainControllers", + "description": "Grants permission to provide information about any domain controllers in your directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDomainControllers.html" + }, + "DescribeEventTopics": { + "privilege": "DescribeEventTopics", + "description": "Grants permission to obtain information about which SNS topics receive status messages from the specified directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeEventTopics.html" + }, + "DescribeLDAPSSettings": { + "privilege": "DescribeLDAPSSettings", + "description": "Grants permission to describe the status of LDAP security for the specified directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeLDAPSSettings.html" + }, + "DescribeRegions": { + "privilege": "DescribeRegions", + "description": "Grants permission to provide information about the Regions that are configured for multi-Region replication", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeRegions.html" + }, + "DescribeSettings": { + "privilege": "DescribeSettings", + "description": "Grants permission to retrieve information about the configurable settings for the specified directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSettings.html" + }, + "DescribeSharedDirectories": { + "privilege": "DescribeSharedDirectories", + "description": "Grants permission to return the shared directories in your account", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSharedDirectories.html" + }, + "DescribeSnapshots": { + "privilege": "DescribeSnapshots", + "description": "Grants permission to obtain information about the directory snapshots that belong to this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeSnapshots.html" + }, + "DescribeTrusts": { + "privilege": "DescribeTrusts", + "description": "Grants permission to obtain information about the trust relationships for this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeTrusts.html" + }, + "DescribeUpdateDirectory": { + "privilege": "DescribeUpdateDirectory", + "description": "Grants permission to describe the updates of a directory for a particular update type", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeUpdateDirectory.html" + }, + "DisableClientAuthentication": { + "privilege": "DisableClientAuthentication", + "description": "Grants permission to disable alternative client authentication methods for the specified directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableClientAuthentication.html" + }, + "DisableLDAPS": { + "privilege": "DisableLDAPS", + "description": "Grants permission to deactivate LDAP secure calls for the specified directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableLDAPS.html" + }, + "DisableRadius": { + "privilege": "DisableRadius", + "description": "Grants permission to disable multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableRadius.html" + }, + "DisableSso": { + "privilege": "DisableSso", + "description": "Grants permission to disable single-sign on for a directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableSso.html" + }, + "EnableClientAuthentication": { + "privilege": "EnableClientAuthentication", + "description": "Grants permission to enable alternative client authentication methods for the specified directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableClientAuthentication.html" + }, + "EnableLDAPS": { + "privilege": "EnableLDAPS", + "description": "Grants permission to activate the switch for the specific directory to always use LDAP secure calls", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableLDAPS.html" + }, + "EnableRadius": { + "privilege": "EnableRadius", + "description": "Grants permission to enable multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableRadius.html" + }, + "EnableSso": { + "privilege": "EnableSso", + "description": "Grants permission to enable single-sign on for a directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableSso.html" + }, + "GetAuthorizedApplicationDetails": { + "privilege": "GetAuthorizedApplicationDetails", + "description": "Grants permission to retrieve the details of the authorized applications on a directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html" + }, + "GetDirectoryLimits": { + "privilege": "GetDirectoryLimits", + "description": "Grants permission to obtain directory limit information for the current region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_GetDirectoryLimits.html" + }, + "GetSnapshotLimits": { + "privilege": "GetSnapshotLimits", + "description": "Grants permission to obtain the manual snapshot limits for a directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_GetSnapshotLimits.html" + }, + "ListAuthorizedApplications": { + "privilege": "ListAuthorizedApplications", + "description": "Grants permission to obtain the AWS applications authorized for a directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html" + }, + "ListCertificates": { + "privilege": "ListCertificates", + "description": "Grants permission to list all the certificates registered for a secured LDAP connection, for the specified directory", + "access_level": "List", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListCertificates.html" + }, + "ListIpRoutes": { + "privilege": "ListIpRoutes", + "description": "Grants permission to list the address blocks that you have added to a directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListIpRoutes.html" + }, + "ListLogSubscriptions": { + "privilege": "ListLogSubscriptions", + "description": "Grants permission to list the active log subscriptions for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListLogSubscriptions.html" + }, + "ListSchemaExtensions": { + "privilege": "ListSchemaExtensions", + "description": "Grants permission to list all schema extensions applied to a Microsoft AD Directory", + "access_level": "List", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListSchemaExtensions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags on an Amazon Directory Services directory", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ListTagsForResource.html" + }, + "RegisterCertificate": { + "privilege": "RegisterCertificate", + "description": "Grants permission to register a certificate for secured LDAP connection", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RegisterCertificate.html" + }, + "RegisterEventTopic": { + "privilege": "RegisterEventTopic", + "description": "Grants permission to associate a directory with an SNS topic", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sns:GetTopicAttributes" + ] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RegisterEventTopic.html" + }, + "RejectSharedDirectory": { + "privilege": "RejectSharedDirectory", + "description": "Grants permission to reject a directory sharing request that was sent from the directory owner account", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RejectSharedDirectory.html" + }, + "RemoveIpRoutes": { + "privilege": "RemoveIpRoutes", + "description": "Grants permission to remove IP address blocks from a directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveIpRoutes.html" + }, + "RemoveRegion": { + "privilege": "RemoveRegion", + "description": "Grants permission to stop all replication and removes the domain controllers from the specified Region. You cannot remove the primary Region with this operation", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveRegion.html" + }, + "RemoveTagsFromResource": { + "privilege": "RemoveTagsFromResource", + "description": "Grants permission to remove tags from an Amazon Directory Services directory", + "access_level": "Tagging", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:DeleteTags" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RemoveTagsFromResource.html" + }, + "ResetUserPassword": { + "privilege": "ResetUserPassword", + "description": "Grants permission to reset the password for any user in your AWS Managed Microsoft AD or Simple AD directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html" + }, + "RestoreFromSnapshot": { + "privilege": "RestoreFromSnapshot", + "description": "Grants permission to restore a directory using an existing directory snapshot", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_RestoreFromSnapshot.html" + }, + "ShareDirectory": { + "privilege": "ShareDirectory", + "description": "Grants permission to share a specified directory in your AWS account (directory owner) with another AWS account (directory consumer). With this operation you can use your directory from any AWS account and from any Amazon VPC within an AWS Region", + "access_level": "Permissions management", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ShareDirectory.html" + }, + "StartSchemaExtension": { + "privilege": "StartSchemaExtension", + "description": "Grants permission to apply a schema extension to a Microsoft AD directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_StartSchemaExtension.html" + }, + "UnauthorizeApplication": { + "privilege": "UnauthorizeApplication", + "description": "Grants permission to unauthorize an application from your AWS Directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html" + }, + "UnshareDirectory": { + "privilege": "UnshareDirectory", + "description": "Grants permission to stop the directory sharing between the directory owner and consumer accounts", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UnshareDirectory.html" + }, + "UpdateAuthorizedApplication": { + "privilege": "UpdateAuthorizedApplication", + "description": "Grants permission to update an authorized application for your AWS Directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html" + }, + "UpdateConditionalForwarder": { + "privilege": "UpdateConditionalForwarder", + "description": "Grants permission to update a conditional forwarder that has been set up for your AWS directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateConditionalForwarder.html" + }, + "UpdateDirectorySetup": { + "privilege": "UpdateDirectorySetup", + "description": "Grants permission to update the directory for a particular update type", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateDirectorySetup.html" + }, + "UpdateNumberOfDomainControllers": { + "privilege": "UpdateNumberOfDomainControllers", + "description": "Grants permission to add or remove domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateNumberOfDomainControllers.html" + }, + "UpdateRadius": { + "privilege": "UpdateRadius", + "description": "Grants permission to update the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateRadius.html" + }, + "UpdateSettings": { + "privilege": "UpdateSettings", + "description": "Grants permission to update the configurable settings for the specified directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateSettings.html" + }, + "UpdateTrust": { + "privilege": "UpdateTrust", + "description": "Grants permission to update the trust that has been set up between your AWS Managed Microsoft AD directory and an on-premises Active Directory", + "access_level": "Write", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_UpdateTrust.html" + }, + "VerifyTrust": { + "privilege": "VerifyTrust", + "description": "Grants permission to verify a trust relationship between your Microsoft AD in the AWS cloud and an external domain", + "access_level": "Read", + "resource_types": { + "directory": { + "resource_type": "directory", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "directory": "directory" + }, + "api_documentation_link": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_VerifyTrust.html" + } + }, + "privileges_lower_name": { + "acceptshareddirectory": "AcceptSharedDirectory", + "addiproutes": "AddIpRoutes", + "addregion": "AddRegion", + "addtagstoresource": "AddTagsToResource", + "authorizeapplication": "AuthorizeApplication", + "cancelschemaextension": "CancelSchemaExtension", + "checkalias": "CheckAlias", + "connectdirectory": "ConnectDirectory", + "createalias": "CreateAlias", + "createcomputer": "CreateComputer", + "createconditionalforwarder": "CreateConditionalForwarder", + "createdirectory": "CreateDirectory", + "createidentitypooldirectory": "CreateIdentityPoolDirectory", + "createlogsubscription": "CreateLogSubscription", + "createmicrosoftad": "CreateMicrosoftAD", + "createsnapshot": "CreateSnapshot", + "createtrust": "CreateTrust", + "deleteconditionalforwarder": "DeleteConditionalForwarder", + "deletedirectory": "DeleteDirectory", + "deletelogsubscription": "DeleteLogSubscription", + "deletesnapshot": "DeleteSnapshot", + "deletetrust": "DeleteTrust", + "deregistercertificate": "DeregisterCertificate", + "deregistereventtopic": "DeregisterEventTopic", + "describecertificate": "DescribeCertificate", + "describeclientauthenticationsettings": "DescribeClientAuthenticationSettings", + "describeconditionalforwarders": "DescribeConditionalForwarders", + "describedirectories": "DescribeDirectories", + "describedomaincontrollers": "DescribeDomainControllers", + "describeeventtopics": "DescribeEventTopics", + "describeldapssettings": "DescribeLDAPSSettings", + "describeregions": "DescribeRegions", + "describesettings": "DescribeSettings", + "describeshareddirectories": "DescribeSharedDirectories", + "describesnapshots": "DescribeSnapshots", + "describetrusts": "DescribeTrusts", + "describeupdatedirectory": "DescribeUpdateDirectory", + "disableclientauthentication": "DisableClientAuthentication", + "disableldaps": "DisableLDAPS", + "disableradius": "DisableRadius", + "disablesso": "DisableSso", + "enableclientauthentication": "EnableClientAuthentication", + "enableldaps": "EnableLDAPS", + "enableradius": "EnableRadius", + "enablesso": "EnableSso", + "getauthorizedapplicationdetails": "GetAuthorizedApplicationDetails", + "getdirectorylimits": "GetDirectoryLimits", + "getsnapshotlimits": "GetSnapshotLimits", + "listauthorizedapplications": "ListAuthorizedApplications", + "listcertificates": "ListCertificates", + "listiproutes": "ListIpRoutes", + "listlogsubscriptions": "ListLogSubscriptions", + "listschemaextensions": "ListSchemaExtensions", + "listtagsforresource": "ListTagsForResource", + "registercertificate": "RegisterCertificate", + "registereventtopic": "RegisterEventTopic", + "rejectshareddirectory": "RejectSharedDirectory", + "removeiproutes": "RemoveIpRoutes", + "removeregion": "RemoveRegion", + "removetagsfromresource": "RemoveTagsFromResource", + "resetuserpassword": "ResetUserPassword", + "restorefromsnapshot": "RestoreFromSnapshot", + "sharedirectory": "ShareDirectory", + "startschemaextension": "StartSchemaExtension", + "unauthorizeapplication": "UnauthorizeApplication", + "unsharedirectory": "UnshareDirectory", + "updateauthorizedapplication": "UpdateAuthorizedApplication", + "updateconditionalforwarder": "UpdateConditionalForwarder", + "updatedirectorysetup": "UpdateDirectorySetup", + "updatenumberofdomaincontrollers": "UpdateNumberOfDomainControllers", + "updateradius": "UpdateRadius", + "updatesettings": "UpdateSettings", + "updatetrust": "UpdateTrust", + "verifytrust": "VerifyTrust" + }, + "resources": { + "directory": { + "resource": "directory", + "arn": "arn:${Partition}:ds:${Region}:${Account}:directory/${DirectoryId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "directory": "directory" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the value of the request to AWS DS", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the AWS DS Resource being acted upon", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "elasticbeanstalk": { + "service_name": "AWS Elastic Beanstalk", + "prefix": "elasticbeanstalk", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticbeanstalk.html", + "privileges": { + "AbortEnvironmentUpdate": { + "privilege": "AbortEnvironmentUpdate", + "description": "Grants permission to cancel in-progress environment configuration update or application version deployment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_AbortEnvironmentUpdate.html" + }, + "AddTags": { + "privilege": "AddTags", + "description": "Grants permission to add tags to an Elastic Beanstalk resource and to update tag values", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "applicationversion": { + "resource_type": "applicationversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "platform": { + "resource_type": "platform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "applicationversion": "applicationversion", + "configurationtemplate": "configurationtemplate", + "environment": "environment", + "platform": "platform", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateTagsForResource.html" + }, + "ApplyEnvironmentManagedAction": { + "privilege": "ApplyEnvironmentManagedAction", + "description": "Grants permission to apply a scheduled managed action immediately", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ApplyEnvironmentManagedAction.html" + }, + "AssociateEnvironmentOperationsRole": { + "privilege": "AssociateEnvironmentOperationsRole", + "description": "Grants permission to associate an operations role with an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_AssociateEnvironmentOperationsRole.html" + }, + "CheckDNSAvailability": { + "privilege": "CheckDNSAvailability", + "description": "Grants permission to check CNAME availability", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CheckDNSAvailability.html" + }, + "ComposeEnvironments": { + "privilege": "ComposeEnvironments", + "description": "Grants permission to create or update a group of environments, each running a separate component of a single application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "applicationversion": { + "resource_type": "applicationversion", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "applicationversion": "applicationversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ComposeEnvironments.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create a new application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateApplication.html" + }, + "CreateApplicationVersion": { + "privilege": "CreateApplicationVersion", + "description": "Grants permission to create an application version for an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "applicationversion": { + "resource_type": "applicationversion", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "applicationversion": "applicationversion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateApplicationVersion.html" + }, + "CreateConfigurationTemplate": { + "privilege": "CreateConfigurationTemplate", + "description": "Grants permission to create a configuration template", + "access_level": "Write", + "resource_types": { + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticbeanstalk:FromApplication", + "elasticbeanstalk:FromApplicationVersion", + "elasticbeanstalk:FromConfigurationTemplate", + "elasticbeanstalk:FromEnvironment", + "elasticbeanstalk:FromSolutionStack", + "elasticbeanstalk:FromPlatform", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationtemplate": "configurationtemplate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateConfigurationTemplate.html" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to launch an environment for an application", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticbeanstalk:FromApplicationVersion", + "elasticbeanstalk:FromConfigurationTemplate", + "elasticbeanstalk:FromSolutionStack", + "elasticbeanstalk:FromPlatform", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateEnvironment.html" + }, + "CreatePlatformVersion": { + "privilege": "CreatePlatformVersion", + "description": "Grants permission to create a new version of a custom platform", + "access_level": "Write", + "resource_types": { + "platform": { + "resource_type": "platform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "platform": "platform", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreatePlatformVersion.html" + }, + "CreateStorageLocation": { + "privilege": "CreateStorageLocation", + "description": "Grants permission to create the Amazon S3 storage location for the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_CreateStorageLocation.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application along with all associated versions and configurations", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteApplication.html" + }, + "DeleteApplicationVersion": { + "privilege": "DeleteApplicationVersion", + "description": "Grants permission to delete an application version from an application", + "access_level": "Write", + "resource_types": { + "applicationversion": { + "resource_type": "applicationversion", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationversion": "applicationversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteApplicationVersion.html" + }, + "DeleteConfigurationTemplate": { + "privilege": "DeleteConfigurationTemplate", + "description": "Grants permission to delete a configuration template", + "access_level": "Write", + "resource_types": { + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationtemplate": "configurationtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteConfigurationTemplate.html" + }, + "DeleteEnvironmentConfiguration": { + "privilege": "DeleteEnvironmentConfiguration", + "description": "Grants permission to delete the draft configuration associated with the running environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeleteEnvironmentConfiguration.html" + }, + "DeletePlatformVersion": { + "privilege": "DeletePlatformVersion", + "description": "Grants permission to delete a version of a custom platform", + "access_level": "Write", + "resource_types": { + "platform": { + "resource_type": "platform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "platform": "platform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DeletePlatformVersion.html" + }, + "DescribeAccountAttributes": { + "privilege": "DescribeAccountAttributes", + "description": "Grants permission to retrieve a list of account attributes, including resource quotas", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeAccountAttributes.html" + }, + "DescribeApplicationVersions": { + "privilege": "DescribeApplicationVersions", + "description": "Grants permission to retrieve a list of application versions stored in an AWS Elastic Beanstalk storage bucket", + "access_level": "List", + "resource_types": { + "applicationversion": { + "resource_type": "applicationversion", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationversion": "applicationversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeApplicationVersions.html" + }, + "DescribeApplications": { + "privilege": "DescribeApplications", + "description": "Grants permission to retrieve the descriptions of existing applications", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeApplications.html" + }, + "DescribeConfigurationOptions": { + "privilege": "DescribeConfigurationOptions", + "description": "Grants permission to retrieve descriptions of environment configuration options", + "access_level": "Read", + "resource_types": { + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "solutionstack": { + "resource_type": "solutionstack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationtemplate": "configurationtemplate", + "environment": "environment", + "solutionstack": "solutionstack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeConfigurationOptions.html" + }, + "DescribeConfigurationSettings": { + "privilege": "DescribeConfigurationSettings", + "description": "Grants permission to retrieve a description of the settings for a configuration set", + "access_level": "Read", + "resource_types": { + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationtemplate": "configurationtemplate", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeConfigurationSettings.html" + }, + "DescribeEnvironmentHealth": { + "privilege": "DescribeEnvironmentHealth", + "description": "Grants permission to retrieve information about the overall health of an environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentHealth.html" + }, + "DescribeEnvironmentManagedActionHistory": { + "privilege": "DescribeEnvironmentManagedActionHistory", + "description": "Grants permission to retrieve a list of an environment's completed and failed managed actions", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentManagedActionHistory.html" + }, + "DescribeEnvironmentManagedActions": { + "privilege": "DescribeEnvironmentManagedActions", + "description": "Grants permission to retrieve a list of an environment's upcoming and in-progress managed actions", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentManagedActions.html" + }, + "DescribeEnvironmentResources": { + "privilege": "DescribeEnvironmentResources", + "description": "Grants permission to retrieve a list of AWS resources for an environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironmentResources.html" + }, + "DescribeEnvironments": { + "privilege": "DescribeEnvironments", + "description": "Grants permission to retrieve descriptions for existing environments", + "access_level": "List", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to retrieve a list of event descriptions matching a set of criteria", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "applicationversion": { + "resource_type": "applicationversion", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "applicationversion": "applicationversion", + "configurationtemplate": "configurationtemplate", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEvents.html" + }, + "DescribeInstancesHealth": { + "privilege": "DescribeInstancesHealth", + "description": "Grants permission to retrieve more detailed information about the health of environment instances", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeInstancesHealth.html" + }, + "DescribePlatformVersion": { + "privilege": "DescribePlatformVersion", + "description": "Grants permission to retrieve a description of a platform version", + "access_level": "Read", + "resource_types": { + "platform": { + "resource_type": "platform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "platform": "platform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribePlatformVersion.html" + }, + "DisassociateEnvironmentOperationsRole": { + "privilege": "DisassociateEnvironmentOperationsRole", + "description": "Grants permission to disassociate an operations role with an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DisassociateEnvironmentOperationsRole.html" + }, + "ListAvailableSolutionStacks": { + "privilege": "ListAvailableSolutionStacks", + "description": "Grants permission to retrieve a list of the available solution stack names", + "access_level": "List", + "resource_types": { + "solutionstack": { + "resource_type": "solutionstack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "solutionstack": "solutionstack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html" + }, + "ListPlatformBranches": { + "privilege": "ListPlatformBranches", + "description": "Grants permission to retrieve a list of the available platform branches", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListPlatformBranches.html" + }, + "ListPlatformVersions": { + "privilege": "ListPlatformVersions", + "description": "Grants permission to retrieve a list of the available platforms", + "access_level": "List", + "resource_types": { + "platform": { + "resource_type": "platform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "platform": "platform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListPlatformVersions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of tags of an Elastic Beanstalk resource", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "applicationversion": { + "resource_type": "applicationversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "platform": { + "resource_type": "platform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "applicationversion": "applicationversion", + "configurationtemplate": "configurationtemplate", + "environment": "environment", + "platform": "platform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListTagsForResource.html" + }, + "PutInstanceStatistics": { + "privilege": "PutInstanceStatistics", + "description": "Grants permission to submit instance statistics for enhanced health", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/health-enhanced.html#health-enhanced-authz" + }, + "RebuildEnvironment": { + "privilege": "RebuildEnvironment", + "description": "Grants permission to delete and recreate all of the AWS resources for an environment and to force a restart", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RebuildEnvironment.html" + }, + "RemoveTags": { + "privilege": "RemoveTags", + "description": "Grants permission to remove tags from an Elastic Beanstalk resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "applicationversion": { + "resource_type": "applicationversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "platform": { + "resource_type": "platform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "applicationversion": "applicationversion", + "configurationtemplate": "configurationtemplate", + "environment": "environment", + "platform": "platform", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateTagsForResource.html" + }, + "RequestEnvironmentInfo": { + "privilege": "RequestEnvironmentInfo", + "description": "Grants permission to initiate a request to compile information of the deployed environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RequestEnvironmentInfo.html" + }, + "RestartAppServer": { + "privilege": "RestartAppServer", + "description": "Grants permission to request an environment to restart the application container server running on each Amazon EC2 instance", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RestartAppServer.html" + }, + "RetrieveEnvironmentInfo": { + "privilege": "RetrieveEnvironmentInfo", + "description": "Grants permission to retrieve the compiled information from a RequestEnvironmentInfo request", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_RetrieveEnvironmentInfo.html" + }, + "SwapEnvironmentCNAMEs": { + "privilege": "SwapEnvironmentCNAMEs", + "description": "Grants permission to swap the CNAMEs of two environments", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticbeanstalk:FromEnvironment" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_SwapEnvironmentCNAMEs.html" + }, + "TerminateEnvironment": { + "privilege": "TerminateEnvironment", + "description": "Grants permission to terminate an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_TerminateEnvironment.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update an application with specified properties", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateApplication.html" + }, + "UpdateApplicationResourceLifecycle": { + "privilege": "UpdateApplicationResourceLifecycle", + "description": "Grants permission to update the application version lifecycle policy associated with the application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateApplicationResourceLifecycle.html" + }, + "UpdateApplicationVersion": { + "privilege": "UpdateApplicationVersion", + "description": "Grants permission to update an application version with specified properties", + "access_level": "Write", + "resource_types": { + "applicationversion": { + "resource_type": "applicationversion", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationversion": "applicationversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateApplicationVersion.html" + }, + "UpdateConfigurationTemplate": { + "privilege": "UpdateConfigurationTemplate", + "description": "Grants permission to update a configuration template with specified properties or configuration option values", + "access_level": "Write", + "resource_types": { + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticbeanstalk:FromApplication", + "elasticbeanstalk:FromApplicationVersion", + "elasticbeanstalk:FromConfigurationTemplate", + "elasticbeanstalk:FromEnvironment", + "elasticbeanstalk:FromSolutionStack", + "elasticbeanstalk:FromPlatform" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationtemplate": "configurationtemplate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateConfigurationTemplate.html" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to update an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "elasticbeanstalk:FromApplicationVersion", + "elasticbeanstalk:FromConfigurationTemplate", + "elasticbeanstalk:FromSolutionStack", + "elasticbeanstalk:FromPlatform" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateEnvironment.html" + }, + "UpdateTagsForResource": { + "privilege": "UpdateTagsForResource", + "description": "Grants permission to add tags to an Elastic Beanstalk resource, remove tags, and to update tag values", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "applicationversion": { + "resource_type": "applicationversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "platform": { + "resource_type": "platform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "applicationversion": "applicationversion", + "configurationtemplate": "configurationtemplate", + "environment": "environment", + "platform": "platform", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_UpdateTagsForResource.html" + }, + "ValidateConfigurationSettings": { + "privilege": "ValidateConfigurationSettings", + "description": "Grants permission to check the validity of a set of configuration settings for a configuration template or an environment", + "access_level": "Read", + "resource_types": { + "configurationtemplate": { + "resource_type": "configurationtemplate", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [ + "elasticbeanstalk:InApplication" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "configurationtemplate": "configurationtemplate", + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ValidateConfigurationSettings.html" + } + }, + "privileges_lower_name": { + "abortenvironmentupdate": "AbortEnvironmentUpdate", + "addtags": "AddTags", + "applyenvironmentmanagedaction": "ApplyEnvironmentManagedAction", + "associateenvironmentoperationsrole": "AssociateEnvironmentOperationsRole", + "checkdnsavailability": "CheckDNSAvailability", + "composeenvironments": "ComposeEnvironments", + "createapplication": "CreateApplication", + "createapplicationversion": "CreateApplicationVersion", + "createconfigurationtemplate": "CreateConfigurationTemplate", + "createenvironment": "CreateEnvironment", + "createplatformversion": "CreatePlatformVersion", + "createstoragelocation": "CreateStorageLocation", + "deleteapplication": "DeleteApplication", + "deleteapplicationversion": "DeleteApplicationVersion", + "deleteconfigurationtemplate": "DeleteConfigurationTemplate", + "deleteenvironmentconfiguration": "DeleteEnvironmentConfiguration", + "deleteplatformversion": "DeletePlatformVersion", + "describeaccountattributes": "DescribeAccountAttributes", + "describeapplicationversions": "DescribeApplicationVersions", + "describeapplications": "DescribeApplications", + "describeconfigurationoptions": "DescribeConfigurationOptions", + "describeconfigurationsettings": "DescribeConfigurationSettings", + "describeenvironmenthealth": "DescribeEnvironmentHealth", + "describeenvironmentmanagedactionhistory": "DescribeEnvironmentManagedActionHistory", + "describeenvironmentmanagedactions": "DescribeEnvironmentManagedActions", + "describeenvironmentresources": "DescribeEnvironmentResources", + "describeenvironments": "DescribeEnvironments", + "describeevents": "DescribeEvents", + "describeinstanceshealth": "DescribeInstancesHealth", + "describeplatformversion": "DescribePlatformVersion", + "disassociateenvironmentoperationsrole": "DisassociateEnvironmentOperationsRole", + "listavailablesolutionstacks": "ListAvailableSolutionStacks", + "listplatformbranches": "ListPlatformBranches", + "listplatformversions": "ListPlatformVersions", + "listtagsforresource": "ListTagsForResource", + "putinstancestatistics": "PutInstanceStatistics", + "rebuildenvironment": "RebuildEnvironment", + "removetags": "RemoveTags", + "requestenvironmentinfo": "RequestEnvironmentInfo", + "restartappserver": "RestartAppServer", + "retrieveenvironmentinfo": "RetrieveEnvironmentInfo", + "swapenvironmentcnames": "SwapEnvironmentCNAMEs", + "terminateenvironment": "TerminateEnvironment", + "updateapplication": "UpdateApplication", + "updateapplicationresourcelifecycle": "UpdateApplicationResourceLifecycle", + "updateapplicationversion": "UpdateApplicationVersion", + "updateconfigurationtemplate": "UpdateConfigurationTemplate", + "updateenvironment": "UpdateEnvironment", + "updatetagsforresource": "UpdateTagsForResource", + "validateconfigurationsettings": "ValidateConfigurationSettings" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:application/${ApplicationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "applicationversion": { + "resource": "applicationversion", + "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:applicationversion/${ApplicationName}/${VersionLabel}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticbeanstalk:InApplication" + ] + }, + "configurationtemplate": { + "resource": "configurationtemplate", + "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:configurationtemplate/${ApplicationName}/${TemplateName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticbeanstalk:InApplication" + ] + }, + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:elasticbeanstalk:${Region}:${Account}:environment/${ApplicationName}/${EnvironmentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticbeanstalk:InApplication" + ] + }, + "solutionstack": { + "resource": "solutionstack", + "arn": "arn:${Partition}:elasticbeanstalk:${Region}::solutionstack/${SolutionStackName}", + "condition_keys": [] + }, + "platform": { + "resource": "platform", + "arn": "arn:${Partition}:elasticbeanstalk:${Region}::platform/${PlatformNameWithVersion}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "application": "application", + "applicationversion": "applicationversion", + "configurationtemplate": "configurationtemplate", + "environment": "environment", + "solutionstack": "solutionstack", + "platform": "platform" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "elasticbeanstalk:FromApplication": { + "condition": "elasticbeanstalk:FromApplication", + "description": "Filters access by an application as a dependency or a constraint on an input parameter", + "type": "ARN" + }, + "elasticbeanstalk:FromApplicationVersion": { + "condition": "elasticbeanstalk:FromApplicationVersion", + "description": "Filters access by an application version as a dependency or a constraint on an input parameter", + "type": "ARN" + }, + "elasticbeanstalk:FromConfigurationTemplate": { + "condition": "elasticbeanstalk:FromConfigurationTemplate", + "description": "Filters access by a configuration template as a dependency or a constraint on an input parameter", + "type": "ARN" + }, + "elasticbeanstalk:FromEnvironment": { + "condition": "elasticbeanstalk:FromEnvironment", + "description": "Filters access by an environment as a dependency or a constraint on an input parameter", + "type": "ARN" + }, + "elasticbeanstalk:FromPlatform": { + "condition": "elasticbeanstalk:FromPlatform", + "description": "Filters access by a platform as a dependency or a constraint on an input parameter", + "type": "ARN" + }, + "elasticbeanstalk:FromSolutionStack": { + "condition": "elasticbeanstalk:FromSolutionStack", + "description": "Filters access by a solution stack as a dependency or a constraint on an input parameter", + "type": "ARN" + }, + "elasticbeanstalk:InApplication": { + "condition": "elasticbeanstalk:InApplication", + "description": "Filters access by the application that contains the resource that the action operates on", + "type": "ARN" + } + } + }, + "drs": { + "service_name": "AWS Elastic Disaster Recovery", + "prefix": "drs", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticdisasterrecovery.html", + "privileges": { + "AssociateFailbackClientToRecoveryInstanceForDrs": { + "privilege": "AssociateFailbackClientToRecoveryInstanceForDrs", + "description": "Grants permission to get associate failback client to recovery instance", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "AssociateSourceNetworkStack": { + "privilege": "AssociateSourceNetworkStack", + "description": "Grants permission to associate CloudFormation stack with source network", + "access_level": "Write", + "resource_types": { + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStackResource", + "cloudformation:DescribeStacks", + "drs:GetLaunchConfiguration", + "ec2:CreateLaunchTemplateVersion", + "ec2:DescribeLaunchTemplateVersions", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "ec2:ModifyLaunchTemplate" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcenetworkresource": "SourceNetworkResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_AssociateSourceNetworkStack.html" + }, + "BatchCreateVolumeSnapshotGroupForDrs": { + "privilege": "BatchCreateVolumeSnapshotGroupForDrs", + "description": "Grants permission to batch create volume snapshot group", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "BatchDeleteSnapshotRequestForDrs": { + "privilege": "BatchDeleteSnapshotRequestForDrs", + "description": "Grants permission to batch delete snapshot request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "CreateConvertedSnapshotForDrs": { + "privilege": "CreateConvertedSnapshotForDrs", + "description": "Grants permission to create converted snapshot", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "CreateExtendedSourceServer": { + "privilege": "CreateExtendedSourceServer", + "description": "Grants permission to extend a source server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "drs:DescribeSourceServers", + "drs:GetReplicationConfiguration" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateExtendedSourceServer.html" + }, + "CreateLaunchConfigurationTemplate": { + "privilege": "CreateLaunchConfigurationTemplate", + "description": "Grants permission to create launch configuration template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateLaunchConfigurationTemplate.html" + }, + "CreateRecoveryInstanceForDrs": { + "privilege": "CreateRecoveryInstanceForDrs", + "description": "Grants permission to create recovery instance", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "CreateReplicationConfigurationTemplate": { + "privilege": "CreateReplicationConfigurationTemplate", + "description": "Grants permission to create replication configuration template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:CreateSecurityGroup", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetEbsDefaultKmsKeyId", + "ec2:GetEbsEncryptionByDefault", + "kms:CreateGrant", + "kms:DescribeKey" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateReplicationConfigurationTemplate.html" + }, + "CreateSourceNetwork": { + "privilege": "CreateSourceNetwork", + "description": "Grants permission to create a source network", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:DescribeInstances", + "ec2:DescribeVpcs" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateSourceNetwork.html" + }, + "CreateSourceServerForDrs": { + "privilege": "CreateSourceServerForDrs", + "description": "Grants permission to create a source server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "DeleteJob": { + "privilege": "DeleteJob", + "description": "Grants permission to delete a job", + "access_level": "Write", + "resource_types": { + "JobResource": { + "resource_type": "JobResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobresource": "JobResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteJob.html" + }, + "DeleteLaunchConfigurationTemplate": { + "privilege": "DeleteLaunchConfigurationTemplate", + "description": "Grants permission to delete launch configuration template", + "access_level": "Write", + "resource_types": { + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteLaunchConfigurationTemplate.html" + }, + "DeleteRecoveryInstance": { + "privilege": "DeleteRecoveryInstance", + "description": "Grants permission to delete recovery instance", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteRecoveryInstance.html" + }, + "DeleteReplicationConfigurationTemplate": { + "privilege": "DeleteReplicationConfigurationTemplate", + "description": "Grants permission to delete replication configuration template", + "access_level": "Write", + "resource_types": { + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteReplicationConfigurationTemplate.html" + }, + "DeleteSourceNetwork": { + "privilege": "DeleteSourceNetwork", + "description": "Grants permission to delete source network", + "access_level": "Write", + "resource_types": { + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcenetworkresource": "SourceNetworkResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteSourceNetwork.html" + }, + "DeleteSourceServer": { + "privilege": "DeleteSourceServer", + "description": "Grants permission to delete source server", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteSourceServer.html" + }, + "DescribeJobLogItems": { + "privilege": "DescribeJobLogItems", + "description": "Grants permission to describe job log items", + "access_level": "Read", + "resource_types": { + "JobResource": { + "resource_type": "JobResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobresource": "JobResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeJobLogItems.html" + }, + "DescribeJobs": { + "privilege": "DescribeJobs", + "description": "Grants permission to describe jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeJobs.html" + }, + "DescribeLaunchConfigurationTemplates": { + "privilege": "DescribeLaunchConfigurationTemplates", + "description": "Grants permission to describe launch configuration template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeLaunchConfigurationTemplates.html" + }, + "DescribeRecoveryInstances": { + "privilege": "DescribeRecoveryInstances", + "description": "Grants permission to describe recovery instances", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "drs:DescribeSourceServers", + "ec2:DescribeInstances" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeRecoveryInstances.html" + }, + "DescribeRecoverySnapshots": { + "privilege": "DescribeRecoverySnapshots", + "description": "Grants permission to describe recovery snapshots", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeRecoverySnapshots.html" + }, + "DescribeReplicationConfigurationTemplates": { + "privilege": "DescribeReplicationConfigurationTemplates", + "description": "Grants permission to describe replication configuration template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeReplicationConfigurationTemplates.html" + }, + "DescribeReplicationServerAssociationsForDrs": { + "privilege": "DescribeReplicationServerAssociationsForDrs", + "description": "Grants permission to describe replication server associations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "DescribeSnapshotRequestsForDrs": { + "privilege": "DescribeSnapshotRequestsForDrs", + "description": "Grants permission to describe snapshot requests", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "DescribeSourceNetworks": { + "privilege": "DescribeSourceNetworks", + "description": "Grants permission to describe source networks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeSourceNetworks.html" + }, + "DescribeSourceServers": { + "privilege": "DescribeSourceServers", + "description": "Grants permission to describe source servers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeSourceServers.html" + }, + "DisconnectRecoveryInstance": { + "privilege": "DisconnectRecoveryInstance", + "description": "Grants permission to disconnect recovery instance", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DisconnectRecoveryInstance.html" + }, + "DisconnectSourceServer": { + "privilege": "DisconnectSourceServer", + "description": "Grants permission to disconnect source server", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DisconnectSourceServer.html" + }, + "ExportSourceNetworkCfnTemplate": { + "privilege": "ExportSourceNetworkCfnTemplate", + "description": "Grants permission to export CloudFormation template which contains source network resources", + "access_level": "Write", + "resource_types": { + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetBucketLocation", + "s3:GetObject", + "s3:PutObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcenetworkresource": "SourceNetworkResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ExportSourceNetworkCfnTemplate.html" + }, + "GetAgentCommandForDrs": { + "privilege": "GetAgentCommandForDrs", + "description": "Grants permission to get agent command", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetAgentConfirmedResumeInfoForDrs": { + "privilege": "GetAgentConfirmedResumeInfoForDrs", + "description": "Grants permission to get agent confirmed resume info", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetAgentInstallationAssetsForDrs": { + "privilege": "GetAgentInstallationAssetsForDrs", + "description": "Grants permission to get agent installation assets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetAgentReplicationInfoForDrs": { + "privilege": "GetAgentReplicationInfoForDrs", + "description": "Grants permission to get agent replication info", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetAgentRuntimeConfigurationForDrs": { + "privilege": "GetAgentRuntimeConfigurationForDrs", + "description": "Grants permission to get agent runtime configuration", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetAgentSnapshotCreditsForDrs": { + "privilege": "GetAgentSnapshotCreditsForDrs", + "description": "Grants permission to get agent snapshot credits", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetChannelCommandsForDrs": { + "privilege": "GetChannelCommandsForDrs", + "description": "Grants permission to get channel commands", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetFailbackCommandForDrs": { + "privilege": "GetFailbackCommandForDrs", + "description": "Grants permission to get failback command", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetFailbackLaunchRequestedForDrs": { + "privilege": "GetFailbackLaunchRequestedForDrs", + "description": "Grants permission to get failback launch requested", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "GetFailbackReplicationConfiguration": { + "privilege": "GetFailbackReplicationConfiguration", + "description": "Grants permission to get failback replication configuration", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_GetFailbackReplicationConfiguration.html" + }, + "GetLaunchConfiguration": { + "privilege": "GetLaunchConfiguration", + "description": "Grants permission to get launch configuration", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_GetLaunchConfiguration.html" + }, + "GetReplicationConfiguration": { + "privilege": "GetReplicationConfiguration", + "description": "Grants permission to get replication configuration", + "access_level": "Read", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_GetReplicationConfiguration.html" + }, + "GetSuggestedFailbackClientDeviceMappingForDrs": { + "privilege": "GetSuggestedFailbackClientDeviceMappingForDrs", + "description": "Grants permission to get suggested failback client device mapping", + "access_level": "Read", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "InitializeService": { + "privilege": "InitializeService", + "description": "Grants permission to initialize service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:AddRoleToInstanceProfile", + "iam:CreateInstanceProfile", + "iam:CreateServiceLinkedRole", + "iam:GetInstanceProfile" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_InitializeService.html" + }, + "IssueAgentCertificateForDrs": { + "privilege": "IssueAgentCertificateForDrs", + "description": "Grants permission to issue an agent certificate", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "ListExtensibleSourceServers": { + "privilege": "ListExtensibleSourceServers", + "description": "Grants permission to list extensible source servers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "drs:DescribeSourceServers" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ListExtensibleSourceServers.html" + }, + "ListStagingAccounts": { + "privilege": "ListStagingAccounts", + "description": "Grants permission to list staging accounts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ListStagingAccounts.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ListTagsForResource.html" + }, + "NotifyAgentAuthenticationForDrs": { + "privilege": "NotifyAgentAuthenticationForDrs", + "description": "Grants permission to notify agent authentication", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "NotifyAgentConnectedForDrs": { + "privilege": "NotifyAgentConnectedForDrs", + "description": "Grants permission to notify agent is connected", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "NotifyAgentDisconnectedForDrs": { + "privilege": "NotifyAgentDisconnectedForDrs", + "description": "Grants permission to notify agent is disconnected", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "NotifyAgentReplicationProgressForDrs": { + "privilege": "NotifyAgentReplicationProgressForDrs", + "description": "Grants permission to notify agent replication progress", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "NotifyConsistencyAttainedForDrs": { + "privilege": "NotifyConsistencyAttainedForDrs", + "description": "Grants permission to notify consistency attained", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "NotifyReplicationServerAuthenticationForDrs": { + "privilege": "NotifyReplicationServerAuthenticationForDrs", + "description": "Grants permission to notify replication server authentication", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "NotifyVolumeEventForDrs": { + "privilege": "NotifyVolumeEventForDrs", + "description": "Grants permission to notify replicator volume events", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "RetryDataReplication": { + "privilege": "RetryDataReplication", + "description": "Grants permission to retry data replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_RetryDataReplication.html" + }, + "ReverseReplication": { + "privilege": "ReverseReplication", + "description": "Grants permission to reverse replication", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "drs:DescribeReplicationConfigurationTemplates", + "drs:DescribeSourceServers", + "ec2:DescribeInstances" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_ReverseReplication.html" + }, + "SendAgentLogsForDrs": { + "privilege": "SendAgentLogsForDrs", + "description": "Grants permission to send agent logs", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "SendAgentMetricsForDrs": { + "privilege": "SendAgentMetricsForDrs", + "description": "Grants permission to send agent metrics", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "SendChannelCommandResultForDrs": { + "privilege": "SendChannelCommandResultForDrs", + "description": "Grants permission to send channel command result", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "SendClientLogsForDrs": { + "privilege": "SendClientLogsForDrs", + "description": "Grants permission to send client logs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "SendClientMetricsForDrs": { + "privilege": "SendClientMetricsForDrs", + "description": "Grants permission to send client metrics", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "SendVolumeStatsForDrs": { + "privilege": "SendVolumeStatsForDrs", + "description": "Grants permission to send volume throughput statistics", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "StartFailbackLaunch": { + "privilege": "StartFailbackLaunch", + "description": "Grants permission to start failback launch", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartFailbackLaunch.html" + }, + "StartRecovery": { + "privilege": "StartRecovery", + "description": "Grants permission to start recovery", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "drs:CreateRecoveryInstanceForDrs", + "drs:ListTagsForResource", + "ec2:AttachVolume", + "ec2:AuthorizeSecurityGroupEgress", + "ec2:AuthorizeSecurityGroupIngress", + "ec2:CreateLaunchTemplate", + "ec2:CreateLaunchTemplateVersion", + "ec2:CreateSnapshot", + "ec2:CreateTags", + "ec2:CreateVolume", + "ec2:DeleteLaunchTemplateVersions", + "ec2:DeleteSnapshot", + "ec2:DeleteVolume", + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeImages", + "ec2:DescribeInstanceAttribute", + "ec2:DescribeInstanceStatus", + "ec2:DescribeInstanceTypes", + "ec2:DescribeInstances", + "ec2:DescribeLaunchTemplateVersions", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSnapshots", + "ec2:DescribeSubnets", + "ec2:DescribeVolumes", + "ec2:DetachVolume", + "ec2:ModifyInstanceAttribute", + "ec2:ModifyLaunchTemplate", + "ec2:RevokeSecurityGroupEgress", + "ec2:RunInstances", + "ec2:StartInstances", + "ec2:StopInstances", + "ec2:TerminateInstances", + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartRecovery.html" + }, + "StartReplication": { + "privilege": "StartReplication", + "description": "Grants permission to start replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartReplication.html" + }, + "StartSourceNetworkRecovery": { + "privilege": "StartSourceNetworkRecovery", + "description": "Grants permission to start network recovery", + "access_level": "Write", + "resource_types": { + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:CreateStack", + "cloudformation:DescribeStackResource", + "cloudformation:DescribeStacks", + "cloudformation:UpdateStack", + "drs:GetLaunchConfiguration", + "ec2:CreateLaunchTemplateVersion", + "ec2:DescribeLaunchTemplateVersions", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "ec2:ModifyLaunchTemplate", + "s3:GetObject", + "s3:PutObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcenetworkresource": "SourceNetworkResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartSourceNetworkRecovery.html" + }, + "StartSourceNetworkReplication": { + "privilege": "StartSourceNetworkReplication", + "description": "Grants permission to start network replication", + "access_level": "Write", + "resource_types": { + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcenetworkresource": "SourceNetworkResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StartSourceNetworkReplication.html" + }, + "StopFailback": { + "privilege": "StopFailback", + "description": "Grants permission to stop failback", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StopFailback.html" + }, + "StopReplication": { + "privilege": "StopReplication", + "description": "Grants permission to stop replication", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StopReplication.html" + }, + "StopSourceNetworkReplication": { + "privilege": "StopSourceNetworkReplication", + "description": "Grants permission to stop network replication", + "access_level": "Write", + "resource_types": { + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcenetworkresource": "SourceNetworkResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_StopSourceNetworkReplication.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign a resource tag", + "access_level": "Tagging", + "resource_types": { + "JobResource": { + "resource_type": "JobResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "drs:CreateAction" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobresource": "JobResource", + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource", + "recoveryinstanceresource": "RecoveryInstanceResource", + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource", + "sourcenetworkresource": "SourceNetworkResource", + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_TagResource.html" + }, + "TerminateRecoveryInstances": { + "privilege": "TerminateRecoveryInstances", + "description": "Grants permission to terminate recovery instances", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "drs:DescribeSourceServers", + "ec2:DeleteVolume", + "ec2:DescribeInstances", + "ec2:DescribeVolumes", + "ec2:TerminateInstances" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_TerminateRecoveryInstances.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "JobResource": { + "resource_type": "JobResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceNetworkResource": { + "resource_type": "SourceNetworkResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobresource": "JobResource", + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource", + "recoveryinstanceresource": "RecoveryInstanceResource", + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource", + "sourcenetworkresource": "SourceNetworkResource", + "sourceserverresource": "SourceServerResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UntagResource.html" + }, + "UpdateAgentBacklogForDrs": { + "privilege": "UpdateAgentBacklogForDrs", + "description": "Grants permission to update agent backlog", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateAgentConversionInfoForDrs": { + "privilege": "UpdateAgentConversionInfoForDrs", + "description": "Grants permission to update agent conversion info", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateAgentReplicationInfoForDrs": { + "privilege": "UpdateAgentReplicationInfoForDrs", + "description": "Grants permission to update agent replication info", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateAgentReplicationProcessStateForDrs": { + "privilege": "UpdateAgentReplicationProcessStateForDrs", + "description": "Grants permission to update agent replication process state", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateAgentSourcePropertiesForDrs": { + "privilege": "UpdateAgentSourcePropertiesForDrs", + "description": "Grants permission to update agent source properties", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource", + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateFailbackClientDeviceMappingForDrs": { + "privilege": "UpdateFailbackClientDeviceMappingForDrs", + "description": "Grants permission to update failback client device mapping", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateFailbackClientLastSeenForDrs": { + "privilege": "UpdateFailbackClientLastSeenForDrs", + "description": "Grants permission to update failback client last seen", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateFailbackReplicationConfiguration": { + "privilege": "UpdateFailbackReplicationConfiguration", + "description": "Grants permission to update failback replication configuration", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateFailbackReplicationConfiguration.html" + }, + "UpdateLaunchConfiguration": { + "privilege": "UpdateLaunchConfiguration", + "description": "Grants permission to update launch configuration", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateLaunchConfiguration.html" + }, + "UpdateLaunchConfigurationTemplate": { + "privilege": "UpdateLaunchConfigurationTemplate", + "description": "Grants permission to update launch configuration", + "access_level": "Write", + "resource_types": { + "LaunchConfigurationTemplateResource": { + "resource_type": "LaunchConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateLaunchConfigurationTemplate.html" + }, + "UpdateReplicationCertificateForDrs": { + "privilege": "UpdateReplicationCertificateForDrs", + "description": "Grants permission to update a replication certificate", + "access_level": "Write", + "resource_types": { + "RecoveryInstanceResource": { + "resource_type": "RecoveryInstanceResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recoveryinstanceresource": "RecoveryInstanceResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html" + }, + "UpdateReplicationConfiguration": { + "privilege": "UpdateReplicationConfiguration", + "description": "Grants permission to update replication configuration", + "access_level": "Write", + "resource_types": { + "SourceServerResource": { + "resource_type": "SourceServerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateSecurityGroup", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetEbsDefaultKmsKeyId", + "ec2:GetEbsEncryptionByDefault", + "kms:CreateGrant", + "kms:DescribeKey" + ] + } + }, + "resource_types_lower_name": { + "sourceserverresource": "SourceServerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateReplicationConfiguration.html" + }, + "UpdateReplicationConfigurationTemplate": { + "privilege": "UpdateReplicationConfigurationTemplate", + "description": "Grants permission to update replication configuration template", + "access_level": "Write", + "resource_types": { + "ReplicationConfigurationTemplateResource": { + "resource_type": "ReplicationConfigurationTemplateResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ec2:CreateSecurityGroup", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetEbsDefaultKmsKeyId", + "ec2:GetEbsEncryptionByDefault", + "kms:CreateGrant", + "kms:DescribeKey" + ] + } + }, + "resource_types_lower_name": { + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateReplicationConfigurationTemplate.html" + } + }, + "privileges_lower_name": { + "associatefailbackclienttorecoveryinstancefordrs": "AssociateFailbackClientToRecoveryInstanceForDrs", + "associatesourcenetworkstack": "AssociateSourceNetworkStack", + "batchcreatevolumesnapshotgroupfordrs": "BatchCreateVolumeSnapshotGroupForDrs", + "batchdeletesnapshotrequestfordrs": "BatchDeleteSnapshotRequestForDrs", + "createconvertedsnapshotfordrs": "CreateConvertedSnapshotForDrs", + "createextendedsourceserver": "CreateExtendedSourceServer", + "createlaunchconfigurationtemplate": "CreateLaunchConfigurationTemplate", + "createrecoveryinstancefordrs": "CreateRecoveryInstanceForDrs", + "createreplicationconfigurationtemplate": "CreateReplicationConfigurationTemplate", + "createsourcenetwork": "CreateSourceNetwork", + "createsourceserverfordrs": "CreateSourceServerForDrs", + "deletejob": "DeleteJob", + "deletelaunchconfigurationtemplate": "DeleteLaunchConfigurationTemplate", + "deleterecoveryinstance": "DeleteRecoveryInstance", + "deletereplicationconfigurationtemplate": "DeleteReplicationConfigurationTemplate", + "deletesourcenetwork": "DeleteSourceNetwork", + "deletesourceserver": "DeleteSourceServer", + "describejoblogitems": "DescribeJobLogItems", + "describejobs": "DescribeJobs", + "describelaunchconfigurationtemplates": "DescribeLaunchConfigurationTemplates", + "describerecoveryinstances": "DescribeRecoveryInstances", + "describerecoverysnapshots": "DescribeRecoverySnapshots", + "describereplicationconfigurationtemplates": "DescribeReplicationConfigurationTemplates", + "describereplicationserverassociationsfordrs": "DescribeReplicationServerAssociationsForDrs", + "describesnapshotrequestsfordrs": "DescribeSnapshotRequestsForDrs", + "describesourcenetworks": "DescribeSourceNetworks", + "describesourceservers": "DescribeSourceServers", + "disconnectrecoveryinstance": "DisconnectRecoveryInstance", + "disconnectsourceserver": "DisconnectSourceServer", + "exportsourcenetworkcfntemplate": "ExportSourceNetworkCfnTemplate", + "getagentcommandfordrs": "GetAgentCommandForDrs", + "getagentconfirmedresumeinfofordrs": "GetAgentConfirmedResumeInfoForDrs", + "getagentinstallationassetsfordrs": "GetAgentInstallationAssetsForDrs", + "getagentreplicationinfofordrs": "GetAgentReplicationInfoForDrs", + "getagentruntimeconfigurationfordrs": "GetAgentRuntimeConfigurationForDrs", + "getagentsnapshotcreditsfordrs": "GetAgentSnapshotCreditsForDrs", + "getchannelcommandsfordrs": "GetChannelCommandsForDrs", + "getfailbackcommandfordrs": "GetFailbackCommandForDrs", + "getfailbacklaunchrequestedfordrs": "GetFailbackLaunchRequestedForDrs", + "getfailbackreplicationconfiguration": "GetFailbackReplicationConfiguration", + "getlaunchconfiguration": "GetLaunchConfiguration", + "getreplicationconfiguration": "GetReplicationConfiguration", + "getsuggestedfailbackclientdevicemappingfordrs": "GetSuggestedFailbackClientDeviceMappingForDrs", + "initializeservice": "InitializeService", + "issueagentcertificatefordrs": "IssueAgentCertificateForDrs", + "listextensiblesourceservers": "ListExtensibleSourceServers", + "liststagingaccounts": "ListStagingAccounts", + "listtagsforresource": "ListTagsForResource", + "notifyagentauthenticationfordrs": "NotifyAgentAuthenticationForDrs", + "notifyagentconnectedfordrs": "NotifyAgentConnectedForDrs", + "notifyagentdisconnectedfordrs": "NotifyAgentDisconnectedForDrs", + "notifyagentreplicationprogressfordrs": "NotifyAgentReplicationProgressForDrs", + "notifyconsistencyattainedfordrs": "NotifyConsistencyAttainedForDrs", + "notifyreplicationserverauthenticationfordrs": "NotifyReplicationServerAuthenticationForDrs", + "notifyvolumeeventfordrs": "NotifyVolumeEventForDrs", + "retrydatareplication": "RetryDataReplication", + "reversereplication": "ReverseReplication", + "sendagentlogsfordrs": "SendAgentLogsForDrs", + "sendagentmetricsfordrs": "SendAgentMetricsForDrs", + "sendchannelcommandresultfordrs": "SendChannelCommandResultForDrs", + "sendclientlogsfordrs": "SendClientLogsForDrs", + "sendclientmetricsfordrs": "SendClientMetricsForDrs", + "sendvolumestatsfordrs": "SendVolumeStatsForDrs", + "startfailbacklaunch": "StartFailbackLaunch", + "startrecovery": "StartRecovery", + "startreplication": "StartReplication", + "startsourcenetworkrecovery": "StartSourceNetworkRecovery", + "startsourcenetworkreplication": "StartSourceNetworkReplication", + "stopfailback": "StopFailback", + "stopreplication": "StopReplication", + "stopsourcenetworkreplication": "StopSourceNetworkReplication", + "tagresource": "TagResource", + "terminaterecoveryinstances": "TerminateRecoveryInstances", + "untagresource": "UntagResource", + "updateagentbacklogfordrs": "UpdateAgentBacklogForDrs", + "updateagentconversioninfofordrs": "UpdateAgentConversionInfoForDrs", + "updateagentreplicationinfofordrs": "UpdateAgentReplicationInfoForDrs", + "updateagentreplicationprocessstatefordrs": "UpdateAgentReplicationProcessStateForDrs", + "updateagentsourcepropertiesfordrs": "UpdateAgentSourcePropertiesForDrs", + "updatefailbackclientdevicemappingfordrs": "UpdateFailbackClientDeviceMappingForDrs", + "updatefailbackclientlastseenfordrs": "UpdateFailbackClientLastSeenForDrs", + "updatefailbackreplicationconfiguration": "UpdateFailbackReplicationConfiguration", + "updatelaunchconfiguration": "UpdateLaunchConfiguration", + "updatelaunchconfigurationtemplate": "UpdateLaunchConfigurationTemplate", + "updatereplicationcertificatefordrs": "UpdateReplicationCertificateForDrs", + "updatereplicationconfiguration": "UpdateReplicationConfiguration", + "updatereplicationconfigurationtemplate": "UpdateReplicationConfigurationTemplate" + }, + "resources": { + "JobResource": { + "resource": "JobResource", + "arn": "arn:${Partition}:drs:${Region}:${Account}:job/${JobID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "RecoveryInstanceResource": { + "resource": "RecoveryInstanceResource", + "arn": "arn:${Partition}:drs:${Region}:${Account}:recovery-instance/${RecoveryInstanceID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "drs:EC2InstanceARN" + ] + }, + "ReplicationConfigurationTemplateResource": { + "resource": "ReplicationConfigurationTemplateResource", + "arn": "arn:${Partition}:drs:${Region}:${Account}:replication-configuration-template/${ReplicationConfigurationTemplateID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "LaunchConfigurationTemplateResource": { + "resource": "LaunchConfigurationTemplateResource", + "arn": "arn:${Partition}:drs:${Region}:${Account}:launch-configuration-template/${LaunchConfigurationTemplateID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "SourceServerResource": { + "resource": "SourceServerResource", + "arn": "arn:${Partition}:drs:${Region}:${Account}:source-server/${SourceServerID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "SourceNetworkResource": { + "resource": "SourceNetworkResource", + "arn": "arn:${Partition}:drs:${Region}:${Account}:source-network/${SourceNetworkID}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "jobresource": "JobResource", + "recoveryinstanceresource": "RecoveryInstanceResource", + "replicationconfigurationtemplateresource": "ReplicationConfigurationTemplateResource", + "launchconfigurationtemplateresource": "LaunchConfigurationTemplateResource", + "sourceserverresource": "SourceServerResource", + "sourcenetworkresource": "SourceNetworkResource" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "drs:CreateAction": { + "condition": "drs:CreateAction", + "description": "Filters access by the name of a resource-creating API action", + "type": "String" + }, + "drs:EC2InstanceARN": { + "condition": "drs:EC2InstanceARN", + "description": "Filters access by the EC2 instance the request originated from", + "type": "String" + } + } + }, + "elasticloadbalancing": { + "service_name": "AWS Elastic Load Balancing", + "prefix": "elasticloadbalancing", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselasticloadbalancing.html", + "privileges": { + "AddTags": { + "privilege": "AddTags", + "description": "Grants permission to add the specified tags to the specified load balancer. Each load balancer can have a maximum of 10 tags", + "access_level": "Tagging", + "resource_types": { + "listener-rule/app": { + "resource_type": "listener-rule/app", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "listener-rule/net": { + "resource_type": "listener-rule/net", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/app": { + "resource_type": "listener/app", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/net": { + "resource_type": "listener/net", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "targetgroup": { + "resource_type": "targetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener-rule/app": "listener-rule/app", + "listener-rule/net": "listener-rule/net", + "listener/app": "listener/app", + "listener/net": "listener/net", + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/", + "targetgroup": "targetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddTags.html" + }, + "ApplySecurityGroupsToLoadBalancer": { + "privilege": "ApplySecurityGroupsToLoadBalancer", + "description": "Grants permission to associate one or more security groups with your load balancer in a virtual private cloud (VPC)", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_ApplySecurityGroupsToLoadBalancer.html" + }, + "AttachLoadBalancerToSubnets": { + "privilege": "AttachLoadBalancerToSubnets", + "description": "Grants permission to add one or more subnets to the set of configured subnets for the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_AttachLoadBalancerToSubnets.html" + }, + "ConfigureHealthCheck": { + "privilege": "ConfigureHealthCheck", + "description": "Grants permission to specify the health check settings to use when evaluating the health state of your back-end instances", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_ConfigureHealthCheck.html" + }, + "CreateAppCookieStickinessPolicy": { + "privilege": "CreateAppCookieStickinessPolicy", + "description": "Grants permission to generate a stickiness policy with sticky session lifetimes that follow that of an application-generated cookie", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateAppCookieStickinessPolicy.html" + }, + "CreateLBCookieStickinessPolicy": { + "privilege": "CreateLBCookieStickinessPolicy", + "description": "Grants permission to generate a stickiness policy with sticky session lifetimes controlled by the lifetime of the browser (user-agent) or a specified expiration period", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateLBCookieStickinessPolicy.html" + }, + "CreateLoadBalancer": { + "privilege": "CreateLoadBalancer", + "description": "Grants permission to create a load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateLoadBalancer.html" + }, + "CreateLoadBalancerListeners": { + "privilege": "CreateLoadBalancerListeners", + "description": "Grants permission to create one or more listeners for the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateLoadBalancerListeners.html" + }, + "CreateLoadBalancerPolicy": { + "privilege": "CreateLoadBalancerPolicy", + "description": "Grants permission to create a policy with the specified attributes for the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_CreateLoadBalancerPolicy.html" + }, + "DeleteLoadBalancer": { + "privilege": "DeleteLoadBalancer", + "description": "Grants permission to delete the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteLoadBalancer.html" + }, + "DeleteLoadBalancerListeners": { + "privilege": "DeleteLoadBalancerListeners", + "description": "Grants permission to delete the specified listeners from the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DeleteLoadBalancerListeners.html" + }, + "DeleteLoadBalancerPolicy": { + "privilege": "DeleteLoadBalancerPolicy", + "description": "Grants permission to delete the specified policy from the specified load balancer. This policy must not be enabled for any listeners", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DeleteLoadBalancerPolicy.html" + }, + "DeregisterInstancesFromLoadBalancer": { + "privilege": "DeregisterInstancesFromLoadBalancer", + "description": "Grants permission to deregister the specified instances from the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DeregisterInstancesFromLoadBalancer.html" + }, + "DescribeInstanceHealth": { + "privilege": "DescribeInstanceHealth", + "description": "Grants permission to describe the state of the specified instances with respect to the specified load balancer", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeInstanceHealth.html" + }, + "DescribeLoadBalancerAttributes": { + "privilege": "DescribeLoadBalancerAttributes", + "description": "Grants permission to describe the attributes for the specified load balancer", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancerAttributes.html" + }, + "DescribeLoadBalancerPolicies": { + "privilege": "DescribeLoadBalancerPolicies", + "description": "Grants permission to describe the specified policies", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancerPolicies.html" + }, + "DescribeLoadBalancerPolicyTypes": { + "privilege": "DescribeLoadBalancerPolicyTypes", + "description": "Grants permission to describe the specified load balancer policy types", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancerPolicyTypes.html" + }, + "DescribeLoadBalancers": { + "privilege": "DescribeLoadBalancers", + "description": "Grants permission to describe the specified the load balancers. If no load balancers are specified, the call describes all of your load balancers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html" + }, + "DescribeTags": { + "privilege": "DescribeTags", + "description": "Grants permission to describe the tags associated with the specified resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTags.html" + }, + "DetachLoadBalancerFromSubnets": { + "privilege": "DetachLoadBalancerFromSubnets", + "description": "Grants permission to remove the specified subnets from the set of configured subnets for the load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DetachLoadBalancerFromSubnets.html" + }, + "DisableAvailabilityZonesForLoadBalancer": { + "privilege": "DisableAvailabilityZonesForLoadBalancer", + "description": "Grants permission to remove the specified Availability Zones from the set of Availability Zones for the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DisableAvailabilityZonesForLoadBalancer.html" + }, + "EnableAvailabilityZonesForLoadBalancer": { + "privilege": "EnableAvailabilityZonesForLoadBalancer", + "description": "Grants permission to add the specified Availability Zones to the set of Availability Zones for the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_EnableAvailabilityZonesForLoadBalancer.html" + }, + "ModifyLoadBalancerAttributes": { + "privilege": "ModifyLoadBalancerAttributes", + "description": "Grants permission to modify the attributes of the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyLoadBalancerAttributes.html" + }, + "RegisterInstancesWithLoadBalancer": { + "privilege": "RegisterInstancesWithLoadBalancer", + "description": "Grants permission to add the specified instances to the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_RegisterInstancesWithLoadBalancer.html" + }, + "RemoveTags": { + "privilege": "RemoveTags", + "description": "Grants permission to remove one or more tags from the specified load balancer", + "access_level": "Tagging", + "resource_types": { + "listener-rule/app": { + "resource_type": "listener-rule/app", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "listener-rule/net": { + "resource_type": "listener-rule/net", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/app": { + "resource_type": "listener/app", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/net": { + "resource_type": "listener/net", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "targetgroup": { + "resource_type": "targetgroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener-rule/app": "listener-rule/app", + "listener-rule/net": "listener-rule/net", + "listener/app": "listener/app", + "listener/net": "listener/net", + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/", + "targetgroup": "targetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RemoveTags.html" + }, + "SetLoadBalancerListenerSSLCertificate": { + "privilege": "SetLoadBalancerListenerSSLCertificate", + "description": "Grants permission to set the certificate that terminates the specified listener's SSL connections", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_SetLoadBalancerListenerSSLCertificate.html" + }, + "SetLoadBalancerPoliciesForBackendServer": { + "privilege": "SetLoadBalancerPoliciesForBackendServer", + "description": "Grants permission to replace the set of policies associated with the specified port on which the back-end server is listening with a new set of policies", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_SetLoadBalancerPoliciesForBackendServer.html" + }, + "SetLoadBalancerPoliciesOfListener": { + "privilege": "SetLoadBalancerPoliciesOfListener", + "description": "Grants permission to replace the current set of policies for the specified load balancer port with the specified set of policies", + "access_level": "Write", + "resource_types": { + "loadbalancer": { + "resource_type": "loadbalancer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer": "loadbalancer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_SetLoadBalancerPoliciesOfListener.html" + }, + "AddListenerCertificates": { + "privilege": "AddListenerCertificates", + "description": "Grants permission to add the specified certificates to the specified secure listener", + "access_level": "Write", + "resource_types": { + "listener/app": { + "resource_type": "listener/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/net": { + "resource_type": "listener/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener/app": "listener/app", + "listener/net": "listener/net" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddListenerCertificates.html" + }, + "CreateListener": { + "privilege": "CreateListener", + "description": "Grants permission to create a listener for the specified Application Load Balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateListener.html" + }, + "CreateRule": { + "privilege": "CreateRule", + "description": "Grants permission to create a rule for the specified listener", + "access_level": "Write", + "resource_types": { + "listener/app": { + "resource_type": "listener/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/net": { + "resource_type": "listener/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener/app": "listener/app", + "listener/net": "listener/net", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateRule.html" + }, + "CreateTargetGroup": { + "privilege": "CreateTargetGroup", + "description": "Grants permission to create a target group", + "access_level": "Write", + "resource_types": { + "targetgroup": { + "resource_type": "targetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "targetgroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html" + }, + "DeleteListener": { + "privilege": "DeleteListener", + "description": "Grants permission to delete the specified listener", + "access_level": "Write", + "resource_types": { + "listener/app": { + "resource_type": "listener/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/net": { + "resource_type": "listener/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener/app": "listener/app", + "listener/net": "listener/net" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteListener.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete the specified rule", + "access_level": "Write", + "resource_types": { + "listener-rule/app": { + "resource_type": "listener-rule/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener-rule/net": { + "resource_type": "listener-rule/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener-rule/app": "listener-rule/app", + "listener-rule/net": "listener-rule/net" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteRule.html" + }, + "DeleteTargetGroup": { + "privilege": "DeleteTargetGroup", + "description": "Grants permission to delete the specified target group", + "access_level": "Write", + "resource_types": { + "targetgroup": { + "resource_type": "targetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "targetgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeleteTargetGroup.html" + }, + "DeregisterTargets": { + "privilege": "DeregisterTargets", + "description": "Grants permission to deregister the specified targets from the specified target group", + "access_level": "Write", + "resource_types": { + "targetgroup": { + "resource_type": "targetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "targetgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DeregisterTargets.html" + }, + "DescribeAccountLimits": { + "privilege": "DescribeAccountLimits", + "description": "Grants permission to describe the Elastic Load Balancing resource limits for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeAccountLimits.html" + }, + "DescribeListenerCertificates": { + "privilege": "DescribeListenerCertificates", + "description": "Grants permission to describe the certificates for the specified secure listener", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeListenerCertificates.html" + }, + "DescribeListeners": { + "privilege": "DescribeListeners", + "description": "Grants permission to describe the specified listeners or the listeners for the specified Application Load Balancer", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeListeners.html" + }, + "DescribeRules": { + "privilege": "DescribeRules", + "description": "Grants permission to describe the specified rules or the rules for the specified listener", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeRules.html" + }, + "DescribeSSLPolicies": { + "privilege": "DescribeSSLPolicies", + "description": "Grants permission to describe the specified policies or all policies used for SSL negotiation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeSSLPolicies.html" + }, + "DescribeTargetGroupAttributes": { + "privilege": "DescribeTargetGroupAttributes", + "description": "Grants permission to describe the attributes for the specified target group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroupAttributes.html" + }, + "DescribeTargetGroups": { + "privilege": "DescribeTargetGroups", + "description": "Grants permission to describe the specified target groups or all of your target groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html" + }, + "DescribeTargetHealth": { + "privilege": "DescribeTargetHealth", + "description": "Grants permission to describe the health of the specified targets or all of your targets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetHealth.html" + }, + "ModifyListener": { + "privilege": "ModifyListener", + "description": "Grants permission to modify the specified properties of the specified listener", + "access_level": "Write", + "resource_types": { + "listener/app": { + "resource_type": "listener/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/net": { + "resource_type": "listener/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener/app": "listener/app", + "listener/net": "listener/net" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyListener.html" + }, + "ModifyRule": { + "privilege": "ModifyRule", + "description": "Grants permission to modify the specified rule", + "access_level": "Write", + "resource_types": { + "listener-rule/app": { + "resource_type": "listener-rule/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener-rule/net": { + "resource_type": "listener-rule/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener-rule/app": "listener-rule/app", + "listener-rule/net": "listener-rule/net" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyRule.html" + }, + "ModifyTargetGroup": { + "privilege": "ModifyTargetGroup", + "description": "Grants permission to modify the health checks used when evaluating the health state of the targets in the specified target group", + "access_level": "Write", + "resource_types": { + "targetgroup": { + "resource_type": "targetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "targetgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyTargetGroup.html" + }, + "ModifyTargetGroupAttributes": { + "privilege": "ModifyTargetGroupAttributes", + "description": "Grants permission to modify the specified attributes of the specified target group", + "access_level": "Write", + "resource_types": { + "targetgroup": { + "resource_type": "targetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "targetgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_ModifyTargetGroupAttributes.html" + }, + "RegisterTargets": { + "privilege": "RegisterTargets", + "description": "Grants permission to register the specified targets with the specified target group", + "access_level": "Write", + "resource_types": { + "targetgroup": { + "resource_type": "targetgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "targetgroup": "targetgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RegisterTargets.html" + }, + "RemoveListenerCertificates": { + "privilege": "RemoveListenerCertificates", + "description": "Grants permission to remove the specified certificates of the specified secure listener", + "access_level": "Write", + "resource_types": { + "listener/app": { + "resource_type": "listener/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener/net": { + "resource_type": "listener/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener/app": "listener/app", + "listener/net": "listener/net" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RemoveListenerCertificates.html" + }, + "SetIpAddressType": { + "privilege": "SetIpAddressType", + "description": "Grants permission to set the type of IP addresses used by the subnets of the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetIpAddressType.html" + }, + "SetRulePriorities": { + "privilege": "SetRulePriorities", + "description": "Grants permission to set the priorities of the specified rules", + "access_level": "Write", + "resource_types": { + "listener-rule/app": { + "resource_type": "listener-rule/app", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "listener-rule/net": { + "resource_type": "listener-rule/net", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener-rule/app": "listener-rule/app", + "listener-rule/net": "listener-rule/net" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetRulePriorities.html" + }, + "SetSecurityGroups": { + "privilege": "SetSecurityGroups", + "description": "Grants permission to associate the specified security groups with the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetSecurityGroups.html" + }, + "SetSubnets": { + "privilege": "SetSubnets", + "description": "Grants permission to enable the Availability Zone for the specified subnets for the specified load balancer", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/net/": { + "resource_type": "loadbalancer/net/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetSubnets.html" + }, + "SetWebAcl": { + "privilege": "SetWebAcl", + "description": "Grants permission to give WebAcl permission to WAF", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_SetWebAcl.html" + } + }, + "privileges_lower_name": { + "addtags": "AddTags", + "applysecuritygroupstoloadbalancer": "ApplySecurityGroupsToLoadBalancer", + "attachloadbalancertosubnets": "AttachLoadBalancerToSubnets", + "configurehealthcheck": "ConfigureHealthCheck", + "createappcookiestickinesspolicy": "CreateAppCookieStickinessPolicy", + "createlbcookiestickinesspolicy": "CreateLBCookieStickinessPolicy", + "createloadbalancer": "CreateLoadBalancer", + "createloadbalancerlisteners": "CreateLoadBalancerListeners", + "createloadbalancerpolicy": "CreateLoadBalancerPolicy", + "deleteloadbalancer": "DeleteLoadBalancer", + "deleteloadbalancerlisteners": "DeleteLoadBalancerListeners", + "deleteloadbalancerpolicy": "DeleteLoadBalancerPolicy", + "deregisterinstancesfromloadbalancer": "DeregisterInstancesFromLoadBalancer", + "describeinstancehealth": "DescribeInstanceHealth", + "describeloadbalancerattributes": "DescribeLoadBalancerAttributes", + "describeloadbalancerpolicies": "DescribeLoadBalancerPolicies", + "describeloadbalancerpolicytypes": "DescribeLoadBalancerPolicyTypes", + "describeloadbalancers": "DescribeLoadBalancers", + "describetags": "DescribeTags", + "detachloadbalancerfromsubnets": "DetachLoadBalancerFromSubnets", + "disableavailabilityzonesforloadbalancer": "DisableAvailabilityZonesForLoadBalancer", + "enableavailabilityzonesforloadbalancer": "EnableAvailabilityZonesForLoadBalancer", + "modifyloadbalancerattributes": "ModifyLoadBalancerAttributes", + "registerinstanceswithloadbalancer": "RegisterInstancesWithLoadBalancer", + "removetags": "RemoveTags", + "setloadbalancerlistenersslcertificate": "SetLoadBalancerListenerSSLCertificate", + "setloadbalancerpoliciesforbackendserver": "SetLoadBalancerPoliciesForBackendServer", + "setloadbalancerpoliciesoflistener": "SetLoadBalancerPoliciesOfListener", + "addlistenercertificates": "AddListenerCertificates", + "createlistener": "CreateListener", + "createrule": "CreateRule", + "createtargetgroup": "CreateTargetGroup", + "deletelistener": "DeleteListener", + "deleterule": "DeleteRule", + "deletetargetgroup": "DeleteTargetGroup", + "deregistertargets": "DeregisterTargets", + "describeaccountlimits": "DescribeAccountLimits", + "describelistenercertificates": "DescribeListenerCertificates", + "describelisteners": "DescribeListeners", + "describerules": "DescribeRules", + "describesslpolicies": "DescribeSSLPolicies", + "describetargetgroupattributes": "DescribeTargetGroupAttributes", + "describetargetgroups": "DescribeTargetGroups", + "describetargethealth": "DescribeTargetHealth", + "modifylistener": "ModifyListener", + "modifyrule": "ModifyRule", + "modifytargetgroup": "ModifyTargetGroup", + "modifytargetgroupattributes": "ModifyTargetGroupAttributes", + "registertargets": "RegisterTargets", + "removelistenercertificates": "RemoveListenerCertificates", + "setipaddresstype": "SetIpAddressType", + "setrulepriorities": "SetRulePriorities", + "setsecuritygroups": "SetSecurityGroups", + "setsubnets": "SetSubnets", + "setwebacl": "SetWebAcl" + }, + "resources": { + "loadbalancer": { + "resource": "loadbalancer", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/${LoadBalancerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "listener/app": { + "resource": "listener/app", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener/app/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "listener-rule/app": { + "resource": "listener-rule/app", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener-rule/app/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}/${ListenerRuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "listener/net": { + "resource": "listener/net", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener/net/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "listener-rule/net": { + "resource": "listener-rule/net", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener-rule/net/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}/${ListenerRuleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "loadbalancer/app/": { + "resource": "loadbalancer/app/", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "loadbalancer/net/": { + "resource": "loadbalancer/net/", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/net/${LoadBalancerName}/${LoadBalancerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + }, + "targetgroup": { + "resource": "targetgroup", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:targetgroup/${TargetGroupName}/${TargetGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "elasticloadbalancing:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "loadbalancer": "loadbalancer", + "listener/app": "listener/app", + "listener-rule/app": "listener-rule/app", + "listener/net": "listener/net", + "listener-rule/net": "listener-rule/net", + "loadbalancer/app/": "loadbalancer/app/", + "loadbalancer/net/": "loadbalancer/net/", + "targetgroup": "targetgroup" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "A key that is present in the request the user makes to the ELB service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Global tag key and value pair", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "The list of all the tag key names associated with the resource in the request", + "type": "ArrayOfString" + }, + "elasticloadbalancing:CreateAction": { + "condition": "elasticloadbalancing:CreateAction", + "description": "Filters access by the name of a resource-creating API action", + "type": "String" + }, + "elasticloadbalancing:ResourceTag/": { + "condition": "elasticloadbalancing:ResourceTag/", + "description": "The preface string for a tag key and value pair attached to a resource", + "type": "String" + }, + "elasticloadbalancing:ResourceTag/${TagKey}": { + "condition": "elasticloadbalancing:ResourceTag/${TagKey}", + "description": "A tag key and value pair", + "type": "String" + } + } + }, + "elemental-appliances-software": { + "service_name": "AWS Elemental Appliances and Software", + "prefix": "elemental-appliances-software", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalappliancesandsoftware.html", + "privileges": { + "CompleteUpload": { + "privilege": "CompleteUpload", + "description": "Grants permission to complete an upload of an attachment for a quote or order", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "CreateOrderV1": { + "privilege": "CreateOrderV1", + "description": "Grants permission to create an order", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "CreateQuote": { + "privilege": "CreateQuote", + "description": "Grants permission to create a quote", + "access_level": "Tagging", + "resource_types": { + "quote": { + "resource_type": "quote", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quote": "quote", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetAvsCorrectAddress": { + "privilege": "GetAvsCorrectAddress", + "description": "Grants permission to validate an address", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetBillingAddresses": { + "privilege": "GetBillingAddresses", + "description": "Grants permission to list the billing addresses in the user account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetDeliveryAddressesV2": { + "privilege": "GetDeliveryAddressesV2", + "description": "Grants permission to list the delivery addresses in the user account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetOrder": { + "privilege": "GetOrder", + "description": "Grants permission to describe an order", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetOrdersV2": { + "privilege": "GetOrdersV2", + "description": "Grants permission to list the orders in the user account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetQuote": { + "privilege": "GetQuote", + "description": "Grants permission to describe a quote", + "access_level": "Read", + "resource_types": { + "quote": { + "resource_type": "quote", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quote": "quote" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetTaxes": { + "privilege": "GetTaxes", + "description": "Grants permission to calculate taxes for an order", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "ListQuotes": { + "privilege": "ListQuotes", + "description": "Grants permission to list the quotes in the user account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists tags for an AWS Elemental Appliances and Software resource", + "access_level": "Read", + "resource_types": { + "quote": { + "resource_type": "quote", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quote": "quote" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "StartUpload": { + "privilege": "StartUpload", + "description": "Grants permission to start an upload of an attachment for a quote or order", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "SubmitOrderV1": { + "privilege": "SubmitOrderV1", + "description": "Grants permission to submit an order", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS Elemental Appliances and Software resource", + "access_level": "Tagging", + "resource_types": { + "quote": { + "resource_type": "quote", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quote": "quote", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an AWS Elemental Appliances and Software resource", + "access_level": "Tagging", + "resource_types": { + "quote": { + "resource_type": "quote", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quote": "quote", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "UpdateQuote": { + "privilege": "UpdateQuote", + "description": "Grants permission to modify a quote", + "access_level": "Write", + "resource_types": { + "quote": { + "resource_type": "quote", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quote": "quote" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + } + }, + "privileges_lower_name": { + "completeupload": "CompleteUpload", + "createorderv1": "CreateOrderV1", + "createquote": "CreateQuote", + "getavscorrectaddress": "GetAvsCorrectAddress", + "getbillingaddresses": "GetBillingAddresses", + "getdeliveryaddressesv2": "GetDeliveryAddressesV2", + "getorder": "GetOrder", + "getordersv2": "GetOrdersV2", + "getquote": "GetQuote", + "gettaxes": "GetTaxes", + "listquotes": "ListQuotes", + "listtagsforresource": "ListTagsForResource", + "startupload": "StartUpload", + "submitorderv1": "SubmitOrderV1", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatequote": "UpdateQuote" + }, + "resources": { + "quote": { + "resource": "quote", + "arn": "arn:${Partition}:elemental-appliances-software:${Region}:${Account}:quote/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "quote": "quote" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by request tag", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by resource tag", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys", + "type": "ArrayOfString" + } + } + }, + "elemental-activations": { + "service_name": "AWS Elemental Appliances and Software Activation Service", + "prefix": "elemental-activations", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalappliancesandsoftwareactivationservice.html", + "privileges": { + "CompleteAccountRegistration": { + "privilege": "CompleteAccountRegistration", + "description": "Grants permission to complete the process of registering customer account for AWS Elemental Appliances and Software Purchases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "CompleteFileUpload": { + "privilege": "CompleteFileUpload", + "description": "Grants permission to complete the process of uploading a Software file for AWS Elemental Appliances and Software Purchases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "DownloadSoftware": { + "privilege": "DownloadSoftware", + "description": "Grants permission to download the Software files for AWS Elemental Appliances and Software Purchases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "GenerateLicenses": { + "privilege": "GenerateLicenses", + "description": "Grants permission to generate Software Licenses for AWS Elemental Appliances and Software Purchases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "GetActivation": { + "privilege": "GetActivation", + "description": "Grants permission to describe an activation", + "access_level": "Read", + "resource_types": { + "activation": { + "resource_type": "activation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activation": "activation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS Elemental Activations resource", + "access_level": "Read", + "resource_types": { + "activation": { + "resource_type": "activation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activation": "activation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "StartAccountRegistration": { + "privilege": "StartAccountRegistration", + "description": "Grants permission to start the process of registering customer account for AWS Elemental Appliances and Software Purchases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "StartFileUpload": { + "privilege": "StartFileUpload", + "description": "Grants permission to start the process of uploading a Software file for AWS Elemental Appliances and Software Purchases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a tag for an AWS Elemental Activations resource", + "access_level": "Tagging", + "resource_types": { + "activation": { + "resource_type": "activation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activation": "activation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an AWS Elemental Activations resource", + "access_level": "Tagging", + "resource_types": { + "activation": { + "resource_type": "activation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activation": "activation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software/" + } + }, + "privileges_lower_name": { + "completeaccountregistration": "CompleteAccountRegistration", + "completefileupload": "CompleteFileUpload", + "downloadsoftware": "DownloadSoftware", + "generatelicenses": "GenerateLicenses", + "getactivation": "GetActivation", + "listtagsforresource": "ListTagsForResource", + "startaccountregistration": "StartAccountRegistration", + "startfileupload": "StartFileUpload", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "activation": { + "resource": "activation", + "arn": "arn:${Partition}:elemental-activations:${Region}:${Account}:activation/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "activation": "activation" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "mediaconnect": { + "service_name": "AWS Elemental MediaConnect", + "prefix": "mediaconnect", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediaconnect.html", + "privileges": { + "AddBridgeOutputs": { + "privilege": "AddBridgeOutputs", + "description": "Grants permission to add outputs to an existing bridge", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-outputs.html" + }, + "AddBridgeSources": { + "privilege": "AddBridgeSources", + "description": "Grants permission to add sources to an existing bridge", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-sources.html" + }, + "AddFlowMediaStreams": { + "privilege": "AddFlowMediaStreams", + "description": "Grants permission to add media streams to any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-mediastreams.html" + }, + "AddFlowOutputs": { + "privilege": "AddFlowOutputs", + "description": "Grants permission to add outputs to any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-outputs.html" + }, + "AddFlowSources": { + "privilege": "AddFlowSources", + "description": "Grants permission to add sources to any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-source.html" + }, + "AddFlowVpcInterfaces": { + "privilege": "AddFlowVpcInterfaces", + "description": "Grants permission to add VPC interfaces to any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-vpcinterfaces.html" + }, + "CreateBridge": { + "privilege": "CreateBridge", + "description": "Grants permission to create bridges", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges.html" + }, + "CreateFlow": { + "privilege": "CreateFlow", + "description": "Grants permission to create flows", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" + }, + "CreateGateway": { + "privilege": "CreateGateway", + "description": "Grants permission to create gateways", + "access_level": "Write", + "resource_types": { + "Gateway": { + "resource_type": "Gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "Gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways.html" + }, + "DeleteBridge": { + "privilege": "DeleteBridge", + "description": "Grants permission to delete bridges", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn.html" + }, + "DeleteFlow": { + "privilege": "DeleteFlow", + "description": "Grants permission to delete flows", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn.html" + }, + "DeleteGateway": { + "privilege": "DeleteGateway", + "description": "Grants permission to delete gateways", + "access_level": "Write", + "resource_types": { + "Gateway": { + "resource_type": "Gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "Gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways-gatewayarn.html" + }, + "DeregisterGatewayInstance": { + "privilege": "DeregisterGatewayInstance", + "description": "Grants permission to deregister gateway instance", + "access_level": "Write", + "resource_types": { + "GatewayInstance": { + "resource_type": "GatewayInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayinstance": "GatewayInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances-gatewayinstancearn.html" + }, + "DescribeBridge": { + "privilege": "DescribeBridge", + "description": "Grants permission to display the details of a bridge", + "access_level": "Read", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn.html" + }, + "DescribeFlow": { + "privilege": "DescribeFlow", + "description": "Grants permission to display the details of a flow including the flow ARN, name, and Availability Zone, as well as details about the source, outputs, and entitlements", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn.html" + }, + "DescribeGateway": { + "privilege": "DescribeGateway", + "description": "Grants permission to display the details of a gateway including the gateway ARN, name, and CIDR blocks, as well as details about the networks", + "access_level": "Read", + "resource_types": { + "Gateway": { + "resource_type": "Gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "Gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways-gatewayarn.html" + }, + "DescribeGatewayInstance": { + "privilege": "DescribeGatewayInstance", + "description": "Grants permission to display the details of a gateway instance", + "access_level": "Read", + "resource_types": { + "GatewayInstance": { + "resource_type": "GatewayInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayinstance": "GatewayInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances-gatewayinstancearn.html" + }, + "DescribeOffering": { + "privilege": "DescribeOffering", + "description": "Grants permission to display the details of an offering", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-offerings-offeringarn.html" + }, + "DescribeReservation": { + "privilege": "DescribeReservation", + "description": "Grants permission to display the details of a reservation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-reservations-reservationarn.html" + }, + "DiscoverGatewayPollEndpoint": { + "privilege": "DiscoverGatewayPollEndpoint", + "description": "Grants permission to discover gateway poll endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" + }, + "GrantFlowEntitlements": { + "privilege": "GrantFlowEntitlements", + "description": "Grants permission to grant entitlements on any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-entitlements.html" + }, + "ListBridges": { + "privilege": "ListBridges", + "description": "Grants permission to display a list of bridges that are associated with this account and an optionally specified Arn", + "access_level": "List", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges.html" + }, + "ListEntitlements": { + "privilege": "ListEntitlements", + "description": "Grants permission to display a list of all entitlements that have been granted to the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-entitlements.html" + }, + "ListFlows": { + "privilege": "ListFlows", + "description": "Grants permission to display a list of flows that are associated with this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" + }, + "ListGatewayInstances": { + "privilege": "ListGatewayInstances", + "description": "Grants permission to display a list of instances that are associated with this gateway", + "access_level": "List", + "resource_types": { + "GatewayInstance": { + "resource_type": "GatewayInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayinstance": "GatewayInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances.html" + }, + "ListGateways": { + "privilege": "ListGateways", + "description": "Grants permission to display a list of gateways that are associated with this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateways.html" + }, + "ListOfferings": { + "privilege": "ListOfferings", + "description": "Grants permission to display a list of all offerings that are available to the account in the current AWS Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-offerings.html" + }, + "ListReservations": { + "privilege": "ListReservations", + "description": "Grants permission to display a list of all reservations that have been purchased by the account in the current AWS Region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-reservations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to display a list of all tags associated with a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/tags-resourcearn.html" + }, + "PollGateway": { + "privilege": "PollGateway", + "description": "Grants permission to poll gateway", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" + }, + "PurchaseOffering": { + "privilege": "PurchaseOffering", + "description": "Grants permission to purchase an offering", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-offerings-offeringarn.html" + }, + "RemoveBridgeOutput": { + "privilege": "RemoveBridgeOutput", + "description": "Grants permission to remove an output of an existing bridge", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-outputs-outputname.html" + }, + "RemoveBridgeSource": { + "privilege": "RemoveBridgeSource", + "description": "Grants permission to remove a source of an existing bridge", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-sources-sourcename.html" + }, + "RemoveFlowMediaStream": { + "privilege": "RemoveFlowMediaStream", + "description": "Grants permission to remove media streams from any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-mediastreams-mediastreamname.html" + }, + "RemoveFlowOutput": { + "privilege": "RemoveFlowOutput", + "description": "Grants permission to remove outputs from any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-outputs-outputarn.html" + }, + "RemoveFlowSource": { + "privilege": "RemoveFlowSource", + "description": "Grants permission to remove sources from any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-source-sourcearn.html" + }, + "RemoveFlowVpcInterface": { + "privilege": "RemoveFlowVpcInterface", + "description": "Grants permission to remove VPC interfaces from any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-vpcinterfaces-vpcinterfacename.html" + }, + "RevokeFlowEntitlement": { + "privilege": "RevokeFlowEntitlement", + "description": "Grants permission to revoke entitlements on any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-entitlements-entitlementarn.html" + }, + "StartFlow": { + "privilege": "StartFlow", + "description": "Grants permission to start flows", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-start-flowarn.html" + }, + "StopFlow": { + "privilege": "StopFlow", + "description": "Grants permission to stop flows", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-stop-flowarn.html" + }, + "SubmitGatewayStateChange": { + "privilege": "SubmitGatewayStateChange", + "description": "Grants permission to submit gateway state change", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate tags with resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/tags-resourcearn.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/tags-resourcearn.html" + }, + "UpdateBridge": { + "privilege": "UpdateBridge", + "description": "Grants permission to update bridges", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn.html" + }, + "UpdateBridgeOutput": { + "privilege": "UpdateBridgeOutput", + "description": "Grants permission to update an output of an existing bridge", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-outputs-outputname.html" + }, + "UpdateBridgeSource": { + "privilege": "UpdateBridgeSource", + "description": "Grants permission to update a source of an existing bridge", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-sources-sourcename.html" + }, + "UpdateBridgeState": { + "privilege": "UpdateBridgeState", + "description": "Grants permission to update the state of an existing bridge", + "access_level": "Write", + "resource_types": { + "Bridge": { + "resource_type": "Bridge", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bridge": "Bridge" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-bridges-bridgearn-state.html" + }, + "UpdateFlow": { + "privilege": "UpdateFlow", + "description": "Grants permission to update flows", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn.html" + }, + "UpdateFlowEntitlement": { + "privilege": "UpdateFlowEntitlement", + "description": "Grants permission to update entitlements on any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-entitlements-entitlementarn.html" + }, + "UpdateFlowMediaStream": { + "privilege": "UpdateFlowMediaStream", + "description": "Grants permission to update media streams on any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-mediastreams-mediastreamname.html" + }, + "UpdateFlowOutput": { + "privilege": "UpdateFlowOutput", + "description": "Grants permission to update outputs on any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-outputs-outputarn.html" + }, + "UpdateFlowSource": { + "privilege": "UpdateFlowSource", + "description": "Grants permission to update the source of any flow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-flows-flowarn-source-sourcearn.html" + }, + "UpdateGatewayInstance": { + "privilege": "UpdateGatewayInstance", + "description": "Grants permission to update the configuration of an existing Gateway Instance", + "access_level": "Write", + "resource_types": { + "GatewayInstance": { + "resource_type": "GatewayInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gatewayinstance": "GatewayInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconnect/latest/api/v1-gateway-instances-gatewayinstancearn.html" + } + }, + "privileges_lower_name": { + "addbridgeoutputs": "AddBridgeOutputs", + "addbridgesources": "AddBridgeSources", + "addflowmediastreams": "AddFlowMediaStreams", + "addflowoutputs": "AddFlowOutputs", + "addflowsources": "AddFlowSources", + "addflowvpcinterfaces": "AddFlowVpcInterfaces", + "createbridge": "CreateBridge", + "createflow": "CreateFlow", + "creategateway": "CreateGateway", + "deletebridge": "DeleteBridge", + "deleteflow": "DeleteFlow", + "deletegateway": "DeleteGateway", + "deregistergatewayinstance": "DeregisterGatewayInstance", + "describebridge": "DescribeBridge", + "describeflow": "DescribeFlow", + "describegateway": "DescribeGateway", + "describegatewayinstance": "DescribeGatewayInstance", + "describeoffering": "DescribeOffering", + "describereservation": "DescribeReservation", + "discovergatewaypollendpoint": "DiscoverGatewayPollEndpoint", + "grantflowentitlements": "GrantFlowEntitlements", + "listbridges": "ListBridges", + "listentitlements": "ListEntitlements", + "listflows": "ListFlows", + "listgatewayinstances": "ListGatewayInstances", + "listgateways": "ListGateways", + "listofferings": "ListOfferings", + "listreservations": "ListReservations", + "listtagsforresource": "ListTagsForResource", + "pollgateway": "PollGateway", + "purchaseoffering": "PurchaseOffering", + "removebridgeoutput": "RemoveBridgeOutput", + "removebridgesource": "RemoveBridgeSource", + "removeflowmediastream": "RemoveFlowMediaStream", + "removeflowoutput": "RemoveFlowOutput", + "removeflowsource": "RemoveFlowSource", + "removeflowvpcinterface": "RemoveFlowVpcInterface", + "revokeflowentitlement": "RevokeFlowEntitlement", + "startflow": "StartFlow", + "stopflow": "StopFlow", + "submitgatewaystatechange": "SubmitGatewayStateChange", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatebridge": "UpdateBridge", + "updatebridgeoutput": "UpdateBridgeOutput", + "updatebridgesource": "UpdateBridgeSource", + "updatebridgestate": "UpdateBridgeState", + "updateflow": "UpdateFlow", + "updateflowentitlement": "UpdateFlowEntitlement", + "updateflowmediastream": "UpdateFlowMediaStream", + "updateflowoutput": "UpdateFlowOutput", + "updateflowsource": "UpdateFlowSource", + "updategatewayinstance": "UpdateGatewayInstance" + }, + "resources": { + "Entitlement": { + "resource": "Entitlement", + "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:entitlement:${FlowId}:${EntitlementName}", + "condition_keys": [] + }, + "Flow": { + "resource": "Flow", + "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:flow:${FlowId}:${FlowName}", + "condition_keys": [] + }, + "Output": { + "resource": "Output", + "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:output:${OutputId}:${OutputName}", + "condition_keys": [] + }, + "Source": { + "resource": "Source", + "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:source:${SourceId}:${SourceName}", + "condition_keys": [] + }, + "Gateway": { + "resource": "Gateway", + "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:gateway:${GatewayId}:${GatewayName}", + "condition_keys": [] + }, + "Bridge": { + "resource": "Bridge", + "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:bridge:${FlowId}:${FlowName}", + "condition_keys": [] + }, + "GatewayInstance": { + "resource": "GatewayInstance", + "arn": "arn:${Partition}:mediaconnect:${Region}:${Account}:gateway:${GatewayId}:${GatewayName}:instance:${InstanceId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "entitlement": "Entitlement", + "flow": "Flow", + "output": "Output", + "source": "Source", + "gateway": "Gateway", + "bridge": "Bridge", + "gatewayinstance": "GatewayInstance" + }, + "conditions": {} + }, + "mediaconvert": { + "service_name": "AWS Elemental MediaConvert", + "prefix": "mediaconvert", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediaconvert.html", + "privileges": { + "AssociateCertificate": { + "privilege": "AssociateCertificate", + "description": "Grants permission to associate an AWS Certificate Manager (ACM) Amazon Resource Name (ARN) with AWS Elemental MediaConvert", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/certificates.html" + }, + "CancelJob": { + "privilege": "CancelJob", + "description": "Grants permission to cancel an AWS Elemental MediaConvert job that is waiting in queue", + "access_level": "Write", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs-id.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Grants permission to create and submit an AWS Elemental MediaConvert job", + "access_level": "Write", + "resource_types": { + "JobTemplate": { + "resource_type": "JobTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Preset": { + "resource_type": "Preset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Queue": { + "resource_type": "Queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "JobTemplate", + "preset": "Preset", + "queue": "Queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs.html" + }, + "CreateJobTemplate": { + "privilege": "CreateJobTemplate", + "description": "Grants permission to create an AWS Elemental MediaConvert custom job template", + "access_level": "Write", + "resource_types": { + "Preset": { + "resource_type": "Preset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Queue": { + "resource_type": "Queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "preset": "Preset", + "queue": "Queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs-id.html" + }, + "CreatePreset": { + "privilege": "CreatePreset", + "description": "Grants permission to create an AWS Elemental MediaConvert custom output preset", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets.html" + }, + "CreateQueue": { + "privilege": "CreateQueue", + "description": "Grants permission to create an AWS Elemental MediaConvert job queue", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues.html" + }, + "DeleteJobTemplate": { + "privilege": "DeleteJobTemplate", + "description": "Grants permission to delete an AWS Elemental MediaConvert custom job template", + "access_level": "Write", + "resource_types": { + "JobTemplate": { + "resource_type": "JobTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "JobTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates-name.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to delete an AWS Elemental MediaConvert policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/policy.html" + }, + "DeletePreset": { + "privilege": "DeletePreset", + "description": "Grants permission to delete an AWS Elemental MediaConvert custom output preset", + "access_level": "Write", + "resource_types": { + "Preset": { + "resource_type": "Preset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "preset": "Preset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets-name.html" + }, + "DeleteQueue": { + "privilege": "DeleteQueue", + "description": "Grants permission to delete an AWS Elemental MediaConvert job queue", + "access_level": "Write", + "resource_types": { + "Queue": { + "resource_type": "Queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "Queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues-name.html" + }, + "DescribeEndpoints": { + "privilege": "DescribeEndpoints", + "description": "Grants permission to subscribe to the AWS Elemental MediaConvert service, by sending a request for an account-specific endpoint. All transcoding requests must be sent to the endpoint that the service returns", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/endpoints.html" + }, + "DisassociateCertificate": { + "privilege": "DisassociateCertificate", + "description": "Grants permission to remove an association between the Amazon Resource Name (ARN) of an AWS Certificate Manager (ACM) certificate and an AWS Elemental MediaConvert resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/certificates-arn.html" + }, + "GetJob": { + "privilege": "GetJob", + "description": "Grants permission to get an AWS Elemental MediaConvert job", + "access_level": "Read", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs-id.html" + }, + "GetJobTemplate": { + "privilege": "GetJobTemplate", + "description": "Grants permission to get an AWS Elemental MediaConvert job template", + "access_level": "Read", + "resource_types": { + "JobTemplate": { + "resource_type": "JobTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "JobTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates-name.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to get an AWS Elemental MediaConvert policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/policy.html" + }, + "GetPreset": { + "privilege": "GetPreset", + "description": "Grants permission to get an AWS Elemental MediaConvert output preset", + "access_level": "Read", + "resource_types": { + "Preset": { + "resource_type": "Preset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "preset": "Preset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets-name.html" + }, + "GetQueue": { + "privilege": "GetQueue", + "description": "Grants permission to get an AWS Elemental MediaConvert job queue", + "access_level": "Read", + "resource_types": { + "Queue": { + "resource_type": "Queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "Queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues-name.html" + }, + "ListJobTemplates": { + "privilege": "ListJobTemplates", + "description": "Grants permission to list AWS Elemental MediaConvert job templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list AWS Elemental MediaConvert jobs", + "access_level": "List", + "resource_types": { + "Queue": { + "resource_type": "Queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "Queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobs.html" + }, + "ListPresets": { + "privilege": "ListPresets", + "description": "Grants permission to list AWS Elemental MediaConvert output presets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets.html" + }, + "ListQueues": { + "privilege": "ListQueues", + "description": "Grants permission to list AWS Elemental MediaConvert job queues", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve the tags for a MediaConvert queue, preset, or job template", + "access_level": "Read", + "resource_types": { + "JobTemplate": { + "resource_type": "JobTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Preset": { + "resource_type": "Preset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Queue": { + "resource_type": "Queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "JobTemplate", + "preset": "Preset", + "queue": "Queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/tags-arn.html" + }, + "PutPolicy": { + "privilege": "PutPolicy", + "description": "Grants permission to put an AWS Elemental MediaConvert policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/policy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a MediaConvert queue, preset, or job template", + "access_level": "Tagging", + "resource_types": { + "JobTemplate": { + "resource_type": "JobTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Preset": { + "resource_type": "Preset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Queue": { + "resource_type": "Queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "JobTemplate", + "preset": "Preset", + "queue": "Queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/tags.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a MediaConvert queue, preset, or job template", + "access_level": "Tagging", + "resource_types": { + "JobTemplate": { + "resource_type": "JobTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Preset": { + "resource_type": "Preset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Queue": { + "resource_type": "Queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "JobTemplate", + "preset": "Preset", + "queue": "Queue", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/tags-arn.html" + }, + "UpdateJobTemplate": { + "privilege": "UpdateJobTemplate", + "description": "Grants permission to update an AWS Elemental MediaConvert custom job template", + "access_level": "Write", + "resource_types": { + "JobTemplate": { + "resource_type": "JobTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Preset": { + "resource_type": "Preset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Queue": { + "resource_type": "Queue", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "JobTemplate", + "preset": "Preset", + "queue": "Queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/jobtemplates-name.html" + }, + "UpdatePreset": { + "privilege": "UpdatePreset", + "description": "Grants permission to update an AWS Elemental MediaConvert custom output preset", + "access_level": "Write", + "resource_types": { + "Preset": { + "resource_type": "Preset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "preset": "Preset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/presets-name.html" + }, + "UpdateQueue": { + "privilege": "UpdateQueue", + "description": "Grants permission to update an AWS Elemental MediaConvert job queue", + "access_level": "Write", + "resource_types": { + "Queue": { + "resource_type": "Queue", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "queue": "Queue" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediaconvert/latest/apireference/queues-name.html" + } + }, + "privileges_lower_name": { + "associatecertificate": "AssociateCertificate", + "canceljob": "CancelJob", + "createjob": "CreateJob", + "createjobtemplate": "CreateJobTemplate", + "createpreset": "CreatePreset", + "createqueue": "CreateQueue", + "deletejobtemplate": "DeleteJobTemplate", + "deletepolicy": "DeletePolicy", + "deletepreset": "DeletePreset", + "deletequeue": "DeleteQueue", + "describeendpoints": "DescribeEndpoints", + "disassociatecertificate": "DisassociateCertificate", + "getjob": "GetJob", + "getjobtemplate": "GetJobTemplate", + "getpolicy": "GetPolicy", + "getpreset": "GetPreset", + "getqueue": "GetQueue", + "listjobtemplates": "ListJobTemplates", + "listjobs": "ListJobs", + "listpresets": "ListPresets", + "listqueues": "ListQueues", + "listtagsforresource": "ListTagsForResource", + "putpolicy": "PutPolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatejobtemplate": "UpdateJobTemplate", + "updatepreset": "UpdatePreset", + "updatequeue": "UpdateQueue" + }, + "resources": { + "Job": { + "resource": "Job", + "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:jobs/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Queue": { + "resource": "Queue", + "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:queues/${QueueName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Preset": { + "resource": "Preset", + "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:presets/${PresetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "JobTemplate": { + "resource": "JobTemplate", + "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:jobTemplates/${JobTemplateName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "CertificateAssociation": { + "resource": "CertificateAssociation", + "arn": "arn:${Partition}:mediaconvert:${Region}:${Account}:certificates/${CertificateArn}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "job": "Job", + "queue": "Queue", + "preset": "Preset", + "jobtemplate": "JobTemplate", + "certificateassociation": "CertificateAssociation" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "medialive": { + "service_name": "AWS Elemental MediaLive", + "prefix": "medialive", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmedialive.html", + "privileges": { + "AcceptInputDeviceTransfer": { + "privilege": "AcceptInputDeviceTransfer", + "description": "Grants permission to accept an input device transfer", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "BatchDelete": { + "privilege": "BatchDelete", + "description": "Grants permission to delete channels, inputs, input security groups, and multiplexes", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" + }, + "BatchStart": { + "privilege": "BatchStart", + "description": "Grants permission to start channels and multiplexes", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" + }, + "BatchStop": { + "privilege": "BatchStop", + "description": "Grants permission to stop channels and multiplexes", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" + }, + "BatchUpdateSchedule": { + "privilege": "BatchUpdateSchedule", + "description": "Grants permission to add and remove actions from a channel's schedule", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/submitting-batch-command.html" + }, + "CancelInputDeviceTransfer": { + "privilege": "CancelInputDeviceTransfer", + "description": "Grants permission to cancel an input device transfer", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "ClaimDevice": { + "privilege": "ClaimDevice", + "description": "Grants permission to claim an input device", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Grants permission to create a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "input": "input", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/creating-channel-scratch.html" + }, + "CreateInput": { + "privilege": "CreateInput", + "description": "Grants permission to create an input", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "input-security-group": { + "resource_type": "input-security-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input", + "input-security-group": "input-security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/creating-input.html" + }, + "CreateInputSecurityGroup": { + "privilege": "CreateInputSecurityGroup", + "description": "Grants permission to create an input security group", + "access_level": "Write", + "resource_types": { + "input-security-group": { + "resource_type": "input-security-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-security-group": "input-security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/working-with-input-security-groups.html" + }, + "CreateMultiplex": { + "privilege": "CreateMultiplex", + "description": "Grants permission to create a multiplex", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/multiplex-create.html" + }, + "CreateMultiplexProgram": { + "privilege": "CreateMultiplexProgram", + "description": "Grants permission to create a multiplex program", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/multiplex-create.html" + }, + "CreatePartnerInput": { + "privilege": "CreatePartnerInput", + "description": "Grants permission to create a partner input", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/input-create-cdi-partners.html" + }, + "CreateTags": { + "privilege": "CreateTags", + "description": "Grants permission to create tags for channels, inputs, input security groups, multiplexes, and reservations", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input": { + "resource_type": "input", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input-security-group": { + "resource_type": "input-security-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "multiplex": { + "resource_type": "multiplex", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reservation": { + "resource_type": "reservation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "input": "input", + "input-security-group": "input-security-group", + "multiplex": "multiplex", + "reservation": "reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/tagging.html" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Grants permission to delete a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" + }, + "DeleteInput": { + "privilege": "DeleteInput", + "description": "Grants permission to delete an input", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-input.html" + }, + "DeleteInputSecurityGroup": { + "privilege": "DeleteInputSecurityGroup", + "description": "Grants permission to delete an input security group", + "access_level": "Write", + "resource_types": { + "input-security-group": { + "resource_type": "input-security-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-security-group": "input-security-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-input-security-group.html" + }, + "DeleteMultiplex": { + "privilege": "DeleteMultiplex", + "description": "Grants permission to delete a multiplex", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-multiplex-program.html" + }, + "DeleteMultiplexProgram": { + "privilege": "DeleteMultiplexProgram", + "description": "Grants permission to delete a multiplex program", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/delete-multiplex-program.html" + }, + "DeleteReservation": { + "privilege": "DeleteReservation", + "description": "Grants permission to delete an expired reservation", + "access_level": "Write", + "resource_types": { + "reservation": { + "resource_type": "reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reservation": "reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/deleting-reservations.html" + }, + "DeleteSchedule": { + "privilege": "DeleteSchedule", + "description": "Grants permission to delete all schedule actions for a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/schedule-using-console-delete.html" + }, + "DeleteTags": { + "privilege": "DeleteTags", + "description": "Grants permission to delete tags from channels, inputs, input security groups, multiplexes, and reservations", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input": { + "resource_type": "input", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input-security-group": { + "resource_type": "input-security-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "multiplex": { + "resource_type": "multiplex", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reservation": { + "resource_type": "reservation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "input": "input", + "input-security-group": "input-security-group", + "multiplex": "multiplex", + "reservation": "reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/tagging.html" + }, + "DescribeChannel": { + "privilege": "DescribeChannel", + "description": "Grants permission to get details about a channel", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/viewing-channel-configuration.html" + }, + "DescribeInput": { + "privilege": "DescribeInput", + "description": "Grants permission to describe an input", + "access_level": "Read", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input.html" + }, + "DescribeInputDevice": { + "privilege": "DescribeInputDevice", + "description": "Grants permission to describe an input device", + "access_level": "Read", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" + }, + "DescribeInputDeviceThumbnail": { + "privilege": "DescribeInputDeviceThumbnail", + "description": "Grants permission to describe an input device thumbnail", + "access_level": "Read", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" + }, + "DescribeInputSecurityGroup": { + "privilege": "DescribeInputSecurityGroup", + "description": "Grants permission to describe an input security group", + "access_level": "Read", + "resource_types": { + "input-security-group": { + "resource_type": "input-security-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-security-group": "input-security-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input-security-group.html" + }, + "DescribeMultiplex": { + "privilege": "DescribeMultiplex", + "description": "Grants permission to describe a multiplex", + "access_level": "Read", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" + }, + "DescribeMultiplexProgram": { + "privilege": "DescribeMultiplexProgram", + "description": "Grants permission to describe a multiplex program", + "access_level": "Read", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/monitoring-multiplex-console.html" + }, + "DescribeOffering": { + "privilege": "DescribeOffering", + "description": "Grants permission to get details about a reservation offering", + "access_level": "Read", + "resource_types": { + "offering": { + "resource_type": "offering", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "offering": "offering" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/purchasing-reservations.html" + }, + "DescribeReservation": { + "privilege": "DescribeReservation", + "description": "Grants permission to get details about a reservation", + "access_level": "Read", + "resource_types": { + "reservation": { + "resource_type": "reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reservation": "reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/view-reservations.html" + }, + "DescribeSchedule": { + "privilege": "DescribeSchedule", + "description": "Grants permission to view a list of actions scheduled on a channel", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/schedule-using-console-view.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to list channels", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/viewing-channel-configuration.html" + }, + "ListInputDeviceTransfers": { + "privilege": "ListInputDeviceTransfers", + "description": "Grants permission to list input device transfers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "ListInputDevices": { + "privilege": "ListInputDevices", + "description": "Grants permission to list input devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" + }, + "ListInputSecurityGroups": { + "privilege": "ListInputSecurityGroups", + "description": "Grants permission to list input security groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input-security-group.html" + }, + "ListInputs": { + "privilege": "ListInputs", + "description": "Grants permission to list inputs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input.html" + }, + "ListMultiplexPrograms": { + "privilege": "ListMultiplexPrograms", + "description": "Grants permission to list multiplex programs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/monitoring-multiplex-console.html" + }, + "ListMultiplexes": { + "privilege": "ListMultiplexes", + "description": "Grants permission to list multiplexes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" + }, + "ListOfferings": { + "privilege": "ListOfferings", + "description": "Grants permission to list reservation offerings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/purchasing-reservations.html" + }, + "ListReservations": { + "privilege": "ListReservations", + "description": "Grants permission to list reservations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/view-reservations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for channels, inputs, input security groups, multiplexes, and reservations", + "access_level": "List", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input": { + "resource_type": "input", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input-security-group": { + "resource_type": "input-security-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "multiplex": { + "resource_type": "multiplex", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "reservation": { + "resource_type": "reservation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "input": "input", + "input-security-group": "input-security-group", + "multiplex": "multiplex", + "reservation": "reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/tagging.html" + }, + "PurchaseOffering": { + "privilege": "PurchaseOffering", + "description": "Grants permission to purchase a reservation offering", + "access_level": "Write", + "resource_types": { + "offering": { + "resource_type": "offering", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "reservation": { + "resource_type": "reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "offering": "offering", + "reservation": "reservation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/purchasing-reservations.html" + }, + "RebootInputDevice": { + "privilege": "RebootInputDevice", + "description": "Grants permission to reboot an input device", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "RejectInputDeviceTransfer": { + "privilege": "RejectInputDeviceTransfer", + "description": "Grants permission to reject an input device transfer", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "StartChannel": { + "privilege": "StartChannel", + "description": "Grants permission to start a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" + }, + "StartInputDeviceMaintenanceWindow": { + "privilege": "StartInputDeviceMaintenanceWindow", + "description": "Grants permission to start a maintenance window for an input device", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "StartMultiplex": { + "privilege": "StartMultiplex", + "description": "Grants permission to start a multiplex", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/start-multiplex.html" + }, + "StopChannel": { + "privilege": "StopChannel", + "description": "Grants permission to stop a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/starting-stopping-deleting-a-channel.html" + }, + "StopMultiplex": { + "privilege": "StopMultiplex", + "description": "Grants permission to stop a multiplex", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/stop-multiplex.title.html" + }, + "TransferInputDevice": { + "privilege": "TransferInputDevice", + "description": "Grants permission to transfer an input device", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/eml-devices.html" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Grants permission to update a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" + }, + "UpdateChannelClass": { + "privilege": "UpdateChannelClass", + "description": "Grants permission to update the class of a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/editing-deleting-channel.html" + }, + "UpdateInput": { + "privilege": "UpdateInput", + "description": "Grants permission to update an input", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input.html" + }, + "UpdateInputDevice": { + "privilege": "UpdateInputDevice", + "description": "Grants permission to update an input device", + "access_level": "Write", + "resource_types": { + "input-device": { + "resource_type": "input-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-device": "input-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/device-edit.html" + }, + "UpdateInputSecurityGroup": { + "privilege": "UpdateInputSecurityGroup", + "description": "Grants permission to update an input security group", + "access_level": "Write", + "resource_types": { + "input-security-group": { + "resource_type": "input-security-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input-security-group": "input-security-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-input-security-group.html" + }, + "UpdateMultiplex": { + "privilege": "UpdateMultiplex", + "description": "Grants permission to update a multiplex", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" + }, + "UpdateMultiplexProgram": { + "privilege": "UpdateMultiplexProgram", + "description": "Grants permission to update a multiplex program", + "access_level": "Write", + "resource_types": { + "multiplex": { + "resource_type": "multiplex", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multiplex": "multiplex" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/edit-multiplex-program-channel.html" + }, + "UpdateReservation": { + "privilege": "UpdateReservation", + "description": "Grants permission to update a reservation", + "access_level": "Write", + "resource_types": { + "reservation": { + "resource_type": "reservation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "reservation": "reservation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/medialive/latest/ug/reservations.html" + } + }, + "privileges_lower_name": { + "acceptinputdevicetransfer": "AcceptInputDeviceTransfer", + "batchdelete": "BatchDelete", + "batchstart": "BatchStart", + "batchstop": "BatchStop", + "batchupdateschedule": "BatchUpdateSchedule", + "cancelinputdevicetransfer": "CancelInputDeviceTransfer", + "claimdevice": "ClaimDevice", + "createchannel": "CreateChannel", + "createinput": "CreateInput", + "createinputsecuritygroup": "CreateInputSecurityGroup", + "createmultiplex": "CreateMultiplex", + "createmultiplexprogram": "CreateMultiplexProgram", + "createpartnerinput": "CreatePartnerInput", + "createtags": "CreateTags", + "deletechannel": "DeleteChannel", + "deleteinput": "DeleteInput", + "deleteinputsecuritygroup": "DeleteInputSecurityGroup", + "deletemultiplex": "DeleteMultiplex", + "deletemultiplexprogram": "DeleteMultiplexProgram", + "deletereservation": "DeleteReservation", + "deleteschedule": "DeleteSchedule", + "deletetags": "DeleteTags", + "describechannel": "DescribeChannel", + "describeinput": "DescribeInput", + "describeinputdevice": "DescribeInputDevice", + "describeinputdevicethumbnail": "DescribeInputDeviceThumbnail", + "describeinputsecuritygroup": "DescribeInputSecurityGroup", + "describemultiplex": "DescribeMultiplex", + "describemultiplexprogram": "DescribeMultiplexProgram", + "describeoffering": "DescribeOffering", + "describereservation": "DescribeReservation", + "describeschedule": "DescribeSchedule", + "listchannels": "ListChannels", + "listinputdevicetransfers": "ListInputDeviceTransfers", + "listinputdevices": "ListInputDevices", + "listinputsecuritygroups": "ListInputSecurityGroups", + "listinputs": "ListInputs", + "listmultiplexprograms": "ListMultiplexPrograms", + "listmultiplexes": "ListMultiplexes", + "listofferings": "ListOfferings", + "listreservations": "ListReservations", + "listtagsforresource": "ListTagsForResource", + "purchaseoffering": "PurchaseOffering", + "rebootinputdevice": "RebootInputDevice", + "rejectinputdevicetransfer": "RejectInputDeviceTransfer", + "startchannel": "StartChannel", + "startinputdevicemaintenancewindow": "StartInputDeviceMaintenanceWindow", + "startmultiplex": "StartMultiplex", + "stopchannel": "StopChannel", + "stopmultiplex": "StopMultiplex", + "transferinputdevice": "TransferInputDevice", + "updatechannel": "UpdateChannel", + "updatechannelclass": "UpdateChannelClass", + "updateinput": "UpdateInput", + "updateinputdevice": "UpdateInputDevice", + "updateinputsecuritygroup": "UpdateInputSecurityGroup", + "updatemultiplex": "UpdateMultiplex", + "updatemultiplexprogram": "UpdateMultiplexProgram", + "updatereservation": "UpdateReservation" + }, + "resources": { + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:medialive:${Region}:${Account}:channel:${ChannelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "input": { + "resource": "input", + "arn": "arn:${Partition}:medialive:${Region}:${Account}:input:${InputId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "input-device": { + "resource": "input-device", + "arn": "arn:${Partition}:medialive:${Region}:${Account}:inputDevice:${DeviceId}", + "condition_keys": [] + }, + "input-security-group": { + "resource": "input-security-group", + "arn": "arn:${Partition}:medialive:${Region}:${Account}:inputSecurityGroup:${InputSecurityGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "multiplex": { + "resource": "multiplex", + "arn": "arn:${Partition}:medialive:${Region}:${Account}:multiplex:${MultiplexId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "reservation": { + "resource": "reservation", + "arn": "arn:${Partition}:medialive:${Region}:${Account}:reservation:${ReservationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "offering": { + "resource": "offering", + "arn": "arn:${Partition}:medialive:${Region}:${Account}:offering:${OfferingId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "channel": "channel", + "input": "input", + "input-device": "input-device", + "input-security-group": "input-security-group", + "multiplex": "multiplex", + "reservation": "reservation", + "offering": "offering" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "mediapackage": { + "service_name": "AWS Elemental MediaPackage", + "prefix": "mediapackage", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediapackage.html", + "privileges": { + "ConfigureLogs": { + "privilege": "ConfigureLogs", + "description": "Grants permission to configure access logs for a Channel", + "access_level": "Write", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "channels": "channels" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id-configure_logs.html#channels-id-configure_logsput" + }, + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Grants permission to create a channel in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels.html#channelspost" + }, + "CreateHarvestJob": { + "privilege": "CreateHarvestJob", + "description": "Grants permission to create a harvest job in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/harvest_jobs.html#harvest_jobspost" + }, + "CreateOriginEndpoint": { + "privilege": "CreateOriginEndpoint", + "description": "Grants permission to create an endpoint in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints.html#origin_endpointspost" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Grants permission to delete a channel in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id.html#channels-iddelete" + }, + "DeleteOriginEndpoint": { + "privilege": "DeleteOriginEndpoint", + "description": "Grants permission to delete an endpoint in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "origin_endpoints": { + "resource_type": "origin_endpoints", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin_endpoints": "origin_endpoints" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints-id.html#origin_endpoints-iddelete" + }, + "DescribeChannel": { + "privilege": "DescribeChannel", + "description": "Grants permission to view the details of a channel in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id.html#channels-idget" + }, + "DescribeHarvestJob": { + "privilege": "DescribeHarvestJob", + "description": "Grants permission to view the details of a harvest job in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "harvest_jobs": { + "resource_type": "harvest_jobs", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "harvest_jobs": "harvest_jobs" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/harvest_jobs-id.html#harvest_jobs-idget" + }, + "DescribeOriginEndpoint": { + "privilege": "DescribeOriginEndpoint", + "description": "Grants permission to view the details of an endpoint in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "origin_endpoints": { + "resource_type": "origin_endpoints", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin_endpoints": "origin_endpoints" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints-id.html#origin_endpoints-idget" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to view a list of channels in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels.html#channelsget" + }, + "ListHarvestJobs": { + "privilege": "ListHarvestJobs", + "description": "Grants permission to view a list of harvest jobs in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/harvest_jobs.html#harvest_jobsget" + }, + "ListOriginEndpoints": { + "privilege": "ListOriginEndpoints", + "description": "Grants permission to view a list of endpoints in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints.html#origin_endpointsget" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags assigned to a Channel or OriginEndpoint", + "access_level": "Read", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "harvest_jobs": { + "resource_type": "harvest_jobs", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "origin_endpoints": { + "resource_type": "origin_endpoints", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels", + "harvest_jobs": "harvest_jobs", + "origin_endpoints": "origin_endpoints" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/tags-resource-arn.html#tags-resource-arnget" + }, + "RotateChannelCredentials": { + "privilege": "RotateChannelCredentials", + "description": "Grants permission to rotate credentials for the first IngestEndpoint of a Channel in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id-credentials.html#channels-id-credentialsput" + }, + "RotateIngestEndpointCredentials": { + "privilege": "RotateIngestEndpointCredentials", + "description": "Grants permission to rotate IngestEndpoint credentials for a Channel in AWS Elemental MediaPackage", + "access_level": "Permissions management", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id-ingest_endpoints-ingest_endpoint_id-credentials.html#channels-id-ingest_endpoints-ingest_endpoint_id-credentialsput" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a MediaPackage resource", + "access_level": "Tagging", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "harvest_jobs": { + "resource_type": "harvest_jobs", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "origin_endpoints": { + "resource_type": "origin_endpoints", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels", + "harvest_jobs": "harvest_jobs", + "origin_endpoints": "origin_endpoints", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/hj-create.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to delete tags to a Channel or OriginEndpoint", + "access_level": "Tagging", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "harvest_jobs": { + "resource_type": "harvest_jobs", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "origin_endpoints": { + "resource_type": "origin_endpoints", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels", + "harvest_jobs": "harvest_jobs", + "origin_endpoints": "origin_endpoints", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/tags-resource-arn.html#tags-resource-arndelete" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Grants permission to make changes to a channel in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "channels": { + "resource_type": "channels", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channels": "channels" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/channels-id.html#channels-idput" + }, + "UpdateOriginEndpoint": { + "privilege": "UpdateOriginEndpoint", + "description": "Grants permission to make changes to an endpoint in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "origin_endpoints": { + "resource_type": "origin_endpoints", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "origin_endpoints": "origin_endpoints" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/apireference/origin_endpoints-id.html#origin_endpoints-idput" + } + }, + "privileges_lower_name": { + "configurelogs": "ConfigureLogs", + "createchannel": "CreateChannel", + "createharvestjob": "CreateHarvestJob", + "createoriginendpoint": "CreateOriginEndpoint", + "deletechannel": "DeleteChannel", + "deleteoriginendpoint": "DeleteOriginEndpoint", + "describechannel": "DescribeChannel", + "describeharvestjob": "DescribeHarvestJob", + "describeoriginendpoint": "DescribeOriginEndpoint", + "listchannels": "ListChannels", + "listharvestjobs": "ListHarvestJobs", + "listoriginendpoints": "ListOriginEndpoints", + "listtagsforresource": "ListTagsForResource", + "rotatechannelcredentials": "RotateChannelCredentials", + "rotateingestendpointcredentials": "RotateIngestEndpointCredentials", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatechannel": "UpdateChannel", + "updateoriginendpoint": "UpdateOriginEndpoint" + }, + "resources": { + "channels": { + "resource": "channels", + "arn": "arn:${Partition}:mediapackage:${Region}:${Account}:channels/${ChannelIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "origin_endpoints": { + "resource": "origin_endpoints", + "arn": "arn:${Partition}:mediapackage:${Region}:${Account}:origin_endpoints/${OriginEndpointIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "harvest_jobs": { + "resource": "harvest_jobs", + "arn": "arn:${Partition}:mediapackage:${Region}:${Account}:harvest_jobs/${HarvestJobIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "channels": "channels", + "origin_endpoints": "origin_endpoints", + "harvest_jobs": "harvest_jobs" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag for a MediaPackage request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag for a MediaPackage resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys for a MediaPackage resource or request", + "type": "ArrayOfString" + } + } + }, + "mediapackagev2": { + "service_name": "AWS Elemental MediaPackage V2", + "prefix": "mediapackagev2", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediapackagev2.html", + "privileges": { + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Grants permission to create a channel in a channel group", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_CreateChannel.html" + }, + "CreateChannelGroup": { + "privilege": "CreateChannelGroup", + "description": "Grants permission to create a channel group", + "access_level": "Write", + "resource_types": { + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channelgroup": "ChannelGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_CreateChannelGroup.html" + }, + "CreateOriginEndpoint": { + "privilege": "CreateOriginEndpoint", + "description": "Grants permission to create an origin endpoint for a channel", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_CreateOriginEndpoint.html" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Grants permission to delete a channel in a channel group", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteChannel.html" + }, + "DeleteChannelGroup": { + "privilege": "DeleteChannelGroup", + "description": "Grants permission to delete a channel group", + "access_level": "Write", + "resource_types": { + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteChannelGroup.html" + }, + "DeleteChannelPolicy": { + "privilege": "DeleteChannelPolicy", + "description": "Grants permission to delete a resource policy from a channel", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelPolicy": { + "resource_type": "ChannelPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "channelpolicy": "ChannelPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteChannelPolicy.html" + }, + "DeleteOriginEndpoint": { + "privilege": "DeleteOriginEndpoint", + "description": "Grants permission to delete an origin endpoint of a channel", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteOriginEndpoint.html" + }, + "DeleteOriginEndpointPolicy": { + "privilege": "DeleteOriginEndpointPolicy", + "description": "Grants permission to delete a resource policy from an origin endpoint", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpointPolicy": { + "resource_type": "OriginEndpointPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint", + "originendpointpolicy": "OriginEndpointPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_DeleteOriginEndpointPolicy.html" + }, + "GetChannel": { + "privilege": "GetChannel", + "description": "Grants permission to retrieve details of a channel in a channel group", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetChannel.html" + }, + "GetChannelGroup": { + "privilege": "GetChannelGroup", + "description": "Grants permission to retrieve details of a channel group", + "access_level": "Read", + "resource_types": { + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetChannelGroup.html" + }, + "GetChannelPolicy": { + "privilege": "GetChannelPolicy", + "description": "Grants permission to retrieve a resource policy for a channel", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelPolicy": { + "resource_type": "ChannelPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "channelpolicy": "ChannelPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetChannelPolicy.html" + }, + "GetHeadObject": { + "privilege": "GetHeadObject", + "description": "Grants permission to make GetHeadObject requests to MediaPackage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/userguide/dataplane-apis.html" + }, + "GetObject": { + "privilege": "GetObject", + "description": "Grants permission to make GetObject requests to MediaPackage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/userguide/dataplane-apis.html" + }, + "GetOriginEndpoint": { + "privilege": "GetOriginEndpoint", + "description": "Grants permission to retrieve details of an origin endpoint", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetOriginEndpoint.html" + }, + "GetOriginEndpointPolicy": { + "privilege": "GetOriginEndpointPolicy", + "description": "Grants permission to retrieve details of a resource policy for an origin endpoint", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpointPolicy": { + "resource_type": "OriginEndpointPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint", + "originendpointpolicy": "OriginEndpointPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_GetOriginEndpointPolicy.html" + }, + "ListChannelGroups": { + "privilege": "ListChannelGroups", + "description": "Grants permission to list all channel groups for an aws account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListChannelGroups.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to list all channels in a channel group", + "access_level": "List", + "resource_types": { + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListChannels.html" + }, + "ListOriginEndpoints": { + "privilege": "ListOriginEndpoints", + "description": "Grants permission to list all origin endpoints of a channel", + "access_level": "List", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListOriginEndpoints.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for the specified resource", + "access_level": "Read", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_ListTagsForResource.html" + }, + "PutChannelPolicy": { + "privilege": "PutChannelPolicy", + "description": "Grants permission to attach a resource policy for a channel", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelPolicy": { + "resource_type": "ChannelPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "channelpolicy": "ChannelPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_PutChannelPolicy.html" + }, + "PutObject": { + "privilege": "PutObject", + "description": "Grants permission to make PutObject requests to MediaPackage", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/userguide/dataplane-apis.html" + }, + "PutOriginEndpointPolicy": { + "privilege": "PutOriginEndpointPolicy", + "description": "Grants permission to attach a resource policy to an origin endpoint", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpointPolicy": { + "resource_type": "OriginEndpointPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint", + "originendpointpolicy": "OriginEndpointPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_PutOriginEndpointPolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add specified tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the specified tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UntagResource.html" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Grants permission to update a channel in a channel group", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UpdateChannel.html" + }, + "UpdateChannelGroup": { + "privilege": "UpdateChannelGroup", + "description": "Grants permission to update a channel group", + "access_level": "Write", + "resource_types": { + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channelgroup": "ChannelGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UpdateChannelGroup.html" + }, + "UpdateOriginEndpoint": { + "privilege": "UpdateOriginEndpoint", + "description": "Grants permission to update an origin endpoint of a channel", + "access_level": "Write", + "resource_types": { + "Channel": { + "resource_type": "Channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ChannelGroup": { + "resource_type": "ChannelGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "OriginEndpoint": { + "resource_type": "OriginEndpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "Channel", + "channelgroup": "ChannelGroup", + "originendpoint": "OriginEndpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage/latest/APIReference/API_UpdateOriginEndpoint.html" + } + }, + "privileges_lower_name": { + "createchannel": "CreateChannel", + "createchannelgroup": "CreateChannelGroup", + "createoriginendpoint": "CreateOriginEndpoint", + "deletechannel": "DeleteChannel", + "deletechannelgroup": "DeleteChannelGroup", + "deletechannelpolicy": "DeleteChannelPolicy", + "deleteoriginendpoint": "DeleteOriginEndpoint", + "deleteoriginendpointpolicy": "DeleteOriginEndpointPolicy", + "getchannel": "GetChannel", + "getchannelgroup": "GetChannelGroup", + "getchannelpolicy": "GetChannelPolicy", + "getheadobject": "GetHeadObject", + "getobject": "GetObject", + "getoriginendpoint": "GetOriginEndpoint", + "getoriginendpointpolicy": "GetOriginEndpointPolicy", + "listchannelgroups": "ListChannelGroups", + "listchannels": "ListChannels", + "listoriginendpoints": "ListOriginEndpoints", + "listtagsforresource": "ListTagsForResource", + "putchannelpolicy": "PutChannelPolicy", + "putobject": "PutObject", + "putoriginendpointpolicy": "PutOriginEndpointPolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatechannel": "UpdateChannel", + "updatechannelgroup": "UpdateChannelGroup", + "updateoriginendpoint": "UpdateOriginEndpoint" + }, + "resources": { + "ChannelGroup": { + "resource": "ChannelGroup", + "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ChannelPolicy": { + "resource": "ChannelPolicy", + "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}", + "condition_keys": [] + }, + "Channel": { + "resource": "Channel", + "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "OriginEndpointPolicy": { + "resource": "OriginEndpointPolicy", + "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}/originEndpoint/${OriginEndpointName}", + "condition_keys": [] + }, + "OriginEndpoint": { + "resource": "OriginEndpoint", + "arn": "arn:${Partition}:mediapackagev2:${Region}:${Account}:channelGroup/${ChannelGroupName}/channel/${ChannelName}/originEndpoint/${OriginEndpointName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "channelgroup": "ChannelGroup", + "channelpolicy": "ChannelPolicy", + "channel": "Channel", + "originendpointpolicy": "OriginEndpointPolicy", + "originendpoint": "OriginEndpoint" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "mediapackage-vod": { + "service_name": "AWS Elemental MediaPackage VOD", + "prefix": "mediapackage-vod", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediapackagevod.html", + "privileges": { + "ConfigureLogs": { + "privilege": "ConfigureLogs", + "description": "Grants permission to configure egress access logs for a PackagingGroup", + "access_level": "Write", + "resource_types": { + "packaging-groups": { + "resource_type": "packaging-groups", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "packaging-groups": "packaging-groups" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id-configure_logs.html#packaging_groups-id-configure_logsput" + }, + "CreateAsset": { + "privilege": "CreateAsset", + "description": "Grants permission to create an asset in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets.html#assetspost" + }, + "CreatePackagingConfiguration": { + "privilege": "CreatePackagingConfiguration", + "description": "Grants permission to create a packaging configuration in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations.html#packaging_configurationspost" + }, + "CreatePackagingGroup": { + "privilege": "CreatePackagingGroup", + "description": "Grants permission to create a packaging group in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups.html#packaging_groupspost" + }, + "DeleteAsset": { + "privilege": "DeleteAsset", + "description": "Grants permission to delete an asset in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets-id.html#assets-iddelete" + }, + "DeletePackagingConfiguration": { + "privilege": "DeletePackagingConfiguration", + "description": "Grants permission to delete a packaging configuration in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "packaging-configurations": { + "resource_type": "packaging-configurations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "packaging-configurations": "packaging-configurations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations-id.html#packaging_configurations-iddelete" + }, + "DeletePackagingGroup": { + "privilege": "DeletePackagingGroup", + "description": "Grants permission to delete a packaging group in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "packaging-groups": { + "resource_type": "packaging-groups", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "packaging-groups": "packaging-groups" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id.html#packaging_groups-iddelete" + }, + "DescribeAsset": { + "privilege": "DescribeAsset", + "description": "Grants permission to view the details of an asset in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets-id.html#assets-idget" + }, + "DescribePackagingConfiguration": { + "privilege": "DescribePackagingConfiguration", + "description": "Grants permission to view the details of a packaging configuration in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "packaging-configurations": { + "resource_type": "packaging-configurations", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "packaging-configurations": "packaging-configurations" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations-id.html#packaging_configurations-idget" + }, + "DescribePackagingGroup": { + "privilege": "DescribePackagingGroup", + "description": "Grants permission to view the details of a packaging group in AWS Elemental MediaPackage", + "access_level": "Read", + "resource_types": { + "packaging-groups": { + "resource_type": "packaging-groups", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "packaging-groups": "packaging-groups" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id.html#packaging_groups-idget" + }, + "ListAssets": { + "privilege": "ListAssets", + "description": "Grants permission to view a list of assets in AWS Elemental MediaPackage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/assets.html#assetsget" + }, + "ListPackagingConfigurations": { + "privilege": "ListPackagingConfigurations", + "description": "Grants permission to view a list of packaging configurations in AWS Elemental MediaPackage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_configurations.html#packaging_configurationsget" + }, + "ListPackagingGroups": { + "privilege": "ListPackagingGroups", + "description": "Grants permission to view a list of packaging groups in AWS Elemental MediaPackage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups.html#packaging_groupsget" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags assigned to a PackagingGroup, PackagingConfiguration, or Asset", + "access_level": "Read", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packaging-configurations": { + "resource_type": "packaging-configurations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packaging-groups": { + "resource_type": "packaging-groups", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets", + "packaging-configurations": "packaging-configurations", + "packaging-groups": "packaging-groups" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/tags-resource-arn.html#tags-resource-arnget" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign tags to a PackagingGroup, PackagingConfiguration, or Asset", + "access_level": "Tagging", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packaging-configurations": { + "resource_type": "packaging-configurations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packaging-groups": { + "resource_type": "packaging-groups", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets", + "packaging-configurations": "packaging-configurations", + "packaging-groups": "packaging-groups", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/tags-resource-arn.html#tags-resource-arnpost" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to delete tags from a PackagingGroup, PackagingConfiguration, or Asset", + "access_level": "Tagging", + "resource_types": { + "assets": { + "resource_type": "assets", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packaging-configurations": { + "resource_type": "packaging-configurations", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packaging-groups": { + "resource_type": "packaging-groups", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "assets": "assets", + "packaging-configurations": "packaging-configurations", + "packaging-groups": "packaging-groups", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/tags-resource-arn.html#tags-resource-arndelete" + }, + "UpdatePackagingGroup": { + "privilege": "UpdatePackagingGroup", + "description": "Grants permission to update a packaging group in AWS Elemental MediaPackage", + "access_level": "Write", + "resource_types": { + "packaging-groups": { + "resource_type": "packaging-groups", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "packaging-groups": "packaging-groups" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediapackage-vod/latest/apireference/packaging_groups-id.html#packaging_groups-idput" + } + }, + "privileges_lower_name": { + "configurelogs": "ConfigureLogs", + "createasset": "CreateAsset", + "createpackagingconfiguration": "CreatePackagingConfiguration", + "createpackaginggroup": "CreatePackagingGroup", + "deleteasset": "DeleteAsset", + "deletepackagingconfiguration": "DeletePackagingConfiguration", + "deletepackaginggroup": "DeletePackagingGroup", + "describeasset": "DescribeAsset", + "describepackagingconfiguration": "DescribePackagingConfiguration", + "describepackaginggroup": "DescribePackagingGroup", + "listassets": "ListAssets", + "listpackagingconfigurations": "ListPackagingConfigurations", + "listpackaginggroups": "ListPackagingGroups", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatepackaginggroup": "UpdatePackagingGroup" + }, + "resources": { + "assets": { + "resource": "assets", + "arn": "arn:${Partition}:mediapackage-vod:${Region}:${Account}:assets/${AssetIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "packaging-configurations": { + "resource": "packaging-configurations", + "arn": "arn:${Partition}:mediapackage-vod:${Region}:${Account}:packaging-configurations/${PackagingConfigurationIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "packaging-groups": { + "resource": "packaging-groups", + "arn": "arn:${Partition}:mediapackage-vod:${Region}:${Account}:packaging-groups/${PackagingGroupIdentifier}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "assets": "assets", + "packaging-configurations": "packaging-configurations", + "packaging-groups": "packaging-groups" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "mediastore": { + "service_name": "AWS Elemental MediaStore", + "prefix": "mediastore", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediastore.html", + "privileges": { + "CreateContainer": { + "privilege": "CreateContainer", + "description": "Grants permission to create a container", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_CreateContainer.html" + }, + "DeleteContainer": { + "privilege": "DeleteContainer", + "description": "Grants permission to delete a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteContainer.html" + }, + "DeleteContainerPolicy": { + "privilege": "DeleteContainerPolicy", + "description": "Grants permission to delete the access policy of a container", + "access_level": "Permissions management", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteContainerPolicy.html" + }, + "DeleteCorsPolicy": { + "privilege": "DeleteCorsPolicy", + "description": "Grants permission to delete the CORS policy from a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteCorsPolicy.html" + }, + "DeleteLifecyclePolicy": { + "privilege": "DeleteLifecyclePolicy", + "description": "Grants permission to delete the lifecycle policy from a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteLifecyclePolicy.html" + }, + "DeleteMetricPolicy": { + "privilege": "DeleteMetricPolicy", + "description": "Grants permission to delete the metric policy from a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DeleteMetricPolicy.html" + }, + "DeleteObject": { + "privilege": "DeleteObject", + "description": "Grants permission to delete an object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_DeleteObject.html" + }, + "DescribeContainer": { + "privilege": "DescribeContainer", + "description": "Grants permission to retrieve details on a container", + "access_level": "List", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_DescribeContainer.html" + }, + "DescribeObject": { + "privilege": "DescribeObject", + "description": "Grants permission to retrieve metadata for an object", + "access_level": "List", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_DescribeObject.html" + }, + "GetContainerPolicy": { + "privilege": "GetContainerPolicy", + "description": "Grants permission to retrieve the access policy of a container", + "access_level": "Read", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetContainerPolicy.html" + }, + "GetCorsPolicy": { + "privilege": "GetCorsPolicy", + "description": "Grants permission to retrieve the CORS policy of a container", + "access_level": "Read", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetCorsPolicy.html" + }, + "GetLifecyclePolicy": { + "privilege": "GetLifecyclePolicy", + "description": "Grants permission to retrieve the lifecycle policy that is assigned to a container", + "access_level": "Read", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetLifecyclePolicy.html" + }, + "GetMetricPolicy": { + "privilege": "GetMetricPolicy", + "description": "Grants permission to retrieve the metric policy that is assigned to a container", + "access_level": "Read", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_GetMetricPolicy.html" + }, + "GetObject": { + "privilege": "GetObject", + "description": "Grants permission to retrieve an object", + "access_level": "Read", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_GetObject.html" + }, + "ListContainers": { + "privilege": "ListContainers", + "description": "Grants permission to retrieve a list of containers in the current account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_ListContainers.html" + }, + "ListItems": { + "privilege": "ListItems", + "description": "Grants permission to retrieve a list of objects and subfolders that are stored in a folder", + "access_level": "List", + "resource_types": { + "folder": { + "resource_type": "folder", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "folder": "folder" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_ListItems.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags on a container", + "access_level": "Read", + "resource_types": { + "container": { + "resource_type": "container", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_ListTagsForResource.html" + }, + "PutContainerPolicy": { + "privilege": "PutContainerPolicy", + "description": "Grants permission to create or replace the access policy of a container", + "access_level": "Permissions management", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutContainerPolicy.html" + }, + "PutCorsPolicy": { + "privilege": "PutCorsPolicy", + "description": "Grants permission to add or modify the CORS policy of a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutCorsPolicy.html" + }, + "PutLifecyclePolicy": { + "privilege": "PutLifecyclePolicy", + "description": "Grants permission to add or modify the lifecycle policy that is assigned to a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutLifecyclePolicy.html" + }, + "PutMetricPolicy": { + "privilege": "PutMetricPolicy", + "description": "Grants permission to add or modify the metric policy that is assigned to a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_PutMetricPolicy.html" + }, + "PutObject": { + "privilege": "PutObject", + "description": "Grants permission to upload an object", + "access_level": "Write", + "resource_types": { + "object": { + "resource_type": "object", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "object": "object" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_objstore_PutObject.html" + }, + "StartAccessLogging": { + "privilege": "StartAccessLogging", + "description": "Grants permission to start access logging on a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_StartAccessLogging.html" + }, + "StopAccessLogging": { + "privilege": "StopAccessLogging", + "description": "Grants permission to stop access logging on a container", + "access_level": "Write", + "resource_types": { + "container": { + "resource_type": "container", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_StopAccessLogging.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a container", + "access_level": "Tagging", + "resource_types": { + "container": { + "resource_type": "container", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a container", + "access_level": "Tagging", + "resource_types": { + "container": { + "resource_type": "container", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "container": "container", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediastore/latest/apireference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "createcontainer": "CreateContainer", + "deletecontainer": "DeleteContainer", + "deletecontainerpolicy": "DeleteContainerPolicy", + "deletecorspolicy": "DeleteCorsPolicy", + "deletelifecyclepolicy": "DeleteLifecyclePolicy", + "deletemetricpolicy": "DeleteMetricPolicy", + "deleteobject": "DeleteObject", + "describecontainer": "DescribeContainer", + "describeobject": "DescribeObject", + "getcontainerpolicy": "GetContainerPolicy", + "getcorspolicy": "GetCorsPolicy", + "getlifecyclepolicy": "GetLifecyclePolicy", + "getmetricpolicy": "GetMetricPolicy", + "getobject": "GetObject", + "listcontainers": "ListContainers", + "listitems": "ListItems", + "listtagsforresource": "ListTagsForResource", + "putcontainerpolicy": "PutContainerPolicy", + "putcorspolicy": "PutCorsPolicy", + "putlifecyclepolicy": "PutLifecyclePolicy", + "putmetricpolicy": "PutMetricPolicy", + "putobject": "PutObject", + "startaccesslogging": "StartAccessLogging", + "stopaccesslogging": "StopAccessLogging", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "container": { + "resource": "container", + "arn": "arn:${Partition}:mediastore:${Region}:${Account}:container/${ContainerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "object": { + "resource": "object", + "arn": "arn:${Partition}:mediastore:${Region}:${Account}:container/${ContainerName}/${ObjectPath}", + "condition_keys": [] + }, + "folder": { + "resource": "folder", + "arn": "arn:${Partition}:mediastore:${Region}:${Account}:container/${ContainerName}/${FolderPath}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "container": "container", + "object": "object", + "folder": "folder" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "mediatailor": { + "service_name": "AWS Elemental MediaTailor", + "prefix": "mediatailor", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalmediatailor.html", + "privileges": { + "ConfigureLogsForChannel": { + "privilege": "ConfigureLogsForChannel", + "description": "Grants permission to configure logs on the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/configurelogs-channel.html" + }, + "ConfigureLogsForPlaybackConfiguration": { + "privilege": "ConfigureLogsForPlaybackConfiguration", + "description": "Grants permission to configure logs for a playback configuration", + "access_level": "Write", + "resource_types": { + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "playbackconfiguration": "playbackConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/configurelogs-playbackconfiguration.html" + }, + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Grants permission to create a new channel", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" + }, + "CreateLiveSource": { + "privilege": "CreateLiveSource", + "description": "Grants permission to create a new live source on the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" + }, + "CreatePrefetchSchedule": { + "privilege": "CreatePrefetchSchedule", + "description": "Grants permission to create a prefetch schedule for the playback configuration with the specified playback configuration name", + "access_level": "Write", + "resource_types": { + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playbackconfiguration": "playbackConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname-name.html" + }, + "CreateProgram": { + "privilege": "CreateProgram", + "description": "Grants permission to create a new program on the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" + }, + "CreateSourceLocation": { + "privilege": "CreateSourceLocation", + "description": "Grants permission to create a new source location", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" + }, + "CreateVodSource": { + "privilege": "CreateVodSource", + "description": "Grants permission to create a new VOD source on the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Grants permission to delete the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" + }, + "DeleteChannelPolicy": { + "privilege": "DeleteChannelPolicy", + "description": "Grants permission to delete the IAM policy on the channel with the specified channel name", + "access_level": "Permissions management", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-policy.html" + }, + "DeleteLiveSource": { + "privilege": "DeleteLiveSource", + "description": "Grants permission to delete the live source with the specified live source name on the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "liveSource": { + "resource_type": "liveSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "livesource": "liveSource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" + }, + "DeletePlaybackConfiguration": { + "privilege": "DeletePlaybackConfiguration", + "description": "Grants permission to delete the specified playback configuration", + "access_level": "Write", + "resource_types": { + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playbackconfiguration": "playbackConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfiguration-name.html" + }, + "DeletePrefetchSchedule": { + "privilege": "DeletePrefetchSchedule", + "description": "Grants permission to delete a prefetch schedule for a playback configuration with the specified prefetch schedule name", + "access_level": "Write", + "resource_types": { + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "prefetchSchedule": { + "resource_type": "prefetchSchedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playbackconfiguration": "playbackConfiguration", + "prefetchschedule": "prefetchSchedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname-name.html" + }, + "DeleteProgram": { + "privilege": "DeleteProgram", + "description": "Grants permission to delete the program with the specified program name on the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "program": { + "resource_type": "program", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "program": "program" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" + }, + "DeleteSourceLocation": { + "privilege": "DeleteSourceLocation", + "description": "Grants permission to delete the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "sourceLocation": { + "resource_type": "sourceLocation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcelocation": "sourceLocation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" + }, + "DeleteVodSource": { + "privilege": "DeleteVodSource", + "description": "Grants permission to delete the VOD source with the specified VOD source name on the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "vodSource": { + "resource_type": "vodSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vodsource": "vodSource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" + }, + "DescribeChannel": { + "privilege": "DescribeChannel", + "description": "Grants permission to retrieve the channel with the specified channel name", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" + }, + "DescribeLiveSource": { + "privilege": "DescribeLiveSource", + "description": "Grants permission to retrieve the live source with the specified live source name on the source location with the specified source location name", + "access_level": "Read", + "resource_types": { + "liveSource": { + "resource_type": "liveSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "livesource": "liveSource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" + }, + "DescribeProgram": { + "privilege": "DescribeProgram", + "description": "Grants permission to retrieve the program with the specified program name on the channel with the specified channel name", + "access_level": "Read", + "resource_types": { + "program": { + "resource_type": "program", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "program": "program" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" + }, + "DescribeSourceLocation": { + "privilege": "DescribeSourceLocation", + "description": "Grants permission to retrieve the source location with the specified source location name", + "access_level": "Read", + "resource_types": { + "sourceLocation": { + "resource_type": "sourceLocation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcelocation": "sourceLocation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" + }, + "DescribeVodSource": { + "privilege": "DescribeVodSource", + "description": "Grants permission to retrieve the VOD source with the specified VOD source name on the source location with the specified source location name", + "access_level": "Read", + "resource_types": { + "vodSource": { + "resource_type": "vodSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vodsource": "vodSource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" + }, + "GetChannelPolicy": { + "privilege": "GetChannelPolicy", + "description": "Grants permission to read the IAM policy on the channel with the specified channel name", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-policy.html" + }, + "GetChannelSchedule": { + "privilege": "GetChannelSchedule", + "description": "Grants permission to retrieve the schedule of programs on the channel with the specified channel name", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-schedule.html" + }, + "GetPlaybackConfiguration": { + "privilege": "GetPlaybackConfiguration", + "description": "Grants permission to retrieve the configuration for the specified name", + "access_level": "Read", + "resource_types": { + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playbackconfiguration": "playbackConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfiguration-name.html" + }, + "GetPrefetchSchedule": { + "privilege": "GetPrefetchSchedule", + "description": "Grants permission to retrieve prefetch schedule for a playback configuration with the specified prefetch schedule name", + "access_level": "Read", + "resource_types": { + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "prefetchSchedule": { + "resource_type": "prefetchSchedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playbackconfiguration": "playbackConfiguration", + "prefetchschedule": "prefetchSchedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname-name.html" + }, + "ListAlerts": { + "privilege": "ListAlerts", + "description": "Grants permission to retrieve the list of alerts on a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/alerts.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to retrieve the list of existing channels", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channels.html" + }, + "ListLiveSources": { + "privilege": "ListLiveSources", + "description": "Grants permission to retrieve the list of existing live sources on the source location with the specified source location name", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesources.html" + }, + "ListPlaybackConfigurations": { + "privilege": "ListPlaybackConfigurations", + "description": "Grants permission to retrieve the list of available configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfigurations.html" + }, + "ListPrefetchSchedules": { + "privilege": "ListPrefetchSchedules", + "description": "Grants permission to retrieve the list of prefetch schedules for a playback configuration", + "access_level": "List", + "resource_types": { + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "playbackconfiguration": "playbackConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/prefetchschedule-playbackconfigurationname.html" + }, + "ListSourceLocations": { + "privilege": "ListSourceLocations", + "description": "Grants permission to retrieve the list of existing source locations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags assigned to the specified playback configuration resource", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "liveSource": { + "resource_type": "liveSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sourceLocation": { + "resource_type": "sourceLocation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vodSource": { + "resource_type": "vodSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "livesource": "liveSource", + "playbackconfiguration": "playbackConfiguration", + "sourcelocation": "sourceLocation", + "vodsource": "vodSource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/tags-resourcearn.html" + }, + "ListVodSources": { + "privilege": "ListVodSources", + "description": "Grants permission to retrieve the list of existing VOD sources on the source location with the specified source location name", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsources.html" + }, + "PutChannelPolicy": { + "privilege": "PutChannelPolicy", + "description": "Grants permission to set the IAM policy on the channel with the specified channel name", + "access_level": "Permissions management", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-policy.html" + }, + "PutPlaybackConfiguration": { + "privilege": "PutPlaybackConfiguration", + "description": "Grants permission to add a new configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/playbackconfiguration.html" + }, + "StartChannel": { + "privilege": "StartChannel", + "description": "Grants permission to start the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-start.html" + }, + "StopChannel": { + "privilege": "StopChannel", + "description": "Grants permission to stop the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-stop.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to the specified playback configuration resource", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "liveSource": { + "resource_type": "liveSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sourceLocation": { + "resource_type": "sourceLocation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vodSource": { + "resource_type": "vodSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "livesource": "liveSource", + "playbackconfiguration": "playbackConfiguration", + "sourcelocation": "sourceLocation", + "vodsource": "vodSource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/tags-resourcearn.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from the specified playback configuration resource", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "liveSource": { + "resource_type": "liveSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "playbackConfiguration": { + "resource_type": "playbackConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sourceLocation": { + "resource_type": "sourceLocation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vodSource": { + "resource_type": "vodSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "livesource": "liveSource", + "playbackconfiguration": "playbackConfiguration", + "sourcelocation": "sourceLocation", + "vodsource": "vodSource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/tags-resourcearn.html" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Grants permission to update the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname.html" + }, + "UpdateLiveSource": { + "privilege": "UpdateLiveSource", + "description": "Grants permission to update the live source with the specified live source name on the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "liveSource": { + "resource_type": "liveSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "livesource": "liveSource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-livesource-livesourcename.html" + }, + "UpdateProgram": { + "privilege": "UpdateProgram", + "description": "Grants permission to update the program with the specified program name on the channel with the specified channel name", + "access_level": "Write", + "resource_types": { + "program": { + "resource_type": "program", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "program": "program" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/channel-channelname-program-programname.html" + }, + "UpdateSourceLocation": { + "privilege": "UpdateSourceLocation", + "description": "Grants permission to update the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "sourceLocation": { + "resource_type": "sourceLocation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sourcelocation": "sourceLocation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname.html" + }, + "UpdateVodSource": { + "privilege": "UpdateVodSource", + "description": "Grants permission to update the VOD source with the specified VOD source name on the source location with the specified source location name", + "access_level": "Write", + "resource_types": { + "vodSource": { + "resource_type": "vodSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vodsource": "vodSource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mediatailor/latest/apireference/sourcelocation-sourcelocationname-vodsource-vodsourcename.html" + } + }, + "privileges_lower_name": { + "configurelogsforchannel": "ConfigureLogsForChannel", + "configurelogsforplaybackconfiguration": "ConfigureLogsForPlaybackConfiguration", + "createchannel": "CreateChannel", + "createlivesource": "CreateLiveSource", + "createprefetchschedule": "CreatePrefetchSchedule", + "createprogram": "CreateProgram", + "createsourcelocation": "CreateSourceLocation", + "createvodsource": "CreateVodSource", + "deletechannel": "DeleteChannel", + "deletechannelpolicy": "DeleteChannelPolicy", + "deletelivesource": "DeleteLiveSource", + "deleteplaybackconfiguration": "DeletePlaybackConfiguration", + "deleteprefetchschedule": "DeletePrefetchSchedule", + "deleteprogram": "DeleteProgram", + "deletesourcelocation": "DeleteSourceLocation", + "deletevodsource": "DeleteVodSource", + "describechannel": "DescribeChannel", + "describelivesource": "DescribeLiveSource", + "describeprogram": "DescribeProgram", + "describesourcelocation": "DescribeSourceLocation", + "describevodsource": "DescribeVodSource", + "getchannelpolicy": "GetChannelPolicy", + "getchannelschedule": "GetChannelSchedule", + "getplaybackconfiguration": "GetPlaybackConfiguration", + "getprefetchschedule": "GetPrefetchSchedule", + "listalerts": "ListAlerts", + "listchannels": "ListChannels", + "listlivesources": "ListLiveSources", + "listplaybackconfigurations": "ListPlaybackConfigurations", + "listprefetchschedules": "ListPrefetchSchedules", + "listsourcelocations": "ListSourceLocations", + "listtagsforresource": "ListTagsForResource", + "listvodsources": "ListVodSources", + "putchannelpolicy": "PutChannelPolicy", + "putplaybackconfiguration": "PutPlaybackConfiguration", + "startchannel": "StartChannel", + "stopchannel": "StopChannel", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatechannel": "UpdateChannel", + "updatelivesource": "UpdateLiveSource", + "updateprogram": "UpdateProgram", + "updatesourcelocation": "UpdateSourceLocation", + "updatevodsource": "UpdateVodSource" + }, + "resources": { + "playbackConfiguration": { + "resource": "playbackConfiguration", + "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:playbackConfiguration/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "prefetchSchedule": { + "resource": "prefetchSchedule", + "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:prefetchSchedule/${ResourceId}", + "condition_keys": [] + }, + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:channel/${ChannelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "program": { + "resource": "program", + "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:program/${ChannelName}/${ProgramName}", + "condition_keys": [] + }, + "sourceLocation": { + "resource": "sourceLocation", + "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:sourceLocation/${SourceLocationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vodSource": { + "resource": "vodSource", + "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:vodSource/${SourceLocationName}/${VodSourceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "liveSource": { + "resource": "liveSource", + "arn": "arn:${Partition}:mediatailor:${Region}:${Account}:liveSource/${SourceLocationName}/${LiveSourceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "playbackconfiguration": "playbackConfiguration", + "prefetchschedule": "prefetchSchedule", + "channel": "channel", + "program": "program", + "sourcelocation": "sourceLocation", + "vodsource": "vodSource", + "livesource": "liveSource" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "elemental-support-cases": { + "service_name": "AWS Elemental Support Cases", + "prefix": "elemental-support-cases", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalsupportcases.html", + "privileges": { + "CheckCasePermission": { + "privilege": "CheckCasePermission", + "description": "Verify whether the caller has the permissions to perform support case operations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "CreateCase": { + "privilege": "CreateCase", + "description": "Grant the permission to create a support case", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetCase": { + "privilege": "GetCase", + "description": "Grant the permission to describe a support case in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "GetCases": { + "privilege": "GetCases", + "description": "Grant the permission to list the support cases in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + }, + "UpdateCase": { + "privilege": "UpdateCase", + "description": "Grant the permission to update a support case", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + } + }, + "privileges_lower_name": { + "checkcasepermission": "CheckCasePermission", + "createcase": "CreateCase", + "getcase": "GetCase", + "getcases": "GetCases", + "updatecase": "UpdateCase" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "elemental-support-content": { + "service_name": "AWS Elemental Support Content", + "prefix": "elemental-support-content", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awselementalsupportcontent.html", + "privileges": { + "Query": { + "privilege": "Query", + "description": "Grant the permission to search support content", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/elemental-appliances-software" + } + }, + "privileges_lower_name": { + "query": "Query" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "entityresolution": { + "service_name": "AWS Entity Resolution", + "prefix": "entityresolution", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsentityresolution.html", + "privileges": { + "CreateMatchingWorkflow": { + "privilege": "CreateMatchingWorkflow", + "description": "Grants permission to create a matching workflow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_CreateMatchingWorkflow.html" + }, + "CreateSchemaMapping": { + "privilege": "CreateSchemaMapping", + "description": "Grants permission to create a schema mapping", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_CreateSchemaMapping.html" + }, + "DeleteMatchingWorkflow": { + "privilege": "DeleteMatchingWorkflow", + "description": "Grants permission to delete a matching workflow", + "access_level": "Write", + "resource_types": { + "MatchingWorkflow": { + "resource_type": "MatchingWorkflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchingworkflow": "MatchingWorkflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_DeleteMatchingWorkflow.html" + }, + "DeleteSchemaMapping": { + "privilege": "DeleteSchemaMapping", + "description": "Grants permission to delete a schema mapping", + "access_level": "Write", + "resource_types": { + "SchemaMapping": { + "resource_type": "SchemaMapping", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schemamapping": "SchemaMapping" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_DeleteSchemaMapping.html" + }, + "GetMatchId": { + "privilege": "GetMatchId", + "description": "Grants permission to get match Id", + "access_level": "Read", + "resource_types": { + "MatchingWorkflow": { + "resource_type": "MatchingWorkflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchingworkflow": "MatchingWorkflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_GetMatchId.html" + }, + "GetMatchingJob": { + "privilege": "GetMatchingJob", + "description": "Grants permission to get a matching job", + "access_level": "Read", + "resource_types": { + "MatchingWorkflow": { + "resource_type": "MatchingWorkflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchingworkflow": "MatchingWorkflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_GetMatchingJob.html" + }, + "GetMatchingWorkflow": { + "privilege": "GetMatchingWorkflow", + "description": "Grants permission to get a matching workflow", + "access_level": "Read", + "resource_types": { + "MatchingWorkflow": { + "resource_type": "MatchingWorkflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchingworkflow": "MatchingWorkflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_GetMatchingWorkflow.html" + }, + "GetSchemaMapping": { + "privilege": "GetSchemaMapping", + "description": "Grants permission to get a schema mapping", + "access_level": "Read", + "resource_types": { + "SchemaMapping": { + "resource_type": "SchemaMapping", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schemamapping": "SchemaMapping" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_GetSchemaMapping.html" + }, + "ListMatchingJobs": { + "privilege": "ListMatchingJobs", + "description": "Grants permission to list matching jobs", + "access_level": "List", + "resource_types": { + "MatchingWorkflow": { + "resource_type": "MatchingWorkflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchingworkflow": "MatchingWorkflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_ListMatchingJobs.html" + }, + "ListMatchingWorkflows": { + "privilege": "ListMatchingWorkflows", + "description": "Grants permission to list matching workflows", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_ListMatchingWorkflows.html" + }, + "ListSchemaMappings": { + "privilege": "ListSchemaMappings", + "description": "Grants permission to list schema mappings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_ListSchemaMappings.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to List tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_ListTagsForResource.html" + }, + "StartMatchingJob": { + "privilege": "StartMatchingJob", + "description": "Grants permission to start a matching job", + "access_level": "Write", + "resource_types": { + "MatchingWorkflow": { + "resource_type": "MatchingWorkflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchingworkflow": "MatchingWorkflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_StartMatchingJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to adds tags to a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_UntagResource.html" + }, + "UpdateMatchingWorkflow": { + "privilege": "UpdateMatchingWorkflow", + "description": "Grants permission to update a matching workflow", + "access_level": "Write", + "resource_types": { + "MatchingWorkflow": { + "resource_type": "MatchingWorkflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "matchingworkflow": "MatchingWorkflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/entityresolution/latest/userguide/API_UpdateMatchingWorkflow.html" + } + }, + "privileges_lower_name": { + "creatematchingworkflow": "CreateMatchingWorkflow", + "createschemamapping": "CreateSchemaMapping", + "deletematchingworkflow": "DeleteMatchingWorkflow", + "deleteschemamapping": "DeleteSchemaMapping", + "getmatchid": "GetMatchId", + "getmatchingjob": "GetMatchingJob", + "getmatchingworkflow": "GetMatchingWorkflow", + "getschemamapping": "GetSchemaMapping", + "listmatchingjobs": "ListMatchingJobs", + "listmatchingworkflows": "ListMatchingWorkflows", + "listschemamappings": "ListSchemaMappings", + "listtagsforresource": "ListTagsForResource", + "startmatchingjob": "StartMatchingJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatematchingworkflow": "UpdateMatchingWorkflow" + }, + "resources": { + "MatchingWorkflow": { + "resource": "MatchingWorkflow", + "arn": "arn:${Partition}:entityresolution::${Account}:matchingworkflow/${WorkflowName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "SchemaMapping": { + "resource": "SchemaMapping", + "arn": "arn:${Partition}:entityresolution::${Account}:schemamapping/${SchemaName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "matchingworkflow": "MatchingWorkflow", + "schemamapping": "SchemaMapping" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a key that is present in the request the user makes to the entity resolution service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names present in the request the user makes to the entity resolution service", + "type": "ArrayOfString" + } + } + }, + "fis": { + "service_name": "AWS Fault Injection Simulator", + "prefix": "fis", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsfaultinjectionsimulator.html", + "privileges": { + "CreateExperimentTemplate": { + "privilege": "CreateExperimentTemplate", + "description": "Grants permission to create an AWS FIS experiment template", + "access_level": "Write", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment-template": { + "resource_type": "experiment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "experiment-template": "experiment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_CreateExperimentTemplate.html" + }, + "DeleteExperimentTemplate": { + "privilege": "DeleteExperimentTemplate", + "description": "Grants permission to delete the AWS FIS experiment template", + "access_level": "Write", + "resource_types": { + "experiment-template": { + "resource_type": "experiment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-template": "experiment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_DeleteExperimentTemplate.html" + }, + "GetAction": { + "privilege": "GetAction", + "description": "Grants permission to retrieve an AWS FIS action", + "access_level": "Read", + "resource_types": { + "action": { + "resource_type": "action", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetAction.html" + }, + "GetExperiment": { + "privilege": "GetExperiment", + "description": "Grants permission to retrieve an AWS FIS experiment", + "access_level": "Read", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetExperiment.html" + }, + "GetExperimentTemplate": { + "privilege": "GetExperimentTemplate", + "description": "Grants permission to retrieve an AWS FIS Experiment Template", + "access_level": "Read", + "resource_types": { + "experiment-template": { + "resource_type": "experiment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-template": "experiment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetExperimentTemplate.html" + }, + "GetTargetResourceType": { + "privilege": "GetTargetResourceType", + "description": "Grants permission to get information about the specified resource type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_GetTargetResourceType.html" + }, + "InjectApiInternalError": { + "privilege": "InjectApiInternalError", + "description": "Grants permission to inject an API internal error on the provided AWS service from an FIS Experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "fis:Service", + "fis:Operations", + "fis:Percentage", + "fis:Targets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#fis-actions-reference-fis" + }, + "InjectApiThrottleError": { + "privilege": "InjectApiThrottleError", + "description": "Grants permission to inject an API throttle error on the provided AWS service from an FIS Experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "fis:Service", + "fis:Operations", + "fis:Percentage", + "fis:Targets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#fis-actions-reference-fis" + }, + "InjectApiUnavailableError": { + "privilege": "InjectApiUnavailableError", + "description": "Grants permission to inject an API unavailable error on the provided AWS service from an FIS Experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "fis:Service", + "fis:Operations", + "fis:Percentage", + "fis:Targets" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#fis-actions-reference-fis" + }, + "ListActions": { + "privilege": "ListActions", + "description": "Grants permission to list all available AWS FIS actions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListActions.html" + }, + "ListExperimentTemplates": { + "privilege": "ListExperimentTemplates", + "description": "Grants permission to list all available AWS FIS experiment templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListExperimentTemplates.html" + }, + "ListExperiments": { + "privilege": "ListExperiments", + "description": "Grants permission to list all available AWS FIS experiments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListExperiments.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for an AWS FIS resource", + "access_level": "Read", + "resource_types": { + "action": { + "resource_type": "action", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment-template": { + "resource_type": "experiment-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "experiment": "experiment", + "experiment-template": "experiment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTargetResourceTypes": { + "privilege": "ListTargetResourceTypes", + "description": "Grants permission to list the resource types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_ListTargetResourceTypes.html" + }, + "StartExperiment": { + "privilege": "StartExperiment", + "description": "Grants permission to run an AWS FIS experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "experiment-template": { + "resource_type": "experiment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment", + "experiment-template": "experiment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_StartExperiment.html" + }, + "StopExperiment": { + "privilege": "StopExperiment", + "description": "Grants permission to stop an AWS FIS experiment", + "access_level": "Write", + "resource_types": { + "experiment": { + "resource_type": "experiment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment": "experiment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_StopExperiment.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag AWS FIS resources", + "access_level": "Tagging", + "resource_types": { + "action": { + "resource_type": "action", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment-template": { + "resource_type": "experiment-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "experiment": "experiment", + "experiment-template": "experiment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag AWS FIS resources", + "access_level": "Tagging", + "resource_types": { + "action": { + "resource_type": "action", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment": { + "resource_type": "experiment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "experiment-template": { + "resource_type": "experiment-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "action": "action", + "experiment": "experiment", + "experiment-template": "experiment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_UntagResource.html" + }, + "UpdateExperimentTemplate": { + "privilege": "UpdateExperimentTemplate", + "description": "Grants permission to update the specified AWS FIS experiment template", + "access_level": "Write", + "resource_types": { + "experiment-template": { + "resource_type": "experiment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "action": { + "resource_type": "action", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "experiment-template": "experiment-template", + "action": "action", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fis/latest/APIReference/API_UpdateExperimentTemplate.html" + } + }, + "privileges_lower_name": { + "createexperimenttemplate": "CreateExperimentTemplate", + "deleteexperimenttemplate": "DeleteExperimentTemplate", + "getaction": "GetAction", + "getexperiment": "GetExperiment", + "getexperimenttemplate": "GetExperimentTemplate", + "gettargetresourcetype": "GetTargetResourceType", + "injectapiinternalerror": "InjectApiInternalError", + "injectapithrottleerror": "InjectApiThrottleError", + "injectapiunavailableerror": "InjectApiUnavailableError", + "listactions": "ListActions", + "listexperimenttemplates": "ListExperimentTemplates", + "listexperiments": "ListExperiments", + "listtagsforresource": "ListTagsForResource", + "listtargetresourcetypes": "ListTargetResourceTypes", + "startexperiment": "StartExperiment", + "stopexperiment": "StopExperiment", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateexperimenttemplate": "UpdateExperimentTemplate" + }, + "resources": { + "action": { + "resource": "action", + "arn": "arn:${Partition}:fis:${Region}:${Account}:action/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "experiment": { + "resource": "experiment", + "arn": "arn:${Partition}:fis:${Region}:${Account}:experiment/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "experiment-template": { + "resource": "experiment-template", + "arn": "arn:${Partition}:fis:${Region}:${Account}:experiment-template/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "action": "action", + "experiment": "experiment", + "experiment-template": "experiment-template" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + }, + "fis:Operations": { + "condition": "fis:Operations", + "description": "Filters access by the list of operations on the AWS service that is being affected by the AWS FIS action", + "type": "ArrayOfString" + }, + "fis:Percentage": { + "condition": "fis:Percentage", + "description": "Filters access by the percentage of calls being affected by the AWS FIS action", + "type": "Numeric" + }, + "fis:Service": { + "condition": "fis:Service", + "description": "Filters access by the AWS service that is being affected by the AWS FIS action", + "type": "String" + }, + "fis:Targets": { + "condition": "fis:Targets", + "description": "Filters access by the list of resource ARNs being targeted by the AWS FIS action", + "type": "ArrayOfString" + } + } + }, + "fms": { + "service_name": "AWS Firewall Manager", + "prefix": "fms", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsfirewallmanager.html", + "privileges": { + "AssociateAdminAccount": { + "privilege": "AssociateAdminAccount", + "description": "Grants permission to set the AWS Firewall Manager administrator account and enables the service in all organization accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_AssociateAdminAccount.html" + }, + "AssociateThirdPartyFirewall": { + "privilege": "AssociateThirdPartyFirewall", + "description": "Grants permission to set the Firewall Manager administrator as a tenant administrator of a third-party firewall service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_AssociateThirdPartyFirewall.html" + }, + "BatchAssociateResource": { + "privilege": "BatchAssociateResource", + "description": "Grants permission to associate resources to an AWS Firewall Manager resource set", + "access_level": "Write", + "resource_types": { + "resource-set": { + "resource_type": "resource-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-set": "resource-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_BatchAssociateResource.html" + }, + "BatchDisassociateResource": { + "privilege": "BatchDisassociateResource", + "description": "Grants permission to disassociate resources from an AWS Firewall Manager resource set", + "access_level": "Write", + "resource_types": { + "resource-set": { + "resource_type": "resource-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-set": "resource-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_BatchDisassociateResource.html" + }, + "DeleteAppsList": { + "privilege": "DeleteAppsList", + "description": "Grants permission to permanently deletes an AWS Firewall Manager applications list", + "access_level": "Write", + "resource_types": { + "applications-list": { + "resource_type": "applications-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications-list": "applications-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteAppsList.html" + }, + "DeleteNotificationChannel": { + "privilege": "DeleteNotificationChannel", + "description": "Grants permission to delete an AWS Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to notify the FM administrator about major FM events and errors across the organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteNotificationChannel.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to permanently delete an AWS Firewall Manager policy", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html" + }, + "DeleteProtocolsList": { + "privilege": "DeleteProtocolsList", + "description": "Grants permission to permanently deletes an AWS Firewall Manager protocols list", + "access_level": "Write", + "resource_types": { + "protocols-list": { + "resource_type": "protocols-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protocols-list": "protocols-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteProtocolsList.html" + }, + "DeleteResourceSet": { + "privilege": "DeleteResourceSet", + "description": "Grants permission to permanently delete an AWS Firewall Manager resource set", + "access_level": "Write", + "resource_types": { + "resource-set": { + "resource_type": "resource-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-set": "resource-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeleteResourceSet.html" + }, + "DisassociateAdminAccount": { + "privilege": "DisassociateAdminAccount", + "description": "Grants permission to disassociate the account that has been set as the AWS Firewall Manager administrator account and and disables the service in all organization accounts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DisassociateAdminAccount.html" + }, + "DisassociateThirdPartyFirewall": { + "privilege": "DisassociateThirdPartyFirewall", + "description": "Grants permission to disassociate a Firewall Manager administrator from a third-party firewall tenant", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DisassociateThirdPartyFirewall.html" + }, + "GetAdminAccount": { + "privilege": "GetAdminAccount", + "description": "Grants permission to return the AWS Organizations account that is associated with AWS Firewall Manager as the AWS Firewall Manager administrator", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetAdminAccount.html" + }, + "GetAdminScope": { + "privilege": "GetAdminScope", + "description": "Grants permission to return information about the specified account's administrative scope", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetAdminScope.html" + }, + "GetAppsList": { + "privilege": "GetAppsList", + "description": "Grants permission to return information about the specified AWS Firewall Manager applications list", + "access_level": "Read", + "resource_types": { + "applications-list": { + "resource_type": "applications-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications-list": "applications-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetAppsList.html" + }, + "GetComplianceDetail": { + "privilege": "GetComplianceDetail", + "description": "Grants permission to retrieve detailed compliance information about the specified member account. Details include resources that are in and out of compliance with the specified policy", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetComplianceDetail.html" + }, + "GetNotificationChannel": { + "privilege": "GetNotificationChannel", + "description": "Grants permission to retrieve information about the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetNotificationChannel.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to retrieve information about the specified AWS Firewall Manager policy", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetPolicy.html" + }, + "GetProtectionStatus": { + "privilege": "GetProtectionStatus", + "description": "Grants permission to retrieve policy-level attack summary information in the event of a potential DDoS attack", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetProtectionStatus.html" + }, + "GetProtocolsList": { + "privilege": "GetProtocolsList", + "description": "Grants permission to return information about the specified AWS Firewall Manager protocols list", + "access_level": "Read", + "resource_types": { + "protocols-list": { + "resource_type": "protocols-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protocols-list": "protocols-list" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetProtocolsList.html" + }, + "GetResourceSet": { + "privilege": "GetResourceSet", + "description": "Grants permission to retrieve information about the specified AWS Firewall Manager resource set", + "access_level": "Read", + "resource_types": { + "resource-set": { + "resource_type": "resource-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-set": "resource-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetResourceSet.html" + }, + "GetThirdPartyFirewallAssociationStatus": { + "privilege": "GetThirdPartyFirewallAssociationStatus", + "description": "Grants permission to retrieve the onboarding status of a Firewall Manager administrator account to third-party firewall vendor tenant", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetThirdPartyFirewallAssociationStatus.html" + }, + "GetViolationDetails": { + "privilege": "GetViolationDetails", + "description": "Grants permission to retrieve violations for a resource based on the specified AWS Firewall Manager policy and AWS account", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_GetViolationDetails.html" + }, + "ListAdminAccountsForOrganization": { + "privilege": "ListAdminAccountsForOrganization", + "description": "Grants permission to return a AdminAccounts object that lists the Firewall Manager administrators within the organization that are onboarded to Firewall Manager by AssociateAdminAccount", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListAdminAccountsForOrganization.html" + }, + "ListAdminsManagingAccount": { + "privilege": "ListAdminsManagingAccount", + "description": "Grants permission to list the accounts that are managing the specified AWS Organizations member account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListAdminsManagingAccount.html" + }, + "ListAppsLists": { + "privilege": "ListAppsLists", + "description": "Grants permission to return an array of AppsListDataSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListAppsLists.html" + }, + "ListComplianceStatus": { + "privilege": "ListComplianceStatus", + "description": "Grants permission to retrieve an array of PolicyComplianceStatus objects in the response. Use PolicyComplianceStatus to get a summary of which member accounts are protected by the specified policy", + "access_level": "List", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListComplianceStatus.html" + }, + "ListDiscoveredResources": { + "privilege": "ListDiscoveredResources", + "description": "Grants permission to retrieve an array of resources in the organization's accounts that are available to be associated with a resource set", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListDiscoveredResources.html" + }, + "ListMemberAccounts": { + "privilege": "ListMemberAccounts", + "description": "Grants permission to retrieve an array of member account ids if the caller is FMS admin account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListMemberAccounts.html" + }, + "ListPolicies": { + "privilege": "ListPolicies", + "description": "Grants permission to retrieve an array of PolicySummary objects in the response", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListPolicies.html" + }, + "ListProtocolsLists": { + "privilege": "ListProtocolsLists", + "description": "Grants permission to return an array of ProtocolsListDataSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListProtocolsLists.html" + }, + "ListResourceSetResources": { + "privilege": "ListResourceSetResources", + "description": "Grants permission to retrieve an array of resources that are currently associated to a resource set", + "access_level": "List", + "resource_types": { + "resource-set": { + "resource_type": "resource-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-set": "resource-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListResourceSetResources.html" + }, + "ListResourceSets": { + "privilege": "ListResourceSets", + "description": "Grants permission to retrieve an array of ResourceSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListResourceSets.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list Tags for a given resource", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListTagsForResource.html" + }, + "ListThirdPartyFirewallFirewallPolicies": { + "privilege": "ListThirdPartyFirewallFirewallPolicies", + "description": "Grants permission to retrieve a list of all of the third-party firewall policies that are associated with the third-party firewall administrator's account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_ListThirdPartyFirewallFirewallPolicies.html" + }, + "PutAdminAccount": { + "privilege": "PutAdminAccount", + "description": "Grants permission to create or update an Firewall Manager administrator account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutAdminAccount.html" + }, + "PutAppsList": { + "privilege": "PutAppsList", + "description": "Grants permission to create an AWS Firewall Manager applications list", + "access_level": "Write", + "resource_types": { + "applications-list": { + "resource_type": "applications-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications-list": "applications-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutAppsList.html" + }, + "PutNotificationChannel": { + "privilege": "PutNotificationChannel", + "description": "Grants permission to designate the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager (FM) could use to notify the FM administrator about major FM events and errors across the organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutNotificationChannel.html" + }, + "PutPolicy": { + "privilege": "PutPolicy", + "description": "Grants permission to create an AWS Firewall Manager policy", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutPolicy.html" + }, + "PutProtocolsList": { + "privilege": "PutProtocolsList", + "description": "Grants permission to creates an AWS Firewall Manager protocols list", + "access_level": "Write", + "resource_types": { + "protocols-list": { + "resource_type": "protocols-list", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protocols-list": "protocols-list", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutProtocolsList.html" + }, + "PutResourceSet": { + "privilege": "PutResourceSet", + "description": "Grants permission to create an AWS Firewall Manager resource set", + "access_level": "Write", + "resource_types": { + "resource-set": { + "resource_type": "resource-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-set": "resource-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_PutResourceSet.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a Tag to a given resource", + "access_level": "Tagging", + "resource_types": { + "applications-list": { + "resource_type": "applications-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "protocols-list": { + "resource_type": "protocols-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resource-set": { + "resource_type": "resource-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications-list": "applications-list", + "policy": "policy", + "protocols-list": "protocols-list", + "resource-set": "resource-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a Tag from a given resource", + "access_level": "Tagging", + "resource_types": { + "applications-list": { + "resource_type": "applications-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "protocols-list": { + "resource_type": "protocols-list", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resource-set": { + "resource_type": "resource-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications-list": "applications-list", + "policy": "policy", + "protocols-list": "protocols-list", + "resource-set": "resource-set", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "associateadminaccount": "AssociateAdminAccount", + "associatethirdpartyfirewall": "AssociateThirdPartyFirewall", + "batchassociateresource": "BatchAssociateResource", + "batchdisassociateresource": "BatchDisassociateResource", + "deleteappslist": "DeleteAppsList", + "deletenotificationchannel": "DeleteNotificationChannel", + "deletepolicy": "DeletePolicy", + "deleteprotocolslist": "DeleteProtocolsList", + "deleteresourceset": "DeleteResourceSet", + "disassociateadminaccount": "DisassociateAdminAccount", + "disassociatethirdpartyfirewall": "DisassociateThirdPartyFirewall", + "getadminaccount": "GetAdminAccount", + "getadminscope": "GetAdminScope", + "getappslist": "GetAppsList", + "getcompliancedetail": "GetComplianceDetail", + "getnotificationchannel": "GetNotificationChannel", + "getpolicy": "GetPolicy", + "getprotectionstatus": "GetProtectionStatus", + "getprotocolslist": "GetProtocolsList", + "getresourceset": "GetResourceSet", + "getthirdpartyfirewallassociationstatus": "GetThirdPartyFirewallAssociationStatus", + "getviolationdetails": "GetViolationDetails", + "listadminaccountsfororganization": "ListAdminAccountsForOrganization", + "listadminsmanagingaccount": "ListAdminsManagingAccount", + "listappslists": "ListAppsLists", + "listcompliancestatus": "ListComplianceStatus", + "listdiscoveredresources": "ListDiscoveredResources", + "listmemberaccounts": "ListMemberAccounts", + "listpolicies": "ListPolicies", + "listprotocolslists": "ListProtocolsLists", + "listresourcesetresources": "ListResourceSetResources", + "listresourcesets": "ListResourceSets", + "listtagsforresource": "ListTagsForResource", + "listthirdpartyfirewallfirewallpolicies": "ListThirdPartyFirewallFirewallPolicies", + "putadminaccount": "PutAdminAccount", + "putappslist": "PutAppsList", + "putnotificationchannel": "PutNotificationChannel", + "putpolicy": "PutPolicy", + "putprotocolslist": "PutProtocolsList", + "putresourceset": "PutResourceSet", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "policy": { + "resource": "policy", + "arn": "arn:${Partition}:fms:${Region}:${Account}:policy/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "applications-list": { + "resource": "applications-list", + "arn": "arn:${Partition}:fms:${Region}:${Account}:applications-list/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "protocols-list": { + "resource": "protocols-list", + "arn": "arn:${Partition}:fms:${Region}:${Account}:protocols-list/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resource-set": { + "resource": "resource-set", + "arn": "arn:${Partition}:fms:${Region}:${Account}:resource-set/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "policy": "policy", + "applications-list": "applications-list", + "protocols-list": "protocols-list", + "resource-set": "resource-set" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "freetier": { + "service_name": "AWS Free Tier", + "prefix": "freetier", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsfreetier.html", + "privileges": { + "GetFreeTierAlertPreference": { + "privilege": "GetFreeTierAlertPreference", + "description": "Allow or deny IAM users permission to get free tier alert preference (email address)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/tracking-free-tier-usage.html" + }, + "GetFreeTierUsage": { + "privilege": "GetFreeTierUsage", + "description": "Allow or deny IAM users permission to get free tier usage limits and MTD usage status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/tracking-free-tier-usage.html" + }, + "PutFreeTierAlertPreference": { + "privilege": "PutFreeTierAlertPreference", + "description": "Allow or deny IAM users permission to set free tier alert preference (email address)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/tracking-free-tier-usage.html" + } + }, + "privileges_lower_name": { + "getfreetieralertpreference": "GetFreeTierAlertPreference", + "getfreetierusage": "GetFreeTierUsage", + "putfreetieralertpreference": "PutFreeTierAlertPreference" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "globalaccelerator": { + "service_name": "AWS Global Accelerator", + "prefix": "globalaccelerator", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsglobalaccelerator.html", + "privileges": { + "AddCustomRoutingEndpoints": { + "privilege": "AddCustomRoutingEndpoints", + "description": "Grants permission to add a virtual private cloud (VPC) subnet endpoint to a custom routing accelerator endpoint group", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AddCustomRoutingEndpoints.html" + }, + "AddEndpoints": { + "privilege": "AddEndpoints", + "description": "Grants permission to add an endpoint to a standard accelerator endpoint group", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AddEndpoints.html" + }, + "AdvertiseByoipCidr": { + "privilege": "AdvertiseByoipCidr", + "description": "Grants permission to advertises an IPv4 address range that is provisioned for use with your accelerator through bring your own IP addresses (BYOIP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AdvertiseByoipCidr.html" + }, + "AllowCustomRoutingTraffic": { + "privilege": "AllowCustomRoutingTraffic", + "description": "Grants permission to allows custom routing of user traffic to a private destination IP:PORT in a specific VPC subnet", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_AllowCustomRoutingTraffic.html" + }, + "CreateAccelerator": { + "privilege": "CreateAccelerator", + "description": "Grants permission to create a standard accelerator", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateAccelerator.html" + }, + "CreateCustomRoutingAccelerator": { + "privilege": "CreateCustomRoutingAccelerator", + "description": "Grants permission to create a Custom Routing accelerator", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateCustomRoutingAccelerator.html" + }, + "CreateCustomRoutingEndpointGroup": { + "privilege": "CreateCustomRoutingEndpointGroup", + "description": "Grants permission to create an endpoint group for the specified listener for a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateCustomRoutingEndpointGroup.html" + }, + "CreateCustomRoutingListener": { + "privilege": "CreateCustomRoutingListener", + "description": "Grants permission to create a listener to process inbound connections from clients to a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateCustomRoutingListener.html" + }, + "CreateEndpointGroup": { + "privilege": "CreateEndpointGroup", + "description": "Grants permission to add an endpoint group to a standard accelerator listener", + "access_level": "Write", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateEndpointGroup.html" + }, + "CreateListener": { + "privilege": "CreateListener", + "description": "Grants permission to add a listener to a standard accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_CreateListener.html" + }, + "DeleteAccelerator": { + "privilege": "DeleteAccelerator", + "description": "Grants permission to delete a standard accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteAccelerator.html" + }, + "DeleteCustomRoutingAccelerator": { + "privilege": "DeleteCustomRoutingAccelerator", + "description": "Grants permission to delete a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteCustomRoutingAccelerator.html" + }, + "DeleteCustomRoutingEndpointGroup": { + "privilege": "DeleteCustomRoutingEndpointGroup", + "description": "Grants permission to delete an endpoint group from a listener for a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteCustomRoutingEndpointGroup.html" + }, + "DeleteCustomRoutingListener": { + "privilege": "DeleteCustomRoutingListener", + "description": "Grants permission to delete a listener for a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteCustomRoutingListener.html" + }, + "DeleteEndpointGroup": { + "privilege": "DeleteEndpointGroup", + "description": "Grants permission to delete an endpoint group associated with a standard accelerator listener", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteEndpointGroup.html" + }, + "DeleteListener": { + "privilege": "DeleteListener", + "description": "Grants permission to delete a listener from a standard accelerator", + "access_level": "Write", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeleteListener.html" + }, + "DenyCustomRoutingTraffic": { + "privilege": "DenyCustomRoutingTraffic", + "description": "Grants permission to disallows custom routing of user traffic to a private destination IP:PORT in a specific VPC subnet", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DenyCustomRoutingTraffic.html" + }, + "DeprovisionByoipCidr": { + "privilege": "DeprovisionByoipCidr", + "description": "Grants permission to releases the specified address range that you provisioned for use with your accelerator through bring your own IP addresses (BYOIP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DeprovisionByoipCidr.html" + }, + "DescribeAccelerator": { + "privilege": "DescribeAccelerator", + "description": "Grants permissions to describe a standard accelerator", + "access_level": "Read", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html" + }, + "DescribeAcceleratorAttributes": { + "privilege": "DescribeAcceleratorAttributes", + "description": "Grants permission to describe a standard accelerator attributes", + "access_level": "Read", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAcceleratorAttributes.html" + }, + "DescribeCustomRoutingAccelerator": { + "privilege": "DescribeCustomRoutingAccelerator", + "description": "Grants permission to describe a custom routing accelerator", + "access_level": "Read", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingAccelerator.html" + }, + "DescribeCustomRoutingAcceleratorAttributes": { + "privilege": "DescribeCustomRoutingAcceleratorAttributes", + "description": "Grants permission to describe the attributes of a custom routing accelerator", + "access_level": "Read", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingAcceleratorAttributes.html" + }, + "DescribeCustomRoutingEndpointGroup": { + "privilege": "DescribeCustomRoutingEndpointGroup", + "description": "Grants permission to describe an endpoint group for a custom routing accelerator", + "access_level": "Read", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingEndpointGroup.html" + }, + "DescribeCustomRoutingListener": { + "privilege": "DescribeCustomRoutingListener", + "description": "Grants permission to describe a listener for a custom routing accelerator", + "access_level": "Read", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeCustomRoutingListener.html" + }, + "DescribeEndpointGroup": { + "privilege": "DescribeEndpointGroup", + "description": "Grants permission to describe a standard accelerator endpoint group", + "access_level": "Read", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeEndpointGroup.html" + }, + "DescribeListener": { + "privilege": "DescribeListener", + "description": "Grants permission to describe a standard accelerator listener", + "access_level": "Read", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeListener.html" + }, + "ListAccelerators": { + "privilege": "ListAccelerators", + "description": "Grants permission to list all standard accelerators", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListAccelerators.html" + }, + "ListByoipCidrs": { + "privilege": "ListByoipCidrs", + "description": "Grants permission to list the BYOIP cidrs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListByoipCidrs.html" + }, + "ListCustomRoutingAccelerators": { + "privilege": "ListCustomRoutingAccelerators", + "description": "Grants permission to list the custom routing accelerators for an AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingAccelerators.html" + }, + "ListCustomRoutingEndpointGroups": { + "privilege": "ListCustomRoutingEndpointGroups", + "description": "Grants permission to list the endpoint groups that are associated with a listener for a custom routing accelerator", + "access_level": "List", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingEndpointGroups.html" + }, + "ListCustomRoutingListeners": { + "privilege": "ListCustomRoutingListeners", + "description": "Grants permission to list the listeners for a custom routing accelerator", + "access_level": "List", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingListeners.html" + }, + "ListCustomRoutingPortMappings": { + "privilege": "ListCustomRoutingPortMappings", + "description": "Grants permission to list the port mappings for a custom routing accelerator", + "access_level": "List", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingPortMappings.html" + }, + "ListCustomRoutingPortMappingsByDestination": { + "privilege": "ListCustomRoutingPortMappingsByDestination", + "description": "Grants permission to list the port mappings for a specific endpoint IP address (a destination address) in a subnet", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListCustomRoutingPortMappingsByDestination.html" + }, + "ListEndpointGroups": { + "privilege": "ListEndpointGroups", + "description": "Grants permission to list all endpoint groups associated with a standard accelerator listener", + "access_level": "List", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListEndpointGroups.html" + }, + "ListListeners": { + "privilege": "ListListeners", + "description": "Grants permission to list all listeners associated with a standard accelerator", + "access_level": "List", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListListeners.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a globalaccelerator resource", + "access_level": "Read", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ListTagsForResource.html" + }, + "ProvisionByoipCidr": { + "privilege": "ProvisionByoipCidr", + "description": "Grants permission to provisions an address range for use with your accelerator through bring your own IP addresses (BYOIP)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_ProvisionByoipCidr.html" + }, + "RemoveCustomRoutingEndpoints": { + "privilege": "RemoveCustomRoutingEndpoints", + "description": "Grants permission to remove virtual private cloud (VPC) subnet endpoints from a custom routing accelerator endpoint group", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_RemoveCustomRoutingEndpoints.html" + }, + "RemoveEndpoints": { + "privilege": "RemoveEndpoints", + "description": "Grants permission to remove an endpoint from a standard accelerator endpoint group", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_RemoveEndpoints.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a globalaccelerator resource", + "access_level": "Tagging", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a globalaccelerator resource", + "access_level": "Tagging", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UntagResource.html" + }, + "UpdateAccelerator": { + "privilege": "UpdateAccelerator", + "description": "Grants permission to update a standard accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateAccelerator.html" + }, + "UpdateAcceleratorAttributes": { + "privilege": "UpdateAcceleratorAttributes", + "description": "Grants permission to update a standard accelerator attributes", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateAcceleratorAttributes.html" + }, + "UpdateCustomRoutingAccelerator": { + "privilege": "UpdateCustomRoutingAccelerator", + "description": "Grants permission to update a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateCustomRoutingAccelerator.html" + }, + "UpdateCustomRoutingAcceleratorAttributes": { + "privilege": "UpdateCustomRoutingAcceleratorAttributes", + "description": "Grants permission to update the attributes for a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "accelerator": { + "resource_type": "accelerator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "accelerator": "accelerator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateCustomRoutingAcceleratorAttributes.html" + }, + "UpdateCustomRoutingListener": { + "privilege": "UpdateCustomRoutingListener", + "description": "Grants permission to update a listener for a custom routing accelerator", + "access_level": "Write", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateCustomRoutingListener.html" + }, + "UpdateEndpointGroup": { + "privilege": "UpdateEndpointGroup", + "description": "Grants permission to update an endpoint group on a standard accelerator listener", + "access_level": "Write", + "resource_types": { + "endpointgroup": { + "resource_type": "endpointgroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "endpointgroup": "endpointgroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateEndpointGroup.html" + }, + "UpdateListener": { + "privilege": "UpdateListener", + "description": "Grants permission to update a listener on a standard accelerator", + "access_level": "Write", + "resource_types": { + "listener": { + "resource_type": "listener", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listener": "listener" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_UpdateListener.html" + }, + "WithdrawByoipCidr": { + "privilege": "WithdrawByoipCidr", + "description": "Grants permission to stops advertising a BYOIP IPv4 address", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/global-accelerator/latest/api/API_WithdrawByoipCidr.html" + } + }, + "privileges_lower_name": { + "addcustomroutingendpoints": "AddCustomRoutingEndpoints", + "addendpoints": "AddEndpoints", + "advertisebyoipcidr": "AdvertiseByoipCidr", + "allowcustomroutingtraffic": "AllowCustomRoutingTraffic", + "createaccelerator": "CreateAccelerator", + "createcustomroutingaccelerator": "CreateCustomRoutingAccelerator", + "createcustomroutingendpointgroup": "CreateCustomRoutingEndpointGroup", + "createcustomroutinglistener": "CreateCustomRoutingListener", + "createendpointgroup": "CreateEndpointGroup", + "createlistener": "CreateListener", + "deleteaccelerator": "DeleteAccelerator", + "deletecustomroutingaccelerator": "DeleteCustomRoutingAccelerator", + "deletecustomroutingendpointgroup": "DeleteCustomRoutingEndpointGroup", + "deletecustomroutinglistener": "DeleteCustomRoutingListener", + "deleteendpointgroup": "DeleteEndpointGroup", + "deletelistener": "DeleteListener", + "denycustomroutingtraffic": "DenyCustomRoutingTraffic", + "deprovisionbyoipcidr": "DeprovisionByoipCidr", + "describeaccelerator": "DescribeAccelerator", + "describeacceleratorattributes": "DescribeAcceleratorAttributes", + "describecustomroutingaccelerator": "DescribeCustomRoutingAccelerator", + "describecustomroutingacceleratorattributes": "DescribeCustomRoutingAcceleratorAttributes", + "describecustomroutingendpointgroup": "DescribeCustomRoutingEndpointGroup", + "describecustomroutinglistener": "DescribeCustomRoutingListener", + "describeendpointgroup": "DescribeEndpointGroup", + "describelistener": "DescribeListener", + "listaccelerators": "ListAccelerators", + "listbyoipcidrs": "ListByoipCidrs", + "listcustomroutingaccelerators": "ListCustomRoutingAccelerators", + "listcustomroutingendpointgroups": "ListCustomRoutingEndpointGroups", + "listcustomroutinglisteners": "ListCustomRoutingListeners", + "listcustomroutingportmappings": "ListCustomRoutingPortMappings", + "listcustomroutingportmappingsbydestination": "ListCustomRoutingPortMappingsByDestination", + "listendpointgroups": "ListEndpointGroups", + "listlisteners": "ListListeners", + "listtagsforresource": "ListTagsForResource", + "provisionbyoipcidr": "ProvisionByoipCidr", + "removecustomroutingendpoints": "RemoveCustomRoutingEndpoints", + "removeendpoints": "RemoveEndpoints", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccelerator": "UpdateAccelerator", + "updateacceleratorattributes": "UpdateAcceleratorAttributes", + "updatecustomroutingaccelerator": "UpdateCustomRoutingAccelerator", + "updatecustomroutingacceleratorattributes": "UpdateCustomRoutingAcceleratorAttributes", + "updatecustomroutinglistener": "UpdateCustomRoutingListener", + "updateendpointgroup": "UpdateEndpointGroup", + "updatelistener": "UpdateListener", + "withdrawbyoipcidr": "WithdrawByoipCidr" + }, + "resources": { + "accelerator": { + "resource": "accelerator", + "arn": "arn:${Partition}:globalaccelerator::${Account}:accelerator/${AcceleratorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "listener": { + "resource": "listener", + "arn": "arn:${Partition}:globalaccelerator::${Account}:accelerator/${AcceleratorId}/listener/${ListenerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "endpointgroup": { + "resource": "endpointgroup", + "arn": "arn:${Partition}:globalaccelerator::${Account}:accelerator/${AcceleratorId}/listener/${ListenerId}/endpoint-group/${EndpointGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "accelerator": "accelerator", + "listener": "listener", + "endpointgroup": "endpointgroup" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "glue": { + "service_name": "AWS Glue", + "prefix": "glue", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsglue.html", + "privileges": { + "BatchCreatePartition": { + "privilege": "BatchCreatePartition", + "description": "Grants permission to create one or more partitions", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchCreatePartition" + }, + "BatchDeleteConnection": { + "privilege": "BatchDeleteConnection", + "description": "Grants permission to delete one or more connections", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-BatchDeleteConnection" + }, + "BatchDeletePartition": { + "privilege": "BatchDeletePartition", + "description": "Grants permission to delete one or more partitions", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchDeletePartition" + }, + "BatchDeleteTable": { + "privilege": "BatchDeleteTable", + "description": "Grants permission to delete one or more tables", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-BatchDeleteTable" + }, + "BatchDeleteTableVersion": { + "privilege": "BatchDeleteTableVersion", + "description": "Grants permission to delete one or more versions of a table", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteTableVersion" + }, + "BatchGetBlueprints": { + "privilege": "BatchGetBlueprints", + "description": "Grants permission to retrieve one or more blueprints", + "access_level": "Read", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-BatchGetBlueprints" + }, + "BatchGetCrawlers": { + "privilege": "BatchGetCrawlers", + "description": "Grants permission to retrieve one or more crawlers", + "access_level": "Read", + "resource_types": { + "crawler": { + "resource_type": "crawler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crawler": "crawler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-BatchGetCrawlers" + }, + "BatchGetCustomEntityTypes": { + "privilege": "BatchGetCustomEntityTypes", + "description": "Grants permission to retrieve one or more Custom Entity Types", + "access_level": "Read", + "resource_types": { + "customEntityType": { + "resource_type": "customEntityType", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customentitytype": "customEntityType" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-BatchGetCustomEntityTypes" + }, + "BatchGetDevEndpoints": { + "privilege": "BatchGetDevEndpoints", + "description": "Grants permission to retrieve one or more development endpoints", + "access_level": "Read", + "resource_types": { + "devendpoint": { + "resource_type": "devendpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devendpoint": "devendpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-BatchGetDevEndpoints" + }, + "BatchGetJobs": { + "privilege": "BatchGetJobs", + "description": "Grants permission to retrieve one or more jobs", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-BatchGetJobs" + }, + "BatchGetPartition": { + "privilege": "BatchGetPartition", + "description": "Grants permission to retrieve one or more partitions", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchGetPartition" + }, + "BatchGetTriggers": { + "privilege": "BatchGetTriggers", + "description": "Grants permission to retrieve one or more triggers", + "access_level": "Read", + "resource_types": { + "trigger": { + "resource_type": "trigger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trigger": "trigger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-BatchGetTriggers" + }, + "BatchGetWorkflows": { + "privilege": "BatchGetWorkflows", + "description": "Grants permission to retrieve one or more workflows", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-BatchGetWorkflows" + }, + "BatchStopJobRun": { + "privilege": "BatchStopJobRun", + "description": "Grants permission to stop one or more job runs for a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-BatchStopStartJobRun" + }, + "BatchUpdatePartition": { + "privilege": "BatchUpdatePartition", + "description": "Grants permission to update one or more partitions", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-BatchUpdatePartition" + }, + "CancelDataQualityRuleRecommendationRun": { + "privilege": "CancelDataQualityRuleRecommendationRun", + "description": "Grants permission to stop a running Data Quality rule recommendation run", + "access_level": "Write", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-CancelDataQualityRuleRecommendationRun" + }, + "CancelDataQualityRulesetEvaluationRun": { + "privilege": "CancelDataQualityRulesetEvaluationRun", + "description": "Grants permission to stop a running Data Quality ruleset evaluation run", + "access_level": "Write", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-CancelDataQualityRulesetEvaluationRun" + }, + "CancelMLTaskRun": { + "privilege": "CancelMLTaskRun", + "description": "Grants permission to stop a running ML Task Run", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-CancelMLTaskRun" + }, + "CancelStatement": { + "privilege": "CancelStatement", + "description": "Grants permission to cancel a statement in an interactive session", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-CancelStatement" + }, + "CheckSchemaVersionValidity": { + "privilege": "CheckSchemaVersionValidity", + "description": "Grants permission to retrieve a check the validity of schema version", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-CheckSchemaVersionValidity" + }, + "CreateBlueprint": { + "privilege": "CreateBlueprint", + "description": "Grants permission to create a blueprint", + "access_level": "Write", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-CreateBlueprint" + }, + "CreateClassifier": { + "privilege": "CreateClassifier", + "description": "Grants permission to create a classifier", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-CreateClassifier" + }, + "CreateConnection": { + "privilege": "CreateConnection", + "description": "Grants permission to create a connection", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-CreateConnection" + }, + "CreateCrawler": { + "privilege": "CreateCrawler", + "description": "Grants permission to create a crawler", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-CreateCrawler" + }, + "CreateCustomEntityType": { + "privilege": "CreateCustomEntityType", + "description": "Grants permission to create a Custom Entity Type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-CreateCustomEntityType" + }, + "CreateDataQualityRuleset": { + "privilege": "CreateDataQualityRuleset", + "description": "Grants permission to create a Data Quality ruleset", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-CreateDataQualityRuleset" + }, + "CreateDatabase": { + "privilege": "CreateDatabase", + "description": "Grants permission to create a database", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-CreateDatabase" + }, + "CreateDevEndpoint": { + "privilege": "CreateDevEndpoint", + "description": "Grants permission to create a development endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-CreateDevEndpoint" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Grants permission to create a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "glue:VpcIds", + "glue:SubnetIds", + "glue:SecurityGroupIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-CreateJob" + }, + "CreateMLTransform": { + "privilege": "CreateMLTransform", + "description": "Grants permission to create an ML Transform", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-CreateMLTransform" + }, + "CreatePartition": { + "privilege": "CreatePartition", + "description": "Grants permission to create a partition", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-CreatePartition" + }, + "CreatePartitionIndex": { + "privilege": "CreatePartitionIndex", + "description": "Grants permission to create a specified partition index in an existing table", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-CreatePartitionIndex" + }, + "CreateRegistry": { + "privilege": "CreateRegistry", + "description": "Grants permission to create a new schema registry", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-CreateRegistry" + }, + "CreateSchema": { + "privilege": "CreateSchema", + "description": "Grants permission to create a new schema container", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-CreateSchema" + }, + "CreateScript": { + "privilege": "CreateScript", + "description": "Grants permission to create a script", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-CreateScript" + }, + "CreateSecurityConfiguration": { + "privilege": "CreateSecurityConfiguration", + "description": "Grants permission to create a security configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-CreateSecurityConfiguration" + }, + "CreateSession": { + "privilege": "CreateSession", + "description": "Grants permission to create an interactive session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-api-interactive-sessions-CreateSession" + }, + "CreateTable": { + "privilege": "CreateTable", + "description": "Grants permission to create a table", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-CreateTable" + }, + "CreateTrigger": { + "privilege": "CreateTrigger", + "description": "Grants permission to create a trigger", + "access_level": "Write", + "resource_types": { + "trigger": { + "resource_type": "trigger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trigger": "trigger", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-CreateTrigger" + }, + "CreateUserDefinedFunction": { + "privilege": "CreateUserDefinedFunction", + "description": "Grants permission to create a function definition", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-CreateUserDefinedFunction" + }, + "CreateWorkflow": { + "privilege": "CreateWorkflow", + "description": "Grants permission to create a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-CreateWorkflow" + }, + "DeleteBlueprint": { + "privilege": "DeleteBlueprint", + "description": "Grants permission to delete a blueprint", + "access_level": "Write", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-DeleteBlueprint" + }, + "DeleteClassifier": { + "privilege": "DeleteClassifier", + "description": "Grants permission to delete a classifier", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-DeleteClassifier" + }, + "DeleteColumnStatisticsForPartition": { + "privilege": "DeleteColumnStatisticsForPartition", + "description": "Grants permission to delete the partition column statistics of a column", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-DeleteColumnStatisticsForPartition" + }, + "DeleteColumnStatisticsForTable": { + "privilege": "DeleteColumnStatisticsForTable", + "description": "Grants permission to delete the table statistics of columns", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteColumnStatisticsForTable" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete a connection", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-DeleteConnection" + }, + "DeleteCrawler": { + "privilege": "DeleteCrawler", + "description": "Grants permission to delete a crawler", + "access_level": "Write", + "resource_types": { + "crawler": { + "resource_type": "crawler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crawler": "crawler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-DeleteCrawler" + }, + "DeleteCustomEntityType": { + "privilege": "DeleteCustomEntityType", + "description": "Grants permission to delete a Custom Entity Type", + "access_level": "Write", + "resource_types": { + "customEntityType": { + "resource_type": "customEntityType", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customentitytype": "customEntityType" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-DeleteCustomEntityType" + }, + "DeleteDataQualityRuleset": { + "privilege": "DeleteDataQualityRuleset", + "description": "Grants permission to delete a Data Quality ruleset", + "access_level": "Write", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-DeleteDataQualityRuleset" + }, + "DeleteDatabase": { + "privilege": "DeleteDatabase", + "description": "Grants permission to delete a database", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "userdefinedfunction": { + "resource_type": "userdefinedfunction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table", + "userdefinedfunction": "userdefinedfunction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-DeleteDatabase" + }, + "DeleteDevEndpoint": { + "privilege": "DeleteDevEndpoint", + "description": "Grants permission to delete a development endpoint", + "access_level": "Write", + "resource_types": { + "devendpoint": { + "resource_type": "devendpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devendpoint": "devendpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-DeleteDevEndpoint" + }, + "DeleteJob": { + "privilege": "DeleteJob", + "description": "Grants permission to delete a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-DeleteJob" + }, + "DeleteMLTransform": { + "privilege": "DeleteMLTransform", + "description": "Grants permission to delete an ML Transform", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-DeleteMLTransform" + }, + "DeletePartition": { + "privilege": "DeletePartition", + "description": "Grants permission to delete a partition", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-DeletePartition" + }, + "DeletePartitionIndex": { + "privilege": "DeletePartitionIndex", + "description": "Grants permission to delete a specified partition index from an existing table", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeletePartitionIndex" + }, + "DeleteRegistry": { + "privilege": "DeleteRegistry", + "description": "Grants permission to delete a schema registry", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-DeleteRegistry" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy", + "access_level": "Permissions management", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-DeleteResourcePolicy" + }, + "DeleteSchema": { + "privilege": "DeleteSchema", + "description": "Grants permission to delete a schema container", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-DeleteSchema" + }, + "DeleteSchemaVersions": { + "privilege": "DeleteSchemaVersions", + "description": "Grants permission to delete a range of schema versions", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-DeleteSchemaVersions" + }, + "DeleteSecurityConfiguration": { + "privilege": "DeleteSecurityConfiguration", + "description": "Grants permission to delete a security configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-DeleteSecurityConfiguration" + }, + "DeleteSession": { + "privilege": "DeleteSession", + "description": "Grants permission to delete an interactive session after stopping the session if not already stopped", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-DeleteSession" + }, + "DeleteTable": { + "privilege": "DeleteTable", + "description": "Grants permission to delete a table", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteTable" + }, + "DeleteTableVersion": { + "privilege": "DeleteTableVersion", + "description": "Grants permission to delete a version of a table", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-DeleteTableVersion" + }, + "DeleteTrigger": { + "privilege": "DeleteTrigger", + "description": "Grants permission to delete a trigger", + "access_level": "Write", + "resource_types": { + "trigger": { + "resource_type": "trigger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trigger": "trigger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-DeleteTrigger" + }, + "DeleteUserDefinedFunction": { + "privilege": "DeleteUserDefinedFunction", + "description": "Grants permission to delete a function definition", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "userdefinedfunction": { + "resource_type": "userdefinedfunction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "userdefinedfunction": "userdefinedfunction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-DeleteUserDefinedFunction" + }, + "DeleteWorkflow": { + "privilege": "DeleteWorkflow", + "description": "Grants permission to delete a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-DeleteWorkflow" + }, + "DeregisterDataPreview": { + "privilege": "DeregisterDataPreview", + "description": "Grants permission to terminate Glue Studio Notebook session", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "GetBlueprint": { + "privilege": "GetBlueprint", + "description": "Grants permission to retrieve a blueprint", + "access_level": "Read", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetBlueprint" + }, + "GetBlueprintRun": { + "privilege": "GetBlueprintRun", + "description": "Grants permission to retrieve a blueprint run", + "access_level": "Read", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetBlueprintRun" + }, + "GetBlueprintRuns": { + "privilege": "GetBlueprintRuns", + "description": "Grants permission to retrieve all runs of a blueprint", + "access_level": "Read", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetBlueprintRuns" + }, + "GetCatalogImportStatus": { + "privilege": "GetCatalogImportStatus", + "description": "Grants permission to retrieve the catalog import status", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-migration.html#aws-glue-api-catalog-migration-GetCatalogImportStatus" + }, + "GetClassifier": { + "privilege": "GetClassifier", + "description": "Grants permission to retrieve a classifier", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-GetClassifier" + }, + "GetClassifiers": { + "privilege": "GetClassifiers", + "description": "Grants permission to list all classifiers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-GetClassifiers" + }, + "GetColumnStatisticsForPartition": { + "privilege": "GetColumnStatisticsForPartition", + "description": "Grants permission to retrieve partition statistics of columns", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-GetColumnStatisticsForPartition" + }, + "GetColumnStatisticsForTable": { + "privilege": "GetColumnStatisticsForTable", + "description": "Grants permission to retrieve table statistics of columns", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetColumnStatisticsForTable" + }, + "GetConnection": { + "privilege": "GetConnection", + "description": "Grants permission to retrieve a connection", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-GetConnection" + }, + "GetConnections": { + "privilege": "GetConnections", + "description": "Grants permission to retrieve a list of connections", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-GetConnections" + }, + "GetCrawler": { + "privilege": "GetCrawler", + "description": "Grants permission to retrieve a crawler", + "access_level": "Read", + "resource_types": { + "crawler": { + "resource_type": "crawler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crawler": "crawler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-GetCrawler" + }, + "GetCrawlerMetrics": { + "privilege": "GetCrawlerMetrics", + "description": "Grants permission to retrieve metrics about crawlers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-GetCrawlerMetrics" + }, + "GetCrawlers": { + "privilege": "GetCrawlers", + "description": "Grants permission to retrieve all crawlers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-GetCrawlers" + }, + "GetCustomEntityType": { + "privilege": "GetCustomEntityType", + "description": "Grants permission to read a Custom Entity Type", + "access_level": "Read", + "resource_types": { + "customEntityType": { + "resource_type": "customEntityType", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customentitytype": "customEntityType" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-GetCustomEntityType" + }, + "GetDataCatalogEncryptionSettings": { + "privilege": "GetDataCatalogEncryptionSettings", + "description": "Grants permission to retrieve catalog encryption settings", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetDataCatalogEncryptionSettings" + }, + "GetDataPreviewStatement": { + "privilege": "GetDataPreviewStatement", + "description": "Grants permission to get Data Preview Statement", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "GetDataQualityResult": { + "privilege": "GetDataQualityResult", + "description": "Grants permission to retrieve a Data Quality result", + "access_level": "Read", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityResult" + }, + "GetDataQualityRuleRecommendationRun": { + "privilege": "GetDataQualityRuleRecommendationRun", + "description": "Grants permission to retrieve a Data Quality rule recommendation run", + "access_level": "Read", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityRuleRecommendationRun" + }, + "GetDataQualityRuleset": { + "privilege": "GetDataQualityRuleset", + "description": "Grants permission to retrieve a Data Quality ruleset", + "access_level": "Read", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityRuleset" + }, + "GetDataQualityRulesetEvaluationRun": { + "privilege": "GetDataQualityRulesetEvaluationRun", + "description": "Grants permission to retrieve a Data Quality rule recommendation run", + "access_level": "Read", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-GetDataQualityRulesetEvaluationRun" + }, + "GetDatabase": { + "privilege": "GetDatabase", + "description": "Grants permission to retrieve a database", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-GetDatabase" + }, + "GetDatabases": { + "privilege": "GetDatabases", + "description": "Grants permission to retrieve all databases", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-GetDatabases" + }, + "GetDataflowGraph": { + "privilege": "GetDataflowGraph", + "description": "Grants permission to transform a script into a directed acyclic graph (DAG)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-GetDataflowGraph" + }, + "GetDevEndpoint": { + "privilege": "GetDevEndpoint", + "description": "Grants permission to retrieve a development endpoint", + "access_level": "Read", + "resource_types": { + "devendpoint": { + "resource_type": "devendpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devendpoint": "devendpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-GetDevEndpoint" + }, + "GetDevEndpoints": { + "privilege": "GetDevEndpoints", + "description": "Grants permission to retrieve all development endpoints", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-GetDevEndpoints" + }, + "GetJob": { + "privilege": "GetJob", + "description": "Grants permission to retrieve a job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-GetJob" + }, + "GetJobBookmark": { + "privilege": "GetJobBookmark", + "description": "Grants permission to retrieve a job bookmark", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-job-GetJobBookmark" + }, + "GetJobRun": { + "privilege": "GetJobRun", + "description": "Grants permission to retrieve a job run", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-GetJobRun" + }, + "GetJobRuns": { + "privilege": "GetJobRuns", + "description": "Grants permission to retrieve all job runs of a job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-GetJobRuns" + }, + "GetJobs": { + "privilege": "GetJobs", + "description": "Grants permission to retrieve all current jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-GetJobs" + }, + "GetMLTaskRun": { + "privilege": "GetMLTaskRun", + "description": "Grants permission to retrieve an ML Task Run", + "access_level": "Read", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTaskRun" + }, + "GetMLTaskRuns": { + "privilege": "GetMLTaskRuns", + "description": "Grants permission to retrieve all ML Task Runs", + "access_level": "List", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTaskRuns" + }, + "GetMLTransform": { + "privilege": "GetMLTransform", + "description": "Grants permission to retrieve an ML Transform", + "access_level": "Read", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTransform" + }, + "GetMLTransforms": { + "privilege": "GetMLTransforms", + "description": "Grants permission to retrieve all ML Transforms", + "access_level": "List", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-GetMLTransforms" + }, + "GetMapping": { + "privilege": "GetMapping", + "description": "Grants permission to create a mapping", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-GetMapping" + }, + "GetNotebookInstanceStatus": { + "privilege": "GetNotebookInstanceStatus", + "description": "Grants permission to retrieve Glue Studio Notebooks session status", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "GetPartition": { + "privilege": "GetPartition", + "description": "Grants permission to retrieve a partition", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-GetPartition" + }, + "GetPartitionIndexes": { + "privilege": "GetPartitionIndexes", + "description": "Grants permission to retrieve partition indexes for a table", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetPartitionIndexes" + }, + "GetPartitions": { + "privilege": "GetPartitions", + "description": "Grants permission to retrieve the partitions of a table", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-GetPartitions" + }, + "GetPlan": { + "privilege": "GetPlan", + "description": "Grants permission to retrieve a mapping for a script", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-etl-script-generation.html#aws-glue-api-etl-script-generation-GetPlan" + }, + "GetRegistry": { + "privilege": "GetRegistry", + "description": "Grants permission to retrieve a schema registry", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetRegistry" + }, + "GetResourcePolicies": { + "privilege": "GetResourcePolicies", + "description": "Grants permission to retrieve resource policies", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetResourcePolicies" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to retrieve a resource policy", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetResourcePolicy" + }, + "GetSchema": { + "privilege": "GetSchema", + "description": "Grants permission to retrieve a schema container", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchema" + }, + "GetSchemaByDefinition": { + "privilege": "GetSchemaByDefinition", + "description": "Grants permission to retrieve a schema version based on schema definition", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchemaByDefinition" + }, + "GetSchemaVersion": { + "privilege": "GetSchemaVersion", + "description": "Grants permission to retrieve a schema version", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchemaVersion" + }, + "GetSchemaVersionsDiff": { + "privilege": "GetSchemaVersionsDiff", + "description": "Grants permission to compare two schema versions in schema registry", + "access_level": "Read", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-GetSchemaVersionsDiff" + }, + "GetSecurityConfiguration": { + "privilege": "GetSecurityConfiguration", + "description": "Grants permission to retrieve a security configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetSecurityConfiguration" + }, + "GetSecurityConfigurations": { + "privilege": "GetSecurityConfigurations", + "description": "Grants permission to retrieve one or more security configurations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-GetSecurityConfigurations" + }, + "GetSession": { + "privilege": "GetSession", + "description": "Grants permission to retrieve an interactive session", + "access_level": "Read", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-GetSession" + }, + "GetStatement": { + "privilege": "GetStatement", + "description": "Grants permission to retrieve result and information about a statement in an interactive session", + "access_level": "Read", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-GetStatement" + }, + "GetTable": { + "privilege": "GetTable", + "description": "Grants permission to retrieve a table", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTable" + }, + "GetTableVersion": { + "privilege": "GetTableVersion", + "description": "Grants permission to retrieve a version of a table", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTableVersion" + }, + "GetTableVersions": { + "privilege": "GetTableVersions", + "description": "Grants permission to retrieve a list of versions of a table", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTableVersions" + }, + "GetTables": { + "privilege": "GetTables", + "description": "Grants permission to retrieve the tables in a database", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-GetTables" + }, + "GetTags": { + "privilege": "GetTags", + "description": "Grants permission to retrieve all tags associated with a resource", + "access_level": "Read", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "crawler": { + "resource_type": "crawler", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customEntityType": { + "resource_type": "customEntityType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "devendpoint": { + "resource_type": "devendpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trigger": { + "resource_type": "trigger", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint", + "crawler": "crawler", + "customentitytype": "customEntityType", + "devendpoint": "devendpoint", + "job": "job", + "trigger": "trigger", + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-tags.html#aws-glue-api-tags-UntagResource" + }, + "GetTrigger": { + "privilege": "GetTrigger", + "description": "Grants permission to retrieve a trigger", + "access_level": "Read", + "resource_types": { + "trigger": { + "resource_type": "trigger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trigger": "trigger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-GetTrigger" + }, + "GetTriggers": { + "privilege": "GetTriggers", + "description": "Grants permission to retrieve the triggers associated with a job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-GetTriggers" + }, + "GetUserDefinedFunction": { + "privilege": "GetUserDefinedFunction", + "description": "Grants permission to retrieve a function definition", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "userdefinedfunction": { + "resource_type": "userdefinedfunction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "userdefinedfunction": "userdefinedfunction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-GetUserDefinedFunction" + }, + "GetUserDefinedFunctions": { + "privilege": "GetUserDefinedFunctions", + "description": "Grants permission to retrieve multiple function definitions", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "userdefinedfunction": { + "resource_type": "userdefinedfunction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "userdefinedfunction": "userdefinedfunction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-GetUserDefinedFunctions" + }, + "GetWorkflow": { + "privilege": "GetWorkflow", + "description": "Grants permission to retrieve a workflow", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflow" + }, + "GetWorkflowRun": { + "privilege": "GetWorkflowRun", + "description": "Grants permission to retrieve a workflow run", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflowRun" + }, + "GetWorkflowRunProperties": { + "privilege": "GetWorkflowRunProperties", + "description": "Grants permission to retrieve workflow run properties", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflowRunProperties" + }, + "GetWorkflowRuns": { + "privilege": "GetWorkflowRuns", + "description": "Grants permission to retrieve all runs of a workflow", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-GetWorkflowRuns" + }, + "GlueNotebookAuthorize": { + "privilege": "GlueNotebookAuthorize", + "description": "Grants permission to access Glue Studio Notebooks", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "GlueNotebookRefreshCredentials": { + "privilege": "GlueNotebookRefreshCredentials", + "description": "Grants permission to refresh Glue Studio Notebooks credentials", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "ImportCatalogToGlue": { + "privilege": "ImportCatalogToGlue", + "description": "Grants permission to import an Athena data catalog into AWS Glue", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-migration.html#aws-glue-api-catalog-migration-ImportCatalogToGlue" + }, + "ListBlueprints": { + "privilege": "ListBlueprints", + "description": "Grants permission to retrieve all blueprints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-ListBlueprints" + }, + "ListCrawlers": { + "privilege": "ListCrawlers", + "description": "Grants permission to retrieve all crawlers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-ListCrawlers" + }, + "ListCrawls": { + "privilege": "ListCrawls", + "description": "Grants permission to retrieve crawl run history for a crawler", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-ListCrawls" + }, + "ListCustomEntityTypes": { + "privilege": "ListCustomEntityTypes", + "description": "Grants permission to retrieve all Custom Entity Types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-sensitive-data-api.html#aws-glue-api-sensitive-data-api-ListGetCustomEntityTypes" + }, + "ListDataQualityResults": { + "privilege": "ListDataQualityResults", + "description": "Grants permission to retrieve all Data Quality results", + "access_level": "List", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityResults" + }, + "ListDataQualityRuleRecommendationRuns": { + "privilege": "ListDataQualityRuleRecommendationRuns", + "description": "Grants permission to retrieve all Data Quality rule recommendation runs", + "access_level": "List", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityRuleRecommendationRuns" + }, + "ListDataQualityRulesetEvaluationRuns": { + "privilege": "ListDataQualityRulesetEvaluationRuns", + "description": "Grants permission to retrieve all Data Quality rule recommendation runs", + "access_level": "List", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityRulesetEvaluationRuns" + }, + "ListDataQualityRulesets": { + "privilege": "ListDataQualityRulesets", + "description": "Grants permission to retrieve a list of Data Quality rulesets", + "access_level": "List", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-ListDataQualityRulesets" + }, + "ListDevEndpoints": { + "privilege": "ListDevEndpoints", + "description": "Grants permission to retrieve all development endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-ListDevEndpoints" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to retrieve all current jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-ListJobs" + }, + "ListMLTransforms": { + "privilege": "ListMLTransforms", + "description": "Grants permission to retrieve all ML Transforms", + "access_level": "List", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-ListMLTransforms" + }, + "ListRegistries": { + "privilege": "ListRegistries", + "description": "Grants permission to retrieve a list of schema registries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-ListRegistries" + }, + "ListSchemaVersions": { + "privilege": "ListSchemaVersions", + "description": "Grants permission to retrieve a list of schema versions", + "access_level": "List", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-ListSchemaVersions" + }, + "ListSchemas": { + "privilege": "ListSchemas", + "description": "Grants permission to retrieve a list of schema containers", + "access_level": "List", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-ListSchemas" + }, + "ListSessions": { + "privilege": "ListSessions", + "description": "Grants permission to retrieve a list of interactive session", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-ListSessions" + }, + "ListStatements": { + "privilege": "ListStatements", + "description": "Grants permission to retrieve a list of statements in an interactive session", + "access_level": "List", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-ListStatements" + }, + "ListTriggers": { + "privilege": "ListTriggers", + "description": "Grants permission to retrieve all triggers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-ListTriggers" + }, + "ListWorkflows": { + "privilege": "ListWorkflows", + "description": "Grants permission to retrieve all workflows", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-ListWorkflows" + }, + "NotifyEvent": { + "privilege": "NotifyEvent", + "description": "Grants permission to notify an event to the event-driven workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/starting-workflow-eventbridge.html" + }, + "PublishDataQuality": { + "privilege": "PublishDataQuality", + "description": "Grants permission to publish Data Quality results", + "access_level": "Write", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html" + }, + "PutDataCatalogEncryptionSettings": { + "privilege": "PutDataCatalogEncryptionSettings", + "description": "Grants permission to update catalog encryption settings", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-PutDataCatalogEncryptionSettings" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to update a resource policy", + "access_level": "Permissions management", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-security.html#aws-glue-api-jobs-security-PutResourcePolicy" + }, + "PutSchemaVersionMetadata": { + "privilege": "PutSchemaVersionMetadata", + "description": "Grants permission to add metadata to schema version", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-PutSchemaVersionMetadata" + }, + "PutWorkflowRunProperties": { + "privilege": "PutWorkflowRunProperties", + "description": "Grants permission to update workflow run properties", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-PutWorkflowRunProperties" + }, + "QuerySchemaVersionMetadata": { + "privilege": "QuerySchemaVersionMetadata", + "description": "Grants permission to fetch metadata for a schema version", + "access_level": "List", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-QuerySchemaVersionMetadata" + }, + "RegisterSchemaVersion": { + "privilege": "RegisterSchemaVersion", + "description": "Grants permission to create a new schema version", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-RegisterSchemaVersion" + }, + "RemoveSchemaVersionMetadata": { + "privilege": "RemoveSchemaVersionMetadata", + "description": "Grants permission to remove metadata from schema version", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-RemoveSchemaVersionMetadata" + }, + "ResetJobBookmark": { + "privilege": "ResetJobBookmark", + "description": "Grants permission to reset a job bookmark", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-ResetJobBookmark" + }, + "ResumeWorkflowRun": { + "privilege": "ResumeWorkflowRun", + "description": "Grants permission to resume a workflow run", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-ResumeWorkflowRun" + }, + "RunDataPreviewStatement": { + "privilege": "RunDataPreviewStatement", + "description": "Grants permission to run Data Preview Statement", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "RunStatement": { + "privilege": "RunStatement", + "description": "Grants permission to run a code or statement in an interactive session", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-RunStatement" + }, + "SearchTables": { + "privilege": "SearchTables", + "description": "Grants permission to retrieve the tables in the catalog", + "access_level": "Read", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-SearchTables" + }, + "StartBlueprintRun": { + "privilege": "StartBlueprintRun", + "description": "Grants permission to start running a blueprint", + "access_level": "Write", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-StartBlueprintRun" + }, + "StartCrawler": { + "privilege": "StartCrawler", + "description": "Grants permission to start a crawler", + "access_level": "Write", + "resource_types": { + "crawler": { + "resource_type": "crawler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crawler": "crawler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-StartCrawler" + }, + "StartCrawlerSchedule": { + "privilege": "StartCrawlerSchedule", + "description": "Grants permission to change the schedule state of a crawler to SCHEDULED", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-scheduler.html#aws-glue-api-crawler-scheduler-StartCrawlerSchedule" + }, + "StartDataQualityRuleRecommendationRun": { + "privilege": "StartDataQualityRuleRecommendationRun", + "description": "Grants permission to start a Data Quality rule recommendation run", + "access_level": "Write", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-StartDataQualityRuleRecommendationRun" + }, + "StartDataQualityRulesetEvaluationRun": { + "privilege": "StartDataQualityRulesetEvaluationRun", + "description": "Grants permission to start a Data Quality rule recommendation run", + "access_level": "Write", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-StartDataQualityRulesetEvaluationRun" + }, + "StartExportLabelsTaskRun": { + "privilege": "StartExportLabelsTaskRun", + "description": "Grants permission to start an Export Labels ML Task Run", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartExportLabelsTaskRun" + }, + "StartImportLabelsTaskRun": { + "privilege": "StartImportLabelsTaskRun", + "description": "Grants permission to start an Import Labels ML Task Run", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartImportLabelsTaskRun" + }, + "StartJobRun": { + "privilege": "StartJobRun", + "description": "Grants permission to start running a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-runs.html#aws-glue-api-jobs-runs-StartJobRun" + }, + "StartMLEvaluationTaskRun": { + "privilege": "StartMLEvaluationTaskRun", + "description": "Grants permission to start an Evaluation ML Task Run", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartMLEvaluationTaskRun" + }, + "StartMLLabelingSetGenerationTaskRun": { + "privilege": "StartMLLabelingSetGenerationTaskRun", + "description": "Grants permission to start a Labeling Set Generation ML Task Run", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-StartMLLabelingSetGenerationTaskRun" + }, + "StartNotebook": { + "privilege": "StartNotebook", + "description": "Grants permission to start Glue Studio Notebooks", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "StartTrigger": { + "privilege": "StartTrigger", + "description": "Grants permission to start a trigger", + "access_level": "Write", + "resource_types": { + "trigger": { + "resource_type": "trigger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trigger": "trigger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-StartTrigger" + }, + "StartWorkflowRun": { + "privilege": "StartWorkflowRun", + "description": "Grants permission to start running a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-StartWorkflowRun" + }, + "StopCrawler": { + "privilege": "StopCrawler", + "description": "Grants permission to stop a running crawler", + "access_level": "Write", + "resource_types": { + "crawler": { + "resource_type": "crawler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crawler": "crawler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-StopCrawler" + }, + "StopCrawlerSchedule": { + "privilege": "StopCrawlerSchedule", + "description": "Grants permission to set the schedule state of a crawler to NOT_SCHEDULED", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-scheduler.html#aws-glue-api-crawler-scheduler-StopCrawlerSchedule" + }, + "StopSession": { + "privilege": "StopSession", + "description": "Grants permission to stop an interactive session", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-interactive-sessions.html#aws-glue-interactive-sessions-StopSession" + }, + "StopTrigger": { + "privilege": "StopTrigger", + "description": "Grants permission to stop a trigger", + "access_level": "Write", + "resource_types": { + "trigger": { + "resource_type": "trigger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trigger": "trigger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-StopTrigger" + }, + "StopWorkflowRun": { + "privilege": "StopWorkflowRun", + "description": "Grants permission to stop a workflow run", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-StopWorkflowRun" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "crawler": { + "resource_type": "crawler", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customEntityType": { + "resource_type": "customEntityType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "devendpoint": { + "resource_type": "devendpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mlTransform": { + "resource_type": "mlTransform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "session": { + "resource_type": "session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trigger": { + "resource_type": "trigger", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint", + "connection": "connection", + "crawler": "crawler", + "customentitytype": "customEntityType", + "dataqualityruleset": "dataQualityRuleset", + "devendpoint": "devendpoint", + "job": "job", + "mltransform": "mlTransform", + "registry": "registry", + "schema": "schema", + "session": "session", + "trigger": "trigger", + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-tags.html#aws-glue-api-tags-TagResource" + }, + "TerminateNotebook": { + "privilege": "TerminateNotebook", + "description": "Grants permission to terminate Glue Studio Notebooks", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/notebook-getting-started.html#create-notebook-permissions-operations" + }, + "TestConnection": { + "privilege": "TestConnection", + "description": "Grants permission to test connection in Glue Studio", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/console-test-connections.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags associated with a resource", + "access_level": "Tagging", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "crawler": { + "resource_type": "crawler", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "customEntityType": { + "resource_type": "customEntityType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "devendpoint": { + "resource_type": "devendpoint", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mlTransform": { + "resource_type": "mlTransform", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "registry": { + "resource_type": "registry", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "session": { + "resource_type": "session", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trigger": { + "resource_type": "trigger", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint", + "connection": "connection", + "crawler": "crawler", + "customentitytype": "customEntityType", + "dataqualityruleset": "dataQualityRuleset", + "devendpoint": "devendpoint", + "job": "job", + "mltransform": "mlTransform", + "registry": "registry", + "schema": "schema", + "session": "session", + "trigger": "trigger", + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-tags.html#aws-glue-api-tags-UntagResource" + }, + "UpdateBlueprint": { + "privilege": "UpdateBlueprint", + "description": "Grants permission to update a blueprint", + "access_level": "Write", + "resource_types": { + "blueprint": { + "resource_type": "blueprint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "blueprint": "blueprint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-UpdateBlueprint" + }, + "UpdateClassifier": { + "privilege": "UpdateClassifier", + "description": "Grants permission to update a classifier", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-classifiers.html#aws-glue-api-crawler-classifiers-UpdateClassifier" + }, + "UpdateColumnStatisticsForPartition": { + "privilege": "UpdateColumnStatisticsForPartition", + "description": "Grants permission to update partition statistics of columns", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-UpdateColumnStatisticsForPartition" + }, + "UpdateColumnStatisticsForTable": { + "privilege": "UpdateColumnStatisticsForTable", + "description": "Grants permission to update table statistics of columns", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-UpdateColumnStatisticsForTable" + }, + "UpdateConnection": { + "privilege": "UpdateConnection", + "description": "Grants permission to update a connection", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-connections.html#aws-glue-api-catalog-connections-UpdateConnection" + }, + "UpdateCrawler": { + "privilege": "UpdateCrawler", + "description": "Grants permission to update a crawler", + "access_level": "Write", + "resource_types": { + "crawler": { + "resource_type": "crawler", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crawler": "crawler" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-crawling.html#aws-glue-api-crawler-crawling-UpdateCrawler" + }, + "UpdateCrawlerSchedule": { + "privilege": "UpdateCrawlerSchedule", + "description": "Grants permission to update the schedule of a crawler", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-scheduler.html#aws-glue-api-crawler-scheduler-UpdateCrawlerSchedule" + }, + "UpdateDataQualityRuleset": { + "privilege": "UpdateDataQualityRuleset", + "description": "Grants permission to update a Data Quality ruleset", + "access_level": "Write", + "resource_types": { + "dataQualityRuleset": { + "resource_type": "dataQualityRuleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataqualityruleset": "dataQualityRuleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-data-quality-api.html#aws-glue-api-data-quality-api-UpdateDataQualityRuleset" + }, + "UpdateDatabase": { + "privilege": "UpdateDatabase", + "description": "Grants permission to update a database", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-databases.html#aws-glue-api-catalog-databases-UpdateDatabase" + }, + "UpdateDevEndpoint": { + "privilege": "UpdateDevEndpoint", + "description": "Grants permission to update a development endpoint", + "access_level": "Write", + "resource_types": { + "devendpoint": { + "resource_type": "devendpoint", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devendpoint": "devendpoint" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-dev-endpoint.html#aws-glue-api-dev-endpoint-UpdateDevEndpoint" + }, + "UpdateJob": { + "privilege": "UpdateJob", + "description": "Grants permission to update a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "glue:VpcIds", + "glue:SubnetIds", + "glue:SecurityGroupIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-UpdateJob" + }, + "UpdateJobFromSourceControl": { + "privilege": "UpdateJobFromSourceControl", + "description": "Grants permission to update a job from source control provider", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-UpdateJobFromSourceControl" + }, + "UpdateMLTransform": { + "privilege": "UpdateMLTransform", + "description": "Grants permission to update an ML Transform", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html#aws-glue-api-machine-learning-api-UpdateMLTransform" + }, + "UpdatePartition": { + "privilege": "UpdatePartition", + "description": "Grants permission to update a partition", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-partitions.html#aws-glue-api-catalog-partitions-UpdatePartition" + }, + "UpdateRegistry": { + "privilege": "UpdateRegistry", + "description": "Grants permission to update a schema registry", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-UpdateRegistry" + }, + "UpdateSchema": { + "privilege": "UpdateSchema", + "description": "Grants permission to update a schema container", + "access_level": "Write", + "resource_types": { + "registry": { + "resource_type": "registry", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "schema": { + "resource_type": "schema", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "registry": "registry", + "schema": "schema" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-schema-registry-api.html#aws-glue-api-schema-registry-api-UpdateSchema" + }, + "UpdateSourceControlFromJob": { + "privilege": "UpdateSourceControlFromJob", + "description": "Grants permission to update source control provider from a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-job.html#aws-glue-api-jobs-job-UpdateSourceControlFromJob" + }, + "UpdateTable": { + "privilege": "UpdateTable", + "description": "Grants permission to update a table", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "table": { + "resource_type": "table", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-tables.html#aws-glue-api-catalog-tables-UpdateTable" + }, + "UpdateTrigger": { + "privilege": "UpdateTrigger", + "description": "Grants permission to update a trigger", + "access_level": "Write", + "resource_types": { + "trigger": { + "resource_type": "trigger", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trigger": "trigger" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-jobs-trigger.html#aws-glue-api-jobs-trigger-UpdateTrigger" + }, + "UpdateUserDefinedFunction": { + "privilege": "UpdateUserDefinedFunction", + "description": "Grants permission to update a function definition", + "access_level": "Write", + "resource_types": { + "catalog": { + "resource_type": "catalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "userdefinedfunction": { + "resource_type": "userdefinedfunction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "catalog": "catalog", + "database": "database", + "userdefinedfunction": "userdefinedfunction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-catalog-functions.html#aws-glue-api-catalog-functions-UpdateUserDefinedFunction" + }, + "UpdateWorkflow": { + "privilege": "UpdateWorkflow", + "description": "Grants permission to update a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-workflow.html#aws-glue-api-workflow-UpdateWorkflow" + }, + "UseGlueStudio": { + "privilege": "UseGlueStudio", + "description": "Grants permission to use Glue Studio and access its internal APIs", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/ug/setting-up.html#getting-started-min-privs" + }, + "UseMLTransforms": { + "privilege": "UseMLTransforms", + "description": "Grants permission to use an ML Transform from within a Glue ETL Script", + "access_level": "Write", + "resource_types": { + "mlTransform": { + "resource_type": "mlTransform", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mltransform": "mlTransform" + }, + "api_documentation_link": "https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-machine-learning-api.html" + } + }, + "privileges_lower_name": { + "batchcreatepartition": "BatchCreatePartition", + "batchdeleteconnection": "BatchDeleteConnection", + "batchdeletepartition": "BatchDeletePartition", + "batchdeletetable": "BatchDeleteTable", + "batchdeletetableversion": "BatchDeleteTableVersion", + "batchgetblueprints": "BatchGetBlueprints", + "batchgetcrawlers": "BatchGetCrawlers", + "batchgetcustomentitytypes": "BatchGetCustomEntityTypes", + "batchgetdevendpoints": "BatchGetDevEndpoints", + "batchgetjobs": "BatchGetJobs", + "batchgetpartition": "BatchGetPartition", + "batchgettriggers": "BatchGetTriggers", + "batchgetworkflows": "BatchGetWorkflows", + "batchstopjobrun": "BatchStopJobRun", + "batchupdatepartition": "BatchUpdatePartition", + "canceldataqualityrulerecommendationrun": "CancelDataQualityRuleRecommendationRun", + "canceldataqualityrulesetevaluationrun": "CancelDataQualityRulesetEvaluationRun", + "cancelmltaskrun": "CancelMLTaskRun", + "cancelstatement": "CancelStatement", + "checkschemaversionvalidity": "CheckSchemaVersionValidity", + "createblueprint": "CreateBlueprint", + "createclassifier": "CreateClassifier", + "createconnection": "CreateConnection", + "createcrawler": "CreateCrawler", + "createcustomentitytype": "CreateCustomEntityType", + "createdataqualityruleset": "CreateDataQualityRuleset", + "createdatabase": "CreateDatabase", + "createdevendpoint": "CreateDevEndpoint", + "createjob": "CreateJob", + "createmltransform": "CreateMLTransform", + "createpartition": "CreatePartition", + "createpartitionindex": "CreatePartitionIndex", + "createregistry": "CreateRegistry", + "createschema": "CreateSchema", + "createscript": "CreateScript", + "createsecurityconfiguration": "CreateSecurityConfiguration", + "createsession": "CreateSession", + "createtable": "CreateTable", + "createtrigger": "CreateTrigger", + "createuserdefinedfunction": "CreateUserDefinedFunction", + "createworkflow": "CreateWorkflow", + "deleteblueprint": "DeleteBlueprint", + "deleteclassifier": "DeleteClassifier", + "deletecolumnstatisticsforpartition": "DeleteColumnStatisticsForPartition", + "deletecolumnstatisticsfortable": "DeleteColumnStatisticsForTable", + "deleteconnection": "DeleteConnection", + "deletecrawler": "DeleteCrawler", + "deletecustomentitytype": "DeleteCustomEntityType", + "deletedataqualityruleset": "DeleteDataQualityRuleset", + "deletedatabase": "DeleteDatabase", + "deletedevendpoint": "DeleteDevEndpoint", + "deletejob": "DeleteJob", + "deletemltransform": "DeleteMLTransform", + "deletepartition": "DeletePartition", + "deletepartitionindex": "DeletePartitionIndex", + "deleteregistry": "DeleteRegistry", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteschema": "DeleteSchema", + "deleteschemaversions": "DeleteSchemaVersions", + "deletesecurityconfiguration": "DeleteSecurityConfiguration", + "deletesession": "DeleteSession", + "deletetable": "DeleteTable", + "deletetableversion": "DeleteTableVersion", + "deletetrigger": "DeleteTrigger", + "deleteuserdefinedfunction": "DeleteUserDefinedFunction", + "deleteworkflow": "DeleteWorkflow", + "deregisterdatapreview": "DeregisterDataPreview", + "getblueprint": "GetBlueprint", + "getblueprintrun": "GetBlueprintRun", + "getblueprintruns": "GetBlueprintRuns", + "getcatalogimportstatus": "GetCatalogImportStatus", + "getclassifier": "GetClassifier", + "getclassifiers": "GetClassifiers", + "getcolumnstatisticsforpartition": "GetColumnStatisticsForPartition", + "getcolumnstatisticsfortable": "GetColumnStatisticsForTable", + "getconnection": "GetConnection", + "getconnections": "GetConnections", + "getcrawler": "GetCrawler", + "getcrawlermetrics": "GetCrawlerMetrics", + "getcrawlers": "GetCrawlers", + "getcustomentitytype": "GetCustomEntityType", + "getdatacatalogencryptionsettings": "GetDataCatalogEncryptionSettings", + "getdatapreviewstatement": "GetDataPreviewStatement", + "getdataqualityresult": "GetDataQualityResult", + "getdataqualityrulerecommendationrun": "GetDataQualityRuleRecommendationRun", + "getdataqualityruleset": "GetDataQualityRuleset", + "getdataqualityrulesetevaluationrun": "GetDataQualityRulesetEvaluationRun", + "getdatabase": "GetDatabase", + "getdatabases": "GetDatabases", + "getdataflowgraph": "GetDataflowGraph", + "getdevendpoint": "GetDevEndpoint", + "getdevendpoints": "GetDevEndpoints", + "getjob": "GetJob", + "getjobbookmark": "GetJobBookmark", + "getjobrun": "GetJobRun", + "getjobruns": "GetJobRuns", + "getjobs": "GetJobs", + "getmltaskrun": "GetMLTaskRun", + "getmltaskruns": "GetMLTaskRuns", + "getmltransform": "GetMLTransform", + "getmltransforms": "GetMLTransforms", + "getmapping": "GetMapping", + "getnotebookinstancestatus": "GetNotebookInstanceStatus", + "getpartition": "GetPartition", + "getpartitionindexes": "GetPartitionIndexes", + "getpartitions": "GetPartitions", + "getplan": "GetPlan", + "getregistry": "GetRegistry", + "getresourcepolicies": "GetResourcePolicies", + "getresourcepolicy": "GetResourcePolicy", + "getschema": "GetSchema", + "getschemabydefinition": "GetSchemaByDefinition", + "getschemaversion": "GetSchemaVersion", + "getschemaversionsdiff": "GetSchemaVersionsDiff", + "getsecurityconfiguration": "GetSecurityConfiguration", + "getsecurityconfigurations": "GetSecurityConfigurations", + "getsession": "GetSession", + "getstatement": "GetStatement", + "gettable": "GetTable", + "gettableversion": "GetTableVersion", + "gettableversions": "GetTableVersions", + "gettables": "GetTables", + "gettags": "GetTags", + "gettrigger": "GetTrigger", + "gettriggers": "GetTriggers", + "getuserdefinedfunction": "GetUserDefinedFunction", + "getuserdefinedfunctions": "GetUserDefinedFunctions", + "getworkflow": "GetWorkflow", + "getworkflowrun": "GetWorkflowRun", + "getworkflowrunproperties": "GetWorkflowRunProperties", + "getworkflowruns": "GetWorkflowRuns", + "gluenotebookauthorize": "GlueNotebookAuthorize", + "gluenotebookrefreshcredentials": "GlueNotebookRefreshCredentials", + "importcatalogtoglue": "ImportCatalogToGlue", + "listblueprints": "ListBlueprints", + "listcrawlers": "ListCrawlers", + "listcrawls": "ListCrawls", + "listcustomentitytypes": "ListCustomEntityTypes", + "listdataqualityresults": "ListDataQualityResults", + "listdataqualityrulerecommendationruns": "ListDataQualityRuleRecommendationRuns", + "listdataqualityrulesetevaluationruns": "ListDataQualityRulesetEvaluationRuns", + "listdataqualityrulesets": "ListDataQualityRulesets", + "listdevendpoints": "ListDevEndpoints", + "listjobs": "ListJobs", + "listmltransforms": "ListMLTransforms", + "listregistries": "ListRegistries", + "listschemaversions": "ListSchemaVersions", + "listschemas": "ListSchemas", + "listsessions": "ListSessions", + "liststatements": "ListStatements", + "listtriggers": "ListTriggers", + "listworkflows": "ListWorkflows", + "notifyevent": "NotifyEvent", + "publishdataquality": "PublishDataQuality", + "putdatacatalogencryptionsettings": "PutDataCatalogEncryptionSettings", + "putresourcepolicy": "PutResourcePolicy", + "putschemaversionmetadata": "PutSchemaVersionMetadata", + "putworkflowrunproperties": "PutWorkflowRunProperties", + "queryschemaversionmetadata": "QuerySchemaVersionMetadata", + "registerschemaversion": "RegisterSchemaVersion", + "removeschemaversionmetadata": "RemoveSchemaVersionMetadata", + "resetjobbookmark": "ResetJobBookmark", + "resumeworkflowrun": "ResumeWorkflowRun", + "rundatapreviewstatement": "RunDataPreviewStatement", + "runstatement": "RunStatement", + "searchtables": "SearchTables", + "startblueprintrun": "StartBlueprintRun", + "startcrawler": "StartCrawler", + "startcrawlerschedule": "StartCrawlerSchedule", + "startdataqualityrulerecommendationrun": "StartDataQualityRuleRecommendationRun", + "startdataqualityrulesetevaluationrun": "StartDataQualityRulesetEvaluationRun", + "startexportlabelstaskrun": "StartExportLabelsTaskRun", + "startimportlabelstaskrun": "StartImportLabelsTaskRun", + "startjobrun": "StartJobRun", + "startmlevaluationtaskrun": "StartMLEvaluationTaskRun", + "startmllabelingsetgenerationtaskrun": "StartMLLabelingSetGenerationTaskRun", + "startnotebook": "StartNotebook", + "starttrigger": "StartTrigger", + "startworkflowrun": "StartWorkflowRun", + "stopcrawler": "StopCrawler", + "stopcrawlerschedule": "StopCrawlerSchedule", + "stopsession": "StopSession", + "stoptrigger": "StopTrigger", + "stopworkflowrun": "StopWorkflowRun", + "tagresource": "TagResource", + "terminatenotebook": "TerminateNotebook", + "testconnection": "TestConnection", + "untagresource": "UntagResource", + "updateblueprint": "UpdateBlueprint", + "updateclassifier": "UpdateClassifier", + "updatecolumnstatisticsforpartition": "UpdateColumnStatisticsForPartition", + "updatecolumnstatisticsfortable": "UpdateColumnStatisticsForTable", + "updateconnection": "UpdateConnection", + "updatecrawler": "UpdateCrawler", + "updatecrawlerschedule": "UpdateCrawlerSchedule", + "updatedataqualityruleset": "UpdateDataQualityRuleset", + "updatedatabase": "UpdateDatabase", + "updatedevendpoint": "UpdateDevEndpoint", + "updatejob": "UpdateJob", + "updatejobfromsourcecontrol": "UpdateJobFromSourceControl", + "updatemltransform": "UpdateMLTransform", + "updatepartition": "UpdatePartition", + "updateregistry": "UpdateRegistry", + "updateschema": "UpdateSchema", + "updatesourcecontrolfromjob": "UpdateSourceControlFromJob", + "updatetable": "UpdateTable", + "updatetrigger": "UpdateTrigger", + "updateuserdefinedfunction": "UpdateUserDefinedFunction", + "updateworkflow": "UpdateWorkflow", + "usegluestudio": "UseGlueStudio", + "usemltransforms": "UseMLTransforms" + }, + "resources": { + "catalog": { + "resource": "catalog", + "arn": "arn:${Partition}:glue:${Region}:${Account}:catalog", + "condition_keys": [] + }, + "database": { + "resource": "database", + "arn": "arn:${Partition}:glue:${Region}:${Account}:database/${DatabaseName}", + "condition_keys": [] + }, + "table": { + "resource": "table", + "arn": "arn:${Partition}:glue:${Region}:${Account}:table/${DatabaseName}/${TableName}", + "condition_keys": [] + }, + "tableversion": { + "resource": "tableversion", + "arn": "arn:${Partition}:glue:${Region}:${Account}:tableVersion/${DatabaseName}/${TableName}/${TableVersionName}", + "condition_keys": [] + }, + "connection": { + "resource": "connection", + "arn": "arn:${Partition}:glue:${Region}:${Account}:connection/${ConnectionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "userdefinedfunction": { + "resource": "userdefinedfunction", + "arn": "arn:${Partition}:glue:${Region}:${Account}:userDefinedFunction/${DatabaseName}/${UserDefinedFunctionName}", + "condition_keys": [] + }, + "devendpoint": { + "resource": "devendpoint", + "arn": "arn:${Partition}:glue:${Region}:${Account}:devEndpoint/${DevEndpointName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "job": { + "resource": "job", + "arn": "arn:${Partition}:glue:${Region}:${Account}:job/${JobName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "trigger": { + "resource": "trigger", + "arn": "arn:${Partition}:glue:${Region}:${Account}:trigger/${TriggerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "crawler": { + "resource": "crawler", + "arn": "arn:${Partition}:glue:${Region}:${Account}:crawler/${CrawlerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workflow": { + "resource": "workflow", + "arn": "arn:${Partition}:glue:${Region}:${Account}:workflow/${WorkflowName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "blueprint": { + "resource": "blueprint", + "arn": "arn:${Partition}:glue:${Region}:${Account}:blueprint/${BlueprintName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "mlTransform": { + "resource": "mlTransform", + "arn": "arn:${Partition}:glue:${Region}:${Account}:mlTransform/${TransformId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "registry": { + "resource": "registry", + "arn": "arn:${Partition}:glue:${Region}:${Account}:registry/${RegistryName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "schema": { + "resource": "schema", + "arn": "arn:${Partition}:glue:${Region}:${Account}:schema/${SchemaName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "session": { + "resource": "session", + "arn": "arn:${Partition}:glue:${Region}:${Account}:session/${SessionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dataQualityRuleset": { + "resource": "dataQualityRuleset", + "arn": "arn:${Partition}:glue:${Region}:${Account}:dataQualityRuleset/${RulesetName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "customEntityType": { + "resource": "customEntityType", + "arn": "arn:${Partition}:glue:${Region}:${Account}:customEntityType/${CustomEntityTypeId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "catalog": "catalog", + "database": "database", + "table": "table", + "tableversion": "tableversion", + "connection": "connection", + "userdefinedfunction": "userdefinedfunction", + "devendpoint": "devendpoint", + "job": "job", + "trigger": "trigger", + "crawler": "crawler", + "workflow": "workflow", + "blueprint": "blueprint", + "mltransform": "mlTransform", + "registry": "registry", + "schema": "schema", + "session": "session", + "dataqualityruleset": "dataQualityRuleset", + "customentitytype": "customEntityType" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "glue:CredentialIssuingService": { + "condition": "glue:CredentialIssuingService", + "description": "Filters access by the service from which the credentials of the request is issued", + "type": "String" + }, + "glue:RoleAssumedBy": { + "condition": "glue:RoleAssumedBy", + "description": "Filters access by the service from which the credentials of the request is obtained by assuming the customer role", + "type": "String" + }, + "glue:SecurityGroupIds": { + "condition": "glue:SecurityGroupIds", + "description": "Filters access by the ID of security groups configured for the Glue job", + "type": "ArrayOfString" + }, + "glue:SubnetIds": { + "condition": "glue:SubnetIds", + "description": "Filters access by the ID of subnets configured for the Glue job", + "type": "ArrayOfString" + }, + "glue:VpcIds": { + "condition": "glue:VpcIds", + "description": "Filters access by the ID of the VPC configured for the Glue job", + "type": "ArrayOfString" + } + } + }, + "databrew": { + "service_name": "AWS Glue DataBrew", + "prefix": "databrew", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsgluedatabrew.html", + "privileges": { + "BatchDeleteRecipeVersion": { + "privilege": "BatchDeleteRecipeVersion", + "description": "Grants permission to delete one or more recipe versions", + "access_level": "Write", + "resource_types": { + "Recipe": { + "resource_type": "Recipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recipe": "Recipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_BatchDeleteRecipeVersion.html" + }, + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Grants permission to create a dataset", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateDataset.html" + }, + "CreateProfileJob": { + "privilege": "CreateProfileJob", + "description": "Grants permission to create a profile job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateProfileJob.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a project", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateProject.html" + }, + "CreateRecipe": { + "privilege": "CreateRecipe", + "description": "Grants permission to create a recipe", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateRecipe.html" + }, + "CreateRecipeJob": { + "privilege": "CreateRecipeJob", + "description": "Grants permission to create a recipe job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateRecipeJob.html" + }, + "CreateRuleset": { + "privilege": "CreateRuleset", + "description": "Grants permission to create a ruleset", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateRuleset.html" + }, + "CreateSchedule": { + "privilege": "CreateSchedule", + "description": "Grants permission to create a schedule", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_CreateSchedule.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Grants permission to delete a dataset", + "access_level": "Write", + "resource_types": { + "Dataset": { + "resource_type": "Dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "Dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteDataset.html" + }, + "DeleteJob": { + "privilege": "DeleteJob", + "description": "Grants permission to delete a job", + "access_level": "Write", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteJob.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteProject.html" + }, + "DeleteRecipeVersion": { + "privilege": "DeleteRecipeVersion", + "description": "Grants permission to delete a recipe version", + "access_level": "Write", + "resource_types": { + "Recipe": { + "resource_type": "Recipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recipe": "Recipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteRecipeVersion.html" + }, + "DeleteRuleset": { + "privilege": "DeleteRuleset", + "description": "Grants permission to delete a ruleset", + "access_level": "Write", + "resource_types": { + "Ruleset": { + "resource_type": "Ruleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ruleset": "Ruleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteRuleset.html" + }, + "DeleteSchedule": { + "privilege": "DeleteSchedule", + "description": "Grants permission to delete a schedule", + "access_level": "Write", + "resource_types": { + "Schedule": { + "resource_type": "Schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "Schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DeleteSchedule.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Grants permission to view details about a dataset", + "access_level": "Read", + "resource_types": { + "Dataset": { + "resource_type": "Dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "Dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeDataset.html" + }, + "DescribeJob": { + "privilege": "DescribeJob", + "description": "Grants permission to view details about a job", + "access_level": "Read", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeJob.html" + }, + "DescribeJobRun": { + "privilege": "DescribeJobRun", + "description": "Grants permission to view details about job run for a given job", + "access_level": "Read", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeJobRun.html" + }, + "DescribeProject": { + "privilege": "DescribeProject", + "description": "Grants permission to view details about a project", + "access_level": "Read", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeProject.html" + }, + "DescribeRecipe": { + "privilege": "DescribeRecipe", + "description": "Grants permission to view details about a recipe", + "access_level": "Read", + "resource_types": { + "Recipe": { + "resource_type": "Recipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recipe": "Recipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeRecipe.html" + }, + "DescribeRuleset": { + "privilege": "DescribeRuleset", + "description": "Grants permission to view details about a ruleset", + "access_level": "Read", + "resource_types": { + "Ruleset": { + "resource_type": "Ruleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ruleset": "Ruleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeRuleset.html" + }, + "DescribeSchedule": { + "privilege": "DescribeSchedule", + "description": "Grants permission to view details about a schedule", + "access_level": "Read", + "resource_types": { + "Schedule": { + "resource_type": "Schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "Schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_DescribeSchedule.html" + }, + "ListDatasets": { + "privilege": "ListDatasets", + "description": "Grants permission to list datasets in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListDatasets.html" + }, + "ListJobRuns": { + "privilege": "ListJobRuns", + "description": "Grants permission to list job runs for a given job", + "access_level": "Read", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListJobRuns.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list jobs in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListJobs.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list projects in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListProjects.html" + }, + "ListRecipeVersions": { + "privilege": "ListRecipeVersions", + "description": "Grants permission to list versions in your recipe", + "access_level": "Read", + "resource_types": { + "Recipe": { + "resource_type": "Recipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recipe": "Recipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListRecipeVersions.html" + }, + "ListRecipes": { + "privilege": "ListRecipes", + "description": "Grants permission to list recipes in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListRecipes.html" + }, + "ListRulesets": { + "privilege": "ListRulesets", + "description": "Grants permission to list rulesets in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListRulesets.html" + }, + "ListSchedules": { + "privilege": "ListSchedules", + "description": "Grants permission to list schedules in your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListSchedules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve tags associated with a resource", + "access_level": "Read", + "resource_types": { + "Dataset": { + "resource_type": "Dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Job": { + "resource_type": "Job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Project": { + "resource_type": "Project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Recipe": { + "resource_type": "Recipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Ruleset": { + "resource_type": "Ruleset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Schedule": { + "resource_type": "Schedule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "Dataset", + "job": "Job", + "project": "Project", + "recipe": "Recipe", + "ruleset": "Ruleset", + "schedule": "Schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_ListTagsForResource.html" + }, + "PublishRecipe": { + "privilege": "PublishRecipe", + "description": "Grants permission to publish a major verison of a recipe", + "access_level": "Write", + "resource_types": { + "Recipe": { + "resource_type": "Recipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recipe": "Recipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_PublishRecipe.html" + }, + "SendProjectSessionAction": { + "privilege": "SendProjectSessionAction", + "description": "Grants permission to submit an action to the interactive session for a project", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_SendProjectSessionAction.html" + }, + "StartJobRun": { + "privilege": "StartJobRun", + "description": "Grants permission to start running a job", + "access_level": "Write", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_StartJobRun.html" + }, + "StartProjectSession": { + "privilege": "StartProjectSession", + "description": "Grants permission to start an interactive session for a project", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_StartProjectSession.html" + }, + "StopJobRun": { + "privilege": "StopJobRun", + "description": "Grants permission to stop a job run for a job", + "access_level": "Write", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_StopJobRun.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "Dataset": { + "resource_type": "Dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Job": { + "resource_type": "Job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Project": { + "resource_type": "Project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Recipe": { + "resource_type": "Recipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Ruleset": { + "resource_type": "Ruleset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Schedule": { + "resource_type": "Schedule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "Dataset", + "job": "Job", + "project": "Project", + "recipe": "Recipe", + "ruleset": "Ruleset", + "schedule": "Schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags associated with a resource", + "access_level": "Tagging", + "resource_types": { + "Dataset": { + "resource_type": "Dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Job": { + "resource_type": "Job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Project": { + "resource_type": "Project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Recipe": { + "resource_type": "Recipe", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Ruleset": { + "resource_type": "Ruleset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Schedule": { + "resource_type": "Schedule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "Dataset", + "job": "Job", + "project": "Project", + "recipe": "Recipe", + "ruleset": "Ruleset", + "schedule": "Schedule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UntagResource.html" + }, + "UpdateDataset": { + "privilege": "UpdateDataset", + "description": "Grants permission to modify a dataset", + "access_level": "Write", + "resource_types": { + "Dataset": { + "resource_type": "Dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "Dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateDataset.html" + }, + "UpdateProfileJob": { + "privilege": "UpdateProfileJob", + "description": "Grants permission to modify a profile job", + "access_level": "Write", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateProfileJob.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to modify a project", + "access_level": "Write", + "resource_types": { + "Project": { + "resource_type": "Project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "Project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateProject.html" + }, + "UpdateRecipe": { + "privilege": "UpdateRecipe", + "description": "Grants permission to modify a recipe", + "access_level": "Write", + "resource_types": { + "Recipe": { + "resource_type": "Recipe", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "recipe": "Recipe" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateRecipe.html" + }, + "UpdateRecipeJob": { + "privilege": "UpdateRecipeJob", + "description": "Grants permission to modify a recipe job", + "access_level": "Write", + "resource_types": { + "Job": { + "resource_type": "Job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "Job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateRecipeJob.html" + }, + "UpdateRuleset": { + "privilege": "UpdateRuleset", + "description": "Grants permission to modify a ruleset", + "access_level": "Write", + "resource_types": { + "Ruleset": { + "resource_type": "Ruleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ruleset": "Ruleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateRuleset.html" + }, + "UpdateSchedule": { + "privilege": "UpdateSchedule", + "description": "Grants permission to modify a schedule", + "access_level": "Write", + "resource_types": { + "Schedule": { + "resource_type": "Schedule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "schedule": "Schedule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/databrew/latest/dg/API_UpdateSchedule.html" + } + }, + "privileges_lower_name": { + "batchdeleterecipeversion": "BatchDeleteRecipeVersion", + "createdataset": "CreateDataset", + "createprofilejob": "CreateProfileJob", + "createproject": "CreateProject", + "createrecipe": "CreateRecipe", + "createrecipejob": "CreateRecipeJob", + "createruleset": "CreateRuleset", + "createschedule": "CreateSchedule", + "deletedataset": "DeleteDataset", + "deletejob": "DeleteJob", + "deleteproject": "DeleteProject", + "deleterecipeversion": "DeleteRecipeVersion", + "deleteruleset": "DeleteRuleset", + "deleteschedule": "DeleteSchedule", + "describedataset": "DescribeDataset", + "describejob": "DescribeJob", + "describejobrun": "DescribeJobRun", + "describeproject": "DescribeProject", + "describerecipe": "DescribeRecipe", + "describeruleset": "DescribeRuleset", + "describeschedule": "DescribeSchedule", + "listdatasets": "ListDatasets", + "listjobruns": "ListJobRuns", + "listjobs": "ListJobs", + "listprojects": "ListProjects", + "listrecipeversions": "ListRecipeVersions", + "listrecipes": "ListRecipes", + "listrulesets": "ListRulesets", + "listschedules": "ListSchedules", + "listtagsforresource": "ListTagsForResource", + "publishrecipe": "PublishRecipe", + "sendprojectsessionaction": "SendProjectSessionAction", + "startjobrun": "StartJobRun", + "startprojectsession": "StartProjectSession", + "stopjobrun": "StopJobRun", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedataset": "UpdateDataset", + "updateprofilejob": "UpdateProfileJob", + "updateproject": "UpdateProject", + "updaterecipe": "UpdateRecipe", + "updaterecipejob": "UpdateRecipeJob", + "updateruleset": "UpdateRuleset", + "updateschedule": "UpdateSchedule" + }, + "resources": { + "Project": { + "resource": "Project", + "arn": "arn:${Partition}:databrew:${Region}:${Account}:project/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Dataset": { + "resource": "Dataset", + "arn": "arn:${Partition}:databrew:${Region}:${Account}:dataset/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Ruleset": { + "resource": "Ruleset", + "arn": "arn:${Partition}:databrew:${Region}:${Account}:ruleset/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Recipe": { + "resource": "Recipe", + "arn": "arn:${Partition}:databrew:${Region}:${Account}:recipe/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Job": { + "resource": "Job", + "arn": "arn:${Partition}:databrew:${Region}:${Account}:job/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Schedule": { + "resource": "Schedule", + "arn": "arn:${Partition}:databrew:${Region}:${Account}:schedule/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "project": "Project", + "dataset": "Dataset", + "ruleset": "Ruleset", + "recipe": "Recipe", + "job": "Job", + "schedule": "Schedule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "groundstation": { + "service_name": "AWS Ground Station", + "prefix": "groundstation", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsgroundstation.html", + "privileges": { + "CancelContact": { + "privilege": "CancelContact", + "description": "Grants permission to cancel a contact", + "access_level": "Write", + "resource_types": { + "Contact": { + "resource_type": "Contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "Contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CancelContact.html" + }, + "CreateConfig": { + "privilege": "CreateConfig", + "description": "Grants permission to create a configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateConfig.html" + }, + "CreateDataflowEndpointGroup": { + "privilege": "CreateDataflowEndpointGroup", + "description": "Grants permission to create a data flow endpoint group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateDataflowEndpointGroup.html" + }, + "CreateEphemeris": { + "privilege": "CreateEphemeris", + "description": "Grants permission to create an ephemeris item", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateEphemeris.html" + }, + "CreateMissionProfile": { + "privilege": "CreateMissionProfile", + "description": "Grants permission to create a mission profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_CreateMissionProfile.html" + }, + "DeleteConfig": { + "privilege": "DeleteConfig", + "description": "Grants permission to delete a config", + "access_level": "Write", + "resource_types": { + "Config": { + "resource_type": "Config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "Config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteConfig.html" + }, + "DeleteDataflowEndpointGroup": { + "privilege": "DeleteDataflowEndpointGroup", + "description": "Grants permission to delete a data flow endpoint group", + "access_level": "Write", + "resource_types": { + "DataflowEndpointGroup": { + "resource_type": "DataflowEndpointGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataflowendpointgroup": "DataflowEndpointGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteDataflowEndpointGroup.html" + }, + "DeleteEphemeris": { + "privilege": "DeleteEphemeris", + "description": "Grants permission to delete an ephemeris item", + "access_level": "Write", + "resource_types": { + "EphemerisItem": { + "resource_type": "EphemerisItem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ephemerisitem": "EphemerisItem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteEphemeris.html" + }, + "DeleteMissionProfile": { + "privilege": "DeleteMissionProfile", + "description": "Grants permission to delete a mission profile", + "access_level": "Write", + "resource_types": { + "MissionProfile": { + "resource_type": "MissionProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "missionprofile": "MissionProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DeleteMissionProfile.html" + }, + "DescribeContact": { + "privilege": "DescribeContact", + "description": "Grants permission to describe a contact", + "access_level": "Read", + "resource_types": { + "Contact": { + "resource_type": "Contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "Contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DescribeContact.html" + }, + "DescribeEphemeris": { + "privilege": "DescribeEphemeris", + "description": "Grants permission to describe an ephemeris item", + "access_level": "Read", + "resource_types": { + "EphemerisItem": { + "resource_type": "EphemerisItem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ephemerisitem": "EphemerisItem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_DescribeEphemeris.html" + }, + "GetAgentConfiguration": { + "privilege": "GetAgentConfiguration", + "description": "Grants permission to get the configuration of an agent", + "access_level": "Read", + "resource_types": { + "Agent": { + "resource_type": "Agent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "Agent" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetAgentConfiguration.html" + }, + "GetConfig": { + "privilege": "GetConfig", + "description": "Grants permission to return a configuration", + "access_level": "Read", + "resource_types": { + "Config": { + "resource_type": "Config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "Config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetConfig.html" + }, + "GetDataflowEndpointGroup": { + "privilege": "GetDataflowEndpointGroup", + "description": "Grants permission to return a data flow endpoint group", + "access_level": "Read", + "resource_types": { + "DataflowEndpointGroup": { + "resource_type": "DataflowEndpointGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataflowendpointgroup": "DataflowEndpointGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetDataflowEndpointGroup.html" + }, + "GetMinuteUsage": { + "privilege": "GetMinuteUsage", + "description": "Grants permission to return minutes usage", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetMinuteUsage.html" + }, + "GetMissionProfile": { + "privilege": "GetMissionProfile", + "description": "Grants permission to retrieve a mission profile", + "access_level": "Read", + "resource_types": { + "MissionProfile": { + "resource_type": "MissionProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "missionprofile": "MissionProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetMissionProfile.html" + }, + "GetSatellite": { + "privilege": "GetSatellite", + "description": "Grants permission to return information about a satellite", + "access_level": "Read", + "resource_types": { + "Satellite": { + "resource_type": "Satellite", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "satellite": "Satellite" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_GetSatellite.html" + }, + "ListConfigs": { + "privilege": "ListConfigs", + "description": "Grants permission to return a list of past configurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListConfigs.html" + }, + "ListContacts": { + "privilege": "ListContacts", + "description": "Grants permission to return a list of contacts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListContacts.html" + }, + "ListDataflowEndpointGroups": { + "privilege": "ListDataflowEndpointGroups", + "description": "Grants permission to list data flow endpoint groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListDataflowEndpointGroups.html" + }, + "ListEphemerides": { + "privilege": "ListEphemerides", + "description": "Grants permission to list ephemerides", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListEphemerides.html" + }, + "ListGroundStations": { + "privilege": "ListGroundStations", + "description": "Grants permission to list ground stations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListGroundStations.html" + }, + "ListMissionProfiles": { + "privilege": "ListMissionProfiles", + "description": "Grants permission to return a list of mission profiles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListMissionProfiles.html" + }, + "ListSatellites": { + "privilege": "ListSatellites", + "description": "Grants permission to list satellites", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListSatellites.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "Config": { + "resource_type": "Config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Contact": { + "resource_type": "Contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataflowEndpointGroup": { + "resource_type": "DataflowEndpointGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MissionProfile": { + "resource_type": "MissionProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "Config", + "contact": "Contact", + "dataflowendpointgroup": "DataflowEndpointGroup", + "missionprofile": "MissionProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ListTagsForResource.html" + }, + "RegisterAgent": { + "privilege": "RegisterAgent", + "description": "Grants permission to register an agent", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_RegisterAgent.html" + }, + "ReserveContact": { + "privilege": "ReserveContact", + "description": "Grants permission to reserve a contact", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_ReserveContact.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign a resource tag", + "access_level": "Tagging", + "resource_types": { + "Config": { + "resource_type": "Config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Contact": { + "resource_type": "Contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataflowEndpointGroup": { + "resource_type": "DataflowEndpointGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "EphemerisItem": { + "resource_type": "EphemerisItem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MissionProfile": { + "resource_type": "MissionProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "Config", + "contact": "Contact", + "dataflowendpointgroup": "DataflowEndpointGroup", + "ephemerisitem": "EphemerisItem", + "missionprofile": "MissionProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to unassign a resource tag", + "access_level": "Tagging", + "resource_types": { + "Config": { + "resource_type": "Config", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Contact": { + "resource_type": "Contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DataflowEndpointGroup": { + "resource_type": "DataflowEndpointGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "EphemerisItem": { + "resource_type": "EphemerisItem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MissionProfile": { + "resource_type": "MissionProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "Config", + "contact": "Contact", + "dataflowendpointgroup": "DataflowEndpointGroup", + "ephemerisitem": "EphemerisItem", + "missionprofile": "MissionProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UntagResource.html" + }, + "UpdateAgentStatus": { + "privilege": "UpdateAgentStatus", + "description": "Grants permission to update the status of an agent", + "access_level": "Write", + "resource_types": { + "Agent": { + "resource_type": "Agent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agent": "Agent" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateAgentStatus.html" + }, + "UpdateConfig": { + "privilege": "UpdateConfig", + "description": "Grants permission to update a configuration", + "access_level": "Write", + "resource_types": { + "Config": { + "resource_type": "Config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "config": "Config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateConfig.html" + }, + "UpdateEphemeris": { + "privilege": "UpdateEphemeris", + "description": "Grants permission to update an ephemeris item", + "access_level": "Write", + "resource_types": { + "EphemerisItem": { + "resource_type": "EphemerisItem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ephemerisitem": "EphemerisItem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateEphemeris.html" + }, + "UpdateMissionProfile": { + "privilege": "UpdateMissionProfile", + "description": "Grants permission to update a mission profile", + "access_level": "Write", + "resource_types": { + "MissionProfile": { + "resource_type": "MissionProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "missionprofile": "MissionProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ground-station/latest/APIReference/API_UpdateMissionProfile.html" + } + }, + "privileges_lower_name": { + "cancelcontact": "CancelContact", + "createconfig": "CreateConfig", + "createdataflowendpointgroup": "CreateDataflowEndpointGroup", + "createephemeris": "CreateEphemeris", + "createmissionprofile": "CreateMissionProfile", + "deleteconfig": "DeleteConfig", + "deletedataflowendpointgroup": "DeleteDataflowEndpointGroup", + "deleteephemeris": "DeleteEphemeris", + "deletemissionprofile": "DeleteMissionProfile", + "describecontact": "DescribeContact", + "describeephemeris": "DescribeEphemeris", + "getagentconfiguration": "GetAgentConfiguration", + "getconfig": "GetConfig", + "getdataflowendpointgroup": "GetDataflowEndpointGroup", + "getminuteusage": "GetMinuteUsage", + "getmissionprofile": "GetMissionProfile", + "getsatellite": "GetSatellite", + "listconfigs": "ListConfigs", + "listcontacts": "ListContacts", + "listdataflowendpointgroups": "ListDataflowEndpointGroups", + "listephemerides": "ListEphemerides", + "listgroundstations": "ListGroundStations", + "listmissionprofiles": "ListMissionProfiles", + "listsatellites": "ListSatellites", + "listtagsforresource": "ListTagsForResource", + "registeragent": "RegisterAgent", + "reservecontact": "ReserveContact", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateagentstatus": "UpdateAgentStatus", + "updateconfig": "UpdateConfig", + "updateephemeris": "UpdateEphemeris", + "updatemissionprofile": "UpdateMissionProfile" + }, + "resources": { + "Config": { + "resource": "Config", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:config/${ConfigType}/${ConfigId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "groundstation:ConfigId", + "groundstation:ConfigType" + ] + }, + "Contact": { + "resource": "Contact", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:contact/${ContactId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "groundstation:ContactId" + ] + }, + "DataflowEndpointGroup": { + "resource": "DataflowEndpointGroup", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:dataflow-endpoint-group/${DataflowEndpointGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "groundstation:DataflowEndpointGroupId" + ] + }, + "EphemerisItem": { + "resource": "EphemerisItem", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:ephemeris/${EphemerisId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "groundstation:EphemerisId" + ] + }, + "GroundStationResource": { + "resource": "GroundStationResource", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:groundstation:${GroundStationId}", + "condition_keys": [ + "groundstation:GroundStationId" + ] + }, + "MissionProfile": { + "resource": "MissionProfile", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:mission-profile/${MissionProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "groundstation:MissionProfileId" + ] + }, + "Satellite": { + "resource": "Satellite", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:satellite/${SatelliteId}", + "condition_keys": [ + "groundstation:SatelliteId" + ] + }, + "Agent": { + "resource": "Agent", + "arn": "arn:${Partition}:groundstation:${Region}:${Account}:agent/${AgentId}", + "condition_keys": [ + "groundstation:AgentId" + ] + } + }, + "resources_lower_name": { + "config": "Config", + "contact": "Contact", + "dataflowendpointgroup": "DataflowEndpointGroup", + "ephemerisitem": "EphemerisItem", + "groundstationresource": "GroundStationResource", + "missionprofile": "MissionProfile", + "satellite": "Satellite", + "agent": "Agent" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "groundstation:AgentId": { + "condition": "groundstation:AgentId", + "description": "Filters access by the ID of an agent", + "type": "String" + }, + "groundstation:ConfigId": { + "condition": "groundstation:ConfigId", + "description": "Filters access by the ID of a config", + "type": "String" + }, + "groundstation:ConfigType": { + "condition": "groundstation:ConfigType", + "description": "Filters access by the type of a config", + "type": "String" + }, + "groundstation:ContactId": { + "condition": "groundstation:ContactId", + "description": "Filters access by the ID of a contact", + "type": "String" + }, + "groundstation:DataflowEndpointGroupId": { + "condition": "groundstation:DataflowEndpointGroupId", + "description": "Filters access by the ID of a dataflow endpoint group", + "type": "String" + }, + "groundstation:EphemerisId": { + "condition": "groundstation:EphemerisId", + "description": "Filters access by the ID of an ephemeris", + "type": "String" + }, + "groundstation:GroundStationId": { + "condition": "groundstation:GroundStationId", + "description": "Filters access by the ID of a ground station", + "type": "String" + }, + "groundstation:MissionProfileId": { + "condition": "groundstation:MissionProfileId", + "description": "Filters access by the ID of a mission profile", + "type": "String" + }, + "groundstation:SatelliteId": { + "condition": "groundstation:SatelliteId", + "description": "Filters access by the ID of a satellite", + "type": "String" + } + } + }, + "health": { + "service_name": "AWS Health APIs and Notifications", + "prefix": "health", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awshealthapisandnotifications.html", + "privileges": { + "DescribeAffectedAccountsForOrganization": { + "privilege": "DescribeAffectedAccountsForOrganization", + "description": "Grants permission to retrieve a list of accounts that have been affected by the specified events in organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:ListAccounts" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeAffectedAccountsForOrganization.html" + }, + "DescribeAffectedEntities": { + "privilege": "DescribeAffectedEntities", + "description": "Grants permission to retrieve a list of entities that have been affected by the specified events", + "access_level": "Read", + "resource_types": { + "event": { + "resource_type": "event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "health:eventTypeCode", + "health:service" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeAffectedEntities.html" + }, + "DescribeAffectedEntitiesForOrganization": { + "privilege": "DescribeAffectedEntitiesForOrganization", + "description": "Grants permission to retrieve a list of entities that have been affected by the specified events and accounts in organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:ListAccounts" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeAffectedEntitiesForOrganization.html" + }, + "DescribeEntityAggregates": { + "privilege": "DescribeEntityAggregates", + "description": "Grants permission to retrieve the number of entities that are affected by each of the specified events", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEntityAggregates.html" + }, + "DescribeEventAggregates": { + "privilege": "DescribeEventAggregates", + "description": "Grants permission to retrieve the number of events of each event type (issue, scheduled change, and account notification)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventAggregates.html" + }, + "DescribeEventDetails": { + "privilege": "DescribeEventDetails", + "description": "Grants permission to retrieve detailed information about one or more specified events", + "access_level": "Read", + "resource_types": { + "event": { + "resource_type": "event", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "health:eventTypeCode", + "health:service" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "event": "event", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventDetails.html" + }, + "DescribeEventDetailsForOrganization": { + "privilege": "DescribeEventDetailsForOrganization", + "description": "Grants permission to retrieve detailed information about one or more specified events for provided accounts in organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:ListAccounts" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventDetailsForOrganization.html" + }, + "DescribeEventTypes": { + "privilege": "DescribeEventTypes", + "description": "Grants permission to retrieve the event types that meet the specified filter criteria", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventTypes.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to retrieve information about events that meet the specified filter criteria", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEvents.html" + }, + "DescribeEventsForOrganization": { + "privilege": "DescribeEventsForOrganization", + "description": "Grants permission to retrieve information about events that meet the specified filter criteria in organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:ListAccounts" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeEventsForOrganization.html" + }, + "DescribeHealthServiceStatusForOrganization": { + "privilege": "DescribeHealthServiceStatusForOrganization", + "description": "Grants permission to retrieve the status of enabling or disabling the Organizational View feature", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:ListAccounts" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DescribeHealthServiceStatusForOrganization.html" + }, + "DisableHealthServiceAccessForOrganization": { + "privilege": "DisableHealthServiceAccessForOrganization", + "description": "Grants permission to disable the Organizational View feature", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DisableAWSServiceAccess", + "organizations:ListAccounts" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_DisableHealthServiceAccessForOrganization.html" + }, + "EnableHealthServiceAccessForOrganization": { + "privilege": "EnableHealthServiceAccessForOrganization", + "description": "Grants permission to enable the Organizational View feature", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "organizations:EnableAWSServiceAccess", + "organizations:ListAccounts" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/health/latest/APIReference/API_EnableHealthServiceAccessForOrganization.html" + } + }, + "privileges_lower_name": { + "describeaffectedaccountsfororganization": "DescribeAffectedAccountsForOrganization", + "describeaffectedentities": "DescribeAffectedEntities", + "describeaffectedentitiesfororganization": "DescribeAffectedEntitiesForOrganization", + "describeentityaggregates": "DescribeEntityAggregates", + "describeeventaggregates": "DescribeEventAggregates", + "describeeventdetails": "DescribeEventDetails", + "describeeventdetailsfororganization": "DescribeEventDetailsForOrganization", + "describeeventtypes": "DescribeEventTypes", + "describeevents": "DescribeEvents", + "describeeventsfororganization": "DescribeEventsForOrganization", + "describehealthservicestatusfororganization": "DescribeHealthServiceStatusForOrganization", + "disablehealthserviceaccessfororganization": "DisableHealthServiceAccessForOrganization", + "enablehealthserviceaccessfororganization": "EnableHealthServiceAccessForOrganization" + }, + "resources": { + "event": { + "resource": "event", + "arn": "arn:${Partition}:health:*::event/${Service}/${EventTypeCode}/*", + "condition_keys": [] + } + }, + "resources_lower_name": { + "event": "event" + }, + "conditions": { + "health:eventTypeCode": { + "condition": "health:eventTypeCode", + "description": "Filters access by event type", + "type": "String" + }, + "health:service": { + "condition": "health:service", + "description": "Filters access by impacted service", + "type": "String" + } + } + }, + "medical-imaging": { + "service_name": "AWS HealthImaging", + "prefix": "medical-imaging", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awshealthimaging.html", + "privileges": { + "CopyImageSet": { + "privilege": "CopyImageSet", + "description": "Grants permission to copy an image set", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_CopyImageSet.html" + }, + "CreateDatastore": { + "privilege": "CreateDatastore", + "description": "Grants permission to create a data store to ingest imaging data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_CreateDatastore.html" + }, + "DeleteDatastore": { + "privilege": "DeleteDatastore", + "description": "Grants permission to delete a data store", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_DeleteDatastore.html" + }, + "DeleteImageSet": { + "privilege": "DeleteImageSet", + "description": "Grants permission to delete an image set", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_DeleteImageSet.html" + }, + "GetDICOMImportJob": { + "privilege": "GetDICOMImportJob", + "description": "Grants permission to get an import job's properties", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_GetDICOMImportJob.html" + }, + "GetDatastore": { + "privilege": "GetDatastore", + "description": "Grants permission to get data store properties", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_GetDatastore.html" + }, + "GetImageFrame": { + "privilege": "GetImageFrame", + "description": "Grants permission to get image frame properties", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_GetImageFrame.html" + }, + "GetImageSet": { + "privilege": "GetImageSet", + "description": "Grants permission to get image set properties", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_GetImageSet.html" + }, + "GetImageSetMetadata": { + "privilege": "GetImageSetMetadata", + "description": "Grants permission to get image set metadata properties", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_GetImageSetMetadata.html" + }, + "ListDICOMImportJobs": { + "privilege": "ListDICOMImportJobs", + "description": "Grants permission to list import jobs for a data store", + "access_level": "List", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_ListDICOMImportJobs.html" + }, + "ListDatastores": { + "privilege": "ListDatastores", + "description": "Grants permission to list data stores", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_ListDatastores.html" + }, + "ListImageSetVersions": { + "privilege": "ListImageSetVersions", + "description": "Grants permission to list versions of an image set", + "access_level": "List", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_ListImageSetVersions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a medical imaging resource", + "access_level": "List", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_ListTagsForResource.html" + }, + "SearchImageSets": { + "privilege": "SearchImageSets", + "description": "Grants permission to search image sets", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_SearchImageSets.html" + }, + "StartDICOMImportJob": { + "privilege": "StartDICOMImportJob", + "description": "Grants permission to start a DICOM import job", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_StartDICOMImportJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a medical imaging resource", + "access_level": "Tagging", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a medical imaging resource", + "access_level": "Tagging", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_UntagResource.html" + }, + "UpdateImageSetMetadata": { + "privilege": "UpdateImageSetMetadata", + "description": "Grants permission to update image set metadata properties", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "imageset": { + "resource_type": "imageset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/healthimaging/latest/APIReference/API_dataplane_UpdateImageSetMetadata.html" + } + }, + "privileges_lower_name": { + "copyimageset": "CopyImageSet", + "createdatastore": "CreateDatastore", + "deletedatastore": "DeleteDatastore", + "deleteimageset": "DeleteImageSet", + "getdicomimportjob": "GetDICOMImportJob", + "getdatastore": "GetDatastore", + "getimageframe": "GetImageFrame", + "getimageset": "GetImageSet", + "getimagesetmetadata": "GetImageSetMetadata", + "listdicomimportjobs": "ListDICOMImportJobs", + "listdatastores": "ListDatastores", + "listimagesetversions": "ListImageSetVersions", + "listtagsforresource": "ListTagsForResource", + "searchimagesets": "SearchImageSets", + "startdicomimportjob": "StartDICOMImportJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateimagesetmetadata": "UpdateImageSetMetadata" + }, + "resources": { + "datastore": { + "resource": "datastore", + "arn": "arn:${Partition}:medical-imaging:${Region}:${Account}:datastore/${DatastoreId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "imageset": { + "resource": "imageset", + "arn": "arn:${Partition}:medical-imaging:${Region}:${Account}:datastore/${DatastoreId}/imageset/${ImageSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "datastore": "datastore", + "imageset": "imageset" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + } + } + }, + "access-analyzer": { + "service_name": "AWS IAM Access Analyzer", + "prefix": "access-analyzer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiamaccessanalyzer.html", + "privileges": { + "ApplyArchiveRule": { + "privilege": "ApplyArchiveRule", + "description": "Grants permission to apply an archive rule", + "access_level": "Write", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ApplyArchiveRule.html" + }, + "CancelPolicyGeneration": { + "privilege": "CancelPolicyGeneration", + "description": "Grants permission to cancel a policy generation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CancelPolicyGeneration.html" + }, + "CreateAccessPreview": { + "privilege": "CreateAccessPreview", + "description": "Grants permission to create an access preview for the specified analyzer", + "access_level": "Write", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CreateAccessPreview.html" + }, + "CreateAnalyzer": { + "privilege": "CreateAnalyzer", + "description": "Grants permission to create an analyzer", + "access_level": "Write", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CreateAnalyzer.html" + }, + "CreateArchiveRule": { + "privilege": "CreateArchiveRule", + "description": "Grants permission to create an archive rule for the specified analyzer", + "access_level": "Write", + "resource_types": { + "ArchiveRule": { + "resource_type": "ArchiveRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archiverule": "ArchiveRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CreateArchiveRule.html" + }, + "DeleteAnalyzer": { + "privilege": "DeleteAnalyzer", + "description": "Grants permission to delete the specified analyzer", + "access_level": "Write", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_DeleteAnalyzer.html" + }, + "DeleteArchiveRule": { + "privilege": "DeleteArchiveRule", + "description": "Grants permission to delete archive rules for the specified analyzer", + "access_level": "Write", + "resource_types": { + "ArchiveRule": { + "resource_type": "ArchiveRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archiverule": "ArchiveRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_DeleteArchiveRule.html" + }, + "GetAccessPreview": { + "privilege": "GetAccessPreview", + "description": "Grants permission to retrieve information about an access preview", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetAccessPreview.html" + }, + "GetAnalyzedResource": { + "privilege": "GetAnalyzedResource", + "description": "Grants permission to retrieve information about an analyzed resource", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetAnalyzedResource.html" + }, + "GetAnalyzer": { + "privilege": "GetAnalyzer", + "description": "Grants permission to retrieve information about analyzers", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetAnalyzer.html" + }, + "GetArchiveRule": { + "privilege": "GetArchiveRule", + "description": "Grants permission to retrieve information about archive rules for the specified analyzer", + "access_level": "Read", + "resource_types": { + "ArchiveRule": { + "resource_type": "ArchiveRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archiverule": "ArchiveRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetArchiveRule.html" + }, + "GetFinding": { + "privilege": "GetFinding", + "description": "Grants permission to retrieve findings", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetFinding.html" + }, + "GetGeneratedPolicy": { + "privilege": "GetGeneratedPolicy", + "description": "Grants permission to retrieve a policy that was generated using StartPolicyGeneration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetGeneratedPolicy.html" + }, + "ListAccessPreviewFindings": { + "privilege": "ListAccessPreviewFindings", + "description": "Grants permission to retrieve a list of findings from an access preview", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAccessPreviewFindings.html" + }, + "ListAccessPreviews": { + "privilege": "ListAccessPreviews", + "description": "Grants permission to retrieve a list of access previews", + "access_level": "List", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAccessPreviews.html" + }, + "ListAnalyzedResources": { + "privilege": "ListAnalyzedResources", + "description": "Grants permission to retrieve a list of resources that have been analyzed", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAnalyzedResources.html" + }, + "ListAnalyzers": { + "privilege": "ListAnalyzers", + "description": "Grants permission to retrieves a list of analyzers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListAnalyzers.html" + }, + "ListArchiveRules": { + "privilege": "ListArchiveRules", + "description": "Grants permission to retrieve a list of archive rules from an analyzer", + "access_level": "List", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListArchiveRules.html" + }, + "ListFindings": { + "privilege": "ListFindings", + "description": "Grants permission to retrieve a list of findings from an analyzer", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListFindings.html" + }, + "ListPolicyGenerations": { + "privilege": "ListPolicyGenerations", + "description": "Grants permission to list all the recently started policy generations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListPolicyGenerations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of tags applied to a resource", + "access_level": "Read", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ListTagsForResource.html" + }, + "StartPolicyGeneration": { + "privilege": "StartPolicyGeneration", + "description": "Grants permission to start a policy generation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_StartPolicyGeneration.html" + }, + "StartResourceScan": { + "privilege": "StartResourceScan", + "description": "Grants permission to start a scan of the policies applied to a resource", + "access_level": "Write", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_StartResourceScan.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a tag to a resource", + "access_level": "Tagging", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a resource", + "access_level": "Tagging", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_UntagResource.html" + }, + "UpdateArchiveRule": { + "privilege": "UpdateArchiveRule", + "description": "Grants permission to modify an archive rule", + "access_level": "Write", + "resource_types": { + "ArchiveRule": { + "resource_type": "ArchiveRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "archiverule": "ArchiveRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_UpdateArchiveRule.html" + }, + "UpdateFindings": { + "privilege": "UpdateFindings", + "description": "Grants permission to modify findings", + "access_level": "Write", + "resource_types": { + "Analyzer": { + "resource_type": "Analyzer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "analyzer": "Analyzer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_UpdateFindings.html" + }, + "ValidatePolicy": { + "privilege": "ValidatePolicy", + "description": "Grants permission to validate a policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_ValidatePolicy.html" + } + }, + "privileges_lower_name": { + "applyarchiverule": "ApplyArchiveRule", + "cancelpolicygeneration": "CancelPolicyGeneration", + "createaccesspreview": "CreateAccessPreview", + "createanalyzer": "CreateAnalyzer", + "createarchiverule": "CreateArchiveRule", + "deleteanalyzer": "DeleteAnalyzer", + "deletearchiverule": "DeleteArchiveRule", + "getaccesspreview": "GetAccessPreview", + "getanalyzedresource": "GetAnalyzedResource", + "getanalyzer": "GetAnalyzer", + "getarchiverule": "GetArchiveRule", + "getfinding": "GetFinding", + "getgeneratedpolicy": "GetGeneratedPolicy", + "listaccesspreviewfindings": "ListAccessPreviewFindings", + "listaccesspreviews": "ListAccessPreviews", + "listanalyzedresources": "ListAnalyzedResources", + "listanalyzers": "ListAnalyzers", + "listarchiverules": "ListArchiveRules", + "listfindings": "ListFindings", + "listpolicygenerations": "ListPolicyGenerations", + "listtagsforresource": "ListTagsForResource", + "startpolicygeneration": "StartPolicyGeneration", + "startresourcescan": "StartResourceScan", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatearchiverule": "UpdateArchiveRule", + "updatefindings": "UpdateFindings", + "validatepolicy": "ValidatePolicy" + }, + "resources": { + "Analyzer": { + "resource": "Analyzer", + "arn": "arn:${Partition}:access-analyzer:${Region}:${Account}:analyzer/${AnalyzerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ArchiveRule": { + "resource": "ArchiveRule", + "arn": "arn:${Partition}:access-analyzer:${Region}:${Account}:analyzer/${AnalyzerName}/archive-rule/${RuleName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "analyzer": "Analyzer", + "archiverule": "ArchiveRule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "sso": { + "service_name": "AWS IAM Identity Center (successor to AWS Single Sign-On)", + "prefix": "sso", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiamidentitycentersuccessortoawssinglesign-on.html", + "privileges": { + "AssociateDirectory": { + "privilege": "AssociateDirectory", + "description": "Grants permission to connect a directory to be used by AWS Single Sign-On", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ds:AuthorizeApplication" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "AssociateProfile": { + "privilege": "AssociateProfile", + "description": "Grants permission to create an association between a directory user or group and a profile", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "AttachCustomerManagedPolicyReferenceToPermissionSet": { + "privilege": "AttachCustomerManagedPolicyReferenceToPermissionSet", + "description": "Grants permission to attach a customer managed policy reference to a permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_AttachCustomerManagedPolicyReferenceToPermissionSet.html" + }, + "AttachManagedPolicyToPermissionSet": { + "privilege": "AttachManagedPolicyToPermissionSet", + "description": "Grants permission to attach an AWS managed policy to a permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_AttachManagedPolicyToPermissionSet.html" + }, + "CreateAccountAssignment": { + "privilege": "CreateAccountAssignment", + "description": "Grants permission to assign access to a Principal for a specified AWS account using a specified permission set", + "access_level": "Write", + "resource_types": { + "Account": { + "resource_type": "Account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "Account", + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_CreateAccountAssignment.html" + }, + "CreateApplicationInstance": { + "privilege": "CreateApplicationInstance", + "description": "Grants permission to add an application instance to AWS Single Sign-On", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateApplicationInstanceCertificate": { + "privilege": "CreateApplicationInstanceCertificate", + "description": "Grants permission to add a new certificate for an application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateInstanceAccessControlAttributeConfiguration": { + "privilege": "CreateInstanceAccessControlAttributeConfiguration", + "description": "Grants permission to enable the instance for ABAC and specify the attributes", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_CreateInstanceAccessControlAttributeConfiguration.html" + }, + "CreateManagedApplicationInstance": { + "privilege": "CreateManagedApplicationInstance", + "description": "Grants permission to add a managed application instance to AWS Single Sign-On", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreatePermissionSet": { + "privilege": "CreatePermissionSet", + "description": "Grants permission to create a permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_CreatePermissionSet.html" + }, + "CreateProfile": { + "privilege": "CreateProfile", + "description": "Grants permission to create a profile for an application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateTrust": { + "privilege": "CreateTrust", + "description": "Grants permission to create a federation trust in a target account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteAccountAssignment": { + "privilege": "DeleteAccountAssignment", + "description": "Grants permission to delete a Principal's access from a specified AWS account using a specified permission set", + "access_level": "Write", + "resource_types": { + "Account": { + "resource_type": "Account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "Account", + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeleteAccountAssignment.html" + }, + "DeleteApplicationInstance": { + "privilege": "DeleteApplicationInstance", + "description": "Grants permission to delete the application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteApplicationInstanceCertificate": { + "privilege": "DeleteApplicationInstanceCertificate", + "description": "Grants permission to delete an inactive or expired certificate from the application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteInlinePolicyFromPermissionSet": { + "privilege": "DeleteInlinePolicyFromPermissionSet", + "description": "Grants permission to delete the inline policy from a specified permission set", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeleteInlinePolicyFromPermissionSet.html" + }, + "DeleteInstanceAccessControlAttributeConfiguration": { + "privilege": "DeleteInstanceAccessControlAttributeConfiguration", + "description": "Grants permission to disable ABAC and remove the attributes list for the instance", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeleteInstanceAccessControlAttributeConfiguration.html" + }, + "DeleteManagedApplicationInstance": { + "privilege": "DeleteManagedApplicationInstance", + "description": "Grants permission to delete the managed application instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeletePermissionSet": { + "privilege": "DeletePermissionSet", + "description": "Grants permission to delete a permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "{DocHomeURL}singlesignon/latest/APIReference/API_DeletePermissionSet.html" + }, + "DeletePermissionsBoundaryFromPermissionSet": { + "privilege": "DeletePermissionsBoundaryFromPermissionSet", + "description": "Grants permission to remove permissions boundary from a permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DeletePermissionsBoundaryFromPermissionSet.html" + }, + "DeletePermissionsPolicy": { + "privilege": "DeletePermissionsPolicy", + "description": "Grants permission to delete the permission policy associated with a permission set", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteProfile": { + "privilege": "DeleteProfile", + "description": "Grants permission to delete the profile for an application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeAccountAssignmentCreationStatus": { + "privilege": "DescribeAccountAssignmentCreationStatus", + "description": "Grants permission to describe the status of the assignment creation request", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribeAccountAssignmentCreationStatus.html" + }, + "DescribeAccountAssignmentDeletionStatus": { + "privilege": "DescribeAccountAssignmentDeletionStatus", + "description": "Grants permission to describe the status of an assignment deletion request", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribeAccountAssignmentDeletionStatus.html" + }, + "DescribeDirectories": { + "privilege": "DescribeDirectories", + "description": "Grants permission to obtain information about the directories for this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeInstanceAccessControlAttributeConfiguration": { + "privilege": "DescribeInstanceAccessControlAttributeConfiguration", + "description": "Grants permission to get the list of attributes used by the instance for ABAC", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribeInstanceAccessControlAttributeConfiguration.html" + }, + "DescribePermissionSet": { + "privilege": "DescribePermissionSet", + "description": "Grants permission to describe a permission set", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribePermissionSet.html" + }, + "DescribePermissionSetProvisioningStatus": { + "privilege": "DescribePermissionSetProvisioningStatus", + "description": "Grants permission to describe the status for the given Permission Set Provisioning request", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DescribePermissionSetProvisioningStatus.html" + }, + "DescribePermissionsPolicies": { + "privilege": "DescribePermissionsPolicies", + "description": "Grants permission to retrieve all the permissions policies associated with a permission set", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeRegisteredRegions": { + "privilege": "DescribeRegisteredRegions", + "description": "Grants permission to obtain the regions where your organization has enabled AWS Single Sign-on", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeTrusts": { + "privilege": "DescribeTrusts", + "description": "Grants permission to obtain information about the trust relationships for this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DetachCustomerManagedPolicyReferenceFromPermissionSet": { + "privilege": "DetachCustomerManagedPolicyReferenceFromPermissionSet", + "description": "Grants permission to detach a customer managed policy reference from a permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DetachCustomerManagedPolicyReferenceFromPermissionSet.html" + }, + "DetachManagedPolicyFromPermissionSet": { + "privilege": "DetachManagedPolicyFromPermissionSet", + "description": "Grants permission to detach the attached AWS managed policy from the specified permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_DetachManagedPolicyFromPermissionSet.html" + }, + "DisassociateDirectory": { + "privilege": "DisassociateDirectory", + "description": "Grants permission to disassociate a directory to be used by AWS Single Sign-On", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ds:UnauthorizeApplication" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DisassociateProfile": { + "privilege": "DisassociateProfile", + "description": "Grants permission to disassociate a directory user or group from a profile", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetApplicationInstance": { + "privilege": "GetApplicationInstance", + "description": "Grants permission to retrieve details for an application instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetApplicationTemplate": { + "privilege": "GetApplicationTemplate", + "description": "Grants permission to retrieve application template details", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetInlinePolicyForPermissionSet": { + "privilege": "GetInlinePolicyForPermissionSet", + "description": "Grants permission to obtain the inline policy assigned to the permission set", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_GetInlinePolicyForPermissionSet.html" + }, + "GetManagedApplicationInstance": { + "privilege": "GetManagedApplicationInstance", + "description": "Grants permission to retrieve details for an application instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetMfaDeviceManagementForDirectory": { + "privilege": "GetMfaDeviceManagementForDirectory", + "description": "Grants permission to retrieve Mfa Device Management settings for the directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetPermissionSet": { + "privilege": "GetPermissionSet", + "description": "Grants permission to retrieve details of a permission set", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetPermissionsBoundaryForPermissionSet": { + "privilege": "GetPermissionsBoundaryForPermissionSet", + "description": "Grants permission to get permissions boundary for a permission set", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_GetPermissionsBoundaryForPermissionSet.html" + }, + "GetPermissionsPolicy": { + "privilege": "GetPermissionsPolicy", + "description": "Grants permission to retrieve all permission policies associated with a permission set", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "sso:DescribePermissionsPolicies" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetProfile": { + "privilege": "GetProfile", + "description": "Grants permission to retrieve a profile for an application instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetSSOStatus": { + "privilege": "GetSSOStatus", + "description": "Grants permission to check if AWS Single Sign-On is enabled", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetSharedSsoConfiguration": { + "privilege": "GetSharedSsoConfiguration", + "description": "Grants permission to retrieve shared configuration for the current SSO instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetSsoConfiguration": { + "privilege": "GetSsoConfiguration", + "description": "Grants permission to retrieve configuration for the current SSO instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetTrust": { + "privilege": "GetTrust", + "description": "Grants permission to retrieve the federation trust in a target account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ImportApplicationInstanceServiceProviderMetadata": { + "privilege": "ImportApplicationInstanceServiceProviderMetadata", + "description": "Grants permission to update the application instance by uploading an application SAML metadata file provided by the service provider", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListAccountAssignmentCreationStatus": { + "privilege": "ListAccountAssignmentCreationStatus", + "description": "Grants permission to list the status of the AWS account assignment creation requests for a specified SSO instance", + "access_level": "List", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountAssignmentCreationStatus.html" + }, + "ListAccountAssignmentDeletionStatus": { + "privilege": "ListAccountAssignmentDeletionStatus", + "description": "Grants permission to list the status of the AWS account assignment deletion requests for a specified SSO instance", + "access_level": "List", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountAssignmentDeletionStatus.html" + }, + "ListAccountAssignments": { + "privilege": "ListAccountAssignments", + "description": "Grants permission to list the assignee of the specified AWS account with the specified permission set", + "access_level": "List", + "resource_types": { + "Account": { + "resource_type": "Account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "Account", + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountAssignments.html" + }, + "ListAccountsForProvisionedPermissionSet": { + "privilege": "ListAccountsForProvisionedPermissionSet", + "description": "Grants permission to list all the AWS accounts where the specified permission set is provisioned", + "access_level": "List", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListAccountsForProvisionedPermissionSet.html" + }, + "ListApplicationInstanceCertificates": { + "privilege": "ListApplicationInstanceCertificates", + "description": "Grants permission to retrieve all of the certificates for a given application instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListApplicationInstances": { + "privilege": "ListApplicationInstances", + "description": "Grants permission to retrieve all application instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "sso:GetApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListApplicationTemplates": { + "privilege": "ListApplicationTemplates", + "description": "Grants permission to retrieve all supported application templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "sso:GetApplicationTemplate" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to retrieve all supported applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListCustomerManagedPolicyReferencesInPermissionSet": { + "privilege": "ListCustomerManagedPolicyReferencesInPermissionSet", + "description": "Grants permission to list the customer managed policy references that are attached to a permission set", + "access_level": "List", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListCustomerManagedPolicyReferencesInPermissionSet.html" + }, + "ListDirectoryAssociations": { + "privilege": "ListDirectoryAssociations", + "description": "Grants permission to retrieve details about the directory connected to AWS Single Sign-On", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListInstances": { + "privilege": "ListInstances", + "description": "Grants permission to list the SSO Instances that the caller has access to", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html" + }, + "ListManagedPoliciesInPermissionSet": { + "privilege": "ListManagedPoliciesInPermissionSet", + "description": "Grants permission to list the AWS managed policies that are attached to a specified permission set", + "access_level": "List", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListManagedPoliciesInPermissionSet.html" + }, + "ListPermissionSetProvisioningStatus": { + "privilege": "ListPermissionSetProvisioningStatus", + "description": "Grants permission to list the status of the Permission Set Provisioning requests for a specified SSO instance", + "access_level": "List", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListPermissionSetProvisioningStatus.html" + }, + "ListPermissionSets": { + "privilege": "ListPermissionSets", + "description": "Grants permission to retrieve all permission sets", + "access_level": "List", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "{DocHomeURL}singlesignon/latest/APIReference/API_ListPermissionSets.html" + }, + "ListPermissionSetsProvisionedToAccount": { + "privilege": "ListPermissionSetsProvisionedToAccount", + "description": "Grants permission to list all the permission sets that are provisioned to a specified AWS account", + "access_level": "List", + "resource_types": { + "Account": { + "resource_type": "Account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "Account", + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListPermissionSetsProvisionedToAccount.html" + }, + "ListProfileAssociations": { + "privilege": "ListProfileAssociations", + "description": "Grants permission to retrieve the directory user or group associated with the profile", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListProfiles": { + "privilege": "ListProfiles", + "description": "Grants permission to retrieve all profiles for an application instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "sso:GetProfile" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags that are attached to a specified resource", + "access_level": "Read", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListTagsForResource.html" + }, + "ProvisionPermissionSet": { + "privilege": "ProvisionPermissionSet", + "description": "Grants permission to provision a specified permission set to the specified target", + "access_level": "Write", + "resource_types": { + "Account": { + "resource_type": "Account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "Account", + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ProvisionPermissionSet.html" + }, + "PutApplicationAssignmentConfiguration": { + "privilege": "PutApplicationAssignmentConfiguration", + "description": "Grants permission to add assignment configurations to an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "iam-auth-access-using-id-policies.html#policyexample" + }, + "PutInlinePolicyToPermissionSet": { + "privilege": "PutInlinePolicyToPermissionSet", + "description": "Grants permission to attach an IAM inline policy to a permission set", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_PutInlinePolicyToPermissionSet.html" + }, + "PutMfaDeviceManagementForDirectory": { + "privilege": "PutMfaDeviceManagementForDirectory", + "description": "Grants permission to put Mfa Device Management settings for the directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "PutPermissionsBoundaryToPermissionSet": { + "privilege": "PutPermissionsBoundaryToPermissionSet", + "description": "Grants permission to add permissions boundary to a permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_PutPermissionsBoundaryToPermissionSet.html" + }, + "PutPermissionsPolicy": { + "privilege": "PutPermissionsPolicy", + "description": "Grants permission to add a policy to a permission set", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "SearchGroups": { + "privilege": "SearchGroups", + "description": "Grants permission to search for groups within the associated directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "SearchUsers": { + "privilege": "SearchUsers", + "description": "Grants permission to search for users within the associated directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ds:DescribeDirectories" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "StartSSO": { + "privilege": "StartSSO", + "description": "Grants permission to initialize AWS Single Sign-On", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization", + "organizations:EnableAWSServiceAccess" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate a set of tags with a specified resource", + "access_level": "Tagging", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to disassociate a set of tags from a specified resource", + "access_level": "Tagging", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_UntagResource.html" + }, + "UpdateApplicationInstanceActiveCertificate": { + "privilege": "UpdateApplicationInstanceActiveCertificate", + "description": "Grants permission to set a certificate as the active one for this application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateApplicationInstanceDisplayData": { + "privilege": "UpdateApplicationInstanceDisplayData", + "description": "Grants permission to update display data of an application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateApplicationInstanceResponseConfiguration": { + "privilege": "UpdateApplicationInstanceResponseConfiguration", + "description": "Grants permission to update federation response configuration for the application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateApplicationInstanceResponseSchemaConfiguration": { + "privilege": "UpdateApplicationInstanceResponseSchemaConfiguration", + "description": "Grants permission to update federation response schema configuration for the application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateApplicationInstanceSecurityConfiguration": { + "privilege": "UpdateApplicationInstanceSecurityConfiguration", + "description": "Grants permission to update security details for the application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateApplicationInstanceServiceProviderConfiguration": { + "privilege": "UpdateApplicationInstanceServiceProviderConfiguration", + "description": "Grants permission to update service provider related configuration for the application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateApplicationInstanceStatus": { + "privilege": "UpdateApplicationInstanceStatus", + "description": "Grants permission to update the status of an application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateDirectoryAssociation": { + "privilege": "UpdateDirectoryAssociation", + "description": "Grants permission to update the user attribute mappings for your connected directory", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateInstanceAccessControlAttributeConfiguration": { + "privilege": "UpdateInstanceAccessControlAttributeConfiguration", + "description": "Grants permission to update the attributes to use with the instance for ABAC", + "access_level": "Write", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_UpdateInstanceAccessControlAttributeConfiguration.html" + }, + "UpdateManagedApplicationInstanceStatus": { + "privilege": "UpdateManagedApplicationInstanceStatus", + "description": "Grants permission to update the status of a managed application instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdatePermissionSet": { + "privilege": "UpdatePermissionSet", + "description": "Grants permission to update the permission set", + "access_level": "Permissions management", + "resource_types": { + "Instance": { + "resource_type": "Instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "PermissionSet": { + "resource_type": "PermissionSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "Instance", + "permissionset": "PermissionSet" + }, + "api_documentation_link": "{DocHomeURL}singlesignon/latest/APIReference/API_UpdatePermissionSet.html" + }, + "UpdateProfile": { + "privilege": "UpdateProfile", + "description": "Grants permission to update the profile for an application instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateSSOConfiguration": { + "privilege": "UpdateSSOConfiguration", + "description": "Grants permission to update the configuration for the current SSO instance", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateTrust": { + "privilege": "UpdateTrust", + "description": "Grants permission to update the federation trust in a target account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + } + }, + "privileges_lower_name": { + "associatedirectory": "AssociateDirectory", + "associateprofile": "AssociateProfile", + "attachcustomermanagedpolicyreferencetopermissionset": "AttachCustomerManagedPolicyReferenceToPermissionSet", + "attachmanagedpolicytopermissionset": "AttachManagedPolicyToPermissionSet", + "createaccountassignment": "CreateAccountAssignment", + "createapplicationinstance": "CreateApplicationInstance", + "createapplicationinstancecertificate": "CreateApplicationInstanceCertificate", + "createinstanceaccesscontrolattributeconfiguration": "CreateInstanceAccessControlAttributeConfiguration", + "createmanagedapplicationinstance": "CreateManagedApplicationInstance", + "createpermissionset": "CreatePermissionSet", + "createprofile": "CreateProfile", + "createtrust": "CreateTrust", + "deleteaccountassignment": "DeleteAccountAssignment", + "deleteapplicationinstance": "DeleteApplicationInstance", + "deleteapplicationinstancecertificate": "DeleteApplicationInstanceCertificate", + "deleteinlinepolicyfrompermissionset": "DeleteInlinePolicyFromPermissionSet", + "deleteinstanceaccesscontrolattributeconfiguration": "DeleteInstanceAccessControlAttributeConfiguration", + "deletemanagedapplicationinstance": "DeleteManagedApplicationInstance", + "deletepermissionset": "DeletePermissionSet", + "deletepermissionsboundaryfrompermissionset": "DeletePermissionsBoundaryFromPermissionSet", + "deletepermissionspolicy": "DeletePermissionsPolicy", + "deleteprofile": "DeleteProfile", + "describeaccountassignmentcreationstatus": "DescribeAccountAssignmentCreationStatus", + "describeaccountassignmentdeletionstatus": "DescribeAccountAssignmentDeletionStatus", + "describedirectories": "DescribeDirectories", + "describeinstanceaccesscontrolattributeconfiguration": "DescribeInstanceAccessControlAttributeConfiguration", + "describepermissionset": "DescribePermissionSet", + "describepermissionsetprovisioningstatus": "DescribePermissionSetProvisioningStatus", + "describepermissionspolicies": "DescribePermissionsPolicies", + "describeregisteredregions": "DescribeRegisteredRegions", + "describetrusts": "DescribeTrusts", + "detachcustomermanagedpolicyreferencefrompermissionset": "DetachCustomerManagedPolicyReferenceFromPermissionSet", + "detachmanagedpolicyfrompermissionset": "DetachManagedPolicyFromPermissionSet", + "disassociatedirectory": "DisassociateDirectory", + "disassociateprofile": "DisassociateProfile", + "getapplicationinstance": "GetApplicationInstance", + "getapplicationtemplate": "GetApplicationTemplate", + "getinlinepolicyforpermissionset": "GetInlinePolicyForPermissionSet", + "getmanagedapplicationinstance": "GetManagedApplicationInstance", + "getmfadevicemanagementfordirectory": "GetMfaDeviceManagementForDirectory", + "getpermissionset": "GetPermissionSet", + "getpermissionsboundaryforpermissionset": "GetPermissionsBoundaryForPermissionSet", + "getpermissionspolicy": "GetPermissionsPolicy", + "getprofile": "GetProfile", + "getssostatus": "GetSSOStatus", + "getsharedssoconfiguration": "GetSharedSsoConfiguration", + "getssoconfiguration": "GetSsoConfiguration", + "gettrust": "GetTrust", + "importapplicationinstanceserviceprovidermetadata": "ImportApplicationInstanceServiceProviderMetadata", + "listaccountassignmentcreationstatus": "ListAccountAssignmentCreationStatus", + "listaccountassignmentdeletionstatus": "ListAccountAssignmentDeletionStatus", + "listaccountassignments": "ListAccountAssignments", + "listaccountsforprovisionedpermissionset": "ListAccountsForProvisionedPermissionSet", + "listapplicationinstancecertificates": "ListApplicationInstanceCertificates", + "listapplicationinstances": "ListApplicationInstances", + "listapplicationtemplates": "ListApplicationTemplates", + "listapplications": "ListApplications", + "listcustomermanagedpolicyreferencesinpermissionset": "ListCustomerManagedPolicyReferencesInPermissionSet", + "listdirectoryassociations": "ListDirectoryAssociations", + "listinstances": "ListInstances", + "listmanagedpoliciesinpermissionset": "ListManagedPoliciesInPermissionSet", + "listpermissionsetprovisioningstatus": "ListPermissionSetProvisioningStatus", + "listpermissionsets": "ListPermissionSets", + "listpermissionsetsprovisionedtoaccount": "ListPermissionSetsProvisionedToAccount", + "listprofileassociations": "ListProfileAssociations", + "listprofiles": "ListProfiles", + "listtagsforresource": "ListTagsForResource", + "provisionpermissionset": "ProvisionPermissionSet", + "putapplicationassignmentconfiguration": "PutApplicationAssignmentConfiguration", + "putinlinepolicytopermissionset": "PutInlinePolicyToPermissionSet", + "putmfadevicemanagementfordirectory": "PutMfaDeviceManagementForDirectory", + "putpermissionsboundarytopermissionset": "PutPermissionsBoundaryToPermissionSet", + "putpermissionspolicy": "PutPermissionsPolicy", + "searchgroups": "SearchGroups", + "searchusers": "SearchUsers", + "startsso": "StartSSO", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplicationinstanceactivecertificate": "UpdateApplicationInstanceActiveCertificate", + "updateapplicationinstancedisplaydata": "UpdateApplicationInstanceDisplayData", + "updateapplicationinstanceresponseconfiguration": "UpdateApplicationInstanceResponseConfiguration", + "updateapplicationinstanceresponseschemaconfiguration": "UpdateApplicationInstanceResponseSchemaConfiguration", + "updateapplicationinstancesecurityconfiguration": "UpdateApplicationInstanceSecurityConfiguration", + "updateapplicationinstanceserviceproviderconfiguration": "UpdateApplicationInstanceServiceProviderConfiguration", + "updateapplicationinstancestatus": "UpdateApplicationInstanceStatus", + "updatedirectoryassociation": "UpdateDirectoryAssociation", + "updateinstanceaccesscontrolattributeconfiguration": "UpdateInstanceAccessControlAttributeConfiguration", + "updatemanagedapplicationinstancestatus": "UpdateManagedApplicationInstanceStatus", + "updatepermissionset": "UpdatePermissionSet", + "updateprofile": "UpdateProfile", + "updatessoconfiguration": "UpdateSSOConfiguration", + "updatetrust": "UpdateTrust" + }, + "resources": { + "PermissionSet": { + "resource": "PermissionSet", + "arn": "arn:${Partition}:sso:::permissionSet/${InstanceId}/${PermissionSetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Account": { + "resource": "Account", + "arn": "arn:${Partition}:sso:::account/${AccountId}", + "condition_keys": [] + }, + "Instance": { + "resource": "Instance", + "arn": "arn:${Partition}:sso:::instance/${InstanceId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "permissionset": "PermissionSet", + "account": "Account", + "instance": "Instance" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "sso-directory": { + "service_name": "AWS IAM Identity Center (successor to AWS Single Sign-On) directory", + "prefix": "sso-directory", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiamidentitycentersuccessortoawssinglesign-ondirectory.html", + "privileges": { + "AddMemberToGroup": { + "privilege": "AddMemberToGroup", + "description": "Grants permission to add a member to a group in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CompleteVirtualMfaDeviceRegistration": { + "privilege": "CompleteVirtualMfaDeviceRegistration", + "description": "Grants permission to complete the creation process of a virtual MFA device", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CompleteWebAuthnDeviceRegistration": { + "privilege": "CompleteWebAuthnDeviceRegistration", + "description": "Grants permission to complete the registration process of a WebAuthn device", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateAlias": { + "privilege": "CreateAlias", + "description": "Grants permission to create an alias for the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateBearerToken": { + "privilege": "CreateBearerToken", + "description": "Grants permission to create a bearer token for a given provisioning tenant", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateExternalIdPConfigurationForDirectory": { + "privilege": "CreateExternalIdPConfigurationForDirectory", + "description": "Grants permission to create an External Identity Provider configuration for the directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a group in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateProvisioningTenant": { + "privilege": "CreateProvisioningTenant", + "description": "Grants permission to create a provisioning tenant for a given directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteBearerToken": { + "privilege": "DeleteBearerToken", + "description": "Grants permission to delete a bearer token", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteExternalIdPCertificate": { + "privilege": "DeleteExternalIdPCertificate", + "description": "Grants permission to delete the given external IdP certificate", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteExternalIdPConfigurationForDirectory": { + "privilege": "DeleteExternalIdPConfigurationForDirectory", + "description": "Grants permission to delete an External Identity Provider configuration associated with the directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete a group from the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteMfaDeviceForUser": { + "privilege": "DeleteMfaDeviceForUser", + "description": "Grants permission to delete a MFA device by device name for a given user", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteProvisioningTenant": { + "privilege": "DeleteProvisioningTenant", + "description": "Grants permission to delete the provisioning tenant", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user from the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeDirectory": { + "privilege": "DescribeDirectory", + "description": "Grants permission to retrieve information about the directory that AWS SSO provides by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeGroup": { + "privilege": "DescribeGroup", + "description": "Grants permission to query the group data, not including user and group members", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeGroups": { + "privilege": "DescribeGroups", + "description": "Grants permission to retrieve information about groups from the directory that AWS SSO provides by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeProvisioningTenant": { + "privilege": "DescribeProvisioningTenant", + "description": "Grants permission to describes the provisioning tenant", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeUser": { + "privilege": "DescribeUser", + "description": "Grants permission to retrieve information about a user from the directory that AWS SSO provides by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeUserByUniqueAttribute": { + "privilege": "DescribeUserByUniqueAttribute", + "description": "Grants permission to describe user with a valid unique attribute represented for the user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DescribeUsers": { + "privilege": "DescribeUsers", + "description": "Grants permission to retrieve information about user from the directory that AWS SSO provides by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DisableExternalIdPConfigurationForDirectory": { + "privilege": "DisableExternalIdPConfigurationForDirectory", + "description": "Grants permission to disable authentication of end users with an External Identity Provider", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "DisableUser": { + "privilege": "DisableUser", + "description": "Grants permission to deactivate a user in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "EnableExternalIdPConfigurationForDirectory": { + "privilege": "EnableExternalIdPConfigurationForDirectory", + "description": "Grants permission to enable authentication of end users with an External Identity Provider", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "EnableUser": { + "privilege": "EnableUser", + "description": "Grants permission to activate user in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetAWSSPConfigurationForDirectory": { + "privilege": "GetAWSSPConfigurationForDirectory", + "description": "Grants permission to retrieve the AWS SSO Service Provider configurations for the directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "GetUserPoolInfo": { + "privilege": "GetUserPoolInfo", + "description": "(Deprecated) Grants permission to get UserPool Info", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ImportExternalIdPCertificate": { + "privilege": "ImportExternalIdPCertificate", + "description": "Grants permission to import the IdP certificate used for verifying external IdP responses", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "IsMemberInGroup": { + "privilege": "IsMemberInGroup", + "description": "Grants permission to check if a member is a part of the group in the directory that AWS SSO provides by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListBearerTokens": { + "privilege": "ListBearerTokens", + "description": "Grants permission to list bearer tokens for a given provisioning tenant", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListExternalIdPCertificates": { + "privilege": "ListExternalIdPCertificates", + "description": "Grants permission to list the external IdP certificates of a given directory and IdP", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListExternalIdPConfigurationsForDirectory": { + "privilege": "ListExternalIdPConfigurationsForDirectory", + "description": "Grants permission to list all the External Identity Provider configurations created for the directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListGroupsForMember": { + "privilege": "ListGroupsForMember", + "description": "Grants permission to list groups of the target member", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListGroupsForUser": { + "privilege": "ListGroupsForUser", + "description": "Grants permission to list groups for a user from the directory that AWS SSO provides by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListMembersInGroup": { + "privilege": "ListMembersInGroup", + "description": "Grants permission to retrieve all members that are part of a group in the directory that AWS SSO provides by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListMfaDevicesForUser": { + "privilege": "ListMfaDevicesForUser", + "description": "Grants permission to list all active MFA devices and their MFA device metadata for a user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "ListProvisioningTenants": { + "privilege": "ListProvisioningTenants", + "description": "Grants permission to list provisioning tenants for a given directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "RemoveMemberFromGroup": { + "privilege": "RemoveMemberFromGroup", + "description": "Grants permission to remove a member that is part of a group in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "SearchGroups": { + "privilege": "SearchGroups", + "description": "Grants permission to search for groups within the associated directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "SearchUsers": { + "privilege": "SearchUsers", + "description": "Grants permission to search for users within the associated directory", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "StartVirtualMfaDeviceRegistration": { + "privilege": "StartVirtualMfaDeviceRegistration", + "description": "Grants permission to begin the creation process of virtual mfa device", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "StartWebAuthnDeviceRegistration": { + "privilege": "StartWebAuthnDeviceRegistration", + "description": "Grants permission to begin the registration process of a WebAuthn device", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateExternalIdPConfigurationForDirectory": { + "privilege": "UpdateExternalIdPConfigurationForDirectory", + "description": "Grants permission to update an External Identity Provider configuration associated with the directory", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to update information about a group in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateGroupDisplayName": { + "privilege": "UpdateGroupDisplayName", + "description": "Grants permission to update group display name update group display name response", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateMfaDeviceForUser": { + "privilege": "UpdateMfaDeviceForUser", + "description": "Grants permission to update MFA device information", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdatePassword": { + "privilege": "UpdatePassword", + "description": "Grants permission to update a password by sending password reset link via email or generating one time password for a user in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update user information in the directory that AWS SSO provides by default", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "UpdateUserName": { + "privilege": "UpdateUserName", + "description": "Grants permission to update user name update user name response", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + }, + "VerifyEmail": { + "privilege": "VerifyEmail", + "description": "Grants permission to verify an email address of an User", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/iam-auth-access-using-id-policies.html#policyexample" + } + }, + "privileges_lower_name": { + "addmembertogroup": "AddMemberToGroup", + "completevirtualmfadeviceregistration": "CompleteVirtualMfaDeviceRegistration", + "completewebauthndeviceregistration": "CompleteWebAuthnDeviceRegistration", + "createalias": "CreateAlias", + "createbearertoken": "CreateBearerToken", + "createexternalidpconfigurationfordirectory": "CreateExternalIdPConfigurationForDirectory", + "creategroup": "CreateGroup", + "createprovisioningtenant": "CreateProvisioningTenant", + "createuser": "CreateUser", + "deletebearertoken": "DeleteBearerToken", + "deleteexternalidpcertificate": "DeleteExternalIdPCertificate", + "deleteexternalidpconfigurationfordirectory": "DeleteExternalIdPConfigurationForDirectory", + "deletegroup": "DeleteGroup", + "deletemfadeviceforuser": "DeleteMfaDeviceForUser", + "deleteprovisioningtenant": "DeleteProvisioningTenant", + "deleteuser": "DeleteUser", + "describedirectory": "DescribeDirectory", + "describegroup": "DescribeGroup", + "describegroups": "DescribeGroups", + "describeprovisioningtenant": "DescribeProvisioningTenant", + "describeuser": "DescribeUser", + "describeuserbyuniqueattribute": "DescribeUserByUniqueAttribute", + "describeusers": "DescribeUsers", + "disableexternalidpconfigurationfordirectory": "DisableExternalIdPConfigurationForDirectory", + "disableuser": "DisableUser", + "enableexternalidpconfigurationfordirectory": "EnableExternalIdPConfigurationForDirectory", + "enableuser": "EnableUser", + "getawsspconfigurationfordirectory": "GetAWSSPConfigurationForDirectory", + "getuserpoolinfo": "GetUserPoolInfo", + "importexternalidpcertificate": "ImportExternalIdPCertificate", + "ismemberingroup": "IsMemberInGroup", + "listbearertokens": "ListBearerTokens", + "listexternalidpcertificates": "ListExternalIdPCertificates", + "listexternalidpconfigurationsfordirectory": "ListExternalIdPConfigurationsForDirectory", + "listgroupsformember": "ListGroupsForMember", + "listgroupsforuser": "ListGroupsForUser", + "listmembersingroup": "ListMembersInGroup", + "listmfadevicesforuser": "ListMfaDevicesForUser", + "listprovisioningtenants": "ListProvisioningTenants", + "removememberfromgroup": "RemoveMemberFromGroup", + "searchgroups": "SearchGroups", + "searchusers": "SearchUsers", + "startvirtualmfadeviceregistration": "StartVirtualMfaDeviceRegistration", + "startwebauthndeviceregistration": "StartWebAuthnDeviceRegistration", + "updateexternalidpconfigurationfordirectory": "UpdateExternalIdPConfigurationForDirectory", + "updategroup": "UpdateGroup", + "updategroupdisplayname": "UpdateGroupDisplayName", + "updatemfadeviceforuser": "UpdateMfaDeviceForUser", + "updatepassword": "UpdatePassword", + "updateuser": "UpdateUser", + "updateusername": "UpdateUserName", + "verifyemail": "VerifyEmail" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "iam": { + "service_name": "AWS Identity and Access Management", + "prefix": "iam", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentityandaccessmanagement.html", + "privileges": { + "AddClientIDToOpenIDConnectProvider": { + "privilege": "AddClientIDToOpenIDConnectProvider", + "description": "Grants permission to add a new client ID (audience) to the list of registered IDs for the specified IAM OpenID Connect (OIDC) provider resource", + "access_level": "Permissions management", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddClientIDToOpenIDConnectProvider.html" + }, + "AddRoleToInstanceProfile": { + "privilege": "AddRoleToInstanceProfile", + "description": "Grants permission to add an IAM role to the specified instance profile", + "access_level": "Permissions management", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddRoleToInstanceProfile.html" + }, + "AddUserToGroup": { + "privilege": "AddUserToGroup", + "description": "Grants permission to add an IAM user to the specified IAM group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddUserToGroup.html" + }, + "AttachGroupPolicy": { + "privilege": "AttachGroupPolicy", + "description": "Grants permission to attach a managed policy to the specified IAM group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PolicyARN" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html" + }, + "AttachRolePolicy": { + "privilege": "AttachRolePolicy", + "description": "Grants permission to attach a managed policy to the specified IAM role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PolicyARN", + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachRolePolicy.html" + }, + "AttachUserPolicy": { + "privilege": "AttachUserPolicy", + "description": "Grants permission to attach a managed policy to the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PolicyARN", + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html" + }, + "ChangePassword": { + "privilege": "ChangePassword", + "description": "Grants permission for an IAM user to to change their own password", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html" + }, + "CreateAccessKey": { + "privilege": "CreateAccessKey", + "description": "Grants permission to create access key and secret access key for the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccessKey.html" + }, + "CreateAccountAlias": { + "privilege": "CreateAccountAlias", + "description": "Grants permission to create an alias for your AWS account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccountAlias.html" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a new group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateGroup.html" + }, + "CreateInstanceProfile": { + "privilege": "CreateInstanceProfile", + "description": "Grants permission to create a new instance profile", + "access_level": "Permissions management", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateInstanceProfile.html" + }, + "CreateLoginProfile": { + "privilege": "CreateLoginProfile", + "description": "Grants permission to create a password for the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateLoginProfile.html" + }, + "CreateOpenIDConnectProvider": { + "privilege": "CreateOpenIDConnectProvider", + "description": "Grants permission to create an IAM resource that describes an identity provider (IdP) that supports OpenID Connect (OIDC)", + "access_level": "Permissions management", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html" + }, + "CreatePolicy": { + "privilege": "CreatePolicy", + "description": "Grants permission to create a new managed policy", + "access_level": "Permissions management", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html" + }, + "CreatePolicyVersion": { + "privilege": "CreatePolicyVersion", + "description": "Grants permission to create a new version of the specified managed policy", + "access_level": "Permissions management", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicyVersion.html" + }, + "CreateRole": { + "privilege": "CreateRole", + "description": "Grants permission to create a new role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html" + }, + "CreateSAMLProvider": { + "privilege": "CreateSAMLProvider", + "description": "Grants permission to create an IAM resource that describes an identity provider (IdP) that supports SAML 2.0", + "access_level": "Permissions management", + "resource_types": { + "saml-provider": { + "resource_type": "saml-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "saml-provider": "saml-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateSAMLProvider.html" + }, + "CreateServiceLinkedRole": { + "privilege": "CreateServiceLinkedRole", + "description": "Grants permission to create an IAM role that allows an AWS service to perform actions on your behalf", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:AWSServiceName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateServiceLinkedRole.html" + }, + "CreateServiceSpecificCredential": { + "privilege": "CreateServiceSpecificCredential", + "description": "Grants permission to create a new service-specific credential for an IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateServiceSpecificCredential.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a new IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateUser.html" + }, + "CreateVirtualMFADevice": { + "privilege": "CreateVirtualMFADevice", + "description": "Grants permission to create a new virtual MFA device", + "access_level": "Permissions management", + "resource_types": { + "mfa": { + "resource_type": "mfa", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mfa": "mfa", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateVirtualMFADevice.html" + }, + "DeactivateMFADevice": { + "privilege": "DeactivateMFADevice", + "description": "Grants permission to deactivate the specified MFA device and remove its association with the IAM user for which it was originally enabled", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeactivateMFADevice.html" + }, + "DeleteAccessKey": { + "privilege": "DeleteAccessKey", + "description": "Grants permission to delete the access key pair that is associated with the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccessKey.html" + }, + "DeleteAccountAlias": { + "privilege": "DeleteAccountAlias", + "description": "Grants permission to delete the specified AWS account alias", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccountAlias.html" + }, + "DeleteAccountPasswordPolicy": { + "privilege": "DeleteAccountPasswordPolicy", + "description": "Grants permission to delete the password policy for the AWS account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccountPasswordPolicy.html" + }, + "DeleteCloudFrontPublicKey": { + "privilege": "DeleteCloudFrontPublicKey", + "description": "Grants permission to delete an existing CloudFront public key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete the specified IAM group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteGroup.html" + }, + "DeleteGroupPolicy": { + "privilege": "DeleteGroupPolicy", + "description": "Grants permission to delete the specified inline policy from its group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteGroupPolicy.html" + }, + "DeleteInstanceProfile": { + "privilege": "DeleteInstanceProfile", + "description": "Grants permission to delete the specified instance profile", + "access_level": "Permissions management", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteInstanceProfile.html" + }, + "DeleteLoginProfile": { + "privilege": "DeleteLoginProfile", + "description": "Grants permission to delete the password for the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteLoginProfile.html" + }, + "DeleteOpenIDConnectProvider": { + "privilege": "DeleteOpenIDConnectProvider", + "description": "Grants permission to delete an OpenID Connect identity provider (IdP) resource object in IAM", + "access_level": "Permissions management", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteOpenIDConnectProvider.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to delete the specified managed policy and remove it from any IAM entities (users, groups, or roles) to which it is attached", + "access_level": "Permissions management", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html" + }, + "DeletePolicyVersion": { + "privilege": "DeletePolicyVersion", + "description": "Grants permission to delete a version from the specified managed policy", + "access_level": "Permissions management", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicyVersion.html" + }, + "DeleteRole": { + "privilege": "DeleteRole", + "description": "Grants permission to delete the specified role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRole.html" + }, + "DeleteRolePermissionsBoundary": { + "privilege": "DeleteRolePermissionsBoundary", + "description": "Grants permission to remove the permissions boundary from a role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRolePermissionsBoundary.html" + }, + "DeleteRolePolicy": { + "privilege": "DeleteRolePolicy", + "description": "Grants permission to delete the specified inline policy from the specified role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRolePolicy.html" + }, + "DeleteSAMLProvider": { + "privilege": "DeleteSAMLProvider", + "description": "Grants permission to delete a SAML provider resource in IAM", + "access_level": "Permissions management", + "resource_types": { + "saml-provider": { + "resource_type": "saml-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "saml-provider": "saml-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSAMLProvider.html" + }, + "DeleteSSHPublicKey": { + "privilege": "DeleteSSHPublicKey", + "description": "Grants permission to delete the specified SSH public key", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSSHPublicKey.html" + }, + "DeleteServerCertificate": { + "privilege": "DeleteServerCertificate", + "description": "Grants permission to delete the specified server certificate", + "access_level": "Permissions management", + "resource_types": { + "server-certificate": { + "resource_type": "server-certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server-certificate": "server-certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServerCertificate.html" + }, + "DeleteServiceLinkedRole": { + "privilege": "DeleteServiceLinkedRole", + "description": "Grants permission to delete an IAM role that is linked to a specific AWS service, if the service is no longer using it", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServiceLinkedRole.html" + }, + "DeleteServiceSpecificCredential": { + "privilege": "DeleteServiceSpecificCredential", + "description": "Grants permission to delete the specified service-specific credential for an IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServiceSpecificCredential.html" + }, + "DeleteSigningCertificate": { + "privilege": "DeleteSigningCertificate", + "description": "Grants permission to delete a signing certificate that is associated with the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSigningCertificate.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUser.html" + }, + "DeleteUserPermissionsBoundary": { + "privilege": "DeleteUserPermissionsBoundary", + "description": "Grants permission to remove the permissions boundary from the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPermissionsBoundary.html" + }, + "DeleteUserPolicy": { + "privilege": "DeleteUserPolicy", + "description": "Grants permission to delete the specified inline policy from an IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPolicy.html" + }, + "DeleteVirtualMFADevice": { + "privilege": "DeleteVirtualMFADevice", + "description": "Grants permission to delete a virtual MFA device", + "access_level": "Permissions management", + "resource_types": { + "mfa": { + "resource_type": "mfa", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sms-mfa": { + "resource_type": "sms-mfa", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mfa": "mfa", + "sms-mfa": "sms-mfa" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteVirtualMFADevice.html" + }, + "DetachGroupPolicy": { + "privilege": "DetachGroupPolicy", + "description": "Grants permission to detach a managed policy from the specified IAM group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PolicyARN" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html" + }, + "DetachRolePolicy": { + "privilege": "DetachRolePolicy", + "description": "Grants permission to detach a managed policy from the specified role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PolicyARN", + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html" + }, + "DetachUserPolicy": { + "privilege": "DetachUserPolicy", + "description": "Grants permission to detach a managed policy from the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PolicyARN", + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html" + }, + "EnableMFADevice": { + "privilege": "EnableMFADevice", + "description": "Grants permission to enable an MFA device and associate it with the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html" + }, + "GenerateCredentialReport": { + "privilege": "GenerateCredentialReport", + "description": "Grants permission to generate a credential report for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateCredentialReport.html" + }, + "GenerateOrganizationsAccessReport": { + "privilege": "GenerateOrganizationsAccessReport", + "description": "Grants permission to generate an access report for an AWS Organizations entity", + "access_level": "Read", + "resource_types": { + "access-report": { + "resource_type": "access-report", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribePolicy", + "organizations:ListChildren", + "organizations:ListParents", + "organizations:ListPoliciesForTarget", + "organizations:ListRoots", + "organizations:ListTargetsForPolicy" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:OrganizationsPolicyId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-report": "access-report", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateOrganizationsAccessReport.html" + }, + "GenerateServiceLastAccessedDetails": { + "privilege": "GenerateServiceLastAccessedDetails", + "description": "Grants permission to generate a service last accessed data report for an IAM resource", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "policy": "policy", + "role": "role", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateServiceLastAccessedDetails.html" + }, + "GetAccessKeyLastUsed": { + "privilege": "GetAccessKeyLastUsed", + "description": "Grants permission to retrieve information about when the specified access key was last used", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccessKeyLastUsed.html" + }, + "GetAccountAuthorizationDetails": { + "privilege": "GetAccountAuthorizationDetails", + "description": "Grants permission to retrieve information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountAuthorizationDetails.html" + }, + "GetAccountEmailAddress": { + "privilege": "GetAccountEmailAddress", + "description": "Grants permission to retrieve the email address that is associated with the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" + }, + "GetAccountName": { + "privilege": "GetAccountName", + "description": "Grants permission to retrieve the account name that is associated with the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" + }, + "GetAccountPasswordPolicy": { + "privilege": "GetAccountPasswordPolicy", + "description": "Grants permission to retrieve the password policy for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountPasswordPolicy.html" + }, + "GetAccountSummary": { + "privilege": "GetAccountSummary", + "description": "Grants permission to retrieve information about IAM entity usage and IAM quotas in the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountSummary.html" + }, + "GetCloudFrontPublicKey": { + "privilege": "GetCloudFrontPublicKey", + "description": "Grants permission to retrieve information about the specified CloudFront public key", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" + }, + "GetContextKeysForCustomPolicy": { + "privilege": "GetContextKeysForCustomPolicy", + "description": "Grants permission to retrieve a list of all of the context keys that are referenced in the specified policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetContextKeysForCustomPolicy.html" + }, + "GetContextKeysForPrincipalPolicy": { + "privilege": "GetContextKeysForPrincipalPolicy", + "description": "Grants permission to retrieve a list of all context keys that are referenced in all IAM policies that are attached to the specified IAM identity (user, group, or role)", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "role": { + "resource_type": "role", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "role": "role", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetContextKeysForPrincipalPolicy.html" + }, + "GetCredentialReport": { + "privilege": "GetCredentialReport", + "description": "Grants permission to retrieve a credential report for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetCredentialReport.html" + }, + "GetGroup": { + "privilege": "GetGroup", + "description": "Grants permission to retrieve a list of IAM users in the specified IAM group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetGroup.html" + }, + "GetGroupPolicy": { + "privilege": "GetGroupPolicy", + "description": "Grants permission to retrieve an inline policy document that is embedded in the specified IAM group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetGroupPolicy.html" + }, + "GetInstanceProfile": { + "privilege": "GetInstanceProfile", + "description": "Grants permission to retrieve information about the specified instance profile, including the instance profile's path, GUID, ARN, and role", + "access_level": "Read", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetInstanceProfile.html" + }, + "GetLoginProfile": { + "privilege": "GetLoginProfile", + "description": "Grants permission to retrieve the user name and password creation date for the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetLoginProfile.html" + }, + "GetOpenIDConnectProvider": { + "privilege": "GetOpenIDConnectProvider", + "description": "Grants permission to retrieve information about the specified OpenID Connect (OIDC) provider resource in IAM", + "access_level": "Read", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetOpenIDConnectProvider.html" + }, + "GetOrganizationsAccessReport": { + "privilege": "GetOrganizationsAccessReport", + "description": "Grants permission to retrieve an AWS Organizations access report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetOrganizationsAccessReport.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to retrieve information about the specified managed policy, including the policy's default version and the total number of identities to which the policy is attached", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html" + }, + "GetPolicyVersion": { + "privilege": "GetPolicyVersion", + "description": "Grants permission to retrieve information about a version of the specified managed policy, including the policy document", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicyVersion.html" + }, + "GetRole": { + "privilege": "GetRole", + "description": "Grants permission to retrieve information about the specified role, including the role's path, GUID, ARN, and the role's trust policy", + "access_level": "Read", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRole.html" + }, + "GetRolePolicy": { + "privilege": "GetRolePolicy", + "description": "Grants permission to retrieve an inline policy document that is embedded with the specified IAM role", + "access_level": "Read", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRolePolicy.html" + }, + "GetSAMLProvider": { + "privilege": "GetSAMLProvider", + "description": "Grants permission to retrieve the SAML provider metadocument that was uploaded when the IAM SAML provider resource was created or updated", + "access_level": "Read", + "resource_types": { + "saml-provider": { + "resource_type": "saml-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "saml-provider": "saml-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetSAMLProvider.html" + }, + "GetSSHPublicKey": { + "privilege": "GetSSHPublicKey", + "description": "Grants permission to retrieve the specified SSH public key, including metadata about the key", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetSSHPublicKey.html" + }, + "GetServerCertificate": { + "privilege": "GetServerCertificate", + "description": "Grants permission to retrieve information about the specified server certificate stored in IAM", + "access_level": "Read", + "resource_types": { + "server-certificate": { + "resource_type": "server-certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server-certificate": "server-certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServerCertificate.html" + }, + "GetServiceLastAccessedDetails": { + "privilege": "GetServiceLastAccessedDetails", + "description": "Grants permission to retrieve information about the service last accessed data report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLastAccessedDetails.html" + }, + "GetServiceLastAccessedDetailsWithEntities": { + "privilege": "GetServiceLastAccessedDetailsWithEntities", + "description": "Grants permission to retrieve information about the entities from the service last accessed data report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLastAccessedDetailsWithEntities.html" + }, + "GetServiceLinkedRoleDeletionStatus": { + "privilege": "GetServiceLinkedRoleDeletionStatus", + "description": "Grants permission to retrieve an IAM service-linked role deletion status", + "access_level": "Read", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLinkedRoleDeletionStatus.html" + }, + "GetUser": { + "privilege": "GetUser", + "description": "Grants permission to retrieve information about the specified IAM user, including the user's creation date, path, unique ID, and ARN", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUser.html" + }, + "GetUserPolicy": { + "privilege": "GetUserPolicy", + "description": "Grants permission to retrieve an inline policy document that is embedded in the specified IAM user", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUserPolicy.html" + }, + "ListAccessKeys": { + "privilege": "ListAccessKeys", + "description": "Grants permission to list information about the access key IDs that are associated with the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAccessKeys.html" + }, + "ListAccountAliases": { + "privilege": "ListAccountAliases", + "description": "Grants permission to list the account alias that is associated with the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAccountAliases.html" + }, + "ListAttachedGroupPolicies": { + "privilege": "ListAttachedGroupPolicies", + "description": "Grants permission to list all managed policies that are attached to the specified IAM group", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedGroupPolicies.html" + }, + "ListAttachedRolePolicies": { + "privilege": "ListAttachedRolePolicies", + "description": "Grants permission to list all managed policies that are attached to the specified IAM role", + "access_level": "List", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html" + }, + "ListAttachedUserPolicies": { + "privilege": "ListAttachedUserPolicies", + "description": "Grants permission to list all managed policies that are attached to the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedUserPolicies.html" + }, + "ListCloudFrontPublicKeys": { + "privilege": "ListCloudFrontPublicKeys", + "description": "Grants permission to list all current CloudFront public keys for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" + }, + "ListEntitiesForPolicy": { + "privilege": "ListEntitiesForPolicy", + "description": "Grants permission to list all IAM identities to which the specified managed policy is attached", + "access_level": "List", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListEntitiesForPolicy.html" + }, + "ListGroupPolicies": { + "privilege": "ListGroupPolicies", + "description": "Grants permission to list the names of the inline policies that are embedded in the specified IAM group", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroupPolicies.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list the IAM groups that have the specified path prefix", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroups.html" + }, + "ListGroupsForUser": { + "privilege": "ListGroupsForUser", + "description": "Grants permission to list the IAM groups that the specified IAM user belongs to", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroupsForUser.html" + }, + "ListInstanceProfileTags": { + "privilege": "ListInstanceProfileTags", + "description": "Grants permission to list the tags that are attached to the specified instance profile", + "access_level": "List", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfileTags.html" + }, + "ListInstanceProfiles": { + "privilege": "ListInstanceProfiles", + "description": "Grants permission to list the instance profiles that have the specified path prefix", + "access_level": "List", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html" + }, + "ListInstanceProfilesForRole": { + "privilege": "ListInstanceProfilesForRole", + "description": "Grants permission to list the instance profiles that have the specified associated IAM role", + "access_level": "List", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfilesForRole.html" + }, + "ListMFADeviceTags": { + "privilege": "ListMFADeviceTags", + "description": "Grants permission to list the tags that are attached to the specified virtual mfa device", + "access_level": "List", + "resource_types": { + "mfa": { + "resource_type": "mfa", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mfa": "mfa" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADeviceTags.html" + }, + "ListMFADevices": { + "privilege": "ListMFADevices", + "description": "Grants permission to list the MFA devices for an IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html" + }, + "ListOpenIDConnectProviderTags": { + "privilege": "ListOpenIDConnectProviderTags", + "description": "Grants permission to list the tags that are attached to the specified OpenID Connect provider", + "access_level": "List", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListOpenIDConnectProviderTags.html" + }, + "ListOpenIDConnectProviders": { + "privilege": "ListOpenIDConnectProviders", + "description": "Grants permission to list information about the IAM OpenID Connect (OIDC) provider resource objects that are defined in the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListOpenIDConnectProviders.html" + }, + "ListPolicies": { + "privilege": "ListPolicies", + "description": "Grants permission to list all managed policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html" + }, + "ListPoliciesGrantingServiceAccess": { + "privilege": "ListPoliciesGrantingServiceAccess", + "description": "Grants permission to list information about the policies that grant an entity access to a specific service", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "role": "role", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPoliciesGrantingServiceAccess.html" + }, + "ListPolicyTags": { + "privilege": "ListPolicyTags", + "description": "Grants permission to list the tags that are attached to the specified managed policy", + "access_level": "List", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicyTags.html" + }, + "ListPolicyVersions": { + "privilege": "ListPolicyVersions", + "description": "Grants permission to list information about the versions of the specified managed policy, including the version that is currently set as the policy's default version", + "access_level": "List", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicyVersions.html" + }, + "ListRolePolicies": { + "privilege": "ListRolePolicies", + "description": "Grants permission to list the names of the inline policies that are embedded in the specified IAM role", + "access_level": "List", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html" + }, + "ListRoleTags": { + "privilege": "ListRoleTags", + "description": "Grants permission to list the tags that are attached to the specified IAM role", + "access_level": "List", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRoleTags.html" + }, + "ListRoles": { + "privilege": "ListRoles", + "description": "Grants permission to list the IAM roles that have the specified path prefix", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRoles.html" + }, + "ListSAMLProviderTags": { + "privilege": "ListSAMLProviderTags", + "description": "Grants permission to list the tags that are attached to the specified SAML provider", + "access_level": "List", + "resource_types": { + "saml-provider": { + "resource_type": "saml-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "saml-provider": "saml-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSAMLProviderTags.html" + }, + "ListSAMLProviders": { + "privilege": "ListSAMLProviders", + "description": "Grants permission to list the SAML provider resources in IAM", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSAMLProviders.html" + }, + "ListSSHPublicKeys": { + "privilege": "ListSSHPublicKeys", + "description": "Grants permission to list information about the SSH public keys that are associated with the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSSHPublicKeys.html" + }, + "ListSTSRegionalEndpointsStatus": { + "privilege": "ListSTSRegionalEndpointsStatus", + "description": "Grants permission to list the status of all active STS regional endpoints", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html" + }, + "ListServerCertificateTags": { + "privilege": "ListServerCertificateTags", + "description": "Grants permission to list the tags that are attached to the specified server certificate", + "access_level": "List", + "resource_types": { + "server-certificate": { + "resource_type": "server-certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server-certificate": "server-certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServerCertificateTags.html" + }, + "ListServerCertificates": { + "privilege": "ListServerCertificates", + "description": "Grants permission to list the server certificates that have the specified path prefix", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServerCertificates.html" + }, + "ListServiceSpecificCredentials": { + "privilege": "ListServiceSpecificCredentials", + "description": "Grants permission to list the service-specific credentials that are associated with the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServiceSpecificCredentials.html" + }, + "ListSigningCertificates": { + "privilege": "ListSigningCertificates", + "description": "Grants permission to list information about the signing certificates that are associated with the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSigningCertificates.html" + }, + "ListUserPolicies": { + "privilege": "ListUserPolicies", + "description": "Grants permission to list the names of the inline policies that are embedded in the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUserPolicies.html" + }, + "ListUserTags": { + "privilege": "ListUserTags", + "description": "Grants permission to list the tags that are attached to the specified IAM user", + "access_level": "List", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUserTags.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list the IAM users that have the specified path prefix", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUsers.html" + }, + "ListVirtualMFADevices": { + "privilege": "ListVirtualMFADevices", + "description": "Grants permission to list virtual MFA devices by assignment status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListVirtualMFADevices.html" + }, + "PassRole": { + "privilege": "PassRole", + "description": "Grants permission to pass a role to a service", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:AssociatedResourceArn", + "iam:PassedToService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html" + }, + "PutGroupPolicy": { + "privilege": "PutGroupPolicy", + "description": "Grants permission to create or update an inline policy document that is embedded in the specified IAM group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutGroupPolicy.html" + }, + "PutRolePermissionsBoundary": { + "privilege": "PutRolePermissionsBoundary", + "description": "Grants permission to set a managed policy as a permissions boundary for a role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePermissionsBoundary.html" + }, + "PutRolePolicy": { + "privilege": "PutRolePolicy", + "description": "Grants permission to create or update an inline policy document that is embedded in the specified IAM role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html" + }, + "PutUserPermissionsBoundary": { + "privilege": "PutUserPermissionsBoundary", + "description": "Grants permission to set a managed policy as a permissions boundary for an IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPermissionsBoundary.html" + }, + "PutUserPolicy": { + "privilege": "PutUserPolicy", + "description": "Grants permission to create or update an inline policy document that is embedded in the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iam:PermissionsBoundary" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPolicy.html" + }, + "RemoveClientIDFromOpenIDConnectProvider": { + "privilege": "RemoveClientIDFromOpenIDConnectProvider", + "description": "Grants permission to remove the client ID (audience) from the list of client IDs in the specified IAM OpenID Connect (OIDC) provider resource", + "access_level": "Permissions management", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveClientIDFromOpenIDConnectProvider.html" + }, + "RemoveRoleFromInstanceProfile": { + "privilege": "RemoveRoleFromInstanceProfile", + "description": "Grants permission to remove an IAM role from the specified EC2 instance profile", + "access_level": "Permissions management", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveRoleFromInstanceProfile.html" + }, + "RemoveUserFromGroup": { + "privilege": "RemoveUserFromGroup", + "description": "Grants permission to remove an IAM user from the specified group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveUserFromGroup.html" + }, + "ResetServiceSpecificCredential": { + "privilege": "ResetServiceSpecificCredential", + "description": "Grants permission to reset the password for an existing service-specific credential for an IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ResetServiceSpecificCredential.html" + }, + "ResyncMFADevice": { + "privilege": "ResyncMFADevice", + "description": "Grants permission to synchronize the specified MFA device with its IAM entity (user or role)", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_ResyncMFADevice.html" + }, + "SetDefaultPolicyVersion": { + "privilege": "SetDefaultPolicyVersion", + "description": "Grants permission to set the version of the specified policy as the policy's default version", + "access_level": "Permissions management", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SetDefaultPolicyVersion.html" + }, + "SetSTSRegionalEndpointStatus": { + "privilege": "SetSTSRegionalEndpointStatus", + "description": "Grants permission to activate or deactivate an STS regional endpoint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html" + }, + "SetSecurityTokenServicePreferences": { + "privilege": "SetSecurityTokenServicePreferences", + "description": "Grants permission to set the STS global endpoint token version", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SetSecurityTokenServicePreferences.html" + }, + "SimulateCustomPolicy": { + "privilege": "SimulateCustomPolicy", + "description": "Grants permission to simulate whether an identity-based policy or resource-based policy provides permissions for specific API operations and resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulateCustomPolicy.html" + }, + "SimulatePrincipalPolicy": { + "privilege": "SimulatePrincipalPolicy", + "description": "Grants permission to simulate whether an identity-based policy that is attached to a specified IAM entity (user or role) provides permissions for specific API operations and resources", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "role": { + "resource_type": "role", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "role": "role", + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html" + }, + "TagInstanceProfile": { + "privilege": "TagInstanceProfile", + "description": "Grants permission to add tags to an instance profile", + "access_level": "Tagging", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagInstanceProfile.html" + }, + "TagMFADevice": { + "privilege": "TagMFADevice", + "description": "Grants permission to add tags to a virtual mfa device", + "access_level": "Tagging", + "resource_types": { + "mfa": { + "resource_type": "mfa", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mfa": "mfa", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagMFADevice.html" + }, + "TagOpenIDConnectProvider": { + "privilege": "TagOpenIDConnectProvider", + "description": "Grants permission to add tags to an OpenID Connect provider", + "access_level": "Tagging", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagOpenIDConnectProvider.html" + }, + "TagPolicy": { + "privilege": "TagPolicy", + "description": "Grants permission to add tags to a managed policy", + "access_level": "Tagging", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagPolicy.html" + }, + "TagRole": { + "privilege": "TagRole", + "description": "Grants permission to add tags to an IAM role", + "access_level": "Tagging", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagRole.html" + }, + "TagSAMLProvider": { + "privilege": "TagSAMLProvider", + "description": "Grants permission to add tags to a SAML Provider", + "access_level": "Tagging", + "resource_types": { + "saml-provider": { + "resource_type": "saml-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "saml-provider": "saml-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagSAMLProvider.html" + }, + "TagServerCertificate": { + "privilege": "TagServerCertificate", + "description": "Grants permission to add tags to a server certificate", + "access_level": "Tagging", + "resource_types": { + "server-certificate": { + "resource_type": "server-certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server-certificate": "server-certificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagServerCertificate.html" + }, + "TagUser": { + "privilege": "TagUser", + "description": "Grants permission to add tags to an IAM user", + "access_level": "Tagging", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagUser.html" + }, + "UntagInstanceProfile": { + "privilege": "UntagInstanceProfile", + "description": "Grants permission to remove the specified tags from the instance profile", + "access_level": "Tagging", + "resource_types": { + "instance-profile": { + "resource_type": "instance-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance-profile": "instance-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagInstanceProfile.html" + }, + "UntagMFADevice": { + "privilege": "UntagMFADevice", + "description": "Grants permission to remove the specified tags from the virtual mfa device", + "access_level": "Tagging", + "resource_types": { + "mfa": { + "resource_type": "mfa", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mfa": "mfa", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagMFADevice.html" + }, + "UntagOpenIDConnectProvider": { + "privilege": "UntagOpenIDConnectProvider", + "description": "Grants permission to remove the specified tags from the OpenID Connect provider", + "access_level": "Tagging", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagOpenIDConnectProvider.html" + }, + "UntagPolicy": { + "privilege": "UntagPolicy", + "description": "Grants permission to remove the specified tags from the managed policy", + "access_level": "Tagging", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagPolicy.html" + }, + "UntagRole": { + "privilege": "UntagRole", + "description": "Grants permission to remove the specified tags from the role", + "access_level": "Tagging", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagRole.html" + }, + "UntagSAMLProvider": { + "privilege": "UntagSAMLProvider", + "description": "Grants permission to remove the specified tags from the SAML Provider", + "access_level": "Tagging", + "resource_types": { + "saml-provider": { + "resource_type": "saml-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "saml-provider": "saml-provider", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagSAMLProvider.html" + }, + "UntagServerCertificate": { + "privilege": "UntagServerCertificate", + "description": "Grants permission to remove the specified tags from the server certificate", + "access_level": "Tagging", + "resource_types": { + "server-certificate": { + "resource_type": "server-certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server-certificate": "server-certificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagServerCertificate.html" + }, + "UntagUser": { + "privilege": "UntagUser", + "description": "Grants permission to remove the specified tags from the user", + "access_level": "Tagging", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagUser.html" + }, + "UpdateAccessKey": { + "privilege": "UpdateAccessKey", + "description": "Grants permission to update the status of the specified access key as Active or Inactive", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccessKey.html" + }, + "UpdateAccountEmailAddress": { + "privilege": "UpdateAccountEmailAddress", + "description": "Grants permission to update the email address that is associated with the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" + }, + "UpdateAccountName": { + "privilege": "UpdateAccountName", + "description": "Grants permission to update the account name that is associated with the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html" + }, + "UpdateAccountPasswordPolicy": { + "privilege": "UpdateAccountPasswordPolicy", + "description": "Grants permission to update the password policy settings for the AWS account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccountPasswordPolicy.html" + }, + "UpdateAssumeRolePolicy": { + "privilege": "UpdateAssumeRolePolicy", + "description": "Grants permission to update the policy that grants an IAM entity permission to assume a role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html" + }, + "UpdateCloudFrontPublicKey": { + "privilege": "UpdateCloudFrontPublicKey", + "description": "Grants permission to update an existing CloudFront public key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to update the name or path of the specified IAM group", + "access_level": "Permissions management", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateGroup.html" + }, + "UpdateLoginProfile": { + "privilege": "UpdateLoginProfile", + "description": "Grants permission to change the password for the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateLoginProfile.html" + }, + "UpdateOpenIDConnectProviderThumbprint": { + "privilege": "UpdateOpenIDConnectProviderThumbprint", + "description": "Grants permission to update the entire list of server certificate thumbprints that are associated with an OpenID Connect (OIDC) provider resource", + "access_level": "Permissions management", + "resource_types": { + "oidc-provider": { + "resource_type": "oidc-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "oidc-provider": "oidc-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateOpenIDConnectProviderThumbprint.html" + }, + "UpdateRole": { + "privilege": "UpdateRole", + "description": "Grants permission to update the description or maximum session duration setting of a role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateRole.html" + }, + "UpdateRoleDescription": { + "privilege": "UpdateRoleDescription", + "description": "Grants permission to update only the description of a role", + "access_level": "Permissions management", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateRoleDescription.html" + }, + "UpdateSAMLProvider": { + "privilege": "UpdateSAMLProvider", + "description": "Grants permission to update the metadata document for an existing SAML provider resource", + "access_level": "Permissions management", + "resource_types": { + "saml-provider": { + "resource_type": "saml-provider", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "saml-provider": "saml-provider" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSAMLProvider.html" + }, + "UpdateSSHPublicKey": { + "privilege": "UpdateSSHPublicKey", + "description": "Grants permission to update the status of an IAM user's SSH public key to active or inactive", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSSHPublicKey.html" + }, + "UpdateServerCertificate": { + "privilege": "UpdateServerCertificate", + "description": "Grants permission to update the name or the path of the specified server certificate stored in IAM", + "access_level": "Permissions management", + "resource_types": { + "server-certificate": { + "resource_type": "server-certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server-certificate": "server-certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateServerCertificate.html" + }, + "UpdateServiceSpecificCredential": { + "privilege": "UpdateServiceSpecificCredential", + "description": "Grants permission to update the status of a service-specific credential to active or inactive for an IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateServiceSpecificCredential.html" + }, + "UpdateSigningCertificate": { + "privilege": "UpdateSigningCertificate", + "description": "Grants permission to update the status of the specified user signing certificate to active or disabled", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSigningCertificate.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update the name or the path of the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateUser.html" + }, + "UploadCloudFrontPublicKey": { + "privilege": "UploadCloudFrontPublicKey", + "description": "Grants permission to upload a CloudFront public key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html" + }, + "UploadSSHPublicKey": { + "privilege": "UploadSSHPublicKey", + "description": "Grants permission to upload an SSH public key and associate it with the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadSSHPublicKey.html" + }, + "UploadServerCertificate": { + "privilege": "UploadServerCertificate", + "description": "Grants permission to upload a server certificate entity for the AWS account", + "access_level": "Permissions management", + "resource_types": { + "server-certificate": { + "resource_type": "server-certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server-certificate": "server-certificate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadServerCertificate.html" + }, + "UploadSigningCertificate": { + "privilege": "UploadSigningCertificate", + "description": "Grants permission to upload an X.509 signing certificate and associate it with the specified IAM user", + "access_level": "Permissions management", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadSigningCertificate.html" + }, + "GetMFADevice": { + "privilege": "GetMFADevice", + "description": "Grants permission to retrieve information about an MFA device for the specified user", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetMFADevice.html" + } + }, + "privileges_lower_name": { + "addclientidtoopenidconnectprovider": "AddClientIDToOpenIDConnectProvider", + "addroletoinstanceprofile": "AddRoleToInstanceProfile", + "addusertogroup": "AddUserToGroup", + "attachgrouppolicy": "AttachGroupPolicy", + "attachrolepolicy": "AttachRolePolicy", + "attachuserpolicy": "AttachUserPolicy", + "changepassword": "ChangePassword", + "createaccesskey": "CreateAccessKey", + "createaccountalias": "CreateAccountAlias", + "creategroup": "CreateGroup", + "createinstanceprofile": "CreateInstanceProfile", + "createloginprofile": "CreateLoginProfile", + "createopenidconnectprovider": "CreateOpenIDConnectProvider", + "createpolicy": "CreatePolicy", + "createpolicyversion": "CreatePolicyVersion", + "createrole": "CreateRole", + "createsamlprovider": "CreateSAMLProvider", + "createservicelinkedrole": "CreateServiceLinkedRole", + "createservicespecificcredential": "CreateServiceSpecificCredential", + "createuser": "CreateUser", + "createvirtualmfadevice": "CreateVirtualMFADevice", + "deactivatemfadevice": "DeactivateMFADevice", + "deleteaccesskey": "DeleteAccessKey", + "deleteaccountalias": "DeleteAccountAlias", + "deleteaccountpasswordpolicy": "DeleteAccountPasswordPolicy", + "deletecloudfrontpublickey": "DeleteCloudFrontPublicKey", + "deletegroup": "DeleteGroup", + "deletegrouppolicy": "DeleteGroupPolicy", + "deleteinstanceprofile": "DeleteInstanceProfile", + "deleteloginprofile": "DeleteLoginProfile", + "deleteopenidconnectprovider": "DeleteOpenIDConnectProvider", + "deletepolicy": "DeletePolicy", + "deletepolicyversion": "DeletePolicyVersion", + "deleterole": "DeleteRole", + "deleterolepermissionsboundary": "DeleteRolePermissionsBoundary", + "deleterolepolicy": "DeleteRolePolicy", + "deletesamlprovider": "DeleteSAMLProvider", + "deletesshpublickey": "DeleteSSHPublicKey", + "deleteservercertificate": "DeleteServerCertificate", + "deleteservicelinkedrole": "DeleteServiceLinkedRole", + "deleteservicespecificcredential": "DeleteServiceSpecificCredential", + "deletesigningcertificate": "DeleteSigningCertificate", + "deleteuser": "DeleteUser", + "deleteuserpermissionsboundary": "DeleteUserPermissionsBoundary", + "deleteuserpolicy": "DeleteUserPolicy", + "deletevirtualmfadevice": "DeleteVirtualMFADevice", + "detachgrouppolicy": "DetachGroupPolicy", + "detachrolepolicy": "DetachRolePolicy", + "detachuserpolicy": "DetachUserPolicy", + "enablemfadevice": "EnableMFADevice", + "generatecredentialreport": "GenerateCredentialReport", + "generateorganizationsaccessreport": "GenerateOrganizationsAccessReport", + "generateservicelastaccesseddetails": "GenerateServiceLastAccessedDetails", + "getaccesskeylastused": "GetAccessKeyLastUsed", + "getaccountauthorizationdetails": "GetAccountAuthorizationDetails", + "getaccountemailaddress": "GetAccountEmailAddress", + "getaccountname": "GetAccountName", + "getaccountpasswordpolicy": "GetAccountPasswordPolicy", + "getaccountsummary": "GetAccountSummary", + "getcloudfrontpublickey": "GetCloudFrontPublicKey", + "getcontextkeysforcustompolicy": "GetContextKeysForCustomPolicy", + "getcontextkeysforprincipalpolicy": "GetContextKeysForPrincipalPolicy", + "getcredentialreport": "GetCredentialReport", + "getgroup": "GetGroup", + "getgrouppolicy": "GetGroupPolicy", + "getinstanceprofile": "GetInstanceProfile", + "getloginprofile": "GetLoginProfile", + "getopenidconnectprovider": "GetOpenIDConnectProvider", + "getorganizationsaccessreport": "GetOrganizationsAccessReport", + "getpolicy": "GetPolicy", + "getpolicyversion": "GetPolicyVersion", + "getrole": "GetRole", + "getrolepolicy": "GetRolePolicy", + "getsamlprovider": "GetSAMLProvider", + "getsshpublickey": "GetSSHPublicKey", + "getservercertificate": "GetServerCertificate", + "getservicelastaccesseddetails": "GetServiceLastAccessedDetails", + "getservicelastaccesseddetailswithentities": "GetServiceLastAccessedDetailsWithEntities", + "getservicelinkedroledeletionstatus": "GetServiceLinkedRoleDeletionStatus", + "getuser": "GetUser", + "getuserpolicy": "GetUserPolicy", + "listaccesskeys": "ListAccessKeys", + "listaccountaliases": "ListAccountAliases", + "listattachedgrouppolicies": "ListAttachedGroupPolicies", + "listattachedrolepolicies": "ListAttachedRolePolicies", + "listattacheduserpolicies": "ListAttachedUserPolicies", + "listcloudfrontpublickeys": "ListCloudFrontPublicKeys", + "listentitiesforpolicy": "ListEntitiesForPolicy", + "listgrouppolicies": "ListGroupPolicies", + "listgroups": "ListGroups", + "listgroupsforuser": "ListGroupsForUser", + "listinstanceprofiletags": "ListInstanceProfileTags", + "listinstanceprofiles": "ListInstanceProfiles", + "listinstanceprofilesforrole": "ListInstanceProfilesForRole", + "listmfadevicetags": "ListMFADeviceTags", + "listmfadevices": "ListMFADevices", + "listopenidconnectprovidertags": "ListOpenIDConnectProviderTags", + "listopenidconnectproviders": "ListOpenIDConnectProviders", + "listpolicies": "ListPolicies", + "listpoliciesgrantingserviceaccess": "ListPoliciesGrantingServiceAccess", + "listpolicytags": "ListPolicyTags", + "listpolicyversions": "ListPolicyVersions", + "listrolepolicies": "ListRolePolicies", + "listroletags": "ListRoleTags", + "listroles": "ListRoles", + "listsamlprovidertags": "ListSAMLProviderTags", + "listsamlproviders": "ListSAMLProviders", + "listsshpublickeys": "ListSSHPublicKeys", + "liststsregionalendpointsstatus": "ListSTSRegionalEndpointsStatus", + "listservercertificatetags": "ListServerCertificateTags", + "listservercertificates": "ListServerCertificates", + "listservicespecificcredentials": "ListServiceSpecificCredentials", + "listsigningcertificates": "ListSigningCertificates", + "listuserpolicies": "ListUserPolicies", + "listusertags": "ListUserTags", + "listusers": "ListUsers", + "listvirtualmfadevices": "ListVirtualMFADevices", + "passrole": "PassRole", + "putgrouppolicy": "PutGroupPolicy", + "putrolepermissionsboundary": "PutRolePermissionsBoundary", + "putrolepolicy": "PutRolePolicy", + "putuserpermissionsboundary": "PutUserPermissionsBoundary", + "putuserpolicy": "PutUserPolicy", + "removeclientidfromopenidconnectprovider": "RemoveClientIDFromOpenIDConnectProvider", + "removerolefrominstanceprofile": "RemoveRoleFromInstanceProfile", + "removeuserfromgroup": "RemoveUserFromGroup", + "resetservicespecificcredential": "ResetServiceSpecificCredential", + "resyncmfadevice": "ResyncMFADevice", + "setdefaultpolicyversion": "SetDefaultPolicyVersion", + "setstsregionalendpointstatus": "SetSTSRegionalEndpointStatus", + "setsecuritytokenservicepreferences": "SetSecurityTokenServicePreferences", + "simulatecustompolicy": "SimulateCustomPolicy", + "simulateprincipalpolicy": "SimulatePrincipalPolicy", + "taginstanceprofile": "TagInstanceProfile", + "tagmfadevice": "TagMFADevice", + "tagopenidconnectprovider": "TagOpenIDConnectProvider", + "tagpolicy": "TagPolicy", + "tagrole": "TagRole", + "tagsamlprovider": "TagSAMLProvider", + "tagservercertificate": "TagServerCertificate", + "taguser": "TagUser", + "untaginstanceprofile": "UntagInstanceProfile", + "untagmfadevice": "UntagMFADevice", + "untagopenidconnectprovider": "UntagOpenIDConnectProvider", + "untagpolicy": "UntagPolicy", + "untagrole": "UntagRole", + "untagsamlprovider": "UntagSAMLProvider", + "untagservercertificate": "UntagServerCertificate", + "untaguser": "UntagUser", + "updateaccesskey": "UpdateAccessKey", + "updateaccountemailaddress": "UpdateAccountEmailAddress", + "updateaccountname": "UpdateAccountName", + "updateaccountpasswordpolicy": "UpdateAccountPasswordPolicy", + "updateassumerolepolicy": "UpdateAssumeRolePolicy", + "updatecloudfrontpublickey": "UpdateCloudFrontPublicKey", + "updategroup": "UpdateGroup", + "updateloginprofile": "UpdateLoginProfile", + "updateopenidconnectproviderthumbprint": "UpdateOpenIDConnectProviderThumbprint", + "updaterole": "UpdateRole", + "updateroledescription": "UpdateRoleDescription", + "updatesamlprovider": "UpdateSAMLProvider", + "updatesshpublickey": "UpdateSSHPublicKey", + "updateservercertificate": "UpdateServerCertificate", + "updateservicespecificcredential": "UpdateServiceSpecificCredential", + "updatesigningcertificate": "UpdateSigningCertificate", + "updateuser": "UpdateUser", + "uploadcloudfrontpublickey": "UploadCloudFrontPublicKey", + "uploadsshpublickey": "UploadSSHPublicKey", + "uploadservercertificate": "UploadServerCertificate", + "uploadsigningcertificate": "UploadSigningCertificate", + "getmfadevice": "GetMFADevice" + }, + "resources": { + "access-report": { + "resource": "access-report", + "arn": "arn:${Partition}:iam::${Account}:access-report/${EntityPath}", + "condition_keys": [] + }, + "assumed-role": { + "resource": "assumed-role", + "arn": "arn:${Partition}:iam::${Account}:assumed-role/${RoleName}/${RoleSessionName}", + "condition_keys": [] + }, + "federated-user": { + "resource": "federated-user", + "arn": "arn:${Partition}:iam::${Account}:federated-user/${UserName}", + "condition_keys": [] + }, + "group": { + "resource": "group", + "arn": "arn:${Partition}:iam::${Account}:group/${GroupNameWithPath}", + "condition_keys": [] + }, + "instance-profile": { + "resource": "instance-profile", + "arn": "arn:${Partition}:iam::${Account}:instance-profile/${InstanceProfileNameWithPath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "mfa": { + "resource": "mfa", + "arn": "arn:${Partition}:iam::${Account}:mfa/${MfaTokenIdWithPath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "oidc-provider": { + "resource": "oidc-provider", + "arn": "arn:${Partition}:iam::${Account}:oidc-provider/${OidcProviderName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "policy": { + "resource": "policy", + "arn": "arn:${Partition}:iam::${Account}:policy/${PolicyNameWithPath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "role": { + "resource": "role", + "arn": "arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "iam:ResourceTag/${TagKey}" + ] + }, + "saml-provider": { + "resource": "saml-provider", + "arn": "arn:${Partition}:iam::${Account}:saml-provider/${SamlProviderName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "server-certificate": { + "resource": "server-certificate", + "arn": "arn:${Partition}:iam::${Account}:server-certificate/${CertificateNameWithPath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "sms-mfa": { + "resource": "sms-mfa", + "arn": "arn:${Partition}:iam::${Account}:sms-mfa/${MfaTokenIdWithPath}", + "condition_keys": [] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:iam::${Account}:user/${UserNameWithPath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "iam:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "access-report": "access-report", + "assumed-role": "assumed-role", + "federated-user": "federated-user", + "group": "group", + "instance-profile": "instance-profile", + "mfa": "mfa", + "oidc-provider": "oidc-provider", + "policy": "policy", + "role": "role", + "saml-provider": "saml-provider", + "server-certificate": "server-certificate", + "sms-mfa": "sms-mfa", + "user": "user" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "iam:AWSServiceName": { + "condition": "iam:AWSServiceName", + "description": "Filters access by the AWS service to which this role is attached", + "type": "String" + }, + "iam:AssociatedResourceArn": { + "condition": "iam:AssociatedResourceArn", + "description": "Filters by the resource that the role will be used on behalf of", + "type": "ARN" + }, + "iam:OrganizationsPolicyId": { + "condition": "iam:OrganizationsPolicyId", + "description": "Filters access by the ID of an AWS Organizations policy", + "type": "String" + }, + "iam:PassedToService": { + "condition": "iam:PassedToService", + "description": "Filters access by the AWS service to which this role is passed", + "type": "String" + }, + "iam:PermissionsBoundary": { + "condition": "iam:PermissionsBoundary", + "description": "Filters access if the specified policy is set as the permissions boundary on the IAM entity (user or role)", + "type": "String" + }, + "iam:PolicyARN": { + "condition": "iam:PolicyARN", + "description": "Filters access by the ARN of an IAM policy", + "type": "ARN" + }, + "iam:ResourceTag/${TagKey}": { + "condition": "iam:ResourceTag/${TagKey}", + "description": "Filters access by the tags attached to an IAM entity (user or role)", + "type": "String" + }, + "iam:FIDO-FIPS-140-2-certification": { + "condition": "iam:FIDO-FIPS-140-2-certification", + "description": "Filters access by the MFA device FIPS-140-2 validation certification level at the time of registration of a FIDO security key", + "type": "String" + }, + "iam:FIDO-FIPS-140-3-certification": { + "condition": "iam:FIDO-FIPS-140-3-certification", + "description": "Filters access by the MFA device FIPS-140-3 validation certification level at the time of registration of a FIDO security key", + "type": "String" + }, + "iam:FIDO-certification": { + "condition": "iam:FIDO-certification", + "description": "Filters access by the MFA device FIDO certification level at the time of registration of a FIDO security key", + "type": "String" + }, + "iam:RegisterSecurityKey": { + "condition": "iam:RegisterSecurityKey", + "description": "Filters access by the current state of MFA device enablement", + "type": "String" + } + } + }, + "rolesanywhere": { + "service_name": "AWS Identity and Access Management Roles Anywhere", + "prefix": "rolesanywhere", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentityandaccessmanagementrolesanywhere.html", + "privileges": { + "CreateProfile": { + "privilege": "CreateProfile", + "description": "Grants permission to create a profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateProfile.html" + }, + "CreateTrustAnchor": { + "privilege": "CreateTrustAnchor", + "description": "Grants permission to create a trust anchor", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateTrustAnchor.html" + }, + "DeleteCrl": { + "privilege": "DeleteCrl", + "description": "Grants permission to delete a certificate revocation list (crl)", + "access_level": "Write", + "resource_types": { + "crl": { + "resource_type": "crl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crl": "crl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DeleteCrl.html" + }, + "DeleteProfile": { + "privilege": "DeleteProfile", + "description": "Grants permission to delete a profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DeleteProfile.html" + }, + "DeleteTrustAnchor": { + "privilege": "DeleteTrustAnchor", + "description": "Grants permission to delete a trust anchor", + "access_level": "Write", + "resource_types": { + "trust-anchor": { + "resource_type": "trust-anchor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trust-anchor": "trust-anchor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DeleteTrustAnchor.html" + }, + "DisableCrl": { + "privilege": "DisableCrl", + "description": "Grants permission to disable a certificate revocation list (crl)", + "access_level": "Write", + "resource_types": { + "crl": { + "resource_type": "crl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crl": "crl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DisableCrl.html" + }, + "DisableProfile": { + "privilege": "DisableProfile", + "description": "Grants permission to disable a profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DisableProfile.html" + }, + "DisableTrustAnchor": { + "privilege": "DisableTrustAnchor", + "description": "Grants permission to disable a trust anchor", + "access_level": "Write", + "resource_types": { + "trust-anchor": { + "resource_type": "trust-anchor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trust-anchor": "trust-anchor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_DisableTrustAnchor.html" + }, + "EnableCrl": { + "privilege": "EnableCrl", + "description": "Grants permission to enable a certificate revocation list (crl)", + "access_level": "Write", + "resource_types": { + "crl": { + "resource_type": "crl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crl": "crl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_EnableCrl.html" + }, + "EnableProfile": { + "privilege": "EnableProfile", + "description": "Grants permission to enable a profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_EnableProfile.html" + }, + "EnableTrustAnchor": { + "privilege": "EnableTrustAnchor", + "description": "Grants permission to enable a trust anchor", + "access_level": "Write", + "resource_types": { + "trust-anchor": { + "resource_type": "trust-anchor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trust-anchor": "trust-anchor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_EnableTrustAnchor.html" + }, + "GetCrl": { + "privilege": "GetCrl", + "description": "Grants permission to get a certificate revocation list (crl)", + "access_level": "Read", + "resource_types": { + "crl": { + "resource_type": "crl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crl": "crl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetCrl.html" + }, + "GetProfile": { + "privilege": "GetProfile", + "description": "Grants permission to get a profile", + "access_level": "Read", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetProfile.html" + }, + "GetSubject": { + "privilege": "GetSubject", + "description": "Grants permission to get a subject", + "access_level": "Read", + "resource_types": { + "subject": { + "resource_type": "subject", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subject": "subject" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetSubject.html" + }, + "GetTrustAnchor": { + "privilege": "GetTrustAnchor", + "description": "Grants permission to get a trust anchor", + "access_level": "Read", + "resource_types": { + "trust-anchor": { + "resource_type": "trust-anchor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trust-anchor": "trust-anchor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_GetTrustAnchor.html" + }, + "ImportCrl": { + "privilege": "ImportCrl", + "description": "Grants permission to import a certificate revocation list (crl)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ImportCrl.html" + }, + "ListCrls": { + "privilege": "ListCrls", + "description": "Grants permission to list certificate revocation lists (crls)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListCrls.html" + }, + "ListProfiles": { + "privilege": "ListProfiles", + "description": "Grants permission to list profiles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListProfiles.html" + }, + "ListSubjects": { + "privilege": "ListSubjects", + "description": "Grants permission to list subjects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListSubjects.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTrustAnchors": { + "privilege": "ListTrustAnchors", + "description": "Grants permission to list trust anchors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ListTrustAnchors.html" + }, + "PutNotificationSettings": { + "privilege": "PutNotificationSettings", + "description": "Grants permission to attach notification settings to a trust anchor", + "access_level": "Write", + "resource_types": { + "trust-anchor": { + "resource_type": "trust-anchor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trust-anchor": "trust-anchor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_PutNotificationSettings.html" + }, + "ResetNotificationSettings": { + "privilege": "ResetNotificationSettings", + "description": "Grants permission to reset custom notification settings to IAM Roles Anywhere defined default state", + "access_level": "Write", + "resource_types": { + "trust-anchor": { + "resource_type": "trust-anchor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trust-anchor": "trust-anchor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_ResetNotificationSettings.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "crl": { + "resource_type": "crl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subject": { + "resource_type": "subject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trust-anchor": { + "resource_type": "trust-anchor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crl": "crl", + "profile": "profile", + "subject": "subject", + "trust-anchor": "trust-anchor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "crl": { + "resource_type": "crl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "subject": { + "resource_type": "subject", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "trust-anchor": { + "resource_type": "trust-anchor", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crl": "crl", + "profile": "profile", + "subject": "subject", + "trust-anchor": "trust-anchor", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UntagResource.html" + }, + "UpdateCrl": { + "privilege": "UpdateCrl", + "description": "Grants permission to update a certificate revocation list (crl)", + "access_level": "Write", + "resource_types": { + "crl": { + "resource_type": "crl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "crl": "crl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UpdateCrl.html" + }, + "UpdateProfile": { + "privilege": "UpdateProfile", + "description": "Grants permission to update a profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UpdateProfile.html" + }, + "UpdateTrustAnchor": { + "privilege": "UpdateTrustAnchor", + "description": "Grants permission to update a trust anchor", + "access_level": "Write", + "resource_types": { + "trust-anchor": { + "resource_type": "trust-anchor", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "trust-anchor": "trust-anchor" + }, + "api_documentation_link": "https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_UpdateTrustAnchor.html" + } + }, + "privileges_lower_name": { + "createprofile": "CreateProfile", + "createtrustanchor": "CreateTrustAnchor", + "deletecrl": "DeleteCrl", + "deleteprofile": "DeleteProfile", + "deletetrustanchor": "DeleteTrustAnchor", + "disablecrl": "DisableCrl", + "disableprofile": "DisableProfile", + "disabletrustanchor": "DisableTrustAnchor", + "enablecrl": "EnableCrl", + "enableprofile": "EnableProfile", + "enabletrustanchor": "EnableTrustAnchor", + "getcrl": "GetCrl", + "getprofile": "GetProfile", + "getsubject": "GetSubject", + "gettrustanchor": "GetTrustAnchor", + "importcrl": "ImportCrl", + "listcrls": "ListCrls", + "listprofiles": "ListProfiles", + "listsubjects": "ListSubjects", + "listtagsforresource": "ListTagsForResource", + "listtrustanchors": "ListTrustAnchors", + "putnotificationsettings": "PutNotificationSettings", + "resetnotificationsettings": "ResetNotificationSettings", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecrl": "UpdateCrl", + "updateprofile": "UpdateProfile", + "updatetrustanchor": "UpdateTrustAnchor" + }, + "resources": { + "trust-anchor": { + "resource": "trust-anchor", + "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:trust-anchor/${TrustAnchorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "profile": { + "resource": "profile", + "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:profile/${ProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "subject": { + "resource": "subject", + "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:subject/${SubjectId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "crl": { + "resource": "crl", + "arn": "arn:${Partition}:rolesanywhere:${Region}:${Account}:crl/${CrlId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "trust-anchor": "trust-anchor", + "profile": "profile", + "subject": "subject", + "crl": "crl" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "identitystore": { + "service_name": "AWS Identity Store", + "prefix": "identitystore", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentitystore.html", + "privileges": { + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a group in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroup.html" + }, + "CreateGroupMembership": { + "privilege": "CreateGroupMembership", + "description": "Grants permission to create a member to a group in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateGroupMembership.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to create a user in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_CreateUser.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete a group in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroup.html" + }, + "DeleteGroupMembership": { + "privilege": "DeleteGroupMembership", + "description": "Grants permission to remove a member that is part of a group in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "GroupMembership": { + "resource_type": "GroupMembership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "groupmembership": "GroupMembership", + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteGroupMembership.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DeleteUser.html" + }, + "DescribeGroup": { + "privilege": "DescribeGroup", + "description": "Grants permission to retrieve information about a group in the specified IdentityStore", + "access_level": "Read", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeGroup.html" + }, + "DescribeGroupMembership": { + "privilege": "DescribeGroupMembership", + "description": "Grants permission to retrieve information about a member that is part of a group in the specified IdentityStore", + "access_level": "Read", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "GroupMembership": { + "resource_type": "GroupMembership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "groupmembership": "GroupMembership", + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeGroupMembership.html" + }, + "DescribeUser": { + "privilege": "DescribeUser", + "description": "Grants permission to retrieve information about user in the specified IdentityStore", + "access_level": "Read", + "resource_types": { + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeUser.html" + }, + "GetGroupId": { + "privilege": "GetGroupId", + "description": "Grants permission to retrieve ID information about group in the specified IdentityStore", + "access_level": "Read", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetGroupId.html" + }, + "GetGroupMembershipId": { + "privilege": "GetGroupMembershipId", + "description": "Grants permission to retrieve ID information of a member which is part of a group in the specified IdentityStore", + "access_level": "Read", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "GroupMembership": { + "resource_type": "GroupMembership", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "groupmembership": "GroupMembership", + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetGroupMembershipId.html" + }, + "GetUserId": { + "privilege": "GetUserId", + "description": "Grants permission to retrieves ID information about user in the specified IdentityStore", + "access_level": "Read", + "resource_types": { + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_GetUserId.html" + }, + "IsMemberInGroups": { + "privilege": "IsMemberInGroups", + "description": "Grants permission to check if a member is a part of groups in the specified IdentityStore", + "access_level": "Read", + "resource_types": { + "AllGroupMemberships": { + "resource_type": "AllGroupMemberships", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allgroupmemberships": "AllGroupMemberships", + "group": "Group", + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_IsMemberInGroups.html" + }, + "ListGroupMemberships": { + "privilege": "ListGroupMemberships", + "description": "Grants permission to retrieve all members that are part of a group in the specified IdentityStore", + "access_level": "List", + "resource_types": { + "AllGroupMemberships": { + "resource_type": "AllGroupMemberships", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allgroupmemberships": "AllGroupMemberships", + "group": "Group", + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMemberships.html" + }, + "ListGroupMembershipsForMember": { + "privilege": "ListGroupMembershipsForMember", + "description": "Grants permission to list groups of the target member in the specified IdentityStore", + "access_level": "List", + "resource_types": { + "AllGroupMemberships": { + "resource_type": "AllGroupMemberships", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allgroupmemberships": "AllGroupMemberships", + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroupMembershipsForMember.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to search for groups within the specified IdentityStore", + "access_level": "List", + "resource_types": { + "AllGroups": { + "resource_type": "AllGroups", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allgroups": "AllGroups", + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListGroups.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to search for users in the specified IdentityStore", + "access_level": "List", + "resource_types": { + "AllUsers": { + "resource_type": "AllUsers", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "allusers": "AllUsers", + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_ListUsers.html" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to update information about a group in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Group": { + "resource_type": "Group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "Group", + "identitystore": "Identitystore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_UpdateGroup.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update user information in the specified IdentityStore", + "access_level": "Write", + "resource_types": { + "Identitystore": { + "resource_type": "Identitystore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "User": { + "resource_type": "User", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "identitystore": "Identitystore", + "user": "User" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_UpdateUser.html" + } + }, + "privileges_lower_name": { + "creategroup": "CreateGroup", + "creategroupmembership": "CreateGroupMembership", + "createuser": "CreateUser", + "deletegroup": "DeleteGroup", + "deletegroupmembership": "DeleteGroupMembership", + "deleteuser": "DeleteUser", + "describegroup": "DescribeGroup", + "describegroupmembership": "DescribeGroupMembership", + "describeuser": "DescribeUser", + "getgroupid": "GetGroupId", + "getgroupmembershipid": "GetGroupMembershipId", + "getuserid": "GetUserId", + "ismemberingroups": "IsMemberInGroups", + "listgroupmemberships": "ListGroupMemberships", + "listgroupmembershipsformember": "ListGroupMembershipsForMember", + "listgroups": "ListGroups", + "listusers": "ListUsers", + "updategroup": "UpdateGroup", + "updateuser": "UpdateUser" + }, + "resources": { + "Identitystore": { + "resource": "Identitystore", + "arn": "arn:${Partition}:identitystore::${Account}:identitystore/${IdentityStoreId}", + "condition_keys": [] + }, + "User": { + "resource": "User", + "arn": "arn:${Partition}:identitystore:::user/${UserId}", + "condition_keys": [] + }, + "Group": { + "resource": "Group", + "arn": "arn:${Partition}:identitystore:::group/${GroupId}", + "condition_keys": [] + }, + "GroupMembership": { + "resource": "GroupMembership", + "arn": "arn:${Partition}:identitystore:::membership/${MembershipId}", + "condition_keys": [] + }, + "AllUsers": { + "resource": "AllUsers", + "arn": "arn:${Partition}:identitystore:::user/*", + "condition_keys": [] + }, + "AllGroups": { + "resource": "AllGroups", + "arn": "arn:${Partition}:identitystore:::group/*", + "condition_keys": [] + }, + "AllGroupMemberships": { + "resource": "AllGroupMemberships", + "arn": "arn:${Partition}:identitystore:::membership/*", + "condition_keys": [] + } + }, + "resources_lower_name": { + "identitystore": "Identitystore", + "user": "User", + "group": "Group", + "groupmembership": "GroupMembership", + "allusers": "AllUsers", + "allgroups": "AllGroups", + "allgroupmemberships": "AllGroupMemberships" + }, + "conditions": { + "identitystore:UserId": { + "condition": "identitystore:UserId", + "description": "Filters access by IAM Identity Center User ID", + "type": "String" + } + } + }, + "identitystore-auth": { + "service_name": "AWS Identity Store Auth", + "prefix": "identitystore-auth", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentitystoreauth.html", + "privileges": { + "BatchDeleteSession": { + "privilege": "BatchDeleteSession", + "description": "Grants permission to delete a batch of specified sessions", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-app-session.html" + }, + "BatchGetSession": { + "privilege": "BatchGetSession", + "description": "Grants permission to return session attributes for a batch of specified sessions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-app-session.html" + }, + "ListSessions": { + "privilege": "ListSessions", + "description": "Grants permission to retrieve a list of active sessions for the specified user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-app-session.html" + } + }, + "privileges_lower_name": { + "batchdeletesession": "BatchDeleteSession", + "batchgetsession": "BatchGetSession", + "listsessions": "ListSessions" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "identity-sync": { + "service_name": "AWS Identity Sync", + "prefix": "identity-sync", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentitysync.html", + "privileges": { + "CreateSyncFilter": { + "privilege": "CreateSyncFilter", + "description": "Grants permission to create a sync filter on the sync profile", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "CreateSyncProfile": { + "privilege": "CreateSyncProfile", + "description": "Grants permission to create a sync profile for the source", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "ds:AuthorizeApplication" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "CreateSyncTarget": { + "privilege": "CreateSyncTarget", + "description": "Grants permission to create a sync target for the source", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "DeleteSyncFilter": { + "privilege": "DeleteSyncFilter", + "description": "Grants permission to delete a sync filter on the sync profile", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "DeleteSyncProfile": { + "privilege": "DeleteSyncProfile", + "description": "Grants permission to delete a sync profile on the source", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ds:UnauthorizeApplication" + ] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "DeleteSyncTarget": { + "privilege": "DeleteSyncTarget", + "description": "Grants permission to delete a sync target on the source", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SyncTargetResource": { + "resource_type": "SyncTargetResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource", + "synctargetresource": "SyncTargetResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "GetSyncProfile": { + "privilege": "GetSyncProfile", + "description": "Grants permission to retrieve a sync profile using sync profile name", + "access_level": "Read", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "GetSyncTarget": { + "privilege": "GetSyncTarget", + "description": "Grants permission to retrieve a sync target on the sync profile", + "access_level": "Read", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SyncTargetResource": { + "resource_type": "SyncTargetResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource", + "synctargetresource": "SyncTargetResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "ListSyncFilters": { + "privilege": "ListSyncFilters", + "description": "Grants permission to list the sync filters on the sync profile", + "access_level": "List", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "StartSync": { + "privilege": "StartSync", + "description": "Grants permission to start a synchronization process or to restart a synchronization that was previously stopped", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "StopSync": { + "privilege": "StopSync", + "description": "Grants permission to stop any planned synchronizations in the synchronization schedule from starting", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + }, + "UpdateSyncTarget": { + "privilege": "UpdateSyncTarget", + "description": "Grants permission to update a sync target on the sync profile", + "access_level": "Write", + "resource_types": { + "SyncProfileResource": { + "resource_type": "SyncProfileResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "SyncTargetResource": { + "resource_type": "SyncTargetResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncprofileresource": "SyncProfileResource", + "synctargetresource": "SyncTargetResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/singlesignon/latest/userguide/security-iam-awsmanpol.html" + } + }, + "privileges_lower_name": { + "createsyncfilter": "CreateSyncFilter", + "createsyncprofile": "CreateSyncProfile", + "createsynctarget": "CreateSyncTarget", + "deletesyncfilter": "DeleteSyncFilter", + "deletesyncprofile": "DeleteSyncProfile", + "deletesynctarget": "DeleteSyncTarget", + "getsyncprofile": "GetSyncProfile", + "getsynctarget": "GetSyncTarget", + "listsyncfilters": "ListSyncFilters", + "startsync": "StartSync", + "stopsync": "StopSync", + "updatesynctarget": "UpdateSyncTarget" + }, + "resources": { + "SyncProfileResource": { + "resource": "SyncProfileResource", + "arn": "^arn:${Partition}:identity-sync:${Region}:${Account}:profile/${SyncProfileName}", + "condition_keys": [] + }, + "SyncTargetResource": { + "resource": "SyncTargetResource", + "arn": "^arn:${Partition}:identity-sync:${Region}:${Account}:target/${SyncProfileName}/${SyncTargetName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "syncprofileresource": "SyncProfileResource", + "synctargetresource": "SyncTargetResource" + }, + "conditions": {} + }, + "importexport": { + "service_name": "AWS Import Export Disk Service", + "prefix": "importexport", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsimportexportdiskservice.html", + "privileges": { + "CancelJob": { + "privilege": "CancelJob", + "description": "This action cancels a specified job. Only the job owner can cancel it. The action fails if the job has already started or is complete.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebCancelJob.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "This action initiates the process of scheduling an upload or download of your data.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebCreateJob.html" + }, + "GetShippingLabel": { + "privilege": "GetShippingLabel", + "description": "This action generates a pre-paid shipping label that you will use to ship your device to AWS for processing.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebGetShippingLabel.html" + }, + "GetStatus": { + "privilege": "GetStatus", + "description": "This action returns information about a job, including where the job is in the processing pipeline, the status of the results, and the signature value associated with the job.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebGetStatus.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "This action returns the jobs associated with the requester.", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebListJobs.html" + }, + "UpdateJob": { + "privilege": "UpdateJob", + "description": "You use this action to change the parameters specified in the original manifest file by supplying a new manifest file.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AWSImportExport/latest/DG/WebUpdateJob.html" + } + }, + "privileges_lower_name": { + "canceljob": "CancelJob", + "createjob": "CreateJob", + "getshippinglabel": "GetShippingLabel", + "getstatus": "GetStatus", + "listjobs": "ListJobs", + "updatejob": "UpdateJob" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "invoicing": { + "service_name": "AWS Invoicing Service", + "prefix": "invoicing", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsinvoicingservice.html", + "privileges": { + "GetInvoiceEmailDeliveryPreferences": { + "privilege": "GetInvoiceEmailDeliveryPreferences", + "description": "Grants permission to get Invoice Email Delivery Preferences", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetInvoicePDF": { + "privilege": "GetInvoicePDF", + "description": "Grants permission to get Invoice PDF", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ListInvoiceSummaries": { + "privilege": "ListInvoiceSummaries", + "description": "Grants permission to get Invoice summary information for your account or linked account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "PutInvoiceEmailDeliveryPreferences": { + "privilege": "PutInvoiceEmailDeliveryPreferences", + "description": "Grants permission to put Invoice Email Delivery Preferences", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + } + }, + "privileges_lower_name": { + "getinvoiceemaildeliverypreferences": "GetInvoiceEmailDeliveryPreferences", + "getinvoicepdf": "GetInvoicePDF", + "listinvoicesummaries": "ListInvoiceSummaries", + "putinvoiceemaildeliverypreferences": "PutInvoiceEmailDeliveryPreferences" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "iot": { + "service_name": "AWS IoT", + "prefix": "iot", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html", + "privileges": { + "AcceptCertificateTransfer": { + "privilege": "AcceptCertificateTransfer", + "description": "Grants permission to accept a pending certificate transfer", + "access_level": "Write", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AcceptCertificateTransfer.html" + }, + "AddThingToBillingGroup": { + "privilege": "AddThingToBillingGroup", + "description": "Grants permission to add a thing to the specified billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToBillingGroup.html" + }, + "AddThingToThingGroup": { + "privilege": "AddThingToThingGroup", + "description": "Grants permission to add a thing to the specified thing group", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToThingGroup.html" + }, + "AssociateTargetsWithJob": { + "privilege": "AssociateTargetsWithJob", + "description": "Grants permission to associate a group with a continuous job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "thing": "thing", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateTargetsWithJob.html" + }, + "AttachPolicy": { + "privilege": "AttachPolicy", + "description": "Grants permission to attach a policy to the specified target", + "access_level": "Permissions management", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPolicy.html" + }, + "AttachPrincipalPolicy": { + "privilege": "AttachPrincipalPolicy", + "description": "Grants permission to attach the specified policy to the specified principal (certificate or other credential)", + "access_level": "Permissions management", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPrincipalPolicy.html" + }, + "AttachSecurityProfile": { + "privilege": "AttachSecurityProfile", + "description": "Grants permission to associate a Device Defender security profile with a thing group or with this account", + "access_level": "Write", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile", + "custommetric": "custommetric", + "dimension": "dimension", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachSecurityProfile.html" + }, + "AttachThingPrincipal": { + "privilege": "AttachThingPrincipal", + "description": "Grants permission to attach the specified principal to the specified thing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_AttachThingPrincipal.html" + }, + "CancelAuditMitigationActionsTask": { + "privilege": "CancelAuditMitigationActionsTask", + "description": "Grants permission to cancel a mitigation action task that is in progress", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditMitigationActionsTask.html" + }, + "CancelAuditTask": { + "privilege": "CancelAuditTask", + "description": "Grants permission to cancel an audit that is in progress. The audit can be either scheduled or on-demand", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditTask.html" + }, + "CancelCertificateTransfer": { + "privilege": "CancelCertificateTransfer", + "description": "Grants permission to cancel a pending transfer for the specified certificate", + "access_level": "Write", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelCertificateTransfer.html" + }, + "CancelDetectMitigationActionsTask": { + "privilege": "CancelDetectMitigationActionsTask", + "description": "Grants permission to cancel a Device Defender ML Detect mitigation action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelDetectMitigationActionsTask.html" + }, + "CancelJob": { + "privilege": "CancelJob", + "description": "Grants permission to cancel a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJob.html" + }, + "CancelJobExecution": { + "privilege": "CancelJobExecution", + "description": "Grants permission to cancel a job execution on a particular device", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJobExecution.html" + }, + "ClearDefaultAuthorizer": { + "privilege": "ClearDefaultAuthorizer", + "description": "Grants permission to clear the default authorizer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ClearDefaultAuthorizer.html" + }, + "CloseTunnel": { + "privilege": "CloseTunnel", + "description": "Grants permission to close a tunnel", + "access_level": "Write", + "resource_types": { + "tunnel": { + "resource_type": "tunnel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iot:Delete" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tunnel": "tunnel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_CloseTunnel.html" + }, + "ConfirmTopicRuleDestination": { + "privilege": "ConfirmTopicRuleDestination", + "description": "Grants permission to confirm a http url TopicRuleDestinationDestination", + "access_level": "Write", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ConfirmTopicRuleDestination.html" + }, + "Connect": { + "privilege": "Connect", + "description": "Grants permission to connect as the specified client", + "access_level": "Write", + "resource_types": { + "client": { + "resource_type": "client", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "client": "client" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "CreateAuditSuppression": { + "privilege": "CreateAuditSuppression", + "description": "Grants permission to create a Device Defender audit suppression", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuditSuppression.html" + }, + "CreateAuthorizer": { + "privilege": "CreateAuthorizer", + "description": "Grants permission to create an authorizer", + "access_level": "Write", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuthorizer.html" + }, + "CreateBillingGroup": { + "privilege": "CreateBillingGroup", + "description": "Grants permission to create a billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateBillingGroup.html" + }, + "CreateCertificateFromCsr": { + "privilege": "CreateCertificateFromCsr", + "description": "Grants permission to create an X.509 certificate using the specified certificate signing request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html" + }, + "CreateCustomMetric": { + "privilege": "CreateCustomMetric", + "description": "Grants permission to create a custom metric for device side metric reporting and monitoring", + "access_level": "Write", + "resource_types": { + "custommetric": { + "resource_type": "custommetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custommetric": "custommetric", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCustomMetric.html" + }, + "CreateDimension": { + "privilege": "CreateDimension", + "description": "Grants permission to define a dimension that can be used to to limit the scope of a metric used in a security profile", + "access_level": "Write", + "resource_types": { + "dimension": { + "resource_type": "dimension", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dimension": "dimension", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDimension.html" + }, + "CreateDomainConfiguration": { + "privilege": "CreateDomainConfiguration", + "description": "Grants permission to create a domain configuration", + "access_level": "Write", + "resource_types": { + "domainconfiguration": { + "resource_type": "domainconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "iot:DomainName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domainconfiguration": "domainconfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDomainConfiguration.html" + }, + "CreateDynamicThingGroup": { + "privilege": "CreateDynamicThingGroup", + "description": "Grants permission to create a Dynamic Thing Group", + "access_level": "Write", + "resource_types": { + "dynamicthinggroup": { + "resource_type": "dynamicthinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dynamicthinggroup": "dynamicthinggroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDynamicThingGroup.html" + }, + "CreateFleetMetric": { + "privilege": "CreateFleetMetric", + "description": "Grants permission to create a fleet metric", + "access_level": "Write", + "resource_types": { + "fleetmetric": { + "resource_type": "fleetmetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleetmetric": "fleetmetric", + "index": "index", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateFleetMetric.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Grants permission to create a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "jobtemplate": { + "resource_type": "jobtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "thing": "thing", + "thinggroup": "thinggroup", + "jobtemplate": "jobtemplate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJob.html" + }, + "CreateJobTemplate": { + "privilege": "CreateJobTemplate", + "description": "Grants permission to create a job template", + "access_level": "Write", + "resource_types": { + "jobtemplate": { + "resource_type": "jobtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "jobtemplate", + "job": "job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJobTemplate.html" + }, + "CreateKeysAndCertificate": { + "privilege": "CreateKeysAndCertificate", + "description": "Grants permission to create a 2048 bit RSA key pair and issues an X.509 certificate using the issued public key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html" + }, + "CreateMitigationAction": { + "privilege": "CreateMitigationAction", + "description": "Grants permission to define an action that can be applied to audit findings by using StartAuditMitigationActionsTask", + "access_level": "Write", + "resource_types": { + "mitigationaction": { + "resource_type": "mitigationaction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mitigationaction": "mitigationaction", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateMitigationAction.html" + }, + "CreateOTAUpdate": { + "privilege": "CreateOTAUpdate", + "description": "Grants permission to create an OTA update job", + "access_level": "Write", + "resource_types": { + "otaupdate": { + "resource_type": "otaupdate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "otaupdate": "otaupdate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateOTAUpdate.html" + }, + "CreatePackage": { + "privilege": "CreatePackage", + "description": "Grants permission to create a software package that you can deploy to your devices", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:GetIndexingConfiguration" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackage.html" + }, + "CreatePackageVersion": { + "privilege": "CreatePackageVersion", + "description": "Grants permission to create a version under the specified package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:GetIndexingConfiguration" + ] + }, + "packageversion": { + "resource_type": "packageversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package", + "packageversion": "packageversion", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackageVersion.html" + }, + "CreatePolicy": { + "privilege": "CreatePolicy", + "description": "Grants permission to create an AWS IoT policy", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicy.html" + }, + "CreatePolicyVersion": { + "privilege": "CreatePolicyVersion", + "description": "Grants permission to create a new version of the specified AWS IoT policy", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicyVersion.html" + }, + "CreateProvisioningClaim": { + "privilege": "CreateProvisioningClaim", + "description": "Grants permission to create a provisioning claim", + "access_level": "Write", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningClaim.html" + }, + "CreateProvisioningTemplate": { + "privilege": "CreateProvisioningTemplate", + "description": "Grants permission to create a fleet provisioning template", + "access_level": "Write", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html" + }, + "CreateProvisioningTemplateVersion": { + "privilege": "CreateProvisioningTemplateVersion", + "description": "Grants permission to create a new version of a fleet provisioning template", + "access_level": "Write", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplateVersion.html" + }, + "CreateRoleAlias": { + "privilege": "CreateRoleAlias", + "description": "Grants permission to create a role alias", + "access_level": "Write", + "resource_types": { + "rolealias": { + "resource_type": "rolealias", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rolealias": "rolealias", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateRoleAlias.html" + }, + "CreateScheduledAudit": { + "privilege": "CreateScheduledAudit", + "description": "Grants permission to create a scheduled audit that is run at a specified time interval", + "access_level": "Write", + "resource_types": { + "scheduledaudit": { + "resource_type": "scheduledaudit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scheduledaudit": "scheduledaudit", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateScheduledAudit.html" + }, + "CreateSecurityProfile": { + "privilege": "CreateSecurityProfile", + "description": "Grants permission to create a Device Defender security profile", + "access_level": "Write", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile", + "custommetric": "custommetric", + "dimension": "dimension", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateSecurityProfile.html" + }, + "CreateStream": { + "privilege": "CreateStream", + "description": "Grants permission to create a new AWS IoT stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateStream.html" + }, + "CreateThing": { + "privilege": "CreateThing", + "description": "Grants permission to create a thing in the thing registry", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "billinggroup": { + "resource_type": "billinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing", + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThing.html" + }, + "CreateThingGroup": { + "privilege": "CreateThingGroup", + "description": "Grants permission to create a thing group", + "access_level": "Write", + "resource_types": { + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thinggroup": "thinggroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingGroup.html" + }, + "CreateThingType": { + "privilege": "CreateThingType", + "description": "Grants permission to create a new thing type", + "access_level": "Write", + "resource_types": { + "thingtype": { + "resource_type": "thingtype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thingtype": "thingtype", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingType.html" + }, + "CreateTopicRule": { + "privilege": "CreateTopicRule", + "description": "Grants permission to create a rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRule.html" + }, + "CreateTopicRuleDestination": { + "privilege": "CreateTopicRuleDestination", + "description": "Grants permission to create a TopicRuleDestination", + "access_level": "Write", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRuleDestination.html" + }, + "DeleteAccountAuditConfiguration": { + "privilege": "DeleteAccountAuditConfiguration", + "description": "Grants permission to delete the audit configuration associated with the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAccountAuditConfiguration.html" + }, + "DeleteAuditSuppression": { + "privilege": "DeleteAuditSuppression", + "description": "Grants permission to delete a Device Defender audit suppression", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuditSuppression.html" + }, + "DeleteAuthorizer": { + "privilege": "DeleteAuthorizer", + "description": "Grants permission to delete the specified authorizer", + "access_level": "Write", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuthorizer.html" + }, + "DeleteBillingGroup": { + "privilege": "DeleteBillingGroup", + "description": "Grants permission to delete the specified billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteBillingGroup.html" + }, + "DeleteCACertificate": { + "privilege": "DeleteCACertificate", + "description": "Grants permission to delete a registered CA certificate", + "access_level": "Write", + "resource_types": { + "cacert": { + "resource_type": "cacert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cacert": "cacert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCACertificate.html" + }, + "DeleteCertificate": { + "privilege": "DeleteCertificate", + "description": "Grants permission to delete the specified certificate", + "access_level": "Write", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificate.html" + }, + "DeleteCustomMetric": { + "privilege": "DeleteCustomMetric", + "description": "Grants permission to deletes the specified custom metric from your AWS account", + "access_level": "Write", + "resource_types": { + "custommetric": { + "resource_type": "custommetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custommetric": "custommetric" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCustomMetric.html" + }, + "DeleteDimension": { + "privilege": "DeleteDimension", + "description": "Grants permission to remove the specified dimension from your AWS account", + "access_level": "Write", + "resource_types": { + "dimension": { + "resource_type": "dimension", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dimension": "dimension" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDimension.html" + }, + "DeleteDomainConfiguration": { + "privilege": "DeleteDomainConfiguration", + "description": "Grants permission to delete a domain configuration", + "access_level": "Write", + "resource_types": { + "domainconfiguration": { + "resource_type": "domainconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domainconfiguration": "domainconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDomainConfiguration.html" + }, + "DeleteDynamicThingGroup": { + "privilege": "DeleteDynamicThingGroup", + "description": "Grants permission to delete the specified Dynamic Thing Group", + "access_level": "Write", + "resource_types": { + "dynamicthinggroup": { + "resource_type": "dynamicthinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dynamicthinggroup": "dynamicthinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDynamicThingGroup.html" + }, + "DeleteFleetMetric": { + "privilege": "DeleteFleetMetric", + "description": "Grants permission to delete the specified fleet metric", + "access_level": "Write", + "resource_types": { + "fleetmetric": { + "resource_type": "fleetmetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleetmetric": "fleetmetric" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteFleetMetric.html" + }, + "DeleteJob": { + "privilege": "DeleteJob", + "description": "Grants permission to delete a job and its related job executions", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJob.html" + }, + "DeleteJobExecution": { + "privilege": "DeleteJobExecution", + "description": "Grants permission to delete a job execution", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobExecution.html" + }, + "DeleteJobTemplate": { + "privilege": "DeleteJobTemplate", + "description": "Grants permission to delete a job template", + "access_level": "Write", + "resource_types": { + "jobtemplate": { + "resource_type": "jobtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "jobtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobTemplate.html" + }, + "DeleteMitigationAction": { + "privilege": "DeleteMitigationAction", + "description": "Grants permission to delete a defined mitigation action from your AWS account", + "access_level": "Write", + "resource_types": { + "mitigationaction": { + "resource_type": "mitigationaction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mitigationaction": "mitigationaction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteMitigationAction.html" + }, + "DeleteOTAUpdate": { + "privilege": "DeleteOTAUpdate", + "description": "Grants permission to delete an OTA update job", + "access_level": "Write", + "resource_types": { + "otaupdate": { + "resource_type": "otaupdate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "otaupdate": "otaupdate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteOTAUpdate.html" + }, + "DeletePackage": { + "privilege": "DeletePackage", + "description": "Grants permission to delete a package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackage.html" + }, + "DeletePackageVersion": { + "privilege": "DeletePackageVersion", + "description": "Grants permission to delete a version of the specified package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "packageversion": { + "resource_type": "packageversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package", + "packageversion": "packageversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackageVersion.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to delete the specified policy", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicy.html" + }, + "DeletePolicyVersion": { + "privilege": "DeletePolicyVersion", + "description": "Grants permission to Delete the specified version of the specified policy", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicyVersion.html" + }, + "DeleteProvisioningTemplate": { + "privilege": "DeleteProvisioningTemplate", + "description": "Grants permission to delete a fleet provisioning template", + "access_level": "Write", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplate.html" + }, + "DeleteProvisioningTemplateVersion": { + "privilege": "DeleteProvisioningTemplateVersion", + "description": "Grants permission to delete a fleet provisioning template version", + "access_level": "Write", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplateVersion.html" + }, + "DeleteRegistrationCode": { + "privilege": "DeleteRegistrationCode", + "description": "Grants permission to delete a CA certificate registration code", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRegistrationCode.html" + }, + "DeleteRoleAlias": { + "privilege": "DeleteRoleAlias", + "description": "Grants permission to delete the specified role alias", + "access_level": "Write", + "resource_types": { + "rolealias": { + "resource_type": "rolealias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rolealias": "rolealias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRoleAlias.html" + }, + "DeleteScheduledAudit": { + "privilege": "DeleteScheduledAudit", + "description": "Grants permission to delete a scheduled audit", + "access_level": "Write", + "resource_types": { + "scheduledaudit": { + "resource_type": "scheduledaudit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scheduledaudit": "scheduledaudit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteScheduledAudit.html" + }, + "DeleteSecurityProfile": { + "privilege": "DeleteSecurityProfile", + "description": "Grants permission to delete a Device Defender security profile", + "access_level": "Write", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile", + "custommetric": "custommetric", + "dimension": "dimension" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteSecurityProfile.html" + }, + "DeleteStream": { + "privilege": "DeleteStream", + "description": "Grants permission to delete a specified stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteStream.html" + }, + "DeleteThing": { + "privilege": "DeleteThing", + "description": "Grants permission to delete the specified thing", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThing.html" + }, + "DeleteThingGroup": { + "privilege": "DeleteThingGroup", + "description": "Grants permission to delete the specified thing group", + "access_level": "Write", + "resource_types": { + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingGroup.html" + }, + "DeleteThingShadow": { + "privilege": "DeleteThingShadow", + "description": "Grants permission to delete the specified thing shadow", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "DeleteThingType": { + "privilege": "DeleteThingType", + "description": "Grants permission to delete the specified thing type", + "access_level": "Write", + "resource_types": { + "thingtype": { + "resource_type": "thingtype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thingtype": "thingtype" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingType.html" + }, + "DeleteTopicRule": { + "privilege": "DeleteTopicRule", + "description": "Grants permission to delete the specified rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRule.html" + }, + "DeleteTopicRuleDestination": { + "privilege": "DeleteTopicRuleDestination", + "description": "Grants permission to delete a TopicRuleDestination", + "access_level": "Write", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRuleDestination.html" + }, + "DeleteV2LoggingLevel": { + "privilege": "DeleteV2LoggingLevel", + "description": "Grants permission to delete the specified v2 logging level", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteV2LoggingLevel.html" + }, + "DeprecateThingType": { + "privilege": "DeprecateThingType", + "description": "Grants permission to deprecate the specified thing type", + "access_level": "Write", + "resource_types": { + "thingtype": { + "resource_type": "thingtype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thingtype": "thingtype" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DeprecateThingType.html" + }, + "DescribeAccountAuditConfiguration": { + "privilege": "DescribeAccountAuditConfiguration", + "description": "Grants permission to get information about audit configurations for the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAccountAuditConfiguration.html" + }, + "DescribeAuditFinding": { + "privilege": "DescribeAuditFinding", + "description": "Grants permission to get information about a single audit finding. Properties include the reason for noncompliance, the severity of the issue, and when the audit that returned the finding was started", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditFinding.html" + }, + "DescribeAuditMitigationActionsTask": { + "privilege": "DescribeAuditMitigationActionsTask", + "description": "Grants permission to get information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditMitigationActionsTask.html" + }, + "DescribeAuditSuppression": { + "privilege": "DescribeAuditSuppression", + "description": "Grants permission to get information about a Device Defender audit suppression", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditSuppression.html" + }, + "DescribeAuditTask": { + "privilege": "DescribeAuditTask", + "description": "Grants permission to get information about a Device Defender audit", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditTask.html" + }, + "DescribeAuthorizer": { + "privilege": "DescribeAuthorizer", + "description": "Grants permission to describe an authorizer", + "access_level": "Read", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuthorizer.html" + }, + "DescribeBillingGroup": { + "privilege": "DescribeBillingGroup", + "description": "Grants permission to get information about the specified billing group", + "access_level": "Read", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeBillingGroup.html" + }, + "DescribeCACertificate": { + "privilege": "DescribeCACertificate", + "description": "Grants permission to describe a registered CA certificate", + "access_level": "Read", + "resource_types": { + "cacert": { + "resource_type": "cacert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cacert": "cacert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCACertificate.html" + }, + "DescribeCertificate": { + "privilege": "DescribeCertificate", + "description": "Grants permission to get information about the specified certificate", + "access_level": "Read", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificate.html" + }, + "DescribeCustomMetric": { + "privilege": "DescribeCustomMetric", + "description": "Grants permission to describe a custom metric that is defined in your AWS account", + "access_level": "Read", + "resource_types": { + "custommetric": { + "resource_type": "custommetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custommetric": "custommetric" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCustomMetric.html" + }, + "DescribeDefaultAuthorizer": { + "privilege": "DescribeDefaultAuthorizer", + "description": "Grants permission to describe the default authorizer", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDefaultAuthorizer.html" + }, + "DescribeDetectMitigationActionsTask": { + "privilege": "DescribeDetectMitigationActionsTask", + "description": "Grants permission to describe a Device Defender ML Detect mitigation action", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDetectMitigationActionsTask.html" + }, + "DescribeDimension": { + "privilege": "DescribeDimension", + "description": "Grants permission to get details about a dimension that is defined in your AWS account", + "access_level": "Read", + "resource_types": { + "dimension": { + "resource_type": "dimension", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dimension": "dimension" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDimension.html" + }, + "DescribeDomainConfiguration": { + "privilege": "DescribeDomainConfiguration", + "description": "Grants permission to get information about the domain configuration", + "access_level": "Read", + "resource_types": { + "domainconfiguration": { + "resource_type": "domainconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domainconfiguration": "domainconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDomainConfiguration.html" + }, + "DescribeEndpoint": { + "privilege": "DescribeEndpoint", + "description": "Grants permission to get a unique endpoint specific to the AWS account making the call", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEndpoint.html" + }, + "DescribeEventConfigurations": { + "privilege": "DescribeEventConfigurations", + "description": "Grants permission to get account event configurations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEventConfigurations.html" + }, + "DescribeFleetMetric": { + "privilege": "DescribeFleetMetric", + "description": "Grants permission to get information about the specified fleet metric", + "access_level": "Read", + "resource_types": { + "fleetmetric": { + "resource_type": "fleetmetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleetmetric": "fleetmetric" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeFleetMetric.html" + }, + "DescribeIndex": { + "privilege": "DescribeIndex", + "description": "Grants permission to get information about the specified index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeIndex.html" + }, + "DescribeJob": { + "privilege": "DescribeJob", + "description": "Grants permission to describe a job", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJob.html" + }, + "DescribeJobExecution": { + "privilege": "DescribeJobExecution", + "description": "Grants permission to describe a job execution", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobExecution.html" + }, + "DescribeJobTemplate": { + "privilege": "DescribeJobTemplate", + "description": "Grants permission to describe a job template", + "access_level": "Read", + "resource_types": { + "jobtemplate": { + "resource_type": "jobtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "jobtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobTemplate.html" + }, + "DescribeManagedJobTemplate": { + "privilege": "DescribeManagedJobTemplate", + "description": "Grants permission to describe a managed job template", + "access_level": "Read", + "resource_types": { + "jobtemplate": { + "resource_type": "jobtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "jobtemplate": "jobtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeManagedJobTemplate.html" + }, + "DescribeMitigationAction": { + "privilege": "DescribeMitigationAction", + "description": "Grants permission to get information about a mitigation action", + "access_level": "Read", + "resource_types": { + "mitigationaction": { + "resource_type": "mitigationaction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mitigationaction": "mitigationaction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeMitigationAction.html" + }, + "DescribeProvisioningTemplate": { + "privilege": "DescribeProvisioningTemplate", + "description": "Grants permission to get information about a fleet provisioning template", + "access_level": "Read", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplate.html" + }, + "DescribeProvisioningTemplateVersion": { + "privilege": "DescribeProvisioningTemplateVersion", + "description": "Grants permission to get information about a fleet provisioning template version", + "access_level": "Read", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplateVersion.html" + }, + "DescribeRoleAlias": { + "privilege": "DescribeRoleAlias", + "description": "Grants permission to describe a role alias", + "access_level": "Read", + "resource_types": { + "rolealias": { + "resource_type": "rolealias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rolealias": "rolealias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeRoleAlias.html" + }, + "DescribeScheduledAudit": { + "privilege": "DescribeScheduledAudit", + "description": "Grants permission to get information about a scheduled audit", + "access_level": "Read", + "resource_types": { + "scheduledaudit": { + "resource_type": "scheduledaudit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scheduledaudit": "scheduledaudit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeScheduledAudit.html" + }, + "DescribeSecurityProfile": { + "privilege": "DescribeSecurityProfile", + "description": "Grants permission to get information about a Device Defender security profile", + "access_level": "Read", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeSecurityProfile.html" + }, + "DescribeStream": { + "privilege": "DescribeStream", + "description": "Grants permission to get information about the specified stream", + "access_level": "Read", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeStream.html" + }, + "DescribeThing": { + "privilege": "DescribeThing", + "description": "Grants permission to get information about the specified thing", + "access_level": "Read", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThing.html" + }, + "DescribeThingGroup": { + "privilege": "DescribeThingGroup", + "description": "Grants permission to get information about the specified thing group", + "access_level": "Read", + "resource_types": { + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingGroup.html" + }, + "DescribeThingRegistrationTask": { + "privilege": "DescribeThingRegistrationTask", + "description": "Grants permission to get information about the bulk thing registration task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingRegistrationTask.html" + }, + "DescribeThingType": { + "privilege": "DescribeThingType", + "description": "Grants permission to get information about the specified thing type", + "access_level": "Read", + "resource_types": { + "thingtype": { + "resource_type": "thingtype", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thingtype": "thingtype" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingType.html" + }, + "DescribeTunnel": { + "privilege": "DescribeTunnel", + "description": "Grants permission to describe a tunnel", + "access_level": "Read", + "resource_types": { + "tunnel": { + "resource_type": "tunnel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tunnel": "tunnel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_DescribeTunnel.html" + }, + "DetachPolicy": { + "privilege": "DetachPolicy", + "description": "Grants permission to detach a policy from the specified target", + "access_level": "Permissions management", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPolicy.html" + }, + "DetachPrincipalPolicy": { + "privilege": "DetachPrincipalPolicy", + "description": "Grants permission to remove the specified policy from the specified certificate", + "access_level": "Permissions management", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPrincipalPolicy.html" + }, + "DetachSecurityProfile": { + "privilege": "DetachSecurityProfile", + "description": "Grants permission to disassociate a Device Defender security profile from a thing group or from this account", + "access_level": "Write", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile", + "custommetric": "custommetric", + "dimension": "dimension", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachSecurityProfile.html" + }, + "DetachThingPrincipal": { + "privilege": "DetachThingPrincipal", + "description": "Grants permission to detach the specified principal from the specified thing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DetachThingPrincipal.html" + }, + "DisableTopicRule": { + "privilege": "DisableTopicRule", + "description": "Grants permission to disable the specified rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_DisableTopicRule.html" + }, + "EnableTopicRule": { + "privilege": "EnableTopicRule", + "description": "Grants permission to enable the specified rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_EnableTopicRule.html" + }, + "GetBehaviorModelTrainingSummaries": { + "privilege": "GetBehaviorModelTrainingSummaries", + "description": "Grants permission to fetch a Device Defender's ML Detect Security Profile training model's status", + "access_level": "List", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetBehaviorModelTrainingSummaries.html" + }, + "GetBucketsAggregation": { + "privilege": "GetBucketsAggregation", + "description": "Grants permission to get buckets aggregation for IoT fleet index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetBucketsAggregation.html" + }, + "GetCardinality": { + "privilege": "GetCardinality", + "description": "Grants permission to get cardinality for IoT fleet index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetCardinality.html" + }, + "GetEffectivePolicies": { + "privilege": "GetEffectivePolicies", + "description": "Grants permission to get effective policies", + "access_level": "Read", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetEffectivePolicies.html" + }, + "GetIndexingConfiguration": { + "privilege": "GetIndexingConfiguration", + "description": "Grants permission to get current fleet indexing configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetIndexingConfiguration.html" + }, + "GetJobDocument": { + "privilege": "GetJobDocument", + "description": "Grants permission to get a job document", + "access_level": "Read", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetJobDocument.html" + }, + "GetLoggingOptions": { + "privilege": "GetLoggingOptions", + "description": "Grants permission to get the logging options", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetLoggingOptions.html" + }, + "GetOTAUpdate": { + "privilege": "GetOTAUpdate", + "description": "Grants permission to get the information about the OTA update job", + "access_level": "Read", + "resource_types": { + "otaupdate": { + "resource_type": "otaupdate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "otaupdate": "otaupdate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetOTAUpdate.html" + }, + "GetPackage": { + "privilege": "GetPackage", + "description": "Grants permission to get the information about the package", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackage.html" + }, + "GetPackageConfiguration": { + "privilege": "GetPackageConfiguration", + "description": "Grants permission to get the package configuration of the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageConfiguration.html" + }, + "GetPackageVersion": { + "privilege": "GetPackageVersion", + "description": "Grants permission to get the version of the package", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "packageversion": { + "resource_type": "packageversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package", + "packageversion": "packageversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageVersion.html" + }, + "GetPercentiles": { + "privilege": "GetPercentiles", + "description": "Grants permission to get percentiles for IoT fleet index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPercentiles.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to get information about the specified policy with the policy document of the default version", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicy.html" + }, + "GetPolicyVersion": { + "privilege": "GetPolicyVersion", + "description": "Grants permission to get information about the specified policy version", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicyVersion.html" + }, + "GetRegistrationCode": { + "privilege": "GetRegistrationCode", + "description": "Grants permission to get a registration code used to register a CA certificate with AWS IoT", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetRegistrationCode.html" + }, + "GetRetainedMessage": { + "privilege": "GetRetainedMessage", + "description": "Grants permission to get the retained message on the specified topic", + "access_level": "Read", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "GetStatistics": { + "privilege": "GetStatistics", + "description": "Grants permission to get statistics for IoT fleet index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetStatistics.html" + }, + "GetThingShadow": { + "privilege": "GetThingShadow", + "description": "Grants permission to get the thing shadow", + "access_level": "Read", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "GetTopicRule": { + "privilege": "GetTopicRule", + "description": "Grants permission to get information about the specified rule", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRule.html" + }, + "GetTopicRuleDestination": { + "privilege": "GetTopicRuleDestination", + "description": "Grants permission to get a TopicRuleDestination", + "access_level": "Read", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRuleDestination.html" + }, + "GetV2LoggingOptions": { + "privilege": "GetV2LoggingOptions", + "description": "Grants permission to get v2 logging options", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_GetV2LoggingOptions.html" + }, + "ListActiveViolations": { + "privilege": "ListActiveViolations", + "description": "Grants permission to list the active violations for a given Device Defender security profile or Thing", + "access_level": "List", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListActiveViolations.html" + }, + "ListAttachedPolicies": { + "privilege": "ListAttachedPolicies", + "description": "Grants permission to list the policies attached to the specified thing group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAttachedPolicies.html" + }, + "ListAuditFindings": { + "privilege": "ListAuditFindings", + "description": "Grants permission to list the findings (results) of a Device Defender audit or of the audits performed during a specified time period", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditFindings.html" + }, + "ListAuditMitigationActionsExecutions": { + "privilege": "ListAuditMitigationActionsExecutions", + "description": "Grants permission to get the status of audit mitigation action tasks that were executed", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsExecutions.html" + }, + "ListAuditMitigationActionsTasks": { + "privilege": "ListAuditMitigationActionsTasks", + "description": "Grants permission to get a list of audit mitigation action tasks that match the specified filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsTasks.html" + }, + "ListAuditSuppressions": { + "privilege": "ListAuditSuppressions", + "description": "Grants permission to list your Device Defender audit suppressions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditSuppressions.html" + }, + "ListAuditTasks": { + "privilege": "ListAuditTasks", + "description": "Grants permission to list the Device Defender audits that have been performed during a given time period", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditTasks.html" + }, + "ListAuthorizers": { + "privilege": "ListAuthorizers", + "description": "Grants permission to list the authorizers registered in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuthorizers.html" + }, + "ListBillingGroups": { + "privilege": "ListBillingGroups", + "description": "Grants permission to list all billing groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListBillingGroups.html" + }, + "ListCACertificates": { + "privilege": "ListCACertificates", + "description": "Grants permission to list the CA certificates registered for your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCACertificates.html" + }, + "ListCertificates": { + "privilege": "ListCertificates", + "description": "Grants permission to list your certificates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificates.html" + }, + "ListCertificatesByCA": { + "privilege": "ListCertificatesByCA", + "description": "Grants permission to list the device certificates signed by the specified CA certificate", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificatesByCA.html" + }, + "ListCustomMetrics": { + "privilege": "ListCustomMetrics", + "description": "Grants permission to list the custom metrics in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListCustomMetrics.html" + }, + "ListDetectMitigationActionsExecutions": { + "privilege": "ListDetectMitigationActionsExecutions", + "description": "Grants permission to lists mitigation actions executions for a Device Defender ML Detect Security Profile", + "access_level": "List", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsExecutions.html" + }, + "ListDetectMitigationActionsTasks": { + "privilege": "ListDetectMitigationActionsTasks", + "description": "Grants permission to list Device Defender ML Detect mitigation actions tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsTasks.html" + }, + "ListDimensions": { + "privilege": "ListDimensions", + "description": "Grants permission to list the dimensions that are defined for your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDimensions.html" + }, + "ListDomainConfigurations": { + "privilege": "ListDomainConfigurations", + "description": "Grants permission to list the domain configuration created by your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListDomainConfigurations.html" + }, + "ListFleetMetrics": { + "privilege": "ListFleetMetrics", + "description": "Grants permission to list the fleet metrics in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListFleetMetrics.html" + }, + "ListIndices": { + "privilege": "ListIndices", + "description": "Grants permission to list all indices for fleet index", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListIndices.html" + }, + "ListJobExecutionsForJob": { + "privilege": "ListJobExecutionsForJob", + "description": "Grants permission to list the job executions for a job", + "access_level": "List", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForJob.html" + }, + "ListJobExecutionsForThing": { + "privilege": "ListJobExecutionsForThing", + "description": "Grants permission to list the job executions for the specified thing", + "access_level": "List", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForThing.html" + }, + "ListJobTemplates": { + "privilege": "ListJobTemplates", + "description": "Grants permission to list job templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobTemplates.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobs.html" + }, + "ListManagedJobTemplates": { + "privilege": "ListManagedJobTemplates", + "description": "Grants permission to list managed job templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListManagedJobTemplates.html" + }, + "ListMetricValues": { + "privilege": "ListMetricValues", + "description": "Grants permissions to list the metric values for a thing based on the metricName, and dimension if specified", + "access_level": "List", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListMetricValues.html" + }, + "ListMitigationActions": { + "privilege": "ListMitigationActions", + "description": "Grants permission to get a list of all mitigation actions that match the specified filter criteria", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListMitigationActions.html" + }, + "ListNamedShadowsForThing": { + "privilege": "ListNamedShadowsForThing", + "description": "Grants permission to list all named shadows for a given thing", + "access_level": "List", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListNamedShadowsForThing.html" + }, + "ListOTAUpdates": { + "privilege": "ListOTAUpdates", + "description": "Grants permission to list OTA update jobs in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListOTAUpdates.html" + }, + "ListOutgoingCertificates": { + "privilege": "ListOutgoingCertificates", + "description": "Grants permission to list certificates that are being transfered but not yet accepted", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListOutgoingCertificates.html" + }, + "ListPackageVersions": { + "privilege": "ListPackageVersions", + "description": "Grants permission to list versions for a package in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackageVersions.html" + }, + "ListPackages": { + "privilege": "ListPackages", + "description": "Grants permission to list packages in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackages.html" + }, + "ListPolicies": { + "privilege": "ListPolicies", + "description": "Grants permission to list your policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicies.html" + }, + "ListPolicyPrincipals": { + "privilege": "ListPolicyPrincipals", + "description": "Grants permission to list the principals associated with the specified policy", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyPrincipals.html" + }, + "ListPolicyVersions": { + "privilege": "ListPolicyVersions", + "description": "Grants permission to list the versions of the specified policy, and identifies the default version", + "access_level": "List", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyVersions.html" + }, + "ListPrincipalPolicies": { + "privilege": "ListPrincipalPolicies", + "description": "Grants permission to list the policies attached to the specified principal. If you use an Amazon Cognito identity, the ID needs to be in Amazon Cognito Identity format", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalPolicies.html" + }, + "ListPrincipalThings": { + "privilege": "ListPrincipalThings", + "description": "Grants permission to list the things associated with the specified principal", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalThings.html" + }, + "ListProvisioningTemplateVersions": { + "privilege": "ListProvisioningTemplateVersions", + "description": "Grants permission to get a list of fleet provisioning template versions", + "access_level": "List", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplateVersions.html" + }, + "ListProvisioningTemplates": { + "privilege": "ListProvisioningTemplates", + "description": "Grants permission to list the fleet provisioning templates in your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplates.html" + }, + "ListRelatedResourcesForAuditFinding": { + "privilege": "ListRelatedResourcesForAuditFinding", + "description": "Grants permission to list related resources for a single audit finding", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListRelatedResourcesForAuditFinding.html" + }, + "ListRetainedMessages": { + "privilege": "ListRetainedMessages", + "description": "Grants permission to list the retained messages for your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "ListRoleAliases": { + "privilege": "ListRoleAliases", + "description": "Grants permission to list role aliases", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListRoleAliases.html" + }, + "ListScheduledAudits": { + "privilege": "ListScheduledAudits", + "description": "Grants permission to list all of your scheduled audits", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListScheduledAudits.html" + }, + "ListSecurityProfiles": { + "privilege": "ListSecurityProfiles", + "description": "Grants permission to list the Device Defender security profiles you have created", + "access_level": "List", + "resource_types": { + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custommetric": "custommetric", + "dimension": "dimension" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfiles.html" + }, + "ListSecurityProfilesForTarget": { + "privilege": "ListSecurityProfilesForTarget", + "description": "Grants permission to list the Device Defender security profiles attached to a target", + "access_level": "List", + "resource_types": { + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfilesForTarget.html" + }, + "ListStreams": { + "privilege": "ListStreams", + "description": "Grants permission to list the streams in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListStreams.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for a given resource", + "access_level": "Read", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "billinggroup": { + "resource_type": "billinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cacert": { + "resource_type": "cacert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "domainconfiguration": { + "resource_type": "domainconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dynamicthinggroup": { + "resource_type": "dynamicthinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleetmetric": { + "resource_type": "fleetmetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobtemplate": { + "resource_type": "jobtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mitigationaction": { + "resource_type": "mitigationaction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "otaupdate": { + "resource_type": "otaupdate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rolealias": { + "resource_type": "rolealias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduledaudit": { + "resource_type": "scheduledaudit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securityprofile": { + "resource_type": "securityprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thingtype": { + "resource_type": "thingtype", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer", + "billinggroup": "billinggroup", + "cacert": "cacert", + "custommetric": "custommetric", + "dimension": "dimension", + "domainconfiguration": "domainconfiguration", + "dynamicthinggroup": "dynamicthinggroup", + "fleetmetric": "fleetmetric", + "job": "job", + "jobtemplate": "jobtemplate", + "mitigationaction": "mitigationaction", + "otaupdate": "otaupdate", + "policy": "policy", + "provisioningtemplate": "provisioningtemplate", + "rolealias": "rolealias", + "rule": "rule", + "scheduledaudit": "scheduledaudit", + "securityprofile": "securityprofile", + "stream": "stream", + "thinggroup": "thinggroup", + "thingtype": "thingtype" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTagsForResource.html" + }, + "ListTargetsForPolicy": { + "privilege": "ListTargetsForPolicy", + "description": "Grants permission to list targets for the specified policy", + "access_level": "List", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForPolicy.html" + }, + "ListTargetsForSecurityProfile": { + "privilege": "ListTargetsForSecurityProfile", + "description": "Grants permission to list the targets associated with a given Device Defender security profile", + "access_level": "List", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForSecurityProfile.html" + }, + "ListThingGroups": { + "privilege": "ListThingGroups", + "description": "Grants permission to list all thing groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroups.html" + }, + "ListThingGroupsForThing": { + "privilege": "ListThingGroupsForThing", + "description": "Grants permission to list thing groups to which the specified thing belongs", + "access_level": "List", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroupsForThing.html" + }, + "ListThingPrincipals": { + "privilege": "ListThingPrincipals", + "description": "Grants permission to list the principals associated with the specified thing", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingPrincipals.html" + }, + "ListThingRegistrationTaskReports": { + "privilege": "ListThingRegistrationTaskReports", + "description": "Grants permission to list information about bulk thing registration tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTaskReports.html" + }, + "ListThingRegistrationTasks": { + "privilege": "ListThingRegistrationTasks", + "description": "Grants permission to list bulk thing registration tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTasks.html" + }, + "ListThingTypes": { + "privilege": "ListThingTypes", + "description": "Grants permission to list all thing types", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingTypes.html" + }, + "ListThings": { + "privilege": "ListThings", + "description": "Grants permission to list all things", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThings.html" + }, + "ListThingsInBillingGroup": { + "privilege": "ListThingsInBillingGroup", + "description": "Grants permission to list all things in the specified billing group", + "access_level": "List", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInBillingGroup.html" + }, + "ListThingsInThingGroup": { + "privilege": "ListThingsInThingGroup", + "description": "Grants permission to list all things in the specified thing group", + "access_level": "List", + "resource_types": { + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInThingGroup.html" + }, + "ListTopicRuleDestinations": { + "privilege": "ListTopicRuleDestinations", + "description": "Grants permission to list all TopicRuleDestinations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRuleDestinations.html" + }, + "ListTopicRules": { + "privilege": "ListTopicRules", + "description": "Grants permission to list the rules for the specific topic", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRules.html" + }, + "ListTunnels": { + "privilege": "ListTunnels", + "description": "Grants permission to list tunnels", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_ListTunnels.html" + }, + "ListV2LoggingLevels": { + "privilege": "ListV2LoggingLevels", + "description": "Grants permission to list the v2 logging levels", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListV2LoggingLevels.html" + }, + "ListViolationEvents": { + "privilege": "ListViolationEvents", + "description": "Grants permission to list the Device Defender security profile violations discovered during the given time period", + "access_level": "List", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListViolationEvents.html" + }, + "OpenTunnel": { + "privilege": "OpenTunnel", + "description": "Grants permission to open a tunnel", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "iot:ThingGroupArn", + "iot:TunnelDestinationService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_OpenTunnel.html" + }, + "Publish": { + "privilege": "Publish", + "description": "Grants permission to publish to the specified topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "PutVerificationStateOnViolation": { + "privilege": "PutVerificationStateOnViolation", + "description": "Grants permission to put verification state on a violation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_PutVerificationStateOnViolation.html" + }, + "Receive": { + "privilege": "Receive", + "description": "Grants permission to receive from the specified topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "RegisterCACertificate": { + "privilege": "RegisterCACertificate", + "description": "Grants permission to register a CA certificate with AWS IoT", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCACertificate.html" + }, + "RegisterCertificate": { + "privilege": "RegisterCertificate", + "description": "Grants permission to register a device certificate with AWS IoT", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificate.html" + }, + "RegisterCertificateWithoutCA": { + "privilege": "RegisterCertificateWithoutCA", + "description": "Grants permission to register a device certificate with AWS IoT without a registered CA (certificate authority)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificateWithoutCA.html" + }, + "RegisterThing": { + "privilege": "RegisterThing", + "description": "Grants permission to register your thing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterThing.html" + }, + "RejectCertificateTransfer": { + "privilege": "RejectCertificateTransfer", + "description": "Grants permission to reject a pending certificate transfer", + "access_level": "Write", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RejectCertificateTransfer.html" + }, + "RemoveThingFromBillingGroup": { + "privilege": "RemoveThingFromBillingGroup", + "description": "Grants permission to remove thing from the specified billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromBillingGroup.html" + }, + "RemoveThingFromThingGroup": { + "privilege": "RemoveThingFromThingGroup", + "description": "Grants permission to remove thing from the specified thing group", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromThingGroup.html" + }, + "ReplaceTopicRule": { + "privilege": "ReplaceTopicRule", + "description": "Grants permission to replace the specified rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ReplaceTopicRule.html" + }, + "RetainPublish": { + "privilege": "RetainPublish", + "description": "Grants permission to publish a retained message to the specified topic", + "access_level": "Write", + "resource_types": { + "topic": { + "resource_type": "topic", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topic": "topic" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "RotateTunnelAccessToken": { + "privilege": "RotateTunnelAccessToken", + "description": "Grants permission to rotate the access token of a tunnel", + "access_level": "Write", + "resource_types": { + "tunnel": { + "resource_type": "tunnel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iot:ThingGroupArn", + "iot:TunnelDestinationService", + "iot:ClientMode" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tunnel": "tunnel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_RotateTunnelAccessToken.html" + }, + "SearchIndex": { + "privilege": "SearchIndex", + "description": "Grants permission to search IoT fleet index", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SearchIndex.html" + }, + "SetDefaultAuthorizer": { + "privilege": "SetDefaultAuthorizer", + "description": "Grants permission to set the default authorizer. This will be used if a websocket connection is made without specifying an authorizer", + "access_level": "Permissions management", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultAuthorizer.html" + }, + "SetDefaultPolicyVersion": { + "privilege": "SetDefaultPolicyVersion", + "description": "Grants permission to set the specified version of the specified policy as the policy's default (operative) version", + "access_level": "Permissions management", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultPolicyVersion.html" + }, + "SetLoggingOptions": { + "privilege": "SetLoggingOptions", + "description": "Grants permission to set the logging options", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetLoggingOptions.html" + }, + "SetV2LoggingLevel": { + "privilege": "SetV2LoggingLevel", + "description": "Grants permission to set the v2 logging level", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingLevel.html" + }, + "SetV2LoggingOptions": { + "privilege": "SetV2LoggingOptions", + "description": "Grants permission to set the v2 logging options", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingOptions.html" + }, + "StartAuditMitigationActionsTask": { + "privilege": "StartAuditMitigationActionsTask", + "description": "Grants permission to start a task that applies a set of mitigation actions to the specified target", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartAuditMitigationActionsTask.html" + }, + "StartDetectMitigationActionsTask": { + "privilege": "StartDetectMitigationActionsTask", + "description": "Grants permission to start a Device Defender ML Detect mitigation actions task", + "access_level": "Write", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartDetectMitigationActionsTask.html" + }, + "StartOnDemandAuditTask": { + "privilege": "StartOnDemandAuditTask", + "description": "Grants permission to start an on-demand Device Defender audit", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartOnDemandAuditTask.html" + }, + "StartThingRegistrationTask": { + "privilege": "StartThingRegistrationTask", + "description": "Grants permission to start a bulk thing registration task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StartThingRegistrationTask.html" + }, + "StopThingRegistrationTask": { + "privilege": "StopThingRegistrationTask", + "description": "Grants permission to stop a bulk thing registration task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_StopThingRegistrationTask.html" + }, + "Subscribe": { + "privilege": "Subscribe", + "description": "Grants permission to subscribe to the specified TopicFilter", + "access_level": "Write", + "resource_types": { + "topicfilter": { + "resource_type": "topicfilter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "topicfilter": "topicfilter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a specified resource", + "access_level": "Tagging", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "billinggroup": { + "resource_type": "billinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cacert": { + "resource_type": "cacert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "domainconfiguration": { + "resource_type": "domainconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dynamicthinggroup": { + "resource_type": "dynamicthinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleetmetric": { + "resource_type": "fleetmetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobtemplate": { + "resource_type": "jobtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mitigationaction": { + "resource_type": "mitigationaction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "otaupdate": { + "resource_type": "otaupdate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "package": { + "resource_type": "package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packageversion": { + "resource_type": "packageversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rolealias": { + "resource_type": "rolealias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduledaudit": { + "resource_type": "scheduledaudit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securityprofile": { + "resource_type": "securityprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thingtype": { + "resource_type": "thingtype", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer", + "billinggroup": "billinggroup", + "cacert": "cacert", + "custommetric": "custommetric", + "dimension": "dimension", + "domainconfiguration": "domainconfiguration", + "dynamicthinggroup": "dynamicthinggroup", + "fleetmetric": "fleetmetric", + "job": "job", + "jobtemplate": "jobtemplate", + "mitigationaction": "mitigationaction", + "otaupdate": "otaupdate", + "package": "package", + "packageversion": "packageversion", + "policy": "policy", + "provisioningtemplate": "provisioningtemplate", + "rolealias": "rolealias", + "rule": "rule", + "scheduledaudit": "scheduledaudit", + "securityprofile": "securityprofile", + "stream": "stream", + "thinggroup": "thinggroup", + "thingtype": "thingtype", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TagResource.html" + }, + "TestAuthorization": { + "privilege": "TestAuthorization", + "description": "Grants permission to test the policies evaluation for group policies", + "access_level": "Read", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TestAuthorization.html" + }, + "TestInvokeAuthorizer": { + "privilege": "TestInvokeAuthorizer", + "description": "Grants permission to test invoke the specified custom authorizer for testing purposes", + "access_level": "Read", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TestInvokeAuthorizer.html" + }, + "TransferCertificate": { + "privilege": "TransferCertificate", + "description": "Grants permission to transfer the specified certificate to the specified AWS account", + "access_level": "Write", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_TransferCertificate.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a specified resource", + "access_level": "Tagging", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "billinggroup": { + "resource_type": "billinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "cacert": { + "resource_type": "cacert", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "domainconfiguration": { + "resource_type": "domainconfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dynamicthinggroup": { + "resource_type": "dynamicthinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleetmetric": { + "resource_type": "fleetmetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "job": { + "resource_type": "job", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "jobtemplate": { + "resource_type": "jobtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "mitigationaction": { + "resource_type": "mitigationaction", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "otaupdate": { + "resource_type": "otaupdate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "package": { + "resource_type": "package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "packageversion": { + "resource_type": "packageversion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rolealias": { + "resource_type": "rolealias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scheduledaudit": { + "resource_type": "scheduledaudit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "securityprofile": { + "resource_type": "securityprofile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "stream": { + "resource_type": "stream", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "thingtype": { + "resource_type": "thingtype", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer", + "billinggroup": "billinggroup", + "cacert": "cacert", + "custommetric": "custommetric", + "dimension": "dimension", + "domainconfiguration": "domainconfiguration", + "dynamicthinggroup": "dynamicthinggroup", + "fleetmetric": "fleetmetric", + "job": "job", + "jobtemplate": "jobtemplate", + "mitigationaction": "mitigationaction", + "otaupdate": "otaupdate", + "package": "package", + "packageversion": "packageversion", + "policy": "policy", + "provisioningtemplate": "provisioningtemplate", + "rolealias": "rolealias", + "rule": "rule", + "scheduledaudit": "scheduledaudit", + "securityprofile": "securityprofile", + "stream": "stream", + "thinggroup": "thinggroup", + "thingtype": "thingtype", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UntagResource.html" + }, + "UpdateAccountAuditConfiguration": { + "privilege": "UpdateAccountAuditConfiguration", + "description": "Grants permission to configure or reconfigure the Device Defender audit settings for this account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAccountAuditConfiguration.html" + }, + "UpdateAuditSuppression": { + "privilege": "UpdateAuditSuppression", + "description": "Grants permission to update a Device Defender audit suppression", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuditSuppression.html" + }, + "UpdateAuthorizer": { + "privilege": "UpdateAuthorizer", + "description": "Grants permission to update an authorizer", + "access_level": "Write", + "resource_types": { + "authorizer": { + "resource_type": "authorizer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "authorizer": "authorizer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuthorizer.html" + }, + "UpdateBillingGroup": { + "privilege": "UpdateBillingGroup", + "description": "Grants permission to update information associated with the specified billing group", + "access_level": "Write", + "resource_types": { + "billinggroup": { + "resource_type": "billinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "billinggroup": "billinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateBillingGroup.html" + }, + "UpdateCACertificate": { + "privilege": "UpdateCACertificate", + "description": "Grants permission to update a registered CA certificate", + "access_level": "Write", + "resource_types": { + "cacert": { + "resource_type": "cacert", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "cacert": "cacert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCACertificate.html" + }, + "UpdateCertificate": { + "privilege": "UpdateCertificate", + "description": "Grants permission to update the status of the specified certificate. This operation is idempotent", + "access_level": "Write", + "resource_types": { + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificate.html" + }, + "UpdateCustomMetric": { + "privilege": "UpdateCustomMetric", + "description": "Grants permission to update the specified custom metric", + "access_level": "Write", + "resource_types": { + "custommetric": { + "resource_type": "custommetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "custommetric": "custommetric" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCustomMetric.html" + }, + "UpdateDimension": { + "privilege": "UpdateDimension", + "description": "Grants permission to update the definition for a dimension", + "access_level": "Write", + "resource_types": { + "dimension": { + "resource_type": "dimension", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dimension": "dimension" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDimension.html" + }, + "UpdateDomainConfiguration": { + "privilege": "UpdateDomainConfiguration", + "description": "Grants permission to update a domain configuration", + "access_level": "Write", + "resource_types": { + "domainconfiguration": { + "resource_type": "domainconfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "domainconfiguration": "domainconfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDomainConfiguration.html" + }, + "UpdateDynamicThingGroup": { + "privilege": "UpdateDynamicThingGroup", + "description": "Grants permission to update a Dynamic Thing Group", + "access_level": "Write", + "resource_types": { + "dynamicthinggroup": { + "resource_type": "dynamicthinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dynamicthinggroup": "dynamicthinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDynamicThingGroup.html" + }, + "UpdateEventConfigurations": { + "privilege": "UpdateEventConfigurations", + "description": "Grants permission to update event configurations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateEventConfigurations.html" + }, + "UpdateFleetMetric": { + "privilege": "UpdateFleetMetric", + "description": "Grants permission to update a fleet metric", + "access_level": "Write", + "resource_types": { + "fleetmetric": { + "resource_type": "fleetmetric", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleetmetric": "fleetmetric", + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateFleetMetric.html" + }, + "UpdateIndexingConfiguration": { + "privilege": "UpdateIndexingConfiguration", + "description": "Grants permission to update fleet indexing configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateIndexingConfiguration.html" + }, + "UpdateJob": { + "privilege": "UpdateJob", + "description": "Grants permission to update a job", + "access_level": "Write", + "resource_types": { + "job": { + "resource_type": "job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "job": "job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateJob.html" + }, + "UpdateMitigationAction": { + "privilege": "UpdateMitigationAction", + "description": "Grants permission to update the definition for the specified mitigation action", + "access_level": "Write", + "resource_types": { + "mitigationaction": { + "resource_type": "mitigationaction", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "mitigationaction": "mitigationaction" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateMitigationAction.html" + }, + "UpdatePackage": { + "privilege": "UpdatePackage", + "description": "Grants permission to update a package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:GetIndexingConfiguration" + ] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackage.html" + }, + "UpdatePackageConfiguration": { + "privilege": "UpdatePackageConfiguration", + "description": "Grants permission to update the package configuration of the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageConfiguration.html" + }, + "UpdatePackageVersion": { + "privilege": "UpdatePackageVersion", + "description": "Grants permission to update the version of the specified package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:GetIndexingConfiguration" + ] + }, + "packageversion": { + "resource_type": "packageversion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package", + "packageversion": "packageversion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageVersion.html" + }, + "UpdateProvisioningTemplate": { + "privilege": "UpdateProvisioningTemplate", + "description": "Grants permission to update a fleet provisioning template", + "access_level": "Write", + "resource_types": { + "provisioningtemplate": { + "resource_type": "provisioningtemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "provisioningtemplate": "provisioningtemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateProvisioningTemplate.html" + }, + "UpdateRoleAlias": { + "privilege": "UpdateRoleAlias", + "description": "Grants permission to update the role alias", + "access_level": "Write", + "resource_types": { + "rolealias": { + "resource_type": "rolealias", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "rolealias": "rolealias" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateRoleAlias.html" + }, + "UpdateScheduledAudit": { + "privilege": "UpdateScheduledAudit", + "description": "Grants permission to update a scheduled audit, including what checks are performed and how often the audit takes place", + "access_level": "Write", + "resource_types": { + "scheduledaudit": { + "resource_type": "scheduledaudit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scheduledaudit": "scheduledaudit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateScheduledAudit.html" + }, + "UpdateSecurityProfile": { + "privilege": "UpdateSecurityProfile", + "description": "Grants permission to update a Device Defender security profile", + "access_level": "Write", + "resource_types": { + "securityprofile": { + "resource_type": "securityprofile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "custommetric": { + "resource_type": "custommetric", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dimension": { + "resource_type": "dimension", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "securityprofile", + "custommetric": "custommetric", + "dimension": "dimension" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateSecurityProfile.html" + }, + "UpdateStream": { + "privilege": "UpdateStream", + "description": "Grants permission to update the data for a stream", + "access_level": "Write", + "resource_types": { + "stream": { + "resource_type": "stream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stream": "stream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateStream.html" + }, + "UpdateThing": { + "privilege": "UpdateThing", + "description": "Grants permission to update information associated with the specified thing", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThing.html" + }, + "UpdateThingGroup": { + "privilege": "UpdateThingGroup", + "description": "Grants permission to update information associated with the specified thing group", + "access_level": "Write", + "resource_types": { + "thinggroup": { + "resource_type": "thinggroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroup.html" + }, + "UpdateThingGroupsForThing": { + "privilege": "UpdateThingGroupsForThing", + "description": "Grants permission to update the thing groups to which the thing belongs", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "thinggroup": { + "resource_type": "thinggroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing", + "thinggroup": "thinggroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroupsForThing.html" + }, + "UpdateThingShadow": { + "privilege": "UpdateThingShadow", + "description": "Grants permission to update the thing shadow", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html" + }, + "UpdateTopicRuleDestination": { + "privilege": "UpdateTopicRuleDestination", + "description": "Grants permission to update a TopicRuleDestination", + "access_level": "Write", + "resource_types": { + "destination": { + "resource_type": "destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateTopicRuleDestination.html" + }, + "ValidateSecurityProfileBehaviors": { + "privilege": "ValidateSecurityProfileBehaviors", + "description": "Grants permission to validate a Device Defender security profile behaviors specification", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_ValidateSecurityProfileBehaviors.html" + } + }, + "privileges_lower_name": { + "acceptcertificatetransfer": "AcceptCertificateTransfer", + "addthingtobillinggroup": "AddThingToBillingGroup", + "addthingtothinggroup": "AddThingToThingGroup", + "associatetargetswithjob": "AssociateTargetsWithJob", + "attachpolicy": "AttachPolicy", + "attachprincipalpolicy": "AttachPrincipalPolicy", + "attachsecurityprofile": "AttachSecurityProfile", + "attachthingprincipal": "AttachThingPrincipal", + "cancelauditmitigationactionstask": "CancelAuditMitigationActionsTask", + "cancelaudittask": "CancelAuditTask", + "cancelcertificatetransfer": "CancelCertificateTransfer", + "canceldetectmitigationactionstask": "CancelDetectMitigationActionsTask", + "canceljob": "CancelJob", + "canceljobexecution": "CancelJobExecution", + "cleardefaultauthorizer": "ClearDefaultAuthorizer", + "closetunnel": "CloseTunnel", + "confirmtopicruledestination": "ConfirmTopicRuleDestination", + "connect": "Connect", + "createauditsuppression": "CreateAuditSuppression", + "createauthorizer": "CreateAuthorizer", + "createbillinggroup": "CreateBillingGroup", + "createcertificatefromcsr": "CreateCertificateFromCsr", + "createcustommetric": "CreateCustomMetric", + "createdimension": "CreateDimension", + "createdomainconfiguration": "CreateDomainConfiguration", + "createdynamicthinggroup": "CreateDynamicThingGroup", + "createfleetmetric": "CreateFleetMetric", + "createjob": "CreateJob", + "createjobtemplate": "CreateJobTemplate", + "createkeysandcertificate": "CreateKeysAndCertificate", + "createmitigationaction": "CreateMitigationAction", + "createotaupdate": "CreateOTAUpdate", + "createpackage": "CreatePackage", + "createpackageversion": "CreatePackageVersion", + "createpolicy": "CreatePolicy", + "createpolicyversion": "CreatePolicyVersion", + "createprovisioningclaim": "CreateProvisioningClaim", + "createprovisioningtemplate": "CreateProvisioningTemplate", + "createprovisioningtemplateversion": "CreateProvisioningTemplateVersion", + "createrolealias": "CreateRoleAlias", + "createscheduledaudit": "CreateScheduledAudit", + "createsecurityprofile": "CreateSecurityProfile", + "createstream": "CreateStream", + "creatething": "CreateThing", + "createthinggroup": "CreateThingGroup", + "createthingtype": "CreateThingType", + "createtopicrule": "CreateTopicRule", + "createtopicruledestination": "CreateTopicRuleDestination", + "deleteaccountauditconfiguration": "DeleteAccountAuditConfiguration", + "deleteauditsuppression": "DeleteAuditSuppression", + "deleteauthorizer": "DeleteAuthorizer", + "deletebillinggroup": "DeleteBillingGroup", + "deletecacertificate": "DeleteCACertificate", + "deletecertificate": "DeleteCertificate", + "deletecustommetric": "DeleteCustomMetric", + "deletedimension": "DeleteDimension", + "deletedomainconfiguration": "DeleteDomainConfiguration", + "deletedynamicthinggroup": "DeleteDynamicThingGroup", + "deletefleetmetric": "DeleteFleetMetric", + "deletejob": "DeleteJob", + "deletejobexecution": "DeleteJobExecution", + "deletejobtemplate": "DeleteJobTemplate", + "deletemitigationaction": "DeleteMitigationAction", + "deleteotaupdate": "DeleteOTAUpdate", + "deletepackage": "DeletePackage", + "deletepackageversion": "DeletePackageVersion", + "deletepolicy": "DeletePolicy", + "deletepolicyversion": "DeletePolicyVersion", + "deleteprovisioningtemplate": "DeleteProvisioningTemplate", + "deleteprovisioningtemplateversion": "DeleteProvisioningTemplateVersion", + "deleteregistrationcode": "DeleteRegistrationCode", + "deleterolealias": "DeleteRoleAlias", + "deletescheduledaudit": "DeleteScheduledAudit", + "deletesecurityprofile": "DeleteSecurityProfile", + "deletestream": "DeleteStream", + "deletething": "DeleteThing", + "deletethinggroup": "DeleteThingGroup", + "deletethingshadow": "DeleteThingShadow", + "deletethingtype": "DeleteThingType", + "deletetopicrule": "DeleteTopicRule", + "deletetopicruledestination": "DeleteTopicRuleDestination", + "deletev2logginglevel": "DeleteV2LoggingLevel", + "deprecatethingtype": "DeprecateThingType", + "describeaccountauditconfiguration": "DescribeAccountAuditConfiguration", + "describeauditfinding": "DescribeAuditFinding", + "describeauditmitigationactionstask": "DescribeAuditMitigationActionsTask", + "describeauditsuppression": "DescribeAuditSuppression", + "describeaudittask": "DescribeAuditTask", + "describeauthorizer": "DescribeAuthorizer", + "describebillinggroup": "DescribeBillingGroup", + "describecacertificate": "DescribeCACertificate", + "describecertificate": "DescribeCertificate", + "describecustommetric": "DescribeCustomMetric", + "describedefaultauthorizer": "DescribeDefaultAuthorizer", + "describedetectmitigationactionstask": "DescribeDetectMitigationActionsTask", + "describedimension": "DescribeDimension", + "describedomainconfiguration": "DescribeDomainConfiguration", + "describeendpoint": "DescribeEndpoint", + "describeeventconfigurations": "DescribeEventConfigurations", + "describefleetmetric": "DescribeFleetMetric", + "describeindex": "DescribeIndex", + "describejob": "DescribeJob", + "describejobexecution": "DescribeJobExecution", + "describejobtemplate": "DescribeJobTemplate", + "describemanagedjobtemplate": "DescribeManagedJobTemplate", + "describemitigationaction": "DescribeMitigationAction", + "describeprovisioningtemplate": "DescribeProvisioningTemplate", + "describeprovisioningtemplateversion": "DescribeProvisioningTemplateVersion", + "describerolealias": "DescribeRoleAlias", + "describescheduledaudit": "DescribeScheduledAudit", + "describesecurityprofile": "DescribeSecurityProfile", + "describestream": "DescribeStream", + "describething": "DescribeThing", + "describethinggroup": "DescribeThingGroup", + "describethingregistrationtask": "DescribeThingRegistrationTask", + "describethingtype": "DescribeThingType", + "describetunnel": "DescribeTunnel", + "detachpolicy": "DetachPolicy", + "detachprincipalpolicy": "DetachPrincipalPolicy", + "detachsecurityprofile": "DetachSecurityProfile", + "detachthingprincipal": "DetachThingPrincipal", + "disabletopicrule": "DisableTopicRule", + "enabletopicrule": "EnableTopicRule", + "getbehaviormodeltrainingsummaries": "GetBehaviorModelTrainingSummaries", + "getbucketsaggregation": "GetBucketsAggregation", + "getcardinality": "GetCardinality", + "geteffectivepolicies": "GetEffectivePolicies", + "getindexingconfiguration": "GetIndexingConfiguration", + "getjobdocument": "GetJobDocument", + "getloggingoptions": "GetLoggingOptions", + "getotaupdate": "GetOTAUpdate", + "getpackage": "GetPackage", + "getpackageconfiguration": "GetPackageConfiguration", + "getpackageversion": "GetPackageVersion", + "getpercentiles": "GetPercentiles", + "getpolicy": "GetPolicy", + "getpolicyversion": "GetPolicyVersion", + "getregistrationcode": "GetRegistrationCode", + "getretainedmessage": "GetRetainedMessage", + "getstatistics": "GetStatistics", + "getthingshadow": "GetThingShadow", + "gettopicrule": "GetTopicRule", + "gettopicruledestination": "GetTopicRuleDestination", + "getv2loggingoptions": "GetV2LoggingOptions", + "listactiveviolations": "ListActiveViolations", + "listattachedpolicies": "ListAttachedPolicies", + "listauditfindings": "ListAuditFindings", + "listauditmitigationactionsexecutions": "ListAuditMitigationActionsExecutions", + "listauditmitigationactionstasks": "ListAuditMitigationActionsTasks", + "listauditsuppressions": "ListAuditSuppressions", + "listaudittasks": "ListAuditTasks", + "listauthorizers": "ListAuthorizers", + "listbillinggroups": "ListBillingGroups", + "listcacertificates": "ListCACertificates", + "listcertificates": "ListCertificates", + "listcertificatesbyca": "ListCertificatesByCA", + "listcustommetrics": "ListCustomMetrics", + "listdetectmitigationactionsexecutions": "ListDetectMitigationActionsExecutions", + "listdetectmitigationactionstasks": "ListDetectMitigationActionsTasks", + "listdimensions": "ListDimensions", + "listdomainconfigurations": "ListDomainConfigurations", + "listfleetmetrics": "ListFleetMetrics", + "listindices": "ListIndices", + "listjobexecutionsforjob": "ListJobExecutionsForJob", + "listjobexecutionsforthing": "ListJobExecutionsForThing", + "listjobtemplates": "ListJobTemplates", + "listjobs": "ListJobs", + "listmanagedjobtemplates": "ListManagedJobTemplates", + "listmetricvalues": "ListMetricValues", + "listmitigationactions": "ListMitigationActions", + "listnamedshadowsforthing": "ListNamedShadowsForThing", + "listotaupdates": "ListOTAUpdates", + "listoutgoingcertificates": "ListOutgoingCertificates", + "listpackageversions": "ListPackageVersions", + "listpackages": "ListPackages", + "listpolicies": "ListPolicies", + "listpolicyprincipals": "ListPolicyPrincipals", + "listpolicyversions": "ListPolicyVersions", + "listprincipalpolicies": "ListPrincipalPolicies", + "listprincipalthings": "ListPrincipalThings", + "listprovisioningtemplateversions": "ListProvisioningTemplateVersions", + "listprovisioningtemplates": "ListProvisioningTemplates", + "listrelatedresourcesforauditfinding": "ListRelatedResourcesForAuditFinding", + "listretainedmessages": "ListRetainedMessages", + "listrolealiases": "ListRoleAliases", + "listscheduledaudits": "ListScheduledAudits", + "listsecurityprofiles": "ListSecurityProfiles", + "listsecurityprofilesfortarget": "ListSecurityProfilesForTarget", + "liststreams": "ListStreams", + "listtagsforresource": "ListTagsForResource", + "listtargetsforpolicy": "ListTargetsForPolicy", + "listtargetsforsecurityprofile": "ListTargetsForSecurityProfile", + "listthinggroups": "ListThingGroups", + "listthinggroupsforthing": "ListThingGroupsForThing", + "listthingprincipals": "ListThingPrincipals", + "listthingregistrationtaskreports": "ListThingRegistrationTaskReports", + "listthingregistrationtasks": "ListThingRegistrationTasks", + "listthingtypes": "ListThingTypes", + "listthings": "ListThings", + "listthingsinbillinggroup": "ListThingsInBillingGroup", + "listthingsinthinggroup": "ListThingsInThingGroup", + "listtopicruledestinations": "ListTopicRuleDestinations", + "listtopicrules": "ListTopicRules", + "listtunnels": "ListTunnels", + "listv2logginglevels": "ListV2LoggingLevels", + "listviolationevents": "ListViolationEvents", + "opentunnel": "OpenTunnel", + "publish": "Publish", + "putverificationstateonviolation": "PutVerificationStateOnViolation", + "receive": "Receive", + "registercacertificate": "RegisterCACertificate", + "registercertificate": "RegisterCertificate", + "registercertificatewithoutca": "RegisterCertificateWithoutCA", + "registerthing": "RegisterThing", + "rejectcertificatetransfer": "RejectCertificateTransfer", + "removethingfrombillinggroup": "RemoveThingFromBillingGroup", + "removethingfromthinggroup": "RemoveThingFromThingGroup", + "replacetopicrule": "ReplaceTopicRule", + "retainpublish": "RetainPublish", + "rotatetunnelaccesstoken": "RotateTunnelAccessToken", + "searchindex": "SearchIndex", + "setdefaultauthorizer": "SetDefaultAuthorizer", + "setdefaultpolicyversion": "SetDefaultPolicyVersion", + "setloggingoptions": "SetLoggingOptions", + "setv2logginglevel": "SetV2LoggingLevel", + "setv2loggingoptions": "SetV2LoggingOptions", + "startauditmitigationactionstask": "StartAuditMitigationActionsTask", + "startdetectmitigationactionstask": "StartDetectMitigationActionsTask", + "startondemandaudittask": "StartOnDemandAuditTask", + "startthingregistrationtask": "StartThingRegistrationTask", + "stopthingregistrationtask": "StopThingRegistrationTask", + "subscribe": "Subscribe", + "tagresource": "TagResource", + "testauthorization": "TestAuthorization", + "testinvokeauthorizer": "TestInvokeAuthorizer", + "transfercertificate": "TransferCertificate", + "untagresource": "UntagResource", + "updateaccountauditconfiguration": "UpdateAccountAuditConfiguration", + "updateauditsuppression": "UpdateAuditSuppression", + "updateauthorizer": "UpdateAuthorizer", + "updatebillinggroup": "UpdateBillingGroup", + "updatecacertificate": "UpdateCACertificate", + "updatecertificate": "UpdateCertificate", + "updatecustommetric": "UpdateCustomMetric", + "updatedimension": "UpdateDimension", + "updatedomainconfiguration": "UpdateDomainConfiguration", + "updatedynamicthinggroup": "UpdateDynamicThingGroup", + "updateeventconfigurations": "UpdateEventConfigurations", + "updatefleetmetric": "UpdateFleetMetric", + "updateindexingconfiguration": "UpdateIndexingConfiguration", + "updatejob": "UpdateJob", + "updatemitigationaction": "UpdateMitigationAction", + "updatepackage": "UpdatePackage", + "updatepackageconfiguration": "UpdatePackageConfiguration", + "updatepackageversion": "UpdatePackageVersion", + "updateprovisioningtemplate": "UpdateProvisioningTemplate", + "updaterolealias": "UpdateRoleAlias", + "updatescheduledaudit": "UpdateScheduledAudit", + "updatesecurityprofile": "UpdateSecurityProfile", + "updatestream": "UpdateStream", + "updatething": "UpdateThing", + "updatethinggroup": "UpdateThingGroup", + "updatethinggroupsforthing": "UpdateThingGroupsForThing", + "updatethingshadow": "UpdateThingShadow", + "updatetopicruledestination": "UpdateTopicRuleDestination", + "validatesecurityprofilebehaviors": "ValidateSecurityProfileBehaviors" + }, + "resources": { + "client": { + "resource": "client", + "arn": "arn:${Partition}:iot:${Region}:${Account}:client/${ClientId}", + "condition_keys": [] + }, + "index": { + "resource": "index", + "arn": "arn:${Partition}:iot:${Region}:${Account}:index/${IndexName}", + "condition_keys": [] + }, + "fleetmetric": { + "resource": "fleetmetric", + "arn": "arn:${Partition}:iot:${Region}:${Account}:fleetmetric/${FleetMetricName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "job": { + "resource": "job", + "arn": "arn:${Partition}:iot:${Region}:${Account}:job/${JobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "jobtemplate": { + "resource": "jobtemplate", + "arn": "arn:${Partition}:iot:${Region}:${Account}:jobtemplate/${JobTemplateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "tunnel": { + "resource": "tunnel", + "arn": "arn:${Partition}:iot:${Region}:${Account}:tunnel/${TunnelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "thing": { + "resource": "thing", + "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", + "condition_keys": [] + }, + "thinggroup": { + "resource": "thinggroup", + "arn": "arn:${Partition}:iot:${Region}:${Account}:thinggroup/${ThingGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "billinggroup": { + "resource": "billinggroup", + "arn": "arn:${Partition}:iot:${Region}:${Account}:billinggroup/${BillingGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dynamicthinggroup": { + "resource": "dynamicthinggroup", + "arn": "arn:${Partition}:iot:${Region}:${Account}:thinggroup/${ThingGroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "thingtype": { + "resource": "thingtype", + "arn": "arn:${Partition}:iot:${Region}:${Account}:thingtype/${ThingTypeName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "topic": { + "resource": "topic", + "arn": "arn:${Partition}:iot:${Region}:${Account}:topic/${TopicName}", + "condition_keys": [] + }, + "topicfilter": { + "resource": "topicfilter", + "arn": "arn:${Partition}:iot:${Region}:${Account}:topicfilter/${TopicFilter}", + "condition_keys": [] + }, + "rolealias": { + "resource": "rolealias", + "arn": "arn:${Partition}:iot:${Region}:${Account}:rolealias/${RoleAlias}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "authorizer": { + "resource": "authorizer", + "arn": "arn:${Partition}:iot:${Region}:${Account}:authorizer/${AuthorizerName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "policy": { + "resource": "policy", + "arn": "arn:${Partition}:iot:${Region}:${Account}:policy/${PolicyName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "cert": { + "resource": "cert", + "arn": "arn:${Partition}:iot:${Region}:${Account}:cert/${Certificate}", + "condition_keys": [] + }, + "cacert": { + "resource": "cacert", + "arn": "arn:${Partition}:iot:${Region}:${Account}:cacert/${CACertificate}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "stream": { + "resource": "stream", + "arn": "arn:${Partition}:iot:${Region}:${Account}:stream/${StreamId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "otaupdate": { + "resource": "otaupdate", + "arn": "arn:${Partition}:iot:${Region}:${Account}:otaupdate/${OtaUpdateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "scheduledaudit": { + "resource": "scheduledaudit", + "arn": "arn:${Partition}:iot:${Region}:${Account}:scheduledaudit/${ScheduleName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "mitigationaction": { + "resource": "mitigationaction", + "arn": "arn:${Partition}:iot:${Region}:${Account}:mitigationaction/${MitigationActionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "securityprofile": { + "resource": "securityprofile", + "arn": "arn:${Partition}:iot:${Region}:${Account}:securityprofile/${SecurityProfileName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "custommetric": { + "resource": "custommetric", + "arn": "arn:${Partition}:iot:${Region}:${Account}:custommetric/${MetricName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dimension": { + "resource": "dimension", + "arn": "arn:${Partition}:iot:${Region}:${Account}:dimension/${DimensionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "rule": { + "resource": "rule", + "arn": "arn:${Partition}:iot:${Region}:${Account}:rule/${RuleName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "destination": { + "resource": "destination", + "arn": "arn:${Partition}:iot:${Region}:${Account}:destination/${DestinationType}/${Uuid}", + "condition_keys": [] + }, + "provisioningtemplate": { + "resource": "provisioningtemplate", + "arn": "arn:${Partition}:iot:${Region}:${Account}:provisioningtemplate/${ProvisioningTemplate}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "domainconfiguration": { + "resource": "domainconfiguration", + "arn": "arn:${Partition}:iot:${Region}:${Account}:domainconfiguration/${DomainConfigurationName}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "package": { + "resource": "package", + "arn": "arn:${Partition}:iot:${Region}:${Account}:package/${PackageName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "packageversion": { + "resource": "packageversion", + "arn": "arn:${Partition}:iot:${Region}:${Account}:package/${PackageName}/version/${VersionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "client": "client", + "index": "index", + "fleetmetric": "fleetmetric", + "job": "job", + "jobtemplate": "jobtemplate", + "tunnel": "tunnel", + "thing": "thing", + "thinggroup": "thinggroup", + "billinggroup": "billinggroup", + "dynamicthinggroup": "dynamicthinggroup", + "thingtype": "thingtype", + "topic": "topic", + "topicfilter": "topicfilter", + "rolealias": "rolealias", + "authorizer": "authorizer", + "policy": "policy", + "cert": "cert", + "cacert": "cacert", + "stream": "stream", + "otaupdate": "otaupdate", + "scheduledaudit": "scheduledaudit", + "mitigationaction": "mitigationaction", + "securityprofile": "securityprofile", + "custommetric": "custommetric", + "dimension": "dimension", + "rule": "rule", + "destination": "destination", + "provisioningtemplate": "provisioningtemplate", + "domainconfiguration": "domainconfiguration", + "package": "package", + "packageversion": "packageversion" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key that is present in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key component of a tag associated to the IoT resource in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys associated to the IoT resource in the request", + "type": "ArrayOfString" + }, + "iot:ClientMode": { + "condition": "iot:ClientMode", + "description": "Filters access by the mode of the client for IoT Tunnel", + "type": "String" + }, + "iot:Delete": { + "condition": "iot:Delete", + "description": "Filters access by a flag indicating whether or not to also delete an IoT Tunnel immediately when making iot:CloseTunnel request", + "type": "Bool" + }, + "iot:DomainName": { + "condition": "iot:DomainName", + "description": "Filters access by based on the domain name of an IoT DomainConfiguration", + "type": "String" + }, + "iot:ThingGroupArn": { + "condition": "iot:ThingGroupArn", + "description": "Filters access by a list of IoT Thing Group ARNs that the destination IoT Thing belongs to for an IoT Tunnel", + "type": "ArrayOfString" + }, + "iot:TunnelDestinationService": { + "condition": "iot:TunnelDestinationService", + "description": "Filters access by a list of destination services for an IoT Tunnel", + "type": "ArrayOfString" + } + } + }, + "iot1click": { + "service_name": "AWS IoT 1-Click", + "prefix": "iot1click", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot1-click.html", + "privileges": { + "AssociateDeviceWithPlacement": { + "privilege": "AssociateDeviceWithPlacement", + "description": "Grants permission to associate a device to a placement", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_AssociateDeviceWithPlacement.html" + }, + "ClaimDevicesByClaimCode": { + "privilege": "ClaimDevicesByClaimCode", + "description": "Grants permission to claim a batch of devices with a claim code", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/claims-claimcode.html" + }, + "CreatePlacement": { + "privilege": "CreatePlacement", + "description": "Grants permission to create a new placement in a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_CreatePlacement.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a new project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_CreateProject.html" + }, + "DeletePlacement": { + "privilege": "DeletePlacement", + "description": "Grants permission to delete a placement from a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DeletePlacement.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DeleteProject.html" + }, + "DescribeDevice": { + "privilege": "DescribeDevice", + "description": "Grants permission to describe a device", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid.html" + }, + "DescribePlacement": { + "privilege": "DescribePlacement", + "description": "Grants permission to describe a placement", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DescribePlacement.html" + }, + "DescribeProject": { + "privilege": "DescribeProject", + "description": "Grants permission to describe a project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DescribeProject.html" + }, + "DisassociateDeviceFromPlacement": { + "privilege": "DisassociateDeviceFromPlacement", + "description": "Grants permission to disassociate a device from a placement", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DisassociateDeviceFromPlacement.html" + }, + "FinalizeDeviceClaim": { + "privilege": "FinalizeDeviceClaim", + "description": "Grants permission to finalize a device claim", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-finalize-claim.html" + }, + "GetDeviceMethods": { + "privilege": "GetDeviceMethods", + "description": "Grants permission to get available methods of a device", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-methods.html" + }, + "GetDevicesInPlacement": { + "privilege": "GetDevicesInPlacement", + "description": "Grants permission to get devices associated to a placement", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_GetDevicesInPlacement.html" + }, + "InitiateDeviceClaim": { + "privilege": "InitiateDeviceClaim", + "description": "Grants permission to initialize a device claim", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-initiate-claim.html" + }, + "InvokeDeviceMethod": { + "privilege": "InvokeDeviceMethod", + "description": "Grants permission to invoke a device method", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-methods.html" + }, + "ListDeviceEvents": { + "privilege": "ListDeviceEvents", + "description": "Grants permission to list past events published by a device", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-events.html" + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Grants permission to list all devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices.html" + }, + "ListPlacements": { + "privilege": "ListPlacements", + "description": "Grants permission to list placements in a project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_ListPlacements.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list all projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_ListProjects.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists the tags for a resource", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or modify the tags of a resource", + "access_level": "Tagging", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_TagResource.html" + }, + "UnclaimDevice": { + "privilege": "UnclaimDevice", + "description": "Grants permission to unclaim a device", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-unclaim.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the given tags (metadata) from a resource", + "access_level": "Tagging", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_UntagResource.html" + }, + "UpdateDeviceState": { + "privilege": "UpdateDeviceState", + "description": "Grants permission to update device state", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid-state.html" + }, + "UpdatePlacement": { + "privilege": "UpdatePlacement", + "description": "Grants permission to update a placement", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_UpdatePlacement.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Update a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_UpdateProject.html" + } + }, + "privileges_lower_name": { + "associatedevicewithplacement": "AssociateDeviceWithPlacement", + "claimdevicesbyclaimcode": "ClaimDevicesByClaimCode", + "createplacement": "CreatePlacement", + "createproject": "CreateProject", + "deleteplacement": "DeletePlacement", + "deleteproject": "DeleteProject", + "describedevice": "DescribeDevice", + "describeplacement": "DescribePlacement", + "describeproject": "DescribeProject", + "disassociatedevicefromplacement": "DisassociateDeviceFromPlacement", + "finalizedeviceclaim": "FinalizeDeviceClaim", + "getdevicemethods": "GetDeviceMethods", + "getdevicesinplacement": "GetDevicesInPlacement", + "initiatedeviceclaim": "InitiateDeviceClaim", + "invokedevicemethod": "InvokeDeviceMethod", + "listdeviceevents": "ListDeviceEvents", + "listdevices": "ListDevices", + "listplacements": "ListPlacements", + "listprojects": "ListProjects", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "unclaimdevice": "UnclaimDevice", + "untagresource": "UntagResource", + "updatedevicestate": "UpdateDeviceState", + "updateplacement": "UpdatePlacement", + "updateproject": "UpdateProject" + }, + "resources": { + "device": { + "resource": "device", + "arn": "arn:${Partition}:iot1click:${Region}:${Account}:devices/${DeviceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "project": { + "resource": "project", + "arn": "arn:${Partition}:iot1click:${Region}:${Account}:projects/${ProjectName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "device": "device", + "project": "project" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "iotanalytics": { + "service_name": "AWS IoT Analytics", + "prefix": "iotanalytics", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotanalytics.html", + "privileges": { + "BatchPutMessage": { + "privilege": "BatchPutMessage", + "description": "Puts a batch of messages into the specified channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html" + }, + "CancelPipelineReprocessing": { + "privilege": "CancelPipelineReprocessing", + "description": "Cancels reprocessing for the specified pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CancelPipelineReprocessing.html" + }, + "CreateChannel": { + "privilege": "CreateChannel", + "description": "Creates a channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateChannel.html" + }, + "CreateDataset": { + "privilege": "CreateDataset", + "description": "Creates a dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateDataset.html" + }, + "CreateDatasetContent": { + "privilege": "CreateDatasetContent", + "description": "Generates content from the specified dataset (by executing the dataset actions)", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateDatasetContent.html" + }, + "CreateDatastore": { + "privilege": "CreateDatastore", + "description": "Creates a datastore", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreateDatastore.html" + }, + "CreatePipeline": { + "privilege": "CreatePipeline", + "description": "Creates a pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_CreatePipeline.html" + }, + "DeleteChannel": { + "privilege": "DeleteChannel", + "description": "Deletes the specified channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteChannel.html" + }, + "DeleteDataset": { + "privilege": "DeleteDataset", + "description": "Deletes the specified dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteDataset.html" + }, + "DeleteDatasetContent": { + "privilege": "DeleteDatasetContent", + "description": "Deletes the content of the specified dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteDatasetContent.html" + }, + "DeleteDatastore": { + "privilege": "DeleteDatastore", + "description": "Deletes the specified datastore", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeleteDatastore.html" + }, + "DeletePipeline": { + "privilege": "DeletePipeline", + "description": "Deletes the specified pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeletePipeline.html" + }, + "DescribeChannel": { + "privilege": "DescribeChannel", + "description": "Describes the specified channel", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeChannel.html" + }, + "DescribeDataset": { + "privilege": "DescribeDataset", + "description": "Describes the specified dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeDataset.html" + }, + "DescribeDatastore": { + "privilege": "DescribeDatastore", + "description": "Describes the specified datastore", + "access_level": "Read", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeDatastore.html" + }, + "DescribeLoggingOptions": { + "privilege": "DescribeLoggingOptions", + "description": "Describes logging options for the the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribeLoggingOptions.html" + }, + "DescribePipeline": { + "privilege": "DescribePipeline", + "description": "Describes the specified pipeline", + "access_level": "Read", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DescribePipeline.html" + }, + "GetDatasetContent": { + "privilege": "GetDatasetContent", + "description": "Gets the content of the specified dataset", + "access_level": "Read", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_GetDatasetContent.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Lists the channels for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListChannels.html" + }, + "ListDatasetContents": { + "privilege": "ListDatasetContents", + "description": "Lists information about dataset contents that have been created", + "access_level": "List", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListDatasetContents.html" + }, + "ListDatasets": { + "privilege": "ListDatasets", + "description": "Lists the datasets for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListDatasets.html" + }, + "ListDatastores": { + "privilege": "ListDatastores", + "description": "Lists the datastores for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListDatastores.html" + }, + "ListPipelines": { + "privilege": "ListPipelines", + "description": "Lists the pipelines for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListPipelines.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Lists the tags (metadata) which you have assigned to the resource", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "dataset": "dataset", + "datastore": "datastore", + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_ListTagsForResource.html" + }, + "PutLoggingOptions": { + "privilege": "PutLoggingOptions", + "description": "Puts logging options for the the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_PutLoggingOptions.html" + }, + "RunPipelineActivity": { + "privilege": "RunPipelineActivity", + "description": "Runs the specified pipeline activity", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_RunPipelineActivity.html" + }, + "SampleChannelData": { + "privilege": "SampleChannelData", + "description": "Samples the specified channel's data", + "access_level": "Read", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_SampleChannelData.html" + }, + "StartPipelineReprocessing": { + "privilege": "StartPipelineReprocessing", + "description": "Starts reprocessing for the specified pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_StartPipelineReprocessing.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Adds to or modifies the tags of the given resource. Tags are metadata which can be used to manage a resource", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "dataset": "dataset", + "datastore": "datastore", + "pipeline": "pipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Removes the given tags (metadata) from the resource", + "access_level": "Tagging", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dataset": { + "resource_type": "dataset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "datastore": { + "resource_type": "datastore", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "pipeline": { + "resource_type": "pipeline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel", + "dataset": "dataset", + "datastore": "datastore", + "pipeline": "pipeline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UntagResource.html" + }, + "UpdateChannel": { + "privilege": "UpdateChannel", + "description": "Updates the specified channel", + "access_level": "Write", + "resource_types": { + "channel": { + "resource_type": "channel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "channel": "channel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdateChannel.html" + }, + "UpdateDataset": { + "privilege": "UpdateDataset", + "description": "Updates the specified dataset", + "access_level": "Write", + "resource_types": { + "dataset": { + "resource_type": "dataset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dataset": "dataset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdateDataset.html" + }, + "UpdateDatastore": { + "privilege": "UpdateDatastore", + "description": "Updates the specified datastore", + "access_level": "Write", + "resource_types": { + "datastore": { + "resource_type": "datastore", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datastore": "datastore" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdateDatastore.html" + }, + "UpdatePipeline": { + "privilege": "UpdatePipeline", + "description": "Updates the specified pipeline", + "access_level": "Write", + "resource_types": { + "pipeline": { + "resource_type": "pipeline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "pipeline": "pipeline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_UpdatePipeline.html" + } + }, + "privileges_lower_name": { + "batchputmessage": "BatchPutMessage", + "cancelpipelinereprocessing": "CancelPipelineReprocessing", + "createchannel": "CreateChannel", + "createdataset": "CreateDataset", + "createdatasetcontent": "CreateDatasetContent", + "createdatastore": "CreateDatastore", + "createpipeline": "CreatePipeline", + "deletechannel": "DeleteChannel", + "deletedataset": "DeleteDataset", + "deletedatasetcontent": "DeleteDatasetContent", + "deletedatastore": "DeleteDatastore", + "deletepipeline": "DeletePipeline", + "describechannel": "DescribeChannel", + "describedataset": "DescribeDataset", + "describedatastore": "DescribeDatastore", + "describeloggingoptions": "DescribeLoggingOptions", + "describepipeline": "DescribePipeline", + "getdatasetcontent": "GetDatasetContent", + "listchannels": "ListChannels", + "listdatasetcontents": "ListDatasetContents", + "listdatasets": "ListDatasets", + "listdatastores": "ListDatastores", + "listpipelines": "ListPipelines", + "listtagsforresource": "ListTagsForResource", + "putloggingoptions": "PutLoggingOptions", + "runpipelineactivity": "RunPipelineActivity", + "samplechanneldata": "SampleChannelData", + "startpipelinereprocessing": "StartPipelineReprocessing", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatechannel": "UpdateChannel", + "updatedataset": "UpdateDataset", + "updatedatastore": "UpdateDatastore", + "updatepipeline": "UpdatePipeline" + }, + "resources": { + "channel": { + "resource": "channel", + "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:channel/${ChannelName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "iotanalytics:ResourceTag/${TagKey}" + ] + }, + "dataset": { + "resource": "dataset", + "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:dataset/${DatasetName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "iotanalytics:ResourceTag/${TagKey}" + ] + }, + "datastore": { + "resource": "datastore", + "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:datastore/${DatastoreName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "iotanalytics:ResourceTag/${TagKey}" + ] + }, + "pipeline": { + "resource": "pipeline", + "arn": "arn:${Partition}:iotanalytics:${Region}:${Account}:pipeline/${PipelineName}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "iotanalytics:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "channel": "channel", + "dataset": "dataset", + "datastore": "datastore", + "pipeline": "pipeline" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "iotanalytics:ResourceTag/${TagKey}": { + "condition": "iotanalytics:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + } + } + }, + "iotdeviceadvisor": { + "service_name": "AWS IoT Core Device Advisor", + "prefix": "iotdeviceadvisor", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotcoredeviceadvisor.html", + "privileges": { + "CreateSuiteDefinition": { + "privilege": "CreateSuiteDefinition", + "description": "Grants permission to create a suite definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_CreateSuiteDefinition.html" + }, + "DeleteSuiteDefinition": { + "privilege": "DeleteSuiteDefinition", + "description": "Grants permission to delete a suite definition", + "access_level": "Write", + "resource_types": { + "Suitedefinition": { + "resource_type": "Suitedefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suitedefinition": "Suitedefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeleteSuiteDefinition.html" + }, + "GetEndpoint": { + "privilege": "GetEndpoint", + "description": "Grants permission to get a Device Advisor endpoint", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetEndpoint.html" + }, + "GetSuiteDefinition": { + "privilege": "GetSuiteDefinition", + "description": "Grants permission to get a suite definition", + "access_level": "Read", + "resource_types": { + "Suitedefinition": { + "resource_type": "Suitedefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suitedefinition": "Suitedefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetSuiteDefinition.html" + }, + "GetSuiteRun": { + "privilege": "GetSuiteRun", + "description": "Grants permission to get a suite run", + "access_level": "Read", + "resource_types": { + "Suiterun": { + "resource_type": "Suiterun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suiterun": "Suiterun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetSuiteRun.html" + }, + "GetSuiteRunReport": { + "privilege": "GetSuiteRunReport", + "description": "Grants permission to get the qualification report for a suite run", + "access_level": "Read", + "resource_types": { + "Suiterun": { + "resource_type": "Suiterun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suiterun": "Suiterun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_GetSuiteRunReport.html" + }, + "ListSuiteDefinitions": { + "privilege": "ListSuiteDefinitions", + "description": "Grants permission to list suite definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_ListSuiteDefinitions.html" + }, + "ListSuiteRuns": { + "privilege": "ListSuiteRuns", + "description": "Grants permission to list suite runs", + "access_level": "List", + "resource_types": { + "Suitedefinition": { + "resource_type": "Suitedefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suitedefinition": "Suitedefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_ListSuiteRuns.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags (metadata) assigned to a resource", + "access_level": "Read", + "resource_types": { + "Suitedefinition": { + "resource_type": "Suitedefinition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Suiterun": { + "resource_type": "Suiterun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suitedefinition": "Suitedefinition", + "suiterun": "Suiterun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_ListTagsForResource.html" + }, + "StartSuiteRun": { + "privilege": "StartSuiteRun", + "description": "Grants permission to start a suite run", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_StartSuiteRun.html" + }, + "StopSuiteRun": { + "privilege": "StopSuiteRun", + "description": "Grants permission to stop a suite run", + "access_level": "Write", + "resource_types": { + "Suiterun": { + "resource_type": "Suiterun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suiterun": "Suiterun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_StopSuiteRun.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add to or modify the tags of the given resource. Tags are metadata which can be used to manage a resource", + "access_level": "Tagging", + "resource_types": { + "Suitedefinition": { + "resource_type": "Suitedefinition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Suiterun": { + "resource_type": "Suiterun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suitedefinition": "Suitedefinition", + "suiterun": "Suiterun", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the given tags (metadata) from a resource", + "access_level": "Tagging", + "resource_types": { + "Suitedefinition": { + "resource_type": "Suitedefinition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Suiterun": { + "resource_type": "Suiterun", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suitedefinition": "Suitedefinition", + "suiterun": "Suiterun", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_UntagResource.html" + }, + "UpdateSuiteDefinition": { + "privilege": "UpdateSuiteDefinition", + "description": "Grants permission to update a suite definition", + "access_level": "Write", + "resource_types": { + "Suitedefinition": { + "resource_type": "Suitedefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "suitedefinition": "Suitedefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_UpdateSuiteDefinition.html" + } + }, + "privileges_lower_name": { + "createsuitedefinition": "CreateSuiteDefinition", + "deletesuitedefinition": "DeleteSuiteDefinition", + "getendpoint": "GetEndpoint", + "getsuitedefinition": "GetSuiteDefinition", + "getsuiterun": "GetSuiteRun", + "getsuiterunreport": "GetSuiteRunReport", + "listsuitedefinitions": "ListSuiteDefinitions", + "listsuiteruns": "ListSuiteRuns", + "listtagsforresource": "ListTagsForResource", + "startsuiterun": "StartSuiteRun", + "stopsuiterun": "StopSuiteRun", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatesuitedefinition": "UpdateSuiteDefinition" + }, + "resources": { + "Suitedefinition": { + "resource": "Suitedefinition", + "arn": "arn:${Partition}:iotdeviceadvisor:${Region}:${Account}:suitedefinition/${SuiteDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Suiterun": { + "resource": "Suiterun", + "arn": "arn:${Partition}:iotdeviceadvisor:${Region}:${Account}:suiterun/${SuiteDefinitionId}/${SuiteRunId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "suitedefinition": "Suitedefinition", + "suiterun": "Suiterun" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "iotwireless": { + "service_name": "AWS IoT Core for LoRaWAN", + "prefix": "iotwireless", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotcoreforlorawan.html", + "privileges": { + "AssociateAwsAccountWithPartnerAccount": { + "privilege": "AssociateAwsAccountWithPartnerAccount", + "description": "Grants permission to link partner accounts with AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateAwsAccountWithPartnerAccount.html" + }, + "AssociateMulticastGroupWithFuotaTask": { + "privilege": "AssociateMulticastGroupWithFuotaTask", + "description": "Grants permission to associate the MulticastGroup with FuotaTask", + "access_level": "Write", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask", + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateMulticastGroupWithFuotaTask.html" + }, + "AssociateWirelessDeviceWithFuotaTask": { + "privilege": "AssociateWirelessDeviceWithFuotaTask", + "description": "Grants permission to associate the wireless device with FuotaTask", + "access_level": "Write", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask", + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessDeviceWithFuotaTask.html" + }, + "AssociateWirelessDeviceWithMulticastGroup": { + "privilege": "AssociateWirelessDeviceWithMulticastGroup", + "description": "Grants permission to associate the WirelessDevice with MulticastGroup", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup", + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessDeviceWithMulticastGroup.html" + }, + "AssociateWirelessDeviceWithThing": { + "privilege": "AssociateWirelessDeviceWithThing", + "description": "Grants permission to associate the wireless device with AWS IoT thing for a given wirelessDeviceId", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeThing" + ] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessDeviceWithThing.html" + }, + "AssociateWirelessGatewayWithCertificate": { + "privilege": "AssociateWirelessGatewayWithCertificate", + "description": "Grants permission to associate a WirelessGateway with the IoT Core Identity certificate", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway", + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessGatewayWithCertificate.html" + }, + "AssociateWirelessGatewayWithThing": { + "privilege": "AssociateWirelessGatewayWithThing", + "description": "Grants permission to associate the wireless gateway with AWS IoT thing for a given wirelessGatewayId", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeThing" + ] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessGatewayWithThing.html" + }, + "CancelMulticastGroupSession": { + "privilege": "CancelMulticastGroupSession", + "description": "Grants permission to cancel the MulticastGroup session", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CancelMulticastGroupSession.html" + }, + "CreateDestination": { + "privilege": "CreateDestination", + "description": "Grants permission to create a Destination resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateDestination.html" + }, + "CreateDeviceProfile": { + "privilege": "CreateDeviceProfile", + "description": "Grants permission to create a DeviceProfile resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateDeviceProfile.html" + }, + "CreateFuotaTask": { + "privilege": "CreateFuotaTask", + "description": "Grants permission to create a FuotaTask resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateFuotaTask.html" + }, + "CreateMulticastGroup": { + "privilege": "CreateMulticastGroup", + "description": "Grants permission to create a MulticastGroup resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateMulticastGroup.html" + }, + "CreateNetworkAnalyzerConfiguration": { + "privilege": "CreateNetworkAnalyzerConfiguration", + "description": "Grants permission to create a NetworkAnalyzerConfiguration resource", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup", + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateNetworkAnalyzerConfiguration.html" + }, + "CreateServiceProfile": { + "privilege": "CreateServiceProfile", + "description": "Grants permission to create a ServiceProfile resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateServiceProfile.html" + }, + "CreateWirelessDevice": { + "privilege": "CreateWirelessDevice", + "description": "Grants permission to create a WirelessDevice resource with given Destination", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessDevice.html" + }, + "CreateWirelessGateway": { + "privilege": "CreateWirelessGateway", + "description": "Grants permission to create a WirelessGateway resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessGateway.html" + }, + "CreateWirelessGatewayTask": { + "privilege": "CreateWirelessGatewayTask", + "description": "Grants permission to create a task for a given WirelessGateway", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessGatewayTask.html" + }, + "CreateWirelessGatewayTaskDefinition": { + "privilege": "CreateWirelessGatewayTaskDefinition", + "description": "Grants permission to create a WirelessGateway task definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_CreateWirelessGatewayTaskDefinition.html" + }, + "DeleteDestination": { + "privilege": "DeleteDestination", + "description": "Grants permission to delete a Destination", + "access_level": "Write", + "resource_types": { + "Destination": { + "resource_type": "Destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "Destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteDestination.html" + }, + "DeleteDeviceProfile": { + "privilege": "DeleteDeviceProfile", + "description": "Grants permission to delete a DeviceProfile", + "access_level": "Write", + "resource_types": { + "DeviceProfile": { + "resource_type": "DeviceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deviceprofile": "DeviceProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteDeviceProfile.html" + }, + "DeleteFuotaTask": { + "privilege": "DeleteFuotaTask", + "description": "Grants permission to delete the FuotaTask", + "access_level": "Write", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteFuotaTask.html" + }, + "DeleteMulticastGroup": { + "privilege": "DeleteMulticastGroup", + "description": "Grants permission to delete the MulticastGroup", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteMulticastGroup.html" + }, + "DeleteNetworkAnalyzerConfiguration": { + "privilege": "DeleteNetworkAnalyzerConfiguration", + "description": "Grants permission to delete the NetworkAnalyzerConfiguration", + "access_level": "Write", + "resource_types": { + "NetworkAnalyzerConfiguration": { + "resource_type": "NetworkAnalyzerConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteNetworkAnalyzerConfiguration.html" + }, + "DeleteQueuedMessages": { + "privilege": "DeleteQueuedMessages", + "description": "Grants permission to delete QueuedMessages", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteQueuedMessages.html" + }, + "DeleteServiceProfile": { + "privilege": "DeleteServiceProfile", + "description": "Grants permission to delete a ServiceProfile", + "access_level": "Write", + "resource_types": { + "ServiceProfile": { + "resource_type": "ServiceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "serviceprofile": "ServiceProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteServiceProfile.html" + }, + "DeleteWirelessDevice": { + "privilege": "DeleteWirelessDevice", + "description": "Grants permission to delete a WirelessDevice", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessDevice.html" + }, + "DeleteWirelessGateway": { + "privilege": "DeleteWirelessGateway", + "description": "Grants permission to delete a WirelessGateway", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessGateway.html" + }, + "DeleteWirelessGatewayTask": { + "privilege": "DeleteWirelessGatewayTask", + "description": "Grants permission to delete task for a given WirelessGateway", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessGatewayTask.html" + }, + "DeleteWirelessGatewayTaskDefinition": { + "privilege": "DeleteWirelessGatewayTaskDefinition", + "description": "Grants permission to delete a WirelessGateway task definition", + "access_level": "Write", + "resource_types": { + "WirelessGatewayTaskDefinition": { + "resource_type": "WirelessGatewayTaskDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgatewaytaskdefinition": "WirelessGatewayTaskDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessGatewayTaskDefinition.html" + }, + "DisassociateAwsAccountFromPartnerAccount": { + "privilege": "DisassociateAwsAccountFromPartnerAccount", + "description": "Grants permission to disassociate an AWS account from a partner account", + "access_level": "Write", + "resource_types": { + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sidewalkaccount": "SidewalkAccount" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateAwsAccountFromPartnerAccount.html" + }, + "DisassociateMulticastGroupFromFuotaTask": { + "privilege": "DisassociateMulticastGroupFromFuotaTask", + "description": "Grants permission to disassociate the MulticastGroup from FuotaTask", + "access_level": "Write", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask", + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateMulticastGroupFromFuotaTask.html" + }, + "DisassociateWirelessDeviceFromFuotaTask": { + "privilege": "DisassociateWirelessDeviceFromFuotaTask", + "description": "Grants permission to disassociate the wireless device from FuotaTask", + "access_level": "Write", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask", + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessDeviceFromFuotaTask.html" + }, + "DisassociateWirelessDeviceFromMulticastGroup": { + "privilege": "DisassociateWirelessDeviceFromMulticastGroup", + "description": "Grants permission to disassociate the wireless device from MulticastGroup", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup", + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessDeviceFromMulticastGroup.html" + }, + "DisassociateWirelessDeviceFromThing": { + "privilege": "DisassociateWirelessDeviceFromThing", + "description": "Grants permission to disassociate a wireless device from a AWS IoT thing", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeThing" + ] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessDeviceFromThing.html" + }, + "DisassociateWirelessGatewayFromCertificate": { + "privilege": "DisassociateWirelessGatewayFromCertificate", + "description": "Grants permission to disassociate a WirelessGateway from a IoT Core Identity certificate", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "cert": { + "resource_type": "cert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway", + "cert": "cert" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessGatewayFromCertificate.html" + }, + "DisassociateWirelessGatewayFromThing": { + "privilege": "DisassociateWirelessGatewayFromThing", + "description": "Grants permission to disassociate a WirelessGateway from a IoT Core thing", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeThing" + ] + }, + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway", + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DisassociateWirelessGatewayFromThing.html" + }, + "GetDestination": { + "privilege": "GetDestination", + "description": "Grants permission to get the Destination", + "access_level": "Read", + "resource_types": { + "Destination": { + "resource_type": "Destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "Destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetDestination.html" + }, + "GetDeviceProfile": { + "privilege": "GetDeviceProfile", + "description": "Grants permission to get the DeviceProfile", + "access_level": "Read", + "resource_types": { + "DeviceProfile": { + "resource_type": "DeviceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deviceprofile": "DeviceProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetDeviceProfile.html" + }, + "GetEventConfigurationByResourceTypes": { + "privilege": "GetEventConfigurationByResourceTypes", + "description": "Grants permission to get event configuration by resource types", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetEventConfigurationByResourceTypes.html" + }, + "GetFuotaTask": { + "privilege": "GetFuotaTask", + "description": "Grants permission to get the FuotaTask", + "access_level": "Read", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetFuotaTask.html" + }, + "GetLogLevelsByResourceTypes": { + "privilege": "GetLogLevelsByResourceTypes", + "description": "Grants permission to get log levels by resource types", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetLogLevelsByResourceTypes.html" + }, + "GetMulticastGroup": { + "privilege": "GetMulticastGroup", + "description": "Grants permission to get the MulticastGroup", + "access_level": "Read", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetMulticastGroup.html" + }, + "GetMulticastGroupSession": { + "privilege": "GetMulticastGroupSession", + "description": "Grants permission to get the MulticastGroup session", + "access_level": "Read", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetMulticastGroupSession.html" + }, + "GetNetworkAnalyzerConfiguration": { + "privilege": "GetNetworkAnalyzerConfiguration", + "description": "Grants permission to get the NetworkAnalyzerConfiguration", + "access_level": "Read", + "resource_types": { + "NetworkAnalyzerConfiguration": { + "resource_type": "NetworkAnalyzerConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetNetworkAnalyzerConfiguration.html" + }, + "GetPartnerAccount": { + "privilege": "GetPartnerAccount", + "description": "Grants permission to get the associated PartnerAccount", + "access_level": "Read", + "resource_types": { + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sidewalkaccount": "SidewalkAccount" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPartnerAccount.html" + }, + "GetPosition": { + "privilege": "GetPosition", + "description": "Grants permission to get position for a given resource", + "access_level": "Read", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPosition.html" + }, + "GetPositionConfiguration": { + "privilege": "GetPositionConfiguration", + "description": "Grants permission to get position configuration for a given resource", + "access_level": "Read", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPositionConfiguration.html" + }, + "GetPositionEstimate": { + "privilege": "GetPositionEstimate", + "description": "Grants permission to get position estimate", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetPositionEstimate.html" + }, + "GetResourceEventConfiguration": { + "privilege": "GetResourceEventConfiguration", + "description": "Grants permission to get an event configuration for an identifier", + "access_level": "Read", + "resource_types": { + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sidewalkaccount": "SidewalkAccount", + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetResourceEventConfiguration.html" + }, + "GetResourceLogLevel": { + "privilege": "GetResourceLogLevel", + "description": "Grants permission to get resource log level", + "access_level": "Read", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetResourceLogLevel.html" + }, + "GetResourcePosition": { + "privilege": "GetResourcePosition", + "description": "Grants permission to get position for a given resource", + "access_level": "Read", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetResourcePosition.html" + }, + "GetServiceEndpoint": { + "privilege": "GetServiceEndpoint", + "description": "Grants permission to retrieve the customer account specific endpoint for CUPS protocol connection or LoRaWAN Network Server (LNS) protocol connection, and optionally server trust certificate in PEM format", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetServiceEndpoint.html" + }, + "GetServiceProfile": { + "privilege": "GetServiceProfile", + "description": "Grants permission to get the ServiceProfile", + "access_level": "Read", + "resource_types": { + "ServiceProfile": { + "resource_type": "ServiceProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "serviceprofile": "ServiceProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetServiceProfile.html" + }, + "GetWirelessDevice": { + "privilege": "GetWirelessDevice", + "description": "Grants permission to get the WirelessDevice", + "access_level": "Read", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessDevice.html" + }, + "GetWirelessDeviceStatistics": { + "privilege": "GetWirelessDeviceStatistics", + "description": "Grants permission to get statistics info for a given WirelessDevice", + "access_level": "Read", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessDeviceStatistics.html" + }, + "GetWirelessGateway": { + "privilege": "GetWirelessGateway", + "description": "Grants permission to get the WirelessGateway", + "access_level": "Read", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGateway.html" + }, + "GetWirelessGatewayCertificate": { + "privilege": "GetWirelessGatewayCertificate", + "description": "Grants permission to get the IoT Core Identity certificate id associated with the WirelessGateway", + "access_level": "Read", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayCertificate.html" + }, + "GetWirelessGatewayFirmwareInformation": { + "privilege": "GetWirelessGatewayFirmwareInformation", + "description": "Grants permission to get Current firmware version and other information for the WirelessGateway", + "access_level": "Read", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayFirmwareInformation.html" + }, + "GetWirelessGatewayStatistics": { + "privilege": "GetWirelessGatewayStatistics", + "description": "Grants permission to get statistics info for a given WirelessGateway", + "access_level": "Read", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayStatistics.html" + }, + "GetWirelessGatewayTask": { + "privilege": "GetWirelessGatewayTask", + "description": "Grants permission to get the task for a given WirelessGateway", + "access_level": "Read", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayTask.html" + }, + "GetWirelessGatewayTaskDefinition": { + "privilege": "GetWirelessGatewayTaskDefinition", + "description": "Grants permission to get the given WirelessGateway task definition", + "access_level": "Read", + "resource_types": { + "WirelessGatewayTaskDefinition": { + "resource_type": "WirelessGatewayTaskDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgatewaytaskdefinition": "WirelessGatewayTaskDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessGatewayTaskDefinition.html" + }, + "ListDestinations": { + "privilege": "ListDestinations", + "description": "Grants permission to list information of available Destinations based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListDestinations.html" + }, + "ListDeviceProfiles": { + "privilege": "ListDeviceProfiles", + "description": "Grants permission to list information of available DeviceProfiles based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListDeviceProfiles.html" + }, + "ListEventConfigurations": { + "privilege": "ListEventConfigurations", + "description": "Grants permission to list information of available event configurations based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListEventConfigurations.html" + }, + "ListFuotaTasks": { + "privilege": "ListFuotaTasks", + "description": "Grants permission to list information of available FuotaTasks based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListFuotaTasks.html" + }, + "ListMulticastGroups": { + "privilege": "ListMulticastGroups", + "description": "Grants permission to list information of available MulticastGroups based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListMulticastGroups.html" + }, + "ListMulticastGroupsByFuotaTask": { + "privilege": "ListMulticastGroupsByFuotaTask", + "description": "Grants permission to list information of available MulticastGroups by FuotaTask based on the AWS account", + "access_level": "Read", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListMulticastGroupsByFuotaTask.html" + }, + "ListNetworkAnalyzerConfigurations": { + "privilege": "ListNetworkAnalyzerConfigurations", + "description": "Grants permission to list information of available NetworkAnalyzerConfigurations based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListNetworkAnalyzerConfigurations.html" + }, + "ListPartnerAccounts": { + "privilege": "ListPartnerAccounts", + "description": "Grants permission to list the available partner accounts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListPartnerAccounts.html" + }, + "ListPositionConfigurations": { + "privilege": "ListPositionConfigurations", + "description": "Grants permission to list information of available position configurations based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListPositionConfigurations.html" + }, + "ListQueuedMessages": { + "privilege": "ListQueuedMessages", + "description": "Grants permission to list the Queued Messages", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListQueuedMessages.html" + }, + "ListServiceProfiles": { + "privilege": "ListServiceProfiles", + "description": "Grants permission to list information of available ServiceProfiles based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListServiceProfiles.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for a given resource", + "access_level": "Read", + "resource_types": { + "Destination": { + "resource_type": "Destination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DeviceProfile": { + "resource_type": "DeviceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FuotaTask": { + "resource_type": "FuotaTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "NetworkAnalyzerConfiguration": { + "resource_type": "NetworkAnalyzerConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceProfile": { + "resource_type": "ServiceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGatewayTaskDefinition": { + "resource_type": "WirelessGatewayTaskDefinition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "Destination", + "deviceprofile": "DeviceProfile", + "fuotatask": "FuotaTask", + "multicastgroup": "MulticastGroup", + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration", + "serviceprofile": "ServiceProfile", + "sidewalkaccount": "SidewalkAccount", + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway", + "wirelessgatewaytaskdefinition": "WirelessGatewayTaskDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListTagsForResource.html" + }, + "ListWirelessDevices": { + "privilege": "ListWirelessDevices", + "description": "Grants permission to list information of available WirelessDevices based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessDevices.html" + }, + "ListWirelessGatewayTaskDefinitions": { + "privilege": "ListWirelessGatewayTaskDefinitions", + "description": "Grants permission to list information of available WirelessGateway task definitions based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessGatewayTaskDefinitions.html" + }, + "ListWirelessGateways": { + "privilege": "ListWirelessGateways", + "description": "Grants permission to list information of available WirelessGateways based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessGateways.html" + }, + "PutPositionConfiguration": { + "privilege": "PutPositionConfiguration", + "description": "Grants permission to put position configuration for a given resource", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_PutPositionConfiguration.html" + }, + "PutResourceLogLevel": { + "privilege": "PutResourceLogLevel", + "description": "Grants permission to put resource log level", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_PutResourceLogLevel.html" + }, + "ResetAllResourceLogLevels": { + "privilege": "ResetAllResourceLogLevels", + "description": "Grants permission to reset all resource log levels", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ResetAllResourceLogLevels.html" + }, + "ResetResourceLogLevel": { + "privilege": "ResetResourceLogLevel", + "description": "Grants permission to reset resource log level", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ResetResourceLogLevel.html" + }, + "SendDataToMulticastGroup": { + "privilege": "SendDataToMulticastGroup", + "description": "Grants permission to send data to the MulticastGroup", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_SendDataToMulticastGroup.html" + }, + "SendDataToWirelessDevice": { + "privilege": "SendDataToWirelessDevice", + "description": "Grants permission to send the decrypted application data frame to the target device", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_SendDataToWirelessDevice.html" + }, + "StartBulkAssociateWirelessDeviceWithMulticastGroup": { + "privilege": "StartBulkAssociateWirelessDeviceWithMulticastGroup", + "description": "Grants permission to associate the WirelessDevices with MulticastGroup", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartBulkAssociateWirelessDeviceWithMulticastGroup.html" + }, + "StartBulkDisassociateWirelessDeviceFromMulticastGroup": { + "privilege": "StartBulkDisassociateWirelessDeviceFromMulticastGroup", + "description": "Grants permission to bulk disassociate the WirelessDevices from MulticastGroup", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartBulkDisassociateWirelessDeviceFromMulticastGroup.html" + }, + "StartFuotaTask": { + "privilege": "StartFuotaTask", + "description": "Grants permission to start the FuotaTask", + "access_level": "Write", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartFuotaTask.html" + }, + "StartMulticastGroupSession": { + "privilege": "StartMulticastGroupSession", + "description": "Grants permission to start the MulticastGroup session", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartMulticastGroupSession.html" + }, + "StartNetworkAnalyzerStream": { + "privilege": "StartNetworkAnalyzerStream", + "description": "Grants permission to start NetworkAnalyzer stream", + "access_level": "Write", + "resource_types": { + "NetworkAnalyzerConfiguration": { + "resource_type": "NetworkAnalyzerConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/developerguide/connect-iot-lorawan-network-analyzer-api.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a given resource", + "access_level": "Tagging", + "resource_types": { + "Destination": { + "resource_type": "Destination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DeviceProfile": { + "resource_type": "DeviceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FuotaTask": { + "resource_type": "FuotaTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "NetworkAnalyzerConfiguration": { + "resource_type": "NetworkAnalyzerConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceProfile": { + "resource_type": "ServiceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDeviceImportTask": { + "resource_type": "WirelessDeviceImportTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGatewayTaskDefinition": { + "resource_type": "WirelessGatewayTaskDefinition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "Destination", + "deviceprofile": "DeviceProfile", + "fuotatask": "FuotaTask", + "multicastgroup": "MulticastGroup", + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration", + "serviceprofile": "ServiceProfile", + "sidewalkaccount": "SidewalkAccount", + "wirelessdevice": "WirelessDevice", + "wirelessdeviceimporttask": "WirelessDeviceImportTask", + "wirelessgateway": "WirelessGateway", + "wirelessgatewaytaskdefinition": "WirelessGatewayTaskDefinition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_TagResource.html" + }, + "TestWirelessDevice": { + "privilege": "TestWirelessDevice", + "description": "Grants permission to simulate a provisioned device to send an uplink data with payload of 'Hello'", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_TestWirelessDevice.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the given tags from the resource", + "access_level": "Tagging", + "resource_types": { + "Destination": { + "resource_type": "Destination", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "DeviceProfile": { + "resource_type": "DeviceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FuotaTask": { + "resource_type": "FuotaTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "NetworkAnalyzerConfiguration": { + "resource_type": "NetworkAnalyzerConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "ServiceProfile": { + "resource_type": "ServiceProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDeviceImportTask": { + "resource_type": "WirelessDeviceImportTask", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGatewayTaskDefinition": { + "resource_type": "WirelessGatewayTaskDefinition", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "Destination", + "deviceprofile": "DeviceProfile", + "fuotatask": "FuotaTask", + "multicastgroup": "MulticastGroup", + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration", + "serviceprofile": "ServiceProfile", + "sidewalkaccount": "SidewalkAccount", + "wirelessdevice": "WirelessDevice", + "wirelessdeviceimporttask": "WirelessDeviceImportTask", + "wirelessgateway": "WirelessGateway", + "wirelessgatewaytaskdefinition": "WirelessGatewayTaskDefinition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UntagResource.html" + }, + "UpdateDestination": { + "privilege": "UpdateDestination", + "description": "Grants permission to update a Destination resource", + "access_level": "Write", + "resource_types": { + "Destination": { + "resource_type": "Destination", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destination": "Destination" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateDestination.html" + }, + "UpdateEventConfigurationByResourceTypes": { + "privilege": "UpdateEventConfigurationByResourceTypes", + "description": "Grants permission to update event configuration by resource types", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateEventConfigurationByResourceTypes.html" + }, + "UpdateFuotaTask": { + "privilege": "UpdateFuotaTask", + "description": "Grants permission to update the FuotaTask", + "access_level": "Write", + "resource_types": { + "FuotaTask": { + "resource_type": "FuotaTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fuotatask": "FuotaTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateFuotaTask.html" + }, + "UpdateLogLevelsByResourceTypes": { + "privilege": "UpdateLogLevelsByResourceTypes", + "description": "Grants permission to update log levels by resource types", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateLogLevelsByResourceTypes.html" + }, + "UpdateMulticastGroup": { + "privilege": "UpdateMulticastGroup", + "description": "Grants permission to update the MulticastGroup", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateMulticastGroup.html" + }, + "UpdateNetworkAnalyzerConfiguration": { + "privilege": "UpdateNetworkAnalyzerConfiguration", + "description": "Grants permission to update the NetworkAnalyzerConfiguration", + "access_level": "Write", + "resource_types": { + "MulticastGroup": { + "resource_type": "MulticastGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "NetworkAnalyzerConfiguration": { + "resource_type": "NetworkAnalyzerConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "multicastgroup": "MulticastGroup", + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration", + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateNetworkAnalyzerConfiguration.html" + }, + "UpdatePartnerAccount": { + "privilege": "UpdatePartnerAccount", + "description": "Grants permission to update a partner account", + "access_level": "Write", + "resource_types": { + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sidewalkaccount": "SidewalkAccount" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdatePartnerAccount.html" + }, + "UpdatePosition": { + "privilege": "UpdatePosition", + "description": "Grants permission to update position for a given resource", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdatePosition.html" + }, + "UpdateResourceEventConfiguration": { + "privilege": "UpdateResourceEventConfiguration", + "description": "Grants permission to update an event configuration for an identifier", + "access_level": "Write", + "resource_types": { + "SidewalkAccount": { + "resource_type": "SidewalkAccount", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sidewalkaccount": "SidewalkAccount", + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateResourceEventConfiguration.html" + }, + "UpdateResourcePosition": { + "privilege": "UpdateResourcePosition", + "description": "Grants permission to update position for a given resource", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateResourcePosition.html" + }, + "UpdateWirelessDevice": { + "privilege": "UpdateWirelessDevice", + "description": "Grants permission to update a WirelessDevice resource", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateWirelessDevice.html" + }, + "UpdateWirelessGateway": { + "privilege": "UpdateWirelessGateway", + "description": "Grants permission to update a WirelessGateway resource", + "access_level": "Write", + "resource_types": { + "WirelessGateway": { + "resource_type": "WirelessGateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessgateway": "WirelessGateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateWirelessGateway.html" + }, + "DeleteWirelessDeviceImportTask": { + "privilege": "DeleteWirelessDeviceImportTask", + "description": "Grants permission to delete the wireless device import task", + "access_level": "Write", + "resource_types": { + "WirelessDeviceImportTask": { + "resource_type": "WirelessDeviceImportTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdeviceimporttask": "WirelessDeviceImportTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeleteWirelessDeviceImportTask.html" + }, + "DeregisterWirelessDevice": { + "privilege": "DeregisterWirelessDevice", + "description": "Grants permission to deregister wireless device", + "access_level": "Write", + "resource_types": { + "WirelessDevice": { + "resource_type": "WirelessDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdevice": "WirelessDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_DeregisterWirelessDevice.html" + }, + "GetWirelessDeviceImportTask": { + "privilege": "GetWirelessDeviceImportTask", + "description": "Grants permission to get the wireless device import task", + "access_level": "Read", + "resource_types": { + "WirelessDeviceImportTask": { + "resource_type": "WirelessDeviceImportTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdeviceimporttask": "WirelessDeviceImportTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_GetWirelessDeviceImportTask.html" + }, + "ListDevicesForWirelessDeviceImportTask": { + "privilege": "ListDevicesForWirelessDeviceImportTask", + "description": "Grants permission to list information of devices by wireless device import task based on the AWS account", + "access_level": "Read", + "resource_types": { + "WirelessDeviceImportTask": { + "resource_type": "WirelessDeviceImportTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdeviceimporttask": "WirelessDeviceImportTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListDevicesForWirelessDeviceImportTask.html" + }, + "ListWirelessDeviceImportTasks": { + "privilege": "ListWirelessDeviceImportTasks", + "description": "Grants permission to list wireless device import tasks information of based on the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_ListWirelessDeviceImportTasks.html" + }, + "StartSingleWirelessDeviceImportTask": { + "privilege": "StartSingleWirelessDeviceImportTask", + "description": "Grants permission to start the single wireless device import task", + "access_level": "Write", + "resource_types": { + "WirelessDeviceImportTask": { + "resource_type": "WirelessDeviceImportTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdeviceimporttask": "WirelessDeviceImportTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartSingleWirelessDeviceImportTask.html" + }, + "StartWirelessDeviceImportTask": { + "privilege": "StartWirelessDeviceImportTask", + "description": "Grants permission to start the wireless device import task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_StartWirelessDeviceImportTask.html" + }, + "UpdateWirelessDeviceImportTask": { + "privilege": "UpdateWirelessDeviceImportTask", + "description": "Grants permission to update a wireless device import task", + "access_level": "Write", + "resource_types": { + "WirelessDeviceImportTask": { + "resource_type": "WirelessDeviceImportTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "wirelessdeviceimporttask": "WirelessDeviceImportTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_UpdateWirelessDeviceImportTask.html" + } + }, + "privileges_lower_name": { + "associateawsaccountwithpartneraccount": "AssociateAwsAccountWithPartnerAccount", + "associatemulticastgroupwithfuotatask": "AssociateMulticastGroupWithFuotaTask", + "associatewirelessdevicewithfuotatask": "AssociateWirelessDeviceWithFuotaTask", + "associatewirelessdevicewithmulticastgroup": "AssociateWirelessDeviceWithMulticastGroup", + "associatewirelessdevicewiththing": "AssociateWirelessDeviceWithThing", + "associatewirelessgatewaywithcertificate": "AssociateWirelessGatewayWithCertificate", + "associatewirelessgatewaywiththing": "AssociateWirelessGatewayWithThing", + "cancelmulticastgroupsession": "CancelMulticastGroupSession", + "createdestination": "CreateDestination", + "createdeviceprofile": "CreateDeviceProfile", + "createfuotatask": "CreateFuotaTask", + "createmulticastgroup": "CreateMulticastGroup", + "createnetworkanalyzerconfiguration": "CreateNetworkAnalyzerConfiguration", + "createserviceprofile": "CreateServiceProfile", + "createwirelessdevice": "CreateWirelessDevice", + "createwirelessgateway": "CreateWirelessGateway", + "createwirelessgatewaytask": "CreateWirelessGatewayTask", + "createwirelessgatewaytaskdefinition": "CreateWirelessGatewayTaskDefinition", + "deletedestination": "DeleteDestination", + "deletedeviceprofile": "DeleteDeviceProfile", + "deletefuotatask": "DeleteFuotaTask", + "deletemulticastgroup": "DeleteMulticastGroup", + "deletenetworkanalyzerconfiguration": "DeleteNetworkAnalyzerConfiguration", + "deletequeuedmessages": "DeleteQueuedMessages", + "deleteserviceprofile": "DeleteServiceProfile", + "deletewirelessdevice": "DeleteWirelessDevice", + "deletewirelessgateway": "DeleteWirelessGateway", + "deletewirelessgatewaytask": "DeleteWirelessGatewayTask", + "deletewirelessgatewaytaskdefinition": "DeleteWirelessGatewayTaskDefinition", + "disassociateawsaccountfrompartneraccount": "DisassociateAwsAccountFromPartnerAccount", + "disassociatemulticastgroupfromfuotatask": "DisassociateMulticastGroupFromFuotaTask", + "disassociatewirelessdevicefromfuotatask": "DisassociateWirelessDeviceFromFuotaTask", + "disassociatewirelessdevicefrommulticastgroup": "DisassociateWirelessDeviceFromMulticastGroup", + "disassociatewirelessdevicefromthing": "DisassociateWirelessDeviceFromThing", + "disassociatewirelessgatewayfromcertificate": "DisassociateWirelessGatewayFromCertificate", + "disassociatewirelessgatewayfromthing": "DisassociateWirelessGatewayFromThing", + "getdestination": "GetDestination", + "getdeviceprofile": "GetDeviceProfile", + "geteventconfigurationbyresourcetypes": "GetEventConfigurationByResourceTypes", + "getfuotatask": "GetFuotaTask", + "getloglevelsbyresourcetypes": "GetLogLevelsByResourceTypes", + "getmulticastgroup": "GetMulticastGroup", + "getmulticastgroupsession": "GetMulticastGroupSession", + "getnetworkanalyzerconfiguration": "GetNetworkAnalyzerConfiguration", + "getpartneraccount": "GetPartnerAccount", + "getposition": "GetPosition", + "getpositionconfiguration": "GetPositionConfiguration", + "getpositionestimate": "GetPositionEstimate", + "getresourceeventconfiguration": "GetResourceEventConfiguration", + "getresourceloglevel": "GetResourceLogLevel", + "getresourceposition": "GetResourcePosition", + "getserviceendpoint": "GetServiceEndpoint", + "getserviceprofile": "GetServiceProfile", + "getwirelessdevice": "GetWirelessDevice", + "getwirelessdevicestatistics": "GetWirelessDeviceStatistics", + "getwirelessgateway": "GetWirelessGateway", + "getwirelessgatewaycertificate": "GetWirelessGatewayCertificate", + "getwirelessgatewayfirmwareinformation": "GetWirelessGatewayFirmwareInformation", + "getwirelessgatewaystatistics": "GetWirelessGatewayStatistics", + "getwirelessgatewaytask": "GetWirelessGatewayTask", + "getwirelessgatewaytaskdefinition": "GetWirelessGatewayTaskDefinition", + "listdestinations": "ListDestinations", + "listdeviceprofiles": "ListDeviceProfiles", + "listeventconfigurations": "ListEventConfigurations", + "listfuotatasks": "ListFuotaTasks", + "listmulticastgroups": "ListMulticastGroups", + "listmulticastgroupsbyfuotatask": "ListMulticastGroupsByFuotaTask", + "listnetworkanalyzerconfigurations": "ListNetworkAnalyzerConfigurations", + "listpartneraccounts": "ListPartnerAccounts", + "listpositionconfigurations": "ListPositionConfigurations", + "listqueuedmessages": "ListQueuedMessages", + "listserviceprofiles": "ListServiceProfiles", + "listtagsforresource": "ListTagsForResource", + "listwirelessdevices": "ListWirelessDevices", + "listwirelessgatewaytaskdefinitions": "ListWirelessGatewayTaskDefinitions", + "listwirelessgateways": "ListWirelessGateways", + "putpositionconfiguration": "PutPositionConfiguration", + "putresourceloglevel": "PutResourceLogLevel", + "resetallresourceloglevels": "ResetAllResourceLogLevels", + "resetresourceloglevel": "ResetResourceLogLevel", + "senddatatomulticastgroup": "SendDataToMulticastGroup", + "senddatatowirelessdevice": "SendDataToWirelessDevice", + "startbulkassociatewirelessdevicewithmulticastgroup": "StartBulkAssociateWirelessDeviceWithMulticastGroup", + "startbulkdisassociatewirelessdevicefrommulticastgroup": "StartBulkDisassociateWirelessDeviceFromMulticastGroup", + "startfuotatask": "StartFuotaTask", + "startmulticastgroupsession": "StartMulticastGroupSession", + "startnetworkanalyzerstream": "StartNetworkAnalyzerStream", + "tagresource": "TagResource", + "testwirelessdevice": "TestWirelessDevice", + "untagresource": "UntagResource", + "updatedestination": "UpdateDestination", + "updateeventconfigurationbyresourcetypes": "UpdateEventConfigurationByResourceTypes", + "updatefuotatask": "UpdateFuotaTask", + "updateloglevelsbyresourcetypes": "UpdateLogLevelsByResourceTypes", + "updatemulticastgroup": "UpdateMulticastGroup", + "updatenetworkanalyzerconfiguration": "UpdateNetworkAnalyzerConfiguration", + "updatepartneraccount": "UpdatePartnerAccount", + "updateposition": "UpdatePosition", + "updateresourceeventconfiguration": "UpdateResourceEventConfiguration", + "updateresourceposition": "UpdateResourcePosition", + "updatewirelessdevice": "UpdateWirelessDevice", + "updatewirelessgateway": "UpdateWirelessGateway", + "deletewirelessdeviceimporttask": "DeleteWirelessDeviceImportTask", + "deregisterwirelessdevice": "DeregisterWirelessDevice", + "getwirelessdeviceimporttask": "GetWirelessDeviceImportTask", + "listdevicesforwirelessdeviceimporttask": "ListDevicesForWirelessDeviceImportTask", + "listwirelessdeviceimporttasks": "ListWirelessDeviceImportTasks", + "startsinglewirelessdeviceimporttask": "StartSingleWirelessDeviceImportTask", + "startwirelessdeviceimporttask": "StartWirelessDeviceImportTask", + "updatewirelessdeviceimporttask": "UpdateWirelessDeviceImportTask" + }, + "resources": { + "WirelessDevice": { + "resource": "WirelessDevice", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessDevice/${WirelessDeviceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "WirelessGateway": { + "resource": "WirelessGateway", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessGateway/${WirelessGatewayId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "DeviceProfile": { + "resource": "DeviceProfile", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:DeviceProfile/${DeviceProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ServiceProfile": { + "resource": "ServiceProfile", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:ServiceProfile/${ServiceProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Destination": { + "resource": "Destination", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:Destination/${DestinationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "SidewalkAccount": { + "resource": "SidewalkAccount", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:SidewalkAccount/${SidewalkAccountId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "WirelessGatewayTaskDefinition": { + "resource": "WirelessGatewayTaskDefinition", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessGatewayTaskDefinition/${WirelessGatewayTaskDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "FuotaTask": { + "resource": "FuotaTask", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:FuotaTask/${FuotaTaskId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "MulticastGroup": { + "resource": "MulticastGroup", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:MulticastGroup/${MulticastGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "NetworkAnalyzerConfiguration": { + "resource": "NetworkAnalyzerConfiguration", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:NetworkAnalyzerConfiguration/${NetworkAnalyzerConfigurationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "thing": { + "resource": "thing", + "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", + "condition_keys": [] + }, + "cert": { + "resource": "cert", + "arn": "arn:${Partition}:iot:${Region}:${Account}:cert/${Certificate}", + "condition_keys": [] + }, + "WirelessDeviceImportTask": { + "resource": "WirelessDeviceImportTask", + "arn": "arn:${Partition}:iotwireless:${Region}:${Account}:WirelessDeviceImportTask/${WirelessDeviceImportTaskId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "wirelessdevice": "WirelessDevice", + "wirelessgateway": "WirelessGateway", + "deviceprofile": "DeviceProfile", + "serviceprofile": "ServiceProfile", + "destination": "Destination", + "sidewalkaccount": "SidewalkAccount", + "wirelessgatewaytaskdefinition": "WirelessGatewayTaskDefinition", + "fuotatask": "FuotaTask", + "multicastgroup": "MulticastGroup", + "networkanalyzerconfiguration": "NetworkAnalyzerConfiguration", + "thing": "thing", + "cert": "cert", + "wirelessdeviceimporttask": "WirelessDeviceImportTask" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key that is present in the request that the user makes to IoT Wireless", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key component of a tag attached to an IoT Wireless resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names associated with the resource in the request", + "type": "ArrayOfString" + } + } + }, + "iot-device-tester": { + "service_name": "AWS IoT Device Tester", + "prefix": "iot-device-tester", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotdevicetester.html", + "privileges": { + "CheckVersion": { + "privilege": "CheckVersion", + "description": "Grants permission to IoT Device Tester to check if a given set of product, test suite and device tester version are compatible", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" + }, + "DownloadTestSuite": { + "privilege": "DownloadTestSuite", + "description": "Grants permission to IoT Device Tester to download compatible test suite versions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" + }, + "LatestIdt": { + "privilege": "LatestIdt", + "description": "Grants permission to IoT Device Tester to get information on latest version of device tester available", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" + }, + "SendMetrics": { + "privilege": "SendMetrics", + "description": "Grants permission to IoT Device Tester to send usage metrics on your behalf", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" + }, + "SupportedVersion": { + "privilege": "SupportedVersion", + "description": "Grants permission to IoT Device Tester to get list of supported products and test suite versions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/freertos/latest/userguide/dev-tester-prereqs.html" + } + }, + "privileges_lower_name": { + "checkversion": "CheckVersion", + "downloadtestsuite": "DownloadTestSuite", + "latestidt": "LatestIdt", + "sendmetrics": "SendMetrics", + "supportedversion": "SupportedVersion" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "iotevents": { + "service_name": "AWS IoT Events", + "prefix": "iotevents", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotevents.html", + "privileges": { + "BatchAcknowledgeAlarm": { + "privilege": "BatchAcknowledgeAlarm", + "description": "Grants permission to send one or more acknowledge action requests to AWS IoT Events", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchAcknowledgeAlarm.html" + }, + "BatchDeleteDetector": { + "privilege": "BatchDeleteDetector", + "description": "Grants permission to delete a detector instance within the AWS IoT Events system", + "access_level": "Write", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchDeleteDetector.html" + }, + "BatchDisableAlarm": { + "privilege": "BatchDisableAlarm", + "description": "Grants permission to disable one or more alarm instances", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchDisableAlarm.html" + }, + "BatchEnableAlarm": { + "privilege": "BatchEnableAlarm", + "description": "Grants permission to enable one or more alarm instances", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchEnableAlarm.html" + }, + "BatchPutMessage": { + "privilege": "BatchPutMessage", + "description": "Grants permission to send a set of messages to the AWS IoT Events system", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html" + }, + "BatchResetAlarm": { + "privilege": "BatchResetAlarm", + "description": "Grants permission to reset one or more alarm instances", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchResetAlarm.html" + }, + "BatchSnoozeAlarm": { + "privilege": "BatchSnoozeAlarm", + "description": "Grants permission to change one or more alarm instances to the snooze mode", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchSnoozeAlarm.html" + }, + "BatchUpdateDetector": { + "privilege": "BatchUpdateDetector", + "description": "Grants permission to update a detector instance within the AWS IoT Events system", + "access_level": "Write", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchUpdateDetector.html" + }, + "CreateAlarmModel": { + "privilege": "CreateAlarmModel", + "description": "Grants permission to create an alarm model to monitor an AWS IoT Events input attribute or an AWS IoT SiteWise asset property", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_CreateAlarmModel.html" + }, + "CreateDetectorModel": { + "privilege": "CreateDetectorModel", + "description": "Grants permission to create a detector model to monitor an AWS IoT Events input attribute", + "access_level": "Write", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_CreateDetectorModel.html" + }, + "CreateInput": { + "privilege": "CreateInput", + "description": "Grants permission to create an Input in IotEvents", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_CreateInput.html" + }, + "DeleteAlarmModel": { + "privilege": "DeleteAlarmModel", + "description": "Grants permission to delete an alarm model", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DeleteAlarmModel.html" + }, + "DeleteDetectorModel": { + "privilege": "DeleteDetectorModel", + "description": "Grants permission to delete a detector model", + "access_level": "Write", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DeleteDetectorModel.html" + }, + "DeleteInput": { + "privilege": "DeleteInput", + "description": "Grants permission to delete an input", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DeleteInput.html" + }, + "DescribeAlarm": { + "privilege": "DescribeAlarm", + "description": "Grants permission to retrieve information about an alarm instance", + "access_level": "Read", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_DescribeAlarm.html" + }, + "DescribeAlarmModel": { + "privilege": "DescribeAlarmModel", + "description": "Grants permission to retrieve information about an alarm model", + "access_level": "Read", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeAlarmModel.html" + }, + "DescribeDetector": { + "privilege": "DescribeDetector", + "description": "Grants permission to retriev information about a detector instance", + "access_level": "Read", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_DescribeDetector.html" + }, + "DescribeDetectorModel": { + "privilege": "DescribeDetectorModel", + "description": "Grants permission to retrieve information about a detector model", + "access_level": "Read", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeDetectorModel.html" + }, + "DescribeDetectorModelAnalysis": { + "privilege": "DescribeDetectorModelAnalysis", + "description": "Grants permission to retrieve the detector model analysis information", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeDetectorModelAnalysis.html" + }, + "DescribeInput": { + "privilege": "DescribeInput", + "description": "Grants permission to retrieve an information about Input", + "access_level": "Read", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeInput.html" + }, + "DescribeLoggingOptions": { + "privilege": "DescribeLoggingOptions", + "description": "Grants permission to retrieve the current settings of the AWS IoT Events logging options", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_DescribeLoggingOptions.html" + }, + "GetDetectorModelAnalysisResults": { + "privilege": "GetDetectorModelAnalysisResults", + "description": "Grants permission to retrieve the detector model analysis results", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_GetDetectorModelAnalysisResults.html" + }, + "ListAlarmModelVersions": { + "privilege": "ListAlarmModelVersions", + "description": "Grants permission to list all the versions of an alarm model", + "access_level": "List", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListAlarmModelVersions.html" + }, + "ListAlarmModels": { + "privilege": "ListAlarmModels", + "description": "Grants permission to list the alarm models that you created", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListAlarmModels.html" + }, + "ListAlarms": { + "privilege": "ListAlarms", + "description": "Grants permission to retrieve information about all alarm instances per alarmModel", + "access_level": "List", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_ListAlarms.html" + }, + "ListDetectorModelVersions": { + "privilege": "ListDetectorModelVersions", + "description": "Grants permission to list all the versions of a detector model", + "access_level": "List", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListDetectorModelVersions.html" + }, + "ListDetectorModels": { + "privilege": "ListDetectorModels", + "description": "Grants permission to list the detector models that you created", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListDetectorModels.html" + }, + "ListDetectors": { + "privilege": "ListDetectors", + "description": "Grants permission to retrieve information about all detector instances per detectormodel", + "access_level": "List", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_ListDetectors.html" + }, + "ListInputRoutings": { + "privilege": "ListInputRoutings", + "description": "Grants permission to list one or more input routings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListInputRoutings.html" + }, + "ListInputs": { + "privilege": "ListInputs", + "description": "Grants permission to lists the inputs you have created", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListInputs.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags (metadata) which you have assigned to the resource", + "access_level": "Read", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detectorModel": { + "resource_type": "detectorModel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input": { + "resource_type": "input", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel", + "detectormodel": "detectorModel", + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_ListTagsForResource.html" + }, + "PutLoggingOptions": { + "privilege": "PutLoggingOptions", + "description": "Grants permission to set or update the AWS IoT Events logging options", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_PutLoggingOptions.html" + }, + "StartDetectorModelAnalysis": { + "privilege": "StartDetectorModelAnalysis", + "description": "Grants permission to start the detector model analysis", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_StartDetectorModelAnalysis.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to adds to or modifies the tags of the given resource.Tags are metadata which can be used to manage a resource", + "access_level": "Tagging", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detectorModel": { + "resource_type": "detectorModel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input": { + "resource_type": "input", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel", + "detectormodel": "detectorModel", + "input": "input", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the given tags (metadata) from the resource", + "access_level": "Tagging", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "detectorModel": { + "resource_type": "detectorModel", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "input": { + "resource_type": "input", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel", + "detectormodel": "detectorModel", + "input": "input", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UntagResource.html" + }, + "UpdateAlarmModel": { + "privilege": "UpdateAlarmModel", + "description": "Grants permission to update an alarm model", + "access_level": "Write", + "resource_types": { + "alarmModel": { + "resource_type": "alarmModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alarmmodel": "alarmModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateAlarmModel.html" + }, + "UpdateDetectorModel": { + "privilege": "UpdateDetectorModel", + "description": "Grants permission to update a detector model", + "access_level": "Write", + "resource_types": { + "detectorModel": { + "resource_type": "detectorModel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "detectormodel": "detectorModel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateDetectorModel.html" + }, + "UpdateInput": { + "privilege": "UpdateInput", + "description": "Grants permission to update an input", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateInput.html" + }, + "UpdateInputRouting": { + "privilege": "UpdateInputRouting", + "description": "Grants permission to update input routing", + "access_level": "Write", + "resource_types": { + "input": { + "resource_type": "input", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "input": "input" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotevents/latest/apireference/API_UpdateInputRouting.html" + } + }, + "privileges_lower_name": { + "batchacknowledgealarm": "BatchAcknowledgeAlarm", + "batchdeletedetector": "BatchDeleteDetector", + "batchdisablealarm": "BatchDisableAlarm", + "batchenablealarm": "BatchEnableAlarm", + "batchputmessage": "BatchPutMessage", + "batchresetalarm": "BatchResetAlarm", + "batchsnoozealarm": "BatchSnoozeAlarm", + "batchupdatedetector": "BatchUpdateDetector", + "createalarmmodel": "CreateAlarmModel", + "createdetectormodel": "CreateDetectorModel", + "createinput": "CreateInput", + "deletealarmmodel": "DeleteAlarmModel", + "deletedetectormodel": "DeleteDetectorModel", + "deleteinput": "DeleteInput", + "describealarm": "DescribeAlarm", + "describealarmmodel": "DescribeAlarmModel", + "describedetector": "DescribeDetector", + "describedetectormodel": "DescribeDetectorModel", + "describedetectormodelanalysis": "DescribeDetectorModelAnalysis", + "describeinput": "DescribeInput", + "describeloggingoptions": "DescribeLoggingOptions", + "getdetectormodelanalysisresults": "GetDetectorModelAnalysisResults", + "listalarmmodelversions": "ListAlarmModelVersions", + "listalarmmodels": "ListAlarmModels", + "listalarms": "ListAlarms", + "listdetectormodelversions": "ListDetectorModelVersions", + "listdetectormodels": "ListDetectorModels", + "listdetectors": "ListDetectors", + "listinputroutings": "ListInputRoutings", + "listinputs": "ListInputs", + "listtagsforresource": "ListTagsForResource", + "putloggingoptions": "PutLoggingOptions", + "startdetectormodelanalysis": "StartDetectorModelAnalysis", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatealarmmodel": "UpdateAlarmModel", + "updatedetectormodel": "UpdateDetectorModel", + "updateinput": "UpdateInput", + "updateinputrouting": "UpdateInputRouting" + }, + "resources": { + "detectorModel": { + "resource": "detectorModel", + "arn": "arn:${Partition}:iotevents:${Region}:${Account}:detectorModel/${DetectorModelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "alarmModel": { + "resource": "alarmModel", + "arn": "arn:${Partition}:iotevents:${Region}:${Account}:alarmModel/${AlarmModelName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "input": { + "resource": "input", + "arn": "arn:${Partition}:iotevents:${Region}:${Account}:input/${InputName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "detectormodel": "detectorModel", + "alarmmodel": "alarmModel", + "input": "input" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions by the tag keys in the request", + "type": "ArrayOfString" + }, + "iotevents:keyValue": { + "condition": "iotevents:keyValue", + "description": "Filters access by the instanceId (key-value) of the message", + "type": "String" + } + } + }, + "iotfleethub": { + "service_name": "AWS IoT Fleet Hub for Device Management", + "prefix": "iotfleethub", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleethubfordevicemanagement.html", + "privileges": { + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "sso:CreateManagedApplicationInstance", + "sso:DescribeRegisteredRegions" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_CreateApplication.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso:DeleteManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_DeleteApplication.html" + }, + "DescribeApplication": { + "privilege": "DescribeApplication", + "description": "Grants permission to describe an application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_DescribeApplication.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list all applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_ListApplications.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for a resource", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update an application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_UpdateApplication.html" + } + }, + "privileges_lower_name": { + "createapplication": "CreateApplication", + "deleteapplication": "DeleteApplication", + "describeapplication": "DescribeApplication", + "listapplications": "ListApplications", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:iotfleethub:${Region}:${Account}:application/${ApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "application": "application" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions by the tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "iotfleetwise": { + "service_name": "AWS IoT FleetWise", + "prefix": "iotfleetwise", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html", + "privileges": { + "AssociateVehicleFleet": { + "privilege": "AssociateVehicleFleet", + "description": "Grants permission to associate the given vehicle to a fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "vehicle": "vehicle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_AssociateVehicleFleet.html" + }, + "BatchCreateVehicle": { + "privilege": "BatchCreateVehicle", + "description": "Grants permission to create a batch of vehicles", + "access_level": "Write", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:CreateThing", + "iot:DescribeThing" + ] + }, + "modelmanifest": { + "resource_type": "modelmanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest", + "modelmanifest": "modelmanifest", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_BatchCreateVehicle.html" + }, + "BatchUpdateVehicle": { + "privilege": "BatchUpdateVehicle", + "description": "Grants permission to update a batch of vehicles", + "access_level": "Write", + "resource_types": { + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "decodermanifest": { + "resource_type": "decodermanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "modelmanifest": { + "resource_type": "modelmanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iotfleetwise:UpdateToModelManifestArn", + "iotfleetwise:UpdateToDecoderManifestArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vehicle": "vehicle", + "decodermanifest": "decodermanifest", + "modelmanifest": "modelmanifest", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_BatchUpdateVehicle.html" + }, + "CreateCampaign": { + "privilege": "CreateCampaign", + "description": "Grants permission to create a campaign", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "signalcatalog": { + "resource_type": "signalcatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "iotfleetwise:DestinationArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "signalcatalog": "signalcatalog", + "vehicle": "vehicle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateCampaign.html" + }, + "CreateDecoderManifest": { + "privilege": "CreateDecoderManifest", + "description": "Grants permission to create a decoder manifest for an existing model", + "access_level": "Write", + "resource_types": { + "modelmanifest": { + "resource_type": "modelmanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "modelmanifest": "modelmanifest", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateDecoderManifest.html" + }, + "CreateFleet": { + "privilege": "CreateFleet", + "description": "Grants permission to create a fleet", + "access_level": "Write", + "resource_types": { + "signalcatalog": { + "resource_type": "signalcatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signalcatalog": "signalcatalog", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateFleet.html" + }, + "CreateModelManifest": { + "privilege": "CreateModelManifest", + "description": "Grants permission to create a model manifest definition", + "access_level": "Write", + "resource_types": { + "signalcatalog": { + "resource_type": "signalcatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signalcatalog": "signalcatalog", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateModelManifest.html" + }, + "CreateSignalCatalog": { + "privilege": "CreateSignalCatalog", + "description": "Grants permission to create a signal catalog", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateSignalCatalog.html" + }, + "CreateVehicle": { + "privilege": "CreateVehicle", + "description": "Grants permission to create a vehicle", + "access_level": "Write", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:CreateThing", + "iot:DescribeThing" + ] + }, + "modelmanifest": { + "resource_type": "modelmanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest", + "modelmanifest": "modelmanifest", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_CreateVehicle.html" + }, + "DeleteCampaign": { + "privilege": "DeleteCampaign", + "description": "Grants permission to delete a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteCampaign.html" + }, + "DeleteDecoderManifest": { + "privilege": "DeleteDecoderManifest", + "description": "Grants permission to delete the given decoder manifest", + "access_level": "Write", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteDecoderManifest.html" + }, + "DeleteFleet": { + "privilege": "DeleteFleet", + "description": "Grants permission to delete a fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteFleet.html" + }, + "DeleteModelManifest": { + "privilege": "DeleteModelManifest", + "description": "Grants permission to delete the given model manifest", + "access_level": "Write", + "resource_types": { + "modelmanifest": { + "resource_type": "modelmanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "modelmanifest": "modelmanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteModelManifest.html" + }, + "DeleteSignalCatalog": { + "privilege": "DeleteSignalCatalog", + "description": "Grants permission to delete a specific signal catalog", + "access_level": "Write", + "resource_types": { + "signalcatalog": { + "resource_type": "signalcatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signalcatalog": "signalcatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteSignalCatalog.html" + }, + "DeleteVehicle": { + "privilege": "DeleteVehicle", + "description": "Grants permission to delete a vehicle", + "access_level": "Write", + "resource_types": { + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vehicle": "vehicle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DeleteVehicle.html" + }, + "DisassociateVehicleFleet": { + "privilege": "DisassociateVehicleFleet", + "description": "Grants permission to disassociate a vehicle from an existing fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet", + "vehicle": "vehicle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_DisassociateVehicleFleet.html" + }, + "GetCampaign": { + "privilege": "GetCampaign", + "description": "Grants permission to get summary information for a given campaign", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetCampaign.html" + }, + "GetDecoderManifest": { + "privilege": "GetDecoderManifest", + "description": "Grants permission to get summary information for a given decoder manifest definition", + "access_level": "Read", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetDecoderManifest.html" + }, + "GetFleet": { + "privilege": "GetFleet", + "description": "Grants permission to get summary information for a fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetFleet.html" + }, + "GetLoggingOptions": { + "privilege": "GetLoggingOptions", + "description": "Grants permission to get the logging options for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetLoggingOptions.html" + }, + "GetModelManifest": { + "privilege": "GetModelManifest", + "description": "Grants permission to get summary information for a given model manifest definition", + "access_level": "Read", + "resource_types": { + "modelmanifest": { + "resource_type": "modelmanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "modelmanifest": "modelmanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetModelManifest.html" + }, + "GetRegisterAccountStatus": { + "privilege": "GetRegisterAccountStatus", + "description": "Grants permission to get the account registration status with IoT FleetWise", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetRegisterAccountStatus.html" + }, + "GetSignalCatalog": { + "privilege": "GetSignalCatalog", + "description": "Grants permission to get summary information for a specific signal catalog", + "access_level": "Read", + "resource_types": { + "signalcatalog": { + "resource_type": "signalcatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signalcatalog": "signalcatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetSignalCatalog.html" + }, + "GetVehicle": { + "privilege": "GetVehicle", + "description": "Grants permission to get summary information for a vehicle", + "access_level": "Read", + "resource_types": { + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vehicle": "vehicle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetVehicle.html" + }, + "GetVehicleStatus": { + "privilege": "GetVehicleStatus", + "description": "Grants permission to get the status of the campaigns running on a specific vehicle", + "access_level": "Read", + "resource_types": { + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vehicle": "vehicle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_GetVehicleStatus.html" + }, + "ImportDecoderManifest": { + "privilege": "ImportDecoderManifest", + "description": "Grants permission to import an existing decoder manifest", + "access_level": "Write", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ImportDecoderManifest.html" + }, + "ImportSignalCatalog": { + "privilege": "ImportSignalCatalog", + "description": "Grants permission to create a signal catalog by importing existing definitions", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ImportSignalCatalog.html" + }, + "ListCampaigns": { + "privilege": "ListCampaigns", + "description": "Grants permission to list campaigns", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListCampaigns.html" + }, + "ListDecoderManifestNetworkInterfaces": { + "privilege": "ListDecoderManifestNetworkInterfaces", + "description": "Grants permission to list network interfaces associated to the existing decoder manifest", + "access_level": "List", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifestNetworkInterfaces.html" + }, + "ListDecoderManifestSignals": { + "privilege": "ListDecoderManifestSignals", + "description": "Grants permission to list decoder manifest signals", + "access_level": "List", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifestSignals.html" + }, + "ListDecoderManifests": { + "privilege": "ListDecoderManifests", + "description": "Grants permission to list all decoder manifests, with an optional filter on model manifest", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListDecoderManifests.html" + }, + "ListFleets": { + "privilege": "ListFleets", + "description": "Grants permission to list all fleets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListFleets.html" + }, + "ListFleetsForVehicle": { + "privilege": "ListFleetsForVehicle", + "description": "Grants permission to list all the fleets that the given vehicle is associated with", + "access_level": "Read", + "resource_types": { + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vehicle": "vehicle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListFleetsForVehicle.html" + }, + "ListModelManifestNodes": { + "privilege": "ListModelManifestNodes", + "description": "Grants permission to list all nodes for the given model manifest", + "access_level": "List", + "resource_types": { + "modelmanifest": { + "resource_type": "modelmanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "modelmanifest": "modelmanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListModelManifestNodes.html" + }, + "ListModelManifests": { + "privilege": "ListModelManifests", + "description": "Grants permission to list all model manifests, with an optional filter on signal catalog", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListModelManifests.html" + }, + "ListSignalCatalogNodes": { + "privilege": "ListSignalCatalogNodes", + "description": "Grants permission to list all nodes for a given signal catalog", + "access_level": "Read", + "resource_types": { + "signalcatalog": { + "resource_type": "signalcatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signalcatalog": "signalcatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListSignalCatalogNodes.html" + }, + "ListSignalCatalogs": { + "privilege": "ListSignalCatalogs", + "description": "Grants permission to list all signal catalogs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListSignalCatalogs.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "decodermanifest": { + "resource_type": "decodermanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "modelmanifest": { + "resource_type": "modelmanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "signalcatalog": { + "resource_type": "signalcatalog", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vehicle": { + "resource_type": "vehicle", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "decodermanifest": "decodermanifest", + "fleet": "fleet", + "modelmanifest": "modelmanifest", + "signalcatalog": "signalcatalog", + "vehicle": "vehicle" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListTagsForResource.html" + }, + "ListVehicles": { + "privilege": "ListVehicles", + "description": "Grants permission to list all vehicles, with an optional filter on model manifest", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListVehicles.html" + }, + "ListVehiclesInFleet": { + "privilege": "ListVehiclesInFleet", + "description": "Grants permission to list vehicles in the given fleet", + "access_level": "Read", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_ListVehiclesInFleet.html" + }, + "PutLoggingOptions": { + "privilege": "PutLoggingOptions", + "description": "Grants permission to put the logging options for the AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_PutLoggingOptions.html" + }, + "RegisterAccount": { + "privilege": "RegisterAccount", + "description": "Grants permission to register an AWS account to IoT FleetWise", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_RegisterAccount.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "decodermanifest": { + "resource_type": "decodermanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "modelmanifest": { + "resource_type": "modelmanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "signalcatalog": { + "resource_type": "signalcatalog", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vehicle": { + "resource_type": "vehicle", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "decodermanifest": "decodermanifest", + "fleet": "fleet", + "modelmanifest": "modelmanifest", + "signalcatalog": "signalcatalog", + "vehicle": "vehicle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "decodermanifest": { + "resource_type": "decodermanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "fleet": { + "resource_type": "fleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "modelmanifest": { + "resource_type": "modelmanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "signalcatalog": { + "resource_type": "signalcatalog", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "vehicle": { + "resource_type": "vehicle", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "decodermanifest": "decodermanifest", + "fleet": "fleet", + "modelmanifest": "modelmanifest", + "signalcatalog": "signalcatalog", + "vehicle": "vehicle", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UntagResource.html" + }, + "UpdateCampaign": { + "privilege": "UpdateCampaign", + "description": "Grants permission to update the given campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateCampaign.html" + }, + "UpdateDecoderManifest": { + "privilege": "UpdateDecoderManifest", + "description": "Grants permission to update a decoder manifest defnition", + "access_level": "Write", + "resource_types": { + "decodermanifest": { + "resource_type": "decodermanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "decodermanifest": "decodermanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateDecoderManifest.html" + }, + "UpdateFleet": { + "privilege": "UpdateFleet", + "description": "Grants permission to update the fleet", + "access_level": "Write", + "resource_types": { + "fleet": { + "resource_type": "fleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "fleet": "fleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateFleet.html" + }, + "UpdateModelManifest": { + "privilege": "UpdateModelManifest", + "description": "Grants permission to update the given model manifest definition", + "access_level": "Write", + "resource_types": { + "modelmanifest": { + "resource_type": "modelmanifest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "modelmanifest": "modelmanifest" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateModelManifest.html" + }, + "UpdateSignalCatalog": { + "privilege": "UpdateSignalCatalog", + "description": "Grants permission to update a specific signal catalog definition", + "access_level": "Write", + "resource_types": { + "signalcatalog": { + "resource_type": "signalcatalog", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signalcatalog": "signalcatalog" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateSignalCatalog.html" + }, + "UpdateVehicle": { + "privilege": "UpdateVehicle", + "description": "Grants permission to update the vehicle", + "access_level": "Write", + "resource_types": { + "vehicle": { + "resource_type": "vehicle", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "decodermanifest": { + "resource_type": "decodermanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "modelmanifest": { + "resource_type": "modelmanifest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iotfleetwise:UpdateToModelManifestArn", + "iotfleetwise:UpdateToDecoderManifestArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "vehicle": "vehicle", + "decodermanifest": "decodermanifest", + "modelmanifest": "modelmanifest", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-fleetwise/latest/APIReference/API_UpdateVehicle.html" + } + }, + "privileges_lower_name": { + "associatevehiclefleet": "AssociateVehicleFleet", + "batchcreatevehicle": "BatchCreateVehicle", + "batchupdatevehicle": "BatchUpdateVehicle", + "createcampaign": "CreateCampaign", + "createdecodermanifest": "CreateDecoderManifest", + "createfleet": "CreateFleet", + "createmodelmanifest": "CreateModelManifest", + "createsignalcatalog": "CreateSignalCatalog", + "createvehicle": "CreateVehicle", + "deletecampaign": "DeleteCampaign", + "deletedecodermanifest": "DeleteDecoderManifest", + "deletefleet": "DeleteFleet", + "deletemodelmanifest": "DeleteModelManifest", + "deletesignalcatalog": "DeleteSignalCatalog", + "deletevehicle": "DeleteVehicle", + "disassociatevehiclefleet": "DisassociateVehicleFleet", + "getcampaign": "GetCampaign", + "getdecodermanifest": "GetDecoderManifest", + "getfleet": "GetFleet", + "getloggingoptions": "GetLoggingOptions", + "getmodelmanifest": "GetModelManifest", + "getregisteraccountstatus": "GetRegisterAccountStatus", + "getsignalcatalog": "GetSignalCatalog", + "getvehicle": "GetVehicle", + "getvehiclestatus": "GetVehicleStatus", + "importdecodermanifest": "ImportDecoderManifest", + "importsignalcatalog": "ImportSignalCatalog", + "listcampaigns": "ListCampaigns", + "listdecodermanifestnetworkinterfaces": "ListDecoderManifestNetworkInterfaces", + "listdecodermanifestsignals": "ListDecoderManifestSignals", + "listdecodermanifests": "ListDecoderManifests", + "listfleets": "ListFleets", + "listfleetsforvehicle": "ListFleetsForVehicle", + "listmodelmanifestnodes": "ListModelManifestNodes", + "listmodelmanifests": "ListModelManifests", + "listsignalcatalognodes": "ListSignalCatalogNodes", + "listsignalcatalogs": "ListSignalCatalogs", + "listtagsforresource": "ListTagsForResource", + "listvehicles": "ListVehicles", + "listvehiclesinfleet": "ListVehiclesInFleet", + "putloggingoptions": "PutLoggingOptions", + "registeraccount": "RegisterAccount", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecampaign": "UpdateCampaign", + "updatedecodermanifest": "UpdateDecoderManifest", + "updatefleet": "UpdateFleet", + "updatemodelmanifest": "UpdateModelManifest", + "updatesignalcatalog": "UpdateSignalCatalog", + "updatevehicle": "UpdateVehicle" + }, + "resources": { + "campaign": { + "resource": "campaign", + "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:campaign/${CampaignName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "decodermanifest": { + "resource": "decodermanifest", + "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:decoder-manifest/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "fleet": { + "resource": "fleet", + "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:fleet/${FleetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "modelmanifest": { + "resource": "modelmanifest", + "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:model-manifest/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "signalcatalog": { + "resource": "signalcatalog", + "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:signal-catalog/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "vehicle": { + "resource": "vehicle", + "arn": "arn:${Partition}:iotfleetwise:${Region}:${Account}:vehicle/${VehicleId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "campaign": "campaign", + "decodermanifest": "decodermanifest", + "fleet": "fleet", + "modelmanifest": "modelmanifest", + "signalcatalog": "signalcatalog", + "vehicle": "vehicle" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "iotfleetwise:DestinationArn": { + "condition": "iotfleetwise:DestinationArn", + "description": "Filters access by campaign destination ARN, eg. an S3 bucket ARN or a Timestream ARN", + "type": "ARN" + }, + "iotfleetwise:UpdateToDecoderManifestArn": { + "condition": "iotfleetwise:UpdateToDecoderManifestArn", + "description": "Filters access by a list of IoT FleetWise Decoder Manifest ARNs", + "type": "ARN" + }, + "iotfleetwise:UpdateToModelManifestArn": { + "condition": "iotfleetwise:UpdateToModelManifestArn", + "description": "Filters access by a list of IoT FleetWise Model Manifest ARNs", + "type": "ARN" + } + } + }, + "greengrass": { + "service_name": "AWS IoT Greengrass", + "prefix": "greengrass", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotgreengrass.html", + "privileges": { + "AssociateRoleToGroup": { + "privilege": "AssociateRoleToGroup", + "description": "Grants permission to associate a role with a group. The role's permissions must allow Greengrass core Lambda functions and connectors to perform actions in other AWS services", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/associateroletogroup-put.html" + }, + "AssociateServiceRoleToAccount": { + "privilege": "AssociateServiceRoleToAccount", + "description": "Grants permission to associate a role with your account. AWS IoT Greengrass uses this role to access your Lambda functions and AWS IoT resources", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_AssociateServiceRoleToAccount.html" + }, + "CreateConnectorDefinition": { + "privilege": "CreateConnectorDefinition", + "description": "Grants permission to create a connector definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createconnectordefinition-post.html" + }, + "CreateConnectorDefinitionVersion": { + "privilege": "CreateConnectorDefinitionVersion", + "description": "Grants permission to create a version of an existing connector definition", + "access_level": "Write", + "resource_types": { + "connectorDefinition": { + "resource_type": "connectorDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectordefinition": "connectorDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createconnectordefinitionversion-post.html" + }, + "CreateCoreDefinition": { + "privilege": "CreateCoreDefinition", + "description": "Grants permission to create a core definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createcoredefinition-post.html" + }, + "CreateCoreDefinitionVersion": { + "privilege": "CreateCoreDefinitionVersion", + "description": "Grants permission to create a version of an existing core definition. Greengrass groups must each contain exactly one Greengrass core", + "access_level": "Write", + "resource_types": { + "coreDefinition": { + "resource_type": "coreDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredefinition": "coreDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createcoredefinitionversion-post.html" + }, + "CreateDeployment": { + "privilege": "CreateDeployment", + "description": "Grants permission to create a deployment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iot:CancelJob", + "iot:CreateJob", + "iot:DeleteThingShadow", + "iot:DescribeJob", + "iot:DescribeThing", + "iot:DescribeThingGroup", + "iot:GetThingShadow", + "iot:UpdateJob", + "iot:UpdateThingShadow" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_CreateDeployment.html" + }, + "CreateDeviceDefinition": { + "privilege": "CreateDeviceDefinition", + "description": "Grants permission to create a device definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createdevicedefinition-post.html" + }, + "CreateDeviceDefinitionVersion": { + "privilege": "CreateDeviceDefinitionVersion", + "description": "Grants permission to create a version of an existing device definition", + "access_level": "Write", + "resource_types": { + "deviceDefinition": { + "resource_type": "deviceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicedefinition": "deviceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createdevicedefinitionversion-post.html" + }, + "CreateFunctionDefinition": { + "privilege": "CreateFunctionDefinition", + "description": "Grants permission to create a Lambda function definition to be used in a group that contains a list of Lambda functions and their configurations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createfunctiondefinition-post.html" + }, + "CreateFunctionDefinitionVersion": { + "privilege": "CreateFunctionDefinitionVersion", + "description": "Grants permission to create a version of an existing Lambda function definition", + "access_level": "Write", + "resource_types": { + "functionDefinition": { + "resource_type": "functionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "functiondefinition": "functionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createfunctiondefinitionversion-post.html" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/creategroup-post.html" + }, + "CreateGroupCertificateAuthority": { + "privilege": "CreateGroupCertificateAuthority", + "description": "Grants permission to create a CA for the group, or rotate the existing CA", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/creategroupcertificateauthority-post.html" + }, + "CreateGroupVersion": { + "privilege": "CreateGroupVersion", + "description": "Grants permission to create a version of a group that has already been defined", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/creategroupversion-post.html" + }, + "CreateLoggerDefinition": { + "privilege": "CreateLoggerDefinition", + "description": "Grants permission to create a logger definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createloggerdefinition-post.html" + }, + "CreateLoggerDefinitionVersion": { + "privilege": "CreateLoggerDefinitionVersion", + "description": "Grants permission to create a version of an existing logger definition", + "access_level": "Write", + "resource_types": { + "loggerDefinition": { + "resource_type": "loggerDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loggerdefinition": "loggerDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createloggerdefinitionversion-post.html" + }, + "CreateResourceDefinition": { + "privilege": "CreateResourceDefinition", + "description": "Grants permission to create a resource definition that contains a list of resources to be used in a group", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createresourcedefinition-post.html" + }, + "CreateResourceDefinitionVersion": { + "privilege": "CreateResourceDefinitionVersion", + "description": "Grants permission to create a version of an existing resource definition", + "access_level": "Write", + "resource_types": { + "resourceDefinition": { + "resource_type": "resourceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedefinition": "resourceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createresourcedefinitionversion-post.html" + }, + "CreateSoftwareUpdateJob": { + "privilege": "CreateSoftwareUpdateJob", + "description": "Grants permission to create an AWS IoT job that will trigger your Greengrass cores to update the software they are running", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createsoftwareupdatejob-post.html" + }, + "CreateSubscriptionDefinition": { + "privilege": "CreateSubscriptionDefinition", + "description": "Grants permission to create a subscription definition", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createsubscriptiondefinition-post.html" + }, + "CreateSubscriptionDefinitionVersion": { + "privilege": "CreateSubscriptionDefinitionVersion", + "description": "Grants permission to create a version of an existing subscription definition", + "access_level": "Write", + "resource_types": { + "subscriptionDefinition": { + "resource_type": "subscriptionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscriptiondefinition": "subscriptionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/createsubscriptiondefinitionversion-post.html" + }, + "DeleteConnectorDefinition": { + "privilege": "DeleteConnectorDefinition", + "description": "Grants permission to delete a connector definition", + "access_level": "Write", + "resource_types": { + "connectorDefinition": { + "resource_type": "connectorDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectordefinition": "connectorDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deleteconnectordefinition-delete.html" + }, + "DeleteCoreDefinition": { + "privilege": "DeleteCoreDefinition", + "description": "Grants permission to delete a core definition. Deleting a definition that is currently in use in a deployment affects future deployments", + "access_level": "Write", + "resource_types": { + "coreDefinition": { + "resource_type": "coreDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredefinition": "coreDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletecoredefinition-delete.html" + }, + "DeleteDeviceDefinition": { + "privilege": "DeleteDeviceDefinition", + "description": "Grants permission to delete a device definition. Deleting a definition that is currently in use in a deployment affects future deployments", + "access_level": "Write", + "resource_types": { + "deviceDefinition": { + "resource_type": "deviceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicedefinition": "deviceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletedevicedefinition-delete.html" + }, + "DeleteFunctionDefinition": { + "privilege": "DeleteFunctionDefinition", + "description": "Grants permission to delete a Lambda function definition. Deleting a definition that is currently in use in a deployment affects future deployments", + "access_level": "Write", + "resource_types": { + "functionDefinition": { + "resource_type": "functionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "functiondefinition": "functionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletefunctiondefinition-delete.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete a group that is not currently in use in a deployment", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletegroup-delete.html" + }, + "DeleteLoggerDefinition": { + "privilege": "DeleteLoggerDefinition", + "description": "Grants permission to delete a logger definition. Deleting a definition that is currently in use in a deployment affects future deployments", + "access_level": "Write", + "resource_types": { + "loggerDefinition": { + "resource_type": "loggerDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loggerdefinition": "loggerDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deleteloggerdefinition-delete.html" + }, + "DeleteResourceDefinition": { + "privilege": "DeleteResourceDefinition", + "description": "Grants permission to delete a resource definition", + "access_level": "Write", + "resource_types": { + "resourceDefinition": { + "resource_type": "resourceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedefinition": "resourceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deleteresourcedefinition-delete.html" + }, + "DeleteSubscriptionDefinition": { + "privilege": "DeleteSubscriptionDefinition", + "description": "Grants permission to delete a subscription definition. Deleting a definition that is currently in use in a deployment affects future deployments", + "access_level": "Write", + "resource_types": { + "subscriptionDefinition": { + "resource_type": "subscriptionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscriptiondefinition": "subscriptionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/deletesubscriptiondefinition-delete.html" + }, + "DisassociateRoleFromGroup": { + "privilege": "DisassociateRoleFromGroup", + "description": "Grants permission to disassociate the role from a group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/disassociaterolefromgroup-delete.html" + }, + "DisassociateServiceRoleFromAccount": { + "privilege": "DisassociateServiceRoleFromAccount", + "description": "Grants permission to disassociate the service role from an account. Without a service role, deployments will not work", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DisassociateServiceRoleFromAccount.html" + }, + "Discover": { + "privilege": "Discover", + "description": "Grants permission to retrieve information required to connect to a Greengrass core", + "access_level": "Read", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/latest/developerguide/gg-discover-api.html" + }, + "GetAssociatedRole": { + "privilege": "GetAssociatedRole", + "description": "Grants permission to retrieve the role associated with a group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getassociatedrole-get.html" + }, + "GetBulkDeploymentStatus": { + "privilege": "GetBulkDeploymentStatus", + "description": "Grants permission to return the status of a bulk deployment", + "access_level": "Read", + "resource_types": { + "bulkDeployment": { + "resource_type": "bulkDeployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bulkdeployment": "bulkDeployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getbulkdeploymentstatus-get.html" + }, + "GetConnectivityInfo": { + "privilege": "GetConnectivityInfo", + "description": "Grants permission to retrieve the connectivity information for a Greengrass core device", + "access_level": "Read", + "resource_types": { + "connectivityInfo": { + "resource_type": "connectivityInfo", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:GetThingShadow" + ] + } + }, + "resource_types_lower_name": { + "connectivityinfo": "connectivityInfo" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetConnectivityInfo.html" + }, + "GetConnectorDefinition": { + "privilege": "GetConnectorDefinition", + "description": "Grants permission to retrieve information about a connector definition", + "access_level": "Read", + "resource_types": { + "connectorDefinition": { + "resource_type": "connectorDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectordefinition": "connectorDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getconnectordefinition-get.html" + }, + "GetConnectorDefinitionVersion": { + "privilege": "GetConnectorDefinitionVersion", + "description": "Grants permission to retrieve information about a connector definition version", + "access_level": "Read", + "resource_types": { + "connectorDefinition": { + "resource_type": "connectorDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connectorDefinitionVersion": { + "resource_type": "connectorDefinitionVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectordefinition": "connectorDefinition", + "connectordefinitionversion": "connectorDefinitionVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getconnectordefinitionversion-get.html" + }, + "GetCoreDefinition": { + "privilege": "GetCoreDefinition", + "description": "Grants permission to retrieve information about a core definition", + "access_level": "Read", + "resource_types": { + "coreDefinition": { + "resource_type": "coreDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredefinition": "coreDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getcoredefinition-get.html" + }, + "GetCoreDefinitionVersion": { + "privilege": "GetCoreDefinitionVersion", + "description": "Grants permission to retrieve information about a core definition version", + "access_level": "Read", + "resource_types": { + "coreDefinition": { + "resource_type": "coreDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "coreDefinitionVersion": { + "resource_type": "coreDefinitionVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredefinition": "coreDefinition", + "coredefinitionversion": "coreDefinitionVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getcoredefinitionversion-get.html" + }, + "GetDeploymentStatus": { + "privilege": "GetDeploymentStatus", + "description": "Grants permission to return the status of a deployment", + "access_level": "Read", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deployment": "deployment", + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getdeploymentstatus-get.html" + }, + "GetDeviceDefinition": { + "privilege": "GetDeviceDefinition", + "description": "Grants permission to retrieve information about a device definition", + "access_level": "Read", + "resource_types": { + "deviceDefinition": { + "resource_type": "deviceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicedefinition": "deviceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getdevicedefinition-get.html" + }, + "GetDeviceDefinitionVersion": { + "privilege": "GetDeviceDefinitionVersion", + "description": "Grants permission to retrieve information about a device definition version", + "access_level": "Read", + "resource_types": { + "deviceDefinition": { + "resource_type": "deviceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deviceDefinitionVersion": { + "resource_type": "deviceDefinitionVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicedefinition": "deviceDefinition", + "devicedefinitionversion": "deviceDefinitionVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getdevicedefinitionversion-get.html" + }, + "GetFunctionDefinition": { + "privilege": "GetFunctionDefinition", + "description": "Grants permission to retrieve information about a Lambda function definition, such as its creation time and latest version", + "access_level": "Read", + "resource_types": { + "functionDefinition": { + "resource_type": "functionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "functiondefinition": "functionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getfunctiondefinition-get.html" + }, + "GetFunctionDefinitionVersion": { + "privilege": "GetFunctionDefinitionVersion", + "description": "Grants permission to retrieve information about a Lambda function definition version, such as which Lambda functions are included in the version and their configurations", + "access_level": "Read", + "resource_types": { + "functionDefinition": { + "resource_type": "functionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "functionDefinitionVersion": { + "resource_type": "functionDefinitionVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "functiondefinition": "functionDefinition", + "functiondefinitionversion": "functionDefinitionVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getfunctiondefinitionversion-get.html" + }, + "GetGroup": { + "privilege": "GetGroup", + "description": "Grants permission to retrieve information about a group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroup-get.html" + }, + "GetGroupCertificateAuthority": { + "privilege": "GetGroupCertificateAuthority", + "description": "Grants permission to return the public key of the CA associated with a group", + "access_level": "Read", + "resource_types": { + "certificateAuthority": { + "resource_type": "certificateAuthority", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificateauthority": "certificateAuthority", + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroupcertificateauthority-get.html" + }, + "GetGroupCertificateConfiguration": { + "privilege": "GetGroupCertificateConfiguration", + "description": "Grants permission to retrieve the current configuration for the CA used by a group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroupcertificateconfiguration-get.html" + }, + "GetGroupVersion": { + "privilege": "GetGroupVersion", + "description": "Grants permission to retrieve information about a group version", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "groupVersion": { + "resource_type": "groupVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "groupversion": "groupVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getgroupversion-get.html" + }, + "GetLoggerDefinition": { + "privilege": "GetLoggerDefinition", + "description": "Grants permission to retrieve information about a logger definition", + "access_level": "Read", + "resource_types": { + "loggerDefinition": { + "resource_type": "loggerDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loggerdefinition": "loggerDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getloggerdefinition-get.html" + }, + "GetLoggerDefinitionVersion": { + "privilege": "GetLoggerDefinitionVersion", + "description": "Grants permission to retrieve information about a logger definition version", + "access_level": "Read", + "resource_types": { + "loggerDefinition": { + "resource_type": "loggerDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "loggerDefinitionVersion": { + "resource_type": "loggerDefinitionVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loggerdefinition": "loggerDefinition", + "loggerdefinitionversion": "loggerDefinitionVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getloggerdefinitionversion-get.html" + }, + "GetResourceDefinition": { + "privilege": "GetResourceDefinition", + "description": "Grants permission to retrieve information about a resource definition, such as its creation time and latest version", + "access_level": "Read", + "resource_types": { + "resourceDefinition": { + "resource_type": "resourceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedefinition": "resourceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getresourcedefinition-get.html" + }, + "GetResourceDefinitionVersion": { + "privilege": "GetResourceDefinitionVersion", + "description": "Grants permission to retrieve information about a resource definition version, such as which resources are included in the version", + "access_level": "Read", + "resource_types": { + "resourceDefinition": { + "resource_type": "resourceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "resourceDefinitionVersion": { + "resource_type": "resourceDefinitionVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedefinition": "resourceDefinition", + "resourcedefinitionversion": "resourceDefinitionVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getresourcedefinitionversion-get.html" + }, + "GetServiceRoleForAccount": { + "privilege": "GetServiceRoleForAccount", + "description": "Grants permission to retrieve the service role that is attached to an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetServiceRoleForAccount.html" + }, + "GetSubscriptionDefinition": { + "privilege": "GetSubscriptionDefinition", + "description": "Grants permission to retrieve information about a subscription definition", + "access_level": "Read", + "resource_types": { + "subscriptionDefinition": { + "resource_type": "subscriptionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscriptiondefinition": "subscriptionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getsubscriptiondefinition-get.html" + }, + "GetSubscriptionDefinitionVersion": { + "privilege": "GetSubscriptionDefinitionVersion", + "description": "Grants permission to retrieve information about a subscription definition version", + "access_level": "Read", + "resource_types": { + "subscriptionDefinition": { + "resource_type": "subscriptionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "subscriptionDefinitionVersion": { + "resource_type": "subscriptionDefinitionVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscriptiondefinition": "subscriptionDefinition", + "subscriptiondefinitionversion": "subscriptionDefinitionVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getsubscriptiondefinitionversion-get.html" + }, + "GetThingRuntimeConfiguration": { + "privilege": "GetThingRuntimeConfiguration", + "description": "Grants permission to retrieve runtime configuration of a thing", + "access_level": "Read", + "resource_types": { + "thingRuntimeConfig": { + "resource_type": "thingRuntimeConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thingruntimeconfig": "thingRuntimeConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/getthingruntimeconfiguration-get.html" + }, + "ListBulkDeploymentDetailedReports": { + "privilege": "ListBulkDeploymentDetailedReports", + "description": "Grants permission to retrieve a paginated list of the deployments that have been started in a bulk deployment operation and their current deployment status", + "access_level": "Read", + "resource_types": { + "bulkDeployment": { + "resource_type": "bulkDeployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bulkdeployment": "bulkDeployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listbulkdeploymentdetailedreports-get.html" + }, + "ListBulkDeployments": { + "privilege": "ListBulkDeployments", + "description": "Grants permission to retrieve a list of bulk deployments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listbulkdeployments-get.html" + }, + "ListConnectorDefinitionVersions": { + "privilege": "ListConnectorDefinitionVersions", + "description": "Grants permission to list the versions of a connector definition", + "access_level": "List", + "resource_types": { + "connectorDefinition": { + "resource_type": "connectorDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectordefinition": "connectorDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listconnectordefinitionversions-get.html" + }, + "ListConnectorDefinitions": { + "privilege": "ListConnectorDefinitions", + "description": "Grants permission to retrieve a list of connector definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listconnectordefinitions-get.html" + }, + "ListCoreDefinitionVersions": { + "privilege": "ListCoreDefinitionVersions", + "description": "Grants permission to list the versions of a core definition", + "access_level": "List", + "resource_types": { + "coreDefinition": { + "resource_type": "coreDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredefinition": "coreDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listcoredefinitionversions-get.html" + }, + "ListCoreDefinitions": { + "privilege": "ListCoreDefinitions", + "description": "Grants permission to retrieve a list of core definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listcoredefinitions-get.html" + }, + "ListDeployments": { + "privilege": "ListDeployments", + "description": "Grants permission to retrieves a paginated list of deployments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeJob", + "iot:DescribeThing", + "iot:DescribeThingGroup", + "iot:GetThingShadow" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListDeployments.html" + }, + "ListDeviceDefinitionVersions": { + "privilege": "ListDeviceDefinitionVersions", + "description": "Grants permission to list the versions of a device definition", + "access_level": "List", + "resource_types": { + "deviceDefinition": { + "resource_type": "deviceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicedefinition": "deviceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listdevicedefinitionversions-get.html" + }, + "ListDeviceDefinitions": { + "privilege": "ListDeviceDefinitions", + "description": "Grants permission to retrieve a list of device definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listdevicedefinitions-get.html" + }, + "ListFunctionDefinitionVersions": { + "privilege": "ListFunctionDefinitionVersions", + "description": "Grants permission to list the versions of a Lambda function definition", + "access_level": "List", + "resource_types": { + "functionDefinition": { + "resource_type": "functionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "functiondefinition": "functionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listfunctiondefinitionversions-get.html" + }, + "ListFunctionDefinitions": { + "privilege": "ListFunctionDefinitions", + "description": "Grants permission to retrieve a list of Lambda function definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listfunctiondefinitions-get.html" + }, + "ListGroupCertificateAuthorities": { + "privilege": "ListGroupCertificateAuthorities", + "description": "Grants permission to retrieve a list of current CAs for a group", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listgroupcertificateauthorities-get.html" + }, + "ListGroupVersions": { + "privilege": "ListGroupVersions", + "description": "Grants permission to list the versions of a group", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listgroupversions-get.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to retrieve a list of groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listgroups-get.html" + }, + "ListLoggerDefinitionVersions": { + "privilege": "ListLoggerDefinitionVersions", + "description": "Grants permission to list the versions of a logger definition", + "access_level": "List", + "resource_types": { + "loggerDefinition": { + "resource_type": "loggerDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loggerdefinition": "loggerDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listloggerdefinitionversions-get.html" + }, + "ListLoggerDefinitions": { + "privilege": "ListLoggerDefinitions", + "description": "Grants permission to retrieve a list of logger definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listloggerdefinitions-get.html" + }, + "ListResourceDefinitionVersions": { + "privilege": "ListResourceDefinitionVersions", + "description": "Grants permission to list the versions of a resource definition", + "access_level": "List", + "resource_types": { + "resourceDefinition": { + "resource_type": "resourceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedefinition": "resourceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listresourcedefinitionversions-get.html" + }, + "ListResourceDefinitions": { + "privilege": "ListResourceDefinitions", + "description": "Grants permission to retrieve a list of resource definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listresourcedefinitions-get.html" + }, + "ListSubscriptionDefinitionVersions": { + "privilege": "ListSubscriptionDefinitionVersions", + "description": "Grants permission to list the versions of a subscription definition", + "access_level": "List", + "resource_types": { + "subscriptionDefinition": { + "resource_type": "subscriptionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscriptiondefinition": "subscriptionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listsubscriptiondefinitionversions-get.html" + }, + "ListSubscriptionDefinitions": { + "privilege": "ListSubscriptionDefinitions", + "description": "Grants permission to retrieve a list of subscription definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/listsubscriptiondefinitions-get.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "componentVersion": { + "resource_type": "componentVersion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "coreDevice": { + "resource_type": "coreDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "componentversion": "componentVersion", + "coredevice": "coreDevice", + "deployment": "deployment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListTagsForResource.html" + }, + "ResetDeployments": { + "privilege": "ResetDeployments", + "description": "Grants permission to reset a group's deployments", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/resetdeployments-post.html" + }, + "StartBulkDeployment": { + "privilege": "StartBulkDeployment", + "description": "Grants permission to deploy multiple groups in one operation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/startbulkdeployment-post.html" + }, + "StopBulkDeployment": { + "privilege": "StopBulkDeployment", + "description": "Grants permission to stop the execution of a bulk deployment", + "access_level": "Write", + "resource_types": { + "bulkDeployment": { + "resource_type": "bulkDeployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bulkdeployment": "bulkDeployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/stopbulkdeployment-put.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "componentVersion": { + "resource_type": "componentVersion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "coreDevice": { + "resource_type": "coreDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "componentversion": "componentVersion", + "coredevice": "coreDevice", + "deployment": "deployment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "componentVersion": { + "resource_type": "componentVersion", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "coreDevice": { + "resource_type": "coreDevice", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "componentversion": "componentVersion", + "coredevice": "coreDevice", + "deployment": "deployment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_UntagResource.html" + }, + "UpdateConnectivityInfo": { + "privilege": "UpdateConnectivityInfo", + "description": "Grants permission to update the connectivity information for a Greengrass core. Any devices that belong to the group that has this core will receive this information in order to find the location of the core and connect to it", + "access_level": "Write", + "resource_types": { + "connectivityInfo": { + "resource_type": "connectivityInfo", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:GetThingShadow", + "iot:UpdateThingShadow" + ] + } + }, + "resource_types_lower_name": { + "connectivityinfo": "connectivityInfo" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_UpdateConnectivityInfo.html" + }, + "UpdateConnectorDefinition": { + "privilege": "UpdateConnectorDefinition", + "description": "Grants permission to update a connector definition", + "access_level": "Write", + "resource_types": { + "connectorDefinition": { + "resource_type": "connectorDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connectordefinition": "connectorDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updateconnectordefinition-put.html" + }, + "UpdateCoreDefinition": { + "privilege": "UpdateCoreDefinition", + "description": "Grants permission to update a core definition", + "access_level": "Write", + "resource_types": { + "coreDefinition": { + "resource_type": "coreDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredefinition": "coreDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatecoredefinition-put.html" + }, + "UpdateDeviceDefinition": { + "privilege": "UpdateDeviceDefinition", + "description": "Grants permission to update a device definition", + "access_level": "Write", + "resource_types": { + "deviceDefinition": { + "resource_type": "deviceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "devicedefinition": "deviceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatedevicedefinition-put.html" + }, + "UpdateFunctionDefinition": { + "privilege": "UpdateFunctionDefinition", + "description": "Grants permission to update a Lambda function definition", + "access_level": "Write", + "resource_types": { + "functionDefinition": { + "resource_type": "functionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "functiondefinition": "functionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatefunctiondefinition-put.html" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to update a group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updategroup-put.html" + }, + "UpdateGroupCertificateConfiguration": { + "privilege": "UpdateGroupCertificateConfiguration", + "description": "Grants permission to update the certificate expiry time for a group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updategroupcertificateconfiguration-put.html" + }, + "UpdateLoggerDefinition": { + "privilege": "UpdateLoggerDefinition", + "description": "Grants permission to update a logger definition", + "access_level": "Write", + "resource_types": { + "loggerDefinition": { + "resource_type": "loggerDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loggerdefinition": "loggerDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updateloggerdefinition-put.html" + }, + "UpdateResourceDefinition": { + "privilege": "UpdateResourceDefinition", + "description": "Grants permission to update a resource definition", + "access_level": "Write", + "resource_types": { + "resourceDefinition": { + "resource_type": "resourceDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedefinition": "resourceDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updateresourcedefinition-put.html" + }, + "UpdateSubscriptionDefinition": { + "privilege": "UpdateSubscriptionDefinition", + "description": "Grants permission to update a subscription definition", + "access_level": "Write", + "resource_types": { + "subscriptionDefinition": { + "resource_type": "subscriptionDefinition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "subscriptiondefinition": "subscriptionDefinition" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatesubscriptiondefinition-put.html" + }, + "UpdateThingRuntimeConfiguration": { + "privilege": "UpdateThingRuntimeConfiguration", + "description": "Grants permission to update runtime configuration of a thing", + "access_level": "Write", + "resource_types": { + "thingRuntimeConfig": { + "resource_type": "thingRuntimeConfig", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thingruntimeconfig": "thingRuntimeConfig" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v1/apireference/updatethingruntimeconfiguration-put.html" + }, + "BatchAssociateClientDeviceWithCoreDevice": { + "privilege": "BatchAssociateClientDeviceWithCoreDevice", + "description": "Grants permission to associate a list of client devices with a core device", + "access_level": "Write", + "resource_types": { + "coreDevice": { + "resource_type": "coreDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredevice": "coreDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_BatchAssociateClientDeviceWithCoreDevice.html" + }, + "BatchDisassociateClientDeviceFromCoreDevice": { + "privilege": "BatchDisassociateClientDeviceFromCoreDevice", + "description": "Grants permission to disassociate a list of client devices from a core device", + "access_level": "Write", + "resource_types": { + "coreDevice": { + "resource_type": "coreDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredevice": "coreDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_BatchDisassociateClientDeviceFromCoreDevice.html" + }, + "CancelDeployment": { + "privilege": "CancelDeployment", + "description": "Grants permission to cancel a deployment", + "access_level": "Write", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:CancelJob", + "iot:DeleteThingShadow", + "iot:DescribeJob", + "iot:DescribeThing", + "iot:DescribeThingGroup", + "iot:GetThingShadow", + "iot:UpdateJob", + "iot:UpdateThingShadow" + ] + } + }, + "resource_types_lower_name": { + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_CancelDeployment.html" + }, + "CreateComponentVersion": { + "privilege": "CreateComponentVersion", + "description": "Grants permission to create a component", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_CreateComponentVersion.html" + }, + "DeleteComponent": { + "privilege": "DeleteComponent", + "description": "Grants permission to delete a component", + "access_level": "Write", + "resource_types": { + "componentVersion": { + "resource_type": "componentVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componentversion": "componentVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DeleteComponent.html" + }, + "DeleteCoreDevice": { + "privilege": "DeleteCoreDevice", + "description": "Grants permission to delete a AWS IoT Greengrass core device, which is an AWS IoT thing. This operation removes the core device from the list of core devices. This operation doesn't delete the AWS IoT thing", + "access_level": "Write", + "resource_types": { + "coreDevice": { + "resource_type": "coreDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeJobExecution" + ] + } + }, + "resource_types_lower_name": { + "coredevice": "coreDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DeleteCoreDevice.html" + }, + "DeleteDeployment": { + "privilege": "DeleteDeployment", + "description": "Grants permission to delete a deployment. To delete an active deployment, it needs to be cancelled first", + "access_level": "Write", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DeleteJob" + ] + } + }, + "resource_types_lower_name": { + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DeleteDeployment.html" + }, + "DescribeComponent": { + "privilege": "DescribeComponent", + "description": "Grants permission to retrieve metadata for a version of a component", + "access_level": "Read", + "resource_types": { + "componentVersion": { + "resource_type": "componentVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componentversion": "componentVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_DescribeComponent.html" + }, + "GetComponent": { + "privilege": "GetComponent", + "description": "Grants permission to get the recipe for a version of a component", + "access_level": "Read", + "resource_types": { + "componentVersion": { + "resource_type": "componentVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componentversion": "componentVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetComponent.html" + }, + "GetComponentVersionArtifact": { + "privilege": "GetComponentVersionArtifact", + "description": "Grants permission to get the pre-signed URL to download a public component artifact", + "access_level": "Read", + "resource_types": { + "componentVersion": { + "resource_type": "componentVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componentversion": "componentVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetComponentVersionArtifact.html" + }, + "GetCoreDevice": { + "privilege": "GetCoreDevice", + "description": "Grants permission to retrieves metadata for a AWS IoT Greengrass core device", + "access_level": "Read", + "resource_types": { + "coreDevice": { + "resource_type": "coreDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredevice": "coreDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetCoreDevice.html" + }, + "GetDeployment": { + "privilege": "GetDeployment", + "description": "Grants permission to get a deployment", + "access_level": "Read", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeJob", + "iot:DescribeThing", + "iot:DescribeThingGroup", + "iot:GetThingShadow" + ] + } + }, + "resource_types_lower_name": { + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_GetDeployment.html" + }, + "ListClientDevicesAssociatedWithCoreDevice": { + "privilege": "ListClientDevicesAssociatedWithCoreDevice", + "description": "Grants permission to retrieve a paginated list of client devices associated to a AWS IoT Greengrass core device", + "access_level": "List", + "resource_types": { + "coreDevice": { + "resource_type": "coreDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredevice": "coreDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListClientDevicesAssociatedWithCoreDevice.html" + }, + "ListComponentVersions": { + "privilege": "ListComponentVersions", + "description": "Grants permission to retrieve a paginated list of all versions for a component", + "access_level": "List", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListComponentVersions.html" + }, + "ListComponents": { + "privilege": "ListComponents", + "description": "Grants permission to retrieve a paginated list of component summaries", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListComponents.html" + }, + "ListCoreDevices": { + "privilege": "ListCoreDevices", + "description": "Grants permission to retrieve a paginated list of AWS IoT Greengrass core devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListCoreDevices.html" + }, + "ListEffectiveDeployments": { + "privilege": "ListEffectiveDeployments", + "description": "Grants permission to retrieves a paginated list of deployment jobs that AWS IoT Greengrass sends to AWS IoT Greengrass core devices", + "access_level": "List", + "resource_types": { + "coreDevice": { + "resource_type": "coreDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeJob", + "iot:DescribeJobExecution", + "iot:DescribeThing", + "iot:DescribeThingGroup", + "iot:GetThingShadow" + ] + } + }, + "resource_types_lower_name": { + "coredevice": "coreDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListEffectiveDeployments.html" + }, + "ListInstalledComponents": { + "privilege": "ListInstalledComponents", + "description": "Grants permission to retrieve a paginated list of the components that a AWS IoT Greengrass core device runs", + "access_level": "List", + "resource_types": { + "coreDevice": { + "resource_type": "coreDevice", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "coredevice": "coreDevice" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ListInstalledComponents.html" + }, + "ResolveComponentCandidates": { + "privilege": "ResolveComponentCandidates", + "description": "Grants permission to list components that meet the component, version, and platform requirements of a deployment", + "access_level": "List", + "resource_types": { + "componentVersion": { + "resource_type": "componentVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componentversion": "componentVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/greengrass/v2/APIReference/API_ResolveComponentCandidates.html" + } + }, + "privileges_lower_name": { + "associateroletogroup": "AssociateRoleToGroup", + "associateserviceroletoaccount": "AssociateServiceRoleToAccount", + "createconnectordefinition": "CreateConnectorDefinition", + "createconnectordefinitionversion": "CreateConnectorDefinitionVersion", + "createcoredefinition": "CreateCoreDefinition", + "createcoredefinitionversion": "CreateCoreDefinitionVersion", + "createdeployment": "CreateDeployment", + "createdevicedefinition": "CreateDeviceDefinition", + "createdevicedefinitionversion": "CreateDeviceDefinitionVersion", + "createfunctiondefinition": "CreateFunctionDefinition", + "createfunctiondefinitionversion": "CreateFunctionDefinitionVersion", + "creategroup": "CreateGroup", + "creategroupcertificateauthority": "CreateGroupCertificateAuthority", + "creategroupversion": "CreateGroupVersion", + "createloggerdefinition": "CreateLoggerDefinition", + "createloggerdefinitionversion": "CreateLoggerDefinitionVersion", + "createresourcedefinition": "CreateResourceDefinition", + "createresourcedefinitionversion": "CreateResourceDefinitionVersion", + "createsoftwareupdatejob": "CreateSoftwareUpdateJob", + "createsubscriptiondefinition": "CreateSubscriptionDefinition", + "createsubscriptiondefinitionversion": "CreateSubscriptionDefinitionVersion", + "deleteconnectordefinition": "DeleteConnectorDefinition", + "deletecoredefinition": "DeleteCoreDefinition", + "deletedevicedefinition": "DeleteDeviceDefinition", + "deletefunctiondefinition": "DeleteFunctionDefinition", + "deletegroup": "DeleteGroup", + "deleteloggerdefinition": "DeleteLoggerDefinition", + "deleteresourcedefinition": "DeleteResourceDefinition", + "deletesubscriptiondefinition": "DeleteSubscriptionDefinition", + "disassociaterolefromgroup": "DisassociateRoleFromGroup", + "disassociateservicerolefromaccount": "DisassociateServiceRoleFromAccount", + "discover": "Discover", + "getassociatedrole": "GetAssociatedRole", + "getbulkdeploymentstatus": "GetBulkDeploymentStatus", + "getconnectivityinfo": "GetConnectivityInfo", + "getconnectordefinition": "GetConnectorDefinition", + "getconnectordefinitionversion": "GetConnectorDefinitionVersion", + "getcoredefinition": "GetCoreDefinition", + "getcoredefinitionversion": "GetCoreDefinitionVersion", + "getdeploymentstatus": "GetDeploymentStatus", + "getdevicedefinition": "GetDeviceDefinition", + "getdevicedefinitionversion": "GetDeviceDefinitionVersion", + "getfunctiondefinition": "GetFunctionDefinition", + "getfunctiondefinitionversion": "GetFunctionDefinitionVersion", + "getgroup": "GetGroup", + "getgroupcertificateauthority": "GetGroupCertificateAuthority", + "getgroupcertificateconfiguration": "GetGroupCertificateConfiguration", + "getgroupversion": "GetGroupVersion", + "getloggerdefinition": "GetLoggerDefinition", + "getloggerdefinitionversion": "GetLoggerDefinitionVersion", + "getresourcedefinition": "GetResourceDefinition", + "getresourcedefinitionversion": "GetResourceDefinitionVersion", + "getserviceroleforaccount": "GetServiceRoleForAccount", + "getsubscriptiondefinition": "GetSubscriptionDefinition", + "getsubscriptiondefinitionversion": "GetSubscriptionDefinitionVersion", + "getthingruntimeconfiguration": "GetThingRuntimeConfiguration", + "listbulkdeploymentdetailedreports": "ListBulkDeploymentDetailedReports", + "listbulkdeployments": "ListBulkDeployments", + "listconnectordefinitionversions": "ListConnectorDefinitionVersions", + "listconnectordefinitions": "ListConnectorDefinitions", + "listcoredefinitionversions": "ListCoreDefinitionVersions", + "listcoredefinitions": "ListCoreDefinitions", + "listdeployments": "ListDeployments", + "listdevicedefinitionversions": "ListDeviceDefinitionVersions", + "listdevicedefinitions": "ListDeviceDefinitions", + "listfunctiondefinitionversions": "ListFunctionDefinitionVersions", + "listfunctiondefinitions": "ListFunctionDefinitions", + "listgroupcertificateauthorities": "ListGroupCertificateAuthorities", + "listgroupversions": "ListGroupVersions", + "listgroups": "ListGroups", + "listloggerdefinitionversions": "ListLoggerDefinitionVersions", + "listloggerdefinitions": "ListLoggerDefinitions", + "listresourcedefinitionversions": "ListResourceDefinitionVersions", + "listresourcedefinitions": "ListResourceDefinitions", + "listsubscriptiondefinitionversions": "ListSubscriptionDefinitionVersions", + "listsubscriptiondefinitions": "ListSubscriptionDefinitions", + "listtagsforresource": "ListTagsForResource", + "resetdeployments": "ResetDeployments", + "startbulkdeployment": "StartBulkDeployment", + "stopbulkdeployment": "StopBulkDeployment", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateconnectivityinfo": "UpdateConnectivityInfo", + "updateconnectordefinition": "UpdateConnectorDefinition", + "updatecoredefinition": "UpdateCoreDefinition", + "updatedevicedefinition": "UpdateDeviceDefinition", + "updatefunctiondefinition": "UpdateFunctionDefinition", + "updategroup": "UpdateGroup", + "updategroupcertificateconfiguration": "UpdateGroupCertificateConfiguration", + "updateloggerdefinition": "UpdateLoggerDefinition", + "updateresourcedefinition": "UpdateResourceDefinition", + "updatesubscriptiondefinition": "UpdateSubscriptionDefinition", + "updatethingruntimeconfiguration": "UpdateThingRuntimeConfiguration", + "batchassociateclientdevicewithcoredevice": "BatchAssociateClientDeviceWithCoreDevice", + "batchdisassociateclientdevicefromcoredevice": "BatchDisassociateClientDeviceFromCoreDevice", + "canceldeployment": "CancelDeployment", + "createcomponentversion": "CreateComponentVersion", + "deletecomponent": "DeleteComponent", + "deletecoredevice": "DeleteCoreDevice", + "deletedeployment": "DeleteDeployment", + "describecomponent": "DescribeComponent", + "getcomponent": "GetComponent", + "getcomponentversionartifact": "GetComponentVersionArtifact", + "getcoredevice": "GetCoreDevice", + "getdeployment": "GetDeployment", + "listclientdevicesassociatedwithcoredevice": "ListClientDevicesAssociatedWithCoreDevice", + "listcomponentversions": "ListComponentVersions", + "listcomponents": "ListComponents", + "listcoredevices": "ListCoreDevices", + "listeffectivedeployments": "ListEffectiveDeployments", + "listinstalledcomponents": "ListInstalledComponents", + "resolvecomponentcandidates": "ResolveComponentCandidates" + }, + "resources": { + "connectivityInfo": { + "resource": "connectivityInfo", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/things/${ThingName}/connectivityInfo", + "condition_keys": [] + }, + "certificateAuthority": { + "resource": "certificateAuthority", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/groups/${GroupId}/certificateauthorities/${CertificateAuthorityId}", + "condition_keys": [] + }, + "deployment": { + "resource": "deployment", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:deployments:${DeploymentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "bulkDeployment": { + "resource": "bulkDeployment", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/bulk/deployments/${BulkDeploymentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "group": { + "resource": "group", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/groups/${GroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "groupVersion": { + "resource": "groupVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/groups/${GroupId}/versions/${VersionId}", + "condition_keys": [] + }, + "coreDefinition": { + "resource": "coreDefinition", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/cores/${CoreDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "coreDefinitionVersion": { + "resource": "coreDefinitionVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/cores/${CoreDefinitionId}/versions/${VersionId}", + "condition_keys": [] + }, + "deviceDefinition": { + "resource": "deviceDefinition", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/devices/${DeviceDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deviceDefinitionVersion": { + "resource": "deviceDefinitionVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/devices/${DeviceDefinitionId}/versions/${VersionId}", + "condition_keys": [] + }, + "functionDefinition": { + "resource": "functionDefinition", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/functions/${FunctionDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "functionDefinitionVersion": { + "resource": "functionDefinitionVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/functions/${FunctionDefinitionId}/versions/${VersionId}", + "condition_keys": [] + }, + "subscriptionDefinition": { + "resource": "subscriptionDefinition", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/subscriptions/${SubscriptionDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "subscriptionDefinitionVersion": { + "resource": "subscriptionDefinitionVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/subscriptions/${SubscriptionDefinitionId}/versions/${VersionId}", + "condition_keys": [] + }, + "loggerDefinition": { + "resource": "loggerDefinition", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/loggers/${LoggerDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "loggerDefinitionVersion": { + "resource": "loggerDefinitionVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/loggers/${LoggerDefinitionId}/versions/${VersionId}", + "condition_keys": [] + }, + "resourceDefinition": { + "resource": "resourceDefinition", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/resources/${ResourceDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resourceDefinitionVersion": { + "resource": "resourceDefinitionVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/resources/${ResourceDefinitionId}/versions/${VersionId}", + "condition_keys": [] + }, + "connectorDefinition": { + "resource": "connectorDefinition", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/connectors/${ConnectorDefinitionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "connectorDefinitionVersion": { + "resource": "connectorDefinitionVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/definition/connectors/${ConnectorDefinitionId}/versions/${VersionId}", + "condition_keys": [] + }, + "thing": { + "resource": "thing", + "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", + "condition_keys": [] + }, + "thingRuntimeConfig": { + "resource": "thingRuntimeConfig", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:/greengrass/things/${ThingName}/runtimeconfig", + "condition_keys": [] + }, + "component": { + "resource": "component", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:components:${ComponentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "componentVersion": { + "resource": "componentVersion", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:components:${ComponentName}:versions:${ComponentVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "coreDevice": { + "resource": "coreDevice", + "arn": "arn:${Partition}:greengrass:${Region}:${Account}:coreDevices:${CoreDeviceThingName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "connectivityinfo": "connectivityInfo", + "certificateauthority": "certificateAuthority", + "deployment": "deployment", + "bulkdeployment": "bulkDeployment", + "group": "group", + "groupversion": "groupVersion", + "coredefinition": "coreDefinition", + "coredefinitionversion": "coreDefinitionVersion", + "devicedefinition": "deviceDefinition", + "devicedefinitionversion": "deviceDefinitionVersion", + "functiondefinition": "functionDefinition", + "functiondefinitionversion": "functionDefinitionVersion", + "subscriptiondefinition": "subscriptionDefinition", + "subscriptiondefinitionversion": "subscriptionDefinitionVersion", + "loggerdefinition": "loggerDefinition", + "loggerdefinitionversion": "loggerDefinitionVersion", + "resourcedefinition": "resourceDefinition", + "resourcedefinitionversion": "resourceDefinitionVersion", + "connectordefinition": "connectorDefinition", + "connectordefinitionversion": "connectorDefinitionVersion", + "thing": "thing", + "thingruntimeconfig": "thingRuntimeConfig", + "component": "component", + "componentversion": "componentVersion", + "coredevice": "coreDevice" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by checking tag key/value pairs included in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by checking tag key/value pairs associated with a specific resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by checking tag keys passed in the request", + "type": "ArrayOfString" + } + } + }, + "iotjobsdata": { + "service_name": "AWS IoT Jobs DataPlane", + "prefix": "iotjobsdata", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotjobsdataplane.html", + "privileges": { + "DescribeJobExecution": { + "privilege": "DescribeJobExecution", + "description": "Grants permission to describe a job execution", + "access_level": "Read", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iot:JobId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_DescribeJobExecution.html" + }, + "GetPendingJobExecutions": { + "privilege": "GetPendingJobExecutions", + "description": "Grants permission to get the list of all jobs for a thing that are not in a terminal state", + "access_level": "Read", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_GetPendingJobExecutions.html" + }, + "StartNextPendingJobExecution": { + "privilege": "StartNextPendingJobExecution", + "description": "Grants permission to get and start the next pending job execution for a thing", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_StartNextPendingJobExecution.html" + }, + "UpdateJobExecution": { + "privilege": "UpdateJobExecution", + "description": "Grants permission to update a job execution", + "access_level": "Write", + "resource_types": { + "thing": { + "resource_type": "thing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "iot:JobId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "thing": "thing", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_UpdateJobExecution.html" + } + }, + "privileges_lower_name": { + "describejobexecution": "DescribeJobExecution", + "getpendingjobexecutions": "GetPendingJobExecutions", + "startnextpendingjobexecution": "StartNextPendingJobExecution", + "updatejobexecution": "UpdateJobExecution" + }, + "resources": { + "thing": { + "resource": "thing", + "arn": "arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "thing": "thing" + }, + "conditions": { + "iot:JobId": { + "condition": "iot:JobId", + "description": "Filters access by jobId for iotjobsdata:DescribeJobExecution and iotjobsdata:UpdateJobExecution APIs", + "type": "String" + } + } + }, + "iotroborunner": { + "service_name": "AWS IoT RoboRunner", + "prefix": "iotroborunner", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotroborunner.html", + "privileges": { + "CreateDestination": { + "privilege": "CreateDestination", + "description": "Grants permission to create a destination", + "access_level": "Write", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateDestination.html" + }, + "CreateSite": { + "privilege": "CreateSite", + "description": "Grants permission to create a site", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateSite.html" + }, + "CreateWorker": { + "privilege": "CreateWorker", + "description": "Grants permission to create a worker", + "access_level": "Write", + "resource_types": { + "WorkerFleetResource": { + "resource_type": "WorkerFleetResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workerfleetresource": "WorkerFleetResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateWorker.html" + }, + "CreateWorkerFleet": { + "privilege": "CreateWorkerFleet", + "description": "Grants permission to create a worker fleet", + "access_level": "Write", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_CreateWorkerFleet.html" + }, + "DeleteDestination": { + "privilege": "DeleteDestination", + "description": "Grants permission to delete a destination", + "access_level": "Write", + "resource_types": { + "DestinationResource": { + "resource_type": "DestinationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destinationresource": "DestinationResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteDestination.html" + }, + "DeleteSite": { + "privilege": "DeleteSite", + "description": "Grants permission to delete a site", + "access_level": "Write", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteSite.html" + }, + "DeleteWorker": { + "privilege": "DeleteWorker", + "description": "Grants permission to delete a worker", + "access_level": "Write", + "resource_types": { + "WorkerResource": { + "resource_type": "WorkerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workerresource": "WorkerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteWorker.html" + }, + "DeleteWorkerFleet": { + "privilege": "DeleteWorkerFleet", + "description": "Grants permission to delete a worker fleet", + "access_level": "Write", + "resource_types": { + "WorkerFleetResource": { + "resource_type": "WorkerFleetResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workerfleetresource": "WorkerFleetResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_DeleteWorkerFleet.html" + }, + "GetDestination": { + "privilege": "GetDestination", + "description": "Grants permission to get a destination", + "access_level": "Read", + "resource_types": { + "DestinationResource": { + "resource_type": "DestinationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destinationresource": "DestinationResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetDestination.html" + }, + "GetSite": { + "privilege": "GetSite", + "description": "Grants permission to get a site", + "access_level": "Read", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetSite.html" + }, + "GetWorker": { + "privilege": "GetWorker", + "description": "Grants permission to get a worker", + "access_level": "Read", + "resource_types": { + "WorkerResource": { + "resource_type": "WorkerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workerresource": "WorkerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetWorker.html" + }, + "GetWorkerFleet": { + "privilege": "GetWorkerFleet", + "description": "Grants permission to get a worker fleet", + "access_level": "Read", + "resource_types": { + "WorkerFleetResource": { + "resource_type": "WorkerFleetResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workerfleetresource": "WorkerFleetResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_GetWorkerFleet.html" + }, + "ListDestinations": { + "privilege": "ListDestinations", + "description": "Grants permission to list destinations", + "access_level": "Read", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListDestinations.html" + }, + "ListSites": { + "privilege": "ListSites", + "description": "Grants permission to list sites", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListSites.html" + }, + "ListWorkerFleets": { + "privilege": "ListWorkerFleets", + "description": "Grants permission to list worker fleets", + "access_level": "Read", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListWorkerFleets.html" + }, + "ListWorkers": { + "privilege": "ListWorkers", + "description": "Grants permission to list workers", + "access_level": "Read", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListWorkers.html" + }, + "UpdateDestination": { + "privilege": "UpdateDestination", + "description": "Grants permission to update a destination", + "access_level": "Write", + "resource_types": { + "DestinationResource": { + "resource_type": "DestinationResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "destinationresource": "DestinationResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateDestination.html" + }, + "UpdateSite": { + "privilege": "UpdateSite", + "description": "Grants permission to update a site", + "access_level": "Write", + "resource_types": { + "SiteResource": { + "resource_type": "SiteResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "siteresource": "SiteResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateSite.html" + }, + "UpdateWorker": { + "privilege": "UpdateWorker", + "description": "Grants permission to update a worker", + "access_level": "Write", + "resource_types": { + "WorkerResource": { + "resource_type": "WorkerResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workerresource": "WorkerResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateWorker.html" + }, + "UpdateWorkerFleet": { + "privilege": "UpdateWorkerFleet", + "description": "Grants permission to update a worker fleet", + "access_level": "Write", + "resource_types": { + "WorkerFleetResource": { + "resource_type": "WorkerFleetResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workerfleetresource": "WorkerFleetResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_UpdateWorkerFleet.html" + } + }, + "privileges_lower_name": { + "createdestination": "CreateDestination", + "createsite": "CreateSite", + "createworker": "CreateWorker", + "createworkerfleet": "CreateWorkerFleet", + "deletedestination": "DeleteDestination", + "deletesite": "DeleteSite", + "deleteworker": "DeleteWorker", + "deleteworkerfleet": "DeleteWorkerFleet", + "getdestination": "GetDestination", + "getsite": "GetSite", + "getworker": "GetWorker", + "getworkerfleet": "GetWorkerFleet", + "listdestinations": "ListDestinations", + "listsites": "ListSites", + "listworkerfleets": "ListWorkerFleets", + "listworkers": "ListWorkers", + "updatedestination": "UpdateDestination", + "updatesite": "UpdateSite", + "updateworker": "UpdateWorker", + "updateworkerfleet": "UpdateWorkerFleet" + }, + "resources": { + "DestinationResource": { + "resource": "DestinationResource", + "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}/destination/${DestinationId}", + "condition_keys": [ + "iotroborunner:DestinationResourceId" + ] + }, + "SiteResource": { + "resource": "SiteResource", + "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}", + "condition_keys": [ + "iotroborunner:SiteResourceId" + ] + }, + "WorkerFleetResource": { + "resource": "WorkerFleetResource", + "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}/worker-fleet/${WorkerFleetId}", + "condition_keys": [ + "iotroborunner:WorkerFleetResourceId" + ] + }, + "WorkerResource": { + "resource": "WorkerResource", + "arn": "arn:${Partition}:iotroborunner:${Region}:${Account}:site/${SiteId}/worker-fleet/${WorkerFleetId}/worker/${WorkerId}", + "condition_keys": [ + "iotroborunner:WorkerResourceId" + ] + } + }, + "resources_lower_name": { + "destinationresource": "DestinationResource", + "siteresource": "SiteResource", + "workerfleetresource": "WorkerFleetResource", + "workerresource": "WorkerResource" + }, + "conditions": { + "iotroborunner:DestinationResourceId": { + "condition": "iotroborunner:DestinationResourceId", + "description": "Filters access by the destination's identifier", + "type": "String" + }, + "iotroborunner:SiteResourceId": { + "condition": "iotroborunner:SiteResourceId", + "description": "Filters access by the site's identifier", + "type": "String" + }, + "iotroborunner:WorkerFleetResourceId": { + "condition": "iotroborunner:WorkerFleetResourceId", + "description": "Filters access by the worker fleet's identifier", + "type": "String" + }, + "iotroborunner:WorkerResourceId": { + "condition": "iotroborunner:WorkerResourceId", + "description": "Filters access by the workers identifier", + "type": "String" + } + } + }, + "iotsitewise": { + "service_name": "AWS IoT SiteWise", + "prefix": "iotsitewise", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotsitewise.html", + "privileges": { + "AssociateAssets": { + "privilege": "AssociateAssets", + "description": "Grants permission to associate a child asset with a parent asset through a hierarchy", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssociateAssets.html" + }, + "AssociateTimeSeriesToAssetProperty": { + "privilege": "AssociateTimeSeriesToAssetProperty", + "description": "Grants permission to associate a time series with an asset property", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssociateTimeSeriesToAssetProperty.html" + }, + "BatchAssociateProjectAssets": { + "privilege": "BatchAssociateProjectAssets", + "description": "Grants permission to associate assets to a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchAssociateProjectAssets.html" + }, + "BatchDisassociateProjectAssets": { + "privilege": "BatchDisassociateProjectAssets", + "description": "Grants permission to disassociate assets from a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchDisassociateProjectAssets.html" + }, + "BatchGetAssetPropertyAggregates": { + "privilege": "BatchGetAssetPropertyAggregates", + "description": "Grants permission to retrieve computed aggregates for multiple asset properties", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchGetAssetPropertyAggregates.html" + }, + "BatchGetAssetPropertyValue": { + "privilege": "BatchGetAssetPropertyValue", + "description": "Grants permission to retrieve the latest value for multiple asset properties", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchGetAssetPropertyValue.html" + }, + "BatchGetAssetPropertyValueHistory": { + "privilege": "BatchGetAssetPropertyValueHistory", + "description": "Grants permission to retrieve the value history for multiple asset properties", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchGetAssetPropertyValueHistory.html" + }, + "BatchPutAssetPropertyValue": { + "privilege": "BatchPutAssetPropertyValue", + "description": "Grants permission to put property values for asset properties", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_BatchPutAssetPropertyValue.html" + }, + "CreateAccessPolicy": { + "privilege": "CreateAccessPolicy", + "description": "Grants permission to create an access policy for a portal or a project", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal", + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAccessPolicy.html" + }, + "CreateAsset": { + "privilege": "CreateAsset", + "description": "Grants permission to create an asset from an asset model", + "access_level": "Write", + "resource_types": { + "asset-model": { + "resource_type": "asset-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset-model": "asset-model", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAsset.html" + }, + "CreateAssetModel": { + "privilege": "CreateAssetModel", + "description": "Grants permission to create an asset model", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html" + }, + "CreateBulkImportJob": { + "privilege": "CreateBulkImportJob", + "description": "Grants permission to create bulk import job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateBulkImportJob.html" + }, + "CreateDashboard": { + "privilege": "CreateDashboard", + "description": "Grants permission to create a dashboard in a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateDashboard.html" + }, + "CreateGateway": { + "privilege": "CreateGateway", + "description": "Grants permission to create a gateway", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateGateway.html" + }, + "CreatePortal": { + "privilege": "CreatePortal", + "description": "Grants permission to create a portal", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "sso:CreateManagedApplicationInstance", + "sso:DescribeRegisteredRegions" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreatePortal.html" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to create a project in a portal", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateProject.html" + }, + "DeleteAccessPolicy": { + "privilege": "DeleteAccessPolicy", + "description": "Grants permission to delete an access policy", + "access_level": "Write", + "resource_types": { + "access-policy": { + "resource_type": "access-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-policy": "access-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteAccessPolicy.html" + }, + "DeleteAsset": { + "privilege": "DeleteAsset", + "description": "Grants permission to delete an asset", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteAsset.html" + }, + "DeleteAssetModel": { + "privilege": "DeleteAssetModel", + "description": "Grants permission to delete an asset model", + "access_level": "Write", + "resource_types": { + "asset-model": { + "resource_type": "asset-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset-model": "asset-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteAssetModel.html" + }, + "DeleteDashboard": { + "privilege": "DeleteDashboard", + "description": "Grants permission to delete a dashboard", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteDashboard.html" + }, + "DeleteGateway": { + "privilege": "DeleteGateway", + "description": "Grants permission to delete a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteGateway.html" + }, + "DeletePortal": { + "privilege": "DeletePortal", + "description": "Grants permission to delete a portal", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "sso:DeleteManagedApplicationInstance" + ] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeletePortal.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Grants permission to delete a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteProject.html" + }, + "DeleteTimeSeries": { + "privilege": "DeleteTimeSeries", + "description": "Grants permission to delete a time series", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DeleteTimeSeries.html" + }, + "DescribeAccessPolicy": { + "privilege": "DescribeAccessPolicy", + "description": "Grants permission to describe an access policy", + "access_level": "Read", + "resource_types": { + "access-policy": { + "resource_type": "access-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-policy": "access-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAccessPolicy.html" + }, + "DescribeAsset": { + "privilege": "DescribeAsset", + "description": "Grants permission to describe an asset", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAsset.html" + }, + "DescribeAssetModel": { + "privilege": "DescribeAssetModel", + "description": "Grants permission to describe an asset model", + "access_level": "Read", + "resource_types": { + "asset-model": { + "resource_type": "asset-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset-model": "asset-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAssetModel.html" + }, + "DescribeAssetProperty": { + "privilege": "DescribeAssetProperty", + "description": "Grants permission to describe an asset property", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeAssetProperty.html" + }, + "DescribeBulkImportJob": { + "privilege": "DescribeBulkImportJob", + "description": "Grants permission to describe bulk import job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeBulkImportJob.html" + }, + "DescribeDashboard": { + "privilege": "DescribeDashboard", + "description": "Grants permission to describe a dashboard", + "access_level": "Read", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeDashboard.html" + }, + "DescribeDefaultEncryptionConfiguration": { + "privilege": "DescribeDefaultEncryptionConfiguration", + "description": "Grants permission to describe the default encryption configuration for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeDefaultEncryptionConfiguration.html" + }, + "DescribeGateway": { + "privilege": "DescribeGateway", + "description": "Grants permission to describe a gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGateway.html" + }, + "DescribeGatewayCapabilityConfiguration": { + "privilege": "DescribeGatewayCapabilityConfiguration", + "description": "Grants permission to describe a capability configuration for a gateway", + "access_level": "Read", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html" + }, + "DescribeLoggingOptions": { + "privilege": "DescribeLoggingOptions", + "description": "Grants permission to describe logging options for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeLoggingOptions.html" + }, + "DescribePortal": { + "privilege": "DescribePortal", + "description": "Grants permission to describe a portal", + "access_level": "Read", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribePortal.html" + }, + "DescribeProject": { + "privilege": "DescribeProject", + "description": "Grants permission to describe a project", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeProject.html" + }, + "DescribeStorageConfiguration": { + "privilege": "DescribeStorageConfiguration", + "description": "Grants permission to describe the storage configuration for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeStorageConfiguration.html" + }, + "DescribeTimeSeries": { + "privilege": "DescribeTimeSeries", + "description": "Grants permission to describe a time series", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeTimeSeries.html" + }, + "DisassociateAssets": { + "privilege": "DisassociateAssets", + "description": "Grants permission to disassociate a child asset from a parent asset by a hierarchy", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DisassociateAssets.html" + }, + "DisassociateTimeSeriesFromAssetProperty": { + "privilege": "DisassociateTimeSeriesFromAssetProperty", + "description": "Grants permission to disassociate a time series from an asset property", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DisassociateTimeSeriesFromAssetProperty.html" + }, + "GetAssetPropertyAggregates": { + "privilege": "GetAssetPropertyAggregates", + "description": "Grants permission to retrieve computed aggregates for an asset property", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetAssetPropertyAggregates.html" + }, + "GetAssetPropertyValue": { + "privilege": "GetAssetPropertyValue", + "description": "Grants permission to retrieve the latest value for an asset property", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetAssetPropertyValue.html" + }, + "GetAssetPropertyValueHistory": { + "privilege": "GetAssetPropertyValueHistory", + "description": "Grants permission to retrieve the value history for an asset property", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetAssetPropertyValueHistory.html" + }, + "GetInterpolatedAssetPropertyValues": { + "privilege": "GetInterpolatedAssetPropertyValues", + "description": "Grants permission to retrieve interpolated values for an asset property", + "access_level": "Read", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset", + "time-series": "time-series" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_GetInterpolatedAssetPropertyValues.html" + }, + "ListAccessPolicies": { + "privilege": "ListAccessPolicies", + "description": "Grants permission to list all access policies for an identity or a resource", + "access_level": "List", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal", + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAccessPolicies.html" + }, + "ListAssetModelProperties": { + "privilege": "ListAssetModelProperties", + "description": "Grants permission to list asset model properties", + "access_level": "List", + "resource_types": { + "asset-model": { + "resource_type": "asset-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset-model": "asset-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetModelProperties.html" + }, + "ListAssetModels": { + "privilege": "ListAssetModels", + "description": "Grants permission to list all asset models", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetModels.html" + }, + "ListAssetProperties": { + "privilege": "ListAssetProperties", + "description": "Grants permission to list asset properties", + "access_level": "List", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetProperties.html" + }, + "ListAssetRelationships": { + "privilege": "ListAssetRelationships", + "description": "Grants permission to list the asset relationship graph for an asset", + "access_level": "List", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssetRelationships.html" + }, + "ListAssets": { + "privilege": "ListAssets", + "description": "Grants permission to list all assets", + "access_level": "List", + "resource_types": { + "asset-model": { + "resource_type": "asset-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset-model": "asset-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssets.html" + }, + "ListAssociatedAssets": { + "privilege": "ListAssociatedAssets", + "description": "Grants permission to list all assets associated with an asset through a hierarchy", + "access_level": "List", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListAssociatedAssets.html" + }, + "ListBulkImportJobs": { + "privilege": "ListBulkImportJobs", + "description": "Grants permission to list bulk import jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListBulkImportJobs.html" + }, + "ListDashboards": { + "privilege": "ListDashboards", + "description": "Grants permission to list all dashboards in a project", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListDashboards.html" + }, + "ListGateways": { + "privilege": "ListGateways", + "description": "Grants permission to list all gateways", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListGateways.html" + }, + "ListPortals": { + "privilege": "ListPortals", + "description": "Grants permission to list all portals", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListPortals.html" + }, + "ListProjectAssets": { + "privilege": "ListProjectAssets", + "description": "Grants permission to list all assets associated with a project", + "access_level": "List", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListProjectAssets.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "Grants permission to list all projects in a portal", + "access_level": "List", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListProjects.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for a resource", + "access_level": "Read", + "resource_types": { + "access-policy": { + "resource_type": "access-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "asset-model": { + "resource_type": "asset-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-policy": "access-policy", + "asset": "asset", + "asset-model": "asset-model", + "dashboard": "dashboard", + "gateway": "gateway", + "portal": "portal", + "project": "project", + "time-series": "time-series", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTimeSeries": { + "privilege": "ListTimeSeries", + "description": "Grants permission to list time series", + "access_level": "List", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_ListTimeSeries.html" + }, + "PutDefaultEncryptionConfiguration": { + "privilege": "PutDefaultEncryptionConfiguration", + "description": "Grants permission to set the default encryption configuration for the AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_PutDefaultEncryptionConfiguration.html" + }, + "PutLoggingOptions": { + "privilege": "PutLoggingOptions", + "description": "Grants permission to set logging options for the AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_PutLoggingOptions.html" + }, + "PutStorageConfiguration": { + "privilege": "PutStorageConfiguration", + "description": "Grants permission to configure storage settings for the AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_PutStorageConfiguration.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "access-policy": { + "resource_type": "access-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "asset-model": { + "resource_type": "asset-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-policy": "access-policy", + "asset": "asset", + "asset-model": "asset-model", + "dashboard": "dashboard", + "gateway": "gateway", + "portal": "portal", + "project": "project", + "time-series": "time-series", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "access-policy": { + "resource_type": "access-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "asset": { + "resource_type": "asset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "asset-model": { + "resource_type": "asset-model", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "dashboard": { + "resource_type": "dashboard", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "gateway": { + "resource_type": "gateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "portal": { + "resource_type": "portal", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "project": { + "resource_type": "project", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "time-series": { + "resource_type": "time-series", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-policy": "access-policy", + "asset": "asset", + "asset-model": "asset-model", + "dashboard": "dashboard", + "gateway": "gateway", + "portal": "portal", + "project": "project", + "time-series": "time-series", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UntagResource.html" + }, + "UpdateAccessPolicy": { + "privilege": "UpdateAccessPolicy", + "description": "Grants permission to update an access policy", + "access_level": "Write", + "resource_types": { + "access-policy": { + "resource_type": "access-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "access-policy": "access-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAccessPolicy.html" + }, + "UpdateAsset": { + "privilege": "UpdateAsset", + "description": "Grants permission to update an asset", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAsset.html" + }, + "UpdateAssetModel": { + "privilege": "UpdateAssetModel", + "description": "Grants permission to update an asset model", + "access_level": "Write", + "resource_types": { + "asset-model": { + "resource_type": "asset-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset-model": "asset-model" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html" + }, + "UpdateAssetModelPropertyRouting": { + "privilege": "UpdateAssetModelPropertyRouting", + "description": "Grants permission to update an AssetModel property routing", + "access_level": "Write", + "resource_types": { + "asset-model": { + "resource_type": "asset-model", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset-model": "asset-model" + }, + "api_documentation_link": "${UserGuideDocPage}alarms-iam-permissions.html" + }, + "UpdateAssetProperty": { + "privilege": "UpdateAssetProperty", + "description": "Grants permission to update an asset property", + "access_level": "Write", + "resource_types": { + "asset": { + "resource_type": "asset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "asset": "asset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetProperty.html" + }, + "UpdateDashboard": { + "privilege": "UpdateDashboard", + "description": "Grants permission to update a dashboard", + "access_level": "Write", + "resource_types": { + "dashboard": { + "resource_type": "dashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "dashboard": "dashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateDashboard.html" + }, + "UpdateGateway": { + "privilege": "UpdateGateway", + "description": "Grants permission to update a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateGateway.html" + }, + "UpdateGatewayCapabilityConfiguration": { + "privilege": "UpdateGatewayCapabilityConfiguration", + "description": "Grants permission to update a capability configuration for a gateway", + "access_level": "Write", + "resource_types": { + "gateway": { + "resource_type": "gateway", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "gateway": "gateway" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateGatewayCapabilityConfiguration.html" + }, + "UpdatePortal": { + "privilege": "UpdatePortal", + "description": "Grants permission to update a portal", + "access_level": "Write", + "resource_types": { + "portal": { + "resource_type": "portal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portal": "portal" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdatePortal.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Grants permission to update a project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateProject.html" + } + }, + "privileges_lower_name": { + "associateassets": "AssociateAssets", + "associatetimeseriestoassetproperty": "AssociateTimeSeriesToAssetProperty", + "batchassociateprojectassets": "BatchAssociateProjectAssets", + "batchdisassociateprojectassets": "BatchDisassociateProjectAssets", + "batchgetassetpropertyaggregates": "BatchGetAssetPropertyAggregates", + "batchgetassetpropertyvalue": "BatchGetAssetPropertyValue", + "batchgetassetpropertyvaluehistory": "BatchGetAssetPropertyValueHistory", + "batchputassetpropertyvalue": "BatchPutAssetPropertyValue", + "createaccesspolicy": "CreateAccessPolicy", + "createasset": "CreateAsset", + "createassetmodel": "CreateAssetModel", + "createbulkimportjob": "CreateBulkImportJob", + "createdashboard": "CreateDashboard", + "creategateway": "CreateGateway", + "createportal": "CreatePortal", + "createproject": "CreateProject", + "deleteaccesspolicy": "DeleteAccessPolicy", + "deleteasset": "DeleteAsset", + "deleteassetmodel": "DeleteAssetModel", + "deletedashboard": "DeleteDashboard", + "deletegateway": "DeleteGateway", + "deleteportal": "DeletePortal", + "deleteproject": "DeleteProject", + "deletetimeseries": "DeleteTimeSeries", + "describeaccesspolicy": "DescribeAccessPolicy", + "describeasset": "DescribeAsset", + "describeassetmodel": "DescribeAssetModel", + "describeassetproperty": "DescribeAssetProperty", + "describebulkimportjob": "DescribeBulkImportJob", + "describedashboard": "DescribeDashboard", + "describedefaultencryptionconfiguration": "DescribeDefaultEncryptionConfiguration", + "describegateway": "DescribeGateway", + "describegatewaycapabilityconfiguration": "DescribeGatewayCapabilityConfiguration", + "describeloggingoptions": "DescribeLoggingOptions", + "describeportal": "DescribePortal", + "describeproject": "DescribeProject", + "describestorageconfiguration": "DescribeStorageConfiguration", + "describetimeseries": "DescribeTimeSeries", + "disassociateassets": "DisassociateAssets", + "disassociatetimeseriesfromassetproperty": "DisassociateTimeSeriesFromAssetProperty", + "getassetpropertyaggregates": "GetAssetPropertyAggregates", + "getassetpropertyvalue": "GetAssetPropertyValue", + "getassetpropertyvaluehistory": "GetAssetPropertyValueHistory", + "getinterpolatedassetpropertyvalues": "GetInterpolatedAssetPropertyValues", + "listaccesspolicies": "ListAccessPolicies", + "listassetmodelproperties": "ListAssetModelProperties", + "listassetmodels": "ListAssetModels", + "listassetproperties": "ListAssetProperties", + "listassetrelationships": "ListAssetRelationships", + "listassets": "ListAssets", + "listassociatedassets": "ListAssociatedAssets", + "listbulkimportjobs": "ListBulkImportJobs", + "listdashboards": "ListDashboards", + "listgateways": "ListGateways", + "listportals": "ListPortals", + "listprojectassets": "ListProjectAssets", + "listprojects": "ListProjects", + "listtagsforresource": "ListTagsForResource", + "listtimeseries": "ListTimeSeries", + "putdefaultencryptionconfiguration": "PutDefaultEncryptionConfiguration", + "putloggingoptions": "PutLoggingOptions", + "putstorageconfiguration": "PutStorageConfiguration", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccesspolicy": "UpdateAccessPolicy", + "updateasset": "UpdateAsset", + "updateassetmodel": "UpdateAssetModel", + "updateassetmodelpropertyrouting": "UpdateAssetModelPropertyRouting", + "updateassetproperty": "UpdateAssetProperty", + "updatedashboard": "UpdateDashboard", + "updategateway": "UpdateGateway", + "updategatewaycapabilityconfiguration": "UpdateGatewayCapabilityConfiguration", + "updateportal": "UpdatePortal", + "updateproject": "UpdateProject" + }, + "resources": { + "asset": { + "resource": "asset", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:asset/${AssetId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "asset-model": { + "resource": "asset-model", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:asset-model/${AssetModelId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "time-series": { + "resource": "time-series", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:time-series/${TimeSeriesId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "gateway": { + "resource": "gateway", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:gateway/${GatewayId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "portal": { + "resource": "portal", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:portal/${PortalId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "project": { + "resource": "project", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:project/${ProjectId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "dashboard": { + "resource": "dashboard", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:dashboard/${DashboardId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "access-policy": { + "resource": "access-policy", + "arn": "arn:${Partition}:iotsitewise:${Region}:${Account}:access-policy/${AccessPolicyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "asset": "asset", + "asset-model": "asset-model", + "time-series": "time-series", + "gateway": "gateway", + "portal": "portal", + "project": "project", + "dashboard": "dashboard", + "access-policy": "access-policy" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in the request", + "type": "ArrayOfString" + }, + "iotsitewise:assetHierarchyPath": { + "condition": "iotsitewise:assetHierarchyPath", + "description": "Filters access by an asset hierarchy path, which is the string of asset IDs in the asset's hierarchy, each separated by a forward slash", + "type": "String" + }, + "iotsitewise:childAssetId": { + "condition": "iotsitewise:childAssetId", + "description": "Filters access by the ID of a child asset being associated whith a parent asset", + "type": "String" + }, + "iotsitewise:group": { + "condition": "iotsitewise:group", + "description": "Filters access by the ID of an AWS Single Sign-On group", + "type": "String" + }, + "iotsitewise:iam": { + "condition": "iotsitewise:iam", + "description": "Filters access by the ID of an AWS IAM identity", + "type": "String" + }, + "iotsitewise:isAssociatedWithAssetProperty": { + "condition": "iotsitewise:isAssociatedWithAssetProperty", + "description": "Filters access by data streams associated with or not associated with asset properties", + "type": "String" + }, + "iotsitewise:portal": { + "condition": "iotsitewise:portal", + "description": "Filters access by the ID of a portal", + "type": "String" + }, + "iotsitewise:project": { + "condition": "iotsitewise:project", + "description": "Filters access by the ID of a project", + "type": "String" + }, + "iotsitewise:propertyAlias": { + "condition": "iotsitewise:propertyAlias", + "description": "Filters access by the property alias", + "type": "String" + }, + "iotsitewise:propertyId": { + "condition": "iotsitewise:propertyId", + "description": "Filters access by the ID of an asset property", + "type": "String" + }, + "iotsitewise:user": { + "condition": "iotsitewise:user", + "description": "Filters access by the ID of an AWS Single Sign-On user", + "type": "String" + } + } + }, + "iotthingsgraph": { + "service_name": "AWS IoT Things Graph", + "prefix": "iotthingsgraph", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotthingsgraph.html", + "privileges": { + "AssociateEntityToThing": { + "privilege": "AssociateEntityToThing", + "description": "Associates a device with a concrete thing that is in the user's registry. A thing can be associated with only one device at a time. If you associate a thing with a new device id, its previous association will be removed", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeThing", + "iot:DescribeThingGroup" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_AssociateEntityToThing.html" + }, + "CreateFlowTemplate": { + "privilege": "CreateFlowTemplate", + "description": "Creates a workflow template. Workflows can be created only in the user's namespace. (The public namespace contains only entities.) The workflow can contain only entities in the specified namespace. The workflow is validated against the entities in the latest version of the user's namespace unless another namespace version is specified in the request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_CreateFlowTemplate.html" + }, + "CreateSystemInstance": { + "privilege": "CreateSystemInstance", + "description": "Creates an instance of a system with specified configurations and Things", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_CreateSystemInstance.html" + }, + "CreateSystemTemplate": { + "privilege": "CreateSystemTemplate", + "description": "Creates a system. The system is validated against the entities in the latest version of the user's namespace unless another namespace version is specified in the request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_CreateSystemTemplate.html" + }, + "DeleteFlowTemplate": { + "privilege": "DeleteFlowTemplate", + "description": "Deletes a workflow. Any new system or system instance that contains this workflow will fail to update or deploy. Existing system instances that contain the workflow will continue to run (since they use a snapshot of the workflow taken at the time of deploying the system instance)", + "access_level": "Write", + "resource_types": { + "Workflow": { + "resource_type": "Workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "Workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteFlowTemplate.html" + }, + "DeleteNamespace": { + "privilege": "DeleteNamespace", + "description": "Deletes the specified namespace. This action deletes all of the entities in the namespace. Delete the systems and flows in the namespace before performing this action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteNamespace.html" + }, + "DeleteSystemInstance": { + "privilege": "DeleteSystemInstance", + "description": "Deletes a system instance. Only instances that have never been deployed, or that have been undeployed from the target can be deleted. Users can create a new system instance that has the same ID as a deleted system instance", + "access_level": "Write", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteSystemInstance.html" + }, + "DeleteSystemTemplate": { + "privilege": "DeleteSystemTemplate", + "description": "Deletes a system. New system instances can't contain the system after its deletion. Existing system instances that contain the system will continue to work because they use a snapshot of the system that is taken when it is deployed", + "access_level": "Write", + "resource_types": { + "System": { + "resource_type": "System", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "system": "System" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeleteSystemTemplate.html" + }, + "DeploySystemInstance": { + "privilege": "DeploySystemInstance", + "description": "Deploys the system instance to the target specified in CreateSystemInstance", + "access_level": "Write", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeploySystemInstance.html" + }, + "DeprecateFlowTemplate": { + "privilege": "DeprecateFlowTemplate", + "description": "Deprecates the specified workflow. This action marks the workflow for deletion. Deprecated flows can't be deployed, but existing system instances that use the flow will continue to run", + "access_level": "Write", + "resource_types": { + "Workflow": { + "resource_type": "Workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "Workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeprecateFlowTemplate.html" + }, + "DeprecateSystemTemplate": { + "privilege": "DeprecateSystemTemplate", + "description": "Deprecates the specified system", + "access_level": "Write", + "resource_types": { + "System": { + "resource_type": "System", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "system": "System" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DeprecateSystemTemplate.html" + }, + "DescribeNamespace": { + "privilege": "DescribeNamespace", + "description": "Gets the latest version of the user's namespace and the public version that it is tracking", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DescribeNamespace.html" + }, + "DissociateEntityFromThing": { + "privilege": "DissociateEntityFromThing", + "description": "Dissociates a device entity from a concrete thing. The action takes only the type of the entity that you need to dissociate because only one entity of a particular type can be associated with a thing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iot:DescribeThing", + "iot:DescribeThingGroup" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_DissociateEntityFromThing.html" + }, + "GetEntities": { + "privilege": "GetEntities", + "description": "Gets descriptions of the specified entities. Uses the latest version of the user's namespace by default", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetEntities.html" + }, + "GetFlowTemplate": { + "privilege": "GetFlowTemplate", + "description": "Gets the latest version of the DefinitionDocument and FlowTemplateSummary for the specified workflow", + "access_level": "Read", + "resource_types": { + "Workflow": { + "resource_type": "Workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "Workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetFlowTemplate.html" + }, + "GetFlowTemplateRevisions": { + "privilege": "GetFlowTemplateRevisions", + "description": "Gets revisions of the specified workflow. Only the last 100 revisions are stored. If the workflow has been deprecated, this action will return revisions that occurred before the deprecation. This action won't work for workflows that have been deleted", + "access_level": "Read", + "resource_types": { + "Workflow": { + "resource_type": "Workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "Workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetFlowTemplateRevisions.html" + }, + "GetNamespaceDeletionStatus": { + "privilege": "GetNamespaceDeletionStatus", + "description": "Gets the status of a namespace deletion task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetNamespaceDeletionStatus.html" + }, + "GetSystemInstance": { + "privilege": "GetSystemInstance", + "description": "Gets a system instance", + "access_level": "Read", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetSystemInstance.html" + }, + "GetSystemTemplate": { + "privilege": "GetSystemTemplate", + "description": "Gets a system", + "access_level": "Read", + "resource_types": { + "System": { + "resource_type": "System", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "system": "System" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetSystemTemplate.html" + }, + "GetSystemTemplateRevisions": { + "privilege": "GetSystemTemplateRevisions", + "description": "Gets revisions made to the specified system template. Only the previous 100 revisions are stored. If the system has been deprecated, this action will return the revisions that occurred before its deprecation. This action won't work with systems that have been deleted", + "access_level": "Read", + "resource_types": { + "System": { + "resource_type": "System", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "system": "System" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetSystemTemplateRevisions.html" + }, + "GetUploadStatus": { + "privilege": "GetUploadStatus", + "description": "Gets the status of the specified upload", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_GetUploadStatus.html" + }, + "ListFlowExecutionMessages": { + "privilege": "ListFlowExecutionMessages", + "description": "Lists details of a single workflow execution", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_ListFlowExecutionMessages.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Lists all tags for a given resource", + "access_level": "List", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_ListTagsForResource.html" + }, + "SearchEntities": { + "privilege": "SearchEntities", + "description": "Searches for entities of the specified type. You can search for entities in your namespace and the public namespace that you're tracking", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchEntities.html" + }, + "SearchFlowExecutions": { + "privilege": "SearchFlowExecutions", + "description": "Searches for workflow executions of a system instance", + "access_level": "Read", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchFlowExecutions.html" + }, + "SearchFlowTemplates": { + "privilege": "SearchFlowTemplates", + "description": "Searches for summary information about workflows", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchFlowTemplates.html" + }, + "SearchSystemInstances": { + "privilege": "SearchSystemInstances", + "description": "Searches for system instances in the user's account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchSystemInstances.html" + }, + "SearchSystemTemplates": { + "privilege": "SearchSystemTemplates", + "description": "Searches for summary information about systems in the user's account. You can filter by the ID of a workflow to return only systems that use the specified workflow", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchSystemTemplates.html" + }, + "SearchThings": { + "privilege": "SearchThings", + "description": "Searches for things associated with the specified entity. You can search by both device and device model", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_SearchThings.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Tag a specified resource", + "access_level": "Tagging", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_TagResource.html" + }, + "UndeploySystemInstance": { + "privilege": "UndeploySystemInstance", + "description": "Removes the system instance and associated triggers from the target", + "access_level": "Write", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UndeploySystemInstance.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Untag a specified resource", + "access_level": "Tagging", + "resource_types": { + "SystemInstance": { + "resource_type": "SystemInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "systeminstance": "SystemInstance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UntagResource.html" + }, + "UpdateFlowTemplate": { + "privilege": "UpdateFlowTemplate", + "description": "Updates the specified workflow. All deployed systems and system instances that use the workflow will see the changes in the flow when it is redeployed. The workflow can contain only entities in the specified namespace", + "access_level": "Write", + "resource_types": { + "Workflow": { + "resource_type": "Workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "Workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UpdateFlowTemplate.html" + }, + "UpdateSystemTemplate": { + "privilege": "UpdateSystemTemplate", + "description": "Updates the specified system. You don't need to run this action after updating a workflow. Any system instance that uses the system will see the changes in the system when it is redeployed", + "access_level": "Write", + "resource_types": { + "System": { + "resource_type": "System", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "system": "System" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UpdateSystemTemplate.html" + }, + "UploadEntityDefinitions": { + "privilege": "UploadEntityDefinitions", + "description": "Asynchronously uploads one or more entity definitions to the user's namespace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/thingsgraph/latest/APIReference/{APIReferenceDocPage}API_UploadEntityDefinitions.html" + } + }, + "privileges_lower_name": { + "associateentitytothing": "AssociateEntityToThing", + "createflowtemplate": "CreateFlowTemplate", + "createsysteminstance": "CreateSystemInstance", + "createsystemtemplate": "CreateSystemTemplate", + "deleteflowtemplate": "DeleteFlowTemplate", + "deletenamespace": "DeleteNamespace", + "deletesysteminstance": "DeleteSystemInstance", + "deletesystemtemplate": "DeleteSystemTemplate", + "deploysysteminstance": "DeploySystemInstance", + "deprecateflowtemplate": "DeprecateFlowTemplate", + "deprecatesystemtemplate": "DeprecateSystemTemplate", + "describenamespace": "DescribeNamespace", + "dissociateentityfromthing": "DissociateEntityFromThing", + "getentities": "GetEntities", + "getflowtemplate": "GetFlowTemplate", + "getflowtemplaterevisions": "GetFlowTemplateRevisions", + "getnamespacedeletionstatus": "GetNamespaceDeletionStatus", + "getsysteminstance": "GetSystemInstance", + "getsystemtemplate": "GetSystemTemplate", + "getsystemtemplaterevisions": "GetSystemTemplateRevisions", + "getuploadstatus": "GetUploadStatus", + "listflowexecutionmessages": "ListFlowExecutionMessages", + "listtagsforresource": "ListTagsForResource", + "searchentities": "SearchEntities", + "searchflowexecutions": "SearchFlowExecutions", + "searchflowtemplates": "SearchFlowTemplates", + "searchsysteminstances": "SearchSystemInstances", + "searchsystemtemplates": "SearchSystemTemplates", + "searchthings": "SearchThings", + "tagresource": "TagResource", + "undeploysysteminstance": "UndeploySystemInstance", + "untagresource": "UntagResource", + "updateflowtemplate": "UpdateFlowTemplate", + "updatesystemtemplate": "UpdateSystemTemplate", + "uploadentitydefinitions": "UploadEntityDefinitions" + }, + "resources": { + "Workflow": { + "resource": "Workflow", + "arn": "arn:${Partition}:iotthingsgraph:${Region}:${Account}:Workflow/${NamespacePath}", + "condition_keys": [] + }, + "System": { + "resource": "System", + "arn": "arn:${Partition}:iotthingsgraph:${Region}:${Account}:System/${NamespacePath}", + "condition_keys": [] + }, + "SystemInstance": { + "resource": "SystemInstance", + "arn": "arn:${Partition}:iotthingsgraph:${Region}:${Account}:Deployment/${NamespacePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "workflow": "Workflow", + "system": "System", + "systeminstance": "SystemInstance" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a key that is present in the request the user makes to the thingsgraph service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names present in the request the user makes to the thingsgraph service", + "type": "String" + } + } + }, + "iottwinmaker": { + "service_name": "AWS IoT TwinMaker", + "prefix": "iottwinmaker", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiottwinmaker.html", + "privileges": { + "BatchPutPropertyValues": { + "privilege": "BatchPutPropertyValues", + "description": "Grants permission to set values for multiple time series properties", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iottwinmaker:GetComponentType", + "iottwinmaker:GetEntity", + "iottwinmaker:GetWorkspace" + ] + }, + "entity": { + "resource_type": "entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "entity": "entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_BatchPutPropertyValues.html" + }, + "CreateComponentType": { + "privilege": "CreateComponentType", + "description": "Grants permission to create a componentType", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateComponentType.html" + }, + "CreateEntity": { + "privilege": "CreateEntity", + "description": "Grants permission to create an entity", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateEntity.html" + }, + "CreateScene": { + "privilege": "CreateScene", + "description": "Grants permission to create a scene", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateScene.html" + }, + "CreateSyncJob": { + "privilege": "CreateSyncJob", + "description": "Grants permission to create a sync job", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateSyncJob.html" + }, + "CreateWorkspace": { + "privilege": "CreateWorkspace", + "description": "Grants permission to create a workspace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateWorkspace.html" + }, + "DeleteComponentType": { + "privilege": "DeleteComponentType", + "description": "Grants permission to delete a componentType", + "access_level": "Write", + "resource_types": { + "componentType": { + "resource_type": "componentType", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componenttype": "componentType", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteComponentType.html" + }, + "DeleteEntity": { + "privilege": "DeleteEntity", + "description": "Grants permission to delete an entity", + "access_level": "Write", + "resource_types": { + "entity": { + "resource_type": "entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "entity", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteEntity.html" + }, + "DeleteScene": { + "privilege": "DeleteScene", + "description": "Grants permission to delete a scene", + "access_level": "Write", + "resource_types": { + "scene": { + "resource_type": "scene", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scene": "scene", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteScene.html" + }, + "DeleteSyncJob": { + "privilege": "DeleteSyncJob", + "description": "Grants permission to delete a sync job", + "access_level": "Write", + "resource_types": { + "syncJob": { + "resource_type": "syncJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncjob": "syncJob", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteSyncJob.html" + }, + "DeleteWorkspace": { + "privilege": "DeleteWorkspace", + "description": "Grants permission to delete a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteWorkspace.html" + }, + "ExecuteQuery": { + "privilege": "ExecuteQuery", + "description": "Grants permission to execute query", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ExecuteQuery.html" + }, + "GetComponentType": { + "privilege": "GetComponentType", + "description": "Grants permission to get a componentType", + "access_level": "Read", + "resource_types": { + "componentType": { + "resource_type": "componentType", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componenttype": "componentType", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetComponentType.html" + }, + "GetEntity": { + "privilege": "GetEntity", + "description": "Grants permission to get an entity", + "access_level": "Read", + "resource_types": { + "entity": { + "resource_type": "entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "entity", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetEntity.html" + }, + "GetPricingPlan": { + "privilege": "GetPricingPlan", + "description": "Grants permission to get pricing plan", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetPricingPlan.html" + }, + "GetPropertyValue": { + "privilege": "GetPropertyValue", + "description": "Grants permission to retrieve the property values", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iottwinmaker:GetComponentType", + "iottwinmaker:GetEntity", + "iottwinmaker:GetWorkspace" + ] + }, + "componentType": { + "resource_type": "componentType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity": { + "resource_type": "entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "componenttype": "componentType", + "entity": "entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetPropertyValue.html" + }, + "GetPropertyValueHistory": { + "privilege": "GetPropertyValueHistory", + "description": "Grants permission to retrieve the time series value history", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iottwinmaker:GetComponentType", + "iottwinmaker:GetEntity", + "iottwinmaker:GetWorkspace" + ] + }, + "componentType": { + "resource_type": "componentType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity": { + "resource_type": "entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace", + "componenttype": "componentType", + "entity": "entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetPropertyValueHistory.html" + }, + "GetScene": { + "privilege": "GetScene", + "description": "Grants permission to get a scene", + "access_level": "Read", + "resource_types": { + "scene": { + "resource_type": "scene", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scene": "scene", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetScene.html" + }, + "GetSyncJob": { + "privilege": "GetSyncJob", + "description": "Grants permission to get a sync job", + "access_level": "Read", + "resource_types": { + "syncJob": { + "resource_type": "syncJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncjob": "syncJob", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetSyncJob.html" + }, + "GetWorkspace": { + "privilege": "GetWorkspace", + "description": "Grants permission to get a workspace", + "access_level": "Read", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetWorkspace.html" + }, + "ListComponentTypes": { + "privilege": "ListComponentTypes", + "description": "Grants permission to list all componentTypes in a workspace", + "access_level": "List", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListComponentTypes.html" + }, + "ListEntities": { + "privilege": "ListEntities", + "description": "Grants permission to list all entities in a workspace", + "access_level": "List", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListEntities.html" + }, + "ListScenes": { + "privilege": "ListScenes", + "description": "Grants permission to list all scenes in a workspace", + "access_level": "List", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListScenes.html" + }, + "ListSyncJobs": { + "privilege": "ListSyncJobs", + "description": "Grants permission to list all sync jobs in a workspace", + "access_level": "List", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListSyncJobs.html" + }, + "ListSyncResources": { + "privilege": "ListSyncResources", + "description": "Grants permission to list all sync resources for a sync job", + "access_level": "List", + "resource_types": { + "syncJob": { + "resource_type": "syncJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "syncjob": "syncJob", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListSyncResources.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for a resource", + "access_level": "List", + "resource_types": { + "componentType": { + "resource_type": "componentType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity": { + "resource_type": "entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scene": { + "resource_type": "scene", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "syncJob": { + "resource_type": "syncJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componenttype": "componentType", + "entity": "entity", + "scene": "scene", + "syncjob": "syncJob", + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListTagsForResource.html" + }, + "ListWorkspaces": { + "privilege": "ListWorkspaces", + "description": "Grants permission to list all workspaces", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListWorkspaces.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "componentType": { + "resource_type": "componentType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity": { + "resource_type": "entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scene": { + "resource_type": "scene", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "syncJob": { + "resource_type": "syncJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componenttype": "componentType", + "entity": "entity", + "scene": "scene", + "syncjob": "syncJob", + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "componentType": { + "resource_type": "componentType", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "entity": { + "resource_type": "entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "scene": { + "resource_type": "scene", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "syncJob": { + "resource_type": "syncJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componenttype": "componentType", + "entity": "entity", + "scene": "scene", + "syncjob": "syncJob", + "workspace": "workspace", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UntagResource.html" + }, + "UpdateComponentType": { + "privilege": "UpdateComponentType", + "description": "Grants permission to update a componentType", + "access_level": "Write", + "resource_types": { + "componentType": { + "resource_type": "componentType", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "componenttype": "componentType", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateComponentType.html" + }, + "UpdateEntity": { + "privilege": "UpdateEntity", + "description": "Grants permission to update an entity", + "access_level": "Write", + "resource_types": { + "entity": { + "resource_type": "entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "entity", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateEntity.html" + }, + "UpdatePricingPlan": { + "privilege": "UpdatePricingPlan", + "description": "Grants permission to update pricing plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdatePricingPlan.html" + }, + "UpdateScene": { + "privilege": "UpdateScene", + "description": "Grants permission to update a scene", + "access_level": "Write", + "resource_types": { + "scene": { + "resource_type": "scene", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "scene": "scene", + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateScene.html" + }, + "UpdateWorkspace": { + "privilege": "UpdateWorkspace", + "description": "Grants permission to update a workspace", + "access_level": "Write", + "resource_types": { + "workspace": { + "resource_type": "workspace", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workspace": "workspace" + }, + "api_documentation_link": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_UpdateWorkspace.html" + } + }, + "privileges_lower_name": { + "batchputpropertyvalues": "BatchPutPropertyValues", + "createcomponenttype": "CreateComponentType", + "createentity": "CreateEntity", + "createscene": "CreateScene", + "createsyncjob": "CreateSyncJob", + "createworkspace": "CreateWorkspace", + "deletecomponenttype": "DeleteComponentType", + "deleteentity": "DeleteEntity", + "deletescene": "DeleteScene", + "deletesyncjob": "DeleteSyncJob", + "deleteworkspace": "DeleteWorkspace", + "executequery": "ExecuteQuery", + "getcomponenttype": "GetComponentType", + "getentity": "GetEntity", + "getpricingplan": "GetPricingPlan", + "getpropertyvalue": "GetPropertyValue", + "getpropertyvaluehistory": "GetPropertyValueHistory", + "getscene": "GetScene", + "getsyncjob": "GetSyncJob", + "getworkspace": "GetWorkspace", + "listcomponenttypes": "ListComponentTypes", + "listentities": "ListEntities", + "listscenes": "ListScenes", + "listsyncjobs": "ListSyncJobs", + "listsyncresources": "ListSyncResources", + "listtagsforresource": "ListTagsForResource", + "listworkspaces": "ListWorkspaces", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecomponenttype": "UpdateComponentType", + "updateentity": "UpdateEntity", + "updatepricingplan": "UpdatePricingPlan", + "updatescene": "UpdateScene", + "updateworkspace": "UpdateWorkspace" + }, + "resources": { + "workspace": { + "resource": "workspace", + "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "entity": { + "resource": "entity", + "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/entity/${EntityId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "componentType": { + "resource": "componentType", + "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/component-type/${ComponentTypeId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "scene": { + "resource": "scene", + "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/scene/${SceneId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "syncJob": { + "resource": "syncJob", + "arn": "arn:${Partition}:iottwinmaker:${Region}:${Account}:workspace/${WorkspaceId}/sync-job/${SyncJobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "workspace": "workspace", + "entity": "entity", + "componenttype": "componentType", + "scene": "scene", + "syncjob": "syncJob" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "iq": { + "service_name": "AWS IQ", + "prefix": "iq", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiq.html", + "privileges": { + "AcceptCall": { + "privilege": "AcceptCall", + "description": "Grants permission to accept an incoming voice/video call", + "access_level": "Write", + "resource_types": { + "call": { + "resource_type": "call", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "call": "call" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ApprovePaymentRequest": { + "privilege": "ApprovePaymentRequest", + "description": "Grants permission to approve a payment request", + "access_level": "Write", + "resource_types": { + "paymentRequest": { + "resource_type": "paymentRequest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "paymentrequest": "paymentRequest" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ApproveProposal": { + "privilege": "ApproveProposal", + "description": "Grants permission to approve a proposal", + "access_level": "Write", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ArchiveConversation": { + "privilege": "ArchiveConversation", + "description": "Grants permission to archive a conversation", + "access_level": "Write", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CompleteProposal": { + "privilege": "CompleteProposal", + "description": "Grants permission to complete a proposal", + "access_level": "Write", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateConversation": { + "privilege": "CreateConversation", + "description": "Grants permission to respond to a request or send a direct message to initiate a conversation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateExpert": { + "privilege": "CreateExpert", + "description": "Grants permission to create an expert profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateListing": { + "privilege": "CreateListing", + "description": "Grants permission to create a listing", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateMilestoneProposal": { + "privilege": "CreateMilestoneProposal", + "description": "Grants permission to create a milestone proposal", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreatePaymentRequest": { + "privilege": "CreatePaymentRequest", + "description": "Grants permission to create a payment request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateProject": { + "privilege": "CreateProject", + "description": "Grants permission to submit new requests", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateRequest": { + "privilege": "CreateRequest", + "description": "Grants permission to submit new requests", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateScheduledProposal": { + "privilege": "CreateScheduledProposal", + "description": "Grants permission to create a scheduled proposal", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateSeller": { + "privilege": "CreateSeller", + "description": "Grants permission to create a seller profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreateUpfrontProposal": { + "privilege": "CreateUpfrontProposal", + "description": "Grants permission to create an upfront proposal", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "DeclineCall": { + "privilege": "DeclineCall", + "description": "Grants permission to decline an incoming voice/video call", + "access_level": "Write", + "resource_types": { + "call": { + "resource_type": "call", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "call": "call" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "DeleteAttachment": { + "privilege": "DeleteAttachment", + "description": "Grants permission to delete an existing attachment", + "access_level": "Write", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "DisableIndividualPublicProfile": { + "privilege": "DisableIndividualPublicProfile", + "description": "Grants permission to disable individual public profile page", + "access_level": "Write", + "resource_types": { + "expert": { + "resource_type": "expert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "expert": "expert" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "DownloadAttachment": { + "privilege": "DownloadAttachment", + "description": "Grants permission to download existing attachment", + "access_level": "Read", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "EnableIndividualPublicProfile": { + "privilege": "EnableIndividualPublicProfile", + "description": "Grants permission to enable individual public profile page", + "access_level": "Write", + "resource_types": { + "expert": { + "resource_type": "expert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "expert": "expert" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "EndCall": { + "privilege": "EndCall", + "description": "Grants permission to end a voice/video call", + "access_level": "Write", + "resource_types": { + "call": { + "resource_type": "call", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "call": "call" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetBuyer": { + "privilege": "GetBuyer", + "description": "Grants permission to read buyer information", + "access_level": "Read", + "resource_types": { + "buyer": { + "resource_type": "buyer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "buyer": "buyer" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetCall": { + "privilege": "GetCall", + "description": "Grants permission to read details of a voice/video call", + "access_level": "Read", + "resource_types": { + "call": { + "resource_type": "call", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "call": "call" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetChatInfo": { + "privilege": "GetChatInfo", + "description": "Grants permission to read the chat environment details about a conversation", + "access_level": "Read", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetChatMessages": { + "privilege": "GetChatMessages", + "description": "Grants permission to read chat messages in a conversation", + "access_level": "Read", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetChatToken": { + "privilege": "GetChatToken", + "description": "Grants permission to request a websocket token for the conversation notifications", + "access_level": "Read", + "resource_types": { + "token": { + "resource_type": "token", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "token": "token" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetCompanyChatMessages": { + "privilege": "GetCompanyChatMessages", + "description": "Grants permission to read chat messages in a company conversation", + "access_level": "Read", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetCompanyProfile": { + "privilege": "GetCompanyProfile", + "description": "Grants permission to read a company profile", + "access_level": "Read", + "resource_types": { + "company": { + "resource_type": "company", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "company": "company" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetConversation": { + "privilege": "GetConversation", + "description": "Grants permission to read details of a conversation", + "access_level": "Read", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetExpert": { + "privilege": "GetExpert", + "description": "Grants permission to read expert information", + "access_level": "Read", + "resource_types": { + "expert": { + "resource_type": "expert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "expert": "expert" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetListing": { + "privilege": "GetListing", + "description": "Grants permission to read a listing", + "access_level": "Read", + "resource_types": { + "listing": { + "resource_type": "listing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listing": "listing" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetMarketplaceSeller": { + "privilege": "GetMarketplaceSeller", + "description": "Grants permission to read a seller profile information", + "access_level": "Read", + "resource_types": { + "seller": { + "resource_type": "seller", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "seller": "seller" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetPaymentRequest": { + "privilege": "GetPaymentRequest", + "description": "Grants permission to read a payment request", + "access_level": "Read", + "resource_types": { + "paymentRequest": { + "resource_type": "paymentRequest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "paymentrequest": "paymentRequest" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetProposal": { + "privilege": "GetProposal", + "description": "Grants permission to read a proposal", + "access_level": "Read", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetRequest": { + "privilege": "GetRequest", + "description": "Grants permission to get a created request", + "access_level": "Read", + "resource_types": { + "request": { + "resource_type": "request", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "request": "request" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetReview": { + "privilege": "GetReview", + "description": "Grants permission to read a review for an expert", + "access_level": "Read", + "resource_types": { + "seller": { + "resource_type": "seller", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "seller": "seller" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "HideRequest": { + "privilege": "HideRequest", + "description": "Grants permission to hide a request", + "access_level": "Write", + "resource_types": { + "request": { + "resource_type": "request", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "request": "request" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "InitiateCall": { + "privilege": "InitiateCall", + "description": "Grants permission to start a voice/video call", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "LinkAwsCertification": { + "privilege": "LinkAwsCertification", + "description": "Grants permission to link an AWS certification to individual profile", + "access_level": "Write", + "resource_types": { + "expert": { + "resource_type": "expert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "expert": "expert" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListAttachments": { + "privilege": "ListAttachments", + "description": "Grants permission to list existing attachments", + "access_level": "List", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListConversations": { + "privilege": "ListConversations", + "description": "Grants permission to list existing conversations", + "access_level": "Read", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListExpertAccessLogs": { + "privilege": "ListExpertAccessLogs", + "description": "Grants permission to list access logs of expert activity", + "access_level": "Read", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListListings": { + "privilege": "ListListings", + "description": "Grants permission to list listings", + "access_level": "Read", + "resource_types": { + "listing": { + "resource_type": "listing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listing": "listing" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListPaymentRequests": { + "privilege": "ListPaymentRequests", + "description": "Grants permission to list payment requests", + "access_level": "Read", + "resource_types": { + "paymentRequest": { + "resource_type": "paymentRequest", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "paymentSchedule": { + "resource_type": "paymentSchedule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "paymentrequest": "paymentRequest", + "paymentschedule": "paymentSchedule" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListProposals": { + "privilege": "ListProposals", + "description": "Grants permission to list proposals", + "access_level": "Read", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListRequests": { + "privilege": "ListRequests", + "description": "Grants permission to list requests that are created", + "access_level": "Read", + "resource_types": { + "request": { + "resource_type": "request", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "request": "request" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListReviews": { + "privilege": "ListReviews", + "description": "Grants permission to list reviews for an expert", + "access_level": "Read", + "resource_types": { + "seller": { + "resource_type": "seller", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "seller": "seller" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "MarkChatMessageRead": { + "privilege": "MarkChatMessageRead", + "description": "Grants permission to mark a message as read in a conversation", + "access_level": "Write", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "RejectPaymentRequest": { + "privilege": "RejectPaymentRequest", + "description": "Grants permission to reject a payment request", + "access_level": "Write", + "resource_types": { + "paymentRequest": { + "resource_type": "paymentRequest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "paymentrequest": "paymentRequest" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "RejectProposal": { + "privilege": "RejectProposal", + "description": "Grants permission to reject a proposal", + "access_level": "Write", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "SendCompanyChatMessage": { + "privilege": "SendCompanyChatMessage", + "description": "Grants permission to send a message in a conversation as a company", + "access_level": "Write", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "SendIndividualChatMessage": { + "privilege": "SendIndividualChatMessage", + "description": "Grants permission to send a message in a conversation as an individual", + "access_level": "Write", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UnarchiveConversation": { + "privilege": "UnarchiveConversation", + "description": "Grants permission to unarchive a conversation", + "access_level": "Write", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UnlinkAwsCertification": { + "privilege": "UnlinkAwsCertification", + "description": "Grants permission to unlink an AWS certification from individual profile", + "access_level": "Write", + "resource_types": { + "expert": { + "resource_type": "expert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "expert": "expert" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UpdateCompanyProfile": { + "privilege": "UpdateCompanyProfile", + "description": "Grants permission to update a company profile", + "access_level": "Write", + "resource_types": { + "company": { + "resource_type": "company", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "company": "company" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UpdateConversationMembers": { + "privilege": "UpdateConversationMembers", + "description": "Grants permission to add more participants into a conversation", + "access_level": "Write", + "resource_types": { + "conversation": { + "resource_type": "conversation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "conversation": "conversation" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UpdateExpert": { + "privilege": "UpdateExpert", + "description": "Grants permission to update an expert information", + "access_level": "Write", + "resource_types": { + "expert": { + "resource_type": "expert", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "expert": "expert" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UpdateListing": { + "privilege": "UpdateListing", + "description": "Grants permission to update a listing", + "access_level": "Write", + "resource_types": { + "listing": { + "resource_type": "listing", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "listing": "listing" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UpdateRequest": { + "privilege": "UpdateRequest", + "description": "Grants permission to update a request", + "access_level": "Write", + "resource_types": { + "request": { + "resource_type": "request", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "request": "request" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "UploadAttachment": { + "privilege": "UploadAttachment", + "description": "Grants permission to upload an attachment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "WithdrawPaymentRequest": { + "privilege": "WithdrawPaymentRequest", + "description": "Grants permission to withdraw a payment request", + "access_level": "Write", + "resource_types": { + "paymentRequest": { + "resource_type": "paymentRequest", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "paymentrequest": "paymentRequest" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "WithdrawProposal": { + "privilege": "WithdrawProposal", + "description": "Grants permission to withdraw a proposal", + "access_level": "Write", + "resource_types": { + "proposal": { + "resource_type": "proposal", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "proposal": "proposal" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "WriteReview": { + "privilege": "WriteReview", + "description": "Grants permission to write a review for an expert", + "access_level": "Write", + "resource_types": { + "seller": { + "resource_type": "seller", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "seller": "seller" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + } + }, + "privileges_lower_name": { + "acceptcall": "AcceptCall", + "approvepaymentrequest": "ApprovePaymentRequest", + "approveproposal": "ApproveProposal", + "archiveconversation": "ArchiveConversation", + "completeproposal": "CompleteProposal", + "createconversation": "CreateConversation", + "createexpert": "CreateExpert", + "createlisting": "CreateListing", + "createmilestoneproposal": "CreateMilestoneProposal", + "createpaymentrequest": "CreatePaymentRequest", + "createproject": "CreateProject", + "createrequest": "CreateRequest", + "createscheduledproposal": "CreateScheduledProposal", + "createseller": "CreateSeller", + "createupfrontproposal": "CreateUpfrontProposal", + "declinecall": "DeclineCall", + "deleteattachment": "DeleteAttachment", + "disableindividualpublicprofile": "DisableIndividualPublicProfile", + "downloadattachment": "DownloadAttachment", + "enableindividualpublicprofile": "EnableIndividualPublicProfile", + "endcall": "EndCall", + "getbuyer": "GetBuyer", + "getcall": "GetCall", + "getchatinfo": "GetChatInfo", + "getchatmessages": "GetChatMessages", + "getchattoken": "GetChatToken", + "getcompanychatmessages": "GetCompanyChatMessages", + "getcompanyprofile": "GetCompanyProfile", + "getconversation": "GetConversation", + "getexpert": "GetExpert", + "getlisting": "GetListing", + "getmarketplaceseller": "GetMarketplaceSeller", + "getpaymentrequest": "GetPaymentRequest", + "getproposal": "GetProposal", + "getrequest": "GetRequest", + "getreview": "GetReview", + "hiderequest": "HideRequest", + "initiatecall": "InitiateCall", + "linkawscertification": "LinkAwsCertification", + "listattachments": "ListAttachments", + "listconversations": "ListConversations", + "listexpertaccesslogs": "ListExpertAccessLogs", + "listlistings": "ListListings", + "listpaymentrequests": "ListPaymentRequests", + "listproposals": "ListProposals", + "listrequests": "ListRequests", + "listreviews": "ListReviews", + "markchatmessageread": "MarkChatMessageRead", + "rejectpaymentrequest": "RejectPaymentRequest", + "rejectproposal": "RejectProposal", + "sendcompanychatmessage": "SendCompanyChatMessage", + "sendindividualchatmessage": "SendIndividualChatMessage", + "unarchiveconversation": "UnarchiveConversation", + "unlinkawscertification": "UnlinkAwsCertification", + "updatecompanyprofile": "UpdateCompanyProfile", + "updateconversationmembers": "UpdateConversationMembers", + "updateexpert": "UpdateExpert", + "updatelisting": "UpdateListing", + "updaterequest": "UpdateRequest", + "uploadattachment": "UploadAttachment", + "withdrawpaymentrequest": "WithdrawPaymentRequest", + "withdrawproposal": "WithdrawProposal", + "writereview": "WriteReview" + }, + "resources": { + "conversation": { + "resource": "conversation", + "arn": "arn:${Partition}:iq:${Region}::conversation/${ConversationId}", + "condition_keys": [] + }, + "buyer": { + "resource": "buyer", + "arn": "arn:${Partition}:iq:${Region}::buyer/${BuyerId}", + "condition_keys": [] + }, + "expert": { + "resource": "expert", + "arn": "arn:${Partition}:iq:${Region}::expert/${ExpertId}", + "condition_keys": [] + }, + "call": { + "resource": "call", + "arn": "arn:${Partition}:iq:${Region}::call/${CallId}", + "condition_keys": [] + }, + "token": { + "resource": "token", + "arn": "arn:${Partition}:iq:${Region}::token/${TokenId}", + "condition_keys": [] + }, + "proposal": { + "resource": "proposal", + "arn": "arn:${Partition}:iq:${Region}::proposal/${ConversationId}/${ProposalId}", + "condition_keys": [] + }, + "paymentRequest": { + "resource": "paymentRequest", + "arn": "arn:${Partition}:iq:${Region}::paymentRequest/${ConversationId}/${ProposalId}/${PaymentRequestId}", + "condition_keys": [] + }, + "paymentSchedule": { + "resource": "paymentSchedule", + "arn": "arn:${Partition}:iq:${Region}::paymentSchedule/${ConversationId}/${ProposalId}/${VersionId}", + "condition_keys": [] + }, + "seller": { + "resource": "seller", + "arn": "arn:${Partition}:iq:${Region}::seller/${SellerAwsAccountId}", + "condition_keys": [] + }, + "company": { + "resource": "company", + "arn": "arn:${Partition}:iq:${Region}::company/${CompanyId}", + "condition_keys": [] + }, + "request": { + "resource": "request", + "arn": "arn:${Partition}:iq:${Region}::request/${RequestId}", + "condition_keys": [] + }, + "listing": { + "resource": "listing", + "arn": "arn:${Partition}:iq:${Region}::listing/${ListingId}", + "condition_keys": [] + }, + "attachment": { + "resource": "attachment", + "arn": "arn:${Partition}:iq:${Region}::attachment/${AttachmentId}", + "condition_keys": [] + }, + "permission": { + "resource": "permission", + "arn": "arn:${Partition}:iq-permission:${Region}::permission/${PermissionRequestId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "conversation": "conversation", + "buyer": "buyer", + "expert": "expert", + "call": "call", + "token": "token", + "proposal": "proposal", + "paymentrequest": "paymentRequest", + "paymentschedule": "paymentSchedule", + "seller": "seller", + "company": "company", + "request": "request", + "listing": "listing", + "attachment": "attachment", + "permission": "permission" + }, + "conditions": {} + }, + "iq-permission": { + "service_name": "AWS IQ Permissions", + "prefix": "iq-permission", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiqpermissions.html", + "privileges": { + "ApproveAccessGrant": { + "privilege": "ApproveAccessGrant", + "description": "Grants permission to approve a permission request", + "access_level": "Write", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ApprovePermissionRequest": { + "privilege": "ApprovePermissionRequest", + "description": "Grants permission to approve a permission request", + "access_level": "Write", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "CreatePermissionRequest": { + "privilege": "CreatePermissionRequest", + "description": "Grants permission to create a permission request", + "access_level": "Write", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "GetPermissionRequest": { + "privilege": "GetPermissionRequest", + "description": "Grants permission to get a permission request", + "access_level": "Read", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "ListPermissionRequests": { + "privilege": "ListPermissionRequests", + "description": "Grants permission to list permission requests", + "access_level": "Read", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "RejectPermissionRequest": { + "privilege": "RejectPermissionRequest", + "description": "Grants permission to reject a permission request", + "access_level": "Write", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "RevokePermissionRequest": { + "privilege": "RevokePermissionRequest", + "description": "Grants permission to revoke a permission request which was previously approved", + "access_level": "Write", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + }, + "WithdrawPermissionRequest": { + "privilege": "WithdrawPermissionRequest", + "description": "Grants permission to withdraw a permission request that has not been approved or declined", + "access_level": "Write", + "resource_types": { + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "permission": "permission" + }, + "api_documentation_link": "https://aws.amazon.com/iq/" + } + }, + "privileges_lower_name": { + "approveaccessgrant": "ApproveAccessGrant", + "approvepermissionrequest": "ApprovePermissionRequest", + "createpermissionrequest": "CreatePermissionRequest", + "getpermissionrequest": "GetPermissionRequest", + "listpermissionrequests": "ListPermissionRequests", + "rejectpermissionrequest": "RejectPermissionRequest", + "revokepermissionrequest": "RevokePermissionRequest", + "withdrawpermissionrequest": "WithdrawPermissionRequest" + }, + "resources": { + "permission": { + "resource": "permission", + "arn": "arn:${Partition}:iq-permission:${Region}::permission/${PermissionRequestId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "permission": "permission" + }, + "conditions": {} + }, + "kms": { + "service_name": "AWS Key Management Service", + "prefix": "kms", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awskeymanagementservice.html", + "privileges": { + "CancelKeyDeletion": { + "privilege": "CancelKeyDeletion", + "description": "Controls permission to cancel the scheduled deletion of an AWS KMS key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html" + }, + "ConnectCustomKeyStore": { + "privilege": "ConnectCustomKeyStore", + "description": "Controls permission to connect or reconnect a custom key store to its associated AWS CloudHSM cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ConnectCustomKeyStore.html" + }, + "CreateAlias": { + "privilege": "CreateAlias", + "description": "Controls permission to create an alias for an AWS KMS key. Aliases are optional friendly names that you can associate with KMS keys", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateAlias.html" + }, + "CreateCustomKeyStore": { + "privilege": "CreateCustomKeyStore", + "description": "Controls permission to create a custom key store that is associated with an AWS CloudHSM cluster that you own and manage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount" + ], + "dependent_actions": [ + "cloudhsm:DescribeClusters", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateCustomKeyStore.html" + }, + "CreateGrant": { + "privilege": "CreateGrant", + "description": "Controls permission to add a grant to an AWS KMS key. You can use grants to add permissions without changing the key policy or IAM policy", + "access_level": "Permissions management", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:GrantConstraintType", + "kms:GranteePrincipal", + "kms:GrantIsForAWSResource", + "kms:GrantOperations", + "kms:RetiringPrincipal", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateGrant.html" + }, + "CreateKey": { + "privilege": "CreateKey", + "description": "Controls permission to create an AWS KMS key that can be used to protect data keys and other sensitive information", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "kms:BypassPolicyLockoutSafetyCheck", + "kms:CallerAccount", + "kms:KeySpec", + "kms:KeyUsage", + "kms:KeyOrigin", + "kms:MultiRegion", + "kms:MultiRegionKeyType", + "kms:ViaService" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "kms:PutKeyPolicy", + "kms:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateKey.html" + }, + "Decrypt": { + "privilege": "Decrypt", + "description": "Controls permission to decrypt ciphertext that was encrypted under an AWS KMS key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:RecipientAttestation:ImageSha384", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Decrypt.html" + }, + "DeleteAlias": { + "privilege": "DeleteAlias", + "description": "Controls permission to delete an alias. Aliases are optional friendly names that you can associate with AWS KMS keys", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DeleteAlias.html" + }, + "DeleteCustomKeyStore": { + "privilege": "DeleteCustomKeyStore", + "description": "Controls permission to delete a custom key store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DeleteCustomKeyStore.html" + }, + "DeleteImportedKeyMaterial": { + "privilege": "DeleteImportedKeyMaterial", + "description": "Controls permission to delete cryptographic material that you imported into an AWS KMS key. This action makes the key unusable", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DeleteImportedKeyMaterial.html" + }, + "DescribeCustomKeyStores": { + "privilege": "DescribeCustomKeyStores", + "description": "Controls permission to view detailed information about custom key stores in the account and region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeCustomKeyStores.html" + }, + "DescribeKey": { + "privilege": "DescribeKey", + "description": "Controls permission to view detailed information about an AWS KMS key", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html" + }, + "DisableKey": { + "privilege": "DisableKey", + "description": "Controls permission to disable an AWS KMS key, which prevents it from being used in cryptographic operations", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html" + }, + "DisableKeyRotation": { + "privilege": "DisableKeyRotation", + "description": "Controls permission to disable automatic rotation of a customer managed AWS KMS key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKeyRotation.html" + }, + "DisconnectCustomKeyStore": { + "privilege": "DisconnectCustomKeyStore", + "description": "Controls permission to disconnect the custom key store from its associated AWS CloudHSM cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_DisconnectCustomKeyStore.html" + }, + "EnableKey": { + "privilege": "EnableKey", + "description": "Controls permission to change the state of an AWS KMS key to enabled. This allows the KMS key to be used in cryptographic operations", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html" + }, + "EnableKeyRotation": { + "privilege": "EnableKeyRotation", + "description": "Controls permission to enable automatic rotation of the cryptographic material in an AWS KMS key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKeyRotation.html" + }, + "Encrypt": { + "privilege": "Encrypt", + "description": "Controls permission to use the specified AWS KMS key to encrypt data and data keys", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html" + }, + "GenerateDataKey": { + "privilege": "GenerateDataKey", + "description": "Controls permission to use the AWS KMS key to generate data keys. You can use the data keys to encrypt data outside of AWS KMS", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:RecipientAttestation:ImageSha384", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey.html" + }, + "GenerateDataKeyPair": { + "privilege": "GenerateDataKeyPair", + "description": "Controls permission to use the AWS KMS key to generate data key pairs", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:DataKeyPairSpec", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKeyPair.html" + }, + "GenerateDataKeyPairWithoutPlaintext": { + "privilege": "GenerateDataKeyPairWithoutPlaintext", + "description": "Controls permission to use the AWS KMS key to generate data key pairs. Unlike the GenerateDataKeyPair operation, this operation returns an encrypted private key without a plaintext copy", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:DataKeyPairSpec", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKeyPairWithoutPlaintext.html" + }, + "GenerateDataKeyWithoutPlaintext": { + "privilege": "GenerateDataKeyWithoutPlaintext", + "description": "Controls permission to use the AWS KMS key to generate a data key. Unlike the GenerateDataKey operation, this operation returns an encrypted data key without a plaintext version of the data key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKeyWithoutPlaintext.html" + }, + "GenerateMac": { + "privilege": "GenerateMac", + "description": "Controls permission to use the AWS KMS key to generate message authentication codes", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:MacAlgorithm", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateMac.html" + }, + "GenerateRandom": { + "privilege": "GenerateRandom", + "description": "Controls permission to get a cryptographically secure random byte string from AWS KMS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:RecipientAttestation:ImageSha384" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateRandom.html" + }, + "GetKeyPolicy": { + "privilege": "GetKeyPolicy", + "description": "Controls permission to view the key policy for the specified AWS KMS key", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetKeyPolicy.html" + }, + "GetKeyRotationStatus": { + "privilege": "GetKeyRotationStatus", + "description": "Controls permission to determine whether automatic key rotation is enabled on the AWS KMS key", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetKeyRotationStatus.html" + }, + "GetParametersForImport": { + "privilege": "GetParametersForImport", + "description": "Controls permission to get data that is required to import cryptographic material into a customer managed key, including a public key and import token", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService", + "kms:WrappingAlgorithm", + "kms:WrappingKeySpec" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetParametersForImport.html" + }, + "GetPublicKey": { + "privilege": "GetPublicKey", + "description": "Controls permission to download the public key of an asymmetric AWS KMS key", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html" + }, + "ImportKeyMaterial": { + "privilege": "ImportKeyMaterial", + "description": "Controls permission to import cryptographic material into an AWS KMS key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ExpirationModel", + "kms:ValidTo", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ImportKeyMaterial.html" + }, + "ListAliases": { + "privilege": "ListAliases", + "description": "Controls permission to view the aliases that are defined in the account. Aliases are optional friendly names that you can associate with AWS KMS keys", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListAliases.html" + }, + "ListGrants": { + "privilege": "ListGrants", + "description": "Controls permission to view all grants for an AWS KMS key", + "access_level": "List", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:GrantIsForAWSResource", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListGrants.html" + }, + "ListKeyPolicies": { + "privilege": "ListKeyPolicies", + "description": "Controls permission to view the names of key policies for an AWS KMS key", + "access_level": "List", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeyPolicies.html" + }, + "ListKeys": { + "privilege": "ListKeys", + "description": "Controls permission to view the key ID and Amazon Resource Name (ARN) of all AWS KMS keys in the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html" + }, + "ListResourceTags": { + "privilege": "ListResourceTags", + "description": "Controls permission to view all tags that are attached to an AWS KMS key", + "access_level": "List", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListResourceTags.html" + }, + "ListRetirableGrants": { + "privilege": "ListRetirableGrants", + "description": "Controls permission to view grants in which the specified principal is the retiring principal. Other principals might be able to retire the grant and this principal might be able to retire other grants", + "access_level": "List", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ListRetirableGrants.html" + }, + "PutKeyPolicy": { + "privilege": "PutKeyPolicy", + "description": "Controls permission to replace the key policy for the specified AWS KMS key", + "access_level": "Permissions management", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:BypassPolicyLockoutSafetyCheck", + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html" + }, + "ReEncryptFrom": { + "privilege": "ReEncryptFrom", + "description": "Controls permission to decrypt data as part of the process that decrypts and reencrypts the data within AWS KMS", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:ReEncryptOnSameKey", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ReEncrypt.html" + }, + "ReEncryptTo": { + "privilege": "ReEncryptTo", + "description": "Controls permission to encrypt data as part of the process that decrypts and reencrypts the data within AWS KMS", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:EncryptionAlgorithm", + "kms:EncryptionContext:${EncryptionContextKey}", + "kms:EncryptionContextKeys", + "kms:ReEncryptOnSameKey", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ReEncrypt.html" + }, + "ReplicateKey": { + "privilege": "ReplicateKey", + "description": "Controls permission to replicate a multi-Region primary key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "kms:CreateKey", + "kms:PutKeyPolicy", + "kms:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ReplicaRegion", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ReplicateKey.html" + }, + "RetireGrant": { + "privilege": "RetireGrant", + "description": "Controls permission to retire a grant. The RetireGrant operation is typically called by the grant user after they complete the tasks that the grant allowed them to perform", + "access_level": "Permissions management", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html" + }, + "RevokeGrant": { + "privilege": "RevokeGrant", + "description": "Controls permission to revoke a grant, which denies permission for all operations that depend on the grant", + "access_level": "Permissions management", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:GrantIsForAWSResource", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_RevokeGrant.html" + }, + "ScheduleKeyDeletion": { + "privilege": "ScheduleKeyDeletion", + "description": "Controls permission to schedule deletion of an AWS KMS key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ScheduleKeyDeletionPendingWindowInDays", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html" + }, + "Sign": { + "privilege": "Sign", + "description": "Controls permission to produce a digital signature for a message", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:MessageType", + "kms:RequestAlias", + "kms:SigningAlgorithm", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Sign.html" + }, + "SynchronizeMultiRegionKey": { + "privilege": "SynchronizeMultiRegionKey", + "description": "Controls access to internal APIs that synchronize multi-Region keys", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-auth.html#multi-region-auth-slr" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Controls permission to create or update tags that are attached to an AWS KMS key", + "access_level": "Tagging", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Controls permission to delete tags that are attached to an AWS KMS key", + "access_level": "Tagging", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UntagResource.html" + }, + "UpdateAlias": { + "privilege": "UpdateAlias", + "description": "Controls permission to associate an alias with a different AWS KMS key. An alias is an optional friendly name that you can associate with a KMS key", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdateAlias.html" + }, + "UpdateCustomKeyStore": { + "privilege": "UpdateCustomKeyStore", + "description": "Controls permission to change the properties of a custom key store", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdateCustomKeyStore.html" + }, + "UpdateKeyDescription": { + "privilege": "UpdateKeyDescription", + "description": "Controls permission to delete or change the description of an AWS KMS key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdateKeyDescription.html" + }, + "UpdatePrimaryRegion": { + "privilege": "UpdatePrimaryRegion", + "description": "Controls permission to update the primary Region of a multi-Region primary key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:PrimaryRegion", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_UpdatePrimaryRegion.html" + }, + "Verify": { + "privilege": "Verify", + "description": "Controls permission to use the specified AWS KMS key to verify digital signatures", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:MessageType", + "kms:RequestAlias", + "kms:SigningAlgorithm", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_Verify.html" + }, + "VerifyMac": { + "privilege": "VerifyMac", + "description": "Controls permission to use the AWS KMS key to verify message authentication codes", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "kms:CallerAccount", + "kms:MacAlgorithm", + "kms:RequestAlias", + "kms:ViaService" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/kms/latest/APIReference/API_VerifyMac.html" + } + }, + "privileges_lower_name": { + "cancelkeydeletion": "CancelKeyDeletion", + "connectcustomkeystore": "ConnectCustomKeyStore", + "createalias": "CreateAlias", + "createcustomkeystore": "CreateCustomKeyStore", + "creategrant": "CreateGrant", + "createkey": "CreateKey", + "decrypt": "Decrypt", + "deletealias": "DeleteAlias", + "deletecustomkeystore": "DeleteCustomKeyStore", + "deleteimportedkeymaterial": "DeleteImportedKeyMaterial", + "describecustomkeystores": "DescribeCustomKeyStores", + "describekey": "DescribeKey", + "disablekey": "DisableKey", + "disablekeyrotation": "DisableKeyRotation", + "disconnectcustomkeystore": "DisconnectCustomKeyStore", + "enablekey": "EnableKey", + "enablekeyrotation": "EnableKeyRotation", + "encrypt": "Encrypt", + "generatedatakey": "GenerateDataKey", + "generatedatakeypair": "GenerateDataKeyPair", + "generatedatakeypairwithoutplaintext": "GenerateDataKeyPairWithoutPlaintext", + "generatedatakeywithoutplaintext": "GenerateDataKeyWithoutPlaintext", + "generatemac": "GenerateMac", + "generaterandom": "GenerateRandom", + "getkeypolicy": "GetKeyPolicy", + "getkeyrotationstatus": "GetKeyRotationStatus", + "getparametersforimport": "GetParametersForImport", + "getpublickey": "GetPublicKey", + "importkeymaterial": "ImportKeyMaterial", + "listaliases": "ListAliases", + "listgrants": "ListGrants", + "listkeypolicies": "ListKeyPolicies", + "listkeys": "ListKeys", + "listresourcetags": "ListResourceTags", + "listretirablegrants": "ListRetirableGrants", + "putkeypolicy": "PutKeyPolicy", + "reencryptfrom": "ReEncryptFrom", + "reencryptto": "ReEncryptTo", + "replicatekey": "ReplicateKey", + "retiregrant": "RetireGrant", + "revokegrant": "RevokeGrant", + "schedulekeydeletion": "ScheduleKeyDeletion", + "sign": "Sign", + "synchronizemultiregionkey": "SynchronizeMultiRegionKey", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatealias": "UpdateAlias", + "updatecustomkeystore": "UpdateCustomKeyStore", + "updatekeydescription": "UpdateKeyDescription", + "updateprimaryregion": "UpdatePrimaryRegion", + "verify": "Verify", + "verifymac": "VerifyMac" + }, + "resources": { + "alias": { + "resource": "alias", + "arn": "arn:${Partition}:kms:${Region}:${Account}:alias/${Alias}", + "condition_keys": [] + }, + "key": { + "resource": "key", + "arn": "arn:${Partition}:kms:${Region}:${Account}:key/${KeyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "kms:KeyOrigin", + "kms:KeySpec", + "kms:KeyUsage", + "kms:MultiRegion", + "kms:MultiRegionKeyType", + "kms:ResourceAliases" + ] + } + }, + "resources_lower_name": { + "alias": "alias", + "key": "key" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access to the specified AWS KMS operations based on both the key and value of the tag in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access to the specified AWS KMS operations based on tags assigned to the AWS KMS key", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access to the specified AWS KMS operations based on tag keys in the request", + "type": "ArrayOfString" + }, + "kms:BypassPolicyLockoutSafetyCheck": { + "condition": "kms:BypassPolicyLockoutSafetyCheck", + "description": "Filters access to the CreateKey and PutKeyPolicy operations based on the value of the BypassPolicyLockoutSafetyCheck parameter in the request", + "type": "Bool" + }, + "kms:CallerAccount": { + "condition": "kms:CallerAccount", + "description": "Filters access to specified AWS KMS operations based on the AWS account ID of the caller. You can use this condition key to allow or deny access to all IAM users and roles in an AWS account in a single policy statement", + "type": "String" + }, + "kms:CustomerMasterKeySpec": { + "condition": "kms:CustomerMasterKeySpec", + "description": "The kms:CustomerMasterKeySpec condition key is deprecated. Instead, use the kms:KeySpec condition key", + "type": "String" + }, + "kms:CustomerMasterKeyUsage": { + "condition": "kms:CustomerMasterKeyUsage", + "description": "The kms:CustomerMasterKeyUsage condition key is deprecated. Instead, use the kms:KeyUsage condition key", + "type": "String" + }, + "kms:DataKeyPairSpec": { + "condition": "kms:DataKeyPairSpec", + "description": "Filters access to GenerateDataKeyPair and GenerateDataKeyPairWithoutPlaintext operations based on the value of the KeyPairSpec parameter in the request", + "type": "String" + }, + "kms:EncryptionAlgorithm": { + "condition": "kms:EncryptionAlgorithm", + "description": "Filters access to encryption operations based on the value of the encryption algorithm in the request", + "type": "String" + }, + "kms:EncryptionContext:${EncryptionContextKey}": { + "condition": "kms:EncryptionContext:${EncryptionContextKey}", + "description": "Filters access to a symmetric AWS KMS key based on the encryption context in a cryptographic operation. This condition evaluates the key and value in each key-value encryption context pair", + "type": "String" + }, + "kms:EncryptionContextKeys": { + "condition": "kms:EncryptionContextKeys", + "description": "Filters access to a symmetric AWS KMS key based on the encryption context in a cryptographic operation. This condition key evaluates only the key in each key-value encryption context pair", + "type": "ArrayOfString" + }, + "kms:ExpirationModel": { + "condition": "kms:ExpirationModel", + "description": "Filters access to the ImportKeyMaterial operation based on the value of the ExpirationModel parameter in the request", + "type": "String" + }, + "kms:GrantConstraintType": { + "condition": "kms:GrantConstraintType", + "description": "Filters access to the CreateGrant operation based on the grant constraint in the request", + "type": "String" + }, + "kms:GrantIsForAWSResource": { + "condition": "kms:GrantIsForAWSResource", + "description": "Filters access to the CreateGrant operation when the request comes from a specified AWS service", + "type": "Bool" + }, + "kms:GrantOperations": { + "condition": "kms:GrantOperations", + "description": "Filters access to the CreateGrant operation based on the operations in the grant", + "type": "ArrayOfString" + }, + "kms:GranteePrincipal": { + "condition": "kms:GranteePrincipal", + "description": "Filters access to the CreateGrant operation based on the grantee principal in the grant", + "type": "String" + }, + "kms:KeyOrigin": { + "condition": "kms:KeyOrigin", + "description": "Filters access to an API operation based on the Origin property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key", + "type": "String" + }, + "kms:KeySpec": { + "condition": "kms:KeySpec", + "description": "Filters access to an API operation based on the KeySpec property of the AWS KMS key that is created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", + "type": "String" + }, + "kms:KeyUsage": { + "condition": "kms:KeyUsage", + "description": "Filters access to an API operation based on the KeyUsage property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", + "type": "String" + }, + "kms:MacAlgorithm": { + "condition": "kms:MacAlgorithm", + "description": "Filters access to the GenerateMac and VerifyMac operations based on the MacAlgorithm parameter in the request", + "type": "String" + }, + "kms:MessageType": { + "condition": "kms:MessageType", + "description": "Filters access to the Sign and Verify operations based on the value of the MessageType parameter in the request", + "type": "String" + }, + "kms:MultiRegion": { + "condition": "kms:MultiRegion", + "description": "Filters access to an API operation based on the MultiRegion property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", + "type": "Bool" + }, + "kms:MultiRegionKeyType": { + "condition": "kms:MultiRegionKeyType", + "description": "Filters access to an API operation based on the MultiRegionKeyType property of the AWS KMS key created by or used in the operation. Use it to qualify authorization of the CreateKey operation or any operation that is authorized for a KMS key resource", + "type": "String" + }, + "kms:PrimaryRegion": { + "condition": "kms:PrimaryRegion", + "description": "Filters access to the UpdatePrimaryRegion operation based on the value of the PrimaryRegion parameter in the request", + "type": "String" + }, + "kms:ReEncryptOnSameKey": { + "condition": "kms:ReEncryptOnSameKey", + "description": "Filters access to the ReEncrypt operation when it uses the same AWS KMS key that was used for the Encrypt operation", + "type": "Bool" + }, + "kms:RecipientAttestation:ImageSha384": { + "condition": "kms:RecipientAttestation:ImageSha384", + "description": "Filters access to the Decrypt, GenerateDataKey, and GenerateRandom operations based on the image hash in the attestation document in the request", + "type": "String" + }, + "kms:RecipientAttestation:PCR": { + "condition": "kms:RecipientAttestation:PCR", + "description": "Filters access to the Decrypt, GenerateDataKey, and GenerateRandom operations based on the platform configuration registers (PCRs) in the attestation document in the request", + "type": "String" + }, + "kms:ReplicaRegion": { + "condition": "kms:ReplicaRegion", + "description": "Filters access to the ReplicateKey operation based on the value of the ReplicaRegion parameter in the request", + "type": "String" + }, + "kms:RequestAlias": { + "condition": "kms:RequestAlias", + "description": "Filters access to cryptographic operations, DescribeKey, and GetPublicKey based on the alias in the request", + "type": "String" + }, + "kms:ResourceAliases": { + "condition": "kms:ResourceAliases", + "description": "Filters access to specified AWS KMS operations based on aliases associated with the AWS KMS key", + "type": "ArrayOfString" + }, + "kms:RetiringPrincipal": { + "condition": "kms:RetiringPrincipal", + "description": "Filters access to the CreateGrant operation based on the retiring principal in the grant", + "type": "String" + }, + "kms:ScheduleKeyDeletionPendingWindowInDays": { + "condition": "kms:ScheduleKeyDeletionPendingWindowInDays", + "description": "Filters access to the ScheduleKeyDeletion operation based on the value of the PendingWindowInDays parameter in the request", + "type": "Numeric" + }, + "kms:SigningAlgorithm": { + "condition": "kms:SigningAlgorithm", + "description": "Filters access to the Sign and Verify operations based on the signing algorithm in the request", + "type": "String" + }, + "kms:ValidTo": { + "condition": "kms:ValidTo", + "description": "Filters access to the ImportKeyMaterial operation based on the value of the ValidTo parameter in the request. You can use this condition key to allow users to import key material only when it expires by the specified date", + "type": "Date" + }, + "kms:ViaService": { + "condition": "kms:ViaService", + "description": "Filters access when a request made on the principal's behalf comes from a specified AWS service", + "type": "String" + }, + "kms:WrappingAlgorithm": { + "condition": "kms:WrappingAlgorithm", + "description": "Filters access to the GetParametersForImport operation based on the value of the WrappingAlgorithm parameter in the request", + "type": "String" + }, + "kms:WrappingKeySpec": { + "condition": "kms:WrappingKeySpec", + "description": "Filters access to the GetParametersForImport operation based on the value of the WrappingKeySpec parameter in the request", + "type": "String" + } + } + }, + "lakeformation": { + "service_name": "AWS Lake Formation", + "prefix": "lakeformation", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslakeformation.html", + "privileges": { + "AddLFTagsToResource": { + "privilege": "AddLFTagsToResource", + "description": "Grants permission to attach Lake Formation tags to catalog resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-AddLFTagsToResource" + }, + "BatchGrantPermissions": { + "privilege": "BatchGrantPermissions", + "description": "Grants permission to data lake permissions to one or more principals in a batch", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-BatchGrantPermissions" + }, + "BatchRevokePermissions": { + "privilege": "BatchRevokePermissions", + "description": "Grants permission to revoke data lake permissions from one or more principals in a batch", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-BatchRevokePermissions" + }, + "CancelTransaction": { + "privilege": "CancelTransaction", + "description": "Grants permission to cancel the given transaction", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-CancelTransaction" + }, + "CommitTransaction": { + "privilege": "CommitTransaction", + "description": "Grants permission to commit the given transaction", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-CommitTransaction" + }, + "CreateDataCellsFilter": { + "privilege": "CreateDataCellsFilter", + "description": "Grants permission to create a Lake Formation data cell filter", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-CreateDataCellsFilter" + }, + "CreateLFTag": { + "privilege": "CreateLFTag", + "description": "Grants permission to create a Lake Formation tag", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-CreateLFTag" + }, + "DeleteDataCellsFilter": { + "privilege": "DeleteDataCellsFilter", + "description": "Grants permission to delete a Lake Formation data cell filter", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-DeleteDataCellsFilter" + }, + "DeleteLFTag": { + "privilege": "DeleteLFTag", + "description": "Grants permission to delete a Lake Formation tag", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-DeleteLFTag" + }, + "DeleteObjectsOnCancel": { + "privilege": "DeleteObjectsOnCancel", + "description": "Grants permission to delete the specified objects if the transaction is canceled", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-DeleteObjectsOnCancel" + }, + "DeregisterResource": { + "privilege": "DeregisterResource", + "description": "Grants permission to deregister a registered location", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-DeregisterResource" + }, + "DescribeResource": { + "privilege": "DescribeResource", + "description": "Grants permission to describe a registered location", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-DescribeResource" + }, + "DescribeTransaction": { + "privilege": "DescribeTransaction", + "description": "Grants permission to get status of the given transaction", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-DescribeTransaction" + }, + "ExtendTransaction": { + "privilege": "ExtendTransaction", + "description": "Grants permission to extend the timeout of the given transaction", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-ExtendTransaction" + }, + "GetDataAccess": { + "privilege": "GetDataAccess", + "description": "Grants permission to virtual data lake access", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetDataAccess" + }, + "GetDataCellsFilter": { + "privilege": "GetDataCellsFilter", + "description": "Grants permission to retrieve a Lake Formation data cell filter", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-GetDataCellsFilter" + }, + "GetDataLakeSettings": { + "privilege": "GetDataLakeSettings", + "description": "Grants permission to retrieve data lake settings such as the list of data lake administrators and database and table default permissions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetDataLakeSettings" + }, + "GetEffectivePermissionsForPath": { + "privilege": "GetEffectivePermissionsForPath", + "description": "Grants permission to retrieve permissions attached to resources in the given path", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetEffectivePermissionsForPath" + }, + "GetLFTag": { + "privilege": "GetLFTag", + "description": "Grants permission to retrieve a Lake Formation tag", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetLFTag" + }, + "GetQueryState": { + "privilege": "GetQueryState", + "description": "Grants permission to retrieve the state of the given query", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "lakeformation:StartQueryPlanning" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetQueryState" + }, + "GetQueryStatistics": { + "privilege": "GetQueryStatistics", + "description": "Grants permission to retrieve the statistics for the given query", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "lakeformation:StartQueryPlanning" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetQueryStatistics" + }, + "GetResourceLFTags": { + "privilege": "GetResourceLFTags", + "description": "Grants permission to retrieve lakeformation tags on a catalog resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GetResourceLFTags" + }, + "GetTableObjects": { + "privilege": "GetTableObjects", + "description": "Grants permission to retrieve objects from a table", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-objects.html#aws-lake-formation-api-objects-GetTableObjects" + }, + "GetWorkUnitResults": { + "privilege": "GetWorkUnitResults", + "description": "Grants permission to retrieve the results for the given work units", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "lakeformation:GetWorkUnits", + "lakeformation:StartQueryPlanning" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetWorkUnitResults" + }, + "GetWorkUnits": { + "privilege": "GetWorkUnits", + "description": "Grants permission to retrieve the work units for the given query", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "lakeformation:StartQueryPlanning" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-GetWorkUnits" + }, + "GrantPermissions": { + "privilege": "GrantPermissions", + "description": "Grants permission to data lake permissions to a principal", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-GrantPermissions" + }, + "ListDataCellsFilter": { + "privilege": "ListDataCellsFilter", + "description": "Grants permission to list cell filters", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-ListDataCellsFilter" + }, + "ListLFTags": { + "privilege": "ListLFTags", + "description": "Grants permission to list Lake Formation tags", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-ListLFTags" + }, + "ListPermissions": { + "privilege": "ListPermissions", + "description": "Grants permission to list permissions filtered by principal or resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-ListPermissions" + }, + "ListResources": { + "privilege": "ListResources", + "description": "Grants permission to List registered locations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-ListResources" + }, + "ListTableStorageOptimizers": { + "privilege": "ListTableStorageOptimizers", + "description": "Grants permission to list all the storage optimizers for the Governed table", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-optimizers.html#aws-lake-formation-api-optimizers-ListTableStorageOptimizers" + }, + "ListTransactions": { + "privilege": "ListTransactions", + "description": "Grants permission to list all transactions in the system", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-ListTransactions" + }, + "PutDataLakeSettings": { + "privilege": "PutDataLakeSettings", + "description": "Grants permission to overwrite data lake settings such as the list of data lake administrators and database and table default permissions", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-PutDataLakeSettings" + }, + "RegisterResource": { + "privilege": "RegisterResource", + "description": "Grants permission to register a new location to be managed by Lake Formation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-RegisterResource" + }, + "RemoveLFTagsFromResource": { + "privilege": "RemoveLFTagsFromResource", + "description": "Grants permission to remove lakeformation tags from catalog resources", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-RemoveLFTagsFromResource" + }, + "RevokePermissions": { + "privilege": "RevokePermissions", + "description": "Grants permission to revoke data lake permissions from a principal", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-RevokePermissions" + }, + "SearchDatabasesByLFTags": { + "privilege": "SearchDatabasesByLFTags", + "description": "Grants permission to list catalog databases with Lake Formation tags", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-SearchDatabasesByLFTags" + }, + "SearchTablesByLFTags": { + "privilege": "SearchTablesByLFTags", + "description": "Grants permission to list catalog tables with Lake Formation tags", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-SearchTablesByLFTags" + }, + "StartQueryPlanning": { + "privilege": "StartQueryPlanning", + "description": "Grants permission to initiate the planning of the given query", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-querying.html#aws-lake-formation-api-querying-StartQueryPlanning" + }, + "StartTransaction": { + "privilege": "StartTransaction", + "description": "Grants permission to start a new transaction", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-transactions-api.html#aws-lake-formation-api-transactions-api-StartTransaction" + }, + "UpdateDataCellsFilter": { + "privilege": "UpdateDataCellsFilter", + "description": "Grants permission to update a Lake Formation data cell filter", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-data-filter.html#aws-lake-formation-api-data-filter-UpdateDataCellsFilter" + }, + "UpdateLFTag": { + "privilege": "UpdateLFTag", + "description": "Grants permission to update a Lake Formation tag", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-UpdateLFTag" + }, + "UpdateResource": { + "privilege": "UpdateResource", + "description": "Grants permission to update a registered location", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-tagging-api.html#aws-lake-formation-api-tagging-api-UpdateResource" + }, + "UpdateTableObjects": { + "privilege": "UpdateTableObjects", + "description": "Grants permission to add or delete the specified objects to or from a table", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-objects.html#aws-lake-formation-api-objects-UpdateTableObjects" + }, + "UpdateTableStorageOptimizer": { + "privilege": "UpdateTableStorageOptimizer", + "description": "Grants permission to update the configuration of the storage optimizer for the Governed table", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-optimizers.html#aws-lake-formation-api-optimizers-UpdateTableStorageOptimizer" + } + }, + "privileges_lower_name": { + "addlftagstoresource": "AddLFTagsToResource", + "batchgrantpermissions": "BatchGrantPermissions", + "batchrevokepermissions": "BatchRevokePermissions", + "canceltransaction": "CancelTransaction", + "committransaction": "CommitTransaction", + "createdatacellsfilter": "CreateDataCellsFilter", + "createlftag": "CreateLFTag", + "deletedatacellsfilter": "DeleteDataCellsFilter", + "deletelftag": "DeleteLFTag", + "deleteobjectsoncancel": "DeleteObjectsOnCancel", + "deregisterresource": "DeregisterResource", + "describeresource": "DescribeResource", + "describetransaction": "DescribeTransaction", + "extendtransaction": "ExtendTransaction", + "getdataaccess": "GetDataAccess", + "getdatacellsfilter": "GetDataCellsFilter", + "getdatalakesettings": "GetDataLakeSettings", + "geteffectivepermissionsforpath": "GetEffectivePermissionsForPath", + "getlftag": "GetLFTag", + "getquerystate": "GetQueryState", + "getquerystatistics": "GetQueryStatistics", + "getresourcelftags": "GetResourceLFTags", + "gettableobjects": "GetTableObjects", + "getworkunitresults": "GetWorkUnitResults", + "getworkunits": "GetWorkUnits", + "grantpermissions": "GrantPermissions", + "listdatacellsfilter": "ListDataCellsFilter", + "listlftags": "ListLFTags", + "listpermissions": "ListPermissions", + "listresources": "ListResources", + "listtablestorageoptimizers": "ListTableStorageOptimizers", + "listtransactions": "ListTransactions", + "putdatalakesettings": "PutDataLakeSettings", + "registerresource": "RegisterResource", + "removelftagsfromresource": "RemoveLFTagsFromResource", + "revokepermissions": "RevokePermissions", + "searchdatabasesbylftags": "SearchDatabasesByLFTags", + "searchtablesbylftags": "SearchTablesByLFTags", + "startqueryplanning": "StartQueryPlanning", + "starttransaction": "StartTransaction", + "updatedatacellsfilter": "UpdateDataCellsFilter", + "updatelftag": "UpdateLFTag", + "updateresource": "UpdateResource", + "updatetableobjects": "UpdateTableObjects", + "updatetablestorageoptimizer": "UpdateTableStorageOptimizer" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "lambda": { + "service_name": "AWS Lambda", + "prefix": "lambda", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslambda.html", + "privileges": { + "AddLayerVersionPermission": { + "privilege": "AddLayerVersionPermission", + "description": "Grants permission to add permissions to the resource-based policy of a version of an AWS Lambda layer", + "access_level": "Permissions management", + "resource_types": { + "layerVersion": { + "resource_type": "layerVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "layerversion": "layerVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_AddLayerVersionPermission.html" + }, + "AddPermission": { + "privilege": "AddPermission", + "description": "Grants permission to give an AWS service or another account permission to use an AWS Lambda function", + "access_level": "Permissions management", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:Principal", + "lambda:FunctionUrlAuthType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html" + }, + "CreateAlias": { + "privilege": "CreateAlias", + "description": "Grants permission to create an alias for a Lambda function version", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateAlias.html" + }, + "CreateCodeSigningConfig": { + "privilege": "CreateCodeSigningConfig", + "description": "Grants permission to create an AWS Lambda code signing config", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateCodeSigningConfig.html" + }, + "CreateEventSourceMapping": { + "privilege": "CreateEventSourceMapping", + "description": "Grants permission to create a mapping between an event source and an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateEventSourceMapping.html" + }, + "CreateFunction": { + "privilege": "CreateFunction", + "description": "Grants permission to create an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:Layer", + "lambda:VpcIds", + "lambda:SubnetIds", + "lambda:SecurityGroupIds", + "lambda:CodeSigningConfigArn", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html" + }, + "CreateFunctionUrlConfig": { + "privilege": "CreateFunctionUrlConfig", + "description": "Grants permission to create a function url configuration for a Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionUrlAuthType", + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html" + }, + "DeleteAlias": { + "privilege": "DeleteAlias", + "description": "Grants permission to delete an AWS Lambda function alias", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteAlias.html" + }, + "DeleteCodeSigningConfig": { + "privilege": "DeleteCodeSigningConfig", + "description": "Grants permission to delete an AWS Lambda code signing config", + "access_level": "Write", + "resource_types": { + "code signing config": { + "resource_type": "code signing config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code signing config": "code signing config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteCodeSigningConfig.html" + }, + "DeleteEventSourceMapping": { + "privilege": "DeleteEventSourceMapping", + "description": "Grants permission to delete an AWS Lambda event source mapping", + "access_level": "Write", + "resource_types": { + "eventSourceMapping": { + "resource_type": "eventSourceMapping", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventsourcemapping": "eventSourceMapping", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteEventSourceMapping.html" + }, + "DeleteFunction": { + "privilege": "DeleteFunction", + "description": "Grants permission to delete an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunction.html" + }, + "DeleteFunctionCodeSigningConfig": { + "privilege": "DeleteFunctionCodeSigningConfig", + "description": "Grants permission to detach a code signing config from an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionCodeSigningConfig.html" + }, + "DeleteFunctionConcurrency": { + "privilege": "DeleteFunctionConcurrency", + "description": "Grants permission to remove a concurrent execution limit from an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionConcurrency.html" + }, + "DeleteFunctionEventInvokeConfig": { + "privilege": "DeleteFunctionEventInvokeConfig", + "description": "Grants permission to delete the configuration for asynchronous invocation for an AWS Lambda function, version, or alias", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionEventInvokeConfig.html" + }, + "DeleteFunctionUrlConfig": { + "privilege": "DeleteFunctionUrlConfig", + "description": "Grants permission to delete function url configuration for a Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionUrlAuthType", + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionUrlConfig.html" + }, + "DeleteLayerVersion": { + "privilege": "DeleteLayerVersion", + "description": "Grants permission to delete a version of an AWS Lambda layer", + "access_level": "Write", + "resource_types": { + "layerVersion": { + "resource_type": "layerVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "layerversion": "layerVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteLayerVersion.html" + }, + "DeleteProvisionedConcurrencyConfig": { + "privilege": "DeleteProvisionedConcurrencyConfig", + "description": "Grants permission to delete the provisioned concurrency configuration for an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function alias": { + "resource_type": "function alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "function version": { + "resource_type": "function version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function alias": "function alias", + "function version": "function version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteProvisionedConcurrencyConfig.html" + }, + "DisableReplication": { + "privilege": "DisableReplication", + "description": "Grants permission to disable replication for a Lambda@Edge function", + "access_level": "Permissions management", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-edge-permissions.html" + }, + "EnableReplication": { + "privilege": "EnableReplication", + "description": "Grants permission to enable replication for a Lambda@Edge function", + "access_level": "Permissions management", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-edge-permissions.html" + }, + "GetAccountSettings": { + "privilege": "GetAccountSettings", + "description": "Grants permission to view details about an account's limits and usage in an AWS Region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetAccountSettings.html" + }, + "GetAlias": { + "privilege": "GetAlias", + "description": "Grants permission to view details about an AWS Lambda function alias", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetAlias.html" + }, + "GetCodeSigningConfig": { + "privilege": "GetCodeSigningConfig", + "description": "Grants permission to view details about an AWS Lambda code signing config", + "access_level": "Read", + "resource_types": { + "code signing config": { + "resource_type": "code signing config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code signing config": "code signing config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetCodeSigningConfig.html" + }, + "GetEventSourceMapping": { + "privilege": "GetEventSourceMapping", + "description": "Grants permission to view details about an AWS Lambda event source mapping", + "access_level": "Read", + "resource_types": { + "eventSourceMapping": { + "resource_type": "eventSourceMapping", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventsourcemapping": "eventSourceMapping", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetEventSourceMapping.html" + }, + "GetFunction": { + "privilege": "GetFunction", + "description": "Grants permission to view details about an AWS Lambda function", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunction.html" + }, + "GetFunctionCodeSigningConfig": { + "privilege": "GetFunctionCodeSigningConfig", + "description": "Grants permission to view the code signing config arn attached to an AWS Lambda function", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionCodeSigningConfig.html" + }, + "GetFunctionConcurrency": { + "privilege": "GetFunctionConcurrency", + "description": "Grants permission to view details about the reserved concurrency configuration for a function", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionConcurrency.html" + }, + "GetFunctionConfiguration": { + "privilege": "GetFunctionConfiguration", + "description": "Grants permission to view details about the version-specific settings of an AWS Lambda function or version", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionConfiguration.html" + }, + "GetFunctionEventInvokeConfig": { + "privilege": "GetFunctionEventInvokeConfig", + "description": "Grants permission to view the configuration for asynchronous invocation for a function, version, or alias", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionEventInvokeConfig.html" + }, + "GetFunctionUrlConfig": { + "privilege": "GetFunctionUrlConfig", + "description": "Grants permission to read function url configuration for a Lambda function", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionUrlAuthType", + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionUrlConfig.html" + }, + "GetLayerVersion": { + "privilege": "GetLayerVersion", + "description": "Grants permission to view details about a version of an AWS Lambda layer. Note this action also supports GetLayerVersionByArn API", + "access_level": "Read", + "resource_types": { + "layerVersion": { + "resource_type": "layerVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "layerversion": "layerVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html" + }, + "GetLayerVersionPolicy": { + "privilege": "GetLayerVersionPolicy", + "description": "Grants permission to view the resource-based policy for a version of an AWS Lambda layer", + "access_level": "Read", + "resource_types": { + "layerVersion": { + "resource_type": "layerVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "layerversion": "layerVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersionPolicy.html" + }, + "GetPolicy": { + "privilege": "GetPolicy", + "description": "Grants permission to view the resource-based policy for an AWS Lambda function, version, or alias", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetPolicy.html" + }, + "GetProvisionedConcurrencyConfig": { + "privilege": "GetProvisionedConcurrencyConfig", + "description": "Grants permission to view the provisioned concurrency configuration for an AWS Lambda function's alias or version", + "access_level": "Read", + "resource_types": { + "function alias": { + "resource_type": "function alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "function version": { + "resource_type": "function version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function alias": "function alias", + "function version": "function version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetProvisionedConcurrencyConfig.html" + }, + "GetRuntimeManagementConfig": { + "privilege": "GetRuntimeManagementConfig", + "description": "Grants permission to view the runtime management configuration of an AWS Lambda function", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_GetRuntimeManagementConfig.html" + }, + "InvokeAsync": { + "privilege": "InvokeAsync", + "description": "Grants permission to invoke a function asynchronously (Deprecated)", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_InvokeAsync.html" + }, + "InvokeFunction": { + "privilege": "InvokeFunction", + "description": "Grants permission to invoke an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html" + }, + "InvokeFunctionUrl": { + "privilege": "InvokeFunctionUrl", + "description": "Grants permission to invoke an AWS Lambda function through url", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionUrlAuthType", + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_InvokeFunctionUrl.html" + }, + "ListAliases": { + "privilege": "ListAliases", + "description": "Grants permission to retrieve a list of aliases for an AWS Lambda function", + "access_level": "List", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListAliases.html" + }, + "ListCodeSigningConfigs": { + "privilege": "ListCodeSigningConfigs", + "description": "Grants permission to retrieve a list of AWS Lambda code signing configs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListCodeSigningConfigs.html" + }, + "ListEventSourceMappings": { + "privilege": "ListEventSourceMappings", + "description": "Grants permission to retrieve a list of AWS Lambda event source mappings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListEventSourceMappings.html" + }, + "ListFunctionEventInvokeConfigs": { + "privilege": "ListFunctionEventInvokeConfigs", + "description": "Grants permission to retrieve a list of configurations for asynchronous invocation for a function", + "access_level": "List", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionEventInvokeConfigs.html" + }, + "ListFunctionUrlConfigs": { + "privilege": "ListFunctionUrlConfigs", + "description": "Grants permission to read function url configurations for a function", + "access_level": "List", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionUrlAuthType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionUrlConfigs.html" + }, + "ListFunctions": { + "privilege": "ListFunctions", + "description": "Grants permission to retrieve a list of AWS Lambda functions, with the version-specific configuration of each function", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctions.html" + }, + "ListFunctionsByCodeSigningConfig": { + "privilege": "ListFunctionsByCodeSigningConfig", + "description": "Grants permission to retrieve a list of AWS Lambda functions by the code signing config assigned", + "access_level": "List", + "resource_types": { + "code signing config": { + "resource_type": "code signing config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code signing config": "code signing config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionsByCodeSigningConfig.html" + }, + "ListLayerVersions": { + "privilege": "ListLayerVersions", + "description": "Grants permission to retrieve a list of versions of an AWS Lambda layer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html" + }, + "ListLayers": { + "privilege": "ListLayers", + "description": "Grants permission to retrieve a list of AWS Lambda layers, with details about the latest version of each layer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html" + }, + "ListProvisionedConcurrencyConfigs": { + "privilege": "ListProvisionedConcurrencyConfigs", + "description": "Grants permission to retrieve a list of provisioned concurrency configurations for an AWS Lambda function", + "access_level": "List", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListProvisionedConcurrencyConfigs.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to retrieve a list of tags for an AWS Lambda function", + "access_level": "Read", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListTags.html" + }, + "ListVersionsByFunction": { + "privilege": "ListVersionsByFunction", + "description": "Grants permission to retrieve a list of versions for an AWS Lambda function", + "access_level": "List", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListVersionsByFunction.html" + }, + "PublishLayerVersion": { + "privilege": "PublishLayerVersion", + "description": "Grants permission to create an AWS Lambda layer", + "access_level": "Write", + "resource_types": { + "layer": { + "resource_type": "layer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "layer": "layer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PublishLayerVersion.html" + }, + "PublishVersion": { + "privilege": "PublishVersion", + "description": "Grants permission to create an AWS Lambda function version", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PublishVersion.html" + }, + "PutFunctionCodeSigningConfig": { + "privilege": "PutFunctionCodeSigningConfig", + "description": "Grants permission to attach a code signing config to an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "code signing config": { + "resource_type": "code signing config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:CodeSigningConfigArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code signing config": "code signing config", + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutFunctionCodeSigningConfig.html" + }, + "PutFunctionConcurrency": { + "privilege": "PutFunctionConcurrency", + "description": "Grants permission to configure reserved concurrency for an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutFunctionConcurrency.html" + }, + "PutFunctionEventInvokeConfig": { + "privilege": "PutFunctionEventInvokeConfig", + "description": "Grants permission to configures options for asynchronous invocation on an AWS Lambda function, version, or alias", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutFunctionEventInvokeConfig.html" + }, + "PutProvisionedConcurrencyConfig": { + "privilege": "PutProvisionedConcurrencyConfig", + "description": "Grants permission to configure provisioned concurrency for an AWS Lambda function's alias or version", + "access_level": "Write", + "resource_types": { + "function alias": { + "resource_type": "function alias", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "function version": { + "resource_type": "function version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function alias": "function alias", + "function version": "function version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutProvisionedConcurrencyConfig.html" + }, + "PutRuntimeManagementConfig": { + "privilege": "PutRuntimeManagementConfig", + "description": "Grants permission to update the runtime management configuration of an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_PutRuntimeManagementConfig.html" + }, + "RemoveLayerVersionPermission": { + "privilege": "RemoveLayerVersionPermission", + "description": "Grants permission to remove a statement from the permissions policy for a version of an AWS Lambda layer", + "access_level": "Permissions management", + "resource_types": { + "layerVersion": { + "resource_type": "layerVersion", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "layerversion": "layerVersion" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_RemoveLayerVersionPermission.html" + }, + "RemovePermission": { + "privilege": "RemovePermission", + "description": "Grants permission to revoke function-use permission from an AWS service or another account", + "access_level": "Permissions management", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:Principal", + "lambda:FunctionUrlAuthType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_RemovePermission.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to an AWS Lambda function", + "access_level": "Tagging", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_TagResources.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from an AWS Lambda function", + "access_level": "Tagging", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UntagResource.html" + }, + "UpdateAlias": { + "privilege": "UpdateAlias", + "description": "Grants permission to update the configuration of an AWS Lambda function's alias", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateAlias.html" + }, + "UpdateCodeSigningConfig": { + "privilege": "UpdateCodeSigningConfig", + "description": "Grants permission to update an AWS Lambda code signing config", + "access_level": "Write", + "resource_types": { + "code signing config": { + "resource_type": "code signing config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code signing config": "code signing config" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateCodeSigningConfig.html" + }, + "UpdateEventSourceMapping": { + "privilege": "UpdateEventSourceMapping", + "description": "Grants permission to update the configuration of an AWS Lambda event source mapping", + "access_level": "Write", + "resource_types": { + "eventSourceMapping": { + "resource_type": "eventSourceMapping", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventsourcemapping": "eventSourceMapping", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateEventSourceMapping.html" + }, + "UpdateFunctionCode": { + "privilege": "UpdateFunctionCode", + "description": "Grants permission to update the code of an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionCode.html" + }, + "UpdateFunctionCodeSigningConfig": { + "privilege": "UpdateFunctionCodeSigningConfig", + "description": "Grants permission to update the code signing config of an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "code signing config": { + "resource_type": "code signing config", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "code signing config": "code signing config", + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionCodeSigningConfig.html" + }, + "UpdateFunctionConfiguration": { + "privilege": "UpdateFunctionConfiguration", + "description": "Grants permission to modify the version-specific settings of an AWS Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:Layer", + "lambda:VpcIds", + "lambda:SubnetIds", + "lambda:SecurityGroupIds" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionConfiguration.html" + }, + "UpdateFunctionEventInvokeConfig": { + "privilege": "UpdateFunctionEventInvokeConfig", + "description": "Grants permission to modify the configuration for asynchronous invocation for an AWS Lambda function, version, or alias", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionEventInvokeConfig.html" + }, + "UpdateFunctionUrlConfig": { + "privilege": "UpdateFunctionUrlConfig", + "description": "Grants permission to update a function url configuration for a Lambda function", + "access_level": "Write", + "resource_types": { + "function": { + "resource_type": "function", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "lambda:FunctionUrlAuthType", + "lambda:FunctionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function": "function", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionUrlConfig.html" + } + }, + "privileges_lower_name": { + "addlayerversionpermission": "AddLayerVersionPermission", + "addpermission": "AddPermission", + "createalias": "CreateAlias", + "createcodesigningconfig": "CreateCodeSigningConfig", + "createeventsourcemapping": "CreateEventSourceMapping", + "createfunction": "CreateFunction", + "createfunctionurlconfig": "CreateFunctionUrlConfig", + "deletealias": "DeleteAlias", + "deletecodesigningconfig": "DeleteCodeSigningConfig", + "deleteeventsourcemapping": "DeleteEventSourceMapping", + "deletefunction": "DeleteFunction", + "deletefunctioncodesigningconfig": "DeleteFunctionCodeSigningConfig", + "deletefunctionconcurrency": "DeleteFunctionConcurrency", + "deletefunctioneventinvokeconfig": "DeleteFunctionEventInvokeConfig", + "deletefunctionurlconfig": "DeleteFunctionUrlConfig", + "deletelayerversion": "DeleteLayerVersion", + "deleteprovisionedconcurrencyconfig": "DeleteProvisionedConcurrencyConfig", + "disablereplication": "DisableReplication", + "enablereplication": "EnableReplication", + "getaccountsettings": "GetAccountSettings", + "getalias": "GetAlias", + "getcodesigningconfig": "GetCodeSigningConfig", + "geteventsourcemapping": "GetEventSourceMapping", + "getfunction": "GetFunction", + "getfunctioncodesigningconfig": "GetFunctionCodeSigningConfig", + "getfunctionconcurrency": "GetFunctionConcurrency", + "getfunctionconfiguration": "GetFunctionConfiguration", + "getfunctioneventinvokeconfig": "GetFunctionEventInvokeConfig", + "getfunctionurlconfig": "GetFunctionUrlConfig", + "getlayerversion": "GetLayerVersion", + "getlayerversionpolicy": "GetLayerVersionPolicy", + "getpolicy": "GetPolicy", + "getprovisionedconcurrencyconfig": "GetProvisionedConcurrencyConfig", + "getruntimemanagementconfig": "GetRuntimeManagementConfig", + "invokeasync": "InvokeAsync", + "invokefunction": "InvokeFunction", + "invokefunctionurl": "InvokeFunctionUrl", + "listaliases": "ListAliases", + "listcodesigningconfigs": "ListCodeSigningConfigs", + "listeventsourcemappings": "ListEventSourceMappings", + "listfunctioneventinvokeconfigs": "ListFunctionEventInvokeConfigs", + "listfunctionurlconfigs": "ListFunctionUrlConfigs", + "listfunctions": "ListFunctions", + "listfunctionsbycodesigningconfig": "ListFunctionsByCodeSigningConfig", + "listlayerversions": "ListLayerVersions", + "listlayers": "ListLayers", + "listprovisionedconcurrencyconfigs": "ListProvisionedConcurrencyConfigs", + "listtags": "ListTags", + "listversionsbyfunction": "ListVersionsByFunction", + "publishlayerversion": "PublishLayerVersion", + "publishversion": "PublishVersion", + "putfunctioncodesigningconfig": "PutFunctionCodeSigningConfig", + "putfunctionconcurrency": "PutFunctionConcurrency", + "putfunctioneventinvokeconfig": "PutFunctionEventInvokeConfig", + "putprovisionedconcurrencyconfig": "PutProvisionedConcurrencyConfig", + "putruntimemanagementconfig": "PutRuntimeManagementConfig", + "removelayerversionpermission": "RemoveLayerVersionPermission", + "removepermission": "RemovePermission", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatealias": "UpdateAlias", + "updatecodesigningconfig": "UpdateCodeSigningConfig", + "updateeventsourcemapping": "UpdateEventSourceMapping", + "updatefunctioncode": "UpdateFunctionCode", + "updatefunctioncodesigningconfig": "UpdateFunctionCodeSigningConfig", + "updatefunctionconfiguration": "UpdateFunctionConfiguration", + "updatefunctioneventinvokeconfig": "UpdateFunctionEventInvokeConfig", + "updatefunctionurlconfig": "UpdateFunctionUrlConfig" + }, + "resources": { + "code signing config": { + "resource": "code signing config", + "arn": "arn:${Partition}:lambda:${Region}:${Account}:code-signing-config:${CodeSigningConfigId}", + "condition_keys": [] + }, + "eventSourceMapping": { + "resource": "eventSourceMapping", + "arn": "arn:${Partition}:lambda:${Region}:${Account}:event-source-mapping:${UUID}", + "condition_keys": [] + }, + "function": { + "resource": "function", + "arn": "arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "function alias": { + "resource": "function alias", + "arn": "arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName}:${Alias}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "function version": { + "resource": "function version", + "arn": "arn:${Partition}:lambda:${Region}:${Account}:function:${FunctionName}:${Version}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "layer": { + "resource": "layer", + "arn": "arn:${Partition}:lambda:${Region}:${Account}:layer:${LayerName}", + "condition_keys": [] + }, + "layerVersion": { + "resource": "layerVersion", + "arn": "arn:${Partition}:lambda:${Region}:${Account}:layer:${LayerName}:${LayerVersion}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "code signing config": "code signing config", + "eventsourcemapping": "eventSourceMapping", + "function": "function", + "function alias": "function alias", + "function version": "function version", + "layer": "layer", + "layerversion": "layerVersion" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "lambda:CodeSigningConfigArn": { + "condition": "lambda:CodeSigningConfigArn", + "description": "Filters access by the ARN of an AWS Lambda code signing config", + "type": "String" + }, + "lambda:FunctionArn": { + "condition": "lambda:FunctionArn", + "description": "Filters access by the ARN of an AWS Lambda function", + "type": "ARN" + }, + "lambda:FunctionUrlAuthType": { + "condition": "lambda:FunctionUrlAuthType", + "description": "Filters access by authorization type specified in request. Available during CreateFunctionUrlConfig, UpdateFunctionUrlConfig, DeleteFunctionUrlConfig, GetFunctionUrlConfig, ListFunctionUrlConfig, AddPermission and RemovePermission operations", + "type": "String" + }, + "lambda:Layer": { + "condition": "lambda:Layer", + "description": "Filters access by the ARN of a version of an AWS Lambda layer", + "type": "ArrayOfString" + }, + "lambda:Principal": { + "condition": "lambda:Principal", + "description": "Filters access by restricting the AWS service or account that can invoke a function", + "type": "String" + }, + "lambda:SecurityGroupIds": { + "condition": "lambda:SecurityGroupIds", + "description": "Filters access by the ID of security groups configured for the AWS Lambda function", + "type": "ArrayOfString" + }, + "lambda:SourceFunctionArn": { + "condition": "lambda:SourceFunctionArn", + "description": "Filters access by the ARN of the AWS Lambda function from which the request originated", + "type": "ARN" + }, + "lambda:SubnetIds": { + "condition": "lambda:SubnetIds", + "description": "Filters access by the ID of subnets configured for the AWS Lambda function", + "type": "ArrayOfString" + }, + "lambda:VpcIds": { + "condition": "lambda:VpcIds", + "description": "Filters access by the ID of the VPC configured for the AWS Lambda function", + "type": "String" + } + } + }, + "launchwizard": { + "service_name": "AWS Launch Wizard", + "prefix": "launchwizard", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslaunchwizard.html", + "privileges": { + "CreateAdditionalNode": { + "privilege": "CreateAdditionalNode", + "description": "Grants permission to create an additional node", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "CreateSettingsSet": { + "privilege": "CreateSettingsSet", + "description": "Grants permission to create an application settings set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "DeleteAdditionalNode": { + "privilege": "DeleteAdditionalNode", + "description": "Grants permission to delete an additional node", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Delete an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "DeleteSettingsSet": { + "privilege": "DeleteSettingsSet", + "description": "Grants permission to delete an application settings set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "DescribeAdditionalNode": { + "privilege": "DescribeAdditionalNode", + "description": "Grants permission to describe an additional node", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "DescribeProvisionedApp": { + "privilege": "DescribeProvisionedApp", + "description": "Describe provisioning applications", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "DescribeProvisioningEvents": { + "privilege": "DescribeProvisioningEvents", + "description": "Describe provisioning events", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "DescribeSettingsSet": { + "privilege": "DescribeSettingsSet", + "description": "Grants permission to describe an application settings set", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "GetInfrastructureSuggestion": { + "privilege": "GetInfrastructureSuggestion", + "description": "Get infrastructure suggestion", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "GetIpAddress": { + "privilege": "GetIpAddress", + "description": "Get customer's ip address", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "GetResourceCostEstimate": { + "privilege": "GetResourceCostEstimate", + "description": "Get resource cost estimate", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "GetWorkloadAssets": { + "privilege": "GetWorkloadAssets", + "description": "Grants permission to get workload assets", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "ListAdditionalNodes": { + "privilege": "ListAdditionalNodes", + "description": "Grants permission to list additional nodes", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "ListProvisionedApps": { + "privilege": "ListProvisionedApps", + "description": "List provisioning applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "ListSettingsSets": { + "privilege": "ListSettingsSets", + "description": "Grants permission to list application settings sets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "ListWorkloadDeploymentOptions": { + "privilege": "ListWorkloadDeploymentOptions", + "description": "Grants permission to list deployment options of a given workload", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "ListWorkloads": { + "privilege": "ListWorkloads", + "description": "Grants permission to list workloads", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "StartProvisioning": { + "privilege": "StartProvisioning", + "description": "Start a provisioning", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + }, + "UpdateSettingsSet": { + "privilege": "UpdateSettingsSet", + "description": "Grants permission to update an application settings set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/launchwizard/" + } + }, + "privileges_lower_name": { + "createadditionalnode": "CreateAdditionalNode", + "createsettingsset": "CreateSettingsSet", + "deleteadditionalnode": "DeleteAdditionalNode", + "deleteapp": "DeleteApp", + "deletesettingsset": "DeleteSettingsSet", + "describeadditionalnode": "DescribeAdditionalNode", + "describeprovisionedapp": "DescribeProvisionedApp", + "describeprovisioningevents": "DescribeProvisioningEvents", + "describesettingsset": "DescribeSettingsSet", + "getinfrastructuresuggestion": "GetInfrastructureSuggestion", + "getipaddress": "GetIpAddress", + "getresourcecostestimate": "GetResourceCostEstimate", + "getworkloadassets": "GetWorkloadAssets", + "listadditionalnodes": "ListAdditionalNodes", + "listprovisionedapps": "ListProvisionedApps", + "listsettingssets": "ListSettingsSets", + "listworkloaddeploymentoptions": "ListWorkloadDeploymentOptions", + "listworkloads": "ListWorkloads", + "startprovisioning": "StartProvisioning", + "updatesettingsset": "UpdateSettingsSet" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "license-manager": { + "service_name": "AWS License Manager", + "prefix": "license-manager", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslicensemanager.html", + "privileges": { + "AcceptGrant": { + "privilege": "AcceptGrant", + "description": "Grants permission to accept a grant", + "access_level": "Write", + "resource_types": { + "grant": { + "resource_type": "grant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "grant": "grant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_AcceptGrant.html" + }, + "CheckInLicense": { + "privilege": "CheckInLicense", + "description": "Grants permission to check in license entitlements back to pool", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CheckInLicense.html" + }, + "CheckoutBorrowLicense": { + "privilege": "CheckoutBorrowLicense", + "description": "Grants permission to check out license entitlements for borrow use case", + "access_level": "Write", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CheckoutBorrowLicense.html" + }, + "CheckoutLicense": { + "privilege": "CheckoutLicense", + "description": "Grants permission to check out license entitlements", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CheckoutLicense.html" + }, + "CreateGrant": { + "privilege": "CreateGrant", + "description": "Grants permission to create a new grant for license", + "access_level": "Write", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateGrant.html" + }, + "CreateGrantVersion": { + "privilege": "CreateGrantVersion", + "description": "Grants permission to create new version of grant", + "access_level": "Write", + "resource_types": { + "grant": { + "resource_type": "grant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "grant": "grant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateGrantVersion.html" + }, + "CreateLicense": { + "privilege": "CreateLicense", + "description": "Grants permission to create a new license", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicense.html" + }, + "CreateLicenseConfiguration": { + "privilege": "CreateLicenseConfiguration", + "description": "Grants permission to create a new license configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseConfiguration.html" + }, + "CreateLicenseConversionTaskForResource": { + "privilege": "CreateLicenseConversionTaskForResource", + "description": "Grants permission to create a license conversion task for a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseConversionTaskForResource.html" + }, + "CreateLicenseManagerReportGenerator": { + "privilege": "CreateLicenseManagerReportGenerator", + "description": "Grants permission to create a report generator for a license configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseManagerReportGenerator.html" + }, + "CreateLicenseVersion": { + "privilege": "CreateLicenseVersion", + "description": "Grants permission to create new version of license", + "access_level": "Write", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateLicenseVersion.html" + }, + "CreateToken": { + "privilege": "CreateToken", + "description": "Grants permission to create a new token for license", + "access_level": "Write", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_CreateToken.html" + }, + "DeleteGrant": { + "privilege": "DeleteGrant", + "description": "Grants permission to delete a grant", + "access_level": "Write", + "resource_types": { + "grant": { + "resource_type": "grant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "grant": "grant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteGrant.html" + }, + "DeleteLicense": { + "privilege": "DeleteLicense", + "description": "Grants permission to delete a license", + "access_level": "Write", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteLicense.html" + }, + "DeleteLicenseConfiguration": { + "privilege": "DeleteLicenseConfiguration", + "description": "Grants permission to permanently delete a license configuration", + "access_level": "Write", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteLicenseConfiguration.html" + }, + "DeleteLicenseManagerReportGenerator": { + "privilege": "DeleteLicenseManagerReportGenerator", + "description": "Grants permission to delete a report generator", + "access_level": "Write", + "resource_types": { + "report-generator": { + "resource_type": "report-generator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-generator": "report-generator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteLicenseManagerReportGenerator.html" + }, + "DeleteToken": { + "privilege": "DeleteToken", + "description": "Grants permission to delete token", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_DeleteToken.html" + }, + "ExtendLicenseConsumption": { + "privilege": "ExtendLicenseConsumption", + "description": "Grants permission to extend consumption period of already checkout license entitlements", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ExtendLicenseConsumption.html" + }, + "GetAccessToken": { + "privilege": "GetAccessToken", + "description": "Grants permission to get access token", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetAccessToken.html" + }, + "GetGrant": { + "privilege": "GetGrant", + "description": "Grants permission to get a grant", + "access_level": "Read", + "resource_types": { + "grant": { + "resource_type": "grant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "grant": "grant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetGrant.html" + }, + "GetLicense": { + "privilege": "GetLicense", + "description": "Grants permission to get a license", + "access_level": "Read", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicense.html" + }, + "GetLicenseConfiguration": { + "privilege": "GetLicenseConfiguration", + "description": "Grants permission to get a license configuration", + "access_level": "Read", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseConfiguration.html" + }, + "GetLicenseConversionTask": { + "privilege": "GetLicenseConversionTask", + "description": "Grants permission to retrieve a license conversion task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseConversionTask.html" + }, + "GetLicenseManagerReportGenerator": { + "privilege": "GetLicenseManagerReportGenerator", + "description": "Grants permission to get a report generator", + "access_level": "Read", + "resource_types": { + "report-generator": { + "resource_type": "report-generator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-generator": "report-generator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseManagerReportGenerator.html" + }, + "GetLicenseUsage": { + "privilege": "GetLicenseUsage", + "description": "Grants permission to get a license usage", + "access_level": "Read", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetLicenseUsage.html" + }, + "GetServiceSettings": { + "privilege": "GetServiceSettings", + "description": "Grants permission to get service settings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetServiceSettings.html" + }, + "ListAssociationsForLicenseConfiguration": { + "privilege": "ListAssociationsForLicenseConfiguration", + "description": "Grants permission to list associations for a selected license configuration", + "access_level": "List", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListAssociationsForLicenseConfiguration.html" + }, + "ListDistributedGrants": { + "privilege": "ListDistributedGrants", + "description": "Grants permission to list distributed grants", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListDistributedGrants.html" + }, + "ListFailuresForLicenseConfigurationOperations": { + "privilege": "ListFailuresForLicenseConfigurationOperations", + "description": "Grants permission to list the license configuration operations that failed", + "access_level": "List", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListFailuresForLicenseConfigurationOperations.html" + }, + "ListLicenseConfigurations": { + "privilege": "ListLicenseConfigurations", + "description": "Grants permission to list license configurations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseConfigurations.html" + }, + "ListLicenseConversionTasks": { + "privilege": "ListLicenseConversionTasks", + "description": "Grants permission to list license conversion tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseConversionTasks.html" + }, + "ListLicenseManagerReportGenerators": { + "privilege": "ListLicenseManagerReportGenerators", + "description": "Grants permission to list report generators", + "access_level": "List", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseManagerReportGenerators.html" + }, + "ListLicenseSpecificationsForResource": { + "privilege": "ListLicenseSpecificationsForResource", + "description": "Grants permission to list license specifications associated with a selected resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseSpecificationsForResource.html" + }, + "ListLicenseVersions": { + "privilege": "ListLicenseVersions", + "description": "Grants permission to list license versions", + "access_level": "List", + "resource_types": { + "license": { + "resource_type": "license", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license": "license" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenseVersions.html" + }, + "ListLicenses": { + "privilege": "ListLicenses", + "description": "Grants permission to list licenses", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLicenses.html" + }, + "ListReceivedGrants": { + "privilege": "ListReceivedGrants", + "description": "Grants permission to list received grants", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedGrants.html" + }, + "ListReceivedGrantsForOrganization": { + "privilege": "ListReceivedGrantsForOrganization", + "description": "Grants permission to list received grants for organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedGrantsForOrganization.html" + }, + "ListReceivedLicenses": { + "privilege": "ListReceivedLicenses", + "description": "Grants permission to list received licenses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedLicenses.html" + }, + "ListReceivedLicensesForOrganization": { + "privilege": "ListReceivedLicensesForOrganization", + "description": "Grants permission to list received licenses for organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListReceivedLicensesForOrganization.html" + }, + "ListResourceInventory": { + "privilege": "ListResourceInventory", + "description": "Grants permission to list resource inventory", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListResourceInventory.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a selected resource", + "access_level": "Read", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTokens": { + "privilege": "ListTokens", + "description": "Grants permission to list tokens", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListTokens.html" + }, + "ListUsageForLicenseConfiguration": { + "privilege": "ListUsageForLicenseConfiguration", + "description": "Grants permission to list usage records for selected license configuration", + "access_level": "List", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListUsageForLicenseConfiguration.html" + }, + "RejectGrant": { + "privilege": "RejectGrant", + "description": "Grants permission to reject a grant", + "access_level": "Write", + "resource_types": { + "grant": { + "resource_type": "grant", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "grant": "grant" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_RejectGrant.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a selected resource", + "access_level": "Tagging", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a selected resource", + "access_level": "Tagging", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UntagResource.html" + }, + "UpdateLicenseConfiguration": { + "privilege": "UpdateLicenseConfiguration", + "description": "Grants permission to update an existing license configuration", + "access_level": "Write", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateLicenseConfiguration.html" + }, + "UpdateLicenseManagerReportGenerator": { + "privilege": "UpdateLicenseManagerReportGenerator", + "description": "Grants permission to update a report generator for a license configuration", + "access_level": "Write", + "resource_types": { + "report-generator": { + "resource_type": "report-generator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "report-generator": "report-generator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateLicenseManagerReportGenerator.html" + }, + "UpdateLicenseSpecificationsForResource": { + "privilege": "UpdateLicenseSpecificationsForResource", + "description": "Grants permission to updates license specifications for a selected resource", + "access_level": "Write", + "resource_types": { + "license-configuration": { + "resource_type": "license-configuration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "license-configuration": "license-configuration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateLicenseSpecificationsForResource.html" + }, + "UpdateServiceSettings": { + "privilege": "UpdateServiceSettings", + "description": "Grants permission to updates service settings", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateServiceSettings.html" + } + }, + "privileges_lower_name": { + "acceptgrant": "AcceptGrant", + "checkinlicense": "CheckInLicense", + "checkoutborrowlicense": "CheckoutBorrowLicense", + "checkoutlicense": "CheckoutLicense", + "creategrant": "CreateGrant", + "creategrantversion": "CreateGrantVersion", + "createlicense": "CreateLicense", + "createlicenseconfiguration": "CreateLicenseConfiguration", + "createlicenseconversiontaskforresource": "CreateLicenseConversionTaskForResource", + "createlicensemanagerreportgenerator": "CreateLicenseManagerReportGenerator", + "createlicenseversion": "CreateLicenseVersion", + "createtoken": "CreateToken", + "deletegrant": "DeleteGrant", + "deletelicense": "DeleteLicense", + "deletelicenseconfiguration": "DeleteLicenseConfiguration", + "deletelicensemanagerreportgenerator": "DeleteLicenseManagerReportGenerator", + "deletetoken": "DeleteToken", + "extendlicenseconsumption": "ExtendLicenseConsumption", + "getaccesstoken": "GetAccessToken", + "getgrant": "GetGrant", + "getlicense": "GetLicense", + "getlicenseconfiguration": "GetLicenseConfiguration", + "getlicenseconversiontask": "GetLicenseConversionTask", + "getlicensemanagerreportgenerator": "GetLicenseManagerReportGenerator", + "getlicenseusage": "GetLicenseUsage", + "getservicesettings": "GetServiceSettings", + "listassociationsforlicenseconfiguration": "ListAssociationsForLicenseConfiguration", + "listdistributedgrants": "ListDistributedGrants", + "listfailuresforlicenseconfigurationoperations": "ListFailuresForLicenseConfigurationOperations", + "listlicenseconfigurations": "ListLicenseConfigurations", + "listlicenseconversiontasks": "ListLicenseConversionTasks", + "listlicensemanagerreportgenerators": "ListLicenseManagerReportGenerators", + "listlicensespecificationsforresource": "ListLicenseSpecificationsForResource", + "listlicenseversions": "ListLicenseVersions", + "listlicenses": "ListLicenses", + "listreceivedgrants": "ListReceivedGrants", + "listreceivedgrantsfororganization": "ListReceivedGrantsForOrganization", + "listreceivedlicenses": "ListReceivedLicenses", + "listreceivedlicensesfororganization": "ListReceivedLicensesForOrganization", + "listresourceinventory": "ListResourceInventory", + "listtagsforresource": "ListTagsForResource", + "listtokens": "ListTokens", + "listusageforlicenseconfiguration": "ListUsageForLicenseConfiguration", + "rejectgrant": "RejectGrant", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatelicenseconfiguration": "UpdateLicenseConfiguration", + "updatelicensemanagerreportgenerator": "UpdateLicenseManagerReportGenerator", + "updatelicensespecificationsforresource": "UpdateLicenseSpecificationsForResource", + "updateservicesettings": "UpdateServiceSettings" + }, + "resources": { + "license-configuration": { + "resource": "license-configuration", + "arn": "arn:${Partition}:license-manager:${Region}:${Account}:license-configuration:${LicenseConfigurationId}", + "condition_keys": [ + "license-manager:ResourceTag/${TagKey}" + ] + }, + "license": { + "resource": "license", + "arn": "arn:${Partition}:license-manager::${Account}:license:${LicenseId}", + "condition_keys": [] + }, + "grant": { + "resource": "grant", + "arn": "arn:${Partition}:license-manager::${Account}:grant:${GrantId}", + "condition_keys": [] + }, + "report-generator": { + "resource": "report-generator", + "arn": "arn:${Partition}:license-manager:${Region}:${Account}:report-generator:${ReportGeneratorId}", + "condition_keys": [ + "license-manager:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "license-configuration": "license-configuration", + "license": "license", + "grant": "grant", + "report-generator": "report-generator" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "license-manager:ResourceTag/${TagKey}": { + "condition": "license-manager:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + } + } + }, + "license-manager-linux-subscriptions": { + "service_name": "AWS License Manager Linux Subscriptions Manager", + "prefix": "license-manager-linux-subscriptions", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslicensemanagerlinuxsubscriptionsmanager.html", + "privileges": { + "GetServiceSettings": { + "privilege": "GetServiceSettings", + "description": "Grants permission to get the service settings for Linux subscriptions in AWS License Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_GetServiceSettings.html" + }, + "ListLinuxSubscriptionInstances": { + "privilege": "ListLinuxSubscriptionInstances", + "description": "Grants permission to list all instances with Linux subscriptions in AWS License Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLinuxSubscriptionInstances.html" + }, + "ListLinuxSubscriptions": { + "privilege": "ListLinuxSubscriptions", + "description": "Grants permission to list all Linux subscriptions in AWS License Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_ListLinuxSubscriptions.html" + }, + "UpdateServiceSettings": { + "privilege": "UpdateServiceSettings", + "description": "Grants permission to update the service settings for Linux subscriptions in AWS License Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/APIReference/API_UpdateServiceSettings.html" + } + }, + "privileges_lower_name": { + "getservicesettings": "GetServiceSettings", + "listlinuxsubscriptioninstances": "ListLinuxSubscriptionInstances", + "listlinuxsubscriptions": "ListLinuxSubscriptions", + "updateservicesettings": "UpdateServiceSettings" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "license-manager-user-subscriptions": { + "service_name": "AWS License Manager User Subscriptions", + "prefix": "license-manager-user-subscriptions", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awslicensemanagerusersubscriptions.html", + "privileges": { + "AssociateUser": { + "privilege": "AssociateUser", + "description": "Grants permission to associate a subscribed user to an instance launched with license manager user subscriptions products", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_AssociateUser.html" + }, + "DeregisterIdentityProvider": { + "privilege": "DeregisterIdentityProvider", + "description": "Grants permission to deregister Microsoft Active Directory with license-manager-user-subscriptions for a product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_DeregisterIdentityProvider.html" + }, + "DisassociateUser": { + "privilege": "DisassociateUser", + "description": "Grants permission to disassociate a subscribed user from an instance launched with license manager user subscriptions products", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_DisassociateUser.html" + }, + "ListIdentityProviders": { + "privilege": "ListIdentityProviders", + "description": "Grants permission to list all the identity providers on license manager user subscriptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListIdentityProviders.html" + }, + "ListInstances": { + "privilege": "ListInstances", + "description": "Grants permission to list all the instances launched with license manager user subscription products", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListInstances.html" + }, + "ListProductSubscriptions": { + "privilege": "ListProductSubscriptions", + "description": "Grants permission to lists all the product subscriptions for a product and identity provider", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListProductSubscriptions.html" + }, + "ListUserAssociations": { + "privilege": "ListUserAssociations", + "description": "Grants permission to list all the users associated to an instance launched for a product", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_ListUserAssociations.html" + }, + "RegisterIdentityProvider": { + "privilege": "RegisterIdentityProvider", + "description": "Grants permission to registers Microsoft Active Directory with license-manager-user-subscriptions for a product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_RegisterIdentityProvider.html" + }, + "StartProductSubscription": { + "privilege": "StartProductSubscription", + "description": "Grants permission to start product subscription for a user on a registered active directory for a product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_StartProductSubscription.html" + }, + "StopProductSubscription": { + "privilege": "StopProductSubscription", + "description": "Grants permission to stop product subscription for a user on a registered active directory for a product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_StopProductSubscription.html" + }, + "UpdateIdentityProviderSettings": { + "privilege": "UpdateIdentityProviderSettings", + "description": "Grants permission to update the identity provider configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager-user-subscriptions/latest/APIReference/API_UpdateIdentityProviderSettings.html" + } + }, + "privileges_lower_name": { + "associateuser": "AssociateUser", + "deregisteridentityprovider": "DeregisterIdentityProvider", + "disassociateuser": "DisassociateUser", + "listidentityproviders": "ListIdentityProviders", + "listinstances": "ListInstances", + "listproductsubscriptions": "ListProductSubscriptions", + "listuserassociations": "ListUserAssociations", + "registeridentityprovider": "RegisterIdentityProvider", + "startproductsubscription": "StartProductSubscription", + "stopproductsubscription": "StopProductSubscription", + "updateidentityprovidersettings": "UpdateIdentityProviderSettings" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "m2": { + "service_name": "AWS Mainframe Modernization Service", + "prefix": "m2", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmainframemodernizationservice.html", + "privileges": { + "CancelBatchJobExecution": { + "privilege": "CancelBatchJobExecution", + "description": "Grants permission to cancel the execution of a batch job", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CancelBatchJobExecution.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "s3:GetObject", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateApplication.html" + }, + "CreateDataSetImportTask": { + "privilege": "CreateDataSetImportTask", + "description": "Grants permission to create a data set import task", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateDataSetImportTask.html" + }, + "CreateDeployment": { + "privilege": "CreateDeployment", + "description": "Grants permission to create a deployment", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:CreateListener", + "elasticloadbalancing:CreateTargetGroup", + "elasticloadbalancing:RegisterTargets" + ] + }, + "Environment": { + "resource_type": "Environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateDeployment.html" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to Create an environment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:DescribeNetworkInterfaces", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "ec2:ModifyNetworkInterfaceAttribute", + "elasticfilesystem:DescribeMountTargets", + "elasticloadbalancing:AddTags", + "elasticloadbalancing:CreateLoadBalancer", + "fsx:DescribeFileSystems", + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateEnvironment.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:DeleteTargetGroup" + ] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteApplication.html" + }, + "DeleteApplicationFromEnvironment": { + "privilege": "DeleteApplicationFromEnvironment", + "description": "Grants permission to delete an application from a runtime environment", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticloadbalancing:DeleteListener", + "elasticloadbalancing:DeleteTargetGroup" + ] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteApplicationFromEnvironment.html" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete a runtime environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "elasticloadbalancing:DeleteLoadBalancer" + ] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteEnvironment.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to retrieve an application", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetApplication.html" + }, + "GetApplicationVersion": { + "privilege": "GetApplicationVersion", + "description": "Grants permission to retrieve an application version", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetApplicationVersion.html" + }, + "GetBatchJobExecution": { + "privilege": "GetBatchJobExecution", + "description": "Grants permission to retrieve a batch job execution", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetBatchJobExecution.html" + }, + "GetDataSetDetails": { + "privilege": "GetDataSetDetails", + "description": "Grants permission to retrieve data set details", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDataSetDetails.html" + }, + "GetDataSetImportTask": { + "privilege": "GetDataSetImportTask", + "description": "Grants permission to retrieve a data set import task", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDataSetImportTask.html" + }, + "GetDeployment": { + "privilege": "GetDeployment", + "description": "Grants permission to retrieve a deployment", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDeployment.html" + }, + "GetEnvironment": { + "privilege": "GetEnvironment", + "description": "Grants permission to retrieve a runtime environment", + "access_level": "Read", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_GetEnvironment.html" + }, + "ListApplicationVersions": { + "privilege": "ListApplicationVersions", + "description": "Grants permission to list the versions of an application", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListApplicationVersions.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListApplications.html" + }, + "ListBatchJobDefinitions": { + "privilege": "ListBatchJobDefinitions", + "description": "Grants permission to list batch job definitions", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListBatchJobDefinitions.html" + }, + "ListBatchJobExecutions": { + "privilege": "ListBatchJobExecutions", + "description": "Grants permission to list executions for a batch job", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListBatchJobExecutions.html" + }, + "ListDataSetImportHistory": { + "privilege": "ListDataSetImportHistory", + "description": "Grants permission to list data set import history", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDataSetImportHistory.html" + }, + "ListDataSets": { + "privilege": "ListDataSets", + "description": "Grants permission to list data sets", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDataSets.html" + }, + "ListDeployments": { + "privilege": "ListDeployments", + "description": "Grants permission to list deployments", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDeployments.html" + }, + "ListEngineVersions": { + "privilege": "ListEngineVersions", + "description": "Grants permission to list engine versions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListEngineVersions.html" + }, + "ListEnvironments": { + "privilege": "ListEnvironments", + "description": "Grants permission to list runtime environments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListEnvironments.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_ListTagsForResource.html" + }, + "StartApplication": { + "privilege": "StartApplication", + "description": "Grants permission to start an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_StartApplication.html" + }, + "StartBatchJob": { + "privilege": "StartBatchJob", + "description": "Grants permission to start a batch job", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_StartBatchJob.html" + }, + "StopApplication": { + "privilege": "StopApplication", + "description": "Grants permission to stop an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_StopApplication.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Environment": { + "resource_type": "Environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "environment": "Environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Environment": { + "resource_type": "Environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "environment": "Environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject", + "s3:ListBucket" + ] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_UpdateApplication.html" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to update a runtime environment", + "access_level": "Write", + "resource_types": { + "Environment": { + "resource_type": "Environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "Environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/m2/latest/APIReference/API_UpdateEnvironment.html" + } + }, + "privileges_lower_name": { + "cancelbatchjobexecution": "CancelBatchJobExecution", + "createapplication": "CreateApplication", + "createdatasetimporttask": "CreateDataSetImportTask", + "createdeployment": "CreateDeployment", + "createenvironment": "CreateEnvironment", + "deleteapplication": "DeleteApplication", + "deleteapplicationfromenvironment": "DeleteApplicationFromEnvironment", + "deleteenvironment": "DeleteEnvironment", + "getapplication": "GetApplication", + "getapplicationversion": "GetApplicationVersion", + "getbatchjobexecution": "GetBatchJobExecution", + "getdatasetdetails": "GetDataSetDetails", + "getdatasetimporttask": "GetDataSetImportTask", + "getdeployment": "GetDeployment", + "getenvironment": "GetEnvironment", + "listapplicationversions": "ListApplicationVersions", + "listapplications": "ListApplications", + "listbatchjobdefinitions": "ListBatchJobDefinitions", + "listbatchjobexecutions": "ListBatchJobExecutions", + "listdatasetimporthistory": "ListDataSetImportHistory", + "listdatasets": "ListDataSets", + "listdeployments": "ListDeployments", + "listengineversions": "ListEngineVersions", + "listenvironments": "ListEnvironments", + "listtagsforresource": "ListTagsForResource", + "startapplication": "StartApplication", + "startbatchjob": "StartBatchJob", + "stopapplication": "StopApplication", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication", + "updateenvironment": "UpdateEnvironment" + }, + "resources": { + "Application": { + "resource": "Application", + "arn": "arn:${Partition}:m2:${Region}:${Account}:app/${ApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Environment": { + "resource": "Environment", + "arn": "arn:${Partition}:m2:${Region}:${Account}:env/${EnvironmentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "application": "Application", + "environment": "Environment" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + } + } + }, + "aws-marketplace": { + "service_name": "AWS Marketplace", + "prefix": "aws-marketplace", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplace.html", + "privileges": { + "AcceptAgreementApprovalRequest": { + "privilege": "AcceptAgreementApprovalRequest", + "description": "Grants permission to users to approve an incoming subscription request (for providers who provide products that require subscription verification)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "AcceptAgreementRequest": { + "privilege": "AcceptAgreementRequest", + "description": "Grants permission to users to accept their agreement requests. Note that this action is not applicable to Marketplace purchases", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "CancelAgreement": { + "privilege": "CancelAgreement", + "description": "Grants permission to users to cancel their agreements. Note that this action is not applicable to Marketplace purchases", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "CancelAgreementRequest": { + "privilege": "CancelAgreementRequest", + "description": "Grants permission to users to cancel pending subscription requests for products that require subscription verification", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "CreateAgreementRequest": { + "privilege": "CreateAgreementRequest", + "description": "Grants permission to users to create an agreement request. Note that this action is not applicable to Marketplace purchases", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "DescribeAgreement": { + "privilege": "DescribeAgreement", + "description": "Grants permission to users to describe the metadata about the agreement", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "GetAgreementApprovalRequest": { + "privilege": "GetAgreementApprovalRequest", + "description": "Grants permission to users to view the details of their incoming subscription requests (for providers who provide products that require subscription verification)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "GetAgreementRequest": { + "privilege": "GetAgreementRequest", + "description": "Grants permission to users to view the details of their subscription requests for data products that require subscription verification", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "GetAgreementTerms": { + "privilege": "GetAgreementTerms", + "description": "Grants permission to users to get a list of terms for an agreement", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "ListAgreementApprovalRequests": { + "privilege": "ListAgreementApprovalRequests", + "description": "Grants permission to users to list their incoming subscription requests (for providers who provide products that require subscription verification)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "ListAgreementRequests": { + "privilege": "ListAgreementRequests", + "description": "Grants permission to users to list their subscription requests for products that require subscription verification", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "ListEntitlementDetails": { + "privilege": "ListEntitlementDetails", + "description": "Grants permission to users to view details of the entitlements associated with an agreement. Note that this action is not applicable to Marketplace purchases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "RejectAgreementApprovalRequest": { + "privilege": "RejectAgreementApprovalRequest", + "description": "Grants permission to users to decline an incoming subscription requests (for providers who provide products that require subscription verification)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "SearchAgreements": { + "privilege": "SearchAgreements", + "description": "Grants permission to users to search their agreements", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "Subscribe": { + "privilege": "Subscribe", + "description": "Grants permission to users to subscribe to AWS Marketplace products. Includes the ability to send a subscription request for products that require subscription verification. Includes the ability to enable auto-renewal for an existing subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "Unsubscribe": { + "privilege": "Unsubscribe", + "description": "Grants permission to users to remove subscriptions to AWS Marketplace products. Includes the ability to disable auto-renewal for an existing subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "UpdateAgreementApprovalRequest": { + "privilege": "UpdateAgreementApprovalRequest", + "description": "Grants permission to users to make changes to an incoming subscription request, including the ability to delete the prospective subscriber's information (for providers who provide products that require subscription verification)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "ViewSubscriptions": { + "privilege": "ViewSubscriptions", + "description": "Grants permission to users to see their account's subscriptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-iam-users-groups-policies.html" + }, + "CancelChangeSet": { + "privilege": "CancelChangeSet", + "description": "Grants permission to cancel a running change set", + "access_level": "Write", + "resource_types": { + "ChangeSet": { + "resource_type": "ChangeSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "changeset": "ChangeSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_CancelChangeSet.html" + }, + "CompleteTask": { + "privilege": "CompleteTask", + "description": "Grants permission to complete an existing task and submit the content to the associated change", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete the resource policy of an existing entity", + "access_level": "Permissions management", + "resource_types": { + "Entity": { + "resource_type": "Entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "Entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_DeleteResourcePolicy.html" + }, + "DescribeChangeSet": { + "privilege": "DescribeChangeSet", + "description": "Grants permission to return the details of an existing change set", + "access_level": "Read", + "resource_types": { + "ChangeSet": { + "resource_type": "ChangeSet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "changeset": "ChangeSet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_DescribeChangeSet.html" + }, + "DescribeEntity": { + "privilege": "DescribeEntity", + "description": "Grants permission to return the details of an existing entity", + "access_level": "Read", + "resource_types": { + "Entity": { + "resource_type": "Entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "Entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_DescribeEntity.html" + }, + "DescribeTask": { + "privilege": "DescribeTask", + "description": "Grants permission to return the details of an existing task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to get the resource policy of an existing entity", + "access_level": "Read", + "resource_types": { + "Entity": { + "resource_type": "Entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "Entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_GetResourcePolicy.html" + }, + "ListChangeSets": { + "privilege": "ListChangeSets", + "description": "Grants permission to list existing change sets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_ListChangeSets.html" + }, + "ListEntities": { + "privilege": "ListEntities", + "description": "Grants permission to list existing entities", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_ListEntities.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags on an existing entity or a change set", + "access_level": "Read", + "resource_types": { + "ChangeSet": { + "resource_type": "ChangeSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Entity": { + "resource_type": "Entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "changeset": "ChangeSet", + "entity": "Entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_ListTagsForResource.html" + }, + "ListTasks": { + "privilege": "ListTasks", + "description": "Grants permission to list existing tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to attach a resource policy to an existing entity", + "access_level": "Permissions management", + "resource_types": { + "Entity": { + "resource_type": "Entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "Entity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_PutResourcePolicy.html" + }, + "StartChangeSet": { + "privilege": "StartChangeSet", + "description": "Grants permission to request a new change set (Note: resource-level permissions for this action and condition context keys for this action are only supported when used with Catalog API and are not supported when used with AWS Marketplace Management Portal)", + "access_level": "Write", + "resource_types": { + "Entity": { + "resource_type": "Entity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "catalog:ChangeType", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "entity": "Entity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_StartChangeSet.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an existing entity or a change set", + "access_level": "Tagging", + "resource_types": { + "ChangeSet": { + "resource_type": "ChangeSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Entity": { + "resource_type": "Entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "changeset": "ChangeSet", + "entity": "Entity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an existing entity or a change set", + "access_level": "Tagging", + "resource_types": { + "ChangeSet": { + "resource_type": "ChangeSet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Entity": { + "resource_type": "Entity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "changeset": "ChangeSet", + "entity": "Entity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/API_UntagResource.html" + }, + "UpdateTask": { + "privilege": "UpdateTask", + "description": "Grants permission to update the contents of an existing task", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace-catalog/latest/api-reference/" + }, + "ListPrivateListings": { + "privilege": "ListPrivateListings", + "description": "Grants permission to users to list their private offers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-offers-page.html" + }, + "GetEntitlements": { + "privilege": "GetEntitlements", + "description": "Retrieves entitlement values for a given product. The results can be filtered based on customer identifier or product dimensions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "DescribeBuilds": { + "privilege": "DescribeBuilds", + "description": "Describes Image Builds identified by a build Id", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/api-reference.html" + }, + "ListBuilds": { + "privilege": "ListBuilds", + "description": "Lists Image Builds.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/api-reference.html" + }, + "StartBuild": { + "privilege": "StartBuild", + "description": "Starts an Image Build", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/api-reference.html" + }, + "BatchMeterUsage": { + "privilege": "BatchMeterUsage", + "description": "Grants permission to post metering records for a set of customers for SaaS applications", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_BatchMeterUsage.html" + }, + "MeterUsage": { + "privilege": "MeterUsage", + "description": "Grants permission to emit metering records", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_MeterUsage.html" + }, + "RegisterUsage": { + "privilege": "RegisterUsage", + "description": "Grants permission to to verify that the customer running your paid software is subscribed to your product on AWS Marketplace, enabling you to guard against unauthorized use. Meters software use per ECS task, per hour, with usage prorated to the second", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_RegisterUsage.html" + }, + "ResolveCustomer": { + "privilege": "ResolveCustomer", + "description": "Grants permission to resolve a registration token to obtain a CustomerIdentifier and product code", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplacemetering/latest/APIReference/API_ResolveCustomer.html" + }, + "AssociateProductsWithPrivateMarketplace": { + "privilege": "AssociateProductsWithPrivateMarketplace", + "description": "Grants permission to approve a request for a product to be associated with the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" + }, + "CreatePrivateMarketplaceRequests": { + "privilege": "CreatePrivateMarketplaceRequests", + "description": "Grants permission to create a new request for a product or products to be associated with the Private Marketplace. This action can be performed by any account in an in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" + }, + "DescribePrivateMarketplaceRequests": { + "privilege": "DescribePrivateMarketplaceRequests", + "description": "Grants permission to describe requests and associated products in the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" + }, + "DisassociateProductsFromPrivateMarketplace": { + "privilege": "DisassociateProductsFromPrivateMarketplace", + "description": "Grants permission to decline a request for a product to be associated with the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" + }, + "ListPrivateMarketplaceRequests": { + "privilege": "ListPrivateMarketplaceRequests", + "description": "Grants permission to get a queryable list for requests and associated products in the Private Marketplace. This action can be performed by any account in an AWS Organization, provided the user has permissions to do so, and the Organization's Service Control Policies allow it", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/private-marketplace.html" + }, + "DescribeProcurementSystemConfiguration": { + "privilege": "DescribeProcurementSystemConfiguration", + "description": "Grants permission to describe the Procurement System integration configuration (e.g. Coupa) for the individual account, or for the entire AWS Organization if one exists. This action can only be performed by the master account if using an AWS Organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/procurement-systems-integration.html" + }, + "PutProcurementSystemConfiguration": { + "privilege": "PutProcurementSystemConfiguration", + "description": "Grants permission to create or update the Procurement System integration configuration (e.g. Coupa) for the individual account, or for the entire AWS Organization if one exists. This action can only be performed by the master account if using an AWS Organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/procurement-systems-integration.html" + }, + "GetSellerDashboard": { + "privilege": "GetSellerDashboard", + "description": "Grants permission to view a seller dashboard", + "access_level": "Read", + "resource_types": { + "SellerDashboard": { + "resource_type": "SellerDashboard", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sellerdashboard": "SellerDashboard" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/dashboards.html#reports-accessing" + } + }, + "privileges_lower_name": { + "acceptagreementapprovalrequest": "AcceptAgreementApprovalRequest", + "acceptagreementrequest": "AcceptAgreementRequest", + "cancelagreement": "CancelAgreement", + "cancelagreementrequest": "CancelAgreementRequest", + "createagreementrequest": "CreateAgreementRequest", + "describeagreement": "DescribeAgreement", + "getagreementapprovalrequest": "GetAgreementApprovalRequest", + "getagreementrequest": "GetAgreementRequest", + "getagreementterms": "GetAgreementTerms", + "listagreementapprovalrequests": "ListAgreementApprovalRequests", + "listagreementrequests": "ListAgreementRequests", + "listentitlementdetails": "ListEntitlementDetails", + "rejectagreementapprovalrequest": "RejectAgreementApprovalRequest", + "searchagreements": "SearchAgreements", + "subscribe": "Subscribe", + "unsubscribe": "Unsubscribe", + "updateagreementapprovalrequest": "UpdateAgreementApprovalRequest", + "viewsubscriptions": "ViewSubscriptions", + "cancelchangeset": "CancelChangeSet", + "completetask": "CompleteTask", + "deleteresourcepolicy": "DeleteResourcePolicy", + "describechangeset": "DescribeChangeSet", + "describeentity": "DescribeEntity", + "describetask": "DescribeTask", + "getresourcepolicy": "GetResourcePolicy", + "listchangesets": "ListChangeSets", + "listentities": "ListEntities", + "listtagsforresource": "ListTagsForResource", + "listtasks": "ListTasks", + "putresourcepolicy": "PutResourcePolicy", + "startchangeset": "StartChangeSet", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatetask": "UpdateTask", + "listprivatelistings": "ListPrivateListings", + "getentitlements": "GetEntitlements", + "describebuilds": "DescribeBuilds", + "listbuilds": "ListBuilds", + "startbuild": "StartBuild", + "batchmeterusage": "BatchMeterUsage", + "meterusage": "MeterUsage", + "registerusage": "RegisterUsage", + "resolvecustomer": "ResolveCustomer", + "associateproductswithprivatemarketplace": "AssociateProductsWithPrivateMarketplace", + "createprivatemarketplacerequests": "CreatePrivateMarketplaceRequests", + "describeprivatemarketplacerequests": "DescribePrivateMarketplaceRequests", + "disassociateproductsfromprivatemarketplace": "DisassociateProductsFromPrivateMarketplace", + "listprivatemarketplacerequests": "ListPrivateMarketplaceRequests", + "describeprocurementsystemconfiguration": "DescribeProcurementSystemConfiguration", + "putprocurementsystemconfiguration": "PutProcurementSystemConfiguration", + "getsellerdashboard": "GetSellerDashboard" + }, + "resources": { + "Entity": { + "resource": "Entity", + "arn": "arn:${Partition}:aws-marketplace:${Region}:${Account}:${Catalog}/${EntityType}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "catalog:ChangeType" + ] + }, + "ChangeSet": { + "resource": "ChangeSet", + "arn": "arn:${Partition}:aws-marketplace:${Region}:${Account}:${Catalog}/ChangeSet/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "catalog:ChangeType" + ] + }, + "SellerDashboard": { + "resource": "SellerDashboard", + "arn": "arn:${Partition}:aws-marketplace::${Account}:${Catalog}/ReportingData/${FactTable}/Dashboard/${DashboardName}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "entity": "Entity", + "changeset": "ChangeSet", + "sellerdashboard": "SellerDashboard" + }, + "conditions": { + "aws-marketplace:AgreementType": { + "condition": "aws-marketplace:AgreementType", + "description": "Filters access by the type of the agreement", + "type": "ArrayOfString" + }, + "aws-marketplace:PartyType": { + "condition": "aws-marketplace:PartyType", + "description": "Filters access by the party type of the agreement", + "type": "String" + }, + "aws-marketplace:ProductId": { + "condition": "aws-marketplace:ProductId", + "description": "Filters access by product id for AWS Marketplace RedHat OpenShift products in the RedHat console. Note: This condition key only applies to the RedHat console, and using it will not restrict access to products in AWS Marketplace", + "type": "ArrayOfString" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "catalog:ChangeType": { + "condition": "catalog:ChangeType", + "description": "Filters access by the change type in the StartChangeSet request", + "type": "String" + } + } + }, + "marketplacecommerceanalytics": { + "service_name": "AWS Marketplace Commerce Analytics Service", + "prefix": "marketplacecommerceanalytics", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplacecommerceanalyticsservice.html", + "privileges": { + "GenerateDataSet": { + "privilege": "GenerateDataSet", + "description": "Request a data set to be published to your Amazon S3 bucket.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "StartSupportDataExport": { + "privilege": "StartSupportDataExport", + "description": "Request a support data set to be published to your Amazon S3 bucket.", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + } + }, + "privileges_lower_name": { + "generatedataset": "GenerateDataSet", + "startsupportdataexport": "StartSupportDataExport" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "aws-marketplace-management": { + "service_name": "AWS Marketplace Management Portal", + "prefix": "aws-marketplace-management", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplacemanagementportal.html", + "privileges": { + "GetAdditionalSellerNotificationRecipients": { + "privilege": "GetAdditionalSellerNotificationRecipients", + "description": "Grants permission to view additional seller notification recipients", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "GetBankAccountVerificationDetails": { + "privilege": "GetBankAccountVerificationDetails", + "description": "Grants permission to view bank account verification status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "GetSecondaryUserVerificationDetails": { + "privilege": "GetSecondaryUserVerificationDetails", + "description": "Grants permission to view secondary user account verification status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "GetSellerVerificationDetails": { + "privilege": "GetSellerVerificationDetails", + "description": "Grants permission to view account verification status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "PutAdditionalSellerNotificationRecipients": { + "privilege": "PutAdditionalSellerNotificationRecipients", + "description": "Grants permission to update additional seller notification recipients", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "PutBankAccountVerificationDetails": { + "privilege": "PutBankAccountVerificationDetails", + "description": "Grants permission to update bank account verification status", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "PutSecondaryUserVerificationDetails": { + "privilege": "PutSecondaryUserVerificationDetails", + "description": "Grants permission to update secondary user account verification status", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "PutSellerVerificationDetails": { + "privilege": "PutSellerVerificationDetails", + "description": "Grants permission to update account verification status", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "uploadFiles": { + "privilege": "uploadFiles", + "description": "Allows access to the File Upload page inside the AWS Marketplace Management Portal", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "viewMarketing": { + "privilege": "viewMarketing", + "description": "Allows access to the Marketing page inside the AWS Marketplace Management Portal", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "viewReports": { + "privilege": "viewReports", + "description": "Allows access to the Reports page inside the AWS Marketplace Management Portal", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "viewSettings": { + "privilege": "viewSettings", + "description": "Allows access to the Settings page inside the AWS Marketplace Management Portal", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + }, + "viewSupport": { + "privilege": "viewSupport", + "description": "Allows access to the Customer Support Eligibility page inside the AWS Marketplace Management Portal", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html#seller-ammp-permissions" + } + }, + "privileges_lower_name": { + "getadditionalsellernotificationrecipients": "GetAdditionalSellerNotificationRecipients", + "getbankaccountverificationdetails": "GetBankAccountVerificationDetails", + "getsecondaryuserverificationdetails": "GetSecondaryUserVerificationDetails", + "getsellerverificationdetails": "GetSellerVerificationDetails", + "putadditionalsellernotificationrecipients": "PutAdditionalSellerNotificationRecipients", + "putbankaccountverificationdetails": "PutBankAccountVerificationDetails", + "putsecondaryuserverificationdetails": "PutSecondaryUserVerificationDetails", + "putsellerverificationdetails": "PutSellerVerificationDetails", + "uploadfiles": "uploadFiles", + "viewmarketing": "viewMarketing", + "viewreports": "viewReports", + "viewsettings": "viewSettings", + "viewsupport": "viewSupport" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "vendor-insights": { + "service_name": "AWS Marketplace Vendor Insights", + "prefix": "vendor-insights", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmarketplacevendorinsights.html", + "privileges": { + "ActivateSecurityProfile": { + "privilege": "ActivateSecurityProfile", + "description": "Grants permission to activate the security profile", + "access_level": "Write", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "AssociateDataSource": { + "privilege": "AssociateDataSource", + "description": "Grants permission to associate security profile with a data source", + "access_level": "Write", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "vendor-insights:GetDataSource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "CreateDataSource": { + "privilege": "CreateDataSource", + "description": "Grants permission to create a new data source", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "vendor-insights:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "CreateSecurityProfile": { + "privilege": "CreateSecurityProfile", + "description": "Grants permission to create a new security profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "vendor-insights:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "DeactivateSecurityProfile": { + "privilege": "DeactivateSecurityProfile", + "description": "Grants permission to deactivate the security profile", + "access_level": "Write", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "DeleteDataSource": { + "privilege": "DeleteDataSource", + "description": "Grants permission to delete a data source", + "access_level": "Write", + "resource_types": { + "DataSource": { + "resource_type": "DataSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "DataSource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "DisassociateDataSource": { + "privilege": "DisassociateDataSource", + "description": "Grants permission to disassociate security profile from a data source", + "access_level": "Write", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "vendor-insights:GetDataSource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "GetDataSource": { + "privilege": "GetDataSource", + "description": "Grants permission to retrieve the details of an existing data source", + "access_level": "Read", + "resource_types": { + "DataSource": { + "resource_type": "DataSource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "DataSource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "GetEntitledSecurityProfileSnapshot": { + "privilege": "GetEntitledSecurityProfileSnapshot", + "description": "Grants permission to return the details of a security profile snapshot that requester is entitled to read", + "access_level": "Read", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" + }, + "GetProfileAccessTerms": { + "privilege": "GetProfileAccessTerms", + "description": "Grants permission to get the access terms for a vendor insights profile", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" + }, + "GetSecurityProfile": { + "privilege": "GetSecurityProfile", + "description": "Grants permission to return the details of an existing security profile", + "access_level": "Read", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "GetSecurityProfileSnapshot": { + "privilege": "GetSecurityProfileSnapshot", + "description": "Grants permission to return the details of a security profile snapshot", + "access_level": "Read", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "ListDataSources": { + "privilege": "ListDataSources", + "description": "Grants permission to list existing data sources", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "ListEntitledSecurityProfileSnapshots": { + "privilege": "ListEntitledSecurityProfileSnapshots", + "description": "Grants permission to return the snapshot summary list for an existing security profile that requester is entitled to list", + "access_level": "List", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" + }, + "ListEntitledSecurityProfiles": { + "privilege": "ListEntitledSecurityProfiles", + "description": "Grants permission to list entitled security profiles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-vendor-insights-controlling-access.html" + }, + "ListSecurityProfileSnapshots": { + "privilege": "ListSecurityProfileSnapshots", + "description": "Grants permission to return the snapshot summary list for an existing security profile", + "access_level": "List", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "ListSecurityProfiles": { + "privilege": "ListSecurityProfiles", + "description": "Grants permission to list existing security profiles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for vendor insights resource", + "access_level": "Read", + "resource_types": { + "DataSource": { + "resource_type": "DataSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "DataSource", + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag vendor insights resource", + "access_level": "Tagging", + "resource_types": { + "DataSource": { + "resource_type": "DataSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "DataSource", + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag vendor insights resource", + "access_level": "Tagging", + "resource_types": { + "DataSource": { + "resource_type": "DataSource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "datasource": "DataSource", + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "UpdateSecurityProfile": { + "privilege": "UpdateSecurityProfile", + "description": "Grants permission to update the security profile", + "access_level": "Write", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "UpdateSecurityProfileSnapshotCreationConfiguration": { + "privilege": "UpdateSecurityProfileSnapshotCreationConfiguration", + "description": "Grants permission to update the security profile snapshot creation configuration", + "access_level": "Write", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + }, + "UpdateSecurityProfileSnapshotReleaseConfiguration": { + "privilege": "UpdateSecurityProfileSnapshotReleaseConfiguration", + "description": "Grants permission to update the security profile snapshot release configuration", + "access_level": "Write", + "resource_types": { + "SecurityProfile": { + "resource_type": "SecurityProfile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "securityprofile": "SecurityProfile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/vendor-insights-seller-controlling-access.html" + } + }, + "privileges_lower_name": { + "activatesecurityprofile": "ActivateSecurityProfile", + "associatedatasource": "AssociateDataSource", + "createdatasource": "CreateDataSource", + "createsecurityprofile": "CreateSecurityProfile", + "deactivatesecurityprofile": "DeactivateSecurityProfile", + "deletedatasource": "DeleteDataSource", + "disassociatedatasource": "DisassociateDataSource", + "getdatasource": "GetDataSource", + "getentitledsecurityprofilesnapshot": "GetEntitledSecurityProfileSnapshot", + "getprofileaccessterms": "GetProfileAccessTerms", + "getsecurityprofile": "GetSecurityProfile", + "getsecurityprofilesnapshot": "GetSecurityProfileSnapshot", + "listdatasources": "ListDataSources", + "listentitledsecurityprofilesnapshots": "ListEntitledSecurityProfileSnapshots", + "listentitledsecurityprofiles": "ListEntitledSecurityProfiles", + "listsecurityprofilesnapshots": "ListSecurityProfileSnapshots", + "listsecurityprofiles": "ListSecurityProfiles", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatesecurityprofile": "UpdateSecurityProfile", + "updatesecurityprofilesnapshotcreationconfiguration": "UpdateSecurityProfileSnapshotCreationConfiguration", + "updatesecurityprofilesnapshotreleaseconfiguration": "UpdateSecurityProfileSnapshotReleaseConfiguration" + }, + "resources": { + "DataSource": { + "resource": "DataSource", + "arn": "arn:${Partition}:vendor-insights:::data-source:${ResourceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + }, + "SecurityProfile": { + "resource": "SecurityProfile", + "arn": "arn:${Partition}:vendor-insights:::security-profile:${ResourceId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys" + ] + } + }, + "resources_lower_name": { + "datasource": "DataSource", + "securityprofile": "SecurityProfile" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "serviceextract": { + "service_name": "AWS Microservice Extractor for .NET", + "prefix": "serviceextract", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmicroserviceextractorfor.net.html", + "privileges": { + "GetConfig": { + "privilege": "GetConfig", + "description": "Grants permission to get required configuration for the AWS Microservice Extractor for .NET desktop client", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/microservice-extractor/latest/userguide/what-is-microservice-extractor.html" + } + }, + "privileges_lower_name": { + "getconfig": "GetConfig" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "mgh": { + "service_name": "AWS Migration Hub", + "prefix": "mgh", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhub.html", + "privileges": { + "AssociateCreatedArtifact": { + "privilege": "AssociateCreatedArtifact", + "description": "Associate a given AWS artifact to a MigrationTask", + "access_level": "Write", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_AssociateCreatedArtifact.html" + }, + "AssociateDiscoveredResource": { + "privilege": "AssociateDiscoveredResource", + "description": "Associate a given ADS resource to a MigrationTask", + "access_level": "Write", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_AssociateDiscoveredResource.html" + }, + "CreateHomeRegionControl": { + "privilege": "CreateHomeRegionControl", + "description": "Create a Migration Hub Home Region Control", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_CreateHomeRegionControl.html" + }, + "CreateProgressUpdateStream": { + "privilege": "CreateProgressUpdateStream", + "description": "Create a ProgressUpdateStream", + "access_level": "Write", + "resource_types": { + "progressUpdateStream": { + "resource_type": "progressUpdateStream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "progressupdatestream": "progressUpdateStream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_CreateProgressUpdateStream.html" + }, + "DeleteProgressUpdateStream": { + "privilege": "DeleteProgressUpdateStream", + "description": "Delete a ProgressUpdateStream", + "access_level": "Write", + "resource_types": { + "progressUpdateStream": { + "resource_type": "progressUpdateStream", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "progressupdatestream": "progressUpdateStream" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DeleteProgressUpdateStream.html" + }, + "DescribeApplicationState": { + "privilege": "DescribeApplicationState", + "description": "Get an Application Discovery Service Application's state", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DescribeApplicationState.html" + }, + "DescribeHomeRegionControls": { + "privilege": "DescribeHomeRegionControls", + "description": "List Home Region Controls", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DescribeHomeRegionControls.html" + }, + "DescribeMigrationTask": { + "privilege": "DescribeMigrationTask", + "description": "Describe a MigrationTask", + "access_level": "Read", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DescribeMigrationTask.html" + }, + "DisassociateCreatedArtifact": { + "privilege": "DisassociateCreatedArtifact", + "description": "Disassociate a given AWS artifact from a MigrationTask", + "access_level": "Write", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DisassociateCreatedArtifact.html" + }, + "DisassociateDiscoveredResource": { + "privilege": "DisassociateDiscoveredResource", + "description": "Disassociate a given ADS resource from a MigrationTask", + "access_level": "Write", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_DisassociateDiscoveredResource.html" + }, + "GetHomeRegion": { + "privilege": "GetHomeRegion", + "description": "Get the Migration Hub Home Region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_GetHomeRegion.html" + }, + "ImportMigrationTask": { + "privilege": "ImportMigrationTask", + "description": "Import a MigrationTask", + "access_level": "Write", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ImportMigrationTask.html" + }, + "ListApplicationStates": { + "privilege": "ListApplicationStates", + "description": "List Application statuses", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListApplicationStates.html" + }, + "ListCreatedArtifacts": { + "privilege": "ListCreatedArtifacts", + "description": "List associated created artifacts for a MigrationTask", + "access_level": "List", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListCreatedArtifacts.html" + }, + "ListDiscoveredResources": { + "privilege": "ListDiscoveredResources", + "description": "List associated ADS resources from MigrationTask", + "access_level": "List", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListDiscoveredResources.html" + }, + "ListMigrationTasks": { + "privilege": "ListMigrationTasks", + "description": "List MigrationTasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListMigrationTasks.html" + }, + "ListProgressUpdateStreams": { + "privilege": "ListProgressUpdateStreams", + "description": "List ProgressUpdateStreams", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_ListProgressUpdateStreams.html" + }, + "NotifyApplicationState": { + "privilege": "NotifyApplicationState", + "description": "Update an Application Discovery Service Application's state", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_NotifyApplicationState.html" + }, + "NotifyMigrationTaskState": { + "privilege": "NotifyMigrationTaskState", + "description": "Notify latest MigrationTask state", + "access_level": "Write", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_NotifyMigrationTaskState.html" + }, + "PutResourceAttributes": { + "privilege": "PutResourceAttributes", + "description": "Put ResourceAttributes", + "access_level": "Write", + "resource_types": { + "migrationTask": { + "resource_type": "migrationTask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "migrationtask": "migrationTask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub/latest/ug/API_PutResourceAttributes.html" + } + }, + "privileges_lower_name": { + "associatecreatedartifact": "AssociateCreatedArtifact", + "associatediscoveredresource": "AssociateDiscoveredResource", + "createhomeregioncontrol": "CreateHomeRegionControl", + "createprogressupdatestream": "CreateProgressUpdateStream", + "deleteprogressupdatestream": "DeleteProgressUpdateStream", + "describeapplicationstate": "DescribeApplicationState", + "describehomeregioncontrols": "DescribeHomeRegionControls", + "describemigrationtask": "DescribeMigrationTask", + "disassociatecreatedartifact": "DisassociateCreatedArtifact", + "disassociatediscoveredresource": "DisassociateDiscoveredResource", + "gethomeregion": "GetHomeRegion", + "importmigrationtask": "ImportMigrationTask", + "listapplicationstates": "ListApplicationStates", + "listcreatedartifacts": "ListCreatedArtifacts", + "listdiscoveredresources": "ListDiscoveredResources", + "listmigrationtasks": "ListMigrationTasks", + "listprogressupdatestreams": "ListProgressUpdateStreams", + "notifyapplicationstate": "NotifyApplicationState", + "notifymigrationtaskstate": "NotifyMigrationTaskState", + "putresourceattributes": "PutResourceAttributes" + }, + "resources": { + "progressUpdateStream": { + "resource": "progressUpdateStream", + "arn": "arn:${Partition}:mgh:${Region}:${Account}:progressUpdateStream/${Stream}", + "condition_keys": [] + }, + "migrationTask": { + "resource": "migrationTask", + "arn": "arn:${Partition}:mgh:${Region}:${Account}:progressUpdateStream/${Stream}/migrationTask/${Task}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "progressupdatestream": "progressUpdateStream", + "migrationtask": "migrationTask" + }, + "conditions": {} + }, + "migrationhub-orchestrator": { + "service_name": "AWS Migration Hub Orchestrator", + "prefix": "migrationhub-orchestrator", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhuborchestrator.html", + "privileges": { + "CreateWorkflow": { + "privilege": "CreateWorkflow", + "description": "Grants permission to create a workflow based on the selected template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_CreateWorkflow.html" + }, + "CreateWorkflowStep": { + "privilege": "CreateWorkflowStep", + "description": "Grants permission to create a step under a workflow and a specific step group", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_CreateWorkflowStep.html" + }, + "CreateWorkflowStepGroup": { + "privilege": "CreateWorkflowStepGroup", + "description": "Grants permission to to create a custom step group for a given workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_CreateWorkflowStepGroup.html" + }, + "DeleteWorkflow": { + "privilege": "DeleteWorkflow", + "description": "Grants permission to a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_DeleteWorkflow.html" + }, + "DeleteWorkflowStep": { + "privilege": "DeleteWorkflowStep", + "description": "Grants permission to delete a step from a specific step group under a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_DeleteWorkflowStep.html" + }, + "DeleteWorkflowStepGroup": { + "privilege": "DeleteWorkflowStepGroup", + "description": "Grants permission to delete a step group associated with a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_DeleteWorkflowStepGroup.html" + }, + "GetMessage": { + "privilege": "GetMessage", + "description": "Grants permission to the plugin to receive information from the service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetMessage.html" + }, + "GetTemplate": { + "privilege": "GetTemplate", + "description": "Grants permission to get retrieve metadata for a Template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetTemplate.html" + }, + "GetTemplateStep": { + "privilege": "GetTemplateStep", + "description": "Grants permission to retrieve details of a step associated with a template and a step group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetTemplateStep.html" + }, + "GetTemplateStepGroup": { + "privilege": "GetTemplateStepGroup", + "description": "Grants permission to retrieve metadata of a step group under a template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetTemplateStepGroup.html" + }, + "GetWorkflow": { + "privilege": "GetWorkflow", + "description": "Grants permission to retrieve metadata asscociated with a workflow", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetWorkflow.html" + }, + "GetWorkflowStep": { + "privilege": "GetWorkflowStep", + "description": "Grants permission to get details of step associated with a workflow and a step group", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetWorkflowStep.html" + }, + "GetWorkflowStepGroup": { + "privilege": "GetWorkflowStepGroup", + "description": "Grants permission to get details of a step group associated with a workflow", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_GetWorkflowStepGroup.html" + }, + "ListPlugins": { + "privilege": "ListPlugins", + "description": "Grants permission to get a list all registered Plugins", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListPlugins.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get a list of all the tags tied to a resource", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTemplateStepGroups": { + "privilege": "ListTemplateStepGroups", + "description": "Grants permission to lists step groups of a template", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListTemplateStepGroups.html" + }, + "ListTemplateSteps": { + "privilege": "ListTemplateSteps", + "description": "Grants permission to get a list of steps in a step group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListServers.html" + }, + "ListTemplates": { + "privilege": "ListTemplates", + "description": "Grants permission to get a list of all Templates available to customer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListTemplates.html" + }, + "ListWorkflowStepGroups": { + "privilege": "ListWorkflowStepGroups", + "description": "Grants permission to get list of step groups associated with a workflow", + "access_level": "List", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListWorkflowStepGroups.html" + }, + "ListWorkflowSteps": { + "privilege": "ListWorkflowSteps", + "description": "Grants permission to get a list of steps within step group associated with a workflow", + "access_level": "List", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListAntiPatterns.html" + }, + "ListWorkflows": { + "privilege": "ListWorkflows", + "description": "Grants permission to list all workflows", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_ListWorkflows.html" + }, + "RegisterPlugin": { + "privilege": "RegisterPlugin", + "description": "Grants permission to register the plugin to receive an ID and to start receiving messages from the service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_RegisterPlugin.html" + }, + "RetryWorkflowStep": { + "privilege": "RetryWorkflowStep", + "description": "Grants permission to retry a failed step within a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_RetryWorkflowStep.html" + }, + "SendMessage": { + "privilege": "SendMessage", + "description": "Grants permission to the plugin to send information to the service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_SendMessage.html" + }, + "StartWorkflow": { + "privilege": "StartWorkflow", + "description": "Grants permission to start a workflow or resume a stopped workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_StartWorkflow.html" + }, + "StopWorkflow": { + "privilege": "StopWorkflow", + "description": "Grants permission to stop a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_StopWorkflow.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UntagResource.html" + }, + "UpdateWorkflow": { + "privilege": "UpdateWorkflow", + "description": "Grants permission to update the metadata associated with the workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UpdateWorkflow.html" + }, + "UpdateWorkflowStep": { + "privilege": "UpdateWorkflowStep", + "description": "Grants permission to update metadata and status of a custom step within a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UpdateWorkflowStep.html" + }, + "UpdateWorkflowStepGroup": { + "privilege": "UpdateWorkflowStepGroup", + "description": "Grants permission to update metadata associated with a step group in a given workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-orchestrator/latest/APIReference/API_UpdateWorkflowStepGroup.html" + } + }, + "privileges_lower_name": { + "createworkflow": "CreateWorkflow", + "createworkflowstep": "CreateWorkflowStep", + "createworkflowstepgroup": "CreateWorkflowStepGroup", + "deleteworkflow": "DeleteWorkflow", + "deleteworkflowstep": "DeleteWorkflowStep", + "deleteworkflowstepgroup": "DeleteWorkflowStepGroup", + "getmessage": "GetMessage", + "gettemplate": "GetTemplate", + "gettemplatestep": "GetTemplateStep", + "gettemplatestepgroup": "GetTemplateStepGroup", + "getworkflow": "GetWorkflow", + "getworkflowstep": "GetWorkflowStep", + "getworkflowstepgroup": "GetWorkflowStepGroup", + "listplugins": "ListPlugins", + "listtagsforresource": "ListTagsForResource", + "listtemplatestepgroups": "ListTemplateStepGroups", + "listtemplatesteps": "ListTemplateSteps", + "listtemplates": "ListTemplates", + "listworkflowstepgroups": "ListWorkflowStepGroups", + "listworkflowsteps": "ListWorkflowSteps", + "listworkflows": "ListWorkflows", + "registerplugin": "RegisterPlugin", + "retryworkflowstep": "RetryWorkflowStep", + "sendmessage": "SendMessage", + "startworkflow": "StartWorkflow", + "stopworkflow": "StopWorkflow", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateworkflow": "UpdateWorkflow", + "updateworkflowstep": "UpdateWorkflowStep", + "updateworkflowstepgroup": "UpdateWorkflowStepGroup" + }, + "resources": { + "workflow": { + "resource": "workflow", + "arn": "arn:${Partition}:migrationhub-orchestrator:${Region}:${Account}:workflow/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "workflow": "workflow" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "refactor-spaces": { + "service_name": "AWS Migration Hub Refactor Spaces", + "prefix": "refactor-spaces", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhubrefactorspaces.html", + "privileges": { + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application within an environment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateApplication.html" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to create an environment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html" + }, + "CreateRoute": { + "privilege": "CreateRoute", + "description": "Grants permission to create a route within an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:RouteCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:SourcePath", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateRoute.html" + }, + "CreateService": { + "privilege": "CreateService", + "description": "Grants permission to create a service within an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateService.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application from an environment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteApplication.html" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteEnvironment.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteRoute": { + "privilege": "DeleteRoute", + "description": "Grants permission to delete a route from an application", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:RouteCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:SourcePath", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteRoute.html" + }, + "DeleteService": { + "privilege": "DeleteService", + "description": "Grants permission to delete a service from an application", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_DeleteService.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to get more information about an application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetApplication.html" + }, + "GetEnvironment": { + "privilege": "GetEnvironment", + "description": "Grants permission to get more information for an environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetEnvironment.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to get the details about a resource policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetResourcePolicy.html" + }, + "GetRoute": { + "privilege": "GetRoute", + "description": "Grants permission to get more information about a route", + "access_level": "Read", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:RouteCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:SourcePath", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetRoute.html" + }, + "GetService": { + "privilege": "GetService", + "description": "Grants permission to get more information about a service", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_GetService.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list all the applications in an environment", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListApplications.html" + }, + "ListEnvironmentVpcs": { + "privilege": "ListEnvironmentVpcs", + "description": "Grants permission to list all the VPCs for the environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListEnvironmentVpcs.html" + }, + "ListEnvironments": { + "privilege": "ListEnvironments", + "description": "Grants permission to list all environments", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListEnvironments.html" + }, + "ListRoutes": { + "privilege": "ListRoutes", + "description": "Grants permission to list all the routes in an application", + "access_level": "Read", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListRoutes.html" + }, + "ListServices": { + "privilege": "ListServices", + "description": "Grants permission to list all the services in an environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListServices.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all the tags for a given resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_ListTagsForResource.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to add a resource policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_PutResourcePolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route": { + "resource_type": "route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:RouteCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:SourcePath", + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "environment": "environment", + "route": "route", + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a resource", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "route": { + "resource_type": "route", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:RouteCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:SourcePath", + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "environment": "environment", + "route": "route", + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_UntagResource.html" + }, + "UpdateRoute": { + "privilege": "UpdateRoute", + "description": "Grants permission to update a route from an application", + "access_level": "Write", + "resource_types": { + "route": { + "resource_type": "route", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:RouteCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:SourcePath", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "route": "route", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_UpdateRoute.html" + } + }, + "privileges_lower_name": { + "createapplication": "CreateApplication", + "createenvironment": "CreateEnvironment", + "createroute": "CreateRoute", + "createservice": "CreateService", + "deleteapplication": "DeleteApplication", + "deleteenvironment": "DeleteEnvironment", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteroute": "DeleteRoute", + "deleteservice": "DeleteService", + "getapplication": "GetApplication", + "getenvironment": "GetEnvironment", + "getresourcepolicy": "GetResourcePolicy", + "getroute": "GetRoute", + "getservice": "GetService", + "listapplications": "ListApplications", + "listenvironmentvpcs": "ListEnvironmentVpcs", + "listenvironments": "ListEnvironments", + "listroutes": "ListRoutes", + "listservices": "ListServices", + "listtagsforresource": "ListTagsForResource", + "putresourcepolicy": "PutResourcePolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateroute": "UpdateRoute" + }, + "resources": { + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "application": { + "resource": "application", + "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}/application/${ApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:CreatedByAccountIds" + ] + }, + "service": { + "resource": "service", + "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}/application/${ApplicationId}/service/${ServiceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:ServiceCreatedByAccount" + ] + }, + "route": { + "resource": "route", + "arn": "arn:${Partition}:refactor-spaces:${Region}:${Account}:environment/${EnvironmentId}/application/${ApplicationId}/route/${RouteId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "refactor-spaces:ApplicationCreatedByAccount", + "refactor-spaces:CreatedByAccountIds", + "refactor-spaces:RouteCreatedByAccount", + "refactor-spaces:ServiceCreatedByAccount", + "refactor-spaces:SourcePath" + ] + } + }, + "resources_lower_name": { + "environment": "environment", + "application": "application", + "service": "service", + "route": "route" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "refactor-spaces:ApplicationCreatedByAccount": { + "condition": "refactor-spaces:ApplicationCreatedByAccount", + "description": "Filters access by restricting the action to only those accounts that created the application within an environment", + "type": "String" + }, + "refactor-spaces:CreatedByAccountIds": { + "condition": "refactor-spaces:CreatedByAccountIds", + "description": "Filters access by the accounts that created the resource", + "type": "ArrayOfString" + }, + "refactor-spaces:RouteCreatedByAccount": { + "condition": "refactor-spaces:RouteCreatedByAccount", + "description": "Filters access by restricting the action to only those accounts that created the route within an application", + "type": "String" + }, + "refactor-spaces:ServiceCreatedByAccount": { + "condition": "refactor-spaces:ServiceCreatedByAccount", + "description": "Filters access by restricting the action to only those accounts that created the service within an application", + "type": "String" + }, + "refactor-spaces:SourcePath": { + "condition": "refactor-spaces:SourcePath", + "description": "Filters access by the path of the route", + "type": "String" + } + } + }, + "migrationhub-strategy": { + "service_name": "AWS Migration Hub Strategy Recommendations.", + "prefix": "migrationhub-strategy", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmigrationhubstrategyrecommendations..html", + "privileges": { + "GetAntiPattern": { + "privilege": "GetAntiPattern", + "description": "Grants permission to get details of each anti pattern that collector should look at in a customer's environment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetAntiPattern.html" + }, + "GetApplicationComponentDetails": { + "privilege": "GetApplicationComponentDetails", + "description": "Grants permission to get details of an application", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetApplicationComponentDetails.html" + }, + "GetApplicationComponentStrategies": { + "privilege": "GetApplicationComponentStrategies", + "description": "Grants permission to get a list of all recommended strategies and tools for an application running in a server", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetApplicationComponentStrategies.html" + }, + "GetAssessment": { + "privilege": "GetAssessment", + "description": "Grants permission to retrieve status of an on-going assessment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetAssessment.html" + }, + "GetImportFileTask": { + "privilege": "GetImportFileTask", + "description": "Grants permission to get details of a specific import task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetImportFileTask.html" + }, + "GetMessage": { + "privilege": "GetMessage", + "description": "Grants permission to the collector to receive information from the service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetMessage.html" + }, + "GetPortfolioPreferences": { + "privilege": "GetPortfolioPreferences", + "description": "Grants permission to retrieve customer migration/Modernization preferences", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetPortfolioPreferences.html" + }, + "GetPortfolioSummary": { + "privilege": "GetPortfolioSummary", + "description": "Grants permission to retrieve overall summary (number-of servers to rehost etc as well as overall number of anti patterns)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetPortfolioSummary.html" + }, + "GetRecommendationReportDetails": { + "privilege": "GetRecommendationReportDetails", + "description": "Grants permission to retrieve detailed information about a recommendation report", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetRecommendationReportDetails.html" + }, + "GetServerDetails": { + "privilege": "GetServerDetails", + "description": "Grants permission to get info about a specific server", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetServerDetails.html" + }, + "GetServerStrategies": { + "privilege": "GetServerStrategies", + "description": "Grants permission to get recommended strategies and tools for a specific server", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetServerStrategies.html" + }, + "ListAntiPatterns": { + "privilege": "ListAntiPatterns", + "description": "Grants permission to get a list of all anti patterns that collector should look for in a customer's environment", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListAntiPatterns.html" + }, + "ListApplicationComponents": { + "privilege": "ListApplicationComponents", + "description": "Grants permission to get a list of all applications running on servers on customer's servers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListApplicationComponents.html" + }, + "ListCollectors": { + "privilege": "ListCollectors", + "description": "Grants permission to get a list of all collectors installed by the customer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListCollectors.html" + }, + "ListImportFileTask": { + "privilege": "ListImportFileTask", + "description": "Grants permission to get list of all imports performed by the customer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListImportFileTask.html" + }, + "ListJarArtifacts": { + "privilege": "ListJarArtifacts", + "description": "Grants permission to get a list of binaries that collector should assess", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListJarArtifacts.html" + }, + "ListServers": { + "privilege": "ListServers", + "description": "Grants permission to get a list of all servers in a customer's environment", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_ListServers.html" + }, + "PutPortfolioPreferences": { + "privilege": "PutPortfolioPreferences", + "description": "Grants permission to save customer's Migration/Modernization preferences", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_PutPortfolioPreferences.html" + }, + "RegisterCollector": { + "privilege": "RegisterCollector", + "description": "Grants permission to register the collector to receive an ID and to start receiving messages from the service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_RegisterCollector.html" + }, + "SendMessage": { + "privilege": "SendMessage", + "description": "Grants permission to the collector to send information to the service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_SendMessage.html" + }, + "StartAssessment": { + "privilege": "StartAssessment", + "description": "Grants permission to start assessment in a customer's environment (collect data from all servers and provide recommendations)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StartAssessment.html" + }, + "StartImportFileTask": { + "privilege": "StartImportFileTask", + "description": "Grants permission to start importing data from a file provided by customer", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StartImportFileTask.html" + }, + "StartRecommendationReportGeneration": { + "privilege": "StartRecommendationReportGeneration", + "description": "Grants permission to start generating a recommendation report", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StartRecommendationReportGeneration.html" + }, + "StopAssessment": { + "privilege": "StopAssessment", + "description": "Grants permission to stop an on-going assessment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_StopAssessment.html" + }, + "UpdateApplicationComponentConfig": { + "privilege": "UpdateApplicationComponentConfig", + "description": "Grants permission to update details for an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_UpdateApplicationComponentConfig.html" + }, + "UpdateServerConfig": { + "privilege": "UpdateServerConfig", + "description": "Grants permission to update info on a server along with the recommended strategy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_UpdateServerConfig.html" + }, + "GetLatestAssessmentId": { + "privilege": "GetLatestAssessmentId", + "description": "Grants permission to retrieve the latest assessment id", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_GetLatestAssessmentId.html" + }, + "UpdateCollectorConfiguration": { + "privilege": "UpdateCollectorConfiguration", + "description": "Grants permission to the collector to send configuration information to the service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/migrationhub-strategy/latest/APIReference/API_UpdateCollectorConfiguration.html" + } + }, + "privileges_lower_name": { + "getantipattern": "GetAntiPattern", + "getapplicationcomponentdetails": "GetApplicationComponentDetails", + "getapplicationcomponentstrategies": "GetApplicationComponentStrategies", + "getassessment": "GetAssessment", + "getimportfiletask": "GetImportFileTask", + "getmessage": "GetMessage", + "getportfoliopreferences": "GetPortfolioPreferences", + "getportfoliosummary": "GetPortfolioSummary", + "getrecommendationreportdetails": "GetRecommendationReportDetails", + "getserverdetails": "GetServerDetails", + "getserverstrategies": "GetServerStrategies", + "listantipatterns": "ListAntiPatterns", + "listapplicationcomponents": "ListApplicationComponents", + "listcollectors": "ListCollectors", + "listimportfiletask": "ListImportFileTask", + "listjarartifacts": "ListJarArtifacts", + "listservers": "ListServers", + "putportfoliopreferences": "PutPortfolioPreferences", + "registercollector": "RegisterCollector", + "sendmessage": "SendMessage", + "startassessment": "StartAssessment", + "startimportfiletask": "StartImportFileTask", + "startrecommendationreportgeneration": "StartRecommendationReportGeneration", + "stopassessment": "StopAssessment", + "updateapplicationcomponentconfig": "UpdateApplicationComponentConfig", + "updateserverconfig": "UpdateServerConfig", + "getlatestassessmentid": "GetLatestAssessmentId", + "updatecollectorconfiguration": "UpdateCollectorConfiguration" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "mobilehub": { + "service_name": "AWS Mobile Hub", + "prefix": "mobilehub", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsmobilehub.html", + "privileges": { + "CreateProject": { + "privilege": "CreateProject", + "description": "Create a project", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "CreateServiceRole": { + "privilege": "CreateServiceRole", + "description": "Enable AWS Mobile Hub in the account by creating the required service role", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "DeleteProject": { + "privilege": "DeleteProject", + "description": "Delete the specified project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "DeleteProjectSnapshot": { + "privilege": "DeleteProjectSnapshot", + "description": "Delete a saved snapshot of project configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "DeployToStage": { + "privilege": "DeployToStage", + "description": "Deploy changes to the specified stage", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "DescribeBundle": { + "privilege": "DescribeBundle", + "description": "Describe the download bundle", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ExportBundle": { + "privilege": "ExportBundle", + "description": "Export the download bundle", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ExportProject": { + "privilege": "ExportProject", + "description": "Export the project configuration", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "GenerateProjectParameters": { + "privilege": "GenerateProjectParameters", + "description": "Generate project parameters required for code generation", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "GetProject": { + "privilege": "GetProject", + "description": "Get project configuration and resources", + "access_level": "Read", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "GetProjectSnapshot": { + "privilege": "GetProjectSnapshot", + "description": "Fetch the previously exported project configuration snapshot", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ImportProject": { + "privilege": "ImportProject", + "description": "Create a new project from the previously exported project configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "InstallBundle": { + "privilege": "InstallBundle", + "description": "Install a bundle in the project deployments S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ListAvailableConnectors": { + "privilege": "ListAvailableConnectors", + "description": "List the available SaaS (Software as a Service) connectors", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ListAvailableFeatures": { + "privilege": "ListAvailableFeatures", + "description": "List available features", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ListAvailableRegions": { + "privilege": "ListAvailableRegions", + "description": "List available regions for projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ListBundles": { + "privilege": "ListBundles", + "description": "List the available download bundles", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ListProjectSnapshots": { + "privilege": "ListProjectSnapshots", + "description": "List saved snapshots of project configuration", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ListProjects": { + "privilege": "ListProjects", + "description": "List projects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "SynchronizeProject": { + "privilege": "SynchronizeProject", + "description": "Synchronize state of resources into project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "UpdateProject": { + "privilege": "UpdateProject", + "description": "Update project", + "access_level": "Write", + "resource_types": { + "project": { + "resource_type": "project", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "project": "project" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "ValidateProject": { + "privilege": "ValidateProject", + "description": "Validate a mobile hub project.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + }, + "VerifyServiceRole": { + "privilege": "VerifyServiceRole", + "description": "Verify AWS Mobile Hub is enabled in the account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/mobile-hub/latest/developerguide/managed-policies.html" + } + }, + "privileges_lower_name": { + "createproject": "CreateProject", + "createservicerole": "CreateServiceRole", + "deleteproject": "DeleteProject", + "deleteprojectsnapshot": "DeleteProjectSnapshot", + "deploytostage": "DeployToStage", + "describebundle": "DescribeBundle", + "exportbundle": "ExportBundle", + "exportproject": "ExportProject", + "generateprojectparameters": "GenerateProjectParameters", + "getproject": "GetProject", + "getprojectsnapshot": "GetProjectSnapshot", + "importproject": "ImportProject", + "installbundle": "InstallBundle", + "listavailableconnectors": "ListAvailableConnectors", + "listavailablefeatures": "ListAvailableFeatures", + "listavailableregions": "ListAvailableRegions", + "listbundles": "ListBundles", + "listprojectsnapshots": "ListProjectSnapshots", + "listprojects": "ListProjects", + "synchronizeproject": "SynchronizeProject", + "updateproject": "UpdateProject", + "validateproject": "ValidateProject", + "verifyservicerole": "VerifyServiceRole" + }, + "resources": { + "project": { + "resource": "project", + "arn": "arn:${Partition}:mobilehub:${Region}:${Account}:project/${ProjectId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "project": "project" + }, + "conditions": {} + }, + "network-firewall": { + "service_name": "AWS Network Firewall", + "prefix": "network-firewall", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsnetworkfirewall.html", + "privileges": { + "AssociateFirewallPolicy": { + "privilege": "AssociateFirewallPolicy", + "description": "Grants permission to create an association between a firewall policy and a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall", + "firewallpolicy": "FirewallPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateFirewallPolicy.html" + }, + "AssociateSubnets": { + "privilege": "AssociateSubnets", + "description": "Grants permission to associate VPC subnets to a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_AssociateSubnets.html" + }, + "CreateFirewall": { + "privilege": "CreateFirewall", + "description": "Grants permission to create an AWS Network Firewall firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall", + "firewallpolicy": "FirewallPolicy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewall.html" + }, + "CreateFirewallPolicy": { + "privilege": "CreateFirewallPolicy", + "description": "Grants permission to create an AWS Network Firewall firewall policy", + "access_level": "Write", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "tlsinspectionconfiguration": "TLSInspectionConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateFirewallPolicy.html" + }, + "CreateRuleGroup": { + "privilege": "CreateRuleGroup", + "description": "Grants permission to create an AWS Network Firewall rule group", + "access_level": "Write", + "resource_types": { + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateRuleGroup.html" + }, + "CreateTLSInspectionConfiguration": { + "privilege": "CreateTLSInspectionConfiguration", + "description": "Grants permission to create an AWS Network Firewall tls inspection configuration", + "access_level": "Write", + "resource_types": { + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tlsinspectionconfiguration": "TLSInspectionConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateTLSInspectionConfiguration.html" + }, + "DeleteFirewall": { + "privilege": "DeleteFirewall", + "description": "Grants permission to delete a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewall.html" + }, + "DeleteFirewallPolicy": { + "privilege": "DeleteFirewallPolicy", + "description": "Grants permission to delete a firewall policy", + "access_level": "Write", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteFirewallPolicy.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy for a firewall policy or rule group", + "access_level": "Write", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteRuleGroup": { + "privilege": "DeleteRuleGroup", + "description": "Grants permission to delete a rule group", + "access_level": "Write", + "resource_types": { + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteRuleGroup.html" + }, + "DeleteTLSInspectionConfiguration": { + "privilege": "DeleteTLSInspectionConfiguration", + "description": "Grants permission to delete a tls inspection configuration", + "access_level": "Write", + "resource_types": { + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DeleteTLSInspectionConfiguration.html" + }, + "DescribeFirewall": { + "privilege": "DescribeFirewall", + "description": "Grants permission to retrieve the data objects that define a firewall", + "access_level": "Read", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewall.html" + }, + "DescribeFirewallPolicy": { + "privilege": "DescribeFirewallPolicy", + "description": "Grants permission to retrieve the data objects that define a firewall policy", + "access_level": "Read", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeFirewallPolicy.html" + }, + "DescribeLoggingConfiguration": { + "privilege": "DescribeLoggingConfiguration", + "description": "Grants permission to describe the logging configuration of a firewall", + "access_level": "Read", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeLoggingConfiguration.html" + }, + "DescribeResourcePolicy": { + "privilege": "DescribeResourcePolicy", + "description": "Grants permission to describe a resource policy for a firewall policy or rule group", + "access_level": "Read", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeResourcePolicy.html" + }, + "DescribeRuleGroup": { + "privilege": "DescribeRuleGroup", + "description": "Grants permission to retrieve the data objects that define a rule group", + "access_level": "Read", + "resource_types": { + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html" + }, + "DescribeRuleGroupMetadata": { + "privilege": "DescribeRuleGroupMetadata", + "description": "Grants permission to retrieve the high-level information about a rule group", + "access_level": "Read", + "resource_types": { + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroupMetadata.html" + }, + "DescribeTLSInspectionConfiguration": { + "privilege": "DescribeTLSInspectionConfiguration", + "description": "Grants permission to retrieve the data objects that define a tls inspection configuration", + "access_level": "Read", + "resource_types": { + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeTLSInspectionConfiguration.html" + }, + "DisassociateSubnets": { + "privilege": "DisassociateSubnets", + "description": "Grants permission to disassociate VPC subnets from a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DisassociateSubnets.html" + }, + "ListFirewallPolicies": { + "privilege": "ListFirewallPolicies", + "description": "Grants permission to retrieve the metadata for firewall policies", + "access_level": "List", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewallPolicies.html" + }, + "ListFirewalls": { + "privilege": "ListFirewalls", + "description": "Grants permission to retrieve the metadata for firewalls", + "access_level": "List", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListFirewalls.html" + }, + "ListRuleGroups": { + "privilege": "ListRuleGroups", + "description": "Grants permission to retrieve the metadata for rule groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListRuleGroups.html" + }, + "ListTLSInspectionConfigurations": { + "privilege": "ListTLSInspectionConfigurations", + "description": "Grants permission to retrieve the metadata for tls inspection configurations", + "access_level": "List", + "resource_types": { + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTLSInspectionConfigurations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve the tags for a resource", + "access_level": "List", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall", + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_ListTagsForResource.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to put a resource policy for a firewall policy or rule group", + "access_level": "Write", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_PutResourcePolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to attach tags to a resource", + "access_level": "Tagging", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall", + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "tlsinspectionconfiguration": "TLSInspectionConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall", + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "tlsinspectionconfiguration": "TLSInspectionConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UntagResource.html" + }, + "UpdateFirewallDeleteProtection": { + "privilege": "UpdateFirewallDeleteProtection", + "description": "Grants permission to add or remove delete protection for a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDeleteProtection.html" + }, + "UpdateFirewallDescription": { + "privilege": "UpdateFirewallDescription", + "description": "Grants permission to modify the description for a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallDescription.html" + }, + "UpdateFirewallEncryptionConfiguration": { + "privilege": "UpdateFirewallEncryptionConfiguration", + "description": "Grants permission to modify the encryption configuration of a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallEncryptionConfiguration.html" + }, + "UpdateFirewallPolicy": { + "privilege": "UpdateFirewallPolicy", + "description": "Grants permission to modify a firewall policy", + "access_level": "Write", + "resource_types": { + "FirewallPolicy": { + "resource_type": "FirewallPolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicy.html" + }, + "UpdateFirewallPolicyChangeProtection": { + "privilege": "UpdateFirewallPolicyChangeProtection", + "description": "Grants permission to add or remove firewall policy change protection for a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateFirewallPolicyChangeProtection.html" + }, + "UpdateLoggingConfiguration": { + "privilege": "UpdateLoggingConfiguration", + "description": "Grants permission to modify the logging configuration of a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateLoggingConfiguration.html" + }, + "UpdateRuleGroup": { + "privilege": "UpdateRuleGroup", + "description": "Grants permission to modify a rule group", + "access_level": "Write", + "resource_types": { + "StatefulRuleGroup": { + "resource_type": "StatefulRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "StatelessRuleGroup": { + "resource_type": "StatelessRuleGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateRuleGroup.html" + }, + "UpdateSubnetChangeProtection": { + "privilege": "UpdateSubnetChangeProtection", + "description": "Grants permission to add or remove subnet change protection for a firewall", + "access_level": "Write", + "resource_types": { + "Firewall": { + "resource_type": "Firewall", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "firewall": "Firewall" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateSubnetChangeProtection.html" + }, + "UpdateTLSInspectionConfiguration": { + "privilege": "UpdateTLSInspectionConfiguration", + "description": "Grants permission to modify a tls inspection configuration", + "access_level": "Write", + "resource_types": { + "TLSInspectionConfiguration": { + "resource_type": "TLSInspectionConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_UpdateTLSInspectionConfiguration.html" + } + }, + "privileges_lower_name": { + "associatefirewallpolicy": "AssociateFirewallPolicy", + "associatesubnets": "AssociateSubnets", + "createfirewall": "CreateFirewall", + "createfirewallpolicy": "CreateFirewallPolicy", + "createrulegroup": "CreateRuleGroup", + "createtlsinspectionconfiguration": "CreateTLSInspectionConfiguration", + "deletefirewall": "DeleteFirewall", + "deletefirewallpolicy": "DeleteFirewallPolicy", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleterulegroup": "DeleteRuleGroup", + "deletetlsinspectionconfiguration": "DeleteTLSInspectionConfiguration", + "describefirewall": "DescribeFirewall", + "describefirewallpolicy": "DescribeFirewallPolicy", + "describeloggingconfiguration": "DescribeLoggingConfiguration", + "describeresourcepolicy": "DescribeResourcePolicy", + "describerulegroup": "DescribeRuleGroup", + "describerulegroupmetadata": "DescribeRuleGroupMetadata", + "describetlsinspectionconfiguration": "DescribeTLSInspectionConfiguration", + "disassociatesubnets": "DisassociateSubnets", + "listfirewallpolicies": "ListFirewallPolicies", + "listfirewalls": "ListFirewalls", + "listrulegroups": "ListRuleGroups", + "listtlsinspectionconfigurations": "ListTLSInspectionConfigurations", + "listtagsforresource": "ListTagsForResource", + "putresourcepolicy": "PutResourcePolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatefirewalldeleteprotection": "UpdateFirewallDeleteProtection", + "updatefirewalldescription": "UpdateFirewallDescription", + "updatefirewallencryptionconfiguration": "UpdateFirewallEncryptionConfiguration", + "updatefirewallpolicy": "UpdateFirewallPolicy", + "updatefirewallpolicychangeprotection": "UpdateFirewallPolicyChangeProtection", + "updateloggingconfiguration": "UpdateLoggingConfiguration", + "updaterulegroup": "UpdateRuleGroup", + "updatesubnetchangeprotection": "UpdateSubnetChangeProtection", + "updatetlsinspectionconfiguration": "UpdateTLSInspectionConfiguration" + }, + "resources": { + "Firewall": { + "resource": "Firewall", + "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:firewall/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "FirewallPolicy": { + "resource": "FirewallPolicy", + "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:firewall-policy/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "StatefulRuleGroup": { + "resource": "StatefulRuleGroup", + "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:stateful-rulegroup/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "StatelessRuleGroup": { + "resource": "StatelessRuleGroup", + "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:stateless-rulegroup/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "TLSInspectionConfiguration": { + "resource": "TLSInspectionConfiguration", + "arn": "arn:${Partition}:network-firewall:${Region}:${Account}:tls-configuration/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "firewall": "Firewall", + "firewallpolicy": "FirewallPolicy", + "statefulrulegroup": "StatefulRuleGroup", + "statelessrulegroup": "StatelessRuleGroup", + "tlsinspectionconfiguration": "TLSInspectionConfiguration" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "networkmanager": { + "service_name": "AWS Network Manager", + "prefix": "networkmanager", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsnetworkmanager.html", + "privileges": { + "AcceptAttachment": { + "privilege": "AcceptAttachment", + "description": "Grants permission to accept creation of an attachment between a source and destination in a core network", + "access_level": "Write", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AcceptAttachment.html" + }, + "AssociateConnectPeer": { + "privilege": "AssociateConnectPeer", + "description": "Grants permission to associate a Connect Peer", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateConnectPeer.html" + }, + "AssociateCustomerGateway": { + "privilege": "AssociateCustomerGateway", + "description": "Grants permission to associate a customer gateway to a device", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "networkmanager:cgwArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "global-network": "global-network", + "link": "link", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateCustomerGateway.html" + }, + "AssociateLink": { + "privilege": "AssociateLink", + "description": "Grants permission to associate a link to a device", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "global-network": "global-network", + "link": "link" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateLink.html" + }, + "AssociateTransitGatewayConnectPeer": { + "privilege": "AssociateTransitGatewayConnectPeer", + "description": "Grants permission to associate a transit gateway connect peer to a device", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "networkmanager:tgwConnectPeerArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "global-network": "global-network", + "link": "link", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_AssociateTransitGatewayConnectPeer.html" + }, + "CreateConnectAttachment": { + "privilege": "CreateConnectAttachment", + "description": "Grants permission to create a Connect attachment", + "access_level": "Write", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment", + "core-network": "core-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateConnectAttachment.html" + }, + "CreateConnectPeer": { + "privilege": "CreateConnectPeer", + "description": "Grants permission to create a Connect Peer connection", + "access_level": "Write", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateConnectPeer.html" + }, + "CreateConnection": { + "privilege": "CreateConnection", + "description": "Grants permission to create a new connection", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateConnection.html" + }, + "CreateCoreNetwork": { + "privilege": "CreateCoreNetwork", + "description": "Grants permission to create a new core network", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateCoreNetwork.html" + }, + "CreateDevice": { + "privilege": "CreateDevice", + "description": "Grants permission to create a new device", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateDevice.html" + }, + "CreateGlobalNetwork": { + "privilege": "CreateGlobalNetwork", + "description": "Grants permission to create a new global network", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateGlobalNetwork.html" + }, + "CreateLink": { + "privilege": "CreateLink", + "description": "Grants permission to create a new link", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "site": "site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateLink.html" + }, + "CreateSite": { + "privilege": "CreateSite", + "description": "Grants permission to create a new site", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateSite.html" + }, + "CreateSiteToSiteVpnAttachment": { + "privilege": "CreateSiteToSiteVpnAttachment", + "description": "Grants permission to create a site-to-site VPN attachment", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "networkmanager:vpnConnectionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateSiteToSiteVpnAttachment.html" + }, + "CreateTransitGatewayPeering": { + "privilege": "CreateTransitGatewayPeering", + "description": "Grants permission to create a Transit Gateway peering", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "networkmanager:tgwArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateTransitGatewayPeering.html" + }, + "CreateTransitGatewayRouteTableAttachment": { + "privilege": "CreateTransitGatewayRouteTableAttachment", + "description": "Grants permission to create a TGW RTB attachment", + "access_level": "Write", + "resource_types": { + "peering": { + "resource_type": "peering", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "networkmanager:tgwRtbArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "peering": "peering", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateTransitGatewayRouteTableAttachment.html" + }, + "CreateVpcAttachment": { + "privilege": "CreateVpcAttachment", + "description": "Grants permission to create a VPC attachment", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "networkmanager:vpcArn", + "networkmanager:subnetArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_CreateVpcAttachment.html" + }, + "DeleteAttachment": { + "privilege": "DeleteAttachment", + "description": "Grants permission to delete an attachment", + "access_level": "Write", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteAttachment.html" + }, + "DeleteConnectPeer": { + "privilege": "DeleteConnectPeer", + "description": "Grants permission to delete a Connect Peer", + "access_level": "Write", + "resource_types": { + "connect-peer": { + "resource_type": "connect-peer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connect-peer": "connect-peer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteConnectPeer.html" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to delete a connection", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection", + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteConnection.html" + }, + "DeleteCoreNetwork": { + "privilege": "DeleteCoreNetwork", + "description": "Grants permission to delete a core network", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteCoreNetwork.html" + }, + "DeleteCoreNetworkPolicyVersion": { + "privilege": "DeleteCoreNetworkPolicyVersion", + "description": "Grants permission to delete the core network policy version", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteCoreNetworkPolicyVersion.html" + }, + "DeleteDevice": { + "privilege": "DeleteDevice", + "description": "Grants permission to delete a device", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteDevice.html" + }, + "DeleteGlobalNetwork": { + "privilege": "DeleteGlobalNetwork", + "description": "Grants permission to delete a global network", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteGlobalNetwork.html" + }, + "DeleteLink": { + "privilege": "DeleteLink", + "description": "Grants permission to delete a link", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "link": "link" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteLink.html" + }, + "DeletePeering": { + "privilege": "DeletePeering", + "description": "Grants permission to delete a peering", + "access_level": "Write", + "resource_types": { + "peering": { + "resource_type": "peering", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "peering": "peering" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeletePeering.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteSite": { + "privilege": "DeleteSite", + "description": "Grants permission to delete a site", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeleteSite.html" + }, + "DeregisterTransitGateway": { + "privilege": "DeregisterTransitGateway", + "description": "Grants permission to deregister a transit gateway from a global network", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "networkmanager:tgwArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DeregisterTransitGateway.html" + }, + "DescribeGlobalNetworks": { + "privilege": "DescribeGlobalNetworks", + "description": "Grants permission to describe global networks", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DescribeGlobalNetworks.html" + }, + "DisassociateConnectPeer": { + "privilege": "DisassociateConnectPeer", + "description": "Grants permission to disassociate a Connect Peer", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateConnectPeer.html" + }, + "DisassociateCustomerGateway": { + "privilege": "DisassociateCustomerGateway", + "description": "Grants permission to disassociate a customer gateway from a device", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "networkmanager:cgwArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateCustomerGateway.html" + }, + "DisassociateLink": { + "privilege": "DisassociateLink", + "description": "Grants permission to disassociate a link from a device", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "global-network": "global-network", + "link": "link" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateLink.html" + }, + "DisassociateTransitGatewayConnectPeer": { + "privilege": "DisassociateTransitGatewayConnectPeer", + "description": "Grants permission to disassociate a transit gateway connect peer from a device", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "networkmanager:tgwConnectPeerArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_DisassociateTransitGatewayConnectPeer.html" + }, + "ExecuteCoreNetworkChangeSet": { + "privilege": "ExecuteCoreNetworkChangeSet", + "description": "Grants permission to apply changes to the core network", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ExecuteCoreNetworkChangeSet.html" + }, + "GetConnectAttachment": { + "privilege": "GetConnectAttachment", + "description": "Grants permission to retrieve a Connect attachment", + "access_level": "Read", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnectAttachment.html" + }, + "GetConnectPeer": { + "privilege": "GetConnectPeer", + "description": "Grants permission to retrieve a Connect Peer", + "access_level": "Read", + "resource_types": { + "connect-peer": { + "resource_type": "connect-peer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connect-peer": "connect-peer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnectPeer.html" + }, + "GetConnectPeerAssociations": { + "privilege": "GetConnectPeerAssociations", + "description": "Grants permission to describe Connect Peer associations", + "access_level": "Read", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnectPeerAssociations.html" + }, + "GetConnections": { + "privilege": "GetConnections", + "description": "Grants permission to describe connections", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetConnections.html" + }, + "GetCoreNetwork": { + "privilege": "GetCoreNetwork", + "description": "Grants permission to retrieve a core network", + "access_level": "Read", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetwork.html" + }, + "GetCoreNetworkChangeEvents": { + "privilege": "GetCoreNetworkChangeEvents", + "description": "Grants permission to retrieve a list of core network change events", + "access_level": "Read", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetworkChangeEvents.html" + }, + "GetCoreNetworkChangeSet": { + "privilege": "GetCoreNetworkChangeSet", + "description": "Grants permission to retrieve a list of core network change sets", + "access_level": "Read", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetworkChangeSet.html" + }, + "GetCoreNetworkPolicy": { + "privilege": "GetCoreNetworkPolicy", + "description": "Grants permission to retrieve core network policy", + "access_level": "Read", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCoreNetworkPolicy.html" + }, + "GetCustomerGatewayAssociations": { + "privilege": "GetCustomerGatewayAssociations", + "description": "Grants permission to describe customer gateway associations", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetCustomerGatewayAssociations.html" + }, + "GetDevices": { + "privilege": "GetDevices", + "description": "Grants permission to describe devices", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetDevices.html" + }, + "GetLinkAssociations": { + "privilege": "GetLinkAssociations", + "description": "Grants permission to describe link associations", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "device": "device", + "link": "link" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetLinkAssociations.html" + }, + "GetLinks": { + "privilege": "GetLinks", + "description": "Grants permission to describe links", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "link": "link" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetLinks.html" + }, + "GetNetworkResourceCounts": { + "privilege": "GetNetworkResourceCounts", + "description": "Grants permission to return the number of resources for a global network grouped by type", + "access_level": "Read", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkResourceCounts.html" + }, + "GetNetworkResourceRelationships": { + "privilege": "GetNetworkResourceRelationships", + "description": "Grants permission to retrieve related resources for a resource within the global network", + "access_level": "Read", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkResourceRelationships.html" + }, + "GetNetworkResources": { + "privilege": "GetNetworkResources", + "description": "Grants permission to retrieve a global network resource", + "access_level": "Read", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkResources.html" + }, + "GetNetworkRoutes": { + "privilege": "GetNetworkRoutes", + "description": "Grants permission to retrieve routes for a route table within the global network", + "access_level": "Read", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkRoutes.html" + }, + "GetNetworkTelemetry": { + "privilege": "GetNetworkTelemetry", + "description": "Grants permission to retrieve network telemetry objects for the global network", + "access_level": "Read", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetNetworkTelemetry.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to retrieve a resource policy", + "access_level": "Read", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetResourcePolicy.html" + }, + "GetRouteAnalysis": { + "privilege": "GetRouteAnalysis", + "description": "Grants permission to retrieve a route analysis configuration and result", + "access_level": "Read", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetRouteAnalysis.html" + }, + "GetSiteToSiteVpnAttachment": { + "privilege": "GetSiteToSiteVpnAttachment", + "description": "Grants permission to retrieve a site-to-site VPN attachment", + "access_level": "Read", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetSiteToSiteVpnAttachment.html" + }, + "GetSites": { + "privilege": "GetSites", + "description": "Grants permission to describe global networks", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetSites.html" + }, + "GetTransitGatewayConnectPeerAssociations": { + "privilege": "GetTransitGatewayConnectPeerAssociations", + "description": "Grants permission to describe transit gateway connect peer associations", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayConnectPeerAssociations.html" + }, + "GetTransitGatewayPeering": { + "privilege": "GetTransitGatewayPeering", + "description": "Grants permission to retrieve a Transit Gateway peering", + "access_level": "Read", + "resource_types": { + "peering": { + "resource_type": "peering", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "peering": "peering" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayPeering.html" + }, + "GetTransitGatewayRegistrations": { + "privilege": "GetTransitGatewayRegistrations", + "description": "Grants permission to describe transit gateway registrations", + "access_level": "List", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayRegistrations.html" + }, + "GetTransitGatewayRouteTableAttachment": { + "privilege": "GetTransitGatewayRouteTableAttachment", + "description": "Grants permission to retrieve a TGW RTB attachment", + "access_level": "Read", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetTransitGatewayRouteTableAttachment.html" + }, + "GetVpcAttachment": { + "privilege": "GetVpcAttachment", + "description": "Grants permission to retrieve a VPC attachment", + "access_level": "Read", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_GetVpcAttachment.html" + }, + "ListAttachments": { + "privilege": "ListAttachments", + "description": "Grants permission to describe attachments", + "access_level": "List", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListAttachments.html" + }, + "ListConnectPeers": { + "privilege": "ListConnectPeers", + "description": "Grants permission to describe Connect Peers", + "access_level": "List", + "resource_types": { + "connect-peer": { + "resource_type": "connect-peer", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connect-peer": "connect-peer" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListConnectPeers.html" + }, + "ListCoreNetworkPolicyVersions": { + "privilege": "ListCoreNetworkPolicyVersions", + "description": "Grants permission to list core network policy versions", + "access_level": "List", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListCoreNetworkPolicyVersions.html" + }, + "ListCoreNetworks": { + "privilege": "ListCoreNetworks", + "description": "Grants permission to list core networks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListCoreNetworks.html" + }, + "ListOrganizationServiceAccessStatus": { + "privilege": "ListOrganizationServiceAccessStatus", + "description": "Grants permission to list organization service access status", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListOrganizationServiceAccessStatus.html" + }, + "ListPeerings": { + "privilege": "ListPeerings", + "description": "Grants permission to describe peerings", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListPeerings.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a Network Manager resource", + "access_level": "Read", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connect-peer": { + "resource_type": "connect-peer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "core-network": { + "resource_type": "core-network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment", + "connect-peer": "connect-peer", + "connection": "connection", + "core-network": "core-network", + "device": "device", + "global-network": "global-network", + "link": "link", + "site": "site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_ListTagsForResource.html" + }, + "PutCoreNetworkPolicy": { + "privilege": "PutCoreNetworkPolicy", + "description": "Grants permission to create a core network policy", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_PutCoreNetworkPolicy.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create or update a resource policy", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_PutResourcePolicy.html" + }, + "RegisterTransitGateway": { + "privilege": "RegisterTransitGateway", + "description": "Grants permission to register a transit gateway to a global network", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "networkmanager:tgwArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_RegisterTransitGateway.html" + }, + "RejectAttachment": { + "privilege": "RejectAttachment", + "description": "Grants permission to reject attachment request", + "access_level": "Write", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_RejectAttachment.html" + }, + "RestoreCoreNetworkPolicyVersion": { + "privilege": "RestoreCoreNetworkPolicyVersion", + "description": "Grants permission to restore the core network policy to a previous version", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_RestoreCoreNetworkPolicyVersion.html" + }, + "StartOrganizationServiceAccessUpdate": { + "privilege": "StartOrganizationServiceAccessUpdate", + "description": "Grants permission to start organization service access update", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_StartOrganizationServiceAccessUpdate.html" + }, + "StartRouteAnalysis": { + "privilege": "StartRouteAnalysis", + "description": "Grants permission to start a route analysis and stores analysis configuration", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_StartRouteAnalysis.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a Network Manager resource", + "access_level": "Tagging", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connect-peer": { + "resource_type": "connect-peer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "core-network": { + "resource_type": "core-network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment", + "connect-peer": "connect-peer", + "connection": "connection", + "core-network": "core-network", + "device": "device", + "global-network": "global-network", + "link": "link", + "site": "site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a Network Manager resource", + "access_level": "Tagging", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connect-peer": { + "resource_type": "connect-peer", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "core-network": { + "resource_type": "core-network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment", + "connect-peer": "connect-peer", + "connection": "connection", + "core-network": "core-network", + "device": "device", + "global-network": "global-network", + "link": "link", + "site": "site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UntagResource.html" + }, + "UpdateConnection": { + "privilege": "UpdateConnection", + "description": "Grants permission to update a connection", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection", + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateConnection.html" + }, + "UpdateCoreNetwork": { + "privilege": "UpdateCoreNetwork", + "description": "Grants permission to update a core network", + "access_level": "Write", + "resource_types": { + "core-network": { + "resource_type": "core-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "core-network": "core-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateCoreNetwork.html" + }, + "UpdateDevice": { + "privilege": "UpdateDevice", + "description": "Grants permission to update a device", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device", + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateDevice.html" + }, + "UpdateGlobalNetwork": { + "privilege": "UpdateGlobalNetwork", + "description": "Grants permission to update a global network", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateGlobalNetwork.html" + }, + "UpdateLink": { + "privilege": "UpdateLink", + "description": "Grants permission to update a link", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "link": { + "resource_type": "link", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "link": "link" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateLink.html" + }, + "UpdateNetworkResourceMetadata": { + "privilege": "UpdateNetworkResourceMetadata", + "description": "Grants permission to add or update metadata key/value pairs on network resource", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateNetworkResourceMetadata.html" + }, + "UpdateSite": { + "privilege": "UpdateSite", + "description": "Grants permission to update a site", + "access_level": "Write", + "resource_types": { + "global-network": { + "resource_type": "global-network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "global-network": "global-network", + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateSite.html" + }, + "UpdateVpcAttachment": { + "privilege": "UpdateVpcAttachment", + "description": "Grants permission to update a VPC attachment", + "access_level": "Write", + "resource_types": { + "attachment": { + "resource_type": "attachment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "networkmanager:subnetArns" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attachment": "attachment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/networkmanager/latest/APIReference/API_UpdateVpcAttachment.html" + } + }, + "privileges_lower_name": { + "acceptattachment": "AcceptAttachment", + "associateconnectpeer": "AssociateConnectPeer", + "associatecustomergateway": "AssociateCustomerGateway", + "associatelink": "AssociateLink", + "associatetransitgatewayconnectpeer": "AssociateTransitGatewayConnectPeer", + "createconnectattachment": "CreateConnectAttachment", + "createconnectpeer": "CreateConnectPeer", + "createconnection": "CreateConnection", + "createcorenetwork": "CreateCoreNetwork", + "createdevice": "CreateDevice", + "createglobalnetwork": "CreateGlobalNetwork", + "createlink": "CreateLink", + "createsite": "CreateSite", + "createsitetositevpnattachment": "CreateSiteToSiteVpnAttachment", + "createtransitgatewaypeering": "CreateTransitGatewayPeering", + "createtransitgatewayroutetableattachment": "CreateTransitGatewayRouteTableAttachment", + "createvpcattachment": "CreateVpcAttachment", + "deleteattachment": "DeleteAttachment", + "deleteconnectpeer": "DeleteConnectPeer", + "deleteconnection": "DeleteConnection", + "deletecorenetwork": "DeleteCoreNetwork", + "deletecorenetworkpolicyversion": "DeleteCoreNetworkPolicyVersion", + "deletedevice": "DeleteDevice", + "deleteglobalnetwork": "DeleteGlobalNetwork", + "deletelink": "DeleteLink", + "deletepeering": "DeletePeering", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deletesite": "DeleteSite", + "deregistertransitgateway": "DeregisterTransitGateway", + "describeglobalnetworks": "DescribeGlobalNetworks", + "disassociateconnectpeer": "DisassociateConnectPeer", + "disassociatecustomergateway": "DisassociateCustomerGateway", + "disassociatelink": "DisassociateLink", + "disassociatetransitgatewayconnectpeer": "DisassociateTransitGatewayConnectPeer", + "executecorenetworkchangeset": "ExecuteCoreNetworkChangeSet", + "getconnectattachment": "GetConnectAttachment", + "getconnectpeer": "GetConnectPeer", + "getconnectpeerassociations": "GetConnectPeerAssociations", + "getconnections": "GetConnections", + "getcorenetwork": "GetCoreNetwork", + "getcorenetworkchangeevents": "GetCoreNetworkChangeEvents", + "getcorenetworkchangeset": "GetCoreNetworkChangeSet", + "getcorenetworkpolicy": "GetCoreNetworkPolicy", + "getcustomergatewayassociations": "GetCustomerGatewayAssociations", + "getdevices": "GetDevices", + "getlinkassociations": "GetLinkAssociations", + "getlinks": "GetLinks", + "getnetworkresourcecounts": "GetNetworkResourceCounts", + "getnetworkresourcerelationships": "GetNetworkResourceRelationships", + "getnetworkresources": "GetNetworkResources", + "getnetworkroutes": "GetNetworkRoutes", + "getnetworktelemetry": "GetNetworkTelemetry", + "getresourcepolicy": "GetResourcePolicy", + "getrouteanalysis": "GetRouteAnalysis", + "getsitetositevpnattachment": "GetSiteToSiteVpnAttachment", + "getsites": "GetSites", + "gettransitgatewayconnectpeerassociations": "GetTransitGatewayConnectPeerAssociations", + "gettransitgatewaypeering": "GetTransitGatewayPeering", + "gettransitgatewayregistrations": "GetTransitGatewayRegistrations", + "gettransitgatewayroutetableattachment": "GetTransitGatewayRouteTableAttachment", + "getvpcattachment": "GetVpcAttachment", + "listattachments": "ListAttachments", + "listconnectpeers": "ListConnectPeers", + "listcorenetworkpolicyversions": "ListCoreNetworkPolicyVersions", + "listcorenetworks": "ListCoreNetworks", + "listorganizationserviceaccessstatus": "ListOrganizationServiceAccessStatus", + "listpeerings": "ListPeerings", + "listtagsforresource": "ListTagsForResource", + "putcorenetworkpolicy": "PutCoreNetworkPolicy", + "putresourcepolicy": "PutResourcePolicy", + "registertransitgateway": "RegisterTransitGateway", + "rejectattachment": "RejectAttachment", + "restorecorenetworkpolicyversion": "RestoreCoreNetworkPolicyVersion", + "startorganizationserviceaccessupdate": "StartOrganizationServiceAccessUpdate", + "startrouteanalysis": "StartRouteAnalysis", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateconnection": "UpdateConnection", + "updatecorenetwork": "UpdateCoreNetwork", + "updatedevice": "UpdateDevice", + "updateglobalnetwork": "UpdateGlobalNetwork", + "updatelink": "UpdateLink", + "updatenetworkresourcemetadata": "UpdateNetworkResourceMetadata", + "updatesite": "UpdateSite", + "updatevpcattachment": "UpdateVpcAttachment" + }, + "resources": { + "global-network": { + "resource": "global-network", + "arn": "arn:${Partition}:networkmanager::${Account}:global-network/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "site": { + "resource": "site", + "arn": "arn:${Partition}:networkmanager::${Account}:site/${GlobalNetworkId}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "link": { + "resource": "link", + "arn": "arn:${Partition}:networkmanager::${Account}:link/${GlobalNetworkId}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "device": { + "resource": "device", + "arn": "arn:${Partition}:networkmanager::${Account}:device/${GlobalNetworkId}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "connection": { + "resource": "connection", + "arn": "arn:${Partition}:networkmanager::${Account}:connection/${GlobalNetworkId}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "core-network": { + "resource": "core-network", + "arn": "arn:${Partition}:networkmanager::${Account}:core-network/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "attachment": { + "resource": "attachment", + "arn": "arn:${Partition}:networkmanager::${Account}:attachment/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "connect-peer": { + "resource": "connect-peer", + "arn": "arn:${Partition}:networkmanager::${Account}:connect-peer/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "peering": { + "resource": "peering", + "arn": "arn:${Partition}:networkmanager::${Account}:peering/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "global-network": "global-network", + "site": "site", + "link": "link", + "device": "device", + "connection": "connection", + "core-network": "core-network", + "attachment": "attachment", + "connect-peer": "connect-peer", + "peering": "peering" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "networkmanager:cgwArn": { + "condition": "networkmanager:cgwArn", + "description": "Filters access by which customer gateways can be associated or disassociated", + "type": "String" + }, + "networkmanager:subnetArns": { + "condition": "networkmanager:subnetArns", + "description": "Filters access by which VPC subnets can be added or removed from a VPC attachment", + "type": "ArrayOfString" + }, + "networkmanager:tgwArn": { + "condition": "networkmanager:tgwArn", + "description": "Filters access by which transit gateways can be registered or deregistered", + "type": "String" + }, + "networkmanager:tgwConnectPeerArn": { + "condition": "networkmanager:tgwConnectPeerArn", + "description": "Filters access by which transit gateway connect peers can be associated or disassociated", + "type": "String" + }, + "networkmanager:tgwRtbArn": { + "condition": "networkmanager:tgwRtbArn", + "description": "Filters access by which Transit Gateway Route Table can be used to create an attachment", + "type": "ARN" + }, + "networkmanager:vpcArn": { + "condition": "networkmanager:vpcArn", + "description": "Filters access by which VPC can be used to a create/update attachment", + "type": "String" + }, + "networkmanager:vpnConnectionArn": { + "condition": "networkmanager:vpnConnectionArn", + "description": "Filters access by which Site-to-Site VPN can be used to a create/update attachment", + "type": "String" + } + } + }, + "opsworks": { + "service_name": "AWS OpsWorks", + "prefix": "opsworks", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsopsworks.html", + "privileges": { + "AssignInstance": { + "privilege": "AssignInstance", + "description": "Grants permission to assign a registered instance to a layer", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AssignInstance.html" + }, + "AssignVolume": { + "privilege": "AssignVolume", + "description": "Grants permission to assign one of the stack's registered Amazon EBS volumes to a specified instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AssignVolume.html" + }, + "AssociateElasticIp": { + "privilege": "AssociateElasticIp", + "description": "Grants permission to associate one of the stack's registered Elastic IP addresses with a specified instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AssociateElasticIp.html" + }, + "AttachElasticLoadBalancer": { + "privilege": "AttachElasticLoadBalancer", + "description": "Grants permission to attach an Elastic Load Balancing load balancer to a specified layer", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_AttachElasticLoadBalancer.html" + }, + "CloneStack": { + "privilege": "CloneStack", + "description": "Grants permission to create a clone of a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CloneStack.html" + }, + "CreateApp": { + "privilege": "CreateApp", + "description": "Grants permission to create an app for a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateApp.html" + }, + "CreateDeployment": { + "privilege": "CreateDeployment", + "description": "Grants permission to run deployment or stack commands", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateDeployment.html" + }, + "CreateInstance": { + "privilege": "CreateInstance", + "description": "Grants permission to create an instance in a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateInstance.html" + }, + "CreateLayer": { + "privilege": "CreateLayer", + "description": "Grants permission to create a layer", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateLayer.html" + }, + "CreateStack": { + "privilege": "CreateStack", + "description": "Grants permission to create a new stack", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateStack.html" + }, + "CreateUserProfile": { + "privilege": "CreateUserProfile", + "description": "Grants permission to create a new user profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_CreateUserProfile.html" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Grants permission to delete a specified app", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteApp.html" + }, + "DeleteInstance": { + "privilege": "DeleteInstance", + "description": "Grants permission to delete a specified instance, which terminates the associated Amazon EC2 instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteInstance.html" + }, + "DeleteLayer": { + "privilege": "DeleteLayer", + "description": "Grants permission to delete a specified layer", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteLayer.html" + }, + "DeleteStack": { + "privilege": "DeleteStack", + "description": "Grants permission to delete a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteStack.html" + }, + "DeleteUserProfile": { + "privilege": "DeleteUserProfile", + "description": "Grants permission to delete a user profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeleteUserProfile.html" + }, + "DeregisterEcsCluster": { + "privilege": "DeregisterEcsCluster", + "description": "Grants permission to delete a user profile", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterEcsCluster.html" + }, + "DeregisterElasticIp": { + "privilege": "DeregisterElasticIp", + "description": "Grants permission to deregister a specified Elastic IP address", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterElasticIp.html" + }, + "DeregisterInstance": { + "privilege": "DeregisterInstance", + "description": "Grants permission to deregister a registered Amazon EC2 or on-premises instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterInstance.html" + }, + "DeregisterRdsDbInstance": { + "privilege": "DeregisterRdsDbInstance", + "description": "Grants permission to deregister an Amazon RDS instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterRdsDbInstance.html" + }, + "DeregisterVolume": { + "privilege": "DeregisterVolume", + "description": "Grants permission to deregister an Amazon EBS volume", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DeregisterVolume.html" + }, + "DescribeAgentVersions": { + "privilege": "DescribeAgentVersions", + "description": "Grants permission to describe the available AWS OpsWorks agent versions", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeAgentVersions.html" + }, + "DescribeApps": { + "privilege": "DescribeApps", + "description": "Grants permission to request a description of a specified set of apps", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeApps.html" + }, + "DescribeCommands": { + "privilege": "DescribeCommands", + "description": "Grants permission to describe the results of specified commands", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeCommands.html" + }, + "DescribeDeployments": { + "privilege": "DescribeDeployments", + "description": "Grants permission to request a description of a specified set of deployments", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeDeployments.html" + }, + "DescribeEcsClusters": { + "privilege": "DescribeEcsClusters", + "description": "Grants permission to describe Amazon ECS clusters that are registered with a stack", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeEcsClusters.html" + }, + "DescribeElasticIps": { + "privilege": "DescribeElasticIps", + "description": "Grants permission to describe Elastic IP addresses", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeElasticIps.html" + }, + "DescribeElasticLoadBalancers": { + "privilege": "DescribeElasticLoadBalancers", + "description": "Grants permission to describe a stack's Elastic Load Balancing instances", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeElasticLoadBalancers.html" + }, + "DescribeInstances": { + "privilege": "DescribeInstances", + "description": "Grants permission to request a description of a set of instances", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeInstances.html" + }, + "DescribeLayers": { + "privilege": "DescribeLayers", + "description": "Grants permission to request a description of one or more layers in a specified stack", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeLayers.html" + }, + "DescribeLoadBasedAutoScaling": { + "privilege": "DescribeLoadBasedAutoScaling", + "description": "Grants permission to describe load-based auto scaling configurations for specified layers", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeLoadBasedAutoScaling.html" + }, + "DescribeMyUserProfile": { + "privilege": "DescribeMyUserProfile", + "description": "Grants permission to describe a user's SSH information", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeMyUserProfile.html" + }, + "DescribeOperatingSystems": { + "privilege": "DescribeOperatingSystems", + "description": "Grants permission to describe the operating systems that are supported by AWS OpsWorks Stacks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeOperatingSystems.html" + }, + "DescribePermissions": { + "privilege": "DescribePermissions", + "description": "Grants permission to describe the permissions for a specified stack", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribePermissions.html" + }, + "DescribeRaidArrays": { + "privilege": "DescribeRaidArrays", + "description": "Grants permission to describe an instance's RAID arrays", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeRaidArrays.html" + }, + "DescribeRdsDbInstances": { + "privilege": "DescribeRdsDbInstances", + "description": "Grants permission to describe Amazon RDS instances", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeRdsDbInstances.html" + }, + "DescribeServiceErrors": { + "privilege": "DescribeServiceErrors", + "description": "Grants permission to describe AWS OpsWorks service errors", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeServiceErrors.html" + }, + "DescribeStackProvisioningParameters": { + "privilege": "DescribeStackProvisioningParameters", + "description": "Grants permission to request a description of a stack's provisioning parameters", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeStackProvisioningParameters.html" + }, + "DescribeStackSummary": { + "privilege": "DescribeStackSummary", + "description": "Grants permission to describe the number of layers and apps in a specified stack, and the number of instances in each state, such as running_setup or online", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeStackSummary.html" + }, + "DescribeStacks": { + "privilege": "DescribeStacks", + "description": "Grants permission to request a description of one or more stacks", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeStacks.html" + }, + "DescribeTimeBasedAutoScaling": { + "privilege": "DescribeTimeBasedAutoScaling", + "description": "Grants permission to describe time-based auto scaling configurations for specified instances", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeTimeBasedAutoScaling.html" + }, + "DescribeUserProfiles": { + "privilege": "DescribeUserProfiles", + "description": "Grants permission to describe specified users", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeUserProfiles.html" + }, + "DescribeVolumes": { + "privilege": "DescribeVolumes", + "description": "Grants permission to describe an instance's Amazon EBS volumes", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DescribeVolumes.html" + }, + "DetachElasticLoadBalancer": { + "privilege": "DetachElasticLoadBalancer", + "description": "Grants permission to detache a specified Elastic Load Balancing instance from its layer", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DetachElasticLoadBalancer.html" + }, + "DisassociateElasticIp": { + "privilege": "DisassociateElasticIp", + "description": "Grants permission to disassociate an Elastic IP address from its instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_DisassociateElasticIp.html" + }, + "GetHostnameSuggestion": { + "privilege": "GetHostnameSuggestion", + "description": "Grants permission to get a generated host name for the specified layer, based on the current host name theme", + "access_level": "Read", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_GetHostnameSuggestion.html" + }, + "GrantAccess": { + "privilege": "GrantAccess", + "description": "Grants permission to grant RDP access to a Windows instance for a specified time period", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RebootInstance.html" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to return a list of tags that are applied to the specified stack or layer", + "access_level": "List", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_ListTags.html" + }, + "RebootInstance": { + "privilege": "RebootInstance", + "description": "Grants permission to reboot a specified instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RebootInstance.html" + }, + "RegisterEcsCluster": { + "privilege": "RegisterEcsCluster", + "description": "Grants permission to register a specified Amazon ECS cluster with a stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterEcsCluster.html" + }, + "RegisterElasticIp": { + "privilege": "RegisterElasticIp", + "description": "Grants permission to register an Elastic IP address with a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterElasticIp.html" + }, + "RegisterInstance": { + "privilege": "RegisterInstance", + "description": "Grants permission to register instances with a specified stack that were created outside of AWS OpsWorks", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterInstance.html" + }, + "RegisterRdsDbInstance": { + "privilege": "RegisterRdsDbInstance", + "description": "Grants permission to register an Amazon RDS instance with a stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterRdsDbInstance.html" + }, + "RegisterVolume": { + "privilege": "RegisterVolume", + "description": "Grants permission to register an Amazon EBS volume with a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_RegisterVolume.html" + }, + "SetLoadBasedAutoScaling": { + "privilege": "SetLoadBasedAutoScaling", + "description": "Grants permission to specify the load-based auto scaling configuration for a specified layer", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_SetLoadBasedAutoScaling.html" + }, + "SetPermission": { + "privilege": "SetPermission", + "description": "Grants permission to specify a user's permissions", + "access_level": "Permissions management", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_SetPermission.html" + }, + "SetTimeBasedAutoScaling": { + "privilege": "SetTimeBasedAutoScaling", + "description": "Grants permission to specify the time-based auto scaling configuration for a specified instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_SetTimeBasedAutoScaling.html" + }, + "StartInstance": { + "privilege": "StartInstance", + "description": "Grants permission to start a specified instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StartInstance.html" + }, + "StartStack": { + "privilege": "StartStack", + "description": "Grants permission to start a stack's instances", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StartStack.html" + }, + "StopInstance": { + "privilege": "StopInstance", + "description": "Grants permission to stop a specified instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StopInstance.html" + }, + "StopStack": { + "privilege": "StopStack", + "description": "Grants permission to stop a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_StopStack.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to apply tags to a specified stack or layer", + "access_level": "Tagging", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_TagResource.html" + }, + "UnassignInstance": { + "privilege": "UnassignInstance", + "description": "Grants permission to unassign a registered instance from all of it's layers", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UnassignInstance.html" + }, + "UnassignVolume": { + "privilege": "UnassignVolume", + "description": "Grants permission to unassign an assigned Amazon EBS volume", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UnassignVolume.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a specified stack or layer", + "access_level": "Tagging", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UntagResource.html" + }, + "UpdateApp": { + "privilege": "UpdateApp", + "description": "Grants permission to update a specified app", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateApp.html" + }, + "UpdateElasticIp": { + "privilege": "UpdateElasticIp", + "description": "Grants permission to update a registered Elastic IP address's name", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateElasticIp.html" + }, + "UpdateInstance": { + "privilege": "UpdateInstance", + "description": "Grants permission to update a specified instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateInstance.html" + }, + "UpdateLayer": { + "privilege": "UpdateLayer", + "description": "Grants permission to update a specified layer", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateLayer.html" + }, + "UpdateMyUserProfile": { + "privilege": "UpdateMyUserProfile", + "description": "Grants permission to update a user's SSH public key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateMyUserProfile.html" + }, + "UpdateRdsDbInstance": { + "privilege": "UpdateRdsDbInstance", + "description": "Grants permission to update an Amazon RDS instance", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateRdsDbInstance.html" + }, + "UpdateStack": { + "privilege": "UpdateStack", + "description": "Grants permission to update a specified stack", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateStack.html" + }, + "UpdateUserProfile": { + "privilege": "UpdateUserProfile", + "description": "Grants permission to update a specified user profile", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateUserProfile.html" + }, + "UpdateVolume": { + "privilege": "UpdateVolume", + "description": "Grants permission to update an Amazon EBS volume's name or mount point", + "access_level": "Write", + "resource_types": { + "stack": { + "resource_type": "stack", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "stack": "stack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks/latest/APIReference/API_UpdateVolume.html" + } + }, + "privileges_lower_name": { + "assigninstance": "AssignInstance", + "assignvolume": "AssignVolume", + "associateelasticip": "AssociateElasticIp", + "attachelasticloadbalancer": "AttachElasticLoadBalancer", + "clonestack": "CloneStack", + "createapp": "CreateApp", + "createdeployment": "CreateDeployment", + "createinstance": "CreateInstance", + "createlayer": "CreateLayer", + "createstack": "CreateStack", + "createuserprofile": "CreateUserProfile", + "deleteapp": "DeleteApp", + "deleteinstance": "DeleteInstance", + "deletelayer": "DeleteLayer", + "deletestack": "DeleteStack", + "deleteuserprofile": "DeleteUserProfile", + "deregisterecscluster": "DeregisterEcsCluster", + "deregisterelasticip": "DeregisterElasticIp", + "deregisterinstance": "DeregisterInstance", + "deregisterrdsdbinstance": "DeregisterRdsDbInstance", + "deregistervolume": "DeregisterVolume", + "describeagentversions": "DescribeAgentVersions", + "describeapps": "DescribeApps", + "describecommands": "DescribeCommands", + "describedeployments": "DescribeDeployments", + "describeecsclusters": "DescribeEcsClusters", + "describeelasticips": "DescribeElasticIps", + "describeelasticloadbalancers": "DescribeElasticLoadBalancers", + "describeinstances": "DescribeInstances", + "describelayers": "DescribeLayers", + "describeloadbasedautoscaling": "DescribeLoadBasedAutoScaling", + "describemyuserprofile": "DescribeMyUserProfile", + "describeoperatingsystems": "DescribeOperatingSystems", + "describepermissions": "DescribePermissions", + "describeraidarrays": "DescribeRaidArrays", + "describerdsdbinstances": "DescribeRdsDbInstances", + "describeserviceerrors": "DescribeServiceErrors", + "describestackprovisioningparameters": "DescribeStackProvisioningParameters", + "describestacksummary": "DescribeStackSummary", + "describestacks": "DescribeStacks", + "describetimebasedautoscaling": "DescribeTimeBasedAutoScaling", + "describeuserprofiles": "DescribeUserProfiles", + "describevolumes": "DescribeVolumes", + "detachelasticloadbalancer": "DetachElasticLoadBalancer", + "disassociateelasticip": "DisassociateElasticIp", + "gethostnamesuggestion": "GetHostnameSuggestion", + "grantaccess": "GrantAccess", + "listtags": "ListTags", + "rebootinstance": "RebootInstance", + "registerecscluster": "RegisterEcsCluster", + "registerelasticip": "RegisterElasticIp", + "registerinstance": "RegisterInstance", + "registerrdsdbinstance": "RegisterRdsDbInstance", + "registervolume": "RegisterVolume", + "setloadbasedautoscaling": "SetLoadBasedAutoScaling", + "setpermission": "SetPermission", + "settimebasedautoscaling": "SetTimeBasedAutoScaling", + "startinstance": "StartInstance", + "startstack": "StartStack", + "stopinstance": "StopInstance", + "stopstack": "StopStack", + "tagresource": "TagResource", + "unassigninstance": "UnassignInstance", + "unassignvolume": "UnassignVolume", + "untagresource": "UntagResource", + "updateapp": "UpdateApp", + "updateelasticip": "UpdateElasticIp", + "updateinstance": "UpdateInstance", + "updatelayer": "UpdateLayer", + "updatemyuserprofile": "UpdateMyUserProfile", + "updaterdsdbinstance": "UpdateRdsDbInstance", + "updatestack": "UpdateStack", + "updateuserprofile": "UpdateUserProfile", + "updatevolume": "UpdateVolume" + }, + "resources": { + "stack": { + "resource": "stack", + "arn": "arn:${Partition}:opsworks:${Region}:${Account}:stack/${StackId}/", + "condition_keys": [] + } + }, + "resources_lower_name": { + "stack": "stack" + }, + "conditions": {} + }, + "opsworks-cm": { + "service_name": "AWS OpsWorks Configuration Management", + "prefix": "opsworks-cm", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsopsworksconfigurationmanagement.html", + "privileges": { + "AssociateNode": { + "privilege": "AssociateNode", + "description": "Grants permission to associate a node to a configuration management server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_AssociateNode.html" + }, + "CreateBackup": { + "privilege": "CreateBackup", + "description": "Grants permission to create a backup for the specified server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_CreateBackup.html" + }, + "CreateServer": { + "privilege": "CreateServer", + "description": "Grants permission to create a new server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_CreateServer.html" + }, + "DeleteBackup": { + "privilege": "DeleteBackup", + "description": "Grants permission to delete the specified backup and possibly its S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DeleteBackup.html" + }, + "DeleteServer": { + "privilege": "DeleteServer", + "description": "Grants permission to delete the specified server with its corresponding CloudFormation stack and possibly the S3 bucket", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DeleteServer.html" + }, + "DescribeAccountAttributes": { + "privilege": "DescribeAccountAttributes", + "description": "Grants permission to describe the service limits for the user's account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeAccountAttributes.html" + }, + "DescribeBackups": { + "privilege": "DescribeBackups", + "description": "Grants permission to describe a single backup, all backups of a specified server or all backups of the user's account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeBackups.html" + }, + "DescribeEvents": { + "privilege": "DescribeEvents", + "description": "Grants permission to describe all events of the specified server", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeEvents.html" + }, + "DescribeNodeAssociationStatus": { + "privilege": "DescribeNodeAssociationStatus", + "description": "Grants permission to describe the association status for the specified node token and the specified server", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeNodeAssociationStatus.html" + }, + "DescribeServers": { + "privilege": "DescribeServers", + "description": "Grants permission to describe the specified server or all servers of the user's account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DescribeServers.html" + }, + "DisassociateNode": { + "privilege": "DisassociateNode", + "description": "Grants permission to disassociate a specified node from a server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_DisassociateNode.html" + }, + "ExportServerEngineAttribute": { + "privilege": "ExportServerEngineAttribute", + "description": "Grants permission to export an engine attribute from a server", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_ExportServerEngineAttribute.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags that are applied to the specified server or backup", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_ListTagsForResource.html" + }, + "RestoreServer": { + "privilege": "RestoreServer", + "description": "Grants permission to apply a backup to specified server. Possibly swaps out the ec2-instance if specified", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_RestoreServer.html" + }, + "StartMaintenance": { + "privilege": "StartMaintenance", + "description": "Grants permission to start the server maintenance immediately", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_StartMaintenance.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to apply tags to the specified server or backup", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from the specified server or backup", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_UntagResource.html" + }, + "UpdateServer": { + "privilege": "UpdateServer", + "description": "Grants permission to update general server settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_UpdateServer.html" + }, + "UpdateServerEngineAttributes": { + "privilege": "UpdateServerEngineAttributes", + "description": "Grants permission to update server settings specific to the configuration management type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/opsworks-cm/latest/APIReference/API_UpdateServerEngineAttributes.html" + } + }, + "privileges_lower_name": { + "associatenode": "AssociateNode", + "createbackup": "CreateBackup", + "createserver": "CreateServer", + "deletebackup": "DeleteBackup", + "deleteserver": "DeleteServer", + "describeaccountattributes": "DescribeAccountAttributes", + "describebackups": "DescribeBackups", + "describeevents": "DescribeEvents", + "describenodeassociationstatus": "DescribeNodeAssociationStatus", + "describeservers": "DescribeServers", + "disassociatenode": "DisassociateNode", + "exportserverengineattribute": "ExportServerEngineAttribute", + "listtagsforresource": "ListTagsForResource", + "restoreserver": "RestoreServer", + "startmaintenance": "StartMaintenance", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateserver": "UpdateServer", + "updateserverengineattributes": "UpdateServerEngineAttributes" + }, + "resources": { + "server": { + "resource": "server", + "arn": "arn:${Partition}:opsworks-cm::${Account}:server/${ServerName}/${UniqueId}", + "condition_keys": [] + }, + "backup": { + "resource": "backup", + "arn": "arn:${Partition}:opsworks-cm::${Account}:backup/${ServerName}-{Date-and-Time-Stamp-of-Backup}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "server": "server", + "backup": "backup" + }, + "conditions": {} + }, + "organizations": { + "service_name": "AWS Organizations", + "prefix": "organizations", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html", + "privileges": { + "AcceptHandshake": { + "privilege": "AcceptHandshake", + "description": "Grants permission to send a response to the originator of a handshake agreeing to the action proposed by the handshake request", + "access_level": "Write", + "resource_types": { + "handshake": { + "resource_type": "handshake", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "handshake": "handshake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_AcceptHandshake.html" + }, + "AttachPolicy": { + "privilege": "AttachPolicy", + "description": "Grants permission to attach a policy to a root, an organizational unit, or an individual account", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "account": "account", + "organizationalunit": "organizationalunit", + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_AttachPolicy.html" + }, + "CancelHandshake": { + "privilege": "CancelHandshake", + "description": "Grants permission to cancel a handshake", + "access_level": "Write", + "resource_types": { + "handshake": { + "resource_type": "handshake", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "handshake": "handshake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CancelHandshake.html" + }, + "CloseAccount": { + "privilege": "CloseAccount", + "description": "Grants permission to close an AWS account that is now a part of an Organizations, either created within the organization, or invited to join the organization", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CloseAccount.html" + }, + "CreateAccount": { + "privilege": "CreateAccount", + "description": "Grants permission to create an AWS account that is automatically a member of the organization with the credentials that made the request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateAccount.html" + }, + "CreateGovCloudAccount": { + "privilege": "CreateGovCloudAccount", + "description": "Grants permission to create an AWS GovCloud (US) account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateGovCloudAccount.html" + }, + "CreateOrganization": { + "privilege": "CreateOrganization", + "description": "Grants permission to create an organization. The account with the credentials that calls the CreateOrganization operation automatically becomes the management account of the new organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateOrganization.html" + }, + "CreateOrganizationalUnit": { + "privilege": "CreateOrganizationalUnit", + "description": "Grants permission to create an organizational unit (OU) within a root or parent OU", + "access_level": "Write", + "resource_types": { + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationalunit": "organizationalunit", + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateOrganizationalUnit.html" + }, + "CreatePolicy": { + "privilege": "CreatePolicy", + "description": "Grants permission to create a policy that you can attach to a root, an organizational unit (OU), or an individual AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreatePolicy.html" + }, + "DeclineHandshake": { + "privilege": "DeclineHandshake", + "description": "Grants permission to decline a handshake request. This sets the handshake state to DECLINED and effectively deactivates the request", + "access_level": "Write", + "resource_types": { + "handshake": { + "resource_type": "handshake", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "handshake": "handshake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeclineHandshake.html" + }, + "DeleteOrganization": { + "privilege": "DeleteOrganization", + "description": "Grants permission to delete the organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeleteOrganization.html" + }, + "DeleteOrganizationalUnit": { + "privilege": "DeleteOrganizationalUnit", + "description": "Grants permission to delete an organizational unit from a root or another OU", + "access_level": "Write", + "resource_types": { + "organizationalunit": { + "resource_type": "organizationalunit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationalunit": "organizationalunit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeleteOrganizationalUnit.html" + }, + "DeletePolicy": { + "privilege": "DeletePolicy", + "description": "Grants permission to delete a policy from your organization", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeletePolicy.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a resource policy from your organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeregisterDelegatedAdministrator": { + "privilege": "DeregisterDelegatedAdministrator", + "description": "Grants permission to deregister the specified member AWS account as a delegated administrator for the AWS service that is specified by ServicePrincipal", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:ServicePrincipal" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DeregisterDelegatedAdministrator.html" + }, + "DescribeAccount": { + "privilege": "DescribeAccount", + "description": "Grants permission to retrieve Organizations-related details about the specified account", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeAccount.html" + }, + "DescribeCreateAccountStatus": { + "privilege": "DescribeCreateAccountStatus", + "description": "Grants permission to retrieve the current status of an asynchronous request to create an account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeCreateAccountStatus.html" + }, + "DescribeEffectivePolicy": { + "privilege": "DescribeEffectivePolicy", + "description": "Grants permission to retrieve the effective policy for an account", + "access_level": "Read", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeEffectivePolicy.html" + }, + "DescribeHandshake": { + "privilege": "DescribeHandshake", + "description": "Grants permission to retrieve details about a previously requested handshake", + "access_level": "Read", + "resource_types": { + "handshake": { + "resource_type": "handshake", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "handshake": "handshake" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeHandshake.html" + }, + "DescribeOrganization": { + "privilege": "DescribeOrganization", + "description": "Grants permission to retrieves details about the organization that the calling credentials belong to", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeOrganization.html" + }, + "DescribeOrganizationalUnit": { + "privilege": "DescribeOrganizationalUnit", + "description": "Grants permission to retrieve details about an organizational unit (OU)", + "access_level": "Read", + "resource_types": { + "organizationalunit": { + "resource_type": "organizationalunit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationalunit": "organizationalunit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeOrganizationalUnit.html" + }, + "DescribePolicy": { + "privilege": "DescribePolicy", + "description": "Grants permission to retrieves details about a policy", + "access_level": "Read", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribePolicy.html" + }, + "DescribeResourcePolicy": { + "privilege": "DescribeResourcePolicy", + "description": "Grants permission to retrieve information about a resource policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DescribeResourcePolicy.html" + }, + "DetachPolicy": { + "privilege": "DetachPolicy", + "description": "Grants permission to detach a policy from a target root, organizational unit, or account", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "account": "account", + "organizationalunit": "organizationalunit", + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DetachPolicy.html" + }, + "DisableAWSServiceAccess": { + "privilege": "DisableAWSServiceAccess", + "description": "Grants permission to disable integration of an AWS service (the service that is specified by ServicePrincipal) with AWS Organizations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:ServicePrincipal" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DisableAWSServiceAccess.html" + }, + "DisablePolicyType": { + "privilege": "DisablePolicyType", + "description": "Grants permission to disable an organization policy type in a root", + "access_level": "Write", + "resource_types": { + "root": { + "resource_type": "root", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_DisablePolicyType.html" + }, + "EnableAWSServiceAccess": { + "privilege": "EnableAWSServiceAccess", + "description": "Grants permission to enable integration of an AWS service (the service that is specified by ServicePrincipal) with AWS Organizations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:ServicePrincipal" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html" + }, + "EnableAllFeatures": { + "privilege": "EnableAllFeatures", + "description": "Grants permission to start the process to enable all features in an organization, upgrading it from supporting only Consolidated Billing features", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAllFeatures.html" + }, + "EnablePolicyType": { + "privilege": "EnablePolicyType", + "description": "Grants permission to enable a policy type in a root", + "access_level": "Write", + "resource_types": { + "root": { + "resource_type": "root", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html" + }, + "InviteAccountToOrganization": { + "privilege": "InviteAccountToOrganization", + "description": "Grants permission to send an invitation to another AWS account, asking it to join your organization as a member account", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_InviteAccountToOrganization.html" + }, + "LeaveOrganization": { + "privilege": "LeaveOrganization", + "description": "Grants permission to remove a member account from its parent organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_LeaveOrganization.html" + }, + "ListAWSServiceAccessForOrganization": { + "privilege": "ListAWSServiceAccessForOrganization", + "description": "Grants permission to retrieve the list of the AWS services for which you enabled integration with your organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAWSServiceAccessForOrganization.html" + }, + "ListAccounts": { + "privilege": "ListAccounts", + "description": "Grants permission to list all of the the accounts in the organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html" + }, + "ListAccountsForParent": { + "privilege": "ListAccountsForParent", + "description": "Grants permission to list the accounts in an organization that are contained by a root or organizational unit (OU)", + "access_level": "List", + "resource_types": { + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationalunit": "organizationalunit", + "root": "root" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccountsForParent.html" + }, + "ListChildren": { + "privilege": "ListChildren", + "description": "Grants permission to list all of the OUs or accounts that are contained in a parent OU or root", + "access_level": "List", + "resource_types": { + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationalunit": "organizationalunit", + "root": "root" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListChildren.html" + }, + "ListCreateAccountStatus": { + "privilege": "ListCreateAccountStatus", + "description": "Grants permission to list the asynchronous account creation requests that are currently being tracked for the organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListCreateAccountStatus.html" + }, + "ListDelegatedAdministrators": { + "privilege": "ListDelegatedAdministrators", + "description": "Grants permission to list the AWS accounts that are designated as delegated administrators in this organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:ServicePrincipal" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListDelegatedAdministrators.html" + }, + "ListDelegatedServicesForAccount": { + "privilege": "ListDelegatedServicesForAccount", + "description": "Grants permission to list the AWS services for which the specified account is a delegated administrator in this organization", + "access_level": "List", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListDelegatedServicesForAccount.html" + }, + "ListHandshakesForAccount": { + "privilege": "ListHandshakesForAccount", + "description": "Grants permission to list all of the handshakes that are associated with an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListHandshakesForAccount.html" + }, + "ListHandshakesForOrganization": { + "privilege": "ListHandshakesForOrganization", + "description": "Grants permission to list the handshakes that are associated with the organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListHandshakesForOrganization.html" + }, + "ListOrganizationalUnitsForParent": { + "privilege": "ListOrganizationalUnitsForParent", + "description": "Grants permission to lists all of the organizational units (OUs) in a parent organizational unit or root", + "access_level": "List", + "resource_types": { + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationalunit": "organizationalunit", + "root": "root" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html" + }, + "ListParents": { + "privilege": "ListParents", + "description": "Grants permission to list the root or organizational units (OUs) that serve as the immediate parent of a child OU or account", + "access_level": "List", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "organizationalunit": "organizationalunit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListParents.html" + }, + "ListPolicies": { + "privilege": "ListPolicies", + "description": "Grants permission to list all of the policies in an organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListPolicies.html" + }, + "ListPoliciesForTarget": { + "privilege": "ListPoliciesForTarget", + "description": "Grants permission to list all of the policies that are directly attached to a root, organizational unit (OU), or account", + "access_level": "List", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "organizationalunit": "organizationalunit", + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListPoliciesForTarget.html" + }, + "ListRoots": { + "privilege": "ListRoots", + "description": "Grants permission to list all of the roots that are defined in the organization", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list all tags for the specified resource", + "access_level": "List", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resourcepolicy": { + "resource_type": "resourcepolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "organizationalunit": "organizationalunit", + "policy": "policy", + "resourcepolicy": "resourcepolicy", + "root": "root" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTargetsForPolicy": { + "privilege": "ListTargetsForPolicy", + "description": "Grants permission to list all the roots, OUs, and accounts to which a policy is attached", + "access_level": "List", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListTargetsForPolicy.html" + }, + "MoveAccount": { + "privilege": "MoveAccount", + "description": "Grants permission to move an account from its current root or OU to another parent root or OU", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "organizationalunit": "organizationalunit", + "root": "root" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_MoveAccount.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create or update a resource policy", + "access_level": "Write", + "resource_types": { + "resourcepolicy": { + "resource_type": "resourcepolicy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcepolicy": "resourcepolicy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_PutResourcePolicy.html" + }, + "RegisterDelegatedAdministrator": { + "privilege": "RegisterDelegatedAdministrator", + "description": "Grants permission to register the specified member account to administer the Organizations features of the AWS service that is specified by ServicePrincipal", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:ServicePrincipal" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_RegisterDelegatedAdministrator.html" + }, + "RemoveAccountFromOrganization": { + "privilege": "RemoveAccountFromOrganization", + "description": "Grants permission to removes the specified account from the organization", + "access_level": "Write", + "resource_types": { + "account": { + "resource_type": "account", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_RemoveAccountFromOrganization.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resourcepolicy": { + "resource_type": "resourcepolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "organizationalunit": "organizationalunit", + "policy": "policy", + "resourcepolicy": "resourcepolicy", + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "account": { + "resource_type": "account", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "organizationalunit": { + "resource_type": "organizationalunit", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "policy": { + "resource_type": "policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resourcepolicy": { + "resource_type": "resourcepolicy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "root": { + "resource_type": "root", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "account": "account", + "organizationalunit": "organizationalunit", + "policy": "policy", + "resourcepolicy": "resourcepolicy", + "root": "root", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_UntagResource.html" + }, + "UpdateOrganizationalUnit": { + "privilege": "UpdateOrganizationalUnit", + "description": "Grants permission to rename an organizational unit (OU)", + "access_level": "Write", + "resource_types": { + "organizationalunit": { + "resource_type": "organizationalunit", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "organizationalunit": "organizationalunit" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_UpdateOrganizationalUnit.html" + }, + "UpdatePolicy": { + "privilege": "UpdatePolicy", + "description": "Grants permission to update an existing policy with a new name, description, or content", + "access_level": "Write", + "resource_types": { + "policy": { + "resource_type": "policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "organizations:PolicyType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "policy": "policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/organizations/latest/APIReference/API_UpdatePolicy.html" + } + }, + "privileges_lower_name": { + "accepthandshake": "AcceptHandshake", + "attachpolicy": "AttachPolicy", + "cancelhandshake": "CancelHandshake", + "closeaccount": "CloseAccount", + "createaccount": "CreateAccount", + "creategovcloudaccount": "CreateGovCloudAccount", + "createorganization": "CreateOrganization", + "createorganizationalunit": "CreateOrganizationalUnit", + "createpolicy": "CreatePolicy", + "declinehandshake": "DeclineHandshake", + "deleteorganization": "DeleteOrganization", + "deleteorganizationalunit": "DeleteOrganizationalUnit", + "deletepolicy": "DeletePolicy", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deregisterdelegatedadministrator": "DeregisterDelegatedAdministrator", + "describeaccount": "DescribeAccount", + "describecreateaccountstatus": "DescribeCreateAccountStatus", + "describeeffectivepolicy": "DescribeEffectivePolicy", + "describehandshake": "DescribeHandshake", + "describeorganization": "DescribeOrganization", + "describeorganizationalunit": "DescribeOrganizationalUnit", + "describepolicy": "DescribePolicy", + "describeresourcepolicy": "DescribeResourcePolicy", + "detachpolicy": "DetachPolicy", + "disableawsserviceaccess": "DisableAWSServiceAccess", + "disablepolicytype": "DisablePolicyType", + "enableawsserviceaccess": "EnableAWSServiceAccess", + "enableallfeatures": "EnableAllFeatures", + "enablepolicytype": "EnablePolicyType", + "inviteaccounttoorganization": "InviteAccountToOrganization", + "leaveorganization": "LeaveOrganization", + "listawsserviceaccessfororganization": "ListAWSServiceAccessForOrganization", + "listaccounts": "ListAccounts", + "listaccountsforparent": "ListAccountsForParent", + "listchildren": "ListChildren", + "listcreateaccountstatus": "ListCreateAccountStatus", + "listdelegatedadministrators": "ListDelegatedAdministrators", + "listdelegatedservicesforaccount": "ListDelegatedServicesForAccount", + "listhandshakesforaccount": "ListHandshakesForAccount", + "listhandshakesfororganization": "ListHandshakesForOrganization", + "listorganizationalunitsforparent": "ListOrganizationalUnitsForParent", + "listparents": "ListParents", + "listpolicies": "ListPolicies", + "listpoliciesfortarget": "ListPoliciesForTarget", + "listroots": "ListRoots", + "listtagsforresource": "ListTagsForResource", + "listtargetsforpolicy": "ListTargetsForPolicy", + "moveaccount": "MoveAccount", + "putresourcepolicy": "PutResourcePolicy", + "registerdelegatedadministrator": "RegisterDelegatedAdministrator", + "removeaccountfromorganization": "RemoveAccountFromOrganization", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateorganizationalunit": "UpdateOrganizationalUnit", + "updatepolicy": "UpdatePolicy" + }, + "resources": { + "account": { + "resource": "account", + "arn": "arn:${Partition}:organizations::${Account}:account/o-${OrganizationId}/${AccountId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "handshake": { + "resource": "handshake", + "arn": "arn:${Partition}:organizations::${Account}:handshake/o-${OrganizationId}/${HandshakeType}/h-${HandshakeId}", + "condition_keys": [] + }, + "organization": { + "resource": "organization", + "arn": "arn:${Partition}:organizations::${Account}:organization/o-${OrganizationId}", + "condition_keys": [] + }, + "organizationalunit": { + "resource": "organizationalunit", + "arn": "arn:${Partition}:organizations::${Account}:ou/o-${OrganizationId}/ou-${OrganizationalUnitId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "policy": { + "resource": "policy", + "arn": "arn:${Partition}:organizations::${Account}:policy/o-${OrganizationId}/${PolicyType}/p-${PolicyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "resourcepolicy": { + "resource": "resourcepolicy", + "arn": "arn:${Partition}:organizations::${Account}:resourcepolicy/o-${OrganizationId}/rp-${ResourcePolicyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "awspolicy": { + "resource": "awspolicy", + "arn": "arn:${Partition}:organizations::aws:policy/${PolicyType}/p-${PolicyId}", + "condition_keys": [] + }, + "root": { + "resource": "root", + "arn": "arn:${Partition}:organizations::${Account}:root/o-${OrganizationId}/r-${RootId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "account": "account", + "handshake": "handshake", + "organization": "organization", + "organizationalunit": "organizationalunit", + "policy": "policy", + "resourcepolicy": "resourcepolicy", + "awspolicy": "awspolicy", + "root": "root" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "organizations:PolicyType": { + "condition": "organizations:PolicyType", + "description": "Filters access by the specified policy type names", + "type": "String" + }, + "organizations:ServicePrincipal": { + "condition": "organizations:ServicePrincipal", + "description": "Filters access by the specified service principal names", + "type": "String" + } + } + }, + "outposts": { + "service_name": "AWS Outposts", + "prefix": "outposts", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsoutposts.html", + "privileges": { + "CancelOrder": { + "privilege": "CancelOrder", + "description": "Grants permission to cancel an order", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CancelOrder.html" + }, + "CreateOrder": { + "privilege": "CreateOrder", + "description": "Grants permission to create an order", + "access_level": "Write", + "resource_types": { + "outpost": { + "resource_type": "outpost", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost": "outpost" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CreateOrder.html" + }, + "CreateOutpost": { + "privilege": "CreateOutpost", + "description": "Grants permission to create an Outpost", + "access_level": "Write", + "resource_types": { + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "site": "site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CreateOutpost.html" + }, + "CreatePrivateConnectivityConfig": { + "privilege": "CreatePrivateConnectivityConfig", + "description": "Grants permission to create a private connectivity configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/how-outposts-works.html#private-connectivity" + }, + "CreateSite": { + "privilege": "CreateSite", + "description": "Grants permission to create a site", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_CreateSite.html" + }, + "DeleteOutpost": { + "privilege": "DeleteOutpost", + "description": "Grants permission to delete an Outpost", + "access_level": "Write", + "resource_types": { + "outpost": { + "resource_type": "outpost", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost": "outpost" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_DeleteOutpost.html" + }, + "DeleteSite": { + "privilege": "DeleteSite", + "description": "Grants permission to delete a site", + "access_level": "Write", + "resource_types": { + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_DeleteSite.html" + }, + "GetCatalogItem": { + "privilege": "GetCatalogItem", + "description": "Grants permission to get a catalog item", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetCatalogItem.html" + }, + "GetConnection": { + "privilege": "GetConnection", + "description": "Grants permission to get information about the connection for your Outpost server", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetConnection.html" + }, + "GetOrder": { + "privilege": "GetOrder", + "description": "Grants permission to get information about an order", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetOrder.html" + }, + "GetOutpost": { + "privilege": "GetOutpost", + "description": "Grants permission to get information about the specified Outpost", + "access_level": "Read", + "resource_types": { + "outpost": { + "resource_type": "outpost", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost": "outpost" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetOutpost.html" + }, + "GetOutpostInstanceTypes": { + "privilege": "GetOutpostInstanceTypes", + "description": "Grants permission to get the instance types for the specified Outpost", + "access_level": "Read", + "resource_types": { + "outpost": { + "resource_type": "outpost", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost": "outpost" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetOutpostInstanceTypes.html" + }, + "GetPrivateConnectivityConfig": { + "privilege": "GetPrivateConnectivityConfig", + "description": "Grants permission to get a private connectivity configuration", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/userguide/how-outposts-works.html#private-connectivity" + }, + "GetSite": { + "privilege": "GetSite", + "description": "Grants permission to get a site", + "access_level": "Read", + "resource_types": { + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetSite.html" + }, + "GetSiteAddress": { + "privilege": "GetSiteAddress", + "description": "Grants permission to get a site address", + "access_level": "Read", + "resource_types": { + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_GetSiteAddress.html" + }, + "ListAssets": { + "privilege": "ListAssets", + "description": "Grants permission to list the assets for your Outpost", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListAssets.html" + }, + "ListCatalogItems": { + "privilege": "ListCatalogItems", + "description": "Grants permission to list all catalog items", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListCatalogItems.html" + }, + "ListOrders": { + "privilege": "ListOrders", + "description": "Grants permission to list the orders for your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListOrders.html" + }, + "ListOutposts": { + "privilege": "ListOutposts", + "description": "Grants permission to list the Outposts for your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListOutposts.html" + }, + "ListSites": { + "privilege": "ListSites", + "description": "Grants permission to list the sites for your AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListSites.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_ListTagsForResource.html" + }, + "StartConnection": { + "privilege": "StartConnection", + "description": "Grants permission to start a connection for your Outpost server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_StartConnection.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "outpost": { + "resource_type": "outpost", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost": "outpost", + "site": "site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "outpost": { + "resource_type": "outpost", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "site": { + "resource_type": "site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost": "outpost", + "site": "site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UntagResource.html" + }, + "UpdateOutpost": { + "privilege": "UpdateOutpost", + "description": "Grants permission to update an Outpost", + "access_level": "Write", + "resource_types": { + "outpost": { + "resource_type": "outpost", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "outpost": "outpost" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateOutpost.html" + }, + "UpdateSite": { + "privilege": "UpdateSite", + "description": "Grants permission to update a site", + "access_level": "Write", + "resource_types": { + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateSite.html" + }, + "UpdateSiteAddress": { + "privilege": "UpdateSiteAddress", + "description": "Grants permission to update the site address", + "access_level": "Write", + "resource_types": { + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateSiteAddress.html" + }, + "UpdateSiteRackPhysicalProperties": { + "privilege": "UpdateSiteRackPhysicalProperties", + "description": "Grants permission to update the physical properties of a rack at a site", + "access_level": "Write", + "resource_types": { + "site": { + "resource_type": "site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "site": "site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/outposts/latest/APIReference/API_UpdateSiteRackPhysicalProperties.html" + } + }, + "privileges_lower_name": { + "cancelorder": "CancelOrder", + "createorder": "CreateOrder", + "createoutpost": "CreateOutpost", + "createprivateconnectivityconfig": "CreatePrivateConnectivityConfig", + "createsite": "CreateSite", + "deleteoutpost": "DeleteOutpost", + "deletesite": "DeleteSite", + "getcatalogitem": "GetCatalogItem", + "getconnection": "GetConnection", + "getorder": "GetOrder", + "getoutpost": "GetOutpost", + "getoutpostinstancetypes": "GetOutpostInstanceTypes", + "getprivateconnectivityconfig": "GetPrivateConnectivityConfig", + "getsite": "GetSite", + "getsiteaddress": "GetSiteAddress", + "listassets": "ListAssets", + "listcatalogitems": "ListCatalogItems", + "listorders": "ListOrders", + "listoutposts": "ListOutposts", + "listsites": "ListSites", + "listtagsforresource": "ListTagsForResource", + "startconnection": "StartConnection", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateoutpost": "UpdateOutpost", + "updatesite": "UpdateSite", + "updatesiteaddress": "UpdateSiteAddress", + "updatesiterackphysicalproperties": "UpdateSiteRackPhysicalProperties" + }, + "resources": { + "outpost": { + "resource": "outpost", + "arn": "arn:${Partition}:outposts:${Region}:${Account}:outpost/${OutpostId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "site": { + "resource": "site", + "arn": "arn:${Partition}:outposts:${Region}:${Account}:site/${SiteId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "outpost": "outpost", + "site": "site" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "panorama": { + "service_name": "AWS Panorama", + "prefix": "panorama", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspanorama.html", + "privileges": { + "CreateApplicationInstance": { + "privilege": "CreateApplicationInstance", + "description": "Grants permission to create an AWS Panorama Application Instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreateApplicationInstance.html" + }, + "CreateJobForDevices": { + "privilege": "CreateJobForDevices", + "description": "Grants permission to create a job for an AWS Panorama Appliance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreateJobForDevices.html" + }, + "CreateNodeFromTemplateJob": { + "privilege": "CreateNodeFromTemplateJob", + "description": "Grants permission to create an AWS Panorama Node", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreateNodeFromTemplateJob.html" + }, + "CreatePackage": { + "privilege": "CreatePackage", + "description": "Grants permission to create an AWS Panorama Package", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreatePackage.html" + }, + "CreatePackageImportJob": { + "privilege": "CreatePackageImportJob", + "description": "Grants permission to create an AWS Panorama Package", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_CreatePackageImportJob.html" + }, + "DeleteDevice": { + "privilege": "DeleteDevice", + "description": "Grants permission to deregister an AWS Panorama Appliance", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DeleteDevice.html" + }, + "DeletePackage": { + "privilege": "DeletePackage", + "description": "Grants permission to delete an AWS Panorama Package", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DeletePackage.html" + }, + "DeregisterPackageVersion": { + "privilege": "DeregisterPackageVersion", + "description": "Grants permission to deregister an AWS Panorama package version", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DeregisterPackageVersion.html" + }, + "DescribeApplicationInstance": { + "privilege": "DescribeApplicationInstance", + "description": "Grants permission to view details about an AWS Panorama application instance", + "access_level": "Read", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeApplicationInstance.html" + }, + "DescribeApplicationInstanceDetails": { + "privilege": "DescribeApplicationInstanceDetails", + "description": "Grants permission to view details about an AWS Panorama application instance", + "access_level": "Read", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeApplicationInstanceDetails.html" + }, + "DescribeDevice": { + "privilege": "DescribeDevice", + "description": "Grants permission to view details about an AWS Panorama Appliance", + "access_level": "Read", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeDevice.html" + }, + "DescribeDeviceJob": { + "privilege": "DescribeDeviceJob", + "description": "Grants permission to view job details for an AWS Panorama Appliance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeDeviceJob.html" + }, + "DescribeNode": { + "privilege": "DescribeNode", + "description": "Grants permission to view details about an AWS Panorama application node", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeNode.html" + }, + "DescribeNodeFromTemplateJob": { + "privilege": "DescribeNodeFromTemplateJob", + "description": "Grants permission to view details about AWS Panorama application node", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribeNodeFromTemplateJob.html" + }, + "DescribePackage": { + "privilege": "DescribePackage", + "description": "Grants permission to view details about an AWS Panorama package", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribePackage.html" + }, + "DescribePackageImportJob": { + "privilege": "DescribePackageImportJob", + "description": "Grants permission to view details about an AWS Panorama package", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribePackageImportJob.html" + }, + "DescribePackageVersion": { + "privilege": "DescribePackageVersion", + "description": "Grants permission to view details about an AWS Panorama package version", + "access_level": "Read", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_DescribePackageVersion.html" + }, + "DescribeSoftware": { + "privilege": "DescribeSoftware", + "description": "Grants permission to view details about a software version for the AWS Panorama Appliance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspanorama.html" + }, + "GetWebSocketURL": { + "privilege": "GetWebSocketURL", + "description": "Grants permission to generate a WebSocket endpoint for communication with AWS Panorama", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspanorama.html" + }, + "ListApplicationInstanceDependencies": { + "privilege": "ListApplicationInstanceDependencies", + "description": "Grants permission to retrieve a list of application instance dependencies in AWS Panorama", + "access_level": "List", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListApplicationInstanceDependencies.html" + }, + "ListApplicationInstanceNodeInstances": { + "privilege": "ListApplicationInstanceNodeInstances", + "description": "Grants permission to retrieve a list of node instances of application instances in AWS Panorama", + "access_level": "List", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListApplicationInstanceNodeInstances.html" + }, + "ListApplicationInstances": { + "privilege": "ListApplicationInstances", + "description": "Grants permission to retrieve a list of application instances in AWS Panorama", + "access_level": "List", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListApplicationInstances.html" + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Grants permission to retrieve a list of appliances in AWS Panorama", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListDevices.html" + }, + "ListDevicesJobs": { + "privilege": "ListDevicesJobs", + "description": "Grants permission to retrieve a list of jobs for an AWS Panorama Appliance", + "access_level": "List", + "resource_types": { + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListDevicesJobs.html" + }, + "ListNodeFromTemplateJobs": { + "privilege": "ListNodeFromTemplateJobs", + "description": "Grants permission to retrieve a list of Nodes for an AWS Panorama Appliance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListNodeFromTemplateJobs.html" + }, + "ListNodes": { + "privilege": "ListNodes", + "description": "Grants permission to retrieve a list of nodes in AWS Panorama", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListNodes.html" + }, + "ListPackageImportJobs": { + "privilege": "ListPackageImportJobs", + "description": "Grants permission to retrieve a list of packages in AWS Panorama", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListPackageImportJobs.html" + }, + "ListPackages": { + "privilege": "ListPackages", + "description": "Grants permission to retrieve a list of packages in AWS Panorama", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListPackages.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve a list of tags for a resource in AWS Panorama", + "access_level": "Read", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "package": { + "resource_type": "package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance", + "device": "device", + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ListTagsForResource.html" + }, + "ProvisionDevice": { + "privilege": "ProvisionDevice", + "description": "Grants permission to register an AWS Panorama Appliance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_ProvisionDevice.html" + }, + "RegisterPackageVersion": { + "privilege": "RegisterPackageVersion", + "description": "Grants permission to register an AWS Panorama package version", + "access_level": "Write", + "resource_types": { + "package": { + "resource_type": "package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "package": "package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_RegisterPackageVersion.html" + }, + "RemoveApplicationInstance": { + "privilege": "RemoveApplicationInstance", + "description": "Grants permission to remove an AWS Panorama application instance", + "access_level": "Write", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_RemoveApplicationInstance.html" + }, + "SignalApplicationInstanceNodeInstances": { + "privilege": "SignalApplicationInstanceNodeInstances", + "description": "Grants permission to signal camera nodes in an application instance to pause or resume", + "access_level": "Write", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_SignalApplicationInstanceNodeInstances.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource in AWS Panorama", + "access_level": "Tagging", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "package": { + "resource_type": "package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance", + "device": "device", + "package": "package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource in AWS Panorama", + "access_level": "Tagging", + "resource_types": { + "applicationInstance": { + "resource_type": "applicationInstance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "device": { + "resource_type": "device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "package": { + "resource_type": "package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applicationinstance": "applicationInstance", + "device": "device", + "package": "package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_UntagResource.html" + }, + "UpdateDeviceMetadata": { + "privilege": "UpdateDeviceMetadata", + "description": "Grants permission to modify basic settings for an AWS Panorama Appliance", + "access_level": "Write", + "resource_types": { + "device": { + "resource_type": "device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device": "device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/panorama/latest/api/API_UpdateDeviceMetadata.html" + } + }, + "privileges_lower_name": { + "createapplicationinstance": "CreateApplicationInstance", + "createjobfordevices": "CreateJobForDevices", + "createnodefromtemplatejob": "CreateNodeFromTemplateJob", + "createpackage": "CreatePackage", + "createpackageimportjob": "CreatePackageImportJob", + "deletedevice": "DeleteDevice", + "deletepackage": "DeletePackage", + "deregisterpackageversion": "DeregisterPackageVersion", + "describeapplicationinstance": "DescribeApplicationInstance", + "describeapplicationinstancedetails": "DescribeApplicationInstanceDetails", + "describedevice": "DescribeDevice", + "describedevicejob": "DescribeDeviceJob", + "describenode": "DescribeNode", + "describenodefromtemplatejob": "DescribeNodeFromTemplateJob", + "describepackage": "DescribePackage", + "describepackageimportjob": "DescribePackageImportJob", + "describepackageversion": "DescribePackageVersion", + "describesoftware": "DescribeSoftware", + "getwebsocketurl": "GetWebSocketURL", + "listapplicationinstancedependencies": "ListApplicationInstanceDependencies", + "listapplicationinstancenodeinstances": "ListApplicationInstanceNodeInstances", + "listapplicationinstances": "ListApplicationInstances", + "listdevices": "ListDevices", + "listdevicesjobs": "ListDevicesJobs", + "listnodefromtemplatejobs": "ListNodeFromTemplateJobs", + "listnodes": "ListNodes", + "listpackageimportjobs": "ListPackageImportJobs", + "listpackages": "ListPackages", + "listtagsforresource": "ListTagsForResource", + "provisiondevice": "ProvisionDevice", + "registerpackageversion": "RegisterPackageVersion", + "removeapplicationinstance": "RemoveApplicationInstance", + "signalapplicationinstancenodeinstances": "SignalApplicationInstanceNodeInstances", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedevicemetadata": "UpdateDeviceMetadata" + }, + "resources": { + "device": { + "resource": "device", + "arn": "arn:${Partition}:panorama:${Region}:${Account}:device/${DeviceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "package": { + "resource": "package", + "arn": "arn:${Partition}:panorama:${Region}:${Account}:package/${PackageId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "applicationInstance": { + "resource": "applicationInstance", + "arn": "arn:${Partition}:panorama:${Region}:${Account}:applicationInstance/${ApplicationInstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "device": "device", + "package": "package", + "applicationinstance": "applicationInstance" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "payment-cryptography": { + "service_name": "AWS Payment Cryptography", + "prefix": "payment-cryptography", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspaymentcryptography.html", + "privileges": { + "CreateAlias": { + "privilege": "CreateAlias", + "description": "Grants permission to create a user-friendly name for a Key", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html" + }, + "CreateKey": { + "privilege": "CreateKey", + "description": "Grants permission to create a unique customer managed key in the caller's AWS account and region", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "payment-cryptography:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html" + }, + "DecryptData": { + "privilege": "DecryptData", + "description": "Grants permission to decrypt ciphertext data to plaintext using symmetric, asymmetric or DUKPT data encryption key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_DecryptData.html" + }, + "DeleteAlias": { + "privilege": "DeleteAlias", + "description": "Grants permission to delete the specified alias", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html" + }, + "DeleteKey": { + "privilege": "DeleteKey", + "description": "Grants permission to schedule the deletion of a Key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html" + }, + "EncryptData": { + "privilege": "EncryptData", + "description": "Grants permission to encrypt plaintext data to ciphertext using symmetric, asymmetric or DUKPT data encryption key", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_EncryptData.html" + }, + "ExportKey": { + "privilege": "ExportKey", + "description": "Grants permission to export a key from the service", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ExportKey.html" + }, + "GenerateCardValidationData": { + "privilege": "GenerateCardValidationData", + "description": "Grants permission to generate card-related data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) or Card Security Codes (CSC) that check the validity of a magnetic stripe card", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateCardValidationData.html" + }, + "GenerateMac": { + "privilege": "GenerateMac", + "description": "Grants permission to generate a MAC (Message Authentication Code) cryptogram", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GenerateMac.html" + }, + "GeneratePinData": { + "privilege": "GeneratePinData", + "description": "Grants permission to generate pin-related data such as PIN, PIN Verification Value (PVV), PIN Block and PIN Offset during new card issuance or card re-issuance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_GeneratePinData.html" + }, + "GetAlias": { + "privilege": "GetAlias", + "description": "Grants permission to return the keyArn associated with an aliasName", + "access_level": "Read", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html" + }, + "GetKey": { + "privilege": "GetKey", + "description": "Grants permission to return the detailed information about the specified key", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey.html" + }, + "GetParametersForExport": { + "privilege": "GetParametersForExport", + "description": "Grants permission to get the export token and the signing key certificate to initiate a TR-34 key export", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForExport.html" + }, + "GetParametersForImport": { + "privilege": "GetParametersForImport", + "description": "Grants permission to get the import token and the wrapping key certificate to initiate a TR-34 key import", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html" + }, + "GetPublicKeyCertificate": { + "privilege": "GetPublicKeyCertificate", + "description": "Grants permission to return the public key from a key of class PUBLIC_KEY", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html" + }, + "ImportKey": { + "privilege": "ImportKey", + "description": "Grants permission to imports keys and public key certificates", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "payment-cryptography:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html" + }, + "ListAliases": { + "privilege": "ListAliases", + "description": "Grants permission to return a list of aliases created for all keys in the caller's AWS account and Region", + "access_level": "List", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html" + }, + "ListKeys": { + "privilege": "ListKeys", + "description": "Grants permission to return a list of keys created in the caller's AWS account and Region", + "access_level": "List", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return a list of tags created in the caller's AWS account and Region", + "access_level": "Read", + "resource_types": { + "key": { + "resource_type": "key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html" + }, + "ReEncryptData": { + "privilege": "ReEncryptData", + "description": "Grants permission to re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption Keys", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_ReEncryptData.html" + }, + "RestoreKey": { + "privilege": "RestoreKey", + "description": "Grants permission to cancel a scheduled key deletion if at any point during the waiting period a Key needs to be revived", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_RestoreKey.html" + }, + "StartKeyUsage": { + "privilege": "StartKeyUsage", + "description": "Grants permission to enable a disabled Key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html" + }, + "StopKeyUsage": { + "privilege": "StopKeyUsage", + "description": "Grants permission to disable an enabled Key", + "access_level": "Write", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or overwrites one or more tags for the specified resource", + "access_level": "Tagging", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html" + }, + "TranslatePinData": { + "privilege": "TranslatePinData", + "description": "Grants permission to translate encrypted PIN block from and to ISO 9564 formats 0,1,3,4", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_TranslatePinData.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove the specified tag or tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UntagResource.html" + }, + "UpdateAlias": { + "privilege": "UpdateAlias", + "description": "Grants permission to change the key to which an alias is assigned, or unassign it from its current key", + "access_level": "Write", + "resource_types": { + "alias": { + "resource_type": "alias", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "key": { + "resource_type": "key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "alias": "alias", + "key": "key", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html" + }, + "VerifyAuthRequestCryptogram": { + "privilege": "VerifyAuthRequestCryptogram", + "description": "Grants permission to verify Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyAuthRequestCryptogram.html" + }, + "VerifyCardValidationData": { + "privilege": "VerifyCardValidationData", + "description": "Grants permission to verify card-related validation data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) and Card Security Codes (CSC)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyCardValidationData.html" + }, + "VerifyMac": { + "privilege": "VerifyMac", + "description": "Grants permission to verify MAC (Message Authentication Code) of input data against a provided MAC", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyMac.html" + }, + "VerifyPinData": { + "privilege": "VerifyPinData", + "description": "Grants permission to verify pin-related data such as PIN and PIN Offset using algorithms including VISA PVV and IBM3624", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_VerifyPinData.html" + } + }, + "privileges_lower_name": { + "createalias": "CreateAlias", + "createkey": "CreateKey", + "decryptdata": "DecryptData", + "deletealias": "DeleteAlias", + "deletekey": "DeleteKey", + "encryptdata": "EncryptData", + "exportkey": "ExportKey", + "generatecardvalidationdata": "GenerateCardValidationData", + "generatemac": "GenerateMac", + "generatepindata": "GeneratePinData", + "getalias": "GetAlias", + "getkey": "GetKey", + "getparametersforexport": "GetParametersForExport", + "getparametersforimport": "GetParametersForImport", + "getpublickeycertificate": "GetPublicKeyCertificate", + "importkey": "ImportKey", + "listaliases": "ListAliases", + "listkeys": "ListKeys", + "listtagsforresource": "ListTagsForResource", + "reencryptdata": "ReEncryptData", + "restorekey": "RestoreKey", + "startkeyusage": "StartKeyUsage", + "stopkeyusage": "StopKeyUsage", + "tagresource": "TagResource", + "translatepindata": "TranslatePinData", + "untagresource": "UntagResource", + "updatealias": "UpdateAlias", + "verifyauthrequestcryptogram": "VerifyAuthRequestCryptogram", + "verifycardvalidationdata": "VerifyCardValidationData", + "verifymac": "VerifyMac", + "verifypindata": "VerifyPinData" + }, + "resources": { + "key": { + "resource": "key", + "arn": "arn:${Partition}:payment-cryptography:${Region}:${Account}:key/${KeyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "payment-cryptography:ResourceAliases" + ] + }, + "alias": { + "resource": "alias", + "arn": "arn:${Partition}:payment-cryptography:${Region}:${Account}:alias/${Alias}", + "condition_keys": [ + "payment-cryptography:ResourceAliases" + ] + } + }, + "resources_lower_name": { + "key": "key", + "alias": "alias" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by both the key and value of the tag in the request for the specified operation", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags assigned to a key for the specified operation", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in the request for the specified operation", + "type": "ArrayOfString" + }, + "payment-cryptography:CertificateAuthorityPublicKeyIdentifier": { + "condition": "payment-cryptography:CertificateAuthorityPublicKeyIdentifier", + "description": "Filters access by the CertificateAuthorityPublicKeyIdentifier specified in the request or the ImportKey, and ExportKey operations", + "type": "String" + }, + "payment-cryptography:ImportKeyMaterial": { + "condition": "payment-cryptography:ImportKeyMaterial", + "description": "Filters access by the type of key material being imported [RootCertificatePublicKey, TrustedCertificatePublicKey, Tr34KeyBlock, Tr31KeyBlock] for the ImportKey operation", + "type": "String" + }, + "payment-cryptography:KeyAlgorithm": { + "condition": "payment-cryptography:KeyAlgorithm", + "description": "Filters access by KeyAlgorithm specified in the request for the CreateKey operation", + "type": "String" + }, + "payment-cryptography:KeyClass": { + "condition": "payment-cryptography:KeyClass", + "description": "Filters access by KeyClass specified in the request for the CreateKey operation", + "type": "String" + }, + "payment-cryptography:KeyUsage": { + "condition": "payment-cryptography:KeyUsage", + "description": "Filters access by KeyClass specified in the request or associated with a key for the CreateKey operation", + "type": "String" + }, + "payment-cryptography:RequestAlias": { + "condition": "payment-cryptography:RequestAlias", + "description": "Filters access by aliases in the request for the specified operation", + "type": "String" + }, + "payment-cryptography:ResourceAliases": { + "condition": "payment-cryptography:ResourceAliases", + "description": "Filters access by aliases associated with a key for the specified operation", + "type": "ArrayOfString" + }, + "payment-cryptography:WrappingKeyIdentifier": { + "condition": "payment-cryptography:WrappingKeyIdentifier", + "description": "Filters access by the WrappingKeyIdentifier specified in the request for the ImportKey, and ExportKey operations", + "type": "String" + } + } + }, + "payments": { + "service_name": "AWS Payments", + "prefix": "payments", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspayments.html", + "privileges": { + "CreatePaymentInstrument": { + "privilege": "CreatePaymentInstrument", + "description": "Grants permission to create a payment instrument", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "DeletePaymentInstrument": { + "privilege": "DeletePaymentInstrument", + "description": "Grants permission to delete a payment instrument", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetPaymentInstrument": { + "privilege": "GetPaymentInstrument", + "description": "Grants permission to get information about a payment instrument", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetPaymentStatus": { + "privilege": "GetPaymentStatus", + "description": "Grants permission to get payment status of invoices", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "ListPaymentPreferences": { + "privilege": "ListPaymentPreferences", + "description": "Grants permission to get payment preferences (preferred payment currency, preferred payment method, etc.)", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "MakePayment": { + "privilege": "MakePayment", + "description": "Grants permission to make a payment, authenticate a payment, verify a payment method, and generate a funding request document for Advance Pay", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "UpdatePaymentPreferences": { + "privilege": "UpdatePaymentPreferences", + "description": "Grants permission to update payment preferences (preferred payment currency, preferred payment method, etc.)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + } + }, + "privileges_lower_name": { + "createpaymentinstrument": "CreatePaymentInstrument", + "deletepaymentinstrument": "DeletePaymentInstrument", + "getpaymentinstrument": "GetPaymentInstrument", + "getpaymentstatus": "GetPaymentStatus", + "listpaymentpreferences": "ListPaymentPreferences", + "makepayment": "MakePayment", + "updatepaymentpreferences": "UpdatePaymentPreferences" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "pi": { + "service_name": "AWS Performance Insights", + "prefix": "pi", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsperformanceinsights.html", + "privileges": { + "DescribeDimensionKeys": { + "privilege": "DescribeDimensionKeys", + "description": "Grants permission to call DescribeDimensionKeys API to retrieve the top N dimension keys for a metric for a specific time period", + "access_level": "Read", + "resource_types": { + "metric-resource": { + "resource_type": "metric-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-resource": "metric-resource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_DescribeDimensionKeys.html" + }, + "GetDimensionKeyDetails": { + "privilege": "GetDimensionKeyDetails", + "description": "Grants permission to call GetDimensionKeyDetails API to retrieve the attributes of the specified dimension group", + "access_level": "Read", + "resource_types": { + "metric-resource": { + "resource_type": "metric-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-resource": "metric-resource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_GetDimensionKeyDetails.html" + }, + "GetResourceMetadata": { + "privilege": "GetResourceMetadata", + "description": "Grants permission to call GetResourceMetadata API to retrieve the metadata for different features", + "access_level": "Read", + "resource_types": { + "metric-resource": { + "resource_type": "metric-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-resource": "metric-resource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_GetResourceMetadata.html" + }, + "GetResourceMetrics": { + "privilege": "GetResourceMetrics", + "description": "Grants permission to call GetResourceMetrics API to retrieve PI metrics for a set of data sources, over a time period", + "access_level": "Read", + "resource_types": { + "metric-resource": { + "resource_type": "metric-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-resource": "metric-resource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_GetResourceMetrics.html" + }, + "ListAvailableResourceDimensions": { + "privilege": "ListAvailableResourceDimensions", + "description": "Grants permission to call ListAvailableResourceDimensions API to retrieve the dimensions that can be queried for each specified metric type on a specified DB instance", + "access_level": "Read", + "resource_types": { + "metric-resource": { + "resource_type": "metric-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-resource": "metric-resource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_ListAvailableResourceDimensions.html" + }, + "ListAvailableResourceMetrics": { + "privilege": "ListAvailableResourceMetrics", + "description": "Grants permission to call ListAvailableResourceMetrics API to retrieve metrics of the specified types that can be queried for a specified DB instance", + "access_level": "Read", + "resource_types": { + "metric-resource": { + "resource_type": "metric-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "metric-resource": "metric-resource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/performance-insights/latest/APIReference/API_ListAvailableResourceMetrics.html" + } + }, + "privileges_lower_name": { + "describedimensionkeys": "DescribeDimensionKeys", + "getdimensionkeydetails": "GetDimensionKeyDetails", + "getresourcemetadata": "GetResourceMetadata", + "getresourcemetrics": "GetResourceMetrics", + "listavailableresourcedimensions": "ListAvailableResourceDimensions", + "listavailableresourcemetrics": "ListAvailableResourceMetrics" + }, + "resources": { + "metric-resource": { + "resource": "metric-resource", + "arn": "arn:${Partition}:pi:${Region}:${Account}:metrics/${ServiceType}/${Identifier}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "metric-resource": "metric-resource" + }, + "conditions": {} + }, + "pricing": { + "service_name": "AWS Price List", + "prefix": "pricing", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspricelist.html", + "privileges": { + "DescribeServices": { + "privilege": "DescribeServices", + "description": "Grants permission to retrieve service details for all (paginated) services (if serviceCode is not set) or service detail for a particular service (if given serviceCode)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_DescribeServices.html" + }, + "GetAttributeValues": { + "privilege": "GetAttributeValues", + "description": "Grants permission to retrieve all (paginated) possible values for a given attribute", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_GetAttributeValues.html" + }, + "GetPriceListFileUrl": { + "privilege": "GetPriceListFileUrl", + "description": "Grants permission to retrieve the price list file URL for the given parameters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_GetPriceListFileUrl.html" + }, + "GetProducts": { + "privilege": "GetProducts", + "description": "Grants permission to retrieve all matching products with given search criteria", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_GetProducts.html" + }, + "ListPriceLists": { + "privilege": "ListPriceLists", + "description": "Grants permission to list all (paginated) eligible price lists for the given parameters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_pricing_ListPriceLists.html" + } + }, + "privileges_lower_name": { + "describeservices": "DescribeServices", + "getattributevalues": "GetAttributeValues", + "getpricelistfileurl": "GetPriceListFileUrl", + "getproducts": "GetProducts", + "listpricelists": "ListPriceLists" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "proton": { + "service_name": "AWS Proton", + "prefix": "proton", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsproton.html", + "privileges": { + "AcceptEnvironmentAccountConnection": { + "privilege": "AcceptEnvironmentAccountConnection", + "description": "Grants permission to reject an environment account connection request from another environment account", + "access_level": "Write", + "resource_types": { + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-account-connection": "environment-account-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_AcceptEnvironmentAccountConnection.html" + }, + "CancelComponentDeployment": { + "privilege": "CancelComponentDeployment", + "description": "Grants permission to cancel component deployment", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelComponentDeployment.html" + }, + "CancelEnvironmentDeployment": { + "privilege": "CancelEnvironmentDeployment", + "description": "Grants permission to cancel an environment deployment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:EnvironmentTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelEnvironmentDeployment.html" + }, + "CancelServiceInstanceDeployment": { + "privilege": "CancelServiceInstanceDeployment", + "description": "Grants permission to cancel a service instance deployment", + "access_level": "Write", + "resource_types": { + "service-instance": { + "resource_type": "service-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-instance": "service-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelServiceInstanceDeployment.html" + }, + "CancelServicePipelineDeployment": { + "privilege": "CancelServicePipelineDeployment", + "description": "Grants permission to cancel a service pipeline deployment", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CancelServicePipelineDeployment.html" + }, + "CreateComponent": { + "privilege": "CreateComponent", + "description": "Grants permission to create component", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateComponent.html" + }, + "CreateEnvironment": { + "privilege": "CreateEnvironment", + "description": "Grants permission to create an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "proton:EnvironmentTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironment.html" + }, + "CreateEnvironmentAccountConnection": { + "privilege": "CreateEnvironmentAccountConnection", + "description": "Grants permission to create an environment account connection", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentAccountConnection.html" + }, + "CreateEnvironmentTemplate": { + "privilege": "CreateEnvironmentTemplate", + "description": "Grants permission to create an environment template", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplate.html" + }, + "CreateEnvironmentTemplateMajorVersion": { + "privilege": "CreateEnvironmentTemplateMajorVersion", + "description": "Grants permission to create an environment template major version. DEPRECATED - use CreateEnvironmentTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplateMajorVersion.html" + }, + "CreateEnvironmentTemplateMinorVersion": { + "privilege": "CreateEnvironmentTemplateMinorVersion", + "description": "Grants permission to create an environment template minor version. DEPRECATED - use CreateEnvironmentTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplateMinorVersion.html" + }, + "CreateEnvironmentTemplateVersion": { + "privilege": "CreateEnvironmentTemplateVersion", + "description": "Grants permission to create an environment template version", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateEnvironmentTemplateVersion.html" + }, + "CreateRepository": { + "privilege": "CreateRepository", + "description": "Grants permission to create a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateRepository.html" + }, + "CreateService": { + "privilege": "CreateService", + "description": "Grants permission to create a service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "codestar-connections:PassConnection" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateService.html" + }, + "CreateServiceInstance": { + "privilege": "CreateServiceInstance", + "description": "Grants permission to create a service instance", + "access_level": "Write", + "resource_types": { + "service-instance": { + "resource_type": "service-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-instance": "service-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceInstance.html" + }, + "CreateServiceSyncConfig": { + "privilege": "CreateServiceSyncConfig", + "description": "Grants permission to create a service sync config", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceSyncConfig.html" + }, + "CreateServiceTemplate": { + "privilege": "CreateServiceTemplate", + "description": "Grants permission to create a service template", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplate.html" + }, + "CreateServiceTemplateMajorVersion": { + "privilege": "CreateServiceTemplateMajorVersion", + "description": "Grants permission to create a service template major version. DEPRECATED - use CreateServiceTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplateMajorVersion.html" + }, + "CreateServiceTemplateMinorVersion": { + "privilege": "CreateServiceTemplateMinorVersion", + "description": "Grants permission to create a service template minor version. DEPRECATED - use CreateServiceTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplateMinorVersion.html" + }, + "CreateServiceTemplateVersion": { + "privilege": "CreateServiceTemplateVersion", + "description": "Grants permission to create a service template version", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateServiceTemplateVersion.html" + }, + "CreateTemplateSyncConfig": { + "privilege": "CreateTemplateSyncConfig", + "description": "Grants permission to create a template sync config", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_CreateTemplateSyncConfig.html" + }, + "DeleteAccountRoles": { + "privilege": "DeleteAccountRoles", + "description": "Grants permission to delete account roles. DEPRECATED - use UpdateAccountSettings instead", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteAccountRoles.html" + }, + "DeleteComponent": { + "privilege": "DeleteComponent", + "description": "Grants permission to delete component", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteComponent.html" + }, + "DeleteDeployment": { + "privilege": "DeleteDeployment", + "description": "Grants permission to delete a deployment", + "access_level": "Write", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteDeployment.html" + }, + "DeleteEnvironment": { + "privilege": "DeleteEnvironment", + "description": "Grants permission to delete an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:EnvironmentTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironment.html" + }, + "DeleteEnvironmentAccountConnection": { + "privilege": "DeleteEnvironmentAccountConnection", + "description": "Grants permission to delete an environment account connection", + "access_level": "Write", + "resource_types": { + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-account-connection": "environment-account-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentAccountConnection.html" + }, + "DeleteEnvironmentTemplate": { + "privilege": "DeleteEnvironmentTemplate", + "description": "Grants permission to delete an environment template", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplate.html" + }, + "DeleteEnvironmentTemplateMajorVersion": { + "privilege": "DeleteEnvironmentTemplateMajorVersion", + "description": "Grants permission to delete an environment template major version. DEPRECATED - use DeleteEnvironmentTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplateMajorVersion.html" + }, + "DeleteEnvironmentTemplateMinorVersion": { + "privilege": "DeleteEnvironmentTemplateMinorVersion", + "description": "Grants permission to delete an environment template minor version. DEPRECATED - use DeleteEnvironmentTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplateMinorVersion.html" + }, + "DeleteEnvironmentTemplateVersion": { + "privilege": "DeleteEnvironmentTemplateVersion", + "description": "Grants permission to delete an environment template version", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteEnvironmentTemplateVersion.html" + }, + "DeleteRepository": { + "privilege": "DeleteRepository", + "description": "Grants permission to delete a repository", + "access_level": "Write", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteRepository.html" + }, + "DeleteService": { + "privilege": "DeleteService", + "description": "Grants permission to delete a service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteService.html" + }, + "DeleteServiceSyncConfig": { + "privilege": "DeleteServiceSyncConfig", + "description": "Grants permission to delete a service sync config", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceSyncConfig.html" + }, + "DeleteServiceTemplate": { + "privilege": "DeleteServiceTemplate", + "description": "Grants permission to delete a service template", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplate.html" + }, + "DeleteServiceTemplateMajorVersion": { + "privilege": "DeleteServiceTemplateMajorVersion", + "description": "Grants permission to delete a service template major version. DEPRECATED - use DeleteServiceTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplateMajorVersion.html" + }, + "DeleteServiceTemplateMinorVersion": { + "privilege": "DeleteServiceTemplateMinorVersion", + "description": "Grants permission to delete a service template minor version. DEPRECATED - use DeleteServiceTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplateMinorVersion.html" + }, + "DeleteServiceTemplateVersion": { + "privilege": "DeleteServiceTemplateVersion", + "description": "Grants permission to delete a service template version", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteServiceTemplateVersion.html" + }, + "DeleteTemplateSyncConfig": { + "privilege": "DeleteTemplateSyncConfig", + "description": "Grants permission to delete a TemplateSyncConfig", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_DeleteTemplateSyncConfig.html" + }, + "GetAccountRoles": { + "privilege": "GetAccountRoles", + "description": "Grants permission to get account roles. DEPRECATED - use GetAccountSettings instead", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetAccountRoles.html" + }, + "GetAccountSettings": { + "privilege": "GetAccountSettings", + "description": "Grants permission to describe the account settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetAccountSettings.html" + }, + "GetComponent": { + "privilege": "GetComponent", + "description": "Grants permission to describe a component", + "access_level": "Read", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetComponent.html" + }, + "GetDeployment": { + "privilege": "GetDeployment", + "description": "Grants permission to describe a deployment", + "access_level": "Read", + "resource_types": { + "deployment": { + "resource_type": "deployment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetDeployment.html" + }, + "GetEnvironment": { + "privilege": "GetEnvironment", + "description": "Grants permission to describe an environment", + "access_level": "Read", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironment.html" + }, + "GetEnvironmentAccountConnection": { + "privilege": "GetEnvironmentAccountConnection", + "description": "Grants permission to describe an environment account connection", + "access_level": "Read", + "resource_types": { + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-account-connection": "environment-account-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentAccountConnection.html" + }, + "GetEnvironmentTemplate": { + "privilege": "GetEnvironmentTemplate", + "description": "Grants permission to describe an environment template", + "access_level": "Read", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplate.html" + }, + "GetEnvironmentTemplateMajorVersion": { + "privilege": "GetEnvironmentTemplateMajorVersion", + "description": "Grants permission to get an environment template major version. DEPRECATED - use GetEnvironmentTemplateVersion instead", + "access_level": "Read", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplateMajorVersion.html" + }, + "GetEnvironmentTemplateMinorVersion": { + "privilege": "GetEnvironmentTemplateMinorVersion", + "description": "Grants permission to get an environment template minor version. DEPRECATED - use GetEnvironmentTemplateVersion instead", + "access_level": "Read", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplateMinorVersion.html" + }, + "GetEnvironmentTemplateVersion": { + "privilege": "GetEnvironmentTemplateVersion", + "description": "Grants permission to describe an environment template version", + "access_level": "Read", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetEnvironmentTemplateVersion.html" + }, + "GetRepository": { + "privilege": "GetRepository", + "description": "Grants permission to describe a repository", + "access_level": "Read", + "resource_types": { + "repository": { + "resource_type": "repository", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "repository": "repository" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetRepository.html" + }, + "GetRepositorySyncStatus": { + "privilege": "GetRepositorySyncStatus", + "description": "Grants permission to get the latest sync status for a repository", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetRepositorySyncStatus.html" + }, + "GetResourceTemplateVersionStatusCounts": { + "privilege": "GetResourceTemplateVersionStatusCounts", + "description": "Grants permission to list resource template version status counts", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetResourceTemplateVersionStatusCounts.html" + }, + "GetResourcesSummary": { + "privilege": "GetResourcesSummary", + "description": "Grants permission to get resources summary", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetResourcesSummary.html" + }, + "GetService": { + "privilege": "GetService", + "description": "Grants permission to describe a service", + "access_level": "Read", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetService.html" + }, + "GetServiceInstance": { + "privilege": "GetServiceInstance", + "description": "Grants permission to describe a service instance", + "access_level": "Read", + "resource_types": { + "service-instance": { + "resource_type": "service-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-instance": "service-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceInstance.html" + }, + "GetServiceInstanceSyncStatus": { + "privilege": "GetServiceInstanceSyncStatus", + "description": "Grants permission to describe the sync status of a service instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceInstanceSyncStatus.html" + }, + "GetServiceSyncBlockerSummary": { + "privilege": "GetServiceSyncBlockerSummary", + "description": "Grants permission to describe service sync blockers on a service or service instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceSyncBlockerSummary.html" + }, + "GetServiceSyncConfig": { + "privilege": "GetServiceSyncConfig", + "description": "Grants permission to describe a service sync config", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceSyncConfig.html" + }, + "GetServiceTemplate": { + "privilege": "GetServiceTemplate", + "description": "Grants permission to describe a service template", + "access_level": "Read", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplate.html" + }, + "GetServiceTemplateMajorVersion": { + "privilege": "GetServiceTemplateMajorVersion", + "description": "Grants permission to get a service template major version. DEPRECATED - use GetServiceTemplateVersion instead", + "access_level": "Read", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplateMajorVersion.html" + }, + "GetServiceTemplateMinorVersion": { + "privilege": "GetServiceTemplateMinorVersion", + "description": "Grants permission to get a service template minor version. DEPRECATED - use GetServiceTemplateVersion instead", + "access_level": "Read", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplateMinorVersion.html" + }, + "GetServiceTemplateVersion": { + "privilege": "GetServiceTemplateVersion", + "description": "Grants permission to describe a service template version", + "access_level": "Read", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetServiceTemplateVersion.html" + }, + "GetTemplateSyncConfig": { + "privilege": "GetTemplateSyncConfig", + "description": "Grants permission to describe a TemplateSyncConfig", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetTemplateSyncConfig.html" + }, + "GetTemplateSyncStatus": { + "privilege": "GetTemplateSyncStatus", + "description": "Grants permission to describe the sync status of a template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_GetTemplateSyncStatus.html" + }, + "ListComponentOutputs": { + "privilege": "ListComponentOutputs", + "description": "Grants permission to list component outputs", + "access_level": "List", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListComponentOutputs.html" + }, + "ListComponentProvisionedResources": { + "privilege": "ListComponentProvisionedResources", + "description": "Grants permission to list component provisioned resources", + "access_level": "List", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListComponentProvisionedResources.html" + }, + "ListComponents": { + "privilege": "ListComponents", + "description": "Grants permission to list components", + "access_level": "List", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-instance": { + "resource_type": "service-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "service": "service", + "service-instance": "service-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListComponents.html" + }, + "ListDeployments": { + "privilege": "ListDeployments", + "description": "Grants permission to list deployments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListDeployments.html" + }, + "ListEnvironmentAccountConnections": { + "privilege": "ListEnvironmentAccountConnections", + "description": "Grants permission to list environment account connections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentAccountConnections.html" + }, + "ListEnvironmentOutputs": { + "privilege": "ListEnvironmentOutputs", + "description": "Grants permission to list environment outputs", + "access_level": "List", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentOutputs.html" + }, + "ListEnvironmentProvisionedResources": { + "privilege": "ListEnvironmentProvisionedResources", + "description": "Grants permission to list environment provisioned resources", + "access_level": "List", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentProvisionedResources.html" + }, + "ListEnvironmentTemplateMajorVersions": { + "privilege": "ListEnvironmentTemplateMajorVersions", + "description": "Grants permission to list environment template major versions. DEPRECATED - use ListEnvironmentTemplateVersions instead", + "access_level": "List", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplateMajorVersions.html" + }, + "ListEnvironmentTemplateMinorVersions": { + "privilege": "ListEnvironmentTemplateMinorVersions", + "description": "Grants permission to list an environment template minor versions. DEPRECATED - use ListEnvironmentTemplateVersions instead", + "access_level": "List", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplateMinorVersions.html" + }, + "ListEnvironmentTemplateVersions": { + "privilege": "ListEnvironmentTemplateVersions", + "description": "Grants permission to list environment template versions", + "access_level": "List", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplateVersions.html" + }, + "ListEnvironmentTemplates": { + "privilege": "ListEnvironmentTemplates", + "description": "Grants permission to list environment templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironmentTemplates.html" + }, + "ListEnvironments": { + "privilege": "ListEnvironments", + "description": "Grants permission to list environments", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListEnvironments.html" + }, + "ListRepositories": { + "privilege": "ListRepositories", + "description": "Grants permission to list repositories", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListRepositories.html" + }, + "ListRepositorySyncDefinitions": { + "privilege": "ListRepositorySyncDefinitions", + "description": "Grants permission to list repository sync definitions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListRepositorySyncDefinitions.html" + }, + "ListServiceInstanceOutputs": { + "privilege": "ListServiceInstanceOutputs", + "description": "Grants permission to list service instance outputs", + "access_level": "List", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "service-instance": { + "resource_type": "service-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "service-instance": "service-instance", + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceInstanceOutputs.html" + }, + "ListServiceInstanceProvisionedResources": { + "privilege": "ListServiceInstanceProvisionedResources", + "description": "Grants permission to list service instance provisioned resources", + "access_level": "List", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "service-instance": { + "resource_type": "service-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "service-instance": "service-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceInstanceProvisionedResources.html" + }, + "ListServiceInstances": { + "privilege": "ListServiceInstances", + "description": "Grants permission to list service instances", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceInstances.html" + }, + "ListServicePipelineOutputs": { + "privilege": "ListServicePipelineOutputs", + "description": "Grants permission to list service pipeline outputs", + "access_level": "List", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "deployment": { + "resource_type": "deployment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "deployment": "deployment" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServicePipelineOutputs.html" + }, + "ListServicePipelineProvisionedResources": { + "privilege": "ListServicePipelineProvisionedResources", + "description": "Grants permission to list service pipeline provisioned resources", + "access_level": "List", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServicePipelineProvisionedResources.html" + }, + "ListServiceTemplateMajorVersions": { + "privilege": "ListServiceTemplateMajorVersions", + "description": "Grants permission to list service template major versions. DEPRECATED - use ListServiceTemplateVersions instead", + "access_level": "List", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplateMajorVersions.html" + }, + "ListServiceTemplateMinorVersions": { + "privilege": "ListServiceTemplateMinorVersions", + "description": "Grants permission to list service template minor versions. DEPRECATED - use ListServiceTemplateVersions instead", + "access_level": "List", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplateMinorVersions.html" + }, + "ListServiceTemplateVersions": { + "privilege": "ListServiceTemplateVersions", + "description": "Grants permission to list service template versions", + "access_level": "List", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplateVersions.html" + }, + "ListServiceTemplates": { + "privilege": "ListServiceTemplates", + "description": "Grants permission to list service templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServiceTemplates.html" + }, + "ListServices": { + "privilege": "ListServices", + "description": "Grants permission to list services", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListServices.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags of a resource", + "access_level": "Read", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template": { + "resource_type": "environment-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-major-version": { + "resource_type": "environment-template-major-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-minor-version": { + "resource_type": "environment-template-minor-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-version": { + "resource_type": "environment-template-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-instance": { + "resource_type": "service-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template": { + "resource_type": "service-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-major-version": { + "resource_type": "service-template-major-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-minor-version": { + "resource_type": "service-template-minor-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-version": { + "resource_type": "service-template-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "environment": "environment", + "environment-account-connection": "environment-account-connection", + "environment-template": "environment-template", + "environment-template-major-version": "environment-template-major-version", + "environment-template-minor-version": "environment-template-minor-version", + "environment-template-version": "environment-template-version", + "repository": "repository", + "service": "service", + "service-instance": "service-instance", + "service-template": "service-template", + "service-template-major-version": "service-template-major-version", + "service-template-minor-version": "service-template-minor-version", + "service-template-version": "service-template-version" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_ListTagsForResource.html" + }, + "NotifyResourceDeploymentStatusChange": { + "privilege": "NotifyResourceDeploymentStatusChange", + "description": "Grants permission to notify Proton of resource deployment status changes", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-instance": { + "resource_type": "service-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "service-instance": "service-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_NotifyResourceDeploymentStatusChange.html" + }, + "RejectEnvironmentAccountConnection": { + "privilege": "RejectEnvironmentAccountConnection", + "description": "Grants permission to reject an environment account connection request from another environment account", + "access_level": "Write", + "resource_types": { + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-account-connection": "environment-account-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_RejectEnvironmentAccountConnection.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a resource", + "access_level": "Tagging", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template": { + "resource_type": "environment-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-major-version": { + "resource_type": "environment-template-major-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-minor-version": { + "resource_type": "environment-template-minor-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-version": { + "resource_type": "environment-template-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-instance": { + "resource_type": "service-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template": { + "resource_type": "service-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-major-version": { + "resource_type": "service-template-major-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-minor-version": { + "resource_type": "service-template-minor-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-version": { + "resource_type": "service-template-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "environment": "environment", + "environment-account-connection": "environment-account-connection", + "environment-template": "environment-template", + "environment-template-major-version": "environment-template-major-version", + "environment-template-minor-version": "environment-template-minor-version", + "environment-template-version": "environment-template-version", + "repository": "repository", + "service": "service", + "service-instance": "service-instance", + "service-template": "service-template", + "service-template-major-version": "service-template-major-version", + "service-template-minor-version": "service-template-minor-version", + "service-template-version": "service-template-version", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment": { + "resource_type": "environment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template": { + "resource_type": "environment-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-major-version": { + "resource_type": "environment-template-major-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-minor-version": { + "resource_type": "environment-template-minor-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "environment-template-version": { + "resource_type": "environment-template-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "repository": { + "resource_type": "repository", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service": { + "resource_type": "service", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-instance": { + "resource_type": "service-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template": { + "resource_type": "service-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-major-version": { + "resource_type": "service-template-major-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-minor-version": { + "resource_type": "service-template-minor-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "service-template-version": { + "resource_type": "service-template-version", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component", + "environment": "environment", + "environment-account-connection": "environment-account-connection", + "environment-template": "environment-template", + "environment-template-major-version": "environment-template-major-version", + "environment-template-minor-version": "environment-template-minor-version", + "environment-template-version": "environment-template-version", + "repository": "repository", + "service": "service", + "service-instance": "service-instance", + "service-template": "service-template", + "service-template-major-version": "service-template-major-version", + "service-template-minor-version": "service-template-minor-version", + "service-template-version": "service-template-version", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UntagResource.html" + }, + "UpdateAccountRoles": { + "privilege": "UpdateAccountRoles", + "description": "Grants permission to update account roles. DEPRECATED - use UpdateAccountSettings instead", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateAccountRoles.html" + }, + "UpdateAccountSettings": { + "privilege": "UpdateAccountSettings", + "description": "Grants permission to update the account settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateAccountSettings.html" + }, + "UpdateComponent": { + "privilege": "UpdateComponent", + "description": "Grants permission to update component", + "access_level": "Write", + "resource_types": { + "component": { + "resource_type": "component", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateComponent.html" + }, + "UpdateEnvironment": { + "privilege": "UpdateEnvironment", + "description": "Grants permission to update an environment", + "access_level": "Write", + "resource_types": { + "environment": { + "resource_type": "environment", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:EnvironmentTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment": "environment", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironment.html" + }, + "UpdateEnvironmentAccountConnection": { + "privilege": "UpdateEnvironmentAccountConnection", + "description": "Grants permission to update an environment account connection", + "access_level": "Write", + "resource_types": { + "environment-account-connection": { + "resource_type": "environment-account-connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-account-connection": "environment-account-connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentAccountConnection.html" + }, + "UpdateEnvironmentTemplate": { + "privilege": "UpdateEnvironmentTemplate", + "description": "Grants permission to update an environment template", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplate.html" + }, + "UpdateEnvironmentTemplateMajorVersion": { + "privilege": "UpdateEnvironmentTemplateMajorVersion", + "description": "Grants permission to update an environment template major version. DEPRECATED - use UpdateEnvironmentTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplateMajorVersion.html" + }, + "UpdateEnvironmentTemplateMinorVersion": { + "privilege": "UpdateEnvironmentTemplateMinorVersion", + "description": "Grants permission to update an environment template minor version. DEPRECATED - use UpdateEnvironmentTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplateMinorVersion.html" + }, + "UpdateEnvironmentTemplateVersion": { + "privilege": "UpdateEnvironmentTemplateVersion", + "description": "Grants permission to update an environment template version", + "access_level": "Write", + "resource_types": { + "environment-template": { + "resource_type": "environment-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "environment-template": "environment-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateEnvironmentTemplateVersion.html" + }, + "UpdateService": { + "privilege": "UpdateService", + "description": "Grants permission to update a service", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateService.html" + }, + "UpdateServiceInstance": { + "privilege": "UpdateServiceInstance", + "description": "Grants permission to update a service instance", + "access_level": "Write", + "resource_types": { + "service-instance": { + "resource_type": "service-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-instance": "service-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceInstance.html" + }, + "UpdateServicePipeline": { + "privilege": "UpdateServicePipeline", + "description": "Grants permission to update a service pipeline", + "access_level": "Write", + "resource_types": { + "service": { + "resource_type": "service", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "proton:ServiceTemplate" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service": "service", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServicePipeline.html" + }, + "UpdateServiceSyncBlocker": { + "privilege": "UpdateServiceSyncBlocker", + "description": "Grants permission to update a service sync blocker", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceSyncBlocker.html" + }, + "UpdateServiceSyncConfig": { + "privilege": "UpdateServiceSyncConfig", + "description": "Grants permission to update a service sync config", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceSyncConfig.html" + }, + "UpdateServiceTemplate": { + "privilege": "UpdateServiceTemplate", + "description": "Grants permission to update a service template", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplate.html" + }, + "UpdateServiceTemplateMajorVersion": { + "privilege": "UpdateServiceTemplateMajorVersion", + "description": "Grants permission to update a service template major version. DEPRECATED - use UpdateServiceTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplateMajorVersion.html" + }, + "UpdateServiceTemplateMinorVersion": { + "privilege": "UpdateServiceTemplateMinorVersion", + "description": "Grants permission to create a service template minor version. DEPRECATED - use UpdateServiceTemplateVersion instead", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplateMinorVersion.html" + }, + "UpdateServiceTemplateVersion": { + "privilege": "UpdateServiceTemplateVersion", + "description": "Grants permission to update a service template version", + "access_level": "Write", + "resource_types": { + "service-template": { + "resource_type": "service-template", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "service-template": "service-template" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateServiceTemplateVersion.html" + }, + "UpdateTemplateSyncConfig": { + "privilege": "UpdateTemplateSyncConfig", + "description": "Grants permission to update a TemplateSyncConfig", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/proton/latest/APIReference/API_UpdateTemplateSyncConfig.html" + } + }, + "privileges_lower_name": { + "acceptenvironmentaccountconnection": "AcceptEnvironmentAccountConnection", + "cancelcomponentdeployment": "CancelComponentDeployment", + "cancelenvironmentdeployment": "CancelEnvironmentDeployment", + "cancelserviceinstancedeployment": "CancelServiceInstanceDeployment", + "cancelservicepipelinedeployment": "CancelServicePipelineDeployment", + "createcomponent": "CreateComponent", + "createenvironment": "CreateEnvironment", + "createenvironmentaccountconnection": "CreateEnvironmentAccountConnection", + "createenvironmenttemplate": "CreateEnvironmentTemplate", + "createenvironmenttemplatemajorversion": "CreateEnvironmentTemplateMajorVersion", + "createenvironmenttemplateminorversion": "CreateEnvironmentTemplateMinorVersion", + "createenvironmenttemplateversion": "CreateEnvironmentTemplateVersion", + "createrepository": "CreateRepository", + "createservice": "CreateService", + "createserviceinstance": "CreateServiceInstance", + "createservicesyncconfig": "CreateServiceSyncConfig", + "createservicetemplate": "CreateServiceTemplate", + "createservicetemplatemajorversion": "CreateServiceTemplateMajorVersion", + "createservicetemplateminorversion": "CreateServiceTemplateMinorVersion", + "createservicetemplateversion": "CreateServiceTemplateVersion", + "createtemplatesyncconfig": "CreateTemplateSyncConfig", + "deleteaccountroles": "DeleteAccountRoles", + "deletecomponent": "DeleteComponent", + "deletedeployment": "DeleteDeployment", + "deleteenvironment": "DeleteEnvironment", + "deleteenvironmentaccountconnection": "DeleteEnvironmentAccountConnection", + "deleteenvironmenttemplate": "DeleteEnvironmentTemplate", + "deleteenvironmenttemplatemajorversion": "DeleteEnvironmentTemplateMajorVersion", + "deleteenvironmenttemplateminorversion": "DeleteEnvironmentTemplateMinorVersion", + "deleteenvironmenttemplateversion": "DeleteEnvironmentTemplateVersion", + "deleterepository": "DeleteRepository", + "deleteservice": "DeleteService", + "deleteservicesyncconfig": "DeleteServiceSyncConfig", + "deleteservicetemplate": "DeleteServiceTemplate", + "deleteservicetemplatemajorversion": "DeleteServiceTemplateMajorVersion", + "deleteservicetemplateminorversion": "DeleteServiceTemplateMinorVersion", + "deleteservicetemplateversion": "DeleteServiceTemplateVersion", + "deletetemplatesyncconfig": "DeleteTemplateSyncConfig", + "getaccountroles": "GetAccountRoles", + "getaccountsettings": "GetAccountSettings", + "getcomponent": "GetComponent", + "getdeployment": "GetDeployment", + "getenvironment": "GetEnvironment", + "getenvironmentaccountconnection": "GetEnvironmentAccountConnection", + "getenvironmenttemplate": "GetEnvironmentTemplate", + "getenvironmenttemplatemajorversion": "GetEnvironmentTemplateMajorVersion", + "getenvironmenttemplateminorversion": "GetEnvironmentTemplateMinorVersion", + "getenvironmenttemplateversion": "GetEnvironmentTemplateVersion", + "getrepository": "GetRepository", + "getrepositorysyncstatus": "GetRepositorySyncStatus", + "getresourcetemplateversionstatuscounts": "GetResourceTemplateVersionStatusCounts", + "getresourcessummary": "GetResourcesSummary", + "getservice": "GetService", + "getserviceinstance": "GetServiceInstance", + "getserviceinstancesyncstatus": "GetServiceInstanceSyncStatus", + "getservicesyncblockersummary": "GetServiceSyncBlockerSummary", + "getservicesyncconfig": "GetServiceSyncConfig", + "getservicetemplate": "GetServiceTemplate", + "getservicetemplatemajorversion": "GetServiceTemplateMajorVersion", + "getservicetemplateminorversion": "GetServiceTemplateMinorVersion", + "getservicetemplateversion": "GetServiceTemplateVersion", + "gettemplatesyncconfig": "GetTemplateSyncConfig", + "gettemplatesyncstatus": "GetTemplateSyncStatus", + "listcomponentoutputs": "ListComponentOutputs", + "listcomponentprovisionedresources": "ListComponentProvisionedResources", + "listcomponents": "ListComponents", + "listdeployments": "ListDeployments", + "listenvironmentaccountconnections": "ListEnvironmentAccountConnections", + "listenvironmentoutputs": "ListEnvironmentOutputs", + "listenvironmentprovisionedresources": "ListEnvironmentProvisionedResources", + "listenvironmenttemplatemajorversions": "ListEnvironmentTemplateMajorVersions", + "listenvironmenttemplateminorversions": "ListEnvironmentTemplateMinorVersions", + "listenvironmenttemplateversions": "ListEnvironmentTemplateVersions", + "listenvironmenttemplates": "ListEnvironmentTemplates", + "listenvironments": "ListEnvironments", + "listrepositories": "ListRepositories", + "listrepositorysyncdefinitions": "ListRepositorySyncDefinitions", + "listserviceinstanceoutputs": "ListServiceInstanceOutputs", + "listserviceinstanceprovisionedresources": "ListServiceInstanceProvisionedResources", + "listserviceinstances": "ListServiceInstances", + "listservicepipelineoutputs": "ListServicePipelineOutputs", + "listservicepipelineprovisionedresources": "ListServicePipelineProvisionedResources", + "listservicetemplatemajorversions": "ListServiceTemplateMajorVersions", + "listservicetemplateminorversions": "ListServiceTemplateMinorVersions", + "listservicetemplateversions": "ListServiceTemplateVersions", + "listservicetemplates": "ListServiceTemplates", + "listservices": "ListServices", + "listtagsforresource": "ListTagsForResource", + "notifyresourcedeploymentstatuschange": "NotifyResourceDeploymentStatusChange", + "rejectenvironmentaccountconnection": "RejectEnvironmentAccountConnection", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccountroles": "UpdateAccountRoles", + "updateaccountsettings": "UpdateAccountSettings", + "updatecomponent": "UpdateComponent", + "updateenvironment": "UpdateEnvironment", + "updateenvironmentaccountconnection": "UpdateEnvironmentAccountConnection", + "updateenvironmenttemplate": "UpdateEnvironmentTemplate", + "updateenvironmenttemplatemajorversion": "UpdateEnvironmentTemplateMajorVersion", + "updateenvironmenttemplateminorversion": "UpdateEnvironmentTemplateMinorVersion", + "updateenvironmenttemplateversion": "UpdateEnvironmentTemplateVersion", + "updateservice": "UpdateService", + "updateserviceinstance": "UpdateServiceInstance", + "updateservicepipeline": "UpdateServicePipeline", + "updateservicesyncblocker": "UpdateServiceSyncBlocker", + "updateservicesyncconfig": "UpdateServiceSyncConfig", + "updateservicetemplate": "UpdateServiceTemplate", + "updateservicetemplatemajorversion": "UpdateServiceTemplateMajorVersion", + "updateservicetemplateminorversion": "UpdateServiceTemplateMinorVersion", + "updateservicetemplateversion": "UpdateServiceTemplateVersion", + "updatetemplatesyncconfig": "UpdateTemplateSyncConfig" + }, + "resources": { + "environment-template": { + "resource": "environment-template", + "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "environment-template-version": { + "resource": "environment-template-version", + "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}:${MajorVersion}.${MinorVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "environment-template-major-version": { + "resource": "environment-template-major-version", + "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}:${MajorVersionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "environment-template-minor-version": { + "resource": "environment-template-minor-version", + "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-template/${TemplateName}:${MajorVersionId}.${MinorVersionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "service-template": { + "resource": "service-template", + "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "service-template-version": { + "resource": "service-template-version", + "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}:${MajorVersion}.${MinorVersion}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "service-template-major-version": { + "resource": "service-template-major-version", + "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}:${MajorVersionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "service-template-minor-version": { + "resource": "service-template-minor-version", + "arn": "arn:${Partition}:proton:${Region}:${Account}:service-template/${TemplateName}:${MajorVersionId}.${MinorVersionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "environment": { + "resource": "environment", + "arn": "arn:${Partition}:proton:${Region}:${Account}:environment/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "service": { + "resource": "service", + "arn": "arn:${Partition}:proton:${Region}:${Account}:service/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "service-instance": { + "resource": "service-instance", + "arn": "arn:${Partition}:proton:${Region}:${Account}:service/${ServiceName}/service-instance/${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "environment-account-connection": { + "resource": "environment-account-connection", + "arn": "arn:${Partition}:proton:${Region}:${Account}:environment-account-connection/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "repository": { + "resource": "repository", + "arn": "arn:${Partition}:proton:${Region}:${Account}:repository/${Provider}:${Name}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "component": { + "resource": "component", + "arn": "arn:${Partition}:proton:${Region}:${Account}:component/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deployment": { + "resource": "deployment", + "arn": "arn:${Partition}:proton:${Region}:${Account}:deployment/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "environment-template": "environment-template", + "environment-template-version": "environment-template-version", + "environment-template-major-version": "environment-template-major-version", + "environment-template-minor-version": "environment-template-minor-version", + "service-template": "service-template", + "service-template-version": "service-template-version", + "service-template-major-version": "service-template-major-version", + "service-template-minor-version": "service-template-minor-version", + "environment": "environment", + "service": "service", + "service-instance": "service-instance", + "environment-account-connection": "environment-account-connection", + "repository": "repository", + "component": "component", + "deployment": "deployment" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys in the request", + "type": "ArrayOfString" + }, + "proton:EnvironmentTemplate": { + "condition": "proton:EnvironmentTemplate", + "description": "Filters access by specified environment template related to resource", + "type": "String" + }, + "proton:ServiceTemplate": { + "condition": "proton:ServiceTemplate", + "description": "Filters access by specified service template related to resource", + "type": "String" + } + } + }, + "purchase-orders": { + "service_name": "AWS Purchase Orders Console", + "prefix": "purchase-orders", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspurchaseordersconsole.html", + "privileges": { + "AddPurchaseOrder": { + "privilege": "AddPurchaseOrder", + "description": "Grants permission to add a new purchase order", + "access_level": "Write", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "DeletePurchaseOrder": { + "privilege": "DeletePurchaseOrder", + "description": "Grants permission to delete a purchase order", + "access_level": "Write", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetConsoleActionSetEnforced": { + "privilege": "GetConsoleActionSetEnforced", + "description": "Grants permission to view whether existing or fine-grained IAM actions are being used to control authorization to Billing, Cost Management, and Account consoles", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "GetPurchaseOrder": { + "privilege": "GetPurchaseOrder", + "description": "Grants permission to get a purchase order", + "access_level": "Read", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ListPurchaseOrderInvoices": { + "privilege": "ListPurchaseOrderInvoices", + "description": "Grants permission to list purchase order invoices", + "access_level": "List", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ListPurchaseOrders": { + "privilege": "ListPurchaseOrders", + "description": "Grants permission to list all purchase orders for an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a purchase order", + "access_level": "Read", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ModifyPurchaseOrders": { + "privilege": "ModifyPurchaseOrders", + "description": "Grants permission to modify purchase orders and details", + "access_level": "Write", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag purchase orders with given key value pairs", + "access_level": "Tagging", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a purchase order", + "access_level": "Tagging", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdateConsoleActionSetEnforced": { + "privilege": "UpdateConsoleActionSetEnforced", + "description": "Grants permission to change whether existing or fine-grained IAM actions will be used to control authorization to Billing, Cost Management, and Account consoles", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdatePurchaseOrder": { + "privilege": "UpdatePurchaseOrder", + "description": "Grants permission to update an existing purchase order", + "access_level": "Write", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "UpdatePurchaseOrderStatus": { + "privilege": "UpdatePurchaseOrderStatus", + "description": "Grants permission to set purchase order status", + "access_level": "Write", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + }, + "ViewPurchaseOrders": { + "privilege": "ViewPurchaseOrders", + "description": "Grants permission to view purchase orders and details", + "access_level": "Read", + "resource_types": { + "purchase-order": { + "resource_type": "purchase-order", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "purchase-order": "purchase-order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions" + } + }, + "privileges_lower_name": { + "addpurchaseorder": "AddPurchaseOrder", + "deletepurchaseorder": "DeletePurchaseOrder", + "getconsoleactionsetenforced": "GetConsoleActionSetEnforced", + "getpurchaseorder": "GetPurchaseOrder", + "listpurchaseorderinvoices": "ListPurchaseOrderInvoices", + "listpurchaseorders": "ListPurchaseOrders", + "listtagsforresource": "ListTagsForResource", + "modifypurchaseorders": "ModifyPurchaseOrders", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateconsoleactionsetenforced": "UpdateConsoleActionSetEnforced", + "updatepurchaseorder": "UpdatePurchaseOrder", + "updatepurchaseorderstatus": "UpdatePurchaseOrderStatus", + "viewpurchaseorders": "ViewPurchaseOrders" + }, + "resources": { + "purchase-order": { + "resource": "purchase-order", + "arn": "arn:${Partition}:purchase-orders::${Account}:purchase-order/${ResourceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "purchase-order": "purchase-order" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the set of tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + } + } + }, + "rbin": { + "service_name": "AWS Recycle Bin", + "prefix": "rbin", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsrecyclebin.html", + "privileges": { + "CreateRule": { + "privilege": "CreateRule", + "description": "Grants permission to create a Recycle Bin retention rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_CreateRule.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete a Recycle Bin retention rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_DeleteRule.html" + }, + "GetRule": { + "privilege": "GetRule", + "description": "Grants permission to get detailed information about a Recycle Bin retention rule", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_GetRule.html" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to list the Recycle Bin retention rules in the Region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_ListRules.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags associated with a resource", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_ListTagsForResource.html" + }, + "LockRule": { + "privilege": "LockRule", + "description": "Grants permission to lock an existing Recycle Bin retention rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rbin:Attribute/ResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_LockRule.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or update tags of a resource", + "access_level": "Tagging", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_TagResource.html" + }, + "UnlockRule": { + "privilege": "UnlockRule", + "description": "Grants permission to unlock an existing Recycle Bin retention rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "rbin:Attribute/ResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_UnlockRule.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags associated with a resource", + "access_level": "Tagging", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_UntagResource.html" + }, + "UpdateRule": { + "privilege": "UpdateRule", + "description": "Grants permission to update an existing Recycle Bin retention rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/recyclebin/latest/APIReference/API_UpdateRule.html" + } + }, + "privileges_lower_name": { + "createrule": "CreateRule", + "deleterule": "DeleteRule", + "getrule": "GetRule", + "listrules": "ListRules", + "listtagsforresource": "ListTagsForResource", + "lockrule": "LockRule", + "tagresource": "TagResource", + "unlockrule": "UnlockRule", + "untagresource": "UntagResource", + "updaterule": "UpdateRule" + }, + "resources": { + "rule": { + "resource": "rule", + "arn": "arn:${Partition}:rbin:${Region}:${Account}:rule/${ResourceName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "rule": "rule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + }, + "rbin:Attribute/ResourceType": { + "condition": "rbin:Attribute/ResourceType", + "description": "Filters access by the resource type of the existing rule", + "type": "String" + }, + "rbin:Request/ResourceType": { + "condition": "rbin:Request/ResourceType", + "description": "Filters access by the resource type in a request", + "type": "String" + } + } + }, + "resiliencehub": { + "service_name": "AWS Resilience Hub Service", + "prefix": "resiliencehub", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresiliencehubservice.html", + "privileges": { + "AddDraftAppVersionResourceMappings": { + "privilege": "AddDraftAppVersionResourceMappings", + "description": "Grants permission to add draft application version resource mappings", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStacks", + "cloudformation:ListStackResources", + "resource-groups:GetGroup", + "resource-groups:ListGroupResources", + "servicecatalog:GetApplication", + "servicecatalog:ListAssociatedResources" + ] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_AddDraftAppVersionResourceMappings.html" + }, + "CreateApp": { + "privilege": "CreateApp", + "description": "Grants permission to create application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateApp.html" + }, + "CreateAppVersionAppComponent": { + "privilege": "CreateAppVersionAppComponent", + "description": "Grants permission to create application app component", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateAppVersionAppComponent.html" + }, + "CreateAppVersionResource": { + "privilege": "CreateAppVersionResource", + "description": "Grants permission to create application resource", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateAppVersionResource.html" + }, + "CreateRecommendationTemplate": { + "privilege": "CreateRecommendationTemplate", + "description": "Grants permission to create recommendation template", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:CreateBucket", + "s3:ListBucket", + "s3:PutObject" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateRecommendationTemplate.html" + }, + "CreateResiliencyPolicy": { + "privilege": "CreateResiliencyPolicy", + "description": "Grants permission to create resiliency policy", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_CreateResiliencyPolicy.html" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Grants permission to batch delete application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteApp.html" + }, + "DeleteAppAssessment": { + "privilege": "DeleteAppAssessment", + "description": "Grants permission to batch delete application assessment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppAssessment.html" + }, + "DeleteAppInputSource": { + "privilege": "DeleteAppInputSource", + "description": "Grants permission to remove application input source", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppInputSource.html" + }, + "DeleteAppVersionAppComponent": { + "privilege": "DeleteAppVersionAppComponent", + "description": "Grants permission to delete application app component", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppVersionAppComponent.html" + }, + "DeleteAppVersionResource": { + "privilege": "DeleteAppVersionResource", + "description": "Grants permission to delete application resource", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteAppVersionResource.html" + }, + "DeleteRecommendationTemplate": { + "privilege": "DeleteRecommendationTemplate", + "description": "Grants permission to batch delete recommendation template", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteRecommendationTemplate.html" + }, + "DeleteResiliencyPolicy": { + "privilege": "DeleteResiliencyPolicy", + "description": "Grants permission to batch delete resiliency policy", + "access_level": "Write", + "resource_types": { + "resiliency-policy": { + "resource_type": "resiliency-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resiliency-policy": "resiliency-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DeleteResiliencyPolicy.html" + }, + "DescribeApp": { + "privilege": "DescribeApp", + "description": "Grants permission to describe application", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeApp.html" + }, + "DescribeAppAssessment": { + "privilege": "DescribeAppAssessment", + "description": "Grants permission to describe application assessment", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppAssessment.html" + }, + "DescribeAppVersion": { + "privilege": "DescribeAppVersion", + "description": "Grants permission to describe application version", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersion.html" + }, + "DescribeAppVersionAppComponent": { + "privilege": "DescribeAppVersionAppComponent", + "description": "Grants permission to describe application version app component", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionAppComponent.html" + }, + "DescribeAppVersionResource": { + "privilege": "DescribeAppVersionResource", + "description": "Grants permission to describe application version resource", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionResource.html" + }, + "DescribeAppVersionResourcesResolutionStatus": { + "privilege": "DescribeAppVersionResourcesResolutionStatus", + "description": "Grants permission to describe application resolution", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionResourcesResolutionStatus.html" + }, + "DescribeAppVersionTemplate": { + "privilege": "DescribeAppVersionTemplate", + "description": "Grants permission to describe application version template", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeAppVersionTemplate.html" + }, + "DescribeDraftAppVersionResourcesImportStatus": { + "privilege": "DescribeDraftAppVersionResourcesImportStatus", + "description": "Grants permission to describe draft application version resources import status", + "access_level": "Read", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeDraftAppVersionResourcesImportStatus.html" + }, + "DescribeResiliencyPolicy": { + "privilege": "DescribeResiliencyPolicy", + "description": "Grants permission to describe resiliency policy", + "access_level": "Read", + "resource_types": { + "resiliency-policy": { + "resource_type": "resiliency-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resiliency-policy": "resiliency-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_DescribeResiliencyPolicy.html" + }, + "ImportResourcesToDraftAppVersion": { + "privilege": "ImportResourcesToDraftAppVersion", + "description": "Grants permission to import resources to draft application version", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStacks", + "cloudformation:ListStackResources", + "resource-groups:GetGroup", + "resource-groups:ListGroupResources", + "servicecatalog:GetApplication", + "servicecatalog:ListAssociatedResources" + ] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ImportResourcesToDraftAppVersion.html" + }, + "ListAlarmRecommendations": { + "privilege": "ListAlarmRecommendations", + "description": "Grants permission to list alarm recommendation", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAlarmRecommendations.html" + }, + "ListAppAssessments": { + "privilege": "ListAppAssessments", + "description": "Grants permission to list application assessment", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppAssessments.html" + }, + "ListAppComponentCompliances": { + "privilege": "ListAppComponentCompliances", + "description": "Grants permission to list app component compliances", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppComponentCompliances.html" + }, + "ListAppComponentRecommendations": { + "privilege": "ListAppComponentRecommendations", + "description": "Grants permission to list app component recommendations", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppComponentRecommendations.html" + }, + "ListAppInputSources": { + "privilege": "ListAppInputSources", + "description": "Grants permission to list application input sources", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppInputSources.html" + }, + "ListAppVersionAppComponents": { + "privilege": "ListAppVersionAppComponents", + "description": "Grants permission to list application version app components", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersionAppComponents.html" + }, + "ListAppVersionResourceMappings": { + "privilege": "ListAppVersionResourceMappings", + "description": "Grants permission to application version resource mappings", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersionResourceMappings.html" + }, + "ListAppVersionResources": { + "privilege": "ListAppVersionResources", + "description": "Grants permission to list application resources", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersionResources.html" + }, + "ListAppVersions": { + "privilege": "ListAppVersions", + "description": "Grants permission to list application version", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListAppVersions.html" + }, + "ListApps": { + "privilege": "ListApps", + "description": "Grants permission to list applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListApps.html" + }, + "ListRecommendationTemplates": { + "privilege": "ListRecommendationTemplates", + "description": "Grants permission to list recommendation templates", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListRecommendationTemplates.html" + }, + "ListResiliencyPolicies": { + "privilege": "ListResiliencyPolicies", + "description": "Grants permission to list resiliency policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListResiliencyPolicies.html" + }, + "ListSopRecommendations": { + "privilege": "ListSopRecommendations", + "description": "Grants permission to list SOP recommendations", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListSopRecommendations.html" + }, + "ListSuggestedResiliencyPolicies": { + "privilege": "ListSuggestedResiliencyPolicies", + "description": "Grants permission to list suggested resiliency policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListSuggestedResiliencyPolicies.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTestRecommendations": { + "privilege": "ListTestRecommendations", + "description": "Grants permission to list test recommendations", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListTestRecommendations.html" + }, + "ListUnsupportedAppVersionResources": { + "privilege": "ListUnsupportedAppVersionResources", + "description": "Grants permission to list unsupported application version resources", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ListUnsupportedAppVersionResources.html" + }, + "PublishAppVersion": { + "privilege": "PublishAppVersion", + "description": "Grants permission to publish application version", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_PublishAppVersion.html" + }, + "PutDraftAppVersionTemplate": { + "privilege": "PutDraftAppVersionTemplate", + "description": "Grants permission to put draft application version template", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html" + }, + "RemoveDraftAppVersionResourceMappings": { + "privilege": "RemoveDraftAppVersionResourceMappings", + "description": "Grants permission to remove draft application version mappings", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_RemoveDraftAppVersionResourceMappings.html" + }, + "ResolveAppVersionResources": { + "privilege": "ResolveAppVersionResources", + "description": "Grants permission to resolve application version resources", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStacks", + "cloudformation:ListStackResources", + "resource-groups:GetGroup", + "resource-groups:ListGroupResources", + "servicecatalog:GetApplication", + "servicecatalog:ListAssociatedResources" + ] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_ResolveAppVersionResources.html" + }, + "StartAppAssessment": { + "privilege": "StartAppAssessment", + "description": "Grants permission to create application assessment", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStacks", + "cloudformation:ListStackResources", + "cloudwatch:DescribeAlarms", + "cloudwatch:GetMetricData", + "cloudwatch:GetMetricStatistics", + "cloudwatch:PutMetricData", + "ec2:DescribeRegions", + "fis:GetExperimentTemplate", + "fis:ListExperimentTemplates", + "fis:ListExperiments", + "resource-groups:GetGroup", + "resource-groups:ListGroupResources", + "servicecatalog:GetApplication", + "servicecatalog:ListAssociatedResources", + "ssm:GetParametersByPath" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_StartAppAssessment.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to assign a resource tag", + "access_level": "Tagging", + "resource_types": { + "app-assessment": { + "resource_type": "app-assessment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "recommendation-template": { + "resource_type": "recommendation-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resiliency-policy": { + "resource_type": "resiliency-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-assessment": "app-assessment", + "application": "application", + "recommendation-template": "recommendation-template", + "resiliency-policy": "resiliency-policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "app-assessment": { + "resource_type": "app-assessment", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "recommendation-template": { + "resource_type": "recommendation-template", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resiliency-policy": { + "resource_type": "resiliency-policy", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "app-assessment": "app-assessment", + "application": "application", + "recommendation-template": "recommendation-template", + "resiliency-policy": "resiliency-policy", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UntagResource.html" + }, + "UpdateApp": { + "privilege": "UpdateApp", + "description": "Grants permission to update application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateApp.html" + }, + "UpdateAppVersion": { + "privilege": "UpdateAppVersion", + "description": "Grants permission to update application version", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateAppVersion.html" + }, + "UpdateAppVersionAppComponent": { + "privilege": "UpdateAppVersionAppComponent", + "description": "Grants permission to update application app component", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateAppVersionAppComponent.html" + }, + "UpdateAppVersionResource": { + "privilege": "UpdateAppVersionResource", + "description": "Grants permission to update application resource", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateAppVersionResource.html" + }, + "UpdateResiliencyPolicy": { + "privilege": "UpdateResiliencyPolicy", + "description": "Grants permission to update resiliency policy", + "access_level": "Write", + "resource_types": { + "resiliency-policy": { + "resource_type": "resiliency-policy", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resiliency-policy": "resiliency-policy" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resilience-hub/latest/APIReference/API_UpdateResiliencyPolicy.html" + } + }, + "privileges_lower_name": { + "adddraftappversionresourcemappings": "AddDraftAppVersionResourceMappings", + "createapp": "CreateApp", + "createappversionappcomponent": "CreateAppVersionAppComponent", + "createappversionresource": "CreateAppVersionResource", + "createrecommendationtemplate": "CreateRecommendationTemplate", + "createresiliencypolicy": "CreateResiliencyPolicy", + "deleteapp": "DeleteApp", + "deleteappassessment": "DeleteAppAssessment", + "deleteappinputsource": "DeleteAppInputSource", + "deleteappversionappcomponent": "DeleteAppVersionAppComponent", + "deleteappversionresource": "DeleteAppVersionResource", + "deleterecommendationtemplate": "DeleteRecommendationTemplate", + "deleteresiliencypolicy": "DeleteResiliencyPolicy", + "describeapp": "DescribeApp", + "describeappassessment": "DescribeAppAssessment", + "describeappversion": "DescribeAppVersion", + "describeappversionappcomponent": "DescribeAppVersionAppComponent", + "describeappversionresource": "DescribeAppVersionResource", + "describeappversionresourcesresolutionstatus": "DescribeAppVersionResourcesResolutionStatus", + "describeappversiontemplate": "DescribeAppVersionTemplate", + "describedraftappversionresourcesimportstatus": "DescribeDraftAppVersionResourcesImportStatus", + "describeresiliencypolicy": "DescribeResiliencyPolicy", + "importresourcestodraftappversion": "ImportResourcesToDraftAppVersion", + "listalarmrecommendations": "ListAlarmRecommendations", + "listappassessments": "ListAppAssessments", + "listappcomponentcompliances": "ListAppComponentCompliances", + "listappcomponentrecommendations": "ListAppComponentRecommendations", + "listappinputsources": "ListAppInputSources", + "listappversionappcomponents": "ListAppVersionAppComponents", + "listappversionresourcemappings": "ListAppVersionResourceMappings", + "listappversionresources": "ListAppVersionResources", + "listappversions": "ListAppVersions", + "listapps": "ListApps", + "listrecommendationtemplates": "ListRecommendationTemplates", + "listresiliencypolicies": "ListResiliencyPolicies", + "listsoprecommendations": "ListSopRecommendations", + "listsuggestedresiliencypolicies": "ListSuggestedResiliencyPolicies", + "listtagsforresource": "ListTagsForResource", + "listtestrecommendations": "ListTestRecommendations", + "listunsupportedappversionresources": "ListUnsupportedAppVersionResources", + "publishappversion": "PublishAppVersion", + "putdraftappversiontemplate": "PutDraftAppVersionTemplate", + "removedraftappversionresourcemappings": "RemoveDraftAppVersionResourceMappings", + "resolveappversionresources": "ResolveAppVersionResources", + "startappassessment": "StartAppAssessment", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapp": "UpdateApp", + "updateappversion": "UpdateAppVersion", + "updateappversionappcomponent": "UpdateAppVersionAppComponent", + "updateappversionresource": "UpdateAppVersionResource", + "updateresiliencypolicy": "UpdateResiliencyPolicy" + }, + "resources": { + "resiliency-policy": { + "resource": "resiliency-policy", + "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:resiliency-policy/${ResiliencyPolicyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "application": { + "resource": "application", + "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:app/${AppId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "app-assessment": { + "resource": "app-assessment", + "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:app-assessment/${AppAssessmentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "recommendation-template": { + "resource": "recommendation-template", + "arn": "arn:${Partition}:resiliencehub:${Region}:${Account}:recommendation-template/${RecommendationTemplateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "resiliency-policy": "resiliency-policy", + "application": "application", + "app-assessment": "app-assessment", + "recommendation-template": "recommendation-template" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "ram": { + "service_name": "AWS Resource Access Manager", + "prefix": "ram", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresourceaccessmanager.html", + "privileges": { + "AcceptResourceShareInvitation": { + "privilege": "AcceptResourceShareInvitation", + "description": "Grants permission to accept the specified resource share invitation", + "access_level": "Permissions management", + "resource_types": { + "resource-share-invitation": { + "resource_type": "resource-share-invitation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:ShareOwnerAccountId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share-invitation": "resource-share-invitation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AcceptResourceShareInvitation.html" + }, + "AssociateResourceShare": { + "privilege": "AssociateResourceShare", + "description": "Grants permission to associate resource(s) and/or principal(s) to a resource share", + "access_level": "Permissions management", + "resource_types": { + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals", + "ram:Principal", + "ram:RequestedResourceType", + "ram:ResourceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share": "resource-share", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AssociateResourceShare.html" + }, + "AssociateResourceSharePermission": { + "privilege": "AssociateResourceSharePermission", + "description": "Grants permission to associate a Permission with a Resource Share", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "permission": "permission", + "resource-share": "resource-share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AssociateResourceSharePermission.html" + }, + "CreateResourceShare": { + "privilege": "CreateResourceShare", + "description": "Grants permission to create a resource share with provided resource(s) and/or principal(s)", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ram:RequestedResourceType", + "ram:ResourceArn", + "ram:RequestedAllowsExternalPrincipals", + "ram:Principal" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreateResourceShare.html" + }, + "DeleteResourceShare": { + "privilege": "DeleteResourceShare", + "description": "Grants permission to delete resource share", + "access_level": "Permissions management", + "resource_types": { + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share": "resource-share", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeleteResourceShare.html" + }, + "DisassociateResourceShare": { + "privilege": "DisassociateResourceShare", + "description": "Grants permission to disassociate resource(s) and/or principal(s) from a resource share", + "access_level": "Permissions management", + "resource_types": { + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals", + "ram:Principal", + "ram:RequestedResourceType", + "ram:ResourceArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share": "resource-share", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DisassociateResourceShare.html" + }, + "DisassociateResourceSharePermission": { + "privilege": "DisassociateResourceSharePermission", + "description": "Grants permission to disassociate a Permission from a Resource Share", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "permission": "permission", + "resource-share": "resource-share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DisassociateResourceSharePermission.html" + }, + "EnableSharingWithAwsOrganization": { + "privilege": "EnableSharingWithAwsOrganization", + "description": "Grants permission to access customer's organization and create a SLR in the customer's account", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "organizations:DescribeOrganization", + "organizations:EnableAWSServiceAccess" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_EnableSharingWithAwsOrganization.html" + }, + "GetPermission": { + "privilege": "GetPermission", + "description": "Grants permission to get the contents of an AWS RAM permission", + "access_level": "Read", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "permission": "permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetPermission.html" + }, + "GetResourcePolicies": { + "privilege": "GetResourcePolicies", + "description": "Grants permission to get the policies for the specified resources that you own and have shared", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourcePolicies.html" + }, + "GetResourceShareAssociations": { + "privilege": "GetResourceShareAssociations", + "description": "Grants permission to get a set of resource share associations from a provided list or with a specified status of the specified type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareAssociations.html" + }, + "GetResourceShareInvitations": { + "privilege": "GetResourceShareInvitations", + "description": "Grants permission to get resource share invitations by the specified invitation arn or those for the resource share", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareInvitations.html" + }, + "GetResourceShares": { + "privilege": "GetResourceShares", + "description": "Grants permission to get a set of resource shares from a provided list or with a specified status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShares.html" + }, + "ListPendingInvitationResources": { + "privilege": "ListPendingInvitationResources", + "description": "Grants permission to list the resources in a resource share that is shared with you but that the invitation is still pending for", + "access_level": "Read", + "resource_types": { + "resource-share-invitation": { + "resource_type": "resource-share-invitation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share-invitation": "resource-share-invitation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPendingInvitationResources.html" + }, + "ListPermissionVersions": { + "privilege": "ListPermissionVersions", + "description": "Grants permission to list the versions of an AWS RAM permission", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissionVersions.html" + }, + "ListPermissions": { + "privilege": "ListPermissions", + "description": "Grants permission to list the AWS RAM permissions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissions.html" + }, + "ListPrincipals": { + "privilege": "ListPrincipals", + "description": "Grants permission to list the principals that you have shared resources with or that have shared resources with you", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPrincipals.html" + }, + "ListResourceSharePermissions": { + "privilege": "ListResourceSharePermissions", + "description": "Grants permission to list the Permissions associated with a Resource Share", + "access_level": "List", + "resource_types": { + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share": "resource-share", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceSharePermissions.html" + }, + "ListResourceTypes": { + "privilege": "ListResourceTypes", + "description": "Grants permission to list the shareable resource types supported by AWS RAM", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html" + }, + "ListResources": { + "privilege": "ListResources", + "description": "Grants permission to list the resources that you added to resource shares or the resources that are shared with you", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResources.html" + }, + "PromoteResourceShareCreatedFromPolicy": { + "privilege": "PromoteResourceShareCreatedFromPolicy", + "description": "Grants permission to promote the specified resource share", + "access_level": "Write", + "resource_types": { + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share": "resource-share" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_PromoteResourceShareCreatedFromPolicy.html" + }, + "RejectResourceShareInvitation": { + "privilege": "RejectResourceShareInvitation", + "description": "Grants permission to reject the specified resource share invitation", + "access_level": "Permissions management", + "resource_types": { + "resource-share-invitation": { + "resource_type": "resource-share-invitation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:ShareOwnerAccountId" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share-invitation": "resource-share-invitation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_RejectResourceShareInvitation.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag the specified resource share or permission", + "access_level": "Tagging", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resource-share": { + "resource_type": "resource-share", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "resource-share": "resource-share", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified resource share or permission", + "access_level": "Tagging", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "resource-share": { + "resource_type": "resource-share", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "resource-share": "resource-share", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_UntagResource.html" + }, + "UpdateResourceShare": { + "privilege": "UpdateResourceShare", + "description": "Grants permission to update attributes of the resource share", + "access_level": "Permissions management", + "resource_types": { + "resource-share": { + "resource_type": "resource-share", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals", + "ram:RequestedAllowsExternalPrincipals" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resource-share": "resource-share", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_UpdateResourceShare.html" + }, + "CreatePermission": { + "privilege": "CreatePermission", + "description": "Grants permission to create a Permission that can be associated to a Resource Share", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType", + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [ + "ram:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreatePermission.html" + }, + "CreatePermissionVersion": { + "privilege": "CreatePermissionVersion", + "description": "Grants permission to create a new version of a Permission that can be associated to a Resource Share", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreatePermissionVersion.html" + }, + "DeletePermission": { + "privilege": "DeletePermission", + "description": "Grants permission to delete a specified Permission", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeletePermission.html" + }, + "DeletePermissionVersion": { + "privilege": "DeletePermissionVersion", + "description": "Grants permission to delete a specified version of a permission", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeletePermissionVersion.html" + }, + "ListPermissionAssociations": { + "privilege": "ListPermissionAssociations", + "description": "Grants permission to list information about the permission and any associations", + "access_level": "List", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "permission": "permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissionAssociations.html" + }, + "ListReplacePermissionAssociationsWork": { + "privilege": "ListReplacePermissionAssociationsWork", + "description": "Grants permission to retrieve the status of the asynchronous permission replacement", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListReplacePermissionAssociationsWork.html" + }, + "PromotePermissionCreatedFromPolicy": { + "privilege": "PromotePermissionCreatedFromPolicy", + "description": "Grants permission to create a separate, fully manageable customer managed permission", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_PromotePermissionCreatedFromPolicy.html" + }, + "ReplacePermissionAssociations": { + "privilege": "ReplacePermissionAssociations", + "description": "Grants permission to update all resource shares to a new permission", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "permission": { + "resource_type": "permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "permission": "permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ReplacePermissionAssociations.html" + }, + "SetDefaultPermissionVersion": { + "privilege": "SetDefaultPermissionVersion", + "description": "Grants permission to specify a version number as the default version for the respective customer managed permission", + "access_level": "Write", + "resource_types": { + "customer-managed-permission": { + "resource_type": "customer-managed-permission", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "customer-managed-permission": "customer-managed-permission", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ram/latest/APIReference/API_SetDefaultPermissionVersion.html" + } + }, + "privileges_lower_name": { + "acceptresourceshareinvitation": "AcceptResourceShareInvitation", + "associateresourceshare": "AssociateResourceShare", + "associateresourcesharepermission": "AssociateResourceSharePermission", + "createresourceshare": "CreateResourceShare", + "deleteresourceshare": "DeleteResourceShare", + "disassociateresourceshare": "DisassociateResourceShare", + "disassociateresourcesharepermission": "DisassociateResourceSharePermission", + "enablesharingwithawsorganization": "EnableSharingWithAwsOrganization", + "getpermission": "GetPermission", + "getresourcepolicies": "GetResourcePolicies", + "getresourceshareassociations": "GetResourceShareAssociations", + "getresourceshareinvitations": "GetResourceShareInvitations", + "getresourceshares": "GetResourceShares", + "listpendinginvitationresources": "ListPendingInvitationResources", + "listpermissionversions": "ListPermissionVersions", + "listpermissions": "ListPermissions", + "listprincipals": "ListPrincipals", + "listresourcesharepermissions": "ListResourceSharePermissions", + "listresourcetypes": "ListResourceTypes", + "listresources": "ListResources", + "promoteresourcesharecreatedfrompolicy": "PromoteResourceShareCreatedFromPolicy", + "rejectresourceshareinvitation": "RejectResourceShareInvitation", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateresourceshare": "UpdateResourceShare", + "createpermission": "CreatePermission", + "createpermissionversion": "CreatePermissionVersion", + "deletepermission": "DeletePermission", + "deletepermissionversion": "DeletePermissionVersion", + "listpermissionassociations": "ListPermissionAssociations", + "listreplacepermissionassociationswork": "ListReplacePermissionAssociationsWork", + "promotepermissioncreatedfrompolicy": "PromotePermissionCreatedFromPolicy", + "replacepermissionassociations": "ReplacePermissionAssociations", + "setdefaultpermissionversion": "SetDefaultPermissionVersion" + }, + "resources": { + "resource-share": { + "resource": "resource-share", + "arn": "arn:${Partition}:ram:${Region}:${Account}:resource-share/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:AllowsExternalPrincipals", + "ram:ResourceShareName" + ] + }, + "resource-share-invitation": { + "resource": "resource-share-invitation", + "arn": "arn:${Partition}:ram:${Region}:${Account}:resource-share-invitation/${ResourcePath}", + "condition_keys": [ + "ram:ShareOwnerAccountId" + ] + }, + "permission": { + "resource": "permission", + "arn": "arn:${Partition}:ram::${Account}:permission/${ResourcePath}", + "condition_keys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ] + }, + "customer-managed-permission": { + "resource": "customer-managed-permission", + "arn": "arn:${Partition}:ram:${Region}:${Account}:permission/${ResourcePath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ram:PermissionArn", + "ram:PermissionResourceType" + ] + } + }, + "resources_lower_name": { + "resource-share": "resource-share", + "resource-share-invitation": "resource-share-invitation", + "permission": "permission", + "customer-managed-permission": "customer-managed-permission" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request when creating or tagging a resource share. If users don't pass these specific tags, or if they don't specify tags at all, the request fails", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed when creating or tagging a resource share", + "type": "ArrayOfString" + }, + "ram:AllowsExternalPrincipals": { + "condition": "ram:AllowsExternalPrincipals", + "description": "Filters access by resource shares that allow or deny sharing with external principals. For example, specify true if the action can only be performed on resource shares that allow sharing with external principals. External principals are AWS accounts that are outside of its AWS organization", + "type": "Bool" + }, + "ram:PermissionArn": { + "condition": "ram:PermissionArn", + "description": "Filters access by the specified Permission ARN", + "type": "ARN" + }, + "ram:PermissionResourceType": { + "condition": "ram:PermissionResourceType", + "description": "Filters access by permissions of specified resource type", + "type": "String" + }, + "ram:Principal": { + "condition": "ram:Principal", + "description": "Filters access by format of the specified principal", + "type": "String" + }, + "ram:RequestedAllowsExternalPrincipals": { + "condition": "ram:RequestedAllowsExternalPrincipals", + "description": "Filters access by the specified value for 'allowExternalPrincipals'. External principals are AWS accounts that are outside of its AWS Organization", + "type": "Bool" + }, + "ram:RequestedResourceType": { + "condition": "ram:RequestedResourceType", + "description": "Filters access by the specified resource type", + "type": "String" + }, + "ram:ResourceArn": { + "condition": "ram:ResourceArn", + "description": "Filters access by the specified ARN", + "type": "ARN" + }, + "ram:ResourceShareName": { + "condition": "ram:ResourceShareName", + "description": "Filters access by a resource share with the specified name", + "type": "String" + }, + "ram:ShareOwnerAccountId": { + "condition": "ram:ShareOwnerAccountId", + "description": "Filters access by resource shares owned by a specific account. For example, you can use this condition key to specify which resource share invitations can be accepted or rejected based on the resource share owner\u2019s account ID", + "type": "String" + }, + "ram:ResourceTag/${TagKey}": { + "condition": "ram:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + } + } + }, + "resource-explorer-2": { + "service_name": "AWS Resource Explorer", + "prefix": "resource-explorer-2", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresourceexplorer.html", + "privileges": { + "AssociateDefaultView": { + "privilege": "AssociateDefaultView", + "description": "Grants permission to set the specified view as the default for this AWS Region in this AWS account", + "access_level": "Write", + "resource_types": { + "view": { + "resource_type": "view", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "view": "view" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_AssociateDefaultView.html" + }, + "BatchGetView": { + "privilege": "BatchGetView", + "description": "Grants permission to retrieve details about views that you specify by a list of ARNs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "resource-explorer-2:GetView" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_BatchGetView.html" + }, + "CreateIndex": { + "privilege": "CreateIndex", + "description": "Grants permission to turn on Resource Explorer in the AWS Region in which you called this operation by creating an index", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_CreateIndex.html" + }, + "CreateView": { + "privilege": "CreateView", + "description": "Grants permission to create a view that users can query", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_CreateView.html" + }, + "DeleteIndex": { + "privilege": "DeleteIndex", + "description": "Grants permission to turn off Resource Explorer in the specified AWS Region by deleting the index", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_DeleteIndex.html" + }, + "DeleteView": { + "privilege": "DeleteView", + "description": "Grants permission to delete a view", + "access_level": "Write", + "resource_types": { + "view": { + "resource_type": "view", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "view": "view" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_DeleteView.html" + }, + "DisassociateDefaultView": { + "privilege": "DisassociateDefaultView", + "description": "Grants permission to remove the default view for the AWS Region in which you call this operation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_DisassociateDefaultView.html" + }, + "GetDefaultView": { + "privilege": "GetDefaultView", + "description": "Grants permission to retrieve the Amazon resource name (ARN) of the view that is the default for the AWS Region in which you call this operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_GetDefaultView.html" + }, + "GetIndex": { + "privilege": "GetIndex", + "description": "Grants permission to retrieve information about the index in the AWS Region in which you call this operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_GetIndex.html" + }, + "GetView": { + "privilege": "GetView", + "description": "Grants permission to retrieve information about the specified view", + "access_level": "Read", + "resource_types": { + "view": { + "resource_type": "view", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "view": "view" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_GetView.html" + }, + "ListIndexes": { + "privilege": "ListIndexes", + "description": "Grants permission to list the indexes in all AWS Regions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListIndexes.html" + }, + "ListSupportedResourceTypes": { + "privilege": "ListSupportedResourceTypes", + "description": "Grants permission to retrieve a list of all resource types currently supported by Resource Explorer", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListSupportedResourceTypes.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags that are attached to the specified resource", + "access_level": "Read", + "resource_types": { + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "view": { + "resource_type": "view", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "view": "view" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListTagsForResource.html" + }, + "ListViews": { + "privilege": "ListViews", + "description": "Grants permission to list the Amazon resource names (ARNs) of all of the views available in the AWS Region in which you call this operation", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_ListViews.html" + }, + "Search": { + "privilege": "Search", + "description": "Grants permission to search for resources and display details about all resources that match the specified criteria", + "access_level": "Read", + "resource_types": { + "view": { + "resource_type": "view", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "view": "view" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tag key and value pairs to the specified resource", + "access_level": "Tagging", + "resource_types": { + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "view": { + "resource_type": "view", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "view": "view", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tag key and value pairs from the specified resource", + "access_level": "Tagging", + "resource_types": { + "index": { + "resource_type": "index", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "view": { + "resource_type": "view", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index", + "view": "view", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_UntagResource.html" + }, + "UpdateIndexType": { + "privilege": "UpdateIndexType", + "description": "Grants permission to change the type of the index from LOCAL to AGGREGATOR or back", + "access_level": "Write", + "resource_types": { + "index": { + "resource_type": "index", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "index": "index" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_UpdateIndexType.html" + }, + "UpdateView": { + "privilege": "UpdateView", + "description": "Grants permission to modify some of the details of a view", + "access_level": "Write", + "resource_types": { + "view": { + "resource_type": "view", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "view": "view" + }, + "api_documentation_link": "https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_UpdateView.html" + } + }, + "privileges_lower_name": { + "associatedefaultview": "AssociateDefaultView", + "batchgetview": "BatchGetView", + "createindex": "CreateIndex", + "createview": "CreateView", + "deleteindex": "DeleteIndex", + "deleteview": "DeleteView", + "disassociatedefaultview": "DisassociateDefaultView", + "getdefaultview": "GetDefaultView", + "getindex": "GetIndex", + "getview": "GetView", + "listindexes": "ListIndexes", + "listsupportedresourcetypes": "ListSupportedResourceTypes", + "listtagsforresource": "ListTagsForResource", + "listviews": "ListViews", + "search": "Search", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateindextype": "UpdateIndexType", + "updateview": "UpdateView" + }, + "resources": { + "view": { + "resource": "view", + "arn": "arn:${Partition}:resource-explorer-2:${Region}:${Account}:view/${ViewName}/${ViewUuid}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "index": { + "resource": "index", + "arn": "arn:${Partition}:resource-explorer-2:${Region}:${Account}:index/${IndexUuid}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "view": "view", + "index": "index" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tag keys that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag keyss attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "resource-groups": { + "service_name": "AWS Resource Groups", + "prefix": "resource-groups", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsresourcegroups.html", + "privileges": { + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a resource group with a specified name, description, and resource query", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_CreateGroup.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete a specified resource group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_DeleteGroup.html" + }, + "GetAccountSettings": { + "privilege": "GetAccountSettings", + "description": "Grants permission to get the current status of optional features in Resource Groups", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetAccountSettings.html" + }, + "GetGroup": { + "privilege": "GetGroup", + "description": "Grants permission to get information of a specified resource group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetGroup.html" + }, + "GetGroupConfiguration": { + "privilege": "GetGroupConfiguration", + "description": "Grants permission to get the service configuration associated with the specified resource group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetGroupConfiguration.html" + }, + "GetGroupQuery": { + "privilege": "GetGroupQuery", + "description": "Grants permission to get the query associated with a specified resource group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetGroupQuery.html" + }, + "GetTags": { + "privilege": "GetTags", + "description": "Grants permission to get the tags associated with a specified resource group", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GetTags.html" + }, + "GroupResources": { + "privilege": "GroupResources", + "description": "Grants permission to add the specified resources to the specified group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_GroupResources.html" + }, + "ListGroupResources": { + "privilege": "ListGroupResources", + "description": "Grants permission to list the resources that are members of a specified resource group", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStacks", + "cloudformation:ListStackResources", + "tag:GetResources" + ] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_ListGroupResources.html" + }, + "ListGroups": { + "privilege": "ListGroups", + "description": "Grants permission to list all resource groups in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_ListGroups.html" + }, + "PutGroupConfiguration": { + "privilege": "PutGroupConfiguration", + "description": "Grants permission to put the service configuration associated with the specified resource group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_PutGroupConfiguration.html" + }, + "PutGroupPolicy": { + "privilege": "PutGroupPolicy", + "description": "Grants permission to add a resource-based policy for the specified group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/license-manager/latest/userguide/management-role.html#service-linked-role-permissions-management-role" + }, + "SearchResources": { + "privilege": "SearchResources", + "description": "Grants permission to search for AWS resources matching the given query", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStacks", + "cloudformation:ListStackResources", + "tag:GetResources" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_SearchResources.html" + }, + "Tag": { + "privilege": "Tag", + "description": "Grants permission to tag a specified resource group", + "access_level": "Tagging", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_Tag.html" + }, + "UngroupResources": { + "privilege": "UngroupResources", + "description": "Grants permission to remove the specified resources from the specified group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UngroupResources.html" + }, + "Untag": { + "privilege": "Untag", + "description": "Grants permission to remove tags associated with a specified resource group", + "access_level": "Tagging", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_Untag.html" + }, + "UpdateAccountSettings": { + "privilege": "UpdateAccountSettings", + "description": "Grants permission to update optional features in Resource Groups", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UpdateAccountSettings.html" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to update a specified resource group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UpdateGroup.html" + }, + "UpdateGroupQuery": { + "privilege": "UpdateGroupQuery", + "description": "Grants permission to update the query associated with a specified resource group", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/APIReference/API_UpdateGroupQuery.html" + } + }, + "privileges_lower_name": { + "creategroup": "CreateGroup", + "deletegroup": "DeleteGroup", + "getaccountsettings": "GetAccountSettings", + "getgroup": "GetGroup", + "getgroupconfiguration": "GetGroupConfiguration", + "getgroupquery": "GetGroupQuery", + "gettags": "GetTags", + "groupresources": "GroupResources", + "listgroupresources": "ListGroupResources", + "listgroups": "ListGroups", + "putgroupconfiguration": "PutGroupConfiguration", + "putgrouppolicy": "PutGroupPolicy", + "searchresources": "SearchResources", + "tag": "Tag", + "ungroupresources": "UngroupResources", + "untag": "Untag", + "updateaccountsettings": "UpdateAccountSettings", + "updategroup": "UpdateGroup", + "updategroupquery": "UpdateGroupQuery" + }, + "resources": { + "group": { + "resource": "group", + "arn": "arn:${Partition}:resource-groups:${Region}:${Account}:group/${GroupName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "group": "group" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "robomaker": { + "service_name": "AWS RoboMaker", + "prefix": "robomaker", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsrobomaker.html", + "privileges": { + "BatchDeleteWorlds": { + "privilege": "BatchDeleteWorlds", + "description": "Delete one or more worlds in a batch operation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_BatchDeleteWorlds.html" + }, + "BatchDescribeSimulationJob": { + "privilege": "BatchDescribeSimulationJob", + "description": "Describe multiple simulation jobs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_BatchDescribeSimulationJob.html" + }, + "CancelDeploymentJob": { + "privilege": "CancelDeploymentJob", + "description": "Cancel a deployment job", + "access_level": "Write", + "resource_types": { + "deploymentJob": { + "resource_type": "deploymentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentjob": "deploymentJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelDeploymentJob.html" + }, + "CancelSimulationJob": { + "privilege": "CancelSimulationJob", + "description": "Cancel a simulation job", + "access_level": "Write", + "resource_types": { + "simulationJob": { + "resource_type": "simulationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationjob": "simulationJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelSimulationJob.html" + }, + "CancelSimulationJobBatch": { + "privilege": "CancelSimulationJobBatch", + "description": "Cancel a simulation job batch", + "access_level": "Write", + "resource_types": { + "simulationJobBatch": { + "resource_type": "simulationJobBatch", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationjobbatch": "simulationJobBatch" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelSimulationJobBatch.html" + }, + "CancelWorldExportJob": { + "privilege": "CancelWorldExportJob", + "description": "Cancel a world export job", + "access_level": "Write", + "resource_types": { + "worldExportJob": { + "resource_type": "worldExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldexportjob": "worldExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelWorldExportJob.html" + }, + "CancelWorldGenerationJob": { + "privilege": "CancelWorldGenerationJob", + "description": "Cancel a world generation job", + "access_level": "Write", + "resource_types": { + "worldGenerationJob": { + "resource_type": "worldGenerationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldgenerationjob": "worldGenerationJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CancelWorldGenerationJob.html" + }, + "CreateDeploymentJob": { + "privilege": "CreateDeploymentJob", + "description": "Create a deployment job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateDeploymentJob.html" + }, + "CreateFleet": { + "privilege": "CreateFleet", + "description": "Create a deployment fleet that represents a logical group of robots running the same robot application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateFleet.html" + }, + "CreateRobot": { + "privilege": "CreateRobot", + "description": "Create a robot that can be registered to a fleet", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateRobot.html" + }, + "CreateRobotApplication": { + "privilege": "CreateRobotApplication", + "description": "Create a robot application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateRobotApplication.html" + }, + "CreateRobotApplicationVersion": { + "privilege": "CreateRobotApplicationVersion", + "description": "Create a snapshot of a robot application", + "access_level": "Write", + "resource_types": { + "robotApplication": { + "resource_type": "robotApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "robotapplication": "robotApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateRobotApplicationVersion.html" + }, + "CreateSimulationApplication": { + "privilege": "CreateSimulationApplication", + "description": "Create a simulation application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateSimulationApplication.html" + }, + "CreateSimulationApplicationVersion": { + "privilege": "CreateSimulationApplicationVersion", + "description": "Create a snapshot of a simulation application", + "access_level": "Write", + "resource_types": { + "simulationApplication": { + "resource_type": "simulationApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:GetObject" + ] + } + }, + "resource_types_lower_name": { + "simulationapplication": "simulationApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateSimulationApplicationVersion.html" + }, + "CreateSimulationJob": { + "privilege": "CreateSimulationJob", + "description": "Create a simulation job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateSimulationJob.html" + }, + "CreateWorldExportJob": { + "privilege": "CreateWorldExportJob", + "description": "Create a world export job", + "access_level": "Write", + "resource_types": { + "world": { + "resource_type": "world", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "world": "world", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateWorldExportJob.html" + }, + "CreateWorldGenerationJob": { + "privilege": "CreateWorldGenerationJob", + "description": "Create a world generation job", + "access_level": "Write", + "resource_types": { + "worldTemplate": { + "resource_type": "worldTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldtemplate": "worldTemplate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateWorldGenerationJob.html" + }, + "CreateWorldTemplate": { + "privilege": "CreateWorldTemplate", + "description": "Create a world template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_CreateWorldTemplate.html" + }, + "DeleteFleet": { + "privilege": "DeleteFleet", + "description": "Delete a deployment fleet", + "access_level": "Write", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteFleet.html" + }, + "DeleteRobot": { + "privilege": "DeleteRobot", + "description": "Delete a robot", + "access_level": "Write", + "resource_types": { + "robot": { + "resource_type": "robot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "robot": "robot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteRobot.html" + }, + "DeleteRobotApplication": { + "privilege": "DeleteRobotApplication", + "description": "Delete a robot application", + "access_level": "Write", + "resource_types": { + "robotApplication": { + "resource_type": "robotApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "robotapplication": "robotApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteRobotApplication.html" + }, + "DeleteSimulationApplication": { + "privilege": "DeleteSimulationApplication", + "description": "Delete a simulation application", + "access_level": "Write", + "resource_types": { + "simulationApplication": { + "resource_type": "simulationApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationapplication": "simulationApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteSimulationApplication.html" + }, + "DeleteWorldTemplate": { + "privilege": "DeleteWorldTemplate", + "description": "Delete a world template", + "access_level": "Write", + "resource_types": { + "worldTemplate": { + "resource_type": "worldTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldtemplate": "worldTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeleteWorldTemplate.html" + }, + "DeregisterRobot": { + "privilege": "DeregisterRobot", + "description": "Deregister a robot from a fleet", + "access_level": "Write", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "robot": { + "resource_type": "robot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet", + "robot": "robot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DeregisterRobot.html" + }, + "DescribeDeploymentJob": { + "privilege": "DescribeDeploymentJob", + "description": "Describe a deployment job", + "access_level": "Read", + "resource_types": { + "deploymentJob": { + "resource_type": "deploymentJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentjob": "deploymentJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeDeploymentJob.html" + }, + "DescribeFleet": { + "privilege": "DescribeFleet", + "description": "Describe a deployment fleet", + "access_level": "Read", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeFleet.html" + }, + "DescribeRobot": { + "privilege": "DescribeRobot", + "description": "Describe a robot", + "access_level": "Read", + "resource_types": { + "robot": { + "resource_type": "robot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "robot": "robot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeRobot.html" + }, + "DescribeRobotApplication": { + "privilege": "DescribeRobotApplication", + "description": "Describe a robot application", + "access_level": "Read", + "resource_types": { + "robotApplication": { + "resource_type": "robotApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "robotapplication": "robotApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeRobotApplication.html" + }, + "DescribeSimulationApplication": { + "privilege": "DescribeSimulationApplication", + "description": "Describe a simulation application", + "access_level": "Read", + "resource_types": { + "simulationApplication": { + "resource_type": "simulationApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationapplication": "simulationApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeSimulationApplication.html" + }, + "DescribeSimulationJob": { + "privilege": "DescribeSimulationJob", + "description": "Describe a simulation job", + "access_level": "Read", + "resource_types": { + "simulationJob": { + "resource_type": "simulationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationjob": "simulationJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeSimulationJob.html" + }, + "DescribeSimulationJobBatch": { + "privilege": "DescribeSimulationJobBatch", + "description": "Describe a simulation job batch", + "access_level": "Read", + "resource_types": { + "simulationJobBatch": { + "resource_type": "simulationJobBatch", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationjobbatch": "simulationJobBatch" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeSimulationJobBatch.html" + }, + "DescribeWorld": { + "privilege": "DescribeWorld", + "description": "Describe a world", + "access_level": "Read", + "resource_types": { + "world": { + "resource_type": "world", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "world": "world" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorld.html" + }, + "DescribeWorldExportJob": { + "privilege": "DescribeWorldExportJob", + "description": "Describe a world export job", + "access_level": "Read", + "resource_types": { + "worldExportJob": { + "resource_type": "worldExportJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldexportjob": "worldExportJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorldExportJob.html" + }, + "DescribeWorldGenerationJob": { + "privilege": "DescribeWorldGenerationJob", + "description": "Describe a world generation job", + "access_level": "Read", + "resource_types": { + "worldGenerationJob": { + "resource_type": "worldGenerationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldgenerationjob": "worldGenerationJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorldGenerationJob.html" + }, + "DescribeWorldTemplate": { + "privilege": "DescribeWorldTemplate", + "description": "Describe a world template", + "access_level": "Read", + "resource_types": { + "worldTemplate": { + "resource_type": "worldTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldtemplate": "worldTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_DescribeWorldTemplate.html" + }, + "GetWorldTemplateBody": { + "privilege": "GetWorldTemplateBody", + "description": "Get the body of a world template", + "access_level": "Read", + "resource_types": { + "worldTemplate": { + "resource_type": "worldTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldtemplate": "worldTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_GetWorldTemplateBody.html" + }, + "ListDeploymentJobs": { + "privilege": "ListDeploymentJobs", + "description": "List deployment jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListDeploymentJobs.html" + }, + "ListFleets": { + "privilege": "ListFleets", + "description": "List fleets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListFleets.html" + }, + "ListRobotApplications": { + "privilege": "ListRobotApplications", + "description": "List robot applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListRobotApplications.html" + }, + "ListRobots": { + "privilege": "ListRobots", + "description": "List robots", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListRobots.html" + }, + "ListSimulationApplications": { + "privilege": "ListSimulationApplications", + "description": "List simulation applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListSimulationApplications.html" + }, + "ListSimulationJobBatches": { + "privilege": "ListSimulationJobBatches", + "description": "List simulation job batches", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListSimulationJobBatches.html" + }, + "ListSimulationJobs": { + "privilege": "ListSimulationJobs", + "description": "List simulation jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListSimulationJobs.html" + }, + "ListSupportedAvailabilityZones": { + "privilege": "ListSupportedAvailabilityZones", + "description": "Lists supported availability zones", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "List tags for a RoboMaker resource", + "access_level": "List", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentJob": { + "resource_type": "deploymentJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "robot": { + "resource_type": "robot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "robotApplication": { + "resource_type": "robotApplication", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationApplication": { + "resource_type": "simulationApplication", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationJob": { + "resource_type": "simulationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationJobBatch": { + "resource_type": "simulationJobBatch", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "world": { + "resource_type": "world", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldExportJob": { + "resource_type": "worldExportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldGenerationJob": { + "resource_type": "worldGenerationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldTemplate": { + "resource_type": "worldTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet", + "deploymentjob": "deploymentJob", + "robot": "robot", + "robotapplication": "robotApplication", + "simulationapplication": "simulationApplication", + "simulationjob": "simulationJob", + "simulationjobbatch": "simulationJobBatch", + "world": "world", + "worldexportjob": "worldExportJob", + "worldgenerationjob": "worldGenerationJob", + "worldtemplate": "worldTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListTagsForResource.html" + }, + "ListWorldExportJobs": { + "privilege": "ListWorldExportJobs", + "description": "List world export jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorldExportJobs.html" + }, + "ListWorldGenerationJobs": { + "privilege": "ListWorldGenerationJobs", + "description": "List world generation jobs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorldGenerationJobs.html" + }, + "ListWorldTemplates": { + "privilege": "ListWorldTemplates", + "description": "List world templates", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorldTemplates.html" + }, + "ListWorlds": { + "privilege": "ListWorlds", + "description": "List worlds", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_ListWorlds.html" + }, + "RegisterRobot": { + "privilege": "RegisterRobot", + "description": "Register a robot to a fleet", + "access_level": "Write", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "robot": { + "resource_type": "robot", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet", + "robot": "robot" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_RegisterRobot.html" + }, + "RestartSimulationJob": { + "privilege": "RestartSimulationJob", + "description": "Restart a running simulation job", + "access_level": "Write", + "resource_types": { + "simulationJob": { + "resource_type": "simulationJob", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationjob": "simulationJob" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_RestartSimulationJob.html" + }, + "StartSimulationJobBatch": { + "privilege": "StartSimulationJobBatch", + "description": "Create a simulation job batch", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_StartSimulationJobBatch.html" + }, + "SyncDeploymentJob": { + "privilege": "SyncDeploymentJob", + "description": "Ensures the most recently deployed robot application is deployed to all robots in the fleet", + "access_level": "Write", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_SyncDeploymentJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Add tags to a RoboMaker resource", + "access_level": "Tagging", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentJob": { + "resource_type": "deploymentJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "robot": { + "resource_type": "robot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "robotApplication": { + "resource_type": "robotApplication", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationApplication": { + "resource_type": "simulationApplication", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationJob": { + "resource_type": "simulationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationJobBatch": { + "resource_type": "simulationJobBatch", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "world": { + "resource_type": "world", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldExportJob": { + "resource_type": "worldExportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldGenerationJob": { + "resource_type": "worldGenerationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldTemplate": { + "resource_type": "worldTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet", + "deploymentjob": "deploymentJob", + "robot": "robot", + "robotapplication": "robotApplication", + "simulationapplication": "simulationApplication", + "simulationjob": "simulationJob", + "simulationjobbatch": "simulationJobBatch", + "world": "world", + "worldexportjob": "worldExportJob", + "worldgenerationjob": "worldGenerationJob", + "worldtemplate": "worldTemplate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Remove tags from a RoboMaker resource", + "access_level": "Tagging", + "resource_types": { + "deploymentFleet": { + "resource_type": "deploymentFleet", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "deploymentJob": { + "resource_type": "deploymentJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "robot": { + "resource_type": "robot", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "robotApplication": { + "resource_type": "robotApplication", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationApplication": { + "resource_type": "simulationApplication", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationJob": { + "resource_type": "simulationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "simulationJobBatch": { + "resource_type": "simulationJobBatch", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "world": { + "resource_type": "world", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldExportJob": { + "resource_type": "worldExportJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldGenerationJob": { + "resource_type": "worldGenerationJob", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "worldTemplate": { + "resource_type": "worldTemplate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "deploymentfleet": "deploymentFleet", + "deploymentjob": "deploymentJob", + "robot": "robot", + "robotapplication": "robotApplication", + "simulationapplication": "simulationApplication", + "simulationjob": "simulationJob", + "simulationjobbatch": "simulationJobBatch", + "world": "world", + "worldexportjob": "worldExportJob", + "worldgenerationjob": "worldGenerationJob", + "worldtemplate": "worldTemplate", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UntagResource.html" + }, + "UpdateRobotApplication": { + "privilege": "UpdateRobotApplication", + "description": "Update a robot application", + "access_level": "Write", + "resource_types": { + "robotApplication": { + "resource_type": "robotApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "robotapplication": "robotApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UpdateRobotApplication.html" + }, + "UpdateRobotDeployment": { + "privilege": "UpdateRobotDeployment", + "description": "Report the deployment status for an individual robot", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "UpdateSimulationApplication": { + "privilege": "UpdateSimulationApplication", + "description": "Update a simulation application", + "access_level": "Write", + "resource_types": { + "simulationApplication": { + "resource_type": "simulationApplication", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulationapplication": "simulationApplication" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UpdateSimulationApplication.html" + }, + "UpdateWorldTemplate": { + "privilege": "UpdateWorldTemplate", + "description": "Update a world template", + "access_level": "Write", + "resource_types": { + "worldTemplate": { + "resource_type": "worldTemplate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "worldtemplate": "worldTemplate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/robomaker/latest/dg/API_UpdateWorldTemplate.html" + } + }, + "privileges_lower_name": { + "batchdeleteworlds": "BatchDeleteWorlds", + "batchdescribesimulationjob": "BatchDescribeSimulationJob", + "canceldeploymentjob": "CancelDeploymentJob", + "cancelsimulationjob": "CancelSimulationJob", + "cancelsimulationjobbatch": "CancelSimulationJobBatch", + "cancelworldexportjob": "CancelWorldExportJob", + "cancelworldgenerationjob": "CancelWorldGenerationJob", + "createdeploymentjob": "CreateDeploymentJob", + "createfleet": "CreateFleet", + "createrobot": "CreateRobot", + "createrobotapplication": "CreateRobotApplication", + "createrobotapplicationversion": "CreateRobotApplicationVersion", + "createsimulationapplication": "CreateSimulationApplication", + "createsimulationapplicationversion": "CreateSimulationApplicationVersion", + "createsimulationjob": "CreateSimulationJob", + "createworldexportjob": "CreateWorldExportJob", + "createworldgenerationjob": "CreateWorldGenerationJob", + "createworldtemplate": "CreateWorldTemplate", + "deletefleet": "DeleteFleet", + "deleterobot": "DeleteRobot", + "deleterobotapplication": "DeleteRobotApplication", + "deletesimulationapplication": "DeleteSimulationApplication", + "deleteworldtemplate": "DeleteWorldTemplate", + "deregisterrobot": "DeregisterRobot", + "describedeploymentjob": "DescribeDeploymentJob", + "describefleet": "DescribeFleet", + "describerobot": "DescribeRobot", + "describerobotapplication": "DescribeRobotApplication", + "describesimulationapplication": "DescribeSimulationApplication", + "describesimulationjob": "DescribeSimulationJob", + "describesimulationjobbatch": "DescribeSimulationJobBatch", + "describeworld": "DescribeWorld", + "describeworldexportjob": "DescribeWorldExportJob", + "describeworldgenerationjob": "DescribeWorldGenerationJob", + "describeworldtemplate": "DescribeWorldTemplate", + "getworldtemplatebody": "GetWorldTemplateBody", + "listdeploymentjobs": "ListDeploymentJobs", + "listfleets": "ListFleets", + "listrobotapplications": "ListRobotApplications", + "listrobots": "ListRobots", + "listsimulationapplications": "ListSimulationApplications", + "listsimulationjobbatches": "ListSimulationJobBatches", + "listsimulationjobs": "ListSimulationJobs", + "listsupportedavailabilityzones": "ListSupportedAvailabilityZones", + "listtagsforresource": "ListTagsForResource", + "listworldexportjobs": "ListWorldExportJobs", + "listworldgenerationjobs": "ListWorldGenerationJobs", + "listworldtemplates": "ListWorldTemplates", + "listworlds": "ListWorlds", + "registerrobot": "RegisterRobot", + "restartsimulationjob": "RestartSimulationJob", + "startsimulationjobbatch": "StartSimulationJobBatch", + "syncdeploymentjob": "SyncDeploymentJob", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updaterobotapplication": "UpdateRobotApplication", + "updaterobotdeployment": "UpdateRobotDeployment", + "updatesimulationapplication": "UpdateSimulationApplication", + "updateworldtemplate": "UpdateWorldTemplate" + }, + "resources": { + "robotApplication": { + "resource": "robotApplication", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:robot-application/${ApplicationName}/${CreatedOnEpoch}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "simulationApplication": { + "resource": "simulationApplication", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:simulation-application/${ApplicationName}/${CreatedOnEpoch}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "simulationJob": { + "resource": "simulationJob", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:simulation-job/${SimulationJobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "simulationJobBatch": { + "resource": "simulationJobBatch", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:simulation-job-batch/${SimulationJobBatchId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deploymentJob": { + "resource": "deploymentJob", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:deployment-job/${DeploymentJobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "robot": { + "resource": "robot", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:robot/${RobotName}/${CreatedOnEpoch}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "deploymentFleet": { + "resource": "deploymentFleet", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:deployment-fleet/${FleetName}/${CreatedOnEpoch}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "worldGenerationJob": { + "resource": "worldGenerationJob", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world-generation-job/${WorldGenerationJobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "worldExportJob": { + "resource": "worldExportJob", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world-export-job/${WorldExportJobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "worldTemplate": { + "resource": "worldTemplate", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world-template/${WorldTemplateJobId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "world": { + "resource": "world", + "arn": "arn:${Partition}:robomaker:${Region}:${Account}:world/${WorldId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "robotapplication": "robotApplication", + "simulationapplication": "simulationApplication", + "simulationjob": "simulationJob", + "simulationjobbatch": "simulationJobBatch", + "deploymentjob": "deploymentJob", + "robot": "robot", + "deploymentfleet": "deploymentFleet", + "worldgenerationjob": "worldGenerationJob", + "worldexportjob": "worldExportJob", + "worldtemplate": "worldTemplate", + "world": "world" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "savingsplans": { + "service_name": "AWS Savings Plans", + "prefix": "savingsplans", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssavingsplans.html", + "privileges": { + "CreateSavingsPlan": { + "privilege": "CreateSavingsPlan", + "description": "Grants permission to create a savings plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_CreateSavingsPlan.html" + }, + "DeleteQueuedSavingsPlan": { + "privilege": "DeleteQueuedSavingsPlan", + "description": "Grants permission to delete the queued savings plan associated with customers account", + "access_level": "Write", + "resource_types": { + "savingsplan": { + "resource_type": "savingsplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "savingsplan": "savingsplan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DeleteQueuedSavingsPlan.html" + }, + "DescribeSavingsPlanRates": { + "privilege": "DescribeSavingsPlanRates", + "description": "Grants permission to describe the rates associated with customers savings plan", + "access_level": "Read", + "resource_types": { + "savingsplan": { + "resource_type": "savingsplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "savingsplan": "savingsplan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlanRates.html" + }, + "DescribeSavingsPlans": { + "privilege": "DescribeSavingsPlans", + "description": "Grants permission to describe the savings plans associated with customers account", + "access_level": "Read", + "resource_types": { + "savingsplan": { + "resource_type": "savingsplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "savingsplan": "savingsplan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlans.html" + }, + "DescribeSavingsPlansOfferingRates": { + "privilege": "DescribeSavingsPlansOfferingRates", + "description": "Grants permission to describe the rates assciated with savings plans offerings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlansOfferingRates.html" + }, + "DescribeSavingsPlansOfferings": { + "privilege": "DescribeSavingsPlansOfferings", + "description": "Grants permission to describe the savings plans offerings that customer is eligible to purchase", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_DescribeSavingsPlansOfferings.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a savings plan", + "access_level": "List", + "resource_types": { + "savingsplan": { + "resource_type": "savingsplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "savingsplan": "savingsplan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a savings plan", + "access_level": "Tagging", + "resource_types": { + "savingsplan": { + "resource_type": "savingsplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "savingsplan": "savingsplan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a savings plan", + "access_level": "Tagging", + "resource_types": { + "savingsplan": { + "resource_type": "savingsplan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "savingsplan": "savingsplan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/savingsplans/latest/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "createsavingsplan": "CreateSavingsPlan", + "deletequeuedsavingsplan": "DeleteQueuedSavingsPlan", + "describesavingsplanrates": "DescribeSavingsPlanRates", + "describesavingsplans": "DescribeSavingsPlans", + "describesavingsplansofferingrates": "DescribeSavingsPlansOfferingRates", + "describesavingsplansofferings": "DescribeSavingsPlansOfferings", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "savingsplan": { + "resource": "savingsplan", + "arn": "arn:${Partition}:savingsplans::${Account}:savingsplan/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "savingsplan": "savingsplan" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value assoicated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "secretsmanager": { + "service_name": "AWS Secrets Manager", + "prefix": "secretsmanager", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html", + "privileges": { + "CancelRotateSecret": { + "privilege": "CancelRotateSecret", + "description": "Grants permission to cancel an in-progress secret rotation", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CancelRotateSecret.html" + }, + "CreateSecret": { + "privilege": "CreateSecret", + "description": "Grants permission to create a secret that stores encrypted data that can be queried and rotated", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:Name", + "secretsmanager:Description", + "secretsmanager:KmsKeyId", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "secretsmanager:ResourceTag/tag-key", + "secretsmanager:AddReplicaRegions", + "secretsmanager:ForceOverwriteReplicaSecret" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete the resource policy attached to a secret", + "access_level": "Permissions management", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteResourcePolicy.html" + }, + "DeleteSecret": { + "privilege": "DeleteSecret", + "description": "Grants permission to delete a secret", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:RecoveryWindowInDays", + "secretsmanager:ForceDeleteWithoutRecovery", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html" + }, + "DescribeSecret": { + "privilege": "DescribeSecret", + "description": "Grants permission to retrieve the metadata about a secret, but not the encrypted data", + "access_level": "Read", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DescribeSecret.html" + }, + "GetRandomPassword": { + "privilege": "GetRandomPassword", + "description": "Grants permission to generate a random string for use in password creation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetRandomPassword.html" + }, + "GetResourcePolicy": { + "privilege": "GetResourcePolicy", + "description": "Grants permission to get the resource policy attached to a secret", + "access_level": "Read", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetResourcePolicy.html" + }, + "GetSecretValue": { + "privilege": "GetSecretValue", + "description": "Grants permission to retrieve and decrypt the encrypted data", + "access_level": "Read", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:VersionId", + "secretsmanager:VersionStage", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html" + }, + "ListSecretVersionIds": { + "privilege": "ListSecretVersionIds", + "description": "Grants permission to list the available versions of a secret", + "access_level": "Read", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ListSecretVersionIds.html" + }, + "ListSecrets": { + "privilege": "ListSecrets", + "description": "Grants permission to list the available secrets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ListSecrets.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to attach a resource policy to a secret", + "access_level": "Permissions management", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:BlockPublicPolicy", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_PutResourcePolicy.html" + }, + "PutSecretValue": { + "privilege": "PutSecretValue", + "description": "Grants permission to create a new version of the secret with new encrypted data", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_PutSecretValue.html" + }, + "RemoveRegionsFromReplication": { + "privilege": "RemoveRegionsFromReplication", + "description": "Grants permission to remove regions from replication", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RemoveRegionsFromReplication.html" + }, + "ReplicateSecretToRegions": { + "privilege": "ReplicateSecretToRegions", + "description": "Grants permission to convert an existing secret to a multi-Region secret and begin replicating the secret to a list of new regions", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion", + "secretsmanager:AddReplicaRegions", + "secretsmanager:ForceOverwriteReplicaSecret" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ReplicateSecretToRegions.html" + }, + "RestoreSecret": { + "privilege": "RestoreSecret", + "description": "Grants permission to cancel deletion of a secret", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RestoreSecret.html" + }, + "RotateSecret": { + "privilege": "RotateSecret", + "description": "Grants permission to start rotation of a secret", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:RotationLambdaARN", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion", + "secretsmanager:ModifyRotationRules", + "secretsmanager:RotateImmediately" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RotateSecret.html" + }, + "StopReplicationToReplica": { + "privilege": "StopReplicationToReplica", + "description": "Grants permission to remove the secret from replication and promote the secret to a regional secret in the replica Region", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_StopReplicationToReplica.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a secret", + "access_level": "Tagging", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a secret", + "access_level": "Tagging", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "aws:TagKeys", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UntagResource.html" + }, + "UpdateSecret": { + "privilege": "UpdateSecret", + "description": "Grants permission to update a secret with new metadata or with a new version of the encrypted data", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:Description", + "secretsmanager:KmsKeyId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UpdateSecret.html" + }, + "UpdateSecretVersionStage": { + "privilege": "UpdateSecretVersionStage", + "description": "Grants permission to move a stage from one secret to another", + "access_level": "Write", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:VersionStage", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UpdateSecretVersionStage.html" + }, + "ValidateResourcePolicy": { + "privilege": "ValidateResourcePolicy", + "description": "Grants permission to validate a resource policy before attaching policy", + "access_level": "Permissions management", + "resource_types": { + "Secret": { + "resource_type": "Secret", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "secretsmanager:SecretId", + "secretsmanager:resource/AllowRotationLambdaArn", + "secretsmanager:ResourceTag/tag-key", + "aws:ResourceTag/${TagKey}", + "secretsmanager:SecretPrimaryRegion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "secret": "Secret", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ValidateResourcePolicy.html" + } + }, + "privileges_lower_name": { + "cancelrotatesecret": "CancelRotateSecret", + "createsecret": "CreateSecret", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deletesecret": "DeleteSecret", + "describesecret": "DescribeSecret", + "getrandompassword": "GetRandomPassword", + "getresourcepolicy": "GetResourcePolicy", + "getsecretvalue": "GetSecretValue", + "listsecretversionids": "ListSecretVersionIds", + "listsecrets": "ListSecrets", + "putresourcepolicy": "PutResourcePolicy", + "putsecretvalue": "PutSecretValue", + "removeregionsfromreplication": "RemoveRegionsFromReplication", + "replicatesecrettoregions": "ReplicateSecretToRegions", + "restoresecret": "RestoreSecret", + "rotatesecret": "RotateSecret", + "stopreplicationtoreplica": "StopReplicationToReplica", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatesecret": "UpdateSecret", + "updatesecretversionstage": "UpdateSecretVersionStage", + "validateresourcepolicy": "ValidateResourcePolicy" + }, + "resources": { + "Secret": { + "resource": "Secret", + "arn": "arn:${Partition}:secretsmanager:${Region}:${Account}:secret:${SecretId}", + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "secretsmanager:ResourceTag/tag-key", + "secretsmanager:resource/AllowRotationLambdaArn" + ] + } + }, + "resources_lower_name": { + "secret": "Secret" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a key that is present in the request the user makes to the Secrets Manager service", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the list of all the tag key names present in the request the user makes to the Secrets Manager service", + "type": "ArrayOfString" + }, + "secretsmanager:AddReplicaRegions": { + "condition": "secretsmanager:AddReplicaRegions", + "description": "Filters access by the list of Regions in which to replicate the secret", + "type": "ArrayOfString" + }, + "secretsmanager:BlockPublicPolicy": { + "condition": "secretsmanager:BlockPublicPolicy", + "description": "Filters access by whether the resource policy blocks broad AWS account access", + "type": "Bool" + }, + "secretsmanager:Description": { + "condition": "secretsmanager:Description", + "description": "Filters access by the description text in the request", + "type": "String" + }, + "secretsmanager:ForceDeleteWithoutRecovery": { + "condition": "secretsmanager:ForceDeleteWithoutRecovery", + "description": "Filters access by whether the secret is to be deleted immediately without any recovery window", + "type": "Bool" + }, + "secretsmanager:ForceOverwriteReplicaSecret": { + "condition": "secretsmanager:ForceOverwriteReplicaSecret", + "description": "Filters access by whether to overwrite a secret with the same name in the destination Region", + "type": "Bool" + }, + "secretsmanager:KmsKeyId": { + "condition": "secretsmanager:KmsKeyId", + "description": "Filters access by the ARN of the KMS key in the request", + "type": "String" + }, + "secretsmanager:ModifyRotationRules": { + "condition": "secretsmanager:ModifyRotationRules", + "description": "Filters access by whether the rotation rules of the secret are to be modified", + "type": "Bool" + }, + "secretsmanager:Name": { + "condition": "secretsmanager:Name", + "description": "Filters access by the friendly name of the secret in the request", + "type": "String" + }, + "secretsmanager:RecoveryWindowInDays": { + "condition": "secretsmanager:RecoveryWindowInDays", + "description": "Filters access by the number of days that Secrets Manager waits before it can delete the secret", + "type": "Numeric" + }, + "secretsmanager:ResourceTag/tag-key": { + "condition": "secretsmanager:ResourceTag/tag-key", + "description": "Filters access by a tag key and value pair", + "type": "String" + }, + "secretsmanager:RotateImmediately": { + "condition": "secretsmanager:RotateImmediately", + "description": "Filters access by whether the secret is to be rotated immediately", + "type": "Bool" + }, + "secretsmanager:RotationLambdaARN": { + "condition": "secretsmanager:RotationLambdaARN", + "description": "Filters access by the ARN of the rotation Lambda function in the request", + "type": "ARN" + }, + "secretsmanager:SecretId": { + "condition": "secretsmanager:SecretId", + "description": "Filters access by the SecretID value in the request", + "type": "ARN" + }, + "secretsmanager:SecretPrimaryRegion": { + "condition": "secretsmanager:SecretPrimaryRegion", + "description": "Filters access by primary region in which the secret is created", + "type": "String" + }, + "secretsmanager:VersionId": { + "condition": "secretsmanager:VersionId", + "description": "Filters access by the unique identifier of the version of the secret in the request", + "type": "String" + }, + "secretsmanager:VersionStage": { + "condition": "secretsmanager:VersionStage", + "description": "Filters access by the list of version stages in the request", + "type": "String" + }, + "secretsmanager:resource/AllowRotationLambdaArn": { + "condition": "secretsmanager:resource/AllowRotationLambdaArn", + "description": "Filters access by the ARN of the rotation Lambda function associated with the secret", + "type": "ARN" + } + } + }, + "securityhub": { + "service_name": "AWS Security Hub", + "prefix": "securityhub", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html", + "privileges": { + "AcceptAdministratorInvitation": { + "privilege": "AcceptAdministratorInvitation", + "description": "Grants permission to accept Security Hub invitations to become a member account", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AcceptAdministratorInvitation.html" + }, + "AcceptInvitation": { + "privilege": "AcceptInvitation", + "description": "Grants permission to accept Security Hub invitations to become a member account", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AcceptInvitation.html" + }, + "BatchDeleteAutomationRules": { + "privilege": "BatchDeleteAutomationRules", + "description": "Grants permission to delete one or more automation rules in Security Hub", + "access_level": "Write", + "resource_types": { + "automation-rule": { + "resource_type": "automation-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-rule": "automation-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" + }, + "BatchDisableStandards": { + "privilege": "BatchDisableStandards", + "description": "Grants permission to disable standards in Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchDisableStandards.html" + }, + "BatchEnableStandards": { + "privilege": "BatchEnableStandards", + "description": "Grants permission to enable standards in Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchEnableStandards.html" + }, + "BatchGetAutomationRules": { + "privilege": "BatchGetAutomationRules", + "description": "Grants permission to retrieve a list of details for automation rules from Security Hub based on rule Amazon Resource Names (ARNs)", + "access_level": "Read", + "resource_types": { + "automation-rule": { + "resource_type": "automation-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-rule": "automation-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" + }, + "BatchGetControlEvaluations": { + "privilege": "BatchGetControlEvaluations", + "description": "Grants permission to get the enablement and compliance status of controls, the findings count for controls, and the overall security score for controls on the Security Hub console", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/iam-permissions-controls-standards.html" + }, + "BatchGetSecurityControls": { + "privilege": "BatchGetSecurityControls", + "description": "Grants permission to get details about specific security controls identified by ID or ARN", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "securityhub:DescribeStandardsControls" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchGetSecurityControls.html" + }, + "BatchGetStandardsControlAssociations": { + "privilege": "BatchGetStandardsControlAssociations", + "description": "Grants permission to get the enablement status of a batch of security controls in standards", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "securityhub:DescribeStandardsControls" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchGetStandardsControlAssociations.html" + }, + "BatchImportFindings": { + "privilege": "BatchImportFindings", + "description": "Grants permission to import findings into Security Hub from an integrated product", + "access_level": "Write", + "resource_types": { + "product": { + "resource_type": "product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "securityhub:TargetAccount" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "product", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html" + }, + "BatchUpdateAutomationRules": { + "privilege": "BatchUpdateAutomationRules", + "description": "Grants permission to update one or more automation rules from Security Hub based on rule Amazon Resource Names (ARNs) and input parameters", + "access_level": "Write", + "resource_types": { + "automation-rule": { + "resource_type": "automation-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-rule": "automation-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" + }, + "BatchUpdateFindings": { + "privilege": "BatchUpdateFindings", + "description": "Grants permission to update customer-controlled fields for a selected set of Security Hub findings", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "securityhub:ASFFSyntaxPath/${ASFFSyntaxPath}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html" + }, + "BatchUpdateStandardsControlAssociations": { + "privilege": "BatchUpdateStandardsControlAssociations", + "description": "Grants permission to update the enablement status of a batch of security controls in standards", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "securityhub:UpdateStandardsControl" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html" + }, + "CreateActionTarget": { + "privilege": "CreateActionTarget", + "description": "Grants permission to create custom actions in Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_CreateActionTarget.html" + }, + "CreateAutomationRule": { + "privilege": "CreateAutomationRule", + "description": "Grants permission to create an automation rule based on input parameters", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" + }, + "CreateFindingAggregator": { + "privilege": "CreateFindingAggregator", + "description": "Grants permission to create a finding aggregator, which contains the cross-Region finding aggregation configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindingAggregator.html" + }, + "CreateInsight": { + "privilege": "CreateInsight", + "description": "Grants permission to create insights in Security Hub. Insights are collections of related findings", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_CreateInsight.html" + }, + "CreateMembers": { + "privilege": "CreateMembers", + "description": "Grants permission to create member accounts in Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_CreateMembers.html" + }, + "DeclineInvitations": { + "privilege": "DeclineInvitations", + "description": "Grants permission to decline Security Hub invitations to become a member account", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeclineInvitations.html" + }, + "DeleteActionTarget": { + "privilege": "DeleteActionTarget", + "description": "Grants permission to delete custom actions in Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteActionTarget.html" + }, + "DeleteFindingAggregator": { + "privilege": "DeleteFindingAggregator", + "description": "Grants permission to delete a finding aggregator, which disables finding aggregation across Regions", + "access_level": "Write", + "resource_types": { + "finding-aggregator": { + "resource_type": "finding-aggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "finding-aggregator": "finding-aggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteFindingAggregator.html" + }, + "DeleteInsight": { + "privilege": "DeleteInsight", + "description": "Grants permission to delete insights from Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteInsight.html" + }, + "DeleteInvitations": { + "privilege": "DeleteInvitations", + "description": "Grants permission to delete Security Hub invitations to become a member account", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteInvitations.html" + }, + "DeleteMembers": { + "privilege": "DeleteMembers", + "description": "Grants permission to delete Security Hub member accounts", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DeleteMembers.html" + }, + "DescribeActionTargets": { + "privilege": "DescribeActionTargets", + "description": "Grants permission to retrieve a list of custom actions using the API", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeActionTargets.html" + }, + "DescribeHub": { + "privilege": "DescribeHub", + "description": "Grants permission to retrieve information about the hub resource in your account", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeHub.html" + }, + "DescribeOrganizationConfiguration": { + "privilege": "DescribeOrganizationConfiguration", + "description": "Grants permission to describe the organization configuration for Security Hub", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeOrganizationConfiguration.html" + }, + "DescribeProducts": { + "privilege": "DescribeProducts", + "description": "Grants permission to retrieve information about the available Security Hub product integrations", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeProducts.html" + }, + "DescribeStandards": { + "privilege": "DescribeStandards", + "description": "Grants permission to retrieve information about Security Hub standards", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html" + }, + "DescribeStandardsControls": { + "privilege": "DescribeStandardsControls", + "description": "Grants permission to retrieve information about Security Hub standards controls", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandardsControls.html" + }, + "DisableImportFindingsForProduct": { + "privilege": "DisableImportFindingsForProduct", + "description": "Grants permission to disable the findings importing for a Security Hub integrated product", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisableImportFindingsForProduct.html" + }, + "DisableOrganizationAdminAccount": { + "privilege": "DisableOrganizationAdminAccount", + "description": "Grants permission to remove the Security Hub administrator account for your organization", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization" + ] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisableOrganizationAdminAccount.html" + }, + "DisableSecurityHub": { + "privilege": "DisableSecurityHub", + "description": "Grants permission to disable Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisableSecurityHub.html" + }, + "DisassociateFromAdministratorAccount": { + "privilege": "DisassociateFromAdministratorAccount", + "description": "Grants permission to a Security Hub member account to disassociate from the associated administrator account", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisassociateFromAdministratorAccount.html" + }, + "DisassociateFromMasterAccount": { + "privilege": "DisassociateFromMasterAccount", + "description": "Grants permission to a Security Hub member account to disassociate from the associated master account", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisassociateFromMasterAccount.html" + }, + "DisassociateMembers": { + "privilege": "DisassociateMembers", + "description": "Grants permission to disassociate Security Hub member accounts from the associated administrator account", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DisassociateMembers.html" + }, + "EnableImportFindingsForProduct": { + "privilege": "EnableImportFindingsForProduct", + "description": "Grants permission to enable the findings importing for a Security Hub integrated product", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableImportFindingsForProduct.html" + }, + "EnableOrganizationAdminAccount": { + "privilege": "EnableOrganizationAdminAccount", + "description": "Grants permission to designate a Security Hub administrator account for your organization", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization", + "organizations:EnableAWSServiceAccess", + "organizations:RegisterDelegatedAdministrator" + ] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableOrganizationAdminAccount.html" + }, + "EnableSecurityHub": { + "privilege": "EnableSecurityHub", + "description": "Grants permission to enable Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableSecurityHub.html" + }, + "GetAdhocInsightResults": { + "privilege": "GetAdhocInsightResults", + "description": "Grants permission to retrieve insight results by providing a set of filters instead of an insight ARN", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetAdhocInsightResults.html" + }, + "GetAdministratorAccount": { + "privilege": "GetAdministratorAccount", + "description": "Grants permission to retrieve details about the Security Hub administrator account", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetAdministratorAccount.html" + }, + "GetControlFindingSummary": { + "privilege": "GetControlFindingSummary", + "description": "Grants permission to retrieve a security score and counts of finding and control statuses for a security standard", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetControlFindingSummary.html" + }, + "GetEnabledStandards": { + "privilege": "GetEnabledStandards", + "description": "Grants permission to retrieve a list of the standards that are enabled in Security Hub", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetEnabledStandards.html" + }, + "GetFindingAggregator": { + "privilege": "GetFindingAggregator", + "description": "Grants permission to retrieve details for a finding aggregator, which configures finding aggregation across Regions", + "access_level": "Read", + "resource_types": { + "finding-aggregator": { + "resource_type": "finding-aggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "finding-aggregator": "finding-aggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingAggregator.html" + }, + "GetFindingHistory": { + "privilege": "GetFindingHistory", + "description": "Grants permission to retrieve a list of finding history from Security Hub", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingHistory.html" + }, + "GetFindings": { + "privilege": "GetFindings", + "description": "Grants permission to retrieve a list of findings from Security Hub", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindings.html" + }, + "GetFreeTrialEndDate": { + "privilege": "GetFreeTrialEndDate", + "description": "Grants permission to retrieve the end date for an account's free trial of Security Hub", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFreeTrialEndDate.html" + }, + "GetFreeTrialUsage": { + "privilege": "GetFreeTrialUsage", + "description": "Grants permission to retrieve information about Security Hub usage during the free trial period", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFreeTrialUsage.html" + }, + "GetInsightFindingTrend": { + "privilege": "GetInsightFindingTrend", + "description": "Grants permission to retrieve an insight finding trend from Security Hub in order to generate a graph", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsightFindingTrend.html" + }, + "GetInsightResults": { + "privilege": "GetInsightResults", + "description": "Grants permission to retrieve insight results from Security Hub", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsightResults.html" + }, + "GetInsights": { + "privilege": "GetInsights", + "description": "Grants permission to retrieve Security Hub insights", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsights.html" + }, + "GetInvitationsCount": { + "privilege": "GetInvitationsCount", + "description": "Grants permission to retrieve the count of Security Hub membership invitations sent to the account", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInvitationsCount.html" + }, + "GetMasterAccount": { + "privilege": "GetMasterAccount", + "description": "Grants permission to retrieve details about the Security Hub master account", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetMasterAccount.html" + }, + "GetMembers": { + "privilege": "GetMembers", + "description": "Grants permission to retrieve the details of Security Hub member accounts", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetMembers.html" + }, + "GetUsage": { + "privilege": "GetUsage", + "description": "Grants permission to retrieve information about Security Hub usage by accounts", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetUsage.html" + }, + "InviteMembers": { + "privilege": "InviteMembers", + "description": "Grants permission to invite other AWS accounts to become Security Hub member accounts", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_InviteMembers.html" + }, + "ListAutomationRules": { + "privilege": "ListAutomationRules", + "description": "Grants permission to retrieve a list of automation rules and their metadata for the calling account from Security Hub", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules" + }, + "ListControlEvaluationSummaries": { + "privilege": "ListControlEvaluationSummaries", + "description": "Grants permission to retrieve a list of controls for a standard, including the control IDs, statuses and finding counts", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListControlEvaluationSummaries.html" + }, + "ListEnabledProductsForImport": { + "privilege": "ListEnabledProductsForImport", + "description": "Grants permission to retrieve the Security Hub integrated products that are currently enabled", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListEnabledProductsForImport.html" + }, + "ListFindingAggregators": { + "privilege": "ListFindingAggregators", + "description": "Grants permission to retrieve a list of finding aggregators, which contain the cross-Region finding aggregation configuration", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindingAggregator.html" + }, + "ListInvitations": { + "privilege": "ListInvitations", + "description": "Grants permission to retrieve the Security Hub invitations sent to the account", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListInvitations.html" + }, + "ListMembers": { + "privilege": "ListMembers", + "description": "Grants permission to retrieve details about Security Hub member accounts associated with the administrator account", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListMembers.html" + }, + "ListOrganizationAdminAccounts": { + "privilege": "ListOrganizationAdminAccounts", + "description": "Grants permission to list the Security Hub administrator accounts for your organization", + "access_level": "List", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "organizations:DescribeOrganization" + ] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListOrganizationAdminAccounts.html" + }, + "ListSecurityControlDefinitions": { + "privilege": "ListSecurityControlDefinitions", + "description": "Grants permission to retrieve a list of security control definitions, which contain details for security controls in the current region", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListSecurityControlDefinitions.html" + }, + "ListStandardsControlAssociations": { + "privilege": "ListStandardsControlAssociations", + "description": "Grants permission to list the enablement status of a security control in standards", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "securityhub:DescribeStandardsControls" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListStandardsControlAssociations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list of tags associated with a resource", + "access_level": "Read", + "resource_types": { + "automation-rule": { + "resource_type": "automation-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-rule": "automation-rule", + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListTagsForResource.html" + }, + "SendFindingEvents": { + "privilege": "SendFindingEvents", + "description": "Grants permission to use a custom action to send Security Hub findings to Amazon EventBridge", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_SendFindingEvents.html" + }, + "SendInsightEvents": { + "privilege": "SendInsightEvents", + "description": "Grants permission to use a custom action to send Security Hub insights to Amazon EventBridge", + "access_level": "Read", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_SendInsightEvents.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a Security Hub resource", + "access_level": "Tagging", + "resource_types": { + "automation-rule": { + "resource_type": "automation-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-rule": "automation-rule", + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a Security Hub resource", + "access_level": "Tagging", + "resource_types": { + "automation-rule": { + "resource_type": "automation-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-rule": "automation-rule", + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UntagResource.html" + }, + "UpdateActionTarget": { + "privilege": "UpdateActionTarget", + "description": "Grants permission to update custom actions in Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateActionTarget.html" + }, + "UpdateFindingAggregator": { + "privilege": "UpdateFindingAggregator", + "description": "Grants permission to update a finding aggregator, which contains the cross-Region finding aggregation configuration", + "access_level": "Write", + "resource_types": { + "finding-aggregator": { + "resource_type": "finding-aggregator", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "finding-aggregator": "finding-aggregator" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindingAggregator.html" + }, + "UpdateFindings": { + "privilege": "UpdateFindings", + "description": "Grants permission to update Security Hub findings", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateFindings.html" + }, + "UpdateInsight": { + "privilege": "UpdateInsight", + "description": "Grants permission to update insights in Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateInsight.html" + }, + "UpdateOrganizationConfiguration": { + "privilege": "UpdateOrganizationConfiguration", + "description": "Grants permission to update the organization configuration for Security Hub", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateOrganizationConfiguration.html" + }, + "UpdateSecurityHubConfiguration": { + "privilege": "UpdateSecurityHubConfiguration", + "description": "Grants permission to update Security Hub configuration", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html" + }, + "UpdateStandardsControl": { + "privilege": "UpdateStandardsControl", + "description": "Grants permission to update Security Hub standards controls", + "access_level": "Write", + "resource_types": { + "hub": { + "resource_type": "hub", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "hub": "hub" + }, + "api_documentation_link": "https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateStandardsControl.html" + } + }, + "privileges_lower_name": { + "acceptadministratorinvitation": "AcceptAdministratorInvitation", + "acceptinvitation": "AcceptInvitation", + "batchdeleteautomationrules": "BatchDeleteAutomationRules", + "batchdisablestandards": "BatchDisableStandards", + "batchenablestandards": "BatchEnableStandards", + "batchgetautomationrules": "BatchGetAutomationRules", + "batchgetcontrolevaluations": "BatchGetControlEvaluations", + "batchgetsecuritycontrols": "BatchGetSecurityControls", + "batchgetstandardscontrolassociations": "BatchGetStandardsControlAssociations", + "batchimportfindings": "BatchImportFindings", + "batchupdateautomationrules": "BatchUpdateAutomationRules", + "batchupdatefindings": "BatchUpdateFindings", + "batchupdatestandardscontrolassociations": "BatchUpdateStandardsControlAssociations", + "createactiontarget": "CreateActionTarget", + "createautomationrule": "CreateAutomationRule", + "createfindingaggregator": "CreateFindingAggregator", + "createinsight": "CreateInsight", + "createmembers": "CreateMembers", + "declineinvitations": "DeclineInvitations", + "deleteactiontarget": "DeleteActionTarget", + "deletefindingaggregator": "DeleteFindingAggregator", + "deleteinsight": "DeleteInsight", + "deleteinvitations": "DeleteInvitations", + "deletemembers": "DeleteMembers", + "describeactiontargets": "DescribeActionTargets", + "describehub": "DescribeHub", + "describeorganizationconfiguration": "DescribeOrganizationConfiguration", + "describeproducts": "DescribeProducts", + "describestandards": "DescribeStandards", + "describestandardscontrols": "DescribeStandardsControls", + "disableimportfindingsforproduct": "DisableImportFindingsForProduct", + "disableorganizationadminaccount": "DisableOrganizationAdminAccount", + "disablesecurityhub": "DisableSecurityHub", + "disassociatefromadministratoraccount": "DisassociateFromAdministratorAccount", + "disassociatefrommasteraccount": "DisassociateFromMasterAccount", + "disassociatemembers": "DisassociateMembers", + "enableimportfindingsforproduct": "EnableImportFindingsForProduct", + "enableorganizationadminaccount": "EnableOrganizationAdminAccount", + "enablesecurityhub": "EnableSecurityHub", + "getadhocinsightresults": "GetAdhocInsightResults", + "getadministratoraccount": "GetAdministratorAccount", + "getcontrolfindingsummary": "GetControlFindingSummary", + "getenabledstandards": "GetEnabledStandards", + "getfindingaggregator": "GetFindingAggregator", + "getfindinghistory": "GetFindingHistory", + "getfindings": "GetFindings", + "getfreetrialenddate": "GetFreeTrialEndDate", + "getfreetrialusage": "GetFreeTrialUsage", + "getinsightfindingtrend": "GetInsightFindingTrend", + "getinsightresults": "GetInsightResults", + "getinsights": "GetInsights", + "getinvitationscount": "GetInvitationsCount", + "getmasteraccount": "GetMasterAccount", + "getmembers": "GetMembers", + "getusage": "GetUsage", + "invitemembers": "InviteMembers", + "listautomationrules": "ListAutomationRules", + "listcontrolevaluationsummaries": "ListControlEvaluationSummaries", + "listenabledproductsforimport": "ListEnabledProductsForImport", + "listfindingaggregators": "ListFindingAggregators", + "listinvitations": "ListInvitations", + "listmembers": "ListMembers", + "listorganizationadminaccounts": "ListOrganizationAdminAccounts", + "listsecuritycontroldefinitions": "ListSecurityControlDefinitions", + "liststandardscontrolassociations": "ListStandardsControlAssociations", + "listtagsforresource": "ListTagsForResource", + "sendfindingevents": "SendFindingEvents", + "sendinsightevents": "SendInsightEvents", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateactiontarget": "UpdateActionTarget", + "updatefindingaggregator": "UpdateFindingAggregator", + "updatefindings": "UpdateFindings", + "updateinsight": "UpdateInsight", + "updateorganizationconfiguration": "UpdateOrganizationConfiguration", + "updatesecurityhubconfiguration": "UpdateSecurityHubConfiguration", + "updatestandardscontrol": "UpdateStandardsControl" + }, + "resources": { + "hub": { + "resource": "hub", + "arn": "arn:${Partition}:securityhub:${Region}:${Account}:hub/default", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "product": { + "resource": "product", + "arn": "arn:${Partition}:securityhub:${Region}:${Account}:product/${Company}/${ProductId}", + "condition_keys": [] + }, + "finding-aggregator": { + "resource": "finding-aggregator", + "arn": "arn:${Partition}:securityhub:${Region}:${Account}:finding-aggregator/${FindingAggregatorId}", + "condition_keys": [] + }, + "automation-rule": { + "resource": "automation-rule", + "arn": "arn:${Partition}:securityhub:${Region}:${Account}:automation-rule/${AutomationRuleId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "hub": "hub", + "product": "product", + "finding-aggregator": "finding-aggregator", + "automation-rule": "automation-rule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "securityhub:ASFFSyntaxPath/${ASFFSyntaxPath}": { + "condition": "securityhub:ASFFSyntaxPath/${ASFFSyntaxPath}", + "description": "Filters access by the specified fields and values in the request", + "type": "String" + }, + "securityhub:TargetAccount": { + "condition": "securityhub:TargetAccount", + "description": "Filters access by the AwsAccountId field that is specified in the request", + "type": "String" + } + } + }, + "sts": { + "service_name": "AWS Security Token Service", + "prefix": "sts", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html", + "privileges": { + "AssumeRole": { + "privilege": "AssumeRole", + "description": "Grants permission to obtain a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to", + "access_level": "Write", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "sts:TransitiveTagKeys", + "sts:ExternalId", + "sts:RoleSessionName", + "iam:ResourceTag/${TagKey}", + "sts:SourceIdentity" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html" + }, + "AssumeRoleWithSAML": { + "privilege": "AssumeRoleWithSAML", + "description": "Grants permission to obtain a set of temporary security credentials for users who have been authenticated via a SAML authentication response", + "access_level": "Write", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "saml:namequalifier", + "saml:sub", + "saml:sub_type", + "saml:aud", + "saml:iss", + "saml:doc", + "saml:cn", + "saml:commonName", + "saml:eduorghomepageuri", + "saml:eduorgidentityauthnpolicyuri", + "saml:eduorglegalname", + "saml:eduorgsuperioruri", + "saml:eduorgwhitepagesuri", + "saml:edupersonaffiliation", + "saml:edupersonassurance", + "saml:edupersonentitlement", + "saml:edupersonnickname", + "saml:edupersonorgdn", + "saml:edupersonorgunitdn", + "saml:edupersonprimaryaffiliation", + "saml:edupersonprimaryorgunitdn", + "saml:edupersonprincipalname", + "saml:edupersonscopedaffiliation", + "saml:edupersontargetedid", + "saml:givenName", + "saml:mail", + "saml:name", + "saml:organizationStatus", + "saml:primaryGroupSID", + "saml:surname", + "saml:uid", + "saml:x500UniqueIdentifier", + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "sts:TransitiveTagKeys", + "sts:SourceIdentity", + "sts:RoleSessionName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html" + }, + "AssumeRoleWithWebIdentity": { + "privilege": "AssumeRoleWithWebIdentity", + "description": "Grants permission to obtain a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider", + "access_level": "Write", + "resource_types": { + "role": { + "resource_type": "role", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "cognito-identity.amazonaws.com:amr", + "cognito-identity.amazonaws.com:aud", + "cognito-identity.amazonaws.com:sub", + "www.amazon.com:app_id", + "www.amazon.com:user_id", + "graph.facebook.com:app_id", + "graph.facebook.com:id", + "accounts.google.com:aud", + "accounts.google.com:oaud", + "accounts.google.com:sub", + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "sts:TransitiveTagKeys", + "sts:SourceIdentity", + "sts:RoleSessionName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html" + }, + "DecodeAuthorizationMessage": { + "privilege": "DecodeAuthorizationMessage", + "description": "Grants permission to decode additional information about the authorization status of a request from an encoded message returned in response to an AWS request", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_DecodeAuthorizationMessage.html" + }, + "GetAccessKeyInfo": { + "privilege": "GetAccessKeyInfo", + "description": "Grants permission to obtain details about the access key id passed as a parameter to the request", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetAccessKeyInfo.html" + }, + "GetCallerIdentity": { + "privilege": "GetCallerIdentity", + "description": "Grants permission to obtain details about the IAM identity whose credentials are used to call the API", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html" + }, + "GetFederationToken": { + "privilege": "GetFederationToken", + "description": "Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetFederationToken.html" + }, + "GetServiceBearerToken": { + "privilege": "GetServiceBearerToken", + "description": "Grants permission to obtain a STS bearer token for an AWS root user, IAM role, or an IAM user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sts:AWSServiceName" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_bearer.html" + }, + "GetSessionToken": { + "privilege": "GetSessionToken", + "description": "Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for an AWS account or IAM user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html" + }, + "SetSourceIdentity": { + "privilege": "SetSourceIdentity", + "description": "Grants permission to set a source identity on a STS session", + "access_level": "Write", + "resource_types": { + "role": { + "resource_type": "role", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "sts:SourceIdentity" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html#id_credentials_temp_control-access_monitor-perms" + }, + "TagSession": { + "privilege": "TagSession", + "description": "Grants permission to add tags to a STS session", + "access_level": "Tagging", + "resource_types": { + "role": { + "resource_type": "role", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "sts:TransitiveTagKeys", + "saml:aud" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "role": "role", + "user": "user", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html" + } + }, + "privileges_lower_name": { + "assumerole": "AssumeRole", + "assumerolewithsaml": "AssumeRoleWithSAML", + "assumerolewithwebidentity": "AssumeRoleWithWebIdentity", + "decodeauthorizationmessage": "DecodeAuthorizationMessage", + "getaccesskeyinfo": "GetAccessKeyInfo", + "getcalleridentity": "GetCallerIdentity", + "getfederationtoken": "GetFederationToken", + "getservicebearertoken": "GetServiceBearerToken", + "getsessiontoken": "GetSessionToken", + "setsourceidentity": "SetSourceIdentity", + "tagsession": "TagSession" + }, + "resources": { + "role": { + "resource": "role", + "arn": "arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "user": { + "resource": "user", + "arn": "arn:${Partition}:iam::${Account}:user/${UserNameWithPath}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "role": "role", + "user": "user" + }, + "conditions": { + "accounts.google.com:aud": { + "condition": "accounts.google.com:aud", + "description": "Filters access by the Google application ID", + "type": "String" + }, + "accounts.google.com:oaud": { + "condition": "accounts.google.com:oaud", + "description": "Filters access by the Google audience", + "type": "String" + }, + "accounts.google.com:sub": { + "condition": "accounts.google.com:sub", + "description": "Filters access by the subject of the claim (the Google user ID)", + "type": "String" + }, + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "cognito-identity.amazonaws.com:amr": { + "condition": "cognito-identity.amazonaws.com:amr", + "description": "Filters access by the login information for Amazon Cognito", + "type": "String" + }, + "cognito-identity.amazonaws.com:aud": { + "condition": "cognito-identity.amazonaws.com:aud", + "description": "Filters access by the Amazon Cognito identity pool ID", + "type": "String" + }, + "cognito-identity.amazonaws.com:sub": { + "condition": "cognito-identity.amazonaws.com:sub", + "description": "Filters access by the subject of the claim (the Amazon Cognito user ID)", + "type": "String" + }, + "graph.facebook.com:app_id": { + "condition": "graph.facebook.com:app_id", + "description": "Filters access by the Facebook application ID", + "type": "String" + }, + "graph.facebook.com:id": { + "condition": "graph.facebook.com:id", + "description": "Filters access by the Facebook user ID", + "type": "String" + }, + "iam:ResourceTag/${TagKey}": { + "condition": "iam:ResourceTag/${TagKey}", + "description": "Filters access by the tags that are attached to the role that is being assumed", + "type": "String" + }, + "saml:aud": { + "condition": "saml:aud", + "description": "Filters access by the endpoint URL to which SAML assertions are presented", + "type": "String" + }, + "saml:cn": { + "condition": "saml:cn", + "description": "Filters access by the eduOrg attribute", + "type": "ArrayOfString" + }, + "saml:commonName": { + "condition": "saml:commonName", + "description": "Filters access by the commonName attribute", + "type": "String" + }, + "saml:doc": { + "condition": "saml:doc", + "description": "Filters access by on the principal that was used to assume the role", + "type": "String" + }, + "saml:eduorghomepageuri": { + "condition": "saml:eduorghomepageuri", + "description": "Filters access by the eduOrg attribute", + "type": "ArrayOfString" + }, + "saml:eduorgidentityauthnpolicyuri": { + "condition": "saml:eduorgidentityauthnpolicyuri", + "description": "Filters access by the eduOrg attribute", + "type": "ArrayOfString" + }, + "saml:eduorglegalname": { + "condition": "saml:eduorglegalname", + "description": "Filters access by the eduOrg attribute", + "type": "ArrayOfString" + }, + "saml:eduorgsuperioruri": { + "condition": "saml:eduorgsuperioruri", + "description": "Filters access by the eduOrg attribute", + "type": "ArrayOfString" + }, + "saml:eduorgwhitepagesuri": { + "condition": "saml:eduorgwhitepagesuri", + "description": "Filters access by the eduOrg attribute", + "type": "ArrayOfString" + }, + "saml:edupersonaffiliation": { + "condition": "saml:edupersonaffiliation", + "description": "Filters access by the eduPerson attribute", + "type": "ArrayOfString" + }, + "saml:edupersonassurance": { + "condition": "saml:edupersonassurance", + "description": "Filters access by the eduPerson attribute", + "type": "ArrayOfString" + }, + "saml:edupersonentitlement": { + "condition": "saml:edupersonentitlement", + "description": "Filters access by the eduPerson attribute", + "type": "ArrayOfString" + }, + "saml:edupersonnickname": { + "condition": "saml:edupersonnickname", + "description": "Filters access by the eduPerson attribute", + "type": "ArrayOfString" + }, + "saml:edupersonorgdn": { + "condition": "saml:edupersonorgdn", + "description": "Filters access by the eduPerson attribute", + "type": "String" + }, + "saml:edupersonorgunitdn": { + "condition": "saml:edupersonorgunitdn", + "description": "Filters access by the eduPerson attribute", + "type": "ArrayOfString" + }, + "saml:edupersonprimaryaffiliation": { + "condition": "saml:edupersonprimaryaffiliation", + "description": "Filters access by the eduPerson attribute", + "type": "String" + }, + "saml:edupersonprimaryorgunitdn": { + "condition": "saml:edupersonprimaryorgunitdn", + "description": "Filters access by the eduPerson attribute", + "type": "String" + }, + "saml:edupersonprincipalname": { + "condition": "saml:edupersonprincipalname", + "description": "Filters access by the eduPerson attribute", + "type": "String" + }, + "saml:edupersonscopedaffiliation": { + "condition": "saml:edupersonscopedaffiliation", + "description": "Filters access by the eduPerson attribute", + "type": "ArrayOfString" + }, + "saml:edupersontargetedid": { + "condition": "saml:edupersontargetedid", + "description": "Filters access by the eduPerson attribute", + "type": "ArrayOfString" + }, + "saml:givenName": { + "condition": "saml:givenName", + "description": "Filters access by the givenName attribute", + "type": "String" + }, + "saml:iss": { + "condition": "saml:iss", + "description": "Filters access by on the issuer, which is represented by a URN", + "type": "String" + }, + "saml:mail": { + "condition": "saml:mail", + "description": "Filters access by the mail attribute", + "type": "String" + }, + "saml:name": { + "condition": "saml:name", + "description": "Filters access by the name attribute", + "type": "String" + }, + "saml:namequalifier": { + "condition": "saml:namequalifier", + "description": "Filters access by the hash value of the issuer, account ID, and friendly name", + "type": "String" + }, + "saml:organizationStatus": { + "condition": "saml:organizationStatus", + "description": "Filters access by the organizationStatus attribute", + "type": "String" + }, + "saml:primaryGroupSID": { + "condition": "saml:primaryGroupSID", + "description": "Filters access by the primaryGroupSID attribute", + "type": "String" + }, + "saml:sub": { + "condition": "saml:sub", + "description": "Filters access by the subject of the claim (the SAML user ID)", + "type": "String" + }, + "saml:sub_type": { + "condition": "saml:sub_type", + "description": "Filters access by the value persistent, transient, or the full Format URI", + "type": "String" + }, + "saml:surname": { + "condition": "saml:surname", + "description": "Filters access by the surname attribute", + "type": "String" + }, + "saml:uid": { + "condition": "saml:uid", + "description": "Filters access by the uid attribute", + "type": "String" + }, + "saml:x500UniqueIdentifier": { + "condition": "saml:x500UniqueIdentifier", + "description": "Filters access by the uid attribute", + "type": "String" + }, + "sts:AWSServiceName": { + "condition": "sts:AWSServiceName", + "description": "Filters access by the service that is obtaining a bearer token", + "type": "String" + }, + "sts:ExternalId": { + "condition": "sts:ExternalId", + "description": "Filters access by the unique identifier required when you assume a role in another account", + "type": "String" + }, + "sts:RoleSessionName": { + "condition": "sts:RoleSessionName", + "description": "Filters access by the role session name required when you assume a role", + "type": "String" + }, + "sts:SourceIdentity": { + "condition": "sts:SourceIdentity", + "description": "Filters access by the source identity that is passed in the request", + "type": "String" + }, + "sts:TransitiveTagKeys": { + "condition": "sts:TransitiveTagKeys", + "description": "Filters access by the transitive tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "www.amazon.com:app_id": { + "condition": "www.amazon.com:app_id", + "description": "Filters access by the Login with Amazon application ID", + "type": "String" + }, + "www.amazon.com:user_id": { + "condition": "www.amazon.com:user_id", + "description": "Filters access by the Login with Amazon user ID", + "type": "String" + } + } + }, + "serverlessrepo": { + "service_name": "AWS Serverless Application Repository", + "prefix": "serverlessrepo", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsserverlessapplicationrepository.html", + "privileges": { + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application, optionally including an AWS SAM file to create the first application version in the same call", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications.html" + }, + "CreateApplicationVersion": { + "privilege": "CreateApplicationVersion", + "description": "Grants permission to create an application version", + "access_level": "Write", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-versions-semanticversion.html" + }, + "CreateCloudFormationChangeSet": { + "privilege": "CreateCloudFormationChangeSet", + "description": "Grants permission to create an AWS CloudFormation ChangeSet for the given application", + "access_level": "Write", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "serverlessrepo:applicationType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-changesets.html" + }, + "CreateCloudFormationTemplate": { + "privilege": "CreateCloudFormationTemplate", + "description": "Grants permission to create an AWS CloudFormation template", + "access_level": "Write", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "serverlessrepo:applicationType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-templates.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete the specified application", + "access_level": "Write", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to get the specified application", + "access_level": "Read", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "serverlessrepo:applicationType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" + }, + "GetApplicationPolicy": { + "privilege": "GetApplicationPolicy", + "description": "Grants permission to get the policy for the specified application", + "access_level": "Read", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-policy.html" + }, + "GetCloudFormationTemplate": { + "privilege": "GetCloudFormationTemplate", + "description": "Grants permission to get the specified AWS CloudFormation template", + "access_level": "Read", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-templates-templateid.html" + }, + "ListApplicationDependencies": { + "privilege": "ListApplicationDependencies", + "description": "Grants permission to retrieve the list of applications nested in the containing application", + "access_level": "List", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "serverlessrepo:applicationType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-dependencies.html" + }, + "ListApplicationVersions": { + "privilege": "ListApplicationVersions", + "description": "Grants permission to list versions for the specified application owned by the requester", + "access_level": "List", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "serverlessrepo:applicationType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-versions.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list applications owned by the requester", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications.html" + }, + "PutApplicationPolicy": { + "privilege": "PutApplicationPolicy", + "description": "Grants permission to put the policy for the specified application", + "access_level": "Write", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid-policy.html" + }, + "SearchApplications": { + "privilege": "SearchApplications", + "description": "Grants permission to get all applications authorized for this user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "serverlessrepo:applicationType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" + }, + "UnshareApplication": { + "privilege": "UnshareApplication", + "description": "Grants permission to unshare the specified application", + "access_level": "Write", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update meta-data of the application", + "access_level": "Write", + "resource_types": { + "applications": { + "resource_type": "applications", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "applications": "applications" + }, + "api_documentation_link": "https://docs.aws.amazon.com/serverlessrepo/latest/devguide/applications-applicationid.html" + } + }, + "privileges_lower_name": { + "createapplication": "CreateApplication", + "createapplicationversion": "CreateApplicationVersion", + "createcloudformationchangeset": "CreateCloudFormationChangeSet", + "createcloudformationtemplate": "CreateCloudFormationTemplate", + "deleteapplication": "DeleteApplication", + "getapplication": "GetApplication", + "getapplicationpolicy": "GetApplicationPolicy", + "getcloudformationtemplate": "GetCloudFormationTemplate", + "listapplicationdependencies": "ListApplicationDependencies", + "listapplicationversions": "ListApplicationVersions", + "listapplications": "ListApplications", + "putapplicationpolicy": "PutApplicationPolicy", + "searchapplications": "SearchApplications", + "unshareapplication": "UnshareApplication", + "updateapplication": "UpdateApplication" + }, + "resources": { + "applications": { + "resource": "applications", + "arn": "arn:${Partition}:serverlessrepo:${Region}:${Account}:applications/${ResourceId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "applications": "applications" + }, + "conditions": { + "serverlessrepo:applicationType": { + "condition": "serverlessrepo:applicationType", + "description": "Filters access by application type", + "type": "String" + } + } + }, + "sms": { + "service_name": "AWS Server Migration Service", + "prefix": "sms", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsservermigrationservice.html", + "privileges": { + "CreateApp": { + "privilege": "CreateApp", + "description": "Grants permission to create an application configuration to migrate on-premise application onto AWS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_CreateApp.html" + }, + "CreateReplicationJob": { + "privilege": "CreateReplicationJob", + "description": "Grants permission to create a job to migrate on-premise server onto AWS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_CreateReplicationJob.html" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Grants permission to delete an existing application configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteApp.html" + }, + "DeleteAppLaunchConfiguration": { + "privilege": "DeleteAppLaunchConfiguration", + "description": "Grants permission to delete launch configuration for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteAppLaunchConfiguration.html" + }, + "DeleteAppReplicationConfiguration": { + "privilege": "DeleteAppReplicationConfiguration", + "description": "Grants permission to delete replication configuration for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteAppReplicationConfiguration.html" + }, + "DeleteAppValidationConfiguration": { + "privilege": "DeleteAppValidationConfiguration", + "description": "Grants permission to delete validation configuration for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteAppValidationConfiguration.html" + }, + "DeleteReplicationJob": { + "privilege": "DeleteReplicationJob", + "description": "Grants permission to delete an existing job to migrate on-premise server onto AWS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteReplicationJob.html" + }, + "DeleteServerCatalog": { + "privilege": "DeleteServerCatalog", + "description": "Grants permission to delete the complete list of on-premise servers gathered into AWS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DeleteServerCatalog.html" + }, + "DisassociateConnector": { + "privilege": "DisassociateConnector", + "description": "Grants permission to disassociate a connector that has been associated", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_DisassociateConnector.html" + }, + "GenerateChangeSet": { + "privilege": "GenerateChangeSet", + "description": "Grants permission to generate a changeSet for the CloudFormation stack of an application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GenerateChangeSet.html" + }, + "GenerateTemplate": { + "privilege": "GenerateTemplate", + "description": "Grants permission to generate a CloudFormation template for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GenerateTemplate.html" + }, + "GetApp": { + "privilege": "GetApp", + "description": "Grants permission to get the configuration and statuses for an existing application", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetApp.html" + }, + "GetAppLaunchConfiguration": { + "privilege": "GetAppLaunchConfiguration", + "description": "Grants permission to get launch configuration for an existing application", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppLaunchConfiguration.html" + }, + "GetAppReplicationConfiguration": { + "privilege": "GetAppReplicationConfiguration", + "description": "Grants permission to get replication configuration for an existing application", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppReplicationConfiguration.html" + }, + "GetAppValidationConfiguration": { + "privilege": "GetAppValidationConfiguration", + "description": "Grants permission to get validation configuration for an existing application", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppValidationConfiguration.html" + }, + "GetAppValidationOutput": { + "privilege": "GetAppValidationOutput", + "description": "Grants permission to get notification sent from application validation script.", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetAppValidationOutput.html" + }, + "GetConnectors": { + "privilege": "GetConnectors", + "description": "Grants permission to get all connectors that have been associated", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetConnectors.html" + }, + "GetMessages": { + "privilege": "GetMessages", + "description": "Grants permission to gets messages from AWS Server Migration Service to Server Migration Connector", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "GetReplicationJobs": { + "privilege": "GetReplicationJobs", + "description": "Grants permission to get all existing jobs to migrate on-premise servers onto AWS", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetReplicationJobs.html" + }, + "GetReplicationRuns": { + "privilege": "GetReplicationRuns", + "description": "Grants permission to get all runs for an existing job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetReplicationRuns.html" + }, + "GetServers": { + "privilege": "GetServers", + "description": "Grants permission to get all servers that have been imported", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_GetServers.html" + }, + "ImportAppCatalog": { + "privilege": "ImportAppCatalog", + "description": "Grants permission to import application catalog from AWS Application Discovery Service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_ImportAppCatalog.html" + }, + "ImportServerCatalog": { + "privilege": "ImportServerCatalog", + "description": "Grants permission to gather a complete list of on-premise servers", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_ImportServerCatalog.html" + }, + "LaunchApp": { + "privilege": "LaunchApp", + "description": "Grants permission to create and launch a CloudFormation stack for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_LaunchApp.html" + }, + "ListApps": { + "privilege": "ListApps", + "description": "Grants permission to get a list of summaries for existing applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_ListAppss.html" + }, + "NotifyAppValidationOutput": { + "privilege": "NotifyAppValidationOutput", + "description": "Grants permission to send notification for application validation script", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_NotifyAppValidationOutput.html" + }, + "PutAppLaunchConfiguration": { + "privilege": "PutAppLaunchConfiguration", + "description": "Grants permission to create or update launch configuration for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_PutAppLaunchConfiguration.html" + }, + "PutAppReplicationConfiguration": { + "privilege": "PutAppReplicationConfiguration", + "description": "Grants permission to create or update replication configuration for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_PutAppReplicationConfiguration.html" + }, + "PutAppValidationConfiguration": { + "privilege": "PutAppValidationConfiguration", + "description": "Grants permission to put validation configuration for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_PutAppValidationConfiguration.html" + }, + "SendMessage": { + "privilege": "SendMessage", + "description": "Grants permission to send message from Server Migration Connector to AWS Server Migration Service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "StartAppReplication": { + "privilege": "StartAppReplication", + "description": "Grants permission to create and start replication jobs for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StartAppReplication.html" + }, + "StartOnDemandAppReplication": { + "privilege": "StartOnDemandAppReplication", + "description": "Grants permission to start a replication run for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StartOnDemandAppReplication.html" + }, + "StartOnDemandReplicationRun": { + "privilege": "StartOnDemandReplicationRun", + "description": "Grants permission to start a replication run for an existing replication job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StartOnDemandReplicationRun.html" + }, + "StopAppReplication": { + "privilege": "StopAppReplication", + "description": "Grants permission to stop and delete replication jobs for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_StopAppReplication.html" + }, + "TerminateApp": { + "privilege": "TerminateApp", + "description": "Grants permission to terminate the CloudFormation stack for an existing application", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_TerminateApp.html" + }, + "UpdateApp": { + "privilege": "UpdateApp", + "description": "Grants permission to update an existing application configuration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_UpdateApp.html" + }, + "UpdateReplicationJob": { + "privilege": "UpdateReplicationJob", + "description": "Grants permission to update an existing job to migrate on-premise server onto AWS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/server-migration-service/latest/APIReference/API_UpdateReplicationJob.html" + } + }, + "privileges_lower_name": { + "createapp": "CreateApp", + "createreplicationjob": "CreateReplicationJob", + "deleteapp": "DeleteApp", + "deleteapplaunchconfiguration": "DeleteAppLaunchConfiguration", + "deleteappreplicationconfiguration": "DeleteAppReplicationConfiguration", + "deleteappvalidationconfiguration": "DeleteAppValidationConfiguration", + "deletereplicationjob": "DeleteReplicationJob", + "deleteservercatalog": "DeleteServerCatalog", + "disassociateconnector": "DisassociateConnector", + "generatechangeset": "GenerateChangeSet", + "generatetemplate": "GenerateTemplate", + "getapp": "GetApp", + "getapplaunchconfiguration": "GetAppLaunchConfiguration", + "getappreplicationconfiguration": "GetAppReplicationConfiguration", + "getappvalidationconfiguration": "GetAppValidationConfiguration", + "getappvalidationoutput": "GetAppValidationOutput", + "getconnectors": "GetConnectors", + "getmessages": "GetMessages", + "getreplicationjobs": "GetReplicationJobs", + "getreplicationruns": "GetReplicationRuns", + "getservers": "GetServers", + "importappcatalog": "ImportAppCatalog", + "importservercatalog": "ImportServerCatalog", + "launchapp": "LaunchApp", + "listapps": "ListApps", + "notifyappvalidationoutput": "NotifyAppValidationOutput", + "putapplaunchconfiguration": "PutAppLaunchConfiguration", + "putappreplicationconfiguration": "PutAppReplicationConfiguration", + "putappvalidationconfiguration": "PutAppValidationConfiguration", + "sendmessage": "SendMessage", + "startappreplication": "StartAppReplication", + "startondemandappreplication": "StartOnDemandAppReplication", + "startondemandreplicationrun": "StartOnDemandReplicationRun", + "stopappreplication": "StopAppReplication", + "terminateapp": "TerminateApp", + "updateapp": "UpdateApp", + "updatereplicationjob": "UpdateReplicationJob" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "servicecatalog": { + "service_name": "AWS Service Catalog", + "prefix": "servicecatalog", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsservicecatalog.html", + "privileges": { + "AcceptPortfolioShare": { + "privilege": "AcceptPortfolioShare", + "description": "Grants permission to accept a portfolio that has been shared with you", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AcceptPortfolioShare.html" + }, + "AssociateAttributeGroup": { + "privilege": "AssociateAttributeGroup", + "description": "Grants permission to associate an attribute group with an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "attributegroup": "AttributeGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_AssociateAttributeGroup.html" + }, + "AssociateBudgetWithResource": { + "privilege": "AssociateBudgetWithResource", + "description": "Grants permission to associate a budget with a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateBudgetWithResource.html" + }, + "AssociatePrincipalWithPortfolio": { + "privilege": "AssociatePrincipalWithPortfolio", + "description": "Grants permission to associate an IAM principal with a portfolio, giving the specified principal access to any products associated with the specified portfolio", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociatePrincipalWithPortfolio.html" + }, + "AssociateProductWithPortfolio": { + "privilege": "AssociateProductWithPortfolio", + "description": "Grants permission to associate a product with a portfolio", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateProductWithPortfolio.html" + }, + "AssociateResource": { + "privilege": "AssociateResource", + "description": "Grants permission to associate a resource with an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:DescribeStacks", + "resource-groups:CreateGroup", + "resource-groups:GetGroup", + "resource-groups:Tag" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:ResourceType", + "servicecatalog:Resource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_AssociateResource.html" + }, + "AssociateServiceActionWithProvisioningArtifact": { + "privilege": "AssociateServiceActionWithProvisioningArtifact", + "description": "Grants permission to associate an action with a provisioning artifact", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateServiceActionWithProvisioningArtifact.html" + }, + "AssociateTagOptionWithResource": { + "privilege": "AssociateTagOptionWithResource", + "description": "Grants permission to associate the specified TagOption with the specified portfolio or product", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Product": { + "resource_type": "Product", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio", + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_AssociateTagOptionWithResource.html" + }, + "BatchAssociateServiceActionWithProvisioningArtifact": { + "privilege": "BatchAssociateServiceActionWithProvisioningArtifact", + "description": "Grants permission to associate multiple self-service actions with provisioning artifacts", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_BatchAssociateServiceActionWithProvisioningArtifact.html" + }, + "BatchDisassociateServiceActionFromProvisioningArtifact": { + "privilege": "BatchDisassociateServiceActionFromProvisioningArtifact", + "description": "Grants permission to disassociate a batch of self-service actions from the specified provisioning artifact", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_BatchDisassociateServiceActionFromProvisioningArtifact.html" + }, + "CopyProduct": { + "privilege": "CopyProduct", + "description": "Grants permission to copy the specified source product to the specified target product or a new product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CopyProduct.html" + }, + "CreateApplication": { + "privilege": "CreateApplication", + "description": "Grants permission to create an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_CreateApplication.html" + }, + "CreateAttributeGroup": { + "privilege": "CreateAttributeGroup", + "description": "Grants permission to create an attribute group", + "access_level": "Write", + "resource_types": { + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attributegroup": "AttributeGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_CreateAttributeGroup.html" + }, + "CreateConstraint": { + "privilege": "CreateConstraint", + "description": "Grants permission to create a constraint on an associated product and portfolio", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateConstraint.html" + }, + "CreatePortfolio": { + "privilege": "CreatePortfolio", + "description": "Grants permission to create a portfolio", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreatePortfolio.html" + }, + "CreatePortfolioShare": { + "privilege": "CreatePortfolioShare", + "description": "Grants permission to share a portfolio you own with another AWS account", + "access_level": "Permissions management", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreatePortfolioShare.html" + }, + "CreateProduct": { + "privilege": "CreateProduct", + "description": "Grants permission to create a product and that product's first provisioning artifact", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProduct.html" + }, + "CreateProvisionedProductPlan": { + "privilege": "CreateProvisionedProductPlan", + "description": "Grants permission to add a new provisioned product plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProvisionedProductPlan.html" + }, + "CreateProvisioningArtifact": { + "privilege": "CreateProvisioningArtifact", + "description": "Grants permission to add a new provisioning artifact to an existing product", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateProvisioningArtifact.html" + }, + "CreateServiceAction": { + "privilege": "CreateServiceAction", + "description": "Grants permission to create a self-service action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateServiceAction.html" + }, + "CreateTagOption": { + "privilege": "CreateTagOption", + "description": "Grants permission to create a TagOption", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_CreateTagOption.html" + }, + "DeleteApplication": { + "privilege": "DeleteApplication", + "description": "Grants permission to delete an application if all associations have been removed from the application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DeleteApplication.html" + }, + "DeleteAttributeGroup": { + "privilege": "DeleteAttributeGroup", + "description": "Grants permission to delete an attribute group if all associations have been removed from the attribute group", + "access_level": "Write", + "resource_types": { + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attributegroup": "AttributeGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DeleteAttributeGroup.html" + }, + "DeleteConstraint": { + "privilege": "DeleteConstraint", + "description": "Grants permission to remove and delete an existing constraint from an associated product and portfolio", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteConstraint.html" + }, + "DeletePortfolio": { + "privilege": "DeletePortfolio", + "description": "Grants permission to delete a portfolio if all associations and shares have been removed from the portfolio", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeletePortfolio.html" + }, + "DeletePortfolioShare": { + "privilege": "DeletePortfolioShare", + "description": "Grants permission to unshare a portfolio you own from an AWS account you previously shared the portfolio with", + "access_level": "Permissions management", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeletePortfolioShare.html" + }, + "DeleteProduct": { + "privilege": "DeleteProduct", + "description": "Grants permission to delete a product if all associations have been removed from the product", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteProduct.html" + }, + "DeleteProvisionedProductPlan": { + "privilege": "DeleteProvisionedProductPlan", + "description": "Grants permission to delete a provisioned product plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteProvisionedProductPlan.html" + }, + "DeleteProvisioningArtifact": { + "privilege": "DeleteProvisioningArtifact", + "description": "Grants permission to delete a provisioning artifact from a product", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteProvisioningArtifact.html" + }, + "DeleteServiceAction": { + "privilege": "DeleteServiceAction", + "description": "Grants permission to delete a self-service action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteServiceAction.html" + }, + "DeleteTagOption": { + "privilege": "DeleteTagOption", + "description": "Grants permission to delete the specified TagOption", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DeleteTagOption.html" + }, + "DescribeConstraint": { + "privilege": "DescribeConstraint", + "description": "Grants permission to describe a constraint", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeConstraint.html" + }, + "DescribeCopyProductStatus": { + "privilege": "DescribeCopyProductStatus", + "description": "Grants permission to get the status of the specified copy product operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeCopyProductStatus.html" + }, + "DescribePortfolio": { + "privilege": "DescribePortfolio", + "description": "Grants permission to describe a portfolio", + "access_level": "Read", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribePortfolio.html" + }, + "DescribePortfolioShareStatus": { + "privilege": "DescribePortfolioShareStatus", + "description": "Grants permission to get the status of the specified portfolio share operation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribePortfolioShareStatus.html" + }, + "DescribePortfolioShares": { + "privilege": "DescribePortfolioShares", + "description": "Grants permission to view a summary of each of the portfolio shares that were created for the specified portfolio", + "access_level": "List", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribePortfolioShares.html" + }, + "DescribeProduct": { + "privilege": "DescribeProduct", + "description": "Grants permission to describe a product as an end-user", + "access_level": "Read", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProduct.html" + }, + "DescribeProductAsAdmin": { + "privilege": "DescribeProductAsAdmin", + "description": "Grants permission to describe a product as an admin", + "access_level": "Read", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProductAsAdmin.html" + }, + "DescribeProductView": { + "privilege": "DescribeProductView", + "description": "Grants permission to describe a product as an end-user", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProductView.html" + }, + "DescribeProvisionedProduct": { + "privilege": "DescribeProvisionedProduct", + "description": "Grants permission to describe a provisioned product", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisionedProduct.html" + }, + "DescribeProvisionedProductPlan": { + "privilege": "DescribeProvisionedProductPlan", + "description": "Grants permission to describe a provisioned product plan", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisionedProductPlan.html" + }, + "DescribeProvisioningArtifact": { + "privilege": "DescribeProvisioningArtifact", + "description": "Grants permission to describe a provisioning artifact", + "access_level": "Read", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisioningArtifact.html" + }, + "DescribeProvisioningParameters": { + "privilege": "DescribeProvisioningParameters", + "description": "Grants permission to describe the parameters that you need to specify to successfully provision a specified provisioning artifact", + "access_level": "Read", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeProvisioningParameters.html" + }, + "DescribeRecord": { + "privilege": "DescribeRecord", + "description": "Grants permission to describe a record and lists any outputs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeRecord.html" + }, + "DescribeServiceAction": { + "privilege": "DescribeServiceAction", + "description": "Grants permission to describe a self-service action", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeServiceAction.html" + }, + "DescribeServiceActionExecutionParameters": { + "privilege": "DescribeServiceActionExecutionParameters", + "description": "Grants permission to get the default parameters if you executed the specified Service Action on the specified Provisioned Product", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeServiceActionExecutionParameters.html" + }, + "DescribeTagOption": { + "privilege": "DescribeTagOption", + "description": "Grants permission to get information about the specified TagOption", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DescribeTagOption.html" + }, + "DisableAWSOrganizationsAccess": { + "privilege": "DisableAWSOrganizationsAccess", + "description": "Grants permission to disable portfolio sharing through AWS Organizations feature", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisableAWSOrganizationsAccess.html" + }, + "DisassociateAttributeGroup": { + "privilege": "DisassociateAttributeGroup", + "description": "Grants permission to disassociate an attribute group from an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "attributegroup": "AttributeGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DisassociateAttributeGroup.html" + }, + "DisassociateBudgetFromResource": { + "privilege": "DisassociateBudgetFromResource", + "description": "Grants permission to disassociate a budget from a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateBudgetFromResource.html" + }, + "DisassociatePrincipalFromPortfolio": { + "privilege": "DisassociatePrincipalFromPortfolio", + "description": "Grants permission to disassociate an IAM principal from a portfolio", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociatePrincipalFromPortfolio.html" + }, + "DisassociateProductFromPortfolio": { + "privilege": "DisassociateProductFromPortfolio", + "description": "Grants permission to disassociate a product from a portfolio", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateProductFromPortfolio.html" + }, + "DisassociateResource": { + "privilege": "DisassociateResource", + "description": "Grants permission to disassociate a resource from an application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "resource-groups:DeleteGroup" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:ResourceType", + "servicecatalog:Resource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_DisassociateResource.html" + }, + "DisassociateServiceActionFromProvisioningArtifact": { + "privilege": "DisassociateServiceActionFromProvisioningArtifact", + "description": "Grants permission to disassociate the specified self-service action association from the specified provisioning artifact", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateServiceActionFromProvisioningArtifact.html" + }, + "DisassociateTagOptionFromResource": { + "privilege": "DisassociateTagOptionFromResource", + "description": "Grants permission to disassociate the specified TagOption from the specified resource", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "Product": { + "resource_type": "Product", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio", + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_DisassociateTagOptionFromResource.html" + }, + "EnableAWSOrganizationsAccess": { + "privilege": "EnableAWSOrganizationsAccess", + "description": "Grants permission to enable portfolio sharing feature through AWS Organizations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_EnableAWSOrganizationsAccess.html" + }, + "ExecuteProvisionedProductPlan": { + "privilege": "ExecuteProvisionedProductPlan", + "description": "Grants permission to execute a provisioned product plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ExecuteProvisionedProductPlan.html" + }, + "ExecuteProvisionedProductServiceAction": { + "privilege": "ExecuteProvisionedProductServiceAction", + "description": "Grants permission to executes a provisioned product plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ExecuteProvisionedProductServiceAction.html" + }, + "GetAWSOrganizationsAccessStatus": { + "privilege": "GetAWSOrganizationsAccessStatus", + "description": "Grants permission to get the access status of AWS Organization portfolio share feature", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_GetAWSOrganizationsAccessStatus.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to get an application", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetApplication.html" + }, + "GetAssociatedResource": { + "privilege": "GetAssociatedResource", + "description": "Grants permission to get information about a resource associated to an application", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:ResourceType", + "servicecatalog:Resource" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetAssociatedResource.html" + }, + "GetAttributeGroup": { + "privilege": "GetAttributeGroup", + "description": "Grants permission to get an attribute group", + "access_level": "Read", + "resource_types": { + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attributegroup": "AttributeGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetAttributeGroup.html" + }, + "GetConfiguration": { + "privilege": "GetConfiguration", + "description": "Grants permission to read AppRegistry configurations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_GetConfiguration.html" + }, + "GetProvisionedProductOutputs": { + "privilege": "GetProvisionedProductOutputs", + "description": "Grants permission to get the provisioned product output with either provisioned product id or name", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_GetProvisionedProductOutputs.html" + }, + "ImportAsProvisionedProduct": { + "privilege": "ImportAsProvisionedProduct", + "description": "Grants permission to import a resource into a provisioned product", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ImportAsProvisionedProduct.html" + }, + "ListAcceptedPortfolioShares": { + "privilege": "ListAcceptedPortfolioShares", + "description": "Grants permission to list the portfolios that have been shared with you and you have accepted", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListAcceptedPortfolioShares.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to list your applications", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListApplications.html" + }, + "ListAssociatedAttributeGroups": { + "privilege": "ListAssociatedAttributeGroups", + "description": "Grants permission to list the attribute groups associated with an application", + "access_level": "List", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAssociatedAttributeGroups.html" + }, + "ListAssociatedResources": { + "privilege": "ListAssociatedResources", + "description": "Grants permission to list the resources associated with an application", + "access_level": "List", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAssociatedResources.html" + }, + "ListAttributeGroups": { + "privilege": "ListAttributeGroups", + "description": "Grants permission to list your attribute groups", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAttributeGroups.html" + }, + "ListAttributeGroupsForApplication": { + "privilege": "ListAttributeGroupsForApplication", + "description": "Grants permission to list the associated attribute groups for a given application", + "access_level": "List", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListAttributeGroupsForApplication.html" + }, + "ListBudgetsForResource": { + "privilege": "ListBudgetsForResource", + "description": "Grants permission to list all the budgets associated to a resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListBudgetsForResource.html" + }, + "ListConstraintsForPortfolio": { + "privilege": "ListConstraintsForPortfolio", + "description": "Grants permission to list constraints associated with a given portfolio", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListConstraintsForPortfolio.html" + }, + "ListLaunchPaths": { + "privilege": "ListLaunchPaths", + "description": "Grants permission to list the different ways to launch a given product as an end-user", + "access_level": "List", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html" + }, + "ListOrganizationPortfolioAccess": { + "privilege": "ListOrganizationPortfolioAccess", + "description": "Grants permission to list the organization nodes that have access to the specified portfolio", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListOrganizationPortfolioAccess.html" + }, + "ListPortfolioAccess": { + "privilege": "ListPortfolioAccess", + "description": "Grants permission to list the AWS accounts you have shared a given portfolio with", + "access_level": "List", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPortfolioAccess.html" + }, + "ListPortfolios": { + "privilege": "ListPortfolios", + "description": "Grants permission to list the portfolios in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPortfolios.html" + }, + "ListPortfoliosForProduct": { + "privilege": "ListPortfoliosForProduct", + "description": "Grants permission to list the portfolios associated with a given product", + "access_level": "List", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPortfoliosForProduct.html" + }, + "ListPrincipalsForPortfolio": { + "privilege": "ListPrincipalsForPortfolio", + "description": "Grants permission to list the IAM principals associated with a given portfolio", + "access_level": "List", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListPrincipalsForPortfolio.html" + }, + "ListProvisionedProductPlans": { + "privilege": "ListProvisionedProductPlans", + "description": "Grants permission to list the provisioned product plans", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListProvisionedProductPlans.html" + }, + "ListProvisioningArtifacts": { + "privilege": "ListProvisioningArtifacts", + "description": "Grants permission to list the provisioning artifacts associated with a given product", + "access_level": "List", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListProvisioningArtifacts.html" + }, + "ListProvisioningArtifactsForServiceAction": { + "privilege": "ListProvisioningArtifactsForServiceAction", + "description": "Grants permission to list all provisioning artifacts for the specified self-service action", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListProvisioningArtifactsForServiceAction.html" + }, + "ListRecordHistory": { + "privilege": "ListRecordHistory", + "description": "Grants permission to list all the records in your account or all the records related to a given provisioned product", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListRecordHistory.html" + }, + "ListResourcesForTagOption": { + "privilege": "ListResourcesForTagOption", + "description": "Grants permission to list the resources associated with the specified TagOption", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListResourcesForTagOption.html" + }, + "ListServiceActions": { + "privilege": "ListServiceActions", + "description": "Grants permission to list all self-service actions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListServiceActions.html" + }, + "ListServiceActionsForProvisioningArtifact": { + "privilege": "ListServiceActionsForProvisioningArtifact", + "description": "Grants permission to list all the service actions associated with the specified provisioning artifact in your account", + "access_level": "List", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListServiceActionsForProvisioningArtifact.html" + }, + "ListStackInstancesForProvisionedProduct": { + "privilege": "ListStackInstancesForProvisionedProduct", + "description": "Grants permission to list account, region and status of each stack instances that are associated with a CFN_STACKSET type provisioned product", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListStackInstancesForProvisionedProduct.html" + }, + "ListTagOptions": { + "privilege": "ListTagOptions", + "description": "Grants permission to list the specified TagOptions or all TagOptions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListTagOptions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a service catalog appregistry resource", + "access_level": "Read", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "attributegroup": "AttributeGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_ListTagsForResource.html" + }, + "NotifyProvisionProductEngineWorkflowResult": { + "privilege": "NotifyProvisionProductEngineWorkflowResult", + "description": "Grants permission to notify the result of the provisioning engine execution", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_NotifyProvisionProductEngineWorkflowResult.html" + }, + "NotifyTerminateProvisionedProductEngineWorkflowResult": { + "privilege": "NotifyTerminateProvisionedProductEngineWorkflowResult", + "description": "Grants permission to notify the result of the terminate engine execution", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_NotifyTerminateProvisionedProductEngineWorkflowResult.html" + }, + "NotifyUpdateProvisionedProductEngineWorkflowResult": { + "privilege": "NotifyUpdateProvisionedProductEngineWorkflowResult", + "description": "Grants permission to notify the result of the update engine execution", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_NotifyUpdateProvisionedProductEngineWorkflowResult.html" + }, + "ProvisionProduct": { + "privilege": "ProvisionProduct", + "description": "Grants permission to provision a product with a specified provisioning artifact and launch parameters", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ProvisionProduct.html" + }, + "PutConfiguration": { + "privilege": "PutConfiguration", + "description": "Grants permission to assign AppRegistry configurations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_PutConfiguration.html" + }, + "RejectPortfolioShare": { + "privilege": "RejectPortfolioShare", + "description": "Grants permission to reject a portfolio that has been shared with you that you previously accepted", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_RejectPortfolioShare.html" + }, + "ScanProvisionedProducts": { + "privilege": "ScanProvisionedProducts", + "description": "Grants permission to list all the provisioned products in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ScanProvisionedProducts.html" + }, + "SearchProducts": { + "privilege": "SearchProducts", + "description": "Grants permission to list the products available to you as an end-user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_SearchProducts.html" + }, + "SearchProductsAsAdmin": { + "privilege": "SearchProductsAsAdmin", + "description": "Grants permission to list all the products in your account or all the products associated with a given portfolio", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_SearchProductsAsAdmin.html" + }, + "SearchProvisionedProducts": { + "privilege": "SearchProvisionedProducts", + "description": "Grants permission to list all the provisioned products in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_SearchProvisionedProducts.html" + }, + "SyncResource": { + "privilege": "SyncResource", + "description": "Grants permission to sync a resource with its current state in AppRegistry", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "cloudformation:UpdateStack" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_SyncResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a service catalog appregistry resource", + "access_level": "Tagging", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "attributegroup": "AttributeGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_TagResource.html" + }, + "TerminateProvisionedProduct": { + "privilege": "TerminateProvisionedProduct", + "description": "Grants permission to terminate an existing provisioned product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_TerminateProvisionedProduct.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from a service catalog appregistry resource", + "access_level": "Tagging", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "Application", + "attributegroup": "AttributeGroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_UntagResource.html" + }, + "UpdateApplication": { + "privilege": "UpdateApplication", + "description": "Grants permission to update the attributes of an existing application", + "access_level": "Write", + "resource_types": { + "Application": { + "resource_type": "Application", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "application": "Application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_UpdateApplication.html" + }, + "UpdateAttributeGroup": { + "privilege": "UpdateAttributeGroup", + "description": "Grants permission to update the attributes of an existing attribute group", + "access_level": "Write", + "resource_types": { + "AttributeGroup": { + "resource_type": "AttributeGroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attributegroup": "AttributeGroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_app-registry_UpdateAttributeGroup.html" + }, + "UpdateConstraint": { + "privilege": "UpdateConstraint", + "description": "Grants permission to update the metadata fields of an existing constraint", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateConstraint.html" + }, + "UpdatePortfolio": { + "privilege": "UpdatePortfolio", + "description": "Grants permission to update the metadata fields and/or tags of an existing portfolio", + "access_level": "Write", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdatePortfolio.html" + }, + "UpdatePortfolioShare": { + "privilege": "UpdatePortfolioShare", + "description": "Grants permission to enable or disable resource sharing for an existing portfolio share", + "access_level": "Permissions management", + "resource_types": { + "Portfolio": { + "resource_type": "Portfolio", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "portfolio": "Portfolio" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdatePortfolioShare.html" + }, + "UpdateProduct": { + "privilege": "UpdateProduct", + "description": "Grants permission to update the metadata fields and/or tags of an existing product", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProduct.html" + }, + "UpdateProvisionedProduct": { + "privilege": "UpdateProvisionedProduct", + "description": "Grants permission to update an existing provisioned product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicecatalog:accountLevel", + "servicecatalog:roleLevel", + "servicecatalog:userLevel" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProvisionedProduct.html" + }, + "UpdateProvisionedProductProperties": { + "privilege": "UpdateProvisionedProductProperties", + "description": "Grants permission to update the properties of an existing provisioned product", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProvisionedProductProperties.html" + }, + "UpdateProvisioningArtifact": { + "privilege": "UpdateProvisioningArtifact", + "description": "Grants permission to update the metadata fields of an existing provisioning artifact", + "access_level": "Write", + "resource_types": { + "Product": { + "resource_type": "Product", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "product": "Product" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateProvisioningArtifact.html" + }, + "UpdateServiceAction": { + "privilege": "UpdateServiceAction", + "description": "Grants permission to update a self-service action", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateServiceAction.html" + }, + "UpdateTagOption": { + "privilege": "UpdateTagOption", + "description": "Grants permission to update the specified TagOption", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicecatalog/latest/dg/API_UpdateTagOption.html" + } + }, + "privileges_lower_name": { + "acceptportfolioshare": "AcceptPortfolioShare", + "associateattributegroup": "AssociateAttributeGroup", + "associatebudgetwithresource": "AssociateBudgetWithResource", + "associateprincipalwithportfolio": "AssociatePrincipalWithPortfolio", + "associateproductwithportfolio": "AssociateProductWithPortfolio", + "associateresource": "AssociateResource", + "associateserviceactionwithprovisioningartifact": "AssociateServiceActionWithProvisioningArtifact", + "associatetagoptionwithresource": "AssociateTagOptionWithResource", + "batchassociateserviceactionwithprovisioningartifact": "BatchAssociateServiceActionWithProvisioningArtifact", + "batchdisassociateserviceactionfromprovisioningartifact": "BatchDisassociateServiceActionFromProvisioningArtifact", + "copyproduct": "CopyProduct", + "createapplication": "CreateApplication", + "createattributegroup": "CreateAttributeGroup", + "createconstraint": "CreateConstraint", + "createportfolio": "CreatePortfolio", + "createportfolioshare": "CreatePortfolioShare", + "createproduct": "CreateProduct", + "createprovisionedproductplan": "CreateProvisionedProductPlan", + "createprovisioningartifact": "CreateProvisioningArtifact", + "createserviceaction": "CreateServiceAction", + "createtagoption": "CreateTagOption", + "deleteapplication": "DeleteApplication", + "deleteattributegroup": "DeleteAttributeGroup", + "deleteconstraint": "DeleteConstraint", + "deleteportfolio": "DeletePortfolio", + "deleteportfolioshare": "DeletePortfolioShare", + "deleteproduct": "DeleteProduct", + "deleteprovisionedproductplan": "DeleteProvisionedProductPlan", + "deleteprovisioningartifact": "DeleteProvisioningArtifact", + "deleteserviceaction": "DeleteServiceAction", + "deletetagoption": "DeleteTagOption", + "describeconstraint": "DescribeConstraint", + "describecopyproductstatus": "DescribeCopyProductStatus", + "describeportfolio": "DescribePortfolio", + "describeportfoliosharestatus": "DescribePortfolioShareStatus", + "describeportfolioshares": "DescribePortfolioShares", + "describeproduct": "DescribeProduct", + "describeproductasadmin": "DescribeProductAsAdmin", + "describeproductview": "DescribeProductView", + "describeprovisionedproduct": "DescribeProvisionedProduct", + "describeprovisionedproductplan": "DescribeProvisionedProductPlan", + "describeprovisioningartifact": "DescribeProvisioningArtifact", + "describeprovisioningparameters": "DescribeProvisioningParameters", + "describerecord": "DescribeRecord", + "describeserviceaction": "DescribeServiceAction", + "describeserviceactionexecutionparameters": "DescribeServiceActionExecutionParameters", + "describetagoption": "DescribeTagOption", + "disableawsorganizationsaccess": "DisableAWSOrganizationsAccess", + "disassociateattributegroup": "DisassociateAttributeGroup", + "disassociatebudgetfromresource": "DisassociateBudgetFromResource", + "disassociateprincipalfromportfolio": "DisassociatePrincipalFromPortfolio", + "disassociateproductfromportfolio": "DisassociateProductFromPortfolio", + "disassociateresource": "DisassociateResource", + "disassociateserviceactionfromprovisioningartifact": "DisassociateServiceActionFromProvisioningArtifact", + "disassociatetagoptionfromresource": "DisassociateTagOptionFromResource", + "enableawsorganizationsaccess": "EnableAWSOrganizationsAccess", + "executeprovisionedproductplan": "ExecuteProvisionedProductPlan", + "executeprovisionedproductserviceaction": "ExecuteProvisionedProductServiceAction", + "getawsorganizationsaccessstatus": "GetAWSOrganizationsAccessStatus", + "getapplication": "GetApplication", + "getassociatedresource": "GetAssociatedResource", + "getattributegroup": "GetAttributeGroup", + "getconfiguration": "GetConfiguration", + "getprovisionedproductoutputs": "GetProvisionedProductOutputs", + "importasprovisionedproduct": "ImportAsProvisionedProduct", + "listacceptedportfolioshares": "ListAcceptedPortfolioShares", + "listapplications": "ListApplications", + "listassociatedattributegroups": "ListAssociatedAttributeGroups", + "listassociatedresources": "ListAssociatedResources", + "listattributegroups": "ListAttributeGroups", + "listattributegroupsforapplication": "ListAttributeGroupsForApplication", + "listbudgetsforresource": "ListBudgetsForResource", + "listconstraintsforportfolio": "ListConstraintsForPortfolio", + "listlaunchpaths": "ListLaunchPaths", + "listorganizationportfolioaccess": "ListOrganizationPortfolioAccess", + "listportfolioaccess": "ListPortfolioAccess", + "listportfolios": "ListPortfolios", + "listportfoliosforproduct": "ListPortfoliosForProduct", + "listprincipalsforportfolio": "ListPrincipalsForPortfolio", + "listprovisionedproductplans": "ListProvisionedProductPlans", + "listprovisioningartifacts": "ListProvisioningArtifacts", + "listprovisioningartifactsforserviceaction": "ListProvisioningArtifactsForServiceAction", + "listrecordhistory": "ListRecordHistory", + "listresourcesfortagoption": "ListResourcesForTagOption", + "listserviceactions": "ListServiceActions", + "listserviceactionsforprovisioningartifact": "ListServiceActionsForProvisioningArtifact", + "liststackinstancesforprovisionedproduct": "ListStackInstancesForProvisionedProduct", + "listtagoptions": "ListTagOptions", + "listtagsforresource": "ListTagsForResource", + "notifyprovisionproductengineworkflowresult": "NotifyProvisionProductEngineWorkflowResult", + "notifyterminateprovisionedproductengineworkflowresult": "NotifyTerminateProvisionedProductEngineWorkflowResult", + "notifyupdateprovisionedproductengineworkflowresult": "NotifyUpdateProvisionedProductEngineWorkflowResult", + "provisionproduct": "ProvisionProduct", + "putconfiguration": "PutConfiguration", + "rejectportfolioshare": "RejectPortfolioShare", + "scanprovisionedproducts": "ScanProvisionedProducts", + "searchproducts": "SearchProducts", + "searchproductsasadmin": "SearchProductsAsAdmin", + "searchprovisionedproducts": "SearchProvisionedProducts", + "syncresource": "SyncResource", + "tagresource": "TagResource", + "terminateprovisionedproduct": "TerminateProvisionedProduct", + "untagresource": "UntagResource", + "updateapplication": "UpdateApplication", + "updateattributegroup": "UpdateAttributeGroup", + "updateconstraint": "UpdateConstraint", + "updateportfolio": "UpdatePortfolio", + "updateportfolioshare": "UpdatePortfolioShare", + "updateproduct": "UpdateProduct", + "updateprovisionedproduct": "UpdateProvisionedProduct", + "updateprovisionedproductproperties": "UpdateProvisionedProductProperties", + "updateprovisioningartifact": "UpdateProvisioningArtifact", + "updateserviceaction": "UpdateServiceAction", + "updatetagoption": "UpdateTagOption" + }, + "resources": { + "Application": { + "resource": "Application", + "arn": "arn:${Partition}:servicecatalog:${Region}:${Account}:/applications/${ApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "AttributeGroup": { + "resource": "AttributeGroup", + "arn": "arn:${Partition}:servicecatalog:${Region}:${Account}:/attribute-groups/${AttributeGroupId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Portfolio": { + "resource": "Portfolio", + "arn": "arn:${Partition}:catalog:${Region}:${Account}:portfolio/${PortfolioId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "Product": { + "resource": "Product", + "arn": "arn:${Partition}:catalog:${Region}:${Account}:product/${ProductId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "application": "Application", + "attributegroup": "AttributeGroup", + "portfolio": "Portfolio", + "product": "Product" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of tag keys in the request", + "type": "ArrayOfString" + }, + "servicecatalog:Resource": { + "condition": "servicecatalog:Resource", + "description": "Filters access by controlling what value can be specified as the Resource parameter in an AppRegistry associate resource API", + "type": "String" + }, + "servicecatalog:ResourceType": { + "condition": "servicecatalog:ResourceType", + "description": "Filters access by controlling what value can be specified as the ResourceType parameter in an AppRegistry associate resource API", + "type": "String" + }, + "servicecatalog:accountLevel": { + "condition": "servicecatalog:accountLevel", + "description": "Filters access by user to see and perform actions on resources created by anyone in the account", + "type": "String" + }, + "servicecatalog:roleLevel": { + "condition": "servicecatalog:roleLevel", + "description": "Filters access by user to see and perform actions on resources created either by them or by anyone federating into the same role as them", + "type": "String" + }, + "servicecatalog:userLevel": { + "condition": "servicecatalog:userLevel", + "description": "Filters access by user to see and perform actions on only resources that they created", + "type": "String" + } + } + }, + "private-networks": { + "service_name": "AWS service providing managed private networks", + "prefix": "private-networks", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsserviceprovidingmanagedprivatenetworks.html", + "privileges": { + "AcknowledgeOrderReceipt": { + "privilege": "AcknowledgeOrderReceipt", + "description": "Grants permission to acknowledge that an order has been received", + "access_level": "Write", + "resource_types": { + "order": { + "resource_type": "order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "order": "order" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_AcknowledgeOrderReceipt.html" + }, + "ActivateDeviceIdentifier": { + "privilege": "ActivateDeviceIdentifier", + "description": "Grants permission to activate a device identifier", + "access_level": "Write", + "resource_types": { + "device-identifier": { + "resource_type": "device-identifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-identifier": "device-identifier", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ActivateDeviceIdentifier.html" + }, + "ActivateNetworkSite": { + "privilege": "ActivateNetworkSite", + "description": "Grants permission to activate a network site", + "access_level": "Write", + "resource_types": { + "network-site": { + "resource_type": "network-site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "order": { + "resource_type": "order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-site": "network-site", + "order": "order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ActivateNetworkSite.html" + }, + "ConfigureAccessPoint": { + "privilege": "ConfigureAccessPoint", + "description": "Grants permission to configure an access point", + "access_level": "Write", + "resource_types": { + "network-resource": { + "resource_type": "network-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-resource": "network-resource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ConfigureAccessPoint.html" + }, + "CreateNetwork": { + "privilege": "CreateNetwork", + "description": "Grants permission to create a network", + "access_level": "Write", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_CreateNetwork.html" + }, + "CreateNetworkSite": { + "privilege": "CreateNetworkSite", + "description": "Grants permission to create a network site", + "access_level": "Write", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_CreateNetworkSite.html" + }, + "DeactivateDeviceIdentifier": { + "privilege": "DeactivateDeviceIdentifier", + "description": "Grants permission to deactivate a device identifier", + "access_level": "Write", + "resource_types": { + "device-identifier": { + "resource_type": "device-identifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-identifier": "device-identifier" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_DeactivateDeviceIdentifier.html" + }, + "DeleteNetwork": { + "privilege": "DeleteNetwork", + "description": "Grants permission to delete a network", + "access_level": "Write", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_DeleteNetwork.html" + }, + "DeleteNetworkSite": { + "privilege": "DeleteNetworkSite", + "description": "Grants permission to delete a network site", + "access_level": "Write", + "resource_types": { + "network-site": { + "resource_type": "network-site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-site": "network-site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_DeleteNetworkSite.html" + }, + "GetDeviceIdentifier": { + "privilege": "GetDeviceIdentifier", + "description": "Grants permission to get a device identifier", + "access_level": "Read", + "resource_types": { + "device-identifier": { + "resource_type": "device-identifier", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-identifier": "device-identifier", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetDeviceIdentifier.html" + }, + "GetNetwork": { + "privilege": "GetNetwork", + "description": "Grants permission to get a network", + "access_level": "Read", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetNetwork.html" + }, + "GetNetworkResource": { + "privilege": "GetNetworkResource", + "description": "Grants permission to get a network resource", + "access_level": "Read", + "resource_types": { + "network-resource": { + "resource_type": "network-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-resource": "network-resource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetNetworkResource.html" + }, + "GetNetworkSite": { + "privilege": "GetNetworkSite", + "description": "Grants permission to get a network site", + "access_level": "Read", + "resource_types": { + "network-site": { + "resource_type": "network-site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-site": "network-site", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetNetworkSite.html" + }, + "GetOrder": { + "privilege": "GetOrder", + "description": "Grants permission to get a network order", + "access_level": "Read", + "resource_types": { + "order": { + "resource_type": "order", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "order": "order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_GetOrder.html" + }, + "ListDeviceIdentifiers": { + "privilege": "ListDeviceIdentifiers", + "description": "Grants permission to list device identifiers", + "access_level": "List", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListDeviceIdentifiers.html" + }, + "ListNetworkResources": { + "privilege": "ListNetworkResources", + "description": "Grants permission to list network resources", + "access_level": "List", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListNetworkResources.html" + }, + "ListNetworkSites": { + "privilege": "ListNetworkSites", + "description": "Grants permission to list network sites", + "access_level": "List", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListNetworkSites.html" + }, + "ListNetworks": { + "privilege": "ListNetworks", + "description": "Grants permission to list networks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListNetworks.html" + }, + "ListOrders": { + "privilege": "ListOrders", + "description": "Grants permission to list network orders", + "access_level": "List", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListOrders.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return a list of tags for a resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_ListTagsForResource.html" + }, + "Ping": { + "privilege": "Ping", + "description": "Grants permission to check the health of the service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_Ping.html" + }, + "StartNetworkResourceUpdate": { + "privilege": "StartNetworkResourceUpdate", + "description": "Grants permission to start an update on the specified network resource", + "access_level": "Write", + "resource_types": { + "network-resource": { + "resource_type": "network-resource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-resource": "network-resource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_StartNetworkResourceUpdate.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to adds tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "device-identifier": { + "resource_type": "device-identifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network": { + "resource_type": "network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-resource": { + "resource_type": "network-resource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-site": { + "resource_type": "network-site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "order": { + "resource_type": "order", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-identifier": "device-identifier", + "network": "network", + "network-resource": "network-resource", + "network-site": "network-site", + "order": "order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to removes tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "device-identifier": { + "resource_type": "device-identifier", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network": { + "resource_type": "network", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-resource": { + "resource_type": "network-resource", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-site": { + "resource_type": "network-site", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "order": { + "resource_type": "order", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "device-identifier": "device-identifier", + "network": "network", + "network-resource": "network-resource", + "network-site": "network-site", + "order": "order", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_UntagResource.html" + }, + "UpdateNetworkSite": { + "privilege": "UpdateNetworkSite", + "description": "Grants permission to update a network site", + "access_level": "Write", + "resource_types": { + "network-site": { + "resource_type": "network-site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-site": "network-site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_UpdateNetworkSite.html" + }, + "UpdateNetworkSitePlan": { + "privilege": "UpdateNetworkSitePlan", + "description": "Grants permission to update a plan at a network site", + "access_level": "Write", + "resource_types": { + "network-site": { + "resource_type": "network-site", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-site": "network-site" + }, + "api_documentation_link": "https://docs.aws.amazon.com/private-networks/latest/APIReference/API_UpdateNetworkSitePlan.html" + } + }, + "privileges_lower_name": { + "acknowledgeorderreceipt": "AcknowledgeOrderReceipt", + "activatedeviceidentifier": "ActivateDeviceIdentifier", + "activatenetworksite": "ActivateNetworkSite", + "configureaccesspoint": "ConfigureAccessPoint", + "createnetwork": "CreateNetwork", + "createnetworksite": "CreateNetworkSite", + "deactivatedeviceidentifier": "DeactivateDeviceIdentifier", + "deletenetwork": "DeleteNetwork", + "deletenetworksite": "DeleteNetworkSite", + "getdeviceidentifier": "GetDeviceIdentifier", + "getnetwork": "GetNetwork", + "getnetworkresource": "GetNetworkResource", + "getnetworksite": "GetNetworkSite", + "getorder": "GetOrder", + "listdeviceidentifiers": "ListDeviceIdentifiers", + "listnetworkresources": "ListNetworkResources", + "listnetworksites": "ListNetworkSites", + "listnetworks": "ListNetworks", + "listorders": "ListOrders", + "listtagsforresource": "ListTagsForResource", + "ping": "Ping", + "startnetworkresourceupdate": "StartNetworkResourceUpdate", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatenetworksite": "UpdateNetworkSite", + "updatenetworksiteplan": "UpdateNetworkSitePlan" + }, + "resources": { + "network": { + "resource": "network", + "arn": "arn:${Partition}:private-networks:${Region}:${Account}:network/${NetworkName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "network-site": { + "resource": "network-site", + "arn": "arn:${Partition}:private-networks:${Region}:${Account}:network-site/${NetworkName}/${NetworkSiteName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "network-resource": { + "resource": "network-resource", + "arn": "arn:${Partition}:private-networks:${Region}:${Account}:network-resource/${NetworkName}/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "order": { + "resource": "order", + "arn": "arn:${Partition}:private-networks:${Region}:${Account}:order/${NetworkName}/${OrderId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "device-identifier": { + "resource": "device-identifier", + "arn": "arn:${Partition}:private-networks:${Region}:${Account}:device-identifier/${NetworkName}/${DeviceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "network": "network", + "network-site": "network-site", + "network-resource": "network-resource", + "order": "order", + "device-identifier": "device-identifier" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by checking the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by checking tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "shield": { + "service_name": "AWS Shield", + "prefix": "shield", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsshield.html", + "privileges": { + "AssociateDRTLogBucket": { + "privilege": "AssociateDRTLogBucket", + "description": "Grants permission to authorize the DDoS Response team to access the specified Amazon S3 bucket containing your flow logs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:GetBucketPolicy", + "s3:PutBucketPolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateDRTLogBucket.html" + }, + "AssociateDRTRole": { + "privilege": "AssociateDRTRole", + "description": "Grants permission to authorize the DDoS Response team using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:GetRole", + "iam:ListAttachedRolePolicies", + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateDRTRole.html" + }, + "AssociateHealthCheck": { + "privilege": "AssociateHealthCheck", + "description": "Grants permission to add health-based detection to the Shield Advanced protection for a resource", + "access_level": "Write", + "resource_types": { + "protection": { + "resource_type": "protection", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "route53:GetHealthCheck" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection": "protection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateHealthCheck.html" + }, + "AssociateProactiveEngagementDetails": { + "privilege": "AssociateProactiveEngagementDetails", + "description": "Grants permission to initialize proactive engagement and set the list of contacts for the DDoS Response Team (DRT) to use", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_AssociateProactiveEngagementDetails.html" + }, + "CreateProtection": { + "privilege": "CreateProtection", + "description": "Grants permission to activate DDoS protection service for a given resource ARN", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateProtection.html" + }, + "CreateProtectionGroup": { + "privilege": "CreateProtectionGroup", + "description": "Grants permission to create a grouping of protected resources so they can be handled as a collective", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateProtectionGroup.html" + }, + "CreateSubscription": { + "privilege": "CreateSubscription", + "description": "Grants permission to activate subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateSubscription.html" + }, + "DeleteProtection": { + "privilege": "DeleteProtection", + "description": "Grants permission to delete an existing protection", + "access_level": "Write", + "resource_types": { + "protection": { + "resource_type": "protection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection": "protection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DeleteProtection.html" + }, + "DeleteProtectionGroup": { + "privilege": "DeleteProtectionGroup", + "description": "Grants permission to remove the specified protection group", + "access_level": "Write", + "resource_types": { + "protection-group": { + "resource_type": "protection-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection-group": "protection-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DeleteProtectionGroup.html" + }, + "DeleteSubscription": { + "privilege": "DeleteSubscription", + "description": "Grants permission to deactivate subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DeleteSubscription.html" + }, + "DescribeAttack": { + "privilege": "DescribeAttack", + "description": "Grants permission to get attack details", + "access_level": "Read", + "resource_types": { + "attack": { + "resource_type": "attack", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "attack": "attack" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeAttack.html" + }, + "DescribeAttackStatistics": { + "privilege": "DescribeAttackStatistics", + "description": "Grants permission to describe information about the number and type of attacks AWS Shield has detected in the last year", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeAttackStatistics.html" + }, + "DescribeDRTAccess": { + "privilege": "DescribeDRTAccess", + "description": "Grants permission to describe the current role and list of Amazon S3 log buckets used by the DDoS Response team to access your AWS account while assisting with attack mitigation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeDRTAccess.html" + }, + "DescribeEmergencyContactSettings": { + "privilege": "DescribeEmergencyContactSettings", + "description": "Grants permission to list the email addresses that the DRT can use to contact you during a suspected attack", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeEmergencyContactSettings.html" + }, + "DescribeProtection": { + "privilege": "DescribeProtection", + "description": "Grants permission to get protection details", + "access_level": "Read", + "resource_types": { + "protection": { + "resource_type": "protection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection": "protection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeProtection.html" + }, + "DescribeProtectionGroup": { + "privilege": "DescribeProtectionGroup", + "description": "Grants permission to describe the specification for the specified protection group", + "access_level": "Read", + "resource_types": { + "protection-group": { + "resource_type": "protection-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection-group": "protection-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeProtectionGroup.html" + }, + "DescribeSubscription": { + "privilege": "DescribeSubscription", + "description": "Grants permission to get subscription details, such as start time", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DescribeSubscription.html" + }, + "DisableApplicationLayerAutomaticResponse": { + "privilege": "DisableApplicationLayerAutomaticResponse", + "description": "Grants permission to disable application layer automatic response for Shield Advanced protection for a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisableApplicationLayerAutomaticResponse.html" + }, + "DisableProactiveEngagement": { + "privilege": "DisableProactiveEngagement", + "description": "Grants permission to remove authorization from the DDoS Response Team (DRT) to notify contacts about escalations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisableProactiveEngagement.html" + }, + "DisassociateDRTLogBucket": { + "privilege": "DisassociateDRTLogBucket", + "description": "Grants permission to remove the DDoS Response team's access to the specified Amazon S3 bucket containing your flow logs", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "s3:DeleteBucketPolicy", + "s3:GetBucketPolicy", + "s3:PutBucketPolicy" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisassociateDRTLogBucket.html" + }, + "DisassociateDRTRole": { + "privilege": "DisassociateDRTRole", + "description": "Grants permission to remove the DDoS Response team's access to your AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisassociateDRTRole.html" + }, + "DisassociateHealthCheck": { + "privilege": "DisassociateHealthCheck", + "description": "Grants permission to remove health-based detection from the Shield Advanced protection for a resource", + "access_level": "Write", + "resource_types": { + "protection": { + "resource_type": "protection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection": "protection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_DisassociateHealthCheck.html" + }, + "EnableApplicationLayerAutomaticResponse": { + "privilege": "EnableApplicationLayerAutomaticResponse", + "description": "Grants permission to enable application layer automatic response for Shield Advanced protection for a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "cloudfront:GetDistribution", + "iam:CreateServiceLinkedRole", + "iam:GetRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_EnableApplicationLayerAutomaticResponse.html" + }, + "EnableProactiveEngagement": { + "privilege": "EnableProactiveEngagement", + "description": "Grants permission to authorize the DDoS Response Team (DRT) to use email and phone to notify contacts about escalations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_EnableProactiveEngagement.html" + }, + "GetSubscriptionState": { + "privilege": "GetSubscriptionState", + "description": "Grants permission to get subscription state", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_GetSubscriptionState.html" + }, + "ListAttacks": { + "privilege": "ListAttacks", + "description": "Grants permission to list all existing attacks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListAttacks.html" + }, + "ListProtectionGroups": { + "privilege": "ListProtectionGroups", + "description": "Grants permission to retrieve the protection groups for the account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListProtectionGroups.html" + }, + "ListProtections": { + "privilege": "ListProtections", + "description": "Grants permission to list all existing protections", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListProtections.html" + }, + "ListResourcesInProtectionGroup": { + "privilege": "ListResourcesInProtectionGroup", + "description": "Grants permission to retrieve the resources that are included in the protection group", + "access_level": "List", + "resource_types": { + "protection-group": { + "resource_type": "protection-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection-group": "protection-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListResourcesInProtectionGroup.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get information about AWS tags for a specified Amazon Resource Name (ARN) in AWS Shield", + "access_level": "Read", + "resource_types": { + "protection": { + "resource_type": "protection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "protection-group": { + "resource_type": "protection-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection": "protection", + "protection-group": "protection-group" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_ListTagsForResource.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add or updates tags for a resource in AWS Shield", + "access_level": "Tagging", + "resource_types": { + "protection": { + "resource_type": "protection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "protection-group": { + "resource_type": "protection-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection": "protection", + "protection-group": "protection-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource in AWS Shield", + "access_level": "Tagging", + "resource_types": { + "protection": { + "resource_type": "protection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "protection-group": { + "resource_type": "protection-group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection": "protection", + "protection-group": "protection-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UntagResource.html" + }, + "UpdateApplicationLayerAutomaticResponse": { + "privilege": "UpdateApplicationLayerAutomaticResponse", + "description": "Grants permission to update application layer automatic response for Shield Advanced protection for a resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateApplicationLayerAutomaticResponse.html" + }, + "UpdateEmergencyContactSettings": { + "privilege": "UpdateEmergencyContactSettings", + "description": "Grants permission to update the details of the list of email addresses that the DRT can use to contact you during a suspected attack", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateEmergencyContactSettings.html" + }, + "UpdateProtectionGroup": { + "privilege": "UpdateProtectionGroup", + "description": "Grants permission to update an existing protection group", + "access_level": "Write", + "resource_types": { + "protection-group": { + "resource_type": "protection-group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "protection-group": "protection-group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateProtectionGroup.html" + }, + "UpdateSubscription": { + "privilege": "UpdateSubscription", + "description": "Grants permission to update the details of an existing subscription", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_UpdateSubscription.html" + } + }, + "privileges_lower_name": { + "associatedrtlogbucket": "AssociateDRTLogBucket", + "associatedrtrole": "AssociateDRTRole", + "associatehealthcheck": "AssociateHealthCheck", + "associateproactiveengagementdetails": "AssociateProactiveEngagementDetails", + "createprotection": "CreateProtection", + "createprotectiongroup": "CreateProtectionGroup", + "createsubscription": "CreateSubscription", + "deleteprotection": "DeleteProtection", + "deleteprotectiongroup": "DeleteProtectionGroup", + "deletesubscription": "DeleteSubscription", + "describeattack": "DescribeAttack", + "describeattackstatistics": "DescribeAttackStatistics", + "describedrtaccess": "DescribeDRTAccess", + "describeemergencycontactsettings": "DescribeEmergencyContactSettings", + "describeprotection": "DescribeProtection", + "describeprotectiongroup": "DescribeProtectionGroup", + "describesubscription": "DescribeSubscription", + "disableapplicationlayerautomaticresponse": "DisableApplicationLayerAutomaticResponse", + "disableproactiveengagement": "DisableProactiveEngagement", + "disassociatedrtlogbucket": "DisassociateDRTLogBucket", + "disassociatedrtrole": "DisassociateDRTRole", + "disassociatehealthcheck": "DisassociateHealthCheck", + "enableapplicationlayerautomaticresponse": "EnableApplicationLayerAutomaticResponse", + "enableproactiveengagement": "EnableProactiveEngagement", + "getsubscriptionstate": "GetSubscriptionState", + "listattacks": "ListAttacks", + "listprotectiongroups": "ListProtectionGroups", + "listprotections": "ListProtections", + "listresourcesinprotectiongroup": "ListResourcesInProtectionGroup", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplicationlayerautomaticresponse": "UpdateApplicationLayerAutomaticResponse", + "updateemergencycontactsettings": "UpdateEmergencyContactSettings", + "updateprotectiongroup": "UpdateProtectionGroup", + "updatesubscription": "UpdateSubscription" + }, + "resources": { + "attack": { + "resource": "attack", + "arn": "arn:${Partition}:shield::${Account}:attack/${Id}", + "condition_keys": [] + }, + "protection": { + "resource": "protection", + "arn": "arn:${Partition}:shield::${Account}:protection/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "protection-group": { + "resource": "protection-group", + "arn": "arn:${Partition}:shield::${Account}:protection-group/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "attack": "attack", + "protection": "protection", + "protection-group": "protection-group" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "signer": { + "service_name": "AWS Signer", + "prefix": "signer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssigner.html", + "privileges": { + "AddProfilePermission": { + "privilege": "AddProfilePermission", + "description": "Grants permission to add cross-account permissions to a Signing Profile", + "access_level": "Permissions management", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_AddProfilePermission.html" + }, + "CancelSigningProfile": { + "privilege": "CancelSigningProfile", + "description": "Grants permission to change the state of a Signing Profile to CANCELED", + "access_level": "Write", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_CancelSigningProfile.html" + }, + "DescribeSigningJob": { + "privilege": "DescribeSigningJob", + "description": "Grants permission to return information about a specific Signing Job", + "access_level": "Read", + "resource_types": { + "signing-job": { + "resource_type": "signing-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-job": "signing-job" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_DescribeSigningJob.html" + }, + "GetRevocationStatus": { + "privilege": "GetRevocationStatus", + "description": "Grants permission to query revocation info of signing resources", + "access_level": "Read", + "resource_types": { + "signing-job": { + "resource_type": "signing-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-job": "signing-job", + "signing-profile": "signing-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_GetRevocationStatus.html" + }, + "GetSigningPlatform": { + "privilege": "GetSigningPlatform", + "description": "Grants permission to return information about a specific Signing Platform", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_GetSigningPlatform.html" + }, + "GetSigningProfile": { + "privilege": "GetSigningProfile", + "description": "Grants permission to return information about a specific Signing Profile", + "access_level": "Read", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_GetSigningProfile.html" + }, + "ListProfilePermissions": { + "privilege": "ListProfilePermissions", + "description": "Grants permission to list the cross-account permissions associated with a Signing Profile", + "access_level": "Read", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListProfilePermissions.html" + }, + "ListSigningJobs": { + "privilege": "ListSigningJobs", + "description": "Grants permission to list all Signing Jobs in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListSigningJobs.html" + }, + "ListSigningPlatforms": { + "privilege": "ListSigningPlatforms", + "description": "Grants permission to list all available Signing Platforms", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListSigningPlatforms.html" + }, + "ListSigningProfiles": { + "privilege": "ListSigningProfiles", + "description": "Grants permission to list all Signing Profiles in your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListSigningProfiles.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags associated with a Signing Profile", + "access_level": "Read", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_ListTagsForResource.html" + }, + "PutSigningProfile": { + "privilege": "PutSigningProfile", + "description": "Grants permission to create a new Signing Profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_PutSigningProfile.html" + }, + "RemoveProfilePermission": { + "privilege": "RemoveProfilePermission", + "description": "Grants permission to remove cross-account permissions from a Signing Profile", + "access_level": "Permissions management", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_RemoveProfilePermission.html" + }, + "RevokeSignature": { + "privilege": "RevokeSignature", + "description": "Grants permission to change the state of a Signing Job to REVOKED", + "access_level": "Write", + "resource_types": { + "signing-job": { + "resource_type": "signing-job", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-job": "signing-job", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_RevokeSignature.html" + }, + "RevokeSigningProfile": { + "privilege": "RevokeSigningProfile", + "description": "Grants permission to change the state of a Signing Profile to REVOKED", + "access_level": "Write", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_RevokeSigningProfile.html" + }, + "SignPayload": { + "privilege": "SignPayload", + "description": "Grants permission to initiate a Signing Job on the provided payload", + "access_level": "Write", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_SignPayload.html" + }, + "StartSigningJob": { + "privilege": "StartSigningJob", + "description": "Grants permission to initiate a Signing Job on the provided code", + "access_level": "Write", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "signer:ProfileVersion" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_StartSigningJob.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add one or more tags to a Signing Profile", + "access_level": "Tagging", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove one or more tags from a Signing Profile", + "access_level": "Tagging", + "resource_types": { + "signing-profile": { + "resource_type": "signing-profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "signing-profile": "signing-profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/signer/latest/api/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "addprofilepermission": "AddProfilePermission", + "cancelsigningprofile": "CancelSigningProfile", + "describesigningjob": "DescribeSigningJob", + "getrevocationstatus": "GetRevocationStatus", + "getsigningplatform": "GetSigningPlatform", + "getsigningprofile": "GetSigningProfile", + "listprofilepermissions": "ListProfilePermissions", + "listsigningjobs": "ListSigningJobs", + "listsigningplatforms": "ListSigningPlatforms", + "listsigningprofiles": "ListSigningProfiles", + "listtagsforresource": "ListTagsForResource", + "putsigningprofile": "PutSigningProfile", + "removeprofilepermission": "RemoveProfilePermission", + "revokesignature": "RevokeSignature", + "revokesigningprofile": "RevokeSigningProfile", + "signpayload": "SignPayload", + "startsigningjob": "StartSigningJob", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "signing-profile": { + "resource": "signing-profile", + "arn": "arn:${Partition}:signer:${Region}:${Account}:/signing-profiles/${ProfileName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "signing-job": { + "resource": "signing-job", + "arn": "arn:${Partition}:signer:${Region}:${Account}:/signing-jobs/${JobId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "signing-profile": "signing-profile", + "signing-job": "signing-job" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by presence of mandatory tags in the request", + "type": "ArrayOfString" + }, + "signer:ProfileVersion": { + "condition": "signer:ProfileVersion", + "description": "Filters access by version of the Signing Profile", + "type": "String" + } + } + }, + "simspaceweaver": { + "service_name": "AWS SimSpace Weaver", + "prefix": "simspaceweaver", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssimspaceweaver.html", + "privileges": { + "CreateSnapshot": { + "privilege": "CreateSnapshot", + "description": "Grants permission to create a snapshot", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_CreateSnapshot.html" + }, + "DeleteApp": { + "privilege": "DeleteApp", + "description": "Grants permission to delete an app", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DeleteApp.html" + }, + "DeleteSimulation": { + "privilege": "DeleteSimulation", + "description": "Grants permission to delete a simulation", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DeleteSimulation.html" + }, + "DescribeApp": { + "privilege": "DescribeApp", + "description": "Grants permission to describe an app", + "access_level": "Read", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DescribeApp.html" + }, + "DescribeSimulation": { + "privilege": "DescribeSimulation", + "description": "Grants permission to describe a simulation", + "access_level": "Read", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_DescribeSimulation.html" + }, + "ListApps": { + "privilege": "ListApps", + "description": "Grants permission to list apps", + "access_level": "Read", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_ListApps.html" + }, + "ListSimulations": { + "privilege": "ListSimulations", + "description": "Grants permission to list simulations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_ListSimulations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_ListTagsForResource.html" + }, + "StartApp": { + "privilege": "StartApp", + "description": "Grants permission to start an app", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StartApp.html" + }, + "StartClock": { + "privilege": "StartClock", + "description": "Grants permission to start a simulation clock", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StartClock.html" + }, + "StartSimulation": { + "privilege": "StartSimulation", + "description": "Grants permission to start a simulation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StartSimulation.html" + }, + "StopApp": { + "privilege": "StopApp", + "description": "Grants permission to stop an app", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StopApp.html" + }, + "StopClock": { + "privilege": "StopClock", + "description": "Grants permission to stop a simulation clock", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StopClock.html" + }, + "StopSimulation": { + "privilege": "StopSimulation", + "description": "Grants permission to stop a simulation", + "access_level": "Write", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_StopSimulation.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "Simulation": { + "resource_type": "Simulation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "simulation": "Simulation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/simspaceweaver/latest/APIReference/API_UntagResource.html" + } + }, + "privileges_lower_name": { + "createsnapshot": "CreateSnapshot", + "deleteapp": "DeleteApp", + "deletesimulation": "DeleteSimulation", + "describeapp": "DescribeApp", + "describesimulation": "DescribeSimulation", + "listapps": "ListApps", + "listsimulations": "ListSimulations", + "listtagsforresource": "ListTagsForResource", + "startapp": "StartApp", + "startclock": "StartClock", + "startsimulation": "StartSimulation", + "stopapp": "StopApp", + "stopclock": "StopClock", + "stopsimulation": "StopSimulation", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "Simulation": { + "resource": "Simulation", + "arn": "arn:${Partition}:simspaceweaver:${Region}:${Account}:simulation/${SimulationName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "simulation": "Simulation" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "snowball": { + "service_name": "AWS Snowball", + "prefix": "snowball", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssnowball.html", + "privileges": { + "CancelCluster": { + "privilege": "CancelCluster", + "description": "Grants permission to cancel a cluster job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CancelCluster.html" + }, + "CancelJob": { + "privilege": "CancelJob", + "description": "Grants permission to cancel the specified job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CancelJob.html" + }, + "CreateAddress": { + "privilege": "CreateAddress", + "description": "Grants permission to create an address for a Snowball to be shipped to", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateAddress.html" + }, + "CreateCluster": { + "privilege": "CreateCluster", + "description": "Grants permission to create an empty cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateCluster.html" + }, + "CreateJob": { + "privilege": "CreateJob", + "description": "Grants permission to creates a job to import or export data between Amazon S3 and your on-premises data center", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateJob.html" + }, + "CreateLongTermPricing": { + "privilege": "CreateLongTermPricing", + "description": "Grants permission to creates a LongTermPricingListEntry for allowing customers to add an upfront billing contract for a job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateLongTermPricing.html" + }, + "CreateReturnShippingLabel": { + "privilege": "CreateReturnShippingLabel", + "description": "Grants permission to create a shipping label that will be used to return the Snow device to AWS", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_CreateReturnShippingLabel.html" + }, + "DescribeAddress": { + "privilege": "DescribeAddress", + "description": "Grants permission to get specific details about that address in the form of an Address object", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeAddress.html" + }, + "DescribeAddresses": { + "privilege": "DescribeAddresses", + "description": "Grants permission to describe a specified number of ADDRESS objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeAddresses.html" + }, + "DescribeCluster": { + "privilege": "DescribeCluster", + "description": "Grants permission to describe information about a specific cluster including shipping information, cluster status, and other important metadata", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeCluster.html" + }, + "DescribeJob": { + "privilege": "DescribeJob", + "description": "Grants permission to describe information about a specific job including shipping information, job status, and other important metadata", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeJob.html" + }, + "DescribeReturnShippingLabel": { + "privilege": "DescribeReturnShippingLabel", + "description": "Grants permission to describe information on the shipping label of a Snow device that is being returned to AWS", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_DescribeReturnShippingLabel.html" + }, + "GetJobManifest": { + "privilege": "GetJobManifest", + "description": "Grants permission to get a link to an Amazon S3 presigned URL for the manifest file associated with the specified JobId value", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetJobManifest.html" + }, + "GetJobUnlockCode": { + "privilege": "GetJobUnlockCode", + "description": "Grants permission to get the UnlockCode code value for the specified job", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetJobUnlockCode.html" + }, + "GetSnowballUsage": { + "privilege": "GetSnowballUsage", + "description": "Grants permission to get information about the Snowball service limit for your account, and also the number of Snowballs your account has in use", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetSnowballUsage.html" + }, + "GetSoftwareUpdates": { + "privilege": "GetSoftwareUpdates", + "description": "Grants permission to return an Amazon S3 presigned URL for an update file associated with a specified JobId", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_GetSoftwareUpdates.html" + }, + "ListClusterJobs": { + "privilege": "ListClusterJobs", + "description": "Grants permission to list JobListEntry objects of the specified length", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListClusterJobs.html" + }, + "ListClusters": { + "privilege": "ListClusters", + "description": "Grants permission to list ClusterListEntry objects of the specified length", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListClusters.html" + }, + "ListCompatibleImages": { + "privilege": "ListCompatibleImages", + "description": "Grants permission to return a list of the different Amazon EC2 Amazon Machine Images (AMIs) that are owned by your AWS account that would be supported for use on a Snow device", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListCompatibleImages.html" + }, + "ListJobs": { + "privilege": "ListJobs", + "description": "Grants permission to list JobListEntry objects of the specified length", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListJobs.html" + }, + "ListLongTermPricing": { + "privilege": "ListLongTermPricing", + "description": "Grants permission to list LongTermPricingListEntry objects for the account making the request", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListLongTermPricing.html" + }, + "ListServiceVersions": { + "privilege": "ListServiceVersions", + "description": "Grants permission to list all supported versions for Snow on-device services", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_ListServiceVersions.html" + }, + "UpdateCluster": { + "privilege": "UpdateCluster", + "description": "Grants permission to update while a cluster's ClusterState value is in the AwaitingQuorum state, you can update some of the information associated with a cluster", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateCluster.html" + }, + "UpdateJob": { + "privilege": "UpdateJob", + "description": "Grants permission to update while a job's JobState value is New, you can update some of the information associated with a job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateJob.html" + }, + "UpdateJobShipmentState": { + "privilege": "UpdateJobShipmentState", + "description": "Grants permission to update the state when a the shipment states changes to a different state", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateJobShipmentState.html" + }, + "UpdateLongTermPricing": { + "privilege": "UpdateLongTermPricing", + "description": "Grants permission to update a specific upfront billing contract for a job", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/api-reference/API_UpdateLongTermPricing.html" + } + }, + "privileges_lower_name": { + "cancelcluster": "CancelCluster", + "canceljob": "CancelJob", + "createaddress": "CreateAddress", + "createcluster": "CreateCluster", + "createjob": "CreateJob", + "createlongtermpricing": "CreateLongTermPricing", + "createreturnshippinglabel": "CreateReturnShippingLabel", + "describeaddress": "DescribeAddress", + "describeaddresses": "DescribeAddresses", + "describecluster": "DescribeCluster", + "describejob": "DescribeJob", + "describereturnshippinglabel": "DescribeReturnShippingLabel", + "getjobmanifest": "GetJobManifest", + "getjobunlockcode": "GetJobUnlockCode", + "getsnowballusage": "GetSnowballUsage", + "getsoftwareupdates": "GetSoftwareUpdates", + "listclusterjobs": "ListClusterJobs", + "listclusters": "ListClusters", + "listcompatibleimages": "ListCompatibleImages", + "listjobs": "ListJobs", + "listlongtermpricing": "ListLongTermPricing", + "listserviceversions": "ListServiceVersions", + "updatecluster": "UpdateCluster", + "updatejob": "UpdateJob", + "updatejobshipmentstate": "UpdateJobShipmentState", + "updatelongtermpricing": "UpdateLongTermPricing" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "snow-device-management": { + "service_name": "AWS Snow Device Management", + "prefix": "snow-device-management", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssnowdevicemanagement.html", + "privileges": { + "CancelTask": { + "privilege": "CancelTask", + "description": "Grants permission to cancel tasks on remote devices", + "access_level": "Write", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-cancel-task.html" + }, + "CreateTask": { + "privilege": "CreateTask", + "description": "Grants permission to create tasks on remote devices", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-create-task.html" + }, + "DescribeDevice": { + "privilege": "DescribeDevice", + "description": "Grants permission to describe a remotely-managed device", + "access_level": "Read", + "resource_types": { + "managed-device": { + "resource_type": "managed-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managed-device": "managed-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-device.html" + }, + "DescribeDeviceEc2Instances": { + "privilege": "DescribeDeviceEc2Instances", + "description": "Grants permission to describe a remotely-managed device's EC2 instances", + "access_level": "Read", + "resource_types": { + "managed-device": { + "resource_type": "managed-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managed-device": "managed-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-ec2-instances.html" + }, + "DescribeExecution": { + "privilege": "DescribeExecution", + "description": "Grants permission to describe task executions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-execution.html" + }, + "DescribeTask": { + "privilege": "DescribeTask", + "description": "Grants permission to describe a task", + "access_level": "Read", + "resource_types": { + "task": { + "resource_type": "task", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "task": "task" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-describe-task.html" + }, + "ListDeviceResources": { + "privilege": "ListDeviceResources", + "description": "Grants permission to list a remotely-managed device's resources", + "access_level": "List", + "resource_types": { + "managed-device": { + "resource_type": "managed-device", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managed-device": "managed-device" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-device-resources.html" + }, + "ListDevices": { + "privilege": "ListDevices", + "description": "Grants permission to list remotely-managed devices", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-devices.html" + }, + "ListExecutions": { + "privilege": "ListExecutions", + "description": "Grants permission to list task executions", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-executions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags for a resource (device or task)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-tags-for-resource.html" + }, + "ListTasks": { + "privilege": "ListTasks", + "description": "Grants permission to list tasks", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-list-tasks.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "managed-device": { + "resource_type": "managed-device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managed-device": "managed-device", + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-tag-resource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "managed-device": { + "resource_type": "managed-device", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managed-device": "managed-device", + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/snowball/latest/snowcone-guide/sdms-cli-untag-resources.html" + } + }, + "privileges_lower_name": { + "canceltask": "CancelTask", + "createtask": "CreateTask", + "describedevice": "DescribeDevice", + "describedeviceec2instances": "DescribeDeviceEc2Instances", + "describeexecution": "DescribeExecution", + "describetask": "DescribeTask", + "listdeviceresources": "ListDeviceResources", + "listdevices": "ListDevices", + "listexecutions": "ListExecutions", + "listtagsforresource": "ListTagsForResource", + "listtasks": "ListTasks", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "managed-device": { + "resource": "managed-device", + "arn": "arn:${Partition}:snow-device-management:${Region}:${Account}:managed-device/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "task": { + "resource": "task", + "arn": "arn:${Partition}:snow-device-management:${Region}:${Account}:task/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "managed-device": "managed-device", + "task": "task" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access based on the presence of tag keys in the request", + "type": "String" + } + } + }, + "sqlworkbench": { + "service_name": "AWS SQL Workbench", + "prefix": "sqlworkbench", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssqlworkbench.html", + "privileges": { + "AssociateConnectionWithChart": { + "privilege": "AssociateConnectionWithChart", + "description": "Grants permission to associate connection to a chart", + "access_level": "Write", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart", + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "AssociateConnectionWithTab": { + "privilege": "AssociateConnectionWithTab", + "description": "Grants permission to associate connection to a tab", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "AssociateNotebookWithTab": { + "privilege": "AssociateNotebookWithTab", + "description": "Grants permission to associate notebook to a tab", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "AssociateQueryWithTab": { + "privilege": "AssociateQueryWithTab", + "description": "Grants permission to associate query to a tab", + "access_level": "Write", + "resource_types": { + "query": { + "resource_type": "query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "query": "query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "BatchDeleteFolder": { + "privilege": "BatchDeleteFolder", + "description": "Grants permission to delete folders on your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "BatchGetNotebookCell": { + "privilege": "BatchGetNotebookCell", + "description": "Grants permission to get notebook cells content on your account", + "access_level": "Read", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateAccount": { + "privilege": "CreateAccount", + "description": "Grants permission to create SQLWorkbench account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateChart": { + "privilege": "CreateChart", + "description": "Grants permission to create new saved chart on your account", + "access_level": "Write", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateConnection": { + "privilege": "CreateConnection", + "description": "Grants permission to create a new connection on your account", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateFolder": { + "privilege": "CreateFolder", + "description": "Grants permission to create folder on your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateNotebook": { + "privilege": "CreateNotebook", + "description": "Grants permission to create a new notebook on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateNotebookCell": { + "privilege": "CreateNotebookCell", + "description": "Grants permission to create a notebook cell on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateNotebookFromVersion": { + "privilege": "CreateNotebookFromVersion", + "description": "Grants permission to create a new notebook from a notebook version on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateNotebookVersion": { + "privilege": "CreateNotebookVersion", + "description": "Grants permission to create a notebook version on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "CreateSavedQuery": { + "privilege": "CreateSavedQuery", + "description": "Grants permission to create a new saved query on your account", + "access_level": "Write", + "resource_types": { + "query": { + "resource_type": "query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "query": "query", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteChart": { + "privilege": "DeleteChart", + "description": "Grants permission to remove charts on your account", + "access_level": "Write", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteConnection": { + "privilege": "DeleteConnection", + "description": "Grants permission to remove connections on your account", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteNotebook": { + "privilege": "DeleteNotebook", + "description": "Grants permission to remove notebooks on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteNotebookCell": { + "privilege": "DeleteNotebookCell", + "description": "Grants permission to remove notebooks cells on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteNotebookVersion": { + "privilege": "DeleteNotebookVersion", + "description": "Grants permission to remove notebooks cells on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteSavedQuery": { + "privilege": "DeleteSavedQuery", + "description": "Grants permission to remove saved queries on your account", + "access_level": "Write", + "resource_types": { + "query": { + "resource_type": "query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "query": "query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DeleteTab": { + "privilege": "DeleteTab", + "description": "Grants permission to remove a tab on your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DriverExecute": { + "privilege": "DriverExecute", + "description": "Grants permission to execute a query in your redshift cluster", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "DuplicateNotebook": { + "privilege": "DuplicateNotebook", + "description": "Grants permission to create a new notebook by duplicating an existing one on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ExportNotebook": { + "privilege": "ExportNotebook", + "description": "Grants permission to export a notebook on your account", + "access_level": "Read", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GenerateSession": { + "privilege": "GenerateSession", + "description": "Grants permission to generate a new session on your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetAccountInfo": { + "privilege": "GetAccountInfo", + "description": "Grants permission to get account info", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetAccountSettings": { + "privilege": "GetAccountSettings", + "description": "Grants permission to get account settings", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetAutocompletionMetadata": { + "privilege": "GetAutocompletionMetadata", + "description": "Grants permission to get database structure metadata for auto-completion", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetAutocompletionResource": { + "privilege": "GetAutocompletionResource", + "description": "Grants permission to get database structure information for auto-completion", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetChart": { + "privilege": "GetChart", + "description": "Grants permission to get charts on your account", + "access_level": "Read", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetConnection": { + "privilege": "GetConnection", + "description": "Grants permission to get connections on your account", + "access_level": "Read", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetNotebook": { + "privilege": "GetNotebook", + "description": "Grants permission to get notebook metadata on your account", + "access_level": "Read", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetNotebookVersion": { + "privilege": "GetNotebookVersion", + "description": "Grants permission to get the content of a notebook version on your account", + "access_level": "Read", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetQueryExecutionHistory": { + "privilege": "GetQueryExecutionHistory", + "description": "Grants permission to get the query execution history on your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetSavedQuery": { + "privilege": "GetSavedQuery", + "description": "Grants permission to get saved query on your account", + "access_level": "Read", + "resource_types": { + "query": { + "resource_type": "query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "query": "query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetSchemaInference": { + "privilege": "GetSchemaInference", + "description": "Grants permission to get the columns and data types inferred from a file", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetUserInfo": { + "privilege": "GetUserInfo", + "description": "Grants permission to get user info", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "GetUserWorkspaceSettings": { + "privilege": "GetUserWorkspaceSettings", + "description": "Grants permission to get workspace settings on your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ImportNotebook": { + "privilege": "ImportNotebook", + "description": "Grants permission to import a notebook on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListConnections": { + "privilege": "ListConnections", + "description": "Grants permission to list the connections on your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListDatabases": { + "privilege": "ListDatabases", + "description": "Grants permission to list databases of your redshift cluster", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListFiles": { + "privilege": "ListFiles", + "description": "Grants permission to list files and folders", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListNotebookVersions": { + "privilege": "ListNotebookVersions", + "description": "Grants permission to get notebook versions metadata on your account", + "access_level": "List", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListNotebooks": { + "privilege": "ListNotebooks", + "description": "Grants permission to list the notebooks on your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListQueryExecutionHistory": { + "privilege": "ListQueryExecutionHistory", + "description": "Grants permission to list the query execution history on your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListRedshiftClusters": { + "privilege": "ListRedshiftClusters", + "description": "Grants permission to list redshift clusters on your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListSampleDatabases": { + "privilege": "ListSampleDatabases", + "description": "Grants permission to list sample databases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListSavedQueryVersions": { + "privilege": "ListSavedQueryVersions", + "description": "Grants permission to list versions of saved query on your account", + "access_level": "List", + "resource_types": { + "query": { + "resource_type": "query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "query": "query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListTabs": { + "privilege": "ListTabs", + "description": "Grants permission to list tabs on your account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListTaggedResources": { + "privilege": "ListTaggedResources", + "description": "Grants permission to list tagged resources", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags of an sqlworkbench resource", + "access_level": "Read", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "notebook": { + "resource_type": "notebook", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "query": { + "resource_type": "query", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart", + "connection": "connection", + "notebook": "notebook", + "query": "query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "PutTab": { + "privilege": "PutTab", + "description": "Grants permission to create or update a tab on your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "PutUserWorkspaceSettings": { + "privilege": "PutUserWorkspaceSettings", + "description": "Grants permission to update workspace settings on your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "RestoreNotebookVersion": { + "privilege": "RestoreNotebookVersion", + "description": "Grants permission to restore a notebook on your account to a version", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an sqlworkbench resource", + "access_level": "Tagging", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "notebook": { + "resource_type": "notebook", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "query": { + "resource_type": "query", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart", + "connection": "connection", + "notebook": "notebook", + "query": "query", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an sqlworkbench resource", + "access_level": "Tagging", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connection": { + "resource_type": "connection", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "notebook": { + "resource_type": "notebook", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "query": { + "resource_type": "query", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart", + "connection": "connection", + "notebook": "notebook", + "query": "query", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateAccountConnectionSettings": { + "privilege": "UpdateAccountConnectionSettings", + "description": "Grants permission to update account-wide connection settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateAccountExportSettings": { + "privilege": "UpdateAccountExportSettings", + "description": "Grants permission to update account-wide export settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateAccountGeneralSettings": { + "privilege": "UpdateAccountGeneralSettings", + "description": "Grants permission to update account-wide general settings", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateChart": { + "privilege": "UpdateChart", + "description": "Grants permission to update a chart on your account", + "access_level": "Write", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateConnection": { + "privilege": "UpdateConnection", + "description": "Grants permission to update a connection on your account", + "access_level": "Write", + "resource_types": { + "connection": { + "resource_type": "connection", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connection": "connection", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateFileFolder": { + "privilege": "UpdateFileFolder", + "description": "Grants permission to move files on your account", + "access_level": "Write", + "resource_types": { + "chart": { + "resource_type": "chart", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "query": { + "resource_type": "query", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "chart": "chart", + "query": "query" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateFolder": { + "privilege": "UpdateFolder", + "description": "Grants permission to update a folder's name and details on your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateNotebook": { + "privilege": "UpdateNotebook", + "description": "Grants permission to update a notebook metadata on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateNotebookCellContent": { + "privilege": "UpdateNotebookCellContent", + "description": "Grants permission to update a notebook cell content on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateNotebookCellLayout": { + "privilege": "UpdateNotebookCellLayout", + "description": "Grants permission to update a notebook cell layout on your account", + "access_level": "Write", + "resource_types": { + "notebook": { + "resource_type": "notebook", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notebook": "notebook", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + }, + "UpdateSavedQuery": { + "privilege": "UpdateSavedQuery", + "description": "Grants permission to update a saved query on your account", + "access_level": "Write", + "resource_types": { + "query": { + "resource_type": "query", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "query": "query", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-policy-resources.resource-permissions.html" + } + }, + "privileges_lower_name": { + "associateconnectionwithchart": "AssociateConnectionWithChart", + "associateconnectionwithtab": "AssociateConnectionWithTab", + "associatenotebookwithtab": "AssociateNotebookWithTab", + "associatequerywithtab": "AssociateQueryWithTab", + "batchdeletefolder": "BatchDeleteFolder", + "batchgetnotebookcell": "BatchGetNotebookCell", + "createaccount": "CreateAccount", + "createchart": "CreateChart", + "createconnection": "CreateConnection", + "createfolder": "CreateFolder", + "createnotebook": "CreateNotebook", + "createnotebookcell": "CreateNotebookCell", + "createnotebookfromversion": "CreateNotebookFromVersion", + "createnotebookversion": "CreateNotebookVersion", + "createsavedquery": "CreateSavedQuery", + "deletechart": "DeleteChart", + "deleteconnection": "DeleteConnection", + "deletenotebook": "DeleteNotebook", + "deletenotebookcell": "DeleteNotebookCell", + "deletenotebookversion": "DeleteNotebookVersion", + "deletesavedquery": "DeleteSavedQuery", + "deletetab": "DeleteTab", + "driverexecute": "DriverExecute", + "duplicatenotebook": "DuplicateNotebook", + "exportnotebook": "ExportNotebook", + "generatesession": "GenerateSession", + "getaccountinfo": "GetAccountInfo", + "getaccountsettings": "GetAccountSettings", + "getautocompletionmetadata": "GetAutocompletionMetadata", + "getautocompletionresource": "GetAutocompletionResource", + "getchart": "GetChart", + "getconnection": "GetConnection", + "getnotebook": "GetNotebook", + "getnotebookversion": "GetNotebookVersion", + "getqueryexecutionhistory": "GetQueryExecutionHistory", + "getsavedquery": "GetSavedQuery", + "getschemainference": "GetSchemaInference", + "getuserinfo": "GetUserInfo", + "getuserworkspacesettings": "GetUserWorkspaceSettings", + "importnotebook": "ImportNotebook", + "listconnections": "ListConnections", + "listdatabases": "ListDatabases", + "listfiles": "ListFiles", + "listnotebookversions": "ListNotebookVersions", + "listnotebooks": "ListNotebooks", + "listqueryexecutionhistory": "ListQueryExecutionHistory", + "listredshiftclusters": "ListRedshiftClusters", + "listsampledatabases": "ListSampleDatabases", + "listsavedqueryversions": "ListSavedQueryVersions", + "listtabs": "ListTabs", + "listtaggedresources": "ListTaggedResources", + "listtagsforresource": "ListTagsForResource", + "puttab": "PutTab", + "putuserworkspacesettings": "PutUserWorkspaceSettings", + "restorenotebookversion": "RestoreNotebookVersion", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateaccountconnectionsettings": "UpdateAccountConnectionSettings", + "updateaccountexportsettings": "UpdateAccountExportSettings", + "updateaccountgeneralsettings": "UpdateAccountGeneralSettings", + "updatechart": "UpdateChart", + "updateconnection": "UpdateConnection", + "updatefilefolder": "UpdateFileFolder", + "updatefolder": "UpdateFolder", + "updatenotebook": "UpdateNotebook", + "updatenotebookcellcontent": "UpdateNotebookCellContent", + "updatenotebookcelllayout": "UpdateNotebookCellLayout", + "updatesavedquery": "UpdateSavedQuery" + }, + "resources": { + "connection": { + "resource": "connection", + "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:connection/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "query": { + "resource": "query", + "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:query/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "chart": { + "resource": "chart", + "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:chart/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "notebook": { + "resource": "notebook", + "arn": "arn:${Partition}:sqlworkbench:${Region}:${Account}:notebook/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "connection": "connection", + "query": "query", + "chart": "chart", + "notebook": "notebook" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags that are associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "states": { + "service_name": "AWS Step Functions", + "prefix": "states", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsstepfunctions.html", + "privileges": { + "CreateActivity": { + "privilege": "CreateActivity", + "description": "Grants permission to create an activity", + "access_level": "Write", + "resource_types": { + "activity": { + "resource_type": "activity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activity": "activity", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_CreateActivity.html" + }, + "CreateStateMachine": { + "privilege": "CreateStateMachine", + "description": "Grants permission to create a state machine", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "states:PublishStateMachineVersion" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_CreateStateMachine.html" + }, + "CreateStateMachineAlias": { + "privilege": "CreateStateMachineAlias", + "description": "Grants permission to create a state machine alias", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_CreateStateMachineAlias.html" + }, + "DeleteActivity": { + "privilege": "DeleteActivity", + "description": "Grants permission to delete an activity", + "access_level": "Write", + "resource_types": { + "activity": { + "resource_type": "activity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activity": "activity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteActivity.html" + }, + "DeleteStateMachine": { + "privilege": "DeleteStateMachine", + "description": "Grants permission to delete a state machine", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteStateMachine.html" + }, + "DeleteStateMachineAlias": { + "privilege": "DeleteStateMachineAlias", + "description": "Grants permission to delete a state machine alias", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteStateMachineAlias.html" + }, + "DeleteStateMachineVersion": { + "privilege": "DeleteStateMachineVersion", + "description": "Grants permission to delete a state machine version", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DeleteStateMachineVersion.html" + }, + "DescribeActivity": { + "privilege": "DescribeActivity", + "description": "Grants permission to describe an activity", + "access_level": "Read", + "resource_types": { + "activity": { + "resource_type": "activity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activity": "activity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeActivity.html" + }, + "DescribeExecution": { + "privilege": "DescribeExecution", + "description": "Grants permission to describe an execution", + "access_level": "Read", + "resource_types": { + "execution": { + "resource_type": "execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "express": { + "resource_type": "express", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execution": "execution", + "express": "express" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeExecution.html" + }, + "DescribeMapRun": { + "privilege": "DescribeMapRun", + "description": "Grants permission to describe a map run", + "access_level": "Read", + "resource_types": { + "maprun": { + "resource_type": "maprun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maprun": "maprun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeMapRun.html" + }, + "DescribeStateMachine": { + "privilege": "DescribeStateMachine", + "description": "Grants permission to describe a state machine", + "access_level": "Read", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeStateMachine.html" + }, + "DescribeStateMachineAlias": { + "privilege": "DescribeStateMachineAlias", + "description": "Grants permission to describe a state machine alias", + "access_level": "Read", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeStateMachineAlias.html" + }, + "DescribeStateMachineForExecution": { + "privilege": "DescribeStateMachineForExecution", + "description": "Grants permission to describe the state machine for an execution", + "access_level": "Read", + "resource_types": { + "execution": { + "resource_type": "execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execution": "execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeStateMachineForExecution.html" + }, + "GetActivityTask": { + "privilege": "GetActivityTask", + "description": "Grants permission to be used by workers to retrieve a task (with the specified activity ARN) which has been scheduled for execution by a running state machine", + "access_level": "Write", + "resource_types": { + "activity": { + "resource_type": "activity", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activity": "activity" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_GetActivityTask.html" + }, + "GetExecutionHistory": { + "privilege": "GetExecutionHistory", + "description": "Grants permission to return the history of the specified execution as a list of events", + "access_level": "Read", + "resource_types": { + "execution": { + "resource_type": "execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execution": "execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_GetExecutionHistory.html" + }, + "ListActivities": { + "privilege": "ListActivities", + "description": "Grants permission to list the existing activities", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListActivities.html" + }, + "ListExecutions": { + "privilege": "ListExecutions", + "description": "Grants permission to list the executions of a state machine", + "access_level": "List", + "resource_types": { + "maprun": { + "resource_type": "maprun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maprun": "maprun", + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListExecutions.html" + }, + "ListMapRuns": { + "privilege": "ListMapRuns", + "description": "Grants permission to list the map runs of an execution", + "access_level": "List", + "resource_types": { + "execution": { + "resource_type": "execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execution": "execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListMapRuns.html" + }, + "ListStateMachineAliases": { + "privilege": "ListStateMachineAliases", + "description": "Grants permission to list the aliases of a state machine", + "access_level": "List", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListStateMachineAliases.html" + }, + "ListStateMachineVersions": { + "privilege": "ListStateMachineVersions", + "description": "Grants permission to list the versions of a state machine", + "access_level": "List", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListStateMachineVersions.html" + }, + "ListStateMachines": { + "privilege": "ListStateMachines", + "description": "Grants permission to lists the existing state machines", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListStateMachines.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS Step Functions resource", + "access_level": "List", + "resource_types": { + "activity": { + "resource_type": "activity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "statemachine": { + "resource_type": "statemachine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activity": "activity", + "statemachine": "statemachine" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListTagsForResource.html" + }, + "PublishStateMachineVersion": { + "privilege": "PublishStateMachineVersion", + "description": "Grants permission to publish a state machine version", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_PublishStateMachineVersion.html" + }, + "SendTaskFailure": { + "privilege": "SendTaskFailure", + "description": "Grants permission to report that the task identified by the taskToken failed", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_SendTaskFailure.html" + }, + "SendTaskHeartbeat": { + "privilege": "SendTaskHeartbeat", + "description": "Grants permission to report to the service that the task represented by the specified taskToken is still making progress", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_SendTaskHeartbeat.html" + }, + "SendTaskSuccess": { + "privilege": "SendTaskSuccess", + "description": "Grants permission to report that the task identified by the taskToken completed successfully", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_SendTaskSuccess.html" + }, + "StartExecution": { + "privilege": "StartExecution", + "description": "Grants permission to start a state machine execution", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html" + }, + "StartSyncExecution": { + "privilege": "StartSyncExecution", + "description": "Grants permission to start a Synchronous Express state machine execution", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html" + }, + "StopExecution": { + "privilege": "StopExecution", + "description": "Grants permission to stop an execution", + "access_level": "Write", + "resource_types": { + "execution": { + "resource_type": "execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "execution": "execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_StopExecution.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS Step Functions resource", + "access_level": "Tagging", + "resource_types": { + "activity": { + "resource_type": "activity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "statemachine": { + "resource_type": "statemachine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activity": "activity", + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a tag from an AWS Step Functions resource", + "access_level": "Tagging", + "resource_types": { + "activity": { + "resource_type": "activity", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "statemachine": { + "resource_type": "statemachine", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "activity": "activity", + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UntagResource.html" + }, + "UpdateMapRun": { + "privilege": "UpdateMapRun", + "description": "Grants permission to update a map run", + "access_level": "Write", + "resource_types": { + "maprun": { + "resource_type": "maprun", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maprun": "maprun" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateMapRun.html" + }, + "UpdateStateMachine": { + "privilege": "UpdateStateMachine", + "description": "Grants permission to update a state machine", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "states:PublishStateMachineVersion" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateStateMachine.html" + }, + "UpdateStateMachineAlias": { + "privilege": "UpdateStateMachineAlias", + "description": "Grants permission to update a state machine alias", + "access_level": "Write", + "resource_types": { + "statemachine": { + "resource_type": "statemachine", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "states:StateMachineQualifier" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "statemachine": "statemachine", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateStateMachineAlias.html" + } + }, + "privileges_lower_name": { + "createactivity": "CreateActivity", + "createstatemachine": "CreateStateMachine", + "createstatemachinealias": "CreateStateMachineAlias", + "deleteactivity": "DeleteActivity", + "deletestatemachine": "DeleteStateMachine", + "deletestatemachinealias": "DeleteStateMachineAlias", + "deletestatemachineversion": "DeleteStateMachineVersion", + "describeactivity": "DescribeActivity", + "describeexecution": "DescribeExecution", + "describemaprun": "DescribeMapRun", + "describestatemachine": "DescribeStateMachine", + "describestatemachinealias": "DescribeStateMachineAlias", + "describestatemachineforexecution": "DescribeStateMachineForExecution", + "getactivitytask": "GetActivityTask", + "getexecutionhistory": "GetExecutionHistory", + "listactivities": "ListActivities", + "listexecutions": "ListExecutions", + "listmapruns": "ListMapRuns", + "liststatemachinealiases": "ListStateMachineAliases", + "liststatemachineversions": "ListStateMachineVersions", + "liststatemachines": "ListStateMachines", + "listtagsforresource": "ListTagsForResource", + "publishstatemachineversion": "PublishStateMachineVersion", + "sendtaskfailure": "SendTaskFailure", + "sendtaskheartbeat": "SendTaskHeartbeat", + "sendtasksuccess": "SendTaskSuccess", + "startexecution": "StartExecution", + "startsyncexecution": "StartSyncExecution", + "stopexecution": "StopExecution", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatemaprun": "UpdateMapRun", + "updatestatemachine": "UpdateStateMachine", + "updatestatemachinealias": "UpdateStateMachineAlias" + }, + "resources": { + "activity": { + "resource": "activity", + "arn": "arn:${Partition}:states:${Region}:${Account}:activity:${ActivityName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "execution": { + "resource": "execution", + "arn": "arn:${Partition}:states:${Region}:${Account}:execution:${StateMachineName}:${ExecutionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "express": { + "resource": "express", + "arn": "arn:${Partition}:states:${Region}:${Account}:express:${StateMachineName}:${ExecutionId}:${ExpressId}", + "condition_keys": [] + }, + "statemachine": { + "resource": "statemachine", + "arn": "arn:${Partition}:states:${Region}:${Account}:stateMachine:${StateMachineName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "statemachineversion": { + "resource": "statemachineversion", + "arn": "arn:${Partition}:states:${Region}:${Account}:stateMachine:${StateMachineName}:${StateMachineVersionId}", + "condition_keys": [] + }, + "statemachinealias": { + "resource": "statemachinealias", + "arn": "arn:${Partition}:states:${Region}:${Account}:stateMachine:${StateMachineName}:${StateMachineAliasName}", + "condition_keys": [] + }, + "maprun": { + "resource": "maprun", + "arn": "arn:${Partition}:states:${Region}:${Account}:mapRun:${StateMachineName}/${MapRunLabel}:${MapRunId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "activity": "activity", + "execution": "execution", + "express": "express", + "statemachine": "statemachine", + "statemachineversion": "statemachineversion", + "statemachinealias": "statemachinealias", + "maprun": "maprun" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag key and value pair that is allowed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by a tag key and value pair of a resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by a list of tag keys that are allowed in the request", + "type": "ArrayOfString" + }, + "states:StateMachineQualifier": { + "condition": "states:StateMachineQualifier", + "description": "Filters access by the qualifier of a state machine ARN", + "type": "String" + } + } + }, + "scn": { + "service_name": "AWS Supply Chain", + "prefix": "scn", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html", + "privileges": { + "AssignAdminPermissionsToUser": { + "privilege": "AssignAdminPermissionsToUser", + "description": "Grants permission to add AWS Supply Chain administrator permission to federated user", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "CreateInstance": { + "privilege": "CreateInstance", + "description": "Grants permission to create a new AWS Supply Chain instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "CreateSSOApplication": { + "privilege": "CreateSSOApplication", + "description": "Grants permission to create IAM Identity Center application for a AWS Supply Chain instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "DeleteInstance": { + "privilege": "DeleteInstance", + "description": "Grants permission to delete an AWS Supply Chain instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "DeleteSSOApplication": { + "privilege": "DeleteSSOApplication", + "description": "Grants permission to delete IAM Identity Center application of the AWS Supply Chain instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "DescribeInstance": { + "privilege": "DescribeInstance", + "description": "Grants permission to view details of an AWS Supply Chain instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "ListAdminUsers": { + "privilege": "ListAdminUsers", + "description": "Grants permission to list AWS Supply Chain administrators of an instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "ListInstances": { + "privilege": "ListInstances", + "description": "Grants permission to view the AWS Supply Chain instances associated with an AWS account", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS Supply Chain instance", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "RemoveAdminPermissionsForUser": { + "privilege": "RemoveAdminPermissionsForUser", + "description": "Grants permission to remove AWS Supply Chain administrator permission from federated user", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS Supply Chain instance", + "access_level": "Tagging", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tag from an AWS Supply Chain instance", + "access_level": "Tagging", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + }, + "UpdateInstance": { + "privilege": "UpdateInstance", + "description": "Grants permission to update an AWS Supply Chain instance", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupplychain.html" + } + }, + "privileges_lower_name": { + "assignadminpermissionstouser": "AssignAdminPermissionsToUser", + "createinstance": "CreateInstance", + "createssoapplication": "CreateSSOApplication", + "deleteinstance": "DeleteInstance", + "deletessoapplication": "DeleteSSOApplication", + "describeinstance": "DescribeInstance", + "listadminusers": "ListAdminUsers", + "listinstances": "ListInstances", + "listtagsforresource": "ListTagsForResource", + "removeadminpermissionsforuser": "RemoveAdminPermissionsForUser", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateinstance": "UpdateInstance" + }, + "resources": { + "instance": { + "resource": "instance", + "arn": "arn:${Partition}:scn:${Region}:${Account}:instance/${InstanceId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "instance": "instance" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by using tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by using tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by using tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "support": { + "service_name": "AWS Support", + "prefix": "support", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupport.html", + "privileges": { + "AddAttachmentsToSet": { + "privilege": "AddAttachmentsToSet", + "description": "Grants permission to add one or more attachments to an AWS Support case", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_AddAttachmentsToSet.html" + }, + "AddCommunicationToCase": { + "privilege": "AddCommunicationToCase", + "description": "Grants permission to add a customer communication to an AWS Support case", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_AddCommunicationToCase.html" + }, + "CreateCase": { + "privilege": "CreateCase", + "description": "Grants permission to creates a new AWS Support case", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_CreateCase.html" + }, + "DescribeAttachment": { + "privilege": "DescribeAttachment", + "description": "Grants permission to describe attachment detail", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeAttachment.html" + }, + "DescribeCaseAttributes": { + "privilege": "DescribeCaseAttributes", + "description": "Grants permission to allow secondary services to read AWS Support case attributes.This is an internally managed function", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + }, + "DescribeCases": { + "privilege": "DescribeCases", + "description": "Grants permission to list AWS Support cases that matches the given inputs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeCases.html" + }, + "DescribeCommunications": { + "privilege": "DescribeCommunications", + "description": "Grants permission to list the communications and attachments for one or more AWS Support cases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeCommunications.html" + }, + "DescribeCreateCaseOptions": { + "privilege": "DescribeCreateCaseOptions", + "description": "Grants permission to describes the available options for creating a support case", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeCreateCaseOptions.html" + }, + "DescribeIssueTypes": { + "privilege": "DescribeIssueTypes", + "description": "Grants permission to return issue types for AWS Support cases", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + }, + "DescribeServices": { + "privilege": "DescribeServices", + "description": "Grants permission to list AWS services and categories that applies to each service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeServices.html" + }, + "DescribeSeverityLevels": { + "privilege": "DescribeSeverityLevels", + "description": "Grants permission to list severity levels that can be assigned to an AWS Support case", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeSeverityLevels.html" + }, + "DescribeSupportLevel": { + "privilege": "DescribeSupportLevel", + "description": "Grants permission to return the support level for an AWS Account identifier", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + }, + "DescribeSupportedLanguages": { + "privilege": "DescribeSupportedLanguages", + "description": "Grants permission to describes the available support languages for a given category code, service code and issue type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeSupportedLanguages.html" + }, + "DescribeTrustedAdvisorCheckRefreshStatuses": { + "privilege": "DescribeTrustedAdvisorCheckRefreshStatuses", + "description": "Grants permission to get the status of a Trusted Advisor refresh check based on a list of check identifiers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorCheckRefreshStatuses.html" + }, + "DescribeTrustedAdvisorCheckResult": { + "privilege": "DescribeTrustedAdvisorCheckResult", + "description": "Grants permission to get the results of the Trusted Advisor check that has the specified check identifier", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorCheckResult.html" + }, + "DescribeTrustedAdvisorCheckSummaries": { + "privilege": "DescribeTrustedAdvisorCheckSummaries", + "description": "Grants permission to get the summaries of the results of the Trusted Advisor checks that have the specified check identifiers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorCheckSummaries.html" + }, + "DescribeTrustedAdvisorChecks": { + "privilege": "DescribeTrustedAdvisorChecks", + "description": "Grants permission to get a list of all available Trusted Advisor checks, including name, identifier, category and description", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_DescribeTrustedAdvisorChecks.html" + }, + "InitiateCallForCase": { + "privilege": "InitiateCallForCase", + "description": "Grants permission to initiate a call on AWS Support Center. This is an internally managed function", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + }, + "InitiateChatForCase": { + "privilege": "InitiateChatForCase", + "description": "Grants permission to initiate a chat on AWS Support Center.This is an internally managed function", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + }, + "PutCaseAttributes": { + "privilege": "PutCaseAttributes", + "description": "Grants permission to allow secondary services to attach attributes to AWS Support cases. This is an internally managed function", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + }, + "RateCaseCommunication": { + "privilege": "RateCaseCommunication", + "description": "Grants permission to rate an AWS Support case communication", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + }, + "RefreshTrustedAdvisorCheck": { + "privilege": "RefreshTrustedAdvisorCheck", + "description": "Grants permission to requests a refresh of the Trusted Advisor check that has the specified check identifier", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_RefreshTrustedAdvisorCheck.html" + }, + "ResolveCase": { + "privilege": "ResolveCase", + "description": "Grants permission to resolve an AWS Support case", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/APIReference/API_ResolveCase.html" + }, + "SearchForCases": { + "privilege": "SearchForCases", + "description": "Grants permission to return a list of AWS Support cases that matches the given inputs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/accessing-support.html" + } + }, + "privileges_lower_name": { + "addattachmentstoset": "AddAttachmentsToSet", + "addcommunicationtocase": "AddCommunicationToCase", + "createcase": "CreateCase", + "describeattachment": "DescribeAttachment", + "describecaseattributes": "DescribeCaseAttributes", + "describecases": "DescribeCases", + "describecommunications": "DescribeCommunications", + "describecreatecaseoptions": "DescribeCreateCaseOptions", + "describeissuetypes": "DescribeIssueTypes", + "describeservices": "DescribeServices", + "describeseveritylevels": "DescribeSeverityLevels", + "describesupportlevel": "DescribeSupportLevel", + "describesupportedlanguages": "DescribeSupportedLanguages", + "describetrustedadvisorcheckrefreshstatuses": "DescribeTrustedAdvisorCheckRefreshStatuses", + "describetrustedadvisorcheckresult": "DescribeTrustedAdvisorCheckResult", + "describetrustedadvisorchecksummaries": "DescribeTrustedAdvisorCheckSummaries", + "describetrustedadvisorchecks": "DescribeTrustedAdvisorChecks", + "initiatecallforcase": "InitiateCallForCase", + "initiatechatforcase": "InitiateChatForCase", + "putcaseattributes": "PutCaseAttributes", + "ratecasecommunication": "RateCaseCommunication", + "refreshtrustedadvisorcheck": "RefreshTrustedAdvisorCheck", + "resolvecase": "ResolveCase", + "searchforcases": "SearchForCases" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "supportapp": { + "service_name": "AWS Support App for Slack", + "prefix": "supportapp", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupportappforslack.html", + "privileges": { + "CreateSlackChannelConfiguration": { + "privilege": "CreateSlackChannelConfiguration", + "description": "Grants permission to create a Slack channel configuration for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_CreateSlackChannelConfiguration.html" + }, + "DeleteAccountAlias": { + "privilege": "DeleteAccountAlias", + "description": "Grants permission to delete an alias from your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_DeleteAccountAlias.html" + }, + "DeleteSlackChannelConfiguration": { + "privilege": "DeleteSlackChannelConfiguration", + "description": "Grants permission to delete a Slack channel configuration from your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_DeleteSlackChannelConfiguration.html" + }, + "DeleteSlackWorkspaceConfiguration": { + "privilege": "DeleteSlackWorkspaceConfiguration", + "description": "Grants permission to delete a Slack workspace configuration from your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_DeleteSlackWorkspaceConfiguration.html" + }, + "GetAccountAlias": { + "privilege": "GetAccountAlias", + "description": "Grants permission to get the alias for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_GetAccountAlias.html" + }, + "ListSlackChannelConfigurations": { + "privilege": "ListSlackChannelConfigurations", + "description": "Grants permission to list all Slack channel configurations for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_ListSlackChannelConfigurations.html" + }, + "ListSlackWorkspaceConfigurations": { + "privilege": "ListSlackWorkspaceConfigurations", + "description": "Grants permission to list all Slack workspace configurations for your account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_ListSlackWorkspaceConfigurations.html" + }, + "PutAccountAlias": { + "privilege": "PutAccountAlias", + "description": "Grants permission to create or update an alias for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_PutAccountAlias.html" + }, + "RegisterSlackWorkspaceForOrganization": { + "privilege": "RegisterSlackWorkspaceForOrganization", + "description": "Grants permission to register a Slack workspace for an AWS account that is part of an organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_RegisterSlackWorkspaceForOrganization.html" + }, + "UpdateSlackChannelConfiguration": { + "privilege": "UpdateSlackChannelConfiguration", + "description": "Grants permission to update a Slack channel configuration for your account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/supportapp/latest/APIReference/API_UpdateSlackChannelConfiguration.html" + }, + "DescribeSlackChannels": { + "privilege": "DescribeSlackChannels", + "description": "Grants permission to list all public Slack channels in a workspace that have invited the AWS Support App", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/slack-authorization-permissions.html" + }, + "GetSlackOauthParameters": { + "privilege": "GetSlackOauthParameters", + "description": "Grants permission to get parameters for the Slack OAuth code, which the AWS Support App uses to authorize the workspace", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/slack-authorization-permissions.html" + }, + "RedeemSlackOauthCode": { + "privilege": "RedeemSlackOauthCode", + "description": "Grants permission to redeem the Slack OAuth code, which the AWS Support App uses to authorize the workspace", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/slack-authorization-permissions.html" + } + }, + "privileges_lower_name": { + "createslackchannelconfiguration": "CreateSlackChannelConfiguration", + "deleteaccountalias": "DeleteAccountAlias", + "deleteslackchannelconfiguration": "DeleteSlackChannelConfiguration", + "deleteslackworkspaceconfiguration": "DeleteSlackWorkspaceConfiguration", + "getaccountalias": "GetAccountAlias", + "listslackchannelconfigurations": "ListSlackChannelConfigurations", + "listslackworkspaceconfigurations": "ListSlackWorkspaceConfigurations", + "putaccountalias": "PutAccountAlias", + "registerslackworkspacefororganization": "RegisterSlackWorkspaceForOrganization", + "updateslackchannelconfiguration": "UpdateSlackChannelConfiguration", + "describeslackchannels": "DescribeSlackChannels", + "getslackoauthparameters": "GetSlackOauthParameters", + "redeemslackoauthcode": "RedeemSlackOauthCode" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "supportplans": { + "service_name": "AWS Support Plans", + "prefix": "supportplans", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssupportplans.html", + "privileges": { + "CreateSupportPlanSchedule": { + "privilege": "CreateSupportPlanSchedule", + "description": "Grants permission to create support plan schedules for this AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" + }, + "GetSupportPlan": { + "privilege": "GetSupportPlan", + "description": "Grants permission to view details about the current support plan for this AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" + }, + "GetSupportPlanUpdateStatus": { + "privilege": "GetSupportPlanUpdateStatus", + "description": "Grants permission to view details about the status for a request to update a support plan", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" + }, + "StartSupportPlanUpdate": { + "privilege": "StartSupportPlanUpdate", + "description": "Grants permission to update the support plan for this AWS account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-support-plans.html" + } + }, + "privileges_lower_name": { + "createsupportplanschedule": "CreateSupportPlanSchedule", + "getsupportplan": "GetSupportPlan", + "getsupportplanupdatestatus": "GetSupportPlanUpdateStatus", + "startsupportplanupdate": "StartSupportPlanUpdate" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "sustainability": { + "service_name": "AWS Sustainability", + "prefix": "sustainability", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssustainability.html", + "privileges": { + "GetCarbonFootprintSummary": { + "privilege": "GetCarbonFootprintSummary", + "description": "Grants permission to view the carbon footprint tool", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + } + }, + "privileges_lower_name": { + "getcarbonfootprintsummary": "GetCarbonFootprintSummary" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "ssm": { + "service_name": "AWS Systems Manager", + "prefix": "ssm", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanager.html", + "privileges": { + "AddTagsToResource": { + "privilege": "AddTagsToResource", + "description": "Grants permission to add or overwrite one or more tags for a specified AWS resource", + "access_level": "Tagging", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "automation-execution": { + "resource_type": "automation-execution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document": { + "resource_type": "document", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "opsitem": { + "resource_type": "opsitem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "opsmetadata": { + "resource_type": "opsmetadata", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parameter": { + "resource_type": "parameter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "patchbaseline": { + "resource_type": "patchbaseline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "automation-execution": "automation-execution", + "document": "document", + "maintenancewindow": "maintenancewindow", + "managed-instance": "managed-instance", + "opsitem": "opsitem", + "opsmetadata": "opsmetadata", + "parameter": "parameter", + "patchbaseline": "patchbaseline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_AddTagsToResource.html" + }, + "AssociateOpsItemRelatedItem": { + "privilege": "AssociateOpsItemRelatedItem", + "description": "Grants permission to associate RelatedItem to an OpsItem", + "access_level": "Write", + "resource_types": { + "opsitem": { + "resource_type": "opsitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "opsitem": "opsitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_AssociateOpsItemRelatedItem.html" + }, + "CancelCommand": { + "privilege": "CancelCommand", + "description": "Grants permission to cancel a specified Run Command command", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CancelCommand.html" + }, + "CancelMaintenanceWindowExecution": { + "privilege": "CancelMaintenanceWindowExecution", + "description": "Grants permission to cancel an in-progress maintenance window execution", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CancelMaintenanceWindowExecution.html" + }, + "CreateActivation": { + "privilege": "CreateActivation", + "description": "Grants permission to create an activation that is used to register on-premises servers and virtual machines (VMs) with Systems Manager", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateActivation.html" + }, + "CreateAssociation": { + "privilege": "CreateAssociation", + "description": "Grants permission to associate a specified Systems Manager document with specified instances or other targets", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document", + "instance": "instance", + "managed-instance": "managed-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociation.html" + }, + "CreateAssociationBatch": { + "privilege": "CreateAssociationBatch", + "description": "Grants permission to combine entries for multiple CreateAssociation operations in a single command", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document", + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociationBatch.html" + }, + "CreateDocument": { + "privilege": "CreateDocument", + "description": "Grants permission to create a Systems Manager SSM document", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateDocument.html" + }, + "CreateMaintenanceWindow": { + "privilege": "CreateMaintenanceWindow", + "description": "Grants permission to create a maintenance window", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateMaintenanceWindow.html" + }, + "CreateOpsItem": { + "privilege": "CreateOpsItem", + "description": "Grants permission to create an OpsItem in OpsCenter", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateOpsItem.html" + }, + "CreateOpsMetadata": { + "privilege": "CreateOpsMetadata", + "description": "Grants permission to create an OpsMetadata object for an AWS resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateOpsMetadata.html" + }, + "CreatePatchBaseline": { + "privilege": "CreatePatchBaseline", + "description": "Grants permission to create a patch baseline", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreatePatchBaseline.html" + }, + "CreateResourceDataSync": { + "privilege": "CreateResourceDataSync", + "description": "Grants permission to create a resource data sync configuration, which regularly collects inventory data from managed instances and updates the data in an Amazon S3 bucket", + "access_level": "Write", + "resource_types": { + "resourcedatasync": { + "resource_type": "resourcedatasync", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SyncType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedatasync": "resourcedatasync", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateResourceDataSync.html" + }, + "DeleteActivation": { + "privilege": "DeleteActivation", + "description": "Grants permission to delete a specified activation for managed instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteActivation.html" + }, + "DeleteAssociation": { + "privilege": "DeleteAssociation", + "description": "Grants permission to disassociate a specified SSM document from a specified instance", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document": { + "resource_type": "document", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "document": "document", + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteAssociation.html" + }, + "DeleteDocument": { + "privilege": "DeleteDocument", + "description": "Grants permission to delete a specified SSM document and its instance associations", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteDocument.html" + }, + "DeleteInventory": { + "privilege": "DeleteInventory", + "description": "Grants permission to delete a specified custom inventory type, or the data associated with a custom inventory type", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteInventory.html" + }, + "DeleteMaintenanceWindow": { + "privilege": "DeleteMaintenanceWindow", + "description": "Grants permission to delete a specified maintenance window", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteMaintenanceWindow.html" + }, + "DeleteOpsMetadata": { + "privilege": "DeleteOpsMetadata", + "description": "Grants permission to delete an OpsMetadata object", + "access_level": "Write", + "resource_types": { + "opsmetadata": { + "resource_type": "opsmetadata", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "opsmetadata": "opsmetadata" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteOpsMetadata.html" + }, + "DeleteParameter": { + "privilege": "DeleteParameter", + "description": "Grants permission to delete a specified SSM parameter", + "access_level": "Write", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteParameter.html" + }, + "DeleteParameters": { + "privilege": "DeleteParameters", + "description": "Grants permission to delete multiple specified SSM parameters", + "access_level": "Write", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteParameters.html" + }, + "DeletePatchBaseline": { + "privilege": "DeletePatchBaseline", + "description": "Grants permission to delete a specified patch baseline", + "access_level": "Write", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeletePatchBaseline.html" + }, + "DeleteResourceDataSync": { + "privilege": "DeleteResourceDataSync", + "description": "Grants permission to delete a specified resource data sync", + "access_level": "Write", + "resource_types": { + "resourcedatasync": { + "resource_type": "resourcedatasync", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SyncType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedatasync": "resourcedatasync", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteResourceDataSync.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete a Systems Manager resource policy", + "access_level": "Permissions management", + "resource_types": { + "resourcearn": { + "resource_type": "resourcearn", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcearn": "resourcearn" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeregisterManagedInstance": { + "privilege": "DeregisterManagedInstance", + "description": "Grants permission to deregister a specified on-premises server or virtual machine (VM) from Systems Manager", + "access_level": "Write", + "resource_types": { + "managed-instance": { + "resource_type": "managed-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:resourceTag/tag-key" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managed-instance": "managed-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterManagedInstance.html" + }, + "DeregisterPatchBaselineForPatchGroup": { + "privilege": "DeregisterPatchBaselineForPatchGroup", + "description": "Grants permission to deregister a specified patch baseline from being the default patch baseline for a specified patch group", + "access_level": "Write", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterPatchBaselineForPatchGroup.html" + }, + "DeregisterTargetFromMaintenanceWindow": { + "privilege": "DeregisterTargetFromMaintenanceWindow", + "description": "Grants permission to deregister a specified target from a maintenance window", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterTargetFromMaintenanceWindow.html" + }, + "DeregisterTaskFromMaintenanceWindow": { + "privilege": "DeregisterTaskFromMaintenanceWindow", + "description": "Grants permission to deregister a specified task from a maintenance window", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DeregisterTaskFromMaintenanceWindow.html" + }, + "DescribeActivations": { + "privilege": "DescribeActivations", + "description": "Grants permission to view details about a specified managed instance activation, such as when it was created and the number of instances registered using the activation", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeActivations.html" + }, + "DescribeAssociation": { + "privilege": "DescribeAssociation", + "description": "Grants permission to view details about the specified association for a specified instance or target", + "access_level": "Read", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document": { + "resource_type": "document", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "document": "document", + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAssociation.html" + }, + "DescribeAssociationExecutionTargets": { + "privilege": "DescribeAssociationExecutionTargets", + "description": "Grants permission to view information about a specified association execution", + "access_level": "Read", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAssociationExecutionTargets.html" + }, + "DescribeAssociationExecutions": { + "privilege": "DescribeAssociationExecutions", + "description": "Grants permission to view all executions for a specified association", + "access_level": "Read", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAssociationExecutions.html" + }, + "DescribeAutomationExecutions": { + "privilege": "DescribeAutomationExecutions", + "description": "Grants permission to view details about all active and terminated Automation executions", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAutomationExecutions.html" + }, + "DescribeAutomationStepExecutions": { + "privilege": "DescribeAutomationStepExecutions", + "description": "Grants permission to view information about all active and terminated step executions in an Automation workflow", + "access_level": "Read", + "resource_types": { + "automation-execution": { + "resource_type": "automation-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-execution": "automation-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAutomationStepExecutions.html" + }, + "DescribeAvailablePatches": { + "privilege": "DescribeAvailablePatches", + "description": "Grants permission to view all patches eligible to include in a patch baseline", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeAvailablePatches.html" + }, + "DescribeDocument": { + "privilege": "DescribeDocument", + "description": "Grants permission to view details about a specified SSM document", + "access_level": "Read", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeDocument.html" + }, + "DescribeDocumentParameters": { + "privilege": "DescribeDocumentParameters", + "description": "Grants permission to display information about SSM document parameters in the Systems Manager console (internal Systems Manager action)", + "access_level": "Read", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "DescribeDocumentPermission": { + "privilege": "DescribeDocumentPermission", + "description": "Grants permission to view the permissions for a specified SSM document", + "access_level": "Read", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeDocumentPermission.html" + }, + "DescribeEffectiveInstanceAssociations": { + "privilege": "DescribeEffectiveInstanceAssociations", + "description": "Grants permission to view all current associations for a specified instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeEffectiveInstanceAssociations.html" + }, + "DescribeEffectivePatchesForPatchBaseline": { + "privilege": "DescribeEffectivePatchesForPatchBaseline", + "description": "Grants permission to view details about the patches currently associated with the specified patch baseline (Windows only)", + "access_level": "Read", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeEffectivePatchesForPatchBaseline.html" + }, + "DescribeInstanceAssociationsStatus": { + "privilege": "DescribeInstanceAssociationsStatus", + "description": "Grants permission to view the status of the associations for a specified instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstanceAssociationsStatus.html" + }, + "DescribeInstanceInformation": { + "privilege": "DescribeInstanceInformation", + "description": "Grants permission to view details about a specified instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstanceInformation.html" + }, + "DescribeInstancePatchStates": { + "privilege": "DescribeInstancePatchStates", + "description": "Grants permission to view status details about patches on a specified instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstancePatchStates.html" + }, + "DescribeInstancePatchStatesForPatchGroup": { + "privilege": "DescribeInstancePatchStatesForPatchGroup", + "description": "Grants permission to describe the high-level patch state for the instances in the specified patch group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstancePatchStatesForPatchGroup.html" + }, + "DescribeInstancePatches": { + "privilege": "DescribeInstancePatches", + "description": "Grants permission to view general details about the patches on a specified instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInstancePatches.html" + }, + "DescribeInstanceProperties": { + "privilege": "DescribeInstanceProperties", + "description": "Grants permission to user's Amazon EC2 console to render managed instances' nodes", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "DescribeInventoryDeletions": { + "privilege": "DescribeInventoryDeletions", + "description": "Grants permission to view details about a specified inventory deletion", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeInventoryDeletions.html" + }, + "DescribeMaintenanceWindowExecutionTaskInvocations": { + "privilege": "DescribeMaintenanceWindowExecutionTaskInvocations", + "description": "Grants permission to view details of a specified task execution for a maintenance window", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowExecutionTaskInvocations.html" + }, + "DescribeMaintenanceWindowExecutionTasks": { + "privilege": "DescribeMaintenanceWindowExecutionTasks", + "description": "Grants permission to view details about the tasks that ran during a specified maintenance window execution", + "access_level": "List", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowExecutionTasks.html" + }, + "DescribeMaintenanceWindowExecutions": { + "privilege": "DescribeMaintenanceWindowExecutions", + "description": "Grants permission to view the executions of a specified maintenance window", + "access_level": "List", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowExecutions.html" + }, + "DescribeMaintenanceWindowSchedule": { + "privilege": "DescribeMaintenanceWindowSchedule", + "description": "Grants permission to view details about upcoming executions of a specified maintenance window", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowSchedule.html" + }, + "DescribeMaintenanceWindowTargets": { + "privilege": "DescribeMaintenanceWindowTargets", + "description": "Grants permission to view a list of the targets associated with a specified maintenance window", + "access_level": "List", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowTargets.html" + }, + "DescribeMaintenanceWindowTasks": { + "privilege": "DescribeMaintenanceWindowTasks", + "description": "Grants permission to view a list of the tasks associated with a specified maintenance window", + "access_level": "List", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowTasks.html" + }, + "DescribeMaintenanceWindows": { + "privilege": "DescribeMaintenanceWindows", + "description": "Grants permission to view information about all or specified maintenance windows", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindows.html" + }, + "DescribeMaintenanceWindowsForTarget": { + "privilege": "DescribeMaintenanceWindowsForTarget", + "description": "Grants permission to view information about the maintenance window targets and tasks associated with a specified instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindowsForTarget.html" + }, + "DescribeOpsItems": { + "privilege": "DescribeOpsItems", + "description": "Grants permission to view details about specified OpsItems", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeOpsItems.html" + }, + "DescribeParameters": { + "privilege": "DescribeParameters", + "description": "Grants permission to view details about a specified SSM parameter", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeParameters.html" + }, + "DescribePatchBaselines": { + "privilege": "DescribePatchBaselines", + "description": "Grants permission to view information about patch baselines that meet the specified criteria", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchBaselines.html" + }, + "DescribePatchGroupState": { + "privilege": "DescribePatchGroupState", + "description": "Grants permission to view aggregated status details for patches for a specified patch group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchGroupState.html" + }, + "DescribePatchGroups": { + "privilege": "DescribePatchGroups", + "description": "Grants permission to view information about the patch baseline for a specified patch group", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchGroups.html" + }, + "DescribePatchProperties": { + "privilege": "DescribePatchProperties", + "description": "Grants permission to view details of available patches for a specified operating system and patch property", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchProperties.html" + }, + "DescribeSessions": { + "privilege": "DescribeSessions", + "description": "Grants permission to view a list of recent Session Manager sessions that meet the specified search criteria", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeSessions.html" + }, + "DisassociateOpsItemRelatedItem": { + "privilege": "DisassociateOpsItemRelatedItem", + "description": "Grants permission to disassociate RelatedItem from an OpsItem", + "access_level": "Write", + "resource_types": { + "opsitem": { + "resource_type": "opsitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "opsitem": "opsitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DisassociateOpsItemRelatedItem.html" + }, + "GetAutomationExecution": { + "privilege": "GetAutomationExecution", + "description": "Grants permission to view details of a specified Automation execution", + "access_level": "Read", + "resource_types": { + "automation-execution": { + "resource_type": "automation-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-execution": "automation-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_AutomationExecution.html" + }, + "GetCalendar": { + "privilege": "GetCalendar", + "description": "Grants permission to view details of a specific calendar", + "access_level": "Read", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar-prereqs.html" + }, + "GetCalendarState": { + "privilege": "GetCalendarState", + "description": "Grants permission to view the calendar state for a change calendar or a list of change calendars", + "access_level": "Read", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetCalendarState.html" + }, + "GetCommandInvocation": { + "privilege": "GetCommandInvocation", + "description": "Grants permission to view details about the command execution of a specified invocation or plugin", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetCommandInvocation.html" + }, + "GetConnectionStatus": { + "privilege": "GetConnectionStatus", + "description": "Grants permission to view the Session Manager connection status for a specified managed instance", + "access_level": "Read", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:resourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "managed-instance": "managed-instance", + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetConnectionStatus.html" + }, + "GetDefaultPatchBaseline": { + "privilege": "GetDefaultPatchBaseline", + "description": "Grants permission to view the current default patch baseline for a specified operating system type", + "access_level": "Read", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetDefaultPatchBaseline.html" + }, + "GetDeployablePatchSnapshotForInstance": { + "privilege": "GetDeployablePatchSnapshotForInstance", + "description": "Grants permission to retrieve the current patch baseline snapshot for a specified instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetDeployablePatchSnapshotForInstance.html" + }, + "GetDocument": { + "privilege": "GetDocument", + "description": "Grants permission to view the contents of a specified SSM document", + "access_level": "Read", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:DocumentCategories" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetDocument.html" + }, + "GetInventory": { + "privilege": "GetInventory", + "description": "Grants permission to view instance inventory details per the specified criteria", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetInventory.html" + }, + "GetInventorySchema": { + "privilege": "GetInventorySchema", + "description": "Grants permission to view a list of inventory types or attribute names for a specified inventory item type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetInventorySchema.html" + }, + "GetMaintenanceWindow": { + "privilege": "GetMaintenanceWindow", + "description": "Grants permission to view details about a specified maintenance window", + "access_level": "Read", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindow.html" + }, + "GetMaintenanceWindowExecution": { + "privilege": "GetMaintenanceWindowExecution", + "description": "Grants permission to view details about a specified maintenance window execution", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowExecution.html" + }, + "GetMaintenanceWindowExecutionTask": { + "privilege": "GetMaintenanceWindowExecutionTask", + "description": "Grants permission to view details about a specified maintenance window execution task", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowExecutionTask.html" + }, + "GetMaintenanceWindowExecutionTaskInvocation": { + "privilege": "GetMaintenanceWindowExecutionTaskInvocation", + "description": "Grants permission to view details about a specific maintenance window task running on a specific target", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowExecutionTaskInvocation.html" + }, + "GetMaintenanceWindowTask": { + "privilege": "GetMaintenanceWindowTask", + "description": "Grants permission to view details about tasks registered with a specified maintenance window", + "access_level": "Read", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetMaintenanceWindowTask.html" + }, + "GetManifest": { + "privilege": "GetManifest", + "description": "Grants permission to Systems Manager and SSM Agent to determine package installation requirements for an instance (internal Systems Manager call)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "GetOpsItem": { + "privilege": "GetOpsItem", + "description": "Grants permission to view information about a specified OpsItem", + "access_level": "Read", + "resource_types": { + "opsitem": { + "resource_type": "opsitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "opsitem": "opsitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetOpsItem.html" + }, + "GetOpsMetadata": { + "privilege": "GetOpsMetadata", + "description": "Grants permission to retrieve an OpsMetadata object", + "access_level": "Read", + "resource_types": { + "opsmetadata": { + "resource_type": "opsmetadata", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "opsmetadata": "opsmetadata" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetOpsMetadata.html" + }, + "GetOpsSummary": { + "privilege": "GetOpsSummary", + "description": "Grants permission to view summary information about OpsItems based on specified filters and aggregators", + "access_level": "Read", + "resource_types": { + "resourcedatasync": { + "resource_type": "resourcedatasync", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedatasync": "resourcedatasync" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetOpsSummary.html" + }, + "GetParameter": { + "privilege": "GetParameter", + "description": "Grants permission to view information about a specified parameter", + "access_level": "Read", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParameter.html" + }, + "GetParameterHistory": { + "privilege": "GetParameterHistory", + "description": "Grants permission to view details and changes for a specified parameter", + "access_level": "Read", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParameterHistory.html" + }, + "GetParameters": { + "privilege": "GetParameters", + "description": "Grants permission to view information about multiple specified parameters", + "access_level": "Read", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParameters.html" + }, + "GetParametersByPath": { + "privilege": "GetParametersByPath", + "description": "Grants permission to view information about parameters in a specified hierarchy", + "access_level": "Read", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:Recursive" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetParametersByPath.html" + }, + "GetPatchBaseline": { + "privilege": "GetPatchBaseline", + "description": "Grants permission to view information about a specified patch baseline", + "access_level": "Read", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetPatchBaseline.html" + }, + "GetPatchBaselineForPatchGroup": { + "privilege": "GetPatchBaselineForPatchGroup", + "description": "Grants permission to view the ID of the current patch baseline for a specified patch group", + "access_level": "Read", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetPatchBaselineForPatchGroup.html" + }, + "GetResourcePolicies": { + "privilege": "GetResourcePolicies", + "description": "Grants permission to retrieve lists of Systems Manager resource policies", + "access_level": "List", + "resource_types": { + "resourcearn": { + "resource_type": "resourcearn", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcearn": "resourcearn" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetResourcePolicies.html" + }, + "GetServiceSetting": { + "privilege": "GetServiceSetting", + "description": "Grants permission to view the account-level setting for an AWS service", + "access_level": "Read", + "resource_types": { + "servicesetting": { + "resource_type": "servicesetting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicesetting": "servicesetting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_GetServiceSetting.html" + }, + "LabelParameterVersion": { + "privilege": "LabelParameterVersion", + "description": "Grants permission to apply an identifying label to a specified version of a parameter", + "access_level": "Write", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_LabelParameterVersion.html" + }, + "ListAssociationVersions": { + "privilege": "ListAssociationVersions", + "description": "Grants permission to list versions of the specified association", + "access_level": "List", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListAssociationVersions.html" + }, + "ListAssociations": { + "privilege": "ListAssociations", + "description": "Grants permission to list the associations for a specified SSM document or managed instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListAssociations.html" + }, + "ListCommandInvocations": { + "privilege": "ListCommandInvocations", + "description": "Grants permission to list information about command invocations sent to a specified instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListCommandInvocations.html" + }, + "ListCommands": { + "privilege": "ListCommands", + "description": "Grants permission to list the commands sent to a specified instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListCommands.html" + }, + "ListComplianceItems": { + "privilege": "ListComplianceItems", + "description": "Grants permission to list compliance status for specified resource types on a specified resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListComplianceItems.html" + }, + "ListComplianceSummaries": { + "privilege": "ListComplianceSummaries", + "description": "Grants permission to list a summary count of compliant and noncompliant resources for a specified compliance type", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListComplianceSummaries.html" + }, + "ListDocumentMetadataHistory": { + "privilege": "ListDocumentMetadataHistory", + "description": "Grants permission to view metadata history about a specified SSM document", + "access_level": "List", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListDocumentMetadataHistory.html" + }, + "ListDocumentVersions": { + "privilege": "ListDocumentVersions", + "description": "Grants permission to list all versions of a specified document", + "access_level": "List", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListDocumentVersions.html" + }, + "ListDocuments": { + "privilege": "ListDocuments", + "description": "Grants permission to view information about a specified SSM document", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListDocuments.html" + }, + "ListInstanceAssociations": { + "privilege": "ListInstanceAssociations", + "description": "Grants permission to SSM Agent to check for new State Manager associations (internal Systems Manager call)", + "access_level": "List", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "ListInventoryEntries": { + "privilege": "ListInventoryEntries", + "description": "Grants permission to view a list of specified inventory types for a specified instance", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListInventoryEntries.html" + }, + "ListOpsItemEvents": { + "privilege": "ListOpsItemEvents", + "description": "Grants permission to view details about OpsItemEvents", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListOpsItemEvents.html" + }, + "ListOpsItemRelatedItems": { + "privilege": "ListOpsItemRelatedItems", + "description": "Grants permission to view details about OpsItem RelatedItems", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListOpsItemRelatedItems.html" + }, + "ListOpsMetadata": { + "privilege": "ListOpsMetadata", + "description": "Grants permission to view a list of OpsMetadata objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListOpsMetadata.html" + }, + "ListResourceComplianceSummaries": { + "privilege": "ListResourceComplianceSummaries", + "description": "Grants permission to list resource-level summary count", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListResourceComplianceSummaries.html" + }, + "ListResourceDataSync": { + "privilege": "ListResourceDataSync", + "description": "Grants permission to list information about resource data sync configurations in an account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SyncType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListResourceDataSync.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to view a list of resource tags for a specified resource", + "access_level": "List", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "automation-execution": { + "resource_type": "automation-execution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document": { + "resource_type": "document", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "opsitem": { + "resource_type": "opsitem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "opsmetadata": { + "resource_type": "opsmetadata", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parameter": { + "resource_type": "parameter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "patchbaseline": { + "resource_type": "patchbaseline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "automation-execution": "automation-execution", + "document": "document", + "maintenancewindow": "maintenancewindow", + "managed-instance": "managed-instance", + "opsitem": "opsitem", + "opsmetadata": "opsmetadata", + "parameter": "parameter", + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ListTagsForResource.html" + }, + "ModifyDocumentPermission": { + "privilege": "ModifyDocumentPermission", + "description": "Grants permission to share a custom SSM document publicly or privately with specified AWS accounts", + "access_level": "Permissions management", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ModifyDocumentPermission.html" + }, + "PutCalendar": { + "privilege": "PutCalendar", + "description": "Grants permission to create/edit a specific calendar", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar-prereqs.html" + }, + "PutComplianceItems": { + "privilege": "PutComplianceItems", + "description": "Grants permission to register a compliance type and other compliance details on a specified resource", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutComplianceItems.html" + }, + "PutConfigurePackageResult": { + "privilege": "PutConfigurePackageResult", + "description": "Grants permission to SSM Agent to generate a report of the results of specific agent requests (internal Systems Manager call)", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "PutInventory": { + "privilege": "PutInventory", + "description": "Grants permission to add or update inventory items on multiple specified managed instances", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutInventory.html" + }, + "PutParameter": { + "privilege": "PutParameter", + "description": "Grants permission to create an SSM parameter", + "access_level": "Write", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ssm:Overwrite" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create or update a Systems Manager resource policy", + "access_level": "Permissions management", + "resource_types": { + "resourcearn": { + "resource_type": "resourcearn", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcearn": "resourcearn" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutResourcePolicy.html" + }, + "RegisterDefaultPatchBaseline": { + "privilege": "RegisterDefaultPatchBaseline", + "description": "Grants permission to specify the default patch baseline for an operating system type", + "access_level": "Write", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterDefaultPatchBaseline.html" + }, + "RegisterManagedInstance": { + "privilege": "RegisterManagedInstance", + "description": "Grants permission to register a Systems Manager Agent", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "RegisterPatchBaselineForPatchGroup": { + "privilege": "RegisterPatchBaselineForPatchGroup", + "description": "Grants permission to specify the default patch baseline for a specified patch group", + "access_level": "Write", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterPatchBaselineForPatchGroup.html" + }, + "RegisterTargetWithMaintenanceWindow": { + "privilege": "RegisterTargetWithMaintenanceWindow", + "description": "Grants permission to register a target with a specified maintenance window", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTargetWithMaintenanceWindow.html" + }, + "RegisterTaskWithMaintenanceWindow": { + "privilege": "RegisterTaskWithMaintenanceWindow", + "description": "Grants permission to register a task with a specified maintenance window", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTaskWithMaintenanceWindow.html" + }, + "RemoveTagsFromResource": { + "privilege": "RemoveTagsFromResource", + "description": "Grants permission to remove a specified tag key from a specified resource", + "access_level": "Tagging", + "resource_types": { + "association": { + "resource_type": "association", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "automation-execution": { + "resource_type": "automation-execution", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "document": { + "resource_type": "document", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "opsitem": { + "resource_type": "opsitem", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "opsmetadata": { + "resource_type": "opsmetadata", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "parameter": { + "resource_type": "parameter", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "patchbaseline": { + "resource_type": "patchbaseline", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "automation-execution": "automation-execution", + "document": "document", + "maintenancewindow": "maintenancewindow", + "managed-instance": "managed-instance", + "opsitem": "opsitem", + "opsmetadata": "opsmetadata", + "parameter": "parameter", + "patchbaseline": "patchbaseline", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RemoveTagsFromResource.html" + }, + "ResetServiceSetting": { + "privilege": "ResetServiceSetting", + "description": "Grants permission to reset the service setting for an AWS account to the default value", + "access_level": "Write", + "resource_types": { + "servicesetting": { + "resource_type": "servicesetting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicesetting": "servicesetting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ResetServiceSetting.html" + }, + "ResumeSession": { + "privilege": "ResumeSession", + "description": "Grants permission to reconnect a Session Manager session to a managed instance", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:resourceTag/aws:ssmmessages:session-id", + "ssm:resourceTag/aws:ssmmessages:target-id" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_ResumeSession.html" + }, + "SendAutomationSignal": { + "privilege": "SendAutomationSignal", + "description": "Grants permission to send a signal to change the current behavior or status of a specified Automation execution", + "access_level": "Write", + "resource_types": { + "automation-execution": { + "resource_type": "automation-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-execution": "automation-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendAutomationSignal.html" + }, + "SendCommand": { + "privilege": "SendCommand", + "description": "Grants permission to run commands on one or more specified managed instances", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "bucket": { + "resource_type": "bucket", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document", + "bucket": "bucket", + "instance": "instance", + "managed-instance": "managed-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html" + }, + "StartAssociationsOnce": { + "privilege": "StartAssociationsOnce", + "description": "Grants permission to run a specified association manually", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartAssociationsOnce.html" + }, + "StartAutomationExecution": { + "privilege": "StartAutomationExecution", + "description": "Grants permission to initiate the execution of an Automation document", + "access_level": "Write", + "resource_types": { + "automation-definition": { + "resource_type": "automation-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-definition": "automation-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartAutomationExecution.html" + }, + "StartChangeRequestExecution": { + "privilege": "StartChangeRequestExecution", + "description": "Grants permission to initiate the execution of an Automation Change Template document", + "access_level": "Write", + "resource_types": { + "automation-definition": { + "resource_type": "automation-definition", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ssm:AutoApprove" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-definition": "automation-definition", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartChangeRequestExecution.html" + }, + "StartSession": { + "privilege": "StartSession", + "description": "Grants permission to initiate a connection to a specified target for a Session Manager session", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "task": { + "resource_type": "task", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SessionDocumentAccessCheck", + "ssm:resourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document", + "instance": "instance", + "managed-instance": "managed-instance", + "task": "task", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartSession.html" + }, + "StopAutomationExecution": { + "privilege": "StopAutomationExecution", + "description": "Grants permission to stop a specified Automation execution that is already in progress", + "access_level": "Write", + "resource_types": { + "automation-execution": { + "resource_type": "automation-execution", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "automation-execution": "automation-execution" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StopAutomationExecution.html" + }, + "TerminateSession": { + "privilege": "TerminateSession", + "description": "Grants permission to permanently end a Session Manager connection to an instance", + "access_level": "Write", + "resource_types": { + "session": { + "resource_type": "session", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:resourceTag/aws:ssmmessages:session-id", + "ssm:resourceTag/aws:ssmmessages:target-id" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "session": "session", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_TerminateSession.html" + }, + "UnlabelParameterVersion": { + "privilege": "UnlabelParameterVersion", + "description": "Grants permission to remove an identifying label from a specified version of a parameter", + "access_level": "Write", + "resource_types": { + "parameter": { + "resource_type": "parameter", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "parameter": "parameter" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UnlabelParameterVersion.html" + }, + "UpdateAssociation": { + "privilege": "UpdateAssociation", + "description": "Grants permission to update an association and immediately run the association on the specified targets", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "document": { + "resource_type": "document", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "document": "document", + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateAssociation.html" + }, + "UpdateAssociationStatus": { + "privilege": "UpdateAssociationStatus", + "description": "Grants permission to update the status of the SSM document associated with a specified instance", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document", + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateAssociationStatus.html" + }, + "UpdateDocument": { + "privilege": "UpdateDocument", + "description": "Grants permission to update one or more values for an SSM document", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateDocument.html" + }, + "UpdateDocumentDefaultVersion": { + "privilege": "UpdateDocumentDefaultVersion", + "description": "Grants permission to change the default version of an SSM document", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateDocumentDefaultVersion.html" + }, + "UpdateDocumentMetadata": { + "privilege": "UpdateDocumentMetadata", + "description": "Grants permission to update the metadata of an SSM document", + "access_level": "Write", + "resource_types": { + "document": { + "resource_type": "document", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "document": "document" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateDocumentMetadata.html" + }, + "UpdateInstanceAssociationStatus": { + "privilege": "UpdateInstanceAssociationStatus", + "description": "Grants permission to SSM Agent to update the status of the association that it is currently running (internal Systems Manager call)", + "access_level": "Write", + "resource_types": { + "association": { + "resource_type": "association", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "association": "association", + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "UpdateInstanceInformation": { + "privilege": "UpdateInstanceInformation", + "description": "Grants permission to SSM Agent to send a heartbeat signal to the Systems Manager service in the cloud", + "access_level": "Write", + "resource_types": { + "instance": { + "resource_type": "instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managed-instance": { + "resource_type": "managed-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "instance": "instance", + "managed-instance": "managed-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html" + }, + "UpdateMaintenanceWindow": { + "privilege": "UpdateMaintenanceWindow", + "description": "Grants permission to update a specified maintenance window", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateMaintenanceWindow.html" + }, + "UpdateMaintenanceWindowTarget": { + "privilege": "UpdateMaintenanceWindowTarget", + "description": "Grants permission to update a specified maintenance window target", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "windowtarget": { + "resource_type": "windowtarget", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow", + "windowtarget": "windowtarget" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateMaintenanceWindowTarget.html" + }, + "UpdateMaintenanceWindowTask": { + "privilege": "UpdateMaintenanceWindowTask", + "description": "Grants permission to update a specified maintenance window task", + "access_level": "Write", + "resource_types": { + "maintenancewindow": { + "resource_type": "maintenancewindow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "windowtask": { + "resource_type": "windowtask", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "maintenancewindow": "maintenancewindow", + "windowtask": "windowtask" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateMaintenanceWindowTask.html" + }, + "UpdateManagedInstanceRole": { + "privilege": "UpdateManagedInstanceRole", + "description": "Grants permission to assign or change the IAM role assigned to a specified managed instance", + "access_level": "Write", + "resource_types": { + "managed-instance": { + "resource_type": "managed-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:resourceTag/tag-key" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managed-instance": "managed-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateManagedInstanceRole.html" + }, + "UpdateOpsItem": { + "privilege": "UpdateOpsItem", + "description": "Grants permission to edit or change an OpsItem", + "access_level": "Write", + "resource_types": { + "opsitem": { + "resource_type": "opsitem", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "opsitem": "opsitem" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateOpsItem.html" + }, + "UpdateOpsMetadata": { + "privilege": "UpdateOpsMetadata", + "description": "Grants permission to update an OpsMetadata object", + "access_level": "Write", + "resource_types": { + "opsmetadata": { + "resource_type": "opsmetadata", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "opsmetadata": "opsmetadata" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateOpsMetadata.html" + }, + "UpdatePatchBaseline": { + "privilege": "UpdatePatchBaseline", + "description": "Grants permission to update a specified patch baseline", + "access_level": "Write", + "resource_types": { + "patchbaseline": { + "resource_type": "patchbaseline", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "patchbaseline": "patchbaseline" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdatePatchBaseline.html" + }, + "UpdateResourceDataSync": { + "privilege": "UpdateResourceDataSync", + "description": "Grants permission to update a resource data sync", + "access_level": "Write", + "resource_types": { + "resourcedatasync": { + "resource_type": "resourcedatasync", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "ssm:SyncType" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "resourcedatasync": "resourcedatasync", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateResourceDataSync.html" + }, + "UpdateServiceSetting": { + "privilege": "UpdateServiceSetting", + "description": "Grants permission to update the service setting for an AWS account", + "access_level": "Write", + "resource_types": { + "servicesetting": { + "resource_type": "servicesetting", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "servicesetting": "servicesetting" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateServiceSetting.html" + } + }, + "privileges_lower_name": { + "addtagstoresource": "AddTagsToResource", + "associateopsitemrelateditem": "AssociateOpsItemRelatedItem", + "cancelcommand": "CancelCommand", + "cancelmaintenancewindowexecution": "CancelMaintenanceWindowExecution", + "createactivation": "CreateActivation", + "createassociation": "CreateAssociation", + "createassociationbatch": "CreateAssociationBatch", + "createdocument": "CreateDocument", + "createmaintenancewindow": "CreateMaintenanceWindow", + "createopsitem": "CreateOpsItem", + "createopsmetadata": "CreateOpsMetadata", + "createpatchbaseline": "CreatePatchBaseline", + "createresourcedatasync": "CreateResourceDataSync", + "deleteactivation": "DeleteActivation", + "deleteassociation": "DeleteAssociation", + "deletedocument": "DeleteDocument", + "deleteinventory": "DeleteInventory", + "deletemaintenancewindow": "DeleteMaintenanceWindow", + "deleteopsmetadata": "DeleteOpsMetadata", + "deleteparameter": "DeleteParameter", + "deleteparameters": "DeleteParameters", + "deletepatchbaseline": "DeletePatchBaseline", + "deleteresourcedatasync": "DeleteResourceDataSync", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deregistermanagedinstance": "DeregisterManagedInstance", + "deregisterpatchbaselineforpatchgroup": "DeregisterPatchBaselineForPatchGroup", + "deregistertargetfrommaintenancewindow": "DeregisterTargetFromMaintenanceWindow", + "deregistertaskfrommaintenancewindow": "DeregisterTaskFromMaintenanceWindow", + "describeactivations": "DescribeActivations", + "describeassociation": "DescribeAssociation", + "describeassociationexecutiontargets": "DescribeAssociationExecutionTargets", + "describeassociationexecutions": "DescribeAssociationExecutions", + "describeautomationexecutions": "DescribeAutomationExecutions", + "describeautomationstepexecutions": "DescribeAutomationStepExecutions", + "describeavailablepatches": "DescribeAvailablePatches", + "describedocument": "DescribeDocument", + "describedocumentparameters": "DescribeDocumentParameters", + "describedocumentpermission": "DescribeDocumentPermission", + "describeeffectiveinstanceassociations": "DescribeEffectiveInstanceAssociations", + "describeeffectivepatchesforpatchbaseline": "DescribeEffectivePatchesForPatchBaseline", + "describeinstanceassociationsstatus": "DescribeInstanceAssociationsStatus", + "describeinstanceinformation": "DescribeInstanceInformation", + "describeinstancepatchstates": "DescribeInstancePatchStates", + "describeinstancepatchstatesforpatchgroup": "DescribeInstancePatchStatesForPatchGroup", + "describeinstancepatches": "DescribeInstancePatches", + "describeinstanceproperties": "DescribeInstanceProperties", + "describeinventorydeletions": "DescribeInventoryDeletions", + "describemaintenancewindowexecutiontaskinvocations": "DescribeMaintenanceWindowExecutionTaskInvocations", + "describemaintenancewindowexecutiontasks": "DescribeMaintenanceWindowExecutionTasks", + "describemaintenancewindowexecutions": "DescribeMaintenanceWindowExecutions", + "describemaintenancewindowschedule": "DescribeMaintenanceWindowSchedule", + "describemaintenancewindowtargets": "DescribeMaintenanceWindowTargets", + "describemaintenancewindowtasks": "DescribeMaintenanceWindowTasks", + "describemaintenancewindows": "DescribeMaintenanceWindows", + "describemaintenancewindowsfortarget": "DescribeMaintenanceWindowsForTarget", + "describeopsitems": "DescribeOpsItems", + "describeparameters": "DescribeParameters", + "describepatchbaselines": "DescribePatchBaselines", + "describepatchgroupstate": "DescribePatchGroupState", + "describepatchgroups": "DescribePatchGroups", + "describepatchproperties": "DescribePatchProperties", + "describesessions": "DescribeSessions", + "disassociateopsitemrelateditem": "DisassociateOpsItemRelatedItem", + "getautomationexecution": "GetAutomationExecution", + "getcalendar": "GetCalendar", + "getcalendarstate": "GetCalendarState", + "getcommandinvocation": "GetCommandInvocation", + "getconnectionstatus": "GetConnectionStatus", + "getdefaultpatchbaseline": "GetDefaultPatchBaseline", + "getdeployablepatchsnapshotforinstance": "GetDeployablePatchSnapshotForInstance", + "getdocument": "GetDocument", + "getinventory": "GetInventory", + "getinventoryschema": "GetInventorySchema", + "getmaintenancewindow": "GetMaintenanceWindow", + "getmaintenancewindowexecution": "GetMaintenanceWindowExecution", + "getmaintenancewindowexecutiontask": "GetMaintenanceWindowExecutionTask", + "getmaintenancewindowexecutiontaskinvocation": "GetMaintenanceWindowExecutionTaskInvocation", + "getmaintenancewindowtask": "GetMaintenanceWindowTask", + "getmanifest": "GetManifest", + "getopsitem": "GetOpsItem", + "getopsmetadata": "GetOpsMetadata", + "getopssummary": "GetOpsSummary", + "getparameter": "GetParameter", + "getparameterhistory": "GetParameterHistory", + "getparameters": "GetParameters", + "getparametersbypath": "GetParametersByPath", + "getpatchbaseline": "GetPatchBaseline", + "getpatchbaselineforpatchgroup": "GetPatchBaselineForPatchGroup", + "getresourcepolicies": "GetResourcePolicies", + "getservicesetting": "GetServiceSetting", + "labelparameterversion": "LabelParameterVersion", + "listassociationversions": "ListAssociationVersions", + "listassociations": "ListAssociations", + "listcommandinvocations": "ListCommandInvocations", + "listcommands": "ListCommands", + "listcomplianceitems": "ListComplianceItems", + "listcompliancesummaries": "ListComplianceSummaries", + "listdocumentmetadatahistory": "ListDocumentMetadataHistory", + "listdocumentversions": "ListDocumentVersions", + "listdocuments": "ListDocuments", + "listinstanceassociations": "ListInstanceAssociations", + "listinventoryentries": "ListInventoryEntries", + "listopsitemevents": "ListOpsItemEvents", + "listopsitemrelateditems": "ListOpsItemRelatedItems", + "listopsmetadata": "ListOpsMetadata", + "listresourcecompliancesummaries": "ListResourceComplianceSummaries", + "listresourcedatasync": "ListResourceDataSync", + "listtagsforresource": "ListTagsForResource", + "modifydocumentpermission": "ModifyDocumentPermission", + "putcalendar": "PutCalendar", + "putcomplianceitems": "PutComplianceItems", + "putconfigurepackageresult": "PutConfigurePackageResult", + "putinventory": "PutInventory", + "putparameter": "PutParameter", + "putresourcepolicy": "PutResourcePolicy", + "registerdefaultpatchbaseline": "RegisterDefaultPatchBaseline", + "registermanagedinstance": "RegisterManagedInstance", + "registerpatchbaselineforpatchgroup": "RegisterPatchBaselineForPatchGroup", + "registertargetwithmaintenancewindow": "RegisterTargetWithMaintenanceWindow", + "registertaskwithmaintenancewindow": "RegisterTaskWithMaintenanceWindow", + "removetagsfromresource": "RemoveTagsFromResource", + "resetservicesetting": "ResetServiceSetting", + "resumesession": "ResumeSession", + "sendautomationsignal": "SendAutomationSignal", + "sendcommand": "SendCommand", + "startassociationsonce": "StartAssociationsOnce", + "startautomationexecution": "StartAutomationExecution", + "startchangerequestexecution": "StartChangeRequestExecution", + "startsession": "StartSession", + "stopautomationexecution": "StopAutomationExecution", + "terminatesession": "TerminateSession", + "unlabelparameterversion": "UnlabelParameterVersion", + "updateassociation": "UpdateAssociation", + "updateassociationstatus": "UpdateAssociationStatus", + "updatedocument": "UpdateDocument", + "updatedocumentdefaultversion": "UpdateDocumentDefaultVersion", + "updatedocumentmetadata": "UpdateDocumentMetadata", + "updateinstanceassociationstatus": "UpdateInstanceAssociationStatus", + "updateinstanceinformation": "UpdateInstanceInformation", + "updatemaintenancewindow": "UpdateMaintenanceWindow", + "updatemaintenancewindowtarget": "UpdateMaintenanceWindowTarget", + "updatemaintenancewindowtask": "UpdateMaintenanceWindowTask", + "updatemanagedinstancerole": "UpdateManagedInstanceRole", + "updateopsitem": "UpdateOpsItem", + "updateopsmetadata": "UpdateOpsMetadata", + "updatepatchbaseline": "UpdatePatchBaseline", + "updateresourcedatasync": "UpdateResourceDataSync", + "updateservicesetting": "UpdateServiceSetting" + }, + "resources": { + "association": { + "resource": "association", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:association/${AssociationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "automation-execution": { + "resource": "automation-execution", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:automation-execution/${AutomationExecutionId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/tag-key" + ] + }, + "automation-definition": { + "resource": "automation-definition", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:automation-definition/${AutomationDefinitionName}:${VersionId}", + "condition_keys": [] + }, + "bucket": { + "resource": "bucket", + "arn": "arn:${Partition}:s3:::${BucketName}", + "condition_keys": [] + }, + "document": { + "resource": "document", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:document/${DocumentName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:DocumentCategories", + "ssm:resourceTag/${TagKey}" + ] + }, + "instance": { + "resource": "instance", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:instance/${InstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/${TagKey}" + ] + }, + "maintenancewindow": { + "resource": "maintenancewindow", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:maintenancewindow/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/tag-key" + ] + }, + "managed-instance": { + "resource": "managed-instance", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:managed-instance/${InstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/tag-key" + ] + }, + "managed-instance-inventory": { + "resource": "managed-instance-inventory", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:managed-instance-inventory/${InstanceId}", + "condition_keys": [] + }, + "opsitem": { + "resource": "opsitem", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:opsitem/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "opsmetadata": { + "resource": "opsmetadata", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:opsmetadata/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/${TagKey}" + ] + }, + "parameter": { + "resource": "parameter", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:parameter/${ParameterNameWithoutLeadingSlash}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/tag-key" + ] + }, + "patchbaseline": { + "resource": "patchbaseline", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:patchbaseline/${PatchBaselineIdResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}", + "ssm:resourceTag/tag-key" + ] + }, + "resourcearn": { + "resource": "resourcearn", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:opsitemgroup/default", + "condition_keys": [] + }, + "session": { + "resource": "session", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:session/${SessionId}", + "condition_keys": [ + "ssm:resourceTag/aws:ssmmessages:session-id", + "ssm:resourceTag/aws:ssmmessages:target-id" + ] + }, + "resourcedatasync": { + "resource": "resourcedatasync", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:resource-data-sync/${SyncName}", + "condition_keys": [] + }, + "servicesetting": { + "resource": "servicesetting", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:servicesetting/${ResourceId}", + "condition_keys": [] + }, + "windowtarget": { + "resource": "windowtarget", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:windowtarget/${WindowTargetId}", + "condition_keys": [] + }, + "windowtask": { + "resource": "windowtask", + "arn": "arn:${Partition}:ssm:${Region}:${Account}:windowtask/${WindowTaskId}", + "condition_keys": [] + }, + "task": { + "resource": "task", + "arn": "arn:${Partition}:ecs:${Region}:${Account}:task/${TaskId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "association": "association", + "automation-execution": "automation-execution", + "automation-definition": "automation-definition", + "bucket": "bucket", + "document": "document", + "instance": "instance", + "maintenancewindow": "maintenancewindow", + "managed-instance": "managed-instance", + "managed-instance-inventory": "managed-instance-inventory", + "opsitem": "opsitem", + "opsmetadata": "opsmetadata", + "parameter": "parameter", + "patchbaseline": "patchbaseline", + "resourcearn": "resourcearn", + "session": "session", + "resourcedatasync": "resourcedatasync", + "servicesetting": "servicesetting", + "windowtarget": "windowtarget", + "windowtask": "windowtask", + "task": "task" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by 'Create' requests based on the allowed set of values for a specified tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by based on a tag key-value pair assigned to the AWS resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by 'Create' requests based on whether mandatory tags are included in the request", + "type": "ArrayOfString" + }, + "ssm:AutoApprove": { + "condition": "ssm:AutoApprove", + "description": "Filters access by verifying that a user has permission to start Change Manager workflows without a review step (with the exception of change freeze events)", + "type": "Bool" + }, + "ssm:DocumentCategories": { + "condition": "ssm:DocumentCategories", + "description": "Filters access by verifying that a user has permission to access a document belonging to a specific category enum", + "type": "ArrayOfString" + }, + "ssm:Overwrite": { + "condition": "ssm:Overwrite", + "description": "Controls whether Systems Manager parameters can be overwritten", + "type": "String" + }, + "ssm:Recursive": { + "condition": "ssm:Recursive", + "description": "Filters access to Systems Manager parameters created in a hierarchical structure", + "type": "String" + }, + "ssm:SessionDocumentAccessCheck": { + "condition": "ssm:SessionDocumentAccessCheck", + "description": "Filters access by verifying that a user has permission to access either the default Session Manager configuration document or the custom configuration document specified in a request", + "type": "Bool" + }, + "ssm:SyncType": { + "condition": "ssm:SyncType", + "description": "Filters access by verifying that a user also has access to the ResourceDataSync SyncType specified in the request", + "type": "String" + }, + "ssm:resourceTag/${TagKey}": { + "condition": "ssm:resourceTag/${TagKey}", + "description": "Filters access based on a tag key-value pair assigned to the Systems Manager resource", + "type": "String" + }, + "ssm:resourceTag/aws:ssmmessages:session-id": { + "condition": "ssm:resourceTag/aws:ssmmessages:session-id", + "description": "Filters access by based on a tag key-value pair assigned to the Systems Manager session resource", + "type": "String" + }, + "ssm:resourceTag/aws:ssmmessages:target-id": { + "condition": "ssm:resourceTag/aws:ssmmessages:target-id", + "description": "Filters access by based on a tag key-value pair assigned to the Systems Manager session resource", + "type": "String" + }, + "ssm:resourceTag/tag-key": { + "condition": "ssm:resourceTag/tag-key", + "description": "Filters access by based on a tag key-value pair assigned to the Systems Manager resource", + "type": "String" + } + } + }, + "ssm-sap": { + "service_name": "AWS Systems Manager for SAP", + "prefix": "ssm-sap", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerforsap.html", + "privileges": { + "BackupDatabase": { + "privilege": "BackupDatabase", + "description": "Grants permission to perform backup operation on a specified database", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "DeleteResourcePermission": { + "privilege": "DeleteResourcePermission", + "description": "Grants permission to delete the SSM for SAP level resource permissions associated with a SSM for SAP database resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "DeregisterApplication": { + "privilege": "DeregisterApplication", + "description": "Grants permission to deregister an SAP application with SSM for SAP", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "GetApplication": { + "privilege": "GetApplication", + "description": "Grants permission to access information about an application registered with SSM for SAP by providing the application ID or application ARN", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "GetComponent": { + "privilege": "GetComponent", + "description": "Grants permission to access information about a component registered with SSM for SAP by providing the application ID and component ID", + "access_level": "Read", + "resource_types": { + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "component": "component" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "GetDatabase": { + "privilege": "GetDatabase", + "description": "Grants permission to access information about a database registered with SSM for SAP by providing the application ID, component ID, and database ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "GetOperation": { + "privilege": "GetOperation", + "description": "Grants permission to access information about an operation by providing its operation ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "GetResourcePermission": { + "privilege": "GetResourcePermission", + "description": "Grants permission to get the SSM for SAP level resource permissions associated with a SSM for SAP database resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "ListApplications": { + "privilege": "ListApplications", + "description": "Grants permission to retrieve a list of all applications registered with SSM for SAP under the customer AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "ListComponents": { + "privilege": "ListComponents", + "description": "Grants permission to retrieve a list of all components in the account of customer, or a specific application", + "access_level": "List", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "ListDatabases": { + "privilege": "ListDatabases", + "description": "Grants permission to retrieve a list of all databases in the account of customer, or a specific application", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "ListOperations": { + "privilege": "ListOperations", + "description": "Grants permission to retrieve a list of all operations in the account of customer, additional filters can be applied", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags on a specified resource ARN", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "PutResourcePermission": { + "privilege": "PutResourcePermission", + "description": "Grants permission to add the SSM for SAP level resource permissions associated with a SSM for SAP database resource", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "RegisterApplication": { + "privilege": "RegisterApplication", + "description": "Grants permission to registers an SAP application with SSM for SAP", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "RestoreDatabase": { + "privilege": "RestoreDatabase", + "description": "Grants permission to restore a database from another database", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "StartApplicationRefresh": { + "privilege": "StartApplicationRefresh", + "description": "Grants permission to start an on-demand discovery of a registered SSM for SAP application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a specified resource ARN", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "component": "component", + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a specified resource ARN", + "access_level": "Tagging", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "component": { + "resource_type": "component", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "database": { + "resource_type": "database", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application", + "component": "component", + "database": "database", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "UpdateApplicationSettings": { + "privilege": "UpdateApplicationSettings", + "description": "Grants permission to update settings of a registered SSM for SAP application", + "access_level": "Write", + "resource_types": { + "application": { + "resource_type": "application", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "application": "application" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + }, + "UpdateHANABackupSettings": { + "privilege": "UpdateHANABackupSettings", + "description": "Grants permission to update the HANA backup settings of a specified database", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/index.html" + } + }, + "privileges_lower_name": { + "backupdatabase": "BackupDatabase", + "deleteresourcepermission": "DeleteResourcePermission", + "deregisterapplication": "DeregisterApplication", + "getapplication": "GetApplication", + "getcomponent": "GetComponent", + "getdatabase": "GetDatabase", + "getoperation": "GetOperation", + "getresourcepermission": "GetResourcePermission", + "listapplications": "ListApplications", + "listcomponents": "ListComponents", + "listdatabases": "ListDatabases", + "listoperations": "ListOperations", + "listtagsforresource": "ListTagsForResource", + "putresourcepermission": "PutResourcePermission", + "registerapplication": "RegisterApplication", + "restoredatabase": "RestoreDatabase", + "startapplicationrefresh": "StartApplicationRefresh", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateapplicationsettings": "UpdateApplicationSettings", + "updatehanabackupsettings": "UpdateHANABackupSettings" + }, + "resources": { + "application": { + "resource": "application", + "arn": "arn:${Partition}:ssm-sap:${Region}:${Account}:${ApplicationType}/${ApplicationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "component": { + "resource": "component", + "arn": "arn:${Partition}:ssm-sap:${Region}:${Account}:${ApplicationType}/${ApplicationId}/COMPONENT/${ComponentId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "database": { + "resource": "database", + "arn": "arn:${Partition}:ssm-sap:${Region}:${Account}:${ApplicationType}/${ApplicationId}/DB/${DatabaseId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "application": "application", + "component": "component", + "database": "database" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "ssm-guiconnect": { + "service_name": "AWS Systems Manager GUI Connect", + "prefix": "ssm-guiconnect", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerguiconnect.html", + "privileges": { + "CancelConnection": { + "privilege": "CancelConnection", + "description": "Grants permission to terminate a GUI Connect session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rdp.html" + }, + "GetConnection": { + "privilege": "GetConnection", + "description": "Grants permission to get the metadata for a GUI Connect session", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rdp.html" + }, + "StartConnection": { + "privilege": "StartConnection", + "description": "Grants permission to start a GUI Connect session", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-rdp.html" + } + }, + "privileges_lower_name": { + "cancelconnection": "CancelConnection", + "getconnection": "GetConnection", + "startconnection": "StartConnection" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "ssm-incidents": { + "service_name": "AWS Systems Manager Incident Manager", + "prefix": "ssm-incidents", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerincidentmanager.html", + "privileges": { + "CreateReplicationSet": { + "privilege": "CreateReplicationSet", + "description": "Grants permission to create a replication set", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:CreateServiceLinkedRole", + "ssm-incidents:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateReplicationSet.html" + }, + "CreateResponsePlan": { + "privilege": "CreateResponsePlan", + "description": "Grants permission to create a response plan", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole", + "ssm-incidents:TagResource" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateResponsePlan.html" + }, + "CreateTimelineEvent": { + "privilege": "CreateTimelineEvent", + "description": "Grants permission to create a timeline event for an incident record", + "access_level": "Write", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_CreateTimelineEvent.html" + }, + "DeleteIncidentRecord": { + "privilege": "DeleteIncidentRecord", + "description": "Grants permission to delete an incident record", + "access_level": "Write", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteIncidentRecord.html" + }, + "DeleteReplicationSet": { + "privilege": "DeleteReplicationSet", + "description": "Grants permission to delete a replication set", + "access_level": "Write", + "resource_types": { + "replication-set": { + "resource_type": "replication-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replication-set": "replication-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteReplicationSet.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete resource policy from a response plan", + "access_level": "Permissions management", + "resource_types": { + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteResourcePolicy.html" + }, + "DeleteResponsePlan": { + "privilege": "DeleteResponsePlan", + "description": "Grants permission to delete a response plan", + "access_level": "Write", + "resource_types": { + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteResponsePlan.html" + }, + "DeleteTimelineEvent": { + "privilege": "DeleteTimelineEvent", + "description": "Grants permission to delete a timeline event", + "access_level": "Write", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_DeleteTimelineEvent.html" + }, + "GetIncidentRecord": { + "privilege": "GetIncidentRecord", + "description": "Grants permission to view the contents of an incident record", + "access_level": "Read", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetIncidentRecord.html" + }, + "GetReplicationSet": { + "privilege": "GetReplicationSet", + "description": "Grants permission to view the replication set", + "access_level": "Read", + "resource_types": { + "replication-set": { + "resource_type": "replication-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replication-set": "replication-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetReplicationSet.html" + }, + "GetResourcePolicies": { + "privilege": "GetResourcePolicies", + "description": "Grants permission to view resource policies of a response plan", + "access_level": "Read", + "resource_types": { + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetResourcePolicies.html" + }, + "GetResponsePlan": { + "privilege": "GetResponsePlan", + "description": "Grants permission to view the contents of a specified response plan", + "access_level": "Read", + "resource_types": { + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetResponsePlan.html" + }, + "GetTimelineEvent": { + "privilege": "GetTimelineEvent", + "description": "Grants permission to view a timeline event", + "access_level": "Read", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_GetTimelineEvent.html" + }, + "ListIncidentRecords": { + "privilege": "ListIncidentRecords", + "description": "Grants permission to list the contents of all incident records", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListIncidentRecords.html" + }, + "ListRelatedItems": { + "privilege": "ListRelatedItems", + "description": "Grants permission to list related items of an incident records", + "access_level": "List", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListRelatedItems.html" + }, + "ListReplicationSets": { + "privilege": "ListReplicationSets", + "description": "Grants permission to list all replication sets", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListReplicationSets.html" + }, + "ListResponsePlans": { + "privilege": "ListResponsePlans", + "description": "Grants permission to list all response plans", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListResponsePlans.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to view a list of resource tags for a specified resource", + "access_level": "Read", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replication-set": { + "resource_type": "replication-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "replication-set": "replication-set", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListTagsForResource.html" + }, + "ListTimelineEvents": { + "privilege": "ListTimelineEvents", + "description": "Grants permission to list all timeline events for an incident record", + "access_level": "List", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_ListTimelineEvents.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to put resource policy on a response plan", + "access_level": "Permissions management", + "resource_types": { + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_PutResourcePolicy.html" + }, + "StartIncident": { + "privilege": "StartIncident", + "description": "Grants permission to start a new incident using a response plan", + "access_level": "Write", + "resource_types": { + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_StartIncident.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a response plan", + "access_level": "Tagging", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replication-set": { + "resource_type": "replication-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "replication-set": "replication-set", + "response-plan": "response-plan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a response plan", + "access_level": "Tagging", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "replication-set": { + "resource_type": "replication-set", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "replication-set": "replication-set", + "response-plan": "response-plan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UntagResource.html" + }, + "UpdateDeletionProtection": { + "privilege": "UpdateDeletionProtection", + "description": "Grants permission to update replication set deletion protection", + "access_level": "Write", + "resource_types": { + "replication-set": { + "resource_type": "replication-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replication-set": "replication-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateDeletionProtection.html" + }, + "UpdateIncidentRecord": { + "privilege": "UpdateIncidentRecord", + "description": "Grants permission to update the contents of an incident record", + "access_level": "Write", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateIncidentRecord.html" + }, + "UpdateRelatedItems": { + "privilege": "UpdateRelatedItems", + "description": "Grants permission to update related items of an incident record", + "access_level": "Write", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateRelatedItems.html" + }, + "UpdateReplicationSet": { + "privilege": "UpdateReplicationSet", + "description": "Grants permission to update a replication set", + "access_level": "Write", + "resource_types": { + "replication-set": { + "resource_type": "replication-set", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "replication-set": "replication-set" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateReplicationSet.html" + }, + "UpdateResponsePlan": { + "privilege": "UpdateResponsePlan", + "description": "Grants permission to update the contents of a response plan", + "access_level": "Write", + "resource_types": { + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole", + "ssm-incidents:TagResource" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "response-plan": "response-plan", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateResponsePlan.html" + }, + "UpdateTimelineEvent": { + "privilege": "UpdateTimelineEvent", + "description": "Grants permission to update a timeline event", + "access_level": "Write", + "resource_types": { + "incident-record": { + "resource_type": "incident-record", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "response-plan": { + "resource_type": "response-plan", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "incident-record": "incident-record", + "response-plan": "response-plan" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_UpdateTimelineEvent.html" + } + }, + "privileges_lower_name": { + "createreplicationset": "CreateReplicationSet", + "createresponseplan": "CreateResponsePlan", + "createtimelineevent": "CreateTimelineEvent", + "deleteincidentrecord": "DeleteIncidentRecord", + "deletereplicationset": "DeleteReplicationSet", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deleteresponseplan": "DeleteResponsePlan", + "deletetimelineevent": "DeleteTimelineEvent", + "getincidentrecord": "GetIncidentRecord", + "getreplicationset": "GetReplicationSet", + "getresourcepolicies": "GetResourcePolicies", + "getresponseplan": "GetResponsePlan", + "gettimelineevent": "GetTimelineEvent", + "listincidentrecords": "ListIncidentRecords", + "listrelateditems": "ListRelatedItems", + "listreplicationsets": "ListReplicationSets", + "listresponseplans": "ListResponsePlans", + "listtagsforresource": "ListTagsForResource", + "listtimelineevents": "ListTimelineEvents", + "putresourcepolicy": "PutResourcePolicy", + "startincident": "StartIncident", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatedeletionprotection": "UpdateDeletionProtection", + "updateincidentrecord": "UpdateIncidentRecord", + "updaterelateditems": "UpdateRelatedItems", + "updatereplicationset": "UpdateReplicationSet", + "updateresponseplan": "UpdateResponsePlan", + "updatetimelineevent": "UpdateTimelineEvent" + }, + "resources": { + "response-plan": { + "resource": "response-plan", + "arn": "arn:${Partition}:ssm-incidents::${Account}:response-plan/${ResponsePlan}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "incident-record": { + "resource": "incident-record", + "arn": "arn:${Partition}:ssm-incidents::${Account}:incident-record/${ResponsePlan}/${IncidentRecord}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "replication-set": { + "resource": "replication-set", + "arn": "arn:${Partition}:ssm-incidents::${Account}:replication-set/${ReplicationSet}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "response-plan": "response-plan", + "incident-record": "incident-record", + "replication-set": "replication-set" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "ssm-contacts": { + "service_name": "AWS Systems Manager Incident Manager Contacts", + "prefix": "ssm-contacts", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssystemsmanagerincidentmanagercontacts.html", + "privileges": { + "AcceptPage": { + "privilege": "AcceptPage", + "description": "Grants permission to accept a page", + "access_level": "Write", + "resource_types": { + "page": { + "resource_type": "page", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "page": "page" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_AcceptPage.html" + }, + "ActivateContactChannel": { + "privilege": "ActivateContactChannel", + "description": "Grants permission to activate a contact's contact channel", + "access_level": "Write", + "resource_types": { + "contactchannel": { + "resource_type": "contactchannel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contactchannel": "contactchannel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ActivateContactChannel.html" + }, + "AssociateContact": { + "privilege": "AssociateContact", + "description": "Grants permission to use a contact in an escalation plan", + "access_level": "Permissions management", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/userguide/contacts.html" + }, + "CreateContact": { + "privilege": "CreateContact", + "description": "Grants permission to create a contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ssm-contacts:AssociateContact" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateContact.html" + }, + "CreateContactChannel": { + "privilege": "CreateContactChannel", + "description": "Grants permission to create a contact channel for a contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateContactChannel.html" + }, + "CreateRotation": { + "privilege": "CreateRotation", + "description": "Grants permission to create a rotation in an on-call schedule", + "access_level": "Write", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateRotation.html" + }, + "CreateRotationOverride": { + "privilege": "CreateRotationOverride", + "description": "Grants permission to create an override for a rotation in an on-call schedule", + "access_level": "Write", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_CreateRotationOverride.html" + }, + "DeactivateContactChannel": { + "privilege": "DeactivateContactChannel", + "description": "Grants permission to deactivate a contact's contact channel", + "access_level": "Write", + "resource_types": { + "contactchannel": { + "resource_type": "contactchannel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contactchannel": "contactchannel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeactivateContactChannel.html" + }, + "DeleteContact": { + "privilege": "DeleteContact", + "description": "Grants permission to delete a contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteContact.html" + }, + "DeleteContactChannel": { + "privilege": "DeleteContactChannel", + "description": "Grants permission to delete a contact's contact channel", + "access_level": "Write", + "resource_types": { + "contactchannel": { + "resource_type": "contactchannel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contactchannel": "contactchannel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteContactChannel.html" + }, + "DeleteRotation": { + "privilege": "DeleteRotation", + "description": "Grants permission to delete a rotation", + "access_level": "Write", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteRotation.html" + }, + "DeleteRotationOverride": { + "privilege": "DeleteRotationOverride", + "description": "Grants permission to delete a rotation's rotation override", + "access_level": "Write", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DeleteRotationOverride.html" + }, + "DescribeEngagement": { + "privilege": "DescribeEngagement", + "description": "Grants permission to describe an engagement", + "access_level": "Read", + "resource_types": { + "engagement": { + "resource_type": "engagement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "engagement": "engagement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DescribeEngagement.html" + }, + "DescribePage": { + "privilege": "DescribePage", + "description": "Grants permission to describe a page", + "access_level": "Read", + "resource_types": { + "page": { + "resource_type": "page", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "page": "page" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_DescribePage.html" + }, + "GetContact": { + "privilege": "GetContact", + "description": "Grants permission to get a contact", + "access_level": "Read", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetContact.html" + }, + "GetContactChannel": { + "privilege": "GetContactChannel", + "description": "Grants permission to get a contact's contact channel", + "access_level": "Read", + "resource_types": { + "contactchannel": { + "resource_type": "contactchannel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contactchannel": "contactchannel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetContactChannel.html" + }, + "GetContactPolicy": { + "privilege": "GetContactPolicy", + "description": "Grants permission to get a contact's resource policy", + "access_level": "Read", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetContactPolicy.html" + }, + "GetRotation": { + "privilege": "GetRotation", + "description": "Grants permission to retrieve information about an on-call rotation", + "access_level": "Read", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetRotation.html" + }, + "GetRotationOverride": { + "privilege": "GetRotationOverride", + "description": "Grants permission to retrieve information about an override in an on-call rotation", + "access_level": "Read", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_GetRotationOverride.html" + }, + "ListContactChannels": { + "privilege": "ListContactChannels", + "description": "Grants permission to list all of a contact's contact channels", + "access_level": "List", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListContactChannels.html" + }, + "ListContacts": { + "privilege": "ListContacts", + "description": "Grants permission to list all contacts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListContacts.html" + }, + "ListEngagements": { + "privilege": "ListEngagements", + "description": "Grants permission to list all engagements", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListEngagements.html" + }, + "ListPageReceipts": { + "privilege": "ListPageReceipts", + "description": "Grants permission to list all receipts of a page", + "access_level": "List", + "resource_types": { + "page": { + "resource_type": "page", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "page": "page" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPageReceipts.html" + }, + "ListPageResolutions": { + "privilege": "ListPageResolutions", + "description": "Grants permission to list the resolution path of an engagement", + "access_level": "List", + "resource_types": { + "page": { + "resource_type": "page", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "page": "page" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPageResolutions.html" + }, + "ListPagesByContact": { + "privilege": "ListPagesByContact", + "description": "Grants permission to list all pages sent to a contact", + "access_level": "List", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPagesByContact.html" + }, + "ListPagesByEngagement": { + "privilege": "ListPagesByEngagement", + "description": "Grants permission to list all pages created in an engagement", + "access_level": "List", + "resource_types": { + "engagement": { + "resource_type": "engagement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "engagement": "engagement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPagesByEngagement.html" + }, + "ListPreviewRotationShifts": { + "privilege": "ListPreviewRotationShifts", + "description": "Grants permission to retrieve a list of shifts based on rotation configuration parameters", + "access_level": "List", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListPreviewRotationShifts.html" + }, + "ListRotationOverrides": { + "privilege": "ListRotationOverrides", + "description": "Grants permission to retrieve a list of overrides currently specified for an on-call rotation", + "access_level": "List", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListRotationOverrides.html" + }, + "ListRotationShifts": { + "privilege": "ListRotationShifts", + "description": "Grants permission to retrieve a list of rotation shifts in an on-call schedule", + "access_level": "List", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListRotationShifts.html" + }, + "ListRotations": { + "privilege": "ListRotations", + "description": "Grants permission to retrieve a list of on-call rotations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListRotations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to view a list of resource tags for a specified resource", + "access_level": "Read", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rotation": { + "resource_type": "rotation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_ListTagsForResource.html" + }, + "PutContactPolicy": { + "privilege": "PutContactPolicy", + "description": "Grants permission to add a resource policy to a contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_PutContactPolicy.html" + }, + "SendActivationCode": { + "privilege": "SendActivationCode", + "description": "Grants permission to send the activation code of a contact's contact channel", + "access_level": "Write", + "resource_types": { + "contactchannel": { + "resource_type": "contactchannel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contactchannel": "contactchannel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_SendActivationCode.html" + }, + "StartEngagement": { + "privilege": "StartEngagement", + "description": "Grants permission to start an engagement", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_StartEngagement.html" + }, + "StopEngagement": { + "privilege": "StopEngagement", + "description": "Grants permission to stop an engagement", + "access_level": "Write", + "resource_types": { + "engagement": { + "resource_type": "engagement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "engagement": "engagement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_StopEngagement.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rotation": { + "resource_type": "rotation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "rotation": "rotation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rotation": { + "resource_type": "rotation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contact": "contact", + "rotation": "rotation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UntagResource.html" + }, + "UpdateContact": { + "privilege": "UpdateContact", + "description": "Grants permission to update a contact", + "access_level": "Write", + "resource_types": { + "contact": { + "resource_type": "contact", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "ssm-contacts:AssociateContact" + ] + } + }, + "resource_types_lower_name": { + "contact": "contact" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UpdateContact.html" + }, + "UpdateContactChannel": { + "privilege": "UpdateContactChannel", + "description": "Grants permission to update a contact's contact channel", + "access_level": "Write", + "resource_types": { + "contactchannel": { + "resource_type": "contactchannel", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "contactchannel": "contactchannel" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UpdateContactChannel.html" + }, + "UpdateRotation": { + "privilege": "UpdateRotation", + "description": "Grants permission to update the information specified for an on-call rotation", + "access_level": "Write", + "resource_types": { + "rotation": { + "resource_type": "rotation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rotation": "rotation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/incident-manager/latest/APIReference/API_SSMContacts_UpdateRotation.html" + } + }, + "privileges_lower_name": { + "acceptpage": "AcceptPage", + "activatecontactchannel": "ActivateContactChannel", + "associatecontact": "AssociateContact", + "createcontact": "CreateContact", + "createcontactchannel": "CreateContactChannel", + "createrotation": "CreateRotation", + "createrotationoverride": "CreateRotationOverride", + "deactivatecontactchannel": "DeactivateContactChannel", + "deletecontact": "DeleteContact", + "deletecontactchannel": "DeleteContactChannel", + "deleterotation": "DeleteRotation", + "deleterotationoverride": "DeleteRotationOverride", + "describeengagement": "DescribeEngagement", + "describepage": "DescribePage", + "getcontact": "GetContact", + "getcontactchannel": "GetContactChannel", + "getcontactpolicy": "GetContactPolicy", + "getrotation": "GetRotation", + "getrotationoverride": "GetRotationOverride", + "listcontactchannels": "ListContactChannels", + "listcontacts": "ListContacts", + "listengagements": "ListEngagements", + "listpagereceipts": "ListPageReceipts", + "listpageresolutions": "ListPageResolutions", + "listpagesbycontact": "ListPagesByContact", + "listpagesbyengagement": "ListPagesByEngagement", + "listpreviewrotationshifts": "ListPreviewRotationShifts", + "listrotationoverrides": "ListRotationOverrides", + "listrotationshifts": "ListRotationShifts", + "listrotations": "ListRotations", + "listtagsforresource": "ListTagsForResource", + "putcontactpolicy": "PutContactPolicy", + "sendactivationcode": "SendActivationCode", + "startengagement": "StartEngagement", + "stopengagement": "StopEngagement", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecontact": "UpdateContact", + "updatecontactchannel": "UpdateContactChannel", + "updaterotation": "UpdateRotation" + }, + "resources": { + "contact": { + "resource": "contact", + "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:contact/${ContactAlias}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "contactchannel": { + "resource": "contactchannel", + "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:contactchannel/${ContactAlias}/${ContactChannelId}", + "condition_keys": [] + }, + "engagement": { + "resource": "engagement", + "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:engagement/${ContactAlias}/${EngagementId}", + "condition_keys": [] + }, + "page": { + "resource": "page", + "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:page/${ContactAlias}/${PageId}", + "condition_keys": [] + }, + "rotation": { + "resource": "rotation", + "arn": "arn:${Partition}:ssm-contacts:${Region}:${Account}:rotation/${RotationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "contact": "contact", + "contactchannel": "contactchannel", + "engagement": "engagement", + "page": "page", + "rotation": "rotation" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "resource-explorer": { + "service_name": "AWS Tag Editor", + "prefix": "resource-explorer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstageditor.html", + "privileges": { + "ListResourceTypes": { + "privilege": "ListResourceTypes", + "description": "Grants permission to retrieve the resource types currently supported by Tag Editor", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/userguide/gettingstarted-prereqs.html#rg-permissions-te" + }, + "ListResources": { + "privilege": "ListResources", + "description": "Grants permission to retrieve the identifiers of the resources in the AWS account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/userguide/gettingstarted-prereqs.html#rg-permissions-te" + }, + "ListTags": { + "privilege": "ListTags", + "description": "Grants permission to retrieve the tags attached to the specified resource identifiers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "tag:GetResources" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/ARG/latest/userguide/gettingstarted-prereqs.html#rg-permissions-te" + } + }, + "privileges_lower_name": { + "listresourcetypes": "ListResourceTypes", + "listresources": "ListResources", + "listtags": "ListTags" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "tax": { + "service_name": "AWS Tax Settings", + "prefix": "tax", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstaxsettings.html", + "privileges": { + "BatchPutTaxRegistration": { + "privilege": "BatchPutTaxRegistration", + "description": "Grants permission to batch update tax registrations", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "DeleteTaxRegistration": { + "privilege": "DeleteTaxRegistration", + "description": "Grants permission to delete tax registration data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetExemptions": { + "privilege": "GetExemptions", + "description": "Grants permission to view tax exemptions data", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetTaxInheritance": { + "privilege": "GetTaxInheritance", + "description": "Grants permission to view tax inheritance status", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "GetTaxInterview": { + "privilege": "GetTaxInterview", + "description": "Grants permission to retrieve tax interview data", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" + }, + "GetTaxRegistration": { + "privilege": "GetTaxRegistration", + "description": "Grants permission to view tax registrations data", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" + }, + "GetTaxRegistrationDocument": { + "privilege": "GetTaxRegistrationDocument", + "description": "Grants permission to download tax registration documents", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "ListTaxRegistrations": { + "privilege": "ListTaxRegistrations", + "description": "Grants permission to view tax registrations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "PutTaxInheritance": { + "privilege": "PutTaxInheritance", + "description": "Grants permission to set tax inheritance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + }, + "PutTaxInterview": { + "privilege": "PutTaxInterview", + "description": "Grants permission to update tax interview data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" + }, + "PutTaxRegistration": { + "privilege": "PutTaxRegistration", + "description": "Grants permission to update tax registrations data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/marketplace/latest/userguide/detailed-management-portal-permissions.html" + }, + "UpdateExemptions": { + "privilege": "UpdateExemptions", + "description": "Grants permission to update tax exemptions data", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html" + } + }, + "privileges_lower_name": { + "batchputtaxregistration": "BatchPutTaxRegistration", + "deletetaxregistration": "DeleteTaxRegistration", + "getexemptions": "GetExemptions", + "gettaxinheritance": "GetTaxInheritance", + "gettaxinterview": "GetTaxInterview", + "gettaxregistration": "GetTaxRegistration", + "gettaxregistrationdocument": "GetTaxRegistrationDocument", + "listtaxregistrations": "ListTaxRegistrations", + "puttaxinheritance": "PutTaxInheritance", + "puttaxinterview": "PutTaxInterview", + "puttaxregistration": "PutTaxRegistration", + "updateexemptions": "UpdateExemptions" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "tnb": { + "service_name": "AWS Telco Network Builder", + "prefix": "tnb", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstelconetworkbuilder.html", + "privileges": { + "CancelSolNetworkOperation": { + "privilege": "CancelSolNetworkOperation", + "description": "Grants permission to cancel a network operation", + "access_level": "Write", + "resource_types": { + "network-operation": { + "resource_type": "network-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-operation": "network-operation" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CancelSolNetworkOperation.html" + }, + "CreateSolFunctionPackage": { + "privilege": "CreateSolFunctionPackage", + "description": "Grants permission to create a function package", + "access_level": "Write", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CreateSolFunctionPackage.html" + }, + "CreateSolNetworkInstance": { + "privilege": "CreateSolNetworkInstance", + "description": "Grants permission to create a network instance", + "access_level": "Write", + "resource_types": { + "network-instance": { + "resource_type": "network-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-instance": "network-instance", + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CreateSolNetworkInstance.html" + }, + "CreateSolNetworkPackage": { + "privilege": "CreateSolNetworkPackage", + "description": "Grants permission to create a network package", + "access_level": "Write", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_CreateSolNetworkPackage.html" + }, + "DeleteSolFunctionPackage": { + "privilege": "DeleteSolFunctionPackage", + "description": "Grants permission to delete a function package", + "access_level": "Write", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_DeleteSolFunctionPackage.html" + }, + "DeleteSolNetworkInstance": { + "privilege": "DeleteSolNetworkInstance", + "description": "Grants permission to delete a network instance", + "access_level": "Write", + "resource_types": { + "network-instance": { + "resource_type": "network-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-instance": "network-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_DeleteSolNetworkInstance.html" + }, + "DeleteSolNetworkPackage": { + "privilege": "DeleteSolNetworkPackage", + "description": "Grants permission to delete a network package", + "access_level": "Write", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_DeleteSolNetworkPackage.html" + }, + "GetSolFunctionInstance": { + "privilege": "GetSolFunctionInstance", + "description": "Grants permission to get a function instance", + "access_level": "Read", + "resource_types": { + "function-instance": { + "resource_type": "function-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-instance": "function-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionInstance.html" + }, + "GetSolFunctionPackage": { + "privilege": "GetSolFunctionPackage", + "description": "Grants permission to get a function package", + "access_level": "Read", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionPackage.html" + }, + "GetSolFunctionPackageContent": { + "privilege": "GetSolFunctionPackageContent", + "description": "Grants permission to get a function package contents", + "access_level": "Read", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionPackageContent.html" + }, + "GetSolFunctionPackageDescriptor": { + "privilege": "GetSolFunctionPackageDescriptor", + "description": "Grants permission to get a function package descriptor", + "access_level": "Read", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolFunctionPackageDescriptor.html" + }, + "GetSolNetworkInstance": { + "privilege": "GetSolNetworkInstance", + "description": "Grants permission to get a network instance", + "access_level": "Read", + "resource_types": { + "network-instance": { + "resource_type": "network-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-instance": "network-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkInstance.html" + }, + "GetSolNetworkOperation": { + "privilege": "GetSolNetworkOperation", + "description": "Grants permission to get a network operation", + "access_level": "Read", + "resource_types": { + "network-operation": { + "resource_type": "network-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-operation": "network-operation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkOperation.html" + }, + "GetSolNetworkPackage": { + "privilege": "GetSolNetworkPackage", + "description": "Grants permission to get a network package", + "access_level": "Read", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkPackage.html" + }, + "GetSolNetworkPackageContent": { + "privilege": "GetSolNetworkPackageContent", + "description": "Grants permission to get a network package contents", + "access_level": "Read", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkPackageContent.html" + }, + "GetSolNetworkPackageDescriptor": { + "privilege": "GetSolNetworkPackageDescriptor", + "description": "Grants permission to get a network package descriptor", + "access_level": "Read", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_GetSolNetworkPackageDescriptor.html" + }, + "InstantiateSolNetworkInstance": { + "privilege": "InstantiateSolNetworkInstance", + "description": "Grants permission to instantiate a network instance", + "access_level": "Write", + "resource_types": { + "network-instance": { + "resource_type": "network-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-instance": "network-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_InstantiateSolNetworkInstance.html" + }, + "ListSolFunctionInstances": { + "privilege": "ListSolFunctionInstances", + "description": "Grants permission to list function instances", + "access_level": "List", + "resource_types": { + "function-instance": { + "resource_type": "function-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-instance": "function-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolFunctionInstances.html" + }, + "ListSolFunctionPackages": { + "privilege": "ListSolFunctionPackages", + "description": "Grants permission to list function packages", + "access_level": "List", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolFunctionPackages.html" + }, + "ListSolNetworkInstances": { + "privilege": "ListSolNetworkInstances", + "description": "Grants permission to list network instances", + "access_level": "List", + "resource_types": { + "network-instance": { + "resource_type": "network-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-instance": "network-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolNetworkInstances.html" + }, + "ListSolNetworkOperations": { + "privilege": "ListSolNetworkOperations", + "description": "Grants permission to list network operations", + "access_level": "List", + "resource_types": { + "network-operation": { + "resource_type": "network-operation", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-operation": "network-operation", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolNetworkOperations.html" + }, + "ListSolNetworkPackages": { + "privilege": "ListSolNetworkPackages", + "description": "Grants permission to list network packages", + "access_level": "List", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListSolNetworkPackages.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to return a list of tags for a resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ListTagsForResource.html" + }, + "PutSolFunctionPackageContent": { + "privilege": "PutSolFunctionPackageContent", + "description": "Grants permission to upload function package content", + "access_level": "Write", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_PutSolFunctionPackageContent.html" + }, + "PutSolNetworkPackageContent": { + "privilege": "PutSolNetworkPackageContent", + "description": "Grants permission to upload network package content", + "access_level": "Write", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_PutSolNetworkPackageContent.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to the specified resource", + "access_level": "Tagging", + "resource_types": { + "function-instance": { + "resource_type": "function-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "function-package": { + "resource_type": "function-package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-instance": { + "resource_type": "network-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-operation": { + "resource_type": "network-operation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-package": { + "resource_type": "network-package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-instance": "function-instance", + "function-package": "function-package", + "network-instance": "network-instance", + "network-operation": "network-operation", + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_TagResource.html" + }, + "TerminateSolNetworkInstance": { + "privilege": "TerminateSolNetworkInstance", + "description": "Grants permission to terminate a network instance", + "access_level": "Write", + "resource_types": { + "network-instance": { + "resource_type": "network-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-instance": "network-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_TerminateSolNetworkInstance.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from the specified resource", + "access_level": "Tagging", + "resource_types": { + "function-instance": { + "resource_type": "function-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "function-package": { + "resource_type": "function-package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-instance": { + "resource_type": "network-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-operation": { + "resource_type": "network-operation", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "network-package": { + "resource_type": "network-package", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-instance": "function-instance", + "function-package": "function-package", + "network-instance": "network-instance", + "network-operation": "network-operation", + "network-package": "network-package", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UntagResource.html" + }, + "UpdateSolFunctionPackage": { + "privilege": "UpdateSolFunctionPackage", + "description": "Grants permission to update a function package", + "access_level": "Write", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UpdateSolFunctionPackage.html" + }, + "UpdateSolNetworkInstance": { + "privilege": "UpdateSolNetworkInstance", + "description": "Grants permission to update a network instance", + "access_level": "Write", + "resource_types": { + "function-instance": { + "resource_type": "function-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "network-instance": { + "resource_type": "network-instance", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-instance": "function-instance", + "network-instance": "network-instance", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UpdateSolNetworkInstance.html" + }, + "UpdateSolNetworkPackage": { + "privilege": "UpdateSolNetworkPackage", + "description": "Grants permission to update a network package", + "access_level": "Write", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_UpdateSolNetworkPackage.html" + }, + "ValidateSolFunctionPackageContent": { + "privilege": "ValidateSolFunctionPackageContent", + "description": "Grants permission to validate function package content", + "access_level": "Write", + "resource_types": { + "function-package": { + "resource_type": "function-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "function-package": "function-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ValidateSolFunctionPackageContent.html" + }, + "ValidateSolNetworkPackageContent": { + "privilege": "ValidateSolNetworkPackageContent", + "description": "Grants permission to validate network package content", + "access_level": "Write", + "resource_types": { + "network-package": { + "resource_type": "network-package", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network-package": "network-package" + }, + "api_documentation_link": "https://docs.aws.amazon.com/tnb/latest/APIReference/API_ValidateSolNetworkPackageContent.html" + } + }, + "privileges_lower_name": { + "cancelsolnetworkoperation": "CancelSolNetworkOperation", + "createsolfunctionpackage": "CreateSolFunctionPackage", + "createsolnetworkinstance": "CreateSolNetworkInstance", + "createsolnetworkpackage": "CreateSolNetworkPackage", + "deletesolfunctionpackage": "DeleteSolFunctionPackage", + "deletesolnetworkinstance": "DeleteSolNetworkInstance", + "deletesolnetworkpackage": "DeleteSolNetworkPackage", + "getsolfunctioninstance": "GetSolFunctionInstance", + "getsolfunctionpackage": "GetSolFunctionPackage", + "getsolfunctionpackagecontent": "GetSolFunctionPackageContent", + "getsolfunctionpackagedescriptor": "GetSolFunctionPackageDescriptor", + "getsolnetworkinstance": "GetSolNetworkInstance", + "getsolnetworkoperation": "GetSolNetworkOperation", + "getsolnetworkpackage": "GetSolNetworkPackage", + "getsolnetworkpackagecontent": "GetSolNetworkPackageContent", + "getsolnetworkpackagedescriptor": "GetSolNetworkPackageDescriptor", + "instantiatesolnetworkinstance": "InstantiateSolNetworkInstance", + "listsolfunctioninstances": "ListSolFunctionInstances", + "listsolfunctionpackages": "ListSolFunctionPackages", + "listsolnetworkinstances": "ListSolNetworkInstances", + "listsolnetworkoperations": "ListSolNetworkOperations", + "listsolnetworkpackages": "ListSolNetworkPackages", + "listtagsforresource": "ListTagsForResource", + "putsolfunctionpackagecontent": "PutSolFunctionPackageContent", + "putsolnetworkpackagecontent": "PutSolNetworkPackageContent", + "tagresource": "TagResource", + "terminatesolnetworkinstance": "TerminateSolNetworkInstance", + "untagresource": "UntagResource", + "updatesolfunctionpackage": "UpdateSolFunctionPackage", + "updatesolnetworkinstance": "UpdateSolNetworkInstance", + "updatesolnetworkpackage": "UpdateSolNetworkPackage", + "validatesolfunctionpackagecontent": "ValidateSolFunctionPackageContent", + "validatesolnetworkpackagecontent": "ValidateSolNetworkPackageContent" + }, + "resources": { + "function-package": { + "resource": "function-package", + "arn": "arn:${Partition}:tnb:${Region}:${Account}:function-package/${FunctionPackageId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "network-package": { + "resource": "network-package", + "arn": "arn:${Partition}:tnb:${Region}:${Account}:network-package/${NetworkPackageId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "network-instance": { + "resource": "network-instance", + "arn": "arn:${Partition}:tnb:${Region}:${Account}:network-instance/${NetworkInstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "function-instance": { + "resource": "function-instance", + "arn": "arn:${Partition}:tnb:${Region}:${Account}:function-instance/${FunctionInstanceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "network-operation": { + "resource": "network-operation", + "arn": "arn:${Partition}:tnb:${Region}:${Account}:network-operation/${NetworkOperationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "function-package": "function-package", + "network-package": "network-package", + "network-instance": "network-instance", + "function-instance": "function-instance", + "network-operation": "network-operation" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by checking the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by checking tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "tiros": { + "service_name": "AWS Tiros", + "prefix": "tiros", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstiros.html", + "privileges": { + "CreateQuery": { + "privilege": "CreateQuery", + "description": "Grants permission to create a VPC reachability query", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" + }, + "ExtendQuery": { + "privilege": "ExtendQuery", + "description": "Grants permission to extend a VPC reachability query to include the calling principals account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" + }, + "GetQueryAnswer": { + "privilege": "GetQueryAnswer", + "description": "Grants permission to get VPC reachability query answers", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" + }, + "GetQueryExplanation": { + "privilege": "GetQueryExplanation", + "description": "Grants permission to get VPC reachability query explanations", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" + }, + "GetQueryExtensionAccounts": { + "privilege": "GetQueryExtensionAccounts", + "description": "Grants permission to list accounts that might be useful in a new query", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/vpc/latest/reachability/security_iam_required-API-permissions.html" + } + }, + "privileges_lower_name": { + "createquery": "CreateQuery", + "extendquery": "ExtendQuery", + "getqueryanswer": "GetQueryAnswer", + "getqueryexplanation": "GetQueryExplanation", + "getqueryextensionaccounts": "GetQueryExtensionAccounts" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "transfer": { + "service_name": "AWS Transfer Family", + "prefix": "transfer", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstransferfamily.html", + "privileges": { + "CreateAccess": { + "privilege": "CreateAccess", + "description": "Grants permission to add an access associated with a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateAccess.html" + }, + "CreateAgreement": { + "privilege": "CreateAgreement", + "description": "Grants permission to add an agreement associated with a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateAgreement.html" + }, + "CreateConnector": { + "privilege": "CreateConnector", + "description": "Grants permission to create a connector", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateConnector.html" + }, + "CreateProfile": { + "privilege": "CreateProfile", + "description": "Grants permission to create a profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateProfile.html" + }, + "CreateServer": { + "privilege": "CreateServer", + "description": "Grants permission to create a server", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateServer.html" + }, + "CreateUser": { + "privilege": "CreateUser", + "description": "Grants permission to add a user associated with a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateUser.html" + }, + "CreateWorkflow": { + "privilege": "CreateWorkflow", + "description": "Grants permission to create a workflow", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_CreateWorkflow.html" + }, + "DeleteAccess": { + "privilege": "DeleteAccess", + "description": "Grants permission to delete access", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteAccess.html" + }, + "DeleteAgreement": { + "privilege": "DeleteAgreement", + "description": "Grants permission to delete agreement", + "access_level": "Write", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agreement": "agreement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteAgreement.html" + }, + "DeleteCertificate": { + "privilege": "DeleteCertificate", + "description": "Grants permission to delete certificate", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteCertificate.html" + }, + "DeleteConnector": { + "privilege": "DeleteConnector", + "description": "Grants permission to delete connector", + "access_level": "Write", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteConnector.html" + }, + "DeleteHostKey": { + "privilege": "DeleteHostKey", + "description": "Grants permission to delete a host key associated with a server", + "access_level": "Write", + "resource_types": { + "host-key": { + "resource_type": "host-key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "host-key": "host-key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteHostKey.html" + }, + "DeleteProfile": { + "privilege": "DeleteProfile", + "description": "Grants permission to delete profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteProfile.html" + }, + "DeleteServer": { + "privilege": "DeleteServer", + "description": "Grants permission to delete a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteServer.html" + }, + "DeleteSshPublicKey": { + "privilege": "DeleteSshPublicKey", + "description": "Grants permission to delete an SSH public key from a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteSshPublicKey.html" + }, + "DeleteUser": { + "privilege": "DeleteUser", + "description": "Grants permission to delete a user associated with a server", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteUser.html" + }, + "DeleteWorkflow": { + "privilege": "DeleteWorkflow", + "description": "Grants permission to delete a workflow", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DeleteWorkflow.html" + }, + "DescribeAccess": { + "privilege": "DescribeAccess", + "description": "Grants permission to describe an access assigned to a server", + "access_level": "Read", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeAccess.html" + }, + "DescribeAgreement": { + "privilege": "DescribeAgreement", + "description": "Grants permission to describe an agreement assigned to a server", + "access_level": "Read", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agreement": "agreement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeAgreement.html" + }, + "DescribeCertificate": { + "privilege": "DescribeCertificate", + "description": "Grants permission to describe a certificate", + "access_level": "Read", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeCertificate.html" + }, + "DescribeConnector": { + "privilege": "DescribeConnector", + "description": "Grants permission to describe a connector", + "access_level": "Read", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeConnector.html" + }, + "DescribeExecution": { + "privilege": "DescribeExecution", + "description": "Grants permission to describe an execution associated with a workflow", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeExecution.html" + }, + "DescribeHostKey": { + "privilege": "DescribeHostKey", + "description": "Grants permission to describe a host key associated with a server", + "access_level": "Read", + "resource_types": { + "host-key": { + "resource_type": "host-key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "host-key": "host-key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeHostKey.html" + }, + "DescribeProfile": { + "privilege": "DescribeProfile", + "description": "Grants permission to describe a profile", + "access_level": "Read", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeProfile.html" + }, + "DescribeSecurityPolicy": { + "privilege": "DescribeSecurityPolicy", + "description": "Grants permission to describe a security policy", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeSecurityPolicy.html" + }, + "DescribeServer": { + "privilege": "DescribeServer", + "description": "Grants permission to describe a server", + "access_level": "Read", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeServer.html" + }, + "DescribeUser": { + "privilege": "DescribeUser", + "description": "Grants permission to describe a user associated with a server", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeUser.html" + }, + "DescribeWorkflow": { + "privilege": "DescribeWorkflow", + "description": "Grants permission to describe a workflow", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeWorkflow.html" + }, + "ImportCertificate": { + "privilege": "ImportCertificate", + "description": "Grants permission to add a certificate", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ImportCertificate.html" + }, + "ImportHostKey": { + "privilege": "ImportHostKey", + "description": "Grants permission to add a host key to a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ImportHostKey.html" + }, + "ImportSshPublicKey": { + "privilege": "ImportSshPublicKey", + "description": "Grants permission to add an SSH public key to a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ImportSshPublicKey.html" + }, + "ListAccesses": { + "privilege": "ListAccesses", + "description": "Grants permission to list accesses", + "access_level": "Read", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListAccesses.html" + }, + "ListAgreements": { + "privilege": "ListAgreements", + "description": "Grants permission to list agreements", + "access_level": "Read", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListAgreements.html" + }, + "ListCertificates": { + "privilege": "ListCertificates", + "description": "Grants permission to list certificates", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListCertificates.html" + }, + "ListConnectors": { + "privilege": "ListConnectors", + "description": "Grants permission to list connectors", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListConnectors.html" + }, + "ListExecutions": { + "privilege": "ListExecutions", + "description": "Grants permission to list executions associated with a workflow", + "access_level": "Read", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListExecutions.html" + }, + "ListHostKeys": { + "privilege": "ListHostKeys", + "description": "Grants permission to list host keys associated with a server", + "access_level": "Read", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListHostKeys.html" + }, + "ListProfiles": { + "privilege": "ListProfiles", + "description": "Grants permission to list profiles", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListProfiles.html" + }, + "ListSecurityPolicies": { + "privilege": "ListSecurityPolicies", + "description": "Grants permission to list security policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListSecurityPolicies.html" + }, + "ListServers": { + "privilege": "ListServers", + "description": "Grants permission to list servers", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListServers.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an AWS Transfer Family resource", + "access_level": "Read", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "certificate": { + "resource_type": "certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connector": { + "resource_type": "connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "host-key": { + "resource_type": "host-key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "server": { + "resource_type": "server", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agreement": "agreement", + "certificate": "certificate", + "connector": "connector", + "host-key": "host-key", + "profile": "profile", + "server": "server", + "user": "user", + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListTagsForResource.html" + }, + "ListUsers": { + "privilege": "ListUsers", + "description": "Grants permission to list users associated with a server", + "access_level": "List", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListUsers.html" + }, + "ListWorkflows": { + "privilege": "ListWorkflows", + "description": "Grants permission to list workflows", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_ListWorkflows.html" + }, + "SendWorkflowStepState": { + "privilege": "SendWorkflowStepState", + "description": "Grants permission to send a callback for asynchronous custom steps", + "access_level": "Write", + "resource_types": { + "workflow": { + "resource_type": "workflow", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workflow": "workflow" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_SendWorkflowStepState.html" + }, + "StartFileTransfer": { + "privilege": "StartFileTransfer", + "description": "Grants permission to initiate a connector file transfer", + "access_level": "Write", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_StartFileTransfer.html" + }, + "StartServer": { + "privilege": "StartServer", + "description": "Grants permission to start a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_StartServer.html" + }, + "StopServer": { + "privilege": "StopServer", + "description": "Grants permission to stop a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_StopServer.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag an AWS Transfer Family resource", + "access_level": "Tagging", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "certificate": { + "resource_type": "certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connector": { + "resource_type": "connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "host-key": { + "resource_type": "host-key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "server": { + "resource_type": "server", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agreement": "agreement", + "certificate": "certificate", + "connector": "connector", + "host-key": "host-key", + "profile": "profile", + "server": "server", + "user": "user", + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_TagResource.html" + }, + "TestConnection": { + "privilege": "TestConnection", + "description": "Grants permission to test a connector's connection to remote server", + "access_level": "Write", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_TestConnection.html" + }, + "TestIdentityProvider": { + "privilege": "TestIdentityProvider", + "description": "Grants permission to test a server's custom identity provider", + "access_level": "Read", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_TestIdentityProvider.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag an AWS Transfer Family resource", + "access_level": "Tagging", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "certificate": { + "resource_type": "certificate", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "connector": { + "resource_type": "connector", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "host-key": { + "resource_type": "host-key", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "server": { + "resource_type": "server", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "user": { + "resource_type": "user", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workflow": { + "resource_type": "workflow", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "agreement": "agreement", + "certificate": "certificate", + "connector": "connector", + "host-key": "host-key", + "profile": "profile", + "server": "server", + "user": "user", + "workflow": "workflow", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UntagResource.html" + }, + "UpdateAccess": { + "privilege": "UpdateAccess", + "description": "Grants permission to update access", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateAccess.html" + }, + "UpdateAgreement": { + "privilege": "UpdateAgreement", + "description": "Grants permission to update an agreement", + "access_level": "Write", + "resource_types": { + "agreement": { + "resource_type": "agreement", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "agreement": "agreement" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateAgreement.html" + }, + "UpdateCertificate": { + "privilege": "UpdateCertificate", + "description": "Grants permission to update a certificate", + "access_level": "Write", + "resource_types": { + "certificate": { + "resource_type": "certificate", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "certificate": "certificate" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateCertificate.html" + }, + "UpdateConnector": { + "privilege": "UpdateConnector", + "description": "Grants permission to update a connector", + "access_level": "Write", + "resource_types": { + "connector": { + "resource_type": "connector", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "connector": "connector" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateConnector.html" + }, + "UpdateHostKey": { + "privilege": "UpdateHostKey", + "description": "Grants permission to update a host key", + "access_level": "Write", + "resource_types": { + "host-key": { + "resource_type": "host-key", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "host-key": "host-key" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateHostKey.html" + }, + "UpdateProfile": { + "privilege": "UpdateProfile", + "description": "Grants permission to update a profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateProfile.html" + }, + "UpdateServer": { + "privilege": "UpdateServer", + "description": "Grants permission to update the configuration of a server", + "access_level": "Write", + "resource_types": { + "server": { + "resource_type": "server", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "server": "server" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html" + }, + "UpdateUser": { + "privilege": "UpdateUser", + "description": "Grants permission to update the configuration of a user", + "access_level": "Write", + "resource_types": { + "user": { + "resource_type": "user", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:PassRole" + ] + } + }, + "resource_types_lower_name": { + "user": "user" + }, + "api_documentation_link": "https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateUser.html" + } + }, + "privileges_lower_name": { + "createaccess": "CreateAccess", + "createagreement": "CreateAgreement", + "createconnector": "CreateConnector", + "createprofile": "CreateProfile", + "createserver": "CreateServer", + "createuser": "CreateUser", + "createworkflow": "CreateWorkflow", + "deleteaccess": "DeleteAccess", + "deleteagreement": "DeleteAgreement", + "deletecertificate": "DeleteCertificate", + "deleteconnector": "DeleteConnector", + "deletehostkey": "DeleteHostKey", + "deleteprofile": "DeleteProfile", + "deleteserver": "DeleteServer", + "deletesshpublickey": "DeleteSshPublicKey", + "deleteuser": "DeleteUser", + "deleteworkflow": "DeleteWorkflow", + "describeaccess": "DescribeAccess", + "describeagreement": "DescribeAgreement", + "describecertificate": "DescribeCertificate", + "describeconnector": "DescribeConnector", + "describeexecution": "DescribeExecution", + "describehostkey": "DescribeHostKey", + "describeprofile": "DescribeProfile", + "describesecuritypolicy": "DescribeSecurityPolicy", + "describeserver": "DescribeServer", + "describeuser": "DescribeUser", + "describeworkflow": "DescribeWorkflow", + "importcertificate": "ImportCertificate", + "importhostkey": "ImportHostKey", + "importsshpublickey": "ImportSshPublicKey", + "listaccesses": "ListAccesses", + "listagreements": "ListAgreements", + "listcertificates": "ListCertificates", + "listconnectors": "ListConnectors", + "listexecutions": "ListExecutions", + "listhostkeys": "ListHostKeys", + "listprofiles": "ListProfiles", + "listsecuritypolicies": "ListSecurityPolicies", + "listservers": "ListServers", + "listtagsforresource": "ListTagsForResource", + "listusers": "ListUsers", + "listworkflows": "ListWorkflows", + "sendworkflowstepstate": "SendWorkflowStepState", + "startfiletransfer": "StartFileTransfer", + "startserver": "StartServer", + "stopserver": "StopServer", + "tagresource": "TagResource", + "testconnection": "TestConnection", + "testidentityprovider": "TestIdentityProvider", + "untagresource": "UntagResource", + "updateaccess": "UpdateAccess", + "updateagreement": "UpdateAgreement", + "updatecertificate": "UpdateCertificate", + "updateconnector": "UpdateConnector", + "updatehostkey": "UpdateHostKey", + "updateprofile": "UpdateProfile", + "updateserver": "UpdateServer", + "updateuser": "UpdateUser" + }, + "resources": { + "user": { + "resource": "user", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:user/${ServerId}/${UserName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "server": { + "resource": "server", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:server/${ServerId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "workflow": { + "resource": "workflow", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:workflow/${WorkflowId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "certificate": { + "resource": "certificate", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:certificate/${CertificateId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "connector": { + "resource": "connector", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:connector/${ConnectorId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "profile": { + "resource": "profile", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:profile/${ProfileId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "agreement": { + "resource": "agreement", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:agreement/${AgreementId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "host-key": { + "resource": "host-key", + "arn": "arn:${Partition}:transfer:${Region}:${Account}:host-key/${ServerId}/${HostKeyId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "user": "user", + "server": "server", + "workflow": "workflow", + "certificate": "certificate", + "connector": "connector", + "profile": "profile", + "agreement": "agreement", + "host-key": "host-key" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "trustedadvisor": { + "service_name": "AWS Trusted Advisor", + "prefix": "trustedadvisor", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awstrustedadvisor.html", + "privileges": { + "CreateEngagement": { + "privilege": "CreateEngagement", + "description": "Grants permission to create an engagement", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "CreateEngagementAttachment": { + "privilege": "CreateEngagementAttachment", + "description": "Grants permission to create an engagement attachment", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "CreateEngagementCommunication": { + "privilege": "CreateEngagementCommunication", + "description": "Grants permission to create an engagement communication", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DeleteNotificationConfigurationForDelegatedAdmin": { + "privilege": "DeleteNotificationConfigurationForDelegatedAdmin", + "description": "Grants permission to the organization management account to delete email notification preferences from a delegated administrator account for Trusted Advisor Priority", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeAccount": { + "privilege": "DescribeAccount", + "description": "Grants permission to view the AWS Support plan and various AWS Trusted Advisor preferences", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeAccountAccess": { + "privilege": "DescribeAccountAccess", + "description": "Grants permission to view if the AWS account has enabled or disabled AWS Trusted Advisor", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeCheckItems": { + "privilege": "DescribeCheckItems", + "description": "Grants permission to view details for the check items", + "access_level": "Read", + "resource_types": { + "checks": { + "resource_type": "checks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "checks": "checks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeCheckRefreshStatuses": { + "privilege": "DescribeCheckRefreshStatuses", + "description": "Grants permission to view the refresh statuses for AWS Trusted Advisor checks", + "access_level": "Read", + "resource_types": { + "checks": { + "resource_type": "checks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "checks": "checks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeCheckStatusHistoryChanges": { + "privilege": "DescribeCheckStatusHistoryChanges", + "description": "Grants permission to view the results and changed statuses for checks in the last 30 days", + "access_level": "Read", + "resource_types": { + "checks": { + "resource_type": "checks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "checks": "checks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeCheckSummaries": { + "privilege": "DescribeCheckSummaries", + "description": "Grants permission to view AWS Trusted Advisor check summaries", + "access_level": "Read", + "resource_types": { + "checks": { + "resource_type": "checks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "checks": "checks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeChecks": { + "privilege": "DescribeChecks", + "description": "Grants permission to view details for AWS Trusted Advisor checks", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeNotificationConfigurations": { + "privilege": "DescribeNotificationConfigurations", + "description": "Grants permission to get your email notification preferences for Trusted Advisor Priority", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeNotificationPreferences": { + "privilege": "DescribeNotificationPreferences", + "description": "Grants permission to view the notification preferences for the AWS account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeOrganization": { + "privilege": "DescribeOrganization", + "description": "Grants permission to view if the AWS account meets the requirements to enable the organizational view feature", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeOrganizationAccounts": { + "privilege": "DescribeOrganizationAccounts", + "description": "Grants permission to view the linked AWS accounts that are in the organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeReports": { + "privilege": "DescribeReports", + "description": "Grants permission to view details for organizational view reports, such as the report name, runtime, date created, status, and format", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeRisk": { + "privilege": "DescribeRisk", + "description": "Grants permission to view risk details in AWS Trusted Advisor Priority", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeRiskResources": { + "privilege": "DescribeRiskResources", + "description": "Grants permission to view affected resources for a risk in AWS Trusted Advisor Priority", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeRisks": { + "privilege": "DescribeRisks", + "description": "Grants permission to view risks in AWS Trusted Advisor Priority", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DescribeServiceMetadata": { + "privilege": "DescribeServiceMetadata", + "description": "Grants permission to view information about organizational view reports, such as the AWS Regions, check categories, check names, and resource statuses", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "DownloadRisk": { + "privilege": "DownloadRisk", + "description": "Grants permission to download a file that contains details about the risk in AWS Trusted Advisor Priority", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "ExcludeCheckItems": { + "privilege": "ExcludeCheckItems", + "description": "Grants permission to exclude recommendations for AWS Trusted Advisor checks", + "access_level": "Write", + "resource_types": { + "checks": { + "resource_type": "checks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "checks": "checks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "GenerateReport": { + "privilege": "GenerateReport", + "description": "Grants permission to create a report for AWS Trusted Advisor checks in your organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "GetEngagement": { + "privilege": "GetEngagement", + "description": "Grants permission to view an engagment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "GetEngagementAttachment": { + "privilege": "GetEngagementAttachment", + "description": "Grants permission to view an engagment attachment", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "GetEngagementType": { + "privilege": "GetEngagementType", + "description": "Grants permission to view a specific engagement type", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "IncludeCheckItems": { + "privilege": "IncludeCheckItems", + "description": "Grants permission to include recommendations for AWS Trusted Advisor checks", + "access_level": "Write", + "resource_types": { + "checks": { + "resource_type": "checks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "checks": "checks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "ListAccountsForParent": { + "privilege": "ListAccountsForParent", + "description": "Grants permission to view, in the Trusted Advisor console, all of the accounts in an AWS organization that are contained by a root or organizational unit (OU)", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "ListEngagementCommunications": { + "privilege": "ListEngagementCommunications", + "description": "Grants permission to view all communications for an engagement", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "ListEngagementTypes": { + "privilege": "ListEngagementTypes", + "description": "Grants permission to view all engagement types", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "ListEngagements": { + "privilege": "ListEngagements", + "description": "Grants permission to view all engagements", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "ListOrganizationalUnitsForParent": { + "privilege": "ListOrganizationalUnitsForParent", + "description": "Grants permission to view, in the Trusted Advisor console, all of the organizational units (OUs) in a parent organizational unit or root", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "ListRoots": { + "privilege": "ListRoots", + "description": "Grants permission to view, in the Trusted Advisor console, all of the roots that are defined in an AWS organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "RefreshCheck": { + "privilege": "RefreshCheck", + "description": "Grants permission to refresh an AWS Trusted Advisor check", + "access_level": "Write", + "resource_types": { + "checks": { + "resource_type": "checks", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "checks": "checks" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "SetAccountAccess": { + "privilege": "SetAccountAccess", + "description": "Grants permission to enable or disable AWS Trusted Advisor for the account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "SetOrganizationAccess": { + "privilege": "SetOrganizationAccess", + "description": "Grants permission to enable the organizational view feature for AWS Trusted Advisor", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "UpdateEngagement": { + "privilege": "UpdateEngagement", + "description": "Grants permission to update the details of an engagement", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "UpdateEngagementStatus": { + "privilege": "UpdateEngagementStatus", + "description": "Grants permission to update the status of an engagement", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "UpdateNotificationConfigurations": { + "privilege": "UpdateNotificationConfigurations", + "description": "Grants permission to create or update your email notification preferences for Trusted Advisor Priority", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "UpdateNotificationPreferences": { + "privilege": "UpdateNotificationPreferences", + "description": "Grants permission to update notification preferences for AWS Trusted Advisor", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + }, + "UpdateRiskStatus": { + "privilege": "UpdateRiskStatus", + "description": "Grants permission to update the risk status in AWS Trusted Advisor Priority", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/awssupport/latest/user/security-trusted-advisor.html#trusted-advisor-operations" + } + }, + "privileges_lower_name": { + "createengagement": "CreateEngagement", + "createengagementattachment": "CreateEngagementAttachment", + "createengagementcommunication": "CreateEngagementCommunication", + "deletenotificationconfigurationfordelegatedadmin": "DeleteNotificationConfigurationForDelegatedAdmin", + "describeaccount": "DescribeAccount", + "describeaccountaccess": "DescribeAccountAccess", + "describecheckitems": "DescribeCheckItems", + "describecheckrefreshstatuses": "DescribeCheckRefreshStatuses", + "describecheckstatushistorychanges": "DescribeCheckStatusHistoryChanges", + "describechecksummaries": "DescribeCheckSummaries", + "describechecks": "DescribeChecks", + "describenotificationconfigurations": "DescribeNotificationConfigurations", + "describenotificationpreferences": "DescribeNotificationPreferences", + "describeorganization": "DescribeOrganization", + "describeorganizationaccounts": "DescribeOrganizationAccounts", + "describereports": "DescribeReports", + "describerisk": "DescribeRisk", + "describeriskresources": "DescribeRiskResources", + "describerisks": "DescribeRisks", + "describeservicemetadata": "DescribeServiceMetadata", + "downloadrisk": "DownloadRisk", + "excludecheckitems": "ExcludeCheckItems", + "generatereport": "GenerateReport", + "getengagement": "GetEngagement", + "getengagementattachment": "GetEngagementAttachment", + "getengagementtype": "GetEngagementType", + "includecheckitems": "IncludeCheckItems", + "listaccountsforparent": "ListAccountsForParent", + "listengagementcommunications": "ListEngagementCommunications", + "listengagementtypes": "ListEngagementTypes", + "listengagements": "ListEngagements", + "listorganizationalunitsforparent": "ListOrganizationalUnitsForParent", + "listroots": "ListRoots", + "refreshcheck": "RefreshCheck", + "setaccountaccess": "SetAccountAccess", + "setorganizationaccess": "SetOrganizationAccess", + "updateengagement": "UpdateEngagement", + "updateengagementstatus": "UpdateEngagementStatus", + "updatenotificationconfigurations": "UpdateNotificationConfigurations", + "updatenotificationpreferences": "UpdateNotificationPreferences", + "updateriskstatus": "UpdateRiskStatus" + }, + "resources": { + "checks": { + "resource": "checks", + "arn": "arn:${Partition}:trustedadvisor:${Region}:${Account}:checks/${CategoryCode}/${CheckId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "checks": "checks" + }, + "conditions": {} + }, + "notifications": { + "service_name": "AWS User Notifications", + "prefix": "notifications", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsusernotifications.html", + "privileges": { + "AssociateChannel": { + "privilege": "AssociateChannel", + "description": "Grants permission to associate a new Channel with a particular NotificationConfiguration", + "access_level": "Write", + "resource_types": { + "NotificationConfiguration": { + "resource_type": "NotificationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationconfiguration": "NotificationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "CreateEventRule": { + "privilege": "CreateEventRule", + "description": "Grants permission to create a new EventRule, associating it with a NotificationConfiguration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "CreateNotificationConfiguration": { + "privilege": "CreateNotificationConfiguration", + "description": "Grants permission to create a NotificationConfiguration", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "DeleteEventRule": { + "privilege": "DeleteEventRule", + "description": "Grants permission to delete an EventRule", + "access_level": "Write", + "resource_types": { + "EventRule": { + "resource_type": "EventRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventrule": "EventRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "DeleteNotificationConfiguration": { + "privilege": "DeleteNotificationConfiguration", + "description": "Grants permission to delete a NotificationConfiguration", + "access_level": "Write", + "resource_types": { + "NotificationConfiguration": { + "resource_type": "NotificationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationconfiguration": "NotificationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "DeregisterNotificationHub": { + "privilege": "DeregisterNotificationHub", + "description": "Grants permission to deregister a NotificationHub", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "DisassociateChannel": { + "privilege": "DisassociateChannel", + "description": "Grants permission to remove a Channel from a NotificationConfiguration", + "access_level": "Write", + "resource_types": { + "NotificationConfiguration": { + "resource_type": "NotificationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationconfiguration": "NotificationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "GetEventRule": { + "privilege": "GetEventRule", + "description": "Grants permission to get an EventRule", + "access_level": "Read", + "resource_types": { + "EventRule": { + "resource_type": "EventRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventrule": "EventRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "GetNotificationConfiguration": { + "privilege": "GetNotificationConfiguration", + "description": "Grants permission to get a NotificationConfiguration", + "access_level": "Read", + "resource_types": { + "NotificationConfiguration": { + "resource_type": "NotificationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationconfiguration": "NotificationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "GetNotificationEvent": { + "privilege": "GetNotificationEvent", + "description": "Grants permission to get a NotificationEvent", + "access_level": "Read", + "resource_types": { + "NotificationEvent": { + "resource_type": "NotificationEvent", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationevent": "NotificationEvent" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListChannels": { + "privilege": "ListChannels", + "description": "Grants permission to list Channels by NotificationConfiguration", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListEventRules": { + "privilege": "ListEventRules", + "description": "Grants permission to list EventRules", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListNotificationConfigurations": { + "privilege": "ListNotificationConfigurations", + "description": "Grants permission to list NotificationConfigurations", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListNotificationEvents": { + "privilege": "ListNotificationEvents", + "description": "Grants permission to list NotificationEvents", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListNotificationHubs": { + "privilege": "ListNotificationHubs", + "description": "Grants permission to list NotificationHubs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "RegisterNotificationHub": { + "privilege": "RegisterNotificationHub", + "description": "Grants permission to register a NotificationHub", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "NotificationConfiguration": { + "resource_type": "NotificationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationconfiguration": "NotificationConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "NotificationConfiguration": { + "resource_type": "NotificationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationconfiguration": "NotificationConfiguration", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "UpdateEventRule": { + "privilege": "UpdateEventRule", + "description": "Grants permission to update an EventRule", + "access_level": "Write", + "resource_types": { + "EventRule": { + "resource_type": "EventRule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "eventrule": "EventRule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "UpdateNotificationConfiguration": { + "privilege": "UpdateNotificationConfiguration", + "description": "Grants permission to update a NotificationConfiguration", + "access_level": "Write", + "resource_types": { + "NotificationConfiguration": { + "resource_type": "NotificationConfiguration", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "notificationconfiguration": "NotificationConfiguration" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + } + }, + "privileges_lower_name": { + "associatechannel": "AssociateChannel", + "createeventrule": "CreateEventRule", + "createnotificationconfiguration": "CreateNotificationConfiguration", + "deleteeventrule": "DeleteEventRule", + "deletenotificationconfiguration": "DeleteNotificationConfiguration", + "deregisternotificationhub": "DeregisterNotificationHub", + "disassociatechannel": "DisassociateChannel", + "geteventrule": "GetEventRule", + "getnotificationconfiguration": "GetNotificationConfiguration", + "getnotificationevent": "GetNotificationEvent", + "listchannels": "ListChannels", + "listeventrules": "ListEventRules", + "listnotificationconfigurations": "ListNotificationConfigurations", + "listnotificationevents": "ListNotificationEvents", + "listnotificationhubs": "ListNotificationHubs", + "listtagsforresource": "ListTagsForResource", + "registernotificationhub": "RegisterNotificationHub", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateeventrule": "UpdateEventRule", + "updatenotificationconfiguration": "UpdateNotificationConfiguration" + }, + "resources": { + "EventRule": { + "resource": "EventRule", + "arn": "arn:${Partition}:notifications::${Account}:configuration/${NotificationConfigurationId}/rule/${EventRuleId}", + "condition_keys": [] + }, + "NotificationConfiguration": { + "resource": "NotificationConfiguration", + "arn": "arn:${Partition}:notifications::${Account}:configuration/${NotificationConfigurationId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "NotificationEvent": { + "resource": "NotificationEvent", + "arn": "arn:${Partition}:notifications:${Region}:${Account}:configuration/${NotificationConfigurationId}/event/${NotificationEventId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "eventrule": "EventRule", + "notificationconfiguration": "NotificationConfiguration", + "notificationevent": "NotificationEvent" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "notifications-contacts": { + "service_name": "AWS User Notifications Contacts", + "prefix": "notifications-contacts", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsusernotificationscontacts.html", + "privileges": { + "ActivateEmailContact": { + "privilege": "ActivateEmailContact", + "description": "Grants permission to activate the email contact associated with the given ARN if the provided code is valid", + "access_level": "Write", + "resource_types": { + "EmailContactResource": { + "resource_type": "EmailContactResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcontactresource": "EmailContactResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "CreateEmailContact": { + "privilege": "CreateEmailContact", + "description": "Grants permission to create an email contact", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "DeleteEmailContact": { + "privilege": "DeleteEmailContact", + "description": "Grants permission to delete an email contact associated with the given ARN", + "access_level": "Write", + "resource_types": { + "EmailContactResource": { + "resource_type": "EmailContactResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcontactresource": "EmailContactResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "GetEmailContact": { + "privilege": "GetEmailContact", + "description": "Grants permission to get an email contact associated with the given ARN", + "access_level": "Read", + "resource_types": { + "EmailContactResource": { + "resource_type": "EmailContactResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcontactresource": "EmailContactResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListEmailContacts": { + "privilege": "ListEmailContacts", + "description": "Grants permission to list email contacts", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to get tags for a resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "SendActivationCode": { + "privilege": "SendActivationCode", + "description": "Grants permission to send an activation link to the email associated with the given ARN", + "access_level": "Write", + "resource_types": { + "EmailContactResource": { + "resource_type": "EmailContactResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcontactresource": "EmailContactResource" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "EmailContactResource": { + "resource_type": "EmailContactResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcontactresource": "EmailContactResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from a resource", + "access_level": "Tagging", + "resource_types": { + "EmailContactResource": { + "resource_type": "EmailContactResource", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "emailcontactresource": "EmailContactResource", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html" + } + }, + "privileges_lower_name": { + "activateemailcontact": "ActivateEmailContact", + "createemailcontact": "CreateEmailContact", + "deleteemailcontact": "DeleteEmailContact", + "getemailcontact": "GetEmailContact", + "listemailcontacts": "ListEmailContacts", + "listtagsforresource": "ListTagsForResource", + "sendactivationcode": "SendActivationCode", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "EmailContactResource": { + "resource": "EmailContactResource", + "arn": "arn:${Partition}:notifications-contacts::${Account}:emailcontact/${EmailContactId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "emailcontactresource": "EmailContactResource" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "verified-access": { + "service_name": "AWS Verified Access", + "prefix": "verified-access", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsverifiedaccess.html", + "privileges": { + "AllowVerifiedAccess": { + "privilege": "AllowVerifiedAccess", + "description": "Grants permission to create Verified Access Instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/verified-access/latest/ug/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-create-instance" + } + }, + "privileges_lower_name": { + "allowverifiedaccess": "AllowVerifiedAccess" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "waf": { + "service_name": "AWS WAF", + "prefix": "waf", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswaf.html", + "privileges": { + "CreateByteMatchSet": { + "privilege": "CreateByteMatchSet", + "description": "Grants permission to create a ByteMatchSet", + "access_level": "Write", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateByteMatchSet.html" + }, + "CreateGeoMatchSet": { + "privilege": "CreateGeoMatchSet", + "description": "Grants permission to create a GeoMatchSet", + "access_level": "Write", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateGeoMatchSet.html" + }, + "CreateIPSet": { + "privilege": "CreateIPSet", + "description": "Grants permission to create an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateIPSet.html" + }, + "CreateRateBasedRule": { + "privilege": "CreateRateBasedRule", + "description": "Grants permission to create a RateBasedRule for limiting the volume of requests from a single IP address", + "access_level": "Write", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRateBasedRule.html" + }, + "CreateRegexMatchSet": { + "privilege": "CreateRegexMatchSet", + "description": "Grants permission to create a RegexMatchSet", + "access_level": "Write", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRegexMatchSet.html" + }, + "CreateRegexPatternSet": { + "privilege": "CreateRegexPatternSet", + "description": "Grants permission to create a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRegexPatternSet.html" + }, + "CreateRule": { + "privilege": "CreateRule", + "description": "Grants permission to create a Rule for filtering web requests", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRule.html" + }, + "CreateRuleGroup": { + "privilege": "CreateRuleGroup", + "description": "Grants permission to create a RuleGroup, which is a collection of predefined rules that you can use in a WebACL", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateRuleGroup.html" + }, + "CreateSizeConstraintSet": { + "privilege": "CreateSizeConstraintSet", + "description": "Grants permission to create a SizeConstraintSet", + "access_level": "Write", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateSizeConstraintSet.html" + }, + "CreateSqlInjectionMatchSet": { + "privilege": "CreateSqlInjectionMatchSet", + "description": "Grants permission to create an SqlInjectionMatchSet", + "access_level": "Write", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateSqlInjectionMatchSet.html" + }, + "CreateWebACL": { + "privilege": "CreateWebACL", + "description": "Grants permission to create a WebACL, which contains rules for filtering web requests", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateWebACL.html" + }, + "CreateWebACLMigrationStack": { + "privilege": "CreateWebACLMigrationStack", + "description": "Grants permission to create a CloudFormation web ACL template in an S3 bucket for the purposes of migrating the web ACL from AWS WAF Classic to AWS WAF v2", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateWebACLMigrationStack.html" + }, + "CreateXssMatchSet": { + "privilege": "CreateXssMatchSet", + "description": "Grants permission to create an XssMatchSet, which you use to detect requests that contain cross-site scripting attacks", + "access_level": "Write", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_CreateXssMatchSet.html" + }, + "DeleteByteMatchSet": { + "privilege": "DeleteByteMatchSet", + "description": "Grants permission to delete a ByteMatchSet", + "access_level": "Write", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteByteMatchSet.html" + }, + "DeleteGeoMatchSet": { + "privilege": "DeleteGeoMatchSet", + "description": "Grants permission to delete a GeoMatchSet", + "access_level": "Write", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteGeoMatchSet.html" + }, + "DeleteIPSet": { + "privilege": "DeleteIPSet", + "description": "Grants permission to delete an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteIPSet.html" + }, + "DeleteLoggingConfiguration": { + "privilege": "DeleteLoggingConfiguration", + "description": "Grants permission to delete the LoggingConfiguration from a web ACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteLoggingConfiguration.html" + }, + "DeletePermissionPolicy": { + "privilege": "DeletePermissionPolicy", + "description": "Grants permission to delete an IAM policy from a rule group", + "access_level": "Permissions management", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeletePermissionPolicy.html" + }, + "DeleteRateBasedRule": { + "privilege": "DeleteRateBasedRule", + "description": "Grants permission to delete a RateBasedRule", + "access_level": "Write", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRateBasedRule.html" + }, + "DeleteRegexMatchSet": { + "privilege": "DeleteRegexMatchSet", + "description": "Grants permission to delete a RegexMatchSet", + "access_level": "Write", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRegexMatchSet.html" + }, + "DeleteRegexPatternSet": { + "privilege": "DeleteRegexPatternSet", + "description": "Grants permission to delete a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRegexPatternSet.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete a Rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRule.html" + }, + "DeleteRuleGroup": { + "privilege": "DeleteRuleGroup", + "description": "Grants permission to delete a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteRuleGroup.html" + }, + "DeleteSizeConstraintSet": { + "privilege": "DeleteSizeConstraintSet", + "description": "Grants permission to delete a SizeConstraintSet", + "access_level": "Write", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteSizeConstraintSet.html" + }, + "DeleteSqlInjectionMatchSet": { + "privilege": "DeleteSqlInjectionMatchSet", + "description": "Grants permission to delete an SqlInjectionMatchSet", + "access_level": "Write", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteSqlInjectionMatchSet.html" + }, + "DeleteWebACL": { + "privilege": "DeleteWebACL", + "description": "Grants permission to delete a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteWebACL.html" + }, + "DeleteXssMatchSet": { + "privilege": "DeleteXssMatchSet", + "description": "Grants permission to delete an XssMatchSet", + "access_level": "Write", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_DeleteXssMatchSet.html" + }, + "GetByteMatchSet": { + "privilege": "GetByteMatchSet", + "description": "Grants permission to retrieve a ByteMatchSet", + "access_level": "Read", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetByteMatchSet.html" + }, + "GetChangeToken": { + "privilege": "GetChangeToken", + "description": "Grants permission to retrieve a change token to use in create, update, and delete requests", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetChangeToken.html" + }, + "GetChangeTokenStatus": { + "privilege": "GetChangeTokenStatus", + "description": "Grants permission to retrieve the status of a change token", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetChangeTokenStatus.html" + }, + "GetGeoMatchSet": { + "privilege": "GetGeoMatchSet", + "description": "Grants permission to retrieve a GeoMatchSet", + "access_level": "Read", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetGeoMatchSet.html" + }, + "GetIPSet": { + "privilege": "GetIPSet", + "description": "Grants permission to retrieve an IPSet", + "access_level": "Read", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetIPSet.html" + }, + "GetLoggingConfiguration": { + "privilege": "GetLoggingConfiguration", + "description": "Grants permission to retrieve a LoggingConfiguration for a web ACL", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetLoggingConfiguration.html" + }, + "GetPermissionPolicy": { + "privilege": "GetPermissionPolicy", + "description": "Grants permission to retrieve an IAM policy for a rule group", + "access_level": "Read", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetPermissionPolicy.html" + }, + "GetRateBasedRule": { + "privilege": "GetRateBasedRule", + "description": "Grants permission to retrieve a RateBasedRule", + "access_level": "Read", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRateBasedRule.html" + }, + "GetRateBasedRuleManagedKeys": { + "privilege": "GetRateBasedRuleManagedKeys", + "description": "Grants permission to retrieve the array of IP addresses that are currently being blocked by a RateBasedRule", + "access_level": "Read", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRateBasedRuleManagedKeys.html" + }, + "GetRegexMatchSet": { + "privilege": "GetRegexMatchSet", + "description": "Grants permission to retrieve a RegexMatchSet", + "access_level": "Read", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRegexMatchSet.html" + }, + "GetRegexPatternSet": { + "privilege": "GetRegexPatternSet", + "description": "Grants permission to retrieve a RegexPatternSet", + "access_level": "Read", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRegexPatternSet.html" + }, + "GetRule": { + "privilege": "GetRule", + "description": "Grants permission to retrieve a Rule", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRule.html" + }, + "GetRuleGroup": { + "privilege": "GetRuleGroup", + "description": "Grants permission to retrieve a RuleGroup", + "access_level": "Read", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetRuleGroup.html" + }, + "GetSampledRequests": { + "privilege": "GetSampledRequests", + "description": "Grants permission to retrieve detailed information about a sample set of web requests", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetSampledRequests.html" + }, + "GetSizeConstraintSet": { + "privilege": "GetSizeConstraintSet", + "description": "Grants permission to retrieve a SizeConstraintSet", + "access_level": "Read", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetSizeConstraintSet.html" + }, + "GetSqlInjectionMatchSet": { + "privilege": "GetSqlInjectionMatchSet", + "description": "Grants permission to retrieve an SqlInjectionMatchSet", + "access_level": "Read", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetSqlInjectionMatchSet.html" + }, + "GetWebACL": { + "privilege": "GetWebACL", + "description": "Grants permission to retrieve a WebACL", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetWebACL.html" + }, + "GetXssMatchSet": { + "privilege": "GetXssMatchSet", + "description": "Grants permission to retrieve an XssMatchSet", + "access_level": "Read", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_GetXssMatchSet.html" + }, + "ListActivatedRulesInRuleGroup": { + "privilege": "ListActivatedRulesInRuleGroup", + "description": "Grants permission to retrieve an array of ActivatedRule objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListActivatedRulesInRuleGroup.html" + }, + "ListByteMatchSets": { + "privilege": "ListByteMatchSets", + "description": "Grants permission to retrieve an array of ByteMatchSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListByteMatchSets.html" + }, + "ListGeoMatchSets": { + "privilege": "ListGeoMatchSets", + "description": "Grants permission to retrieve an array of GeoMatchSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListGeoMatchSets.html" + }, + "ListIPSets": { + "privilege": "ListIPSets", + "description": "Grants permission to retrieve an array of IPSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListIPSets.html" + }, + "ListLoggingConfigurations": { + "privilege": "ListLoggingConfigurations", + "description": "Grants permission to retrieve an array of LoggingConfiguration objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListLoggingConfigurations.html" + }, + "ListRateBasedRules": { + "privilege": "ListRateBasedRules", + "description": "Grants permission to retrieve an array of RuleSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRateBasedRules.html" + }, + "ListRegexMatchSets": { + "privilege": "ListRegexMatchSets", + "description": "Grants permission to retrieve an array of RegexMatchSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRegexMatchSets.html" + }, + "ListRegexPatternSets": { + "privilege": "ListRegexPatternSets", + "description": "Grants permission to retrieve an array of RegexPatternSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRegexPatternSets.html" + }, + "ListRuleGroups": { + "privilege": "ListRuleGroups", + "description": "Grants permission to retrieve an array of RuleGroup objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRuleGroups.html" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to retrieve an array of RuleSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListRules.html" + }, + "ListSizeConstraintSets": { + "privilege": "ListSizeConstraintSets", + "description": "Grants permission to retrieve an array of SizeConstraintSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListSizeConstraintSets.html" + }, + "ListSqlInjectionMatchSets": { + "privilege": "ListSqlInjectionMatchSets", + "description": "Grants permission to retrieve an array of SqlInjectionMatchSet objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListSqlInjectionMatchSets.html" + }, + "ListSubscribedRuleGroups": { + "privilege": "ListSubscribedRuleGroups", + "description": "Grants permission to retrieve an array of RuleGroup objects that you are subscribed to", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListSubscribedRuleGroups.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to retrieve the tags for a resource", + "access_level": "Read", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "rulegroup": "rulegroup", + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListTagsForResource.html" + }, + "ListWebACLs": { + "privilege": "ListWebACLs", + "description": "Grants permission to retrieve an array of WebACLSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListWebACLs.html" + }, + "ListXssMatchSets": { + "privilege": "ListXssMatchSets", + "description": "Grants permission to retrieve an array of XssMatchSet objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_ListXssMatchSets.html" + }, + "PutLoggingConfiguration": { + "privilege": "PutLoggingConfiguration", + "description": "Grants permission to associate a LoggingConfiguration with a specified web ACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_PutLoggingConfiguration.html" + }, + "PutPermissionPolicy": { + "privilege": "PutPermissionPolicy", + "description": "Grants permission to attach an IAM policy to a rule group, to share the rule group between accounts", + "access_level": "Permissions management", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_PutPermissionPolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a Tag to a resource", + "access_level": "Tagging", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "rulegroup": "rulegroup", + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a Tag from a resource", + "access_level": "Tagging", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "rulegroup": "rulegroup", + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UntagResource.html" + }, + "UpdateByteMatchSet": { + "privilege": "UpdateByteMatchSet", + "description": "Grants permission to insert or delete ByteMatchTuple objects in a ByteMatchSet", + "access_level": "Write", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateByteMatchSet.html" + }, + "UpdateGeoMatchSet": { + "privilege": "UpdateGeoMatchSet", + "description": "Grants permission to insert or delete GeoMatchConstraint objects in a GeoMatchSet", + "access_level": "Write", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateGeoMatchSet.html" + }, + "UpdateIPSet": { + "privilege": "UpdateIPSet", + "description": "Grants permission to insert or delete IPSetDescriptor objects in an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateIPSet.html" + }, + "UpdateRateBasedRule": { + "privilege": "UpdateRateBasedRule", + "description": "Grants permission to modify a rate based rule", + "access_level": "Write", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRateBasedRule.html" + }, + "UpdateRegexMatchSet": { + "privilege": "UpdateRegexMatchSet", + "description": "Grants permission to insert or delete RegexMatchTuple objects in a RegexMatchSet", + "access_level": "Write", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRegexMatchSet.html" + }, + "UpdateRegexPatternSet": { + "privilege": "UpdateRegexPatternSet", + "description": "Grants permission to insert or delete RegexPatternStrings in a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRegexPatternSet.html" + }, + "UpdateRule": { + "privilege": "UpdateRule", + "description": "Grants permission to modify a Rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRule.html" + }, + "UpdateRuleGroup": { + "privilege": "UpdateRuleGroup", + "description": "Grants permission to insert or delete ActivatedRule objects in a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateRuleGroup.html" + }, + "UpdateSizeConstraintSet": { + "privilege": "UpdateSizeConstraintSet", + "description": "Grants permission to insert or delete SizeConstraint objects in a SizeConstraintSet", + "access_level": "Write", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateSizeConstraintSet.html" + }, + "UpdateSqlInjectionMatchSet": { + "privilege": "UpdateSqlInjectionMatchSet", + "description": "Grants permission to insert or delete SqlInjectionMatchTuple objects in an SqlInjectionMatchSet", + "access_level": "Write", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateSqlInjectionMatchSet.html" + }, + "UpdateWebACL": { + "privilege": "UpdateWebACL", + "description": "Grants permission to insert or delete ActivatedRule objects in a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateWebACL.html" + }, + "UpdateXssMatchSet": { + "privilege": "UpdateXssMatchSet", + "description": "Grants permission to insert or delete XssMatchTuple objects in an XssMatchSet", + "access_level": "Write", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_UpdateXssMatchSet.html" + } + }, + "privileges_lower_name": { + "createbytematchset": "CreateByteMatchSet", + "creategeomatchset": "CreateGeoMatchSet", + "createipset": "CreateIPSet", + "createratebasedrule": "CreateRateBasedRule", + "createregexmatchset": "CreateRegexMatchSet", + "createregexpatternset": "CreateRegexPatternSet", + "createrule": "CreateRule", + "createrulegroup": "CreateRuleGroup", + "createsizeconstraintset": "CreateSizeConstraintSet", + "createsqlinjectionmatchset": "CreateSqlInjectionMatchSet", + "createwebacl": "CreateWebACL", + "createwebaclmigrationstack": "CreateWebACLMigrationStack", + "createxssmatchset": "CreateXssMatchSet", + "deletebytematchset": "DeleteByteMatchSet", + "deletegeomatchset": "DeleteGeoMatchSet", + "deleteipset": "DeleteIPSet", + "deleteloggingconfiguration": "DeleteLoggingConfiguration", + "deletepermissionpolicy": "DeletePermissionPolicy", + "deleteratebasedrule": "DeleteRateBasedRule", + "deleteregexmatchset": "DeleteRegexMatchSet", + "deleteregexpatternset": "DeleteRegexPatternSet", + "deleterule": "DeleteRule", + "deleterulegroup": "DeleteRuleGroup", + "deletesizeconstraintset": "DeleteSizeConstraintSet", + "deletesqlinjectionmatchset": "DeleteSqlInjectionMatchSet", + "deletewebacl": "DeleteWebACL", + "deletexssmatchset": "DeleteXssMatchSet", + "getbytematchset": "GetByteMatchSet", + "getchangetoken": "GetChangeToken", + "getchangetokenstatus": "GetChangeTokenStatus", + "getgeomatchset": "GetGeoMatchSet", + "getipset": "GetIPSet", + "getloggingconfiguration": "GetLoggingConfiguration", + "getpermissionpolicy": "GetPermissionPolicy", + "getratebasedrule": "GetRateBasedRule", + "getratebasedrulemanagedkeys": "GetRateBasedRuleManagedKeys", + "getregexmatchset": "GetRegexMatchSet", + "getregexpatternset": "GetRegexPatternSet", + "getrule": "GetRule", + "getrulegroup": "GetRuleGroup", + "getsampledrequests": "GetSampledRequests", + "getsizeconstraintset": "GetSizeConstraintSet", + "getsqlinjectionmatchset": "GetSqlInjectionMatchSet", + "getwebacl": "GetWebACL", + "getxssmatchset": "GetXssMatchSet", + "listactivatedrulesinrulegroup": "ListActivatedRulesInRuleGroup", + "listbytematchsets": "ListByteMatchSets", + "listgeomatchsets": "ListGeoMatchSets", + "listipsets": "ListIPSets", + "listloggingconfigurations": "ListLoggingConfigurations", + "listratebasedrules": "ListRateBasedRules", + "listregexmatchsets": "ListRegexMatchSets", + "listregexpatternsets": "ListRegexPatternSets", + "listrulegroups": "ListRuleGroups", + "listrules": "ListRules", + "listsizeconstraintsets": "ListSizeConstraintSets", + "listsqlinjectionmatchsets": "ListSqlInjectionMatchSets", + "listsubscribedrulegroups": "ListSubscribedRuleGroups", + "listtagsforresource": "ListTagsForResource", + "listwebacls": "ListWebACLs", + "listxssmatchsets": "ListXssMatchSets", + "putloggingconfiguration": "PutLoggingConfiguration", + "putpermissionpolicy": "PutPermissionPolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatebytematchset": "UpdateByteMatchSet", + "updategeomatchset": "UpdateGeoMatchSet", + "updateipset": "UpdateIPSet", + "updateratebasedrule": "UpdateRateBasedRule", + "updateregexmatchset": "UpdateRegexMatchSet", + "updateregexpatternset": "UpdateRegexPatternSet", + "updaterule": "UpdateRule", + "updaterulegroup": "UpdateRuleGroup", + "updatesizeconstraintset": "UpdateSizeConstraintSet", + "updatesqlinjectionmatchset": "UpdateSqlInjectionMatchSet", + "updatewebacl": "UpdateWebACL", + "updatexssmatchset": "UpdateXssMatchSet" + }, + "resources": { + "bytematchset": { + "resource": "bytematchset", + "arn": "arn:${Partition}:waf::${Account}:bytematchset/${Id}", + "condition_keys": [] + }, + "ipset": { + "resource": "ipset", + "arn": "arn:${Partition}:waf::${Account}:ipset/${Id}", + "condition_keys": [] + }, + "ratebasedrule": { + "resource": "ratebasedrule", + "arn": "arn:${Partition}:waf::${Account}:ratebasedrule/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "rule": { + "resource": "rule", + "arn": "arn:${Partition}:waf::${Account}:rule/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "sizeconstraintset": { + "resource": "sizeconstraintset", + "arn": "arn:${Partition}:waf::${Account}:sizeconstraintset/${Id}", + "condition_keys": [] + }, + "sqlinjectionmatchset": { + "resource": "sqlinjectionmatchset", + "arn": "arn:${Partition}:waf::${Account}:sqlinjectionset/${Id}", + "condition_keys": [] + }, + "webacl": { + "resource": "webacl", + "arn": "arn:${Partition}:waf::${Account}:webacl/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "xssmatchset": { + "resource": "xssmatchset", + "arn": "arn:${Partition}:waf::${Account}:xssmatchset/${Id}", + "condition_keys": [] + }, + "regexmatchset": { + "resource": "regexmatchset", + "arn": "arn:${Partition}:waf::${Account}:regexmatch/${Id}", + "condition_keys": [] + }, + "regexpatternset": { + "resource": "regexpatternset", + "arn": "arn:${Partition}:waf::${Account}:regexpatternset/${Id}", + "condition_keys": [] + }, + "geomatchset": { + "resource": "geomatchset", + "arn": "arn:${Partition}:waf::${Account}:geomatchset/${Id}", + "condition_keys": [] + }, + "rulegroup": { + "resource": "rulegroup", + "arn": "arn:${Partition}:waf::${Account}:rulegroup/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "bytematchset": "bytematchset", + "ipset": "ipset", + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "sizeconstraintset": "sizeconstraintset", + "sqlinjectionmatchset": "sqlinjectionmatchset", + "webacl": "webacl", + "xssmatchset": "xssmatchset", + "regexmatchset": "regexmatchset", + "regexpatternset": "regexpatternset", + "geomatchset": "geomatchset", + "rulegroup": "rulegroup" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "waf-regional": { + "service_name": "AWS WAF Regional", + "prefix": "waf-regional", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswafregional.html", + "privileges": { + "AssociateWebACL": { + "privilege": "AssociateWebACL", + "description": "Grants permission to associate a web ACL with a resource", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/", + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_AssociateWebACL.html" + }, + "CreateByteMatchSet": { + "privilege": "CreateByteMatchSet", + "description": "Grants permission to create a ByteMatchSet", + "access_level": "Write", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateByteMatchSet.html" + }, + "CreateGeoMatchSet": { + "privilege": "CreateGeoMatchSet", + "description": "Grants permission to create a GeoMatchSet", + "access_level": "Write", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateGeoMatchSet.html" + }, + "CreateIPSet": { + "privilege": "CreateIPSet", + "description": "Grants permission to create an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateIPSet.html" + }, + "CreateRateBasedRule": { + "privilege": "CreateRateBasedRule", + "description": "Grants permission to create a RateBasedRule", + "access_level": "Write", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRateBasedRule.html" + }, + "CreateRegexMatchSet": { + "privilege": "CreateRegexMatchSet", + "description": "Grants permission to create a RegexMatchSet", + "access_level": "Write", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRegexMatchSet.html" + }, + "CreateRegexPatternSet": { + "privilege": "CreateRegexPatternSet", + "description": "Grants permission to create a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRegexPatternSet.html" + }, + "CreateRule": { + "privilege": "CreateRule", + "description": "Grants permission to create a Rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRule.html" + }, + "CreateRuleGroup": { + "privilege": "CreateRuleGroup", + "description": "Grants permission to create a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateRuleGroup.html" + }, + "CreateSizeConstraintSet": { + "privilege": "CreateSizeConstraintSet", + "description": "Grants permission to create a SizeConstraintSet", + "access_level": "Write", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateSizeConstraintSet.html" + }, + "CreateSqlInjectionMatchSet": { + "privilege": "CreateSqlInjectionMatchSet", + "description": "Grants permission to create an SqlInjectionMatchSet", + "access_level": "Write", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateSqlInjectionMatchSet.html" + }, + "CreateWebACL": { + "privilege": "CreateWebACL", + "description": "Grants permission to create a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateWebACL.html" + }, + "CreateWebACLMigrationStack": { + "privilege": "CreateWebACLMigrationStack", + "description": "Grants permission to create a CloudFormation web ACL template in an S3 bucket for the purposes of migrating the web ACL from AWS WAF Classic to AWS WAF v2", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "s3:PutObject" + ] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateWebACLMigrationStack.html" + }, + "CreateXssMatchSet": { + "privilege": "CreateXssMatchSet", + "description": "Grants permission to create an XssMatchSet", + "access_level": "Write", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_CreateXssMatchSet.html" + }, + "DeleteByteMatchSet": { + "privilege": "DeleteByteMatchSet", + "description": "Grants permission to delete a ByteMatchSet", + "access_level": "Write", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteByteMatchSet.html" + }, + "DeleteGeoMatchSet": { + "privilege": "DeleteGeoMatchSet", + "description": "Grants permission to delete a GeoMatchSet", + "access_level": "Write", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteGeoMatchSet.html" + }, + "DeleteIPSet": { + "privilege": "DeleteIPSet", + "description": "Grants permission to delete an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteIPSet.html" + }, + "DeleteLoggingConfiguration": { + "privilege": "DeleteLoggingConfiguration", + "description": "Grants permission to delete a LoggingConfiguration from a web ACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteLoggingConfiguration.html" + }, + "DeletePermissionPolicy": { + "privilege": "DeletePermissionPolicy", + "description": "Grants permission to delete an IAM policy from a rule group", + "access_level": "Permissions management", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeletePermissionPolicy.html" + }, + "DeleteRateBasedRule": { + "privilege": "DeleteRateBasedRule", + "description": "Grants permission to delete a RateBasedRule", + "access_level": "Write", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRateBasedRule.html" + }, + "DeleteRegexMatchSet": { + "privilege": "DeleteRegexMatchSet", + "description": "Grants permission to delete a RegexMatchSet", + "access_level": "Write", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRegexMatchSet.html" + }, + "DeleteRegexPatternSet": { + "privilege": "DeleteRegexPatternSet", + "description": "Grants permission to delete a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRegexPatternSet.html" + }, + "DeleteRule": { + "privilege": "DeleteRule", + "description": "Grants permission to delete a Rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRule.html" + }, + "DeleteRuleGroup": { + "privilege": "DeleteRuleGroup", + "description": "Grants permission to delete a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteRuleGroup.html" + }, + "DeleteSizeConstraintSet": { + "privilege": "DeleteSizeConstraintSet", + "description": "Grants permission to delete a SizeConstraintSet", + "access_level": "Write", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteSizeConstraintSet.html" + }, + "DeleteSqlInjectionMatchSet": { + "privilege": "DeleteSqlInjectionMatchSet", + "description": "Grants permission to delete an SqlInjectionMatchSet", + "access_level": "Write", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteSqlInjectionMatchSet.html" + }, + "DeleteWebACL": { + "privilege": "DeleteWebACL", + "description": "Grants permission to delete a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteWebACL.html" + }, + "DeleteXssMatchSet": { + "privilege": "DeleteXssMatchSet", + "description": "Grants permission to delete an XssMatchSet", + "access_level": "Write", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DeleteXssMatchSet.html" + }, + "DisassociateWebACL": { + "privilege": "DisassociateWebACL", + "description": "Grants permission to delete an association between a web ACL and a resource", + "access_level": "Write", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_DisassociateWebACL.html" + }, + "GetByteMatchSet": { + "privilege": "GetByteMatchSet", + "description": "Grants permission to retrieve a ByteMatchSet", + "access_level": "Read", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetByteMatchSet.html" + }, + "GetChangeToken": { + "privilege": "GetChangeToken", + "description": "Grants permission to retrieve a change token to use in create, update, and delete requests", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetChangeToken.html" + }, + "GetChangeTokenStatus": { + "privilege": "GetChangeTokenStatus", + "description": "Grants permission to retrieve the status of a change token", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetChangeTokenStatus.html" + }, + "GetGeoMatchSet": { + "privilege": "GetGeoMatchSet", + "description": "Grants permission to retrieve a GeoMatchSet", + "access_level": "Read", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetGeoMatchSet.html" + }, + "GetIPSet": { + "privilege": "GetIPSet", + "description": "Grants permission to retrieve an IPSet", + "access_level": "Read", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetIPSet.html" + }, + "GetLoggingConfiguration": { + "privilege": "GetLoggingConfiguration", + "description": "Grants permission to retrieve a LoggingConfiguration", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetLoggingConfiguration.html" + }, + "GetPermissionPolicy": { + "privilege": "GetPermissionPolicy", + "description": "Grants permission to retrieve an IAM policy attached to a RuleGroup", + "access_level": "Read", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetPermissionPolicy.html" + }, + "GetRateBasedRule": { + "privilege": "GetRateBasedRule", + "description": "Grants permission to retrieve a RateBasedRule", + "access_level": "Read", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRateBasedRule.html" + }, + "GetRateBasedRuleManagedKeys": { + "privilege": "GetRateBasedRuleManagedKeys", + "description": "Grants permission to retrieve the array of IP addresses that are currently being blocked by a RateBasedRule", + "access_level": "Read", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRateBasedRuleManagedKeys.html" + }, + "GetRegexMatchSet": { + "privilege": "GetRegexMatchSet", + "description": "Grants permission to retrieve a RegexMatchSet", + "access_level": "Read", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRegexMatchSet.html" + }, + "GetRegexPatternSet": { + "privilege": "GetRegexPatternSet", + "description": "Grants permission to retrieve a RegexPatternSet", + "access_level": "Read", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRegexPatternSet.html" + }, + "GetRule": { + "privilege": "GetRule", + "description": "Grants permission to retrieve a Rule", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRule.html" + }, + "GetRuleGroup": { + "privilege": "GetRuleGroup", + "description": "Grants permission to retrieve a RuleGroup", + "access_level": "Read", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetRuleGroup.html" + }, + "GetSampledRequests": { + "privilege": "GetSampledRequests", + "description": "Grants permission to retrieve detailed information for a sample set of web requests", + "access_level": "Read", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule", + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetSampledRequests.html" + }, + "GetSizeConstraintSet": { + "privilege": "GetSizeConstraintSet", + "description": "Grants permission to retrieve a SizeConstraintSet", + "access_level": "Read", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetSizeConstraintSet.html" + }, + "GetSqlInjectionMatchSet": { + "privilege": "GetSqlInjectionMatchSet", + "description": "Grants permission to retrieve an SqlInjectionMatchSet", + "access_level": "Read", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetSqlInjectionMatchSet.html" + }, + "GetWebACL": { + "privilege": "GetWebACL", + "description": "Grants permission to retrieve a WebACL", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetWebACL.html" + }, + "GetWebACLForResource": { + "privilege": "GetWebACLForResource", + "description": "Grants permission to retrieve a WebACL that's associated with a specified resource", + "access_level": "Read", + "resource_types": { + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "loadbalancer/app/": "loadbalancer/app/" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetWebACLForResource.html" + }, + "GetXssMatchSet": { + "privilege": "GetXssMatchSet", + "description": "Grants permission to retrieve an XssMatchSet", + "access_level": "Read", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_GetXssMatchSet.html" + }, + "ListActivatedRulesInRuleGroup": { + "privilege": "ListActivatedRulesInRuleGroup", + "description": "Grants permission to retrieve an array of ActivatedRule objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListActivatedRulesInRuleGroup.html" + }, + "ListByteMatchSets": { + "privilege": "ListByteMatchSets", + "description": "Grants permission to retrieve an array of ByteMatchSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListByteMatchSets.html" + }, + "ListGeoMatchSets": { + "privilege": "ListGeoMatchSets", + "description": "Grants permission to retrieve an array of GeoMatchSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListGeoMatchSets.html" + }, + "ListIPSets": { + "privilege": "ListIPSets", + "description": "Grants permission to retrieve an array of IPSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListIPSets.html" + }, + "ListLoggingConfigurations": { + "privilege": "ListLoggingConfigurations", + "description": "Grants permission to retrieve an array of LoggingConfiguration objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListLoggingConfigurations.html" + }, + "ListRateBasedRules": { + "privilege": "ListRateBasedRules", + "description": "Grants permission to retrieve an array of RuleSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRateBasedRules.html" + }, + "ListRegexMatchSets": { + "privilege": "ListRegexMatchSets", + "description": "Grants permission to retrieve an array of RegexMatchSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRegexMatchSets.html" + }, + "ListRegexPatternSets": { + "privilege": "ListRegexPatternSets", + "description": "Grants permission to retrieve an array of RegexPatternSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRegexPatternSets.html" + }, + "ListResourcesForWebACL": { + "privilege": "ListResourcesForWebACL", + "description": "Grants permission to retrieve an array of resources associated with a specified WebACL", + "access_level": "List", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListResourcesForWebACL.html" + }, + "ListRuleGroups": { + "privilege": "ListRuleGroups", + "description": "Grants permission to retrieve an array of RuleGroup objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRuleGroups.html" + }, + "ListRules": { + "privilege": "ListRules", + "description": "Grants permission to retrieve an array of RuleSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListRules.html" + }, + "ListSizeConstraintSets": { + "privilege": "ListSizeConstraintSets", + "description": "Grants permission to retrieve an array of SizeConstraintSetSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListSizeConstraintSets.html" + }, + "ListSqlInjectionMatchSets": { + "privilege": "ListSqlInjectionMatchSets", + "description": "Grants permission to retrieve an array of SqlInjectionMatchSet objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListSqlInjectionMatchSets.html" + }, + "ListSubscribedRuleGroups": { + "privilege": "ListSubscribedRuleGroups", + "description": "Grants permission to retrieve an array of RuleGroup objects that you are subscribed to", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListSubscribedRuleGroups.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to lists the Tags for a resource", + "access_level": "Read", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "rulegroup": "rulegroup", + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListTagsForResource.html" + }, + "ListWebACLs": { + "privilege": "ListWebACLs", + "description": "Grants permission to retrieve an array of WebACLSummary objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListWebACLs.html" + }, + "ListXssMatchSets": { + "privilege": "ListXssMatchSets", + "description": "Grants permission to retrieve an array of XssMatchSet objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_ListXssMatchSets.html" + }, + "PutLoggingConfiguration": { + "privilege": "PutLoggingConfiguration", + "description": "Grants permission to associates a LoggingConfiguration with a web ACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_PutLoggingConfiguration.html" + }, + "PutPermissionPolicy": { + "privilege": "PutPermissionPolicy", + "description": "Grants permission to attach an IAM policy to a specified rule group, to support rule group sharing between accounts", + "access_level": "Permissions management", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_PutPermissionPolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add a Tag to a resource", + "access_level": "Tagging", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "rulegroup": "rulegroup", + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a Tag from a resource", + "access_level": "Tagging", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rule": { + "resource_type": "rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "rulegroup": "rulegroup", + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UntagResource.html" + }, + "UpdateByteMatchSet": { + "privilege": "UpdateByteMatchSet", + "description": "Grants permission to insert or delete ByteMatchTuple objects in a ByteMatchSet", + "access_level": "Write", + "resource_types": { + "bytematchset": { + "resource_type": "bytematchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "bytematchset": "bytematchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateByteMatchSet.html" + }, + "UpdateGeoMatchSet": { + "privilege": "UpdateGeoMatchSet", + "description": "Grants permission to insert or delete GeoMatchConstraint objects in a GeoMatchSet", + "access_level": "Write", + "resource_types": { + "geomatchset": { + "resource_type": "geomatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "geomatchset": "geomatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateGeoMatchSet.html" + }, + "UpdateIPSet": { + "privilege": "UpdateIPSet", + "description": "Grants permission to insert or delete IPSetDescriptor objects in an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateIPSet.html" + }, + "UpdateRateBasedRule": { + "privilege": "UpdateRateBasedRule", + "description": "Grants permission to insert or delete predicate objects in a rate based rule and update the RateLimit in the rule", + "access_level": "Write", + "resource_types": { + "ratebasedrule": { + "resource_type": "ratebasedrule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ratebasedrule": "ratebasedrule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRateBasedRule.html" + }, + "UpdateRegexMatchSet": { + "privilege": "UpdateRegexMatchSet", + "description": "Grants permission to insert or delete RegexMatchTuple objects in a RegexMatchSet", + "access_level": "Write", + "resource_types": { + "regexmatchset": { + "resource_type": "regexmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexmatchset": "regexmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRegexMatchSet.html" + }, + "UpdateRegexPatternSet": { + "privilege": "UpdateRegexPatternSet", + "description": "Grants permission to insert or delete RegexPatternStrings in a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRegexPatternSet.html" + }, + "UpdateRule": { + "privilege": "UpdateRule", + "description": "Grants permission to insert or delete predicate objects in a Rule", + "access_level": "Write", + "resource_types": { + "rule": { + "resource_type": "rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rule": "rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRule.html" + }, + "UpdateRuleGroup": { + "privilege": "UpdateRuleGroup", + "description": "Grants permission to insert or delete ActivatedRule objects in a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateRuleGroup.html" + }, + "UpdateSizeConstraintSet": { + "privilege": "UpdateSizeConstraintSet", + "description": "Grants permission to insert or delete SizeConstraint objects in a SizeConstraintSet", + "access_level": "Write", + "resource_types": { + "sizeconstraintset": { + "resource_type": "sizeconstraintset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sizeconstraintset": "sizeconstraintset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateSizeConstraintSet.html" + }, + "UpdateSqlInjectionMatchSet": { + "privilege": "UpdateSqlInjectionMatchSet", + "description": "Grants permission to insert or delete SqlInjectionMatchTuple objects in an SqlInjectionMatchSet", + "access_level": "Write", + "resource_types": { + "sqlinjectionmatchset": { + "resource_type": "sqlinjectionmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sqlinjectionmatchset": "sqlinjectionmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateSqlInjectionMatchSet.html" + }, + "UpdateWebACL": { + "privilege": "UpdateWebACL", + "description": "Grants permission to insert or delete ActivatedRule objects in a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateWebACL.html" + }, + "UpdateXssMatchSet": { + "privilege": "UpdateXssMatchSet", + "description": "Grants permission to insert or delete XssMatchTuple objects in an XssMatchSet", + "access_level": "Write", + "resource_types": { + "xssmatchset": { + "resource_type": "xssmatchset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "xssmatchset": "xssmatchset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_UpdateXssMatchSet.html" + } + }, + "privileges_lower_name": { + "associatewebacl": "AssociateWebACL", + "createbytematchset": "CreateByteMatchSet", + "creategeomatchset": "CreateGeoMatchSet", + "createipset": "CreateIPSet", + "createratebasedrule": "CreateRateBasedRule", + "createregexmatchset": "CreateRegexMatchSet", + "createregexpatternset": "CreateRegexPatternSet", + "createrule": "CreateRule", + "createrulegroup": "CreateRuleGroup", + "createsizeconstraintset": "CreateSizeConstraintSet", + "createsqlinjectionmatchset": "CreateSqlInjectionMatchSet", + "createwebacl": "CreateWebACL", + "createwebaclmigrationstack": "CreateWebACLMigrationStack", + "createxssmatchset": "CreateXssMatchSet", + "deletebytematchset": "DeleteByteMatchSet", + "deletegeomatchset": "DeleteGeoMatchSet", + "deleteipset": "DeleteIPSet", + "deleteloggingconfiguration": "DeleteLoggingConfiguration", + "deletepermissionpolicy": "DeletePermissionPolicy", + "deleteratebasedrule": "DeleteRateBasedRule", + "deleteregexmatchset": "DeleteRegexMatchSet", + "deleteregexpatternset": "DeleteRegexPatternSet", + "deleterule": "DeleteRule", + "deleterulegroup": "DeleteRuleGroup", + "deletesizeconstraintset": "DeleteSizeConstraintSet", + "deletesqlinjectionmatchset": "DeleteSqlInjectionMatchSet", + "deletewebacl": "DeleteWebACL", + "deletexssmatchset": "DeleteXssMatchSet", + "disassociatewebacl": "DisassociateWebACL", + "getbytematchset": "GetByteMatchSet", + "getchangetoken": "GetChangeToken", + "getchangetokenstatus": "GetChangeTokenStatus", + "getgeomatchset": "GetGeoMatchSet", + "getipset": "GetIPSet", + "getloggingconfiguration": "GetLoggingConfiguration", + "getpermissionpolicy": "GetPermissionPolicy", + "getratebasedrule": "GetRateBasedRule", + "getratebasedrulemanagedkeys": "GetRateBasedRuleManagedKeys", + "getregexmatchset": "GetRegexMatchSet", + "getregexpatternset": "GetRegexPatternSet", + "getrule": "GetRule", + "getrulegroup": "GetRuleGroup", + "getsampledrequests": "GetSampledRequests", + "getsizeconstraintset": "GetSizeConstraintSet", + "getsqlinjectionmatchset": "GetSqlInjectionMatchSet", + "getwebacl": "GetWebACL", + "getwebaclforresource": "GetWebACLForResource", + "getxssmatchset": "GetXssMatchSet", + "listactivatedrulesinrulegroup": "ListActivatedRulesInRuleGroup", + "listbytematchsets": "ListByteMatchSets", + "listgeomatchsets": "ListGeoMatchSets", + "listipsets": "ListIPSets", + "listloggingconfigurations": "ListLoggingConfigurations", + "listratebasedrules": "ListRateBasedRules", + "listregexmatchsets": "ListRegexMatchSets", + "listregexpatternsets": "ListRegexPatternSets", + "listresourcesforwebacl": "ListResourcesForWebACL", + "listrulegroups": "ListRuleGroups", + "listrules": "ListRules", + "listsizeconstraintsets": "ListSizeConstraintSets", + "listsqlinjectionmatchsets": "ListSqlInjectionMatchSets", + "listsubscribedrulegroups": "ListSubscribedRuleGroups", + "listtagsforresource": "ListTagsForResource", + "listwebacls": "ListWebACLs", + "listxssmatchsets": "ListXssMatchSets", + "putloggingconfiguration": "PutLoggingConfiguration", + "putpermissionpolicy": "PutPermissionPolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatebytematchset": "UpdateByteMatchSet", + "updategeomatchset": "UpdateGeoMatchSet", + "updateipset": "UpdateIPSet", + "updateratebasedrule": "UpdateRateBasedRule", + "updateregexmatchset": "UpdateRegexMatchSet", + "updateregexpatternset": "UpdateRegexPatternSet", + "updaterule": "UpdateRule", + "updaterulegroup": "UpdateRuleGroup", + "updatesizeconstraintset": "UpdateSizeConstraintSet", + "updatesqlinjectionmatchset": "UpdateSqlInjectionMatchSet", + "updatewebacl": "UpdateWebACL", + "updatexssmatchset": "UpdateXssMatchSet" + }, + "resources": { + "bytematchset": { + "resource": "bytematchset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:bytematchset/${Id}", + "condition_keys": [] + }, + "ipset": { + "resource": "ipset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:ipset/${Id}", + "condition_keys": [] + }, + "loadbalancer/app/": { + "resource": "loadbalancer/app/", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", + "condition_keys": [] + }, + "ratebasedrule": { + "resource": "ratebasedrule", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:ratebasedrule/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "rule": { + "resource": "rule", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:rule/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "sizeconstraintset": { + "resource": "sizeconstraintset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:sizeconstraintset/${Id}", + "condition_keys": [] + }, + "sqlinjectionmatchset": { + "resource": "sqlinjectionmatchset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:sqlinjectionset/${Id}", + "condition_keys": [] + }, + "webacl": { + "resource": "webacl", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:webacl/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "xssmatchset": { + "resource": "xssmatchset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:xssmatchset/${Id}", + "condition_keys": [] + }, + "regexmatchset": { + "resource": "regexmatchset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:regexmatch/${Id}", + "condition_keys": [] + }, + "regexpatternset": { + "resource": "regexpatternset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:regexpatternset/${Id}", + "condition_keys": [] + }, + "geomatchset": { + "resource": "geomatchset", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:geomatchset/${Id}", + "condition_keys": [] + }, + "rulegroup": { + "resource": "rulegroup", + "arn": "arn:${Partition}:waf-regional:${Region}:${Account}:rulegroup/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "bytematchset": "bytematchset", + "ipset": "ipset", + "loadbalancer/app/": "loadbalancer/app/", + "ratebasedrule": "ratebasedrule", + "rule": "rule", + "sizeconstraintset": "sizeconstraintset", + "sqlinjectionmatchset": "sqlinjectionmatchset", + "webacl": "webacl", + "xssmatchset": "xssmatchset", + "regexmatchset": "regexmatchset", + "regexpatternset": "regexpatternset", + "geomatchset": "geomatchset", + "rulegroup": "rulegroup" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag-value assoicated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "wafv2": { + "service_name": "AWS WAF V2", + "prefix": "wafv2", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswafv2.html", + "privileges": { + "AssociateWebACL": { + "privilege": "AssociateWebACL", + "description": "Grants permission to associate a WebACL with a resource", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "apigateway": { + "resource_type": "apigateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "apprunner": { + "resource_type": "apprunner", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "appsync": { + "resource_type": "appsync", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "userpool": { + "resource_type": "userpool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "apigateway": "apigateway", + "apprunner": "apprunner", + "appsync": "appsync", + "loadbalancer/app/": "loadbalancer/app/", + "userpool": "userpool", + "verified-access-instance": "verified-access-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_AssociateWebACL.html" + }, + "CheckCapacity": { + "privilege": "CheckCapacity", + "description": "Grants permission to calculate web ACL capacity unit (WCU) requirements for a specified scope and set of rules", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CheckCapacity.html" + }, + "CreateAPIKey": { + "privilege": "CreateAPIKey", + "description": "Grants permission to create an API key for use in the integration of the CAPTCHA API in your JavaScript client applications", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateAPIKey.html" + }, + "CreateIPSet": { + "privilege": "CreateIPSet", + "description": "Grants permission to create an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateIPSet.html" + }, + "CreateRegexPatternSet": { + "privilege": "CreateRegexPatternSet", + "description": "Grants permission to create a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateRegexPatternSet.html" + }, + "CreateRuleGroup": { + "privilege": "CreateRuleGroup", + "description": "Grants permission to create a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "regexpatternset": { + "resource_type": "regexpatternset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup", + "ipset": "ipset", + "regexpatternset": "regexpatternset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateRuleGroup.html" + }, + "CreateWebACL": { + "privilege": "CreateWebACL", + "description": "Grants permission to create a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managedruleset": { + "resource_type": "managedruleset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "regexpatternset": { + "resource_type": "regexpatternset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "ipset": "ipset", + "managedruleset": "managedruleset", + "regexpatternset": "regexpatternset", + "rulegroup": "rulegroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateWebACL.html" + }, + "DeleteFirewallManagerRuleGroups": { + "privilege": "DeleteFirewallManagerRuleGroups", + "description": "Grants permission to delete FirewallManagedRulesGroups from a WebACL if not managed by Firewall Manager anymore", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteFirewallManagerRuleGroups.html" + }, + "DeleteIPSet": { + "privilege": "DeleteIPSet", + "description": "Grants permission to delete an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteIPSet.html" + }, + "DeleteLoggingConfiguration": { + "privilege": "DeleteLoggingConfiguration", + "description": "Grants permission to delete the LoggingConfiguration from a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteLoggingConfiguration.html" + }, + "DeletePermissionPolicy": { + "privilege": "DeletePermissionPolicy", + "description": "Grants permission to delete the PermissionPolicy on a RuleGroup", + "access_level": "Permissions management", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeletePermissionPolicy.html" + }, + "DeleteRegexPatternSet": { + "privilege": "DeleteRegexPatternSet", + "description": "Grants permission to delete a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteRegexPatternSet.html" + }, + "DeleteRuleGroup": { + "privilege": "DeleteRuleGroup", + "description": "Grants permission to delete a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteRuleGroup.html" + }, + "DeleteWebACL": { + "privilege": "DeleteWebACL", + "description": "Grants permission to delete a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DeleteWebACL.html" + }, + "DescribeAllManagedProducts": { + "privilege": "DescribeAllManagedProducts", + "description": "Grants permission to retrieve product information for a managed rule group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DescribeAllManagedProducts.html" + }, + "DescribeManagedProductsByVendor": { + "privilege": "DescribeManagedProductsByVendor", + "description": "Grants permission to retrieve product information for a managed rule group by a given vendor", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DescribeManagedProductsByVendor.html" + }, + "DescribeManagedRuleGroup": { + "privilege": "DescribeManagedRuleGroup", + "description": "Grants permission to retrieve high-level information for a managed rule group", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DescribeManagedRuleGroup.html" + }, + "DisassociateFirewallManager": { + "privilege": "DisassociateFirewallManager", + "description": "Grants permission to disassociate Firewall Manager from a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DisassociateFirewallManager.html" + }, + "DisassociateWebACL": { + "privilege": "DisassociateWebACL", + "description": "Grants permission to disassociate a WebACL from an application resource", + "access_level": "Write", + "resource_types": { + "apigateway": { + "resource_type": "apigateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "apprunner": { + "resource_type": "apprunner", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "appsync": { + "resource_type": "appsync", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "userpool": { + "resource_type": "userpool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apigateway": "apigateway", + "apprunner": "apprunner", + "appsync": "appsync", + "loadbalancer/app/": "loadbalancer/app/", + "userpool": "userpool", + "verified-access-instance": "verified-access-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_DisassociateWebACL.html" + }, + "GenerateMobileSdkReleaseUrl": { + "privilege": "GenerateMobileSdkReleaseUrl", + "description": "Grants permission to generate a presigned download URL for the specified release of the mobile SDK", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GenerateMobileSdkReleaseUrl.html" + }, + "GetDecryptedAPIKey": { + "privilege": "GetDecryptedAPIKey", + "description": "Grants permission to return your API key in decrypted form. Use this to check the token domains that you have defined for the key", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetDecryptedAPIKey.html" + }, + "GetIPSet": { + "privilege": "GetIPSet", + "description": "Grants permission to retrieve details about an IPSet", + "access_level": "Read", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetIPSet.html" + }, + "GetLoggingConfiguration": { + "privilege": "GetLoggingConfiguration", + "description": "Grants permission to retrieve LoggingConfiguration for a WebACL", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetLoggingConfiguration.html" + }, + "GetManagedRuleSet": { + "privilege": "GetManagedRuleSet", + "description": "Grants permission to retrieve details about a ManagedRuleSet", + "access_level": "Read", + "resource_types": { + "managedruleset": { + "resource_type": "managedruleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managedruleset": "managedruleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetManagedRuleSet.html" + }, + "GetMobileSdkRelease": { + "privilege": "GetMobileSdkRelease", + "description": "Grants permission to retrieve information for the specified mobile SDK release, including release notes and tags", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetMobileSdkRelease.html" + }, + "GetPermissionPolicy": { + "privilege": "GetPermissionPolicy", + "description": "Grants permission to retrieve a PermissionPolicy for a RuleGroup", + "access_level": "Read", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetPermissionPolicy.html" + }, + "GetRateBasedStatementManagedKeys": { + "privilege": "GetRateBasedStatementManagedKeys", + "description": "Grants permission to retrieve the keys that are currently blocked by a rate-based rule", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetRateBasedStatementManagedKeys.html" + }, + "GetRegexPatternSet": { + "privilege": "GetRegexPatternSet", + "description": "Grants permission to retrieve details about a RegexPatternSet", + "access_level": "Read", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetRegexPatternSet.html" + }, + "GetRuleGroup": { + "privilege": "GetRuleGroup", + "description": "Grants permission to retrieve details about a RuleGroup", + "access_level": "Read", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetRuleGroup.html" + }, + "GetSampledRequests": { + "privilege": "GetSampledRequests", + "description": "Grants permission to retrieve detailed information about a sampling of web requests", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetSampledRequests.html" + }, + "GetWebACL": { + "privilege": "GetWebACL", + "description": "Grants permission to retrieve details about a WebACL", + "access_level": "Read", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetWebACL.html" + }, + "GetWebACLForResource": { + "privilege": "GetWebACLForResource", + "description": "Grants permission to retrieve the WebACL that's associated with a resource", + "access_level": "Read", + "resource_types": { + "apigateway": { + "resource_type": "apigateway", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "apprunner": { + "resource_type": "apprunner", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "appsync": { + "resource_type": "appsync", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "loadbalancer/app/": { + "resource_type": "loadbalancer/app/", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "userpool": { + "resource_type": "userpool", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "verified-access-instance": { + "resource_type": "verified-access-instance", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "apigateway": "apigateway", + "apprunner": "apprunner", + "appsync": "appsync", + "loadbalancer/app/": "loadbalancer/app/", + "userpool": "userpool", + "verified-access-instance": "verified-access-instance" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_GetWebACLForResource.html" + }, + "ListAPIKeys": { + "privilege": "ListAPIKeys", + "description": "Grants permission to retrieve a list of the API keys that you've defined for the specified scope", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListAPIKeys.html" + }, + "ListAvailableManagedRuleGroupVersions": { + "privilege": "ListAvailableManagedRuleGroupVersions", + "description": "Grants permission to retrieve an array of managed rule group versions that are available for you to use", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListAvailableManagedRuleGroupVersions.html" + }, + "ListAvailableManagedRuleGroups": { + "privilege": "ListAvailableManagedRuleGroups", + "description": "Grants permission to retrieve an array of managed rule groups that are available for you to use", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListAvailableManagedRuleGroups.html" + }, + "ListIPSets": { + "privilege": "ListIPSets", + "description": "Grants permission to retrieve an array of IPSetSummary objects for the IP sets that you manage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListIPSets.html" + }, + "ListLoggingConfigurations": { + "privilege": "ListLoggingConfigurations", + "description": "Grants permission to retrieve an array of your LoggingConfiguration objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListLoggingConfigurations.html" + }, + "ListManagedRuleSets": { + "privilege": "ListManagedRuleSets", + "description": "Grants permission to retrieve an array of your ManagedRuleSet objects", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListManagedRuleSets.html" + }, + "ListMobileSdkReleases": { + "privilege": "ListMobileSdkReleases", + "description": "Grants permission to retrieve a list of the available releases for the mobile SDK and the specified device platform", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListMobileSdkReleases.html" + }, + "ListRegexPatternSets": { + "privilege": "ListRegexPatternSets", + "description": "Grants permission to retrieve an array of RegexPatternSetSummary objects for the regex pattern sets that you manage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListRegexPatternSets.html" + }, + "ListResourcesForWebACL": { + "privilege": "ListResourcesForWebACL", + "description": "Grants permission to retrieve an array of the Amazon Resource Names (ARNs) for the resources that are associated with a web ACL", + "access_level": "List", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListResourcesForWebACL.html" + }, + "ListRuleGroups": { + "privilege": "ListRuleGroups", + "description": "Grants permission to retrieve an array of RuleGroupSummary objects for the rule groups that you manage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListRuleGroups.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "regexpatternset": { + "resource_type": "regexpatternset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset", + "regexpatternset": "regexpatternset", + "rulegroup": "rulegroup", + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListTagsForResource.html" + }, + "ListWebACLs": { + "privilege": "ListWebACLs", + "description": "Grants permission to retrieve an array of WebACLSummary objects for the web ACLs that you manage", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_ListWebACLs.html" + }, + "PutFirewallManagerRuleGroups": { + "privilege": "PutFirewallManagerRuleGroups", + "description": "Grants permission to create FirewallManagedRulesGroups in a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutFirewallManagerRuleGroups.html" + }, + "PutLoggingConfiguration": { + "privilege": "PutLoggingConfiguration", + "description": "Grants permission to enable a LoggingConfiguration, to start logging for a web ACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [ + "iam:CreateServiceLinkedRole" + ] + } + }, + "resource_types_lower_name": { + "webacl": "webacl" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutLoggingConfiguration.html" + }, + "PutManagedRuleSetVersions": { + "privilege": "PutManagedRuleSetVersions", + "description": "Grants permission to enable create a new or update an existing version of a ManagedRuleSet", + "access_level": "Write", + "resource_types": { + "managedruleset": { + "resource_type": "managedruleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managedruleset": "managedruleset", + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutManagedRuleSetVersions.html" + }, + "PutPermissionPolicy": { + "privilege": "PutPermissionPolicy", + "description": "Grants permission to attach an IAM policy to a resource, used to share rule groups between accounts", + "access_level": "Permissions management", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_PutPermissionPolicy.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate tags with a AWS resource", + "access_level": "Tagging", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "regexpatternset": { + "resource_type": "regexpatternset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset", + "regexpatternset": "regexpatternset", + "rulegroup": "rulegroup", + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to disassociate tags from an AWS resource", + "access_level": "Tagging", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "regexpatternset": { + "resource_type": "regexpatternset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "webacl": { + "resource_type": "webacl", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset", + "regexpatternset": "regexpatternset", + "rulegroup": "rulegroup", + "webacl": "webacl", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UntagResource.html" + }, + "UpdateIPSet": { + "privilege": "UpdateIPSet", + "description": "Grants permission to update an IPSet", + "access_level": "Write", + "resource_types": { + "ipset": { + "resource_type": "ipset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "ipset": "ipset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateIPSet.html" + }, + "UpdateManagedRuleSetVersionExpiryDate": { + "privilege": "UpdateManagedRuleSetVersionExpiryDate", + "description": "Grants permission to update the expiry date of a version in ManagedRuleSet", + "access_level": "Write", + "resource_types": { + "managedruleset": { + "resource_type": "managedruleset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "managedruleset": "managedruleset" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateManagedRuleSetVersionExpiryDate.html" + }, + "UpdateRegexPatternSet": { + "privilege": "UpdateRegexPatternSet", + "description": "Grants permission to update a RegexPatternSet", + "access_level": "Write", + "resource_types": { + "regexpatternset": { + "resource_type": "regexpatternset", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "regexpatternset": "regexpatternset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateRegexPatternSet.html" + }, + "UpdateRuleGroup": { + "privilege": "UpdateRuleGroup", + "description": "Grants permission to update a RuleGroup", + "access_level": "Write", + "resource_types": { + "rulegroup": { + "resource_type": "rulegroup", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "regexpatternset": { + "resource_type": "regexpatternset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "rulegroup": "rulegroup", + "ipset": "ipset", + "regexpatternset": "regexpatternset", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateRuleGroup.html" + }, + "UpdateWebACL": { + "privilege": "UpdateWebACL", + "description": "Grants permission to update a WebACL", + "access_level": "Write", + "resource_types": { + "webacl": { + "resource_type": "webacl", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "ipset": { + "resource_type": "ipset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "managedruleset": { + "resource_type": "managedruleset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "regexpatternset": { + "resource_type": "regexpatternset", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "rulegroup": { + "resource_type": "rulegroup", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "webacl": "webacl", + "ipset": "ipset", + "managedruleset": "managedruleset", + "regexpatternset": "regexpatternset", + "rulegroup": "rulegroup", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/waf/latest/APIReference/API_UpdateWebACL.html" + } + }, + "privileges_lower_name": { + "associatewebacl": "AssociateWebACL", + "checkcapacity": "CheckCapacity", + "createapikey": "CreateAPIKey", + "createipset": "CreateIPSet", + "createregexpatternset": "CreateRegexPatternSet", + "createrulegroup": "CreateRuleGroup", + "createwebacl": "CreateWebACL", + "deletefirewallmanagerrulegroups": "DeleteFirewallManagerRuleGroups", + "deleteipset": "DeleteIPSet", + "deleteloggingconfiguration": "DeleteLoggingConfiguration", + "deletepermissionpolicy": "DeletePermissionPolicy", + "deleteregexpatternset": "DeleteRegexPatternSet", + "deleterulegroup": "DeleteRuleGroup", + "deletewebacl": "DeleteWebACL", + "describeallmanagedproducts": "DescribeAllManagedProducts", + "describemanagedproductsbyvendor": "DescribeManagedProductsByVendor", + "describemanagedrulegroup": "DescribeManagedRuleGroup", + "disassociatefirewallmanager": "DisassociateFirewallManager", + "disassociatewebacl": "DisassociateWebACL", + "generatemobilesdkreleaseurl": "GenerateMobileSdkReleaseUrl", + "getdecryptedapikey": "GetDecryptedAPIKey", + "getipset": "GetIPSet", + "getloggingconfiguration": "GetLoggingConfiguration", + "getmanagedruleset": "GetManagedRuleSet", + "getmobilesdkrelease": "GetMobileSdkRelease", + "getpermissionpolicy": "GetPermissionPolicy", + "getratebasedstatementmanagedkeys": "GetRateBasedStatementManagedKeys", + "getregexpatternset": "GetRegexPatternSet", + "getrulegroup": "GetRuleGroup", + "getsampledrequests": "GetSampledRequests", + "getwebacl": "GetWebACL", + "getwebaclforresource": "GetWebACLForResource", + "listapikeys": "ListAPIKeys", + "listavailablemanagedrulegroupversions": "ListAvailableManagedRuleGroupVersions", + "listavailablemanagedrulegroups": "ListAvailableManagedRuleGroups", + "listipsets": "ListIPSets", + "listloggingconfigurations": "ListLoggingConfigurations", + "listmanagedrulesets": "ListManagedRuleSets", + "listmobilesdkreleases": "ListMobileSdkReleases", + "listregexpatternsets": "ListRegexPatternSets", + "listresourcesforwebacl": "ListResourcesForWebACL", + "listrulegroups": "ListRuleGroups", + "listtagsforresource": "ListTagsForResource", + "listwebacls": "ListWebACLs", + "putfirewallmanagerrulegroups": "PutFirewallManagerRuleGroups", + "putloggingconfiguration": "PutLoggingConfiguration", + "putmanagedrulesetversions": "PutManagedRuleSetVersions", + "putpermissionpolicy": "PutPermissionPolicy", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateipset": "UpdateIPSet", + "updatemanagedrulesetversionexpirydate": "UpdateManagedRuleSetVersionExpiryDate", + "updateregexpatternset": "UpdateRegexPatternSet", + "updaterulegroup": "UpdateRuleGroup", + "updatewebacl": "UpdateWebACL" + }, + "resources": { + "webacl": { + "resource": "webacl", + "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/webacl/${Name}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "ipset": { + "resource": "ipset", + "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/ipset/${Name}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "managedruleset": { + "resource": "managedruleset", + "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/managedruleset/${Name}/${Id}", + "condition_keys": [] + }, + "rulegroup": { + "resource": "rulegroup", + "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/rulegroup/${Name}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "regexpatternset": { + "resource": "regexpatternset", + "arn": "arn:${Partition}:wafv2:${Region}:${Account}:${Scope}/regexpatternset/${Name}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "loadbalancer/app/": { + "resource": "loadbalancer/app/", + "arn": "arn:${Partition}:elasticloadbalancing:${Region}:${Account}:loadbalancer/app/${LoadBalancerName}/${LoadBalancerId}", + "condition_keys": [] + }, + "apigateway": { + "resource": "apigateway", + "arn": "arn:${Partition}:apigateway:${Region}::/restapis/${ApiId}/stages/${StageName}", + "condition_keys": [] + }, + "appsync": { + "resource": "appsync", + "arn": "arn:${Partition}:appsync:${Region}:${Account}:apis/${GraphQLAPIId}", + "condition_keys": [] + }, + "userpool": { + "resource": "userpool", + "arn": "arn:${Partition}:cognito-idp:${Region}:${Account}:userpool/${UserPoolId}", + "condition_keys": [] + }, + "apprunner": { + "resource": "apprunner", + "arn": "arn:${Partition}:apprunner:${Region}:${Account}:service/${ServiceName}/${ServiceId}", + "condition_keys": [] + }, + "verified-access-instance": { + "resource": "verified-access-instance", + "arn": "arn:${Partition}:ec2:${Region}:${Account}:verified-access-instance/${VerifiedAccessInstanceId}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "webacl": "webacl", + "ipset": "ipset", + "managedruleset": "managedruleset", + "rulegroup": "rulegroup", + "regexpatternset": "regexpatternset", + "loadbalancer/app/": "loadbalancer/app/", + "apigateway": "apigateway", + "appsync": "appsync", + "userpool": "userpool", + "apprunner": "apprunner", + "verified-access-instance": "verified-access-instance" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the allowed set of values for each of the tags", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag-value associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the presence of mandatory tags in the request", + "type": "ArrayOfString" + } + } + }, + "wellarchitected": { + "service_name": "AWS Well-Architected Tool", + "prefix": "wellarchitected", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswell-architectedtool.html", + "privileges": { + "AssociateLenses": { + "privilege": "AssociateLenses", + "description": "Grants permission to associate a lens to the specified workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_AssociateLenses.html" + }, + "AssociateProfiles": { + "privilege": "AssociateProfiles", + "description": "Grants permission to associate a profile to the specified workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_AssociateProfiles.html" + }, + "CreateLensShare": { + "privilege": "CreateLensShare", + "description": "Grants permission to an owner of a lens to share with other AWS accounts and IAM Users", + "access_level": "Write", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensShare.html" + }, + "CreateLensVersion": { + "privilege": "CreateLensVersion", + "description": "Grants permission to create a new lens version", + "access_level": "Write", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateLensVersion.html" + }, + "CreateMilestone": { + "privilege": "CreateMilestone", + "description": "Grants permission to create a new milestone for the specified workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateMilestone.html" + }, + "CreateProfile": { + "privilege": "CreateProfile", + "description": "Grants permission to create a new profile", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateProfile.html" + }, + "CreateProfileShare": { + "privilege": "CreateProfileShare", + "description": "Grants permission to an owner of a profile to share with other AWS accounts and IAM Users", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateProfileShare.html" + }, + "CreateWorkload": { + "privilege": "CreateWorkload", + "description": "Grants permission to create a new workload", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateWorkload.html" + }, + "CreateWorkloadShare": { + "privilege": "CreateWorkloadShare", + "description": "Grants permission to share a workload with another account", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_CreateWorkloadShare.html" + }, + "DeleteLens": { + "privilege": "DeleteLens", + "description": "Grants permission to delete a lens", + "access_level": "Write", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteLens.html" + }, + "DeleteLensShare": { + "privilege": "DeleteLensShare", + "description": "Grants permission to delete an existing lens share", + "access_level": "Write", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteLensShare.html" + }, + "DeleteProfile": { + "privilege": "DeleteProfile", + "description": "Grants permission to delete a profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteProfile.html" + }, + "DeleteProfileShare": { + "privilege": "DeleteProfileShare", + "description": "Grants permission to delete an existing profile share", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteProfileShare.html" + }, + "DeleteWorkload": { + "privilege": "DeleteWorkload", + "description": "Grants permission to delete an existing workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteWorkload.html" + }, + "DeleteWorkloadShare": { + "privilege": "DeleteWorkloadShare", + "description": "Grants permission to delete an existing workload share", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteWorkloadShare.html" + }, + "DisassociateLenses": { + "privilege": "DisassociateLenses", + "description": "Grants permission to disassociate a lens from the specified workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DisassociateLenses.html" + }, + "DisassociateProfiles": { + "privilege": "DisassociateProfiles", + "description": "Grants permission to disassociate a profile from the specified workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DisassociateProfiles.html" + }, + "ExportLens": { + "privilege": "ExportLens", + "description": "Grants permission to export an existing lens", + "access_level": "Read", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ExportLens.html" + }, + "GetAnswer": { + "privilege": "GetAnswer", + "description": "Grants permission to retrieve the specified answer from the specified lens review", + "access_level": "Read", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetAnswer.html" + }, + "GetConsolidatedReport": { + "privilege": "GetConsolidatedReport", + "description": "Grants permission to get consolidated report metrics or to generate the consolidated report PDF in this account", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetConsolidatedReport.html" + }, + "GetLens": { + "privilege": "GetLens", + "description": "Grants permission to get an existing lens", + "access_level": "Read", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_DeleteLensShare.html" + }, + "GetLensReview": { + "privilege": "GetLensReview", + "description": "Grants permission to retrieve the specified lens review of the specified workload", + "access_level": "Read", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetLensReview.html" + }, + "GetLensReviewReport": { + "privilege": "GetLensReviewReport", + "description": "Grants permission to retrieve the report for the specified lens review", + "access_level": "Read", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetLensReviewReport.html" + }, + "GetLensVersionDifference": { + "privilege": "GetLensVersionDifference", + "description": "Grants permission to get the difference between the specified lens version and latest available lens version", + "access_level": "Read", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetLensVersionDifference.html" + }, + "GetMilestone": { + "privilege": "GetMilestone", + "description": "Grants permission to retrieve the specified milestone of the specified workload", + "access_level": "Read", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetMilestone.html" + }, + "GetProfile": { + "privilege": "GetProfile", + "description": "Grants permission to retrieve the specified profile", + "access_level": "Read", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetProfile.html" + }, + "GetProfileTemplate": { + "privilege": "GetProfileTemplate", + "description": "Grants permission to retrieve the specified profile template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetProfileTemplate.html" + }, + "GetWorkload": { + "privilege": "GetWorkload", + "description": "Grants permission to retrieve the specified workload", + "access_level": "Read", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_GetWorkload.html" + }, + "ImportLens": { + "privilege": "ImportLens", + "description": "Grants permission to import a new lens", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ImportLens.html" + }, + "ListAnswers": { + "privilege": "ListAnswers", + "description": "Grants permission to list the answers from the specified lens review", + "access_level": "List", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListAnswers.html" + }, + "ListCheckDetails": { + "privilege": "ListCheckDetails", + "description": "Grants permission to list the check-details for the workload", + "access_level": "List", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListCheckDetails.html" + }, + "ListCheckSummaries": { + "privilege": "ListCheckSummaries", + "description": "Grants permission to list the check-summaries for the workload", + "access_level": "List", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListCheckSummaries.html" + }, + "ListLensReviewImprovements": { + "privilege": "ListLensReviewImprovements", + "description": "Grants permission to list the improvements of the specified lens review", + "access_level": "List", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLensReviewImprovements.html" + }, + "ListLensReviews": { + "privilege": "ListLensReviews", + "description": "Grants permission to list the lens reviews of the specified workload", + "access_level": "List", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLensReviews.html" + }, + "ListLensShares": { + "privilege": "ListLensShares", + "description": "Grants permission to list all shares created for a lens", + "access_level": "List", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLensShares.html" + }, + "ListLenses": { + "privilege": "ListLenses", + "description": "Grants permission to list the lenses available to this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListLenses.html" + }, + "ListMilestones": { + "privilege": "ListMilestones", + "description": "Grants permission to list the milestones of the specified workload", + "access_level": "List", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListMilestones.html" + }, + "ListNotifications": { + "privilege": "ListNotifications", + "description": "Grants permission to list notifications related to the account or specified resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListNotifications.html" + }, + "ListProfileNotifications": { + "privilege": "ListProfileNotifications", + "description": "Grants permission to list profile notifications related to specified resource", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListProfileNotifications.html" + }, + "ListProfileShares": { + "privilege": "ListProfileShares", + "description": "Grants permission to list all shares created for a profile", + "access_level": "List", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListProfileShares.html" + }, + "ListProfiles": { + "privilege": "ListProfiles", + "description": "Grants permission to list the profiles available to this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListProfiles.html" + }, + "ListShareInvitations": { + "privilege": "ListShareInvitations", + "description": "Grants permission to list the workload share invitations of the specified account or user", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListShareInvitations.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a Well-Architected resource", + "access_level": "Read", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workload": { + "resource_type": "workload", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens", + "profile": "profile", + "workload": "workload", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListTagsForResource.html" + }, + "ListWorkloadShares": { + "privilege": "ListWorkloadShares", + "description": "Grants permission to list the workload shares of the specified workload", + "access_level": "List", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListWorkloadShares.html" + }, + "ListWorkloads": { + "privilege": "ListWorkloads", + "description": "Grants permission to list the workloads in this account", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_ListWorkloads.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a Well-Architected resource", + "access_level": "Tagging", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workload": { + "resource_type": "workload", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens", + "profile": "profile", + "workload": "workload", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a Well-Architected resource", + "access_level": "Tagging", + "resource_types": { + "lens": { + "resource_type": "lens", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "profile": { + "resource_type": "profile", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "workload": { + "resource_type": "workload", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "lens": "lens", + "profile": "profile", + "workload": "workload", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UntagResource.html" + }, + "UpdateAnswer": { + "privilege": "UpdateAnswer", + "description": "Grants permission to update properties of the specified answer", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateAnswer.html" + }, + "UpdateGlobalSettings": { + "privilege": "UpdateGlobalSettings", + "description": "Grants permission to update settings to enable aws-organization support", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateGlobalSettings.html" + }, + "UpdateLensReview": { + "privilege": "UpdateLensReview", + "description": "Grants permission to update properties of the specified lens review", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateLensReview.html" + }, + "UpdateProfile": { + "privilege": "UpdateProfile", + "description": "Grants permission to update properties of the specified profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateProfile.html" + }, + "UpdateShareInvitation": { + "privilege": "UpdateShareInvitation", + "description": "Grants permission to update status of the specified workload share invitation", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateShareInvitation.html" + }, + "UpdateWorkload": { + "privilege": "UpdateWorkload", + "description": "Grants permission to update properties of the specified workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateWorkload.html" + }, + "UpdateWorkloadShare": { + "privilege": "UpdateWorkloadShare", + "description": "Grants permission to update properties of the specified workload", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpdateWorkloadShare.html" + }, + "UpgradeLensReview": { + "privilege": "UpgradeLensReview", + "description": "Grants permission to upgrade the specified lens review to use the latest version of the associated lens", + "access_level": "Write", + "resource_types": { + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpgradeLensReview.html" + }, + "UpgradeProfileVersion": { + "privilege": "UpgradeProfileVersion", + "description": "Grants permission to upgrade the specified workload to use the latest version of the associated profile", + "access_level": "Write", + "resource_types": { + "profile": { + "resource_type": "profile", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "workload": { + "resource_type": "workload", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "profile": "profile", + "workload": "workload" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wellarchitected/latest/APIReference/API_UpgradeProfileVersion.html" + } + }, + "privileges_lower_name": { + "associatelenses": "AssociateLenses", + "associateprofiles": "AssociateProfiles", + "createlensshare": "CreateLensShare", + "createlensversion": "CreateLensVersion", + "createmilestone": "CreateMilestone", + "createprofile": "CreateProfile", + "createprofileshare": "CreateProfileShare", + "createworkload": "CreateWorkload", + "createworkloadshare": "CreateWorkloadShare", + "deletelens": "DeleteLens", + "deletelensshare": "DeleteLensShare", + "deleteprofile": "DeleteProfile", + "deleteprofileshare": "DeleteProfileShare", + "deleteworkload": "DeleteWorkload", + "deleteworkloadshare": "DeleteWorkloadShare", + "disassociatelenses": "DisassociateLenses", + "disassociateprofiles": "DisassociateProfiles", + "exportlens": "ExportLens", + "getanswer": "GetAnswer", + "getconsolidatedreport": "GetConsolidatedReport", + "getlens": "GetLens", + "getlensreview": "GetLensReview", + "getlensreviewreport": "GetLensReviewReport", + "getlensversiondifference": "GetLensVersionDifference", + "getmilestone": "GetMilestone", + "getprofile": "GetProfile", + "getprofiletemplate": "GetProfileTemplate", + "getworkload": "GetWorkload", + "importlens": "ImportLens", + "listanswers": "ListAnswers", + "listcheckdetails": "ListCheckDetails", + "listchecksummaries": "ListCheckSummaries", + "listlensreviewimprovements": "ListLensReviewImprovements", + "listlensreviews": "ListLensReviews", + "listlensshares": "ListLensShares", + "listlenses": "ListLenses", + "listmilestones": "ListMilestones", + "listnotifications": "ListNotifications", + "listprofilenotifications": "ListProfileNotifications", + "listprofileshares": "ListProfileShares", + "listprofiles": "ListProfiles", + "listshareinvitations": "ListShareInvitations", + "listtagsforresource": "ListTagsForResource", + "listworkloadshares": "ListWorkloadShares", + "listworkloads": "ListWorkloads", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updateanswer": "UpdateAnswer", + "updateglobalsettings": "UpdateGlobalSettings", + "updatelensreview": "UpdateLensReview", + "updateprofile": "UpdateProfile", + "updateshareinvitation": "UpdateShareInvitation", + "updateworkload": "UpdateWorkload", + "updateworkloadshare": "UpdateWorkloadShare", + "upgradelensreview": "UpgradeLensReview", + "upgradeprofileversion": "UpgradeProfileVersion" + }, + "resources": { + "workload": { + "resource": "workload", + "arn": "arn:${Partition}:wellarchitected:${Region}:${Account}:workload/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "lens": { + "resource": "lens", + "arn": "arn:${Partition}:wellarchitected:${Region}:${Account}:lens/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "profile": { + "resource": "profile", + "arn": "arn:${Partition}:wellarchitected:${Region}:${Account}:profile/${ResourceId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "workload": "workload", + "lens": "lens", + "profile": "profile" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "wickr": { + "service_name": "AWS Wickr", + "prefix": "wickr", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awswickr.html", + "privileges": { + "CreateAdminSession": { + "privilege": "CreateAdminSession", + "description": "Grants permission to create and manage Wickr networks", + "access_level": "Write", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" + }, + "CreateNetwork": { + "privilege": "CreateNetwork", + "description": "Grants permission to create a new wickr network", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" + }, + "ListNetworks": { + "privilege": "ListNetworks", + "description": "Grants permission to view Wickr networks", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list the tags applied to a Wickr resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to a specified wickr resource", + "access_level": "Tagging", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}", + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag the specified tags from the specified wickr resource", + "access_level": "Tagging", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" + }, + "UpdateNetworkDetails": { + "privilege": "UpdateNetworkDetails", + "description": "Grants permission to update Wickr network details", + "access_level": "Write", + "resource_types": { + "network": { + "resource_type": "network", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "network": "network" + }, + "api_documentation_link": "https://docs.aws.amazon.com/wickr/latest/adminguide/security-iam.html" + } + }, + "privileges_lower_name": { + "createadminsession": "CreateAdminSession", + "createnetwork": "CreateNetwork", + "listnetworks": "ListNetworks", + "listtagsforresource": "ListTagsForResource", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatenetworkdetails": "UpdateNetworkDetails" + }, + "resources": { + "network": { + "resource": "network", + "arn": "arn:${Partition}:wickr:${Region}:${Account}:network/${NetworkId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "network": "network" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by a tag's key and value in a request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys in a request", + "type": "ArrayOfString" + } + } + }, + "xray": { + "service_name": "AWS X-Ray", + "prefix": "xray", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsx-ray.html", + "privileges": { + "BatchGetTraceSummaryById": { + "privilege": "BatchGetTraceSummaryById", + "description": "Grants permission to retrieve metadata for a list of traces specified by ID", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/devguide/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-console" + }, + "BatchGetTraces": { + "privilege": "BatchGetTraces", + "description": "Grants permission to retrieve a list of traces specified by ID. Each trace is a collection of segment documents that originates from a single request. Use GetTraceSummaries to get a list of trace IDs", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_BatchGetTraces.html" + }, + "CreateGroup": { + "privilege": "CreateGroup", + "description": "Grants permission to create a group resource with a name and a filter expression", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_CreateGroup.html" + }, + "CreateSamplingRule": { + "privilege": "CreateSamplingRule", + "description": "Grants permission to create a rule to control sampling behavior for instrumented applications", + "access_level": "Write", + "resource_types": { + "sampling-rule": { + "resource_type": "sampling-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sampling-rule": "sampling-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_CreateSamplingRule.html" + }, + "DeleteGroup": { + "privilege": "DeleteGroup", + "description": "Grants permission to delete a group resource", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_DeleteGroup.html" + }, + "DeleteResourcePolicy": { + "privilege": "DeleteResourcePolicy", + "description": "Grants permission to delete resource policies", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_DeleteResourcePolicy.html" + }, + "DeleteSamplingRule": { + "privilege": "DeleteSamplingRule", + "description": "Grants permission to delete a sampling rule", + "access_level": "Write", + "resource_types": { + "sampling-rule": { + "resource_type": "sampling-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sampling-rule": "sampling-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_DeleteSamplingRule.html" + }, + "GetDistinctTraceGraphs": { + "privilege": "GetDistinctTraceGraphs", + "description": "Grants permission to retrieve distinct service graphs for one or more specific trace IDs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/devguide/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-console" + }, + "GetEncryptionConfig": { + "privilege": "GetEncryptionConfig", + "description": "Grants permission to retrieve the current encryption configuration for X-Ray data", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetEncryptionConfig.html" + }, + "GetGroup": { + "privilege": "GetGroup", + "description": "Grants permission to retrieve group resource details", + "access_level": "Read", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetGroup.html" + }, + "GetGroups": { + "privilege": "GetGroups", + "description": "Grants permission to retrieve all active group details", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetGroups.html" + }, + "GetInsight": { + "privilege": "GetInsight", + "description": "Grants permission to retrieve the details of a specific insight", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsight.html" + }, + "GetInsightEvents": { + "privilege": "GetInsightEvents", + "description": "Grants permission to retrieve the events of a specific insight", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsightEvents.html" + }, + "GetInsightImpactGraph": { + "privilege": "GetInsightImpactGraph", + "description": "Grants permission to retrieve the part of the service graph which is impacted for a specific insight", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsightImpactGraph.html" + }, + "GetInsightSummaries": { + "privilege": "GetInsightSummaries", + "description": "Grants permission to retrieve the summary of all insights for a group and time range with optional filters", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetInsightSummaries.html" + }, + "GetSamplingRules": { + "privilege": "GetSamplingRules", + "description": "Grants permission to retrieve all sampling rules", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetSamplingRules.html" + }, + "GetSamplingStatisticSummaries": { + "privilege": "GetSamplingStatisticSummaries", + "description": "Grants permission to retrieve information about recent sampling results for all sampling rules", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetSamplingStatisticSummaries.html" + }, + "GetSamplingTargets": { + "privilege": "GetSamplingTargets", + "description": "Grants permission to request a sampling quota for rules that the service is using to sample requests", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetSamplingTargets.html" + }, + "GetServiceGraph": { + "privilege": "GetServiceGraph", + "description": "Grants permission to retrieve a document that describes services that process incoming requests, and downstream services that they call as a result", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetServiceGraph.html" + }, + "GetTimeSeriesServiceStatistics": { + "privilege": "GetTimeSeriesServiceStatistics", + "description": "Grants permission to retrieve an aggregation of service statistics defined by a specific time range bucketed into time intervals", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetTimeSeriesServiceStatistics.html" + }, + "GetTraceGraph": { + "privilege": "GetTraceGraph", + "description": "Grants permission to retrieve a service graph for one or more specific trace IDs", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetTraceGraph.html" + }, + "GetTraceSummaries": { + "privilege": "GetTraceSummaries", + "description": "Grants permission to retrieve IDs and metadata for traces available for a specified time frame using an optional filter. To get the full traces, pass the trace IDs to BatchGetTraces", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_GetTraceSummaries.html" + }, + "Link": { + "privilege": "Link", + "description": "Grants permission to share X-Ray resources with a monitoring account", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account-Setup.html#CloudWatch-Unified-Cross-Account-Setup-permissions" + }, + "ListResourcePolicies": { + "privilege": "ListResourcePolicies", + "description": "Grants permission to list resource policies", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_ListResourcePolicies.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for an X-Ray resource", + "access_level": "List", + "resource_types": { + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sampling-rule": { + "resource_type": "sampling-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "sampling-rule": "sampling-rule" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_ListTagsForResource.html" + }, + "PutEncryptionConfig": { + "privilege": "PutEncryptionConfig", + "description": "Grants permission to update the encryption configuration for X-Ray data", + "access_level": "Permissions management", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutEncryptionConfig.html" + }, + "PutResourcePolicy": { + "privilege": "PutResourcePolicy", + "description": "Grants permission to create or update resource policies", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutResourcePolicy.html" + }, + "PutTelemetryRecords": { + "privilege": "PutTelemetryRecords", + "description": "Grants permission to send AWS X-Ray daemon telemetry to the service", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutTelemetryRecords.html" + }, + "PutTraceSegments": { + "privilege": "PutTraceSegments", + "description": "Grants permission to upload segment documents to AWS X-Ray. The X-Ray SDK generates segment documents and sends them to the X-Ray daemon, which uploads them in batches", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_PutTraceSegments.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to add tags to an X-Ray resource", + "access_level": "Tagging", + "resource_types": { + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sampling-rule": { + "resource_type": "sampling-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "sampling-rule": "sampling-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_TagResource.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove tags from an X-Ray resource", + "access_level": "Tagging", + "resource_types": { + "group": { + "resource_type": "group", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "sampling-rule": { + "resource_type": "sampling-rule", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "sampling-rule": "sampling-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_UntagResource.html" + }, + "UpdateGroup": { + "privilege": "UpdateGroup", + "description": "Grants permission to update a group resource", + "access_level": "Write", + "resource_types": { + "group": { + "resource_type": "group", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "group": "group", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_UpdateGroup.html" + }, + "UpdateSamplingRule": { + "privilege": "UpdateSamplingRule", + "description": "Grants permission to modify a sampling rule's configuration", + "access_level": "Write", + "resource_types": { + "sampling-rule": { + "resource_type": "sampling-rule", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "sampling-rule": "sampling-rule", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/xray/latest/api/API_UpdateSamplingRule.html" + } + }, + "privileges_lower_name": { + "batchgettracesummarybyid": "BatchGetTraceSummaryById", + "batchgettraces": "BatchGetTraces", + "creategroup": "CreateGroup", + "createsamplingrule": "CreateSamplingRule", + "deletegroup": "DeleteGroup", + "deleteresourcepolicy": "DeleteResourcePolicy", + "deletesamplingrule": "DeleteSamplingRule", + "getdistincttracegraphs": "GetDistinctTraceGraphs", + "getencryptionconfig": "GetEncryptionConfig", + "getgroup": "GetGroup", + "getgroups": "GetGroups", + "getinsight": "GetInsight", + "getinsightevents": "GetInsightEvents", + "getinsightimpactgraph": "GetInsightImpactGraph", + "getinsightsummaries": "GetInsightSummaries", + "getsamplingrules": "GetSamplingRules", + "getsamplingstatisticsummaries": "GetSamplingStatisticSummaries", + "getsamplingtargets": "GetSamplingTargets", + "getservicegraph": "GetServiceGraph", + "gettimeseriesservicestatistics": "GetTimeSeriesServiceStatistics", + "gettracegraph": "GetTraceGraph", + "gettracesummaries": "GetTraceSummaries", + "link": "Link", + "listresourcepolicies": "ListResourcePolicies", + "listtagsforresource": "ListTagsForResource", + "putencryptionconfig": "PutEncryptionConfig", + "putresourcepolicy": "PutResourcePolicy", + "puttelemetryrecords": "PutTelemetryRecords", + "puttracesegments": "PutTraceSegments", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updategroup": "UpdateGroup", + "updatesamplingrule": "UpdateSamplingRule" + }, + "resources": { + "group": { + "resource": "group", + "arn": "arn:${Partition}:xray:${Region}:${Account}:group/${GroupName}/${Id}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + }, + "sampling-rule": { + "resource": "sampling-rule", + "arn": "arn:${Partition}:xray:${Region}:${Account}:sampling-rule/${SamplingRuleName}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "group": "group", + "sampling-rule": "sampling-rule" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + } + } + }, + "dbqms": { + "service_name": "Database Query Metadata Service", + "prefix": "dbqms", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_databasequerymetadataservice.html", + "privileges": { + "CreateFavoriteQuery": { + "privilege": "CreateFavoriteQuery", + "description": "Grants permission to create a new favorite query", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#CreateFavoriteQuery" + }, + "CreateQueryHistory": { + "privilege": "CreateQueryHistory", + "description": "Grants permission to add a query to the history", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": null + }, + "CreateTab": { + "privilege": "CreateTab", + "description": "Grants permission to create a new query tab", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#CreateTab" + }, + "DeleteFavoriteQueries": { + "privilege": "DeleteFavoriteQueries", + "description": "Grants permission to delete saved queries", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DeleteFavoriteQueries" + }, + "DeleteQueryHistory": { + "privilege": "DeleteQueryHistory", + "description": "Grants permission to delete a historical query", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DeleteQueryHistory" + }, + "DeleteTab": { + "privilege": "DeleteTab", + "description": "Grants permission to delete query tab", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DeleteTab" + }, + "DescribeFavoriteQueries": { + "privilege": "DescribeFavoriteQueries", + "description": "Grants permission to list saved queries and associated metadata", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DescribeFavoriteQueries" + }, + "DescribeQueryHistory": { + "privilege": "DescribeQueryHistory", + "description": "Grants permission to list history of queries that were run", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DescribeQueryHistory" + }, + "DescribeTabs": { + "privilege": "DescribeTabs", + "description": "Grants permission to list query tabs and associated metadata", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#DescribeTabs" + }, + "GetQueryString": { + "privilege": "GetQueryString", + "description": "Grants permission to retrieve favorite or history query string by id", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#GetQueryString" + }, + "UpdateFavoriteQuery": { + "privilege": "UpdateFavoriteQuery", + "description": "Grants permission to update saved query and description", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#UpdateFavoriteQuery" + }, + "UpdateQueryHistory": { + "privilege": "UpdateQueryHistory", + "description": "Grants permission to update the query history", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#UpdateQueryHistory" + }, + "UpdateTab": { + "privilege": "UpdateTab", + "description": "Grants permission to update query tab", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/qldb/latest/developerguide/dbqms-api.html#UpdateTab" + } + }, + "privileges_lower_name": { + "createfavoritequery": "CreateFavoriteQuery", + "createqueryhistory": "CreateQueryHistory", + "createtab": "CreateTab", + "deletefavoritequeries": "DeleteFavoriteQueries", + "deletequeryhistory": "DeleteQueryHistory", + "deletetab": "DeleteTab", + "describefavoritequeries": "DescribeFavoriteQueries", + "describequeryhistory": "DescribeQueryHistory", + "describetabs": "DescribeTabs", + "getquerystring": "GetQueryString", + "updatefavoritequery": "UpdateFavoriteQuery", + "updatequeryhistory": "UpdateQueryHistory", + "updatetab": "UpdateTab" + }, + "resources": {}, + "resources_lower_name": {}, + "conditions": {} + }, + "connect-campaigns": { + "service_name": "High-volume outbound communications", + "prefix": "connect-campaigns", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_high-volumeoutboundcommunications.html", + "privileges": { + "CreateCampaign": { + "privilege": "CreateCampaign", + "description": "Grants permission to create a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "DeleteCampaign": { + "privilege": "DeleteCampaign", + "description": "Grants permission to delete a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "DeleteConnectInstanceConfig": { + "privilege": "DeleteConnectInstanceConfig", + "description": "Grants permission to remove configuration information for an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "DeleteInstanceOnboardingJob": { + "privilege": "DeleteInstanceOnboardingJob", + "description": "Grants permission to remove onboarding job for an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "DescribeCampaign": { + "privilege": "DescribeCampaign", + "description": "Grants permission to describe a specific campaign", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "GetCampaignState": { + "privilege": "GetCampaignState", + "description": "Grants permission to get state of a campaign", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "GetCampaignStateBatch": { + "privilege": "GetCampaignStateBatch", + "description": "Grants permission to get state of campaigns", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "GetConnectInstanceConfig": { + "privilege": "GetConnectInstanceConfig", + "description": "Grants permission to get configuration information for an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "GetInstanceOnboardingJobStatus": { + "privilege": "GetInstanceOnboardingJobStatus", + "description": "Grants permission to get onboarding job status for an Amazon Connect instance", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "ListCampaigns": { + "privilege": "ListCampaigns", + "description": "Grants permission to provide summary of all campaigns", + "access_level": "List", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to list tags for a resource", + "access_level": "Read", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "PauseCampaign": { + "privilege": "PauseCampaign", + "description": "Grants permission to pause a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "PutDialRequestBatch": { + "privilege": "PutDialRequestBatch", + "description": "Grants permission to create dial requests for the specified campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "ResumeCampaign": { + "privilege": "ResumeCampaign", + "description": "Grants permission to resume a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "StartCampaign": { + "privilege": "StartCampaign", + "description": "Grants permission to start a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "StartInstanceOnboardingJob": { + "privilege": "StartInstanceOnboardingJob", + "description": "Grants permission to start onboarding job for an Amazon Connect instance", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "StopCampaign": { + "privilege": "StopCampaign", + "description": "Grants permission to stop a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to tag a resource", + "access_level": "Tagging", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to untag a resource", + "access_level": "Tagging", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "UpdateCampaignDialerConfig": { + "privilege": "UpdateCampaignDialerConfig", + "description": "Grants permission to update the dialer configuration of a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "UpdateCampaignName": { + "privilege": "UpdateCampaignName", + "description": "Grants permission to update the name of a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + }, + "UpdateCampaignOutboundCallConfig": { + "privilege": "UpdateCampaignOutboundCallConfig", + "description": "Grants permission to update the outbound call configuration of a campaign", + "access_level": "Write", + "resource_types": { + "campaign": { + "resource_type": "campaign", + "required": true, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "campaign": "campaign" + }, + "api_documentation_link": "https://docs.aws.amazon.com/connect/latest/adminguide/enable-high-volume-outbound-communications.html" + } + }, + "privileges_lower_name": { + "createcampaign": "CreateCampaign", + "deletecampaign": "DeleteCampaign", + "deleteconnectinstanceconfig": "DeleteConnectInstanceConfig", + "deleteinstanceonboardingjob": "DeleteInstanceOnboardingJob", + "describecampaign": "DescribeCampaign", + "getcampaignstate": "GetCampaignState", + "getcampaignstatebatch": "GetCampaignStateBatch", + "getconnectinstanceconfig": "GetConnectInstanceConfig", + "getinstanceonboardingjobstatus": "GetInstanceOnboardingJobStatus", + "listcampaigns": "ListCampaigns", + "listtagsforresource": "ListTagsForResource", + "pausecampaign": "PauseCampaign", + "putdialrequestbatch": "PutDialRequestBatch", + "resumecampaign": "ResumeCampaign", + "startcampaign": "StartCampaign", + "startinstanceonboardingjob": "StartInstanceOnboardingJob", + "stopcampaign": "StopCampaign", + "tagresource": "TagResource", + "untagresource": "UntagResource", + "updatecampaigndialerconfig": "UpdateCampaignDialerConfig", + "updatecampaignname": "UpdateCampaignName", + "updatecampaignoutboundcallconfig": "UpdateCampaignOutboundCallConfig" + }, + "resources": { + "campaign": { + "resource": "campaign", + "arn": "arn:${Partition}:connect-campaigns:${Region}:${Account}:campaign/${CampaignId}", + "condition_keys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "resources_lower_name": { + "campaign": "campaign" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters actions based on the presence of tag key-value pairs in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters actions based on tag key-value pairs attached to the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters actions based on the presence of tag keys in the request", + "type": "ArrayOfString" + } + } + }, + "servicequotas": { + "service_name": "Service Quotas", + "prefix": "servicequotas", + "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_servicequotas.html", + "privileges": { + "AssociateServiceQuotaTemplate": { + "privilege": "AssociateServiceQuotaTemplate", + "description": "Grants permission to associate the Service Quotas template with your organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_AssociateServiceQuotaTemplate.html" + }, + "DeleteServiceQuotaIncreaseRequestFromTemplate": { + "privilege": "DeleteServiceQuotaIncreaseRequestFromTemplate", + "description": "Grants permission to remove the specified service quota from the service quota template", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_DeleteServiceQuotaIncreaseRequestFromTemplate.html" + }, + "DisassociateServiceQuotaTemplate": { + "privilege": "DisassociateServiceQuotaTemplate", + "description": "Grants permission to disassociate the Service Quotas template from your organization", + "access_level": "Write", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_DisassociateServiceQuotaTemplate.html" + }, + "GetAWSDefaultServiceQuota": { + "privilege": "GetAWSDefaultServiceQuota", + "description": "Grants permission to return the details for the specified service quota, including the AWS default value", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetAWSDefaultServiceQuota.html" + }, + "GetAssociationForServiceQuotaTemplate": { + "privilege": "GetAssociationForServiceQuotaTemplate", + "description": "Grants permission to retrieve the ServiceQuotaTemplateAssociationStatus value, which tells you if the Service Quotas template is associated with an organization", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetAssociationForServiceQuotaTemplate.html" + }, + "GetRequestedServiceQuotaChange": { + "privilege": "GetRequestedServiceQuotaChange", + "description": "Grants permission to retrieve the details for a particular service quota increase request", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetRequestedServiceQuotaChange.html" + }, + "GetServiceQuota": { + "privilege": "GetServiceQuota", + "description": "Grants permission to return the details for the specified service quota, including the applied value", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetServiceQuota.html" + }, + "GetServiceQuotaIncreaseRequestFromTemplate": { + "privilege": "GetServiceQuotaIncreaseRequestFromTemplate", + "description": "Grants permission to retrieve the details for a service quota increase request from the service quota template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_GetServiceQuotaIncreaseRequestFromTemplate.html" + }, + "ListAWSDefaultServiceQuotas": { + "privilege": "ListAWSDefaultServiceQuotas", + "description": "Grants permission to list all default service quotas for the specified AWS service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListAWSDefaultServiceQuotas.html" + }, + "ListRequestedServiceQuotaChangeHistory": { + "privilege": "ListRequestedServiceQuotaChangeHistory", + "description": "Grants permission to request a list of the changes to quotas for a service", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListRequestedServiceQuotaChangeHistory.html" + }, + "ListRequestedServiceQuotaChangeHistoryByQuota": { + "privilege": "ListRequestedServiceQuotaChangeHistoryByQuota", + "description": "Grants permission to request a list of the changes to specific service quotas", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListRequestedServiceQuotaChangeHistoryByQuota.html" + }, + "ListServiceQuotaIncreaseRequestsInTemplate": { + "privilege": "ListServiceQuotaIncreaseRequestsInTemplate", + "description": "Grants permission to return a list of the service quota increase requests from the service quota template", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotaIncreaseRequestsInTemplate" + }, + "ListServiceQuotas": { + "privilege": "ListServiceQuotas", + "description": "Grants permission to list all service quotas for the specified AWS service, in that account, in that Region", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html" + }, + "ListServices": { + "privilege": "ListServices", + "description": "Grants permission to list the AWS services available in Service Quotas", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServices.html" + }, + "ListTagsForResource": { + "privilege": "ListTagsForResource", + "description": "Grants permission to view the existing tags on a SQ resource", + "access_level": "Read", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListTagsForResource" + }, + "PutServiceQuotaIncreaseRequestIntoTemplate": { + "privilege": "PutServiceQuotaIncreaseRequestIntoTemplate", + "description": "Grants permission to define and add a quota to the service quota template", + "access_level": "Write", + "resource_types": { + "quota": { + "resource_type": "quota", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicequotas:service" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quota": "quota", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_PutServiceQuotaIncreaseRequestIntoTemplate.html" + }, + "RequestServiceQuotaIncrease": { + "privilege": "RequestServiceQuotaIncrease", + "description": "Grants permission to submit the request for a service quota increase", + "access_level": "Write", + "resource_types": { + "quota": { + "resource_type": "quota", + "required": false, + "condition_keys": [], + "dependent_actions": [] + }, + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "servicequotas:service" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "quota": "quota", + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_RequestServiceQuotaIncrease.html" + }, + "TagResource": { + "privilege": "TagResource", + "description": "Grants permission to associate a set of tags with an existing SQ resource", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_TagResource" + }, + "UntagResource": { + "privilege": "UntagResource", + "description": "Grants permission to remove a set of tags from a SQ resource, where tags to be removed match a set of customer-supplied tag keys", + "access_level": "Tagging", + "resource_types": { + "": { + "resource_type": "", + "required": false, + "condition_keys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependent_actions": [] + } + }, + "resource_types_lower_name": { + "": "" + }, + "api_documentation_link": "https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_UntagResource" + } + }, + "privileges_lower_name": { + "associateservicequotatemplate": "AssociateServiceQuotaTemplate", + "deleteservicequotaincreaserequestfromtemplate": "DeleteServiceQuotaIncreaseRequestFromTemplate", + "disassociateservicequotatemplate": "DisassociateServiceQuotaTemplate", + "getawsdefaultservicequota": "GetAWSDefaultServiceQuota", + "getassociationforservicequotatemplate": "GetAssociationForServiceQuotaTemplate", + "getrequestedservicequotachange": "GetRequestedServiceQuotaChange", + "getservicequota": "GetServiceQuota", + "getservicequotaincreaserequestfromtemplate": "GetServiceQuotaIncreaseRequestFromTemplate", + "listawsdefaultservicequotas": "ListAWSDefaultServiceQuotas", + "listrequestedservicequotachangehistory": "ListRequestedServiceQuotaChangeHistory", + "listrequestedservicequotachangehistorybyquota": "ListRequestedServiceQuotaChangeHistoryByQuota", + "listservicequotaincreaserequestsintemplate": "ListServiceQuotaIncreaseRequestsInTemplate", + "listservicequotas": "ListServiceQuotas", + "listservices": "ListServices", + "listtagsforresource": "ListTagsForResource", + "putservicequotaincreaserequestintotemplate": "PutServiceQuotaIncreaseRequestIntoTemplate", + "requestservicequotaincrease": "RequestServiceQuotaIncrease", + "tagresource": "TagResource", + "untagresource": "UntagResource" + }, + "resources": { + "quota": { + "resource": "quota", + "arn": "arn:${Partition}:servicequotas:${Region}:${Account}:${ServiceCode}/${QuotaCode}", + "condition_keys": [] + } + }, + "resources_lower_name": { + "quota": "quota" + }, + "conditions": { + "aws:RequestTag/${TagKey}": { + "condition": "aws:RequestTag/${TagKey}", + "description": "Filters access by the tags that are passed in the request", + "type": "String" + }, + "aws:ResourceTag/${TagKey}": { + "condition": "aws:ResourceTag/${TagKey}", + "description": "Filters access by the tags associated with the resource", + "type": "String" + }, + "aws:TagKeys": { + "condition": "aws:TagKeys", + "description": "Filters access by the tag keys that are passed in the request", + "type": "ArrayOfString" + }, + "servicequotas:service": { + "condition": "servicequotas:service", + "description": "Filters access by the specified AWS service", + "type": "String" + } } + } } \ No newline at end of file diff --git a/policy_sentry/shared/iam_data.py b/policy_sentry/shared/iam_data.py index e0bd5194c..7a9a7a3cb 100644 --- a/policy_sentry/shared/iam_data.py +++ b/policy_sentry/shared/iam_data.py @@ -1,18 +1,32 @@ """Used for loading the IAM data""" +from __future__ import annotations + import json import logging import functools -from policy_sentry.shared.constants import DATASTORE_FILE_PATH +from pathlib import Path +from typing import Any + +from policy_sentry.shared.constants import ( + DATASTORE_FILE_PATH, + POLICY_SENTRY_SCHEMA_VERSION_NAME, + POLICY_SENTRY_SCHEMA_VERSION_V1, +) logger = logging.getLogger() # On initialization, load the IAM data iam_definition_path = DATASTORE_FILE_PATH logger.debug(f"Leveraging the IAM definition at {iam_definition_path}") -iam_definition = json.load(open(iam_definition_path, "r")) +iam_definition = json.loads(Path(iam_definition_path).read_bytes()) + + +@functools.lru_cache(maxsize=1) +def get_iam_definition_schema_version() -> str: + return iam_definition.get(POLICY_SENTRY_SCHEMA_VERSION_NAME, POLICY_SENTRY_SCHEMA_VERSION_V1) @functools.lru_cache(maxsize=1024) -def get_service_prefix_data(service_prefix): +def get_service_prefix_data(service_prefix: str) -> dict[str, Any] | None: """ Given an AWS service prefix, return a large dictionary of IAM privilege data for processing and analysis. diff --git a/policy_sentry/writing/sid_group.py b/policy_sentry/writing/sid_group.py index 307efbf42..598d51f0f 100644 --- a/policy_sentry/writing/sid_group.py +++ b/policy_sentry/writing/sid_group.py @@ -243,6 +243,7 @@ def get_rendered_policy(self, minimize=None): sids_to_be_changed.append(stmt["Sid"]) break actions = list(dict.fromkeys(actions)) # remove duplicates + actions.sort() logger.debug(f"Adding statement with SID {sid}") logger.debug(f"{sid} SID has the actions: {actions}") logger.debug(f"{sid} SID has the resources: {group['arn']}") diff --git a/test/querying/test_query_actions.py b/test/querying/test_query_actions.py index 464acb52a..7fcec85df 100644 --- a/test/querying/test_query_actions.py +++ b/test/querying/test_query_actions.py @@ -33,7 +33,9 @@ def test_get_service_prefix_data(self): "service_authorization_url": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awscloud9.html", "prefix": "cloud9", "privileges": dict, + "privileges_lower_name": dict, "resources": dict, + "resources_lower_name": dict, "conditions": dict } ) @@ -341,7 +343,7 @@ def test_get_actions_matching_arn_type_case_1(self): def test_get_actions_matching_arn_type_case_2(self): """querying.actions.get_actions_matching_arn_type""" output = get_actions_matching_arn_type('all', 'object') - self.assertTrue('all:AbortMultipartUpload' in output) + self.assertTrue('s3:AbortMultipartUpload' in output) def test_get_actions_matching_arn_type_case_3(self): """querying.actions.get_actions_matching_arn_type""" @@ -487,11 +489,11 @@ def test_get_dependent_actions(self): get_dependent_actions(dependent_actions_single), ["iam:PassRole"], ) - self.assertEqual( + self.assertCountEqual( get_dependent_actions(dependent_actions_double), ["s3:GetBucketPolicy", "s3:PutBucketPolicy"], ) - self.assertEqual( + self.assertCountEqual( get_dependent_actions(dependent_actions_several), [ "s3:GetBucketAcl", @@ -521,7 +523,7 @@ def test_remove_actions_that_are_not_wildcard_arn_only(self): provided_actions_list ) self.maxDiff = None - self.assertListEqual(desired_output, output) + self.assertCountEqual(desired_output, output) def test_weird_lowercase_uppercase(self): @@ -544,7 +546,7 @@ def test_weird_lowercase_uppercase(self): ) print(json.dumps(output)) self.maxDiff = None - self.assertListEqual(desired_output, output) + self.assertCountEqual(desired_output, output) def test_get_actions_matching_arn(self): """querying.actions.get_actions_matching_arn"""